Date
July 13, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 15.511277] ================================================================== [ 15.511854] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 15.513293] Write of size 1 at addr fff00000c45b6f73 by task kunit_try_catch/137 [ 15.513510] [ 15.516069] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 15.516248] Tainted: [N]=TEST [ 15.516282] Hardware name: linux,dummy-virt (DT) [ 15.516734] Call trace: [ 15.516912] show_stack+0x20/0x38 (C) [ 15.517046] dump_stack_lvl+0x8c/0xd0 [ 15.517107] print_report+0x118/0x5d0 [ 15.517155] kasan_report+0xdc/0x128 [ 15.517215] __asan_report_store1_noabort+0x20/0x30 [ 15.517267] kmalloc_oob_right+0x5a4/0x660 [ 15.517312] kunit_try_run_case+0x170/0x3f0 [ 15.517363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.517414] kthread+0x328/0x630 [ 15.517457] ret_from_fork+0x10/0x20 [ 15.517611] [ 15.517647] Allocated by task 137: [ 15.517774] kasan_save_stack+0x3c/0x68 [ 15.517842] kasan_save_track+0x20/0x40 [ 15.517879] kasan_save_alloc_info+0x40/0x58 [ 15.517917] __kasan_kmalloc+0xd4/0xd8 [ 15.517952] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.517992] kmalloc_oob_right+0xb0/0x660 [ 15.518027] kunit_try_run_case+0x170/0x3f0 [ 15.518064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.518106] kthread+0x328/0x630 [ 15.518138] ret_from_fork+0x10/0x20 [ 15.518190] [ 15.518266] The buggy address belongs to the object at fff00000c45b6f00 [ 15.518266] which belongs to the cache kmalloc-128 of size 128 [ 15.518359] The buggy address is located 0 bytes to the right of [ 15.518359] allocated 115-byte region [fff00000c45b6f00, fff00000c45b6f73) [ 15.518426] [ 15.518504] The buggy address belongs to the physical page: [ 15.518694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045b6 [ 15.518961] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.519255] page_type: f5(slab) [ 15.519556] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.519619] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.519722] page dumped because: kasan: bad access detected [ 15.519762] [ 15.519787] Memory state around the buggy address: [ 15.519999] fff00000c45b6e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.520062] fff00000c45b6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.520115] >fff00000c45b6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.520306] ^ [ 15.520401] fff00000c45b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.520444] fff00000c45b7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.520508] ================================================================== [ 15.522247] ================================================================== [ 15.522301] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 15.522350] Write of size 1 at addr fff00000c45b6f78 by task kunit_try_catch/137 [ 15.522399] [ 15.522430] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.522517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.522543] Hardware name: linux,dummy-virt (DT) [ 15.522573] Call trace: [ 15.522598] show_stack+0x20/0x38 (C) [ 15.522645] dump_stack_lvl+0x8c/0xd0 [ 15.522699] print_report+0x118/0x5d0 [ 15.522744] kasan_report+0xdc/0x128 [ 15.522787] __asan_report_store1_noabort+0x20/0x30 [ 15.522845] kmalloc_oob_right+0x538/0x660 [ 15.522890] kunit_try_run_case+0x170/0x3f0 [ 15.522937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.522988] kthread+0x328/0x630 [ 15.523037] ret_from_fork+0x10/0x20 [ 15.523083] [ 15.523109] Allocated by task 137: [ 15.523142] kasan_save_stack+0x3c/0x68 [ 15.523182] kasan_save_track+0x20/0x40 [ 15.523779] kasan_save_alloc_info+0x40/0x58 [ 15.523871] __kasan_kmalloc+0xd4/0xd8 [ 15.523916] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.523973] kmalloc_oob_right+0xb0/0x660 [ 15.524009] kunit_try_run_case+0x170/0x3f0 [ 15.524045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.524087] kthread+0x328/0x630 [ 15.524117] ret_from_fork+0x10/0x20 [ 15.524162] [ 15.524183] The buggy address belongs to the object at fff00000c45b6f00 [ 15.524183] which belongs to the cache kmalloc-128 of size 128 [ 15.524365] The buggy address is located 5 bytes to the right of [ 15.524365] allocated 115-byte region [fff00000c45b6f00, fff00000c45b6f73) [ 15.524435] [ 15.524454] The buggy address belongs to the physical page: [ 15.524482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045b6 [ 15.524535] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.524580] page_type: f5(slab) [ 15.524617] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.524665] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.524705] page dumped because: kasan: bad access detected [ 15.524734] [ 15.524751] Memory state around the buggy address: [ 