Date
July 17, 2025, 11:10 a.m.
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.879627] ================================================================== [ 14.880447] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.880804] Read of size 1 at addr ffff888103937d02 by task kunit_try_catch/266 [ 14.881106] [ 14.881225] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.881433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.881448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.881468] Call Trace: [ 14.881479] <TASK> [ 14.881494] dump_stack_lvl+0x73/0xb0 [ 14.881526] print_report+0xd1/0x610 [ 14.881562] ? __virt_addr_valid+0x1db/0x2d0 [ 14.881587] ? kasan_stack_oob+0x2b5/0x300 [ 14.881608] ? kasan_addr_to_slab+0x11/0xa0 [ 14.881629] ? kasan_stack_oob+0x2b5/0x300 [ 14.881651] kasan_report+0x141/0x180 [ 14.881674] ? kasan_stack_oob+0x2b5/0x300 [ 14.881699] __asan_report_load1_noabort+0x18/0x20 [ 14.881725] kasan_stack_oob+0x2b5/0x300 [ 14.881745] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.881769] ? __kasan_check_write+0x18/0x20 [ 14.881789] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.881815] ? irqentry_exit+0x2a/0x60 [ 14.881837] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.881864] ? __pfx_read_tsc+0x10/0x10 [ 14.881886] ? ktime_get_ts64+0x86/0x230 [ 14.881911] kunit_try_run_case+0x1a5/0x480 [ 14.881938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.881964] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.881988] ? __kthread_parkme+0x82/0x180 [ 14.882010] ? preempt_count_sub+0x50/0x80 [ 14.882035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.882060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.882085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.882112] kthread+0x337/0x6f0 [ 14.882131] ? trace_preempt_on+0x20/0xc0 [ 14.882155] ? __pfx_kthread+0x10/0x10 [ 14.882177] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.882199] ? calculate_sigpending+0x7b/0xa0 [ 14.882224] ? __pfx_kthread+0x10/0x10 [ 14.882297] ret_from_fork+0x116/0x1d0 [ 14.882318] ? __pfx_kthread+0x10/0x10 [ 14.882340] ret_from_fork_asm+0x1a/0x30 [ 14.882372] </TASK> [ 14.882383] [ 14.889506] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.890208] and is located at offset 138 in frame: [ 14.890679] kasan_stack_oob+0x0/0x300 [ 14.890974] [ 14.891082] This frame has 4 objects: [ 14.891391] [48, 49) '__assertion' [ 14.891424] [64, 72) 'array' [ 14.891612] [96, 112) '__assertion' [ 14.891750] [128, 138) 'stack_array' [ 14.891915] [ 14.892190] The buggy address belongs to the physical page: [ 14.892439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103937 [ 14.892770] flags: 0x200000000000000(node=0|zone=2) [ 14.893035] raw: 0200000000000000 ffffea00040e4dc8 ffffea00040e4dc8 0000000000000000 [ 14.893588] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.893847] page dumped because: kasan: bad access detected [ 14.894022] [ 14.894092] Memory state around the buggy address: [ 14.894320] ffff888103937c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.894667] ffff888103937c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.894945] >ffff888103937d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.895224] ^ [ 14.895341] ffff888103937d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.895568] ffff888103937e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.895996] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.395965] ================================================================== [ 12.396609] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 12.396944] Read of size 1 at addr ffff8881038c9000 by task kunit_try_catch/157 [ 12.397241] [ 12.397379] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.397424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.397436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.397457] Call Trace: [ 12.397468] <TASK> [ 12.397484] dump_stack_lvl+0x73/0xb0 [ 12.397514] print_report+0xd1/0x610 [ 12.397536] ? __virt_addr_valid+0x1db/0x2d0 [ 12.397573] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.397597] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.397620] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.397644] kasan_report+0x141/0x180 [ 12.397665] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.397694] __asan_report_load1_noabort+0x18/0x20 [ 12.397719] kmalloc_node_oob_right+0x369/0x3c0 [ 12.397743] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.397768] ? __schedule+0x10cc/0x2b60 [ 12.397790] ? __pfx_read_tsc+0x10/0x10 [ 12.397812] ? ktime_get_ts64+0x86/0x230 [ 12.397838] kunit_try_run_case+0x1a5/0x480 [ 12.397864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.397887] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.397911] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.397935] ? __kthread_parkme+0x82/0x180 [ 12.397956] ? preempt_count_sub+0x50/0x80 [ 12.397980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.398004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.398028] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.398054] kthread+0x337/0x6f0 [ 12.398072] ? trace_preempt_on+0x20/0xc0 [ 12.398096] ? __pfx_kthread+0x10/0x10 [ 12.398116] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.398137] ? calculate_sigpending+0x7b/0xa0 [ 12.398161] ? __pfx_kthread+0x10/0x10 [ 12.398183] ret_from_fork+0x116/0x1d0 [ 12.398201] ? __pfx_kthread+0x10/0x10 [ 12.398222] ret_from_fork_asm+0x1a/0x30 [ 12.398266] </TASK> [ 12.398276] [ 12.405523] Allocated by task 157: [ 12.405693] kasan_save_stack+0x45/0x70 [ 12.405896] kasan_save_track+0x18/0x40 [ 12.406067] kasan_save_alloc_info+0x3b/0x50 [ 12.408093] __kasan_kmalloc+0xb7/0xc0 [ 12.408363] __kmalloc_cache_node_noprof+0x188/0x420 [ 12.408653] kmalloc_node_oob_right+0xab/0x3c0 [ 12.408877] kunit_try_run_case+0x1a5/0x480 [ 12.409053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.409323] kthread+0x337/0x6f0 [ 12.409454] ret_from_fork+0x116/0x1d0 [ 12.409621] ret_from_fork_asm+0x1a/0x30 [ 12.409789] [ 12.409885] The buggy address belongs to the object at ffff8881038c8000 [ 12.409885] which belongs to the cache kmalloc-4k of size 4096 [ 12.410395] The buggy address is located 0 bytes to the right of [ 12.410395] allocated 4096-byte region [ffff8881038c8000, ffff8881038c9000) [ 12.410803] [ 12.410892] The buggy address belongs to the physical page: [ 12.411148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038c8 [ 12.412084] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.413882] flags: 0x200000000000040(head|node=0|zone=2) [ 12.414329] page_type: f5(slab) [ 12.414545] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.414830] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.415083] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.415511] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.415871] head: 0200000000000003 ffffea00040e3201 00000000ffffffff 00000000ffffffff [ 12.416175] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.416566] page dumped because: kasan: bad access detected [ 12.416826] [ 12.416921] Memory state around the buggy address: [ 12.417081] ffff8881038c8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.418152] ffff8881038c8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.418496] >ffff8881038c9000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.418772] ^ [ 12.418921] ffff8881038c9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.419180] ffff8881038c9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.419567] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 12.364623] ================================================================== [ 12.365095] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 12.365644] Read of size 1 at addr ffff88810254a25f by task kunit_try_catch/155 [ 12.366018] [ 12.366196] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.366241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.366252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.366272] Call Trace: [ 12.366408] <TASK> [ 12.366428] dump_stack_lvl+0x73/0xb0 [ 12.366456] print_report+0xd1/0x610 [ 12.366478] ? __virt_addr_valid+0x1db/0x2d0 [ 12.366500] ? kmalloc_oob_left+0x361/0x3c0 [ 12.366520] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.366543] ? kmalloc_oob_left+0x361/0x3c0 [ 12.366577] kasan_report+0x141/0x180 [ 12.366598] ? kmalloc_oob_left+0x361/0x3c0 [ 12.366624] __asan_report_load1_noabort+0x18/0x20 [ 12.366649] kmalloc_oob_left+0x361/0x3c0 [ 12.366670] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.366694] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.366720] kunit_try_run_case+0x1a5/0x480 [ 12.366744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.366766] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.366790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.366813] ? __kthread_parkme+0x82/0x180 [ 12.366832] ? preempt_count_sub+0x50/0x80 [ 12.366856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.366880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.366904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.366929] kthread+0x337/0x6f0 [ 12.366948] ? trace_preempt_on+0x20/0xc0 [ 12.366970] ? __pfx_kthread+0x10/0x10 [ 12.366991] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.367012] ? calculate_sigpending+0x7b/0xa0 [ 12.367035] ? __pfx_kthread+0x10/0x10 [ 12.367056] ret_from_fork+0x116/0x1d0 [ 12.367074] ? __pfx_kthread+0x10/0x10 [ 12.367094] ret_from_fork_asm+0x1a/0x30 [ 12.367124] </TASK> [ 12.367134] [ 12.375525] Allocated by task 1: [ 12.375722] kasan_save_stack+0x45/0x70 [ 12.376109] kasan_save_track+0x18/0x40 [ 12.376394] kasan_save_alloc_info+0x3b/0x50 [ 12.376590] __kasan_kmalloc+0xb7/0xc0 [ 12.376886] __kmalloc_noprof+0x1c9/0x500 [ 12.377131] x509_fabricate_name.isra.0+0x3c2/0x830 [ 12.377411] x509_note_subject+0x9b/0xf0 [ 12.377646] asn1_ber_decoder+0xe13/0x1c60 [ 12.377836] x509_cert_parse+0x1be/0x830 [ 12.377998] x509_key_preparse+0x68/0x8a0 [ 12.378195] asymmetric_key_preparse+0xb1/0x160 [ 12.378388] __key_create_or_update+0x43d/0xcc0 [ 12.378921] key_create_or_update+0x17/0x20 [ 12.379108] x509_load_certificate_list+0x174/0x200 [ 12.379444] regulatory_init_db+0xee/0x3a0 [ 12.379755] do_one_initcall+0xd8/0x370 [ 12.379909] kernel_init_freeable+0x420/0x6f0 [ 12.380239] kernel_init+0x23/0x1e0 [ 12.380514] ret_from_fork+0x116/0x1d0 [ 12.380761] ret_from_fork_asm+0x1a/0x30 [ 12.380953] [ 12.381145] Freed by task 1: [ 12.381284] kasan_save_stack+0x45/0x70 [ 12.381489] kasan_save_track+0x18/0x40 [ 12.381892] kasan_save_free_info+0x3f/0x60 [ 12.382165] __kasan_slab_free+0x56/0x70 [ 12.382308] kfree+0x222/0x3f0 [ 12.382627] x509_free_certificate.part.0+0xa9/0x140 [ 12.382848] x509_free_certificate+0x17/0x30 [ 12.383046] x509_key_preparse+0x5c9/0x8a0 [ 12.383227] asymmetric_key_preparse+0xb1/0x160 [ 12.383428] __key_create_or_update+0x43d/0xcc0 [ 12.383862] key_create_or_update+0x17/0x20 [ 12.384131] x509_load_certificate_list+0x174/0x200 [ 12.384311] regulatory_init_db+0xee/0x3a0 [ 12.384737] do_one_initcall+0xd8/0x370 [ 12.384926] kernel_init_freeable+0x420/0x6f0 [ 12.385136] kernel_init+0x23/0x1e0 [ 12.385410] ret_from_fork+0x116/0x1d0 [ 12.385671] ret_from_fork_asm+0x1a/0x30 [ 12.385998] [ 12.386105] The buggy address belongs to the object at ffff88810254a240 [ 12.386105] which belongs to the cache kmalloc-16 of size 16 [ 12.386717] The buggy address is located 15 bytes to the right of [ 12.386717] allocated 16-byte region [ffff88810254a240, ffff88810254a250) [ 12.387217] [ 12.387310] The buggy address belongs to the physical page: [ 12.387575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254a [ 12.388173] flags: 0x200000000000000(node=0|zone=2) [ 12.388525] page_type: f5(slab) [ 12.388672] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.389097] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.389489] page dumped because: kasan: bad access detected [ 12.389732] [ 12.389897] Memory state around the buggy address: [ 12.390226] ffff88810254a100: 00 02 fc fc 00 03 fc fc fa fb fc fc 00 02 fc fc [ 12.390632] ffff88810254a180: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.390940] >ffff88810254a200: 00 02 fc fc fa fb fc fc fa fb fc fc 00 07 fc fc [ 12.391226] ^ [ 12.391484] ffff88810254a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.391994] ffff88810254a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.392365] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 12.322795] ================================================================== [ 12.323109] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.323569] Write of size 1 at addr ffff8881025bdd78 by task kunit_try_catch/153 [ 12.323951] [ 12.324048] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.324090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.324103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.324123] Call Trace: [ 12.324138] <TASK> [ 12.324154] dump_stack_lvl+0x73/0xb0 [ 12.324181] print_report+0xd1/0x610 [ 12.324203] ? __virt_addr_valid+0x1db/0x2d0 [ 12.324225] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.324247] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.324270] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.324291] kasan_report+0x141/0x180 [ 12.324313] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.324339] __asan_report_store1_noabort+0x1b/0x30 [ 12.324364] kmalloc_oob_right+0x6bd/0x7f0 [ 12.324386] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.324419] ? __schedule+0x10cc/0x2b60 [ 12.324441] ? __pfx_read_tsc+0x10/0x10 [ 12.324462] ? ktime_get_ts64+0x86/0x230 [ 12.324487] kunit_try_run_case+0x1a5/0x480 [ 12.324510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.324533] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.324566] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.324590] ? __kthread_parkme+0x82/0x180 [ 12.324609] ? preempt_count_sub+0x50/0x80 [ 12.324633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.324658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.324702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.324737] kthread+0x337/0x6f0 [ 12.324756] ? trace_preempt_on+0x20/0xc0 [ 12.324779] ? __pfx_kthread+0x10/0x10 [ 12.324800] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.324821] ? calculate_sigpending+0x7b/0xa0 [ 12.324855] ? __pfx_kthread+0x10/0x10 [ 12.324876] ret_from_fork+0x116/0x1d0 [ 12.324894] ? __pfx_kthread+0x10/0x10 [ 12.324914] ret_from_fork_asm+0x1a/0x30 [ 12.324945] </TASK> [ 12.324954] [ 12.332020] Allocated by task 153: [ 12.332207] kasan_save_stack+0x45/0x70 [ 12.332504] kasan_save_track+0x18/0x40 [ 12.332655] kasan_save_alloc_info+0x3b/0x50 [ 12.332805] __kasan_kmalloc+0xb7/0xc0 [ 12.332936] __kmalloc_cache_noprof+0x189/0x420 [ 12.333094] kmalloc_oob_right+0xa9/0x7f0 [ 12.333318] kunit_try_run_case+0x1a5/0x480 [ 12.333671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.333925] kthread+0x337/0x6f0 [ 12.334214] ret_from_fork+0x116/0x1d0 [ 12.334598] ret_from_fork_asm+0x1a/0x30 [ 12.334777] [ 12.334853] The buggy address belongs to the object at ffff8881025bdd00 [ 12.334853] which belongs to the cache kmalloc-128 of size 128 [ 12.335339] The buggy address is located 5 bytes to the right of [ 12.335339] allocated 115-byte region [ffff8881025bdd00, ffff8881025bdd73) [ 12.336044] [ 12.336116] The buggy address belongs to the physical page: [ 12.336289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025bd [ 12.336649] flags: 0x200000000000000(node=0|zone=2) [ 12.336935] page_type: f5(slab) [ 12.337124] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.337456] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.337734] page dumped because: kasan: bad access detected [ 12.338000] [ 12.338177] Memory state around the buggy address: [ 12.338400] ffff8881025bdc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.338659] ffff8881025bdc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.338875] >ffff8881025bdd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.339086] ^ [ 12.339295] ffff8881025bdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.339748] ffff8881025bde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.340066] ================================================================== [ 12.340590] ================================================================== [ 12.341195] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.341533] Read of size 1 at addr ffff8881025bdd80 by task kunit_try_catch/153 [ 12.341817] [ 12.341924] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.341964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.341974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.341995] Call Trace: [ 12.342009] <TASK> [ 12.342023] dump_stack_lvl+0x73/0xb0 [ 12.342050] print_report+0xd1/0x610 [ 12.342072] ? __virt_addr_valid+0x1db/0x2d0 [ 12.342094] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.342115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.342138] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.342160] kasan_report+0x141/0x180 [ 12.342182] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.342208] __asan_report_load1_noabort+0x18/0x20 [ 12.342233] kmalloc_oob_right+0x68a/0x7f0 [ 12.342255] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.342277] ? __schedule+0x10cc/0x2b60 [ 12.342299] ? __pfx_read_tsc+0x10/0x10 [ 12.342320] ? ktime_get_ts64+0x86/0x230 [ 12.342344] kunit_try_run_case+0x1a5/0x480 [ 12.342369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.342393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.342417] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.342443] ? __kthread_parkme+0x82/0x180 [ 12.342464] ? preempt_count_sub+0x50/0x80 [ 12.342488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.342513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.342537] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.342574] kthread+0x337/0x6f0 [ 12.342592] ? trace_preempt_on+0x20/0xc0 [ 12.342617] ? __pfx_kthread+0x10/0x10 [ 12.342637] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.342659] ? calculate_sigpending+0x7b/0xa0 [ 12.342683] ? __pfx_kthread+0x10/0x10 [ 12.342705] ret_from_fork+0x116/0x1d0 [ 12.342723] ? __pfx_kthread+0x10/0x10 [ 12.342743] ret_from_fork_asm+0x1a/0x30 [ 12.342774] </TASK> [ 12.342782] [ 12.350045] Allocated by task 153: [ 12.350176] kasan_save_stack+0x45/0x70 [ 12.350317] kasan_save_track+0x18/0x40 [ 12.350622] kasan_save_alloc_info+0x3b/0x50 [ 12.350835] __kasan_kmalloc+0xb7/0xc0 [ 12.351023] __kmalloc_cache_noprof+0x189/0x420 [ 12.351265] kmalloc_oob_right+0xa9/0x7f0 [ 12.351674] kunit_try_run_case+0x1a5/0x480 [ 12.351885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.352140] kthread+0x337/0x6f0 [ 12.352362] ret_from_fork+0x116/0x1d0 [ 12.352570] ret_from_fork_asm+0x1a/0x30 [ 12.352737] [ 12.352832] The buggy address belongs to the object at ffff8881025bdd00 [ 12.352832] which belongs to the cache kmalloc-128 of size 128 [ 12.353540] The buggy address is located 13 bytes to the right of [ 12.353540] allocated 115-byte region [ffff8881025bdd00, ffff8881025bdd73) [ 12.354185] [ 12.354256] The buggy address belongs to the physical page: [ 12.354429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025bd [ 12.354679] flags: 0x200000000000000(node=0|zone=2) [ 12.354839] page_type: f5(slab) [ 12.354958] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.355374] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.355882] page dumped because: kasan: bad access detected [ 12.356272] [ 12.356342] Memory state around the buggy address: [ 12.356493] ffff8881025bdc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.356717] ffff8881025bdd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.356933] >ffff8881025bdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.357144] ^ [ 12.357259] ffff8881025bde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.357474] ffff8881025bde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.358010] ================================================================== [ 12.298412] ================================================================== [ 12.299048] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.299758] Write of size 1 at addr ffff8881025bdd73 by task kunit_try_catch/153 [ 12.300144] [ 12.301159] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.301536] Tainted: [N]=TEST [ 12.301582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.301802] Call Trace: [ 12.301870] <TASK> [ 12.302017] dump_stack_lvl+0x73/0xb0 [ 12.302105] print_report+0xd1/0x610 [ 12.302134] ? __virt_addr_valid+0x1db/0x2d0 [ 12.302160] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.302181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.302204] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.302226] kasan_report+0x141/0x180 [ 12.302257] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.302284] __asan_report_store1_noabort+0x1b/0x30 [ 12.302310] kmalloc_oob_right+0x6f0/0x7f0 [ 12.302332] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.302355] ? __schedule+0x10cc/0x2b60 [ 12.302412] ? __pfx_read_tsc+0x10/0x10 [ 12.302459] ? ktime_get_ts64+0x86/0x230 [ 12.302486] kunit_try_run_case+0x1a5/0x480 [ 12.302513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.302536] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.302572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.302596] ? __kthread_parkme+0x82/0x180 [ 12.302617] ? preempt_count_sub+0x50/0x80 [ 12.302642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.302667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.302691] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.302716] kthread+0x337/0x6f0 [ 12.302735] ? trace_preempt_on+0x20/0xc0 [ 12.302760] ? __pfx_kthread+0x10/0x10 [ 12.302780] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.302802] ? calculate_sigpending+0x7b/0xa0 [ 12.302827] ? __pfx_kthread+0x10/0x10 [ 12.302849] ret_from_fork+0x116/0x1d0 [ 12.302868] ? __pfx_kthread+0x10/0x10 [ 12.302889] ret_from_fork_asm+0x1a/0x30 [ 12.302945] </TASK> [ 12.303015] [ 12.310235] Allocated by task 153: [ 12.310509] kasan_save_stack+0x45/0x70 [ 12.311287] kasan_save_track+0x18/0x40 [ 12.311479] kasan_save_alloc_info+0x3b/0x50 [ 12.311700] __kasan_kmalloc+0xb7/0xc0 [ 12.312047] __kmalloc_cache_noprof+0x189/0x420 [ 12.312250] kmalloc_oob_right+0xa9/0x7f0 [ 12.312494] kunit_try_run_case+0x1a5/0x480 [ 12.312692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.312956] kthread+0x337/0x6f0 [ 12.313079] ret_from_fork+0x116/0x1d0 [ 12.313213] ret_from_fork_asm+0x1a/0x30 [ 12.313531] [ 12.313702] The buggy address belongs to the object at ffff8881025bdd00 [ 12.313702] which belongs to the cache kmalloc-128 of size 128 [ 12.314341] The buggy address is located 0 bytes to the right of [ 12.314341] allocated 115-byte region [ffff8881025bdd00, ffff8881025bdd73) [ 12.314896] [ 12.315066] The buggy address belongs to the physical page: [ 12.315623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025bd [ 12.316266] flags: 0x200000000000000(node=0|zone=2) [ 12.316928] page_type: f5(slab) [ 12.317408] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.317771] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.318184] page dumped because: kasan: bad access detected [ 12.318600] [ 12.318691] Memory state around the buggy address: [ 12.319124] ffff8881025bdc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.319472] ffff8881025bdc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.320381] >ffff8881025bdd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.320858] ^ [ 12.321191] ffff8881025bdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.321467] ffff8881025bde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.321771] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 139.982898] WARNING: CPU: 0 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 139.983750] Modules linked in: [ 139.983983] CPU: 0 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.984945] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.985153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.985764] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 139.985997] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.987444] RSP: 0000:ffff88810808fc78 EFLAGS: 00010286 [ 139.987694] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 139.988108] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffbb233bfc [ 139.988832] RBP: ffff88810808fca0 R08: 0000000000000000 R09: ffffed1021340400 [ 139.989145] R10: ffff888109a02007 R11: 0000000000000000 R12: ffffffffbb233be8 [ 139.989624] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810808fd38 [ 139.990065] FS: 0000000000000000(0000) GS:ffff88819de72000(0000) knlGS:0000000000000000 [ 139.990651] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.991031] CR2: 00007ffff7ffe000 CR3: 000000007b0bc000 CR4: 00000000000006f0 [ 139.991547] DR0: ffffffffbd252440 DR1: ffffffffbd252441 DR2: ffffffffbd252443 [ 139.991956] DR3: ffffffffbd252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.992467] Call Trace: [ 139.992722] <TASK> [ 139.992962] drm_test_rect_calc_vscale+0x108/0x270 [ 139.993446] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 139.993837] ? __schedule+0x10cc/0x2b60 [ 139.994220] ? __pfx_read_tsc+0x10/0x10 [ 139.994611] ? ktime_get_ts64+0x86/0x230 [ 139.994783] kunit_try_run_case+0x1a5/0x480 [ 139.994985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.995472] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.995732] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.995995] ? __kthread_parkme+0x82/0x180 [ 139.996548] ? preempt_count_sub+0x50/0x80 [ 139.996747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.996984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.997603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.997994] kthread+0x337/0x6f0 [ 139.998217] ? trace_preempt_on+0x20/0xc0 [ 139.998576] ? __pfx_kthread+0x10/0x10 [ 139.998940] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.999195] ? calculate_sigpending+0x7b/0xa0 [ 139.999749] ? __pfx_kthread+0x10/0x10 [ 139.999961] ret_from_fork+0x116/0x1d0 [ 140.000151] ? __pfx_kthread+0x10/0x10 [ 140.000495] ret_from_fork_asm+0x1a/0x30 [ 140.000701] </TASK> [ 140.000829] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.004375] WARNING: CPU: 1 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 140.004709] Modules linked in: [ 140.005103] CPU: 1 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.006413] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.006784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.007070] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 140.007531] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.009667] RSP: 0000:ffff8881081dfc78 EFLAGS: 00010286 [ 140.010363] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 140.010715] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffbb233c34 [ 140.010932] RBP: ffff8881081dfca0 R08: 0000000000000000 R09: ffffed1020aaa2c0 [ 140.011241] R10: ffff888105551607 R11: 0000000000000000 R12: ffffffffbb233c20 [ 140.012251] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881081dfd38 [ 140.013093] FS: 0000000000000000(0000) GS:ffff88819df72000(0000) knlGS:0000000000000000 [ 140.013857] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.014049] CR2: 00007ffff7ffe000 CR3: 000000007b0bc000 CR4: 00000000000006f0 [ 140.014774] DR0: ffffffffbd252444 DR1: ffffffffbd252449 DR2: ffffffffbd25244a [ 140.015762] DR3: ffffffffbd25244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.016018] Call Trace: [ 140.016133] <TASK> [ 140.016344] drm_test_rect_calc_vscale+0x108/0x270 [ 140.016551] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 140.016739] ? __schedule+0x10cc/0x2b60 [ 140.016884] ? __pfx_read_tsc+0x10/0x10 [ 140.017025] ? ktime_get_ts64+0x86/0x230 [ 140.017188] kunit_try_run_case+0x1a5/0x480 [ 140.017353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.017734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.017988] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.018376] ? __kthread_parkme+0x82/0x180 [ 140.018530] ? preempt_count_sub+0x50/0x80 [ 140.018785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.019061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.019648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.019974] kthread+0x337/0x6f0 [ 140.020102] ? trace_preempt_on+0x20/0xc0 [ 140.020258] ? __pfx_kthread+0x10/0x10 [ 140.020395] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.020673] ? calculate_sigpending+0x7b/0xa0 [ 140.021127] ? __pfx_kthread+0x10/0x10 [ 140.021367] ret_from_fork+0x116/0x1d0 [ 140.021820] ? __pfx_kthread+0x10/0x10 [ 140.022021] ret_from_fork_asm+0x1a/0x30 [ 140.022225] </TASK> [ 140.022388] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 139.947412] WARNING: CPU: 0 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 139.947731] Modules linked in: [ 139.947888] CPU: 0 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.948218] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.948407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.948731] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 139.948988] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.950764] RSP: 0000:ffff8881081dfc78 EFLAGS: 00010286 [ 139.951056] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 139.951607] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffbb233c38 [ 139.952182] RBP: ffff8881081dfca0 R08: 0000000000000000 R09: ffffed102134e980 [ 139.952747] R10: ffff888109a74c07 R11: 0000000000000000 R12: ffffffffbb233c20 [ 139.953210] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881081dfd38 [ 139.953732] FS: 0000000000000000(0000) GS:ffff88819de72000(0000) knlGS:0000000000000000 [ 139.954247] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.954701] CR2: 00007ffff7ffe000 CR3: 000000007b0bc000 CR4: 00000000000006f0 [ 139.955140] DR0: ffffffffbd252440 DR1: ffffffffbd252441 DR2: ffffffffbd252443 [ 139.955671] DR3: ffffffffbd252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.956143] Call Trace: [ 139.956623] <TASK> [ 139.956766] drm_test_rect_calc_hscale+0x108/0x270 [ 139.957198] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 139.957612] ? __schedule+0x10cc/0x2b60 [ 139.957802] ? __pfx_read_tsc+0x10/0x10 [ 139.957981] ? ktime_get_ts64+0x86/0x230 [ 139.958581] kunit_try_run_case+0x1a5/0x480 [ 139.958760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.958983] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.959544] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.959884] ? __kthread_parkme+0x82/0x180 [ 139.960508] ? preempt_count_sub+0x50/0x80 [ 139.960720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.961047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.961633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.962078] kthread+0x337/0x6f0 [ 139.962486] ? trace_preempt_on+0x20/0xc0 [ 139.962826] ? __pfx_kthread+0x10/0x10 [ 139.963018] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.963273] ? calculate_sigpending+0x7b/0xa0 [ 139.964195] ? __pfx_kthread+0x10/0x10 [ 139.964665] ret_from_fork+0x116/0x1d0 [ 139.964868] ? __pfx_kthread+0x10/0x10 [ 139.965145] ret_from_fork_asm+0x1a/0x30 [ 139.965545] </TASK> [ 139.965693] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.917928] WARNING: CPU: 1 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 139.918853] Modules linked in: [ 139.919080] CPU: 1 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.920285] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.920589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.921073] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 139.921584] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.922691] RSP: 0000:ffff88810114fc78 EFLAGS: 00010286 [ 139.923103] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 139.923683] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffbb233c00 [ 139.924118] RBP: ffff88810114fca0 R08: 0000000000000000 R09: ffffed102134e940 [ 139.924643] R10: ffff888109a74a07 R11: 0000000000000000 R12: ffffffffbb233be8 [ 139.925101] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810114fd38 [ 139.925624] FS: 0000000000000000(0000) GS:ffff88819df72000(0000) knlGS:0000000000000000 [ 139.925872] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.926064] CR2: 00007ffff7ffe000 CR3: 000000007b0bc000 CR4: 00000000000006f0 [ 139.926353] DR0: ffffffffbd252444 DR1: ffffffffbd252449 DR2: ffffffffbd25244a [ 139.926564] DR3: ffffffffbd25244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.926772] Call Trace: [ 139.926874] <TASK> [ 139.926977] drm_test_rect_calc_hscale+0x108/0x270 [ 139.929631] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 139.929933] ? __schedule+0x10cc/0x2b60 [ 139.932644] ? __pfx_read_tsc+0x10/0x10 [ 139.932854] ? ktime_get_ts64+0x86/0x230 [ 139.933062] kunit_try_run_case+0x1a5/0x480 [ 139.933408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.933643] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.933889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.936303] ? __kthread_parkme+0x82/0x180 [ 139.936708] ? preempt_count_sub+0x50/0x80 [ 139.938153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.938991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.939204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.939417] kthread+0x337/0x6f0 [ 139.939549] ? trace_preempt_on+0x20/0xc0 [ 139.939704] ? __pfx_kthread+0x10/0x10 [ 139.939845] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.939998] ? calculate_sigpending+0x7b/0xa0 [ 139.940152] ? __pfx_kthread+0x10/0x10 [ 139.940925] ret_from_fork+0x116/0x1d0 [ 139.941497] ? __pfx_kthread+0x10/0x10 [ 139.941773] ret_from_fork_asm+0x1a/0x30 [ 139.941927] </TASK> [ 139.942018] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 139.229148] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 139.229258] WARNING: CPU: 1 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 139.230196] Modules linked in: [ 139.230459] CPU: 1 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.230900] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.231101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.231588] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 139.231820] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 e0 8a 1e bb 4c 89 f2 48 c7 c7 a0 87 1e bb 48 89 c6 e8 34 b8 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 139.232825] RSP: 0000:ffff888107a2fd18 EFLAGS: 00010286 [ 139.233451] RAX: 0000000000000000 RBX: ffff88810b0e6c00 RCX: 1ffffffff77e4cf0 [ 139.233749] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 139.234053] RBP: ffff888107a2fd48 R08: 0000000000000000 R09: fffffbfff77e4cf0 [ 139.234582] R10: 0000000000000003 R11: 0000000000038d68 R12: ffff88810b05e800 [ 139.234997] R13: ffff88810b0e6cf8 R14: ffff8881051eec80 R15: ffff88810039fb40 [ 139.235655] FS: 0000000000000000(0000) GS:ffff88819df72000(0000) knlGS:0000000000000000 [ 139.236887] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.237331] CR2: 00007ffff7ffe000 CR3: 000000007b0bc000 CR4: 00000000000006f0 [ 139.237950] DR0: ffffffffbd252444 DR1: ffffffffbd252449 DR2: ffffffffbd25244a [ 139.238193] DR3: ffffffffbd25244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.238918] Call Trace: [ 139.239178] <TASK> [ 139.239629] ? trace_preempt_on+0x20/0xc0 [ 139.240030] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 139.240662] drm_gem_shmem_free_wrapper+0x12/0x20 [ 139.240838] __kunit_action_free+0x57/0x70 [ 139.240995] kunit_remove_resource+0x133/0x200 [ 139.241163] ? preempt_count_sub+0x50/0x80 [ 139.241425] kunit_cleanup+0x7a/0x120 [ 139.241630] kunit_try_run_case_cleanup+0xbd/0xf0 [ 139.241828] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 139.242069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.242338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.242548] kthread+0x337/0x6f0 [ 139.242724] ? trace_preempt_on+0x20/0xc0 [ 139.242908] ? __pfx_kthread+0x10/0x10 [ 139.243074] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.243257] ? calculate_sigpending+0x7b/0xa0 [ 139.243610] ? __pfx_kthread+0x10/0x10 [ 139.243795] ret_from_fork+0x116/0x1d0 [ 139.243959] ? __pfx_kthread+0x10/0x10 [ 139.244095] ret_from_fork_asm+0x1a/0x30 [ 139.244305] </TASK> [ 139.244431] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 139.082701] WARNING: CPU: 0 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 139.083701] Modules linked in: [ 139.083936] CPU: 0 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.084764] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.085015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.085920] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 139.086213] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 139.087383] RSP: 0000:ffff888107867b20 EFLAGS: 00010246 [ 139.087765] RAX: ffff888107867ba8 RBX: ffff888107867c28 RCX: 1ffff11020f0cf8e [ 139.087975] RDX: dffffc0000000000 RSI: ffff888107b50000 RDI: ffff888107b50000 [ 139.088688] RBP: ffff888107867b70 R08: ffff888107b50000 R09: ffffffffbb1d8e20 [ 139.089625] R10: 0000000000000003 R11: 00000000d18e2d9a R12: 1ffff11020f0cf71 [ 139.090528] R13: ffff888107867c70 R14: ffff888107867db8 R15: 0000000000000000 [ 139.091378] FS: 0000000000000000(0000) GS:ffff88819de72000(0000) knlGS:0000000000000000 [ 139.091883] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.092070] CR2: 00007ffff7ffe000 CR3: 000000007b0bc000 CR4: 00000000000006f0 [ 139.092665] DR0: ffffffffbd252440 DR1: ffffffffbd252441 DR2: ffffffffbd252443 [ 139.093785] DR3: ffffffffbd252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.094536] Call Trace: [ 139.094647] <TASK> [ 139.094739] ? trace_preempt_on+0x20/0xc0 [ 139.094907] ? add_dr+0xc1/0x1d0 [ 139.095038] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 139.095716] ? add_dr+0x148/0x1d0 [ 139.096085] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 139.096890] ? __drmm_add_action+0x1a4/0x280 [ 139.097383] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.097969] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.098236] ? __drmm_add_action_or_reset+0x22/0x50 [ 139.098834] ? __schedule+0x10cc/0x2b60 [ 139.099393] ? __pfx_read_tsc+0x10/0x10 [ 139.099546] ? ktime_get_ts64+0x86/0x230 [ 139.099694] kunit_try_run_case+0x1a5/0x480 [ 139.099849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.100009] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.100187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.100464] ? __kthread_parkme+0x82/0x180 [ 139.100702] ? preempt_count_sub+0x50/0x80 [ 139.100925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.101563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.101835] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.102127] kthread+0x337/0x6f0 [ 139.102456] ? trace_preempt_on+0x20/0xc0 [ 139.102724] ? __pfx_kthread+0x10/0x10 [ 139.102962] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.103198] ? calculate_sigpending+0x7b/0xa0 [ 139.103550] ? __pfx_kthread+0x10/0x10 [ 139.103782] ret_from_fork+0x116/0x1d0 [ 139.103945] ? __pfx_kthread+0x10/0x10 [ 139.104181] ret_from_fork_asm+0x1a/0x30 [ 139.104490] </TASK> [ 139.104589] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 139.044769] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 139.044906] WARNING: CPU: 1 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 139.046714] Modules linked in: [ 139.047087] CPU: 1 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.047947] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.048285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.049127] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 139.049585] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 c0 38 1d bb 4c 89 fa 48 c7 c7 20 39 1d bb 48 89 c6 e8 b2 de 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 139.050518] RSP: 0000:ffff88810afdfb68 EFLAGS: 00010282 [ 139.050775] RAX: 0000000000000000 RBX: ffff88810afdfc40 RCX: 1ffffffff77e4cf0 [ 139.050989] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 139.051737] RBP: ffff88810afdfb90 R08: 0000000000000000 R09: fffffbfff77e4cf0 [ 139.052539] R10: 0000000000000003 R11: 0000000000037430 R12: ffff88810afdfc18 [ 139.053270] R13: ffff88810b058800 R14: ffff888103b12000 R15: ffff8881096a1a00 [ 139.053729] FS: 0000000000000000(0000) GS:ffff88819df72000(0000) knlGS:0000000000000000 [ 139.053971] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.054316] CR2: 00007ffff7ffe000 CR3: 000000007b0bc000 CR4: 00000000000006f0 [ 139.055257] DR0: ffffffffbd252444 DR1: ffffffffbd252449 DR2: ffffffffbd25244a [ 139.055918] DR3: ffffffffbd25244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.056659] Call Trace: [ 139.056879] <TASK> [ 139.056992] drm_test_framebuffer_free+0x1ab/0x610 [ 139.057415] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 139.057975] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.058431] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.058801] ? __drmm_add_action_or_reset+0x22/0x50 [ 139.058982] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 139.059187] kunit_try_run_case+0x1a5/0x480 [ 139.059655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.060086] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.060647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.061132] ? __kthread_parkme+0x82/0x180 [ 139.061460] ? preempt_count_sub+0x50/0x80 [ 139.061620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.061784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.061970] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.062346] kthread+0x337/0x6f0 [ 139.062655] ? trace_preempt_on+0x20/0xc0 [ 139.063279] ? __pfx_kthread+0x10/0x10 [ 139.063685] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.064088] ? calculate_sigpending+0x7b/0xa0 [ 139.064581] ? __pfx_kthread+0x10/0x10 [ 139.065019] ret_from_fork+0x116/0x1d0 [ 139.065363] ? __pfx_kthread+0x10/0x10 [ 139.065507] ret_from_fork_asm+0x1a/0x30 [ 139.065662] </TASK> [ 139.065755] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 137.607711] WARNING: CPU: 0 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 137.608467] Modules linked in: [ 137.608893] CPU: 0 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 137.609598] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 137.609783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 137.610053] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 137.610266] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 82 26 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 137.611327] RSP: 0000:ffff88810a417c90 EFLAGS: 00010246 [ 137.611580] RAX: dffffc0000000000 RBX: ffff88810a4da000 RCX: 0000000000000000 [ 137.611863] RDX: 1ffff1102149b432 RSI: ffffffffb84067f8 RDI: ffff88810a4da190 [ 137.612084] RBP: ffff88810a417ca0 R08: 1ffff11020073f69 R09: ffffed1021482f65 [ 137.612675] R10: 0000000000000003 R11: ffffffffb79859f8 R12: 0000000000000000 [ 137.613048] R13: ffff88810a417d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 137.613388] FS: 0000000000000000(0000) GS:ffff88819de72000(0000) knlGS:0000000000000000 [ 137.613887] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.614184] CR2: 00007ffff7ffe000 CR3: 000000007b0bc000 CR4: 00000000000006f0 [ 137.614497] DR0: ffffffffbd252440 DR1: ffffffffbd252441 DR2: ffffffffbd252443 [ 137.614837] DR3: ffffffffbd252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 137.615234] Call Trace: [ 137.615529] <TASK> [ 137.615755] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 137.616098] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 137.616823] ? __schedule+0x10cc/0x2b60 [ 137.617034] ? __pfx_read_tsc+0x10/0x10 [ 137.617616] ? ktime_get_ts64+0x86/0x230 [ 137.617850] kunit_try_run_case+0x1a5/0x480 [ 137.618049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.618604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 137.619038] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 137.619562] ? __kthread_parkme+0x82/0x180 [ 137.619905] ? preempt_count_sub+0x50/0x80 [ 137.620058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.620409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 137.620640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 137.620944] kthread+0x337/0x6f0 [ 137.621103] ? trace_preempt_on+0x20/0xc0 [ 137.621356] ? __pfx_kthread+0x10/0x10 [ 137.621495] ? _raw_spin_unlock_irq+0x47/0x80 [ 137.621833] ? calculate_sigpending+0x7b/0xa0 [ 137.622041] ? __pfx_kthread+0x10/0x10 [ 137.622310] ret_from_fork+0x116/0x1d0 [ 137.622478] ? __pfx_kthread+0x10/0x10 [ 137.622634] ret_from_fork_asm+0x1a/0x30 [ 137.622888] </TASK> [ 137.623049] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 137.686949] WARNING: CPU: 0 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 137.687419] Modules linked in: [ 137.687951] CPU: 0 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 137.688604] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 137.688918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 137.689298] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 137.689744] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 82 26 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 137.690660] RSP: 0000:ffff88810a39fc90 EFLAGS: 00010246 [ 137.690885] RAX: dffffc0000000000 RBX: ffff88810a42c000 RCX: 0000000000000000 [ 137.691182] RDX: 1ffff11021485832 RSI: ffffffffb84067f8 RDI: ffff88810a42c190 [ 137.691494] RBP: ffff88810a39fca0 R08: 1ffff11020073f69 R09: ffffed1021473f65 [ 137.691816] R10: 0000000000000003 R11: ffffffffb79859f8 R12: 0000000000000000 [ 137.692175] R13: ffff88810a39fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 137.692439] FS: 0000000000000000(0000) GS:ffff88819de72000(0000) knlGS:0000000000000000 [ 137.692806] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 137.693073] CR2: 00007ffff7ffe000 CR3: 000000007b0bc000 CR4: 00000000000006f0 [ 137.693706] DR0: ffffffffbd252440 DR1: ffffffffbd252441 DR2: ffffffffbd252443 [ 137.694005] DR3: ffffffffbd252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 137.694557] Call Trace: [ 137.694707] <TASK> [ 137.694842] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 137.695141] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 137.695744] ? __schedule+0x10cc/0x2b60 [ 137.696017] ? __pfx_read_tsc+0x10/0x10 [ 137.696437] ? ktime_get_ts64+0x86/0x230 [ 137.696805] kunit_try_run_case+0x1a5/0x480 [ 137.696973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.697415] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 137.697761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 137.698012] ? __kthread_parkme+0x82/0x180 [ 137.698432] ? preempt_count_sub+0x50/0x80 [ 137.698640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 137.698844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 137.699105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 137.699768] kthread+0x337/0x6f0 [ 137.699986] ? trace_preempt_on+0x20/0xc0 [ 137.700458] ? __pfx_kthread+0x10/0x10 [ 137.700644] ? _raw_spin_unlock_irq+0x47/0x80 [ 137.700953] ? calculate_sigpending+0x7b/0xa0 [ 137.701297] ? __pfx_kthread+0x10/0x10 [ 137.701568] ret_from_fork+0x116/0x1d0 [ 137.701749] ? __pfx_kthread+0x10/0x10 [ 137.702016] ret_from_fork_asm+0x1a/0x30 [ 137.702439] </TASK> [ 137.702570] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 107.407612] WARNING: CPU: 1 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 107.408368] Modules linked in: [ 107.408766] CPU: 1 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 107.409562] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 107.410347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.411350] RIP: 0010:intlog10+0x2a/0x40 [ 107.411643] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 07 aa 86 02 90 <0f> 0b 90 31 c0 e9 fc a9 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 107.413032] RSP: 0000:ffff88810379fcb0 EFLAGS: 00010246 [ 107.413768] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110206f3fb4 [ 107.414665] RDX: 1ffffffff7612dc4 RSI: 1ffff110206f3fb3 RDI: 0000000000000000 [ 107.415360] RBP: ffff88810379fd60 R08: 0000000000000000 R09: ffffed10204b00c0 [ 107.416006] R10: ffff888102580607 R11: 0000000000000000 R12: 1ffff110206f3f97 [ 107.416432] R13: ffffffffbb096e20 R14: 0000000000000000 R15: ffff88810379fd38 [ 107.417181] FS: 0000000000000000(0000) GS:ffff88819df72000(0000) knlGS:0000000000000000 [ 107.418396] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.418758] CR2: dffffc0000000000 CR3: 000000007b0bc000 CR4: 00000000000006f0 [ 107.418990] DR0: ffffffffbd252444 DR1: ffffffffbd252449 DR2: ffffffffbd25244a [ 107.419920] DR3: ffffffffbd25244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.420868] Call Trace: [ 107.421211] <TASK> [ 107.421630] ? intlog10_test+0xf2/0x220 [ 107.422162] ? __pfx_intlog10_test+0x10/0x10 [ 107.422715] ? __schedule+0x10cc/0x2b60 [ 107.423332] ? __pfx_read_tsc+0x10/0x10 [ 107.423644] ? ktime_get_ts64+0x86/0x230 [ 107.423815] kunit_try_run_case+0x1a5/0x480 [ 107.424173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.424867] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.425595] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 107.426293] ? __kthread_parkme+0x82/0x180 [ 107.426895] ? preempt_count_sub+0x50/0x80 [ 107.427336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.427890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.428454] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.429119] kthread+0x337/0x6f0 [ 107.429647] ? trace_preempt_on+0x20/0xc0 [ 107.429948] ? __pfx_kthread+0x10/0x10 [ 107.430116] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.430671] ? calculate_sigpending+0x7b/0xa0 [ 107.431224] ? __pfx_kthread+0x10/0x10 [ 107.431776] ret_from_fork+0x116/0x1d0 [ 107.432456] ? __pfx_kthread+0x10/0x10 [ 107.432959] ret_from_fork_asm+0x1a/0x30 [ 107.433502] </TASK> [ 107.433866] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 107.367471] WARNING: CPU: 0 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 107.368436] Modules linked in: [ 107.368797] CPU: 0 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 107.369494] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 107.370027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.370855] RIP: 0010:intlog2+0xdf/0x110 [ 107.371139] Code: 09 bb c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 6f d8 55 ff 8b 45 e4 eb [ 107.372431] RSP: 0000:ffff888103727cb0 EFLAGS: 00010246 [ 107.372622] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110206e4fb4 [ 107.372829] RDX: 1ffffffff7612e18 RSI: 1ffff110206e4fb3 RDI: 0000000000000000 [ 107.373287] RBP: ffff888103727d60 R08: 0000000000000000 R09: ffffed1020c8f880 [ 107.374078] R10: ffff88810647c407 R11: 0000000000000000 R12: 1ffff110206e4f97 [ 107.374905] R13: ffffffffbb0970c0 R14: 0000000000000000 R15: ffff888103727d38 [ 107.375654] FS: 0000000000000000(0000) GS:ffff88819de72000(0000) knlGS:0000000000000000 [ 107.376575] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.377206] CR2: ffff88815a8eefe0 CR3: 000000007b0bc000 CR4: 00000000000006f0 [ 107.377438] DR0: ffffffffbd252440 DR1: ffffffffbd252441 DR2: ffffffffbd252443 [ 107.377646] DR3: ffffffffbd252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.377850] Call Trace: [ 107.377952] <TASK> [ 107.378042] ? intlog2_test+0xf2/0x220 [ 107.378217] ? __pfx_intlog2_test+0x10/0x10 [ 107.378620] ? __schedule+0x10cc/0x2b60 [ 107.378848] ? __pfx_read_tsc+0x10/0x10 [ 107.379055] ? ktime_get_ts64+0x86/0x230 [ 107.379211] kunit_try_run_case+0x1a5/0x480 [ 107.379361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.379722] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.379993] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 107.380438] ? __kthread_parkme+0x82/0x180 [ 107.380636] ? preempt_count_sub+0x50/0x80 [ 107.381225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.381718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.381953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.382155] kthread+0x337/0x6f0 [ 107.382391] ? trace_preempt_on+0x20/0xc0 [ 107.382766] ? __pfx_kthread+0x10/0x10 [ 107.383136] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.383577] ? calculate_sigpending+0x7b/0xa0 [ 107.383998] ? __pfx_kthread+0x10/0x10 [ 107.384429] ret_from_fork+0x116/0x1d0 [ 107.384870] ? __pfx_kthread+0x10/0x10 [ 107.385251] ret_from_fork_asm+0x1a/0x30 [ 107.385642] </TASK> [ 107.385773] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.563177] ================================================================== [ 48.563562] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 48.563562] [ 48.564010] Use-after-free read at 0x(____ptrval____) (in kfence-#118): [ 48.564254] test_krealloc+0x6fc/0xbe0 [ 48.564409] kunit_try_run_case+0x1a5/0x480 [ 48.564629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.564927] kthread+0x337/0x6f0 [ 48.565403] ret_from_fork+0x116/0x1d0 [ 48.565572] ret_from_fork_asm+0x1a/0x30 [ 48.565862] [ 48.566292] kfence-#118: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 48.566292] [ 48.566719] allocated by task 354 on cpu 0 at 48.562540s (0.004177s ago): [ 48.567046] test_alloc+0x364/0x10f0 [ 48.567248] test_krealloc+0xad/0xbe0 [ 48.567425] kunit_try_run_case+0x1a5/0x480 [ 48.567676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.568012] kthread+0x337/0x6f0 [ 48.568225] ret_from_fork+0x116/0x1d0 [ 48.568383] ret_from_fork_asm+0x1a/0x30 [ 48.568579] [ 48.568727] freed by task 354 on cpu 0 at 48.562779s (0.005945s ago): [ 48.569044] krealloc_noprof+0x108/0x340 [ 48.569238] test_krealloc+0x226/0xbe0 [ 48.569409] kunit_try_run_case+0x1a5/0x480 [ 48.569591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.569951] kthread+0x337/0x6f0 [ 48.570150] ret_from_fork+0x116/0x1d0 [ 48.570358] ret_from_fork_asm+0x1a/0x30 [ 48.570556] [ 48.570654] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 48.571209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.571381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.571743] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.471366] ================================================================== [ 48.471787] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.471787] [ 48.472148] Use-after-free read at 0x(____ptrval____) (in kfence-#117): [ 48.472462] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.472649] kunit_try_run_case+0x1a5/0x480 [ 48.472807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.473074] kthread+0x337/0x6f0 [ 48.473243] ret_from_fork+0x116/0x1d0 [ 48.473418] ret_from_fork_asm+0x1a/0x30 [ 48.473582] [ 48.473654] kfence-#117: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 48.473654] [ 48.474298] allocated by task 352 on cpu 1 at 48.461471s (0.012825s ago): [ 48.474814] test_alloc+0x2a6/0x10f0 [ 48.474961] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 48.475135] kunit_try_run_case+0x1a5/0x480 [ 48.475284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.475458] kthread+0x337/0x6f0 [ 48.475577] ret_from_fork+0x116/0x1d0 [ 48.475710] ret_from_fork_asm+0x1a/0x30 [ 48.475925] [ 48.476084] freed by task 352 on cpu 1 at 48.461577s (0.014505s ago): [ 48.476627] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 48.477121] kunit_try_run_case+0x1a5/0x480 [ 48.477487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.477984] kthread+0x337/0x6f0 [ 48.478299] ret_from_fork+0x116/0x1d0 [ 48.478641] ret_from_fork_asm+0x1a/0x30 [ 48.479020] [ 48.479208] CPU: 1 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 48.479980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.480124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.480403] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 22.889611] ================================================================== [ 22.890104] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 22.890104] [ 22.890490] Invalid read at 0x(____ptrval____): [ 22.890730] test_invalid_access+0xf0/0x210 [ 22.890942] kunit_try_run_case+0x1a5/0x480 [ 22.891140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.891320] kthread+0x337/0x6f0 [ 22.891494] ret_from_fork+0x116/0x1d0 [ 22.892448] ret_from_fork_asm+0x1a/0x30 [ 22.892686] [ 22.892974] CPU: 0 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 22.893622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.893954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.894476] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.778712] ================================================================== [ 17.779107] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.779107] [ 17.780051] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#64): [ 17.780350] test_out_of_bounds_write+0x10d/0x260 [ 17.780712] kunit_try_run_case+0x1a5/0x480 [ 17.780896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.781146] kthread+0x337/0x6f0 [ 17.781322] ret_from_fork+0x116/0x1d0 [ 17.781493] ret_from_fork_asm+0x1a/0x30 [ 17.781809] [ 17.781933] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.781933] [ 17.782292] allocated by task 308 on cpu 1 at 17.778604s (0.003687s ago): [ 17.782661] test_alloc+0x364/0x10f0 [ 17.782871] test_out_of_bounds_write+0xd4/0x260 [ 17.783085] kunit_try_run_case+0x1a5/0x480 [ 17.783277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.783578] kthread+0x337/0x6f0 [ 17.783749] ret_from_fork+0x116/0x1d0 [ 17.783912] ret_from_fork_asm+0x1a/0x30 [ 17.784142] [ 17.784275] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.784718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.784944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.785337] ================================================================== [ 17.882723] ================================================================== [ 17.883120] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.883120] [ 17.883634] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#65): [ 17.883960] test_out_of_bounds_write+0x10d/0x260 [ 17.884221] kunit_try_run_case+0x1a5/0x480 [ 17.884466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.884704] kthread+0x337/0x6f0 [ 17.884834] ret_from_fork+0x116/0x1d0 [ 17.884973] ret_from_fork_asm+0x1a/0x30 [ 17.885198] [ 17.885299] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.885299] [ 17.885791] allocated by task 310 on cpu 0 at 17.882662s (0.003127s ago): [ 17.886089] test_alloc+0x2a6/0x10f0 [ 17.886269] test_out_of_bounds_write+0xd4/0x260 [ 17.886535] kunit_try_run_case+0x1a5/0x480 [ 17.886700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.886898] kthread+0x337/0x6f0 [ 17.887069] ret_from_fork+0x116/0x1d0 [ 17.887282] ret_from_fork_asm+0x1a/0x30 [ 17.887598] [ 17.887708] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.888129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.888348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.888704] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 22.666862] ================================================================== [ 22.667263] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.667263] [ 22.667721] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#111): [ 22.668260] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.668640] kunit_try_run_case+0x1a5/0x480 [ 22.668859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.669061] kthread+0x337/0x6f0 [ 22.669189] ret_from_fork+0x116/0x1d0 [ 22.669384] ret_from_fork_asm+0x1a/0x30 [ 22.669605] [ 22.669708] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.669708] [ 22.670021] allocated by task 342 on cpu 1 at 22.666619s (0.003400s ago): [ 22.670343] test_alloc+0x364/0x10f0 [ 22.670526] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 22.670889] kunit_try_run_case+0x1a5/0x480 [ 22.671039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.671285] kthread+0x337/0x6f0 [ 22.671443] ret_from_fork+0x116/0x1d0 [ 22.671590] ret_from_fork_asm+0x1a/0x30 [ 22.671732] [ 22.671825] freed by task 342 on cpu 1 at 22.666744s (0.005078s ago): [ 22.672135] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.672383] kunit_try_run_case+0x1a5/0x480 [ 22.672735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.672969] kthread+0x337/0x6f0 [ 22.673091] ret_from_fork+0x116/0x1d0 [ 22.673264] ret_from_fork_asm+0x1a/0x30 [ 22.673486] [ 22.673618] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 22.674055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.674223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.674603] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 22.562806] ================================================================== [ 22.563218] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.563218] [ 22.563731] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#110): [ 22.564066] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.564313] kunit_try_run_case+0x1a5/0x480 [ 22.564500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.564901] kthread+0x337/0x6f0 [ 22.565057] ret_from_fork+0x116/0x1d0 [ 22.565239] ret_from_fork_asm+0x1a/0x30 [ 22.565420] [ 22.565523] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.565523] [ 22.565839] allocated by task 340 on cpu 0 at 22.562588s (0.003249s ago): [ 22.566164] test_alloc+0x364/0x10f0 [ 22.566351] test_kmalloc_aligned_oob_read+0x105/0x560 [ 22.566564] kunit_try_run_case+0x1a5/0x480 [ 22.566779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.567036] kthread+0x337/0x6f0 [ 22.567185] ret_from_fork+0x116/0x1d0 [ 22.567369] ret_from_fork_asm+0x1a/0x30 [ 22.567590] [ 22.567702] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 22.568083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.568284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.568622] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 18.818822] ================================================================== [ 18.819242] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.819242] [ 18.819671] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#74): [ 18.820868] test_corruption+0x2d2/0x3e0 [ 18.821076] kunit_try_run_case+0x1a5/0x480 [ 18.821267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.821685] kthread+0x337/0x6f0 [ 18.821939] ret_from_fork+0x116/0x1d0 [ 18.822097] ret_from_fork_asm+0x1a/0x30 [ 18.822288] [ 18.822394] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.822394] [ 18.823007] allocated by task 328 on cpu 0 at 18.818560s (0.004445s ago): [ 18.823311] test_alloc+0x364/0x10f0 [ 18.823697] test_corruption+0xe6/0x3e0 [ 18.823886] kunit_try_run_case+0x1a5/0x480 [ 18.824146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.824398] kthread+0x337/0x6f0 [ 18.824793] ret_from_fork+0x116/0x1d0 [ 18.825043] ret_from_fork_asm+0x1a/0x30 [ 18.825215] [ 18.825511] freed by task 328 on cpu 0 at 18.818650s (0.006858s ago): [ 18.825875] test_corruption+0x2d2/0x3e0 [ 18.826074] kunit_try_run_case+0x1a5/0x480 [ 18.826263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.826675] kthread+0x337/0x6f0 [ 18.826911] ret_from_fork+0x116/0x1d0 [ 18.827147] ret_from_fork_asm+0x1a/0x30 [ 18.827399] [ 18.827522] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.828085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.828271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.828820] ================================================================== [ 19.338726] ================================================================== [ 19.339107] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.339107] [ 19.339536] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#79): [ 19.339903] test_corruption+0x216/0x3e0 [ 19.340054] kunit_try_run_case+0x1a5/0x480 [ 19.340284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.340637] kthread+0x337/0x6f0 [ 19.340784] ret_from_fork+0x116/0x1d0 [ 19.340964] ret_from_fork_asm+0x1a/0x30 [ 19.341164] [ 19.341246] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.341246] [ 19.341682] allocated by task 330 on cpu 1 at 19.338609s (0.003072s ago): [ 19.341977] test_alloc+0x2a6/0x10f0 [ 19.342119] test_corruption+0x1cb/0x3e0 [ 19.342255] kunit_try_run_case+0x1a5/0x480 [ 19.342478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.342754] kthread+0x337/0x6f0 [ 19.342929] ret_from_fork+0x116/0x1d0 [ 19.343075] ret_from_fork_asm+0x1a/0x30 [ 19.343239] [ 19.343336] freed by task 330 on cpu 1 at 19.338659s (0.004675s ago): [ 19.343656] test_corruption+0x216/0x3e0 [ 19.343842] kunit_try_run_case+0x1a5/0x480 [ 19.343986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.344166] kthread+0x337/0x6f0 [ 19.344285] ret_from_fork+0x116/0x1d0 [ 19.344714] ret_from_fork_asm+0x1a/0x30 [ 19.344954] [ 19.345081] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.345825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.346020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.346354] ================================================================== [ 19.234627] ================================================================== [ 19.235060] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.235060] [ 19.235391] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#78): [ 19.235966] test_corruption+0x131/0x3e0 [ 19.236198] kunit_try_run_case+0x1a5/0x480 [ 19.236992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.237236] kthread+0x337/0x6f0 [ 19.237404] ret_from_fork+0x116/0x1d0 [ 19.237697] ret_from_fork_asm+0x1a/0x30 [ 19.237894] [ 19.237975] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.237975] [ 19.238339] allocated by task 330 on cpu 1 at 19.234502s (0.003835s ago): [ 19.239000] test_alloc+0x2a6/0x10f0 [ 19.239273] test_corruption+0xe6/0x3e0 [ 19.239529] kunit_try_run_case+0x1a5/0x480 [ 19.239763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.239998] kthread+0x337/0x6f0 [ 19.240174] ret_from_fork+0x116/0x1d0 [ 19.240344] ret_from_fork_asm+0x1a/0x30 [ 19.240561] [ 19.240636] freed by task 330 on cpu 1 at 19.234547s (0.006087s ago): [ 19.240994] test_corruption+0x131/0x3e0 [ 19.241143] kunit_try_run_case+0x1a5/0x480 [ 19.241336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.241604] kthread+0x337/0x6f0 [ 19.241896] ret_from_fork+0x116/0x1d0 [ 19.242078] ret_from_fork_asm+0x1a/0x30 [ 19.242265] [ 19.242381] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.242753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.242933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.243319] ================================================================== [ 19.130826] ================================================================== [ 19.131241] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.131241] [ 19.131713] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#77): [ 19.132395] test_corruption+0x2df/0x3e0 [ 19.132644] kunit_try_run_case+0x1a5/0x480 [ 19.132839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.133079] kthread+0x337/0x6f0 [ 19.133241] ret_from_fork+0x116/0x1d0 [ 19.133825] ret_from_fork_asm+0x1a/0x30 [ 19.134028] [ 19.134107] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.134107] [ 19.134653] allocated by task 328 on cpu 0 at 19.130561s (0.004090s ago): [ 19.135101] test_alloc+0x364/0x10f0 [ 19.135362] test_corruption+0x1cb/0x3e0 [ 19.135666] kunit_try_run_case+0x1a5/0x480 [ 19.135933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.136186] kthread+0x337/0x6f0 [ 19.136345] ret_from_fork+0x116/0x1d0 [ 19.136734] ret_from_fork_asm+0x1a/0x30 [ 19.136942] [ 19.137028] freed by task 328 on cpu 0 at 19.130646s (0.006380s ago): [ 19.137459] test_corruption+0x2df/0x3e0 [ 19.137742] kunit_try_run_case+0x1a5/0x480 [ 19.138019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.138243] kthread+0x337/0x6f0 [ 19.138566] ret_from_fork+0x116/0x1d0 [ 19.138735] ret_from_fork_asm+0x1a/0x30 [ 19.138945] [ 19.139058] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.139775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.140036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.140524] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.714731] ================================================================== [ 18.715112] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.715112] [ 18.715423] Invalid free of 0x(____ptrval____) (in kfence-#73): [ 18.715728] test_invalid_addr_free+0xfb/0x260 [ 18.715946] kunit_try_run_case+0x1a5/0x480 [ 18.716229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.716435] kthread+0x337/0x6f0 [ 18.716692] ret_from_fork+0x116/0x1d0 [ 18.716836] ret_from_fork_asm+0x1a/0x30 [ 18.717003] [ 18.717103] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.717103] [ 18.717539] allocated by task 326 on cpu 1 at 18.714622s (0.002914s ago): [ 18.717855] test_alloc+0x2a6/0x10f0 [ 18.718049] test_invalid_addr_free+0xdb/0x260 [ 18.718258] kunit_try_run_case+0x1a5/0x480 [ 18.718478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.718695] kthread+0x337/0x6f0 [ 18.718867] ret_from_fork+0x116/0x1d0 [ 18.719048] ret_from_fork_asm+0x1a/0x30 [ 18.719235] [ 18.719335] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.719695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.719834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.720399] ================================================================== [ 18.610704] ================================================================== [ 18.611133] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.611133] [ 18.611665] Invalid free of 0x(____ptrval____) (in kfence-#72): [ 18.611872] test_invalid_addr_free+0x1e1/0x260 [ 18.612105] kunit_try_run_case+0x1a5/0x480 [ 18.612324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.612511] kthread+0x337/0x6f0 [ 18.612754] ret_from_fork+0x116/0x1d0 [ 18.612950] ret_from_fork_asm+0x1a/0x30 [ 18.613135] [ 18.613236] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.613236] [ 18.613657] allocated by task 324 on cpu 1 at 18.610596s (0.003059s ago): [ 18.613911] test_alloc+0x364/0x10f0 [ 18.614096] test_invalid_addr_free+0xdb/0x260 [ 18.614292] kunit_try_run_case+0x1a5/0x480 [ 18.614441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.614868] kthread+0x337/0x6f0 [ 18.615039] ret_from_fork+0x116/0x1d0 [ 18.615194] ret_from_fork_asm+0x1a/0x30 [ 18.615336] [ 18.615444] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.615943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.616118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.616503] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.402829] ================================================================== [ 18.403250] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.403250] [ 18.403640] Invalid free of 0x(____ptrval____) (in kfence-#70): [ 18.403900] test_double_free+0x1d3/0x260 [ 18.404085] kunit_try_run_case+0x1a5/0x480 [ 18.404308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.404632] kthread+0x337/0x6f0 [ 18.404817] ret_from_fork+0x116/0x1d0 [ 18.404993] ret_from_fork_asm+0x1a/0x30 [ 18.405138] [ 18.405231] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.405231] [ 18.405714] allocated by task 320 on cpu 1 at 18.402578s (0.003134s ago): [ 18.406053] test_alloc+0x364/0x10f0 [ 18.406235] test_double_free+0xdb/0x260 [ 18.406378] kunit_try_run_case+0x1a5/0x480 [ 18.406604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.406811] kthread+0x337/0x6f0 [ 18.406982] ret_from_fork+0x116/0x1d0 [ 18.407171] ret_from_fork_asm+0x1a/0x30 [ 18.407348] [ 18.407457] freed by task 320 on cpu 1 at 18.402646s (0.004808s ago): [ 18.407689] test_double_free+0x1e0/0x260 [ 18.407831] kunit_try_run_case+0x1a5/0x480 [ 18.408031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.408286] kthread+0x337/0x6f0 [ 18.408452] ret_from_fork+0x116/0x1d0 [ 18.408686] ret_from_fork_asm+0x1a/0x30 [ 18.408827] [ 18.408931] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.409429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.409652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.410007] ================================================================== [ 18.506763] ================================================================== [ 18.507734] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.507734] [ 18.508777] Invalid free of 0x(____ptrval____) (in kfence-#71): [ 18.509168] test_double_free+0x112/0x260 [ 18.509328] kunit_try_run_case+0x1a5/0x480 [ 18.509711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.510414] kthread+0x337/0x6f0 [ 18.510694] ret_from_fork+0x116/0x1d0 [ 18.510850] ret_from_fork_asm+0x1a/0x30 [ 18.511050] [ 18.511129] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.511129] [ 18.511521] allocated by task 322 on cpu 0 at 18.506585s (0.004934s ago): [ 18.511888] test_alloc+0x2a6/0x10f0 [ 18.512025] test_double_free+0xdb/0x260 [ 18.512216] kunit_try_run_case+0x1a5/0x480 [ 18.512444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.512717] kthread+0x337/0x6f0 [ 18.512869] ret_from_fork+0x116/0x1d0 [ 18.513035] ret_from_fork_asm+0x1a/0x30 [ 18.513176] [ 18.513260] freed by task 322 on cpu 0 at 18.506644s (0.006613s ago): [ 18.513583] test_double_free+0xfa/0x260 [ 18.513739] kunit_try_run_case+0x1a5/0x480 [ 18.513903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.514163] kthread+0x337/0x6f0 [ 18.514337] ret_from_fork+0x116/0x1d0 [ 18.514576] ret_from_fork_asm+0x1a/0x30 [ 18.514744] [ 18.514855] CPU: 0 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.515270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.515411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.515837] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.986898] ================================================================== [ 17.987452] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.987452] [ 17.987929] Use-after-free read at 0x(____ptrval____) (in kfence-#66): [ 17.988198] test_use_after_free_read+0x129/0x270 [ 17.988441] kunit_try_run_case+0x1a5/0x480 [ 17.988684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.988970] kthread+0x337/0x6f0 [ 17.989148] ret_from_fork+0x116/0x1d0 [ 17.989340] ret_from_fork_asm+0x1a/0x30 [ 17.989486] [ 17.989575] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.989575] [ 17.990102] allocated by task 312 on cpu 1 at 17.986693s (0.003406s ago): [ 17.990577] test_alloc+0x364/0x10f0 [ 17.990795] test_use_after_free_read+0xdc/0x270 [ 17.991019] kunit_try_run_case+0x1a5/0x480 [ 17.991199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.991373] kthread+0x337/0x6f0 [ 17.991493] ret_from_fork+0x116/0x1d0 [ 17.991722] ret_from_fork_asm+0x1a/0x30 [ 17.991938] [ 17.992434] freed by task 312 on cpu 1 at 17.986744s (0.005512s ago): [ 17.993456] test_use_after_free_read+0x1e7/0x270 [ 17.993691] kunit_try_run_case+0x1a5/0x480 [ 17.994113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.994400] kthread+0x337/0x6f0 [ 17.994866] ret_from_fork+0x116/0x1d0 [ 17.995008] ret_from_fork_asm+0x1a/0x30 [ 17.995169] [ 17.995273] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.995813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.996306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.996857] ================================================================== [ 18.090756] ================================================================== [ 18.091153] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.091153] [ 18.091593] Use-after-free read at 0x(____ptrval____) (in kfence-#67): [ 18.091897] test_use_after_free_read+0x129/0x270 [ 18.092144] kunit_try_run_case+0x1a5/0x480 [ 18.092357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.092658] kthread+0x337/0x6f0 [ 18.092843] ret_from_fork+0x116/0x1d0 [ 18.093033] ret_from_fork_asm+0x1a/0x30 [ 18.093177] [ 18.093252] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.093252] [ 18.093594] allocated by task 314 on cpu 0 at 18.090591s (0.003001s ago): [ 18.093990] test_alloc+0x2a6/0x10f0 [ 18.094223] test_use_after_free_read+0xdc/0x270 [ 18.094489] kunit_try_run_case+0x1a5/0x480 [ 18.094713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.094975] kthread+0x337/0x6f0 [ 18.095120] ret_from_fork+0x116/0x1d0 [ 18.095254] ret_from_fork_asm+0x1a/0x30 [ 18.095402] [ 18.095528] freed by task 314 on cpu 0 at 18.090655s (0.004870s ago): [ 18.095889] test_use_after_free_read+0xfb/0x270 [ 18.096156] kunit_try_run_case+0x1a5/0x480 [ 18.096368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.096692] kthread+0x337/0x6f0 [ 18.096858] ret_from_fork+0x116/0x1d0 [ 18.097028] ret_from_fork_asm+0x1a/0x30 [ 18.097251] [ 18.097389] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.097864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.098043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.098487] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.570700] ================================================================== [ 17.571140] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.571140] [ 17.571975] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#62): [ 17.572287] test_out_of_bounds_read+0x126/0x4e0 [ 17.572567] kunit_try_run_case+0x1a5/0x480 [ 17.572784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.573359] kthread+0x337/0x6f0 [ 17.573587] ret_from_fork+0x116/0x1d0 [ 17.573799] ret_from_fork_asm+0x1a/0x30 [ 17.574216] [ 17.574309] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.574309] [ 17.575013] allocated by task 306 on cpu 1 at 17.570640s (0.004371s ago): [ 17.575457] test_alloc+0x2a6/0x10f0 [ 17.575670] test_out_of_bounds_read+0xed/0x4e0 [ 17.576030] kunit_try_run_case+0x1a5/0x480 [ 17.576342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.576720] kthread+0x337/0x6f0 [ 17.576923] ret_from_fork+0x116/0x1d0 [ 17.577217] ret_from_fork_asm+0x1a/0x30 [ 17.577427] [ 17.577701] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.578251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.578562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.578943] ================================================================== [ 17.365675] ================================================================== [ 17.366099] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.366099] [ 17.366614] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#60): [ 17.367048] test_out_of_bounds_read+0x126/0x4e0 [ 17.367282] kunit_try_run_case+0x1a5/0x480 [ 17.367470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.367730] kthread+0x337/0x6f0 [ 17.367903] ret_from_fork+0x116/0x1d0 [ 17.368066] ret_from_fork_asm+0x1a/0x30 [ 17.368276] [ 17.368536] kfence-#60: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.368536] [ 17.369000] allocated by task 304 on cpu 0 at 17.364403s (0.004540s ago): [ 17.369572] test_alloc+0x364/0x10f0 [ 17.369759] test_out_of_bounds_read+0xed/0x4e0 [ 17.369922] kunit_try_run_case+0x1a5/0x480 [ 17.370130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.370388] kthread+0x337/0x6f0 [ 17.370584] ret_from_fork+0x116/0x1d0 [ 17.370750] ret_from_fork_asm+0x1a/0x30 [ 17.371003] [ 17.371156] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.371571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.371720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.372307] ================================================================== [ 17.674657] ================================================================== [ 17.675046] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.675046] [ 17.675668] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#63): [ 17.676566] test_out_of_bounds_read+0x216/0x4e0 [ 17.676823] kunit_try_run_case+0x1a5/0x480 [ 17.677029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.677273] kthread+0x337/0x6f0 [ 17.677753] ret_from_fork+0x116/0x1d0 [ 17.677947] ret_from_fork_asm+0x1a/0x30 [ 17.678218] [ 17.678321] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.678321] [ 17.678816] allocated by task 306 on cpu 1 at 17.674604s (0.004210s ago): [ 17.679349] test_alloc+0x2a6/0x10f0 [ 17.679570] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.679937] kunit_try_run_case+0x1a5/0x480 [ 17.680227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.680593] kthread+0x337/0x6f0 [ 17.680776] ret_from_fork+0x116/0x1d0 [ 17.681077] ret_from_fork_asm+0x1a/0x30 [ 17.681358] [ 17.681485] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.682088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.682303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.682849] ================================================================== [ 17.466775] ================================================================== [ 17.467168] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.467168] [ 17.467719] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#61): [ 17.468010] test_out_of_bounds_read+0x216/0x4e0 [ 17.468219] kunit_try_run_case+0x1a5/0x480 [ 17.468436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.468713] kthread+0x337/0x6f0 [ 17.468891] ret_from_fork+0x116/0x1d0 [ 17.469082] ret_from_fork_asm+0x1a/0x30 [ 17.469272] [ 17.469346] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.469346] [ 17.469901] allocated by task 304 on cpu 0 at 17.466596s (0.003302s ago): [ 17.470202] test_alloc+0x364/0x10f0 [ 17.470382] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.470571] kunit_try_run_case+0x1a5/0x480 [ 17.470788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.471044] kthread+0x337/0x6f0 [ 17.471202] ret_from_fork+0x116/0x1d0 [ 17.471370] ret_from_fork_asm+0x1a/0x30 [ 17.471539] [ 17.471641] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.472248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.472397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.472787] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 17.274119] ================================================================== [ 17.274422] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 17.274757] Write of size 121 at addr ffff8881025ccc00 by task kunit_try_catch/302 [ 17.274991] [ 17.275085] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.275128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.275142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.275163] Call Trace: [ 17.275177] <TASK> [ 17.275190] dump_stack_lvl+0x73/0xb0 [ 17.275218] print_report+0xd1/0x610 [ 17.275242] ? __virt_addr_valid+0x1db/0x2d0 [ 17.275266] ? strncpy_from_user+0x2e/0x1d0 [ 17.275291] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.275317] ? strncpy_from_user+0x2e/0x1d0 [ 17.275343] kasan_report+0x141/0x180 [ 17.275367] ? strncpy_from_user+0x2e/0x1d0 [ 17.275396] kasan_check_range+0x10c/0x1c0 [ 17.275432] __kasan_check_write+0x18/0x20 [ 17.275453] strncpy_from_user+0x2e/0x1d0 [ 17.275477] ? __kasan_check_read+0x15/0x20 [ 17.275501] copy_user_test_oob+0x760/0x10f0 [ 17.275528] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.275568] ? __kasan_check_write+0x18/0x20 [ 17.275590] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.275615] ? irqentry_exit+0x2a/0x60 [ 17.275638] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.275664] ? trace_hardirqs_on+0x37/0xe0 [ 17.275689] ? __pfx_read_tsc+0x10/0x10 [ 17.275711] ? ktime_get_ts64+0x86/0x230 [ 17.275735] kunit_try_run_case+0x1a5/0x480 [ 17.275761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.275788] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.275814] ? __kthread_parkme+0x82/0x180 [ 17.275836] ? preempt_count_sub+0x50/0x80 [ 17.275860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.275886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.275913] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.275940] kthread+0x337/0x6f0 [ 17.275960] ? trace_preempt_on+0x20/0xc0 [ 17.275984] ? __pfx_kthread+0x10/0x10 [ 17.276005] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.276028] ? calculate_sigpending+0x7b/0xa0 [ 17.276054] ? __pfx_kthread+0x10/0x10 [ 17.276080] ret_from_fork+0x116/0x1d0 [ 17.276100] ? __pfx_kthread+0x10/0x10 [ 17.276122] ret_from_fork_asm+0x1a/0x30 [ 17.276154] </TASK> [ 17.276165] [ 17.287038] Allocated by task 302: [ 17.287222] kasan_save_stack+0x45/0x70 [ 17.287418] kasan_save_track+0x18/0x40 [ 17.287779] kasan_save_alloc_info+0x3b/0x50 [ 17.287987] __kasan_kmalloc+0xb7/0xc0 [ 17.288166] __kmalloc_noprof+0x1c9/0x500 [ 17.288357] kunit_kmalloc_array+0x25/0x60 [ 17.288761] copy_user_test_oob+0xab/0x10f0 [ 17.288950] kunit_try_run_case+0x1a5/0x480 [ 17.289167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.289618] kthread+0x337/0x6f0 [ 17.289789] ret_from_fork+0x116/0x1d0 [ 17.290118] ret_from_fork_asm+0x1a/0x30 [ 17.290276] [ 17.290380] The buggy address belongs to the object at ffff8881025ccc00 [ 17.290380] which belongs to the cache kmalloc-128 of size 128 [ 17.291148] The buggy address is located 0 bytes inside of [ 17.291148] allocated 120-byte region [ffff8881025ccc00, ffff8881025ccc78) [ 17.291798] [ 17.292012] The buggy address belongs to the physical page: [ 17.292276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 17.292751] flags: 0x200000000000000(node=0|zone=2) [ 17.292965] page_type: f5(slab) [ 17.293241] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.293648] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.293942] page dumped because: kasan: bad access detected [ 17.294189] [ 17.294269] Memory state around the buggy address: [ 17.294481] ffff8881025ccb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.295024] ffff8881025ccb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.295384] >ffff8881025ccc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.295713] ^ [ 17.296112] ffff8881025ccc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.296517] ffff8881025ccd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.296899] ================================================================== [ 17.297518] ================================================================== [ 17.297839] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 17.298127] Write of size 1 at addr ffff8881025ccc78 by task kunit_try_catch/302 [ 17.298930] [ 17.299044] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.299090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.299103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.299126] Call Trace: [ 17.299144] <TASK> [ 17.299161] dump_stack_lvl+0x73/0xb0 [ 17.299305] print_report+0xd1/0x610 [ 17.299335] ? __virt_addr_valid+0x1db/0x2d0 [ 17.299360] ? strncpy_from_user+0x1a5/0x1d0 [ 17.299385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.299418] ? strncpy_from_user+0x1a5/0x1d0 [ 17.299443] kasan_report+0x141/0x180 [ 17.299466] ? strncpy_from_user+0x1a5/0x1d0 [ 17.299494] __asan_report_store1_noabort+0x1b/0x30 [ 17.299522] strncpy_from_user+0x1a5/0x1d0 [ 17.299563] copy_user_test_oob+0x760/0x10f0 [ 17.299591] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.299617] ? __kasan_check_write+0x18/0x20 [ 17.299639] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.299664] ? irqentry_exit+0x2a/0x60 [ 17.299686] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.299713] ? trace_hardirqs_on+0x37/0xe0 [ 17.299738] ? __pfx_read_tsc+0x10/0x10 [ 17.299760] ? ktime_get_ts64+0x86/0x230 [ 17.299786] kunit_try_run_case+0x1a5/0x480 [ 17.299811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.299837] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.299863] ? __kthread_parkme+0x82/0x180 [ 17.299885] ? preempt_count_sub+0x50/0x80 [ 17.299910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.299936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.299962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.299989] kthread+0x337/0x6f0 [ 17.300009] ? trace_preempt_on+0x20/0xc0 [ 17.300032] ? __pfx_kthread+0x10/0x10 [ 17.300054] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.300085] ? calculate_sigpending+0x7b/0xa0 [ 17.300111] ? __pfx_kthread+0x10/0x10 [ 17.300134] ret_from_fork+0x116/0x1d0 [ 17.300155] ? __pfx_kthread+0x10/0x10 [ 17.300176] ret_from_fork_asm+0x1a/0x30 [ 17.300209] </TASK> [ 17.300220] [ 17.310020] Allocated by task 302: [ 17.310395] kasan_save_stack+0x45/0x70 [ 17.310660] kasan_save_track+0x18/0x40 [ 17.310977] kasan_save_alloc_info+0x3b/0x50 [ 17.311237] __kasan_kmalloc+0xb7/0xc0 [ 17.311442] __kmalloc_noprof+0x1c9/0x500 [ 17.311641] kunit_kmalloc_array+0x25/0x60 [ 17.311822] copy_user_test_oob+0xab/0x10f0 [ 17.312015] kunit_try_run_case+0x1a5/0x480 [ 17.312207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.312428] kthread+0x337/0x6f0 [ 17.312961] ret_from_fork+0x116/0x1d0 [ 17.313134] ret_from_fork_asm+0x1a/0x30 [ 17.313276] [ 17.313378] The buggy address belongs to the object at ffff8881025ccc00 [ 17.313378] which belongs to the cache kmalloc-128 of size 128 [ 17.314103] The buggy address is located 0 bytes to the right of [ 17.314103] allocated 120-byte region [ffff8881025ccc00, ffff8881025ccc78) [ 17.314767] [ 17.314949] The buggy address belongs to the physical page: [ 17.315319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 17.315763] flags: 0x200000000000000(node=0|zone=2) [ 17.316085] page_type: f5(slab) [ 17.316223] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.316670] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.317028] page dumped because: kasan: bad access detected [ 17.317261] [ 17.317339] Memory state around the buggy address: [ 17.317661] ffff8881025ccb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.317935] ffff8881025ccb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.318208] >ffff8881025ccc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.318521] ^ [ 17.318806] ffff8881025ccc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.319051] ffff8881025ccd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.319331] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 17.219412] ================================================================== [ 17.219795] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 17.220042] Read of size 121 at addr ffff8881025ccc00 by