Date
July 13, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 16.090933] ================================================================== [ 16.091183] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.091252] Read of size 1 at addr fff00000c586667f by task kunit_try_catch/195 [ 16.091447] [ 16.091485] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.091800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.091852] Hardware name: linux,dummy-virt (DT) [ 16.091888] Call trace: [ 16.091983] show_stack+0x20/0x38 (C) [ 16.092056] dump_stack_lvl+0x8c/0xd0 [ 16.092115] print_report+0x118/0x5d0 [ 16.092351] kasan_report+0xdc/0x128 [ 16.092558] __asan_report_load1_noabort+0x20/0x30 [ 16.092652] ksize_unpoisons_memory+0x690/0x740 [ 16.092743] kunit_try_run_case+0x170/0x3f0 [ 16.092909] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.093117] kthread+0x328/0x630 [ 16.093247] ret_from_fork+0x10/0x20 [ 16.093368] [ 16.093436] Allocated by task 195: [ 16.093466] kasan_save_stack+0x3c/0x68 [ 16.093534] kasan_save_track+0x20/0x40 [ 16.093797] kasan_save_alloc_info+0x40/0x58 [ 16.093927] __kasan_kmalloc+0xd4/0xd8 [ 16.093969] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.094241] ksize_unpoisons_memory+0xc0/0x740 [ 16.094541] kunit_try_run_case+0x170/0x3f0 [ 16.094622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.094769] kthread+0x328/0x630 [ 16.094829] ret_from_fork+0x10/0x20 [ 16.094878] [ 16.094993] The buggy address belongs to the object at fff00000c5866600 [ 16.094993] which belongs to the cache kmalloc-128 of size 128 [ 16.095985] The buggy address is located 12 bytes to the right of [ 16.095985] allocated 115-byte region [fff00000c5866600, fff00000c5866673) [ 16.096151] [ 16.096181] The buggy address belongs to the physical page: [ 16.096259] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105866 [ 16.097363] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.097448] page_type: f5(slab) [ 16.097548] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.097626] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.097882] page dumped because: kasan: bad access detected [ 16.098002] [ 16.098054] Memory state around the buggy address: [ 16.098121] fff00000c5866500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.098167] fff00000c5866580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.098527] >fff00000c5866600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.098609] ^ [ 16.098712] fff00000c5866680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.098783] fff00000c5866700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.098931] ================================================================== [ 16.078121] ================================================================== [ 16.078437] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.078535] Read of size 1 at addr fff00000c5866673 by task kunit_try_catch/195 [ 16.078589] [ 16.078623] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.078705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.078732] Hardware name: linux,dummy-virt (DT) [ 16.078822] Call trace: [ 16.078862] show_stack+0x20/0x38 (C) [ 16.078928] dump_stack_lvl+0x8c/0xd0 [ 16.079010] print_report+0x118/0x5d0 [ 16.079076] kasan_report+0xdc/0x128 [ 16.079121] __asan_report_load1_noabort+0x20/0x30 [ 16.079209] ksize_unpoisons_memory+0x628/0x740 [ 16.079283] kunit_try_run_case+0x170/0x3f0 [ 16.079510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.079726] kthread+0x328/0x630 [ 16.079802] ret_from_fork+0x10/0x20 [ 16.079870] [ 16.079896] Allocated by task 195: [ 16.079926] kasan_save_stack+0x3c/0x68 [ 16.080226] kasan_save_track+0x20/0x40 [ 16.080331] kasan_save_alloc_info+0x40/0x58 [ 16.080378] __kasan_kmalloc+0xd4/0xd8 [ 16.080415] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.080484] ksize_unpoisons_memory+0xc0/0x740 [ 16.080662] kunit_try_run_case+0x170/0x3f0 [ 16.080867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.080973] kthread+0x328/0x630 [ 16.081007] ret_from_fork+0x10/0x20 [ 16.081261] [ 16.081380] The buggy address belongs to the object at fff00000c5866600 [ 16.081380] which belongs to the cache kmalloc-128 of size 128 [ 16.081522] The buggy address is located 0 bytes to the right of [ 16.081522] allocated 115-byte region [fff00000c5866600, fff00000c5866673) [ 16.081602] [ 16.081809] The buggy address belongs to the physical page: [ 16.081939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105866 [ 16.082240] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.082424] page_type: f5(slab) [ 16.082480] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.082564] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.082608] page dumped because: kasan: bad access detected [ 16.082640] [ 16.082659] Memory state around the buggy address: [ 