15.524780] fff00000c45b6e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.524822] fff00000c45b6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.524863] >fff00000c45b6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.524956] ^ [ 15.525030] fff00000c45b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.525122] fff00000c45b7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.525289] ================================================================== [ 15.526068] ================================================================== [ 15.526121] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 15.526166] Read of size 1 at addr fff00000c45b6f80 by task kunit_try_catch/137 [ 15.526253] [ 15.526301] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.526380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.526406] Hardware name: linux,dummy-virt (DT) [ 15.526435] Call trace: [ 15.526455] show_stack+0x20/0x38 (C) [ 15.526500] dump_stack_lvl+0x8c/0xd0 [ 15.526671] print_report+0x118/0x5d0 [ 15.526748] kasan_report+0xdc/0x128 [ 15.526814] __asan_report_load1_noabort+0x20/0x30 [ 15.526866] kmalloc_oob_right+0x5d0/0x660 [ 15.526910] kunit_try_run_case+0x170/0x3f0 [ 15.526955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.527020] kthread+0x328/0x630 [ 15.527099] ret_from_fork+0x10/0x20 [ 15.527148] [ 15.527165] Allocated by task 137: [ 15.527191] kasan_save_stack+0x3c/0x68 [ 15.527240] kasan_save_track+0x20/0x40 [ 15.527391] kasan_save_alloc_info+0x40/0x58 [ 15.527475] __kasan_kmalloc+0xd4/0xd8 [ 15.527511] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.527577] kmalloc_oob_right+0xb0/0x660 [ 15.527620] kunit_try_run_case+0x170/0x3f0 [ 15.527681] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.527723] kthread+0x328/0x630 [ 15.527782] ret_from_fork+0x10/0x20 [ 15.527847] [ 15.527877] The buggy address belongs to the object at fff00000c45b6f00 [ 15.527877] which belongs to the cache kmalloc-128 of size 128 [ 15.527962] The buggy address is located 13 bytes to the right of [ 15.527962] allocated 115-byte region [fff00000c45b6f00, fff00000c45b6f73) [ 15.528041] [ 15.528060] The buggy address belongs to the physical page: [ 15.528088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045b6 [ 15.528266] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.528397] page_type: f5(slab) [ 15.528456] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.528576] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.528655] page dumped because: kasan: bad access detected [ 15.528742] [ 15.528769] Memory state around the buggy address: [ 15.528800] fff00000c45b6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.528848] fff00000c45b6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.528890] >fff00000c45b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.528926] ^ [ 15.528952] fff00000c45b7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.528992] fff00000c45b7080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 15.529030] ==================================================================
[ 16.335304] ================================================================== [ 16.335662] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.336487] Write of size 1 at addr fff00000c46ffd73 by task kunit_try_catch/137 [ 16.336593] [ 16.337377] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 16.337521] Tainted: [N]=TEST [ 16.337554] Hardware name: linux,dummy-virt (DT) [ 16.337771] Call trace: [ 16.337936] show_stack+0x20/0x38 (C) [ 16.338077] dump_stack_lvl+0x8c/0xd0 [ 16.338138] print_report+0x118/0x5d0 [ 16.338198] kasan_report+0xdc/0x128 [ 16.338243] __asan_report_store1_noabort+0x20/0x30 [ 16.338295] kmalloc_oob_right+0x5a4/0x660 [ 16.338340] kunit_try_run_case+0x170/0x3f0 [ 16.338390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.338443] kthread+0x328/0x630 [ 16.338486] ret_from_fork+0x10/0x20 [ 16.338639] [ 16.338676] Allocated by task 137: [ 16.338811] kasan_save_stack+0x3c/0x68 [ 16.338879] kasan_save_track+0x20/0x40 [ 16.338916] kasan_save_alloc_info+0x40/0x58 [ 16.338955] __kasan_kmalloc+0xd4/0xd8 [ 16.338991] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.339031] kmalloc_oob_right+0xb0/0x660 [ 16.339066] kunit_try_run_case+0x170/0x3f0 [ 16.339103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.339146] kthread+0x328/0x630 [ 16.339177] ret_from_fork+0x10/0x20 [ 16.339243] [ 16.339303] The buggy address belongs to the object at fff00000c46ffd00 [ 16.339303] which belongs to the cache kmalloc-128 of size 128 [ 16.339415] The buggy address is located 0 bytes to the right of [ 16.339415] allocated 115-byte region [fff00000c46ffd00, fff00000c46ffd73) [ 16.339484] [ 16.339579] The buggy address belongs to the physical page: [ 16.339781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046ff [ 16.340052] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.340354] page_type: f5(slab) [ 16.340651] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.340715] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.340820] page dumped because: kasan: bad access detected [ 16.340860] [ 16.340885] Memory state around the buggy address: [ 16.341103] fff00000c46ffc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.341167] fff00000c46ffc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341236] >fff00000c46ffd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.341291] ^ [ 16.341376] fff00000c46ffd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341418] fff00000c46ffe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341478] ================================================================== [ 16.345890] ================================================================== [ 16.345935] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.345979] Read of size 1 at addr fff00000c46ffd80 by task kunit_try_catch/137 [ 16.346036] [ 16.346064] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.346142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.346168] Hardware name: linux,dummy-virt (DT) [ 16.346211] Call trace: [ 16.346231] show_stack+0x20/0x38 (C) [ 16.346276] dump_stack_lvl+0x8c/0xd0 [ 16.346320] print_report+0x118/0x5d0 [ 16.346365] kasan_report+0xdc/0x128 [ 16.346409] __asan_report_load1_noabort+0x20/0x30 [ 16.346459] kmalloc_oob_right+0x5d0/0x660 [ 16.346503] kunit_try_run_case+0x170/0x3f0 [ 16.346549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.346739] kthread+0x328/0x630 [ 16.346956] ret_from_fork+0x10/0x20 [ 16.347003] [ 16.347026] Allocated by task 137: [ 16.347128] kasan_save_stack+0x3c/0x68 [ 16.347219] kasan_save_track+0x20/0x40 [ 16.348344] kasan_save_alloc_info+0x40/0x58 [ 16.348628] __kasan_kmalloc+0xd4/0xd8 [ 16.348685] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.348724] kmalloc_oob_right+0xb0/0x660 [ 16.348766] kunit_try_run_case+0x170/0x3f0 [ 16.348803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.348846] kthread+0x328/0x630 [ 16.348876] ret_from_fork+0x10/0x20 [ 16.349007] [ 16.349027] The buggy address belongs to the object at fff00000c46ffd00 [ 16.349027] which belongs to the cache kmalloc-128 of size 128 [ 16.349125] The buggy address is located 13 bytes to the right of [ 16.349125] allocated 115-byte region [fff00000c46ffd00, fff00000c46ffd73) [ 16.349604] [ 16.349634] The buggy address belongs to the physical page: [ 16.349768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046ff [ 16.350266] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.350534] page_type: f5(slab) [ 16.350644] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.350695] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.350736] page dumped because: kasan: bad access detected [ 16.350766] [ 16.350783] Memory state around the buggy address: [ 16.350813] fff00000c46ffc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.351464] fff00000c46ffd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.351507] >fff00000c46ffd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.351573] ^ [ 16.351601] fff00000c46ffe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.351646] fff00000c46ffe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.351841] ================================================================== [ 16.342359] ================================================================== [ 16.342398] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.342442] Write of size 1 at addr fff00000c46ffd78 by task kunit_try_catch/137 [ 16.342492] [ 16.342521] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.342600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.343242] Hardware name: linux,dummy-virt (DT) [ 16.343275] Call trace: [ 16.343295] show_stack+0x20/0x38 (C) [ 16.343342] dump_stack_lvl+0x8c/0xd0 [ 16.343386] print_report+0x118/0x5d0 [ 16.343430] kasan_report+0xdc/0x128 [ 16.343474] __asan_report_store1_noabort+0x20/0x30 [ 16.343940] kmalloc_oob_right+0x538/0x660 [ 16.343987] kunit_try_run_case+0x170/0x3f0 [ 16.344034] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.344086] kthread+0x328/0x630 [ 16.344126] ret_from_fork+0x10/0x20 [ 16.344172] [ 16.344202] Allocated by task 137: [ 16.344229] kasan_save_stack+0x3c/0x68 [ 16.344268] kasan_save_track+0x20/0x40 [ 16.344304] kasan_save_alloc_info+0x40/0x58 [ 16.344342] __kasan_kmalloc+0xd4/0xd8 [ 16.344377] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.344415] kmalloc_oob_right+0xb0/0x660 [ 16.344449] kunit_try_run_case+0x170/0x3f0 [ 16.344485] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.344528] kthread+0x328/0x630 [ 16.344559] ret_from_fork+0x10/0x20 [ 16.344593] [ 16.344611] The buggy address belongs to the object at fff00000c46ffd00 [ 16.344611] which belongs to the cache kmalloc-128 of size 128 [ 16.344667] The buggy address is located 5 bytes to the right of [ 16.344667] allocated 115-byte region [fff00000c46ffd00, fff00000c46ffd73) [ 16.344730] [ 16.344748] The buggy address belongs to the physical page: [ 16.344777] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046ff [ 16.344828] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.344874] page_type: f5(slab) [ 16.344910] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.344959] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.344998] page dumped because: kasan: bad access detected [ 16.345028] [ 16.345045] Memory state around the buggy address: [ 16.345075] fff00000c46ffc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.345117] fff00000c46ffc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.345157] >fff00000c46ffd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.345203] ^ [ 16.345243] fff00000c46ffd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.345286] fff00000c46ffe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.345323] ==================================================================
[ 11.784926] ================================================================== [ 11.785721] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.786628] Write of size 1 at addr ffff888103427c73 by task kunit_try_catch/153 [ 11.787274] [ 11.788350] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.788707] Tainted: [N]=TEST [ 11.788738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.788948] Call Trace: [ 11.789014] <TASK> [ 11.789158] dump_stack_lvl+0x73/0xb0 [ 11.789248] print_report+0xd1/0x610 [ 11.789278] ? __virt_addr_valid+0x1db/0x2d0 [ 11.789303] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.789325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.789348] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.789370] kasan_report+0x141/0x180 [ 11.789392] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.789431] __asan_report_store1_noabort+0x1b/0x30 [ 11.789469] kmalloc_oob_right+0x6f0/0x7f0 [ 11.789492] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.789515] ? __schedule+0x10cc/0x2b60 [ 11.789538] ? __pfx_read_tsc+0x10/0x10 [ 11.789561] ? ktime_get_ts64+0x86/0x230 [ 11.789587] kunit_try_run_case+0x1a5/0x480 [ 11.789615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.789638] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.789663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.789687] ? __kthread_parkme+0x82/0x180 [ 11.789709] ? preempt_count_sub+0x50/0x80 [ 11.789734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.789758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.789783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.789808] kthread+0x337/0x6f0 [ 11.789827] ? trace_preempt_on+0x20/0xc0 [ 11.789851] ? __pfx_kthread+0x10/0x10 [ 11.789872] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.789893] ? calculate_sigpending+0x7b/0xa0 [ 11.789919] ? __pfx_kthread+0x10/0x10 [ 11.789940] ret_from_fork+0x116/0x1d0 [ 11.789959] ? __pfx_kthread+0x10/0x10 [ 11.789980] ret_from_fork_asm+0x1a/0x30 [ 11.790035] </TASK> [ 11.790099] [ 11.804047] Allocated by task 153: [ 11.804328] kasan_save_stack+0x45/0x70 [ 11.804987] kasan_save_track+0x18/0x40 [ 11.805496] kasan_save_alloc_info+0x3b/0x50 [ 11.805978] __kasan_kmalloc+0xb7/0xc0 [ 11.806403] __kmalloc_cache_noprof+0x189/0x420 [ 11.806977] kmalloc_oob_right+0xa9/0x7f0 [ 11.807462] kunit_try_run_case+0x1a5/0x480 [ 11.807939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.808186] kthread+0x337/0x6f0 [ 11.808314] ret_from_fork+0x116/0x1d0 [ 11.808549] ret_from_fork_asm+0x1a/0x30 [ 11.809201] [ 11.809463] The buggy address belongs to the object at ffff888103427c00 [ 11.809463] which belongs to the cache kmalloc-128 of size 128 [ 11.810796] The buggy address is located 0 bytes to the right of [ 11.810796] allocated 115-byte region [ffff888103427c00, ffff888103427c73) [ 11.811405] [ 11.811573] The buggy address belongs to the physical page: [ 11.811924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103427 [ 11.812410] flags: 0x200000000000000(node=0|zone=2) [ 11.812981] page_type: f5(slab) [ 11.813491] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.813949] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.814706] page dumped because: kasan: bad access detected [ 11.815189] [ 11.815353] Memory state around the buggy address: [ 11.816052] ffff888103427b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.816735] ffff888103427b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.817442] >ffff888103427c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.818115] ^ [ 