task kunit_try_catch/302 [ 17.220408] [ 17.220491] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.220533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.220546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.220579] Call Trace: [ 17.220594] <TASK> [ 17.220610] dump_stack_lvl+0x73/0xb0 [ 17.220636] print_report+0xd1/0x610 [ 17.220659] ? __virt_addr_valid+0x1db/0x2d0 [ 17.220682] ? copy_user_test_oob+0x4aa/0x10f0 [ 17.220706] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.220730] ? copy_user_test_oob+0x4aa/0x10f0 [ 17.220755] kasan_report+0x141/0x180 [ 17.220777] ? copy_user_test_oob+0x4aa/0x10f0 [ 17.220805] kasan_check_range+0x10c/0x1c0 [ 17.220830] __kasan_check_read+0x15/0x20 [ 17.220862] copy_user_test_oob+0x4aa/0x10f0 [ 17.220890] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.220916] ? __kasan_check_write+0x18/0x20 [ 17.220937] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.220963] ? irqentry_exit+0x2a/0x60 [ 17.220986] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.221012] ? trace_hardirqs_on+0x37/0xe0 [ 17.221037] ? __pfx_read_tsc+0x10/0x10 [ 17.221060] ? ktime_get_ts64+0x86/0x230 [ 17.221085] kunit_try_run_case+0x1a5/0x480 [ 17.221110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.221137] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.221163] ? __kthread_parkme+0x82/0x180 [ 17.221185] ? preempt_count_sub+0x50/0x80 [ 17.221209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.221236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.221262] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.221289] kthread+0x337/0x6f0 [ 17.221309] ? trace_preempt_on+0x20/0xc0 [ 17.221333] ? __pfx_kthread+0x10/0x10 [ 17.221355] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.221378] ? calculate_sigpending+0x7b/0xa0 [ 17.221403] ? __pfx_kthread+0x10/0x10 [ 17.221426] ret_from_fork+0x116/0x1d0 [ 17.221446] ? __pfx_kthread+0x10/0x10 [ 17.221468] ret_from_fork_asm+0x1a/0x30 [ 17.221500] </TASK> [ 17.221510] [ 17.229084] Allocated by task 302: [ 17.229265] kasan_save_stack+0x45/0x70 [ 17.229536] kasan_save_track+0x18/0x40 [ 17.229694] kasan_save_alloc_info+0x3b/0x50 [ 17.229845] __kasan_kmalloc+0xb7/0xc0 [ 17.229981] __kmalloc_noprof+0x1c9/0x500 [ 17.230122] kunit_kmalloc_array+0x25/0x60 [ 17.230268] copy_user_test_oob+0xab/0x10f0 [ 17.230415] kunit_try_run_case+0x1a5/0x480 [ 17.230677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.230932] kthread+0x337/0x6f0 [ 17.231101] ret_from_fork+0x116/0x1d0 [ 17.231286] ret_from_fork_asm+0x1a/0x30 [ 17.231481] [ 17.231589] The buggy address belongs to the object at ffff8881025ccc00 [ 17.231589] which belongs to the cache kmalloc-128 of size 128 [ 17.232195] The buggy address is located 0 bytes inside of [ 17.232195] allocated 120-byte region [ffff8881025ccc00, ffff8881025ccc78) [ 17.232546] [ 17.232625] The buggy address belongs to the physical page: [ 17.232795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 17.233523] flags: 0x200000000000000(node=0|zone=2) [ 17.233768] page_type: f5(slab) [ 17.233940] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.234291] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.234735] page dumped because: kasan: bad access detected [ 17.234984] [ 17.235064] Memory state around the buggy address: [ 17.235274] ffff8881025ccb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.235613] ffff8881025ccb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.235889] >ffff8881025ccc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.236202] ^ [ 17.236536] ffff8881025ccc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.236814] ffff8881025ccd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.237084] ================================================================== [ 17.255888] ================================================================== [ 17.256150] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 17.257071] Read of size 121 at addr ffff8881025ccc00 by task kunit_try_catch/302 [ 17.257447] [ 17.257575] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.257621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.257635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.257657] Call Trace: [ 17.257672] <TASK> [ 17.257687] dump_stack_lvl+0x73/0xb0 [ 17.257717] print_report+0xd1/0x610 [ 17.257741] ? __virt_addr_valid+0x1db/0x2d0 [ 17.257765] ? copy_user_test_oob+0x604/0x10f0 [ 17.257790] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.257816] ? copy_user_test_oob+0x604/0x10f0 [ 17.257842] kasan_report+0x141/0x180 [ 17.257866] ? copy_user_test_oob+0x604/0x10f0 [ 17.257897] kasan_check_range+0x10c/0x1c0 [ 17.257924] __kasan_check_read+0x15/0x20 [ 17.257946] copy_user_test_oob+0x604/0x10f0 [ 17.257975] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.258003] ? __kasan_check_write+0x18/0x20 [ 17.258025] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.258050] ? irqentry_exit+0x2a/0x60 [ 17.258073] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.258099] ? trace_hardirqs_on+0x37/0xe0 [ 17.258124] ? __pfx_read_tsc+0x10/0x10 [ 17.258148] ? ktime_get_ts64+0x86/0x230 [ 17.258174] kunit_try_run_case+0x1a5/0x480 [ 17.258200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.258228] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.258254] ? __kthread_parkme+0x82/0x180 [ 17.258276] ? preempt_count_sub+0x50/0x80 [ 17.258302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.258329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.258356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.258383] kthread+0x337/0x6f0 [ 17.258404] ? trace_preempt_on+0x20/0xc0 [ 17.258439] ? __pfx_kthread+0x10/0x10 [ 17.258461] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.258485] ? calculate_sigpending+0x7b/0xa0 [ 17.258510] ? __pfx_kthread+0x10/0x10 [ 17.258533] ret_from_fork+0x116/0x1d0 [ 17.258564] ? __pfx_kthread+0x10/0x10 [ 17.258587] ret_from_fork_asm+0x1a/0x30 [ 17.258621] </TASK> [ 17.258632] [ 17.265919] Allocated by task 302: [ 17.266047] kasan_save_stack+0x45/0x70 [ 17.266189] kasan_save_track+0x18/0x40 [ 17.266327] kasan_save_alloc_info+0x3b/0x50 [ 17.266594] __kasan_kmalloc+0xb7/0xc0 [ 17.266787] __kmalloc_noprof+0x1c9/0x500 [ 17.266990] kunit_kmalloc_array+0x25/0x60 [ 17.267290] copy_user_test_oob+0xab/0x10f0 [ 17.267659] kunit_try_run_case+0x1a5/0x480 [ 17.267875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.268070] kthread+0x337/0x6f0 [ 17.268193] ret_from_fork+0x116/0x1d0 [ 17.268329] ret_from_fork_asm+0x1a/0x30 [ 17.268472] [ 17.268543] The buggy address belongs to the object at ffff8881025ccc00 [ 17.268543] which belongs to the cache kmalloc-128 of size 128 [ 17.269005] The buggy address is located 0 bytes inside of [ 17.269005] allocated 120-byte region [ffff8881025ccc00, ffff8881025ccc78) [ 17.269692] [ 17.269788] The buggy address belongs to the physical page: [ 17.270041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 17.270390] flags: 0x200000000000000(node=0|zone=2) [ 17.270586] page_type: f5(slab) [ 17.270709] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.270944] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.271174] page dumped because: kasan: bad access detected [ 17.271348] [ 17.271418] Memory state around the buggy address: [ 17.271652] ffff8881025ccb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.271975] ffff8881025ccb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.272310] >ffff8881025ccc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.272643] ^ [ 17.272939] ffff8881025ccc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.273158] ffff8881025ccd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.273473] ================================================================== [ 17.237624] ================================================================== [ 17.237908] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 17.238217] Write of size 121 at addr ffff8881025ccc00 by task kunit_try_catch/302 [ 17.238519] [ 17.238611] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.238653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.238666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.238688] Call Trace: [ 17.238701] <TASK> [ 17.238714] dump_stack_lvl+0x73/0xb0 [ 17.238742] print_report+0xd1/0x610 [ 17.238764] ? __virt_addr_valid+0x1db/0x2d0 [ 17.238787] ? copy_user_test_oob+0x557/0x10f0 [ 17.238811] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.238834] ? copy_user_test_oob+0x557/0x10f0 [ 17.238859] kasan_report+0x141/0x180 [ 17.238881] ? copy_user_test_oob+0x557/0x10f0 [ 17.238910] kasan_check_range+0x10c/0x1c0 [ 17.238935] __kasan_check_write+0x18/0x20 [ 17.238955] copy_user_test_oob+0x557/0x10f0 [ 17.238981] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.239006] ? __kasan_check_write+0x18/0x20 [ 17.239026] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.239065] ? irqentry_exit+0x2a/0x60 [ 17.239089] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.239116] ? trace_hardirqs_on+0x37/0xe0 [ 17.239140] ? __pfx_read_tsc+0x10/0x10 [ 17.239162] ? ktime_get_ts64+0x86/0x230 [ 17.239186] kunit_try_run_case+0x1a5/0x480 [ 17.239213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.239239] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.239265] ? __kthread_parkme+0x82/0x180 [ 17.239287] ? preempt_count_sub+0x50/0x80 [ 17.239312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.239339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.239365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.239393] kthread+0x337/0x6f0 [ 17.239422] ? trace_preempt_on+0x20/0xc0 [ 17.239445] ? __pfx_kthread+0x10/0x10 [ 17.239467] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.239491] ? calculate_sigpending+0x7b/0xa0 [ 17.239516] ? __pfx_kthread+0x10/0x10 [ 17.239539] ret_from_fork+0x116/0x1d0 [ 17.239570] ? __pfx_kthread+0x10/0x10 [ 17.239592] ret_from_fork_asm+0x1a/0x30 [ 17.239625] </TASK> [ 17.239635] [ 17.247557] Allocated by task 302: [ 17.247742] kasan_save_stack+0x45/0x70 [ 17.247941] kasan_save_track+0x18/0x40 [ 17.248130] kasan_save_alloc_info+0x3b/0x50 [ 17.248313] __kasan_kmalloc+0xb7/0xc0 [ 17.248537] __kmalloc_noprof+0x1c9/0x500 [ 17.248747] kunit_kmalloc_array+0x25/0x60 [ 17.248894] copy_user_test_oob+0xab/0x10f0 [ 17.249042] kunit_try_run_case+0x1a5/0x480 [ 17.249188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.249365] kthread+0x337/0x6f0 [ 17.249527] ret_from_fork+0x116/0x1d0 [ 17.249722] ret_from_fork_asm+0x1a/0x30 [ 17.249919] [ 17.250019] The buggy address belongs to the object at ffff8881025ccc00 [ 17.250019] which belongs to the cache kmalloc-128 of size 128 [ 17.250572] The buggy address is located 0 bytes inside of [ 17.250572] allocated 120-byte region [ffff8881025ccc00, ffff8881025ccc78) [ 17.250925] [ 17.250996] The buggy address belongs to the physical page: [ 17.251166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 17.251403] flags: 0x200000000000000(node=0|zone=2) [ 17.251725] page_type: f5(slab) [ 17.251896] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.252243] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.252790] page dumped because: kasan: bad access detected [ 17.253056] [ 17.253156] Memory state around the buggy address: [ 17.253340] ffff8881025ccb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.253782] ffff8881025ccb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.254078] >ffff8881025ccc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.254357] ^ [ 17.254694] ffff8881025ccc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.254983] ffff8881025ccd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.255255] ================================================================== [ 17.201515] ================================================================== [ 17.202053] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 17.202370] Write of size 121 at addr ffff8881025ccc00 by task kunit_try_catch/302 [ 17.202734] [ 17.202852] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.202895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.202908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.202933] Call Trace: [ 17.202947] <TASK> [ 17.202964] dump_stack_lvl+0x73/0xb0 [ 17.202996] print_report+0xd1/0x610 [ 17.203019] ? __virt_addr_valid+0x1db/0x2d0 [ 17.203044] ? copy_user_test_oob+0x3fd/0x10f0 [ 17.203071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.203096] ? copy_user_test_oob+0x3fd/0x10f0 [ 17.203123] kasan_report+0x141/0x180 [ 17.203148] ? copy_user_test_oob+0x3fd/0x10f0 [ 17.203178] kasan_check_range+0x10c/0x1c0 [ 17.203204] __kasan_check_write+0x18/0x20 [ 17.203226] copy_user_test_oob+0x3fd/0x10f0 [ 17.203253] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.203281] ? __kasan_check_write+0x18/0x20 [ 17.203313] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.203339] ? irqentry_exit+0x2a/0x60 [ 17.203362] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.203388] ? trace_hardirqs_on+0x37/0xe0 [ 17.203412] ? __pfx_read_tsc+0x10/0x10 [ 17.203435] ? ktime_get_ts64+0x86/0x230 [ 17.203460] kunit_try_run_case+0x1a5/0x480 [ 17.203487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.203514] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.203547] ? __kthread_parkme+0x82/0x180 [ 17.203581] ? preempt_count_sub+0x50/0x80 [ 17.203606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.203632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.203659] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.203686] kthread+0x337/0x6f0 [ 17.203714] ? trace_preempt_on+0x20/0xc0 [ 17.203738] ? __pfx_kthread+0x10/0x10 [ 17.203759] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.203783] ? calculate_sigpending+0x7b/0xa0 [ 17.203809] ? __pfx_kthread+0x10/0x10 [ 17.203831] ret_from_fork+0x116/0x1d0 [ 17.203852] ? __pfx_kthread+0x10/0x10 [ 17.203873] ret_from_fork_asm+0x1a/0x30 [ 17.203905] </TASK> [ 17.203916] [ 17.211009] Allocated by task 302: [ 17.211204] kasan_save_stack+0x45/0x70 [ 17.211408] kasan_save_track+0x18/0x40 [ 17.211624] kasan_save_alloc_info+0x3b/0x50 [ 17.211839] __kasan_kmalloc+0xb7/0xc0 [ 17.212031] __kmalloc_noprof+0x1c9/0x500 [ 17.212248] kunit_kmalloc_array+0x25/0x60 [ 17.212505] copy_user_test_oob+0xab/0x10f0 [ 17.212729] kunit_try_run_case+0x1a5/0x480 [ 17.212909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.213140] kthread+0x337/0x6f0 [ 17.213261] ret_from_fork+0x116/0x1d0 [ 17.213490] ret_from_fork_asm+0x1a/0x30 [ 17.213704] [ 17.213800] The buggy address belongs to the object at ffff8881025ccc00 [ 17.213800] which belongs to the cache kmalloc-128 of size 128 [ 17.214290] The buggy address is located 0 bytes inside of [ 17.214290] allocated 120-byte region [ffff8881025ccc00, ffff8881025ccc78) [ 17.214811] [ 17.214886] The buggy address belongs to the physical page: [ 17.215130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 17.215422] flags: 0x200000000000000(node=0|zone=2) [ 17.215666] page_type: f5(slab) [ 17.215827] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.216097] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.216442] page dumped because: kasan: bad access detected [ 17.216689] [ 17.216781] Memory state around the buggy address: [ 17.216969] ffff8881025ccb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.217229] ffff8881025ccb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.217640] >ffff8881025ccc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.217911] ^ [ 17.218174] ffff8881025ccc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.218508] ffff8881025ccd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.218820] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 17.178521] ================================================================== [ 17.178860] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 17.179146] Read of size 121 at addr ffff8881025ccc00 by task kunit_try_catch/302 [ 17.179372] [ 17.179523] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.179578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.179592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.179614] Call Trace: [ 17.179629] <TASK> [ 17.179644] dump_stack_lvl+0x73/0xb0 [ 17.179673] print_report+0xd1/0x610 [ 17.179696] ? __virt_addr_valid+0x1db/0x2d0 [ 17.179721] ? _copy_to_user+0x3c/0x70 [ 17.179741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.179767] ? _copy_to_user+0x3c/0x70 [ 17.179788] kasan_report+0x141/0x180 [ 17.179811] ? _copy_to_user+0x3c/0x70 [ 17.179836] kasan_check_range+0x10c/0x1c0 [ 17.179862] __kasan_check_read+0x15/0x20 [ 17.179883] _copy_to_user+0x3c/0x70 [ 17.179904] copy_user_test_oob+0x364/0x10f0 [ 17.179931] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.179959] ? __kasan_check_write+0x18/0x20 [ 17.179980] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.180006] ? irqentry_exit+0x2a/0x60 [ 17.180028] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.180055] ? trace_hardirqs_on+0x37/0xe0 [ 17.180085] ? __pfx_read_tsc+0x10/0x10 [ 17.180106] ? ktime_get_ts64+0x86/0x230 [ 17.180131] kunit_try_run_case+0x1a5/0x480 [ 17.180157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.180184] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.180209] ? __kthread_parkme+0x82/0x180 [ 17.180230] ? preempt_count_sub+0x50/0x80 [ 17.180255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.180282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.180308] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.180335] kthread+0x337/0x6f0 [ 17.180355] ? trace_preempt_on+0x20/0xc0 [ 17.180380] ? __pfx_kthread+0x10/0x10 [ 17.180402] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.180439] ? calculate_sigpending+0x7b/0xa0 [ 17.180464] ? __pfx_kthread+0x10/0x10 [ 17.180487] ret_from_fork+0x116/0x1d0 [ 17.180507] ? __pfx_kthread+0x10/0x10 [ 17.180529] ret_from_fork_asm+0x1a/0x30 [ 17.180571] </TASK> [ 17.180582] [ 17.187858] Allocated by task 302: [ 17.188038] kasan_save_stack+0x45/0x70 [ 17.188227] kasan_save_track+0x18/0x40 [ 17.188400] kasan_save_alloc_info+0x3b/0x50 [ 17.188620] __kasan_kmalloc+0xb7/0xc0 [ 17.188803] __kmalloc_noprof+0x1c9/0x500 [ 17.188971] kunit_kmalloc_array+0x25/0x60 [ 17.189182] copy_user_test_oob+0xab/0x10f0 [ 17.189358] kunit_try_run_case+0x1a5/0x480 [ 17.189630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.189847] kthread+0x337/0x6f0 [ 17.189994] ret_from_fork+0x116/0x1d0 [ 17.190164] ret_from_fork_asm+0x1a/0x30 [ 17.190354] [ 17.190427] The buggy address belongs to the object at ffff8881025ccc00 [ 17.190427] which belongs to the cache kmalloc-128 of size 128 [ 17.190799] The buggy address is located 0 bytes inside of [ 17.190799] allocated 120-byte region [ffff8881025ccc00, ffff8881025ccc78) [ 17.191273] [ 17.191423] The buggy address belongs to the physical page: [ 17.191682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 17.192030] flags: 0x200000000000000(node=0|zone=2) [ 17.192201] page_type: f5(slab) [ 17.192323] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.192945] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.193242] page dumped because: kasan: bad access detected [ 17.193507] [ 17.193587] Memory state around the buggy address: [ 17.193744] ffff8881025ccb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.194061] ffff8881025ccb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.194375] >ffff8881025ccc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.194702] ^ [ 17.194961] ffff8881025ccc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.195246] ffff8881025ccd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.195543] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 17.156999] ================================================================== [ 17.157663] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 17.157950] Write of size 121 at addr ffff8881025ccc00 by task kunit_try_catch/302 [ 17.158247] [ 17.158371] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.158435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.158449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.158474] Call Trace: [ 17.158489] <TASK> [ 17.158531] dump_stack_lvl+0x73/0xb0 [ 17.158577] print_report+0xd1/0x610 [ 17.158622] ? __virt_addr_valid+0x1db/0x2d0 [ 17.158647] ? _copy_from_user+0x32/0x90 [ 17.158668] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.158694] ? _copy_from_user+0x32/0x90 [ 17.158715] kasan_report+0x141/0x180 [ 17.158739] ? _copy_from_user+0x32/0x90 [ 17.158764] kasan_check_range+0x10c/0x1c0 [ 17.158790] __kasan_check_write+0x18/0x20 [ 17.158812] _copy_from_user+0x32/0x90 [ 17.158833] copy_user_test_oob+0x2be/0x10f0 [ 17.158862] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.158889] ? __kasan_check_write+0x18/0x20 [ 17.158911] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.158938] ? irqentry_exit+0x2a/0x60 [ 17.158980] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.159010] ? trace_hardirqs_on+0x37/0xe0 [ 17.159036] ? __pfx_read_tsc+0x10/0x10 [ 17.159059] ? ktime_get_ts64+0x86/0x230 [ 17.159088] kunit_try_run_case+0x1a5/0x480 [ 17.159114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.159141] ? queued_spin_lock_slowpath+0x116/0xb40 [ 17.159168] ? __kthread_parkme+0x82/0x180 [ 17.159191] ? preempt_count_sub+0x50/0x80 [ 17.159217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.159243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.159271] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.159298] kthread+0x337/0x6f0 [ 17.159319] ? trace_preempt_on+0x20/0xc0 [ 17.159342] ? __pfx_kthread+0x10/0x10 [ 17.159365] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.159389] ? calculate_sigpending+0x7b/0xa0 [ 17.159425] ? __pfx_kthread+0x10/0x10 [ 17.159448] ret_from_fork+0x116/0x1d0 [ 17.159468] ? __pfx_kthread+0x10/0x10 [ 17.159490] ret_from_fork_asm+0x1a/0x30 [ 17.159523] </TASK> [ 17.159536] [ 17.167100] Allocated by task 302: [ 17.167230] kasan_save_stack+0x45/0x70 [ 17.167422] kasan_save_track+0x18/0x40 [ 17.167626] kasan_save_alloc_info+0x3b/0x50 [ 17.167863] __kasan_kmalloc+0xb7/0xc0 [ 17.168028] __kmalloc_noprof+0x1c9/0x500 [ 17.168174] kunit_kmalloc_array+0x25/0x60 [ 17.168320] copy_user_test_oob+0xab/0x10f0 [ 17.168502] kunit_try_run_case+0x1a5/0x480 [ 17.168724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.168989] kthread+0x337/0x6f0 [ 17.169298] ret_from_fork+0x116/0x1d0 [ 17.169438] ret_from_fork_asm+0x1a/0x30 [ 17.169593] [ 17.169728] The buggy address belongs to the object at ffff8881025ccc00 [ 17.169728] which belongs to the cache kmalloc-128 of size 128 [ 17.170244] The buggy address is located 0 bytes inside of [ 17.170244] allocated 120-byte region [ffff8881025ccc00, ffff8881025ccc78) [ 17.170876] [ 17.170952] The buggy address belongs to the physical page: [ 17.171190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 17.171588] flags: 0x200000000000000(node=0|zone=2) [ 17.171757] page_type: f5(slab) [ 17.171881] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.172133] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.172542] page dumped because: kasan: bad access detected [ 17.172833] [ 17.172930] Memory state around the buggy address: [ 17.173161] ffff8881025ccb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.173396] ffff8881025ccb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.173723] >ffff8881025ccc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.174104] ^ [ 17.174355] ffff8881025ccc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.174847] ffff8881025ccd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.175206] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 17.118835] ================================================================== [ 17.119188] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 17.119706] Write of size 8 at addr ffff8881039b9578 by task kunit_try_catch/298 [ 17.119942] [ 17.120052] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.120129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.120142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.120162] Call Trace: [ 17.120176] <TASK> [ 17.120192] dump_stack_lvl+0x73/0xb0 [ 17.120221] print_report+0xd1/0x610 [ 17.120299] ? __virt_addr_valid+0x1db/0x2d0 [ 17.120324] ? copy_to_kernel_nofault+0x99/0x260 [ 17.120350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.120376] ? copy_to_kernel_nofault+0x99/0x260 [ 17.120402] kasan_report+0x141/0x180 [ 17.120425] ? copy_to_kernel_nofault+0x99/0x260 [ 17.120455] kasan_check_range+0x10c/0x1c0 [ 17.120480] __kasan_check_write+0x18/0x20 [ 17.120501] copy_to_kernel_nofault+0x99/0x260 [ 17.120600] copy_to_kernel_nofault_oob+0x288/0x560 [ 17.120627] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 17.120653] ? finish_task_switch.isra.0+0x153/0x700 [ 17.120679] ? __schedule+0x10cc/0x2b60 [ 17.120702] ? trace_hardirqs_on+0x37/0xe0 [ 17.120734] ? __pfx_read_tsc+0x10/0x10 [ 17.120756] ? ktime_get_ts64+0x86/0x230 [ 17.120781] kunit_try_run_case+0x1a5/0x480 [ 17.120807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.120831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.120855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.120882] ? __kthread_parkme+0x82/0x180 [ 17.120904] ? preempt_count_sub+0x50/0x80 [ 17.120928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.120977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.121004] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.121031] kthread+0x337/0x6f0 [ 17.121051] ? trace_preempt_on+0x20/0xc0 [ 17.121075] ? __pfx_kthread+0x10/0x10 [ 17.121096] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.121119] ? calculate_sigpending+0x7b/0xa0 [ 17.121144] ? __pfx_kthread+0x10/0x10 [ 17.121186] ret_from_fork+0x116/0x1d0 [ 17.121206] ? __pfx_kthread+0x10/0x10 [ 17.121228] ret_from_fork_asm+0x1a/0x30 [ 17.121259] </TASK> [ 17.121314] [ 17.131912] Allocated by task 298: [ 17.132127] kasan_save_stack+0x45/0x70 [ 17.132387] kasan_save_track+0x18/0x40 [ 17.132533] kasan_save_alloc_info+0x3b/0x50 [ 17.132701] __kasan_kmalloc+0xb7/0xc0 [ 17.132890] __kmalloc_cache_noprof+0x189/0x420 [ 17.133153] copy_to_kernel_nofault_oob+0x12f/0x560 [ 17.133578] kunit_try_run_case+0x1a5/0x480 [ 17.133754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.133933] kthread+0x337/0x6f0 [ 17.134105] ret_from_fork+0x116/0x1d0 [ 17.134567] ret_from_fork_asm+0x1a/0x30 [ 17.134780] [ 17.134860] The buggy address belongs to the object at ffff8881039b9500 [ 17.134860] which belongs to the cache kmalloc-128 of size 128 [ 17.135476] The buggy address is located 0 bytes to the right of [ 17.135476] allocated 120-byte region [ffff8881039b9500, ffff8881039b9578) [ 17.136309] [ 17.136404] The buggy address belongs to the physical page: [ 17.136655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b9 [ 17.136900] flags: 0x200000000000000(node=0|zone=2) [ 17.137159] page_type: f5(slab) [ 17.137461] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.137841] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.138145] page dumped because: kasan: bad access detected [ 17.138329] [ 17.138423] Memory state around the buggy address: [ 17.138843] ffff8881039b9400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.139167] ffff8881039b9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.139428] >ffff8881039b9500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.139857] ^ [ 17.140135] ffff8881039b9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.140591] ffff8881039b9600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.140869] ================================================================== [ 17.098036] ================================================================== [ 17.098769] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 17.099077] Read of size 8 at addr ffff8881039b9578 by task kunit_try_catch/298 [ 17.099560] [ 17.099744] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.099797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.099810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.099834] Call Trace: [ 17.099849] <TASK> [ 17.099867] dump_stack_lvl+0x73/0xb0 [ 17.099902] print_report+0xd1/0x610 [ 17.099928] ? __virt_addr_valid+0x1db/0x2d0 [ 17.099953] ? copy_to_kernel_nofault+0x225/0x260 [ 17.099979] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.100004] ? copy_to_kernel_nofault+0x225/0x260 [ 17.100030] kasan_report+0x141/0x180 [ 17.100053] ? copy_to_kernel_nofault+0x225/0x260 [ 17.100089] __asan_report_load8_noabort+0x18/0x20 [ 17.100117] copy_to_kernel_nofault+0x225/0x260 [ 17.100144] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 17.100170] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 17.100196] ? finish_task_switch.isra.0+0x153/0x700 [ 17.100222] ? __schedule+0x10cc/0x2b60 [ 17.100319] ? trace_hardirqs_on+0x37/0xe0 [ 17.100376] ? __pfx_read_tsc+0x10/0x10 [ 17.100401] ? ktime_get_ts64+0x86/0x230 [ 17.100429] kunit_try_run_case+0x1a5/0x480 [ 17.100456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.100497] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.100524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.100570] ? __kthread_parkme+0x82/0x180 [ 17.100595] ? preempt_count_sub+0x50/0x80 [ 17.100619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.100644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.100671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.100698] kthread+0x337/0x6f0 [ 17.100719] ? trace_preempt_on+0x20/0xc0 [ 17.100742] ? __pfx_kthread+0x10/0x10 [ 17.100764] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.100788] ? calculate_sigpending+0x7b/0xa0 [ 17.100813] ? __pfx_kthread+0x10/0x10 [ 17.100836] ret_from_fork+0x116/0x1d0 [ 17.100856] ? __pfx_kthread+0x10/0x10 [ 17.100878] ret_from_fork_asm+0x1a/0x30 [ 17.100911] </TASK> [ 17.100925] [ 17.109193] Allocated by task 298: [ 17.109411] kasan_save_stack+0x45/0x70 [ 17.109707] kasan_save_track+0x18/0x40 [ 17.110000] kasan_save_alloc_info+0x3b/0x50 [ 17.110201] __kasan_kmalloc+0xb7/0xc0 [ 17.110404] __kmalloc_cache_noprof+0x189/0x420 [ 17.110725] copy_to_kernel_nofault_oob+0x12f/0x560 [ 17.110963] kunit_try_run_case+0x1a5/0x480 [ 17.111165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.111447] kthread+0x337/0x6f0 [ 17.111768] ret_from_fork+0x116/0x1d0 [ 17.111963] ret_from_fork_asm+0x1a/0x30 [ 17.112165] [ 17.112279] The buggy address belongs to the object at ffff8881039b9500 [ 17.112279] which belongs to the cache kmalloc-128 of size 128 [ 17.112734] The buggy address is located 0 bytes to the right of [ 17.112734] allocated 120-byte region [ffff8881039b9500, ffff8881039b9578) [ 17.113395] [ 17.113517] The buggy address belongs to the physical page: [ 17.113785] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b9 [ 17.114163] flags: 0x200000000000000(node=0|zone=2) [ 17.114501] page_type: f5(slab) [ 17.114796] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.115042] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.115378] page dumped because: kasan: bad access detected [ 17.115716] [ 17.115812] Memory state around the buggy address: [ 17.115972] ffff8881039b9400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.116200] ffff8881039b9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.116421] >ffff8881039b9500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.116739] ^ [ 17.117088] ffff8881039b9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.117412] ffff8881039b9600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.117909] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 16.044415] ================================================================== [ 16.044761] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 16.045075] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.045409] [ 16.045533] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.045596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.045610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.045632] Call Trace: [ 16.045648] <TASK> [ 16.045674] dump_stack_lvl+0x73/0xb0 [ 16.045703] print_report+0xd1/0x610 [ 16.045727] ? __virt_addr_valid+0x1db/0x2d0 [ 16.045760] ? kasan_atomics_helper+0xe78/0x5450 [ 16.045783] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.045809] ? kasan_atomics_helper+0xe78/0x5450 [ 16.045842] kasan_report+0x141/0x180 [ 16.045866] ? kasan_atomics_helper+0xe78/0x5450 [ 16.045894] kasan_check_range+0x10c/0x1c0 [ 16.045927] __kasan_check_write+0x18/0x20 [ 16.045949] kasan_atomics_helper+0xe78/0x5450 [ 16.045973] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.046008] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.046034] ? trace_hardirqs_on+0x37/0xe0 [ 16.046066] ? kasan_atomics+0x152/0x310 [ 16.046094] kasan_atomics+0x1dc/0x310 [ 16.046118] ? __pfx_kasan_atomics+0x10/0x10 [ 16.046154] ? __pfx_kasan_atomics+0x10/0x10 [ 16.046182] kunit_try_run_case+0x1a5/0x480 [ 16.046208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.046232] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.046258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.046284] ? __kthread_parkme+0x82/0x180 [ 16.046306] ? preempt_count_sub+0x50/0x80 [ 16.046330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.046356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.046391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.046429] kthread+0x337/0x6f0 [ 16.046450] ? trace_preempt_on+0x20/0xc0 [ 16.046483] ? __pfx_kthread+0x10/0x10 [ 16.046506] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.046529] ? calculate_sigpending+0x7b/0xa0 [ 16.046563] ? __pfx_kthread+0x10/0x10 [ 16.046586] ret_from_fork+0x116/0x1d0 [ 16.046606] ? __pfx_kthread+0x10/0x10 [ 16.046629] ret_from_fork_asm+0x1a/0x30 [ 16.046660] </TASK> [ 16.046672] [ 16.064248] Allocated by task 282: [ 16.064791] kasan_save_stack+0x45/0x70 [ 16.065300] kasan_save_track+0x18/0x40 [ 16.065695] kasan_save_alloc_info+0x3b/0x50 [ 16.066241] __kasan_kmalloc+0xb7/0xc0 [ 16.066444] __kmalloc_cache_noprof+0x189/0x420 [ 16.066860] kasan_atomics+0x95/0x310 [ 16.067321] kunit_try_run_case+0x1a5/0x480 [ 16.067777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.067967] kthread+0x337/0x6f0 [ 16.068101] ret_from_fork+0x116/0x1d0 [ 16.068240] ret_from_fork_asm+0x1a/0x30 [ 16.068383] [ 16.068574] The buggy address belongs to the object at ffff888102a5fe80 [ 16.068574] which belongs to the cache kmalloc-64 of size 64 [ 16.070096] The buggy address is located 0 bytes to the right of [ 16.070096] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.071468] [ 16.071810] The buggy address belongs to the physical page: [ 16.072432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.072948] flags: 0x200000000000000(node=0|zone=2) [ 16.073123] page_type: f5(slab) [ 16.073247] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.073837] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.074701] page dumped because: kasan: bad access detected [ 16.075520] [ 16.075861] Memory state around the buggy address: [ 16.076404] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.077048] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.077534] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.077770] ^ [ 16.077928] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.078144] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.078359] ================================================================== [ 15.983174] ================================================================== [ 15.983746] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.984099] Read of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.984574] [ 15.984696] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.984755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.984768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.984792] Call Trace: [ 15.984816] <TASK> [ 15.984831] dump_stack_lvl+0x73/0xb0 [ 15.984863] print_report+0xd1/0x610 [ 15.984886] ? __virt_addr_valid+0x1db/0x2d0 [ 15.984920] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.984944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.984980] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.985003] kasan_report+0x141/0x180 [ 15.985028] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.985056] __asan_report_load4_noabort+0x18/0x20 [ 15.985083] kasan_atomics_helper+0x4a84/0x5450 [ 15.985108] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.985133] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.985169] ? trace_hardirqs_on+0x37/0xe0 [ 15.985192] ? kasan_atomics+0x152/0x310 [ 15.985230] kasan_atomics+0x1dc/0x310 [ 15.985254] ? __pfx_kasan_atomics+0x10/0x10 [ 15.985280] ? __pfx_kasan_atomics+0x10/0x10 [ 15.985473] kunit_try_run_case+0x1a5/0x480 [ 15.985521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.985547] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.985594] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.985620] ? __kthread_parkme+0x82/0x180 [ 15.985643] ? preempt_count_sub+0x50/0x80 [ 15.985668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.985694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.985721] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.985748] kthread+0x337/0x6f0 [ 15.985769] ? trace_preempt_on+0x20/0xc0 [ 15.985793] ? __pfx_kthread+0x10/0x10 [ 15.985815] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.985838] ? calculate_sigpending+0x7b/0xa0 [ 15.985863] ? __pfx_kthread+0x10/0x10 [ 15.985897] ret_from_fork+0x116/0x1d0 [ 15.985917] ? __pfx_kthread+0x10/0x10 [ 15.985940] ret_from_fork_asm+0x1a/0x30 [ 15.985983] </TASK> [ 15.985995] [ 15.994698] Allocated by task 282: [ 15.994930] kasan_save_stack+0x45/0x70 [ 15.995148] kasan_save_track+0x18/0x40 [ 15.995486] kasan_save_alloc_info+0x3b/0x50 [ 15.995666] __kasan_kmalloc+0xb7/0xc0 [ 15.995883] __kmalloc_cache_noprof+0x189/0x420 [ 15.996140] kasan_atomics+0x95/0x310 [ 15.996379] kunit_try_run_case+0x1a5/0x480 [ 15.996527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.996713] kthread+0x337/0x6f0 [ 15.996881] ret_from_fork+0x116/0x1d0 [ 15.997181] ret_from_fork_asm+0x1a/0x30 [ 15.997366] [ 15.997439] The buggy address belongs to the object at ffff888102a5fe80 [ 15.997439] which belongs to the cache kmalloc-64 of size 64 [ 15.998228] The buggy address is located 0 bytes to the right of [ 15.998228] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.998983] [ 15.999060] The buggy address belongs to the physical page: [ 15.999443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.999826] flags: 0x200000000000000(node=0|zone=2) [ 16.000074] page_type: f5(slab) [ 16.000234] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.000756] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.001075] page dumped because: kasan: bad access detected [ 16.001439] [ 16.001533] Memory state around the buggy address: [ 16.001761] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.002016] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.002244] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.002832] ^ [ 16.003076] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.003464] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.003755] ================================================================== [ 16.282990] ================================================================== [ 16.283796] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 16.284356] Read of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.285177] [ 16.285413] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.285540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.285661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.285686] Call Trace: [ 16.285703] <TASK> [ 16.285733] dump_stack_lvl+0x73/0xb0 [ 16.285765] print_report+0xd1/0x610 [ 16.285795] ? __virt_addr_valid+0x1db/0x2d0 [ 16.285820] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.285843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.285868] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.285892] kasan_report+0x141/0x180 [ 16.285915] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.285943] __asan_report_load4_noabort+0x18/0x20 [ 16.285970] kasan_atomics_helper+0x49e8/0x5450 [ 16.285994] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.286018] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.286045] ? trace_hardirqs_on+0x37/0xe0 [ 16.286069] ? kasan_atomics+0x152/0x310 [ 16.286097] kasan_atomics+0x1dc/0x310 [ 16.286120] ? __pfx_kasan_atomics+0x10/0x10 [ 16.286145] ? __pfx_kasan_atomics+0x10/0x10 [ 16.286173] kunit_try_run_case+0x1a5/0x480 [ 16.286199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.286224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.286250] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.286276] ? __kthread_parkme+0x82/0x180 [ 16.286299] ? preempt_count_sub+0x50/0x80 [ 16.286324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.286350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.286377] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.286404] kthread+0x337/0x6f0 [ 16.286458] ? trace_preempt_on+0x20/0xc0 [ 16.286481] ? __pfx_kthread+0x10/0x10 [ 16.286503] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.286526] ? calculate_sigpending+0x7b/0xa0 [ 16.286562] ? __pfx_kthread+0x10/0x10 [ 16.286585] ret_from_fork+0x116/0x1d0 [ 16.286605] ? __pfx_kthread+0x10/0x10 [ 16.286627] ret_from_fork_asm+0x1a/0x30 [ 16.286659] </TASK> [ 16.286669] [ 16.299062] Allocated by task 282: [ 16.299421] kasan_save_stack+0x45/0x70 [ 16.299632] kasan_save_track+0x18/0x40 [ 16.299811] kasan_save_alloc_info+0x3b/0x50 [ 16.300005] __kasan_kmalloc+0xb7/0xc0 [ 16.300184] __kmalloc_cache_noprof+0x189/0x420 [ 16.300388] kasan_atomics+0x95/0x310 [ 16.301010] kunit_try_run_case+0x1a5/0x480 [ 16.301283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.301753] kthread+0x337/0x6f0 [ 16.302111] ret_from_fork+0x116/0x1d0 [ 16.302427] ret_from_fork_asm+0x1a/0x30 [ 16.302836] [ 16.302942] The buggy address belongs to the object at ffff888102a5fe80 [ 16.302942] which belongs to the cache kmalloc-64 of size 64 [ 16.303402] The buggy address is located 0 bytes to the right of [ 16.303402] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.304157] [ 16.304249] The buggy address belongs to the physical page: [ 16.304803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.305273] flags: 0x200000000000000(node=0|zone=2) [ 16.305706] page_type: f5(slab) [ 16.306001] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.306261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.306766] page dumped because: kasan: bad access detected [ 16.307244] [ 16.307352] Memory state around the buggy address: [ 16.307720] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.307947] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.308175] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.308390] ^ [ 16.308547] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.309228] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.309511] ================================================================== [ 16.918740] ================================================================== [ 16.919829] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.920105] Read of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.920324] [ 16.920410] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.920455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.920469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.920491] Call Trace: [ 16.920506] <TASK> [ 16.920521] dump_stack_lvl+0x73/0xb0 [ 16.920562] print_report+0xd1/0x610 [ 16.920586] ? __virt_addr_valid+0x1db/0x2d0 [ 16.920610] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.920632] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.920679] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.920716] kasan_report+0x141/0x180 [ 16.920753] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.920782] __asan_report_load8_noabort+0x18/0x20 [ 16.920809] kasan_atomics_helper+0x4f98/0x5450 [ 16.920833] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.920858] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.920883] ? trace_hardirqs_on+0x37/0xe0 [ 16.920907] ? kasan_atomics+0x152/0x310 [ 16.920935] kasan_atomics+0x1dc/0x310 [ 16.920959] ? __pfx_kasan_atomics+0x10/0x10 [ 16.920984] ? __pfx_kasan_atomics+0x10/0x10 [ 16.921012] kunit_try_run_case+0x1a5/0x480 [ 16.921052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.921091] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.921117] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.921143] ? __kthread_parkme+0x82/0x180 [ 16.921166] ? preempt_count_sub+0x50/0x80 [ 16.921191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.921217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.921244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.921272] kthread+0x337/0x6f0 [ 16.921292] ? trace_preempt_on+0x20/0xc0 [ 16.921316] ? __pfx_kthread+0x10/0x10 [ 16.921339] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.921363] ? calculate_sigpending+0x7b/0xa0 [ 16.921388] ? __pfx_kthread+0x10/0x10 [ 16.921421] ret_from_fork+0x116/0x1d0 [ 16.921444] ? __pfx_kthread+0x10/0x10 [ 16.921465] ret_from_fork_asm+0x1a/0x30 [ 16.921497] </TASK> [ 16.921508] [ 16.928867] Allocated by task 282: [ 16.929041] kasan_save_stack+0x45/0x70 [ 16.929240] kasan_save_track+0x18/0x40 [ 16.929470] kasan_save_alloc_info+0x3b/0x50 [ 16.929674] __kasan_kmalloc+0xb7/0xc0 [ 16.929874] __kmalloc_cache_noprof+0x189/0x420 [ 16.930117] kasan_atomics+0x95/0x310 [ 16.930306] kunit_try_run_case+0x1a5/0x480 [ 16.930502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.930757] kthread+0x337/0x6f0 [ 16.930925] ret_from_fork+0x116/0x1d0 [ 16.931130] ret_from_fork_asm+0x1a/0x30 [ 16.931357] [ 16.931483] The buggy address belongs to the object at ffff888102a5fe80 [ 16.931483] which belongs to the cache kmalloc-64 of size 64 [ 16.932024] The buggy address is located 0 bytes to the right of [ 16.932024] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.932643] [ 16.932740] The buggy address belongs to the physical page: [ 16.932987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.933320] flags: 0x200000000000000(node=0|zone=2) [ 16.933503] page_type: f5(slab) [ 16.933665] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.934021] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.934351] page dumped because: kasan: bad access detected [ 16.934587] [ 16.934655] Memory state around the buggy address: [ 16.934837] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.935174] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.935540] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.935791] ^ [ 16.936028] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.936333] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.936673] ================================================================== [ 16.548421] ================================================================== [ 16.548825] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 16.549189] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.549562] [ 16.549756] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.549800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.549815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.549836] Call Trace: [ 16.549850] <TASK> [ 16.549866] dump_stack_lvl+0x73/0xb0 [ 16.549894] print_report+0xd1/0x610 [ 16.549917] ? __virt_addr_valid+0x1db/0x2d0 [ 16.549941] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.549964] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.549990] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.550035] kasan_report+0x141/0x180 [ 16.550059] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.550087] kasan_check_range+0x10c/0x1c0 [ 16.550113] __kasan_check_write+0x18/0x20 [ 16.550134] kasan_atomics_helper+0x16e7/0x5450 [ 16.550159] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.550183] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.550210] ? trace_hardirqs_on+0x37/0xe0 [ 16.550233] ? kasan_atomics+0x152/0x310 [ 16.550260] kasan_atomics+0x1dc/0x310 [ 16.550284] ? __pfx_kasan_atomics+0x10/0x10 [ 16.550309] ? __pfx_kasan_atomics+0x10/0x10 [ 16.550337] kunit_try_run_case+0x1a5/0x480 [ 16.550363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.550387] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.550413] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.550439] ? __kthread_parkme+0x82/0x180 [ 16.550460] ? preempt_count_sub+0x50/0x80 [ 16.550486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.550538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.550576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.550603] kthread+0x337/0x6f0 [ 16.550624] ? trace_preempt_on+0x20/0xc0 [ 16.550649] ? __pfx_kthread+0x10/0x10 [ 16.550671] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.550694] ? calculate_sigpending+0x7b/0xa0 [ 16.550719] ? __pfx_kthread+0x10/0x10 [ 16.550742] ret_from_fork+0x116/0x1d0 [ 16.550762] ? __pfx_kthread+0x10/0x10 [ 16.550784] ret_from_fork_asm+0x1a/0x30 [ 16.550816] </TASK> [ 16.550827] [ 16.558583] Allocated by task 282: [ 16.558864] kasan_save_stack+0x45/0x70 [ 16.559053] kasan_save_track+0x18/0x40 [ 16.559229] kasan_save_alloc_info+0x3b/0x50 [ 16.559471] __kasan_kmalloc+0xb7/0xc0 [ 16.559626] __kmalloc_cache_noprof+0x189/0x420 [ 16.559845] kasan_atomics+0x95/0x310 [ 16.560034] kunit_try_run_case+0x1a5/0x480 [ 16.560259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.560523] kthread+0x337/0x6f0 [ 16.560676] ret_from_fork+0x116/0x1d0 [ 16.560886] ret_from_fork_asm+0x1a/0x30 [ 16.561052] [ 16.561154] The buggy address belongs to the object at ffff888102a5fe80 [ 16.561154] which belongs to the cache kmalloc-64 of size 64 [ 16.561618] The buggy address is located 0 bytes to the right of [ 16.561618] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.561975] [ 16.562044] The buggy address belongs to the physical page: [ 16.562280] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.562648] flags: 0x200000000000000(node=0|zone=2) [ 16.562879] page_type: f5(slab) [ 16.563067] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.563517] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.563744] page dumped because: kasan: bad access detected [ 16.563922] [ 16.564019] Memory state around the buggy address: [ 16.564274] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.564629] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.565026] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.565262] ^ [ 16.565426] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.565783] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.566095] ================================================================== [ 15.882041] ================================================================== [ 15.882452] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.882690] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.883129] [ 15.883224] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.883323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.883337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.883371] Call Trace: [ 15.883387] <TASK> [ 15.883403] dump_stack_lvl+0x73/0xb0 [ 15.883453] print_report+0xd1/0x610 [ 15.883476] ? __virt_addr_valid+0x1db/0x2d0 [ 15.883507] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.883531] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.883574] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.883598] kasan_report+0x141/0x180 [ 15.883621] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.883649] kasan_check_range+0x10c/0x1c0 [ 15.883674] __kasan_check_write+0x18/0x20 [ 15.883696] kasan_atomics_helper+0xa2b/0x5450 [ 15.883720] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.883745] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.883780] ? trace_hardirqs_on+0x37/0xe0 [ 15.883804] ? kasan_atomics+0x152/0x310 [ 15.883842] kasan_atomics+0x1dc/0x310 [ 15.883866] ? __pfx_kasan_atomics+0x10/0x10 [ 15.883892] ? __pfx_kasan_atomics+0x10/0x10 [ 15.883919] kunit_try_run_case+0x1a5/0x480 [ 15.883945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.883971] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.883996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.884022] ? __kthread_parkme+0x82/0x180 [ 15.884044] ? preempt_count_sub+0x50/0x80 [ 15.884077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.884104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.884130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.884157] kthread+0x337/0x6f0 [ 15.884177] ? trace_preempt_on+0x20/0xc0 [ 15.884201] ? __pfx_kthread+0x10/0x10 [ 15.884222] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.884426] ? calculate_sigpending+0x7b/0xa0 [ 15.884463] ? __pfx_kthread+0x10/0x10 [ 15.884486] ret_from_fork+0x116/0x1d0 [ 15.884520] ? __pfx_kthread+0x10/0x10 [ 15.884542] ret_from_fork_asm+0x1a/0x30 [ 15.884583] </TASK> [ 15.884594] [ 15.894235] Allocated by task 282: [ 15.894371] kasan_save_stack+0x45/0x70 [ 15.894518] kasan_save_track+0x18/0x40 [ 15.895023] kasan_save_alloc_info+0x3b/0x50 [ 15.895573] __kasan_kmalloc+0xb7/0xc0 [ 15.895933] __kmalloc_cache_noprof+0x189/0x420 [ 15.896527] kasan_atomics+0x95/0x310 [ 15.896998] kunit_try_run_case+0x1a5/0x480 [ 15.897447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.897999] kthread+0x337/0x6f0 [ 15.898512] ret_from_fork+0x116/0x1d0 [ 15.899084] ret_from_fork_asm+0x1a/0x30 [ 15.899597] [ 15.899789] The buggy address belongs to the object at ffff888102a5fe80 [ 15.899789] which belongs to the cache kmalloc-64 of size 64 [ 15.900912] The buggy address is located 0 bytes to the right of [ 15.900912] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.901959] [ 15.902123] The buggy address belongs to the physical page: [ 15.902659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.902909] flags: 0x200000000000000(node=0|zone=2) [ 15.903076] page_type: f5(slab) [ 15.903199] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.903989] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.904897] page dumped because: kasan: bad access detected [ 15.905488] [ 15.905664] Memory state around the buggy address: [ 15.906098] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.906880] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.907696] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.908102] ^ [ 15.908411] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.909124] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.909837] ================================================================== [ 16.079495] ================================================================== [ 16.080148] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 16.080811] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.081505] [ 16.081718] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.081766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.081779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.081815] Call Trace: [ 16.081832] <TASK> [ 16.081848] dump_stack_lvl+0x73/0xb0 [ 16.081878] print_report+0xd1/0x610 [ 16.081901] ? __virt_addr_valid+0x1db/0x2d0 [ 16.081925] ? kasan_atomics_helper+0xf10/0x5450 [ 16.081957] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.081982] ? kasan_atomics_helper+0xf10/0x5450 [ 16.082005] kasan_report+0x141/0x180 [ 16.082039] ? kasan_atomics_helper+0xf10/0x5450 [ 16.082067] kasan_check_range+0x10c/0x1c0 [ 16.082092] __kasan_check_write+0x18/0x20 [ 16.082113] kasan_atomics_helper+0xf10/0x5450 [ 16.082137] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.082162] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.082188] ? trace_hardirqs_on+0x37/0xe0 [ 16.082211] ? kasan_atomics+0x152/0x310 [ 16.082239] kasan_atomics+0x1dc/0x310 [ 16.082262] ? __pfx_kasan_atomics+0x10/0x10 [ 16.082286] ? __pfx_kasan_atomics+0x10/0x10 [ 16.082315] kunit_try_run_case+0x1a5/0x480 [ 16.082339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.082364] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.082389] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.082431] ? __kthread_parkme+0x82/0x180 [ 16.082454] ? preempt_count_sub+0x50/0x80 [ 16.082479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.082506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.082533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.082569] kthread+0x337/0x6f0 [ 16.082589] ? trace_preempt_on+0x20/0xc0 [ 16.082613] ? __pfx_kthread+0x10/0x10 [ 16.082634] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.082657] ? calculate_sigpending+0x7b/0xa0 [ 16.082683] ? __pfx_kthread+0x10/0x10 [ 16.082705] ret_from_fork+0x116/0x1d0 [ 16.082726] ? __pfx_kthread+0x10/0x10 [ 16.082747] ret_from_fork_asm+0x1a/0x30 [ 16.082780] </TASK> [ 16.082791] [ 16.096577] Allocated by task 282: [ 16.096827] kasan_save_stack+0x45/0x70 [ 16.097124] kasan_save_track+0x18/0x40 [ 16.097263] kasan_save_alloc_info+0x3b/0x50 [ 16.097433] __kasan_kmalloc+0xb7/0xc0 [ 16.097807] __kmalloc_cache_noprof+0x189/0x420 [ 16.098233] kasan_atomics+0x95/0x310 [ 16.098683] kunit_try_run_case+0x1a5/0x480 [ 16.099075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.099600] kthread+0x337/0x6f0 [ 16.099833] ret_from_fork+0x116/0x1d0 [ 16.099969] ret_from_fork_asm+0x1a/0x30 [ 16.100116] [ 16.100190] The buggy address belongs to the object at ffff888102a5fe80 [ 16.100190] which belongs to the cache kmalloc-64 of size 64 [ 16.100806] The buggy address is located 0 bytes to the right of [ 16.100806] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.102128] [ 16.102316] The buggy address belongs to the physical page: [ 16.102839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.103535] flags: 0x200000000000000(node=0|zone=2) [ 16.103984] page_type: f5(slab) [ 16.104298] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.104914] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.105145] page dumped because: kasan: bad access detected [ 16.105318] [ 16.105391] Memory state around the buggy address: [ 16.105918] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.106434] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.107037] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.107259] ^ [ 16.107433] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.108082] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.108777] ================================================================== [ 15.611957] ================================================================== [ 15.612369] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.612775] Read of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.613061] [ 15.613146] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.613189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.613202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.613223] Call Trace: [ 15.613240] <TASK> [ 15.613256] dump_stack_lvl+0x73/0xb0 [ 15.613285] print_report+0xd1/0x610 [ 15.613309] ? __virt_addr_valid+0x1db/0x2d0 [ 15.613333] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.613356] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.613382] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.613406] kasan_report+0x141/0x180 [ 15.613505] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.613536] __asan_report_load4_noabort+0x18/0x20 [ 15.613577] kasan_atomics_helper+0x4b54/0x5450 [ 15.613602] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.613627] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.613654] ? trace_hardirqs_on+0x37/0xe0 [ 15.613678] ? kasan_atomics+0x152/0x310 [ 15.613706] kasan_atomics+0x1dc/0x310 [ 15.613729] ? __pfx_kasan_atomics+0x10/0x10 [ 15.613754] ? __pfx_kasan_atomics+0x10/0x10 [ 15.613783] kunit_try_run_case+0x1a5/0x480 [ 15.613810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.613834] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.613860] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.613886] ? __kthread_parkme+0x82/0x180 [ 15.613908] ? preempt_count_sub+0x50/0x80 [ 15.613934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.613961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.613988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.614016] kthread+0x337/0x6f0 [ 15.614038] ? trace_preempt_on+0x20/0xc0 [ 15.614063] ? __pfx_kthread+0x10/0x10 [ 15.614086] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.614110] ? calculate_sigpending+0x7b/0xa0 [ 15.614136] ? __pfx_kthread+0x10/0x10 [ 15.614159] ret_from_fork+0x116/0x1d0 [ 15.614179] ? __pfx_kthread+0x10/0x10 [ 15.614201] ret_from_fork_asm+0x1a/0x30 [ 15.614234] </TASK> [ 15.614245] [ 15.622124] Allocated by task 282: [ 15.622259] kasan_save_stack+0x45/0x70 [ 15.622679] kasan_save_track+0x18/0x40 [ 15.622894] kasan_save_alloc_info+0x3b/0x50 [ 15.623106] __kasan_kmalloc+0xb7/0xc0 [ 15.623395] __kmalloc_cache_noprof+0x189/0x420 [ 15.623628] kasan_atomics+0x95/0x310 [ 15.623768] kunit_try_run_case+0x1a5/0x480 [ 15.623918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.624103] kthread+0x337/0x6f0 [ 15.624226] ret_from_fork+0x116/0x1d0 [ 15.624419] ret_from_fork_asm+0x1a/0x30 [ 15.624630] [ 15.624728] The buggy address belongs to the object at ffff888102a5fe80 [ 15.624728] which belongs to the cache kmalloc-64 of size 64 [ 15.625261] The buggy address is located 0 bytes to the right of [ 15.625261] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.625897] [ 15.625975] The buggy address belongs to the physical page: [ 15.626149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.626835] flags: 0x200000000000000(node=0|zone=2) [ 15.627378] page_type: f5(slab) [ 15.627562] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.627870] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.628106] page dumped because: kasan: bad access detected [ 15.628302] [ 15.628398] Memory state around the buggy address: [ 15.628635] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.628966] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.629355] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.629664] ^ [ 15.629883] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.630159] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.631407] ================================================================== [ 16.504358] ================================================================== [ 16.505008] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 16.505702] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.506324] [ 16.506534] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.506589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.506602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.506624] Call Trace: [ 16.506641] <TASK> [ 16.506656] dump_stack_lvl+0x73/0xb0 [ 16.506685] print_report+0xd1/0x610 [ 16.506708] ? __virt_addr_valid+0x1db/0x2d0 [ 16.506732] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.506755] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.506780] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.506803] kasan_report+0x141/0x180 [ 16.506826] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.506854] kasan_check_range+0x10c/0x1c0 [ 16.506879] __kasan_check_write+0x18/0x20 [ 16.506900] kasan_atomics_helper+0x15b6/0x5450 [ 16.506924] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.506949] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.506975] ? trace_hardirqs_on+0x37/0xe0 [ 16.506998] ? kasan_atomics+0x152/0x310 [ 16.507026] kasan_atomics+0x1dc/0x310 [ 16.507050] ? __pfx_kasan_atomics+0x10/0x10 [ 16.507075] ? __pfx_kasan_atomics+0x10/0x10 [ 16.507103] kunit_try_run_case+0x1a5/0x480 [ 16.507127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.507153] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.507179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.507205] ? __kthread_parkme+0x82/0x180 [ 16.507227] ? preempt_count_sub+0x50/0x80 [ 16.507251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.507278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.507306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.507332] kthread+0x337/0x6f0 [ 16.507354] ? trace_preempt_on+0x20/0xc0 [ 16.507377] ? __pfx_kthread+0x10/0x10 [ 16.507406] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.507430] ? calculate_sigpending+0x7b/0xa0 [ 16.507455] ? __pfx_kthread+0x10/0x10 [ 16.507477] ret_from_fork+0x116/0x1d0 [ 16.507498] ? __pfx_kthread+0x10/0x10 [ 16.507520] ret_from_fork_asm+0x1a/0x30 [ 16.507560] </TASK> [ 16.507571] [ 16.519230] Allocated by task 282: [ 16.519578] kasan_save_stack+0x45/0x70 [ 16.519924] kasan_save_track+0x18/0x40 [ 16.520272] kasan_save_alloc_info+0x3b/0x50 [ 16.520746] __kasan_kmalloc+0xb7/0xc0 [ 16.521109] __kmalloc_cache_noprof+0x189/0x420 [ 16.521649] kasan_atomics+0x95/0x310 [ 16.522004] kunit_try_run_case+0x1a5/0x480 [ 16.522392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.522671] kthread+0x337/0x6f0 [ 16.522795] ret_from_fork+0x116/0x1d0 [ 16.522929] ret_from_fork_asm+0x1a/0x30 [ 16.523072] [ 16.523145] The buggy address belongs to the object at ffff888102a5fe80 [ 16.523145] which belongs to the cache kmalloc-64 of size 64 [ 16.523673] The buggy address is located 0 bytes to the right of [ 16.523673] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.524777] [ 16.524950] The buggy address belongs to the physical page: [ 16.525448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.526140] flags: 0x200000000000000(node=0|zone=2) [ 16.526632] page_type: f5(slab) [ 16.526996] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.527722] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.528370] page dumped because: kasan: bad access detected [ 16.528686] [ 16.528758] Memory state around the buggy address: [ 16.528913] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.529131] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.529345] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.529575] ^ [ 16.529841] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.530165] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.530440] ================================================================== [ 15.862445] ================================================================== [ 15.862795] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.863092] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.863417] [ 15.863500] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.863543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.863567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.863588] Call Trace: [ 15.863618] <TASK> [ 15.863645] dump_stack_lvl+0x73/0xb0 [ 15.863674] print_report+0xd1/0x610 [ 15.863697] ? __virt_addr_valid+0x1db/0x2d0 [ 15.863792] ? kasan_atomics_helper+0x992/0x5450 [ 15.863817] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.863842] ? kasan_atomics_helper+0x992/0x5450 [ 15.863865] kasan_report+0x141/0x180 [ 15.863899] ? kasan_atomics_helper+0x992/0x5450 [ 15.863926] kasan_check_range+0x10c/0x1c0 [ 15.863962] __kasan_check_write+0x18/0x20 [ 15.863983] kasan_atomics_helper+0x992/0x5450 [ 15.864007] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.864031] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.864064] ? trace_hardirqs_on+0x37/0xe0 [ 15.864091] ? kasan_atomics+0x152/0x310 [ 15.864120] kasan_atomics+0x1dc/0x310 [ 15.864144] ? __pfx_kasan_atomics+0x10/0x10 [ 15.864169] ? __pfx_kasan_atomics+0x10/0x10 [ 15.864207] kunit_try_run_case+0x1a5/0x480 [ 15.864234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.864293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.864319] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.864345] ? __kthread_parkme+0x82/0x180 [ 15.864369] ? preempt_count_sub+0x50/0x80 [ 15.864396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.864591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.864624] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.864652] kthread+0x337/0x6f0 [ 15.864673] ? trace_preempt_on+0x20/0xc0 [ 15.864817] ? __pfx_kthread+0x10/0x10 [ 15.864846] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.864871] ? calculate_sigpending+0x7b/0xa0 [ 15.864898] ? __pfx_kthread+0x10/0x10 [ 15.864921] ret_from_fork+0x116/0x1d0 [ 15.864943] ? __pfx_kthread+0x10/0x10 [ 15.864965] ret_from_fork_asm+0x1a/0x30 [ 15.864998] </TASK> [ 15.865009] [ 15.873058] Allocated by task 282: [ 15.873351] kasan_save_stack+0x45/0x70 [ 15.873755] kasan_save_track+0x18/0x40 [ 15.874035] kasan_save_alloc_info+0x3b/0x50 [ 15.874334] __kasan_kmalloc+0xb7/0xc0 [ 15.874600] __kmalloc_cache_noprof+0x189/0x420 [ 15.874793] kasan_atomics+0x95/0x310 [ 15.874929] kunit_try_run_case+0x1a5/0x480 [ 15.875078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.875259] kthread+0x337/0x6f0 [ 15.875382] ret_from_fork+0x116/0x1d0 [ 15.875520] ret_from_fork_asm+0x1a/0x30 [ 15.875671] [ 15.875745] The buggy address belongs to the object at ffff888102a5fe80 [ 15.875745] which belongs to the cache kmalloc-64 of size 64 [ 15.876107] The buggy address is located 0 bytes to the right of [ 15.876107] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.876865] [ 15.876957] The buggy address belongs to the physical page: [ 15.877222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.877544] flags: 0x200000000000000(node=0|zone=2) [ 15.877724] page_type: f5(slab) [ 15.877846] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.878082] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.878589] page dumped because: kasan: bad access detected [ 15.878853] [ 15.878946] Memory state around the buggy address: [ 15.879166] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.879451] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.879676] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.879889] ^ [ 15.880406] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.881063] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.881512] ================================================================== [ 16.109719] ================================================================== [ 16.110421] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 16.110807] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.111639] [ 16.111854] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.111901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.111924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.111946] Call Trace: [ 16.111963] <TASK> [ 16.111980] dump_stack_lvl+0x73/0xb0 [ 16.112020] print_report+0xd1/0x610 [ 16.112043] ? __virt_addr_valid+0x1db/0x2d0 [ 16.112083] ? kasan_atomics_helper+0xfa9/0x5450 [ 16.112115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.112141] ? kasan_atomics_helper+0xfa9/0x5450 [ 16.112176] kasan_report+0x141/0x180 [ 16.112199] ? kasan_atomics_helper+0xfa9/0x5450 [ 16.112227] kasan_check_range+0x10c/0x1c0 [ 16.112252] __kasan_check_write+0x18/0x20 [ 16.112273] kasan_atomics_helper+0xfa9/0x5450 [ 16.112297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.112321] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.112348] ? trace_hardirqs_on+0x37/0xe0 [ 16.112372] ? kasan_atomics+0x152/0x310 [ 16.112400] kasan_atomics+0x1dc/0x310 [ 16.112436] ? __pfx_kasan_atomics+0x10/0x10 [ 16.112463] ? __pfx_kasan_atomics+0x10/0x10 [ 16.112491] kunit_try_run_case+0x1a5/0x480 [ 16.112518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.112542] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.112579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.112605] ? __kthread_parkme+0x82/0x180 [ 16.112627] ? preempt_count_sub+0x50/0x80 [ 16.112652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.112677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.112704] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.112732] kthread+0x337/0x6f0 [ 16.112753] ? trace_preempt_on+0x20/0xc0 [ 16.112775] ? __pfx_kthread+0x10/0x10 [ 16.112797] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.112819] ? calculate_sigpending+0x7b/0xa0 [ 16.112845] ? __pfx_kthread+0x10/0x10 [ 16.112867] ret_from_fork+0x116/0x1d0 [ 16.112888] ? __pfx_kthread+0x10/0x10 [ 16.112910] ret_from_fork_asm+0x1a/0x30 [ 16.112942] </TASK> [ 16.112952] [ 16.123680] Allocated by task 282: [ 16.124016] kasan_save_stack+0x45/0x70 [ 16.124403] kasan_save_track+0x18/0x40 [ 16.124780] kasan_save_alloc_info+0x3b/0x50 [ 16.125184] __kasan_kmalloc+0xb7/0xc0 [ 16.125580] __kmalloc_cache_noprof+0x189/0x420 [ 16.126008] kasan_atomics+0x95/0x310 [ 16.126363] kunit_try_run_case+0x1a5/0x480 [ 16.126792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.127286] kthread+0x337/0x6f0 [ 16.127659] ret_from_fork+0x116/0x1d0 [ 16.127942] ret_from_fork_asm+0x1a/0x30 [ 16.128091] [ 16.128165] The buggy address belongs to the object at ffff888102a5fe80 [ 16.128165] which belongs to the cache kmalloc-64 of size 64 [ 16.128659] The buggy address is located 0 bytes to the right of [ 16.128659] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.129788] [ 16.129959] The buggy address belongs to the physical page: [ 16.130473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.131152] flags: 0x200000000000000(node=0|zone=2) [ 16.131651] page_type: f5(slab) [ 16.131963] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.132475] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.132717] page dumped because: kasan: bad access detected [ 16.132890] [ 16.132960] Memory state around the buggy address: [ 16.133114] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.133330] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.133817] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.134456] ^ [ 16.134898] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.135520] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.135752] ================================================================== [ 16.230587] ================================================================== [ 16.230913] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 16.232022] Read of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.232499] [ 16.232617] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.232847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.232860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.232884] Call Trace: [ 16.232898] <TASK> [ 16.232912] dump_stack_lvl+0x73/0xb0 [ 16.232944] print_report+0xd1/0x610 [ 16.232967] ? __virt_addr_valid+0x1db/0x2d0 [ 16.232991] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.233014] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.233039] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.233063] kasan_report+0x141/0x180 [ 16.233086] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.233114] __asan_report_load4_noabort+0x18/0x20 [ 16.233140] kasan_atomics_helper+0x4a02/0x5450 [ 16.233165] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.233189] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.233215] ? trace_hardirqs_on+0x37/0xe0 [ 16.233238] ? kasan_atomics+0x152/0x310 [ 16.233266] kasan_atomics+0x1dc/0x310 [ 16.233290] ? __pfx_kasan_atomics+0x10/0x10 [ 16.233315] ? __pfx_kasan_atomics+0x10/0x10 [ 16.233343] kunit_try_run_case+0x1a5/0x480 [ 16.233369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.233420] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.233447] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.233472] ? __kthread_parkme+0x82/0x180 [ 16.233494] ? preempt_count_sub+0x50/0x80 [ 16.233519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.233545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.233580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.233608] kthread+0x337/0x6f0 [ 16.233629] ? trace_preempt_on+0x20/0xc0 [ 16.233654] ? __pfx_kthread+0x10/0x10 [ 16.233677] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.233702] ? calculate_sigpending+0x7b/0xa0 [ 16.233729] ? __pfx_kthread+0x10/0x10 [ 16.233752] ret_from_fork+0x116/0x1d0 [ 16.233772] ? __pfx_kthread+0x10/0x10 [ 16.233795] ret_from_fork_asm+0x1a/0x30 [ 16.233827] </TASK> [ 16.233838] [ 16.244638] Allocated by task 282: [ 16.244904] kasan_save_stack+0x45/0x70 [ 16.245193] kasan_save_track+0x18/0x40 [ 16.245535] kasan_save_alloc_info+0x3b/0x50 [ 16.245858] __kasan_kmalloc+0xb7/0xc0 [ 16.246132] __kmalloc_cache_noprof+0x189/0x420 [ 16.246344] kasan_atomics+0x95/0x310 [ 16.246696] kunit_try_run_case+0x1a5/0x480 [ 16.246995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.247337] kthread+0x337/0x6f0 [ 16.247627] ret_from_fork+0x116/0x1d0 [ 16.247911] ret_from_fork_asm+0x1a/0x30 [ 16.248129] [ 16.248230] The buggy address belongs to the object at ffff888102a5fe80 [ 16.248230] which belongs to the cache kmalloc-64 of size 64 [ 16.249036] The buggy address is located 0 bytes to the right of [ 16.249036] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.249761] [ 16.249964] The buggy address belongs to the physical page: [ 16.250260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.250747] flags: 0x200000000000000(node=0|zone=2) [ 16.251078] page_type: f5(slab) [ 16.251353] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.251828] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.252270] page dumped because: kasan: bad access detected [ 16.252634] [ 16.252892] Memory state around the buggy address: [ 16.253127] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.253612] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.254016] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.254446] ^ [ 16.254642] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.254966] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.255262] ================================================================== [ 15.785596] ================================================================== [ 15.785840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.786074] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.786300] [ 15.786387] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.786432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.786445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.786465] Call Trace: [ 15.786483] <TASK> [ 15.786500] dump_stack_lvl+0x73/0xb0 [ 15.786526] print_report+0xd1/0x610 [ 15.786689] ? __virt_addr_valid+0x1db/0x2d0 [ 15.786737] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.787589] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.787619] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.787644] kasan_report+0x141/0x180 [ 15.787694] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.787723] kasan_check_range+0x10c/0x1c0 [ 15.787748] __kasan_check_write+0x18/0x20 [ 15.787770] kasan_atomics_helper+0x7c7/0x5450 [ 15.787794] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.787818] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.787846] ? trace_hardirqs_on+0x37/0xe0 [ 15.787871] ? kasan_atomics+0x152/0x310 [ 15.787899] kasan_atomics+0x1dc/0x310 [ 15.787923] ? __pfx_kasan_atomics+0x10/0x10 [ 15.787949] ? __pfx_kasan_atomics+0x10/0x10 [ 15.787977] kunit_try_run_case+0x1a5/0x480 [ 15.788003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.788028] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.788059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.788086] ? __kthread_parkme+0x82/0x180 [ 15.788108] ? preempt_count_sub+0x50/0x80 [ 15.788134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.788160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.788186] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.788214] kthread+0x337/0x6f0 [ 15.788242] ? trace_preempt_on+0x20/0xc0 [ 15.788266] ? __pfx_kthread+0x10/0x10 [ 15.788288] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.788312] ? calculate_sigpending+0x7b/0xa0 [ 15.788339] ? __pfx_kthread+0x10/0x10 [ 15.788361] ret_from_fork+0x116/0x1d0 [ 15.788382] ? __pfx_kthread+0x10/0x10 [ 15.788403] ret_from_fork_asm+0x1a/0x30 [ 15.788436] </TASK> [ 15.788447] [ 15.804191] Allocated by task 282: [ 15.804441] kasan_save_stack+0x45/0x70 [ 15.804784] kasan_save_track+0x18/0x40 [ 15.804935] kasan_save_alloc_info+0x3b/0x50 [ 15.805090] __kasan_kmalloc+0xb7/0xc0 [ 15.805282] __kmalloc_cache_noprof+0x189/0x420 [ 15.805683] kasan_atomics+0x95/0x310 [ 15.805983] kunit_try_run_case+0x1a5/0x480 [ 15.806142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.806323] kthread+0x337/0x6f0 [ 15.806460] ret_from_fork+0x116/0x1d0 [ 15.806660] ret_from_fork_asm+0x1a/0x30 [ 15.807041] [ 15.807200] The buggy address belongs to the object at ffff888102a5fe80 [ 15.807200] which belongs to the cache kmalloc-64 of size 64 [ 15.808210] The buggy address is located 0 bytes to the right of [ 15.808210] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.808843] [ 15.808955] The buggy address belongs to the physical page: [ 15.809145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.809432] flags: 0x200000000000000(node=0|zone=2) [ 15.809803] page_type: f5(slab) [ 15.809998] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.810392] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.810808] page dumped because: kasan: bad access detected [ 15.811038] [ 15.811112] Memory state around the buggy address: [ 15.811530] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.811958] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.812372] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.812714] ^ [ 15.812933] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.813289] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.813608] ================================================================== [ 15.503634] ================================================================== [ 15.504952] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 15.505211] Read of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.506828] [ 15.507206] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.507258] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.507270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.507293] Call Trace: [ 15.507307] <TASK> [ 15.507324] dump_stack_lvl+0x73/0xb0 [ 15.507358] print_report+0xd1/0x610 [ 15.507381] ? __virt_addr_valid+0x1db/0x2d0 [ 15.507406] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.507427] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.507452] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.507474] kasan_report+0x141/0x180 [ 15.507495] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.507522] __asan_report_load4_noabort+0x18/0x20 [ 15.507561] kasan_atomics_helper+0x4bbc/0x5450 [ 15.507750] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.507815] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.507844] ? trace_hardirqs_on+0x37/0xe0 [ 15.507869] ? kasan_atomics+0x152/0x310 [ 15.507896] kasan_atomics+0x1dc/0x310 [ 15.507919] ? __pfx_kasan_atomics+0x10/0x10 [ 15.507943] ? __pfx_kasan_atomics+0x10/0x10 [ 15.507970] kunit_try_run_case+0x1a5/0x480 [ 15.507996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.508021] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.508046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.508075] ? __kthread_parkme+0x82/0x180 [ 15.508096] ? preempt_count_sub+0x50/0x80 [ 15.508121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.508146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.508171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.508198] kthread+0x337/0x6f0 [ 15.508217] ? trace_preempt_on+0x20/0xc0 [ 15.508260] ? __pfx_kthread+0x10/0x10 [ 15.508281] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.508304] ? calculate_sigpending+0x7b/0xa0 [ 15.508330] ? __pfx_kthread+0x10/0x10 [ 15.508351] ret_from_fork+0x116/0x1d0 [ 15.508371] ? __pfx_kthread+0x10/0x10 [ 15.508392] ret_from_fork_asm+0x1a/0x30 [ 15.508441] </TASK> [ 15.508453] [ 15.519788] Allocated by task 282: [ 15.520007] kasan_save_stack+0x45/0x70 [ 15.520282] kasan_save_track+0x18/0x40 [ 15.520498] kasan_save_alloc_info+0x3b/0x50 [ 15.520661] __kasan_kmalloc+0xb7/0xc0 [ 15.520851] __kmalloc_cache_noprof+0x189/0x420 [ 15.521076] kasan_atomics+0x95/0x310 [ 15.521369] kunit_try_run_case+0x1a5/0x480 [ 15.521620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.521901] kthread+0x337/0x6f0 [ 15.522048] ret_from_fork+0x116/0x1d0 [ 15.522180] ret_from_fork_asm+0x1a/0x30 [ 15.522531] [ 15.522642] The buggy address belongs to the object at ffff888102a5fe80 [ 15.522642] which belongs to the cache kmalloc-64 of size 64 [ 15.523121] The buggy address is located 0 bytes to the right of [ 15.523121] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.523762] [ 15.523864] The buggy address belongs to the physical page: [ 15.524073] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.524487] flags: 0x200000000000000(node=0|zone=2) [ 15.524677] page_type: f5(slab) [ 15.524867] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.525205] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.525632] page dumped because: kasan: bad access detected [ 15.525916] [ 15.526009] Memory state around the buggy address: [ 15.526205] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.526624] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.526898] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.527299] ^ [ 15.527492] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.527952] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.530265] ================================================================== [ 16.448963] ================================================================== [ 16.449691] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 16.450353] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.451044] [ 16.451235] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.451278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.451291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.451313] Call Trace: [ 16.451329] <TASK> [ 16.451346] dump_stack_lvl+0x73/0xb0 [ 16.451375] print_report+0xd1/0x610 [ 16.451419] ? __virt_addr_valid+0x1db/0x2d0 [ 16.451463] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.451487] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.451512] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.451535] kasan_report+0x141/0x180 [ 16.451567] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.451595] __asan_report_store8_noabort+0x1b/0x30 [ 16.451622] kasan_atomics_helper+0x50d4/0x5450 [ 16.451646] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.451670] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.451697] ? trace_hardirqs_on+0x37/0xe0 [ 16.451721] ? kasan_atomics+0x152/0x310 [ 16.451749] kasan_atomics+0x1dc/0x310 [ 16.451773] ? __pfx_kasan_atomics+0x10/0x10 [ 16.451799] ? __pfx_kasan_atomics+0x10/0x10 [ 16.451826] kunit_try_run_case+0x1a5/0x480 [ 16.451853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.451877] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.451903] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.451928] ? __kthread_parkme+0x82/0x180 [ 16.451950] ? preempt_count_sub+0x50/0x80 [ 16.451976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.452001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.452028] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.452055] kthread+0x337/0x6f0 [ 16.452082] ? trace_preempt_on+0x20/0xc0 [ 16.452104] ? __pfx_kthread+0x10/0x10 [ 16.452126] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.452149] ? calculate_sigpending+0x7b/0xa0 [ 16.452175] ? __pfx_kthread+0x10/0x10 [ 16.452197] ret_from_fork+0x116/0x1d0 [ 16.452218] ? __pfx_kthread+0x10/0x10 [ 16.452240] ret_from_fork_asm+0x1a/0x30 [ 16.452271] </TASK> [ 16.452282] [ 16.464100] Allocated by task 282: [ 16.464485] kasan_save_stack+0x45/0x70 [ 16.464862] kasan_save_track+0x18/0x40 [ 16.465088] kasan_save_alloc_info+0x3b/0x50 [ 16.465241] __kasan_kmalloc+0xb7/0xc0 [ 16.465376] __kmalloc_cache_noprof+0x189/0x420 [ 16.465856] kasan_atomics+0x95/0x310 [ 16.466210] kunit_try_run_case+0x1a5/0x480 [ 16.466631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.467108] kthread+0x337/0x6f0 [ 16.467289] ret_from_fork+0x116/0x1d0 [ 16.467486] ret_from_fork_asm+0x1a/0x30 [ 16.467869] [ 16.468042] The buggy address belongs to the object at ffff888102a5fe80 [ 16.468042] which belongs to the cache kmalloc-64 of size 64 [ 16.468874] The buggy address is located 0 bytes to the right of [ 16.468874] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.469242] [ 16.469314] The buggy address belongs to the physical page: [ 16.469733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.470444] flags: 0x200000000000000(node=0|zone=2) [ 16.470893] page_type: f5(slab) [ 16.471196] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.471887] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.472195] page dumped because: kasan: bad access detected [ 16.472371] [ 16.472450] Memory state around the buggy address: [ 16.472747] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.473385] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.474034] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.474675] ^ [ 16.475047] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.475266] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.475724] ================================================================== [ 16.628900] ================================================================== [ 16.629195] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 16.629663] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.629992] [ 16.630079] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.630123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.630137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.630158] Call Trace: [ 16.630173] <TASK> [ 16.630187] dump_stack_lvl+0x73/0xb0 [ 16.630216] print_report+0xd1/0x610 [ 16.630239] ? __virt_addr_valid+0x1db/0x2d0 [ 16.630263] ? kasan_atomics_helper+0x194a/0x5450 [ 