16.082691] fff00000c5866500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.082735] fff00000c5866580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.082790] >fff00000c5866600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.082840] ^ [ 16.082892] fff00000c5866680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.082933] fff00000c5866700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.082975] ================================================================== [ 16.083956] ================================================================== [ 16.084147] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.084333] Read of size 1 at addr fff00000c5866678 by task kunit_try_catch/195 [ 16.084499] [ 16.084551] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.084959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.085018] Hardware name: linux,dummy-virt (DT) [ 16.085086] Call trace: [ 16.085160] show_stack+0x20/0x38 (C) [ 16.085238] dump_stack_lvl+0x8c/0xd0 [ 16.085447] print_report+0x118/0x5d0 [ 16.085695] kasan_report+0xdc/0x128 [ 16.085773] __asan_report_load1_noabort+0x20/0x30 [ 16.085893] ksize_unpoisons_memory+0x618/0x740 [ 16.085966] kunit_try_run_case+0x170/0x3f0 [ 16.086014] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.086353] kthread+0x328/0x630 [ 16.086462] ret_from_fork+0x10/0x20 [ 16.086526] [ 16.086578] Allocated by task 195: [ 16.086877] kasan_save_stack+0x3c/0x68 [ 16.086996] kasan_save_track+0x20/0x40 [ 16.087035] kasan_save_alloc_info+0x40/0x58 [ 16.087299] __kasan_kmalloc+0xd4/0xd8 [ 16.087602] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.087709] ksize_unpoisons_memory+0xc0/0x740 [ 16.087825] kunit_try_run_case+0x170/0x3f0 [ 16.087874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.087949] kthread+0x328/0x630 [ 16.088250] ret_from_fork+0x10/0x20 [ 16.088369] [ 16.088418] The buggy address belongs to the object at fff00000c5866600 [ 16.088418] which belongs to the cache kmalloc-128 of size 128 [ 16.088503] The buggy address is located 5 bytes to the right of [ 16.088503] allocated 115-byte region [fff00000c5866600, fff00000c5866673) [ 16.088737] [ 16.088809] The buggy address belongs to the physical page: [ 16.088939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105866 [ 16.089057] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.089110] page_type: f5(slab) [ 16.089147] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.089251] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.089294] page dumped because: kasan: bad access detected [ 16.089326] [ 16.089352] Memory state around the buggy address: [ 16.089383] fff00000c5866500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.089426] fff00000c5866580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.089479] >fff00000c5866600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.089518] ^ [ 16.089559] fff00000c5866680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.089612] fff00000c5866700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.089651] ==================================================================
[ 16.835656] ================================================================== [ 16.835710] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.835763] Read of size 1 at addr fff00000c5aae678 by task kunit_try_catch/195 [ 16.835882] [ 16.836009] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.836202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.836302] Hardware name: linux,dummy-virt (DT) [ 16.836378] Call trace: [ 16.836401] show_stack+0x20/0x38 (C) [ 16.836618] dump_stack_lvl+0x8c/0xd0 [ 16.836669] print_report+0x118/0x5d0 [ 16.836714] kasan_report+0xdc/0x128 [ 16.836861] __asan_report_load1_noabort+0x20/0x30 [ 16.837030] ksize_unpoisons_memory+0x618/0x740 [ 16.837194] kunit_try_run_case+0x170/0x3f0 [ 16.837314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.837442] kthread+0x328/0x630 [ 16.837519] ret_from_fork+0x10/0x20 [ 16.837720] [ 16.837758] Allocated by task 195: [ 16.837787] kasan_save_stack+0x3c/0x68 [ 16.838174] kasan_save_track+0x20/0x40 [ 16.838272] kasan_save_alloc_info+0x40/0x58 [ 16.838402] __kasan_kmalloc+0xd4/0xd8 [ 16.838496] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.838544] ksize_unpoisons_memory+0xc0/0x740 [ 16.838581] kunit_try_run_case+0x170/0x3f0 [ 16.838618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.838666] kthread+0x328/0x630 [ 16.838698] ret_from_fork+0x10/0x20 [ 16.838732] [ 16.838751] The buggy address belongs to the object at fff00000c5aae600 [ 16.838751] which belongs to the cache kmalloc-128 of size 128 [ 16.838812] The buggy address is located 5 bytes to the right of [ 16.838812] allocated 115-byte region [fff00000c5aae600, fff00000c5aae673) [ 16.838890] [ 16.838910] The buggy address belongs to the physical page: [ 16.838959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.839011] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.839061] page_type: f5(slab) [ 