Date
July 20, 2025, 11:12 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 16.211224] ================================================================== [ 16.211271] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.211318] Read of size 1 at addr fff00000c3ef4380 by task kunit_try_catch/136 [ 16.211864] [ 16.211894] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.211986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.212013] Hardware name: linux,dummy-virt (DT) [ 16.212043] Call trace: [ 16.212064] show_stack+0x20/0x38 (C) [ 16.212121] dump_stack_lvl+0x8c/0xd0 [ 16.212168] print_report+0x118/0x5d0 [ 16.212214] kasan_report+0xdc/0x128 [ 16.212260] __asan_report_load1_noabort+0x20/0x30 [ 16.212310] kmalloc_oob_right+0x5d0/0x660 [ 16.212355] kunit_try_run_case+0x170/0x3f0 [ 16.212414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.212583] kthread+0x328/0x630 [ 16.212721] ret_from_fork+0x10/0x20 [ 16.212787] [ 16.212804] Allocated by task 136: [ 16.212830] kasan_save_stack+0x3c/0x68 [ 16.212868] kasan_save_track+0x20/0x40 [ 16.212914] kasan_save_alloc_info+0x40/0x58 [ 16.212954] __kasan_kmalloc+0xd4/0xd8 [ 16.212990] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.213028] kmalloc_oob_right+0xb0/0x660 [ 16.213063] kunit_try_run_case+0x170/0x3f0 [ 16.213109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.213248] kthread+0x328/0x630 [ 16.213311] ret_from_fork+0x10/0x20 [ 16.213462] [ 16.213480] The buggy address belongs to the object at fff00000c3ef4300 [ 16.213480] which belongs to the cache kmalloc-128 of size 128 [ 16.213551] The buggy address is located 13 bytes to the right of [ 16.213551] allocated 115-byte region [fff00000c3ef4300, fff00000c3ef4373) [ 16.213614] [ 16.213632] The buggy address belongs to the physical page: [ 16.213670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ef4 [ 16.213721] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.213767] page_type: f5(slab) [ 16.213830] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.213880] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.213985] page dumped because: kasan: bad access detected [ 16.214041] [ 16.214059] Memory state around the buggy address: [ 16.214185] fff00000c3ef4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.214252] fff00000c3ef4300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.214314] >fff00000c3ef4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.214352] ^ [ 16.214401] fff00000c3ef4400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.214442] fff00000c3ef4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.214479] ================================================================== [ 16.207003] ================================================================== [ 16.207106] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.207427] Write of size 1 at addr fff00000c3ef4378 by task kunit_try_catch/136 [ 16.207500] [ 16.207535] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.207616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.207642] Hardware name: linux,dummy-virt (DT) [ 16.207673] Call trace: [ 16.207695] show_stack+0x20/0x38 (C) [ 16.207745] dump_stack_lvl+0x8c/0xd0 [ 16.207857] print_report+0x118/0x5d0 [ 16.207915] kasan_report+0xdc/0x128 [ 16.207960] __asan_report_store1_noabort+0x20/0x30 [ 16.208011] kmalloc_oob_right+0x538/0x660 [ 16.208056] kunit_try_run_case+0x170/0x3f0 [ 16.208107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.208159] kthread+0x328/0x630 [ 16.208208] ret_from_fork+0x10/0x20 [ 16.208451] [ 16.208469] Allocated by task 136: [ 16.208498] kasan_save_stack+0x3c/0x68 [ 16.208538] kasan_save_track+0x20/0x40 [ 16.208574] kasan_save_alloc_info+0x40/0x58 [ 16.208613] __kasan_kmalloc+0xd4/0xd8 [ 16.208654] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.208865] kmalloc_oob_right+0xb0/0x660 [ 16.208911] kunit_try_run_case+0x170/0x3f0 [ 16.208948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.208993] kthread+0x328/0x630 [ 16.209024] ret_from_fork+0x10/0x20 [ 16.209059] [ 16.209078] The buggy address belongs to the object at fff00000c3ef4300 [ 16.209078] which belongs to the cache kmalloc-128 of size 128 [ 16.209134] The buggy address is located 5 bytes to the right of [ 16.209134] allocated 115-byte region [fff00000c3ef4300, fff00000c3ef4373) [ 16.209196] [ 16.209215] The buggy address belongs to the physical page: [ 16.209244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ef4 [ 16.209296] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.209344] page_type: f5(slab) [ 16.209382] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.209432] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.209471] page dumped because: kasan: bad access detected [ 16.209501] [ 16.209517] Memory state around the buggy address: [ 