16.630286] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.630349] ? kasan_atomics_helper+0x194a/0x5450 [ 16.630420] kasan_report+0x141/0x180 [ 16.630446] ? kasan_atomics_helper+0x194a/0x5450 [ 16.630474] kasan_check_range+0x10c/0x1c0 [ 16.630499] __kasan_check_write+0x18/0x20 [ 16.630520] kasan_atomics_helper+0x194a/0x5450 [ 16.630544] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.630578] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.630604] ? trace_hardirqs_on+0x37/0xe0 [ 16.630628] ? kasan_atomics+0x152/0x310 [ 16.630655] kasan_atomics+0x1dc/0x310 [ 16.630715] ? __pfx_kasan_atomics+0x10/0x10 [ 16.630740] ? __pfx_kasan_atomics+0x10/0x10 [ 16.630768] kunit_try_run_case+0x1a5/0x480 [ 16.630794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.630850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.630876] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.630902] ? __kthread_parkme+0x82/0x180 [ 16.630924] ? preempt_count_sub+0x50/0x80 [ 16.630949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.631007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.631034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.631062] kthread+0x337/0x6f0 [ 16.631082] ? trace_preempt_on+0x20/0xc0 [ 16.631135] ? __pfx_kthread+0x10/0x10 [ 16.631158] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.631181] ? calculate_sigpending+0x7b/0xa0 [ 16.631206] ? __pfx_kthread+0x10/0x10 [ 16.631228] ret_from_fork+0x116/0x1d0 [ 16.631248] ? __pfx_kthread+0x10/0x10 [ 16.631300] ret_from_fork_asm+0x1a/0x30 [ 16.631333] </TASK> [ 16.631343] [ 16.639144] Allocated by task 282: [ 16.639322] kasan_save_stack+0x45/0x70 [ 16.639573] kasan_save_track+0x18/0x40 [ 16.639775] kasan_save_alloc_info+0x3b/0x50 [ 16.639963] __kasan_kmalloc+0xb7/0xc0 [ 16.640167] __kmalloc_cache_noprof+0x189/0x420 [ 16.640443] kasan_atomics+0x95/0x310 [ 16.640652] kunit_try_run_case+0x1a5/0x480 [ 16.640877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.641145] kthread+0x337/0x6f0 [ 16.641324] ret_from_fork+0x116/0x1d0 [ 16.641577] ret_from_fork_asm+0x1a/0x30 [ 16.641789] [ 16.641881] The buggy address belongs to the object at ffff888102a5fe80 [ 16.641881] which belongs to the cache kmalloc-64 of size 64 [ 16.642390] The buggy address is located 0 bytes to the right of [ 16.642390] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.643151] [ 16.643246] The buggy address belongs to the physical page: [ 16.643556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.643865] flags: 0x200000000000000(node=0|zone=2) [ 16.644022] page_type: f5(slab) [ 16.644167] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.644578] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.644942] page dumped because: kasan: bad access detected [ 16.645222] [ 16.645312] Memory state around the buggy address: [ 16.645578] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.645882] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.646188] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.646570] ^ [ 16.646803] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.647125] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.647446] ================================================================== [ 15.632239] ================================================================== [ 15.632478] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.632725] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.633703] [ 15.633881] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.633926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.633938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.633960] Call Trace: [ 15.633975] <TASK> [ 15.633991] dump_stack_lvl+0x73/0xb0 [ 15.634020] print_report+0xd1/0x610 [ 15.634043] ? __virt_addr_valid+0x1db/0x2d0 [ 15.634132] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.634174] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.634199] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.634222] kasan_report+0x141/0x180 [ 15.634246] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.634273] kasan_check_range+0x10c/0x1c0 [ 15.634305] __kasan_check_write+0x18/0x20 [ 15.634326] kasan_atomics_helper+0x4a0/0x5450 [ 15.634351] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.634375] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.634401] ? trace_hardirqs_on+0x37/0xe0 [ 15.634424] ? kasan_atomics+0x152/0x310 [ 15.634452] kasan_atomics+0x1dc/0x310 [ 15.634476] ? __pfx_kasan_atomics+0x10/0x10 [ 15.634502] ? __pfx_kasan_atomics+0x10/0x10 [ 15.634530] kunit_try_run_case+0x1a5/0x480 [ 15.634565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.634770] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.634798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.634824] ? __kthread_parkme+0x82/0x180 [ 15.634846] ? preempt_count_sub+0x50/0x80 [ 15.634871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.634897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.634924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.634951] kthread+0x337/0x6f0 [ 15.634972] ? trace_preempt_on+0x20/0xc0 [ 15.634996] ? __pfx_kthread+0x10/0x10 [ 15.635018] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.635041] ? calculate_sigpending+0x7b/0xa0 [ 15.635067] ? __pfx_kthread+0x10/0x10 [ 15.635090] ret_from_fork+0x116/0x1d0 [ 15.635111] ? __pfx_kthread+0x10/0x10 [ 15.635133] ret_from_fork_asm+0x1a/0x30 [ 15.635166] </TASK> [ 15.635178] [ 15.650076] Allocated by task 282: [ 15.650517] kasan_save_stack+0x45/0x70 [ 15.651003] kasan_save_track+0x18/0x40 [ 15.651635] kasan_save_alloc_info+0x3b/0x50 [ 15.652091] __kasan_kmalloc+0xb7/0xc0 [ 15.652373] __kmalloc_cache_noprof+0x189/0x420 [ 15.652822] kasan_atomics+0x95/0x310 [ 15.652964] kunit_try_run_case+0x1a5/0x480 [ 15.653109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.653458] kthread+0x337/0x6f0 [ 15.653833] ret_from_fork+0x116/0x1d0 [ 15.654204] ret_from_fork_asm+0x1a/0x30 [ 15.654721] [ 15.654895] The buggy address belongs to the object at ffff888102a5fe80 [ 15.654895] which belongs to the cache kmalloc-64 of size 64 [ 15.656418] The buggy address is located 0 bytes to the right of [ 15.656418] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.657057] [ 15.657133] The buggy address belongs to the physical page: [ 15.657557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.658387] flags: 0x200000000000000(node=0|zone=2) [ 15.658889] page_type: f5(slab) [ 15.659230] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.659859] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.660095] page dumped because: kasan: bad access detected [ 15.660389] [ 15.660591] Memory state around the buggy address: [ 15.661171] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.662144] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.662892] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.663733] ^ [ 15.663899] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.664123] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.664642] ================================================================== [ 16.256749] ================================================================== [ 16.257079] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 16.257593] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.257989] [ 16.258114] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.258160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.258172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.258195] Call Trace: [ 16.258212] <TASK> [ 16.258228] dump_stack_lvl+0x73/0xb0 [ 16.258258] print_report+0xd1/0x610 [ 16.258282] ? __virt_addr_valid+0x1db/0x2d0 [ 16.258306] ? kasan_atomics_helper+0x1217/0x5450 [ 16.258329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.258353] ? kasan_atomics_helper+0x1217/0x5450 [ 16.258377] kasan_report+0x141/0x180 [ 16.258593] ? kasan_atomics_helper+0x1217/0x5450 [ 16.258637] kasan_check_range+0x10c/0x1c0 [ 16.258664] __kasan_check_write+0x18/0x20 [ 16.258687] kasan_atomics_helper+0x1217/0x5450 [ 16.258713] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.258738] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.258765] ? trace_hardirqs_on+0x37/0xe0 [ 16.258791] ? kasan_atomics+0x152/0x310 [ 16.258819] kasan_atomics+0x1dc/0x310 [ 16.258843] ? __pfx_kasan_atomics+0x10/0x10 [ 16.258869] ? __pfx_kasan_atomics+0x10/0x10 [ 16.258898] kunit_try_run_case+0x1a5/0x480 [ 16.258924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.258949] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.258975] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.259001] ? __kthread_parkme+0x82/0x180 [ 16.259023] ? preempt_count_sub+0x50/0x80 [ 16.259048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.259075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.259102] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.259129] kthread+0x337/0x6f0 [ 16.259149] ? trace_preempt_on+0x20/0xc0 [ 16.259173] ? __pfx_kthread+0x10/0x10 [ 16.259195] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.259218] ? calculate_sigpending+0x7b/0xa0 [ 16.259243] ? __pfx_kthread+0x10/0x10 [ 16.259266] ret_from_fork+0x116/0x1d0 [ 16.259287] ? __pfx_kthread+0x10/0x10 [ 16.259309] ret_from_fork_asm+0x1a/0x30 [ 16.259341] </TASK> [ 16.259353] [ 16.270599] Allocated by task 282: [ 16.270771] kasan_save_stack+0x45/0x70 [ 16.270959] kasan_save_track+0x18/0x40 [ 16.271138] kasan_save_alloc_info+0x3b/0x50 [ 16.271336] __kasan_kmalloc+0xb7/0xc0 [ 16.271989] __kmalloc_cache_noprof+0x189/0x420 [ 16.272293] kasan_atomics+0x95/0x310 [ 16.272752] kunit_try_run_case+0x1a5/0x480 [ 16.273035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.273490] kthread+0x337/0x6f0 [ 16.273919] ret_from_fork+0x116/0x1d0 [ 16.274123] ret_from_fork_asm+0x1a/0x30 [ 16.274310] [ 16.274627] The buggy address belongs to the object at ffff888102a5fe80 [ 16.274627] which belongs to the cache kmalloc-64 of size 64 [ 16.275135] The buggy address is located 0 bytes to the right of [ 16.275135] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.276092] [ 16.276193] The buggy address belongs to the physical page: [ 16.276784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.277292] flags: 0x200000000000000(node=0|zone=2) [ 16.277698] page_type: f5(slab) [ 16.277862] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.278158] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.278725] page dumped because: kasan: bad access detected [ 16.279010] [ 16.279105] Memory state around the buggy address: [ 16.279297] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.280068] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.280747] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.281067] ^ [ 16.281276] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.281890] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.282337] ================================================================== [ 16.336936] ================================================================== [ 16.337328] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 16.337798] Read of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.338077] [ 16.338181] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.338227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.338240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.338263] Call Trace: [ 16.338280] <TASK> [ 16.338297] dump_stack_lvl+0x73/0xb0 [ 16.338326] print_report+0xd1/0x610 [ 16.338350] ? __virt_addr_valid+0x1db/0x2d0 [ 16.338374] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.338397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.338633] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.338659] kasan_report+0x141/0x180 [ 16.338697] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.338725] __asan_report_load4_noabort+0x18/0x20 [ 16.338932] kasan_atomics_helper+0x49ce/0x5450 [ 16.338963] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.338988] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.339015] ? trace_hardirqs_on+0x37/0xe0 [ 16.339040] ? kasan_atomics+0x152/0x310 [ 16.339068] kasan_atomics+0x1dc/0x310 [ 16.339092] ? __pfx_kasan_atomics+0x10/0x10 [ 16.339117] ? __pfx_kasan_atomics+0x10/0x10 [ 16.339146] kunit_try_run_case+0x1a5/0x480 [ 16.339171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.339196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.339221] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.339247] ? __kthread_parkme+0x82/0x180 [ 16.339269] ? preempt_count_sub+0x50/0x80 [ 16.339295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.339322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.339349] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.339378] kthread+0x337/0x6f0 [ 16.339400] ? trace_preempt_on+0x20/0xc0 [ 16.339434] ? __pfx_kthread+0x10/0x10 [ 16.339456] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.339480] ? calculate_sigpending+0x7b/0xa0 [ 16.339508] ? __pfx_kthread+0x10/0x10 [ 16.339532] ret_from_fork+0x116/0x1d0 [ 16.339564] ? __pfx_kthread+0x10/0x10 [ 16.339586] ret_from_fork_asm+0x1a/0x30 [ 16.339618] </TASK> [ 16.339631] [ 16.351514] Allocated by task 282: [ 16.351882] kasan_save_stack+0x45/0x70 [ 16.352092] kasan_save_track+0x18/0x40 [ 16.352274] kasan_save_alloc_info+0x3b/0x50 [ 16.352774] __kasan_kmalloc+0xb7/0xc0 [ 16.353013] __kmalloc_cache_noprof+0x189/0x420 [ 16.353362] kasan_atomics+0x95/0x310 [ 16.353761] kunit_try_run_case+0x1a5/0x480 [ 16.354107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.354356] kthread+0x337/0x6f0 [ 16.354765] ret_from_fork+0x116/0x1d0 [ 16.355083] ret_from_fork_asm+0x1a/0x30 [ 16.355284] [ 16.355370] The buggy address belongs to the object at ffff888102a5fe80 [ 16.355370] which belongs to the cache kmalloc-64 of size 64 [ 16.356089] The buggy address is located 0 bytes to the right of [ 16.356089] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.357117] [ 16.357322] The buggy address belongs to the physical page: [ 16.357780] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.358305] flags: 0x200000000000000(node=0|zone=2) [ 16.358747] page_type: f5(slab) [ 16.359110] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.359603] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.359898] page dumped because: kasan: bad access detected [ 16.360126] [ 16.360213] Memory state around the buggy address: [ 16.360701] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.361144] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.361680] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.362121] ^ [ 16.362339] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.363188] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.363699] ================================================================== [ 16.890724] ================================================================== [ 16.891435] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.892106] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.892621] [ 16.892832] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.892877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.892890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.892931] Call Trace: [ 16.892947] <TASK> [ 16.892962] dump_stack_lvl+0x73/0xb0 [ 16.892991] print_report+0xd1/0x610 [ 16.893013] ? __virt_addr_valid+0x1db/0x2d0 [ 16.893037] ? kasan_atomics_helper+0x2006/0x5450 [ 16.893060] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.893085] ? kasan_atomics_helper+0x2006/0x5450 [ 16.893108] kasan_report+0x141/0x180 [ 16.893131] ? kasan_atomics_helper+0x2006/0x5450 [ 16.893159] kasan_check_range+0x10c/0x1c0 [ 16.893184] __kasan_check_write+0x18/0x20 [ 16.893205] kasan_atomics_helper+0x2006/0x5450 [ 16.893229] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.893254] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.893280] ? trace_hardirqs_on+0x37/0xe0 [ 16.893303] ? kasan_atomics+0x152/0x310 [ 16.893331] kasan_atomics+0x1dc/0x310 [ 16.893355] ? __pfx_kasan_atomics+0x10/0x10 [ 16.893379] ? __pfx_kasan_atomics+0x10/0x10 [ 16.893408] kunit_try_run_case+0x1a5/0x480 [ 16.893434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.893458] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.893485] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.893510] ? __kthread_parkme+0x82/0x180 [ 16.893532] ? preempt_count_sub+0x50/0x80 [ 16.893567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.893594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.893620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.893648] kthread+0x337/0x6f0 [ 16.893668] ? trace_preempt_on+0x20/0xc0 [ 16.893691] ? __pfx_kthread+0x10/0x10 [ 16.893713] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.893737] ? calculate_sigpending+0x7b/0xa0 [ 16.893764] ? __pfx_kthread+0x10/0x10 [ 16.893787] ret_from_fork+0x116/0x1d0 [ 16.893807] ? __pfx_kthread+0x10/0x10 [ 16.893829] ret_from_fork_asm+0x1a/0x30 [ 16.893860] </TASK> [ 16.893871] [ 16.905312] Allocated by task 282: [ 16.905527] kasan_save_stack+0x45/0x70 [ 16.905917] kasan_save_track+0x18/0x40 [ 16.906055] kasan_save_alloc_info+0x3b/0x50 [ 16.906200] __kasan_kmalloc+0xb7/0xc0 [ 16.906332] __kmalloc_cache_noprof+0x189/0x420 [ 16.906721] kasan_atomics+0x95/0x310 [ 16.907053] kunit_try_run_case+0x1a5/0x480 [ 16.907500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.908011] kthread+0x337/0x6f0 [ 16.908345] ret_from_fork+0x116/0x1d0 [ 16.908760] ret_from_fork_asm+0x1a/0x30 [ 16.909134] [ 16.909312] The buggy address belongs to the object at ffff888102a5fe80 [ 16.909312] which belongs to the cache kmalloc-64 of size 64 [ 16.909865] The buggy address is located 0 bytes to the right of [ 16.909865] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.910222] [ 16.910292] The buggy address belongs to the physical page: [ 16.910492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.911223] flags: 0x200000000000000(node=0|zone=2) [ 16.911725] page_type: f5(slab) [ 16.912035] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.912766] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.913434] page dumped because: kasan: bad access detected [ 16.913926] [ 16.914095] Memory state around the buggy address: [ 16.914543] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.915056] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.915268] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.915642] ^ [ 16.916088] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.916752] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.917631] ================================================================== [ 15.737693] ================================================================== [ 15.738029] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.738275] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.738614] [ 15.738722] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.738767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.738779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.738836] Call Trace: [ 15.738852] <TASK> [ 15.738866] dump_stack_lvl+0x73/0xb0 [ 15.738895] print_report+0xd1/0x610 [ 15.738918] ? __virt_addr_valid+0x1db/0x2d0 [ 15.738941] ? kasan_atomics_helper+0x697/0x5450 [ 15.738963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.738988] ? kasan_atomics_helper+0x697/0x5450 [ 15.739012] kasan_report+0x141/0x180 [ 15.739034] ? kasan_atomics_helper+0x697/0x5450 [ 15.739062] kasan_check_range+0x10c/0x1c0 [ 15.739087] __kasan_check_write+0x18/0x20 [ 15.739108] kasan_atomics_helper+0x697/0x5450 [ 15.739133] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.739157] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.739183] ? trace_hardirqs_on+0x37/0xe0 [ 15.739206] ? kasan_atomics+0x152/0x310 [ 15.739233] kasan_atomics+0x1dc/0x310 [ 15.739257] ? __pfx_kasan_atomics+0x10/0x10 [ 15.739282] ? __pfx_kasan_atomics+0x10/0x10 [ 15.739310] kunit_try_run_case+0x1a5/0x480 [ 15.739336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.739360] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.739386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.739412] ? __kthread_parkme+0x82/0x180 [ 15.739434] ? preempt_count_sub+0x50/0x80 [ 15.739458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.739484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.739511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.739538] kthread+0x337/0x6f0 [ 15.739569] ? trace_preempt_on+0x20/0xc0 [ 15.739592] ? __pfx_kthread+0x10/0x10 [ 15.739614] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.739637] ? calculate_sigpending+0x7b/0xa0 [ 15.739662] ? __pfx_kthread+0x10/0x10 [ 15.739685] ret_from_fork+0x116/0x1d0 [ 15.739705] ? __pfx_kthread+0x10/0x10 [ 15.739727] ret_from_fork_asm+0x1a/0x30 [ 15.739758] </TASK> [ 15.739770] [ 15.747861] Allocated by task 282: [ 15.748030] kasan_save_stack+0x45/0x70 [ 15.748188] kasan_save_track+0x18/0x40 [ 15.748337] kasan_save_alloc_info+0x3b/0x50 [ 15.748559] __kasan_kmalloc+0xb7/0xc0 [ 15.748748] __kmalloc_cache_noprof+0x189/0x420 [ 15.749295] kasan_atomics+0x95/0x310 [ 15.749576] kunit_try_run_case+0x1a5/0x480 [ 15.749729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.749988] kthread+0x337/0x6f0 [ 15.750156] ret_from_fork+0x116/0x1d0 [ 15.750482] ret_from_fork_asm+0x1a/0x30 [ 15.750656] [ 15.750730] The buggy address belongs to the object at ffff888102a5fe80 [ 15.750730] which belongs to the cache kmalloc-64 of size 64 [ 15.751119] The buggy address is located 0 bytes to the right of [ 15.751119] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.751666] [ 15.751868] The buggy address belongs to the physical page: [ 15.752118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.752770] flags: 0x200000000000000(node=0|zone=2) [ 15.753015] page_type: f5(slab) [ 15.753153] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.753389] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.753821] page dumped because: kasan: bad access detected [ 15.754053] [ 15.754152] Memory state around the buggy address: [ 15.754329] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.754547] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.755083] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.755518] ^ [ 15.755698] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.755917] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.756207] ================================================================== [ 16.530956] ================================================================== [ 16.531314] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 16.531708] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.531965] [ 16.532053] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.532100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.532113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.532135] Call Trace: [ 16.532150] <TASK> [ 16.532165] dump_stack_lvl+0x73/0xb0 [ 16.532193] print_report+0xd1/0x610 [ 16.532217] ? __virt_addr_valid+0x1db/0x2d0 [ 16.532241] ? kasan_atomics_helper+0x164f/0x5450 [ 16.532264] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.532289] ? kasan_atomics_helper+0x164f/0x5450 [ 16.532313] kasan_report+0x141/0x180 [ 16.532336] ? kasan_atomics_helper+0x164f/0x5450 [ 16.532363] kasan_check_range+0x10c/0x1c0 [ 16.532388] __kasan_check_write+0x18/0x20 [ 16.532409] kasan_atomics_helper+0x164f/0x5450 [ 16.532443] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.532468] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.532495] ? trace_hardirqs_on+0x37/0xe0 [ 16.532518] ? kasan_atomics+0x152/0x310 [ 16.532546] kasan_atomics+0x1dc/0x310 [ 16.532581] ? __pfx_kasan_atomics+0x10/0x10 [ 16.532607] ? __pfx_kasan_atomics+0x10/0x10 [ 16.532635] kunit_try_run_case+0x1a5/0x480 [ 16.532661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.532685] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.532711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.532737] ? __kthread_parkme+0x82/0x180 [ 16.532760] ? preempt_count_sub+0x50/0x80 [ 16.532785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.532811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.532837] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.532864] kthread+0x337/0x6f0 [ 16.532884] ? trace_preempt_on+0x20/0xc0 [ 16.532907] ? __pfx_kthread+0x10/0x10 [ 16.532929] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.532952] ? calculate_sigpending+0x7b/0xa0 [ 16.532979] ? __pfx_kthread+0x10/0x10 [ 16.533001] ret_from_fork+0x116/0x1d0 [ 16.533021] ? __pfx_kthread+0x10/0x10 [ 16.533043] ret_from_fork_asm+0x1a/0x30 [ 16.533075] </TASK> [ 16.533085] [ 16.540528] Allocated by task 282: [ 16.540721] kasan_save_stack+0x45/0x70 [ 16.540946] kasan_save_track+0x18/0x40 [ 16.541163] kasan_save_alloc_info+0x3b/0x50 [ 16.541378] __kasan_kmalloc+0xb7/0xc0 [ 16.541611] __kmalloc_cache_noprof+0x189/0x420 [ 16.541867] kasan_atomics+0x95/0x310 [ 16.542059] kunit_try_run_case+0x1a5/0x480 [ 16.542246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.542544] kthread+0x337/0x6f0 [ 16.542704] ret_from_fork+0x116/0x1d0 [ 16.542839] ret_from_fork_asm+0x1a/0x30 [ 16.542981] [ 16.543054] The buggy address belongs to the object at ffff888102a5fe80 [ 16.543054] which belongs to the cache kmalloc-64 of size 64 [ 16.543564] The buggy address is located 0 bytes to the right of [ 16.543564] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.544119] [ 16.544215] The buggy address belongs to the physical page: [ 16.544498] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.544825] flags: 0x200000000000000(node=0|zone=2) [ 16.544991] page_type: f5(slab) [ 16.545112] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.545497] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.545871] page dumped because: kasan: bad access detected [ 16.546121] [ 16.546216] Memory state around the buggy address: [ 16.546448] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.546700] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.546917] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.547210] ^ [ 16.547443] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.547775] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.547993] ================================================================== [ 15.592738] ================================================================== [ 15.593059] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 15.593385] Read of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.593760] [ 15.593849] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.593892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.593905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.593927] Call Trace: [ 15.593941] <TASK> [ 15.593956] dump_stack_lvl+0x73/0xb0 [ 15.593985] print_report+0xd1/0x610 [ 15.594008] ? __virt_addr_valid+0x1db/0x2d0 [ 15.594033] ? kasan_atomics_helper+0x3df/0x5450 [ 15.594056] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.594081] ? kasan_atomics_helper+0x3df/0x5450 [ 15.594105] kasan_report+0x141/0x180 [ 15.594127] ? kasan_atomics_helper+0x3df/0x5450 [ 15.594155] kasan_check_range+0x10c/0x1c0 [ 15.594181] __kasan_check_read+0x15/0x20 [ 15.594202] kasan_atomics_helper+0x3df/0x5450 [ 15.594226] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.594387] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.594416] ? trace_hardirqs_on+0x37/0xe0 [ 15.594440] ? kasan_atomics+0x152/0x310 [ 15.594468] kasan_atomics+0x1dc/0x310 [ 15.594493] ? __pfx_kasan_atomics+0x10/0x10 [ 15.594518] ? __pfx_kasan_atomics+0x10/0x10 [ 15.594547] kunit_try_run_case+0x1a5/0x480 [ 15.594588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.594613] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.594639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.594664] ? __kthread_parkme+0x82/0x180 [ 15.594686] ? preempt_count_sub+0x50/0x80 [ 15.594711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.594737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.594764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.594792] kthread+0x337/0x6f0 [ 15.594813] ? trace_preempt_on+0x20/0xc0 [ 15.594836] ? __pfx_kthread+0x10/0x10 [ 15.594858] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.594882] ? calculate_sigpending+0x7b/0xa0 [ 15.594908] ? __pfx_kthread+0x10/0x10 [ 15.594931] ret_from_fork+0x116/0x1d0 [ 15.594951] ? __pfx_kthread+0x10/0x10 [ 15.594973] ret_from_fork_asm+0x1a/0x30 [ 15.595005] </TASK> [ 15.595016] [ 15.603512] Allocated by task 282: [ 15.603724] kasan_save_stack+0x45/0x70 [ 15.603929] kasan_save_track+0x18/0x40 [ 15.604128] kasan_save_alloc_info+0x3b/0x50 [ 15.604302] __kasan_kmalloc+0xb7/0xc0 [ 15.604439] __kmalloc_cache_noprof+0x189/0x420 [ 15.604632] kasan_atomics+0x95/0x310 [ 15.604825] kunit_try_run_case+0x1a5/0x480 [ 15.605034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.605291] kthread+0x337/0x6f0 [ 15.605471] ret_from_fork+0x116/0x1d0 [ 15.605711] ret_from_fork_asm+0x1a/0x30 [ 15.605861] [ 15.605934] The buggy address belongs to the object at ffff888102a5fe80 [ 15.605934] which belongs to the cache kmalloc-64 of size 64 [ 15.606412] The buggy address is located 0 bytes to the right of [ 15.606412] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.607157] [ 15.607319] The buggy address belongs to the physical page: [ 15.607620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.607883] flags: 0x200000000000000(node=0|zone=2) [ 15.608047] page_type: f5(slab) [ 15.608173] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.608494] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.608845] page dumped because: kasan: bad access detected [ 15.609111] [ 15.609259] Memory state around the buggy address: [ 15.609641] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.609907] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.610223] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.610678] ^ [ 15.610904] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.611169] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.611577] ================================================================== [ 15.716830] ================================================================== [ 15.717396] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.717707] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.717987] [ 15.718094] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.718137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.718151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.718174] Call Trace: [ 15.718188] <TASK> [ 15.718203] dump_stack_lvl+0x73/0xb0 [ 15.718231] print_report+0xd1/0x610 [ 15.718253] ? __virt_addr_valid+0x1db/0x2d0 [ 15.718277] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.718299] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.718324] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.718347] kasan_report+0x141/0x180 [ 15.718371] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.718399] kasan_check_range+0x10c/0x1c0 [ 15.718424] __kasan_check_write+0x18/0x20 [ 15.718445] kasan_atomics_helper+0x5fe/0x5450 [ 15.718470] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.718493] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.718520] ? trace_hardirqs_on+0x37/0xe0 [ 15.718543] ? kasan_atomics+0x152/0x310 [ 15.718581] kasan_atomics+0x1dc/0x310 [ 15.718605] ? __pfx_kasan_atomics+0x10/0x10 [ 15.718630] ? __pfx_kasan_atomics+0x10/0x10 [ 15.718657] kunit_try_run_case+0x1a5/0x480 [ 15.718683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.718708] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.718913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.718949] ? __kthread_parkme+0x82/0x180 [ 15.718971] ? preempt_count_sub+0x50/0x80 [ 15.718997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.719023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.719050] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.719078] kthread+0x337/0x6f0 [ 15.719098] ? trace_preempt_on+0x20/0xc0 [ 15.719122] ? __pfx_kthread+0x10/0x10 [ 15.719144] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.719167] ? calculate_sigpending+0x7b/0xa0 [ 15.719192] ? __pfx_kthread+0x10/0x10 [ 15.719215] ret_from_fork+0x116/0x1d0 [ 15.719236] ? __pfx_kthread+0x10/0x10 [ 15.719257] ret_from_fork_asm+0x1a/0x30 [ 15.719289] </TASK> [ 15.719300] [ 15.728303] Allocated by task 282: [ 15.728780] kasan_save_stack+0x45/0x70 [ 15.728974] kasan_save_track+0x18/0x40 [ 15.729169] kasan_save_alloc_info+0x3b/0x50 [ 15.729329] __kasan_kmalloc+0xb7/0xc0 [ 15.729543] __kmalloc_cache_noprof+0x189/0x420 [ 15.729792] kasan_atomics+0x95/0x310 [ 15.729980] kunit_try_run_case+0x1a5/0x480 [ 15.730157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.730679] kthread+0x337/0x6f0 [ 15.730828] ret_from_fork+0x116/0x1d0 [ 15.730970] ret_from_fork_asm+0x1a/0x30 [ 15.731173] [ 15.731268] The buggy address belongs to the object at ffff888102a5fe80 [ 15.731268] which belongs to the cache kmalloc-64 of size 64 [ 15.731957] The buggy address is located 0 bytes to the right of [ 15.731957] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.732391] [ 15.732489] The buggy address belongs to the physical page: [ 15.732958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.733224] flags: 0x200000000000000(node=0|zone=2) [ 15.733623] page_type: f5(slab) [ 15.733767] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.734055] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.734650] page dumped because: kasan: bad access detected [ 15.734850] [ 15.734922] Memory state around the buggy address: [ 15.735147] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.735646] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.735888] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.736207] ^ [ 15.736577] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.736821] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.737139] ================================================================== [ 16.993054] ================================================================== [ 16.993470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.993830] Read of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.994160] [ 16.994289] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.994333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.994345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.994366] Call Trace: [ 16.994382] <TASK> [ 16.994435] dump_stack_lvl+0x73/0xb0 [ 16.994466] print_report+0xd1/0x610 [ 16.994489] ? __virt_addr_valid+0x1db/0x2d0 [ 16.994513] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.994535] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.994569] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.994609] kasan_report+0x141/0x180 [ 16.994633] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.994688] __asan_report_load8_noabort+0x18/0x20 [ 16.994728] kasan_atomics_helper+0x4fa5/0x5450 [ 16.994766] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.994804] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.994844] ? trace_hardirqs_on+0x37/0xe0 [ 16.994881] ? kasan_atomics+0x152/0x310 [ 16.994909] kasan_atomics+0x1dc/0x310 [ 16.994933] ? __pfx_kasan_atomics+0x10/0x10 [ 16.994958] ? __pfx_kasan_atomics+0x10/0x10 [ 16.994986] kunit_try_run_case+0x1a5/0x480 [ 16.995011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.995036] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.995062] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.995087] ? __kthread_parkme+0x82/0x180 [ 16.995110] ? preempt_count_sub+0x50/0x80 [ 16.995135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.995161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.995188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.995216] kthread+0x337/0x6f0 [ 16.995237] ? trace_preempt_on+0x20/0xc0 [ 16.995260] ? __pfx_kthread+0x10/0x10 [ 16.995282] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.995305] ? calculate_sigpending+0x7b/0xa0 [ 16.995331] ? __pfx_kthread+0x10/0x10 [ 16.995353] ret_from_fork+0x116/0x1d0 [ 16.995374] ? __pfx_kthread+0x10/0x10 [ 16.995420] ret_from_fork_asm+0x1a/0x30 [ 16.995452] </TASK> [ 16.995464] [ 17.003135] Allocated by task 282: [ 17.003315] kasan_save_stack+0x45/0x70 [ 17.003544] kasan_save_track+0x18/0x40 [ 17.003746] kasan_save_alloc_info+0x3b/0x50 [ 17.003959] __kasan_kmalloc+0xb7/0xc0 [ 17.004151] __kmalloc_cache_noprof+0x189/0x420 [ 17.004373] kasan_atomics+0x95/0x310 [ 17.004593] kunit_try_run_case+0x1a5/0x480 [ 17.004819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.004998] kthread+0x337/0x6f0 [ 17.005169] ret_from_fork+0x116/0x1d0 [ 17.005385] ret_from_fork_asm+0x1a/0x30 [ 17.005634] [ 17.005752] The buggy address belongs to the object at ffff888102a5fe80 [ 17.005752] which belongs to the cache kmalloc-64 of size 64 [ 17.006245] The buggy address is located 0 bytes to the right of [ 17.006245] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 17.006817] [ 17.006920] The buggy address belongs to the physical page: [ 17.007123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 17.007499] flags: 0x200000000000000(node=0|zone=2) [ 17.007702] page_type: f5(slab) [ 17.007823] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.008054] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.008378] page dumped because: kasan: bad access detected [ 17.008688] [ 17.008783] Memory state around the buggy address: [ 17.009002] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.009249] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.009490] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.009817] ^ [ 17.010056] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.010436] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.010769] ================================================================== [ 15.573841] ================================================================== [ 15.574145] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 15.574644] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.574947] [ 15.575035] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.575079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.575091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.575113] Call Trace: [ 15.575127] <TASK> [ 15.575141] dump_stack_lvl+0x73/0xb0 [ 15.575169] print_report+0xd1/0x610 [ 15.575192] ? __virt_addr_valid+0x1db/0x2d0 [ 15.575215] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.575237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.575261] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.575284] kasan_report+0x141/0x180 [ 15.575306] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.575333] __asan_report_store4_noabort+0x1b/0x30 [ 15.575359] kasan_atomics_helper+0x4b6e/0x5450 [ 15.575383] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.575422] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.575447] ? trace_hardirqs_on+0x37/0xe0 [ 15.575471] ? kasan_atomics+0x152/0x310 [ 15.575617] kasan_atomics+0x1dc/0x310 [ 15.575644] ? __pfx_kasan_atomics+0x10/0x10 [ 15.575690] ? __pfx_kasan_atomics+0x10/0x10 [ 15.575719] kunit_try_run_case+0x1a5/0x480 [ 15.575745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.575771] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.575797] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.575823] ? __kthread_parkme+0x82/0x180 [ 15.575846] ? preempt_count_sub+0x50/0x80 [ 15.575872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.575898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.575924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.575952] kthread+0x337/0x6f0 [ 15.575972] ? trace_preempt_on+0x20/0xc0 [ 15.575996] ? __pfx_kthread+0x10/0x10 [ 15.576018] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.576042] ? calculate_sigpending+0x7b/0xa0 [ 15.576072] ? __pfx_kthread+0x10/0x10 [ 15.576095] ret_from_fork+0x116/0x1d0 [ 15.576114] ? __pfx_kthread+0x10/0x10 [ 15.576138] ret_from_fork_asm+0x1a/0x30 [ 15.576169] </TASK> [ 15.576181] [ 15.583736] Allocated by task 282: [ 15.583914] kasan_save_stack+0x45/0x70 [ 15.584091] kasan_save_track+0x18/0x40 [ 15.584229] kasan_save_alloc_info+0x3b/0x50 [ 15.584380] __kasan_kmalloc+0xb7/0xc0 [ 15.584544] __kmalloc_cache_noprof+0x189/0x420 [ 15.584931] kasan_atomics+0x95/0x310 [ 15.585123] kunit_try_run_case+0x1a5/0x480 [ 15.585334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.585563] kthread+0x337/0x6f0 [ 15.585686] ret_from_fork+0x116/0x1d0 [ 15.585900] ret_from_fork_asm+0x1a/0x30 [ 15.586159] [ 15.586607] The buggy address belongs to the object at ffff888102a5fe80 [ 15.586607] which belongs to the cache kmalloc-64 of size 64 [ 15.586992] The buggy address is located 0 bytes to the right of [ 15.586992] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.587778] [ 15.587884] The buggy address belongs to the physical page: [ 15.588144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.588585] flags: 0x200000000000000(node=0|zone=2) [ 15.588753] page_type: f5(slab) [ 15.588875] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.589215] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.589609] page dumped because: kasan: bad access detected [ 15.590009] [ 15.590097] Memory state around the buggy address: [ 15.590380] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.590735] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.590953] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.591353] ^ [ 15.591692] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.591976] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.592301] ================================================================== [ 16.422094] ================================================================== [ 16.422489] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 16.423133] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.423367] [ 16.423592] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.423638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.423651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.423674] Call Trace: [ 16.423691] <TASK> [ 16.423708] dump_stack_lvl+0x73/0xb0 [ 16.423737] print_report+0xd1/0x610 [ 16.423760] ? __virt_addr_valid+0x1db/0x2d0 [ 16.423783] ? kasan_atomics_helper+0x1467/0x5450 [ 16.423806] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.423831] ? kasan_atomics_helper+0x1467/0x5450 [ 16.423855] kasan_report+0x141/0x180 [ 16.423879] ? kasan_atomics_helper+0x1467/0x5450 [ 16.423907] kasan_check_range+0x10c/0x1c0 [ 16.423932] __kasan_check_write+0x18/0x20 [ 16.423954] kasan_atomics_helper+0x1467/0x5450 [ 16.423980] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.424004] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.424031] ? trace_hardirqs_on+0x37/0xe0 [ 16.424054] ? kasan_atomics+0x152/0x310 [ 16.424088] kasan_atomics+0x1dc/0x310 [ 16.424111] ? __pfx_kasan_atomics+0x10/0x10 [ 16.424137] ? __pfx_kasan_atomics+0x10/0x10 [ 16.424165] kunit_try_run_case+0x1a5/0x480 [ 16.424191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.424216] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.424242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.424268] ? __kthread_parkme+0x82/0x180 [ 16.424289] ? preempt_count_sub+0x50/0x80 [ 16.424314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.424340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.424366] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.424401] kthread+0x337/0x6f0 [ 16.424423] ? trace_preempt_on+0x20/0xc0 [ 16.424447] ? __pfx_kthread+0x10/0x10 [ 16.424468] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.424492] ? calculate_sigpending+0x7b/0xa0 [ 16.424518] ? __pfx_kthread+0x10/0x10 [ 16.424540] ret_from_fork+0x116/0x1d0 [ 16.424604] ? __pfx_kthread+0x10/0x10 [ 16.424626] ret_from_fork_asm+0x1a/0x30 [ 16.424659] </TASK> [ 16.424671] [ 16.436531] Allocated by task 282: [ 16.436882] kasan_save_stack+0x45/0x70 [ 16.437246] kasan_save_track+0x18/0x40 [ 16.437644] kasan_save_alloc_info+0x3b/0x50 [ 16.438042] __kasan_kmalloc+0xb7/0xc0 [ 16.438414] __kmalloc_cache_noprof+0x189/0x420 [ 16.438848] kasan_atomics+0x95/0x310 [ 16.439066] kunit_try_run_case+0x1a5/0x480 [ 16.439216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.439420] kthread+0x337/0x6f0 [ 16.439767] ret_from_fork+0x116/0x1d0 [ 16.440122] ret_from_fork_asm+0x1a/0x30 [ 16.440512] [ 16.440701] The buggy address belongs to the object at ffff888102a5fe80 [ 16.440701] which belongs to the cache kmalloc-64 of size 64 [ 16.441640] The buggy address is located 0 bytes to the right of [ 16.441640] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.442021] [ 16.442098] The buggy address belongs to the physical page: [ 16.442277] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.442850] flags: 0x200000000000000(node=0|zone=2) [ 16.443310] page_type: f5(slab) [ 16.443656] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.444316] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.444993] page dumped because: kasan: bad access detected [ 16.445496] [ 16.445663] Memory state around the buggy address: [ 16.446110] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.446595] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.446816] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.447031] ^ [ 16.447186] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.447426] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.448119] ================================================================== [ 16.004185] ================================================================== [ 16.004516] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 16.004833] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.005117] [ 16.005224] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.005267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.005279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.005301] Call Trace: [ 16.005316] <TASK> [ 16.005331] dump_stack_lvl+0x73/0xb0 [ 16.005358] print_report+0xd1/0x610 [ 16.005380] ? __virt_addr_valid+0x1db/0x2d0 [ 16.005402] ? kasan_atomics_helper+0xd47/0x5450 [ 16.005423] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.005446] ? kasan_atomics_helper+0xd47/0x5450 [ 16.005468] kasan_report+0x141/0x180 [ 16.005490] ? kasan_atomics_helper+0xd47/0x5450 [ 16.005516] kasan_check_range+0x10c/0x1c0 [ 16.005540] __kasan_check_write+0x18/0x20 [ 16.005693] kasan_atomics_helper+0xd47/0x5450 [ 16.005731] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.005757] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.005794] ? trace_hardirqs_on+0x37/0xe0 [ 16.005819] ? kasan_atomics+0x152/0x310 [ 16.005846] kasan_atomics+0x1dc/0x310 [ 16.005870] ? __pfx_kasan_atomics+0x10/0x10 [ 16.005896] ? __pfx_kasan_atomics+0x10/0x10 [ 16.005924] kunit_try_run_case+0x1a5/0x480 [ 16.005949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.005975] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.006000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.006034] ? __kthread_parkme+0x82/0x180 [ 16.006059] ? preempt_count_sub+0x50/0x80 [ 16.006084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.006122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.006149] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.006177] kthread+0x337/0x6f0 [ 16.006206] ? trace_preempt_on+0x20/0xc0 [ 16.006230] ? __pfx_kthread+0x10/0x10 [ 16.006304] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.006328] ? calculate_sigpending+0x7b/0xa0 [ 16.006355] ? __pfx_kthread+0x10/0x10 [ 16.006377] ret_from_fork+0x116/0x1d0 [ 16.006399] ? __pfx_kthread+0x10/0x10 [ 16.006591] ret_from_fork_asm+0x1a/0x30 [ 16.006629] </TASK> [ 16.006639] [ 16.015685] Allocated by task 282: [ 16.015843] kasan_save_stack+0x45/0x70 [ 16.016065] kasan_save_track+0x18/0x40 [ 16.016310] kasan_save_alloc_info+0x3b/0x50 [ 16.016571] __kasan_kmalloc+0xb7/0xc0 [ 16.016767] __kmalloc_cache_noprof+0x189/0x420 [ 16.016984] kasan_atomics+0x95/0x310 [ 16.017180] kunit_try_run_case+0x1a5/0x480 [ 16.017490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.017752] kthread+0x337/0x6f0 [ 16.017880] ret_from_fork+0x116/0x1d0 [ 16.018016] ret_from_fork_asm+0x1a/0x30 [ 16.018202] [ 16.018308] The buggy address belongs to the object at ffff888102a5fe80 [ 16.018308] which belongs to the cache kmalloc-64 of size 64 [ 16.018981] The buggy address is located 0 bytes to the right of [ 16.018981] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.019618] [ 16.019743] The buggy address belongs to the physical page: [ 16.020299] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.020756] flags: 0x200000000000000(node=0|zone=2) [ 16.020955] page_type: f5(slab) [ 16.021076] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.021629] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.021919] page dumped because: kasan: bad access detected [ 16.022200] [ 16.022402] Memory state around the buggy address: [ 16.022587] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.022819] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.023170] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.023860] ^ [ 16.024162] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.024398] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.024843] ================================================================== [ 15.814087] ================================================================== [ 15.814576] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.814865] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.815202] [ 15.815497] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.815570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.815584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.815607] Call Trace: [ 15.815624] <TASK> [ 15.815639] dump_stack_lvl+0x73/0xb0 [ 15.815670] print_report+0xd1/0x610 [ 15.815694] ? __virt_addr_valid+0x1db/0x2d0 [ 15.815812] ? kasan_atomics_helper+0x860/0x5450 [ 15.815835] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.815860] ? kasan_atomics_helper+0x860/0x5450 [ 15.815883] kasan_report+0x141/0x180 [ 15.815907] ? kasan_atomics_helper+0x860/0x5450 [ 15.815935] kasan_check_range+0x10c/0x1c0 [ 15.815960] __kasan_check_write+0x18/0x20 [ 15.815981] kasan_atomics_helper+0x860/0x5450 [ 15.816014] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.816039] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.816081] ? trace_hardirqs_on+0x37/0xe0 [ 15.816105] ? kasan_atomics+0x152/0x310 [ 15.816132] kasan_atomics+0x1dc/0x310 [ 15.816156] ? __pfx_kasan_atomics+0x10/0x10 [ 15.816191] ? __pfx_kasan_atomics+0x10/0x10 [ 15.816219] kunit_try_run_case+0x1a5/0x480 [ 15.816255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.816280] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.816306] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.816332] ? __kthread_parkme+0x82/0x180 [ 15.816355] ? preempt_count_sub+0x50/0x80 [ 15.816380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.816406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.816433] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.816460] kthread+0x337/0x6f0 [ 15.816481] ? trace_preempt_on+0x20/0xc0 [ 15.816505] ? __pfx_kthread+0x10/0x10 [ 15.816648] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.816672] ? calculate_sigpending+0x7b/0xa0 [ 15.816698] ? __pfx_kthread+0x10/0x10 [ 15.816722] ret_from_fork+0x116/0x1d0 [ 15.816744] ? __pfx_kthread+0x10/0x10 [ 15.816766] ret_from_fork_asm+0x1a/0x30 [ 15.816799] </TASK> [ 15.816810] [ 15.825670] Allocated by task 282: [ 15.825816] kasan_save_stack+0x45/0x70 [ 15.825969] kasan_save_track+0x18/0x40 [ 15.826973] kasan_save_alloc_info+0x3b/0x50 [ 15.827829] __kasan_kmalloc+0xb7/0xc0 [ 15.828047] __kmalloc_cache_noprof+0x189/0x420 [ 15.828313] kasan_atomics+0x95/0x310 [ 15.828513] kunit_try_run_case+0x1a5/0x480 [ 15.828764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.828943] kthread+0x337/0x6f0 [ 15.829065] ret_from_fork+0x116/0x1d0 [ 15.829202] ret_from_fork_asm+0x1a/0x30 [ 15.829342] [ 15.829417] The buggy address belongs to the object at ffff888102a5fe80 [ 15.829417] which belongs to the cache kmalloc-64 of size 64 [ 15.829815] The buggy address is located 0 bytes to the right of [ 15.829815] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.830704] [ 15.830858] The buggy address belongs to the physical page: [ 15.831226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.831469] flags: 0x200000000000000(node=0|zone=2) [ 15.831645] page_type: f5(slab) [ 15.831767] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.832003] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.833273] page dumped because: kasan: bad access detected [ 15.833457] [ 15.833529] Memory state around the buggy address: [ 15.833697] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.833913] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.834212] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.834570] ^ [ 15.834731] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.834950] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.835176] ================================================================== [ 16.310013] ================================================================== [ 16.310455] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 16.311538] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.312092] [ 16.312332] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.312482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.312499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.312523] Call Trace: [ 16.312540] <TASK> [ 16.312603] dump_stack_lvl+0x73/0xb0 [ 16.312637] print_report+0xd1/0x610 [ 16.312662] ? __virt_addr_valid+0x1db/0x2d0 [ 16.312687] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.312711] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.312736] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.312759] kasan_report+0x141/0x180 [ 16.312783] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.312811] kasan_check_range+0x10c/0x1c0 [ 16.312837] __kasan_check_write+0x18/0x20 [ 16.312857] kasan_atomics_helper+0x12e6/0x5450 [ 16.312883] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.312907] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.312933] ? trace_hardirqs_on+0x37/0xe0 [ 16.312957] ? kasan_atomics+0x152/0x310 [ 16.312984] kasan_atomics+0x1dc/0x310 [ 16.313142] ? __pfx_kasan_atomics+0x10/0x10 [ 16.313170] ? __pfx_kasan_atomics+0x10/0x10 [ 16.313211] kunit_try_run_case+0x1a5/0x480 [ 16.313238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.313263] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.313290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.313316] ? __kthread_parkme+0x82/0x180 [ 16.313339] ? preempt_count_sub+0x50/0x80 [ 16.313364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.313390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.313416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.313443] kthread+0x337/0x6f0 [ 16.313464] ? trace_preempt_on+0x20/0xc0 [ 16.313487] ? __pfx_kthread+0x10/0x10 [ 16.313509] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.313532] ? calculate_sigpending+0x7b/0xa0 [ 16.313567] ? __pfx_kthread+0x10/0x10 [ 16.313591] ret_from_fork+0x116/0x1d0 [ 16.313612] ? __pfx_kthread+0x10/0x10 [ 16.313634] ret_from_fork_asm+0x1a/0x30 [ 16.313666] </TASK> [ 16.313678] [ 16.324005] Allocated by task 282: [ 16.324384] kasan_save_stack+0x45/0x70 [ 16.324612] kasan_save_track+0x18/0x40 [ 16.324793] kasan_save_alloc_info+0x3b/0x50 [ 16.324994] __kasan_kmalloc+0xb7/0xc0 [ 16.325168] __kmalloc_cache_noprof+0x189/0x420 [ 16.325378] kasan_atomics+0x95/0x310 [ 16.325971] kunit_try_run_case+0x1a5/0x480 [ 16.326250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.326697] kthread+0x337/0x6f0 [ 16.327003] ret_from_fork+0x116/0x1d0 [ 16.327195] ret_from_fork_asm+0x1a/0x30 [ 16.327378] [ 16.327807] The buggy address belongs to the object at ffff888102a5fe80 [ 16.327807] which belongs to the cache kmalloc-64 of size 64 [ 16.328696] The buggy address is located 0 bytes to the right of [ 16.328696] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.329496] [ 16.329603] The buggy address belongs to the physical page: [ 16.329830] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.330152] flags: 0x200000000000000(node=0|zone=2) [ 16.330374] page_type: f5(slab) [ 16.330951] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.331429] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.331954] page dumped because: kasan: bad access detected [ 16.332208] [ 16.332299] Memory state around the buggy address: [ 16.332876] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.333277] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.333964] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.334283] ^ [ 16.334796] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.335116] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.335588] ================================================================== [ 16.365162] ================================================================== [ 16.365850] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 16.366101] Read of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.366327] [ 16.366423] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.366468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.366482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.366504] Call Trace: [ 16.366521] <TASK> [ 16.366538] dump_stack_lvl+0x73/0xb0 [ 16.366576] print_report+0xd1/0x610 [ 16.366599] ? __virt_addr_valid+0x1db/0x2d0 [ 16.366624] ? kasan_atomics_helper+0x13b5/0x5450 [ 16.366646] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.366671] ? kasan_atomics_helper+0x13b5/0x5450 [ 16.366695] kasan_report+0x141/0x180 [ 16.366718] ? kasan_atomics_helper+0x13b5/0x5450 [ 16.366746] kasan_check_range+0x10c/0x1c0 [ 16.366771] __kasan_check_read+0x15/0x20 [ 16.366792] kasan_atomics_helper+0x13b5/0x5450 [ 16.366816] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.366840] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.366867] ? trace_hardirqs_on+0x37/0xe0 [ 16.366891] ? kasan_atomics+0x152/0x310 [ 16.366918] kasan_atomics+0x1dc/0x310 [ 16.366942] ? __pfx_kasan_atomics+0x10/0x10 [ 16.366967] ? __pfx_kasan_atomics+0x10/0x10 [ 16.366995] kunit_try_run_case+0x1a5/0x480 [ 16.367021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.367046] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.367072] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.367097] ? __kthread_parkme+0x82/0x180 [ 16.367119] ? preempt_count_sub+0x50/0x80 [ 16.367145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.367171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.367197] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.367224] kthread+0x337/0x6f0 [ 16.367244] ? trace_preempt_on+0x20/0xc0 [ 16.367268] ? __pfx_kthread+0x10/0x10 [ 16.367290] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.367313] ? calculate_sigpending+0x7b/0xa0 [ 16.367339] ? __pfx_kthread+0x10/0x10 [ 16.367361] ret_from_fork+0x116/0x1d0 [ 16.367381] ? __pfx_kthread+0x10/0x10 [ 16.367403] ret_from_fork_asm+0x1a/0x30 [ 16.367435] </TASK> [ 16.367447] [ 16.382445] Allocated by task 282: [ 16.382796] kasan_save_stack+0x45/0x70 [ 16.383166] kasan_save_track+0x18/0x40 [ 16.383567] kasan_save_alloc_info+0x3b/0x50 [ 16.383848] __kasan_kmalloc+0xb7/0xc0 [ 16.384126] __kmalloc_cache_noprof+0x189/0x420 [ 16.384286] kasan_atomics+0x95/0x310 [ 16.384496] kunit_try_run_case+0x1a5/0x480 [ 16.384903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.385383] kthread+0x337/0x6f0 [ 16.385722] ret_from_fork+0x116/0x1d0 [ 16.385938] ret_from_fork_asm+0x1a/0x30 [ 16.386081] [ 16.386157] The buggy address belongs to the object at ffff888102a5fe80 [ 16.386157] which belongs to the cache kmalloc-64 of size 64 [ 16.386830] The buggy address is located 0 bytes to the right of [ 16.386830] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.387935] [ 16.388123] The buggy address belongs to the physical page: [ 16.388644] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.389039] flags: 0x200000000000000(node=0|zone=2) [ 16.389467] page_type: f5(slab) [ 16.389603] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.389836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.390064] page dumped because: kasan: bad access detected [ 16.390237] [ 16.390309] Memory state around the buggy address: [ 16.390699] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.391310] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.391958] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.392614] ^ [ 16.393040] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.393693] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.394303] ================================================================== [ 15.554619] ================================================================== [ 15.554915] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 15.555218] Read of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.555854] [ 15.555955] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.555999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.556012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.556033] Call Trace: [ 15.556045] <TASK> [ 15.556064] dump_stack_lvl+0x73/0xb0 [ 15.556092] print_report+0xd1/0x610 [ 15.556115] ? __virt_addr_valid+0x1db/0x2d0 [ 15.556138] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.556160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.556184] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.556207] kasan_report+0x141/0x180 [ 15.556229] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.556319] __asan_report_load4_noabort+0x18/0x20 [ 15.556346] kasan_atomics_helper+0x4b88/0x5450 [ 15.556370] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.556394] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.556418] ? trace_hardirqs_on+0x37/0xe0 [ 15.556441] ? kasan_atomics+0x152/0x310 [ 15.556468] kasan_atomics+0x1dc/0x310 [ 15.556491] ? __pfx_kasan_atomics+0x10/0x10 [ 15.556515] ? __pfx_kasan_atomics+0x10/0x10 [ 15.556542] kunit_try_run_case+0x1a5/0x480 [ 15.556580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.556605] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.556629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.556654] ? __kthread_parkme+0x82/0x180 [ 15.556687] ? preempt_count_sub+0x50/0x80 [ 15.556711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.556736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.556761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.556787] kthread+0x337/0x6f0 [ 15.556807] ? trace_preempt_on+0x20/0xc0 [ 15.556829] ? __pfx_kthread+0x10/0x10 [ 15.556850] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.556872] ? calculate_sigpending+0x7b/0xa0 [ 15.556896] ? __pfx_kthread+0x10/0x10 [ 15.556918] ret_from_fork+0x116/0x1d0 [ 15.556937] ? __pfx_kthread+0x10/0x10 [ 15.556957] ret_from_fork_asm+0x1a/0x30 [ 15.556987] </TASK> [ 15.556998] [ 15.564984] Allocated by task 282: [ 15.565158] kasan_save_stack+0x45/0x70 [ 15.565387] kasan_save_track+0x18/0x40 [ 15.565652] kasan_save_alloc_info+0x3b/0x50 [ 15.565866] __kasan_kmalloc+0xb7/0xc0 [ 15.566054] __kmalloc_cache_noprof+0x189/0x420 [ 15.566447] kasan_atomics+0x95/0x310 [ 15.566663] kunit_try_run_case+0x1a5/0x480 [ 15.566872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.567102] kthread+0x337/0x6f0 [ 15.567352] ret_from_fork+0x116/0x1d0 [ 15.567571] ret_from_fork_asm+0x1a/0x30 [ 15.567738] [ 15.567836] The buggy address belongs to the object at ffff888102a5fe80 [ 15.567836] which belongs to the cache kmalloc-64 of size 64 [ 15.568387] The buggy address is located 0 bytes to the right of [ 15.568387] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.568856] [ 15.568926] The buggy address belongs to the physical page: [ 15.569099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.569392] flags: 0x200000000000000(node=0|zone=2) [ 15.569633] page_type: f5(slab) [ 15.569802] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.570369] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.570642] page dumped because: kasan: bad access detected [ 15.570810] [ 15.570879] Memory state around the buggy address: [ 15.571032] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.571247] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.571819] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.572152] ^ [ 15.572379] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.572826] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.573153] ================================================================== [ 15.961563] ================================================================== [ 15.961840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.962372] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.962728] [ 15.963063] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.963112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.963125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.963148] Call Trace: [ 15.963160] <TASK> [ 15.963175] dump_stack_lvl+0x73/0xb0 [ 15.963204] print_report+0xd1/0x610 [ 15.963228] ? __virt_addr_valid+0x1db/0x2d0 [ 15.963251] ? kasan_atomics_helper+0xc70/0x5450 [ 15.963274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.963299] ? kasan_atomics_helper+0xc70/0x5450 [ 15.963323] kasan_report+0x141/0x180 [ 15.963346] ? kasan_atomics_helper+0xc70/0x5450 [ 15.963374] kasan_check_range+0x10c/0x1c0 [ 15.963399] __kasan_check_write+0x18/0x20 [ 15.963421] kasan_atomics_helper+0xc70/0x5450 [ 15.963445] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.963471] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.963497] ? trace_hardirqs_on+0x37/0xe0 [ 15.963520] ? kasan_atomics+0x152/0x310 [ 15.963559] kasan_atomics+0x1dc/0x310 [ 15.963583] ? __pfx_kasan_atomics+0x10/0x10 [ 15.963609] ? __pfx_kasan_atomics+0x10/0x10 [ 15.963638] kunit_try_run_case+0x1a5/0x480 [ 15.963663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.963688] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.963714] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.963791] ? __kthread_parkme+0x82/0x180 [ 15.963813] ? preempt_count_sub+0x50/0x80 [ 15.963871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.963906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.963933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.963960] kthread+0x337/0x6f0 [ 15.963981] ? trace_preempt_on+0x20/0xc0 [ 15.964005] ? __pfx_kthread+0x10/0x10 [ 15.964028] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.964053] ? calculate_sigpending+0x7b/0xa0 [ 15.964088] ? __pfx_kthread+0x10/0x10 [ 15.964112] ret_from_fork+0x116/0x1d0 [ 15.964132] ? __pfx_kthread+0x10/0x10 [ 15.964155] ret_from_fork_asm+0x1a/0x30 [ 15.964187] </TASK> [ 15.964199] [ 15.973286] Allocated by task 282: [ 15.973600] kasan_save_stack+0x45/0x70 [ 15.973758] kasan_save_track+0x18/0x40 [ 15.974036] kasan_save_alloc_info+0x3b/0x50 [ 15.974250] __kasan_kmalloc+0xb7/0xc0 [ 15.974526] __kmalloc_cache_noprof+0x189/0x420 [ 15.974779] kasan_atomics+0x95/0x310 [ 15.974975] kunit_try_run_case+0x1a5/0x480 [ 15.975148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.975379] kthread+0x337/0x6f0 [ 15.975545] ret_from_fork+0x116/0x1d0 [ 15.975688] ret_from_fork_asm+0x1a/0x30 [ 15.975964] [ 15.976084] The buggy address belongs to the object at ffff888102a5fe80 [ 15.976084] which belongs to the cache kmalloc-64 of size 64 [ 15.976710] The buggy address is located 0 bytes to the right of [ 15.976710] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.977183] [ 15.977410] The buggy address belongs to the physical page: [ 15.978003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.978335] flags: 0x200000000000000(node=0|zone=2) [ 15.978688] page_type: f5(slab) [ 15.978947] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.979236] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.979633] page dumped because: kasan: bad access detected [ 15.979940] [ 15.980113] Memory state around the buggy address: [ 15.980455] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.980717] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.981050] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.981612] ^ [ 15.981852] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.982078] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.982665] ================================================================== [ 16.476778] ================================================================== [ 16.477594] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 16.478112] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.478884] [ 16.479130] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.479174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.479187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.479209] Call Trace: [ 16.479223] <TASK> [ 16.479239] dump_stack_lvl+0x73/0xb0 [ 16.479267] print_report+0xd1/0x610 [ 16.479290] ? __virt_addr_valid+0x1db/0x2d0 [ 16.479313] ? kasan_atomics_helper+0x151d/0x5450 [ 16.479345] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.479370] ? kasan_atomics_helper+0x151d/0x5450 [ 16.479394] kasan_report+0x141/0x180 [ 16.479416] ? kasan_atomics_helper+0x151d/0x5450 [ 16.479444] kasan_check_range+0x10c/0x1c0 [ 16.479469] __kasan_check_write+0x18/0x20 [ 16.479490] kasan_atomics_helper+0x151d/0x5450 [ 16.479514] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.479539] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.479574] ? trace_hardirqs_on+0x37/0xe0 [ 16.479597] ? kasan_atomics+0x152/0x310 [ 16.479624] kasan_atomics+0x1dc/0x310 [ 16.479648] ? __pfx_kasan_atomics+0x10/0x10 [ 16.479673] ? __pfx_kasan_atomics+0x10/0x10 [ 16.479701] kunit_try_run_case+0x1a5/0x480 [ 16.479726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.479751] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.479777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.479802] ? __kthread_parkme+0x82/0x180 [ 16.479825] ? preempt_count_sub+0x50/0x80 [ 16.479849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.479875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.479901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.479928] kthread+0x337/0x6f0 [ 16.479949] ? trace_preempt_on+0x20/0xc0 [ 16.479972] ? __pfx_kthread+0x10/0x10 [ 16.479994] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.480017] ? calculate_sigpending+0x7b/0xa0 [ 16.480042] ? __pfx_kthread+0x10/0x10 [ 16.480071] ret_from_fork+0x116/0x1d0 [ 16.480092] ? __pfx_kthread+0x10/0x10 [ 16.480114] ret_from_fork_asm+0x1a/0x30 [ 16.480146] </TASK> [ 16.480157] [ 16.491851] Allocated by task 282: [ 16.492173] kasan_save_stack+0x45/0x70 [ 16.492580] kasan_save_track+0x18/0x40 [ 16.492936] kasan_save_alloc_info+0x3b/0x50 [ 16.493191] __kasan_kmalloc+0xb7/0xc0 [ 16.493325] __kmalloc_cache_noprof+0x189/0x420 [ 16.493689] kasan_atomics+0x95/0x310 [ 16.494036] kunit_try_run_case+0x1a5/0x480 [ 16.494443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.494913] kthread+0x337/0x6f0 [ 16.495037] ret_from_fork+0x116/0x1d0 [ 16.495172] ret_from_fork_asm+0x1a/0x30 [ 16.495314] [ 16.495387] The buggy address belongs to the object at ffff888102a5fe80 [ 16.495387] which belongs to the cache kmalloc-64 of size 64 [ 16.496464] The buggy address is located 0 bytes to the right of [ 16.496464] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.497535] [ 16.497703] The buggy address belongs to the physical page: [ 16.498068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.498315] flags: 0x200000000000000(node=0|zone=2) [ 16.498683] page_type: f5(slab) [ 16.498995] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.499675] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.500317] page dumped because: kasan: bad access detected [ 16.500595] [ 16.500668] Memory state around the buggy address: [ 16.500826] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.501043] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.501259] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.501649] ^ [ 16.502057] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.502702] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.503298] ================================================================== [ 16.689674] ================================================================== [ 16.689998] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 16.690703] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.690940] [ 16.691026] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.691070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.691082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.691104] Call Trace: [ 16.691118] <TASK> [ 16.691132] dump_stack_lvl+0x73/0xb0 [ 16.691161] print_report+0xd1/0x610 [ 16.691184] ? __virt_addr_valid+0x1db/0x2d0 [ 16.691208] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.691231] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.691255] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.691280] kasan_report+0x141/0x180 [ 16.691303] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.691331] kasan_check_range+0x10c/0x1c0 [ 16.691356] __kasan_check_write+0x18/0x20 [ 16.691378] kasan_atomics_helper+0x1b22/0x5450 [ 16.691402] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.691426] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.691452] ? trace_hardirqs_on+0x37/0xe0 [ 16.691475] ? kasan_atomics+0x152/0x310 [ 16.691503] kasan_atomics+0x1dc/0x310 [ 16.691527] ? __pfx_kasan_atomics+0x10/0x10 [ 16.691564] ? __pfx_kasan_atomics+0x10/0x10 [ 16.691593] kunit_try_run_case+0x1a5/0x480 [ 16.691619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.691644] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.691671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.691697] ? __kthread_parkme+0x82/0x180 [ 16.691719] ? preempt_count_sub+0x50/0x80 [ 16.691758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.691785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.691811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.691839] kthread+0x337/0x6f0 [ 16.691862] ? trace_preempt_on+0x20/0xc0 [ 16.691886] ? __pfx_kthread+0x10/0x10 [ 16.691908] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.691932] ? calculate_sigpending+0x7b/0xa0 [ 16.691958] ? __pfx_kthread+0x10/0x10 [ 16.691980] ret_from_fork+0x116/0x1d0 [ 16.692000] ? __pfx_kthread+0x10/0x10 [ 16.692021] ret_from_fork_asm+0x1a/0x30 [ 16.692053] </TASK> [ 16.692069] [ 16.699786] Allocated by task 282: [ 16.699980] kasan_save_stack+0x45/0x70 [ 16.700157] kasan_save_track+0x18/0x40 [ 16.700332] kasan_save_alloc_info+0x3b/0x50 [ 16.700559] __kasan_kmalloc+0xb7/0xc0 [ 16.700697] __kmalloc_cache_noprof+0x189/0x420 [ 16.700857] kasan_atomics+0x95/0x310 [ 16.701023] kunit_try_run_case+0x1a5/0x480 [ 16.701232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.701486] kthread+0x337/0x6f0 [ 16.701701] ret_from_fork+0x116/0x1d0 [ 16.701847] ret_from_fork_asm+0x1a/0x30 [ 16.701988] [ 16.702061] The buggy address belongs to the object at ffff888102a5fe80 [ 16.702061] which belongs to the cache kmalloc-64 of size 64 [ 16.702449] The buggy address is located 0 bytes to the right of [ 16.702449] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.702999] [ 16.703109] The buggy address belongs to the physical page: [ 16.703357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.703895] flags: 0x200000000000000(node=0|zone=2) [ 16.704107] page_type: f5(slab) [ 16.704228] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.704462] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.704786] page dumped because: kasan: bad access detected [ 16.705159] [ 16.705256] Memory state around the buggy address: [ 16.705480] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.705746] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.705962] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.706244] ^ [ 16.706459] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.706781] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.707192] ================================================================== [ 15.835824] ================================================================== [ 15.836081] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.836322] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.836545] [ 15.837746] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.837799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.837813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.837837] Call Trace: [ 15.837855] <TASK> [ 15.837873] dump_stack_lvl+0x73/0xb0 [ 15.838151] print_report+0xd1/0x610 [ 15.838183] ? __virt_addr_valid+0x1db/0x2d0 [ 15.838208] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.838231] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.838323] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.838348] kasan_report+0x141/0x180 [ 15.838372] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.838400] kasan_check_range+0x10c/0x1c0 [ 15.838436] __kasan_check_write+0x18/0x20 [ 15.838457] kasan_atomics_helper+0x8f9/0x5450 [ 15.838482] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.838506] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.838532] ? trace_hardirqs_on+0x37/0xe0 [ 15.838570] ? kasan_atomics+0x152/0x310 [ 15.838597] kasan_atomics+0x1dc/0x310 [ 15.838621] ? __pfx_kasan_atomics+0x10/0x10 [ 15.838645] ? __pfx_kasan_atomics+0x10/0x10 [ 15.838674] kunit_try_run_case+0x1a5/0x480 [ 15.838699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.838723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.838749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.838774] ? __kthread_parkme+0x82/0x180 [ 15.838796] ? preempt_count_sub+0x50/0x80 [ 15.838823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.838849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.838875] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.838903] kthread+0x337/0x6f0 [ 15.838923] ? trace_preempt_on+0x20/0xc0 [ 15.838946] ? __pfx_kthread+0x10/0x10 [ 15.838968] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.838992] ? calculate_sigpending+0x7b/0xa0 [ 15.839017] ? __pfx_kthread+0x10/0x10 [ 15.839040] ret_from_fork+0x116/0x1d0 [ 15.839060] ? __pfx_kthread+0x10/0x10 [ 15.839082] ret_from_fork_asm+0x1a/0x30 [ 15.839115] </TASK> [ 15.839126] [ 15.851510] Allocated by task 282: [ 15.851670] kasan_save_stack+0x45/0x70 [ 15.852069] kasan_save_track+0x18/0x40 [ 15.852412] kasan_save_alloc_info+0x3b/0x50 [ 15.852724] __kasan_kmalloc+0xb7/0xc0 [ 15.853044] __kmalloc_cache_noprof+0x189/0x420 [ 15.853427] kasan_atomics+0x95/0x310 [ 15.853818] kunit_try_run_case+0x1a5/0x480 [ 15.854123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.854572] kthread+0x337/0x6f0 [ 15.854828] ret_from_fork+0x116/0x1d0 [ 15.855029] ret_from_fork_asm+0x1a/0x30 [ 15.855435] [ 15.855638] The buggy address belongs to the object at ffff888102a5fe80 [ 15.855638] which belongs to the cache kmalloc-64 of size 64 [ 15.856134] The buggy address is located 0 bytes to the right of [ 15.856134] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.856899] [ 15.857005] The buggy address belongs to the physical page: [ 15.857302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.857754] flags: 0x200000000000000(node=0|zone=2) [ 15.857994] page_type: f5(slab) [ 15.858147] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.858724] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.859036] page dumped because: kasan: bad access detected [ 15.859374] [ 15.859479] Memory state around the buggy address: [ 15.859683] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.860032] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.860629] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.860907] ^ [ 15.861165] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.861585] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.861869] ================================================================== [ 16.566563] ================================================================== [ 16.566890] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 16.567209] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.567599] [ 16.567699] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.567764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.567777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.567799] Call Trace: [ 16.567812] <TASK> [ 16.567826] dump_stack_lvl+0x73/0xb0 [ 16.567855] print_report+0xd1/0x610 [ 16.567878] ? __virt_addr_valid+0x1db/0x2d0 [ 16.567921] ? kasan_atomics_helper+0x177f/0x5450 [ 16.567945] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.567971] ? kasan_atomics_helper+0x177f/0x5450 [ 16.567995] kasan_report+0x141/0x180 [ 16.568018] ? kasan_atomics_helper+0x177f/0x5450 [ 16.568046] kasan_check_range+0x10c/0x1c0 [ 16.568095] __kasan_check_write+0x18/0x20 [ 16.568117] kasan_atomics_helper+0x177f/0x5450 [ 16.568142] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.568167] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.568193] ? trace_hardirqs_on+0x37/0xe0 [ 16.568217] ? kasan_atomics+0x152/0x310 [ 16.568264] kasan_atomics+0x1dc/0x310 [ 16.568288] ? __pfx_kasan_atomics+0x10/0x10 [ 16.568314] ? __pfx_kasan_atomics+0x10/0x10 [ 16.568342] kunit_try_run_case+0x1a5/0x480 [ 16.568368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.568393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.568446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.568471] ? __kthread_parkme+0x82/0x180 [ 16.568493] ? preempt_count_sub+0x50/0x80 [ 16.568518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.568543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.568581] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.568608] kthread+0x337/0x6f0 [ 16.568628] ? trace_preempt_on+0x20/0xc0 [ 16.568652] ? __pfx_kthread+0x10/0x10 [ 16.568674] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.568698] ? calculate_sigpending+0x7b/0xa0 [ 16.568723] ? __pfx_kthread+0x10/0x10 [ 16.568745] ret_from_fork+0x116/0x1d0 [ 16.568765] ? __pfx_kthread+0x10/0x10 [ 16.568787] ret_from_fork_asm+0x1a/0x30 [ 16.568819] </TASK> [ 16.568830] [ 16.582894] Allocated by task 282: [ 16.583042] kasan_save_stack+0x45/0x70 [ 16.583254] kasan_save_track+0x18/0x40 [ 16.583446] kasan_save_alloc_info+0x3b/0x50 [ 16.583734] __kasan_kmalloc+0xb7/0xc0 [ 16.583901] __kmalloc_cache_noprof+0x189/0x420 [ 16.584112] kasan_atomics+0x95/0x310 [ 16.584249] kunit_try_run_case+0x1a5/0x480 [ 16.584459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.584809] kthread+0x337/0x6f0 [ 16.584980] ret_from_fork+0x116/0x1d0 [ 16.585149] ret_from_fork_asm+0x1a/0x30 [ 16.585292] [ 16.585366] The buggy address belongs to the object at ffff888102a5fe80 [ 16.585366] which belongs to the cache kmalloc-64 of size 64 [ 16.585893] The buggy address is located 0 bytes to the right of [ 16.585893] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.586347] [ 16.586435] The buggy address belongs to the physical page: [ 16.586705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.587078] flags: 0x200000000000000(node=0|zone=2) [ 16.587319] page_type: f5(slab) [ 16.587495] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.587816] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.588074] page dumped because: kasan: bad access detected [ 16.588328] [ 16.588430] Memory state around the buggy address: [ 16.588645] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.588863] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.589109] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.589422] ^ [ 16.589686] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.589905] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.590121] ================================================================== [ 16.937489] ================================================================== [ 16.937801] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.938077] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.938488] [ 16.938601] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.938644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.938657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.938699] Call Trace: [ 16.938713] <TASK> [ 16.938728] dump_stack_lvl+0x73/0xb0 [ 16.938755] print_report+0xd1/0x610 [ 16.938778] ? __virt_addr_valid+0x1db/0x2d0 [ 16.938802] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.938824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.938869] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.938893] kasan_report+0x141/0x180 [ 16.938916] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.938961] kasan_check_range+0x10c/0x1c0 [ 16.938986] __kasan_check_write+0x18/0x20 [ 16.939007] kasan_atomics_helper+0x20c8/0x5450 [ 16.939032] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.939057] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.939083] ? trace_hardirqs_on+0x37/0xe0 [ 16.939122] ? kasan_atomics+0x152/0x310 [ 16.939163] kasan_atomics+0x1dc/0x310 [ 16.939200] ? __pfx_kasan_atomics+0x10/0x10 [ 16.939225] ? __pfx_kasan_atomics+0x10/0x10 [ 16.939280] kunit_try_run_case+0x1a5/0x480 [ 16.939306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.939331] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.939356] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.939382] ? __kthread_parkme+0x82/0x180 [ 16.939425] ? preempt_count_sub+0x50/0x80 [ 16.939450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.939477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.939503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.939530] kthread+0x337/0x6f0 [ 16.939559] ? trace_preempt_on+0x20/0xc0 [ 16.939583] ? __pfx_kthread+0x10/0x10 [ 16.939605] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.939628] ? calculate_sigpending+0x7b/0xa0 [ 16.939653] ? __pfx_kthread+0x10/0x10 [ 16.939676] ret_from_fork+0x116/0x1d0 [ 16.939697] ? __pfx_kthread+0x10/0x10 [ 16.939719] ret_from_fork_asm+0x1a/0x30 [ 16.939750] </TASK> [ 16.939760] [ 16.947365] Allocated by task 282: [ 16.947612] kasan_save_stack+0x45/0x70 [ 16.947850] kasan_save_track+0x18/0x40 [ 16.948076] kasan_save_alloc_info+0x3b/0x50 [ 16.948335] __kasan_kmalloc+0xb7/0xc0 [ 16.948548] __kmalloc_cache_noprof+0x189/0x420 [ 16.948759] kasan_atomics+0x95/0x310 [ 16.948894] kunit_try_run_case+0x1a5/0x480 [ 16.949042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.949305] kthread+0x337/0x6f0 [ 16.949519] ret_from_fork+0x116/0x1d0 [ 16.949742] ret_from_fork_asm+0x1a/0x30 [ 16.949980] [ 16.950080] The buggy address belongs to the object at ffff888102a5fe80 [ 16.950080] which belongs to the cache kmalloc-64 of size 64 [ 16.950676] The buggy address is located 0 bytes to the right of [ 16.950676] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.951096] [ 16.951172] The buggy address belongs to the physical page: [ 16.951435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.951798] flags: 0x200000000000000(node=0|zone=2) [ 16.952035] page_type: f5(slab) [ 16.952218] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.952595] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.952842] page dumped because: kasan: bad access detected [ 16.953013] [ 16.953084] Memory state around the buggy address: [ 16.953261] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.953640] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.953972] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.954281] ^ [ 16.954546] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.954851] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.955166] ================================================================== [ 16.647997] ================================================================== [ 16.648655] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 16.648954] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.649250] [ 16.649365] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.649415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.649428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.649450] Call Trace: [ 16.649463] <TASK> [ 16.649500] dump_stack_lvl+0x73/0xb0 [ 16.649528] print_report+0xd1/0x610 [ 16.649560] ? __virt_addr_valid+0x1db/0x2d0 [ 16.649583] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.649606] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.649631] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.649654] kasan_report+0x141/0x180 [ 16.649678] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.649706] kasan_check_range+0x10c/0x1c0 [ 16.649731] __kasan_check_write+0x18/0x20 [ 16.649752] kasan_atomics_helper+0x19e3/0x5450 [ 16.649776] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.649801] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.649827] ? trace_hardirqs_on+0x37/0xe0 [ 16.649850] ? kasan_atomics+0x152/0x310 [ 16.649878] kasan_atomics+0x1dc/0x310 [ 16.649902] ? __pfx_kasan_atomics+0x10/0x10 [ 16.649927] ? __pfx_kasan_atomics+0x10/0x10 [ 16.649957] kunit_try_run_case+0x1a5/0x480 [ 16.649983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.650009] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.650034] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.650061] ? __kthread_parkme+0x82/0x180 [ 16.650082] ? preempt_count_sub+0x50/0x80 [ 16.650107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.650133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.650179] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.650207] kthread+0x337/0x6f0 [ 16.650228] ? trace_preempt_on+0x20/0xc0 [ 16.650252] ? __pfx_kthread+0x10/0x10 [ 16.650274] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.650297] ? calculate_sigpending+0x7b/0xa0 [ 16.650322] ? __pfx_kthread+0x10/0x10 [ 16.650345] ret_from_fork+0x116/0x1d0 [ 16.650365] ? __pfx_kthread+0x10/0x10 [ 16.650387] ret_from_fork_asm+0x1a/0x30 [ 16.650431] </TASK> [ 16.650444] [ 16.657908] Allocated by task 282: [ 16.658080] kasan_save_stack+0x45/0x70 [ 16.658275] kasan_save_track+0x18/0x40 [ 16.658474] kasan_save_alloc_info+0x3b/0x50 [ 16.658713] __kasan_kmalloc+0xb7/0xc0 [ 16.658875] __kmalloc_cache_noprof+0x189/0x420 [ 16.659036] kasan_atomics+0x95/0x310 [ 16.659242] kunit_try_run_case+0x1a5/0x480 [ 16.659485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.659680] kthread+0x337/0x6f0 [ 16.659802] ret_from_fork+0x116/0x1d0 [ 16.659937] ret_from_fork_asm+0x1a/0x30 [ 16.660085] [ 16.660178] The buggy address belongs to the object at ffff888102a5fe80 [ 16.660178] which belongs to the cache kmalloc-64 of size 64 [ 16.660708] The buggy address is located 0 bytes to the right of [ 16.660708] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.661273] [ 16.661368] The buggy address belongs to the physical page: [ 16.661636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.661879] flags: 0x200000000000000(node=0|zone=2) [ 16.662064] page_type: f5(slab) [ 16.662230] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.662866] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.663354] page dumped because: kasan: bad access detected [ 16.663967] [ 16.664046] Memory state around the buggy address: [ 16.664681] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.665063] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.665521] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.665941] ^ [ 16.666266] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.666649] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.667209] ================================================================== [ 16.182318] ================================================================== [ 16.182687] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 16.183074] Read of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.183479] [ 16.183637] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.183692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.183705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.183726] Call Trace: [ 16.183769] <TASK> [ 16.183786] dump_stack_lvl+0x73/0xb0 [ 16.183814] print_report+0xd1/0x610 [ 16.183848] ? __virt_addr_valid+0x1db/0x2d0 [ 16.183871] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.183894] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.183945] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.183969] kasan_report+0x141/0x180 [ 16.183992] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.184031] __asan_report_load4_noabort+0x18/0x20 [ 16.184081] kasan_atomics_helper+0x4a1c/0x5450 [ 16.184115] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.184140] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.184176] ? trace_hardirqs_on+0x37/0xe0 [ 16.184200] ? kasan_atomics+0x152/0x310 [ 16.184227] kasan_atomics+0x1dc/0x310 [ 16.184251] ? __pfx_kasan_atomics+0x10/0x10 [ 16.184276] ? __pfx_kasan_atomics+0x10/0x10 [ 16.184304] kunit_try_run_case+0x1a5/0x480 [ 16.184345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.184384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.184440] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.184466] ? __kthread_parkme+0x82/0x180 [ 16.184488] ? preempt_count_sub+0x50/0x80 [ 16.184524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.184558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.184586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.184613] kthread+0x337/0x6f0 [ 16.184632] ? trace_preempt_on+0x20/0xc0 [ 16.184656] ? __pfx_kthread+0x10/0x10 [ 16.184677] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.184701] ? calculate_sigpending+0x7b/0xa0 [ 16.184727] ? __pfx_kthread+0x10/0x10 [ 16.184749] ret_from_fork+0x116/0x1d0 [ 16.184769] ? __pfx_kthread+0x10/0x10 [ 16.184790] ret_from_fork_asm+0x1a/0x30 [ 16.184822] </TASK> [ 16.184833] [ 16.192692] Allocated by task 282: [ 16.192907] kasan_save_stack+0x45/0x70 [ 16.193052] kasan_save_track+0x18/0x40 [ 16.193186] kasan_save_alloc_info+0x3b/0x50 [ 16.193449] __kasan_kmalloc+0xb7/0xc0 [ 16.193681] __kmalloc_cache_noprof+0x189/0x420 [ 16.193946] kasan_atomics+0x95/0x310 [ 16.194179] kunit_try_run_case+0x1a5/0x480 [ 16.194450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.194715] kthread+0x337/0x6f0 [ 16.194869] ret_from_fork+0x116/0x1d0 [ 16.195710] ret_from_fork_asm+0x1a/0x30 [ 16.196024] [ 16.196149] The buggy address belongs to the object at ffff888102a5fe80 [ 16.196149] which belongs to the cache kmalloc-64 of size 64 [ 16.197061] The buggy address is located 0 bytes to the right of [ 16.197061] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.197819] [ 16.198149] The buggy address belongs to the physical page: [ 16.198391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.198899] flags: 0x200000000000000(node=0|zone=2) [ 16.199256] page_type: f5(slab) [ 16.199580] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.199895] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.200243] page dumped because: kasan: bad access detected [ 16.200760] [ 16.200844] Memory state around the buggy address: [ 16.201308] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.201811] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.202271] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.202743] ^ [ 16.203097] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.203559] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.203943] ================================================================== [ 16.955827] ================================================================== [ 16.956218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.956631] Read of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.956945] [ 16.957075] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.957119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.957131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.957152] Call Trace: [ 16.957168] <TASK> [ 16.957184] dump_stack_lvl+0x73/0xb0 [ 16.957212] print_report+0xd1/0x610 [ 16.957254] ? __virt_addr_valid+0x1db/0x2d0 [ 16.957278] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.957301] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.957326] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.957350] kasan_report+0x141/0x180 [ 16.957372] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.957440] __asan_report_load8_noabort+0x18/0x20 [ 16.957467] kasan_atomics_helper+0x4fb2/0x5450 [ 16.957490] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.957515] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.957541] ? trace_hardirqs_on+0x37/0xe0 [ 16.957592] ? kasan_atomics+0x152/0x310 [ 16.957620] kasan_atomics+0x1dc/0x310 [ 16.957644] ? __pfx_kasan_atomics+0x10/0x10 [ 16.957669] ? __pfx_kasan_atomics+0x10/0x10 [ 16.957698] kunit_try_run_case+0x1a5/0x480 [ 16.957724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.957749] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.957776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.957803] ? __kthread_parkme+0x82/0x180 [ 16.957825] ? preempt_count_sub+0x50/0x80 [ 16.957851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.957877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.957903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.957946] kthread+0x337/0x6f0 [ 16.957967] ? trace_preempt_on+0x20/0xc0 [ 16.958005] ? __pfx_kthread+0x10/0x10 [ 16.958026] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.958050] ? calculate_sigpending+0x7b/0xa0 [ 16.958076] ? __pfx_kthread+0x10/0x10 [ 16.958099] ret_from_fork+0x116/0x1d0 [ 16.958119] ? __pfx_kthread+0x10/0x10 [ 16.958140] ret_from_fork_asm+0x1a/0x30 [ 16.958172] </TASK> [ 16.958183] [ 16.965685] Allocated by task 282: [ 16.965862] kasan_save_stack+0x45/0x70 [ 16.966059] kasan_save_track+0x18/0x40 [ 16.966249] kasan_save_alloc_info+0x3b/0x50 [ 16.966462] __kasan_kmalloc+0xb7/0xc0 [ 16.966692] __kmalloc_cache_noprof+0x189/0x420 [ 16.966896] kasan_atomics+0x95/0x310 [ 16.967029] kunit_try_run_case+0x1a5/0x480 [ 16.967171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.967360] kthread+0x337/0x6f0 [ 16.967589] ret_from_fork+0x116/0x1d0 [ 16.967816] ret_from_fork_asm+0x1a/0x30 [ 16.968039] [ 16.968173] The buggy address belongs to the object at ffff888102a5fe80 [ 16.968173] which belongs to the cache kmalloc-64 of size 64 [ 16.968806] The buggy address is located 0 bytes to the right of [ 16.968806] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.969330] [ 16.969482] The buggy address belongs to the physical page: [ 16.969768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.970113] flags: 0x200000000000000(node=0|zone=2) [ 16.970339] page_type: f5(slab) [ 16.970532] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.970836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.971055] page dumped because: kasan: bad access detected [ 16.971220] [ 16.971288] Memory state around the buggy address: [ 16.971506] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.971855] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.972221] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.972626] ^ [ 16.972864] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.973172] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.973534] ================================================================== [ 16.609381] ================================================================== [ 16.609827] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 16.610179] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.610628] [ 16.610739] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.610782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.610794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.610815] Call Trace: [ 16.610830] <TASK> [ 16.610882] dump_stack_lvl+0x73/0xb0 [ 16.610912] print_report+0xd1/0x610 [ 16.610935] ? __virt_addr_valid+0x1db/0x2d0 [ 16.610959] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.611013] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.611040] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.611063] kasan_report+0x141/0x180 [ 16.611086] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.611114] kasan_check_range+0x10c/0x1c0 [ 16.611169] __kasan_check_write+0x18/0x20 [ 16.611191] kasan_atomics_helper+0x18b1/0x5450 [ 16.611215] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.611240] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.611267] ? trace_hardirqs_on+0x37/0xe0 [ 16.611325] ? kasan_atomics+0x152/0x310 [ 16.611353] kasan_atomics+0x1dc/0x310 [ 16.611377] ? __pfx_kasan_atomics+0x10/0x10 [ 16.611431] ? __pfx_kasan_atomics+0x10/0x10 [ 16.611460] kunit_try_run_case+0x1a5/0x480 [ 16.611487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.611513] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.611539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.611603] ? __kthread_parkme+0x82/0x180 [ 16.611651] ? preempt_count_sub+0x50/0x80 [ 16.611723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.611750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.611822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.611850] kthread+0x337/0x6f0 [ 16.611871] ? trace_preempt_on+0x20/0xc0 [ 16.611895] ? __pfx_kthread+0x10/0x10 [ 16.611917] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.611939] ? calculate_sigpending+0x7b/0xa0 [ 16.611965] ? __pfx_kthread+0x10/0x10 [ 16.611988] ret_from_fork+0x116/0x1d0 [ 16.612007] ? __pfx_kthread+0x10/0x10 [ 16.612030] ret_from_fork_asm+0x1a/0x30 [ 16.612066] </TASK> [ 16.612077] [ 16.620252] Allocated by task 282: [ 16.620484] kasan_save_stack+0x45/0x70 [ 16.620699] kasan_save_track+0x18/0x40 [ 16.620896] kasan_save_alloc_info+0x3b/0x50 [ 16.621105] __kasan_kmalloc+0xb7/0xc0 [ 16.621253] __kmalloc_cache_noprof+0x189/0x420 [ 16.621497] kasan_atomics+0x95/0x310 [ 16.621733] kunit_try_run_case+0x1a5/0x480 [ 16.621949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.622212] kthread+0x337/0x6f0 [ 16.622412] ret_from_fork+0x116/0x1d0 [ 16.622626] ret_from_fork_asm+0x1a/0x30 [ 16.622785] [ 16.622857] The buggy address belongs to the object at ffff888102a5fe80 [ 16.622857] which belongs to the cache kmalloc-64 of size 64 [ 16.623255] The buggy address is located 0 bytes to the right of [ 16.623255] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.623845] [ 16.623944] The buggy address belongs to the physical page: [ 16.624190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.624450] flags: 0x200000000000000(node=0|zone=2) [ 16.624650] page_type: f5(slab) [ 16.624885] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.625289] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.625642] page dumped because: kasan: bad access detected [ 16.625891] [ 16.625988] Memory state around the buggy address: [ 16.626243] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.626588] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.626908] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.627216] ^ [ 16.627487] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.627809] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.628148] ================================================================== [ 15.697707] ================================================================== [ 15.697951] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.698191] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.698474] [ 15.698610] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.698655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.698668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.698689] Call Trace: [ 15.698707] <TASK> [ 15.698725] dump_stack_lvl+0x73/0xb0 [ 15.698753] print_report+0xd1/0x610 [ 15.698776] ? __virt_addr_valid+0x1db/0x2d0 [ 15.698800] ? kasan_atomics_helper+0x565/0x5450 [ 15.698823] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.698848] ? kasan_atomics_helper+0x565/0x5450 [ 15.698871] kasan_report+0x141/0x180 [ 15.698895] ? kasan_atomics_helper+0x565/0x5450 [ 15.698923] kasan_check_range+0x10c/0x1c0 [ 15.698948] __kasan_check_write+0x18/0x20 [ 15.698969] kasan_atomics_helper+0x565/0x5450 [ 15.698993] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.699017] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.699045] ? trace_hardirqs_on+0x37/0xe0 [ 15.699070] ? kasan_atomics+0x152/0x310 [ 15.699098] kasan_atomics+0x1dc/0x310 [ 15.699122] ? __pfx_kasan_atomics+0x10/0x10 [ 15.699146] ? __pfx_kasan_atomics+0x10/0x10 [ 15.699175] kunit_try_run_case+0x1a5/0x480 [ 15.699201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.699226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.699252] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.699277] ? __kthread_parkme+0x82/0x180 [ 15.699299] ? preempt_count_sub+0x50/0x80 [ 15.699325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.699352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.699378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.699405] kthread+0x337/0x6f0 [ 15.699425] ? trace_preempt_on+0x20/0xc0 [ 15.699449] ? __pfx_kthread+0x10/0x10 [ 15.699471] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.699494] ? calculate_sigpending+0x7b/0xa0 [ 15.699520] ? __pfx_kthread+0x10/0x10 [ 15.699543] ret_from_fork+0x116/0x1d0 [ 15.699574] ? __pfx_kthread+0x10/0x10 [ 15.699596] ret_from_fork_asm+0x1a/0x30 [ 15.699628] </TASK> [ 15.699639] [ 15.707637] Allocated by task 282: [ 15.707801] kasan_save_stack+0x45/0x70 [ 15.707948] kasan_save_track+0x18/0x40 [ 15.708089] kasan_save_alloc_info+0x3b/0x50 [ 15.708412] __kasan_kmalloc+0xb7/0xc0 [ 15.708640] __kmalloc_cache_noprof+0x189/0x420 [ 15.709151] kasan_atomics+0x95/0x310 [ 15.709496] kunit_try_run_case+0x1a5/0x480 [ 15.709666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.709861] kthread+0x337/0x6f0 [ 15.710031] ret_from_fork+0x116/0x1d0 [ 15.710221] ret_from_fork_asm+0x1a/0x30 [ 15.710471] [ 15.710588] The buggy address belongs to the object at ffff888102a5fe80 [ 15.710588] which belongs to the cache kmalloc-64 of size 64 [ 15.711064] The buggy address is located 0 bytes to the right of [ 15.711064] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.711524] [ 15.711685] The buggy address belongs to the physical page: [ 15.711940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.712295] flags: 0x200000000000000(node=0|zone=2) [ 15.712471] page_type: f5(slab) [ 15.712605] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.712840] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.713640] page dumped because: kasan: bad access detected [ 15.713941] [ 15.714039] Memory state around the buggy address: [ 15.714442] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.714778] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.715059] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.715431] ^ [ 15.715650] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.715889] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.716111] ================================================================== [ 16.025362] ================================================================== [ 16.025928] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 16.026391] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.026863] [ 16.026995] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.027039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.027052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.027074] Call Trace: [ 16.027086] <TASK> [ 16.027100] dump_stack_lvl+0x73/0xb0 [ 16.027131] print_report+0xd1/0x610 [ 16.027154] ? __virt_addr_valid+0x1db/0x2d0 [ 16.027178] ? kasan_atomics_helper+0xde0/0x5450 [ 16.027202] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.027228] ? kasan_atomics_helper+0xde0/0x5450 [ 16.027251] kasan_report+0x141/0x180 [ 16.027274] ? kasan_atomics_helper+0xde0/0x5450 [ 16.027302] kasan_check_range+0x10c/0x1c0 [ 16.027327] __kasan_check_write+0x18/0x20 [ 16.027359] kasan_atomics_helper+0xde0/0x5450 [ 16.027385] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.027409] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.027448] ? trace_hardirqs_on+0x37/0xe0 [ 16.027473] ? kasan_atomics+0x152/0x310 [ 16.027501] kasan_atomics+0x1dc/0x310 [ 16.027525] ? __pfx_kasan_atomics+0x10/0x10 [ 16.027559] ? __pfx_kasan_atomics+0x10/0x10 [ 16.027587] kunit_try_run_case+0x1a5/0x480 [ 16.027614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.027639] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.027664] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.027690] ? __kthread_parkme+0x82/0x180 [ 16.027724] ? preempt_count_sub+0x50/0x80 [ 16.027749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.027775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.027803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.027832] kthread+0x337/0x6f0 [ 16.027852] ? trace_preempt_on+0x20/0xc0 [ 16.027876] ? __pfx_kthread+0x10/0x10 [ 16.027898] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.027922] ? calculate_sigpending+0x7b/0xa0 [ 16.027947] ? __pfx_kthread+0x10/0x10 [ 16.027970] ret_from_fork+0x116/0x1d0 [ 16.027990] ? __pfx_kthread+0x10/0x10 [ 16.028013] ret_from_fork_asm+0x1a/0x30 [ 16.028045] </TASK> [ 16.028063] [ 16.036053] Allocated by task 282: [ 16.036242] kasan_save_stack+0x45/0x70 [ 16.036460] kasan_save_track+0x18/0x40 [ 16.036641] kasan_save_alloc_info+0x3b/0x50 [ 16.036861] __kasan_kmalloc+0xb7/0xc0 [ 16.037015] __kmalloc_cache_noprof+0x189/0x420 [ 16.037175] kasan_atomics+0x95/0x310 [ 16.037388] kunit_try_run_case+0x1a5/0x480 [ 16.037615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.037953] kthread+0x337/0x6f0 [ 16.038075] ret_from_fork+0x116/0x1d0 [ 16.038438] ret_from_fork_asm+0x1a/0x30 [ 16.038654] [ 16.038755] The buggy address belongs to the object at ffff888102a5fe80 [ 16.038755] which belongs to the cache kmalloc-64 of size 64 [ 16.039232] The buggy address is located 0 bytes to the right of [ 16.039232] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.039773] [ 16.039846] The buggy address belongs to the physical page: [ 16.040020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.040280] flags: 0x200000000000000(node=0|zone=2) [ 16.040519] page_type: f5(slab) [ 16.040713] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.041057] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.041392] page dumped because: kasan: bad access detected [ 16.041665] [ 16.041782] Memory state around the buggy address: [ 16.041940] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.042157] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.042465] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.042810] ^ [ 16.043049] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.043370] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.043693] ================================================================== [ 16.205062] ================================================================== [ 16.205443] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 16.205918] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.206542] [ 16.206800] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.206968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.206983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.207018] Call Trace: [ 16.207036] <TASK> [ 16.207052] dump_stack_lvl+0x73/0xb0 [ 16.207082] print_report+0xd1/0x610 [ 16.207106] ? __virt_addr_valid+0x1db/0x2d0 [ 16.207130] ? kasan_atomics_helper+0x1148/0x5450 [ 16.207153] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.207178] ? kasan_atomics_helper+0x1148/0x5450 [ 16.207202] kasan_report+0x141/0x180 [ 16.207225] ? kasan_atomics_helper+0x1148/0x5450 [ 16.207253] kasan_check_range+0x10c/0x1c0 [ 16.207278] __kasan_check_write+0x18/0x20 [ 16.207298] kasan_atomics_helper+0x1148/0x5450 [ 16.207323] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.207347] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.207373] ? trace_hardirqs_on+0x37/0xe0 [ 16.207420] ? kasan_atomics+0x152/0x310 [ 16.207448] kasan_atomics+0x1dc/0x310 [ 16.207472] ? __pfx_kasan_atomics+0x10/0x10 [ 16.207497] ? __pfx_kasan_atomics+0x10/0x10 [ 16.207526] kunit_try_run_case+0x1a5/0x480 [ 16.207563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.207588] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.207614] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.207640] ? __kthread_parkme+0x82/0x180 [ 16.207662] ? preempt_count_sub+0x50/0x80 [ 16.207687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.207713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.207739] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.207767] kthread+0x337/0x6f0 [ 16.207787] ? trace_preempt_on+0x20/0xc0 [ 16.207811] ? __pfx_kthread+0x10/0x10 [ 16.207833] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.207856] ? calculate_sigpending+0x7b/0xa0 [ 16.207882] ? __pfx_kthread+0x10/0x10 [ 16.207905] ret_from_fork+0x116/0x1d0 [ 16.207926] ? __pfx_kthread+0x10/0x10 [ 16.207948] ret_from_fork_asm+0x1a/0x30 [ 16.207980] </TASK> [ 16.207991] [ 16.218864] Allocated by task 282: [ 16.219242] kasan_save_stack+0x45/0x70 [ 16.219573] kasan_save_track+0x18/0x40 [ 16.219869] kasan_save_alloc_info+0x3b/0x50 [ 16.220184] __kasan_kmalloc+0xb7/0xc0 [ 16.220494] __kmalloc_cache_noprof+0x189/0x420 [ 16.220828] kasan_atomics+0x95/0x310 [ 16.221016] kunit_try_run_case+0x1a5/0x480 [ 16.221207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.221668] kthread+0x337/0x6f0 [ 16.221924] ret_from_fork+0x116/0x1d0 [ 16.222198] ret_from_fork_asm+0x1a/0x30 [ 16.222538] [ 16.222761] The buggy address belongs to the object at ffff888102a5fe80 [ 16.222761] which belongs to the cache kmalloc-64 of size 64 [ 16.223333] The buggy address is located 0 bytes to the right of [ 16.223333] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.224099] [ 16.224345] The buggy address belongs to the physical page: [ 16.224651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.225089] flags: 0x200000000000000(node=0|zone=2) [ 16.225419] page_type: f5(slab) [ 16.225719] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.226051] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.226367] page dumped because: kasan: bad access detected [ 16.226854] [ 16.227056] Memory state around the buggy address: [ 16.227347] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.227822] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.228251] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.228709] ^ [ 16.228926] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.229220] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.229769] ================================================================== [ 16.782522] ================================================================== [ 16.782861] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.783325] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.783673] [ 16.783787] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.783830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.783844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.783865] Call Trace: [ 16.783880] <TASK> [ 16.783897] dump_stack_lvl+0x73/0xb0 [ 16.783924] print_report+0xd1/0x610 [ 16.783947] ? __virt_addr_valid+0x1db/0x2d0 [ 16.783971] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.783994] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.784019] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.784042] kasan_report+0x141/0x180 [ 16.784070] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.784098] kasan_check_range+0x10c/0x1c0 [ 16.784123] __kasan_check_write+0x18/0x20 [ 16.784144] kasan_atomics_helper+0x1e12/0x5450 [ 16.784168] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.784193] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.784219] ? trace_hardirqs_on+0x37/0xe0 [ 16.784241] ? kasan_atomics+0x152/0x310 [ 16.784269] kasan_atomics+0x1dc/0x310 [ 16.784293] ? __pfx_kasan_atomics+0x10/0x10 [ 16.784318] ? __pfx_kasan_atomics+0x10/0x10 [ 16.784346] kunit_try_run_case+0x1a5/0x480 [ 16.784373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.784398] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.784435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.784460] ? __kthread_parkme+0x82/0x180 [ 16.784483] ? preempt_count_sub+0x50/0x80 [ 16.784508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.784534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.784570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.784597] kthread+0x337/0x6f0 [ 16.784618] ? trace_preempt_on+0x20/0xc0 [ 16.784642] ? __pfx_kthread+0x10/0x10 [ 16.784664] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.784687] ? calculate_sigpending+0x7b/0xa0 [ 16.784712] ? __pfx_kthread+0x10/0x10 [ 16.784735] ret_from_fork+0x116/0x1d0 [ 16.784756] ? __pfx_kthread+0x10/0x10 [ 16.784777] ret_from_fork_asm+0x1a/0x30 [ 16.784808] </TASK> [ 16.784819] [ 16.795178] Allocated by task 282: [ 16.795492] kasan_save_stack+0x45/0x70 [ 16.795859] kasan_save_track+0x18/0x40 [ 16.796216] kasan_save_alloc_info+0x3b/0x50 [ 16.796635] __kasan_kmalloc+0xb7/0xc0 [ 16.796990] __kmalloc_cache_noprof+0x189/0x420 [ 16.797392] kasan_atomics+0x95/0x310 [ 16.797751] kunit_try_run_case+0x1a5/0x480 [ 16.798131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.798627] kthread+0x337/0x6f0 [ 16.798927] ret_from_fork+0x116/0x1d0 [ 16.799271] ret_from_fork_asm+0x1a/0x30 [ 16.799668] [ 16.799833] The buggy address belongs to the object at ffff888102a5fe80 [ 16.799833] which belongs to the cache kmalloc-64 of size 64 [ 16.800877] The buggy address is located 0 bytes to the right of [ 16.800877] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.801940] [ 16.802104] The buggy address belongs to the physical page: [ 16.802599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.803268] flags: 0x200000000000000(node=0|zone=2) [ 16.803769] page_type: f5(slab) [ 16.804077] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.804916] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.805318] page dumped because: kasan: bad access detected [ 16.805538] [ 16.805709] Memory state around the buggy address: [ 16.806125] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.806818] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.807459] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.808068] ^ [ 16.808257] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.808505] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.809101] ================================================================== [ 16.810084] ================================================================== [ 16.811248] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.812000] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.812361] [ 16.812483] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.812528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.812542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.812574] Call Trace: [ 16.812589] <TASK> [ 16.812604] dump_stack_lvl+0x73/0xb0 [ 16.812631] print_report+0xd1/0x610 [ 16.812654] ? __virt_addr_valid+0x1db/0x2d0 [ 16.812677] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.812700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.812725] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.812749] kasan_report+0x141/0x180 [ 16.812772] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.812800] kasan_check_range+0x10c/0x1c0 [ 16.812825] __kasan_check_write+0x18/0x20 [ 16.812846] kasan_atomics_helper+0x1eaa/0x5450 [ 16.812870] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.812895] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.812920] ? trace_hardirqs_on+0x37/0xe0 [ 16.812944] ? kasan_atomics+0x152/0x310 [ 16.812971] kasan_atomics+0x1dc/0x310 [ 16.812995] ? __pfx_kasan_atomics+0x10/0x10 [ 16.813020] ? __pfx_kasan_atomics+0x10/0x10 [ 16.813048] kunit_try_run_case+0x1a5/0x480 [ 16.813073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.813098] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.813124] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.813149] ? __kthread_parkme+0x82/0x180 [ 16.813172] ? preempt_count_sub+0x50/0x80 [ 16.813196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.813223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.813249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.813276] kthread+0x337/0x6f0 [ 16.813296] ? trace_preempt_on+0x20/0xc0 [ 16.813319] ? __pfx_kthread+0x10/0x10 [ 16.813401] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.813435] ? calculate_sigpending+0x7b/0xa0 [ 16.813460] ? __pfx_kthread+0x10/0x10 [ 16.813483] ret_from_fork+0x116/0x1d0 [ 16.813505] ? __pfx_kthread+0x10/0x10 [ 16.813526] ret_from_fork_asm+0x1a/0x30 [ 16.813568] </TASK> [ 16.813579] [ 16.822669] Allocated by task 282: [ 16.822816] kasan_save_stack+0x45/0x70 [ 16.823004] kasan_save_track+0x18/0x40 [ 16.823187] kasan_save_alloc_info+0x3b/0x50 [ 16.823378] __kasan_kmalloc+0xb7/0xc0 [ 16.823566] __kmalloc_cache_noprof+0x189/0x420 [ 16.823755] kasan_atomics+0x95/0x310 [ 16.823945] kunit_try_run_case+0x1a5/0x480 [ 16.824129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.824353] kthread+0x337/0x6f0 [ 16.824611] ret_from_fork+0x116/0x1d0 [ 16.824786] ret_from_fork_asm+0x1a/0x30 [ 16.824956] [ 16.825057] The buggy address belongs to the object at ffff888102a5fe80 [ 16.825057] which belongs to the cache kmalloc-64 of size 64 [ 16.825429] The buggy address is located 0 bytes to the right of [ 16.825429] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.825930] [ 16.826025] The buggy address belongs to the physical page: [ 16.826394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.826714] flags: 0x200000000000000(node=0|zone=2) [ 16.826885] page_type: f5(slab) [ 16.827005] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.827293] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.827725] page dumped because: kasan: bad access detected [ 16.827972] [ 16.828045] Memory state around the buggy address: [ 16.828267] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.828566] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.828840] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.829051] ^ [ 16.829220] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.831261] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.831493] ================================================================== [ 16.394899] ================================================================== [ 16.395681] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 16.396226] Read of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.396763] [ 16.396961] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.397008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.397021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.397042] Call Trace: [ 16.397058] <TASK> [ 16.397074] dump_stack_lvl+0x73/0xb0 [ 16.397103] print_report+0xd1/0x610 [ 16.397146] ? __virt_addr_valid+0x1db/0x2d0 [ 16.397170] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.397193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.397218] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.397242] kasan_report+0x141/0x180 [ 16.397265] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.397294] __asan_report_load8_noabort+0x18/0x20 [ 16.397320] kasan_atomics_helper+0x4eae/0x5450 [ 16.397345] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.397369] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.397416] ? trace_hardirqs_on+0x37/0xe0 [ 16.397441] ? kasan_atomics+0x152/0x310 [ 16.397469] kasan_atomics+0x1dc/0x310 [ 16.397492] ? __pfx_kasan_atomics+0x10/0x10 [ 16.397517] ? __pfx_kasan_atomics+0x10/0x10 [ 16.397545] kunit_try_run_case+0x1a5/0x480 [ 16.397581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.397605] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.397631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.397656] ? __kthread_parkme+0x82/0x180 [ 16.397678] ? preempt_count_sub+0x50/0x80 [ 16.397703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.397729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.397755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.397783] kthread+0x337/0x6f0 [ 16.397804] ? trace_preempt_on+0x20/0xc0 [ 16.397827] ? __pfx_kthread+0x10/0x10 [ 16.397849] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.397872] ? calculate_sigpending+0x7b/0xa0 [ 16.397898] ? __pfx_kthread+0x10/0x10 [ 16.397920] ret_from_fork+0x116/0x1d0 [ 16.397940] ? __pfx_kthread+0x10/0x10 [ 16.397961] ret_from_fork_asm+0x1a/0x30 [ 16.397993] </TASK> [ 16.398004] [ 16.409694] Allocated by task 282: [ 16.409831] kasan_save_stack+0x45/0x70 [ 16.409979] kasan_save_track+0x18/0x40 [ 16.410117] kasan_save_alloc_info+0x3b/0x50 [ 16.410267] __kasan_kmalloc+0xb7/0xc0 [ 16.410425] __kmalloc_cache_noprof+0x189/0x420 [ 16.410939] kasan_atomics+0x95/0x310 [ 16.411267] kunit_try_run_case+0x1a5/0x480 [ 16.411703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.412194] kthread+0x337/0x6f0 [ 16.412529] ret_from_fork+0x116/0x1d0 [ 16.412890] ret_from_fork_asm+0x1a/0x30 [ 16.413261] [ 16.413459] The buggy address belongs to the object at ffff888102a5fe80 [ 16.413459] which belongs to the cache kmalloc-64 of size 64 [ 16.414529] The buggy address is located 0 bytes to the right of [ 16.414529] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.414966] [ 16.415040] The buggy address belongs to the physical page: [ 16.415212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.415642] flags: 0x200000000000000(node=0|zone=2) [ 16.416085] page_type: f5(slab) [ 16.416413] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.417085] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.417761] page dumped because: kasan: bad access detected [ 16.418244] [ 16.418443] Memory state around the buggy address: [ 16.418704] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.418927] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.419149] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.419368] ^ [ 16.419917] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.420571] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.421185] ================================================================== [ 16.667841] ================================================================== [ 16.668915] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 16.669581] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.669840] [ 16.669929] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.670001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.670015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.670038] Call Trace: [ 16.670054] <TASK> [ 16.670069] dump_stack_lvl+0x73/0xb0 [ 16.670117] print_report+0xd1/0x610 [ 16.670141] ? __virt_addr_valid+0x1db/0x2d0 [ 16.670164] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.670187] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.670212] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.670236] kasan_report+0x141/0x180 [ 16.670259] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.670287] kasan_check_range+0x10c/0x1c0 [ 16.670313] __kasan_check_write+0x18/0x20 [ 16.670333] kasan_atomics_helper+0x1a7f/0x5450 [ 16.670358] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.670382] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.670407] ? trace_hardirqs_on+0x37/0xe0 [ 16.670432] ? kasan_atomics+0x152/0x310 [ 16.670459] kasan_atomics+0x1dc/0x310 [ 16.670483] ? __pfx_kasan_atomics+0x10/0x10 [ 16.670508] ? __pfx_kasan_atomics+0x10/0x10 [ 16.670537] kunit_try_run_case+0x1a5/0x480 [ 16.670573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.670628] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.670654] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.670679] ? __kthread_parkme+0x82/0x180 [ 16.670702] ? preempt_count_sub+0x50/0x80 [ 16.670728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.670756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.670784] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.670812] kthread+0x337/0x6f0 [ 16.670832] ? trace_preempt_on+0x20/0xc0 [ 16.670856] ? __pfx_kthread+0x10/0x10 [ 16.670878] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.670902] ? calculate_sigpending+0x7b/0xa0 [ 16.670927] ? __pfx_kthread+0x10/0x10 [ 16.670949] ret_from_fork+0x116/0x1d0 [ 16.670971] ? __pfx_kthread+0x10/0x10 [ 16.670993] ret_from_fork_asm+0x1a/0x30 [ 16.671026] </TASK> [ 16.671037] [ 16.682105] Allocated by task 282: [ 16.682283] kasan_save_stack+0x45/0x70 [ 16.682505] kasan_save_track+0x18/0x40 [ 16.682672] kasan_save_alloc_info+0x3b/0x50 [ 16.682847] __kasan_kmalloc+0xb7/0xc0 [ 16.682976] __kmalloc_cache_noprof+0x189/0x420 [ 16.683200] kasan_atomics+0x95/0x310 [ 16.683390] kunit_try_run_case+0x1a5/0x480 [ 16.683614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.683836] kthread+0x337/0x6f0 [ 16.684009] ret_from_fork+0x116/0x1d0 [ 16.684174] ret_from_fork_asm+0x1a/0x30 [ 16.684341] [ 16.684424] The buggy address belongs to the object at ffff888102a5fe80 [ 16.684424] which belongs to the cache kmalloc-64 of size 64 [ 16.684921] The buggy address is located 0 bytes to the right of [ 16.684921] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.685286] [ 16.685359] The buggy address belongs to the physical page: [ 16.685561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.685910] flags: 0x200000000000000(node=0|zone=2) [ 16.686134] page_type: f5(slab) [ 16.686298] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.686686] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.686909] page dumped because: kasan: bad access detected [ 16.687122] [ 16.687215] Memory state around the buggy address: [ 16.687459] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.687781] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.688080] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.688360] ^ [ 16.688584] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.688882] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.689152] ================================================================== [ 15.531075] ================================================================== [ 15.532778] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 15.533027] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.533252] [ 15.533338] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.533382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.533402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.533422] Call Trace: [ 15.533439] <TASK> [ 15.533454] dump_stack_lvl+0x73/0xb0 [ 15.533482] print_report+0xd1/0x610 [ 15.533506] ? __virt_addr_valid+0x1db/0x2d0 [ 15.533529] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.533562] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.533587] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.533611] kasan_report+0x141/0x180 [ 15.533634] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.533661] __asan_report_store4_noabort+0x1b/0x30 [ 15.533687] kasan_atomics_helper+0x4ba2/0x5450 [ 15.533711] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.533734] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.533758] ? trace_hardirqs_on+0x37/0xe0 [ 15.533781] ? kasan_atomics+0x152/0x310 [ 15.533807] kasan_atomics+0x1dc/0x310 [ 15.533829] ? __pfx_kasan_atomics+0x10/0x10 [ 15.533853] ? __pfx_kasan_atomics+0x10/0x10 [ 15.533881] kunit_try_run_case+0x1a5/0x480 [ 15.533906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.533929] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.533954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.533980] ? __kthread_parkme+0x82/0x180 [ 15.534001] ? preempt_count_sub+0x50/0x80 [ 15.534025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.534050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.534076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.534102] kthread+0x337/0x6f0 [ 15.534121] ? trace_preempt_on+0x20/0xc0 [ 15.534143] ? __pfx_kthread+0x10/0x10 [ 15.534164] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.534187] ? calculate_sigpending+0x7b/0xa0 [ 15.534211] ? __pfx_kthread+0x10/0x10 [ 15.534233] ret_from_fork+0x116/0x1d0 [ 15.534252] ? __pfx_kthread+0x10/0x10 [ 15.534272] ret_from_fork_asm+0x1a/0x30 [ 15.534303] </TASK> [ 15.534313] [ 15.545231] Allocated by task 282: [ 15.545400] kasan_save_stack+0x45/0x70 [ 15.545660] kasan_save_track+0x18/0x40 [ 15.545802] kasan_save_alloc_info+0x3b/0x50 [ 15.545952] __kasan_kmalloc+0xb7/0xc0 [ 15.546138] __kmalloc_cache_noprof+0x189/0x420 [ 15.546364] kasan_atomics+0x95/0x310 [ 15.546560] kunit_try_run_case+0x1a5/0x480 [ 15.547067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.547397] kthread+0x337/0x6f0 [ 15.547576] ret_from_fork+0x116/0x1d0 [ 15.547712] ret_from_fork_asm+0x1a/0x30 [ 15.547896] [ 15.547997] The buggy address belongs to the object at ffff888102a5fe80 [ 15.547997] which belongs to the cache kmalloc-64 of size 64 [ 15.548619] The buggy address is located 0 bytes to the right of [ 15.548619] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.549123] [ 15.549195] The buggy address belongs to the physical page: [ 15.549626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.549901] flags: 0x200000000000000(node=0|zone=2) [ 15.550065] page_type: f5(slab) [ 15.550211] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.550542] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.550920] page dumped because: kasan: bad access detected [ 15.551147] [ 15.551216] Memory state around the buggy address: [ 15.551369] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.551756] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.552177] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.552762] ^ [ 15.552993] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.553314] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.553644] ================================================================== [ 16.162909] ================================================================== [ 16.163477] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 16.163876] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.164318] [ 16.164480] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.164526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.164539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.164571] Call Trace: [ 16.164587] <TASK> [ 16.164601] dump_stack_lvl+0x73/0xb0 [ 16.164630] print_report+0xd1/0x610 [ 16.164653] ? __virt_addr_valid+0x1db/0x2d0 [ 16.164677] ? kasan_atomics_helper+0x1079/0x5450 [ 16.164699] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.164725] ? kasan_atomics_helper+0x1079/0x5450 [ 16.164759] kasan_report+0x141/0x180 [ 16.164782] ? kasan_atomics_helper+0x1079/0x5450 [ 16.164810] kasan_check_range+0x10c/0x1c0 [ 16.164847] __kasan_check_write+0x18/0x20 [ 16.164868] kasan_atomics_helper+0x1079/0x5450 [ 16.164893] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.164917] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.164943] ? trace_hardirqs_on+0x37/0xe0 [ 16.164966] ? kasan_atomics+0x152/0x310 [ 16.164994] kasan_atomics+0x1dc/0x310 [ 16.165018] ? __pfx_kasan_atomics+0x10/0x10 [ 16.165043] ? __pfx_kasan_atomics+0x10/0x10 [ 16.165071] kunit_try_run_case+0x1a5/0x480 [ 16.165096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.165121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.165146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.165172] ? __kthread_parkme+0x82/0x180 [ 16.165194] ? preempt_count_sub+0x50/0x80 [ 16.165219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.165245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.165280] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.165307] kthread+0x337/0x6f0 [ 16.165328] ? trace_preempt_on+0x20/0xc0 [ 16.165370] ? __pfx_kthread+0x10/0x10 [ 16.165392] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.165425] ? calculate_sigpending+0x7b/0xa0 [ 16.165461] ? __pfx_kthread+0x10/0x10 [ 16.165484] ret_from_fork+0x116/0x1d0 [ 16.165504] ? __pfx_kthread+0x10/0x10 [ 16.165526] ret_from_fork_asm+0x1a/0x30 [ 16.165568] </TASK> [ 16.165579] [ 16.173406] Allocated by task 282: [ 16.173606] kasan_save_stack+0x45/0x70 [ 16.173797] kasan_save_track+0x18/0x40 [ 16.173937] kasan_save_alloc_info+0x3b/0x50 [ 16.174168] __kasan_kmalloc+0xb7/0xc0 [ 16.174357] __kmalloc_cache_noprof+0x189/0x420 [ 16.174616] kasan_atomics+0x95/0x310 [ 16.174759] kunit_try_run_case+0x1a5/0x480 [ 16.174968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.175174] kthread+0x337/0x6f0 [ 16.175296] ret_from_fork+0x116/0x1d0 [ 16.175431] ret_from_fork_asm+0x1a/0x30 [ 16.175661] [ 16.175778] The buggy address belongs to the object at ffff888102a5fe80 [ 16.175778] which belongs to the cache kmalloc-64 of size 64 [ 16.176353] The buggy address is located 0 bytes to the right of [ 16.176353] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.176805] [ 16.176878] The buggy address belongs to the physical page: [ 16.177045] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.177346] flags: 0x200000000000000(node=0|zone=2) [ 16.177662] page_type: f5(slab) [ 16.177875] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.178353] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.178782] page dumped because: kasan: bad access detected [ 16.179051] [ 16.179144] Memory state around the buggy address: [ 16.179339] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.179703] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.179953] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.180164] ^ [ 16.180360] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.180802] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.181146] ================================================================== [ 16.831965] ================================================================== [ 16.832380] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.832770] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.833078] [ 16.833174] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.833219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.833233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.833255] Call Trace: [ 16.833271] <TASK> [ 16.833285] dump_stack_lvl+0x73/0xb0 [ 16.833314] print_report+0xd1/0x610 [ 16.833339] ? __virt_addr_valid+0x1db/0x2d0 [ 16.833362] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.833385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.833440] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.833467] kasan_report+0x141/0x180 [ 16.833491] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.833520] kasan_check_range+0x10c/0x1c0 [ 16.833545] __kasan_check_write+0x18/0x20 [ 16.833612] kasan_atomics_helper+0x1f43/0x5450 [ 16.833635] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.833660] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.833686] ? trace_hardirqs_on+0x37/0xe0 [ 16.833711] ? kasan_atomics+0x152/0x310 [ 16.833739] kasan_atomics+0x1dc/0x310 [ 16.833763] ? __pfx_kasan_atomics+0x10/0x10 [ 16.833788] ? __pfx_kasan_atomics+0x10/0x10 [ 16.833816] kunit_try_run_case+0x1a5/0x480 [ 16.833842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.833867] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.833892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.833918] ? __kthread_parkme+0x82/0x180 [ 16.833940] ? preempt_count_sub+0x50/0x80 [ 16.833965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.833991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.834017] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.834044] kthread+0x337/0x6f0 [ 16.834065] ? trace_preempt_on+0x20/0xc0 [ 16.834088] ? __pfx_kthread+0x10/0x10 [ 16.834109] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.834133] ? calculate_sigpending+0x7b/0xa0 [ 16.834159] ? __pfx_kthread+0x10/0x10 [ 16.834182] ret_from_fork+0x116/0x1d0 [ 16.834202] ? __pfx_kthread+0x10/0x10 [ 16.835278] ret_from_fork_asm+0x1a/0x30 [ 16.835321] </TASK> [ 16.835338] [ 16.847962] Allocated by task 282: [ 16.848103] kasan_save_stack+0x45/0x70 [ 16.848253] kasan_save_track+0x18/0x40 [ 16.848544] kasan_save_alloc_info+0x3b/0x50 [ 16.849201] __kasan_kmalloc+0xb7/0xc0 [ 16.849685] __kmalloc_cache_noprof+0x189/0x420 [ 16.850185] kasan_atomics+0x95/0x310 [ 16.850647] kunit_try_run_case+0x1a5/0x480 [ 16.851120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.851390] kthread+0x337/0x6f0 [ 16.851874] ret_from_fork+0x116/0x1d0 [ 16.852191] ret_from_fork_asm+0x1a/0x30 [ 16.852337] [ 16.852477] The buggy address belongs to the object at ffff888102a5fe80 [ 16.852477] which belongs to the cache kmalloc-64 of size 64 [ 16.853748] The buggy address is located 0 bytes to the right of [ 16.853748] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.854127] [ 16.854202] The buggy address belongs to the physical page: [ 16.854378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.855419] flags: 0x200000000000000(node=0|zone=2) [ 16.855955] page_type: f5(slab) [ 16.856378] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.857154] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.857777] page dumped because: kasan: bad access detected [ 16.857959] [ 16.858033] Memory state around the buggy address: [ 16.858192] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.858436] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.859108] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.859750] ^ [ 16.860190] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.860853] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.861486] ================================================================== [ 16.974144] ================================================================== [ 16.974567] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.974890] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.975111] [ 16.975192] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.975235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.975248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.975270] Call Trace: [ 16.975283] <TASK> [ 16.975298] dump_stack_lvl+0x73/0xb0 [ 16.975324] print_report+0xd1/0x610 [ 16.975347] ? __virt_addr_valid+0x1db/0x2d0 [ 16.975370] ? kasan_atomics_helper+0x218a/0x5450 [ 16.975436] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.975461] ? kasan_atomics_helper+0x218a/0x5450 [ 16.975484] kasan_report+0x141/0x180 [ 16.975508] ? kasan_atomics_helper+0x218a/0x5450 [ 16.975536] kasan_check_range+0x10c/0x1c0 [ 16.975588] __kasan_check_write+0x18/0x20 [ 16.975623] kasan_atomics_helper+0x218a/0x5450 [ 16.975647] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.975671] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.975697] ? trace_hardirqs_on+0x37/0xe0 [ 16.975721] ? kasan_atomics+0x152/0x310 [ 16.975748] kasan_atomics+0x1dc/0x310 [ 16.975773] ? __pfx_kasan_atomics+0x10/0x10 [ 16.975798] ? __pfx_kasan_atomics+0x10/0x10 [ 16.975826] kunit_try_run_case+0x1a5/0x480 [ 16.975852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.975876] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.975902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.975945] ? __kthread_parkme+0x82/0x180 [ 16.975967] ? preempt_count_sub+0x50/0x80 [ 16.975992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.976019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.976044] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.976078] kthread+0x337/0x6f0 [ 16.976098] ? trace_preempt_on+0x20/0xc0 [ 16.976136] ? __pfx_kthread+0x10/0x10 [ 16.976158] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.976182] ? calculate_sigpending+0x7b/0xa0 [ 16.976208] ? __pfx_kthread+0x10/0x10 [ 16.976231] ret_from_fork+0x116/0x1d0 [ 16.976251] ? __pfx_kthread+0x10/0x10 [ 16.976288] ret_from_fork_asm+0x1a/0x30 [ 16.976333] </TASK> [ 16.976344] [ 16.984188] Allocated by task 282: [ 16.984370] kasan_save_stack+0x45/0x70 [ 16.984649] kasan_save_track+0x18/0x40 [ 16.984861] kasan_save_alloc_info+0x3b/0x50 [ 16.985095] __kasan_kmalloc+0xb7/0xc0 [ 16.985288] __kmalloc_cache_noprof+0x189/0x420 [ 16.985534] kasan_atomics+0x95/0x310 [ 16.985686] kunit_try_run_case+0x1a5/0x480 [ 16.985895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.986164] kthread+0x337/0x6f0 [ 16.986583] ret_from_fork+0x116/0x1d0 [ 16.986737] ret_from_fork_asm+0x1a/0x30 [ 16.986965] [ 16.987062] The buggy address belongs to the object at ffff888102a5fe80 [ 16.987062] which belongs to the cache kmalloc-64 of size 64 [ 16.987622] The buggy address is located 0 bytes to the right of [ 16.987622] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.988143] [ 16.988259] The buggy address belongs to the physical page: [ 16.988492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.988869] flags: 0x200000000000000(node=0|zone=2) [ 16.989092] page_type: f5(slab) [ 16.989273] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.989646] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.989985] page dumped because: kasan: bad access detected [ 16.990233] [ 16.990311] Memory state around the buggy address: [ 16.990558] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.990876] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.991263] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.991641] ^ [ 16.991868] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.992189] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.992528] ================================================================== [ 16.590928] ================================================================== [ 16.591741] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 16.592097] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.592400] [ 16.592577] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.592623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.592636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.592659] Call Trace: [ 16.592676] <TASK> [ 16.592692] dump_stack_lvl+0x73/0xb0 [ 16.592720] print_report+0xd1/0x610 [ 16.592744] ? __virt_addr_valid+0x1db/0x2d0 [ 16.592767] ? kasan_atomics_helper+0x1818/0x5450 [ 16.592791] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.592816] ? kasan_atomics_helper+0x1818/0x5450 [ 16.592840] kasan_report+0x141/0x180 [ 16.592864] ? kasan_atomics_helper+0x1818/0x5450 [ 16.592892] kasan_check_range+0x10c/0x1c0 [ 16.592918] __kasan_check_write+0x18/0x20 [ 16.592939] kasan_atomics_helper+0x1818/0x5450 [ 16.592964] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.592989] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.593015] ? trace_hardirqs_on+0x37/0xe0 [ 16.593039] ? kasan_atomics+0x152/0x310 [ 16.593068] kasan_atomics+0x1dc/0x310 [ 16.593092] ? __pfx_kasan_atomics+0x10/0x10 [ 16.593117] ? __pfx_kasan_atomics+0x10/0x10 [ 16.593147] kunit_try_run_case+0x1a5/0x480 [ 16.593173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.593198] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.593224] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.593250] ? __kthread_parkme+0x82/0x180 [ 16.593272] ? preempt_count_sub+0x50/0x80 [ 16.593297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.593323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.593350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.593378] kthread+0x337/0x6f0 [ 16.593398] ? trace_preempt_on+0x20/0xc0 [ 16.593421] ? __pfx_kthread+0x10/0x10 [ 16.593443] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.593466] ? calculate_sigpending+0x7b/0xa0 [ 16.593503] ? __pfx_kthread+0x10/0x10 [ 16.593525] ret_from_fork+0x116/0x1d0 [ 16.593547] ? __pfx_kthread+0x10/0x10 [ 16.593579] ret_from_fork_asm+0x1a/0x30 [ 16.593612] </TASK> [ 16.593623] [ 16.601137] Allocated by task 282: [ 16.601337] kasan_save_stack+0x45/0x70 [ 16.601618] kasan_save_track+0x18/0x40 [ 16.601849] kasan_save_alloc_info+0x3b/0x50 [ 16.602020] __kasan_kmalloc+0xb7/0xc0 [ 16.602150] __kmalloc_cache_noprof+0x189/0x420 [ 16.602303] kasan_atomics+0x95/0x310 [ 16.602463] kunit_try_run_case+0x1a5/0x480 [ 16.602652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.602909] kthread+0x337/0x6f0 [ 16.603142] ret_from_fork+0x116/0x1d0 [ 16.603337] ret_from_fork_asm+0x1a/0x30 [ 16.603667] [ 16.603816] The buggy address belongs to the object at ffff888102a5fe80 [ 16.603816] which belongs to the cache kmalloc-64 of size 64 [ 16.604377] The buggy address is located 0 bytes to the right of [ 16.604377] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.604914] [ 16.604986] The buggy address belongs to the physical page: [ 16.605156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.605475] flags: 0x200000000000000(node=0|zone=2) [ 16.605782] page_type: f5(slab) [ 16.605954] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.606290] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.606637] page dumped because: kasan: bad access detected [ 16.606861] [ 16.606950] Memory state around the buggy address: [ 16.607161] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.607372] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.607722] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.607994] ^ [ 16.608153] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.608362] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.608674] ================================================================== [ 15.939899] ================================================================== [ 15.940257] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.940821] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.941086] [ 15.941191] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.941235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.941248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.941270] Call Trace: [ 15.941288] <TASK> [ 15.941305] dump_stack_lvl+0x73/0xb0 [ 15.941333] print_report+0xd1/0x610 [ 15.941425] ? __virt_addr_valid+0x1db/0x2d0 [ 15.941450] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.941474] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.941498] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.941532] kasan_report+0x141/0x180 [ 15.941574] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.941602] kasan_check_range+0x10c/0x1c0 [ 15.941627] __kasan_check_write+0x18/0x20 [ 15.941648] kasan_atomics_helper+0xb6a/0x5450 [ 15.941673] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.941698] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.941724] ? trace_hardirqs_on+0x37/0xe0 [ 15.941749] ? kasan_atomics+0x152/0x310 [ 15.941777] kasan_atomics+0x1dc/0x310 [ 15.941811] ? __pfx_kasan_atomics+0x10/0x10 [ 15.941837] ? __pfx_kasan_atomics+0x10/0x10 [ 15.941876] kunit_try_run_case+0x1a5/0x480 [ 15.941903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.941928] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.941953] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.941979] ? __kthread_parkme+0x82/0x180 [ 15.942002] ? preempt_count_sub+0x50/0x80 [ 15.942028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.942054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.942090] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.942118] kthread+0x337/0x6f0 [ 15.942138] ? trace_preempt_on+0x20/0xc0 [ 15.942173] ? __pfx_kthread+0x10/0x10 [ 15.942196] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.942219] ? calculate_sigpending+0x7b/0xa0 [ 15.942287] ? __pfx_kthread+0x10/0x10 [ 15.942311] ret_from_fork+0x116/0x1d0 [ 15.942332] ? __pfx_kthread+0x10/0x10 [ 15.942421] ret_from_fork_asm+0x1a/0x30 [ 15.942455] </TASK> [ 15.942467] [ 15.951576] Allocated by task 282: [ 15.951763] kasan_save_stack+0x45/0x70 [ 15.951953] kasan_save_track+0x18/0x40 [ 15.952162] kasan_save_alloc_info+0x3b/0x50 [ 15.952587] __kasan_kmalloc+0xb7/0xc0 [ 15.952789] __kmalloc_cache_noprof+0x189/0x420 [ 15.953073] kasan_atomics+0x95/0x310 [ 15.953214] kunit_try_run_case+0x1a5/0x480 [ 15.953364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.953543] kthread+0x337/0x6f0 [ 15.953942] ret_from_fork+0x116/0x1d0 [ 15.954175] ret_from_fork_asm+0x1a/0x30 [ 15.954647] [ 15.954742] The buggy address belongs to the object at ffff888102a5fe80 [ 15.954742] which belongs to the cache kmalloc-64 of size 64 [ 15.955197] The buggy address is located 0 bytes to the right of [ 15.955197] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.955796] [ 15.955905] The buggy address belongs to the physical page: [ 15.956436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.956761] flags: 0x200000000000000(node=0|zone=2) [ 15.956929] page_type: f5(slab) [ 15.957095] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.957568] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.957836] page dumped because: kasan: bad access detected [ 15.958010] [ 15.958108] Memory state around the buggy address: [ 15.958505] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.958913] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.959209] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.959709] ^ [ 15.959927] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.960295] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.960859] ================================================================== [ 16.729722] ================================================================== [ 16.729970] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.730214] Read of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.730658] [ 16.730766] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.730808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.730820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.730842] Call Trace: [ 16.730855] <TASK> [ 16.730868] dump_stack_lvl+0x73/0xb0 [ 16.730897] print_report+0xd1/0x610 [ 16.730920] ? __virt_addr_valid+0x1db/0x2d0 [ 16.730943] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.730966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.730991] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.731014] kasan_report+0x141/0x180 [ 16.731038] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.731065] __asan_report_load8_noabort+0x18/0x20 [ 16.731092] kasan_atomics_helper+0x4f30/0x5450 [ 16.731126] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.731151] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.731176] ? trace_hardirqs_on+0x37/0xe0 [ 16.731199] ? kasan_atomics+0x152/0x310 [ 16.731227] kasan_atomics+0x1dc/0x310 [ 16.731251] ? __pfx_kasan_atomics+0x10/0x10 [ 16.731276] ? __pfx_kasan_atomics+0x10/0x10 [ 16.731304] kunit_try_run_case+0x1a5/0x480 [ 16.731329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.731354] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.731379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.731405] ? __kthread_parkme+0x82/0x180 [ 16.731439] ? preempt_count_sub+0x50/0x80 [ 16.731464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.731490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.731517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.731544] kthread+0x337/0x6f0 [ 16.731575] ? trace_preempt_on+0x20/0xc0 [ 16.731598] ? __pfx_kthread+0x10/0x10 [ 16.731620] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.731643] ? calculate_sigpending+0x7b/0xa0 [ 16.731668] ? __pfx_kthread+0x10/0x10 [ 16.731691] ret_from_fork+0x116/0x1d0 [ 16.731712] ? __pfx_kthread+0x10/0x10 [ 16.731733] ret_from_fork_asm+0x1a/0x30 [ 16.731764] </TASK> [ 16.731775] [ 16.739076] Allocated by task 282: [ 16.739245] kasan_save_stack+0x45/0x70 [ 16.739390] kasan_save_track+0x18/0x40 [ 16.739613] kasan_save_alloc_info+0x3b/0x50 [ 16.739832] __kasan_kmalloc+0xb7/0xc0 [ 16.740024] __kmalloc_cache_noprof+0x189/0x420 [ 16.740213] kasan_atomics+0x95/0x310 [ 16.740391] kunit_try_run_case+0x1a5/0x480 [ 16.740589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.740798] kthread+0x337/0x6f0 [ 16.740919] ret_from_fork+0x116/0x1d0 [ 16.741053] ret_from_fork_asm+0x1a/0x30 [ 16.741203] [ 16.741297] The buggy address belongs to the object at ffff888102a5fe80 [ 16.741297] which belongs to the cache kmalloc-64 of size 64 [ 16.741842] The buggy address is located 0 bytes to the right of [ 16.741842] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.742368] [ 16.742495] The buggy address belongs to the physical page: [ 16.742712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.742954] flags: 0x200000000000000(node=0|zone=2) [ 16.743116] page_type: f5(slab) [ 16.743236] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.743513] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.743854] page dumped because: kasan: bad access detected [ 16.744110] [ 16.744214] Memory state around the buggy address: [ 16.744433] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.744756] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.745167] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.745419] ^ [ 16.745655] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.745912] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.746125] ================================================================== [ 15.665682] ================================================================== [ 15.666619] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.667568] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.668063] [ 15.668154] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.668200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.668213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.668298] Call Trace: [ 15.668341] <TASK> [ 15.668358] dump_stack_lvl+0x73/0xb0 [ 15.668416] print_report+0xd1/0x610 [ 15.668441] ? __virt_addr_valid+0x1db/0x2d0 [ 15.668478] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.668511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.668546] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.668581] kasan_report+0x141/0x180 [ 15.668604] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.668643] __asan_report_store4_noabort+0x1b/0x30 [ 15.668670] kasan_atomics_helper+0x4b3a/0x5450 [ 15.668694] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.668719] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.668745] ? trace_hardirqs_on+0x37/0xe0 [ 15.668769] ? kasan_atomics+0x152/0x310 [ 15.668797] kasan_atomics+0x1dc/0x310 [ 15.668821] ? __pfx_kasan_atomics+0x10/0x10 [ 15.668846] ? __pfx_kasan_atomics+0x10/0x10 [ 15.668874] kunit_try_run_case+0x1a5/0x480 [ 15.668902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.668926] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.668952] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.668978] ? __kthread_parkme+0x82/0x180 [ 15.669000] ? preempt_count_sub+0x50/0x80 [ 15.669025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.669051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.669077] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.669104] kthread+0x337/0x6f0 [ 15.669124] ? trace_preempt_on+0x20/0xc0 [ 15.669147] ? __pfx_kthread+0x10/0x10 [ 15.669169] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.669193] ? calculate_sigpending+0x7b/0xa0 [ 15.669218] ? __pfx_kthread+0x10/0x10 [ 15.669273] ret_from_fork+0x116/0x1d0 [ 15.669316] ? __pfx_kthread+0x10/0x10 [ 15.669341] ret_from_fork_asm+0x1a/0x30 [ 15.669374] </TASK> [ 15.669387] [ 15.682317] Allocated by task 282: [ 15.682691] kasan_save_stack+0x45/0x70 [ 15.683096] kasan_save_track+0x18/0x40 [ 15.683640] kasan_save_alloc_info+0x3b/0x50 [ 15.684076] __kasan_kmalloc+0xb7/0xc0 [ 15.684257] __kmalloc_cache_noprof+0x189/0x420 [ 15.684773] kasan_atomics+0x95/0x310 [ 15.685129] kunit_try_run_case+0x1a5/0x480 [ 15.685417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.685885] kthread+0x337/0x6f0 [ 15.686022] ret_from_fork+0x116/0x1d0 [ 15.686172] ret_from_fork_asm+0x1a/0x30 [ 15.686609] [ 15.686774] The buggy address belongs to the object at ffff888102a5fe80 [ 15.686774] which belongs to the cache kmalloc-64 of size 64 [ 15.687942] The buggy address is located 0 bytes to the right of [ 15.687942] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.689349] [ 15.689465] The buggy address belongs to the physical page: [ 15.689999] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.690679] flags: 0x200000000000000(node=0|zone=2) [ 15.691113] page_type: f5(slab) [ 15.691590] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.691972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.692210] page dumped because: kasan: bad access detected [ 15.692802] [ 15.692977] Memory state around the buggy address: [ 15.693423] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.694159] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.694890] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.695408] ^ [ 15.695914] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.696380] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.697068] ================================================================== [ 16.861956] ================================================================== [ 16.862813] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.863517] Read of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.864114] [ 16.864202] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.864247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.864260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.864282] Call Trace: [ 16.864299] <TASK> [ 16.864316] dump_stack_lvl+0x73/0xb0 [ 16.864344] print_report+0xd1/0x610 [ 16.864367] ? __virt_addr_valid+0x1db/0x2d0 [ 16.864391] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.864441] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.864466] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.864512] kasan_report+0x141/0x180 [ 16.864535] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.864572] __asan_report_load8_noabort+0x18/0x20 [ 16.864599] kasan_atomics_helper+0x4f71/0x5450 [ 16.864623] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.864647] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.864673] ? trace_hardirqs_on+0x37/0xe0 [ 16.864696] ? kasan_atomics+0x152/0x310 [ 16.864724] kasan_atomics+0x1dc/0x310 [ 16.864748] ? __pfx_kasan_atomics+0x10/0x10 [ 16.864774] ? __pfx_kasan_atomics+0x10/0x10 [ 16.864802] kunit_try_run_case+0x1a5/0x480 [ 16.864828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.864852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.864878] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.864904] ? __kthread_parkme+0x82/0x180 [ 16.864927] ? preempt_count_sub+0x50/0x80 [ 16.864952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.864978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.865004] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.865032] kthread+0x337/0x6f0 [ 16.865052] ? trace_preempt_on+0x20/0xc0 [ 16.865076] ? __pfx_kthread+0x10/0x10 [ 16.865098] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.865121] ? calculate_sigpending+0x7b/0xa0 [ 16.865147] ? __pfx_kthread+0x10/0x10 [ 16.865172] ret_from_fork+0x116/0x1d0 [ 16.865194] ? __pfx_kthread+0x10/0x10 [ 16.865215] ret_from_fork_asm+0x1a/0x30 [ 16.865247] </TASK> [ 16.865257] [ 16.877457] Allocated by task 282: [ 16.877801] kasan_save_stack+0x45/0x70 [ 16.878166] kasan_save_track+0x18/0x40 [ 16.878543] kasan_save_alloc_info+0x3b/0x50 [ 16.878953] __kasan_kmalloc+0xb7/0xc0 [ 16.879133] __kmalloc_cache_noprof+0x189/0x420 [ 16.879571] kasan_atomics+0x95/0x310 [ 16.879882] kunit_try_run_case+0x1a5/0x480 [ 16.880034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.880215] kthread+0x337/0x6f0 [ 16.880336] ret_from_fork+0x116/0x1d0 [ 16.880708] ret_from_fork_asm+0x1a/0x30 [ 16.881072] [ 16.881256] The buggy address belongs to the object at ffff888102a5fe80 [ 16.881256] which belongs to the cache kmalloc-64 of size 64 [ 16.882320] The buggy address is located 0 bytes to the right of [ 16.882320] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.883265] [ 16.883342] The buggy address belongs to the physical page: [ 16.883817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.884532] flags: 0x200000000000000(node=0|zone=2) [ 16.884771] page_type: f5(slab) [ 16.884895] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.885127] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.885355] page dumped because: kasan: bad access detected [ 16.885873] [ 16.886031] Memory state around the buggy address: [ 16.886504] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.887132] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.887811] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.888425] ^ [ 16.888949] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.889370] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.890015] ================================================================== [ 15.757409] ================================================================== [ 15.757732] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.758046] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.758717] [ 15.759369] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.759418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.759431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.759453] Call Trace: [ 15.759469] <TASK> [ 15.759484] dump_stack_lvl+0x73/0xb0 [ 15.759515] print_report+0xd1/0x610 [ 15.759539] ? __virt_addr_valid+0x1db/0x2d0 [ 15.759574] ? kasan_atomics_helper+0x72f/0x5450 [ 15.759597] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.759622] ? kasan_atomics_helper+0x72f/0x5450 [ 15.759645] kasan_report+0x141/0x180 [ 15.759668] ? kasan_atomics_helper+0x72f/0x5450 [ 15.759696] kasan_check_range+0x10c/0x1c0 [ 15.759720] __kasan_check_write+0x18/0x20 [ 15.759743] kasan_atomics_helper+0x72f/0x5450 [ 15.759767] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.759791] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.759818] ? trace_hardirqs_on+0x37/0xe0 [ 15.759842] ? kasan_atomics+0x152/0x310 [ 15.759869] kasan_atomics+0x1dc/0x310 [ 15.759894] ? __pfx_kasan_atomics+0x10/0x10 [ 15.759919] ? __pfx_kasan_atomics+0x10/0x10 [ 15.759948] kunit_try_run_case+0x1a5/0x480 [ 15.759974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.759999] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.760023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.760048] ? __kthread_parkme+0x82/0x180 [ 15.760074] ? preempt_count_sub+0x50/0x80 [ 15.760099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.760125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.760152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.760179] kthread+0x337/0x6f0 [ 15.760199] ? trace_preempt_on+0x20/0xc0 [ 15.760223] ? __pfx_kthread+0x10/0x10 [ 15.760367] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.760394] ? calculate_sigpending+0x7b/0xa0 [ 15.760420] ? __pfx_kthread+0x10/0x10 [ 15.760443] ret_from_fork+0x116/0x1d0 [ 15.760465] ? __pfx_kthread+0x10/0x10 [ 15.760523] ret_from_fork_asm+0x1a/0x30 [ 15.760567] </TASK> [ 15.760580] [ 15.771943] Allocated by task 282: [ 15.772126] kasan_save_stack+0x45/0x70 [ 15.773006] kasan_save_track+0x18/0x40 [ 15.773218] kasan_save_alloc_info+0x3b/0x50 [ 15.773678] __kasan_kmalloc+0xb7/0xc0 [ 15.773969] __kmalloc_cache_noprof+0x189/0x420 [ 15.774451] kasan_atomics+0x95/0x310 [ 15.774652] kunit_try_run_case+0x1a5/0x480 [ 15.774853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.775096] kthread+0x337/0x6f0 [ 15.775579] ret_from_fork+0x116/0x1d0 [ 15.775749] ret_from_fork_asm+0x1a/0x30 [ 15.775935] [ 15.776027] The buggy address belongs to the object at ffff888102a5fe80 [ 15.776027] which belongs to the cache kmalloc-64 of size 64 [ 15.777523] The buggy address is located 0 bytes to the right of [ 15.777523] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.778347] [ 15.778597] The buggy address belongs to the physical page: [ 15.778847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.779171] flags: 0x200000000000000(node=0|zone=2) [ 15.779759] page_type: f5(slab) [ 15.780033] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.780613] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.780929] page dumped because: kasan: bad access detected [ 15.781155] [ 15.781777] Memory state around the buggy address: [ 15.781974] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.782201] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.783177] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.783977] ^ [ 15.784613] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.784937] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.785158] ================================================================== [ 16.136722] ================================================================== [ 16.137310] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 16.138039] Read of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.138520] [ 16.138633] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.138678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.138691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.138724] Call Trace: [ 16.138738] <TASK> [ 16.138753] dump_stack_lvl+0x73/0xb0 [ 16.138781] print_report+0xd1/0x610 [ 16.138814] ? __virt_addr_valid+0x1db/0x2d0 [ 16.138837] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.138861] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.138897] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.138920] kasan_report+0x141/0x180 [ 16.138943] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.138980] __asan_report_load4_noabort+0x18/0x20 [ 16.139007] kasan_atomics_helper+0x4a36/0x5450 [ 16.139042] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.139066] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.139093] ? trace_hardirqs_on+0x37/0xe0 [ 16.139115] ? kasan_atomics+0x152/0x310 [ 16.139144] kasan_atomics+0x1dc/0x310 [ 16.139168] ? __pfx_kasan_atomics+0x10/0x10 [ 16.139193] ? __pfx_kasan_atomics+0x10/0x10 [ 16.139231] kunit_try_run_case+0x1a5/0x480 [ 16.139256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.139280] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.139316] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.139340] ? __kthread_parkme+0x82/0x180 [ 16.139363] ? preempt_count_sub+0x50/0x80 [ 16.139388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.139413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.139446] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.139474] kthread+0x337/0x6f0 [ 16.139494] ? trace_preempt_on+0x20/0xc0 [ 16.139517] ? __pfx_kthread+0x10/0x10 [ 16.139539] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.139571] ? calculate_sigpending+0x7b/0xa0 [ 16.139597] ? __pfx_kthread+0x10/0x10 [ 16.139620] ret_from_fork+0x116/0x1d0 [ 16.139640] ? __pfx_kthread+0x10/0x10 [ 16.139661] ret_from_fork_asm+0x1a/0x30 [ 16.139692] </TASK> [ 16.139703] [ 16.151809] Allocated by task 282: [ 16.152166] kasan_save_stack+0x45/0x70 [ 16.152435] kasan_save_track+0x18/0x40 [ 16.152721] kasan_save_alloc_info+0x3b/0x50 [ 16.152877] __kasan_kmalloc+0xb7/0xc0 [ 16.153010] __kmalloc_cache_noprof+0x189/0x420 [ 16.153168] kasan_atomics+0x95/0x310 [ 16.153302] kunit_try_run_case+0x1a5/0x480 [ 16.153485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.153986] kthread+0x337/0x6f0 [ 16.154300] ret_from_fork+0x116/0x1d0 [ 16.154715] ret_from_fork_asm+0x1a/0x30 [ 16.155083] [ 16.155249] The buggy address belongs to the object at ffff888102a5fe80 [ 16.155249] which belongs to the cache kmalloc-64 of size 64 [ 16.156330] The buggy address is located 0 bytes to the right of [ 16.156330] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.157436] [ 16.157651] The buggy address belongs to the physical page: [ 16.158142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.158496] flags: 0x200000000000000(node=0|zone=2) [ 16.158960] page_type: f5(slab) [ 16.159283] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.159719] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.159949] page dumped because: kasan: bad access detected [ 16.160125] [ 16.160196] Memory state around the buggy address: [ 16.160353] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.160625] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.161051] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.161363] ^ [ 16.161714] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.161946] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.162291] ================================================================== [ 16.764748] ================================================================== [ 16.765092] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.765633] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.765912] [ 16.765998] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.766041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.766054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.766076] Call Trace: [ 16.766090] <TASK> [ 16.766104] dump_stack_lvl+0x73/0xb0 [ 16.766132] print_report+0xd1/0x610 [ 16.766155] ? __virt_addr_valid+0x1db/0x2d0 [ 16.766178] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.766201] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.766226] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.766250] kasan_report+0x141/0x180 [ 16.766273] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.766301] kasan_check_range+0x10c/0x1c0 [ 16.766326] __kasan_check_write+0x18/0x20 [ 16.766347] kasan_atomics_helper+0x1d7a/0x5450 [ 16.766371] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.766395] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.766421] ? trace_hardirqs_on+0x37/0xe0 [ 16.766445] ? kasan_atomics+0x152/0x310 [ 16.766473] kasan_atomics+0x1dc/0x310 [ 16.766497] ? __pfx_kasan_atomics+0x10/0x10 [ 16.766522] ? __pfx_kasan_atomics+0x10/0x10 [ 16.766561] kunit_try_run_case+0x1a5/0x480 [ 16.766587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.766611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.766637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.766662] ? __kthread_parkme+0x82/0x180 [ 16.766685] ? preempt_count_sub+0x50/0x80 [ 16.766709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.766747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.766773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.766801] kthread+0x337/0x6f0 [ 16.766822] ? trace_preempt_on+0x20/0xc0 [ 16.766846] ? __pfx_kthread+0x10/0x10 [ 16.766867] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.766891] ? calculate_sigpending+0x7b/0xa0 [ 16.766917] ? __pfx_kthread+0x10/0x10 [ 16.766940] ret_from_fork+0x116/0x1d0 [ 16.766960] ? __pfx_kthread+0x10/0x10 [ 16.766982] ret_from_fork_asm+0x1a/0x30 [ 16.767014] </TASK> [ 16.767024] [ 16.774561] Allocated by task 282: [ 16.774739] kasan_save_stack+0x45/0x70 [ 16.774938] kasan_save_track+0x18/0x40 [ 16.775128] kasan_save_alloc_info+0x3b/0x50 [ 16.775320] __kasan_kmalloc+0xb7/0xc0 [ 16.775523] __kmalloc_cache_noprof+0x189/0x420 [ 16.775709] kasan_atomics+0x95/0x310 [ 16.775901] kunit_try_run_case+0x1a5/0x480 [ 16.776110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.776346] kthread+0x337/0x6f0 [ 16.776583] ret_from_fork+0x116/0x1d0 [ 16.776747] ret_from_fork_asm+0x1a/0x30 [ 16.776893] [ 16.776965] The buggy address belongs to the object at ffff888102a5fe80 [ 16.776965] which belongs to the cache kmalloc-64 of size 64 [ 16.777319] The buggy address is located 0 bytes to the right of [ 16.777319] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.777864] [ 16.777963] The buggy address belongs to the physical page: [ 16.778206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.778575] flags: 0x200000000000000(node=0|zone=2) [ 16.778949] page_type: f5(slab) [ 16.779095] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.779327] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.779563] page dumped because: kasan: bad access detected [ 16.779735] [ 16.779836] Memory state around the buggy address: [ 16.780064] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.780383] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.780725] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.781197] ^ [ 16.781362] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.781680] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.781986] ================================================================== [ 17.037142] ================================================================== [ 17.037695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 17.038027] Read of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 17.038337] [ 17.038638] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.038687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.038921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.038948] Call Trace: [ 17.038966] <TASK> [ 17.038982] dump_stack_lvl+0x73/0xb0 [ 17.039013] print_report+0xd1/0x610 [ 17.039037] ? __virt_addr_valid+0x1db/0x2d0 [ 17.039096] ? kasan_atomics_helper+0x5115/0x5450 [ 17.039121] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.039147] ? kasan_atomics_helper+0x5115/0x5450 [ 17.039171] kasan_report+0x141/0x180 [ 17.039193] ? kasan_atomics_helper+0x5115/0x5450 [ 17.039221] __asan_report_load8_noabort+0x18/0x20 [ 17.039249] kasan_atomics_helper+0x5115/0x5450 [ 17.039273] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.039297] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.039323] ? trace_hardirqs_on+0x37/0xe0 [ 17.039347] ? kasan_atomics+0x152/0x310 [ 17.039375] kasan_atomics+0x1dc/0x310 [ 17.039421] ? __pfx_kasan_atomics+0x10/0x10 [ 17.039447] ? __pfx_kasan_atomics+0x10/0x10 [ 17.039475] kunit_try_run_case+0x1a5/0x480 [ 17.039502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.039527] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.039563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.039589] ? __kthread_parkme+0x82/0x180 [ 17.039611] ? preempt_count_sub+0x50/0x80 [ 17.039637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.039663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.039689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.039717] kthread+0x337/0x6f0 [ 17.039737] ? trace_preempt_on+0x20/0xc0 [ 17.039761] ? __pfx_kthread+0x10/0x10 [ 17.039783] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.039805] ? calculate_sigpending+0x7b/0xa0 [ 17.039831] ? __pfx_kthread+0x10/0x10 [ 17.039854] ret_from_fork+0x116/0x1d0 [ 17.039874] ? __pfx_kthread+0x10/0x10 [ 17.039897] ret_from_fork_asm+0x1a/0x30 [ 17.039928] </TASK> [ 17.039940] [ 17.050544] Allocated by task 282: [ 17.050843] kasan_save_stack+0x45/0x70 [ 17.051035] kasan_save_track+0x18/0x40 [ 17.051214] kasan_save_alloc_info+0x3b/0x50 [ 17.051644] __kasan_kmalloc+0xb7/0xc0 [ 17.051934] __kmalloc_cache_noprof+0x189/0x420 [ 17.052368] kasan_atomics+0x95/0x310 [ 17.052649] kunit_try_run_case+0x1a5/0x480 [ 17.052966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.053213] kthread+0x337/0x6f0 [ 17.053368] ret_from_fork+0x116/0x1d0 [ 17.053852] ret_from_fork_asm+0x1a/0x30 [ 17.054128] [ 17.054350] The buggy address belongs to the object at ffff888102a5fe80 [ 17.054350] which belongs to the cache kmalloc-64 of size 64 [ 17.054874] The buggy address is located 0 bytes to the right of [ 17.054874] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 17.055371] [ 17.055760] The buggy address belongs to the physical page: [ 17.056185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 17.056719] flags: 0x200000000000000(node=0|zone=2) [ 17.056950] page_type: f5(slab) [ 17.057107] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.057673] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.058193] page dumped because: kasan: bad access detected [ 17.058655] [ 17.058882] Memory state around the buggy address: [ 