16.839103] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.839170] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.839232] page dumped because: kasan: bad access detected [ 16.839264] [ 16.839283] Memory state around the buggy address: [ 16.839316] fff00000c5aae500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.839369] fff00000c5aae580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.839414] >fff00000c5aae600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.839461] ^ [ 16.839514] fff00000c5aae680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.839567] fff00000c5aae700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.839606] ================================================================== [ 16.841251] ================================================================== [ 16.841481] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.841589] Read of size 1 at addr fff00000c5aae67f by task kunit_try_catch/195 [ 16.841642] [ 16.841734] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.841874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.841904] Hardware name: linux,dummy-virt (DT) [ 16.841982] Call trace: [ 16.842027] show_stack+0x20/0x38 (C) [ 16.842317] dump_stack_lvl+0x8c/0xd0 [ 16.842423] print_report+0x118/0x5d0 [ 16.842477] kasan_report+0xdc/0x128 [ 16.842591] __asan_report_load1_noabort+0x20/0x30 [ 16.842644] ksize_unpoisons_memory+0x690/0x740 [ 16.842704] kunit_try_run_case+0x170/0x3f0 [ 16.842753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.842808] kthread+0x328/0x630 [ 16.842967] ret_from_fork+0x10/0x20 [ 16.843039] [ 16.843078] Allocated by task 195: [ 16.843135] kasan_save_stack+0x3c/0x68 [ 16.843204] kasan_save_track+0x20/0x40 [ 16.843279] kasan_save_alloc_info+0x40/0x58 [ 16.843335] __kasan_kmalloc+0xd4/0xd8 [ 16.843371] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.843502] ksize_unpoisons_memory+0xc0/0x740 [ 16.843593] kunit_try_run_case+0x170/0x3f0 [ 16.843702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.843770] kthread+0x328/0x630 [ 16.843881] ret_from_fork+0x10/0x20 [ 16.843937] [ 16.843955] The buggy address belongs to the object at fff00000c5aae600 [ 16.843955] which belongs to the cache kmalloc-128 of size 128 [ 16.844014] The buggy address is located 12 bytes to the right of [ 16.844014] allocated 115-byte region [fff00000c5aae600, fff00000c5aae673) [ 16.844081] [ 16.844142] The buggy address belongs to the physical page: [ 16.844288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.844360] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.844426] page_type: f5(slab) [ 16.844465] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.844551] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.844675] page dumped because: kasan: bad access detected [ 16.844776] [ 16.844858] Memory state around the buggy address: [ 16.844996] fff00000c5aae500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.845114] fff00000c5aae580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.845197] >fff00000c5aae600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.845285] ^ [ 16.845366] fff00000c5aae680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.845433] fff00000c5aae700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.845519] ================================================================== [ 16.828133] ================================================================== [ 16.828208] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.828258] Read of size 1 at addr fff00000c5aae673 by task kunit_try_catch/195 [ 16.828310] [ 16.828340] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.828755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.828829] Hardware name: linux,dummy-virt (DT) [ 16.828878] Call trace: [ 16.828965] show_stack+0x20/0x38 (C) [ 16.829046] dump_stack_lvl+0x8c/0xd0 [ 16.829191] print_report+0x118/0x5d0 [ 16.829304] kasan_report+0xdc/0x128 [ 16.829395] __asan_report_load1_noabort+0x20/0x30 [ 16.829485] ksize_unpoisons_memory+0x628/0x740 [ 16.829620] kunit_try_run_case+0x170/0x3f0 [ 16.829755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.829843] kthread+0x328/0x630 [ 16.829884] ret_from_fork+0x10/0x20 [ 16.830195] [ 16.830218] Allocated by task 195: [ 16.830441] kasan_save_stack+0x3c/0x68 [ 16.830656] kasan_save_track+0x20/0x40 [ 16.830743] kasan_save_alloc_info+0x40/0x58 [ 16.830794] __kasan_kmalloc+0xd4/0xd8 [ 16.830853] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.830928] ksize_unpoisons_memory+0xc0/0x740 [ 16.830966] kunit_try_run_case+0x170/0x3f0 [ 16.831005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.831050] kthread+0x328/0x630 [ 16.831083] ret_from_fork+0x10/0x20 [ 16.831410] [ 16.831449] The buggy address belongs to the object at fff00000c5aae600 [ 16.831449] which belongs to the cache kmalloc-128 of size 128 [ 16.831664] The buggy address is located 0 bytes to the right of [ 16.831664] allocated 115-byte region [fff00000c5aae600, fff00000c5aae673) [ 