16.209628] fff00000c3ef4200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.209672] fff00000c3ef4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.209720] >fff00000c3ef4300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.209827] ^ [ 16.209945] fff00000c3ef4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.210001] fff00000c3ef4400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.210038] ================================================================== [ 16.197801] ================================================================== [ 16.198433] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.199269] Write of size 1 at addr fff00000c3ef4373 by task kunit_try_catch/136 [ 16.199378] [ 16.200149] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7 #1 PREEMPT [ 16.200298] Tainted: [N]=TEST [ 16.200333] Hardware name: linux,dummy-virt (DT) [ 16.200549] Call trace: [ 16.200715] show_stack+0x20/0x38 (C) [ 16.200848] dump_stack_lvl+0x8c/0xd0 [ 16.200924] print_report+0x118/0x5d0 [ 16.200973] kasan_report+0xdc/0x128 [ 16.201018] __asan_report_store1_noabort+0x20/0x30 [ 16.201072] kmalloc_oob_right+0x5a4/0x660 [ 16.201118] kunit_try_run_case+0x170/0x3f0 [ 16.201170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.201223] kthread+0x328/0x630 [ 16.201268] ret_from_fork+0x10/0x20 [ 16.201420] [ 16.201461] Allocated by task 136: [ 16.201579] kasan_save_stack+0x3c/0x68 [ 16.201644] kasan_save_track+0x20/0x40 [ 16.201682] kasan_save_alloc_info+0x40/0x58 [ 16.201721] __kasan_kmalloc+0xd4/0xd8 [ 16.201757] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.201809] kmalloc_oob_right+0xb0/0x660 [ 16.201845] kunit_try_run_case+0x170/0x3f0 [ 16.201913] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.201956] kthread+0x328/0x630 [ 16.201989] ret_from_fork+0x10/0x20 [ 16.202047] [ 16.202107] The buggy address belongs to the object at fff00000c3ef4300 [ 16.202107] which belongs to the cache kmalloc-128 of size 128 [ 16.202201] The buggy address is located 0 bytes to the right of [ 16.202201] allocated 115-byte region [fff00000c3ef4300, fff00000c3ef4373) [ 16.202269] [ 16.202348] The buggy address belongs to the physical page: [ 16.202548] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ef4 [ 16.202824] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.203125] page_type: f5(slab) [ 16.203419] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.203483] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.203588] page dumped because: kasan: bad access detected [ 16.203628] [ 16.203653] Memory state around the buggy address: [ 16.203865] fff00000c3ef4200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.203943] fff00000c3ef4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.203998] >fff00000c3ef4300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.204052] ^ [ 16.204133] fff00000c3ef4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.204176] fff00000c3ef4400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.204237] ==================================================================
[ 16.283408] ================================================================== [ 16.283742] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.284538] Write of size 1 at addr fff00000c58dc573 by task kunit_try_catch/136 [ 16.284659] [ 16.285550] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7 #1 PREEMPT [ 16.285804] Tainted: [N]=TEST [ 16.285873] Hardware name: linux,dummy-virt (DT) [ 16.286173] Call trace: [ 16.286341] show_stack+0x20/0x38 (C) [ 16.286474] dump_stack_lvl+0x8c/0xd0 [ 16.286535] print_report+0x118/0x5d0 [ 16.286638] kasan_report+0xdc/0x128 [ 16.286734] __asan_report_store1_noabort+0x20/0x30 [ 16.286858] kmalloc_oob_right+0x5a4/0x660 [ 16.286961] kunit_try_run_case+0x170/0x3f0 [ 16.287043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.287096] kthread+0x328/0x630 [ 16.287152] ret_from_fork+0x10/0x20 [ 16.287312] [ 16.287349] Allocated by task 136: [ 16.287472] kasan_save_stack+0x3c/0x68 [ 16.287672] kasan_save_track+0x20/0x40 [ 16.287759] kasan_save_alloc_info+0x40/0x58 [ 16.287856] __kasan_kmalloc+0xd4/0xd8 [ 16.287946] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.288070] kmalloc_oob_right+0xb0/0x660 [ 16.288174] kunit_try_run_case+0x170/0x3f0 [ 16.288241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.288337] kthread+0x328/0x630 [ 16.288443] ret_from_fork+0x10/0x20 [ 16.288552] [ 16.288910] The buggy address belongs to the object at fff00000c58dc500 [ 16.288910] which belongs to the cache kmalloc-128 of size 128 [ 16.289175] The buggy address is located 0 bytes to the right of [ 16.289175] allocated 115-byte region [fff00000c58dc500, fff00000c58dc573) [ 16.289257] [ 16.289545] The buggy address belongs to the physical page: [ 