11.818808] ffff888103427c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.819080] ffff888103427d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.819324] ================================================================== [ 11.821119] ================================================================== [ 11.821847] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.822463] Write of size 1 at addr ffff888103427c78 by task kunit_try_catch/153 [ 11.823108] [ 11.823295] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.823338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.823349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.823371] Call Trace: [ 11.823387] <TASK> [ 11.823403] dump_stack_lvl+0x73/0xb0 [ 11.823432] print_report+0xd1/0x610 [ 11.823465] ? __virt_addr_valid+0x1db/0x2d0 [ 11.823488] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.823509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.823533] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.823555] kasan_report+0x141/0x180 [ 11.823576] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.823602] __asan_report_store1_noabort+0x1b/0x30 [ 11.823627] kmalloc_oob_right+0x6bd/0x7f0 [ 11.823650] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.823673] ? __schedule+0x10cc/0x2b60 [ 11.823696] ? __pfx_read_tsc+0x10/0x10 [ 11.823717] ? ktime_get_ts64+0x86/0x230 [ 11.823741] kunit_try_run_case+0x1a5/0x480 [ 11.823766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.823789] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.823813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.823837] ? __kthread_parkme+0x82/0x180 [ 11.823858] ? preempt_count_sub+0x50/0x80 [ 11.823884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.823908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.823933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.823959] kthread+0x337/0x6f0 [ 11.823977] ? trace_preempt_on+0x20/0xc0 [ 11.824000] ? __pfx_kthread+0x10/0x10 [ 11.824020] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.824042] ? calculate_sigpending+0x7b/0xa0 [ 11.824067] ? __pfx_kthread+0x10/0x10 [ 11.824088] ret_from_fork+0x116/0x1d0 [ 11.824106] ? __pfx_kthread+0x10/0x10 [ 11.824126] ret_from_fork_asm+0x1a/0x30 [ 11.824157] </TASK> [ 11.824167] [ 11.830754] Allocated by task 153: [ 11.830881] kasan_save_stack+0x45/0x70 [ 11.831054] kasan_save_track+0x18/0x40 [ 11.831241] kasan_save_alloc_info+0x3b/0x50 [ 11.831457] __kasan_kmalloc+0xb7/0xc0 [ 11.831641] __kmalloc_cache_noprof+0x189/0x420 [ 11.832017] kmalloc_oob_right+0xa9/0x7f0 [ 11.832156] kunit_try_run_case+0x1a5/0x480 [ 11.832307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.832494] kthread+0x337/0x6f0 [ 11.832785] ret_from_fork+0x116/0x1d0 [ 11.832958] ret_from_fork_asm+0x1a/0x30 [ 11.833108] [ 11.833202] The buggy address belongs to the object at ffff888103427c00 [ 11.833202] which belongs to the cache kmalloc-128 of size 128 [ 11.833721] The buggy address is located 5 bytes to the right of [ 11.833721] allocated 115-byte region [ffff888103427c00, ffff888103427c73) [ 11.834213] [ 11.834305] The buggy address belongs to the physical page: [ 11.834601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103427 [ 11.834870] flags: 0x200000000000000(node=0|zone=2) [ 11.836910] page_type: f5(slab) [ 11.837094] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.838506] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.839027] page dumped because: kasan: bad access detected [ 11.839203] [ 11.839275] Memory state around the buggy address: [ 11.839440] ffff888103427b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.839665] ffff888103427b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.839879] >ffff888103427c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.840089] ^ [ 11.840309] ffff888103427c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.841731] ffff888103427d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.842920] ================================================================== [ 11.844841] ================================================================== [ 11.845611] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.845960] Read of size 1 at addr ffff888103427c80 by task kunit_try_catch/153 [ 11.846282] [ 11.846395] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.846463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.846509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.846533] Call Trace: [ 11.846546] <TASK> [ 11.846587] dump_stack_lvl+0x73/0xb0 [ 11.846618] print_report+0xd1/0x610 [ 11.846641] ? __virt_addr_valid+0x1db/0x2d0 [ 11.846665] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.846686] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.846709] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.846731] kasan_report+0x141/0x180 [ 11.846752] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.846778] __asan_report_load1_noabort+0x18/0x20 [ 11.846835] kmalloc_oob_right+0x68a/0x7f0 [ 11.846858] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.846881] ? __schedule+0x10cc/0x2b60 [ 11.846903] ? __pfx_read_tsc+0x10/0x10 [ 11.846924] ? ktime_get_ts64+0x86/0x230 [ 11.846950] kunit_try_run_case+0x1a5/0x480 [ 11.847007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.847030] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.847054] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.847077] ? __kthread_parkme+0x82/0x180 [ 11.847099] ? preempt_count_sub+0x50/0x80 [ 11.847123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.847147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.847172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.847197] kthread+0x337/0x6f0 [ 11.847215] ? trace_preempt_on+0x20/0xc0 [ 11.847239] ? __pfx_kthread+0x10/0x10 [ 11.847259] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.847280] ? calculate_sigpending+0x7b/0xa0 [ 11.847305] ? __pfx_kthread+0x10/0x10 [ 11.847326] ret_from_fork+0x116/0x1d0 [ 11.847344] ? __pfx_kthread+0x10/0x10 [ 11.847364] ret_from_fork_asm+0x1a/0x30 [ 11.847395] </TASK> [ 11.847420] [ 11.855048] Allocated by task 153: [ 11.855182] kasan_save_stack+0x45/0x70 [ 11.855381] kasan_save_track+0x18/0x40 [ 11.855636] kasan_save_alloc_info+0x3b/0x50 [ 11.855851] __kasan_kmalloc+0xb7/0xc0 [ 11.856067] __kmalloc_cache_noprof+0x189/0x420 [ 11.856305] kmalloc_oob_right+0xa9/0x7f0 [ 11.856533] kunit_try_run_case+0x1a5/0x480 [ 11.856762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.857031] kthread+0x337/0x6f0 [ 11.857164] ret_from_fork+0x116/0x1d0 [ 11.857375] ret_from_fork_asm+0x1a/0x30 [ 11.857589] [ 11.857723] The buggy address belongs to the object at ffff888103427c00 [ 11.857723] which belongs to the cache kmalloc-128 of size 128 [ 11.858254] The buggy address is located 13 bytes to the right of [ 11.858254] allocated 115-byte region [ffff888103427c00, ffff888103427c73) [ 11.858832] [ 11.858913] The buggy address belongs to the physical page: [ 11.859085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103427 [ 11.859325] flags: 0x200000000000000(node=0|zone=2) [ 11.859793] page_type: f5(slab) [ 11.859959] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.860298] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.860885] page dumped because: kasan: bad access detected [ 11.861135] [ 11.861203] Memory state around the buggy address: [ 11.861356] ffff888103427b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.861580] ffff888103427c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.861931] >ffff888103427c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.862304] ^ [ 11.862592] ffff888103427d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.862997] ffff888103427d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.863277] ==================================================================
[ 12.066958] ================================================================== [ 12.067327] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.067623] Read of size 1 at addr ffff888102b2e480 by task kunit_try_catch/154 [ 12.068329] [ 12.068450] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.068492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.068503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.068521] Call Trace: [ 12.068537] <TASK> [ 12.068551] dump_stack_lvl+0x73/0xb0 [ 12.068580] print_report+0xd1/0x610 [ 12.068602] ? __virt_addr_valid+0x1db/0x2d0 [ 12.068625] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.068789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.068816] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.068856] kasan_report+0x141/0x180 [ 12.068878] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.068904] __asan_report_load1_noabort+0x18/0x20 [ 12.068930] kmalloc_oob_right+0x68a/0x7f0 [ 12.068952] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.068975] ? __schedule+0x10cc/0x2b60 [ 12.068997] ? __pfx_read_tsc+0x10/0x10 [ 12.069020] ? ktime_get_ts64+0x86/0x230 [ 12.069045] kunit_try_run_case+0x1a5/0x480 [ 12.069082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.069105] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.069138] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.069162] ? __kthread_parkme+0x82/0x180 [ 12.069182] ? preempt_count_sub+0x50/0x80 [ 12.069205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.069230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.069254] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.069280] kthread+0x337/0x6f0 [ 12.069299] ? trace_preempt_on+0x20/0xc0 [ 12.069322] ? __pfx_kthread+0x10/0x10 [ 12.069342] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.069364] ? calculate_sigpending+0x7b/0xa0 [ 12.069388] ? __pfx_kthread+0x10/0x10 [ 12.069409] ret_from_fork+0x116/0x1d0 [ 12.069427] ? __pfx_kthread+0x10/0x10 [ 12.069447] ret_from_fork_asm+0x1a/0x30 [ 12.069477] </TASK> [ 12.069487] [ 12.079178] Allocated by task 154: [ 12.079454] kasan_save_stack+0x45/0x70 [ 12.079811] kasan_save_track+0x18/0x40 [ 12.080015] kasan_save_alloc_info+0x3b/0x50 [ 12.080276] __kasan_kmalloc+0xb7/0xc0 [ 12.080631] __kmalloc_cache_noprof+0x189/0x420 [ 12.080826] kmalloc_oob_right+0xa9/0x7f0 [ 12.081028] kunit_try_run_case+0x1a5/0x480 [ 12.081341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.081566] kthread+0x337/0x6f0 [ 12.081735] ret_from_fork+0x116/0x1d0 [ 12.082211] ret_from_fork_asm+0x1a/0x30 [ 12.082407] [ 12.082597] The buggy address belongs to the object at ffff888102b2e400 [ 12.082597] which belongs to the cache kmalloc-128 of size 128 [ 12.083272] The buggy address is located 13 bytes to the right of [ 12.083272] allocated 115-byte region [ffff888102b2e400, ffff888102b2e473) [ 12.083925] [ 12.084008] The buggy address belongs to the physical page: [ 12.084303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2e [ 12.084875] flags: 0x200000000000000(node=0|zone=2) [ 12.085167] page_type: f5(slab) [ 12.085353] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.085844] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.086241] page dumped because: kasan: bad access detected [ 12.086464] [ 12.086559] Memory state around the buggy address: [ 12.086743] ffff888102b2e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.087348] ffff888102b2e400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.087629] >ffff888102b2e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.088176] ^ [ 12.088372] ffff888102b2e500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.088888] ffff888102b2e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.089171] ================================================================== [ 12.038484] ================================================================== [ 12.039445] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.040093] Write of size 1 at addr ffff888102b2e478 by task kunit_try_catch/154 [ 12.040422] [ 12.040508] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.040550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.040562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.040583] Call Trace: [ 12.040594] <TASK> [ 12.040608] dump_stack_lvl+0x73/0xb0 [ 12.040635] print_report+0xd1/0x610 [ 12.040657] ? __virt_addr_valid+0x1db/0x2d0 [ 12.040680] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.040703] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.040728] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.040751] kasan_report+0x141/0x180 [ 12.040772] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.040798] __asan_report_store1_noabort+0x1b/0x30 [ 12.040961] kmalloc_oob_right+0x6bd/0x7f0 [ 12.040985] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.041008] ? __schedule+0x10cc/0x2b60 [ 12.041029] ? __pfx_read_tsc+0x10/0x10 [ 12.041062] ? ktime_get_ts64+0x86/0x230 [ 12.041106] kunit_try_run_case+0x1a5/0x480 [ 12.041140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.041163] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.041186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.041210] ? __kthread_parkme+0x82/0x180 [ 12.041231] ? preempt_count_sub+0x50/0x80 [ 12.041255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.041279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.041330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.041356] kthread+0x337/0x6f0 [ 12.041374] ? trace_preempt_on+0x20/0xc0 [ 12.041397] ? __pfx_kthread+0x10/0x10 [ 12.041417] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.041439] ? calculate_sigpending+0x7b/0xa0 [ 12.041463] ? __pfx_kthread+0x10/0x10 [ 12.041484] ret_from_fork+0x116/0x1d0 [ 12.041502] ? __pfx_kthread+0x10/0x10 [ 12.041522] ret_from_fork_asm+0x1a/0x30 [ 12.041552] </TASK> [ 12.041562] [ 12.056814] Allocated by task 154: [ 12.056955] kasan_save_stack+0x45/0x70 [ 12.057142] kasan_save_track+0x18/0x40 [ 12.057309] kasan_save_alloc_info+0x3b/0x50 [ 12.057475] __kasan_kmalloc+0xb7/0xc0 [ 12.057662] __kmalloc_cache_noprof+0x189/0x420 [ 12.057947] kmalloc_oob_right+0xa9/0x7f0 [ 12.058207] kunit_try_run_case+0x1a5/0x480 [ 12.058356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.058592] kthread+0x337/0x6f0 [ 12.058762] ret_from_fork+0x116/0x1d0 [ 12.058995] ret_from_fork_asm+0x1a/0x30 [ 12.059183] [ 12.059256] The buggy address belongs to the object at ffff888102b2e400 [ 12.059256] which belongs to the cache kmalloc-128 of size 128 [ 12.059878] The buggy address is located 5 bytes to the right of [ 