16.831734] [ 16.831753] The buggy address belongs to the physical page: [ 16.831865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.832017] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.832087] page_type: f5(slab) [ 16.832145] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.832256] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.832370] page dumped because: kasan: bad access detected [ 16.832501] [ 16.832519] Memory state around the buggy address: [ 16.832550] fff00000c5aae500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.832613] fff00000c5aae580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.832818] >fff00000c5aae600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.833013] ^ [ 16.833216] fff00000c5aae680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.833323] fff00000c5aae700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.833495] ==================================================================
[ 13.102520] ================================================================== [ 13.103213] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.104013] Read of size 1 at addr ffff8881026b2d7f by task kunit_try_catch/211 [ 13.104639] [ 13.104814] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.104855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.104866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.104885] Call Trace: [ 13.104901] <TASK> [ 13.104915] dump_stack_lvl+0x73/0xb0 [ 13.104943] print_report+0xd1/0x610 [ 13.104966] ? __virt_addr_valid+0x1db/0x2d0 [ 13.104989] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.105013] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.105036] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.105060] kasan_report+0x141/0x180 [ 13.105082] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.105110] __asan_report_load1_noabort+0x18/0x20 [ 13.105135] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.105159] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.105183] ? __schedule+0x207f/0x2b60 [ 13.105202] ? schedule+0x7c/0x2e0 [ 13.105222] ? trace_hardirqs_on+0x37/0xe0 [ 13.105245] ? __schedule+0x207f/0x2b60 [ 13.105266] ? __pfx_read_tsc+0x10/0x10 [ 13.105287] ? ktime_get_ts64+0x86/0x230 [ 13.105310] kunit_try_run_case+0x1a5/0x480 [ 13.105335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.105358] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.105382] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.105405] ? __kthread_parkme+0x82/0x180 [ 13.105426] ? preempt_count_sub+0x50/0x80 [ 13.105463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.105487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.105512] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.105547] kthread+0x337/0x6f0 [ 13.105576] ? trace_preempt_on+0x20/0xc0 [ 13.105598] ? __pfx_kthread+0x10/0x10 [ 13.105619] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.105640] ? calculate_sigpending+0x7b/0xa0 [ 13.105664] ? __pfx_kthread+0x10/0x10 [ 13.105685] ret_from_fork+0x116/0x1d0 [ 13.105704] ? __pfx_kthread+0x10/0x10 [ 13.105724] ret_from_fork_asm+0x1a/0x30 [ 13.105755] </TASK> [ 13.105764] [ 13.117902] Allocated by task 211: [ 13.118037] kasan_save_stack+0x45/0x70 [ 13.118182] kasan_save_track+0x18/0x40 [ 13.118316] kasan_save_alloc_info+0x3b/0x50 [ 13.118499] __kasan_kmalloc+0xb7/0xc0 [ 13.118632] __kmalloc_cache_noprof+0x189/0x420 [ 13.118856] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.119337] kunit_try_run_case+0x1a5/0x480 [ 13.119828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.120110] kthread+0x337/0x6f0 [ 13.120229] ret_from_fork+0x116/0x1d0 [ 13.120366] ret_from_fork_asm+0x1a/0x30 [ 13.120660] [ 13.120818] The buggy address belongs to the object at ffff8881026b2d00 [ 13.120818] which belongs to the cache kmalloc-128 of size 128 [ 13.122043] The buggy address is located 12 bytes to the right of [ 13.122043] allocated 115-byte region [ffff8881026b2d00, ffff8881026b2d73) [ 13.123351] [ 13.123546] The buggy address belongs to the physical page: [ 13.123808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b2 [ 13.124055] flags: 0x200000000000000(node=0|zone=2) [ 13.124220] page_type: f5(slab) [ 13.124346] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.124733] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.125127] page dumped because: kasan: bad access detected [ 13.125304] [ 13.125373] Memory state around the buggy address: [ 13.125596] ffff8881026b2c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.125950] ffff8881026b2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.126225] >ffff8881026b2d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.126503] ^ [ 13.126858] ffff8881026b2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.127148] ffff8881026b2e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.127444] ================================================================== [ 