Date
July 13, 2025, 11:09 p.m.
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.445190] ================================================================== [ 14.446217] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.446471] Read of size 1 at addr ffff8881039f7d02 by task kunit_try_catch/267 [ 14.447216] [ 14.447325] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.447373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.447385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.447408] Call Trace: [ 14.447422] <TASK> [ 14.447438] dump_stack_lvl+0x73/0xb0 [ 14.447484] print_report+0xd1/0x610 [ 14.447507] ? __virt_addr_valid+0x1db/0x2d0 [ 14.447532] ? kasan_stack_oob+0x2b5/0x300 [ 14.447552] ? kasan_addr_to_slab+0x11/0xa0 [ 14.447575] ? kasan_stack_oob+0x2b5/0x300 [ 14.447596] kasan_report+0x141/0x180 [ 14.447617] ? kasan_stack_oob+0x2b5/0x300 [ 14.447643] __asan_report_load1_noabort+0x18/0x20 [ 14.447669] kasan_stack_oob+0x2b5/0x300 [ 14.447690] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.447711] ? finish_task_switch.isra.0+0x153/0x700 [ 14.447736] ? __switch_to+0x47/0xf50 [ 14.447763] ? __schedule+0x10cc/0x2b60 [ 14.447786] ? __pfx_read_tsc+0x10/0x10 [ 14.447808] ? ktime_get_ts64+0x86/0x230 [ 14.447834] kunit_try_run_case+0x1a5/0x480 [ 14.447859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.447882] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.447908] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.447932] ? __kthread_parkme+0x82/0x180 [ 14.447954] ? preempt_count_sub+0x50/0x80 [ 14.447978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.448004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.448029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.448056] kthread+0x337/0x6f0 [ 14.448074] ? trace_preempt_on+0x20/0xc0 [ 14.448099] ? __pfx_kthread+0x10/0x10 [ 14.448120] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.448142] ? calculate_sigpending+0x7b/0xa0 [ 14.448168] ? __pfx_kthread+0x10/0x10 [ 14.448189] ret_from_fork+0x116/0x1d0 [ 14.448208] ? __pfx_kthread+0x10/0x10 [ 14.448229] ret_from_fork_asm+0x1a/0x30 [ 14.448261] </TASK> [ 14.448272] [ 14.456128] The buggy address belongs to stack of task kunit_try_catch/267 [ 14.456487] and is located at offset 138 in frame: [ 14.456872] kasan_stack_oob+0x0/0x300 [ 14.457156] [ 14.457269] This frame has 4 objects: [ 14.457558] [48, 49) '__assertion' [ 14.457581] [64, 72) 'array' [ 14.457795] [96, 112) '__assertion' [ 14.457953] [128, 138) 'stack_array' [ 14.458092] [ 14.458345] The buggy address belongs to the physical page: [ 14.458618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f7 [ 14.458960] flags: 0x200000000000000(node=0|zone=2) [ 14.459159] raw: 0200000000000000 ffffea00040e7dc8 ffffea00040e7dc8 0000000000000000 [ 14.459735] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.460094] page dumped because: kasan: bad access detected [ 14.460294] [ 14.460364] Memory state around the buggy address: [ 14.460534] ffff8881039f7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.460794] ffff8881039f7c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.461109] >ffff8881039f7d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.461536] ^ [ 14.461750] ffff8881039f7d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.461983] ffff8881039f7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.462197] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.896424] ================================================================== [ 11.897671] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.898456] Read of size 1 at addr ffff888103a81000 by task kunit_try_catch/157 [ 11.899174] [ 11.899289] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.899336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.899348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.899369] Call Trace: [ 11.899384] <TASK> [ 11.899429] dump_stack_lvl+0x73/0xb0 [ 11.899473] print_report+0xd1/0x610 [ 11.899518] ? __virt_addr_valid+0x1db/0x2d0 [ 11.899734] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.899765] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.899789] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.899813] kasan_report+0x141/0x180 [ 11.899835] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.899863] __asan_report_load1_noabort+0x18/0x20 [ 11.899888] kmalloc_node_oob_right+0x369/0x3c0 [ 11.899912] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.899938] ? __schedule+0x10cc/0x2b60 [ 11.899961] ? __pfx_read_tsc+0x10/0x10 [ 11.899983] ? ktime_get_ts64+0x86/0x230 [ 11.900007] kunit_try_run_case+0x1a5/0x480 [ 11.900032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.900055] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.900079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.900103] ? __kthread_parkme+0x82/0x180 [ 11.900123] ? preempt_count_sub+0x50/0x80 [ 11.900148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.900172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.900196] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.900221] kthread+0x337/0x6f0 [ 11.900240] ? trace_preempt_on+0x20/0xc0 [ 11.900263] ? __pfx_kthread+0x10/0x10 [ 11.900287] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.900308] ? calculate_sigpending+0x7b/0xa0 [ 11.900333] ? __pfx_kthread+0x10/0x10 [ 11.900354] ret_from_fork+0x116/0x1d0 [ 11.900373] ? __pfx_kthread+0x10/0x10 [ 11.900410] ret_from_fork_asm+0x1a/0x30 [ 11.900441] </TASK> [ 11.900463] [ 11.915717] Allocated by task 157: [ 11.916157] kasan_save_stack+0x45/0x70 [ 11.916729] kasan_save_track+0x18/0x40 [ 11.917208] kasan_save_alloc_info+0x3b/0x50 [ 11.917798] __kasan_kmalloc+0xb7/0xc0 [ 11.918270] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.918775] kmalloc_node_oob_right+0xab/0x3c0 [ 11.918943] kunit_try_run_case+0x1a5/0x480 [ 11.919086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.919257] kthread+0x337/0x6f0 [ 11.919374] ret_from_fork+0x116/0x1d0 [ 11.919656] ret_from_fork_asm+0x1a/0x30 [ 11.920408] [ 11.920637] The buggy address belongs to the object at ffff888103a80000 [ 11.920637] which belongs to the cache kmalloc-4k of size 4096 [ 11.921983] The buggy address is located 0 bytes to the right of [ 11.921983] allocated 4096-byte region [ffff888103a80000, ffff888103a81000) [ 11.922345] [ 11.922619] The buggy address belongs to the physical page: [ 11.923372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a80 [ 11.924689] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.925454] flags: 0x200000000000040(head|node=0|zone=2) [ 11.926147] page_type: f5(slab) [ 11.926640] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.927258] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.927538] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.927776] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.928011] head: 0200000000000003 ffffea00040ea001 00000000ffffffff 00000000ffffffff [ 11.928242] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.928504] page dumped because: kasan: bad access detected [ 11.928905] [ 11.929440] Memory state around the buggy address: [ 11.929775] ffff888103a80f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.930166] ffff888103a80f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.930677] >ffff888103a81000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.931060] ^ [ 11.931229] ffff888103a81080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.931755] ffff888103a81100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.932234] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.866377] ================================================================== [ 11.866879] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.867291] Read of size 1 at addr ffff888101aa5d9f by task kunit_try_catch/155 [ 11.868060] [ 11.868151] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.868194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.868205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.868254] Call Trace: [ 11.868266] <TASK> [ 11.868285] dump_stack_lvl+0x73/0xb0 [ 11.868317] print_report+0xd1/0x610 [ 11.868341] ? __virt_addr_valid+0x1db/0x2d0 [ 11.868366] ? kmalloc_oob_left+0x361/0x3c0 [ 11.868387] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.868410] ? kmalloc_oob_left+0x361/0x3c0 [ 11.868432] kasan_report+0x141/0x180 [ 11.868463] ? kmalloc_oob_left+0x361/0x3c0 [ 11.868510] __asan_report_load1_noabort+0x18/0x20 [ 11.868535] kmalloc_oob_left+0x361/0x3c0 [ 11.868557] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.868590] ? __schedule+0x10cc/0x2b60 [ 11.868613] ? __pfx_read_tsc+0x10/0x10 [ 11.868634] ? ktime_get_ts64+0x86/0x230 [ 11.868659] kunit_try_run_case+0x1a5/0x480 [ 11.868702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.868725] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.868749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.868773] ? __kthread_parkme+0x82/0x180 [ 11.868794] ? preempt_count_sub+0x50/0x80 [ 11.868819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.868843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.868867] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.868892] kthread+0x337/0x6f0 [ 11.868911] ? trace_preempt_on+0x20/0xc0 [ 11.868934] ? __pfx_kthread+0x10/0x10 [ 11.868955] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.868976] ? calculate_sigpending+0x7b/0xa0 [ 11.869001] ? __pfx_kthread+0x10/0x10 [ 11.869022] ret_from_fork+0x116/0x1d0 [ 11.869040] ? __pfx_kthread+0x10/0x10 [ 11.869060] ret_from_fork_asm+0x1a/0x30 [ 11.869091] </TASK> [ 11.869101] [ 11.877809] Allocated by task 1: [ 11.878025] kasan_save_stack+0x45/0x70 [ 11.878229] kasan_save_track+0x18/0x40 [ 11.878364] kasan_save_alloc_info+0x3b/0x50 [ 11.878765] __kasan_kmalloc+0xb7/0xc0 [ 11.878896] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.879074] kvasprintf+0xc5/0x150 [ 11.879255] __kthread_create_on_node+0x18b/0x3a0 [ 11.879527] kthread_create_on_node+0xab/0xe0 [ 11.879866] cryptomgr_notify+0x704/0x9f0 [ 11.880004] notifier_call_chain+0xcb/0x250 [ 11.880144] blocking_notifier_call_chain+0x64/0x90 [ 11.880306] crypto_alg_mod_lookup+0x21f/0x440 [ 11.880679] crypto_alloc_tfm_node+0xc5/0x1f0 [ 11.880913] crypto_alloc_sig+0x23/0x30 [ 11.881124] public_key_verify_signature+0x208/0x9f0 [ 11.881372] x509_check_for_self_signed+0x2cb/0x480 [ 11.881554] x509_cert_parse+0x59c/0x830 [ 11.881772] x509_key_preparse+0x68/0x8a0 [ 11.881970] asymmetric_key_preparse+0xb1/0x160 [ 11.882130] __key_create_or_update+0x43d/0xcc0 [ 11.882319] key_create_or_update+0x17/0x20 [ 11.882589] x509_load_certificate_list+0x174/0x200 [ 11.882834] regulatory_init_db+0xee/0x3a0 [ 11.882978] do_one_initcall+0xd8/0x370 [ 11.883169] kernel_init_freeable+0x420/0x6f0 [ 11.883388] kernel_init+0x23/0x1e0 [ 11.883578] ret_from_fork+0x116/0x1d0 [ 11.883743] ret_from_fork_asm+0x1a/0x30 [ 11.883877] [ 11.883976] Freed by task 0: [ 11.884094] kasan_save_stack+0x45/0x70 [ 11.884304] kasan_save_track+0x18/0x40 [ 11.884497] kasan_save_free_info+0x3f/0x60 [ 11.884699] __kasan_slab_free+0x56/0x70 [ 11.884966] kfree+0x222/0x3f0 [ 11.885124] free_kthread_struct+0xeb/0x150 [ 11.885274] free_task+0xf3/0x130 [ 11.885394] __put_task_struct+0x1c8/0x480 [ 11.885611] delayed_put_task_struct+0x10a/0x150 [ 11.885862] rcu_core+0x66f/0x1c40 [ 11.886027] rcu_core_si+0x12/0x20 [ 11.886148] handle_softirqs+0x209/0x730 [ 11.886281] __irq_exit_rcu+0xc9/0x110 [ 11.886456] irq_exit_rcu+0x12/0x20 [ 11.886628] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.886891] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.887154] [ 11.887244] The buggy address belongs to the object at ffff888101aa5d80 [ 11.887244] which belongs to the cache kmalloc-16 of size 16 [ 11.887868] The buggy address is located 15 bytes to the right of [ 11.887868] allocated 16-byte region [ffff888101aa5d80, ffff888101aa5d90) [ 11.888261] [ 11.888379] The buggy address belongs to the physical page: [ 11.888782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aa5 [ 11.889157] flags: 0x200000000000000(node=0|zone=2) [ 11.889314] page_type: f5(slab) [ 11.889452] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.889812] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.890267] page dumped because: kasan: bad access detected [ 11.890471] [ 11.890537] Memory state around the buggy address: [ 11.890684] ffff888101aa5c80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 11.891224] ffff888101aa5d00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 11.891617] >ffff888101aa5d80: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 11.891895] ^ [ 11.892027] ffff888101aa5e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.892231] ffff888101aa5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.892596] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.784926] ================================================================== [ 11.785721] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.786628] Write of size 1 at addr ffff888103427c73 by task kunit_try_catch/153 [ 11.787274] [ 11.788350] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.788707] Tainted: [N]=TEST [ 11.788738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.788948] Call Trace: [ 11.789014] <TASK> [ 11.789158] dump_stack_lvl+0x73/0xb0 [ 11.789248] print_report+0xd1/0x610 [ 11.789278] ? __virt_addr_valid+0x1db/0x2d0 [ 11.789303] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.789325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.789348] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.789370] kasan_report+0x141/0x180 [ 11.789392] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.789431] __asan_report_store1_noabort+0x1b/0x30 [ 11.789469] kmalloc_oob_right+0x6f0/0x7f0 [ 11.789492] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.789515] ? __schedule+0x10cc/0x2b60 [ 11.789538] ? __pfx_read_tsc+0x10/0x10 [ 11.789561] ? ktime_get_ts64+0x86/0x230 [ 11.789587] kunit_try_run_case+0x1a5/0x480 [ 11.789615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.789638] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.789663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.789687] ? __kthread_parkme+0x82/0x180 [ 11.789709] ? preempt_count_sub+0x50/0x80 [ 11.789734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.789758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.789783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.789808] kthread+0x337/0x6f0 [ 11.789827] ? trace_preempt_on+0x20/0xc0 [ 11.789851] ? __pfx_kthread+0x10/0x10 [ 11.789872] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.789893] ? calculate_sigpending+0x7b/0xa0 [ 11.789919] ? __pfx_kthread+0x10/0x10 [ 11.789940] ret_from_fork+0x116/0x1d0 [ 11.789959] ? __pfx_kthread+0x10/0x10 [ 11.789980] ret_from_fork_asm+0x1a/0x30 [ 11.790035] </TASK> [ 11.790099] [ 11.804047] Allocated by task 153: [ 11.804328] kasan_save_stack+0x45/0x70 [ 11.804987] kasan_save_track+0x18/0x40 [ 11.805496] kasan_save_alloc_info+0x3b/0x50 [ 11.805978] __kasan_kmalloc+0xb7/0xc0 [ 11.806403] __kmalloc_cache_noprof+0x189/0x420 [ 11.806977] kmalloc_oob_right+0xa9/0x7f0 [ 11.807462] kunit_try_run_case+0x1a5/0x480 [ 11.807939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.808186] kthread+0x337/0x6f0 [ 11.808314] ret_from_fork+0x116/0x1d0 [ 11.808549] ret_from_fork_asm+0x1a/0x30 [ 11.809201] [ 11.809463] The buggy address belongs to the object at ffff888103427c00 [ 11.809463] which belongs to the cache kmalloc-128 of size 128 [ 11.810796] The buggy address is located 0 bytes to the right of [ 11.810796] allocated 115-byte region [ffff888103427c00, ffff888103427c73) [ 11.811405] [ 11.811573] The buggy address belongs to the physical page: [ 11.811924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103427 [ 11.812410] flags: 0x200000000000000(node=0|zone=2) [ 11.812981] page_type: f5(slab) [ 11.813491] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.813949] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.814706] page dumped because: kasan: bad access detected [ 11.815189] [ 11.815353] Memory state around the buggy address: [ 11.816052] ffff888103427b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.816735] ffff888103427b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.817442] >ffff888103427c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.818115] ^ [ 11.818808] ffff888103427c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.819080] ffff888103427d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.819324] ================================================================== [ 11.821119] ================================================================== [ 11.821847] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.822463] Write of size 1 at addr ffff888103427c78 by task kunit_try_catch/153 [ 11.823108] [ 11.823295] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.823338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.823349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.823371] Call Trace: [ 11.823387] <TASK> [ 11.823403] dump_stack_lvl+0x73/0xb0 [ 11.823432] print_report+0xd1/0x610 [ 11.823465] ? __virt_addr_valid+0x1db/0x2d0 [ 11.823488] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.823509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.823533] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.823555] kasan_report+0x141/0x180 [ 11.823576] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.823602] __asan_report_store1_noabort+0x1b/0x30 [ 11.823627] kmalloc_oob_right+0x6bd/0x7f0 [ 11.823650] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.823673] ? __schedule+0x10cc/0x2b60 [ 11.823696] ? __pfx_read_tsc+0x10/0x10 [ 11.823717] ? ktime_get_ts64+0x86/0x230 [ 11.823741] kunit_try_run_case+0x1a5/0x480 [ 11.823766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.823789] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.823813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.823837] ? __kthread_parkme+0x82/0x180 [ 11.823858] ? preempt_count_sub+0x50/0x80 [ 11.823884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.823908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.823933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.823959] kthread+0x337/0x6f0 [ 11.823977] ? trace_preempt_on+0x20/0xc0 [ 11.824000] ? __pfx_kthread+0x10/0x10 [ 11.824020] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.824042] ? calculate_sigpending+0x7b/0xa0 [ 11.824067] ? __pfx_kthread+0x10/0x10 [ 11.824088] ret_from_fork+0x116/0x1d0 [ 11.824106] ? __pfx_kthread+0x10/0x10 [ 11.824126] ret_from_fork_asm+0x1a/0x30 [ 11.824157] </TASK> [ 11.824167] [ 11.830754] Allocated by task 153: [ 11.830881] kasan_save_stack+0x45/0x70 [ 11.831054] kasan_save_track+0x18/0x40 [ 11.831241] kasan_save_alloc_info+0x3b/0x50 [ 11.831457] __kasan_kmalloc+0xb7/0xc0 [ 11.831641] __kmalloc_cache_noprof+0x189/0x420 [ 11.832017] kmalloc_oob_right+0xa9/0x7f0 [ 11.832156] kunit_try_run_case+0x1a5/0x480 [ 11.832307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.832494] kthread+0x337/0x6f0 [ 11.832785] ret_from_fork+0x116/0x1d0 [ 11.832958] ret_from_fork_asm+0x1a/0x30 [ 11.833108] [ 11.833202] The buggy address belongs to the object at ffff888103427c00 [ 11.833202] which belongs to the cache kmalloc-128 of size 128 [ 11.833721] The buggy address is located 5 bytes to the right of [ 11.833721] allocated 115-byte region [ffff888103427c00, ffff888103427c73) [ 11.834213] [ 11.834305] The buggy address belongs to the physical page: [ 11.834601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103427 [ 11.834870] flags: 0x200000000000000(node=0|zone=2) [ 11.836910] page_type: f5(slab) [ 11.837094] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.838506] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.839027] page dumped because: kasan: bad access detected [ 11.839203] [ 11.839275] Memory state around the buggy address: [ 11.839440] ffff888103427b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.839665] ffff888103427b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.839879] >ffff888103427c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.840089] ^ [ 11.840309] ffff888103427c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.841731] ffff888103427d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.842920] ================================================================== [ 11.844841] ================================================================== [ 11.845611] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.845960] Read of size 1 at addr ffff888103427c80 by task kunit_try_catch/153 [ 11.846282] [ 11.846395] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.846463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.846509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.846533] Call Trace: [ 11.846546] <TASK> [ 11.846587] dump_stack_lvl+0x73/0xb0 [ 11.846618] print_report+0xd1/0x610 [ 11.846641] ? __virt_addr_valid+0x1db/0x2d0 [ 11.846665] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.846686] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.846709] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.846731] kasan_report+0x141/0x180 [ 11.846752] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.846778] __asan_report_load1_noabort+0x18/0x20 [ 11.846835] kmalloc_oob_right+0x68a/0x7f0 [ 11.846858] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.846881] ? __schedule+0x10cc/0x2b60 [ 11.846903] ? __pfx_read_tsc+0x10/0x10 [ 11.846924] ? ktime_get_ts64+0x86/0x230 [ 11.846950] kunit_try_run_case+0x1a5/0x480 [ 11.847007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.847030] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.847054] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.847077] ? __kthread_parkme+0x82/0x180 [ 11.847099] ? preempt_count_sub+0x50/0x80 [ 11.847123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.847147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.847172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.847197] kthread+0x337/0x6f0 [ 11.847215] ? trace_preempt_on+0x20/0xc0 [ 11.847239] ? __pfx_kthread+0x10/0x10 [ 11.847259] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.847280] ? calculate_sigpending+0x7b/0xa0 [ 11.847305] ? __pfx_kthread+0x10/0x10 [ 11.847326] ret_from_fork+0x116/0x1d0 [ 11.847344] ? __pfx_kthread+0x10/0x10 [ 11.847364] ret_from_fork_asm+0x1a/0x30 [ 11.847395] </TASK> [ 11.847420] [ 11.855048] Allocated by task 153: [ 11.855182] kasan_save_stack+0x45/0x70 [ 11.855381] kasan_save_track+0x18/0x40 [ 11.855636] kasan_save_alloc_info+0x3b/0x50 [ 11.855851] __kasan_kmalloc+0xb7/0xc0 [ 11.856067] __kmalloc_cache_noprof+0x189/0x420 [ 11.856305] kmalloc_oob_right+0xa9/0x7f0 [ 11.856533] kunit_try_run_case+0x1a5/0x480 [ 11.856762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.857031] kthread+0x337/0x6f0 [ 11.857164] ret_from_fork+0x116/0x1d0 [ 11.857375] ret_from_fork_asm+0x1a/0x30 [ 11.857589] [ 11.857723] The buggy address belongs to the object at ffff888103427c00 [ 11.857723] which belongs to the cache kmalloc-128 of size 128 [ 11.858254] The buggy address is located 13 bytes to the right of [ 11.858254] allocated 115-byte region [ffff888103427c00, ffff888103427c73) [ 11.858832] [ 11.858913] The buggy address belongs to the physical page: [ 11.859085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103427 [ 11.859325] flags: 0x200000000000000(node=0|zone=2) [ 11.859793] page_type: f5(slab) [ 11.859959] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.860298] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.860885] page dumped because: kasan: bad access detected [ 11.861135] [ 11.861203] Memory state around the buggy address: [ 11.861356] ffff888103427b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.861580] ffff888103427c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.861931] >ffff888103427c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.862304] ^ [ 11.862592] ffff888103427d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.862997] ffff888103427d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.863277] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 140.805004] WARNING: CPU: 1 PID: 2764 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 140.806029] Modules linked in: [ 140.806454] CPU: 1 UID: 0 PID: 2764 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.807376] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.808162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.808820] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 140.809030] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.809526] RSP: 0000:ffff88810af47c78 EFLAGS: 00010286 [ 140.810008] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 140.810223] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa1233bfc [ 140.810432] RBP: ffff88810af47ca0 R08: 0000000000000000 R09: ffffed1020c3d9a0 [ 140.810920] R10: ffff8881061ecd07 R11: 0000000000000000 R12: ffffffffa1233be8 [ 140.811597] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810af47d38 [ 140.812375] FS: 0000000000000000(0000) GS:ffff8881b7f72000(0000) knlGS:0000000000000000 [ 140.813242] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.813656] CR2: 00007ffff7ffe000 CR3: 00000000100bc000 CR4: 00000000000006f0 [ 140.813868] DR0: ffffffffa3252440 DR1: ffffffffa3252441 DR2: ffffffffa3252443 [ 140.814077] DR3: ffffffffa3252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.814284] Call Trace: [ 140.814383] <TASK> [ 140.814480] drm_test_rect_calc_vscale+0x108/0x270 [ 140.815226] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 140.816070] ? __schedule+0x10cc/0x2b60 [ 140.816496] ? __pfx_read_tsc+0x10/0x10 [ 140.817127] ? ktime_get_ts64+0x86/0x230 [ 140.817708] kunit_try_run_case+0x1a5/0x480 [ 140.818265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.819111] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.819905] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.820510] ? __kthread_parkme+0x82/0x180 [ 140.821232] ? preempt_count_sub+0x50/0x80 [ 140.821492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.822122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.823037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.823378] kthread+0x337/0x6f0 [ 140.823509] ? trace_preempt_on+0x20/0xc0 [ 140.823864] ? __pfx_kthread+0x10/0x10 [ 140.824224] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.824718] ? calculate_sigpending+0x7b/0xa0 [ 140.825025] ? __pfx_kthread+0x10/0x10 [ 140.825166] ret_from_fork+0x116/0x1d0 [ 140.825302] ? __pfx_kthread+0x10/0x10 [ 140.825438] ret_from_fork_asm+0x1a/0x30 [ 140.825872] </TASK> [ 140.826359] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.829485] WARNING: CPU: 0 PID: 2766 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 140.829923] Modules linked in: [ 140.830110] CPU: 0 UID: 0 PID: 2766 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.830519] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.830910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.831404] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 140.831687] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.832742] RSP: 0000:ffff88810afcfc78 EFLAGS: 00010286 [ 140.833072] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 140.833402] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa1233c34 [ 140.833779] RBP: ffff88810afcfca0 R08: 0000000000000000 R09: ffffed1020bd09c0 [ 140.834221] R10: ffff888105e84e07 R11: 0000000000000000 R12: ffffffffa1233c20 [ 140.834537] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810afcfd38 [ 140.835038] FS: 0000000000000000(0000) GS:ffff8881b7e72000(0000) knlGS:0000000000000000 [ 140.835427] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.835934] CR2: 00007ffff7ffe000 CR3: 00000000100bc000 CR4: 00000000000006f0 [ 140.836343] DR0: ffffffffa3252440 DR1: ffffffffa3252441 DR2: ffffffffa3252442 [ 140.836823] DR3: ffffffffa3252443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.837156] Call Trace: [ 140.837338] <TASK> [ 140.837447] drm_test_rect_calc_vscale+0x108/0x270 [ 140.837860] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 140.838091] ? __schedule+0x10cc/0x2b60 [ 140.838294] ? __pfx_read_tsc+0x10/0x10 [ 140.838482] ? ktime_get_ts64+0x86/0x230 [ 140.838826] kunit_try_run_case+0x1a5/0x480 [ 140.839003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.839321] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.839735] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.840014] ? __kthread_parkme+0x82/0x180 [ 140.840211] ? preempt_count_sub+0x50/0x80 [ 140.840740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.840961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.841228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.841529] kthread+0x337/0x6f0 [ 140.841700] ? trace_preempt_on+0x20/0xc0 [ 140.841875] ? __pfx_kthread+0x10/0x10 [ 140.842072] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.842293] ? calculate_sigpending+0x7b/0xa0 [ 140.842492] ? __pfx_kthread+0x10/0x10 [ 140.842832] ret_from_fork+0x116/0x1d0 [ 140.843077] ? __pfx_kthread+0x10/0x10 [ 140.843217] ret_from_fork_asm+0x1a/0x30 [ 140.843369] </TASK> [ 140.843495] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 140.775145] WARNING: CPU: 0 PID: 2754 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 140.775778] Modules linked in: [ 140.775954] CPU: 0 UID: 0 PID: 2754 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.776958] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.777168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.777553] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 140.777833] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.778538] RSP: 0000:ffff88810b187c78 EFLAGS: 00010286 [ 140.778897] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 140.779211] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa1233c38 [ 140.779480] RBP: ffff88810b187ca0 R08: 0000000000000000 R09: ffffed102086e200 [ 140.780118] R10: ffff888104371007 R11: 0000000000000000 R12: ffffffffa1233c20 [ 140.780496] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810b187d38 [ 140.781155] FS: 0000000000000000(0000) GS:ffff8881b7e72000(0000) knlGS:0000000000000000 [ 140.781489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.782233] CR2: 00007ffff7ffe000 CR3: 00000000100bc000 CR4: 00000000000006f0 [ 140.782768] DR0: ffffffffa3252440 DR1: ffffffffa3252441 DR2: ffffffffa3252442 [ 140.783227] DR3: ffffffffa3252443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.783532] Call Trace: [ 140.783824] <TASK> [ 140.784090] drm_test_rect_calc_hscale+0x108/0x270 [ 140.784291] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 140.784678] ? __schedule+0x10cc/0x2b60 [ 140.784867] ? __pfx_read_tsc+0x10/0x10 [ 140.785369] ? ktime_get_ts64+0x86/0x230 [ 140.785937] kunit_try_run_case+0x1a5/0x480 [ 140.786286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.786726] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.786969] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.787202] ? __kthread_parkme+0x82/0x180 [ 140.787406] ? preempt_count_sub+0x50/0x80 [ 140.787924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.788126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.788705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.789148] kthread+0x337/0x6f0 [ 140.789316] ? trace_preempt_on+0x20/0xc0 [ 140.789487] ? __pfx_kthread+0x10/0x10 [ 140.790128] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.790475] ? calculate_sigpending+0x7b/0xa0 [ 140.791043] ? __pfx_kthread+0x10/0x10 [ 140.791247] ret_from_fork+0x116/0x1d0 [ 140.791387] ? __pfx_kthread+0x10/0x10 [ 140.791926] ret_from_fork_asm+0x1a/0x30 [ 140.792152] </TASK> [ 140.792350] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.753255] WARNING: CPU: 0 PID: 2752 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 140.754296] Modules linked in: [ 140.754908] CPU: 0 UID: 0 PID: 2752 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.756097] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.756534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.757963] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 140.758163] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.759019] RSP: 0000:ffff88810a72fc78 EFLAGS: 00010286 [ 140.759348] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 140.759847] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa1233c00 [ 140.760276] RBP: ffff88810a72fca0 R08: 0000000000000000 R09: ffffed102086e280 [ 140.760784] R10: ffff888104371407 R11: 0000000000000000 R12: ffffffffa1233be8 [ 140.761061] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810a72fd38 [ 140.761344] FS: 0000000000000000(0000) GS:ffff8881b7e72000(0000) knlGS:0000000000000000 [ 140.762153] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.762544] CR2: 00007ffff7ffe000 CR3: 00000000100bc000 CR4: 00000000000006f0 [ 140.763028] DR0: ffffffffa3252440 DR1: ffffffffa3252441 DR2: ffffffffa3252442 [ 140.763473] DR3: ffffffffa3252443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.764008] Call Trace: [ 140.764261] <TASK> [ 140.764542] drm_test_rect_calc_hscale+0x108/0x270 [ 140.765287] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 140.765718] ? __schedule+0x10cc/0x2b60 [ 140.766040] ? __pfx_read_tsc+0x10/0x10 [ 140.766243] ? ktime_get_ts64+0x86/0x230 [ 140.766439] kunit_try_run_case+0x1a5/0x480 [ 140.766899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.767300] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.767740] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.767988] ? __kthread_parkme+0x82/0x180 [ 140.768179] ? preempt_count_sub+0x50/0x80 [ 140.768364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.768909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.769350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.769968] kthread+0x337/0x6f0 [ 140.770202] ? trace_preempt_on+0x20/0xc0 [ 140.770515] ? __pfx_kthread+0x10/0x10 [ 140.770777] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.770986] ? calculate_sigpending+0x7b/0xa0 [ 140.771186] ? __pfx_kthread+0x10/0x10 [ 140.771363] ret_from_fork+0x116/0x1d0 [ 140.771537] ? __pfx_kthread+0x10/0x10 [ 140.771716] ret_from_fork_asm+0x1a/0x30 [ 140.771945] </TASK> [ 140.772045] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.197549] ================================================================== [ 50.197883] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 50.197883] [ 50.198186] Use-after-free read at 0x(____ptrval____) (in kfence-#143): [ 50.198428] test_krealloc+0x6fc/0xbe0 [ 50.198629] kunit_try_run_case+0x1a5/0x480 [ 50.198962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.199687] kthread+0x337/0x6f0 [ 50.199840] ret_from_fork+0x116/0x1d0 [ 50.199979] ret_from_fork_asm+0x1a/0x30 [ 50.200125] [ 50.200198] kfence-#143: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 50.200198] [ 50.201571] allocated by task 355 on cpu 1 at 50.196890s (0.004677s ago): [ 50.201930] test_alloc+0x364/0x10f0 [ 50.202117] test_krealloc+0xad/0xbe0 [ 50.202252] kunit_try_run_case+0x1a5/0x480 [ 50.202401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.203228] kthread+0x337/0x6f0 [ 50.203369] ret_from_fork+0x116/0x1d0 [ 50.203870] ret_from_fork_asm+0x1a/0x30 [ 50.204428] [ 50.204664] freed by task 355 on cpu 1 at 50.197149s (0.007512s ago): [ 50.204925] krealloc_noprof+0x108/0x340 [ 50.205133] test_krealloc+0x226/0xbe0 [ 50.205321] kunit_try_run_case+0x1a5/0x480 [ 50.205531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.206079] kthread+0x337/0x6f0 [ 50.206256] ret_from_fork+0x116/0x1d0 [ 50.206675] ret_from_fork_asm+0x1a/0x30 [ 50.206946] [ 50.207076] CPU: 1 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 50.207666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.207933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.208359] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.103525] ================================================================== [ 50.103892] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 50.103892] [ 50.104230] Use-after-free read at 0x(____ptrval____) (in kfence-#142): [ 50.104465] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 50.104920] kunit_try_run_case+0x1a5/0x480 [ 50.105757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.106263] kthread+0x337/0x6f0 [ 50.106601] ret_from_fork+0x116/0x1d0 [ 50.106973] ret_from_fork_asm+0x1a/0x30 [ 50.107353] [ 50.107528] kfence-#142: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 50.107528] [ 50.108434] allocated by task 353 on cpu 0 at 50.094402s (0.014030s ago): [ 50.108810] test_alloc+0x2a6/0x10f0 [ 50.108947] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 50.109119] kunit_try_run_case+0x1a5/0x480 [ 50.109266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.109456] kthread+0x337/0x6f0 [ 50.109868] ret_from_fork+0x116/0x1d0 [ 50.110593] ret_from_fork_asm+0x1a/0x30 [ 50.111059] [ 50.111294] freed by task 353 on cpu 0 at 50.094619s (0.016604s ago): [ 50.112222] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 50.112973] kunit_try_run_case+0x1a5/0x480 [ 50.113500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.114086] kthread+0x337/0x6f0 [ 50.114527] ret_from_fork+0x116/0x1d0 [ 50.114862] ret_from_fork_asm+0x1a/0x30 [ 50.115014] [ 50.115118] CPU: 0 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 50.115446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.115602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.116281] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 24.835774] ================================================================== [ 24.836236] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 24.836236] [ 24.837064] Invalid read at 0x(____ptrval____): [ 24.837443] test_invalid_access+0xf0/0x210 [ 24.838453] kunit_try_run_case+0x1a5/0x480 [ 24.838810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.839014] kthread+0x337/0x6f0 [ 24.839202] ret_from_fork+0x116/0x1d0 [ 24.839344] ret_from_fork_asm+0x1a/0x30 [ 24.839577] [ 24.839755] CPU: 0 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.840154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.840362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.841071] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 18.581022] ================================================================== [ 18.581444] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 18.581444] [ 18.581885] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#79): [ 18.582545] test_out_of_bounds_write+0x10d/0x260 [ 18.583117] kunit_try_run_case+0x1a5/0x480 [ 18.583335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.583758] kthread+0x337/0x6f0 [ 18.583997] ret_from_fork+0x116/0x1d0 [ 18.584174] ret_from_fork_asm+0x1a/0x30 [ 18.584372] [ 18.584654] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.584654] [ 18.585116] allocated by task 309 on cpu 0 at 18.580898s (0.004215s ago): [ 18.585557] test_alloc+0x364/0x10f0 [ 18.585820] test_out_of_bounds_write+0xd4/0x260 [ 18.586100] kunit_try_run_case+0x1a5/0x480 [ 18.586284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.586659] kthread+0x337/0x6f0 [ 18.586796] ret_from_fork+0x116/0x1d0 [ 18.587051] ret_from_fork_asm+0x1a/0x30 [ 18.587236] [ 18.587353] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.588026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.588341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.588831] ================================================================== [ 18.789120] ================================================================== [ 18.789572] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 18.789572] [ 18.789999] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#81): [ 18.790293] test_out_of_bounds_write+0x10d/0x260 [ 18.790567] kunit_try_run_case+0x1a5/0x480 [ 18.790835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.791020] kthread+0x337/0x6f0 [ 18.791188] ret_from_fork+0x116/0x1d0 [ 18.791379] ret_from_fork_asm+0x1a/0x30 [ 18.791600] [ 18.791675] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.791675] [ 18.791980] allocated by task 311 on cpu 1 at 18.789063s (0.002915s ago): [ 18.792314] test_alloc+0x2a6/0x10f0 [ 18.792510] test_out_of_bounds_write+0xd4/0x260 [ 18.792707] kunit_try_run_case+0x1a5/0x480 [ 18.792855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.793111] kthread+0x337/0x6f0 [ 18.793280] ret_from_fork+0x116/0x1d0 [ 18.793521] ret_from_fork_asm+0x1a/0x30 [ 18.793669] [ 18.793765] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.794184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.794390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.794880] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 24.613109] ================================================================== [ 24.613497] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.613497] [ 24.613894] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#137): [ 24.614498] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.614813] kunit_try_run_case+0x1a5/0x480 [ 24.615011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.615235] kthread+0x337/0x6f0 [ 24.615424] ret_from_fork+0x116/0x1d0 [ 24.615597] ret_from_fork_asm+0x1a/0x30 [ 24.615803] [ 24.615892] kfence-#137: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.615892] [ 24.616275] allocated by task 343 on cpu 1 at 24.612889s (0.003384s ago): [ 24.616598] test_alloc+0x364/0x10f0 [ 24.616768] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 24.617007] kunit_try_run_case+0x1a5/0x480 [ 24.617190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.617369] kthread+0x337/0x6f0 [ 24.617505] ret_from_fork+0x116/0x1d0 [ 24.617698] ret_from_fork_asm+0x1a/0x30 [ 24.617908] [ 24.618000] freed by task 343 on cpu 1 at 24.612998s (0.005000s ago): [ 24.618210] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.618493] kunit_try_run_case+0x1a5/0x480 [ 24.618707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.618966] kthread+0x337/0x6f0 [ 24.619132] ret_from_fork+0x116/0x1d0 [ 24.619305] ret_from_fork_asm+0x1a/0x30 [ 24.619530] [ 24.619644] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.620046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.620246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.620622] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 24.509002] ================================================================== [ 24.509394] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.509394] [ 24.509861] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#136): [ 24.510279] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.510510] kunit_try_run_case+0x1a5/0x480 [ 24.510663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.510888] kthread+0x337/0x6f0 [ 24.511088] ret_from_fork+0x116/0x1d0 [ 24.511304] ret_from_fork_asm+0x1a/0x30 [ 24.511536] [ 24.511649] kfence-#136: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.511649] [ 24.511950] allocated by task 341 on cpu 1 at 24.508787s (0.003160s ago): [ 24.512286] test_alloc+0x364/0x10f0 [ 24.512583] test_kmalloc_aligned_oob_read+0x105/0x560 [ 24.512823] kunit_try_run_case+0x1a5/0x480 [ 24.513025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.513304] kthread+0x337/0x6f0 [ 24.513478] ret_from_fork+0x116/0x1d0 [ 24.513683] ret_from_fork_asm+0x1a/0x30 [ 24.513880] [ 24.513998] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.514401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.514651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.515012] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.725037] ================================================================== [ 19.725448] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 19.725448] [ 19.725776] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#90): [ 19.726977] test_corruption+0x2d2/0x3e0 [ 19.727284] kunit_try_run_case+0x1a5/0x480 [ 19.727616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.727866] kthread+0x337/0x6f0 [ 19.728025] ret_from_fork+0x116/0x1d0 [ 19.728206] ret_from_fork_asm+0x1a/0x30 [ 19.728395] [ 19.728759] kfence-#90: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.728759] [ 19.729133] allocated by task 329 on cpu 0 at 19.724771s (0.004360s ago): [ 19.729630] test_alloc+0x364/0x10f0 [ 19.729904] test_corruption+0xe6/0x3e0 [ 19.730089] kunit_try_run_case+0x1a5/0x480 [ 19.730288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.730722] kthread+0x337/0x6f0 [ 19.730963] ret_from_fork+0x116/0x1d0 [ 19.731114] ret_from_fork_asm+0x1a/0x30 [ 19.731431] [ 19.731525] freed by task 329 on cpu 0 at 19.724877s (0.006646s ago): [ 19.731820] test_corruption+0x2d2/0x3e0 [ 19.731996] kunit_try_run_case+0x1a5/0x480 [ 19.732187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.732417] kthread+0x337/0x6f0 [ 19.732887] ret_from_fork+0x116/0x1d0 [ 19.733050] ret_from_fork_asm+0x1a/0x30 [ 19.733378] [ 19.733495] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.734095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.734355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.734834] ================================================================== [ 20.037036] ================================================================== [ 20.037436] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 20.037436] [ 20.037783] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#93): [ 20.038490] test_corruption+0x131/0x3e0 [ 20.038656] kunit_try_run_case+0x1a5/0x480 [ 20.038865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.039106] kthread+0x337/0x6f0 [ 20.039271] ret_from_fork+0x116/0x1d0 [ 20.039498] ret_from_fork_asm+0x1a/0x30 [ 20.039656] [ 20.039729] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.039729] [ 20.040134] allocated by task 331 on cpu 1 at 20.036897s (0.003235s ago): [ 20.040488] test_alloc+0x2a6/0x10f0 [ 20.040672] test_corruption+0xe6/0x3e0 [ 20.040845] kunit_try_run_case+0x1a5/0x480 [ 20.041066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.041320] kthread+0x337/0x6f0 [ 20.041503] ret_from_fork+0x116/0x1d0 [ 20.041652] ret_from_fork_asm+0x1a/0x30 [ 20.041790] [ 20.041885] freed by task 331 on cpu 1 at 20.036959s (0.004924s ago): [ 20.042214] test_corruption+0x131/0x3e0 [ 20.042422] kunit_try_run_case+0x1a5/0x480 [ 20.042635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.042867] kthread+0x337/0x6f0 [ 20.043008] ret_from_fork+0x116/0x1d0 [ 20.043202] ret_from_fork_asm+0x1a/0x30 [ 20.043419] [ 20.043574] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 20.044048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.044249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.044648] ================================================================== [ 19.829171] ================================================================== [ 19.829595] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.829595] [ 19.829922] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#91): [ 19.830303] test_corruption+0x2df/0x3e0 [ 19.830465] kunit_try_run_case+0x1a5/0x480 [ 19.830637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.831020] kthread+0x337/0x6f0 [ 19.831284] ret_from_fork+0x116/0x1d0 [ 19.831442] ret_from_fork_asm+0x1a/0x30 [ 19.831597] [ 19.831702] kfence-#91: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.831702] [ 19.832146] allocated by task 329 on cpu 0 at 19.828921s (0.003223s ago): [ 19.832404] test_alloc+0x364/0x10f0 [ 19.832615] test_corruption+0x1cb/0x3e0 [ 19.832802] kunit_try_run_case+0x1a5/0x480 [ 19.832950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.833127] kthread+0x337/0x6f0 [ 19.833250] ret_from_fork+0x116/0x1d0 [ 19.833461] ret_from_fork_asm+0x1a/0x30 [ 19.833666] [ 19.833763] freed by task 329 on cpu 0 at 19.829022s (0.004739s ago): [ 19.834082] test_corruption+0x2df/0x3e0 [ 19.834282] kunit_try_run_case+0x1a5/0x480 [ 19.834599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.834813] kthread+0x337/0x6f0 [ 19.834937] ret_from_fork+0x116/0x1d0 [ 19.835126] ret_from_fork_asm+0x1a/0x30 [ 19.835324] [ 19.835442] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.835959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.836098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.836419] ================================================================== [ 20.244995] ================================================================== [ 20.245390] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 20.245390] [ 20.245783] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#95): [ 20.246243] test_corruption+0x216/0x3e0 [ 20.246444] kunit_try_run_case+0x1a5/0x480 [ 20.246663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.247006] kthread+0x337/0x6f0 [ 20.247133] ret_from_fork+0x116/0x1d0 [ 20.247309] ret_from_fork_asm+0x1a/0x30 [ 20.247610] [ 20.247745] kfence-#95: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.247745] [ 20.248042] allocated by task 331 on cpu 1 at 20.244875s (0.003164s ago): [ 20.248385] test_alloc+0x2a6/0x10f0 [ 20.248612] test_corruption+0x1cb/0x3e0 [ 20.248809] kunit_try_run_case+0x1a5/0x480 [ 20.248988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.249225] kthread+0x337/0x6f0 [ 20.249414] ret_from_fork+0x116/0x1d0 [ 20.249651] ret_from_fork_asm+0x1a/0x30 [ 20.249805] [ 20.249876] freed by task 331 on cpu 1 at 20.244918s (0.004955s ago): [ 20.250176] test_corruption+0x216/0x3e0 [ 20.250345] kunit_try_run_case+0x1a5/0x480 [ 20.250663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.250862] kthread+0x337/0x6f0 [ 20.250981] ret_from_fork+0x116/0x1d0 [ 20.251140] ret_from_fork_asm+0x1a/0x30 [ 20.251355] [ 20.251502] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 20.252027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.252191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.252629] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 19.517057] ================================================================== [ 19.517510] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 19.517510] [ 19.517831] Invalid free of 0x(____ptrval____) (in kfence-#88): [ 19.518117] test_invalid_addr_free+0x1e1/0x260 [ 19.518296] kunit_try_run_case+0x1a5/0x480 [ 19.518465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.518720] kthread+0x337/0x6f0 [ 19.518904] ret_from_fork+0x116/0x1d0 [ 19.519043] ret_from_fork_asm+0x1a/0x30 [ 19.519246] [ 19.519342] kfence-#88: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.519342] [ 19.519786] allocated by task 325 on cpu 0 at 19.516918s (0.002866s ago): [ 19.520105] test_alloc+0x364/0x10f0 [ 19.520280] test_invalid_addr_free+0xdb/0x260 [ 19.520513] kunit_try_run_case+0x1a5/0x480 [ 19.520724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.520903] kthread+0x337/0x6f0 [ 19.521025] ret_from_fork+0x116/0x1d0 [ 19.521209] ret_from_fork_asm+0x1a/0x30 [ 19.521411] [ 19.521541] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.522316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.522571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.522952] ================================================================== [ 19.621026] ================================================================== [ 19.621421] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 19.621421] [ 19.621814] Invalid free of 0x(____ptrval____) (in kfence-#89): [ 19.622103] test_invalid_addr_free+0xfb/0x260 [ 19.622716] kunit_try_run_case+0x1a5/0x480 [ 19.622901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.623415] kthread+0x337/0x6f0 [ 19.623771] ret_from_fork+0x116/0x1d0 [ 19.623969] ret_from_fork_asm+0x1a/0x30 [ 19.624158] [ 19.624233] kfence-#89: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.624233] [ 19.624864] allocated by task 327 on cpu 0 at 19.620917s (0.003944s ago): [ 19.625273] test_alloc+0x2a6/0x10f0 [ 19.625483] test_invalid_addr_free+0xdb/0x260 [ 19.625765] kunit_try_run_case+0x1a5/0x480 [ 19.625939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.626294] kthread+0x337/0x6f0 [ 19.626536] ret_from_fork+0x116/0x1d0 [ 19.626782] ret_from_fork_asm+0x1a/0x30 [ 19.627038] [ 19.627142] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.627821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.628100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.628487] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 19.413095] ================================================================== [ 19.413521] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 19.413521] [ 19.413900] Invalid free of 0x(____ptrval____) (in kfence-#87): [ 19.414200] test_double_free+0x112/0x260 [ 19.414407] kunit_try_run_case+0x1a5/0x480 [ 19.414672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.414878] kthread+0x337/0x6f0 [ 19.415053] ret_from_fork+0x116/0x1d0 [ 19.415187] ret_from_fork_asm+0x1a/0x30 [ 19.415380] [ 19.415516] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.415516] [ 19.415887] allocated by task 323 on cpu 1 at 19.412932s (0.002953s ago): [ 19.416215] test_alloc+0x2a6/0x10f0 [ 19.416430] test_double_free+0xdb/0x260 [ 19.416625] kunit_try_run_case+0x1a5/0x480 [ 19.416810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.417063] kthread+0x337/0x6f0 [ 19.417232] ret_from_fork+0x116/0x1d0 [ 19.417413] ret_from_fork_asm+0x1a/0x30 [ 19.417592] [ 19.417664] freed by task 323 on cpu 1 at 19.412975s (0.004686s ago): [ 19.418086] test_double_free+0xfa/0x260 [ 19.418285] kunit_try_run_case+0x1a5/0x480 [ 19.418508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.418812] kthread+0x337/0x6f0 [ 19.419015] ret_from_fork+0x116/0x1d0 [ 19.419222] ret_from_fork_asm+0x1a/0x30 [ 19.419396] [ 19.419559] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.420004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.420172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.420612] ================================================================== [ 19.309175] ================================================================== [ 19.309730] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 19.309730] [ 19.310086] Invalid free of 0x(____ptrval____) (in kfence-#86): [ 19.310354] test_double_free+0x1d3/0x260 [ 19.310520] kunit_try_run_case+0x1a5/0x480 [ 19.310695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.311114] kthread+0x337/0x6f0 [ 19.311257] ret_from_fork+0x116/0x1d0 [ 19.311399] ret_from_fork_asm+0x1a/0x30 [ 19.312211] [ 19.312333] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.312333] [ 19.312877] allocated by task 321 on cpu 0 at 19.308906s (0.003969s ago): [ 19.313180] test_alloc+0x364/0x10f0 [ 19.313354] test_double_free+0xdb/0x260 [ 19.313919] kunit_try_run_case+0x1a5/0x480 [ 19.314123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.314428] kthread+0x337/0x6f0 [ 19.314614] ret_from_fork+0x116/0x1d0 [ 19.314786] ret_from_fork_asm+0x1a/0x30 [ 19.314959] [ 19.315045] freed by task 321 on cpu 0 at 19.308986s (0.006057s ago): [ 19.315327] test_double_free+0x1e0/0x260 [ 19.315818] kunit_try_run_case+0x1a5/0x480 [ 19.315991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.316371] kthread+0x337/0x6f0 [ 19.316584] ret_from_fork+0x116/0x1d0 [ 19.316881] ret_from_fork_asm+0x1a/0x30 [ 19.317146] [ 19.317265] CPU: 0 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.317991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.318186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.318956] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 18.893153] ================================================================== [ 18.893763] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.893763] [ 18.894203] Use-after-free read at 0x(____ptrval____) (in kfence-#82): [ 18.894906] test_use_after_free_read+0x129/0x270 [ 18.895467] kunit_try_run_case+0x1a5/0x480 [ 18.895654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.896089] kthread+0x337/0x6f0 [ 18.896354] ret_from_fork+0x116/0x1d0 [ 18.896691] ret_from_fork_asm+0x1a/0x30 [ 18.896986] [ 18.897186] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.897186] [ 18.897614] allocated by task 313 on cpu 1 at 18.892940s (0.004672s ago): [ 18.897934] test_alloc+0x364/0x10f0 [ 18.898135] test_use_after_free_read+0xdc/0x270 [ 18.898332] kunit_try_run_case+0x1a5/0x480 [ 18.898540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.898833] kthread+0x337/0x6f0 [ 18.899023] ret_from_fork+0x116/0x1d0 [ 18.899168] ret_from_fork_asm+0x1a/0x30 [ 18.899369] [ 18.899629] freed by task 313 on cpu 1 at 18.892993s (0.006550s ago): [ 18.900013] test_use_after_free_read+0x1e7/0x270 [ 18.900263] kunit_try_run_case+0x1a5/0x480 [ 18.900470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.900679] kthread+0x337/0x6f0 [ 18.900867] ret_from_fork+0x116/0x1d0 [ 18.901026] ret_from_fork_asm+0x1a/0x30 [ 18.901230] [ 18.901376] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.901815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.902022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.902340] ================================================================== [ 18.997049] ================================================================== [ 18.997465] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.997465] [ 18.997948] Use-after-free read at 0x(____ptrval____) (in kfence-#83): [ 18.998208] test_use_after_free_read+0x129/0x270 [ 18.998466] kunit_try_run_case+0x1a5/0x480 [ 18.998711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.998981] kthread+0x337/0x6f0 [ 18.999144] ret_from_fork+0x116/0x1d0 [ 18.999282] ret_from_fork_asm+0x1a/0x30 [ 18.999524] [ 18.999620] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.999620] [ 18.999920] allocated by task 315 on cpu 0 at 18.996924s (0.002994s ago): [ 19.000235] test_alloc+0x2a6/0x10f0 [ 19.000427] test_use_after_free_read+0xdc/0x270 [ 19.000821] kunit_try_run_case+0x1a5/0x480 [ 19.001149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.001380] kthread+0x337/0x6f0 [ 19.002019] ret_from_fork+0x116/0x1d0 [ 19.002206] ret_from_fork_asm+0x1a/0x30 [ 19.002634] [ 19.002732] freed by task 315 on cpu 0 at 18.996970s (0.005760s ago): [ 19.003035] test_use_after_free_read+0xfb/0x270 [ 19.003261] kunit_try_run_case+0x1a5/0x480 [ 19.003793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.004057] kthread+0x337/0x6f0 [ 19.004364] ret_from_fork+0x116/0x1d0 [ 19.004692] ret_from_fork_asm+0x1a/0x30 [ 19.005006] [ 19.005158] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.005852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.006058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.006645] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.748959] ================================================================== [ 17.749360] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.749360] [ 17.749806] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#71): [ 17.750120] test_out_of_bounds_read+0x126/0x4e0 [ 17.750333] kunit_try_run_case+0x1a5/0x480 [ 17.750501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.751008] kthread+0x337/0x6f0 [ 17.751832] ret_from_fork+0x116/0x1d0 [ 17.751996] ret_from_fork_asm+0x1a/0x30 [ 17.752385] [ 17.752551] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.752551] [ 17.753073] allocated by task 307 on cpu 0 at 17.748890s (0.004161s ago): [ 17.753632] test_alloc+0x2a6/0x10f0 [ 17.753811] test_out_of_bounds_read+0xed/0x4e0 [ 17.754171] kunit_try_run_case+0x1a5/0x480 [ 17.754376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.754816] kthread+0x337/0x6f0 [ 17.755064] ret_from_fork+0x116/0x1d0 [ 17.755327] ret_from_fork_asm+0x1a/0x30 [ 17.755646] [ 17.755863] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.756336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.756710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.757178] ================================================================== [ 18.164971] ================================================================== [ 18.165379] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 18.165379] [ 18.165916] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#75): [ 18.166256] test_out_of_bounds_read+0x216/0x4e0 [ 18.166422] kunit_try_run_case+0x1a5/0x480 [ 18.166637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.167045] kthread+0x337/0x6f0 [ 18.167219] ret_from_fork+0x116/0x1d0 [ 18.167432] ret_from_fork_asm+0x1a/0x30 [ 18.167681] [ 18.167782] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.167782] [ 18.168144] allocated by task 307 on cpu 0 at 18.164911s (0.003231s ago): [ 18.168402] test_alloc+0x2a6/0x10f0 [ 18.168606] test_out_of_bounds_read+0x1e2/0x4e0 [ 18.168866] kunit_try_run_case+0x1a5/0x480 [ 18.169088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.169327] kthread+0x337/0x6f0 [ 18.169525] ret_from_fork+0x116/0x1d0 [ 18.169659] ret_from_fork_asm+0x1a/0x30 [ 18.169797] [ 18.169918] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.170439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.170715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.171081] ================================================================== [ 17.645241] ================================================================== [ 17.645879] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.645879] [ 17.646316] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#70): [ 17.646642] test_out_of_bounds_read+0x216/0x4e0 [ 17.646895] kunit_try_run_case+0x1a5/0x480 [ 17.647118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.647383] kthread+0x337/0x6f0 [ 17.647527] ret_from_fork+0x116/0x1d0 [ 17.647723] ret_from_fork_asm+0x1a/0x30 [ 17.647909] [ 17.647983] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.647983] [ 17.648324] allocated by task 305 on cpu 1 at 17.644930s (0.003391s ago): [ 17.648773] test_alloc+0x364/0x10f0 [ 17.649045] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.649243] kunit_try_run_case+0x1a5/0x480 [ 17.649421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.649722] kthread+0x337/0x6f0 [ 17.649917] ret_from_fork+0x116/0x1d0 [ 17.650084] ret_from_fork_asm+0x1a/0x30 [ 17.650268] [ 17.650363] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.650768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.650971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.651278] ================================================================== [ 17.437923] ================================================================== [ 17.438386] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.438386] [ 17.438912] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#68): [ 17.439320] test_out_of_bounds_read+0x126/0x4e0 [ 17.439659] kunit_try_run_case+0x1a5/0x480 [ 17.439882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.440097] kthread+0x337/0x6f0 [ 17.440274] ret_from_fork+0x116/0x1d0 [ 17.440490] ret_from_fork_asm+0x1a/0x30 [ 17.440659] [ 17.440904] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.440904] [ 17.441381] allocated by task 305 on cpu 1 at 17.436897s (0.004429s ago): [ 17.442048] test_alloc+0x364/0x10f0 [ 17.442279] test_out_of_bounds_read+0xed/0x4e0 [ 17.442570] kunit_try_run_case+0x1a5/0x480 [ 17.442776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.443022] kthread+0x337/0x6f0 [ 17.443212] ret_from_fork+0x116/0x1d0 [ 17.443386] ret_from_fork_asm+0x1a/0x30 [ 17.443686] [ 17.443828] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.444265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.444506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.444910] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.729074] ================================================================== [ 16.729420] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.729819] Write of size 1 at addr ffff888103434a78 by task kunit_try_catch/303 [ 16.730107] [ 16.730221] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.730265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.730278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.730301] Call Trace: [ 16.730316] <TASK> [ 16.730333] dump_stack_lvl+0x73/0xb0 [ 16.730362] print_report+0xd1/0x610 [ 16.730386] ? __virt_addr_valid+0x1db/0x2d0 [ 16.730422] ? strncpy_from_user+0x1a5/0x1d0 [ 16.730448] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.730484] ? strncpy_from_user+0x1a5/0x1d0 [ 16.730508] kasan_report+0x141/0x180 [ 16.730532] ? strncpy_from_user+0x1a5/0x1d0 [ 16.730561] __asan_report_store1_noabort+0x1b/0x30 [ 16.730588] strncpy_from_user+0x1a5/0x1d0 [ 16.730616] copy_user_test_oob+0x760/0x10f0 [ 16.730644] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.730669] ? finish_task_switch.isra.0+0x153/0x700 [ 16.730694] ? __switch_to+0x47/0xf50 [ 16.730722] ? __schedule+0x10cc/0x2b60 [ 16.730745] ? __pfx_read_tsc+0x10/0x10 [ 16.730768] ? ktime_get_ts64+0x86/0x230 [ 16.730794] kunit_try_run_case+0x1a5/0x480 [ 16.730820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.730844] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.730871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.730897] ? __kthread_parkme+0x82/0x180 [ 16.730920] ? preempt_count_sub+0x50/0x80 [ 16.730944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.730970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.730996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.731024] kthread+0x337/0x6f0 [ 16.731045] ? trace_preempt_on+0x20/0xc0 [ 16.731071] ? __pfx_kthread+0x10/0x10 [ 16.731094] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.731117] ? calculate_sigpending+0x7b/0xa0 [ 16.731143] ? __pfx_kthread+0x10/0x10 [ 16.731166] ret_from_fork+0x116/0x1d0 [ 16.731186] ? __pfx_kthread+0x10/0x10 [ 16.731209] ret_from_fork_asm+0x1a/0x30 [ 16.731241] </TASK> [ 16.731252] [ 16.738442] Allocated by task 303: [ 16.738630] kasan_save_stack+0x45/0x70 [ 16.738829] kasan_save_track+0x18/0x40 [ 16.739024] kasan_save_alloc_info+0x3b/0x50 [ 16.739236] __kasan_kmalloc+0xb7/0xc0 [ 16.739429] __kmalloc_noprof+0x1c9/0x500 [ 16.739619] kunit_kmalloc_array+0x25/0x60 [ 16.739824] copy_user_test_oob+0xab/0x10f0 [ 16.739987] kunit_try_run_case+0x1a5/0x480 [ 16.740137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.740318] kthread+0x337/0x6f0 [ 16.740550] ret_from_fork+0x116/0x1d0 [ 16.740744] ret_from_fork_asm+0x1a/0x30 [ 16.740946] [ 16.741046] The buggy address belongs to the object at ffff888103434a00 [ 16.741046] which belongs to the cache kmalloc-128 of size 128 [ 16.741533] The buggy address is located 0 bytes to the right of [ 16.741533] allocated 120-byte region [ffff888103434a00, ffff888103434a78) [ 16.742031] [ 16.742128] The buggy address belongs to the physical page: [ 16.742345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103434 [ 16.742708] flags: 0x200000000000000(node=0|zone=2) [ 16.742951] page_type: f5(slab) [ 16.743091] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.743395] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.743694] page dumped because: kasan: bad access detected [ 16.743881] [ 16.743951] Memory state around the buggy address: [ 16.744107] ffff888103434900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.744332] ffff888103434980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.744754] >ffff888103434a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.745080] ^ [ 16.745390] ffff888103434a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.745726] ffff888103434b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.746010] ================================================================== [ 16.710679] ================================================================== [ 16.711038] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.711544] Write of size 121 at addr ffff888103434a00 by task kunit_try_catch/303 [ 16.711808] [ 16.711902] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.711948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.711961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.711985] Call Trace: [ 16.712005] <TASK> [ 16.712024] dump_stack_lvl+0x73/0xb0 [ 16.712055] print_report+0xd1/0x610 [ 16.712081] ? __virt_addr_valid+0x1db/0x2d0 [ 16.712107] ? strncpy_from_user+0x2e/0x1d0 [ 16.712132] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.712157] ? strncpy_from_user+0x2e/0x1d0 [ 16.712181] kasan_report+0x141/0x180 [ 16.712205] ? strncpy_from_user+0x2e/0x1d0 [ 16.712235] kasan_check_range+0x10c/0x1c0 [ 16.712259] __kasan_check_write+0x18/0x20 [ 16.712286] strncpy_from_user+0x2e/0x1d0 [ 16.712309] ? __kasan_check_read+0x15/0x20 [ 16.712333] copy_user_test_oob+0x760/0x10f0 [ 16.712361] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.712394] ? finish_task_switch.isra.0+0x153/0x700 [ 16.712419] ? __switch_to+0x47/0xf50 [ 16.712448] ? __schedule+0x10cc/0x2b60 [ 16.712482] ? __pfx_read_tsc+0x10/0x10 [ 16.712505] ? ktime_get_ts64+0x86/0x230 [ 16.712530] kunit_try_run_case+0x1a5/0x480 [ 16.712557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.712581] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.712607] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.712633] ? __kthread_parkme+0x82/0x180 [ 16.712655] ? preempt_count_sub+0x50/0x80 [ 16.712681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.712707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.712734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.712761] kthread+0x337/0x6f0 [ 16.712781] ? trace_preempt_on+0x20/0xc0 [ 16.712807] ? __pfx_kthread+0x10/0x10 [ 16.712829] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.712853] ? calculate_sigpending+0x7b/0xa0 [ 16.712880] ? __pfx_kthread+0x10/0x10 [ 16.712903] ret_from_fork+0x116/0x1d0 [ 16.712923] ? __pfx_kthread+0x10/0x10 [ 16.712944] ret_from_fork_asm+0x1a/0x30 [ 16.712978] </TASK> [ 16.712989] [ 16.721028] Allocated by task 303: [ 16.721182] kasan_save_stack+0x45/0x70 [ 16.721333] kasan_save_track+0x18/0x40 [ 16.721480] kasan_save_alloc_info+0x3b/0x50 [ 16.721632] __kasan_kmalloc+0xb7/0xc0 [ 16.721766] __kmalloc_noprof+0x1c9/0x500 [ 16.721907] kunit_kmalloc_array+0x25/0x60 [ 16.722054] copy_user_test_oob+0xab/0x10f0 [ 16.722203] kunit_try_run_case+0x1a5/0x480 [ 16.722529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.722787] kthread+0x337/0x6f0 [ 16.722956] ret_from_fork+0x116/0x1d0 [ 16.723141] ret_from_fork_asm+0x1a/0x30 [ 16.723337] [ 16.723431] The buggy address belongs to the object at ffff888103434a00 [ 16.723431] which belongs to the cache kmalloc-128 of size 128 [ 16.723851] The buggy address is located 0 bytes inside of [ 16.723851] allocated 120-byte region [ffff888103434a00, ffff888103434a78) [ 16.724207] [ 16.724278] The buggy address belongs to the physical page: [ 16.724464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103434 [ 16.724849] flags: 0x200000000000000(node=0|zone=2) [ 16.725091] page_type: f5(slab) [ 16.725264] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.725845] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.726185] page dumped because: kasan: bad access detected [ 16.726441] [ 16.726555] Memory state around the buggy address: [ 16.726780] ffff888103434900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.727051] ffff888103434980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.727266] >ffff888103434a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.727651] ^ [ 16.727968] ffff888103434a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.728287] ffff888103434b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.728563] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.632275] ================================================================== [ 16.632802] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.633047] Write of size 121 at addr ffff888103434a00 by task kunit_try_catch/303 [ 16.633278] [ 16.633374] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.633424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.633438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.633474] Call Trace: [ 16.633489] <TASK> [ 16.633507] dump_stack_lvl+0x73/0xb0 [ 16.633539] print_report+0xd1/0x610 [ 16.633577] ? __virt_addr_valid+0x1db/0x2d0 [ 16.633602] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.633639] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.633665] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.633690] kasan_report+0x141/0x180 [ 16.633714] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.633744] kasan_check_range+0x10c/0x1c0 [ 16.633770] __kasan_check_write+0x18/0x20 [ 16.633790] copy_user_test_oob+0x3fd/0x10f0 [ 16.633818] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.633844] ? finish_task_switch.isra.0+0x153/0x700 [ 16.633879] ? __switch_to+0x47/0xf50 [ 16.633906] ? __schedule+0x10cc/0x2b60 [ 16.633941] ? __pfx_read_tsc+0x10/0x10 [ 16.633965] ? ktime_get_ts64+0x86/0x230 [ 16.633991] kunit_try_run_case+0x1a5/0x480 [ 16.634018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.634042] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.634070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.634095] ? __kthread_parkme+0x82/0x180 [ 16.634118] ? preempt_count_sub+0x50/0x80 [ 16.634143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.634178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.634205] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.634242] kthread+0x337/0x6f0 [ 16.634262] ? trace_preempt_on+0x20/0xc0 [ 16.634287] ? __pfx_kthread+0x10/0x10 [ 16.634310] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.634334] ? calculate_sigpending+0x7b/0xa0 [ 16.634368] ? __pfx_kthread+0x10/0x10 [ 16.634392] ret_from_fork+0x116/0x1d0 [ 16.634411] ? __pfx_kthread+0x10/0x10 [ 16.634444] ret_from_fork_asm+0x1a/0x30 [ 16.634484] </TASK> [ 16.634495] [ 16.645841] Allocated by task 303: [ 16.645989] kasan_save_stack+0x45/0x70 [ 16.646145] kasan_save_track+0x18/0x40 [ 16.646283] kasan_save_alloc_info+0x3b/0x50 [ 16.646494] __kasan_kmalloc+0xb7/0xc0 [ 16.646823] __kmalloc_noprof+0x1c9/0x500 [ 16.647175] kunit_kmalloc_array+0x25/0x60 [ 16.647565] copy_user_test_oob+0xab/0x10f0 [ 16.647938] kunit_try_run_case+0x1a5/0x480 [ 16.648309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.648922] kthread+0x337/0x6f0 [ 16.649277] ret_from_fork+0x116/0x1d0 [ 16.649637] ret_from_fork_asm+0x1a/0x30 [ 16.650006] [ 16.650168] The buggy address belongs to the object at ffff888103434a00 [ 16.650168] which belongs to the cache kmalloc-128 of size 128 [ 16.651230] The buggy address is located 0 bytes inside of [ 16.651230] allocated 120-byte region [ffff888103434a00, ffff888103434a78) [ 16.651982] [ 16.652060] The buggy address belongs to the physical page: [ 16.652236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103434 [ 16.652501] flags: 0x200000000000000(node=0|zone=2) [ 16.652796] page_type: f5(slab) [ 16.652972] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.653256] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.653587] page dumped because: kasan: bad access detected [ 16.653916] [ 16.653993] Memory state around the buggy address: [ 16.654168] ffff888103434900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.654519] ffff888103434980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.654799] >ffff888103434a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.655035] ^ [ 16.655329] ffff888103434a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.655671] ffff888103434b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.655914] ================================================================== [ 16.674441] ================================================================== [ 16.675021] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.675352] Write of size 121 at addr ffff888103434a00 by task kunit_try_catch/303 [ 16.675701] [ 16.675817] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.675862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.675875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.675898] Call Trace: [ 16.675916] <TASK> [ 16.675933] dump_stack_lvl+0x73/0xb0 [ 16.675964] print_report+0xd1/0x610 [ 16.675988] ? __virt_addr_valid+0x1db/0x2d0 [ 16.676021] ? copy_user_test_oob+0x557/0x10f0 [ 16.676047] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.676072] ? copy_user_test_oob+0x557/0x10f0 [ 16.676098] kasan_report+0x141/0x180 [ 16.676120] ? copy_user_test_oob+0x557/0x10f0 [ 16.676151] kasan_check_range+0x10c/0x1c0 [ 16.676175] __kasan_check_write+0x18/0x20 [ 16.676197] copy_user_test_oob+0x557/0x10f0 [ 16.676225] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.676249] ? finish_task_switch.isra.0+0x153/0x700 [ 16.676275] ? __switch_to+0x47/0xf50 [ 16.676307] ? __schedule+0x10cc/0x2b60 [ 16.676331] ? __pfx_read_tsc+0x10/0x10 [ 16.676354] ? ktime_get_ts64+0x86/0x230 [ 16.676379] kunit_try_run_case+0x1a5/0x480 [ 16.676406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.676443] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.676478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.676504] ? __kthread_parkme+0x82/0x180 [ 16.676527] ? preempt_count_sub+0x50/0x80 [ 16.676551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.676578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.676604] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.676631] kthread+0x337/0x6f0 [ 16.676652] ? trace_preempt_on+0x20/0xc0 [ 16.676676] ? __pfx_kthread+0x10/0x10 [ 16.676698] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.676721] ? calculate_sigpending+0x7b/0xa0 [ 16.676748] ? __pfx_kthread+0x10/0x10 [ 16.676770] ret_from_fork+0x116/0x1d0 [ 16.676791] ? __pfx_kthread+0x10/0x10 [ 16.676814] ret_from_fork_asm+0x1a/0x30 [ 16.676848] </TASK> [ 16.676859] [ 16.684154] Allocated by task 303: [ 16.684289] kasan_save_stack+0x45/0x70 [ 16.684458] kasan_save_track+0x18/0x40 [ 16.684656] kasan_save_alloc_info+0x3b/0x50 [ 16.684877] __kasan_kmalloc+0xb7/0xc0 [ 16.685097] __kmalloc_noprof+0x1c9/0x500 [ 16.685355] kunit_kmalloc_array+0x25/0x60 [ 16.685653] copy_user_test_oob+0xab/0x10f0 [ 16.685835] kunit_try_run_case+0x1a5/0x480 [ 16.686008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.686237] kthread+0x337/0x6f0 [ 16.686359] ret_from_fork+0x116/0x1d0 [ 16.686503] ret_from_fork_asm+0x1a/0x30 [ 16.686651] [ 16.686748] The buggy address belongs to the object at ffff888103434a00 [ 16.686748] which belongs to the cache kmalloc-128 of size 128 [ 16.687296] The buggy address is located 0 bytes inside of [ 16.687296] allocated 120-byte region [ffff888103434a00, ffff888103434a78) [ 16.687691] [ 16.687763] The buggy address belongs to the physical page: [ 16.687936] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103434 [ 16.688503] flags: 0x200000000000000(node=0|zone=2) [ 16.688750] page_type: f5(slab) [ 16.688919] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.689255] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.689569] page dumped because: kasan: bad access detected [ 16.689742] [ 16.689814] Memory state around the buggy address: [ 16.689971] ffff888103434900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.690234] ffff888103434980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.690744] >ffff888103434a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.691065] ^ [ 16.691363] ffff888103434a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.691684] ffff888103434b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.691898] ================================================================== [ 16.692724] ================================================================== [ 16.693086] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.693405] Read of size 121 at addr ffff888103434a00 by task kunit_try_catch/303 [ 16.693762] [ 16.693856] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.693904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.693916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.693940] Call Trace: [ 16.693961] <TASK> [ 16.693979] dump_stack_lvl+0x73/0xb0 [ 16.694009] print_report+0xd1/0x610 [ 16.694033] ? __virt_addr_valid+0x1db/0x2d0 [ 16.694060] ? copy_user_test_oob+0x604/0x10f0 [ 16.694085] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.694110] ? copy_user_test_oob+0x604/0x10f0 [ 16.694135] kasan_report+0x141/0x180 [ 16.694158] ? copy_user_test_oob+0x604/0x10f0 [ 16.694189] kasan_check_range+0x10c/0x1c0 [ 16.694214] __kasan_check_read+0x15/0x20 [ 16.694235] copy_user_test_oob+0x604/0x10f0 [ 16.694262] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.694287] ? finish_task_switch.isra.0+0x153/0x700 [ 16.694312] ? __switch_to+0x47/0xf50 [ 16.694339] ? __schedule+0x10cc/0x2b60 [ 16.694364] ? __pfx_read_tsc+0x10/0x10 [ 16.694386] ? ktime_get_ts64+0x86/0x230 [ 16.694412] kunit_try_run_case+0x1a5/0x480 [ 16.694438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.694475] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.694501] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.694527] ? __kthread_parkme+0x82/0x180 [ 16.694549] ? preempt_count_sub+0x50/0x80 [ 16.694574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.694600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.694627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.694654] kthread+0x337/0x6f0 [ 16.694675] ? trace_preempt_on+0x20/0xc0 [ 16.694701] ? __pfx_kthread+0x10/0x10 [ 16.694723] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.694746] ? calculate_sigpending+0x7b/0xa0 [ 16.694772] ? __pfx_kthread+0x10/0x10 [ 16.694795] ret_from_fork+0x116/0x1d0 [ 16.694816] ? __pfx_kthread+0x10/0x10 [ 16.694838] ret_from_fork_asm+0x1a/0x30 [ 16.694871] </TASK> [ 16.694882] [ 16.701921] Allocated by task 303: [ 16.702232] kasan_save_stack+0x45/0x70 [ 16.702496] kasan_save_track+0x18/0x40 [ 16.702749] kasan_save_alloc_info+0x3b/0x50 [ 16.702963] __kasan_kmalloc+0xb7/0xc0 [ 16.703140] __kmalloc_noprof+0x1c9/0x500 [ 16.703298] kunit_kmalloc_array+0x25/0x60 [ 16.703529] copy_user_test_oob+0xab/0x10f0 [ 16.703744] kunit_try_run_case+0x1a5/0x480 [ 16.703932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.704147] kthread+0x337/0x6f0 [ 16.704270] ret_from_fork+0x116/0x1d0 [ 16.704514] ret_from_fork_asm+0x1a/0x30 [ 16.704715] [ 16.704812] The buggy address belongs to the object at ffff888103434a00 [ 16.704812] which belongs to the cache kmalloc-128 of size 128 [ 16.705273] The buggy address is located 0 bytes inside of [ 16.705273] allocated 120-byte region [ffff888103434a00, ffff888103434a78) [ 16.705792] [ 16.705866] The buggy address belongs to the physical page: [ 16.706040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103434 [ 16.706283] flags: 0x200000000000000(node=0|zone=2) [ 16.706480] page_type: f5(slab) [ 16.706650] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.707029] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.707364] page dumped because: kasan: bad access detected [ 16.707569] [ 16.707641] Memory state around the buggy address: [ 16.707798] ffff888103434900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.708015] ffff888103434980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.708308] >ffff888103434a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.708781] ^ [ 16.709103] ffff888103434a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.709430] ffff888103434b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.709972] ================================================================== [ 16.656595] ================================================================== [ 16.656907] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.657264] Read of size 121 at addr ffff888103434a00 by task kunit_try_catch/303 [ 16.657553] [ 16.657653] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.657701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.657714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.657738] Call Trace: [ 16.657758] <TASK> [ 16.657778] dump_stack_lvl+0x73/0xb0 [ 16.657809] print_report+0xd1/0x610 [ 16.657833] ? __virt_addr_valid+0x1db/0x2d0 [ 16.657858] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.657884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.657910] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.657936] kasan_report+0x141/0x180 [ 16.657959] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.658040] kasan_check_range+0x10c/0x1c0 [ 16.658067] __kasan_check_read+0x15/0x20 [ 16.658088] copy_user_test_oob+0x4aa/0x10f0 [ 16.658116] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.658141] ? finish_task_switch.isra.0+0x153/0x700 [ 16.658166] ? __switch_to+0x47/0xf50 [ 16.658193] ? __schedule+0x10cc/0x2b60 [ 16.658217] ? __pfx_read_tsc+0x10/0x10 [ 16.658240] ? ktime_get_ts64+0x86/0x230 [ 16.658266] kunit_try_run_case+0x1a5/0x480 [ 16.658293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.658317] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.658345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.658370] ? __kthread_parkme+0x82/0x180 [ 16.658394] ? preempt_count_sub+0x50/0x80 [ 16.658429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.658466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.658493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.658520] kthread+0x337/0x6f0 [ 16.658540] ? trace_preempt_on+0x20/0xc0 [ 16.658566] ? __pfx_kthread+0x10/0x10 [ 16.658588] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.658611] ? calculate_sigpending+0x7b/0xa0 [ 16.658637] ? __pfx_kthread+0x10/0x10 [ 16.658661] ret_from_fork+0x116/0x1d0 [ 16.658682] ? __pfx_kthread+0x10/0x10 [ 16.658707] ret_from_fork_asm+0x1a/0x30 [ 16.658741] </TASK> [ 16.658753] [ 16.666070] Allocated by task 303: [ 16.666201] kasan_save_stack+0x45/0x70 [ 16.666345] kasan_save_track+0x18/0x40 [ 16.666719] kasan_save_alloc_info+0x3b/0x50 [ 16.666941] __kasan_kmalloc+0xb7/0xc0 [ 16.667132] __kmalloc_noprof+0x1c9/0x500 [ 16.667336] kunit_kmalloc_array+0x25/0x60 [ 16.667581] copy_user_test_oob+0xab/0x10f0 [ 16.667778] kunit_try_run_case+0x1a5/0x480 [ 16.667926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.668171] kthread+0x337/0x6f0 [ 16.668346] ret_from_fork+0x116/0x1d0 [ 16.668492] ret_from_fork_asm+0x1a/0x30 [ 16.668635] [ 16.668729] The buggy address belongs to the object at ffff888103434a00 [ 16.668729] which belongs to the cache kmalloc-128 of size 128 [ 16.669266] The buggy address is located 0 bytes inside of [ 16.669266] allocated 120-byte region [ffff888103434a00, ffff888103434a78) [ 16.669666] [ 16.669739] The buggy address belongs to the physical page: [ 16.669911] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103434 [ 16.670436] flags: 0x200000000000000(node=0|zone=2) [ 16.670681] page_type: f5(slab) [ 16.670848] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.671166] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.671395] page dumped because: kasan: bad access detected [ 16.671575] [ 16.671644] Memory state around the buggy address: [ 16.671829] ffff888103434900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.672326] ffff888103434980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.672622] >ffff888103434a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.672833] ^ [ 16.673220] ffff888103434a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.673721] ffff888103434b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.673952] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.604155] ================================================================== [ 16.604577] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.604904] Read of size 121 at addr ffff888103434a00 by task kunit_try_catch/303 [ 16.605221] [ 16.605333] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.605382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.605396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.605420] Call Trace: [ 16.605441] <TASK> [ 16.605474] dump_stack_lvl+0x73/0xb0 [ 16.605508] print_report+0xd1/0x610 [ 16.605534] ? __virt_addr_valid+0x1db/0x2d0 [ 16.605559] ? _copy_to_user+0x3c/0x70 [ 16.605580] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.605606] ? _copy_to_user+0x3c/0x70 [ 16.605627] kasan_report+0x141/0x180 [ 16.605651] ? _copy_to_user+0x3c/0x70 [ 16.605676] kasan_check_range+0x10c/0x1c0 [ 16.605702] __kasan_check_read+0x15/0x20 [ 16.605724] _copy_to_user+0x3c/0x70 [ 16.605745] copy_user_test_oob+0x364/0x10f0 [ 16.605774] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.605799] ? finish_task_switch.isra.0+0x153/0x700 [ 16.605824] ? __switch_to+0x47/0xf50 [ 16.605852] ? __schedule+0x10cc/0x2b60 [ 16.605877] ? __pfx_read_tsc+0x10/0x10 [ 16.605900] ? ktime_get_ts64+0x86/0x230 [ 16.605926] kunit_try_run_case+0x1a5/0x480 [ 16.605951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.605976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.606001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.606028] ? __kthread_parkme+0x82/0x180 [ 16.606051] ? preempt_count_sub+0x50/0x80 [ 16.606076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.606102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.606129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.606156] kthread+0x337/0x6f0 [ 16.606176] ? trace_preempt_on+0x20/0xc0 [ 16.606202] ? __pfx_kthread+0x10/0x10 [ 16.606224] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.606248] ? calculate_sigpending+0x7b/0xa0 [ 16.606275] ? __pfx_kthread+0x10/0x10 [ 16.606297] ret_from_fork+0x116/0x1d0 [ 16.606317] ? __pfx_kthread+0x10/0x10 [ 16.606339] ret_from_fork_asm+0x1a/0x30 [ 16.606372] </TASK> [ 16.606384] [ 16.615031] Allocated by task 303: [ 16.615209] kasan_save_stack+0x45/0x70 [ 16.615736] kasan_save_track+0x18/0x40 [ 16.615965] kasan_save_alloc_info+0x3b/0x50 [ 16.616118] __kasan_kmalloc+0xb7/0xc0 [ 