12.059878] allocated 115-byte region [ffff888102b2e400, ffff888102b2e473) [ 12.060458] [ 12.060535] The buggy address belongs to the physical page: [ 12.060751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2e [ 12.061364] flags: 0x200000000000000(node=0|zone=2) [ 12.061531] page_type: f5(slab) [ 12.061652] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.062040] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.062559] page dumped because: kasan: bad access detected [ 12.062806] [ 12.062904] Memory state around the buggy address: [ 12.063303] ffff888102b2e300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.063764] ffff888102b2e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.064181] >ffff888102b2e400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.064453] ^ [ 12.065030] ffff888102b2e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.065626] ffff888102b2e500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.066266] ================================================================== [ 12.003144] ================================================================== [ 12.003732] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.004975] Write of size 1 at addr ffff888102b2e473 by task kunit_try_catch/154 [ 12.005803] [ 12.006915] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.007293] Tainted: [N]=TEST [ 12.007327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.007540] Call Trace: [ 12.007605] <TASK> [ 12.007769] dump_stack_lvl+0x73/0xb0 [ 12.007858] print_report+0xd1/0x610 [ 12.007887] ? __virt_addr_valid+0x1db/0x2d0 [ 12.007913] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.007934] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.007958] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.007980] kasan_report+0x141/0x180 [ 12.008001] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.008028] __asan_report_store1_noabort+0x1b/0x30 [ 12.008066] kmalloc_oob_right+0x6f0/0x7f0 [ 12.008089] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.008131] ? __schedule+0x10cc/0x2b60 [ 12.008154] ? __pfx_read_tsc+0x10/0x10 [ 12.008179] ? ktime_get_ts64+0x86/0x230 [ 12.008206] kunit_try_run_case+0x1a5/0x480 [ 12.008233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.008257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.008282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.008306] ? __kthread_parkme+0x82/0x180 [ 12.008328] ? preempt_count_sub+0x50/0x80 [ 12.008353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.008378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.008403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.008428] kthread+0x337/0x6f0 [ 12.008447] ? trace_preempt_on+0x20/0xc0 [ 12.008472] ? __pfx_kthread+0x10/0x10 [ 12.008492] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.008514] ? calculate_sigpending+0x7b/0xa0 [ 12.008539] ? __pfx_kthread+0x10/0x10 [ 12.008561] ret_from_fork+0x116/0x1d0 [ 12.008580] ? __pfx_kthread+0x10/0x10 [ 12.008600] ret_from_fork_asm+0x1a/0x30 [ 12.008689] </TASK> [ 12.008754] [ 12.021130] Allocated by task 154: [ 12.021574] kasan_save_stack+0x45/0x70 [ 12.022041] kasan_save_track+0x18/0x40 [ 12.022224] kasan_save_alloc_info+0x3b/0x50 [ 12.022650] __kasan_kmalloc+0xb7/0xc0 [ 12.023000] __kmalloc_cache_noprof+0x189/0x420 [ 12.023199] kmalloc_oob_right+0xa9/0x7f0 [ 12.023590] kunit_try_run_case+0x1a5/0x480 [ 12.024041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.024554] kthread+0x337/0x6f0 [ 12.024888] ret_from_fork+0x116/0x1d0 [ 12.025135] ret_from_fork_asm+0x1a/0x30 [ 12.025422] [ 12.025656] The buggy address belongs to the object at ffff888102b2e400 [ 12.025656] which belongs to the cache kmalloc-128 of size 128 [ 12.026523] The buggy address is located 0 bytes to the right of [ 12.026523] allocated 115-byte region [ffff888102b2e400, ffff888102b2e473) [ 12.027868] [ 12.028017] The buggy address belongs to the physical page: [ 12.028446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2e [ 12.029644] flags: 0x200000000000000(node=0|zone=2) [ 12.030513] page_type: f5(slab) [ 12.031213] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.031898] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.032453] page dumped because: kasan: bad access detected [ 12.032660] [ 12.032738] Memory state around the buggy address: [ 12.033169] ffff888102b2e300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.033421] ffff888102b2e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.033668] >ffff888102b2e400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.034389] ^ [ 12.035074] ffff888102b2e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.035797] ffff888102b2e500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.036540] ==================================================================