13.040089] ================================================================== [ 13.040549] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.041159] Read of size 1 at addr ffff8881026b2d73 by task kunit_try_catch/211 [ 13.041482] [ 13.041649] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.041692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.041703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.041722] Call Trace: [ 13.041733] <TASK> [ 13.041747] dump_stack_lvl+0x73/0xb0 [ 13.041776] print_report+0xd1/0x610 [ 13.041797] ? __virt_addr_valid+0x1db/0x2d0 [ 13.041820] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.041843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.041867] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.041890] kasan_report+0x141/0x180 [ 13.041912] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.041940] __asan_report_load1_noabort+0x18/0x20 [ 13.041965] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.041989] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.042013] ? __schedule+0x207f/0x2b60 [ 13.042033] ? schedule+0x7c/0x2e0 [ 13.042052] ? trace_hardirqs_on+0x37/0xe0 [ 13.042075] ? __schedule+0x207f/0x2b60 [ 13.042096] ? __pfx_read_tsc+0x10/0x10 [ 13.042116] ? ktime_get_ts64+0x86/0x230 [ 13.042140] kunit_try_run_case+0x1a5/0x480 [ 13.042164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.042187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.042211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.042235] ? __kthread_parkme+0x82/0x180 [ 13.042255] ? preempt_count_sub+0x50/0x80 [ 13.042279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.042303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.042327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.042353] kthread+0x337/0x6f0 [ 13.042372] ? trace_preempt_on+0x20/0xc0 [ 13.042393] ? __pfx_kthread+0x10/0x10 [ 13.042423] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.042444] ? calculate_sigpending+0x7b/0xa0 [ 13.042480] ? __pfx_kthread+0x10/0x10 [ 13.042502] ret_from_fork+0x116/0x1d0 [ 13.042520] ? __pfx_kthread+0x10/0x10 [ 13.042541] ret_from_fork_asm+0x1a/0x30 [ 13.042581] </TASK> [ 13.042591] [ 13.053923] Allocated by task 211: [ 13.054058] kasan_save_stack+0x45/0x70 [ 13.054202] kasan_save_track+0x18/0x40 [ 13.054337] kasan_save_alloc_info+0x3b/0x50 [ 13.054613] __kasan_kmalloc+0xb7/0xc0 [ 13.055285] __kmalloc_cache_noprof+0x189/0x420 [ 13.055910] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.056335] kunit_try_run_case+0x1a5/0x480 [ 13.056919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.057673] kthread+0x337/0x6f0 [ 13.058118] ret_from_fork+0x116/0x1d0 [ 13.058717] ret_from_fork_asm+0x1a/0x30 [ 13.059216] [ 13.059523] The buggy address belongs to the object at ffff8881026b2d00 [ 13.059523] which belongs to the cache kmalloc-128 of size 128 [ 13.061011] The buggy address is located 0 bytes to the right of [ 13.061011] allocated 115-byte region [ffff8881026b2d00, ffff8881026b2d73) [ 13.062297] [ 13.062385] The buggy address belongs to the physical page: [ 13.063177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b2 [ 13.063873] flags: 0x200000000000000(node=0|zone=2) [ 13.064056] page_type: f5(slab) [ 13.064182] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.064673] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.065557] page dumped because: kasan: bad access detected [ 13.066369] [ 13.066852] Memory state around the buggy address: [ 13.067337] ffff8881026b2c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.068226] ffff8881026b2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.069206] >ffff8881026b2d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.069880] ^ [ 13.070294] ffff8881026b2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.071142] ffff8881026b2e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.072139] ================================================================== [ 13.072922] ================================================================== [ 13.073157] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.073391] Read of size 1 at addr ffff8881026b2d78 by task kunit_try_catch/211 [ 13.074288] [ 13.074671] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.074719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.074730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.074750] Call Trace: [ 13.074762] <TASK> [ 13.074777] dump_stack_lvl+0x73/0xb0 [ 13.074807] print_report+0xd1/0x610 [ 13.074830] ? __virt_addr_valid+0x1db/0x2d0 [ 13.074852] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.074876] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.074899] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.074923] kasan_report+0x141/0x180 [ 13.074945] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.074973] __asan_report_load1_noabort+0x18/0x20 [ 