16.616291] __kmalloc_noprof+0x1c9/0x500 [ 16.616782] kunit_kmalloc_array+0x25/0x60 [ 16.616995] copy_user_test_oob+0xab/0x10f0 [ 16.617188] kunit_try_run_case+0x1a5/0x480 [ 16.617381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.617912] kthread+0x337/0x6f0 [ 16.618248] ret_from_fork+0x116/0x1d0 [ 16.618652] ret_from_fork_asm+0x1a/0x30 [ 16.618925] [ 16.619004] The buggy address belongs to the object at ffff888103434a00 [ 16.619004] which belongs to the cache kmalloc-128 of size 128 [ 16.619370] The buggy address is located 0 bytes inside of [ 16.619370] allocated 120-byte region [ffff888103434a00, ffff888103434a78) [ 16.620498] [ 16.620670] The buggy address belongs to the physical page: [ 16.621164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103434 [ 16.621836] flags: 0x200000000000000(node=0|zone=2) [ 16.622007] page_type: f5(slab) [ 16.622133] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.622365] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.623097] page dumped because: kasan: bad access detected [ 16.623633] [ 16.623791] Memory state around the buggy address: [ 16.624234] ffff888103434900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.624884] ffff888103434980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.625380] >ffff888103434a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.625659] ^ [ 16.626162] ffff888103434a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.626381] ffff888103434b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.627040] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.570712] ================================================================== [ 16.572695] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.572956] Write of size 121 at addr ffff888103434a00 by task kunit_try_catch/303 [ 16.573190] [ 16.573293] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.573348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.573362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.573389] Call Trace: [ 16.573406] <TASK> [ 16.573430] dump_stack_lvl+0x73/0xb0 [ 16.573476] print_report+0xd1/0x610 [ 16.573504] ? __virt_addr_valid+0x1db/0x2d0 [ 16.573533] ? _copy_from_user+0x32/0x90 [ 16.573553] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.573579] ? _copy_from_user+0x32/0x90 [ 16.573600] kasan_report+0x141/0x180 [ 16.573623] ? _copy_from_user+0x32/0x90 [ 16.573649] kasan_check_range+0x10c/0x1c0 [ 16.573674] __kasan_check_write+0x18/0x20 [ 16.573695] _copy_from_user+0x32/0x90 [ 16.573718] copy_user_test_oob+0x2be/0x10f0 [ 16.573767] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.573793] ? finish_task_switch.isra.0+0x153/0x700 [ 16.573819] ? __switch_to+0x47/0xf50 [ 16.573847] ? __schedule+0x10cc/0x2b60 [ 16.573873] ? __pfx_read_tsc+0x10/0x10 [ 16.573896] ? ktime_get_ts64+0x86/0x230 [ 16.573924] kunit_try_run_case+0x1a5/0x480 [ 16.573949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.573974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.574000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.574026] ? __kthread_parkme+0x82/0x180 [ 16.574049] ? preempt_count_sub+0x50/0x80 [ 16.574074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.574100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.574127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.574155] kthread+0x337/0x6f0 [ 16.574175] ? trace_preempt_on+0x20/0xc0 [ 16.574201] ? __pfx_kthread+0x10/0x10 [ 16.574223] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.574246] ? calculate_sigpending+0x7b/0xa0 [ 16.574273] ? __pfx_kthread+0x10/0x10 [ 16.574296] ret_from_fork+0x116/0x1d0 [ 16.574317] ? __pfx_kthread+0x10/0x10 [ 16.574339] ret_from_fork_asm+0x1a/0x30 [ 16.574371] </TASK> [ 16.574384] [ 16.587080] Allocated by task 303: [ 16.587516] kasan_save_stack+0x45/0x70 [ 16.587932] kasan_save_track+0x18/0x40 [ 16.588324] kasan_save_alloc_info+0x3b/0x50 [ 16.588769] __kasan_kmalloc+0xb7/0xc0 [ 16.589148] __kmalloc_noprof+0x1c9/0x500 [ 16.589590] kunit_kmalloc_array+0x25/0x60 [ 16.589993] copy_user_test_oob+0xab/0x10f0 [ 16.590414] kunit_try_run_case+0x1a5/0x480 [ 16.590839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.591340] kthread+0x337/0x6f0 [ 16.591621] ret_from_fork+0x116/0x1d0 [ 16.591761] ret_from_fork_asm+0x1a/0x30 [ 16.591906] [ 16.591984] The buggy address belongs to the object at ffff888103434a00 [ 16.591984] which belongs to the cache kmalloc-128 of size 128 [ 16.592357] The buggy address is located 0 bytes inside of [ 16.592357] allocated 120-byte region [ffff888103434a00, ffff888103434a78) [ 16.593619] [ 16.593846] The buggy address belongs to the physical page: [ 16.594378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103434 [ 16.595113] flags: 0x200000000000000(node=0|zone=2) [ 16.595651] page_type: f5(slab) [ 16.596001] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.596769] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.597494] page dumped because: kasan: bad access detected [ 16.597850] [ 16.597925] Memory state around the buggy address: [ 16.598088] ffff888103434900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.598306] ffff888103434980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.598560] >ffff888103434a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.599081] ^ [ 16.599394] ffff888103434a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.599745] ffff888103434b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.600022] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.511840] ================================================================== [ 16.512438] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.512816] Read of size 8 at addr ffff8881026ce878 by task kunit_try_catch/299 [ 16.513152] [ 16.513263] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.513315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.513328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.513354] Call Trace: [ 16.513368] <TASK> [ 16.513387] dump_stack_lvl+0x73/0xb0 [ 16.513431] print_report+0xd1/0x610 [ 16.513470] ? __virt_addr_valid+0x1db/0x2d0 [ 16.513498] ? copy_to_kernel_nofault+0x225/0x260 [ 16.513524] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.513549] ? copy_to_kernel_nofault+0x225/0x260 [ 16.513574] kasan_report+0x141/0x180 [ 16.513597] ? copy_to_kernel_nofault+0x225/0x260 [ 16.513627] __asan_report_load8_noabort+0x18/0x20 [ 16.513654] copy_to_kernel_nofault+0x225/0x260 [ 16.513681] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.513707] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.513745] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.513774] ? trace_hardirqs_on+0x37/0xe0 [ 16.513807] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.513837] kunit_try_run_case+0x1a5/0x480 [ 16.513865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.513890] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.513929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.513955] ? __kthread_parkme+0x82/0x180 [ 16.513979] ? preempt_count_sub+0x50/0x80 [ 16.514006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.514032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.514058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.514085] kthread+0x337/0x6f0 [ 16.514107] ? trace_preempt_on+0x20/0xc0 [ 16.514131] ? __pfx_kthread+0x10/0x10 [ 16.514153] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.514176] ? calculate_sigpending+0x7b/0xa0 [ 16.514203] ? __pfx_kthread+0x10/0x10 [ 16.514227] ret_from_fork+0x116/0x1d0 [ 16.514249] ? __pfx_kthread+0x10/0x10 [ 16.514271] ret_from_fork_asm+0x1a/0x30 [ 16.514304] </TASK> [ 16.514316] [ 16.521873] Allocated by task 299: [ 16.522024] kasan_save_stack+0x45/0x70 [ 16.522229] kasan_save_track+0x18/0x40 [ 16.522385] kasan_save_alloc_info+0x3b/0x50 [ 16.522613] __kasan_kmalloc+0xb7/0xc0 [ 16.522864] __kmalloc_cache_noprof+0x189/0x420 [ 16.523139] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.523350] kunit_try_run_case+0x1a5/0x480 [ 16.523552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.523793] kthread+0x337/0x6f0 [ 16.523983] ret_from_fork+0x116/0x1d0 [ 16.524164] ret_from_fork_asm+0x1a/0x30 [ 16.524341] [ 16.524467] The buggy address belongs to the object at ffff8881026ce800 [ 16.524467] which belongs to the cache kmalloc-128 of size 128 [ 16.525006] The buggy address is located 0 bytes to the right of [ 16.525006] allocated 120-byte region [ffff8881026ce800, ffff8881026ce878) [ 16.525406] [ 16.525508] The buggy address belongs to the physical page: [ 16.525767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 16.526136] flags: 0x200000000000000(node=0|zone=2) [ 16.526304] page_type: f5(slab) [ 16.526429] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.526957] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.527239] page dumped because: kasan: bad access detected [ 16.527474] [ 16.527544] Memory state around the buggy address: [ 16.527700] ffff8881026ce700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.527915] ffff8881026ce780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.528130] >ffff8881026ce800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.528389] ^ [ 16.528747] ffff8881026ce880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.529062] ffff8881026ce900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.529372] ================================================================== [ 16.529983] ================================================================== [ 16.530227] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.530477] Write of size 8 at addr ffff8881026ce878 by task kunit_try_catch/299 [ 16.530844] [ 16.531049] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.531094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.531106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.531128] Call Trace: [ 16.531148] <TASK> [ 16.531179] dump_stack_lvl+0x73/0xb0 [ 16.531210] print_report+0xd1/0x610 [ 16.531234] ? __virt_addr_valid+0x1db/0x2d0 [ 16.531259] ? copy_to_kernel_nofault+0x99/0x260 [ 16.531285] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.531310] ? copy_to_kernel_nofault+0x99/0x260 [ 16.531335] kasan_report+0x141/0x180 [ 16.531358] ? copy_to_kernel_nofault+0x99/0x260 [ 16.531388] kasan_check_range+0x10c/0x1c0 [ 16.531414] __kasan_check_write+0x18/0x20 [ 16.531434] copy_to_kernel_nofault+0x99/0x260 [ 16.531474] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.531501] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.531537] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.531565] ? trace_hardirqs_on+0x37/0xe0 [ 16.531597] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.531628] kunit_try_run_case+0x1a5/0x480 [ 16.531655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.531680] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.531706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.531732] ? __kthread_parkme+0x82/0x180 [ 16.531755] ? preempt_count_sub+0x50/0x80 [ 16.531781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.531807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.531834] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.531861] kthread+0x337/0x6f0 [ 16.531882] ? trace_preempt_on+0x20/0xc0 [ 16.531906] ? __pfx_kthread+0x10/0x10 [ 16.531927] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.531951] ? calculate_sigpending+0x7b/0xa0 [ 16.531978] ? __pfx_kthread+0x10/0x10 [ 16.532000] ret_from_fork+0x116/0x1d0 [ 16.532021] ? __pfx_kthread+0x10/0x10 [ 16.532043] ret_from_fork_asm+0x1a/0x30 [ 16.532087] </TASK> [ 16.532108] [ 16.545248] Allocated by task 299: [ 16.545399] kasan_save_stack+0x45/0x70 [ 16.546292] kasan_save_track+0x18/0x40 [ 16.546759] kasan_save_alloc_info+0x3b/0x50 [ 16.546989] __kasan_kmalloc+0xb7/0xc0 [ 16.547167] __kmalloc_cache_noprof+0x189/0x420 [ 16.547509] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.547737] kunit_try_run_case+0x1a5/0x480 [ 16.547945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.548155] kthread+0x337/0x6f0 [ 16.548336] ret_from_fork+0x116/0x1d0 [ 16.548618] ret_from_fork_asm+0x1a/0x30 [ 16.548806] [ 16.548894] The buggy address belongs to the object at ffff8881026ce800 [ 16.548894] which belongs to the cache kmalloc-128 of size 128 [ 16.549319] The buggy address is located 0 bytes to the right of [ 16.549319] allocated 120-byte region [ffff8881026ce800, ffff8881026ce878) [ 16.550038] [ 16.550143] The buggy address belongs to the physical page: [ 16.550325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 16.550815] flags: 0x200000000000000(node=0|zone=2) [ 16.551052] page_type: f5(slab) [ 16.551176] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.551720] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.551960] page dumped because: kasan: bad access detected [ 16.552145] [ 16.552240] Memory state around the buggy address: [ 16.552511] ffff8881026ce700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.552873] ffff8881026ce780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.553201] >ffff8881026ce800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.553725] ^ [ 16.554000] ffff8881026ce880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.554265] ffff8881026ce900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.554601] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 16.178229] ================================================================== [ 16.179150] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.180163] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.181037] [ 16.181384] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.181604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.181624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.181650] Call Trace: [ 16.181714] <TASK> [ 16.181735] dump_stack_lvl+0x73/0xb0 [ 16.181770] print_report+0xd1/0x610 [ 16.181796] ? __virt_addr_valid+0x1db/0x2d0 [ 16.181823] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.181847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.181872] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.181896] kasan_report+0x141/0x180 [ 16.181919] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.181947] kasan_check_range+0x10c/0x1c0 [ 16.181971] __kasan_check_write+0x18/0x20 [ 16.181993] kasan_atomics_helper+0x1ce1/0x5450 [ 16.182017] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.182041] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.182074] kasan_atomics+0x1dc/0x310 [ 16.182098] ? __pfx_kasan_atomics+0x10/0x10 [ 16.182124] ? __pfx_read_tsc+0x10/0x10 [ 16.182147] ? ktime_get_ts64+0x86/0x230 [ 16.182173] kunit_try_run_case+0x1a5/0x480 [ 16.182200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.182225] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.182253] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.182279] ? __kthread_parkme+0x82/0x180 [ 16.182301] ? preempt_count_sub+0x50/0x80 [ 16.182328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.182355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.182381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.182432] kthread+0x337/0x6f0 [ 16.182462] ? trace_preempt_on+0x20/0xc0 [ 16.182487] ? __pfx_kthread+0x10/0x10 [ 16.182509] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.182533] ? calculate_sigpending+0x7b/0xa0 [ 16.182559] ? __pfx_kthread+0x10/0x10 [ 16.182582] ret_from_fork+0x116/0x1d0 [ 16.182602] ? __pfx_kthread+0x10/0x10 [ 16.182625] ret_from_fork_asm+0x1a/0x30 [ 16.182658] </TASK> [ 16.182669] [ 16.197745] Allocated by task 283: [ 16.198196] kasan_save_stack+0x45/0x70 [ 16.198813] kasan_save_track+0x18/0x40 [ 16.199323] kasan_save_alloc_info+0x3b/0x50 [ 16.199938] __kasan_kmalloc+0xb7/0xc0 [ 16.200509] __kmalloc_cache_noprof+0x189/0x420 [ 16.201069] kasan_atomics+0x95/0x310 [ 16.201559] kunit_try_run_case+0x1a5/0x480 [ 16.201717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.201891] kthread+0x337/0x6f0 [ 16.202011] ret_from_fork+0x116/0x1d0 [ 16.202142] ret_from_fork_asm+0x1a/0x30 [ 16.202280] [ 16.202355] The buggy address belongs to the object at ffff8881026d6200 [ 16.202355] which belongs to the cache kmalloc-64 of size 64 [ 16.204004] The buggy address is located 0 bytes to the right of [ 16.204004] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.204867] [ 16.205191] The buggy address belongs to the physical page: [ 16.205948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.206204] flags: 0x200000000000000(node=0|zone=2) [ 16.206373] page_type: f5(slab) [ 16.206935] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.207789] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.208483] page dumped because: kasan: bad access detected [ 16.208900] [ 16.208974] Memory state around the buggy address: [ 16.209133] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.209350] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.209930] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.210628] ^ [ 16.211151] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.211817] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.212444] ================================================================== [ 16.428508] ================================================================== [ 16.429020] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.429582] Read of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.429921] [ 16.430036] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.430084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.430097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.430120] Call Trace: [ 16.430139] <TASK> [ 16.430157] dump_stack_lvl+0x73/0xb0 [ 16.430189] print_report+0xd1/0x610 [ 16.430214] ? __virt_addr_valid+0x1db/0x2d0 [ 16.430432] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.430471] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.430497] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.430522] kasan_report+0x141/0x180 [ 16.430546] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.430575] __asan_report_load8_noabort+0x18/0x20 [ 16.430603] kasan_atomics_helper+0x4fa5/0x5450 [ 16.430628] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.430653] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.430686] kasan_atomics+0x1dc/0x310 [ 16.430711] ? __pfx_kasan_atomics+0x10/0x10 [ 16.430738] ? __pfx_read_tsc+0x10/0x10 [ 16.430761] ? ktime_get_ts64+0x86/0x230 [ 16.430787] kunit_try_run_case+0x1a5/0x480 [ 16.430815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.430840] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.430867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.430892] ? __kthread_parkme+0x82/0x180 [ 16.430914] ? preempt_count_sub+0x50/0x80 [ 16.430940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.430965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.430992] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.431020] kthread+0x337/0x6f0 [ 16.431042] ? trace_preempt_on+0x20/0xc0 [ 16.431067] ? __pfx_kthread+0x10/0x10 [ 16.431089] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.431112] ? calculate_sigpending+0x7b/0xa0 [ 16.431138] ? __pfx_kthread+0x10/0x10 [ 16.431161] ret_from_fork+0x116/0x1d0 [ 16.431181] ? __pfx_kthread+0x10/0x10 [ 16.431203] ret_from_fork_asm+0x1a/0x30 [ 16.431236] </TASK> [ 16.431248] [ 16.440273] Allocated by task 283: [ 16.440446] kasan_save_stack+0x45/0x70 [ 16.441014] kasan_save_track+0x18/0x40 [ 16.441198] kasan_save_alloc_info+0x3b/0x50 [ 16.441487] __kasan_kmalloc+0xb7/0xc0 [ 16.441663] __kmalloc_cache_noprof+0x189/0x420 [ 16.441962] kasan_atomics+0x95/0x310 [ 16.442213] kunit_try_run_case+0x1a5/0x480 [ 16.442403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.442782] kthread+0x337/0x6f0 [ 16.442922] ret_from_fork+0x116/0x1d0 [ 16.443175] ret_from_fork_asm+0x1a/0x30 [ 16.443336] [ 16.443549] The buggy address belongs to the object at ffff8881026d6200 [ 16.443549] which belongs to the cache kmalloc-64 of size 64 [ 16.444139] The buggy address is located 0 bytes to the right of [ 16.444139] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.444890] [ 16.444987] The buggy address belongs to the physical page: [ 16.445199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.445752] flags: 0x200000000000000(node=0|zone=2) [ 16.445974] page_type: f5(slab) [ 16.446098] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.446597] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.447034] page dumped because: kasan: bad access detected [ 16.447260] [ 16.447350] Memory state around the buggy address: [ 16.447779] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.448107] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.448517] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.448786] ^ [ 16.449107] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.449500] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.449848] ================================================================== [ 15.234848] ================================================================== [ 15.235142] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.235371] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.236046] [ 15.236145] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.236194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.236207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.236230] Call Trace: [ 15.236573] <TASK> [ 15.236597] dump_stack_lvl+0x73/0xb0 [ 15.236629] print_report+0xd1/0x610 [ 15.236654] ? __virt_addr_valid+0x1db/0x2d0 [ 15.236678] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.236717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.236742] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.236766] kasan_report+0x141/0x180 [ 15.236789] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.236818] __asan_report_store4_noabort+0x1b/0x30 [ 15.236845] kasan_atomics_helper+0x4b3a/0x5450 [ 15.236871] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.236896] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.236930] kasan_atomics+0x1dc/0x310 [ 15.236954] ? __pfx_kasan_atomics+0x10/0x10 [ 15.236981] ? __pfx_read_tsc+0x10/0x10 [ 15.237003] ? ktime_get_ts64+0x86/0x230 [ 15.237029] kunit_try_run_case+0x1a5/0x480 [ 15.237056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.237082] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.237109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.237135] ? __kthread_parkme+0x82/0x180 [ 15.237160] ? preempt_count_sub+0x50/0x80 [ 15.237186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.237213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.237240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.237267] kthread+0x337/0x6f0 [ 15.237288] ? trace_preempt_on+0x20/0xc0 [ 15.237313] ? __pfx_kthread+0x10/0x10 [ 15.237335] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.237358] ? calculate_sigpending+0x7b/0xa0 [ 15.237385] ? __pfx_kthread+0x10/0x10 [ 15.237408] ret_from_fork+0x116/0x1d0 [ 15.237460] ? __pfx_kthread+0x10/0x10 [ 15.237483] ret_from_fork_asm+0x1a/0x30 [ 15.237515] </TASK> [ 15.237526] [ 15.245576] Allocated by task 283: [ 15.245912] kasan_save_stack+0x45/0x70 [ 15.246199] kasan_save_track+0x18/0x40 [ 15.246394] kasan_save_alloc_info+0x3b/0x50 [ 15.246712] __kasan_kmalloc+0xb7/0xc0 [ 15.247136] __kmalloc_cache_noprof+0x189/0x420 [ 15.247572] kasan_atomics+0x95/0x310 [ 15.247759] kunit_try_run_case+0x1a5/0x480 [ 15.247964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.248211] kthread+0x337/0x6f0 [ 15.248380] ret_from_fork+0x116/0x1d0 [ 15.248572] ret_from_fork_asm+0x1a/0x30 [ 15.248763] [ 15.248854] The buggy address belongs to the object at ffff8881026d6200 [ 15.248854] which belongs to the cache kmalloc-64 of size 64 [ 15.249193] The buggy address is located 0 bytes to the right of [ 15.249193] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.249555] [ 15.249627] The buggy address belongs to the physical page: [ 15.249959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.250403] flags: 0x200000000000000(node=0|zone=2) [ 15.250655] page_type: f5(slab) [ 15.250829] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.251218] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.251741] page dumped because: kasan: bad access detected [ 15.252194] [ 15.252295] Memory state around the buggy address: [ 15.252649] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.253010] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.253230] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.253503] ^ [ 15.253956] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.254364] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.255072] ================================================================== [ 15.937481] ================================================================== [ 15.938410] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.939073] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.939362] [ 15.939566] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.939619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.939633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.939864] Call Trace: [ 15.939887] <TASK> [ 15.939909] dump_stack_lvl+0x73/0xb0 [ 15.939943] print_report+0xd1/0x610 [ 15.939968] ? __virt_addr_valid+0x1db/0x2d0 [ 15.939996] ? kasan_atomics_helper+0x164f/0x5450 [ 15.940020] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.940046] ? kasan_atomics_helper+0x164f/0x5450 [ 15.940071] kasan_report+0x141/0x180 [ 15.940096] ? kasan_atomics_helper+0x164f/0x5450 [ 15.940125] kasan_check_range+0x10c/0x1c0 [ 15.940151] __kasan_check_write+0x18/0x20 [ 15.940173] kasan_atomics_helper+0x164f/0x5450 [ 15.940198] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.940224] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.940257] kasan_atomics+0x1dc/0x310 [ 15.940360] ? __pfx_kasan_atomics+0x10/0x10 [ 15.940389] ? __pfx_read_tsc+0x10/0x10 [ 15.940424] ? ktime_get_ts64+0x86/0x230 [ 15.940464] kunit_try_run_case+0x1a5/0x480 [ 15.940493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.940519] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.940546] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.940572] ? __kthread_parkme+0x82/0x180 [ 15.940597] ? preempt_count_sub+0x50/0x80 [ 15.940624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.940651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.940678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.940706] kthread+0x337/0x6f0 [ 15.940727] ? trace_preempt_on+0x20/0xc0 [ 15.940753] ? __pfx_kthread+0x10/0x10 [ 15.940776] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.940800] ? calculate_sigpending+0x7b/0xa0 [ 15.940827] ? __pfx_kthread+0x10/0x10 [ 15.940852] ret_from_fork+0x116/0x1d0 [ 15.940873] ? __pfx_kthread+0x10/0x10 [ 15.940896] ret_from_fork_asm+0x1a/0x30 [ 15.940930] </TASK> [ 15.940941] [ 15.950525] Allocated by task 283: [ 15.950819] kasan_save_stack+0x45/0x70 [ 15.951079] kasan_save_track+0x18/0x40 [ 15.951245] kasan_save_alloc_info+0x3b/0x50 [ 15.951562] __kasan_kmalloc+0xb7/0xc0 [ 15.951803] __kmalloc_cache_noprof+0x189/0x420 [ 15.952121] kasan_atomics+0x95/0x310 [ 15.952425] kunit_try_run_case+0x1a5/0x480 [ 15.952620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.952987] kthread+0x337/0x6f0 [ 15.953122] ret_from_fork+0x116/0x1d0 [ 15.953313] ret_from_fork_asm+0x1a/0x30 [ 15.953509] [ 15.953797] The buggy address belongs to the object at ffff8881026d6200 [ 15.953797] which belongs to the cache kmalloc-64 of size 64 [ 15.954305] The buggy address is located 0 bytes to the right of [ 15.954305] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.955062] [ 15.955165] The buggy address belongs to the physical page: [ 15.955360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.955931] flags: 0x200000000000000(node=0|zone=2) [ 15.956217] page_type: f5(slab) [ 15.956372] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.956856] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.957244] page dumped because: kasan: bad access detected [ 15.957589] [ 15.957686] Memory state around the buggy address: [ 15.957880] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.958326] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.959192] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.959520] ^ [ 15.959753] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.960047] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.960349] ================================================================== [ 16.233973] ================================================================== [ 16.234306] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.234636] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.234971] [ 16.235103] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.235188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.235201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.235224] Call Trace: [ 16.235255] <TASK> [ 16.235275] dump_stack_lvl+0x73/0xb0 [ 16.235305] print_report+0xd1/0x610 [ 16.235330] ? __virt_addr_valid+0x1db/0x2d0 [ 16.235355] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.235378] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.235404] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.235427] kasan_report+0x141/0x180 [ 16.235462] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.235491] kasan_check_range+0x10c/0x1c0 [ 16.235517] __kasan_check_write+0x18/0x20 [ 16.235537] kasan_atomics_helper+0x1e12/0x5450 [ 16.235562] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.235587] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.235619] kasan_atomics+0x1dc/0x310 [ 16.235644] ? __pfx_kasan_atomics+0x10/0x10 [ 16.235670] ? __pfx_read_tsc+0x10/0x10 [ 16.235692] ? ktime_get_ts64+0x86/0x230 [ 16.235719] kunit_try_run_case+0x1a5/0x480 [ 16.235747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.235772] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.235799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.235825] ? __kthread_parkme+0x82/0x180 [ 16.235847] ? preempt_count_sub+0x50/0x80 [ 16.235873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.235909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.235936] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.235963] kthread+0x337/0x6f0 [ 16.235984] ? trace_preempt_on+0x20/0xc0 [ 16.236010] ? __pfx_kthread+0x10/0x10 [ 16.236032] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.236077] ? calculate_sigpending+0x7b/0xa0 [ 16.236103] ? __pfx_kthread+0x10/0x10 [ 16.236140] ret_from_fork+0x116/0x1d0 [ 16.236161] ? __pfx_kthread+0x10/0x10 [ 16.236182] ret_from_fork_asm+0x1a/0x30 [ 16.236216] </TASK> [ 16.236227] [ 16.244310] Allocated by task 283: [ 16.244538] kasan_save_stack+0x45/0x70 [ 16.244786] kasan_save_track+0x18/0x40 [ 16.244978] kasan_save_alloc_info+0x3b/0x50 [ 16.245196] __kasan_kmalloc+0xb7/0xc0 [ 16.245393] __kmalloc_cache_noprof+0x189/0x420 [ 16.245758] kasan_atomics+0x95/0x310 [ 16.245894] kunit_try_run_case+0x1a5/0x480 [ 16.246041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.246217] kthread+0x337/0x6f0 [ 16.246563] ret_from_fork+0x116/0x1d0 [ 16.246752] ret_from_fork_asm+0x1a/0x30 [ 16.246972] [ 16.247093] The buggy address belongs to the object at ffff8881026d6200 [ 16.247093] which belongs to the cache kmalloc-64 of size 64 [ 16.247791] The buggy address is located 0 bytes to the right of [ 16.247791] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.248264] [ 16.248347] The buggy address belongs to the physical page: [ 16.248683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.249046] flags: 0x200000000000000(node=0|zone=2) [ 16.249283] page_type: f5(slab) [ 16.249445] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.249797] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.250151] page dumped because: kasan: bad access detected [ 16.250405] [ 16.250562] Memory state around the buggy address: [ 16.250789] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.251024] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.251241] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.251599] ^ [ 16.251825] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.252143] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.252596] ================================================================== [ 16.325162] ================================================================== [ 16.325849] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.326188] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.326442] [ 16.326570] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.326627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.326640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.326674] Call Trace: [ 16.326692] <TASK> [ 16.326710] dump_stack_lvl+0x73/0xb0 [ 16.326740] print_report+0xd1/0x610 [ 16.326765] ? __virt_addr_valid+0x1db/0x2d0 [ 16.326790] ? kasan_atomics_helper+0x2006/0x5450 [ 16.326822] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.326847] ? kasan_atomics_helper+0x2006/0x5450 [ 16.326881] kasan_report+0x141/0x180 [ 16.326904] ? kasan_atomics_helper+0x2006/0x5450 [ 16.326933] kasan_check_range+0x10c/0x1c0 [ 16.326958] __kasan_check_write+0x18/0x20 [ 16.326979] kasan_atomics_helper+0x2006/0x5450 [ 16.327004] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.327029] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.327061] kasan_atomics+0x1dc/0x310 [ 16.327085] ? __pfx_kasan_atomics+0x10/0x10 [ 16.327111] ? __pfx_read_tsc+0x10/0x10 [ 16.327134] ? ktime_get_ts64+0x86/0x230 [ 16.327159] kunit_try_run_case+0x1a5/0x480 [ 16.327187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.327220] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.327246] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.327272] ? __kthread_parkme+0x82/0x180 [ 16.327305] ? preempt_count_sub+0x50/0x80 [ 16.327330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.327356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.327389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.327417] kthread+0x337/0x6f0 [ 16.327437] ? trace_preempt_on+0x20/0xc0 [ 16.327476] ? __pfx_kthread+0x10/0x10 [ 16.327508] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.327532] ? calculate_sigpending+0x7b/0xa0 [ 16.327558] ? __pfx_kthread+0x10/0x10 [ 16.327580] ret_from_fork+0x116/0x1d0 [ 16.327610] ? __pfx_kthread+0x10/0x10 [ 16.327634] ret_from_fork_asm+0x1a/0x30 [ 16.327667] </TASK> [ 16.327692] [ 16.335134] Allocated by task 283: [ 16.335318] kasan_save_stack+0x45/0x70 [ 16.335671] kasan_save_track+0x18/0x40 [ 16.335864] kasan_save_alloc_info+0x3b/0x50 [ 16.336075] __kasan_kmalloc+0xb7/0xc0 [ 16.336257] __kmalloc_cache_noprof+0x189/0x420 [ 16.336430] kasan_atomics+0x95/0x310 [ 16.336646] kunit_try_run_case+0x1a5/0x480 [ 16.336843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.337079] kthread+0x337/0x6f0 [ 16.337230] ret_from_fork+0x116/0x1d0 [ 16.337462] ret_from_fork_asm+0x1a/0x30 [ 16.337623] [ 16.337741] The buggy address belongs to the object at ffff8881026d6200 [ 16.337741] which belongs to the cache kmalloc-64 of size 64 [ 16.338110] The buggy address is located 0 bytes to the right of [ 16.338110] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.338795] [ 16.338870] The buggy address belongs to the physical page: [ 16.339124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.339483] flags: 0x200000000000000(node=0|zone=2) [ 16.339713] page_type: f5(slab) [ 16.339904] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.340230] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.340588] page dumped because: kasan: bad access detected [ 16.340811] [ 16.340925] Memory state around the buggy address: [ 16.341093] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.341308] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.341531] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.341767] ^ [ 16.342020] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.342334] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.342968] ================================================================== [ 15.179673] ================================================================== [ 15.179976] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 15.180278] Read of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.180630] [ 15.180749] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.180796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.180809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.180832] Call Trace: [ 15.180845] <TASK> [ 15.180862] dump_stack_lvl+0x73/0xb0 [ 15.180908] print_report+0xd1/0x610 [ 15.180933] ? __virt_addr_valid+0x1db/0x2d0 [ 15.180970] ? kasan_atomics_helper+0x3df/0x5450 [ 15.180993] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.181017] ? kasan_atomics_helper+0x3df/0x5450 [ 15.181051] kasan_report+0x141/0x180 [ 15.181074] ? kasan_atomics_helper+0x3df/0x5450 [ 15.181111] kasan_check_range+0x10c/0x1c0 [ 15.181136] __kasan_check_read+0x15/0x20 [ 15.181157] kasan_atomics_helper+0x3df/0x5450 [ 15.181191] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.181216] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.181249] kasan_atomics+0x1dc/0x310 [ 15.181273] ? __pfx_kasan_atomics+0x10/0x10 [ 15.181301] ? __pfx_read_tsc+0x10/0x10 [ 15.181323] ? ktime_get_ts64+0x86/0x230 [ 15.181348] kunit_try_run_case+0x1a5/0x480 [ 15.181375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.181400] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.181437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.181480] ? __kthread_parkme+0x82/0x180 [ 15.181503] ? preempt_count_sub+0x50/0x80 [ 15.181530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.181566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.181592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.181619] kthread+0x337/0x6f0 [ 15.181641] ? trace_preempt_on+0x20/0xc0 [ 15.181665] ? __pfx_kthread+0x10/0x10 [ 15.181687] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.181710] ? calculate_sigpending+0x7b/0xa0 [ 15.181737] ? __pfx_kthread+0x10/0x10 [ 15.181759] ret_from_fork+0x116/0x1d0 [ 15.181780] ? __pfx_kthread+0x10/0x10 [ 15.181801] ret_from_fork_asm+0x1a/0x30 [ 15.181834] </TASK> [ 15.181844] [ 15.189123] Allocated by task 283: [ 15.189309] kasan_save_stack+0x45/0x70 [ 15.189543] kasan_save_track+0x18/0x40 [ 15.189742] kasan_save_alloc_info+0x3b/0x50 [ 15.190187] __kasan_kmalloc+0xb7/0xc0 [ 15.190396] __kmalloc_cache_noprof+0x189/0x420 [ 15.190677] kasan_atomics+0x95/0x310 [ 15.190857] kunit_try_run_case+0x1a5/0x480 [ 15.191005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.191197] kthread+0x337/0x6f0 [ 15.191367] ret_from_fork+0x116/0x1d0 [ 15.191615] ret_from_fork_asm+0x1a/0x30 [ 15.191811] [ 15.191908] The buggy address belongs to the object at ffff8881026d6200 [ 15.191908] which belongs to the cache kmalloc-64 of size 64 [ 15.192405] The buggy address is located 0 bytes to the right of [ 15.192405] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.192937] [ 15.193036] The buggy address belongs to the physical page: [ 15.193270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.193705] flags: 0x200000000000000(node=0|zone=2) [ 15.193888] page_type: f5(slab) [ 15.194011] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.194245] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.194589] page dumped because: kasan: bad access detected [ 15.194839] [ 15.194931] Memory state around the buggy address: [ 15.195151] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.195490] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.195706] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.195919] ^ [ 15.196107] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.196462] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.196804] ================================================================== [ 15.731711] ================================================================== [ 15.732064] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.732416] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.732776] [ 15.732899] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.732946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.732959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.732993] Call Trace: [ 15.733012] <TASK> [ 15.733031] dump_stack_lvl+0x73/0xb0 [ 15.733072] print_report+0xd1/0x610 [ 15.733098] ? __virt_addr_valid+0x1db/0x2d0 [ 15.733124] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.733157] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.733183] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.733208] kasan_report+0x141/0x180 [ 15.733231] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.733260] kasan_check_range+0x10c/0x1c0 [ 15.733286] __kasan_check_write+0x18/0x20 [ 15.733308] kasan_atomics_helper+0x12e6/0x5450 [ 15.733333] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.733358] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.733411] kasan_atomics+0x1dc/0x310 [ 15.733443] ? __pfx_kasan_atomics+0x10/0x10 [ 15.733484] ? __pfx_read_tsc+0x10/0x10 [ 15.733507] ? ktime_get_ts64+0x86/0x230 [ 15.733534] kunit_try_run_case+0x1a5/0x480 [ 15.733562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.733588] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.733615] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.733641] ? __kthread_parkme+0x82/0x180 [ 15.733664] ? preempt_count_sub+0x50/0x80 [ 15.733690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.733717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.733743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.733771] kthread+0x337/0x6f0 [ 15.733792] ? trace_preempt_on+0x20/0xc0 [ 15.733818] ? __pfx_kthread+0x10/0x10 [ 15.733840] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.733864] ? calculate_sigpending+0x7b/0xa0 [ 15.733891] ? __pfx_kthread+0x10/0x10 [ 15.733914] ret_from_fork+0x116/0x1d0 [ 15.733935] ? __pfx_kthread+0x10/0x10 [ 15.733958] ret_from_fork_asm+0x1a/0x30 [ 15.733990] </TASK> [ 15.734002] [ 15.741216] Allocated by task 283: [ 15.741420] kasan_save_stack+0x45/0x70 [ 15.741632] kasan_save_track+0x18/0x40 [ 15.741826] kasan_save_alloc_info+0x3b/0x50 [ 15.741977] __kasan_kmalloc+0xb7/0xc0 [ 15.742112] __kmalloc_cache_noprof+0x189/0x420 [ 15.742336] kasan_atomics+0x95/0x310 [ 15.742578] kunit_try_run_case+0x1a5/0x480 [ 15.742811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.743065] kthread+0x337/0x6f0 [ 15.743224] ret_from_fork+0x116/0x1d0 [ 15.743432] ret_from_fork_asm+0x1a/0x30 [ 15.743644] [ 15.743733] The buggy address belongs to the object at ffff8881026d6200 [ 15.743733] which belongs to the cache kmalloc-64 of size 64 [ 15.744211] The buggy address is located 0 bytes to the right of [ 15.744211] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.744622] [ 15.744700] The buggy address belongs to the physical page: [ 15.744958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.745309] flags: 0x200000000000000(node=0|zone=2) [ 15.745572] page_type: f5(slab) [ 15.745741] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.746079] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.746417] page dumped because: kasan: bad access detected [ 15.746631] [ 15.746702] Memory state around the buggy address: [ 15.746859] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.747146] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.747527] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.748268] ^ [ 15.750134] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.751974] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.753018] ================================================================== [ 16.343688] ================================================================== [ 16.344051] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.344398] Read of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.344796] [ 16.344890] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.344939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.344952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.344975] Call Trace: [ 16.344994] <TASK> [ 16.345013] dump_stack_lvl+0x73/0xb0 [ 16.345044] print_report+0xd1/0x610 [ 16.345068] ? __virt_addr_valid+0x1db/0x2d0 [ 16.345092] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.345116] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.345142] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.345165] kasan_report+0x141/0x180 [ 16.345188] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.345216] __asan_report_load8_noabort+0x18/0x20 [ 16.345242] kasan_atomics_helper+0x4f98/0x5450 [ 16.345266] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.345291] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.345323] kasan_atomics+0x1dc/0x310 [ 16.345347] ? __pfx_kasan_atomics+0x10/0x10 [ 16.345373] ? __pfx_read_tsc+0x10/0x10 [ 16.345396] ? ktime_get_ts64+0x86/0x230 [ 16.345431] kunit_try_run_case+0x1a5/0x480 [ 16.345478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.345504] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.345541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.345567] ? __kthread_parkme+0x82/0x180 [ 16.345599] ? preempt_count_sub+0x50/0x80 [ 16.345624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.345650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.345686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.345713] kthread+0x337/0x6f0 [ 16.345734] ? trace_preempt_on+0x20/0xc0 [ 16.345759] ? __pfx_kthread+0x10/0x10 [ 16.345781] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.345804] ? calculate_sigpending+0x7b/0xa0 [ 16.345830] ? __pfx_kthread+0x10/0x10 [ 16.345852] ret_from_fork+0x116/0x1d0 [ 16.345873] ? __pfx_kthread+0x10/0x10 [ 16.345894] ret_from_fork_asm+0x1a/0x30 [ 16.345927] </TASK> [ 16.345938] [ 16.353229] Allocated by task 283: [ 16.353420] kasan_save_stack+0x45/0x70 [ 16.353858] kasan_save_track+0x18/0x40 [ 16.354066] kasan_save_alloc_info+0x3b/0x50 [ 16.354281] __kasan_kmalloc+0xb7/0xc0 [ 16.354496] __kmalloc_cache_noprof+0x189/0x420 [ 16.354822] kasan_atomics+0x95/0x310 [ 16.355021] kunit_try_run_case+0x1a5/0x480 [ 16.355174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.355352] kthread+0x337/0x6f0 [ 16.355521] ret_from_fork+0x116/0x1d0 [ 16.355712] ret_from_fork_asm+0x1a/0x30 [ 16.355949] [ 16.356079] The buggy address belongs to the object at ffff8881026d6200 [ 16.356079] which belongs to the cache kmalloc-64 of size 64 [ 16.356940] The buggy address is located 0 bytes to the right of [ 16.356940] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.357426] [ 16.357514] The buggy address belongs to the physical page: [ 16.357689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.358056] flags: 0x200000000000000(node=0|zone=2) [ 16.358352] page_type: f5(slab) [ 16.358530] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.358877] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.359222] page dumped because: kasan: bad access detected [ 16.359445] [ 16.359584] Memory state around the buggy address: [ 16.359800] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.360112] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.360366] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.360905] ^ [ 16.361114] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.361332] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.361638] ================================================================== [ 16.304546] ================================================================== [ 16.305336] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.306119] Read of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.306569] [ 16.306770] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.306821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.306844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.306868] Call Trace: [ 16.306889] <TASK> [ 16.306921] dump_stack_lvl+0x73/0xb0 [ 16.306952] print_report+0xd1/0x610 [ 16.306977] ? __virt_addr_valid+0x1db/0x2d0 [ 16.307002] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.307025] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.307051] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.307075] kasan_report+0x141/0x180 [ 16.307097] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.307126] __asan_report_load8_noabort+0x18/0x20 [ 16.307152] kasan_atomics_helper+0x4f71/0x5450 [ 16.307177] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.307201] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.307233] kasan_atomics+0x1dc/0x310 [ 16.307259] ? __pfx_kasan_atomics+0x10/0x10 [ 16.307285] ? __pfx_read_tsc+0x10/0x10 [ 16.307308] ? ktime_get_ts64+0x86/0x230 [ 16.307334] kunit_try_run_case+0x1a5/0x480 [ 16.307361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.307386] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.307422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.307448] ? __kthread_parkme+0x82/0x180 [ 16.307480] ? preempt_count_sub+0x50/0x80 [ 16.307506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.307532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.307558] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.307585] kthread+0x337/0x6f0 [ 16.307605] ? trace_preempt_on+0x20/0xc0 [ 16.307631] ? __pfx_kthread+0x10/0x10 [ 16.307653] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.307676] ? calculate_sigpending+0x7b/0xa0 [ 16.307702] ? __pfx_kthread+0x10/0x10 [ 16.307725] ret_from_fork+0x116/0x1d0 [ 16.307745] ? __pfx_kthread+0x10/0x10 [ 16.307767] ret_from_fork_asm+0x1a/0x30 [ 16.307800] </TASK> [ 16.307811] [ 16.316868] Allocated by task 283: [ 16.317016] kasan_save_stack+0x45/0x70 [ 16.317224] kasan_save_track+0x18/0x40 [ 16.317375] kasan_save_alloc_info+0x3b/0x50 [ 16.317693] __kasan_kmalloc+0xb7/0xc0 [ 16.317853] __kmalloc_cache_noprof+0x189/0x420 [ 16.318012] kasan_atomics+0x95/0x310 [ 16.318147] kunit_try_run_case+0x1a5/0x480 [ 16.318382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.318646] kthread+0x337/0x6f0 [ 16.318814] ret_from_fork+0x116/0x1d0 [ 16.318946] ret_from_fork_asm+0x1a/0x30 [ 16.319100] [ 16.319198] The buggy address belongs to the object at ffff8881026d6200 [ 16.319198] which belongs to the cache kmalloc-64 of size 64 [ 16.319932] The buggy address is located 0 bytes to the right of [ 16.319932] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.320433] [ 16.320541] The buggy address belongs to the physical page: [ 16.320786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.321130] flags: 0x200000000000000(node=0|zone=2) [ 16.321364] page_type: f5(slab) [ 16.321581] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.321908] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.322220] page dumped because: kasan: bad access detected [ 16.322448] [ 16.322528] Memory state around the buggy address: [ 16.322748] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.323084] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.323349] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.323814] ^ [ 16.324015] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.324230] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.324526] ================================================================== [ 16.272015] ================================================================== [ 16.272290] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.272671] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.273166] [ 16.273290] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.273337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.273350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.273372] Call Trace: [ 16.273392] <TASK> [ 16.273412] dump_stack_lvl+0x73/0xb0 [ 16.273440] print_report+0xd1/0x610 [ 16.273481] ? __virt_addr_valid+0x1db/0x2d0 [ 16.273506] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.273529] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.273556] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.273579] kasan_report+0x141/0x180 [ 16.273603] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.273631] kasan_check_range+0x10c/0x1c0 [ 16.273656] __kasan_check_write+0x18/0x20 [ 16.273678] kasan_atomics_helper+0x1f43/0x5450 [ 16.273703] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.273727] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.273760] kasan_atomics+0x1dc/0x310 [ 16.273784] ? __pfx_kasan_atomics+0x10/0x10 [ 16.273810] ? __pfx_read_tsc+0x10/0x10 [ 16.273833] ? ktime_get_ts64+0x86/0x230 [ 16.273858] kunit_try_run_case+0x1a5/0x480 [ 16.273885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.273910] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.273936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.273961] ? __kthread_parkme+0x82/0x180 [ 16.273984] ? preempt_count_sub+0x50/0x80 [ 16.274009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.274883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.274918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.274946] kthread+0x337/0x6f0 [ 16.275017] ? trace_preempt_on+0x20/0xc0 [ 16.275069] ? __pfx_kthread+0x10/0x10 [ 16.275119] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.275143] ? calculate_sigpending+0x7b/0xa0 [ 16.275195] ? __pfx_kthread+0x10/0x10 [ 16.275218] ret_from_fork+0x116/0x1d0 [ 16.275238] ? __pfx_kthread+0x10/0x10 [ 16.275261] ret_from_fork_asm+0x1a/0x30 [ 16.275295] </TASK> [ 16.275308] [ 16.290239] Allocated by task 283: [ 16.290755] kasan_save_stack+0x45/0x70 [ 16.291302] kasan_save_track+0x18/0x40 [ 16.291852] kasan_save_alloc_info+0x3b/0x50 [ 16.292519] __kasan_kmalloc+0xb7/0xc0 [ 16.292906] __kmalloc_cache_noprof+0x189/0x420 [ 16.293075] kasan_atomics+0x95/0x310 [ 16.293215] kunit_try_run_case+0x1a5/0x480 [ 16.293365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.293561] kthread+0x337/0x6f0 [ 16.293685] ret_from_fork+0x116/0x1d0 [ 16.293822] ret_from_fork_asm+0x1a/0x30 [ 16.293964] [ 16.294040] The buggy address belongs to the object at ffff8881026d6200 [ 16.294040] which belongs to the cache kmalloc-64 of size 64 [ 16.294400] The buggy address is located 0 bytes to the right of [ 16.294400] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.295507] [ 16.295668] The buggy address belongs to the physical page: [ 16.296209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.297046] flags: 0x200000000000000(node=0|zone=2) [ 16.297534] page_type: f5(slab) [ 16.297847] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.298548] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.299195] page dumped because: kasan: bad access detected [ 16.299718] [ 16.299877] Memory state around the buggy address: [ 16.300328] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.300978] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.301694] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.302203] ^ [ 16.302360] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.302728] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.303365] ================================================================== [ 15.695254] ================================================================== [ 15.696015] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.696459] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.696755] [ 15.696850] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.696897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.696910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.696934] Call Trace: [ 15.696954] <TASK> [ 15.696972] dump_stack_lvl+0x73/0xb0 [ 15.697004] print_report+0xd1/0x610 [ 15.697041] ? __virt_addr_valid+0x1db/0x2d0 [ 15.697067] ? kasan_atomics_helper+0x1217/0x5450 [ 15.697092] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.697131] ? kasan_atomics_helper+0x1217/0x5450 [ 15.697156] kasan_report+0x141/0x180 [ 15.697180] ? kasan_atomics_helper+0x1217/0x5450 [ 15.697220] kasan_check_range+0x10c/0x1c0 [ 15.697245] __kasan_check_write+0x18/0x20 [ 15.697278] kasan_atomics_helper+0x1217/0x5450 [ 15.697304] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.697329] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.697373] kasan_atomics+0x1dc/0x310 [ 15.697421] ? __pfx_kasan_atomics+0x10/0x10 [ 15.697463] ? __pfx_read_tsc+0x10/0x10 [ 15.697487] ? ktime_get_ts64+0x86/0x230 [ 15.697515] kunit_try_run_case+0x1a5/0x480 [ 15.697542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.697576] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.697602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.697629] ? __kthread_parkme+0x82/0x180 [ 15.697663] ? preempt_count_sub+0x50/0x80 [ 15.697690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.697717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.697744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.697772] kthread+0x337/0x6f0 [ 15.697793] ? trace_preempt_on+0x20/0xc0 [ 15.697819] ? __pfx_kthread+0x10/0x10 [ 15.697841] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.697865] ? calculate_sigpending+0x7b/0xa0 [ 15.697892] ? __pfx_kthread+0x10/0x10 [ 15.697916] ret_from_fork+0x116/0x1d0 [ 15.697936] ? __pfx_kthread+0x10/0x10 [ 15.697959] ret_from_fork_asm+0x1a/0x30 [ 15.697993] </TASK> [ 15.698005] [ 15.705291] Allocated by task 283: [ 15.705526] kasan_save_stack+0x45/0x70 [ 15.705757] kasan_save_track+0x18/0x40 [ 15.705949] kasan_save_alloc_info+0x3b/0x50 [ 15.706190] __kasan_kmalloc+0xb7/0xc0 [ 15.706347] __kmalloc_cache_noprof+0x189/0x420 [ 15.706609] kasan_atomics+0x95/0x310 [ 15.706814] kunit_try_run_case+0x1a5/0x480 [ 15.707025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.707275] kthread+0x337/0x6f0 [ 15.707480] ret_from_fork+0x116/0x1d0 [ 15.707657] ret_from_fork_asm+0x1a/0x30 [ 15.707854] [ 15.707947] The buggy address belongs to the object at ffff8881026d6200 [ 15.707947] which belongs to the cache kmalloc-64 of size 64 [ 15.708315] The buggy address is located 0 bytes to the right of [ 15.708315] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.708717] [ 15.708836] The buggy address belongs to the physical page: [ 15.709088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.709480] flags: 0x200000000000000(node=0|zone=2) [ 15.709718] page_type: f5(slab) [ 15.709886] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.710228] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.710562] page dumped because: kasan: bad access detected [ 15.710735] [ 15.710805] Memory state around the buggy address: [ 15.710989] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.711335] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.711712] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.712027] ^ [ 15.712243] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.712589] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.712895] ================================================================== [ 15.640483] ================================================================== [ 15.640859] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.641200] Read of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.641556] [ 15.641698] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.641747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.641760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.641784] Call Trace: [ 15.641804] <TASK> [ 15.641824] dump_stack_lvl+0x73/0xb0 [ 15.641853] print_report+0xd1/0x610 [ 15.641889] ? __virt_addr_valid+0x1db/0x2d0 [ 15.641915] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.641938] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.641975] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.641999] kasan_report+0x141/0x180 [ 15.642023] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.642061] __asan_report_load4_noabort+0x18/0x20 [ 15.642088] kasan_atomics_helper+0x4a1c/0x5450 [ 15.642113] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.642148] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.642181] kasan_atomics+0x1dc/0x310 [ 15.642215] ? __pfx_kasan_atomics+0x10/0x10 [ 15.642241] ? __pfx_read_tsc+0x10/0x10 [ 15.642264] ? ktime_get_ts64+0x86/0x230 [ 15.642300] kunit_try_run_case+0x1a5/0x480 [ 15.642327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.642352] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.642379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.642430] ? __kthread_parkme+0x82/0x180 [ 15.642468] ? preempt_count_sub+0x50/0x80 [ 15.642495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.642523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.642549] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.642586] kthread+0x337/0x6f0 [ 15.642608] ? trace_preempt_on+0x20/0xc0 [ 15.642632] ? __pfx_kthread+0x10/0x10 [ 15.642665] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.642688] ? calculate_sigpending+0x7b/0xa0 [ 15.642715] ? __pfx_kthread+0x10/0x10 [ 15.642738] ret_from_fork+0x116/0x1d0 [ 15.642767] ? __pfx_kthread+0x10/0x10 [ 15.642789] ret_from_fork_asm+0x1a/0x30 [ 15.642823] </TASK> [ 15.642844] [ 15.650372] Allocated by task 283: [ 15.650537] kasan_save_stack+0x45/0x70 [ 15.650685] kasan_save_track+0x18/0x40 [ 15.650823] kasan_save_alloc_info+0x3b/0x50 [ 15.650998] __kasan_kmalloc+0xb7/0xc0 [ 15.651186] __kmalloc_cache_noprof+0x189/0x420 [ 15.651463] kasan_atomics+0x95/0x310 [ 15.651656] kunit_try_run_case+0x1a5/0x480 [ 15.651863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.652118] kthread+0x337/0x6f0 [ 15.652289] ret_from_fork+0x116/0x1d0 [ 15.652471] ret_from_fork_asm+0x1a/0x30 [ 15.652617] [ 15.652689] The buggy address belongs to the object at ffff8881026d6200 [ 15.652689] which belongs to the cache kmalloc-64 of size 64 [ 15.653188] The buggy address is located 0 bytes to the right of [ 15.653188] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.653785] [ 15.653887] The buggy address belongs to the physical page: [ 15.654113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.654486] flags: 0x200000000000000(node=0|zone=2) [ 15.654708] page_type: f5(slab) [ 15.654895] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.655211] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.655571] page dumped because: kasan: bad access detected [ 15.655809] [ 15.655903] Memory state around the buggy address: [ 15.656121] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.656410] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.656638] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.656999] ^ [ 15.657272] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.657640] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.657927] ================================================================== [ 15.838097] ================================================================== [ 15.838954] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.839647] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.839910] [ 15.840029] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.840091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.840105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.840129] Call Trace: [ 15.840149] <TASK> [ 15.840168] dump_stack_lvl+0x73/0xb0 [ 15.840200] print_report+0xd1/0x610 [ 15.840226] ? __virt_addr_valid+0x1db/0x2d0 [ 15.840252] ? kasan_atomics_helper+0x1467/0x5450 [ 15.840276] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.840308] ? kasan_atomics_helper+0x1467/0x5450 [ 15.840332] kasan_report+0x141/0x180 [ 15.840378] ? kasan_atomics_helper+0x1467/0x5450 [ 15.840428] kasan_check_range+0x10c/0x1c0 [ 15.840463] __kasan_check_write+0x18/0x20 [ 15.840485] kasan_atomics_helper+0x1467/0x5450 [ 15.840510] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.840535] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.840568] kasan_atomics+0x1dc/0x310 [ 15.840594] ? __pfx_kasan_atomics+0x10/0x10 [ 15.840620] ? __pfx_read_tsc+0x10/0x10 [ 15.840644] ? ktime_get_ts64+0x86/0x230 [ 15.840670] kunit_try_run_case+0x1a5/0x480 [ 15.840698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.840723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.840751] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.840777] ? __kthread_parkme+0x82/0x180 [ 15.840801] ? preempt_count_sub+0x50/0x80 [ 15.840827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.840855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.840881] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.840909] kthread+0x337/0x6f0 [ 15.840930] ? trace_preempt_on+0x20/0xc0 [ 15.840956] ? __pfx_kthread+0x10/0x10 [ 15.840979] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.841003] ? calculate_sigpending+0x7b/0xa0 [ 15.841029] ? __pfx_kthread+0x10/0x10 [ 15.841053] ret_from_fork+0x116/0x1d0 [ 15.841074] ? __pfx_kthread+0x10/0x10 [ 15.841097] ret_from_fork_asm+0x1a/0x30 [ 15.841129] </TASK> [ 15.841141] [ 15.852848] Allocated by task 283: [ 15.853208] kasan_save_stack+0x45/0x70 [ 15.853615] kasan_save_track+0x18/0x40 [ 15.853997] kasan_save_alloc_info+0x3b/0x50 [ 15.854414] __kasan_kmalloc+0xb7/0xc0 [ 15.854783] __kmalloc_cache_noprof+0x189/0x420 [ 15.855208] kasan_atomics+0x95/0x310 [ 15.855550] kunit_try_run_case+0x1a5/0x480 [ 15.855703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.855882] kthread+0x337/0x6f0 [ 15.856005] ret_from_fork+0x116/0x1d0 [ 15.856140] ret_from_fork_asm+0x1a/0x30 [ 15.856285] [ 15.856360] The buggy address belongs to the object at ffff8881026d6200 [ 15.856360] which belongs to the cache kmalloc-64 of size 64 [ 15.857467] The buggy address is located 0 bytes to the right of [ 15.857467] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.858563] [ 15.858725] The buggy address belongs to the physical page: [ 15.859217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.859927] flags: 0x200000000000000(node=0|zone=2) [ 15.860390] page_type: f5(slab) [ 15.860735] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.861108] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.861338] page dumped because: kasan: bad access detected [ 15.861800] [ 15.861976] Memory state around the buggy address: [ 15.862440] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.863071] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.863674] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.863892] ^ [ 15.864048] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.864264] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.864699] ================================================================== [ 15.362789] ================================================================== [ 15.363270] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.363630] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.364061] [ 15.364155] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.364202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.364215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.364239] Call Trace: [ 15.364252] <TASK> [ 15.364270] dump_stack_lvl+0x73/0xb0 [ 15.364310] print_report+0xd1/0x610 [ 15.364335] ? __virt_addr_valid+0x1db/0x2d0 [ 15.364360] ? kasan_atomics_helper+0x860/0x5450 [ 15.364383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.364432] ? kasan_atomics_helper+0x860/0x5450 [ 15.364464] kasan_report+0x141/0x180 [ 15.364488] ? kasan_atomics_helper+0x860/0x5450 [ 15.364518] kasan_check_range+0x10c/0x1c0 [ 15.364545] __kasan_check_write+0x18/0x20 [ 15.364567] kasan_atomics_helper+0x860/0x5450 [ 15.364591] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.364650] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.364683] kasan_atomics+0x1dc/0x310 [ 15.364708] ? __pfx_kasan_atomics+0x10/0x10 [ 15.364744] ? __pfx_read_tsc+0x10/0x10 [ 15.364768] ? ktime_get_ts64+0x86/0x230 [ 15.364794] kunit_try_run_case+0x1a5/0x480 [ 15.364832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.364858] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.364885] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.364911] ? __kthread_parkme+0x82/0x180 [ 15.364934] ? preempt_count_sub+0x50/0x80 [ 15.364960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.364987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.365013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.365040] kthread+0x337/0x6f0 [ 15.365062] ? trace_preempt_on+0x20/0xc0 [ 15.365088] ? __pfx_kthread+0x10/0x10 [ 15.365109] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.365134] ? calculate_sigpending+0x7b/0xa0 [ 15.365161] ? __pfx_kthread+0x10/0x10 [ 15.365184] ret_from_fork+0x116/0x1d0 [ 15.365205] ? __pfx_kthread+0x10/0x10 [ 15.365236] ret_from_fork_asm+0x1a/0x30 [ 15.365268] </TASK> [ 15.365280] [ 15.373218] Allocated by task 283: [ 15.373359] kasan_save_stack+0x45/0x70 [ 15.373603] kasan_save_track+0x18/0x40 [ 15.373799] kasan_save_alloc_info+0x3b/0x50 [ 15.374011] __kasan_kmalloc+0xb7/0xc0 [ 15.374201] __kmalloc_cache_noprof+0x189/0x420 [ 15.374433] kasan_atomics+0x95/0x310 [ 15.374627] kunit_try_run_case+0x1a5/0x480 [ 15.374839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.375037] kthread+0x337/0x6f0 [ 15.375159] ret_from_fork+0x116/0x1d0 [ 15.375293] ret_from_fork_asm+0x1a/0x30 [ 15.375436] [ 15.375533] The buggy address belongs to the object at ffff8881026d6200 [ 15.375533] which belongs to the cache kmalloc-64 of size 64 [ 15.376063] The buggy address is located 0 bytes to the right of [ 15.376063] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.376706] [ 15.376826] The buggy address belongs to the physical page: [ 15.377093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.377373] flags: 0x200000000000000(node=0|zone=2) [ 15.377572] page_type: f5(slab) [ 15.377740] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.378112] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.378511] page dumped because: kasan: bad access detected [ 15.378705] [ 15.378776] Memory state around the buggy address: [ 15.378931] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.379146] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.379438] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.379759] ^ [ 15.379999] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.380315] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.380663] ================================================================== [ 15.496231] ================================================================== [ 15.497648] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.498227] Read of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.498831] [ 15.499197] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.499252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.499266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.499290] Call Trace: [ 15.499312] <TASK> [ 15.499332] dump_stack_lvl+0x73/0xb0 [ 15.499505] print_report+0xd1/0x610 [ 15.499532] ? __virt_addr_valid+0x1db/0x2d0 [ 15.499559] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.499583] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.499608] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.499632] kasan_report+0x141/0x180 [ 15.499656] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.499685] __asan_report_load4_noabort+0x18/0x20 [ 15.499712] kasan_atomics_helper+0x4a84/0x5450 [ 15.499737] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.499761] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.499794] kasan_atomics+0x1dc/0x310 [ 15.499819] ? __pfx_kasan_atomics+0x10/0x10 [ 15.499846] ? __pfx_read_tsc+0x10/0x10 [ 15.499868] ? ktime_get_ts64+0x86/0x230 [ 15.499895] kunit_try_run_case+0x1a5/0x480 [ 15.499923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.499947] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.499974] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.500001] ? __kthread_parkme+0x82/0x180 [ 15.500025] ? preempt_count_sub+0x50/0x80 [ 15.500052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.500078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.500104] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.500132] kthread+0x337/0x6f0 [ 15.500154] ? trace_preempt_on+0x20/0xc0 [ 15.500180] ? __pfx_kthread+0x10/0x10 [ 15.500202] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.500225] ? calculate_sigpending+0x7b/0xa0 [ 15.500251] ? __pfx_kthread+0x10/0x10 [ 15.500274] ret_from_fork+0x116/0x1d0 [ 15.500301] ? __pfx_kthread+0x10/0x10 [ 15.500323] ret_from_fork_asm+0x1a/0x30 [ 15.500356] </TASK> [ 15.500367] [ 15.507561] Allocated by task 283: [ 15.507704] kasan_save_stack+0x45/0x70 [ 15.507860] kasan_save_track+0x18/0x40 [ 15.508056] kasan_save_alloc_info+0x3b/0x50 [ 15.508297] __kasan_kmalloc+0xb7/0xc0 [ 15.508538] __kmalloc_cache_noprof+0x189/0x420 [ 15.508768] kasan_atomics+0x95/0x310 [ 15.508962] kunit_try_run_case+0x1a5/0x480 [ 15.509161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.509438] kthread+0x337/0x6f0 [ 15.509619] ret_from_fork+0x116/0x1d0 [ 15.509792] ret_from_fork_asm+0x1a/0x30 [ 15.509996] [ 15.510092] The buggy address belongs to the object at ffff8881026d6200 [ 15.510092] which belongs to the cache kmalloc-64 of size 64 [ 15.510614] The buggy address is located 0 bytes to the right of [ 15.510614] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.511004] [ 15.511078] The buggy address belongs to the physical page: [ 15.511253] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.511662] flags: 0x200000000000000(node=0|zone=2) [ 15.511895] page_type: f5(slab) [ 15.512066] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.512440] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.512721] page dumped because: kasan: bad access detected [ 15.512899] [ 15.512972] Memory state around the buggy address: [ 15.513164] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.513553] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.513884] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.514232] ^ [ 15.514484] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.514723] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.515055] ================================================================== [ 15.088403] ================================================================== [ 15.088793] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 15.089105] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.089432] [ 15.089709] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.089761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.089773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.089794] Call Trace: [ 15.089809] <TASK> [ 15.089822] dump_stack_lvl+0x73/0xb0 [ 15.089852] print_report+0xd1/0x610 [ 15.089874] ? __virt_addr_valid+0x1db/0x2d0 [ 15.089897] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.089919] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.089943] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.089966] kasan_report+0x141/0x180 [ 15.089988] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.090015] __asan_report_store4_noabort+0x1b/0x30 [ 15.090041] kasan_atomics_helper+0x4ba2/0x5450 [ 15.090065] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.090088] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.090119] kasan_atomics+0x1dc/0x310 [ 15.090143] ? __pfx_kasan_atomics+0x10/0x10 [ 15.090168] ? __pfx_read_tsc+0x10/0x10 [ 15.090189] ? ktime_get_ts64+0x86/0x230 [ 15.090213] kunit_try_run_case+0x1a5/0x480 [ 15.090238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.090262] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.090287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.090311] ? __kthread_parkme+0x82/0x180 [ 15.090332] ? preempt_count_sub+0x50/0x80 [ 15.090356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.090381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.090407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.090432] kthread+0x337/0x6f0 [ 15.090465] ? trace_preempt_on+0x20/0xc0 [ 15.090489] ? __pfx_kthread+0x10/0x10 [ 15.090510] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.090642] ? calculate_sigpending+0x7b/0xa0 [ 15.090669] ? __pfx_kthread+0x10/0x10 [ 15.090692] ret_from_fork+0x116/0x1d0 [ 15.090712] ? __pfx_kthread+0x10/0x10 [ 15.090734] ret_from_fork_asm+0x1a/0x30 [ 15.090764] </TASK> [ 15.090774] [ 15.098470] Allocated by task 283: [ 15.098735] kasan_save_stack+0x45/0x70 [ 15.098933] kasan_save_track+0x18/0x40 [ 15.099097] kasan_save_alloc_info+0x3b/0x50 [ 15.099310] __kasan_kmalloc+0xb7/0xc0 [ 15.099511] __kmalloc_cache_noprof+0x189/0x420 [ 15.099754] kasan_atomics+0x95/0x310 [ 15.099894] kunit_try_run_case+0x1a5/0x480 [ 15.100042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.100298] kthread+0x337/0x6f0 [ 15.100501] ret_from_fork+0x116/0x1d0 [ 15.100760] ret_from_fork_asm+0x1a/0x30 [ 15.100919] [ 15.100991] The buggy address belongs to the object at ffff8881026d6200 [ 15.100991] which belongs to the cache kmalloc-64 of size 64 [ 15.101344] The buggy address is located 0 bytes to the right of [ 15.101344] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.102059] [ 15.102161] The buggy address belongs to the physical page: [ 15.102410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.102871] flags: 0x200000000000000(node=0|zone=2) [ 15.103040] page_type: f5(slab) [ 15.103159] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.103416] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.103853] page dumped because: kasan: bad access detected [ 15.104116] [ 15.104214] Memory state around the buggy address: [ 15.104480] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.106137] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.106537] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.108221] ^ [ 15.108395] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.109642] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.110497] ================================================================== [ 15.215431] ================================================================== [ 15.215900] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.216254] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.216639] [ 15.216759] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.216803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.216816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.216849] Call Trace: [ 15.216864] <TASK> [ 15.216880] dump_stack_lvl+0x73/0xb0 [ 15.216919] print_report+0xd1/0x610 [ 15.216942] ? __virt_addr_valid+0x1db/0x2d0 [ 15.216966] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.216989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.217014] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.217038] kasan_report+0x141/0x180 [ 15.217061] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.217089] kasan_check_range+0x10c/0x1c0 [ 15.217116] __kasan_check_write+0x18/0x20 [ 15.217137] kasan_atomics_helper+0x4a0/0x5450 [ 15.217162] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.217188] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.217221] kasan_atomics+0x1dc/0x310 [ 15.217245] ? __pfx_kasan_atomics+0x10/0x10 [ 15.217272] ? __pfx_read_tsc+0x10/0x10 [ 15.217295] ? ktime_get_ts64+0x86/0x230 [ 15.217321] kunit_try_run_case+0x1a5/0x480 [ 15.217346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.217372] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.217398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.217443] ? __kthread_parkme+0x82/0x180 [ 15.217473] ? preempt_count_sub+0x50/0x80 [ 15.217498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.217535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.217561] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.217589] kthread+0x337/0x6f0 [ 15.217610] ? trace_preempt_on+0x20/0xc0 [ 15.217643] ? __pfx_kthread+0x10/0x10 [ 15.217666] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.217689] ? calculate_sigpending+0x7b/0xa0 [ 15.217726] ? __pfx_kthread+0x10/0x10 [ 15.217749] ret_from_fork+0x116/0x1d0 [ 15.217769] ? __pfx_kthread+0x10/0x10 [ 15.217799] ret_from_fork_asm+0x1a/0x30 [ 15.217832] </TASK> [ 15.217843] [ 15.227494] Allocated by task 283: [ 15.227646] kasan_save_stack+0x45/0x70 [ 15.227802] kasan_save_track+0x18/0x40 [ 15.227940] kasan_save_alloc_info+0x3b/0x50 [ 15.228091] __kasan_kmalloc+0xb7/0xc0 [ 15.228226] __kmalloc_cache_noprof+0x189/0x420 [ 15.228391] kasan_atomics+0x95/0x310 [ 15.228547] kunit_try_run_case+0x1a5/0x480 [ 15.228759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.228971] kthread+0x337/0x6f0 [ 15.229093] ret_from_fork+0x116/0x1d0 [ 15.229226] ret_from_fork_asm+0x1a/0x30 [ 15.229366] [ 15.229439] The buggy address belongs to the object at ffff8881026d6200 [ 15.229439] which belongs to the cache kmalloc-64 of size 64 [ 15.229984] The buggy address is located 0 bytes to the right of [ 15.229984] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.230531] [ 15.230630] The buggy address belongs to the physical page: [ 15.230804] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.231043] flags: 0x200000000000000(node=0|zone=2) [ 15.231210] page_type: f5(slab) [ 15.231333] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.231634] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.231975] page dumped because: kasan: bad access detected [ 15.232180] [ 15.232250] Memory state around the buggy address: [ 15.232408] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.232632] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.232874] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.233266] ^ [ 15.233561] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233876] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.234182] ================================================================== [ 15.197417] ================================================================== [ 15.197780] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.198015] Read of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.198510] [ 15.198618] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.198662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.198675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.198698] Call Trace: [ 15.198712] <TASK> [ 15.198727] dump_stack_lvl+0x73/0xb0 [ 15.198757] print_report+0xd1/0x610 [ 15.198795] ? __virt_addr_valid+0x1db/0x2d0 [ 15.198820] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.198843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.198881] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.198905] kasan_report+0x141/0x180 [ 15.198928] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.198957] __asan_report_load4_noabort+0x18/0x20 [ 15.198984] kasan_atomics_helper+0x4b54/0x5450 [ 15.199009] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.199034] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.199067] kasan_atomics+0x1dc/0x310 [ 15.199092] ? __pfx_kasan_atomics+0x10/0x10 [ 15.199118] ? __pfx_read_tsc+0x10/0x10 [ 15.199141] ? ktime_get_ts64+0x86/0x230 [ 15.199177] kunit_try_run_case+0x1a5/0x480 [ 15.199205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.199242] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.199269] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.199295] ? __kthread_parkme+0x82/0x180 [ 15.199318] ? preempt_count_sub+0x50/0x80 [ 15.199345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.199371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.199398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.199435] kthread+0x337/0x6f0 [ 15.199466] ? trace_preempt_on+0x20/0xc0 [ 15.199490] ? __pfx_kthread+0x10/0x10 [ 15.199513] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.199545] ? calculate_sigpending+0x7b/0xa0 [ 15.199571] ? __pfx_kthread+0x10/0x10 [ 15.199604] ret_from_fork+0x116/0x1d0 [ 15.199625] ? __pfx_kthread+0x10/0x10 [ 15.199648] ret_from_fork_asm+0x1a/0x30 [ 15.199681] </TASK> [ 15.199693] [ 15.207292] Allocated by task 283: [ 15.207526] kasan_save_stack+0x45/0x70 [ 15.207839] kasan_save_track+0x18/0x40 [ 15.208066] kasan_save_alloc_info+0x3b/0x50 [ 15.208263] __kasan_kmalloc+0xb7/0xc0 [ 15.208456] __kmalloc_cache_noprof+0x189/0x420 [ 15.208695] kasan_atomics+0x95/0x310 [ 15.208911] kunit_try_run_case+0x1a5/0x480 [ 15.209071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.209255] kthread+0x337/0x6f0 [ 15.209382] ret_from_fork+0x116/0x1d0 [ 15.209532] ret_from_fork_asm+0x1a/0x30 [ 15.209674] [ 15.209749] The buggy address belongs to the object at ffff8881026d6200 [ 15.209749] which belongs to the cache kmalloc-64 of size 64 [ 15.210265] The buggy address is located 0 bytes to the right of [ 15.210265] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.210811] [ 15.210908] The buggy address belongs to the physical page: [ 15.211139] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.211379] flags: 0x200000000000000(node=0|zone=2) [ 15.211551] page_type: f5(slab) [ 15.211670] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.212095] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.212475] page dumped because: kasan: bad access detected [ 15.212758] [ 15.212854] Memory state around the buggy address: [ 15.213081] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.213422] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.213768] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.214063] ^ [ 15.214219] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214485] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214819] ================================================================== [ 15.677158] ================================================================== [ 15.677511] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.677839] Read of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.678191] [ 15.678299] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.678346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.678358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.678381] Call Trace: [ 15.678419] <TASK> [ 15.678438] dump_stack_lvl+0x73/0xb0 [ 15.678478] print_report+0xd1/0x610 [ 15.678503] ? __virt_addr_valid+0x1db/0x2d0 [ 15.678528] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.678561] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.678587] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.678611] kasan_report+0x141/0x180 [ 15.678645] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.678674] __asan_report_load4_noabort+0x18/0x20 [ 15.678701] kasan_atomics_helper+0x4a02/0x5450 [ 15.678734] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.678759] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.678792] kasan_atomics+0x1dc/0x310 [ 15.678827] ? __pfx_kasan_atomics+0x10/0x10 [ 15.678853] ? __pfx_read_tsc+0x10/0x10 [ 15.678876] ? ktime_get_ts64+0x86/0x230 [ 15.678911] kunit_try_run_case+0x1a5/0x480 [ 15.678938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.678973] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.679002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.679029] ? __kthread_parkme+0x82/0x180 [ 15.679060] ? preempt_count_sub+0x50/0x80 [ 15.679087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.679114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.679151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.679178] kthread+0x337/0x6f0 [ 15.679208] ? trace_preempt_on+0x20/0xc0 [ 15.679234] ? __pfx_kthread+0x10/0x10 [ 15.679256] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.679290] ? calculate_sigpending+0x7b/0xa0 [ 15.679317] ? __pfx_kthread+0x10/0x10 [ 15.679340] ret_from_fork+0x116/0x1d0 [ 15.679368] ? __pfx_kthread+0x10/0x10 [ 15.679390] ret_from_fork_asm+0x1a/0x30 [ 15.679445] </TASK> [ 15.679464] [ 15.686692] Allocated by task 283: [ 15.686876] kasan_save_stack+0x45/0x70 [ 15.687080] kasan_save_track+0x18/0x40 [ 15.687285] kasan_save_alloc_info+0x3b/0x50 [ 15.687531] __kasan_kmalloc+0xb7/0xc0 [ 15.687703] __kmalloc_cache_noprof+0x189/0x420 [ 15.687936] kasan_atomics+0x95/0x310 [ 15.688102] kunit_try_run_case+0x1a5/0x480 [ 15.688324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.688607] kthread+0x337/0x6f0 [ 15.688788] ret_from_fork+0x116/0x1d0 [ 15.688979] ret_from_fork_asm+0x1a/0x30 [ 15.689166] [ 15.689279] The buggy address belongs to the object at ffff8881026d6200 [ 15.689279] which belongs to the cache kmalloc-64 of size 64 [ 15.689780] The buggy address is located 0 bytes to the right of [ 15.689780] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.690148] [ 15.690221] The buggy address belongs to the physical page: [ 15.690414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.690808] flags: 0x200000000000000(node=0|zone=2) [ 15.691047] page_type: f5(slab) [ 15.691223] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.691626] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.691899] page dumped because: kasan: bad access detected [ 15.692072] [ 15.692143] Memory state around the buggy address: [ 15.692303] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.692559] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.692882] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.693228] ^ [ 15.693500] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.693862] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.694188] ================================================================== [ 15.713900] ================================================================== [ 15.714262] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.714677] Read of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.714983] [ 15.715124] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.715190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.715203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.715237] Call