17.059106] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.059632] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.060057] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.060562] ^ [ 17.061010] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.061315] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.061818] ================================================================== [ 16.711648] ================================================================== [ 16.711975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.712282] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.712914] [ 16.713044] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.713090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.713103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.713125] Call Trace: [ 16.713143] <TASK> [ 16.713160] dump_stack_lvl+0x73/0xb0 [ 16.713190] print_report+0xd1/0x610 [ 16.713213] ? __virt_addr_valid+0x1db/0x2d0 [ 16.713238] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.713276] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.713301] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.713326] kasan_report+0x141/0x180 [ 16.713348] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.713376] kasan_check_range+0x10c/0x1c0 [ 16.713401] __kasan_check_write+0x18/0x20 [ 16.713431] kasan_atomics_helper+0x1c18/0x5450 [ 16.713456] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.713480] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.713506] ? trace_hardirqs_on+0x37/0xe0 [ 16.713529] ? kasan_atomics+0x152/0x310 [ 16.713569] kasan_atomics+0x1dc/0x310 [ 16.713593] ? __pfx_kasan_atomics+0x10/0x10 [ 16.713618] ? __pfx_kasan_atomics+0x10/0x10 [ 16.713647] kunit_try_run_case+0x1a5/0x480 [ 16.713672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.713697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.713723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.713749] ? __kthread_parkme+0x82/0x180 [ 16.713771] ? preempt_count_sub+0x50/0x80 [ 16.713797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.713822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.713848] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.713876] kthread+0x337/0x6f0 [ 16.713896] ? trace_preempt_on+0x20/0xc0 [ 16.713919] ? __pfx_kthread+0x10/0x10 [ 16.713941] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.713965] ? calculate_sigpending+0x7b/0xa0 [ 16.713990] ? __pfx_kthread+0x10/0x10 [ 16.714013] ret_from_fork+0x116/0x1d0 [ 16.714033] ? __pfx_kthread+0x10/0x10 [ 16.714054] ret_from_fork_asm+0x1a/0x30 [ 16.714087] </TASK> [ 16.714097] [ 16.721630] Allocated by task 282: [ 16.721810] kasan_save_stack+0x45/0x70 [ 16.722012] kasan_save_track+0x18/0x40 [ 16.722207] kasan_save_alloc_info+0x3b/0x50 [ 16.722374] __kasan_kmalloc+0xb7/0xc0 [ 16.722661] __kmalloc_cache_noprof+0x189/0x420 [ 16.722853] kasan_atomics+0x95/0x310 [ 16.723016] kunit_try_run_case+0x1a5/0x480 [ 16.723217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.723492] kthread+0x337/0x6f0 [ 16.723658] ret_from_fork+0x116/0x1d0 [ 16.723823] ret_from_fork_asm+0x1a/0x30 [ 16.723965] [ 16.724054] The buggy address belongs to the object at ffff888102a5fe80 [ 16.724054] which belongs to the cache kmalloc-64 of size 64 [ 16.724636] The buggy address is located 0 bytes to the right of [ 16.724636] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.725001] [ 16.725072] The buggy address belongs to the physical page: [ 16.725242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.725596] flags: 0x200000000000000(node=0|zone=2) [ 16.725824] page_type: f5(slab) [ 16.725988] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.726393] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.726682] page dumped because: kasan: bad access detected [ 16.726856] [ 16.726926] Memory state around the buggy address: [ 16.727080] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.727300] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.727770] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.728091] ^ [ 16.728319] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.728950] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.729278] ================================================================== [ 15.910532] ================================================================== [ 15.911199] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.911648] Write of size 4 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 15.912300] [ 15.912489] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.912535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.912727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.912753] Call Trace: [ 15.912770] <TASK> [ 15.912784] dump_stack_lvl+0x73/0xb0 [ 15.912831] print_report+0xd1/0x610 [ 15.912854] ? __virt_addr_valid+0x1db/0x2d0 [ 15.912878] ? kasan_atomics_helper+0xac7/0x5450 [ 15.912914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.912940] ? kasan_atomics_helper+0xac7/0x5450 [ 15.912964] kasan_report+0x141/0x180 [ 15.912987] ? kasan_atomics_helper+0xac7/0x5450 [ 15.913015] kasan_check_range+0x10c/0x1c0 [ 15.913040] __kasan_check_write+0x18/0x20 [ 15.913062] kasan_atomics_helper+0xac7/0x5450 [ 15.913087] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.913112] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.913138] ? trace_hardirqs_on+0x37/0xe0 [ 15.913162] ? kasan_atomics+0x152/0x310 [ 15.913189] kasan_atomics+0x1dc/0x310 [ 15.913214] ? __pfx_kasan_atomics+0x10/0x10 [ 15.913294] ? __pfx_kasan_atomics+0x10/0x10 [ 15.913327] kunit_try_run_case+0x1a5/0x480 [ 15.913353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.913378] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.913404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.913430] ? __kthread_parkme+0x82/0x180 [ 15.913453] ? preempt_count_sub+0x50/0x80 [ 15.913478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.913504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.913531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.913571] kthread+0x337/0x6f0 [ 15.913592] ? trace_preempt_on+0x20/0xc0 [ 15.913616] ? __pfx_kthread+0x10/0x10 [ 15.913638] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.913662] ? calculate_sigpending+0x7b/0xa0 [ 15.913688] ? __pfx_kthread+0x10/0x10 [ 15.913711] ret_from_fork+0x116/0x1d0 [ 15.913731] ? __pfx_kthread+0x10/0x10 [ 15.913753] ret_from_fork_asm+0x1a/0x30 [ 15.913785] </TASK> [ 15.913797] [ 15.928771] Allocated by task 282: [ 15.929020] kasan_save_stack+0x45/0x70 [ 15.929174] kasan_save_track+0x18/0x40 [ 15.929390] kasan_save_alloc_info+0x3b/0x50 [ 15.929860] __kasan_kmalloc+0xb7/0xc0 [ 15.930227] __kmalloc_cache_noprof+0x189/0x420 [ 15.930731] kasan_atomics+0x95/0x310 [ 15.931095] kunit_try_run_case+0x1a5/0x480 [ 15.931583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.932024] kthread+0x337/0x6f0 [ 15.932181] ret_from_fork+0x116/0x1d0 [ 15.932599] ret_from_fork_asm+0x1a/0x30 [ 15.933002] [ 15.933187] The buggy address belongs to the object at ffff888102a5fe80 [ 15.933187] which belongs to the cache kmalloc-64 of size 64 [ 15.933890] The buggy address is located 0 bytes to the right of [ 15.933890] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 15.934349] [ 15.934463] The buggy address belongs to the physical page: [ 15.934731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 15.935116] flags: 0x200000000000000(node=0|zone=2) [ 15.935546] page_type: f5(slab) [ 15.935736] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.936044] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.936427] page dumped because: kasan: bad access detected [ 15.936820] [ 15.936940] Memory state around the buggy address: [ 15.937138] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.937407] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.937886] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.938155] ^ [ 15.938481] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.939042] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.939356] ================================================================== [ 16.746642] ================================================================== [ 16.746983] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.747427] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 16.747766] [ 16.747879] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.747924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.747937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.747959] Call Trace: [ 16.747973] <TASK> [ 16.747988] dump_stack_lvl+0x73/0xb0 [ 16.748015] print_report+0xd1/0x610 [ 16.748039] ? __virt_addr_valid+0x1db/0x2d0 [ 16.748066] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.748089] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.748114] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.748137] kasan_report+0x141/0x180 [ 16.748160] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.748188] kasan_check_range+0x10c/0x1c0 [ 16.748213] __kasan_check_write+0x18/0x20 [ 16.748234] kasan_atomics_helper+0x1ce1/0x5450 [ 16.748258] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.748283] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.748308] ? trace_hardirqs_on+0x37/0xe0 [ 16.748332] ? kasan_atomics+0x152/0x310 [ 16.748359] kasan_atomics+0x1dc/0x310 [ 16.748383] ? __pfx_kasan_atomics+0x10/0x10 [ 16.748408] ? __pfx_kasan_atomics+0x10/0x10 [ 16.748447] kunit_try_run_case+0x1a5/0x480 [ 16.748472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.748497] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.748522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.748548] ? __kthread_parkme+0x82/0x180 [ 16.748580] ? preempt_count_sub+0x50/0x80 [ 16.748605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.748631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.748658] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.748686] kthread+0x337/0x6f0 [ 16.748706] ? trace_preempt_on+0x20/0xc0 [ 16.748730] ? __pfx_kthread+0x10/0x10 [ 16.748751] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.748774] ? calculate_sigpending+0x7b/0xa0 [ 16.748800] ? __pfx_kthread+0x10/0x10 [ 16.748822] ret_from_fork+0x116/0x1d0 [ 16.748842] ? __pfx_kthread+0x10/0x10 [ 16.748865] ret_from_fork_asm+0x1a/0x30 [ 16.748896] </TASK> [ 16.748907] [ 16.756993] Allocated by task 282: [ 16.757164] kasan_save_stack+0x45/0x70 [ 16.757337] kasan_save_track+0x18/0x40 [ 16.757566] kasan_save_alloc_info+0x3b/0x50 [ 16.757719] __kasan_kmalloc+0xb7/0xc0 [ 16.757909] __kmalloc_cache_noprof+0x189/0x420 [ 16.758140] kasan_atomics+0x95/0x310 [ 16.758288] kunit_try_run_case+0x1a5/0x480 [ 16.758435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.758693] kthread+0x337/0x6f0 [ 16.758868] ret_from_fork+0x116/0x1d0 [ 16.759222] ret_from_fork_asm+0x1a/0x30 [ 16.759369] [ 16.759486] The buggy address belongs to the object at ffff888102a5fe80 [ 16.759486] which belongs to the cache kmalloc-64 of size 64 [ 16.760050] The buggy address is located 0 bytes to the right of [ 16.760050] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 16.760539] [ 16.760646] The buggy address belongs to the physical page: [ 16.760898] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 16.761184] flags: 0x200000000000000(node=0|zone=2) [ 16.761345] page_type: f5(slab) [ 16.761491] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.761845] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.762126] page dumped because: kasan: bad access detected [ 16.762297] [ 16.762414] Memory state around the buggy address: [ 16.762651] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.762975] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.763255] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.763560] ^ [ 16.763716] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.763932] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.764154] ================================================================== [ 17.011577] ================================================================== [ 17.011924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 17.012306] Write of size 8 at addr ffff888102a5feb0 by task kunit_try_catch/282 [ 17.012666] [ 17.012799] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.012844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.012856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.012879] Call Trace: [ 17.012893] <TASK> [ 17.012909] dump_stack_lvl+0x73/0xb0 [ 17.012937] print_report+0xd1/0x610 [ 17.012982] ? __virt_addr_valid+0x1db/0x2d0 [ 17.013006] ? kasan_atomics_helper+0x224c/0x5450 [ 17.013028] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.013054] ? kasan_atomics_helper+0x224c/0x5450 [ 17.013077] kasan_report+0x141/0x180 [ 17.013100] ? kasan_atomics_helper+0x224c/0x5450 [ 17.013145] kasan_check_range+0x10c/0x1c0 [ 17.013171] __kasan_check_write+0x18/0x20 [ 17.013192] kasan_atomics_helper+0x224c/0x5450 [ 17.013216] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.013241] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.013266] ? trace_hardirqs_on+0x37/0xe0 [ 17.013290] ? kasan_atomics+0x152/0x310 [ 17.013318] kasan_atomics+0x1dc/0x310 [ 17.013359] ? __pfx_kasan_atomics+0x10/0x10 [ 17.013384] ? __pfx_kasan_atomics+0x10/0x10 [ 17.013433] kunit_try_run_case+0x1a5/0x480 [ 17.013459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.013483] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.013527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.013561] ? __kthread_parkme+0x82/0x180 [ 17.013584] ? preempt_count_sub+0x50/0x80 [ 17.013609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.013652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.013692] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.013733] kthread+0x337/0x6f0 [ 17.013754] ? trace_preempt_on+0x20/0xc0 [ 17.013778] ? __pfx_kthread+0x10/0x10 [ 17.013800] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.013823] ? calculate_sigpending+0x7b/0xa0 [ 17.013849] ? __pfx_kthread+0x10/0x10 [ 17.013871] ret_from_fork+0x116/0x1d0 [ 17.013891] ? __pfx_kthread+0x10/0x10 [ 17.013913] ret_from_fork_asm+0x1a/0x30 [ 17.013944] </TASK> [ 17.013955] [ 17.024217] Allocated by task 282: [ 17.024388] kasan_save_stack+0x45/0x70 [ 17.024903] kasan_save_track+0x18/0x40 [ 17.025207] kasan_save_alloc_info+0x3b/0x50 [ 17.025567] __kasan_kmalloc+0xb7/0xc0 [ 17.025865] __kmalloc_cache_noprof+0x189/0x420 [ 17.026090] kasan_atomics+0x95/0x310 [ 17.026259] kunit_try_run_case+0x1a5/0x480 [ 17.026684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.027105] kthread+0x337/0x6f0 [ 17.027391] ret_from_fork+0x116/0x1d0 [ 17.027616] ret_from_fork_asm+0x1a/0x30 [ 17.027803] [ 17.027891] The buggy address belongs to the object at ffff888102a5fe80 [ 17.027891] which belongs to the cache kmalloc-64 of size 64 [ 17.028385] The buggy address is located 0 bytes to the right of [ 17.028385] allocated 48-byte region [ffff888102a5fe80, ffff888102a5feb0) [ 17.029496] [ 17.029617] The buggy address belongs to the physical page: [ 17.029852] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5f [ 17.030174] flags: 0x200000000000000(node=0|zone=2) [ 17.030374] page_type: f5(slab) [ 17.030806] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.031455] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.031906] page dumped because: kasan: bad access detected [ 17.032333] [ 17.032588] Memory state around the buggy address: [ 17.033046] ffff888102a5fd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.033517] ffff888102a5fe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.034006] >ffff888102a5fe80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.034492] ^ [ 17.034720] ffff888102a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.035020] ffff888102a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.035312] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 15.477205] ================================================================== [ 15.477622] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.477946] Read of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.478249] [ 15.478351] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.478410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.478421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.478442] Call Trace: [ 15.478455] <TASK> [ 15.478470] dump_stack_lvl+0x73/0xb0 [ 15.478498] print_report+0xd1/0x610 [ 15.478521] ? __virt_addr_valid+0x1db/0x2d0 [ 15.478543] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.478583] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.478608] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.478638] kasan_report+0x141/0x180 [ 15.478660] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.478695] __asan_report_load8_noabort+0x18/0x20 [ 15.478724] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.478755] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.478795] kasan_bitops_generic+0x121/0x1c0 [ 15.478820] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.478845] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.478876] kunit_try_run_case+0x1a5/0x480 [ 15.478901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.478925] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.478949] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.478975] ? __kthread_parkme+0x82/0x180 [ 15.478996] ? preempt_count_sub+0x50/0x80 [ 15.479021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.479047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.479073] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.479100] kthread+0x337/0x6f0 [ 15.479119] ? trace_preempt_on+0x20/0xc0 [ 15.479143] ? __pfx_kthread+0x10/0x10 [ 15.479164] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.479186] ? calculate_sigpending+0x7b/0xa0 [ 15.479211] ? __pfx_kthread+0x10/0x10 [ 15.479232] ret_from_fork+0x116/0x1d0 [ 15.479251] ? __pfx_kthread+0x10/0x10 [ 15.479272] ret_from_fork_asm+0x1a/0x30 [ 15.479303] </TASK> [ 15.479313] [ 15.487357] Allocated by task 278: [ 15.487538] kasan_save_stack+0x45/0x70 [ 15.487909] kasan_save_track+0x18/0x40 [ 15.488067] kasan_save_alloc_info+0x3b/0x50 [ 15.488221] __kasan_kmalloc+0xb7/0xc0 [ 15.488416] __kmalloc_cache_noprof+0x189/0x420 [ 15.488658] kasan_bitops_generic+0x92/0x1c0 [ 15.488882] kunit_try_run_case+0x1a5/0x480 [ 15.489089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.489404] kthread+0x337/0x6f0 [ 15.489572] ret_from_fork+0x116/0x1d0 [ 15.489750] ret_from_fork_asm+0x1a/0x30 [ 15.489954] [ 15.490030] The buggy address belongs to the object at ffff888101679da0 [ 15.490030] which belongs to the cache kmalloc-16 of size 16 [ 15.490529] The buggy address is located 8 bytes inside of [ 15.490529] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.491339] [ 15.491438] The buggy address belongs to the physical page: [ 15.491681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.492005] flags: 0x200000000000000(node=0|zone=2) [ 15.492206] page_type: f5(slab) [ 15.492437] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.492680] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.492905] page dumped because: kasan: bad access detected [ 15.493079] [ 15.493226] Memory state around the buggy address: [ 15.493589] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.493906] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.494218] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.494972] ^ [ 15.495133] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.496080] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.496909] ================================================================== [ 15.418977] ================================================================== [ 15.419325] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.419715] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.420033] [ 15.420120] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.420162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.420174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.420195] Call Trace: [ 15.420207] <TASK> [ 15.420221] dump_stack_lvl+0x73/0xb0 [ 15.420248] print_report+0xd1/0x610 [ 15.420270] ? __virt_addr_valid+0x1db/0x2d0 [ 15.420292] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.420321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.420345] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.420375] kasan_report+0x141/0x180 [ 15.420397] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.420431] kasan_check_range+0x10c/0x1c0 [ 15.420455] __kasan_check_write+0x18/0x20 [ 15.420474] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.420504] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.420542] kasan_bitops_generic+0x121/0x1c0 [ 15.420577] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.420602] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.420632] kunit_try_run_case+0x1a5/0x480 [ 15.420656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.420680] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.420704] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.420729] ? __kthread_parkme+0x82/0x180 [ 15.420750] ? preempt_count_sub+0x50/0x80 [ 15.420774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.420799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.420824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.420851] kthread+0x337/0x6f0 [ 15.420870] ? trace_preempt_on+0x20/0xc0 [ 15.420894] ? __pfx_kthread+0x10/0x10 [ 15.420915] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.420937] ? calculate_sigpending+0x7b/0xa0 [ 15.420962] ? __pfx_kthread+0x10/0x10 [ 15.420984] ret_from_fork+0x116/0x1d0 [ 15.421003] ? __pfx_kthread+0x10/0x10 [ 15.421024] ret_from_fork_asm+0x1a/0x30 [ 15.421054] </TASK> [ 15.421064] [ 15.428894] Allocated by task 278: [ 15.429064] kasan_save_stack+0x45/0x70 [ 15.429233] kasan_save_track+0x18/0x40 [ 15.429600] kasan_save_alloc_info+0x3b/0x50 [ 15.429871] __kasan_kmalloc+0xb7/0xc0 [ 15.430043] __kmalloc_cache_noprof+0x189/0x420 [ 15.430229] kasan_bitops_generic+0x92/0x1c0 [ 15.430379] kunit_try_run_case+0x1a5/0x480 [ 15.430524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.430788] kthread+0x337/0x6f0 [ 15.430955] ret_from_fork+0x116/0x1d0 [ 15.431268] ret_from_fork_asm+0x1a/0x30 [ 15.431575] [ 15.431649] The buggy address belongs to the object at ffff888101679da0 [ 15.431649] which belongs to the cache kmalloc-16 of size 16 [ 15.432017] The buggy address is located 8 bytes inside of [ 15.432017] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.432836] [ 15.432928] The buggy address belongs to the physical page: [ 15.433152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.433526] flags: 0x200000000000000(node=0|zone=2) [ 15.433796] page_type: f5(slab) [ 15.433940] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.434310] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.434662] page dumped because: kasan: bad access detected [ 15.434897] [ 15.434990] Memory state around the buggy address: [ 15.435166] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.435386] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.435618] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.435834] ^ [ 15.436222] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.437717] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.438007] ================================================================== [ 15.371988] ================================================================== [ 15.372640] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.373424] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.373749] [ 15.373855] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.373901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.373914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.373936] Call Trace: [ 15.373952] <TASK> [ 15.373969] dump_stack_lvl+0x73/0xb0 [ 15.373998] print_report+0xd1/0x610 [ 15.374022] ? __virt_addr_valid+0x1db/0x2d0 [ 15.374045] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.374075] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.374100] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.374130] kasan_report+0x141/0x180 [ 15.374152] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.374187] kasan_check_range+0x10c/0x1c0 [ 15.374212] __kasan_check_write+0x18/0x20 [ 15.374233] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.374449] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.374499] kasan_bitops_generic+0x121/0x1c0 [ 15.374524] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.374713] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.374755] kunit_try_run_case+0x1a5/0x480 [ 15.374782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.374806] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.374833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.374859] ? __kthread_parkme+0x82/0x180 [ 15.374881] ? preempt_count_sub+0x50/0x80 [ 15.374906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.374931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.374957] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.374984] kthread+0x337/0x6f0 [ 15.375003] ? trace_preempt_on+0x20/0xc0 [ 15.375027] ? __pfx_kthread+0x10/0x10 [ 15.375049] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.375072] ? calculate_sigpending+0x7b/0xa0 [ 15.375097] ? __pfx_kthread+0x10/0x10 [ 15.375118] ret_from_fork+0x116/0x1d0 [ 15.375137] ? __pfx_kthread+0x10/0x10 [ 15.375159] ret_from_fork_asm+0x1a/0x30 [ 15.375189] </TASK> [ 15.375200] [ 15.386886] Allocated by task 278: [ 15.387071] kasan_save_stack+0x45/0x70 [ 15.387434] kasan_save_track+0x18/0x40 [ 15.387762] kasan_save_alloc_info+0x3b/0x50 [ 15.387978] __kasan_kmalloc+0xb7/0xc0 [ 15.388153] __kmalloc_cache_noprof+0x189/0x420 [ 15.388726] kasan_bitops_generic+0x92/0x1c0 [ 15.389012] kunit_try_run_case+0x1a5/0x480 [ 15.389431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.389789] kthread+0x337/0x6f0 [ 15.389961] ret_from_fork+0x116/0x1d0 [ 15.390140] ret_from_fork_asm+0x1a/0x30 [ 15.390317] [ 15.390408] The buggy address belongs to the object at ffff888101679da0 [ 15.390408] which belongs to the cache kmalloc-16 of size 16 [ 15.390892] The buggy address is located 8 bytes inside of [ 15.390892] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.391360] [ 15.391928] The buggy address belongs to the physical page: [ 15.392364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.392853] flags: 0x200000000000000(node=0|zone=2) [ 15.393481] page_type: f5(slab) [ 15.393724] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.394159] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.395227] page dumped because: kasan: bad access detected [ 15.395625] [ 15.395867] Memory state around the buggy address: [ 15.396089] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.396839] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.397336] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.397832] ^ [ 15.398033] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.398735] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.399187] ================================================================== [ 15.399894] ================================================================== [ 15.400146] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.400639] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.401001] [ 15.401114] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.401161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.401173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.401195] Call Trace: [ 15.401209] <TASK> [ 15.401224] dump_stack_lvl+0x73/0xb0 [ 15.401251] print_report+0xd1/0x610 [ 15.401274] ? __virt_addr_valid+0x1db/0x2d0 [ 15.401296] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.401326] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.401350] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.401392] kasan_report+0x141/0x180 [ 15.401414] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.401448] kasan_check_range+0x10c/0x1c0 [ 15.401472] __kasan_check_write+0x18/0x20 [ 15.401492] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.401522] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.401617] kasan_bitops_generic+0x121/0x1c0 [ 15.401644] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.401669] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.401699] kunit_try_run_case+0x1a5/0x480 [ 15.401724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.401748] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.401772] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.401797] ? __kthread_parkme+0x82/0x180 [ 15.401818] ? preempt_count_sub+0x50/0x80 [ 15.401842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.401867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.401893] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.401919] kthread+0x337/0x6f0 [ 15.401938] ? trace_preempt_on+0x20/0xc0 [ 15.401961] ? __pfx_kthread+0x10/0x10 [ 15.401982] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.402007] ? calculate_sigpending+0x7b/0xa0 [ 15.402031] ? __pfx_kthread+0x10/0x10 [ 15.402053] ret_from_fork+0x116/0x1d0 [ 15.402072] ? __pfx_kthread+0x10/0x10 [ 15.402092] ret_from_fork_asm+0x1a/0x30 [ 15.402123] </TASK> [ 15.402133] [ 15.409812] Allocated by task 278: [ 15.409987] kasan_save_stack+0x45/0x70 [ 15.410316] kasan_save_track+0x18/0x40 [ 15.410663] kasan_save_alloc_info+0x3b/0x50 [ 15.410820] __kasan_kmalloc+0xb7/0xc0 [ 15.410954] __kmalloc_cache_noprof+0x189/0x420 [ 15.411178] kasan_bitops_generic+0x92/0x1c0 [ 15.411644] kunit_try_run_case+0x1a5/0x480 [ 15.411845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.412094] kthread+0x337/0x6f0 [ 15.412460] ret_from_fork+0x116/0x1d0 [ 15.412673] ret_from_fork_asm+0x1a/0x30 [ 15.412854] [ 15.412937] The buggy address belongs to the object at ffff888101679da0 [ 15.412937] which belongs to the cache kmalloc-16 of size 16 [ 15.413293] The buggy address is located 8 bytes inside of [ 15.413293] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.413945] [ 15.414047] The buggy address belongs to the physical page: [ 15.414368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.414660] flags: 0x200000000000000(node=0|zone=2) [ 15.414824] page_type: f5(slab) [ 15.414943] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.415351] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.415703] page dumped because: kasan: bad access detected [ 15.416063] [ 15.416133] Memory state around the buggy address: [ 15.416287] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.416747] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.417072] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.417506] ^ [ 15.417689] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.418006] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.418607] ================================================================== [ 15.438452] ================================================================== [ 15.438795] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.439074] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.439657] [ 15.439770] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.439815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.439827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.439848] Call Trace: [ 15.439862] <TASK> [ 15.439877] dump_stack_lvl+0x73/0xb0 [ 15.439904] print_report+0xd1/0x610 [ 15.439925] ? __virt_addr_valid+0x1db/0x2d0 [ 15.439949] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.439980] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.440004] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.440035] kasan_report+0x141/0x180 [ 15.440062] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.440097] kasan_check_range+0x10c/0x1c0 [ 15.440121] __kasan_check_write+0x18/0x20 [ 15.440142] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.440172] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.440212] kasan_bitops_generic+0x121/0x1c0 [ 15.440237] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.440262] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.440291] kunit_try_run_case+0x1a5/0x480 [ 15.440316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.440340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.440365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.440391] ? __kthread_parkme+0x82/0x180 [ 15.440412] ? preempt_count_sub+0x50/0x80 [ 15.440497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.440523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.440562] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.440590] kthread+0x337/0x6f0 [ 15.440611] ? trace_preempt_on+0x20/0xc0 [ 15.440635] ? __pfx_kthread+0x10/0x10 [ 15.440657] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.440679] ? calculate_sigpending+0x7b/0xa0 [ 15.440704] ? __pfx_kthread+0x10/0x10 [ 15.440726] ret_from_fork+0x116/0x1d0 [ 15.440746] ? __pfx_kthread+0x10/0x10 [ 15.440767] ret_from_fork_asm+0x1a/0x30 [ 15.440799] </TASK> [ 15.440809] [ 15.448782] Allocated by task 278: [ 15.448968] kasan_save_stack+0x45/0x70 [ 15.449127] kasan_save_track+0x18/0x40 [ 15.449458] kasan_save_alloc_info+0x3b/0x50 [ 15.449671] __kasan_kmalloc+0xb7/0xc0 [ 15.449807] __kmalloc_cache_noprof+0x189/0x420 [ 15.449972] kasan_bitops_generic+0x92/0x1c0 [ 15.450182] kunit_try_run_case+0x1a5/0x480 [ 15.450538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.450735] kthread+0x337/0x6f0 [ 15.450876] ret_from_fork+0x116/0x1d0 [ 15.451064] ret_from_fork_asm+0x1a/0x30 [ 15.451318] [ 15.451420] The buggy address belongs to the object at ffff888101679da0 [ 15.451420] which belongs to the cache kmalloc-16 of size 16 [ 15.452013] The buggy address is located 8 bytes inside of [ 15.452013] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.452600] [ 15.452674] The buggy address belongs to the physical page: [ 15.452846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.453094] flags: 0x200000000000000(node=0|zone=2) [ 15.453318] page_type: f5(slab) [ 15.453482] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.453832] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.454731] page dumped because: kasan: bad access detected [ 15.454961] [ 15.455055] Memory state around the buggy address: [ 15.455222] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.455440] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.455919] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.456288] ^ [ 15.456514] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.456816] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.457072] ================================================================== [ 15.457579] ================================================================== [ 15.457896] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.458267] Read of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.458608] [ 15.458694] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.458736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.458748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.458769] Call Trace: [ 15.458783] <TASK> [ 15.458797] dump_stack_lvl+0x73/0xb0 [ 15.458824] print_report+0xd1/0x610 [ 15.458847] ? __virt_addr_valid+0x1db/0x2d0 [ 15.458869] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.458899] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.458924] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.458954] kasan_report+0x141/0x180 [ 15.458977] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.459012] kasan_check_range+0x10c/0x1c0 [ 15.459036] __kasan_check_read+0x15/0x20 [ 15.459055] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.459087] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.459125] kasan_bitops_generic+0x121/0x1c0 [ 15.459150] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.459175] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.459205] kunit_try_run_case+0x1a5/0x480 [ 15.459230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.459254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.459278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.459303] ? __kthread_parkme+0x82/0x180 [ 15.459323] ? preempt_count_sub+0x50/0x80 [ 15.459348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.459372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.459398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.459479] kthread+0x337/0x6f0 [ 15.459501] ? trace_preempt_on+0x20/0xc0 [ 15.459524] ? __pfx_kthread+0x10/0x10 [ 15.459546] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.459579] ? calculate_sigpending+0x7b/0xa0 [ 15.459604] ? __pfx_kthread+0x10/0x10 [ 15.459626] ret_from_fork+0x116/0x1d0 [ 15.459645] ? __pfx_kthread+0x10/0x10 [ 15.459666] ret_from_fork_asm+0x1a/0x30 [ 15.459697] </TASK> [ 15.459707] [ 15.468715] Allocated by task 278: [ 15.468861] kasan_save_stack+0x45/0x70 [ 15.469011] kasan_save_track+0x18/0x40 [ 15.469152] kasan_save_alloc_info+0x3b/0x50 [ 15.469492] __kasan_kmalloc+0xb7/0xc0 [ 15.469665] __kmalloc_cache_noprof+0x189/0x420 [ 15.469884] kasan_bitops_generic+0x92/0x1c0 [ 15.470059] kunit_try_run_case+0x1a5/0x480 [ 15.470259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.470436] kthread+0x337/0x6f0 [ 15.470565] ret_from_fork+0x116/0x1d0 [ 15.470752] ret_from_fork_asm+0x1a/0x30 [ 15.471181] [ 15.471343] The buggy address belongs to the object at ffff888101679da0 [ 15.471343] which belongs to the cache kmalloc-16 of size 16 [ 15.471833] The buggy address is located 8 bytes inside of [ 15.471833] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.472418] [ 15.472495] The buggy address belongs to the physical page: [ 15.472728] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.473017] flags: 0x200000000000000(node=0|zone=2) [ 15.473182] page_type: f5(slab) [ 15.473345] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.473879] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.474157] page dumped because: kasan: bad access detected [ 15.474661] [ 15.474756] Memory state around the buggy address: [ 15.474940] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.475392] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.475635] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.475947] ^ [ 15.476149] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.476510] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.476769] ================================================================== [ 15.303198] ================================================================== [ 15.304148] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.305126] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.305771] [ 15.305865] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.305912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.305925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.305946] Call Trace: [ 15.305961] <TASK> [ 15.305976] dump_stack_lvl+0x73/0xb0 [ 15.306006] print_report+0xd1/0x610 [ 15.306029] ? __virt_addr_valid+0x1db/0x2d0 [ 15.306052] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.306083] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.306106] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.306136] kasan_report+0x141/0x180 [ 15.306158] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.306192] kasan_check_range+0x10c/0x1c0 [ 15.306216] __kasan_check_write+0x18/0x20 [ 15.306236] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.306339] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.306392] kasan_bitops_generic+0x121/0x1c0 [ 15.306425] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.306450] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.306479] kunit_try_run_case+0x1a5/0x480 [ 15.306504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.306526] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.306561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.306586] ? __kthread_parkme+0x82/0x180 [ 15.306607] ? preempt_count_sub+0x50/0x80 [ 15.306631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.306655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.306679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.306705] kthread+0x337/0x6f0 [ 15.306725] ? trace_preempt_on+0x20/0xc0 [ 15.306747] ? __pfx_kthread+0x10/0x10 [ 15.306768] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.306790] ? calculate_sigpending+0x7b/0xa0 [ 15.306814] ? __pfx_kthread+0x10/0x10 [ 15.306835] ret_from_fork+0x116/0x1d0 [ 15.306853] ? __pfx_kthread+0x10/0x10 [ 15.306874] ret_from_fork_asm+0x1a/0x30 [ 15.306905] </TASK> [ 15.306914] [ 15.321864] Allocated by task 278: [ 15.322221] kasan_save_stack+0x45/0x70 [ 15.322582] kasan_save_track+0x18/0x40 [ 15.322952] kasan_save_alloc_info+0x3b/0x50 [ 15.323106] __kasan_kmalloc+0xb7/0xc0 [ 15.323239] __kmalloc_cache_noprof+0x189/0x420 [ 15.323420] kasan_bitops_generic+0x92/0x1c0 [ 15.323982] kunit_try_run_case+0x1a5/0x480 [ 15.324628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.325154] kthread+0x337/0x6f0 [ 15.325560] ret_from_fork+0x116/0x1d0 [ 15.325979] ret_from_fork_asm+0x1a/0x30 [ 15.326498] [ 15.326688] The buggy address belongs to the object at ffff888101679da0 [ 15.326688] which belongs to the cache kmalloc-16 of size 16 [ 15.327143] The buggy address is located 8 bytes inside of [ 15.327143] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.328440] [ 15.328644] The buggy address belongs to the physical page: [ 15.329224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.329996] flags: 0x200000000000000(node=0|zone=2) [ 15.330467] page_type: f5(slab) [ 15.330718] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.331411] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.331809] page dumped because: kasan: bad access detected [ 15.331988] [ 15.332063] Memory state around the buggy address: [ 15.332219] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.333104] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.333925] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.334762] ^ [ 15.335444] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.336023] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.336303] ================================================================== [ 15.337221] ================================================================== [ 15.338136] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.338826] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.339061] [ 15.339148] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.339192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.339204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.339226] Call Trace: [ 15.339241] <TASK> [ 15.339257] dump_stack_lvl+0x73/0xb0 [ 15.339287] print_report+0xd1/0x610 [ 15.339308] ? __virt_addr_valid+0x1db/0x2d0 [ 15.339331] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.339361] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.339386] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.339590] kasan_report+0x141/0x180 [ 15.339621] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.339658] kasan_check_range+0x10c/0x1c0 [ 15.339682] __kasan_check_write+0x18/0x20 [ 15.339704] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.339733] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.339772] kasan_bitops_generic+0x121/0x1c0 [ 15.339797] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.339822] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.339851] kunit_try_run_case+0x1a5/0x480 [ 15.339874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.339898] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.339922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.339947] ? __kthread_parkme+0x82/0x180 [ 15.339967] ? preempt_count_sub+0x50/0x80 [ 15.339991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.340016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.340040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.340070] kthread+0x337/0x6f0 [ 15.340090] ? trace_preempt_on+0x20/0xc0 [ 15.340113] ? __pfx_kthread+0x10/0x10 [ 15.340134] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.340155] ? calculate_sigpending+0x7b/0xa0 [ 15.340179] ? __pfx_kthread+0x10/0x10 [ 15.340200] ret_from_fork+0x116/0x1d0 [ 15.340220] ? __pfx_kthread+0x10/0x10 [ 15.340289] ret_from_fork_asm+0x1a/0x30 [ 15.340323] </TASK> [ 15.340332] [ 15.356641] Allocated by task 278: [ 15.356820] kasan_save_stack+0x45/0x70 [ 15.356974] kasan_save_track+0x18/0x40 [ 15.357112] kasan_save_alloc_info+0x3b/0x50 [ 15.357779] __kasan_kmalloc+0xb7/0xc0 [ 15.358259] __kmalloc_cache_noprof+0x189/0x420 [ 15.359152] kasan_bitops_generic+0x92/0x1c0 [ 15.359687] kunit_try_run_case+0x1a5/0x480 [ 15.359906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.360140] kthread+0x337/0x6f0 [ 15.360294] ret_from_fork+0x116/0x1d0 [ 15.360452] ret_from_fork_asm+0x1a/0x30 [ 15.360612] [ 15.360703] The buggy address belongs to the object at ffff888101679da0 [ 15.360703] which belongs to the cache kmalloc-16 of size 16 [ 15.361172] The buggy address is located 8 bytes inside of [ 15.361172] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.362729] [ 15.363075] The buggy address belongs to the physical page: [ 15.363796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.364999] flags: 0x200000000000000(node=0|zone=2) [ 15.365654] page_type: f5(slab) [ 15.365822] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.366139] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.367144] page dumped because: kasan: bad access detected [ 15.367924] [ 15.368024] Memory state around the buggy address: [ 15.368512] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.368955] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.369464] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.369806] ^ [ 15.370006] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.370755] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.371177] ================================================================== [ 15.267744] ================================================================== [ 15.268107] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.271484] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.271738] [ 15.271828] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.271874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.271886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.271907] Call Trace: [ 15.271918] <TASK> [ 15.271934] dump_stack_lvl+0x73/0xb0 [ 15.271964] print_report+0xd1/0x610 [ 15.271986] ? __virt_addr_valid+0x1db/0x2d0 [ 15.272009] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.272039] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.272069] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.272101] kasan_report+0x141/0x180 [ 15.272123] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.272158] kasan_check_range+0x10c/0x1c0 [ 15.272182] __kasan_check_write+0x18/0x20 [ 15.272202] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.272547] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.272609] kasan_bitops_generic+0x121/0x1c0 [ 15.272634] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.272659] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.272699] kunit_try_run_case+0x1a5/0x480 [ 15.272725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.272748] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.272784] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.272809] ? __kthread_parkme+0x82/0x180 [ 15.272831] ? preempt_count_sub+0x50/0x80 [ 15.272855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.272881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.272906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.272932] kthread+0x337/0x6f0 [ 15.272951] ? trace_preempt_on+0x20/0xc0 [ 15.272975] ? __pfx_kthread+0x10/0x10 [ 15.273527] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.273604] ? calculate_sigpending+0x7b/0xa0 [ 15.273631] ? __pfx_kthread+0x10/0x10 [ 15.273654] ret_from_fork+0x116/0x1d0 [ 15.273676] ? __pfx_kthread+0x10/0x10 [ 15.273697] ret_from_fork_asm+0x1a/0x30 [ 15.273729] </TASK> [ 15.273739] [ 15.288136] Allocated by task 278: [ 15.288644] kasan_save_stack+0x45/0x70 [ 15.288844] kasan_save_track+0x18/0x40 [ 15.288979] kasan_save_alloc_info+0x3b/0x50 [ 15.289125] __kasan_kmalloc+0xb7/0xc0 [ 15.289336] __kmalloc_cache_noprof+0x189/0x420 [ 15.289932] kasan_bitops_generic+0x92/0x1c0 [ 15.290466] kunit_try_run_case+0x1a5/0x480 [ 15.290991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.291563] kthread+0x337/0x6f0 [ 15.291954] ret_from_fork+0x116/0x1d0 [ 15.292430] ret_from_fork_asm+0x1a/0x30 [ 15.292872] [ 15.293012] The buggy address belongs to the object at ffff888101679da0 [ 15.293012] which belongs to the cache kmalloc-16 of size 16 [ 15.293740] The buggy address is located 8 bytes inside of [ 15.293740] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.294958] [ 15.295087] The buggy address belongs to the physical page: [ 15.295671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.296284] flags: 0x200000000000000(node=0|zone=2) [ 15.296675] page_type: f5(slab) [ 15.296893] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.297479] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.297774] page dumped because: kasan: bad access detected [ 15.297948] [ 15.298017] Memory state around the buggy address: [ 15.298178] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.298934] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.299753] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.300524] ^ [ 15.301046] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.301785] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.302494] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 15.161091] ================================================================== [ 15.161366] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.161816] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.162161] [ 15.162360] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.162408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.162419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.162441] Call Trace: [ 15.162455] <TASK> [ 15.162471] dump_stack_lvl+0x73/0xb0 [ 15.162498] print_report+0xd1/0x610 [ 15.162520] ? __virt_addr_valid+0x1db/0x2d0 [ 15.162542] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.162582] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.162607] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.162634] kasan_report+0x141/0x180 [ 15.162656] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.162687] kasan_check_range+0x10c/0x1c0 [ 15.162712] __kasan_check_write+0x18/0x20 [ 15.162731] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.162758] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.162787] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.162813] ? kasan_bitops_generic+0x92/0x1c0 [ 15.162840] kasan_bitops_generic+0x116/0x1c0 [ 15.162864] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.162926] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.162980] kunit_try_run_case+0x1a5/0x480 [ 15.163004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.163027] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.163052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.163075] ? __kthread_parkme+0x82/0x180 [ 15.163097] ? preempt_count_sub+0x50/0x80 [ 15.163121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.163146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.163171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.163228] kthread+0x337/0x6f0 [ 15.163299] ? trace_preempt_on+0x20/0xc0 [ 15.163325] ? __pfx_kthread+0x10/0x10 [ 15.163347] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.163406] ? calculate_sigpending+0x7b/0xa0 [ 15.163431] ? __pfx_kthread+0x10/0x10 [ 15.163461] ret_from_fork+0x116/0x1d0 [ 15.163481] ? __pfx_kthread+0x10/0x10 [ 15.163502] ret_from_fork_asm+0x1a/0x30 [ 15.163533] </TASK> [ 15.163543] [ 15.172952] Allocated by task 278: [ 15.173181] kasan_save_stack+0x45/0x70 [ 15.173435] kasan_save_track+0x18/0x40 [ 15.173660] kasan_save_alloc_info+0x3b/0x50 [ 15.173943] __kasan_kmalloc+0xb7/0xc0 [ 15.174159] __kmalloc_cache_noprof+0x189/0x420 [ 15.174347] kasan_bitops_generic+0x92/0x1c0 [ 15.174724] kunit_try_run_case+0x1a5/0x480 [ 15.174922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.175178] kthread+0x337/0x6f0 [ 15.175382] ret_from_fork+0x116/0x1d0 [ 15.175791] ret_from_fork_asm+0x1a/0x30 [ 15.176010] [ 15.176153] The buggy address belongs to the object at ffff888101679da0 [ 15.176153] which belongs to the cache kmalloc-16 of size 16 [ 15.176807] The buggy address is located 8 bytes inside of [ 15.176807] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.177432] [ 15.177527] The buggy address belongs to the physical page: [ 15.177806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.178149] flags: 0x200000000000000(node=0|zone=2) [ 15.178494] page_type: f5(slab) [ 15.178816] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.179093] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.179353] page dumped because: kasan: bad access detected [ 15.179708] [ 15.179807] Memory state around the buggy address: [ 15.179965] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.180225] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.180939] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.181220] ^ [ 15.181367] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.181868] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.182325] ================================================================== [ 15.139390] ================================================================== [ 15.139849] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.140223] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.140797] [ 15.140882] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.140924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.140935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.140956] Call Trace: [ 15.140968] <TASK> [ 15.140981] dump_stack_lvl+0x73/0xb0 [ 15.141011] print_report+0xd1/0x610 [ 15.141067] ? __virt_addr_valid+0x1db/0x2d0 [ 15.141119] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.141146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.141170] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.141197] kasan_report+0x141/0x180 [ 15.141219] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.141251] kasan_check_range+0x10c/0x1c0 [ 15.141275] __kasan_check_write+0x18/0x20 [ 15.141368] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.141396] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.141425] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.141450] ? kasan_bitops_generic+0x92/0x1c0 [ 15.141479] kasan_bitops_generic+0x116/0x1c0 [ 15.141504] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.141529] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.141573] kunit_try_run_case+0x1a5/0x480 [ 15.141598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.141622] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.141646] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.141670] ? __kthread_parkme+0x82/0x180 [ 15.141691] ? preempt_count_sub+0x50/0x80 [ 15.141715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.141740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.141765] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.141791] kthread+0x337/0x6f0 [ 15.141811] ? trace_preempt_on+0x20/0xc0 [ 15.141835] ? __pfx_kthread+0x10/0x10 [ 15.141856] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.141878] ? calculate_sigpending+0x7b/0xa0 [ 15.141902] ? __pfx_kthread+0x10/0x10 [ 15.141924] ret_from_fork+0x116/0x1d0 [ 15.141943] ? __pfx_kthread+0x10/0x10 [ 15.141964] ret_from_fork_asm+0x1a/0x30 [ 15.141994] </TASK> [ 15.142005] [ 15.150918] Allocated by task 278: [ 15.151456] kasan_save_stack+0x45/0x70 [ 15.151679] kasan_save_track+0x18/0x40 [ 15.151900] kasan_save_alloc_info+0x3b/0x50 [ 15.152126] __kasan_kmalloc+0xb7/0xc0 [ 15.152400] __kmalloc_cache_noprof+0x189/0x420 [ 15.152704] kasan_bitops_generic+0x92/0x1c0 [ 15.152896] kunit_try_run_case+0x1a5/0x480 [ 15.153046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.153219] kthread+0x337/0x6f0 [ 15.153455] ret_from_fork+0x116/0x1d0 [ 15.153765] ret_from_fork_asm+0x1a/0x30 [ 15.153963] [ 15.154058] The buggy address belongs to the object at ffff888101679da0 [ 15.154058] which belongs to the cache kmalloc-16 of size 16 [ 15.154746] The buggy address is located 8 bytes inside of [ 15.154746] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.155166] [ 15.155296] The buggy address belongs to the physical page: [ 15.155919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.156216] flags: 0x200000000000000(node=0|zone=2) [ 15.156650] page_type: f5(slab) [ 15.156854] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.157100] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.157717] page dumped because: kasan: bad access detected [ 15.157921] [ 15.157989] Memory state around the buggy address: [ 15.158190] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.158739] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.159036] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.159473] ^ [ 15.159775] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.160096] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.160445] ================================================================== [ 15.094507] ================================================================== [ 15.095000] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.095336] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.095705] [ 15.095817] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.095860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.095872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.095892] Call Trace: [ 15.095905] <TASK> [ 15.095920] dump_stack_lvl+0x73/0xb0 [ 15.095951] print_report+0xd1/0x610 [ 15.095973] ? __virt_addr_valid+0x1db/0x2d0 [ 15.095997] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.096025] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.096048] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.096082] kasan_report+0x141/0x180 [ 15.096104] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.096136] kasan_check_range+0x10c/0x1c0 [ 15.096160] __kasan_check_write+0x18/0x20 [ 15.096180] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.096208] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.096237] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.096301] ? kasan_bitops_generic+0x92/0x1c0 [ 15.096331] kasan_bitops_generic+0x116/0x1c0 [ 15.096382] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.096409] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.096451] kunit_try_run_case+0x1a5/0x480 [ 15.096476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.096500] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.096525] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.096558] ? __kthread_parkme+0x82/0x180 [ 15.096580] ? preempt_count_sub+0x50/0x80 [ 15.096605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.096630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.096655] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.096681] kthread+0x337/0x6f0 [ 15.096701] ? trace_preempt_on+0x20/0xc0 [ 15.096724] ? __pfx_kthread+0x10/0x10 [ 15.096745] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.096767] ? calculate_sigpending+0x7b/0xa0 [ 15.096792] ? __pfx_kthread+0x10/0x10 [ 15.096814] ret_from_fork+0x116/0x1d0 [ 15.096834] ? __pfx_kthread+0x10/0x10 [ 15.096855] ret_from_fork_asm+0x1a/0x30 [ 15.096886] </TASK> [ 15.096898] [ 15.107537] Allocated by task 278: [ 15.107874] kasan_save_stack+0x45/0x70 [ 15.108127] kasan_save_track+0x18/0x40 [ 15.108267] kasan_save_alloc_info+0x3b/0x50 [ 15.108788] __kasan_kmalloc+0xb7/0xc0 [ 15.108943] __kmalloc_cache_noprof+0x189/0x420 [ 15.109208] kasan_bitops_generic+0x92/0x1c0 [ 15.109488] kunit_try_run_case+0x1a5/0x480 [ 15.109701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.109932] kthread+0x337/0x6f0 [ 15.110094] ret_from_fork+0x116/0x1d0 [ 15.110226] ret_from_fork_asm+0x1a/0x30 [ 15.110425] [ 15.110565] The buggy address belongs to the object at ffff888101679da0 [ 15.110565] which belongs to the cache kmalloc-16 of size 16 [ 15.111320] The buggy address is located 8 bytes inside of [ 15.111320] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.112050] [ 15.112179] The buggy address belongs to the physical page: [ 15.112377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.112871] flags: 0x200000000000000(node=0|zone=2) [ 15.113128] page_type: f5(slab) [ 15.113298] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.113724] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.113967] page dumped because: kasan: bad access detected [ 15.114177] [ 15.114270] Memory state around the buggy address: [ 15.114683] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.114969] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.115421] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.115699] ^ [ 15.115955] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.116643] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.116934] ================================================================== [ 15.227909] ================================================================== [ 15.228337] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.228714] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.229027] [ 15.229119] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.229161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.229173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.229195] Call Trace: [ 15.229209] <TASK> [ 15.229287] dump_stack_lvl+0x73/0xb0 [ 15.229322] print_report+0xd1/0x610 [ 15.229345] ? __virt_addr_valid+0x1db/0x2d0 [ 15.229368] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.229396] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.229419] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.229464] kasan_report+0x141/0x180 [ 15.229486] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.229519] kasan_check_range+0x10c/0x1c0 [ 15.229543] __kasan_check_write+0x18/0x20 [ 15.229572] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.229600] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.229630] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.229658] ? kasan_bitops_generic+0x92/0x1c0 [ 15.229688] kasan_bitops_generic+0x116/0x1c0 [ 15.229714] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.229739] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.229768] kunit_try_run_case+0x1a5/0x480 [ 15.229793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.229816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.229841] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.229865] ? __kthread_parkme+0x82/0x180 [ 15.229887] ? preempt_count_sub+0x50/0x80 [ 15.229912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.229938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.229964] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.229990] kthread+0x337/0x6f0 [ 15.230009] ? trace_preempt_on+0x20/0xc0 [ 15.230033] ? __pfx_kthread+0x10/0x10 [ 15.230054] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.230076] ? calculate_sigpending+0x7b/0xa0 [ 15.230100] ? __pfx_kthread+0x10/0x10 [ 15.230121] ret_from_fork+0x116/0x1d0 [ 15.230140] ? __pfx_kthread+0x10/0x10 [ 15.230160] ret_from_fork_asm+0x1a/0x30 [ 15.230190] </TASK> [ 15.230200] [ 15.238024] Allocated by task 278: [ 15.238201] kasan_save_stack+0x45/0x70 [ 15.238489] kasan_save_track+0x18/0x40 [ 15.238695] kasan_save_alloc_info+0x3b/0x50 [ 15.238888] __kasan_kmalloc+0xb7/0xc0 [ 15.239022] __kmalloc_cache_noprof+0x189/0x420 [ 15.239179] kasan_bitops_generic+0x92/0x1c0 [ 15.239566] kunit_try_run_case+0x1a5/0x480 [ 15.239784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.240040] kthread+0x337/0x6f0 [ 15.240216] ret_from_fork+0x116/0x1d0 [ 15.240401] ret_from_fork_asm+0x1a/0x30 [ 15.240578] [ 15.240679] The buggy address belongs to the object at ffff888101679da0 [ 15.240679] which belongs to the cache kmalloc-16 of size 16 [ 15.241078] The buggy address is located 8 bytes inside of [ 15.241078] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.241628] [ 15.241819] The buggy address belongs to the physical page: [ 15.242038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.242455] flags: 0x200000000000000(node=0|zone=2) [ 15.242677] page_type: f5(slab) [ 15.242829] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.243137] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.243481] page dumped because: kasan: bad access detected [ 15.243670] [ 15.243742] Memory state around the buggy address: [ 15.243952] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.244350] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.244711] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.245028] ^ [ 15.245540] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.245918] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.246291] ================================================================== [ 15.182825] ================================================================== [ 15.183230] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.183616] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.183989] [ 15.184136] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.184179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.184190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.184210] Call Trace: [ 15.184223] <TASK> [ 15.184238] dump_stack_lvl+0x73/0xb0 [ 15.184352] print_report+0xd1/0x610 [ 15.184376] ? __virt_addr_valid+0x1db/0x2d0 [ 15.184400] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.184477] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.184501] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.184528] kasan_report+0x141/0x180 [ 15.184562] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.184595] kasan_check_range+0x10c/0x1c0 [ 15.184651] __kasan_check_write+0x18/0x20 [ 15.184671] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.184699] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.184728] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.184753] ? kasan_bitops_generic+0x92/0x1c0 [ 15.184807] kasan_bitops_generic+0x116/0x1c0 [ 15.184832] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.184857] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.184887] kunit_try_run_case+0x1a5/0x480 [ 15.184912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.184935] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.184960] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.184986] ? __kthread_parkme+0x82/0x180 [ 15.185007] ? preempt_count_sub+0x50/0x80 [ 15.185032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.185057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.185082] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.185109] kthread+0x337/0x6f0 [ 15.185128] ? trace_preempt_on+0x20/0xc0 [ 15.185152] ? __pfx_kthread+0x10/0x10 [ 15.185173] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.185195] ? calculate_sigpending+0x7b/0xa0 [ 15.185220] ? __pfx_kthread+0x10/0x10 [ 15.185308] ret_from_fork+0x116/0x1d0 [ 15.185332] ? __pfx_kthread+0x10/0x10 [ 15.185354] ret_from_fork_asm+0x1a/0x30 [ 15.185385] </TASK> [ 15.185394] [ 15.194892] Allocated by task 278: [ 15.195065] kasan_save_stack+0x45/0x70 [ 15.195267] kasan_save_track+0x18/0x40 [ 15.195534] kasan_save_alloc_info+0x3b/0x50 [ 15.195772] __kasan_kmalloc+0xb7/0xc0 [ 15.195965] __kmalloc_cache_noprof+0x189/0x420 [ 15.196219] kasan_bitops_generic+0x92/0x1c0 [ 15.196563] kunit_try_run_case+0x1a5/0x480 [ 15.196736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.196942] kthread+0x337/0x6f0 [ 15.197133] ret_from_fork+0x116/0x1d0 [ 15.197324] ret_from_fork_asm+0x1a/0x30 [ 15.197467] [ 15.197539] The buggy address belongs to the object at ffff888101679da0 [ 15.197539] which belongs to the cache kmalloc-16 of size 16 [ 15.200176] The buggy address is located 8 bytes inside of [ 15.200176] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.201455] [ 15.201539] The buggy address belongs to the physical page: [ 15.201721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.201957] flags: 0x200000000000000(node=0|zone=2) [ 15.202117] page_type: f5(slab) [ 15.202235] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.203515] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.204545] page dumped because: kasan: bad access detected [ 15.205438] [ 15.205782] Memory state around the buggy address: [ 15.206403] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.206761] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.207095] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.207424] ^ [ 15.207638] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207956] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.208275] ================================================================== [ 15.246770] ================================================================== [ 15.247112] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.247533] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.247856] [ 15.247957] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.248000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.248011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.248033] Call Trace: [ 15.248045] <TASK> [ 15.248065] dump_stack_lvl+0x73/0xb0 [ 15.248092] print_report+0xd1/0x610 [ 15.248113] ? __virt_addr_valid+0x1db/0x2d0 [ 15.248135] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.248163] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.248186] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.248214] kasan_report+0x141/0x180 [ 15.248306] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.248339] kasan_check_range+0x10c/0x1c0 [ 15.248363] __kasan_check_write+0x18/0x20 [ 15.248384] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.248411] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.248456] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.248482] ? kasan_bitops_generic+0x92/0x1c0 [ 15.248509] kasan_bitops_generic+0x116/0x1c0 [ 15.248534] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.248568] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.248598] kunit_try_run_case+0x1a5/0x480 [ 15.248622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.248646] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.248671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.248696] ? __kthread_parkme+0x82/0x180 [ 15.248717] ? preempt_count_sub+0x50/0x80 [ 15.248742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.248767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.248794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.248821] kthread+0x337/0x6f0 [ 15.248839] ? trace_preempt_on+0x20/0xc0 [ 15.248863] ? __pfx_kthread+0x10/0x10 [ 15.248883] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.248905] ? calculate_sigpending+0x7b/0xa0 [ 15.248928] ? __pfx_kthread+0x10/0x10 [ 15.248950] ret_from_fork+0x116/0x1d0 [ 15.248969] ? __pfx_kthread+0x10/0x10 [ 15.248989] ret_from_fork_asm+0x1a/0x30 [ 15.249020] </TASK> [ 15.249030] [ 15.257094] Allocated by task 278: [ 15.257444] kasan_save_stack+0x45/0x70 [ 15.257651] kasan_save_track+0x18/0x40 [ 15.257791] kasan_save_alloc_info+0x3b/0x50 [ 15.257965] __kasan_kmalloc+0xb7/0xc0 [ 15.258154] __kmalloc_cache_noprof+0x189/0x420 [ 15.258468] kasan_bitops_generic+0x92/0x1c0 [ 15.258700] kunit_try_run_case+0x1a5/0x480 [ 15.258907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.259150] kthread+0x337/0x6f0 [ 15.259354] ret_from_fork+0x116/0x1d0 [ 15.259576] ret_from_fork_asm+0x1a/0x30 [ 15.259717] [ 15.259787] The buggy address belongs to the object at ffff888101679da0 [ 15.259787] which belongs to the cache kmalloc-16 of size 16 [ 15.260190] The buggy address is located 8 bytes inside of [ 15.260190] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.260800] [ 15.260897] The buggy address belongs to the physical page: [ 15.261086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.261332] flags: 0x200000000000000(node=0|zone=2) [ 15.261547] page_type: f5(slab) [ 15.261722] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.262056] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.262388] page dumped because: kasan: bad access detected [ 15.262645] [ 15.262737] Memory state around the buggy address: [ 15.262951] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.263213] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.263499] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.263839] ^ [ 15.264045] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264457] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264796] ================================================================== [ 15.208890] ================================================================== [ 15.209183] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.209749] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.210049] [ 15.210160] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.210203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.210214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.210306] Call Trace: [ 15.210322] <TASK> [ 15.210337] dump_stack_lvl+0x73/0xb0 [ 15.210366] print_report+0xd1/0x610 [ 15.210389] ? __virt_addr_valid+0x1db/0x2d0 [ 15.210411] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.210456] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.210480] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.210507] kasan_report+0x141/0x180 [ 15.210529] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.210571] kasan_check_range+0x10c/0x1c0 [ 15.210595] __kasan_check_write+0x18/0x20 [ 15.210615] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.210642] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.210671] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.210697] ? kasan_bitops_generic+0x92/0x1c0 [ 15.210724] kasan_bitops_generic+0x116/0x1c0 [ 15.210749] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.210774] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.210804] kunit_try_run_case+0x1a5/0x480 [ 15.210829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.210852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.210876] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.210901] ? __kthread_parkme+0x82/0x180 [ 15.210921] ? preempt_count_sub+0x50/0x80 [ 15.210945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.210970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.210995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.211021] kthread+0x337/0x6f0 [ 15.211039] ? trace_preempt_on+0x20/0xc0 [ 15.211062] ? __pfx_kthread+0x10/0x10 [ 15.211083] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.211105] ? calculate_sigpending+0x7b/0xa0 [ 15.211128] ? __pfx_kthread+0x10/0x10 [ 15.211150] ret_from_fork+0x116/0x1d0 [ 15.211169] ? __pfx_kthread+0x10/0x10 [ 15.211189] ret_from_fork_asm+0x1a/0x30 [ 15.211220] </TASK> [ 15.211288] [ 15.219361] Allocated by task 278: [ 15.219519] kasan_save_stack+0x45/0x70 [ 15.219724] kasan_save_track+0x18/0x40 [ 15.219885] kasan_save_alloc_info+0x3b/0x50 [ 15.220102] __kasan_kmalloc+0xb7/0xc0 [ 15.220247] __kmalloc_cache_noprof+0x189/0x420 [ 15.220407] kasan_bitops_generic+0x92/0x1c0 [ 15.220809] kunit_try_run_case+0x1a5/0x480 [ 15.221029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.221357] kthread+0x337/0x6f0 [ 15.221570] ret_from_fork+0x116/0x1d0 [ 15.221749] ret_from_fork_asm+0x1a/0x30 [ 15.221925] [ 15.222001] The buggy address belongs to the object at ffff888101679da0 [ 15.222001] which belongs to the cache kmalloc-16 of size 16 [ 15.222537] The buggy address is located 8 bytes inside of [ 15.222537] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.223077] [ 15.223173] The buggy address belongs to the physical page: [ 15.223514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.223859] flags: 0x200000000000000(node=0|zone=2) [ 15.224077] page_type: f5(slab) [ 15.224286] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.224624] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.224922] page dumped because: kasan: bad access detected [ 15.225118] [ 15.225187] Memory state around the buggy address: [ 15.225627] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.225953] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.226295] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.226613] ^ [ 15.226788] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.227008] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.227378] ================================================================== [ 15.117463] ================================================================== [ 15.117750] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.118115] Write of size 8 at addr ffff888101679da8 by task kunit_try_catch/278 [ 15.118373] [ 15.118623] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.118682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.118693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.118714] Call Trace: [ 15.118729] <TASK> [ 15.118745] dump_stack_lvl+0x73/0xb0 [ 15.118773] print_report+0xd1/0x610 [ 15.118796] ? __virt_addr_valid+0x1db/0x2d0 [ 15.118818] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.118845] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.118869] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.118897] kasan_report+0x141/0x180 [ 15.118919] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.118951] kasan_check_range+0x10c/0x1c0 [ 15.118975] __kasan_check_write+0x18/0x20 [ 15.118996] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.119023] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.119052] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.119078] ? kasan_bitops_generic+0x92/0x1c0 [ 15.119131] kasan_bitops_generic+0x116/0x1c0 [ 15.119156] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.119192] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.119222] kunit_try_run_case+0x1a5/0x480 [ 15.119247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.119270] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.119296] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.119321] ? __kthread_parkme+0x82/0x180 [ 15.119341] ? preempt_count_sub+0x50/0x80 [ 15.119366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.119391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.119484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.119525] kthread+0x337/0x6f0 [ 15.119545] ? trace_preempt_on+0x20/0xc0 [ 15.119577] ? __pfx_kthread+0x10/0x10 [ 15.119598] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.119620] ? calculate_sigpending+0x7b/0xa0 [ 15.119645] ? __pfx_kthread+0x10/0x10 [ 15.119667] ret_from_fork+0x116/0x1d0 [ 15.119687] ? __pfx_kthread+0x10/0x10 [ 15.119708] ret_from_fork_asm+0x1a/0x30 [ 15.119738] </TASK> [ 15.119748] [ 15.128999] Allocated by task 278: [ 15.129234] kasan_save_stack+0x45/0x70 [ 15.129515] kasan_save_track+0x18/0x40 [ 15.129666] kasan_save_alloc_info+0x3b/0x50 [ 15.129898] __kasan_kmalloc+0xb7/0xc0 [ 15.130308] __kmalloc_cache_noprof+0x189/0x420 [ 15.130589] kasan_bitops_generic+0x92/0x1c0 [ 15.130806] kunit_try_run_case+0x1a5/0x480 [ 15.130986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.131185] kthread+0x337/0x6f0 [ 15.131535] ret_from_fork+0x116/0x1d0 [ 15.131838] ret_from_fork_asm+0x1a/0x30 [ 15.132062] [ 15.132171] The buggy address belongs to the object at ffff888101679da0 [ 15.132171] which belongs to the cache kmalloc-16 of size 16 [ 15.132811] The buggy address is located 8 bytes inside of [ 15.132811] allocated 9-byte region [ffff888101679da0, ffff888101679da9) [ 15.133565] [ 15.133641] The buggy address belongs to the physical page: [ 15.133855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 15.134253] flags: 0x200000000000000(node=0|zone=2) [ 15.134604] page_type: f5(slab) [ 15.134759] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.135041] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.135664] page dumped because: kasan: bad access detected [ 15.135917] [ 15.136011] Memory state around the buggy address: [ 15.136213] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 15.136634] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.137029] >ffff888101679d80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.137619] ^ [ 15.137827] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.138200] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.138756] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 15.065859] ================================================================== [ 15.066164] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 15.066583] Read of size 1 at addr ffff888102a5ed10 by task kunit_try_catch/276 [ 15.066889] [ 15.066990] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.067033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.067045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.067068] Call Trace: [ 15.067082] <TASK> [ 15.067096] dump_stack_lvl+0x73/0xb0 [ 15.067123] print_report+0xd1/0x610 [ 15.067145] ? __virt_addr_valid+0x1db/0x2d0 [ 15.067168] ? strnlen+0x73/0x80 [ 15.067186] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.067209] ? strnlen+0x73/0x80 [ 15.067228] kasan_report+0x141/0x180 [ 15.067414] ? strnlen+0x73/0x80 [ 15.067439] __asan_report_load1_noabort+0x18/0x20 [ 15.067465] strnlen+0x73/0x80 [ 15.067485] kasan_strings+0x615/0xe80 [ 15.067504] ? trace_hardirqs_on+0x37/0xe0 [ 15.067529] ? __pfx_kasan_strings+0x10/0x10 [ 15.067565] ? finish_task_switch.isra.0+0x153/0x700 [ 15.067589] ? __switch_to+0x47/0xf50 [ 15.067614] ? __schedule+0x10cc/0x2b60 [ 15.067637] ? __pfx_read_tsc+0x10/0x10 [ 15.067659] ? ktime_get_ts64+0x86/0x230 [ 15.067683] kunit_try_run_case+0x1a5/0x480 [ 15.067708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.067732] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.067756] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.067781] ? __kthread_parkme+0x82/0x180 [ 15.067802] ? preempt_count_sub+0x50/0x80 [ 15.067826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.067851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.067876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.067902] kthread+0x337/0x6f0 [ 15.067921] ? trace_preempt_on+0x20/0xc0 [ 15.067944] ? __pfx_kthread+0x10/0x10 [ 15.067965] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.067987] ? calculate_sigpending+0x7b/0xa0 [ 15.068011] ? __pfx_kthread+0x10/0x10 [ 15.068033] ret_from_fork+0x116/0x1d0 [ 15.068057] ? __pfx_kthread+0x10/0x10 [ 15.068078] ret_from_fork_asm+0x1a/0x30 [ 15.068108] </TASK> [ 15.068119] [ 15.076154] Allocated by task 276: [ 15.076462] kasan_save_stack+0x45/0x70 [ 15.076691] kasan_save_track+0x18/0x40 [ 15.076868] kasan_save_alloc_info+0x3b/0x50 [ 15.077105] __kasan_kmalloc+0xb7/0xc0 [ 15.077386] __kmalloc_cache_noprof+0x189/0x420 [ 15.077633] kasan_strings+0xc0/0xe80 [ 15.077853] kunit_try_run_case+0x1a5/0x480 [ 15.078002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.078178] kthread+0x337/0x6f0 [ 15.078365] ret_from_fork+0x116/0x1d0 [ 15.078523] ret_from_fork_asm+0x1a/0x30 [ 15.078728] [ 15.078847] Freed by task 276: [ 15.079002] kasan_save_stack+0x45/0x70 [ 15.079193] kasan_save_track+0x18/0x40 [ 15.079593] kasan_save_free_info+0x3f/0x60 [ 15.079810] __kasan_slab_free+0x56/0x70 [ 15.080007] kfree+0x222/0x3f0 [ 15.080196] kasan_strings+0x2aa/0xe80 [ 15.080493] kunit_try_run_case+0x1a5/0x480 [ 15.080737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.081006] kthread+0x337/0x6f0 [ 15.081134] ret_from_fork+0x116/0x1d0 [ 15.081349] ret_from_fork_asm+0x1a/0x30 [ 15.081521] [ 15.081628] The buggy address belongs to the object at ffff888102a5ed00 [ 15.081628] which belongs to the cache kmalloc-32 of size 32 [ 15.082189] The buggy address is located 16 bytes inside of [ 15.082189] freed 32-byte region [ffff888102a5ed00, ffff888102a5ed20) [ 15.082824] [ 15.082923] The buggy address belongs to the physical page: [ 15.083196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5e [ 15.083768] flags: 0x200000000000000(node=0|zone=2) [ 15.084001] page_type: f5(slab) [ 15.084176] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.084614] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.084924] page dumped because: kasan: bad access detected [ 15.085178] [ 15.085332] Memory state around the buggy address: [ 15.085599] ffff888102a5ec00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.085924] ffff888102a5ec80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.086303] >ffff888102a5ed00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.086668] ^ [ 15.086841] ffff888102a5ed80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.087057] ffff888102a5ee00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.087459] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 15.036992] ================================================================== [ 15.037528] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 15.037745] Read of size 1 at addr ffff888102a5ed10 by task kunit_try_catch/276 [ 15.038055] [ 15.038164] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.038208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.038232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.038312] Call Trace: [ 15.038331] <TASK> [ 15.038348] dump_stack_lvl+0x73/0xb0 [ 15.038375] print_report+0xd1/0x610 [ 15.038397] ? __virt_addr_valid+0x1db/0x2d0 [ 15.038429] ? strlen+0x8f/0xb0 [ 15.038446] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.038470] ? strlen+0x8f/0xb0 [ 15.038487] kasan_report+0x141/0x180 [ 15.038509] ? strlen+0x8f/0xb0 [ 15.038531] __asan_report_load1_noabort+0x18/0x20 [ 15.038567] strlen+0x8f/0xb0 [ 15.038585] kasan_strings+0x57b/0xe80 [ 15.038605] ? trace_hardirqs_on+0x37/0xe0 [ 15.038628] ? __pfx_kasan_strings+0x10/0x10 [ 15.038649] ? finish_task_switch.isra.0+0x153/0x700 [ 15.038672] ? __switch_to+0x47/0xf50 [ 15.038697] ? __schedule+0x10cc/0x2b60 [ 15.038720] ? __pfx_read_tsc+0x10/0x10 [ 15.038751] ? ktime_get_ts64+0x86/0x230 [ 15.038776] kunit_try_run_case+0x1a5/0x480 [ 15.038801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.038836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.038861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.038885] ? __kthread_parkme+0x82/0x180 [ 15.038905] ? preempt_count_sub+0x50/0x80 [ 15.038929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.038954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.038979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.039005] kthread+0x337/0x6f0 [ 15.039024] ? trace_preempt_on+0x20/0xc0 [ 15.039046] ? __pfx_kthread+0x10/0x10 [ 15.039067] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.039089] ? calculate_sigpending+0x7b/0xa0 [ 15.039114] ? __pfx_kthread+0x10/0x10 [ 15.039136] ret_from_fork+0x116/0x1d0 [ 15.039155] ? __pfx_kthread+0x10/0x10 [ 15.039176] ret_from_fork_asm+0x1a/0x30 [ 15.039217] </TASK> [ 15.039226] [ 15.051049] Allocated by task 276: [ 15.051220] kasan_save_stack+0x45/0x70 [ 15.051620] kasan_save_track+0x18/0x40 [ 15.051795] kasan_save_alloc_info+0x3b/0x50 [ 15.051995] __kasan_kmalloc+0xb7/0xc0 [ 15.052178] __kmalloc_cache_noprof+0x189/0x420 [ 15.052962] kasan_strings+0xc0/0xe80 [ 15.053139] kunit_try_run_case+0x1a5/0x480 [ 15.053522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.053778] kthread+0x337/0x6f0 [ 15.053938] ret_from_fork+0x116/0x1d0 [ 15.054115] ret_from_fork_asm+0x1a/0x30 [ 15.054726] [ 15.054831] Freed by task 276: [ 15.055167] kasan_save_stack+0x45/0x70 [ 15.055649] kasan_save_track+0x18/0x40 [ 15.055842] kasan_save_free_info+0x3f/0x60 [ 15.056035] __kasan_slab_free+0x56/0x70 [ 15.056213] kfree+0x222/0x3f0 [ 15.056435] kasan_strings+0x2aa/0xe80 [ 15.056625] kunit_try_run_case+0x1a5/0x480 [ 15.056820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.057049] kthread+0x337/0x6f0 [ 15.057190] ret_from_fork+0x116/0x1d0 [ 15.057901] ret_from_fork_asm+0x1a/0x30 [ 15.058231] [ 15.058695] The buggy address belongs to the object at ffff888102a5ed00 [ 15.058695] which belongs to the cache kmalloc-32 of size 32 [ 15.059735] The buggy address is located 16 bytes inside of [ 15.059735] freed 32-byte region [ffff888102a5ed00, ffff888102a5ed20) [ 15.060230] [ 15.060375] The buggy address belongs to the physical page: [ 15.061012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5e [ 15.061421] flags: 0x200000000000000(node=0|zone=2) [ 15.061654] page_type: f5(slab) [ 15.061803] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.062123] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.062713] page dumped because: kasan: bad access detected [ 15.062950] [ 15.063037] Memory state around the buggy address: [ 15.063404] ffff888102a5ec00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.063718] ffff888102a5ec80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.063999] >ffff888102a5ed00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.064391] ^ [ 15.064589] ffff888102a5ed80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.064879] ffff888102a5ee00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.065152] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 15.007620] ================================================================== [ 15.008280] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 15.009034] Read of size 1 at addr ffff888102a5ed10 by task kunit_try_catch/276 [ 15.011923] [ 15.012027] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.012079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.012091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.012113] Call Trace: [ 15.012124] <TASK> [ 15.012139] dump_stack_lvl+0x73/0xb0 [ 15.012170] print_report+0xd1/0x610 [ 15.012193] ? __virt_addr_valid+0x1db/0x2d0 [ 15.012216] ? kasan_strings+0xcbc/0xe80 [ 15.012714] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.012761] ? kasan_strings+0xcbc/0xe80 [ 15.012784] kasan_report+0x141/0x180 [ 15.012807] ? kasan_strings+0xcbc/0xe80 [ 15.012833] __asan_report_load1_noabort+0x18/0x20 [ 15.012858] kasan_strings+0xcbc/0xe80 [ 15.012879] ? trace_hardirqs_on+0x37/0xe0 [ 15.012904] ? __pfx_kasan_strings+0x10/0x10 [ 15.012926] ? finish_task_switch.isra.0+0x153/0x700 [ 15.012949] ? __switch_to+0x47/0xf50 [ 15.012975] ? __schedule+0x10cc/0x2b60 [ 15.012997] ? __pfx_read_tsc+0x10/0x10 [ 15.013017] ? ktime_get_ts64+0x86/0x230 [ 15.013041] kunit_try_run_case+0x1a5/0x480 [ 15.013066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.013089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.013113] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.013138] ? __kthread_parkme+0x82/0x180 [ 15.013158] ? preempt_count_sub+0x50/0x80 [ 15.013181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.013205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.013231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.013300] kthread+0x337/0x6f0 [ 15.013320] ? trace_preempt_on+0x20/0xc0 [ 15.013343] ? __pfx_kthread+0x10/0x10 [ 15.013364] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.013387] ? calculate_sigpending+0x7b/0xa0 [ 15.013420] ? __pfx_kthread+0x10/0x10 [ 15.013441] ret_from_fork+0x116/0x1d0 [ 15.013461] ? __pfx_kthread+0x10/0x10 [ 15.013482] ret_from_fork_asm+0x1a/0x30 [ 15.013513] </TASK> [ 15.013523] [ 15.024990] Allocated by task 276: [ 15.025214] kasan_save_stack+0x45/0x70 [ 15.025373] kasan_save_track+0x18/0x40 [ 15.025511] kasan_save_alloc_info+0x3b/0x50 [ 15.025671] __kasan_kmalloc+0xb7/0xc0 [ 15.025889] __kmalloc_cache_noprof+0x189/0x420 [ 15.026147] kasan_strings+0xc0/0xe80 [ 15.026467] kunit_try_run_case+0x1a5/0x480 [ 15.026696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.026935] kthread+0x337/0x6f0 [ 15.027058] ret_from_fork+0x116/0x1d0 [ 15.027193] ret_from_fork_asm+0x1a/0x30 [ 15.027381] [ 15.027565] Freed by task 276: [ 15.027966] kasan_save_stack+0x45/0x70 [ 15.028173] kasan_save_track+0x18/0x40 [ 15.028598] kasan_save_free_info+0x3f/0x60 [ 15.028831] __kasan_slab_free+0x56/0x70 [ 15.029025] kfree+0x222/0x3f0 [ 15.029212] kasan_strings+0x2aa/0xe80 [ 15.029473] kunit_try_run_case+0x1a5/0x480 [ 15.029688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.029933] kthread+0x337/0x6f0 [ 15.030109] ret_from_fork+0x116/0x1d0 [ 15.030362] ret_from_fork_asm+0x1a/0x30 [ 15.030638] [ 15.030718] The buggy address belongs to the object at ffff888102a5ed00 [ 15.030718] which belongs to the cache kmalloc-32 of size 32 [ 15.031229] The buggy address is located 16 bytes inside of [ 15.031229] freed 32-byte region [ffff888102a5ed00, ffff888102a5ed20) [ 15.031893] [ 15.031997] The buggy address belongs to the physical page: [ 15.032207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5e [ 15.032449] flags: 0x200000000000000(node=0|zone=2) [ 15.032695] page_type: f5(slab) [ 15.032873] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.033209] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.033712] page dumped because: kasan: bad access detected [ 15.033883] [ 15.033951] Memory state around the buggy address: [ 15.034101] ffff888102a5ec00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.034518] ffff888102a5ec80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.034878] >ffff888102a5ed00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.035188] ^ [ 15.035635] ffff888102a5ed80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.036012] ffff888102a5ee00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.036294] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.983771] ================================================================== [ 14.984707] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.984986] Read of size 1 at addr ffff888102a5ed10 by task kunit_try_catch/276 [ 14.985291] [ 14.985390] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.985436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.985448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.985472] Call Trace: [ 14.985484] <TASK> [ 14.985499] dump_stack_lvl+0x73/0xb0 [ 14.985527] print_report+0xd1/0x610 [ 14.986043] ? __virt_addr_valid+0x1db/0x2d0 [ 14.986081] ? strcmp+0xb0/0xc0 [ 14.986098] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.986124] ? strcmp+0xb0/0xc0 [ 14.986142] kasan_report+0x141/0x180 [ 14.986164] ? strcmp+0xb0/0xc0 [ 14.986187] __asan_report_load1_noabort+0x18/0x20 [ 14.986212] strcmp+0xb0/0xc0 [ 14.986252] kasan_strings+0x431/0xe80 [ 14.986272] ? trace_hardirqs_on+0x37/0xe0 [ 14.986313] ? __pfx_kasan_strings+0x10/0x10 [ 14.986334] ? finish_task_switch.isra.0+0x153/0x700 [ 14.986358] ? __switch_to+0x47/0xf50 [ 14.986383] ? __schedule+0x10cc/0x2b60 [ 14.986421] ? __pfx_read_tsc+0x10/0x10 [ 14.986443] ? ktime_get_ts64+0x86/0x230 [ 14.986467] kunit_try_run_case+0x1a5/0x480 [ 14.986493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.986517] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.986541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.986576] ? __kthread_parkme+0x82/0x180 [ 14.986597] ? preempt_count_sub+0x50/0x80 [ 14.986621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.986646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.986671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.986698] kthread+0x337/0x6f0 [ 14.986718] ? trace_preempt_on+0x20/0xc0 [ 14.986740] ? __pfx_kthread+0x10/0x10 [ 14.986761] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.986783] ? calculate_sigpending+0x7b/0xa0 [ 14.986808] ? __pfx_kthread+0x10/0x10 [ 14.986831] ret_from_fork+0x116/0x1d0 [ 14.986851] ? __pfx_kthread+0x10/0x10 [ 14.986872] ret_from_fork_asm+0x1a/0x30 [ 14.986903] </TASK> [ 14.986915] [ 14.996184] Allocated by task 276: [ 14.996490] kasan_save_stack+0x45/0x70 [ 14.996712] kasan_save_track+0x18/0x40 [ 14.996952] kasan_save_alloc_info+0x3b/0x50 [ 14.997262] __kasan_kmalloc+0xb7/0xc0 [ 14.997436] __kmalloc_cache_noprof+0x189/0x420 [ 14.997791] kasan_strings+0xc0/0xe80 [ 14.997998] kunit_try_run_case+0x1a5/0x480 [ 14.998220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.998407] kthread+0x337/0x6f0 [ 14.998528] ret_from_fork+0x116/0x1d0 [ 14.998771] ret_from_fork_asm+0x1a/0x30 [ 14.999053] [ 14.999151] Freed by task 276: [ 14.999350] kasan_save_stack+0x45/0x70 [ 14.999599] kasan_save_track+0x18/0x40 [ 14.999862] kasan_save_free_info+0x3f/0x60 [ 15.000046] __kasan_slab_free+0x56/0x70 [ 15.000245] kfree+0x222/0x3f0 [ 15.000363] kasan_strings+0x2aa/0xe80 [ 15.000545] kunit_try_run_case+0x1a5/0x480 [ 15.000774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.001167] kthread+0x337/0x6f0 [ 15.001401] ret_from_fork+0x116/0x1d0 [ 15.001541] ret_from_fork_asm+0x1a/0x30 [ 15.001691] [ 15.001762] The buggy address belongs to the object at ffff888102a5ed00 [ 15.001762] which belongs to the cache kmalloc-32 of size 32 [ 15.002295] The buggy address is located 16 bytes inside of [ 15.002295] freed 32-byte region [ffff888102a5ed00, ffff888102a5ed20) [ 15.002821] [ 15.002905] The buggy address belongs to the physical page: [ 15.003155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a5e [ 15.003543] flags: 0x200000000000000(node=0|zone=2) [ 15.003835] page_type: f5(slab) [ 15.004026] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.004453] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.004792] page dumped because: kasan: bad access detected [ 15.005024] [ 15.005118] Memory state around the buggy address: [ 15.005327] ffff888102a5ec00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.005721] ffff888102a5ec80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.006002] >ffff888102a5ed00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.006213] ^ [ 15.006340] ffff888102a5ed80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.006850] ffff888102a5ee00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.007155] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.947617] ================================================================== [ 14.948717] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.949282] Read of size 1 at addr ffff8881039b2c98 by task kunit_try_catch/274 [ 14.950011] [ 14.950186] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.950230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.950242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.950271] Call Trace: [ 14.950284] <TASK> [ 14.950299] dump_stack_lvl+0x73/0xb0 [ 14.950327] print_report+0xd1/0x610 [ 14.950352] ? __virt_addr_valid+0x1db/0x2d0 [ 14.950376] ? memcmp+0x1b4/0x1d0 [ 14.950393] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.950417] ? memcmp+0x1b4/0x1d0 [ 14.950435] kasan_report+0x141/0x180 [ 14.950456] ? memcmp+0x1b4/0x1d0 [ 14.950478] __asan_report_load1_noabort+0x18/0x20 [ 14.950544] memcmp+0x1b4/0x1d0 [ 14.950573] kasan_memcmp+0x18f/0x390 [ 14.950595] ? trace_hardirqs_on+0x37/0xe0 [ 14.950619] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.950639] ? finish_task_switch.isra.0+0x153/0x700 [ 14.950662] ? __switch_to+0x47/0xf50 [ 14.950691] ? __pfx_read_tsc+0x10/0x10 [ 14.950712] ? ktime_get_ts64+0x86/0x230 [ 14.950735] kunit_try_run_case+0x1a5/0x480 [ 14.950761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.950784] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.950808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.950832] ? __kthread_parkme+0x82/0x180 [ 14.950853] ? preempt_count_sub+0x50/0x80 [ 14.950876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.950900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.950926] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.950952] kthread+0x337/0x6f0 [ 14.950972] ? trace_preempt_on+0x20/0xc0 [ 14.950994] ? __pfx_kthread+0x10/0x10 [ 14.951015] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.951037] ? calculate_sigpending+0x7b/0xa0 [ 14.951062] ? __pfx_kthread+0x10/0x10 [ 14.951083] ret_from_fork+0x116/0x1d0 [ 14.951102] ? __pfx_kthread+0x10/0x10 [ 14.951123] ret_from_fork_asm+0x1a/0x30 [ 14.951154] </TASK> [ 14.951165] [ 14.962236] Allocated by task 274: [ 14.962562] kasan_save_stack+0x45/0x70 [ 14.962995] kasan_save_track+0x18/0x40 [ 14.963401] kasan_save_alloc_info+0x3b/0x50 [ 14.963849] __kasan_kmalloc+0xb7/0xc0 [ 14.964262] __kmalloc_cache_noprof+0x189/0x420 [ 14.964705] kasan_memcmp+0xb7/0x390 [ 14.965038] kunit_try_run_case+0x1a5/0x480 [ 14.965478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.965974] kthread+0x337/0x6f0 [ 14.966265] ret_from_fork+0x116/0x1d0 [ 14.966731] ret_from_fork_asm+0x1a/0x30 [ 14.966954] [ 14.967119] The buggy address belongs to the object at ffff8881039b2c80 [ 14.967119] which belongs to the cache kmalloc-32 of size 32 [ 14.967996] The buggy address is located 0 bytes to the right of [ 14.967996] allocated 24-byte region [ffff8881039b2c80, ffff8881039b2c98) [ 14.969134] [ 14.969218] The buggy address belongs to the physical page: [ 14.969642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b2 [ 14.969896] flags: 0x200000000000000(node=0|zone=2) [ 14.970061] page_type: f5(slab) [ 14.970185] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.970433] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.971124] page dumped because: kasan: bad access detected [ 14.971726] [ 14.971902] Memory state around the buggy address: [ 14.972401] ffff8881039b2b80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.973144] ffff8881039b2c00: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.973856] >ffff8881039b2c80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.974674] ^ [ 14.975110] ffff8881039b2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.975815] ffff8881039b2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.976534] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.918168] ================================================================== [ 14.919044] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.919347] Read of size 1 at addr ffff888103937c4a by task kunit_try_catch/270 [ 14.920016] [ 14.920140] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.920184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.920198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.920218] Call Trace: [ 14.920231] <TASK> [ 14.920245] dump_stack_lvl+0x73/0xb0 [ 14.920277] print_report+0xd1/0x610 [ 14.920300] ? __virt_addr_valid+0x1db/0x2d0 [ 14.920324] ? kasan_alloca_oob_right+0x329/0x390 [ 14.920347] ? kasan_addr_to_slab+0x11/0xa0 [ 14.920420] ? kasan_alloca_oob_right+0x329/0x390 [ 14.920444] kasan_report+0x141/0x180 [ 14.920467] ? kasan_alloca_oob_right+0x329/0x390 [ 14.920495] __asan_report_load1_noabort+0x18/0x20 [ 14.920520] kasan_alloca_oob_right+0x329/0x390 [ 14.920546] ? finish_task_switch.isra.0+0x153/0x700 [ 14.920586] ? __schedule+0x200e/0x2b60 [ 14.920607] ? trace_hardirqs_on+0x37/0xe0 [ 14.920633] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.920660] ? __schedule+0x10cc/0x2b60 [ 14.920681] ? __pfx_read_tsc+0x10/0x10 [ 14.920705] ? ktime_get_ts64+0x86/0x230 [ 14.920728] kunit_try_run_case+0x1a5/0x480 [ 14.920752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.920776] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.920800] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.920825] ? __kthread_parkme+0x82/0x180 [ 14.920847] ? preempt_count_sub+0x50/0x80 [ 14.920871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.920896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.920921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.920948] kthread+0x337/0x6f0 [ 14.920968] ? trace_preempt_on+0x20/0xc0 [ 14.920991] ? __pfx_kthread+0x10/0x10 [ 14.921012] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.921035] ? calculate_sigpending+0x7b/0xa0 [ 14.921060] ? __pfx_kthread+0x10/0x10 [ 14.921082] ret_from_fork+0x116/0x1d0 [ 14.921102] ? __pfx_kthread+0x10/0x10 [ 14.921122] ret_from_fork_asm+0x1a/0x30 [ 14.921154] </TASK> [ 14.921165] [ 14.932228] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.932784] [ 14.932909] The buggy address belongs to the physical page: [ 14.933370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103937 [ 14.933836] flags: 0x200000000000000(node=0|zone=2) [ 14.934401] raw: 0200000000000000 ffffea00040e4dc8 ffffea00040e4dc8 0000000000000000 [ 14.934922] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.935163] page dumped because: kasan: bad access detected [ 14.935758] [ 14.935999] Memory state around the buggy address: [ 14.936654] ffff888103937b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.937450] ffff888103937b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.937929] >ffff888103937c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.938789] ^ [ 14.939389] ffff888103937c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.939886] ffff888103937d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.940116] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.898517] ================================================================== [ 14.898989] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.899284] Read of size 1 at addr ffff88810389fc3f by task kunit_try_catch/268 [ 14.899648] [ 14.899974] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.900024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.900037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.900064] Call Trace: [ 14.900074] <TASK> [ 14.900087] dump_stack_lvl+0x73/0xb0 [ 14.900118] print_report+0xd1/0x610 [ 14.900140] ? __virt_addr_valid+0x1db/0x2d0 [ 14.900164] ? kasan_alloca_oob_left+0x320/0x380 [ 14.900187] ? kasan_addr_to_slab+0x11/0xa0 [ 14.900208] ? kasan_alloca_oob_left+0x320/0x380 [ 14.900232] kasan_report+0x141/0x180 [ 14.900508] ? kasan_alloca_oob_left+0x320/0x380 [ 14.900543] __asan_report_load1_noabort+0x18/0x20 [ 14.900583] kasan_alloca_oob_left+0x320/0x380 [ 14.900608] ? finish_task_switch.isra.0+0x153/0x700 [ 14.900632] ? __schedule+0x200e/0x2b60 [ 14.900654] ? trace_hardirqs_on+0x37/0xe0 [ 14.900680] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.900705] ? __schedule+0x10cc/0x2b60 [ 14.900727] ? __pfx_read_tsc+0x10/0x10 [ 14.900749] ? ktime_get_ts64+0x86/0x230 [ 14.900773] kunit_try_run_case+0x1a5/0x480 [ 14.900797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.900820] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.900844] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.900869] ? __kthread_parkme+0x82/0x180 [ 14.900890] ? preempt_count_sub+0x50/0x80 [ 14.900914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.900939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.900964] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.900990] kthread+0x337/0x6f0 [ 14.901009] ? trace_preempt_on+0x20/0xc0 [ 14.901032] ? __pfx_kthread+0x10/0x10 [ 14.901054] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.901076] ? calculate_sigpending+0x7b/0xa0 [ 14.901100] ? __pfx_kthread+0x10/0x10 [ 14.901122] ret_from_fork+0x116/0x1d0 [ 14.901141] ? __pfx_kthread+0x10/0x10 [ 14.901162] ret_from_fork_asm+0x1a/0x30 [ 14.901194] </TASK> [ 14.901204] [ 14.909461] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.910039] [ 14.910141] The buggy address belongs to the physical page: [ 14.910459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10389f [ 14.910728] flags: 0x200000000000000(node=0|zone=2) [ 14.911022] raw: 0200000000000000 ffffea00040e27c8 ffffea00040e27c8 0000000000000000 [ 14.911529] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.911822] page dumped because: kasan: bad access detected [ 14.912059] [ 14.912140] Memory state around the buggy address: [ 14.912537] ffff88810389fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.912848] ffff88810389fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.913099] >ffff88810389fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.913314] ^ [ 14.913485] ffff88810389fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.913882] ffff88810389fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.914331] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.849067] ================================================================== [ 14.850519] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.851089] Read of size 1 at addr ffffffffbd263e8d by task kunit_try_catch/262 [ 14.851330] [ 14.851595] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.851641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.851653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.851672] Call Trace: [ 14.851685] <TASK> [ 14.851700] dump_stack_lvl+0x73/0xb0 [ 14.851730] print_report+0xd1/0x610 [ 14.851752] ? __virt_addr_valid+0x1db/0x2d0 [ 14.851777] ? kasan_global_oob_right+0x286/0x2d0 [ 14.851799] ? kasan_addr_to_slab+0x11/0xa0 [ 14.851820] ? kasan_global_oob_right+0x286/0x2d0 [ 14.851843] kasan_report+0x141/0x180 [ 14.851865] ? kasan_global_oob_right+0x286/0x2d0 [ 14.851893] __asan_report_load1_noabort+0x18/0x20 [ 14.851919] kasan_global_oob_right+0x286/0x2d0 [ 14.851942] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.851968] ? __schedule+0x10cc/0x2b60 [ 14.851991] ? __pfx_read_tsc+0x10/0x10 [ 14.852013] ? ktime_get_ts64+0x86/0x230 [ 14.852038] kunit_try_run_case+0x1a5/0x480 [ 14.852069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.852093] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.852117] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.852142] ? __kthread_parkme+0x82/0x180 [ 14.852164] ? preempt_count_sub+0x50/0x80 [ 14.852189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.852214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.852240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.852266] kthread+0x337/0x6f0 [ 14.852285] ? trace_preempt_on+0x20/0xc0 [ 14.852309] ? __pfx_kthread+0x10/0x10 [ 14.852330] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.852352] ? calculate_sigpending+0x7b/0xa0 [ 14.852377] ? __pfx_kthread+0x10/0x10 [ 14.852399] ret_from_fork+0x116/0x1d0 [ 14.852418] ? __pfx_kthread+0x10/0x10 [ 14.852439] ret_from_fork_asm+0x1a/0x30 [ 14.852471] </TASK> [ 14.852481] [ 14.865929] The buggy address belongs to the variable: [ 14.866415] global_array+0xd/0x40 [ 14.866581] [ 14.866676] The buggy address belongs to the physical page: [ 14.866849] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7c463 [ 14.867081] flags: 0x100000000002000(reserved|node=0|zone=1) [ 14.867324] raw: 0100000000002000 ffffea0001f118c8 ffffea0001f118c8 0000000000000000 [ 14.867580] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.867921] page dumped because: kasan: bad access detected [ 14.868173] [ 14.868324] Memory state around the buggy address: [ 14.868569] ffffffffbd263d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.868782] ffffffffbd263e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.869000] >ffffffffbd263e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.869303] ^ [ 14.869512] ffffffffbd263f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.869733] ffffffffbd263f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.869991] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.793695] ================================================================== [ 14.794534] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.794920] Free of addr ffff8881039b9301 by task kunit_try_catch/258 [ 14.795198] [ 14.795370] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.795416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.795428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.795449] Call Trace: [ 14.795461] <TASK> [ 14.795496] dump_stack_lvl+0x73/0xb0 [ 14.795526] print_report+0xd1/0x610 [ 14.795561] ? __virt_addr_valid+0x1db/0x2d0 [ 14.795586] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.795609] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.795637] kasan_report_invalid_free+0x10a/0x130 [ 14.795663] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.795692] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.795718] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.795745] check_slab_allocation+0x11f/0x130 [ 14.795767] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.795793] mempool_free+0x2ec/0x380 [ 14.795840] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.795867] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.795895] ? update_load_avg+0x1be/0x21b0 [ 14.795923] ? finish_task_switch.isra.0+0x153/0x700 [ 14.795949] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.795992] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.796021] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.796046] ? __pfx_mempool_kfree+0x10/0x10 [ 14.796076] ? __pfx_read_tsc+0x10/0x10 [ 14.796098] ? ktime_get_ts64+0x86/0x230 [ 14.796122] kunit_try_run_case+0x1a5/0x480 [ 14.796148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.796171] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.796197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.796222] ? __kthread_parkme+0x82/0x180 [ 14.796302] ? preempt_count_sub+0x50/0x80 [ 14.796328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.796354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.796380] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.796416] kthread+0x337/0x6f0 [ 14.796436] ? trace_preempt_on+0x20/0xc0 [ 14.796460] ? __pfx_kthread+0x10/0x10 [ 14.796481] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.796504] ? calculate_sigpending+0x7b/0xa0 [ 14.796528] ? __pfx_kthread+0x10/0x10 [ 14.796560] ret_from_fork+0x116/0x1d0 [ 14.796579] ? __pfx_kthread+0x10/0x10 [ 14.796600] ret_from_fork_asm+0x1a/0x30 [ 14.796632] </TASK> [ 14.796642] [ 14.806401] Allocated by task 258: [ 14.806649] kasan_save_stack+0x45/0x70 [ 14.806891] kasan_save_track+0x18/0x40 [ 14.807109] kasan_save_alloc_info+0x3b/0x50 [ 14.807318] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.807589] remove_element+0x11e/0x190 [ 14.807853] mempool_alloc_preallocated+0x4d/0x90 [ 14.808218] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.808677] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.808953] kunit_try_run_case+0x1a5/0x480 [ 14.809167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.809380] kthread+0x337/0x6f0 [ 14.809711] ret_from_fork+0x116/0x1d0 [ 14.809912] ret_from_fork_asm+0x1a/0x30 [ 14.810082] [ 14.810153] The buggy address belongs to the object at ffff8881039b9300 [ 14.810153] which belongs to the cache kmalloc-128 of size 128 [ 14.810942] The buggy address is located 1 bytes inside of [ 14.810942] 128-byte region [ffff8881039b9300, ffff8881039b9380) [ 14.811531] [ 14.811619] The buggy address belongs to the physical page: [ 14.811790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b9 [ 14.812121] flags: 0x200000000000000(node=0|zone=2) [ 14.812371] page_type: f5(slab) [ 14.812661] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.813085] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.813643] page dumped because: kasan: bad access detected [ 14.813907] [ 14.813988] Memory state around the buggy address: [ 14.814203] ffff8881039b9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.814747] ffff8881039b9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.815127] >ffff8881039b9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.815468] ^ [ 14.815640] ffff8881039b9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.815984] ffff8881039b9400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.816201] ================================================================== [ 14.820007] ================================================================== [ 14.820477] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.821031] Free of addr ffff888103a30001 by task kunit_try_catch/260 [ 14.821352] [ 14.821501] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.821547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.821572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.821594] Call Trace: [ 14.821685] <TASK> [ 14.821702] dump_stack_lvl+0x73/0xb0 [ 14.821763] print_report+0xd1/0x610 [ 14.821786] ? __virt_addr_valid+0x1db/0x2d0 [ 14.821810] ? kasan_addr_to_slab+0x11/0xa0 [ 14.821830] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.821859] kasan_report_invalid_free+0x10a/0x130 [ 14.821885] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.821915] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.821941] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.821967] mempool_free+0x2ec/0x380 [ 14.821994] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.822022] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.822049] ? update_load_avg+0x1be/0x21b0 [ 14.822075] ? finish_task_switch.isra.0+0x153/0x700 [ 14.822102] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.822148] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.822179] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.822203] ? __pfx_mempool_kfree+0x10/0x10 [ 14.822228] ? __pfx_read_tsc+0x10/0x10 [ 14.822250] ? ktime_get_ts64+0x86/0x230 [ 14.822274] kunit_try_run_case+0x1a5/0x480 [ 14.822316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.822339] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.822365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.822390] ? __kthread_parkme+0x82/0x180 [ 14.822412] ? preempt_count_sub+0x50/0x80 [ 14.822435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.822510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.822536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.822576] kthread+0x337/0x6f0 [ 14.822595] ? trace_preempt_on+0x20/0xc0 [ 14.822619] ? __pfx_kthread+0x10/0x10 [ 14.822640] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.822663] ? calculate_sigpending+0x7b/0xa0 [ 14.822689] ? __pfx_kthread+0x10/0x10 [ 14.822711] ret_from_fork+0x116/0x1d0 [ 14.822731] ? __pfx_kthread+0x10/0x10 [ 14.822752] ret_from_fork_asm+0x1a/0x30 [ 14.822783] </TASK> [ 14.822794] [ 14.831768] The buggy address belongs to the physical page: [ 14.831951] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a30 [ 14.832312] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.833059] flags: 0x200000000000040(head|node=0|zone=2) [ 14.833717] page_type: f8(unknown) [ 14.834030] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.834800] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.835377] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.835831] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.836064] head: 0200000000000002 ffffea00040e8c01 00000000ffffffff 00000000ffffffff [ 14.836526] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.837185] page dumped because: kasan: bad access detected [ 14.837794] [ 14.837954] Memory state around the buggy address: [ 14.838491] ffff888103a2ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.839107] ffff888103a2ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.839622] >ffff888103a30000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.840081] ^ [ 14.840196] ffff888103a30080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.840921] ffff888103a30100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.841507] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.708903] ================================================================== [ 14.709462] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.709873] Free of addr ffff888102a04f00 by task kunit_try_catch/252 [ 14.710119] [ 14.710427] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.710478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.710490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.710512] Call Trace: [ 14.710523] <TASK> [ 14.710539] dump_stack_lvl+0x73/0xb0 [ 14.710582] print_report+0xd1/0x610 [ 14.710606] ? __virt_addr_valid+0x1db/0x2d0 [ 14.710631] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.710655] ? mempool_double_free_helper+0x184/0x370 [ 14.710681] kasan_report_invalid_free+0x10a/0x130 [ 14.710707] ? mempool_double_free_helper+0x184/0x370 [ 14.710734] ? mempool_double_free_helper+0x184/0x370 [ 14.710758] ? mempool_double_free_helper+0x184/0x370 [ 14.710783] check_slab_allocation+0x101/0x130 [ 14.710806] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.710832] mempool_free+0x2ec/0x380 [ 14.710860] mempool_double_free_helper+0x184/0x370 [ 14.710886] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.710912] ? __pfx___resched_curr+0x10/0x10 [ 14.710935] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.710958] ? finish_task_switch.isra.0+0x153/0x700 [ 14.710984] mempool_kmalloc_double_free+0xed/0x140 [ 14.711009] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.711038] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.711062] ? __pfx_mempool_kfree+0x10/0x10 [ 14.711087] ? __pfx_read_tsc+0x10/0x10 [ 14.711109] ? ktime_get_ts64+0x86/0x230 [ 14.711135] kunit_try_run_case+0x1a5/0x480 [ 14.711161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.711184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.711209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.711277] ? __kthread_parkme+0x82/0x180 [ 14.711299] ? preempt_count_sub+0x50/0x80 [ 14.711323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.711348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.711374] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.711416] kthread+0x337/0x6f0 [ 14.711435] ? trace_preempt_on+0x20/0xc0 [ 14.711459] ? __pfx_kthread+0x10/0x10 [ 14.711480] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.711503] ? calculate_sigpending+0x7b/0xa0 [ 14.711528] ? __pfx_kthread+0x10/0x10 [ 14.711559] ret_from_fork+0x116/0x1d0 [ 14.711579] ? __pfx_kthread+0x10/0x10 [ 14.711600] ret_from_fork_asm+0x1a/0x30 [ 14.711632] </TASK> [ 14.711642] [ 14.720988] Allocated by task 252: [ 14.721123] kasan_save_stack+0x45/0x70 [ 14.721357] kasan_save_track+0x18/0x40 [ 14.721590] kasan_save_alloc_info+0x3b/0x50 [ 14.721814] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.722070] remove_element+0x11e/0x190 [ 14.722274] mempool_alloc_preallocated+0x4d/0x90 [ 14.722501] mempool_double_free_helper+0x8a/0x370 [ 14.722743] mempool_kmalloc_double_free+0xed/0x140 [ 14.722952] kunit_try_run_case+0x1a5/0x480 [ 14.723113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.723321] kthread+0x337/0x6f0 [ 14.723492] ret_from_fork+0x116/0x1d0 [ 14.723774] ret_from_fork_asm+0x1a/0x30 [ 14.723984] [ 14.724087] Freed by task 252: [ 14.724216] kasan_save_stack+0x45/0x70 [ 14.724697] kasan_save_track+0x18/0x40 [ 14.724842] kasan_save_free_info+0x3f/0x60 [ 14.725020] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.725340] mempool_free+0x2ec/0x380 [ 14.725577] mempool_double_free_helper+0x109/0x370 [ 14.725774] mempool_kmalloc_double_free+0xed/0x140 [ 14.725998] kunit_try_run_case+0x1a5/0x480 [ 14.726191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.726484] kthread+0x337/0x6f0 [ 14.726654] ret_from_fork+0x116/0x1d0 [ 14.726848] ret_from_fork_asm+0x1a/0x30 [ 14.727042] [ 14.727127] The buggy address belongs to the object at ffff888102a04f00 [ 14.727127] which belongs to the cache kmalloc-128 of size 128 [ 14.727660] The buggy address is located 0 bytes inside of [ 14.727660] 128-byte region [ffff888102a04f00, ffff888102a04f80) [ 14.728009] [ 14.728109] The buggy address belongs to the physical page: [ 14.728443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04 [ 14.728810] flags: 0x200000000000000(node=0|zone=2) [ 14.729047] page_type: f5(slab) [ 14.729215] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.729678] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 14.729944] page dumped because: kasan: bad access detected [ 14.730201] [ 14.730367] Memory state around the buggy address: [ 14.730637] ffff888102a04e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.730960] ffff888102a04e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.731267] >ffff888102a04f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.731543] ^ [ 14.731717] ffff888102a04f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.732005] ffff888102a05000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.732255] ================================================================== [ 14.771632] ================================================================== [ 14.772065] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.772319] Free of addr ffff8881027e4000 by task kunit_try_catch/256 [ 14.772520] [ 14.772622] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.772666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.772678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.772698] Call Trace: [ 14.772711] <TASK> [ 14.772726] dump_stack_lvl+0x73/0xb0 [ 14.772755] print_report+0xd1/0x610 [ 14.772776] ? __virt_addr_valid+0x1db/0x2d0 [ 14.772800] ? kasan_addr_to_slab+0x11/0xa0 [ 14.772820] ? mempool_double_free_helper+0x184/0x370 [ 14.772845] kasan_report_invalid_free+0x10a/0x130 [ 14.772920] ? mempool_double_free_helper+0x184/0x370 [ 14.772950] ? mempool_double_free_helper+0x184/0x370 [ 14.772975] __kasan_mempool_poison_pages+0x115/0x130 [ 14.773001] mempool_free+0x290/0x380 [ 14.773029] mempool_double_free_helper+0x184/0x370 [ 14.773055] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.773497] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.773526] ? finish_task_switch.isra.0+0x153/0x700 [ 14.773568] mempool_page_alloc_double_free+0xe8/0x140 [ 14.773597] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.773627] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.773653] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.773680] ? __pfx_read_tsc+0x10/0x10 [ 14.773701] ? ktime_get_ts64+0x86/0x230 [ 14.773726] kunit_try_run_case+0x1a5/0x480 [ 14.773753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.773777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.773802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.773826] ? __kthread_parkme+0x82/0x180 [ 14.773848] ? preempt_count_sub+0x50/0x80 [ 14.773871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.773896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.773922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.773948] kthread+0x337/0x6f0 [ 14.773968] ? trace_preempt_on+0x20/0xc0 [ 14.773992] ? __pfx_kthread+0x10/0x10 [ 14.774014] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.774036] ? calculate_sigpending+0x7b/0xa0 [ 14.774061] ? __pfx_kthread+0x10/0x10 [ 14.774082] ret_from_fork+0x116/0x1d0 [ 14.774101] ? __pfx_kthread+0x10/0x10 [ 14.774122] ret_from_fork_asm+0x1a/0x30 [ 14.774154] </TASK> [ 14.774165] [ 14.783508] The buggy address belongs to the physical page: [ 14.783786] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4 [ 14.784148] flags: 0x200000000000000(node=0|zone=2) [ 14.784398] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.785008] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.785362] page dumped because: kasan: bad access detected [ 14.785721] [ 14.785807] Memory state around the buggy address: [ 14.785972] ffff8881027e3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.786325] ffff8881027e3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.786661] >ffff8881027e4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.786949] ^ [ 14.787098] ffff8881027e4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.787473] ffff8881027e4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.787833] ================================================================== [ 14.739565] ================================================================== [ 14.740069] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.740604] Free of addr ffff8881039f8000 by task kunit_try_catch/254 [ 14.741724] [ 14.742081] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.742132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.742145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.742166] Call Trace: [ 14.742229] <TASK> [ 14.742258] dump_stack_lvl+0x73/0xb0 [ 14.742437] print_report+0xd1/0x610 [ 14.742466] ? __virt_addr_valid+0x1db/0x2d0 [ 14.742492] ? kasan_addr_to_slab+0x11/0xa0 [ 14.742513] ? mempool_double_free_helper+0x184/0x370 [ 14.742539] kasan_report_invalid_free+0x10a/0x130 [ 14.742580] ? mempool_double_free_helper+0x184/0x370 [ 14.742608] ? mempool_double_free_helper+0x184/0x370 [ 14.742632] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.742658] mempool_free+0x2ec/0x380 [ 14.742684] mempool_double_free_helper+0x184/0x370 [ 14.742711] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.742738] ? __kasan_check_write+0x18/0x20 [ 14.742759] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.742782] ? finish_task_switch.isra.0+0x153/0x700 [ 14.742809] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.742835] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.742865] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.742889] ? __pfx_mempool_kfree+0x10/0x10 [ 14.742914] ? __pfx_read_tsc+0x10/0x10 [ 14.742936] ? ktime_get_ts64+0x86/0x230 [ 14.742960] kunit_try_run_case+0x1a5/0x480 [ 14.742985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.743009] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.743034] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.743059] ? __kthread_parkme+0x82/0x180 [ 14.743081] ? preempt_count_sub+0x50/0x80 [ 14.743105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.743130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.743155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.743181] kthread+0x337/0x6f0 [ 14.743201] ? trace_preempt_on+0x20/0xc0 [ 14.743224] ? __pfx_kthread+0x10/0x10 [ 14.743245] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.743268] ? calculate_sigpending+0x7b/0xa0 [ 14.743294] ? __pfx_kthread+0x10/0x10 [ 14.743315] ret_from_fork+0x116/0x1d0 [ 14.743334] ? __pfx_kthread+0x10/0x10 [ 14.743354] ret_from_fork_asm+0x1a/0x30 [ 14.743386] </TASK> [ 14.743397] [ 14.759250] The buggy address belongs to the physical page: [ 14.759648] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 14.759962] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.760295] flags: 0x200000000000040(head|node=0|zone=2) [ 14.760571] page_type: f8(unknown) [ 14.760698] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.761446] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.762106] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.762625] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.763099] head: 0200000000000002 ffffea00040e7e01 00000000ffffffff 00000000ffffffff [ 14.763998] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.764716] page dumped because: kasan: bad access detected [ 14.764978] [ 14.765069] Memory state around the buggy address: [ 14.765505] ffff8881039f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.766135] ffff8881039f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.766598] >ffff8881039f8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.767051] ^ [ 14.767206] ffff8881039f8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.767925] ffff8881039f8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.768481] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.597009] ================================================================== [ 14.598625] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.599830] Read of size 1 at addr ffff8881039f4000 by task kunit_try_catch/246 [ 14.600805] [ 14.600902] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.600950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.600962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.600982] Call Trace: [ 14.600995] <TASK> [ 14.601011] dump_stack_lvl+0x73/0xb0 [ 14.601042] print_report+0xd1/0x610 [ 14.601064] ? __virt_addr_valid+0x1db/0x2d0 [ 14.601089] ? mempool_uaf_helper+0x392/0x400 [ 14.601111] ? kasan_addr_to_slab+0x11/0xa0 [ 14.601133] ? mempool_uaf_helper+0x392/0x400 [ 14.601157] kasan_report+0x141/0x180 [ 14.601179] ? mempool_uaf_helper+0x392/0x400 [ 14.601206] __asan_report_load1_noabort+0x18/0x20 [ 14.601232] mempool_uaf_helper+0x392/0x400 [ 14.601255] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.601278] ? update_load_avg+0x1be/0x21b0 [ 14.601302] ? update_load_avg+0x1be/0x21b0 [ 14.601324] ? update_curr+0x80/0x810 [ 14.601347] ? finish_task_switch.isra.0+0x153/0x700 [ 14.601373] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.601408] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.601436] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.601461] ? __pfx_mempool_kfree+0x10/0x10 [ 14.601486] ? __pfx_read_tsc+0x10/0x10 [ 14.601508] ? ktime_get_ts64+0x86/0x230 [ 14.601532] kunit_try_run_case+0x1a5/0x480 [ 14.601576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.601625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.601649] ? __kthread_parkme+0x82/0x180 [ 14.601670] ? preempt_count_sub+0x50/0x80 [ 14.601718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.601951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.601978] kthread+0x337/0x6f0 [ 14.601998] ? trace_preempt_on+0x20/0xc0 [ 14.602024] ? __pfx_kthread+0x10/0x10 [ 14.602046] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.602068] ? calculate_sigpending+0x7b/0xa0 [ 14.602092] ? __pfx_kthread+0x10/0x10 [ 14.602114] ret_from_fork+0x116/0x1d0 [ 14.602134] ? __pfx_kthread+0x10/0x10 [ 14.602155] ret_from_fork_asm+0x1a/0x30 [ 14.602186] </TASK> [ 14.602197] [ 14.620593] The buggy address belongs to the physical page: [ 14.620874] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.621231] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.621571] flags: 0x200000000000040(head|node=0|zone=2) [ 14.622149] page_type: f8(unknown) [ 14.622620] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.623257] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.623755] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.624214] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.624842] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff [ 14.625141] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.626040] page dumped because: kasan: bad access detected [ 14.626497] [ 14.626747] Memory state around the buggy address: [ 14.627213] ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.627639] ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.627933] >ffff8881039f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.628229] ^ [ 14.628893] ffff8881039f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.629448] ffff8881039f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.629752] ================================================================== [ 14.682722] ================================================================== [ 14.684157] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.684920] Read of size 1 at addr ffff8881039f4000 by task kunit_try_catch/250 [ 14.685727] [ 14.685955] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.686003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.686015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.686037] Call Trace: [ 14.686050] <TASK> [ 14.686066] dump_stack_lvl+0x73/0xb0 [ 14.686099] print_report+0xd1/0x610 [ 14.686121] ? __virt_addr_valid+0x1db/0x2d0 [ 14.686177] ? mempool_uaf_helper+0x392/0x400 [ 14.686199] ? kasan_addr_to_slab+0x11/0xa0 [ 14.686221] ? mempool_uaf_helper+0x392/0x400 [ 14.686256] kasan_report+0x141/0x180 [ 14.686500] ? mempool_uaf_helper+0x392/0x400 [ 14.686535] __asan_report_load1_noabort+0x18/0x20 [ 14.686578] mempool_uaf_helper+0x392/0x400 [ 14.686601] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.686630] ? finish_task_switch.isra.0+0x153/0x700 [ 14.686659] mempool_page_alloc_uaf+0xed/0x140 [ 14.686684] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.686712] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.686738] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.686765] ? __pfx_read_tsc+0x10/0x10 [ 14.686788] ? ktime_get_ts64+0x86/0x230 [ 14.686813] kunit_try_run_case+0x1a5/0x480 [ 14.686840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.686864] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.686890] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.686914] ? __kthread_parkme+0x82/0x180 [ 14.686937] ? preempt_count_sub+0x50/0x80 [ 14.686960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.686985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.687011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.687037] kthread+0x337/0x6f0 [ 14.687056] ? trace_preempt_on+0x20/0xc0 [ 14.687081] ? __pfx_kthread+0x10/0x10 [ 14.687101] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.687123] ? calculate_sigpending+0x7b/0xa0 [ 14.687148] ? __pfx_kthread+0x10/0x10 [ 14.687169] ret_from_fork+0x116/0x1d0 [ 14.687188] ? __pfx_kthread+0x10/0x10 [ 14.687209] ret_from_fork_asm+0x1a/0x30 [ 14.687240] </TASK> [ 14.687260] [ 14.698206] The buggy address belongs to the physical page: [ 14.698750] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.699099] flags: 0x200000000000000(node=0|zone=2) [ 14.699426] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.699770] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.700080] page dumped because: kasan: bad access detected [ 14.700394] [ 14.700519] Memory state around the buggy address: [ 14.700726] ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.701016] ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.701380] >ffff8881039f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.701648] ^ [ 14.701777] ffff8881039f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.702098] ffff8881039f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.702578] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.633940] ================================================================== [ 14.634870] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.635973] Read of size 1 at addr ffff8881039b8240 by task kunit_try_catch/248 [ 14.636424] [ 14.636524] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.636582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.636595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.636618] Call Trace: [ 14.636632] <TASK> [ 14.636648] dump_stack_lvl+0x73/0xb0 [ 14.636681] print_report+0xd1/0x610 [ 14.636705] ? __virt_addr_valid+0x1db/0x2d0 [ 14.636728] ? mempool_uaf_helper+0x392/0x400 [ 14.636751] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.636776] ? mempool_uaf_helper+0x392/0x400 [ 14.636799] kasan_report+0x141/0x180 [ 14.636822] ? mempool_uaf_helper+0x392/0x400 [ 14.636849] __asan_report_load1_noabort+0x18/0x20 [ 14.636874] mempool_uaf_helper+0x392/0x400 [ 14.636898] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.636924] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.636948] ? finish_task_switch.isra.0+0x153/0x700 [ 14.636974] mempool_slab_uaf+0xea/0x140 [ 14.636998] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.637024] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.637051] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.637078] ? __pfx_read_tsc+0x10/0x10 [ 14.637099] ? ktime_get_ts64+0x86/0x230 [ 14.637125] kunit_try_run_case+0x1a5/0x480 [ 14.637150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.637174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.637199] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.637224] ? __kthread_parkme+0x82/0x180 [ 14.637245] ? preempt_count_sub+0x50/0x80 [ 14.637268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.637292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.637317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.637344] kthread+0x337/0x6f0 [ 14.637363] ? trace_preempt_on+0x20/0xc0 [ 14.637386] ? __pfx_kthread+0x10/0x10 [ 14.637408] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.637429] ? calculate_sigpending+0x7b/0xa0 [ 14.637454] ? __pfx_kthread+0x10/0x10 [ 14.637476] ret_from_fork+0x116/0x1d0 [ 14.637495] ? __pfx_kthread+0x10/0x10 [ 14.637516] ret_from_fork_asm+0x1a/0x30 [ 14.637583] </TASK> [ 14.637596] [ 14.653638] Allocated by task 248: [ 14.654112] kasan_save_stack+0x45/0x70 [ 14.654590] kasan_save_track+0x18/0x40 [ 14.655020] kasan_save_alloc_info+0x3b/0x50 [ 14.655534] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.656115] remove_element+0x11e/0x190 [ 14.656574] mempool_alloc_preallocated+0x4d/0x90 [ 14.657080] mempool_uaf_helper+0x96/0x400 [ 14.657526] mempool_slab_uaf+0xea/0x140 [ 14.657968] kunit_try_run_case+0x1a5/0x480 [ 14.658421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.659068] kthread+0x337/0x6f0 [ 14.659466] ret_from_fork+0x116/0x1d0 [ 14.659883] ret_from_fork_asm+0x1a/0x30 [ 14.660357] [ 14.660545] Freed by task 248: [ 14.660919] kasan_save_stack+0x45/0x70 [ 14.661136] kasan_save_track+0x18/0x40 [ 14.661277] kasan_save_free_info+0x3f/0x60 [ 14.661459] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.662066] mempool_free+0x2ec/0x380 [ 14.662492] mempool_uaf_helper+0x11a/0x400 [ 14.663072] mempool_slab_uaf+0xea/0x140 [ 14.663583] kunit_try_run_case+0x1a5/0x480 [ 14.664012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.664434] kthread+0x337/0x6f0 [ 14.664841] ret_from_fork+0x116/0x1d0 [ 14.665177] ret_from_fork_asm+0x1a/0x30 [ 14.665356] [ 14.665457] The buggy address belongs to the object at ffff8881039b8240 [ 14.665457] which belongs to the cache test_cache of size 123 [ 14.666185] The buggy address is located 0 bytes inside of [ 14.666185] freed 123-byte region [ffff8881039b8240, ffff8881039b82bb) [ 14.666911] [ 14.667088] The buggy address belongs to the physical page: [ 14.667300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.668139] flags: 0x200000000000000(node=0|zone=2) [ 14.668309] page_type: f5(slab) [ 14.668431] raw: 0200000000000000 ffff8881039b4140 dead000000000122 0000000000000000 [ 14.668882] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.669496] page dumped because: kasan: bad access detected [ 14.670199] [ 14.670469] Memory state around the buggy address: [ 14.670711] ffff8881039b8100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.670931] ffff8881039b8180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.671147] >ffff8881039b8200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.671357] ^ [ 14.671528] ffff8881039b8280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.671751] ffff8881039b8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.671966] ================================================================== [ 14.564063] ================================================================== [ 14.565004] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.565532] Read of size 1 at addr ffff8881025cc800 by task kunit_try_catch/244 [ 14.566003] [ 14.566108] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.566154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.566166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.566187] Call Trace: [ 14.566199] <TASK> [ 14.566214] dump_stack_lvl+0x73/0xb0 [ 14.566421] print_report+0xd1/0x610 [ 14.566450] ? __virt_addr_valid+0x1db/0x2d0 [ 14.566473] ? mempool_uaf_helper+0x392/0x400 [ 14.566496] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.566520] ? mempool_uaf_helper+0x392/0x400 [ 14.566543] kasan_report+0x141/0x180 [ 14.566578] ? mempool_uaf_helper+0x392/0x400 [ 14.566605] __asan_report_load1_noabort+0x18/0x20 [ 14.566631] mempool_uaf_helper+0x392/0x400 [ 14.566654] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.566679] ? __kasan_check_write+0x18/0x20 [ 14.566699] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.566721] ? finish_task_switch.isra.0+0x153/0x700 [ 14.566747] mempool_kmalloc_uaf+0xef/0x140 [ 14.566770] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.566796] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.566820] ? __pfx_mempool_kfree+0x10/0x10 [ 14.566845] ? __pfx_read_tsc+0x10/0x10 [ 14.566867] ? ktime_get_ts64+0x86/0x230 [ 14.566893] kunit_try_run_case+0x1a5/0x480 [ 14.566917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.566941] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.566965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.566990] ? __kthread_parkme+0x82/0x180 [ 14.567010] ? preempt_count_sub+0x50/0x80 [ 14.567033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.567058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.567083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.567110] kthread+0x337/0x6f0 [ 14.567129] ? trace_preempt_on+0x20/0xc0 [ 14.567152] ? __pfx_kthread+0x10/0x10 [ 14.567172] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.567194] ? calculate_sigpending+0x7b/0xa0 [ 14.567218] ? __pfx_kthread+0x10/0x10 [ 14.567249] ret_from_fork+0x116/0x1d0 [ 14.567268] ? __pfx_kthread+0x10/0x10 [ 14.567290] ret_from_fork_asm+0x1a/0x30 [ 14.567320] </TASK> [ 14.567331] [ 14.582578] Allocated by task 244: [ 14.582766] kasan_save_stack+0x45/0x70 [ 14.582974] kasan_save_track+0x18/0x40 [ 14.583161] kasan_save_alloc_info+0x3b/0x50 [ 14.583307] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.583688] remove_element+0x11e/0x190 [ 14.583848] mempool_alloc_preallocated+0x4d/0x90 [ 14.584075] mempool_uaf_helper+0x96/0x400 [ 14.584280] mempool_kmalloc_uaf+0xef/0x140 [ 14.584497] kunit_try_run_case+0x1a5/0x480 [ 14.584679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.584910] kthread+0x337/0x6f0 [ 14.585056] ret_from_fork+0x116/0x1d0 [ 14.585185] ret_from_fork_asm+0x1a/0x30 [ 14.585320] [ 14.585403] Freed by task 244: [ 14.585564] kasan_save_stack+0x45/0x70 [ 14.585924] kasan_save_track+0x18/0x40 [ 14.586057] kasan_save_free_info+0x3f/0x60 [ 14.586200] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.586377] mempool_free+0x2ec/0x380 [ 14.586740] mempool_uaf_helper+0x11a/0x400 [ 14.586955] mempool_kmalloc_uaf+0xef/0x140 [ 14.587160] kunit_try_run_case+0x1a5/0x480 [ 14.587510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.587717] kthread+0x337/0x6f0 [ 14.587895] ret_from_fork+0x116/0x1d0 [ 14.588088] ret_from_fork_asm+0x1a/0x30 [ 14.588225] [ 14.588294] The buggy address belongs to the object at ffff8881025cc800 [ 14.588294] which belongs to the cache kmalloc-128 of size 128 [ 14.588844] The buggy address is located 0 bytes inside of [ 14.588844] freed 128-byte region [ffff8881025cc800, ffff8881025cc880) [ 14.589443] [ 14.589516] The buggy address belongs to the physical page: [ 14.589700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 14.590080] flags: 0x200000000000000(node=0|zone=2) [ 14.590316] page_type: f5(slab) [ 14.590717] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.591062] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.591425] page dumped because: kasan: bad access detected [ 14.591781] [ 14.591859] Memory state around the buggy address: [ 14.592100] ffff8881025cc700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.592475] ffff8881025cc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.592910] >ffff8881025cc800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.593153] ^ [ 14.593313] ffff8881025cc880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.593585] ffff8881025cc900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.593792] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.464503] ================================================================== [ 14.464978] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.465808] Read of size 1 at addr ffff888102a04b73 by task kunit_try_catch/238 [ 14.466133] [ 14.466277] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.466342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.466355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.466378] Call Trace: [ 14.466392] <TASK> [ 14.466412] dump_stack_lvl+0x73/0xb0 [ 14.466446] print_report+0xd1/0x610 [ 14.466469] ? __virt_addr_valid+0x1db/0x2d0 [ 14.466495] ? mempool_oob_right_helper+0x318/0x380 [ 14.466519] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.466543] ? mempool_oob_right_helper+0x318/0x380 [ 14.466579] kasan_report+0x141/0x180 [ 14.466601] ? mempool_oob_right_helper+0x318/0x380 [ 14.466630] __asan_report_load1_noabort+0x18/0x20 [ 14.466656] mempool_oob_right_helper+0x318/0x380 [ 14.466681] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.466707] ? __kasan_check_write+0x18/0x20 [ 14.466728] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.466752] ? finish_task_switch.isra.0+0x153/0x700 [ 14.466781] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.466805] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 14.466834] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.466860] ? __pfx_mempool_kfree+0x10/0x10 [ 14.466886] ? __pfx_read_tsc+0x10/0x10 [ 14.466909] ? ktime_get_ts64+0x86/0x230 [ 14.466934] kunit_try_run_case+0x1a5/0x480 [ 14.466962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.466986] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.467013] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.467040] ? __kthread_parkme+0x82/0x180 [ 14.467063] ? preempt_count_sub+0x50/0x80 [ 14.467086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.467111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.467136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.467163] kthread+0x337/0x6f0 [ 14.467182] ? trace_preempt_on+0x20/0xc0 [ 14.467206] ? __pfx_kthread+0x10/0x10 [ 14.467226] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.467404] ? calculate_sigpending+0x7b/0xa0 [ 14.467435] ? __pfx_kthread+0x10/0x10 [ 14.467457] ret_from_fork+0x116/0x1d0 [ 14.467477] ? __pfx_kthread+0x10/0x10 [ 14.467498] ret_from_fork_asm+0x1a/0x30 [ 14.467532] </TASK> [ 14.467544] [ 14.480258] Allocated by task 238: [ 14.480674] kasan_save_stack+0x45/0x70 [ 14.481080] kasan_save_track+0x18/0x40 [ 14.481257] kasan_save_alloc_info+0x3b/0x50 [ 14.481800] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.482075] remove_element+0x11e/0x190 [ 14.482457] mempool_alloc_preallocated+0x4d/0x90 [ 14.482900] mempool_oob_right_helper+0x8a/0x380 [ 14.483136] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.483547] kunit_try_run_case+0x1a5/0x480 [ 14.483722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.483903] kthread+0x337/0x6f0 [ 14.484093] ret_from_fork+0x116/0x1d0 [ 14.484282] ret_from_fork_asm+0x1a/0x30 [ 14.484422] [ 14.484499] The buggy address belongs to the object at ffff888102a04b00 [ 14.484499] which belongs to the cache kmalloc-128 of size 128 [ 14.485054] The buggy address is located 0 bytes to the right of [ 14.485054] allocated 115-byte region [ffff888102a04b00, ffff888102a04b73) [ 14.485430] [ 14.485502] The buggy address belongs to the physical page: [ 14.486011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04 [ 14.486853] flags: 0x200000000000000(node=0|zone=2) [ 14.487683] page_type: f5(slab) [ 14.487964] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.488296] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.488525] page dumped because: kasan: bad access detected [ 14.488721] [ 14.488792] Memory state around the buggy address: [ 14.488952] ffff888102a04a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.489290] ffff888102a04a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.489585] >ffff888102a04b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.490200] ^ [ 14.490457] ffff888102a04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.491062] ffff888102a04c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.491360] ================================================================== [ 14.497646] ================================================================== [ 14.498160] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.498816] Read of size 1 at addr ffff8881039f6001 by task kunit_try_catch/240 [ 14.499214] [ 14.499385] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.499445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.499457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.499512] Call Trace: [ 14.499525] <TASK> [ 14.499543] dump_stack_lvl+0x73/0xb0 [ 14.499709] print_report+0xd1/0x610 [ 14.499785] ? __virt_addr_valid+0x1db/0x2d0 [ 14.499845] ? mempool_oob_right_helper+0x318/0x380 [ 14.499892] ? kasan_addr_to_slab+0x11/0xa0 [ 14.499914] ? mempool_oob_right_helper+0x318/0x380 [ 14.499939] kasan_report+0x141/0x180 [ 14.499962] ? mempool_oob_right_helper+0x318/0x380 [ 14.499991] __asan_report_load1_noabort+0x18/0x20 [ 14.500016] mempool_oob_right_helper+0x318/0x380 [ 14.500041] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.500073] ? __kasan_check_write+0x18/0x20 [ 14.500093] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.500116] ? irqentry_exit+0x2a/0x60 [ 14.500138] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.500165] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 14.500191] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.500221] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.500331] ? __pfx_mempool_kfree+0x10/0x10 [ 14.500361] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.500391] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.500433] kunit_try_run_case+0x1a5/0x480 [ 14.500460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.500484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.500510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.500534] ? __kthread_parkme+0x82/0x180 [ 14.500569] ? preempt_count_sub+0x50/0x80 [ 14.500596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.500621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.500647] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.500673] kthread+0x337/0x6f0 [ 14.500692] ? trace_preempt_on+0x20/0xc0 [ 14.500716] ? __pfx_kthread+0x10/0x10 [ 14.500738] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.500760] ? calculate_sigpending+0x7b/0xa0 [ 14.500785] ? __pfx_kthread+0x10/0x10 [ 14.500807] ret_from_fork+0x116/0x1d0 [ 14.500828] ? __pfx_kthread+0x10/0x10 [ 14.500849] ret_from_fork_asm+0x1a/0x30 [ 14.500881] </TASK> [ 14.500893] [ 14.510913] The buggy address belongs to the physical page: [ 14.511150] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.511740] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.512163] flags: 0x200000000000040(head|node=0|zone=2) [ 14.512346] page_type: f8(unknown) [ 14.512475] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.512965] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.513312] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.513850] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.514311] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff [ 14.514698] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.515039] page dumped because: kasan: bad access detected [ 14.515439] [ 14.515541] Memory state around the buggy address: [ 14.515740] ffff8881039f5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.516029] ffff8881039f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.516479] >ffff8881039f6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.516713] ^ [ 14.516881] ffff8881039f6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.517196] ffff8881039f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.517810] ================================================================== [ 14.521419] ================================================================== [ 14.522217] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.522478] Read of size 1 at addr ffff8881039b62bb by task kunit_try_catch/242 [ 14.522714] [ 14.522803] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.522846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.522858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.522878] Call Trace: [ 14.522890] <TASK> [ 14.522905] dump_stack_lvl+0x73/0xb0 [ 14.522936] print_report+0xd1/0x610 [ 14.522958] ? __virt_addr_valid+0x1db/0x2d0 [ 14.522981] ? mempool_oob_right_helper+0x318/0x380 [ 14.523004] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.523026] ? mempool_oob_right_helper+0x318/0x380 [ 14.523049] kasan_report+0x141/0x180 [ 14.523070] ? mempool_oob_right_helper+0x318/0x380 [ 14.523097] __asan_report_load1_noabort+0x18/0x20 [ 14.523121] mempool_oob_right_helper+0x318/0x380 [ 14.523145] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.523171] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.523192] ? finish_task_switch.isra.0+0x153/0x700 [ 14.523218] mempool_slab_oob_right+0xed/0x140 [ 14.523241] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.523267] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.523292] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.523317] ? __pfx_read_tsc+0x10/0x10 [ 14.523337] ? ktime_get_ts64+0x86/0x230 [ 14.523362] kunit_try_run_case+0x1a5/0x480 [ 14.523388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.523410] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.523435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.523459] ? __kthread_parkme+0x82/0x180 [ 14.523479] ? preempt_count_sub+0x50/0x80 [ 14.523503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.523528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.523576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.523601] kthread+0x337/0x6f0 [ 14.523620] ? trace_preempt_on+0x20/0xc0 [ 14.523642] ? __pfx_kthread+0x10/0x10 [ 14.523662] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.523683] ? calculate_sigpending+0x7b/0xa0 [ 14.523707] ? __pfx_kthread+0x10/0x10 [ 14.523728] ret_from_fork+0x116/0x1d0 [ 14.523775] ? __pfx_kthread+0x10/0x10 [ 14.523796] ret_from_fork_asm+0x1a/0x30 [ 14.523827] </TASK> [ 14.523838] [ 14.540790] Allocated by task 242: [ 14.541152] kasan_save_stack+0x45/0x70 [ 14.541656] kasan_save_track+0x18/0x40 [ 14.542229] kasan_save_alloc_info+0x3b/0x50 [ 14.542776] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.543286] remove_element+0x11e/0x190 [ 14.543815] mempool_alloc_preallocated+0x4d/0x90 [ 14.544135] mempool_oob_right_helper+0x8a/0x380 [ 14.544514] mempool_slab_oob_right+0xed/0x140 [ 14.544963] kunit_try_run_case+0x1a5/0x480 [ 14.545412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.545832] kthread+0x337/0x6f0 [ 14.545953] ret_from_fork+0x116/0x1d0 [ 14.546083] ret_from_fork_asm+0x1a/0x30 [ 14.546218] [ 14.546591] The buggy address belongs to the object at ffff8881039b6240 [ 14.546591] which belongs to the cache test_cache of size 123 [ 14.547826] The buggy address is located 0 bytes to the right of [ 14.547826] allocated 123-byte region [ffff8881039b6240, ffff8881039b62bb) [ 14.549100] [ 14.549176] The buggy address belongs to the physical page: [ 14.549585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b6 [ 14.550336] flags: 0x200000000000000(node=0|zone=2) [ 14.550757] page_type: f5(slab) [ 14.550883] raw: 0200000000000000 ffff8881039b4000 dead000000000122 0000000000000000 [ 14.551114] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.551706] page dumped because: kasan: bad access detected [ 14.552228] [ 14.552601] Memory state around the buggy address: [ 14.553057] ffff8881039b6180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.553835] ffff8881039b6200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.554573] >ffff8881039b6280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.554897] ^ [ 14.555057] ffff8881039b6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.555319] ffff8881039b6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.556124] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.895794] ================================================================== [ 13.896228] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.896730] Read of size 1 at addr ffff88810166bc80 by task kunit_try_catch/232 [ 13.897066] [ 13.897183] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.897232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.897243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.897267] Call Trace: [ 13.897281] <TASK> [ 13.897299] dump_stack_lvl+0x73/0xb0 [ 13.897331] print_report+0xd1/0x610 [ 13.897376] ? __virt_addr_valid+0x1db/0x2d0 [ 13.897487] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.897516] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.897541] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.897601] kasan_report+0x141/0x180 [ 13.897624] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.897653] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.897678] __kasan_check_byte+0x3d/0x50 [ 13.897701] kmem_cache_destroy+0x25/0x1d0 [ 13.897726] kmem_cache_double_destroy+0x1bf/0x380 [ 13.897751] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.897777] ? finish_task_switch.isra.0+0x153/0x700 [ 13.897802] ? __switch_to+0x47/0xf50 [ 13.897850] ? __pfx_read_tsc+0x10/0x10 [ 13.897872] ? ktime_get_ts64+0x86/0x230 [ 13.897898] kunit_try_run_case+0x1a5/0x480 [ 13.897923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.897947] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.897973] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.898013] ? __kthread_parkme+0x82/0x180 [ 13.898036] ? preempt_count_sub+0x50/0x80 [ 13.898060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.898084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.898110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.898136] kthread+0x337/0x6f0 [ 13.898155] ? trace_preempt_on+0x20/0xc0 [ 13.898180] ? __pfx_kthread+0x10/0x10 [ 13.898201] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.898222] ? calculate_sigpending+0x7b/0xa0 [ 13.898258] ? __pfx_kthread+0x10/0x10 [ 13.898280] ret_from_fork+0x116/0x1d0 [ 13.898298] ? __pfx_kthread+0x10/0x10 [ 13.898319] ret_from_fork_asm+0x1a/0x30 [ 13.898351] </TASK> [ 13.898362] [ 13.909153] Allocated by task 232: [ 13.909639] kasan_save_stack+0x45/0x70 [ 13.909832] kasan_save_track+0x18/0x40 [ 13.909978] kasan_save_alloc_info+0x3b/0x50 [ 13.910491] __kasan_slab_alloc+0x91/0xa0 [ 13.910753] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.910981] __kmem_cache_create_args+0x169/0x240 [ 13.911226] kmem_cache_double_destroy+0xd5/0x380 [ 13.911537] kunit_try_run_case+0x1a5/0x480 [ 13.911775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.912031] kthread+0x337/0x6f0 [ 13.912214] ret_from_fork+0x116/0x1d0 [ 13.912343] ret_from_fork_asm+0x1a/0x30 [ 13.912717] [ 13.912849] Freed by task 232: [ 13.913042] kasan_save_stack+0x45/0x70 [ 13.913217] kasan_save_track+0x18/0x40 [ 13.913573] kasan_save_free_info+0x3f/0x60 [ 13.913724] __kasan_slab_free+0x56/0x70 [ 13.913920] kmem_cache_free+0x249/0x420 [ 13.914090] slab_kmem_cache_release+0x2e/0x40 [ 13.914268] kmem_cache_release+0x16/0x20 [ 13.914575] kobject_put+0x181/0x450 [ 13.914844] sysfs_slab_release+0x16/0x20 [ 13.914997] kmem_cache_destroy+0xf0/0x1d0 [ 13.915176] kmem_cache_double_destroy+0x14e/0x380 [ 13.915563] kunit_try_run_case+0x1a5/0x480 [ 13.915782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.916025] kthread+0x337/0x6f0 [ 13.916172] ret_from_fork+0x116/0x1d0 [ 13.916370] ret_from_fork_asm+0x1a/0x30 [ 13.916634] [ 13.916736] The buggy address belongs to the object at ffff88810166bc80 [ 13.916736] which belongs to the cache kmem_cache of size 208 [ 13.917252] The buggy address is located 0 bytes inside of [ 13.917252] freed 208-byte region [ffff88810166bc80, ffff88810166bd50) [ 13.917839] [ 13.917940] The buggy address belongs to the physical page: [ 13.918194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10166b [ 13.918543] flags: 0x200000000000000(node=0|zone=2) [ 13.918720] page_type: f5(slab) [ 13.918942] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.919362] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.919732] page dumped because: kasan: bad access detected [ 13.919968] [ 13.920060] Memory state around the buggy address: [ 13.920328] ffff88810166bb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.920645] ffff88810166bc00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.921136] >ffff88810166bc80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.921572] ^ [ 13.921782] ffff88810166bd00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.922097] ffff88810166bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.922372] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.826587] ================================================================== [ 13.827009] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.827295] Read of size 1 at addr ffff888102a1f000 by task kunit_try_catch/230 [ 13.828107] [ 13.828407] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.828481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.828494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.828515] Call Trace: [ 13.828527] <TASK> [ 13.828544] dump_stack_lvl+0x73/0xb0 [ 13.828584] print_report+0xd1/0x610 [ 13.828607] ? __virt_addr_valid+0x1db/0x2d0 [ 13.828629] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.828653] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.828676] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.828700] kasan_report+0x141/0x180 [ 13.828721] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.828749] __asan_report_load1_noabort+0x18/0x20 [ 13.828820] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.828854] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.828888] ? finish_task_switch.isra.0+0x153/0x700 [ 13.828912] ? __switch_to+0x47/0xf50 [ 13.829180] ? __pfx_read_tsc+0x10/0x10 [ 13.829202] ? ktime_get_ts64+0x86/0x230 [ 13.829226] kunit_try_run_case+0x1a5/0x480 [ 13.829262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.829287] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.829313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.829337] ? __kthread_parkme+0x82/0x180 [ 13.829359] ? preempt_count_sub+0x50/0x80 [ 13.829383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.829408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.829433] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.829460] kthread+0x337/0x6f0 [ 13.829479] ? trace_preempt_on+0x20/0xc0 [ 13.829504] ? __pfx_kthread+0x10/0x10 [ 13.829524] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.829547] ? calculate_sigpending+0x7b/0xa0 [ 13.829585] ? __pfx_kthread+0x10/0x10 [ 13.829606] ret_from_fork+0x116/0x1d0 [ 13.829626] ? __pfx_kthread+0x10/0x10 [ 13.829647] ret_from_fork_asm+0x1a/0x30 [ 13.829677] </TASK> [ 13.829689] [ 13.843034] Allocated by task 230: [ 13.843177] kasan_save_stack+0x45/0x70 [ 13.843672] kasan_save_track+0x18/0x40 [ 13.844081] kasan_save_alloc_info+0x3b/0x50 [ 13.844649] __kasan_slab_alloc+0x91/0xa0 [ 13.845090] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.845754] kmem_cache_rcu_uaf+0x155/0x510 [ 13.845917] kunit_try_run_case+0x1a5/0x480 [ 13.846065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.846296] kthread+0x337/0x6f0 [ 13.846715] ret_from_fork+0x116/0x1d0 [ 13.847114] ret_from_fork_asm+0x1a/0x30 [ 13.847538] [ 13.847780] Freed by task 0: [ 13.848219] kasan_save_stack+0x45/0x70 [ 13.848765] kasan_save_track+0x18/0x40 [ 13.849107] kasan_save_free_info+0x3f/0x60 [ 13.849398] __kasan_slab_free+0x56/0x70 [ 13.849829] slab_free_after_rcu_debug+0xe4/0x310 [ 13.850350] rcu_core+0x66f/0x1c40 [ 13.850532] rcu_core_si+0x12/0x20 [ 13.850870] handle_softirqs+0x209/0x730 [ 13.851195] __irq_exit_rcu+0xc9/0x110 [ 13.851591] irq_exit_rcu+0x12/0x20 [ 13.851902] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.852079] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.852322] [ 13.852597] Last potentially related work creation: [ 13.853067] kasan_save_stack+0x45/0x70 [ 13.853636] kasan_record_aux_stack+0xb2/0xc0 [ 13.854194] kmem_cache_free+0x131/0x420 [ 13.854534] kmem_cache_rcu_uaf+0x194/0x510 [ 13.854957] kunit_try_run_case+0x1a5/0x480 [ 13.855115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.855356] kthread+0x337/0x6f0 [ 13.855835] ret_from_fork+0x116/0x1d0 [ 13.856354] ret_from_fork_asm+0x1a/0x30 [ 13.856874] [ 13.857092] The buggy address belongs to the object at ffff888102a1f000 [ 13.857092] which belongs to the cache test_cache of size 200 [ 13.857935] The buggy address is located 0 bytes inside of [ 13.857935] freed 200-byte region [ffff888102a1f000, ffff888102a1f0c8) [ 13.858535] [ 13.858727] The buggy address belongs to the physical page: [ 13.859457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1f [ 13.860192] flags: 0x200000000000000(node=0|zone=2) [ 13.860808] page_type: f5(slab) [ 13.861075] raw: 0200000000000000 ffff8881025d5140 dead000000000122 0000000000000000 [ 13.861723] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.862150] page dumped because: kasan: bad access detected [ 13.862344] [ 13.862418] Memory state around the buggy address: [ 13.862588] ffff888102a1ef00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.862913] ffff888102a1ef80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.863241] >ffff888102a1f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.863594] ^ [ 13.863752] ffff888102a1f080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.864139] ffff888102a1f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.864566] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.760541] ================================================================== [ 13.761108] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.762095] Free of addr ffff8881025d8001 by task kunit_try_catch/228 [ 13.762894] [ 13.763245] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.763296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.763308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.763330] Call Trace: [ 13.763342] <TASK> [ 13.763359] dump_stack_lvl+0x73/0xb0 [ 13.763392] print_report+0xd1/0x610 [ 13.763530] ? __virt_addr_valid+0x1db/0x2d0 [ 13.763582] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.763609] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.763637] kasan_report_invalid_free+0x10a/0x130 [ 13.763694] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.763721] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.763747] check_slab_allocation+0x11f/0x130 [ 13.763769] __kasan_slab_pre_free+0x28/0x40 [ 13.763790] kmem_cache_free+0xed/0x420 [ 13.763811] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.763832] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.763860] kmem_cache_invalid_free+0x1d8/0x460 [ 13.763885] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.763910] ? finish_task_switch.isra.0+0x153/0x700 [ 13.763934] ? __switch_to+0x47/0xf50 [ 13.763963] ? __pfx_read_tsc+0x10/0x10 [ 13.763984] ? ktime_get_ts64+0x86/0x230 [ 13.764008] kunit_try_run_case+0x1a5/0x480 [ 13.764035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.764066] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.764090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.764114] ? __kthread_parkme+0x82/0x180 [ 13.764134] ? preempt_count_sub+0x50/0x80 [ 13.764157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.764182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.764207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.764234] kthread+0x337/0x6f0 [ 13.764263] ? trace_preempt_on+0x20/0xc0 [ 13.764287] ? __pfx_kthread+0x10/0x10 [ 13.764308] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.764329] ? calculate_sigpending+0x7b/0xa0 [ 13.764354] ? __pfx_kthread+0x10/0x10 [ 13.764375] ret_from_fork+0x116/0x1d0 [ 13.764393] ? __pfx_kthread+0x10/0x10 [ 13.764420] ret_from_fork_asm+0x1a/0x30 [ 13.764451] </TASK> [ 13.764462] [ 13.781868] Allocated by task 228: [ 13.782586] kasan_save_stack+0x45/0x70 [ 13.783019] kasan_save_track+0x18/0x40 [ 13.783691] kasan_save_alloc_info+0x3b/0x50 [ 13.784152] __kasan_slab_alloc+0x91/0xa0 [ 13.784672] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.784994] kmem_cache_invalid_free+0x157/0x460 [ 13.785160] kunit_try_run_case+0x1a5/0x480 [ 13.785321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.785717] kthread+0x337/0x6f0 [ 13.785860] ret_from_fork+0x116/0x1d0 [ 13.786225] ret_from_fork_asm+0x1a/0x30 [ 13.786805] [ 13.786991] The buggy address belongs to the object at ffff8881025d8000 [ 13.786991] which belongs to the cache test_cache of size 200 [ 13.787823] The buggy address is located 1 bytes inside of [ 13.787823] 200-byte region [ffff8881025d8000, ffff8881025d80c8) [ 13.788729] [ 13.788805] The buggy address belongs to the physical page: [ 13.788979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025d8 [ 13.789221] flags: 0x200000000000000(node=0|zone=2) [ 13.789759] page_type: f5(slab) [ 13.790079] raw: 0200000000000000 ffff8881025d5000 dead000000000122 0000000000000000 [ 13.790814] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.791582] page dumped because: kasan: bad access detected [ 13.791996] [ 13.792073] Memory state around the buggy address: [ 13.792229] ffff8881025d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.792959] ffff8881025d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.793749] >ffff8881025d8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.794144] ^ [ 13.794302] ffff8881025d8080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.794970] ffff8881025d8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.795515] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.722207] ================================================================== [ 13.722835] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.723201] Free of addr ffff888102a1c000 by task kunit_try_catch/226 [ 13.723593] [ 13.723751] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.723800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.723811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.723832] Call Trace: [ 13.723845] <TASK> [ 13.723862] dump_stack_lvl+0x73/0xb0 [ 13.723892] print_report+0xd1/0x610 [ 13.723915] ? __virt_addr_valid+0x1db/0x2d0 [ 13.723940] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.723964] ? kmem_cache_double_free+0x1e5/0x480 [ 13.723990] kasan_report_invalid_free+0x10a/0x130 [ 13.724015] ? kmem_cache_double_free+0x1e5/0x480 [ 13.724042] ? kmem_cache_double_free+0x1e5/0x480 [ 13.724073] check_slab_allocation+0x101/0x130 [ 13.724096] __kasan_slab_pre_free+0x28/0x40 [ 13.724117] kmem_cache_free+0xed/0x420 [ 13.724137] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.724159] ? kmem_cache_double_free+0x1e5/0x480 [ 13.724186] kmem_cache_double_free+0x1e5/0x480 [ 13.724211] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.724235] ? finish_task_switch.isra.0+0x153/0x700 [ 13.724328] ? __switch_to+0x47/0xf50 [ 13.724357] ? __pfx_read_tsc+0x10/0x10 [ 13.724379] ? ktime_get_ts64+0x86/0x230 [ 13.724403] kunit_try_run_case+0x1a5/0x480 [ 13.724429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.724453] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.724478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.724502] ? __kthread_parkme+0x82/0x180 [ 13.724524] ? preempt_count_sub+0x50/0x80 [ 13.724578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.724602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.724627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.724653] kthread+0x337/0x6f0 [ 13.724672] ? trace_preempt_on+0x20/0xc0 [ 13.724696] ? __pfx_kthread+0x10/0x10 [ 13.724716] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.724738] ? calculate_sigpending+0x7b/0xa0 [ 13.724763] ? __pfx_kthread+0x10/0x10 [ 13.724784] ret_from_fork+0x116/0x1d0 [ 13.724803] ? __pfx_kthread+0x10/0x10 [ 13.724823] ret_from_fork_asm+0x1a/0x30 [ 13.724855] </TASK> [ 13.724866] [ 13.735822] Allocated by task 226: [ 13.736162] kasan_save_stack+0x45/0x70 [ 13.736606] kasan_save_track+0x18/0x40 [ 13.736889] kasan_save_alloc_info+0x3b/0x50 [ 13.737183] __kasan_slab_alloc+0x91/0xa0 [ 13.737721] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.737941] kmem_cache_double_free+0x14f/0x480 [ 13.738247] kunit_try_run_case+0x1a5/0x480 [ 13.738672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.738913] kthread+0x337/0x6f0 [ 13.739088] ret_from_fork+0x116/0x1d0 [ 13.739269] ret_from_fork_asm+0x1a/0x30 [ 13.739441] [ 13.739983] Freed by task 226: [ 13.740153] kasan_save_stack+0x45/0x70 [ 13.740523] kasan_save_track+0x18/0x40 [ 13.740904] kasan_save_free_info+0x3f/0x60 [ 13.741193] __kasan_slab_free+0x56/0x70 [ 13.741750] kmem_cache_free+0x249/0x420 [ 13.741956] kmem_cache_double_free+0x16a/0x480 [ 13.742410] kunit_try_run_case+0x1a5/0x480 [ 13.742647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.742985] kthread+0x337/0x6f0 [ 13.743169] ret_from_fork+0x116/0x1d0 [ 13.743625] ret_from_fork_asm+0x1a/0x30 [ 13.743812] [ 13.743902] The buggy address belongs to the object at ffff888102a1c000 [ 13.743902] which belongs to the cache test_cache of size 200 [ 13.744771] The buggy address is located 0 bytes inside of [ 13.744771] 200-byte region [ffff888102a1c000, ffff888102a1c0c8) [ 13.745589] [ 13.745694] The buggy address belongs to the physical page: [ 13.746056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1c [ 13.746701] flags: 0x200000000000000(node=0|zone=2) [ 13.746926] page_type: f5(slab) [ 13.747176] raw: 0200000000000000 ffff88810166bb40 dead000000000122 0000000000000000 [ 13.747698] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.748183] page dumped because: kasan: bad access detected [ 13.748671] [ 13.748887] Memory state around the buggy address: [ 13.749164] ffff888102a1bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.749666] ffff888102a1bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.749955] >ffff888102a1c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.750252] ^ [ 13.750755] ffff888102a1c080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.751112] ffff888102a1c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.751545] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.669144] ================================================================== [ 13.670542] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.670795] Read of size 1 at addr ffff888102a190c8 by task kunit_try_catch/224 [ 13.671019] [ 13.671109] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.671156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.671167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.671189] Call Trace: [ 13.671202] <TASK> [ 13.671218] dump_stack_lvl+0x73/0xb0 [ 13.671248] print_report+0xd1/0x610 [ 13.671270] ? __virt_addr_valid+0x1db/0x2d0 [ 13.671294] ? kmem_cache_oob+0x402/0x530 [ 13.671317] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.671340] ? kmem_cache_oob+0x402/0x530 [ 13.671364] kasan_report+0x141/0x180 [ 13.671386] ? kmem_cache_oob+0x402/0x530 [ 13.671476] __asan_report_load1_noabort+0x18/0x20 [ 13.671506] kmem_cache_oob+0x402/0x530 [ 13.671536] ? trace_hardirqs_on+0x37/0xe0 [ 13.671575] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.671598] ? finish_task_switch.isra.0+0x153/0x700 [ 13.671622] ? __switch_to+0x47/0xf50 [ 13.671651] ? __pfx_read_tsc+0x10/0x10 [ 13.671672] ? ktime_get_ts64+0x86/0x230 [ 13.671697] kunit_try_run_case+0x1a5/0x480 [ 13.671722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.671746] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.671772] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.671797] ? __kthread_parkme+0x82/0x180 [ 13.671819] ? preempt_count_sub+0x50/0x80 [ 13.671842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.671867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.671891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.671917] kthread+0x337/0x6f0 [ 13.671936] ? trace_preempt_on+0x20/0xc0 [ 13.671958] ? __pfx_kthread+0x10/0x10 [ 13.671979] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.672000] ? calculate_sigpending+0x7b/0xa0 [ 13.672025] ? __pfx_kthread+0x10/0x10 [ 13.672051] ret_from_fork+0x116/0x1d0 [ 13.672070] ? __pfx_kthread+0x10/0x10 [ 13.672091] ret_from_fork_asm+0x1a/0x30 [ 13.672123] </TASK> [ 