13.074997] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.075021] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.075045] ? __schedule+0x207f/0x2b60 [ 13.075065] ? schedule+0x7c/0x2e0 [ 13.075084] ? trace_hardirqs_on+0x37/0xe0 [ 13.075107] ? __schedule+0x207f/0x2b60 [ 13.075128] ? __pfx_read_tsc+0x10/0x10 [ 13.075148] ? ktime_get_ts64+0x86/0x230 [ 13.075171] kunit_try_run_case+0x1a5/0x480 [ 13.075195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.075218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.075242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.075265] ? __kthread_parkme+0x82/0x180 [ 13.075286] ? preempt_count_sub+0x50/0x80 [ 13.075310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.075334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.075359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.075384] kthread+0x337/0x6f0 [ 13.075403] ? trace_preempt_on+0x20/0xc0 [ 13.075593] ? __pfx_kthread+0x10/0x10 [ 13.075618] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.075640] ? calculate_sigpending+0x7b/0xa0 [ 13.075664] ? __pfx_kthread+0x10/0x10 [ 13.075686] ret_from_fork+0x116/0x1d0 [ 13.075705] ? __pfx_kthread+0x10/0x10 [ 13.075725] ret_from_fork_asm+0x1a/0x30 [ 13.075756] </TASK> [ 13.075766] [ 13.088672] Allocated by task 211: [ 13.089071] kasan_save_stack+0x45/0x70 [ 13.089459] kasan_save_track+0x18/0x40 [ 13.089790] kasan_save_alloc_info+0x3b/0x50 [ 13.089943] __kasan_kmalloc+0xb7/0xc0 [ 13.090075] __kmalloc_cache_noprof+0x189/0x420 [ 13.090230] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.090382] kunit_try_run_case+0x1a5/0x480 [ 13.090769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.091290] kthread+0x337/0x6f0 [ 13.091711] ret_from_fork+0x116/0x1d0 [ 13.092053] ret_from_fork_asm+0x1a/0x30 [ 13.092402] [ 13.092721] The buggy address belongs to the object at ffff8881026b2d00 [ 13.092721] which belongs to the cache kmalloc-128 of size 128 [ 13.093847] The buggy address is located 5 bytes to the right of [ 13.093847] allocated 115-byte region [ffff8881026b2d00, ffff8881026b2d73) [ 13.094820] [ 13.094896] The buggy address belongs to the physical page: [ 13.095070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b2 [ 13.095315] flags: 0x200000000000000(node=0|zone=2) [ 13.095637] page_type: f5(slab) [ 13.095995] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.096808] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.097465] page dumped because: kasan: bad access detected [ 13.098025] [ 13.098182] Memory state around the buggy address: [ 13.098625] ffff8881026b2c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.099375] ffff8881026b2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.099892] >ffff8881026b2d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.100107] ^ [ 13.100325] ffff8881026b2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.100861] ffff8881026b2e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.101480] ==================================================================
[ 13.255487] ================================================================== [ 13.256093] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.256588] Read of size 1 at addr ffff888102594573 by task kunit_try_catch/212 [ 13.257462] [ 13.257588] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.257633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.257921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.257947] Call Trace: [ 13.257962] <TASK> [ 13.257979] dump_stack_lvl+0x73/0xb0 [ 13.258014] print_report+0xd1/0x610 [ 13.258037] ? __virt_addr_valid+0x1db/0x2d0 [ 13.258073] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.258097] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.258134] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.258158] kasan_report+0x141/0x180 [ 13.258180] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.258208] __asan_report_load1_noabort+0x18/0x20 [ 13.258233] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.258257] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.258282] ? finish_task_switch.isra.0+0x153/0x700 [ 13.258306] ? __switch_to+0x47/0xf50 [ 13.258333] ? __schedule+0x10cc/0x2b60 [ 13.258356] ? __pfx_read_tsc+0x10/0x10 [ 13.258377] ? ktime_get_ts64+0x86/0x230 [ 13.258403] kunit_try_run_case+0x1a5/0x480 [ 13.258428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.258451] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.258476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.258500] ? __kthread_parkme+0x82/0x180 [ 13.258521] ? preempt_count_sub+0x50/0x80 [ 13.258545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.258569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.258594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.258619] kthread+0x337/0x6f0 [ 13.258692] ? trace_preempt_on+0x20/0xc0 [ 13.258726] ? __pfx_kthread+0x10/0x10 [ 13.258747] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.258769] ? calculate_sigpending+0x7b/0xa0 [ 13.258794] ? __pfx_kthread+0x10/0x10 [ 13.258816] ret_from_fork+0x116/0x1d0 [ 13.258835] ? __pfx_kthread+0x10/0x10 [ 13.258856] ret_from_fork_asm+0x1a/0x30 [ 13.258888] </TASK> [ 13.258898] [ 13.270610] Allocated by task 212: [ 13.271253] kasan_save_stack+0x45/0x70 [ 13.271426] kasan_save_track+0x18/0x40 [ 13.271883] kasan_save_alloc_info+0x3b/0x50 [ 13.272431] __kasan_kmalloc+0xb7/0xc0 [ 13.272621] __kmalloc_cache_noprof+0x189/0x420 [ 13.272988] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.273225] kunit_try_run_case+0x1a5/0x480 [ 13.273419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.274001] kthread+0x337/0x6f0 [ 13.274257] ret_from_fork+0x116/0x1d0 [ 13.274557] ret_from_fork_asm+0x1a/0x30 [ 13.274941] [ 13.275066] The buggy address belongs to the object at ffff888102594500 [ 13.275066] which belongs to the cache kmalloc-128 of size 128 [ 13.276089] The buggy address is located 0 bytes to the right of [ 13.276089] allocated 115-byte region [ffff888102594500, ffff888102594573) [ 13.276947] [ 13.277064] The buggy address belongs to the physical page: [ 13.277536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102594 [ 13.278185] flags: 0x200000000000000(node=0|zone=2) [ 13.278526] page_type: f5(slab) [ 13.278701] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.279325] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.279969] page dumped because: kasan: bad access detected [ 13.280263] [ 13.280343] Memory state around the buggy address: [ 13.280564] ffff888102594400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.281150] ffff888102594480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.281551] >ffff888102594500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.282117] ^ [ 13.282496] ffff888102594580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.283043] ffff888102594600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.283408] ================================================================== [ 13.283914] ================================================================== [ 13.284166] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.284514] Read of size 1 at addr ffff888102594578 by task kunit_try_catch/212 [ 13.286062] [ 13.286263] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.286307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.286319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.286338] Call Trace: [ 13.286479] <TASK> [ 13.286500] dump_stack_lvl+0x73/0xb0 [ 13.286532] print_report+0xd1/0x610 [ 13.286555] ? __virt_addr_valid+0x1db/0x2d0 [ 13.286579] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.286603] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.286626] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.286902] kasan_report+0x141/0x180 [ 13.286928] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.286957] __asan_report_load1_noabort+0x18/0x20 [ 13.286982] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.287007] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.287031] ? finish_task_switch.isra.0+0x153/0x700 [ 13.287067] ? __switch_to+0x47/0xf50 [ 13.287092] ? __schedule+0x10cc/0x2b60 [ 13.287115] ? __pfx_read_tsc+0x10/0x10 [ 13.287137] ? ktime_get_ts64+0x86/0x230 [ 13.287161] kunit_try_run_case+0x1a5/0x480 [ 13.287186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.287209] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.287234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.287258] ? __kthread_parkme+0x82/0x180 [ 13.287279] ? preempt_count_sub+0x50/0x80 [ 13.287302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.287327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.287351] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.287377] kthread+0x337/0x6f0 [ 13.287396] ? trace_preempt_on+0x20/0xc0 [ 13.287420] ? __pfx_kthread+0x10/0x10 [ 13.287441] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.287463] ? calculate_sigpending+0x7b/0xa0 [ 13.287488] ? __pfx_kthread+0x10/0x10 [ 13.287509] ret_from_fork+0x116/0x1d0 [ 13.287529] ? __pfx_kthread+0x10/0x10 [ 13.287550] ret_from_fork_asm+0x1a/0x30 [ 13.287580] </TASK> [ 13.287590] [ 13.299913] Allocated by task 212: [ 13.300115] kasan_save_stack+0x45/0x70 [ 13.300672] kasan_save_track+0x18/0x40 [ 13.300835] kasan_save_alloc_info+0x3b/0x50 [ 13.301277] __kasan_kmalloc+0xb7/0xc0 [ 13.301455] __kmalloc_cache_noprof+0x189/0x420 [ 13.301809] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.302223] kunit_try_run_case+0x1a5/0x480 [ 13.302505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.302920] kthread+0x337/0x6f0 [ 13.303105] ret_from_fork+0x116/0x1d0 [ 13.303369] ret_from_fork_asm+0x1a/0x30 [ 13.303565] [ 13.303728] The buggy address belongs to the object at ffff888102594500 [ 13.303728] which belongs to the cache kmalloc-128 of size 128 [ 13.304234] The buggy address is located 5 bytes to the right of [ 13.304234] allocated 115-byte region [ffff888102594500, ffff888102594573) [ 13.304809] [ 13.304977] The buggy address belongs to the physical page: [ 13.305345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102594 [ 13.305761] flags: 0x200000000000000(node=0|zone=2) [ 13.305959] page_type: f5(slab) [ 13.306245] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.306563] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.307061] page dumped because: kasan: bad access detected [ 13.307486] [ 13.307585] Memory state around the buggy address: [ 13.307752] ffff888102594400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.308142] ffff888102594480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.308422] >ffff888102594500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.308772] ^ [ 13.309240] ffff888102594580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.309529] ffff888102594600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.309888] ================================================================== [ 13.310575] ================================================================== [ 13.310969] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.311364] Read of size 1 at addr ffff88810259457f by task kunit_try_catch/212 [ 13.311862] [ 13.312012] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.312064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.312076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.312096] Call Trace: [ 13.312110] <TASK> [ 13.312124] dump_stack_lvl+0x73/0xb0 [ 13.312154] print_report+0xd1/0x610 [ 13.312176] ? __virt_addr_valid+0x1db/0x2d0 [ 13.312199] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.312223] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.312247] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.312271] kasan_report+0x141/0x180 [ 13.312293] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.312321] __asan_report_load1_noabort+0x18/0x20 [ 13.312380] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.312405] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.312440] ? finish_task_switch.isra.0+0x153/0x700 [ 13.312464] ? __switch_to+0x47/0xf50 [ 13.312489] ? __schedule+0x10cc/0x2b60 [ 13.312512] ? __pfx_read_tsc+0x10/0x10 [ 13.312534] ? ktime_get_ts64+0x86/0x230 [ 13.312558] kunit_try_run_case+0x1a5/0x480 [ 13.312582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.312606] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.312630] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.312654] ? __kthread_parkme+0x82/0x180 [ 13.312676] ? preempt_count_sub+0x50/0x80 [ 13.312755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.312783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.312808] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.312833] kthread+0x337/0x6f0 [ 13.312854] ? trace_preempt_on+0x20/0xc0 [ 13.312877] ? __pfx_kthread+0x10/0x10 [ 13.312899] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.312921] ? calculate_sigpending+0x7b/0xa0 [ 13.312946] ? __pfx_kthread+0x10/0x10 [ 13.312968] ret_from_fork+0x116/0x1d0 [ 13.312987] ? __pfx_kthread+0x10/0x10 [ 13.313008] ret_from_fork_asm+0x1a/0x30 [ 13.313039] </TASK> [ 13.313048] [ 13.322558] Allocated by task 212: [ 13.322806] kasan_save_stack+0x45/0x70 [ 13.322959] kasan_save_track+0x18/0x40 [ 13.323163] kasan_save_alloc_info+0x3b/0x50 [ 13.323397] __kasan_kmalloc+0xb7/0xc0 [ 13.323589] __kmalloc_cache_noprof+0x189/0x420 [ 13.323982] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.324267] kunit_try_run_case+0x1a5/0x480 [ 13.324426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.324701] kthread+0x337/0x6f0 [ 13.324934] ret_from_fork+0x116/0x1d0 [ 13.325143] ret_from_fork_asm+0x1a/0x30 [ 13.325396] [ 13.325527] The buggy address belongs to the object at ffff888102594500 [ 13.325527] which belongs to the cache kmalloc-128 of size 128 [ 13.326276] The buggy address is located 12 bytes to the right of [ 13.326276] allocated 115-byte region [ffff888102594500, ffff888102594573) [ 13.326823] [ 13.326910] The buggy address belongs to the physical page: [ 13.327424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102594 [ 13.327900] flags: 0x200000000000000(node=0|zone=2) [ 13.328166] page_type: f5(slab) [ 13.328353] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.328659] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.329121] page dumped because: kasan: bad access detected [ 13.329489] [ 13.329621] Memory state around the buggy address: [ 13.329836] ffff888102594400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.330160] ffff888102594480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.330749] >ffff888102594500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.331029] ^ [ 13.331552] ffff888102594580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.331909] ffff888102594600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.332282] ==================================================================