Trace: [ 15.715258] <TASK> [ 15.715277] dump_stack_lvl+0x73/0xb0 [ 15.715308] print_report+0xd1/0x610 [ 15.715332] ? __virt_addr_valid+0x1db/0x2d0 [ 15.715358] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.715382] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.715426] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.715460] kasan_report+0x141/0x180 [ 15.715484] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.715512] __asan_report_load4_noabort+0x18/0x20 [ 15.715540] kasan_atomics_helper+0x49e8/0x5450 [ 15.715566] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.715591] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.715624] kasan_atomics+0x1dc/0x310 [ 15.715649] ? __pfx_kasan_atomics+0x10/0x10 [ 15.715676] ? __pfx_read_tsc+0x10/0x10 [ 15.715699] ? ktime_get_ts64+0x86/0x230 [ 15.715725] kunit_try_run_case+0x1a5/0x480 [ 15.715762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.715788] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.715825] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.715852] ? __kthread_parkme+0x82/0x180 [ 15.715876] ? preempt_count_sub+0x50/0x80 [ 15.715902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.715930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.715957] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.715984] kthread+0x337/0x6f0 [ 15.716006] ? trace_preempt_on+0x20/0xc0 [ 15.716031] ? __pfx_kthread+0x10/0x10 [ 15.716054] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.716078] ? calculate_sigpending+0x7b/0xa0 [ 15.716104] ? __pfx_kthread+0x10/0x10 [ 15.716127] ret_from_fork+0x116/0x1d0 [ 15.716148] ? __pfx_kthread+0x10/0x10 [ 15.716170] ret_from_fork_asm+0x1a/0x30 [ 15.716204] </TASK> [ 15.716215] [ 15.723307] Allocated by task 283: [ 15.723533] kasan_save_stack+0x45/0x70 [ 15.723771] kasan_save_track+0x18/0x40 [ 15.723965] kasan_save_alloc_info+0x3b/0x50 [ 15.724190] __kasan_kmalloc+0xb7/0xc0 [ 15.724355] __kmalloc_cache_noprof+0x189/0x420 [ 15.724625] kasan_atomics+0x95/0x310 [ 15.724822] kunit_try_run_case+0x1a5/0x480 [ 15.725028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.725271] kthread+0x337/0x6f0 [ 15.725469] ret_from_fork+0x116/0x1d0 [ 15.725676] ret_from_fork_asm+0x1a/0x30 [ 15.725866] [ 15.725967] The buggy address belongs to the object at ffff8881026d6200 [ 15.725967] which belongs to the cache kmalloc-64 of size 64 [ 15.726512] The buggy address is located 0 bytes to the right of [ 15.726512] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.726977] [ 15.727052] The buggy address belongs to the physical page: [ 15.727232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.727509] flags: 0x200000000000000(node=0|zone=2) [ 15.727761] page_type: f5(slab) [ 15.727930] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.728266] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.728643] page dumped because: kasan: bad access detected [ 15.728844] [ 15.728914] Memory state around the buggy address: [ 15.729069] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.729285] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.729581] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.729923] ^ [ 15.730169] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.730568] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.730927] ================================================================== [ 16.140889] ================================================================== [ 16.141403] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.141879] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.142234] [ 16.142326] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.142373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.142387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.142420] Call Trace: [ 16.142439] <TASK> [ 16.142475] dump_stack_lvl+0x73/0xb0 [ 16.142508] print_report+0xd1/0x610 [ 16.142532] ? __virt_addr_valid+0x1db/0x2d0 [ 16.142558] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.142581] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.142606] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.142630] kasan_report+0x141/0x180 [ 16.142653] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.142681] kasan_check_range+0x10c/0x1c0 [ 16.142706] __kasan_check_write+0x18/0x20 [ 16.142728] kasan_atomics_helper+0x1c18/0x5450 [ 16.142752] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.142777] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.142810] kasan_atomics+0x1dc/0x310 [ 16.142833] ? __pfx_kasan_atomics+0x10/0x10 [ 16.142860] ? __pfx_read_tsc+0x10/0x10 [ 16.142884] ? ktime_get_ts64+0x86/0x230 [ 16.142911] kunit_try_run_case+0x1a5/0x480 [ 16.142938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.142963] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.142990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.143016] ? __kthread_parkme+0x82/0x180 [ 16.143039] ? preempt_count_sub+0x50/0x80 [ 16.143065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.143092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.143118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.143146] kthread+0x337/0x6f0 [ 16.143166] ? trace_preempt_on+0x20/0xc0 [ 16.143192] ? __pfx_kthread+0x10/0x10 [ 16.143214] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.143238] ? calculate_sigpending+0x7b/0xa0 [ 16.143264] ? __pfx_kthread+0x10/0x10 [ 16.143288] ret_from_fork+0x116/0x1d0 [ 16.143308] ? __pfx_kthread+0x10/0x10 [ 16.143330] ret_from_fork_asm+0x1a/0x30 [ 16.143363] </TASK> [ 16.143375] [ 16.150703] Allocated by task 283: [ 16.150887] kasan_save_stack+0x45/0x70 [ 16.151089] kasan_save_track+0x18/0x40 [ 16.151281] kasan_save_alloc_info+0x3b/0x50 [ 16.151522] __kasan_kmalloc+0xb7/0xc0 [ 16.151725] __kmalloc_cache_noprof+0x189/0x420 [ 16.151913] kasan_atomics+0x95/0x310 [ 16.152050] kunit_try_run_case+0x1a5/0x480 [ 16.152200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.152388] kthread+0x337/0x6f0 [ 16.152520] ret_from_fork+0x116/0x1d0 [ 16.152655] ret_from_fork_asm+0x1a/0x30 [ 16.152850] [ 16.152956] The buggy address belongs to the object at ffff8881026d6200 [ 16.152956] which belongs to the cache kmalloc-64 of size 64 [ 16.153477] The buggy address is located 0 bytes to the right of [ 16.153477] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.154019] [ 16.154096] The buggy address belongs to the physical page: [ 16.154271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.154796] flags: 0x200000000000000(node=0|zone=2) [ 16.155031] page_type: f5(slab) [ 16.155204] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.155721] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.156006] page dumped because: kasan: bad access detected [ 16.156228] [ 16.156323] Memory state around the buggy address: [ 16.156544] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.156759] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.156972] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.157294] ^ [ 16.157577] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.157896] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.158194] ================================================================== [ 15.983934] ================================================================== [ 15.984255] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.984931] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.985301] [ 15.985419] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.985613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.985629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.985653] Call Trace: [ 15.985672] <TASK> [ 15.985692] dump_stack_lvl+0x73/0xb0 [ 15.985723] print_report+0xd1/0x610 [ 15.985749] ? __virt_addr_valid+0x1db/0x2d0 [ 15.985773] ? kasan_atomics_helper+0x177f/0x5450 [ 15.985796] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.985823] ? kasan_atomics_helper+0x177f/0x5450 [ 15.985846] kasan_report+0x141/0x180 [ 15.985869] ? kasan_atomics_helper+0x177f/0x5450 [ 15.985898] kasan_check_range+0x10c/0x1c0 [ 15.985923] __kasan_check_write+0x18/0x20 [ 15.985944] kasan_atomics_helper+0x177f/0x5450 [ 15.985968] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.985994] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.986026] kasan_atomics+0x1dc/0x310 [ 15.986051] ? __pfx_kasan_atomics+0x10/0x10 [ 15.986077] ? __pfx_read_tsc+0x10/0x10 [ 15.986101] ? ktime_get_ts64+0x86/0x230 [ 15.986127] kunit_try_run_case+0x1a5/0x480 [ 15.986154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.986179] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.986207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.986234] ? __kthread_parkme+0x82/0x180 [ 15.986256] ? preempt_count_sub+0x50/0x80 [ 15.986283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.986310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.986337] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.986365] kthread+0x337/0x6f0 [ 15.986386] ? trace_preempt_on+0x20/0xc0 [ 15.986426] ? __pfx_kthread+0x10/0x10 [ 15.986459] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.986483] ? calculate_sigpending+0x7b/0xa0 [ 15.986510] ? __pfx_kthread+0x10/0x10 [ 15.986534] ret_from_fork+0x116/0x1d0 [ 15.986555] ? __pfx_kthread+0x10/0x10 [ 15.986577] ret_from_fork_asm+0x1a/0x30 [ 15.986610] </TASK> [ 15.986622] [ 15.995942] Allocated by task 283: [ 15.996342] kasan_save_stack+0x45/0x70 [ 15.996575] kasan_save_track+0x18/0x40 [ 15.996756] kasan_save_alloc_info+0x3b/0x50 [ 15.996952] __kasan_kmalloc+0xb7/0xc0 [ 15.997129] __kmalloc_cache_noprof+0x189/0x420 [ 15.997328] kasan_atomics+0x95/0x310 [ 15.997834] kunit_try_run_case+0x1a5/0x480 [ 15.998018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.998365] kthread+0x337/0x6f0 [ 15.998617] ret_from_fork+0x116/0x1d0 [ 15.998870] ret_from_fork_asm+0x1a/0x30 [ 15.999133] [ 15.999235] The buggy address belongs to the object at ffff8881026d6200 [ 15.999235] which belongs to the cache kmalloc-64 of size 64 [ 15.999873] The buggy address is located 0 bytes to the right of [ 15.999873] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.000385] [ 16.000711] The buggy address belongs to the physical page: [ 16.000925] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.001380] flags: 0x200000000000000(node=0|zone=2) [ 16.001714] page_type: f5(slab) [ 16.001955] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.002318] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.002817] page dumped because: kasan: bad access detected [ 16.003121] [ 16.003218] Memory state around the buggy address: [ 16.003588] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.003982] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.004343] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.004759] ^ [ 16.005026] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.005336] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.005783] ================================================================== [ 15.755219] ================================================================== [ 15.755954] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.757196] Read of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.758114] [ 15.758241] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.758295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.758309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.758334] Call Trace: [ 15.758355] <TASK> [ 15.758377] dump_stack_lvl+0x73/0xb0 [ 15.758603] print_report+0xd1/0x610 [ 15.758643] ? __virt_addr_valid+0x1db/0x2d0 [ 15.758669] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.758694] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.758726] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.758750] kasan_report+0x141/0x180 [ 15.758773] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.758801] __asan_report_load4_noabort+0x18/0x20 [ 15.758828] kasan_atomics_helper+0x49ce/0x5450 [ 15.758853] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.758878] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.758911] kasan_atomics+0x1dc/0x310 [ 15.758937] ? __pfx_kasan_atomics+0x10/0x10 [ 15.758963] ? __pfx_read_tsc+0x10/0x10 [ 15.758986] ? ktime_get_ts64+0x86/0x230 [ 15.759013] kunit_try_run_case+0x1a5/0x480 [ 15.759040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.759065] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.759093] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.759119] ? __kthread_parkme+0x82/0x180 [ 15.759142] ? preempt_count_sub+0x50/0x80 [ 15.759168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.759194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.759222] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.759249] kthread+0x337/0x6f0 [ 15.759270] ? trace_preempt_on+0x20/0xc0 [ 15.759295] ? __pfx_kthread+0x10/0x10 [ 15.759317] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.759340] ? calculate_sigpending+0x7b/0xa0 [ 15.759366] ? __pfx_kthread+0x10/0x10 [ 15.759389] ret_from_fork+0x116/0x1d0 [ 15.759422] ? __pfx_kthread+0x10/0x10 [ 15.759445] ret_from_fork_asm+0x1a/0x30 [ 15.759488] </TASK> [ 15.759501] [ 15.771874] Allocated by task 283: [ 15.772026] kasan_save_stack+0x45/0x70 [ 15.772185] kasan_save_track+0x18/0x40 [ 15.772326] kasan_save_alloc_info+0x3b/0x50 [ 15.772506] __kasan_kmalloc+0xb7/0xc0 [ 15.772641] __kmalloc_cache_noprof+0x189/0x420 [ 15.772923] kasan_atomics+0x95/0x310 [ 15.773115] kunit_try_run_case+0x1a5/0x480 [ 15.773326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.773559] kthread+0x337/0x6f0 [ 15.773684] ret_from_fork+0x116/0x1d0 [ 15.773872] ret_from_fork_asm+0x1a/0x30 [ 15.774094] [ 15.774189] The buggy address belongs to the object at ffff8881026d6200 [ 15.774189] which belongs to the cache kmalloc-64 of size 64 [ 15.774890] The buggy address is located 0 bytes to the right of [ 15.774890] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.775379] [ 15.775530] The buggy address belongs to the physical page: [ 15.775771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.776040] flags: 0x200000000000000(node=0|zone=2) [ 15.776266] page_type: f5(slab) [ 15.776473] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.776852] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.777212] page dumped because: kasan: bad access detected [ 15.777465] [ 15.777553] Memory state around the buggy address: [ 15.777743] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.777959] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.778296] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.778691] ^ [ 15.778859] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.779117] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.779621] ================================================================== [ 15.471814] ================================================================== [ 15.472253] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.472685] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.473003] [ 15.473126] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.473171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.473193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.473216] Call Trace: [ 15.473234] <TASK> [ 15.473262] dump_stack_lvl+0x73/0xb0 [ 15.473292] print_report+0xd1/0x610 [ 15.473316] ? __virt_addr_valid+0x1db/0x2d0 [ 15.473349] ? kasan_atomics_helper+0xc70/0x5450 [ 15.473371] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.473420] ? kasan_atomics_helper+0xc70/0x5450 [ 15.473445] kasan_report+0x141/0x180 [ 15.473477] ? kasan_atomics_helper+0xc70/0x5450 [ 15.473505] kasan_check_range+0x10c/0x1c0 [ 15.473540] __kasan_check_write+0x18/0x20 [ 15.473561] kasan_atomics_helper+0xc70/0x5450 [ 15.473596] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.473621] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.473654] kasan_atomics+0x1dc/0x310 [ 15.473678] ? __pfx_kasan_atomics+0x10/0x10 [ 15.473705] ? __pfx_read_tsc+0x10/0x10 [ 15.473736] ? ktime_get_ts64+0x86/0x230 [ 15.473763] kunit_try_run_case+0x1a5/0x480 [ 15.473800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.473825] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.473852] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.473885] ? __kthread_parkme+0x82/0x180 [ 15.473908] ? preempt_count_sub+0x50/0x80 [ 15.473935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.473972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.473998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.474027] kthread+0x337/0x6f0 [ 15.474047] ? trace_preempt_on+0x20/0xc0 [ 15.474072] ? __pfx_kthread+0x10/0x10 [ 15.474095] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.474118] ? calculate_sigpending+0x7b/0xa0 [ 15.474144] ? __pfx_kthread+0x10/0x10 [ 15.474167] ret_from_fork+0x116/0x1d0 [ 15.474188] ? __pfx_kthread+0x10/0x10 [ 15.474210] ret_from_fork_asm+0x1a/0x30 [ 15.474243] </TASK> [ 15.474254] [ 15.481631] Allocated by task 283: [ 15.481818] kasan_save_stack+0x45/0x70 [ 15.482049] kasan_save_track+0x18/0x40 [ 15.482247] kasan_save_alloc_info+0x3b/0x50 [ 15.482498] __kasan_kmalloc+0xb7/0xc0 [ 15.482673] __kmalloc_cache_noprof+0x189/0x420 [ 15.482892] kasan_atomics+0x95/0x310 [ 15.483088] kunit_try_run_case+0x1a5/0x480 [ 15.483290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.484567] kthread+0x337/0x6f0 [ 15.485637] ret_from_fork+0x116/0x1d0 [ 15.485811] ret_from_fork_asm+0x1a/0x30 [ 15.486849] [ 15.486937] The buggy address belongs to the object at ffff8881026d6200 [ 15.486937] which belongs to the cache kmalloc-64 of size 64 [ 15.487286] The buggy address is located 0 bytes to the right of [ 15.487286] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.487685] [ 15.487787] The buggy address belongs to the physical page: [ 15.487998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.488235] flags: 0x200000000000000(node=0|zone=2) [ 15.488447] page_type: f5(slab) [ 15.488659] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.488996] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.490208] page dumped because: kasan: bad access detected [ 15.490420] [ 15.490509] Memory state around the buggy address: [ 15.490700] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.491041] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.491360] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.491687] ^ [ 15.493508] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.494641] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.494929] ================================================================== [ 15.533983] ================================================================== [ 15.534382] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.534780] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.535138] [ 15.535248] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.535294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.535306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.535328] Call Trace: [ 15.535348] <TASK> [ 15.535366] dump_stack_lvl+0x73/0xb0 [ 15.535417] print_report+0xd1/0x610 [ 15.535441] ? __virt_addr_valid+0x1db/0x2d0 [ 15.535474] ? kasan_atomics_helper+0xde0/0x5450 [ 15.535496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.535521] ? kasan_atomics_helper+0xde0/0x5450 [ 15.535545] kasan_report+0x141/0x180 [ 15.535568] ? kasan_atomics_helper+0xde0/0x5450 [ 15.535596] kasan_check_range+0x10c/0x1c0 [ 15.535621] __kasan_check_write+0x18/0x20 [ 15.535651] kasan_atomics_helper+0xde0/0x5450 [ 15.535675] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.535700] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.535744] kasan_atomics+0x1dc/0x310 [ 15.535768] ? __pfx_kasan_atomics+0x10/0x10 [ 15.535794] ? __pfx_read_tsc+0x10/0x10 [ 15.535817] ? ktime_get_ts64+0x86/0x230 [ 15.535843] kunit_try_run_case+0x1a5/0x480 [ 15.535870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.535895] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.535922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.535947] ? __kthread_parkme+0x82/0x180 [ 15.535970] ? preempt_count_sub+0x50/0x80 [ 15.535996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.536022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.536049] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.536078] kthread+0x337/0x6f0 [ 15.536102] ? trace_preempt_on+0x20/0xc0 [ 15.536127] ? __pfx_kthread+0x10/0x10 [ 15.536149] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.536172] ? calculate_sigpending+0x7b/0xa0 [ 15.536199] ? __pfx_kthread+0x10/0x10 [ 15.536222] ret_from_fork+0x116/0x1d0 [ 15.536242] ? __pfx_kthread+0x10/0x10 [ 15.536263] ret_from_fork_asm+0x1a/0x30 [ 15.536307] </TASK> [ 15.536320] [ 15.543377] Allocated by task 283: [ 15.543538] kasan_save_stack+0x45/0x70 [ 15.543685] kasan_save_track+0x18/0x40 [ 15.543891] kasan_save_alloc_info+0x3b/0x50 [ 15.544099] __kasan_kmalloc+0xb7/0xc0 [ 15.544286] __kmalloc_cache_noprof+0x189/0x420 [ 15.544538] kasan_atomics+0x95/0x310 [ 15.544729] kunit_try_run_case+0x1a5/0x480 [ 15.544937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.545137] kthread+0x337/0x6f0 [ 15.545257] ret_from_fork+0x116/0x1d0 [ 15.545480] ret_from_fork_asm+0x1a/0x30 [ 15.545693] [ 15.545814] The buggy address belongs to the object at ffff8881026d6200 [ 15.545814] which belongs to the cache kmalloc-64 of size 64 [ 15.546214] The buggy address is located 0 bytes to the right of [ 15.546214] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.546592] [ 15.546692] The buggy address belongs to the physical page: [ 15.546961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.547304] flags: 0x200000000000000(node=0|zone=2) [ 15.547568] page_type: f5(slab) [ 15.547733] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.548064] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.548310] page dumped because: kasan: bad access detected [ 15.548536] [ 15.548630] Memory state around the buggy address: [ 15.548866] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.549219] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.549587] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.549885] ^ [ 15.550038] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.550349] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.550670] ================================================================== [ 15.658908] ================================================================== [ 15.659273] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.659919] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.660274] [ 15.660437] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.660503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.660526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.660550] Call Trace: [ 15.660572] <TASK> [ 15.660603] dump_stack_lvl+0x73/0xb0 [ 15.660635] print_report+0xd1/0x610 [ 15.660663] ? __virt_addr_valid+0x1db/0x2d0 [ 15.660690] ? kasan_atomics_helper+0x1148/0x5450 [ 15.660714] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.660741] ? kasan_atomics_helper+0x1148/0x5450 [ 15.660765] kasan_report+0x141/0x180 [ 15.660789] ? kasan_atomics_helper+0x1148/0x5450 [ 15.660818] kasan_check_range+0x10c/0x1c0 [ 15.660844] __kasan_check_write+0x18/0x20 [ 15.660875] kasan_atomics_helper+0x1148/0x5450 [ 15.660899] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.660924] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.660968] kasan_atomics+0x1dc/0x310 [ 15.660993] ? __pfx_kasan_atomics+0x10/0x10 [ 15.661019] ? __pfx_read_tsc+0x10/0x10 [ 15.661043] ? ktime_get_ts64+0x86/0x230 [ 15.661070] kunit_try_run_case+0x1a5/0x480 [ 15.661097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.661122] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.661149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.661176] ? __kthread_parkme+0x82/0x180 [ 15.661199] ? preempt_count_sub+0x50/0x80 [ 15.661235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.661261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.661298] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.661326] kthread+0x337/0x6f0 [ 15.661347] ? trace_preempt_on+0x20/0xc0 [ 15.661373] ? __pfx_kthread+0x10/0x10 [ 15.661421] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.661445] ? calculate_sigpending+0x7b/0xa0 [ 15.661486] ? __pfx_kthread+0x10/0x10 [ 15.661510] ret_from_fork+0x116/0x1d0 [ 15.661531] ? __pfx_kthread+0x10/0x10 [ 15.661554] ret_from_fork_asm+0x1a/0x30 [ 15.661595] </TASK> [ 15.661608] [ 15.668972] Allocated by task 283: [ 15.669152] kasan_save_stack+0x45/0x70 [ 15.669365] kasan_save_track+0x18/0x40 [ 15.669579] kasan_save_alloc_info+0x3b/0x50 [ 15.669791] __kasan_kmalloc+0xb7/0xc0 [ 15.669927] __kmalloc_cache_noprof+0x189/0x420 [ 15.670085] kasan_atomics+0x95/0x310 [ 15.670300] kunit_try_run_case+0x1a5/0x480 [ 15.670546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.670798] kthread+0x337/0x6f0 [ 15.670921] ret_from_fork+0x116/0x1d0 [ 15.671058] ret_from_fork_asm+0x1a/0x30 [ 15.671255] [ 15.671352] The buggy address belongs to the object at ffff8881026d6200 [ 15.671352] which belongs to the cache kmalloc-64 of size 64 [ 15.671936] The buggy address is located 0 bytes to the right of [ 15.671936] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.672343] [ 15.672442] The buggy address belongs to the physical page: [ 15.672628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.672983] flags: 0x200000000000000(node=0|zone=2) [ 15.673233] page_type: f5(slab) [ 15.673438] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.673790] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.674123] page dumped because: kasan: bad access detected [ 15.674315] [ 15.674385] Memory state around the buggy address: [ 15.674628] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.674986] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.675331] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.675589] ^ [ 15.675769] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.676117] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.676471] ================================================================== [ 15.551335] ================================================================== [ 15.551817] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.552156] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.552479] [ 15.552611] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.552669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.552683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.552705] Call Trace: [ 15.552723] <TASK> [ 15.552741] dump_stack_lvl+0x73/0xb0 [ 15.552771] print_report+0xd1/0x610 [ 15.552795] ? __virt_addr_valid+0x1db/0x2d0 [ 15.552821] ? kasan_atomics_helper+0xe78/0x5450 [ 15.552843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.552868] ? kasan_atomics_helper+0xe78/0x5450 [ 15.552891] kasan_report+0x141/0x180 [ 15.552924] ? kasan_atomics_helper+0xe78/0x5450 [ 15.552953] kasan_check_range+0x10c/0x1c0 [ 15.552979] __kasan_check_write+0x18/0x20 [ 15.553012] kasan_atomics_helper+0xe78/0x5450 [ 15.553037] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.553061] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.553094] kasan_atomics+0x1dc/0x310 [ 15.553119] ? __pfx_kasan_atomics+0x10/0x10 [ 15.553145] ? __pfx_read_tsc+0x10/0x10 [ 15.553168] ? ktime_get_ts64+0x86/0x230 [ 15.553193] kunit_try_run_case+0x1a5/0x480 [ 15.553220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.553245] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.553272] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.553297] ? __kthread_parkme+0x82/0x180 [ 15.553320] ? preempt_count_sub+0x50/0x80 [ 15.553346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.553371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.553424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.553468] kthread+0x337/0x6f0 [ 15.553490] ? trace_preempt_on+0x20/0xc0 [ 15.553515] ? __pfx_kthread+0x10/0x10 [ 15.553537] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.553560] ? calculate_sigpending+0x7b/0xa0 [ 15.553586] ? __pfx_kthread+0x10/0x10 [ 15.553610] ret_from_fork+0x116/0x1d0 [ 15.553630] ? __pfx_kthread+0x10/0x10 [ 15.553653] ret_from_fork_asm+0x1a/0x30 [ 15.553685] </TASK> [ 15.553697] [ 15.560940] Allocated by task 283: [ 15.561075] kasan_save_stack+0x45/0x70 [ 15.561222] kasan_save_track+0x18/0x40 [ 15.561358] kasan_save_alloc_info+0x3b/0x50 [ 15.561618] __kasan_kmalloc+0xb7/0xc0 [ 15.561836] __kmalloc_cache_noprof+0x189/0x420 [ 15.562080] kasan_atomics+0x95/0x310 [ 15.562284] kunit_try_run_case+0x1a5/0x480 [ 15.562538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.562810] kthread+0x337/0x6f0 [ 15.562994] ret_from_fork+0x116/0x1d0 [ 15.563166] ret_from_fork_asm+0x1a/0x30 [ 15.563348] [ 15.563465] The buggy address belongs to the object at ffff8881026d6200 [ 15.563465] which belongs to the cache kmalloc-64 of size 64 [ 15.563910] The buggy address is located 0 bytes to the right of [ 15.563910] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.564273] [ 15.564349] The buggy address belongs to the physical page: [ 15.564623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.564981] flags: 0x200000000000000(node=0|zone=2) [ 15.565213] page_type: f5(slab) [ 15.565380] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.565749] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.566080] page dumped because: kasan: bad access detected [ 15.566250] [ 15.566319] Memory state around the buggy address: [ 15.566522] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.566874] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.567222] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.567607] ^ [ 15.567856] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.568085] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.568461] ================================================================== [ 15.865719] ================================================================== [ 15.866597] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.867262] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.867926] [ 15.868127] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.868177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.868190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.868214] Call Trace: [ 15.868234] <TASK> [ 15.868252] dump_stack_lvl+0x73/0xb0 [ 15.868312] print_report+0xd1/0x610 [ 15.868339] ? __virt_addr_valid+0x1db/0x2d0 [ 15.868365] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.868389] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.868435] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.868467] kasan_report+0x141/0x180 [ 15.868491] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.868520] __asan_report_store8_noabort+0x1b/0x30 [ 15.868548] kasan_atomics_helper+0x50d4/0x5450 [ 15.868573] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.868598] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.868631] kasan_atomics+0x1dc/0x310 [ 15.868656] ? __pfx_kasan_atomics+0x10/0x10 [ 15.868684] ? __pfx_read_tsc+0x10/0x10 [ 15.868709] ? ktime_get_ts64+0x86/0x230 [ 15.868735] kunit_try_run_case+0x1a5/0x480 [ 15.868763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.868788] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.868815] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.868841] ? __kthread_parkme+0x82/0x180 [ 15.868865] ? preempt_count_sub+0x50/0x80 [ 15.868890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.868917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.868943] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.868971] kthread+0x337/0x6f0 [ 15.868992] ? trace_preempt_on+0x20/0xc0 [ 15.869017] ? __pfx_kthread+0x10/0x10 [ 15.869039] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.869062] ? calculate_sigpending+0x7b/0xa0 [ 15.869088] ? __pfx_kthread+0x10/0x10 [ 15.869112] ret_from_fork+0x116/0x1d0 [ 15.869132] ? __pfx_kthread+0x10/0x10 [ 15.869154] ret_from_fork_asm+0x1a/0x30 [ 15.869188] </TASK> [ 15.869198] [ 15.879114] Allocated by task 283: [ 15.879512] kasan_save_stack+0x45/0x70 [ 15.879716] kasan_save_track+0x18/0x40 [ 15.879895] kasan_save_alloc_info+0x3b/0x50 [ 15.880093] __kasan_kmalloc+0xb7/0xc0 [ 15.880274] __kmalloc_cache_noprof+0x189/0x420 [ 15.880797] kasan_atomics+0x95/0x310 [ 15.880966] kunit_try_run_case+0x1a5/0x480 [ 15.881358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.881758] kthread+0x337/0x6f0 [ 15.881934] ret_from_fork+0x116/0x1d0 [ 15.882239] ret_from_fork_asm+0x1a/0x30 [ 15.882622] [ 15.882731] The buggy address belongs to the object at ffff8881026d6200 [ 15.882731] which belongs to the cache kmalloc-64 of size 64 [ 15.883479] The buggy address is located 0 bytes to the right of [ 15.883479] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.884153] [ 15.884250] The buggy address belongs to the physical page: [ 15.884659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.885051] flags: 0x200000000000000(node=0|zone=2) [ 15.885289] page_type: f5(slab) [ 15.885630] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.885952] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.886342] page dumped because: kasan: bad access detected [ 15.886703] [ 15.886806] Memory state around the buggy address: [ 15.887182] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.887671] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.888047] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.888433] ^ [ 15.888695] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.888999] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.889298] ================================================================== [ 15.344666] ================================================================== [ 15.345041] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.345419] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.345766] [ 15.345862] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.345909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.345921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.345945] Call Trace: [ 15.345965] <TASK> [ 15.345983] dump_stack_lvl+0x73/0xb0 [ 15.346013] print_report+0xd1/0x610 [ 15.346038] ? __virt_addr_valid+0x1db/0x2d0 [ 15.346064] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.346088] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.346114] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.346150] kasan_report+0x141/0x180 [ 15.346179] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.346207] kasan_check_range+0x10c/0x1c0 [ 15.346244] __kasan_check_write+0x18/0x20 [ 15.346265] kasan_atomics_helper+0x7c7/0x5450 [ 15.346289] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.346315] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.346347] kasan_atomics+0x1dc/0x310 [ 15.346372] ? __pfx_kasan_atomics+0x10/0x10 [ 15.346419] ? __pfx_read_tsc+0x10/0x10 [ 15.346458] ? ktime_get_ts64+0x86/0x230 [ 15.346484] kunit_try_run_case+0x1a5/0x480 [ 15.346521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.346546] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.346574] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.346600] ? __kthread_parkme+0x82/0x180 [ 15.346633] ? preempt_count_sub+0x50/0x80 [ 15.346659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.346685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.346722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.346750] kthread+0x337/0x6f0 [ 15.346770] ? trace_preempt_on+0x20/0xc0 [ 15.346796] ? __pfx_kthread+0x10/0x10 [ 15.346818] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.346842] ? calculate_sigpending+0x7b/0xa0 [ 15.346869] ? __pfx_kthread+0x10/0x10 [ 15.346892] ret_from_fork+0x116/0x1d0 [ 15.346912] ? __pfx_kthread+0x10/0x10 [ 15.346934] ret_from_fork_asm+0x1a/0x30 [ 15.346968] </TASK> [ 15.346979] [ 15.354129] Allocated by task 283: [ 15.354330] kasan_save_stack+0x45/0x70 [ 15.354575] kasan_save_track+0x18/0x40 [ 15.354768] kasan_save_alloc_info+0x3b/0x50 [ 15.354978] __kasan_kmalloc+0xb7/0xc0 [ 15.355164] __kmalloc_cache_noprof+0x189/0x420 [ 15.355385] kasan_atomics+0x95/0x310 [ 15.355602] kunit_try_run_case+0x1a5/0x480 [ 15.355815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.356066] kthread+0x337/0x6f0 [ 15.356234] ret_from_fork+0x116/0x1d0 [ 15.356423] ret_from_fork_asm+0x1a/0x30 [ 15.356649] [ 15.356750] The buggy address belongs to the object at ffff8881026d6200 [ 15.356750] which belongs to the cache kmalloc-64 of size 64 [ 15.357161] The buggy address is located 0 bytes to the right of [ 15.357161] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.357634] [ 15.357746] The buggy address belongs to the physical page: [ 15.358012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.358387] flags: 0x200000000000000(node=0|zone=2) [ 15.358626] page_type: f5(slab) [ 15.358798] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.359130] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.359494] page dumped because: kasan: bad access detected [ 15.359745] [ 15.359847] Memory state around the buggy address: [ 15.360055] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.360362] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.360724] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.361027] ^ [ 15.361239] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.361523] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.361887] ================================================================== [ 15.780310] ================================================================== [ 15.781142] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.781592] Read of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.781819] [ 15.781912] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.781962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.781975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.781999] Call Trace: [ 15.782020] <TASK> [ 15.782039] dump_stack_lvl+0x73/0xb0 [ 15.782071] print_report+0xd1/0x610 [ 15.782097] ? __virt_addr_valid+0x1db/0x2d0 [ 15.782122] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.782145] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.782171] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.782196] kasan_report+0x141/0x180 [ 15.782219] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.782249] kasan_check_range+0x10c/0x1c0 [ 15.782275] __kasan_check_read+0x15/0x20 [ 15.782297] kasan_atomics_helper+0x13b5/0x5450 [ 15.782322] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.782347] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.782379] kasan_atomics+0x1dc/0x310 [ 15.782433] ? __pfx_kasan_atomics+0x10/0x10 [ 15.782468] ? __pfx_read_tsc+0x10/0x10 [ 15.782491] ? ktime_get_ts64+0x86/0x230 [ 15.782541] kunit_try_run_case+0x1a5/0x480 [ 15.782570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.782595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.782622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.782648] ? __kthread_parkme+0x82/0x180 [ 15.782671] ? preempt_count_sub+0x50/0x80 [ 15.782698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.782743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.782770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.782797] kthread+0x337/0x6f0 [ 15.782818] ? trace_preempt_on+0x20/0xc0 [ 15.782844] ? __pfx_kthread+0x10/0x10 [ 15.782867] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.782891] ? calculate_sigpending+0x7b/0xa0 [ 15.782918] ? __pfx_kthread+0x10/0x10 [ 15.782960] ret_from_fork+0x116/0x1d0 [ 15.782981] ? __pfx_kthread+0x10/0x10 [ 15.783003] ret_from_fork_asm+0x1a/0x30 [ 15.783036] </TASK> [ 15.783048] [ 15.796180] Allocated by task 283: [ 15.796332] kasan_save_stack+0x45/0x70 [ 15.796741] kasan_save_track+0x18/0x40 [ 15.797112] kasan_save_alloc_info+0x3b/0x50 [ 15.797542] __kasan_kmalloc+0xb7/0xc0 [ 15.797897] __kmalloc_cache_noprof+0x189/0x420 [ 15.798310] kasan_atomics+0x95/0x310 [ 15.798698] kunit_try_run_case+0x1a5/0x480 [ 15.798946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.799121] kthread+0x337/0x6f0 [ 15.799239] ret_from_fork+0x116/0x1d0 [ 15.799370] ret_from_fork_asm+0x1a/0x30 [ 15.799789] [ 15.799962] The buggy address belongs to the object at ffff8881026d6200 [ 15.799962] which belongs to the cache kmalloc-64 of size 64 [ 15.801092] The buggy address is located 0 bytes to the right of [ 15.801092] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.802194] [ 15.802306] The buggy address belongs to the physical page: [ 15.802691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.803222] flags: 0x200000000000000(node=0|zone=2) [ 15.803385] page_type: f5(slab) [ 15.803729] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.804418] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.804945] page dumped because: kasan: bad access detected [ 15.805113] [ 15.805181] Memory state around the buggy address: [ 15.805333] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.805907] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.806547] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.807156] ^ [ 15.807618] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.808265] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.808748] ================================================================== [ 15.961216] ================================================================== [ 15.961904] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.962234] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.962648] [ 15.962758] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.962808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.962822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.962846] Call Trace: [ 15.962866] <TASK> [ 15.962886] dump_stack_lvl+0x73/0xb0 [ 15.962918] print_report+0xd1/0x610 [ 15.962944] ? __virt_addr_valid+0x1db/0x2d0 [ 15.962970] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.962995] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.963021] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.963046] kasan_report+0x141/0x180 [ 15.963070] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.963099] kasan_check_range+0x10c/0x1c0 [ 15.963125] __kasan_check_write+0x18/0x20 [ 15.963147] kasan_atomics_helper+0x16e7/0x5450 [ 15.963173] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.963199] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.963232] kasan_atomics+0x1dc/0x310 [ 15.963257] ? __pfx_kasan_atomics+0x10/0x10 [ 15.963284] ? __pfx_read_tsc+0x10/0x10 [ 15.963308] ? ktime_get_ts64+0x86/0x230 [ 15.963335] kunit_try_run_case+0x1a5/0x480 [ 15.963362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.963388] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.963630] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.963662] ? __kthread_parkme+0x82/0x180 [ 15.963687] ? preempt_count_sub+0x50/0x80 [ 15.963714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.963742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.963769] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.963797] kthread+0x337/0x6f0 [ 15.963819] ? trace_preempt_on+0x20/0xc0 [ 15.963846] ? __pfx_kthread+0x10/0x10 [ 15.963869] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.963893] ? calculate_sigpending+0x7b/0xa0 [ 15.963920] ? __pfx_kthread+0x10/0x10 [ 15.963944] ret_from_fork+0x116/0x1d0 [ 15.963965] ? __pfx_kthread+0x10/0x10 [ 15.963989] ret_from_fork_asm+0x1a/0x30 [ 15.964022] </TASK> [ 15.964035] [ 15.973398] Allocated by task 283: [ 15.973809] kasan_save_stack+0x45/0x70 [ 15.974123] kasan_save_track+0x18/0x40 [ 15.974352] kasan_save_alloc_info+0x3b/0x50 [ 15.974739] __kasan_kmalloc+0xb7/0xc0 [ 15.974998] __kmalloc_cache_noprof+0x189/0x420 [ 15.975174] kasan_atomics+0x95/0x310 [ 15.975536] kunit_try_run_case+0x1a5/0x480 [ 15.975699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.975984] kthread+0x337/0x6f0 [ 15.976143] ret_from_fork+0x116/0x1d0 [ 15.976319] ret_from_fork_asm+0x1a/0x30 [ 15.976713] [ 15.976800] The buggy address belongs to the object at ffff8881026d6200 [ 15.976800] which belongs to the cache kmalloc-64 of size 64 [ 15.977407] The buggy address is located 0 bytes to the right of [ 15.977407] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.978035] [ 15.978239] The buggy address belongs to the physical page: [ 15.978427] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.978847] flags: 0x200000000000000(node=0|zone=2) [ 15.979074] page_type: f5(slab) [ 15.979229] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.979784] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.980142] page dumped because: kasan: bad access detected [ 15.980394] [ 15.980625] Memory state around the buggy address: [ 15.980808] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.981210] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.981607] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.981963] ^ [ 15.982255] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.982666] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.983026] ================================================================== [ 15.453853] ================================================================== [ 15.454228] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.454654] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.454967] [ 15.455082] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.455128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.455141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.455164] Call Trace: [ 15.455182] <TASK> [ 15.455199] dump_stack_lvl+0x73/0xb0 [ 15.455229] print_report+0xd1/0x610 [ 15.455253] ? __virt_addr_valid+0x1db/0x2d0 [ 15.455279] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.455302] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.455328] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.455352] kasan_report+0x141/0x180 [ 15.455378] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.455429] kasan_check_range+0x10c/0x1c0 [ 15.455463] __kasan_check_write+0x18/0x20 [ 15.455484] kasan_atomics_helper+0xb6a/0x5450 [ 15.455509] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.455533] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.455566] kasan_atomics+0x1dc/0x310 [ 15.455601] ? __pfx_kasan_atomics+0x10/0x10 [ 15.455628] ? __pfx_read_tsc+0x10/0x10 [ 15.455662] ? ktime_get_ts64+0x86/0x230 [ 15.455688] kunit_try_run_case+0x1a5/0x480 [ 15.455715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.455740] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.455767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.455794] ? __kthread_parkme+0x82/0x180 [ 15.455816] ? preempt_count_sub+0x50/0x80 [ 15.455843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.455870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.455896] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.455924] kthread+0x337/0x6f0 [ 15.455944] ? trace_preempt_on+0x20/0xc0 [ 15.455969] ? __pfx_kthread+0x10/0x10 [ 15.456000] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.456024] ? calculate_sigpending+0x7b/0xa0 [ 15.456050] ? __pfx_kthread+0x10/0x10 [ 15.456084] ret_from_fork+0x116/0x1d0 [ 15.456104] ? __pfx_kthread+0x10/0x10 [ 15.456127] ret_from_fork_asm+0x1a/0x30 [ 15.456160] </TASK> [ 15.456171] [ 15.463512] Allocated by task 283: [ 15.463699] kasan_save_stack+0x45/0x70 [ 15.463891] kasan_save_track+0x18/0x40 [ 15.464085] kasan_save_alloc_info+0x3b/0x50 [ 15.464301] __kasan_kmalloc+0xb7/0xc0 [ 15.464514] __kmalloc_cache_noprof+0x189/0x420 [ 15.464735] kasan_atomics+0x95/0x310 [ 15.464929] kunit_try_run_case+0x1a5/0x480 [ 15.465135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.465387] kthread+0x337/0x6f0 [ 15.465579] ret_from_fork+0x116/0x1d0 [ 15.465779] ret_from_fork_asm+0x1a/0x30 [ 15.465971] [ 15.466065] The buggy address belongs to the object at ffff8881026d6200 [ 15.466065] which belongs to the cache kmalloc-64 of size 64 [ 15.466591] The buggy address is located 0 bytes to the right of [ 15.466591] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.467115] [ 15.467226] The buggy address belongs to the physical page: [ 15.467442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.467693] flags: 0x200000000000000(node=0|zone=2) [ 15.467858] page_type: f5(slab) [ 15.467990] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.468329] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.468713] page dumped because: kasan: bad access detected [ 15.468963] [ 15.469053] Memory state around the buggy address: [ 15.469276] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.469598] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.469903] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.470117] ^ [ 15.470270] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.470554] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.470894] ================================================================== [ 16.213219] ================================================================== [ 16.213516] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.214257] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.215004] [ 16.215200] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.215249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.215285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.215308] Call Trace: [ 16.215329] <TASK> [ 16.215349] dump_stack_lvl+0x73/0xb0 [ 16.215382] print_report+0xd1/0x610 [ 16.215406] ? __virt_addr_valid+0x1db/0x2d0 [ 16.215441] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.215476] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.215501] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.215525] kasan_report+0x141/0x180 [ 16.215549] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.215576] kasan_check_range+0x10c/0x1c0 [ 16.215601] __kasan_check_write+0x18/0x20 [ 16.215623] kasan_atomics_helper+0x1d7a/0x5450 [ 16.215647] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.215672] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.215705] kasan_atomics+0x1dc/0x310 [ 16.215729] ? __pfx_kasan_atomics+0x10/0x10 [ 16.215755] ? __pfx_read_tsc+0x10/0x10 [ 16.215778] ? ktime_get_ts64+0x86/0x230 [ 16.215806] kunit_try_run_case+0x1a5/0x480 [ 16.215836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.215862] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.215889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.215914] ? __kthread_parkme+0x82/0x180 [ 16.215937] ? preempt_count_sub+0x50/0x80 [ 16.215963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.215989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.216016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.216044] kthread+0x337/0x6f0 [ 16.216064] ? trace_preempt_on+0x20/0xc0 [ 16.216089] ? __pfx_kthread+0x10/0x10 [ 16.216111] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.216134] ? calculate_sigpending+0x7b/0xa0 [ 16.216161] ? __pfx_kthread+0x10/0x10 [ 16.216184] ret_from_fork+0x116/0x1d0 [ 16.216203] ? __pfx_kthread+0x10/0x10 [ 16.216225] ret_from_fork_asm+0x1a/0x30 [ 16.216258] </TASK> [ 16.216269] [ 16.225337] Allocated by task 283: [ 16.225594] kasan_save_stack+0x45/0x70 [ 16.225802] kasan_save_track+0x18/0x40 [ 16.225940] kasan_save_alloc_info+0x3b/0x50 [ 16.226092] __kasan_kmalloc+0xb7/0xc0 [ 16.226248] __kmalloc_cache_noprof+0x189/0x420 [ 16.226561] kasan_atomics+0x95/0x310 [ 16.226774] kunit_try_run_case+0x1a5/0x480 [ 16.227024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.227303] kthread+0x337/0x6f0 [ 16.227481] ret_from_fork+0x116/0x1d0 [ 16.227695] ret_from_fork_asm+0x1a/0x30 [ 16.227897] [ 16.228000] The buggy address belongs to the object at ffff8881026d6200 [ 16.228000] which belongs to the cache kmalloc-64 of size 64 [ 16.228509] The buggy address is located 0 bytes to the right of [ 16.228509] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.229006] [ 16.229105] The buggy address belongs to the physical page: [ 16.229379] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.229775] flags: 0x200000000000000(node=0|zone=2) [ 16.230033] page_type: f5(slab) [ 16.230211] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.230599] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.230884] page dumped because: kasan: bad access detected [ 16.231049] [ 16.231162] Memory state around the buggy address: [ 16.231385] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.231867] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.232189] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.232404] ^ [ 16.232666] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.233004] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.233294] ================================================================== [ 15.809390] ================================================================== [ 15.810779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.811599] Read of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.812226] [ 15.812433] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.812494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.812507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.812531] Call Trace: [ 15.812552] <TASK> [ 15.812573] dump_stack_lvl+0x73/0xb0 [ 15.812606] print_report+0xd1/0x610 [ 15.812631] ? __virt_addr_valid+0x1db/0x2d0 [ 15.812658] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.812682] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.812707] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.812732] kasan_report+0x141/0x180 [ 15.812755] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.812784] __asan_report_load8_noabort+0x18/0x20 [ 15.812811] kasan_atomics_helper+0x4eae/0x5450 [ 15.812836] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.812861] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.812894] kasan_atomics+0x1dc/0x310 [ 15.812919] ? __pfx_kasan_atomics+0x10/0x10 [ 15.812945] ? __pfx_read_tsc+0x10/0x10 [ 15.812969] ? ktime_get_ts64+0x86/0x230 [ 15.812996] kunit_try_run_case+0x1a5/0x480 [ 15.813023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.813048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.813075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.813101] ? __kthread_parkme+0x82/0x180 [ 15.813125] ? preempt_count_sub+0x50/0x80 [ 15.813151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.813178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.813205] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.813232] kthread+0x337/0x6f0 [ 15.813254] ? trace_preempt_on+0x20/0xc0 [ 15.813279] ? __pfx_kthread+0x10/0x10 [ 15.813301] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.813325] ? calculate_sigpending+0x7b/0xa0 [ 15.813352] ? __pfx_kthread+0x10/0x10 [ 15.813375] ret_from_fork+0x116/0x1d0 [ 15.813435] ? __pfx_kthread+0x10/0x10 [ 15.813468] ret_from_fork_asm+0x1a/0x30 [ 15.813502] </TASK> [ 15.813515] [ 15.825557] Allocated by task 283: [ 15.825889] kasan_save_stack+0x45/0x70 [ 15.826116] kasan_save_track+0x18/0x40 [ 15.826254] kasan_save_alloc_info+0x3b/0x50 [ 15.826427] __kasan_kmalloc+0xb7/0xc0 [ 15.826811] __kmalloc_cache_noprof+0x189/0x420 [ 15.827255] kasan_atomics+0x95/0x310 [ 15.827648] kunit_try_run_case+0x1a5/0x480 [ 15.828038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.828375] kthread+0x337/0x6f0 [ 15.828740] ret_from_fork+0x116/0x1d0 [ 15.829001] ret_from_fork_asm+0x1a/0x30 [ 15.829324] [ 15.829422] The buggy address belongs to the object at ffff8881026d6200 [ 15.829422] which belongs to the cache kmalloc-64 of size 64 [ 15.830215] The buggy address is located 0 bytes to the right of [ 15.830215] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.830936] [ 15.831011] The buggy address belongs to the physical page: [ 15.831179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.831460] flags: 0x200000000000000(node=0|zone=2) [ 15.831892] page_type: f5(slab) [ 15.832204] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.832905] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.833599] page dumped because: kasan: bad access detected [ 15.834120] [ 15.834296] Memory state around the buggy address: [ 15.834764] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.835159] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.835368] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.836037] ^ [ 15.836501] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.837097] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.837303] ================================================================== [ 16.406367] ================================================================== [ 16.406630] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.407513] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.407935] [ 16.408112] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.408215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.408229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.408254] Call Trace: [ 16.408273] <TASK> [ 16.408297] dump_stack_lvl+0x73/0xb0 [ 16.408329] print_report+0xd1/0x610 [ 16.408355] ? __virt_addr_valid+0x1db/0x2d0 [ 16.408380] ? kasan_atomics_helper+0x218a/0x5450 [ 16.408403] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.408441] ? kasan_atomics_helper+0x218a/0x5450 [ 16.408478] kasan_report+0x141/0x180 [ 16.408502] ? kasan_atomics_helper+0x218a/0x5450 [ 16.408530] kasan_check_range+0x10c/0x1c0 [ 16.408556] __kasan_check_write+0x18/0x20 [ 16.408578] kasan_atomics_helper+0x218a/0x5450 [ 16.408603] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.408628] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.408660] kasan_atomics+0x1dc/0x310 [ 16.408685] ? __pfx_kasan_atomics+0x10/0x10 [ 16.408711] ? __pfx_read_tsc+0x10/0x10 [ 16.408734] ? ktime_get_ts64+0x86/0x230 [ 16.408761] kunit_try_run_case+0x1a5/0x480 [ 16.408787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.408812] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.408839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.408864] ? __kthread_parkme+0x82/0x180 [ 16.408887] ? preempt_count_sub+0x50/0x80 [ 16.408912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.408938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.408965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.408993] kthread+0x337/0x6f0 [ 16.409013] ? trace_preempt_on+0x20/0xc0 [ 16.409038] ? __pfx_kthread+0x10/0x10 [ 16.409059] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.409083] ? calculate_sigpending+0x7b/0xa0 [ 16.409109] ? __pfx_kthread+0x10/0x10 [ 16.409132] ret_from_fork+0x116/0x1d0 [ 16.409152] ? __pfx_kthread+0x10/0x10 [ 16.409174] ret_from_fork_asm+0x1a/0x30 [ 16.409206] </TASK> [ 16.409217] [ 16.418818] Allocated by task 283: [ 16.418996] kasan_save_stack+0x45/0x70 [ 16.419262] kasan_save_track+0x18/0x40 [ 16.419459] kasan_save_alloc_info+0x3b/0x50 [ 16.419792] __kasan_kmalloc+0xb7/0xc0 [ 16.419976] __kmalloc_cache_noprof+0x189/0x420 [ 16.420178] kasan_atomics+0x95/0x310 [ 16.420347] kunit_try_run_case+0x1a5/0x480 [ 16.420751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.421081] kthread+0x337/0x6f0 [ 16.421213] ret_from_fork+0x116/0x1d0 [ 16.421552] ret_from_fork_asm+0x1a/0x30 [ 16.421759] [ 16.421975] The buggy address belongs to the object at ffff8881026d6200 [ 16.421975] which belongs to the cache kmalloc-64 of size 64 [ 16.422616] The buggy address is located 0 bytes to the right of [ 16.422616] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.423112] [ 16.423203] The buggy address belongs to the physical page: [ 16.423649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.423962] flags: 0x200000000000000(node=0|zone=2) [ 16.424258] page_type: f5(slab) [ 16.424389] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.424870] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.425222] page dumped because: kasan: bad access detected [ 16.425409] [ 16.425533] Memory state around the buggy address: [ 16.425872] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.426163] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.426440] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.426929] ^ [ 16.427195] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.427491] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.427884] ================================================================== [ 16.032842] ================================================================== [ 16.033117] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 16.033409] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.034251] [ 16.034371] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.034432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.034446] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.034481] Call Trace: [ 16.034502] <TASK> [ 16.034522] dump_stack_lvl+0x73/0xb0 [ 16.034554] print_report+0xd1/0x610 [ 16.034579] ? __virt_addr_valid+0x1db/0x2d0 [ 16.034695] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.034720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.034746] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.034770] kasan_report+0x141/0x180 [ 16.034794] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.034822] kasan_check_range+0x10c/0x1c0 [ 16.034848] __kasan_check_write+0x18/0x20 [ 16.034869] kasan_atomics_helper+0x18b1/0x5450 [ 16.034893] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.034919] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.034952] kasan_atomics+0x1dc/0x310 [ 16.034976] ? __pfx_kasan_atomics+0x10/0x10 [ 16.035003] ? __pfx_read_tsc+0x10/0x10 [ 16.035026] ? ktime_get_ts64+0x86/0x230 [ 16.035052] kunit_try_run_case+0x1a5/0x480 [ 16.035080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.035105] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.035132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.035158] ? __kthread_parkme+0x82/0x180 [ 16.035181] ? preempt_count_sub+0x50/0x80 [ 16.035207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.035233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.035260] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.035287] kthread+0x337/0x6f0 [ 16.035308] ? trace_preempt_on+0x20/0xc0 [ 16.035333] ? __pfx_kthread+0x10/0x10 [ 16.035355] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.035378] ? calculate_sigpending+0x7b/0xa0 [ 16.035405] ? __pfx_kthread+0x10/0x10 [ 16.035436] ret_from_fork+0x116/0x1d0 [ 16.035469] ? __pfx_kthread+0x10/0x10 [ 16.035491] ret_from_fork_asm+0x1a/0x30 [ 16.035524] </TASK> [ 16.035536] [ 16.044928] Allocated by task 283: [ 16.045202] kasan_save_stack+0x45/0x70 [ 16.045484] kasan_save_track+0x18/0x40 [ 16.045656] kasan_save_alloc_info+0x3b/0x50 [ 16.045967] __kasan_kmalloc+0xb7/0xc0 [ 16.046156] __kmalloc_cache_noprof+0x189/0x420 [ 16.046480] kasan_atomics+0x95/0x310 [ 16.046744] kunit_try_run_case+0x1a5/0x480 [ 16.046912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.047160] kthread+0x337/0x6f0 [ 16.047323] ret_from_fork+0x116/0x1d0 [ 16.047733] ret_from_fork_asm+0x1a/0x30 [ 16.047987] [ 16.048081] The buggy address belongs to the object at ffff8881026d6200 [ 16.048081] which belongs to the cache kmalloc-64 of size 64 [ 16.048699] The buggy address is located 0 bytes to the right of [ 16.048699] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.049264] [ 16.049359] The buggy address belongs to the physical page: [ 16.049796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.050189] flags: 0x200000000000000(node=0|zone=2) [ 16.050420] page_type: f5(slab) [ 16.050763] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.051142] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.051532] page dumped because: kasan: bad access detected [ 16.051819] [ 16.051918] Memory state around the buggy address: [ 16.052191] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.052493] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.052925] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.053282] ^ [ 16.053517] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.053912] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.054279] ================================================================== [ 15.436060] ================================================================== [ 15.436412] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.436791] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.437025] [ 15.437114] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.437160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.437183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.437206] Call Trace: [ 15.437224] <TASK> [ 15.437254] dump_stack_lvl+0x73/0xb0 [ 15.437285] print_report+0xd1/0x610 [ 15.437309] ? __virt_addr_valid+0x1db/0x2d0 [ 15.437334] ? kasan_atomics_helper+0xac7/0x5450 [ 15.437357] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.437383] ? kasan_atomics_helper+0xac7/0x5450 [ 15.437427] kasan_report+0x141/0x180 [ 15.437459] ? kasan_atomics_helper+0xac7/0x5450 [ 15.437487] kasan_check_range+0x10c/0x1c0 [ 15.437514] __kasan_check_write+0x18/0x20 [ 15.437536] kasan_atomics_helper+0xac7/0x5450 [ 15.437563] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.437588] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.437621] kasan_atomics+0x1dc/0x310 [ 15.437645] ? __pfx_kasan_atomics+0x10/0x10 [ 15.437672] ? __pfx_read_tsc+0x10/0x10 [ 15.437704] ? ktime_get_ts64+0x86/0x230 [ 15.437730] kunit_try_run_case+0x1a5/0x480 [ 15.437757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.437794] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.437821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.437846] ? __kthread_parkme+0x82/0x180 [ 15.437880] ? preempt_count_sub+0x50/0x80 [ 15.437905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.437931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.437958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.437986] kthread+0x337/0x6f0 [ 15.438006] ? trace_preempt_on+0x20/0xc0 [ 15.438032] ? __pfx_kthread+0x10/0x10 [ 15.438054] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.438077] ? calculate_sigpending+0x7b/0xa0 [ 15.438104] ? __pfx_kthread+0x10/0x10 [ 15.438127] ret_from_fork+0x116/0x1d0 [ 15.438147] ? __pfx_kthread+0x10/0x10 [ 15.438169] ret_from_fork_asm+0x1a/0x30 [ 15.438201] </TASK> [ 15.438212] [ 15.445692] Allocated by task 283: [ 15.445912] kasan_save_stack+0x45/0x70 [ 15.446140] kasan_save_track+0x18/0x40 [ 15.446346] kasan_save_alloc_info+0x3b/0x50 [ 15.446543] __kasan_kmalloc+0xb7/0xc0 [ 15.446758] __kmalloc_cache_noprof+0x189/0x420 [ 15.447007] kasan_atomics+0x95/0x310 [ 15.447170] kunit_try_run_case+0x1a5/0x480 [ 15.447415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.447672] kthread+0x337/0x6f0 [ 15.447846] ret_from_fork+0x116/0x1d0 [ 15.447983] ret_from_fork_asm+0x1a/0x30 [ 15.448197] [ 15.448297] The buggy address belongs to the object at ffff8881026d6200 [ 15.448297] which belongs to the cache kmalloc-64 of size 64 [ 15.448819] The buggy address is located 0 bytes to the right of [ 15.448819] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.449307] [ 15.449381] The buggy address belongs to the physical page: [ 15.449582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.449826] flags: 0x200000000000000(node=0|zone=2) [ 15.450082] page_type: f5(slab) [ 15.450251] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.450627] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.450956] page dumped because: kasan: bad access detected [ 15.451185] [ 15.451256] Memory state around the buggy address: [ 15.451436] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.451661] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.451924] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.452269] ^ [ 15.452540] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.452897] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.453230] ================================================================== [ 16.123900] ================================================================== [ 16.124250] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 16.124657] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.124944] [ 16.125059] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.125105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.125119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.125141] Call Trace: [ 16.125160] <TASK> [ 16.125178] dump_stack_lvl+0x73/0xb0 [ 16.125209] print_report+0xd1/0x610 [ 16.125234] ? __virt_addr_valid+0x1db/0x2d0 [ 16.125259] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.125283] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.125307] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.125331] kasan_report+0x141/0x180 [ 16.125354] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.125382] kasan_check_range+0x10c/0x1c0 [ 16.125407] __kasan_check_write+0x18/0x20 [ 16.125429] kasan_atomics_helper+0x1b22/0x5450 [ 16.125479] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.125503] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.125536] kasan_atomics+0x1dc/0x310 [ 16.125561] ? __pfx_kasan_atomics+0x10/0x10 [ 16.125588] ? __pfx_read_tsc+0x10/0x10 [ 16.125624] ? ktime_get_ts64+0x86/0x230 [ 16.125650] kunit_try_run_case+0x1a5/0x480 [ 16.125678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.125703] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.125730] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.125757] ? __kthread_parkme+0x82/0x180 [ 16.125779] ? preempt_count_sub+0x50/0x80 [ 16.125806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.125832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.125859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.125887] kthread+0x337/0x6f0 [ 16.125907] ? trace_preempt_on+0x20/0xc0 [ 16.125934] ? __pfx_kthread+0x10/0x10 [ 16.125956] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.125980] ? calculate_sigpending+0x7b/0xa0 [ 16.126007] ? __pfx_kthread+0x10/0x10 [ 16.126030] ret_from_fork+0x116/0x1d0 [ 16.126051] ? __pfx_kthread+0x10/0x10 [ 16.126074] ret_from_fork_asm+0x1a/0x30 [ 16.126107] </TASK> [ 16.126118] [ 16.133114] Allocated by task 283: [ 16.133300] kasan_save_stack+0x45/0x70 [ 16.133552] kasan_save_track+0x18/0x40 [ 16.133750] kasan_save_alloc_info+0x3b/0x50 [ 16.133969] __kasan_kmalloc+0xb7/0xc0 [ 16.134163] __kmalloc_cache_noprof+0x189/0x420 [ 16.134386] kasan_atomics+0x95/0x310 [ 16.134574] kunit_try_run_case+0x1a5/0x480 [ 16.134722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.134962] kthread+0x337/0x6f0 [ 16.135132] ret_from_fork+0x116/0x1d0 [ 16.135327] ret_from_fork_asm+0x1a/0x30 [ 16.135523] [ 16.135626] The buggy address belongs to the object at ffff8881026d6200 [ 16.135626] which belongs to the cache kmalloc-64 of size 64 [ 16.136050] The buggy address is located 0 bytes to the right of [ 16.136050] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.136592] [ 16.136684] The buggy address belongs to the physical page: [ 16.136922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.137236] flags: 0x200000000000000(node=0|zone=2) [ 16.137465] page_type: f5(slab) [ 16.137599] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.137835] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.138061] page dumped because: kasan: bad access detected [ 16.138232] [ 16.138325] Memory state around the buggy address: [ 16.138555] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.138868] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.139177] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.139496] ^ [ 16.139715] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.140065] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.140280] ================================================================== [ 16.383724] ================================================================== [ 16.384301] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.384871] Read of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.385305] [ 16.385521] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.385576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.385590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.385614] Call Trace: [ 16.385634] <TASK> [ 16.385655] dump_stack_lvl+0x73/0xb0 [ 16.385687] print_report+0xd1/0x610 [ 16.385712] ? __virt_addr_valid+0x1db/0x2d0 [ 16.385738] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.385762] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.385787] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.385811] kasan_report+0x141/0x180 [ 16.385834] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.385862] __asan_report_load8_noabort+0x18/0x20 [ 16.385889] kasan_atomics_helper+0x4fb2/0x5450 [ 16.385913] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.385938] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.385971] kasan_atomics+0x1dc/0x310 [ 16.385996] ? __pfx_kasan_atomics+0x10/0x10 [ 16.386021] ? __pfx_read_tsc+0x10/0x10 [ 16.386044] ? ktime_get_ts64+0x86/0x230 [ 16.386071] kunit_try_run_case+0x1a5/0x480 [ 16.386097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.386122] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.386149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.386174] ? __kthread_parkme+0x82/0x180 [ 16.386197] ? preempt_count_sub+0x50/0x80 [ 16.386223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.386250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.386275] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.386303] kthread+0x337/0x6f0 [ 16.386323] ? trace_preempt_on+0x20/0xc0 [ 16.386348] ? __pfx_kthread+0x10/0x10 [ 16.386371] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.386394] ? calculate_sigpending+0x7b/0xa0 [ 16.386581] ? __pfx_kthread+0x10/0x10 [ 16.386605] ret_from_fork+0x116/0x1d0 [ 16.386626] ? __pfx_kthread+0x10/0x10 [ 16.386649] ret_from_fork_asm+0x1a/0x30 [ 16.386681] </TASK> [ 16.386692] [ 16.395968] Allocated by task 283: [ 16.396152] kasan_save_stack+0x45/0x70 [ 16.396352] kasan_save_track+0x18/0x40 [ 16.396899] kasan_save_alloc_info+0x3b/0x50 [ 16.397100] __kasan_kmalloc+0xb7/0xc0 [ 16.397249] __kmalloc_cache_noprof+0x189/0x420 [ 16.397609] kasan_atomics+0x95/0x310 [ 16.397783] kunit_try_run_case+0x1a5/0x480 [ 16.398112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.398460] kthread+0x337/0x6f0 [ 16.398601] ret_from_fork+0x116/0x1d0 [ 16.398798] ret_from_fork_asm+0x1a/0x30 [ 16.399117] [ 16.399317] The buggy address belongs to the object at ffff8881026d6200 [ 16.399317] which belongs to the cache kmalloc-64 of size 64 [ 16.399960] The buggy address is located 0 bytes to the right of [ 16.399960] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.400442] [ 16.400794] The buggy address belongs to the physical page: [ 16.401050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.401468] flags: 0x200000000000000(node=0|zone=2) [ 16.401771] page_type: f5(slab) [ 16.401983] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.402379] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.402886] page dumped because: kasan: bad access detected [ 16.403182] [ 16.403269] Memory state around the buggy address: [ 16.403498] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.403938] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.404306] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.404694] ^ [ 16.405033] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.405354] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.405796] ================================================================== [ 15.069418] ================================================================== [ 15.070264] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 15.070710] Read of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.070998] [ 15.071109] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.071155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.071166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.071188] Call Trace: [ 15.071201] <TASK> [ 15.071215] dump_stack_lvl+0x73/0xb0 [ 15.071245] print_report+0xd1/0x610 [ 15.071269] ? __virt_addr_valid+0x1db/0x2d0 [ 15.071294] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.071317] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.071341] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.071363] kasan_report+0x141/0x180 [ 15.071385] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.071412] __asan_report_load4_noabort+0x18/0x20 [ 15.071438] kasan_atomics_helper+0x4bbc/0x5450 [ 15.071493] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.071517] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.071554] kasan_atomics+0x1dc/0x310 [ 15.071578] ? __pfx_kasan_atomics+0x10/0x10 [ 15.071603] ? __pfx_read_tsc+0x10/0x10 [ 15.071625] ? ktime_get_ts64+0x86/0x230 [ 15.071650] kunit_try_run_case+0x1a5/0x480 [ 15.071675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.071699] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.071723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.071748] ? __kthread_parkme+0x82/0x180 [ 15.071771] ? preempt_count_sub+0x50/0x80 [ 15.071796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.071820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.071845] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.071872] kthread+0x337/0x6f0 [ 15.071891] ? trace_preempt_on+0x20/0xc0 [ 15.071916] ? __pfx_kthread+0x10/0x10 [ 15.071936] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.071957] ? calculate_sigpending+0x7b/0xa0 [ 15.071983] ? __pfx_kthread+0x10/0x10 [ 15.072005] ret_from_fork+0x116/0x1d0 [ 15.072023] ? __pfx_kthread+0x10/0x10 [ 15.072045] ret_from_fork_asm+0x1a/0x30 [ 15.072077] </TASK> [ 15.072087] [ 15.079872] Allocated by task 283: [ 15.080053] kasan_save_stack+0x45/0x70 [ 15.080228] kasan_save_track+0x18/0x40 [ 15.080370] kasan_save_alloc_info+0x3b/0x50 [ 15.080668] __kasan_kmalloc+0xb7/0xc0 [ 15.080861] __kmalloc_cache_noprof+0x189/0x420 [ 15.081079] kasan_atomics+0x95/0x310 [ 15.081265] kunit_try_run_case+0x1a5/0x480 [ 15.081412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.081849] kthread+0x337/0x6f0 [ 15.082035] ret_from_fork+0x116/0x1d0 [ 15.082199] ret_from_fork_asm+0x1a/0x30 [ 15.082374] [ 15.082484] The buggy address belongs to the object at ffff8881026d6200 [ 15.082484] which belongs to the cache kmalloc-64 of size 64 [ 15.082988] The buggy address is located 0 bytes to the right of [ 15.082988] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.083397] [ 15.083533] The buggy address belongs to the physical page: [ 15.083861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.084213] flags: 0x200000000000000(node=0|zone=2) [ 15.084398] page_type: f5(slab) [ 15.084623] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.084941] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.085281] page dumped because: kasan: bad access detected [ 15.085742] [ 15.085846] Memory state around the buggy address: [ 15.086074] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.086342] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.086792] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.087077] ^ [ 15.087287] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087665] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087957] ================================================================== [ 15.256004] ================================================================== [ 15.256264] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.256626] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.257015] [ 15.257127] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.257199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.257212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.257235] Call Trace: [ 15.257253] <TASK> [ 15.257270] dump_stack_lvl+0x73/0xb0 [ 15.257300] print_report+0xd1/0x610 [ 15.257326] ? __virt_addr_valid+0x1db/0x2d0 [ 15.257353] ? kasan_atomics_helper+0x565/0x5450 [ 15.257377] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.257402] ? kasan_atomics_helper+0x565/0x5450 [ 15.257494] kasan_report+0x141/0x180 [ 15.257518] ? kasan_atomics_helper+0x565/0x5450 [ 15.257557] kasan_check_range+0x10c/0x1c0 [ 15.257585] __kasan_check_write+0x18/0x20 [ 15.257606] kasan_atomics_helper+0x565/0x5450 [ 15.257631] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.257656] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.257690] kasan_atomics+0x1dc/0x310 [ 15.257714] ? __pfx_kasan_atomics+0x10/0x10 [ 15.257740] ? __pfx_read_tsc+0x10/0x10 [ 15.257764] ? ktime_get_ts64+0x86/0x230 [ 15.257790] kunit_try_run_case+0x1a5/0x480 [ 15.257816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.257841] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.257867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.257894] ? __kthread_parkme+0x82/0x180 [ 15.257917] ? preempt_count_sub+0x50/0x80 [ 15.257943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.257969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.257996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.258023] kthread+0x337/0x6f0 [ 15.258043] ? trace_preempt_on+0x20/0xc0 [ 15.258068] ? __pfx_kthread+0x10/0x10 [ 15.258090] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.258114] ? calculate_sigpending+0x7b/0xa0 [ 15.258140] ? __pfx_kthread+0x10/0x10 [ 15.258163] ret_from_fork+0x116/0x1d0 [ 15.258184] ? __pfx_kthread+0x10/0x10 [ 15.258206] ret_from_fork_asm+0x1a/0x30 [ 15.258239] </TASK> [ 15.258250] [ 15.266787] Allocated by task 283: [ 15.267037] kasan_save_stack+0x45/0x70 [ 15.267183] kasan_save_track+0x18/0x40 [ 15.267316] kasan_save_alloc_info+0x3b/0x50 [ 15.267674] __kasan_kmalloc+0xb7/0xc0 [ 15.267956] __kmalloc_cache_noprof+0x189/0x420 [ 15.268184] kasan_atomics+0x95/0x310 [ 15.268563] kunit_try_run_case+0x1a5/0x480 [ 15.268773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.269027] kthread+0x337/0x6f0 [ 15.269195] ret_from_fork+0x116/0x1d0 [ 15.269551] ret_from_fork_asm+0x1a/0x30 [ 15.269755] [ 15.269856] The buggy address belongs to the object at ffff8881026d6200 [ 15.269856] which belongs to the cache kmalloc-64 of size 64 [ 15.270313] The buggy address is located 0 bytes to the right of [ 15.270313] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.270973] [ 15.271137] The buggy address belongs to the physical page: [ 15.271766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.272345] flags: 0x200000000000000(node=0|zone=2) [ 15.272848] page_type: f5(slab) [ 15.273194] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.273608] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.273836] page dumped because: kasan: bad access detected [ 15.274005] [ 15.274074] Memory state around the buggy address: [ 15.274227] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.274620] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.275279] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.275950] ^ [ 15.276426] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.277065] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.277705] ================================================================== [ 15.307473] ================================================================== [ 15.308213] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.309052] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.309861] [ 15.310093] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.310139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.310152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.310175] Call Trace: [ 15.310193] <TASK> [ 15.310211] dump_stack_lvl+0x73/0xb0 [ 15.310253] print_report+0xd1/0x610 [ 15.310278] ? __virt_addr_valid+0x1db/0x2d0 [ 15.310303] ? kasan_atomics_helper+0x697/0x5450 [ 15.310337] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.310362] ? kasan_atomics_helper+0x697/0x5450 [ 15.310386] kasan_report+0x141/0x180 [ 15.310416] ? kasan_atomics_helper+0x697/0x5450 [ 15.310474] kasan_check_range+0x10c/0x1c0 [ 15.310500] __kasan_check_write+0x18/0x20 [ 15.310532] kasan_atomics_helper+0x697/0x5450 [ 15.310556] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.310581] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.310614] kasan_atomics+0x1dc/0x310 [ 15.310638] ? __pfx_kasan_atomics+0x10/0x10 [ 15.310664] ? __pfx_read_tsc+0x10/0x10 [ 15.310687] ? ktime_get_ts64+0x86/0x230 [ 15.310713] kunit_try_run_case+0x1a5/0x480 [ 15.310740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.310765] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.310792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.310818] ? __kthread_parkme+0x82/0x180 [ 15.310841] ? preempt_count_sub+0x50/0x80 [ 15.310867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.310897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.310924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.310953] kthread+0x337/0x6f0 [ 15.310974] ? trace_preempt_on+0x20/0xc0 [ 15.311000] ? __pfx_kthread+0x10/0x10 [ 15.311023] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.311046] ? calculate_sigpending+0x7b/0xa0 [ 15.311073] ? __pfx_kthread+0x10/0x10 [ 15.311097] ret_from_fork+0x116/0x1d0 [ 15.311118] ? __pfx_kthread+0x10/0x10 [ 15.311140] ret_from_fork_asm+0x1a/0x30 [ 15.311174] </TASK> [ 15.311186] [ 15.318783] Allocated by task 283: [ 15.318911] kasan_save_stack+0x45/0x70 [ 15.319052] kasan_save_track+0x18/0x40 [ 15.319226] kasan_save_alloc_info+0x3b/0x50 [ 15.319478] __kasan_kmalloc+0xb7/0xc0 [ 15.319691] __kmalloc_cache_noprof+0x189/0x420 [ 15.319950] kasan_atomics+0x95/0x310 [ 15.320142] kunit_try_run_case+0x1a5/0x480 [ 15.320382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.320639] kthread+0x337/0x6f0 [ 15.320771] ret_from_fork+0x116/0x1d0 [ 15.320962] ret_from_fork_asm+0x1a/0x30 [ 15.321162] [ 15.321262] The buggy address belongs to the object at ffff8881026d6200 [ 15.321262] which belongs to the cache kmalloc-64 of size 64 [ 15.321789] The buggy address is located 0 bytes to the right of [ 15.321789] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.322297] [ 15.322371] The buggy address belongs to the physical page: [ 15.322566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.322800] flags: 0x200000000000000(node=0|zone=2) [ 15.322978] page_type: f5(slab) [ 15.323164] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.323525] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.323851] page dumped because: kasan: bad access detected [ 15.324055] [ 15.324168] Memory state around the buggy address: [ 15.324340] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.324586] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.324794] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.325117] ^ [ 15.325375] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.325758] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.326086] ================================================================== [ 15.914618] ================================================================== [ 15.915369] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.915722] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.916106] [ 15.916232] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.916286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.916299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.916323] Call Trace: [ 15.916341] <TASK> [ 15.916360] dump_stack_lvl+0x73/0xb0 [ 15.916391] print_report+0xd1/0x610 [ 15.916417] ? __virt_addr_valid+0x1db/0x2d0 [ 15.916443] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.916477] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.916696] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.916723] kasan_report+0x141/0x180 [ 15.916747] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.916776] kasan_check_range+0x10c/0x1c0 [ 15.916801] __kasan_check_write+0x18/0x20 [ 15.916822] kasan_atomics_helper+0x15b6/0x5450 [ 15.916847] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.916872] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.916904] kasan_atomics+0x1dc/0x310 [ 15.916929] ? __pfx_kasan_atomics+0x10/0x10 [ 15.916956] ? __pfx_read_tsc+0x10/0x10 [ 15.916978] ? ktime_get_ts64+0x86/0x230 [ 15.917005] kunit_try_run_case+0x1a5/0x480 [ 15.917032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.917057] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.917084] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.917109] ? __kthread_parkme+0x82/0x180 [ 15.917132] ? preempt_count_sub+0x50/0x80 [ 15.917158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.917184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.917210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.917237] kthread+0x337/0x6f0 [ 15.917258] ? trace_preempt_on+0x20/0xc0 [ 15.917283] ? __pfx_kthread+0x10/0x10 [ 15.917305] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.917329] ? calculate_sigpending+0x7b/0xa0 [ 15.917356] ? __pfx_kthread+0x10/0x10 [ 15.917378] ret_from_fork+0x116/0x1d0 [ 15.917398] ? __pfx_kthread+0x10/0x10 [ 15.917434] ret_from_fork_asm+0x1a/0x30 [ 15.917477] </TASK> [ 15.917488] [ 15.926840] Allocated by task 283: [ 15.927169] kasan_save_stack+0x45/0x70 [ 15.927352] kasan_save_track+0x18/0x40 [ 15.927763] kasan_save_alloc_info+0x3b/0x50 [ 15.927953] __kasan_kmalloc+0xb7/0xc0 [ 15.928250] __kmalloc_cache_noprof+0x189/0x420 [ 15.928541] kasan_atomics+0x95/0x310 [ 15.928789] kunit_try_run_case+0x1a5/0x480 [ 15.929060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.929286] kthread+0x337/0x6f0 [ 15.929443] ret_from_fork+0x116/0x1d0 [ 15.929814] ret_from_fork_asm+0x1a/0x30 [ 15.930014] [ 15.930104] The buggy address belongs to the object at ffff8881026d6200 [ 15.930104] which belongs to the cache kmalloc-64 of size 64 [ 15.930820] The buggy address is located 0 bytes to the right of [ 15.930820] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.931439] [ 15.931657] The buggy address belongs to the physical page: [ 15.931956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.932267] flags: 0x200000000000000(node=0|zone=2) [ 15.932538] page_type: f5(slab) [ 15.932854] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.933246] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.933591] page dumped because: kasan: bad access detected [ 15.933936] [ 15.934037] Memory state around the buggy address: [ 15.934238] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.934754] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.935057] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.935446] ^ [ 15.935663] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.936073] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.936437] ================================================================== [ 16.158828] ================================================================== [ 16.159164] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.159399] Read of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.159714] [ 16.159828] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.159879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.159894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.159917] Call Trace: [ 16.159936] <TASK> [ 16.159956] dump_stack_lvl+0x73/0xb0 [ 16.159985] print_report+0xd1/0x610 [ 16.160009] ? __virt_addr_valid+0x1db/0x2d0 [ 16.160032] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.160054] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.160077] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.160099] kasan_report+0x141/0x180 [ 16.160121] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.160147] __asan_report_load8_noabort+0x18/0x20 [ 16.160172] kasan_atomics_helper+0x4f30/0x5450 [ 16.160195] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.160217] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.160250] kasan_atomics+0x1dc/0x310 [ 16.160273] ? __pfx_kasan_atomics+0x10/0x10 [ 16.160302] ? __pfx_read_tsc+0x10/0x10 [ 16.160323] ? ktime_get_ts64+0x86/0x230 [ 16.160348] kunit_try_run_case+0x1a5/0x480 [ 16.160373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.160398] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.160423] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.160447] ? __kthread_parkme+0x82/0x180 [ 16.160499] ? preempt_count_sub+0x50/0x80 [ 16.160525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.160558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.160593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.160621] kthread+0x337/0x6f0 [ 16.160642] ? trace_preempt_on+0x20/0xc0 [ 16.160668] ? __pfx_kthread+0x10/0x10 [ 16.160690] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.160714] ? calculate_sigpending+0x7b/0xa0 [ 16.160740] ? __pfx_kthread+0x10/0x10 [ 16.160763] ret_from_fork+0x116/0x1d0 [ 16.160784] ? __pfx_kthread+0x10/0x10 [ 16.160808] ret_from_fork_asm+0x1a/0x30 [ 16.160843] </TASK> [ 16.160856] [ 16.168238] Allocated by task 283: [ 16.168432] kasan_save_stack+0x45/0x70 [ 16.168645] kasan_save_track+0x18/0x40 [ 16.168838] kasan_save_alloc_info+0x3b/0x50 [ 16.169045] __kasan_kmalloc+0xb7/0xc0 [ 16.169179] __kmalloc_cache_noprof+0x189/0x420 [ 16.169338] kasan_atomics+0x95/0x310 [ 16.169621] kunit_try_run_case+0x1a5/0x480 [ 16.169832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.170088] kthread+0x337/0x6f0 [ 16.170263] ret_from_fork+0x116/0x1d0 [ 16.170437] ret_from_fork_asm+0x1a/0x30 [ 16.170616] [ 16.170714] The buggy address belongs to the object at ffff8881026d6200 [ 16.170714] which belongs to the cache kmalloc-64 of size 64 [ 16.171136] The buggy address is located 0 bytes to the right of [ 16.171136] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.171693] [ 16.171784] The buggy address belongs to the physical page: [ 16.171963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.172204] flags: 0x200000000000000(node=0|zone=2) [ 16.172374] page_type: f5(slab) [ 16.172703] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.173053] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.173411] page dumped because: kasan: bad access detected [ 16.173657] [ 16.173750] Memory state around the buggy address: [ 16.173958] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.174184] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.174399] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.174729] ^ [ 16.174957] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.175284] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.176840] ================================================================== [ 16.253210] ================================================================== [ 16.253714] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.254230] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.254539] [ 16.254732] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.254780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.254793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.254816] Call Trace: [ 16.254836] <TASK> [ 16.254855] dump_stack_lvl+0x73/0xb0 [ 16.254886] print_report+0xd1/0x610 [ 16.254911] ? __virt_addr_valid+0x1db/0x2d0 [ 16.254936] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.254959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.254985] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.255010] kasan_report+0x141/0x180 [ 16.255035] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.255063] kasan_check_range+0x10c/0x1c0 [ 16.255088] __kasan_check_write+0x18/0x20 [ 16.255109] kasan_atomics_helper+0x1eaa/0x5450 [ 16.255134] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.255158] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.255191] kasan_atomics+0x1dc/0x310 [ 16.255215] ? __pfx_kasan_atomics+0x10/0x10 [ 16.255241] ? __pfx_read_tsc+0x10/0x10 [ 16.255263] ? ktime_get_ts64+0x86/0x230 [ 16.255289] kunit_try_run_case+0x1a5/0x480 [ 16.255316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.255341] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.255367] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.255393] ? __kthread_parkme+0x82/0x180 [ 16.255425] ? preempt_count_sub+0x50/0x80 [ 16.255462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.255489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.255515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.255542] kthread+0x337/0x6f0 [ 16.255563] ? trace_preempt_on+0x20/0xc0 [ 16.255626] ? __pfx_kthread+0x10/0x10 [ 16.255673] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.255721] ? calculate_sigpending+0x7b/0xa0 [ 16.255815] ? __pfx_kthread+0x10/0x10 [ 16.255862] ret_from_fork+0x116/0x1d0 [ 16.255884] ? __pfx_kthread+0x10/0x10 [ 16.255906] ret_from_fork_asm+0x1a/0x30 [ 16.255940] </TASK> [ 16.255952] [ 16.263633] Allocated by task 283: [ 16.263884] kasan_save_stack+0x45/0x70 [ 16.264109] kasan_save_track+0x18/0x40 [ 16.264248] kasan_save_alloc_info+0x3b/0x50 [ 16.264399] __kasan_kmalloc+0xb7/0xc0 [ 16.264646] __kmalloc_cache_noprof+0x189/0x420 [ 16.264898] kasan_atomics+0x95/0x310 [ 16.265118] kunit_try_run_case+0x1a5/0x480 [ 16.265331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.265587] kthread+0x337/0x6f0 [ 16.265790] ret_from_fork+0x116/0x1d0 [ 16.265987] ret_from_fork_asm+0x1a/0x30 [ 16.266166] [ 16.266296] The buggy address belongs to the object at ffff8881026d6200 [ 16.266296] which belongs to the cache kmalloc-64 of size 64 [ 16.266772] The buggy address is located 0 bytes to the right of [ 16.266772] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.267332] [ 16.267473] The buggy address belongs to the physical page: [ 16.267692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.267928] flags: 0x200000000000000(node=0|zone=2) [ 16.268092] page_type: f5(slab) [ 16.268211] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.268520] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.268742] page dumped because: kasan: bad access detected [ 16.269149] [ 16.269303] Memory state around the buggy address: [ 16.269586] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.270045] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.270386] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.270618] ^ [ 16.270777] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.270993] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.271209] ================================================================== [ 15.622876] ================================================================== [ 15.623232] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.623619] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.623948] [ 15.624067] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.624112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.624135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.624158] Call Trace: [ 15.624177] <TASK> [ 15.624206] dump_stack_lvl+0x73/0xb0 [ 15.624236] print_report+0xd1/0x610 [ 15.624259] ? __virt_addr_valid+0x1db/0x2d0 [ 15.624297] ? kasan_atomics_helper+0x1079/0x5450 [ 15.624321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.624347] ? kasan_atomics_helper+0x1079/0x5450 [ 15.624381] kasan_report+0x141/0x180 [ 15.624430] ? kasan_atomics_helper+0x1079/0x5450 [ 15.624472] kasan_check_range+0x10c/0x1c0 [ 15.624498] __kasan_check_write+0x18/0x20 [ 15.624519] kasan_atomics_helper+0x1079/0x5450 [ 15.624545] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.624570] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.624604] kasan_atomics+0x1dc/0x310 [ 15.624629] ? __pfx_kasan_atomics+0x10/0x10 [ 15.624655] ? __pfx_read_tsc+0x10/0x10 [ 15.624678] ? ktime_get_ts64+0x86/0x230 [ 15.624704] kunit_try_run_case+0x1a5/0x480 [ 15.624731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.624757] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.624783] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.624809] ? __kthread_parkme+0x82/0x180 [ 15.624833] ? preempt_count_sub+0x50/0x80 [ 15.624859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.624886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.624914] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.624942] kthread+0x337/0x6f0 [ 15.624971] ? trace_preempt_on+0x20/0xc0 [ 15.624997] ? __pfx_kthread+0x10/0x10 [ 15.625019] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.625054] ? calculate_sigpending+0x7b/0xa0 [ 15.625090] ? __pfx_kthread+0x10/0x10 [ 15.625113] ret_from_fork+0x116/0x1d0 [ 15.625134] ? __pfx_kthread+0x10/0x10 [ 15.625167] ret_from_fork_asm+0x1a/0x30 [ 15.625200] </TASK> [ 15.625211] [ 15.632295] Allocated by task 283: [ 15.632536] kasan_save_stack+0x45/0x70 [ 15.632763] kasan_save_track+0x18/0x40 [ 15.632958] kasan_save_alloc_info+0x3b/0x50 [ 15.633194] __kasan_kmalloc+0xb7/0xc0 [ 15.633384] __kmalloc_cache_noprof+0x189/0x420 [ 15.633651] kasan_atomics+0x95/0x310 [ 15.633843] kunit_try_run_case+0x1a5/0x480 [ 15.634035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.634299] kthread+0x337/0x6f0 [ 15.634503] ret_from_fork+0x116/0x1d0 [ 15.634693] ret_from_fork_asm+0x1a/0x30 [ 15.634896] [ 15.635008] The buggy address belongs to the object at ffff8881026d6200 [ 15.635008] which belongs to the cache kmalloc-64 of size 64 [ 15.635524] The buggy address is located 0 bytes to the right of [ 15.635524] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.636022] [ 15.636118] The buggy address belongs to the physical page: [ 15.636359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.636727] flags: 0x200000000000000(node=0|zone=2) [ 15.636968] page_type: f5(slab) [ 15.637092] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.637325] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.637588] page dumped because: kasan: bad access detected [ 15.637802] [ 15.637907] Memory state around the buggy address: [ 15.638130] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.638480] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.638797] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.639076] ^ [ 15.639232] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.639479] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.639694] ================================================================== [ 15.416898] ================================================================== [ 15.417242] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.417744] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.418036] [ 15.418150] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.418199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.418212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.418236] Call Trace: [ 15.418253] <TASK> [ 15.418271] dump_stack_lvl+0x73/0xb0 [ 15.418301] print_report+0xd1/0x610 [ 15.418325] ? __virt_addr_valid+0x1db/0x2d0 [ 15.418349] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.418373] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.418419] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.418444] kasan_report+0x141/0x180 [ 15.418477] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.418505] kasan_check_range+0x10c/0x1c0 [ 15.418531] __kasan_check_write+0x18/0x20 [ 15.418553] kasan_atomics_helper+0xa2b/0x5450 [ 15.418577] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.418603] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.418635] kasan_atomics+0x1dc/0x310 [ 15.418660] ? __pfx_kasan_atomics+0x10/0x10 [ 15.418686] ? __pfx_read_tsc+0x10/0x10 [ 15.418710] ? ktime_get_ts64+0x86/0x230 [ 15.418735] kunit_try_run_case+0x1a5/0x480 [ 15.418761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.418796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.418822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.418859] ? __kthread_parkme+0x82/0x180 [ 15.418885] ? preempt_count_sub+0x50/0x80 [ 15.418911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.418937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.418973] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.419000] kthread+0x337/0x6f0 [ 15.419031] ? trace_preempt_on+0x20/0xc0 [ 15.419057] ? __pfx_kthread+0x10/0x10 [ 15.419079] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.419103] ? calculate_sigpending+0x7b/0xa0 [ 15.419138] ? __pfx_kthread+0x10/0x10 [ 15.419162] ret_from_fork+0x116/0x1d0 [ 15.419182] ? __pfx_kthread+0x10/0x10 [ 15.419214] ret_from_fork_asm+0x1a/0x30 [ 15.419247] </TASK> [ 15.419258] [ 15.427905] Allocated by task 283: [ 15.428090] kasan_save_stack+0x45/0x70 [ 15.428242] kasan_save_track+0x18/0x40 [ 15.428481] kasan_save_alloc_info+0x3b/0x50 [ 15.428729] __kasan_kmalloc+0xb7/0xc0 [ 15.428946] __kmalloc_cache_noprof+0x189/0x420 [ 15.429163] kasan_atomics+0x95/0x310 [ 15.429315] kunit_try_run_case+0x1a5/0x480 [ 15.429573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.429799] kthread+0x337/0x6f0 [ 15.429975] ret_from_fork+0x116/0x1d0 [ 15.430180] ret_from_fork_asm+0x1a/0x30 [ 15.430325] [ 15.430417] The buggy address belongs to the object at ffff8881026d6200 [ 15.430417] which belongs to the cache kmalloc-64 of size 64 [ 15.430946] The buggy address is located 0 bytes to the right of [ 15.430946] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.431332] [ 15.431467] The buggy address belongs to the physical page: [ 15.431752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.432107] flags: 0x200000000000000(node=0|zone=2) [ 15.432373] page_type: f5(slab) [ 15.432570] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.432882] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.433199] page dumped because: kasan: bad access detected [ 15.433465] [ 15.433561] Memory state around the buggy address: [ 15.433765] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.434051] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.434350] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.434639] ^ [ 15.434887] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.435132] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.435474] ================================================================== [ 16.362404] ================================================================== [ 16.363021] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.363316] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.363855] [ 16.363953] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.364035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.364060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.364096] Call Trace: [ 16.364117] <TASK> [ 16.364136] dump_stack_lvl+0x73/0xb0 [ 16.364167] print_report+0xd1/0x610 [ 16.364192] ? __virt_addr_valid+0x1db/0x2d0 [ 16.364218] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.364241] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.364267] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.364295] kasan_report+0x141/0x180 [ 16.364319] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.364348] kasan_check_range+0x10c/0x1c0 [ 16.364403] __kasan_check_write+0x18/0x20 [ 16.364436] kasan_atomics_helper+0x20c8/0x5450 [ 16.364480] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.364505] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.364537] kasan_atomics+0x1dc/0x310 [ 16.364562] ? __pfx_kasan_atomics+0x10/0x10 [ 16.364589] ? __pfx_read_tsc+0x10/0x10 [ 16.364611] ? ktime_get_ts64+0x86/0x230 [ 16.364638] kunit_try_run_case+0x1a5/0x480 [ 16.364665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.364690] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.364717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.364742] ? __kthread_parkme+0x82/0x180 [ 16.364764] ? preempt_count_sub+0x50/0x80 [ 16.364790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.364816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.364843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.364871] kthread+0x337/0x6f0 [ 16.364891] ? trace_preempt_on+0x20/0xc0 [ 16.364916] ? __pfx_kthread+0x10/0x10 [ 16.364938] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.364961] ? calculate_sigpending+0x7b/0xa0 [ 16.364988] ? __pfx_kthread+0x10/0x10 [ 16.365010] ret_from_fork+0x116/0x1d0 [ 16.365061] ? __pfx_kthread+0x10/0x10 [ 16.365083] ret_from_fork_asm+0x1a/0x30 [ 16.365116] </TASK> [ 16.365137] [ 16.372983] Allocated by task 283: [ 16.373144] kasan_save_stack+0x45/0x70 [ 16.373387] kasan_save_track+0x18/0x40 [ 16.373599] kasan_save_alloc_info+0x3b/0x50 [ 16.373754] __kasan_kmalloc+0xb7/0xc0 [ 16.373890] __kmalloc_cache_noprof+0x189/0x420 [ 16.374069] kasan_atomics+0x95/0x310 [ 16.374291] kunit_try_run_case+0x1a5/0x480 [ 16.374520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.374782] kthread+0x337/0x6f0 [ 16.375085] ret_from_fork+0x116/0x1d0 [ 16.375306] ret_from_fork_asm+0x1a/0x30 [ 16.375808] [ 16.375949] The buggy address belongs to the object at ffff8881026d6200 [ 16.375949] which belongs to the cache kmalloc-64 of size 64 [ 16.377231] The buggy address is located 0 bytes to the right of [ 16.377231] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.377823] [ 16.377926] The buggy address belongs to the physical page: [ 16.378148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.378731] flags: 0x200000000000000(node=0|zone=2) [ 16.378933] page_type: f5(slab) [ 16.379111] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.379639] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.379928] page dumped because: kasan: bad access detected [ 16.380172] [ 16.380249] Memory state around the buggy address: [ 16.380701] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.381050] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.381303] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.381798] ^ [ 16.382103] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.382353] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.382845] ================================================================== [ 15.111688] ================================================================== [ 15.112816] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 15.113090] Read of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.113317] [ 15.113403] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.113735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.113952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.113979] Call Trace: [ 15.113993] <TASK> [ 15.114022] dump_stack_lvl+0x73/0xb0 [ 15.114054] print_report+0xd1/0x610 [ 15.114078] ? __virt_addr_valid+0x1db/0x2d0 [ 15.114101] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.114123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.114147] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.114170] kasan_report+0x141/0x180 [ 15.114192] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.114218] __asan_report_load4_noabort+0x18/0x20 [ 15.114244] kasan_atomics_helper+0x4b88/0x5450 [ 15.114267] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.114290] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.114322] kasan_atomics+0x1dc/0x310 [ 15.114345] ? __pfx_kasan_atomics+0x10/0x10 [ 15.114369] ? __pfx_read_tsc+0x10/0x10 [ 15.114391] ? ktime_get_ts64+0x86/0x230 [ 15.114431] kunit_try_run_case+0x1a5/0x480 [ 15.114469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.114492] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.114518] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.114542] ? __kthread_parkme+0x82/0x180 [ 15.114593] ? preempt_count_sub+0x50/0x80 [ 15.114618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.114644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.114669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.114695] kthread+0x337/0x6f0 [ 15.114715] ? trace_preempt_on+0x20/0xc0 [ 15.114738] ? __pfx_kthread+0x10/0x10 [ 15.114760] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.114782] ? calculate_sigpending+0x7b/0xa0 [ 15.114806] ? __pfx_kthread+0x10/0x10 [ 15.114828] ret_from_fork+0x116/0x1d0 [ 15.114848] ? __pfx_kthread+0x10/0x10 [ 15.114869] ret_from_fork_asm+0x1a/0x30 [ 15.114900] </TASK> [ 15.114910] [ 15.132707] Allocated by task 283: [ 15.133077] kasan_save_stack+0x45/0x70 [ 15.133702] kasan_save_track+0x18/0x40 [ 15.134103] kasan_save_alloc_info+0x3b/0x50 [ 15.134305] __kasan_kmalloc+0xb7/0xc0 [ 15.134462] __kmalloc_cache_noprof+0x189/0x420 [ 15.134928] kasan_atomics+0x95/0x310 [ 15.135397] kunit_try_run_case+0x1a5/0x480 [ 15.135826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.136320] kthread+0x337/0x6f0 [ 15.136716] ret_from_fork+0x116/0x1d0 [ 15.137082] ret_from_fork_asm+0x1a/0x30 [ 15.137465] [ 15.137667] The buggy address belongs to the object at ffff8881026d6200 [ 15.137667] which belongs to the cache kmalloc-64 of size 64 [ 15.138583] The buggy address is located 0 bytes to the right of [ 15.138583] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.139165] [ 15.139242] The buggy address belongs to the physical page: [ 15.139431] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.140277] flags: 0x200000000000000(node=0|zone=2) [ 15.140809] page_type: f5(slab) [ 15.141165] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.141974] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.142741] page dumped because: kasan: bad access detected [ 15.143156] [ 15.143234] Memory state around the buggy address: [ 15.143701] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.144394] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.144981] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.145514] ^ [ 15.145720] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.146388] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.147149] ================================================================== [ 15.569056] ================================================================== [ 15.569305] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.569883] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.570264] [ 15.570380] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.570446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.570468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.570492] Call Trace: [ 15.570511] <TASK> [ 15.570529] dump_stack_lvl+0x73/0xb0 [ 15.570561] print_report+0xd1/0x610 [ 15.570585] ? __virt_addr_valid+0x1db/0x2d0 [ 15.570611] ? kasan_atomics_helper+0xf10/0x5450 [ 15.570634] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.570659] ? kasan_atomics_helper+0xf10/0x5450 [ 15.570683] kasan_report+0x141/0x180 [ 15.570716] ? kasan_atomics_helper+0xf10/0x5450 [ 15.570745] kasan_check_range+0x10c/0x1c0 [ 15.570770] __kasan_check_write+0x18/0x20 [ 15.570802] kasan_atomics_helper+0xf10/0x5450 [ 15.570827] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.570852] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.570894] kasan_atomics+0x1dc/0x310 [ 15.570918] ? __pfx_kasan_atomics+0x10/0x10 [ 15.570955] ? __pfx_read_tsc+0x10/0x10 [ 15.570978] ? ktime_get_ts64+0x86/0x230 [ 15.571003] kunit_try_run_case+0x1a5/0x480 [ 15.571030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.571064] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.571091] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.571127] ? __kthread_parkme+0x82/0x180 [ 15.571150] ? preempt_count_sub+0x50/0x80 [ 15.571177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.571203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.571230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.571257] kthread+0x337/0x6f0 [ 15.571278] ? trace_preempt_on+0x20/0xc0 [ 15.571304] ? __pfx_kthread+0x10/0x10 [ 15.571326] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.571349] ? calculate_sigpending+0x7b/0xa0 [ 15.571375] ? __pfx_kthread+0x10/0x10 [ 15.571416] ret_from_fork+0x116/0x1d0 [ 15.571437] ? __pfx_kthread+0x10/0x10 [ 15.571467] ret_from_fork_asm+0x1a/0x30 [ 15.571509] </TASK> [ 15.571520] [ 15.578997] Allocated by task 283: [ 15.579178] kasan_save_stack+0x45/0x70 [ 15.579324] kasan_save_track+0x18/0x40 [ 15.579490] kasan_save_alloc_info+0x3b/0x50 [ 15.579663] __kasan_kmalloc+0xb7/0xc0 [ 15.579875] __kmalloc_cache_noprof+0x189/0x420 [ 15.580099] kasan_atomics+0x95/0x310 [ 15.580291] kunit_try_run_case+0x1a5/0x480 [ 15.580533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.580726] kthread+0x337/0x6f0 [ 15.580915] ret_from_fork+0x116/0x1d0 [ 15.581089] ret_from_fork_asm+0x1a/0x30 [ 15.581230] [ 15.581302] The buggy address belongs to the object at ffff8881026d6200 [ 15.581302] which belongs to the cache kmalloc-64 of size 64 [ 15.581885] The buggy address is located 0 bytes to the right of [ 15.581885] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.582419] [ 15.582534] The buggy address belongs to the physical page: [ 15.582764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.583108] flags: 0x200000000000000(node=0|zone=2) [ 15.583336] page_type: f5(slab) [ 15.583514] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.583846] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.584169] page dumped because: kasan: bad access detected [ 15.584422] [ 15.584544] Memory state around the buggy address: [ 15.584734] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.584950] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.585166] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.585421] ^ [ 15.585667] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.585979] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.586293] ================================================================== [ 15.587561] ================================================================== [ 15.587917] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.588224] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.588521] [ 15.588636] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.588682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.588695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.588718] Call Trace: [ 15.588736] <TASK> [ 15.588755] dump_stack_lvl+0x73/0xb0 [ 15.588784] print_report+0xd1/0x610 [ 15.588807] ? __virt_addr_valid+0x1db/0x2d0 [ 15.588830] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.588852] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.588876] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.588898] kasan_report+0x141/0x180 [ 15.588921] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.588947] kasan_check_range+0x10c/0x1c0 [ 15.588972] __kasan_check_write+0x18/0x20 [ 15.588991] kasan_atomics_helper+0xfa9/0x5450 [ 15.589015] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.589037] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.589068] kasan_atomics+0x1dc/0x310 [ 15.589092] ? __pfx_kasan_atomics+0x10/0x10 [ 15.589116] ? __pfx_read_tsc+0x10/0x10 [ 15.589138] ? ktime_get_ts64+0x86/0x230 [ 15.589162] kunit_try_run_case+0x1a5/0x480 [ 15.589187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.589210] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.589234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.589258] ? __kthread_parkme+0x82/0x180 [ 15.589279] ? preempt_count_sub+0x50/0x80 [ 15.589303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.589328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.589352] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.589378] kthread+0x337/0x6f0 [ 15.589397] ? trace_preempt_on+0x20/0xc0 [ 15.589422] ? __pfx_kthread+0x10/0x10 [ 15.589443] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.589573] ? calculate_sigpending+0x7b/0xa0 [ 15.589601] ? __pfx_kthread+0x10/0x10 [ 15.589625] ret_from_fork+0x116/0x1d0 [ 15.589646] ? __pfx_kthread+0x10/0x10 [ 15.589669] ret_from_fork_asm+0x1a/0x30 [ 15.589701] </TASK> [ 15.589712] [ 15.597148] Allocated by task 283: [ 15.597331] kasan_save_stack+0x45/0x70 [ 15.597556] kasan_save_track+0x18/0x40 [ 15.597695] kasan_save_alloc_info+0x3b/0x50 [ 15.597848] __kasan_kmalloc+0xb7/0xc0 [ 15.598039] __kmalloc_cache_noprof+0x189/0x420 [ 15.598284] kasan_atomics+0x95/0x310 [ 15.598509] kunit_try_run_case+0x1a5/0x480 [ 15.598719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.598935] kthread+0x337/0x6f0 [ 15.599058] ret_from_fork+0x116/0x1d0 [ 15.599247] ret_from_fork_asm+0x1a/0x30 [ 15.599482] [ 15.599599] The buggy address belongs to the object at ffff8881026d6200 [ 15.599599] which belongs to the cache kmalloc-64 of size 64 [ 15.600092] The buggy address is located 0 bytes to the right of [ 15.600092] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.600643] [ 15.600741] The buggy address belongs to the physical page: [ 15.600983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.601320] flags: 0x200000000000000(node=0|zone=2) [ 15.601586] page_type: f5(slab) [ 15.601715] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.601949] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.602182] page dumped because: kasan: bad access detected [ 15.602440] [ 15.602543] Memory state around the buggy address: [ 15.602764] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.603079] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.603422] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.603743] ^ [ 15.603959] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.604233] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.604543] ================================================================== [ 15.278721] ================================================================== [ 15.279472] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.280158] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.280717] [ 15.280895] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.280958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.280971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.280995] Call Trace: [ 15.281015] <TASK> [ 15.281044] dump_stack_lvl+0x73/0xb0 [ 15.281076] print_report+0xd1/0x610 [ 15.281101] ? __virt_addr_valid+0x1db/0x2d0 [ 15.281138] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.281161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.281186] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.281210] kasan_report+0x141/0x180 [ 15.281234] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.281262] kasan_check_range+0x10c/0x1c0 [ 15.281288] __kasan_check_write+0x18/0x20 [ 15.281308] kasan_atomics_helper+0x5fe/0x5450 [ 15.281334] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.281359] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.281410] kasan_atomics+0x1dc/0x310 [ 15.281435] ? __pfx_kasan_atomics+0x10/0x10 [ 15.281470] ? __pfx_read_tsc+0x10/0x10 [ 15.281494] ? ktime_get_ts64+0x86/0x230 [ 15.281521] kunit_try_run_case+0x1a5/0x480 [ 15.281548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.281573] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.281600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.281626] ? __kthread_parkme+0x82/0x180 [ 15.281649] ? preempt_count_sub+0x50/0x80 [ 15.281675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.281701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.281728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.281755] kthread+0x337/0x6f0 [ 15.281776] ? trace_preempt_on+0x20/0xc0 [ 15.281802] ? __pfx_kthread+0x10/0x10 [ 15.281824] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.281847] ? calculate_sigpending+0x7b/0xa0 [ 15.281873] ? __pfx_kthread+0x10/0x10 [ 15.281896] ret_from_fork+0x116/0x1d0 [ 15.281916] ? __pfx_kthread+0x10/0x10 [ 15.281939] ret_from_fork_asm+0x1a/0x30 [ 15.281971] </TASK> [ 15.281983] [ 15.294503] Allocated by task 283: [ 15.294869] kasan_save_stack+0x45/0x70 [ 15.295043] kasan_save_track+0x18/0x40 [ 15.295327] kasan_save_alloc_info+0x3b/0x50 [ 15.295764] __kasan_kmalloc+0xb7/0xc0 [ 15.296115] __kmalloc_cache_noprof+0x189/0x420 [ 15.296336] kasan_atomics+0x95/0x310 [ 15.296747] kunit_try_run_case+0x1a5/0x480 [ 15.297148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.297440] kthread+0x337/0x6f0 [ 15.297769] ret_from_fork+0x116/0x1d0 [ 15.298002] ret_from_fork_asm+0x1a/0x30 [ 15.298326] [ 15.298420] The buggy address belongs to the object at ffff8881026d6200 [ 15.298420] which belongs to the cache kmalloc-64 of size 64 [ 15.299187] The buggy address is located 0 bytes to the right of [ 15.299187] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.300187] [ 15.300368] The buggy address belongs to the physical page: [ 15.300816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.301050] flags: 0x200000000000000(node=0|zone=2) [ 15.301209] page_type: f5(slab) [ 15.301328] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.301958] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.302636] page dumped because: kasan: bad access detected [ 15.303127] [ 15.303283] Memory state around the buggy address: [ 15.303731] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.304345] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.304970] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.305354] ^ [ 15.305776] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.306346] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.306898] ================================================================== [ 16.055129] ================================================================== [ 16.055525] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 16.055852] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.056136] [ 16.056256] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.056309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.056323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.056346] Call Trace: [ 16.056364] <TASK> [ 16.056384] dump_stack_lvl+0x73/0xb0 [ 16.056870] print_report+0xd1/0x610 [ 16.056907] ? __virt_addr_valid+0x1db/0x2d0 [ 16.056933] ? kasan_atomics_helper+0x194a/0x5450 [ 16.056958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.056984] ? kasan_atomics_helper+0x194a/0x5450 [ 16.057008] kasan_report+0x141/0x180 [ 16.057032] ? kasan_atomics_helper+0x194a/0x5450 [ 16.057060] kasan_check_range+0x10c/0x1c0 [ 16.057085] __kasan_check_write+0x18/0x20 [ 16.057107] kasan_atomics_helper+0x194a/0x5450 [ 16.057131] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.057156] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.057189] kasan_atomics+0x1dc/0x310 [ 16.057214] ? __pfx_kasan_atomics+0x10/0x10 [ 16.057240] ? __pfx_read_tsc+0x10/0x10 [ 16.057263] ? ktime_get_ts64+0x86/0x230 [ 16.057290] kunit_try_run_case+0x1a5/0x480 [ 16.057317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.057342] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.057368] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.057394] ? __kthread_parkme+0x82/0x180 [ 16.057428] ? preempt_count_sub+0x50/0x80 [ 16.057466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.057492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.057519] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.057547] kthread+0x337/0x6f0 [ 16.057567] ? trace_preempt_on+0x20/0xc0 [ 16.057593] ? __pfx_kthread+0x10/0x10 [ 16.057615] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.057639] ? calculate_sigpending+0x7b/0xa0 [ 16.057665] ? __pfx_kthread+0x10/0x10 [ 16.057688] ret_from_fork+0x116/0x1d0 [ 16.057708] ? __pfx_kthread+0x10/0x10 [ 16.057730] ret_from_fork_asm+0x1a/0x30 [ 16.057763] </TASK> [ 16.057775] [ 16.066998] Allocated by task 283: [ 16.067178] kasan_save_stack+0x45/0x70 [ 16.067569] kasan_save_track+0x18/0x40 [ 16.067762] kasan_save_alloc_info+0x3b/0x50 [ 16.068075] __kasan_kmalloc+0xb7/0xc0 [ 16.068261] __kmalloc_cache_noprof+0x189/0x420 [ 16.068600] kasan_atomics+0x95/0x310 [ 16.068749] kunit_try_run_case+0x1a5/0x480 [ 16.068957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.069188] kthread+0x337/0x6f0 [ 16.069348] ret_from_fork+0x116/0x1d0 [ 16.069783] ret_from_fork_asm+0x1a/0x30 [ 16.069980] [ 16.070190] The buggy address belongs to the object at ffff8881026d6200 [ 16.070190] which belongs to the cache kmalloc-64 of size 64 [ 16.070865] The buggy address is located 0 bytes to the right of [ 16.070865] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.071432] [ 16.071607] The buggy address belongs to the physical page: [ 16.071834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.072279] flags: 0x200000000000000(node=0|zone=2) [ 16.072530] page_type: f5(slab) [ 16.072679] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.073004] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.073311] page dumped because: kasan: bad access detected [ 16.073843] [ 16.073942] Memory state around the buggy address: [ 16.074135] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.074433] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.074896] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.075244] ^ [ 16.075475] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.075902] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.076261] ================================================================== [ 16.099235] ================================================================== [ 16.099597] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 16.099984] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.100779] [ 16.100912] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.100960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.100974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.100996] Call Trace: [ 16.101016] <TASK> [ 16.101035] dump_stack_lvl+0x73/0xb0 [ 16.101066] print_report+0xd1/0x610 [ 16.101094] ? __virt_addr_valid+0x1db/0x2d0 [ 16.101119] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.101143] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.101171] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.101194] kasan_report+0x141/0x180 [ 16.101217] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.101245] kasan_check_range+0x10c/0x1c0 [ 16.101271] __kasan_check_write+0x18/0x20 [ 16.101292] kasan_atomics_helper+0x1a7f/0x5450 [ 16.101318] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.101343] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.101377] kasan_atomics+0x1dc/0x310 [ 16.101402] ? __pfx_kasan_atomics+0x10/0x10 [ 16.101607] ? __pfx_read_tsc+0x10/0x10 [ 16.101631] ? ktime_get_ts64+0x86/0x230 [ 16.101658] kunit_try_run_case+0x1a5/0x480 [ 16.101686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.101712] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.101739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.101766] ? __kthread_parkme+0x82/0x180 [ 16.101789] ? preempt_count_sub+0x50/0x80 [ 16.101815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.101842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.101869] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.101897] kthread+0x337/0x6f0 [ 16.101918] ? trace_preempt_on+0x20/0xc0 [ 16.101943] ? __pfx_kthread+0x10/0x10 [ 16.101966] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.101989] ? calculate_sigpending+0x7b/0xa0 [ 16.102016] ? __pfx_kthread+0x10/0x10 [ 16.102039] ret_from_fork+0x116/0x1d0 [ 16.102059] ? __pfx_kthread+0x10/0x10 [ 16.102082] ret_from_fork_asm+0x1a/0x30 [ 16.102116] </TASK> [ 16.102127] [ 16.111498] Allocated by task 283: [ 16.111645] kasan_save_stack+0x45/0x70 [ 16.111800] kasan_save_track+0x18/0x40 [ 16.112125] kasan_save_alloc_info+0x3b/0x50 [ 16.112526] __kasan_kmalloc+0xb7/0xc0 [ 16.112861] __kmalloc_cache_noprof+0x189/0x420 [ 16.113271] kasan_atomics+0x95/0x310 [ 16.113658] kunit_try_run_case+0x1a5/0x480 [ 16.114046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.114254] kthread+0x337/0x6f0 [ 16.114377] ret_from_fork+0x116/0x1d0 [ 16.114543] ret_from_fork_asm+0x1a/0x30 [ 16.114691] [ 16.114768] The buggy address belongs to the object at ffff8881026d6200 [ 16.114768] which belongs to the cache kmalloc-64 of size 64 [ 16.115127] The buggy address is located 0 bytes to the right of [ 16.115127] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.115672] [ 16.115832] The buggy address belongs to the physical page: [ 16.116301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.116992] flags: 0x200000000000000(node=0|zone=2) [ 16.117436] page_type: f5(slab) [ 16.117734] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.118366] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.119215] page dumped because: kasan: bad access detected [ 16.119797] [ 16.119954] Memory state around the buggy address: [ 16.120386] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.121205] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.121897] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.122561] ^ [ 16.122899] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.123115] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.123331] ================================================================== [ 15.515712] ================================================================== [ 15.516194] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.516617] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.516866] [ 15.517003] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.517050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.517063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.517087] Call Trace: [ 15.517105] <TASK> [ 15.517134] dump_stack_lvl+0x73/0xb0 [ 15.517164] print_report+0xd1/0x610 [ 15.517200] ? __virt_addr_valid+0x1db/0x2d0 [ 15.517225] ? kasan_atomics_helper+0xd47/0x5450 [ 15.517248] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.517274] ? kasan_atomics_helper+0xd47/0x5450 [ 15.517307] kasan_report+0x141/0x180 [ 15.517330] ? kasan_atomics_helper+0xd47/0x5450 [ 15.517368] kasan_check_range+0x10c/0x1c0 [ 15.517413] __kasan_check_write+0x18/0x20 [ 15.517435] kasan_atomics_helper+0xd47/0x5450 [ 15.517474] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.517499] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.517542] kasan_atomics+0x1dc/0x310 [ 15.517568] ? __pfx_kasan_atomics+0x10/0x10 [ 15.517594] ? __pfx_read_tsc+0x10/0x10 [ 15.517617] ? ktime_get_ts64+0x86/0x230 [ 15.517653] kunit_try_run_case+0x1a5/0x480 [ 15.517680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.517715] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.517742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.517769] ? __kthread_parkme+0x82/0x180 [ 15.517800] ? preempt_count_sub+0x50/0x80 [ 15.517826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.517853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.517889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.517917] kthread+0x337/0x6f0 [ 15.517937] ? trace_preempt_on+0x20/0xc0 [ 15.517971] ? __pfx_kthread+0x10/0x10 [ 15.517993] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.518017] ? calculate_sigpending+0x7b/0xa0 [ 15.518054] ? __pfx_kthread+0x10/0x10 [ 15.518077] ret_from_fork+0x116/0x1d0 [ 15.518098] ? __pfx_kthread+0x10/0x10 [ 15.518120] ret_from_fork_asm+0x1a/0x30 [ 15.518153] </TASK> [ 15.518174] [ 15.525505] Allocated by task 283: [ 15.525693] kasan_save_stack+0x45/0x70 [ 15.525908] kasan_save_track+0x18/0x40 [ 15.526116] kasan_save_alloc_info+0x3b/0x50 [ 15.526377] __kasan_kmalloc+0xb7/0xc0 [ 15.526615] __kmalloc_cache_noprof+0x189/0x420 [ 15.526854] kasan_atomics+0x95/0x310 [ 15.527057] kunit_try_run_case+0x1a5/0x480 [ 15.527282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.527530] kthread+0x337/0x6f0 [ 15.527702] ret_from_fork+0x116/0x1d0 [ 15.527872] ret_from_fork_asm+0x1a/0x30 [ 15.528059] [ 15.528157] The buggy address belongs to the object at ffff8881026d6200 [ 15.528157] which belongs to the cache kmalloc-64 of size 64 [ 15.528679] The buggy address is located 0 bytes to the right of [ 15.528679] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.529198] [ 15.529318] The buggy address belongs to the physical page: [ 15.529604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.529941] flags: 0x200000000000000(node=0|zone=2) [ 15.530170] page_type: f5(slab) [ 15.530347] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.530703] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.531048] page dumped because: kasan: bad access detected [ 15.531272] [ 15.531341] Memory state around the buggy address: [ 15.531523] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.531733] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.531989] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.532333] ^ [ 15.532628] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532972] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.533281] ================================================================== [ 16.450759] ================================================================== [ 16.451136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.451854] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.452342] [ 16.452515] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.452564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.452577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.452600] Call Trace: [ 16.452620] <TASK> [ 16.452640] dump_stack_lvl+0x73/0xb0 [ 16.452671] print_report+0xd1/0x610 [ 16.452697] ? __virt_addr_valid+0x1db/0x2d0 [ 16.452722] ? kasan_atomics_helper+0x224c/0x5450 [ 16.452746] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.452771] ? kasan_atomics_helper+0x224c/0x5450 [ 16.452796] kasan_report+0x141/0x180 [ 16.452819] ? kasan_atomics_helper+0x224c/0x5450 [ 16.452848] kasan_check_range+0x10c/0x1c0 [ 16.452873] __kasan_check_write+0x18/0x20 [ 16.452895] kasan_atomics_helper+0x224c/0x5450 [ 16.452920] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.452944] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.452977] kasan_atomics+0x1dc/0x310 [ 16.453002] ? __pfx_kasan_atomics+0x10/0x10 [ 16.453028] ? __pfx_read_tsc+0x10/0x10 [ 16.453051] ? ktime_get_ts64+0x86/0x230 [ 16.453078] kunit_try_run_case+0x1a5/0x480 [ 16.453104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.453130] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.453156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.453181] ? __kthread_parkme+0x82/0x180 [ 16.453204] ? preempt_count_sub+0x50/0x80 [ 16.453229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.453256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.453282] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.453309] kthread+0x337/0x6f0 [ 16.453330] ? trace_preempt_on+0x20/0xc0 [ 16.453355] ? __pfx_kthread+0x10/0x10 [ 16.453378] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.453400] ? calculate_sigpending+0x7b/0xa0 [ 16.453570] ? __pfx_kthread+0x10/0x10 [ 16.453595] ret_from_fork+0x116/0x1d0 [ 16.453617] ? __pfx_kthread+0x10/0x10 [ 16.453639] ret_from_fork_asm+0x1a/0x30 [ 16.453672] </TASK> [ 16.453683] [ 16.462930] Allocated by task 283: [ 16.463104] kasan_save_stack+0x45/0x70 [ 16.463299] kasan_save_track+0x18/0x40 [ 16.463871] kasan_save_alloc_info+0x3b/0x50 [ 16.464309] __kasan_kmalloc+0xb7/0xc0 [ 16.464752] __kmalloc_cache_noprof+0x189/0x420 [ 16.465086] kasan_atomics+0x95/0x310 [ 16.465512] kunit_try_run_case+0x1a5/0x480 [ 16.465716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.465949] kthread+0x337/0x6f0 [ 16.466107] ret_from_fork+0x116/0x1d0 [ 16.466286] ret_from_fork_asm+0x1a/0x30 [ 16.466750] [ 16.466983] The buggy address belongs to the object at ffff8881026d6200 [ 16.466983] which belongs to the cache kmalloc-64 of size 64 [ 16.467754] The buggy address is located 0 bytes to the right of [ 16.467754] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.468688] [ 16.468796] The buggy address belongs to the physical page: [ 16.469040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.469360] flags: 0x200000000000000(node=0|zone=2) [ 16.469851] page_type: f5(slab) [ 16.470123] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.470717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.471203] page dumped because: kasan: bad access detected [ 16.471694] [ 16.471798] Memory state around the buggy address: [ 16.472009] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.472305] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.472911] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.473540] ^ [ 16.473823] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.474299] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.474736] ================================================================== [ 16.077067] ================================================================== [ 16.077680] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 16.078006] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.078312] [ 16.078417] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.078636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.078650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.078674] Call Trace: [ 16.078693] <TASK> [ 16.078711] dump_stack_lvl+0x73/0xb0 [ 16.078743] print_report+0xd1/0x610 [ 16.078767] ? __virt_addr_valid+0x1db/0x2d0 [ 16.078793] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.078876] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.078901] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.078978] kasan_report+0x141/0x180 [ 16.079002] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.079030] kasan_check_range+0x10c/0x1c0 [ 16.079056] __kasan_check_write+0x18/0x20 [ 16.079079] kasan_atomics_helper+0x19e3/0x5450 [ 16.079103] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.079128] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.079161] kasan_atomics+0x1dc/0x310 [ 16.079186] ? __pfx_kasan_atomics+0x10/0x10 [ 16.079212] ? __pfx_read_tsc+0x10/0x10 [ 16.079235] ? ktime_get_ts64+0x86/0x230 [ 16.079262] kunit_try_run_case+0x1a5/0x480 [ 16.079288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.079313] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.079340] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.079366] ? __kthread_parkme+0x82/0x180 [ 16.079389] ? preempt_count_sub+0x50/0x80 [ 16.079427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.079467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.079494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.079521] kthread+0x337/0x6f0 [ 16.079543] ? trace_preempt_on+0x20/0xc0 [ 16.079569] ? __pfx_kthread+0x10/0x10 [ 16.079591] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.079615] ? calculate_sigpending+0x7b/0xa0 [ 16.079641] ? __pfx_kthread+0x10/0x10 [ 16.079665] ret_from_fork+0x116/0x1d0 [ 16.079685] ? __pfx_kthread+0x10/0x10 [ 16.079707] ret_from_fork_asm+0x1a/0x30 [ 16.079740] </TASK> [ 16.079751] [ 16.089154] Allocated by task 283: [ 16.089487] kasan_save_stack+0x45/0x70 [ 16.089680] kasan_save_track+0x18/0x40 [ 16.089851] kasan_save_alloc_info+0x3b/0x50 [ 16.090058] __kasan_kmalloc+0xb7/0xc0 [ 16.090235] __kmalloc_cache_noprof+0x189/0x420 [ 16.090745] kasan_atomics+0x95/0x310 [ 16.090941] kunit_try_run_case+0x1a5/0x480 [ 16.091110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.091480] kthread+0x337/0x6f0 [ 16.091650] ret_from_fork+0x116/0x1d0 [ 16.091944] ret_from_fork_asm+0x1a/0x30 [ 16.092184] [ 16.092351] The buggy address belongs to the object at ffff8881026d6200 [ 16.092351] which belongs to the cache kmalloc-64 of size 64 [ 16.092894] The buggy address is located 0 bytes to the right of [ 16.092894] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.093640] [ 16.093744] The buggy address belongs to the physical page: [ 16.093941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.094297] flags: 0x200000000000000(node=0|zone=2) [ 16.094755] page_type: f5(slab) [ 16.094913] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.095206] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.095669] page dumped because: kasan: bad access detected [ 16.095973] [ 16.096050] Memory state around the buggy address: [ 16.096354] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.096692] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.097143] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.097536] ^ [ 16.097830] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.098118] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.098532] ================================================================== [ 16.475292] ================================================================== [ 16.475611] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.475963] Read of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.476243] [ 16.476342] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.476391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.476404] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.476440] Call Trace: [ 16.476472] <TASK> [ 16.476493] dump_stack_lvl+0x73/0xb0 [ 16.476525] print_report+0xd1/0x610 [ 16.476550] ? __virt_addr_valid+0x1db/0x2d0 [ 16.476575] ? kasan_atomics_helper+0x5115/0x5450 [ 16.476599] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.476624] ? kasan_atomics_helper+0x5115/0x5450 [ 16.476649] kasan_report+0x141/0x180 [ 16.476672] ? kasan_atomics_helper+0x5115/0x5450 [ 16.476701] __asan_report_load8_noabort+0x18/0x20 [ 16.476729] kasan_atomics_helper+0x5115/0x5450 [ 16.476754] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.476778] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.476811] kasan_atomics+0x1dc/0x310 [ 16.476836] ? __pfx_kasan_atomics+0x10/0x10 [ 16.476862] ? __pfx_read_tsc+0x10/0x10 [ 16.476886] ? ktime_get_ts64+0x86/0x230 [ 16.476912] kunit_try_run_case+0x1a5/0x480 [ 16.476939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.476964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.476989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.477015] ? __kthread_parkme+0x82/0x180 [ 16.477037] ? preempt_count_sub+0x50/0x80 [ 16.477063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.477090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.477116] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.477143] kthread+0x337/0x6f0 [ 16.477164] ? trace_preempt_on+0x20/0xc0 [ 16.477189] ? __pfx_kthread+0x10/0x10 [ 16.477211] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.477234] ? calculate_sigpending+0x7b/0xa0 [ 16.477260] ? __pfx_kthread+0x10/0x10 [ 16.477283] ret_from_fork+0x116/0x1d0 [ 16.477303] ? __pfx_kthread+0x10/0x10 [ 16.477325] ret_from_fork_asm+0x1a/0x30 [ 16.477358] </TASK> [ 16.477369] [ 16.484643] Allocated by task 283: [ 16.484802] kasan_save_stack+0x45/0x70 [ 16.484948] kasan_save_track+0x18/0x40 [ 16.485121] kasan_save_alloc_info+0x3b/0x50 [ 16.485336] __kasan_kmalloc+0xb7/0xc0 [ 16.485540] __kmalloc_cache_noprof+0x189/0x420 [ 16.485749] kasan_atomics+0x95/0x310 [ 16.485885] kunit_try_run_case+0x1a5/0x480 [ 16.486032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.486300] kthread+0x337/0x6f0 [ 16.486546] ret_from_fork+0x116/0x1d0 [ 16.486734] ret_from_fork_asm+0x1a/0x30 [ 16.486907] [ 16.486981] The buggy address belongs to the object at ffff8881026d6200 [ 16.486981] which belongs to the cache kmalloc-64 of size 64 [ 16.487338] The buggy address is located 0 bytes to the right of [ 16.487338] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.487894] [ 16.487989] The buggy address belongs to the physical page: [ 16.488344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.488624] flags: 0x200000000000000(node=0|zone=2) [ 16.488790] page_type: f5(slab) [ 16.488910] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.489250] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.489823] page dumped because: kasan: bad access detected [ 16.490066] [ 16.490149] Memory state around the buggy address: [ 16.490347] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.490597] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.490927] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.491221] ^ [ 16.491413] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.491695] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.492121] ================================================================== [ 15.605226] ================================================================== [ 15.605608] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.605937] Read of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.606160] [ 15.606250] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.606296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.606309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.606332] Call Trace: [ 15.606358] <TASK> [ 15.606376] dump_stack_lvl+0x73/0xb0 [ 15.606430] print_report+0xd1/0x610 [ 15.606463] ? __virt_addr_valid+0x1db/0x2d0 [ 15.606488] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.606512] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.606538] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.606563] kasan_report+0x141/0x180 [ 15.606587] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.606615] __asan_report_load4_noabort+0x18/0x20 [ 15.606651] kasan_atomics_helper+0x4a36/0x5450 [ 15.606676] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.606701] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.606745] kasan_atomics+0x1dc/0x310 [ 15.606771] ? __pfx_kasan_atomics+0x10/0x10 [ 15.606797] ? __pfx_read_tsc+0x10/0x10 [ 15.606820] ? ktime_get_ts64+0x86/0x230 [ 15.606847] kunit_try_run_case+0x1a5/0x480 [ 15.606874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.606899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.606924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.606951] ? __kthread_parkme+0x82/0x180 [ 15.606973] ? preempt_count_sub+0x50/0x80 [ 15.606998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.607025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.607051] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.607079] kthread+0x337/0x6f0 [ 15.607101] ? trace_preempt_on+0x20/0xc0 [ 15.607126] ? __pfx_kthread+0x10/0x10 [ 15.607148] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.607181] ? calculate_sigpending+0x7b/0xa0 [ 15.607208] ? __pfx_kthread+0x10/0x10 [ 15.607233] ret_from_fork+0x116/0x1d0 [ 15.607266] ? __pfx_kthread+0x10/0x10 [ 15.607288] ret_from_fork_asm+0x1a/0x30 [ 15.607320] </TASK> [ 15.607331] [ 15.614787] Allocated by task 283: [ 15.614956] kasan_save_stack+0x45/0x70 [ 15.615161] kasan_save_track+0x18/0x40 [ 15.615361] kasan_save_alloc_info+0x3b/0x50 [ 15.615595] __kasan_kmalloc+0xb7/0xc0 [ 15.615781] __kmalloc_cache_noprof+0x189/0x420 [ 15.615993] kasan_atomics+0x95/0x310 [ 15.616188] kunit_try_run_case+0x1a5/0x480 [ 15.616365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.616571] kthread+0x337/0x6f0 [ 15.616762] ret_from_fork+0x116/0x1d0 [ 15.616949] ret_from_fork_asm+0x1a/0x30 [ 15.617146] [ 15.617233] The buggy address belongs to the object at ffff8881026d6200 [ 15.617233] which belongs to the cache kmalloc-64 of size 64 [ 15.617720] The buggy address is located 0 bytes to the right of [ 15.617720] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.618235] [ 15.618335] The buggy address belongs to the physical page: [ 15.618612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.618856] flags: 0x200000000000000(node=0|zone=2) [ 15.619021] page_type: f5(slab) [ 15.619142] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.619484] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.619842] page dumped because: kasan: bad access detected [ 15.620091] [ 15.620184] Memory state around the buggy address: [ 15.620440] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.620697] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.620914] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.621148] ^ [ 15.621371] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.621733] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.622072] ================================================================== [ 15.326704] ================================================================== [ 15.327101] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.327517] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.327871] [ 15.327961] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.328004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.328016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.328038] Call Trace: [ 15.328054] <TASK> [ 15.328070] dump_stack_lvl+0x73/0xb0 [ 15.328110] print_report+0xd1/0x610 [ 15.328135] ? __virt_addr_valid+0x1db/0x2d0 [ 15.328159] ? kasan_atomics_helper+0x72f/0x5450 [ 15.328188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.328213] ? kasan_atomics_helper+0x72f/0x5450 [ 15.328237] kasan_report+0x141/0x180 [ 15.328260] ? kasan_atomics_helper+0x72f/0x5450 [ 15.328292] kasan_check_range+0x10c/0x1c0 [ 15.328317] __kasan_check_write+0x18/0x20 [ 15.328339] kasan_atomics_helper+0x72f/0x5450 [ 15.328363] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.328388] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.328427] kasan_atomics+0x1dc/0x310 [ 15.328480] ? __pfx_kasan_atomics+0x10/0x10 [ 15.328507] ? __pfx_read_tsc+0x10/0x10 [ 15.328530] ? ktime_get_ts64+0x86/0x230 [ 15.328556] kunit_try_run_case+0x1a5/0x480 [ 15.328582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.328607] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.328634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.328660] ? __kthread_parkme+0x82/0x180 [ 15.328682] ? preempt_count_sub+0x50/0x80 [ 15.328708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.328735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.328761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.328788] kthread+0x337/0x6f0 [ 15.328809] ? trace_preempt_on+0x20/0xc0 [ 15.328843] ? __pfx_kthread+0x10/0x10 [ 15.328865] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.328889] ? calculate_sigpending+0x7b/0xa0 [ 15.328926] ? __pfx_kthread+0x10/0x10 [ 15.328949] ret_from_fork+0x116/0x1d0 [ 15.328969] ? __pfx_kthread+0x10/0x10 [ 15.328991] ret_from_fork_asm+0x1a/0x30 [ 15.329033] </TASK> [ 15.329044] [ 15.336412] Allocated by task 283: [ 15.336557] kasan_save_stack+0x45/0x70 [ 15.336765] kasan_save_track+0x18/0x40 [ 15.336961] kasan_save_alloc_info+0x3b/0x50 [ 15.337198] __kasan_kmalloc+0xb7/0xc0 [ 15.337389] __kmalloc_cache_noprof+0x189/0x420 [ 15.337619] kasan_atomics+0x95/0x310 [ 15.337755] kunit_try_run_case+0x1a5/0x480 [ 15.337903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.338081] kthread+0x337/0x6f0 [ 15.338204] ret_from_fork+0x116/0x1d0 [ 15.338339] ret_from_fork_asm+0x1a/0x30 [ 15.338549] [ 15.338647] The buggy address belongs to the object at ffff8881026d6200 [ 15.338647] which belongs to the cache kmalloc-64 of size 64 [ 15.339194] The buggy address is located 0 bytes to the right of [ 15.339194] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.339765] [ 15.339863] The buggy address belongs to the physical page: [ 15.340078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.340323] flags: 0x200000000000000(node=0|zone=2) [ 15.340520] page_type: f5(slab) [ 15.340650] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.340996] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.341396] page dumped because: kasan: bad access detected [ 15.341658] [ 15.341751] Memory state around the buggy address: [ 15.341984] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.342303] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.342651] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.342921] ^ [ 15.343124] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.343489] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.343784] ================================================================== [ 16.007097] ================================================================== [ 16.007735] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 16.008023] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 16.008249] [ 16.008350] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.008409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.008423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.008446] Call Trace: [ 16.008476] <TASK> [ 16.008497] dump_stack_lvl+0x73/0xb0 [ 16.008529] print_report+0xd1/0x610 [ 16.008554] ? __virt_addr_valid+0x1db/0x2d0 [ 16.008579] ? kasan_atomics_helper+0x1818/0x5450 [ 16.008603] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.008628] ? kasan_atomics_helper+0x1818/0x5450 [ 16.008652] kasan_report+0x141/0x180 [ 16.008676] ? kasan_atomics_helper+0x1818/0x5450 [ 16.008704] kasan_check_range+0x10c/0x1c0 [ 16.008730] __kasan_check_write+0x18/0x20 [ 16.008752] kasan_atomics_helper+0x1818/0x5450 [ 16.008776] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.008801] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.008834] kasan_atomics+0x1dc/0x310 [ 16.008858] ? __pfx_kasan_atomics+0x10/0x10 [ 16.008884] ? __pfx_read_tsc+0x10/0x10 [ 16.008907] ? ktime_get_ts64+0x86/0x230 [ 16.008934] kunit_try_run_case+0x1a5/0x480 [ 16.008961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.008986] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.009012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.009038] ? __kthread_parkme+0x82/0x180 [ 16.009063] ? preempt_count_sub+0x50/0x80 [ 16.009089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.009115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.009142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.009170] kthread+0x337/0x6f0 [ 16.009190] ? trace_preempt_on+0x20/0xc0 [ 16.009217] ? __pfx_kthread+0x10/0x10 [ 16.009240] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.009264] ? calculate_sigpending+0x7b/0xa0 [ 16.009290] ? __pfx_kthread+0x10/0x10 [ 16.009313] ret_from_fork+0x116/0x1d0 [ 16.009334] ? __pfx_kthread+0x10/0x10 [ 16.009356] ret_from_fork_asm+0x1a/0x30 [ 16.009388] </TASK> [ 16.009400] [ 16.021575] Allocated by task 283: [ 16.021861] kasan_save_stack+0x45/0x70 [ 16.022070] kasan_save_track+0x18/0x40 [ 16.022241] kasan_save_alloc_info+0x3b/0x50 [ 16.022498] __kasan_kmalloc+0xb7/0xc0 [ 16.022937] __kmalloc_cache_noprof+0x189/0x420 [ 16.023156] kasan_atomics+0x95/0x310 [ 16.023376] kunit_try_run_case+0x1a5/0x480 [ 16.023812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.024140] kthread+0x337/0x6f0 [ 16.024304] ret_from_fork+0x116/0x1d0 [ 16.024711] ret_from_fork_asm+0x1a/0x30 [ 16.024974] [ 16.025056] The buggy address belongs to the object at ffff8881026d6200 [ 16.025056] which belongs to the cache kmalloc-64 of size 64 [ 16.025940] The buggy address is located 0 bytes to the right of [ 16.025940] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 16.026601] [ 16.026805] The buggy address belongs to the physical page: [ 16.027077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 16.027596] flags: 0x200000000000000(node=0|zone=2) [ 16.027831] page_type: f5(slab) [ 16.028146] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.028485] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.028945] page dumped because: kasan: bad access detected [ 16.029269] [ 16.029373] Memory state around the buggy address: [ 16.029773] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.030058] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.030565] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.030975] ^ [ 16.031283] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.031773] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.032080] ================================================================== [ 15.399371] ================================================================== [ 15.399773] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.400117] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.400441] [ 15.400580] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.400640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.400654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.400677] Call Trace: [ 15.400696] <TASK> [ 15.400715] dump_stack_lvl+0x73/0xb0 [ 15.400745] print_report+0xd1/0x610 [ 15.400780] ? __virt_addr_valid+0x1db/0x2d0 [ 15.400805] ? kasan_atomics_helper+0x992/0x5450 [ 15.400828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.400865] ? kasan_atomics_helper+0x992/0x5450 [ 15.400888] kasan_report+0x141/0x180 [ 15.400912] ? kasan_atomics_helper+0x992/0x5450 [ 15.400940] kasan_check_range+0x10c/0x1c0 [ 15.400967] __kasan_check_write+0x18/0x20 [ 15.400991] kasan_atomics_helper+0x992/0x5450 [ 15.401016] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.401040] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.401082] kasan_atomics+0x1dc/0x310 [ 15.401108] ? __pfx_kasan_atomics+0x10/0x10 [ 15.401144] ? __pfx_read_tsc+0x10/0x10 [ 15.401167] ? ktime_get_ts64+0x86/0x230 [ 15.401194] kunit_try_run_case+0x1a5/0x480 [ 15.401221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.401246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.401282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.401309] ? __kthread_parkme+0x82/0x180 [ 15.401341] ? preempt_count_sub+0x50/0x80 [ 15.401368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.401415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.401463] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.401492] kthread+0x337/0x6f0 [ 15.401513] ? trace_preempt_on+0x20/0xc0 [ 15.401539] ? __pfx_kthread+0x10/0x10 [ 15.401561] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.401585] ? calculate_sigpending+0x7b/0xa0 [ 15.401621] ? __pfx_kthread+0x10/0x10 [ 15.401645] ret_from_fork+0x116/0x1d0 [ 15.401675] ? __pfx_kthread+0x10/0x10 [ 15.401698] ret_from_fork_asm+0x1a/0x30 [ 15.401732] </TASK> [ 15.401744] [ 15.409131] Allocated by task 283: [ 15.409278] kasan_save_stack+0x45/0x70 [ 15.409458] kasan_save_track+0x18/0x40 [ 15.409598] kasan_save_alloc_info+0x3b/0x50 [ 15.409748] __kasan_kmalloc+0xb7/0xc0 [ 15.409882] __kmalloc_cache_noprof+0x189/0x420 [ 15.410042] kasan_atomics+0x95/0x310 [ 15.410196] kunit_try_run_case+0x1a5/0x480 [ 15.410462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.410716] kthread+0x337/0x6f0 [ 15.410883] ret_from_fork+0x116/0x1d0 [ 15.411068] ret_from_fork_asm+0x1a/0x30 [ 15.411263] [ 15.411358] The buggy address belongs to the object at ffff8881026d6200 [ 15.411358] which belongs to the cache kmalloc-64 of size 64 [ 15.411869] The buggy address is located 0 bytes to the right of [ 15.411869] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.412295] [ 15.412370] The buggy address belongs to the physical page: [ 15.412576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.412824] flags: 0x200000000000000(node=0|zone=2) [ 15.413031] page_type: f5(slab) [ 15.413201] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.413612] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.413994] page dumped because: kasan: bad access detected [ 15.414301] [ 15.414413] Memory state around the buggy address: [ 15.414646] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.414964] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.415309] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.415656] ^ [ 15.415845] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.416061] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.416277] ================================================================== [ 15.890240] ================================================================== [ 15.890872] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.891465] Write of size 8 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.892021] [ 15.892141] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.892190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.892203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.892227] Call Trace: [ 15.892379] <TASK> [ 15.892403] dump_stack_lvl+0x73/0xb0 [ 15.892449] print_report+0xd1/0x610 [ 15.892486] ? __virt_addr_valid+0x1db/0x2d0 [ 15.892513] ? kasan_atomics_helper+0x151d/0x5450 [ 15.892536] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.892562] ? kasan_atomics_helper+0x151d/0x5450 [ 15.892586] kasan_report+0x141/0x180 [ 15.892608] ? kasan_atomics_helper+0x151d/0x5450 [ 15.892637] kasan_check_range+0x10c/0x1c0 [ 15.892662] __kasan_check_write+0x18/0x20 [ 15.892683] kasan_atomics_helper+0x151d/0x5450 [ 15.892708] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.892732] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.892765] kasan_atomics+0x1dc/0x310 [ 15.892790] ? __pfx_kasan_atomics+0x10/0x10 [ 15.892816] ? __pfx_read_tsc+0x10/0x10 [ 15.892840] ? ktime_get_ts64+0x86/0x230 [ 15.892866] kunit_try_run_case+0x1a5/0x480 [ 15.892892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.892917] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.892943] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.892969] ? __kthread_parkme+0x82/0x180 [ 15.892992] ? preempt_count_sub+0x50/0x80 [ 15.893018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.893044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.893071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.893098] kthread+0x337/0x6f0 [ 15.893119] ? trace_preempt_on+0x20/0xc0 [ 15.893144] ? __pfx_kthread+0x10/0x10 [ 15.893166] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.893189] ? calculate_sigpending+0x7b/0xa0 [ 15.893216] ? __pfx_kthread+0x10/0x10 [ 15.893239] ret_from_fork+0x116/0x1d0 [ 15.893259] ? __pfx_kthread+0x10/0x10 [ 15.893282] ret_from_fork_asm+0x1a/0x30 [ 15.893314] </TASK> [ 15.893325] [ 15.903396] Allocated by task 283: [ 15.903922] kasan_save_stack+0x45/0x70 [ 15.904222] kasan_save_track+0x18/0x40 [ 15.904519] kasan_save_alloc_info+0x3b/0x50 [ 15.904829] __kasan_kmalloc+0xb7/0xc0 [ 15.905101] __kmalloc_cache_noprof+0x189/0x420 [ 15.905386] kasan_atomics+0x95/0x310 [ 15.905708] kunit_try_run_case+0x1a5/0x480 [ 15.905913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.906182] kthread+0x337/0x6f0 [ 15.906327] ret_from_fork+0x116/0x1d0 [ 15.906704] ret_from_fork_asm+0x1a/0x30 [ 15.906984] [ 15.907068] The buggy address belongs to the object at ffff8881026d6200 [ 15.907068] which belongs to the cache kmalloc-64 of size 64 [ 15.907884] The buggy address is located 0 bytes to the right of [ 15.907884] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.908420] [ 15.908755] The buggy address belongs to the physical page: [ 15.909156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.909548] flags: 0x200000000000000(node=0|zone=2) [ 15.909864] page_type: f5(slab) [ 15.910041] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.910525] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.910961] page dumped because: kasan: bad access detected [ 15.911212] [ 15.911305] Memory state around the buggy address: [ 15.911718] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.912097] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.912545] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.912978] ^ [ 15.913167] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.913657] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.914024] ================================================================== [ 15.381172] ================================================================== [ 15.381432] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.382001] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.382547] [ 15.382672] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.382729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.382743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.382779] Call Trace: [ 15.382797] <TASK> [ 15.382814] dump_stack_lvl+0x73/0xb0 [ 15.382845] print_report+0xd1/0x610 [ 15.382868] ? __virt_addr_valid+0x1db/0x2d0 [ 15.382894] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.382917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.382942] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.382966] kasan_report+0x141/0x180 [ 15.382989] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.383017] kasan_check_range+0x10c/0x1c0 [ 15.383042] __kasan_check_write+0x18/0x20 [ 15.383074] kasan_atomics_helper+0x8f9/0x5450 [ 15.383099] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.383123] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.383165] kasan_atomics+0x1dc/0x310 [ 15.383191] ? __pfx_kasan_atomics+0x10/0x10 [ 15.383217] ? __pfx_read_tsc+0x10/0x10 [ 15.383249] ? ktime_get_ts64+0x86/0x230 [ 15.383276] kunit_try_run_case+0x1a5/0x480 [ 15.383313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.383338] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.383365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.383410] ? __kthread_parkme+0x82/0x180 [ 15.383433] ? preempt_count_sub+0x50/0x80 [ 15.383467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.383494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.383521] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.383549] kthread+0x337/0x6f0 [ 15.383570] ? trace_preempt_on+0x20/0xc0 [ 15.383596] ? __pfx_kthread+0x10/0x10 [ 15.383626] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.383650] ? calculate_sigpending+0x7b/0xa0 [ 15.383677] ? __pfx_kthread+0x10/0x10 [ 15.383711] ret_from_fork+0x116/0x1d0 [ 15.383731] ? __pfx_kthread+0x10/0x10 [ 15.383754] ret_from_fork_asm+0x1a/0x30 [ 15.383787] </TASK> [ 15.383806] [ 15.391307] Allocated by task 283: [ 15.391518] kasan_save_stack+0x45/0x70 [ 15.391744] kasan_save_track+0x18/0x40 [ 15.391937] kasan_save_alloc_info+0x3b/0x50 [ 15.392146] __kasan_kmalloc+0xb7/0xc0 [ 15.392321] __kmalloc_cache_noprof+0x189/0x420 [ 15.392518] kasan_atomics+0x95/0x310 [ 15.392656] kunit_try_run_case+0x1a5/0x480 [ 15.392806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.392984] kthread+0x337/0x6f0 [ 15.393107] ret_from_fork+0x116/0x1d0 [ 15.393242] ret_from_fork_asm+0x1a/0x30 [ 15.393384] [ 15.393516] The buggy address belongs to the object at ffff8881026d6200 [ 15.393516] which belongs to the cache kmalloc-64 of size 64 [ 15.394050] The buggy address is located 0 bytes to the right of [ 15.394050] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.394631] [ 15.394730] The buggy address belongs to the physical page: [ 15.395018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.395415] flags: 0x200000000000000(node=0|zone=2) [ 15.395664] page_type: f5(slab) [ 15.395798] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.396031] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.396260] page dumped because: kasan: bad access detected [ 15.396471] [ 15.396546] Memory state around the buggy address: [ 15.396708] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.397056] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.397460] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.397827] ^ [ 15.398075] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.398413] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.398769] ================================================================== [ 15.148343] ================================================================== [ 15.148962] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 15.149418] Write of size 4 at addr ffff8881026d6230 by task kunit_try_catch/283 [ 15.149874] [ 15.150039] CPU: 0 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.150088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.150100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.150123] Call Trace: [ 15.150137] <TASK> [ 15.150155] dump_stack_lvl+0x73/0xb0 [ 15.150186] print_report+0xd1/0x610 [ 15.150212] ? __virt_addr_valid+0x1db/0x2d0 [ 15.150237] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.150260] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.150285] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.150309] kasan_report+0x141/0x180 [ 15.150332] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.150360] __asan_report_store4_noabort+0x1b/0x30 [ 15.150396] kasan_atomics_helper+0x4b6e/0x5450 [ 15.150429] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.150470] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.150512] kasan_atomics+0x1dc/0x310 [ 15.150537] ? __pfx_kasan_atomics+0x10/0x10 [ 15.150562] ? __pfx_read_tsc+0x10/0x10 [ 15.150606] ? ktime_get_ts64+0x86/0x230 [ 15.150634] kunit_try_run_case+0x1a5/0x480 [ 15.150660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.150685] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.150711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.150737] ? __kthread_parkme+0x82/0x180 [ 15.150760] ? preempt_count_sub+0x50/0x80 [ 15.150785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.150811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.150837] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.150864] kthread+0x337/0x6f0 [ 15.150886] ? trace_preempt_on+0x20/0xc0 [ 15.150910] ? __pfx_kthread+0x10/0x10 [ 15.150933] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.150966] ? calculate_sigpending+0x7b/0xa0 [ 15.150992] ? __pfx_kthread+0x10/0x10 [ 15.151016] ret_from_fork+0x116/0x1d0 [ 15.151047] ? __pfx_kthread+0x10/0x10 [ 15.151069] ret_from_fork_asm+0x1a/0x30 [ 15.151101] </TASK> [ 15.151112] [ 15.164665] Allocated by task 283: [ 15.165011] kasan_save_stack+0x45/0x70 [ 15.165508] kasan_save_track+0x18/0x40 [ 15.165871] kasan_save_alloc_info+0x3b/0x50 [ 15.166286] __kasan_kmalloc+0xb7/0xc0 [ 15.166540] __kmalloc_cache_noprof+0x189/0x420 [ 15.167033] kasan_atomics+0x95/0x310 [ 15.167170] kunit_try_run_case+0x1a5/0x480 [ 15.167320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.167544] kthread+0x337/0x6f0 [ 15.167874] ret_from_fork+0x116/0x1d0 [ 15.168266] ret_from_fork_asm+0x1a/0x30 [ 15.168813] [ 15.168974] The buggy address belongs to the object at ffff8881026d6200 [ 15.168974] which belongs to the cache kmalloc-64 of size 64 [ 15.170234] The buggy address is located 0 bytes to the right of [ 15.170234] allocated 48-byte region [ffff8881026d6200, ffff8881026d6230) [ 15.171524] [ 15.171751] The buggy address belongs to the physical page: [ 15.172179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d6 [ 15.172745] flags: 0x200000000000000(node=0|zone=2) [ 15.172927] page_type: f5(slab) [ 15.173065] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.173828] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.174284] page dumped because: kasan: bad access detected [ 15.174488] [ 15.174560] Memory state around the buggy address: [ 15.175115] ffff8881026d6100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.175664] ffff8881026d6180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.176416] >ffff8881026d6200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.176965] ^ [ 15.177413] ffff8881026d6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.177891] ffff8881026d6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.178633] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.933519] ================================================================== [ 14.933865] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.934297] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.934710] [ 14.934817] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.934859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.934870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.934901] Call Trace: [ 14.934917] <TASK> [ 14.934932] dump_stack_lvl+0x73/0xb0 [ 14.934961] print_report+0xd1/0x610 [ 14.934997] ? __virt_addr_valid+0x1db/0x2d0 [ 14.935029] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.935059] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.935084] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.935125] kasan_report+0x141/0x180 [ 14.935147] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.935183] kasan_check_range+0x10c/0x1c0 [ 14.935206] __kasan_check_write+0x18/0x20 [ 14.935226] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.935256] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.935287] ? ret_from_fork_asm+0x1a/0x30 [ 14.935310] ? kthread+0x337/0x6f0 [ 14.935334] kasan_bitops_generic+0x121/0x1c0 [ 14.935358] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.935391] ? __pfx_read_tsc+0x10/0x10 [ 14.935412] ? ktime_get_ts64+0x86/0x230 [ 14.935468] kunit_try_run_case+0x1a5/0x480 [ 14.935494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.935518] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.935541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.935764] ? __kthread_parkme+0x82/0x180 [ 14.935786] ? preempt_count_sub+0x50/0x80 [ 14.935809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.935835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.935872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.935899] kthread+0x337/0x6f0 [ 14.935918] ? trace_preempt_on+0x20/0xc0 [ 14.935954] ? __pfx_kthread+0x10/0x10 [ 14.935976] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.935997] ? calculate_sigpending+0x7b/0xa0 [ 14.936023] ? __pfx_kthread+0x10/0x10 [ 14.936044] ret_from_fork+0x116/0x1d0 [ 14.936072] ? __pfx_kthread+0x10/0x10 [ 14.936093] ret_from_fork_asm+0x1a/0x30 [ 14.936134] </TASK> [ 14.936145] [ 14.945244] Allocated by task 279: [ 14.945442] kasan_save_stack+0x45/0x70 [ 14.945768] kasan_save_track+0x18/0x40 [ 14.945978] kasan_save_alloc_info+0x3b/0x50 [ 14.946149] __kasan_kmalloc+0xb7/0xc0 [ 14.946282] __kmalloc_cache_noprof+0x189/0x420 [ 14.946480] kasan_bitops_generic+0x92/0x1c0 [ 14.946774] kunit_try_run_case+0x1a5/0x480 [ 14.946986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.947190] kthread+0x337/0x6f0 [ 14.947314] ret_from_fork+0x116/0x1d0 [ 14.947518] ret_from_fork_asm+0x1a/0x30 [ 14.947720] [ 14.947817] The buggy address belongs to the object at ffff888102676240 [ 14.947817] which belongs to the cache kmalloc-16 of size 16 [ 14.948240] The buggy address is located 8 bytes inside of [ 14.948240] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.948776] [ 14.948878] The buggy address belongs to the physical page: [ 14.949109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.949799] flags: 0x200000000000000(node=0|zone=2) [ 14.950052] page_type: f5(slab) [ 14.950209] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.950648] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.950908] page dumped because: kasan: bad access detected [ 14.951184] [ 14.951277] Memory state around the buggy address: [ 14.951537] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.951959] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.952300] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.952722] ^ [ 14.953048] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.953372] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.953688] ================================================================== [ 14.870649] ================================================================== [ 14.870924] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.871267] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.871931] [ 14.872036] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.872081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.872092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.872124] Call Trace: [ 14.872138] <TASK> [ 14.872154] dump_stack_lvl+0x73/0xb0 [ 14.872182] print_report+0xd1/0x610 [ 14.872214] ? __virt_addr_valid+0x1db/0x2d0 [ 14.872237] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.872267] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.872305] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.872335] kasan_report+0x141/0x180 [ 