16.290156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058dc [ 16.290850] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.292051] page_type: f5(slab) [ 16.293078] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.293212] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.293338] page dumped because: kasan: bad access detected [ 16.293381] [ 16.293407] Memory state around the buggy address: [ 16.294234] fff00000c58dc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.294422] fff00000c58dc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.294517] >fff00000c58dc500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.294578] ^ [ 16.294712] fff00000c58dc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.294782] fff00000c58dc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.294862] ================================================================== [ 16.302751] ================================================================== [ 16.302802] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.302865] Read of size 1 at addr fff00000c58dc580 by task kunit_try_catch/136 [ 16.302916] [ 16.302945] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.303023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.303059] Hardware name: linux,dummy-virt (DT) [ 16.303095] Call trace: [ 16.303117] show_stack+0x20/0x38 (C) [ 16.303165] dump_stack_lvl+0x8c/0xd0 [ 16.303211] print_report+0x118/0x5d0 [ 16.303258] kasan_report+0xdc/0x128 [ 16.303308] __asan_report_load1_noabort+0x20/0x30 [ 16.303359] kmalloc_oob_right+0x5d0/0x660 [ 16.303413] kunit_try_run_case+0x170/0x3f0 [ 16.303460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.303517] kthread+0x328/0x630 [ 16.303558] ret_from_fork+0x10/0x20 [ 16.303604] [ 16.303633] Allocated by task 136: [ 16.303660] kasan_save_stack+0x3c/0x68 [ 16.303701] kasan_save_track+0x20/0x40 [ 16.303738] kasan_save_alloc_info+0x40/0x58 [ 16.303777] __kasan_kmalloc+0xd4/0xd8 [ 16.303813] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.303852] kmalloc_oob_right+0xb0/0x660 [ 16.303887] kunit_try_run_case+0x170/0x3f0 [ 16.303924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.303965] kthread+0x328/0x630 [ 16.304002] ret_from_fork+0x10/0x20 [ 16.304037] [ 16.304055] The buggy address belongs to the object at fff00000c58dc500 [ 16.304055] which belongs to the cache kmalloc-128 of size 128 [ 16.304110] The buggy address is located 13 bytes to the right of [ 16.304110] allocated 115-byte region [fff00000c58dc500, fff00000c58dc573) [ 16.304173] [ 16.304192] The buggy address belongs to the physical page: [ 16.304220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058dc [ 16.304271] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.304318] page_type: f5(slab) [ 16.304355] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.304405] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.304462] page dumped because: kasan: bad access detected [ 16.304501] [ 16.304519] Memory state around the buggy address: [ 16.304548] fff00000c58dc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.304590] fff00000c58dc500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.305272] >fff00000c58dc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.305340] ^ [ 16.305477] fff00000c58dc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.305524] fff00000c58dc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.305562] ================================================================== [ 16.296130] ================================================================== [ 16.296177] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.296451] Write of size 1 at addr fff00000c58dc578 by task kunit_try_catch/136 [ 16.296597] [ 16.296669] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.296759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.296786] Hardware name: linux,dummy-virt (DT) [ 16.296819] Call trace: [ 16.296841] show_stack+0x20/0x38 (C) [ 16.297068] dump_stack_lvl+0x8c/0xd0 [ 16.297224] print_report+0x118/0x5d0 [ 16.297320] kasan_report+0xdc/0x128 [ 16.297430] __asan_report_store1_noabort+0x20/0x30 [ 16.297527] kmalloc_oob_right+0x538/0x660 [ 16.297708] kunit_try_run_case+0x170/0x3f0 [ 16.297762] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.297960] kthread+0x328/0x630 [ 16.298125] ret_from_fork+0x10/0x20 [ 16.298284] [ 16.298372] Allocated by task 136: [ 16.298498] kasan_save_stack+0x3c/0x68 [ 16.298567] kasan_save_track+0x20/0x40 [ 16.298764] kasan_save_alloc_info+0x40/0x58 [ 16.298812] __kasan_kmalloc+0xd4/0xd8 [ 16.298860] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.298980] kmalloc_oob_right+0xb0/0x660 [ 16.299124] kunit_try_run_case+0x170/0x3f0 [ 16.299212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.299290] kthread+0x328/0x630 [ 16.299552] ret_from_fork+0x10/0x20 [ 16.299632] [ 16.299697] The buggy address belongs to the object at fff00000c58dc500 [ 16.299697] which belongs to the cache kmalloc-128 of size 128 [ 16.299822] The buggy address is located 5 bytes to the right of [ 16.299822] allocated 115-byte region [fff00000c58dc500, fff00000c58dc573) [ 16.299903] [ 16.300142] The buggy address belongs to the physical page: [ 16.300261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058dc [ 16.300529] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.300603] page_type: f5(slab) [ 16.300713] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.300797] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.300837] page dumped because: kasan: bad access detected [ 16.300873] [ 16.300891] Memory state around the buggy address: [ 16.301154] fff00000c58dc400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.301266] fff00000c58dc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.301344] >fff00000c58dc500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.301481] ^ [ 16.301521] fff00000c58dc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.301564] fff00000c58dc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.301600] ==================================================================
[ 11.987832] ================================================================== [ 11.988243] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.988546] Write of size 1 at addr ffff88810313a378 by task kunit_try_catch/154 [ 11.988876] [ 11.988986] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 11.989028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.989040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.989063] Call Trace: [ 11.989078] <TASK> [ 11.989094] dump_stack_lvl+0x73/0xb0 [ 11.989121] print_report+0xd1/0x610 [ 11.989143] ? __virt_addr_valid+0x1db/0x2d0 [ 11.989166] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.989187] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.989209] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.989231] kasan_report+0x141/0x180 [ 11.989320] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.989371] __asan_report_store1_noabort+0x1b/0x30 [ 11.989408] kmalloc_oob_right+0x6bd/0x7f0 [ 11.989434] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.989458] ? __schedule+0x10c6/0x2b60 [ 11.989499] ? __pfx_read_tsc+0x10/0x10 [ 11.989520] ? ktime_get_ts64+0x86/0x230 [ 11.989544] kunit_try_run_case+0x1a5/0x480 [ 11.989569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.989602] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.989624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.989648] ? __kthread_parkme+0x82/0x180 [ 11.989669] ? preempt_count_sub+0x50/0x80 [ 11.989692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.989716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.989739] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.989762] kthread+0x337/0x6f0 [ 11.989780] ? trace_preempt_on+0x20/0xc0 [ 11.989803] ? __pfx_kthread+0x10/0x10 [ 11.989842] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.989863] ? calculate_sigpending+0x7b/0xa0 [ 11.989887] ? __pfx_kthread+0x10/0x10 [ 11.989909] ret_from_fork+0x116/0x1d0 [ 11.989943] ? __pfx_kthread+0x10/0x10 [ 11.989963] ret_from_fork_asm+0x1a/0x30 [ 11.989996] </TASK> [ 11.990006] [ 11.998852] Allocated by task 154: [ 11.999193] kasan_save_stack+0x45/0x70 [ 11.999393] kasan_save_track+0x18/0x40 [ 11.999604] kasan_save_alloc_info+0x3b/0x50 [ 11.999811] __kasan_kmalloc+0xb7/0xc0 [ 11.999995] __kmalloc_cache_noprof+0x189/0x420 [ 12.000287] kmalloc_oob_right+0xa9/0x7f0 [ 12.000504] kunit_try_run_case+0x1a5/0x480 [ 12.000719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.000984] kthread+0x337/0x6f0 [ 12.001233] ret_from_fork+0x116/0x1d0 [ 12.001448] ret_from_fork_asm+0x1a/0x30 [ 12.001641] [ 12.001746] The buggy address belongs to the object at ffff88810313a300 [ 12.001746] which belongs to the cache kmalloc-128 of size 128 [ 12.002344] The buggy address is located 5 bytes to the right of [ 12.002344] allocated 115-byte region [ffff88810313a300, ffff88810313a373) [ 12.002981] [ 12.003091] The buggy address belongs to the physical page: [ 12.003357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10313a [ 12.003733] flags: 0x200000000000000(node=0|zone=2) [ 12.003971] page_type: f5(slab) [ 12.004135] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.004474] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.004918] page dumped because: kasan: bad access detected [ 12.005085] [ 12.005152] Memory state around the buggy address: [ 12.005526] ffff88810313a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.006213] ffff88810313a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.006521] >ffff88810313a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.006728] ^ [ 12.007189] ffff88810313a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.007521] ffff88810313a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.007823] ================================================================== [ 12.008569] ================================================================== [ 12.008917] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.009282] Read of size 1 at addr ffff88810313a380 by task kunit_try_catch/154 [ 12.009700] [ 12.009790] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 12.009831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.009842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.009888] Call Trace: [ 12.009902] <TASK> [ 12.009916] dump_stack_lvl+0x73/0xb0 [ 12.009942] print_report+0xd1/0x610 [ 12.009982] ? __virt_addr_valid+0x1db/0x2d0 [ 12.010006] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.010027] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.010096] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.010123] kasan_report+0x141/0x180 [ 12.010145] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.010172] __asan_report_load1_noabort+0x18/0x20 [ 12.010196] kmalloc_oob_right+0x68a/0x7f0 [ 12.010219] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.010241] ? __schedule+0x10c6/0x2b60 [ 12.010263] ? __pfx_read_tsc+0x10/0x10 [ 12.010284] ? ktime_get_ts64+0x86/0x230 [ 12.010331] kunit_try_run_case+0x1a5/0x480 [ 12.010369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.010417] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.010453] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.010477] ? __kthread_parkme+0x82/0x180 [ 12.010511] ? preempt_count_sub+0x50/0x80 [ 12.010535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.010559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.010582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.010612] kthread+0x337/0x6f0 [ 12.010632] ? trace_preempt_on+0x20/0xc0 [ 12.010654] ? __pfx_kthread+0x10/0x10 [ 12.010675] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.010696] ? calculate_sigpending+0x7b/0xa0 [ 12.010719] ? __pfx_kthread+0x10/0x10 [ 12.010741] ret_from_fork+0x116/0x1d0 [ 12.010759] ? __pfx_kthread+0x10/0x10 [ 12.010779] ret_from_fork_asm+0x1a/0x30 [ 12.010812] </TASK> [ 12.010823] [ 12.018970] Allocated by task 154: [ 12.019185] kasan_save_stack+0x45/0x70 [ 12.019535] kasan_save_track+0x18/0x40 [ 12.019806] kasan_save_alloc_info+0x3b/0x50 [ 12.020034] __kasan_kmalloc+0xb7/0xc0 [ 12.020244] __kmalloc_cache_noprof+0x189/0x420 [ 12.020610] kmalloc_oob_right+0xa9/0x7f0 [ 12.020835] kunit_try_run_case+0x1a5/0x480 [ 12.021027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.021304] kthread+0x337/0x6f0 [ 12.021436] ret_from_fork+0x116/0x1d0 [ 12.021568] ret_from_fork_asm+0x1a/0x30 [ 12.021769] [ 12.021866] The buggy address belongs to the object at ffff88810313a300 [ 12.021866] which belongs to the cache kmalloc-128 of size 128 [ 12.022666] The buggy address is located 13 bytes to the right of [ 12.022666] allocated 115-byte region [ffff88810313a300, ffff88810313a373) [ 12.023310] [ 12.023417] The buggy address belongs to the physical page: [ 12.023695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10313a [ 12.023932] flags: 0x200000000000000(node=0|zone=2) [ 12.024428] page_type: f5(slab) [ 12.024675] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.024963] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.025505] page dumped because: kasan: bad access detected [ 12.025767] [ 12.025866] Memory state around the buggy address: [ 12.026101] ffff88810313a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.026436] ffff88810313a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.026741] >ffff88810313a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.027056] ^ [ 12.027272] ffff88810313a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.027605] ffff88810313a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.027897] ================================================================== [ 11.961447] ================================================================== [ 11.962143] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.962897] Write of size 1 at addr ffff88810313a373 by task kunit_try_catch/154 [ 11.963321] [ 11.964422] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 11.964798] Tainted: [N]=TEST [ 11.964831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.965052] Call Trace: [ 11.965119] <TASK> [ 11.965268] dump_stack_lvl+0x73/0xb0 [ 11.965357] print_report+0xd1/0x610 [ 11.965388] ? __virt_addr_valid+0x1db/0x2d0 [ 11.965427] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.965448] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.965470] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.965492] kasan_report+0x141/0x180 [ 11.965514] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.965541] __asan_report_store1_noabort+0x1b/0x30 [ 11.965564] kmalloc_oob_right+0x6f0/0x7f0 [ 11.965586] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.965609] ? __schedule+0x10c6/0x2b60 [ 11.965633] ? __pfx_read_tsc+0x10/0x10 [ 11.965654] ? ktime_get_ts64+0x86/0x230 [ 11.965681] kunit_try_run_case+0x1a5/0x480 [ 11.965708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.965730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.965754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.965778] ? __kthread_parkme+0x82/0x180 [ 11.965799] ? preempt_count_sub+0x50/0x80 [ 11.965824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.965848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.965871] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.965894] kthread+0x337/0x6f0 [ 11.965914] ? trace_preempt_on+0x20/0xc0 [ 11.965938] ? __pfx_kthread+0x10/0x10 [ 11.965959] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.965980] ? calculate_sigpending+0x7b/0xa0 [ 11.966005] ? __pfx_kthread+0x10/0x10 [ 11.966044] ret_from_fork+0x116/0x1d0 [ 11.966063] ? __pfx_kthread+0x10/0x10 [ 11.966084] ret_from_fork_asm+0x1a/0x30 [ 11.966147] </TASK> [ 11.966216] [ 11.973972] Allocated by task 154: [ 11.974476] kasan_save_stack+0x45/0x70 [ 11.974797] kasan_save_track+0x18/0x40 [ 11.974982] kasan_save_alloc_info+0x3b/0x50 [ 11.975264] __kasan_kmalloc+0xb7/0xc0 [ 11.975448] __kmalloc_cache_noprof+0x189/0x420 [ 11.975819] kmalloc_oob_right+0xa9/0x7f0 [ 11.976026] kunit_try_run_case+0x1a5/0x480 [ 11.976248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.976610] kthread+0x337/0x6f0 [ 11.976918] ret_from_fork+0x116/0x1d0 [ 11.977116] ret_from_fork_asm+0x1a/0x30 [ 11.977387] [ 11.977634] The buggy address belongs to the object at ffff88810313a300 [ 11.977634] which belongs to the cache kmalloc-128 of size 128 [ 11.978618] The buggy address is located 0 bytes to the right of [ 11.978618] allocated 115-byte region [ffff88810313a300, ffff88810313a373) [ 11.979053] [ 11.979208] The buggy address belongs to the physical page: [ 11.979742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10313a [ 11.980804] flags: 0x200000000000000(node=0|zone=2) [ 11.981563] page_type: f5(slab) [ 11.982239] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.982607] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.982997] page dumped because: kasan: bad access detected [ 11.983364] [ 11.983482] Memory state around the buggy address: [ 11.984112] ffff88810313a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.984549] ffff88810313a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.984928] >ffff88810313a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.985363] ^ [ 11.985808] ffff88810313a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.986268] ffff88810313a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.986598] ==================================================================
[ 12.109037] ================================================================== [ 12.109399] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.109663] Read of size 1 at addr ffff8881027a1880 by task kunit_try_catch/153 [ 12.110172] [ 12.110273] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 12.110316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.110327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.110349] Call Trace: [ 12.110366] <TASK> [ 12.110381] dump_stack_lvl+0x73/0xb0 [ 12.110408] print_report+0xd1/0x610 [ 12.110429] ? __virt_addr_valid+0x1db/0x2d0 [ 12.110450] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.110470] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.110491] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.110512] kasan_report+0x141/0x180 [ 12.110533] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.110558] __asan_report_load1_noabort+0x18/0x20 [ 12.110581] kmalloc_oob_right+0x68a/0x7f0 [ 12.110602] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.110624] ? __schedule+0x10c6/0x2b60 [ 12.110646] ? __pfx_read_tsc+0x10/0x10 [ 12.110666] ? ktime_get_ts64+0x86/0x230 [ 12.110689] kunit_try_run_case+0x1a5/0x480 [ 12.110713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.110735] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.110757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.110780] ? __kthread_parkme+0x82/0x180 [ 12.110799] ? preempt_count_sub+0x50/0x80 [ 12.110821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.110844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.110932] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.110955] kthread+0x337/0x6f0 [ 12.110973] ? trace_preempt_on+0x20/0xc0 [ 12.110996] ? __pfx_kthread+0x10/0x10 [ 12.111016] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.111036] ? calculate_sigpending+0x7b/0xa0 [ 12.111059] ? __pfx_kthread+0x10/0x10 [ 12.111080] ret_from_fork+0x116/0x1d0 [ 12.111098] ? __pfx_kthread+0x10/0x10 [ 12.111117] ret_from_fork_asm+0x1a/0x30 [ 12.111159] </TASK> [ 12.111169] [ 12.118588] Allocated by task 153: [ 12.118727] kasan_save_stack+0x45/0x70 [ 12.119008] kasan_save_track+0x18/0x40 [ 12.119224] kasan_save_alloc_info+0x3b/0x50 [ 12.119463] __kasan_kmalloc+0xb7/0xc0 [ 12.119654] __kmalloc_cache_noprof+0x189/0x420 [ 12.119868] kmalloc_oob_right+0xa9/0x7f0 [ 12.120011] kunit_try_run_case+0x1a5/0x480 [ 12.120167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.120356] kthread+0x337/0x6f0 [ 12.120480] ret_from_fork+0x116/0x1d0 [ 12.120614] ret_from_fork_asm+0x1a/0x30 [ 12.120754] [ 12.120833] The buggy address belongs to the object at ffff8881027a1800 [ 12.120833] which belongs to the cache kmalloc-128 of size 128 [ 12.121508] The buggy address is located 13 bytes to the right of [ 12.121508] allocated 115-byte region [ffff8881027a1800, ffff8881027a1873) [ 12.122277] [ 12.122404] The buggy address belongs to the physical page: [ 12.122658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 12.123094] flags: 0x200000000000000(node=0|zone=2) [ 12.123368] page_type: f5(slab) [ 12.123517] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.123808] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.124109] page dumped because: kasan: bad access detected [ 12.124412] [ 12.124509] Memory state around the buggy address: [ 12.124735] ffff8881027a1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.125133] ffff8881027a1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.125488] >ffff8881027a1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.125752] ^ [ 12.126093] ffff8881027a1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.126410] ffff8881027a1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.126711] ================================================================== [ 12.089404] ================================================================== [ 12.089732] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.090055] Write of size 1 at addr ffff8881027a1878 by task kunit_try_catch/153 [ 12.090344] [ 12.090458] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 12.090502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.090516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.090536] Call Trace: [ 12.090549] <TASK> [ 12.090565] dump_stack_lvl+0x73/0xb0 [ 12.090592] print_report+0xd1/0x610 [ 12.090614] ? __virt_addr_valid+0x1db/0x2d0 [ 12.090637] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.090657] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.090678] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.090699] kasan_report+0x141/0x180 [ 12.090720] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.090745] __asan_report_store1_noabort+0x1b/0x30 [ 12.090769] kmalloc_oob_right+0x6bd/0x7f0 [ 12.090790] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.090811] ? __schedule+0x10c6/0x2b60 [ 12.090832] ? __pfx_read_tsc+0x10/0x10 [ 12.090852] ? ktime_get_ts64+0x86/0x230 [ 12.090927] kunit_try_run_case+0x1a5/0x480 [ 12.090951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.090972] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.090996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.091018] ? __kthread_parkme+0x82/0x180 [ 12.091037] ? preempt_count_sub+0x50/0x80 [ 12.091061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.091084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.091107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.091129] kthread+0x337/0x6f0 [ 12.091161] ? trace_preempt_on+0x20/0xc0 [ 12.091184] ? __pfx_kthread+0x10/0x10 [ 12.091204] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.091224] ? calculate_sigpending+0x7b/0xa0 [ 12.091247] ? __pfx_kthread+0x10/0x10 [ 12.091268] ret_from_fork+0x116/0x1d0 [ 12.091286] ? __pfx_kthread+0x10/0x10 [ 12.091305] ret_from_fork_asm+0x1a/0x30 [ 12.091335] </TASK> [ 12.091345] [ 12.099307] Allocated by task 153: [ 12.099467] kasan_save_stack+0x45/0x70 [ 12.099674] kasan_save_track+0x18/0x40 [ 12.099831] kasan_save_alloc_info+0x3b/0x50 [ 12.100239] __kasan_kmalloc+0xb7/0xc0 [ 12.100436] __kmalloc_cache_noprof+0x189/0x420 [ 12.100661] kmalloc_oob_right+0xa9/0x7f0 [ 12.100841] kunit_try_run_case+0x1a5/0x480 [ 12.101031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.101262] kthread+0x337/0x6f0 [ 12.101384] ret_from_fork+0x116/0x1d0 [ 12.101518] ret_from_fork_asm+0x1a/0x30 [ 12.101661] [ 12.101758] The buggy address belongs to the object at ffff8881027a1800 [ 12.101758] which belongs to the cache kmalloc-128 of size 128 [ 12.102746] The buggy address is located 5 bytes to the right of [ 12.102746] allocated 115-byte region [ffff8881027a1800, ffff8881027a1873) [ 12.103154] [ 12.103228] The buggy address belongs to the physical page: [ 12.103765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 12.104258] flags: 0x200000000000000(node=0|zone=2) [ 12.104439] page_type: f5(slab) [ 12.104563] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.104796] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.105357] page dumped because: kasan: bad access detected [ 12.105828] [ 12.106049] Memory state around the buggy address: [ 12.106294] ffff8881027a1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.106563] ffff8881027a1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.106780] >ffff8881027a1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.106997] ^ [ 12.107520] ffff8881027a1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.107846] ffff8881027a1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.108537] ================================================================== [ 12.063659] ================================================================== [ 12.064567] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.065629] Write of size 1 at addr ffff8881027a1873 by task kunit_try_catch/153 [ 12.066004] [ 12.066957] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 12.067308] Tainted: [N]=TEST [ 12.067339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.067559] Call Trace: [ 12.067625] <TASK> [ 12.067766] dump_stack_lvl+0x73/0xb0 [ 12.067865] print_report+0xd1/0x610 [ 12.067895] ? __virt_addr_valid+0x1db/0x2d0 [ 12.067919] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.067940] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.067961] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.067982] kasan_report+0x141/0x180 [ 12.068003] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.068028] __asan_report_store1_noabort+0x1b/0x30 [ 12.068052] kmalloc_oob_right+0x6f0/0x7f0 [ 12.068073] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.068095] ? __schedule+0x10c6/0x2b60 [ 12.068117] ? __pfx_read_tsc+0x10/0x10 [ 12.068138] ? ktime_get_ts64+0x86/0x230 [ 12.068176] kunit_try_run_case+0x1a5/0x480 [ 12.068202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.068224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.068248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.068270] ? __kthread_parkme+0x82/0x180 [ 12.068292] ? preempt_count_sub+0x50/0x80 [ 12.068315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.068343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.068365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.068388] kthread+0x337/0x6f0 [ 12.068407] ? trace_preempt_on+0x20/0xc0 [ 12.068430] ? __pfx_kthread+0x10/0x10 [ 12.068450] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.068471] ? calculate_sigpending+0x7b/0xa0 [ 12.068495] ? __pfx_kthread+0x10/0x10 [ 12.068516] ret_from_fork+0x116/0x1d0 [ 12.068534] ? __pfx_kthread+0x10/0x10 [ 12.068554] ret_from_fork_asm+0x1a/0x30 [ 12.068607] </TASK> [ 12.068671] [ 12.076540] Allocated by task 153: [ 12.076828] kasan_save_stack+0x45/0x70 [ 12.077068] kasan_save_track+0x18/0x40 [ 12.077275] kasan_save_alloc_info+0x3b/0x50 [ 12.077709] __kasan_kmalloc+0xb7/0xc0 [ 12.078169] __kmalloc_cache_noprof+0x189/0x420 [ 12.078415] kmalloc_oob_right+0xa9/0x7f0 [ 12.078578] kunit_try_run_case+0x1a5/0x480 [ 12.078726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.079157] kthread+0x337/0x6f0 [ 12.079341] ret_from_fork+0x116/0x1d0 [ 12.079532] ret_from_fork_asm+0x1a/0x30 [ 12.079772] [ 12.080095] The buggy address belongs to the object at ffff8881027a1800 [ 12.080095] which belongs to the cache kmalloc-128 of size 128 [ 12.080746] The buggy address is located 0 bytes to the right of [ 12.080746] allocated 115-byte region [ffff8881027a1800, ffff8881027a1873) [ 12.081367] [ 12.081545] The buggy address belongs to the physical page: [ 12.081963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 12.082515] flags: 0x200000000000000(node=0|zone=2) [ 12.083130] page_type: f5(slab) [ 12.083611] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.083940] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.084602] page dumped because: kasan: bad access detected [ 12.084844] [ 12.085013] Memory state around the buggy address: [ 12.085450] ffff8881027a1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.085839] ffff8881027a1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.086226] >ffff8881027a1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.086698] ^ [ 12.087090] ffff8881027a1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.087410] ffff8881027a1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.087752] ==================================================================