13.672134] [ 13.685081] Allocated by task 224: [ 13.685450] kasan_save_stack+0x45/0x70 [ 13.685728] kasan_save_track+0x18/0x40 [ 13.686052] kasan_save_alloc_info+0x3b/0x50 [ 13.686528] __kasan_slab_alloc+0x91/0xa0 [ 13.686868] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.687090] kmem_cache_oob+0x157/0x530 [ 13.687467] kunit_try_run_case+0x1a5/0x480 [ 13.687815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.688058] kthread+0x337/0x6f0 [ 13.688216] ret_from_fork+0x116/0x1d0 [ 13.688709] ret_from_fork_asm+0x1a/0x30 [ 13.689036] [ 13.689142] The buggy address belongs to the object at ffff888102a19000 [ 13.689142] which belongs to the cache test_cache of size 200 [ 13.689810] The buggy address is located 0 bytes to the right of [ 13.689810] allocated 200-byte region [ffff888102a19000, ffff888102a190c8) [ 13.690674] [ 13.690875] The buggy address belongs to the physical page: [ 13.691374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a19 [ 13.691875] flags: 0x200000000000000(node=0|zone=2) [ 13.692267] page_type: f5(slab) [ 13.692598] raw: 0200000000000000 ffff88810166ba00 dead000000000122 0000000000000000 [ 13.693396] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.694039] page dumped because: kasan: bad access detected [ 13.694426] [ 13.694750] Memory state around the buggy address: [ 13.695172] ffff888102a18f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.695777] ffff888102a19000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.696570] >ffff888102a19080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.696896] ^ [ 13.697127] ffff888102a19100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.698072] ffff888102a19180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.698659] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.621931] ================================================================== [ 13.622515] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.623268] Read of size 8 at addr ffff888102a11780 by task kunit_try_catch/217 [ 13.624015] [ 13.624183] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.624246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.624258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.624279] Call Trace: [ 13.624291] <TASK> [ 13.624306] dump_stack_lvl+0x73/0xb0 [ 13.624335] print_report+0xd1/0x610 [ 13.624386] ? __virt_addr_valid+0x1db/0x2d0 [ 13.624426] ? workqueue_uaf+0x4d6/0x560 [ 13.624447] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.624471] ? workqueue_uaf+0x4d6/0x560 [ 13.624493] kasan_report+0x141/0x180 [ 13.624514] ? workqueue_uaf+0x4d6/0x560 [ 13.624540] __asan_report_load8_noabort+0x18/0x20 [ 13.624575] workqueue_uaf+0x4d6/0x560 [ 13.624597] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.624620] ? __schedule+0x10cc/0x2b60 [ 13.624642] ? __pfx_read_tsc+0x10/0x10 [ 13.624663] ? ktime_get_ts64+0x86/0x230 [ 13.624687] kunit_try_run_case+0x1a5/0x480 [ 13.624711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.624756] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.624781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.624816] ? __kthread_parkme+0x82/0x180 [ 13.624837] ? preempt_count_sub+0x50/0x80 [ 13.624860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.624884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.624909] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.624935] kthread+0x337/0x6f0 [ 13.624953] ? trace_preempt_on+0x20/0xc0 [ 13.624977] ? __pfx_kthread+0x10/0x10 [ 13.624997] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.625019] ? calculate_sigpending+0x7b/0xa0 [ 13.625044] ? __pfx_kthread+0x10/0x10 [ 13.625065] ret_from_fork+0x116/0x1d0 [ 13.625084] ? __pfx_kthread+0x10/0x10 [ 13.625104] ret_from_fork_asm+0x1a/0x30 [ 13.625135] </TASK> [ 13.625145] [ 13.636140] Allocated by task 217: [ 13.636274] kasan_save_stack+0x45/0x70 [ 13.636423] kasan_save_track+0x18/0x40 [ 13.636597] kasan_save_alloc_info+0x3b/0x50 [ 13.636996] __kasan_kmalloc+0xb7/0xc0 [ 13.637353] __kmalloc_cache_noprof+0x189/0x420 [ 13.637804] workqueue_uaf+0x152/0x560 [ 13.638138] kunit_try_run_case+0x1a5/0x480 [ 13.638620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.639132] kthread+0x337/0x6f0 [ 13.639492] ret_from_fork+0x116/0x1d0 [ 13.639979] ret_from_fork_asm+0x1a/0x30 [ 13.640363] [ 13.640574] Freed by task 9: [ 13.640924] kasan_save_stack+0x45/0x70 [ 13.641358] kasan_save_track+0x18/0x40 [ 13.641754] kasan_save_free_info+0x3f/0x60 [ 13.642147] __kasan_slab_free+0x56/0x70 [ 13.642636] kfree+0x222/0x3f0 [ 13.642957] workqueue_uaf_work+0x12/0x20 [ 13.643371] process_one_work+0x5ee/0xf60 [ 13.643808] worker_thread+0x758/0x1220 [ 13.644180] kthread+0x337/0x6f0 [ 13.644577] ret_from_fork+0x116/0x1d0 [ 13.644973] ret_from_fork_asm+0x1a/0x30 [ 13.645401] [ 13.645587] Last potentially related work creation: [ 13.646017] kasan_save_stack+0x45/0x70 [ 13.646409] kasan_record_aux_stack+0xb2/0xc0 [ 13.646892] __queue_work+0x626/0xeb0 [ 13.647244] queue_work_on+0xb6/0xc0 [ 13.647664] workqueue_uaf+0x26d/0x560 [ 13.648066] kunit_try_run_case+0x1a5/0x480 [ 13.648534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.649053] kthread+0x337/0x6f0 [ 13.649438] ret_from_fork+0x116/0x1d0 [ 13.649816] ret_from_fork_asm+0x1a/0x30 [ 13.650206] [ 13.650438] The buggy address belongs to the object at ffff888102a11780 [ 13.650438] which belongs to the cache kmalloc-32 of size 32 [ 13.651445] The buggy address is located 0 bytes inside of [ 13.651445] freed 32-byte region [ffff888102a11780, ffff888102a117a0) [ 13.652104] [ 13.652179] The buggy address belongs to the physical page: [ 13.652355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a11 [ 13.653174] flags: 0x200000000000000(node=0|zone=2) [ 13.653780] page_type: f5(slab) [ 13.654160] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.654925] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.655427] page dumped because: kasan: bad access detected [ 13.655834] [ 13.656014] Memory state around the buggy address: [ 13.656526] ffff888102a11680: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.657297] ffff888102a11700: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 13.657978] >ffff888102a11780: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.658506] ^ [ 13.658684] ffff888102a11800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.659344] ffff888102a11880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.659971] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.579434] ================================================================== [ 13.579869] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.580135] Read of size 4 at addr ffff888102a11680 by task swapper/0/0 [ 13.580410] [ 13.580516] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.580566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.580577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.580597] Call Trace: [ 13.580624] <IRQ> [ 13.580639] dump_stack_lvl+0x73/0xb0 [ 13.580670] print_report+0xd1/0x610 [ 13.580691] ? __virt_addr_valid+0x1db/0x2d0 [ 13.580714] ? rcu_uaf_reclaim+0x50/0x60 [ 13.580732] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.580754] ? rcu_uaf_reclaim+0x50/0x60 [ 13.580773] kasan_report+0x141/0x180 [ 13.580794] ? rcu_uaf_reclaim+0x50/0x60 [ 13.580818] __asan_report_load4_noabort+0x18/0x20 [ 13.580841] rcu_uaf_reclaim+0x50/0x60 [ 13.580860] rcu_core+0x66f/0x1c40 [ 13.580888] ? __pfx_rcu_core+0x10/0x10 [ 13.580908] ? ktime_get+0x6b/0x150 [ 13.580929] ? handle_softirqs+0x18e/0x730 [ 13.580953] rcu_core_si+0x12/0x20 [ 13.580972] handle_softirqs+0x209/0x730 [ 13.580990] ? hrtimer_interrupt+0x2fe/0x780 [ 13.581012] ? __pfx_handle_softirqs+0x10/0x10 [ 13.581036] __irq_exit_rcu+0xc9/0x110 [ 13.581055] irq_exit_rcu+0x12/0x20 [ 13.581075] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.581098] </IRQ> [ 13.581119] <TASK> [ 13.581128] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.581216] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.581431] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 72 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.581611] RSP: 0000:ffffffffbbe07dd8 EFLAGS: 00010206 [ 13.581706] RAX: ffff88819de72000 RBX: ffffffffbbe1cac0 RCX: ffffffffbac75125 [ 13.581751] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 0000000000005e04 [ 13.581795] RBP: ffffffffbbe07de0 R08: 0000000000000001 R09: ffffed102b60618a [ 13.581839] R10: ffff88815b030c53 R11: ffffffffbd1c36c0 R12: 0000000000000000 [ 13.581881] R13: fffffbfff77c3958 R14: ffffffffbc9b1490 R15: 0000000000000000 [ 13.581939] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.581995] ? default_idle+0xd/0x20 [ 13.582018] arch_cpu_idle+0xd/0x20 [ 13.582039] default_idle_call+0x48/0x80 [ 13.582058] do_idle+0x379/0x4f0 [ 13.582084] ? __pfx_do_idle+0x10/0x10 [ 13.582106] ? trace_preempt_on+0x20/0xc0 [ 13.582128] ? schedule+0x86/0x2e0 [ 13.582149] ? preempt_count_sub+0x50/0x80 [ 13.582172] cpu_startup_entry+0x5c/0x70 [ 13.582192] rest_init+0x11a/0x140 [ 13.582209] ? acpi_subsystem_init+0x5d/0x150 [ 13.582255] start_kernel+0x330/0x410 [ 13.582281] x86_64_start_reservations+0x1c/0x30 [ 13.582307] x86_64_start_kernel+0x10d/0x120 [ 13.582332] common_startup_64+0x13e/0x148 [ 13.582365] </TASK> [ 13.582376] [ 13.595330] Allocated by task 215: [ 13.595527] kasan_save_stack+0x45/0x70 [ 13.595738] kasan_save_track+0x18/0x40 [ 13.595905] kasan_save_alloc_info+0x3b/0x50 [ 13.596103] __kasan_kmalloc+0xb7/0xc0 [ 13.596850] __kmalloc_cache_noprof+0x189/0x420 [ 13.597044] rcu_uaf+0xb0/0x330 [ 13.597166] kunit_try_run_case+0x1a5/0x480 [ 13.597428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.597677] kthread+0x337/0x6f0 [ 13.597841] ret_from_fork+0x116/0x1d0 [ 13.598017] ret_from_fork_asm+0x1a/0x30 [ 13.598186] [ 13.598437] Freed by task 0: [ 13.598598] kasan_save_stack+0x45/0x70 [ 13.598776] kasan_save_track+0x18/0x40 [ 13.598953] kasan_save_free_info+0x3f/0x60 [ 13.599135] __kasan_slab_free+0x56/0x70 [ 13.599368] kfree+0x222/0x3f0 [ 13.599640] rcu_uaf_reclaim+0x1f/0x60 [ 13.599812] rcu_core+0x66f/0x1c40 [ 13.599972] rcu_core_si+0x12/0x20 [ 13.600134] handle_softirqs+0x209/0x730 [ 13.600445] __irq_exit_rcu+0xc9/0x110 [ 13.600638] irq_exit_rcu+0x12/0x20 [ 13.600811] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.601024] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.601235] [ 13.602228] Last potentially related work creation: [ 13.602902] kasan_save_stack+0x45/0x70 [ 13.603392] kasan_record_aux_stack+0xb2/0xc0 [ 13.603804] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 13.604189] call_rcu+0x12/0x20 [ 13.604730] rcu_uaf+0x168/0x330 [ 13.604992] kunit_try_run_case+0x1a5/0x480 [ 13.605197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.605703] kthread+0x337/0x6f0 [ 13.605889] ret_from_fork+0x116/0x1d0 [ 13.606064] ret_from_fork_asm+0x1a/0x30 [ 13.606493] [ 13.606609] The buggy address belongs to the object at ffff888102a11680 [ 13.606609] which belongs to the cache kmalloc-32 of size 32 [ 13.607522] The buggy address is located 0 bytes inside of [ 13.607522] freed 32-byte region [ffff888102a11680, ffff888102a116a0) [ 13.608001] [ 13.608098] The buggy address belongs to the physical page: [ 13.608625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a11 [ 13.609210] flags: 0x200000000000000(node=0|zone=2) [ 13.609663] page_type: f5(slab) [ 13.609979] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.610489] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.610983] page dumped because: kasan: bad access detected [ 13.611216] [ 13.611306] Memory state around the buggy address: [ 13.611509] ffff888102a11580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.611802] ffff888102a11600: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.612086] >ffff888102a11680: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.612365] ^ [ 13.612517] ffff888102a11700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.613588] ffff888102a11780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.614570] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.549443] ================================================================== [ 13.549980] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.550308] Read of size 1 at addr ffff8881025cc578 by task kunit_try_catch/213 [ 13.550654] [ 13.550745] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.550788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.550799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.550819] Call Trace: [ 13.550833] <TASK> [ 13.550847] dump_stack_lvl+0x73/0xb0 [ 13.550876] print_report+0xd1/0x610 [ 13.550900] ? __virt_addr_valid+0x1db/0x2d0 [ 13.550923] ? ksize_uaf+0x5e4/0x6c0 [ 13.550943] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.550966] ? ksize_uaf+0x5e4/0x6c0 [ 13.550987] kasan_report+0x141/0x180 [ 13.551008] ? ksize_uaf+0x5e4/0x6c0 [ 13.551034] __asan_report_load1_noabort+0x18/0x20 [ 13.551059] ksize_uaf+0x5e4/0x6c0 [ 13.551080] ? __pfx_ksize_uaf+0x10/0x10 [ 13.551101] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.551127] ? trace_hardirqs_on+0x37/0xe0 [ 13.551149] ? __pfx_read_tsc+0x10/0x10 [ 13.551170] ? ktime_get_ts64+0x86/0x230 [ 13.551193] kunit_try_run_case+0x1a5/0x480 [ 13.551217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.551313] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.551339] ? __kthread_parkme+0x82/0x180 [ 13.551360] ? preempt_count_sub+0x50/0x80 [ 13.551384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.551426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.551451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.551476] kthread+0x337/0x6f0 [ 13.551495] ? trace_preempt_on+0x20/0xc0 [ 13.551517] ? __pfx_kthread+0x10/0x10 [ 13.551538] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.551569] ? calculate_sigpending+0x7b/0xa0 [ 13.551592] ? __pfx_kthread+0x10/0x10 [ 13.551614] ret_from_fork+0x116/0x1d0 [ 13.551632] ? __pfx_kthread+0x10/0x10 [ 13.551653] ret_from_fork_asm+0x1a/0x30 [ 13.551683] </TASK> [ 13.551693] [ 13.558837] Allocated by task 213: [ 13.558997] kasan_save_stack+0x45/0x70 [ 13.559180] kasan_save_track+0x18/0x40 [ 13.559548] kasan_save_alloc_info+0x3b/0x50 [ 13.559772] __kasan_kmalloc+0xb7/0xc0 [ 13.559942] __kmalloc_cache_noprof+0x189/0x420 [ 13.560151] ksize_uaf+0xaa/0x6c0 [ 13.560368] kunit_try_run_case+0x1a5/0x480 [ 13.560594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.560785] kthread+0x337/0x6f0 [ 13.560952] ret_from_fork+0x116/0x1d0 [ 13.561141] ret_from_fork_asm+0x1a/0x30 [ 13.561407] [ 13.561518] Freed by task 213: [ 13.561638] kasan_save_stack+0x45/0x70 [ 13.561840] kasan_save_track+0x18/0x40 [ 13.562037] kasan_save_free_info+0x3f/0x60 [ 13.562212] __kasan_slab_free+0x56/0x70 [ 13.562465] kfree+0x222/0x3f0 [ 13.562651] ksize_uaf+0x12c/0x6c0 [ 13.562832] kunit_try_run_case+0x1a5/0x480 [ 13.563034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.563309] kthread+0x337/0x6f0 [ 13.563507] ret_from_fork+0x116/0x1d0 [ 13.563705] ret_from_fork_asm+0x1a/0x30 [ 13.563872] [ 13.563942] The buggy address belongs to the object at ffff8881025cc500 [ 13.563942] which belongs to the cache kmalloc-128 of size 128 [ 13.564514] The buggy address is located 120 bytes inside of [ 13.564514] freed 128-byte region [ffff8881025cc500, ffff8881025cc580) [ 13.565078] [ 13.565174] The buggy address belongs to the physical page: [ 13.565441] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 13.565766] flags: 0x200000000000000(node=0|zone=2) [ 13.565930] page_type: f5(slab) [ 13.566050] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.566294] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.566641] page dumped because: kasan: bad access detected [ 13.566886] [ 13.566986] Memory state around the buggy address: [ 13.567213] ffff8881025cc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.567529] ffff8881025cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.567918] >ffff8881025cc500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.568191] ^ [ 13.568605] ffff8881025cc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.568892] ffff8881025cc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.569157] ================================================================== [ 13.528518] ================================================================== [ 13.528845] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.529084] Read of size 1 at addr ffff8881025cc500 by task kunit_try_catch/213 [ 13.529531] [ 13.529645] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.529687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.529698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.529718] Call Trace: [ 13.529729] <TASK> [ 13.529743] dump_stack_lvl+0x73/0xb0 [ 13.529769] print_report+0xd1/0x610 [ 13.529791] ? __virt_addr_valid+0x1db/0x2d0 [ 13.529813] ? ksize_uaf+0x5fe/0x6c0 [ 13.529833] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.529856] ? ksize_uaf+0x5fe/0x6c0 [ 13.529877] kasan_report+0x141/0x180 [ 13.529898] ? ksize_uaf+0x5fe/0x6c0 [ 13.529924] __asan_report_load1_noabort+0x18/0x20 [ 13.529949] ksize_uaf+0x5fe/0x6c0 [ 13.529970] ? __pfx_ksize_uaf+0x10/0x10 [ 13.529991] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.530016] ? trace_hardirqs_on+0x37/0xe0 [ 13.530039] ? __pfx_read_tsc+0x10/0x10 [ 13.530059] ? ktime_get_ts64+0x86/0x230 [ 13.530083] kunit_try_run_case+0x1a5/0x480 [ 13.530107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.530132] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.530157] ? __kthread_parkme+0x82/0x180 [ 13.530176] ? preempt_count_sub+0x50/0x80 [ 13.530200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.530224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.530248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.530274] kthread+0x337/0x6f0 [ 13.530293] ? trace_preempt_on+0x20/0xc0 [ 13.530314] ? __pfx_kthread+0x10/0x10 [ 13.530335] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.530356] ? calculate_sigpending+0x7b/0xa0 [ 13.530380] ? __pfx_kthread+0x10/0x10 [ 13.530401] ret_from_fork+0x116/0x1d0 [ 13.530419] ? __pfx_kthread+0x10/0x10 [ 13.530439] ret_from_fork_asm+0x1a/0x30 [ 13.530470] </TASK> [ 13.530479] [ 13.537958] Allocated by task 213: [ 13.538137] kasan_save_stack+0x45/0x70 [ 13.538506] kasan_save_track+0x18/0x40 [ 13.538696] kasan_save_alloc_info+0x3b/0x50 [ 13.538888] __kasan_kmalloc+0xb7/0xc0 [ 13.539073] __kmalloc_cache_noprof+0x189/0x420 [ 13.539349] ksize_uaf+0xaa/0x6c0 [ 13.539588] kunit_try_run_case+0x1a5/0x480 [ 13.539768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.539970] kthread+0x337/0x6f0 [ 13.540100] ret_from_fork+0x116/0x1d0 [ 13.540234] ret_from_fork_asm+0x1a/0x30 [ 13.540496] [ 13.540621] Freed by task 213: [ 13.540776] kasan_save_stack+0x45/0x70 [ 13.540979] kasan_save_track+0x18/0x40 [ 13.541166] kasan_save_free_info+0x3f/0x60 [ 13.541531] __kasan_slab_free+0x56/0x70 [ 13.541720] kfree+0x222/0x3f0 [ 13.541848] ksize_uaf+0x12c/0x6c0 [ 13.541972] kunit_try_run_case+0x1a5/0x480 [ 13.542146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.542542] kthread+0x337/0x6f0 [ 13.542731] ret_from_fork+0x116/0x1d0 [ 13.542918] ret_from_fork_asm+0x1a/0x30 [ 13.543093] [ 13.543189] The buggy address belongs to the object at ffff8881025cc500 [ 13.543189] which belongs to the cache kmalloc-128 of size 128 [ 13.543736] The buggy address is located 0 bytes inside of [ 13.543736] freed 128-byte region [ffff8881025cc500, ffff8881025cc580) [ 13.544099] [ 13.544170] The buggy address belongs to the physical page: [ 13.544428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 13.544797] flags: 0x200000000000000(node=0|zone=2) [ 13.545028] page_type: f5(slab) [ 13.545191] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.545524] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.545871] page dumped because: kasan: bad access detected [ 13.546096] [ 13.546164] Memory state around the buggy address: [ 13.546318] ffff8881025cc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.546532] ffff8881025cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.547807] >ffff8881025cc500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.548131] ^ [ 13.548302] ffff8881025cc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.548625] ffff8881025cc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.548932] ================================================================== [ 13.507442] ================================================================== [ 13.507941] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.508207] Read of size 1 at addr ffff8881025cc500 by task kunit_try_catch/213 [ 13.508703] [ 13.508800] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.508844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.508856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.508875] Call Trace: [ 13.508887] <TASK> [ 13.508901] dump_stack_lvl+0x73/0xb0 [ 13.508930] print_report+0xd1/0x610 [ 13.508952] ? __virt_addr_valid+0x1db/0x2d0 [ 13.508976] ? ksize_uaf+0x19d/0x6c0 [ 13.508996] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.509019] ? ksize_uaf+0x19d/0x6c0 [ 13.509039] kasan_report+0x141/0x180 [ 13.509061] ? ksize_uaf+0x19d/0x6c0 [ 13.509084] ? ksize_uaf+0x19d/0x6c0 [ 13.509105] __kasan_check_byte+0x3d/0x50 [ 13.509127] ksize+0x20/0x60 [ 13.509147] ksize_uaf+0x19d/0x6c0 [ 13.509167] ? __pfx_ksize_uaf+0x10/0x10 [ 13.509188] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.509213] ? trace_hardirqs_on+0x37/0xe0 [ 13.509236] ? __pfx_read_tsc+0x10/0x10 [ 13.509500] ? ktime_get_ts64+0x86/0x230 [ 13.509527] kunit_try_run_case+0x1a5/0x480 [ 13.509565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.509592] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.509617] ? __kthread_parkme+0x82/0x180 [ 13.509638] ? preempt_count_sub+0x50/0x80 [ 13.509662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.509687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.509712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.509737] kthread+0x337/0x6f0 [ 13.509756] ? trace_preempt_on+0x20/0xc0 [ 13.509778] ? __pfx_kthread+0x10/0x10 [ 13.509799] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.509820] ? calculate_sigpending+0x7b/0xa0 [ 13.509844] ? __pfx_kthread+0x10/0x10 [ 13.509866] ret_from_fork+0x116/0x1d0 [ 13.509884] ? __pfx_kthread+0x10/0x10 [ 13.509904] ret_from_fork_asm+0x1a/0x30 [ 13.509935] </TASK> [ 13.509944] [ 13.517448] Allocated by task 213: [ 13.517654] kasan_save_stack+0x45/0x70 [ 13.517865] kasan_save_track+0x18/0x40 [ 13.518014] kasan_save_alloc_info+0x3b/0x50 [ 13.518163] __kasan_kmalloc+0xb7/0xc0 [ 13.518295] __kmalloc_cache_noprof+0x189/0x420 [ 13.518516] ksize_uaf+0xaa/0x6c0 [ 13.518697] kunit_try_run_case+0x1a5/0x480 [ 13.519087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.519518] kthread+0x337/0x6f0 [ 13.519661] ret_from_fork+0x116/0x1d0 [ 13.519798] ret_from_fork_asm+0x1a/0x30 [ 13.519994] [ 13.520099] Freed by task 213: [ 13.520304] kasan_save_stack+0x45/0x70 [ 13.520505] kasan_save_track+0x18/0x40 [ 13.520695] kasan_save_free_info+0x3f/0x60 [ 13.520901] __kasan_slab_free+0x56/0x70 [ 13.521077] kfree+0x222/0x3f0 [ 13.521229] ksize_uaf+0x12c/0x6c0 [ 13.521380] kunit_try_run_case+0x1a5/0x480 [ 13.521635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.521853] kthread+0x337/0x6f0 [ 13.522009] ret_from_fork+0x116/0x1d0 [ 13.522152] ret_from_fork_asm+0x1a/0x30 [ 13.522485] [ 13.522591] The buggy address belongs to the object at ffff8881025cc500 [ 13.522591] which belongs to the cache kmalloc-128 of size 128 [ 13.522991] The buggy address is located 0 bytes inside of [ 13.522991] freed 128-byte region [ffff8881025cc500, ffff8881025cc580) [ 13.523335] [ 13.523407] The buggy address belongs to the physical page: [ 13.523665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 13.524225] flags: 0x200000000000000(node=0|zone=2) [ 13.524394] page_type: f5(slab) [ 13.524754] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.525060] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.525475] page dumped because: kasan: bad access detected [ 13.525661] [ 13.525732] Memory state around the buggy address: [ 13.525887] ffff8881025cc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.526210] ffff8881025cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.526763] >ffff8881025cc500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.527087] ^ [ 13.527293] ffff8881025cc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.527600] ffff8881025cc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.527913] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 13.430787] ================================================================== [ 13.431260] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.431789] Read of size 1 at addr ffff8881025cc473 by task kunit_try_catch/211 [ 13.432096] [ 13.432205] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.432248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.432259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.432279] Call Trace: [ 13.432290] <TASK> [ 13.432306] dump_stack_lvl+0x73/0xb0 [ 13.432382] print_report+0xd1/0x610 [ 13.432406] ? __virt_addr_valid+0x1db/0x2d0 [ 13.432455] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.432479] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.432502] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.432527] kasan_report+0x141/0x180 [ 13.432567] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.432598] __asan_report_load1_noabort+0x18/0x20 [ 13.432634] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.432659] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.432682] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.432716] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.432747] kunit_try_run_case+0x1a5/0x480 [ 13.432774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.432797] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.432821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.432855] ? __kthread_parkme+0x82/0x180 [ 13.432877] ? preempt_count_sub+0x50/0x80 [ 13.432904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.432940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.432967] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.432994] kthread+0x337/0x6f0 [ 13.433014] ? trace_preempt_on+0x20/0xc0 [ 13.433047] ? __pfx_kthread+0x10/0x10 [ 13.433068] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.433090] ? calculate_sigpending+0x7b/0xa0 [ 13.433126] ? __pfx_kthread+0x10/0x10 [ 13.433149] ret_from_fork+0x116/0x1d0 [ 13.433168] ? __pfx_kthread+0x10/0x10 [ 13.433189] ret_from_fork_asm+0x1a/0x30 [ 13.433227] </TASK> [ 13.433239] [ 13.440842] Allocated by task 211: [ 13.441026] kasan_save_stack+0x45/0x70 [ 13.441202] kasan_save_track+0x18/0x40 [ 13.441343] kasan_save_alloc_info+0x3b/0x50 [ 13.441662] __kasan_kmalloc+0xb7/0xc0 [ 13.441858] __kmalloc_cache_noprof+0x189/0x420 [ 13.442079] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.442350] kunit_try_run_case+0x1a5/0x480 [ 13.442525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.442716] kthread+0x337/0x6f0 [ 13.442882] ret_from_fork+0x116/0x1d0 [ 13.443067] ret_from_fork_asm+0x1a/0x30 [ 13.443355] [ 13.443481] The buggy address belongs to the object at ffff8881025cc400 [ 13.443481] which belongs to the cache kmalloc-128 of size 128 [ 13.444008] The buggy address is located 0 bytes to the right of [ 13.444008] allocated 115-byte region [ffff8881025cc400, ffff8881025cc473) [ 13.444543] [ 13.444651] The buggy address belongs to the physical page: [ 13.444910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 13.445215] flags: 0x200000000000000(node=0|zone=2) [ 13.445447] page_type: f5(slab) [ 13.445731] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.446088] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.446480] page dumped because: kasan: bad access detected [ 13.446746] [ 13.446849] Memory state around the buggy address: [ 13.447074] ffff8881025cc300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.447475] ffff8881025cc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.447804] >ffff8881025cc400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.448028] ^ [ 13.448363] ffff8881025cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.448715] ffff8881025cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.448947] ================================================================== [ 13.451760] ================================================================== [ 13.452513] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.454522] Read of size 1 at addr ffff8881025cc478 by task kunit_try_catch/211 [ 13.455629] [ 13.455838] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.455883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.455895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.455915] Call Trace: [ 13.455928] <TASK> [ 13.455942] dump_stack_lvl+0x73/0xb0 [ 13.455998] print_report+0xd1/0x610 [ 13.456021] ? __virt_addr_valid+0x1db/0x2d0 [ 13.456052] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.456076] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.456099] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.456124] kasan_report+0x141/0x180 [ 13.456146] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.456177] __asan_report_load1_noabort+0x18/0x20 [ 13.456203] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.456448] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.456478] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.456514] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.456546] kunit_try_run_case+0x1a5/0x480 [ 13.456586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.456610] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.456634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.456660] ? __kthread_parkme+0x82/0x180 [ 13.456681] ? preempt_count_sub+0x50/0x80 [ 13.456708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.456733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.456758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.456784] kthread+0x337/0x6f0 [ 13.456803] ? trace_preempt_on+0x20/0xc0 [ 13.456826] ? __pfx_kthread+0x10/0x10 [ 13.456847] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.456869] ? calculate_sigpending+0x7b/0xa0 [ 13.456893] ? __pfx_kthread+0x10/0x10 [ 13.456915] ret_from_fork+0x116/0x1d0 [ 13.456934] ? __pfx_kthread+0x10/0x10 [ 13.456955] ret_from_fork_asm+0x1a/0x30 [ 13.456990] </TASK> [ 13.457000] [ 13.469893] Allocated by task 211: [ 13.470522] kasan_save_stack+0x45/0x70 [ 13.470753] kasan_save_track+0x18/0x40 [ 13.470933] kasan_save_alloc_info+0x3b/0x50 [ 13.471127] __kasan_kmalloc+0xb7/0xc0 [ 13.471831] __kmalloc_cache_noprof+0x189/0x420 [ 13.472350] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.472783] kunit_try_run_case+0x1a5/0x480 [ 13.473176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.473849] kthread+0x337/0x6f0 [ 13.474090] ret_from_fork+0x116/0x1d0 [ 13.474482] ret_from_fork_asm+0x1a/0x30 [ 13.474885] [ 13.474978] The buggy address belongs to the object at ffff8881025cc400 [ 13.474978] which belongs to the cache kmalloc-128 of size 128 [ 13.475866] The buggy address is located 5 bytes to the right of [ 13.475866] allocated 115-byte region [ffff8881025cc400, ffff8881025cc473) [ 13.477298] [ 13.477543] The buggy address belongs to the physical page: [ 13.477795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 13.478102] flags: 0x200000000000000(node=0|zone=2) [ 13.478316] page_type: f5(slab) [ 13.478807] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.479525] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.480014] page dumped because: kasan: bad access detected [ 13.480291] [ 13.480385] Memory state around the buggy address: [ 13.480999] ffff8881025cc300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.481451] ffff8881025cc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.481757] >ffff8881025cc400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.482049] ^ [ 13.482774] ffff8881025cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.483082] ffff8881025cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.483756] ================================================================== [ 13.484701] ================================================================== [ 13.485020] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.485831] Read of size 1 at addr ffff8881025cc47f by task kunit_try_catch/211 [ 13.486395] [ 13.486657] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.486800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.486813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.486834] Call Trace: [ 13.486850] <TASK> [ 13.486867] dump_stack_lvl+0x73/0xb0 [ 13.486897] print_report+0xd1/0x610 [ 13.486955] ? __virt_addr_valid+0x1db/0x2d0 [ 13.486979] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.487003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.487026] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.487050] kasan_report+0x141/0x180 [ 13.487073] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.487104] __asan_report_load1_noabort+0x18/0x20 [ 13.487129] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.487153] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.487179] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.487211] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.487307] kunit_try_run_case+0x1a5/0x480 [ 13.487335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.487357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.487383] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.487428] ? __kthread_parkme+0x82/0x180 [ 13.487449] ? preempt_count_sub+0x50/0x80 [ 13.487474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.487499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.487524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.487559] kthread+0x337/0x6f0 [ 13.487578] ? trace_preempt_on+0x20/0xc0 [ 13.487603] ? __pfx_kthread+0x10/0x10 [ 13.487624] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.487646] ? calculate_sigpending+0x7b/0xa0 [ 13.487670] ? __pfx_kthread+0x10/0x10 [ 13.487693] ret_from_fork+0x116/0x1d0 [ 13.487712] ? __pfx_kthread+0x10/0x10 [ 13.487733] ret_from_fork_asm+0x1a/0x30 [ 13.487769] </TASK> [ 13.487779] [ 13.495035] Allocated by task 211: [ 13.495164] kasan_save_stack+0x45/0x70 [ 13.495405] kasan_save_track+0x18/0x40 [ 13.495733] kasan_save_alloc_info+0x3b/0x50 [ 13.495954] __kasan_kmalloc+0xb7/0xc0 [ 13.496090] __kmalloc_cache_noprof+0x189/0x420 [ 13.496475] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.496730] kunit_try_run_case+0x1a5/0x480 [ 13.496941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.497145] kthread+0x337/0x6f0 [ 13.497435] ret_from_fork+0x116/0x1d0 [ 13.497630] ret_from_fork_asm+0x1a/0x30 [ 13.497771] [ 13.497841] The buggy address belongs to the object at ffff8881025cc400 [ 13.497841] which belongs to the cache kmalloc-128 of size 128 [ 13.498272] The buggy address is located 12 bytes to the right of [ 13.498272] allocated 115-byte region [ffff8881025cc400, ffff8881025cc473) [ 13.498793] [ 13.499016] The buggy address belongs to the physical page: [ 13.499221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 13.499609] flags: 0x200000000000000(node=0|zone=2) [ 13.499843] page_type: f5(slab) [ 13.499967] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.500203] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.500736] page dumped because: kasan: bad access detected [ 13.501106] [ 13.501182] Memory state around the buggy address: [ 13.501369] ffff8881025cc300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.501590] ffff8881025cc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.501869] >ffff8881025cc400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.502183] ^ [ 13.503029] ffff8881025cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.503412] ffff8881025cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.503684] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 13.399224] ================================================================== [ 13.399866] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 13.400190] Free of addr ffff888101679d80 by task kunit_try_catch/209 [ 13.400436] [ 13.400735] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.400783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.400794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.400815] Call Trace: [ 13.400830] <TASK> [ 13.400844] dump_stack_lvl+0x73/0xb0 [ 13.400873] print_report+0xd1/0x610 [ 13.400895] ? __virt_addr_valid+0x1db/0x2d0 [ 13.400917] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.400940] ? kfree_sensitive+0x2e/0x90 [ 13.400961] kasan_report_invalid_free+0x10a/0x130 [ 13.400986] ? kfree_sensitive+0x2e/0x90 [ 13.401008] ? kfree_sensitive+0x2e/0x90 [ 13.401028] check_slab_allocation+0x101/0x130 [ 13.401050] __kasan_slab_pre_free+0x28/0x40 [ 13.401071] kfree+0xf0/0x3f0 [ 13.401092] ? kfree_sensitive+0x2e/0x90 [ 13.401114] kfree_sensitive+0x2e/0x90 [ 13.401134] kmalloc_double_kzfree+0x19c/0x350 [ 13.401157] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.401184] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.401213] kunit_try_run_case+0x1a5/0x480 [ 13.401237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.401260] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.401284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.401308] ? __kthread_parkme+0x82/0x180 [ 13.401328] ? preempt_count_sub+0x50/0x80 [ 13.401351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.401375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.401399] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.401425] kthread+0x337/0x6f0 [ 13.401443] ? trace_preempt_on+0x20/0xc0 [ 13.401466] ? __pfx_kthread+0x10/0x10 [ 13.401487] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.401508] ? calculate_sigpending+0x7b/0xa0 [ 13.401532] ? __pfx_kthread+0x10/0x10 [ 13.401567] ret_from_fork+0x116/0x1d0 [ 13.401587] ? __pfx_kthread+0x10/0x10 [ 13.401607] ret_from_fork_asm+0x1a/0x30 [ 13.401637] </TASK> [ 13.401647] [ 13.409675] Allocated by task 209: [ 13.409880] kasan_save_stack+0x45/0x70 [ 13.410086] kasan_save_track+0x18/0x40 [ 13.410279] kasan_save_alloc_info+0x3b/0x50 [ 13.410813] __kasan_kmalloc+0xb7/0xc0 [ 13.411581] __kmalloc_cache_noprof+0x189/0x420 [ 13.412116] kmalloc_double_kzfree+0xa9/0x350 [ 13.412674] kunit_try_run_case+0x1a5/0x480 [ 13.412891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.413117] kthread+0x337/0x6f0 [ 13.413494] ret_from_fork+0x116/0x1d0 [ 13.413953] ret_from_fork_asm+0x1a/0x30 [ 13.414584] [ 13.414834] Freed by task 209: [ 13.415130] kasan_save_stack+0x45/0x70 [ 13.415597] kasan_save_track+0x18/0x40 [ 13.415994] kasan_save_free_info+0x3f/0x60 [ 13.416218] __kasan_slab_free+0x56/0x70 [ 13.416521] kfree+0x222/0x3f0 [ 13.416681] kfree_sensitive+0x67/0x90 [ 13.416849] kmalloc_double_kzfree+0x12b/0x350 [ 13.417045] kunit_try_run_case+0x1a5/0x480 [ 13.417229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.417795] kthread+0x337/0x6f0 [ 13.417953] ret_from_fork+0x116/0x1d0 [ 13.418126] ret_from_fork_asm+0x1a/0x30 [ 13.418718] [ 13.418825] The buggy address belongs to the object at ffff888101679d80 [ 13.418825] which belongs to the cache kmalloc-16 of size 16 [ 13.419803] The buggy address is located 0 bytes inside of [ 13.419803] 16-byte region [ffff888101679d80, ffff888101679d90) [ 13.420562] [ 13.420666] The buggy address belongs to the physical page: [ 13.420881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 13.421218] flags: 0x200000000000000(node=0|zone=2) [ 13.421789] page_type: f5(slab) [ 13.421951] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.422435] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.422762] page dumped because: kasan: bad access detected [ 13.422994] [ 13.423082] Memory state around the buggy address: [ 13.423339] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 13.424042] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.425110] >ffff888101679d80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.425491] ^ [ 13.425663] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.425956] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.426419] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 13.376490] ================================================================== [ 13.377058] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 13.377441] Read of size 1 at addr ffff888101679d80 by task kunit_try_catch/209 [ 13.377745] [ 13.377863] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.377907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.377918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.377938] Call Trace: [ 13.377950] <TASK> [ 13.377965] dump_stack_lvl+0x73/0xb0 [ 13.377995] print_report+0xd1/0x610 [ 13.378017] ? __virt_addr_valid+0x1db/0x2d0 [ 13.378040] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.378063] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.378086] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.378110] kasan_report+0x141/0x180 [ 13.378132] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.378158] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.378182] __kasan_check_byte+0x3d/0x50 [ 13.378204] kfree_sensitive+0x22/0x90 [ 13.378227] kmalloc_double_kzfree+0x19c/0x350 [ 13.378250] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.378277] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.378306] kunit_try_run_case+0x1a5/0x480 [ 13.378344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.378367] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.378392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.378428] ? __kthread_parkme+0x82/0x180 [ 13.378449] ? preempt_count_sub+0x50/0x80 [ 13.378473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.378497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.378522] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.378547] kthread+0x337/0x6f0 [ 13.378583] ? trace_preempt_on+0x20/0xc0 [ 13.378607] ? __pfx_kthread+0x10/0x10 [ 13.378627] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.378649] ? calculate_sigpending+0x7b/0xa0 [ 13.378684] ? __pfx_kthread+0x10/0x10 [ 13.378705] ret_from_fork+0x116/0x1d0 [ 13.378724] ? __pfx_kthread+0x10/0x10 [ 13.378745] ret_from_fork_asm+0x1a/0x30 [ 13.378778] </TASK> [ 13.378788] [ 13.386898] Allocated by task 209: [ 13.387083] kasan_save_stack+0x45/0x70 [ 13.387497] kasan_save_track+0x18/0x40 [ 13.387653] kasan_save_alloc_info+0x3b/0x50 [ 13.387836] __kasan_kmalloc+0xb7/0xc0 [ 13.388023] __kmalloc_cache_noprof+0x189/0x420 [ 13.388455] kmalloc_double_kzfree+0xa9/0x350 [ 13.388712] kunit_try_run_case+0x1a5/0x480 [ 13.388921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.389172] kthread+0x337/0x6f0 [ 13.389489] ret_from_fork+0x116/0x1d0 [ 13.389682] ret_from_fork_asm+0x1a/0x30 [ 13.389867] [ 13.389938] Freed by task 209: [ 13.390054] kasan_save_stack+0x45/0x70 [ 13.390266] kasan_save_track+0x18/0x40 [ 13.390538] kasan_save_free_info+0x3f/0x60 [ 13.390772] __kasan_slab_free+0x56/0x70 [ 13.390956] kfree+0x222/0x3f0 [ 13.391116] kfree_sensitive+0x67/0x90 [ 13.391336] kmalloc_double_kzfree+0x12b/0x350 [ 13.391681] kunit_try_run_case+0x1a5/0x480 [ 13.391893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.392149] kthread+0x337/0x6f0 [ 13.392518] ret_from_fork+0x116/0x1d0 [ 13.392740] ret_from_fork_asm+0x1a/0x30 [ 13.392939] [ 13.393044] The buggy address belongs to the object at ffff888101679d80 [ 13.393044] which belongs to the cache kmalloc-16 of size 16 [ 13.393425] The buggy address is located 0 bytes inside of [ 13.393425] freed 16-byte region [ffff888101679d80, ffff888101679d90) [ 13.393839] [ 13.394094] The buggy address belongs to the physical page: [ 13.394353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 13.394808] flags: 0x200000000000000(node=0|zone=2) [ 13.394981] page_type: f5(slab) [ 13.395102] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.395681] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.396058] page dumped because: kasan: bad access detected [ 13.396573] [ 13.396660] Memory state around the buggy address: [ 13.396872] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 13.397148] ffff888101679d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.397637] >ffff888101679d80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.397857] ^ [ 13.397974] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.398315] ffff888101679e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.398641] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 13.348540] ================================================================== [ 13.348995] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 13.349266] Read of size 1 at addr ffff8881025cf3a8 by task kunit_try_catch/205 [ 13.349652] [ 13.349779] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.349822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.350262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.350282] Call Trace: [ 13.350294] <TASK> [ 13.350309] dump_stack_lvl+0x73/0xb0 [ 13.350338] print_report+0xd1/0x610 [ 13.350361] ? __virt_addr_valid+0x1db/0x2d0 [ 13.350384] ? kmalloc_uaf2+0x4a8/0x520 [ 13.350403] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.350427] ? kmalloc_uaf2+0x4a8/0x520 [ 13.350447] kasan_report+0x141/0x180 [ 13.350468] ? kmalloc_uaf2+0x4a8/0x520 [ 13.350493] __asan_report_load1_noabort+0x18/0x20 [ 13.350527] kmalloc_uaf2+0x4a8/0x520 [ 13.350547] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 13.350585] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.350616] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 13.350640] kunit_try_run_case+0x1a5/0x480 [ 13.350666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.350689] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.350713] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.350737] ? __kthread_parkme+0x82/0x180 [ 13.350758] ? preempt_count_sub+0x50/0x80 [ 13.350783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.350807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.350832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.350857] kthread+0x337/0x6f0 [ 13.350876] ? trace_preempt_on+0x20/0xc0 [ 13.350899] ? __pfx_kthread+0x10/0x10 [ 13.350919] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.350941] ? calculate_sigpending+0x7b/0xa0 [ 13.350967] ? __pfx_kthread+0x10/0x10 [ 13.350988] ret_from_fork+0x116/0x1d0 [ 13.351006] ? __pfx_kthread+0x10/0x10 [ 13.351027] ret_from_fork_asm+0x1a/0x30 [ 13.351058] </TASK> [ 13.351068] [ 13.358534] Allocated by task 205: [ 13.358794] kasan_save_stack+0x45/0x70 [ 13.358988] kasan_save_track+0x18/0x40 [ 13.359196] kasan_save_alloc_info+0x3b/0x50 [ 13.359660] __kasan_kmalloc+0xb7/0xc0 [ 13.359854] __kmalloc_cache_noprof+0x189/0x420 [ 13.360084] kmalloc_uaf2+0xc6/0x520 [ 13.360310] kunit_try_run_case+0x1a5/0x480 [ 13.360536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.360770] kthread+0x337/0x6f0 [ 13.360892] ret_from_fork+0x116/0x1d0 [ 13.361101] ret_from_fork_asm+0x1a/0x30 [ 13.361296] [ 13.361391] Freed by task 205: [ 13.361681] kasan_save_stack+0x45/0x70 [ 13.361826] kasan_save_track+0x18/0x40 [ 13.361962] kasan_save_free_info+0x3f/0x60 [ 13.362109] __kasan_slab_free+0x56/0x70 [ 13.362294] kfree+0x222/0x3f0 [ 13.362453] kmalloc_uaf2+0x14c/0x520 [ 13.362672] kunit_try_run_case+0x1a5/0x480 [ 13.362879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.363256] kthread+0x337/0x6f0 [ 13.363441] ret_from_fork+0x116/0x1d0 [ 13.363586] ret_from_fork_asm+0x1a/0x30 [ 13.363725] [ 13.363822] The buggy address belongs to the object at ffff8881025cf380 [ 13.363822] which belongs to the cache kmalloc-64 of size 64 [ 13.364568] The buggy address is located 40 bytes inside of [ 13.364568] freed 64-byte region [ffff8881025cf380, ffff8881025cf3c0) [ 13.365073] [ 13.365183] The buggy address belongs to the physical page: [ 13.365513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cf [ 13.365860] flags: 0x200000000000000(node=0|zone=2) [ 13.366093] page_type: f5(slab) [ 13.366232] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.366672] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.366984] page dumped because: kasan: bad access detected [ 13.367154] [ 13.367223] Memory state around the buggy address: [ 13.367378] ffff8881025cf280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.367785] ffff8881025cf300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.368111] >ffff8881025cf380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.368520] ^ [ 13.368683] ffff8881025cf400: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 13.368899] ffff8881025cf480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.369183] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 13.318633] ================================================================== [ 13.319079] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 13.319857] Write of size 33 at addr ffff888102a13100 by task kunit_try_catch/203 [ 13.320191] [ 13.320330] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.320374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.320386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.320407] Call Trace: [ 13.320420] <TASK> [ 13.320436] dump_stack_lvl+0x73/0xb0 [ 13.320467] print_report+0xd1/0x610 [ 13.320500] ? __virt_addr_valid+0x1db/0x2d0 [ 13.320524] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.320612] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.320642] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.320664] kasan_report+0x141/0x180 [ 13.320700] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.320727] kasan_check_range+0x10c/0x1c0 [ 13.320751] __asan_memset+0x27/0x50 [ 13.320781] kmalloc_uaf_memset+0x1a3/0x360 [ 13.320803] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 13.320826] ? __schedule+0x10cc/0x2b60 [ 13.320858] ? __pfx_read_tsc+0x10/0x10 [ 13.320880] ? ktime_get_ts64+0x86/0x230 [ 13.320904] kunit_try_run_case+0x1a5/0x480 [ 13.320941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.320965] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.320989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.321013] ? __kthread_parkme+0x82/0x180 [ 13.321034] ? preempt_count_sub+0x50/0x80 [ 13.321058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.321082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.321107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.321132] kthread+0x337/0x6f0 [ 13.321151] ? trace_preempt_on+0x20/0xc0 [ 13.321174] ? __pfx_kthread+0x10/0x10 [ 13.321195] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.321216] ? calculate_sigpending+0x7b/0xa0 [ 13.321285] ? __pfx_kthread+0x10/0x10 [ 13.321309] ret_from_fork+0x116/0x1d0 [ 13.321329] ? __pfx_kthread+0x10/0x10 [ 13.321349] ret_from_fork_asm+0x1a/0x30 [ 13.321381] </TASK> [ 13.321391] [ 13.329480] Allocated by task 203: [ 13.329678] kasan_save_stack+0x45/0x70 [ 13.329895] kasan_save_track+0x18/0x40 [ 13.330080] kasan_save_alloc_info+0x3b/0x50 [ 13.330471] __kasan_kmalloc+0xb7/0xc0 [ 13.330670] __kmalloc_cache_noprof+0x189/0x420 [ 13.330902] kmalloc_uaf_memset+0xa9/0x360 [ 13.331107] kunit_try_run_case+0x1a5/0x480 [ 13.331438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.331670] kthread+0x337/0x6f0 [ 13.331794] ret_from_fork+0x116/0x1d0 [ 13.331953] ret_from_fork_asm+0x1a/0x30 [ 13.332177] [ 13.332271] Freed by task 203: [ 13.332427] kasan_save_stack+0x45/0x70 [ 13.332825] kasan_save_track+0x18/0x40 [ 13.333020] kasan_save_free_info+0x3f/0x60 [ 13.333255] __kasan_slab_free+0x56/0x70 [ 13.333501] kfree+0x222/0x3f0 [ 13.333665] kmalloc_uaf_memset+0x12b/0x360 [ 13.333816] kunit_try_run_case+0x1a5/0x480 [ 13.334023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.334387] kthread+0x337/0x6f0 [ 13.334651] ret_from_fork+0x116/0x1d0 [ 13.334973] ret_from_fork_asm+0x1a/0x30 [ 13.335146] [ 13.335241] The buggy address belongs to the object at ffff888102a13100 [ 13.335241] which belongs to the cache kmalloc-64 of size 64 [ 13.335721] The buggy address is located 0 bytes inside of [ 13.335721] freed 64-byte region [ffff888102a13100, ffff888102a13140) [ 13.336171] [ 13.336261] The buggy address belongs to the physical page: [ 13.336489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13 [ 13.338005] flags: 0x200000000000000(node=0|zone=2) [ 13.338612] page_type: f5(slab) [ 13.339079] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.339663] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.340341] page dumped because: kasan: bad access detected [ 13.340787] [ 13.341040] Memory state around the buggy address: [ 13.341749] ffff888102a13000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.342160] ffff888102a13080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.343028] >ffff888102a13100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.343745] ^ [ 13.344215] ffff888102a13180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.344782] ffff888102a13200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.345084] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 13.293660] ================================================================== [ 13.294162] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 13.294814] Read of size 1 at addr ffff88810254a288 by task kunit_try_catch/201 [ 13.295142] [ 13.295240] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.295283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.295294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.295314] Call Trace: [ 13.295325] <TASK> [ 13.295338] dump_stack_lvl+0x73/0xb0 [ 13.295367] print_report+0xd1/0x610 [ 13.295389] ? __virt_addr_valid+0x1db/0x2d0 [ 13.295411] ? kmalloc_uaf+0x320/0x380 [ 13.295430] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.295453] ? kmalloc_uaf+0x320/0x380 [ 13.295518] kasan_report+0x141/0x180 [ 13.295541] ? kmalloc_uaf+0x320/0x380 [ 13.295620] __asan_report_load1_noabort+0x18/0x20 [ 13.295646] kmalloc_uaf+0x320/0x380 [ 13.295666] ? __pfx_kmalloc_uaf+0x10/0x10 [ 13.295686] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.295712] ? trace_hardirqs_on+0x37/0xe0 [ 13.295735] ? __pfx_read_tsc+0x10/0x10 [ 13.295755] ? ktime_get_ts64+0x86/0x230 [ 13.295778] kunit_try_run_case+0x1a5/0x480 [ 13.295802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.295827] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.295852] ? __kthread_parkme+0x82/0x180 [ 13.295872] ? preempt_count_sub+0x50/0x80 [ 13.295895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.295919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.295944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.295969] kthread+0x337/0x6f0 [ 13.295988] ? trace_preempt_on+0x20/0xc0 [ 13.296010] ? __pfx_kthread+0x10/0x10 [ 13.296030] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.296056] ? calculate_sigpending+0x7b/0xa0 [ 13.296080] ? __pfx_kthread+0x10/0x10 [ 13.296101] ret_from_fork+0x116/0x1d0 [ 13.296120] ? __pfx_kthread+0x10/0x10 [ 13.296140] ret_from_fork_asm+0x1a/0x30 [ 13.296171] </TASK> [ 13.296181] [ 13.303799] Allocated by task 201: [ 13.303998] kasan_save_stack+0x45/0x70 [ 13.304260] kasan_save_track+0x18/0x40 [ 13.304812] kasan_save_alloc_info+0x3b/0x50 [ 13.304985] __kasan_kmalloc+0xb7/0xc0 [ 13.305117] __kmalloc_cache_noprof+0x189/0x420 [ 13.305442] kmalloc_uaf+0xaa/0x380 [ 13.305625] kunit_try_run_case+0x1a5/0x480 [ 13.305862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.306098] kthread+0x337/0x6f0 [ 13.306223] ret_from_fork+0x116/0x1d0 [ 13.306459] ret_from_fork_asm+0x1a/0x30 [ 13.306669] [ 13.306782] Freed by task 201: [ 13.306936] kasan_save_stack+0x45/0x70 [ 13.307086] kasan_save_track+0x18/0x40 [ 13.307221] kasan_save_free_info+0x3f/0x60 [ 13.307615] __kasan_slab_free+0x56/0x70 [ 13.307813] kfree+0x222/0x3f0 [ 13.307962] kmalloc_uaf+0x12c/0x380 [ 13.308128] kunit_try_run_case+0x1a5/0x480 [ 13.308274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.308642] kthread+0x337/0x6f0 [ 13.308840] ret_from_fork+0x116/0x1d0 [ 13.309025] ret_from_fork_asm+0x1a/0x30 [ 13.309211] [ 13.309499] The buggy address belongs to the object at ffff88810254a280 [ 13.309499] which belongs to the cache kmalloc-16 of size 16 [ 13.310033] The buggy address is located 8 bytes inside of [ 13.310033] freed 16-byte region [ffff88810254a280, ffff88810254a290) [ 13.310661] [ 13.310762] The buggy address belongs to the physical page: [ 13.311015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10254a [ 13.311463] flags: 0x200000000000000(node=0|zone=2) [ 13.311649] page_type: f5(slab) [ 13.311770] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.312000] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.312358] page dumped because: kasan: bad access detected [ 13.312682] [ 13.312784] Memory state around the buggy address: [ 13.313004] ffff88810254a180: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.313341] ffff88810254a200: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.313707] >ffff88810254a280: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.314011] ^ [ 13.314134] ffff88810254a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.314354] ffff88810254a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.314577] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 13.269380] ================================================================== [ 13.269966] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.270584] Read of size 64 at addr ffff888102a0af84 by task kunit_try_catch/199 [ 13.271085] [ 13.271196] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.271242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.271253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.271275] Call Trace: [ 13.271286] <TASK> [ 13.271302] dump_stack_lvl+0x73/0xb0 [ 13.271336] print_report+0xd1/0x610 [ 13.271359] ? __virt_addr_valid+0x1db/0x2d0 [ 13.271383] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.271424] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.271460] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.271486] kasan_report+0x141/0x180 [ 13.271507] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.271559] kasan_check_range+0x10c/0x1c0 [ 13.271592] __asan_memmove+0x27/0x70 [ 13.271612] kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.271637] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 13.271675] ? __schedule+0x10cc/0x2b60 [ 13.271698] ? __pfx_read_tsc+0x10/0x10 [ 13.271720] ? ktime_get_ts64+0x86/0x230 [ 13.271746] kunit_try_run_case+0x1a5/0x480 [ 13.271781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.271804] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.271829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.271863] ? __kthread_parkme+0x82/0x180 [ 13.271884] ? preempt_count_sub+0x50/0x80 [ 13.271908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.271941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.271965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.271991] kthread+0x337/0x6f0 [ 13.272021] ? trace_preempt_on+0x20/0xc0 [ 13.272049] ? __pfx_kthread+0x10/0x10 [ 13.272070] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.272092] ? calculate_sigpending+0x7b/0xa0 [ 13.272118] ? __pfx_kthread+0x10/0x10 [ 13.272139] ret_from_fork+0x116/0x1d0 [ 13.272158] ? __pfx_kthread+0x10/0x10 [ 13.272178] ret_from_fork_asm+0x1a/0x30 [ 13.272209] </TASK> [ 13.272220] [ 13.280749] Allocated by task 199: [ 13.280882] kasan_save_stack+0x45/0x70 [ 13.281030] kasan_save_track+0x18/0x40 [ 13.281225] kasan_save_alloc_info+0x3b/0x50 [ 13.281701] __kasan_kmalloc+0xb7/0xc0 [ 13.281903] __kmalloc_cache_noprof+0x189/0x420 [ 13.282144] kmalloc_memmove_invalid_size+0xac/0x330 [ 13.282427] kunit_try_run_case+0x1a5/0x480 [ 13.282680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.282922] kthread+0x337/0x6f0 [ 13.283045] ret_from_fork+0x116/0x1d0 [ 13.283179] ret_from_fork_asm+0x1a/0x30 [ 13.283321] [ 13.283420] The buggy address belongs to the object at ffff888102a0af80 [ 13.283420] which belongs to the cache kmalloc-64 of size 64 [ 13.283972] The buggy address is located 4 bytes inside of [ 13.283972] allocated 64-byte region [ffff888102a0af80, ffff888102a0afc0) [ 13.284522] [ 13.284706] The buggy address belongs to the physical page: [ 13.284951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a0a [ 13.285406] flags: 0x200000000000000(node=0|zone=2) [ 13.285665] page_type: f5(slab) [ 13.285793] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.286091] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.286727] page dumped because: kasan: bad access detected [ 13.286907] [ 13.286977] Memory state around the buggy address: [ 13.287179] ffff888102a0ae80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 13.287522] ffff888102a0af00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.287792] >ffff888102a0af80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.288144] ^ [ 13.288652] ffff888102a0b000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.288962] ffff888102a0b080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.289212] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 13.243855] ================================================================== [ 13.244735] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 13.245096] Read of size 18446744073709551614 at addr ffff8881025cf084 by task kunit_try_catch/197 [ 13.245945] [ 13.246191] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.246348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.246363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.246396] Call Trace: [ 13.246408] <TASK> [ 13.246424] dump_stack_lvl+0x73/0xb0 [ 13.246492] print_report+0xd1/0x610 [ 13.246517] ? __virt_addr_valid+0x1db/0x2d0 [ 13.246560] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.246586] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.246609] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.246656] kasan_report+0x141/0x180 [ 13.246678] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.246709] kasan_check_range+0x10c/0x1c0 [ 13.246732] __asan_memmove+0x27/0x70 [ 13.246752] kmalloc_memmove_negative_size+0x171/0x330 [ 13.246778] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 13.246805] ? __schedule+0x10cc/0x2b60 [ 13.246826] ? __pfx_read_tsc+0x10/0x10 [ 13.246847] ? ktime_get_ts64+0x86/0x230 [ 13.246871] kunit_try_run_case+0x1a5/0x480 [ 13.246895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.246918] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.246941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.246964] ? __kthread_parkme+0x82/0x180 [ 13.246985] ? preempt_count_sub+0x50/0x80 [ 13.247008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.247032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.247057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.247082] kthread+0x337/0x6f0 [ 13.247100] ? trace_preempt_on+0x20/0xc0 [ 13.247123] ? __pfx_kthread+0x10/0x10 [ 13.247144] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.247165] ? calculate_sigpending+0x7b/0xa0 [ 13.247190] ? __pfx_kthread+0x10/0x10 [ 13.247211] ret_from_fork+0x116/0x1d0 [ 13.247230] ? __pfx_kthread+0x10/0x10 [ 13.247266] ret_from_fork_asm+0x1a/0x30 [ 13.247297] </TASK> [ 13.247309] [ 13.255634] Allocated by task 197: [ 13.255833] kasan_save_stack+0x45/0x70 [ 13.256028] kasan_save_track+0x18/0x40 [ 13.256220] kasan_save_alloc_info+0x3b/0x50 [ 13.256530] __kasan_kmalloc+0xb7/0xc0 [ 13.256725] __kmalloc_cache_noprof+0x189/0x420 [ 13.256954] kmalloc_memmove_negative_size+0xac/0x330 [ 13.257167] kunit_try_run_case+0x1a5/0x480 [ 13.257461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.257732] kthread+0x337/0x6f0 [ 13.257903] ret_from_fork+0x116/0x1d0 [ 13.258086] ret_from_fork_asm+0x1a/0x30 [ 13.258266] [ 13.258338] The buggy address belongs to the object at ffff8881025cf080 [ 13.258338] which belongs to the cache kmalloc-64 of size 64 [ 13.258698] The buggy address is located 4 bytes inside of [ 13.258698] 64-byte region [ffff8881025cf080, ffff8881025cf0c0) [ 13.259493] [ 13.259684] The buggy address belongs to the physical page: [ 13.259900] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cf [ 13.260154] flags: 0x200000000000000(node=0|zone=2) [ 13.260583] page_type: f5(slab) [ 13.260797] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.261181] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.261615] page dumped because: kasan: bad access detected [ 13.261792] [ 13.261860] Memory state around the buggy address: [ 13.262084] ffff8881025cef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.262592] ffff8881025cf000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.263043] >ffff8881025cf080: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.263497] ^ [ 13.263652] ffff8881025cf100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.264070] ffff8881025cf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.264289] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 13.219316] ================================================================== [ 13.219998] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 13.220353] Write of size 16 at addr ffff8881025cc369 by task kunit_try_catch/195 [ 13.220703] [ 13.220825] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.220871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.220884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.220905] Call Trace: [ 13.220920] <TASK> [ 13.220938] dump_stack_lvl+0x73/0xb0 [ 13.220972] print_report+0xd1/0x610 [ 13.220996] ? __virt_addr_valid+0x1db/0x2d0 [ 13.221028] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.221056] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.221088] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.221122] kasan_report+0x141/0x180 [ 13.221149] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.221184] kasan_check_range+0x10c/0x1c0 [ 13.221214] __asan_memset+0x27/0x50 [ 13.221245] kmalloc_oob_memset_16+0x166/0x330 [ 13.221280] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 13.221304] ? __schedule+0x10cc/0x2b60 [ 13.221326] ? __pfx_read_tsc+0x10/0x10 [ 13.221358] ? ktime_get_ts64+0x86/0x230 [ 13.221382] kunit_try_run_case+0x1a5/0x480 [ 13.221406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.221449] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.221473] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.221497] ? __kthread_parkme+0x82/0x180 [ 13.221529] ? preempt_count_sub+0x50/0x80 [ 13.221563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.221587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.221612] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.221637] kthread+0x337/0x6f0 [ 13.221656] ? trace_preempt_on+0x20/0xc0 [ 13.221679] ? __pfx_kthread+0x10/0x10 [ 13.221699] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.221721] ? calculate_sigpending+0x7b/0xa0 [ 13.221746] ? __pfx_kthread+0x10/0x10 [ 13.221767] ret_from_fork+0x116/0x1d0 [ 13.221785] ? __pfx_kthread+0x10/0x10 [ 13.221815] ret_from_fork_asm+0x1a/0x30 [ 13.221846] </TASK> [ 13.221857] [ 13.230524] Allocated by task 195: [ 13.230715] kasan_save_stack+0x45/0x70 [ 13.230899] kasan_save_track+0x18/0x40 [ 13.231036] kasan_save_alloc_info+0x3b/0x50 [ 13.231184] __kasan_kmalloc+0xb7/0xc0 [ 13.231515] __kmalloc_cache_noprof+0x189/0x420 [ 13.232032] kmalloc_oob_memset_16+0xac/0x330 [ 13.232210] kunit_try_run_case+0x1a5/0x480 [ 13.232358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.232534] kthread+0x337/0x6f0 [ 13.232663] ret_from_fork+0x116/0x1d0 [ 13.233010] ret_from_fork_asm+0x1a/0x30 [ 13.233428] [ 13.233601] The buggy address belongs to the object at ffff8881025cc300 [ 13.233601] which belongs to the cache kmalloc-128 of size 128 [ 13.234099] The buggy address is located 105 bytes inside of [ 13.234099] allocated 120-byte region [ffff8881025cc300, ffff8881025cc378) [ 13.234860] [ 13.234994] The buggy address belongs to the physical page: [ 13.235323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 13.235644] flags: 0x200000000000000(node=0|zone=2) [ 13.235848] page_type: f5(slab) [ 13.236024] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.236446] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.236777] page dumped because: kasan: bad access detected [ 13.236949] [ 13.237016] Memory state around the buggy address: [ 13.237168] ffff8881025cc200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.237602] ffff8881025cc280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.237939] >ffff8881025cc300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.238246] ^ [ 13.238717] ffff8881025cc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.238937] ffff8881025cc400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.239149] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 13.193621] ================================================================== [ 13.194316] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 13.194686] Write of size 8 at addr ffff888102a04871 by task kunit_try_catch/193 [ 13.195023] [ 13.195788] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.195838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.195850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.195872] Call Trace: [ 13.195885] <TASK> [ 13.195901] dump_stack_lvl+0x73/0xb0 [ 13.196548] print_report+0xd1/0x610 [ 13.196589] ? __virt_addr_valid+0x1db/0x2d0 [ 13.196613] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.196635] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.196659] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.196682] kasan_report+0x141/0x180 [ 13.196704] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.196731] kasan_check_range+0x10c/0x1c0 [ 13.196756] __asan_memset+0x27/0x50 [ 13.196776] kmalloc_oob_memset_8+0x166/0x330 [ 13.196798] ? __kasan_check_write+0x18/0x20 [ 13.196818] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 13.196841] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.196868] ? trace_hardirqs_on+0x37/0xe0 [ 13.196892] ? __pfx_read_tsc+0x10/0x10 [ 13.196914] ? ktime_get_ts64+0x86/0x230 [ 13.196939] kunit_try_run_case+0x1a5/0x480 [ 13.196965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.196991] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.197016] ? __kthread_parkme+0x82/0x180 [ 13.197038] ? preempt_count_sub+0x50/0x80 [ 13.197063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.197088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.197113] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.197139] kthread+0x337/0x6f0 [ 13.197158] ? trace_preempt_on+0x20/0xc0 [ 13.197180] ? __pfx_kthread+0x10/0x10 [ 13.197201] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.197895] ? calculate_sigpending+0x7b/0xa0 [ 13.197934] ? __pfx_kthread+0x10/0x10 [ 13.197956] ret_from_fork+0x116/0x1d0 [ 13.197978] ? __pfx_kthread+0x10/0x10 [ 13.197999] ret_from_fork_asm+0x1a/0x30 [ 13.198031] </TASK> [ 13.198043] [ 13.206828] Allocated by task 193: [ 13.207036] kasan_save_stack+0x45/0x70 [ 13.207386] kasan_save_track+0x18/0x40 [ 13.207628] kasan_save_alloc_info+0x3b/0x50 [ 13.207840] __kasan_kmalloc+0xb7/0xc0 [ 13.208048] __kmalloc_cache_noprof+0x189/0x420 [ 13.208269] kmalloc_oob_memset_8+0xac/0x330 [ 13.208623] kunit_try_run_case+0x1a5/0x480 [ 13.208843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.209058] kthread+0x337/0x6f0 [ 13.209183] ret_from_fork+0x116/0x1d0 [ 13.209495] ret_from_fork_asm+0x1a/0x30 [ 13.209712] [ 13.209811] The buggy address belongs to the object at ffff888102a04800 [ 13.209811] which belongs to the cache kmalloc-128 of size 128 [ 13.210385] The buggy address is located 113 bytes inside of [ 13.210385] allocated 120-byte region [ffff888102a04800, ffff888102a04878) [ 13.210896] [ 13.210994] The buggy address belongs to the physical page: [ 13.211428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04 [ 13.211783] flags: 0x200000000000000(node=0|zone=2) [ 13.212023] page_type: f5(slab) [ 13.212182] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.212578] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.212929] page dumped because: kasan: bad access detected [ 13.213179] [ 13.213361] Memory state around the buggy address: [ 13.213570] ffff888102a04700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.213891] ffff888102a04780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.214118] >ffff888102a04800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.214541] ^ [ 13.214891] ffff888102a04880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.215436] ffff888102a04900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.215832] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 13.167950] ================================================================== [ 13.168520] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 13.168848] Write of size 4 at addr ffff8881025cc275 by task kunit_try_catch/191 [ 13.169142] [ 13.169271] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.169314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.169325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.169346] Call Trace: [ 13.169358] <TASK> [ 13.169374] dump_stack_lvl+0x73/0xb0 [ 13.169405] print_report+0xd1/0x610 [ 13.169448] ? __virt_addr_valid+0x1db/0x2d0 [ 13.169474] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.169497] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.169532] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.169566] kasan_report+0x141/0x180 [ 13.169588] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.169616] kasan_check_range+0x10c/0x1c0 [ 13.169648] __asan_memset+0x27/0x50 [ 13.169668] kmalloc_oob_memset_4+0x166/0x330 [ 13.169690] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 13.169725] ? __schedule+0x10cc/0x2b60 [ 13.169747] ? __pfx_read_tsc+0x10/0x10 [ 13.169767] ? ktime_get_ts64+0x86/0x230 [ 13.169791] kunit_try_run_case+0x1a5/0x480 [ 13.169815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.169839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.169862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.169886] ? __kthread_parkme+0x82/0x180 [ 13.169907] ? preempt_count_sub+0x50/0x80 [ 13.169931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.169964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.169989] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.170014] kthread+0x337/0x6f0 [ 13.170044] ? trace_preempt_on+0x20/0xc0 [ 13.170067] ? __pfx_kthread+0x10/0x10 [ 13.170088] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.170109] ? calculate_sigpending+0x7b/0xa0 [ 13.170133] ? __pfx_kthread+0x10/0x10 [ 13.170154] ret_from_fork+0x116/0x1d0 [ 13.170172] ? __pfx_kthread+0x10/0x10 [ 13.170193] ret_from_fork_asm+0x1a/0x30 [ 13.170223] </TASK> [ 13.170232] [ 13.178149] Allocated by task 191: [ 13.178356] kasan_save_stack+0x45/0x70 [ 13.178596] kasan_save_track+0x18/0x40 [ 13.178742] kasan_save_alloc_info+0x3b/0x50 [ 13.178952] __kasan_kmalloc+0xb7/0xc0 [ 13.179164] __kmalloc_cache_noprof+0x189/0x420 [ 13.179395] kmalloc_oob_memset_4+0xac/0x330 [ 13.179580] kunit_try_run_case+0x1a5/0x480 [ 13.179729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.179942] kthread+0x337/0x6f0 [ 13.180125] ret_from_fork+0x116/0x1d0 [ 13.180310] ret_from_fork_asm+0x1a/0x30 [ 13.180503] [ 13.180606] The buggy address belongs to the object at ffff8881025cc200 [ 13.180606] which belongs to the cache kmalloc-128 of size 128 [ 13.180996] The buggy address is located 117 bytes inside of [ 13.180996] allocated 120-byte region [ffff8881025cc200, ffff8881025cc278) [ 13.181706] [ 13.181829] The buggy address belongs to the physical page: [ 13.182038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 13.182331] flags: 0x200000000000000(node=0|zone=2) [ 13.182494] page_type: f5(slab) [ 13.182626] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.182963] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.183307] page dumped because: kasan: bad access detected [ 13.183559] [ 13.183677] Memory state around the buggy address: [ 13.183897] ffff8881025cc100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.184139] ffff8881025cc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.184365] >ffff8881025cc200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.185003] ^ [ 13.185322] ffff8881025cc280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.185702] ffff8881025cc300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.186002] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 13.144547] ================================================================== [ 13.145055] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 13.145391] Write of size 2 at addr ffff8881025cc177 by task kunit_try_catch/189 [ 13.145956] [ 13.146076] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.146162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.146187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.146208] Call Trace: [ 13.146220] <TASK> [ 13.146234] dump_stack_lvl+0x73/0xb0 [ 13.146410] print_report+0xd1/0x610 [ 13.146433] ? __virt_addr_valid+0x1db/0x2d0 [ 13.146456] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.146478] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.146501] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.146524] kasan_report+0x141/0x180 [ 13.146628] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.146667] kasan_check_range+0x10c/0x1c0 [ 13.146691] __asan_memset+0x27/0x50 [ 13.146710] kmalloc_oob_memset_2+0x166/0x330 [ 13.146732] ? __kasan_check_write+0x18/0x20 [ 13.146752] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 13.146774] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.146801] ? trace_hardirqs_on+0x37/0xe0 [ 13.146824] ? __pfx_read_tsc+0x10/0x10 [ 13.146845] ? ktime_get_ts64+0x86/0x230 [ 13.146870] kunit_try_run_case+0x1a5/0x480 [ 13.146894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.146919] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.146944] ? __kthread_parkme+0x82/0x180 [ 13.146964] ? preempt_count_sub+0x50/0x80 [ 13.146987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.147011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.147036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.147061] kthread+0x337/0x6f0 [ 13.147080] ? trace_preempt_on+0x20/0xc0 [ 13.147101] ? __pfx_kthread+0x10/0x10 [ 13.147122] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.147143] ? calculate_sigpending+0x7b/0xa0 [ 13.147168] ? __pfx_kthread+0x10/0x10 [ 13.147189] ret_from_fork+0x116/0x1d0 [ 13.147208] ? __pfx_kthread+0x10/0x10 [ 13.147228] ret_from_fork_asm+0x1a/0x30 [ 13.147398] </TASK> [ 13.147411] [ 13.155285] Allocated by task 189: [ 13.155503] kasan_save_stack+0x45/0x70 [ 13.155792] kasan_save_track+0x18/0x40 [ 13.156041] kasan_save_alloc_info+0x3b/0x50 [ 13.156218] __kasan_kmalloc+0xb7/0xc0 [ 13.156708] __kmalloc_cache_noprof+0x189/0x420 [ 13.156933] kmalloc_oob_memset_2+0xac/0x330 [ 13.157080] kunit_try_run_case+0x1a5/0x480 [ 13.157226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.157447] kthread+0x337/0x6f0 [ 13.157691] ret_from_fork+0x116/0x1d0 [ 13.158053] ret_from_fork_asm+0x1a/0x30 [ 13.158291] [ 13.158394] The buggy address belongs to the object at ffff8881025cc100 [ 13.158394] which belongs to the cache kmalloc-128 of size 128 [ 13.158917] The buggy address is located 119 bytes inside of [ 13.158917] allocated 120-byte region [ffff8881025cc100, ffff8881025cc178) [ 13.159604] [ 13.159718] The buggy address belongs to the physical page: [ 13.159972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 13.160428] flags: 0x200000000000000(node=0|zone=2) [ 13.160668] page_type: f5(slab) [ 13.160839] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.161141] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.161624] page dumped because: kasan: bad access detected [ 13.161869] [ 13.161940] Memory state around the buggy address: [ 13.162148] ffff8881025cc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.162575] ffff8881025cc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.162897] >ffff8881025cc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.163117] ^ [ 13.163330] ffff8881025cc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.163814] ffff8881025cc200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.164135] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 13.116606] ================================================================== [ 13.117866] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 13.118633] Write of size 128 at addr ffff8881025cc000 by task kunit_try_catch/187 [ 13.119201] [ 13.119403] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.119463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.119474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.119495] Call Trace: [ 13.119508] <TASK> [ 13.119524] dump_stack_lvl+0x73/0xb0 [ 13.119582] print_report+0xd1/0x610 [ 13.119615] ? __virt_addr_valid+0x1db/0x2d0 [ 13.119639] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.119661] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.119685] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.119707] kasan_report+0x141/0x180 [ 13.119729] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.119756] kasan_check_range+0x10c/0x1c0 [ 13.119780] __asan_memset+0x27/0x50 [ 13.119799] kmalloc_oob_in_memset+0x15f/0x320 [ 13.119822] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 13.119848] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 13.119876] kunit_try_run_case+0x1a5/0x480 [ 13.119901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.119924] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.119948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.119972] ? __kthread_parkme+0x82/0x180 [ 13.119993] ? preempt_count_sub+0x50/0x80 [ 13.120017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.120041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.120070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.120096] kthread+0x337/0x6f0 [ 13.120114] ? trace_preempt_on+0x20/0xc0 [ 13.120137] ? __pfx_kthread+0x10/0x10 [ 13.120158] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.120179] ? calculate_sigpending+0x7b/0xa0 [ 13.120203] ? __pfx_kthread+0x10/0x10 [ 13.120225] ret_from_fork+0x116/0x1d0 [ 13.120260] ? __pfx_kthread+0x10/0x10 [ 13.120281] ret_from_fork_asm+0x1a/0x30 [ 13.120311] </TASK> [ 13.120322] [ 13.130339] Allocated by task 187: [ 13.130677] kasan_save_stack+0x45/0x70 [ 13.130874] kasan_save_track+0x18/0x40 [ 13.131069] kasan_save_alloc_info+0x3b/0x50 [ 13.131343] __kasan_kmalloc+0xb7/0xc0 [ 13.131524] __kmalloc_cache_noprof+0x189/0x420 [ 13.131695] kmalloc_oob_in_memset+0xac/0x320 [ 13.131845] kunit_try_run_case+0x1a5/0x480 [ 13.132070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.132331] kthread+0x337/0x6f0 [ 13.132499] ret_from_fork+0x116/0x1d0 [ 13.132852] ret_from_fork_asm+0x1a/0x30 [ 13.133001] [ 13.133094] The buggy address belongs to the object at ffff8881025cc000 [ 13.133094] which belongs to the cache kmalloc-128 of size 128 [ 13.133839] The buggy address is located 0 bytes inside of [ 13.133839] allocated 120-byte region [ffff8881025cc000, ffff8881025cc078) [ 13.134861] [ 13.134955] The buggy address belongs to the physical page: [ 13.135227] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025cc [ 13.135649] flags: 0x200000000000000(node=0|zone=2) [ 13.135897] page_type: f5(slab) [ 13.136040] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.136298] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.136664] page dumped because: kasan: bad access detected [ 13.136854] [ 13.136924] Memory state around the buggy address: [ 13.137355] ffff8881025cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.137727] ffff8881025cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.138017] >ffff8881025cc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.138332] ^ [ 13.138700] ffff8881025cc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.138933] ffff8881025cc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.139169] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 13.092158] ================================================================== [ 13.092574] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 13.092804] Read of size 16 at addr ffff888101679d60 by task kunit_try_catch/185 [ 13.093029] [ 13.093110] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.093151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.093162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.093181] Call Trace: [ 13.093193] <TASK> [ 13.093208] dump_stack_lvl+0x73/0xb0 [ 13.093234] print_report+0xd1/0x610 [ 13.093255] ? __virt_addr_valid+0x1db/0x2d0 [ 13.093278] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.093297] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.093318] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.093338] kasan_report+0x141/0x180 [ 13.093359] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.093384] __asan_report_load16_noabort+0x18/0x20 [ 13.093409] kmalloc_uaf_16+0x47b/0x4c0 [ 13.093429] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 13.093450] ? __schedule+0x10cc/0x2b60 [ 13.093470] ? __pfx_read_tsc+0x10/0x10 [ 13.093490] ? ktime_get_ts64+0x86/0x230 [ 13.093512] kunit_try_run_case+0x1a5/0x480 [ 13.093536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.093603] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.093628] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.093652] ? __kthread_parkme+0x82/0x180 [ 13.093672] ? preempt_count_sub+0x50/0x80 [ 13.093696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.093720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.093745] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.093771] kthread+0x337/0x6f0 [ 13.093790] ? trace_preempt_on+0x20/0xc0 [ 13.093814] ? __pfx_kthread+0x10/0x10 [ 13.093834] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.094103] ? calculate_sigpending+0x7b/0xa0 [ 13.094132] ? __pfx_kthread+0x10/0x10 [ 13.094154] ret_from_fork+0x116/0x1d0 [ 13.094175] ? __pfx_kthread+0x10/0x10 [ 13.094195] ret_from_fork_asm+0x1a/0x30 [ 13.094436] </TASK> [ 13.094453] [ 13.101803] Allocated by task 185: [ 13.101967] kasan_save_stack+0x45/0x70 [ 13.102223] kasan_save_track+0x18/0x40 [ 13.102460] kasan_save_alloc_info+0x3b/0x50 [ 13.102690] __kasan_kmalloc+0xb7/0xc0 [ 13.102876] __kmalloc_cache_noprof+0x189/0x420 [ 13.103115] kmalloc_uaf_16+0x15b/0x4c0 [ 13.103337] kunit_try_run_case+0x1a5/0x480 [ 13.103566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.103817] kthread+0x337/0x6f0 [ 13.103982] ret_from_fork+0x116/0x1d0 [ 13.104165] ret_from_fork_asm+0x1a/0x30 [ 13.104409] [ 13.104527] Freed by task 185: [ 13.104655] kasan_save_stack+0x45/0x70 [ 13.104865] kasan_save_track+0x18/0x40 [ 13.105059] kasan_save_free_info+0x3f/0x60 [ 13.105245] __kasan_slab_free+0x56/0x70 [ 13.105587] kfree+0x222/0x3f0 [ 13.105752] kmalloc_uaf_16+0x1d6/0x4c0 [ 13.105936] kunit_try_run_case+0x1a5/0x480 [ 13.106121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.106455] kthread+0x337/0x6f0 [ 13.106654] ret_from_fork+0x116/0x1d0 [ 13.106812] ret_from_fork_asm+0x1a/0x30 [ 13.107028] [ 13.107114] The buggy address belongs to the object at ffff888101679d60 [ 13.107114] which belongs to the cache kmalloc-16 of size 16 [ 13.107746] The buggy address is located 0 bytes inside of [ 13.107746] freed 16-byte region [ffff888101679d60, ffff888101679d70) [ 13.108322] [ 13.108448] The buggy address belongs to the physical page: [ 13.108718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 13.109084] flags: 0x200000000000000(node=0|zone=2) [ 13.109312] page_type: f5(slab) [ 13.109502] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.109881] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.110208] page dumped because: kasan: bad access detected [ 13.110373] [ 13.110464] Memory state around the buggy address: [ 13.110620] ffff888101679c00: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.110827] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 13.111162] >ffff888101679d00: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 13.111720] ^ [ 13.112009] ffff888101679d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.112407] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.113183] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 13.069144] ================================================================== [ 13.069901] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 13.070585] Write of size 16 at addr ffff888101679d00 by task kunit_try_catch/183 [ 13.071068] [ 13.071164] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.071221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.071234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.071256] Call Trace: [ 13.071280] <TASK> [ 13.071304] dump_stack_lvl+0x73/0xb0 [ 13.071400] print_report+0xd1/0x610 [ 13.071435] ? __virt_addr_valid+0x1db/0x2d0 [ 13.071459] ? kmalloc_oob_16+0x452/0x4a0 [ 13.071479] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.071503] ? kmalloc_oob_16+0x452/0x4a0 [ 13.071524] kasan_report+0x141/0x180 [ 13.071545] ? kmalloc_oob_16+0x452/0x4a0 [ 13.071580] __asan_report_store16_noabort+0x1b/0x30 [ 13.071606] kmalloc_oob_16+0x452/0x4a0 [ 13.071627] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 13.071649] ? __schedule+0x10cc/0x2b60 [ 13.071671] ? __pfx_read_tsc+0x10/0x10 [ 13.071692] ? ktime_get_ts64+0x86/0x230 [ 13.071717] kunit_try_run_case+0x1a5/0x480 [ 13.071740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.071763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.071787] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.071811] ? __kthread_parkme+0x82/0x180 [ 13.071832] ? preempt_count_sub+0x50/0x80 [ 13.071855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.071880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.071904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.071929] kthread+0x337/0x6f0 [ 13.071948] ? trace_preempt_on+0x20/0xc0 [ 13.071972] ? __pfx_kthread+0x10/0x10 [ 13.071992] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.072014] ? calculate_sigpending+0x7b/0xa0 [ 13.072038] ? __pfx_kthread+0x10/0x10 [ 13.072064] ret_from_fork+0x116/0x1d0 [ 13.072083] ? __pfx_kthread+0x10/0x10 [ 13.072104] ret_from_fork_asm+0x1a/0x30 [ 13.072134] </TASK> [ 13.072146] [ 13.079732] Allocated by task 183: [ 13.079910] kasan_save_stack+0x45/0x70 [ 13.080148] kasan_save_track+0x18/0x40 [ 13.080517] kasan_save_alloc_info+0x3b/0x50 [ 13.080727] __kasan_kmalloc+0xb7/0xc0 [ 13.080935] __kmalloc_cache_noprof+0x189/0x420 [ 13.081147] kmalloc_oob_16+0xa8/0x4a0 [ 13.081476] kunit_try_run_case+0x1a5/0x480 [ 13.081676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.081922] kthread+0x337/0x6f0 [ 13.082098] ret_from_fork+0x116/0x1d0 [ 13.082290] ret_from_fork_asm+0x1a/0x30 [ 13.082528] [ 13.082657] The buggy address belongs to the object at ffff888101679d00 [ 13.082657] which belongs to the cache kmalloc-16 of size 16 [ 13.083152] The buggy address is located 0 bytes inside of [ 13.083152] allocated 13-byte region [ffff888101679d00, ffff888101679d0d) [ 13.083532] [ 13.083644] The buggy address belongs to the physical page: [ 13.084142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101679 [ 13.084666] flags: 0x200000000000000(node=0|zone=2) [ 13.084937] page_type: f5(slab) [ 13.085118] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.085591] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.085898] page dumped because: kasan: bad access detected [ 13.086071] [ 13.086140] Memory state around the buggy address: [ 13.086359] ffff888101679c00: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.086687] ffff888101679c80: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 13.086952] >ffff888101679d00: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.087166] ^ [ 13.087289] ffff888101679d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.087971] ffff888101679e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.088329] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.987960] ================================================================== [ 12.989107] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.989378] Read of size 1 at addr ffff888100342c00 by task kunit_try_catch/181 [ 12.990424] [ 12.990631] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.990678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.990690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.990711] Call Trace: [ 12.990724] <TASK> [ 12.990795] dump_stack_lvl+0x73/0xb0 [ 12.990933] print_report+0xd1/0x610 [ 12.990962] ? __virt_addr_valid+0x1db/0x2d0 [ 12.990986] ? krealloc_uaf+0x1b8/0x5e0 [ 12.991104] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.991129] ? krealloc_uaf+0x1b8/0x5e0 [ 12.991163] kasan_report+0x141/0x180 [ 12.991185] ? krealloc_uaf+0x1b8/0x5e0 [ 12.991209] ? krealloc_uaf+0x1b8/0x5e0 [ 12.991243] __kasan_check_byte+0x3d/0x50 [ 12.991266] krealloc_noprof+0x3f/0x340 [ 12.991289] krealloc_uaf+0x1b8/0x5e0 [ 12.991322] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.991344] ? finish_task_switch.isra.0+0x153/0x700 [ 12.991368] ? __switch_to+0x47/0xf50 [ 12.991407] ? __schedule+0x10cc/0x2b60 [ 12.991429] ? __pfx_read_tsc+0x10/0x10 [ 12.991450] ? ktime_get_ts64+0x86/0x230 [ 12.991487] kunit_try_run_case+0x1a5/0x480 [ 12.991512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.991535] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.991579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.991603] ? __kthread_parkme+0x82/0x180 [ 12.991764] ? preempt_count_sub+0x50/0x80 [ 12.991792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.991830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.991856] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.991881] kthread+0x337/0x6f0 [ 12.991901] ? trace_preempt_on+0x20/0xc0 [ 12.991925] ? __pfx_kthread+0x10/0x10 [ 12.991946] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.991967] ? calculate_sigpending+0x7b/0xa0 [ 12.991992] ? __pfx_kthread+0x10/0x10 [ 12.992013] ret_from_fork+0x116/0x1d0 [ 12.992032] ? __pfx_kthread+0x10/0x10 [ 12.992058] ret_from_fork_asm+0x1a/0x30 [ 12.992089] </TASK> [ 12.992100] [ 13.008726] Allocated by task 181: [ 13.008874] kasan_save_stack+0x45/0x70 [ 13.009026] kasan_save_track+0x18/0x40 [ 13.009163] kasan_save_alloc_info+0x3b/0x50 [ 13.009874] __kasan_kmalloc+0xb7/0xc0 [ 13.010245] __kmalloc_cache_noprof+0x189/0x420 [ 13.010881] krealloc_uaf+0xbb/0x5e0 [ 13.011528] kunit_try_run_case+0x1a5/0x480 [ 13.012100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.013009] kthread+0x337/0x6f0 [ 13.013344] ret_from_fork+0x116/0x1d0 [ 13.013852] ret_from_fork_asm+0x1a/0x30 [ 13.014195] [ 13.014568] Freed by task 181: [ 13.015020] kasan_save_stack+0x45/0x70 [ 13.015408] kasan_save_track+0x18/0x40 [ 13.015908] kasan_save_free_info+0x3f/0x60 [ 13.016072] __kasan_slab_free+0x56/0x70 [ 13.016213] kfree+0x222/0x3f0 [ 13.016852] krealloc_uaf+0x13d/0x5e0 [ 13.017333] kunit_try_run_case+0x1a5/0x480 [ 13.017903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.018666] kthread+0x337/0x6f0 [ 13.019007] ret_from_fork+0x116/0x1d0 [ 13.019148] ret_from_fork_asm+0x1a/0x30 [ 13.019598] [ 13.019881] The buggy address belongs to the object at ffff888100342c00 [ 13.019881] which belongs to the cache kmalloc-256 of size 256 [ 13.021255] The buggy address is located 0 bytes inside of [ 13.021255] freed 256-byte region [ffff888100342c00, ffff888100342d00) [ 13.022036] [ 13.022113] The buggy address belongs to the physical page: [ 13.022309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 13.023543] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.024372] flags: 0x200000000000040(head|node=0|zone=2) [ 13.024862] page_type: f5(slab) [ 13.024989] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.025211] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.025674] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.026340] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.027248] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 13.028132] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.028855] page dumped because: kasan: bad access detected [ 13.029028] [ 13.029096] Memory state around the buggy address: [ 13.029259] ffff888100342b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.030047] ffff888100342b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.031018] >ffff888100342c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.031791] ^ [ 13.031969] ffff888100342c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.032692] ffff888100342d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.033125] ================================================================== [ 13.033911] ================================================================== [ 13.034934] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 13.035708] Read of size 1 at addr ffff888100342c00 by task kunit_try_catch/181 [ 13.036244] [ 13.036497] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.036544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.036570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.036591] Call Trace: [ 13.036603] <TASK> [ 13.036620] dump_stack_lvl+0x73/0xb0 [ 13.036673] print_report+0xd1/0x610 [ 13.036695] ? __virt_addr_valid+0x1db/0x2d0 [ 13.036718] ? krealloc_uaf+0x53c/0x5e0 [ 13.036740] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.036763] ? krealloc_uaf+0x53c/0x5e0 [ 13.036784] kasan_report+0x141/0x180 [ 13.036806] ? krealloc_uaf+0x53c/0x5e0 [ 13.036832] __asan_report_load1_noabort+0x18/0x20 [ 13.036857] krealloc_uaf+0x53c/0x5e0 [ 13.036878] ? __pfx_krealloc_uaf+0x10/0x10 [ 13.036899] ? finish_task_switch.isra.0+0x153/0x700 [ 13.036922] ? __switch_to+0x47/0xf50 [ 13.036948] ? __schedule+0x10cc/0x2b60 [ 13.036970] ? __pfx_read_tsc+0x10/0x10 [ 13.036991] ? ktime_get_ts64+0x86/0x230 [ 13.037015] kunit_try_run_case+0x1a5/0x480 [ 13.037039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.037062] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.037086] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.037110] ? __kthread_parkme+0x82/0x180 [ 13.037130] ? preempt_count_sub+0x50/0x80 [ 13.037154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.037179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.037204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.037229] kthread+0x337/0x6f0 [ 13.037407] ? trace_preempt_on+0x20/0xc0 [ 13.037433] ? __pfx_kthread+0x10/0x10 [ 13.037454] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.037475] ? calculate_sigpending+0x7b/0xa0 [ 13.037500] ? __pfx_kthread+0x10/0x10 [ 13.037521] ret_from_fork+0x116/0x1d0 [ 13.037540] ? __pfx_kthread+0x10/0x10 [ 13.037575] ret_from_fork_asm+0x1a/0x30 [ 13.037606] </TASK> [ 13.037616] [ 13.049393] Allocated by task 181: [ 13.049801] kasan_save_stack+0x45/0x70 [ 13.050222] kasan_save_track+0x18/0x40 [ 13.050467] kasan_save_alloc_info+0x3b/0x50 [ 13.050919] __kasan_kmalloc+0xb7/0xc0 [ 13.051059] __kmalloc_cache_noprof+0x189/0x420 [ 13.051217] krealloc_uaf+0xbb/0x5e0 [ 13.051625] kunit_try_run_case+0x1a5/0x480 [ 13.052148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.052927] kthread+0x337/0x6f0 [ 13.053406] ret_from_fork+0x116/0x1d0 [ 13.053760] ret_from_fork_asm+0x1a/0x30 [ 13.053901] [ 13.053971] Freed by task 181: [ 13.054079] kasan_save_stack+0x45/0x70 [ 13.054210] kasan_save_track+0x18/0x40 [ 13.054655] kasan_save_free_info+0x3f/0x60 [ 13.055125] __kasan_slab_free+0x56/0x70 [ 13.055617] kfree+0x222/0x3f0 [ 13.055921] krealloc_uaf+0x13d/0x5e0 [ 13.056372] kunit_try_run_case+0x1a5/0x480 [ 13.056798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.057227] kthread+0x337/0x6f0 [ 13.057651] ret_from_fork+0x116/0x1d0 [ 13.057791] ret_from_fork_asm+0x1a/0x30 [ 13.057926] [ 13.057995] The buggy address belongs to the object at ffff888100342c00 [ 13.057995] which belongs to the cache kmalloc-256 of size 256 [ 13.058390] The buggy address is located 0 bytes inside of [ 13.058390] freed 256-byte region [ffff888100342c00, ffff888100342d00) [ 13.059354] [ 13.059435] The buggy address belongs to the physical page: [ 13.059776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 13.060214] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.060613] flags: 0x200000000000040(head|node=0|zone=2) [ 13.060875] page_type: f5(slab) [ 13.061039] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.061511] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.061987] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.062384] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.062731] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 13.063041] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.063474] page dumped because: kasan: bad access detected [ 13.063719] [ 13.063816] Memory state around the buggy address: [ 13.063991] ffff888100342b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.064410] ffff888100342b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.064692] >ffff888100342c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.065074] ^ [ 13.065231] ffff888100342c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.065475] ffff888100342d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.066027] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.748725] ================================================================== [ 12.749056] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.749431] Write of size 1 at addr ffff888100342ada by task kunit_try_catch/175 [ 12.749734] [ 12.749833] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.749874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.749886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.749906] Call Trace: [ 12.749919] <TASK> [ 12.749935] dump_stack_lvl+0x73/0xb0 [ 12.749963] print_report+0xd1/0x610 [ 12.749987] ? __virt_addr_valid+0x1db/0x2d0 [ 12.750009] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.750035] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.750060] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.750085] kasan_report+0x141/0x180 [ 12.750108] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.750139] __asan_report_store1_noabort+0x1b/0x30 [ 12.750165] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.750192] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.750218] ? finish_task_switch.isra.0+0x153/0x700 [ 12.750396] ? __switch_to+0x47/0xf50 [ 12.750439] ? __schedule+0x10cc/0x2b60 [ 12.750461] ? __pfx_read_tsc+0x10/0x10 [ 12.750484] krealloc_less_oob+0x1c/0x30 [ 12.750507] kunit_try_run_case+0x1a5/0x480 [ 12.750531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.750569] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.750593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.750616] ? __kthread_parkme+0x82/0x180 [ 12.750637] ? preempt_count_sub+0x50/0x80 [ 12.750659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.750683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.750707] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.750733] kthread+0x337/0x6f0 [ 12.750751] ? trace_preempt_on+0x20/0xc0 [ 12.750774] ? __pfx_kthread+0x10/0x10 [ 12.750794] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.750815] ? calculate_sigpending+0x7b/0xa0 [ 12.750839] ? __pfx_kthread+0x10/0x10 [ 12.750860] ret_from_fork+0x116/0x1d0 [ 12.750878] ? __pfx_kthread+0x10/0x10 [ 12.750898] ret_from_fork_asm+0x1a/0x30 [ 12.750928] </TASK> [ 12.750937] [ 12.758714] Allocated by task 175: [ 12.759180] kasan_save_stack+0x45/0x70 [ 12.759366] kasan_save_track+0x18/0x40 [ 12.759696] kasan_save_alloc_info+0x3b/0x50 [ 12.759902] __kasan_krealloc+0x190/0x1f0 [ 12.760048] krealloc_noprof+0xf3/0x340 [ 12.760183] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.760344] krealloc_less_oob+0x1c/0x30 [ 12.760595] kunit_try_run_case+0x1a5/0x480 [ 12.760802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.761057] kthread+0x337/0x6f0 [ 12.761225] ret_from_fork+0x116/0x1d0 [ 12.761421] ret_from_fork_asm+0x1a/0x30 [ 12.761739] [ 12.761817] The buggy address belongs to the object at ffff888100342a00 [ 12.761817] which belongs to the cache kmalloc-256 of size 256 [ 12.762176] The buggy address is located 17 bytes to the right of [ 12.762176] allocated 201-byte region [ffff888100342a00, ffff888100342ac9) [ 12.762944] [ 12.763052] The buggy address belongs to the physical page: [ 12.763428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.763746] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.764015] flags: 0x200000000000040(head|node=0|zone=2) [ 12.764192] page_type: f5(slab) [ 12.764309] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.764599] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.765045] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.765388] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.765908] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.766221] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.766660] page dumped because: kasan: bad access detected [ 12.766880] [ 12.766978] Memory state around the buggy address: [ 12.767205] ffff888100342980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.767737] ffff888100342a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.768015] >ffff888100342a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.768354] ^ [ 12.768604] ffff888100342b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.768924] ffff888100342b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.769193] ================================================================== [ 12.769691] ================================================================== [ 12.769929] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.770270] Write of size 1 at addr ffff888100342aea by task kunit_try_catch/175 [ 12.770635] [ 12.770741] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.770781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.770792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.770810] Call Trace: [ 12.770823] <TASK> [ 12.770838] dump_stack_lvl+0x73/0xb0 [ 12.770863] print_report+0xd1/0x610 [ 12.770884] ? __virt_addr_valid+0x1db/0x2d0 [ 12.770904] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.770927] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.770948] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.770971] kasan_report+0x141/0x180 [ 12.770991] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.771019] __asan_report_store1_noabort+0x1b/0x30 [ 12.771042] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.771067] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.771090] ? finish_task_switch.isra.0+0x153/0x700 [ 12.771111] ? __switch_to+0x47/0xf50 [ 12.771134] ? __schedule+0x10cc/0x2b60 [ 12.771154] ? __pfx_read_tsc+0x10/0x10 [ 12.771176] krealloc_less_oob+0x1c/0x30 [ 12.771365] kunit_try_run_case+0x1a5/0x480 [ 12.771396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.771435] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.771461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.771485] ? __kthread_parkme+0x82/0x180 [ 12.771505] ? preempt_count_sub+0x50/0x80 [ 12.771528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.771565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.771589] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.771615] kthread+0x337/0x6f0 [ 12.771634] ? trace_preempt_on+0x20/0xc0 [ 12.771657] ? __pfx_kthread+0x10/0x10 [ 12.771677] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.771698] ? calculate_sigpending+0x7b/0xa0 [ 12.771721] ? __pfx_kthread+0x10/0x10 [ 12.771742] ret_from_fork+0x116/0x1d0 [ 12.771761] ? __pfx_kthread+0x10/0x10 [ 12.771781] ret_from_fork_asm+0x1a/0x30 [ 12.771811] </TASK> [ 12.771820] [ 12.780056] Allocated by task 175: [ 12.780186] kasan_save_stack+0x45/0x70 [ 12.780609] kasan_save_track+0x18/0x40 [ 12.780812] kasan_save_alloc_info+0x3b/0x50 [ 12.781023] __kasan_krealloc+0x190/0x1f0 [ 12.781223] krealloc_noprof+0xf3/0x340 [ 12.781405] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.781668] krealloc_less_oob+0x1c/0x30 [ 12.781840] kunit_try_run_case+0x1a5/0x480 [ 12.782023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.782239] kthread+0x337/0x6f0 [ 12.782401] ret_from_fork+0x116/0x1d0 [ 12.782590] ret_from_fork_asm+0x1a/0x30 [ 12.782737] [ 12.782828] The buggy address belongs to the object at ffff888100342a00 [ 12.782828] which belongs to the cache kmalloc-256 of size 256 [ 12.783304] The buggy address is located 33 bytes to the right of [ 12.783304] allocated 201-byte region [ffff888100342a00, ffff888100342ac9) [ 12.783683] [ 12.783753] The buggy address belongs to the physical page: [ 12.784002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.784460] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.784804] flags: 0x200000000000040(head|node=0|zone=2) [ 12.785042] page_type: f5(slab) [ 12.785177] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.785406] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.785754] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.786096] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.786563] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.786885] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.787180] page dumped because: kasan: bad access detected [ 12.787509] [ 12.787602] Memory state around the buggy address: [ 12.787757] ffff888100342980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.787975] ffff888100342a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.788365] >ffff888100342a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.788698] ^ [ 12.789297] ffff888100342b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.789603] ffff888100342b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.789879] ================================================================== [ 12.953778] ================================================================== [ 12.954431] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.955098] Write of size 1 at addr ffff8881027d20eb by task kunit_try_catch/179 [ 12.955740] [ 12.955888] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.955933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.955944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.955964] Call Trace: [ 12.955975] <TASK> [ 12.955990] dump_stack_lvl+0x73/0xb0 [ 12.956019] print_report+0xd1/0x610 [ 12.956047] ? __virt_addr_valid+0x1db/0x2d0 [ 12.956069] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.956094] ? kasan_addr_to_slab+0x11/0xa0 [ 12.956114] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.956138] kasan_report+0x141/0x180 [ 12.956160] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.956188] __asan_report_store1_noabort+0x1b/0x30 [ 12.956214] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.956240] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.956264] ? irqentry_exit+0x2a/0x60 [ 12.956286] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.956315] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 12.956343] krealloc_large_less_oob+0x1c/0x30 [ 12.956367] kunit_try_run_case+0x1a5/0x480 [ 12.956392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.956668] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.956699] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.956723] ? __kthread_parkme+0x82/0x180 [ 12.956744] ? preempt_count_sub+0x50/0x80 [ 12.956767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.956793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.956820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.956845] kthread+0x337/0x6f0 [ 12.956865] ? trace_preempt_on+0x20/0xc0 [ 12.956888] ? __pfx_kthread+0x10/0x10 [ 12.956909] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.956930] ? calculate_sigpending+0x7b/0xa0 [ 12.956954] ? __pfx_kthread+0x10/0x10 [ 12.956975] ret_from_fork+0x116/0x1d0 [ 12.956994] ? __pfx_kthread+0x10/0x10 [ 12.957016] ret_from_fork_asm+0x1a/0x30 [ 12.957048] </TASK> [ 12.957060] [ 12.973005] The buggy address belongs to the physical page: [ 12.973609] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027d0 [ 12.974138] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.974574] flags: 0x200000000000040(head|node=0|zone=2) [ 12.975214] page_type: f8(unknown) [ 12.975793] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.976426] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.976821] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.977057] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.977769] head: 0200000000000002 ffffea000409f401 00000000ffffffff 00000000ffffffff [ 12.978577] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.979323] page dumped because: kasan: bad access detected [ 12.980128] [ 12.980341] Memory state around the buggy address: [ 12.980854] ffff8881027d1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.981073] ffff8881027d2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.981362] >ffff8881027d2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.982246] ^ [ 12.982953] ffff8881027d2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.983860] ffff8881027d2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.984509] ================================================================== [ 12.897489] ================================================================== [ 12.897834] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.898164] Write of size 1 at addr ffff8881027d20da by task kunit_try_catch/179 [ 12.899612] [ 12.899728] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.899771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.899782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.899802] Call Trace: [ 12.899814] <TASK> [ 12.899827] dump_stack_lvl+0x73/0xb0 [ 12.899856] print_report+0xd1/0x610 [ 12.899878] ? __virt_addr_valid+0x1db/0x2d0 [ 12.899901] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.899927] ? kasan_addr_to_slab+0x11/0xa0 [ 12.899948] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.899974] kasan_report+0x141/0x180 [ 12.899995] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.900024] __asan_report_store1_noabort+0x1b/0x30 [ 12.900057] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.900083] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.900108] ? irqentry_exit+0x2a/0x60 [ 12.900128] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.900158] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 12.900185] krealloc_large_less_oob+0x1c/0x30 [ 12.900209] kunit_try_run_case+0x1a5/0x480 [ 12.900232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.900408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.900437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.900476] ? __kthread_parkme+0x82/0x180 [ 12.900497] ? preempt_count_sub+0x50/0x80 [ 12.900521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.900593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.900620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.900645] kthread+0x337/0x6f0 [ 12.900664] ? trace_preempt_on+0x20/0xc0 [ 12.900687] ? __pfx_kthread+0x10/0x10 [ 12.900707] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.900728] ? calculate_sigpending+0x7b/0xa0 [ 12.900752] ? __pfx_kthread+0x10/0x10 [ 12.900773] ret_from_fork+0x116/0x1d0 [ 12.900792] ? __pfx_kthread+0x10/0x10 [ 12.900813] ret_from_fork_asm+0x1a/0x30 [ 12.900843] </TASK> [ 12.900853] [ 12.913136] The buggy address belongs to the physical page: [ 12.913662] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027d0 [ 12.914187] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.914752] flags: 0x200000000000040(head|node=0|zone=2) [ 12.915102] page_type: f8(unknown) [ 12.915425] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.915734] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.916038] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.916746] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.917162] head: 0200000000000002 ffffea000409f401 00000000ffffffff 00000000ffffffff [ 12.917724] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.918314] page dumped because: kasan: bad access detected [ 12.918773] [ 12.919000] Memory state around the buggy address: [ 12.919332] ffff8881027d1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.919871] ffff8881027d2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.920167] >ffff8881027d2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.920984] ^ [ 12.921430] ffff8881027d2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.921949] ffff8881027d2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.922613] ================================================================== [ 12.881147] ================================================================== [ 12.881481] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.881859] Write of size 1 at addr ffff8881027d20d0 by task kunit_try_catch/179 [ 12.882142] [ 12.882253] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.882295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.882306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.882326] Call Trace: [ 12.882338] <TASK> [ 12.882351] dump_stack_lvl+0x73/0xb0 [ 12.882377] print_report+0xd1/0x610 [ 12.882399] ? __virt_addr_valid+0x1db/0x2d0 [ 12.882421] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.882445] ? kasan_addr_to_slab+0x11/0xa0 [ 12.882466] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.882490] kasan_report+0x141/0x180 [ 12.882511] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.882540] __asan_report_store1_noabort+0x1b/0x30 [ 12.882763] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.882798] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.882823] ? irqentry_exit+0x2a/0x60 [ 12.882845] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.882874] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 12.882903] krealloc_large_less_oob+0x1c/0x30 [ 12.882926] kunit_try_run_case+0x1a5/0x480 [ 12.882950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.882973] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.882997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.883021] ? __kthread_parkme+0x82/0x180 [ 12.883042] ? preempt_count_sub+0x50/0x80 [ 12.883065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.883089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.883113] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.883139] kthread+0x337/0x6f0 [ 12.883158] ? trace_preempt_on+0x20/0xc0 [ 12.883181] ? __pfx_kthread+0x10/0x10 [ 12.883201] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.883223] ? calculate_sigpending+0x7b/0xa0 [ 12.883246] ? __pfx_kthread+0x10/0x10 [ 12.883267] ret_from_fork+0x116/0x1d0 [ 12.883286] ? __pfx_kthread+0x10/0x10 [ 12.883306] ret_from_fork_asm+0x1a/0x30 [ 12.883393] </TASK> [ 12.883404] [ 12.891182] The buggy address belongs to the physical page: [ 12.891489] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027d0 [ 12.891747] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.891972] flags: 0x200000000000040(head|node=0|zone=2) [ 12.892254] page_type: f8(unknown) [ 12.892421] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.892735] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.892970] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.893290] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.893743] head: 0200000000000002 ffffea000409f401 00000000ffffffff 00000000ffffffff [ 12.894088] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.894632] page dumped because: kasan: bad access detected [ 12.894890] [ 12.894980] Memory state around the buggy address: [ 12.895176] ffff8881027d1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.895391] ffff8881027d2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.895622] >ffff8881027d2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.896099] ^ [ 12.896369] ffff8881027d2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.896697] ffff8881027d2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.896955] ================================================================== [ 12.864339] ================================================================== [ 12.864876] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.865212] Write of size 1 at addr ffff8881027d20c9 by task kunit_try_catch/179 [ 12.865828] [ 12.865937] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.865981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.865993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.866013] Call Trace: [ 12.866025] <TASK> [ 12.866039] dump_stack_lvl+0x73/0xb0 [ 12.866071] print_report+0xd1/0x610 [ 12.866095] ? __virt_addr_valid+0x1db/0x2d0 [ 12.866118] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.866143] ? kasan_addr_to_slab+0x11/0xa0 [ 12.866163] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.866188] kasan_report+0x141/0x180 [ 12.866209] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.866238] __asan_report_store1_noabort+0x1b/0x30 [ 12.866264] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.866290] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.866315] ? irqentry_exit+0x2a/0x60 [ 12.866337] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.866367] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 12.866398] krealloc_large_less_oob+0x1c/0x30 [ 12.866663] kunit_try_run_case+0x1a5/0x480 [ 12.866689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.866712] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.866750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.866774] ? __kthread_parkme+0x82/0x180 [ 12.866795] ? preempt_count_sub+0x50/0x80 [ 12.866819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.866851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.866876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.866901] kthread+0x337/0x6f0 [ 12.866920] ? trace_preempt_on+0x20/0xc0 [ 12.866943] ? __pfx_kthread+0x10/0x10 [ 12.866963] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.866985] ? calculate_sigpending+0x7b/0xa0 [ 12.867009] ? __pfx_kthread+0x10/0x10 [ 12.867030] ret_from_fork+0x116/0x1d0 [ 12.867050] ? __pfx_kthread+0x10/0x10 [ 12.867070] ret_from_fork_asm+0x1a/0x30 [ 12.867101] </TASK> [ 12.867111] [ 12.874647] The buggy address belongs to the physical page: [ 12.874906] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027d0 [ 12.875312] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.875684] flags: 0x200000000000040(head|node=0|zone=2) [ 12.875935] page_type: f8(unknown) [ 12.876098] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.876330] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.876678] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.877106] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.877615] head: 0200000000000002 ffffea000409f401 00000000ffffffff 00000000ffffffff [ 12.877875] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.878213] page dumped because: kasan: bad access detected [ 12.878609] [ 12.878705] Memory state around the buggy address: [ 12.878897] ffff8881027d1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.879113] ffff8881027d2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.879349] >ffff8881027d2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.879844] ^ [ 12.880110] ffff8881027d2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.880518] ffff8881027d2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.880793] ================================================================== [ 12.690748] ================================================================== [ 12.691169] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.691416] Write of size 1 at addr ffff888100342ac9 by task kunit_try_catch/175 [ 12.692153] [ 12.692491] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.692572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.692584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.692606] Call Trace: [ 12.692632] <TASK> [ 12.692649] dump_stack_lvl+0x73/0xb0 [ 12.692681] print_report+0xd1/0x610 [ 12.692703] ? __virt_addr_valid+0x1db/0x2d0 [ 12.692726] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.692750] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.692773] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.692798] kasan_report+0x141/0x180 [ 12.692819] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.692848] __asan_report_store1_noabort+0x1b/0x30 [ 12.692891] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.692917] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.692942] ? finish_task_switch.isra.0+0x153/0x700 [ 12.692965] ? __switch_to+0x47/0xf50 [ 12.692990] ? __schedule+0x10cc/0x2b60 [ 12.693012] ? __pfx_read_tsc+0x10/0x10 [ 12.693036] krealloc_less_oob+0x1c/0x30 [ 12.693057] kunit_try_run_case+0x1a5/0x480 [ 12.693081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.693104] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.693128] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.693152] ? __kthread_parkme+0x82/0x180 [ 12.693172] ? preempt_count_sub+0x50/0x80 [ 12.693195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.693219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.693313] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.693339] kthread+0x337/0x6f0 [ 12.693358] ? trace_preempt_on+0x20/0xc0 [ 12.693382] ? __pfx_kthread+0x10/0x10 [ 12.693420] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.693442] ? calculate_sigpending+0x7b/0xa0 [ 12.693466] ? __pfx_kthread+0x10/0x10 [ 12.693487] ret_from_fork+0x116/0x1d0 [ 12.693506] ? __pfx_kthread+0x10/0x10 [ 12.693526] ret_from_fork_asm+0x1a/0x30 [ 12.693564] </TASK> [ 12.693574] [ 12.705975] Allocated by task 175: [ 12.706618] kasan_save_stack+0x45/0x70 [ 12.706991] kasan_save_track+0x18/0x40 [ 12.707432] kasan_save_alloc_info+0x3b/0x50 [ 12.707972] __kasan_krealloc+0x190/0x1f0 [ 12.708401] krealloc_noprof+0xf3/0x340 [ 12.708844] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.709369] krealloc_less_oob+0x1c/0x30 [ 12.709786] kunit_try_run_case+0x1a5/0x480 [ 12.710167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.710712] kthread+0x337/0x6f0 [ 12.711093] ret_from_fork+0x116/0x1d0 [ 12.711314] ret_from_fork_asm+0x1a/0x30 [ 12.711736] [ 12.711895] The buggy address belongs to the object at ffff888100342a00 [ 12.711895] which belongs to the cache kmalloc-256 of size 256 [ 12.712948] The buggy address is located 0 bytes to the right of [ 12.712948] allocated 201-byte region [ffff888100342a00, ffff888100342ac9) [ 12.713528] [ 12.713733] The buggy address belongs to the physical page: [ 12.714212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.715072] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.715575] flags: 0x200000000000040(head|node=0|zone=2) [ 12.715759] page_type: f5(slab) [ 12.715880] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.716116] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.716650] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.717317] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.718032] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.718893] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.719729] page dumped because: kasan: bad access detected [ 12.720430] [ 12.720657] Memory state around the buggy address: [ 12.721082] ffff888100342980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.721427] ffff888100342a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.722056] >ffff888100342a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.722857] ^ [ 12.723100] ffff888100342b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.723541] ffff888100342b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.724166] ================================================================== [ 12.725106] ================================================================== [ 12.725757] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.726152] Write of size 1 at addr ffff888100342ad0 by task kunit_try_catch/175 [ 12.726941] [ 12.727131] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.727176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.727187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.727208] Call Trace: [ 12.727222] <TASK> [ 12.727236] dump_stack_lvl+0x73/0xb0 [ 12.727265] print_report+0xd1/0x610 [ 12.727286] ? __virt_addr_valid+0x1db/0x2d0 [ 12.727327] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.727352] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.727374] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.727399] kasan_report+0x141/0x180 [ 12.727437] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.727466] __asan_report_store1_noabort+0x1b/0x30 [ 12.727491] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.727518] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.727543] ? finish_task_switch.isra.0+0x153/0x700 [ 12.727576] ? __switch_to+0x47/0xf50 [ 12.727600] ? __schedule+0x10cc/0x2b60 [ 12.727621] ? __pfx_read_tsc+0x10/0x10 [ 12.727646] krealloc_less_oob+0x1c/0x30 [ 12.727668] kunit_try_run_case+0x1a5/0x480 [ 12.727692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.727714] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.727738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.727762] ? __kthread_parkme+0x82/0x180 [ 12.727782] ? preempt_count_sub+0x50/0x80 [ 12.727804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.727828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.727852] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.727877] kthread+0x337/0x6f0 [ 12.727896] ? trace_preempt_on+0x20/0xc0 [ 12.727919] ? __pfx_kthread+0x10/0x10 [ 12.727939] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.727961] ? calculate_sigpending+0x7b/0xa0 [ 12.727984] ? __pfx_kthread+0x10/0x10 [ 12.728006] ret_from_fork+0x116/0x1d0 [ 12.728025] ? __pfx_kthread+0x10/0x10 [ 12.728052] ret_from_fork_asm+0x1a/0x30 [ 12.728084] </TASK> [ 12.728093] [ 12.737582] Allocated by task 175: [ 12.737762] kasan_save_stack+0x45/0x70 [ 12.737966] kasan_save_track+0x18/0x40 [ 12.738155] kasan_save_alloc_info+0x3b/0x50 [ 12.738625] __kasan_krealloc+0x190/0x1f0 [ 12.738814] krealloc_noprof+0xf3/0x340 [ 12.738991] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.739197] krealloc_less_oob+0x1c/0x30 [ 12.739487] kunit_try_run_case+0x1a5/0x480 [ 12.739691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.739896] kthread+0x337/0x6f0 [ 12.740017] ret_from_fork+0x116/0x1d0 [ 12.740154] ret_from_fork_asm+0x1a/0x30 [ 12.740501] [ 12.740620] The buggy address belongs to the object at ffff888100342a00 [ 12.740620] which belongs to the cache kmalloc-256 of size 256 [ 12.741342] The buggy address is located 7 bytes to the right of [ 12.741342] allocated 201-byte region [ffff888100342a00, ffff888100342ac9) [ 12.741857] [ 12.741954] The buggy address belongs to the physical page: [ 12.742162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.742509] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.743023] flags: 0x200000000000040(head|node=0|zone=2) [ 12.743351] page_type: f5(slab) [ 12.743600] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.743883] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.744120] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.744413] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.744761] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.745233] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.745671] page dumped because: kasan: bad access detected [ 12.745847] [ 12.745915] Memory state around the buggy address: [ 12.746069] ffff888100342980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.746734] ffff888100342a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.747066] >ffff888100342a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.747455] ^ [ 12.747676] ffff888100342b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.747893] ffff888100342b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.748194] ================================================================== [ 12.923385] ================================================================== [ 12.924086] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.924540] Write of size 1 at addr ffff8881027d20ea by task kunit_try_catch/179 [ 12.924858] [ 12.924966] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.925008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.925020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.925039] Call Trace: [ 12.925054] <TASK> [ 12.925070] dump_stack_lvl+0x73/0xb0 [ 12.925098] print_report+0xd1/0x610 [ 12.925120] ? __virt_addr_valid+0x1db/0x2d0 [ 12.925143] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.925167] ? kasan_addr_to_slab+0x11/0xa0 [ 12.925188] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.925212] kasan_report+0x141/0x180 [ 12.925234] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.925568] __asan_report_store1_noabort+0x1b/0x30 [ 12.925596] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.925623] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.925648] ? irqentry_exit+0x2a/0x60 [ 12.925704] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.925734] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 12.925762] krealloc_large_less_oob+0x1c/0x30 [ 12.925806] kunit_try_run_case+0x1a5/0x480 [ 12.925831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.925854] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.925878] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.925902] ? __kthread_parkme+0x82/0x180 [ 12.925923] ? preempt_count_sub+0x50/0x80 [ 12.925947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.925972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.925996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.926021] kthread+0x337/0x6f0 [ 12.926040] ? trace_preempt_on+0x20/0xc0 [ 12.926063] ? __pfx_kthread+0x10/0x10 [ 12.926084] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.926107] ? calculate_sigpending+0x7b/0xa0 [ 12.926131] ? __pfx_kthread+0x10/0x10 [ 12.926152] ret_from_fork+0x116/0x1d0 [ 12.926171] ? __pfx_kthread+0x10/0x10 [ 12.926191] ret_from_fork_asm+0x1a/0x30 [ 12.926222] </TASK> [ 12.926232] [ 12.941168] The buggy address belongs to the physical page: [ 12.941715] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027d0 [ 12.942480] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.943124] flags: 0x200000000000040(head|node=0|zone=2) [ 12.943681] page_type: f8(unknown) [ 12.944057] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.944628] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.944974] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.945209] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.945961] head: 0200000000000002 ffffea000409f401 00000000ffffffff 00000000ffffffff [ 12.946730] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.947580] page dumped because: kasan: bad access detected [ 12.947760] [ 12.947828] Memory state around the buggy address: [ 12.947985] ffff8881027d1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.948208] ffff8881027d2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.948430] >ffff8881027d2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.948935] ^ [ 12.949597] ffff8881027d2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.950190] ffff8881027d2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.950867] ================================================================== [ 12.790258] ================================================================== [ 12.790592] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.790922] Write of size 1 at addr ffff888100342aeb by task kunit_try_catch/175 [ 12.791498] [ 12.791610] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.791650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.791661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.791680] Call Trace: [ 12.791692] <TASK> [ 12.791705] dump_stack_lvl+0x73/0xb0 [ 12.791732] print_report+0xd1/0x610 [ 12.791753] ? __virt_addr_valid+0x1db/0x2d0 [ 12.791774] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.791798] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.791821] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.791845] kasan_report+0x141/0x180 [ 12.791866] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.791895] __asan_report_store1_noabort+0x1b/0x30 [ 12.791920] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.791947] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.791971] ? finish_task_switch.isra.0+0x153/0x700 [ 12.791993] ? __switch_to+0x47/0xf50 [ 12.792017] ? __schedule+0x10cc/0x2b60 [ 12.792038] ? __pfx_read_tsc+0x10/0x10 [ 12.792071] krealloc_less_oob+0x1c/0x30 [ 12.792093] kunit_try_run_case+0x1a5/0x480 [ 12.792116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.792139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.792162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.792186] ? __kthread_parkme+0x82/0x180 [ 12.792205] ? preempt_count_sub+0x50/0x80 [ 12.792228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.792252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.792276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.792301] kthread+0x337/0x6f0 [ 12.792319] ? trace_preempt_on+0x20/0xc0 [ 12.792342] ? __pfx_kthread+0x10/0x10 [ 12.792362] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.792435] ? calculate_sigpending+0x7b/0xa0 [ 12.792459] ? __pfx_kthread+0x10/0x10 [ 12.792481] ret_from_fork+0x116/0x1d0 [ 12.792500] ? __pfx_kthread+0x10/0x10 [ 12.792520] ret_from_fork_asm+0x1a/0x30 [ 12.792549] </TASK> [ 12.792571] [ 12.800217] Allocated by task 175: [ 12.800398] kasan_save_stack+0x45/0x70 [ 12.800773] kasan_save_track+0x18/0x40 [ 12.800965] kasan_save_alloc_info+0x3b/0x50 [ 12.801167] __kasan_krealloc+0x190/0x1f0 [ 12.801307] krealloc_noprof+0xf3/0x340 [ 12.801712] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.801964] krealloc_less_oob+0x1c/0x30 [ 12.802163] kunit_try_run_case+0x1a5/0x480 [ 12.802439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.802681] kthread+0x337/0x6f0 [ 12.802831] ret_from_fork+0x116/0x1d0 [ 12.802963] ret_from_fork_asm+0x1a/0x30 [ 12.803104] [ 12.803174] The buggy address belongs to the object at ffff888100342a00 [ 12.803174] which belongs to the cache kmalloc-256 of size 256 [ 12.803805] The buggy address is located 34 bytes to the right of [ 12.803805] allocated 201-byte region [ffff888100342a00, ffff888100342ac9) [ 12.804439] [ 12.804535] The buggy address belongs to the physical page: [ 12.804727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.804968] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.805194] flags: 0x200000000000040(head|node=0|zone=2) [ 12.805830] page_type: f5(slab) [ 12.806010] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.806358] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.806768] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.807124] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.807439] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.807709] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.808021] page dumped because: kasan: bad access detected [ 12.808278] [ 12.808351] Memory state around the buggy address: [ 12.808663] ffff888100342980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.808931] ffff888100342a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.809189] >ffff888100342a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.809527] ^ [ 12.809818] ffff888100342b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.810059] ffff888100342b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.810354] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.841732] ================================================================== [ 12.842475] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.842868] Write of size 1 at addr ffff888102a460f0 by task kunit_try_catch/177 [ 12.843559] [ 12.843674] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.843718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.843730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.843750] Call Trace: [ 12.843762] <TASK> [ 12.843776] dump_stack_lvl+0x73/0xb0 [ 12.843806] print_report+0xd1/0x610 [ 12.843828] ? __virt_addr_valid+0x1db/0x2d0 [ 12.843851] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.843875] ? kasan_addr_to_slab+0x11/0xa0 [ 12.843896] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.843921] kasan_report+0x141/0x180 [ 12.843942] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.843972] __asan_report_store1_noabort+0x1b/0x30 [ 12.843997] krealloc_more_oob_helper+0x7eb/0x930 [ 12.844020] ? __schedule+0x10cc/0x2b60 [ 12.844047] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.844073] ? finish_task_switch.isra.0+0x153/0x700 [ 12.844096] ? __switch_to+0x47/0xf50 [ 12.844120] ? __schedule+0x10cc/0x2b60 [ 12.844141] ? __pfx_read_tsc+0x10/0x10 [ 12.844165] krealloc_large_more_oob+0x1c/0x30 [ 12.844188] kunit_try_run_case+0x1a5/0x480 [ 12.844214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.844237] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.844631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.844657] ? __kthread_parkme+0x82/0x180 [ 12.844679] ? preempt_count_sub+0x50/0x80 [ 12.844703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.844728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.844761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.844786] kthread+0x337/0x6f0 [ 12.844806] ? trace_preempt_on+0x20/0xc0 [ 12.844830] ? __pfx_kthread+0x10/0x10 [ 12.844850] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.844873] ? calculate_sigpending+0x7b/0xa0 [ 12.844897] ? __pfx_kthread+0x10/0x10 [ 12.844918] ret_from_fork+0x116/0x1d0 [ 12.844937] ? __pfx_kthread+0x10/0x10 [ 12.844957] ret_from_fork_asm+0x1a/0x30 [ 12.844988] </TASK> [ 12.844998] [ 12.852669] The buggy address belongs to the physical page: [ 12.852887] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a44 [ 12.853133] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.853501] flags: 0x200000000000040(head|node=0|zone=2) [ 12.853943] page_type: f8(unknown) [ 12.854086] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.854607] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.854907] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.855138] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.855842] head: 0200000000000002 ffffea00040a9101 00000000ffffffff 00000000ffffffff [ 12.856141] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.856517] page dumped because: kasan: bad access detected [ 12.856782] [ 12.856867] Memory state around the buggy address: [ 12.857056] ffff888102a45f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.857346] ffff888102a46000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.857609] >ffff888102a46080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.857943] ^ [ 12.858255] ffff888102a46100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.858510] ffff888102a46180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.858776] ================================================================== [ 12.659125] ================================================================== [ 12.659579] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.659979] Write of size 1 at addr ffff8881003428f0 by task kunit_try_catch/173 [ 12.660488] [ 12.660639] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.660697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.660708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.660729] Call Trace: [ 12.660743] <TASK> [ 12.660759] dump_stack_lvl+0x73/0xb0 [ 12.660788] print_report+0xd1/0x610 [ 12.660810] ? __virt_addr_valid+0x1db/0x2d0 [ 12.660832] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.660856] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.660879] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.660904] kasan_report+0x141/0x180 [ 12.660940] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.660969] __asan_report_store1_noabort+0x1b/0x30 [ 12.660994] krealloc_more_oob_helper+0x7eb/0x930 [ 12.661017] ? __schedule+0x10cc/0x2b60 [ 12.661038] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.661063] ? finish_task_switch.isra.0+0x153/0x700 [ 12.661086] ? __switch_to+0x47/0xf50 [ 12.661110] ? __schedule+0x10cc/0x2b60 [ 12.661131] ? __pfx_read_tsc+0x10/0x10 [ 12.661154] krealloc_more_oob+0x1c/0x30 [ 12.661176] kunit_try_run_case+0x1a5/0x480 [ 12.661199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.661222] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.661464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.661493] ? __kthread_parkme+0x82/0x180 [ 12.661526] ? preempt_count_sub+0x50/0x80 [ 12.661557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.661582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.661607] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.661633] kthread+0x337/0x6f0 [ 12.661652] ? trace_preempt_on+0x20/0xc0 [ 12.661676] ? __pfx_kthread+0x10/0x10 [ 12.661696] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.661718] ? calculate_sigpending+0x7b/0xa0 [ 12.661742] ? __pfx_kthread+0x10/0x10 [ 12.661763] ret_from_fork+0x116/0x1d0 [ 12.661781] ? __pfx_kthread+0x10/0x10 [ 12.661801] ret_from_fork_asm+0x1a/0x30 [ 12.661832] </TASK> [ 12.661841] [ 12.671078] Allocated by task 173: [ 12.671216] kasan_save_stack+0x45/0x70 [ 12.671366] kasan_save_track+0x18/0x40 [ 12.671500] kasan_save_alloc_info+0x3b/0x50 [ 12.671667] __kasan_krealloc+0x190/0x1f0 [ 12.672108] krealloc_noprof+0xf3/0x340 [ 12.672266] krealloc_more_oob_helper+0x1a9/0x930 [ 12.672429] krealloc_more_oob+0x1c/0x30 [ 12.672595] kunit_try_run_case+0x1a5/0x480 [ 12.672802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.673058] kthread+0x337/0x6f0 [ 12.673228] ret_from_fork+0x116/0x1d0 [ 12.674641] ret_from_fork_asm+0x1a/0x30 [ 12.676428] [ 12.676519] The buggy address belongs to the object at ffff888100342800 [ 12.676519] which belongs to the cache kmalloc-256 of size 256 [ 12.677613] The buggy address is located 5 bytes to the right of [ 12.677613] allocated 235-byte region [ffff888100342800, ffff8881003428eb) [ 12.678043] [ 12.678123] The buggy address belongs to the physical page: [ 12.678310] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.678568] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.678798] flags: 0x200000000000040(head|node=0|zone=2) [ 12.678974] page_type: f5(slab) [ 12.679097] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.679331] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.680032] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.680981] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.682107] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.682708] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.683216] page dumped because: kasan: bad access detected [ 12.683635] [ 12.683717] Memory state around the buggy address: [ 12.683929] ffff888100342780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.684777] ffff888100342800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.685076] >ffff888100342880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.685634] ^ [ 12.685984] ffff888100342900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.686636] ffff888100342980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.687086] ================================================================== [ 12.817951] ================================================================== [ 12.818448] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.819014] Write of size 1 at addr ffff888102a460eb by task kunit_try_catch/177 [ 12.819300] [ 12.819413] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.819460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.819566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.819590] Call Trace: [ 12.819603] <TASK> [ 12.819618] dump_stack_lvl+0x73/0xb0 [ 12.819651] print_report+0xd1/0x610 [ 12.819673] ? __virt_addr_valid+0x1db/0x2d0 [ 12.819698] ? krealloc_more_oob_helper+0x821/0x930 [ 12.819723] ? kasan_addr_to_slab+0x11/0xa0 [ 12.819743] ? krealloc_more_oob_helper+0x821/0x930 [ 12.819768] kasan_report+0x141/0x180 [ 12.819790] ? krealloc_more_oob_helper+0x821/0x930 [ 12.819819] __asan_report_store1_noabort+0x1b/0x30 [ 12.819845] krealloc_more_oob_helper+0x821/0x930 [ 12.819868] ? __schedule+0x10cc/0x2b60 [ 12.819890] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.819916] ? finish_task_switch.isra.0+0x153/0x700 [ 12.819940] ? __switch_to+0x47/0xf50 [ 12.819966] ? __schedule+0x10cc/0x2b60 [ 12.819987] ? __pfx_read_tsc+0x10/0x10 [ 12.820011] krealloc_large_more_oob+0x1c/0x30 [ 12.820035] kunit_try_run_case+0x1a5/0x480 [ 12.820066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.820089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.820113] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.820137] ? __kthread_parkme+0x82/0x180 [ 12.820158] ? preempt_count_sub+0x50/0x80 [ 12.820180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.820205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.820229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.820266] kthread+0x337/0x6f0 [ 12.820285] ? trace_preempt_on+0x20/0xc0 [ 12.820309] ? __pfx_kthread+0x10/0x10 [ 12.820330] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.820351] ? calculate_sigpending+0x7b/0xa0 [ 12.820376] ? __pfx_kthread+0x10/0x10 [ 12.820397] ret_from_fork+0x116/0x1d0 [ 12.820455] ? __pfx_kthread+0x10/0x10 [ 12.820479] ret_from_fork_asm+0x1a/0x30 [ 12.820511] </TASK> [ 12.820522] [ 12.830611] The buggy address belongs to the physical page: [ 12.830864] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a44 [ 12.831198] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.831954] flags: 0x200000000000040(head|node=0|zone=2) [ 12.832393] page_type: f8(unknown) [ 12.832719] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.833210] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.833819] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.834146] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.834466] head: 0200000000000002 ffffea00040a9101 00000000ffffffff 00000000ffffffff [ 12.835548] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.835984] page dumped because: kasan: bad access detected [ 12.836596] [ 12.836697] Memory state around the buggy address: [ 12.836918] ffff888102a45f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.837191] ffff888102a46000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.837877] >ffff888102a46080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.838177] ^ [ 12.838779] ffff888102a46100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.839076] ffff888102a46180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.839364] ================================================================== [ 12.621477] ================================================================== [ 12.622000] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.622252] Write of size 1 at addr ffff8881003428eb by task kunit_try_catch/173 [ 12.623255] [ 12.623773] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.623820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.623831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.623851] Call Trace: [ 12.623863] <TASK> [ 12.623877] dump_stack_lvl+0x73/0xb0 [ 12.623908] print_report+0xd1/0x610 [ 12.623930] ? __virt_addr_valid+0x1db/0x2d0 [ 12.623952] ? krealloc_more_oob_helper+0x821/0x930 [ 12.623977] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.624000] ? krealloc_more_oob_helper+0x821/0x930 [ 12.624025] kasan_report+0x141/0x180 [ 12.624051] ? krealloc_more_oob_helper+0x821/0x930 [ 12.624080] __asan_report_store1_noabort+0x1b/0x30 [ 12.624105] krealloc_more_oob_helper+0x821/0x930 [ 12.624128] ? __schedule+0x10cc/0x2b60 [ 12.624150] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.624175] ? finish_task_switch.isra.0+0x153/0x700 [ 12.624198] ? __switch_to+0x47/0xf50 [ 12.624224] ? __schedule+0x10cc/0x2b60 [ 12.624372] ? __pfx_read_tsc+0x10/0x10 [ 12.624398] krealloc_more_oob+0x1c/0x30 [ 12.624421] kunit_try_run_case+0x1a5/0x480 [ 12.624446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.624469] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.624493] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.624517] ? __kthread_parkme+0x82/0x180 [ 12.624538] ? preempt_count_sub+0x50/0x80 [ 12.624571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.624595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.624619] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.624645] kthread+0x337/0x6f0 [ 12.624663] ? trace_preempt_on+0x20/0xc0 [ 12.624686] ? __pfx_kthread+0x10/0x10 [ 12.624706] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.624728] ? calculate_sigpending+0x7b/0xa0 [ 12.624751] ? __pfx_kthread+0x10/0x10 [ 12.624772] ret_from_fork+0x116/0x1d0 [ 12.624791] ? __pfx_kthread+0x10/0x10 [ 12.624811] ret_from_fork_asm+0x1a/0x30 [ 12.624841] </TASK> [ 12.624852] [ 12.642822] Allocated by task 173: [ 12.643270] kasan_save_stack+0x45/0x70 [ 12.643729] kasan_save_track+0x18/0x40 [ 12.643881] kasan_save_alloc_info+0x3b/0x50 [ 12.644033] __kasan_krealloc+0x190/0x1f0 [ 12.644196] krealloc_noprof+0xf3/0x340 [ 12.644773] krealloc_more_oob_helper+0x1a9/0x930 [ 12.645153] krealloc_more_oob+0x1c/0x30 [ 12.645712] kunit_try_run_case+0x1a5/0x480 [ 12.646218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.646825] kthread+0x337/0x6f0 [ 12.647149] ret_from_fork+0x116/0x1d0 [ 12.647610] ret_from_fork_asm+0x1a/0x30 [ 12.648034] [ 12.648120] The buggy address belongs to the object at ffff888100342800 [ 12.648120] which belongs to the cache kmalloc-256 of size 256 [ 12.649580] The buggy address is located 0 bytes to the right of [ 12.649580] allocated 235-byte region [ffff888100342800, ffff8881003428eb) [ 12.650271] [ 12.650467] The buggy address belongs to the physical page: [ 12.651334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.651938] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.652181] flags: 0x200000000000040(head|node=0|zone=2) [ 12.652740] page_type: f5(slab) [ 12.653062] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.653954] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.654534] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.654789] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.655024] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.655330] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.655680] page dumped because: kasan: bad access detected [ 12.655895] [ 12.656009] Memory state around the buggy address: [ 12.656231] ffff888100342780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.656605] ffff888100342800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.657057] >ffff888100342880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.657381] ^ [ 12.657825] ffff888100342900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.658101] ffff888100342980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.658526] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.596951] ================================================================== [ 12.597695] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.597920] Read of size 1 at addr ffff888103910000 by task kunit_try_catch/171 [ 12.598142] [ 12.598229] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.598320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.598331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.598350] Call Trace: [ 12.598362] <TASK> [ 12.598376] dump_stack_lvl+0x73/0xb0 [ 12.598404] print_report+0xd1/0x610 [ 12.598427] ? __virt_addr_valid+0x1db/0x2d0 [ 12.598450] ? page_alloc_uaf+0x356/0x3d0 [ 12.598471] ? kasan_addr_to_slab+0x11/0xa0 [ 12.598491] ? page_alloc_uaf+0x356/0x3d0 [ 12.598513] kasan_report+0x141/0x180 [ 12.598535] ? page_alloc_uaf+0x356/0x3d0 [ 12.598616] __asan_report_load1_noabort+0x18/0x20 [ 12.598641] page_alloc_uaf+0x356/0x3d0 [ 12.599026] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.599066] ? __schedule+0x10cc/0x2b60 [ 12.599093] ? __pfx_read_tsc+0x10/0x10 [ 12.599115] ? ktime_get_ts64+0x86/0x230 [ 12.599140] kunit_try_run_case+0x1a5/0x480 [ 12.599166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.599189] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.599213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.599342] ? __kthread_parkme+0x82/0x180 [ 12.599365] ? preempt_count_sub+0x50/0x80 [ 12.599389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.599414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.599438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.599464] kthread+0x337/0x6f0 [ 12.599482] ? trace_preempt_on+0x20/0xc0 [ 12.599505] ? __pfx_kthread+0x10/0x10 [ 12.599525] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.599547] ? calculate_sigpending+0x7b/0xa0 [ 12.599583] ? __pfx_kthread+0x10/0x10 [ 12.599604] ret_from_fork+0x116/0x1d0 [ 12.599622] ? __pfx_kthread+0x10/0x10 [ 12.599642] ret_from_fork_asm+0x1a/0x30 [ 12.599674] </TASK> [ 12.599684] [ 12.613286] The buggy address belongs to the physical page: [ 12.613600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103910 [ 12.614048] flags: 0x200000000000000(node=0|zone=2) [ 12.614231] page_type: f0(buddy) [ 12.614357] raw: 0200000000000000 ffff88817fffb460 ffff88817fffb460 0000000000000000 [ 12.614623] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 12.615148] page dumped because: kasan: bad access detected [ 12.615571] [ 12.615683] Memory state around the buggy address: [ 12.615937] ffff88810390ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.616311] ffff88810390ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.616715] >ffff888103910000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.617018] ^ [ 12.617135] ffff888103910080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.617359] ffff888103910100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.617721] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.573862] ================================================================== [ 12.574305] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.574519] Free of addr ffff888102a40001 by task kunit_try_catch/167 [ 12.574735] [ 12.574821] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.574863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.574873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.574892] Call Trace: [ 12.574903] <TASK> [ 12.574918] dump_stack_lvl+0x73/0xb0 [ 12.574945] print_report+0xd1/0x610 [ 12.574967] ? __virt_addr_valid+0x1db/0x2d0 [ 12.574989] ? kasan_addr_to_slab+0x11/0xa0 [ 12.575007] ? kfree+0x274/0x3f0 [ 12.575027] kasan_report_invalid_free+0x10a/0x130 [ 12.575050] ? kfree+0x274/0x3f0 [ 12.575072] ? kfree+0x274/0x3f0 [ 12.575091] __kasan_kfree_large+0x86/0xd0 [ 12.575112] free_large_kmalloc+0x4b/0x110 [ 12.575135] kfree+0x274/0x3f0 [ 12.575158] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.575180] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.575202] ? __schedule+0x10cc/0x2b60 [ 12.575223] ? __pfx_read_tsc+0x10/0x10 [ 12.575243] ? ktime_get_ts64+0x86/0x230 [ 12.575266] kunit_try_run_case+0x1a5/0x480 [ 12.575289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.575310] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.575331] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.575353] ? __kthread_parkme+0x82/0x180 [ 12.575373] ? preempt_count_sub+0x50/0x80 [ 12.575395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.575417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.575440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.575462] kthread+0x337/0x6f0 [ 12.575480] ? trace_preempt_on+0x20/0xc0 [ 12.575503] ? __pfx_kthread+0x10/0x10 [ 12.575522] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.575542] ? calculate_sigpending+0x7b/0xa0 [ 12.575603] ? __pfx_kthread+0x10/0x10 [ 12.575625] ret_from_fork+0x116/0x1d0 [ 12.575643] ? __pfx_kthread+0x10/0x10 [ 12.575664] ret_from_fork_asm+0x1a/0x30 [ 12.575694] </TASK> [ 12.575704] [ 12.583729] The buggy address belongs to the physical page: [ 12.583982] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a40 [ 12.584447] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.584767] flags: 0x200000000000040(head|node=0|zone=2) [ 12.584984] page_type: f8(unknown) [ 12.585174] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.585648] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.585999] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.586409] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.586669] head: 0200000000000002 ffffea00040a9001 00000000ffffffff 00000000ffffffff [ 12.586898] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.587262] page dumped because: kasan: bad access detected [ 12.587508] [ 12.587609] Memory state around the buggy address: [ 12.587834] ffff888102a3ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.588156] ffff888102a3ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.588610] >ffff888102a40000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.588832] ^ [ 12.588950] ffff888102a40080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.589365] ffff888102a40100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.589743] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.544751] ================================================================== [ 12.545153] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.546131] Read of size 1 at addr ffff8881027cc000 by task kunit_try_catch/165 [ 12.546980] [ 12.547328] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.547377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.547389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.547409] Call Trace: [ 12.547423] <TASK> [ 12.547438] dump_stack_lvl+0x73/0xb0 [ 12.547471] print_report+0xd1/0x610 [ 12.547494] ? __virt_addr_valid+0x1db/0x2d0 [ 12.547518] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.547538] ? kasan_addr_to_slab+0x11/0xa0 [ 12.547608] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.547630] kasan_report+0x141/0x180 [ 12.547652] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.547678] __asan_report_load1_noabort+0x18/0x20 [ 12.547703] kmalloc_large_uaf+0x2f1/0x340 [ 12.547724] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.547747] ? __schedule+0x10cc/0x2b60 [ 12.547769] ? __pfx_read_tsc+0x10/0x10 [ 12.547789] ? ktime_get_ts64+0x86/0x230 [ 12.547813] kunit_try_run_case+0x1a5/0x480 [ 12.547838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.547861] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.547885] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.547909] ? __kthread_parkme+0x82/0x180 [ 12.547931] ? preempt_count_sub+0x50/0x80 [ 12.547954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.547978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.548003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.548028] kthread+0x337/0x6f0 [ 12.548053] ? trace_preempt_on+0x20/0xc0 [ 12.548076] ? __pfx_kthread+0x10/0x10 [ 12.548096] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.548118] ? calculate_sigpending+0x7b/0xa0 [ 12.548142] ? __pfx_kthread+0x10/0x10 [ 12.548163] ret_from_fork+0x116/0x1d0 [ 12.548181] ? __pfx_kthread+0x10/0x10 [ 12.548201] ret_from_fork_asm+0x1a/0x30 [ 12.548232] </TASK> [ 12.548242] [ 12.562757] The buggy address belongs to the physical page: [ 12.563405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027cc [ 12.564440] flags: 0x200000000000000(node=0|zone=2) [ 12.565121] raw: 0200000000000000 ffffea000409f408 ffff88815b039f80 0000000000000000 [ 12.565761] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.566569] page dumped because: kasan: bad access detected [ 12.566748] [ 12.566818] Memory state around the buggy address: [ 12.566968] ffff8881027cbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.567178] ffff8881027cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.568010] >ffff8881027cc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.568580] ^ [ 12.568704] ffff8881027cc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.568914] ffff8881027cc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.569122] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.512691] ================================================================== [ 12.513856] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.514111] Write of size 1 at addr ffff8881027ce00a by task kunit_try_catch/163 [ 12.514329] [ 12.514753] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.515008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.515026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.515048] Call Trace: [ 12.515061] <TASK> [ 12.515080] dump_stack_lvl+0x73/0xb0 [ 12.515115] print_report+0xd1/0x610 [ 12.515138] ? __virt_addr_valid+0x1db/0x2d0 [ 12.515163] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.515188] ? kasan_addr_to_slab+0x11/0xa0 [ 12.515209] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.515311] kasan_report+0x141/0x180 [ 12.515347] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.515374] __asan_report_store1_noabort+0x1b/0x30 [ 12.515418] kmalloc_large_oob_right+0x2e9/0x330 [ 12.515443] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.515467] ? __schedule+0x10cc/0x2b60 [ 12.515491] ? __pfx_read_tsc+0x10/0x10 [ 12.515512] ? ktime_get_ts64+0x86/0x230 [ 12.515538] kunit_try_run_case+0x1a5/0x480 [ 12.515576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.515599] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.515623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.515647] ? __kthread_parkme+0x82/0x180 [ 12.515668] ? preempt_count_sub+0x50/0x80 [ 12.515692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.515717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.515741] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.515767] kthread+0x337/0x6f0 [ 12.515786] ? trace_preempt_on+0x20/0xc0 [ 12.515809] ? __pfx_kthread+0x10/0x10 [ 12.515830] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.515851] ? calculate_sigpending+0x7b/0xa0 [ 12.515877] ? __pfx_kthread+0x10/0x10 [ 12.515898] ret_from_fork+0x116/0x1d0 [ 12.515917] ? __pfx_kthread+0x10/0x10 [ 12.515937] ret_from_fork_asm+0x1a/0x30 [ 12.515968] </TASK> [ 12.515979] [ 12.530800] The buggy address belongs to the physical page: [ 12.531257] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027cc [ 12.531520] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.531930] flags: 0x200000000000040(head|node=0|zone=2) [ 12.532705] page_type: f8(unknown) [ 12.533069] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.533433] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.534204] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.534906] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.535377] head: 0200000000000002 ffffea000409f301 00000000ffffffff 00000000ffffffff [ 12.535813] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.536048] page dumped because: kasan: bad access detected [ 12.536221] [ 12.536292] Memory state around the buggy address: [ 12.536845] ffff8881027cdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.537649] ffff8881027cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.538424] >ffff8881027ce000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.539144] ^ [ 12.539532] ffff8881027ce080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.540260] ffff8881027ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.541252] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.482867] ================================================================== [ 12.483413] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.483751] Write of size 1 at addr ffff888102b11f00 by task kunit_try_catch/161 [ 12.484068] [ 12.484165] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.484208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.484219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.484239] Call Trace: [ 12.484250] <TASK> [ 12.484265] dump_stack_lvl+0x73/0xb0 [ 12.484292] print_report+0xd1/0x610 [ 12.484313] ? __virt_addr_valid+0x1db/0x2d0 [ 12.484334] ? kmalloc_big_oob_right+0x316/0x370 [ 12.484355] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.484376] ? kmalloc_big_oob_right+0x316/0x370 [ 12.484398] kasan_report+0x141/0x180 [ 12.484418] ? kmalloc_big_oob_right+0x316/0x370 [ 12.484444] __asan_report_store1_noabort+0x1b/0x30 [ 12.484467] kmalloc_big_oob_right+0x316/0x370 [ 12.484536] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.484960] ? __schedule+0x10cc/0x2b60 [ 12.484988] ? __pfx_read_tsc+0x10/0x10 [ 12.485010] ? ktime_get_ts64+0x86/0x230 [ 12.485035] kunit_try_run_case+0x1a5/0x480 [ 12.485059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.485082] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.485105] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.485129] ? __kthread_parkme+0x82/0x180 [ 12.485149] ? preempt_count_sub+0x50/0x80 [ 12.485172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.485197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.485221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.485270] kthread+0x337/0x6f0 [ 12.485289] ? trace_preempt_on+0x20/0xc0 [ 12.485312] ? __pfx_kthread+0x10/0x10 [ 12.485333] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.485354] ? calculate_sigpending+0x7b/0xa0 [ 12.485378] ? __pfx_kthread+0x10/0x10 [ 12.485400] ret_from_fork+0x116/0x1d0 [ 12.485425] ? __pfx_kthread+0x10/0x10 [ 12.485445] ret_from_fork_asm+0x1a/0x30 [ 12.485476] </TASK> [ 12.485487] [ 12.496405] Allocated by task 161: [ 12.496784] kasan_save_stack+0x45/0x70 [ 12.497208] kasan_save_track+0x18/0x40 [ 12.497416] kasan_save_alloc_info+0x3b/0x50 [ 12.497762] __kasan_kmalloc+0xb7/0xc0 [ 12.497944] __kmalloc_cache_noprof+0x189/0x420 [ 12.498141] kmalloc_big_oob_right+0xa9/0x370 [ 12.498468] kunit_try_run_case+0x1a5/0x480 [ 12.498882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.499208] kthread+0x337/0x6f0 [ 12.499541] ret_from_fork+0x116/0x1d0 [ 12.499850] ret_from_fork_asm+0x1a/0x30 [ 12.499987] [ 12.500182] The buggy address belongs to the object at ffff888102b10000 [ 12.500182] which belongs to the cache kmalloc-8k of size 8192 [ 12.500890] The buggy address is located 0 bytes to the right of [ 12.500890] allocated 7936-byte region [ffff888102b10000, ffff888102b11f00) [ 12.501859] [ 12.501966] The buggy address belongs to the physical page: [ 12.502301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b10 [ 12.502848] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.503373] flags: 0x200000000000040(head|node=0|zone=2) [ 12.503748] page_type: f5(slab) [ 12.503970] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.504250] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.504847] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.505115] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.505660] head: 0200000000000003 ffffea00040ac401 00000000ffffffff 00000000ffffffff [ 12.506007] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.506436] page dumped because: kasan: bad access detected [ 12.506689] [ 12.506909] Memory state around the buggy address: [ 12.507113] ffff888102b11e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.507435] ffff888102b11e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.507991] >ffff888102b11f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.508407] ^ [ 12.508696] ffff888102b11f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.509048] ffff888102b12000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.509342] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.423152] ================================================================== [ 12.424045] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.424581] Write of size 1 at addr ffff8881025bde78 by task kunit_try_catch/159 [ 12.425057] [ 12.425174] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.425217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.425228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.425247] Call Trace: [ 12.425258] <TASK> [ 12.425297] dump_stack_lvl+0x73/0xb0 [ 12.425327] print_report+0xd1/0x610 [ 12.425349] ? __virt_addr_valid+0x1db/0x2d0 [ 12.425385] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.425422] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.425446] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.425472] kasan_report+0x141/0x180 [ 12.425493] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.425524] __asan_report_store1_noabort+0x1b/0x30 [ 12.425588] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.425615] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.425642] ? __schedule+0x10cc/0x2b60 [ 12.425665] ? __pfx_read_tsc+0x10/0x10 [ 12.425685] ? ktime_get_ts64+0x86/0x230 [ 12.425710] kunit_try_run_case+0x1a5/0x480 [ 12.425735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.425759] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.425781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.425805] ? __kthread_parkme+0x82/0x180 [ 12.425826] ? preempt_count_sub+0x50/0x80 [ 12.425849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.425874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.425898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.425923] kthread+0x337/0x6f0 [ 12.425942] ? trace_preempt_on+0x20/0xc0 [ 12.425965] ? __pfx_kthread+0x10/0x10 [ 12.425985] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.426006] ? calculate_sigpending+0x7b/0xa0 [ 12.426030] ? __pfx_kthread+0x10/0x10 [ 12.426051] ret_from_fork+0x116/0x1d0 [ 12.426069] ? __pfx_kthread+0x10/0x10 [ 12.426089] ret_from_fork_asm+0x1a/0x30 [ 12.426120] </TASK> [ 12.426130] [ 12.437172] Allocated by task 159: [ 12.437756] kasan_save_stack+0x45/0x70 [ 12.437968] kasan_save_track+0x18/0x40 [ 12.438107] kasan_save_alloc_info+0x3b/0x50 [ 12.438257] __kasan_kmalloc+0xb7/0xc0 [ 12.438389] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.438601] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.439107] kunit_try_run_case+0x1a5/0x480 [ 12.439580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.440209] kthread+0x337/0x6f0 [ 12.440646] ret_from_fork+0x116/0x1d0 [ 12.441014] ret_from_fork_asm+0x1a/0x30 [ 12.441399] [ 12.441650] The buggy address belongs to the object at ffff8881025bde00 [ 12.441650] which belongs to the cache kmalloc-128 of size 128 [ 12.442743] The buggy address is located 0 bytes to the right of [ 12.442743] allocated 120-byte region [ffff8881025bde00, ffff8881025bde78) [ 12.443123] [ 12.443195] The buggy address belongs to the physical page: [ 12.443697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025bd [ 12.444650] flags: 0x200000000000000(node=0|zone=2) [ 12.445175] page_type: f5(slab) [ 12.445569] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.446227] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.446954] page dumped because: kasan: bad access detected [ 12.447130] [ 12.447198] Memory state around the buggy address: [ 12.447570] ffff8881025bdd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.448212] ffff8881025bdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.448965] >ffff8881025bde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.449772] ^ [ 12.449998] ffff8881025bde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.450218] ffff8881025bdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.450927] ================================================================== [ 12.451993] ================================================================== [ 12.452741] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.453752] Write of size 1 at addr ffff8881025bdf78 by task kunit_try_catch/159 [ 12.454223] [ 12.454358] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.454426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.454437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.454456] Call Trace: [ 12.454468] <TASK> [ 12.454483] dump_stack_lvl+0x73/0xb0 [ 12.454509] print_report+0xd1/0x610 [ 12.454531] ? __virt_addr_valid+0x1db/0x2d0 [ 12.454565] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.454591] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.454614] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.454660] kasan_report+0x141/0x180 [ 12.454682] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.454712] __asan_report_store1_noabort+0x1b/0x30 [ 12.454738] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.454763] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.454791] ? __schedule+0x10cc/0x2b60 [ 12.454812] ? __pfx_read_tsc+0x10/0x10 [ 12.454832] ? ktime_get_ts64+0x86/0x230 [ 12.454856] kunit_try_run_case+0x1a5/0x480 [ 12.454880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.454903] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.454926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.454949] ? __kthread_parkme+0x82/0x180 [ 12.454969] ? preempt_count_sub+0x50/0x80 [ 12.454992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.455016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.455040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.455065] kthread+0x337/0x6f0 [ 12.455084] ? trace_preempt_on+0x20/0xc0 [ 12.455107] ? __pfx_kthread+0x10/0x10 [ 12.455128] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.455149] ? calculate_sigpending+0x7b/0xa0 [ 12.455172] ? __pfx_kthread+0x10/0x10 [ 12.455194] ret_from_fork+0x116/0x1d0 [ 12.455212] ? __pfx_kthread+0x10/0x10 [ 12.455232] ret_from_fork_asm+0x1a/0x30 [ 12.455273] </TASK> [ 12.455282] [ 12.468464] Allocated by task 159: [ 12.468875] kasan_save_stack+0x45/0x70 [ 12.469240] kasan_save_track+0x18/0x40 [ 12.469724] kasan_save_alloc_info+0x3b/0x50 [ 12.470147] __kasan_kmalloc+0xb7/0xc0 [ 12.470493] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.470690] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.470859] kunit_try_run_case+0x1a5/0x480 [ 12.471000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.471170] kthread+0x337/0x6f0 [ 12.471306] ret_from_fork+0x116/0x1d0 [ 12.471440] ret_from_fork_asm+0x1a/0x30 [ 12.471792] [ 12.471898] The buggy address belongs to the object at ffff8881025bdf00 [ 12.471898] which belongs to the cache kmalloc-128 of size 128 [ 12.472678] The buggy address is located 0 bytes to the right of [ 12.472678] allocated 120-byte region [ffff8881025bdf00, ffff8881025bdf78) [ 12.473159] [ 12.473365] The buggy address belongs to the physical page: [ 12.473598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025bd [ 12.473958] flags: 0x200000000000000(node=0|zone=2) [ 12.474255] page_type: f5(slab) [ 12.474457] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.474820] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.475165] page dumped because: kasan: bad access detected [ 12.475462] [ 12.475546] Memory state around the buggy address: [ 12.475711] ffff8881025bde00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.476048] ffff8881025bde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.476367] >ffff8881025bdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.476728] ^ [ 12.477122] ffff8881025bdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.477658] ffff8881025be000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.477994] ==================================================================
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 106.791078] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI