Date
July 20, 2025, 11:12 p.m.
Environment | |
---|---|
qemu-arm64 | |
qemu-x86_64 |
[ 16.821454] ================================================================== [ 16.821717] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.821954] Read of size 1 at addr fff00000c3edd978 by task kunit_try_catch/194 [ 16.822093] [ 16.822126] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.822207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.822511] Hardware name: linux,dummy-virt (DT) [ 16.822665] Call trace: [ 16.822792] show_stack+0x20/0x38 (C) [ 16.823097] dump_stack_lvl+0x8c/0xd0 [ 16.823771] print_report+0x118/0x5d0 [ 16.824575] kasan_report+0xdc/0x128 [ 16.824651] __asan_report_load1_noabort+0x20/0x30 [ 16.824706] ksize_unpoisons_memory+0x618/0x740 [ 16.824790] kunit_try_run_case+0x170/0x3f0 [ 16.825264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.825582] kthread+0x328/0x630 [ 16.825750] ret_from_fork+0x10/0x20 [ 16.826696] [ 16.826738] Allocated by task 194: [ 16.826771] kasan_save_stack+0x3c/0x68 [ 16.826834] kasan_save_track+0x20/0x40 [ 16.826873] kasan_save_alloc_info+0x40/0x58 [ 16.826955] __kasan_kmalloc+0xd4/0xd8 [ 16.827433] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.827517] ksize_unpoisons_memory+0xc0/0x740 [ 16.827558] kunit_try_run_case+0x170/0x3f0 [ 16.827608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.827666] kthread+0x328/0x630 [ 16.827705] ret_from_fork+0x10/0x20 [ 16.827742] [ 16.827778] The buggy address belongs to the object at fff00000c3edd900 [ 16.827778] which belongs to the cache kmalloc-128 of size 128 [ 16.827838] The buggy address is located 5 bytes to the right of [ 16.827838] allocated 115-byte region [fff00000c3edd900, fff00000c3edd973) [ 16.827914] [ 16.827943] The buggy address belongs to the physical page: [ 16.827975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103edd [ 16.828038] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.828089] page_type: f5(slab) [ 16.828145] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.828199] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.828253] page dumped because: kasan: bad access detected [ 16.828295] [ 16.828313] Memory state around the buggy address: [ 16.828360] fff00000c3edd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.828405] fff00000c3edd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.828457] >fff00000c3edd900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.828498] ^ [ 16.828539] fff00000c3edd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.828592] fff00000c3edda00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.828632] ================================================================== [ 16.812172] ================================================================== [ 16.812239] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.812295] Read of size 1 at addr fff00000c3edd973 by task kunit_try_catch/194 [ 16.812347] [ 16.812383] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.812469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.812497] Hardware name: linux,dummy-virt (DT) [ 16.812545] Call trace: [ 16.812592] show_stack+0x20/0x38 (C) [ 16.812643] dump_stack_lvl+0x8c/0xd0 [ 16.812691] print_report+0x118/0x5d0 [ 16.812738] kasan_report+0xdc/0x128 [ 16.812784] __asan_report_load1_noabort+0x20/0x30 [ 16.812836] ksize_unpoisons_memory+0x628/0x740 [ 16.812894] kunit_try_run_case+0x170/0x3f0 [ 16.813427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.813500] kthread+0x328/0x630 [ 16.813792] ret_from_fork+0x10/0x20 [ 16.814101] [ 16.814199] Allocated by task 194: [ 16.814269] kasan_save_stack+0x3c/0x68 [ 16.814462] kasan_save_track+0x20/0x40 [ 16.814507] kasan_save_alloc_info+0x40/0x58 [ 16.814727] __kasan_kmalloc+0xd4/0xd8 [ 16.814935] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.815005] ksize_unpoisons_memory+0xc0/0x740 [ 16.815071] kunit_try_run_case+0x170/0x3f0 [ 16.815216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.815299] kthread+0x328/0x630 [ 16.815394] ret_from_fork+0x10/0x20 [ 16.815447] [ 16.815467] The buggy address belongs to the object at fff00000c3edd900 [ 16.815467] which belongs to the cache kmalloc-128 of size 128 [ 16.815916] The buggy address is located 0 bytes to the right of [ 16.815916] allocated 115-byte region [fff00000c3edd900, fff00000c3edd973) [ 16.816060] [ 16.816240] The buggy address belongs to the physical page: [ 16.816347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103edd [ 16.816769] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.816964] page_type: f5(slab) [ 16.817138] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.817328] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.817388] page dumped because: kasan: bad access detected [ 16.817797] [ 16.817859] Memory state around the buggy address: [ 16.818023] fff00000c3edd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.818210] fff00000c3edd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.818414] >fff00000c3edd900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.818812] ^ [ 16.818959] fff00000c3edd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.819271] fff00000c3edda00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.819352] ================================================================== [ 16.829330] ================================================================== [ 16.829400] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.829451] Read of size 1 at addr fff00000c3edd97f by task kunit_try_catch/194 [ 16.829502] [ 16.829535] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.829625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.829653] Hardware name: linux,dummy-virt (DT) [ 16.829696] Call trace: [ 16.829718] show_stack+0x20/0x38 (C) [ 16.829776] dump_stack_lvl+0x8c/0xd0 [ 16.830816] print_report+0x118/0x5d0 [ 16.830885] kasan_report+0xdc/0x128 [ 16.831004] __asan_report_load1_noabort+0x20/0x30 [ 16.831114] ksize_unpoisons_memory+0x690/0x740 [ 16.831202] kunit_try_run_case+0x170/0x3f0 [ 16.831284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.831472] kthread+0x328/0x630 [ 16.831664] ret_from_fork+0x10/0x20 [ 16.832244] [ 16.832393] Allocated by task 194: [ 16.832452] kasan_save_stack+0x3c/0x68 [ 16.832542] kasan_save_track+0x20/0x40 [ 16.832659] kasan_save_alloc_info+0x40/0x58 [ 16.832722] __kasan_kmalloc+0xd4/0xd8 [ 16.833179] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.833334] ksize_unpoisons_memory+0xc0/0x740 [ 16.833485] kunit_try_run_case+0x170/0x3f0 [ 16.833638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.833854] kthread+0x328/0x630 [ 16.833931] ret_from_fork+0x10/0x20 [ 16.833969] [ 16.833990] The buggy address belongs to the object at fff00000c3edd900 [ 16.833990] which belongs to the cache kmalloc-128 of size 128 [ 16.834049] The buggy address is located 12 bytes to the right of [ 16.834049] allocated 115-byte region [fff00000c3edd900, fff00000c3edd973) [ 16.834533] [ 16.834573] The buggy address belongs to the physical page: [ 16.834862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103edd [ 16.835340] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.835495] page_type: f5(slab) [ 16.835640] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.836000] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.836176] page dumped because: kasan: bad access detected [ 16.836282] [ 16.836458] Memory state around the buggy address: [ 16.836826] fff00000c3edd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.837084] fff00000c3edd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.837210] >fff00000c3edd900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.837350] ^ [ 16.837426] fff00000c3edd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.837492] fff00000c3edda00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.837627] ==================================================================
[ 16.771353] ================================================================== [ 16.771553] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.771615] Read of size 1 at addr fff00000c58dcd73 by task kunit_try_catch/194 [ 16.771742] [ 16.771778] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.771859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.771887] Hardware name: linux,dummy-virt (DT) [ 16.771921] Call trace: [ 16.771943] show_stack+0x20/0x38 (C) [ 16.772160] dump_stack_lvl+0x8c/0xd0 [ 16.772213] print_report+0x118/0x5d0 [ 16.772279] kasan_report+0xdc/0x128 [ 16.772363] __asan_report_load1_noabort+0x20/0x30 [ 16.772416] ksize_unpoisons_memory+0x628/0x740 [ 16.772465] kunit_try_run_case+0x170/0x3f0 [ 16.772515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.772691] kthread+0x328/0x630 [ 16.772741] ret_from_fork+0x10/0x20 [ 16.772791] [ 16.772810] Allocated by task 194: [ 16.772862] kasan_save_stack+0x3c/0x68 [ 16.772920] kasan_save_track+0x20/0x40 [ 16.772990] kasan_save_alloc_info+0x40/0x58 [ 16.773333] __kasan_kmalloc+0xd4/0xd8 [ 16.773421] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.773512] ksize_unpoisons_memory+0xc0/0x740 [ 16.773587] kunit_try_run_case+0x170/0x3f0 [ 16.773640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.773685] kthread+0x328/0x630 [ 16.773741] ret_from_fork+0x10/0x20 [ 16.773778] [ 16.773799] The buggy address belongs to the object at fff00000c58dcd00 [ 16.773799] which belongs to the cache kmalloc-128 of size 128 [ 16.773859] The buggy address is located 0 bytes to the right of [ 16.773859] allocated 115-byte region [fff00000c58dcd00, fff00000c58dcd73) [ 16.773933] [ 16.773953] The buggy address belongs to the physical page: [ 16.774114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058dc [ 16.774217] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.774346] page_type: f5(slab) [ 16.774439] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.774533] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.774584] page dumped because: kasan: bad access detected [ 16.774615] [ 16.774643] Memory state around the buggy address: [ 16.774684] fff00000c58dcc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.774738] fff00000c58dcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.774792] >fff00000c58dcd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.775151] ^ [ 16.775331] fff00000c58dcd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.775377] fff00000c58dce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.775527] ================================================================== [ 16.776216] ================================================================== [ 16.776267] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.776534] Read of size 1 at addr fff00000c58dcd78 by task kunit_try_catch/194 [ 16.776595] [ 16.776724] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.776815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.776873] Hardware name: linux,dummy-virt (DT) [ 16.776918] Call trace: [ 16.777032] show_stack+0x20/0x38 (C) [ 16.777085] dump_stack_lvl+0x8c/0xd0 [ 16.777156] print_report+0x118/0x5d0 [ 16.777205] kasan_report+0xdc/0x128 [ 16.777252] __asan_report_load1_noabort+0x20/0x30 [ 16.777305] ksize_unpoisons_memory+0x618/0x740 [ 16.777481] kunit_try_run_case+0x170/0x3f0 [ 16.777582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.777743] kthread+0x328/0x630 [ 16.777831] ret_from_fork+0x10/0x20 [ 16.777943] [ 16.778039] Allocated by task 194: [ 16.778101] kasan_save_stack+0x3c/0x68 [ 16.778143] kasan_save_track+0x20/0x40 [ 16.778190] kasan_save_alloc_info+0x40/0x58 [ 16.778244] __kasan_kmalloc+0xd4/0xd8 [ 16.778297] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.778335] ksize_unpoisons_memory+0xc0/0x740 [ 16.778383] kunit_try_run_case+0x170/0x3f0 [ 16.778430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.778480] kthread+0x328/0x630 [ 16.778512] ret_from_fork+0x10/0x20 [ 16.778549] [ 16.778568] The buggy address belongs to the object at fff00000c58dcd00 [ 16.778568] which belongs to the cache kmalloc-128 of size 128 [ 16.778636] The buggy address is located 5 bytes to the right of [ 16.778636] allocated 115-byte region [fff00000c58dcd00, fff00000c58dcd73) [ 16.778701] [ 16.778722] The buggy address belongs to the physical page: [ 16.778754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058dc [ 16.778808] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.778854] page_type: f5(slab) [ 16.778912] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.778965] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.779015] page dumped because: kasan: bad access detected [ 16.779047] [ 16.779068] Memory state around the buggy address: [ 16.779098] fff00000c58dcc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.779151] fff00000c58dcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.779206] >fff00000c58dcd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.779252] ^ [ 16.779292] fff00000c58dcd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.779351] fff00000c58dce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.779401] ================================================================== [ 16.779867] ================================================================== [ 16.779915] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.779963] Read of size 1 at addr fff00000c58dcd7f by task kunit_try_catch/194 [ 16.780013] [ 16.780040] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 16.780579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.780675] Hardware name: linux,dummy-virt (DT) [ 16.780709] Call trace: [ 16.780753] show_stack+0x20/0x38 (C) [ 16.780805] dump_stack_lvl+0x8c/0xd0 [ 16.780852] print_report+0x118/0x5d0 [ 16.780897] kasan_report+0xdc/0x128 [ 16.781110] __asan_report_load1_noabort+0x20/0x30 [ 16.781218] ksize_unpoisons_memory+0x690/0x740 [ 16.781304] kunit_try_run_case+0x170/0x3f0 [ 16.781393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.781513] kthread+0x328/0x630 [ 16.781583] ret_from_fork+0x10/0x20 [ 16.781641] [ 16.781659] Allocated by task 194: [ 16.781690] kasan_save_stack+0x3c/0x68 [ 16.781862] kasan_save_track+0x20/0x40 [ 16.781916] kasan_save_alloc_info+0x40/0x58 [ 16.781957] __kasan_kmalloc+0xd4/0xd8 [ 16.782047] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.782126] ksize_unpoisons_memory+0xc0/0x740 [ 16.782220] kunit_try_run_case+0x170/0x3f0 [ 16.782316] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.782420] kthread+0x328/0x630 [ 16.782497] ret_from_fork+0x10/0x20 [ 16.782573] [ 16.782594] The buggy address belongs to the object at fff00000c58dcd00 [ 16.782594] which belongs to the cache kmalloc-128 of size 128 [ 16.782889] The buggy address is located 12 bytes to the right of [ 16.782889] allocated 115-byte region [fff00000c58dcd00, fff00000c58dcd73) [ 16.783012] [ 16.783071] The buggy address belongs to the physical page: [ 16.783152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058dc [ 16.783250] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.783368] page_type: f5(slab) [ 16.783419] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.783766] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.783859] page dumped because: kasan: bad access detected [ 16.783906] [ 16.783925] Memory state around the buggy address: [ 16.784012] fff00000c58dcc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.784098] fff00000c58dcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.784163] >fff00000c58dcd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.784202] ^ [ 16.784262] fff00000c58dcd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.784305] fff00000c58dce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.784346] ==================================================================
[ 13.076545] ================================================================== [ 13.076897] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.077200] Read of size 1 at addr ffff888101bc1678 by task kunit_try_catch/212 [ 13.077505] [ 13.077604] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 13.077647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.077659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.077680] Call Trace: [ 13.077695] <TASK> [ 13.077710] dump_stack_lvl+0x73/0xb0 [ 13.077739] print_report+0xd1/0x610 [ 13.077760] ? __virt_addr_valid+0x1db/0x2d0 [ 13.077781] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.077804] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.077826] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.077849] kasan_report+0x141/0x180 [ 13.077871] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.077899] __asan_report_load1_noabort+0x18/0x20 [ 13.077922] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.077946] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.077967] ? finish_task_switch.isra.0+0x153/0x700 [ 13.077988] ? __switch_to+0x47/0xf50 [ 13.078015] ? __schedule+0x10c6/0x2b60 [ 13.078037] ? __pfx_read_tsc+0x10/0x10 [ 13.078057] ? ktime_get_ts64+0x86/0x230 [ 13.078083] kunit_try_run_case+0x1a5/0x480 [ 13.078107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.078129] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.078152] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.078175] ? __kthread_parkme+0x82/0x180 [ 13.078194] ? preempt_count_sub+0x50/0x80 [ 13.078217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.078240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.078263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.078286] kthread+0x337/0x6f0 [ 13.078305] ? trace_preempt_on+0x20/0xc0 [ 13.078327] ? __pfx_kthread+0x10/0x10 [ 13.078348] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.078368] ? calculate_sigpending+0x7b/0xa0 [ 13.078391] ? __pfx_kthread+0x10/0x10 [ 13.078569] ret_from_fork+0x116/0x1d0 [ 13.078589] ? __pfx_kthread+0x10/0x10 [ 13.078609] ret_from_fork_asm+0x1a/0x30 [ 13.078641] </TASK> [ 13.078651] [ 13.086559] Allocated by task 212: [ 13.086877] kasan_save_stack+0x45/0x70 [ 13.087198] kasan_save_track+0x18/0x40 [ 13.087422] kasan_save_alloc_info+0x3b/0x50 [ 13.087656] __kasan_kmalloc+0xb7/0xc0 [ 13.087800] __kmalloc_cache_noprof+0x189/0x420 [ 13.087968] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.088432] kunit_try_run_case+0x1a5/0x480 [ 13.088687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.088865] kthread+0x337/0x6f0 [ 13.089091] ret_from_fork+0x116/0x1d0 [ 13.089292] ret_from_fork_asm+0x1a/0x30 [ 13.089498] [ 13.089571] The buggy address belongs to the object at ffff888101bc1600 [ 13.089571] which belongs to the cache kmalloc-128 of size 128 [ 13.089930] The buggy address is located 5 bytes to the right of [ 13.089930] allocated 115-byte region [ffff888101bc1600, ffff888101bc1673) [ 13.090367] [ 13.090471] The buggy address belongs to the physical page: [ 13.090721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc1 [ 13.091461] flags: 0x200000000000000(node=0|zone=2) [ 13.091871] page_type: f5(slab) [ 13.092019] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.092293] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.092533] page dumped because: kasan: bad access detected [ 13.093096] [ 13.093197] Memory state around the buggy address: [ 13.093413] ffff888101bc1500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.093709] ffff888101bc1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.093983] >ffff888101bc1600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.094361] ^ [ 13.094687] ffff888101bc1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.094972] ffff888101bc1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.095461] ================================================================== [ 13.054270] ================================================================== [ 13.054924] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.055602] Read of size 1 at addr ffff888101bc1673 by task kunit_try_catch/212 [ 13.056367] [ 13.056568] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 13.056643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.056655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.056682] Call Trace: [ 13.056695] <TASK> [ 13.056714] dump_stack_lvl+0x73/0xb0 [ 13.056746] print_report+0xd1/0x610 [ 13.056769] ? __virt_addr_valid+0x1db/0x2d0 [ 13.056793] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.056815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.056836] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.056860] kasan_report+0x141/0x180 [ 13.056881] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.056910] __asan_report_load1_noabort+0x18/0x20 [ 13.056933] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.056956] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.056978] ? finish_task_switch.isra.0+0x153/0x700 [ 13.057000] ? __switch_to+0x47/0xf50 [ 13.057098] ? __schedule+0x10c6/0x2b60 [ 13.057122] ? __pfx_read_tsc+0x10/0x10 [ 13.057143] ? ktime_get_ts64+0x86/0x230 [ 13.057168] kunit_try_run_case+0x1a5/0x480 [ 13.057194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.057215] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.057238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.057261] ? __kthread_parkme+0x82/0x180 [ 13.057283] ? preempt_count_sub+0x50/0x80 [ 13.057306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.057329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.057352] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.057375] kthread+0x337/0x6f0 [ 13.057394] ? trace_preempt_on+0x20/0xc0 [ 13.057430] ? __pfx_kthread+0x10/0x10 [ 13.057450] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.057471] ? calculate_sigpending+0x7b/0xa0 [ 13.057495] ? __pfx_kthread+0x10/0x10 [ 13.057516] ret_from_fork+0x116/0x1d0 [ 13.057535] ? __pfx_kthread+0x10/0x10 [ 13.057555] ret_from_fork_asm+0x1a/0x30 [ 13.057606] </TASK> [ 13.057618] [ 13.065321] Allocated by task 212: [ 13.065501] kasan_save_stack+0x45/0x70 [ 13.065665] kasan_save_track+0x18/0x40 [ 13.065880] kasan_save_alloc_info+0x3b/0x50 [ 13.066188] __kasan_kmalloc+0xb7/0xc0 [ 13.066374] __kmalloc_cache_noprof+0x189/0x420 [ 13.066580] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.066824] kunit_try_run_case+0x1a5/0x480 [ 13.066988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.067292] kthread+0x337/0x6f0 [ 13.067483] ret_from_fork+0x116/0x1d0 [ 13.067681] ret_from_fork_asm+0x1a/0x30 [ 13.067864] [ 13.067962] The buggy address belongs to the object at ffff888101bc1600 [ 13.067962] which belongs to the cache kmalloc-128 of size 128 [ 13.068518] The buggy address is located 0 bytes to the right of [ 13.068518] allocated 115-byte region [ffff888101bc1600, ffff888101bc1673) [ 13.068926] [ 13.069003] The buggy address belongs to the physical page: [ 13.069418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc1 [ 13.069800] flags: 0x200000000000000(node=0|zone=2) [ 13.070135] page_type: f5(slab) [ 13.070316] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.070694] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.070966] page dumped because: kasan: bad access detected [ 13.071282] [ 13.071382] Memory state around the buggy address: [ 13.071640] ffff888101bc1500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.071957] ffff888101bc1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.072322] >ffff888101bc1600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.072657] ^ [ 13.072950] ffff888101bc1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.073415] ffff888101bc1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.073720] ================================================================== [ 13.095987] ================================================================== [ 13.096585] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.096900] Read of size 1 at addr ffff888101bc167f by task kunit_try_catch/212 [ 13.097333] [ 13.097442] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 13.097485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.097497] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.097517] Call Trace: [ 13.097531] <TASK> [ 13.097545] dump_stack_lvl+0x73/0xb0 [ 13.097572] print_report+0xd1/0x610 [ 13.097609] ? __virt_addr_valid+0x1db/0x2d0 [ 13.097630] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.097652] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.097674] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.097697] kasan_report+0x141/0x180 [ 13.097718] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.097747] __asan_report_load1_noabort+0x18/0x20 [ 13.097770] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.097793] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.097815] ? finish_task_switch.isra.0+0x153/0x700 [ 13.097836] ? __switch_to+0x47/0xf50 [ 13.097862] ? __schedule+0x10c6/0x2b60 [ 13.097884] ? __pfx_read_tsc+0x10/0x10 [ 13.097903] ? ktime_get_ts64+0x86/0x230 [ 13.097929] kunit_try_run_case+0x1a5/0x480 [ 13.097953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.097975] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.097998] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.098021] ? __kthread_parkme+0x82/0x180 [ 13.098092] ? preempt_count_sub+0x50/0x80 [ 13.098115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.098139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.098162] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.098185] kthread+0x337/0x6f0 [ 13.098204] ? trace_preempt_on+0x20/0xc0 [ 13.098226] ? __pfx_kthread+0x10/0x10 [ 13.098247] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.098267] ? calculate_sigpending+0x7b/0xa0 [ 13.098291] ? __pfx_kthread+0x10/0x10 [ 13.098312] ret_from_fork+0x116/0x1d0 [ 13.098330] ? __pfx_kthread+0x10/0x10 [ 13.098350] ret_from_fork_asm+0x1a/0x30 [ 13.098382] </TASK> [ 13.098391] [ 13.106474] Allocated by task 212: [ 13.106684] kasan_save_stack+0x45/0x70 [ 13.106886] kasan_save_track+0x18/0x40 [ 13.107081] kasan_save_alloc_info+0x3b/0x50 [ 13.107444] __kasan_kmalloc+0xb7/0xc0 [ 13.107663] __kmalloc_cache_noprof+0x189/0x420 [ 13.107861] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.108042] kunit_try_run_case+0x1a5/0x480 [ 13.108192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.108456] kthread+0x337/0x6f0 [ 13.108757] ret_from_fork+0x116/0x1d0 [ 13.108942] ret_from_fork_asm+0x1a/0x30 [ 13.109168] [ 13.109240] The buggy address belongs to the object at ffff888101bc1600 [ 13.109240] which belongs to the cache kmalloc-128 of size 128 [ 13.109605] The buggy address is located 12 bytes to the right of [ 13.109605] allocated 115-byte region [ffff888101bc1600, ffff888101bc1673) [ 13.109976] [ 13.110050] The buggy address belongs to the physical page: [ 13.110223] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bc1 [ 13.110775] flags: 0x200000000000000(node=0|zone=2) [ 13.111008] page_type: f5(slab) [ 13.111216] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.111558] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.112197] page dumped because: kasan: bad access detected [ 13.112378] [ 13.112462] Memory state around the buggy address: [ 13.112684] ffff888101bc1500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.113002] ffff888101bc1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.113336] >ffff888101bc1600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.113676] ^ [ 13.113948] ffff888101bc1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.114225] ffff888101bc1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.114536] ==================================================================
[ 13.246639] ================================================================== [ 13.246987] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.247343] Read of size 1 at addr ffff888102a5117f by task kunit_try_catch/211 [ 13.247621] [ 13.247736] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 13.247779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.247790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.247811] Call Trace: [ 13.247822] <TASK> [ 13.247837] dump_stack_lvl+0x73/0xb0 [ 13.247864] print_report+0xd1/0x610 [ 13.247885] ? __virt_addr_valid+0x1db/0x2d0 [ 13.247908] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.247931] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.247952] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.247976] kasan_report+0x141/0x180 [ 13.247999] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.248026] __asan_report_load1_noabort+0x18/0x20 [ 13.248050] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.248073] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.248095] ? finish_task_switch.isra.0+0x153/0x700 [ 13.248117] ? __switch_to+0x47/0xf50 [ 13.248142] ? __schedule+0x10c6/0x2b60 [ 13.248174] ? __pfx_read_tsc+0x10/0x10 [ 13.248194] ? ktime_get_ts64+0x86/0x230 [ 13.248217] kunit_try_run_case+0x1a5/0x480 [ 13.248241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.248262] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.248285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.248307] ? __kthread_parkme+0x82/0x180 [ 13.248332] ? preempt_count_sub+0x50/0x80 [ 13.248355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.248378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.248400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.248423] kthread+0x337/0x6f0 [ 13.248441] ? trace_preempt_on+0x20/0xc0 [ 13.248464] ? __pfx_kthread+0x10/0x10 [ 13.248484] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.248504] ? calculate_sigpending+0x7b/0xa0 [ 13.248527] ? __pfx_kthread+0x10/0x10 [ 13.248548] ret_from_fork+0x116/0x1d0 [ 13.248565] ? __pfx_kthread+0x10/0x10 [ 13.248585] ret_from_fork_asm+0x1a/0x30 [ 13.248614] </TASK> [ 13.248624] [ 13.260715] Allocated by task 211: [ 13.260880] kasan_save_stack+0x45/0x70 [ 13.261310] kasan_save_track+0x18/0x40 [ 13.261491] kasan_save_alloc_info+0x3b/0x50 [ 13.261687] __kasan_kmalloc+0xb7/0xc0 [ 13.261854] __kmalloc_cache_noprof+0x189/0x420 [ 13.262314] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.262520] kunit_try_run_case+0x1a5/0x480 [ 13.262834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.263252] kthread+0x337/0x6f0 [ 13.263384] ret_from_fork+0x116/0x1d0 [ 13.263756] ret_from_fork_asm+0x1a/0x30 [ 13.264055] [ 13.264171] The buggy address belongs to the object at ffff888102a51100 [ 13.264171] which belongs to the cache kmalloc-128 of size 128 [ 13.264851] The buggy address is located 12 bytes to the right of [ 13.264851] allocated 115-byte region [ffff888102a51100, ffff888102a51173) [ 13.265472] [ 13.265621] The buggy address belongs to the physical page: [ 13.265872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a51 [ 13.266562] flags: 0x200000000000000(node=0|zone=2) [ 13.266843] page_type: f5(slab) [ 13.267159] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.267587] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.267856] page dumped because: kasan: bad access detected [ 13.268301] [ 13.268430] Memory state around the buggy address: [ 13.268652] ffff888102a51000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.268953] ffff888102a51080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.269266] >ffff888102a51100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.269940] ^ [ 13.270342] ffff888102a51180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.270748] ffff888102a51200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.271281] ================================================================== [ 13.226516] ================================================================== [ 13.227169] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.227775] Read of size 1 at addr ffff888102a51178 by task kunit_try_catch/211 [ 13.228125] [ 13.228235] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 13.228280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.228292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.228315] Call Trace: [ 13.228331] <TASK> [ 13.228349] dump_stack_lvl+0x73/0xb0 [ 13.228380] print_report+0xd1/0x610 [ 13.228401] ? __virt_addr_valid+0x1db/0x2d0 [ 13.228425] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.228446] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.228467] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.228490] kasan_report+0x141/0x180 [ 13.228511] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.228537] __asan_report_load1_noabort+0x18/0x20 [ 13.228561] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.228583] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.228605] ? finish_task_switch.isra.0+0x153/0x700 [ 13.228628] ? __switch_to+0x47/0xf50 [ 13.228654] ? __schedule+0x10c6/0x2b60 [ 13.228676] ? __pfx_read_tsc+0x10/0x10 [ 13.228696] ? ktime_get_ts64+0x86/0x230 [ 13.228721] kunit_try_run_case+0x1a5/0x480 [ 13.228745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.228767] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.228792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.228814] ? __kthread_parkme+0x82/0x180 [ 13.228834] ? preempt_count_sub+0x50/0x80 [ 13.228856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.228879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.228902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.228924] kthread+0x337/0x6f0 [ 13.228943] ? trace_preempt_on+0x20/0xc0 [ 13.228967] ? __pfx_kthread+0x10/0x10 [ 13.228987] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.229007] ? calculate_sigpending+0x7b/0xa0 [ 13.229031] ? __pfx_kthread+0x10/0x10 [ 13.229051] ret_from_fork+0x116/0x1d0 [ 13.229069] ? __pfx_kthread+0x10/0x10 [ 13.229089] ret_from_fork_asm+0x1a/0x30 [ 13.229119] </TASK> [ 13.229129] [ 13.236952] Allocated by task 211: [ 13.237137] kasan_save_stack+0x45/0x70 [ 13.237481] kasan_save_track+0x18/0x40 [ 13.237673] kasan_save_alloc_info+0x3b/0x50 [ 13.237922] __kasan_kmalloc+0xb7/0xc0 [ 13.238108] __kmalloc_cache_noprof+0x189/0x420 [ 13.238406] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.238631] kunit_try_run_case+0x1a5/0x480 [ 13.238848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.239275] kthread+0x337/0x6f0 [ 13.239532] ret_from_fork+0x116/0x1d0 [ 13.239702] ret_from_fork_asm+0x1a/0x30 [ 13.239933] [ 13.240017] The buggy address belongs to the object at ffff888102a51100 [ 13.240017] which belongs to the cache kmalloc-128 of size 128 [ 13.240528] The buggy address is located 5 bytes to the right of [ 13.240528] allocated 115-byte region [ffff888102a51100, ffff888102a51173) [ 13.241088] [ 13.241178] The buggy address belongs to the physical page: [ 13.241469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a51 [ 13.241743] flags: 0x200000000000000(node=0|zone=2) [ 13.241910] page_type: f5(slab) [ 13.242032] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.242732] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.243052] page dumped because: kasan: bad access detected [ 13.243238] [ 13.243309] Memory state around the buggy address: [ 13.243466] ffff888102a51000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.243685] ffff888102a51080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.243927] >ffff888102a51100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.244245] ^ [ 13.244926] ffff888102a51180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.245256] ffff888102a51200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.245798] ================================================================== [ 13.206806] ================================================================== [ 13.207381] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.207727] Read of size 1 at addr ffff888102a51173 by task kunit_try_catch/211 [ 13.208098] [ 13.208233] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 13.208281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.208292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.208314] Call Trace: [ 13.208332] <TASK> [ 13.208350] dump_stack_lvl+0x73/0xb0 [ 13.208380] print_report+0xd1/0x610 [ 13.208402] ? __virt_addr_valid+0x1db/0x2d0 [ 13.208425] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.208447] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.208468] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.208490] kasan_report+0x141/0x180 [ 13.208512] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.208539] __asan_report_load1_noabort+0x18/0x20 [ 13.208562] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.208585] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.208607] ? finish_task_switch.isra.0+0x153/0x700 [ 13.208629] ? __switch_to+0x47/0xf50 [ 13.208654] ? __schedule+0x10c6/0x2b60 [ 13.208676] ? __pfx_read_tsc+0x10/0x10 [ 13.208697] ? ktime_get_ts64+0x86/0x230 [ 13.208720] kunit_try_run_case+0x1a5/0x480 [ 13.208745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.208767] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.208791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.208813] ? __kthread_parkme+0x82/0x180 [ 13.208833] ? preempt_count_sub+0x50/0x80 [ 13.208855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.208878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.208900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.208924] kthread+0x337/0x6f0 [ 13.208956] ? trace_preempt_on+0x20/0xc0 [ 13.208980] ? __pfx_kthread+0x10/0x10 [ 13.209000] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.209020] ? calculate_sigpending+0x7b/0xa0 [ 13.209044] ? __pfx_kthread+0x10/0x10 [ 13.209064] ret_from_fork+0x116/0x1d0 [ 13.209082] ? __pfx_kthread+0x10/0x10 [ 13.209102] ret_from_fork_asm+0x1a/0x30 [ 13.209132] </TASK> [ 13.209142] [ 13.216718] Allocated by task 211: [ 13.216980] kasan_save_stack+0x45/0x70 [ 13.217192] kasan_save_track+0x18/0x40 [ 13.217380] kasan_save_alloc_info+0x3b/0x50 [ 13.217814] __kasan_kmalloc+0xb7/0xc0 [ 13.218006] __kmalloc_cache_noprof+0x189/0x420 [ 13.218180] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.218504] kunit_try_run_case+0x1a5/0x480 [ 13.218717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.219188] kthread+0x337/0x6f0 [ 13.219368] ret_from_fork+0x116/0x1d0 [ 13.219506] ret_from_fork_asm+0x1a/0x30 [ 13.219700] [ 13.219798] The buggy address belongs to the object at ffff888102a51100 [ 13.219798] which belongs to the cache kmalloc-128 of size 128 [ 13.220388] The buggy address is located 0 bytes to the right of [ 13.220388] allocated 115-byte region [ffff888102a51100, ffff888102a51173) [ 13.220764] [ 13.220838] The buggy address belongs to the physical page: [ 13.221012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a51 [ 13.221512] flags: 0x200000000000000(node=0|zone=2) [ 13.221832] page_type: f5(slab) [ 13.222163] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.222680] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.223073] page dumped because: kasan: bad access detected [ 13.223386] [ 13.223476] Memory state around the buggy address: [ 13.223678] ffff888102a51000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.223922] ffff888102a51080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.224141] >ffff888102a51100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.224720] ^ [ 13.225033] ffff888102a51180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.225307] ffff888102a51200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.225525] ==================================================================