14.872357] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.872422] kasan_check_range+0x10c/0x1c0 [ 14.872446] __kasan_check_write+0x18/0x20 [ 14.872475] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.872505] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.872544] ? ret_from_fork_asm+0x1a/0x30 [ 14.872648] ? kthread+0x337/0x6f0 [ 14.872673] kasan_bitops_generic+0x121/0x1c0 [ 14.872698] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.872725] ? __pfx_read_tsc+0x10/0x10 [ 14.872757] ? ktime_get_ts64+0x86/0x230 [ 14.872781] kunit_try_run_case+0x1a5/0x480 [ 14.872816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.872839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.872865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.872889] ? __kthread_parkme+0x82/0x180 [ 14.872909] ? preempt_count_sub+0x50/0x80 [ 14.872934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.872959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.872983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.873018] kthread+0x337/0x6f0 [ 14.873038] ? trace_preempt_on+0x20/0xc0 [ 14.873060] ? __pfx_kthread+0x10/0x10 [ 14.873093] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.873114] ? calculate_sigpending+0x7b/0xa0 [ 14.873140] ? __pfx_kthread+0x10/0x10 [ 14.873161] ret_from_fork+0x116/0x1d0 [ 14.873179] ? __pfx_kthread+0x10/0x10 [ 14.873200] ret_from_fork_asm+0x1a/0x30 [ 14.873231] </TASK> [ 14.873240] [ 14.882240] Allocated by task 279: [ 14.882483] kasan_save_stack+0x45/0x70 [ 14.882798] kasan_save_track+0x18/0x40 [ 14.882957] kasan_save_alloc_info+0x3b/0x50 [ 14.883184] __kasan_kmalloc+0xb7/0xc0 [ 14.883416] __kmalloc_cache_noprof+0x189/0x420 [ 14.883859] kasan_bitops_generic+0x92/0x1c0 [ 14.884072] kunit_try_run_case+0x1a5/0x480 [ 14.884220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.884545] kthread+0x337/0x6f0 [ 14.884794] ret_from_fork+0x116/0x1d0 [ 14.884971] ret_from_fork_asm+0x1a/0x30 [ 14.885113] [ 14.885185] The buggy address belongs to the object at ffff888102676240 [ 14.885185] which belongs to the cache kmalloc-16 of size 16 [ 14.885839] The buggy address is located 8 bytes inside of [ 14.885839] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.886349] [ 14.886442] The buggy address belongs to the physical page: [ 14.886796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.887144] flags: 0x200000000000000(node=0|zone=2) [ 14.887369] page_type: f5(slab) [ 14.887598] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.888150] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.888798] page dumped because: kasan: bad access detected [ 14.889063] [ 14.889139] Memory state around the buggy address: [ 14.889338] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.889627] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.889919] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.890182] ^ [ 14.890430] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.890921] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.891222] ================================================================== [ 15.004995] ================================================================== [ 15.005337] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.005843] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 15.006101] [ 15.006196] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.006239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.006250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.006271] Call Trace: [ 15.006286] <TASK> [ 15.006301] dump_stack_lvl+0x73/0xb0 [ 15.006329] print_report+0xd1/0x610 [ 15.006351] ? __virt_addr_valid+0x1db/0x2d0 [ 15.006374] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.006403] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.006427] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.006490] kasan_report+0x141/0x180 [ 15.006512] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.006737] kasan_check_range+0x10c/0x1c0 [ 15.006773] __kasan_check_write+0x18/0x20 [ 15.006794] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.006825] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.006857] ? ret_from_fork_asm+0x1a/0x30 [ 15.006881] ? kthread+0x337/0x6f0 [ 15.006904] kasan_bitops_generic+0x121/0x1c0 [ 15.006929] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.006955] ? __pfx_read_tsc+0x10/0x10 [ 15.006975] ? ktime_get_ts64+0x86/0x230 [ 15.007000] kunit_try_run_case+0x1a5/0x480 [ 15.007024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.007047] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.007071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.007095] ? __kthread_parkme+0x82/0x180 [ 15.007116] ? preempt_count_sub+0x50/0x80 [ 15.007140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.007165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.007189] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.007215] kthread+0x337/0x6f0 [ 15.007233] ? trace_preempt_on+0x20/0xc0 [ 15.007256] ? __pfx_kthread+0x10/0x10 [ 15.007276] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.007298] ? calculate_sigpending+0x7b/0xa0 [ 15.007323] ? __pfx_kthread+0x10/0x10 [ 15.007344] ret_from_fork+0x116/0x1d0 [ 15.007362] ? __pfx_kthread+0x10/0x10 [ 15.007382] ret_from_fork_asm+0x1a/0x30 [ 15.007413] </TASK> [ 15.007422] [ 15.015883] Allocated by task 279: [ 15.016069] kasan_save_stack+0x45/0x70 [ 15.016277] kasan_save_track+0x18/0x40 [ 15.016513] kasan_save_alloc_info+0x3b/0x50 [ 15.016783] __kasan_kmalloc+0xb7/0xc0 [ 15.016922] __kmalloc_cache_noprof+0x189/0x420 [ 15.017108] kasan_bitops_generic+0x92/0x1c0 [ 15.017320] kunit_try_run_case+0x1a5/0x480 [ 15.017632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.017895] kthread+0x337/0x6f0 [ 15.018063] ret_from_fork+0x116/0x1d0 [ 15.018256] ret_from_fork_asm+0x1a/0x30 [ 15.018447] [ 15.018529] The buggy address belongs to the object at ffff888102676240 [ 15.018529] which belongs to the cache kmalloc-16 of size 16 [ 15.019221] The buggy address is located 8 bytes inside of [ 15.019221] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 15.019788] [ 15.019891] The buggy address belongs to the physical page: [ 15.020149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 15.020541] flags: 0x200000000000000(node=0|zone=2) [ 15.020854] page_type: f5(slab) [ 15.020993] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.021262] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.021625] page dumped because: kasan: bad access detected [ 15.021887] [ 15.021980] Memory state around the buggy address: [ 15.022215] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.022751] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.023005] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.023290] ^ [ 15.023650] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.023887] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.024170] ================================================================== [ 14.984342] ================================================================== [ 14.985033] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.985426] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.986198] [ 14.986413] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.986535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.986629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.986655] Call Trace: [ 14.986672] <TASK> [ 14.986688] dump_stack_lvl+0x73/0xb0 [ 14.986718] print_report+0xd1/0x610 [ 14.986740] ? __virt_addr_valid+0x1db/0x2d0 [ 14.986763] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.986793] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.986818] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.986849] kasan_report+0x141/0x180 [ 14.986870] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.986904] kasan_check_range+0x10c/0x1c0 [ 14.986929] __kasan_check_write+0x18/0x20 [ 14.986950] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.986979] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.987012] ? ret_from_fork_asm+0x1a/0x30 [ 14.987035] ? kthread+0x337/0x6f0 [ 14.987059] kasan_bitops_generic+0x121/0x1c0 [ 14.987082] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.987109] ? __pfx_read_tsc+0x10/0x10 [ 14.987130] ? ktime_get_ts64+0x86/0x230 [ 14.987154] kunit_try_run_case+0x1a5/0x480 [ 14.987179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.987203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.987227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.987251] ? __kthread_parkme+0x82/0x180 [ 14.987272] ? preempt_count_sub+0x50/0x80 [ 14.987298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.987323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.987347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.987372] kthread+0x337/0x6f0 [ 14.987392] ? trace_preempt_on+0x20/0xc0 [ 14.987414] ? __pfx_kthread+0x10/0x10 [ 14.987435] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.987483] ? calculate_sigpending+0x7b/0xa0 [ 14.987507] ? __pfx_kthread+0x10/0x10 [ 14.987529] ret_from_fork+0x116/0x1d0 [ 14.987630] ? __pfx_kthread+0x10/0x10 [ 14.987659] ret_from_fork_asm+0x1a/0x30 [ 14.987690] </TASK> [ 14.987699] [ 14.996283] Allocated by task 279: [ 14.996486] kasan_save_stack+0x45/0x70 [ 14.996764] kasan_save_track+0x18/0x40 [ 14.996966] kasan_save_alloc_info+0x3b/0x50 [ 14.997178] __kasan_kmalloc+0xb7/0xc0 [ 14.997369] __kmalloc_cache_noprof+0x189/0x420 [ 14.997813] kasan_bitops_generic+0x92/0x1c0 [ 14.998044] kunit_try_run_case+0x1a5/0x480 [ 14.998200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.998466] kthread+0x337/0x6f0 [ 14.998722] ret_from_fork+0x116/0x1d0 [ 14.998866] ret_from_fork_asm+0x1a/0x30 [ 14.999065] [ 14.999162] The buggy address belongs to the object at ffff888102676240 [ 14.999162] which belongs to the cache kmalloc-16 of size 16 [ 14.999778] The buggy address is located 8 bytes inside of [ 14.999778] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 15.000168] [ 15.000239] The buggy address belongs to the physical page: [ 15.000424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 15.000884] flags: 0x200000000000000(node=0|zone=2) [ 15.001121] page_type: f5(slab) [ 15.001286] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.001563] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.001805] page dumped because: kasan: bad access detected [ 15.002056] [ 15.002145] Memory state around the buggy address: [ 15.002368] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.002702] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.003263] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.003618] ^ [ 15.003880] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.004160] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.004493] ================================================================== [ 15.044026] ================================================================== [ 15.044313] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.044663] Read of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 15.044978] [ 15.045059] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.045100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.045111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.045131] Call Trace: [ 15.045144] <TASK> [ 15.045159] dump_stack_lvl+0x73/0xb0 [ 15.045183] print_report+0xd1/0x610 [ 15.045204] ? __virt_addr_valid+0x1db/0x2d0 [ 15.045225] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.045252] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.045274] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.045302] kasan_report+0x141/0x180 [ 15.045322] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.045354] __asan_report_load8_noabort+0x18/0x20 [ 15.045378] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.045406] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.045435] ? ret_from_fork_asm+0x1a/0x30 [ 15.045761] ? kthread+0x337/0x6f0 [ 15.045790] kasan_bitops_generic+0x121/0x1c0 [ 15.045817] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.045843] ? __pfx_read_tsc+0x10/0x10 [ 15.045864] ? ktime_get_ts64+0x86/0x230 [ 15.045888] kunit_try_run_case+0x1a5/0x480 [ 15.045912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.045936] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.045961] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.045984] ? __kthread_parkme+0x82/0x180 [ 15.046005] ? preempt_count_sub+0x50/0x80 [ 15.046029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.046054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.046079] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.046105] kthread+0x337/0x6f0 [ 15.046124] ? trace_preempt_on+0x20/0xc0 [ 15.046147] ? __pfx_kthread+0x10/0x10 [ 15.046168] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.046189] ? calculate_sigpending+0x7b/0xa0 [ 15.046214] ? __pfx_kthread+0x10/0x10 [ 15.046235] ret_from_fork+0x116/0x1d0 [ 15.046255] ? __pfx_kthread+0x10/0x10 [ 15.046275] ret_from_fork_asm+0x1a/0x30 [ 15.046306] </TASK> [ 15.046316] [ 15.054490] Allocated by task 279: [ 15.054845] kasan_save_stack+0x45/0x70 [ 15.055036] kasan_save_track+0x18/0x40 [ 15.055171] kasan_save_alloc_info+0x3b/0x50 [ 15.055362] __kasan_kmalloc+0xb7/0xc0 [ 15.055662] __kmalloc_cache_noprof+0x189/0x420 [ 15.055901] kasan_bitops_generic+0x92/0x1c0 [ 15.056107] kunit_try_run_case+0x1a5/0x480 [ 15.056315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.056666] kthread+0x337/0x6f0 [ 15.056828] ret_from_fork+0x116/0x1d0 [ 15.056962] ret_from_fork_asm+0x1a/0x30 [ 15.057103] [ 15.057174] The buggy address belongs to the object at ffff888102676240 [ 15.057174] which belongs to the cache kmalloc-16 of size 16 [ 15.057726] The buggy address is located 8 bytes inside of [ 15.057726] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 15.058268] [ 15.058364] The buggy address belongs to the physical page: [ 15.058796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 15.059134] flags: 0x200000000000000(node=0|zone=2) [ 15.059300] page_type: f5(slab) [ 15.059422] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.059793] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.060124] page dumped because: kasan: bad access detected [ 15.060301] [ 15.060394] Memory state around the buggy address: [ 15.060627] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.060921] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.061159] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.061369] ^ [ 15.061781] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.062111] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.062469] ================================================================== [ 14.891889] ================================================================== [ 14.892210] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.892681] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.893036] [ 14.893126] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.893169] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.893181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.893201] Call Trace: [ 14.893215] <TASK> [ 14.893231] dump_stack_lvl+0x73/0xb0 [ 14.893268] print_report+0xd1/0x610 [ 14.893291] ? __virt_addr_valid+0x1db/0x2d0 [ 14.893313] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.893354] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.893378] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.893408] kasan_report+0x141/0x180 [ 14.893471] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.893506] kasan_check_range+0x10c/0x1c0 [ 14.893530] __kasan_check_write+0x18/0x20 [ 14.893650] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.893687] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.893732] ? ret_from_fork_asm+0x1a/0x30 [ 14.893754] ? kthread+0x337/0x6f0 [ 14.893778] kasan_bitops_generic+0x121/0x1c0 [ 14.893802] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.893828] ? __pfx_read_tsc+0x10/0x10 [ 14.893850] ? ktime_get_ts64+0x86/0x230 [ 14.893875] kunit_try_run_case+0x1a5/0x480 [ 14.893900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.893924] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.893957] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.893983] ? __kthread_parkme+0x82/0x180 [ 14.894003] ? preempt_count_sub+0x50/0x80 [ 14.894037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.894062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.894087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.894113] kthread+0x337/0x6f0 [ 14.894141] ? trace_preempt_on+0x20/0xc0 [ 14.894164] ? __pfx_kthread+0x10/0x10 [ 14.894185] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.894218] ? calculate_sigpending+0x7b/0xa0 [ 14.894243] ? __pfx_kthread+0x10/0x10 [ 14.894266] ret_from_fork+0x116/0x1d0 [ 14.894285] ? __pfx_kthread+0x10/0x10 [ 14.894306] ret_from_fork_asm+0x1a/0x30 [ 14.894338] </TASK> [ 14.894348] [ 14.903345] Allocated by task 279: [ 14.903523] kasan_save_stack+0x45/0x70 [ 14.903949] kasan_save_track+0x18/0x40 [ 14.904164] kasan_save_alloc_info+0x3b/0x50 [ 14.904377] __kasan_kmalloc+0xb7/0xc0 [ 14.904663] __kmalloc_cache_noprof+0x189/0x420 [ 14.904889] kasan_bitops_generic+0x92/0x1c0 [ 14.905065] kunit_try_run_case+0x1a5/0x480 [ 14.905215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.905466] kthread+0x337/0x6f0 [ 14.905748] ret_from_fork+0x116/0x1d0 [ 14.905944] ret_from_fork_asm+0x1a/0x30 [ 14.906122] [ 14.906195] The buggy address belongs to the object at ffff888102676240 [ 14.906195] which belongs to the cache kmalloc-16 of size 16 [ 14.906832] The buggy address is located 8 bytes inside of [ 14.906832] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.907333] [ 14.907476] The buggy address belongs to the physical page: [ 14.907922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.908260] flags: 0x200000000000000(node=0|zone=2) [ 14.908433] page_type: f5(slab) [ 14.908604] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.909034] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.909373] page dumped because: kasan: bad access detected [ 14.909744] [ 14.909820] Memory state around the buggy address: [ 14.910034] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.910373] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.910786] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.911068] ^ [ 14.911349] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.911917] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.912274] ================================================================== [ 14.954204] ================================================================== [ 14.954491] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.955015] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.955315] [ 14.955426] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.955501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.955513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.955544] Call Trace: [ 14.955566] <TASK> [ 14.955581] dump_stack_lvl+0x73/0xb0 [ 14.955609] print_report+0xd1/0x610 [ 14.955632] ? __virt_addr_valid+0x1db/0x2d0 [ 14.955736] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.955770] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.955793] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.955833] kasan_report+0x141/0x180 [ 14.955856] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.955891] kasan_check_range+0x10c/0x1c0 [ 14.955925] __kasan_check_write+0x18/0x20 [ 14.955946] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.955976] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.956007] ? ret_from_fork_asm+0x1a/0x30 [ 14.956029] ? kthread+0x337/0x6f0 [ 14.956052] kasan_bitops_generic+0x121/0x1c0 [ 14.956078] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.956104] ? __pfx_read_tsc+0x10/0x10 [ 14.956125] ? ktime_get_ts64+0x86/0x230 [ 14.956149] kunit_try_run_case+0x1a5/0x480 [ 14.956173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.956198] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.956221] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.956246] ? __kthread_parkme+0x82/0x180 [ 14.956266] ? preempt_count_sub+0x50/0x80 [ 14.956295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.956321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.956346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.956379] kthread+0x337/0x6f0 [ 14.956398] ? trace_preempt_on+0x20/0xc0 [ 14.956421] ? __pfx_kthread+0x10/0x10 [ 14.956473] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.956495] ? calculate_sigpending+0x7b/0xa0 [ 14.956520] ? __pfx_kthread+0x10/0x10 [ 14.956541] ret_from_fork+0x116/0x1d0 [ 14.956754] ? __pfx_kthread+0x10/0x10 [ 14.956777] ret_from_fork_asm+0x1a/0x30 [ 14.956808] </TASK> [ 14.956817] [ 14.972289] Allocated by task 279: [ 14.972523] kasan_save_stack+0x45/0x70 [ 14.972721] kasan_save_track+0x18/0x40 [ 14.972900] kasan_save_alloc_info+0x3b/0x50 [ 14.973113] __kasan_kmalloc+0xb7/0xc0 [ 14.973304] __kmalloc_cache_noprof+0x189/0x420 [ 14.974224] kasan_bitops_generic+0x92/0x1c0 [ 14.974491] kunit_try_run_case+0x1a5/0x480 [ 14.974790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.975102] kthread+0x337/0x6f0 [ 14.975265] ret_from_fork+0x116/0x1d0 [ 14.975823] ret_from_fork_asm+0x1a/0x30 [ 14.976020] [ 14.976112] The buggy address belongs to the object at ffff888102676240 [ 14.976112] which belongs to the cache kmalloc-16 of size 16 [ 14.976976] The buggy address is located 8 bytes inside of [ 14.976976] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.977910] [ 14.978008] The buggy address belongs to the physical page: [ 14.978442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.978973] flags: 0x200000000000000(node=0|zone=2) [ 14.979194] page_type: f5(slab) [ 14.979363] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.979717] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.980009] page dumped because: kasan: bad access detected [ 14.980264] [ 14.980356] Memory state around the buggy address: [ 14.980590] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.980860] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.981188] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.982222] ^ [ 14.982726] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.983118] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.983537] ================================================================== [ 15.024747] ================================================================== [ 15.025064] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.025373] Read of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 15.025712] [ 15.025820] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.025861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.025873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.025894] Call Trace: [ 15.025907] <TASK> [ 15.025922] dump_stack_lvl+0x73/0xb0 [ 15.025947] print_report+0xd1/0x610 [ 15.025968] ? __virt_addr_valid+0x1db/0x2d0 [ 15.025991] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.026019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.026042] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.026069] kasan_report+0x141/0x180 [ 15.026090] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.026122] kasan_check_range+0x10c/0x1c0 [ 15.026145] __kasan_check_read+0x15/0x20 [ 15.026163] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.026190] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.026220] ? ret_from_fork_asm+0x1a/0x30 [ 15.026242] ? kthread+0x337/0x6f0 [ 15.026265] kasan_bitops_generic+0x121/0x1c0 [ 15.026288] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.026311] ? __pfx_read_tsc+0x10/0x10 [ 15.026332] ? ktime_get_ts64+0x86/0x230 [ 15.026355] kunit_try_run_case+0x1a5/0x480 [ 15.026379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.026401] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.026424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.026447] ? __kthread_parkme+0x82/0x180 [ 15.026476] ? preempt_count_sub+0x50/0x80 [ 15.026499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.026522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.026545] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.026569] kthread+0x337/0x6f0 [ 15.026587] ? trace_preempt_on+0x20/0xc0 [ 15.026609] ? __pfx_kthread+0x10/0x10 [ 15.026630] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.026651] ? calculate_sigpending+0x7b/0xa0 [ 15.026674] ? __pfx_kthread+0x10/0x10 [ 15.026694] ret_from_fork+0x116/0x1d0 [ 15.026712] ? __pfx_kthread+0x10/0x10 [ 15.026731] ret_from_fork_asm+0x1a/0x30 [ 15.026760] </TASK> [ 15.026769] [ 15.035266] Allocated by task 279: [ 15.035447] kasan_save_stack+0x45/0x70 [ 15.035736] kasan_save_track+0x18/0x40 [ 15.035896] kasan_save_alloc_info+0x3b/0x50 [ 15.036106] __kasan_kmalloc+0xb7/0xc0 [ 15.036294] __kmalloc_cache_noprof+0x189/0x420 [ 15.036734] kasan_bitops_generic+0x92/0x1c0 [ 15.036933] kunit_try_run_case+0x1a5/0x480 [ 15.037141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.037368] kthread+0x337/0x6f0 [ 15.037653] ret_from_fork+0x116/0x1d0 [ 15.037820] ret_from_fork_asm+0x1a/0x30 [ 15.037997] [ 15.038074] The buggy address belongs to the object at ffff888102676240 [ 15.038074] which belongs to the cache kmalloc-16 of size 16 [ 15.038776] The buggy address is located 8 bytes inside of [ 15.038776] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 15.039216] [ 15.039313] The buggy address belongs to the physical page: [ 15.039657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 15.039941] flags: 0x200000000000000(node=0|zone=2) [ 15.040105] page_type: f5(slab) [ 15.040246] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.040734] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.041077] page dumped because: kasan: bad access detected [ 15.041327] [ 15.041411] Memory state around the buggy address: [ 15.041713] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.042003] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.042296] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.042792] ^ [ 15.043009] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.043310] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.043611] ================================================================== [ 14.912846] ================================================================== [ 14.913174] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.913640] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.913986] [ 14.914087] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.914131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.914155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.914175] Call Trace: [ 14.914189] <TASK> [ 14.914203] dump_stack_lvl+0x73/0xb0 [ 14.914231] print_report+0xd1/0x610 [ 14.914262] ? __virt_addr_valid+0x1db/0x2d0 [ 14.914285] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.914315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.914351] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.914381] kasan_report+0x141/0x180 [ 14.914402] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.914437] kasan_check_range+0x10c/0x1c0 [ 14.914474] __kasan_check_write+0x18/0x20 [ 14.914494] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.914524] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.914556] ? ret_from_fork_asm+0x1a/0x30 [ 14.914578] ? kthread+0x337/0x6f0 [ 14.914601] kasan_bitops_generic+0x121/0x1c0 [ 14.914690] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.914733] ? __pfx_read_tsc+0x10/0x10 [ 14.914754] ? ktime_get_ts64+0x86/0x230 [ 14.914779] kunit_try_run_case+0x1a5/0x480 [ 14.914804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.914828] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.914853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.914877] ? __kthread_parkme+0x82/0x180 [ 14.914897] ? preempt_count_sub+0x50/0x80 [ 14.914921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.914946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.914972] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.914998] kthread+0x337/0x6f0 [ 14.915025] ? trace_preempt_on+0x20/0xc0 [ 14.915048] ? __pfx_kthread+0x10/0x10 [ 14.915069] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.915101] ? calculate_sigpending+0x7b/0xa0 [ 14.915126] ? __pfx_kthread+0x10/0x10 [ 14.915147] ret_from_fork+0x116/0x1d0 [ 14.915166] ? __pfx_kthread+0x10/0x10 [ 14.915187] ret_from_fork_asm+0x1a/0x30 [ 14.915217] </TASK> [ 14.915227] [ 14.924103] Allocated by task 279: [ 14.924272] kasan_save_stack+0x45/0x70 [ 14.924492] kasan_save_track+0x18/0x40 [ 14.924780] kasan_save_alloc_info+0x3b/0x50 [ 14.925002] __kasan_kmalloc+0xb7/0xc0 [ 14.925174] __kmalloc_cache_noprof+0x189/0x420 [ 14.925414] kasan_bitops_generic+0x92/0x1c0 [ 14.925740] kunit_try_run_case+0x1a5/0x480 [ 14.925958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.926195] kthread+0x337/0x6f0 [ 14.926317] ret_from_fork+0x116/0x1d0 [ 14.926483] ret_from_fork_asm+0x1a/0x30 [ 14.926771] [ 14.926871] The buggy address belongs to the object at ffff888102676240 [ 14.926871] which belongs to the cache kmalloc-16 of size 16 [ 14.927409] The buggy address is located 8 bytes inside of [ 14.927409] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.928137] [ 14.928254] The buggy address belongs to the physical page: [ 14.928478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.928918] flags: 0x200000000000000(node=0|zone=2) [ 14.929182] page_type: f5(slab) [ 14.929350] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.929820] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.930121] page dumped because: kasan: bad access detected [ 14.930388] [ 14.930518] Memory state around the buggy address: [ 14.930820] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.931143] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.931472] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.931984] ^ [ 14.932274] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.932685] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.933013] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.826844] ================================================================== [ 14.827135] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.827592] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.828035] [ 14.828176] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.828247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.828261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.828288] Call Trace: [ 14.828315] <TASK> [ 14.828329] dump_stack_lvl+0x73/0xb0 [ 14.828359] print_report+0xd1/0x610 [ 14.828382] ? __virt_addr_valid+0x1db/0x2d0 [ 14.828423] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.828458] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.828482] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.828536] kasan_report+0x141/0x180 [ 14.828572] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.828603] kasan_check_range+0x10c/0x1c0 [ 14.828627] __kasan_check_write+0x18/0x20 [ 14.828647] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.828675] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.828706] ? ret_from_fork_asm+0x1a/0x30 [ 14.828729] ? kthread+0x337/0x6f0 [ 14.828753] kasan_bitops_generic+0x116/0x1c0 [ 14.828777] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.828805] ? __pfx_read_tsc+0x10/0x10 [ 14.828826] ? ktime_get_ts64+0x86/0x230 [ 14.828850] kunit_try_run_case+0x1a5/0x480 [ 14.828874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.828897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.828922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.828947] ? __kthread_parkme+0x82/0x180 [ 14.828968] ? preempt_count_sub+0x50/0x80 [ 14.828992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.829017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.829041] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.829067] kthread+0x337/0x6f0 [ 14.829086] ? trace_preempt_on+0x20/0xc0 [ 14.829109] ? __pfx_kthread+0x10/0x10 [ 14.829130] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.829151] ? calculate_sigpending+0x7b/0xa0 [ 14.829176] ? __pfx_kthread+0x10/0x10 [ 14.829197] ret_from_fork+0x116/0x1d0 [ 14.829216] ? __pfx_kthread+0x10/0x10 [ 14.829236] ret_from_fork_asm+0x1a/0x30 [ 14.829267] </TASK> [ 14.829277] [ 14.839291] Allocated by task 279: [ 14.839642] kasan_save_stack+0x45/0x70 [ 14.839883] kasan_save_track+0x18/0x40 [ 14.840066] kasan_save_alloc_info+0x3b/0x50 [ 14.840324] __kasan_kmalloc+0xb7/0xc0 [ 14.840698] __kmalloc_cache_noprof+0x189/0x420 [ 14.840924] kasan_bitops_generic+0x92/0x1c0 [ 14.841148] kunit_try_run_case+0x1a5/0x480 [ 14.841348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.841752] kthread+0x337/0x6f0 [ 14.841925] ret_from_fork+0x116/0x1d0 [ 14.842110] ret_from_fork_asm+0x1a/0x30 [ 14.842307] [ 14.842419] The buggy address belongs to the object at ffff888102676240 [ 14.842419] which belongs to the cache kmalloc-16 of size 16 [ 14.843252] The buggy address is located 8 bytes inside of [ 14.843252] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.843952] [ 14.844068] The buggy address belongs to the physical page: [ 14.844322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.844836] flags: 0x200000000000000(node=0|zone=2) [ 14.845076] page_type: f5(slab) [ 14.845254] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.845765] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.846108] page dumped because: kasan: bad access detected [ 14.846373] [ 14.846494] Memory state around the buggy address: [ 14.846758] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.847088] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.847746] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.848109] ^ [ 14.848350] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.848885] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.849169] ================================================================== [ 14.728381] ================================================================== [ 14.729209] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.730213] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.731106] [ 14.731341] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.731389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.731401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.731441] Call Trace: [ 14.731470] <TASK> [ 14.731488] dump_stack_lvl+0x73/0xb0 [ 14.731519] print_report+0xd1/0x610 [ 14.731542] ? __virt_addr_valid+0x1db/0x2d0 [ 14.731566] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.731697] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.731725] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.731753] kasan_report+0x141/0x180 [ 14.731776] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.731807] kasan_check_range+0x10c/0x1c0 [ 14.731832] __kasan_check_write+0x18/0x20 [ 14.731853] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.731881] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.731910] ? ret_from_fork_asm+0x1a/0x30 [ 14.731933] ? kthread+0x337/0x6f0 [ 14.731958] kasan_bitops_generic+0x116/0x1c0 [ 14.731982] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.732008] ? __pfx_read_tsc+0x10/0x10 [ 14.732030] ? ktime_get_ts64+0x86/0x230 [ 14.732054] kunit_try_run_case+0x1a5/0x480 [ 14.732079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.732103] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.732128] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.732152] ? __kthread_parkme+0x82/0x180 [ 14.732173] ? preempt_count_sub+0x50/0x80 [ 14.732197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.732222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.732247] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.732274] kthread+0x337/0x6f0 [ 14.732296] ? trace_preempt_on+0x20/0xc0 [ 14.732321] ? __pfx_kthread+0x10/0x10 [ 14.732341] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.732363] ? calculate_sigpending+0x7b/0xa0 [ 14.732421] ? __pfx_kthread+0x10/0x10 [ 14.732444] ret_from_fork+0x116/0x1d0 [ 14.732606] ? __pfx_kthread+0x10/0x10 [ 14.732630] ret_from_fork_asm+0x1a/0x30 [ 14.732676] </TASK> [ 14.732686] [ 14.747801] Allocated by task 279: [ 14.747935] kasan_save_stack+0x45/0x70 [ 14.748082] kasan_save_track+0x18/0x40 [ 14.748214] kasan_save_alloc_info+0x3b/0x50 [ 14.748367] __kasan_kmalloc+0xb7/0xc0 [ 14.748729] __kmalloc_cache_noprof+0x189/0x420 [ 14.749367] kasan_bitops_generic+0x92/0x1c0 [ 14.749959] kunit_try_run_case+0x1a5/0x480 [ 14.750389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.751101] kthread+0x337/0x6f0 [ 14.751620] ret_from_fork+0x116/0x1d0 [ 14.752011] ret_from_fork_asm+0x1a/0x30 [ 14.752405] [ 14.752675] The buggy address belongs to the object at ffff888102676240 [ 14.752675] which belongs to the cache kmalloc-16 of size 16 [ 14.753591] The buggy address is located 8 bytes inside of [ 14.753591] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.754253] [ 14.754333] The buggy address belongs to the physical page: [ 14.754554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.754948] flags: 0x200000000000000(node=0|zone=2) [ 14.755435] page_type: f5(slab) [ 14.755756] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.755983] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.756201] page dumped because: kasan: bad access detected [ 14.756370] [ 14.756493] Memory state around the buggy address: [ 14.756991] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.757992] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.758723] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.759355] ^ [ 14.759992] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.760678] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.761083] ================================================================== [ 14.761487] ================================================================== [ 14.762135] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.763206] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.764008] [ 14.764199] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.764244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.764256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.764277] Call Trace: [ 14.764296] <TASK> [ 14.764312] dump_stack_lvl+0x73/0xb0 [ 14.764341] print_report+0xd1/0x610 [ 14.764363] ? __virt_addr_valid+0x1db/0x2d0 [ 14.764386] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.764441] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.764476] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.764504] kasan_report+0x141/0x180 [ 14.764538] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.764570] kasan_check_range+0x10c/0x1c0 [ 14.764594] __kasan_check_write+0x18/0x20 [ 14.764613] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.764651] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.764682] ? ret_from_fork_asm+0x1a/0x30 [ 14.764704] ? kthread+0x337/0x6f0 [ 14.764728] kasan_bitops_generic+0x116/0x1c0 [ 14.764752] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.764778] ? __pfx_read_tsc+0x10/0x10 [ 14.764800] ? ktime_get_ts64+0x86/0x230 [ 14.764825] kunit_try_run_case+0x1a5/0x480 [ 14.764850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.764873] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.764898] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.764923] ? __kthread_parkme+0x82/0x180 [ 14.764943] ? preempt_count_sub+0x50/0x80 [ 14.764967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.764992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.765016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.765043] kthread+0x337/0x6f0 [ 14.765062] ? trace_preempt_on+0x20/0xc0 [ 14.765086] ? __pfx_kthread+0x10/0x10 [ 14.765107] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.765129] ? calculate_sigpending+0x7b/0xa0 [ 14.765153] ? __pfx_kthread+0x10/0x10 [ 14.765175] ret_from_fork+0x116/0x1d0 [ 14.765194] ? __pfx_kthread+0x10/0x10 [ 14.765215] ret_from_fork_asm+0x1a/0x30 [ 14.765247] </TASK> [ 14.765256] [ 14.780921] Allocated by task 279: [ 14.781287] kasan_save_stack+0x45/0x70 [ 14.781763] kasan_save_track+0x18/0x40 [ 14.782222] kasan_save_alloc_info+0x3b/0x50 [ 14.782712] __kasan_kmalloc+0xb7/0xc0 [ 14.783018] __kmalloc_cache_noprof+0x189/0x420 [ 14.783545] kasan_bitops_generic+0x92/0x1c0 [ 14.783799] kunit_try_run_case+0x1a5/0x480 [ 14.784217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.784779] kthread+0x337/0x6f0 [ 14.784941] ret_from_fork+0x116/0x1d0 [ 14.785128] ret_from_fork_asm+0x1a/0x30 [ 14.785601] [ 14.785765] The buggy address belongs to the object at ffff888102676240 [ 14.785765] which belongs to the cache kmalloc-16 of size 16 [ 14.786723] The buggy address is located 8 bytes inside of [ 14.786723] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.787635] [ 14.787862] The buggy address belongs to the physical page: [ 14.788383] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.789059] flags: 0x200000000000000(node=0|zone=2) [ 14.789273] page_type: f5(slab) [ 14.789393] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.790233] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.791061] page dumped because: kasan: bad access detected [ 14.791408] [ 14.791498] Memory state around the buggy address: [ 14.791730] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.792387] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.793035] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.793536] ^ [ 14.794095] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.794464] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.795178] ================================================================== [ 14.671650] ================================================================== [ 14.671968] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.672252] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.672910] [ 14.673027] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.673071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.673083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.673104] Call Trace: [ 14.673119] <TASK> [ 14.673135] dump_stack_lvl+0x73/0xb0 [ 14.673165] print_report+0xd1/0x610 [ 14.673188] ? __virt_addr_valid+0x1db/0x2d0 [ 14.673212] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.673240] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.673266] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.673293] kasan_report+0x141/0x180 [ 14.673316] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.673349] kasan_check_range+0x10c/0x1c0 [ 14.673373] __kasan_check_write+0x18/0x20 [ 14.673393] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.673432] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.673477] ? ret_from_fork_asm+0x1a/0x30 [ 14.673500] ? kthread+0x337/0x6f0 [ 14.673524] kasan_bitops_generic+0x116/0x1c0 [ 14.673549] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.673811] ? __pfx_read_tsc+0x10/0x10 [ 14.673834] ? ktime_get_ts64+0x86/0x230 [ 14.673861] kunit_try_run_case+0x1a5/0x480 [ 14.673887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.673912] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.673938] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.673964] ? __kthread_parkme+0x82/0x180 [ 14.673985] ? preempt_count_sub+0x50/0x80 [ 14.674010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.674035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.674061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.674088] kthread+0x337/0x6f0 [ 14.674107] ? trace_preempt_on+0x20/0xc0 [ 14.674131] ? __pfx_kthread+0x10/0x10 [ 14.674152] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.674174] ? calculate_sigpending+0x7b/0xa0 [ 14.674200] ? __pfx_kthread+0x10/0x10 [ 14.674222] ret_from_fork+0x116/0x1d0 [ 14.674241] ? __pfx_kthread+0x10/0x10 [ 14.674262] ret_from_fork_asm+0x1a/0x30 [ 14.674293] </TASK> [ 14.674303] [ 14.683016] Allocated by task 279: [ 14.683198] kasan_save_stack+0x45/0x70 [ 14.683400] kasan_save_track+0x18/0x40 [ 14.683667] kasan_save_alloc_info+0x3b/0x50 [ 14.683835] __kasan_kmalloc+0xb7/0xc0 [ 14.684017] __kmalloc_cache_noprof+0x189/0x420 [ 14.684173] kasan_bitops_generic+0x92/0x1c0 [ 14.684346] kunit_try_run_case+0x1a5/0x480 [ 14.684869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.685141] kthread+0x337/0x6f0 [ 14.685304] ret_from_fork+0x116/0x1d0 [ 14.685527] ret_from_fork_asm+0x1a/0x30 [ 14.685775] [ 14.685867] The buggy address belongs to the object at ffff888102676240 [ 14.685867] which belongs to the cache kmalloc-16 of size 16 [ 14.686338] The buggy address is located 8 bytes inside of [ 14.686338] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.686922] [ 14.687020] The buggy address belongs to the physical page: [ 14.687240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.687634] flags: 0x200000000000000(node=0|zone=2) [ 14.687935] page_type: f5(slab) [ 14.688089] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.688405] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.688757] page dumped because: kasan: bad access detected [ 14.688928] [ 14.688998] Memory state around the buggy address: [ 14.689150] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.689505] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.690264] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.690698] ^ [ 14.690960] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.691174] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.691383] ================================================================== [ 14.651695] ================================================================== [ 14.652129] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.652496] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.652769] [ 14.652911] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.652958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.652970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.652993] Call Trace: [ 14.653005] <TASK> [ 14.653023] dump_stack_lvl+0x73/0xb0 [ 14.653055] print_report+0xd1/0x610 [ 14.653078] ? __virt_addr_valid+0x1db/0x2d0 [ 14.653103] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.653131] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.653156] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.653183] kasan_report+0x141/0x180 [ 14.653205] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.653237] kasan_check_range+0x10c/0x1c0 [ 14.653262] __kasan_check_write+0x18/0x20 [ 14.653282] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.653310] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.653339] ? ret_from_fork_asm+0x1a/0x30 [ 14.653363] ? kthread+0x337/0x6f0 [ 14.653389] kasan_bitops_generic+0x116/0x1c0 [ 14.653413] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.653439] ? __pfx_read_tsc+0x10/0x10 [ 14.653474] ? ktime_get_ts64+0x86/0x230 [ 14.653500] kunit_try_run_case+0x1a5/0x480 [ 14.653527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.653552] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.653578] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.653604] ? __kthread_parkme+0x82/0x180 [ 14.653627] ? preempt_count_sub+0x50/0x80 [ 14.653653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.653694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.653719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.653748] kthread+0x337/0x6f0 [ 14.653767] ? trace_preempt_on+0x20/0xc0 [ 14.653793] ? __pfx_kthread+0x10/0x10 [ 14.653815] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.653837] ? calculate_sigpending+0x7b/0xa0 [ 14.653863] ? __pfx_kthread+0x10/0x10 [ 14.653884] ret_from_fork+0x116/0x1d0 [ 14.653903] ? __pfx_kthread+0x10/0x10 [ 14.653924] ret_from_fork_asm+0x1a/0x30 [ 14.653955] </TASK> [ 14.653966] [ 14.662270] Allocated by task 279: [ 14.662417] kasan_save_stack+0x45/0x70 [ 14.662651] kasan_save_track+0x18/0x40 [ 14.662786] kasan_save_alloc_info+0x3b/0x50 [ 14.662935] __kasan_kmalloc+0xb7/0xc0 [ 14.663111] __kmalloc_cache_noprof+0x189/0x420 [ 14.663331] kasan_bitops_generic+0x92/0x1c0 [ 14.663613] kunit_try_run_case+0x1a5/0x480 [ 14.663761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.664323] kthread+0x337/0x6f0 [ 14.664588] ret_from_fork+0x116/0x1d0 [ 14.665145] ret_from_fork_asm+0x1a/0x30 [ 14.665289] [ 14.665363] The buggy address belongs to the object at ffff888102676240 [ 14.665363] which belongs to the cache kmalloc-16 of size 16 [ 14.665729] The buggy address is located 8 bytes inside of [ 14.665729] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.666575] [ 14.666672] The buggy address belongs to the physical page: [ 14.666926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.667279] flags: 0x200000000000000(node=0|zone=2) [ 14.667497] page_type: f5(slab) [ 14.667633] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.668180] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.668686] page dumped because: kasan: bad access detected [ 14.668868] [ 14.668937] Memory state around the buggy address: [ 14.669094] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.669332] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.669943] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.670273] ^ [ 14.670548] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.670831] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.671111] ================================================================== [ 14.795907] ================================================================== [ 14.796145] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.796407] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.796842] [ 14.797164] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.797212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.797224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.797245] Call Trace: [ 14.797260] <TASK> [ 14.797275] dump_stack_lvl+0x73/0xb0 [ 14.797305] print_report+0xd1/0x610 [ 14.797328] ? __virt_addr_valid+0x1db/0x2d0 [ 14.797350] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.797378] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.797401] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.797467] kasan_report+0x141/0x180 [ 14.797490] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.797533] kasan_check_range+0x10c/0x1c0 [ 14.797557] __kasan_check_write+0x18/0x20 [ 14.797577] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.797605] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.797634] ? ret_from_fork_asm+0x1a/0x30 [ 14.797657] ? kthread+0x337/0x6f0 [ 14.797681] kasan_bitops_generic+0x116/0x1c0 [ 14.797705] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.797852] ? __pfx_read_tsc+0x10/0x10 [ 14.797881] ? ktime_get_ts64+0x86/0x230 [ 14.797907] kunit_try_run_case+0x1a5/0x480 [ 14.797957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.797981] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.798007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.798032] ? __kthread_parkme+0x82/0x180 [ 14.798053] ? preempt_count_sub+0x50/0x80 [ 14.798077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.798102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.798128] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.798154] kthread+0x337/0x6f0 [ 14.798173] ? trace_preempt_on+0x20/0xc0 [ 14.798196] ? __pfx_kthread+0x10/0x10 [ 14.798216] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.798238] ? calculate_sigpending+0x7b/0xa0 [ 14.798263] ? __pfx_kthread+0x10/0x10 [ 14.798285] ret_from_fork+0x116/0x1d0 [ 14.798303] ? __pfx_kthread+0x10/0x10 [ 14.798323] ret_from_fork_asm+0x1a/0x30 [ 14.798354] </TASK> [ 14.798364] [ 14.813777] Allocated by task 279: [ 14.813912] kasan_save_stack+0x45/0x70 [ 14.814054] kasan_save_track+0x18/0x40 [ 14.814186] kasan_save_alloc_info+0x3b/0x50 [ 14.814330] __kasan_kmalloc+0xb7/0xc0 [ 14.814516] __kmalloc_cache_noprof+0x189/0x420 [ 14.815026] kasan_bitops_generic+0x92/0x1c0 [ 14.815550] kunit_try_run_case+0x1a5/0x480 [ 14.816039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.816758] kthread+0x337/0x6f0 [ 14.817172] ret_from_fork+0x116/0x1d0 [ 14.817575] ret_from_fork_asm+0x1a/0x30 [ 14.818091] [ 14.818286] The buggy address belongs to the object at ffff888102676240 [ 14.818286] which belongs to the cache kmalloc-16 of size 16 [ 14.819296] The buggy address is located 8 bytes inside of [ 14.819296] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.820383] [ 14.820581] The buggy address belongs to the physical page: [ 14.821133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.821692] flags: 0x200000000000000(node=0|zone=2) [ 14.822138] page_type: f5(slab) [ 14.822373] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.823002] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.823233] page dumped because: kasan: bad access detected [ 14.823402] [ 14.823489] Memory state around the buggy address: [ 14.823738] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.824164] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.824406] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.825003] ^ [ 14.825320] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.825726] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.826205] ================================================================== [ 14.849840] ================================================================== [ 14.850133] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.850576] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.851110] [ 14.851229] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.851306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.851318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.851339] Call Trace: [ 14.851354] <TASK> [ 14.851379] dump_stack_lvl+0x73/0xb0 [ 14.851427] print_report+0xd1/0x610 [ 14.851458] ? __virt_addr_valid+0x1db/0x2d0 [ 14.851482] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.851509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.851534] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.851567] kasan_report+0x141/0x180 [ 14.851590] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.851622] kasan_check_range+0x10c/0x1c0 [ 14.851645] __kasan_check_write+0x18/0x20 [ 14.851665] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.851693] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.851722] ? ret_from_fork_asm+0x1a/0x30 [ 14.851745] ? kthread+0x337/0x6f0 [ 14.851768] kasan_bitops_generic+0x116/0x1c0 [ 14.851792] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.851818] ? __pfx_read_tsc+0x10/0x10 [ 14.851839] ? ktime_get_ts64+0x86/0x230 [ 14.851862] kunit_try_run_case+0x1a5/0x480 [ 14.851887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.851910] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.851935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.851959] ? __kthread_parkme+0x82/0x180 [ 14.851979] ? preempt_count_sub+0x50/0x80 [ 14.852003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.852028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.852054] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.852079] kthread+0x337/0x6f0 [ 14.852099] ? trace_preempt_on+0x20/0xc0 [ 14.852122] ? __pfx_kthread+0x10/0x10 [ 14.852143] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.852165] ? calculate_sigpending+0x7b/0xa0 [ 14.852189] ? __pfx_kthread+0x10/0x10 [ 14.852211] ret_from_fork+0x116/0x1d0 [ 14.852230] ? __pfx_kthread+0x10/0x10 [ 14.852251] ret_from_fork_asm+0x1a/0x30 [ 14.852286] </TASK> [ 14.852296] [ 14.861241] Allocated by task 279: [ 14.861465] kasan_save_stack+0x45/0x70 [ 14.861773] kasan_save_track+0x18/0x40 [ 14.861963] kasan_save_alloc_info+0x3b/0x50 [ 14.862141] __kasan_kmalloc+0xb7/0xc0 [ 14.862274] __kmalloc_cache_noprof+0x189/0x420 [ 14.862463] kasan_bitops_generic+0x92/0x1c0 [ 14.862769] kunit_try_run_case+0x1a5/0x480 [ 14.862985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.863239] kthread+0x337/0x6f0 [ 14.863672] ret_from_fork+0x116/0x1d0 [ 14.863909] ret_from_fork_asm+0x1a/0x30 [ 14.864071] [ 14.864142] The buggy address belongs to the object at ffff888102676240 [ 14.864142] which belongs to the cache kmalloc-16 of size 16 [ 14.864776] The buggy address is located 8 bytes inside of [ 14.864776] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.865365] [ 14.865489] The buggy address belongs to the physical page: [ 14.865781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.866086] flags: 0x200000000000000(node=0|zone=2) [ 14.866336] page_type: f5(slab) [ 14.866732] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.867077] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.867387] page dumped because: kasan: bad access detected [ 14.867740] [ 14.867815] Memory state around the buggy address: [ 14.867987] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.868346] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.868792] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.869106] ^ [ 14.869362] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.869792] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.870045] ================================================================== [ 14.691934] ================================================================== [ 14.692393] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.692771] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.693198] [ 14.693289] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.693332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.693343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.693364] Call Trace: [ 14.693380] <TASK> [ 14.693395] dump_stack_lvl+0x73/0xb0 [ 14.693427] print_report+0xd1/0x610 [ 14.693464] ? __virt_addr_valid+0x1db/0x2d0 [ 14.693488] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.693515] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.693540] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.693567] kasan_report+0x141/0x180 [ 14.693590] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.693622] kasan_check_range+0x10c/0x1c0 [ 14.693646] __kasan_check_write+0x18/0x20 [ 14.693666] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.693694] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.693724] ? ret_from_fork_asm+0x1a/0x30 [ 14.693748] ? kthread+0x337/0x6f0 [ 14.693772] kasan_bitops_generic+0x116/0x1c0 [ 14.693797] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.693824] ? __pfx_read_tsc+0x10/0x10 [ 14.693846] ? ktime_get_ts64+0x86/0x230 [ 14.693871] kunit_try_run_case+0x1a5/0x480 [ 14.693896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.693921] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.693945] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.693970] ? __kthread_parkme+0x82/0x180 [ 14.693992] ? preempt_count_sub+0x50/0x80 [ 14.694016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.694041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.694066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.694092] kthread+0x337/0x6f0 [ 14.694112] ? trace_preempt_on+0x20/0xc0 [ 14.694136] ? __pfx_kthread+0x10/0x10 [ 14.694157] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.694179] ? calculate_sigpending+0x7b/0xa0 [ 14.694204] ? __pfx_kthread+0x10/0x10 [ 14.694226] ret_from_fork+0x116/0x1d0 [ 14.694341] ? __pfx_kthread+0x10/0x10 [ 14.694366] ret_from_fork_asm+0x1a/0x30 [ 14.694398] </TASK> [ 14.694408] [ 14.711993] Allocated by task 279: [ 14.712431] kasan_save_stack+0x45/0x70 [ 14.712949] kasan_save_track+0x18/0x40 [ 14.713099] kasan_save_alloc_info+0x3b/0x50 [ 14.713250] __kasan_kmalloc+0xb7/0xc0 [ 14.713382] __kmalloc_cache_noprof+0x189/0x420 [ 14.714241] kasan_bitops_generic+0x92/0x1c0 [ 14.714742] kunit_try_run_case+0x1a5/0x480 [ 14.715277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.715915] kthread+0x337/0x6f0 [ 14.716352] ret_from_fork+0x116/0x1d0 [ 14.716763] ret_from_fork_asm+0x1a/0x30 [ 14.717233] [ 14.717395] The buggy address belongs to the object at ffff888102676240 [ 14.717395] which belongs to the cache kmalloc-16 of size 16 [ 14.718102] The buggy address is located 8 bytes inside of [ 14.718102] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.719380] [ 14.719679] The buggy address belongs to the physical page: [ 14.720043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.720293] flags: 0x200000000000000(node=0|zone=2) [ 14.720494] page_type: f5(slab) [ 14.721037] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.721894] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.722725] page dumped because: kasan: bad access detected [ 14.723380] [ 14.723674] Memory state around the buggy address: [ 14.724021] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.724241] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.724629] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.725519] ^ [ 14.726116] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.726894] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.727397] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.624313] ================================================================== [ 14.624864] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.625135] Read of size 1 at addr ffff888103445d50 by task kunit_try_catch/277 [ 14.625497] [ 14.625728] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.625777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.625803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.625838] Call Trace: [ 14.625852] <TASK> [ 14.625867] dump_stack_lvl+0x73/0xb0 [ 14.625897] print_report+0xd1/0x610 [ 14.625921] ? __virt_addr_valid+0x1db/0x2d0 [ 14.625946] ? strnlen+0x73/0x80 [ 14.625964] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.625988] ? strnlen+0x73/0x80 [ 14.626007] kasan_report+0x141/0x180 [ 14.626029] ? strnlen+0x73/0x80 [ 14.626051] __asan_report_load1_noabort+0x18/0x20 [ 14.626077] strnlen+0x73/0x80 [ 14.626096] kasan_strings+0x615/0xe80 [ 14.626117] ? trace_hardirqs_on+0x37/0xe0 [ 14.626141] ? __pfx_kasan_strings+0x10/0x10 [ 14.626162] ? finish_task_switch.isra.0+0x153/0x700 [ 14.626185] ? __switch_to+0x47/0xf50 [ 14.626212] ? __schedule+0x10cc/0x2b60 [ 14.626235] ? __pfx_read_tsc+0x10/0x10 [ 14.626257] ? ktime_get_ts64+0x86/0x230 [ 14.626281] kunit_try_run_case+0x1a5/0x480 [ 14.626306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.626331] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.626357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.626382] ? __kthread_parkme+0x82/0x180 [ 14.626425] ? preempt_count_sub+0x50/0x80 [ 14.626459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.626485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.626510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.626537] kthread+0x337/0x6f0 [ 14.626627] ? trace_preempt_on+0x20/0xc0 [ 14.626652] ? __pfx_kthread+0x10/0x10 [ 14.626675] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.626698] ? calculate_sigpending+0x7b/0xa0 [ 14.626723] ? __pfx_kthread+0x10/0x10 [ 14.626745] ret_from_fork+0x116/0x1d0 [ 14.626765] ? __pfx_kthread+0x10/0x10 [ 14.626786] ret_from_fork_asm+0x1a/0x30 [ 14.626818] </TASK> [ 14.626829] [ 14.635152] Allocated by task 277: [ 14.635358] kasan_save_stack+0x45/0x70 [ 14.635598] kasan_save_track+0x18/0x40 [ 14.635802] kasan_save_alloc_info+0x3b/0x50 [ 14.636214] __kasan_kmalloc+0xb7/0xc0 [ 14.636408] __kmalloc_cache_noprof+0x189/0x420 [ 14.636656] kasan_strings+0xc0/0xe80 [ 14.636843] kunit_try_run_case+0x1a5/0x480 [ 14.637046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.637297] kthread+0x337/0x6f0 [ 14.637612] ret_from_fork+0x116/0x1d0 [ 14.637875] ret_from_fork_asm+0x1a/0x30 [ 14.638089] [ 14.638183] Freed by task 277: [ 14.638339] kasan_save_stack+0x45/0x70 [ 14.638634] kasan_save_track+0x18/0x40 [ 14.638827] kasan_save_free_info+0x3f/0x60 [ 14.639032] __kasan_slab_free+0x56/0x70 [ 14.639223] kfree+0x222/0x3f0 [ 14.639345] kasan_strings+0x2aa/0xe80 [ 14.639516] kunit_try_run_case+0x1a5/0x480 [ 14.639901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.640188] kthread+0x337/0x6f0 [ 14.640382] ret_from_fork+0x116/0x1d0 [ 14.640720] ret_from_fork_asm+0x1a/0x30 [ 14.640870] [ 14.640945] The buggy address belongs to the object at ffff888103445d40 [ 14.640945] which belongs to the cache kmalloc-32 of size 32 [ 14.641634] The buggy address is located 16 bytes inside of [ 14.641634] freed 32-byte region [ffff888103445d40, ffff888103445d60) [ 14.642137] [ 14.642235] The buggy address belongs to the physical page: [ 14.642503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103445 [ 14.642940] flags: 0x200000000000000(node=0|zone=2) [ 14.643135] page_type: f5(slab) [ 14.643324] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.643725] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.644011] page dumped because: kasan: bad access detected [ 14.644508] [ 14.644753] Memory state around the buggy address: [ 14.644978] ffff888103445c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.645195] ffff888103445c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.645513] >ffff888103445d00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.645953] ^ [ 14.646244] ffff888103445d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.646648] ffff888103445e00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.646974] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.599630] ================================================================== [ 14.599933] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.600345] Read of size 1 at addr ffff888103445d50 by task kunit_try_catch/277 [ 14.600893] [ 14.601008] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.601051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.601063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.601084] Call Trace: [ 14.601098] <TASK> [ 14.601112] dump_stack_lvl+0x73/0xb0 [ 14.601141] print_report+0xd1/0x610 [ 14.601164] ? __virt_addr_valid+0x1db/0x2d0 [ 14.601188] ? strlen+0x8f/0xb0 [ 14.601205] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.601229] ? strlen+0x8f/0xb0 [ 14.601247] kasan_report+0x141/0x180 [ 14.601270] ? strlen+0x8f/0xb0 [ 14.601292] __asan_report_load1_noabort+0x18/0x20 [ 14.601318] strlen+0x8f/0xb0 [ 14.601336] kasan_strings+0x57b/0xe80 [ 14.601356] ? trace_hardirqs_on+0x37/0xe0 [ 14.601381] ? __pfx_kasan_strings+0x10/0x10 [ 14.601402] ? finish_task_switch.isra.0+0x153/0x700 [ 14.601426] ? __switch_to+0x47/0xf50 [ 14.601464] ? __schedule+0x10cc/0x2b60 [ 14.601521] ? __pfx_read_tsc+0x10/0x10 [ 14.601557] ? ktime_get_ts64+0x86/0x230 [ 14.601582] kunit_try_run_case+0x1a5/0x480 [ 14.601621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601659] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.601685] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.601710] ? __kthread_parkme+0x82/0x180 [ 14.601732] ? preempt_count_sub+0x50/0x80 [ 14.601756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.601809] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.601851] kthread+0x337/0x6f0 [ 14.601871] ? trace_preempt_on+0x20/0xc0 [ 14.601908] ? __pfx_kthread+0x10/0x10 [ 14.601929] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.601953] ? calculate_sigpending+0x7b/0xa0 [ 14.601978] ? __pfx_kthread+0x10/0x10 [ 14.602000] ret_from_fork+0x116/0x1d0 [ 14.602020] ? __pfx_kthread+0x10/0x10 [ 14.602041] ret_from_fork_asm+0x1a/0x30 [ 14.602073] </TASK> [ 14.602083] [ 14.610973] Allocated by task 277: [ 14.611171] kasan_save_stack+0x45/0x70 [ 14.611407] kasan_save_track+0x18/0x40 [ 14.611717] kasan_save_alloc_info+0x3b/0x50 [ 14.611933] __kasan_kmalloc+0xb7/0xc0 [ 14.612126] __kmalloc_cache_noprof+0x189/0x420 [ 14.612349] kasan_strings+0xc0/0xe80 [ 14.612498] kunit_try_run_case+0x1a5/0x480 [ 14.612709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.613197] kthread+0x337/0x6f0 [ 14.613374] ret_from_fork+0x116/0x1d0 [ 14.613693] ret_from_fork_asm+0x1a/0x30 [ 14.613871] [ 14.613988] Freed by task 277: [ 14.614126] kasan_save_stack+0x45/0x70 [ 14.614338] kasan_save_track+0x18/0x40 [ 14.614642] kasan_save_free_info+0x3f/0x60 [ 14.614873] __kasan_slab_free+0x56/0x70 [ 14.615053] kfree+0x222/0x3f0 [ 14.615207] kasan_strings+0x2aa/0xe80 [ 14.615381] kunit_try_run_case+0x1a5/0x480 [ 14.615706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.615928] kthread+0x337/0x6f0 [ 14.616122] ret_from_fork+0x116/0x1d0 [ 14.616294] ret_from_fork_asm+0x1a/0x30 [ 14.616496] [ 14.616597] The buggy address belongs to the object at ffff888103445d40 [ 14.616597] which belongs to the cache kmalloc-32 of size 32 [ 14.616977] The buggy address is located 16 bytes inside of [ 14.616977] freed 32-byte region [ffff888103445d40, ffff888103445d60) [ 14.617419] [ 14.617525] The buggy address belongs to the physical page: [ 14.617784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103445 [ 14.618140] flags: 0x200000000000000(node=0|zone=2) [ 14.618357] page_type: f5(slab) [ 14.618905] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.619241] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.619502] page dumped because: kasan: bad access detected [ 14.619813] [ 14.619886] Memory state around the buggy address: [ 14.620043] ffff888103445c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.620372] ffff888103445c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.620937] >ffff888103445d00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.621274] ^ [ 14.621669] ffff888103445d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.621990] ffff888103445e00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.622315] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.578240] ================================================================== [ 14.578579] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.578948] Read of size 1 at addr ffff888103445d50 by task kunit_try_catch/277 [ 14.579166] [ 14.579252] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.579309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.579321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.579342] Call Trace: [ 14.579357] <TASK> [ 14.579372] dump_stack_lvl+0x73/0xb0 [ 14.579401] print_report+0xd1/0x610 [ 14.579493] ? __virt_addr_valid+0x1db/0x2d0 [ 14.579519] ? kasan_strings+0xcbc/0xe80 [ 14.579539] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.579682] ? kasan_strings+0xcbc/0xe80 [ 14.579711] kasan_report+0x141/0x180 [ 14.579735] ? kasan_strings+0xcbc/0xe80 [ 14.579761] __asan_report_load1_noabort+0x18/0x20 [ 14.579787] kasan_strings+0xcbc/0xe80 [ 14.579808] ? trace_hardirqs_on+0x37/0xe0 [ 14.579831] ? __pfx_kasan_strings+0x10/0x10 [ 14.579852] ? finish_task_switch.isra.0+0x153/0x700 [ 14.579876] ? __switch_to+0x47/0xf50 [ 14.579901] ? __schedule+0x10cc/0x2b60 [ 14.579925] ? __pfx_read_tsc+0x10/0x10 [ 14.579946] ? ktime_get_ts64+0x86/0x230 [ 14.579971] kunit_try_run_case+0x1a5/0x480 [ 14.579996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.580021] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.580047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.580072] ? __kthread_parkme+0x82/0x180 [ 14.580093] ? preempt_count_sub+0x50/0x80 [ 14.580117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.580143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.580168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.580194] kthread+0x337/0x6f0 [ 14.580214] ? trace_preempt_on+0x20/0xc0 [ 14.580237] ? __pfx_kthread+0x10/0x10 [ 14.580258] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.580286] ? calculate_sigpending+0x7b/0xa0 [ 14.580311] ? __pfx_kthread+0x10/0x10 [ 14.580333] ret_from_fork+0x116/0x1d0 [ 14.580353] ? __pfx_kthread+0x10/0x10 [ 14.580374] ret_from_fork_asm+0x1a/0x30 [ 14.580405] </TASK> [ 14.580423] [ 14.588101] Allocated by task 277: [ 14.588620] kasan_save_stack+0x45/0x70 [ 14.588847] kasan_save_track+0x18/0x40 [ 14.589042] kasan_save_alloc_info+0x3b/0x50 [ 14.589263] __kasan_kmalloc+0xb7/0xc0 [ 14.589493] __kmalloc_cache_noprof+0x189/0x420 [ 14.589840] kasan_strings+0xc0/0xe80 [ 14.590002] kunit_try_run_case+0x1a5/0x480 [ 14.590214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.590394] kthread+0x337/0x6f0 [ 14.590593] ret_from_fork+0x116/0x1d0 [ 14.590785] ret_from_fork_asm+0x1a/0x30 [ 14.590964] [ 14.591053] Freed by task 277: [ 14.591184] kasan_save_stack+0x45/0x70 [ 14.591368] kasan_save_track+0x18/0x40 [ 14.591600] kasan_save_free_info+0x3f/0x60 [ 14.591750] __kasan_slab_free+0x56/0x70 [ 14.591888] kfree+0x222/0x3f0 [ 14.592006] kasan_strings+0x2aa/0xe80 [ 14.592139] kunit_try_run_case+0x1a5/0x480 [ 14.592351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.592620] kthread+0x337/0x6f0 [ 14.592788] ret_from_fork+0x116/0x1d0 [ 14.592975] ret_from_fork_asm+0x1a/0x30 [ 14.593175] [ 14.593272] The buggy address belongs to the object at ffff888103445d40 [ 14.593272] which belongs to the cache kmalloc-32 of size 32 [ 14.594034] The buggy address is located 16 bytes inside of [ 14.594034] freed 32-byte region [ffff888103445d40, ffff888103445d60) [ 14.594440] [ 14.594523] The buggy address belongs to the physical page: [ 14.594762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103445 [ 14.595007] flags: 0x200000000000000(node=0|zone=2) [ 14.595206] page_type: f5(slab) [ 14.595374] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.595891] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.596269] page dumped because: kasan: bad access detected [ 14.596554] [ 14.596650] Memory state around the buggy address: [ 14.597086] ffff888103445c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.597435] ffff888103445c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.597855] >ffff888103445d00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.598200] ^ [ 14.598438] ffff888103445d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.598749] ffff888103445e00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.599124] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.555406] ================================================================== [ 14.556395] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.557183] Read of size 1 at addr ffff888103445d50 by task kunit_try_catch/277 [ 14.557516] [ 14.557637] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.557684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.557695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.557782] Call Trace: [ 14.557796] <TASK> [ 14.557812] dump_stack_lvl+0x73/0xb0 [ 14.557842] print_report+0xd1/0x610 [ 14.557867] ? __virt_addr_valid+0x1db/0x2d0 [ 14.557892] ? strcmp+0xb0/0xc0 [ 14.557909] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.557934] ? strcmp+0xb0/0xc0 [ 14.557952] kasan_report+0x141/0x180 [ 14.557974] ? strcmp+0xb0/0xc0 [ 14.557996] __asan_report_load1_noabort+0x18/0x20 [ 14.558022] strcmp+0xb0/0xc0 [ 14.558041] kasan_strings+0x431/0xe80 [ 14.558061] ? trace_hardirqs_on+0x37/0xe0 [ 14.558085] ? __pfx_kasan_strings+0x10/0x10 [ 14.558106] ? finish_task_switch.isra.0+0x153/0x700 [ 14.558131] ? __switch_to+0x47/0xf50 [ 14.558157] ? __schedule+0x10cc/0x2b60 [ 14.558181] ? __pfx_read_tsc+0x10/0x10 [ 14.558203] ? ktime_get_ts64+0x86/0x230 [ 14.558229] kunit_try_run_case+0x1a5/0x480 [ 14.558254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.558279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.558304] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.558330] ? __kthread_parkme+0x82/0x180 [ 14.558352] ? preempt_count_sub+0x50/0x80 [ 14.558377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.558402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.558427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.558468] kthread+0x337/0x6f0 [ 14.558488] ? trace_preempt_on+0x20/0xc0 [ 14.558511] ? __pfx_kthread+0x10/0x10 [ 14.558532] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.558555] ? calculate_sigpending+0x7b/0xa0 [ 14.558625] ? __pfx_kthread+0x10/0x10 [ 14.558647] ret_from_fork+0x116/0x1d0 [ 14.558668] ? __pfx_kthread+0x10/0x10 [ 14.558688] ret_from_fork_asm+0x1a/0x30 [ 14.558719] </TASK> [ 14.558729] [ 14.566740] Allocated by task 277: [ 14.566926] kasan_save_stack+0x45/0x70 [ 14.567133] kasan_save_track+0x18/0x40 [ 14.567270] kasan_save_alloc_info+0x3b/0x50 [ 14.567717] __kasan_kmalloc+0xb7/0xc0 [ 14.567868] __kmalloc_cache_noprof+0x189/0x420 [ 14.568029] kasan_strings+0xc0/0xe80 [ 14.568190] kunit_try_run_case+0x1a5/0x480 [ 14.568403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.568653] kthread+0x337/0x6f0 [ 14.568775] ret_from_fork+0x116/0x1d0 [ 14.569063] ret_from_fork_asm+0x1a/0x30 [ 14.569268] [ 14.569351] Freed by task 277: [ 14.569646] kasan_save_stack+0x45/0x70 [ 14.569807] kasan_save_track+0x18/0x40 [ 14.569942] kasan_save_free_info+0x3f/0x60 [ 14.570090] __kasan_slab_free+0x56/0x70 [ 14.570260] kfree+0x222/0x3f0 [ 14.570427] kasan_strings+0x2aa/0xe80 [ 14.570820] kunit_try_run_case+0x1a5/0x480 [ 14.571046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.571311] kthread+0x337/0x6f0 [ 14.571520] ret_from_fork+0x116/0x1d0 [ 14.571865] ret_from_fork_asm+0x1a/0x30 [ 14.572015] [ 14.572088] The buggy address belongs to the object at ffff888103445d40 [ 14.572088] which belongs to the cache kmalloc-32 of size 32 [ 14.572573] The buggy address is located 16 bytes inside of [ 14.572573] freed 32-byte region [ffff888103445d40, ffff888103445d60) [ 14.573289] [ 14.573364] The buggy address belongs to the physical page: [ 14.573551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103445 [ 14.573970] flags: 0x200000000000000(node=0|zone=2) [ 14.574221] page_type: f5(slab) [ 14.574393] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.574761] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.575156] page dumped because: kasan: bad access detected [ 14.575380] [ 14.575500] Memory state around the buggy address: [ 14.575656] ffff888103445c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.576249] ffff888103445c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.576609] >ffff888103445d00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.576939] ^ [ 14.577127] ffff888103445d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.577438] ffff888103445e00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.577801] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.522497] ================================================================== [ 14.523314] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.523951] Read of size 1 at addr ffff8881026d0c58 by task kunit_try_catch/275 [ 14.524274] [ 14.524389] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.524778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.524794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.524816] Call Trace: [ 14.524829] <TASK> [ 14.524845] dump_stack_lvl+0x73/0xb0 [ 14.524875] print_report+0xd1/0x610 [ 14.524908] ? __virt_addr_valid+0x1db/0x2d0 [ 14.524932] ? memcmp+0x1b4/0x1d0 [ 14.524950] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.524975] ? memcmp+0x1b4/0x1d0 [ 14.524993] kasan_report+0x141/0x180 [ 14.525015] ? memcmp+0x1b4/0x1d0 [ 14.525038] __asan_report_load1_noabort+0x18/0x20 [ 14.525064] memcmp+0x1b4/0x1d0 [ 14.525084] kasan_memcmp+0x18f/0x390 [ 14.525104] ? trace_hardirqs_on+0x37/0xe0 [ 14.525129] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.525150] ? finish_task_switch.isra.0+0x153/0x700 [ 14.525174] ? __switch_to+0x47/0xf50 [ 14.525204] ? __pfx_read_tsc+0x10/0x10 [ 14.525225] ? ktime_get_ts64+0x86/0x230 [ 14.525250] kunit_try_run_case+0x1a5/0x480 [ 14.525276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.525301] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.525326] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.525351] ? __kthread_parkme+0x82/0x180 [ 14.525372] ? preempt_count_sub+0x50/0x80 [ 14.525396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.525466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.525493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.525519] kthread+0x337/0x6f0 [ 14.525539] ? trace_preempt_on+0x20/0xc0 [ 14.525563] ? __pfx_kthread+0x10/0x10 [ 14.525584] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.525607] ? calculate_sigpending+0x7b/0xa0 [ 14.525633] ? __pfx_kthread+0x10/0x10 [ 14.525656] ret_from_fork+0x116/0x1d0 [ 14.525676] ? __pfx_kthread+0x10/0x10 [ 14.525698] ret_from_fork_asm+0x1a/0x30 [ 14.525730] </TASK> [ 14.525741] [ 14.536234] Allocated by task 275: [ 14.536749] kasan_save_stack+0x45/0x70 [ 14.537031] kasan_save_track+0x18/0x40 [ 14.537326] kasan_save_alloc_info+0x3b/0x50 [ 14.537721] __kasan_kmalloc+0xb7/0xc0 [ 14.538034] __kmalloc_cache_noprof+0x189/0x420 [ 14.538262] kasan_memcmp+0xb7/0x390 [ 14.538653] kunit_try_run_case+0x1a5/0x480 [ 14.538903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.539265] kthread+0x337/0x6f0 [ 14.539637] ret_from_fork+0x116/0x1d0 [ 14.539889] ret_from_fork_asm+0x1a/0x30 [ 14.540086] [ 14.540179] The buggy address belongs to the object at ffff8881026d0c40 [ 14.540179] which belongs to the cache kmalloc-32 of size 32 [ 14.541030] The buggy address is located 0 bytes to the right of [ 14.541030] allocated 24-byte region [ffff8881026d0c40, ffff8881026d0c58) [ 14.541910] [ 14.542012] The buggy address belongs to the physical page: [ 14.542250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d0 [ 14.542959] flags: 0x200000000000000(node=0|zone=2) [ 14.543276] page_type: f5(slab) [ 14.543599] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.543923] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.544230] page dumped because: kasan: bad access detected [ 14.544686] [ 14.544918] Memory state around the buggy address: [ 14.545248] ffff8881026d0b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.545929] ffff8881026d0b80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.546356] >ffff8881026d0c00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.546898] ^ [ 14.547164] ffff8881026d0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.547688] ffff8881026d0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.548215] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.491251] ================================================================== [ 14.491646] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.491886] Read of size 1 at addr ffff888103b1fc4a by task kunit_try_catch/271 [ 14.492097] [ 14.492183] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.492229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.492240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.492262] Call Trace: [ 14.492274] <TASK> [ 14.492295] dump_stack_lvl+0x73/0xb0 [ 14.492323] print_report+0xd1/0x610 [ 14.492347] ? __virt_addr_valid+0x1db/0x2d0 [ 14.492369] ? kasan_alloca_oob_right+0x329/0x390 [ 14.492391] ? kasan_addr_to_slab+0x11/0xa0 [ 14.492412] ? kasan_alloca_oob_right+0x329/0x390 [ 14.492435] kasan_report+0x141/0x180 [ 14.492468] ? kasan_alloca_oob_right+0x329/0x390 [ 14.492496] __asan_report_load1_noabort+0x18/0x20 [ 14.492521] kasan_alloca_oob_right+0x329/0x390 [ 14.492543] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.492565] ? finish_task_switch.isra.0+0x153/0x700 [ 14.492587] ? __schedule+0x200e/0x2b60 [ 14.492608] ? trace_hardirqs_on+0x37/0xe0 [ 14.492632] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.492657] ? __schedule+0x10cc/0x2b60 [ 14.492678] ? __pfx_read_tsc+0x10/0x10 [ 14.492698] ? ktime_get_ts64+0x86/0x230 [ 14.492723] kunit_try_run_case+0x1a5/0x480 [ 14.492746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.492769] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.492792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.492815] ? __kthread_parkme+0x82/0x180 [ 14.492836] ? preempt_count_sub+0x50/0x80 [ 14.492858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.492883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.492906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.492930] kthread+0x337/0x6f0 [ 14.492949] ? trace_preempt_on+0x20/0xc0 [ 14.492970] ? __pfx_kthread+0x10/0x10 [ 14.492990] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.493011] ? calculate_sigpending+0x7b/0xa0 [ 14.493035] ? __pfx_kthread+0x10/0x10 [ 14.493056] ret_from_fork+0x116/0x1d0 [ 14.493074] ? __pfx_kthread+0x10/0x10 [ 14.493094] ret_from_fork_asm+0x1a/0x30 [ 14.493124] </TASK> [ 14.493134] [ 14.506279] The buggy address belongs to stack of task kunit_try_catch/271 [ 14.506964] [ 14.507140] The buggy address belongs to the physical page: [ 14.507778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b1f [ 14.508138] flags: 0x200000000000000(node=0|zone=2) [ 14.508377] raw: 0200000000000000 ffffea00040ec7c8 ffffea00040ec7c8 0000000000000000 [ 14.509122] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.509664] page dumped because: kasan: bad access detected [ 14.510110] [ 14.510331] Memory state around the buggy address: [ 14.510625] ffff888103b1fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.510930] ffff888103b1fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.511223] >ffff888103b1fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.511957] ^ [ 14.512391] ffff888103b1fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.512968] ffff888103b1fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.513277] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.467270] ================================================================== [ 14.468151] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.468486] Read of size 1 at addr ffff888103b17c3f by task kunit_try_catch/269 [ 14.469041] [ 14.469154] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.469202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.469214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.469236] Call Trace: [ 14.469249] <TASK> [ 14.469264] dump_stack_lvl+0x73/0xb0 [ 14.469296] print_report+0xd1/0x610 [ 14.469321] ? __virt_addr_valid+0x1db/0x2d0 [ 14.469345] ? kasan_alloca_oob_left+0x320/0x380 [ 14.469368] ? kasan_addr_to_slab+0x11/0xa0 [ 14.469390] ? kasan_alloca_oob_left+0x320/0x380 [ 14.469424] kasan_report+0x141/0x180 [ 14.469460] ? kasan_alloca_oob_left+0x320/0x380 [ 14.469489] __asan_report_load1_noabort+0x18/0x20 [ 14.469514] kasan_alloca_oob_left+0x320/0x380 [ 14.469539] ? finish_task_switch.isra.0+0x153/0x700 [ 14.469565] ? __schedule+0x200e/0x2b60 [ 14.469587] ? trace_hardirqs_on+0x37/0xe0 [ 14.469613] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.469640] ? __schedule+0x10cc/0x2b60 [ 14.469661] ? __pfx_read_tsc+0x10/0x10 [ 14.469684] ? ktime_get_ts64+0x86/0x230 [ 14.469709] kunit_try_run_case+0x1a5/0x480 [ 14.469735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.469830] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.469857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.469882] ? __kthread_parkme+0x82/0x180 [ 14.469905] ? preempt_count_sub+0x50/0x80 [ 14.469929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.469955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.469981] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.470008] kthread+0x337/0x6f0 [ 14.470027] ? trace_preempt_on+0x20/0xc0 [ 14.470051] ? __pfx_kthread+0x10/0x10 [ 14.470073] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.470095] ? calculate_sigpending+0x7b/0xa0 [ 14.470121] ? __pfx_kthread+0x10/0x10 [ 14.470143] ret_from_fork+0x116/0x1d0 [ 14.470163] ? __pfx_kthread+0x10/0x10 [ 14.470185] ret_from_fork_asm+0x1a/0x30 [ 14.470216] </TASK> [ 14.470226] [ 14.481221] The buggy address belongs to stack of task kunit_try_catch/269 [ 14.481799] [ 14.481899] The buggy address belongs to the physical page: [ 14.482139] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b17 [ 14.482704] flags: 0x200000000000000(node=0|zone=2) [ 14.483188] raw: 0200000000000000 ffffea00040ec5c8 ffffea00040ec5c8 0000000000000000 [ 14.483985] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.484373] page dumped because: kasan: bad access detected [ 14.484757] [ 14.485161] Memory state around the buggy address: [ 14.485387] ffff888103b17b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.485916] ffff888103b17b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.486350] >ffff888103b17c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.486856] ^ [ 14.487085] ffff888103b17c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.487380] ffff888103b17d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.488110] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.418726] ================================================================== [ 14.419256] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.419648] Read of size 1 at addr ffffffffa3263e8d by task kunit_try_catch/263 [ 14.419919] [ 14.420049] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.420097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.420109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.420131] Call Trace: [ 14.420144] <TASK> [ 14.420160] dump_stack_lvl+0x73/0xb0 [ 14.420191] print_report+0xd1/0x610 [ 14.420214] ? __virt_addr_valid+0x1db/0x2d0 [ 14.420238] ? kasan_global_oob_right+0x286/0x2d0 [ 14.420261] ? kasan_addr_to_slab+0x11/0xa0 [ 14.420288] ? kasan_global_oob_right+0x286/0x2d0 [ 14.420311] kasan_report+0x141/0x180 [ 14.420333] ? kasan_global_oob_right+0x286/0x2d0 [ 14.420361] __asan_report_load1_noabort+0x18/0x20 [ 14.420386] kasan_global_oob_right+0x286/0x2d0 [ 14.420409] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.420437] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.420478] kunit_try_run_case+0x1a5/0x480 [ 14.420503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.420527] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.420698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.420728] ? __kthread_parkme+0x82/0x180 [ 14.420753] ? preempt_count_sub+0x50/0x80 [ 14.420777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.420803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.420830] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.420856] kthread+0x337/0x6f0 [ 14.420876] ? trace_preempt_on+0x20/0xc0 [ 14.420902] ? __pfx_kthread+0x10/0x10 [ 14.420923] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.420945] ? calculate_sigpending+0x7b/0xa0 [ 14.420971] ? __pfx_kthread+0x10/0x10 [ 14.420993] ret_from_fork+0x116/0x1d0 [ 14.421014] ? __pfx_kthread+0x10/0x10 [ 14.421035] ret_from_fork_asm+0x1a/0x30 [ 14.421067] </TASK> [ 14.421077] [ 14.428561] The buggy address belongs to the variable: [ 14.428877] global_array+0xd/0x40 [ 14.429042] [ 14.429156] The buggy address belongs to the physical page: [ 14.429368] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11463 [ 14.429708] flags: 0x100000000002000(reserved|node=0|zone=1) [ 14.430041] raw: 0100000000002000 ffffea00004518c8 ffffea00004518c8 0000000000000000 [ 14.430363] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.430664] page dumped because: kasan: bad access detected [ 14.430914] [ 14.431006] Memory state around the buggy address: [ 14.431274] ffffffffa3263d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.431799] ffffffffa3263e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.432119] >ffffffffa3263e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.432336] ^ [ 14.432499] ffffffffa3263f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.432889] ffffffffa3263f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.433238] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.394635] ================================================================== [ 14.395105] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.395613] Free of addr ffff888103a24001 by task kunit_try_catch/261 [ 14.396095] [ 14.396193] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.396240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.396252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.396275] Call Trace: [ 14.396290] <TASK> [ 14.396306] dump_stack_lvl+0x73/0xb0 [ 14.396371] print_report+0xd1/0x610 [ 14.396396] ? __virt_addr_valid+0x1db/0x2d0 [ 14.396422] ? kasan_addr_to_slab+0x11/0xa0 [ 14.396443] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.396483] kasan_report_invalid_free+0x10a/0x130 [ 14.396521] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.396551] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.396593] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.396620] mempool_free+0x2ec/0x380 [ 14.396648] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.396676] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.396704] ? update_curr+0x5c1/0x810 [ 14.396734] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.396761] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.396788] ? schedule+0x7c/0x2e0 [ 14.396811] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.396835] ? __pfx_mempool_kfree+0x10/0x10 [ 14.396861] ? __pfx_read_tsc+0x10/0x10 [ 14.396882] ? ktime_get_ts64+0x86/0x230 [ 14.396908] kunit_try_run_case+0x1a5/0x480 [ 14.396935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.396959] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.396985] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.397010] ? __kthread_parkme+0x82/0x180 [ 14.397032] ? preempt_count_sub+0x50/0x80 [ 14.397057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.397082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.397109] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.397135] kthread+0x337/0x6f0 [ 14.397154] ? trace_preempt_on+0x20/0xc0 [ 14.397178] ? __pfx_kthread+0x10/0x10 [ 14.397199] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.397221] ? calculate_sigpending+0x7b/0xa0 [ 14.397247] ? __pfx_kthread+0x10/0x10 [ 14.397269] ret_from_fork+0x116/0x1d0 [ 14.397288] ? __pfx_kthread+0x10/0x10 [ 14.397309] ret_from_fork_asm+0x1a/0x30 [ 14.397342] </TASK> [ 14.397353] [ 14.407023] The buggy address belongs to the physical page: [ 14.407323] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a24 [ 14.407815] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.408069] flags: 0x200000000000040(head|node=0|zone=2) [ 14.408327] page_type: f8(unknown) [ 14.408635] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.408887] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.409185] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.409597] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.409908] head: 0200000000000002 ffffea00040e8901 00000000ffffffff 00000000ffffffff [ 14.410138] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.410620] page dumped because: kasan: bad access detected [ 14.410888] [ 14.410983] Memory state around the buggy address: [ 14.411492] ffff888103a23f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.411877] ffff888103a23f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.412150] >ffff888103a24000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.412545] ^ [ 14.412792] ffff888103a24080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.413122] ffff888103a24100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.413417] ================================================================== [ 14.370712] ================================================================== [ 14.371344] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.371791] Free of addr ffff888103434701 by task kunit_try_catch/259 [ 14.372150] [ 14.372263] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.372313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.372324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.372346] Call Trace: [ 14.372359] <TASK> [ 14.372376] dump_stack_lvl+0x73/0xb0 [ 14.372408] print_report+0xd1/0x610 [ 14.372594] ? __virt_addr_valid+0x1db/0x2d0 [ 14.372620] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.372644] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.372672] kasan_report_invalid_free+0x10a/0x130 [ 14.372697] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.372742] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.372770] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.372796] check_slab_allocation+0x11f/0x130 [ 14.372820] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.372846] mempool_free+0x2ec/0x380 [ 14.372874] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.372922] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.372951] ? kasan_save_track+0x18/0x40 [ 14.372971] ? kasan_save_alloc_info+0x3b/0x50 [ 14.372995] ? kasan_save_stack+0x45/0x70 [ 14.373020] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.373045] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.373074] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.373097] ? __pfx_mempool_kfree+0x10/0x10 [ 14.373123] ? __pfx_read_tsc+0x10/0x10 [ 14.373146] ? ktime_get_ts64+0x86/0x230 [ 14.373171] kunit_try_run_case+0x1a5/0x480 [ 14.373197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.373221] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.373246] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.373271] ? __kthread_parkme+0x82/0x180 [ 14.373293] ? preempt_count_sub+0x50/0x80 [ 14.373317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.373342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.373367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.373393] kthread+0x337/0x6f0 [ 14.373423] ? trace_preempt_on+0x20/0xc0 [ 14.373457] ? __pfx_kthread+0x10/0x10 [ 14.373479] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.373501] ? calculate_sigpending+0x7b/0xa0 [ 14.373527] ? __pfx_kthread+0x10/0x10 [ 14.373549] ret_from_fork+0x116/0x1d0 [ 14.373569] ? __pfx_kthread+0x10/0x10 [ 14.373590] ret_from_fork_asm+0x1a/0x30 [ 14.373622] </TASK> [ 14.373632] [ 14.382328] Allocated by task 259: [ 14.382555] kasan_save_stack+0x45/0x70 [ 14.382750] kasan_save_track+0x18/0x40 [ 14.382918] kasan_save_alloc_info+0x3b/0x50 [ 14.383109] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.383339] remove_element+0x11e/0x190 [ 14.383562] mempool_alloc_preallocated+0x4d/0x90 [ 14.383773] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.384032] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.384241] kunit_try_run_case+0x1a5/0x480 [ 14.384388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.384567] kthread+0x337/0x6f0 [ 14.384684] ret_from_fork+0x116/0x1d0 [ 14.384813] ret_from_fork_asm+0x1a/0x30 [ 14.385164] [ 14.385263] The buggy address belongs to the object at ffff888103434700 [ 14.385263] which belongs to the cache kmalloc-128 of size 128 [ 14.385792] The buggy address is located 1 bytes inside of [ 14.385792] 128-byte region [ffff888103434700, ffff888103434780) [ 14.386170] [ 14.386240] The buggy address belongs to the physical page: [ 14.386408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103434 [ 14.386774] flags: 0x200000000000000(node=0|zone=2) [ 14.387046] page_type: f5(slab) [ 14.387221] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.387614] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.387953] page dumped because: kasan: bad access detected [ 14.388180] [ 14.388248] Memory state around the buggy address: [ 14.388406] ffff888103434600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.388830] ffff888103434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.389134] >ffff888103434700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.389358] ^ [ 14.389478] ffff888103434780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.389685] ffff888103434800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.389999] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.346146] ================================================================== [ 14.346847] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.347826] Free of addr ffff888103a64000 by task kunit_try_catch/257 [ 14.348058] [ 14.348259] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.348317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.348329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.348350] Call Trace: [ 14.348363] <TASK> [ 14.348398] dump_stack_lvl+0x73/0xb0 [ 14.348432] print_report+0xd1/0x610 [ 14.348467] ? __virt_addr_valid+0x1db/0x2d0 [ 14.348510] ? kasan_addr_to_slab+0x11/0xa0 [ 14.348532] ? mempool_double_free_helper+0x184/0x370 [ 14.348558] kasan_report_invalid_free+0x10a/0x130 [ 14.348691] ? mempool_double_free_helper+0x184/0x370 [ 14.348720] ? mempool_double_free_helper+0x184/0x370 [ 14.348745] __kasan_mempool_poison_pages+0x115/0x130 [ 14.348771] mempool_free+0x290/0x380 [ 14.348799] mempool_double_free_helper+0x184/0x370 [ 14.348824] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.348848] ? update_load_avg+0x1be/0x21b0 [ 14.348877] ? finish_task_switch.isra.0+0x153/0x700 [ 14.348904] mempool_page_alloc_double_free+0xe8/0x140 [ 14.348933] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.348964] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.348988] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.349015] ? __pfx_read_tsc+0x10/0x10 [ 14.349037] ? ktime_get_ts64+0x86/0x230 [ 14.349063] kunit_try_run_case+0x1a5/0x480 [ 14.349089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.349113] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.349138] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.349163] ? __kthread_parkme+0x82/0x180 [ 14.349185] ? preempt_count_sub+0x50/0x80 [ 14.349209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.349234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.349260] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.349286] kthread+0x337/0x6f0 [ 14.349305] ? trace_preempt_on+0x20/0xc0 [ 14.349330] ? __pfx_kthread+0x10/0x10 [ 14.349351] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.349372] ? calculate_sigpending+0x7b/0xa0 [ 14.349397] ? __pfx_kthread+0x10/0x10 [ 14.349420] ret_from_fork+0x116/0x1d0 [ 14.349439] ? __pfx_kthread+0x10/0x10 [ 14.349475] ret_from_fork_asm+0x1a/0x30 [ 14.349505] </TASK> [ 14.349516] [ 14.359139] The buggy address belongs to the physical page: [ 14.359417] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a64 [ 14.359984] flags: 0x200000000000000(node=0|zone=2) [ 14.360165] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.360732] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.361181] page dumped because: kasan: bad access detected [ 14.361407] [ 14.361491] Memory state around the buggy address: [ 14.361735] ffff888103a63f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.362153] ffff888103a63f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.362476] >ffff888103a64000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.362884] ^ [ 14.363006] ffff888103a64080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.363347] ffff888103a64100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.363691] ================================================================== [ 14.325321] ================================================================== [ 14.326124] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.326443] Free of addr ffff888103a64000 by task kunit_try_catch/255 [ 14.326814] [ 14.326936] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.326984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.326996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.327018] Call Trace: [ 14.327053] <TASK> [ 14.327069] dump_stack_lvl+0x73/0xb0 [ 14.327102] print_report+0xd1/0x610 [ 14.327127] ? __virt_addr_valid+0x1db/0x2d0 [ 14.327153] ? kasan_addr_to_slab+0x11/0xa0 [ 14.327175] ? mempool_double_free_helper+0x184/0x370 [ 14.327202] kasan_report_invalid_free+0x10a/0x130 [ 14.327250] ? mempool_double_free_helper+0x184/0x370 [ 14.327279] ? mempool_double_free_helper+0x184/0x370 [ 14.327304] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.327330] mempool_free+0x2ec/0x380 [ 14.327358] mempool_double_free_helper+0x184/0x370 [ 14.327384] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.327422] ? __kasan_check_write+0x18/0x20 [ 14.327473] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.327498] ? finish_task_switch.isra.0+0x153/0x700 [ 14.327526] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.327553] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.327636] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.327660] ? __pfx_mempool_kfree+0x10/0x10 [ 14.327686] ? __pfx_read_tsc+0x10/0x10 [ 14.327729] ? ktime_get_ts64+0x86/0x230 [ 14.327755] kunit_try_run_case+0x1a5/0x480 [ 14.327783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.327807] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.327833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.327858] ? __kthread_parkme+0x82/0x180 [ 14.327881] ? preempt_count_sub+0x50/0x80 [ 14.327906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.327931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.327956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.327982] kthread+0x337/0x6f0 [ 14.328003] ? trace_preempt_on+0x20/0xc0 [ 14.328027] ? __pfx_kthread+0x10/0x10 [ 14.328047] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.328070] ? calculate_sigpending+0x7b/0xa0 [ 14.328095] ? __pfx_kthread+0x10/0x10 [ 14.328117] ret_from_fork+0x116/0x1d0 [ 14.328136] ? __pfx_kthread+0x10/0x10 [ 14.328157] ret_from_fork_asm+0x1a/0x30 [ 14.328189] </TASK> [ 14.328199] [ 14.337130] The buggy address belongs to the physical page: [ 14.337438] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a64 [ 14.337840] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.338135] flags: 0x200000000000040(head|node=0|zone=2) [ 14.338393] page_type: f8(unknown) [ 14.338551] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.338899] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.339266] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.339842] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.340081] head: 0200000000000002 ffffea00040e9901 00000000ffffffff 00000000ffffffff [ 14.340372] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.340874] page dumped because: kasan: bad access detected [ 14.341051] [ 14.341144] Memory state around the buggy address: [ 14.341369] ffff888103a63f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.341834] ffff888103a63f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.342076] >ffff888103a64000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.342415] ^ [ 14.342629] ffff888103a64080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.342999] ffff888103a64100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.343305] ================================================================== [ 14.293904] ================================================================== [ 14.295087] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.295344] Free of addr ffff8881026ce500 by task kunit_try_catch/253 [ 14.296585] [ 14.297019] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.297072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.297085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.297117] Call Trace: [ 14.297129] <TASK> [ 14.297146] dump_stack_lvl+0x73/0xb0 [ 14.297178] print_report+0xd1/0x610 [ 14.297202] ? __virt_addr_valid+0x1db/0x2d0 [ 14.297228] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.297252] ? mempool_double_free_helper+0x184/0x370 [ 14.297277] kasan_report_invalid_free+0x10a/0x130 [ 14.297302] ? mempool_double_free_helper+0x184/0x370 [ 14.297330] ? mempool_double_free_helper+0x184/0x370 [ 14.297353] ? mempool_double_free_helper+0x184/0x370 [ 14.297377] check_slab_allocation+0x101/0x130 [ 14.297400] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.297702] mempool_free+0x2ec/0x380 [ 14.297737] mempool_double_free_helper+0x184/0x370 [ 14.297763] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.297790] ? update_curr+0x5c1/0x810 [ 14.297820] mempool_kmalloc_double_free+0xed/0x140 [ 14.297845] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.297871] ? schedule+0x7c/0x2e0 [ 14.297894] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.297917] ? __pfx_mempool_kfree+0x10/0x10 [ 14.297943] ? __pfx_read_tsc+0x10/0x10 [ 14.297965] ? ktime_get_ts64+0x86/0x230 [ 14.297987] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.298014] kunit_try_run_case+0x1a5/0x480 [ 14.298041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.298067] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.298092] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 14.298115] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 14.298142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.298166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.298191] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.298217] kthread+0x337/0x6f0 [ 14.298237] ? trace_preempt_on+0x20/0xc0 [ 14.298261] ? __pfx_kthread+0x10/0x10 [ 14.298282] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.298304] ? calculate_sigpending+0x7b/0xa0 [ 14.298329] ? __pfx_kthread+0x10/0x10 [ 14.298351] ret_from_fork+0x116/0x1d0 [ 14.298369] ? __pfx_kthread+0x10/0x10 [ 14.298390] ret_from_fork_asm+0x1a/0x30 [ 14.298421] </TASK> [ 14.298432] [ 14.309148] Allocated by task 253: [ 14.309355] kasan_save_stack+0x45/0x70 [ 14.309678] kasan_save_track+0x18/0x40 [ 14.309904] kasan_save_alloc_info+0x3b/0x50 [ 14.310142] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.310410] remove_element+0x11e/0x190 [ 14.310889] mempool_alloc_preallocated+0x4d/0x90 [ 14.311080] mempool_double_free_helper+0x8a/0x370 [ 14.311380] mempool_kmalloc_double_free+0xed/0x140 [ 14.311696] kunit_try_run_case+0x1a5/0x480 [ 14.312081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.312340] kthread+0x337/0x6f0 [ 14.312543] ret_from_fork+0x116/0x1d0 [ 14.312785] ret_from_fork_asm+0x1a/0x30 [ 14.313024] [ 14.313146] Freed by task 253: [ 14.313314] kasan_save_stack+0x45/0x70 [ 14.313641] kasan_save_track+0x18/0x40 [ 14.313853] kasan_save_free_info+0x3f/0x60 [ 14.314004] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.314251] mempool_free+0x2ec/0x380 [ 14.314511] mempool_double_free_helper+0x109/0x370 [ 14.314819] mempool_kmalloc_double_free+0xed/0x140 [ 14.314989] kunit_try_run_case+0x1a5/0x480 [ 14.315196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.315475] kthread+0x337/0x6f0 [ 14.315646] ret_from_fork+0x116/0x1d0 [ 14.315830] ret_from_fork_asm+0x1a/0x30 [ 14.316035] [ 14.316133] The buggy address belongs to the object at ffff8881026ce500 [ 14.316133] which belongs to the cache kmalloc-128 of size 128 [ 14.316900] The buggy address is located 0 bytes inside of [ 14.316900] 128-byte region [ffff8881026ce500, ffff8881026ce580) [ 14.317435] [ 14.317598] The buggy address belongs to the physical page: [ 14.317867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.318251] flags: 0x200000000000000(node=0|zone=2) [ 14.318480] page_type: f5(slab) [ 14.318672] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.319003] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.319458] page dumped because: kasan: bad access detected [ 14.319842] [ 14.319941] Memory state around the buggy address: [ 14.320164] ffff8881026ce400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.320510] ffff8881026ce480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.321010] >ffff8881026ce500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.321347] ^ [ 14.321650] ffff8881026ce580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.321981] ffff8881026ce600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.322307] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.272956] ================================================================== [ 14.273415] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.273836] Read of size 1 at addr ffff888103a64000 by task kunit_try_catch/251 [ 14.274116] [ 14.274235] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.274281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.274295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.274317] Call Trace: [ 14.274331] <TASK> [ 14.274347] dump_stack_lvl+0x73/0xb0 [ 14.274380] print_report+0xd1/0x610 [ 14.274425] ? __virt_addr_valid+0x1db/0x2d0 [ 14.274463] ? mempool_uaf_helper+0x392/0x400 [ 14.274486] ? kasan_addr_to_slab+0x11/0xa0 [ 14.274508] ? mempool_uaf_helper+0x392/0x400 [ 14.274532] kasan_report+0x141/0x180 [ 14.274579] ? mempool_uaf_helper+0x392/0x400 [ 14.274607] __asan_report_load1_noabort+0x18/0x20 [ 14.274633] mempool_uaf_helper+0x392/0x400 [ 14.274656] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.274681] ? __kasan_check_write+0x18/0x20 [ 14.274702] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.274726] ? finish_task_switch.isra.0+0x153/0x700 [ 14.274755] mempool_page_alloc_uaf+0xed/0x140 [ 14.274779] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.274808] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.274834] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.274861] ? __pfx_read_tsc+0x10/0x10 [ 14.274883] ? ktime_get_ts64+0x86/0x230 [ 14.274908] kunit_try_run_case+0x1a5/0x480 [ 14.274935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.274958] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.274984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.275008] ? __kthread_parkme+0x82/0x180 [ 14.275030] ? preempt_count_sub+0x50/0x80 [ 14.275054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.275078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.275103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.275129] kthread+0x337/0x6f0 [ 14.275148] ? trace_preempt_on+0x20/0xc0 [ 14.275173] ? __pfx_kthread+0x10/0x10 [ 14.275194] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.275215] ? calculate_sigpending+0x7b/0xa0 [ 14.275241] ? __pfx_kthread+0x10/0x10 [ 14.275262] ret_from_fork+0x116/0x1d0 [ 14.275282] ? __pfx_kthread+0x10/0x10 [ 14.275302] ret_from_fork_asm+0x1a/0x30 [ 14.275334] </TASK> [ 14.275344] [ 14.284306] The buggy address belongs to the physical page: [ 14.284528] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a64 [ 14.284956] flags: 0x200000000000000(node=0|zone=2) [ 14.285206] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.285595] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.285869] page dumped because: kasan: bad access detected [ 14.286120] [ 14.286212] Memory state around the buggy address: [ 14.286432] ffff888103a63f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.286735] ffff888103a63f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.287022] >ffff888103a64000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.287281] ^ [ 14.287682] ffff888103a64080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.287987] ffff888103a64100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.288231] ================================================================== [ 14.217334] ================================================================== [ 14.218259] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.218896] Read of size 1 at addr ffff888103a20000 by task kunit_try_catch/246 [ 14.219207] [ 14.219299] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.219347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.219360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.219382] Call Trace: [ 14.219394] <TASK> [ 14.219410] dump_stack_lvl+0x73/0xb0 [ 14.219441] print_report+0xd1/0x610 [ 14.219480] ? __virt_addr_valid+0x1db/0x2d0 [ 14.219504] ? mempool_uaf_helper+0x392/0x400 [ 14.219527] ? kasan_addr_to_slab+0x11/0xa0 [ 14.219548] ? mempool_uaf_helper+0x392/0x400 [ 14.219582] kasan_report+0x141/0x180 [ 14.219605] ? mempool_uaf_helper+0x392/0x400 [ 14.219633] __asan_report_load1_noabort+0x18/0x20 [ 14.219658] mempool_uaf_helper+0x392/0x400 [ 14.219683] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.219706] ? update_load_avg+0x1be/0x21b0 [ 14.219735] ? finish_task_switch.isra.0+0x153/0x700 [ 14.219761] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.219786] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.219814] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.219840] ? __pfx_mempool_kfree+0x10/0x10 [ 14.219866] ? __pfx_read_tsc+0x10/0x10 [ 14.219888] ? ktime_get_ts64+0x86/0x230 [ 14.219913] kunit_try_run_case+0x1a5/0x480 [ 14.219939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.219962] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.219989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.220014] ? __kthread_parkme+0x82/0x180 [ 14.220035] ? preempt_count_sub+0x50/0x80 [ 14.220059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.220084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.220109] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.220135] kthread+0x337/0x6f0 [ 14.220155] ? trace_preempt_on+0x20/0xc0 [ 14.220180] ? __pfx_kthread+0x10/0x10 [ 14.220201] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.220224] ? calculate_sigpending+0x7b/0xa0 [ 14.220249] ? __pfx_kthread+0x10/0x10 [ 14.220271] ret_from_fork+0x116/0x1d0 [ 14.220296] ? __pfx_kthread+0x10/0x10 [ 14.220317] ret_from_fork_asm+0x1a/0x30 [ 14.220348] </TASK> [ 14.220361] [ 14.228619] The buggy address belongs to the physical page: [ 14.228823] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a20 [ 14.229248] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.229801] flags: 0x200000000000040(head|node=0|zone=2) [ 14.230071] page_type: f8(unknown) [ 14.230211] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.230465] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.230807] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.231190] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.231556] head: 0200000000000002 ffffea00040e8801 00000000ffffffff 00000000ffffffff [ 14.231834] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.232109] page dumped because: kasan: bad access detected [ 14.232365] [ 14.232493] Memory state around the buggy address: [ 14.232727] ffff888103a1ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.233000] ffff888103a1ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.233214] >ffff888103a20000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.233425] ^ [ 14.233600] ffff888103a20080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.233909] ffff888103a20100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.234620] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.190356] ================================================================== [ 14.190946] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.191275] Read of size 1 at addr ffff888103434300 by task kunit_try_catch/244 [ 14.191954] [ 14.192090] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.192140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.192152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.192176] Call Trace: [ 14.192189] <TASK> [ 14.192206] dump_stack_lvl+0x73/0xb0 [ 14.192240] print_report+0xd1/0x610 [ 14.192264] ? __virt_addr_valid+0x1db/0x2d0 [ 14.192295] ? mempool_uaf_helper+0x392/0x400 [ 14.192318] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.192343] ? mempool_uaf_helper+0x392/0x400 [ 14.192366] kasan_report+0x141/0x180 [ 14.192388] ? mempool_uaf_helper+0x392/0x400 [ 14.192415] __asan_report_load1_noabort+0x18/0x20 [ 14.192468] mempool_uaf_helper+0x392/0x400 [ 14.192491] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.192514] ? update_load_avg+0x1be/0x21b0 [ 14.192540] ? dequeue_entities+0x27e/0x1740 [ 14.192566] ? finish_task_switch.isra.0+0x153/0x700 [ 14.192593] mempool_kmalloc_uaf+0xef/0x140 [ 14.192624] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.192650] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.192676] ? __pfx_mempool_kfree+0x10/0x10 [ 14.192701] ? __pfx_read_tsc+0x10/0x10 [ 14.192724] ? ktime_get_ts64+0x86/0x230 [ 14.192750] kunit_try_run_case+0x1a5/0x480 [ 14.192777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.192800] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.192826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.192850] ? __kthread_parkme+0x82/0x180 [ 14.192873] ? preempt_count_sub+0x50/0x80 [ 14.192896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.192921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.192946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.192972] kthread+0x337/0x6f0 [ 14.192992] ? trace_preempt_on+0x20/0xc0 [ 14.193016] ? __pfx_kthread+0x10/0x10 [ 14.193037] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.193058] ? calculate_sigpending+0x7b/0xa0 [ 14.193083] ? __pfx_kthread+0x10/0x10 [ 14.193105] ret_from_fork+0x116/0x1d0 [ 14.193124] ? __pfx_kthread+0x10/0x10 [ 14.193145] ret_from_fork_asm+0x1a/0x30 [ 14.193177] </TASK> [ 14.193187] [ 14.201747] Allocated by task 244: [ 14.201922] kasan_save_stack+0x45/0x70 [ 14.202070] kasan_save_track+0x18/0x40 [ 14.202206] kasan_save_alloc_info+0x3b/0x50 [ 14.202430] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.202702] remove_element+0x11e/0x190 [ 14.202904] mempool_alloc_preallocated+0x4d/0x90 [ 14.203134] mempool_uaf_helper+0x96/0x400 [ 14.203400] mempool_kmalloc_uaf+0xef/0x140 [ 14.203611] kunit_try_run_case+0x1a5/0x480 [ 14.203854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.204052] kthread+0x337/0x6f0 [ 14.204171] ret_from_fork+0x116/0x1d0 [ 14.204363] ret_from_fork_asm+0x1a/0x30 [ 14.204752] [ 14.204833] Freed by task 244: [ 14.204944] kasan_save_stack+0x45/0x70 [ 14.205135] kasan_save_track+0x18/0x40 [ 14.205319] kasan_save_free_info+0x3f/0x60 [ 14.205554] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.205764] mempool_free+0x2ec/0x380 [ 14.205990] mempool_uaf_helper+0x11a/0x400 [ 14.206178] mempool_kmalloc_uaf+0xef/0x140 [ 14.206376] kunit_try_run_case+0x1a5/0x480 [ 14.206579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.206755] kthread+0x337/0x6f0 [ 14.206877] ret_from_fork+0x116/0x1d0 [ 14.207010] ret_from_fork_asm+0x1a/0x30 [ 14.207149] [ 14.207219] The buggy address belongs to the object at ffff888103434300 [ 14.207219] which belongs to the cache kmalloc-128 of size 128 [ 14.207723] The buggy address is located 0 bytes inside of [ 14.207723] freed 128-byte region [ffff888103434300, ffff888103434380) [ 14.208679] [ 14.208778] The buggy address belongs to the physical page: [ 14.209028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103434 [ 14.209302] flags: 0x200000000000000(node=0|zone=2) [ 14.209644] page_type: f5(slab) [ 14.209931] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.210161] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.210386] page dumped because: kasan: bad access detected [ 14.210785] [ 14.210933] Memory state around the buggy address: [ 14.211159] ffff888103434200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.211510] ffff888103434280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.211822] >ffff888103434300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.212102] ^ [ 14.212346] ffff888103434380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.212910] ffff888103434400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.213149] ================================================================== [ 14.240294] ================================================================== [ 14.241952] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.242286] Read of size 1 at addr ffff8881026d3240 by task kunit_try_catch/248 [ 14.242609] [ 14.242716] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.242761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.242773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.242794] Call Trace: [ 14.242807] <TASK> [ 14.242822] dump_stack_lvl+0x73/0xb0 [ 14.242852] print_report+0xd1/0x610 [ 14.242875] ? __virt_addr_valid+0x1db/0x2d0 [ 14.242898] ? mempool_uaf_helper+0x392/0x400 [ 14.242921] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.242946] ? mempool_uaf_helper+0x392/0x400 [ 14.242968] kasan_report+0x141/0x180 [ 14.242990] ? mempool_uaf_helper+0x392/0x400 [ 14.243018] __asan_report_load1_noabort+0x18/0x20 [ 14.243043] mempool_uaf_helper+0x392/0x400 [ 14.243067] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.243089] ? update_load_avg+0x1be/0x21b0 [ 14.243117] ? finish_task_switch.isra.0+0x153/0x700 [ 14.243143] mempool_slab_uaf+0xea/0x140 [ 14.243165] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.243192] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.243219] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.243246] ? __pfx_read_tsc+0x10/0x10 [ 14.243267] ? ktime_get_ts64+0x86/0x230 [ 14.243291] kunit_try_run_case+0x1a5/0x480 [ 14.243316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.243340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.243364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.243389] ? __kthread_parkme+0x82/0x180 [ 14.243410] ? preempt_count_sub+0x50/0x80 [ 14.243434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.243622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.243652] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.243679] kthread+0x337/0x6f0 [ 14.243698] ? trace_preempt_on+0x20/0xc0 [ 14.243723] ? __pfx_kthread+0x10/0x10 [ 14.243744] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.243766] ? calculate_sigpending+0x7b/0xa0 [ 14.243792] ? __pfx_kthread+0x10/0x10 [ 14.243813] ret_from_fork+0x116/0x1d0 [ 14.243832] ? __pfx_kthread+0x10/0x10 [ 14.243853] ret_from_fork_asm+0x1a/0x30 [ 14.243884] </TASK> [ 14.243894] [ 14.251965] Allocated by task 248: [ 14.252093] kasan_save_stack+0x45/0x70 [ 14.252237] kasan_save_track+0x18/0x40 [ 14.252404] kasan_save_alloc_info+0x3b/0x50 [ 14.254368] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.254656] remove_element+0x11e/0x190 [ 14.254859] mempool_alloc_preallocated+0x4d/0x90 [ 14.255043] mempool_uaf_helper+0x96/0x400 [ 14.255279] mempool_slab_uaf+0xea/0x140 [ 14.255469] kunit_try_run_case+0x1a5/0x480 [ 14.255645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.255823] kthread+0x337/0x6f0 [ 14.255988] ret_from_fork+0x116/0x1d0 [ 14.256175] ret_from_fork_asm+0x1a/0x30 [ 14.256377] [ 14.256485] Freed by task 248: [ 14.256609] kasan_save_stack+0x45/0x70 [ 14.256803] kasan_save_track+0x18/0x40 [ 14.256959] kasan_save_free_info+0x3f/0x60 [ 14.257154] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.257324] mempool_free+0x2ec/0x380 [ 14.257831] mempool_uaf_helper+0x11a/0x400 [ 14.258051] mempool_slab_uaf+0xea/0x140 [ 14.258250] kunit_try_run_case+0x1a5/0x480 [ 14.258503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.258808] kthread+0x337/0x6f0 [ 14.258951] ret_from_fork+0x116/0x1d0 [ 14.259096] ret_from_fork_asm+0x1a/0x30 [ 14.259296] [ 14.259410] The buggy address belongs to the object at ffff8881026d3240 [ 14.259410] which belongs to the cache test_cache of size 123 [ 14.259993] The buggy address is located 0 bytes inside of [ 14.259993] freed 123-byte region [ffff8881026d3240, ffff8881026d32bb) [ 14.260366] [ 14.260476] The buggy address belongs to the physical page: [ 14.260927] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d3 [ 14.261290] flags: 0x200000000000000(node=0|zone=2) [ 14.261472] page_type: f5(slab) [ 14.261729] raw: 0200000000000000 ffff8881009fcb40 dead000000000122 0000000000000000 [ 14.262053] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.262344] page dumped because: kasan: bad access detected [ 14.262693] [ 14.262786] Memory state around the buggy address: [ 14.262997] ffff8881026d3100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.263263] ffff8881026d3180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.263661] >ffff8881026d3200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.263877] ^ [ 14.264121] ffff8881026d3280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.264463] ffff8881026d3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.264982] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.155571] ================================================================== [ 14.156346] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.156736] Read of size 1 at addr ffff8881034452bb by task kunit_try_catch/242 [ 14.157046] [ 14.157215] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.157281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.157293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.157316] Call Trace: [ 14.157330] <TASK> [ 14.157347] dump_stack_lvl+0x73/0xb0 [ 14.157380] print_report+0xd1/0x610 [ 14.157420] ? __virt_addr_valid+0x1db/0x2d0 [ 14.157444] ? mempool_oob_right_helper+0x318/0x380 [ 14.157487] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.157530] ? mempool_oob_right_helper+0x318/0x380 [ 14.157555] kasan_report+0x141/0x180 [ 14.157593] ? mempool_oob_right_helper+0x318/0x380 [ 14.157629] __asan_report_load1_noabort+0x18/0x20 [ 14.157665] mempool_oob_right_helper+0x318/0x380 [ 14.157690] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.157718] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.157741] ? finish_task_switch.isra.0+0x153/0x700 [ 14.157768] mempool_slab_oob_right+0xed/0x140 [ 14.157793] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.157822] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.157867] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.157903] ? __pfx_read_tsc+0x10/0x10 [ 14.157925] ? ktime_get_ts64+0x86/0x230 [ 14.157961] kunit_try_run_case+0x1a5/0x480 [ 14.157987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.158025] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.158051] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.158084] ? __kthread_parkme+0x82/0x180 [ 14.158106] ? preempt_count_sub+0x50/0x80 [ 14.158130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.158165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.158190] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.158216] kthread+0x337/0x6f0 [ 14.158235] ? trace_preempt_on+0x20/0xc0 [ 14.158260] ? __pfx_kthread+0x10/0x10 [ 14.158280] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.158302] ? calculate_sigpending+0x7b/0xa0 [ 14.158327] ? __pfx_kthread+0x10/0x10 [ 14.158349] ret_from_fork+0x116/0x1d0 [ 14.158368] ? __pfx_kthread+0x10/0x10 [ 14.158388] ret_from_fork_asm+0x1a/0x30 [ 14.158428] </TASK> [ 14.158438] [ 14.168111] Allocated by task 242: [ 14.168286] kasan_save_stack+0x45/0x70 [ 14.168509] kasan_save_track+0x18/0x40 [ 14.168646] kasan_save_alloc_info+0x3b/0x50 [ 14.168797] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.169132] remove_element+0x11e/0x190 [ 14.169295] mempool_alloc_preallocated+0x4d/0x90 [ 14.169629] mempool_oob_right_helper+0x8a/0x380 [ 14.169836] mempool_slab_oob_right+0xed/0x140 [ 14.169989] kunit_try_run_case+0x1a5/0x480 [ 14.170137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.170340] kthread+0x337/0x6f0 [ 14.170654] ret_from_fork+0x116/0x1d0 [ 14.170854] ret_from_fork_asm+0x1a/0x30 [ 14.171054] [ 14.171152] The buggy address belongs to the object at ffff888103445240 [ 14.171152] which belongs to the cache test_cache of size 123 [ 14.171531] The buggy address is located 0 bytes to the right of [ 14.171531] allocated 123-byte region [ffff888103445240, ffff8881034452bb) [ 14.172176] [ 14.172277] The buggy address belongs to the physical page: [ 14.172593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103445 [ 14.172897] flags: 0x200000000000000(node=0|zone=2) [ 14.173104] page_type: f5(slab) [ 14.173265] raw: 0200000000000000 ffff888101a22780 dead000000000122 0000000000000000 [ 14.173569] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.173900] page dumped because: kasan: bad access detected [ 14.174079] [ 14.174149] Memory state around the buggy address: [ 14.174376] ffff888103445180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.174704] ffff888103445200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.174985] >ffff888103445280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.175197] ^ [ 14.175368] ffff888103445300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.175696] ffff888103445380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.175952] ================================================================== [ 14.099987] ================================================================== [ 14.100437] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.101097] Read of size 1 at addr ffff8881026ce173 by task kunit_try_catch/238 [ 14.101403] [ 14.101537] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.101586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.101598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.101621] Call Trace: [ 14.101634] <TASK> [ 14.101654] dump_stack_lvl+0x73/0xb0 [ 14.101687] print_report+0xd1/0x610 [ 14.101711] ? __virt_addr_valid+0x1db/0x2d0 [ 14.101737] ? mempool_oob_right_helper+0x318/0x380 [ 14.101762] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.101786] ? mempool_oob_right_helper+0x318/0x380 [ 14.101811] kasan_report+0x141/0x180 [ 14.101832] ? mempool_oob_right_helper+0x318/0x380 [ 14.102343] __asan_report_load1_noabort+0x18/0x20 [ 14.102372] mempool_oob_right_helper+0x318/0x380 [ 14.102398] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.102440] ? __kasan_check_write+0x18/0x20 [ 14.102472] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.102497] ? finish_task_switch.isra.0+0x153/0x700 [ 14.102525] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.102549] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 14.102587] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.102614] ? __pfx_mempool_kfree+0x10/0x10 [ 14.102639] ? __pfx_read_tsc+0x10/0x10 [ 14.102662] ? ktime_get_ts64+0x86/0x230 [ 14.102687] kunit_try_run_case+0x1a5/0x480 [ 14.102715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.102740] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.102767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.102791] ? __kthread_parkme+0x82/0x180 [ 14.102813] ? preempt_count_sub+0x50/0x80 [ 14.102836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.102861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.102886] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.102911] kthread+0x337/0x6f0 [ 14.102931] ? trace_preempt_on+0x20/0xc0 [ 14.102954] ? __pfx_kthread+0x10/0x10 [ 14.102975] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.102997] ? calculate_sigpending+0x7b/0xa0 [ 14.103023] ? __pfx_kthread+0x10/0x10 [ 14.103044] ret_from_fork+0x116/0x1d0 [ 14.103064] ? __pfx_kthread+0x10/0x10 [ 14.103084] ret_from_fork_asm+0x1a/0x30 [ 14.103116] </TASK> [ 14.103127] [ 14.115127] Allocated by task 238: [ 14.115310] kasan_save_stack+0x45/0x70 [ 14.115565] kasan_save_track+0x18/0x40 [ 14.115950] kasan_save_alloc_info+0x3b/0x50 [ 14.116306] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.116568] remove_element+0x11e/0x190 [ 14.116916] mempool_alloc_preallocated+0x4d/0x90 [ 14.117223] mempool_oob_right_helper+0x8a/0x380 [ 14.117430] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.117770] kunit_try_run_case+0x1a5/0x480 [ 14.117978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.118217] kthread+0x337/0x6f0 [ 14.118389] ret_from_fork+0x116/0x1d0 [ 14.118712] ret_from_fork_asm+0x1a/0x30 [ 14.118920] [ 14.119018] The buggy address belongs to the object at ffff8881026ce100 [ 14.119018] which belongs to the cache kmalloc-128 of size 128 [ 14.119444] The buggy address is located 0 bytes to the right of [ 14.119444] allocated 115-byte region [ffff8881026ce100, ffff8881026ce173) [ 14.120336] [ 14.120461] The buggy address belongs to the physical page: [ 14.120915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 14.121369] flags: 0x200000000000000(node=0|zone=2) [ 14.121825] page_type: f5(slab) [ 14.121993] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.122317] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.122661] page dumped because: kasan: bad access detected [ 14.123049] [ 14.123280] Memory state around the buggy address: [ 14.123558] ffff8881026ce000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.124117] ffff8881026ce080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.124507] >ffff8881026ce100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.124909] ^ [ 14.125272] ffff8881026ce180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.125673] ffff8881026ce200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.126019] ================================================================== [ 14.131182] ================================================================== [ 14.132009] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.132398] Read of size 1 at addr ffff888103a5e001 by task kunit_try_catch/240 [ 14.132883] [ 14.133011] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.133093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.133129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.133153] Call Trace: [ 14.133166] <TASK> [ 14.133184] dump_stack_lvl+0x73/0xb0 [ 14.133230] print_report+0xd1/0x610 [ 14.133254] ? __virt_addr_valid+0x1db/0x2d0 [ 14.133281] ? mempool_oob_right_helper+0x318/0x380 [ 14.133306] ? kasan_addr_to_slab+0x11/0xa0 [ 14.133328] ? mempool_oob_right_helper+0x318/0x380 [ 14.133380] kasan_report+0x141/0x180 [ 14.133402] ? mempool_oob_right_helper+0x318/0x380 [ 14.133431] __asan_report_load1_noabort+0x18/0x20 [ 14.133479] mempool_oob_right_helper+0x318/0x380 [ 14.133505] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.133548] ? __kasan_check_write+0x18/0x20 [ 14.133600] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.133624] ? finish_task_switch.isra.0+0x153/0x700 [ 14.133652] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 14.133684] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.133714] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.133740] ? __pfx_mempool_kfree+0x10/0x10 [ 14.133766] ? __pfx_read_tsc+0x10/0x10 [ 14.133787] ? ktime_get_ts64+0x86/0x230 [ 14.133813] kunit_try_run_case+0x1a5/0x480 [ 14.133840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.133863] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.133889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.133913] ? __kthread_parkme+0x82/0x180 [ 14.133935] ? preempt_count_sub+0x50/0x80 [ 14.133958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.133983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.134008] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.134034] kthread+0x337/0x6f0 [ 14.134053] ? trace_preempt_on+0x20/0xc0 [ 14.134078] ? __pfx_kthread+0x10/0x10 [ 14.134098] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.134120] ? calculate_sigpending+0x7b/0xa0 [ 14.134146] ? __pfx_kthread+0x10/0x10 [ 14.134167] ret_from_fork+0x116/0x1d0 [ 14.134186] ? __pfx_kthread+0x10/0x10 [ 14.134207] ret_from_fork_asm+0x1a/0x30 [ 14.134238] </TASK> [ 14.134248] [ 14.144105] The buggy address belongs to the physical page: [ 14.144416] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a5c [ 14.144871] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.145198] flags: 0x200000000000040(head|node=0|zone=2) [ 14.145508] page_type: f8(unknown) [ 14.145789] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.146154] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.146544] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.147004] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.147353] head: 0200000000000002 ffffea00040e9701 00000000ffffffff 00000000ffffffff [ 14.147835] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.148159] page dumped because: kasan: bad access detected [ 14.148431] [ 14.148647] Memory state around the buggy address: [ 14.148832] ffff888103a5df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.149088] ffff888103a5df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.149300] >ffff888103a5e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.149520] ^ [ 14.149636] ffff888103a5e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.149843] ffff888103a5e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.150050] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.517681] ================================================================== [ 13.518182] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.519085] Read of size 1 at addr ffff888101a223c0 by task kunit_try_catch/232 [ 13.519586] [ 13.519695] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.519858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.519871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.519896] Call Trace: [ 13.519910] <TASK> [ 13.519929] dump_stack_lvl+0x73/0xb0 [ 13.519964] print_report+0xd1/0x610 [ 13.519989] ? __virt_addr_valid+0x1db/0x2d0 [ 13.520015] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.520040] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.520064] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.520090] kasan_report+0x141/0x180 [ 13.520112] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.520141] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.520166] __kasan_check_byte+0x3d/0x50 [ 13.520188] kmem_cache_destroy+0x25/0x1d0 [ 13.520212] kmem_cache_double_destroy+0x1bf/0x380 [ 13.520237] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.520263] ? finish_task_switch.isra.0+0x153/0x700 [ 13.520296] ? __switch_to+0x47/0xf50 [ 13.520325] ? __pfx_read_tsc+0x10/0x10 [ 13.520346] ? ktime_get_ts64+0x86/0x230 [ 13.520371] kunit_try_run_case+0x1a5/0x480 [ 13.520398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.520551] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.520676] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.520701] ? __kthread_parkme+0x82/0x180 [ 13.520725] ? preempt_count_sub+0x50/0x80 [ 13.520748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.520773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.520799] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.520825] kthread+0x337/0x6f0 [ 13.520847] ? trace_preempt_on+0x20/0xc0 [ 13.520871] ? __pfx_kthread+0x10/0x10 [ 13.520892] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.520914] ? calculate_sigpending+0x7b/0xa0 [ 13.520940] ? __pfx_kthread+0x10/0x10 [ 13.520961] ret_from_fork+0x116/0x1d0 [ 13.520981] ? __pfx_kthread+0x10/0x10 [ 13.521002] ret_from_fork_asm+0x1a/0x30 [ 13.521035] </TASK> [ 13.521046] [ 13.537241] Allocated by task 232: [ 13.537380] kasan_save_stack+0x45/0x70 [ 13.538203] kasan_save_track+0x18/0x40 [ 13.538886] kasan_save_alloc_info+0x3b/0x50 [ 13.539399] __kasan_slab_alloc+0x91/0xa0 [ 13.540020] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.540416] __kmem_cache_create_args+0x169/0x240 [ 13.541074] kmem_cache_double_destroy+0xd5/0x380 [ 13.541384] kunit_try_run_case+0x1a5/0x480 [ 13.541926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.542598] kthread+0x337/0x6f0 [ 13.542737] ret_from_fork+0x116/0x1d0 [ 13.542868] ret_from_fork_asm+0x1a/0x30 [ 13.543004] [ 13.543074] Freed by task 232: [ 13.543181] kasan_save_stack+0x45/0x70 [ 13.543314] kasan_save_track+0x18/0x40 [ 13.544086] kasan_save_free_info+0x3f/0x60 [ 13.544652] __kasan_slab_free+0x56/0x70 [ 13.545203] kmem_cache_free+0x249/0x420 [ 13.545792] slab_kmem_cache_release+0x2e/0x40 [ 13.546233] kmem_cache_release+0x16/0x20 [ 13.546704] kobject_put+0x181/0x450 [ 13.547071] sysfs_slab_release+0x16/0x20 [ 13.547486] kmem_cache_destroy+0xf0/0x1d0 [ 13.547839] kmem_cache_double_destroy+0x14e/0x380 [ 13.548143] kunit_try_run_case+0x1a5/0x480 [ 13.548291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.548619] kthread+0x337/0x6f0 [ 13.549225] ret_from_fork+0x116/0x1d0 [ 13.549834] ret_from_fork_asm+0x1a/0x30 [ 13.550220] [ 13.550381] The buggy address belongs to the object at ffff888101a223c0 [ 13.550381] which belongs to the cache kmem_cache of size 208 [ 13.550998] The buggy address is located 0 bytes inside of [ 13.550998] freed 208-byte region [ffff888101a223c0, ffff888101a22490) [ 13.551335] [ 13.551405] The buggy address belongs to the physical page: [ 13.551760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a22 [ 13.552082] flags: 0x200000000000000(node=0|zone=2) [ 13.552306] page_type: f5(slab) [ 13.552477] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.552891] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.553185] page dumped because: kasan: bad access detected [ 13.553350] [ 13.553417] Memory state around the buggy address: [ 13.553651] ffff888101a22280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.554110] ffff888101a22300: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.554444] >ffff888101a22380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.554957] ^ [ 13.555306] ffff888101a22400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.555605] ffff888101a22480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.556015] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.454853] ================================================================== [ 13.455330] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.456538] Read of size 1 at addr ffff8881026cc000 by task kunit_try_catch/230 [ 13.457428] [ 13.457795] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.457847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.457859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.458112] Call Trace: [ 13.458126] <TASK> [ 13.458145] dump_stack_lvl+0x73/0xb0 [ 13.458183] print_report+0xd1/0x610 [ 13.458207] ? __virt_addr_valid+0x1db/0x2d0 [ 13.458233] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.458256] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.458281] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.458305] kasan_report+0x141/0x180 [ 13.458327] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.458356] __asan_report_load1_noabort+0x18/0x20 [ 13.458382] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.458407] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.458430] ? finish_task_switch.isra.0+0x153/0x700 [ 13.458469] ? __switch_to+0x47/0xf50 [ 13.458499] ? __pfx_read_tsc+0x10/0x10 [ 13.458521] ? ktime_get_ts64+0x86/0x230 [ 13.458547] kunit_try_run_case+0x1a5/0x480 [ 13.458574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.458686] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.458715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.458739] ? __kthread_parkme+0x82/0x180 [ 13.458761] ? preempt_count_sub+0x50/0x80 [ 13.458784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.458810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.458849] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.458876] kthread+0x337/0x6f0 [ 13.458895] ? trace_preempt_on+0x20/0xc0 [ 13.458921] ? __pfx_kthread+0x10/0x10 [ 13.458942] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.458964] ? calculate_sigpending+0x7b/0xa0 [ 13.458990] ? __pfx_kthread+0x10/0x10 [ 13.459011] ret_from_fork+0x116/0x1d0 [ 13.459031] ? __pfx_kthread+0x10/0x10 [ 13.459052] ret_from_fork_asm+0x1a/0x30 [ 13.459084] </TASK> [ 13.459095] [ 13.472301] Allocated by task 230: [ 13.472806] kasan_save_stack+0x45/0x70 [ 13.473196] kasan_save_track+0x18/0x40 [ 13.473679] kasan_save_alloc_info+0x3b/0x50 [ 13.474199] __kasan_slab_alloc+0x91/0xa0 [ 13.474665] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.475103] kmem_cache_rcu_uaf+0x155/0x510 [ 13.475502] kunit_try_run_case+0x1a5/0x480 [ 13.475837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.476020] kthread+0x337/0x6f0 [ 13.476142] ret_from_fork+0x116/0x1d0 [ 13.476273] ret_from_fork_asm+0x1a/0x30 [ 13.476420] [ 13.476595] Freed by task 0: [ 13.476823] kasan_save_stack+0x45/0x70 [ 13.477032] kasan_save_track+0x18/0x40 [ 13.477245] kasan_save_free_info+0x3f/0x60 [ 13.477631] __kasan_slab_free+0x56/0x70 [ 13.477770] slab_free_after_rcu_debug+0xe4/0x310 [ 13.477927] rcu_core+0x66f/0x1c40 [ 13.478053] rcu_core_si+0x12/0x20 [ 13.478176] handle_softirqs+0x209/0x730 [ 13.478314] __irq_exit_rcu+0xc9/0x110 [ 13.478474] irq_exit_rcu+0x12/0x20 [ 13.478818] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.479354] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.479905] [ 13.480066] Last potentially related work creation: [ 13.480548] kasan_save_stack+0x45/0x70 [ 13.481015] kasan_record_aux_stack+0xb2/0xc0 [ 13.481435] kmem_cache_free+0x131/0x420 [ 13.481964] kmem_cache_rcu_uaf+0x194/0x510 [ 13.482389] kunit_try_run_case+0x1a5/0x480 [ 13.482874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.483189] kthread+0x337/0x6f0 [ 13.483311] ret_from_fork+0x116/0x1d0 [ 13.483473] ret_from_fork_asm+0x1a/0x30 [ 13.483842] [ 13.484081] The buggy address belongs to the object at ffff8881026cc000 [ 13.484081] which belongs to the cache test_cache of size 200 [ 13.485213] The buggy address is located 0 bytes inside of [ 13.485213] freed 200-byte region [ffff8881026cc000, ffff8881026cc0c8) [ 13.486170] [ 13.486367] The buggy address belongs to the physical page: [ 13.486781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cc [ 13.487225] flags: 0x200000000000000(node=0|zone=2) [ 13.487394] page_type: f5(slab) [ 13.487557] raw: 0200000000000000 ffff8881009fca00 dead000000000122 0000000000000000 [ 13.488132] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.488370] page dumped because: kasan: bad access detected [ 13.488671] [ 13.488943] Memory state around the buggy address: [ 13.489395] ffff8881026cbf00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 13.490077] ffff8881026cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.490927] >ffff8881026cc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.491658] ^ [ 13.491784] ffff8881026cc080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.492001] ffff8881026cc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.492213] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.396292] ================================================================== [ 13.397915] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.398167] Free of addr ffff88810343c001 by task kunit_try_catch/228 [ 13.398367] [ 13.398493] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.398541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.398552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.398575] Call Trace: [ 13.398588] <TASK> [ 13.398605] dump_stack_lvl+0x73/0xb0 [ 13.398636] print_report+0xd1/0x610 [ 13.398659] ? __virt_addr_valid+0x1db/0x2d0 [ 13.398684] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.398708] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.398734] kasan_report_invalid_free+0x10a/0x130 [ 13.398771] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.398799] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.398824] check_slab_allocation+0x11f/0x130 [ 13.398846] __kasan_slab_pre_free+0x28/0x40 [ 13.398868] kmem_cache_free+0xed/0x420 [ 13.398889] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.398910] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.398937] kmem_cache_invalid_free+0x1d8/0x460 [ 13.398962] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.398987] ? finish_task_switch.isra.0+0x153/0x700 [ 13.399012] ? __switch_to+0x47/0xf50 [ 13.399040] ? __pfx_read_tsc+0x10/0x10 [ 13.399062] ? ktime_get_ts64+0x86/0x230 [ 13.399088] kunit_try_run_case+0x1a5/0x480 [ 13.399115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.399138] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.399163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.399187] ? __kthread_parkme+0x82/0x180 [ 13.399209] ? preempt_count_sub+0x50/0x80 [ 13.399232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.399256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.399281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.399306] kthread+0x337/0x6f0 [ 13.399325] ? trace_preempt_on+0x20/0xc0 [ 13.399349] ? __pfx_kthread+0x10/0x10 [ 13.399370] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.399391] ? calculate_sigpending+0x7b/0xa0 [ 13.399808] ? __pfx_kthread+0x10/0x10 [ 13.399837] ret_from_fork+0x116/0x1d0 [ 13.399859] ? __pfx_kthread+0x10/0x10 [ 13.399879] ret_from_fork_asm+0x1a/0x30 [ 13.399912] </TASK> [ 13.399923] [ 13.416006] Allocated by task 228: [ 13.416208] kasan_save_stack+0x45/0x70 [ 13.416418] kasan_save_track+0x18/0x40 [ 13.417203] kasan_save_alloc_info+0x3b/0x50 [ 13.417381] __kasan_slab_alloc+0x91/0xa0 [ 13.417859] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.418195] kmem_cache_invalid_free+0x157/0x460 [ 13.418570] kunit_try_run_case+0x1a5/0x480 [ 13.418963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.419309] kthread+0x337/0x6f0 [ 13.419645] ret_from_fork+0x116/0x1d0 [ 13.419831] ret_from_fork_asm+0x1a/0x30 [ 13.420024] [ 13.420103] The buggy address belongs to the object at ffff88810343c000 [ 13.420103] which belongs to the cache test_cache of size 200 [ 13.421221] The buggy address is located 1 bytes inside of [ 13.421221] 200-byte region [ffff88810343c000, ffff88810343c0c8) [ 13.421949] [ 13.422044] The buggy address belongs to the physical page: [ 13.422437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10343c [ 13.423017] flags: 0x200000000000000(node=0|zone=2) [ 13.423416] page_type: f5(slab) [ 13.423584] raw: 0200000000000000 ffff888101a22280 dead000000000122 0000000000000000 [ 13.423973] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.424314] page dumped because: kasan: bad access detected [ 13.424904] [ 13.424989] Memory state around the buggy address: [ 13.425373] ffff88810343bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.425876] ffff88810343bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.426289] >ffff88810343c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.426846] ^ [ 13.426972] ffff88810343c080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.427331] ffff88810343c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.427885] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.361739] ================================================================== [ 13.362277] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.362626] Free of addr ffff8881026cb000 by task kunit_try_catch/226 [ 13.362841] [ 13.362955] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.362999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.363011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.363033] Call Trace: [ 13.363045] <TASK> [ 13.363138] dump_stack_lvl+0x73/0xb0 [ 13.363175] print_report+0xd1/0x610 [ 13.363199] ? __virt_addr_valid+0x1db/0x2d0 [ 13.363226] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.363249] ? kmem_cache_double_free+0x1e5/0x480 [ 13.363276] kasan_report_invalid_free+0x10a/0x130 [ 13.363301] ? kmem_cache_double_free+0x1e5/0x480 [ 13.363328] ? kmem_cache_double_free+0x1e5/0x480 [ 13.363353] check_slab_allocation+0x101/0x130 [ 13.363376] __kasan_slab_pre_free+0x28/0x40 [ 13.363397] kmem_cache_free+0xed/0x420 [ 13.363434] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.363465] ? kmem_cache_double_free+0x1e5/0x480 [ 13.363493] kmem_cache_double_free+0x1e5/0x480 [ 13.363518] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.363543] ? finish_task_switch.isra.0+0x153/0x700 [ 13.363636] ? __switch_to+0x47/0xf50 [ 13.363672] ? __pfx_read_tsc+0x10/0x10 [ 13.363697] ? ktime_get_ts64+0x86/0x230 [ 13.363723] kunit_try_run_case+0x1a5/0x480 [ 13.363750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.363773] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.363799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.363824] ? __kthread_parkme+0x82/0x180 [ 13.363845] ? preempt_count_sub+0x50/0x80 [ 13.363869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.363894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.363919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.363945] kthread+0x337/0x6f0 [ 13.363964] ? trace_preempt_on+0x20/0xc0 [ 13.363989] ? __pfx_kthread+0x10/0x10 [ 13.364009] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.364031] ? calculate_sigpending+0x7b/0xa0 [ 13.364056] ? __pfx_kthread+0x10/0x10 [ 13.364078] ret_from_fork+0x116/0x1d0 [ 13.364097] ? __pfx_kthread+0x10/0x10 [ 13.364118] ret_from_fork_asm+0x1a/0x30 [ 13.364149] </TASK> [ 13.364159] [ 13.373962] Allocated by task 226: [ 13.374170] kasan_save_stack+0x45/0x70 [ 13.374404] kasan_save_track+0x18/0x40 [ 13.374567] kasan_save_alloc_info+0x3b/0x50 [ 13.374717] __kasan_slab_alloc+0x91/0xa0 [ 13.374996] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.375241] kmem_cache_double_free+0x14f/0x480 [ 13.375503] kunit_try_run_case+0x1a5/0x480 [ 13.375770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.376076] kthread+0x337/0x6f0 [ 13.376243] ret_from_fork+0x116/0x1d0 [ 13.376432] ret_from_fork_asm+0x1a/0x30 [ 13.376640] [ 13.376903] Freed by task 226: [ 13.377053] kasan_save_stack+0x45/0x70 [ 13.377281] kasan_save_track+0x18/0x40 [ 13.377520] kasan_save_free_info+0x3f/0x60 [ 13.377774] __kasan_slab_free+0x56/0x70 [ 13.378012] kmem_cache_free+0x249/0x420 [ 13.378206] kmem_cache_double_free+0x16a/0x480 [ 13.378429] kunit_try_run_case+0x1a5/0x480 [ 13.378617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.378793] kthread+0x337/0x6f0 [ 13.378913] ret_from_fork+0x116/0x1d0 [ 13.379186] ret_from_fork_asm+0x1a/0x30 [ 13.379403] [ 13.379530] The buggy address belongs to the object at ffff8881026cb000 [ 13.379530] which belongs to the cache test_cache of size 200 [ 13.380318] The buggy address is located 0 bytes inside of [ 13.380318] 200-byte region [ffff8881026cb000, ffff8881026cb0c8) [ 13.381284] [ 13.381731] The buggy address belongs to the physical page: [ 13.382269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cb [ 13.383138] flags: 0x200000000000000(node=0|zone=2) [ 13.383657] page_type: f5(slab) [ 13.384015] raw: 0200000000000000 ffff8881009fc8c0 dead000000000122 0000000000000000 [ 13.384736] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.385570] page dumped because: kasan: bad access detected [ 13.385990] [ 13.386067] Memory state around the buggy address: [ 13.386225] ffff8881026caf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.386475] ffff8881026caf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.386804] >ffff8881026cb000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.387196] ^ [ 13.387366] ffff8881026cb080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.387782] ffff8881026cb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.388076] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.319151] ================================================================== [ 13.320506] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.320979] Read of size 1 at addr ffff88810343a0c8 by task kunit_try_catch/224 [ 13.321741] [ 13.321957] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.322006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.322017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.322038] Call Trace: [ 13.322051] <TASK> [ 13.322069] dump_stack_lvl+0x73/0xb0 [ 13.322112] print_report+0xd1/0x610 [ 13.322136] ? __virt_addr_valid+0x1db/0x2d0 [ 13.322159] ? kmem_cache_oob+0x402/0x530 [ 13.322193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.322217] ? kmem_cache_oob+0x402/0x530 [ 13.322240] kasan_report+0x141/0x180 [ 13.322262] ? kmem_cache_oob+0x402/0x530 [ 13.322289] __asan_report_load1_noabort+0x18/0x20 [ 13.322314] kmem_cache_oob+0x402/0x530 [ 13.322336] ? trace_hardirqs_on+0x37/0xe0 [ 13.322361] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.322383] ? finish_task_switch.isra.0+0x153/0x700 [ 13.322418] ? __switch_to+0x47/0xf50 [ 13.322458] ? __pfx_read_tsc+0x10/0x10 [ 13.322480] ? ktime_get_ts64+0x86/0x230 [ 13.322513] kunit_try_run_case+0x1a5/0x480 [ 13.322539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.322562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.322598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.322629] ? __kthread_parkme+0x82/0x180 [ 13.322650] ? preempt_count_sub+0x50/0x80 [ 13.322673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.322697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.322722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.322747] kthread+0x337/0x6f0 [ 13.322776] ? trace_preempt_on+0x20/0xc0 [ 13.322798] ? __pfx_kthread+0x10/0x10 [ 13.322818] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.322860] ? calculate_sigpending+0x7b/0xa0 [ 13.322887] ? __pfx_kthread+0x10/0x10 [ 13.322908] ret_from_fork+0x116/0x1d0 [ 13.322928] ? __pfx_kthread+0x10/0x10 [ 13.322948] ret_from_fork_asm+0x1a/0x30 [ 13.322979] </TASK> [ 13.322989] [ 13.333285] Allocated by task 224: [ 13.333684] kasan_save_stack+0x45/0x70 [ 13.334050] kasan_save_track+0x18/0x40 [ 13.334399] kasan_save_alloc_info+0x3b/0x50 [ 13.334869] __kasan_slab_alloc+0x91/0xa0 [ 13.335053] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.335212] kmem_cache_oob+0x157/0x530 [ 13.335353] kunit_try_run_case+0x1a5/0x480 [ 13.335695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.336260] kthread+0x337/0x6f0 [ 13.336630] ret_from_fork+0x116/0x1d0 [ 13.337041] ret_from_fork_asm+0x1a/0x30 [ 13.337419] [ 13.337592] The buggy address belongs to the object at ffff88810343a000 [ 13.337592] which belongs to the cache test_cache of size 200 [ 13.338578] The buggy address is located 0 bytes to the right of [ 13.338578] allocated 200-byte region [ffff88810343a000, ffff88810343a0c8) [ 13.339702] [ 13.339777] The buggy address belongs to the physical page: [ 13.339951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10343a [ 13.340190] flags: 0x200000000000000(node=0|zone=2) [ 13.340360] page_type: f5(slab) [ 13.340524] raw: 0200000000000000 ffff888101a22140 dead000000000122 0000000000000000 [ 13.340901] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.341245] page dumped because: kasan: bad access detected [ 13.341424] [ 13.341504] Memory state around the buggy address: [ 13.341895] ffff888103439f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.342217] ffff88810343a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.342541] >ffff88810343a080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.342911] ^ [ 13.343088] ffff88810343a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.343402] ffff88810343a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.343778] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.269938] ================================================================== [ 13.270495] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.270729] Read of size 8 at addr ffff8881034327c0 by task kunit_try_catch/217 [ 13.270953] [ 13.271046] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.271090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.271101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.271122] Call Trace: [ 13.271134] <TASK> [ 13.271151] dump_stack_lvl+0x73/0xb0 [ 13.271181] print_report+0xd1/0x610 [ 13.271203] ? __virt_addr_valid+0x1db/0x2d0 [ 13.271226] ? workqueue_uaf+0x4d6/0x560 [ 13.271246] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.271268] ? workqueue_uaf+0x4d6/0x560 [ 13.271290] kasan_report+0x141/0x180 [ 13.271310] ? workqueue_uaf+0x4d6/0x560 [ 13.271335] __asan_report_load8_noabort+0x18/0x20 [ 13.271358] workqueue_uaf+0x4d6/0x560 [ 13.271379] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.271400] ? __schedule+0x10cc/0x2b60 [ 13.271422] ? __pfx_read_tsc+0x10/0x10 [ 13.271442] ? ktime_get_ts64+0x86/0x230 [ 13.271489] kunit_try_run_case+0x1a5/0x480 [ 13.271514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.271535] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.271558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.271580] ? __kthread_parkme+0x82/0x180 [ 13.271600] ? preempt_count_sub+0x50/0x80 [ 13.271623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.271646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.271668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.271691] kthread+0x337/0x6f0 [ 13.271709] ? trace_preempt_on+0x20/0xc0 [ 13.271732] ? __pfx_kthread+0x10/0x10 [ 13.271751] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.271771] ? calculate_sigpending+0x7b/0xa0 [ 13.271794] ? __pfx_kthread+0x10/0x10 [ 13.271814] ret_from_fork+0x116/0x1d0 [ 13.271832] ? __pfx_kthread+0x10/0x10 [ 13.271851] ret_from_fork_asm+0x1a/0x30 [ 13.271880] </TASK> [ 13.271890] [ 13.287297] Allocated by task 217: [ 13.287667] kasan_save_stack+0x45/0x70 [ 13.288156] kasan_save_track+0x18/0x40 [ 13.288602] kasan_save_alloc_info+0x3b/0x50 [ 13.289009] __kasan_kmalloc+0xb7/0xc0 [ 13.289240] __kmalloc_cache_noprof+0x189/0x420 [ 13.289403] workqueue_uaf+0x152/0x560 [ 13.289813] kunit_try_run_case+0x1a5/0x480 [ 13.290215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.290794] kthread+0x337/0x6f0 [ 13.291121] ret_from_fork+0x116/0x1d0 [ 13.291540] ret_from_fork_asm+0x1a/0x30 [ 13.291991] [ 13.292119] Freed by task 41: [ 13.292230] kasan_save_stack+0x45/0x70 [ 13.292372] kasan_save_track+0x18/0x40 [ 13.292558] kasan_save_free_info+0x3f/0x60 [ 13.292956] __kasan_slab_free+0x56/0x70 [ 13.293422] kfree+0x222/0x3f0 [ 13.293737] workqueue_uaf_work+0x12/0x20 [ 13.294167] process_one_work+0x5ee/0xf60 [ 13.294574] worker_thread+0x758/0x1220 [ 13.294994] kthread+0x337/0x6f0 [ 13.295370] ret_from_fork+0x116/0x1d0 [ 13.295816] ret_from_fork_asm+0x1a/0x30 [ 13.296207] [ 13.296388] Last potentially related work creation: [ 13.296883] kasan_save_stack+0x45/0x70 [ 13.297313] kasan_record_aux_stack+0xb2/0xc0 [ 13.297574] __queue_work+0x626/0xeb0 [ 13.297751] queue_work_on+0xb6/0xc0 [ 13.297985] workqueue_uaf+0x26d/0x560 [ 13.298356] kunit_try_run_case+0x1a5/0x480 [ 13.298790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.299005] kthread+0x337/0x6f0 [ 13.299336] ret_from_fork+0x116/0x1d0 [ 13.299742] ret_from_fork_asm+0x1a/0x30 [ 13.300144] [ 13.300299] The buggy address belongs to the object at ffff8881034327c0 [ 13.300299] which belongs to the cache kmalloc-32 of size 32 [ 13.301384] The buggy address is located 0 bytes inside of [ 13.301384] freed 32-byte region [ffff8881034327c0, ffff8881034327e0) [ 13.302309] [ 13.302387] The buggy address belongs to the physical page: [ 13.302965] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103432 [ 13.303760] flags: 0x200000000000000(node=0|zone=2) [ 13.304214] page_type: f5(slab) [ 13.304415] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.305063] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.305291] page dumped because: kasan: bad access detected [ 13.305563] [ 13.305767] Memory state around the buggy address: [ 13.306247] ffff888103432680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.306999] ffff888103432700: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.307652] >ffff888103432780: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.308272] ^ [ 13.308854] ffff888103432800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.309370] ffff888103432880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.310085] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.227665] ================================================================== [ 13.228110] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.228676] Read of size 4 at addr ffff8881026c5540 by task swapper/0/0 [ 13.229030] [ 13.229207] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.229251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.229262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.229281] Call Trace: [ 13.229314] <IRQ> [ 13.229328] dump_stack_lvl+0x73/0xb0 [ 13.229358] print_report+0xd1/0x610 [ 13.229380] ? __virt_addr_valid+0x1db/0x2d0 [ 13.229403] ? rcu_uaf_reclaim+0x50/0x60 [ 13.229608] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.229635] ? rcu_uaf_reclaim+0x50/0x60 [ 13.229656] kasan_report+0x141/0x180 [ 13.229678] ? rcu_uaf_reclaim+0x50/0x60 [ 13.229703] __asan_report_load4_noabort+0x18/0x20 [ 13.229728] rcu_uaf_reclaim+0x50/0x60 [ 13.229748] rcu_core+0x66f/0x1c40 [ 13.229777] ? __pfx_rcu_core+0x10/0x10 [ 13.229798] ? ktime_get+0x6b/0x150 [ 13.229819] ? handle_softirqs+0x18e/0x730 [ 13.229844] rcu_core_si+0x12/0x20 [ 13.229863] handle_softirqs+0x209/0x730 [ 13.229883] ? hrtimer_interrupt+0x2fe/0x780 [ 13.229906] ? __pfx_handle_softirqs+0x10/0x10 [ 13.229932] __irq_exit_rcu+0xc9/0x110 [ 13.229952] irq_exit_rcu+0x12/0x20 [ 13.229972] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.229998] </IRQ> [ 13.230025] <TASK> [ 13.230035] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.230124] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.230335] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 72 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.230413] RSP: 0000:ffffffffa1e07dd8 EFLAGS: 00010202 [ 13.230512] RAX: ffff8881b7e72000 RBX: ffffffffa1e1cac0 RCX: ffffffffa0c75125 [ 13.230559] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 0000000000005074 [ 13.230602] RBP: ffffffffa1e07de0 R08: 0000000000000001 R09: ffffed102b60618a [ 13.230644] R10: ffff88815b030c53 R11: 00000000000b5400 R12: 0000000000000000 [ 13.230686] R13: fffffbfff43c3958 R14: ffffffffa29b1490 R15: 0000000000000000 [ 13.230742] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.230795] ? default_idle+0xd/0x20 [ 13.230817] arch_cpu_idle+0xd/0x20 [ 13.230838] default_idle_call+0x48/0x80 [ 13.230857] do_idle+0x379/0x4f0 [ 13.230882] ? __pfx_do_idle+0x10/0x10 [ 13.230909] cpu_startup_entry+0x5c/0x70 [ 13.230929] rest_init+0x11a/0x140 [ 13.230946] ? acpi_subsystem_init+0x5d/0x150 [ 13.230971] start_kernel+0x330/0x410 [ 13.230996] x86_64_start_reservations+0x1c/0x30 [ 13.231022] x86_64_start_kernel+0x10d/0x120 [ 13.231046] common_startup_64+0x13e/0x148 [ 13.231077] </TASK> [ 13.231087] [ 13.245992] Allocated by task 215: [ 13.246177] kasan_save_stack+0x45/0x70 [ 13.246342] kasan_save_track+0x18/0x40 [ 13.246911] kasan_save_alloc_info+0x3b/0x50 [ 13.247114] __kasan_kmalloc+0xb7/0xc0 [ 13.247469] __kmalloc_cache_noprof+0x189/0x420 [ 13.247853] rcu_uaf+0xb0/0x330 [ 13.248018] kunit_try_run_case+0x1a5/0x480 [ 13.248187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.248419] kthread+0x337/0x6f0 [ 13.249022] ret_from_fork+0x116/0x1d0 [ 13.249192] ret_from_fork_asm+0x1a/0x30 [ 13.249749] [ 13.249973] Freed by task 0: [ 13.250130] kasan_save_stack+0x45/0x70 [ 13.250732] kasan_save_track+0x18/0x40 [ 13.250930] kasan_save_free_info+0x3f/0x60 [ 13.251210] __kasan_slab_free+0x56/0x70 [ 13.251513] kfree+0x222/0x3f0 [ 13.251786] rcu_uaf_reclaim+0x1f/0x60 [ 13.251966] rcu_core+0x66f/0x1c40 [ 13.252144] rcu_core_si+0x12/0x20 [ 13.252314] handle_softirqs+0x209/0x730 [ 13.252871] __irq_exit_rcu+0xc9/0x110 [ 13.253035] irq_exit_rcu+0x12/0x20 [ 13.253369] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.253912] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.254160] [ 13.254274] Last potentially related work creation: [ 13.254490] kasan_save_stack+0x45/0x70 [ 13.255055] kasan_record_aux_stack+0xb2/0xc0 [ 13.255244] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 13.255524] call_rcu+0x12/0x20 [ 13.255764] rcu_uaf+0x168/0x330 [ 13.255915] kunit_try_run_case+0x1a5/0x480 [ 13.256122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.256394] kthread+0x337/0x6f0 [ 13.257042] ret_from_fork+0x116/0x1d0 [ 13.257200] ret_from_fork_asm+0x1a/0x30 [ 13.257573] [ 13.257963] The buggy address belongs to the object at ffff8881026c5540 [ 13.257963] which belongs to the cache kmalloc-32 of size 32 [ 13.258750] The buggy address is located 0 bytes inside of [ 13.258750] freed 32-byte region [ffff8881026c5540, ffff8881026c5560) [ 13.259316] [ 13.259417] The buggy address belongs to the physical page: [ 13.259935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026c5 [ 13.260393] flags: 0x200000000000000(node=0|zone=2) [ 13.260935] page_type: f5(slab) [ 13.261088] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.261616] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.262156] page dumped because: kasan: bad access detected [ 13.262594] [ 13.262690] Memory state around the buggy address: [ 13.262914] ffff8881026c5400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.263221] ffff8881026c5480: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 13.263849] >ffff8881026c5500: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.264112] ^ [ 13.264523] ffff8881026c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.264994] ffff8881026c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.265381] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.161812] ================================================================== [ 13.162737] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.163459] Read of size 1 at addr ffff8881026b2e00 by task kunit_try_catch/213 [ 13.164003] [ 13.164098] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.164141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.164152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.164172] Call Trace: [ 13.164184] <TASK> [ 13.164198] dump_stack_lvl+0x73/0xb0 [ 13.164227] print_report+0xd1/0x610 [ 13.164248] ? __virt_addr_valid+0x1db/0x2d0 [ 13.164270] ? ksize_uaf+0x5fe/0x6c0 [ 13.164297] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.164320] ? ksize_uaf+0x5fe/0x6c0 [ 13.164341] kasan_report+0x141/0x180 [ 13.164362] ? ksize_uaf+0x5fe/0x6c0 [ 13.164387] __asan_report_load1_noabort+0x18/0x20 [ 13.164413] ksize_uaf+0x5fe/0x6c0 [ 13.164433] ? __pfx_ksize_uaf+0x10/0x10 [ 13.164469] ? __schedule+0x10cc/0x2b60 [ 13.164491] ? __pfx_read_tsc+0x10/0x10 [ 13.164511] ? ktime_get_ts64+0x86/0x230 [ 13.164535] kunit_try_run_case+0x1a5/0x480 [ 13.164559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.164583] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.164607] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.164630] ? __kthread_parkme+0x82/0x180 [ 13.164650] ? preempt_count_sub+0x50/0x80 [ 13.164674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.164698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.164722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.164747] kthread+0x337/0x6f0 [ 13.164766] ? trace_preempt_on+0x20/0xc0 [ 13.164789] ? __pfx_kthread+0x10/0x10 [ 13.164930] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.164952] ? calculate_sigpending+0x7b/0xa0 [ 13.164975] ? __pfx_kthread+0x10/0x10 [ 13.164996] ret_from_fork+0x116/0x1d0 [ 13.165015] ? __pfx_kthread+0x10/0x10 [ 13.165035] ret_from_fork_asm+0x1a/0x30 [ 13.165065] </TASK> [ 13.165075] [ 13.174336] Allocated by task 213: [ 13.174538] kasan_save_stack+0x45/0x70 [ 13.174704] kasan_save_track+0x18/0x40 [ 13.174986] kasan_save_alloc_info+0x3b/0x50 [ 13.175465] __kasan_kmalloc+0xb7/0xc0 [ 13.175690] __kmalloc_cache_noprof+0x189/0x420 [ 13.175982] ksize_uaf+0xaa/0x6c0 [ 13.176148] kunit_try_run_case+0x1a5/0x480 [ 13.176537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.176937] kthread+0x337/0x6f0 [ 13.177180] ret_from_fork+0x116/0x1d0 [ 13.177484] ret_from_fork_asm+0x1a/0x30 [ 13.177667] [ 13.177842] Freed by task 213: [ 13.178083] kasan_save_stack+0x45/0x70 [ 13.178425] kasan_save_track+0x18/0x40 [ 13.178614] kasan_save_free_info+0x3f/0x60 [ 13.178976] __kasan_slab_free+0x56/0x70 [ 13.179164] kfree+0x222/0x3f0 [ 13.179325] ksize_uaf+0x12c/0x6c0 [ 13.179503] kunit_try_run_case+0x1a5/0x480 [ 13.179813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.180049] kthread+0x337/0x6f0 [ 13.180220] ret_from_fork+0x116/0x1d0 [ 13.180384] ret_from_fork_asm+0x1a/0x30 [ 13.180617] [ 13.181053] The buggy address belongs to the object at ffff8881026b2e00 [ 13.181053] which belongs to the cache kmalloc-128 of size 128 [ 13.181608] The buggy address is located 0 bytes inside of [ 13.181608] freed 128-byte region [ffff8881026b2e00, ffff8881026b2e80) [ 13.182303] [ 13.182546] The buggy address belongs to the physical page: [ 13.182777] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b2 [ 13.183344] flags: 0x200000000000000(node=0|zone=2) [ 13.183614] page_type: f5(slab) [ 13.183905] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.184311] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.184782] page dumped because: kasan: bad access detected [ 13.185015] [ 13.185095] Memory state around the buggy address: [ 13.185298] ffff8881026b2d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.185874] ffff8881026b2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.186240] >ffff8881026b2e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.186550] ^ [ 13.186736] ffff8881026b2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.187309] ffff8881026b2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.187778] ================================================================== [ 13.188331] ================================================================== [ 13.188902] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.189157] Read of size 1 at addr ffff8881026b2e78 by task kunit_try_catch/213 [ 13.189501] [ 13.189799] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.189842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.189853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.189932] Call Trace: [ 13.189997] <TASK> [ 13.190011] dump_stack_lvl+0x73/0xb0 [ 13.190039] print_report+0xd1/0x610 [ 13.190060] ? __virt_addr_valid+0x1db/0x2d0 [ 13.190082] ? ksize_uaf+0x5e4/0x6c0 [ 13.190102] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.190125] ? ksize_uaf+0x5e4/0x6c0 [ 13.190145] kasan_report+0x141/0x180 [ 13.190166] ? ksize_uaf+0x5e4/0x6c0 [ 13.190191] __asan_report_load1_noabort+0x18/0x20 [ 13.190216] ksize_uaf+0x5e4/0x6c0 [ 13.190236] ? __pfx_ksize_uaf+0x10/0x10 [ 13.190257] ? __schedule+0x10cc/0x2b60 [ 13.190278] ? __pfx_read_tsc+0x10/0x10 [ 13.190390] ? ktime_get_ts64+0x86/0x230 [ 13.190425] kunit_try_run_case+0x1a5/0x480 [ 13.190462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.190485] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.190509] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.190533] ? __kthread_parkme+0x82/0x180 [ 13.190552] ? preempt_count_sub+0x50/0x80 [ 13.190595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.190620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.190644] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.190670] kthread+0x337/0x6f0 [ 13.190689] ? trace_preempt_on+0x20/0xc0 [ 13.190711] ? __pfx_kthread+0x10/0x10 [ 13.190731] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.190753] ? calculate_sigpending+0x7b/0xa0 [ 13.190776] ? __pfx_kthread+0x10/0x10 [ 13.190797] ret_from_fork+0x116/0x1d0 [ 13.190815] ? __pfx_kthread+0x10/0x10 [ 13.190835] ret_from_fork_asm+0x1a/0x30 [ 13.190865] </TASK> [ 13.190874] [ 13.200055] Allocated by task 213: [ 13.200217] kasan_save_stack+0x45/0x70 [ 13.200404] kasan_save_track+0x18/0x40 [ 13.200959] kasan_save_alloc_info+0x3b/0x50 [ 13.201217] __kasan_kmalloc+0xb7/0xc0 [ 13.201465] __kmalloc_cache_noprof+0x189/0x420 [ 13.201745] ksize_uaf+0xaa/0x6c0 [ 13.201914] kunit_try_run_case+0x1a5/0x480 [ 13.202075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.202309] kthread+0x337/0x6f0 [ 13.202472] ret_from_fork+0x116/0x1d0 [ 13.202924] ret_from_fork_asm+0x1a/0x30 [ 13.203193] [ 13.203343] Freed by task 213: [ 13.203517] kasan_save_stack+0x45/0x70 [ 13.203881] kasan_save_track+0x18/0x40 [ 13.204034] kasan_save_free_info+0x3f/0x60 [ 13.204242] __kasan_slab_free+0x56/0x70 [ 13.204656] kfree+0x222/0x3f0 [ 13.204809] ksize_uaf+0x12c/0x6c0 [ 13.205056] kunit_try_run_case+0x1a5/0x480 [ 13.205238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.205750] kthread+0x337/0x6f0 [ 13.205881] ret_from_fork+0x116/0x1d0 [ 13.206076] ret_from_fork_asm+0x1a/0x30 [ 13.206374] [ 13.206577] The buggy address belongs to the object at ffff8881026b2e00 [ 13.206577] which belongs to the cache kmalloc-128 of size 128 [ 13.207092] The buggy address is located 120 bytes inside of [ 13.207092] freed 128-byte region [ffff8881026b2e00, ffff8881026b2e80) [ 13.207778] [ 13.207949] The buggy address belongs to the physical page: [ 13.208251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b2 [ 13.208796] flags: 0x200000000000000(node=0|zone=2) [ 13.209036] page_type: f5(slab) [ 13.209189] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.209714] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.210056] page dumped because: kasan: bad access detected [ 13.210289] [ 13.210383] Memory state around the buggy address: [ 13.210894] ffff8881026b2d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.211197] ffff8881026b2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.211593] >ffff8881026b2e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.212018] ^ [ 13.212558] ffff8881026b2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.212971] ffff8881026b2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.213386] ================================================================== [ 13.130310] ================================================================== [ 13.131065] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.131372] Read of size 1 at addr ffff8881026b2e00 by task kunit_try_catch/213 [ 13.131882] [ 13.132309] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.132479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.132493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.132512] Call Trace: [ 13.132524] <TASK> [ 13.132538] dump_stack_lvl+0x73/0xb0 [ 13.132583] print_report+0xd1/0x610 [ 13.132606] ? __virt_addr_valid+0x1db/0x2d0 [ 13.132629] ? ksize_uaf+0x19d/0x6c0 [ 13.132649] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.132672] ? ksize_uaf+0x19d/0x6c0 [ 13.132692] kasan_report+0x141/0x180 [ 13.132714] ? ksize_uaf+0x19d/0x6c0 [ 13.132736] ? ksize_uaf+0x19d/0x6c0 [ 13.132756] __kasan_check_byte+0x3d/0x50 [ 13.132778] ksize+0x20/0x60 [ 13.132797] ksize_uaf+0x19d/0x6c0 [ 13.132817] ? __pfx_ksize_uaf+0x10/0x10 [ 13.132838] ? __schedule+0x10cc/0x2b60 [ 13.132860] ? __pfx_read_tsc+0x10/0x10 [ 13.132880] ? ktime_get_ts64+0x86/0x230 [ 13.132903] kunit_try_run_case+0x1a5/0x480 [ 13.132927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.132950] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.132974] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.132997] ? __kthread_parkme+0x82/0x180 [ 13.133018] ? preempt_count_sub+0x50/0x80 [ 13.133041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.133065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.133089] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.133114] kthread+0x337/0x6f0 [ 13.133133] ? trace_preempt_on+0x20/0xc0 [ 13.133155] ? __pfx_kthread+0x10/0x10 [ 13.133175] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.133196] ? calculate_sigpending+0x7b/0xa0 [ 13.133220] ? __pfx_kthread+0x10/0x10 [ 13.133241] ret_from_fork+0x116/0x1d0 [ 13.133259] ? __pfx_kthread+0x10/0x10 [ 13.133279] ret_from_fork_asm+0x1a/0x30 [ 13.133309] </TASK> [ 13.133319] [ 13.145887] Allocated by task 213: [ 13.146052] kasan_save_stack+0x45/0x70 [ 13.146258] kasan_save_track+0x18/0x40 [ 13.146443] kasan_save_alloc_info+0x3b/0x50 [ 13.147659] __kasan_kmalloc+0xb7/0xc0 [ 13.148286] __kmalloc_cache_noprof+0x189/0x420 [ 13.148490] ksize_uaf+0xaa/0x6c0 [ 13.148617] kunit_try_run_case+0x1a5/0x480 [ 13.148763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.148940] kthread+0x337/0x6f0 [ 13.149060] ret_from_fork+0x116/0x1d0 [ 13.149191] ret_from_fork_asm+0x1a/0x30 [ 13.149331] [ 13.149403] Freed by task 213: [ 13.150284] kasan_save_stack+0x45/0x70 [ 13.150541] kasan_save_track+0x18/0x40 [ 13.150741] kasan_save_free_info+0x3f/0x60 [ 13.150950] __kasan_slab_free+0x56/0x70 [ 13.151153] kfree+0x222/0x3f0 [ 13.151357] ksize_uaf+0x12c/0x6c0 [ 13.151710] kunit_try_run_case+0x1a5/0x480 [ 13.151903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.152097] kthread+0x337/0x6f0 [ 13.152217] ret_from_fork+0x116/0x1d0 [ 13.152353] ret_from_fork_asm+0x1a/0x30 [ 13.152633] [ 13.152740] The buggy address belongs to the object at ffff8881026b2e00 [ 13.152740] which belongs to the cache kmalloc-128 of size 128 [ 13.153298] The buggy address is located 0 bytes inside of [ 13.153298] freed 128-byte region [ffff8881026b2e00, ffff8881026b2e80) [ 13.154305] [ 13.154486] The buggy address belongs to the physical page: [ 13.154884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b2 [ 13.155227] flags: 0x200000000000000(node=0|zone=2) [ 13.155978] page_type: f5(slab) [ 13.156135] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.156429] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.156931] page dumped because: kasan: bad access detected [ 13.157304] [ 13.157390] Memory state around the buggy address: [ 13.157696] ffff8881026b2d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.158309] ffff8881026b2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.158845] >ffff8881026b2e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.159540] ^ [ 13.159959] ffff8881026b2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.160183] ffff8881026b2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.160495] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 13.102520] ================================================================== [ 13.103213] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.104013] Read of size 1 at addr ffff8881026b2d7f by task kunit_try_catch/211 [ 13.104639] [ 13.104814] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.104855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.104866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.104885] Call Trace: [ 13.104901] <TASK> [ 13.104915] dump_stack_lvl+0x73/0xb0 [ 13.104943] print_report+0xd1/0x610 [ 13.104966] ? __virt_addr_valid+0x1db/0x2d0 [ 13.104989] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.105013] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.105036] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.105060] kasan_report+0x141/0x180 [ 13.105082] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.105110] __asan_report_load1_noabort+0x18/0x20 [ 13.105135] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.105159] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.105183] ? __schedule+0x207f/0x2b60 [ 13.105202] ? schedule+0x7c/0x2e0 [ 13.105222] ? trace_hardirqs_on+0x37/0xe0 [ 13.105245] ? __schedule+0x207f/0x2b60 [ 13.105266] ? __pfx_read_tsc+0x10/0x10 [ 13.105287] ? ktime_get_ts64+0x86/0x230 [ 13.105310] kunit_try_run_case+0x1a5/0x480 [ 13.105335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.105358] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.105382] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.105405] ? __kthread_parkme+0x82/0x180 [ 13.105426] ? preempt_count_sub+0x50/0x80 [ 13.105463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.105487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.105512] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.105547] kthread+0x337/0x6f0 [ 13.105576] ? trace_preempt_on+0x20/0xc0 [ 13.105598] ? __pfx_kthread+0x10/0x10 [ 13.105619] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.105640] ? calculate_sigpending+0x7b/0xa0 [ 13.105664] ? __pfx_kthread+0x10/0x10 [ 13.105685] ret_from_fork+0x116/0x1d0 [ 13.105704] ? __pfx_kthread+0x10/0x10 [ 13.105724] ret_from_fork_asm+0x1a/0x30 [ 13.105755] </TASK> [ 13.105764] [ 13.117902] Allocated by task 211: [ 13.118037] kasan_save_stack+0x45/0x70 [ 13.118182] kasan_save_track+0x18/0x40 [ 13.118316] kasan_save_alloc_info+0x3b/0x50 [ 13.118499] __kasan_kmalloc+0xb7/0xc0 [ 13.118632] __kmalloc_cache_noprof+0x189/0x420 [ 13.118856] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.119337] kunit_try_run_case+0x1a5/0x480 [ 13.119828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.120110] kthread+0x337/0x6f0 [ 13.120229] ret_from_fork+0x116/0x1d0 [ 13.120366] ret_from_fork_asm+0x1a/0x30 [ 13.120660] [ 13.120818] The buggy address belongs to the object at ffff8881026b2d00 [ 13.120818] which belongs to the cache kmalloc-128 of size 128 [ 13.122043] The buggy address is located 12 bytes to the right of [ 13.122043] allocated 115-byte region [ffff8881026b2d00, ffff8881026b2d73) [ 13.123351] [ 13.123546] The buggy address belongs to the physical page: [ 13.123808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b2 [ 13.124055] flags: 0x200000000000000(node=0|zone=2) [ 13.124220] page_type: f5(slab) [ 13.124346] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.124733] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.125127] page dumped because: kasan: bad access detected [ 13.125304] [ 13.125373] Memory state around the buggy address: [ 13.125596] ffff8881026b2c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.125950] ffff8881026b2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.126225] >ffff8881026b2d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.126503] ^ [ 13.126858] ffff8881026b2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.127148] ffff8881026b2e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.127444] ================================================================== [ 13.040089] ================================================================== [ 13.040549] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.041159] Read of size 1 at addr ffff8881026b2d73 by task kunit_try_catch/211 [ 13.041482] [ 13.041649] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.041692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.041703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.041722] Call Trace: [ 13.041733] <TASK> [ 13.041747] dump_stack_lvl+0x73/0xb0 [ 13.041776] print_report+0xd1/0x610 [ 13.041797] ? __virt_addr_valid+0x1db/0x2d0 [ 13.041820] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.041843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.041867] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.041890] kasan_report+0x141/0x180 [ 13.041912] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.041940] __asan_report_load1_noabort+0x18/0x20 [ 13.041965] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.041989] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.042013] ? __schedule+0x207f/0x2b60 [ 13.042033] ? schedule+0x7c/0x2e0 [ 13.042052] ? trace_hardirqs_on+0x37/0xe0 [ 13.042075] ? __schedule+0x207f/0x2b60 [ 13.042096] ? __pfx_read_tsc+0x10/0x10 [ 13.042116] ? ktime_get_ts64+0x86/0x230 [ 13.042140] kunit_try_run_case+0x1a5/0x480 [ 13.042164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.042187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.042211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.042235] ? __kthread_parkme+0x82/0x180 [ 13.042255] ? preempt_count_sub+0x50/0x80 [ 13.042279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.042303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.042327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.042353] kthread+0x337/0x6f0 [ 13.042372] ? trace_preempt_on+0x20/0xc0 [ 13.042393] ? __pfx_kthread+0x10/0x10 [ 13.042423] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.042444] ? calculate_sigpending+0x7b/0xa0 [ 13.042480] ? __pfx_kthread+0x10/0x10 [ 13.042502] ret_from_fork+0x116/0x1d0 [ 13.042520] ? __pfx_kthread+0x10/0x10 [ 13.042541] ret_from_fork_asm+0x1a/0x30 [ 13.042581] </TASK> [ 13.042591] [ 13.053923] Allocated by task 211: [ 13.054058] kasan_save_stack+0x45/0x70 [ 13.054202] kasan_save_track+0x18/0x40 [ 13.054337] kasan_save_alloc_info+0x3b/0x50 [ 13.054613] __kasan_kmalloc+0xb7/0xc0 [ 13.055285] __kmalloc_cache_noprof+0x189/0x420 [ 13.055910] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.056335] kunit_try_run_case+0x1a5/0x480 [ 13.056919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.057673] kthread+0x337/0x6f0 [ 13.058118] ret_from_fork+0x116/0x1d0 [ 13.058717] ret_from_fork_asm+0x1a/0x30 [ 13.059216] [ 13.059523] The buggy address belongs to the object at ffff8881026b2d00 [ 13.059523] which belongs to the cache kmalloc-128 of size 128 [ 13.061011] The buggy address is located 0 bytes to the right of [ 13.061011] allocated 115-byte region [ffff8881026b2d00, ffff8881026b2d73) [ 13.062297] [ 13.062385] The buggy address belongs to the physical page: [ 13.063177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b2 [ 13.063873] flags: 0x200000000000000(node=0|zone=2) [ 13.064056] page_type: f5(slab) [ 13.064182] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.064673] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.065557] page dumped because: kasan: bad access detected [ 13.066369] [ 13.066852] Memory state around the buggy address: [ 13.067337] ffff8881026b2c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.068226] ffff8881026b2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.069206] >ffff8881026b2d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.069880] ^ [ 13.070294] ffff8881026b2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.071142] ffff8881026b2e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.072139] ================================================================== [ 13.072922] ================================================================== [ 13.073157] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.073391] Read of size 1 at addr ffff8881026b2d78 by task kunit_try_catch/211 [ 13.074288] [ 13.074671] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.074719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.074730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.074750] Call Trace: [ 13.074762] <TASK> [ 13.074777] dump_stack_lvl+0x73/0xb0 [ 13.074807] print_report+0xd1/0x610 [ 13.074830] ? __virt_addr_valid+0x1db/0x2d0 [ 13.074852] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.074876] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.074899] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.074923] kasan_report+0x141/0x180 [ 13.074945] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.074973] __asan_report_load1_noabort+0x18/0x20 [ 13.074997] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.075021] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.075045] ? __schedule+0x207f/0x2b60 [ 13.075065] ? schedule+0x7c/0x2e0 [ 13.075084] ? trace_hardirqs_on+0x37/0xe0 [ 13.075107] ? __schedule+0x207f/0x2b60 [ 13.075128] ? __pfx_read_tsc+0x10/0x10 [ 13.075148] ? ktime_get_ts64+0x86/0x230 [ 13.075171] kunit_try_run_case+0x1a5/0x480 [ 13.075195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.075218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.075242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.075265] ? __kthread_parkme+0x82/0x180 [ 13.075286] ? preempt_count_sub+0x50/0x80 [ 13.075310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.075334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.075359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.075384] kthread+0x337/0x6f0 [ 13.075403] ? trace_preempt_on+0x20/0xc0 [ 13.075593] ? __pfx_kthread+0x10/0x10 [ 13.075618] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.075640] ? calculate_sigpending+0x7b/0xa0 [ 13.075664] ? __pfx_kthread+0x10/0x10 [ 13.075686] ret_from_fork+0x116/0x1d0 [ 13.075705] ? __pfx_kthread+0x10/0x10 [ 13.075725] ret_from_fork_asm+0x1a/0x30 [ 13.075756] </TASK> [ 13.075766] [ 13.088672] Allocated by task 211: [ 13.089071] kasan_save_stack+0x45/0x70 [ 13.089459] kasan_save_track+0x18/0x40 [ 13.089790] kasan_save_alloc_info+0x3b/0x50 [ 13.089943] __kasan_kmalloc+0xb7/0xc0 [ 13.090075] __kmalloc_cache_noprof+0x189/0x420 [ 13.090230] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.090382] kunit_try_run_case+0x1a5/0x480 [ 13.090769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.091290] kthread+0x337/0x6f0 [ 13.091711] ret_from_fork+0x116/0x1d0 [ 13.092053] ret_from_fork_asm+0x1a/0x30 [ 13.092402] [ 13.092721] The buggy address belongs to the object at ffff8881026b2d00 [ 13.092721] which belongs to the cache kmalloc-128 of size 128 [ 13.093847] The buggy address is located 5 bytes to the right of [ 13.093847] allocated 115-byte region [ffff8881026b2d00, ffff8881026b2d73) [ 13.094820] [ 13.094896] The buggy address belongs to the physical page: [ 13.095070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b2 [ 13.095315] flags: 0x200000000000000(node=0|zone=2) [ 13.095637] page_type: f5(slab) [ 13.095995] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.096808] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.097465] page dumped because: kasan: bad access detected [ 13.098025] [ 13.098182] Memory state around the buggy address: [ 13.098625] ffff8881026b2c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.099375] ffff8881026b2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.099892] >ffff8881026b2d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.100107] ^ [ 13.100325] ffff8881026b2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.100861] ffff8881026b2e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.101480] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 13.009340] ================================================================== [ 13.009990] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 13.010495] Free of addr ffff888101aa5dc0 by task kunit_try_catch/209 [ 13.010870] [ 13.011057] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.011101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.011112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.011132] Call Trace: [ 13.011145] <TASK> [ 13.011159] dump_stack_lvl+0x73/0xb0 [ 13.011188] print_report+0xd1/0x610 [ 13.011210] ? __virt_addr_valid+0x1db/0x2d0 [ 13.011234] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.011257] ? kfree_sensitive+0x2e/0x90 [ 13.011278] kasan_report_invalid_free+0x10a/0x130 [ 13.011303] ? kfree_sensitive+0x2e/0x90 [ 13.011324] ? kfree_sensitive+0x2e/0x90 [ 13.011344] check_slab_allocation+0x101/0x130 [ 13.011365] __kasan_slab_pre_free+0x28/0x40 [ 13.011387] kfree+0xf0/0x3f0 [ 13.011407] ? kfree_sensitive+0x2e/0x90 [ 13.011429] kfree_sensitive+0x2e/0x90 [ 13.011462] kmalloc_double_kzfree+0x19c/0x350 [ 13.011487] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.011512] ? __schedule+0x10cc/0x2b60 [ 13.011533] ? __pfx_read_tsc+0x10/0x10 [ 13.011555] ? ktime_get_ts64+0x86/0x230 [ 13.011579] kunit_try_run_case+0x1a5/0x480 [ 13.011603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.011638] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.011662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.011686] ? __kthread_parkme+0x82/0x180 [ 13.011706] ? preempt_count_sub+0x50/0x80 [ 13.011731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.011755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.011779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.011805] kthread+0x337/0x6f0 [ 13.011825] ? trace_preempt_on+0x20/0xc0 [ 13.011847] ? __pfx_kthread+0x10/0x10 [ 13.011868] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.011889] ? calculate_sigpending+0x7b/0xa0 [ 13.011913] ? __pfx_kthread+0x10/0x10 [ 13.011934] ret_from_fork+0x116/0x1d0 [ 13.011954] ? __pfx_kthread+0x10/0x10 [ 13.011974] ret_from_fork_asm+0x1a/0x30 [ 13.012005] </TASK> [ 13.012014] [ 13.024848] Allocated by task 209: [ 13.025034] kasan_save_stack+0x45/0x70 [ 13.025236] kasan_save_track+0x18/0x40 [ 13.025430] kasan_save_alloc_info+0x3b/0x50 [ 13.025740] __kasan_kmalloc+0xb7/0xc0 [ 13.025881] __kmalloc_cache_noprof+0x189/0x420 [ 13.026102] kmalloc_double_kzfree+0xa9/0x350 [ 13.026317] kunit_try_run_case+0x1a5/0x480 [ 13.026717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.026956] kthread+0x337/0x6f0 [ 13.027082] ret_from_fork+0x116/0x1d0 [ 13.027214] ret_from_fork_asm+0x1a/0x30 [ 13.027367] [ 13.027470] Freed by task 209: [ 13.027622] kasan_save_stack+0x45/0x70 [ 13.027813] kasan_save_track+0x18/0x40 [ 13.028068] kasan_save_free_info+0x3f/0x60 [ 13.028324] __kasan_slab_free+0x56/0x70 [ 13.028635] kfree+0x222/0x3f0 [ 13.028787] kfree_sensitive+0x67/0x90 [ 13.028956] kmalloc_double_kzfree+0x12b/0x350 [ 13.029111] kunit_try_run_case+0x1a5/0x480 [ 13.029314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.029665] kthread+0x337/0x6f0 [ 13.029825] ret_from_fork+0x116/0x1d0 [ 13.029985] ret_from_fork_asm+0x1a/0x30 [ 13.030142] [ 13.030214] The buggy address belongs to the object at ffff888101aa5dc0 [ 13.030214] which belongs to the cache kmalloc-16 of size 16 [ 13.030940] The buggy address is located 0 bytes inside of [ 13.030940] 16-byte region [ffff888101aa5dc0, ffff888101aa5dd0) [ 13.031363] [ 13.031442] The buggy address belongs to the physical page: [ 13.031699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aa5 [ 13.031987] flags: 0x200000000000000(node=0|zone=2) [ 13.032147] page_type: f5(slab) [ 13.032321] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.032648] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.032943] page dumped because: kasan: bad access detected [ 13.033113] [ 13.033181] Memory state around the buggy address: [ 13.033333] ffff888101aa5c80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 13.034046] ffff888101aa5d00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.034372] >ffff888101aa5d80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 13.034884] ^ [ 13.035085] ffff888101aa5e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.035298] ffff888101aa5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.035608] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.974247] ================================================================== [ 12.976391] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.977283] Read of size 1 at addr ffff888101aa5dc0 by task kunit_try_catch/209 [ 12.978201] [ 12.978507] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.978554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.978565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.978585] Call Trace: [ 12.978597] <TASK> [ 12.978621] dump_stack_lvl+0x73/0xb0 [ 12.978669] print_report+0xd1/0x610 [ 12.978830] ? __virt_addr_valid+0x1db/0x2d0 [ 12.978861] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.978885] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.978908] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.978932] kasan_report+0x141/0x180 [ 12.978954] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.978980] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.979003] __kasan_check_byte+0x3d/0x50 [ 12.979025] kfree_sensitive+0x22/0x90 [ 12.979048] kmalloc_double_kzfree+0x19c/0x350 [ 12.979072] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.979096] ? __schedule+0x10cc/0x2b60 [ 12.979119] ? __pfx_read_tsc+0x10/0x10 [ 12.979140] ? ktime_get_ts64+0x86/0x230 [ 12.979165] kunit_try_run_case+0x1a5/0x480 [ 12.979190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.979214] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.979237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.979261] ? __kthread_parkme+0x82/0x180 [ 12.979283] ? preempt_count_sub+0x50/0x80 [ 12.979307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.979331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.979355] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.979380] kthread+0x337/0x6f0 [ 12.979399] ? trace_preempt_on+0x20/0xc0 [ 12.979437] ? __pfx_kthread+0x10/0x10 [ 12.979471] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.979492] ? calculate_sigpending+0x7b/0xa0 [ 12.979517] ? __pfx_kthread+0x10/0x10 [ 12.979538] ret_from_fork+0x116/0x1d0 [ 12.979557] ? __pfx_kthread+0x10/0x10 [ 12.979593] ret_from_fork_asm+0x1a/0x30 [ 12.979624] </TASK> [ 12.979635] [ 12.992004] Allocated by task 209: [ 12.992190] kasan_save_stack+0x45/0x70 [ 12.992352] kasan_save_track+0x18/0x40 [ 12.992675] kasan_save_alloc_info+0x3b/0x50 [ 12.992887] __kasan_kmalloc+0xb7/0xc0 [ 12.993059] __kmalloc_cache_noprof+0x189/0x420 [ 12.993293] kmalloc_double_kzfree+0xa9/0x350 [ 12.993526] kunit_try_run_case+0x1a5/0x480 [ 12.993954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.994208] kthread+0x337/0x6f0 [ 12.994329] ret_from_fork+0x116/0x1d0 [ 12.994546] ret_from_fork_asm+0x1a/0x30 [ 12.994801] [ 12.994920] Freed by task 209: [ 12.995360] kasan_save_stack+0x45/0x70 [ 12.995529] kasan_save_track+0x18/0x40 [ 12.995724] kasan_save_free_info+0x3f/0x60 [ 12.996007] __kasan_slab_free+0x56/0x70 [ 12.996217] kfree+0x222/0x3f0 [ 12.996383] kfree_sensitive+0x67/0x90 [ 12.996880] kmalloc_double_kzfree+0x12b/0x350 [ 12.997118] kunit_try_run_case+0x1a5/0x480 [ 12.997503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.997965] kthread+0x337/0x6f0 [ 12.998186] ret_from_fork+0x116/0x1d0 [ 12.998514] ret_from_fork_asm+0x1a/0x30 [ 12.999046] [ 12.999126] The buggy address belongs to the object at ffff888101aa5dc0 [ 12.999126] which belongs to the cache kmalloc-16 of size 16 [ 12.999698] The buggy address is located 0 bytes inside of [ 12.999698] freed 16-byte region [ffff888101aa5dc0, ffff888101aa5dd0) [ 13.001042] [ 13.001220] The buggy address belongs to the physical page: [ 13.001807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101aa5 [ 13.002249] flags: 0x200000000000000(node=0|zone=2) [ 13.002845] page_type: f5(slab) [ 13.003009] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.003240] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.003704] page dumped because: kasan: bad access detected [ 13.004271] [ 13.004475] Memory state around the buggy address: [ 13.004984] ffff888101aa5c80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 13.005726] ffff888101aa5d00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.006323] >ffff888101aa5d80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 13.007003] ^ [ 13.007382] ffff888101aa5e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.007998] ffff888101aa5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.008444] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.942019] ================================================================== [ 12.942638] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.942871] Read of size 1 at addr ffff8881026bfb28 by task kunit_try_catch/205 [ 12.943109] [ 12.943279] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.943324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.943335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.943355] Call Trace: [ 12.943367] <TASK> [ 12.943382] dump_stack_lvl+0x73/0xb0 [ 12.943421] print_report+0xd1/0x610 [ 12.943443] ? __virt_addr_valid+0x1db/0x2d0 [ 12.943486] ? kmalloc_uaf2+0x4a8/0x520 [ 12.943505] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.943529] ? kmalloc_uaf2+0x4a8/0x520 [ 12.943561] kasan_report+0x141/0x180 [ 12.943583] ? kmalloc_uaf2+0x4a8/0x520 [ 12.943607] __asan_report_load1_noabort+0x18/0x20 [ 12.943643] kmalloc_uaf2+0x4a8/0x520 [ 12.943663] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.943683] ? finish_task_switch.isra.0+0x153/0x700 [ 12.943718] ? __switch_to+0x47/0xf50 [ 12.943745] ? __schedule+0x10cc/0x2b60 [ 12.943779] ? __pfx_read_tsc+0x10/0x10 [ 12.943800] ? ktime_get_ts64+0x86/0x230 [ 12.943824] kunit_try_run_case+0x1a5/0x480 [ 12.943882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.943907] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.943941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.943965] ? __kthread_parkme+0x82/0x180 [ 12.943985] ? preempt_count_sub+0x50/0x80 [ 12.944020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.944044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.944069] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.944105] kthread+0x337/0x6f0 [ 12.944125] ? trace_preempt_on+0x20/0xc0 [ 12.944148] ? __pfx_kthread+0x10/0x10 [ 12.944169] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.944190] ? calculate_sigpending+0x7b/0xa0 [ 12.944216] ? __pfx_kthread+0x10/0x10 [ 12.944238] ret_from_fork+0x116/0x1d0 [ 12.944258] ? __pfx_kthread+0x10/0x10 [ 12.944283] ret_from_fork_asm+0x1a/0x30 [ 12.944314] </TASK> [ 12.944323] [ 12.954925] Allocated by task 205: [ 12.955116] kasan_save_stack+0x45/0x70 [ 12.955271] kasan_save_track+0x18/0x40 [ 12.955753] kasan_save_alloc_info+0x3b/0x50 [ 12.956051] __kasan_kmalloc+0xb7/0xc0 [ 12.956195] __kmalloc_cache_noprof+0x189/0x420 [ 12.956825] kmalloc_uaf2+0xc6/0x520 [ 12.957015] kunit_try_run_case+0x1a5/0x480 [ 12.957176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.957606] kthread+0x337/0x6f0 [ 12.957958] ret_from_fork+0x116/0x1d0 [ 12.958129] ret_from_fork_asm+0x1a/0x30 [ 12.958469] [ 12.958566] Freed by task 205: [ 12.958844] kasan_save_stack+0x45/0x70 [ 12.959003] kasan_save_track+0x18/0x40 [ 12.959202] kasan_save_free_info+0x3f/0x60 [ 12.959406] __kasan_slab_free+0x56/0x70 [ 12.959899] kfree+0x222/0x3f0 [ 12.960027] kmalloc_uaf2+0x14c/0x520 [ 12.960382] kunit_try_run_case+0x1a5/0x480 [ 12.960617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.961042] kthread+0x337/0x6f0 [ 12.961300] ret_from_fork+0x116/0x1d0 [ 12.961456] ret_from_fork_asm+0x1a/0x30 [ 12.961998] [ 12.962078] The buggy address belongs to the object at ffff8881026bfb00 [ 12.962078] which belongs to the cache kmalloc-64 of size 64 [ 12.962971] The buggy address is located 40 bytes inside of [ 12.962971] freed 64-byte region [ffff8881026bfb00, ffff8881026bfb40) [ 12.963755] [ 12.963851] The buggy address belongs to the physical page: [ 12.964029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026bf [ 12.964633] flags: 0x200000000000000(node=0|zone=2) [ 12.964982] page_type: f5(slab) [ 12.965159] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.965729] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.966120] page dumped because: kasan: bad access detected [ 12.966386] [ 12.966566] Memory state around the buggy address: [ 12.967025] ffff8881026bfa00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.967326] ffff8881026bfa80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.967974] >ffff8881026bfb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.968230] ^ [ 12.968637] ffff8881026bfb80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.969103] ffff8881026bfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.969588] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.904807] ================================================================== [ 12.905199] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.905444] Write of size 33 at addr ffff88810342f800 by task kunit_try_catch/203 [ 12.905682] [ 12.905769] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.905814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.905825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.905846] Call Trace: [ 12.905857] <TASK> [ 12.905872] dump_stack_lvl+0x73/0xb0 [ 12.905901] print_report+0xd1/0x610 [ 12.905921] ? __virt_addr_valid+0x1db/0x2d0 [ 12.905943] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.905963] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.905984] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.906004] kasan_report+0x141/0x180 [ 12.906025] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.906049] kasan_check_range+0x10c/0x1c0 [ 12.906072] __asan_memset+0x27/0x50 [ 12.906090] kmalloc_uaf_memset+0x1a3/0x360 [ 12.906110] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.906131] ? __schedule+0x10cc/0x2b60 [ 12.906152] ? __pfx_read_tsc+0x10/0x10 [ 12.906172] ? ktime_get_ts64+0x86/0x230 [ 12.906195] kunit_try_run_case+0x1a5/0x480 [ 12.906218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.906239] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.906262] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.906285] ? __kthread_parkme+0x82/0x180 [ 12.906304] ? preempt_count_sub+0x50/0x80 [ 12.906326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.906349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.906373] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.906396] kthread+0x337/0x6f0 [ 12.906415] ? trace_preempt_on+0x20/0xc0 [ 12.906437] ? __pfx_kthread+0x10/0x10 [ 12.906822] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.906850] ? calculate_sigpending+0x7b/0xa0 [ 12.907097] ? __pfx_kthread+0x10/0x10 [ 12.907121] ret_from_fork+0x116/0x1d0 [ 12.907142] ? __pfx_kthread+0x10/0x10 [ 12.907163] ret_from_fork_asm+0x1a/0x30 [ 12.907194] </TASK> [ 12.907205] [ 12.922790] Allocated by task 203: [ 12.923154] kasan_save_stack+0x45/0x70 [ 12.923413] kasan_save_track+0x18/0x40 [ 12.923849] kasan_save_alloc_info+0x3b/0x50 [ 12.924070] __kasan_kmalloc+0xb7/0xc0 [ 12.924345] __kmalloc_cache_noprof+0x189/0x420 [ 12.924799] kmalloc_uaf_memset+0xa9/0x360 [ 12.924977] kunit_try_run_case+0x1a5/0x480 [ 12.925506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.925809] kthread+0x337/0x6f0 [ 12.925982] ret_from_fork+0x116/0x1d0 [ 12.926143] ret_from_fork_asm+0x1a/0x30 [ 12.926334] [ 12.926425] Freed by task 203: [ 12.926951] kasan_save_stack+0x45/0x70 [ 12.927122] kasan_save_track+0x18/0x40 [ 12.927511] kasan_save_free_info+0x3f/0x60 [ 12.927962] __kasan_slab_free+0x56/0x70 [ 12.928135] kfree+0x222/0x3f0 [ 12.928305] kmalloc_uaf_memset+0x12b/0x360 [ 12.928506] kunit_try_run_case+0x1a5/0x480 [ 12.928717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.928961] kthread+0x337/0x6f0 [ 12.929130] ret_from_fork+0x116/0x1d0 [ 12.929295] ret_from_fork_asm+0x1a/0x30 [ 12.929938] [ 12.930036] The buggy address belongs to the object at ffff88810342f800 [ 12.930036] which belongs to the cache kmalloc-64 of size 64 [ 12.930765] The buggy address is located 0 bytes inside of [ 12.930765] freed 64-byte region [ffff88810342f800, ffff88810342f840) [ 12.931233] [ 12.931357] The buggy address belongs to the physical page: [ 12.932139] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342f [ 12.932505] flags: 0x200000000000000(node=0|zone=2) [ 12.932939] page_type: f5(slab) [ 12.933080] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.933422] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.933697] page dumped because: kasan: bad access detected [ 12.933945] [ 12.934038] Memory state around the buggy address: [ 12.934226] ffff88810342f700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.934949] ffff88810342f780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.935211] >ffff88810342f800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.935811] ^ [ 12.935989] ffff88810342f880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.936462] ffff88810342f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.936927] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.872360] ================================================================== [ 12.873127] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.873539] Read of size 1 at addr ffff888102676228 by task kunit_try_catch/201 [ 12.873913] [ 12.874014] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.874056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.874067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.874087] Call Trace: [ 12.874098] <TASK> [ 12.874112] dump_stack_lvl+0x73/0xb0 [ 12.874140] print_report+0xd1/0x610 [ 12.874162] ? __virt_addr_valid+0x1db/0x2d0 [ 12.874185] ? kmalloc_uaf+0x320/0x380 [ 12.874204] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.874226] ? kmalloc_uaf+0x320/0x380 [ 12.874246] kasan_report+0x141/0x180 [ 12.874267] ? kmalloc_uaf+0x320/0x380 [ 12.874291] __asan_report_load1_noabort+0x18/0x20 [ 12.874316] kmalloc_uaf+0x320/0x380 [ 12.874336] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.874357] ? __schedule+0x10cc/0x2b60 [ 12.874379] ? __pfx_read_tsc+0x10/0x10 [ 12.874399] ? ktime_get_ts64+0x86/0x230 [ 12.874966] kunit_try_run_case+0x1a5/0x480 [ 12.874995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.875020] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.875045] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.875069] ? __kthread_parkme+0x82/0x180 [ 12.875089] ? preempt_count_sub+0x50/0x80 [ 12.875113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.875137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.875162] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.875187] kthread+0x337/0x6f0 [ 12.875206] ? trace_preempt_on+0x20/0xc0 [ 12.875229] ? __pfx_kthread+0x10/0x10 [ 12.875250] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.875271] ? calculate_sigpending+0x7b/0xa0 [ 12.875296] ? __pfx_kthread+0x10/0x10 [ 12.875317] ret_from_fork+0x116/0x1d0 [ 12.875336] ? __pfx_kthread+0x10/0x10 [ 12.875357] ret_from_fork_asm+0x1a/0x30 [ 12.875387] </TASK> [ 12.875397] [ 12.885724] Allocated by task 201: [ 12.885869] kasan_save_stack+0x45/0x70 [ 12.886790] kasan_save_track+0x18/0x40 [ 12.887006] kasan_save_alloc_info+0x3b/0x50 [ 12.887224] __kasan_kmalloc+0xb7/0xc0 [ 12.887404] __kmalloc_cache_noprof+0x189/0x420 [ 12.888082] kmalloc_uaf+0xaa/0x380 [ 12.888220] kunit_try_run_case+0x1a5/0x480 [ 12.889479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.889977] kthread+0x337/0x6f0 [ 12.890153] ret_from_fork+0x116/0x1d0 [ 12.890337] ret_from_fork_asm+0x1a/0x30 [ 12.890593] [ 12.890673] Freed by task 201: [ 12.891143] kasan_save_stack+0x45/0x70 [ 12.891699] kasan_save_track+0x18/0x40 [ 12.891858] kasan_save_free_info+0x3f/0x60 [ 12.892072] __kasan_slab_free+0x56/0x70 [ 12.892235] kfree+0x222/0x3f0 [ 12.892408] kmalloc_uaf+0x12c/0x380 [ 12.892827] kunit_try_run_case+0x1a5/0x480 [ 12.893074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.893363] kthread+0x337/0x6f0 [ 12.893517] ret_from_fork+0x116/0x1d0 [ 12.893852] ret_from_fork_asm+0x1a/0x30 [ 12.894052] [ 12.894141] The buggy address belongs to the object at ffff888102676220 [ 12.894141] which belongs to the cache kmalloc-16 of size 16 [ 12.894963] The buggy address is located 8 bytes inside of [ 12.894963] freed 16-byte region [ffff888102676220, ffff888102676230) [ 12.895579] [ 12.895941] The buggy address belongs to the physical page: [ 12.896245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 12.896771] flags: 0x200000000000000(node=0|zone=2) [ 12.896946] page_type: f5(slab) [ 12.897205] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.897697] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.898097] page dumped because: kasan: bad access detected [ 12.898385] [ 12.898506] Memory state around the buggy address: [ 12.898902] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 12.899183] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.899655] >ffff888102676200: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.900122] ^ [ 12.900388] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.901071] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.901391] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.844275] ================================================================== [ 12.844959] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.845291] Read of size 64 at addr ffff88810342f784 by task kunit_try_catch/199 [ 12.845664] [ 12.845825] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.845871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.845882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.845901] Call Trace: [ 12.845914] <TASK> [ 12.845929] dump_stack_lvl+0x73/0xb0 [ 12.845959] print_report+0xd1/0x610 [ 12.845981] ? __virt_addr_valid+0x1db/0x2d0 [ 12.846005] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.846030] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.846053] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.846078] kasan_report+0x141/0x180 [ 12.846100] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.846129] kasan_check_range+0x10c/0x1c0 [ 12.846153] __asan_memmove+0x27/0x70 [ 12.846172] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.846198] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.846224] ? __schedule+0x10cc/0x2b60 [ 12.846246] ? __pfx_read_tsc+0x10/0x10 [ 12.846267] ? ktime_get_ts64+0x86/0x230 [ 12.846291] kunit_try_run_case+0x1a5/0x480 [ 12.846316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.846339] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.846363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.846387] ? __kthread_parkme+0x82/0x180 [ 12.846418] ? preempt_count_sub+0x50/0x80 [ 12.846442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.846477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.846501] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.846526] kthread+0x337/0x6f0 [ 12.846545] ? trace_preempt_on+0x20/0xc0 [ 12.846622] ? __pfx_kthread+0x10/0x10 [ 12.846644] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.846666] ? calculate_sigpending+0x7b/0xa0 [ 12.846691] ? __pfx_kthread+0x10/0x10 [ 12.846713] ret_from_fork+0x116/0x1d0 [ 12.846732] ? __pfx_kthread+0x10/0x10 [ 12.846752] ret_from_fork_asm+0x1a/0x30 [ 12.846783] </TASK> [ 12.846793] [ 12.856282] Allocated by task 199: [ 12.856418] kasan_save_stack+0x45/0x70 [ 12.856842] kasan_save_track+0x18/0x40 [ 12.857036] kasan_save_alloc_info+0x3b/0x50 [ 12.857240] __kasan_kmalloc+0xb7/0xc0 [ 12.857414] __kmalloc_cache_noprof+0x189/0x420 [ 12.858024] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.858339] kunit_try_run_case+0x1a5/0x480 [ 12.858753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.859102] kthread+0x337/0x6f0 [ 12.859373] ret_from_fork+0x116/0x1d0 [ 12.859573] ret_from_fork_asm+0x1a/0x30 [ 12.859916] [ 12.860021] The buggy address belongs to the object at ffff88810342f780 [ 12.860021] which belongs to the cache kmalloc-64 of size 64 [ 12.860538] The buggy address is located 4 bytes inside of [ 12.860538] allocated 64-byte region [ffff88810342f780, ffff88810342f7c0) [ 12.861420] [ 12.861525] The buggy address belongs to the physical page: [ 12.862027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342f [ 12.862501] flags: 0x200000000000000(node=0|zone=2) [ 12.862867] page_type: f5(slab) [ 12.863033] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.863355] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.863940] page dumped because: kasan: bad access detected [ 12.864301] [ 12.864377] Memory state around the buggy address: [ 12.864875] ffff88810342f680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.865138] ffff88810342f700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.865793] >ffff88810342f780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.866106] ^ [ 12.866400] ffff88810342f800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.866937] ffff88810342f880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.867308] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.812784] ================================================================== [ 12.813266] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.813588] Read of size 18446744073709551614 at addr ffff8881026bf704 by task kunit_try_catch/197 [ 12.814109] [ 12.814203] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.814246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.814258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.814278] Call Trace: [ 12.814290] <TASK> [ 12.814304] dump_stack_lvl+0x73/0xb0 [ 12.814333] print_report+0xd1/0x610 [ 12.814355] ? __virt_addr_valid+0x1db/0x2d0 [ 12.814380] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.814406] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.814461] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.814505] kasan_report+0x141/0x180 [ 12.814527] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.814557] kasan_check_range+0x10c/0x1c0 [ 12.814767] __asan_memmove+0x27/0x70 [ 12.814788] kmalloc_memmove_negative_size+0x171/0x330 [ 12.814815] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.814843] ? __schedule+0x10cc/0x2b60 [ 12.814865] ? __pfx_read_tsc+0x10/0x10 [ 12.814886] ? ktime_get_ts64+0x86/0x230 [ 12.814911] kunit_try_run_case+0x1a5/0x480 [ 12.814935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.814958] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.814982] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.815006] ? __kthread_parkme+0x82/0x180 [ 12.815027] ? preempt_count_sub+0x50/0x80 [ 12.815051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.815076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.815100] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.815125] kthread+0x337/0x6f0 [ 12.815144] ? trace_preempt_on+0x20/0xc0 [ 12.815167] ? __pfx_kthread+0x10/0x10 [ 12.815187] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.815208] ? calculate_sigpending+0x7b/0xa0 [ 12.815233] ? __pfx_kthread+0x10/0x10 [ 12.815254] ret_from_fork+0x116/0x1d0 [ 12.815272] ? __pfx_kthread+0x10/0x10 [ 12.815292] ret_from_fork_asm+0x1a/0x30 [ 12.815323] </TASK> [ 12.815332] [ 12.825808] Allocated by task 197: [ 12.826184] kasan_save_stack+0x45/0x70 [ 12.826391] kasan_save_track+0x18/0x40 [ 12.826825] kasan_save_alloc_info+0x3b/0x50 [ 12.827000] __kasan_kmalloc+0xb7/0xc0 [ 12.827200] __kmalloc_cache_noprof+0x189/0x420 [ 12.827411] kmalloc_memmove_negative_size+0xac/0x330 [ 12.827916] kunit_try_run_case+0x1a5/0x480 [ 12.828120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.828541] kthread+0x337/0x6f0 [ 12.828773] ret_from_fork+0x116/0x1d0 [ 12.828929] ret_from_fork_asm+0x1a/0x30 [ 12.829134] [ 12.829233] The buggy address belongs to the object at ffff8881026bf700 [ 12.829233] which belongs to the cache kmalloc-64 of size 64 [ 12.830384] The buggy address is located 4 bytes inside of [ 12.830384] 64-byte region [ffff8881026bf700, ffff8881026bf740) [ 12.831947] [ 12.832060] The buggy address belongs to the physical page: [ 12.832282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026bf [ 12.833079] flags: 0x200000000000000(node=0|zone=2) [ 12.833978] page_type: f5(slab) [ 12.834687] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.835005] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.835328] page dumped because: kasan: bad access detected [ 12.836192] [ 12.836312] Memory state around the buggy address: [ 12.836511] ffff8881026bf600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.837350] ffff8881026bf680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.837970] >ffff8881026bf700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.838319] ^ [ 12.838824] ffff8881026bf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.839369] ffff8881026bf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.839982] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.791746] ================================================================== [ 12.792231] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.792547] Write of size 16 at addr ffff8881026b2c69 by task kunit_try_catch/195 [ 12.793026] [ 12.793151] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.793198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.793210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.793232] Call Trace: [ 12.793245] <TASK> [ 12.793261] dump_stack_lvl+0x73/0xb0 [ 12.793295] print_report+0xd1/0x610 [ 12.793319] ? __virt_addr_valid+0x1db/0x2d0 [ 12.793345] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.793367] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.793391] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.793414] kasan_report+0x141/0x180 [ 12.793436] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.793476] kasan_check_range+0x10c/0x1c0 [ 12.793512] __asan_memset+0x27/0x50 [ 12.793532] kmalloc_oob_memset_16+0x166/0x330 [ 12.793554] ? __kasan_check_write+0x18/0x20 [ 12.793574] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.793597] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.793624] ? trace_hardirqs_on+0x37/0xe0 [ 12.793649] ? __pfx_read_tsc+0x10/0x10 [ 12.793671] ? ktime_get_ts64+0x86/0x230 [ 12.793697] kunit_try_run_case+0x1a5/0x480 [ 12.793802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.793828] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.793855] ? __kthread_parkme+0x82/0x180 [ 12.793877] ? preempt_count_sub+0x50/0x80 [ 12.793903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.793928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.793953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.793979] kthread+0x337/0x6f0 [ 12.793998] ? trace_preempt_on+0x20/0xc0 [ 12.794021] ? __pfx_kthread+0x10/0x10 [ 12.794042] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.794064] ? calculate_sigpending+0x7b/0xa0 [ 12.794089] ? __pfx_kthread+0x10/0x10 [ 12.794111] ret_from_fork+0x116/0x1d0 [ 12.794130] ? __pfx_kthread+0x10/0x10 [ 12.794150] ret_from_fork_asm+0x1a/0x30 [ 12.794181] </TASK> [ 12.794191] [ 12.801962] Allocated by task 195: [ 12.802142] kasan_save_stack+0x45/0x70 [ 12.802288] kasan_save_track+0x18/0x40 [ 12.802422] kasan_save_alloc_info+0x3b/0x50 [ 12.802582] __kasan_kmalloc+0xb7/0xc0 [ 12.802941] __kmalloc_cache_noprof+0x189/0x420 [ 12.803187] kmalloc_oob_memset_16+0xac/0x330 [ 12.803410] kunit_try_run_case+0x1a5/0x480 [ 12.803709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.803937] kthread+0x337/0x6f0 [ 12.804096] ret_from_fork+0x116/0x1d0 [ 12.804286] ret_from_fork_asm+0x1a/0x30 [ 12.804425] [ 12.804511] The buggy address belongs to the object at ffff8881026b2c00 [ 12.804511] which belongs to the cache kmalloc-128 of size 128 [ 12.805047] The buggy address is located 105 bytes inside of [ 12.805047] allocated 120-byte region [ffff8881026b2c00, ffff8881026b2c78) [ 12.805702] [ 12.805779] The buggy address belongs to the physical page: [ 12.806000] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b2 [ 12.806347] flags: 0x200000000000000(node=0|zone=2) [ 12.806700] page_type: f5(slab) [ 12.806856] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.807175] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.807549] page dumped because: kasan: bad access detected [ 12.807739] [ 12.807809] Memory state around the buggy address: [ 12.807964] ffff8881026b2b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.808185] ffff8881026b2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.808510] >ffff8881026b2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.808822] ^ [ 12.809131] ffff8881026b2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.809422] ffff8881026b2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.809789] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.757786] ================================================================== [ 12.758897] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.759644] Write of size 8 at addr ffff888103434071 by task kunit_try_catch/193 [ 12.760422] [ 12.760649] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.760696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.760708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.760729] Call Trace: [ 12.760741] <TASK> [ 12.760758] dump_stack_lvl+0x73/0xb0 [ 12.760788] print_report+0xd1/0x610 [ 12.760811] ? __virt_addr_valid+0x1db/0x2d0 [ 12.760835] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.760856] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.760880] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.760903] kasan_report+0x141/0x180 [ 12.760925] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.760952] kasan_check_range+0x10c/0x1c0 [ 12.760976] __asan_memset+0x27/0x50 [ 12.760996] kmalloc_oob_memset_8+0x166/0x330 [ 12.761018] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.761045] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.761072] kunit_try_run_case+0x1a5/0x480 [ 12.761098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.761121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.761145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.761169] ? __kthread_parkme+0x82/0x180 [ 12.761190] ? preempt_count_sub+0x50/0x80 [ 12.761214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.761238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.761263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.761288] kthread+0x337/0x6f0 [ 12.761307] ? trace_preempt_on+0x20/0xc0 [ 12.761330] ? __pfx_kthread+0x10/0x10 [ 12.761351] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.761382] ? calculate_sigpending+0x7b/0xa0 [ 12.761414] ? __pfx_kthread+0x10/0x10 [ 12.761457] ret_from_fork+0x116/0x1d0 [ 12.761477] ? __pfx_kthread+0x10/0x10 [ 12.761498] ret_from_fork_asm+0x1a/0x30 [ 12.761529] </TASK> [ 12.761539] [ 12.772887] Allocated by task 193: [ 12.773032] kasan_save_stack+0x45/0x70 [ 12.773182] kasan_save_track+0x18/0x40 [ 12.773316] kasan_save_alloc_info+0x3b/0x50 [ 12.773597] __kasan_kmalloc+0xb7/0xc0 [ 12.773937] __kmalloc_cache_noprof+0x189/0x420 [ 12.774397] kmalloc_oob_memset_8+0xac/0x330 [ 12.774950] kunit_try_run_case+0x1a5/0x480 [ 12.775351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.775922] kthread+0x337/0x6f0 [ 12.776231] ret_from_fork+0x116/0x1d0 [ 12.776653] ret_from_fork_asm+0x1a/0x30 [ 12.777021] [ 12.777178] The buggy address belongs to the object at ffff888103434000 [ 12.777178] which belongs to the cache kmalloc-128 of size 128 [ 12.777976] The buggy address is located 113 bytes inside of [ 12.777976] allocated 120-byte region [ffff888103434000, ffff888103434078) [ 12.778338] [ 12.778424] The buggy address belongs to the physical page: [ 12.779093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103434 [ 12.779828] flags: 0x200000000000000(node=0|zone=2) [ 12.780320] page_type: f5(slab) [ 12.780699] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.781338] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.782099] page dumped because: kasan: bad access detected [ 12.782278] [ 12.782349] Memory state around the buggy address: [ 12.782709] ffff888103433f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.783511] ffff888103433f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.784297] >ffff888103434000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.784727] ^ [ 12.785319] ffff888103434080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.785726] ffff888103434100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.785940] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.726697] ================================================================== [ 12.727215] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.727470] Write of size 4 at addr ffff8881026b2b75 by task kunit_try_catch/191 [ 12.727986] [ 12.728138] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.728186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.728199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.728221] Call Trace: [ 12.728234] <TASK> [ 12.728251] dump_stack_lvl+0x73/0xb0 [ 12.728289] print_report+0xd1/0x610 [ 12.728312] ? __virt_addr_valid+0x1db/0x2d0 [ 12.728335] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.728357] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.728380] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.728403] kasan_report+0x141/0x180 [ 12.728424] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.728462] kasan_check_range+0x10c/0x1c0 [ 12.728487] __asan_memset+0x27/0x50 [ 12.728507] kmalloc_oob_memset_4+0x166/0x330 [ 12.728530] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.728553] ? __schedule+0x10cc/0x2b60 [ 12.728576] ? __pfx_read_tsc+0x10/0x10 [ 12.728598] ? ktime_get_ts64+0x86/0x230 [ 12.728873] kunit_try_run_case+0x1a5/0x480 [ 12.728904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.728929] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.728954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.728979] ? __kthread_parkme+0x82/0x180 [ 12.729001] ? preempt_count_sub+0x50/0x80 [ 12.729025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.729050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.729075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.729101] kthread+0x337/0x6f0 [ 12.729120] ? trace_preempt_on+0x20/0xc0 [ 12.729144] ? __pfx_kthread+0x10/0x10 [ 12.729165] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.729187] ? calculate_sigpending+0x7b/0xa0 [ 12.729212] ? __pfx_kthread+0x10/0x10 [ 12.729234] ret_from_fork+0x116/0x1d0 [ 12.729254] ? __pfx_kthread+0x10/0x10 [ 12.729274] ret_from_fork_asm+0x1a/0x30 [ 12.729305] </TASK> [ 12.729316] [ 12.739222] Allocated by task 191: [ 12.739613] kasan_save_stack+0x45/0x70 [ 12.739819] kasan_save_track+0x18/0x40 [ 12.740002] kasan_save_alloc_info+0x3b/0x50 [ 12.740202] __kasan_kmalloc+0xb7/0xc0 [ 12.740386] __kmalloc_cache_noprof+0x189/0x420 [ 12.740949] kmalloc_oob_memset_4+0xac/0x330 [ 12.741143] kunit_try_run_case+0x1a5/0x480 [ 12.741486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.741993] kthread+0x337/0x6f0 [ 12.742254] ret_from_fork+0x116/0x1d0 [ 12.742523] ret_from_fork_asm+0x1a/0x30 [ 12.742863] [ 12.743033] The buggy address belongs to the object at ffff8881026b2b00 [ 12.743033] which belongs to the cache kmalloc-128 of size 128 [ 12.743710] The buggy address is located 117 bytes inside of [ 12.743710] allocated 120-byte region [ffff8881026b2b00, ffff8881026b2b78) [ 12.744243] [ 12.744344] The buggy address belongs to the physical page: [ 12.745094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b2 [ 12.746013] flags: 0x200000000000000(node=0|zone=2) [ 12.746647] page_type: f5(slab) [ 12.747218] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.747819] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.748054] page dumped because: kasan: bad access detected [ 12.748227] [ 12.748305] Memory state around the buggy address: [ 12.748548] ffff8881026b2a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.749537] ffff8881026b2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.750270] >ffff8881026b2b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.751082] ^ [ 12.751990] ffff8881026b2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.752654] ffff8881026b2c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.753107] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.690163] ================================================================== [ 12.691167] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.692126] Write of size 2 at addr ffff888103427f77 by task kunit_try_catch/189 [ 12.692994] [ 12.693109] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.693157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.693169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.693190] Call Trace: [ 12.693203] <TASK> [ 12.693220] dump_stack_lvl+0x73/0xb0 [ 12.693254] print_report+0xd1/0x610 [ 12.693278] ? __virt_addr_valid+0x1db/0x2d0 [ 12.693303] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.693326] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.693349] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.693371] kasan_report+0x141/0x180 [ 12.693393] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.693630] kasan_check_range+0x10c/0x1c0 [ 12.693662] __asan_memset+0x27/0x50 [ 12.693722] kmalloc_oob_memset_2+0x166/0x330 [ 12.693747] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.693771] ? __schedule+0x10cc/0x2b60 [ 12.693795] ? __pfx_read_tsc+0x10/0x10 [ 12.693817] ? ktime_get_ts64+0x86/0x230 [ 12.693842] kunit_try_run_case+0x1a5/0x480 [ 12.693868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.693890] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.693915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.693940] ? __kthread_parkme+0x82/0x180 [ 12.693961] ? preempt_count_sub+0x50/0x80 [ 12.693985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.694009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.694034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.694059] kthread+0x337/0x6f0 [ 12.694078] ? trace_preempt_on+0x20/0xc0 [ 12.694103] ? __pfx_kthread+0x10/0x10 [ 12.694123] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.694145] ? calculate_sigpending+0x7b/0xa0 [ 12.694169] ? __pfx_kthread+0x10/0x10 [ 12.694191] ret_from_fork+0x116/0x1d0 [ 12.694209] ? __pfx_kthread+0x10/0x10 [ 12.694230] ret_from_fork_asm+0x1a/0x30 [ 12.694261] </TASK> [ 12.694272] [ 12.708409] Allocated by task 189: [ 12.708829] kasan_save_stack+0x45/0x70 [ 12.708976] kasan_save_track+0x18/0x40 [ 12.709108] kasan_save_alloc_info+0x3b/0x50 [ 12.709256] __kasan_kmalloc+0xb7/0xc0 [ 12.709385] __kmalloc_cache_noprof+0x189/0x420 [ 12.710115] kmalloc_oob_memset_2+0xac/0x330 [ 12.710693] kunit_try_run_case+0x1a5/0x480 [ 12.711151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.711781] kthread+0x337/0x6f0 [ 12.712127] ret_from_fork+0x116/0x1d0 [ 12.712541] ret_from_fork_asm+0x1a/0x30 [ 12.712706] [ 12.712779] The buggy address belongs to the object at ffff888103427f00 [ 12.712779] which belongs to the cache kmalloc-128 of size 128 [ 12.713121] The buggy address is located 119 bytes inside of [ 12.713121] allocated 120-byte region [ffff888103427f00, ffff888103427f78) [ 12.713556] [ 12.713784] The buggy address belongs to the physical page: [ 12.714122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103427 [ 12.714562] flags: 0x200000000000000(node=0|zone=2) [ 12.715073] page_type: f5(slab) [ 12.715369] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.715884] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.716792] page dumped because: kasan: bad access detected [ 12.717101] [ 12.717223] Memory state around the buggy address: [ 12.717395] ffff888103427e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.718177] ffff888103427e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.718947] >ffff888103427f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.719682] ^ [ 12.720867] ffff888103427f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.721090] ffff888103428000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.721303] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.649276] ================================================================== [ 12.650882] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.651851] Write of size 128 at addr ffff8881026b2a00 by task kunit_try_catch/187 [ 12.652636] [ 12.653004] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.653055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.653067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.653090] Call Trace: [ 12.653105] <TASK> [ 12.653220] dump_stack_lvl+0x73/0xb0 [ 12.653262] print_report+0xd1/0x610 [ 12.653287] ? __virt_addr_valid+0x1db/0x2d0 [ 12.653312] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.653335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.653358] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.653381] kasan_report+0x141/0x180 [ 12.653418] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.653457] kasan_check_range+0x10c/0x1c0 [ 12.653481] __asan_memset+0x27/0x50 [ 12.653501] kmalloc_oob_in_memset+0x15f/0x320 [ 12.653524] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.653548] ? __schedule+0x10cc/0x2b60 [ 12.653573] ? __pfx_read_tsc+0x10/0x10 [ 12.653596] ? ktime_get_ts64+0x86/0x230 [ 12.653623] kunit_try_run_case+0x1a5/0x480 [ 12.653649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.653672] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.653699] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.653723] ? __kthread_parkme+0x82/0x180 [ 12.653746] ? preempt_count_sub+0x50/0x80 [ 12.653771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.653796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.653821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.653846] kthread+0x337/0x6f0 [ 12.653865] ? trace_preempt_on+0x20/0xc0 [ 12.653889] ? __pfx_kthread+0x10/0x10 [ 12.653909] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.653931] ? calculate_sigpending+0x7b/0xa0 [ 12.653956] ? __pfx_kthread+0x10/0x10 [ 12.653978] ret_from_fork+0x116/0x1d0 [ 12.653997] ? __pfx_kthread+0x10/0x10 [ 12.654018] ret_from_fork_asm+0x1a/0x30 [ 12.654049] </TASK> [ 12.654059] [ 12.669627] Allocated by task 187: [ 12.670062] kasan_save_stack+0x45/0x70 [ 12.670480] kasan_save_track+0x18/0x40 [ 12.670845] kasan_save_alloc_info+0x3b/0x50 [ 12.671316] __kasan_kmalloc+0xb7/0xc0 [ 12.671828] __kmalloc_cache_noprof+0x189/0x420 [ 12.671999] kmalloc_oob_in_memset+0xac/0x320 [ 12.672150] kunit_try_run_case+0x1a5/0x480 [ 12.672305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.672955] kthread+0x337/0x6f0 [ 12.673284] ret_from_fork+0x116/0x1d0 [ 12.673831] ret_from_fork_asm+0x1a/0x30 [ 12.674466] [ 12.674736] The buggy address belongs to the object at ffff8881026b2a00 [ 12.674736] which belongs to the cache kmalloc-128 of size 128 [ 12.676062] The buggy address is located 0 bytes inside of [ 12.676062] allocated 120-byte region [ffff8881026b2a00, ffff8881026b2a78) [ 12.676464] [ 12.676904] The buggy address belongs to the physical page: [ 12.677528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b2 [ 12.678358] flags: 0x200000000000000(node=0|zone=2) [ 12.679100] page_type: f5(slab) [ 12.679232] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.679755] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.680755] page dumped because: kasan: bad access detected [ 12.681241] [ 12.681481] Memory state around the buggy address: [ 12.682062] ffff8881026b2900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.682287] ffff8881026b2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.682858] >ffff8881026b2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.683682] ^ [ 12.684380] ffff8881026b2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.685215] ffff8881026b2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.685700] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.602312] ================================================================== [ 12.602977] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.603217] Read of size 16 at addr ffff888102676200 by task kunit_try_catch/185 [ 12.603466] [ 12.603582] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.603625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.603636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.603658] Call Trace: [ 12.603672] <TASK> [ 12.603686] dump_stack_lvl+0x73/0xb0 [ 12.603714] print_report+0xd1/0x610 [ 12.603737] ? __virt_addr_valid+0x1db/0x2d0 [ 12.603759] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.603779] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.603803] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.603825] kasan_report+0x141/0x180 [ 12.603847] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.603872] __asan_report_load16_noabort+0x18/0x20 [ 12.603898] kmalloc_uaf_16+0x47b/0x4c0 [ 12.603919] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.603941] ? __schedule+0x10cc/0x2b60 [ 12.603963] ? __pfx_read_tsc+0x10/0x10 [ 12.603984] ? ktime_get_ts64+0x86/0x230 [ 12.604007] kunit_try_run_case+0x1a5/0x480 [ 12.604032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.604055] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.604079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.604102] ? __kthread_parkme+0x82/0x180 [ 12.604533] ? preempt_count_sub+0x50/0x80 [ 12.604565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.604593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.604619] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.604645] kthread+0x337/0x6f0 [ 12.604665] ? trace_preempt_on+0x20/0xc0 [ 12.604690] ? __pfx_kthread+0x10/0x10 [ 12.604710] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.604732] ? calculate_sigpending+0x7b/0xa0 [ 12.604756] ? __pfx_kthread+0x10/0x10 [ 12.604777] ret_from_fork+0x116/0x1d0 [ 12.604796] ? __pfx_kthread+0x10/0x10 [ 12.604816] ret_from_fork_asm+0x1a/0x30 [ 12.604846] </TASK> [ 12.604856] [ 12.620005] Allocated by task 185: [ 12.620336] kasan_save_stack+0x45/0x70 [ 12.620748] kasan_save_track+0x18/0x40 [ 12.621417] kasan_save_alloc_info+0x3b/0x50 [ 12.622398] __kasan_kmalloc+0xb7/0xc0 [ 12.622716] __kmalloc_cache_noprof+0x189/0x420 [ 12.622883] kmalloc_uaf_16+0x15b/0x4c0 [ 12.623017] kunit_try_run_case+0x1a5/0x480 [ 12.623160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.623333] kthread+0x337/0x6f0 [ 12.623467] ret_from_fork+0x116/0x1d0 [ 12.624523] ret_from_fork_asm+0x1a/0x30 [ 12.624892] [ 12.625174] Freed by task 185: [ 12.625798] kasan_save_stack+0x45/0x70 [ 12.627246] kasan_save_track+0x18/0x40 [ 12.627861] kasan_save_free_info+0x3f/0x60 [ 12.628378] __kasan_slab_free+0x56/0x70 [ 12.628966] kfree+0x222/0x3f0 [ 12.629424] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.629961] kunit_try_run_case+0x1a5/0x480 [ 12.630118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.630291] kthread+0x337/0x6f0 [ 12.630420] ret_from_fork+0x116/0x1d0 [ 12.631122] ret_from_fork_asm+0x1a/0x30 [ 12.631709] [ 12.631998] The buggy address belongs to the object at ffff888102676200 [ 12.631998] which belongs to the cache kmalloc-16 of size 16 [ 12.633490] The buggy address is located 0 bytes inside of [ 12.633490] freed 16-byte region [ffff888102676200, ffff888102676210) [ 12.634681] [ 12.634762] The buggy address belongs to the physical page: [ 12.634935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 12.635172] flags: 0x200000000000000(node=0|zone=2) [ 12.635335] page_type: f5(slab) [ 12.635930] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.636940] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.637898] page dumped because: kasan: bad access detected [ 12.638524] [ 12.638849] Memory state around the buggy address: [ 12.639368] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 12.640129] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 12.640602] >ffff888102676200: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.640825] ^ [ 12.640947] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.641165] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.641379] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.570364] ================================================================== [ 12.570769] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.571124] Write of size 16 at addr ffff8881026761a0 by task kunit_try_catch/183 [ 12.571460] [ 12.571780] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.571841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.571853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.571886] Call Trace: [ 12.571897] <TASK> [ 12.571912] dump_stack_lvl+0x73/0xb0 [ 12.571944] print_report+0xd1/0x610 [ 12.571967] ? __virt_addr_valid+0x1db/0x2d0 [ 12.571989] ? kmalloc_oob_16+0x452/0x4a0 [ 12.572009] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.572033] ? kmalloc_oob_16+0x452/0x4a0 [ 12.572054] kasan_report+0x141/0x180 [ 12.572075] ? kmalloc_oob_16+0x452/0x4a0 [ 12.572110] __asan_report_store16_noabort+0x1b/0x30 [ 12.572136] kmalloc_oob_16+0x452/0x4a0 [ 12.572168] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.572190] ? __schedule+0x10cc/0x2b60 [ 12.572212] ? __pfx_read_tsc+0x10/0x10 [ 12.572234] ? ktime_get_ts64+0x86/0x230 [ 12.572268] kunit_try_run_case+0x1a5/0x480 [ 12.572297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.572320] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.572355] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.572379] ? __kthread_parkme+0x82/0x180 [ 12.572399] ? preempt_count_sub+0x50/0x80 [ 12.572423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.572457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.572491] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.572516] kthread+0x337/0x6f0 [ 12.572535] ? trace_preempt_on+0x20/0xc0 [ 12.572644] ? __pfx_kthread+0x10/0x10 [ 12.572670] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.572693] ? calculate_sigpending+0x7b/0xa0 [ 12.572719] ? __pfx_kthread+0x10/0x10 [ 12.572741] ret_from_fork+0x116/0x1d0 [ 12.572760] ? __pfx_kthread+0x10/0x10 [ 12.572781] ret_from_fork_asm+0x1a/0x30 [ 12.572811] </TASK> [ 12.572822] [ 12.584222] Allocated by task 183: [ 12.584369] kasan_save_stack+0x45/0x70 [ 12.584846] kasan_save_track+0x18/0x40 [ 12.585208] kasan_save_alloc_info+0x3b/0x50 [ 12.585702] __kasan_kmalloc+0xb7/0xc0 [ 12.586065] __kmalloc_cache_noprof+0x189/0x420 [ 12.586512] kmalloc_oob_16+0xa8/0x4a0 [ 12.586979] kunit_try_run_case+0x1a5/0x480 [ 12.587384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.587949] kthread+0x337/0x6f0 [ 12.588203] ret_from_fork+0x116/0x1d0 [ 12.588341] ret_from_fork_asm+0x1a/0x30 [ 12.588651] [ 12.588902] The buggy address belongs to the object at ffff8881026761a0 [ 12.588902] which belongs to the cache kmalloc-16 of size 16 [ 12.590027] The buggy address is located 0 bytes inside of [ 12.590027] allocated 13-byte region [ffff8881026761a0, ffff8881026761ad) [ 12.590385] [ 12.590549] The buggy address belongs to the physical page: [ 12.591104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 12.591965] flags: 0x200000000000000(node=0|zone=2) [ 12.592459] page_type: f5(slab) [ 12.592812] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.593266] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.593530] page dumped because: kasan: bad access detected [ 12.594028] [ 12.594169] Memory state around the buggy address: [ 12.594556] ffff888102676080: 00 05 fc fc 00 05 fc fc 00 00 fc fc 00 06 fc fc [ 12.594953] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 12.595172] >ffff888102676180: 00 05 fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 12.595384] ^ [ 12.595868] ffff888102676200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.596616] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.597226] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.531896] ================================================================== [ 12.532388] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.532765] Read of size 1 at addr ffff888100aab200 by task kunit_try_catch/181 [ 12.533175] [ 12.533351] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.533393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.533405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.533425] Call Trace: [ 12.533437] <TASK> [ 12.533462] dump_stack_lvl+0x73/0xb0 [ 12.533489] print_report+0xd1/0x610 [ 12.533512] ? __virt_addr_valid+0x1db/0x2d0 [ 12.533547] ? krealloc_uaf+0x53c/0x5e0 [ 12.533579] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.533603] ? krealloc_uaf+0x53c/0x5e0 [ 12.533624] kasan_report+0x141/0x180 [ 12.533652] ? krealloc_uaf+0x53c/0x5e0 [ 12.533678] __asan_report_load1_noabort+0x18/0x20 [ 12.533703] krealloc_uaf+0x53c/0x5e0 [ 12.533725] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.533746] ? finish_task_switch.isra.0+0x153/0x700 [ 12.533769] ? __switch_to+0x47/0xf50 [ 12.533794] ? __schedule+0x10cc/0x2b60 [ 12.533816] ? __pfx_read_tsc+0x10/0x10 [ 12.533845] ? ktime_get_ts64+0x86/0x230 [ 12.533871] kunit_try_run_case+0x1a5/0x480 [ 12.533897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.533921] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.533945] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.533970] ? __kthread_parkme+0x82/0x180 [ 12.533990] ? preempt_count_sub+0x50/0x80 [ 12.534014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.534039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.534063] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.534089] kthread+0x337/0x6f0 [ 12.534108] ? trace_preempt_on+0x20/0xc0 [ 12.534131] ? __pfx_kthread+0x10/0x10 [ 12.534152] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.534173] ? calculate_sigpending+0x7b/0xa0 [ 12.534197] ? __pfx_kthread+0x10/0x10 [ 12.534219] ret_from_fork+0x116/0x1d0 [ 12.534237] ? __pfx_kthread+0x10/0x10 [ 12.534258] ret_from_fork_asm+0x1a/0x30 [ 12.534289] </TASK> [ 12.534298] [ 12.548787] Allocated by task 181: [ 12.549148] kasan_save_stack+0x45/0x70 [ 12.549307] kasan_save_track+0x18/0x40 [ 12.549760] kasan_save_alloc_info+0x3b/0x50 [ 12.550242] __kasan_kmalloc+0xb7/0xc0 [ 12.550416] __kmalloc_cache_noprof+0x189/0x420 [ 12.550653] krealloc_uaf+0xbb/0x5e0 [ 12.551068] kunit_try_run_case+0x1a5/0x480 [ 12.551470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.552006] kthread+0x337/0x6f0 [ 12.552413] ret_from_fork+0x116/0x1d0 [ 12.552853] ret_from_fork_asm+0x1a/0x30 [ 12.553234] [ 12.553387] Freed by task 181: [ 12.553582] kasan_save_stack+0x45/0x70 [ 12.554023] kasan_save_track+0x18/0x40 [ 12.554238] kasan_save_free_info+0x3f/0x60 [ 12.555042] __kasan_slab_free+0x56/0x70 [ 12.555425] kfree+0x222/0x3f0 [ 12.555569] krealloc_uaf+0x13d/0x5e0 [ 12.555827] kunit_try_run_case+0x1a5/0x480 [ 12.556285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.556884] kthread+0x337/0x6f0 [ 12.557276] ret_from_fork+0x116/0x1d0 [ 12.557418] ret_from_fork_asm+0x1a/0x30 [ 12.557709] [ 12.557868] The buggy address belongs to the object at ffff888100aab200 [ 12.557868] which belongs to the cache kmalloc-256 of size 256 [ 12.559011] The buggy address is located 0 bytes inside of [ 12.559011] freed 256-byte region [ffff888100aab200, ffff888100aab300) [ 12.559820] [ 12.559979] The buggy address belongs to the physical page: [ 12.560544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 12.560787] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.561013] flags: 0x200000000000040(head|node=0|zone=2) [ 12.561213] page_type: f5(slab) [ 12.561333] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.561935] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.562306] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.562770] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.563145] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 12.563444] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.563816] page dumped because: kasan: bad access detected [ 12.564088] [ 12.564198] Memory state around the buggy address: [ 12.564383] ffff888100aab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.564801] ffff888100aab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.565258] >ffff888100aab200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.565648] ^ [ 12.565978] ffff888100aab280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.566264] ffff888100aab300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.566652] ================================================================== [ 12.491250] ================================================================== [ 12.491884] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.492115] Read of size 1 at addr ffff888100aab200 by task kunit_try_catch/181 [ 12.492430] [ 12.492666] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.492722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.492733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.492754] Call Trace: [ 12.492766] <TASK> [ 12.492782] dump_stack_lvl+0x73/0xb0 [ 12.492812] print_report+0xd1/0x610 [ 12.492835] ? __virt_addr_valid+0x1db/0x2d0 [ 12.492859] ? krealloc_uaf+0x1b8/0x5e0 [ 12.492881] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.492905] ? krealloc_uaf+0x1b8/0x5e0 [ 12.492926] kasan_report+0x141/0x180 [ 12.492947] ? krealloc_uaf+0x1b8/0x5e0 [ 12.492971] ? krealloc_uaf+0x1b8/0x5e0 [ 12.493003] __kasan_check_byte+0x3d/0x50 [ 12.493024] krealloc_noprof+0x3f/0x340 [ 12.493048] krealloc_uaf+0x1b8/0x5e0 [ 12.493080] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.493101] ? finish_task_switch.isra.0+0x153/0x700 [ 12.493125] ? __switch_to+0x47/0xf50 [ 12.493161] ? __schedule+0x10cc/0x2b60 [ 12.493183] ? __pfx_read_tsc+0x10/0x10 [ 12.493204] ? ktime_get_ts64+0x86/0x230 [ 12.493229] kunit_try_run_case+0x1a5/0x480 [ 12.493255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.493278] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.493301] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.493325] ? __kthread_parkme+0x82/0x180 [ 12.493346] ? preempt_count_sub+0x50/0x80 [ 12.493377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.493402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.493437] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.493472] kthread+0x337/0x6f0 [ 12.493511] ? trace_preempt_on+0x20/0xc0 [ 12.493534] ? __pfx_kthread+0x10/0x10 [ 12.493555] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.493587] ? calculate_sigpending+0x7b/0xa0 [ 12.493611] ? __pfx_kthread+0x10/0x10 [ 12.493632] ret_from_fork+0x116/0x1d0 [ 12.493651] ? __pfx_kthread+0x10/0x10 [ 12.493672] ret_from_fork_asm+0x1a/0x30 [ 12.493711] </TASK> [ 12.493721] [ 12.508800] Allocated by task 181: [ 12.509151] kasan_save_stack+0x45/0x70 [ 12.509585] kasan_save_track+0x18/0x40 [ 12.510024] kasan_save_alloc_info+0x3b/0x50 [ 12.510518] __kasan_kmalloc+0xb7/0xc0 [ 12.510921] __kmalloc_cache_noprof+0x189/0x420 [ 12.511122] krealloc_uaf+0xbb/0x5e0 [ 12.511253] kunit_try_run_case+0x1a5/0x480 [ 12.511398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.511961] kthread+0x337/0x6f0 [ 12.512342] ret_from_fork+0x116/0x1d0 [ 12.512772] ret_from_fork_asm+0x1a/0x30 [ 12.513217] [ 12.513406] Freed by task 181: [ 12.513747] kasan_save_stack+0x45/0x70 [ 12.514102] kasan_save_track+0x18/0x40 [ 12.514550] kasan_save_free_info+0x3f/0x60 [ 12.515009] __kasan_slab_free+0x56/0x70 [ 12.515330] kfree+0x222/0x3f0 [ 12.515682] krealloc_uaf+0x13d/0x5e0 [ 12.515875] kunit_try_run_case+0x1a5/0x480 [ 12.516295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.516798] kthread+0x337/0x6f0 [ 12.517146] ret_from_fork+0x116/0x1d0 [ 12.517318] ret_from_fork_asm+0x1a/0x30 [ 12.517624] [ 12.517836] The buggy address belongs to the object at ffff888100aab200 [ 12.517836] which belongs to the cache kmalloc-256 of size 256 [ 12.519143] The buggy address is located 0 bytes inside of [ 12.519143] freed 256-byte region [ffff888100aab200, ffff888100aab300) [ 12.520021] [ 12.520221] The buggy address belongs to the physical page: [ 12.520484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 12.521066] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.521869] flags: 0x200000000000040(head|node=0|zone=2) [ 12.522371] page_type: f5(slab) [ 12.522571] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.523260] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.523963] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.524622] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.525123] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 12.525381] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.526135] page dumped because: kasan: bad access detected [ 12.526696] [ 12.526886] Memory state around the buggy address: [ 12.527420] ffff888100aab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.528177] ffff888100aab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.529014] >ffff888100aab200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.529587] ^ [ 12.529918] ffff888100aab280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.530442] ffff888100aab300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.530894] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.396063] ================================================================== [ 12.396424] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.397299] Write of size 1 at addr ffff888103a0e0d0 by task kunit_try_catch/179 [ 12.397662] [ 12.397963] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.398014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.398026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.398045] Call Trace: [ 12.398059] <TASK> [ 12.398075] dump_stack_lvl+0x73/0xb0 [ 12.398103] print_report+0xd1/0x610 [ 12.398126] ? __virt_addr_valid+0x1db/0x2d0 [ 12.398149] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.398173] ? kasan_addr_to_slab+0x11/0xa0 [ 12.398194] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.398219] kasan_report+0x141/0x180 [ 12.398240] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.398270] __asan_report_store1_noabort+0x1b/0x30 [ 12.398295] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.398322] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.398347] ? finish_task_switch.isra.0+0x153/0x700 [ 12.398370] ? __switch_to+0x47/0xf50 [ 12.398396] ? __schedule+0x10cc/0x2b60 [ 12.398434] ? __pfx_read_tsc+0x10/0x10 [ 12.398470] krealloc_large_less_oob+0x1c/0x30 [ 12.398493] kunit_try_run_case+0x1a5/0x480 [ 12.398518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.398541] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.398565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.398588] ? __kthread_parkme+0x82/0x180 [ 12.398609] ? preempt_count_sub+0x50/0x80 [ 12.398632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.398656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.398681] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.398714] kthread+0x337/0x6f0 [ 12.398733] ? trace_preempt_on+0x20/0xc0 [ 12.398756] ? __pfx_kthread+0x10/0x10 [ 12.398777] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.398798] ? calculate_sigpending+0x7b/0xa0 [ 12.398822] ? __pfx_kthread+0x10/0x10 [ 12.398843] ret_from_fork+0x116/0x1d0 [ 12.398861] ? __pfx_kthread+0x10/0x10 [ 12.398881] ret_from_fork_asm+0x1a/0x30 [ 12.398911] </TASK> [ 12.398920] [ 12.410061] The buggy address belongs to the physical page: [ 12.410407] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c [ 12.411010] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.411582] flags: 0x200000000000040(head|node=0|zone=2) [ 12.411932] page_type: f8(unknown) [ 12.412223] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.412735] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.413179] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.413696] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.414183] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff [ 12.414680] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.415079] page dumped because: kasan: bad access detected [ 12.415422] [ 12.415566] Memory state around the buggy address: [ 12.415916] ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.416248] ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.416795] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.417143] ^ [ 12.417483] ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.417913] ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.418221] ================================================================== [ 12.465013] ================================================================== [ 12.465611] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.466062] Write of size 1 at addr ffff888103a0e0eb by task kunit_try_catch/179 [ 12.466426] [ 12.466875] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.466921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.466932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.466951] Call Trace: [ 12.466966] <TASK> [ 12.466981] dump_stack_lvl+0x73/0xb0 [ 12.467009] print_report+0xd1/0x610 [ 12.467032] ? __virt_addr_valid+0x1db/0x2d0 [ 12.467054] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.467079] ? kasan_addr_to_slab+0x11/0xa0 [ 12.467099] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.467124] kasan_report+0x141/0x180 [ 12.467145] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.467174] __asan_report_store1_noabort+0x1b/0x30 [ 12.467200] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.467226] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.467252] ? finish_task_switch.isra.0+0x153/0x700 [ 12.467275] ? __switch_to+0x47/0xf50 [ 12.467300] ? __schedule+0x10cc/0x2b60 [ 12.467321] ? __pfx_read_tsc+0x10/0x10 [ 12.467345] krealloc_large_less_oob+0x1c/0x30 [ 12.467368] kunit_try_run_case+0x1a5/0x480 [ 12.467392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.467415] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.467439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.467475] ? __kthread_parkme+0x82/0x180 [ 12.467496] ? preempt_count_sub+0x50/0x80 [ 12.467518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.467543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.467581] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.467608] kthread+0x337/0x6f0 [ 12.467627] ? trace_preempt_on+0x20/0xc0 [ 12.467649] ? __pfx_kthread+0x10/0x10 [ 12.467670] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.467691] ? calculate_sigpending+0x7b/0xa0 [ 12.467715] ? __pfx_kthread+0x10/0x10 [ 12.467737] ret_from_fork+0x116/0x1d0 [ 12.467755] ? __pfx_kthread+0x10/0x10 [ 12.467775] ret_from_fork_asm+0x1a/0x30 [ 12.467806] </TASK> [ 12.467816] [ 12.480088] The buggy address belongs to the physical page: [ 12.480553] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c [ 12.481153] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.481717] flags: 0x200000000000040(head|node=0|zone=2) [ 12.482181] page_type: f8(unknown) [ 12.482344] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.482914] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.483304] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.483844] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.484318] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff [ 12.484643] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.484978] page dumped because: kasan: bad access detected [ 12.485216] [ 12.485303] Memory state around the buggy address: [ 12.485529] ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.485805] ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.486119] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.486433] ^ [ 12.487202] ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.487673] ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.488075] ================================================================== [ 12.184531] ================================================================== [ 12.185027] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.185386] Write of size 1 at addr ffff8881003474c9 by task kunit_try_catch/175 [ 12.186033] [ 12.186136] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.186327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.186341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.186362] Call Trace: [ 12.186376] <TASK> [ 12.186393] dump_stack_lvl+0x73/0xb0 [ 12.186439] print_report+0xd1/0x610 [ 12.186474] ? __virt_addr_valid+0x1db/0x2d0 [ 12.186497] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.186520] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.186544] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.186568] kasan_report+0x141/0x180 [ 12.186589] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.186619] __asan_report_store1_noabort+0x1b/0x30 [ 12.186644] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.186670] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.186695] ? finish_task_switch.isra.0+0x153/0x700 [ 12.186719] ? __switch_to+0x47/0xf50 [ 12.186745] ? __schedule+0x10cc/0x2b60 [ 12.186767] ? __pfx_read_tsc+0x10/0x10 [ 12.186791] krealloc_less_oob+0x1c/0x30 [ 12.186814] kunit_try_run_case+0x1a5/0x480 [ 12.186839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.186862] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.186885] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.186909] ? __kthread_parkme+0x82/0x180 [ 12.186929] ? preempt_count_sub+0x50/0x80 [ 12.186952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.186976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.187000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.187025] kthread+0x337/0x6f0 [ 12.187044] ? trace_preempt_on+0x20/0xc0 [ 12.187068] ? __pfx_kthread+0x10/0x10 [ 12.187088] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.187109] ? calculate_sigpending+0x7b/0xa0 [ 12.187133] ? __pfx_kthread+0x10/0x10 [ 12.187154] ret_from_fork+0x116/0x1d0 [ 12.187172] ? __pfx_kthread+0x10/0x10 [ 12.187193] ret_from_fork_asm+0x1a/0x30 [ 12.187223] </TASK> [ 12.187232] [ 12.196773] Allocated by task 175: [ 12.197060] kasan_save_stack+0x45/0x70 [ 12.197375] kasan_save_track+0x18/0x40 [ 12.197733] kasan_save_alloc_info+0x3b/0x50 [ 12.198101] __kasan_krealloc+0x190/0x1f0 [ 12.198288] krealloc_noprof+0xf3/0x340 [ 12.198441] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.198840] krealloc_less_oob+0x1c/0x30 [ 12.199106] kunit_try_run_case+0x1a5/0x480 [ 12.199466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.199712] kthread+0x337/0x6f0 [ 12.199954] ret_from_fork+0x116/0x1d0 [ 12.200092] ret_from_fork_asm+0x1a/0x30 [ 12.200393] [ 12.200643] The buggy address belongs to the object at ffff888100347400 [ 12.200643] which belongs to the cache kmalloc-256 of size 256 [ 12.201146] The buggy address is located 0 bytes to the right of [ 12.201146] allocated 201-byte region [ffff888100347400, ffff8881003474c9) [ 12.201927] [ 12.202008] The buggy address belongs to the physical page: [ 12.202315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.202753] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.203129] flags: 0x200000000000040(head|node=0|zone=2) [ 12.203492] page_type: f5(slab) [ 12.203661] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.203987] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.204307] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.204879] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.205276] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.205698] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.206070] page dumped because: kasan: bad access detected [ 12.206393] [ 12.206496] Memory state around the buggy address: [ 12.206796] ffff888100347380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.207050] ffff888100347400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.207355] >ffff888100347480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.207905] ^ [ 12.208221] ffff888100347500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.208676] ffff888100347580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.209002] ================================================================== [ 12.261982] ================================================================== [ 12.262307] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.263470] Write of size 1 at addr ffff8881003474ea by task kunit_try_catch/175 [ 12.263911] [ 12.264109] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.264154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.264166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.264186] Call Trace: [ 12.264202] <TASK> [ 12.264218] dump_stack_lvl+0x73/0xb0 [ 12.264370] print_report+0xd1/0x610 [ 12.264396] ? __virt_addr_valid+0x1db/0x2d0 [ 12.264435] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.264472] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.264496] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.264523] kasan_report+0x141/0x180 [ 12.264545] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.264574] __asan_report_store1_noabort+0x1b/0x30 [ 12.264600] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.264626] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.264652] ? finish_task_switch.isra.0+0x153/0x700 [ 12.264675] ? __switch_to+0x47/0xf50 [ 12.264701] ? __schedule+0x10cc/0x2b60 [ 12.264723] ? __pfx_read_tsc+0x10/0x10 [ 12.264747] krealloc_less_oob+0x1c/0x30 [ 12.264769] kunit_try_run_case+0x1a5/0x480 [ 12.264794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.264817] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.264841] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.264865] ? __kthread_parkme+0x82/0x180 [ 12.264885] ? preempt_count_sub+0x50/0x80 [ 12.264908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.264933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.264959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.264984] kthread+0x337/0x6f0 [ 12.265003] ? trace_preempt_on+0x20/0xc0 [ 12.265025] ? __pfx_kthread+0x10/0x10 [ 12.265046] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.265068] ? calculate_sigpending+0x7b/0xa0 [ 12.265093] ? __pfx_kthread+0x10/0x10 [ 12.265114] ret_from_fork+0x116/0x1d0 [ 12.265132] ? __pfx_kthread+0x10/0x10 [ 12.265153] ret_from_fork_asm+0x1a/0x30 [ 12.265184] </TASK> [ 12.265193] [ 12.275075] Allocated by task 175: [ 12.275315] kasan_save_stack+0x45/0x70 [ 12.275635] kasan_save_track+0x18/0x40 [ 12.275946] kasan_save_alloc_info+0x3b/0x50 [ 12.276262] __kasan_krealloc+0x190/0x1f0 [ 12.276422] krealloc_noprof+0xf3/0x340 [ 12.276809] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.277128] krealloc_less_oob+0x1c/0x30 [ 12.277331] kunit_try_run_case+0x1a5/0x480 [ 12.277748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.277990] kthread+0x337/0x6f0 [ 12.278234] ret_from_fork+0x116/0x1d0 [ 12.278379] ret_from_fork_asm+0x1a/0x30 [ 12.278609] [ 12.278699] The buggy address belongs to the object at ffff888100347400 [ 12.278699] which belongs to the cache kmalloc-256 of size 256 [ 12.279205] The buggy address is located 33 bytes to the right of [ 12.279205] allocated 201-byte region [ffff888100347400, ffff8881003474c9) [ 12.279997] [ 12.280252] The buggy address belongs to the physical page: [ 12.280465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.281087] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.281486] flags: 0x200000000000040(head|node=0|zone=2) [ 12.281818] page_type: f5(slab) [ 12.281990] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.282428] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.282871] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.283269] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.283797] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.284202] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.284620] page dumped because: kasan: bad access detected [ 12.284956] [ 12.285048] Memory state around the buggy address: [ 12.285365] ffff888100347380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.285760] ffff888100347400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.286118] >ffff888100347480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.286501] ^ [ 12.286876] ffff888100347500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.287147] ffff888100347580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.287593] ================================================================== [ 12.370817] ================================================================== [ 12.371320] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.371845] Write of size 1 at addr ffff888103a0e0c9 by task kunit_try_catch/179 [ 12.372406] [ 12.372703] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.372752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.372764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.372786] Call Trace: [ 12.372799] <TASK> [ 12.372817] dump_stack_lvl+0x73/0xb0 [ 12.372851] print_report+0xd1/0x610 [ 12.372875] ? __virt_addr_valid+0x1db/0x2d0 [ 12.372900] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.372925] ? kasan_addr_to_slab+0x11/0xa0 [ 12.372945] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.372970] kasan_report+0x141/0x180 [ 12.372991] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.373020] __asan_report_store1_noabort+0x1b/0x30 [ 12.373046] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.373072] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.373097] ? finish_task_switch.isra.0+0x153/0x700 [ 12.373122] ? __switch_to+0x47/0xf50 [ 12.373148] ? __schedule+0x10cc/0x2b60 [ 12.373171] ? __pfx_read_tsc+0x10/0x10 [ 12.373195] krealloc_large_less_oob+0x1c/0x30 [ 12.373218] kunit_try_run_case+0x1a5/0x480 [ 12.373246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.373269] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.373293] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.373317] ? __kthread_parkme+0x82/0x180 [ 12.373338] ? preempt_count_sub+0x50/0x80 [ 12.373361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.373385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.373726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.373762] kthread+0x337/0x6f0 [ 12.373783] ? trace_preempt_on+0x20/0xc0 [ 12.373808] ? __pfx_kthread+0x10/0x10 [ 12.373829] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.373851] ? calculate_sigpending+0x7b/0xa0 [ 12.373876] ? __pfx_kthread+0x10/0x10 [ 12.373897] ret_from_fork+0x116/0x1d0 [ 12.373916] ? __pfx_kthread+0x10/0x10 [ 12.373936] ret_from_fork_asm+0x1a/0x30 [ 12.373969] </TASK> [ 12.373980] [ 12.386375] The buggy address belongs to the physical page: [ 12.386854] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c [ 12.387301] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.387793] flags: 0x200000000000040(head|node=0|zone=2) [ 12.388151] page_type: f8(unknown) [ 12.388348] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.388848] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.389271] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.389875] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.390403] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff [ 12.390988] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.391407] page dumped because: kasan: bad access detected [ 12.391953] [ 12.392225] Memory state around the buggy address: [ 12.392491] ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.393041] ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.393324] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.393954] ^ [ 12.394345] ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.395036] ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.395330] ================================================================== [ 12.209695] ================================================================== [ 12.210422] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.210996] Write of size 1 at addr ffff8881003474d0 by task kunit_try_catch/175 [ 12.211369] [ 12.211533] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.211576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.211610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.211629] Call Trace: [ 12.211642] <TASK> [ 12.211655] dump_stack_lvl+0x73/0xb0 [ 12.211819] print_report+0xd1/0x610 [ 12.211846] ? __virt_addr_valid+0x1db/0x2d0 [ 12.211868] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.211892] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.211915] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.211960] kasan_report+0x141/0x180 [ 12.211981] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.212010] __asan_report_store1_noabort+0x1b/0x30 [ 12.212138] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.212166] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.212191] ? finish_task_switch.isra.0+0x153/0x700 [ 12.212215] ? __switch_to+0x47/0xf50 [ 12.212239] ? __schedule+0x10cc/0x2b60 [ 12.212261] ? __pfx_read_tsc+0x10/0x10 [ 12.212295] krealloc_less_oob+0x1c/0x30 [ 12.212316] kunit_try_run_case+0x1a5/0x480 [ 12.212341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.212363] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.212386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.212420] ? __kthread_parkme+0x82/0x180 [ 12.212440] ? preempt_count_sub+0x50/0x80 [ 12.212475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.212499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.212523] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.212548] kthread+0x337/0x6f0 [ 12.212567] ? trace_preempt_on+0x20/0xc0 [ 12.212589] ? __pfx_kthread+0x10/0x10 [ 12.212609] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.212631] ? calculate_sigpending+0x7b/0xa0 [ 12.212654] ? __pfx_kthread+0x10/0x10 [ 12.212675] ret_from_fork+0x116/0x1d0 [ 12.212693] ? __pfx_kthread+0x10/0x10 [ 12.212713] ret_from_fork_asm+0x1a/0x30 [ 12.212743] </TASK> [ 12.212753] [ 12.222372] Allocated by task 175: [ 12.222711] kasan_save_stack+0x45/0x70 [ 12.222988] kasan_save_track+0x18/0x40 [ 12.223277] kasan_save_alloc_info+0x3b/0x50 [ 12.223598] __kasan_krealloc+0x190/0x1f0 [ 12.223799] krealloc_noprof+0xf3/0x340 [ 12.223980] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.224199] krealloc_less_oob+0x1c/0x30 [ 12.224399] kunit_try_run_case+0x1a5/0x480 [ 12.224892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.225190] kthread+0x337/0x6f0 [ 12.225318] ret_from_fork+0x116/0x1d0 [ 12.225744] ret_from_fork_asm+0x1a/0x30 [ 12.225987] [ 12.226225] The buggy address belongs to the object at ffff888100347400 [ 12.226225] which belongs to the cache kmalloc-256 of size 256 [ 12.226871] The buggy address is located 7 bytes to the right of [ 12.226871] allocated 201-byte region [ffff888100347400, ffff8881003474c9) [ 12.227421] [ 12.227819] The buggy address belongs to the physical page: [ 12.228080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.228520] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.228938] flags: 0x200000000000040(head|node=0|zone=2) [ 12.229262] page_type: f5(slab) [ 12.229458] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.229781] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.230103] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.230694] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.230990] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.231391] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.231820] page dumped because: kasan: bad access detected [ 12.232149] [ 12.232246] Memory state around the buggy address: [ 12.232470] ffff888100347380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.232976] ffff888100347400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.233331] >ffff888100347480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.233789] ^ [ 12.234141] ffff888100347500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.234593] ffff888100347580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.234896] ================================================================== [ 12.418950] ================================================================== [ 12.419585] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.420033] Write of size 1 at addr ffff888103a0e0da by task kunit_try_catch/179 [ 12.420353] [ 12.420680] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.420725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.420908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.420929] Call Trace: [ 12.420945] <TASK> [ 12.420960] dump_stack_lvl+0x73/0xb0 [ 12.420989] print_report+0xd1/0x610 [ 12.421014] ? __virt_addr_valid+0x1db/0x2d0 [ 12.421039] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.421064] ? kasan_addr_to_slab+0x11/0xa0 [ 12.421085] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.421110] kasan_report+0x141/0x180 [ 12.421131] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.421161] __asan_report_store1_noabort+0x1b/0x30 [ 12.421186] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.421212] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.421237] ? finish_task_switch.isra.0+0x153/0x700 [ 12.421260] ? __switch_to+0x47/0xf50 [ 12.421285] ? __schedule+0x10cc/0x2b60 [ 12.421307] ? __pfx_read_tsc+0x10/0x10 [ 12.421331] krealloc_large_less_oob+0x1c/0x30 [ 12.421354] kunit_try_run_case+0x1a5/0x480 [ 12.421378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.421410] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.421435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.421473] ? __kthread_parkme+0x82/0x180 [ 12.421494] ? preempt_count_sub+0x50/0x80 [ 12.421517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.421541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.421574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.421600] kthread+0x337/0x6f0 [ 12.421620] ? trace_preempt_on+0x20/0xc0 [ 12.421643] ? __pfx_kthread+0x10/0x10 [ 12.421664] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.421685] ? calculate_sigpending+0x7b/0xa0 [ 12.421709] ? __pfx_kthread+0x10/0x10 [ 12.421730] ret_from_fork+0x116/0x1d0 [ 12.421749] ? __pfx_kthread+0x10/0x10 [ 12.421769] ret_from_fork_asm+0x1a/0x30 [ 12.421799] </TASK> [ 12.421808] [ 12.432932] The buggy address belongs to the physical page: [ 12.433309] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c [ 12.433858] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.434350] flags: 0x200000000000040(head|node=0|zone=2) [ 12.434772] page_type: f8(unknown) [ 12.434911] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.435228] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.435830] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.436159] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.436637] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff [ 12.437080] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.437546] page dumped because: kasan: bad access detected [ 12.437951] [ 12.438035] Memory state around the buggy address: [ 12.438323] ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.438898] ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.439319] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.439846] ^ [ 12.440083] ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.440533] ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.441034] ================================================================== [ 12.441532] ================================================================== [ 12.441946] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.442282] Write of size 1 at addr ffff888103a0e0ea by task kunit_try_catch/179 [ 12.442802] [ 12.442935] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.442991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.443390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.443413] Call Trace: [ 12.443429] <TASK> [ 12.443443] dump_stack_lvl+0x73/0xb0 [ 12.443484] print_report+0xd1/0x610 [ 12.443506] ? __virt_addr_valid+0x1db/0x2d0 [ 12.443529] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.443553] ? kasan_addr_to_slab+0x11/0xa0 [ 12.443592] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.443616] kasan_report+0x141/0x180 [ 12.443638] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.443667] __asan_report_store1_noabort+0x1b/0x30 [ 12.443692] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.443719] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.443744] ? finish_task_switch.isra.0+0x153/0x700 [ 12.443767] ? __switch_to+0x47/0xf50 [ 12.443792] ? __schedule+0x10cc/0x2b60 [ 12.443814] ? __pfx_read_tsc+0x10/0x10 [ 12.443838] krealloc_large_less_oob+0x1c/0x30 [ 12.443861] kunit_try_run_case+0x1a5/0x480 [ 12.443886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.443909] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.443933] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.443957] ? __kthread_parkme+0x82/0x180 [ 12.443977] ? preempt_count_sub+0x50/0x80 [ 12.444000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.444024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.444048] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.444076] kthread+0x337/0x6f0 [ 12.444094] ? trace_preempt_on+0x20/0xc0 [ 12.444117] ? __pfx_kthread+0x10/0x10 [ 12.444138] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.444159] ? calculate_sigpending+0x7b/0xa0 [ 12.444183] ? __pfx_kthread+0x10/0x10 [ 12.444204] ret_from_fork+0x116/0x1d0 [ 12.444223] ? __pfx_kthread+0x10/0x10 [ 12.444243] ret_from_fork_asm+0x1a/0x30 [ 12.444274] </TASK> [ 12.444287] [ 12.455807] The buggy address belongs to the physical page: [ 12.456144] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c [ 12.456627] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.457164] flags: 0x200000000000040(head|node=0|zone=2) [ 12.457403] page_type: f8(unknown) [ 12.457779] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.458189] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.458724] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.459225] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.459688] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff [ 12.460281] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.460768] page dumped because: kasan: bad access detected [ 12.461102] [ 12.461179] Memory state around the buggy address: [ 12.461462] ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.462072] ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.462490] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.462998] ^ [ 12.463502] ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.463969] ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.464274] ================================================================== [ 12.236172] ================================================================== [ 12.236553] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.237095] Write of size 1 at addr ffff8881003474da by task kunit_try_catch/175 [ 12.237474] [ 12.237877] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.237925] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.237937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.237958] Call Trace: [ 12.237972] <TASK> [ 12.237987] dump_stack_lvl+0x73/0xb0 [ 12.238018] print_report+0xd1/0x610 [ 12.238040] ? __virt_addr_valid+0x1db/0x2d0 [ 12.238063] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.238087] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.238111] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.238135] kasan_report+0x141/0x180 [ 12.238157] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.238186] __asan_report_store1_noabort+0x1b/0x30 [ 12.238211] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.238238] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.238263] ? finish_task_switch.isra.0+0x153/0x700 [ 12.238287] ? __switch_to+0x47/0xf50 [ 12.238311] ? __schedule+0x10cc/0x2b60 [ 12.238333] ? __pfx_read_tsc+0x10/0x10 [ 12.238357] krealloc_less_oob+0x1c/0x30 [ 12.238379] kunit_try_run_case+0x1a5/0x480 [ 12.238413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.238437] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.238475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.238498] ? __kthread_parkme+0x82/0x180 [ 12.238520] ? preempt_count_sub+0x50/0x80 [ 12.238543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.238567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.238592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.238617] kthread+0x337/0x6f0 [ 12.238636] ? trace_preempt_on+0x20/0xc0 [ 12.238659] ? __pfx_kthread+0x10/0x10 [ 12.238679] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.238700] ? calculate_sigpending+0x7b/0xa0 [ 12.238724] ? __pfx_kthread+0x10/0x10 [ 12.238746] ret_from_fork+0x116/0x1d0 [ 12.238764] ? __pfx_kthread+0x10/0x10 [ 12.238784] ret_from_fork_asm+0x1a/0x30 [ 12.238815] </TASK> [ 12.238825] [ 12.248719] Allocated by task 175: [ 12.248904] kasan_save_stack+0x45/0x70 [ 12.249098] kasan_save_track+0x18/0x40 [ 12.249281] kasan_save_alloc_info+0x3b/0x50 [ 12.249484] __kasan_krealloc+0x190/0x1f0 [ 12.250022] krealloc_noprof+0xf3/0x340 [ 12.250313] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.250603] krealloc_less_oob+0x1c/0x30 [ 12.250887] kunit_try_run_case+0x1a5/0x480 [ 12.251152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.251528] kthread+0x337/0x6f0 [ 12.251716] ret_from_fork+0x116/0x1d0 [ 12.251987] ret_from_fork_asm+0x1a/0x30 [ 12.252137] [ 12.252373] The buggy address belongs to the object at ffff888100347400 [ 12.252373] which belongs to the cache kmalloc-256 of size 256 [ 12.253134] The buggy address is located 17 bytes to the right of [ 12.253134] allocated 201-byte region [ffff888100347400, ffff8881003474c9) [ 12.253769] [ 12.253852] The buggy address belongs to the physical page: [ 12.254180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.254687] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.254987] flags: 0x200000000000040(head|node=0|zone=2) [ 12.255358] page_type: f5(slab) [ 12.255652] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.256024] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.256412] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.256826] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.257133] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.257692] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.258027] page dumped because: kasan: bad access detected [ 12.258337] [ 12.258459] Memory state around the buggy address: [ 12.258828] ffff888100347380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.259219] ffff888100347400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.259652] >ffff888100347480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.259945] ^ [ 12.260218] ffff888100347500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.260705] ffff888100347580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.261067] ================================================================== [ 12.288409] ================================================================== [ 12.289294] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.290078] Write of size 1 at addr ffff8881003474eb by task kunit_try_catch/175 [ 12.290472] [ 12.290991] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.291044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.291056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.291077] Call Trace: [ 12.291094] <TASK> [ 12.291111] dump_stack_lvl+0x73/0xb0 [ 12.291141] print_report+0xd1/0x610 [ 12.291166] ? __virt_addr_valid+0x1db/0x2d0 [ 12.291191] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.291215] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.291239] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.291264] kasan_report+0x141/0x180 [ 12.291285] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.291314] __asan_report_store1_noabort+0x1b/0x30 [ 12.291340] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.291366] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.291391] ? finish_task_switch.isra.0+0x153/0x700 [ 12.291432] ? __switch_to+0x47/0xf50 [ 12.291471] ? __schedule+0x10cc/0x2b60 [ 12.291493] ? __pfx_read_tsc+0x10/0x10 [ 12.291517] krealloc_less_oob+0x1c/0x30 [ 12.291539] kunit_try_run_case+0x1a5/0x480 [ 12.291564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.291586] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.291610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.291634] ? __kthread_parkme+0x82/0x180 [ 12.291654] ? preempt_count_sub+0x50/0x80 [ 12.291892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.291921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.291946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.291997] kthread+0x337/0x6f0 [ 12.292017] ? trace_preempt_on+0x20/0xc0 [ 12.292041] ? __pfx_kthread+0x10/0x10 [ 12.292122] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.292160] ? calculate_sigpending+0x7b/0xa0 [ 12.292185] ? __pfx_kthread+0x10/0x10 [ 12.292206] ret_from_fork+0x116/0x1d0 [ 12.292236] ? __pfx_kthread+0x10/0x10 [ 12.292257] ret_from_fork_asm+0x1a/0x30 [ 12.292308] </TASK> [ 12.292317] [ 12.301156] Allocated by task 175: [ 12.301478] kasan_save_stack+0x45/0x70 [ 12.301795] kasan_save_track+0x18/0x40 [ 12.302047] kasan_save_alloc_info+0x3b/0x50 [ 12.302230] __kasan_krealloc+0x190/0x1f0 [ 12.302553] krealloc_noprof+0xf3/0x340 [ 12.302752] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.302916] krealloc_less_oob+0x1c/0x30 [ 12.303055] kunit_try_run_case+0x1a5/0x480 [ 12.303201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.303375] kthread+0x337/0x6f0 [ 12.303527] ret_from_fork+0x116/0x1d0 [ 12.303660] ret_from_fork_asm+0x1a/0x30 [ 12.303839] [ 12.303940] The buggy address belongs to the object at ffff888100347400 [ 12.303940] which belongs to the cache kmalloc-256 of size 256 [ 12.305839] The buggy address is located 34 bytes to the right of [ 12.305839] allocated 201-byte region [ffff888100347400, ffff8881003474c9) [ 12.306303] [ 12.306541] The buggy address belongs to the physical page: [ 12.307250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.307959] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.308480] flags: 0x200000000000040(head|node=0|zone=2) [ 12.308939] page_type: f5(slab) [ 12.309111] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.309639] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.310173] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.310658] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.310989] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.311306] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.312002] page dumped because: kasan: bad access detected [ 12.312333] [ 12.312573] Memory state around the buggy address: [ 12.313048] ffff888100347380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.313332] ffff888100347400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.313867] >ffff888100347480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.314284] ^ [ 12.314758] ffff888100347500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.315055] ffff888100347580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.315339] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.343348] ================================================================== [ 12.343930] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.344508] Write of size 1 at addr ffff888103a0e0f0 by task kunit_try_catch/177 [ 12.344804] [ 12.344918] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.344962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.344973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.344994] Call Trace: [ 12.345007] <TASK> [ 12.345023] dump_stack_lvl+0x73/0xb0 [ 12.345055] print_report+0xd1/0x610 [ 12.345079] ? __virt_addr_valid+0x1db/0x2d0 [ 12.345104] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.345128] ? kasan_addr_to_slab+0x11/0xa0 [ 12.345151] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.345175] kasan_report+0x141/0x180 [ 12.345197] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.345226] __asan_report_store1_noabort+0x1b/0x30 [ 12.345251] krealloc_more_oob_helper+0x7eb/0x930 [ 12.345274] ? __schedule+0x10cc/0x2b60 [ 12.345297] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.345322] ? finish_task_switch.isra.0+0x153/0x700 [ 12.345347] ? __switch_to+0x47/0xf50 [ 12.345373] ? __schedule+0x10cc/0x2b60 [ 12.345394] ? __pfx_read_tsc+0x10/0x10 [ 12.345822] krealloc_large_more_oob+0x1c/0x30 [ 12.345848] kunit_try_run_case+0x1a5/0x480 [ 12.345876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.345899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.345925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.345949] ? __kthread_parkme+0x82/0x180 [ 12.345971] ? preempt_count_sub+0x50/0x80 [ 12.345994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.346018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.346043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.346068] kthread+0x337/0x6f0 [ 12.346086] ? trace_preempt_on+0x20/0xc0 [ 12.346110] ? __pfx_kthread+0x10/0x10 [ 12.346130] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.346152] ? calculate_sigpending+0x7b/0xa0 [ 12.346178] ? __pfx_kthread+0x10/0x10 [ 12.346199] ret_from_fork+0x116/0x1d0 [ 12.346217] ? __pfx_kthread+0x10/0x10 [ 12.346238] ret_from_fork_asm+0x1a/0x30 [ 12.346268] </TASK> [ 12.346278] [ 12.357340] The buggy address belongs to the physical page: [ 12.357589] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c [ 12.357892] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.358260] flags: 0x200000000000040(head|node=0|zone=2) [ 12.359306] page_type: f8(unknown) [ 12.359513] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.360711] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.360955] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.361190] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.361421] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff [ 12.362225] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.362728] page dumped because: kasan: bad access detected [ 12.363050] [ 12.363173] Memory state around the buggy address: [ 12.363439] ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.364021] ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.364234] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.364471] ^ [ 12.365258] ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.365825] ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.366246] ================================================================== [ 12.155939] ================================================================== [ 12.156486] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.156945] Write of size 1 at addr ffff8881003472f0 by task kunit_try_catch/173 [ 12.157332] [ 12.157606] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.157653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.157664] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.157684] Call Trace: [ 12.157695] <TASK> [ 12.157832] dump_stack_lvl+0x73/0xb0 [ 12.157866] print_report+0xd1/0x610 [ 12.157888] ? __virt_addr_valid+0x1db/0x2d0 [ 12.157910] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.157934] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.157958] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.157983] kasan_report+0x141/0x180 [ 12.158005] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.158033] __asan_report_store1_noabort+0x1b/0x30 [ 12.158059] krealloc_more_oob_helper+0x7eb/0x930 [ 12.158082] ? trace_hardirqs_on+0x37/0xe0 [ 12.158107] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.158131] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.158160] ? __pfx_krealloc_more_oob+0x10/0x10 [ 12.158187] krealloc_more_oob+0x1c/0x30 [ 12.158209] kunit_try_run_case+0x1a5/0x480 [ 12.158233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.158255] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.158278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.158301] ? __kthread_parkme+0x82/0x180 [ 12.158321] ? preempt_count_sub+0x50/0x80 [ 12.158345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.158370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.158395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.158432] kthread+0x337/0x6f0 [ 12.158464] ? trace_preempt_on+0x20/0xc0 [ 12.158486] ? __pfx_kthread+0x10/0x10 [ 12.158506] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.158528] ? calculate_sigpending+0x7b/0xa0 [ 12.158551] ? __pfx_kthread+0x10/0x10 [ 12.158574] ret_from_fork+0x116/0x1d0 [ 12.158592] ? __pfx_kthread+0x10/0x10 [ 12.158613] ret_from_fork_asm+0x1a/0x30 [ 12.158643] </TASK> [ 12.158653] [ 12.169091] Allocated by task 173: [ 12.169232] kasan_save_stack+0x45/0x70 [ 12.169475] kasan_save_track+0x18/0x40 [ 12.169870] kasan_save_alloc_info+0x3b/0x50 [ 12.170218] __kasan_krealloc+0x190/0x1f0 [ 12.170403] krealloc_noprof+0xf3/0x340 [ 12.170639] krealloc_more_oob_helper+0x1a9/0x930 [ 12.170990] krealloc_more_oob+0x1c/0x30 [ 12.171163] kunit_try_run_case+0x1a5/0x480 [ 12.171440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.171878] kthread+0x337/0x6f0 [ 12.172124] ret_from_fork+0x116/0x1d0 [ 12.172290] ret_from_fork_asm+0x1a/0x30 [ 12.172657] [ 12.172760] The buggy address belongs to the object at ffff888100347200 [ 12.172760] which belongs to the cache kmalloc-256 of size 256 [ 12.173266] The buggy address is located 5 bytes to the right of [ 12.173266] allocated 235-byte region [ffff888100347200, ffff8881003472eb) [ 12.174013] [ 12.174105] The buggy address belongs to the physical page: [ 12.174472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.174941] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.175318] flags: 0x200000000000040(head|node=0|zone=2) [ 12.175731] page_type: f5(slab) [ 12.175898] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.176191] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.176731] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.177032] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.177630] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.177994] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.178360] page dumped because: kasan: bad access detected [ 12.178698] [ 12.178800] Memory state around the buggy address: [ 12.179274] ffff888100347180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.179593] ffff888100347200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.180073] >ffff888100347280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.180597] ^ [ 12.180967] ffff888100347300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.181235] ffff888100347380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.181484] ================================================================== [ 12.126891] ================================================================== [ 12.127361] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.127970] Write of size 1 at addr ffff8881003472eb by task kunit_try_catch/173 [ 12.128602] [ 12.128728] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.128862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.128875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.128896] Call Trace: [ 12.128908] <TASK> [ 12.128922] dump_stack_lvl+0x73/0xb0 [ 12.128952] print_report+0xd1/0x610 [ 12.128974] ? __virt_addr_valid+0x1db/0x2d0 [ 12.128996] ? krealloc_more_oob_helper+0x821/0x930 [ 12.129021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.129044] ? krealloc_more_oob_helper+0x821/0x930 [ 12.129069] kasan_report+0x141/0x180 [ 12.129090] ? krealloc_more_oob_helper+0x821/0x930 [ 12.129119] __asan_report_store1_noabort+0x1b/0x30 [ 12.129144] krealloc_more_oob_helper+0x821/0x930 [ 12.129167] ? trace_hardirqs_on+0x37/0xe0 [ 12.129191] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.129216] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.129247] ? __pfx_krealloc_more_oob+0x10/0x10 [ 12.129275] krealloc_more_oob+0x1c/0x30 [ 12.129296] kunit_try_run_case+0x1a5/0x480 [ 12.129321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.129344] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.129369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.129393] ? __kthread_parkme+0x82/0x180 [ 12.129512] ? preempt_count_sub+0x50/0x80 [ 12.129538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.129563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.129588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.129613] kthread+0x337/0x6f0 [ 12.129632] ? trace_preempt_on+0x20/0xc0 [ 12.129654] ? __pfx_kthread+0x10/0x10 [ 12.129674] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.129696] ? calculate_sigpending+0x7b/0xa0 [ 12.129720] ? __pfx_kthread+0x10/0x10 [ 12.129741] ret_from_fork+0x116/0x1d0 [ 12.129762] ? __pfx_kthread+0x10/0x10 [ 12.129783] ret_from_fork_asm+0x1a/0x30 [ 12.129813] </TASK> [ 12.129823] [ 12.140359] Allocated by task 173: [ 12.140655] kasan_save_stack+0x45/0x70 [ 12.140919] kasan_save_track+0x18/0x40 [ 12.141254] kasan_save_alloc_info+0x3b/0x50 [ 12.141495] __kasan_krealloc+0x190/0x1f0 [ 12.141813] krealloc_noprof+0xf3/0x340 [ 12.141963] krealloc_more_oob_helper+0x1a9/0x930 [ 12.142275] krealloc_more_oob+0x1c/0x30 [ 12.142495] kunit_try_run_case+0x1a5/0x480 [ 12.142710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.143250] kthread+0x337/0x6f0 [ 12.143381] ret_from_fork+0x116/0x1d0 [ 12.143811] ret_from_fork_asm+0x1a/0x30 [ 12.144120] [ 12.144208] The buggy address belongs to the object at ffff888100347200 [ 12.144208] which belongs to the cache kmalloc-256 of size 256 [ 12.145062] The buggy address is located 0 bytes to the right of [ 12.145062] allocated 235-byte region [ffff888100347200, ffff8881003472eb) [ 12.145784] [ 12.145874] The buggy address belongs to the physical page: [ 12.146137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.146701] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.147024] flags: 0x200000000000040(head|node=0|zone=2) [ 12.147692] page_type: f5(slab) [ 12.147873] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.148490] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.148983] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.149712] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.150076] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.150405] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.151178] page dumped because: kasan: bad access detected [ 12.151403] [ 12.151518] Memory state around the buggy address: [ 12.152347] ffff888100347180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.153137] ffff888100347200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.153556] >ffff888100347280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.153860] ^ [ 12.154341] ffff888100347300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.154816] ffff888100347380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.155113] ================================================================== [ 12.322229] ================================================================== [ 12.323221] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.324186] Write of size 1 at addr ffff888103a0e0eb by task kunit_try_catch/177 [ 12.324626] [ 12.325119] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.325171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.325183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.325205] Call Trace: [ 12.325227] <TASK> [ 12.325244] dump_stack_lvl+0x73/0xb0 [ 12.325277] print_report+0xd1/0x610 [ 12.325301] ? __virt_addr_valid+0x1db/0x2d0 [ 12.325324] ? krealloc_more_oob_helper+0x821/0x930 [ 12.325348] ? kasan_addr_to_slab+0x11/0xa0 [ 12.325369] ? krealloc_more_oob_helper+0x821/0x930 [ 12.325393] kasan_report+0x141/0x180 [ 12.325425] ? krealloc_more_oob_helper+0x821/0x930 [ 12.325463] __asan_report_store1_noabort+0x1b/0x30 [ 12.325489] krealloc_more_oob_helper+0x821/0x930 [ 12.325512] ? __schedule+0x10cc/0x2b60 [ 12.325534] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.325560] ? finish_task_switch.isra.0+0x153/0x700 [ 12.325583] ? __switch_to+0x47/0xf50 [ 12.325610] ? __schedule+0x10cc/0x2b60 [ 12.325633] ? __pfx_read_tsc+0x10/0x10 [ 12.325657] krealloc_large_more_oob+0x1c/0x30 [ 12.325680] kunit_try_run_case+0x1a5/0x480 [ 12.325707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.325730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.325754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.325778] ? __kthread_parkme+0x82/0x180 [ 12.325799] ? preempt_count_sub+0x50/0x80 [ 12.325822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.325847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.325871] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.325897] kthread+0x337/0x6f0 [ 12.325916] ? trace_preempt_on+0x20/0xc0 [ 12.325940] ? __pfx_kthread+0x10/0x10 [ 12.325960] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.325981] ? calculate_sigpending+0x7b/0xa0 [ 12.326006] ? __pfx_kthread+0x10/0x10 [ 12.326027] ret_from_fork+0x116/0x1d0 [ 12.326046] ? __pfx_kthread+0x10/0x10 [ 12.326066] ret_from_fork_asm+0x1a/0x30 [ 12.326096] </TASK> [ 12.326107] [ 12.334051] The buggy address belongs to the physical page: [ 12.334504] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c [ 12.334949] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.335247] flags: 0x200000000000040(head|node=0|zone=2) [ 12.335555] page_type: f8(unknown) [ 12.335741] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.335978] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.336317] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.337312] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.338021] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff [ 12.338315] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.339136] page dumped because: kasan: bad access detected [ 12.339505] [ 12.339600] Memory state around the buggy address: [ 12.340051] ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.340348] ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.340861] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.341153] ^ [ 12.341520] ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.341999] ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.342242] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.104254] ================================================================== [ 12.105042] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.105756] Read of size 1 at addr ffff888103ac0000 by task kunit_try_catch/171 [ 12.106266] [ 12.106367] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.106643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.106658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.106679] Call Trace: [ 12.106692] <TASK> [ 12.106706] dump_stack_lvl+0x73/0xb0 [ 12.106738] print_report+0xd1/0x610 [ 12.106761] ? __virt_addr_valid+0x1db/0x2d0 [ 12.106785] ? page_alloc_uaf+0x356/0x3d0 [ 12.106807] ? kasan_addr_to_slab+0x11/0xa0 [ 12.106827] ? page_alloc_uaf+0x356/0x3d0 [ 12.106850] kasan_report+0x141/0x180 [ 12.106872] ? page_alloc_uaf+0x356/0x3d0 [ 12.106898] __asan_report_load1_noabort+0x18/0x20 [ 12.106923] page_alloc_uaf+0x356/0x3d0 [ 12.106945] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.106968] ? __schedule+0x10cc/0x2b60 [ 12.106990] ? __pfx_read_tsc+0x10/0x10 [ 12.107012] ? ktime_get_ts64+0x86/0x230 [ 12.107038] kunit_try_run_case+0x1a5/0x480 [ 12.107064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.107087] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.107112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.107135] ? __kthread_parkme+0x82/0x180 [ 12.107157] ? preempt_count_sub+0x50/0x80 [ 12.107182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.107206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.107231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.107257] kthread+0x337/0x6f0 [ 12.107277] ? trace_preempt_on+0x20/0xc0 [ 12.107301] ? __pfx_kthread+0x10/0x10 [ 12.107322] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.107343] ? calculate_sigpending+0x7b/0xa0 [ 12.107368] ? __pfx_kthread+0x10/0x10 [ 12.107389] ret_from_fork+0x116/0x1d0 [ 12.107410] ? __pfx_kthread+0x10/0x10 [ 12.107430] ret_from_fork_asm+0x1a/0x30 [ 12.107475] </TASK> [ 12.107485] [ 12.117946] The buggy address belongs to the physical page: [ 12.118331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ac0 [ 12.118829] flags: 0x200000000000000(node=0|zone=2) [ 12.119148] page_type: f0(buddy) [ 12.119285] raw: 0200000000000000 ffff88817fffb4f0 ffff88817fffb4f0 0000000000000000 [ 12.120024] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 12.120366] page dumped because: kasan: bad access detected [ 12.120900] [ 12.120997] Memory state around the buggy address: [ 12.121331] ffff888103abff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.121741] ffff888103abff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.122114] >ffff888103ac0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.122530] ^ [ 12.122734] ffff888103ac0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.123077] ffff888103ac0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.123379] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.077570] ================================================================== [ 12.078225] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.078720] Free of addr ffff888103a0c001 by task kunit_try_catch/167 [ 12.079003] [ 12.079107] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.079150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.079161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.079180] Call Trace: [ 12.079192] <TASK> [ 12.079207] dump_stack_lvl+0x73/0xb0 [ 12.079237] print_report+0xd1/0x610 [ 12.079259] ? __virt_addr_valid+0x1db/0x2d0 [ 12.079283] ? kasan_addr_to_slab+0x11/0xa0 [ 12.079303] ? kfree+0x274/0x3f0 [ 12.079324] kasan_report_invalid_free+0x10a/0x130 [ 12.079349] ? kfree+0x274/0x3f0 [ 12.079371] ? kfree+0x274/0x3f0 [ 12.079390] __kasan_kfree_large+0x86/0xd0 [ 12.079712] free_large_kmalloc+0x4b/0x110 [ 12.079741] kfree+0x274/0x3f0 [ 12.079766] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.079790] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.079815] ? __schedule+0x10cc/0x2b60 [ 12.079838] ? __pfx_read_tsc+0x10/0x10 [ 12.079859] ? ktime_get_ts64+0x86/0x230 [ 12.079884] kunit_try_run_case+0x1a5/0x480 [ 12.079908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.079931] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.079955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.079979] ? __kthread_parkme+0x82/0x180 [ 12.080000] ? preempt_count_sub+0x50/0x80 [ 12.080023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.080048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.080072] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.080098] kthread+0x337/0x6f0 [ 12.080117] ? trace_preempt_on+0x20/0xc0 [ 12.080140] ? __pfx_kthread+0x10/0x10 [ 12.080161] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.080182] ? calculate_sigpending+0x7b/0xa0 [ 12.080207] ? __pfx_kthread+0x10/0x10 [ 12.080228] ret_from_fork+0x116/0x1d0 [ 12.080247] ? __pfx_kthread+0x10/0x10 [ 12.080267] ret_from_fork_asm+0x1a/0x30 [ 12.080305] </TASK> [ 12.080315] [ 12.089768] The buggy address belongs to the physical page: [ 12.090038] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c [ 12.090364] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.090833] flags: 0x200000000000040(head|node=0|zone=2) [ 12.091170] page_type: f8(unknown) [ 12.091476] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.091875] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.092195] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.092711] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.093038] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff [ 12.093414] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.093867] page dumped because: kasan: bad access detected [ 12.094175] [ 12.094274] Memory state around the buggy address: [ 12.095076] ffff888103a0bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.095299] ffff888103a0bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.095524] >ffff888103a0c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.095731] ^ [ 12.095848] ffff888103a0c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.096053] ffff888103a0c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.096284] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.054973] ================================================================== [ 12.055618] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.056028] Read of size 1 at addr ffff888103a08000 by task kunit_try_catch/165 [ 12.056345] [ 12.056910] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.056959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.056970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.056991] Call Trace: [ 12.057003] <TASK> [ 12.057016] dump_stack_lvl+0x73/0xb0 [ 12.057046] print_report+0xd1/0x610 [ 12.057068] ? __virt_addr_valid+0x1db/0x2d0 [ 12.057090] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.057110] ? kasan_addr_to_slab+0x11/0xa0 [ 12.057131] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.057152] kasan_report+0x141/0x180 [ 12.057173] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.057199] __asan_report_load1_noabort+0x18/0x20 [ 12.057224] kmalloc_large_uaf+0x2f1/0x340 [ 12.057244] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.057267] ? __schedule+0x10cc/0x2b60 [ 12.057289] ? __pfx_read_tsc+0x10/0x10 [ 12.057310] ? ktime_get_ts64+0x86/0x230 [ 12.057334] kunit_try_run_case+0x1a5/0x480 [ 12.057359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.057382] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.057425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.057463] ? __kthread_parkme+0x82/0x180 [ 12.057483] ? preempt_count_sub+0x50/0x80 [ 12.057507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.057531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.057556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.057581] kthread+0x337/0x6f0 [ 12.057600] ? trace_preempt_on+0x20/0xc0 [ 12.057623] ? __pfx_kthread+0x10/0x10 [ 12.057643] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.057665] ? calculate_sigpending+0x7b/0xa0 [ 12.057689] ? __pfx_kthread+0x10/0x10 [ 12.057711] ret_from_fork+0x116/0x1d0 [ 12.057730] ? __pfx_kthread+0x10/0x10 [ 12.057750] ret_from_fork_asm+0x1a/0x30 [ 12.057780] </TASK> [ 12.057790] [ 12.067884] The buggy address belongs to the physical page: [ 12.068233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a08 [ 12.068722] flags: 0x200000000000000(node=0|zone=2) [ 12.068978] raw: 0200000000000000 ffffea00040e8308 ffff88815b039f80 0000000000000000 [ 12.069325] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.069901] page dumped because: kasan: bad access detected [ 12.070235] [ 12.070459] Memory state around the buggy address: [ 12.070750] ffff888103a07f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.071155] ffff888103a07f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.071594] >ffff888103a08000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.072014] ^ [ 12.072262] ffff888103a08080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.072703] ffff888103a08100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.073069] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.023500] ================================================================== [ 12.024077] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.024327] Write of size 1 at addr ffff888103a0a00a by task kunit_try_catch/163 [ 12.025571] [ 12.025905] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.025972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.025983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.026003] Call Trace: [ 12.026015] <TASK> [ 12.026029] dump_stack_lvl+0x73/0xb0 [ 12.026058] print_report+0xd1/0x610 [ 12.026080] ? __virt_addr_valid+0x1db/0x2d0 [ 12.026102] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.026125] ? kasan_addr_to_slab+0x11/0xa0 [ 12.026146] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.026169] kasan_report+0x141/0x180 [ 12.026191] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.026218] __asan_report_store1_noabort+0x1b/0x30 [ 12.026244] kmalloc_large_oob_right+0x2e9/0x330 [ 12.026266] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.026290] ? __schedule+0x10cc/0x2b60 [ 12.026312] ? __pfx_read_tsc+0x10/0x10 [ 12.026333] ? ktime_get_ts64+0x86/0x230 [ 12.026357] kunit_try_run_case+0x1a5/0x480 [ 12.026382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.026413] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.026437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.026469] ? __kthread_parkme+0x82/0x180 [ 12.026489] ? preempt_count_sub+0x50/0x80 [ 12.026513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.026537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.026561] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.026586] kthread+0x337/0x6f0 [ 12.026605] ? trace_preempt_on+0x20/0xc0 [ 12.026627] ? __pfx_kthread+0x10/0x10 [ 12.026647] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.026669] ? calculate_sigpending+0x7b/0xa0 [ 12.026693] ? __pfx_kthread+0x10/0x10 [ 12.026714] ret_from_fork+0x116/0x1d0 [ 12.026733] ? __pfx_kthread+0x10/0x10 [ 12.026754] ret_from_fork_asm+0x1a/0x30 [ 12.026784] </TASK> [ 12.026795] [ 12.042009] The buggy address belongs to the physical page: [ 12.042647] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a08 [ 12.043646] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.044419] flags: 0x200000000000040(head|node=0|zone=2) [ 12.044936] page_type: f8(unknown) [ 12.045072] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.045305] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.045888] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.046634] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.046931] head: 0200000000000002 ffffea00040e8201 00000000ffffffff 00000000ffffffff [ 12.047282] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.047638] page dumped because: kasan: bad access detected [ 12.047887] [ 12.047970] Memory state around the buggy address: [ 12.048191] ffff888103a09f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.048983] ffff888103a09f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.049358] >ffff888103a0a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.049834] ^ [ 12.050150] ffff888103a0a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.050585] ffff888103a0a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.051046] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.990335] ================================================================== [ 11.991152] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 11.992026] Write of size 1 at addr ffff888102965f00 by task kunit_try_catch/161 [ 11.992419] [ 11.992651] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.992701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.992712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.992733] Call Trace: [ 11.992745] <TASK> [ 11.992761] dump_stack_lvl+0x73/0xb0 [ 11.992792] print_report+0xd1/0x610 [ 11.992813] ? __virt_addr_valid+0x1db/0x2d0 [ 11.992836] ? kmalloc_big_oob_right+0x316/0x370 [ 11.992859] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.992882] ? kmalloc_big_oob_right+0x316/0x370 [ 11.992905] kasan_report+0x141/0x180 [ 11.992927] ? kmalloc_big_oob_right+0x316/0x370 [ 11.992954] __asan_report_store1_noabort+0x1b/0x30 [ 11.992980] kmalloc_big_oob_right+0x316/0x370 [ 11.993003] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.993027] ? __schedule+0x10cc/0x2b60 [ 11.993049] ? __pfx_read_tsc+0x10/0x10 [ 11.993070] ? ktime_get_ts64+0x86/0x230 [ 11.993093] kunit_try_run_case+0x1a5/0x480 [ 11.993117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.993140] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.993163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.993187] ? __kthread_parkme+0x82/0x180 [ 11.993207] ? preempt_count_sub+0x50/0x80 [ 11.993231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.993255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.993279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.993304] kthread+0x337/0x6f0 [ 11.993323] ? trace_preempt_on+0x20/0xc0 [ 11.993347] ? __pfx_kthread+0x10/0x10 [ 11.993367] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.993388] ? calculate_sigpending+0x7b/0xa0 [ 11.993530] ? __pfx_kthread+0x10/0x10 [ 11.993556] ret_from_fork+0x116/0x1d0 [ 11.993584] ? __pfx_kthread+0x10/0x10 [ 11.993605] ret_from_fork_asm+0x1a/0x30 [ 11.993635] </TASK> [ 11.993678] [ 12.004352] Allocated by task 161: [ 12.004756] kasan_save_stack+0x45/0x70 [ 12.005082] kasan_save_track+0x18/0x40 [ 12.005271] kasan_save_alloc_info+0x3b/0x50 [ 12.005671] __kasan_kmalloc+0xb7/0xc0 [ 12.005964] __kmalloc_cache_noprof+0x189/0x420 [ 12.006307] kmalloc_big_oob_right+0xa9/0x370 [ 12.006756] kunit_try_run_case+0x1a5/0x480 [ 12.007012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.007458] kthread+0x337/0x6f0 [ 12.007691] ret_from_fork+0x116/0x1d0 [ 12.007871] ret_from_fork_asm+0x1a/0x30 [ 12.008045] [ 12.008135] The buggy address belongs to the object at ffff888102964000 [ 12.008135] which belongs to the cache kmalloc-8k of size 8192 [ 12.009216] The buggy address is located 0 bytes to the right of [ 12.009216] allocated 7936-byte region [ffff888102964000, ffff888102965f00) [ 12.010199] [ 12.010442] The buggy address belongs to the physical page: [ 12.011148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102960 [ 12.011837] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.012357] flags: 0x200000000000040(head|node=0|zone=2) [ 12.012742] page_type: f5(slab) [ 12.012901] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.013204] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.013863] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.014311] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.014870] head: 0200000000000003 ffffea00040a5801 00000000ffffffff 00000000ffffffff [ 12.015493] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.015956] page dumped because: kasan: bad access detected [ 12.016197] [ 12.016291] Memory state around the buggy address: [ 12.016963] ffff888102965e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.017418] ffff888102965e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.018132] >ffff888102965f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.018709] ^ [ 12.018953] ffff888102965f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.019254] ffff888102966000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.019945] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.935854] ================================================================== [ 11.936289] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.936704] Write of size 1 at addr ffff888103427d78 by task kunit_try_catch/159 [ 11.937284] [ 11.937382] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.937468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.937482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.937502] Call Trace: [ 11.937514] <TASK> [ 11.937529] dump_stack_lvl+0x73/0xb0 [ 11.937657] print_report+0xd1/0x610 [ 11.937685] ? __virt_addr_valid+0x1db/0x2d0 [ 11.937723] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.937748] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.937772] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.937797] kasan_report+0x141/0x180 [ 11.937819] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.937849] __asan_report_store1_noabort+0x1b/0x30 [ 11.937874] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.937900] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.937927] ? __schedule+0x10cc/0x2b60 [ 11.937981] ? __pfx_read_tsc+0x10/0x10 [ 11.938002] ? ktime_get_ts64+0x86/0x230 [ 11.938037] kunit_try_run_case+0x1a5/0x480 [ 11.938063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.938086] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.938110] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.938134] ? __kthread_parkme+0x82/0x180 [ 11.938155] ? preempt_count_sub+0x50/0x80 [ 11.938179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.938203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.938227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.938252] kthread+0x337/0x6f0 [ 11.938271] ? trace_preempt_on+0x20/0xc0 [ 11.938294] ? __pfx_kthread+0x10/0x10 [ 11.938314] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.938335] ? calculate_sigpending+0x7b/0xa0 [ 11.938360] ? __pfx_kthread+0x10/0x10 [ 11.938381] ret_from_fork+0x116/0x1d0 [ 11.938400] ? __pfx_kthread+0x10/0x10 [ 11.938430] ret_from_fork_asm+0x1a/0x30 [ 11.938471] </TASK> [ 11.938480] [ 11.946490] Allocated by task 159: [ 11.946784] kasan_save_stack+0x45/0x70 [ 11.946993] kasan_save_track+0x18/0x40 [ 11.947219] kasan_save_alloc_info+0x3b/0x50 [ 11.947371] __kasan_kmalloc+0xb7/0xc0 [ 11.947514] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.947928] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.948356] kunit_try_run_case+0x1a5/0x480 [ 11.948638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.948992] kthread+0x337/0x6f0 [ 11.949123] ret_from_fork+0x116/0x1d0 [ 11.949310] ret_from_fork_asm+0x1a/0x30 [ 11.949540] [ 11.949772] The buggy address belongs to the object at ffff888103427d00 [ 11.949772] which belongs to the cache kmalloc-128 of size 128 [ 11.950190] The buggy address is located 0 bytes to the right of [ 11.950190] allocated 120-byte region [ffff888103427d00, ffff888103427d78) [ 11.951087] [ 11.951237] The buggy address belongs to the physical page: [ 11.951420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103427 [ 11.952041] flags: 0x200000000000000(node=0|zone=2) [ 11.952224] page_type: f5(slab) [ 11.952353] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.952859] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.953311] page dumped because: kasan: bad access detected [ 11.953708] [ 11.953828] Memory state around the buggy address: [ 11.954056] ffff888103427c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.954368] ffff888103427c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.954586] >ffff888103427d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.955012] ^ [ 11.955618] ffff888103427d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.956005] ffff888103427e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.956270] ================================================================== [ 11.957238] ================================================================== [ 11.957706] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.958023] Write of size 1 at addr ffff888103427e78 by task kunit_try_catch/159 [ 11.958408] [ 11.958511] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.958583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.958595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.958615] Call Trace: [ 11.958626] <TASK> [ 11.958650] dump_stack_lvl+0x73/0xb0 [ 11.958678] print_report+0xd1/0x610 [ 11.958760] ? __virt_addr_valid+0x1db/0x2d0 [ 11.958817] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.958844] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.958867] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.958905] kasan_report+0x141/0x180 [ 11.958927] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.958985] __asan_report_store1_noabort+0x1b/0x30 [ 11.959010] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.959046] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.959074] ? __schedule+0x10cc/0x2b60 [ 11.959095] ? __pfx_read_tsc+0x10/0x10 [ 11.959116] ? ktime_get_ts64+0x86/0x230 [ 11.959140] kunit_try_run_case+0x1a5/0x480 [ 11.959164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.959187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.959210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.959234] ? __kthread_parkme+0x82/0x180 [ 11.959254] ? preempt_count_sub+0x50/0x80 [ 11.959277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.959301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.959325] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.959350] kthread+0x337/0x6f0 [ 11.959369] ? trace_preempt_on+0x20/0xc0 [ 11.959391] ? __pfx_kthread+0x10/0x10 [ 11.959422] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.959454] ? calculate_sigpending+0x7b/0xa0 [ 11.959478] ? __pfx_kthread+0x10/0x10 [ 11.959499] ret_from_fork+0x116/0x1d0 [ 11.959517] ? __pfx_kthread+0x10/0x10 [ 11.959537] ret_from_fork_asm+0x1a/0x30 [ 11.959610] </TASK> [ 11.959621] [ 11.973146] Allocated by task 159: [ 11.973278] kasan_save_stack+0x45/0x70 [ 11.973481] kasan_save_track+0x18/0x40 [ 11.973864] kasan_save_alloc_info+0x3b/0x50 [ 11.974338] __kasan_kmalloc+0xb7/0xc0 [ 11.974927] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.975327] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.975630] kunit_try_run_case+0x1a5/0x480 [ 11.976098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.976684] kthread+0x337/0x6f0 [ 11.977028] ret_from_fork+0x116/0x1d0 [ 11.977262] ret_from_fork_asm+0x1a/0x30 [ 11.977682] [ 11.977876] The buggy address belongs to the object at ffff888103427e00 [ 11.977876] which belongs to the cache kmalloc-128 of size 128 [ 11.978731] The buggy address is located 0 bytes to the right of [ 11.978731] allocated 120-byte region [ffff888103427e00, ffff888103427e78) [ 11.979260] [ 11.979332] The buggy address belongs to the physical page: [ 11.979682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103427 [ 11.980684] flags: 0x200000000000000(node=0|zone=2) [ 11.981156] page_type: f5(slab) [ 11.981520] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.982351] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.982947] page dumped because: kasan: bad access detected [ 11.983219] [ 11.983291] Memory state around the buggy address: [ 11.983552] ffff888103427d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.984228] ffff888103427d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.985155] >ffff888103427e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.985376] ^ [ 11.985935] ffff888103427e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.986610] ffff888103427f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.987301] ==================================================================
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 140.126454] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 140.126550] WARNING: CPU: 0 PID: 2569 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 140.128376] Modules linked in: [ 140.128815] CPU: 0 UID: 0 PID: 2569 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.129273] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.129513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.130245] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 140.130527] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 e0 8a 1e a1 4c 89 f2 48 c7 c7 a0 87 1e a1 48 89 c6 e8 34 b8 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 140.131119] RSP: 0000:ffff88810aa87d18 EFLAGS: 00010286 [ 140.131303] RAX: 0000000000000000 RBX: ffff88810848c000 RCX: 1ffffffff43e4cf0 [ 140.131509] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.131793] RBP: ffff88810aa87d48 R08: 0000000000000000 R09: fffffbfff43e4cf0 [ 140.132433] R10: 0000000000000003 R11: 00000000000384e8 R12: ffff88810aa27000 [ 140.132924] R13: ffff88810848c0f8 R14: ffff888104e1b100 R15: ffff88810039fb40 [ 140.133341] FS: 0000000000000000(0000) GS:ffff8881b7e72000(0000) knlGS:0000000000000000 [ 140.133902] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.134318] CR2: 00007ffff7ffe000 CR3: 00000000100bc000 CR4: 00000000000006f0 [ 140.134822] DR0: ffffffffa3252440 DR1: ffffffffa3252441 DR2: ffffffffa3252442 [ 140.135105] DR3: ffffffffa3252443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.135395] Call Trace: [ 140.135520] <TASK> [ 140.135991] ? trace_preempt_on+0x20/0xc0 [ 140.136215] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 140.136665] drm_gem_shmem_free_wrapper+0x12/0x20 [ 140.137022] __kunit_action_free+0x57/0x70 [ 140.137356] kunit_remove_resource+0x133/0x200 [ 140.137975] ? preempt_count_sub+0x50/0x80 [ 140.138186] kunit_cleanup+0x7a/0x120 [ 140.138332] kunit_try_run_case_cleanup+0xbd/0xf0 [ 140.138744] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 140.138982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.139229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.139488] kthread+0x337/0x6f0 [ 140.139996] ? trace_preempt_on+0x20/0xc0 [ 140.140293] ? __pfx_kthread+0x10/0x10 [ 140.140629] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.140961] ? calculate_sigpending+0x7b/0xa0 [ 140.141264] ? __pfx_kthread+0x10/0x10 [ 140.141581] ret_from_fork+0x116/0x1d0 [ 140.142002] ? __pfx_kthread+0x10/0x10 [ 140.142162] ret_from_fork_asm+0x1a/0x30 [ 140.142374] </TASK> [ 140.142890] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 139.995828] WARNING: CPU: 1 PID: 2550 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 139.996333] Modules linked in: [ 139.996865] CPU: 1 UID: 0 PID: 2550 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.997672] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.998268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.998547] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 139.999126] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 140.000178] RSP: 0000:ffff88810a8a7b20 EFLAGS: 00010246 [ 140.000407] RAX: ffff88810a8a7ba8 RBX: ffff88810a8a7c28 RCX: 1ffff11021514f8e [ 140.001235] RDX: dffffc0000000000 RSI: ffff88810ab67000 RDI: ffff88810ab67000 [ 140.001524] RBP: ffff88810a8a7b70 R08: ffff88810ab67000 R09: ffffffffa11d8e20 [ 140.001809] R10: 0000000000000003 R11: 0000000084fb3352 R12: 1ffff11021514f71 [ 140.002105] R13: ffff88810a8a7c70 R14: ffff88810a8a7db8 R15: 0000000000000000 [ 140.002404] FS: 0000000000000000(0000) GS:ffff8881b7f72000(0000) knlGS:0000000000000000 [ 140.003005] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.003222] CR2: 00007ffff7ffe000 CR3: 00000000100bc000 CR4: 00000000000006f0 [ 140.003936] DR0: ffffffffa3252440 DR1: ffffffffa3252441 DR2: ffffffffa3252443 [ 140.004211] DR3: ffffffffa3252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.004572] Call Trace: [ 140.004945] <TASK> [ 140.005056] ? trace_preempt_on+0x20/0xc0 [ 140.005270] ? add_dr+0xc1/0x1d0 [ 140.005470] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.006058] ? add_dr+0x148/0x1d0 [ 140.006216] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.006505] ? __drmm_add_action+0x1a4/0x280 [ 140.007063] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.007292] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.007836] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.008037] ? __schedule+0x10cc/0x2b60 [ 140.008238] ? __pfx_read_tsc+0x10/0x10 [ 140.008440] ? ktime_get_ts64+0x86/0x230 [ 140.008790] kunit_try_run_case+0x1a5/0x480 [ 140.009015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.009274] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.009454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.009857] ? __kthread_parkme+0x82/0x180 [ 140.010070] ? preempt_count_sub+0x50/0x80 [ 140.010296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.010501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.010951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.011191] kthread+0x337/0x6f0 [ 140.011365] ? trace_preempt_on+0x20/0xc0 [ 140.011782] ? __pfx_kthread+0x10/0x10 [ 140.011987] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.012208] ? calculate_sigpending+0x7b/0xa0 [ 140.012434] ? __pfx_kthread+0x10/0x10 [ 140.012929] ret_from_fork+0x116/0x1d0 [ 140.013141] ? __pfx_kthread+0x10/0x10 [ 140.013360] ret_from_fork_asm+0x1a/0x30 [ 140.013723] </TASK> [ 140.013856] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 139.958983] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 139.959105] WARNING: CPU: 1 PID: 2546 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 139.960480] Modules linked in: [ 139.960662] CPU: 1 UID: 0 PID: 2546 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.960978] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.961146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.961396] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 139.961584] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 c0 38 1d a1 4c 89 fa 48 c7 c7 20 39 1d a1 48 89 c6 e8 b2 de 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 139.962060] RSP: 0000:ffff88810aa07b68 EFLAGS: 00010282 [ 139.962231] RAX: 0000000000000000 RBX: ffff88810aa07c40 RCX: 1ffffffff43e4cf0 [ 139.962438] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 139.964202] RBP: ffff88810aa07b90 R08: 0000000000000000 R09: fffffbfff43e4cf0 [ 139.964537] R10: 0000000000000003 R11: 0000000000036ce0 R12: ffff88810aa07c18 [ 139.965063] R13: ffff88810a9af000 R14: ffff88810ab63000 R15: ffff8881061fe980 [ 139.965384] FS: 0000000000000000(0000) GS:ffff8881b7f72000(0000) knlGS:0000000000000000 [ 139.965727] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.966384] CR2: 00007ffff7ffe000 CR3: 00000000100bc000 CR4: 00000000000006f0 [ 139.966823] DR0: ffffffffa3252440 DR1: ffffffffa3252441 DR2: ffffffffa3252443 [ 139.967103] DR3: ffffffffa3252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.967437] Call Trace: [ 139.968265] <TASK> [ 139.968626] drm_test_framebuffer_free+0x1ab/0x610 [ 139.969179] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 139.969373] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.969582] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.969766] ? __drmm_add_action_or_reset+0x22/0x50 [ 139.969942] ? __schedule+0x10cc/0x2b60 [ 139.970089] ? __pfx_read_tsc+0x10/0x10 [ 139.970231] ? ktime_get_ts64+0x86/0x230 [ 139.970377] kunit_try_run_case+0x1a5/0x480 [ 139.970532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.972425] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.973376] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.974286] ? __kthread_parkme+0x82/0x180 [ 139.974829] ? preempt_count_sub+0x50/0x80 [ 139.975493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.976401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.977010] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.977218] kthread+0x337/0x6f0 [ 139.977344] ? trace_preempt_on+0x20/0xc0 [ 139.977493] ? __pfx_kthread+0x10/0x10 [ 139.978142] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.978776] ? calculate_sigpending+0x7b/0xa0 [ 139.979213] ? __pfx_kthread+0x10/0x10 [ 139.979359] ret_from_fork+0x116/0x1d0 [ 139.979497] ? __pfx_kthread+0x10/0x10 [ 139.979742] ret_from_fork_asm+0x1a/0x30 [ 139.980120] </TASK> [ 139.980420] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 138.738025] WARNING: CPU: 0 PID: 1984 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.739433] Modules linked in: [ 138.739989] CPU: 0 UID: 0 PID: 1984 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 138.740749] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.741414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.742296] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.742506] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 82 26 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 138.744428] RSP: 0000:ffff8881011b7c90 EFLAGS: 00010246 [ 138.744960] RAX: dffffc0000000000 RBX: ffff888105ff0000 RCX: 0000000000000000 [ 138.745177] RDX: 1ffff11020bfe032 RSI: ffffffff9e4067f8 RDI: ffff888105ff0190 [ 138.745388] RBP: ffff8881011b7ca0 R08: 1ffff11020073f69 R09: ffffed1020236f65 [ 138.745917] R10: 0000000000000003 R11: ffffffff9d9859f8 R12: 0000000000000000 [ 138.746792] R13: ffff8881011b7d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 138.747285] FS: 0000000000000000(0000) GS:ffff8881b7e72000(0000) knlGS:0000000000000000 [ 138.747515] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.747974] CR2: 00007ffff7ffe000 CR3: 00000000100bc000 CR4: 00000000000006f0 [ 138.748264] DR0: ffffffffa3252440 DR1: ffffffffa3252441 DR2: ffffffffa3252442 [ 138.748850] DR3: ffffffffa3252443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.749146] Call Trace: [ 138.749290] <TASK> [ 138.749430] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 138.749851] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 138.750326] ? __schedule+0x10cc/0x2b60 [ 138.750537] ? __pfx_read_tsc+0x10/0x10 [ 138.750939] ? ktime_get_ts64+0x86/0x230 [ 138.751169] kunit_try_run_case+0x1a5/0x480 [ 138.751397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.751611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.752077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.752385] ? __kthread_parkme+0x82/0x180 [ 138.752616] ? preempt_count_sub+0x50/0x80 [ 138.753024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.753260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.753497] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.753910] kthread+0x337/0x6f0 [ 138.754094] ? trace_preempt_on+0x20/0xc0 [ 138.754248] ? __pfx_kthread+0x10/0x10 [ 138.754444] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.754890] ? calculate_sigpending+0x7b/0xa0 [ 138.755080] ? __pfx_kthread+0x10/0x10 [ 138.755273] ret_from_fork+0x116/0x1d0 [ 138.755424] ? __pfx_kthread+0x10/0x10 [ 138.755648] ret_from_fork_asm+0x1a/0x30 [ 138.755964] </TASK> [ 138.756060] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 138.663423] WARNING: CPU: 1 PID: 1976 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.663931] Modules linked in: [ 138.664098] CPU: 1 UID: 0 PID: 1976 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 138.664433] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.664634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.665119] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.665419] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 82 26 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 138.667800] RSP: 0000:ffff888103adfc90 EFLAGS: 00010246 [ 138.667996] RAX: dffffc0000000000 RBX: ffff88810608c000 RCX: 0000000000000000 [ 138.668249] RDX: 1ffff11020c11832 RSI: ffffffff9e4067f8 RDI: ffff88810608c190 [ 138.668466] RBP: ffff888103adfca0 R08: 1ffff11020073f69 R09: ffffed102075bf65 [ 138.668688] R10: 0000000000000003 R11: ffffffff9d9859f8 R12: 0000000000000000 [ 138.668906] R13: ffff888103adfd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 138.669178] FS: 0000000000000000(0000) GS:ffff8881b7f72000(0000) knlGS:0000000000000000 [ 138.670301] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.670547] CR2: 00007ffff7ffe000 CR3: 00000000100bc000 CR4: 00000000000006f0 [ 138.671156] DR0: ffffffffa3252440 DR1: ffffffffa3252441 DR2: ffffffffa3252443 [ 138.671452] DR3: ffffffffa3252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.672122] Call Trace: [ 138.672254] <TASK> [ 138.672376] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 138.673027] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 138.673372] ? __schedule+0x10cc/0x2b60 [ 138.673738] ? __pfx_read_tsc+0x10/0x10 [ 138.674012] ? ktime_get_ts64+0x86/0x230 [ 138.674270] kunit_try_run_case+0x1a5/0x480 [ 138.674531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.674991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.675197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.675428] ? __kthread_parkme+0x82/0x180 [ 138.675838] ? preempt_count_sub+0x50/0x80 [ 138.676047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.676272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.676519] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.676798] kthread+0x337/0x6f0 [ 138.677053] ? trace_preempt_on+0x20/0xc0 [ 138.677222] ? __pfx_kthread+0x10/0x10 [ 138.677414] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.677676] ? calculate_sigpending+0x7b/0xa0 [ 138.677907] ? __pfx_kthread+0x10/0x10 [ 138.678055] ret_from_fork+0x116/0x1d0 [ 138.678242] ? __pfx_kthread+0x10/0x10 [ 138.678421] ret_from_fork_asm+0x1a/0x30 [ 138.678635] </TASK> [ 138.678845] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 108.650061] WARNING: CPU: 0 PID: 674 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 108.650314] Modules linked in: [ 108.650455] CPU: 0 UID: 0 PID: 674 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 108.652142] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 108.652991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.653991] RIP: 0010:intlog10+0x2a/0x40 [ 108.654993] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 07 aa 86 02 90 <0f> 0b 90 31 c0 e9 fc a9 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 108.656419] RSP: 0000:ffff88810b53fcb0 EFLAGS: 00010246 [ 108.656685] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110216a7fb4 [ 108.656936] RDX: 1ffffffff4212dc4 RSI: 1ffff110216a7fb3 RDI: 0000000000000000 [ 108.657146] RBP: ffff88810b53fd60 R08: 0000000000000000 R09: ffffed1020467ca0 [ 108.657356] R10: ffff88810233e507 R11: 0000000000000000 R12: 1ffff110216a7f97 [ 108.658192] R13: ffffffffa1096e20 R14: 0000000000000000 R15: ffff88810b53fd38 [ 108.659179] FS: 0000000000000000(0000) GS:ffff8881b7e72000(0000) knlGS:0000000000000000 [ 108.660207] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.660995] CR2: dffffc0000000000 CR3: 00000000100bc000 CR4: 00000000000006f0 [ 108.661824] DR0: ffffffffa3252440 DR1: ffffffffa3252441 DR2: ffffffffa3252442 [ 108.662655] DR3: ffffffffa3252443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.663220] Call Trace: [ 108.663324] <TASK> [ 108.663415] ? intlog10_test+0xf2/0x220 [ 108.663784] ? __pfx_intlog10_test+0x10/0x10 [ 108.664416] ? __schedule+0x10cc/0x2b60 [ 108.665008] ? __pfx_read_tsc+0x10/0x10 [ 108.665440] ? ktime_get_ts64+0x86/0x230 [ 108.665944] kunit_try_run_case+0x1a5/0x480 [ 108.666311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.666470] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.667002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.667499] ? __kthread_parkme+0x82/0x180 [ 108.668003] ? preempt_count_sub+0x50/0x80 [ 108.668212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.668382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.668795] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.669494] kthread+0x337/0x6f0 [ 108.669919] ? trace_preempt_on+0x20/0xc0 [ 108.670429] ? __pfx_kthread+0x10/0x10 [ 108.670812] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.671367] ? calculate_sigpending+0x7b/0xa0 [ 108.671775] ? __pfx_kthread+0x10/0x10 [ 108.672204] ret_from_fork+0x116/0x1d0 [ 108.672349] ? __pfx_kthread+0x10/0x10 [ 108.672491] ret_from_fork_asm+0x1a/0x30 [ 108.672900] </TASK> [ 108.673117] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 108.614188] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 108.614966] Modules linked in: [ 108.615348] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 108.616265] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 108.617106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.617850] RIP: 0010:intlog2+0xdf/0x110 [ 108.618012] Code: 09 a1 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 6f d8 55 ff 8b 45 e4 eb [ 108.618515] RSP: 0000:ffff88810b56fcb0 EFLAGS: 00010246 [ 108.619111] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110216adfb4 [ 108.619785] RDX: 1ffffffff4212e18 RSI: 1ffff110216adfb3 RDI: 0000000000000000 [ 108.620562] RBP: ffff88810b56fd60 R08: 0000000000000000 R09: ffffed102080fc00 [ 108.621302] R10: ffff88810407e007 R11: 0000000000000000 R12: 1ffff110216adf97 [ 108.621903] R13: ffffffffa10970c0 R14: 0000000000000000 R15: ffff88810b56fd38 [ 108.622120] FS: 0000000000000000(0000) GS:ffff8881b7e72000(0000) knlGS:0000000000000000 [ 108.622357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.622564] CR2: dffffc0000000000 CR3: 00000000100bc000 CR4: 00000000000006f0 [ 108.622914] DR0: ffffffffa3252440 DR1: ffffffffa3252441 DR2: ffffffffa3252442 [ 108.623232] DR3: ffffffffa3252443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.623498] Call Trace: [ 108.623797] <TASK> [ 108.623909] ? intlog2_test+0xf2/0x220 [ 108.624110] ? __pfx_intlog2_test+0x10/0x10 [ 108.624304] ? __schedule+0x10cc/0x2b60 [ 108.624519] ? __pfx_read_tsc+0x10/0x10 [ 108.624890] ? ktime_get_ts64+0x86/0x230 [ 108.625110] kunit_try_run_case+0x1a5/0x480 [ 108.625290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.625510] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.625859] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.626077] ? __kthread_parkme+0x82/0x180 [ 108.626229] ? preempt_count_sub+0x50/0x80 [ 108.626393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.626638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.626929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.627154] kthread+0x337/0x6f0 [ 108.627328] ? trace_preempt_on+0x20/0xc0 [ 108.627613] ? __pfx_kthread+0x10/0x10 [ 108.627809] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.628025] ? calculate_sigpending+0x7b/0xa0 [ 108.628231] ? __pfx_kthread+0x10/0x10 [ 108.628404] ret_from_fork+0x116/0x1d0 [ 108.628907] ? __pfx_kthread+0x10/0x10 [ 108.629129] ret_from_fork_asm+0x1a/0x30 [ 108.629298] </TASK> [ 108.629409] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 108.060637] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI