Date
July 1, 2025, 12:10 a.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 13.333171] ================================================================== [ 13.335097] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 13.335603] Read of size 1 at addr ffff888103124410 by task kunit_try_catch/276 [ 13.335836] [ 13.335929] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.335976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.335988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.336010] Call Trace: [ 13.336022] <TASK> [ 13.336051] dump_stack_lvl+0x73/0xb0 [ 13.336078] print_report+0xd1/0x650 [ 13.336104] ? __virt_addr_valid+0x1db/0x2d0 [ 13.336127] ? strcmp+0xb0/0xc0 [ 13.336147] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.336192] ? strcmp+0xb0/0xc0 [ 13.336213] kasan_report+0x141/0x180 [ 13.336249] ? strcmp+0xb0/0xc0 [ 13.336273] __asan_report_load1_noabort+0x18/0x20 [ 13.336298] strcmp+0xb0/0xc0 [ 13.336333] kasan_strings+0x431/0xe80 [ 13.336365] ? trace_hardirqs_on+0x37/0xe0 [ 13.336402] ? __pfx_kasan_strings+0x10/0x10 [ 13.336422] ? finish_task_switch.isra.0+0x153/0x700 [ 13.336445] ? __switch_to+0x47/0xf50 [ 13.336471] ? __schedule+0x10cc/0x2b60 [ 13.336493] ? __pfx_read_tsc+0x10/0x10 [ 13.336514] ? ktime_get_ts64+0x86/0x230 [ 13.336537] kunit_try_run_case+0x1a5/0x480 [ 13.336562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.336583] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.336606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.336628] ? __kthread_parkme+0x82/0x180 [ 13.336649] ? preempt_count_sub+0x50/0x80 [ 13.336671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.336695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.336716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.336738] kthread+0x337/0x6f0 [ 13.336756] ? trace_preempt_on+0x20/0xc0 [ 13.336776] ? __pfx_kthread+0x10/0x10 [ 13.336796] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.336832] ? calculate_sigpending+0x7b/0xa0 [ 13.336856] ? __pfx_kthread+0x10/0x10 [ 13.336890] ret_from_fork+0x116/0x1d0 [ 13.336920] ? __pfx_kthread+0x10/0x10 [ 13.336940] ret_from_fork_asm+0x1a/0x30 [ 13.336983] </TASK> [ 13.336994] [ 13.345461] Allocated by task 276: [ 13.345725] kasan_save_stack+0x45/0x70 [ 13.345932] kasan_save_track+0x18/0x40 [ 13.346123] kasan_save_alloc_info+0x3b/0x50 [ 13.346799] __kasan_kmalloc+0xb7/0xc0 [ 13.346988] __kmalloc_cache_noprof+0x189/0x420 [ 13.347503] kasan_strings+0xc0/0xe80 [ 13.347656] kunit_try_run_case+0x1a5/0x480 [ 13.347826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.348062] kthread+0x337/0x6f0 [ 13.348178] ret_from_fork+0x116/0x1d0 [ 13.348475] ret_from_fork_asm+0x1a/0x30 [ 13.348796] [ 13.349099] Freed by task 276: [ 13.349551] kasan_save_stack+0x45/0x70 [ 13.349750] kasan_save_track+0x18/0x40 [ 13.350133] kasan_save_free_info+0x3f/0x60 [ 13.350346] __kasan_slab_free+0x56/0x70 [ 13.350626] kfree+0x222/0x3f0 [ 13.350754] kasan_strings+0x2aa/0xe80 [ 13.351038] kunit_try_run_case+0x1a5/0x480 [ 13.351424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.351722] kthread+0x337/0x6f0 [ 13.351970] ret_from_fork+0x116/0x1d0 [ 13.352178] ret_from_fork_asm+0x1a/0x30 [ 13.352425] [ 13.352689] The buggy address belongs to the object at ffff888103124400 [ 13.352689] which belongs to the cache kmalloc-32 of size 32 [ 13.353398] The buggy address is located 16 bytes inside of [ 13.353398] freed 32-byte region [ffff888103124400, ffff888103124420) [ 13.354053] [ 13.354135] The buggy address belongs to the physical page: [ 13.354410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103124 [ 13.354923] flags: 0x200000000000000(node=0|zone=2) [ 13.355268] page_type: f5(slab) [ 13.355526] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.355809] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.356294] page dumped because: kasan: bad access detected [ 13.356636] [ 13.356789] Memory state around the buggy address: [ 13.357249] ffff888103124300: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.357790] ffff888103124380: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.358084] >ffff888103124400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.358340] ^ [ 13.358604] ffff888103124480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.359023] ffff888103124500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.359444] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 13.295936] ================================================================== [ 13.297663] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 13.298916] Read of size 1 at addr ffff8881031242d8 by task kunit_try_catch/274 [ 13.299618] [ 13.299742] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.299787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.299799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.299820] Call Trace: [ 13.299835] <TASK> [ 13.299850] dump_stack_lvl+0x73/0xb0 [ 13.299878] print_report+0xd1/0x650 [ 13.299901] ? __virt_addr_valid+0x1db/0x2d0 [ 13.299923] ? memcmp+0x1b4/0x1d0 [ 13.299940] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.299962] ? memcmp+0x1b4/0x1d0 [ 13.299981] kasan_report+0x141/0x180 [ 13.300003] ? memcmp+0x1b4/0x1d0 [ 13.300037] __asan_report_load1_noabort+0x18/0x20 [ 13.300061] memcmp+0x1b4/0x1d0 [ 13.300080] kasan_memcmp+0x18f/0x390 [ 13.300100] ? trace_hardirqs_on+0x37/0xe0 [ 13.300123] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.300142] ? finish_task_switch.isra.0+0x153/0x700 [ 13.300163] ? __switch_to+0x47/0xf50 [ 13.300192] ? __pfx_read_tsc+0x10/0x10 [ 13.300212] ? ktime_get_ts64+0x86/0x230 [ 13.300235] kunit_try_run_case+0x1a5/0x480 [ 13.300258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.300279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.300300] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.300322] ? __kthread_parkme+0x82/0x180 [ 13.300341] ? preempt_count_sub+0x50/0x80 [ 13.300364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.300387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.300410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.300432] kthread+0x337/0x6f0 [ 13.300450] ? trace_preempt_on+0x20/0xc0 [ 13.300470] ? __pfx_kthread+0x10/0x10 [ 13.300490] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.300511] ? calculate_sigpending+0x7b/0xa0 [ 13.300534] ? __pfx_kthread+0x10/0x10 [ 13.300555] ret_from_fork+0x116/0x1d0 [ 13.300573] ? __pfx_kthread+0x10/0x10 [ 13.300593] ret_from_fork_asm+0x1a/0x30 [ 13.300622] </TASK> [ 13.300633] [ 13.312128] Allocated by task 274: [ 13.312543] kasan_save_stack+0x45/0x70 [ 13.312850] kasan_save_track+0x18/0x40 [ 13.313048] kasan_save_alloc_info+0x3b/0x50 [ 13.313386] __kasan_kmalloc+0xb7/0xc0 [ 13.313578] __kmalloc_cache_noprof+0x189/0x420 [ 13.314069] kasan_memcmp+0xb7/0x390 [ 13.314850] kunit_try_run_case+0x1a5/0x480 [ 13.315344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.315744] kthread+0x337/0x6f0 [ 13.316136] ret_from_fork+0x116/0x1d0 [ 13.316502] ret_from_fork_asm+0x1a/0x30 [ 13.316648] [ 13.316721] The buggy address belongs to the object at ffff8881031242c0 [ 13.316721] which belongs to the cache kmalloc-32 of size 32 [ 13.317093] The buggy address is located 0 bytes to the right of [ 13.317093] allocated 24-byte region [ffff8881031242c0, ffff8881031242d8) [ 13.317932] [ 13.318051] The buggy address belongs to the physical page: [ 13.318508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103124 [ 13.318833] flags: 0x200000000000000(node=0|zone=2) [ 13.319055] page_type: f5(slab) [ 13.319227] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.319651] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.319948] page dumped because: kasan: bad access detected [ 13.320298] [ 13.320389] Memory state around the buggy address: [ 13.320552] ffff888103124180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.320877] ffff888103124200: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 13.321155] >ffff888103124280: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.321552] ^ [ 13.321788] ffff888103124300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.322314] ffff888103124380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.322634] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 11.936775] ================================================================== [ 11.937378] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 11.937874] Read of size 1 at addr ffff88810312f300 by task kunit_try_catch/213 [ 11.938286] [ 11.938644] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.938690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.938702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.938720] Call Trace: [ 11.938835] <TASK> [ 11.938851] dump_stack_lvl+0x73/0xb0 [ 11.938881] print_report+0xd1/0x650 [ 11.938902] ? __virt_addr_valid+0x1db/0x2d0 [ 11.938924] ? ksize_uaf+0x5fe/0x6c0 [ 11.938943] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.938964] ? ksize_uaf+0x5fe/0x6c0 [ 11.938991] kasan_report+0x141/0x180 [ 11.939012] ? ksize_uaf+0x5fe/0x6c0 [ 11.939048] __asan_report_load1_noabort+0x18/0x20 [ 11.939072] ksize_uaf+0x5fe/0x6c0 [ 11.939092] ? __pfx_ksize_uaf+0x10/0x10 [ 11.939112] ? __schedule+0x10cc/0x2b60 [ 11.939132] ? __pfx_read_tsc+0x10/0x10 [ 11.939153] ? ktime_get_ts64+0x86/0x230 [ 11.939175] kunit_try_run_case+0x1a5/0x480 [ 11.939198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.939218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.939239] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.939260] ? __kthread_parkme+0x82/0x180 [ 11.939279] ? preempt_count_sub+0x50/0x80 [ 11.939301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.939323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.939344] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.939365] kthread+0x337/0x6f0 [ 11.939383] ? trace_preempt_on+0x20/0xc0 [ 11.939404] ? __pfx_kthread+0x10/0x10 [ 11.939423] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.939443] ? calculate_sigpending+0x7b/0xa0 [ 11.939465] ? __pfx_kthread+0x10/0x10 [ 11.939485] ret_from_fork+0x116/0x1d0 [ 11.939501] ? __pfx_kthread+0x10/0x10 [ 11.939520] ret_from_fork_asm+0x1a/0x30 [ 11.939549] </TASK> [ 11.939559] [ 11.951540] Allocated by task 213: [ 11.951712] kasan_save_stack+0x45/0x70 [ 11.951936] kasan_save_track+0x18/0x40 [ 11.952363] kasan_save_alloc_info+0x3b/0x50 [ 11.952838] __kasan_kmalloc+0xb7/0xc0 [ 11.953104] __kmalloc_cache_noprof+0x189/0x420 [ 11.953358] ksize_uaf+0xaa/0x6c0 [ 11.953718] kunit_try_run_case+0x1a5/0x480 [ 11.954022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.954481] kthread+0x337/0x6f0 [ 11.954762] ret_from_fork+0x116/0x1d0 [ 11.955219] ret_from_fork_asm+0x1a/0x30 [ 11.955422] [ 11.955499] Freed by task 213: [ 11.955680] kasan_save_stack+0x45/0x70 [ 11.955943] kasan_save_track+0x18/0x40 [ 11.956157] kasan_save_free_info+0x3f/0x60 [ 11.956800] __kasan_slab_free+0x56/0x70 [ 11.957189] kfree+0x222/0x3f0 [ 11.957323] ksize_uaf+0x12c/0x6c0 [ 11.957643] kunit_try_run_case+0x1a5/0x480 [ 11.957875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.958315] kthread+0x337/0x6f0 [ 11.958475] ret_from_fork+0x116/0x1d0 [ 11.958677] ret_from_fork_asm+0x1a/0x30 [ 11.959158] [ 11.959285] The buggy address belongs to the object at ffff88810312f300 [ 11.959285] which belongs to the cache kmalloc-128 of size 128 [ 11.959945] The buggy address is located 0 bytes inside of [ 11.959945] freed 128-byte region [ffff88810312f300, ffff88810312f380) [ 11.960799] [ 11.961101] The buggy address belongs to the physical page: [ 11.961556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10312f [ 11.961890] flags: 0x200000000000000(node=0|zone=2) [ 11.962331] page_type: f5(slab) [ 11.962482] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.962827] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.963431] page dumped because: kasan: bad access detected [ 11.964263] [ 11.964368] Memory state around the buggy address: [ 11.964855] ffff88810312f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.965313] ffff88810312f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.966223] >ffff88810312f300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.966839] ^ [ 11.966963] ffff88810312f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.967237] ffff88810312f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.967471] ================================================================== [ 11.910991] ================================================================== [ 11.912160] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 11.912443] Read of size 1 at addr ffff88810312f300 by task kunit_try_catch/213 [ 11.912723] [ 11.912830] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.912872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.912883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.912903] Call Trace: [ 11.912914] <TASK> [ 11.912929] dump_stack_lvl+0x73/0xb0 [ 11.912954] print_report+0xd1/0x650 [ 11.912976] ? __virt_addr_valid+0x1db/0x2d0 [ 11.912996] ? ksize_uaf+0x19d/0x6c0 [ 11.913015] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.913050] ? ksize_uaf+0x19d/0x6c0 [ 11.913069] kasan_report+0x141/0x180 [ 11.913090] ? ksize_uaf+0x19d/0x6c0 [ 11.913113] ? ksize_uaf+0x19d/0x6c0 [ 11.913132] __kasan_check_byte+0x3d/0x50 [ 11.913153] ksize+0x20/0x60 [ 11.913173] ksize_uaf+0x19d/0x6c0 [ 11.913193] ? __pfx_ksize_uaf+0x10/0x10 [ 11.913213] ? __schedule+0x10cc/0x2b60 [ 11.913234] ? __pfx_read_tsc+0x10/0x10 [ 11.913253] ? ktime_get_ts64+0x86/0x230 [ 11.913275] kunit_try_run_case+0x1a5/0x480 [ 11.913299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.913320] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.913342] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.913364] ? __kthread_parkme+0x82/0x180 [ 11.913383] ? preempt_count_sub+0x50/0x80 [ 11.913406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.913428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.913450] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.913471] kthread+0x337/0x6f0 [ 11.913489] ? trace_preempt_on+0x20/0xc0 [ 11.913511] ? __pfx_kthread+0x10/0x10 [ 11.913530] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.913550] ? calculate_sigpending+0x7b/0xa0 [ 11.913572] ? __pfx_kthread+0x10/0x10 [ 11.913592] ret_from_fork+0x116/0x1d0 [ 11.913609] ? __pfx_kthread+0x10/0x10 [ 11.913628] ret_from_fork_asm+0x1a/0x30 [ 11.913657] </TASK> [ 11.913668] [ 11.922033] Allocated by task 213: [ 11.922342] kasan_save_stack+0x45/0x70 [ 11.922582] kasan_save_track+0x18/0x40 [ 11.922799] kasan_save_alloc_info+0x3b/0x50 [ 11.923124] __kasan_kmalloc+0xb7/0xc0 [ 11.923397] __kmalloc_cache_noprof+0x189/0x420 [ 11.923658] ksize_uaf+0xaa/0x6c0 [ 11.923843] kunit_try_run_case+0x1a5/0x480 [ 11.924075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.924465] kthread+0x337/0x6f0 [ 11.924688] ret_from_fork+0x116/0x1d0 [ 11.924866] ret_from_fork_asm+0x1a/0x30 [ 11.925187] [ 11.925283] Freed by task 213: [ 11.925427] kasan_save_stack+0x45/0x70 [ 11.925614] kasan_save_track+0x18/0x40 [ 11.925747] kasan_save_free_info+0x3f/0x60 [ 11.925891] __kasan_slab_free+0x56/0x70 [ 11.926257] kfree+0x222/0x3f0 [ 11.926429] ksize_uaf+0x12c/0x6c0 [ 11.926608] kunit_try_run_case+0x1a5/0x480 [ 11.926815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.927161] kthread+0x337/0x6f0 [ 11.927286] ret_from_fork+0x116/0x1d0 [ 11.927417] ret_from_fork_asm+0x1a/0x30 [ 11.927571] [ 11.927701] The buggy address belongs to the object at ffff88810312f300 [ 11.927701] which belongs to the cache kmalloc-128 of size 128 [ 11.928473] The buggy address is located 0 bytes inside of [ 11.928473] freed 128-byte region [ffff88810312f300, ffff88810312f380) [ 11.929187] [ 11.929321] The buggy address belongs to the physical page: [ 11.929568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10312f [ 11.929893] flags: 0x200000000000000(node=0|zone=2) [ 11.930136] page_type: f5(slab) [ 11.930325] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.930763] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.931363] page dumped because: kasan: bad access detected [ 11.931648] [ 11.931727] Memory state around the buggy address: [ 11.931981] ffff88810312f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.932361] ffff88810312f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.932728] >ffff88810312f300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.933216] ^ [ 11.933336] ffff88810312f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.933698] ffff88810312f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.934088] ================================================================== [ 11.968316] ================================================================== [ 11.969016] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 11.969677] Read of size 1 at addr ffff88810312f378 by task kunit_try_catch/213 [ 11.970258] [ 11.970352] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.970393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.970405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.970424] Call Trace: [ 11.970440] <TASK> [ 11.970456] dump_stack_lvl+0x73/0xb0 [ 11.970484] print_report+0xd1/0x650 [ 11.970505] ? __virt_addr_valid+0x1db/0x2d0 [ 11.970527] ? ksize_uaf+0x5e4/0x6c0 [ 11.970546] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.970568] ? ksize_uaf+0x5e4/0x6c0 [ 11.970588] kasan_report+0x141/0x180 [ 11.970608] ? ksize_uaf+0x5e4/0x6c0 [ 11.970632] __asan_report_load1_noabort+0x18/0x20 [ 11.970655] ksize_uaf+0x5e4/0x6c0 [ 11.970674] ? __pfx_ksize_uaf+0x10/0x10 [ 11.970694] ? __schedule+0x10cc/0x2b60 [ 11.970715] ? __pfx_read_tsc+0x10/0x10 [ 11.970734] ? ktime_get_ts64+0x86/0x230 [ 11.970757] kunit_try_run_case+0x1a5/0x480 [ 11.970779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.970799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.970820] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.970841] ? __kthread_parkme+0x82/0x180 [ 11.970860] ? preempt_count_sub+0x50/0x80 [ 11.970882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.970903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.970924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.970946] kthread+0x337/0x6f0 [ 11.970963] ? trace_preempt_on+0x20/0xc0 [ 11.970984] ? __pfx_kthread+0x10/0x10 [ 11.971003] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.971034] ? calculate_sigpending+0x7b/0xa0 [ 11.971060] ? __pfx_kthread+0x10/0x10 [ 11.971082] ret_from_fork+0x116/0x1d0 [ 11.971098] ? __pfx_kthread+0x10/0x10 [ 11.971117] ret_from_fork_asm+0x1a/0x30 [ 11.971146] </TASK> [ 11.971157] [ 11.980792] Allocated by task 213: [ 11.980987] kasan_save_stack+0x45/0x70 [ 11.981272] kasan_save_track+0x18/0x40 [ 11.981458] kasan_save_alloc_info+0x3b/0x50 [ 11.981606] __kasan_kmalloc+0xb7/0xc0 [ 11.981793] __kmalloc_cache_noprof+0x189/0x420 [ 11.982096] ksize_uaf+0xaa/0x6c0 [ 11.982442] kunit_try_run_case+0x1a5/0x480 [ 11.982638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.982886] kthread+0x337/0x6f0 [ 11.983106] ret_from_fork+0x116/0x1d0 [ 11.983337] ret_from_fork_asm+0x1a/0x30 [ 11.983613] [ 11.983711] Freed by task 213: [ 11.983888] kasan_save_stack+0x45/0x70 [ 11.984153] kasan_save_track+0x18/0x40 [ 11.984304] kasan_save_free_info+0x3f/0x60 [ 11.984448] __kasan_slab_free+0x56/0x70 [ 11.984582] kfree+0x222/0x3f0 [ 11.984705] ksize_uaf+0x12c/0x6c0 [ 11.985020] kunit_try_run_case+0x1a5/0x480 [ 11.985243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.985528] kthread+0x337/0x6f0 [ 11.985647] ret_from_fork+0x116/0x1d0 [ 11.985876] ret_from_fork_asm+0x1a/0x30 [ 11.986240] [ 11.986338] The buggy address belongs to the object at ffff88810312f300 [ 11.986338] which belongs to the cache kmalloc-128 of size 128 [ 11.986852] The buggy address is located 120 bytes inside of [ 11.986852] freed 128-byte region [ffff88810312f300, ffff88810312f380) [ 11.987532] [ 11.987632] The buggy address belongs to the physical page: [ 11.987860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10312f [ 11.988459] flags: 0x200000000000000(node=0|zone=2) [ 11.988831] page_type: f5(slab) [ 11.988999] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.989353] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.989575] page dumped because: kasan: bad access detected [ 11.989851] [ 11.990050] Memory state around the buggy address: [ 11.990523] ffff88810312f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.990845] ffff88810312f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.991238] >ffff88810312f300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.991517] ^ [ 11.991766] ffff88810312f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.992367] ffff88810312f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.992787] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 11.883468] ================================================================== [ 11.884017] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.884478] Read of size 1 at addr ffff88810312f27f by task kunit_try_catch/211 [ 11.884792] [ 11.884886] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.884925] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.884936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.884955] Call Trace: [ 11.884969] <TASK> [ 11.884984] dump_stack_lvl+0x73/0xb0 [ 11.885010] print_report+0xd1/0x650 [ 11.885044] ? __virt_addr_valid+0x1db/0x2d0 [ 11.885065] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.885086] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.885107] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.885129] kasan_report+0x141/0x180 [ 11.885149] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.885175] __asan_report_load1_noabort+0x18/0x20 [ 11.885197] ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.885220] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.885240] ? finish_task_switch.isra.0+0x153/0x700 [ 11.885260] ? __switch_to+0x47/0xf50 [ 11.885283] ? __schedule+0x10cc/0x2b60 [ 11.885303] ? __pfx_read_tsc+0x10/0x10 [ 11.885322] ? ktime_get_ts64+0x86/0x230 [ 11.885344] kunit_try_run_case+0x1a5/0x480 [ 11.885366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.885386] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.885407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.885428] ? __kthread_parkme+0x82/0x180 [ 11.885447] ? preempt_count_sub+0x50/0x80 [ 11.885468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.885490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.885511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.885532] kthread+0x337/0x6f0 [ 11.885550] ? trace_preempt_on+0x20/0xc0 [ 11.885571] ? __pfx_kthread+0x10/0x10 [ 11.885590] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.885609] ? calculate_sigpending+0x7b/0xa0 [ 11.885631] ? __pfx_kthread+0x10/0x10 [ 11.885651] ret_from_fork+0x116/0x1d0 [ 11.885668] ? __pfx_kthread+0x10/0x10 [ 11.885686] ret_from_fork_asm+0x1a/0x30 [ 11.885715] </TASK> [ 11.885725] [ 11.895249] Allocated by task 211: [ 11.895465] kasan_save_stack+0x45/0x70 [ 11.895702] kasan_save_track+0x18/0x40 [ 11.895916] kasan_save_alloc_info+0x3b/0x50 [ 11.896377] __kasan_kmalloc+0xb7/0xc0 [ 11.896605] __kmalloc_cache_noprof+0x189/0x420 [ 11.896833] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.897101] kunit_try_run_case+0x1a5/0x480 [ 11.897337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.897688] kthread+0x337/0x6f0 [ 11.897853] ret_from_fork+0x116/0x1d0 [ 11.898000] ret_from_fork_asm+0x1a/0x30 [ 11.898147] [ 11.898218] The buggy address belongs to the object at ffff88810312f200 [ 11.898218] which belongs to the cache kmalloc-128 of size 128 [ 11.898935] The buggy address is located 12 bytes to the right of [ 11.898935] allocated 115-byte region [ffff88810312f200, ffff88810312f273) [ 11.899628] [ 11.899704] The buggy address belongs to the physical page: [ 11.900005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10312f [ 11.900662] flags: 0x200000000000000(node=0|zone=2) [ 11.900933] page_type: f5(slab) [ 11.901091] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.901563] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.901946] page dumped because: kasan: bad access detected [ 11.902381] [ 11.902486] Memory state around the buggy address: [ 11.902690] ffff88810312f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.903062] ffff88810312f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.903557] >ffff88810312f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.903869] ^ [ 11.904442] ffff88810312f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.904683] ffff88810312f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.904992] ================================================================== [ 11.857599] ================================================================== [ 11.857925] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.858394] Read of size 1 at addr ffff88810312f278 by task kunit_try_catch/211 [ 11.858776] [ 11.858924] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.858964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.858975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.858994] Call Trace: [ 11.859007] <TASK> [ 11.859021] dump_stack_lvl+0x73/0xb0 [ 11.859189] print_report+0xd1/0x650 [ 11.859231] ? __virt_addr_valid+0x1db/0x2d0 [ 11.859264] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.859286] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.859307] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.859328] kasan_report+0x141/0x180 [ 11.859349] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.859375] __asan_report_load1_noabort+0x18/0x20 [ 11.859398] ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.859420] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.859441] ? finish_task_switch.isra.0+0x153/0x700 [ 11.859488] ? __switch_to+0x47/0xf50 [ 11.859511] ? __schedule+0x10cc/0x2b60 [ 11.859532] ? __pfx_read_tsc+0x10/0x10 [ 11.859562] ? ktime_get_ts64+0x86/0x230 [ 11.859584] kunit_try_run_case+0x1a5/0x480 [ 11.859634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.859655] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.859676] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.859708] ? __kthread_parkme+0x82/0x180 [ 11.859727] ? preempt_count_sub+0x50/0x80 [ 11.859750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.859773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.859796] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.859818] kthread+0x337/0x6f0 [ 11.859836] ? trace_preempt_on+0x20/0xc0 [ 11.859858] ? __pfx_kthread+0x10/0x10 [ 11.859878] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.859898] ? calculate_sigpending+0x7b/0xa0 [ 11.859920] ? __pfx_kthread+0x10/0x10 [ 11.859940] ret_from_fork+0x116/0x1d0 [ 11.859957] ? __pfx_kthread+0x10/0x10 [ 11.859977] ret_from_fork_asm+0x1a/0x30 [ 11.860006] </TASK> [ 11.860017] [ 11.870567] Allocated by task 211: [ 11.870760] kasan_save_stack+0x45/0x70 [ 11.871011] kasan_save_track+0x18/0x40 [ 11.871222] kasan_save_alloc_info+0x3b/0x50 [ 11.871672] __kasan_kmalloc+0xb7/0xc0 [ 11.871905] __kmalloc_cache_noprof+0x189/0x420 [ 11.872200] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.872363] kunit_try_run_case+0x1a5/0x480 [ 11.872650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.872955] kthread+0x337/0x6f0 [ 11.873088] ret_from_fork+0x116/0x1d0 [ 11.873309] ret_from_fork_asm+0x1a/0x30 [ 11.873696] [ 11.873773] The buggy address belongs to the object at ffff88810312f200 [ 11.873773] which belongs to the cache kmalloc-128 of size 128 [ 11.874681] The buggy address is located 5 bytes to the right of [ 11.874681] allocated 115-byte region [ffff88810312f200, ffff88810312f273) [ 11.875784] [ 11.876220] The buggy address belongs to the physical page: [ 11.876465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10312f [ 11.876857] flags: 0x200000000000000(node=0|zone=2) [ 11.877518] page_type: f5(slab) [ 11.877676] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.878009] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.878601] page dumped because: kasan: bad access detected [ 11.878944] [ 11.879203] Memory state around the buggy address: [ 11.879723] ffff88810312f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.880002] ffff88810312f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.880519] >ffff88810312f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.881042] ^ [ 11.881509] ffff88810312f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.881952] ffff88810312f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.882519] ================================================================== [ 11.837567] ================================================================== [ 11.838060] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 11.838381] Read of size 1 at addr ffff88810312f273 by task kunit_try_catch/211 [ 11.838762] [ 11.838911] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.838969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.838980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.839001] Call Trace: [ 11.839013] <TASK> [ 11.839045] dump_stack_lvl+0x73/0xb0 [ 11.839074] print_report+0xd1/0x650 [ 11.839096] ? __virt_addr_valid+0x1db/0x2d0 [ 11.839126] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.839173] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.839194] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.839215] kasan_report+0x141/0x180 [ 11.839236] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.839263] __asan_report_load1_noabort+0x18/0x20 [ 11.839285] ksize_unpoisons_memory+0x81c/0x9b0 [ 11.839308] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.839329] ? finish_task_switch.isra.0+0x153/0x700 [ 11.839351] ? __switch_to+0x47/0xf50 [ 11.839376] ? __schedule+0x10cc/0x2b60 [ 11.839397] ? __pfx_read_tsc+0x10/0x10 [ 11.839417] ? ktime_get_ts64+0x86/0x230 [ 11.839440] kunit_try_run_case+0x1a5/0x480 [ 11.839476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.839499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.839525] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.839557] ? __kthread_parkme+0x82/0x180 [ 11.839577] ? preempt_count_sub+0x50/0x80 [ 11.839684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.839713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.839748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.839772] kthread+0x337/0x6f0 [ 11.839791] ? trace_preempt_on+0x20/0xc0 [ 11.839814] ? __pfx_kthread+0x10/0x10 [ 11.839833] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.839853] ? calculate_sigpending+0x7b/0xa0 [ 11.839877] ? __pfx_kthread+0x10/0x10 [ 11.839897] ret_from_fork+0x116/0x1d0 [ 11.839914] ? __pfx_kthread+0x10/0x10 [ 11.839933] ret_from_fork_asm+0x1a/0x30 [ 11.839962] </TASK> [ 11.839973] [ 11.848344] Allocated by task 211: [ 11.848551] kasan_save_stack+0x45/0x70 [ 11.848757] kasan_save_track+0x18/0x40 [ 11.848914] kasan_save_alloc_info+0x3b/0x50 [ 11.849197] __kasan_kmalloc+0xb7/0xc0 [ 11.849431] __kmalloc_cache_noprof+0x189/0x420 [ 11.849664] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.849816] kunit_try_run_case+0x1a5/0x480 [ 11.849976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.850408] kthread+0x337/0x6f0 [ 11.850586] ret_from_fork+0x116/0x1d0 [ 11.850772] ret_from_fork_asm+0x1a/0x30 [ 11.850923] [ 11.850995] The buggy address belongs to the object at ffff88810312f200 [ 11.850995] which belongs to the cache kmalloc-128 of size 128 [ 11.851714] The buggy address is located 0 bytes to the right of [ 11.851714] allocated 115-byte region [ffff88810312f200, ffff88810312f273) [ 11.852523] [ 11.852661] The buggy address belongs to the physical page: [ 11.852895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10312f [ 11.853282] flags: 0x200000000000000(node=0|zone=2) [ 11.853519] page_type: f5(slab) [ 11.853686] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.853954] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.854272] page dumped because: kasan: bad access detected [ 11.854512] [ 11.854606] Memory state around the buggy address: [ 11.854806] ffff88810312f100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.855265] ffff88810312f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.855477] >ffff88810312f200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.855745] ^ [ 11.856323] ffff88810312f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.856693] ffff88810312f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.856961] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 11.810534] ================================================================== [ 11.810899] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 11.811271] Free of addr ffff8881027a10e0 by task kunit_try_catch/209 [ 11.811517] [ 11.811650] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.811705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.811716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.811749] Call Trace: [ 11.811759] <TASK> [ 11.811774] dump_stack_lvl+0x73/0xb0 [ 11.811800] print_report+0xd1/0x650 [ 11.811821] ? __virt_addr_valid+0x1db/0x2d0 [ 11.811843] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.811863] ? kfree_sensitive+0x2e/0x90 [ 11.811883] kasan_report_invalid_free+0x10a/0x130 [ 11.811905] ? kfree_sensitive+0x2e/0x90 [ 11.811926] ? kfree_sensitive+0x2e/0x90 [ 11.811944] check_slab_allocation+0x101/0x130 [ 11.811964] __kasan_slab_pre_free+0x28/0x40 [ 11.811984] kfree+0xf0/0x3f0 [ 11.812004] ? kfree_sensitive+0x2e/0x90 [ 11.812116] kfree_sensitive+0x2e/0x90 [ 11.812143] kmalloc_double_kzfree+0x19c/0x350 [ 11.812165] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.812187] ? __schedule+0x10cc/0x2b60 [ 11.812225] ? __pfx_read_tsc+0x10/0x10 [ 11.812245] ? ktime_get_ts64+0x86/0x230 [ 11.812285] kunit_try_run_case+0x1a5/0x480 [ 11.812309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.812329] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.812351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.812372] ? __kthread_parkme+0x82/0x180 [ 11.812390] ? preempt_count_sub+0x50/0x80 [ 11.812412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.812434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.812455] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.812476] kthread+0x337/0x6f0 [ 11.812494] ? trace_preempt_on+0x20/0xc0 [ 11.812516] ? __pfx_kthread+0x10/0x10 [ 11.812535] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.812554] ? calculate_sigpending+0x7b/0xa0 [ 11.812576] ? __pfx_kthread+0x10/0x10 [ 11.812596] ret_from_fork+0x116/0x1d0 [ 11.812613] ? __pfx_kthread+0x10/0x10 [ 11.812632] ret_from_fork_asm+0x1a/0x30 [ 11.812660] </TASK> [ 11.812670] [ 11.821547] Allocated by task 209: [ 11.821751] kasan_save_stack+0x45/0x70 [ 11.821986] kasan_save_track+0x18/0x40 [ 11.822335] kasan_save_alloc_info+0x3b/0x50 [ 11.822526] __kasan_kmalloc+0xb7/0xc0 [ 11.822729] __kmalloc_cache_noprof+0x189/0x420 [ 11.822973] kmalloc_double_kzfree+0xa9/0x350 [ 11.823345] kunit_try_run_case+0x1a5/0x480 [ 11.823556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.823730] kthread+0x337/0x6f0 [ 11.823861] ret_from_fork+0x116/0x1d0 [ 11.824060] ret_from_fork_asm+0x1a/0x30 [ 11.824257] [ 11.824350] Freed by task 209: [ 11.824501] kasan_save_stack+0x45/0x70 [ 11.824651] kasan_save_track+0x18/0x40 [ 11.824842] kasan_save_free_info+0x3f/0x60 [ 11.825164] __kasan_slab_free+0x56/0x70 [ 11.825338] kfree+0x222/0x3f0 [ 11.825478] kfree_sensitive+0x67/0x90 [ 11.825629] kmalloc_double_kzfree+0x12b/0x350 [ 11.825833] kunit_try_run_case+0x1a5/0x480 [ 11.826124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.826463] kthread+0x337/0x6f0 [ 11.826673] ret_from_fork+0x116/0x1d0 [ 11.826941] ret_from_fork_asm+0x1a/0x30 [ 11.827402] [ 11.827482] The buggy address belongs to the object at ffff8881027a10e0 [ 11.827482] which belongs to the cache kmalloc-16 of size 16 [ 11.827935] The buggy address is located 0 bytes inside of [ 11.827935] 16-byte region [ffff8881027a10e0, ffff8881027a10f0) [ 11.828519] [ 11.828659] The buggy address belongs to the physical page: [ 11.828911] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 11.829376] flags: 0x200000000000000(node=0|zone=2) [ 11.829626] page_type: f5(slab) [ 11.829842] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.830317] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.830699] page dumped because: kasan: bad access detected [ 11.830963] [ 11.831179] Memory state around the buggy address: [ 11.831415] ffff8881027a0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.831735] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 11.832274] >ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.832599] ^ [ 11.832902] ffff8881027a1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.833328] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.833614] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 11.786980] ================================================================== [ 11.787881] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 11.788286] Read of size 1 at addr ffff8881027a10e0 by task kunit_try_catch/209 [ 11.788772] [ 11.788897] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.788958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.788970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.789003] Call Trace: [ 11.789017] <TASK> [ 11.789092] dump_stack_lvl+0x73/0xb0 [ 11.789124] print_report+0xd1/0x650 [ 11.789164] ? __virt_addr_valid+0x1db/0x2d0 [ 11.789186] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.789208] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.789228] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.789250] kasan_report+0x141/0x180 [ 11.789270] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.789294] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.789316] __kasan_check_byte+0x3d/0x50 [ 11.789336] kfree_sensitive+0x22/0x90 [ 11.789358] kmalloc_double_kzfree+0x19c/0x350 [ 11.789379] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.789401] ? __schedule+0x10cc/0x2b60 [ 11.789421] ? __pfx_read_tsc+0x10/0x10 [ 11.789461] ? ktime_get_ts64+0x86/0x230 [ 11.789497] kunit_try_run_case+0x1a5/0x480 [ 11.789521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.789555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.789590] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.789612] ? __kthread_parkme+0x82/0x180 [ 11.789630] ? preempt_count_sub+0x50/0x80 [ 11.789652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.789674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.789695] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.789716] kthread+0x337/0x6f0 [ 11.789734] ? trace_preempt_on+0x20/0xc0 [ 11.789756] ? __pfx_kthread+0x10/0x10 [ 11.789775] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.789794] ? calculate_sigpending+0x7b/0xa0 [ 11.789816] ? __pfx_kthread+0x10/0x10 [ 11.789835] ret_from_fork+0x116/0x1d0 [ 11.789852] ? __pfx_kthread+0x10/0x10 [ 11.789871] ret_from_fork_asm+0x1a/0x30 [ 11.789900] </TASK> [ 11.789911] [ 11.798409] Allocated by task 209: [ 11.798574] kasan_save_stack+0x45/0x70 [ 11.798774] kasan_save_track+0x18/0x40 [ 11.798985] kasan_save_alloc_info+0x3b/0x50 [ 11.799302] __kasan_kmalloc+0xb7/0xc0 [ 11.799499] __kmalloc_cache_noprof+0x189/0x420 [ 11.799728] kmalloc_double_kzfree+0xa9/0x350 [ 11.799939] kunit_try_run_case+0x1a5/0x480 [ 11.800131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.800303] kthread+0x337/0x6f0 [ 11.800459] ret_from_fork+0x116/0x1d0 [ 11.800638] ret_from_fork_asm+0x1a/0x30 [ 11.800832] [ 11.800904] Freed by task 209: [ 11.801015] kasan_save_stack+0x45/0x70 [ 11.801321] kasan_save_track+0x18/0x40 [ 11.801541] kasan_save_free_info+0x3f/0x60 [ 11.801747] __kasan_slab_free+0x56/0x70 [ 11.801883] kfree+0x222/0x3f0 [ 11.802004] kfree_sensitive+0x67/0x90 [ 11.802440] kmalloc_double_kzfree+0x12b/0x350 [ 11.802721] kunit_try_run_case+0x1a5/0x480 [ 11.802960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.803337] kthread+0x337/0x6f0 [ 11.803506] ret_from_fork+0x116/0x1d0 [ 11.803637] ret_from_fork_asm+0x1a/0x30 [ 11.803775] [ 11.803847] The buggy address belongs to the object at ffff8881027a10e0 [ 11.803847] which belongs to the cache kmalloc-16 of size 16 [ 11.804531] The buggy address is located 0 bytes inside of [ 11.804531] freed 16-byte region [ffff8881027a10e0, ffff8881027a10f0) [ 11.805199] [ 11.805319] The buggy address belongs to the physical page: [ 11.805524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 11.805819] flags: 0x200000000000000(node=0|zone=2) [ 11.806184] page_type: f5(slab) [ 11.806359] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.806697] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.807244] page dumped because: kasan: bad access detected [ 11.807539] [ 11.807636] Memory state around the buggy address: [ 11.807862] ffff8881027a0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.808296] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 11.808619] >ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.808929] ^ [ 11.809304] ffff8881027a1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.809619] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.809872] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 11.756923] ================================================================== [ 11.757691] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 11.757956] Read of size 1 at addr ffff88810310c0a8 by task kunit_try_catch/205 [ 11.758235] [ 11.758361] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.758404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.758478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.758499] Call Trace: [ 11.758510] <TASK> [ 11.758525] dump_stack_lvl+0x73/0xb0 [ 11.758552] print_report+0xd1/0x650 [ 11.758574] ? __virt_addr_valid+0x1db/0x2d0 [ 11.758596] ? kmalloc_uaf2+0x4a8/0x520 [ 11.758615] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.758639] ? kmalloc_uaf2+0x4a8/0x520 [ 11.758660] kasan_report+0x141/0x180 [ 11.758680] ? kmalloc_uaf2+0x4a8/0x520 [ 11.758704] __asan_report_load1_noabort+0x18/0x20 [ 11.758727] kmalloc_uaf2+0x4a8/0x520 [ 11.758746] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.758765] ? finish_task_switch.isra.0+0x153/0x700 [ 11.758785] ? __switch_to+0x47/0xf50 [ 11.758834] ? __schedule+0x10cc/0x2b60 [ 11.758868] ? __pfx_read_tsc+0x10/0x10 [ 11.758890] ? ktime_get_ts64+0x86/0x230 [ 11.758912] kunit_try_run_case+0x1a5/0x480 [ 11.758935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.758955] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.758977] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.758998] ? __kthread_parkme+0x82/0x180 [ 11.759016] ? preempt_count_sub+0x50/0x80 [ 11.759060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.759082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.759104] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.759125] kthread+0x337/0x6f0 [ 11.759143] ? trace_preempt_on+0x20/0xc0 [ 11.759164] ? __pfx_kthread+0x10/0x10 [ 11.759184] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.759203] ? calculate_sigpending+0x7b/0xa0 [ 11.759225] ? __pfx_kthread+0x10/0x10 [ 11.759245] ret_from_fork+0x116/0x1d0 [ 11.759262] ? __pfx_kthread+0x10/0x10 [ 11.759281] ret_from_fork_asm+0x1a/0x30 [ 11.759374] </TASK> [ 11.759386] [ 11.767508] Allocated by task 205: [ 11.767770] kasan_save_stack+0x45/0x70 [ 11.767996] kasan_save_track+0x18/0x40 [ 11.768342] kasan_save_alloc_info+0x3b/0x50 [ 11.768759] __kasan_kmalloc+0xb7/0xc0 [ 11.769100] __kmalloc_cache_noprof+0x189/0x420 [ 11.769395] kmalloc_uaf2+0xc6/0x520 [ 11.769584] kunit_try_run_case+0x1a5/0x480 [ 11.769730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.769913] kthread+0x337/0x6f0 [ 11.770113] ret_from_fork+0x116/0x1d0 [ 11.770393] ret_from_fork_asm+0x1a/0x30 [ 11.770624] [ 11.770735] Freed by task 205: [ 11.770910] kasan_save_stack+0x45/0x70 [ 11.771208] kasan_save_track+0x18/0x40 [ 11.771378] kasan_save_free_info+0x3f/0x60 [ 11.771529] __kasan_slab_free+0x56/0x70 [ 11.771746] kfree+0x222/0x3f0 [ 11.771926] kmalloc_uaf2+0x14c/0x520 [ 11.772265] kunit_try_run_case+0x1a5/0x480 [ 11.772458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.772730] kthread+0x337/0x6f0 [ 11.772912] ret_from_fork+0x116/0x1d0 [ 11.773157] ret_from_fork_asm+0x1a/0x30 [ 11.773477] [ 11.773607] The buggy address belongs to the object at ffff88810310c080 [ 11.773607] which belongs to the cache kmalloc-64 of size 64 [ 11.774116] The buggy address is located 40 bytes inside of [ 11.774116] freed 64-byte region [ffff88810310c080, ffff88810310c0c0) [ 11.774791] [ 11.774887] The buggy address belongs to the physical page: [ 11.775086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10310c [ 11.775511] flags: 0x200000000000000(node=0|zone=2) [ 11.775759] page_type: f5(slab) [ 11.775919] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.776383] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.776752] page dumped because: kasan: bad access detected [ 11.777003] [ 11.777106] Memory state around the buggy address: [ 11.777322] ffff88810310bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.777634] ffff88810310c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.777891] >ffff88810310c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.778122] ^ [ 11.778490] ffff88810310c100: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 11.778814] ffff88810310c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.779325] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 11.726253] ================================================================== [ 11.726765] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 11.726999] Write of size 33 at addr ffff88810310c000 by task kunit_try_catch/203 [ 11.728795] [ 11.729307] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.729564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.729577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.729598] Call Trace: [ 11.729611] <TASK> [ 11.729628] dump_stack_lvl+0x73/0xb0 [ 11.729657] print_report+0xd1/0x650 [ 11.729679] ? __virt_addr_valid+0x1db/0x2d0 [ 11.729700] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.729719] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.729740] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.729760] kasan_report+0x141/0x180 [ 11.729781] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.729805] kasan_check_range+0x10c/0x1c0 [ 11.729827] __asan_memset+0x27/0x50 [ 11.729845] kmalloc_uaf_memset+0x1a3/0x360 [ 11.729864] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 11.729885] ? __schedule+0x10cc/0x2b60 [ 11.729907] ? __pfx_read_tsc+0x10/0x10 [ 11.729927] ? ktime_get_ts64+0x86/0x230 [ 11.729949] kunit_try_run_case+0x1a5/0x480 [ 11.729973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.729993] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.730015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.730050] ? __kthread_parkme+0x82/0x180 [ 11.730070] ? preempt_count_sub+0x50/0x80 [ 11.730093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.730115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.730136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.730157] kthread+0x337/0x6f0 [ 11.730175] ? trace_preempt_on+0x20/0xc0 [ 11.730197] ? __pfx_kthread+0x10/0x10 [ 11.730216] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.730235] ? calculate_sigpending+0x7b/0xa0 [ 11.730257] ? __pfx_kthread+0x10/0x10 [ 11.730277] ret_from_fork+0x116/0x1d0 [ 11.730293] ? __pfx_kthread+0x10/0x10 [ 11.730312] ret_from_fork_asm+0x1a/0x30 [ 11.730341] </TASK> [ 11.730352] [ 11.740828] Allocated by task 203: [ 11.741185] kasan_save_stack+0x45/0x70 [ 11.741366] kasan_save_track+0x18/0x40 [ 11.741679] kasan_save_alloc_info+0x3b/0x50 [ 11.741854] __kasan_kmalloc+0xb7/0xc0 [ 11.742051] __kmalloc_cache_noprof+0x189/0x420 [ 11.742444] kmalloc_uaf_memset+0xa9/0x360 [ 11.742667] kunit_try_run_case+0x1a5/0x480 [ 11.742878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.743308] kthread+0x337/0x6f0 [ 11.743485] ret_from_fork+0x116/0x1d0 [ 11.743627] ret_from_fork_asm+0x1a/0x30 [ 11.743823] [ 11.743951] Freed by task 203: [ 11.744216] kasan_save_stack+0x45/0x70 [ 11.744407] kasan_save_track+0x18/0x40 [ 11.744660] kasan_save_free_info+0x3f/0x60 [ 11.744876] __kasan_slab_free+0x56/0x70 [ 11.745070] kfree+0x222/0x3f0 [ 11.745256] kmalloc_uaf_memset+0x12b/0x360 [ 11.745448] kunit_try_run_case+0x1a5/0x480 [ 11.745608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.745862] kthread+0x337/0x6f0 [ 11.746036] ret_from_fork+0x116/0x1d0 [ 11.746209] ret_from_fork_asm+0x1a/0x30 [ 11.746467] [ 11.746567] The buggy address belongs to the object at ffff88810310c000 [ 11.746567] which belongs to the cache kmalloc-64 of size 64 [ 11.746959] The buggy address is located 0 bytes inside of [ 11.746959] freed 64-byte region [ffff88810310c000, ffff88810310c040) [ 11.747436] [ 11.747575] The buggy address belongs to the physical page: [ 11.747943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10310c [ 11.748591] flags: 0x200000000000000(node=0|zone=2) [ 11.748827] page_type: f5(slab) [ 11.748987] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.749396] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.749745] page dumped because: kasan: bad access detected [ 11.750215] [ 11.750429] Memory state around the buggy address: [ 11.751005] ffff88810310bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.751439] ffff88810310bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.751765] >ffff88810310c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.752379] ^ [ 11.752502] ffff88810310c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.752895] ffff88810310c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.753998] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 11.693790] ================================================================== [ 11.694346] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 11.694609] Read of size 1 at addr ffff8881027a10c8 by task kunit_try_catch/201 [ 11.694905] [ 11.695019] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.695073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.695085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.695106] Call Trace: [ 11.695118] <TASK> [ 11.695132] dump_stack_lvl+0x73/0xb0 [ 11.695160] print_report+0xd1/0x650 [ 11.695182] ? __virt_addr_valid+0x1db/0x2d0 [ 11.695204] ? kmalloc_uaf+0x320/0x380 [ 11.695223] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.695243] ? kmalloc_uaf+0x320/0x380 [ 11.695262] kasan_report+0x141/0x180 [ 11.695282] ? kmalloc_uaf+0x320/0x380 [ 11.695306] __asan_report_load1_noabort+0x18/0x20 [ 11.695329] kmalloc_uaf+0x320/0x380 [ 11.695347] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.695367] ? __schedule+0x10cc/0x2b60 [ 11.695387] ? __pfx_read_tsc+0x10/0x10 [ 11.695407] ? ktime_get_ts64+0x86/0x230 [ 11.695431] kunit_try_run_case+0x1a5/0x480 [ 11.695453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.695474] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.695495] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.695516] ? __kthread_parkme+0x82/0x180 [ 11.695535] ? preempt_count_sub+0x50/0x80 [ 11.695558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.695579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.695600] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.695622] kthread+0x337/0x6f0 [ 11.695657] ? trace_preempt_on+0x20/0xc0 [ 11.695679] ? __pfx_kthread+0x10/0x10 [ 11.695698] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.695718] ? calculate_sigpending+0x7b/0xa0 [ 11.695739] ? __pfx_kthread+0x10/0x10 [ 11.695760] ret_from_fork+0x116/0x1d0 [ 11.695776] ? __pfx_kthread+0x10/0x10 [ 11.695796] ret_from_fork_asm+0x1a/0x30 [ 11.695825] </TASK> [ 11.695835] [ 11.702529] Allocated by task 201: [ 11.702713] kasan_save_stack+0x45/0x70 [ 11.702882] kasan_save_track+0x18/0x40 [ 11.705125] kasan_save_alloc_info+0x3b/0x50 [ 11.705370] __kasan_kmalloc+0xb7/0xc0 [ 11.705545] __kmalloc_cache_noprof+0x189/0x420 [ 11.705731] kmalloc_uaf+0xaa/0x380 [ 11.705858] kunit_try_run_case+0x1a5/0x480 [ 11.706073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.706421] kthread+0x337/0x6f0 [ 11.706543] ret_from_fork+0x116/0x1d0 [ 11.706730] ret_from_fork_asm+0x1a/0x30 [ 11.706927] [ 11.707021] Freed by task 201: [ 11.708057] kasan_save_stack+0x45/0x70 [ 11.710165] kasan_save_track+0x18/0x40 [ 11.710343] kasan_save_free_info+0x3f/0x60 [ 11.710490] __kasan_slab_free+0x56/0x70 [ 11.710685] kfree+0x222/0x3f0 [ 11.710821] kmalloc_uaf+0x12c/0x380 [ 11.710979] kunit_try_run_case+0x1a5/0x480 [ 11.711195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.711471] kthread+0x337/0x6f0 [ 11.711639] ret_from_fork+0x116/0x1d0 [ 11.711803] ret_from_fork_asm+0x1a/0x30 [ 11.711968] [ 11.712073] The buggy address belongs to the object at ffff8881027a10c0 [ 11.712073] which belongs to the cache kmalloc-16 of size 16 [ 11.712459] The buggy address is located 8 bytes inside of [ 11.712459] freed 16-byte region [ffff8881027a10c0, ffff8881027a10d0) [ 11.714069] [ 11.714165] The buggy address belongs to the physical page: [ 11.714390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 11.714690] flags: 0x200000000000000(node=0|zone=2) [ 11.714898] page_type: f5(slab) [ 11.715059] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.715356] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.715652] page dumped because: kasan: bad access detected [ 11.715865] [ 11.715953] Memory state around the buggy address: [ 11.717206] ffff8881027a0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.717988] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 11.720085] >ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.721342] ^ [ 11.721565] ffff8881027a1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.721857] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.722166] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 11.670145] ================================================================== [ 11.670635] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.670948] Read of size 64 at addr ffff888103105e04 by task kunit_try_catch/199 [ 11.671261] [ 11.671539] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.671586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.671598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.671617] Call Trace: [ 11.671628] <TASK> [ 11.671642] dump_stack_lvl+0x73/0xb0 [ 11.671670] print_report+0xd1/0x650 [ 11.671692] ? __virt_addr_valid+0x1db/0x2d0 [ 11.671714] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.671739] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.671761] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.671784] kasan_report+0x141/0x180 [ 11.671804] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.671832] kasan_check_range+0x10c/0x1c0 [ 11.671854] __asan_memmove+0x27/0x70 [ 11.671873] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.671896] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.671919] ? __schedule+0x10cc/0x2b60 [ 11.671940] ? __pfx_read_tsc+0x10/0x10 [ 11.671961] ? ktime_get_ts64+0x86/0x230 [ 11.671984] kunit_try_run_case+0x1a5/0x480 [ 11.672008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.672043] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.672178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.672202] ? __kthread_parkme+0x82/0x180 [ 11.672221] ? preempt_count_sub+0x50/0x80 [ 11.672243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.672265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.672286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.672308] kthread+0x337/0x6f0 [ 11.672326] ? trace_preempt_on+0x20/0xc0 [ 11.672347] ? __pfx_kthread+0x10/0x10 [ 11.672366] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.672386] ? calculate_sigpending+0x7b/0xa0 [ 11.672408] ? __pfx_kthread+0x10/0x10 [ 11.672428] ret_from_fork+0x116/0x1d0 [ 11.672445] ? __pfx_kthread+0x10/0x10 [ 11.672464] ret_from_fork_asm+0x1a/0x30 [ 11.672493] </TASK> [ 11.672503] [ 11.679989] Allocated by task 199: [ 11.680146] kasan_save_stack+0x45/0x70 [ 11.680355] kasan_save_track+0x18/0x40 [ 11.680652] kasan_save_alloc_info+0x3b/0x50 [ 11.680806] __kasan_kmalloc+0xb7/0xc0 [ 11.680978] __kmalloc_cache_noprof+0x189/0x420 [ 11.681206] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.681514] kunit_try_run_case+0x1a5/0x480 [ 11.681706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.681906] kthread+0x337/0x6f0 [ 11.682034] ret_from_fork+0x116/0x1d0 [ 11.682164] ret_from_fork_asm+0x1a/0x30 [ 11.682299] [ 11.682393] The buggy address belongs to the object at ffff888103105e00 [ 11.682393] which belongs to the cache kmalloc-64 of size 64 [ 11.682921] The buggy address is located 4 bytes inside of [ 11.682921] allocated 64-byte region [ffff888103105e00, ffff888103105e40) [ 11.683560] [ 11.683629] The buggy address belongs to the physical page: [ 11.683926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103105 [ 11.684691] flags: 0x200000000000000(node=0|zone=2) [ 11.684859] page_type: f5(slab) [ 11.684977] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.685215] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.685812] page dumped because: kasan: bad access detected [ 11.686083] [ 11.686180] Memory state around the buggy address: [ 11.686530] ffff888103105d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.686810] ffff888103105d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.687260] >ffff888103105e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.687523] ^ [ 11.687767] ffff888103105e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.688119] ffff888103105f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.688564] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 11.640164] ================================================================== [ 11.640984] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.641443] Read of size 18446744073709551614 at addr ffff888103908004 by task kunit_try_catch/197 [ 11.641753] [ 11.641841] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.641884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.641895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.641914] Call Trace: [ 11.641925] <TASK> [ 11.641938] dump_stack_lvl+0x73/0xb0 [ 11.641965] print_report+0xd1/0x650 [ 11.641987] ? __virt_addr_valid+0x1db/0x2d0 [ 11.642007] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.642047] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.642067] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.642106] kasan_report+0x141/0x180 [ 11.642129] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.642157] kasan_check_range+0x10c/0x1c0 [ 11.642179] __asan_memmove+0x27/0x70 [ 11.642198] kmalloc_memmove_negative_size+0x171/0x330 [ 11.642221] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.642246] ? __schedule+0x10cc/0x2b60 [ 11.642267] ? __pfx_read_tsc+0x10/0x10 [ 11.642286] ? ktime_get_ts64+0x86/0x230 [ 11.642307] kunit_try_run_case+0x1a5/0x480 [ 11.642329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.642350] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.642372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.642393] ? __kthread_parkme+0x82/0x180 [ 11.642412] ? preempt_count_sub+0x50/0x80 [ 11.642434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.642456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.642477] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.642499] kthread+0x337/0x6f0 [ 11.642516] ? trace_preempt_on+0x20/0xc0 [ 11.642537] ? __pfx_kthread+0x10/0x10 [ 11.642556] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.642576] ? calculate_sigpending+0x7b/0xa0 [ 11.642597] ? __pfx_kthread+0x10/0x10 [ 11.642617] ret_from_fork+0x116/0x1d0 [ 11.642634] ? __pfx_kthread+0x10/0x10 [ 11.642653] ret_from_fork_asm+0x1a/0x30 [ 11.642682] </TASK> [ 11.642692] [ 11.654903] Allocated by task 197: [ 11.655305] kasan_save_stack+0x45/0x70 [ 11.655654] kasan_save_track+0x18/0x40 [ 11.656000] kasan_save_alloc_info+0x3b/0x50 [ 11.656487] __kasan_kmalloc+0xb7/0xc0 [ 11.656631] __kmalloc_cache_noprof+0x189/0x420 [ 11.656787] kmalloc_memmove_negative_size+0xac/0x330 [ 11.656952] kunit_try_run_case+0x1a5/0x480 [ 11.657278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.657797] kthread+0x337/0x6f0 [ 11.658103] ret_from_fork+0x116/0x1d0 [ 11.658542] ret_from_fork_asm+0x1a/0x30 [ 11.659006] [ 11.659196] The buggy address belongs to the object at ffff888103908000 [ 11.659196] which belongs to the cache kmalloc-64 of size 64 [ 11.660401] The buggy address is located 4 bytes inside of [ 11.660401] 64-byte region [ffff888103908000, ffff888103908040) [ 11.661478] [ 11.661579] The buggy address belongs to the physical page: [ 11.661751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103908 [ 11.661991] flags: 0x200000000000000(node=0|zone=2) [ 11.662181] page_type: f5(slab) [ 11.662439] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.662721] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.663095] page dumped because: kasan: bad access detected [ 11.663396] [ 11.663468] Memory state around the buggy address: [ 11.663660] ffff888103907f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.663942] ffff888103907f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.664322] >ffff888103908000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.664549] ^ [ 11.664714] ffff888103908080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.665096] ffff888103908100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.665392] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 11.614336] ================================================================== [ 11.614963] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.615590] Write of size 16 at addr ffff8881030fbb69 by task kunit_try_catch/195 [ 11.615937] [ 11.616063] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.616106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.616118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.616157] Call Trace: [ 11.616169] <TASK> [ 11.616182] dump_stack_lvl+0x73/0xb0 [ 11.616212] print_report+0xd1/0x650 [ 11.616235] ? __virt_addr_valid+0x1db/0x2d0 [ 11.616273] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.616295] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.616316] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.616337] kasan_report+0x141/0x180 [ 11.616376] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.616402] kasan_check_range+0x10c/0x1c0 [ 11.616425] __asan_memset+0x27/0x50 [ 11.616443] kmalloc_oob_memset_16+0x166/0x330 [ 11.616482] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.616504] ? __schedule+0x10cc/0x2b60 [ 11.616524] ? __pfx_read_tsc+0x10/0x10 [ 11.616544] ? ktime_get_ts64+0x86/0x230 [ 11.616567] kunit_try_run_case+0x1a5/0x480 [ 11.616591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.616612] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.616633] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.616654] ? __kthread_parkme+0x82/0x180 [ 11.616673] ? preempt_count_sub+0x50/0x80 [ 11.616695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.616717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.616738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.616760] kthread+0x337/0x6f0 [ 11.616778] ? trace_preempt_on+0x20/0xc0 [ 11.616800] ? __pfx_kthread+0x10/0x10 [ 11.616819] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.616839] ? calculate_sigpending+0x7b/0xa0 [ 11.616861] ? __pfx_kthread+0x10/0x10 [ 11.616881] ret_from_fork+0x116/0x1d0 [ 11.616898] ? __pfx_kthread+0x10/0x10 [ 11.616917] ret_from_fork_asm+0x1a/0x30 [ 11.616946] </TASK> [ 11.616956] [ 11.625669] Allocated by task 195: [ 11.625859] kasan_save_stack+0x45/0x70 [ 11.626168] kasan_save_track+0x18/0x40 [ 11.626367] kasan_save_alloc_info+0x3b/0x50 [ 11.626577] __kasan_kmalloc+0xb7/0xc0 [ 11.626762] __kmalloc_cache_noprof+0x189/0x420 [ 11.626978] kmalloc_oob_memset_16+0xac/0x330 [ 11.627306] kunit_try_run_case+0x1a5/0x480 [ 11.627690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.627985] kthread+0x337/0x6f0 [ 11.628194] ret_from_fork+0x116/0x1d0 [ 11.628474] ret_from_fork_asm+0x1a/0x30 [ 11.628621] [ 11.628746] The buggy address belongs to the object at ffff8881030fbb00 [ 11.628746] which belongs to the cache kmalloc-128 of size 128 [ 11.629266] The buggy address is located 105 bytes inside of [ 11.629266] allocated 120-byte region [ffff8881030fbb00, ffff8881030fbb78) [ 11.629833] [ 11.629909] The buggy address belongs to the physical page: [ 11.630093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030fb [ 11.630731] flags: 0x200000000000000(node=0|zone=2) [ 11.630999] page_type: f5(slab) [ 11.631433] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.631710] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.632209] page dumped because: kasan: bad access detected [ 11.632470] [ 11.632568] Memory state around the buggy address: [ 11.632789] ffff8881030fba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.633168] ffff8881030fba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.633499] >ffff8881030fbb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.633838] ^ [ 11.634168] ffff8881030fbb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.634473] ffff8881030fbc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.634693] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 11.588581] ================================================================== [ 11.589093] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.589603] Write of size 8 at addr ffff88810312f171 by task kunit_try_catch/193 [ 11.589966] [ 11.590091] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.590158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.590184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.590204] Call Trace: [ 11.590232] <TASK> [ 11.590247] dump_stack_lvl+0x73/0xb0 [ 11.590276] print_report+0xd1/0x650 [ 11.590298] ? __virt_addr_valid+0x1db/0x2d0 [ 11.590319] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.590416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.590460] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.590482] kasan_report+0x141/0x180 [ 11.590503] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.590528] kasan_check_range+0x10c/0x1c0 [ 11.590551] __asan_memset+0x27/0x50 [ 11.590569] kmalloc_oob_memset_8+0x166/0x330 [ 11.590590] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.590612] ? __schedule+0x10cc/0x2b60 [ 11.590633] ? __pfx_read_tsc+0x10/0x10 [ 11.590653] ? ktime_get_ts64+0x86/0x230 [ 11.590676] kunit_try_run_case+0x1a5/0x480 [ 11.590699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.590720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.590742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.590763] ? __kthread_parkme+0x82/0x180 [ 11.590783] ? preempt_count_sub+0x50/0x80 [ 11.590806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.590830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.590854] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.590878] kthread+0x337/0x6f0 [ 11.590898] ? trace_preempt_on+0x20/0xc0 [ 11.590920] ? __pfx_kthread+0x10/0x10 [ 11.590940] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.590959] ? calculate_sigpending+0x7b/0xa0 [ 11.590982] ? __pfx_kthread+0x10/0x10 [ 11.591003] ret_from_fork+0x116/0x1d0 [ 11.591020] ? __pfx_kthread+0x10/0x10 [ 11.591102] ret_from_fork_asm+0x1a/0x30 [ 11.591135] </TASK> [ 11.591157] [ 11.599264] Allocated by task 193: [ 11.599509] kasan_save_stack+0x45/0x70 [ 11.599733] kasan_save_track+0x18/0x40 [ 11.599875] kasan_save_alloc_info+0x3b/0x50 [ 11.600222] __kasan_kmalloc+0xb7/0xc0 [ 11.600439] __kmalloc_cache_noprof+0x189/0x420 [ 11.600626] kmalloc_oob_memset_8+0xac/0x330 [ 11.600857] kunit_try_run_case+0x1a5/0x480 [ 11.601104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.601377] kthread+0x337/0x6f0 [ 11.601572] ret_from_fork+0x116/0x1d0 [ 11.601761] ret_from_fork_asm+0x1a/0x30 [ 11.601960] [ 11.602118] The buggy address belongs to the object at ffff88810312f100 [ 11.602118] which belongs to the cache kmalloc-128 of size 128 [ 11.602597] The buggy address is located 113 bytes inside of [ 11.602597] allocated 120-byte region [ffff88810312f100, ffff88810312f178) [ 11.603140] [ 11.603212] The buggy address belongs to the physical page: [ 11.603609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10312f [ 11.604093] flags: 0x200000000000000(node=0|zone=2) [ 11.604375] page_type: f5(slab) [ 11.604579] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.605001] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.605661] page dumped because: kasan: bad access detected [ 11.605978] [ 11.606155] Memory state around the buggy address: [ 11.606363] ffff88810312f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.606578] ffff88810312f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.606800] >ffff88810312f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.607132] ^ [ 11.607515] ffff88810312f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.607849] ffff88810312f200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.608282] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 11.563855] ================================================================== [ 11.564599] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 11.564913] Write of size 4 at addr ffff88810312f075 by task kunit_try_catch/191 [ 11.565269] [ 11.565388] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.565522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.565535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.565554] Call Trace: [ 11.565565] <TASK> [ 11.565580] dump_stack_lvl+0x73/0xb0 [ 11.565607] print_report+0xd1/0x650 [ 11.565628] ? __virt_addr_valid+0x1db/0x2d0 [ 11.565648] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.565669] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.565690] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.565711] kasan_report+0x141/0x180 [ 11.565759] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.565784] kasan_check_range+0x10c/0x1c0 [ 11.565806] __asan_memset+0x27/0x50 [ 11.565825] kmalloc_oob_memset_4+0x166/0x330 [ 11.565846] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 11.565868] ? __schedule+0x10cc/0x2b60 [ 11.565890] ? __pfx_read_tsc+0x10/0x10 [ 11.565911] ? ktime_get_ts64+0x86/0x230 [ 11.565950] kunit_try_run_case+0x1a5/0x480 [ 11.565987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.566008] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.566041] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.566100] ? __kthread_parkme+0x82/0x180 [ 11.566122] ? preempt_count_sub+0x50/0x80 [ 11.566144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.566167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.566189] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.566210] kthread+0x337/0x6f0 [ 11.566228] ? trace_preempt_on+0x20/0xc0 [ 11.566251] ? __pfx_kthread+0x10/0x10 [ 11.566270] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.566290] ? calculate_sigpending+0x7b/0xa0 [ 11.566313] ? __pfx_kthread+0x10/0x10 [ 11.566333] ret_from_fork+0x116/0x1d0 [ 11.566350] ? __pfx_kthread+0x10/0x10 [ 11.566370] ret_from_fork_asm+0x1a/0x30 [ 11.566399] </TASK> [ 11.566410] [ 11.574392] Allocated by task 191: [ 11.574632] kasan_save_stack+0x45/0x70 [ 11.574804] kasan_save_track+0x18/0x40 [ 11.575111] kasan_save_alloc_info+0x3b/0x50 [ 11.575311] __kasan_kmalloc+0xb7/0xc0 [ 11.575498] __kmalloc_cache_noprof+0x189/0x420 [ 11.575736] kmalloc_oob_memset_4+0xac/0x330 [ 11.575984] kunit_try_run_case+0x1a5/0x480 [ 11.576247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.576608] kthread+0x337/0x6f0 [ 11.576731] ret_from_fork+0x116/0x1d0 [ 11.576876] ret_from_fork_asm+0x1a/0x30 [ 11.577142] [ 11.577265] The buggy address belongs to the object at ffff88810312f000 [ 11.577265] which belongs to the cache kmalloc-128 of size 128 [ 11.577802] The buggy address is located 117 bytes inside of [ 11.577802] allocated 120-byte region [ffff88810312f000, ffff88810312f078) [ 11.578419] [ 11.578517] The buggy address belongs to the physical page: [ 11.578789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10312f [ 11.579348] flags: 0x200000000000000(node=0|zone=2) [ 11.579605] page_type: f5(slab) [ 11.579764] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.580097] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.580466] page dumped because: kasan: bad access detected [ 11.580749] [ 11.580979] Memory state around the buggy address: [ 11.581226] ffff88810312ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.581616] ffff88810312ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.581876] >ffff88810312f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.582112] ^ [ 11.582792] ffff88810312f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.583035] ffff88810312f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.583381] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 11.542364] ================================================================== [ 11.542956] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 11.543631] Write of size 2 at addr ffff888102cbbf77 by task kunit_try_catch/189 [ 11.544108] [ 11.544342] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.544500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.544513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.544534] Call Trace: [ 11.544545] <TASK> [ 11.544561] dump_stack_lvl+0x73/0xb0 [ 11.544590] print_report+0xd1/0x650 [ 11.544612] ? __virt_addr_valid+0x1db/0x2d0 [ 11.544633] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.544654] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.544675] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.544696] kasan_report+0x141/0x180 [ 11.544717] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.544742] kasan_check_range+0x10c/0x1c0 [ 11.544764] __asan_memset+0x27/0x50 [ 11.544783] kmalloc_oob_memset_2+0x166/0x330 [ 11.544804] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.544827] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.544852] kunit_try_run_case+0x1a5/0x480 [ 11.544874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.544894] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.544916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.544937] ? __kthread_parkme+0x82/0x180 [ 11.544956] ? preempt_count_sub+0x50/0x80 [ 11.544977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.544999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.545020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.545052] kthread+0x337/0x6f0 [ 11.545070] ? trace_preempt_on+0x20/0xc0 [ 11.545092] ? __pfx_kthread+0x10/0x10 [ 11.545112] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.545132] ? calculate_sigpending+0x7b/0xa0 [ 11.545154] ? __pfx_kthread+0x10/0x10 [ 11.545174] ret_from_fork+0x116/0x1d0 [ 11.545191] ? __pfx_kthread+0x10/0x10 [ 11.545211] ret_from_fork_asm+0x1a/0x30 [ 11.545239] </TASK> [ 11.545250] [ 11.552623] Allocated by task 189: [ 11.552830] kasan_save_stack+0x45/0x70 [ 11.553086] kasan_save_track+0x18/0x40 [ 11.553312] kasan_save_alloc_info+0x3b/0x50 [ 11.553533] __kasan_kmalloc+0xb7/0xc0 [ 11.553731] __kmalloc_cache_noprof+0x189/0x420 [ 11.553980] kmalloc_oob_memset_2+0xac/0x330 [ 11.554220] kunit_try_run_case+0x1a5/0x480 [ 11.554539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.554879] kthread+0x337/0x6f0 [ 11.555007] ret_from_fork+0x116/0x1d0 [ 11.555311] ret_from_fork_asm+0x1a/0x30 [ 11.555539] [ 11.555611] The buggy address belongs to the object at ffff888102cbbf00 [ 11.555611] which belongs to the cache kmalloc-128 of size 128 [ 11.556172] The buggy address is located 119 bytes inside of [ 11.556172] allocated 120-byte region [ffff888102cbbf00, ffff888102cbbf78) [ 11.556767] [ 11.556842] The buggy address belongs to the physical page: [ 11.557110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cbb [ 11.557518] flags: 0x200000000000000(node=0|zone=2) [ 11.557762] page_type: f5(slab) [ 11.557963] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.558338] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.558691] page dumped because: kasan: bad access detected [ 11.558934] [ 11.559033] Memory state around the buggy address: [ 11.559258] ffff888102cbbe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.559493] ffff888102cbbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.559703] >ffff888102cbbf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.560022] ^ [ 11.560408] ffff888102cbbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.560727] ffff888102cbc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.561082] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 11.512420] ================================================================== [ 11.512998] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 11.513405] Write of size 128 at addr ffff888102cbbe00 by task kunit_try_catch/187 [ 11.513961] [ 11.514098] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.514143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.514155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.514174] Call Trace: [ 11.514185] <TASK> [ 11.514200] dump_stack_lvl+0x73/0xb0 [ 11.514228] print_report+0xd1/0x650 [ 11.514250] ? __virt_addr_valid+0x1db/0x2d0 [ 11.514273] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.514293] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.514542] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.514571] kasan_report+0x141/0x180 [ 11.514593] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.514619] kasan_check_range+0x10c/0x1c0 [ 11.514641] __asan_memset+0x27/0x50 [ 11.514660] kmalloc_oob_in_memset+0x15f/0x320 [ 11.514681] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.514702] ? __schedule+0x10cc/0x2b60 [ 11.514723] ? __pfx_read_tsc+0x10/0x10 [ 11.514743] ? ktime_get_ts64+0x86/0x230 [ 11.514767] kunit_try_run_case+0x1a5/0x480 [ 11.514790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.514811] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.514832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.514853] ? __kthread_parkme+0x82/0x180 [ 11.514873] ? preempt_count_sub+0x50/0x80 [ 11.514896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.514918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.514939] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.514960] kthread+0x337/0x6f0 [ 11.514978] ? trace_preempt_on+0x20/0xc0 [ 11.515001] ? __pfx_kthread+0x10/0x10 [ 11.515020] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.515096] ? calculate_sigpending+0x7b/0xa0 [ 11.515123] ? __pfx_kthread+0x10/0x10 [ 11.515143] ret_from_fork+0x116/0x1d0 [ 11.515160] ? __pfx_kthread+0x10/0x10 [ 11.515180] ret_from_fork_asm+0x1a/0x30 [ 11.515209] </TASK> [ 11.515219] [ 11.524807] Allocated by task 187: [ 11.525291] kasan_save_stack+0x45/0x70 [ 11.525452] kasan_save_track+0x18/0x40 [ 11.525775] kasan_save_alloc_info+0x3b/0x50 [ 11.526165] __kasan_kmalloc+0xb7/0xc0 [ 11.526349] __kmalloc_cache_noprof+0x189/0x420 [ 11.526722] kmalloc_oob_in_memset+0xac/0x320 [ 11.527010] kunit_try_run_case+0x1a5/0x480 [ 11.527227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.527804] kthread+0x337/0x6f0 [ 11.528295] ret_from_fork+0x116/0x1d0 [ 11.528503] ret_from_fork_asm+0x1a/0x30 [ 11.528699] [ 11.528793] The buggy address belongs to the object at ffff888102cbbe00 [ 11.528793] which belongs to the cache kmalloc-128 of size 128 [ 11.529751] The buggy address is located 0 bytes inside of [ 11.529751] allocated 120-byte region [ffff888102cbbe00, ffff888102cbbe78) [ 11.530482] [ 11.530731] The buggy address belongs to the physical page: [ 11.531090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cbb [ 11.531612] flags: 0x200000000000000(node=0|zone=2) [ 11.531951] page_type: f5(slab) [ 11.532593] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.532910] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.533404] page dumped because: kasan: bad access detected [ 11.533823] [ 11.534046] Memory state around the buggy address: [ 11.534402] ffff888102cbbd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.534844] ffff888102cbbd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.535425] >ffff888102cbbe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.535892] ^ [ 11.536501] ffff888102cbbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.536963] ffff888102cbbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.537393] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 11.487848] ================================================================== [ 11.488390] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 11.488691] Read of size 16 at addr ffff8881027a10a0 by task kunit_try_catch/185 [ 11.489020] [ 11.489198] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.489241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.489252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.489274] Call Trace: [ 11.489285] <TASK> [ 11.489300] dump_stack_lvl+0x73/0xb0 [ 11.489328] print_report+0xd1/0x650 [ 11.489349] ? __virt_addr_valid+0x1db/0x2d0 [ 11.489384] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.489404] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.489425] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.489460] kasan_report+0x141/0x180 [ 11.489481] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.489519] __asan_report_load16_noabort+0x18/0x20 [ 11.489542] kmalloc_uaf_16+0x47b/0x4c0 [ 11.489563] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 11.489596] ? __schedule+0x10cc/0x2b60 [ 11.489617] ? __pfx_read_tsc+0x10/0x10 [ 11.489638] ? ktime_get_ts64+0x86/0x230 [ 11.489673] kunit_try_run_case+0x1a5/0x480 [ 11.489698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.489720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.489754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.489775] ? __kthread_parkme+0x82/0x180 [ 11.489795] ? preempt_count_sub+0x50/0x80 [ 11.489828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.489850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.489872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.489894] kthread+0x337/0x6f0 [ 11.489912] ? trace_preempt_on+0x20/0xc0 [ 11.489935] ? __pfx_kthread+0x10/0x10 [ 11.489955] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.489974] ? calculate_sigpending+0x7b/0xa0 [ 11.490005] ? __pfx_kthread+0x10/0x10 [ 11.490056] ret_from_fork+0x116/0x1d0 [ 11.490075] ? __pfx_kthread+0x10/0x10 [ 11.490094] ret_from_fork_asm+0x1a/0x30 [ 11.490124] </TASK> [ 11.490150] [ 11.497637] Allocated by task 185: [ 11.497852] kasan_save_stack+0x45/0x70 [ 11.498357] kasan_save_track+0x18/0x40 [ 11.498586] kasan_save_alloc_info+0x3b/0x50 [ 11.498804] __kasan_kmalloc+0xb7/0xc0 [ 11.499006] __kmalloc_cache_noprof+0x189/0x420 [ 11.499338] kmalloc_uaf_16+0x15b/0x4c0 [ 11.499537] kunit_try_run_case+0x1a5/0x480 [ 11.499744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.499982] kthread+0x337/0x6f0 [ 11.500234] ret_from_fork+0x116/0x1d0 [ 11.500431] ret_from_fork_asm+0x1a/0x30 [ 11.500609] [ 11.500679] Freed by task 185: [ 11.500858] kasan_save_stack+0x45/0x70 [ 11.501100] kasan_save_track+0x18/0x40 [ 11.501265] kasan_save_free_info+0x3f/0x60 [ 11.501414] __kasan_slab_free+0x56/0x70 [ 11.501614] kfree+0x222/0x3f0 [ 11.501801] kmalloc_uaf_16+0x1d6/0x4c0 [ 11.501992] kunit_try_run_case+0x1a5/0x480 [ 11.502293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.502473] kthread+0x337/0x6f0 [ 11.502617] ret_from_fork+0x116/0x1d0 [ 11.502805] ret_from_fork_asm+0x1a/0x30 [ 11.503031] [ 11.503348] The buggy address belongs to the object at ffff8881027a10a0 [ 11.503348] which belongs to the cache kmalloc-16 of size 16 [ 11.503853] The buggy address is located 0 bytes inside of [ 11.503853] freed 16-byte region [ffff8881027a10a0, ffff8881027a10b0) [ 11.504430] [ 11.504509] The buggy address belongs to the physical page: [ 11.504732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 11.505178] flags: 0x200000000000000(node=0|zone=2) [ 11.505422] page_type: f5(slab) [ 11.505587] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.505931] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.506289] page dumped because: kasan: bad access detected [ 11.506573] [ 11.506667] Memory state around the buggy address: [ 11.506874] ffff8881027a0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.507267] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 11.507587] >ffff8881027a1080: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.507924] ^ [ 11.508358] ffff8881027a1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.508616] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.508828] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 11.465156] ================================================================== [ 11.465852] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 11.466371] Write of size 16 at addr ffff888101638ee0 by task kunit_try_catch/183 [ 11.466700] [ 11.466834] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.466878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.466890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.466921] Call Trace: [ 11.466934] <TASK> [ 11.466949] dump_stack_lvl+0x73/0xb0 [ 11.466984] print_report+0xd1/0x650 [ 11.467005] ? __virt_addr_valid+0x1db/0x2d0 [ 11.467045] ? kmalloc_oob_16+0x452/0x4a0 [ 11.467065] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.467085] ? kmalloc_oob_16+0x452/0x4a0 [ 11.467105] kasan_report+0x141/0x180 [ 11.467126] ? kmalloc_oob_16+0x452/0x4a0 [ 11.467150] __asan_report_store16_noabort+0x1b/0x30 [ 11.467169] kmalloc_oob_16+0x452/0x4a0 [ 11.467189] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 11.467210] ? __schedule+0x10cc/0x2b60 [ 11.467230] ? __pfx_read_tsc+0x10/0x10 [ 11.467250] ? ktime_get_ts64+0x86/0x230 [ 11.467272] kunit_try_run_case+0x1a5/0x480 [ 11.467390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.467414] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.467437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.467458] ? __kthread_parkme+0x82/0x180 [ 11.467492] ? preempt_count_sub+0x50/0x80 [ 11.467514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.467536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.467568] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.467590] kthread+0x337/0x6f0 [ 11.467608] ? trace_preempt_on+0x20/0xc0 [ 11.467629] ? __pfx_kthread+0x10/0x10 [ 11.467649] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.467669] ? calculate_sigpending+0x7b/0xa0 [ 11.467691] ? __pfx_kthread+0x10/0x10 [ 11.467711] ret_from_fork+0x116/0x1d0 [ 11.467728] ? __pfx_kthread+0x10/0x10 [ 11.467747] ret_from_fork_asm+0x1a/0x30 [ 11.467777] </TASK> [ 11.467788] [ 11.475692] Allocated by task 183: [ 11.475893] kasan_save_stack+0x45/0x70 [ 11.476227] kasan_save_track+0x18/0x40 [ 11.476415] kasan_save_alloc_info+0x3b/0x50 [ 11.476653] __kasan_kmalloc+0xb7/0xc0 [ 11.476826] __kmalloc_cache_noprof+0x189/0x420 [ 11.477222] kmalloc_oob_16+0xa8/0x4a0 [ 11.477426] kunit_try_run_case+0x1a5/0x480 [ 11.477668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.477886] kthread+0x337/0x6f0 [ 11.478160] ret_from_fork+0x116/0x1d0 [ 11.478349] ret_from_fork_asm+0x1a/0x30 [ 11.478532] [ 11.478605] The buggy address belongs to the object at ffff888101638ee0 [ 11.478605] which belongs to the cache kmalloc-16 of size 16 [ 11.479248] The buggy address is located 0 bytes inside of [ 11.479248] allocated 13-byte region [ffff888101638ee0, ffff888101638eed) [ 11.479757] [ 11.479830] The buggy address belongs to the physical page: [ 11.480001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101638 [ 11.480361] flags: 0x200000000000000(node=0|zone=2) [ 11.480595] page_type: f5(slab) [ 11.480762] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.481005] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.481307] page dumped because: kasan: bad access detected [ 11.481562] [ 11.481657] Memory state around the buggy address: [ 11.481882] ffff888101638d80: fa fb fc fc 00 05 fc fc 00 05 fc fc 00 00 fc fc [ 11.482399] ffff888101638e00: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 11.482715] >ffff888101638e80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 11.483121] ^ [ 11.483434] ffff888101638f00: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.483652] ffff888101638f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.483978] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 11.408007] ================================================================== [ 11.408733] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 11.409050] Read of size 1 at addr ffff888100a33600 by task kunit_try_catch/181 [ 11.409422] [ 11.409547] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.409588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.409599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.409619] Call Trace: [ 11.409629] <TASK> [ 11.409643] dump_stack_lvl+0x73/0xb0 [ 11.409679] print_report+0xd1/0x650 [ 11.409917] ? __virt_addr_valid+0x1db/0x2d0 [ 11.409957] ? krealloc_uaf+0x1b8/0x5e0 [ 11.409978] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.409999] ? krealloc_uaf+0x1b8/0x5e0 [ 11.410019] kasan_report+0x141/0x180 [ 11.410188] ? krealloc_uaf+0x1b8/0x5e0 [ 11.410217] ? krealloc_uaf+0x1b8/0x5e0 [ 11.410238] __kasan_check_byte+0x3d/0x50 [ 11.410259] krealloc_noprof+0x3f/0x340 [ 11.410281] krealloc_uaf+0x1b8/0x5e0 [ 11.410302] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.410334] ? finish_task_switch.isra.0+0x153/0x700 [ 11.410354] ? __switch_to+0x47/0xf50 [ 11.410378] ? __schedule+0x10cc/0x2b60 [ 11.410411] ? __pfx_read_tsc+0x10/0x10 [ 11.410430] ? ktime_get_ts64+0x86/0x230 [ 11.410454] kunit_try_run_case+0x1a5/0x480 [ 11.410477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.410498] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.410520] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.410541] ? __kthread_parkme+0x82/0x180 [ 11.410560] ? preempt_count_sub+0x50/0x80 [ 11.410581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.410604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.410625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.410647] kthread+0x337/0x6f0 [ 11.410665] ? trace_preempt_on+0x20/0xc0 [ 11.410686] ? __pfx_kthread+0x10/0x10 [ 11.410706] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.410725] ? calculate_sigpending+0x7b/0xa0 [ 11.410748] ? __pfx_kthread+0x10/0x10 [ 11.410768] ret_from_fork+0x116/0x1d0 [ 11.410785] ? __pfx_kthread+0x10/0x10 [ 11.410804] ret_from_fork_asm+0x1a/0x30 [ 11.410832] </TASK> [ 11.410843] [ 11.422574] Allocated by task 181: [ 11.422747] kasan_save_stack+0x45/0x70 [ 11.422936] kasan_save_track+0x18/0x40 [ 11.423534] kasan_save_alloc_info+0x3b/0x50 [ 11.423746] __kasan_kmalloc+0xb7/0xc0 [ 11.423920] __kmalloc_cache_noprof+0x189/0x420 [ 11.424199] krealloc_uaf+0xbb/0x5e0 [ 11.424341] kunit_try_run_case+0x1a5/0x480 [ 11.424575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.424762] kthread+0x337/0x6f0 [ 11.424931] ret_from_fork+0x116/0x1d0 [ 11.425389] ret_from_fork_asm+0x1a/0x30 [ 11.425574] [ 11.425719] Freed by task 181: [ 11.425893] kasan_save_stack+0x45/0x70 [ 11.426218] kasan_save_track+0x18/0x40 [ 11.426390] kasan_save_free_info+0x3f/0x60 [ 11.426608] __kasan_slab_free+0x56/0x70 [ 11.426805] kfree+0x222/0x3f0 [ 11.426922] krealloc_uaf+0x13d/0x5e0 [ 11.427122] kunit_try_run_case+0x1a5/0x480 [ 11.427331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.427624] kthread+0x337/0x6f0 [ 11.427816] ret_from_fork+0x116/0x1d0 [ 11.428118] ret_from_fork_asm+0x1a/0x30 [ 11.428323] [ 11.428430] The buggy address belongs to the object at ffff888100a33600 [ 11.428430] which belongs to the cache kmalloc-256 of size 256 [ 11.429014] The buggy address is located 0 bytes inside of [ 11.429014] freed 256-byte region [ffff888100a33600, ffff888100a33700) [ 11.429685] [ 11.429804] The buggy address belongs to the physical page: [ 11.430014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a32 [ 11.430329] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.430754] flags: 0x200000000000040(head|node=0|zone=2) [ 11.431041] page_type: f5(slab) [ 11.431304] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.431624] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.431983] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.432353] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.432750] head: 0200000000000001 ffffea0004028c81 00000000ffffffff 00000000ffffffff [ 11.433188] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.433744] page dumped because: kasan: bad access detected [ 11.433995] [ 11.434185] Memory state around the buggy address: [ 11.434515] ffff888100a33500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.434827] ffff888100a33580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.435145] >ffff888100a33600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.435398] ^ [ 11.435546] ffff888100a33680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.435885] ffff888100a33700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.436410] ================================================================== [ 11.436952] ================================================================== [ 11.437478] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 11.437775] Read of size 1 at addr ffff888100a33600 by task kunit_try_catch/181 [ 11.438164] [ 11.438290] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.438331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.438342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.438361] Call Trace: [ 11.438375] <TASK> [ 11.438389] dump_stack_lvl+0x73/0xb0 [ 11.438415] print_report+0xd1/0x650 [ 11.438437] ? __virt_addr_valid+0x1db/0x2d0 [ 11.438459] ? krealloc_uaf+0x53c/0x5e0 [ 11.438479] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.438499] ? krealloc_uaf+0x53c/0x5e0 [ 11.438520] kasan_report+0x141/0x180 [ 11.438540] ? krealloc_uaf+0x53c/0x5e0 [ 11.438566] __asan_report_load1_noabort+0x18/0x20 [ 11.438589] krealloc_uaf+0x53c/0x5e0 [ 11.438609] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.438629] ? finish_task_switch.isra.0+0x153/0x700 [ 11.438649] ? __switch_to+0x47/0xf50 [ 11.438673] ? __schedule+0x10cc/0x2b60 [ 11.438693] ? __pfx_read_tsc+0x10/0x10 [ 11.438712] ? ktime_get_ts64+0x86/0x230 [ 11.438735] kunit_try_run_case+0x1a5/0x480 [ 11.438758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.438778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.438799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.438821] ? __kthread_parkme+0x82/0x180 [ 11.438839] ? preempt_count_sub+0x50/0x80 [ 11.438860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.438882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.438904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.438925] kthread+0x337/0x6f0 [ 11.438943] ? trace_preempt_on+0x20/0xc0 [ 11.438965] ? __pfx_kthread+0x10/0x10 [ 11.438985] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.439004] ? calculate_sigpending+0x7b/0xa0 [ 11.439042] ? __pfx_kthread+0x10/0x10 [ 11.439124] ret_from_fork+0x116/0x1d0 [ 11.439144] ? __pfx_kthread+0x10/0x10 [ 11.439164] ret_from_fork_asm+0x1a/0x30 [ 11.439205] </TASK> [ 11.439216] [ 11.447452] Allocated by task 181: [ 11.447594] kasan_save_stack+0x45/0x70 [ 11.447823] kasan_save_track+0x18/0x40 [ 11.448013] kasan_save_alloc_info+0x3b/0x50 [ 11.448232] __kasan_kmalloc+0xb7/0xc0 [ 11.448405] __kmalloc_cache_noprof+0x189/0x420 [ 11.448561] krealloc_uaf+0xbb/0x5e0 [ 11.448833] kunit_try_run_case+0x1a5/0x480 [ 11.449180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.449515] kthread+0x337/0x6f0 [ 11.449702] ret_from_fork+0x116/0x1d0 [ 11.449897] ret_from_fork_asm+0x1a/0x30 [ 11.450184] [ 11.450274] Freed by task 181: [ 11.450423] kasan_save_stack+0x45/0x70 [ 11.450607] kasan_save_track+0x18/0x40 [ 11.450741] kasan_save_free_info+0x3f/0x60 [ 11.450884] __kasan_slab_free+0x56/0x70 [ 11.451021] kfree+0x222/0x3f0 [ 11.451444] krealloc_uaf+0x13d/0x5e0 [ 11.451636] kunit_try_run_case+0x1a5/0x480 [ 11.451845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.452238] kthread+0x337/0x6f0 [ 11.452417] ret_from_fork+0x116/0x1d0 [ 11.452608] ret_from_fork_asm+0x1a/0x30 [ 11.452747] [ 11.452821] The buggy address belongs to the object at ffff888100a33600 [ 11.452821] which belongs to the cache kmalloc-256 of size 256 [ 11.453652] The buggy address is located 0 bytes inside of [ 11.453652] freed 256-byte region [ffff888100a33600, ffff888100a33700) [ 11.454369] [ 11.454502] The buggy address belongs to the physical page: [ 11.454768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a32 [ 11.455253] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.455549] flags: 0x200000000000040(head|node=0|zone=2) [ 11.455723] page_type: f5(slab) [ 11.455876] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.456227] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.456650] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.456879] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.457508] head: 0200000000000001 ffffea0004028c81 00000000ffffffff 00000000ffffffff [ 11.457983] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.458384] page dumped because: kasan: bad access detected [ 11.458714] [ 11.458803] Memory state around the buggy address: [ 11.459044] ffff888100a33500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.459425] ffff888100a33580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.459729] >ffff888100a33600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.460043] ^ [ 11.460273] ffff888100a33680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.460574] ffff888100a33700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.460827] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 11.164544] ================================================================== [ 11.165092] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.165532] Write of size 1 at addr ffff888100a334d0 by task kunit_try_catch/175 [ 11.165759] [ 11.165848] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.165890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.165901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.165921] Call Trace: [ 11.165933] <TASK> [ 11.165949] dump_stack_lvl+0x73/0xb0 [ 11.165974] print_report+0xd1/0x650 [ 11.165996] ? __virt_addr_valid+0x1db/0x2d0 [ 11.166016] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.166243] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.166273] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.166297] kasan_report+0x141/0x180 [ 11.166318] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.166345] __asan_report_store1_noabort+0x1b/0x30 [ 11.166365] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.166389] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.166411] ? finish_task_switch.isra.0+0x153/0x700 [ 11.166433] ? __switch_to+0x47/0xf50 [ 11.166457] ? __schedule+0x10cc/0x2b60 [ 11.166478] ? __pfx_read_tsc+0x10/0x10 [ 11.166500] krealloc_less_oob+0x1c/0x30 [ 11.166520] kunit_try_run_case+0x1a5/0x480 [ 11.166542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.166562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.166584] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.166605] ? __kthread_parkme+0x82/0x180 [ 11.166624] ? preempt_count_sub+0x50/0x80 [ 11.166645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.166667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.166687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.166709] kthread+0x337/0x6f0 [ 11.166727] ? trace_preempt_on+0x20/0xc0 [ 11.166749] ? __pfx_kthread+0x10/0x10 [ 11.166768] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.166787] ? calculate_sigpending+0x7b/0xa0 [ 11.166809] ? __pfx_kthread+0x10/0x10 [ 11.166829] ret_from_fork+0x116/0x1d0 [ 11.166846] ? __pfx_kthread+0x10/0x10 [ 11.166865] ret_from_fork_asm+0x1a/0x30 [ 11.166894] </TASK> [ 11.166904] [ 11.181612] Allocated by task 175: [ 11.181751] kasan_save_stack+0x45/0x70 [ 11.181894] kasan_save_track+0x18/0x40 [ 11.182040] kasan_save_alloc_info+0x3b/0x50 [ 11.182374] __kasan_krealloc+0x190/0x1f0 [ 11.182625] krealloc_noprof+0xf3/0x340 [ 11.182776] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.182984] krealloc_less_oob+0x1c/0x30 [ 11.183377] kunit_try_run_case+0x1a5/0x480 [ 11.183522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.183845] kthread+0x337/0x6f0 [ 11.184138] ret_from_fork+0x116/0x1d0 [ 11.184313] ret_from_fork_asm+0x1a/0x30 [ 11.184596] [ 11.184677] The buggy address belongs to the object at ffff888100a33400 [ 11.184677] which belongs to the cache kmalloc-256 of size 256 [ 11.185229] The buggy address is located 7 bytes to the right of [ 11.185229] allocated 201-byte region [ffff888100a33400, ffff888100a334c9) [ 11.185892] [ 11.185965] The buggy address belongs to the physical page: [ 11.186208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a32 [ 11.186772] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.187190] flags: 0x200000000000040(head|node=0|zone=2) [ 11.187494] page_type: f5(slab) [ 11.187628] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.187961] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.188373] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.188719] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.189177] head: 0200000000000001 ffffea0004028c81 00000000ffffffff 00000000ffffffff [ 11.189482] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.189832] page dumped because: kasan: bad access detected [ 11.190238] [ 11.190343] Memory state around the buggy address: [ 11.190545] ffff888100a33380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.190832] ffff888100a33400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.191327] >ffff888100a33480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.191689] ^ [ 11.191954] ffff888100a33500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.192393] ffff888100a33580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.192689] ================================================================== [ 11.386230] ================================================================== [ 11.386537] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.386830] Write of size 1 at addr ffff88810295a0eb by task kunit_try_catch/179 [ 11.387171] [ 11.387414] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.387460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.387471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.387491] Call Trace: [ 11.387505] <TASK> [ 11.387519] dump_stack_lvl+0x73/0xb0 [ 11.387546] print_report+0xd1/0x650 [ 11.387568] ? __virt_addr_valid+0x1db/0x2d0 [ 11.387589] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.387613] ? kasan_addr_to_slab+0x11/0xa0 [ 11.387648] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.387672] kasan_report+0x141/0x180 [ 11.387694] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.387734] __asan_report_store1_noabort+0x1b/0x30 [ 11.387754] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.387778] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.387801] ? finish_task_switch.isra.0+0x153/0x700 [ 11.387823] ? __switch_to+0x47/0xf50 [ 11.387846] ? __schedule+0x10cc/0x2b60 [ 11.387867] ? __pfx_read_tsc+0x10/0x10 [ 11.387890] krealloc_large_less_oob+0x1c/0x30 [ 11.387912] kunit_try_run_case+0x1a5/0x480 [ 11.387934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.387955] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.387977] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.387998] ? __kthread_parkme+0x82/0x180 [ 11.388018] ? preempt_count_sub+0x50/0x80 [ 11.388050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.388072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.388094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.388124] kthread+0x337/0x6f0 [ 11.388143] ? trace_preempt_on+0x20/0xc0 [ 11.388164] ? __pfx_kthread+0x10/0x10 [ 11.388195] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.388216] ? calculate_sigpending+0x7b/0xa0 [ 11.388239] ? __pfx_kthread+0x10/0x10 [ 11.388260] ret_from_fork+0x116/0x1d0 [ 11.388277] ? __pfx_kthread+0x10/0x10 [ 11.388297] ret_from_fork_asm+0x1a/0x30 [ 11.388326] </TASK> [ 11.388337] [ 11.397309] The buggy address belongs to the physical page: [ 11.397595] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102958 [ 11.397972] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.398496] flags: 0x200000000000040(head|node=0|zone=2) [ 11.398715] page_type: f8(unknown) [ 11.398943] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.399253] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.399678] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.399979] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.400389] head: 0200000000000002 ffffea00040a5601 00000000ffffffff 00000000ffffffff [ 11.400915] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.401439] page dumped because: kasan: bad access detected [ 11.401682] [ 11.401825] Memory state around the buggy address: [ 11.402136] ffff888102959f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.402562] ffff88810295a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.402875] >ffff88810295a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.403288] ^ [ 11.403632] ffff88810295a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.403885] ffff88810295a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.404229] ================================================================== [ 11.331516] ================================================================== [ 11.331836] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.332478] Write of size 1 at addr ffff88810295a0d0 by task kunit_try_catch/179 [ 11.332749] [ 11.332836] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.332876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.332897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.332916] Call Trace: [ 11.332927] <TASK> [ 11.332941] dump_stack_lvl+0x73/0xb0 [ 11.332979] print_report+0xd1/0x650 [ 11.333000] ? __virt_addr_valid+0x1db/0x2d0 [ 11.333021] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.333054] ? kasan_addr_to_slab+0x11/0xa0 [ 11.333074] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.333098] kasan_report+0x141/0x180 [ 11.333119] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.333291] __asan_report_store1_noabort+0x1b/0x30 [ 11.333317] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.333342] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.333377] ? finish_task_switch.isra.0+0x153/0x700 [ 11.333398] ? __switch_to+0x47/0xf50 [ 11.333422] ? __schedule+0x10cc/0x2b60 [ 11.333529] ? __pfx_read_tsc+0x10/0x10 [ 11.333553] krealloc_large_less_oob+0x1c/0x30 [ 11.333575] kunit_try_run_case+0x1a5/0x480 [ 11.333597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.333618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.333640] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.333662] ? __kthread_parkme+0x82/0x180 [ 11.333681] ? preempt_count_sub+0x50/0x80 [ 11.333702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.333725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.333746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.333768] kthread+0x337/0x6f0 [ 11.333900] ? trace_preempt_on+0x20/0xc0 [ 11.333925] ? __pfx_kthread+0x10/0x10 [ 11.333945] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.333965] ? calculate_sigpending+0x7b/0xa0 [ 11.333996] ? __pfx_kthread+0x10/0x10 [ 11.334017] ret_from_fork+0x116/0x1d0 [ 11.334054] ? __pfx_kthread+0x10/0x10 [ 11.334074] ret_from_fork_asm+0x1a/0x30 [ 11.334254] </TASK> [ 11.334268] [ 11.342647] The buggy address belongs to the physical page: [ 11.342925] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102958 [ 11.343299] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.343554] flags: 0x200000000000040(head|node=0|zone=2) [ 11.344110] page_type: f8(unknown) [ 11.344378] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.344708] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.345039] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.345460] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.345794] head: 0200000000000002 ffffea00040a5601 00000000ffffffff 00000000ffffffff [ 11.346128] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.346674] page dumped because: kasan: bad access detected [ 11.346936] [ 11.347111] Memory state around the buggy address: [ 11.347367] ffff888102959f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.347693] ffff88810295a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.347977] >ffff88810295a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.348419] ^ [ 11.348605] ffff88810295a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.348974] ffff88810295a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.349419] ================================================================== [ 11.242913] ================================================================== [ 11.243395] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.243664] Write of size 1 at addr ffff888100a334eb by task kunit_try_catch/175 [ 11.243987] [ 11.244094] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.244146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.244157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.244313] Call Trace: [ 11.244333] <TASK> [ 11.244347] dump_stack_lvl+0x73/0xb0 [ 11.244375] print_report+0xd1/0x650 [ 11.244411] ? __virt_addr_valid+0x1db/0x2d0 [ 11.244431] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.244454] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.244475] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.244500] kasan_report+0x141/0x180 [ 11.244524] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.244552] __asan_report_store1_noabort+0x1b/0x30 [ 11.244572] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.244606] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.244629] ? finish_task_switch.isra.0+0x153/0x700 [ 11.244650] ? __switch_to+0x47/0xf50 [ 11.244685] ? __schedule+0x10cc/0x2b60 [ 11.244706] ? __pfx_read_tsc+0x10/0x10 [ 11.244730] krealloc_less_oob+0x1c/0x30 [ 11.244757] kunit_try_run_case+0x1a5/0x480 [ 11.244779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.244800] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.244821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.244842] ? __kthread_parkme+0x82/0x180 [ 11.244861] ? preempt_count_sub+0x50/0x80 [ 11.244882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.244905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.244926] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.244947] kthread+0x337/0x6f0 [ 11.244965] ? trace_preempt_on+0x20/0xc0 [ 11.244986] ? __pfx_kthread+0x10/0x10 [ 11.245007] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.245041] ? calculate_sigpending+0x7b/0xa0 [ 11.245066] ? __pfx_kthread+0x10/0x10 [ 11.245144] ret_from_fork+0x116/0x1d0 [ 11.245164] ? __pfx_kthread+0x10/0x10 [ 11.245184] ret_from_fork_asm+0x1a/0x30 [ 11.245224] </TASK> [ 11.245234] [ 11.253253] Allocated by task 175: [ 11.253460] kasan_save_stack+0x45/0x70 [ 11.253661] kasan_save_track+0x18/0x40 [ 11.253849] kasan_save_alloc_info+0x3b/0x50 [ 11.254178] __kasan_krealloc+0x190/0x1f0 [ 11.254351] krealloc_noprof+0xf3/0x340 [ 11.254542] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.254765] krealloc_less_oob+0x1c/0x30 [ 11.254972] kunit_try_run_case+0x1a5/0x480 [ 11.255209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.255554] kthread+0x337/0x6f0 [ 11.255716] ret_from_fork+0x116/0x1d0 [ 11.255849] ret_from_fork_asm+0x1a/0x30 [ 11.255986] [ 11.256324] The buggy address belongs to the object at ffff888100a33400 [ 11.256324] which belongs to the cache kmalloc-256 of size 256 [ 11.256893] The buggy address is located 34 bytes to the right of [ 11.256893] allocated 201-byte region [ffff888100a33400, ffff888100a334c9) [ 11.257724] [ 11.257815] The buggy address belongs to the physical page: [ 11.257986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a32 [ 11.258482] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.258799] flags: 0x200000000000040(head|node=0|zone=2) [ 11.259163] page_type: f5(slab) [ 11.259287] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.259517] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.259860] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.260497] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.260878] head: 0200000000000001 ffffea0004028c81 00000000ffffffff 00000000ffffffff [ 11.261261] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.261571] page dumped because: kasan: bad access detected [ 11.261818] [ 11.261916] Memory state around the buggy address: [ 11.262089] ffff888100a33380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.262556] ffff888100a33400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.262898] >ffff888100a33480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.263320] ^ [ 11.263620] ffff888100a33500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.263922] ffff888100a33580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.264410] ================================================================== [ 11.349697] ================================================================== [ 11.350080] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.350559] Write of size 1 at addr ffff88810295a0da by task kunit_try_catch/179 [ 11.350871] [ 11.350985] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.351046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.351102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.351121] Call Trace: [ 11.351134] <TASK> [ 11.351156] dump_stack_lvl+0x73/0xb0 [ 11.351184] print_report+0xd1/0x650 [ 11.351205] ? __virt_addr_valid+0x1db/0x2d0 [ 11.351239] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.351261] ? kasan_addr_to_slab+0x11/0xa0 [ 11.351281] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.351315] kasan_report+0x141/0x180 [ 11.351336] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.351364] __asan_report_store1_noabort+0x1b/0x30 [ 11.351384] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.351410] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.351433] ? finish_task_switch.isra.0+0x153/0x700 [ 11.351454] ? __switch_to+0x47/0xf50 [ 11.351478] ? __schedule+0x10cc/0x2b60 [ 11.351499] ? __pfx_read_tsc+0x10/0x10 [ 11.351521] krealloc_large_less_oob+0x1c/0x30 [ 11.351544] kunit_try_run_case+0x1a5/0x480 [ 11.351566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.351587] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.351609] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.351631] ? __kthread_parkme+0x82/0x180 [ 11.351659] ? preempt_count_sub+0x50/0x80 [ 11.351680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.351703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.351735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.351757] kthread+0x337/0x6f0 [ 11.351776] ? trace_preempt_on+0x20/0xc0 [ 11.351798] ? __pfx_kthread+0x10/0x10 [ 11.351818] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.351838] ? calculate_sigpending+0x7b/0xa0 [ 11.351861] ? __pfx_kthread+0x10/0x10 [ 11.351881] ret_from_fork+0x116/0x1d0 [ 11.351899] ? __pfx_kthread+0x10/0x10 [ 11.351918] ret_from_fork_asm+0x1a/0x30 [ 11.351948] </TASK> [ 11.351958] [ 11.360268] The buggy address belongs to the physical page: [ 11.360554] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102958 [ 11.360910] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.361261] flags: 0x200000000000040(head|node=0|zone=2) [ 11.361435] page_type: f8(unknown) [ 11.361852] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.362530] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.363099] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.363365] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.363880] head: 0200000000000002 ffffea00040a5601 00000000ffffffff 00000000ffffffff [ 11.364293] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.364749] page dumped because: kasan: bad access detected [ 11.365084] [ 11.365155] Memory state around the buggy address: [ 11.365352] ffff888102959f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.365700] ffff88810295a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.366236] >ffff88810295a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.366560] ^ [ 11.366794] ffff88810295a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.367255] ffff88810295a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.367590] ================================================================== [ 11.124730] ================================================================== [ 11.126074] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.127169] Write of size 1 at addr ffff888100a334c9 by task kunit_try_catch/175 [ 11.127404] [ 11.127494] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.127537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.127549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.127568] Call Trace: [ 11.127580] <TASK> [ 11.127594] dump_stack_lvl+0x73/0xb0 [ 11.127623] print_report+0xd1/0x650 [ 11.127644] ? __virt_addr_valid+0x1db/0x2d0 [ 11.127666] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.127688] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.127709] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.127731] kasan_report+0x141/0x180 [ 11.127752] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.127779] __asan_report_store1_noabort+0x1b/0x30 [ 11.127798] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.127822] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.127844] ? finish_task_switch.isra.0+0x153/0x700 [ 11.127864] ? __switch_to+0x47/0xf50 [ 11.127889] ? __schedule+0x10cc/0x2b60 [ 11.127909] ? __pfx_read_tsc+0x10/0x10 [ 11.127931] krealloc_less_oob+0x1c/0x30 [ 11.127951] kunit_try_run_case+0x1a5/0x480 [ 11.127975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.127996] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.128017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.128056] ? __kthread_parkme+0x82/0x180 [ 11.128337] ? preempt_count_sub+0x50/0x80 [ 11.128368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.128393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.128415] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.128436] kthread+0x337/0x6f0 [ 11.128454] ? trace_preempt_on+0x20/0xc0 [ 11.128476] ? __pfx_kthread+0x10/0x10 [ 11.128496] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.128516] ? calculate_sigpending+0x7b/0xa0 [ 11.128538] ? __pfx_kthread+0x10/0x10 [ 11.128558] ret_from_fork+0x116/0x1d0 [ 11.128575] ? __pfx_kthread+0x10/0x10 [ 11.128595] ret_from_fork_asm+0x1a/0x30 [ 11.128625] </TASK> [ 11.128636] [ 11.144886] Allocated by task 175: [ 11.145341] kasan_save_stack+0x45/0x70 [ 11.145722] kasan_save_track+0x18/0x40 [ 11.146175] kasan_save_alloc_info+0x3b/0x50 [ 11.146650] __kasan_krealloc+0x190/0x1f0 [ 11.147022] krealloc_noprof+0xf3/0x340 [ 11.147456] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.147825] krealloc_less_oob+0x1c/0x30 [ 11.147965] kunit_try_run_case+0x1a5/0x480 [ 11.148320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.148813] kthread+0x337/0x6f0 [ 11.149143] ret_from_fork+0x116/0x1d0 [ 11.149646] ret_from_fork_asm+0x1a/0x30 [ 11.149791] [ 11.149863] The buggy address belongs to the object at ffff888100a33400 [ 11.149863] which belongs to the cache kmalloc-256 of size 256 [ 11.150754] The buggy address is located 0 bytes to the right of [ 11.150754] allocated 201-byte region [ffff888100a33400, ffff888100a334c9) [ 11.152087] [ 11.152360] The buggy address belongs to the physical page: [ 11.152683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a32 [ 11.152927] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.153718] flags: 0x200000000000040(head|node=0|zone=2) [ 11.154239] page_type: f5(slab) [ 11.154829] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.155753] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.156703] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.157163] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.157706] head: 0200000000000001 ffffea0004028c81 00000000ffffffff 00000000ffffffff [ 11.157941] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.158472] page dumped because: kasan: bad access detected [ 11.159105] [ 11.159388] Memory state around the buggy address: [ 11.159823] ffff888100a33380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.160580] ffff888100a33400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.161369] >ffff888100a33480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.161783] ^ [ 11.161959] ffff888100a33500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.162749] ffff888100a33580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.163545] ================================================================== [ 11.368069] ================================================================== [ 11.368474] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.368815] Write of size 1 at addr ffff88810295a0ea by task kunit_try_catch/179 [ 11.369252] [ 11.369463] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.369524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.369536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.369555] Call Trace: [ 11.369569] <TASK> [ 11.369601] dump_stack_lvl+0x73/0xb0 [ 11.369629] print_report+0xd1/0x650 [ 11.369652] ? __virt_addr_valid+0x1db/0x2d0 [ 11.369685] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.369708] ? kasan_addr_to_slab+0x11/0xa0 [ 11.369728] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.369756] kasan_report+0x141/0x180 [ 11.369777] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.369817] __asan_report_store1_noabort+0x1b/0x30 [ 11.369837] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.369862] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.369901] ? finish_task_switch.isra.0+0x153/0x700 [ 11.369922] ? __switch_to+0x47/0xf50 [ 11.369964] ? __schedule+0x10cc/0x2b60 [ 11.369985] ? __pfx_read_tsc+0x10/0x10 [ 11.370008] krealloc_large_less_oob+0x1c/0x30 [ 11.370177] kunit_try_run_case+0x1a5/0x480 [ 11.370205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.370226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.370478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.370515] ? __kthread_parkme+0x82/0x180 [ 11.370534] ? preempt_count_sub+0x50/0x80 [ 11.370556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.370591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.370613] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.370635] kthread+0x337/0x6f0 [ 11.370654] ? trace_preempt_on+0x20/0xc0 [ 11.370676] ? __pfx_kthread+0x10/0x10 [ 11.370695] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.370716] ? calculate_sigpending+0x7b/0xa0 [ 11.370739] ? __pfx_kthread+0x10/0x10 [ 11.370759] ret_from_fork+0x116/0x1d0 [ 11.370777] ? __pfx_kthread+0x10/0x10 [ 11.370796] ret_from_fork_asm+0x1a/0x30 [ 11.370835] </TASK> [ 11.370846] [ 11.379323] The buggy address belongs to the physical page: [ 11.379568] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102958 [ 11.379915] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.380356] flags: 0x200000000000040(head|node=0|zone=2) [ 11.380630] page_type: f8(unknown) [ 11.380810] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.381237] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.381474] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.381779] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.382154] head: 0200000000000002 ffffea00040a5601 00000000ffffffff 00000000ffffffff [ 11.382563] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.382831] page dumped because: kasan: bad access detected [ 11.383217] [ 11.383478] Memory state around the buggy address: [ 11.383696] ffff888102959f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.383948] ffff88810295a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.384476] >ffff88810295a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.384748] ^ [ 11.385016] ffff88810295a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.385453] ffff88810295a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.385752] ================================================================== [ 11.193211] ================================================================== [ 11.193633] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.193957] Write of size 1 at addr ffff888100a334da by task kunit_try_catch/175 [ 11.194229] [ 11.194349] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.194398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.194408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.194427] Call Trace: [ 11.194441] <TASK> [ 11.194455] dump_stack_lvl+0x73/0xb0 [ 11.194579] print_report+0xd1/0x650 [ 11.194604] ? __virt_addr_valid+0x1db/0x2d0 [ 11.194625] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.194647] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.194677] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.194700] kasan_report+0x141/0x180 [ 11.194720] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.194757] __asan_report_store1_noabort+0x1b/0x30 [ 11.194778] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.194803] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.194835] ? finish_task_switch.isra.0+0x153/0x700 [ 11.194856] ? __switch_to+0x47/0xf50 [ 11.194881] ? __schedule+0x10cc/0x2b60 [ 11.194911] ? __pfx_read_tsc+0x10/0x10 [ 11.194934] krealloc_less_oob+0x1c/0x30 [ 11.194954] kunit_try_run_case+0x1a5/0x480 [ 11.194978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.194998] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.195019] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.195054] ? __kthread_parkme+0x82/0x180 [ 11.195072] ? preempt_count_sub+0x50/0x80 [ 11.195093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.195115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.195145] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.195167] kthread+0x337/0x6f0 [ 11.195184] ? trace_preempt_on+0x20/0xc0 [ 11.195206] ? __pfx_kthread+0x10/0x10 [ 11.195236] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.195255] ? calculate_sigpending+0x7b/0xa0 [ 11.195277] ? __pfx_kthread+0x10/0x10 [ 11.195297] ret_from_fork+0x116/0x1d0 [ 11.195314] ? __pfx_kthread+0x10/0x10 [ 11.195333] ret_from_fork_asm+0x1a/0x30 [ 11.195361] </TASK> [ 11.195371] [ 11.203926] Allocated by task 175: [ 11.204119] kasan_save_stack+0x45/0x70 [ 11.204319] kasan_save_track+0x18/0x40 [ 11.204510] kasan_save_alloc_info+0x3b/0x50 [ 11.204664] __kasan_krealloc+0x190/0x1f0 [ 11.204992] krealloc_noprof+0xf3/0x340 [ 11.205373] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.205540] krealloc_less_oob+0x1c/0x30 [ 11.205678] kunit_try_run_case+0x1a5/0x480 [ 11.205914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.206335] kthread+0x337/0x6f0 [ 11.206491] ret_from_fork+0x116/0x1d0 [ 11.206743] ret_from_fork_asm+0x1a/0x30 [ 11.206941] [ 11.207015] The buggy address belongs to the object at ffff888100a33400 [ 11.207015] which belongs to the cache kmalloc-256 of size 256 [ 11.207380] The buggy address is located 17 bytes to the right of [ 11.207380] allocated 201-byte region [ffff888100a33400, ffff888100a334c9) [ 11.208233] [ 11.208481] The buggy address belongs to the physical page: [ 11.208843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a32 [ 11.209381] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.209611] flags: 0x200000000000040(head|node=0|zone=2) [ 11.209783] page_type: f5(slab) [ 11.209928] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.210502] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.210885] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.211296] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.211630] head: 0200000000000001 ffffea0004028c81 00000000ffffffff 00000000ffffffff [ 11.211997] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.212555] page dumped because: kasan: bad access detected [ 11.212801] [ 11.212911] Memory state around the buggy address: [ 11.213244] ffff888100a33380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.213563] ffff888100a33400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.213781] >ffff888100a33480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.214126] ^ [ 11.214407] ffff888100a33500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.214801] ffff888100a33580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.215222] ================================================================== [ 11.313539] ================================================================== [ 11.314006] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.314403] Write of size 1 at addr ffff88810295a0c9 by task kunit_try_catch/179 [ 11.314737] [ 11.314852] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.314895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.314918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.314938] Call Trace: [ 11.314950] <TASK> [ 11.314964] dump_stack_lvl+0x73/0xb0 [ 11.314992] print_report+0xd1/0x650 [ 11.315013] ? __virt_addr_valid+0x1db/0x2d0 [ 11.315052] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.315134] ? kasan_addr_to_slab+0x11/0xa0 [ 11.315155] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.315191] kasan_report+0x141/0x180 [ 11.315212] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.315249] __asan_report_store1_noabort+0x1b/0x30 [ 11.315269] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.315293] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.315327] ? finish_task_switch.isra.0+0x153/0x700 [ 11.315348] ? __switch_to+0x47/0xf50 [ 11.315372] ? __schedule+0x10cc/0x2b60 [ 11.315395] ? __pfx_read_tsc+0x10/0x10 [ 11.315418] krealloc_large_less_oob+0x1c/0x30 [ 11.315440] kunit_try_run_case+0x1a5/0x480 [ 11.315464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.315484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.315507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.315528] ? __kthread_parkme+0x82/0x180 [ 11.315547] ? preempt_count_sub+0x50/0x80 [ 11.315578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.315600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.315622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.315655] kthread+0x337/0x6f0 [ 11.315674] ? trace_preempt_on+0x20/0xc0 [ 11.315696] ? __pfx_kthread+0x10/0x10 [ 11.315716] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.315736] ? calculate_sigpending+0x7b/0xa0 [ 11.315759] ? __pfx_kthread+0x10/0x10 [ 11.315788] ret_from_fork+0x116/0x1d0 [ 11.315805] ? __pfx_kthread+0x10/0x10 [ 11.315825] ret_from_fork_asm+0x1a/0x30 [ 11.315865] </TASK> [ 11.315876] [ 11.323858] The buggy address belongs to the physical page: [ 11.324349] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102958 [ 11.324600] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.324950] flags: 0x200000000000040(head|node=0|zone=2) [ 11.325437] page_type: f8(unknown) [ 11.325621] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.325963] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.326405] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.326745] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.327135] head: 0200000000000002 ffffea00040a5601 00000000ffffffff 00000000ffffffff [ 11.327500] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.327727] page dumped because: kasan: bad access detected [ 11.327988] [ 11.328247] Memory state around the buggy address: [ 11.328512] ffff888102959f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.328733] ffff88810295a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.329290] >ffff88810295a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.329646] ^ [ 11.329924] ffff88810295a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.330385] ffff88810295a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.330650] ================================================================== [ 11.215723] ================================================================== [ 11.216011] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.216585] Write of size 1 at addr ffff888100a334ea by task kunit_try_catch/175 [ 11.216921] [ 11.217020] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.217070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.217081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.217099] Call Trace: [ 11.217114] <TASK> [ 11.217138] dump_stack_lvl+0x73/0xb0 [ 11.217166] print_report+0xd1/0x650 [ 11.217188] ? __virt_addr_valid+0x1db/0x2d0 [ 11.217220] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.217243] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.217263] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.217285] kasan_report+0x141/0x180 [ 11.217306] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.217406] __asan_report_store1_noabort+0x1b/0x30 [ 11.217428] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.217453] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.217475] ? finish_task_switch.isra.0+0x153/0x700 [ 11.217496] ? __switch_to+0x47/0xf50 [ 11.217520] ? __schedule+0x10cc/0x2b60 [ 11.217540] ? __pfx_read_tsc+0x10/0x10 [ 11.217562] krealloc_less_oob+0x1c/0x30 [ 11.217582] kunit_try_run_case+0x1a5/0x480 [ 11.217605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.217625] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.217647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.217668] ? __kthread_parkme+0x82/0x180 [ 11.217687] ? preempt_count_sub+0x50/0x80 [ 11.217708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.217730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.217751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.217772] kthread+0x337/0x6f0 [ 11.217790] ? trace_preempt_on+0x20/0xc0 [ 11.217811] ? __pfx_kthread+0x10/0x10 [ 11.217839] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.217859] ? calculate_sigpending+0x7b/0xa0 [ 11.217881] ? __pfx_kthread+0x10/0x10 [ 11.217912] ret_from_fork+0x116/0x1d0 [ 11.217929] ? __pfx_kthread+0x10/0x10 [ 11.217948] ret_from_fork_asm+0x1a/0x30 [ 11.217976] </TASK> [ 11.217986] [ 11.231162] Allocated by task 175: [ 11.231423] kasan_save_stack+0x45/0x70 [ 11.231748] kasan_save_track+0x18/0x40 [ 11.231954] kasan_save_alloc_info+0x3b/0x50 [ 11.232257] __kasan_krealloc+0x190/0x1f0 [ 11.232493] krealloc_noprof+0xf3/0x340 [ 11.232852] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.233021] krealloc_less_oob+0x1c/0x30 [ 11.233174] kunit_try_run_case+0x1a5/0x480 [ 11.233564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.233840] kthread+0x337/0x6f0 [ 11.234009] ret_from_fork+0x116/0x1d0 [ 11.234392] ret_from_fork_asm+0x1a/0x30 [ 11.234557] [ 11.234630] The buggy address belongs to the object at ffff888100a33400 [ 11.234630] which belongs to the cache kmalloc-256 of size 256 [ 11.235164] The buggy address is located 33 bytes to the right of [ 11.235164] allocated 201-byte region [ffff888100a33400, ffff888100a334c9) [ 11.235745] [ 11.235847] The buggy address belongs to the physical page: [ 11.236038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a32 [ 11.236296] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.236861] flags: 0x200000000000040(head|node=0|zone=2) [ 11.237293] page_type: f5(slab) [ 11.237425] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.237667] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.238007] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.238575] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.238923] head: 0200000000000001 ffffea0004028c81 00000000ffffffff 00000000ffffffff [ 11.239380] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.239724] page dumped because: kasan: bad access detected [ 11.239962] [ 11.240239] Memory state around the buggy address: [ 11.240460] ffff888100a33380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.240763] ffff888100a33400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.241043] >ffff888100a33480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.241426] ^ [ 11.241709] ffff888100a33500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.242001] ffff888100a33580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.242470] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 11.096693] ================================================================== [ 11.097057] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.097527] Write of size 1 at addr ffff8881003410f0 by task kunit_try_catch/173 [ 11.097777] [ 11.097861] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.097899] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.097911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.097930] Call Trace: [ 11.097943] <TASK> [ 11.097955] dump_stack_lvl+0x73/0xb0 [ 11.097981] print_report+0xd1/0x650 [ 11.098002] ? __virt_addr_valid+0x1db/0x2d0 [ 11.098037] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.098110] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.098133] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.098155] kasan_report+0x141/0x180 [ 11.098177] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.098204] __asan_report_store1_noabort+0x1b/0x30 [ 11.098224] krealloc_more_oob_helper+0x7eb/0x930 [ 11.098245] ? __schedule+0x10cc/0x2b60 [ 11.098266] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.098290] ? finish_task_switch.isra.0+0x153/0x700 [ 11.098310] ? __switch_to+0x47/0xf50 [ 11.098334] ? __schedule+0x10cc/0x2b60 [ 11.098354] ? __pfx_read_tsc+0x10/0x10 [ 11.098377] krealloc_more_oob+0x1c/0x30 [ 11.098397] kunit_try_run_case+0x1a5/0x480 [ 11.098420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.098441] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.098461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.098482] ? __kthread_parkme+0x82/0x180 [ 11.098501] ? preempt_count_sub+0x50/0x80 [ 11.098522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.098544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.098565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.098587] kthread+0x337/0x6f0 [ 11.098605] ? trace_preempt_on+0x20/0xc0 [ 11.098627] ? __pfx_kthread+0x10/0x10 [ 11.098646] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.098666] ? calculate_sigpending+0x7b/0xa0 [ 11.098688] ? __pfx_kthread+0x10/0x10 [ 11.098709] ret_from_fork+0x116/0x1d0 [ 11.098726] ? __pfx_kthread+0x10/0x10 [ 11.098745] ret_from_fork_asm+0x1a/0x30 [ 11.098773] </TASK> [ 11.098784] [ 11.106728] Allocated by task 173: [ 11.107060] kasan_save_stack+0x45/0x70 [ 11.107501] kasan_save_track+0x18/0x40 [ 11.107905] kasan_save_alloc_info+0x3b/0x50 [ 11.108167] __kasan_krealloc+0x190/0x1f0 [ 11.108307] krealloc_noprof+0xf3/0x340 [ 11.108440] krealloc_more_oob_helper+0x1a9/0x930 [ 11.108595] krealloc_more_oob+0x1c/0x30 [ 11.108731] kunit_try_run_case+0x1a5/0x480 [ 11.108873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.109403] kthread+0x337/0x6f0 [ 11.109589] ret_from_fork+0x116/0x1d0 [ 11.109784] ret_from_fork_asm+0x1a/0x30 [ 11.109984] [ 11.110193] The buggy address belongs to the object at ffff888100341000 [ 11.110193] which belongs to the cache kmalloc-256 of size 256 [ 11.110750] The buggy address is located 5 bytes to the right of [ 11.110750] allocated 235-byte region [ffff888100341000, ffff8881003410eb) [ 11.111423] [ 11.111500] The buggy address belongs to the physical page: [ 11.111679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 11.112040] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.112615] flags: 0x200000000000040(head|node=0|zone=2) [ 11.112792] page_type: f5(slab) [ 11.112910] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.113426] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.113940] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.114344] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.114579] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 11.114809] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.115539] page dumped because: kasan: bad access detected [ 11.116459] [ 11.116648] Memory state around the buggy address: [ 11.117382] ffff888100340f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.118246] ffff888100341000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.119103] >ffff888100341080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.119975] ^ [ 11.120790] ffff888100341100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.121580] ffff888100341180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.121807] ================================================================== [ 11.075181] ================================================================== [ 11.075619] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.075939] Write of size 1 at addr ffff8881003410eb by task kunit_try_catch/173 [ 11.076298] [ 11.076391] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.076433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.076445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.076465] Call Trace: [ 11.076476] <TASK> [ 11.076492] dump_stack_lvl+0x73/0xb0 [ 11.076520] print_report+0xd1/0x650 [ 11.076541] ? __virt_addr_valid+0x1db/0x2d0 [ 11.076563] ? krealloc_more_oob_helper+0x821/0x930 [ 11.076585] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.076605] ? krealloc_more_oob_helper+0x821/0x930 [ 11.076628] kasan_report+0x141/0x180 [ 11.076648] ? krealloc_more_oob_helper+0x821/0x930 [ 11.076676] __asan_report_store1_noabort+0x1b/0x30 [ 11.076696] krealloc_more_oob_helper+0x821/0x930 [ 11.076719] ? __schedule+0x10cc/0x2b60 [ 11.076742] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.076766] ? finish_task_switch.isra.0+0x153/0x700 [ 11.076788] ? __switch_to+0x47/0xf50 [ 11.076813] ? __schedule+0x10cc/0x2b60 [ 11.076833] ? __pfx_read_tsc+0x10/0x10 [ 11.076857] krealloc_more_oob+0x1c/0x30 [ 11.076877] kunit_try_run_case+0x1a5/0x480 [ 11.076902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.076923] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.076946] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.076969] ? __kthread_parkme+0x82/0x180 [ 11.076989] ? preempt_count_sub+0x50/0x80 [ 11.077010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.077044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.077066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.077088] kthread+0x337/0x6f0 [ 11.077106] ? trace_preempt_on+0x20/0xc0 [ 11.077129] ? __pfx_kthread+0x10/0x10 [ 11.077159] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.077178] ? calculate_sigpending+0x7b/0xa0 [ 11.077202] ? __pfx_kthread+0x10/0x10 [ 11.077222] ret_from_fork+0x116/0x1d0 [ 11.077239] ? __pfx_kthread+0x10/0x10 [ 11.077258] ret_from_fork_asm+0x1a/0x30 [ 11.077288] </TASK> [ 11.077299] [ 11.085657] Allocated by task 173: [ 11.085835] kasan_save_stack+0x45/0x70 [ 11.085985] kasan_save_track+0x18/0x40 [ 11.086183] kasan_save_alloc_info+0x3b/0x50 [ 11.086459] __kasan_krealloc+0x190/0x1f0 [ 11.086608] krealloc_noprof+0xf3/0x340 [ 11.086744] krealloc_more_oob_helper+0x1a9/0x930 [ 11.086970] krealloc_more_oob+0x1c/0x30 [ 11.087178] kunit_try_run_case+0x1a5/0x480 [ 11.087332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.087507] kthread+0x337/0x6f0 [ 11.087761] ret_from_fork+0x116/0x1d0 [ 11.087957] ret_from_fork_asm+0x1a/0x30 [ 11.088245] [ 11.088351] The buggy address belongs to the object at ffff888100341000 [ 11.088351] which belongs to the cache kmalloc-256 of size 256 [ 11.088871] The buggy address is located 0 bytes to the right of [ 11.088871] allocated 235-byte region [ffff888100341000, ffff8881003410eb) [ 11.089528] [ 11.089631] The buggy address belongs to the physical page: [ 11.089889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 11.090145] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.090373] flags: 0x200000000000040(head|node=0|zone=2) [ 11.090557] page_type: f5(slab) [ 11.090721] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.091074] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.091690] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.091929] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.092535] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 11.092930] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.093510] page dumped because: kasan: bad access detected [ 11.093746] [ 11.093829] Memory state around the buggy address: [ 11.094109] ffff888100340f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.094494] ffff888100341000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.094779] >ffff888100341080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.095002] ^ [ 11.095216] ffff888100341100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.095455] ffff888100341180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.095814] ================================================================== [ 11.267814] ================================================================== [ 11.268894] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.269752] Write of size 1 at addr ffff8881029ba0eb by task kunit_try_catch/177 [ 11.270417] [ 11.270536] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.270580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.270592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.270612] Call Trace: [ 11.270625] <TASK> [ 11.270639] dump_stack_lvl+0x73/0xb0 [ 11.270668] print_report+0xd1/0x650 [ 11.270691] ? __virt_addr_valid+0x1db/0x2d0 [ 11.270714] ? krealloc_more_oob_helper+0x821/0x930 [ 11.270736] ? kasan_addr_to_slab+0x11/0xa0 [ 11.270756] ? krealloc_more_oob_helper+0x821/0x930 [ 11.270779] kasan_report+0x141/0x180 [ 11.270800] ? krealloc_more_oob_helper+0x821/0x930 [ 11.270827] __asan_report_store1_noabort+0x1b/0x30 [ 11.270846] krealloc_more_oob_helper+0x821/0x930 [ 11.270867] ? __schedule+0x10cc/0x2b60 [ 11.270888] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.270910] ? finish_task_switch.isra.0+0x153/0x700 [ 11.270932] ? __switch_to+0x47/0xf50 [ 11.270957] ? __schedule+0x10cc/0x2b60 [ 11.270977] ? __pfx_read_tsc+0x10/0x10 [ 11.271000] krealloc_large_more_oob+0x1c/0x30 [ 11.271022] kunit_try_run_case+0x1a5/0x480 [ 11.271063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.271084] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.271106] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.271127] ? __kthread_parkme+0x82/0x180 [ 11.271147] ? preempt_count_sub+0x50/0x80 [ 11.271168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.271190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.271211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.271297] kthread+0x337/0x6f0 [ 11.271318] ? trace_preempt_on+0x20/0xc0 [ 11.271355] ? __pfx_kthread+0x10/0x10 [ 11.271375] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.271395] ? calculate_sigpending+0x7b/0xa0 [ 11.271417] ? __pfx_kthread+0x10/0x10 [ 11.271438] ret_from_fork+0x116/0x1d0 [ 11.271455] ? __pfx_kthread+0x10/0x10 [ 11.271475] ret_from_fork_asm+0x1a/0x30 [ 11.271504] </TASK> [ 11.271514] [ 11.284918] The buggy address belongs to the physical page: [ 11.285137] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b8 [ 11.285524] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.285910] flags: 0x200000000000040(head|node=0|zone=2) [ 11.286261] page_type: f8(unknown) [ 11.286392] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.286754] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.287114] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.287427] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.287802] head: 0200000000000002 ffffea00040a6e01 00000000ffffffff 00000000ffffffff [ 11.288288] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.288614] page dumped because: kasan: bad access detected [ 11.288850] [ 11.288950] Memory state around the buggy address: [ 11.289294] ffff8881029b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.289565] ffff8881029ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.289856] >ffff8881029ba080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.290247] ^ [ 11.290596] ffff8881029ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.290901] ffff8881029ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.291319] ================================================================== [ 11.292736] ================================================================== [ 11.293134] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.293482] Write of size 1 at addr ffff8881029ba0f0 by task kunit_try_catch/177 [ 11.293777] [ 11.293909] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.293948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.293960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.293979] Call Trace: [ 11.293993] <TASK> [ 11.294008] dump_stack_lvl+0x73/0xb0 [ 11.294091] print_report+0xd1/0x650 [ 11.294130] ? __virt_addr_valid+0x1db/0x2d0 [ 11.294151] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.294184] ? kasan_addr_to_slab+0x11/0xa0 [ 11.294204] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.294226] kasan_report+0x141/0x180 [ 11.294255] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.294282] __asan_report_store1_noabort+0x1b/0x30 [ 11.294301] krealloc_more_oob_helper+0x7eb/0x930 [ 11.294333] ? __schedule+0x10cc/0x2b60 [ 11.294353] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.294376] ? finish_task_switch.isra.0+0x153/0x700 [ 11.294396] ? __switch_to+0x47/0xf50 [ 11.294428] ? __schedule+0x10cc/0x2b60 [ 11.294448] ? __pfx_read_tsc+0x10/0x10 [ 11.294471] krealloc_large_more_oob+0x1c/0x30 [ 11.294502] kunit_try_run_case+0x1a5/0x480 [ 11.294525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.294546] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.294567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.294597] ? __kthread_parkme+0x82/0x180 [ 11.294617] ? preempt_count_sub+0x50/0x80 [ 11.294640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.294672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.294693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.294715] kthread+0x337/0x6f0 [ 11.294733] ? trace_preempt_on+0x20/0xc0 [ 11.294754] ? __pfx_kthread+0x10/0x10 [ 11.294773] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.294793] ? calculate_sigpending+0x7b/0xa0 [ 11.294815] ? __pfx_kthread+0x10/0x10 [ 11.294835] ret_from_fork+0x116/0x1d0 [ 11.294852] ? __pfx_kthread+0x10/0x10 [ 11.294871] ret_from_fork_asm+0x1a/0x30 [ 11.294900] </TASK> [ 11.294910] [ 11.303152] The buggy address belongs to the physical page: [ 11.303366] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b8 [ 11.303718] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.304302] flags: 0x200000000000040(head|node=0|zone=2) [ 11.304594] page_type: f8(unknown) [ 11.304788] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.305148] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.305444] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.305804] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.306098] head: 0200000000000002 ffffea00040a6e01 00000000ffffffff 00000000ffffffff [ 11.306469] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.306831] page dumped because: kasan: bad access detected [ 11.307156] [ 11.307257] Memory state around the buggy address: [ 11.307478] ffff8881029b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.307794] ffff8881029ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.308039] >ffff8881029ba080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.308420] ^ [ 11.308730] ffff8881029ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.309003] ffff8881029ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.309528] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 10.800499] ================================================================== [ 10.800925] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.802268] Read of size 1 at addr ffff8881027a105f by task kunit_try_catch/155 [ 10.803904] [ 10.804380] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.804431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.804443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.804466] Call Trace: [ 10.804479] <TASK> [ 10.804497] dump_stack_lvl+0x73/0xb0 [ 10.804528] print_report+0xd1/0x650 [ 10.804550] ? __virt_addr_valid+0x1db/0x2d0 [ 10.804573] ? kmalloc_oob_left+0x361/0x3c0 [ 10.804592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.804613] ? kmalloc_oob_left+0x361/0x3c0 [ 10.804633] kasan_report+0x141/0x180 [ 10.804654] ? kmalloc_oob_left+0x361/0x3c0 [ 10.804678] __asan_report_load1_noabort+0x18/0x20 [ 10.804702] kmalloc_oob_left+0x361/0x3c0 [ 10.804724] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.804746] ? __schedule+0x10cc/0x2b60 [ 10.804769] ? __pfx_read_tsc+0x10/0x10 [ 10.804789] ? ktime_get_ts64+0x86/0x230 [ 10.804813] kunit_try_run_case+0x1a5/0x480 [ 10.804836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.804857] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.804880] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.804902] ? __kthread_parkme+0x82/0x180 [ 10.804922] ? preempt_count_sub+0x50/0x80 [ 10.804944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.804966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.804988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.805009] kthread+0x337/0x6f0 [ 10.805040] ? trace_preempt_on+0x20/0xc0 [ 10.805064] ? __pfx_kthread+0x10/0x10 [ 10.805083] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.805103] ? calculate_sigpending+0x7b/0xa0 [ 10.805126] ? __pfx_kthread+0x10/0x10 [ 10.805146] ret_from_fork+0x116/0x1d0 [ 10.805163] ? __pfx_kthread+0x10/0x10 [ 10.805182] ret_from_fork_asm+0x1a/0x30 [ 10.805211] </TASK> [ 10.805222] [ 10.820588] Allocated by task 1: [ 10.820821] kasan_save_stack+0x45/0x70 [ 10.821469] kasan_save_track+0x18/0x40 [ 10.821940] kasan_save_alloc_info+0x3b/0x50 [ 10.822131] __kasan_kmalloc+0xb7/0xc0 [ 10.822736] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.823379] kvasprintf+0xc5/0x150 [ 10.823515] __kthread_create_on_node+0x18b/0x3a0 [ 10.823674] kthread_create_on_node+0xab/0xe0 [ 10.823823] create_worker+0x3e5/0x7b0 [ 10.823958] alloc_unbound_pwq+0x8ea/0xdb0 [ 10.824192] apply_wqattrs_prepare+0x332/0xd20 [ 10.824579] apply_workqueue_attrs_locked+0x4d/0xa0 [ 10.825296] alloc_workqueue+0xcc7/0x1ad0 [ 10.825601] latency_fsnotify_init+0x1b/0x50 [ 10.825823] do_one_initcall+0xd8/0x370 [ 10.826020] kernel_init_freeable+0x420/0x6f0 [ 10.826603] kernel_init+0x23/0x1e0 [ 10.826899] ret_from_fork+0x116/0x1d0 [ 10.827121] ret_from_fork_asm+0x1a/0x30 [ 10.827383] [ 10.827672] The buggy address belongs to the object at ffff8881027a1040 [ 10.827672] which belongs to the cache kmalloc-16 of size 16 [ 10.828357] The buggy address is located 18 bytes to the right of [ 10.828357] allocated 13-byte region [ffff8881027a1040, ffff8881027a104d) [ 10.828877] [ 10.828975] The buggy address belongs to the physical page: [ 10.829491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 10.829900] flags: 0x200000000000000(node=0|zone=2) [ 10.830312] page_type: f5(slab) [ 10.830528] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.831104] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.831942] page dumped because: kasan: bad access detected [ 10.832550] [ 10.832645] Memory state around the buggy address: [ 10.832864] ffff8881027a0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.833800] ffff8881027a0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.834728] >ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc 00 07 fc fc [ 10.835256] ^ [ 10.835992] ffff8881027a1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.836634] ffff8881027a1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.837297] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 10.714858] ================================================================== [ 10.715493] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.716447] Write of size 1 at addr ffff888102cbbd73 by task kunit_try_catch/153 [ 10.716800] [ 10.717855] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.718230] Tainted: [N]=TEST [ 10.718266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.718481] Call Trace: [ 10.718546] <TASK> [ 10.718702] dump_stack_lvl+0x73/0xb0 [ 10.718790] print_report+0xd1/0x650 [ 10.718818] ? __virt_addr_valid+0x1db/0x2d0 [ 10.718843] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.718863] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.718884] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.718905] kasan_report+0x141/0x180 [ 10.718926] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.718951] __asan_report_store1_noabort+0x1b/0x30 [ 10.718970] kmalloc_oob_right+0x6f0/0x7f0 [ 10.718992] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.719013] ? __schedule+0x10cc/0x2b60 [ 10.719063] ? __pfx_read_tsc+0x10/0x10 [ 10.719085] ? ktime_get_ts64+0x86/0x230 [ 10.719110] kunit_try_run_case+0x1a5/0x480 [ 10.719136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.719157] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.719180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.719201] ? __kthread_parkme+0x82/0x180 [ 10.719222] ? preempt_count_sub+0x50/0x80 [ 10.719246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.719268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.719289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.719311] kthread+0x337/0x6f0 [ 10.719329] ? trace_preempt_on+0x20/0xc0 [ 10.719352] ? __pfx_kthread+0x10/0x10 [ 10.719371] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.719391] ? calculate_sigpending+0x7b/0xa0 [ 10.719415] ? __pfx_kthread+0x10/0x10 [ 10.719435] ret_from_fork+0x116/0x1d0 [ 10.719452] ? __pfx_kthread+0x10/0x10 [ 10.719471] ret_from_fork_asm+0x1a/0x30 [ 10.719525] </TASK> [ 10.719590] [ 10.729853] Allocated by task 153: [ 10.730181] kasan_save_stack+0x45/0x70 [ 10.730395] kasan_save_track+0x18/0x40 [ 10.730583] kasan_save_alloc_info+0x3b/0x50 [ 10.730770] __kasan_kmalloc+0xb7/0xc0 [ 10.730904] __kmalloc_cache_noprof+0x189/0x420 [ 10.731077] kmalloc_oob_right+0xa9/0x7f0 [ 10.731216] kunit_try_run_case+0x1a5/0x480 [ 10.731433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.731680] kthread+0x337/0x6f0 [ 10.731890] ret_from_fork+0x116/0x1d0 [ 10.732035] ret_from_fork_asm+0x1a/0x30 [ 10.732208] [ 10.732326] The buggy address belongs to the object at ffff888102cbbd00 [ 10.732326] which belongs to the cache kmalloc-128 of size 128 [ 10.733426] The buggy address is located 0 bytes to the right of [ 10.733426] allocated 115-byte region [ffff888102cbbd00, ffff888102cbbd73) [ 10.733961] [ 10.734113] The buggy address belongs to the physical page: [ 10.734482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cbb [ 10.735088] flags: 0x200000000000000(node=0|zone=2) [ 10.735702] page_type: f5(slab) [ 10.736174] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.736710] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.737105] page dumped because: kasan: bad access detected [ 10.737371] [ 10.737451] Memory state around the buggy address: [ 10.737864] ffff888102cbbc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.738347] ffff888102cbbc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.738765] >ffff888102cbbd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.739070] ^ [ 10.739402] ffff888102cbbd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.739735] ffff888102cbbe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.740071] ================================================================== [ 10.741614] ================================================================== [ 10.741878] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.742395] Write of size 1 at addr ffff888102cbbd78 by task kunit_try_catch/153 [ 10.742672] [ 10.742759] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.742800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.742812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.742831] Call Trace: [ 10.742843] <TASK> [ 10.742857] dump_stack_lvl+0x73/0xb0 [ 10.742882] print_report+0xd1/0x650 [ 10.742903] ? __virt_addr_valid+0x1db/0x2d0 [ 10.742923] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.742943] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.742963] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.742984] kasan_report+0x141/0x180 [ 10.743004] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.743047] __asan_report_store1_noabort+0x1b/0x30 [ 10.743067] kmalloc_oob_right+0x6bd/0x7f0 [ 10.743088] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.743109] ? __schedule+0x10cc/0x2b60 [ 10.743130] ? __pfx_read_tsc+0x10/0x10 [ 10.743159] ? ktime_get_ts64+0x86/0x230 [ 10.743182] kunit_try_run_case+0x1a5/0x480 [ 10.743204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.743224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.743246] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.743267] ? __kthread_parkme+0x82/0x180 [ 10.743286] ? preempt_count_sub+0x50/0x80 [ 10.743307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.743329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.743350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.743372] kthread+0x337/0x6f0 [ 10.743390] ? trace_preempt_on+0x20/0xc0 [ 10.743412] ? __pfx_kthread+0x10/0x10 [ 10.743431] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.743450] ? calculate_sigpending+0x7b/0xa0 [ 10.743472] ? __pfx_kthread+0x10/0x10 [ 10.743493] ret_from_fork+0x116/0x1d0 [ 10.743509] ? __pfx_kthread+0x10/0x10 [ 10.743529] ret_from_fork_asm+0x1a/0x30 [ 10.743557] </TASK> [ 10.743568] [ 10.751882] Allocated by task 153: [ 10.752013] kasan_save_stack+0x45/0x70 [ 10.752295] kasan_save_track+0x18/0x40 [ 10.752675] kasan_save_alloc_info+0x3b/0x50 [ 10.752863] __kasan_kmalloc+0xb7/0xc0 [ 10.753057] __kmalloc_cache_noprof+0x189/0x420 [ 10.753292] kmalloc_oob_right+0xa9/0x7f0 [ 10.753432] kunit_try_run_case+0x1a5/0x480 [ 10.753793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.754109] kthread+0x337/0x6f0 [ 10.754297] ret_from_fork+0x116/0x1d0 [ 10.754543] ret_from_fork_asm+0x1a/0x30 [ 10.754712] [ 10.754782] The buggy address belongs to the object at ffff888102cbbd00 [ 10.754782] which belongs to the cache kmalloc-128 of size 128 [ 10.755273] The buggy address is located 5 bytes to the right of [ 10.755273] allocated 115-byte region [ffff888102cbbd00, ffff888102cbbd73) [ 10.755726] [ 10.755868] The buggy address belongs to the physical page: [ 10.756126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cbb [ 10.756449] flags: 0x200000000000000(node=0|zone=2) [ 10.756609] page_type: f5(slab) [ 10.756728] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.757490] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.757858] page dumped because: kasan: bad access detected [ 10.758168] [ 10.759095] Memory state around the buggy address: [ 10.759323] ffff888102cbbc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.759640] ffff888102cbbc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.759930] >ffff888102cbbd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.761444] ^ [ 10.762017] ffff888102cbbd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.762994] ffff888102cbbe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.763526] ================================================================== [ 10.764820] ================================================================== [ 10.766325] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.767486] Read of size 1 at addr ffff888102cbbd80 by task kunit_try_catch/153 [ 10.767746] [ 10.767831] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.767871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.767882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.767903] Call Trace: [ 10.767916] <TASK> [ 10.767930] dump_stack_lvl+0x73/0xb0 [ 10.767957] print_report+0xd1/0x650 [ 10.767979] ? __virt_addr_valid+0x1db/0x2d0 [ 10.768000] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.768020] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.768260] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.768282] kasan_report+0x141/0x180 [ 10.768304] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.768329] __asan_report_load1_noabort+0x18/0x20 [ 10.768352] kmalloc_oob_right+0x68a/0x7f0 [ 10.768604] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.768634] ? __schedule+0x10cc/0x2b60 [ 10.768655] ? __pfx_read_tsc+0x10/0x10 [ 10.768675] ? ktime_get_ts64+0x86/0x230 [ 10.768697] kunit_try_run_case+0x1a5/0x480 [ 10.768719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.768740] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.768761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.768782] ? __kthread_parkme+0x82/0x180 [ 10.768800] ? preempt_count_sub+0x50/0x80 [ 10.768822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.768844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.768866] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.768888] kthread+0x337/0x6f0 [ 10.768906] ? trace_preempt_on+0x20/0xc0 [ 10.768927] ? __pfx_kthread+0x10/0x10 [ 10.768946] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.768966] ? calculate_sigpending+0x7b/0xa0 [ 10.768989] ? __pfx_kthread+0x10/0x10 [ 10.769009] ret_from_fork+0x116/0x1d0 [ 10.769038] ? __pfx_kthread+0x10/0x10 [ 10.769059] ret_from_fork_asm+0x1a/0x30 [ 10.769088] </TASK> [ 10.769099] [ 10.784524] Allocated by task 153: [ 10.784967] kasan_save_stack+0x45/0x70 [ 10.785464] kasan_save_track+0x18/0x40 [ 10.785714] kasan_save_alloc_info+0x3b/0x50 [ 10.786227] __kasan_kmalloc+0xb7/0xc0 [ 10.786629] __kmalloc_cache_noprof+0x189/0x420 [ 10.786790] kmalloc_oob_right+0xa9/0x7f0 [ 10.786926] kunit_try_run_case+0x1a5/0x480 [ 10.787154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.788199] kthread+0x337/0x6f0 [ 10.788579] ret_from_fork+0x116/0x1d0 [ 10.788942] ret_from_fork_asm+0x1a/0x30 [ 10.789366] [ 10.789583] The buggy address belongs to the object at ffff888102cbbd00 [ 10.789583] which belongs to the cache kmalloc-128 of size 128 [ 10.790687] The buggy address is located 13 bytes to the right of [ 10.790687] allocated 115-byte region [ffff888102cbbd00, ffff888102cbbd73) [ 10.791751] [ 10.791946] The buggy address belongs to the physical page: [ 10.792341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cbb [ 10.792709] flags: 0x200000000000000(node=0|zone=2) [ 10.792905] page_type: f5(slab) [ 10.793365] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.794087] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.794393] page dumped because: kasan: bad access detected [ 10.794814] [ 10.794998] Memory state around the buggy address: [ 10.795530] ffff888102cbbc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.796020] ffff888102cbbd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.796445] >ffff888102cbbd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.796651] ^ [ 10.796761] ffff888102cbbe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.796965] ffff888102cbbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.797212] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 141.484693] WARNING: CPU: 0 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.485001] Modules linked in: [ 141.485246] CPU: 0 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 141.485917] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.486903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.487990] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.488798] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 80 cf 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.490448] RSP: 0000:ffff88810a78fc78 EFLAGS: 00010286 [ 141.490642] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.490858] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8d03275c [ 141.491183] RBP: ffff88810a78fca0 R08: 0000000000000000 R09: ffffed1020912460 [ 141.491915] R10: ffff888104892307 R11: 0000000000000000 R12: ffffffff8d032748 [ 141.492841] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810a78fd38 [ 141.493804] FS: 0000000000000000(0000) GS:ffff8881cc074000(0000) knlGS:0000000000000000 [ 141.494623] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.495119] CR2: 00007ffff7ffe000 CR3: 00000001208bc000 CR4: 00000000000006f0 [ 141.495567] DR0: ffffffff8f050440 DR1: ffffffff8f050441 DR2: ffffffff8f050442 [ 141.495786] DR3: ffffffff8f050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.495996] Call Trace: [ 141.496428] <TASK> [ 141.496664] drm_test_rect_calc_vscale+0x108/0x270 [ 141.497299] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.497795] ? __schedule+0x10cc/0x2b60 [ 141.498277] ? __pfx_read_tsc+0x10/0x10 [ 141.498674] ? ktime_get_ts64+0x86/0x230 [ 141.499140] kunit_try_run_case+0x1a5/0x480 [ 141.499386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.499551] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.499713] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.499880] ? __kthread_parkme+0x82/0x180 [ 141.500027] ? preempt_count_sub+0x50/0x80 [ 141.500620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.501169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.501668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.502308] kthread+0x337/0x6f0 [ 141.502656] ? trace_preempt_on+0x20/0xc0 [ 141.503048] ? __pfx_kthread+0x10/0x10 [ 141.503551] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.503875] ? calculate_sigpending+0x7b/0xa0 [ 141.504035] ? __pfx_kthread+0x10/0x10 [ 141.504706] ret_from_fork+0x116/0x1d0 [ 141.505126] ? __pfx_kthread+0x10/0x10 [ 141.505557] ret_from_fork_asm+0x1a/0x30 [ 141.505717] </TASK> [ 141.505811] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.510541] WARNING: CPU: 0 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.511641] Modules linked in: [ 141.512000] CPU: 0 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 141.512532] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.512718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.512982] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.513482] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 80 cf 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.515518] RSP: 0000:ffff888109d17c78 EFLAGS: 00010286 [ 141.516025] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.516982] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8d032794 [ 141.517497] RBP: ffff888109d17ca0 R08: 0000000000000000 R09: ffffed10202cfd80 [ 141.517717] R10: ffff88810167ec07 R11: 0000000000000000 R12: ffffffff8d032780 [ 141.517927] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888109d17d38 [ 141.518425] FS: 0000000000000000(0000) GS:ffff8881cc074000(0000) knlGS:0000000000000000 [ 141.519164] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.519760] CR2: 00007ffff7ffe000 CR3: 00000001208bc000 CR4: 00000000000006f0 [ 141.520427] DR0: ffffffff8f050440 DR1: ffffffff8f050441 DR2: ffffffff8f050442 [ 141.521189] DR3: ffffffff8f050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.521805] Call Trace: [ 141.521911] <TASK> [ 141.522009] drm_test_rect_calc_vscale+0x108/0x270 [ 141.522630] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.523434] ? __schedule+0x10cc/0x2b60 [ 141.523822] ? __pfx_read_tsc+0x10/0x10 [ 141.524274] ? ktime_get_ts64+0x86/0x230 [ 141.524428] kunit_try_run_case+0x1a5/0x480 [ 141.524581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.524742] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.524901] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.525119] ? __kthread_parkme+0x82/0x180 [ 141.525298] ? preempt_count_sub+0x50/0x80 [ 141.525445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.525840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.526227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.526441] kthread+0x337/0x6f0 [ 141.526617] ? trace_preempt_on+0x20/0xc0 [ 141.526848] ? __pfx_kthread+0x10/0x10 [ 141.526993] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.527331] ? calculate_sigpending+0x7b/0xa0 [ 141.527487] ? __pfx_kthread+0x10/0x10 [ 141.527829] ret_from_fork+0x116/0x1d0 [ 141.528019] ? __pfx_kthread+0x10/0x10 [ 141.528313] ret_from_fork_asm+0x1a/0x30 [ 141.528562] </TASK> [ 141.528678] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 141.446364] WARNING: CPU: 1 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.446882] Modules linked in: [ 141.447035] CPU: 1 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 141.448445] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.449296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.449899] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.450445] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.451952] RSP: 0000:ffff88810a467c78 EFLAGS: 00010286 [ 141.452916] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.453670] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8d032798 [ 141.454665] RBP: ffff88810a467ca0 R08: 0000000000000000 R09: ffffed10202cfca0 [ 141.455440] R10: ffff88810167e507 R11: 0000000000000000 R12: ffffffff8d032780 [ 141.455660] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810a467d38 [ 141.455874] FS: 0000000000000000(0000) GS:ffff8881cc174000(0000) knlGS:0000000000000000 [ 141.456137] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.456378] CR2: ffff88815a912000 CR3: 00000001208bc000 CR4: 00000000000006f0 [ 141.456660] DR0: ffffffff8f050440 DR1: ffffffff8f050441 DR2: ffffffff8f050443 [ 141.456956] DR3: ffffffff8f050445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.457839] Call Trace: [ 141.458300] <TASK> [ 141.458670] drm_test_rect_calc_hscale+0x108/0x270 [ 141.459375] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.459950] ? __schedule+0x10cc/0x2b60 [ 141.460569] ? __pfx_read_tsc+0x10/0x10 [ 141.461034] ? ktime_get_ts64+0x86/0x230 [ 141.461606] kunit_try_run_case+0x1a5/0x480 [ 141.462209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.462740] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.463424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.463971] ? __kthread_parkme+0x82/0x180 [ 141.464656] ? preempt_count_sub+0x50/0x80 [ 141.464981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.465727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.466323] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.466782] kthread+0x337/0x6f0 [ 141.466915] ? trace_preempt_on+0x20/0xc0 [ 141.467167] ? __pfx_kthread+0x10/0x10 [ 141.467726] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.468252] ? calculate_sigpending+0x7b/0xa0 [ 141.468728] ? __pfx_kthread+0x10/0x10 [ 141.469170] ret_from_fork+0x116/0x1d0 [ 141.469556] ? __pfx_kthread+0x10/0x10 [ 141.469847] ret_from_fork_asm+0x1a/0x30 [ 141.470002] </TASK> [ 141.470160] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.424140] WARNING: CPU: 0 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.424638] Modules linked in: [ 141.424850] CPU: 0 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 141.426275] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.426534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.427043] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.427487] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.428384] RSP: 0000:ffff88810a7b7c78 EFLAGS: 00010286 [ 141.428857] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.429476] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8d032760 [ 141.429767] RBP: ffff88810a7b7ca0 R08: 0000000000000000 R09: ffffed1020911da0 [ 141.430056] R10: ffff88810488ed07 R11: 0000000000000000 R12: ffffffff8d032748 [ 141.430672] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810a7b7d38 [ 141.431063] FS: 0000000000000000(0000) GS:ffff8881cc074000(0000) knlGS:0000000000000000 [ 141.431626] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.431986] CR2: 00007ffff7ffe000 CR3: 00000001208bc000 CR4: 00000000000006f0 [ 141.432734] DR0: ffffffff8f050440 DR1: ffffffff8f050441 DR2: ffffffff8f050442 [ 141.433295] DR3: ffffffff8f050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.433667] Call Trace: [ 141.433813] <TASK> [ 141.433949] drm_test_rect_calc_hscale+0x108/0x270 [ 141.434507] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.434834] ? __schedule+0x10cc/0x2b60 [ 141.435409] ? __pfx_read_tsc+0x10/0x10 [ 141.435616] ? ktime_get_ts64+0x86/0x230 [ 141.435798] kunit_try_run_case+0x1a5/0x480 [ 141.436002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.436793] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.437034] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.437535] ? __kthread_parkme+0x82/0x180 [ 141.437884] ? preempt_count_sub+0x50/0x80 [ 141.438346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.438700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.439049] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.439668] kthread+0x337/0x6f0 [ 141.439855] ? trace_preempt_on+0x20/0xc0 [ 141.440504] ? __pfx_kthread+0x10/0x10 [ 141.440729] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.440961] ? calculate_sigpending+0x7b/0xa0 [ 141.441484] ? __pfx_kthread+0x10/0x10 [ 141.441800] ret_from_fork+0x116/0x1d0 [ 141.442201] ? __pfx_kthread+0x10/0x10 [ 141.442393] ret_from_fork_asm+0x1a/0x30 [ 141.442609] </TASK> [ 141.442728] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.546002] ================================================================== [ 48.546400] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 48.546400] [ 48.546809] Use-after-free read at 0x(____ptrval____) (in kfence-#136): [ 48.547063] test_krealloc+0x6fc/0xbe0 [ 48.547236] kunit_try_run_case+0x1a5/0x480 [ 48.547477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.547661] kthread+0x337/0x6f0 [ 48.547851] ret_from_fork+0x116/0x1d0 [ 48.548036] ret_from_fork_asm+0x1a/0x30 [ 48.548182] [ 48.548272] kfence-#136: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 48.548272] [ 48.548824] allocated by task 354 on cpu 1 at 48.545368s (0.003454s ago): [ 48.549051] test_alloc+0x364/0x10f0 [ 48.549237] test_krealloc+0xad/0xbe0 [ 48.549428] kunit_try_run_case+0x1a5/0x480 [ 48.549611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.549836] kthread+0x337/0x6f0 [ 48.549959] ret_from_fork+0x116/0x1d0 [ 48.550147] ret_from_fork_asm+0x1a/0x30 [ 48.550362] [ 48.550455] freed by task 354 on cpu 1 at 48.545636s (0.004817s ago): [ 48.550735] krealloc_noprof+0x108/0x340 [ 48.550916] test_krealloc+0x226/0xbe0 [ 48.551092] kunit_try_run_case+0x1a5/0x480 [ 48.551276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.551528] kthread+0x337/0x6f0 [ 48.551702] ret_from_fork+0x116/0x1d0 [ 48.551887] ret_from_fork_asm+0x1a/0x30 [ 48.552067] [ 48.552188] CPU: 1 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 48.552626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.552814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.553172] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.463221] ================================================================== [ 48.464107] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.464107] [ 48.464825] Use-after-free read at 0x(____ptrval____) (in kfence-#135): [ 48.465042] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.465220] kunit_try_run_case+0x1a5/0x480 [ 48.465392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.465748] kthread+0x337/0x6f0 [ 48.465888] ret_from_fork+0x116/0x1d0 [ 48.466077] ret_from_fork_asm+0x1a/0x30 [ 48.466241] [ 48.466352] kfence-#135: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 48.466352] [ 48.466786] allocated by task 352 on cpu 0 at 48.442392s (0.024391s ago): [ 48.467016] test_alloc+0x2a6/0x10f0 [ 48.467169] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 48.467431] kunit_try_run_case+0x1a5/0x480 [ 48.467640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.467831] kthread+0x337/0x6f0 [ 48.468404] ret_from_fork+0x116/0x1d0 [ 48.468620] ret_from_fork_asm+0x1a/0x30 [ 48.468806] [ 48.469274] freed by task 352 on cpu 0 at 48.442494s (0.026777s ago): [ 48.469676] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 48.469909] kunit_try_run_case+0x1a5/0x480 [ 48.470112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.470366] kthread+0x337/0x6f0 [ 48.470859] ret_from_fork+0x116/0x1d0 [ 48.471163] ret_from_fork_asm+0x1a/0x30 [ 48.471334] [ 48.471475] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 48.471987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.472150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.472474] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.179419] ================================================================== [ 23.180055] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.180055] [ 23.180569] Invalid read at 0x(____ptrval____): [ 23.180795] test_invalid_access+0xf0/0x210 [ 23.180992] kunit_try_run_case+0x1a5/0x480 [ 23.181157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.182320] kthread+0x337/0x6f0 [ 23.182607] ret_from_fork+0x116/0x1d0 [ 23.182897] ret_from_fork_asm+0x1a/0x30 [ 23.183294] [ 23.183433] CPU: 1 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 23.184034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.184353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.184782] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 22.961663] ================================================================== [ 22.962172] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.962172] [ 22.962548] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#130): [ 22.963116] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.963344] kunit_try_run_case+0x1a5/0x480 [ 22.963602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.963849] kthread+0x337/0x6f0 [ 22.963979] ret_from_fork+0x116/0x1d0 [ 22.964166] ret_from_fork_asm+0x1a/0x30 [ 22.964367] [ 22.964467] kfence-#130: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.964467] [ 22.964836] allocated by task 342 on cpu 0 at 22.961404s (0.003430s ago): [ 22.965155] test_alloc+0x364/0x10f0 [ 22.965359] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 22.965577] kunit_try_run_case+0x1a5/0x480 [ 22.965788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.965992] kthread+0x337/0x6f0 [ 22.966176] ret_from_fork+0x116/0x1d0 [ 22.966334] ret_from_fork_asm+0x1a/0x30 [ 22.966473] [ 22.966545] freed by task 342 on cpu 0 at 22.961544s (0.004999s ago): [ 22.966821] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.967072] kunit_try_run_case+0x1a5/0x480 [ 22.967280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.967454] kthread+0x337/0x6f0 [ 22.967574] ret_from_fork+0x116/0x1d0 [ 22.967777] ret_from_fork_asm+0x1a/0x30 [ 22.967978] [ 22.968109] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 22.968650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.968805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.969254] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 22.545661] ================================================================== [ 22.546082] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.546082] [ 22.546531] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#126): [ 22.546879] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.547108] kunit_try_run_case+0x1a5/0x480 [ 22.547328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.547602] kthread+0x337/0x6f0 [ 22.547749] ret_from_fork+0x116/0x1d0 [ 22.547974] ret_from_fork_asm+0x1a/0x30 [ 22.548193] [ 22.548278] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.548278] [ 22.548717] allocated by task 340 on cpu 1 at 22.545433s (0.003282s ago): [ 22.548998] test_alloc+0x364/0x10f0 [ 22.549219] test_kmalloc_aligned_oob_read+0x105/0x560 [ 22.549522] kunit_try_run_case+0x1a5/0x480 [ 22.549725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.549944] kthread+0x337/0x6f0 [ 22.550098] ret_from_fork+0x116/0x1d0 [ 22.550230] ret_from_fork_asm+0x1a/0x30 [ 22.550401] [ 22.550548] CPU: 1 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 22.551080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.551299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.551678] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 17.761640] ================================================================== [ 17.762147] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 17.762147] [ 17.762496] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#80): [ 17.763179] test_corruption+0x2d2/0x3e0 [ 17.763405] kunit_try_run_case+0x1a5/0x480 [ 17.763619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.763818] kthread+0x337/0x6f0 [ 17.763977] ret_from_fork+0x116/0x1d0 [ 17.764214] ret_from_fork_asm+0x1a/0x30 [ 17.764383] [ 17.764459] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.764459] [ 17.764878] allocated by task 328 on cpu 0 at 17.761404s (0.003472s ago): [ 17.765163] test_alloc+0x364/0x10f0 [ 17.765334] test_corruption+0xe6/0x3e0 [ 17.765475] kunit_try_run_case+0x1a5/0x480 [ 17.765686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.765926] kthread+0x337/0x6f0 [ 17.766093] ret_from_fork+0x116/0x1d0 [ 17.766272] ret_from_fork_asm+0x1a/0x30 [ 17.766416] [ 17.766488] freed by task 328 on cpu 0 at 17.761489s (0.004997s ago): [ 17.766792] test_corruption+0x2d2/0x3e0 [ 17.766986] kunit_try_run_case+0x1a5/0x480 [ 17.767202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.767450] kthread+0x337/0x6f0 [ 17.767580] ret_from_fork+0x116/0x1d0 [ 17.767773] ret_from_fork_asm+0x1a/0x30 [ 17.767978] [ 17.768107] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.768605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.768803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.769168] ================================================================== [ 17.969515] ================================================================== [ 17.969901] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 17.969901] [ 17.970313] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#82): [ 17.970902] test_corruption+0x131/0x3e0 [ 17.971063] kunit_try_run_case+0x1a5/0x480 [ 17.971468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.971732] kthread+0x337/0x6f0 [ 17.971892] ret_from_fork+0x116/0x1d0 [ 17.972040] ret_from_fork_asm+0x1a/0x30 [ 17.972221] [ 17.972331] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.972331] [ 17.972741] allocated by task 330 on cpu 0 at 17.969393s (0.003347s ago): [ 17.973013] test_alloc+0x2a6/0x10f0 [ 17.973208] test_corruption+0xe6/0x3e0 [ 17.973358] kunit_try_run_case+0x1a5/0x480 [ 17.973506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.973758] kthread+0x337/0x6f0 [ 17.973907] ret_from_fork+0x116/0x1d0 [ 17.974048] ret_from_fork_asm+0x1a/0x30 [ 17.974357] [ 17.974436] freed by task 330 on cpu 0 at 17.969448s (0.004985s ago): [ 17.974715] test_corruption+0x131/0x3e0 [ 17.974902] kunit_try_run_case+0x1a5/0x480 [ 17.975063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.975372] kthread+0x337/0x6f0 [ 17.975545] ret_from_fork+0x116/0x1d0 [ 17.975711] ret_from_fork_asm+0x1a/0x30 [ 17.975881] [ 17.975979] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.976382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.976586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.977058] ================================================================== [ 18.073550] ================================================================== [ 18.073931] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 18.073931] [ 18.074352] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#83): [ 18.074734] test_corruption+0x216/0x3e0 [ 18.074892] kunit_try_run_case+0x1a5/0x480 [ 18.075052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.075528] kthread+0x337/0x6f0 [ 18.075705] ret_from_fork+0x116/0x1d0 [ 18.075841] ret_from_fork_asm+0x1a/0x30 [ 18.076041] [ 18.076142] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.076142] [ 18.076565] allocated by task 330 on cpu 0 at 18.073421s (0.003142s ago): [ 18.076856] test_alloc+0x2a6/0x10f0 [ 18.076988] test_corruption+0x1cb/0x3e0 [ 18.077139] kunit_try_run_case+0x1a5/0x480 [ 18.077287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.077547] kthread+0x337/0x6f0 [ 18.077723] ret_from_fork+0x116/0x1d0 [ 18.077922] ret_from_fork_asm+0x1a/0x30 [ 18.078272] [ 18.078354] freed by task 330 on cpu 0 at 18.073482s (0.004870s ago): [ 18.078618] test_corruption+0x216/0x3e0 [ 18.078758] kunit_try_run_case+0x1a5/0x480 [ 18.078973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.079244] kthread+0x337/0x6f0 [ 18.079457] ret_from_fork+0x116/0x1d0 [ 18.079638] ret_from_fork_asm+0x1a/0x30 [ 18.079892] [ 18.080008] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.080485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.080625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.080919] ================================================================== [ 17.865622] ================================================================== [ 17.865997] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 17.865997] [ 17.866425] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#81): [ 17.866788] test_corruption+0x2df/0x3e0 [ 17.866995] kunit_try_run_case+0x1a5/0x480 [ 17.867206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.867486] kthread+0x337/0x6f0 [ 17.867719] ret_from_fork+0x116/0x1d0 [ 17.867866] ret_from_fork_asm+0x1a/0x30 [ 17.868080] [ 17.868173] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.868173] [ 17.868518] allocated by task 328 on cpu 0 at 17.865391s (0.003126s ago): [ 17.868836] test_alloc+0x364/0x10f0 [ 17.869026] test_corruption+0x1cb/0x3e0 [ 17.869234] kunit_try_run_case+0x1a5/0x480 [ 17.869432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.869635] kthread+0x337/0x6f0 [ 17.869757] ret_from_fork+0x116/0x1d0 [ 17.869924] ret_from_fork_asm+0x1a/0x30 [ 17.870132] [ 17.870223] freed by task 328 on cpu 0 at 17.865475s (0.004745s ago): [ 17.870523] test_corruption+0x2df/0x3e0 [ 17.870663] kunit_try_run_case+0x1a5/0x480 [ 17.870853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.871124] kthread+0x337/0x6f0 [ 17.871306] ret_from_fork+0x116/0x1d0 [ 17.871500] ret_from_fork_asm+0x1a/0x30 [ 17.871675] [ 17.871797] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.872292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.872471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.872824] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 17.657536] ================================================================== [ 17.657912] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 17.657912] [ 17.658310] Invalid free of 0x(____ptrval____) (in kfence-#79): [ 17.658588] test_invalid_addr_free+0xfb/0x260 [ 17.658798] kunit_try_run_case+0x1a5/0x480 [ 17.659000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.659289] kthread+0x337/0x6f0 [ 17.659440] ret_from_fork+0x116/0x1d0 [ 17.659637] ret_from_fork_asm+0x1a/0x30 [ 17.659800] [ 17.659876] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.659876] [ 17.660289] allocated by task 326 on cpu 1 at 17.657422s (0.002865s ago): [ 17.660627] test_alloc+0x2a6/0x10f0 [ 17.660795] test_invalid_addr_free+0xdb/0x260 [ 17.661005] kunit_try_run_case+0x1a5/0x480 [ 17.661271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.661462] kthread+0x337/0x6f0 [ 17.661583] ret_from_fork+0x116/0x1d0 [ 17.661769] ret_from_fork_asm+0x1a/0x30 [ 17.661964] [ 17.662093] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.662560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.662746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.663122] ================================================================== [ 17.553508] ================================================================== [ 17.553947] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 17.553947] [ 17.554366] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 17.554646] test_invalid_addr_free+0x1e1/0x260 [ 17.554825] kunit_try_run_case+0x1a5/0x480 [ 17.555053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.555824] kthread+0x337/0x6f0 [ 17.556095] ret_from_fork+0x116/0x1d0 [ 17.556305] ret_from_fork_asm+0x1a/0x30 [ 17.556497] [ 17.556609] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.556609] [ 17.556996] allocated by task 324 on cpu 0 at 17.553392s (0.003602s ago): [ 17.557619] test_alloc+0x364/0x10f0 [ 17.557779] test_invalid_addr_free+0xdb/0x260 [ 17.558125] kunit_try_run_case+0x1a5/0x480 [ 17.558314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.558679] kthread+0x337/0x6f0 [ 17.558920] ret_from_fork+0x116/0x1d0 [ 17.559088] ret_from_fork_asm+0x1a/0x30 [ 17.559298] [ 17.559645] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.560195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.560386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.560883] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 17.449550] ================================================================== [ 17.449941] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 17.449941] [ 17.450352] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 17.450697] test_double_free+0x112/0x260 [ 17.450888] kunit_try_run_case+0x1a5/0x480 [ 17.451045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.451296] kthread+0x337/0x6f0 [ 17.451576] ret_from_fork+0x116/0x1d0 [ 17.451797] ret_from_fork_asm+0x1a/0x30 [ 17.451975] [ 17.452085] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.452085] [ 17.452505] allocated by task 322 on cpu 1 at 17.449401s (0.003102s ago): [ 17.452809] test_alloc+0x2a6/0x10f0 [ 17.452998] test_double_free+0xdb/0x260 [ 17.453216] kunit_try_run_case+0x1a5/0x480 [ 17.453461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.453659] kthread+0x337/0x6f0 [ 17.453779] ret_from_fork+0x116/0x1d0 [ 17.453970] ret_from_fork_asm+0x1a/0x30 [ 17.454218] [ 17.454319] freed by task 322 on cpu 1 at 17.449451s (0.004867s ago): [ 17.454632] test_double_free+0xfa/0x260 [ 17.454807] kunit_try_run_case+0x1a5/0x480 [ 17.455039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.455338] kthread+0x337/0x6f0 [ 17.455504] ret_from_fork+0x116/0x1d0 [ 17.455728] ret_from_fork_asm+0x1a/0x30 [ 17.455922] [ 17.456050] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.456432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.456582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.457005] ================================================================== [ 17.345639] ================================================================== [ 17.346070] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 17.346070] [ 17.346447] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 17.346781] test_double_free+0x1d3/0x260 [ 17.346930] kunit_try_run_case+0x1a5/0x480 [ 17.347096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.347616] kthread+0x337/0x6f0 [ 17.347793] ret_from_fork+0x116/0x1d0 [ 17.348004] ret_from_fork_asm+0x1a/0x30 [ 17.348204] [ 17.348349] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.348349] [ 17.348783] allocated by task 320 on cpu 1 at 17.345397s (0.003384s ago): [ 17.349126] test_alloc+0x364/0x10f0 [ 17.349283] test_double_free+0xdb/0x260 [ 17.349420] kunit_try_run_case+0x1a5/0x480 [ 17.349600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.349867] kthread+0x337/0x6f0 [ 17.350065] ret_from_fork+0x116/0x1d0 [ 17.350324] ret_from_fork_asm+0x1a/0x30 [ 17.350535] [ 17.350620] freed by task 320 on cpu 1 at 17.345459s (0.005159s ago): [ 17.350913] test_double_free+0x1e0/0x260 [ 17.351129] kunit_try_run_case+0x1a5/0x480 [ 17.351364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.351531] kthread+0x337/0x6f0 [ 17.351895] ret_from_fork+0x116/0x1d0 [ 17.352093] ret_from_fork_asm+0x1a/0x30 [ 17.352252] [ 17.352399] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.352867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.353054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.353476] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.033460] ================================================================== [ 17.033851] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.033851] [ 17.034458] Use-after-free read at 0x(____ptrval____) (in kfence-#73): [ 17.034754] test_use_after_free_read+0x129/0x270 [ 17.034919] kunit_try_run_case+0x1a5/0x480 [ 17.035125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.035433] kthread+0x337/0x6f0 [ 17.035611] ret_from_fork+0x116/0x1d0 [ 17.035826] ret_from_fork_asm+0x1a/0x30 [ 17.036002] [ 17.036118] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.036118] [ 17.036444] allocated by task 314 on cpu 0 at 17.033321s (0.003120s ago): [ 17.036674] test_alloc+0x2a6/0x10f0 [ 17.036878] test_use_after_free_read+0xdc/0x270 [ 17.037128] kunit_try_run_case+0x1a5/0x480 [ 17.037378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.037606] kthread+0x337/0x6f0 [ 17.037766] ret_from_fork+0x116/0x1d0 [ 17.037925] ret_from_fork_asm+0x1a/0x30 [ 17.038082] [ 17.038197] freed by task 314 on cpu 0 at 17.033379s (0.004816s ago): [ 17.038661] test_use_after_free_read+0xfb/0x270 [ 17.038884] kunit_try_run_case+0x1a5/0x480 [ 17.039089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.039359] kthread+0x337/0x6f0 [ 17.039525] ret_from_fork+0x116/0x1d0 [ 17.039705] ret_from_fork_asm+0x1a/0x30 [ 17.039895] [ 17.040000] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.040695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.040919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.041355] ================================================================== [ 16.929626] ================================================================== [ 16.930103] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.930103] [ 16.930534] Use-after-free read at 0x(____ptrval____) (in kfence-#72): [ 16.930804] test_use_after_free_read+0x129/0x270 [ 16.931055] kunit_try_run_case+0x1a5/0x480 [ 16.931676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.932123] kthread+0x337/0x6f0 [ 16.932361] ret_from_fork+0x116/0x1d0 [ 16.932553] ret_from_fork_asm+0x1a/0x30 [ 16.932850] [ 16.932948] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.932948] [ 16.933472] allocated by task 312 on cpu 1 at 16.929392s (0.004078s ago): [ 16.933874] test_alloc+0x364/0x10f0 [ 16.934063] test_use_after_free_read+0xdc/0x270 [ 16.934449] kunit_try_run_case+0x1a5/0x480 [ 16.934737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.934950] kthread+0x337/0x6f0 [ 16.935288] ret_from_fork+0x116/0x1d0 [ 16.935454] ret_from_fork_asm+0x1a/0x30 [ 16.935664] [ 16.935869] freed by task 312 on cpu 1 at 16.929465s (0.006321s ago): [ 16.936477] test_use_after_free_read+0x1e7/0x270 [ 16.936706] kunit_try_run_case+0x1a5/0x480 [ 16.936984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.937225] kthread+0x337/0x6f0 [ 16.937540] ret_from_fork+0x116/0x1d0 [ 16.937702] ret_from_fork_asm+0x1a/0x30 [ 16.938026] [ 16.938248] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.938719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.938909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.939519] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 16.825398] ================================================================== [ 16.825816] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.825816] [ 16.826415] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#71): [ 16.826686] test_out_of_bounds_write+0x10d/0x260 [ 16.826863] kunit_try_run_case+0x1a5/0x480 [ 16.827098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.827414] kthread+0x337/0x6f0 [ 16.827542] ret_from_fork+0x116/0x1d0 [ 16.827743] ret_from_fork_asm+0x1a/0x30 [ 16.827953] [ 16.828064] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.828064] [ 16.828400] allocated by task 310 on cpu 0 at 16.825338s (0.003060s ago): [ 16.828681] test_alloc+0x2a6/0x10f0 [ 16.828872] test_out_of_bounds_write+0xd4/0x260 [ 16.829112] kunit_try_run_case+0x1a5/0x480 [ 16.829357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.829563] kthread+0x337/0x6f0 [ 16.829728] ret_from_fork+0x116/0x1d0 [ 16.829903] ret_from_fork_asm+0x1a/0x30 [ 16.830113] [ 16.830252] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.830664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.830859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.831258] ================================================================== [ 16.409505] ================================================================== [ 16.409914] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.409914] [ 16.410387] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#67): [ 16.410705] test_out_of_bounds_write+0x10d/0x260 [ 16.410920] kunit_try_run_case+0x1a5/0x480 [ 16.411135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.411375] kthread+0x337/0x6f0 [ 16.411513] ret_from_fork+0x116/0x1d0 [ 16.411703] ret_from_fork_asm+0x1a/0x30 [ 16.411889] [ 16.411978] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.411978] [ 16.412393] allocated by task 308 on cpu 0 at 16.409384s (0.003006s ago): [ 16.412681] test_alloc+0x364/0x10f0 [ 16.412857] test_out_of_bounds_write+0xd4/0x260 [ 16.413077] kunit_try_run_case+0x1a5/0x480 [ 16.413229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.413507] kthread+0x337/0x6f0 [ 16.413656] ret_from_fork+0x116/0x1d0 [ 16.413830] ret_from_fork_asm+0x1a/0x30 [ 16.414004] [ 16.414135] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.414597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.414772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.415053] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 15.785534] ================================================================== [ 15.785916] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.785916] [ 15.786418] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#61): [ 15.786686] test_out_of_bounds_read+0x216/0x4e0 [ 15.786926] kunit_try_run_case+0x1a5/0x480 [ 15.787143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.787369] kthread+0x337/0x6f0 [ 15.787544] ret_from_fork+0x116/0x1d0 [ 15.787727] ret_from_fork_asm+0x1a/0x30 [ 15.787871] [ 15.787976] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.787976] [ 15.788503] allocated by task 304 on cpu 1 at 15.785363s (0.003139s ago): [ 15.788776] test_alloc+0x364/0x10f0 [ 15.788963] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.789244] kunit_try_run_case+0x1a5/0x480 [ 15.789427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.789650] kthread+0x337/0x6f0 [ 15.789814] ret_from_fork+0x116/0x1d0 [ 15.789977] ret_from_fork_asm+0x1a/0x30 [ 15.790136] [ 15.790234] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.790679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.790882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.791227] ================================================================== [ 15.993452] ================================================================== [ 15.993865] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.993865] [ 15.994414] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#63): [ 15.994724] test_out_of_bounds_read+0x126/0x4e0 [ 15.994952] kunit_try_run_case+0x1a5/0x480 [ 15.995614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.995858] kthread+0x337/0x6f0 [ 15.996312] ret_from_fork+0x116/0x1d0 [ 15.996488] ret_from_fork_asm+0x1a/0x30 [ 15.996873] [ 15.997001] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.997001] [ 15.997555] allocated by task 306 on cpu 0 at 15.993389s (0.004164s ago): [ 15.998141] test_alloc+0x2a6/0x10f0 [ 15.998331] test_out_of_bounds_read+0xed/0x4e0 [ 15.998536] kunit_try_run_case+0x1a5/0x480 [ 15.998744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.999222] kthread+0x337/0x6f0 [ 15.999493] ret_from_fork+0x116/0x1d0 [ 15.999678] ret_from_fork_asm+0x1a/0x30 [ 15.999975] [ 16.000118] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.000700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.000873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.001546] ================================================================== [ 15.682295] ================================================================== [ 15.682736] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.682736] [ 15.683203] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#60): [ 15.683623] test_out_of_bounds_read+0x126/0x4e0 [ 15.683830] kunit_try_run_case+0x1a5/0x480 [ 15.684059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.684291] kthread+0x337/0x6f0 [ 15.684493] ret_from_fork+0x116/0x1d0 [ 15.684674] ret_from_fork_asm+0x1a/0x30 [ 15.684854] [ 15.685079] kfence-#60: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.685079] [ 15.685762] allocated by task 304 on cpu 1 at 15.681290s (0.004417s ago): [ 15.686515] test_alloc+0x364/0x10f0 [ 15.686695] test_out_of_bounds_read+0xed/0x4e0 [ 15.686854] kunit_try_run_case+0x1a5/0x480 [ 15.687080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.687340] kthread+0x337/0x6f0 [ 15.687520] ret_from_fork+0x116/0x1d0 [ 15.687655] ret_from_fork_asm+0x1a/0x30 [ 15.687895] [ 15.688057] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.688630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.688806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.689162] ================================================================== [ 16.097465] ================================================================== [ 16.097967] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.097967] [ 16.098592] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#64): [ 16.098900] test_out_of_bounds_read+0x216/0x4e0 [ 16.099135] kunit_try_run_case+0x1a5/0x480 [ 16.099758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.099973] kthread+0x337/0x6f0 [ 16.100165] ret_from_fork+0x116/0x1d0 [ 16.100349] ret_from_fork_asm+0x1a/0x30 [ 16.100574] [ 16.100675] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.100675] [ 16.101003] allocated by task 306 on cpu 0 at 16.097413s (0.003588s ago): [ 16.101443] test_alloc+0x2a6/0x10f0 [ 16.101585] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.101805] kunit_try_run_case+0x1a5/0x480 [ 16.101967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.102236] kthread+0x337/0x6f0 [ 16.102430] ret_from_fork+0x116/0x1d0 [ 16.102596] ret_from_fork_asm+0x1a/0x30 [ 16.102743] [ 16.102865] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.103329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.103475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.103861] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 15.430925] ================================================================== [ 15.431897] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 15.432566] Write of size 121 at addr ffff888103917500 by task kunit_try_catch/302 [ 15.432905] [ 15.433015] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.433068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.433081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.433103] Call Trace: [ 15.433117] <TASK> [ 15.433132] dump_stack_lvl+0x73/0xb0 [ 15.433161] print_report+0xd1/0x650 [ 15.433184] ? __virt_addr_valid+0x1db/0x2d0 [ 15.433206] ? strncpy_from_user+0x2e/0x1d0 [ 15.433229] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.433252] ? strncpy_from_user+0x2e/0x1d0 [ 15.433298] kasan_report+0x141/0x180 [ 15.433321] ? strncpy_from_user+0x2e/0x1d0 [ 15.433349] kasan_check_range+0x10c/0x1c0 [ 15.433384] __kasan_check_write+0x18/0x20 [ 15.433404] strncpy_from_user+0x2e/0x1d0 [ 15.433425] ? __kasan_check_read+0x15/0x20 [ 15.433447] copy_user_test_oob+0x760/0x10f0 [ 15.433473] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.433498] ? finish_task_switch.isra.0+0x153/0x700 [ 15.433521] ? __switch_to+0x47/0xf50 [ 15.433546] ? __schedule+0x10cc/0x2b60 [ 15.433569] ? __pfx_read_tsc+0x10/0x10 [ 15.433590] ? ktime_get_ts64+0x86/0x230 [ 15.433614] kunit_try_run_case+0x1a5/0x480 [ 15.433638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.433662] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.433687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.433710] ? __kthread_parkme+0x82/0x180 [ 15.433731] ? preempt_count_sub+0x50/0x80 [ 15.433754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.433778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.433802] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.433826] kthread+0x337/0x6f0 [ 15.433846] ? trace_preempt_on+0x20/0xc0 [ 15.433870] ? __pfx_kthread+0x10/0x10 [ 15.433891] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.433912] ? calculate_sigpending+0x7b/0xa0 [ 15.433936] ? __pfx_kthread+0x10/0x10 [ 15.433958] ret_from_fork+0x116/0x1d0 [ 15.433977] ? __pfx_kthread+0x10/0x10 [ 15.433997] ret_from_fork_asm+0x1a/0x30 [ 15.434038] </TASK> [ 15.434049] [ 15.441717] Allocated by task 302: [ 15.441893] kasan_save_stack+0x45/0x70 [ 15.442112] kasan_save_track+0x18/0x40 [ 15.442338] kasan_save_alloc_info+0x3b/0x50 [ 15.442560] __kasan_kmalloc+0xb7/0xc0 [ 15.442751] __kmalloc_noprof+0x1c9/0x500 [ 15.442943] kunit_kmalloc_array+0x25/0x60 [ 15.443182] copy_user_test_oob+0xab/0x10f0 [ 15.443377] kunit_try_run_case+0x1a5/0x480 [ 15.443587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.443815] kthread+0x337/0x6f0 [ 15.443992] ret_from_fork+0x116/0x1d0 [ 15.444193] ret_from_fork_asm+0x1a/0x30 [ 15.444381] [ 15.444474] The buggy address belongs to the object at ffff888103917500 [ 15.444474] which belongs to the cache kmalloc-128 of size 128 [ 15.444973] The buggy address is located 0 bytes inside of [ 15.444973] allocated 120-byte region [ffff888103917500, ffff888103917578) [ 15.445560] [ 15.445634] The buggy address belongs to the physical page: [ 15.445890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103917 [ 15.446290] flags: 0x200000000000000(node=0|zone=2) [ 15.446508] page_type: f5(slab) [ 15.446674] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.447058] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.447368] page dumped because: kasan: bad access detected [ 15.447622] [ 15.447724] Memory state around the buggy address: [ 15.447897] ffff888103917400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.448124] ffff888103917480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.448339] >ffff888103917500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.448585] ^ [ 15.448951] ffff888103917580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449395] ffff888103917600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449657] ================================================================== [ 15.450150] ================================================================== [ 15.450529] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 15.451074] Write of size 1 at addr ffff888103917578 by task kunit_try_catch/302 [ 15.451786] [ 15.451913] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.451955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.451980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.452008] Call Trace: [ 15.452022] <TASK> [ 15.452054] dump_stack_lvl+0x73/0xb0 [ 15.452091] print_report+0xd1/0x650 [ 15.452115] ? __virt_addr_valid+0x1db/0x2d0 [ 15.452138] ? strncpy_from_user+0x1a5/0x1d0 [ 15.452172] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.452196] ? strncpy_from_user+0x1a5/0x1d0 [ 15.452219] kasan_report+0x141/0x180 [ 15.452242] ? strncpy_from_user+0x1a5/0x1d0 [ 15.452270] __asan_report_store1_noabort+0x1b/0x30 [ 15.452291] strncpy_from_user+0x1a5/0x1d0 [ 15.452317] copy_user_test_oob+0x760/0x10f0 [ 15.452343] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.452367] ? finish_task_switch.isra.0+0x153/0x700 [ 15.452398] ? __switch_to+0x47/0xf50 [ 15.452423] ? __schedule+0x10cc/0x2b60 [ 15.452445] ? __pfx_read_tsc+0x10/0x10 [ 15.452476] ? ktime_get_ts64+0x86/0x230 [ 15.452500] kunit_try_run_case+0x1a5/0x480 [ 15.452525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.452557] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.452580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.452603] ? __kthread_parkme+0x82/0x180 [ 15.452635] ? preempt_count_sub+0x50/0x80 [ 15.452658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.452682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.452706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.452730] kthread+0x337/0x6f0 [ 15.452750] ? trace_preempt_on+0x20/0xc0 [ 15.452774] ? __pfx_kthread+0x10/0x10 [ 15.452794] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.452815] ? calculate_sigpending+0x7b/0xa0 [ 15.452839] ? __pfx_kthread+0x10/0x10 [ 15.452860] ret_from_fork+0x116/0x1d0 [ 15.452879] ? __pfx_kthread+0x10/0x10 [ 15.452900] ret_from_fork_asm+0x1a/0x30 [ 15.452931] </TASK> [ 15.452952] [ 15.460691] Allocated by task 302: [ 15.460858] kasan_save_stack+0x45/0x70 [ 15.461057] kasan_save_track+0x18/0x40 [ 15.461302] kasan_save_alloc_info+0x3b/0x50 [ 15.461475] __kasan_kmalloc+0xb7/0xc0 [ 15.461633] __kmalloc_noprof+0x1c9/0x500 [ 15.461832] kunit_kmalloc_array+0x25/0x60 [ 15.462066] copy_user_test_oob+0xab/0x10f0 [ 15.462281] kunit_try_run_case+0x1a5/0x480 [ 15.462480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.462723] kthread+0x337/0x6f0 [ 15.462901] ret_from_fork+0x116/0x1d0 [ 15.463082] ret_from_fork_asm+0x1a/0x30 [ 15.463360] [ 15.463465] The buggy address belongs to the object at ffff888103917500 [ 15.463465] which belongs to the cache kmalloc-128 of size 128 [ 15.463969] The buggy address is located 0 bytes to the right of [ 15.463969] allocated 120-byte region [ffff888103917500, ffff888103917578) [ 15.464372] [ 15.464446] The buggy address belongs to the physical page: [ 15.464620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103917 [ 15.464860] flags: 0x200000000000000(node=0|zone=2) [ 15.465060] page_type: f5(slab) [ 15.465354] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.465692] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.466023] page dumped because: kasan: bad access detected [ 15.466471] [ 15.466568] Memory state around the buggy address: [ 15.466786] ffff888103917400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.467008] ffff888103917480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.467477] >ffff888103917500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.467826] ^ [ 15.468201] ffff888103917580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.468521] ffff888103917600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.468843] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 15.371428] ================================================================== [ 15.371920] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 15.372358] Read of size 121 at addr ffff888103917500 by task kunit_try_catch/302 [ 15.372598] [ 15.372683] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.372724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.372736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.372757] Call Trace: [ 15.372771] <TASK> [ 15.372787] dump_stack_lvl+0x73/0xb0 [ 15.372813] print_report+0xd1/0x650 [ 15.372836] ? __virt_addr_valid+0x1db/0x2d0 [ 15.372859] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.372883] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.372905] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.372929] kasan_report+0x141/0x180 [ 15.372952] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.372980] kasan_check_range+0x10c/0x1c0 [ 15.373004] __kasan_check_read+0x15/0x20 [ 15.373368] copy_user_test_oob+0x4aa/0x10f0 [ 15.373395] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.373424] ? finish_task_switch.isra.0+0x153/0x700 [ 15.373448] ? __switch_to+0x47/0xf50 [ 15.373473] ? __schedule+0x10cc/0x2b60 [ 15.373496] ? __pfx_read_tsc+0x10/0x10 [ 15.373517] ? ktime_get_ts64+0x86/0x230 [ 15.373541] kunit_try_run_case+0x1a5/0x480 [ 15.373565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.373588] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.373620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.373644] ? __kthread_parkme+0x82/0x180 [ 15.373665] ? preempt_count_sub+0x50/0x80 [ 15.373688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.373713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.373736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.373760] kthread+0x337/0x6f0 [ 15.373779] ? trace_preempt_on+0x20/0xc0 [ 15.373812] ? __pfx_kthread+0x10/0x10 [ 15.373834] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.373855] ? calculate_sigpending+0x7b/0xa0 [ 15.373890] ? __pfx_kthread+0x10/0x10 [ 15.373913] ret_from_fork+0x116/0x1d0 [ 15.373932] ? __pfx_kthread+0x10/0x10 [ 15.373952] ret_from_fork_asm+0x1a/0x30 [ 15.373983] </TASK> [ 15.373996] [ 15.381965] Allocated by task 302: [ 15.382147] kasan_save_stack+0x45/0x70 [ 15.382373] kasan_save_track+0x18/0x40 [ 15.382575] kasan_save_alloc_info+0x3b/0x50 [ 15.382746] __kasan_kmalloc+0xb7/0xc0 [ 15.382881] __kmalloc_noprof+0x1c9/0x500 [ 15.383025] kunit_kmalloc_array+0x25/0x60 [ 15.383247] copy_user_test_oob+0xab/0x10f0 [ 15.383480] kunit_try_run_case+0x1a5/0x480 [ 15.383685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.384059] kthread+0x337/0x6f0 [ 15.384248] ret_from_fork+0x116/0x1d0 [ 15.384436] ret_from_fork_asm+0x1a/0x30 [ 15.384578] [ 15.384650] The buggy address belongs to the object at ffff888103917500 [ 15.384650] which belongs to the cache kmalloc-128 of size 128 [ 15.385289] The buggy address is located 0 bytes inside of [ 15.385289] allocated 120-byte region [ffff888103917500, ffff888103917578) [ 15.385782] [ 15.385882] The buggy address belongs to the physical page: [ 15.386130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103917 [ 15.386424] flags: 0x200000000000000(node=0|zone=2) [ 15.386633] page_type: f5(slab) [ 15.386816] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.387142] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.387481] page dumped because: kasan: bad access detected [ 15.387733] [ 15.387833] Memory state around the buggy address: [ 15.388059] ffff888103917400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.388299] ffff888103917480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.388516] >ffff888103917500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.388731] ^ [ 15.388943] ffff888103917580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.389258] ffff888103917600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.389606] ================================================================== [ 15.408668] ================================================================== [ 15.409008] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 15.409439] Read of size 121 at addr ffff888103917500 by task kunit_try_catch/302 [ 15.409766] [ 15.409876] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.409918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.409931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.409963] Call Trace: [ 15.409979] <TASK> [ 15.409995] dump_stack_lvl+0x73/0xb0 [ 15.410038] print_report+0xd1/0x650 [ 15.410061] ? __virt_addr_valid+0x1db/0x2d0 [ 15.410084] ? copy_user_test_oob+0x604/0x10f0 [ 15.410118] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.410141] ? copy_user_test_oob+0x604/0x10f0 [ 15.410172] kasan_report+0x141/0x180 [ 15.410195] ? copy_user_test_oob+0x604/0x10f0 [ 15.410232] kasan_check_range+0x10c/0x1c0 [ 15.410256] __kasan_check_read+0x15/0x20 [ 15.410276] copy_user_test_oob+0x604/0x10f0 [ 15.410312] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.410335] ? finish_task_switch.isra.0+0x153/0x700 [ 15.410357] ? __switch_to+0x47/0xf50 [ 15.410383] ? __schedule+0x10cc/0x2b60 [ 15.410405] ? __pfx_read_tsc+0x10/0x10 [ 15.410425] ? ktime_get_ts64+0x86/0x230 [ 15.410449] kunit_try_run_case+0x1a5/0x480 [ 15.410473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.410496] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.410520] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.410553] ? __kthread_parkme+0x82/0x180 [ 15.410573] ? preempt_count_sub+0x50/0x80 [ 15.410597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.410633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.410657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.410682] kthread+0x337/0x6f0 [ 15.410713] ? trace_preempt_on+0x20/0xc0 [ 15.410737] ? __pfx_kthread+0x10/0x10 [ 15.410758] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.410792] ? calculate_sigpending+0x7b/0xa0 [ 15.410816] ? __pfx_kthread+0x10/0x10 [ 15.410838] ret_from_fork+0x116/0x1d0 [ 15.410867] ? __pfx_kthread+0x10/0x10 [ 15.410887] ret_from_fork_asm+0x1a/0x30 [ 15.410918] </TASK> [ 15.410929] [ 15.418537] Allocated by task 302: [ 15.418675] kasan_save_stack+0x45/0x70 [ 15.418824] kasan_save_track+0x18/0x40 [ 15.418960] kasan_save_alloc_info+0x3b/0x50 [ 15.419123] __kasan_kmalloc+0xb7/0xc0 [ 15.419256] __kmalloc_noprof+0x1c9/0x500 [ 15.419396] kunit_kmalloc_array+0x25/0x60 [ 15.419539] copy_user_test_oob+0xab/0x10f0 [ 15.419685] kunit_try_run_case+0x1a5/0x480 [ 15.419830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.420006] kthread+0x337/0x6f0 [ 15.420615] ret_from_fork+0x116/0x1d0 [ 15.420962] ret_from_fork_asm+0x1a/0x30 [ 15.421494] [ 15.421607] The buggy address belongs to the object at ffff888103917500 [ 15.421607] which belongs to the cache kmalloc-128 of size 128 [ 15.422448] The buggy address is located 0 bytes inside of [ 15.422448] allocated 120-byte region [ffff888103917500, ffff888103917578) [ 15.423083] [ 15.423182] The buggy address belongs to the physical page: [ 15.423866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103917 [ 15.424375] flags: 0x200000000000000(node=0|zone=2) [ 15.424603] page_type: f5(slab) [ 15.424728] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.424962] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.425849] page dumped because: kasan: bad access detected [ 15.426142] [ 15.426402] Memory state around the buggy address: [ 15.426628] ffff888103917400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.426917] ffff888103917480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.427547] >ffff888103917500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.428014] ^ [ 15.428650] ffff888103917580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.429317] ffff888103917600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.429774] ================================================================== [ 15.353016] ================================================================== [ 15.353407] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 15.353735] Write of size 121 at addr ffff888103917500 by task kunit_try_catch/302 [ 15.354010] [ 15.354108] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.354162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.354175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.354208] Call Trace: [ 15.354221] <TASK> [ 15.354236] dump_stack_lvl+0x73/0xb0 [ 15.354264] print_report+0xd1/0x650 [ 15.354288] ? __virt_addr_valid+0x1db/0x2d0 [ 15.354321] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.354345] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.354368] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.354392] kasan_report+0x141/0x180 [ 15.354425] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.354454] kasan_check_range+0x10c/0x1c0 [ 15.354488] __kasan_check_write+0x18/0x20 [ 15.354518] copy_user_test_oob+0x3fd/0x10f0 [ 15.354543] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.354567] ? finish_task_switch.isra.0+0x153/0x700 [ 15.354600] ? __switch_to+0x47/0xf50 [ 15.354626] ? __schedule+0x10cc/0x2b60 [ 15.354648] ? __pfx_read_tsc+0x10/0x10 [ 15.354669] ? ktime_get_ts64+0x86/0x230 [ 15.354693] kunit_try_run_case+0x1a5/0x480 [ 15.354718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.354742] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.354765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.354789] ? __kthread_parkme+0x82/0x180 [ 15.354811] ? preempt_count_sub+0x50/0x80 [ 15.354835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.354859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.354882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.354907] kthread+0x337/0x6f0 [ 15.354928] ? trace_preempt_on+0x20/0xc0 [ 15.354953] ? __pfx_kthread+0x10/0x10 [ 15.354978] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.355001] ? calculate_sigpending+0x7b/0xa0 [ 15.355036] ? __pfx_kthread+0x10/0x10 [ 15.355058] ret_from_fork+0x116/0x1d0 [ 15.355083] ? __pfx_kthread+0x10/0x10 [ 15.355104] ret_from_fork_asm+0x1a/0x30 [ 15.355134] </TASK> [ 15.355145] [ 15.362711] Allocated by task 302: [ 15.362918] kasan_save_stack+0x45/0x70 [ 15.363129] kasan_save_track+0x18/0x40 [ 15.363318] kasan_save_alloc_info+0x3b/0x50 [ 15.363532] __kasan_kmalloc+0xb7/0xc0 [ 15.363688] __kmalloc_noprof+0x1c9/0x500 [ 15.363878] kunit_kmalloc_array+0x25/0x60 [ 15.364099] copy_user_test_oob+0xab/0x10f0 [ 15.364335] kunit_try_run_case+0x1a5/0x480 [ 15.364524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.364764] kthread+0x337/0x6f0 [ 15.364923] ret_from_fork+0x116/0x1d0 [ 15.365122] ret_from_fork_asm+0x1a/0x30 [ 15.365323] [ 15.365414] The buggy address belongs to the object at ffff888103917500 [ 15.365414] which belongs to the cache kmalloc-128 of size 128 [ 15.365937] The buggy address is located 0 bytes inside of [ 15.365937] allocated 120-byte region [ffff888103917500, ffff888103917578) [ 15.366491] [ 15.366592] The buggy address belongs to the physical page: [ 15.366786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103917 [ 15.367037] flags: 0x200000000000000(node=0|zone=2) [ 15.367209] page_type: f5(slab) [ 15.367343] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.367722] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.368071] page dumped because: kasan: bad access detected [ 15.368473] [ 15.368562] Memory state around the buggy address: [ 15.368776] ffff888103917400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.368994] ffff888103917480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.369326] >ffff888103917500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.369759] ^ [ 15.369971] ffff888103917580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.370610] ffff888103917600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.370890] ================================================================== [ 15.390144] ================================================================== [ 15.390447] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 15.390675] Write of size 121 at addr ffff888103917500 by task kunit_try_catch/302 [ 15.390903] [ 15.390987] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.391038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.391065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.391090] Call Trace: [ 15.391106] <TASK> [ 15.391121] dump_stack_lvl+0x73/0xb0 [ 15.391149] print_report+0xd1/0x650 [ 15.391173] ? __virt_addr_valid+0x1db/0x2d0 [ 15.391216] ? copy_user_test_oob+0x557/0x10f0 [ 15.391241] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.391263] ? copy_user_test_oob+0x557/0x10f0 [ 15.391300] kasan_report+0x141/0x180 [ 15.391323] ? copy_user_test_oob+0x557/0x10f0 [ 15.391351] kasan_check_range+0x10c/0x1c0 [ 15.391375] __kasan_check_write+0x18/0x20 [ 15.391395] copy_user_test_oob+0x557/0x10f0 [ 15.391422] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.391444] ? finish_task_switch.isra.0+0x153/0x700 [ 15.391467] ? __switch_to+0x47/0xf50 [ 15.391493] ? __schedule+0x10cc/0x2b60 [ 15.391515] ? __pfx_read_tsc+0x10/0x10 [ 15.391535] ? ktime_get_ts64+0x86/0x230 [ 15.391569] kunit_try_run_case+0x1a5/0x480 [ 15.391594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.391628] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.391651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.391675] ? __kthread_parkme+0x82/0x180 [ 15.391696] ? preempt_count_sub+0x50/0x80 [ 15.391728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.391753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.391776] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.391810] kthread+0x337/0x6f0 [ 15.391830] ? trace_preempt_on+0x20/0xc0 [ 15.391853] ? __pfx_kthread+0x10/0x10 [ 15.391883] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.391905] ? calculate_sigpending+0x7b/0xa0 [ 15.391929] ? __pfx_kthread+0x10/0x10 [ 15.391961] ret_from_fork+0x116/0x1d0 [ 15.391980] ? __pfx_kthread+0x10/0x10 [ 15.392001] ret_from_fork_asm+0x1a/0x30 [ 15.392047] </TASK> [ 15.392058] [ 15.400111] Allocated by task 302: [ 15.400345] kasan_save_stack+0x45/0x70 [ 15.400541] kasan_save_track+0x18/0x40 [ 15.400742] kasan_save_alloc_info+0x3b/0x50 [ 15.400944] __kasan_kmalloc+0xb7/0xc0 [ 15.401131] __kmalloc_noprof+0x1c9/0x500 [ 15.401307] kunit_kmalloc_array+0x25/0x60 [ 15.401531] copy_user_test_oob+0xab/0x10f0 [ 15.401686] kunit_try_run_case+0x1a5/0x480 [ 15.401831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.402006] kthread+0x337/0x6f0 [ 15.402136] ret_from_fork+0x116/0x1d0 [ 15.402267] ret_from_fork_asm+0x1a/0x30 [ 15.402407] [ 15.402554] The buggy address belongs to the object at ffff888103917500 [ 15.402554] which belongs to the cache kmalloc-128 of size 128 [ 15.403133] The buggy address is located 0 bytes inside of [ 15.403133] allocated 120-byte region [ffff888103917500, ffff888103917578) [ 15.403764] [ 15.403863] The buggy address belongs to the physical page: [ 15.404158] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103917 [ 15.404531] flags: 0x200000000000000(node=0|zone=2) [ 15.404693] page_type: f5(slab) [ 15.404812] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.405050] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.405372] page dumped because: kasan: bad access detected [ 15.405805] [ 15.405926] Memory state around the buggy address: [ 15.406160] ffff888103917400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.406488] ffff888103917480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.406867] >ffff888103917500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.407253] ^ [ 15.407496] ffff888103917580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.407714] ffff888103917600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.408018] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 15.330706] ================================================================== [ 15.331023] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 15.331397] Read of size 121 at addr ffff888103917500 by task kunit_try_catch/302 [ 15.331752] [ 15.331848] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.331892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.331905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.331928] Call Trace: [ 15.331945] <TASK> [ 15.331960] dump_stack_lvl+0x73/0xb0 [ 15.331997] print_report+0xd1/0x650 [ 15.332021] ? __virt_addr_valid+0x1db/0x2d0 [ 15.332062] ? _copy_to_user+0x3c/0x70 [ 15.332081] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.332104] ? _copy_to_user+0x3c/0x70 [ 15.332124] kasan_report+0x141/0x180 [ 15.332147] ? _copy_to_user+0x3c/0x70 [ 15.332171] kasan_check_range+0x10c/0x1c0 [ 15.332195] __kasan_check_read+0x15/0x20 [ 15.332214] _copy_to_user+0x3c/0x70 [ 15.332234] copy_user_test_oob+0x364/0x10f0 [ 15.332259] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.332302] ? finish_task_switch.isra.0+0x153/0x700 [ 15.332325] ? __switch_to+0x47/0xf50 [ 15.332361] ? __schedule+0x10cc/0x2b60 [ 15.332384] ? __pfx_read_tsc+0x10/0x10 [ 15.332406] ? ktime_get_ts64+0x86/0x230 [ 15.332430] kunit_try_run_case+0x1a5/0x480 [ 15.332454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.332477] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.332501] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.332524] ? __kthread_parkme+0x82/0x180 [ 15.332545] ? preempt_count_sub+0x50/0x80 [ 15.332569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.332593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.332617] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.332641] kthread+0x337/0x6f0 [ 15.332660] ? trace_preempt_on+0x20/0xc0 [ 15.332683] ? __pfx_kthread+0x10/0x10 [ 15.332704] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.332726] ? calculate_sigpending+0x7b/0xa0 [ 15.332750] ? __pfx_kthread+0x10/0x10 [ 15.332772] ret_from_fork+0x116/0x1d0 [ 15.332791] ? __pfx_kthread+0x10/0x10 [ 15.332812] ret_from_fork_asm+0x1a/0x30 [ 15.332843] </TASK> [ 15.332854] [ 15.340341] Allocated by task 302: [ 15.340543] kasan_save_stack+0x45/0x70 [ 15.340822] kasan_save_track+0x18/0x40 [ 15.341021] kasan_save_alloc_info+0x3b/0x50 [ 15.341293] __kasan_kmalloc+0xb7/0xc0 [ 15.341477] __kmalloc_noprof+0x1c9/0x500 [ 15.341630] kunit_kmalloc_array+0x25/0x60 [ 15.341838] copy_user_test_oob+0xab/0x10f0 [ 15.342054] kunit_try_run_case+0x1a5/0x480 [ 15.342290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.342541] kthread+0x337/0x6f0 [ 15.342704] ret_from_fork+0x116/0x1d0 [ 15.342895] ret_from_fork_asm+0x1a/0x30 [ 15.343108] [ 15.343210] The buggy address belongs to the object at ffff888103917500 [ 15.343210] which belongs to the cache kmalloc-128 of size 128 [ 15.343758] The buggy address is located 0 bytes inside of [ 15.343758] allocated 120-byte region [ffff888103917500, ffff888103917578) [ 15.344153] [ 15.344227] The buggy address belongs to the physical page: [ 15.344403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103917 [ 15.344815] flags: 0x200000000000000(node=0|zone=2) [ 15.345060] page_type: f5(slab) [ 15.345224] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.345794] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.346021] page dumped because: kasan: bad access detected [ 15.346204] [ 15.346297] Memory state around the buggy address: [ 15.346675] ffff888103917400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.347025] ffff888103917480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.347404] >ffff888103917500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.347670] ^ [ 15.348013] ffff888103917580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.348337] ffff888103917600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.348652] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 15.298344] ================================================================== [ 15.299648] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 15.300042] Write of size 121 at addr ffff888103917500 by task kunit_try_catch/302 [ 15.300574] [ 15.300776] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.300826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.300840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.300864] Call Trace: [ 15.300889] <TASK> [ 15.300909] dump_stack_lvl+0x73/0xb0 [ 15.300941] print_report+0xd1/0x650 [ 15.300979] ? __virt_addr_valid+0x1db/0x2d0 [ 15.301004] ? _copy_from_user+0x32/0x90 [ 15.301024] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.301058] ? _copy_from_user+0x32/0x90 [ 15.301078] kasan_report+0x141/0x180 [ 15.301101] ? _copy_from_user+0x32/0x90 [ 15.301126] kasan_check_range+0x10c/0x1c0 [ 15.301151] __kasan_check_write+0x18/0x20 [ 15.301179] _copy_from_user+0x32/0x90 [ 15.301201] copy_user_test_oob+0x2be/0x10f0 [ 15.301227] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.301250] ? finish_task_switch.isra.0+0x153/0x700 [ 15.301273] ? __switch_to+0x47/0xf50 [ 15.301300] ? __schedule+0x10cc/0x2b60 [ 15.301322] ? __pfx_read_tsc+0x10/0x10 [ 15.301344] ? ktime_get_ts64+0x86/0x230 [ 15.301371] kunit_try_run_case+0x1a5/0x480 [ 15.301395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.301418] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.301442] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.301465] ? __kthread_parkme+0x82/0x180 [ 15.301487] ? preempt_count_sub+0x50/0x80 [ 15.301510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.301535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.301558] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.301581] kthread+0x337/0x6f0 [ 15.301601] ? trace_preempt_on+0x20/0xc0 [ 15.301626] ? __pfx_kthread+0x10/0x10 [ 15.301647] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.301668] ? calculate_sigpending+0x7b/0xa0 [ 15.301693] ? __pfx_kthread+0x10/0x10 [ 15.301715] ret_from_fork+0x116/0x1d0 [ 15.301734] ? __pfx_kthread+0x10/0x10 [ 15.301755] ret_from_fork_asm+0x1a/0x30 [ 15.301786] </TASK> [ 15.301798] [ 15.313628] Allocated by task 302: [ 15.313962] kasan_save_stack+0x45/0x70 [ 15.314367] kasan_save_track+0x18/0x40 [ 15.314741] kasan_save_alloc_info+0x3b/0x50 [ 15.315149] __kasan_kmalloc+0xb7/0xc0 [ 15.315543] __kmalloc_noprof+0x1c9/0x500 [ 15.315925] kunit_kmalloc_array+0x25/0x60 [ 15.316331] copy_user_test_oob+0xab/0x10f0 [ 15.316728] kunit_try_run_case+0x1a5/0x480 [ 15.317043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.317238] kthread+0x337/0x6f0 [ 15.317575] ret_from_fork+0x116/0x1d0 [ 15.317866] ret_from_fork_asm+0x1a/0x30 [ 15.318167] [ 15.318245] The buggy address belongs to the object at ffff888103917500 [ 15.318245] which belongs to the cache kmalloc-128 of size 128 [ 15.318853] The buggy address is located 0 bytes inside of [ 15.318853] allocated 120-byte region [ffff888103917500, ffff888103917578) [ 15.319415] [ 15.319596] The buggy address belongs to the physical page: [ 15.320099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103917 [ 15.320919] flags: 0x200000000000000(node=0|zone=2) [ 15.321380] page_type: f5(slab) [ 15.321694] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.322393] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.322938] page dumped because: kasan: bad access detected [ 15.323132] [ 15.323310] Memory state around the buggy address: [ 15.323733] ffff888103917400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.324413] ffff888103917480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.325043] >ffff888103917500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.325403] ^ [ 15.326017] ffff888103917580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.326497] ffff888103917600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.327147] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 15.257922] ================================================================== [ 15.258267] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 15.259021] Write of size 8 at addr ffff8881030fbd78 by task kunit_try_catch/298 [ 15.259462] [ 15.259678] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.259728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.259742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.259858] Call Trace: [ 15.259877] <TASK> [ 15.259896] dump_stack_lvl+0x73/0xb0 [ 15.259927] print_report+0xd1/0x650 [ 15.259950] ? __virt_addr_valid+0x1db/0x2d0 [ 15.259974] ? copy_to_kernel_nofault+0x99/0x260 [ 15.259998] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.260021] ? copy_to_kernel_nofault+0x99/0x260 [ 15.260087] kasan_report+0x141/0x180 [ 15.260110] ? copy_to_kernel_nofault+0x99/0x260 [ 15.260138] kasan_check_range+0x10c/0x1c0 [ 15.260174] __kasan_check_write+0x18/0x20 [ 15.260194] copy_to_kernel_nofault+0x99/0x260 [ 15.260219] copy_to_kernel_nofault_oob+0x288/0x560 [ 15.260243] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.260267] ? finish_task_switch.isra.0+0x153/0x700 [ 15.260290] ? __schedule+0x10cc/0x2b60 [ 15.260312] ? trace_hardirqs_on+0x37/0xe0 [ 15.260343] ? __pfx_read_tsc+0x10/0x10 [ 15.260365] ? ktime_get_ts64+0x86/0x230 [ 15.260388] kunit_try_run_case+0x1a5/0x480 [ 15.260413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.260436] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.260460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.260485] ? __kthread_parkme+0x82/0x180 [ 15.260506] ? preempt_count_sub+0x50/0x80 [ 15.260530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.260554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.260578] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.260603] kthread+0x337/0x6f0 [ 15.260622] ? trace_preempt_on+0x20/0xc0 [ 15.260645] ? __pfx_kthread+0x10/0x10 [ 15.260665] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.260687] ? calculate_sigpending+0x7b/0xa0 [ 15.260713] ? __pfx_kthread+0x10/0x10 [ 15.260735] ret_from_fork+0x116/0x1d0 [ 15.260754] ? __pfx_kthread+0x10/0x10 [ 15.260775] ret_from_fork_asm+0x1a/0x30 [ 15.260805] </TASK> [ 15.260818] [ 15.275113] Allocated by task 298: [ 15.275329] kasan_save_stack+0x45/0x70 [ 15.275478] kasan_save_track+0x18/0x40 [ 15.276192] kasan_save_alloc_info+0x3b/0x50 [ 15.276495] __kasan_kmalloc+0xb7/0xc0 [ 15.276777] __kmalloc_cache_noprof+0x189/0x420 [ 15.276951] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.277589] kunit_try_run_case+0x1a5/0x480 [ 15.277791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.278002] kthread+0x337/0x6f0 [ 15.278230] ret_from_fork+0x116/0x1d0 [ 15.278591] ret_from_fork_asm+0x1a/0x30 [ 15.278790] [ 15.278883] The buggy address belongs to the object at ffff8881030fbd00 [ 15.278883] which belongs to the cache kmalloc-128 of size 128 [ 15.279680] The buggy address is located 0 bytes to the right of [ 15.279680] allocated 120-byte region [ffff8881030fbd00, ffff8881030fbd78) [ 15.280365] [ 15.280473] The buggy address belongs to the physical page: [ 15.280831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030fb [ 15.281448] flags: 0x200000000000000(node=0|zone=2) [ 15.281783] page_type: f5(slab) [ 15.282010] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.282445] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.282833] page dumped because: kasan: bad access detected [ 15.283086] [ 15.283278] Memory state around the buggy address: [ 15.283594] ffff8881030fbc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.283968] ffff8881030fbc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.284437] >ffff8881030fbd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.284825] ^ [ 15.285157] ffff8881030fbd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.285664] ffff8881030fbe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.285942] ================================================================== [ 15.223298] ================================================================== [ 15.224752] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 15.225457] Read of size 8 at addr ffff8881030fbd78 by task kunit_try_catch/298 [ 15.225685] [ 15.225780] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.225828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.225842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.225867] Call Trace: [ 15.225882] <TASK> [ 15.225899] dump_stack_lvl+0x73/0xb0 [ 15.225931] print_report+0xd1/0x650 [ 15.225957] ? __virt_addr_valid+0x1db/0x2d0 [ 15.225981] ? copy_to_kernel_nofault+0x225/0x260 [ 15.226005] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.226041] ? copy_to_kernel_nofault+0x225/0x260 [ 15.226066] kasan_report+0x141/0x180 [ 15.226088] ? copy_to_kernel_nofault+0x225/0x260 [ 15.226116] __asan_report_load8_noabort+0x18/0x20 [ 15.226141] copy_to_kernel_nofault+0x225/0x260 [ 15.226166] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 15.226190] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.226216] ? finish_task_switch.isra.0+0x153/0x700 [ 15.226240] ? __schedule+0x10cc/0x2b60 [ 15.226262] ? trace_hardirqs_on+0x37/0xe0 [ 15.226293] ? __pfx_read_tsc+0x10/0x10 [ 15.226316] ? ktime_get_ts64+0x86/0x230 [ 15.226342] kunit_try_run_case+0x1a5/0x480 [ 15.226368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.226390] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.226415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.226438] ? __kthread_parkme+0x82/0x180 [ 15.226459] ? preempt_count_sub+0x50/0x80 [ 15.226483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.226508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.226532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.226556] kthread+0x337/0x6f0 [ 15.226576] ? trace_preempt_on+0x20/0xc0 [ 15.226598] ? __pfx_kthread+0x10/0x10 [ 15.226619] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.226641] ? calculate_sigpending+0x7b/0xa0 [ 15.226666] ? __pfx_kthread+0x10/0x10 [ 15.226688] ret_from_fork+0x116/0x1d0 [ 15.226706] ? __pfx_kthread+0x10/0x10 [ 15.226727] ret_from_fork_asm+0x1a/0x30 [ 15.226758] </TASK> [ 15.226771] [ 15.246384] Allocated by task 298: [ 15.246828] kasan_save_stack+0x45/0x70 [ 15.246982] kasan_save_track+0x18/0x40 [ 15.247535] kasan_save_alloc_info+0x3b/0x50 [ 15.248205] __kasan_kmalloc+0xb7/0xc0 [ 15.248433] __kmalloc_cache_noprof+0x189/0x420 [ 15.248589] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.248747] kunit_try_run_case+0x1a5/0x480 [ 15.248888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.249085] kthread+0x337/0x6f0 [ 15.249260] ret_from_fork+0x116/0x1d0 [ 15.249452] ret_from_fork_asm+0x1a/0x30 [ 15.249667] [ 15.249783] The buggy address belongs to the object at ffff8881030fbd00 [ 15.249783] which belongs to the cache kmalloc-128 of size 128 [ 15.250484] The buggy address is located 0 bytes to the right of [ 15.250484] allocated 120-byte region [ffff8881030fbd00, ffff8881030fbd78) [ 15.251581] [ 15.251774] The buggy address belongs to the physical page: [ 15.252276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030fb [ 15.252705] flags: 0x200000000000000(node=0|zone=2) [ 15.252930] page_type: f5(slab) [ 15.253094] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.253585] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.253967] page dumped because: kasan: bad access detected [ 15.254284] [ 15.254393] Memory state around the buggy address: [ 15.254779] ffff8881030fbc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.255086] ffff8881030fbc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.255542] >ffff8881030fbd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.255944] ^ [ 15.256304] ffff8881030fbd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.256737] ffff8881030fbe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.257172] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.360217] ================================================================== [ 14.360791] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 14.361354] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.361596] [ 14.361694] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.361736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.361750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.361771] Call Trace: [ 14.361785] <TASK> [ 14.361802] dump_stack_lvl+0x73/0xb0 [ 14.361829] print_report+0xd1/0x650 [ 14.361853] ? __virt_addr_valid+0x1db/0x2d0 [ 14.361875] ? kasan_atomics_helper+0x1148/0x5450 [ 14.361896] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.361918] ? kasan_atomics_helper+0x1148/0x5450 [ 14.361940] kasan_report+0x141/0x180 [ 14.361963] ? kasan_atomics_helper+0x1148/0x5450 [ 14.361989] kasan_check_range+0x10c/0x1c0 [ 14.362013] __kasan_check_write+0x18/0x20 [ 14.362047] kasan_atomics_helper+0x1148/0x5450 [ 14.362125] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.362149] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.362174] ? kasan_atomics+0x152/0x310 [ 14.362202] kasan_atomics+0x1dc/0x310 [ 14.362224] ? __pfx_kasan_atomics+0x10/0x10 [ 14.362249] ? __pfx_read_tsc+0x10/0x10 [ 14.362271] ? ktime_get_ts64+0x86/0x230 [ 14.362295] kunit_try_run_case+0x1a5/0x480 [ 14.362319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.362341] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.362364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.362387] ? __kthread_parkme+0x82/0x180 [ 14.362408] ? preempt_count_sub+0x50/0x80 [ 14.362432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.362456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.362479] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.362502] kthread+0x337/0x6f0 [ 14.362522] ? trace_preempt_on+0x20/0xc0 [ 14.362546] ? __pfx_kthread+0x10/0x10 [ 14.362567] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.362588] ? calculate_sigpending+0x7b/0xa0 [ 14.362612] ? __pfx_kthread+0x10/0x10 [ 14.362634] ret_from_fork+0x116/0x1d0 [ 14.362653] ? __pfx_kthread+0x10/0x10 [ 14.362674] ret_from_fork_asm+0x1a/0x30 [ 14.362705] </TASK> [ 14.362716] [ 14.370913] Allocated by task 282: [ 14.371152] kasan_save_stack+0x45/0x70 [ 14.371332] kasan_save_track+0x18/0x40 [ 14.371496] kasan_save_alloc_info+0x3b/0x50 [ 14.371648] __kasan_kmalloc+0xb7/0xc0 [ 14.371802] __kmalloc_cache_noprof+0x189/0x420 [ 14.372025] kasan_atomics+0x95/0x310 [ 14.372370] kunit_try_run_case+0x1a5/0x480 [ 14.372527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.372705] kthread+0x337/0x6f0 [ 14.372827] ret_from_fork+0x116/0x1d0 [ 14.372996] ret_from_fork_asm+0x1a/0x30 [ 14.373553] [ 14.373681] The buggy address belongs to the object at ffff888103916a00 [ 14.373681] which belongs to the cache kmalloc-64 of size 64 [ 14.374218] The buggy address is located 0 bytes to the right of [ 14.374218] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.374585] [ 14.374688] The buggy address belongs to the physical page: [ 14.375363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.375662] flags: 0x200000000000000(node=0|zone=2) [ 14.375824] page_type: f5(slab) [ 14.375943] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.376623] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.377387] page dumped because: kasan: bad access detected [ 14.377568] [ 14.377663] Memory state around the buggy address: [ 14.377891] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.378319] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.378608] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.378882] ^ [ 14.379169] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.379418] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.379636] ================================================================== [ 14.225813] ================================================================== [ 14.226148] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 14.226475] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.226758] [ 14.226872] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.226915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.226928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.226949] Call Trace: [ 14.226964] <TASK> [ 14.226979] dump_stack_lvl+0x73/0xb0 [ 14.227008] print_report+0xd1/0x650 [ 14.227254] ? __virt_addr_valid+0x1db/0x2d0 [ 14.227288] ? kasan_atomics_helper+0xde0/0x5450 [ 14.227311] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.227334] ? kasan_atomics_helper+0xde0/0x5450 [ 14.227356] kasan_report+0x141/0x180 [ 14.227379] ? kasan_atomics_helper+0xde0/0x5450 [ 14.227406] kasan_check_range+0x10c/0x1c0 [ 14.227430] __kasan_check_write+0x18/0x20 [ 14.227450] kasan_atomics_helper+0xde0/0x5450 [ 14.227473] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.227496] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.227522] ? kasan_atomics+0x152/0x310 [ 14.227550] kasan_atomics+0x1dc/0x310 [ 14.227573] ? __pfx_kasan_atomics+0x10/0x10 [ 14.227598] ? __pfx_read_tsc+0x10/0x10 [ 14.227620] ? ktime_get_ts64+0x86/0x230 [ 14.227643] kunit_try_run_case+0x1a5/0x480 [ 14.227668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.227691] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.227715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.227741] ? __kthread_parkme+0x82/0x180 [ 14.227763] ? preempt_count_sub+0x50/0x80 [ 14.227787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.227812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.227836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.227859] kthread+0x337/0x6f0 [ 14.227879] ? trace_preempt_on+0x20/0xc0 [ 14.227902] ? __pfx_kthread+0x10/0x10 [ 14.227923] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.227945] ? calculate_sigpending+0x7b/0xa0 [ 14.227969] ? __pfx_kthread+0x10/0x10 [ 14.227991] ret_from_fork+0x116/0x1d0 [ 14.228010] ? __pfx_kthread+0x10/0x10 [ 14.228103] ret_from_fork_asm+0x1a/0x30 [ 14.228155] </TASK> [ 14.228168] [ 14.236010] Allocated by task 282: [ 14.236310] kasan_save_stack+0x45/0x70 [ 14.236527] kasan_save_track+0x18/0x40 [ 14.236677] kasan_save_alloc_info+0x3b/0x50 [ 14.236828] __kasan_kmalloc+0xb7/0xc0 [ 14.236984] __kmalloc_cache_noprof+0x189/0x420 [ 14.237312] kasan_atomics+0x95/0x310 [ 14.237506] kunit_try_run_case+0x1a5/0x480 [ 14.237714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.237951] kthread+0x337/0x6f0 [ 14.238211] ret_from_fork+0x116/0x1d0 [ 14.238399] ret_from_fork_asm+0x1a/0x30 [ 14.238542] [ 14.238614] The buggy address belongs to the object at ffff888103916a00 [ 14.238614] which belongs to the cache kmalloc-64 of size 64 [ 14.238990] The buggy address is located 0 bytes to the right of [ 14.238990] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.239801] [ 14.239909] The buggy address belongs to the physical page: [ 14.240269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.240656] flags: 0x200000000000000(node=0|zone=2) [ 14.240873] page_type: f5(slab) [ 14.240994] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.241422] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.241785] page dumped because: kasan: bad access detected [ 14.242145] [ 14.242267] Memory state around the buggy address: [ 14.242494] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.242765] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.243301] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.243619] ^ [ 14.243799] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.244242] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.244583] ================================================================== [ 14.321949] ================================================================== [ 14.322391] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 14.322672] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.322898] [ 14.323003] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.323248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.323265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.323287] Call Trace: [ 14.323324] <TASK> [ 14.323340] dump_stack_lvl+0x73/0xb0 [ 14.323370] print_report+0xd1/0x650 [ 14.323394] ? __virt_addr_valid+0x1db/0x2d0 [ 14.323417] ? kasan_atomics_helper+0x1079/0x5450 [ 14.323439] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.323462] ? kasan_atomics_helper+0x1079/0x5450 [ 14.323485] kasan_report+0x141/0x180 [ 14.323508] ? kasan_atomics_helper+0x1079/0x5450 [ 14.323535] kasan_check_range+0x10c/0x1c0 [ 14.323559] __kasan_check_write+0x18/0x20 [ 14.323580] kasan_atomics_helper+0x1079/0x5450 [ 14.323602] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.323626] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.323652] ? kasan_atomics+0x152/0x310 [ 14.323679] kasan_atomics+0x1dc/0x310 [ 14.323702] ? __pfx_kasan_atomics+0x10/0x10 [ 14.323729] ? __pfx_read_tsc+0x10/0x10 [ 14.323750] ? ktime_get_ts64+0x86/0x230 [ 14.323774] kunit_try_run_case+0x1a5/0x480 [ 14.323798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.323822] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.323845] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.323868] ? __kthread_parkme+0x82/0x180 [ 14.323889] ? preempt_count_sub+0x50/0x80 [ 14.323912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.323936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.323958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.323982] kthread+0x337/0x6f0 [ 14.324002] ? trace_preempt_on+0x20/0xc0 [ 14.324025] ? __pfx_kthread+0x10/0x10 [ 14.324127] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.324151] ? calculate_sigpending+0x7b/0xa0 [ 14.324192] ? __pfx_kthread+0x10/0x10 [ 14.324215] ret_from_fork+0x116/0x1d0 [ 14.324235] ? __pfx_kthread+0x10/0x10 [ 14.324258] ret_from_fork_asm+0x1a/0x30 [ 14.324289] </TASK> [ 14.324301] [ 14.333018] Allocated by task 282: [ 14.333169] kasan_save_stack+0x45/0x70 [ 14.333321] kasan_save_track+0x18/0x40 [ 14.333515] kasan_save_alloc_info+0x3b/0x50 [ 14.333695] __kasan_kmalloc+0xb7/0xc0 [ 14.333881] __kmalloc_cache_noprof+0x189/0x420 [ 14.334248] kasan_atomics+0x95/0x310 [ 14.334443] kunit_try_run_case+0x1a5/0x480 [ 14.334618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.334858] kthread+0x337/0x6f0 [ 14.335025] ret_from_fork+0x116/0x1d0 [ 14.335395] ret_from_fork_asm+0x1a/0x30 [ 14.335573] [ 14.335665] The buggy address belongs to the object at ffff888103916a00 [ 14.335665] which belongs to the cache kmalloc-64 of size 64 [ 14.336232] The buggy address is located 0 bytes to the right of [ 14.336232] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.336610] [ 14.336694] The buggy address belongs to the physical page: [ 14.336947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.337340] flags: 0x200000000000000(node=0|zone=2) [ 14.337512] page_type: f5(slab) [ 14.337669] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.338017] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.338453] page dumped because: kasan: bad access detected [ 14.338671] [ 14.338766] Memory state around the buggy address: [ 14.338981] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.339499] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.339796] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.340104] ^ [ 14.340328] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.340651] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.340966] ================================================================== [ 14.419971] ================================================================== [ 14.420323] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 14.420752] Read of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.421189] [ 14.421331] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.421396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.421409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.421432] Call Trace: [ 14.421448] <TASK> [ 14.421464] dump_stack_lvl+0x73/0xb0 [ 14.421492] print_report+0xd1/0x650 [ 14.421516] ? __virt_addr_valid+0x1db/0x2d0 [ 14.421558] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.421581] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.421603] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.421626] kasan_report+0x141/0x180 [ 14.421650] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.421677] __asan_report_load4_noabort+0x18/0x20 [ 14.421702] kasan_atomics_helper+0x49e8/0x5450 [ 14.421725] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.421749] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.421775] ? kasan_atomics+0x152/0x310 [ 14.421802] kasan_atomics+0x1dc/0x310 [ 14.421826] ? __pfx_kasan_atomics+0x10/0x10 [ 14.421851] ? __pfx_read_tsc+0x10/0x10 [ 14.421892] ? ktime_get_ts64+0x86/0x230 [ 14.421917] kunit_try_run_case+0x1a5/0x480 [ 14.421940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.421963] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.421987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.422012] ? __kthread_parkme+0x82/0x180 [ 14.422125] ? preempt_count_sub+0x50/0x80 [ 14.422188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.422213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.422237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.422261] kthread+0x337/0x6f0 [ 14.422281] ? trace_preempt_on+0x20/0xc0 [ 14.422323] ? __pfx_kthread+0x10/0x10 [ 14.422344] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.422366] ? calculate_sigpending+0x7b/0xa0 [ 14.422391] ? __pfx_kthread+0x10/0x10 [ 14.422413] ret_from_fork+0x116/0x1d0 [ 14.422432] ? __pfx_kthread+0x10/0x10 [ 14.422452] ret_from_fork_asm+0x1a/0x30 [ 14.422483] </TASK> [ 14.422495] [ 14.433857] Allocated by task 282: [ 14.434288] kasan_save_stack+0x45/0x70 [ 14.434475] kasan_save_track+0x18/0x40 [ 14.434660] kasan_save_alloc_info+0x3b/0x50 [ 14.434856] __kasan_kmalloc+0xb7/0xc0 [ 14.435067] __kmalloc_cache_noprof+0x189/0x420 [ 14.435292] kasan_atomics+0x95/0x310 [ 14.435473] kunit_try_run_case+0x1a5/0x480 [ 14.435666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.435905] kthread+0x337/0x6f0 [ 14.436603] ret_from_fork+0x116/0x1d0 [ 14.436797] ret_from_fork_asm+0x1a/0x30 [ 14.436986] [ 14.437352] The buggy address belongs to the object at ffff888103916a00 [ 14.437352] which belongs to the cache kmalloc-64 of size 64 [ 14.437940] The buggy address is located 0 bytes to the right of [ 14.437940] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.438948] [ 14.439067] The buggy address belongs to the physical page: [ 14.439515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.439961] flags: 0x200000000000000(node=0|zone=2) [ 14.440340] page_type: f5(slab) [ 14.440595] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.440937] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.441497] page dumped because: kasan: bad access detected [ 14.441904] [ 14.441990] Memory state around the buggy address: [ 14.442385] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.443130] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.443743] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.444044] ^ [ 14.444591] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.444945] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.445568] ================================================================== [ 14.075878] ================================================================== [ 14.076357] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 14.076699] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.076979] [ 14.077206] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.077253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.077266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.077289] Call Trace: [ 14.077305] <TASK> [ 14.077322] dump_stack_lvl+0x73/0xb0 [ 14.077361] print_report+0xd1/0x650 [ 14.077385] ? __virt_addr_valid+0x1db/0x2d0 [ 14.077407] ? kasan_atomics_helper+0x992/0x5450 [ 14.077441] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.077464] ? kasan_atomics_helper+0x992/0x5450 [ 14.077486] kasan_report+0x141/0x180 [ 14.077508] ? kasan_atomics_helper+0x992/0x5450 [ 14.077534] kasan_check_range+0x10c/0x1c0 [ 14.077557] __kasan_check_write+0x18/0x20 [ 14.077576] kasan_atomics_helper+0x992/0x5450 [ 14.077600] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.077622] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.077656] ? kasan_atomics+0x152/0x310 [ 14.077684] kasan_atomics+0x1dc/0x310 [ 14.077706] ? __pfx_kasan_atomics+0x10/0x10 [ 14.077741] ? __pfx_read_tsc+0x10/0x10 [ 14.077762] ? ktime_get_ts64+0x86/0x230 [ 14.077786] kunit_try_run_case+0x1a5/0x480 [ 14.077810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.077832] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.077855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.077878] ? __kthread_parkme+0x82/0x180 [ 14.077899] ? preempt_count_sub+0x50/0x80 [ 14.077932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.077957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.077980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.078014] kthread+0x337/0x6f0 [ 14.078179] ? trace_preempt_on+0x20/0xc0 [ 14.078208] ? __pfx_kthread+0x10/0x10 [ 14.078281] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.078306] ? calculate_sigpending+0x7b/0xa0 [ 14.078350] ? __pfx_kthread+0x10/0x10 [ 14.078373] ret_from_fork+0x116/0x1d0 [ 14.078393] ? __pfx_kthread+0x10/0x10 [ 14.078414] ret_from_fork_asm+0x1a/0x30 [ 14.078445] </TASK> [ 14.078457] [ 14.086843] Allocated by task 282: [ 14.086998] kasan_save_stack+0x45/0x70 [ 14.087330] kasan_save_track+0x18/0x40 [ 14.087536] kasan_save_alloc_info+0x3b/0x50 [ 14.087749] __kasan_kmalloc+0xb7/0xc0 [ 14.087901] __kmalloc_cache_noprof+0x189/0x420 [ 14.088215] kasan_atomics+0x95/0x310 [ 14.088412] kunit_try_run_case+0x1a5/0x480 [ 14.088619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.088845] kthread+0x337/0x6f0 [ 14.089096] ret_from_fork+0x116/0x1d0 [ 14.089338] ret_from_fork_asm+0x1a/0x30 [ 14.089517] [ 14.089637] The buggy address belongs to the object at ffff888103916a00 [ 14.089637] which belongs to the cache kmalloc-64 of size 64 [ 14.090314] The buggy address is located 0 bytes to the right of [ 14.090314] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.090809] [ 14.090908] The buggy address belongs to the physical page: [ 14.091293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.091543] flags: 0x200000000000000(node=0|zone=2) [ 14.091770] page_type: f5(slab) [ 14.091935] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.092391] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.092658] page dumped because: kasan: bad access detected [ 14.092914] [ 14.093100] Memory state around the buggy address: [ 14.093370] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.093692] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.093953] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.094456] ^ [ 14.094685] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.094974] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.095378] ================================================================== [ 14.055511] ================================================================== [ 14.055846] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 14.056309] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.056633] [ 14.056734] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.056778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.056792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.056813] Call Trace: [ 14.056830] <TASK> [ 14.056846] dump_stack_lvl+0x73/0xb0 [ 14.056887] print_report+0xd1/0x650 [ 14.056910] ? __virt_addr_valid+0x1db/0x2d0 [ 14.056933] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.056966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.056989] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.057012] kasan_report+0x141/0x180 [ 14.057116] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.057160] kasan_check_range+0x10c/0x1c0 [ 14.057200] __kasan_check_write+0x18/0x20 [ 14.057221] kasan_atomics_helper+0x8f9/0x5450 [ 14.057244] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.057267] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.057294] ? kasan_atomics+0x152/0x310 [ 14.057321] kasan_atomics+0x1dc/0x310 [ 14.057345] ? __pfx_kasan_atomics+0x10/0x10 [ 14.057369] ? __pfx_read_tsc+0x10/0x10 [ 14.057402] ? ktime_get_ts64+0x86/0x230 [ 14.057426] kunit_try_run_case+0x1a5/0x480 [ 14.057451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.057487] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.057511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.057535] ? __kthread_parkme+0x82/0x180 [ 14.057556] ? preempt_count_sub+0x50/0x80 [ 14.057579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.057603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.057627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.057652] kthread+0x337/0x6f0 [ 14.057672] ? trace_preempt_on+0x20/0xc0 [ 14.057695] ? __pfx_kthread+0x10/0x10 [ 14.057717] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.057739] ? calculate_sigpending+0x7b/0xa0 [ 14.057762] ? __pfx_kthread+0x10/0x10 [ 14.057784] ret_from_fork+0x116/0x1d0 [ 14.057802] ? __pfx_kthread+0x10/0x10 [ 14.057822] ret_from_fork_asm+0x1a/0x30 [ 14.057853] </TASK> [ 14.057865] [ 14.066435] Allocated by task 282: [ 14.066620] kasan_save_stack+0x45/0x70 [ 14.066804] kasan_save_track+0x18/0x40 [ 14.066947] kasan_save_alloc_info+0x3b/0x50 [ 14.067300] __kasan_kmalloc+0xb7/0xc0 [ 14.067498] __kmalloc_cache_noprof+0x189/0x420 [ 14.067701] kasan_atomics+0x95/0x310 [ 14.067836] kunit_try_run_case+0x1a5/0x480 [ 14.068113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.068443] kthread+0x337/0x6f0 [ 14.068651] ret_from_fork+0x116/0x1d0 [ 14.068792] ret_from_fork_asm+0x1a/0x30 [ 14.069006] [ 14.069215] The buggy address belongs to the object at ffff888103916a00 [ 14.069215] which belongs to the cache kmalloc-64 of size 64 [ 14.069705] The buggy address is located 0 bytes to the right of [ 14.069705] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.070457] [ 14.070586] The buggy address belongs to the physical page: [ 14.070836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.071305] flags: 0x200000000000000(node=0|zone=2) [ 14.071526] page_type: f5(slab) [ 14.071691] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.072154] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.072516] page dumped because: kasan: bad access detected [ 14.072756] [ 14.072878] Memory state around the buggy address: [ 14.073166] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.073498] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.073813] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.074206] ^ [ 14.074468] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.074779] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.075398] ================================================================== [ 14.302985] ================================================================== [ 14.303586] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 14.303938] Read of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.304351] [ 14.304467] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.304510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.304523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.304545] Call Trace: [ 14.304560] <TASK> [ 14.304577] dump_stack_lvl+0x73/0xb0 [ 14.304606] print_report+0xd1/0x650 [ 14.304629] ? __virt_addr_valid+0x1db/0x2d0 [ 14.304652] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.304674] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.304697] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.304721] kasan_report+0x141/0x180 [ 14.304743] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.304770] __asan_report_load4_noabort+0x18/0x20 [ 14.304795] kasan_atomics_helper+0x4a36/0x5450 [ 14.304819] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.304842] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.304867] ? kasan_atomics+0x152/0x310 [ 14.304894] kasan_atomics+0x1dc/0x310 [ 14.304918] ? __pfx_kasan_atomics+0x10/0x10 [ 14.304943] ? __pfx_read_tsc+0x10/0x10 [ 14.304965] ? ktime_get_ts64+0x86/0x230 [ 14.304989] kunit_try_run_case+0x1a5/0x480 [ 14.305015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.305052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.305078] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.305103] ? __kthread_parkme+0x82/0x180 [ 14.305124] ? preempt_count_sub+0x50/0x80 [ 14.305148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.305174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.305198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.305222] kthread+0x337/0x6f0 [ 14.305242] ? trace_preempt_on+0x20/0xc0 [ 14.305265] ? __pfx_kthread+0x10/0x10 [ 14.305287] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.305308] ? calculate_sigpending+0x7b/0xa0 [ 14.305332] ? __pfx_kthread+0x10/0x10 [ 14.305354] ret_from_fork+0x116/0x1d0 [ 14.305374] ? __pfx_kthread+0x10/0x10 [ 14.305395] ret_from_fork_asm+0x1a/0x30 [ 14.305426] </TASK> [ 14.305438] [ 14.313369] Allocated by task 282: [ 14.313555] kasan_save_stack+0x45/0x70 [ 14.313759] kasan_save_track+0x18/0x40 [ 14.313937] kasan_save_alloc_info+0x3b/0x50 [ 14.314228] __kasan_kmalloc+0xb7/0xc0 [ 14.314427] __kmalloc_cache_noprof+0x189/0x420 [ 14.314618] kasan_atomics+0x95/0x310 [ 14.314786] kunit_try_run_case+0x1a5/0x480 [ 14.314933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.315359] kthread+0x337/0x6f0 [ 14.315541] ret_from_fork+0x116/0x1d0 [ 14.315743] ret_from_fork_asm+0x1a/0x30 [ 14.315948] [ 14.316133] The buggy address belongs to the object at ffff888103916a00 [ 14.316133] which belongs to the cache kmalloc-64 of size 64 [ 14.316687] The buggy address is located 0 bytes to the right of [ 14.316687] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.317315] [ 14.317402] The buggy address belongs to the physical page: [ 14.317616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.317942] flags: 0x200000000000000(node=0|zone=2) [ 14.318219] page_type: f5(slab) [ 14.318394] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.318653] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.318894] page dumped because: kasan: bad access detected [ 14.319303] [ 14.319405] Memory state around the buggy address: [ 14.319629] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.319946] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.320381] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.320672] ^ [ 14.320831] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.321125] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.321480] ================================================================== [ 15.022508] ================================================================== [ 15.022813] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 15.023250] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 15.023553] [ 15.023648] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.023691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.023703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.023724] Call Trace: [ 15.023738] <TASK> [ 15.023754] dump_stack_lvl+0x73/0xb0 [ 15.023782] print_report+0xd1/0x650 [ 15.023805] ? __virt_addr_valid+0x1db/0x2d0 [ 15.023827] ? kasan_atomics_helper+0x2006/0x5450 [ 15.023848] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.023871] ? kasan_atomics_helper+0x2006/0x5450 [ 15.023893] kasan_report+0x141/0x180 [ 15.023916] ? kasan_atomics_helper+0x2006/0x5450 [ 15.023943] kasan_check_range+0x10c/0x1c0 [ 15.023967] __kasan_check_write+0x18/0x20 [ 15.023987] kasan_atomics_helper+0x2006/0x5450 [ 15.024010] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.024044] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.024070] ? kasan_atomics+0x152/0x310 [ 15.024097] kasan_atomics+0x1dc/0x310 [ 15.024120] ? __pfx_kasan_atomics+0x10/0x10 [ 15.024145] ? __pfx_read_tsc+0x10/0x10 [ 15.024167] ? ktime_get_ts64+0x86/0x230 [ 15.024190] kunit_try_run_case+0x1a5/0x480 [ 15.024215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.024237] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.024261] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.024284] ? __kthread_parkme+0x82/0x180 [ 15.024305] ? preempt_count_sub+0x50/0x80 [ 15.024329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.024353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.024376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.024400] kthread+0x337/0x6f0 [ 15.024419] ? trace_preempt_on+0x20/0xc0 [ 15.024443] ? __pfx_kthread+0x10/0x10 [ 15.024465] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.024487] ? calculate_sigpending+0x7b/0xa0 [ 15.024511] ? __pfx_kthread+0x10/0x10 [ 15.024534] ret_from_fork+0x116/0x1d0 [ 15.024553] ? __pfx_kthread+0x10/0x10 [ 15.024574] ret_from_fork_asm+0x1a/0x30 [ 15.024605] </TASK> [ 15.024616] [ 15.032727] Allocated by task 282: [ 15.032925] kasan_save_stack+0x45/0x70 [ 15.033395] kasan_save_track+0x18/0x40 [ 15.033562] kasan_save_alloc_info+0x3b/0x50 [ 15.033716] __kasan_kmalloc+0xb7/0xc0 [ 15.033851] __kmalloc_cache_noprof+0x189/0x420 [ 15.034088] kasan_atomics+0x95/0x310 [ 15.034284] kunit_try_run_case+0x1a5/0x480 [ 15.034492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.034746] kthread+0x337/0x6f0 [ 15.034907] ret_from_fork+0x116/0x1d0 [ 15.035270] ret_from_fork_asm+0x1a/0x30 [ 15.035479] [ 15.035576] The buggy address belongs to the object at ffff888103916a00 [ 15.035576] which belongs to the cache kmalloc-64 of size 64 [ 15.036106] The buggy address is located 0 bytes to the right of [ 15.036106] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 15.036634] [ 15.036730] The buggy address belongs to the physical page: [ 15.036963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 15.037426] flags: 0x200000000000000(node=0|zone=2) [ 15.037596] page_type: f5(slab) [ 15.037715] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.037947] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.038292] page dumped because: kasan: bad access detected [ 15.038688] [ 15.038783] Memory state around the buggy address: [ 15.039062] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.039363] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.039581] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.039794] ^ [ 15.040396] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.040747] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.041175] ================================================================== [ 14.615245] ================================================================== [ 14.615911] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.616397] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.616995] [ 14.617269] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.617316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.617431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.617458] Call Trace: [ 14.617475] <TASK> [ 14.617493] dump_stack_lvl+0x73/0xb0 [ 14.617522] print_report+0xd1/0x650 [ 14.617545] ? __virt_addr_valid+0x1db/0x2d0 [ 14.617568] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.617624] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.617647] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.617671] kasan_report+0x141/0x180 [ 14.617695] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.617722] kasan_check_range+0x10c/0x1c0 [ 14.617747] __kasan_check_write+0x18/0x20 [ 14.617767] kasan_atomics_helper+0x15b6/0x5450 [ 14.617790] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.617813] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.617839] ? kasan_atomics+0x152/0x310 [ 14.617866] kasan_atomics+0x1dc/0x310 [ 14.617890] ? __pfx_kasan_atomics+0x10/0x10 [ 14.617915] ? __pfx_read_tsc+0x10/0x10 [ 14.617937] ? ktime_get_ts64+0x86/0x230 [ 14.617960] kunit_try_run_case+0x1a5/0x480 [ 14.617985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.618007] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.618042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.618085] ? __kthread_parkme+0x82/0x180 [ 14.618106] ? preempt_count_sub+0x50/0x80 [ 14.618130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.618154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.618178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.618201] kthread+0x337/0x6f0 [ 14.618221] ? trace_preempt_on+0x20/0xc0 [ 14.618246] ? __pfx_kthread+0x10/0x10 [ 14.618266] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.618288] ? calculate_sigpending+0x7b/0xa0 [ 14.618312] ? __pfx_kthread+0x10/0x10 [ 14.618334] ret_from_fork+0x116/0x1d0 [ 14.618353] ? __pfx_kthread+0x10/0x10 [ 14.618374] ret_from_fork_asm+0x1a/0x30 [ 14.618406] </TASK> [ 14.618417] [ 14.630150] Allocated by task 282: [ 14.630551] kasan_save_stack+0x45/0x70 [ 14.630910] kasan_save_track+0x18/0x40 [ 14.631247] kasan_save_alloc_info+0x3b/0x50 [ 14.631598] __kasan_kmalloc+0xb7/0xc0 [ 14.631794] __kmalloc_cache_noprof+0x189/0x420 [ 14.632004] kasan_atomics+0x95/0x310 [ 14.632364] kunit_try_run_case+0x1a5/0x480 [ 14.632766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.633256] kthread+0x337/0x6f0 [ 14.633561] ret_from_fork+0x116/0x1d0 [ 14.633745] ret_from_fork_asm+0x1a/0x30 [ 14.633928] [ 14.634022] The buggy address belongs to the object at ffff888103916a00 [ 14.634022] which belongs to the cache kmalloc-64 of size 64 [ 14.634883] The buggy address is located 0 bytes to the right of [ 14.634883] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.635883] [ 14.636152] The buggy address belongs to the physical page: [ 14.636391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.636721] flags: 0x200000000000000(node=0|zone=2) [ 14.636937] page_type: f5(slab) [ 14.637402] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.637849] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.638789] page dumped because: kasan: bad access detected [ 14.639112] [ 14.639351] Memory state around the buggy address: [ 14.639773] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.640284] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.640737] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.641212] ^ [ 14.641559] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.641859] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.642329] ================================================================== [ 13.806638] ================================================================== [ 13.806991] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 13.807252] Read of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 13.807627] [ 13.807733] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.807775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.807786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.807806] Call Trace: [ 13.807820] <TASK> [ 13.807834] dump_stack_lvl+0x73/0xb0 [ 13.807862] print_report+0xd1/0x650 [ 13.807883] ? __virt_addr_valid+0x1db/0x2d0 [ 13.807905] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.807925] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.807946] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.807967] kasan_report+0x141/0x180 [ 13.808071] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.808103] __asan_report_load4_noabort+0x18/0x20 [ 13.808138] kasan_atomics_helper+0x4b88/0x5450 [ 13.808161] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.808183] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.808220] ? kasan_atomics+0x152/0x310 [ 13.808247] kasan_atomics+0x1dc/0x310 [ 13.808269] ? __pfx_kasan_atomics+0x10/0x10 [ 13.808301] ? __pfx_read_tsc+0x10/0x10 [ 13.808323] ? ktime_get_ts64+0x86/0x230 [ 13.808357] kunit_try_run_case+0x1a5/0x480 [ 13.808380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.808402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.808424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.808446] ? __kthread_parkme+0x82/0x180 [ 13.808465] ? preempt_count_sub+0x50/0x80 [ 13.808487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.808509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.808531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.808553] kthread+0x337/0x6f0 [ 13.808572] ? trace_preempt_on+0x20/0xc0 [ 13.808595] ? __pfx_kthread+0x10/0x10 [ 13.808614] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.808634] ? calculate_sigpending+0x7b/0xa0 [ 13.808656] ? __pfx_kthread+0x10/0x10 [ 13.808677] ret_from_fork+0x116/0x1d0 [ 13.808695] ? __pfx_kthread+0x10/0x10 [ 13.808835] ret_from_fork_asm+0x1a/0x30 [ 13.808867] </TASK> [ 13.808910] [ 13.817971] Allocated by task 282: [ 13.818177] kasan_save_stack+0x45/0x70 [ 13.818384] kasan_save_track+0x18/0x40 [ 13.818577] kasan_save_alloc_info+0x3b/0x50 [ 13.819009] __kasan_kmalloc+0xb7/0xc0 [ 13.819403] __kmalloc_cache_noprof+0x189/0x420 [ 13.819616] kasan_atomics+0x95/0x310 [ 13.819804] kunit_try_run_case+0x1a5/0x480 [ 13.819953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.820152] kthread+0x337/0x6f0 [ 13.820348] ret_from_fork+0x116/0x1d0 [ 13.820536] ret_from_fork_asm+0x1a/0x30 [ 13.820716] [ 13.820790] The buggy address belongs to the object at ffff888103916a00 [ 13.820790] which belongs to the cache kmalloc-64 of size 64 [ 13.821647] The buggy address is located 0 bytes to the right of [ 13.821647] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 13.822258] [ 13.822333] The buggy address belongs to the physical page: [ 13.822590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 13.823190] flags: 0x200000000000000(node=0|zone=2) [ 13.823420] page_type: f5(slab) [ 13.823584] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.823819] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.824181] page dumped because: kasan: bad access detected [ 13.824433] [ 13.824638] Memory state around the buggy address: [ 13.824858] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.825319] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.825641] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.825952] ^ [ 13.826381] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.826695] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.827294] ================================================================== [ 15.161775] ================================================================== [ 15.162310] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 15.162723] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 15.163343] [ 15.163481] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.163526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.163539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.163561] Call Trace: [ 15.163577] <TASK> [ 15.163592] dump_stack_lvl+0x73/0xb0 [ 15.163621] print_report+0xd1/0x650 [ 15.163644] ? __virt_addr_valid+0x1db/0x2d0 [ 15.163665] ? kasan_atomics_helper+0x224c/0x5450 [ 15.163687] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.163709] ? kasan_atomics_helper+0x224c/0x5450 [ 15.163731] kasan_report+0x141/0x180 [ 15.163755] ? kasan_atomics_helper+0x224c/0x5450 [ 15.163783] kasan_check_range+0x10c/0x1c0 [ 15.163807] __kasan_check_write+0x18/0x20 [ 15.163827] kasan_atomics_helper+0x224c/0x5450 [ 15.163850] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.163873] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.163898] ? kasan_atomics+0x152/0x310 [ 15.163925] kasan_atomics+0x1dc/0x310 [ 15.163948] ? __pfx_kasan_atomics+0x10/0x10 [ 15.163973] ? __pfx_read_tsc+0x10/0x10 [ 15.163994] ? ktime_get_ts64+0x86/0x230 [ 15.164020] kunit_try_run_case+0x1a5/0x480 [ 15.164072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.164095] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.164118] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.164141] ? __kthread_parkme+0x82/0x180 [ 15.164163] ? preempt_count_sub+0x50/0x80 [ 15.164187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.164219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.164242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.164265] kthread+0x337/0x6f0 [ 15.164285] ? trace_preempt_on+0x20/0xc0 [ 15.164309] ? __pfx_kthread+0x10/0x10 [ 15.164330] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.164351] ? calculate_sigpending+0x7b/0xa0 [ 15.164375] ? __pfx_kthread+0x10/0x10 [ 15.164397] ret_from_fork+0x116/0x1d0 [ 15.164415] ? __pfx_kthread+0x10/0x10 [ 15.164436] ret_from_fork_asm+0x1a/0x30 [ 15.164467] </TASK> [ 15.164479] [ 15.173697] Allocated by task 282: [ 15.173934] kasan_save_stack+0x45/0x70 [ 15.174304] kasan_save_track+0x18/0x40 [ 15.174553] kasan_save_alloc_info+0x3b/0x50 [ 15.174793] __kasan_kmalloc+0xb7/0xc0 [ 15.175292] __kmalloc_cache_noprof+0x189/0x420 [ 15.175610] kasan_atomics+0x95/0x310 [ 15.175781] kunit_try_run_case+0x1a5/0x480 [ 15.176255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.176612] kthread+0x337/0x6f0 [ 15.176763] ret_from_fork+0x116/0x1d0 [ 15.177015] ret_from_fork_asm+0x1a/0x30 [ 15.177378] [ 15.177503] The buggy address belongs to the object at ffff888103916a00 [ 15.177503] which belongs to the cache kmalloc-64 of size 64 [ 15.178170] The buggy address is located 0 bytes to the right of [ 15.178170] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 15.178875] [ 15.178980] The buggy address belongs to the physical page: [ 15.179432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 15.179853] flags: 0x200000000000000(node=0|zone=2) [ 15.180388] page_type: f5(slab) [ 15.180551] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.180865] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.181401] page dumped because: kasan: bad access detected [ 15.181626] [ 15.181782] Memory state around the buggy address: [ 15.182105] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.182512] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.182890] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.183372] ^ [ 15.183561] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.183967] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.184302] ================================================================== [ 14.033807] ================================================================== [ 14.034479] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 14.034818] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.035263] [ 14.035398] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.035442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.035456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.035477] Call Trace: [ 14.035492] <TASK> [ 14.035508] dump_stack_lvl+0x73/0xb0 [ 14.035536] print_report+0xd1/0x650 [ 14.035560] ? __virt_addr_valid+0x1db/0x2d0 [ 14.035594] ? kasan_atomics_helper+0x860/0x5450 [ 14.035615] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.035639] ? kasan_atomics_helper+0x860/0x5450 [ 14.035680] kasan_report+0x141/0x180 [ 14.035703] ? kasan_atomics_helper+0x860/0x5450 [ 14.035756] kasan_check_range+0x10c/0x1c0 [ 14.035782] __kasan_check_write+0x18/0x20 [ 14.035802] kasan_atomics_helper+0x860/0x5450 [ 14.035825] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.035848] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.035874] ? kasan_atomics+0x152/0x310 [ 14.035902] kasan_atomics+0x1dc/0x310 [ 14.036503] ? __pfx_kasan_atomics+0x10/0x10 [ 14.036544] ? __pfx_read_tsc+0x10/0x10 [ 14.036569] ? ktime_get_ts64+0x86/0x230 [ 14.036594] kunit_try_run_case+0x1a5/0x480 [ 14.036620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.036643] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.036667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.036691] ? __kthread_parkme+0x82/0x180 [ 14.036951] ? preempt_count_sub+0x50/0x80 [ 14.037003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.037107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.037154] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.037179] kthread+0x337/0x6f0 [ 14.037200] ? trace_preempt_on+0x20/0xc0 [ 14.037226] ? __pfx_kthread+0x10/0x10 [ 14.037246] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.037269] ? calculate_sigpending+0x7b/0xa0 [ 14.037293] ? __pfx_kthread+0x10/0x10 [ 14.037315] ret_from_fork+0x116/0x1d0 [ 14.037334] ? __pfx_kthread+0x10/0x10 [ 14.037355] ret_from_fork_asm+0x1a/0x30 [ 14.037385] </TASK> [ 14.037398] [ 14.045952] Allocated by task 282: [ 14.046266] kasan_save_stack+0x45/0x70 [ 14.046482] kasan_save_track+0x18/0x40 [ 14.046712] kasan_save_alloc_info+0x3b/0x50 [ 14.046953] __kasan_kmalloc+0xb7/0xc0 [ 14.047278] __kmalloc_cache_noprof+0x189/0x420 [ 14.047500] kasan_atomics+0x95/0x310 [ 14.047678] kunit_try_run_case+0x1a5/0x480 [ 14.048171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.048443] kthread+0x337/0x6f0 [ 14.048619] ret_from_fork+0x116/0x1d0 [ 14.048798] ret_from_fork_asm+0x1a/0x30 [ 14.049004] [ 14.049219] The buggy address belongs to the object at ffff888103916a00 [ 14.049219] which belongs to the cache kmalloc-64 of size 64 [ 14.049724] The buggy address is located 0 bytes to the right of [ 14.049724] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.050285] [ 14.050389] The buggy address belongs to the physical page: [ 14.050638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.050980] flags: 0x200000000000000(node=0|zone=2) [ 14.051205] page_type: f5(slab) [ 14.051323] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.051667] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.051969] page dumped because: kasan: bad access detected [ 14.052428] [ 14.052525] Memory state around the buggy address: [ 14.052745] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.053097] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.053475] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.053710] ^ [ 14.053933] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.054566] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.054891] ================================================================== [ 15.113657] ================================================================== [ 15.114042] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 15.114486] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 15.114749] [ 15.114836] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.114877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.114890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.114909] Call Trace: [ 15.114924] <TASK> [ 15.114939] dump_stack_lvl+0x73/0xb0 [ 15.114965] print_report+0xd1/0x650 [ 15.114989] ? __virt_addr_valid+0x1db/0x2d0 [ 15.115011] ? kasan_atomics_helper+0x218a/0x5450 [ 15.115044] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.115075] ? kasan_atomics_helper+0x218a/0x5450 [ 15.115096] kasan_report+0x141/0x180 [ 15.115119] ? kasan_atomics_helper+0x218a/0x5450 [ 15.115146] kasan_check_range+0x10c/0x1c0 [ 15.115170] __kasan_check_write+0x18/0x20 [ 15.115190] kasan_atomics_helper+0x218a/0x5450 [ 15.115213] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.115236] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.115261] ? kasan_atomics+0x152/0x310 [ 15.115289] kasan_atomics+0x1dc/0x310 [ 15.115312] ? __pfx_kasan_atomics+0x10/0x10 [ 15.115336] ? __pfx_read_tsc+0x10/0x10 [ 15.115358] ? ktime_get_ts64+0x86/0x230 [ 15.115381] kunit_try_run_case+0x1a5/0x480 [ 15.115405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.115428] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.115451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.115474] ? __kthread_parkme+0x82/0x180 [ 15.115496] ? preempt_count_sub+0x50/0x80 [ 15.115520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.115544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.115567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.115591] kthread+0x337/0x6f0 [ 15.115611] ? trace_preempt_on+0x20/0xc0 [ 15.115634] ? __pfx_kthread+0x10/0x10 [ 15.115655] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.115678] ? calculate_sigpending+0x7b/0xa0 [ 15.115702] ? __pfx_kthread+0x10/0x10 [ 15.115724] ret_from_fork+0x116/0x1d0 [ 15.115743] ? __pfx_kthread+0x10/0x10 [ 15.115763] ret_from_fork_asm+0x1a/0x30 [ 15.115795] </TASK> [ 15.115807] [ 15.126722] Allocated by task 282: [ 15.126886] kasan_save_stack+0x45/0x70 [ 15.127120] kasan_save_track+0x18/0x40 [ 15.127643] kasan_save_alloc_info+0x3b/0x50 [ 15.127829] __kasan_kmalloc+0xb7/0xc0 [ 15.128012] __kmalloc_cache_noprof+0x189/0x420 [ 15.128382] kasan_atomics+0x95/0x310 [ 15.128694] kunit_try_run_case+0x1a5/0x480 [ 15.128911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.129230] kthread+0x337/0x6f0 [ 15.129424] ret_from_fork+0x116/0x1d0 [ 15.129733] ret_from_fork_asm+0x1a/0x30 [ 15.129942] [ 15.130025] The buggy address belongs to the object at ffff888103916a00 [ 15.130025] which belongs to the cache kmalloc-64 of size 64 [ 15.130822] The buggy address is located 0 bytes to the right of [ 15.130822] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 15.131569] [ 15.131748] The buggy address belongs to the physical page: [ 15.132068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 15.132513] flags: 0x200000000000000(node=0|zone=2) [ 15.132853] page_type: f5(slab) [ 15.133010] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.133586] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.133898] page dumped because: kasan: bad access detected [ 15.134143] [ 15.134456] Memory state around the buggy address: [ 15.134757] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.135146] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.135693] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.136082] ^ [ 15.136443] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.136823] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.137104] ================================================================== [ 14.245002] ================================================================== [ 14.245444] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 14.245747] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.246125] [ 14.246330] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.246377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.246390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.246412] Call Trace: [ 14.246428] <TASK> [ 14.246444] dump_stack_lvl+0x73/0xb0 [ 14.246472] print_report+0xd1/0x650 [ 14.246495] ? __virt_addr_valid+0x1db/0x2d0 [ 14.246517] ? kasan_atomics_helper+0xe78/0x5450 [ 14.246559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.246583] ? kasan_atomics_helper+0xe78/0x5450 [ 14.246605] kasan_report+0x141/0x180 [ 14.246644] ? kasan_atomics_helper+0xe78/0x5450 [ 14.246671] kasan_check_range+0x10c/0x1c0 [ 14.246708] __kasan_check_write+0x18/0x20 [ 14.246728] kasan_atomics_helper+0xe78/0x5450 [ 14.246751] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.246774] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.246799] ? kasan_atomics+0x152/0x310 [ 14.246826] kasan_atomics+0x1dc/0x310 [ 14.246866] ? __pfx_kasan_atomics+0x10/0x10 [ 14.246891] ? __pfx_read_tsc+0x10/0x10 [ 14.246912] ? ktime_get_ts64+0x86/0x230 [ 14.246937] kunit_try_run_case+0x1a5/0x480 [ 14.246961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.246984] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.247024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.247236] ? __kthread_parkme+0x82/0x180 [ 14.247262] ? preempt_count_sub+0x50/0x80 [ 14.247287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.247312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.247336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.247360] kthread+0x337/0x6f0 [ 14.247380] ? trace_preempt_on+0x20/0xc0 [ 14.247404] ? __pfx_kthread+0x10/0x10 [ 14.247425] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.247447] ? calculate_sigpending+0x7b/0xa0 [ 14.247471] ? __pfx_kthread+0x10/0x10 [ 14.247493] ret_from_fork+0x116/0x1d0 [ 14.247512] ? __pfx_kthread+0x10/0x10 [ 14.247533] ret_from_fork_asm+0x1a/0x30 [ 14.247562] </TASK> [ 14.247574] [ 14.255915] Allocated by task 282: [ 14.256221] kasan_save_stack+0x45/0x70 [ 14.256410] kasan_save_track+0x18/0x40 [ 14.256623] kasan_save_alloc_info+0x3b/0x50 [ 14.256833] __kasan_kmalloc+0xb7/0xc0 [ 14.257007] __kmalloc_cache_noprof+0x189/0x420 [ 14.258213] kasan_atomics+0x95/0x310 [ 14.258416] kunit_try_run_case+0x1a5/0x480 [ 14.258602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.258830] kthread+0x337/0x6f0 [ 14.258996] ret_from_fork+0x116/0x1d0 [ 14.259373] ret_from_fork_asm+0x1a/0x30 [ 14.259578] [ 14.259678] The buggy address belongs to the object at ffff888103916a00 [ 14.259678] which belongs to the cache kmalloc-64 of size 64 [ 14.260210] The buggy address is located 0 bytes to the right of [ 14.260210] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.260722] [ 14.260804] The buggy address belongs to the physical page: [ 14.261013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.261353] flags: 0x200000000000000(node=0|zone=2) [ 14.261576] page_type: f5(slab) [ 14.261718] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.262098] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.262385] page dumped because: kasan: bad access detected [ 14.262632] [ 14.262728] Memory state around the buggy address: [ 14.262953] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.263436] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.263769] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.264022] ^ [ 14.264355] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.264647] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.264941] ================================================================== [ 14.187965] ================================================================== [ 14.188627] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 14.188962] Read of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.189286] [ 14.189390] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.189435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.189449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.189470] Call Trace: [ 14.189485] <TASK> [ 14.189501] dump_stack_lvl+0x73/0xb0 [ 14.189529] print_report+0xd1/0x650 [ 14.189552] ? __virt_addr_valid+0x1db/0x2d0 [ 14.189576] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.189598] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.189621] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.189644] kasan_report+0x141/0x180 [ 14.189667] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.189693] __asan_report_load4_noabort+0x18/0x20 [ 14.189718] kasan_atomics_helper+0x4a84/0x5450 [ 14.189831] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.189856] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.189884] ? kasan_atomics+0x152/0x310 [ 14.189911] kasan_atomics+0x1dc/0x310 [ 14.189935] ? __pfx_kasan_atomics+0x10/0x10 [ 14.189960] ? __pfx_read_tsc+0x10/0x10 [ 14.189981] ? ktime_get_ts64+0x86/0x230 [ 14.190005] kunit_try_run_case+0x1a5/0x480 [ 14.190214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.190250] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.190276] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.190299] ? __kthread_parkme+0x82/0x180 [ 14.190321] ? preempt_count_sub+0x50/0x80 [ 14.190345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.190370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.190393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.190416] kthread+0x337/0x6f0 [ 14.190436] ? trace_preempt_on+0x20/0xc0 [ 14.190460] ? __pfx_kthread+0x10/0x10 [ 14.190482] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.190504] ? calculate_sigpending+0x7b/0xa0 [ 14.190528] ? __pfx_kthread+0x10/0x10 [ 14.190550] ret_from_fork+0x116/0x1d0 [ 14.190568] ? __pfx_kthread+0x10/0x10 [ 14.190590] ret_from_fork_asm+0x1a/0x30 [ 14.190620] </TASK> [ 14.190632] [ 14.198474] Allocated by task 282: [ 14.198609] kasan_save_stack+0x45/0x70 [ 14.198754] kasan_save_track+0x18/0x40 [ 14.198934] kasan_save_alloc_info+0x3b/0x50 [ 14.199249] __kasan_kmalloc+0xb7/0xc0 [ 14.199442] __kmalloc_cache_noprof+0x189/0x420 [ 14.199671] kasan_atomics+0x95/0x310 [ 14.199856] kunit_try_run_case+0x1a5/0x480 [ 14.200140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.200388] kthread+0x337/0x6f0 [ 14.200512] ret_from_fork+0x116/0x1d0 [ 14.200645] ret_from_fork_asm+0x1a/0x30 [ 14.200804] [ 14.200902] The buggy address belongs to the object at ffff888103916a00 [ 14.200902] which belongs to the cache kmalloc-64 of size 64 [ 14.201664] The buggy address is located 0 bytes to the right of [ 14.201664] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.202352] [ 14.202452] The buggy address belongs to the physical page: [ 14.202703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.203154] flags: 0x200000000000000(node=0|zone=2) [ 14.203355] page_type: f5(slab) [ 14.203476] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.203823] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.204239] page dumped because: kasan: bad access detected [ 14.204418] [ 14.204515] Memory state around the buggy address: [ 14.204736] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.205130] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.205423] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.205669] ^ [ 14.205861] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.206396] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.206695] ================================================================== [ 14.820806] ================================================================== [ 14.821209] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 14.821543] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.821872] [ 14.821982] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.822037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.822050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.822071] Call Trace: [ 14.822087] <TASK> [ 14.822104] dump_stack_lvl+0x73/0xb0 [ 14.822131] print_report+0xd1/0x650 [ 14.822155] ? __virt_addr_valid+0x1db/0x2d0 [ 14.822177] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.822199] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.822222] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.822245] kasan_report+0x141/0x180 [ 14.822268] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.822294] kasan_check_range+0x10c/0x1c0 [ 14.822318] __kasan_check_write+0x18/0x20 [ 14.822337] kasan_atomics_helper+0x1b22/0x5450 [ 14.822361] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.822382] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.822407] ? kasan_atomics+0x152/0x310 [ 14.822434] kasan_atomics+0x1dc/0x310 [ 14.822456] ? __pfx_kasan_atomics+0x10/0x10 [ 14.822481] ? __pfx_read_tsc+0x10/0x10 [ 14.822501] ? ktime_get_ts64+0x86/0x230 [ 14.822524] kunit_try_run_case+0x1a5/0x480 [ 14.822547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.822569] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.822593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.822615] ? __kthread_parkme+0x82/0x180 [ 14.822637] ? preempt_count_sub+0x50/0x80 [ 14.822659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.822682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.822706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.822729] kthread+0x337/0x6f0 [ 14.822748] ? trace_preempt_on+0x20/0xc0 [ 14.822770] ? __pfx_kthread+0x10/0x10 [ 14.822791] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.822812] ? calculate_sigpending+0x7b/0xa0 [ 14.822835] ? __pfx_kthread+0x10/0x10 [ 14.822857] ret_from_fork+0x116/0x1d0 [ 14.822875] ? __pfx_kthread+0x10/0x10 [ 14.822896] ret_from_fork_asm+0x1a/0x30 [ 14.822925] </TASK> [ 14.822936] [ 14.830812] Allocated by task 282: [ 14.830993] kasan_save_stack+0x45/0x70 [ 14.831299] kasan_save_track+0x18/0x40 [ 14.831537] kasan_save_alloc_info+0x3b/0x50 [ 14.831786] __kasan_kmalloc+0xb7/0xc0 [ 14.831978] __kmalloc_cache_noprof+0x189/0x420 [ 14.832232] kasan_atomics+0x95/0x310 [ 14.832428] kunit_try_run_case+0x1a5/0x480 [ 14.832639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.832895] kthread+0x337/0x6f0 [ 14.833184] ret_from_fork+0x116/0x1d0 [ 14.833533] ret_from_fork_asm+0x1a/0x30 [ 14.833722] [ 14.833902] The buggy address belongs to the object at ffff888103916a00 [ 14.833902] which belongs to the cache kmalloc-64 of size 64 [ 14.834327] The buggy address is located 0 bytes to the right of [ 14.834327] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.834695] [ 14.834767] The buggy address belongs to the physical page: [ 14.835116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.835468] flags: 0x200000000000000(node=0|zone=2) [ 14.835698] page_type: f5(slab) [ 14.835866] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.836215] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.836553] page dumped because: kasan: bad access detected [ 14.836782] [ 14.836856] Memory state around the buggy address: [ 14.837014] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.837288] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.837507] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.837722] ^ [ 14.837879] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.838433] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.838753] ================================================================== [ 14.981045] ================================================================== [ 14.981621] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 14.982001] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.982629] [ 14.982764] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.982806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.982819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.982840] Call Trace: [ 14.982855] <TASK> [ 14.982871] dump_stack_lvl+0x73/0xb0 [ 14.982900] print_report+0xd1/0x650 [ 14.982922] ? __virt_addr_valid+0x1db/0x2d0 [ 14.982944] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.982966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.982989] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.983011] kasan_report+0x141/0x180 [ 14.983044] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.983080] kasan_check_range+0x10c/0x1c0 [ 14.983105] __kasan_check_write+0x18/0x20 [ 14.983125] kasan_atomics_helper+0x1f43/0x5450 [ 14.983148] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.983181] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.983206] ? kasan_atomics+0x152/0x310 [ 14.984528] kasan_atomics+0x1dc/0x310 [ 14.984553] ? __pfx_kasan_atomics+0x10/0x10 [ 14.984578] ? __pfx_read_tsc+0x10/0x10 [ 14.984600] ? ktime_get_ts64+0x86/0x230 [ 14.984625] kunit_try_run_case+0x1a5/0x480 [ 14.984649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.984672] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.984695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.984719] ? __kthread_parkme+0x82/0x180 [ 14.984740] ? preempt_count_sub+0x50/0x80 [ 14.984764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.984787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.984811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.984835] kthread+0x337/0x6f0 [ 14.984855] ? trace_preempt_on+0x20/0xc0 [ 14.984878] ? __pfx_kthread+0x10/0x10 [ 14.984899] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.984921] ? calculate_sigpending+0x7b/0xa0 [ 14.984945] ? __pfx_kthread+0x10/0x10 [ 14.984967] ret_from_fork+0x116/0x1d0 [ 14.984986] ? __pfx_kthread+0x10/0x10 [ 14.985006] ret_from_fork_asm+0x1a/0x30 [ 14.985047] </TASK> [ 14.985232] [ 14.993218] Allocated by task 282: [ 14.993407] kasan_save_stack+0x45/0x70 [ 14.993612] kasan_save_track+0x18/0x40 [ 14.993806] kasan_save_alloc_info+0x3b/0x50 [ 14.994010] __kasan_kmalloc+0xb7/0xc0 [ 14.994153] __kmalloc_cache_noprof+0x189/0x420 [ 14.994308] kasan_atomics+0x95/0x310 [ 14.994443] kunit_try_run_case+0x1a5/0x480 [ 14.994666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.994925] kthread+0x337/0x6f0 [ 14.995109] ret_from_fork+0x116/0x1d0 [ 14.995686] ret_from_fork_asm+0x1a/0x30 [ 14.995882] [ 14.995985] The buggy address belongs to the object at ffff888103916a00 [ 14.995985] which belongs to the cache kmalloc-64 of size 64 [ 14.996581] The buggy address is located 0 bytes to the right of [ 14.996581] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.997145] [ 14.997247] The buggy address belongs to the physical page: [ 14.997472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.997775] flags: 0x200000000000000(node=0|zone=2) [ 14.997996] page_type: f5(slab) [ 14.998239] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.998475] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.998702] page dumped because: kasan: bad access detected [ 14.998875] [ 14.998973] Memory state around the buggy address: [ 14.999215] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.999537] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.999853] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.000168] ^ [ 15.000390] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.000943] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.001425] ================================================================== [ 15.001749] ================================================================== [ 15.002051] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 15.002857] Read of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 15.003287] [ 15.003403] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.003446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.003459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.003480] Call Trace: [ 15.003496] <TASK> [ 15.003512] dump_stack_lvl+0x73/0xb0 [ 15.003539] print_report+0xd1/0x650 [ 15.003562] ? __virt_addr_valid+0x1db/0x2d0 [ 15.003585] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.003607] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.003630] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.003652] kasan_report+0x141/0x180 [ 15.003675] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.003702] __asan_report_load8_noabort+0x18/0x20 [ 15.003727] kasan_atomics_helper+0x4f71/0x5450 [ 15.003750] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.003772] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.003798] ? kasan_atomics+0x152/0x310 [ 15.003825] kasan_atomics+0x1dc/0x310 [ 15.003848] ? __pfx_kasan_atomics+0x10/0x10 [ 15.003873] ? __pfx_read_tsc+0x10/0x10 [ 15.003895] ? ktime_get_ts64+0x86/0x230 [ 15.003918] kunit_try_run_case+0x1a5/0x480 [ 15.003943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.003966] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.003989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.004013] ? __kthread_parkme+0x82/0x180 [ 15.004048] ? preempt_count_sub+0x50/0x80 [ 15.004072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.004096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.004120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.004144] kthread+0x337/0x6f0 [ 15.004164] ? trace_preempt_on+0x20/0xc0 [ 15.004188] ? __pfx_kthread+0x10/0x10 [ 15.004209] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.004230] ? calculate_sigpending+0x7b/0xa0 [ 15.004413] ? __pfx_kthread+0x10/0x10 [ 15.004437] ret_from_fork+0x116/0x1d0 [ 15.004457] ? __pfx_kthread+0x10/0x10 [ 15.004478] ret_from_fork_asm+0x1a/0x30 [ 15.004509] </TASK> [ 15.004523] [ 15.012431] Allocated by task 282: [ 15.012621] kasan_save_stack+0x45/0x70 [ 15.012815] kasan_save_track+0x18/0x40 [ 15.012952] kasan_save_alloc_info+0x3b/0x50 [ 15.013116] __kasan_kmalloc+0xb7/0xc0 [ 15.013252] __kmalloc_cache_noprof+0x189/0x420 [ 15.013409] kasan_atomics+0x95/0x310 [ 15.013542] kunit_try_run_case+0x1a5/0x480 [ 15.013938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.014524] kthread+0x337/0x6f0 [ 15.014701] ret_from_fork+0x116/0x1d0 [ 15.014887] ret_from_fork_asm+0x1a/0x30 [ 15.015806] [ 15.015932] The buggy address belongs to the object at ffff888103916a00 [ 15.015932] which belongs to the cache kmalloc-64 of size 64 [ 15.016996] The buggy address is located 0 bytes to the right of [ 15.016996] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 15.017683] [ 15.017763] The buggy address belongs to the physical page: [ 15.017940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 15.018396] flags: 0x200000000000000(node=0|zone=2) [ 15.018586] page_type: f5(slab) [ 15.018714] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.019099] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.019438] page dumped because: kasan: bad access detected [ 15.019707] [ 15.019803] Memory state around the buggy address: [ 15.020040] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.020519] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.020820] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.021220] ^ [ 15.021436] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.021729] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.021989] ================================================================== [ 13.970314] ================================================================== [ 13.970677] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 13.971012] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 13.971441] [ 13.971569] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.971624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.971638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.971659] Call Trace: [ 13.971676] <TASK> [ 13.971691] dump_stack_lvl+0x73/0xb0 [ 13.971719] print_report+0xd1/0x650 [ 13.971753] ? __virt_addr_valid+0x1db/0x2d0 [ 13.971777] ? kasan_atomics_helper+0x697/0x5450 [ 13.971799] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.971832] ? kasan_atomics_helper+0x697/0x5450 [ 13.971855] kasan_report+0x141/0x180 [ 13.971878] ? kasan_atomics_helper+0x697/0x5450 [ 13.971913] kasan_check_range+0x10c/0x1c0 [ 13.971937] __kasan_check_write+0x18/0x20 [ 13.971957] kasan_atomics_helper+0x697/0x5450 [ 13.971990] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.972014] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.972133] ? kasan_atomics+0x152/0x310 [ 13.972164] kasan_atomics+0x1dc/0x310 [ 13.972212] ? __pfx_kasan_atomics+0x10/0x10 [ 13.972237] ? __pfx_read_tsc+0x10/0x10 [ 13.972259] ? ktime_get_ts64+0x86/0x230 [ 13.972294] kunit_try_run_case+0x1a5/0x480 [ 13.972318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.972341] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.972364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.972387] ? __kthread_parkme+0x82/0x180 [ 13.972408] ? preempt_count_sub+0x50/0x80 [ 13.972431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.972455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.972478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.972502] kthread+0x337/0x6f0 [ 13.972522] ? trace_preempt_on+0x20/0xc0 [ 13.972544] ? __pfx_kthread+0x10/0x10 [ 13.972566] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.972588] ? calculate_sigpending+0x7b/0xa0 [ 13.972620] ? __pfx_kthread+0x10/0x10 [ 13.972642] ret_from_fork+0x116/0x1d0 [ 13.972661] ? __pfx_kthread+0x10/0x10 [ 13.972692] ret_from_fork_asm+0x1a/0x30 [ 13.972722] </TASK> [ 13.972734] [ 13.981111] Allocated by task 282: [ 13.981265] kasan_save_stack+0x45/0x70 [ 13.981497] kasan_save_track+0x18/0x40 [ 13.981691] kasan_save_alloc_info+0x3b/0x50 [ 13.981899] __kasan_kmalloc+0xb7/0xc0 [ 13.982852] __kmalloc_cache_noprof+0x189/0x420 [ 13.983543] kasan_atomics+0x95/0x310 [ 13.983780] kunit_try_run_case+0x1a5/0x480 [ 13.983975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.984554] kthread+0x337/0x6f0 [ 13.984863] ret_from_fork+0x116/0x1d0 [ 13.985305] ret_from_fork_asm+0x1a/0x30 [ 13.985500] [ 13.985592] The buggy address belongs to the object at ffff888103916a00 [ 13.985592] which belongs to the cache kmalloc-64 of size 64 [ 13.986269] The buggy address is located 0 bytes to the right of [ 13.986269] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 13.986856] [ 13.986940] The buggy address belongs to the physical page: [ 13.987297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 13.987663] flags: 0x200000000000000(node=0|zone=2) [ 13.987866] page_type: f5(slab) [ 13.988019] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.988482] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.988799] page dumped because: kasan: bad access detected [ 13.989100] [ 13.989221] Memory state around the buggy address: [ 13.989477] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.989730] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.990283] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.990602] ^ [ 13.990818] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.991223] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.991539] ================================================================== [ 14.864301] ================================================================== [ 14.864627] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 14.864968] Read of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.865655] [ 14.865930] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.866138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.866157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.866178] Call Trace: [ 14.866194] <TASK> [ 14.866210] dump_stack_lvl+0x73/0xb0 [ 14.866240] print_report+0xd1/0x650 [ 14.866265] ? __virt_addr_valid+0x1db/0x2d0 [ 14.866288] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.866311] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.866334] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.866357] kasan_report+0x141/0x180 [ 14.866380] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.866406] __asan_report_load8_noabort+0x18/0x20 [ 14.866431] kasan_atomics_helper+0x4f30/0x5450 [ 14.866454] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.866477] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.866502] ? kasan_atomics+0x152/0x310 [ 14.866529] kasan_atomics+0x1dc/0x310 [ 14.866553] ? __pfx_kasan_atomics+0x10/0x10 [ 14.866578] ? __pfx_read_tsc+0x10/0x10 [ 14.866600] ? ktime_get_ts64+0x86/0x230 [ 14.866623] kunit_try_run_case+0x1a5/0x480 [ 14.866647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.866669] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.866692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.866716] ? __kthread_parkme+0x82/0x180 [ 14.866737] ? preempt_count_sub+0x50/0x80 [ 14.866761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.866784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.866808] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.866831] kthread+0x337/0x6f0 [ 14.866851] ? trace_preempt_on+0x20/0xc0 [ 14.866874] ? __pfx_kthread+0x10/0x10 [ 14.866895] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.866916] ? calculate_sigpending+0x7b/0xa0 [ 14.866941] ? __pfx_kthread+0x10/0x10 [ 14.866963] ret_from_fork+0x116/0x1d0 [ 14.866981] ? __pfx_kthread+0x10/0x10 [ 14.867002] ret_from_fork_asm+0x1a/0x30 [ 14.867048] </TASK> [ 14.867087] [ 14.878131] Allocated by task 282: [ 14.878565] kasan_save_stack+0x45/0x70 [ 14.879001] kasan_save_track+0x18/0x40 [ 14.879248] kasan_save_alloc_info+0x3b/0x50 [ 14.879462] __kasan_kmalloc+0xb7/0xc0 [ 14.879659] __kmalloc_cache_noprof+0x189/0x420 [ 14.879864] kasan_atomics+0x95/0x310 [ 14.880070] kunit_try_run_case+0x1a5/0x480 [ 14.880557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.880763] kthread+0x337/0x6f0 [ 14.881001] ret_from_fork+0x116/0x1d0 [ 14.881255] ret_from_fork_asm+0x1a/0x30 [ 14.881579] [ 14.881672] The buggy address belongs to the object at ffff888103916a00 [ 14.881672] which belongs to the cache kmalloc-64 of size 64 [ 14.882415] The buggy address is located 0 bytes to the right of [ 14.882415] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.883044] [ 14.883256] The buggy address belongs to the physical page: [ 14.883665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.884276] flags: 0x200000000000000(node=0|zone=2) [ 14.884460] page_type: f5(slab) [ 14.884704] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.885185] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.885537] page dumped because: kasan: bad access detected [ 14.885770] [ 14.885854] Memory state around the buggy address: [ 14.886216] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.886595] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.886941] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.887363] ^ [ 14.887569] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.888165] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.888540] ================================================================== [ 14.889214] ================================================================== [ 14.889491] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 14.889837] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.890181] [ 14.890268] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.890311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.890747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.890774] Call Trace: [ 14.890789] <TASK> [ 14.890859] dump_stack_lvl+0x73/0xb0 [ 14.890892] print_report+0xd1/0x650 [ 14.890916] ? __virt_addr_valid+0x1db/0x2d0 [ 14.890940] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.890962] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.890985] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.891008] kasan_report+0x141/0x180 [ 14.891042] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.891073] kasan_check_range+0x10c/0x1c0 [ 14.891097] __kasan_check_write+0x18/0x20 [ 14.891266] kasan_atomics_helper+0x1ce1/0x5450 [ 14.891405] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.891432] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.891459] ? kasan_atomics+0x152/0x310 [ 14.891487] kasan_atomics+0x1dc/0x310 [ 14.891510] ? __pfx_kasan_atomics+0x10/0x10 [ 14.891534] ? __pfx_read_tsc+0x10/0x10 [ 14.891557] ? ktime_get_ts64+0x86/0x230 [ 14.891581] kunit_try_run_case+0x1a5/0x480 [ 14.891606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.891630] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.891652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.891675] ? __kthread_parkme+0x82/0x180 [ 14.891695] ? preempt_count_sub+0x50/0x80 [ 14.891719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.891744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.891769] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.891794] kthread+0x337/0x6f0 [ 14.891814] ? trace_preempt_on+0x20/0xc0 [ 14.891838] ? __pfx_kthread+0x10/0x10 [ 14.891859] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.891881] ? calculate_sigpending+0x7b/0xa0 [ 14.891905] ? __pfx_kthread+0x10/0x10 [ 14.891928] ret_from_fork+0x116/0x1d0 [ 14.891947] ? __pfx_kthread+0x10/0x10 [ 14.891968] ret_from_fork_asm+0x1a/0x30 [ 14.891998] </TASK> [ 14.892010] [ 14.902303] Allocated by task 282: [ 14.902638] kasan_save_stack+0x45/0x70 [ 14.902897] kasan_save_track+0x18/0x40 [ 14.903335] kasan_save_alloc_info+0x3b/0x50 [ 14.903663] __kasan_kmalloc+0xb7/0xc0 [ 14.903840] __kmalloc_cache_noprof+0x189/0x420 [ 14.904056] kasan_atomics+0x95/0x310 [ 14.904513] kunit_try_run_case+0x1a5/0x480 [ 14.904701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.905063] kthread+0x337/0x6f0 [ 14.905281] ret_from_fork+0x116/0x1d0 [ 14.905559] ret_from_fork_asm+0x1a/0x30 [ 14.905743] [ 14.905924] The buggy address belongs to the object at ffff888103916a00 [ 14.905924] which belongs to the cache kmalloc-64 of size 64 [ 14.906542] The buggy address is located 0 bytes to the right of [ 14.906542] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.907352] [ 14.907618] The buggy address belongs to the physical page: [ 14.907899] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.908436] flags: 0x200000000000000(node=0|zone=2) [ 14.908649] page_type: f5(slab) [ 14.908808] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.909325] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.909628] page dumped because: kasan: bad access detected [ 14.909936] [ 14.910113] Memory state around the buggy address: [ 14.910304] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.910852] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.911214] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.911643] ^ [ 14.911821] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.912330] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.912595] ================================================================== [ 14.729732] ================================================================== [ 14.730167] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.730642] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.730909] [ 14.731021] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.731123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.731137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.731174] Call Trace: [ 14.731191] <TASK> [ 14.731208] dump_stack_lvl+0x73/0xb0 [ 14.731238] print_report+0xd1/0x650 [ 14.731261] ? __virt_addr_valid+0x1db/0x2d0 [ 14.731284] ? kasan_atomics_helper+0x1818/0x5450 [ 14.731305] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.731328] ? kasan_atomics_helper+0x1818/0x5450 [ 14.731350] kasan_report+0x141/0x180 [ 14.731372] ? kasan_atomics_helper+0x1818/0x5450 [ 14.731398] kasan_check_range+0x10c/0x1c0 [ 14.731422] __kasan_check_write+0x18/0x20 [ 14.731442] kasan_atomics_helper+0x1818/0x5450 [ 14.731464] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.731486] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.731512] ? kasan_atomics+0x152/0x310 [ 14.731539] kasan_atomics+0x1dc/0x310 [ 14.731562] ? __pfx_kasan_atomics+0x10/0x10 [ 14.731587] ? __pfx_read_tsc+0x10/0x10 [ 14.731607] ? ktime_get_ts64+0x86/0x230 [ 14.731631] kunit_try_run_case+0x1a5/0x480 [ 14.731655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.731677] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.731700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.731723] ? __kthread_parkme+0x82/0x180 [ 14.731743] ? preempt_count_sub+0x50/0x80 [ 14.731767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.731791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.731814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.731837] kthread+0x337/0x6f0 [ 14.731856] ? trace_preempt_on+0x20/0xc0 [ 14.731879] ? __pfx_kthread+0x10/0x10 [ 14.731900] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.731921] ? calculate_sigpending+0x7b/0xa0 [ 14.731944] ? __pfx_kthread+0x10/0x10 [ 14.731966] ret_from_fork+0x116/0x1d0 [ 14.731984] ? __pfx_kthread+0x10/0x10 [ 14.732006] ret_from_fork_asm+0x1a/0x30 [ 14.732058] </TASK> [ 14.732070] [ 14.740417] Allocated by task 282: [ 14.740560] kasan_save_stack+0x45/0x70 [ 14.740704] kasan_save_track+0x18/0x40 [ 14.740849] kasan_save_alloc_info+0x3b/0x50 [ 14.741077] __kasan_kmalloc+0xb7/0xc0 [ 14.741269] __kmalloc_cache_noprof+0x189/0x420 [ 14.741501] kasan_atomics+0x95/0x310 [ 14.741690] kunit_try_run_case+0x1a5/0x480 [ 14.741883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.742129] kthread+0x337/0x6f0 [ 14.742299] ret_from_fork+0x116/0x1d0 [ 14.742522] ret_from_fork_asm+0x1a/0x30 [ 14.742718] [ 14.742791] The buggy address belongs to the object at ffff888103916a00 [ 14.742791] which belongs to the cache kmalloc-64 of size 64 [ 14.743252] The buggy address is located 0 bytes to the right of [ 14.743252] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.743786] [ 14.743885] The buggy address belongs to the physical page: [ 14.744181] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.744528] flags: 0x200000000000000(node=0|zone=2) [ 14.744733] page_type: f5(slab) [ 14.744891] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.745175] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.745503] page dumped because: kasan: bad access detected [ 14.745715] [ 14.745787] Memory state around the buggy address: [ 14.745943] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.746209] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.746427] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.746710] ^ [ 14.746934] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.747462] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.747783] ================================================================== [ 14.766403] ================================================================== [ 14.767121] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 14.767501] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.767825] [ 14.767915] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.767960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.767975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.767998] Call Trace: [ 14.768013] <TASK> [ 14.768039] dump_stack_lvl+0x73/0xb0 [ 14.768066] print_report+0xd1/0x650 [ 14.768089] ? __virt_addr_valid+0x1db/0x2d0 [ 14.768111] ? kasan_atomics_helper+0x194a/0x5450 [ 14.768169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.768192] ? kasan_atomics_helper+0x194a/0x5450 [ 14.768231] kasan_report+0x141/0x180 [ 14.768253] ? kasan_atomics_helper+0x194a/0x5450 [ 14.768279] kasan_check_range+0x10c/0x1c0 [ 14.768304] __kasan_check_write+0x18/0x20 [ 14.768324] kasan_atomics_helper+0x194a/0x5450 [ 14.768346] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.768368] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.768393] ? kasan_atomics+0x152/0x310 [ 14.768420] kasan_atomics+0x1dc/0x310 [ 14.768442] ? __pfx_kasan_atomics+0x10/0x10 [ 14.768467] ? __pfx_read_tsc+0x10/0x10 [ 14.768488] ? ktime_get_ts64+0x86/0x230 [ 14.768512] kunit_try_run_case+0x1a5/0x480 [ 14.768536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.768559] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.768582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.768605] ? __kthread_parkme+0x82/0x180 [ 14.768626] ? preempt_count_sub+0x50/0x80 [ 14.768649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.768674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.768697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.768720] kthread+0x337/0x6f0 [ 14.768739] ? trace_preempt_on+0x20/0xc0 [ 14.768763] ? __pfx_kthread+0x10/0x10 [ 14.768783] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.768804] ? calculate_sigpending+0x7b/0xa0 [ 14.768829] ? __pfx_kthread+0x10/0x10 [ 14.768850] ret_from_fork+0x116/0x1d0 [ 14.768868] ? __pfx_kthread+0x10/0x10 [ 14.768889] ret_from_fork_asm+0x1a/0x30 [ 14.768919] </TASK> [ 14.768931] [ 14.777410] Allocated by task 282: [ 14.777589] kasan_save_stack+0x45/0x70 [ 14.777745] kasan_save_track+0x18/0x40 [ 14.777941] kasan_save_alloc_info+0x3b/0x50 [ 14.778289] __kasan_kmalloc+0xb7/0xc0 [ 14.778457] __kmalloc_cache_noprof+0x189/0x420 [ 14.778674] kasan_atomics+0x95/0x310 [ 14.778865] kunit_try_run_case+0x1a5/0x480 [ 14.779083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.779311] kthread+0x337/0x6f0 [ 14.779466] ret_from_fork+0x116/0x1d0 [ 14.779639] ret_from_fork_asm+0x1a/0x30 [ 14.779821] [ 14.779913] The buggy address belongs to the object at ffff888103916a00 [ 14.779913] which belongs to the cache kmalloc-64 of size 64 [ 14.780472] The buggy address is located 0 bytes to the right of [ 14.780472] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.780843] [ 14.780915] The buggy address belongs to the physical page: [ 14.781102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.781363] flags: 0x200000000000000(node=0|zone=2) [ 14.781528] page_type: f5(slab) [ 14.781648] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.781988] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.782356] page dumped because: kasan: bad access detected [ 14.782606] [ 14.782700] Memory state around the buggy address: [ 14.782931] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.783339] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.783661] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.783976] ^ [ 14.784275] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.784602] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.784943] ================================================================== [ 14.962756] ================================================================== [ 14.963090] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 14.963670] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.963967] [ 14.964098] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.964142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.964157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.964179] Call Trace: [ 14.964195] <TASK> [ 14.964211] dump_stack_lvl+0x73/0xb0 [ 14.964239] print_report+0xd1/0x650 [ 14.964263] ? __virt_addr_valid+0x1db/0x2d0 [ 14.964286] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.964309] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.964332] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.964355] kasan_report+0x141/0x180 [ 14.964377] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.964404] kasan_check_range+0x10c/0x1c0 [ 14.964428] __kasan_check_write+0x18/0x20 [ 14.964448] kasan_atomics_helper+0x1eaa/0x5450 [ 14.964471] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.964494] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.964519] ? kasan_atomics+0x152/0x310 [ 14.964547] kasan_atomics+0x1dc/0x310 [ 14.964570] ? __pfx_kasan_atomics+0x10/0x10 [ 14.964595] ? __pfx_read_tsc+0x10/0x10 [ 14.964617] ? ktime_get_ts64+0x86/0x230 [ 14.964642] kunit_try_run_case+0x1a5/0x480 [ 14.964667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.964689] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.964712] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.964735] ? __kthread_parkme+0x82/0x180 [ 14.964757] ? preempt_count_sub+0x50/0x80 [ 14.964781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.964805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.964828] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.964852] kthread+0x337/0x6f0 [ 14.964872] ? trace_preempt_on+0x20/0xc0 [ 14.964895] ? __pfx_kthread+0x10/0x10 [ 14.964916] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.964937] ? calculate_sigpending+0x7b/0xa0 [ 14.964962] ? __pfx_kthread+0x10/0x10 [ 14.964984] ret_from_fork+0x116/0x1d0 [ 14.965002] ? __pfx_kthread+0x10/0x10 [ 14.965023] ret_from_fork_asm+0x1a/0x30 [ 14.965085] </TASK> [ 14.965097] [ 14.972984] Allocated by task 282: [ 14.973175] kasan_save_stack+0x45/0x70 [ 14.973396] kasan_save_track+0x18/0x40 [ 14.973587] kasan_save_alloc_info+0x3b/0x50 [ 14.973758] __kasan_kmalloc+0xb7/0xc0 [ 14.973936] __kmalloc_cache_noprof+0x189/0x420 [ 14.974218] kasan_atomics+0x95/0x310 [ 14.974356] kunit_try_run_case+0x1a5/0x480 [ 14.974501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.974818] kthread+0x337/0x6f0 [ 14.974988] ret_from_fork+0x116/0x1d0 [ 14.975252] ret_from_fork_asm+0x1a/0x30 [ 14.975500] [ 14.975575] The buggy address belongs to the object at ffff888103916a00 [ 14.975575] which belongs to the cache kmalloc-64 of size 64 [ 14.976017] The buggy address is located 0 bytes to the right of [ 14.976017] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.976569] [ 14.976670] The buggy address belongs to the physical page: [ 14.976894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.977146] flags: 0x200000000000000(node=0|zone=2) [ 14.977307] page_type: f5(slab) [ 14.977426] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.977655] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.978215] page dumped because: kasan: bad access detected [ 14.978515] [ 14.978611] Memory state around the buggy address: [ 14.978832] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.979280] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.979522] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.979735] ^ [ 14.979891] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.980231] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.980556] ================================================================== [ 14.748335] ================================================================== [ 14.748678] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 14.748944] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.749548] [ 14.749665] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.749707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.749720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.749741] Call Trace: [ 14.749757] <TASK> [ 14.749773] dump_stack_lvl+0x73/0xb0 [ 14.749808] print_report+0xd1/0x650 [ 14.749859] ? __virt_addr_valid+0x1db/0x2d0 [ 14.749882] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.749904] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.749926] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.749948] kasan_report+0x141/0x180 [ 14.749970] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.749997] kasan_check_range+0x10c/0x1c0 [ 14.750020] __kasan_check_write+0x18/0x20 [ 14.750057] kasan_atomics_helper+0x18b1/0x5450 [ 14.750081] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.750103] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.750128] ? kasan_atomics+0x152/0x310 [ 14.750155] kasan_atomics+0x1dc/0x310 [ 14.750178] ? __pfx_kasan_atomics+0x10/0x10 [ 14.750203] ? __pfx_read_tsc+0x10/0x10 [ 14.750224] ? ktime_get_ts64+0x86/0x230 [ 14.750248] kunit_try_run_case+0x1a5/0x480 [ 14.750271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.750294] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.750317] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.750339] ? __kthread_parkme+0x82/0x180 [ 14.750359] ? preempt_count_sub+0x50/0x80 [ 14.750383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.750407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.750429] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.750453] kthread+0x337/0x6f0 [ 14.750473] ? trace_preempt_on+0x20/0xc0 [ 14.750496] ? __pfx_kthread+0x10/0x10 [ 14.750517] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.750538] ? calculate_sigpending+0x7b/0xa0 [ 14.750562] ? __pfx_kthread+0x10/0x10 [ 14.750583] ret_from_fork+0x116/0x1d0 [ 14.750602] ? __pfx_kthread+0x10/0x10 [ 14.750623] ret_from_fork_asm+0x1a/0x30 [ 14.750652] </TASK> [ 14.750663] [ 14.758297] Allocated by task 282: [ 14.758465] kasan_save_stack+0x45/0x70 [ 14.758687] kasan_save_track+0x18/0x40 [ 14.758882] kasan_save_alloc_info+0x3b/0x50 [ 14.759120] __kasan_kmalloc+0xb7/0xc0 [ 14.759289] __kmalloc_cache_noprof+0x189/0x420 [ 14.759446] kasan_atomics+0x95/0x310 [ 14.759580] kunit_try_run_case+0x1a5/0x480 [ 14.759922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.760216] kthread+0x337/0x6f0 [ 14.760389] ret_from_fork+0x116/0x1d0 [ 14.760580] ret_from_fork_asm+0x1a/0x30 [ 14.760782] [ 14.760857] The buggy address belongs to the object at ffff888103916a00 [ 14.760857] which belongs to the cache kmalloc-64 of size 64 [ 14.761403] The buggy address is located 0 bytes to the right of [ 14.761403] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.761871] [ 14.761967] The buggy address belongs to the physical page: [ 14.762180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.762487] flags: 0x200000000000000(node=0|zone=2) [ 14.762704] page_type: f5(slab) [ 14.762869] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.763386] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.763705] page dumped because: kasan: bad access detected [ 14.763876] [ 14.763946] Memory state around the buggy address: [ 14.764119] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.764337] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.764553] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.764764] ^ [ 14.764977] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.765535] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.765847] ================================================================== [ 14.284351] ================================================================== [ 14.284684] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 14.284970] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.285357] [ 14.285469] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.285511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.285524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.285545] Call Trace: [ 14.285559] <TASK> [ 14.285573] dump_stack_lvl+0x73/0xb0 [ 14.285601] print_report+0xd1/0x650 [ 14.285623] ? __virt_addr_valid+0x1db/0x2d0 [ 14.285648] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.285669] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.285692] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.285714] kasan_report+0x141/0x180 [ 14.285736] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.285762] kasan_check_range+0x10c/0x1c0 [ 14.285787] __kasan_check_write+0x18/0x20 [ 14.285807] kasan_atomics_helper+0xfa9/0x5450 [ 14.285830] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.285853] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.285879] ? kasan_atomics+0x152/0x310 [ 14.285906] kasan_atomics+0x1dc/0x310 [ 14.285928] ? __pfx_kasan_atomics+0x10/0x10 [ 14.285953] ? __pfx_read_tsc+0x10/0x10 [ 14.285975] ? ktime_get_ts64+0x86/0x230 [ 14.285999] kunit_try_run_case+0x1a5/0x480 [ 14.286023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.286117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.286160] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.286184] ? __kthread_parkme+0x82/0x180 [ 14.286205] ? preempt_count_sub+0x50/0x80 [ 14.286228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.286253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.286276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.286302] kthread+0x337/0x6f0 [ 14.286322] ? trace_preempt_on+0x20/0xc0 [ 14.286346] ? __pfx_kthread+0x10/0x10 [ 14.286367] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.286389] ? calculate_sigpending+0x7b/0xa0 [ 14.286413] ? __pfx_kthread+0x10/0x10 [ 14.286435] ret_from_fork+0x116/0x1d0 [ 14.286453] ? __pfx_kthread+0x10/0x10 [ 14.286475] ret_from_fork_asm+0x1a/0x30 [ 14.286506] </TASK> [ 14.286517] [ 14.294570] Allocated by task 282: [ 14.294704] kasan_save_stack+0x45/0x70 [ 14.294852] kasan_save_track+0x18/0x40 [ 14.295219] kasan_save_alloc_info+0x3b/0x50 [ 14.295480] __kasan_kmalloc+0xb7/0xc0 [ 14.295670] __kmalloc_cache_noprof+0x189/0x420 [ 14.295891] kasan_atomics+0x95/0x310 [ 14.296171] kunit_try_run_case+0x1a5/0x480 [ 14.296400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.296620] kthread+0x337/0x6f0 [ 14.296741] ret_from_fork+0x116/0x1d0 [ 14.296873] ret_from_fork_asm+0x1a/0x30 [ 14.297014] [ 14.297207] The buggy address belongs to the object at ffff888103916a00 [ 14.297207] which belongs to the cache kmalloc-64 of size 64 [ 14.297735] The buggy address is located 0 bytes to the right of [ 14.297735] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.298320] [ 14.298396] The buggy address belongs to the physical page: [ 14.298572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.298845] flags: 0x200000000000000(node=0|zone=2) [ 14.299298] page_type: f5(slab) [ 14.299479] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.299826] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.300272] page dumped because: kasan: bad access detected [ 14.300458] [ 14.300560] Memory state around the buggy address: [ 14.300784] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.301114] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.301362] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.301653] ^ [ 14.301882] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.302293] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.302611] ================================================================== [ 13.908660] ================================================================== [ 13.908947] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 13.909388] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 13.909735] [ 13.909858] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.909902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.909915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.909936] Call Trace: [ 13.909954] <TASK> [ 13.909969] dump_stack_lvl+0x73/0xb0 [ 13.910005] print_report+0xd1/0x650 [ 13.910110] ? __virt_addr_valid+0x1db/0x2d0 [ 13.910138] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.910160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.910211] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.910233] kasan_report+0x141/0x180 [ 13.910256] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.910283] __asan_report_store4_noabort+0x1b/0x30 [ 13.910305] kasan_atomics_helper+0x4b3a/0x5450 [ 13.910327] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.910350] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.910376] ? kasan_atomics+0x152/0x310 [ 13.910413] kasan_atomics+0x1dc/0x310 [ 13.910437] ? __pfx_kasan_atomics+0x10/0x10 [ 13.910461] ? __pfx_read_tsc+0x10/0x10 [ 13.910493] ? ktime_get_ts64+0x86/0x230 [ 13.910517] kunit_try_run_case+0x1a5/0x480 [ 13.910542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.910563] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.910587] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.910611] ? __kthread_parkme+0x82/0x180 [ 13.910631] ? preempt_count_sub+0x50/0x80 [ 13.910655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.910679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.910702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.910726] kthread+0x337/0x6f0 [ 13.910745] ? trace_preempt_on+0x20/0xc0 [ 13.910769] ? __pfx_kthread+0x10/0x10 [ 13.910798] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.910820] ? calculate_sigpending+0x7b/0xa0 [ 13.910843] ? __pfx_kthread+0x10/0x10 [ 13.910875] ret_from_fork+0x116/0x1d0 [ 13.910893] ? __pfx_kthread+0x10/0x10 [ 13.910915] ret_from_fork_asm+0x1a/0x30 [ 13.910944] </TASK> [ 13.910957] [ 13.919373] Allocated by task 282: [ 13.919548] kasan_save_stack+0x45/0x70 [ 13.919764] kasan_save_track+0x18/0x40 [ 13.919959] kasan_save_alloc_info+0x3b/0x50 [ 13.920372] __kasan_kmalloc+0xb7/0xc0 [ 13.920596] __kmalloc_cache_noprof+0x189/0x420 [ 13.920816] kasan_atomics+0x95/0x310 [ 13.920955] kunit_try_run_case+0x1a5/0x480 [ 13.921288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.921532] kthread+0x337/0x6f0 [ 13.921709] ret_from_fork+0x116/0x1d0 [ 13.921912] ret_from_fork_asm+0x1a/0x30 [ 13.922125] [ 13.922212] The buggy address belongs to the object at ffff888103916a00 [ 13.922212] which belongs to the cache kmalloc-64 of size 64 [ 13.922735] The buggy address is located 0 bytes to the right of [ 13.922735] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 13.923225] [ 13.923299] The buggy address belongs to the physical page: [ 13.923474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 13.923828] flags: 0x200000000000000(node=0|zone=2) [ 13.924309] page_type: f5(slab) [ 13.924489] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.924823] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.925243] page dumped because: kasan: bad access detected [ 13.925485] [ 13.925584] Memory state around the buggy address: [ 13.925810] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.926214] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.926508] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.926722] ^ [ 13.926948] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.927377] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.927723] ================================================================== [ 14.643187] ================================================================== [ 14.643509] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.643824] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.644796] [ 14.645057] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.645107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.645121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.645154] Call Trace: [ 14.645205] <TASK> [ 14.645221] dump_stack_lvl+0x73/0xb0 [ 14.645253] print_report+0xd1/0x650 [ 14.645276] ? __virt_addr_valid+0x1db/0x2d0 [ 14.645299] ? kasan_atomics_helper+0x164f/0x5450 [ 14.645321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.645345] ? kasan_atomics_helper+0x164f/0x5450 [ 14.645368] kasan_report+0x141/0x180 [ 14.645391] ? kasan_atomics_helper+0x164f/0x5450 [ 14.645418] kasan_check_range+0x10c/0x1c0 [ 14.645441] __kasan_check_write+0x18/0x20 [ 14.645461] kasan_atomics_helper+0x164f/0x5450 [ 14.645485] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.645506] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.645534] ? kasan_atomics+0x152/0x310 [ 14.645562] kasan_atomics+0x1dc/0x310 [ 14.645585] ? __pfx_kasan_atomics+0x10/0x10 [ 14.645610] ? __pfx_read_tsc+0x10/0x10 [ 14.645632] ? ktime_get_ts64+0x86/0x230 [ 14.645658] kunit_try_run_case+0x1a5/0x480 [ 14.645682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.645705] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.645730] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.645753] ? __kthread_parkme+0x82/0x180 [ 14.645774] ? preempt_count_sub+0x50/0x80 [ 14.645798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.645822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.645845] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.645870] kthread+0x337/0x6f0 [ 14.645889] ? trace_preempt_on+0x20/0xc0 [ 14.645913] ? __pfx_kthread+0x10/0x10 [ 14.645934] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.645955] ? calculate_sigpending+0x7b/0xa0 [ 14.645979] ? __pfx_kthread+0x10/0x10 [ 14.646001] ret_from_fork+0x116/0x1d0 [ 14.646020] ? __pfx_kthread+0x10/0x10 [ 14.646073] ret_from_fork_asm+0x1a/0x30 [ 14.646103] </TASK> [ 14.646116] [ 14.659457] Allocated by task 282: [ 14.659713] kasan_save_stack+0x45/0x70 [ 14.659911] kasan_save_track+0x18/0x40 [ 14.660378] kasan_save_alloc_info+0x3b/0x50 [ 14.660657] __kasan_kmalloc+0xb7/0xc0 [ 14.660937] __kmalloc_cache_noprof+0x189/0x420 [ 14.661374] kasan_atomics+0x95/0x310 [ 14.661569] kunit_try_run_case+0x1a5/0x480 [ 14.661766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.661993] kthread+0x337/0x6f0 [ 14.662545] ret_from_fork+0x116/0x1d0 [ 14.662901] ret_from_fork_asm+0x1a/0x30 [ 14.663343] [ 14.663618] The buggy address belongs to the object at ffff888103916a00 [ 14.663618] which belongs to the cache kmalloc-64 of size 64 [ 14.664573] The buggy address is located 0 bytes to the right of [ 14.664573] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.665240] [ 14.665460] The buggy address belongs to the physical page: [ 14.665809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.666356] flags: 0x200000000000000(node=0|zone=2) [ 14.666871] page_type: f5(slab) [ 14.667044] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.667769] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.668443] page dumped because: kasan: bad access detected [ 14.668746] [ 14.668847] Memory state around the buggy address: [ 14.669263] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.669703] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.670009] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.670548] ^ [ 14.670776] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.671290] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.671753] ================================================================== [ 14.542981] ================================================================== [ 14.543376] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.543635] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.544209] [ 14.544308] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.544350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.544363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.544383] Call Trace: [ 14.544398] <TASK> [ 14.544413] dump_stack_lvl+0x73/0xb0 [ 14.544441] print_report+0xd1/0x650 [ 14.544484] ? __virt_addr_valid+0x1db/0x2d0 [ 14.544507] ? kasan_atomics_helper+0x1467/0x5450 [ 14.544529] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.544551] ? kasan_atomics_helper+0x1467/0x5450 [ 14.544574] kasan_report+0x141/0x180 [ 14.544596] ? kasan_atomics_helper+0x1467/0x5450 [ 14.544622] kasan_check_range+0x10c/0x1c0 [ 14.544653] __kasan_check_write+0x18/0x20 [ 14.544674] kasan_atomics_helper+0x1467/0x5450 [ 14.544697] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.544720] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.544745] ? kasan_atomics+0x152/0x310 [ 14.544772] kasan_atomics+0x1dc/0x310 [ 14.544795] ? __pfx_kasan_atomics+0x10/0x10 [ 14.544819] ? __pfx_read_tsc+0x10/0x10 [ 14.544840] ? ktime_get_ts64+0x86/0x230 [ 14.544865] kunit_try_run_case+0x1a5/0x480 [ 14.544889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.544912] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.544935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.544959] ? __kthread_parkme+0x82/0x180 [ 14.544980] ? preempt_count_sub+0x50/0x80 [ 14.545004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.545038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.545062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.545086] kthread+0x337/0x6f0 [ 14.545105] ? trace_preempt_on+0x20/0xc0 [ 14.545130] ? __pfx_kthread+0x10/0x10 [ 14.545152] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.545174] ? calculate_sigpending+0x7b/0xa0 [ 14.545197] ? __pfx_kthread+0x10/0x10 [ 14.545219] ret_from_fork+0x116/0x1d0 [ 14.545238] ? __pfx_kthread+0x10/0x10 [ 14.545259] ret_from_fork_asm+0x1a/0x30 [ 14.545300] </TASK> [ 14.545312] [ 14.553262] Allocated by task 282: [ 14.553392] kasan_save_stack+0x45/0x70 [ 14.553603] kasan_save_track+0x18/0x40 [ 14.553792] kasan_save_alloc_info+0x3b/0x50 [ 14.554001] __kasan_kmalloc+0xb7/0xc0 [ 14.554159] __kmalloc_cache_noprof+0x189/0x420 [ 14.554315] kasan_atomics+0x95/0x310 [ 14.554449] kunit_try_run_case+0x1a5/0x480 [ 14.554741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.554994] kthread+0x337/0x6f0 [ 14.555195] ret_from_fork+0x116/0x1d0 [ 14.555409] ret_from_fork_asm+0x1a/0x30 [ 14.555585] [ 14.555690] The buggy address belongs to the object at ffff888103916a00 [ 14.555690] which belongs to the cache kmalloc-64 of size 64 [ 14.556268] The buggy address is located 0 bytes to the right of [ 14.556268] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.556871] [ 14.556969] The buggy address belongs to the physical page: [ 14.557369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.557931] flags: 0x200000000000000(node=0|zone=2) [ 14.558258] page_type: f5(slab) [ 14.558470] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.558769] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.559089] page dumped because: kasan: bad access detected [ 14.559379] [ 14.559475] Memory state around the buggy address: [ 14.559665] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.559944] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.560231] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.560628] ^ [ 14.560900] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.561130] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.561347] ================================================================== [ 14.379947] ================================================================== [ 14.380366] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 14.380722] Read of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.381061] [ 14.381338] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.381385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.381399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.381420] Call Trace: [ 14.381435] <TASK> [ 14.381450] dump_stack_lvl+0x73/0xb0 [ 14.381480] print_report+0xd1/0x650 [ 14.381503] ? __virt_addr_valid+0x1db/0x2d0 [ 14.381527] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.381549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.381571] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.381594] kasan_report+0x141/0x180 [ 14.381615] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.381642] __asan_report_load4_noabort+0x18/0x20 [ 14.381667] kasan_atomics_helper+0x4a02/0x5450 [ 14.381690] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.381713] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.381738] ? kasan_atomics+0x152/0x310 [ 14.381765] kasan_atomics+0x1dc/0x310 [ 14.381788] ? __pfx_kasan_atomics+0x10/0x10 [ 14.381813] ? __pfx_read_tsc+0x10/0x10 [ 14.381834] ? ktime_get_ts64+0x86/0x230 [ 14.381858] kunit_try_run_case+0x1a5/0x480 [ 14.381883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.381906] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.381928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.381952] ? __kthread_parkme+0x82/0x180 [ 14.381972] ? preempt_count_sub+0x50/0x80 [ 14.381996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.382020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.382111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.382137] kthread+0x337/0x6f0 [ 14.382158] ? trace_preempt_on+0x20/0xc0 [ 14.382182] ? __pfx_kthread+0x10/0x10 [ 14.382204] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.382225] ? calculate_sigpending+0x7b/0xa0 [ 14.382250] ? __pfx_kthread+0x10/0x10 [ 14.382272] ret_from_fork+0x116/0x1d0 [ 14.382290] ? __pfx_kthread+0x10/0x10 [ 14.382312] ret_from_fork_asm+0x1a/0x30 [ 14.382343] </TASK> [ 14.382354] [ 14.390403] Allocated by task 282: [ 14.390589] kasan_save_stack+0x45/0x70 [ 14.390791] kasan_save_track+0x18/0x40 [ 14.390984] kasan_save_alloc_info+0x3b/0x50 [ 14.391233] __kasan_kmalloc+0xb7/0xc0 [ 14.391371] __kmalloc_cache_noprof+0x189/0x420 [ 14.391527] kasan_atomics+0x95/0x310 [ 14.391811] kunit_try_run_case+0x1a5/0x480 [ 14.392023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.392349] kthread+0x337/0x6f0 [ 14.392514] ret_from_fork+0x116/0x1d0 [ 14.392706] ret_from_fork_asm+0x1a/0x30 [ 14.392892] [ 14.392970] The buggy address belongs to the object at ffff888103916a00 [ 14.392970] which belongs to the cache kmalloc-64 of size 64 [ 14.393525] The buggy address is located 0 bytes to the right of [ 14.393525] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.393903] [ 14.393976] The buggy address belongs to the physical page: [ 14.394368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.394729] flags: 0x200000000000000(node=0|zone=2) [ 14.394960] page_type: f5(slab) [ 14.395356] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.395734] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.396167] page dumped because: kasan: bad access detected [ 14.396424] [ 14.396515] Memory state around the buggy address: [ 14.396673] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.396962] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.397420] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.397768] ^ [ 14.397996] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.398507] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.398832] ================================================================== [ 15.137760] ================================================================== [ 15.138195] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 15.138594] Read of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 15.138895] [ 15.139008] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.139063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.139080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.139101] Call Trace: [ 15.139116] <TASK> [ 15.139132] dump_stack_lvl+0x73/0xb0 [ 15.139162] print_report+0xd1/0x650 [ 15.139185] ? __virt_addr_valid+0x1db/0x2d0 [ 15.139207] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.139229] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.139552] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.139670] kasan_report+0x141/0x180 [ 15.139697] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.139725] __asan_report_load8_noabort+0x18/0x20 [ 15.139751] kasan_atomics_helper+0x4fa5/0x5450 [ 15.139774] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.139797] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.139823] ? kasan_atomics+0x152/0x310 [ 15.139850] kasan_atomics+0x1dc/0x310 [ 15.139873] ? __pfx_kasan_atomics+0x10/0x10 [ 15.139897] ? __pfx_read_tsc+0x10/0x10 [ 15.139919] ? ktime_get_ts64+0x86/0x230 [ 15.139944] kunit_try_run_case+0x1a5/0x480 [ 15.139968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.139991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.140015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.140065] ? __kthread_parkme+0x82/0x180 [ 15.140086] ? preempt_count_sub+0x50/0x80 [ 15.140111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.140135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.140159] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.140184] kthread+0x337/0x6f0 [ 15.140204] ? trace_preempt_on+0x20/0xc0 [ 15.140228] ? __pfx_kthread+0x10/0x10 [ 15.140250] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.140272] ? calculate_sigpending+0x7b/0xa0 [ 15.140296] ? __pfx_kthread+0x10/0x10 [ 15.140317] ret_from_fork+0x116/0x1d0 [ 15.140336] ? __pfx_kthread+0x10/0x10 [ 15.140357] ret_from_fork_asm+0x1a/0x30 [ 15.140387] </TASK> [ 15.140400] [ 15.150432] Allocated by task 282: [ 15.150620] kasan_save_stack+0x45/0x70 [ 15.151372] kasan_save_track+0x18/0x40 [ 15.151594] kasan_save_alloc_info+0x3b/0x50 [ 15.151918] __kasan_kmalloc+0xb7/0xc0 [ 15.152195] __kmalloc_cache_noprof+0x189/0x420 [ 15.152550] kasan_atomics+0x95/0x310 [ 15.152803] kunit_try_run_case+0x1a5/0x480 [ 15.152961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.153436] kthread+0x337/0x6f0 [ 15.153591] ret_from_fork+0x116/0x1d0 [ 15.153783] ret_from_fork_asm+0x1a/0x30 [ 15.153957] [ 15.154149] The buggy address belongs to the object at ffff888103916a00 [ 15.154149] which belongs to the cache kmalloc-64 of size 64 [ 15.154782] The buggy address is located 0 bytes to the right of [ 15.154782] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 15.155634] [ 15.155738] The buggy address belongs to the physical page: [ 15.155961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 15.156530] flags: 0x200000000000000(node=0|zone=2) [ 15.156737] page_type: f5(slab) [ 15.157038] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.157564] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.158186] page dumped because: kasan: bad access detected [ 15.158503] [ 15.158685] Memory state around the buggy address: [ 15.158902] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.159488] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.159802] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.160184] ^ [ 15.160529] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.160830] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.161135] ================================================================== [ 15.041605] ================================================================== [ 15.041907] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 15.042200] Read of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 15.042631] [ 15.042741] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.042797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.042812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.042832] Call Trace: [ 15.042847] <TASK> [ 15.042862] dump_stack_lvl+0x73/0xb0 [ 15.042888] print_report+0xd1/0x650 [ 15.042912] ? __virt_addr_valid+0x1db/0x2d0 [ 15.042934] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.042956] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.042979] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.043001] kasan_report+0x141/0x180 [ 15.043024] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.043061] __asan_report_load8_noabort+0x18/0x20 [ 15.043089] kasan_atomics_helper+0x4f98/0x5450 [ 15.043112] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.043136] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.043161] ? kasan_atomics+0x152/0x310 [ 15.043188] kasan_atomics+0x1dc/0x310 [ 15.043212] ? __pfx_kasan_atomics+0x10/0x10 [ 15.043237] ? __pfx_read_tsc+0x10/0x10 [ 15.043339] ? ktime_get_ts64+0x86/0x230 [ 15.043364] kunit_try_run_case+0x1a5/0x480 [ 15.043390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.043413] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.043436] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.043459] ? __kthread_parkme+0x82/0x180 [ 15.043480] ? preempt_count_sub+0x50/0x80 [ 15.043503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.043528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.043551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.043575] kthread+0x337/0x6f0 [ 15.043594] ? trace_preempt_on+0x20/0xc0 [ 15.043617] ? __pfx_kthread+0x10/0x10 [ 15.043639] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.043660] ? calculate_sigpending+0x7b/0xa0 [ 15.043686] ? __pfx_kthread+0x10/0x10 [ 15.043708] ret_from_fork+0x116/0x1d0 [ 15.043727] ? __pfx_kthread+0x10/0x10 [ 15.043748] ret_from_fork_asm+0x1a/0x30 [ 15.043779] </TASK> [ 15.043790] [ 15.056451] Allocated by task 282: [ 15.056629] kasan_save_stack+0x45/0x70 [ 15.056823] kasan_save_track+0x18/0x40 [ 15.057003] kasan_save_alloc_info+0x3b/0x50 [ 15.057531] __kasan_kmalloc+0xb7/0xc0 [ 15.057789] __kmalloc_cache_noprof+0x189/0x420 [ 15.058375] kasan_atomics+0x95/0x310 [ 15.058579] kunit_try_run_case+0x1a5/0x480 [ 15.058773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.059002] kthread+0x337/0x6f0 [ 15.059599] ret_from_fork+0x116/0x1d0 [ 15.059799] ret_from_fork_asm+0x1a/0x30 [ 15.059983] [ 15.060466] The buggy address belongs to the object at ffff888103916a00 [ 15.060466] which belongs to the cache kmalloc-64 of size 64 [ 15.060949] The buggy address is located 0 bytes to the right of [ 15.060949] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 15.062199] [ 15.062308] The buggy address belongs to the physical page: [ 15.062552] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 15.062874] flags: 0x200000000000000(node=0|zone=2) [ 15.063420] page_type: f5(slab) [ 15.063713] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.064234] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.064564] page dumped because: kasan: bad access detected [ 15.064794] [ 15.064888] Memory state around the buggy address: [ 15.065475] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.065801] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.066231] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.066523] ^ [ 15.066729] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.066948] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.067179] ================================================================== [ 15.184834] ================================================================== [ 15.185125] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 15.185576] Read of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 15.186229] [ 15.186500] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.186547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.186561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.186582] Call Trace: [ 15.186597] <TASK> [ 15.186614] dump_stack_lvl+0x73/0xb0 [ 15.186641] print_report+0xd1/0x650 [ 15.186664] ? __virt_addr_valid+0x1db/0x2d0 [ 15.186686] ? kasan_atomics_helper+0x5115/0x5450 [ 15.186708] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.186730] ? kasan_atomics_helper+0x5115/0x5450 [ 15.186753] kasan_report+0x141/0x180 [ 15.186776] ? kasan_atomics_helper+0x5115/0x5450 [ 15.186802] __asan_report_load8_noabort+0x18/0x20 [ 15.186827] kasan_atomics_helper+0x5115/0x5450 [ 15.186850] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.186873] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.186898] ? kasan_atomics+0x152/0x310 [ 15.186925] kasan_atomics+0x1dc/0x310 [ 15.186947] ? __pfx_kasan_atomics+0x10/0x10 [ 15.186972] ? __pfx_read_tsc+0x10/0x10 [ 15.186993] ? ktime_get_ts64+0x86/0x230 [ 15.187017] kunit_try_run_case+0x1a5/0x480 [ 15.187073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.187096] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.187119] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.187144] ? __kthread_parkme+0x82/0x180 [ 15.187166] ? preempt_count_sub+0x50/0x80 [ 15.187194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.187222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.187247] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.187271] kthread+0x337/0x6f0 [ 15.187291] ? trace_preempt_on+0x20/0xc0 [ 15.187315] ? __pfx_kthread+0x10/0x10 [ 15.187336] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.187356] ? calculate_sigpending+0x7b/0xa0 [ 15.187381] ? __pfx_kthread+0x10/0x10 [ 15.187403] ret_from_fork+0x116/0x1d0 [ 15.187422] ? __pfx_kthread+0x10/0x10 [ 15.187445] ret_from_fork_asm+0x1a/0x30 [ 15.187476] </TASK> [ 15.187488] [ 15.195364] Allocated by task 282: [ 15.195590] kasan_save_stack+0x45/0x70 [ 15.195790] kasan_save_track+0x18/0x40 [ 15.195981] kasan_save_alloc_info+0x3b/0x50 [ 15.196271] __kasan_kmalloc+0xb7/0xc0 [ 15.196471] __kmalloc_cache_noprof+0x189/0x420 [ 15.196693] kasan_atomics+0x95/0x310 [ 15.196830] kunit_try_run_case+0x1a5/0x480 [ 15.196976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.197470] kthread+0x337/0x6f0 [ 15.197704] ret_from_fork+0x116/0x1d0 [ 15.197855] ret_from_fork_asm+0x1a/0x30 [ 15.198141] [ 15.198246] The buggy address belongs to the object at ffff888103916a00 [ 15.198246] which belongs to the cache kmalloc-64 of size 64 [ 15.198682] The buggy address is located 0 bytes to the right of [ 15.198682] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 15.199114] [ 15.199213] The buggy address belongs to the physical page: [ 15.199469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 15.199969] flags: 0x200000000000000(node=0|zone=2) [ 15.200199] page_type: f5(slab) [ 15.200430] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.200814] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.201215] page dumped because: kasan: bad access detected [ 15.201432] [ 15.201504] Memory state around the buggy address: [ 15.201728] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.202063] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.202362] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.202638] ^ [ 15.202851] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.203212] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.203441] ================================================================== [ 13.748516] ================================================================== [ 13.749562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 13.750239] Read of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 13.751163] [ 13.751469] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.751521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.751533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.751554] Call Trace: [ 13.751568] <TASK> [ 13.751583] dump_stack_lvl+0x73/0xb0 [ 13.751612] print_report+0xd1/0x650 [ 13.751634] ? __virt_addr_valid+0x1db/0x2d0 [ 13.751655] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.751676] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.751696] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.751718] kasan_report+0x141/0x180 [ 13.751739] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.751764] __asan_report_load4_noabort+0x18/0x20 [ 13.751788] kasan_atomics_helper+0x4bbc/0x5450 [ 13.751809] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.751831] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.751857] ? kasan_atomics+0x152/0x310 [ 13.751883] kasan_atomics+0x1dc/0x310 [ 13.751905] ? __pfx_kasan_atomics+0x10/0x10 [ 13.751931] ? __pfx_read_tsc+0x10/0x10 [ 13.751952] ? ktime_get_ts64+0x86/0x230 [ 13.751975] kunit_try_run_case+0x1a5/0x480 [ 13.751999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.752022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.752057] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.752079] ? __kthread_parkme+0x82/0x180 [ 13.752099] ? preempt_count_sub+0x50/0x80 [ 13.752122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.752145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.752167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.752190] kthread+0x337/0x6f0 [ 13.752208] ? trace_preempt_on+0x20/0xc0 [ 13.752231] ? __pfx_kthread+0x10/0x10 [ 13.752251] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.752271] ? calculate_sigpending+0x7b/0xa0 [ 13.752295] ? __pfx_kthread+0x10/0x10 [ 13.752315] ret_from_fork+0x116/0x1d0 [ 13.752333] ? __pfx_kthread+0x10/0x10 [ 13.752353] ret_from_fork_asm+0x1a/0x30 [ 13.752382] </TASK> [ 13.752395] [ 13.766483] Allocated by task 282: [ 13.766981] kasan_save_stack+0x45/0x70 [ 13.767334] kasan_save_track+0x18/0x40 [ 13.767966] kasan_save_alloc_info+0x3b/0x50 [ 13.768652] __kasan_kmalloc+0xb7/0xc0 [ 13.769149] __kmalloc_cache_noprof+0x189/0x420 [ 13.769612] kasan_atomics+0x95/0x310 [ 13.770136] kunit_try_run_case+0x1a5/0x480 [ 13.770528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.770715] kthread+0x337/0x6f0 [ 13.770835] ret_from_fork+0x116/0x1d0 [ 13.770967] ret_from_fork_asm+0x1a/0x30 [ 13.771137] [ 13.771368] The buggy address belongs to the object at ffff888103916a00 [ 13.771368] which belongs to the cache kmalloc-64 of size 64 [ 13.772506] The buggy address is located 0 bytes to the right of [ 13.772506] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 13.773858] [ 13.774119] The buggy address belongs to the physical page: [ 13.774664] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 13.775557] flags: 0x200000000000000(node=0|zone=2) [ 13.775795] page_type: f5(slab) [ 13.775918] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.776369] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.777024] page dumped because: kasan: bad access detected [ 13.777752] [ 13.777939] Memory state around the buggy address: [ 13.778480] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.778968] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.779402] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.780008] ^ [ 13.780553] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.780962] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.781498] ================================================================== [ 13.868540] ================================================================== [ 13.868841] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 13.869314] Read of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 13.869612] [ 13.869699] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.869741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.869755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.869775] Call Trace: [ 13.869800] <TASK> [ 13.869816] dump_stack_lvl+0x73/0xb0 [ 13.869842] print_report+0xd1/0x650 [ 13.869877] ? __virt_addr_valid+0x1db/0x2d0 [ 13.869900] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.869922] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.869945] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.869967] kasan_report+0x141/0x180 [ 13.869990] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.870016] __asan_report_load4_noabort+0x18/0x20 [ 13.870109] kasan_atomics_helper+0x4b54/0x5450 [ 13.870160] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.870183] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.870221] ? kasan_atomics+0x152/0x310 [ 13.870249] kasan_atomics+0x1dc/0x310 [ 13.870273] ? __pfx_kasan_atomics+0x10/0x10 [ 13.870297] ? __pfx_read_tsc+0x10/0x10 [ 13.870319] ? ktime_get_ts64+0x86/0x230 [ 13.870343] kunit_try_run_case+0x1a5/0x480 [ 13.870367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.870389] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.870413] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.870436] ? __kthread_parkme+0x82/0x180 [ 13.870456] ? preempt_count_sub+0x50/0x80 [ 13.870480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.870506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.870530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.870554] kthread+0x337/0x6f0 [ 13.870574] ? trace_preempt_on+0x20/0xc0 [ 13.870597] ? __pfx_kthread+0x10/0x10 [ 13.870619] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.870641] ? calculate_sigpending+0x7b/0xa0 [ 13.870675] ? __pfx_kthread+0x10/0x10 [ 13.870697] ret_from_fork+0x116/0x1d0 [ 13.870716] ? __pfx_kthread+0x10/0x10 [ 13.870747] ret_from_fork_asm+0x1a/0x30 [ 13.870778] </TASK> [ 13.870789] [ 13.879298] Allocated by task 282: [ 13.879477] kasan_save_stack+0x45/0x70 [ 13.879694] kasan_save_track+0x18/0x40 [ 13.879878] kasan_save_alloc_info+0x3b/0x50 [ 13.880322] __kasan_kmalloc+0xb7/0xc0 [ 13.880517] __kmalloc_cache_noprof+0x189/0x420 [ 13.880740] kasan_atomics+0x95/0x310 [ 13.880924] kunit_try_run_case+0x1a5/0x480 [ 13.881114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.881292] kthread+0x337/0x6f0 [ 13.881416] ret_from_fork+0x116/0x1d0 [ 13.881603] ret_from_fork_asm+0x1a/0x30 [ 13.881908] [ 13.882008] The buggy address belongs to the object at ffff888103916a00 [ 13.882008] which belongs to the cache kmalloc-64 of size 64 [ 13.882600] The buggy address is located 0 bytes to the right of [ 13.882600] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 13.883103] [ 13.883244] The buggy address belongs to the physical page: [ 13.883521] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 13.883833] flags: 0x200000000000000(node=0|zone=2) [ 13.884107] page_type: f5(slab) [ 13.884268] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.884909] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.885279] page dumped because: kasan: bad access detected [ 13.885573] [ 13.885675] Memory state around the buggy address: [ 13.885908] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.886299] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.886627] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.886936] ^ [ 13.887249] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.887576] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.887886] ================================================================== [ 14.802780] ================================================================== [ 14.803014] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 14.803589] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.803938] [ 14.804071] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.804113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.804127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.804163] Call Trace: [ 14.804178] <TASK> [ 14.804193] dump_stack_lvl+0x73/0xb0 [ 14.804221] print_report+0xd1/0x650 [ 14.804244] ? __virt_addr_valid+0x1db/0x2d0 [ 14.804267] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.804289] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.804311] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.804334] kasan_report+0x141/0x180 [ 14.804357] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.804384] kasan_check_range+0x10c/0x1c0 [ 14.804407] __kasan_check_write+0x18/0x20 [ 14.804427] kasan_atomics_helper+0x1a7f/0x5450 [ 14.804450] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.804472] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.804497] ? kasan_atomics+0x152/0x310 [ 14.804525] kasan_atomics+0x1dc/0x310 [ 14.804548] ? __pfx_kasan_atomics+0x10/0x10 [ 14.804572] ? __pfx_read_tsc+0x10/0x10 [ 14.804593] ? ktime_get_ts64+0x86/0x230 [ 14.804617] kunit_try_run_case+0x1a5/0x480 [ 14.804642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.804664] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.804687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.804709] ? __kthread_parkme+0x82/0x180 [ 14.804730] ? preempt_count_sub+0x50/0x80 [ 14.804754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.804778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.804801] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.804824] kthread+0x337/0x6f0 [ 14.804844] ? trace_preempt_on+0x20/0xc0 [ 14.804867] ? __pfx_kthread+0x10/0x10 [ 14.804888] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.804910] ? calculate_sigpending+0x7b/0xa0 [ 14.804934] ? __pfx_kthread+0x10/0x10 [ 14.804955] ret_from_fork+0x116/0x1d0 [ 14.804974] ? __pfx_kthread+0x10/0x10 [ 14.804995] ret_from_fork_asm+0x1a/0x30 [ 14.805025] </TASK> [ 14.805060] [ 14.812851] Allocated by task 282: [ 14.813119] kasan_save_stack+0x45/0x70 [ 14.813338] kasan_save_track+0x18/0x40 [ 14.813531] kasan_save_alloc_info+0x3b/0x50 [ 14.813742] __kasan_kmalloc+0xb7/0xc0 [ 14.813895] __kmalloc_cache_noprof+0x189/0x420 [ 14.814155] kasan_atomics+0x95/0x310 [ 14.814322] kunit_try_run_case+0x1a5/0x480 [ 14.814470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.814646] kthread+0x337/0x6f0 [ 14.814765] ret_from_fork+0x116/0x1d0 [ 14.814896] ret_from_fork_asm+0x1a/0x30 [ 14.815045] [ 14.815197] The buggy address belongs to the object at ffff888103916a00 [ 14.815197] which belongs to the cache kmalloc-64 of size 64 [ 14.815720] The buggy address is located 0 bytes to the right of [ 14.815720] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.816275] [ 14.816359] The buggy address belongs to the physical page: [ 14.816530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.816768] flags: 0x200000000000000(node=0|zone=2) [ 14.816929] page_type: f5(slab) [ 14.817081] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.817705] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.818089] page dumped because: kasan: bad access detected [ 14.818691] [ 14.818811] Memory state around the buggy address: [ 14.819049] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.819373] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.819607] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.819824] ^ [ 14.819980] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.820205] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.820418] ================================================================== [ 14.095833] ================================================================== [ 14.096300] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 14.096607] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.096931] [ 14.097262] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.097342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.097358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.097379] Call Trace: [ 14.097394] <TASK> [ 14.097420] dump_stack_lvl+0x73/0xb0 [ 14.097448] print_report+0xd1/0x650 [ 14.097471] ? __virt_addr_valid+0x1db/0x2d0 [ 14.097493] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.097525] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.097547] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.097569] kasan_report+0x141/0x180 [ 14.097602] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.097628] kasan_check_range+0x10c/0x1c0 [ 14.097652] __kasan_check_write+0x18/0x20 [ 14.097672] kasan_atomics_helper+0xa2b/0x5450 [ 14.097695] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.097717] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.097742] ? kasan_atomics+0x152/0x310 [ 14.097770] kasan_atomics+0x1dc/0x310 [ 14.097802] ? __pfx_kasan_atomics+0x10/0x10 [ 14.097826] ? __pfx_read_tsc+0x10/0x10 [ 14.097847] ? ktime_get_ts64+0x86/0x230 [ 14.097884] kunit_try_run_case+0x1a5/0x480 [ 14.097909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.097931] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.097955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.097986] ? __kthread_parkme+0x82/0x180 [ 14.098009] ? preempt_count_sub+0x50/0x80 [ 14.098213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.098247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.098285] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.098309] kthread+0x337/0x6f0 [ 14.098330] ? trace_preempt_on+0x20/0xc0 [ 14.098367] ? __pfx_kthread+0x10/0x10 [ 14.098388] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.098410] ? calculate_sigpending+0x7b/0xa0 [ 14.098435] ? __pfx_kthread+0x10/0x10 [ 14.098457] ret_from_fork+0x116/0x1d0 [ 14.098477] ? __pfx_kthread+0x10/0x10 [ 14.098498] ret_from_fork_asm+0x1a/0x30 [ 14.098528] </TASK> [ 14.098540] [ 14.107659] Allocated by task 282: [ 14.107854] kasan_save_stack+0x45/0x70 [ 14.108515] kasan_save_track+0x18/0x40 [ 14.108700] kasan_save_alloc_info+0x3b/0x50 [ 14.108875] __kasan_kmalloc+0xb7/0xc0 [ 14.109083] __kmalloc_cache_noprof+0x189/0x420 [ 14.109373] kasan_atomics+0x95/0x310 [ 14.109581] kunit_try_run_case+0x1a5/0x480 [ 14.109772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.110014] kthread+0x337/0x6f0 [ 14.110728] ret_from_fork+0x116/0x1d0 [ 14.110927] ret_from_fork_asm+0x1a/0x30 [ 14.111223] [ 14.111337] The buggy address belongs to the object at ffff888103916a00 [ 14.111337] which belongs to the cache kmalloc-64 of size 64 [ 14.111805] The buggy address is located 0 bytes to the right of [ 14.111805] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.112580] [ 14.112684] The buggy address belongs to the physical page: [ 14.113081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.113701] flags: 0x200000000000000(node=0|zone=2) [ 14.113891] page_type: f5(slab) [ 14.114516] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.114839] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.115318] page dumped because: kasan: bad access detected [ 14.115572] [ 14.115667] Memory state around the buggy address: [ 14.115862] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.116481] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.116774] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.117260] ^ [ 14.117466] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.117944] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.118432] ================================================================== [ 13.928985] ================================================================== [ 13.929654] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 13.930446] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 13.930787] [ 13.930999] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.931141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.931157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.931194] Call Trace: [ 13.931208] <TASK> [ 13.931223] dump_stack_lvl+0x73/0xb0 [ 13.931263] print_report+0xd1/0x650 [ 13.931287] ? __virt_addr_valid+0x1db/0x2d0 [ 13.931310] ? kasan_atomics_helper+0x565/0x5450 [ 13.931344] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.931368] ? kasan_atomics_helper+0x565/0x5450 [ 13.931390] kasan_report+0x141/0x180 [ 13.931415] ? kasan_atomics_helper+0x565/0x5450 [ 13.931442] kasan_check_range+0x10c/0x1c0 [ 13.931466] __kasan_check_write+0x18/0x20 [ 13.931487] kasan_atomics_helper+0x565/0x5450 [ 13.931510] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.931532] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.931561] ? kasan_atomics+0x152/0x310 [ 13.931589] kasan_atomics+0x1dc/0x310 [ 13.931622] ? __pfx_kasan_atomics+0x10/0x10 [ 13.931646] ? __pfx_read_tsc+0x10/0x10 [ 13.931667] ? ktime_get_ts64+0x86/0x230 [ 13.931702] kunit_try_run_case+0x1a5/0x480 [ 13.931726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.931748] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.931781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.931804] ? __kthread_parkme+0x82/0x180 [ 13.931825] ? preempt_count_sub+0x50/0x80 [ 13.931859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.931884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.931907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.931931] kthread+0x337/0x6f0 [ 13.931951] ? trace_preempt_on+0x20/0xc0 [ 13.931974] ? __pfx_kthread+0x10/0x10 [ 13.931995] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.932017] ? calculate_sigpending+0x7b/0xa0 [ 13.932160] ? __pfx_kthread+0x10/0x10 [ 13.932183] ret_from_fork+0x116/0x1d0 [ 13.932203] ? __pfx_kthread+0x10/0x10 [ 13.932241] ret_from_fork_asm+0x1a/0x30 [ 13.932272] </TASK> [ 13.932283] [ 13.940945] Allocated by task 282: [ 13.941315] kasan_save_stack+0x45/0x70 [ 13.941538] kasan_save_track+0x18/0x40 [ 13.941729] kasan_save_alloc_info+0x3b/0x50 [ 13.941944] __kasan_kmalloc+0xb7/0xc0 [ 13.942228] __kmalloc_cache_noprof+0x189/0x420 [ 13.942471] kasan_atomics+0x95/0x310 [ 13.942637] kunit_try_run_case+0x1a5/0x480 [ 13.942844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.943155] kthread+0x337/0x6f0 [ 13.943283] ret_from_fork+0x116/0x1d0 [ 13.943472] ret_from_fork_asm+0x1a/0x30 [ 13.943696] [ 13.943795] The buggy address belongs to the object at ffff888103916a00 [ 13.943795] which belongs to the cache kmalloc-64 of size 64 [ 13.944379] The buggy address is located 0 bytes to the right of [ 13.944379] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 13.944936] [ 13.945236] The buggy address belongs to the physical page: [ 13.945490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 13.945845] flags: 0x200000000000000(node=0|zone=2) [ 13.946186] page_type: f5(slab) [ 13.946345] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.946650] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.946920] page dumped because: kasan: bad access detected [ 13.947282] [ 13.947383] Memory state around the buggy address: [ 13.947607] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.947933] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.948313] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.948671] ^ [ 13.948910] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.949381] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.949702] ================================================================== [ 14.265452] ================================================================== [ 14.265764] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 14.266197] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.266472] [ 14.266585] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.266629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.266641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.266662] Call Trace: [ 14.266676] <TASK> [ 14.266692] dump_stack_lvl+0x73/0xb0 [ 14.266719] print_report+0xd1/0x650 [ 14.266742] ? __virt_addr_valid+0x1db/0x2d0 [ 14.266764] ? kasan_atomics_helper+0xf10/0x5450 [ 14.266785] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.266808] ? kasan_atomics_helper+0xf10/0x5450 [ 14.266830] kasan_report+0x141/0x180 [ 14.266853] ? kasan_atomics_helper+0xf10/0x5450 [ 14.266880] kasan_check_range+0x10c/0x1c0 [ 14.266904] __kasan_check_write+0x18/0x20 [ 14.266923] kasan_atomics_helper+0xf10/0x5450 [ 14.266945] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.266969] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.266994] ? kasan_atomics+0x152/0x310 [ 14.267022] kasan_atomics+0x1dc/0x310 [ 14.267257] ? __pfx_kasan_atomics+0x10/0x10 [ 14.267283] ? __pfx_read_tsc+0x10/0x10 [ 14.267327] ? ktime_get_ts64+0x86/0x230 [ 14.267351] kunit_try_run_case+0x1a5/0x480 [ 14.267376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.267399] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.267423] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.267446] ? __kthread_parkme+0x82/0x180 [ 14.267467] ? preempt_count_sub+0x50/0x80 [ 14.267491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.267515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.267538] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.267563] kthread+0x337/0x6f0 [ 14.267583] ? trace_preempt_on+0x20/0xc0 [ 14.267607] ? __pfx_kthread+0x10/0x10 [ 14.267628] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.267650] ? calculate_sigpending+0x7b/0xa0 [ 14.267675] ? __pfx_kthread+0x10/0x10 [ 14.267697] ret_from_fork+0x116/0x1d0 [ 14.267716] ? __pfx_kthread+0x10/0x10 [ 14.267737] ret_from_fork_asm+0x1a/0x30 [ 14.267767] </TASK> [ 14.267779] [ 14.275963] Allocated by task 282: [ 14.276263] kasan_save_stack+0x45/0x70 [ 14.276431] kasan_save_track+0x18/0x40 [ 14.276568] kasan_save_alloc_info+0x3b/0x50 [ 14.276770] __kasan_kmalloc+0xb7/0xc0 [ 14.276922] __kmalloc_cache_noprof+0x189/0x420 [ 14.277251] kasan_atomics+0x95/0x310 [ 14.277429] kunit_try_run_case+0x1a5/0x480 [ 14.277616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.277825] kthread+0x337/0x6f0 [ 14.277993] ret_from_fork+0x116/0x1d0 [ 14.278271] ret_from_fork_asm+0x1a/0x30 [ 14.278478] [ 14.278568] The buggy address belongs to the object at ffff888103916a00 [ 14.278568] which belongs to the cache kmalloc-64 of size 64 [ 14.279219] The buggy address is located 0 bytes to the right of [ 14.279219] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.279773] [ 14.279868] The buggy address belongs to the physical page: [ 14.280126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.280404] flags: 0x200000000000000(node=0|zone=2) [ 14.280643] page_type: f5(slab) [ 14.280809] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.281246] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.281478] page dumped because: kasan: bad access detected [ 14.281668] [ 14.281763] Memory state around the buggy address: [ 14.281991] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.282406] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.282715] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.282998] ^ [ 14.283373] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.283683] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.283896] ================================================================== [ 14.162364] ================================================================== [ 14.162605] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 14.162835] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.163270] [ 14.163396] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.163441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.163469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.163490] Call Trace: [ 14.163507] <TASK> [ 14.163523] dump_stack_lvl+0x73/0xb0 [ 14.163566] print_report+0xd1/0x650 [ 14.163589] ? __virt_addr_valid+0x1db/0x2d0 [ 14.163612] ? kasan_atomics_helper+0xc70/0x5450 [ 14.163633] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.163657] ? kasan_atomics_helper+0xc70/0x5450 [ 14.163679] kasan_report+0x141/0x180 [ 14.163701] ? kasan_atomics_helper+0xc70/0x5450 [ 14.163727] kasan_check_range+0x10c/0x1c0 [ 14.163751] __kasan_check_write+0x18/0x20 [ 14.163771] kasan_atomics_helper+0xc70/0x5450 [ 14.163794] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.163817] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.163842] ? kasan_atomics+0x152/0x310 [ 14.163869] kasan_atomics+0x1dc/0x310 [ 14.163892] ? __pfx_kasan_atomics+0x10/0x10 [ 14.163916] ? __pfx_read_tsc+0x10/0x10 [ 14.163937] ? ktime_get_ts64+0x86/0x230 [ 14.163961] kunit_try_run_case+0x1a5/0x480 [ 14.163986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.164008] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.164041] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.164117] ? __kthread_parkme+0x82/0x180 [ 14.164139] ? preempt_count_sub+0x50/0x80 [ 14.164163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.164187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.164210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.164234] kthread+0x337/0x6f0 [ 14.164254] ? trace_preempt_on+0x20/0xc0 [ 14.164277] ? __pfx_kthread+0x10/0x10 [ 14.164299] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.164319] ? calculate_sigpending+0x7b/0xa0 [ 14.164343] ? __pfx_kthread+0x10/0x10 [ 14.164365] ret_from_fork+0x116/0x1d0 [ 14.164384] ? __pfx_kthread+0x10/0x10 [ 14.164404] ret_from_fork_asm+0x1a/0x30 [ 14.164434] </TASK> [ 14.164445] [ 14.176600] Allocated by task 282: [ 14.176769] kasan_save_stack+0x45/0x70 [ 14.176963] kasan_save_track+0x18/0x40 [ 14.177158] kasan_save_alloc_info+0x3b/0x50 [ 14.177344] __kasan_kmalloc+0xb7/0xc0 [ 14.177537] __kmalloc_cache_noprof+0x189/0x420 [ 14.177737] kasan_atomics+0x95/0x310 [ 14.177926] kunit_try_run_case+0x1a5/0x480 [ 14.178589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.178809] kthread+0x337/0x6f0 [ 14.179105] ret_from_fork+0x116/0x1d0 [ 14.179524] ret_from_fork_asm+0x1a/0x30 [ 14.179801] [ 14.179881] The buggy address belongs to the object at ffff888103916a00 [ 14.179881] which belongs to the cache kmalloc-64 of size 64 [ 14.180655] The buggy address is located 0 bytes to the right of [ 14.180655] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.181476] [ 14.181634] The buggy address belongs to the physical page: [ 14.181869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.182571] flags: 0x200000000000000(node=0|zone=2) [ 14.182799] page_type: f5(slab) [ 14.182946] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.183575] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.183883] page dumped because: kasan: bad access detected [ 14.184363] [ 14.184461] Memory state around the buggy address: [ 14.184806] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.185287] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.185683] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.186003] ^ [ 14.186530] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.186901] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.187395] ================================================================== [ 15.093489] ================================================================== [ 15.093808] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 15.094162] Read of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 15.094432] [ 15.094528] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.094572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.094585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.094606] Call Trace: [ 15.094622] <TASK> [ 15.094638] dump_stack_lvl+0x73/0xb0 [ 15.094664] print_report+0xd1/0x650 [ 15.094688] ? __virt_addr_valid+0x1db/0x2d0 [ 15.094711] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.094733] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.094756] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.094778] kasan_report+0x141/0x180 [ 15.094800] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.094827] __asan_report_load8_noabort+0x18/0x20 [ 15.094851] kasan_atomics_helper+0x4fb2/0x5450 [ 15.094874] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.094897] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.094923] ? kasan_atomics+0x152/0x310 [ 15.094949] kasan_atomics+0x1dc/0x310 [ 15.094973] ? __pfx_kasan_atomics+0x10/0x10 [ 15.094998] ? __pfx_read_tsc+0x10/0x10 [ 15.095020] ? ktime_get_ts64+0x86/0x230 [ 15.095056] kunit_try_run_case+0x1a5/0x480 [ 15.095085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.095108] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.095132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.095235] ? __kthread_parkme+0x82/0x180 [ 15.095261] ? preempt_count_sub+0x50/0x80 [ 15.095285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.095310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.095345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.095369] kthread+0x337/0x6f0 [ 15.095389] ? trace_preempt_on+0x20/0xc0 [ 15.095413] ? __pfx_kthread+0x10/0x10 [ 15.095434] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.095456] ? calculate_sigpending+0x7b/0xa0 [ 15.095481] ? __pfx_kthread+0x10/0x10 [ 15.095502] ret_from_fork+0x116/0x1d0 [ 15.095522] ? __pfx_kthread+0x10/0x10 [ 15.095543] ret_from_fork_asm+0x1a/0x30 [ 15.095573] </TASK> [ 15.095586] [ 15.103776] Allocated by task 282: [ 15.103913] kasan_save_stack+0x45/0x70 [ 15.104252] kasan_save_track+0x18/0x40 [ 15.104473] kasan_save_alloc_info+0x3b/0x50 [ 15.104691] __kasan_kmalloc+0xb7/0xc0 [ 15.104884] __kmalloc_cache_noprof+0x189/0x420 [ 15.105210] kasan_atomics+0x95/0x310 [ 15.105382] kunit_try_run_case+0x1a5/0x480 [ 15.105586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.105816] kthread+0x337/0x6f0 [ 15.105979] ret_from_fork+0x116/0x1d0 [ 15.106282] ret_from_fork_asm+0x1a/0x30 [ 15.106447] [ 15.106546] The buggy address belongs to the object at ffff888103916a00 [ 15.106546] which belongs to the cache kmalloc-64 of size 64 [ 15.107095] The buggy address is located 0 bytes to the right of [ 15.107095] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 15.107471] [ 15.107546] The buggy address belongs to the physical page: [ 15.107947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 15.108742] flags: 0x200000000000000(node=0|zone=2) [ 15.108915] page_type: f5(slab) [ 15.109050] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.109783] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.110147] page dumped because: kasan: bad access detected [ 15.110547] [ 15.110630] Memory state around the buggy address: [ 15.110797] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.111007] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.111356] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.111710] ^ [ 15.112096] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.112645] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.112982] ================================================================== [ 13.848831] ================================================================== [ 13.849258] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 13.849645] Read of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 13.849958] [ 13.850139] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.850184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.850197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.850218] Call Trace: [ 13.850232] <TASK> [ 13.850247] dump_stack_lvl+0x73/0xb0 [ 13.850276] print_report+0xd1/0x650 [ 13.850298] ? __virt_addr_valid+0x1db/0x2d0 [ 13.850320] ? kasan_atomics_helper+0x3df/0x5450 [ 13.850355] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.850379] ? kasan_atomics_helper+0x3df/0x5450 [ 13.850400] kasan_report+0x141/0x180 [ 13.850435] ? kasan_atomics_helper+0x3df/0x5450 [ 13.850461] kasan_check_range+0x10c/0x1c0 [ 13.850485] __kasan_check_read+0x15/0x20 [ 13.850504] kasan_atomics_helper+0x3df/0x5450 [ 13.850528] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.850549] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.850576] ? kasan_atomics+0x152/0x310 [ 13.850603] kasan_atomics+0x1dc/0x310 [ 13.850626] ? __pfx_kasan_atomics+0x10/0x10 [ 13.850650] ? __pfx_read_tsc+0x10/0x10 [ 13.850673] ? ktime_get_ts64+0x86/0x230 [ 13.850697] kunit_try_run_case+0x1a5/0x480 [ 13.850721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.850754] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.850777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.850799] ? __kthread_parkme+0x82/0x180 [ 13.850831] ? preempt_count_sub+0x50/0x80 [ 13.850856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.850879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.850911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.850935] kthread+0x337/0x6f0 [ 13.850955] ? trace_preempt_on+0x20/0xc0 [ 13.850988] ? __pfx_kthread+0x10/0x10 [ 13.851009] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.851040] ? calculate_sigpending+0x7b/0xa0 [ 13.851070] ? __pfx_kthread+0x10/0x10 [ 13.851091] ret_from_fork+0x116/0x1d0 [ 13.851111] ? __pfx_kthread+0x10/0x10 [ 13.851132] ret_from_fork_asm+0x1a/0x30 [ 13.851163] </TASK> [ 13.851173] [ 13.859326] Allocated by task 282: [ 13.859481] kasan_save_stack+0x45/0x70 [ 13.859670] kasan_save_track+0x18/0x40 [ 13.859852] kasan_save_alloc_info+0x3b/0x50 [ 13.860011] __kasan_kmalloc+0xb7/0xc0 [ 13.860464] __kmalloc_cache_noprof+0x189/0x420 [ 13.860696] kasan_atomics+0x95/0x310 [ 13.860886] kunit_try_run_case+0x1a5/0x480 [ 13.861192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.861463] kthread+0x337/0x6f0 [ 13.861653] ret_from_fork+0x116/0x1d0 [ 13.861841] ret_from_fork_asm+0x1a/0x30 [ 13.862089] [ 13.862234] The buggy address belongs to the object at ffff888103916a00 [ 13.862234] which belongs to the cache kmalloc-64 of size 64 [ 13.862726] The buggy address is located 0 bytes to the right of [ 13.862726] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 13.863318] [ 13.863396] The buggy address belongs to the physical page: [ 13.863570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 13.863940] flags: 0x200000000000000(node=0|zone=2) [ 13.864406] page_type: f5(slab) [ 13.864587] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.864928] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.865367] page dumped because: kasan: bad access detected [ 13.865563] [ 13.865644] Memory state around the buggy address: [ 13.865871] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.866338] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.866641] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.866947] ^ [ 13.867276] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.867588] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.867897] ================================================================== [ 14.399407] ================================================================== [ 14.399769] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 14.400189] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.400542] [ 14.400630] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.400673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.400707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.400729] Call Trace: [ 14.400745] <TASK> [ 14.400761] dump_stack_lvl+0x73/0xb0 [ 14.400806] print_report+0xd1/0x650 [ 14.400829] ? __virt_addr_valid+0x1db/0x2d0 [ 14.400852] ? kasan_atomics_helper+0x1217/0x5450 [ 14.400874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.400897] ? kasan_atomics_helper+0x1217/0x5450 [ 14.400919] kasan_report+0x141/0x180 [ 14.400960] ? kasan_atomics_helper+0x1217/0x5450 [ 14.400987] kasan_check_range+0x10c/0x1c0 [ 14.401011] __kasan_check_write+0x18/0x20 [ 14.401127] kasan_atomics_helper+0x1217/0x5450 [ 14.401156] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.401180] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.401206] ? kasan_atomics+0x152/0x310 [ 14.401233] kasan_atomics+0x1dc/0x310 [ 14.401257] ? __pfx_kasan_atomics+0x10/0x10 [ 14.401306] ? __pfx_read_tsc+0x10/0x10 [ 14.401342] ? ktime_get_ts64+0x86/0x230 [ 14.401401] kunit_try_run_case+0x1a5/0x480 [ 14.401427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.401450] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.401473] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.401496] ? __kthread_parkme+0x82/0x180 [ 14.401516] ? preempt_count_sub+0x50/0x80 [ 14.401542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.401566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.401589] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.401613] kthread+0x337/0x6f0 [ 14.401632] ? trace_preempt_on+0x20/0xc0 [ 14.401656] ? __pfx_kthread+0x10/0x10 [ 14.401676] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.401698] ? calculate_sigpending+0x7b/0xa0 [ 14.401722] ? __pfx_kthread+0x10/0x10 [ 14.401744] ret_from_fork+0x116/0x1d0 [ 14.401763] ? __pfx_kthread+0x10/0x10 [ 14.401783] ret_from_fork_asm+0x1a/0x30 [ 14.401832] </TASK> [ 14.401844] [ 14.410438] Allocated by task 282: [ 14.410625] kasan_save_stack+0x45/0x70 [ 14.410854] kasan_save_track+0x18/0x40 [ 14.411253] kasan_save_alloc_info+0x3b/0x50 [ 14.411499] __kasan_kmalloc+0xb7/0xc0 [ 14.411687] __kmalloc_cache_noprof+0x189/0x420 [ 14.411916] kasan_atomics+0x95/0x310 [ 14.412261] kunit_try_run_case+0x1a5/0x480 [ 14.412457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.412700] kthread+0x337/0x6f0 [ 14.412881] ret_from_fork+0x116/0x1d0 [ 14.413115] ret_from_fork_asm+0x1a/0x30 [ 14.413371] [ 14.413467] The buggy address belongs to the object at ffff888103916a00 [ 14.413467] which belongs to the cache kmalloc-64 of size 64 [ 14.414105] The buggy address is located 0 bytes to the right of [ 14.414105] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.414680] [ 14.414777] The buggy address belongs to the physical page: [ 14.414972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.415582] flags: 0x200000000000000(node=0|zone=2) [ 14.415854] page_type: f5(slab) [ 14.415985] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.416481] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.416815] page dumped because: kasan: bad access detected [ 14.417123] [ 14.417249] Memory state around the buggy address: [ 14.417481] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.417752] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.418167] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.418504] ^ [ 14.418731] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.419263] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.419564] ================================================================== [ 14.012428] ================================================================== [ 14.012801] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.013257] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.013578] [ 14.013704] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.013747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.013761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.013783] Call Trace: [ 14.013797] <TASK> [ 14.013813] dump_stack_lvl+0x73/0xb0 [ 14.013840] print_report+0xd1/0x650 [ 14.013863] ? __virt_addr_valid+0x1db/0x2d0 [ 14.013886] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.013907] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.013941] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.013964] kasan_report+0x141/0x180 [ 14.013986] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.014025] kasan_check_range+0x10c/0x1c0 [ 14.014074] __kasan_check_write+0x18/0x20 [ 14.014094] kasan_atomics_helper+0x7c7/0x5450 [ 14.014118] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.014147] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.014173] ? kasan_atomics+0x152/0x310 [ 14.014200] kasan_atomics+0x1dc/0x310 [ 14.014224] ? __pfx_kasan_atomics+0x10/0x10 [ 14.014249] ? __pfx_read_tsc+0x10/0x10 [ 14.014271] ? ktime_get_ts64+0x86/0x230 [ 14.014295] kunit_try_run_case+0x1a5/0x480 [ 14.014320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.014525] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.014552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.014577] ? __kthread_parkme+0x82/0x180 [ 14.014599] ? preempt_count_sub+0x50/0x80 [ 14.014635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.014660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.014694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.014719] kthread+0x337/0x6f0 [ 14.014740] ? trace_preempt_on+0x20/0xc0 [ 14.014763] ? __pfx_kthread+0x10/0x10 [ 14.014786] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.014808] ? calculate_sigpending+0x7b/0xa0 [ 14.014842] ? __pfx_kthread+0x10/0x10 [ 14.014863] ret_from_fork+0x116/0x1d0 [ 14.014882] ? __pfx_kthread+0x10/0x10 [ 14.014914] ret_from_fork_asm+0x1a/0x30 [ 14.014945] </TASK> [ 14.014956] [ 14.023353] Allocated by task 282: [ 14.023548] kasan_save_stack+0x45/0x70 [ 14.023765] kasan_save_track+0x18/0x40 [ 14.023938] kasan_save_alloc_info+0x3b/0x50 [ 14.024273] __kasan_kmalloc+0xb7/0xc0 [ 14.024479] __kmalloc_cache_noprof+0x189/0x420 [ 14.024669] kasan_atomics+0x95/0x310 [ 14.024804] kunit_try_run_case+0x1a5/0x480 [ 14.024952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.025226] kthread+0x337/0x6f0 [ 14.025396] ret_from_fork+0x116/0x1d0 [ 14.025584] ret_from_fork_asm+0x1a/0x30 [ 14.025781] [ 14.025877] The buggy address belongs to the object at ffff888103916a00 [ 14.025877] which belongs to the cache kmalloc-64 of size 64 [ 14.026532] The buggy address is located 0 bytes to the right of [ 14.026532] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.027208] [ 14.027327] The buggy address belongs to the physical page: [ 14.027579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.027935] flags: 0x200000000000000(node=0|zone=2) [ 14.028219] page_type: f5(slab) [ 14.028346] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.028693] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.029831] page dumped because: kasan: bad access detected [ 14.030354] [ 14.030476] Memory state around the buggy address: [ 14.030929] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.031384] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.031697] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.031947] ^ [ 14.032598] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.032892] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.033317] ================================================================== [ 14.446368] ================================================================== [ 14.446840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 14.447567] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.447992] [ 14.448245] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.448292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.448307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.448329] Call Trace: [ 14.448345] <TASK> [ 14.448361] dump_stack_lvl+0x73/0xb0 [ 14.448532] print_report+0xd1/0x650 [ 14.448697] ? __virt_addr_valid+0x1db/0x2d0 [ 14.448722] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.448745] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.448769] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.448791] kasan_report+0x141/0x180 [ 14.448813] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.448840] kasan_check_range+0x10c/0x1c0 [ 14.448864] __kasan_check_write+0x18/0x20 [ 14.448884] kasan_atomics_helper+0x12e6/0x5450 [ 14.448907] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.448929] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.448954] ? kasan_atomics+0x152/0x310 [ 14.448981] kasan_atomics+0x1dc/0x310 [ 14.449003] ? __pfx_kasan_atomics+0x10/0x10 [ 14.449041] ? __pfx_read_tsc+0x10/0x10 [ 14.449077] ? ktime_get_ts64+0x86/0x230 [ 14.449101] kunit_try_run_case+0x1a5/0x480 [ 14.449126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.449160] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.449183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.449206] ? __kthread_parkme+0x82/0x180 [ 14.449226] ? preempt_count_sub+0x50/0x80 [ 14.449250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.449273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.449296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.449321] kthread+0x337/0x6f0 [ 14.449340] ? trace_preempt_on+0x20/0xc0 [ 14.449363] ? __pfx_kthread+0x10/0x10 [ 14.449384] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.449405] ? calculate_sigpending+0x7b/0xa0 [ 14.449429] ? __pfx_kthread+0x10/0x10 [ 14.449451] ret_from_fork+0x116/0x1d0 [ 14.449470] ? __pfx_kthread+0x10/0x10 [ 14.449492] ret_from_fork_asm+0x1a/0x30 [ 14.449522] </TASK> [ 14.449533] [ 14.460864] Allocated by task 282: [ 14.461392] kasan_save_stack+0x45/0x70 [ 14.461623] kasan_save_track+0x18/0x40 [ 14.462059] kasan_save_alloc_info+0x3b/0x50 [ 14.462297] __kasan_kmalloc+0xb7/0xc0 [ 14.462682] __kmalloc_cache_noprof+0x189/0x420 [ 14.462900] kasan_atomics+0x95/0x310 [ 14.463237] kunit_try_run_case+0x1a5/0x480 [ 14.463478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.463844] kthread+0x337/0x6f0 [ 14.464044] ret_from_fork+0x116/0x1d0 [ 14.464272] ret_from_fork_asm+0x1a/0x30 [ 14.464496] [ 14.464684] The buggy address belongs to the object at ffff888103916a00 [ 14.464684] which belongs to the cache kmalloc-64 of size 64 [ 14.465486] The buggy address is located 0 bytes to the right of [ 14.465486] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.466107] [ 14.466385] The buggy address belongs to the physical page: [ 14.466775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.467266] flags: 0x200000000000000(node=0|zone=2) [ 14.467512] page_type: f5(slab) [ 14.467681] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.468278] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.468725] page dumped because: kasan: bad access detected [ 14.469105] [ 14.469371] Memory state around the buggy address: [ 14.469674] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.469982] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.470512] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.470890] ^ [ 14.471216] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.471634] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.471973] ================================================================== [ 14.499507] ================================================================== [ 14.499819] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.500494] Read of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.500877] [ 14.501103] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.501152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.501165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.501260] Call Trace: [ 14.501280] <TASK> [ 14.501298] dump_stack_lvl+0x73/0xb0 [ 14.501327] print_report+0xd1/0x650 [ 14.501351] ? __virt_addr_valid+0x1db/0x2d0 [ 14.501375] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.501396] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.501524] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.501547] kasan_report+0x141/0x180 [ 14.501570] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.501597] kasan_check_range+0x10c/0x1c0 [ 14.501621] __kasan_check_read+0x15/0x20 [ 14.501641] kasan_atomics_helper+0x13b5/0x5450 [ 14.501663] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.501686] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.501713] ? kasan_atomics+0x152/0x310 [ 14.501740] kasan_atomics+0x1dc/0x310 [ 14.501763] ? __pfx_kasan_atomics+0x10/0x10 [ 14.501788] ? __pfx_read_tsc+0x10/0x10 [ 14.501809] ? ktime_get_ts64+0x86/0x230 [ 14.501833] kunit_try_run_case+0x1a5/0x480 [ 14.501858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.501880] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.501904] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.501927] ? __kthread_parkme+0x82/0x180 [ 14.501949] ? preempt_count_sub+0x50/0x80 [ 14.501972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.501996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.502020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.502077] kthread+0x337/0x6f0 [ 14.502098] ? trace_preempt_on+0x20/0xc0 [ 14.502121] ? __pfx_kthread+0x10/0x10 [ 14.502142] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.502163] ? calculate_sigpending+0x7b/0xa0 [ 14.502188] ? __pfx_kthread+0x10/0x10 [ 14.502210] ret_from_fork+0x116/0x1d0 [ 14.502228] ? __pfx_kthread+0x10/0x10 [ 14.502250] ret_from_fork_asm+0x1a/0x30 [ 14.502280] </TASK> [ 14.502292] [ 14.512302] Allocated by task 282: [ 14.512627] kasan_save_stack+0x45/0x70 [ 14.513195] kasan_save_track+0x18/0x40 [ 14.513490] kasan_save_alloc_info+0x3b/0x50 [ 14.513765] __kasan_kmalloc+0xb7/0xc0 [ 14.513931] __kmalloc_cache_noprof+0x189/0x420 [ 14.514303] kasan_atomics+0x95/0x310 [ 14.514741] kunit_try_run_case+0x1a5/0x480 [ 14.515241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.515480] kthread+0x337/0x6f0 [ 14.515726] ret_from_fork+0x116/0x1d0 [ 14.515900] ret_from_fork_asm+0x1a/0x30 [ 14.516105] [ 14.516404] The buggy address belongs to the object at ffff888103916a00 [ 14.516404] which belongs to the cache kmalloc-64 of size 64 [ 14.517087] The buggy address is located 0 bytes to the right of [ 14.517087] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.517722] [ 14.517829] The buggy address belongs to the physical page: [ 14.518216] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.518687] flags: 0x200000000000000(node=0|zone=2) [ 14.518906] page_type: f5(slab) [ 14.519199] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.519614] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.520010] page dumped because: kasan: bad access detected [ 14.520337] [ 14.520567] Memory state around the buggy address: [ 14.520926] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.521392] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.521843] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.522309] ^ [ 14.522600] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.522884] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.523373] ================================================================== [ 14.472892] ================================================================== [ 14.473297] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 14.474063] Read of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.474680] [ 14.474824] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.474884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.474898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.474920] Call Trace: [ 14.474937] <TASK> [ 14.474953] dump_stack_lvl+0x73/0xb0 [ 14.474983] print_report+0xd1/0x650 [ 14.475007] ? __virt_addr_valid+0x1db/0x2d0 [ 14.475041] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.475071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.475233] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.475270] kasan_report+0x141/0x180 [ 14.475293] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.475320] __asan_report_load4_noabort+0x18/0x20 [ 14.475345] kasan_atomics_helper+0x49ce/0x5450 [ 14.475368] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.475391] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.475418] ? kasan_atomics+0x152/0x310 [ 14.475444] kasan_atomics+0x1dc/0x310 [ 14.475468] ? __pfx_kasan_atomics+0x10/0x10 [ 14.475492] ? __pfx_read_tsc+0x10/0x10 [ 14.475515] ? ktime_get_ts64+0x86/0x230 [ 14.475539] kunit_try_run_case+0x1a5/0x480 [ 14.475563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475586] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.475609] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.475633] ? __kthread_parkme+0x82/0x180 [ 14.475654] ? preempt_count_sub+0x50/0x80 [ 14.475677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.475725] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.475749] kthread+0x337/0x6f0 [ 14.475769] ? trace_preempt_on+0x20/0xc0 [ 14.475791] ? __pfx_kthread+0x10/0x10 [ 14.475813] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.475833] ? calculate_sigpending+0x7b/0xa0 [ 14.475857] ? __pfx_kthread+0x10/0x10 [ 14.475880] ret_from_fork+0x116/0x1d0 [ 14.475899] ? __pfx_kthread+0x10/0x10 [ 14.475920] ret_from_fork_asm+0x1a/0x30 [ 14.475951] </TASK> [ 14.475963] [ 14.487748] Allocated by task 282: [ 14.488166] kasan_save_stack+0x45/0x70 [ 14.488542] kasan_save_track+0x18/0x40 [ 14.488745] kasan_save_alloc_info+0x3b/0x50 [ 14.489246] __kasan_kmalloc+0xb7/0xc0 [ 14.489587] __kmalloc_cache_noprof+0x189/0x420 [ 14.489868] kasan_atomics+0x95/0x310 [ 14.490163] kunit_try_run_case+0x1a5/0x480 [ 14.490385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.490659] kthread+0x337/0x6f0 [ 14.490826] ret_from_fork+0x116/0x1d0 [ 14.491005] ret_from_fork_asm+0x1a/0x30 [ 14.491460] [ 14.491544] The buggy address belongs to the object at ffff888103916a00 [ 14.491544] which belongs to the cache kmalloc-64 of size 64 [ 14.492277] The buggy address is located 0 bytes to the right of [ 14.492277] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.493166] [ 14.493295] The buggy address belongs to the physical page: [ 14.493610] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.494076] flags: 0x200000000000000(node=0|zone=2) [ 14.494407] page_type: f5(slab) [ 14.494706] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.495124] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.495519] page dumped because: kasan: bad access detected [ 14.495839] [ 14.495937] Memory state around the buggy address: [ 14.496154] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.496824] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.497148] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.497500] ^ [ 14.497953] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.498362] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.498750] ================================================================== [ 14.587828] ================================================================== [ 14.588310] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.588750] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.589241] [ 14.589562] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.589618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.589634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.589656] Call Trace: [ 14.589673] <TASK> [ 14.589690] dump_stack_lvl+0x73/0xb0 [ 14.589753] print_report+0xd1/0x650 [ 14.589778] ? __virt_addr_valid+0x1db/0x2d0 [ 14.589801] ? kasan_atomics_helper+0x151d/0x5450 [ 14.589825] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.589848] ? kasan_atomics_helper+0x151d/0x5450 [ 14.589870] kasan_report+0x141/0x180 [ 14.589893] ? kasan_atomics_helper+0x151d/0x5450 [ 14.589919] kasan_check_range+0x10c/0x1c0 [ 14.589943] __kasan_check_write+0x18/0x20 [ 14.589963] kasan_atomics_helper+0x151d/0x5450 [ 14.589987] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.590009] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.590045] ? kasan_atomics+0x152/0x310 [ 14.590074] kasan_atomics+0x1dc/0x310 [ 14.590097] ? __pfx_kasan_atomics+0x10/0x10 [ 14.590121] ? __pfx_read_tsc+0x10/0x10 [ 14.590143] ? ktime_get_ts64+0x86/0x230 [ 14.590167] kunit_try_run_case+0x1a5/0x480 [ 14.590193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.590216] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.590239] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.590262] ? __kthread_parkme+0x82/0x180 [ 14.590283] ? preempt_count_sub+0x50/0x80 [ 14.590307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.590331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.590354] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.590378] kthread+0x337/0x6f0 [ 14.590398] ? trace_preempt_on+0x20/0xc0 [ 14.590422] ? __pfx_kthread+0x10/0x10 [ 14.590444] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.590465] ? calculate_sigpending+0x7b/0xa0 [ 14.590490] ? __pfx_kthread+0x10/0x10 [ 14.590512] ret_from_fork+0x116/0x1d0 [ 14.590530] ? __pfx_kthread+0x10/0x10 [ 14.590551] ret_from_fork_asm+0x1a/0x30 [ 14.590582] </TASK> [ 14.590595] [ 14.601591] Allocated by task 282: [ 14.601768] kasan_save_stack+0x45/0x70 [ 14.601954] kasan_save_track+0x18/0x40 [ 14.602676] kasan_save_alloc_info+0x3b/0x50 [ 14.603156] __kasan_kmalloc+0xb7/0xc0 [ 14.603566] __kmalloc_cache_noprof+0x189/0x420 [ 14.603898] kasan_atomics+0x95/0x310 [ 14.604338] kunit_try_run_case+0x1a5/0x480 [ 14.604553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.604784] kthread+0x337/0x6f0 [ 14.604944] ret_from_fork+0x116/0x1d0 [ 14.605541] ret_from_fork_asm+0x1a/0x30 [ 14.605810] [ 14.606045] The buggy address belongs to the object at ffff888103916a00 [ 14.606045] which belongs to the cache kmalloc-64 of size 64 [ 14.606998] The buggy address is located 0 bytes to the right of [ 14.606998] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.607896] [ 14.608005] The buggy address belongs to the physical page: [ 14.608421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.608732] flags: 0x200000000000000(node=0|zone=2) [ 14.608951] page_type: f5(slab) [ 14.609377] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.609874] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.610510] page dumped because: kasan: bad access detected [ 14.610914] [ 14.611022] Memory state around the buggy address: [ 14.611403] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.611703] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.611995] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.612925] ^ [ 14.613268] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.613861] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.614371] ================================================================== [ 14.913244] ================================================================== [ 14.913591] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 14.913924] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.914618] [ 14.914714] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.914772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.914785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.914807] Call Trace: [ 14.914823] <TASK> [ 14.914946] dump_stack_lvl+0x73/0xb0 [ 14.914978] print_report+0xd1/0x650 [ 14.915002] ? __virt_addr_valid+0x1db/0x2d0 [ 14.915024] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.915176] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.915202] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.915227] kasan_report+0x141/0x180 [ 14.915250] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.915278] kasan_check_range+0x10c/0x1c0 [ 14.915302] __kasan_check_write+0x18/0x20 [ 14.915323] kasan_atomics_helper+0x1d7a/0x5450 [ 14.915347] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.915371] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.915397] ? kasan_atomics+0x152/0x310 [ 14.915424] kasan_atomics+0x1dc/0x310 [ 14.915448] ? __pfx_kasan_atomics+0x10/0x10 [ 14.915473] ? __pfx_read_tsc+0x10/0x10 [ 14.915495] ? ktime_get_ts64+0x86/0x230 [ 14.915520] kunit_try_run_case+0x1a5/0x480 [ 14.915544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.915567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.915591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.915614] ? __kthread_parkme+0x82/0x180 [ 14.915636] ? preempt_count_sub+0x50/0x80 [ 14.915659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.915683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.915705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.915729] kthread+0x337/0x6f0 [ 14.915748] ? trace_preempt_on+0x20/0xc0 [ 14.915771] ? __pfx_kthread+0x10/0x10 [ 14.915792] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.915813] ? calculate_sigpending+0x7b/0xa0 [ 14.915837] ? __pfx_kthread+0x10/0x10 [ 14.915859] ret_from_fork+0x116/0x1d0 [ 14.915877] ? __pfx_kthread+0x10/0x10 [ 14.915898] ret_from_fork_asm+0x1a/0x30 [ 14.915927] </TASK> [ 14.915939] [ 14.926627] Allocated by task 282: [ 14.927117] kasan_save_stack+0x45/0x70 [ 14.927289] kasan_save_track+0x18/0x40 [ 14.927545] kasan_save_alloc_info+0x3b/0x50 [ 14.927737] __kasan_kmalloc+0xb7/0xc0 [ 14.927913] __kmalloc_cache_noprof+0x189/0x420 [ 14.928487] kasan_atomics+0x95/0x310 [ 14.928674] kunit_try_run_case+0x1a5/0x480 [ 14.928998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.929248] kthread+0x337/0x6f0 [ 14.929539] ret_from_fork+0x116/0x1d0 [ 14.929694] ret_from_fork_asm+0x1a/0x30 [ 14.929894] [ 14.930110] The buggy address belongs to the object at ffff888103916a00 [ 14.930110] which belongs to the cache kmalloc-64 of size 64 [ 14.930737] The buggy address is located 0 bytes to the right of [ 14.930737] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.931248] [ 14.931590] The buggy address belongs to the physical page: [ 14.931950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.932478] flags: 0x200000000000000(node=0|zone=2) [ 14.932769] page_type: f5(slab) [ 14.932931] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.933376] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.933811] page dumped because: kasan: bad access detected [ 14.934266] [ 14.934366] Memory state around the buggy address: [ 14.934983] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.935408] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.935792] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.936119] ^ [ 14.936486] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.936779] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.937233] ================================================================== [ 15.067552] ================================================================== [ 15.067785] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 15.068019] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 15.069795] [ 15.069907] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.070063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.070077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.070099] Call Trace: [ 15.070230] <TASK> [ 15.070253] dump_stack_lvl+0x73/0xb0 [ 15.070286] print_report+0xd1/0x650 [ 15.070310] ? __virt_addr_valid+0x1db/0x2d0 [ 15.070334] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.070356] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.070379] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.070401] kasan_report+0x141/0x180 [ 15.070424] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.070450] kasan_check_range+0x10c/0x1c0 [ 15.070474] __kasan_check_write+0x18/0x20 [ 15.070494] kasan_atomics_helper+0x20c8/0x5450 [ 15.070517] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.070540] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.070566] ? kasan_atomics+0x152/0x310 [ 15.070593] kasan_atomics+0x1dc/0x310 [ 15.070616] ? __pfx_kasan_atomics+0x10/0x10 [ 15.070641] ? __pfx_read_tsc+0x10/0x10 [ 15.070662] ? ktime_get_ts64+0x86/0x230 [ 15.070686] kunit_try_run_case+0x1a5/0x480 [ 15.070711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.070734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.070757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.070780] ? __kthread_parkme+0x82/0x180 [ 15.070802] ? preempt_count_sub+0x50/0x80 [ 15.070825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.070849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.070872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.070896] kthread+0x337/0x6f0 [ 15.070916] ? trace_preempt_on+0x20/0xc0 [ 15.070939] ? __pfx_kthread+0x10/0x10 [ 15.070960] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.070982] ? calculate_sigpending+0x7b/0xa0 [ 15.071007] ? __pfx_kthread+0x10/0x10 [ 15.071042] ret_from_fork+0x116/0x1d0 [ 15.071119] ? __pfx_kthread+0x10/0x10 [ 15.071141] ret_from_fork_asm+0x1a/0x30 [ 15.071172] </TASK> [ 15.071185] [ 15.083661] Allocated by task 282: [ 15.083852] kasan_save_stack+0x45/0x70 [ 15.084254] kasan_save_track+0x18/0x40 [ 15.084417] kasan_save_alloc_info+0x3b/0x50 [ 15.084649] __kasan_kmalloc+0xb7/0xc0 [ 15.084825] __kmalloc_cache_noprof+0x189/0x420 [ 15.085041] kasan_atomics+0x95/0x310 [ 15.085823] kunit_try_run_case+0x1a5/0x480 [ 15.085996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.086403] kthread+0x337/0x6f0 [ 15.086584] ret_from_fork+0x116/0x1d0 [ 15.086753] ret_from_fork_asm+0x1a/0x30 [ 15.086942] [ 15.087019] The buggy address belongs to the object at ffff888103916a00 [ 15.087019] which belongs to the cache kmalloc-64 of size 64 [ 15.087710] The buggy address is located 0 bytes to the right of [ 15.087710] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 15.088612] [ 15.088696] The buggy address belongs to the physical page: [ 15.088900] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 15.089403] flags: 0x200000000000000(node=0|zone=2) [ 15.089582] page_type: f5(slab) [ 15.089752] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.090125] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.090409] page dumped because: kasan: bad access detected [ 15.090661] [ 15.090738] Memory state around the buggy address: [ 15.090965] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.091315] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.091699] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.091924] ^ [ 15.092161] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.092512] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.092941] ================================================================== [ 13.888534] ================================================================== [ 13.888886] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 13.889480] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 13.889771] [ 13.889883] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.889924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.889937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.889972] Call Trace: [ 13.889990] <TASK> [ 13.890004] dump_stack_lvl+0x73/0xb0 [ 13.890115] print_report+0xd1/0x650 [ 13.890162] ? __virt_addr_valid+0x1db/0x2d0 [ 13.890187] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.890209] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.890233] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.890254] kasan_report+0x141/0x180 [ 13.890277] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.890304] kasan_check_range+0x10c/0x1c0 [ 13.890328] __kasan_check_write+0x18/0x20 [ 13.890349] kasan_atomics_helper+0x4a0/0x5450 [ 13.890372] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.890394] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.890420] ? kasan_atomics+0x152/0x310 [ 13.890457] kasan_atomics+0x1dc/0x310 [ 13.890481] ? __pfx_kasan_atomics+0x10/0x10 [ 13.890517] ? __pfx_read_tsc+0x10/0x10 [ 13.890538] ? ktime_get_ts64+0x86/0x230 [ 13.890563] kunit_try_run_case+0x1a5/0x480 [ 13.890588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.890611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.890634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.890657] ? __kthread_parkme+0x82/0x180 [ 13.890678] ? preempt_count_sub+0x50/0x80 [ 13.890701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.890725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.890749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.890773] kthread+0x337/0x6f0 [ 13.890793] ? trace_preempt_on+0x20/0xc0 [ 13.890815] ? __pfx_kthread+0x10/0x10 [ 13.890836] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.890858] ? calculate_sigpending+0x7b/0xa0 [ 13.890882] ? __pfx_kthread+0x10/0x10 [ 13.890903] ret_from_fork+0x116/0x1d0 [ 13.890922] ? __pfx_kthread+0x10/0x10 [ 13.890944] ret_from_fork_asm+0x1a/0x30 [ 13.890974] </TASK> [ 13.890986] [ 13.899485] Allocated by task 282: [ 13.899701] kasan_save_stack+0x45/0x70 [ 13.899920] kasan_save_track+0x18/0x40 [ 13.900338] kasan_save_alloc_info+0x3b/0x50 [ 13.900539] __kasan_kmalloc+0xb7/0xc0 [ 13.900678] __kmalloc_cache_noprof+0x189/0x420 [ 13.900883] kasan_atomics+0x95/0x310 [ 13.901112] kunit_try_run_case+0x1a5/0x480 [ 13.901438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.901716] kthread+0x337/0x6f0 [ 13.901877] ret_from_fork+0x116/0x1d0 [ 13.902212] ret_from_fork_asm+0x1a/0x30 [ 13.902365] [ 13.902441] The buggy address belongs to the object at ffff888103916a00 [ 13.902441] which belongs to the cache kmalloc-64 of size 64 [ 13.902929] The buggy address is located 0 bytes to the right of [ 13.902929] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 13.903483] [ 13.903574] The buggy address belongs to the physical page: [ 13.903829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 13.904461] flags: 0x200000000000000(node=0|zone=2) [ 13.904711] page_type: f5(slab) [ 13.904860] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.905242] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.905585] page dumped because: kasan: bad access detected [ 13.905811] [ 13.905931] Memory state around the buggy address: [ 13.906230] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.906508] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.906833] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.907246] ^ [ 13.907460] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.907725] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.908197] ================================================================== [ 13.827741] ================================================================== [ 13.828161] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 13.828498] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 13.828769] [ 13.828875] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.828918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.828930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.828962] Call Trace: [ 13.828978] <TASK> [ 13.828994] dump_stack_lvl+0x73/0xb0 [ 13.829041] print_report+0xd1/0x650 [ 13.829080] ? __virt_addr_valid+0x1db/0x2d0 [ 13.829150] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.829175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.829197] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.829219] kasan_report+0x141/0x180 [ 13.829242] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.829268] __asan_report_store4_noabort+0x1b/0x30 [ 13.829302] kasan_atomics_helper+0x4b6e/0x5450 [ 13.829326] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.829349] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.829387] ? kasan_atomics+0x152/0x310 [ 13.829415] kasan_atomics+0x1dc/0x310 [ 13.829438] ? __pfx_kasan_atomics+0x10/0x10 [ 13.829462] ? __pfx_read_tsc+0x10/0x10 [ 13.829483] ? ktime_get_ts64+0x86/0x230 [ 13.829507] kunit_try_run_case+0x1a5/0x480 [ 13.829532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.829555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.829579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.829601] ? __kthread_parkme+0x82/0x180 [ 13.829633] ? preempt_count_sub+0x50/0x80 [ 13.829657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.829681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.829715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.829739] kthread+0x337/0x6f0 [ 13.829759] ? trace_preempt_on+0x20/0xc0 [ 13.829791] ? __pfx_kthread+0x10/0x10 [ 13.829811] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.829833] ? calculate_sigpending+0x7b/0xa0 [ 13.829868] ? __pfx_kthread+0x10/0x10 [ 13.829889] ret_from_fork+0x116/0x1d0 [ 13.829909] ? __pfx_kthread+0x10/0x10 [ 13.829931] ret_from_fork_asm+0x1a/0x30 [ 13.829970] </TASK> [ 13.829982] [ 13.838775] Allocated by task 282: [ 13.838910] kasan_save_stack+0x45/0x70 [ 13.839428] kasan_save_track+0x18/0x40 [ 13.839627] kasan_save_alloc_info+0x3b/0x50 [ 13.839867] __kasan_kmalloc+0xb7/0xc0 [ 13.840040] __kmalloc_cache_noprof+0x189/0x420 [ 13.840413] kasan_atomics+0x95/0x310 [ 13.840571] kunit_try_run_case+0x1a5/0x480 [ 13.840813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.841049] kthread+0x337/0x6f0 [ 13.841278] ret_from_fork+0x116/0x1d0 [ 13.841415] ret_from_fork_asm+0x1a/0x30 [ 13.841557] [ 13.841633] The buggy address belongs to the object at ffff888103916a00 [ 13.841633] which belongs to the cache kmalloc-64 of size 64 [ 13.842241] The buggy address is located 0 bytes to the right of [ 13.842241] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 13.843017] [ 13.843111] The buggy address belongs to the physical page: [ 13.843384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 13.843977] flags: 0x200000000000000(node=0|zone=2) [ 13.844184] page_type: f5(slab) [ 13.844306] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.844917] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.845396] page dumped because: kasan: bad access detected [ 13.845655] [ 13.845747] Memory state around the buggy address: [ 13.845966] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.846196] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.846817] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.847197] ^ [ 13.847478] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.847773] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.848017] ================================================================== [ 13.992008] ================================================================== [ 13.992462] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 13.992788] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 13.993378] [ 13.993512] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.993569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.993583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.993605] Call Trace: [ 13.993622] <TASK> [ 13.993638] dump_stack_lvl+0x73/0xb0 [ 13.993667] print_report+0xd1/0x650 [ 13.993691] ? __virt_addr_valid+0x1db/0x2d0 [ 13.993715] ? kasan_atomics_helper+0x72f/0x5450 [ 13.993736] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.993771] ? kasan_atomics_helper+0x72f/0x5450 [ 13.993793] kasan_report+0x141/0x180 [ 13.993816] ? kasan_atomics_helper+0x72f/0x5450 [ 13.993853] kasan_check_range+0x10c/0x1c0 [ 13.993877] __kasan_check_write+0x18/0x20 [ 13.993897] kasan_atomics_helper+0x72f/0x5450 [ 13.993920] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.993943] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.993969] ? kasan_atomics+0x152/0x310 [ 13.993997] kasan_atomics+0x1dc/0x310 [ 13.994019] ? __pfx_kasan_atomics+0x10/0x10 [ 13.994236] ? __pfx_read_tsc+0x10/0x10 [ 13.994260] ? ktime_get_ts64+0x86/0x230 [ 13.994297] kunit_try_run_case+0x1a5/0x480 [ 13.994322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.994346] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.994369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.994392] ? __kthread_parkme+0x82/0x180 [ 13.994414] ? preempt_count_sub+0x50/0x80 [ 13.994437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.994462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.994486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.994510] kthread+0x337/0x6f0 [ 13.994530] ? trace_preempt_on+0x20/0xc0 [ 13.994555] ? __pfx_kthread+0x10/0x10 [ 13.994575] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.994597] ? calculate_sigpending+0x7b/0xa0 [ 13.994621] ? __pfx_kthread+0x10/0x10 [ 13.994642] ret_from_fork+0x116/0x1d0 [ 13.994661] ? __pfx_kthread+0x10/0x10 [ 13.994682] ret_from_fork_asm+0x1a/0x30 [ 13.994712] </TASK> [ 13.994724] [ 14.003387] Allocated by task 282: [ 14.003597] kasan_save_stack+0x45/0x70 [ 14.003823] kasan_save_track+0x18/0x40 [ 14.004070] kasan_save_alloc_info+0x3b/0x50 [ 14.004288] __kasan_kmalloc+0xb7/0xc0 [ 14.004467] __kmalloc_cache_noprof+0x189/0x420 [ 14.004692] kasan_atomics+0x95/0x310 [ 14.004954] kunit_try_run_case+0x1a5/0x480 [ 14.005256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.005496] kthread+0x337/0x6f0 [ 14.005669] ret_from_fork+0x116/0x1d0 [ 14.005856] ret_from_fork_asm+0x1a/0x30 [ 14.006015] [ 14.006296] The buggy address belongs to the object at ffff888103916a00 [ 14.006296] which belongs to the cache kmalloc-64 of size 64 [ 14.006800] The buggy address is located 0 bytes to the right of [ 14.006800] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.007357] [ 14.007440] The buggy address belongs to the physical page: [ 14.007697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.008183] flags: 0x200000000000000(node=0|zone=2) [ 14.008352] page_type: f5(slab) [ 14.008500] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.008871] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.009310] page dumped because: kasan: bad access detected [ 14.009562] [ 14.009654] Memory state around the buggy address: [ 14.009878] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.010411] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.010725] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.010982] ^ [ 14.011157] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.011577] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.011890] ================================================================== [ 14.207139] ================================================================== [ 14.207542] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 14.207791] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.208136] [ 14.208242] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.208284] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.208297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.208318] Call Trace: [ 14.208334] <TASK> [ 14.208349] dump_stack_lvl+0x73/0xb0 [ 14.208375] print_report+0xd1/0x650 [ 14.208398] ? __virt_addr_valid+0x1db/0x2d0 [ 14.208422] ? kasan_atomics_helper+0xd47/0x5450 [ 14.208445] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.208468] ? kasan_atomics_helper+0xd47/0x5450 [ 14.208490] kasan_report+0x141/0x180 [ 14.208513] ? kasan_atomics_helper+0xd47/0x5450 [ 14.208542] kasan_check_range+0x10c/0x1c0 [ 14.208568] __kasan_check_write+0x18/0x20 [ 14.208590] kasan_atomics_helper+0xd47/0x5450 [ 14.208615] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.208639] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.208665] ? kasan_atomics+0x152/0x310 [ 14.208692] kasan_atomics+0x1dc/0x310 [ 14.208717] ? __pfx_kasan_atomics+0x10/0x10 [ 14.208742] ? __pfx_read_tsc+0x10/0x10 [ 14.208763] ? ktime_get_ts64+0x86/0x230 [ 14.208788] kunit_try_run_case+0x1a5/0x480 [ 14.208814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.208838] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.208862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.208885] ? __kthread_parkme+0x82/0x180 [ 14.208906] ? preempt_count_sub+0x50/0x80 [ 14.208930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.208954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.208978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.209002] kthread+0x337/0x6f0 [ 14.209021] ? trace_preempt_on+0x20/0xc0 [ 14.209121] ? __pfx_kthread+0x10/0x10 [ 14.209162] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.209184] ? calculate_sigpending+0x7b/0xa0 [ 14.209209] ? __pfx_kthread+0x10/0x10 [ 14.209231] ret_from_fork+0x116/0x1d0 [ 14.209249] ? __pfx_kthread+0x10/0x10 [ 14.209270] ret_from_fork_asm+0x1a/0x30 [ 14.209301] </TASK> [ 14.209312] [ 14.217396] Allocated by task 282: [ 14.217530] kasan_save_stack+0x45/0x70 [ 14.217713] kasan_save_track+0x18/0x40 [ 14.217907] kasan_save_alloc_info+0x3b/0x50 [ 14.218338] __kasan_kmalloc+0xb7/0xc0 [ 14.218545] __kmalloc_cache_noprof+0x189/0x420 [ 14.218764] kasan_atomics+0x95/0x310 [ 14.218930] kunit_try_run_case+0x1a5/0x480 [ 14.219245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.219446] kthread+0x337/0x6f0 [ 14.219616] ret_from_fork+0x116/0x1d0 [ 14.219803] ret_from_fork_asm+0x1a/0x30 [ 14.219973] [ 14.220151] The buggy address belongs to the object at ffff888103916a00 [ 14.220151] which belongs to the cache kmalloc-64 of size 64 [ 14.220538] The buggy address is located 0 bytes to the right of [ 14.220538] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.220975] [ 14.221153] The buggy address belongs to the physical page: [ 14.221434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.221785] flags: 0x200000000000000(node=0|zone=2) [ 14.222017] page_type: f5(slab) [ 14.222389] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.222627] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.222880] page dumped because: kasan: bad access detected [ 14.223241] [ 14.223342] Memory state around the buggy address: [ 14.223570] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.223889] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.224305] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.224587] ^ [ 14.224780] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.225112] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.225401] ================================================================== [ 14.341433] ================================================================== [ 14.341770] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 14.342195] Read of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.342475] [ 14.342588] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.342629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.342642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.342664] Call Trace: [ 14.342678] <TASK> [ 14.342694] dump_stack_lvl+0x73/0xb0 [ 14.342721] print_report+0xd1/0x650 [ 14.342745] ? __virt_addr_valid+0x1db/0x2d0 [ 14.342768] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.342789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.342812] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.342834] kasan_report+0x141/0x180 [ 14.342857] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.342884] __asan_report_load4_noabort+0x18/0x20 [ 14.342908] kasan_atomics_helper+0x4a1c/0x5450 [ 14.342932] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.342955] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.342980] ? kasan_atomics+0x152/0x310 [ 14.343008] kasan_atomics+0x1dc/0x310 [ 14.343045] ? __pfx_kasan_atomics+0x10/0x10 [ 14.343077] ? __pfx_read_tsc+0x10/0x10 [ 14.343099] ? ktime_get_ts64+0x86/0x230 [ 14.343122] kunit_try_run_case+0x1a5/0x480 [ 14.343148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.343170] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.343194] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.343217] ? __kthread_parkme+0x82/0x180 [ 14.343237] ? preempt_count_sub+0x50/0x80 [ 14.343261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.343285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.343309] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.343334] kthread+0x337/0x6f0 [ 14.343354] ? trace_preempt_on+0x20/0xc0 [ 14.343378] ? __pfx_kthread+0x10/0x10 [ 14.343400] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.343421] ? calculate_sigpending+0x7b/0xa0 [ 14.343606] ? __pfx_kthread+0x10/0x10 [ 14.343637] ret_from_fork+0x116/0x1d0 [ 14.343657] ? __pfx_kthread+0x10/0x10 [ 14.343679] ret_from_fork_asm+0x1a/0x30 [ 14.343710] </TASK> [ 14.343721] [ 14.351726] Allocated by task 282: [ 14.351904] kasan_save_stack+0x45/0x70 [ 14.352098] kasan_save_track+0x18/0x40 [ 14.352444] kasan_save_alloc_info+0x3b/0x50 [ 14.352614] __kasan_kmalloc+0xb7/0xc0 [ 14.352749] __kmalloc_cache_noprof+0x189/0x420 [ 14.352985] kasan_atomics+0x95/0x310 [ 14.353333] kunit_try_run_case+0x1a5/0x480 [ 14.353626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.353807] kthread+0x337/0x6f0 [ 14.353991] ret_from_fork+0x116/0x1d0 [ 14.354204] ret_from_fork_asm+0x1a/0x30 [ 14.354380] [ 14.354454] The buggy address belongs to the object at ffff888103916a00 [ 14.354454] which belongs to the cache kmalloc-64 of size 64 [ 14.354805] The buggy address is located 0 bytes to the right of [ 14.354805] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.355829] [ 14.355902] The buggy address belongs to the physical page: [ 14.356086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.356334] flags: 0x200000000000000(node=0|zone=2) [ 14.356501] page_type: f5(slab) [ 14.356899] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.357270] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.357615] page dumped because: kasan: bad access detected [ 14.357870] [ 14.357967] Memory state around the buggy address: [ 14.358194] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.358510] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.358793] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.359086] ^ [ 14.359299] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.359521] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.359734] ================================================================== [ 14.672594] ================================================================== [ 14.672919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.673772] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.674286] [ 14.674546] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.674596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.674610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.674632] Call Trace: [ 14.674657] <TASK> [ 14.674673] dump_stack_lvl+0x73/0xb0 [ 14.674704] print_report+0xd1/0x650 [ 14.674728] ? __virt_addr_valid+0x1db/0x2d0 [ 14.674751] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.674773] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.674796] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.674817] kasan_report+0x141/0x180 [ 14.674840] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.674866] kasan_check_range+0x10c/0x1c0 [ 14.674890] __kasan_check_write+0x18/0x20 [ 14.674910] kasan_atomics_helper+0x16e7/0x5450 [ 14.674932] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.674955] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.674981] ? kasan_atomics+0x152/0x310 [ 14.675008] kasan_atomics+0x1dc/0x310 [ 14.675043] ? __pfx_kasan_atomics+0x10/0x10 [ 14.675109] ? __pfx_read_tsc+0x10/0x10 [ 14.675131] ? ktime_get_ts64+0x86/0x230 [ 14.675167] kunit_try_run_case+0x1a5/0x480 [ 14.675192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.675214] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.675239] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.675262] ? __kthread_parkme+0x82/0x180 [ 14.675283] ? preempt_count_sub+0x50/0x80 [ 14.675307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.675331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.675354] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.675378] kthread+0x337/0x6f0 [ 14.675398] ? trace_preempt_on+0x20/0xc0 [ 14.675421] ? __pfx_kthread+0x10/0x10 [ 14.675442] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.675464] ? calculate_sigpending+0x7b/0xa0 [ 14.675488] ? __pfx_kthread+0x10/0x10 [ 14.675510] ret_from_fork+0x116/0x1d0 [ 14.675529] ? __pfx_kthread+0x10/0x10 [ 14.675550] ret_from_fork_asm+0x1a/0x30 [ 14.675581] </TASK> [ 14.675593] [ 14.687881] Allocated by task 282: [ 14.688257] kasan_save_stack+0x45/0x70 [ 14.688498] kasan_save_track+0x18/0x40 [ 14.688687] kasan_save_alloc_info+0x3b/0x50 [ 14.688879] __kasan_kmalloc+0xb7/0xc0 [ 14.689288] __kmalloc_cache_noprof+0x189/0x420 [ 14.689551] kasan_atomics+0x95/0x310 [ 14.689842] kunit_try_run_case+0x1a5/0x480 [ 14.690238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.690733] kthread+0x337/0x6f0 [ 14.690998] ret_from_fork+0x116/0x1d0 [ 14.691366] ret_from_fork_asm+0x1a/0x30 [ 14.691566] [ 14.691661] The buggy address belongs to the object at ffff888103916a00 [ 14.691661] which belongs to the cache kmalloc-64 of size 64 [ 14.692420] The buggy address is located 0 bytes to the right of [ 14.692420] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.693498] [ 14.693588] The buggy address belongs to the physical page: [ 14.693943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.694767] flags: 0x200000000000000(node=0|zone=2) [ 14.695080] page_type: f5(slab) [ 14.695477] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.695931] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.696558] page dumped because: kasan: bad access detected [ 14.696863] [ 14.696965] Memory state around the buggy address: [ 14.697380] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.697666] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.697959] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.698755] ^ [ 14.699070] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.699715] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.700178] ================================================================== [ 14.700950] ================================================================== [ 14.701567] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.701877] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.702399] [ 14.702717] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.702765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.702779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.702891] Call Trace: [ 14.702913] <TASK> [ 14.702931] dump_stack_lvl+0x73/0xb0 [ 14.702960] print_report+0xd1/0x650 [ 14.702984] ? __virt_addr_valid+0x1db/0x2d0 [ 14.703007] ? kasan_atomics_helper+0x177f/0x5450 [ 14.703075] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.703101] ? kasan_atomics_helper+0x177f/0x5450 [ 14.703125] kasan_report+0x141/0x180 [ 14.703148] ? kasan_atomics_helper+0x177f/0x5450 [ 14.703173] kasan_check_range+0x10c/0x1c0 [ 14.703197] __kasan_check_write+0x18/0x20 [ 14.703218] kasan_atomics_helper+0x177f/0x5450 [ 14.703240] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.703262] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.703288] ? kasan_atomics+0x152/0x310 [ 14.703316] kasan_atomics+0x1dc/0x310 [ 14.703338] ? __pfx_kasan_atomics+0x10/0x10 [ 14.703362] ? __pfx_read_tsc+0x10/0x10 [ 14.703383] ? ktime_get_ts64+0x86/0x230 [ 14.703407] kunit_try_run_case+0x1a5/0x480 [ 14.703430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.703453] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.703476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.703500] ? __kthread_parkme+0x82/0x180 [ 14.703520] ? preempt_count_sub+0x50/0x80 [ 14.703543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.703567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.703590] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.703614] kthread+0x337/0x6f0 [ 14.703634] ? trace_preempt_on+0x20/0xc0 [ 14.703657] ? __pfx_kthread+0x10/0x10 [ 14.703679] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.703700] ? calculate_sigpending+0x7b/0xa0 [ 14.703725] ? __pfx_kthread+0x10/0x10 [ 14.703746] ret_from_fork+0x116/0x1d0 [ 14.703764] ? __pfx_kthread+0x10/0x10 [ 14.703786] ret_from_fork_asm+0x1a/0x30 [ 14.703817] </TASK> [ 14.703828] [ 14.717264] Allocated by task 282: [ 14.717562] kasan_save_stack+0x45/0x70 [ 14.717763] kasan_save_track+0x18/0x40 [ 14.717934] kasan_save_alloc_info+0x3b/0x50 [ 14.718327] __kasan_kmalloc+0xb7/0xc0 [ 14.718608] __kmalloc_cache_noprof+0x189/0x420 [ 14.719025] kasan_atomics+0x95/0x310 [ 14.719409] kunit_try_run_case+0x1a5/0x480 [ 14.719610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.719840] kthread+0x337/0x6f0 [ 14.719997] ret_from_fork+0x116/0x1d0 [ 14.720530] ret_from_fork_asm+0x1a/0x30 [ 14.720802] [ 14.721022] The buggy address belongs to the object at ffff888103916a00 [ 14.721022] which belongs to the cache kmalloc-64 of size 64 [ 14.721963] The buggy address is located 0 bytes to the right of [ 14.721963] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.722894] [ 14.723150] The buggy address belongs to the physical page: [ 14.723577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.724198] flags: 0x200000000000000(node=0|zone=2) [ 14.724421] page_type: f5(slab) [ 14.724589] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.724910] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.725239] page dumped because: kasan: bad access detected [ 14.725467] [ 14.725558] Memory state around the buggy address: [ 14.725763] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.726420] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.726858] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.727772] ^ [ 14.728102] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.728749] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.729199] ================================================================== [ 13.950245] ================================================================== [ 13.950561] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 13.950887] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 13.951472] [ 13.951589] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.951635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.951648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.951669] Call Trace: [ 13.951685] <TASK> [ 13.951700] dump_stack_lvl+0x73/0xb0 [ 13.951730] print_report+0xd1/0x650 [ 13.951754] ? __virt_addr_valid+0x1db/0x2d0 [ 13.951778] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.951802] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.951825] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.951848] kasan_report+0x141/0x180 [ 13.951870] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.951897] kasan_check_range+0x10c/0x1c0 [ 13.951921] __kasan_check_write+0x18/0x20 [ 13.951942] kasan_atomics_helper+0x5fe/0x5450 [ 13.951965] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.951987] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.952013] ? kasan_atomics+0x152/0x310 [ 13.952055] kasan_atomics+0x1dc/0x310 [ 13.952079] ? __pfx_kasan_atomics+0x10/0x10 [ 13.952103] ? __pfx_read_tsc+0x10/0x10 [ 13.952152] ? ktime_get_ts64+0x86/0x230 [ 13.952177] kunit_try_run_case+0x1a5/0x480 [ 13.952212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.952251] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.952276] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.952299] ? __kthread_parkme+0x82/0x180 [ 13.952319] ? preempt_count_sub+0x50/0x80 [ 13.952344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.952368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.952392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.952418] kthread+0x337/0x6f0 [ 13.952438] ? trace_preempt_on+0x20/0xc0 [ 13.952472] ? __pfx_kthread+0x10/0x10 [ 13.952494] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.952515] ? calculate_sigpending+0x7b/0xa0 [ 13.952553] ? __pfx_kthread+0x10/0x10 [ 13.952574] ret_from_fork+0x116/0x1d0 [ 13.952593] ? __pfx_kthread+0x10/0x10 [ 13.952614] ret_from_fork_asm+0x1a/0x30 [ 13.952645] </TASK> [ 13.952656] [ 13.961055] Allocated by task 282: [ 13.961241] kasan_save_stack+0x45/0x70 [ 13.961404] kasan_save_track+0x18/0x40 [ 13.961809] kasan_save_alloc_info+0x3b/0x50 [ 13.962159] __kasan_kmalloc+0xb7/0xc0 [ 13.962340] __kmalloc_cache_noprof+0x189/0x420 [ 13.962590] kasan_atomics+0x95/0x310 [ 13.962794] kunit_try_run_case+0x1a5/0x480 [ 13.962990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.963376] kthread+0x337/0x6f0 [ 13.963554] ret_from_fork+0x116/0x1d0 [ 13.963741] ret_from_fork_asm+0x1a/0x30 [ 13.963946] [ 13.964174] The buggy address belongs to the object at ffff888103916a00 [ 13.964174] which belongs to the cache kmalloc-64 of size 64 [ 13.964558] The buggy address is located 0 bytes to the right of [ 13.964558] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 13.965131] [ 13.965227] The buggy address belongs to the physical page: [ 13.965422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 13.965685] flags: 0x200000000000000(node=0|zone=2) [ 13.965919] page_type: f5(slab) [ 13.966355] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.966726] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.967112] page dumped because: kasan: bad access detected [ 13.967394] [ 13.967478] Memory state around the buggy address: [ 13.967713] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.968008] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.968444] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.968758] ^ [ 13.968922] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.969359] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.969661] ================================================================== [ 14.937814] ================================================================== [ 14.938211] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 14.938612] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.939285] [ 14.939481] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.939551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.939565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.939587] Call Trace: [ 14.939602] <TASK> [ 14.939618] dump_stack_lvl+0x73/0xb0 [ 14.939647] print_report+0xd1/0x650 [ 14.939671] ? __virt_addr_valid+0x1db/0x2d0 [ 14.939694] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.939717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.939740] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.939762] kasan_report+0x141/0x180 [ 14.939784] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.939812] kasan_check_range+0x10c/0x1c0 [ 14.939836] __kasan_check_write+0x18/0x20 [ 14.939856] kasan_atomics_helper+0x1e12/0x5450 [ 14.939879] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.939902] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.939927] ? kasan_atomics+0x152/0x310 [ 14.939955] kasan_atomics+0x1dc/0x310 [ 14.939978] ? __pfx_kasan_atomics+0x10/0x10 [ 14.940003] ? __pfx_read_tsc+0x10/0x10 [ 14.940025] ? ktime_get_ts64+0x86/0x230 [ 14.940257] kunit_try_run_case+0x1a5/0x480 [ 14.940283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.940306] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.940330] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.940352] ? __kthread_parkme+0x82/0x180 [ 14.940374] ? preempt_count_sub+0x50/0x80 [ 14.940398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.940422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.940446] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.940469] kthread+0x337/0x6f0 [ 14.940488] ? trace_preempt_on+0x20/0xc0 [ 14.940512] ? __pfx_kthread+0x10/0x10 [ 14.940533] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.940554] ? calculate_sigpending+0x7b/0xa0 [ 14.940578] ? __pfx_kthread+0x10/0x10 [ 14.940601] ret_from_fork+0x116/0x1d0 [ 14.940619] ? __pfx_kthread+0x10/0x10 [ 14.940640] ret_from_fork_asm+0x1a/0x30 [ 14.940670] </TASK> [ 14.940682] [ 14.951369] Allocated by task 282: [ 14.951613] kasan_save_stack+0x45/0x70 [ 14.951817] kasan_save_track+0x18/0x40 [ 14.951986] kasan_save_alloc_info+0x3b/0x50 [ 14.952231] __kasan_kmalloc+0xb7/0xc0 [ 14.952778] __kmalloc_cache_noprof+0x189/0x420 [ 14.953064] kasan_atomics+0x95/0x310 [ 14.953346] kunit_try_run_case+0x1a5/0x480 [ 14.953719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.954023] kthread+0x337/0x6f0 [ 14.954268] ret_from_fork+0x116/0x1d0 [ 14.954654] ret_from_fork_asm+0x1a/0x30 [ 14.954842] [ 14.954917] The buggy address belongs to the object at ffff888103916a00 [ 14.954917] which belongs to the cache kmalloc-64 of size 64 [ 14.955674] The buggy address is located 0 bytes to the right of [ 14.955674] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.956409] [ 14.956672] The buggy address belongs to the physical page: [ 14.956895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.957457] flags: 0x200000000000000(node=0|zone=2) [ 14.957691] page_type: f5(slab) [ 14.957910] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.958383] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.958998] page dumped because: kasan: bad access detected [ 14.959484] [ 14.959588] Memory state around the buggy address: [ 14.959899] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.960176] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.960721] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.961080] ^ [ 14.961326] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.961719] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.962145] ================================================================== [ 14.785379] ================================================================== [ 14.785727] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 14.786111] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.786442] [ 14.786532] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.786573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.786586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.786607] Call Trace: [ 14.786620] <TASK> [ 14.786636] dump_stack_lvl+0x73/0xb0 [ 14.786662] print_report+0xd1/0x650 [ 14.786685] ? __virt_addr_valid+0x1db/0x2d0 [ 14.786708] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.786730] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.786753] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.786775] kasan_report+0x141/0x180 [ 14.786797] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.786823] kasan_check_range+0x10c/0x1c0 [ 14.786847] __kasan_check_write+0x18/0x20 [ 14.786866] kasan_atomics_helper+0x19e3/0x5450 [ 14.786889] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.786912] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.786938] ? kasan_atomics+0x152/0x310 [ 14.786965] kasan_atomics+0x1dc/0x310 [ 14.786987] ? __pfx_kasan_atomics+0x10/0x10 [ 14.787013] ? __pfx_read_tsc+0x10/0x10 [ 14.787073] ? ktime_get_ts64+0x86/0x230 [ 14.787098] kunit_try_run_case+0x1a5/0x480 [ 14.787124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.787162] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.787185] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.787209] ? __kthread_parkme+0x82/0x180 [ 14.787230] ? preempt_count_sub+0x50/0x80 [ 14.787252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.787276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.787299] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.787323] kthread+0x337/0x6f0 [ 14.787343] ? trace_preempt_on+0x20/0xc0 [ 14.787366] ? __pfx_kthread+0x10/0x10 [ 14.787387] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.787408] ? calculate_sigpending+0x7b/0xa0 [ 14.787432] ? __pfx_kthread+0x10/0x10 [ 14.787454] ret_from_fork+0x116/0x1d0 [ 14.787472] ? __pfx_kthread+0x10/0x10 [ 14.787493] ret_from_fork_asm+0x1a/0x30 [ 14.787523] </TASK> [ 14.787534] [ 14.794956] Allocated by task 282: [ 14.795222] kasan_save_stack+0x45/0x70 [ 14.795499] kasan_save_track+0x18/0x40 [ 14.795704] kasan_save_alloc_info+0x3b/0x50 [ 14.795897] __kasan_kmalloc+0xb7/0xc0 [ 14.796059] __kmalloc_cache_noprof+0x189/0x420 [ 14.796283] kasan_atomics+0x95/0x310 [ 14.796430] kunit_try_run_case+0x1a5/0x480 [ 14.796639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.796868] kthread+0x337/0x6f0 [ 14.797010] ret_from_fork+0x116/0x1d0 [ 14.797190] ret_from_fork_asm+0x1a/0x30 [ 14.797390] [ 14.797469] The buggy address belongs to the object at ffff888103916a00 [ 14.797469] which belongs to the cache kmalloc-64 of size 64 [ 14.797930] The buggy address is located 0 bytes to the right of [ 14.797930] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.798465] [ 14.798566] The buggy address belongs to the physical page: [ 14.798799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.799210] flags: 0x200000000000000(node=0|zone=2) [ 14.799423] page_type: f5(slab) [ 14.799583] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.799874] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.800268] page dumped because: kasan: bad access detected [ 14.800443] [ 14.800514] Memory state around the buggy address: [ 14.800672] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.800890] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.801171] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.801482] ^ [ 14.801701] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.802020] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.802384] ================================================================== [ 14.144467] ================================================================== [ 14.144997] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 14.145407] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.145873] [ 14.145994] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.146052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.146065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.146087] Call Trace: [ 14.146104] <TASK> [ 14.146119] dump_stack_lvl+0x73/0xb0 [ 14.146173] print_report+0xd1/0x650 [ 14.146354] ? __virt_addr_valid+0x1db/0x2d0 [ 14.146387] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.146410] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.146433] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.146454] kasan_report+0x141/0x180 [ 14.146477] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.146504] kasan_check_range+0x10c/0x1c0 [ 14.146528] __kasan_check_write+0x18/0x20 [ 14.146547] kasan_atomics_helper+0xb6a/0x5450 [ 14.146570] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.146593] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.146619] ? kasan_atomics+0x152/0x310 [ 14.146647] kasan_atomics+0x1dc/0x310 [ 14.146670] ? __pfx_kasan_atomics+0x10/0x10 [ 14.146694] ? __pfx_read_tsc+0x10/0x10 [ 14.146716] ? ktime_get_ts64+0x86/0x230 [ 14.146740] kunit_try_run_case+0x1a5/0x480 [ 14.146764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.146787] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.146810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.146833] ? __kthread_parkme+0x82/0x180 [ 14.146854] ? preempt_count_sub+0x50/0x80 [ 14.146877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.146901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.146925] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.146948] kthread+0x337/0x6f0 [ 14.146968] ? trace_preempt_on+0x20/0xc0 [ 14.146990] ? __pfx_kthread+0x10/0x10 [ 14.147012] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.147103] ? calculate_sigpending+0x7b/0xa0 [ 14.147132] ? __pfx_kthread+0x10/0x10 [ 14.147154] ret_from_fork+0x116/0x1d0 [ 14.147172] ? __pfx_kthread+0x10/0x10 [ 14.147193] ret_from_fork_asm+0x1a/0x30 [ 14.147224] </TASK> [ 14.147236] [ 14.154698] Allocated by task 282: [ 14.154840] kasan_save_stack+0x45/0x70 [ 14.154988] kasan_save_track+0x18/0x40 [ 14.155143] kasan_save_alloc_info+0x3b/0x50 [ 14.155338] __kasan_kmalloc+0xb7/0xc0 [ 14.155524] __kmalloc_cache_noprof+0x189/0x420 [ 14.155745] kasan_atomics+0x95/0x310 [ 14.155901] kunit_try_run_case+0x1a5/0x480 [ 14.156057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.156250] kthread+0x337/0x6f0 [ 14.156385] ret_from_fork+0x116/0x1d0 [ 14.156518] ret_from_fork_asm+0x1a/0x30 [ 14.156661] [ 14.156736] The buggy address belongs to the object at ffff888103916a00 [ 14.156736] which belongs to the cache kmalloc-64 of size 64 [ 14.157101] The buggy address is located 0 bytes to the right of [ 14.157101] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.157452] [ 14.157523] The buggy address belongs to the physical page: [ 14.157689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.157918] flags: 0x200000000000000(node=0|zone=2) [ 14.158094] page_type: f5(slab) [ 14.158211] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.158745] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.159160] page dumped because: kasan: bad access detected [ 14.159421] [ 14.159515] Memory state around the buggy address: [ 14.159744] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.160167] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.160510] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.160841] ^ [ 14.161138] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.161468] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.161787] ================================================================== [ 14.119044] ================================================================== [ 14.119577] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 14.120090] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.120494] [ 14.120608] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.120652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.120667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.120687] Call Trace: [ 14.120703] <TASK> [ 14.120718] dump_stack_lvl+0x73/0xb0 [ 14.120746] print_report+0xd1/0x650 [ 14.120770] ? __virt_addr_valid+0x1db/0x2d0 [ 14.120793] ? kasan_atomics_helper+0xac7/0x5450 [ 14.120815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.120838] ? kasan_atomics_helper+0xac7/0x5450 [ 14.120859] kasan_report+0x141/0x180 [ 14.120882] ? kasan_atomics_helper+0xac7/0x5450 [ 14.120908] kasan_check_range+0x10c/0x1c0 [ 14.120932] __kasan_check_write+0x18/0x20 [ 14.120951] kasan_atomics_helper+0xac7/0x5450 [ 14.120974] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.120996] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.121022] ? kasan_atomics+0x152/0x310 [ 14.121250] kasan_atomics+0x1dc/0x310 [ 14.121275] ? __pfx_kasan_atomics+0x10/0x10 [ 14.121300] ? __pfx_read_tsc+0x10/0x10 [ 14.121321] ? ktime_get_ts64+0x86/0x230 [ 14.121345] kunit_try_run_case+0x1a5/0x480 [ 14.121370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.121393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.121416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.121439] ? __kthread_parkme+0x82/0x180 [ 14.121460] ? preempt_count_sub+0x50/0x80 [ 14.121483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.121507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.121530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.121554] kthread+0x337/0x6f0 [ 14.121573] ? trace_preempt_on+0x20/0xc0 [ 14.121596] ? __pfx_kthread+0x10/0x10 [ 14.121617] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.121638] ? calculate_sigpending+0x7b/0xa0 [ 14.121662] ? __pfx_kthread+0x10/0x10 [ 14.121684] ret_from_fork+0x116/0x1d0 [ 14.121702] ? __pfx_kthread+0x10/0x10 [ 14.121723] ret_from_fork_asm+0x1a/0x30 [ 14.121753] </TASK> [ 14.121766] [ 14.132912] Allocated by task 282: [ 14.133208] kasan_save_stack+0x45/0x70 [ 14.133410] kasan_save_track+0x18/0x40 [ 14.133597] kasan_save_alloc_info+0x3b/0x50 [ 14.133790] __kasan_kmalloc+0xb7/0xc0 [ 14.133967] __kmalloc_cache_noprof+0x189/0x420 [ 14.134740] kasan_atomics+0x95/0x310 [ 14.134930] kunit_try_run_case+0x1a5/0x480 [ 14.135222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.135573] kthread+0x337/0x6f0 [ 14.135741] ret_from_fork+0x116/0x1d0 [ 14.136042] ret_from_fork_asm+0x1a/0x30 [ 14.136419] [ 14.136502] The buggy address belongs to the object at ffff888103916a00 [ 14.136502] which belongs to the cache kmalloc-64 of size 64 [ 14.136995] The buggy address is located 0 bytes to the right of [ 14.136995] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.137538] [ 14.137636] The buggy address belongs to the physical page: [ 14.137863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.138564] flags: 0x200000000000000(node=0|zone=2) [ 14.138741] page_type: f5(slab) [ 14.138914] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.139515] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.139959] page dumped because: kasan: bad access detected [ 14.140354] [ 14.140457] Memory state around the buggy address: [ 14.140663] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.141229] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.141635] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.142023] ^ [ 14.142530] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.142930] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.143516] ================================================================== [ 14.561666] ================================================================== [ 14.561969] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.562417] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.562738] [ 14.562843] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.562882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.562894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.562915] Call Trace: [ 14.562929] <TASK> [ 14.562944] dump_stack_lvl+0x73/0xb0 [ 14.562972] print_report+0xd1/0x650 [ 14.562995] ? __virt_addr_valid+0x1db/0x2d0 [ 14.563016] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.563049] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.563078] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.563100] kasan_report+0x141/0x180 [ 14.563123] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.563149] __asan_report_store8_noabort+0x1b/0x30 [ 14.563170] kasan_atomics_helper+0x50d4/0x5450 [ 14.563193] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.563215] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.563240] ? kasan_atomics+0x152/0x310 [ 14.563267] kasan_atomics+0x1dc/0x310 [ 14.563291] ? __pfx_kasan_atomics+0x10/0x10 [ 14.563317] ? __pfx_read_tsc+0x10/0x10 [ 14.563338] ? ktime_get_ts64+0x86/0x230 [ 14.563361] kunit_try_run_case+0x1a5/0x480 [ 14.563385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.563408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.563431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.563454] ? __kthread_parkme+0x82/0x180 [ 14.563474] ? preempt_count_sub+0x50/0x80 [ 14.563498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.563522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.563545] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.563568] kthread+0x337/0x6f0 [ 14.563588] ? trace_preempt_on+0x20/0xc0 [ 14.563611] ? __pfx_kthread+0x10/0x10 [ 14.563632] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.563653] ? calculate_sigpending+0x7b/0xa0 [ 14.563676] ? __pfx_kthread+0x10/0x10 [ 14.563698] ret_from_fork+0x116/0x1d0 [ 14.563716] ? __pfx_kthread+0x10/0x10 [ 14.563737] ret_from_fork_asm+0x1a/0x30 [ 14.563766] </TASK> [ 14.563778] [ 14.573397] Allocated by task 282: [ 14.573543] kasan_save_stack+0x45/0x70 [ 14.573694] kasan_save_track+0x18/0x40 [ 14.573833] kasan_save_alloc_info+0x3b/0x50 [ 14.573983] __kasan_kmalloc+0xb7/0xc0 [ 14.574756] __kmalloc_cache_noprof+0x189/0x420 [ 14.575207] kasan_atomics+0x95/0x310 [ 14.575675] kunit_try_run_case+0x1a5/0x480 [ 14.576093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.576579] kthread+0x337/0x6f0 [ 14.576772] ret_from_fork+0x116/0x1d0 [ 14.576962] ret_from_fork_asm+0x1a/0x30 [ 14.577551] [ 14.577664] The buggy address belongs to the object at ffff888103916a00 [ 14.577664] which belongs to the cache kmalloc-64 of size 64 [ 14.578766] The buggy address is located 0 bytes to the right of [ 14.578766] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.579732] [ 14.579841] The buggy address belongs to the physical page: [ 14.580341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.580802] flags: 0x200000000000000(node=0|zone=2) [ 14.581285] page_type: f5(slab) [ 14.581483] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.581797] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.582344] page dumped because: kasan: bad access detected [ 14.582775] [ 14.582874] Memory state around the buggy address: [ 14.583526] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.583947] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.584754] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.585259] ^ [ 14.585699] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.586207] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.586797] ================================================================== [ 14.839365] ================================================================== [ 14.839716] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 14.840095] Write of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.840549] [ 14.840690] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.840734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.840747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.840768] Call Trace: [ 14.840782] <TASK> [ 14.840798] dump_stack_lvl+0x73/0xb0 [ 14.840825] print_report+0xd1/0x650 [ 14.840849] ? __virt_addr_valid+0x1db/0x2d0 [ 14.840871] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.840894] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.840916] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.840938] kasan_report+0x141/0x180 [ 14.840961] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.840987] kasan_check_range+0x10c/0x1c0 [ 14.841011] __kasan_check_write+0x18/0x20 [ 14.841043] kasan_atomics_helper+0x1c18/0x5450 [ 14.841068] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.841091] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.841117] ? kasan_atomics+0x152/0x310 [ 14.841179] kasan_atomics+0x1dc/0x310 [ 14.841202] ? __pfx_kasan_atomics+0x10/0x10 [ 14.841227] ? __pfx_read_tsc+0x10/0x10 [ 14.841249] ? ktime_get_ts64+0x86/0x230 [ 14.841274] kunit_try_run_case+0x1a5/0x480 [ 14.841299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.841322] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.841345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.841368] ? __kthread_parkme+0x82/0x180 [ 14.841389] ? preempt_count_sub+0x50/0x80 [ 14.841413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.841436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.841459] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.841482] kthread+0x337/0x6f0 [ 14.841502] ? trace_preempt_on+0x20/0xc0 [ 14.841525] ? __pfx_kthread+0x10/0x10 [ 14.841547] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.841568] ? calculate_sigpending+0x7b/0xa0 [ 14.841592] ? __pfx_kthread+0x10/0x10 [ 14.841614] ret_from_fork+0x116/0x1d0 [ 14.841632] ? __pfx_kthread+0x10/0x10 [ 14.841654] ret_from_fork_asm+0x1a/0x30 [ 14.841684] </TASK> [ 14.841695] [ 14.851394] Allocated by task 282: [ 14.851758] kasan_save_stack+0x45/0x70 [ 14.852406] kasan_save_track+0x18/0x40 [ 14.853246] kasan_save_alloc_info+0x3b/0x50 [ 14.853463] __kasan_kmalloc+0xb7/0xc0 [ 14.853811] __kmalloc_cache_noprof+0x189/0x420 [ 14.854150] kasan_atomics+0x95/0x310 [ 14.854327] kunit_try_run_case+0x1a5/0x480 [ 14.854635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.854878] kthread+0x337/0x6f0 [ 14.855313] ret_from_fork+0x116/0x1d0 [ 14.855508] ret_from_fork_asm+0x1a/0x30 [ 14.855931] [ 14.856123] The buggy address belongs to the object at ffff888103916a00 [ 14.856123] which belongs to the cache kmalloc-64 of size 64 [ 14.856864] The buggy address is located 0 bytes to the right of [ 14.856864] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.857755] [ 14.857851] The buggy address belongs to the physical page: [ 14.858236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.858818] flags: 0x200000000000000(node=0|zone=2) [ 14.859088] page_type: f5(slab) [ 14.859368] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.859970] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.860409] page dumped because: kasan: bad access detected [ 14.860723] [ 14.860819] Memory state around the buggy address: [ 14.861019] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.861682] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.862156] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.862427] ^ [ 14.862645] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.863267] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.863711] ================================================================== [ 14.523833] ================================================================== [ 14.524306] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.524665] Read of size 8 at addr ffff888103916a30 by task kunit_try_catch/282 [ 14.524976] [ 14.525346] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.525396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.525409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.525430] Call Trace: [ 14.525444] <TASK> [ 14.525460] dump_stack_lvl+0x73/0xb0 [ 14.525487] print_report+0xd1/0x650 [ 14.525511] ? __virt_addr_valid+0x1db/0x2d0 [ 14.525534] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.525556] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.525579] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.525601] kasan_report+0x141/0x180 [ 14.525623] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.525650] __asan_report_load8_noabort+0x18/0x20 [ 14.525675] kasan_atomics_helper+0x4eae/0x5450 [ 14.525697] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.525720] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.525746] ? kasan_atomics+0x152/0x310 [ 14.525773] kasan_atomics+0x1dc/0x310 [ 14.525797] ? __pfx_kasan_atomics+0x10/0x10 [ 14.525823] ? __pfx_read_tsc+0x10/0x10 [ 14.525844] ? ktime_get_ts64+0x86/0x230 [ 14.525868] kunit_try_run_case+0x1a5/0x480 [ 14.525891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.525914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.525937] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.525960] ? __kthread_parkme+0x82/0x180 [ 14.525982] ? preempt_count_sub+0x50/0x80 [ 14.526005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.526042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.526080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.526103] kthread+0x337/0x6f0 [ 14.526123] ? trace_preempt_on+0x20/0xc0 [ 14.526147] ? __pfx_kthread+0x10/0x10 [ 14.526169] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.526190] ? calculate_sigpending+0x7b/0xa0 [ 14.526215] ? __pfx_kthread+0x10/0x10 [ 14.526237] ret_from_fork+0x116/0x1d0 [ 14.526255] ? __pfx_kthread+0x10/0x10 [ 14.526276] ret_from_fork_asm+0x1a/0x30 [ 14.526308] </TASK> [ 14.526320] [ 14.534087] Allocated by task 282: [ 14.534381] kasan_save_stack+0x45/0x70 [ 14.534585] kasan_save_track+0x18/0x40 [ 14.534776] kasan_save_alloc_info+0x3b/0x50 [ 14.534992] __kasan_kmalloc+0xb7/0xc0 [ 14.535260] __kmalloc_cache_noprof+0x189/0x420 [ 14.535468] kasan_atomics+0x95/0x310 [ 14.535605] kunit_try_run_case+0x1a5/0x480 [ 14.535752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.535926] kthread+0x337/0x6f0 [ 14.536114] ret_from_fork+0x116/0x1d0 [ 14.536312] ret_from_fork_asm+0x1a/0x30 [ 14.536544] [ 14.536646] The buggy address belongs to the object at ffff888103916a00 [ 14.536646] which belongs to the cache kmalloc-64 of size 64 [ 14.537321] The buggy address is located 0 bytes to the right of [ 14.537321] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 14.538404] [ 14.538478] The buggy address belongs to the physical page: [ 14.538651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 14.538889] flags: 0x200000000000000(node=0|zone=2) [ 14.539065] page_type: f5(slab) [ 14.539233] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.539704] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.540048] page dumped because: kasan: bad access detected [ 14.540269] [ 14.540341] Memory state around the buggy address: [ 14.540495] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.540711] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.540944] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.541277] ^ [ 14.541521] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.541861] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.542360] ================================================================== [ 13.782593] ================================================================== [ 13.783338] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 13.783680] Write of size 4 at addr ffff888103916a30 by task kunit_try_catch/282 [ 13.783906] [ 13.783993] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.784095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.784112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.784131] Call Trace: [ 13.784163] <TASK> [ 13.784177] dump_stack_lvl+0x73/0xb0 [ 13.784206] print_report+0xd1/0x650 [ 13.784240] ? __virt_addr_valid+0x1db/0x2d0 [ 13.784263] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.784283] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.784305] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.784325] kasan_report+0x141/0x180 [ 13.784355] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.784380] __asan_report_store4_noabort+0x1b/0x30 [ 13.784400] kasan_atomics_helper+0x4ba2/0x5450 [ 13.784432] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.784454] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.784479] ? kasan_atomics+0x152/0x310 [ 13.784514] kasan_atomics+0x1dc/0x310 [ 13.784536] ? __pfx_kasan_atomics+0x10/0x10 [ 13.784559] ? __pfx_read_tsc+0x10/0x10 [ 13.784590] ? ktime_get_ts64+0x86/0x230 [ 13.784613] kunit_try_run_case+0x1a5/0x480 [ 13.784636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.784657] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.784680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.784702] ? __kthread_parkme+0x82/0x180 [ 13.784721] ? preempt_count_sub+0x50/0x80 [ 13.784743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.784766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.784787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.784810] kthread+0x337/0x6f0 [ 13.784839] ? trace_preempt_on+0x20/0xc0 [ 13.784861] ? __pfx_kthread+0x10/0x10 [ 13.784880] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.784911] ? calculate_sigpending+0x7b/0xa0 [ 13.784934] ? __pfx_kthread+0x10/0x10 [ 13.784955] ret_from_fork+0x116/0x1d0 [ 13.784972] ? __pfx_kthread+0x10/0x10 [ 13.784992] ret_from_fork_asm+0x1a/0x30 [ 13.785021] </TASK> [ 13.785041] [ 13.797409] Allocated by task 282: [ 13.797773] kasan_save_stack+0x45/0x70 [ 13.797992] kasan_save_track+0x18/0x40 [ 13.798300] kasan_save_alloc_info+0x3b/0x50 [ 13.798494] __kasan_kmalloc+0xb7/0xc0 [ 13.798626] __kmalloc_cache_noprof+0x189/0x420 [ 13.799124] kasan_atomics+0x95/0x310 [ 13.799310] kunit_try_run_case+0x1a5/0x480 [ 13.799459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.799740] kthread+0x337/0x6f0 [ 13.799908] ret_from_fork+0x116/0x1d0 [ 13.800165] ret_from_fork_asm+0x1a/0x30 [ 13.800314] [ 13.800389] The buggy address belongs to the object at ffff888103916a00 [ 13.800389] which belongs to the cache kmalloc-64 of size 64 [ 13.800928] The buggy address is located 0 bytes to the right of [ 13.800928] allocated 48-byte region [ffff888103916a00, ffff888103916a30) [ 13.801504] [ 13.801604] The buggy address belongs to the physical page: [ 13.801841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103916 [ 13.802316] flags: 0x200000000000000(node=0|zone=2) [ 13.802584] page_type: f5(slab) [ 13.802738] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.803132] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.803430] page dumped because: kasan: bad access detected [ 13.803655] [ 13.803757] Memory state around the buggy address: [ 13.803996] ffff888103916900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.804309] ffff888103916980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.804665] >ffff888103916a00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.804971] ^ [ 13.805305] ffff888103916a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.805626] ffff888103916b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.805935] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 13.706815] ================================================================== [ 13.707255] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.707636] Read of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.708049] [ 13.708175] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.708240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.708252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.708272] Call Trace: [ 13.708287] <TASK> [ 13.708301] dump_stack_lvl+0x73/0xb0 [ 13.708329] print_report+0xd1/0x650 [ 13.708352] ? __virt_addr_valid+0x1db/0x2d0 [ 13.708374] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.708420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.708442] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.708468] kasan_report+0x141/0x180 [ 13.708489] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.708521] kasan_check_range+0x10c/0x1c0 [ 13.708544] __kasan_check_read+0x15/0x20 [ 13.708563] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.708589] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.708616] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.708662] ? finish_task_switch.isra.0+0x156/0x700 [ 13.708684] ? kasan_bitops_generic+0x92/0x1c0 [ 13.708710] kasan_bitops_generic+0x121/0x1c0 [ 13.708734] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.708757] ? __pfx_read_tsc+0x10/0x10 [ 13.708777] ? ktime_get_ts64+0x86/0x230 [ 13.708800] kunit_try_run_case+0x1a5/0x480 [ 13.708823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.708844] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.708867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.708890] ? __kthread_parkme+0x82/0x180 [ 13.708910] ? preempt_count_sub+0x50/0x80 [ 13.708932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.708956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.708979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.709002] kthread+0x337/0x6f0 [ 13.709021] ? trace_preempt_on+0x20/0xc0 [ 13.709055] ? __pfx_kthread+0x10/0x10 [ 13.709075] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.709095] ? calculate_sigpending+0x7b/0xa0 [ 13.709118] ? __pfx_kthread+0x10/0x10 [ 13.709158] ret_from_fork+0x116/0x1d0 [ 13.709177] ? __pfx_kthread+0x10/0x10 [ 13.709197] ret_from_fork_asm+0x1a/0x30 [ 13.709227] </TASK> [ 13.709237] [ 13.717124] Allocated by task 278: [ 13.717322] kasan_save_stack+0x45/0x70 [ 13.717487] kasan_save_track+0x18/0x40 [ 13.717627] kasan_save_alloc_info+0x3b/0x50 [ 13.717782] __kasan_kmalloc+0xb7/0xc0 [ 13.717978] __kmalloc_cache_noprof+0x189/0x420 [ 13.718232] kasan_bitops_generic+0x92/0x1c0 [ 13.718460] kunit_try_run_case+0x1a5/0x480 [ 13.718667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.718858] kthread+0x337/0x6f0 [ 13.718980] ret_from_fork+0x116/0x1d0 [ 13.719204] ret_from_fork_asm+0x1a/0x30 [ 13.719421] [ 13.719515] The buggy address belongs to the object at ffff8881027a1100 [ 13.719515] which belongs to the cache kmalloc-16 of size 16 [ 13.719883] The buggy address is located 8 bytes inside of [ 13.719883] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.720344] [ 13.720463] The buggy address belongs to the physical page: [ 13.720731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.721149] flags: 0x200000000000000(node=0|zone=2) [ 13.721384] page_type: f5(slab) [ 13.721567] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.721801] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.722085] page dumped because: kasan: bad access detected [ 13.722358] [ 13.722474] Memory state around the buggy address: [ 13.722701] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.723000] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.723270] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.723537] ^ [ 13.723709] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.724059] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.724374] ================================================================== [ 13.621375] ================================================================== [ 13.621721] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.622129] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.622444] [ 13.622552] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.622593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.622605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.622625] Call Trace: [ 13.622639] <TASK> [ 13.622652] dump_stack_lvl+0x73/0xb0 [ 13.622677] print_report+0xd1/0x650 [ 13.622699] ? __virt_addr_valid+0x1db/0x2d0 [ 13.622721] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.622747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.622769] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.622797] kasan_report+0x141/0x180 [ 13.622817] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.622848] kasan_check_range+0x10c/0x1c0 [ 13.622871] __kasan_check_write+0x18/0x20 [ 13.622889] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.622915] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.622942] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.622965] ? finish_task_switch.isra.0+0x156/0x700 [ 13.622987] ? kasan_bitops_generic+0x92/0x1c0 [ 13.623014] kasan_bitops_generic+0x121/0x1c0 [ 13.623436] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.623467] ? __pfx_read_tsc+0x10/0x10 [ 13.623489] ? ktime_get_ts64+0x86/0x230 [ 13.623512] kunit_try_run_case+0x1a5/0x480 [ 13.623536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.623557] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.623579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.623602] ? __kthread_parkme+0x82/0x180 [ 13.623620] ? preempt_count_sub+0x50/0x80 [ 13.623642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.623665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.623688] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.623710] kthread+0x337/0x6f0 [ 13.623729] ? trace_preempt_on+0x20/0xc0 [ 13.623752] ? __pfx_kthread+0x10/0x10 [ 13.623771] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.623792] ? calculate_sigpending+0x7b/0xa0 [ 13.623814] ? __pfx_kthread+0x10/0x10 [ 13.623835] ret_from_fork+0x116/0x1d0 [ 13.623854] ? __pfx_kthread+0x10/0x10 [ 13.623876] ret_from_fork_asm+0x1a/0x30 [ 13.623905] </TASK> [ 13.623915] [ 13.631567] Allocated by task 278: [ 13.631747] kasan_save_stack+0x45/0x70 [ 13.631950] kasan_save_track+0x18/0x40 [ 13.632183] kasan_save_alloc_info+0x3b/0x50 [ 13.632366] __kasan_kmalloc+0xb7/0xc0 [ 13.632547] __kmalloc_cache_noprof+0x189/0x420 [ 13.632740] kasan_bitops_generic+0x92/0x1c0 [ 13.632933] kunit_try_run_case+0x1a5/0x480 [ 13.633123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.633367] kthread+0x337/0x6f0 [ 13.633506] ret_from_fork+0x116/0x1d0 [ 13.633670] ret_from_fork_asm+0x1a/0x30 [ 13.633850] [ 13.633926] The buggy address belongs to the object at ffff8881027a1100 [ 13.633926] which belongs to the cache kmalloc-16 of size 16 [ 13.634446] The buggy address is located 8 bytes inside of [ 13.634446] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.634823] [ 13.634893] The buggy address belongs to the physical page: [ 13.635082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.635346] flags: 0x200000000000000(node=0|zone=2) [ 13.635574] page_type: f5(slab) [ 13.635736] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.636072] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.636429] page dumped because: kasan: bad access detected [ 13.636679] [ 13.636763] Memory state around the buggy address: [ 13.636915] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.637158] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.637374] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.637671] ^ [ 13.637845] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.638205] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.638525] ================================================================== [ 13.585783] ================================================================== [ 13.586435] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.586835] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.587155] [ 13.587267] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.587308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.587320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.587340] Call Trace: [ 13.587352] <TASK> [ 13.587366] dump_stack_lvl+0x73/0xb0 [ 13.587391] print_report+0xd1/0x650 [ 13.587413] ? __virt_addr_valid+0x1db/0x2d0 [ 13.587434] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.587460] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.587482] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.587508] kasan_report+0x141/0x180 [ 13.587529] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.587560] kasan_check_range+0x10c/0x1c0 [ 13.587583] __kasan_check_write+0x18/0x20 [ 13.587602] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.587628] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.587654] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.587679] ? finish_task_switch.isra.0+0x156/0x700 [ 13.587700] ? kasan_bitops_generic+0x92/0x1c0 [ 13.587727] kasan_bitops_generic+0x121/0x1c0 [ 13.587750] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.587774] ? __pfx_read_tsc+0x10/0x10 [ 13.587794] ? ktime_get_ts64+0x86/0x230 [ 13.587817] kunit_try_run_case+0x1a5/0x480 [ 13.587839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.587861] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.587884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.587906] ? __kthread_parkme+0x82/0x180 [ 13.587926] ? preempt_count_sub+0x50/0x80 [ 13.587948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.587971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.587994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.588017] kthread+0x337/0x6f0 [ 13.588046] ? trace_preempt_on+0x20/0xc0 [ 13.588068] ? __pfx_kthread+0x10/0x10 [ 13.588088] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.588108] ? calculate_sigpending+0x7b/0xa0 [ 13.588150] ? __pfx_kthread+0x10/0x10 [ 13.588173] ret_from_fork+0x116/0x1d0 [ 13.588190] ? __pfx_kthread+0x10/0x10 [ 13.588210] ret_from_fork_asm+0x1a/0x30 [ 13.588239] </TASK> [ 13.588250] [ 13.595833] Allocated by task 278: [ 13.596011] kasan_save_stack+0x45/0x70 [ 13.596247] kasan_save_track+0x18/0x40 [ 13.596441] kasan_save_alloc_info+0x3b/0x50 [ 13.596660] __kasan_kmalloc+0xb7/0xc0 [ 13.596834] __kmalloc_cache_noprof+0x189/0x420 [ 13.597044] kasan_bitops_generic+0x92/0x1c0 [ 13.597271] kunit_try_run_case+0x1a5/0x480 [ 13.597445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.597689] kthread+0x337/0x6f0 [ 13.597838] ret_from_fork+0x116/0x1d0 [ 13.598001] ret_from_fork_asm+0x1a/0x30 [ 13.598220] [ 13.598299] The buggy address belongs to the object at ffff8881027a1100 [ 13.598299] which belongs to the cache kmalloc-16 of size 16 [ 13.598757] The buggy address is located 8 bytes inside of [ 13.598757] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.599260] [ 13.599356] The buggy address belongs to the physical page: [ 13.599582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.599849] flags: 0x200000000000000(node=0|zone=2) [ 13.600084] page_type: f5(slab) [ 13.600259] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.600524] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.600750] page dumped because: kasan: bad access detected [ 13.600920] [ 13.600989] Memory state around the buggy address: [ 13.601202] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.601535] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.601851] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.602196] ^ [ 13.602374] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.602623] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.602837] ================================================================== [ 13.603639] ================================================================== [ 13.603989] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.604461] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.604799] [ 13.604903] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.604945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.604957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.604978] Call Trace: [ 13.604992] <TASK> [ 13.605008] dump_stack_lvl+0x73/0xb0 [ 13.605043] print_report+0xd1/0x650 [ 13.605065] ? __virt_addr_valid+0x1db/0x2d0 [ 13.605087] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.605113] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.605155] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.605184] kasan_report+0x141/0x180 [ 13.605205] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.605236] kasan_check_range+0x10c/0x1c0 [ 13.605260] __kasan_check_write+0x18/0x20 [ 13.605278] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.605305] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.605333] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.605357] ? finish_task_switch.isra.0+0x156/0x700 [ 13.605378] ? kasan_bitops_generic+0x92/0x1c0 [ 13.605404] kasan_bitops_generic+0x121/0x1c0 [ 13.605427] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.605451] ? __pfx_read_tsc+0x10/0x10 [ 13.605472] ? ktime_get_ts64+0x86/0x230 [ 13.605494] kunit_try_run_case+0x1a5/0x480 [ 13.605518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.605539] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.605560] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.605583] ? __kthread_parkme+0x82/0x180 [ 13.605601] ? preempt_count_sub+0x50/0x80 [ 13.605623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.605648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.605670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.605693] kthread+0x337/0x6f0 [ 13.605713] ? trace_preempt_on+0x20/0xc0 [ 13.605734] ? __pfx_kthread+0x10/0x10 [ 13.605755] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.605775] ? calculate_sigpending+0x7b/0xa0 [ 13.605799] ? __pfx_kthread+0x10/0x10 [ 13.605820] ret_from_fork+0x116/0x1d0 [ 13.605838] ? __pfx_kthread+0x10/0x10 [ 13.605859] ret_from_fork_asm+0x1a/0x30 [ 13.605890] </TASK> [ 13.605900] [ 13.613558] Allocated by task 278: [ 13.613687] kasan_save_stack+0x45/0x70 [ 13.613894] kasan_save_track+0x18/0x40 [ 13.614100] kasan_save_alloc_info+0x3b/0x50 [ 13.614333] __kasan_kmalloc+0xb7/0xc0 [ 13.614522] __kmalloc_cache_noprof+0x189/0x420 [ 13.614742] kasan_bitops_generic+0x92/0x1c0 [ 13.614955] kunit_try_run_case+0x1a5/0x480 [ 13.615176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.615352] kthread+0x337/0x6f0 [ 13.615472] ret_from_fork+0x116/0x1d0 [ 13.615603] ret_from_fork_asm+0x1a/0x30 [ 13.615787] [ 13.615879] The buggy address belongs to the object at ffff8881027a1100 [ 13.615879] which belongs to the cache kmalloc-16 of size 16 [ 13.616426] The buggy address is located 8 bytes inside of [ 13.616426] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.616802] [ 13.616897] The buggy address belongs to the physical page: [ 13.617186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.617495] flags: 0x200000000000000(node=0|zone=2) [ 13.617657] page_type: f5(slab) [ 13.617776] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.618009] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.618321] page dumped because: kasan: bad access detected [ 13.618578] [ 13.618672] Memory state around the buggy address: [ 13.618904] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.619271] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.619588] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.619913] ^ [ 13.620096] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.620408] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.620684] ================================================================== [ 13.565961] ================================================================== [ 13.566538] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.566821] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.567153] [ 13.567262] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.567303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.567314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.567334] Call Trace: [ 13.567347] <TASK> [ 13.567361] dump_stack_lvl+0x73/0xb0 [ 13.567386] print_report+0xd1/0x650 [ 13.567407] ? __virt_addr_valid+0x1db/0x2d0 [ 13.567429] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.567455] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.567477] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.567504] kasan_report+0x141/0x180 [ 13.567524] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.567555] kasan_check_range+0x10c/0x1c0 [ 13.567578] __kasan_check_write+0x18/0x20 [ 13.567597] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.567623] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.567650] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.567674] ? finish_task_switch.isra.0+0x156/0x700 [ 13.567695] ? kasan_bitops_generic+0x92/0x1c0 [ 13.567721] kasan_bitops_generic+0x121/0x1c0 [ 13.567744] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.567767] ? __pfx_read_tsc+0x10/0x10 [ 13.567788] ? ktime_get_ts64+0x86/0x230 [ 13.567809] kunit_try_run_case+0x1a5/0x480 [ 13.567831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.567853] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.567875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.567897] ? __kthread_parkme+0x82/0x180 [ 13.567917] ? preempt_count_sub+0x50/0x80 [ 13.567939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.567963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.567985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.568008] kthread+0x337/0x6f0 [ 13.568037] ? trace_preempt_on+0x20/0xc0 [ 13.568059] ? __pfx_kthread+0x10/0x10 [ 13.568079] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.568100] ? calculate_sigpending+0x7b/0xa0 [ 13.568123] ? __pfx_kthread+0x10/0x10 [ 13.568163] ret_from_fork+0x116/0x1d0 [ 13.568181] ? __pfx_kthread+0x10/0x10 [ 13.568201] ret_from_fork_asm+0x1a/0x30 [ 13.568230] </TASK> [ 13.568241] [ 13.575937] Allocated by task 278: [ 13.576362] kasan_save_stack+0x45/0x70 [ 13.577098] kasan_save_track+0x18/0x40 [ 13.577309] kasan_save_alloc_info+0x3b/0x50 [ 13.577520] __kasan_kmalloc+0xb7/0xc0 [ 13.577709] __kmalloc_cache_noprof+0x189/0x420 [ 13.577932] kasan_bitops_generic+0x92/0x1c0 [ 13.578412] kunit_try_run_case+0x1a5/0x480 [ 13.578807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.579257] kthread+0x337/0x6f0 [ 13.579559] ret_from_fork+0x116/0x1d0 [ 13.579850] ret_from_fork_asm+0x1a/0x30 [ 13.580250] [ 13.580505] The buggy address belongs to the object at ffff8881027a1100 [ 13.580505] which belongs to the cache kmalloc-16 of size 16 [ 13.580998] The buggy address is located 8 bytes inside of [ 13.580998] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.581483] [ 13.581563] The buggy address belongs to the physical page: [ 13.581808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.582093] flags: 0x200000000000000(node=0|zone=2) [ 13.582357] page_type: f5(slab) [ 13.582531] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.582816] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.583153] page dumped because: kasan: bad access detected [ 13.583346] [ 13.583438] Memory state around the buggy address: [ 13.583646] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.583925] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.584241] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.584521] ^ [ 13.584673] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.584966] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.585288] ================================================================== [ 13.679574] ================================================================== [ 13.679889] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.680960] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.681487] [ 13.681739] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.681917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.681933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.681955] Call Trace: [ 13.681978] <TASK> [ 13.681993] dump_stack_lvl+0x73/0xb0 [ 13.682024] print_report+0xd1/0x650 [ 13.682057] ? __virt_addr_valid+0x1db/0x2d0 [ 13.682078] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.682103] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.682126] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.682155] kasan_report+0x141/0x180 [ 13.682178] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.682209] kasan_check_range+0x10c/0x1c0 [ 13.682231] __kasan_check_write+0x18/0x20 [ 13.682250] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.682276] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.682303] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.682326] ? finish_task_switch.isra.0+0x156/0x700 [ 13.682347] ? kasan_bitops_generic+0x92/0x1c0 [ 13.682373] kasan_bitops_generic+0x121/0x1c0 [ 13.682395] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.682419] ? __pfx_read_tsc+0x10/0x10 [ 13.682439] ? ktime_get_ts64+0x86/0x230 [ 13.682461] kunit_try_run_case+0x1a5/0x480 [ 13.682484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.682505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.682527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.682549] ? __kthread_parkme+0x82/0x180 [ 13.682568] ? preempt_count_sub+0x50/0x80 [ 13.682590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.682613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.682636] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.682659] kthread+0x337/0x6f0 [ 13.682677] ? trace_preempt_on+0x20/0xc0 [ 13.682700] ? __pfx_kthread+0x10/0x10 [ 13.682720] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.682740] ? calculate_sigpending+0x7b/0xa0 [ 13.682763] ? __pfx_kthread+0x10/0x10 [ 13.682785] ret_from_fork+0x116/0x1d0 [ 13.682802] ? __pfx_kthread+0x10/0x10 [ 13.682822] ret_from_fork_asm+0x1a/0x30 [ 13.682851] </TASK> [ 13.682863] [ 13.695562] Allocated by task 278: [ 13.695886] kasan_save_stack+0x45/0x70 [ 13.696326] kasan_save_track+0x18/0x40 [ 13.696709] kasan_save_alloc_info+0x3b/0x50 [ 13.697018] __kasan_kmalloc+0xb7/0xc0 [ 13.697381] __kmalloc_cache_noprof+0x189/0x420 [ 13.697728] kasan_bitops_generic+0x92/0x1c0 [ 13.698057] kunit_try_run_case+0x1a5/0x480 [ 13.698301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.698543] kthread+0x337/0x6f0 [ 13.698707] ret_from_fork+0x116/0x1d0 [ 13.698885] ret_from_fork_asm+0x1a/0x30 [ 13.699085] [ 13.699530] The buggy address belongs to the object at ffff8881027a1100 [ 13.699530] which belongs to the cache kmalloc-16 of size 16 [ 13.700605] The buggy address is located 8 bytes inside of [ 13.700605] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.701641] [ 13.701721] The buggy address belongs to the physical page: [ 13.701889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.702136] flags: 0x200000000000000(node=0|zone=2) [ 13.702723] page_type: f5(slab) [ 13.702865] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.703121] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.703357] page dumped because: kasan: bad access detected [ 13.703531] [ 13.703604] Memory state around the buggy address: [ 13.703758] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.703971] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.704277] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.704591] ^ [ 13.704812] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.705182] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.705524] ================================================================== [ 13.725324] ================================================================== [ 13.725635] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.725957] Read of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.726365] [ 13.726474] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.726514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.726548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.726566] Call Trace: [ 13.726579] <TASK> [ 13.726594] dump_stack_lvl+0x73/0xb0 [ 13.726620] print_report+0xd1/0x650 [ 13.726641] ? __virt_addr_valid+0x1db/0x2d0 [ 13.726662] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.726687] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.726728] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.726754] kasan_report+0x141/0x180 [ 13.726777] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.726808] __asan_report_load8_noabort+0x18/0x20 [ 13.726831] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.726857] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.726885] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.726923] ? finish_task_switch.isra.0+0x156/0x700 [ 13.726944] ? kasan_bitops_generic+0x92/0x1c0 [ 13.726971] kasan_bitops_generic+0x121/0x1c0 [ 13.726993] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.727019] ? __pfx_read_tsc+0x10/0x10 [ 13.727049] ? ktime_get_ts64+0x86/0x230 [ 13.727076] kunit_try_run_case+0x1a5/0x480 [ 13.727098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.727120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.727163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.727205] ? __kthread_parkme+0x82/0x180 [ 13.727226] ? preempt_count_sub+0x50/0x80 [ 13.727248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.727271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.727293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.727315] kthread+0x337/0x6f0 [ 13.727334] ? trace_preempt_on+0x20/0xc0 [ 13.727356] ? __pfx_kthread+0x10/0x10 [ 13.727376] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.727396] ? calculate_sigpending+0x7b/0xa0 [ 13.727419] ? __pfx_kthread+0x10/0x10 [ 13.727440] ret_from_fork+0x116/0x1d0 [ 13.727457] ? __pfx_kthread+0x10/0x10 [ 13.727477] ret_from_fork_asm+0x1a/0x30 [ 13.727505] </TASK> [ 13.727517] [ 13.735459] Allocated by task 278: [ 13.735613] kasan_save_stack+0x45/0x70 [ 13.735760] kasan_save_track+0x18/0x40 [ 13.735926] kasan_save_alloc_info+0x3b/0x50 [ 13.736175] __kasan_kmalloc+0xb7/0xc0 [ 13.736364] __kmalloc_cache_noprof+0x189/0x420 [ 13.736611] kasan_bitops_generic+0x92/0x1c0 [ 13.736762] kunit_try_run_case+0x1a5/0x480 [ 13.736905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.737211] kthread+0x337/0x6f0 [ 13.737383] ret_from_fork+0x116/0x1d0 [ 13.737570] ret_from_fork_asm+0x1a/0x30 [ 13.737753] [ 13.737865] The buggy address belongs to the object at ffff8881027a1100 [ 13.737865] which belongs to the cache kmalloc-16 of size 16 [ 13.738345] The buggy address is located 8 bytes inside of [ 13.738345] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.738694] [ 13.738782] The buggy address belongs to the physical page: [ 13.739070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.739477] flags: 0x200000000000000(node=0|zone=2) [ 13.739715] page_type: f5(slab) [ 13.739902] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.740273] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.740545] page dumped because: kasan: bad access detected [ 13.740801] [ 13.740921] Memory state around the buggy address: [ 13.741163] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.741473] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.741779] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.742074] ^ [ 13.742245] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.742549] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.742856] ================================================================== [ 13.657292] ================================================================== [ 13.657657] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.658291] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.658595] [ 13.658679] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.658722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.658735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.658754] Call Trace: [ 13.658769] <TASK> [ 13.658783] dump_stack_lvl+0x73/0xb0 [ 13.658809] print_report+0xd1/0x650 [ 13.658830] ? __virt_addr_valid+0x1db/0x2d0 [ 13.658852] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.658878] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.658900] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.658926] kasan_report+0x141/0x180 [ 13.658949] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.658979] kasan_check_range+0x10c/0x1c0 [ 13.659002] __kasan_check_write+0x18/0x20 [ 13.659021] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.659066] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.659093] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.659117] ? finish_task_switch.isra.0+0x156/0x700 [ 13.659159] ? kasan_bitops_generic+0x92/0x1c0 [ 13.659186] kasan_bitops_generic+0x121/0x1c0 [ 13.659209] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.659233] ? __pfx_read_tsc+0x10/0x10 [ 13.659253] ? ktime_get_ts64+0x86/0x230 [ 13.659275] kunit_try_run_case+0x1a5/0x480 [ 13.659297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.659319] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.659341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.659363] ? __kthread_parkme+0x82/0x180 [ 13.659383] ? preempt_count_sub+0x50/0x80 [ 13.659407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.659430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.659451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.659475] kthread+0x337/0x6f0 [ 13.659494] ? trace_preempt_on+0x20/0xc0 [ 13.659518] ? __pfx_kthread+0x10/0x10 [ 13.659537] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.659558] ? calculate_sigpending+0x7b/0xa0 [ 13.659580] ? __pfx_kthread+0x10/0x10 [ 13.659602] ret_from_fork+0x116/0x1d0 [ 13.659620] ? __pfx_kthread+0x10/0x10 [ 13.659641] ret_from_fork_asm+0x1a/0x30 [ 13.659670] </TASK> [ 13.659680] [ 13.667296] Allocated by task 278: [ 13.667424] kasan_save_stack+0x45/0x70 [ 13.667565] kasan_save_track+0x18/0x40 [ 13.667700] kasan_save_alloc_info+0x3b/0x50 [ 13.667885] __kasan_kmalloc+0xb7/0xc0 [ 13.668075] __kmalloc_cache_noprof+0x189/0x420 [ 13.668322] kasan_bitops_generic+0x92/0x1c0 [ 13.668533] kunit_try_run_case+0x1a5/0x480 [ 13.668737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.668987] kthread+0x337/0x6f0 [ 13.670240] ret_from_fork+0x116/0x1d0 [ 13.670397] ret_from_fork_asm+0x1a/0x30 [ 13.670861] [ 13.671084] The buggy address belongs to the object at ffff8881027a1100 [ 13.671084] which belongs to the cache kmalloc-16 of size 16 [ 13.672095] The buggy address is located 8 bytes inside of [ 13.672095] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.672581] [ 13.672654] The buggy address belongs to the physical page: [ 13.672828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.673420] flags: 0x200000000000000(node=0|zone=2) [ 13.673854] page_type: f5(slab) [ 13.673981] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.674463] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.675248] page dumped because: kasan: bad access detected [ 13.675950] [ 13.676124] Memory state around the buggy address: [ 13.676780] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.677363] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.677583] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.677792] ^ [ 13.677911] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.678472] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.678903] ================================================================== [ 13.639542] ================================================================== [ 13.639890] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.640336] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.640624] [ 13.640730] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.640768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.640779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.640799] Call Trace: [ 13.640813] <TASK> [ 13.640827] dump_stack_lvl+0x73/0xb0 [ 13.640853] print_report+0xd1/0x650 [ 13.640874] ? __virt_addr_valid+0x1db/0x2d0 [ 13.640895] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.640921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.640942] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.640968] kasan_report+0x141/0x180 [ 13.640989] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.641020] kasan_check_range+0x10c/0x1c0 [ 13.641053] __kasan_check_write+0x18/0x20 [ 13.641072] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.641098] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.641125] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.641169] ? finish_task_switch.isra.0+0x156/0x700 [ 13.641190] ? kasan_bitops_generic+0x92/0x1c0 [ 13.641216] kasan_bitops_generic+0x121/0x1c0 [ 13.641240] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.641264] ? __pfx_read_tsc+0x10/0x10 [ 13.641285] ? ktime_get_ts64+0x86/0x230 [ 13.641307] kunit_try_run_case+0x1a5/0x480 [ 13.641330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.641351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.641373] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.641394] ? __kthread_parkme+0x82/0x180 [ 13.641413] ? preempt_count_sub+0x50/0x80 [ 13.641435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.641458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.641479] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.641502] kthread+0x337/0x6f0 [ 13.641520] ? trace_preempt_on+0x20/0xc0 [ 13.641541] ? __pfx_kthread+0x10/0x10 [ 13.641562] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.641582] ? calculate_sigpending+0x7b/0xa0 [ 13.641604] ? __pfx_kthread+0x10/0x10 [ 13.641625] ret_from_fork+0x116/0x1d0 [ 13.641643] ? __pfx_kthread+0x10/0x10 [ 13.641662] ret_from_fork_asm+0x1a/0x30 [ 13.641691] </TASK> [ 13.641702] [ 13.649412] Allocated by task 278: [ 13.649549] kasan_save_stack+0x45/0x70 [ 13.649705] kasan_save_track+0x18/0x40 [ 13.649899] kasan_save_alloc_info+0x3b/0x50 [ 13.650125] __kasan_kmalloc+0xb7/0xc0 [ 13.650341] __kmalloc_cache_noprof+0x189/0x420 [ 13.650566] kasan_bitops_generic+0x92/0x1c0 [ 13.650764] kunit_try_run_case+0x1a5/0x480 [ 13.650941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.651194] kthread+0x337/0x6f0 [ 13.651321] ret_from_fork+0x116/0x1d0 [ 13.651503] ret_from_fork_asm+0x1a/0x30 [ 13.651690] [ 13.651773] The buggy address belongs to the object at ffff8881027a1100 [ 13.651773] which belongs to the cache kmalloc-16 of size 16 [ 13.652265] The buggy address is located 8 bytes inside of [ 13.652265] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.652736] [ 13.652819] The buggy address belongs to the physical page: [ 13.653050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.653409] flags: 0x200000000000000(node=0|zone=2) [ 13.653630] page_type: f5(slab) [ 13.653779] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.654089] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.654410] page dumped because: kasan: bad access detected [ 13.654633] [ 13.654719] Memory state around the buggy address: [ 13.654872] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.655104] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.655346] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.655558] ^ [ 13.655735] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.656056] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.656387] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 13.513502] ================================================================== [ 13.513822] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.514100] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.514323] [ 13.514431] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.514473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.514485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.514505] Call Trace: [ 13.514517] <TASK> [ 13.514532] dump_stack_lvl+0x73/0xb0 [ 13.514556] print_report+0xd1/0x650 [ 13.514577] ? __virt_addr_valid+0x1db/0x2d0 [ 13.514598] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.514623] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.514644] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.514668] kasan_report+0x141/0x180 [ 13.514689] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.514719] kasan_check_range+0x10c/0x1c0 [ 13.514742] __kasan_check_write+0x18/0x20 [ 13.514761] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.514785] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.514811] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.514834] ? finish_task_switch.isra.0+0x156/0x700 [ 13.514855] ? kasan_bitops_generic+0x92/0x1c0 [ 13.514883] kasan_bitops_generic+0x116/0x1c0 [ 13.514905] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.514930] ? __pfx_read_tsc+0x10/0x10 [ 13.514949] ? ktime_get_ts64+0x86/0x230 [ 13.514972] kunit_try_run_case+0x1a5/0x480 [ 13.514993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.515015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.515079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.515101] ? __kthread_parkme+0x82/0x180 [ 13.515121] ? preempt_count_sub+0x50/0x80 [ 13.515162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.515185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.515207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.515229] kthread+0x337/0x6f0 [ 13.515248] ? trace_preempt_on+0x20/0xc0 [ 13.515269] ? __pfx_kthread+0x10/0x10 [ 13.515290] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.515310] ? calculate_sigpending+0x7b/0xa0 [ 13.515333] ? __pfx_kthread+0x10/0x10 [ 13.515354] ret_from_fork+0x116/0x1d0 [ 13.515372] ? __pfx_kthread+0x10/0x10 [ 13.515392] ret_from_fork_asm+0x1a/0x30 [ 13.515421] </TASK> [ 13.515432] [ 13.523237] Allocated by task 278: [ 13.523401] kasan_save_stack+0x45/0x70 [ 13.523565] kasan_save_track+0x18/0x40 [ 13.523744] kasan_save_alloc_info+0x3b/0x50 [ 13.523894] __kasan_kmalloc+0xb7/0xc0 [ 13.524035] __kmalloc_cache_noprof+0x189/0x420 [ 13.524215] kasan_bitops_generic+0x92/0x1c0 [ 13.524392] kunit_try_run_case+0x1a5/0x480 [ 13.524569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.524797] kthread+0x337/0x6f0 [ 13.524963] ret_from_fork+0x116/0x1d0 [ 13.525105] ret_from_fork_asm+0x1a/0x30 [ 13.525263] [ 13.525334] The buggy address belongs to the object at ffff8881027a1100 [ 13.525334] which belongs to the cache kmalloc-16 of size 16 [ 13.525787] The buggy address is located 8 bytes inside of [ 13.525787] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.526341] [ 13.526412] The buggy address belongs to the physical page: [ 13.526583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.526821] flags: 0x200000000000000(node=0|zone=2) [ 13.526983] page_type: f5(slab) [ 13.527188] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.527536] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.527879] page dumped because: kasan: bad access detected [ 13.528160] [ 13.528256] Memory state around the buggy address: [ 13.528490] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.528808] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.529150] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.529385] ^ [ 13.529505] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.529753] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.530087] ================================================================== [ 13.493938] ================================================================== [ 13.494811] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.495238] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.495520] [ 13.495630] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.495670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.495682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.495703] Call Trace: [ 13.495716] <TASK> [ 13.495731] dump_stack_lvl+0x73/0xb0 [ 13.495756] print_report+0xd1/0x650 [ 13.495778] ? __virt_addr_valid+0x1db/0x2d0 [ 13.495799] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.495824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.495846] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.495872] kasan_report+0x141/0x180 [ 13.495892] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.495922] kasan_check_range+0x10c/0x1c0 [ 13.495945] __kasan_check_write+0x18/0x20 [ 13.495964] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.495988] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.496015] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.496051] ? finish_task_switch.isra.0+0x156/0x700 [ 13.496073] ? kasan_bitops_generic+0x92/0x1c0 [ 13.496100] kasan_bitops_generic+0x116/0x1c0 [ 13.496122] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.496147] ? __pfx_read_tsc+0x10/0x10 [ 13.496167] ? ktime_get_ts64+0x86/0x230 [ 13.496190] kunit_try_run_case+0x1a5/0x480 [ 13.496213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.496234] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.496257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.496279] ? __kthread_parkme+0x82/0x180 [ 13.496299] ? preempt_count_sub+0x50/0x80 [ 13.496321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.496344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.496366] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.496388] kthread+0x337/0x6f0 [ 13.496407] ? trace_preempt_on+0x20/0xc0 [ 13.496429] ? __pfx_kthread+0x10/0x10 [ 13.496449] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.496470] ? calculate_sigpending+0x7b/0xa0 [ 13.496492] ? __pfx_kthread+0x10/0x10 [ 13.496513] ret_from_fork+0x116/0x1d0 [ 13.496530] ? __pfx_kthread+0x10/0x10 [ 13.496550] ret_from_fork_asm+0x1a/0x30 [ 13.496579] </TASK> [ 13.496590] [ 13.504392] Allocated by task 278: [ 13.504585] kasan_save_stack+0x45/0x70 [ 13.504749] kasan_save_track+0x18/0x40 [ 13.504938] kasan_save_alloc_info+0x3b/0x50 [ 13.505124] __kasan_kmalloc+0xb7/0xc0 [ 13.505294] __kmalloc_cache_noprof+0x189/0x420 [ 13.505522] kasan_bitops_generic+0x92/0x1c0 [ 13.505690] kunit_try_run_case+0x1a5/0x480 [ 13.505836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.506008] kthread+0x337/0x6f0 [ 13.506139] ret_from_fork+0x116/0x1d0 [ 13.506270] ret_from_fork_asm+0x1a/0x30 [ 13.506407] [ 13.506477] The buggy address belongs to the object at ffff8881027a1100 [ 13.506477] which belongs to the cache kmalloc-16 of size 16 [ 13.506826] The buggy address is located 8 bytes inside of [ 13.506826] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.507934] [ 13.508049] The buggy address belongs to the physical page: [ 13.508298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.508644] flags: 0x200000000000000(node=0|zone=2) [ 13.508945] page_type: f5(slab) [ 13.509125] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.509475] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.509767] page dumped because: kasan: bad access detected [ 13.509939] [ 13.510010] Memory state around the buggy address: [ 13.510210] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.510537] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.510852] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.511246] ^ [ 13.511425] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.511686] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.511941] ================================================================== [ 13.457159] ================================================================== [ 13.457511] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.458253] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.458477] [ 13.458559] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.458598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.458610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.458631] Call Trace: [ 13.458644] <TASK> [ 13.458657] dump_stack_lvl+0x73/0xb0 [ 13.458684] print_report+0xd1/0x650 [ 13.458706] ? __virt_addr_valid+0x1db/0x2d0 [ 13.458727] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.458751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.458773] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.458799] kasan_report+0x141/0x180 [ 13.458821] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.458850] kasan_check_range+0x10c/0x1c0 [ 13.458873] __kasan_check_write+0x18/0x20 [ 13.458892] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.458916] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.458942] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.458966] ? finish_task_switch.isra.0+0x156/0x700 [ 13.458987] ? kasan_bitops_generic+0x92/0x1c0 [ 13.459014] kasan_bitops_generic+0x116/0x1c0 [ 13.459049] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.459077] ? __pfx_read_tsc+0x10/0x10 [ 13.459097] ? ktime_get_ts64+0x86/0x230 [ 13.459120] kunit_try_run_case+0x1a5/0x480 [ 13.459143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.459164] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.459186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.459211] ? __kthread_parkme+0x82/0x180 [ 13.459230] ? preempt_count_sub+0x50/0x80 [ 13.459252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.459275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.459299] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.459335] kthread+0x337/0x6f0 [ 13.459354] ? trace_preempt_on+0x20/0xc0 [ 13.459376] ? __pfx_kthread+0x10/0x10 [ 13.459396] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.459416] ? calculate_sigpending+0x7b/0xa0 [ 13.459439] ? __pfx_kthread+0x10/0x10 [ 13.459460] ret_from_fork+0x116/0x1d0 [ 13.459477] ? __pfx_kthread+0x10/0x10 [ 13.459497] ret_from_fork_asm+0x1a/0x30 [ 13.459526] </TASK> [ 13.459537] [ 13.467259] Allocated by task 278: [ 13.467437] kasan_save_stack+0x45/0x70 [ 13.467578] kasan_save_track+0x18/0x40 [ 13.467711] kasan_save_alloc_info+0x3b/0x50 [ 13.467857] __kasan_kmalloc+0xb7/0xc0 [ 13.467989] __kmalloc_cache_noprof+0x189/0x420 [ 13.468285] kasan_bitops_generic+0x92/0x1c0 [ 13.468497] kunit_try_run_case+0x1a5/0x480 [ 13.468709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.468965] kthread+0x337/0x6f0 [ 13.469146] ret_from_fork+0x116/0x1d0 [ 13.469343] ret_from_fork_asm+0x1a/0x30 [ 13.469503] [ 13.469573] The buggy address belongs to the object at ffff8881027a1100 [ 13.469573] which belongs to the cache kmalloc-16 of size 16 [ 13.469963] The buggy address is located 8 bytes inside of [ 13.469963] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.471035] [ 13.471113] The buggy address belongs to the physical page: [ 13.471285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.471522] flags: 0x200000000000000(node=0|zone=2) [ 13.471681] page_type: f5(slab) [ 13.471936] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.472476] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.472744] page dumped because: kasan: bad access detected [ 13.472916] [ 13.472984] Memory state around the buggy address: [ 13.473148] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.473469] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.473789] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.474114] ^ [ 13.474423] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.474690] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.474901] ================================================================== [ 13.438923] ================================================================== [ 13.439624] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.439956] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.440318] [ 13.440411] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.440452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.440463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.440483] Call Trace: [ 13.440494] <TASK> [ 13.440507] dump_stack_lvl+0x73/0xb0 [ 13.440531] print_report+0xd1/0x650 [ 13.440552] ? __virt_addr_valid+0x1db/0x2d0 [ 13.440574] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.440599] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.440620] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.440646] kasan_report+0x141/0x180 [ 13.440667] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.440697] kasan_check_range+0x10c/0x1c0 [ 13.440719] __kasan_check_write+0x18/0x20 [ 13.440738] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.440763] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.440789] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.440813] ? finish_task_switch.isra.0+0x156/0x700 [ 13.440835] ? kasan_bitops_generic+0x92/0x1c0 [ 13.440861] kasan_bitops_generic+0x116/0x1c0 [ 13.440884] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.440908] ? __pfx_read_tsc+0x10/0x10 [ 13.440928] ? ktime_get_ts64+0x86/0x230 [ 13.440951] kunit_try_run_case+0x1a5/0x480 [ 13.440974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.440996] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.441018] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.441053] ? __kthread_parkme+0x82/0x180 [ 13.441073] ? preempt_count_sub+0x50/0x80 [ 13.441095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.441118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.441140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.441176] kthread+0x337/0x6f0 [ 13.441195] ? trace_preempt_on+0x20/0xc0 [ 13.441218] ? __pfx_kthread+0x10/0x10 [ 13.441238] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.441259] ? calculate_sigpending+0x7b/0xa0 [ 13.441281] ? __pfx_kthread+0x10/0x10 [ 13.441301] ret_from_fork+0x116/0x1d0 [ 13.441319] ? __pfx_kthread+0x10/0x10 [ 13.441338] ret_from_fork_asm+0x1a/0x30 [ 13.441367] </TASK> [ 13.441378] [ 13.449363] Allocated by task 278: [ 13.449590] kasan_save_stack+0x45/0x70 [ 13.449769] kasan_save_track+0x18/0x40 [ 13.449905] kasan_save_alloc_info+0x3b/0x50 [ 13.450136] __kasan_kmalloc+0xb7/0xc0 [ 13.450337] __kmalloc_cache_noprof+0x189/0x420 [ 13.450556] kasan_bitops_generic+0x92/0x1c0 [ 13.450751] kunit_try_run_case+0x1a5/0x480 [ 13.450908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.451172] kthread+0x337/0x6f0 [ 13.451313] ret_from_fork+0x116/0x1d0 [ 13.451494] ret_from_fork_asm+0x1a/0x30 [ 13.451659] [ 13.451743] The buggy address belongs to the object at ffff8881027a1100 [ 13.451743] which belongs to the cache kmalloc-16 of size 16 [ 13.452101] The buggy address is located 8 bytes inside of [ 13.452101] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.452448] [ 13.452518] The buggy address belongs to the physical page: [ 13.452687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.452921] flags: 0x200000000000000(node=0|zone=2) [ 13.453164] page_type: f5(slab) [ 13.453334] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.453671] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.454001] page dumped because: kasan: bad access detected [ 13.454309] [ 13.454399] Memory state around the buggy address: [ 13.454623] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.454937] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.455420] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.455636] ^ [ 13.455757] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.455969] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.456294] ================================================================== [ 13.421285] ================================================================== [ 13.421726] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.422074] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.422434] [ 13.422564] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.422608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.422620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.422642] Call Trace: [ 13.422654] <TASK> [ 13.422668] dump_stack_lvl+0x73/0xb0 [ 13.422694] print_report+0xd1/0x650 [ 13.422716] ? __virt_addr_valid+0x1db/0x2d0 [ 13.422737] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.422761] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.422782] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.422807] kasan_report+0x141/0x180 [ 13.422828] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.422857] kasan_check_range+0x10c/0x1c0 [ 13.422880] __kasan_check_write+0x18/0x20 [ 13.422899] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.422924] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.422949] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.422973] ? finish_task_switch.isra.0+0x156/0x700 [ 13.422996] ? kasan_bitops_generic+0x92/0x1c0 [ 13.423022] kasan_bitops_generic+0x116/0x1c0 [ 13.423061] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.423086] ? __pfx_read_tsc+0x10/0x10 [ 13.423106] ? ktime_get_ts64+0x86/0x230 [ 13.423129] kunit_try_run_case+0x1a5/0x480 [ 13.423152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.423173] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.423195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.423217] ? __kthread_parkme+0x82/0x180 [ 13.423237] ? preempt_count_sub+0x50/0x80 [ 13.423274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.423298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.423319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.423342] kthread+0x337/0x6f0 [ 13.423361] ? trace_preempt_on+0x20/0xc0 [ 13.423383] ? __pfx_kthread+0x10/0x10 [ 13.423404] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.423424] ? calculate_sigpending+0x7b/0xa0 [ 13.423448] ? __pfx_kthread+0x10/0x10 [ 13.423469] ret_from_fork+0x116/0x1d0 [ 13.423486] ? __pfx_kthread+0x10/0x10 [ 13.423506] ret_from_fork_asm+0x1a/0x30 [ 13.423535] </TASK> [ 13.423546] [ 13.431233] Allocated by task 278: [ 13.431392] kasan_save_stack+0x45/0x70 [ 13.431581] kasan_save_track+0x18/0x40 [ 13.431745] kasan_save_alloc_info+0x3b/0x50 [ 13.431932] __kasan_kmalloc+0xb7/0xc0 [ 13.432119] __kmalloc_cache_noprof+0x189/0x420 [ 13.432335] kasan_bitops_generic+0x92/0x1c0 [ 13.432496] kunit_try_run_case+0x1a5/0x480 [ 13.432641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.432896] kthread+0x337/0x6f0 [ 13.433074] ret_from_fork+0x116/0x1d0 [ 13.433310] ret_from_fork_asm+0x1a/0x30 [ 13.433455] [ 13.433543] The buggy address belongs to the object at ffff8881027a1100 [ 13.433543] which belongs to the cache kmalloc-16 of size 16 [ 13.434067] The buggy address is located 8 bytes inside of [ 13.434067] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.434539] [ 13.434614] The buggy address belongs to the physical page: [ 13.434785] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.435023] flags: 0x200000000000000(node=0|zone=2) [ 13.435324] page_type: f5(slab) [ 13.435491] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.435828] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.436182] page dumped because: kasan: bad access detected [ 13.436415] [ 13.436489] Memory state around the buggy address: [ 13.436644] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.436858] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.437165] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.437479] ^ [ 13.437653] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.437973] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.438282] ================================================================== [ 13.530974] ================================================================== [ 13.531382] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.531680] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.531952] [ 13.532042] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.532081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.532092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.532112] Call Trace: [ 13.532126] <TASK> [ 13.532160] dump_stack_lvl+0x73/0xb0 [ 13.532187] print_report+0xd1/0x650 [ 13.532209] ? __virt_addr_valid+0x1db/0x2d0 [ 13.532232] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.532257] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.532279] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.532304] kasan_report+0x141/0x180 [ 13.532325] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.532354] kasan_check_range+0x10c/0x1c0 [ 13.532377] __kasan_check_write+0x18/0x20 [ 13.532396] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.532420] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.532446] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.532469] ? finish_task_switch.isra.0+0x156/0x700 [ 13.532490] ? kasan_bitops_generic+0x92/0x1c0 [ 13.532516] kasan_bitops_generic+0x116/0x1c0 [ 13.532538] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.532562] ? __pfx_read_tsc+0x10/0x10 [ 13.532583] ? ktime_get_ts64+0x86/0x230 [ 13.532604] kunit_try_run_case+0x1a5/0x480 [ 13.532627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.532648] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.532669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.532691] ? __kthread_parkme+0x82/0x180 [ 13.532711] ? preempt_count_sub+0x50/0x80 [ 13.532733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.532756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.532777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.532800] kthread+0x337/0x6f0 [ 13.532819] ? trace_preempt_on+0x20/0xc0 [ 13.532840] ? __pfx_kthread+0x10/0x10 [ 13.532861] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.532881] ? calculate_sigpending+0x7b/0xa0 [ 13.532904] ? __pfx_kthread+0x10/0x10 [ 13.532926] ret_from_fork+0x116/0x1d0 [ 13.532943] ? __pfx_kthread+0x10/0x10 [ 13.532963] ret_from_fork_asm+0x1a/0x30 [ 13.532991] </TASK> [ 13.533002] [ 13.540653] Allocated by task 278: [ 13.540826] kasan_save_stack+0x45/0x70 [ 13.540978] kasan_save_track+0x18/0x40 [ 13.541124] kasan_save_alloc_info+0x3b/0x50 [ 13.541292] __kasan_kmalloc+0xb7/0xc0 [ 13.541482] __kmalloc_cache_noprof+0x189/0x420 [ 13.541704] kasan_bitops_generic+0x92/0x1c0 [ 13.541914] kunit_try_run_case+0x1a5/0x480 [ 13.542160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.542416] kthread+0x337/0x6f0 [ 13.542582] ret_from_fork+0x116/0x1d0 [ 13.542740] ret_from_fork_asm+0x1a/0x30 [ 13.542878] [ 13.542948] The buggy address belongs to the object at ffff8881027a1100 [ 13.542948] which belongs to the cache kmalloc-16 of size 16 [ 13.543385] The buggy address is located 8 bytes inside of [ 13.543385] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.543907] [ 13.544003] The buggy address belongs to the physical page: [ 13.544282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.544551] flags: 0x200000000000000(node=0|zone=2) [ 13.544712] page_type: f5(slab) [ 13.544830] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.545119] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.545481] page dumped because: kasan: bad access detected [ 13.545728] [ 13.545820] Memory state around the buggy address: [ 13.546051] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.546390] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.546675] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.546955] ^ [ 13.547122] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.547413] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.547703] ================================================================== [ 13.475391] ================================================================== [ 13.475901] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.476633] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.476929] [ 13.477011] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.477067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.477131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.477164] Call Trace: [ 13.477178] <TASK> [ 13.477194] dump_stack_lvl+0x73/0xb0 [ 13.477224] print_report+0xd1/0x650 [ 13.477246] ? __virt_addr_valid+0x1db/0x2d0 [ 13.477269] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.477294] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.477316] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.477341] kasan_report+0x141/0x180 [ 13.477363] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.477392] kasan_check_range+0x10c/0x1c0 [ 13.477415] __kasan_check_write+0x18/0x20 [ 13.477435] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.477461] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.477487] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.477511] ? finish_task_switch.isra.0+0x156/0x700 [ 13.477532] ? kasan_bitops_generic+0x92/0x1c0 [ 13.477558] kasan_bitops_generic+0x116/0x1c0 [ 13.477581] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.477606] ? __pfx_read_tsc+0x10/0x10 [ 13.477626] ? ktime_get_ts64+0x86/0x230 [ 13.477649] kunit_try_run_case+0x1a5/0x480 [ 13.477673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.477694] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.477716] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.477738] ? __kthread_parkme+0x82/0x180 [ 13.477758] ? preempt_count_sub+0x50/0x80 [ 13.477780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.477802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.477825] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.477848] kthread+0x337/0x6f0 [ 13.477866] ? trace_preempt_on+0x20/0xc0 [ 13.477888] ? __pfx_kthread+0x10/0x10 [ 13.477908] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.477928] ? calculate_sigpending+0x7b/0xa0 [ 13.477952] ? __pfx_kthread+0x10/0x10 [ 13.477973] ret_from_fork+0x116/0x1d0 [ 13.477991] ? __pfx_kthread+0x10/0x10 [ 13.478010] ret_from_fork_asm+0x1a/0x30 [ 13.478052] </TASK> [ 13.478062] [ 13.485958] Allocated by task 278: [ 13.486134] kasan_save_stack+0x45/0x70 [ 13.486336] kasan_save_track+0x18/0x40 [ 13.486533] kasan_save_alloc_info+0x3b/0x50 [ 13.486743] __kasan_kmalloc+0xb7/0xc0 [ 13.486913] __kmalloc_cache_noprof+0x189/0x420 [ 13.487108] kasan_bitops_generic+0x92/0x1c0 [ 13.487396] kunit_try_run_case+0x1a5/0x480 [ 13.487585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.487802] kthread+0x337/0x6f0 [ 13.487924] ret_from_fork+0x116/0x1d0 [ 13.488064] ret_from_fork_asm+0x1a/0x30 [ 13.488346] [ 13.488441] The buggy address belongs to the object at ffff8881027a1100 [ 13.488441] which belongs to the cache kmalloc-16 of size 16 [ 13.488977] The buggy address is located 8 bytes inside of [ 13.488977] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.489482] [ 13.489581] The buggy address belongs to the physical page: [ 13.489797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.490043] flags: 0x200000000000000(node=0|zone=2) [ 13.490205] page_type: f5(slab) [ 13.490324] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.490580] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.490949] page dumped because: kasan: bad access detected [ 13.491215] [ 13.491307] Memory state around the buggy address: [ 13.491525] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.491837] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.492063] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.492599] ^ [ 13.492770] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.493072] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.493405] ================================================================== [ 13.548654] ================================================================== [ 13.549007] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.549389] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.549717] [ 13.549803] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.549844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.549860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.549880] Call Trace: [ 13.549894] <TASK> [ 13.549908] dump_stack_lvl+0x73/0xb0 [ 13.549935] print_report+0xd1/0x650 [ 13.549957] ? __virt_addr_valid+0x1db/0x2d0 [ 13.549978] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.550003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.550037] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.550063] kasan_report+0x141/0x180 [ 13.550086] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.550116] kasan_check_range+0x10c/0x1c0 [ 13.550159] __kasan_check_write+0x18/0x20 [ 13.550178] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.550205] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.550231] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.550254] ? finish_task_switch.isra.0+0x156/0x700 [ 13.550276] ? kasan_bitops_generic+0x92/0x1c0 [ 13.550302] kasan_bitops_generic+0x116/0x1c0 [ 13.550325] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.550349] ? __pfx_read_tsc+0x10/0x10 [ 13.550369] ? ktime_get_ts64+0x86/0x230 [ 13.550392] kunit_try_run_case+0x1a5/0x480 [ 13.550414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.550435] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.550457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.550479] ? __kthread_parkme+0x82/0x180 [ 13.550498] ? preempt_count_sub+0x50/0x80 [ 13.550520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.550543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.550564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.550586] kthread+0x337/0x6f0 [ 13.550605] ? trace_preempt_on+0x20/0xc0 [ 13.550627] ? __pfx_kthread+0x10/0x10 [ 13.550647] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.550667] ? calculate_sigpending+0x7b/0xa0 [ 13.550689] ? __pfx_kthread+0x10/0x10 [ 13.550709] ret_from_fork+0x116/0x1d0 [ 13.550727] ? __pfx_kthread+0x10/0x10 [ 13.550747] ret_from_fork_asm+0x1a/0x30 [ 13.550777] </TASK> [ 13.550787] [ 13.558290] Allocated by task 278: [ 13.558464] kasan_save_stack+0x45/0x70 [ 13.558664] kasan_save_track+0x18/0x40 [ 13.558852] kasan_save_alloc_info+0x3b/0x50 [ 13.559070] __kasan_kmalloc+0xb7/0xc0 [ 13.559283] __kmalloc_cache_noprof+0x189/0x420 [ 13.559472] kasan_bitops_generic+0x92/0x1c0 [ 13.559677] kunit_try_run_case+0x1a5/0x480 [ 13.559828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.560003] kthread+0x337/0x6f0 [ 13.560149] ret_from_fork+0x116/0x1d0 [ 13.560320] ret_from_fork_asm+0x1a/0x30 [ 13.560519] [ 13.560613] The buggy address belongs to the object at ffff8881027a1100 [ 13.560613] which belongs to the cache kmalloc-16 of size 16 [ 13.561128] The buggy address is located 8 bytes inside of [ 13.561128] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.561592] [ 13.561687] The buggy address belongs to the physical page: [ 13.561893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.562242] flags: 0x200000000000000(node=0|zone=2) [ 13.562440] page_type: f5(slab) [ 13.562590] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.562893] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.563225] page dumped because: kasan: bad access detected [ 13.563440] [ 13.563508] Memory state around the buggy address: [ 13.563672] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.563898] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.564195] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.564507] ^ [ 13.564679] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.564991] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.565333] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 13.397066] ================================================================== [ 13.397650] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 13.397938] Read of size 1 at addr ffff888103124410 by task kunit_try_catch/276 [ 13.398355] [ 13.398460] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.398504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.398517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.398537] Call Trace: [ 13.398551] <TASK> [ 13.398567] dump_stack_lvl+0x73/0xb0 [ 13.398591] print_report+0xd1/0x650 [ 13.398612] ? __virt_addr_valid+0x1db/0x2d0 [ 13.398634] ? strnlen+0x73/0x80 [ 13.398650] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.398671] ? strnlen+0x73/0x80 [ 13.398689] kasan_report+0x141/0x180 [ 13.398709] ? strnlen+0x73/0x80 [ 13.398730] __asan_report_load1_noabort+0x18/0x20 [ 13.398754] strnlen+0x73/0x80 [ 13.398771] kasan_strings+0x615/0xe80 [ 13.398790] ? trace_hardirqs_on+0x37/0xe0 [ 13.398811] ? __pfx_kasan_strings+0x10/0x10 [ 13.398831] ? finish_task_switch.isra.0+0x153/0x700 [ 13.398851] ? __switch_to+0x47/0xf50 [ 13.398874] ? __schedule+0x10cc/0x2b60 [ 13.398895] ? __pfx_read_tsc+0x10/0x10 [ 13.398915] ? ktime_get_ts64+0x86/0x230 [ 13.398937] kunit_try_run_case+0x1a5/0x480 [ 13.398960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.398982] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.399003] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.399036] ? __kthread_parkme+0x82/0x180 [ 13.399059] ? preempt_count_sub+0x50/0x80 [ 13.399081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.399104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.399126] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.399149] kthread+0x337/0x6f0 [ 13.399167] ? trace_preempt_on+0x20/0xc0 [ 13.399188] ? __pfx_kthread+0x10/0x10 [ 13.399208] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.399227] ? calculate_sigpending+0x7b/0xa0 [ 13.399249] ? __pfx_kthread+0x10/0x10 [ 13.399270] ret_from_fork+0x116/0x1d0 [ 13.399286] ? __pfx_kthread+0x10/0x10 [ 13.399305] ret_from_fork_asm+0x1a/0x30 [ 13.399335] </TASK> [ 13.399345] [ 13.406480] Allocated by task 276: [ 13.406657] kasan_save_stack+0x45/0x70 [ 13.406814] kasan_save_track+0x18/0x40 [ 13.406997] kasan_save_alloc_info+0x3b/0x50 [ 13.407256] __kasan_kmalloc+0xb7/0xc0 [ 13.407431] __kmalloc_cache_noprof+0x189/0x420 [ 13.407605] kasan_strings+0xc0/0xe80 [ 13.407737] kunit_try_run_case+0x1a5/0x480 [ 13.407879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.408070] kthread+0x337/0x6f0 [ 13.408247] ret_from_fork+0x116/0x1d0 [ 13.408433] ret_from_fork_asm+0x1a/0x30 [ 13.408625] [ 13.408715] Freed by task 276: [ 13.408864] kasan_save_stack+0x45/0x70 [ 13.408998] kasan_save_track+0x18/0x40 [ 13.409247] kasan_save_free_info+0x3f/0x60 [ 13.409454] __kasan_slab_free+0x56/0x70 [ 13.409605] kfree+0x222/0x3f0 [ 13.409721] kasan_strings+0x2aa/0xe80 [ 13.409851] kunit_try_run_case+0x1a5/0x480 [ 13.410074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.410557] kthread+0x337/0x6f0 [ 13.410723] ret_from_fork+0x116/0x1d0 [ 13.410882] ret_from_fork_asm+0x1a/0x30 [ 13.411065] [ 13.411143] The buggy address belongs to the object at ffff888103124400 [ 13.411143] which belongs to the cache kmalloc-32 of size 32 [ 13.411642] The buggy address is located 16 bytes inside of [ 13.411642] freed 32-byte region [ffff888103124400, ffff888103124420) [ 13.412089] [ 13.412172] The buggy address belongs to the physical page: [ 13.412344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103124 [ 13.412581] flags: 0x200000000000000(node=0|zone=2) [ 13.412740] page_type: f5(slab) [ 13.412858] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.413095] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.413318] page dumped because: kasan: bad access detected [ 13.413486] [ 13.413555] Memory state around the buggy address: [ 13.413707] ffff888103124300: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.414202] ffff888103124380: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.414516] >ffff888103124400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.414829] ^ [ 13.415010] ffff888103124480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.415336] ffff888103124500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.415645] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 13.378275] ================================================================== [ 13.378575] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 13.378800] Read of size 1 at addr ffff888103124410 by task kunit_try_catch/276 [ 13.379231] [ 13.379341] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.379381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.379393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.379414] Call Trace: [ 13.379427] <TASK> [ 13.379442] dump_stack_lvl+0x73/0xb0 [ 13.379467] print_report+0xd1/0x650 [ 13.379489] ? __virt_addr_valid+0x1db/0x2d0 [ 13.379510] ? strlen+0x8f/0xb0 [ 13.379526] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.379548] ? strlen+0x8f/0xb0 [ 13.379565] kasan_report+0x141/0x180 [ 13.379585] ? strlen+0x8f/0xb0 [ 13.379606] __asan_report_load1_noabort+0x18/0x20 [ 13.379630] strlen+0x8f/0xb0 [ 13.379647] kasan_strings+0x57b/0xe80 [ 13.379666] ? trace_hardirqs_on+0x37/0xe0 [ 13.379687] ? __pfx_kasan_strings+0x10/0x10 [ 13.379707] ? finish_task_switch.isra.0+0x153/0x700 [ 13.379727] ? __switch_to+0x47/0xf50 [ 13.379751] ? __schedule+0x10cc/0x2b60 [ 13.379772] ? __pfx_read_tsc+0x10/0x10 [ 13.379792] ? ktime_get_ts64+0x86/0x230 [ 13.379815] kunit_try_run_case+0x1a5/0x480 [ 13.379837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.379859] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.379880] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.379902] ? __kthread_parkme+0x82/0x180 [ 13.379921] ? preempt_count_sub+0x50/0x80 [ 13.379942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.379965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.379987] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.380010] kthread+0x337/0x6f0 [ 13.380040] ? trace_preempt_on+0x20/0xc0 [ 13.380061] ? __pfx_kthread+0x10/0x10 [ 13.380080] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.380099] ? calculate_sigpending+0x7b/0xa0 [ 13.380121] ? __pfx_kthread+0x10/0x10 [ 13.380141] ret_from_fork+0x116/0x1d0 [ 13.380158] ? __pfx_kthread+0x10/0x10 [ 13.380179] ret_from_fork_asm+0x1a/0x30 [ 13.380208] </TASK> [ 13.380218] [ 13.387352] Allocated by task 276: [ 13.387632] kasan_save_stack+0x45/0x70 [ 13.387771] kasan_save_track+0x18/0x40 [ 13.387905] kasan_save_alloc_info+0x3b/0x50 [ 13.388132] __kasan_kmalloc+0xb7/0xc0 [ 13.388331] __kmalloc_cache_noprof+0x189/0x420 [ 13.388562] kasan_strings+0xc0/0xe80 [ 13.388744] kunit_try_run_case+0x1a5/0x480 [ 13.388928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.389111] kthread+0x337/0x6f0 [ 13.389359] ret_from_fork+0x116/0x1d0 [ 13.389544] ret_from_fork_asm+0x1a/0x30 [ 13.389740] [ 13.389829] Freed by task 276: [ 13.389936] kasan_save_stack+0x45/0x70 [ 13.390135] kasan_save_track+0x18/0x40 [ 13.390325] kasan_save_free_info+0x3f/0x60 [ 13.390511] __kasan_slab_free+0x56/0x70 [ 13.390667] kfree+0x222/0x3f0 [ 13.390782] kasan_strings+0x2aa/0xe80 [ 13.390912] kunit_try_run_case+0x1a5/0x480 [ 13.391068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.391241] kthread+0x337/0x6f0 [ 13.391359] ret_from_fork+0x116/0x1d0 [ 13.391488] ret_from_fork_asm+0x1a/0x30 [ 13.391624] [ 13.391693] The buggy address belongs to the object at ffff888103124400 [ 13.391693] which belongs to the cache kmalloc-32 of size 32 [ 13.392228] The buggy address is located 16 bytes inside of [ 13.392228] freed 32-byte region [ffff888103124400, ffff888103124420) [ 13.392738] [ 13.392830] The buggy address belongs to the physical page: [ 13.393087] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103124 [ 13.393444] flags: 0x200000000000000(node=0|zone=2) [ 13.393609] page_type: f5(slab) [ 13.393729] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.393957] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.394191] page dumped because: kasan: bad access detected [ 13.394361] [ 13.394430] Memory state around the buggy address: [ 13.394583] ffff888103124300: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.394912] ffff888103124380: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.395324] >ffff888103124400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.395638] ^ [ 13.395827] ffff888103124480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.396179] ffff888103124500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.396504] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 13.359851] ================================================================== [ 13.360103] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 13.360460] Read of size 1 at addr ffff888103124410 by task kunit_try_catch/276 [ 13.360718] [ 13.360822] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.360863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.360875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.360894] Call Trace: [ 13.360908] <TASK> [ 13.360922] dump_stack_lvl+0x73/0xb0 [ 13.360949] print_report+0xd1/0x650 [ 13.360970] ? __virt_addr_valid+0x1db/0x2d0 [ 13.360991] ? kasan_strings+0xcbc/0xe80 [ 13.361011] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.361044] ? kasan_strings+0xcbc/0xe80 [ 13.361064] kasan_report+0x141/0x180 [ 13.361086] ? kasan_strings+0xcbc/0xe80 [ 13.361110] __asan_report_load1_noabort+0x18/0x20 [ 13.361134] kasan_strings+0xcbc/0xe80 [ 13.361152] ? trace_hardirqs_on+0x37/0xe0 [ 13.361175] ? __pfx_kasan_strings+0x10/0x10 [ 13.361194] ? finish_task_switch.isra.0+0x153/0x700 [ 13.361216] ? __switch_to+0x47/0xf50 [ 13.361240] ? __schedule+0x10cc/0x2b60 [ 13.361260] ? __pfx_read_tsc+0x10/0x10 [ 13.361280] ? ktime_get_ts64+0x86/0x230 [ 13.361303] kunit_try_run_case+0x1a5/0x480 [ 13.361325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.361346] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.361367] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.361390] ? __kthread_parkme+0x82/0x180 [ 13.361409] ? preempt_count_sub+0x50/0x80 [ 13.361430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.361453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.361475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.361497] kthread+0x337/0x6f0 [ 13.361515] ? trace_preempt_on+0x20/0xc0 [ 13.361536] ? __pfx_kthread+0x10/0x10 [ 13.361555] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.361574] ? calculate_sigpending+0x7b/0xa0 [ 13.361598] ? __pfx_kthread+0x10/0x10 [ 13.361617] ret_from_fork+0x116/0x1d0 [ 13.361635] ? __pfx_kthread+0x10/0x10 [ 13.361654] ret_from_fork_asm+0x1a/0x30 [ 13.361683] </TASK> [ 13.361693] [ 13.368505] Allocated by task 276: [ 13.368678] kasan_save_stack+0x45/0x70 [ 13.368813] kasan_save_track+0x18/0x40 [ 13.368942] kasan_save_alloc_info+0x3b/0x50 [ 13.369145] __kasan_kmalloc+0xb7/0xc0 [ 13.369327] __kmalloc_cache_noprof+0x189/0x420 [ 13.369549] kasan_strings+0xc0/0xe80 [ 13.369732] kunit_try_run_case+0x1a5/0x480 [ 13.369906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.370085] kthread+0x337/0x6f0 [ 13.370380] ret_from_fork+0x116/0x1d0 [ 13.370567] ret_from_fork_asm+0x1a/0x30 [ 13.370745] [ 13.370835] Freed by task 276: [ 13.370960] kasan_save_stack+0x45/0x70 [ 13.371129] kasan_save_track+0x18/0x40 [ 13.371320] kasan_save_free_info+0x3f/0x60 [ 13.371510] __kasan_slab_free+0x56/0x70 [ 13.371654] kfree+0x222/0x3f0 [ 13.371805] kasan_strings+0x2aa/0xe80 [ 13.371992] kunit_try_run_case+0x1a5/0x480 [ 13.372206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.372419] kthread+0x337/0x6f0 [ 13.372576] ret_from_fork+0x116/0x1d0 [ 13.372703] ret_from_fork_asm+0x1a/0x30 [ 13.372834] [ 13.372902] The buggy address belongs to the object at ffff888103124400 [ 13.372902] which belongs to the cache kmalloc-32 of size 32 [ 13.373301] The buggy address is located 16 bytes inside of [ 13.373301] freed 32-byte region [ffff888103124400, ffff888103124420) [ 13.373860] [ 13.373954] The buggy address belongs to the physical page: [ 13.374273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103124 [ 13.374529] flags: 0x200000000000000(node=0|zone=2) [ 13.374685] page_type: f5(slab) [ 13.374799] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.375060] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.375725] page dumped because: kasan: bad access detected [ 13.375940] [ 13.376045] Memory state around the buggy address: [ 13.376250] ffff888103124300: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.376532] ffff888103124380: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.376782] >ffff888103124400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.377064] ^ [ 13.377244] ffff888103124480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.377512] ffff888103124500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.377786] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 13.266346] ================================================================== [ 13.266810] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 13.267130] Read of size 1 at addr ffff8881039d7c4a by task kunit_try_catch/270 [ 13.267871] [ 13.268085] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.268131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.268199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.268220] Call Trace: [ 13.268233] <TASK> [ 13.268248] dump_stack_lvl+0x73/0xb0 [ 13.268286] print_report+0xd1/0x650 [ 13.268310] ? __virt_addr_valid+0x1db/0x2d0 [ 13.268349] ? kasan_alloca_oob_right+0x329/0x390 [ 13.268370] ? kasan_addr_to_slab+0x11/0xa0 [ 13.268391] ? kasan_alloca_oob_right+0x329/0x390 [ 13.268414] kasan_report+0x141/0x180 [ 13.268436] ? kasan_alloca_oob_right+0x329/0x390 [ 13.268463] __asan_report_load1_noabort+0x18/0x20 [ 13.268486] kasan_alloca_oob_right+0x329/0x390 [ 13.268527] ? __kasan_check_write+0x18/0x20 [ 13.268547] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.268569] ? finish_task_switch.isra.0+0x153/0x700 [ 13.268593] ? out_of_line_wait_on_bit_timeout+0x7e/0x190 [ 13.268620] ? trace_hardirqs_on+0x37/0xe0 [ 13.268644] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.268669] ? __schedule+0x10cc/0x2b60 [ 13.268690] ? __pfx_read_tsc+0x10/0x10 [ 13.268710] ? ktime_get_ts64+0x86/0x230 [ 13.268733] kunit_try_run_case+0x1a5/0x480 [ 13.268758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.268779] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.268801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.268823] ? __kthread_parkme+0x82/0x180 [ 13.268845] ? preempt_count_sub+0x50/0x80 [ 13.268868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.268891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.268913] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.268936] kthread+0x337/0x6f0 [ 13.268954] ? trace_preempt_on+0x20/0xc0 [ 13.268974] ? __pfx_kthread+0x10/0x10 [ 13.268996] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.269017] ? calculate_sigpending+0x7b/0xa0 [ 13.269067] ? __pfx_kthread+0x10/0x10 [ 13.269089] ret_from_fork+0x116/0x1d0 [ 13.269107] ? __pfx_kthread+0x10/0x10 [ 13.269127] ret_from_fork_asm+0x1a/0x30 [ 13.269167] </TASK> [ 13.269177] [ 13.283700] The buggy address belongs to stack of task kunit_try_catch/270 [ 13.283933] [ 13.284003] The buggy address belongs to the physical page: [ 13.284213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d7 [ 13.284710] flags: 0x200000000000000(node=0|zone=2) [ 13.284890] raw: 0200000000000000 ffffea00040e75c8 ffffea00040e75c8 0000000000000000 [ 13.285286] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.285984] page dumped because: kasan: bad access detected [ 13.286586] [ 13.286749] Memory state around the buggy address: [ 13.287401] ffff8881039d7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.288015] ffff8881039d7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.288609] >ffff8881039d7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.288828] ^ [ 13.289003] ffff8881039d7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.289303] ffff8881039d7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.289630] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 13.233944] ================================================================== [ 13.234363] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 13.234607] Read of size 1 at addr ffff888103a07c3f by task kunit_try_catch/268 [ 13.234828] [ 13.234910] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.234952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.234963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.234983] Call Trace: [ 13.234995] <TASK> [ 13.235008] dump_stack_lvl+0x73/0xb0 [ 13.235048] print_report+0xd1/0x650 [ 13.235079] ? __virt_addr_valid+0x1db/0x2d0 [ 13.235100] ? kasan_alloca_oob_left+0x320/0x380 [ 13.235121] ? kasan_addr_to_slab+0x11/0xa0 [ 13.235140] ? kasan_alloca_oob_left+0x320/0x380 [ 13.235161] kasan_report+0x141/0x180 [ 13.235184] ? kasan_alloca_oob_left+0x320/0x380 [ 13.235209] __asan_report_load1_noabort+0x18/0x20 [ 13.235231] kasan_alloca_oob_left+0x320/0x380 [ 13.235253] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.235273] ? finish_task_switch.isra.0+0x153/0x700 [ 13.235294] ? out_of_line_wait_on_bit_timeout+0x7e/0x190 [ 13.235319] ? trace_hardirqs_on+0x37/0xe0 [ 13.235342] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.235366] ? __schedule+0x10cc/0x2b60 [ 13.235386] ? __pfx_read_tsc+0x10/0x10 [ 13.235406] ? ktime_get_ts64+0x86/0x230 [ 13.235429] kunit_try_run_case+0x1a5/0x480 [ 13.235452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.235473] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.235494] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.235516] ? __kthread_parkme+0x82/0x180 [ 13.235536] ? preempt_count_sub+0x50/0x80 [ 13.235558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.235581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.235603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.235625] kthread+0x337/0x6f0 [ 13.235643] ? trace_preempt_on+0x20/0xc0 [ 13.235664] ? __pfx_kthread+0x10/0x10 [ 13.235684] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.235703] ? calculate_sigpending+0x7b/0xa0 [ 13.235726] ? __pfx_kthread+0x10/0x10 [ 13.235745] ret_from_fork+0x116/0x1d0 [ 13.235763] ? __pfx_kthread+0x10/0x10 [ 13.235782] ret_from_fork_asm+0x1a/0x30 [ 13.235811] </TASK> [ 13.235821] [ 13.255167] The buggy address belongs to stack of task kunit_try_catch/268 [ 13.255864] [ 13.255944] The buggy address belongs to the physical page: [ 13.256317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a07 [ 13.257286] flags: 0x200000000000000(node=0|zone=2) [ 13.257859] raw: 0200000000000000 ffffea00040e81c8 ffffea00040e81c8 0000000000000000 [ 13.258460] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.258696] page dumped because: kasan: bad access detected [ 13.258867] [ 13.258938] Memory state around the buggy address: [ 13.259137] ffff888103a07b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.259628] ffff888103a07b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.260475] >ffff888103a07c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.260790] ^ [ 13.261363] ffff888103a07c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.261725] ffff888103a07d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.262177] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 13.214001] ================================================================== [ 13.214664] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 13.214961] Read of size 1 at addr ffff8881039d7d02 by task kunit_try_catch/266 [ 13.215301] [ 13.215440] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.215484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.215496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.215517] Call Trace: [ 13.215532] <TASK> [ 13.215549] dump_stack_lvl+0x73/0xb0 [ 13.215579] print_report+0xd1/0x650 [ 13.215602] ? __virt_addr_valid+0x1db/0x2d0 [ 13.215626] ? kasan_stack_oob+0x2b5/0x300 [ 13.215645] ? kasan_addr_to_slab+0x11/0xa0 [ 13.215665] ? kasan_stack_oob+0x2b5/0x300 [ 13.215685] kasan_report+0x141/0x180 [ 13.215707] ? kasan_stack_oob+0x2b5/0x300 [ 13.215731] __asan_report_load1_noabort+0x18/0x20 [ 13.215755] kasan_stack_oob+0x2b5/0x300 [ 13.215775] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.215794] ? finish_task_switch.isra.0+0x153/0x700 [ 13.215816] ? __switch_to+0x47/0xf50 [ 13.215842] ? __schedule+0x10cc/0x2b60 [ 13.215872] ? __pfx_read_tsc+0x10/0x10 [ 13.215893] ? ktime_get_ts64+0x86/0x230 [ 13.215918] kunit_try_run_case+0x1a5/0x480 [ 13.215942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.215964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.215987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.216009] ? __kthread_parkme+0x82/0x180 [ 13.216041] ? preempt_count_sub+0x50/0x80 [ 13.216072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.216095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.216118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.216141] kthread+0x337/0x6f0 [ 13.216166] ? trace_preempt_on+0x20/0xc0 [ 13.216189] ? __pfx_kthread+0x10/0x10 [ 13.216209] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.216229] ? calculate_sigpending+0x7b/0xa0 [ 13.216253] ? __pfx_kthread+0x10/0x10 [ 13.216274] ret_from_fork+0x116/0x1d0 [ 13.216292] ? __pfx_kthread+0x10/0x10 [ 13.216313] ret_from_fork_asm+0x1a/0x30 [ 13.216344] </TASK> [ 13.216355] [ 13.223753] The buggy address belongs to stack of task kunit_try_catch/266 [ 13.224047] and is located at offset 138 in frame: [ 13.224423] kasan_stack_oob+0x0/0x300 [ 13.224756] [ 13.224864] This frame has 4 objects: [ 13.225190] [48, 49) '__assertion' [ 13.225219] [64, 72) 'array' [ 13.225410] [96, 112) '__assertion' [ 13.225589] [128, 138) 'stack_array' [ 13.225790] [ 13.226131] The buggy address belongs to the physical page: [ 13.226408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d7 [ 13.226745] flags: 0x200000000000000(node=0|zone=2) [ 13.226994] raw: 0200000000000000 ffffea00040e75c8 ffffea00040e75c8 0000000000000000 [ 13.227619] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.227854] page dumped because: kasan: bad access detected [ 13.228094] [ 13.228197] Memory state around the buggy address: [ 13.228426] ffff8881039d7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.228782] ffff8881039d7c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 13.229054] >ffff8881039d7d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.230104] ^ [ 13.230370] ffff8881039d7d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 13.230868] ffff8881039d7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.231430] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 13.190933] ================================================================== [ 13.191678] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 13.191993] Read of size 1 at addr ffffffff8f061e8d by task kunit_try_catch/262 [ 13.192368] [ 13.192505] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.192550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.192563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.192583] Call Trace: [ 13.192596] <TASK> [ 13.192609] dump_stack_lvl+0x73/0xb0 [ 13.192636] print_report+0xd1/0x650 [ 13.192659] ? __virt_addr_valid+0x1db/0x2d0 [ 13.192681] ? kasan_global_oob_right+0x286/0x2d0 [ 13.192702] ? kasan_addr_to_slab+0x11/0xa0 [ 13.192722] ? kasan_global_oob_right+0x286/0x2d0 [ 13.192743] kasan_report+0x141/0x180 [ 13.192764] ? kasan_global_oob_right+0x286/0x2d0 [ 13.192790] __asan_report_load1_noabort+0x18/0x20 [ 13.192813] kasan_global_oob_right+0x286/0x2d0 [ 13.192834] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.192858] ? __schedule+0x10cc/0x2b60 [ 13.192880] ? __pfx_read_tsc+0x10/0x10 [ 13.192901] ? ktime_get_ts64+0x86/0x230 [ 13.192923] kunit_try_run_case+0x1a5/0x480 [ 13.192945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.192967] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.192989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.193012] ? __kthread_parkme+0x82/0x180 [ 13.193046] ? preempt_count_sub+0x50/0x80 [ 13.193068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.193092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.193114] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.193137] kthread+0x337/0x6f0 [ 13.193213] ? trace_preempt_on+0x20/0xc0 [ 13.193240] ? __pfx_kthread+0x10/0x10 [ 13.193260] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.193281] ? calculate_sigpending+0x7b/0xa0 [ 13.193304] ? __pfx_kthread+0x10/0x10 [ 13.193325] ret_from_fork+0x116/0x1d0 [ 13.193343] ? __pfx_kthread+0x10/0x10 [ 13.193362] ret_from_fork_asm+0x1a/0x30 [ 13.193392] </TASK> [ 13.193403] [ 13.201184] The buggy address belongs to the variable: [ 13.201653] global_array+0xd/0x40 [ 13.201994] [ 13.202301] The buggy address belongs to the physical page: [ 13.202787] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x121c61 [ 13.203580] flags: 0x200000000002000(reserved|node=0|zone=2) [ 13.204470] raw: 0200000000002000 ffffea0004871848 ffffea0004871848 0000000000000000 [ 13.205170] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.206122] page dumped because: kasan: bad access detected [ 13.206606] [ 13.206762] Memory state around the buggy address: [ 13.207016] ffffffff8f061d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.207550] ffffffff8f061e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.208246] >ffffffff8f061e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 13.208664] ^ [ 13.208788] ffffffff8f061f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 13.209003] ffffffff8f061f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 13.209260] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 13.139268] ================================================================== [ 13.139772] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.140173] Free of addr ffff888103917201 by task kunit_try_catch/258 [ 13.140609] [ 13.140722] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.140766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.140778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.140799] Call Trace: [ 13.140810] <TASK> [ 13.140826] dump_stack_lvl+0x73/0xb0 [ 13.140854] print_report+0xd1/0x650 [ 13.140876] ? __virt_addr_valid+0x1db/0x2d0 [ 13.140901] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.140923] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.140948] kasan_report_invalid_free+0x10a/0x130 [ 13.140972] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.140998] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.141021] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.141099] check_slab_allocation+0x11f/0x130 [ 13.141120] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.141144] mempool_free+0x2ec/0x380 [ 13.141167] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.141192] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.141216] ? update_load_avg+0x1be/0x21b0 [ 13.141240] ? update_load_avg+0x1be/0x21b0 [ 13.141261] ? update_curr+0x80/0x810 [ 13.141283] ? finish_task_switch.isra.0+0x153/0x700 [ 13.141307] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.141329] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.141355] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.141377] ? __pfx_mempool_kfree+0x10/0x10 [ 13.141401] ? __pfx_read_tsc+0x10/0x10 [ 13.141422] ? ktime_get_ts64+0x86/0x230 [ 13.141445] kunit_try_run_case+0x1a5/0x480 [ 13.141469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.141491] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.141513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.141535] ? __kthread_parkme+0x82/0x180 [ 13.141556] ? preempt_count_sub+0x50/0x80 [ 13.141578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.141602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.141626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.141650] kthread+0x337/0x6f0 [ 13.141670] ? trace_preempt_on+0x20/0xc0 [ 13.141694] ? __pfx_kthread+0x10/0x10 [ 13.141714] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.141734] ? calculate_sigpending+0x7b/0xa0 [ 13.141758] ? __pfx_kthread+0x10/0x10 [ 13.141779] ret_from_fork+0x116/0x1d0 [ 13.141797] ? __pfx_kthread+0x10/0x10 [ 13.141816] ret_from_fork_asm+0x1a/0x30 [ 13.141846] </TASK> [ 13.141858] [ 13.154278] Allocated by task 258: [ 13.154481] kasan_save_stack+0x45/0x70 [ 13.154684] kasan_save_track+0x18/0x40 [ 13.154904] kasan_save_alloc_info+0x3b/0x50 [ 13.155163] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.155334] remove_element+0x11e/0x190 [ 13.155469] mempool_alloc_preallocated+0x4d/0x90 [ 13.155802] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 13.156205] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.156521] kunit_try_run_case+0x1a5/0x480 [ 13.156695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.156871] kthread+0x337/0x6f0 [ 13.157099] ret_from_fork+0x116/0x1d0 [ 13.157620] ret_from_fork_asm+0x1a/0x30 [ 13.157829] [ 13.157926] The buggy address belongs to the object at ffff888103917200 [ 13.157926] which belongs to the cache kmalloc-128 of size 128 [ 13.158527] The buggy address is located 1 bytes inside of [ 13.158527] 128-byte region [ffff888103917200, ffff888103917280) [ 13.159079] [ 13.159231] The buggy address belongs to the physical page: [ 13.159478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103917 [ 13.159823] flags: 0x200000000000000(node=0|zone=2) [ 13.160098] page_type: f5(slab) [ 13.160301] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.160622] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.160983] page dumped because: kasan: bad access detected [ 13.161289] [ 13.161392] Memory state around the buggy address: [ 13.161548] ffff888103917100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.161762] ffff888103917180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.162376] >ffff888103917200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.162956] ^ [ 13.163154] ffff888103917280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.163752] ffff888103917300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.164227] ================================================================== [ 13.167590] ================================================================== [ 13.168103] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.168630] Free of addr ffff8881029d4001 by task kunit_try_catch/260 [ 13.168905] [ 13.169000] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.169076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.169089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.169111] Call Trace: [ 13.169122] <TASK> [ 13.169138] dump_stack_lvl+0x73/0xb0 [ 13.169165] print_report+0xd1/0x650 [ 13.169186] ? __virt_addr_valid+0x1db/0x2d0 [ 13.169208] ? kasan_addr_to_slab+0x11/0xa0 [ 13.169227] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.169253] kasan_report_invalid_free+0x10a/0x130 [ 13.169276] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.169303] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.169327] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.169350] mempool_free+0x2ec/0x380 [ 13.169371] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.169396] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.169421] ? __kasan_check_write+0x18/0x20 [ 13.169440] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.169461] ? finish_task_switch.isra.0+0x153/0x700 [ 13.169486] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 13.169510] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.169537] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.169560] ? __pfx_mempool_kfree+0x10/0x10 [ 13.169584] ? __pfx_read_tsc+0x10/0x10 [ 13.169604] ? ktime_get_ts64+0x86/0x230 [ 13.169626] kunit_try_run_case+0x1a5/0x480 [ 13.169650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.169672] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.169694] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.169716] ? __kthread_parkme+0x82/0x180 [ 13.169735] ? preempt_count_sub+0x50/0x80 [ 13.169757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.169780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.169802] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.169825] kthread+0x337/0x6f0 [ 13.169843] ? trace_preempt_on+0x20/0xc0 [ 13.169865] ? __pfx_kthread+0x10/0x10 [ 13.169885] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.169905] ? calculate_sigpending+0x7b/0xa0 [ 13.169928] ? __pfx_kthread+0x10/0x10 [ 13.169947] ret_from_fork+0x116/0x1d0 [ 13.169964] ? __pfx_kthread+0x10/0x10 [ 13.169983] ret_from_fork_asm+0x1a/0x30 [ 13.170013] </TASK> [ 13.170023] [ 13.179270] The buggy address belongs to the physical page: [ 13.179510] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d4 [ 13.179844] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.180336] flags: 0x200000000000040(head|node=0|zone=2) [ 13.180548] page_type: f8(unknown) [ 13.180675] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.180907] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.181260] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.181672] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.182234] head: 0200000000000002 ffffea00040a7501 00000000ffffffff 00000000ffffffff [ 13.182487] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.182757] page dumped because: kasan: bad access detected [ 13.183009] [ 13.183161] Memory state around the buggy address: [ 13.183391] ffff8881029d3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.183682] ffff8881029d3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.183963] >ffff8881029d4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.184350] ^ [ 13.184496] ffff8881029d4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.184756] ffff8881029d4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.185056] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.085724] ================================================================== [ 13.086997] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.087260] Free of addr ffff888103990000 by task kunit_try_catch/254 [ 13.087462] [ 13.087551] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.087595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.087607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.087626] Call Trace: [ 13.087638] <TASK> [ 13.087652] dump_stack_lvl+0x73/0xb0 [ 13.087680] print_report+0xd1/0x650 [ 13.087702] ? __virt_addr_valid+0x1db/0x2d0 [ 13.087725] ? kasan_addr_to_slab+0x11/0xa0 [ 13.087745] ? mempool_double_free_helper+0x184/0x370 [ 13.087768] kasan_report_invalid_free+0x10a/0x130 [ 13.087793] ? mempool_double_free_helper+0x184/0x370 [ 13.087820] ? mempool_double_free_helper+0x184/0x370 [ 13.087844] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.087867] mempool_free+0x2ec/0x380 [ 13.087890] mempool_double_free_helper+0x184/0x370 [ 13.087913] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.087939] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.087961] ? finish_task_switch.isra.0+0x153/0x700 [ 13.087985] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.088009] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.088046] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.088068] ? __pfx_mempool_kfree+0x10/0x10 [ 13.088092] ? __pfx_read_tsc+0x10/0x10 [ 13.088112] ? ktime_get_ts64+0x86/0x230 [ 13.088135] kunit_try_run_case+0x1a5/0x480 [ 13.088160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.088184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.088207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.088230] ? __kthread_parkme+0x82/0x180 [ 13.088250] ? preempt_count_sub+0x50/0x80 [ 13.088700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.088727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.088752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.088774] kthread+0x337/0x6f0 [ 13.088795] ? trace_preempt_on+0x20/0xc0 [ 13.088819] ? __pfx_kthread+0x10/0x10 [ 13.088839] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.088859] ? calculate_sigpending+0x7b/0xa0 [ 13.088884] ? __pfx_kthread+0x10/0x10 [ 13.088905] ret_from_fork+0x116/0x1d0 [ 13.088924] ? __pfx_kthread+0x10/0x10 [ 13.088943] ret_from_fork_asm+0x1a/0x30 [ 13.088973] </TASK> [ 13.088983] [ 13.103268] The buggy address belongs to the physical page: [ 13.103502] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103990 [ 13.103856] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.104573] flags: 0x200000000000040(head|node=0|zone=2) [ 13.104823] page_type: f8(unknown) [ 13.105174] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.105722] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.106368] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.106793] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.107351] head: 0200000000000002 ffffea00040e6401 00000000ffffffff 00000000ffffffff [ 13.107805] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.108557] page dumped because: kasan: bad access detected [ 13.108801] [ 13.108878] Memory state around the buggy address: [ 13.109498] ffff88810398ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.109885] ffff88810398ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.110436] >ffff888103990000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.110872] ^ [ 13.111044] ffff888103990080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.111796] ffff888103990100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.112352] ================================================================== [ 13.115896] ================================================================== [ 13.116426] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.117115] Free of addr ffff8881029d0000 by task kunit_try_catch/256 [ 13.117459] [ 13.117669] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.117714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.117727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.117748] Call Trace: [ 13.117760] <TASK> [ 13.117776] dump_stack_lvl+0x73/0xb0 [ 13.117806] print_report+0xd1/0x650 [ 13.117827] ? __virt_addr_valid+0x1db/0x2d0 [ 13.117852] ? kasan_addr_to_slab+0x11/0xa0 [ 13.117871] ? mempool_double_free_helper+0x184/0x370 [ 13.117895] kasan_report_invalid_free+0x10a/0x130 [ 13.117919] ? mempool_double_free_helper+0x184/0x370 [ 13.117944] ? mempool_double_free_helper+0x184/0x370 [ 13.117967] __kasan_mempool_poison_pages+0x115/0x130 [ 13.117991] mempool_free+0x290/0x380 [ 13.118015] mempool_double_free_helper+0x184/0x370 [ 13.118054] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.118081] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.118103] ? finish_task_switch.isra.0+0x153/0x700 [ 13.118129] mempool_page_alloc_double_free+0xe8/0x140 [ 13.118173] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.118202] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.118220] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.118241] ? __pfx_read_tsc+0x10/0x10 [ 13.118262] ? ktime_get_ts64+0x86/0x230 [ 13.118287] kunit_try_run_case+0x1a5/0x480 [ 13.118330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.118352] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.118374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.118396] ? __kthread_parkme+0x82/0x180 [ 13.118417] ? preempt_count_sub+0x50/0x80 [ 13.118439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.118461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.118482] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.118505] kthread+0x337/0x6f0 [ 13.118522] ? trace_preempt_on+0x20/0xc0 [ 13.118545] ? __pfx_kthread+0x10/0x10 [ 13.118565] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.118585] ? calculate_sigpending+0x7b/0xa0 [ 13.118607] ? __pfx_kthread+0x10/0x10 [ 13.118628] ret_from_fork+0x116/0x1d0 [ 13.118645] ? __pfx_kthread+0x10/0x10 [ 13.118664] ret_from_fork_asm+0x1a/0x30 [ 13.118694] </TASK> [ 13.118705] [ 13.128003] The buggy address belongs to the physical page: [ 13.128482] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d0 [ 13.128819] flags: 0x200000000000000(node=0|zone=2) [ 13.129040] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.129616] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.130016] page dumped because: kasan: bad access detected [ 13.130306] [ 13.130405] Memory state around the buggy address: [ 13.130627] ffff8881029cff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.130915] ffff8881029cff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.131139] >ffff8881029d0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.131439] ^ [ 13.131629] ffff8881029d0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.131987] ffff8881029d0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.132704] ================================================================== [ 13.057503] ================================================================== [ 13.058605] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.059298] Free of addr ffff88810312fe00 by task kunit_try_catch/252 [ 13.059634] [ 13.059724] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.059768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.059779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.059802] Call Trace: [ 13.059813] <TASK> [ 13.059827] dump_stack_lvl+0x73/0xb0 [ 13.059856] print_report+0xd1/0x650 [ 13.059879] ? __virt_addr_valid+0x1db/0x2d0 [ 13.059902] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.059925] ? mempool_double_free_helper+0x184/0x370 [ 13.059949] kasan_report_invalid_free+0x10a/0x130 [ 13.059972] ? mempool_double_free_helper+0x184/0x370 [ 13.059997] ? mempool_double_free_helper+0x184/0x370 [ 13.060019] ? mempool_double_free_helper+0x184/0x370 [ 13.060054] check_slab_allocation+0x101/0x130 [ 13.060075] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.060099] mempool_free+0x2ec/0x380 [ 13.060121] mempool_double_free_helper+0x184/0x370 [ 13.060144] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.060167] ? update_load_avg+0x1be/0x21b0 [ 13.060189] ? dequeue_entities+0x27e/0x1740 [ 13.060214] ? finish_task_switch.isra.0+0x153/0x700 [ 13.060239] mempool_kmalloc_double_free+0xed/0x140 [ 13.060263] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.060290] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.060316] ? __pfx_mempool_kfree+0x10/0x10 [ 13.060340] ? __pfx_read_tsc+0x10/0x10 [ 13.060363] ? ktime_get_ts64+0x86/0x230 [ 13.060387] kunit_try_run_case+0x1a5/0x480 [ 13.060412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.060433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.060456] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.060478] ? __kthread_parkme+0x82/0x180 [ 13.060499] ? preempt_count_sub+0x50/0x80 [ 13.060521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.060545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.060568] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.060592] kthread+0x337/0x6f0 [ 13.060637] ? trace_preempt_on+0x20/0xc0 [ 13.060660] ? __pfx_kthread+0x10/0x10 [ 13.060680] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.060700] ? calculate_sigpending+0x7b/0xa0 [ 13.060723] ? __pfx_kthread+0x10/0x10 [ 13.060744] ret_from_fork+0x116/0x1d0 [ 13.060762] ? __pfx_kthread+0x10/0x10 [ 13.060781] ret_from_fork_asm+0x1a/0x30 [ 13.060811] </TASK> [ 13.060823] [ 13.069790] Allocated by task 252: [ 13.069980] kasan_save_stack+0x45/0x70 [ 13.070392] kasan_save_track+0x18/0x40 [ 13.070530] kasan_save_alloc_info+0x3b/0x50 [ 13.070678] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.070848] remove_element+0x11e/0x190 [ 13.071020] mempool_alloc_preallocated+0x4d/0x90 [ 13.071254] mempool_double_free_helper+0x8a/0x370 [ 13.071582] mempool_kmalloc_double_free+0xed/0x140 [ 13.072061] kunit_try_run_case+0x1a5/0x480 [ 13.072490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.072678] kthread+0x337/0x6f0 [ 13.072800] ret_from_fork+0x116/0x1d0 [ 13.072931] ret_from_fork_asm+0x1a/0x30 [ 13.073141] [ 13.073236] Freed by task 252: [ 13.073395] kasan_save_stack+0x45/0x70 [ 13.073707] kasan_save_track+0x18/0x40 [ 13.073913] kasan_save_free_info+0x3f/0x60 [ 13.074277] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.074521] mempool_free+0x2ec/0x380 [ 13.074714] mempool_double_free_helper+0x109/0x370 [ 13.074884] mempool_kmalloc_double_free+0xed/0x140 [ 13.075063] kunit_try_run_case+0x1a5/0x480 [ 13.075304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.075554] kthread+0x337/0x6f0 [ 13.075721] ret_from_fork+0x116/0x1d0 [ 13.075925] ret_from_fork_asm+0x1a/0x30 [ 13.076146] [ 13.076249] The buggy address belongs to the object at ffff88810312fe00 [ 13.076249] which belongs to the cache kmalloc-128 of size 128 [ 13.076757] The buggy address is located 0 bytes inside of [ 13.076757] 128-byte region [ffff88810312fe00, ffff88810312fe80) [ 13.077130] [ 13.077304] The buggy address belongs to the physical page: [ 13.077556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10312f [ 13.077896] flags: 0x200000000000000(node=0|zone=2) [ 13.078073] page_type: f5(slab) [ 13.078286] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.078612] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.078837] page dumped because: kasan: bad access detected [ 13.079065] [ 13.079197] Memory state around the buggy address: [ 13.079431] ffff88810312fd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.079746] ffff88810312fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.080186] >ffff88810312fe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.080468] ^ [ 13.080586] ffff88810312fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.080802] ffff88810312ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.081076] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 12.975864] ================================================================== [ 12.976812] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.977645] Read of size 1 at addr ffff888103990000 by task kunit_try_catch/246 [ 12.977999] [ 12.978125] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.978170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.978182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.978202] Call Trace: [ 12.978216] <TASK> [ 12.978230] dump_stack_lvl+0x73/0xb0 [ 12.978259] print_report+0xd1/0x650 [ 12.978282] ? __virt_addr_valid+0x1db/0x2d0 [ 12.978306] ? mempool_uaf_helper+0x392/0x400 [ 12.978330] ? kasan_addr_to_slab+0x11/0xa0 [ 12.978350] ? mempool_uaf_helper+0x392/0x400 [ 12.978372] kasan_report+0x141/0x180 [ 12.978394] ? mempool_uaf_helper+0x392/0x400 [ 12.978421] __asan_report_load1_noabort+0x18/0x20 [ 12.978445] mempool_uaf_helper+0x392/0x400 [ 12.978467] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.978491] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.978512] ? finish_task_switch.isra.0+0x153/0x700 [ 12.978537] mempool_kmalloc_large_uaf+0xef/0x140 [ 12.978560] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 12.978586] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.978629] ? __pfx_mempool_kfree+0x10/0x10 [ 12.978655] ? __pfx_read_tsc+0x10/0x10 [ 12.978690] ? ktime_get_ts64+0x86/0x230 [ 12.978714] kunit_try_run_case+0x1a5/0x480 [ 12.978739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.978762] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.978787] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.978809] ? __kthread_parkme+0x82/0x180 [ 12.978829] ? preempt_count_sub+0x50/0x80 [ 12.978853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.978878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.978900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.978924] kthread+0x337/0x6f0 [ 12.978943] ? trace_preempt_on+0x20/0xc0 [ 12.978966] ? __pfx_kthread+0x10/0x10 [ 12.978986] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.979006] ? calculate_sigpending+0x7b/0xa0 [ 12.979039] ? __pfx_kthread+0x10/0x10 [ 12.979064] ret_from_fork+0x116/0x1d0 [ 12.979083] ? __pfx_kthread+0x10/0x10 [ 12.979104] ret_from_fork_asm+0x1a/0x30 [ 12.979134] </TASK> [ 12.979160] [ 12.987357] The buggy address belongs to the physical page: [ 12.987613] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103990 [ 12.987980] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.988364] flags: 0x200000000000040(head|node=0|zone=2) [ 12.988805] page_type: f8(unknown) [ 12.988991] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.989238] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.989482] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.989820] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.990434] head: 0200000000000002 ffffea00040e6401 00000000ffffffff 00000000ffffffff [ 12.990686] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.990914] page dumped because: kasan: bad access detected [ 12.991422] [ 12.991521] Memory state around the buggy address: [ 12.991749] ffff88810398ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.992047] ffff88810398ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.992351] >ffff888103990000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.992677] ^ [ 12.992833] ffff888103990080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.993194] ffff888103990100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.993446] ================================================================== [ 13.027650] ================================================================== [ 13.029158] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.030285] Read of size 1 at addr ffff888103990000 by task kunit_try_catch/250 [ 13.031109] [ 13.031243] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.031329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.031342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.031364] Call Trace: [ 13.031378] <TASK> [ 13.031394] dump_stack_lvl+0x73/0xb0 [ 13.031424] print_report+0xd1/0x650 [ 13.031447] ? __virt_addr_valid+0x1db/0x2d0 [ 13.031471] ? mempool_uaf_helper+0x392/0x400 [ 13.031493] ? kasan_addr_to_slab+0x11/0xa0 [ 13.031514] ? mempool_uaf_helper+0x392/0x400 [ 13.031536] kasan_report+0x141/0x180 [ 13.031557] ? mempool_uaf_helper+0x392/0x400 [ 13.031584] __asan_report_load1_noabort+0x18/0x20 [ 13.031608] mempool_uaf_helper+0x392/0x400 [ 13.031632] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.031655] ? __kasan_check_write+0x18/0x20 [ 13.031675] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.031695] ? finish_task_switch.isra.0+0x153/0x700 [ 13.031721] mempool_page_alloc_uaf+0xed/0x140 [ 13.031744] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.031771] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.031791] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.031812] ? __pfx_read_tsc+0x10/0x10 [ 13.031833] ? ktime_get_ts64+0x86/0x230 [ 13.031856] kunit_try_run_case+0x1a5/0x480 [ 13.031881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.031906] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.031930] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.031952] ? __kthread_parkme+0x82/0x180 [ 13.031972] ? preempt_count_sub+0x50/0x80 [ 13.031994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.032018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.032055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.032078] kthread+0x337/0x6f0 [ 13.032097] ? trace_preempt_on+0x20/0xc0 [ 13.032121] ? __pfx_kthread+0x10/0x10 [ 13.032141] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.032161] ? calculate_sigpending+0x7b/0xa0 [ 13.032185] ? __pfx_kthread+0x10/0x10 [ 13.032228] ret_from_fork+0x116/0x1d0 [ 13.032246] ? __pfx_kthread+0x10/0x10 [ 13.032267] ret_from_fork_asm+0x1a/0x30 [ 13.032296] </TASK> [ 13.032308] [ 13.046103] The buggy address belongs to the physical page: [ 13.046739] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103990 [ 13.046992] flags: 0x200000000000000(node=0|zone=2) [ 13.047566] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.048325] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.048991] page dumped because: kasan: bad access detected [ 13.049633] [ 13.049709] Memory state around the buggy address: [ 13.049860] ffff88810398ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.050111] ffff88810398ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.050850] >ffff888103990000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.051581] ^ [ 13.051984] ffff888103990080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.052760] ffff888103990100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.053531] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 12.947980] ================================================================== [ 12.948650] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.949211] Read of size 1 at addr ffff88810312fa00 by task kunit_try_catch/244 [ 12.949927] [ 12.950173] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.950233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.950246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.950280] Call Trace: [ 12.950302] <TASK> [ 12.950317] dump_stack_lvl+0x73/0xb0 [ 12.950349] print_report+0xd1/0x650 [ 12.950384] ? __virt_addr_valid+0x1db/0x2d0 [ 12.950409] ? mempool_uaf_helper+0x392/0x400 [ 12.950431] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.950453] ? mempool_uaf_helper+0x392/0x400 [ 12.950475] kasan_report+0x141/0x180 [ 12.950498] ? mempool_uaf_helper+0x392/0x400 [ 12.950526] __asan_report_load1_noabort+0x18/0x20 [ 12.950551] mempool_uaf_helper+0x392/0x400 [ 12.950573] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.950596] ? __kasan_check_write+0x18/0x20 [ 12.950616] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.950637] ? finish_task_switch.isra.0+0x153/0x700 [ 12.950662] mempool_kmalloc_uaf+0xef/0x140 [ 12.950684] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 12.950709] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.950732] ? __pfx_mempool_kfree+0x10/0x10 [ 12.950757] ? __pfx_read_tsc+0x10/0x10 [ 12.950777] ? ktime_get_ts64+0x86/0x230 [ 12.950801] kunit_try_run_case+0x1a5/0x480 [ 12.950826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.950850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.950873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.950894] ? __kthread_parkme+0x82/0x180 [ 12.950914] ? preempt_count_sub+0x50/0x80 [ 12.950936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.950960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.950982] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.951005] kthread+0x337/0x6f0 [ 12.951087] ? trace_preempt_on+0x20/0xc0 [ 12.951117] ? __pfx_kthread+0x10/0x10 [ 12.951156] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.951177] ? calculate_sigpending+0x7b/0xa0 [ 12.951202] ? __pfx_kthread+0x10/0x10 [ 12.951223] ret_from_fork+0x116/0x1d0 [ 12.951243] ? __pfx_kthread+0x10/0x10 [ 12.951262] ret_from_fork_asm+0x1a/0x30 [ 12.951293] </TASK> [ 12.951305] [ 12.960106] Allocated by task 244: [ 12.960325] kasan_save_stack+0x45/0x70 [ 12.960530] kasan_save_track+0x18/0x40 [ 12.960721] kasan_save_alloc_info+0x3b/0x50 [ 12.960923] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.961223] remove_element+0x11e/0x190 [ 12.961397] mempool_alloc_preallocated+0x4d/0x90 [ 12.961640] mempool_uaf_helper+0x96/0x400 [ 12.961886] mempool_kmalloc_uaf+0xef/0x140 [ 12.962180] kunit_try_run_case+0x1a5/0x480 [ 12.962375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.962660] kthread+0x337/0x6f0 [ 12.962799] ret_from_fork+0x116/0x1d0 [ 12.963007] ret_from_fork_asm+0x1a/0x30 [ 12.963299] [ 12.963403] Freed by task 244: [ 12.963551] kasan_save_stack+0x45/0x70 [ 12.963767] kasan_save_track+0x18/0x40 [ 12.963924] kasan_save_free_info+0x3f/0x60 [ 12.964407] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.964618] mempool_free+0x2ec/0x380 [ 12.964784] mempool_uaf_helper+0x11a/0x400 [ 12.965010] mempool_kmalloc_uaf+0xef/0x140 [ 12.965326] kunit_try_run_case+0x1a5/0x480 [ 12.965527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.965759] kthread+0x337/0x6f0 [ 12.965925] ret_from_fork+0x116/0x1d0 [ 12.966131] ret_from_fork_asm+0x1a/0x30 [ 12.966302] [ 12.966400] The buggy address belongs to the object at ffff88810312fa00 [ 12.966400] which belongs to the cache kmalloc-128 of size 128 [ 12.966946] The buggy address is located 0 bytes inside of [ 12.966946] freed 128-byte region [ffff88810312fa00, ffff88810312fa80) [ 12.967477] [ 12.967574] The buggy address belongs to the physical page: [ 12.967847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10312f [ 12.968311] flags: 0x200000000000000(node=0|zone=2) [ 12.968509] page_type: f5(slab) [ 12.968632] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.968999] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.969539] page dumped because: kasan: bad access detected [ 12.969720] [ 12.969797] Memory state around the buggy address: [ 12.970022] ffff88810312f900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.970391] ffff88810312f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.970686] >ffff88810312fa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.971111] ^ [ 12.971313] ffff88810312fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.971615] ffff88810312fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.971866] ================================================================== [ 12.997640] ================================================================== [ 12.998193] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.999131] Read of size 1 at addr ffff888103121240 by task kunit_try_catch/248 [ 12.999674] [ 12.999799] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.999845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.999858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.999880] Call Trace: [ 12.999892] <TASK> [ 12.999907] dump_stack_lvl+0x73/0xb0 [ 12.999938] print_report+0xd1/0x650 [ 12.999959] ? __virt_addr_valid+0x1db/0x2d0 [ 12.999983] ? mempool_uaf_helper+0x392/0x400 [ 13.000004] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.000040] ? mempool_uaf_helper+0x392/0x400 [ 13.000063] kasan_report+0x141/0x180 [ 13.000084] ? mempool_uaf_helper+0x392/0x400 [ 13.000109] __asan_report_load1_noabort+0x18/0x20 [ 13.000134] mempool_uaf_helper+0x392/0x400 [ 13.000157] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.000181] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.000204] ? finish_task_switch.isra.0+0x153/0x700 [ 13.000229] mempool_slab_uaf+0xea/0x140 [ 13.000252] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.000277] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.000296] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.000318] ? __pfx_read_tsc+0x10/0x10 [ 13.000339] ? ktime_get_ts64+0x86/0x230 [ 13.000363] kunit_try_run_case+0x1a5/0x480 [ 13.000388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.000410] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.000491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.000517] ? __kthread_parkme+0x82/0x180 [ 13.000538] ? preempt_count_sub+0x50/0x80 [ 13.000560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.000583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.000606] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.000629] kthread+0x337/0x6f0 [ 13.000648] ? trace_preempt_on+0x20/0xc0 [ 13.000670] ? __pfx_kthread+0x10/0x10 [ 13.000691] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.000711] ? calculate_sigpending+0x7b/0xa0 [ 13.000735] ? __pfx_kthread+0x10/0x10 [ 13.000757] ret_from_fork+0x116/0x1d0 [ 13.000775] ? __pfx_kthread+0x10/0x10 [ 13.000795] ret_from_fork_asm+0x1a/0x30 [ 13.000825] </TASK> [ 13.000836] [ 13.008978] Allocated by task 248: [ 13.009210] kasan_save_stack+0x45/0x70 [ 13.009377] kasan_save_track+0x18/0x40 [ 13.009561] kasan_save_alloc_info+0x3b/0x50 [ 13.009739] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.009963] remove_element+0x11e/0x190 [ 13.010258] mempool_alloc_preallocated+0x4d/0x90 [ 13.010458] mempool_uaf_helper+0x96/0x400 [ 13.010628] mempool_slab_uaf+0xea/0x140 [ 13.010802] kunit_try_run_case+0x1a5/0x480 [ 13.010947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.011466] kthread+0x337/0x6f0 [ 13.011630] ret_from_fork+0x116/0x1d0 [ 13.011795] ret_from_fork_asm+0x1a/0x30 [ 13.011971] [ 13.012102] Freed by task 248: [ 13.012381] kasan_save_stack+0x45/0x70 [ 13.012559] kasan_save_track+0x18/0x40 [ 13.012702] kasan_save_free_info+0x3f/0x60 [ 13.012906] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.013238] mempool_free+0x2ec/0x380 [ 13.013385] mempool_uaf_helper+0x11a/0x400 [ 13.013529] mempool_slab_uaf+0xea/0x140 [ 13.013667] kunit_try_run_case+0x1a5/0x480 [ 13.013810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.013987] kthread+0x337/0x6f0 [ 13.014167] ret_from_fork+0x116/0x1d0 [ 13.014352] ret_from_fork_asm+0x1a/0x30 [ 13.014558] [ 13.014653] The buggy address belongs to the object at ffff888103121240 [ 13.014653] which belongs to the cache test_cache of size 123 [ 13.015296] The buggy address is located 0 bytes inside of [ 13.015296] freed 123-byte region [ffff888103121240, ffff8881031212bb) [ 13.015739] [ 13.015814] The buggy address belongs to the physical page: [ 13.015986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103121 [ 13.016264] flags: 0x200000000000000(node=0|zone=2) [ 13.016643] page_type: f5(slab) [ 13.016858] raw: 0200000000000000 ffff88810311c140 dead000000000122 0000000000000000 [ 13.017232] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.017628] page dumped because: kasan: bad access detected [ 13.017881] [ 13.017952] Memory state around the buggy address: [ 13.018121] ffff888103121100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.018445] ffff888103121180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.018793] >ffff888103121200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.019132] ^ [ 13.019531] ffff888103121280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.019794] ffff888103121300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.020200] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 12.862385] ================================================================== [ 12.862857] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.863458] Read of size 1 at addr ffff88810312f673 by task kunit_try_catch/238 [ 12.863981] [ 12.864092] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.864144] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.864157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.864497] Call Trace: [ 12.864520] <TASK> [ 12.864540] dump_stack_lvl+0x73/0xb0 [ 12.864574] print_report+0xd1/0x650 [ 12.864599] ? __virt_addr_valid+0x1db/0x2d0 [ 12.864624] ? mempool_oob_right_helper+0x318/0x380 [ 12.864648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.864671] ? mempool_oob_right_helper+0x318/0x380 [ 12.864694] kasan_report+0x141/0x180 [ 12.864715] ? mempool_oob_right_helper+0x318/0x380 [ 12.864743] __asan_report_load1_noabort+0x18/0x20 [ 12.864766] mempool_oob_right_helper+0x318/0x380 [ 12.864790] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.864814] ? __kasan_check_write+0x18/0x20 [ 12.864833] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.864856] ? finish_task_switch.isra.0+0x153/0x700 [ 12.864881] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.864903] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.864928] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.864952] ? __pfx_mempool_kfree+0x10/0x10 [ 12.864976] ? __pfx_read_tsc+0x10/0x10 [ 12.864998] ? ktime_get_ts64+0x86/0x230 [ 12.865022] kunit_try_run_case+0x1a5/0x480 [ 12.865121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.865145] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.865169] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.865191] ? __kthread_parkme+0x82/0x180 [ 12.865213] ? preempt_count_sub+0x50/0x80 [ 12.865235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.865257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.865280] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.865302] kthread+0x337/0x6f0 [ 12.865321] ? trace_preempt_on+0x20/0xc0 [ 12.865345] ? __pfx_kthread+0x10/0x10 [ 12.865365] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.865385] ? calculate_sigpending+0x7b/0xa0 [ 12.865409] ? __pfx_kthread+0x10/0x10 [ 12.865430] ret_from_fork+0x116/0x1d0 [ 12.865448] ? __pfx_kthread+0x10/0x10 [ 12.865468] ret_from_fork_asm+0x1a/0x30 [ 12.865498] </TASK> [ 12.865512] [ 12.877442] Allocated by task 238: [ 12.877827] kasan_save_stack+0x45/0x70 [ 12.878074] kasan_save_track+0x18/0x40 [ 12.878561] kasan_save_alloc_info+0x3b/0x50 [ 12.878787] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.879320] remove_element+0x11e/0x190 [ 12.879515] mempool_alloc_preallocated+0x4d/0x90 [ 12.879873] mempool_oob_right_helper+0x8a/0x380 [ 12.880249] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.880495] kunit_try_run_case+0x1a5/0x480 [ 12.880822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.881101] kthread+0x337/0x6f0 [ 12.881463] ret_from_fork+0x116/0x1d0 [ 12.881716] ret_from_fork_asm+0x1a/0x30 [ 12.881926] [ 12.882240] The buggy address belongs to the object at ffff88810312f600 [ 12.882240] which belongs to the cache kmalloc-128 of size 128 [ 12.882735] The buggy address is located 0 bytes to the right of [ 12.882735] allocated 115-byte region [ffff88810312f600, ffff88810312f673) [ 12.883701] [ 12.883789] The buggy address belongs to the physical page: [ 12.884325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10312f [ 12.884772] flags: 0x200000000000000(node=0|zone=2) [ 12.885001] page_type: f5(slab) [ 12.885191] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.885511] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.885788] page dumped because: kasan: bad access detected [ 12.886400] [ 12.886503] Memory state around the buggy address: [ 12.886692] ffff88810312f500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.887230] ffff88810312f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.887647] >ffff88810312f600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.888042] ^ [ 12.888522] ffff88810312f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.888830] ffff88810312f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.889625] ================================================================== [ 12.915549] ================================================================== [ 12.916064] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.916466] Read of size 1 at addr ffff88810311f2bb by task kunit_try_catch/242 [ 12.916865] [ 12.916986] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.917040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.917051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.917082] Call Trace: [ 12.917093] <TASK> [ 12.917108] dump_stack_lvl+0x73/0xb0 [ 12.917136] print_report+0xd1/0x650 [ 12.917169] ? __virt_addr_valid+0x1db/0x2d0 [ 12.917189] ? mempool_oob_right_helper+0x318/0x380 [ 12.917231] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.917253] ? mempool_oob_right_helper+0x318/0x380 [ 12.917275] kasan_report+0x141/0x180 [ 12.917296] ? mempool_oob_right_helper+0x318/0x380 [ 12.917369] __asan_report_load1_noabort+0x18/0x20 [ 12.917408] mempool_oob_right_helper+0x318/0x380 [ 12.917433] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.917458] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.917478] ? finish_task_switch.isra.0+0x153/0x700 [ 12.917502] mempool_slab_oob_right+0xed/0x140 [ 12.917526] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 12.917551] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.917570] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.917592] ? __pfx_read_tsc+0x10/0x10 [ 12.917612] ? ktime_get_ts64+0x86/0x230 [ 12.917634] kunit_try_run_case+0x1a5/0x480 [ 12.917668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.917688] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.917711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.917743] ? __kthread_parkme+0x82/0x180 [ 12.917763] ? preempt_count_sub+0x50/0x80 [ 12.917786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.917809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.917832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.917854] kthread+0x337/0x6f0 [ 12.917873] ? trace_preempt_on+0x20/0xc0 [ 12.917896] ? __pfx_kthread+0x10/0x10 [ 12.917915] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.917935] ? calculate_sigpending+0x7b/0xa0 [ 12.917959] ? __pfx_kthread+0x10/0x10 [ 12.917979] ret_from_fork+0x116/0x1d0 [ 12.917996] ? __pfx_kthread+0x10/0x10 [ 12.918017] ret_from_fork_asm+0x1a/0x30 [ 12.918108] </TASK> [ 12.918121] [ 12.931841] Allocated by task 242: [ 12.931977] kasan_save_stack+0x45/0x70 [ 12.932262] kasan_save_track+0x18/0x40 [ 12.932404] kasan_save_alloc_info+0x3b/0x50 [ 12.932613] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.932874] remove_element+0x11e/0x190 [ 12.933055] mempool_alloc_preallocated+0x4d/0x90 [ 12.933287] mempool_oob_right_helper+0x8a/0x380 [ 12.933445] mempool_slab_oob_right+0xed/0x140 [ 12.933680] kunit_try_run_case+0x1a5/0x480 [ 12.933994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.934286] kthread+0x337/0x6f0 [ 12.934441] ret_from_fork+0x116/0x1d0 [ 12.934628] ret_from_fork_asm+0x1a/0x30 [ 12.934803] [ 12.934901] The buggy address belongs to the object at ffff88810311f240 [ 12.934901] which belongs to the cache test_cache of size 123 [ 12.935413] The buggy address is located 0 bytes to the right of [ 12.935413] allocated 123-byte region [ffff88810311f240, ffff88810311f2bb) [ 12.936252] [ 12.936371] The buggy address belongs to the physical page: [ 12.936618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10311f [ 12.936911] flags: 0x200000000000000(node=0|zone=2) [ 12.937372] page_type: f5(slab) [ 12.937557] raw: 0200000000000000 ffff88810311c000 dead000000000122 0000000000000000 [ 12.937856] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.938292] page dumped because: kasan: bad access detected [ 12.938494] [ 12.938589] Memory state around the buggy address: [ 12.938847] ffff88810311f180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.939203] ffff88810311f200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 12.939663] >ffff88810311f280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 12.939951] ^ [ 12.940354] ffff88810311f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.940662] ffff88810311f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.940931] ================================================================== [ 12.892815] ================================================================== [ 12.893561] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.893847] Read of size 1 at addr ffff8881029ce001 by task kunit_try_catch/240 [ 12.894191] [ 12.894301] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.894434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.894449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.894471] Call Trace: [ 12.894493] <TASK> [ 12.894510] dump_stack_lvl+0x73/0xb0 [ 12.894541] print_report+0xd1/0x650 [ 12.894574] ? __virt_addr_valid+0x1db/0x2d0 [ 12.894598] ? mempool_oob_right_helper+0x318/0x380 [ 12.894619] ? kasan_addr_to_slab+0x11/0xa0 [ 12.894639] ? mempool_oob_right_helper+0x318/0x380 [ 12.894662] kasan_report+0x141/0x180 [ 12.894682] ? mempool_oob_right_helper+0x318/0x380 [ 12.894718] __asan_report_load1_noabort+0x18/0x20 [ 12.894742] mempool_oob_right_helper+0x318/0x380 [ 12.894775] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.894799] ? __kasan_check_write+0x18/0x20 [ 12.894818] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.894838] ? finish_task_switch.isra.0+0x153/0x700 [ 12.894863] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 12.894887] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.894913] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.894936] ? __pfx_mempool_kfree+0x10/0x10 [ 12.894961] ? __pfx_read_tsc+0x10/0x10 [ 12.894984] ? ktime_get_ts64+0x86/0x230 [ 12.895007] kunit_try_run_case+0x1a5/0x480 [ 12.895041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.895077] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.895099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.895121] ? __kthread_parkme+0x82/0x180 [ 12.895205] ? preempt_count_sub+0x50/0x80 [ 12.895230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.895254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.895277] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.895299] kthread+0x337/0x6f0 [ 12.895328] ? trace_preempt_on+0x20/0xc0 [ 12.895351] ? __pfx_kthread+0x10/0x10 [ 12.895371] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.895403] ? calculate_sigpending+0x7b/0xa0 [ 12.895426] ? __pfx_kthread+0x10/0x10 [ 12.895447] ret_from_fork+0x116/0x1d0 [ 12.895464] ? __pfx_kthread+0x10/0x10 [ 12.895484] ret_from_fork_asm+0x1a/0x30 [ 12.895514] </TASK> [ 12.895525] [ 12.904722] The buggy address belongs to the physical page: [ 12.904977] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 12.905477] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.905820] flags: 0x200000000000040(head|node=0|zone=2) [ 12.906153] page_type: f8(unknown) [ 12.906313] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.906608] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.906901] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.907336] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.907654] head: 0200000000000002 ffffea00040a7301 00000000ffffffff 00000000ffffffff [ 12.907886] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.908168] page dumped because: kasan: bad access detected [ 12.908430] [ 12.908529] Memory state around the buggy address: [ 12.908730] ffff8881029cdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.908948] ffff8881029cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.909598] >ffff8881029ce000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.909916] ^ [ 12.910049] ffff8881029ce080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.910548] ffff8881029ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.910890] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 12.287696] ================================================================== [ 12.288195] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 12.288971] Read of size 1 at addr ffff8881010b2dc0 by task kunit_try_catch/232 [ 12.289771] [ 12.289904] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.289951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.289964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.289987] Call Trace: [ 12.289999] <TASK> [ 12.290016] dump_stack_lvl+0x73/0xb0 [ 12.290059] print_report+0xd1/0x650 [ 12.290082] ? __virt_addr_valid+0x1db/0x2d0 [ 12.290106] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.290130] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.290151] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.290175] kasan_report+0x141/0x180 [ 12.290197] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.290223] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.290246] __kasan_check_byte+0x3d/0x50 [ 12.290268] kmem_cache_destroy+0x25/0x1d0 [ 12.290291] kmem_cache_double_destroy+0x1bf/0x380 [ 12.290316] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.290340] ? finish_task_switch.isra.0+0x153/0x700 [ 12.290363] ? __switch_to+0x47/0xf50 [ 12.290392] ? __pfx_read_tsc+0x10/0x10 [ 12.290412] ? ktime_get_ts64+0x86/0x230 [ 12.290436] kunit_try_run_case+0x1a5/0x480 [ 12.290460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.290482] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.290504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.290526] ? __kthread_parkme+0x82/0x180 [ 12.290546] ? preempt_count_sub+0x50/0x80 [ 12.290568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.290590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.290611] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.290634] kthread+0x337/0x6f0 [ 12.290651] ? trace_preempt_on+0x20/0xc0 [ 12.290674] ? __pfx_kthread+0x10/0x10 [ 12.290694] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.290714] ? calculate_sigpending+0x7b/0xa0 [ 12.290738] ? __pfx_kthread+0x10/0x10 [ 12.290758] ret_from_fork+0x116/0x1d0 [ 12.290775] ? __pfx_kthread+0x10/0x10 [ 12.290794] ret_from_fork_asm+0x1a/0x30 [ 12.290823] </TASK> [ 12.290835] [ 12.306797] Allocated by task 232: [ 12.307175] kasan_save_stack+0x45/0x70 [ 12.307607] kasan_save_track+0x18/0x40 [ 12.307788] kasan_save_alloc_info+0x3b/0x50 [ 12.308286] __kasan_slab_alloc+0x91/0xa0 [ 12.308729] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.309235] __kmem_cache_create_args+0x169/0x240 [ 12.309482] kmem_cache_double_destroy+0xd5/0x380 [ 12.309799] kunit_try_run_case+0x1a5/0x480 [ 12.310160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.310611] kthread+0x337/0x6f0 [ 12.310794] ret_from_fork+0x116/0x1d0 [ 12.311205] ret_from_fork_asm+0x1a/0x30 [ 12.311559] [ 12.311660] Freed by task 232: [ 12.311999] kasan_save_stack+0x45/0x70 [ 12.312447] kasan_save_track+0x18/0x40 [ 12.312956] kasan_save_free_info+0x3f/0x60 [ 12.313398] __kasan_slab_free+0x56/0x70 [ 12.313830] kmem_cache_free+0x249/0x420 [ 12.314100] slab_kmem_cache_release+0x2e/0x40 [ 12.314578] kmem_cache_release+0x16/0x20 [ 12.314736] kobject_put+0x181/0x450 [ 12.314871] sysfs_slab_release+0x16/0x20 [ 12.315013] kmem_cache_destroy+0xf0/0x1d0 [ 12.315195] kmem_cache_double_destroy+0x14e/0x380 [ 12.315455] kunit_try_run_case+0x1a5/0x480 [ 12.315801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.316380] kthread+0x337/0x6f0 [ 12.316571] ret_from_fork+0x116/0x1d0 [ 12.316705] ret_from_fork_asm+0x1a/0x30 [ 12.316842] [ 12.316914] The buggy address belongs to the object at ffff8881010b2dc0 [ 12.316914] which belongs to the cache kmem_cache of size 208 [ 12.317342] The buggy address is located 0 bytes inside of [ 12.317342] freed 208-byte region [ffff8881010b2dc0, ffff8881010b2e90) [ 12.317806] [ 12.317905] The buggy address belongs to the physical page: [ 12.318332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1010b2 [ 12.318672] flags: 0x200000000000000(node=0|zone=2) [ 12.318906] page_type: f5(slab) [ 12.319140] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.319494] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 12.319839] page dumped because: kasan: bad access detected [ 12.320035] [ 12.320127] Memory state around the buggy address: [ 12.320411] ffff8881010b2c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.320653] ffff8881010b2d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.321053] >ffff8881010b2d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.321483] ^ [ 12.321719] ffff8881010b2e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.322042] ffff8881010b2e80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.322388] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 12.234257] ================================================================== [ 12.234980] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.235496] Read of size 1 at addr ffff888103118000 by task kunit_try_catch/230 [ 12.235971] [ 12.236185] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.236233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.236245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.236268] Call Trace: [ 12.236280] <TASK> [ 12.236319] dump_stack_lvl+0x73/0xb0 [ 12.236352] print_report+0xd1/0x650 [ 12.236375] ? __virt_addr_valid+0x1db/0x2d0 [ 12.236398] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.236419] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.236440] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.236461] kasan_report+0x141/0x180 [ 12.236482] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.236508] __asan_report_load1_noabort+0x18/0x20 [ 12.236531] kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.236553] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.236575] ? finish_task_switch.isra.0+0x153/0x700 [ 12.236598] ? __switch_to+0x47/0xf50 [ 12.236626] ? __pfx_read_tsc+0x10/0x10 [ 12.236646] ? ktime_get_ts64+0x86/0x230 [ 12.236903] kunit_try_run_case+0x1a5/0x480 [ 12.236930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.236952] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.236976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.236998] ? __kthread_parkme+0x82/0x180 [ 12.237017] ? preempt_count_sub+0x50/0x80 [ 12.237070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.237092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.237124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.237280] kthread+0x337/0x6f0 [ 12.237307] ? trace_preempt_on+0x20/0xc0 [ 12.237333] ? __pfx_kthread+0x10/0x10 [ 12.237352] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.237373] ? calculate_sigpending+0x7b/0xa0 [ 12.237396] ? __pfx_kthread+0x10/0x10 [ 12.237417] ret_from_fork+0x116/0x1d0 [ 12.237435] ? __pfx_kthread+0x10/0x10 [ 12.237455] ret_from_fork_asm+0x1a/0x30 [ 12.237484] </TASK> [ 12.237497] [ 12.248468] Allocated by task 230: [ 12.248817] kasan_save_stack+0x45/0x70 [ 12.249020] kasan_save_track+0x18/0x40 [ 12.249466] kasan_save_alloc_info+0x3b/0x50 [ 12.249761] __kasan_slab_alloc+0x91/0xa0 [ 12.249982] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.250534] kmem_cache_rcu_uaf+0x155/0x510 [ 12.250708] kunit_try_run_case+0x1a5/0x480 [ 12.250961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.251558] kthread+0x337/0x6f0 [ 12.251830] ret_from_fork+0x116/0x1d0 [ 12.252052] ret_from_fork_asm+0x1a/0x30 [ 12.252369] [ 12.252473] Freed by task 0: [ 12.252700] kasan_save_stack+0x45/0x70 [ 12.253122] kasan_save_track+0x18/0x40 [ 12.253388] kasan_save_free_info+0x3f/0x60 [ 12.253867] __kasan_slab_free+0x56/0x70 [ 12.254044] slab_free_after_rcu_debug+0xe4/0x310 [ 12.254601] rcu_core+0x66f/0x1c40 [ 12.254803] rcu_core_si+0x12/0x20 [ 12.254976] handle_softirqs+0x209/0x730 [ 12.255507] __irq_exit_rcu+0xc9/0x110 [ 12.255687] irq_exit_rcu+0x12/0x20 [ 12.255838] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.256427] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.256792] [ 12.256901] Last potentially related work creation: [ 12.257323] kasan_save_stack+0x45/0x70 [ 12.257508] kasan_record_aux_stack+0xb2/0xc0 [ 12.257967] kmem_cache_free+0x131/0x420 [ 12.258306] kmem_cache_rcu_uaf+0x194/0x510 [ 12.258651] kunit_try_run_case+0x1a5/0x480 [ 12.258852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.259288] kthread+0x337/0x6f0 [ 12.259497] ret_from_fork+0x116/0x1d0 [ 12.259634] ret_from_fork_asm+0x1a/0x30 [ 12.260011] [ 12.260154] The buggy address belongs to the object at ffff888103118000 [ 12.260154] which belongs to the cache test_cache of size 200 [ 12.260735] The buggy address is located 0 bytes inside of [ 12.260735] freed 200-byte region [ffff888103118000, ffff8881031180c8) [ 12.261652] [ 12.261767] The buggy address belongs to the physical page: [ 12.261981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103118 [ 12.262720] flags: 0x200000000000000(node=0|zone=2) [ 12.263064] page_type: f5(slab) [ 12.263456] raw: 0200000000000000 ffff888101ae4c80 dead000000000122 0000000000000000 [ 12.263926] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.264502] page dumped because: kasan: bad access detected [ 12.264720] [ 12.264806] Memory state around the buggy address: [ 12.265224] ffff888103117f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.265935] ffff888103117f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.266368] >ffff888103118000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.266954] ^ [ 12.267303] ffff888103118080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.267619] ffff888103118100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.268070] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.170205] ================================================================== [ 12.171323] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.172193] Free of addr ffff88810390e001 by task kunit_try_catch/228 [ 12.172594] [ 12.172694] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.172741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.172752] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.172773] Call Trace: [ 12.172786] <TASK> [ 12.172804] dump_stack_lvl+0x73/0xb0 [ 12.172834] print_report+0xd1/0x650 [ 12.172855] ? __virt_addr_valid+0x1db/0x2d0 [ 12.172879] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.172901] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.172925] kasan_report_invalid_free+0x10a/0x130 [ 12.172948] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.172973] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.172995] check_slab_allocation+0x11f/0x130 [ 12.173016] __kasan_slab_pre_free+0x28/0x40 [ 12.173213] kmem_cache_free+0xed/0x420 [ 12.173241] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.173262] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.173288] kmem_cache_invalid_free+0x1d8/0x460 [ 12.173311] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.173333] ? finish_task_switch.isra.0+0x153/0x700 [ 12.173391] ? __switch_to+0x47/0xf50 [ 12.173419] ? __pfx_read_tsc+0x10/0x10 [ 12.173438] ? ktime_get_ts64+0x86/0x230 [ 12.173461] kunit_try_run_case+0x1a5/0x480 [ 12.173485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.173505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.173528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.173549] ? __kthread_parkme+0x82/0x180 [ 12.173569] ? preempt_count_sub+0x50/0x80 [ 12.173590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.173612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.173633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.173654] kthread+0x337/0x6f0 [ 12.173672] ? trace_preempt_on+0x20/0xc0 [ 12.173694] ? __pfx_kthread+0x10/0x10 [ 12.173713] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.173732] ? calculate_sigpending+0x7b/0xa0 [ 12.173755] ? __pfx_kthread+0x10/0x10 [ 12.173775] ret_from_fork+0x116/0x1d0 [ 12.173791] ? __pfx_kthread+0x10/0x10 [ 12.173810] ret_from_fork_asm+0x1a/0x30 [ 12.173839] </TASK> [ 12.173851] [ 12.192413] Allocated by task 228: [ 12.192771] kasan_save_stack+0x45/0x70 [ 12.192933] kasan_save_track+0x18/0x40 [ 12.193275] kasan_save_alloc_info+0x3b/0x50 [ 12.193762] __kasan_slab_alloc+0x91/0xa0 [ 12.194294] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.194864] kmem_cache_invalid_free+0x157/0x460 [ 12.195523] kunit_try_run_case+0x1a5/0x480 [ 12.195903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.196281] kthread+0x337/0x6f0 [ 12.196595] ret_from_fork+0x116/0x1d0 [ 12.197123] ret_from_fork_asm+0x1a/0x30 [ 12.197612] [ 12.197885] The buggy address belongs to the object at ffff88810390e000 [ 12.197885] which belongs to the cache test_cache of size 200 [ 12.198780] The buggy address is located 1 bytes inside of [ 12.198780] 200-byte region [ffff88810390e000, ffff88810390e0c8) [ 12.200244] [ 12.200403] The buggy address belongs to the physical page: [ 12.200579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10390e [ 12.200822] flags: 0x200000000000000(node=0|zone=2) [ 12.200988] page_type: f5(slab) [ 12.201122] raw: 0200000000000000 ffff8881010b2c80 dead000000000122 0000000000000000 [ 12.201869] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.202688] page dumped because: kasan: bad access detected [ 12.203209] [ 12.203387] Memory state around the buggy address: [ 12.203843] ffff88810390df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.204507] ffff88810390df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.205248] >ffff88810390e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.205596] ^ [ 12.205711] ffff88810390e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.205924] ffff88810390e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.206162] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.126971] ================================================================== [ 12.127563] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.128369] Free of addr ffff888103116000 by task kunit_try_catch/226 [ 12.128973] [ 12.129087] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.129130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.129141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.129161] Call Trace: [ 12.129173] <TASK> [ 12.129187] dump_stack_lvl+0x73/0xb0 [ 12.129216] print_report+0xd1/0x650 [ 12.129238] ? __virt_addr_valid+0x1db/0x2d0 [ 12.129260] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.129282] ? kmem_cache_double_free+0x1e5/0x480 [ 12.129306] kasan_report_invalid_free+0x10a/0x130 [ 12.129328] ? kmem_cache_double_free+0x1e5/0x480 [ 12.129353] ? kmem_cache_double_free+0x1e5/0x480 [ 12.129375] check_slab_allocation+0x101/0x130 [ 12.129396] __kasan_slab_pre_free+0x28/0x40 [ 12.129415] kmem_cache_free+0xed/0x420 [ 12.129435] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.129454] ? kmem_cache_double_free+0x1e5/0x480 [ 12.129479] kmem_cache_double_free+0x1e5/0x480 [ 12.129501] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.129523] ? finish_task_switch.isra.0+0x153/0x700 [ 12.129544] ? __switch_to+0x47/0xf50 [ 12.129572] ? __pfx_read_tsc+0x10/0x10 [ 12.129593] ? ktime_get_ts64+0x86/0x230 [ 12.129615] kunit_try_run_case+0x1a5/0x480 [ 12.129638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.129658] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.129680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.129701] ? __kthread_parkme+0x82/0x180 [ 12.129719] ? preempt_count_sub+0x50/0x80 [ 12.129740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.129762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.129783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.129804] kthread+0x337/0x6f0 [ 12.129823] ? trace_preempt_on+0x20/0xc0 [ 12.129845] ? __pfx_kthread+0x10/0x10 [ 12.129865] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.129885] ? calculate_sigpending+0x7b/0xa0 [ 12.129907] ? __pfx_kthread+0x10/0x10 [ 12.129927] ret_from_fork+0x116/0x1d0 [ 12.129944] ? __pfx_kthread+0x10/0x10 [ 12.129962] ret_from_fork_asm+0x1a/0x30 [ 12.129991] </TASK> [ 12.130001] [ 12.145192] Allocated by task 226: [ 12.145606] kasan_save_stack+0x45/0x70 [ 12.146008] kasan_save_track+0x18/0x40 [ 12.146271] kasan_save_alloc_info+0x3b/0x50 [ 12.146762] __kasan_slab_alloc+0x91/0xa0 [ 12.147264] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.147424] kmem_cache_double_free+0x14f/0x480 [ 12.147832] kunit_try_run_case+0x1a5/0x480 [ 12.148314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.148993] kthread+0x337/0x6f0 [ 12.149286] ret_from_fork+0x116/0x1d0 [ 12.149705] ret_from_fork_asm+0x1a/0x30 [ 12.150040] [ 12.150219] Freed by task 226: [ 12.150424] kasan_save_stack+0x45/0x70 [ 12.150697] kasan_save_track+0x18/0x40 [ 12.151241] kasan_save_free_info+0x3f/0x60 [ 12.151824] __kasan_slab_free+0x56/0x70 [ 12.152160] kmem_cache_free+0x249/0x420 [ 12.152493] kmem_cache_double_free+0x16a/0x480 [ 12.152942] kunit_try_run_case+0x1a5/0x480 [ 12.153426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.153857] kthread+0x337/0x6f0 [ 12.153977] ret_from_fork+0x116/0x1d0 [ 12.154349] ret_from_fork_asm+0x1a/0x30 [ 12.154493] [ 12.154562] The buggy address belongs to the object at ffff888103116000 [ 12.154562] which belongs to the cache test_cache of size 200 [ 12.154899] The buggy address is located 0 bytes inside of [ 12.154899] 200-byte region [ffff888103116000, ffff8881031160c8) [ 12.155255] [ 12.155613] The buggy address belongs to the physical page: [ 12.156324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103116 [ 12.156779] flags: 0x200000000000000(node=0|zone=2) [ 12.156942] page_type: f5(slab) [ 12.157217] raw: 0200000000000000 ffff888101ae4b40 dead000000000122 0000000000000000 [ 12.157913] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.158761] page dumped because: kasan: bad access detected [ 12.159190] [ 12.159549] Memory state around the buggy address: [ 12.159827] ffff888103115f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.160107] ffff888103115f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.161034] >ffff888103116000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.161789] ^ [ 12.161908] ffff888103116080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.162294] ffff888103116100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.162864] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.087019] ================================================================== [ 12.087515] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.087832] Read of size 1 at addr ffff8881031140c8 by task kunit_try_catch/224 [ 12.088441] [ 12.088665] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.088713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.088725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.088745] Call Trace: [ 12.088757] <TASK> [ 12.088774] dump_stack_lvl+0x73/0xb0 [ 12.088804] print_report+0xd1/0x650 [ 12.088826] ? __virt_addr_valid+0x1db/0x2d0 [ 12.088848] ? kmem_cache_oob+0x402/0x530 [ 12.088869] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.088890] ? kmem_cache_oob+0x402/0x530 [ 12.088912] kasan_report+0x141/0x180 [ 12.088933] ? kmem_cache_oob+0x402/0x530 [ 12.088959] __asan_report_load1_noabort+0x18/0x20 [ 12.088982] kmem_cache_oob+0x402/0x530 [ 12.089002] ? trace_hardirqs_on+0x37/0xe0 [ 12.089038] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.089177] ? __kasan_check_write+0x18/0x20 [ 12.089200] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.089223] ? irqentry_exit+0x2a/0x60 [ 12.089246] ? trace_hardirqs_on+0x37/0xe0 [ 12.089266] ? __pfx_read_tsc+0x10/0x10 [ 12.089286] ? ktime_get_ts64+0x86/0x230 [ 12.089310] kunit_try_run_case+0x1a5/0x480 [ 12.089334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.089356] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.089377] ? __kthread_parkme+0x82/0x180 [ 12.089398] ? preempt_count_sub+0x50/0x80 [ 12.089421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.089443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.089464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.089486] kthread+0x337/0x6f0 [ 12.089504] ? trace_preempt_on+0x20/0xc0 [ 12.089524] ? __pfx_kthread+0x10/0x10 [ 12.089543] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.089563] ? calculate_sigpending+0x7b/0xa0 [ 12.089586] ? __pfx_kthread+0x10/0x10 [ 12.089606] ret_from_fork+0x116/0x1d0 [ 12.089623] ? __pfx_kthread+0x10/0x10 [ 12.089642] ret_from_fork_asm+0x1a/0x30 [ 12.089671] </TASK> [ 12.089683] [ 12.099958] Allocated by task 224: [ 12.100490] kasan_save_stack+0x45/0x70 [ 12.100685] kasan_save_track+0x18/0x40 [ 12.100829] kasan_save_alloc_info+0x3b/0x50 [ 12.101207] __kasan_slab_alloc+0x91/0xa0 [ 12.101400] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.101614] kmem_cache_oob+0x157/0x530 [ 12.101786] kunit_try_run_case+0x1a5/0x480 [ 12.101977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.102649] kthread+0x337/0x6f0 [ 12.102807] ret_from_fork+0x116/0x1d0 [ 12.102967] ret_from_fork_asm+0x1a/0x30 [ 12.103191] [ 12.103478] The buggy address belongs to the object at ffff888103114000 [ 12.103478] which belongs to the cache test_cache of size 200 [ 12.103970] The buggy address is located 0 bytes to the right of [ 12.103970] allocated 200-byte region [ffff888103114000, ffff8881031140c8) [ 12.104778] [ 12.104954] The buggy address belongs to the physical page: [ 12.105161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103114 [ 12.105685] flags: 0x200000000000000(node=0|zone=2) [ 12.105915] page_type: f5(slab) [ 12.106215] raw: 0200000000000000 ffff888101ae4a00 dead000000000122 0000000000000000 [ 12.106536] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.106843] page dumped because: kasan: bad access detected [ 12.107143] [ 12.107235] Memory state around the buggy address: [ 12.107390] ffff888103113f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.107709] ffff888103114000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.108006] >ffff888103114080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.108980] ^ [ 12.109227] ffff888103114100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.109734] ffff888103114180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.110157] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.049319] ================================================================== [ 12.049729] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.050040] Read of size 8 at addr ffff88810390b2c0 by task kunit_try_catch/217 [ 12.050483] [ 12.050584] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.050626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.050638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.050657] Call Trace: [ 12.050668] <TASK> [ 12.050683] dump_stack_lvl+0x73/0xb0 [ 12.050711] print_report+0xd1/0x650 [ 12.050732] ? __virt_addr_valid+0x1db/0x2d0 [ 12.050753] ? workqueue_uaf+0x4d6/0x560 [ 12.050773] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.050794] ? workqueue_uaf+0x4d6/0x560 [ 12.050815] kasan_report+0x141/0x180 [ 12.050835] ? workqueue_uaf+0x4d6/0x560 [ 12.050860] __asan_report_load8_noabort+0x18/0x20 [ 12.050883] workqueue_uaf+0x4d6/0x560 [ 12.050903] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.050924] ? __schedule+0x10cc/0x2b60 [ 12.050944] ? __pfx_read_tsc+0x10/0x10 [ 12.050964] ? ktime_get_ts64+0x86/0x230 [ 12.050987] kunit_try_run_case+0x1a5/0x480 [ 12.051009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.051048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.051072] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.051095] ? __kthread_parkme+0x82/0x180 [ 12.051114] ? preempt_count_sub+0x50/0x80 [ 12.051138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.051161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.051183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.051204] kthread+0x337/0x6f0 [ 12.051222] ? trace_preempt_on+0x20/0xc0 [ 12.051244] ? __pfx_kthread+0x10/0x10 [ 12.051263] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.051283] ? calculate_sigpending+0x7b/0xa0 [ 12.051305] ? __pfx_kthread+0x10/0x10 [ 12.051325] ret_from_fork+0x116/0x1d0 [ 12.051342] ? __pfx_kthread+0x10/0x10 [ 12.051362] ret_from_fork_asm+0x1a/0x30 [ 12.051392] </TASK> [ 12.051402] [ 12.061352] Allocated by task 217: [ 12.061532] kasan_save_stack+0x45/0x70 [ 12.061824] kasan_save_track+0x18/0x40 [ 12.062049] kasan_save_alloc_info+0x3b/0x50 [ 12.062425] __kasan_kmalloc+0xb7/0xc0 [ 12.062719] __kmalloc_cache_noprof+0x189/0x420 [ 12.062933] workqueue_uaf+0x152/0x560 [ 12.063386] kunit_try_run_case+0x1a5/0x480 [ 12.063596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.063896] kthread+0x337/0x6f0 [ 12.064039] ret_from_fork+0x116/0x1d0 [ 12.064501] ret_from_fork_asm+0x1a/0x30 [ 12.064776] [ 12.064879] Freed by task 41: [ 12.065292] kasan_save_stack+0x45/0x70 [ 12.065597] kasan_save_track+0x18/0x40 [ 12.065807] kasan_save_free_info+0x3f/0x60 [ 12.066014] __kasan_slab_free+0x56/0x70 [ 12.066436] kfree+0x222/0x3f0 [ 12.066592] workqueue_uaf_work+0x12/0x20 [ 12.066957] process_one_work+0x5ee/0xf60 [ 12.067180] worker_thread+0x758/0x1220 [ 12.067364] kthread+0x337/0x6f0 [ 12.067515] ret_from_fork+0x116/0x1d0 [ 12.067696] ret_from_fork_asm+0x1a/0x30 [ 12.067861] [ 12.067955] Last potentially related work creation: [ 12.068582] kasan_save_stack+0x45/0x70 [ 12.068730] kasan_record_aux_stack+0xb2/0xc0 [ 12.069116] __queue_work+0x626/0xeb0 [ 12.069534] queue_work_on+0xb6/0xc0 [ 12.069870] workqueue_uaf+0x26d/0x560 [ 12.070071] kunit_try_run_case+0x1a5/0x480 [ 12.070437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.070802] kthread+0x337/0x6f0 [ 12.070931] ret_from_fork+0x116/0x1d0 [ 12.071438] ret_from_fork_asm+0x1a/0x30 [ 12.071727] [ 12.071828] The buggy address belongs to the object at ffff88810390b2c0 [ 12.071828] which belongs to the cache kmalloc-32 of size 32 [ 12.072745] The buggy address is located 0 bytes inside of [ 12.072745] freed 32-byte region [ffff88810390b2c0, ffff88810390b2e0) [ 12.073411] [ 12.073539] The buggy address belongs to the physical page: [ 12.073775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10390b [ 12.074369] flags: 0x200000000000000(node=0|zone=2) [ 12.074564] page_type: f5(slab) [ 12.074795] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.075293] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.075621] page dumped because: kasan: bad access detected [ 12.075851] [ 12.075934] Memory state around the buggy address: [ 12.076152] ffff88810390b180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.076749] ffff88810390b200: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 12.077021] >ffff88810390b280: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 12.077506] ^ [ 12.077812] ffff88810390b300: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.078094] ffff88810390b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.078539] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.007168] ================================================================== [ 12.007619] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.007919] Read of size 4 at addr ffff888103109c00 by task swapper/0/0 [ 12.008173] [ 12.008304] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.008361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.008373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.008393] Call Trace: [ 12.008418] <IRQ> [ 12.008436] dump_stack_lvl+0x73/0xb0 [ 12.008466] print_report+0xd1/0x650 [ 12.008488] ? __virt_addr_valid+0x1db/0x2d0 [ 12.008510] ? rcu_uaf_reclaim+0x50/0x60 [ 12.008540] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.008561] ? rcu_uaf_reclaim+0x50/0x60 [ 12.008580] kasan_report+0x141/0x180 [ 12.008601] ? rcu_uaf_reclaim+0x50/0x60 [ 12.008636] __asan_report_load4_noabort+0x18/0x20 [ 12.008659] rcu_uaf_reclaim+0x50/0x60 [ 12.008678] rcu_core+0x66f/0x1c40 [ 12.008706] ? __pfx_rcu_core+0x10/0x10 [ 12.008726] ? ktime_get+0x6b/0x150 [ 12.008747] ? handle_softirqs+0x18e/0x730 [ 12.008771] rcu_core_si+0x12/0x20 [ 12.008789] handle_softirqs+0x209/0x730 [ 12.008807] ? hrtimer_interrupt+0x2fe/0x780 [ 12.008828] ? __pfx_handle_softirqs+0x10/0x10 [ 12.008851] __irq_exit_rcu+0xc9/0x110 [ 12.008880] irq_exit_rcu+0x12/0x20 [ 12.008898] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.008921] </IRQ> [ 12.008955] <TASK> [ 12.008966] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.009137] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.009360] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 03 8a 21 00 fb f4 <e9> 7c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.009440] RSP: 0000:ffffffff8dc07dd8 EFLAGS: 00010216 [ 12.009525] RAX: ffff8881cc074000 RBX: ffffffff8dc1cac0 RCX: ffffffff8ca730e5 [ 12.009570] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 0000000000005c1c [ 12.009612] RBP: ffffffff8dc07de0 R08: 0000000000000001 R09: ffffed102b60618a [ 12.009652] R10: ffff88815b030c53 R11: 000000000000b400 R12: 0000000000000000 [ 12.009694] R13: fffffbfff1b83958 R14: ffffffff8e7b0690 R15: 0000000000000000 [ 12.009755] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.009807] ? default_idle+0xd/0x20 [ 12.009828] arch_cpu_idle+0xd/0x20 [ 12.009848] default_idle_call+0x48/0x80 [ 12.009869] do_idle+0x379/0x4f0 [ 12.009894] ? __pfx_do_idle+0x10/0x10 [ 12.009915] ? trace_preempt_on+0x20/0xc0 [ 12.009936] ? schedule+0x86/0x2e0 [ 12.009954] ? preempt_count_sub+0x50/0x80 [ 12.009976] cpu_startup_entry+0x5c/0x70 [ 12.009998] rest_init+0x11a/0x140 [ 12.010013] ? acpi_subsystem_init+0x5d/0x150 [ 12.010051] start_kernel+0x330/0x410 [ 12.010074] x86_64_start_reservations+0x1c/0x30 [ 12.010096] x86_64_start_kernel+0x10d/0x120 [ 12.010118] common_startup_64+0x13e/0x148 [ 12.010149] </TASK> [ 12.010160] [ 12.025870] Allocated by task 215: [ 12.026191] kasan_save_stack+0x45/0x70 [ 12.026379] kasan_save_track+0x18/0x40 [ 12.026559] kasan_save_alloc_info+0x3b/0x50 [ 12.026747] __kasan_kmalloc+0xb7/0xc0 [ 12.026908] __kmalloc_cache_noprof+0x189/0x420 [ 12.027361] rcu_uaf+0xb0/0x330 [ 12.027529] kunit_try_run_case+0x1a5/0x480 [ 12.027728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.027952] kthread+0x337/0x6f0 [ 12.028792] ret_from_fork+0x116/0x1d0 [ 12.028986] ret_from_fork_asm+0x1a/0x30 [ 12.029134] [ 12.029484] Freed by task 0: [ 12.029772] kasan_save_stack+0x45/0x70 [ 12.030151] kasan_save_track+0x18/0x40 [ 12.030675] kasan_save_free_info+0x3f/0x60 [ 12.030873] __kasan_slab_free+0x56/0x70 [ 12.031142] kfree+0x222/0x3f0 [ 12.031302] rcu_uaf_reclaim+0x1f/0x60 [ 12.031472] rcu_core+0x66f/0x1c40 [ 12.031633] rcu_core_si+0x12/0x20 [ 12.031793] handle_softirqs+0x209/0x730 [ 12.031963] __irq_exit_rcu+0xc9/0x110 [ 12.032315] irq_exit_rcu+0x12/0x20 [ 12.032486] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.032696] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.032918] [ 12.033046] Last potentially related work creation: [ 12.033215] kasan_save_stack+0x45/0x70 [ 12.033353] kasan_record_aux_stack+0xb2/0xc0 [ 12.033501] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 12.033943] call_rcu+0x12/0x20 [ 12.034251] rcu_uaf+0x168/0x330 [ 12.034420] kunit_try_run_case+0x1a5/0x480 [ 12.034608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.034971] kthread+0x337/0x6f0 [ 12.035356] ret_from_fork+0x116/0x1d0 [ 12.035742] ret_from_fork_asm+0x1a/0x30 [ 12.035900] [ 12.035983] The buggy address belongs to the object at ffff888103109c00 [ 12.035983] which belongs to the cache kmalloc-32 of size 32 [ 12.036941] The buggy address is located 0 bytes inside of [ 12.036941] freed 32-byte region [ffff888103109c00, ffff888103109c20) [ 12.038547] [ 12.038629] The buggy address belongs to the physical page: [ 12.038808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103109 [ 12.039089] flags: 0x200000000000000(node=0|zone=2) [ 12.039304] page_type: f5(slab) [ 12.039519] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.039825] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.040158] page dumped because: kasan: bad access detected [ 12.040864] [ 12.040959] Memory state around the buggy address: [ 12.041231] ffff888103109b00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.041743] ffff888103109b80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 12.042496] >ffff888103109c00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.042791] ^ [ 12.042961] ffff888103109c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.043489] ffff888103109d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.043792] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.050781] ================================================================== [ 11.051642] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.051921] Read of size 1 at addr ffff888103950000 by task kunit_try_catch/171 [ 11.052272] [ 11.052470] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.052516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.052527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.052547] Call Trace: [ 11.052558] <TASK> [ 11.052573] dump_stack_lvl+0x73/0xb0 [ 11.052601] print_report+0xd1/0x650 [ 11.052623] ? __virt_addr_valid+0x1db/0x2d0 [ 11.052645] ? page_alloc_uaf+0x356/0x3d0 [ 11.052666] ? kasan_addr_to_slab+0x11/0xa0 [ 11.052685] ? page_alloc_uaf+0x356/0x3d0 [ 11.052706] kasan_report+0x141/0x180 [ 11.052727] ? page_alloc_uaf+0x356/0x3d0 [ 11.052753] __asan_report_load1_noabort+0x18/0x20 [ 11.052776] page_alloc_uaf+0x356/0x3d0 [ 11.052797] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.052819] ? __schedule+0x10cc/0x2b60 [ 11.052839] ? __pfx_read_tsc+0x10/0x10 [ 11.052859] ? ktime_get_ts64+0x86/0x230 [ 11.052882] kunit_try_run_case+0x1a5/0x480 [ 11.052905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.052926] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.052948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.052969] ? __kthread_parkme+0x82/0x180 [ 11.052989] ? preempt_count_sub+0x50/0x80 [ 11.053010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.053047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.053068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.053090] kthread+0x337/0x6f0 [ 11.053108] ? trace_preempt_on+0x20/0xc0 [ 11.053129] ? __pfx_kthread+0x10/0x10 [ 11.053187] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.053210] ? calculate_sigpending+0x7b/0xa0 [ 11.053232] ? __pfx_kthread+0x10/0x10 [ 11.053253] ret_from_fork+0x116/0x1d0 [ 11.053270] ? __pfx_kthread+0x10/0x10 [ 11.053290] ret_from_fork_asm+0x1a/0x30 [ 11.053319] </TASK> [ 11.053330] [ 11.065232] The buggy address belongs to the physical page: [ 11.065807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103950 [ 11.066589] flags: 0x200000000000000(node=0|zone=2) [ 11.066761] page_type: f0(buddy) [ 11.066885] raw: 0200000000000000 ffff88817fffc460 ffff88817fffc460 0000000000000000 [ 11.067218] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 11.067502] page dumped because: kasan: bad access detected [ 11.067740] [ 11.067811] Memory state around the buggy address: [ 11.068053] ffff88810394ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.068386] ffff88810394ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.068824] >ffff888103950000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.069284] ^ [ 11.069422] ffff888103950080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.069672] ffff888103950100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.069955] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.023199] ================================================================== [ 11.023856] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.024174] Free of addr ffff8881029b4001 by task kunit_try_catch/167 [ 11.024632] [ 11.024880] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.024923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.024936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.024985] Call Trace: [ 11.024997] <TASK> [ 11.025010] dump_stack_lvl+0x73/0xb0 [ 11.025149] print_report+0xd1/0x650 [ 11.025192] ? __virt_addr_valid+0x1db/0x2d0 [ 11.025216] ? kasan_addr_to_slab+0x11/0xa0 [ 11.025235] ? kfree+0x274/0x3f0 [ 11.025256] kasan_report_invalid_free+0x10a/0x130 [ 11.025279] ? kfree+0x274/0x3f0 [ 11.025302] ? kfree+0x274/0x3f0 [ 11.025322] __kasan_kfree_large+0x86/0xd0 [ 11.025342] free_large_kmalloc+0x4b/0x110 [ 11.025365] kfree+0x274/0x3f0 [ 11.025385] ? kmalloc_large_invalid_free+0x8f/0x2b0 [ 11.025409] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.025429] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.025451] ? __schedule+0x10cc/0x2b60 [ 11.025471] ? __pfx_read_tsc+0x10/0x10 [ 11.025491] ? ktime_get_ts64+0x86/0x230 [ 11.025513] kunit_try_run_case+0x1a5/0x480 [ 11.025536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.025557] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.025577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.025598] ? __kthread_parkme+0x82/0x180 [ 11.025617] ? preempt_count_sub+0x50/0x80 [ 11.025639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.025661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.025682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.025703] kthread+0x337/0x6f0 [ 11.025722] ? trace_preempt_on+0x20/0xc0 [ 11.025744] ? __pfx_kthread+0x10/0x10 [ 11.025763] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.025782] ? calculate_sigpending+0x7b/0xa0 [ 11.025805] ? __pfx_kthread+0x10/0x10 [ 11.025825] ret_from_fork+0x116/0x1d0 [ 11.025842] ? __pfx_kthread+0x10/0x10 [ 11.025861] ret_from_fork_asm+0x1a/0x30 [ 11.025890] </TASK> [ 11.025901] [ 11.038774] The buggy address belongs to the physical page: [ 11.038964] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b4 [ 11.039321] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.039992] flags: 0x200000000000040(head|node=0|zone=2) [ 11.040342] page_type: f8(unknown) [ 11.040513] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.040808] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.041248] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.041603] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.041910] head: 0200000000000002 ffffea00040a6d01 00000000ffffffff 00000000ffffffff [ 11.042422] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.042754] page dumped because: kasan: bad access detected [ 11.043018] [ 11.043129] Memory state around the buggy address: [ 11.043556] ffff8881029b3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.044043] ffff8881029b3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.044461] >ffff8881029b4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.044769] ^ [ 11.044938] ffff8881029b4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.045393] ffff8881029b4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.045643] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.000410] ================================================================== [ 11.000963] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.001446] Read of size 1 at addr ffff8881029b4000 by task kunit_try_catch/165 [ 11.001798] [ 11.001947] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.002012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.002170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.002190] Call Trace: [ 11.002213] <TASK> [ 11.002227] dump_stack_lvl+0x73/0xb0 [ 11.002255] print_report+0xd1/0x650 [ 11.002277] ? __virt_addr_valid+0x1db/0x2d0 [ 11.002298] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.002317] ? kasan_addr_to_slab+0x11/0xa0 [ 11.002335] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.002355] kasan_report+0x141/0x180 [ 11.002376] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.002399] __asan_report_load1_noabort+0x18/0x20 [ 11.002422] kmalloc_large_uaf+0x2f1/0x340 [ 11.002441] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.002461] ? __schedule+0x10cc/0x2b60 [ 11.002481] ? __pfx_read_tsc+0x10/0x10 [ 11.002500] ? ktime_get_ts64+0x86/0x230 [ 11.002522] kunit_try_run_case+0x1a5/0x480 [ 11.002544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.002564] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.002585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.002606] ? __kthread_parkme+0x82/0x180 [ 11.002625] ? preempt_count_sub+0x50/0x80 [ 11.002646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.002668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.002689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.002710] kthread+0x337/0x6f0 [ 11.002728] ? trace_preempt_on+0x20/0xc0 [ 11.002749] ? __pfx_kthread+0x10/0x10 [ 11.002768] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.002787] ? calculate_sigpending+0x7b/0xa0 [ 11.002810] ? __pfx_kthread+0x10/0x10 [ 11.002830] ret_from_fork+0x116/0x1d0 [ 11.002846] ? __pfx_kthread+0x10/0x10 [ 11.002865] ret_from_fork_asm+0x1a/0x30 [ 11.002894] </TASK> [ 11.002904] [ 11.013421] The buggy address belongs to the physical page: [ 11.013689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b4 [ 11.014000] flags: 0x200000000000000(node=0|zone=2) [ 11.014342] raw: 0200000000000000 ffffea00040a6e08 ffff88815b039f80 0000000000000000 [ 11.014676] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.014953] page dumped because: kasan: bad access detected [ 11.015216] [ 11.015311] Memory state around the buggy address: [ 11.015643] ffff8881029b3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.016148] ffff8881029b3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.016693] >ffff8881029b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.017675] ^ [ 11.017869] ffff8881029b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.018179] ffff8881029b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.018571] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 10.978622] ================================================================== [ 10.979240] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 10.979553] Write of size 1 at addr ffff88810295600a by task kunit_try_catch/163 [ 10.979861] [ 10.979974] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.980016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.980040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.980061] Call Trace: [ 10.980073] <TASK> [ 10.980089] dump_stack_lvl+0x73/0xb0 [ 10.980117] print_report+0xd1/0x650 [ 10.980139] ? __virt_addr_valid+0x1db/0x2d0 [ 10.980161] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.980181] ? kasan_addr_to_slab+0x11/0xa0 [ 10.980200] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.980221] kasan_report+0x141/0x180 [ 10.980241] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.980266] __asan_report_store1_noabort+0x1b/0x30 [ 10.980285] kmalloc_large_oob_right+0x2e9/0x330 [ 10.980306] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 10.980327] ? __schedule+0x10cc/0x2b60 [ 10.980348] ? __pfx_read_tsc+0x10/0x10 [ 10.980368] ? ktime_get_ts64+0x86/0x230 [ 10.980392] kunit_try_run_case+0x1a5/0x480 [ 10.980416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.980436] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.980458] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.980479] ? __kthread_parkme+0x82/0x180 [ 10.980498] ? preempt_count_sub+0x50/0x80 [ 10.980521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.980543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.980564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.980585] kthread+0x337/0x6f0 [ 10.980603] ? trace_preempt_on+0x20/0xc0 [ 10.980625] ? __pfx_kthread+0x10/0x10 [ 10.980644] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.980663] ? calculate_sigpending+0x7b/0xa0 [ 10.980686] ? __pfx_kthread+0x10/0x10 [ 10.980705] ret_from_fork+0x116/0x1d0 [ 10.980722] ? __pfx_kthread+0x10/0x10 [ 10.980742] ret_from_fork_asm+0x1a/0x30 [ 10.980771] </TASK> [ 10.980782] [ 10.989507] The buggy address belongs to the physical page: [ 10.989924] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102954 [ 10.990426] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.990815] flags: 0x200000000000040(head|node=0|zone=2) [ 10.991164] page_type: f8(unknown) [ 10.991411] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.991753] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.992204] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.992553] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.992895] head: 0200000000000002 ffffea00040a5501 00000000ffffffff 00000000ffffffff [ 10.993294] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.993631] page dumped because: kasan: bad access detected [ 10.993873] [ 10.993987] Memory state around the buggy address: [ 10.994401] ffff888102955f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.994736] ffff888102955f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.995217] >ffff888102956000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.995529] ^ [ 10.995702] ffff888102956080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.996177] ffff888102956100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.996506] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 10.942009] ================================================================== [ 10.942863] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 10.943660] Write of size 1 at addr ffff888102985f00 by task kunit_try_catch/161 [ 10.944104] [ 10.944465] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.944510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.944522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.944541] Call Trace: [ 10.944553] <TASK> [ 10.944693] dump_stack_lvl+0x73/0xb0 [ 10.944729] print_report+0xd1/0x650 [ 10.944752] ? __virt_addr_valid+0x1db/0x2d0 [ 10.944775] ? kmalloc_big_oob_right+0x316/0x370 [ 10.944796] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.944817] ? kmalloc_big_oob_right+0x316/0x370 [ 10.944839] kasan_report+0x141/0x180 [ 10.944860] ? kmalloc_big_oob_right+0x316/0x370 [ 10.944886] __asan_report_store1_noabort+0x1b/0x30 [ 10.944905] kmalloc_big_oob_right+0x316/0x370 [ 10.944926] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 10.944948] ? __schedule+0x10cc/0x2b60 [ 10.944968] ? __pfx_read_tsc+0x10/0x10 [ 10.944988] ? ktime_get_ts64+0x86/0x230 [ 10.945011] kunit_try_run_case+0x1a5/0x480 [ 10.945044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.945065] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.945085] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.945106] ? __kthread_parkme+0x82/0x180 [ 10.945124] ? preempt_count_sub+0x50/0x80 [ 10.945435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.945470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.945493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.945515] kthread+0x337/0x6f0 [ 10.945533] ? trace_preempt_on+0x20/0xc0 [ 10.945556] ? __pfx_kthread+0x10/0x10 [ 10.945575] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.945595] ? calculate_sigpending+0x7b/0xa0 [ 10.945617] ? __pfx_kthread+0x10/0x10 [ 10.945637] ret_from_fork+0x116/0x1d0 [ 10.945654] ? __pfx_kthread+0x10/0x10 [ 10.945673] ret_from_fork_asm+0x1a/0x30 [ 10.945701] </TASK> [ 10.945712] [ 10.956791] Allocated by task 161: [ 10.957494] kasan_save_stack+0x45/0x70 [ 10.957709] kasan_save_track+0x18/0x40 [ 10.957900] kasan_save_alloc_info+0x3b/0x50 [ 10.958104] __kasan_kmalloc+0xb7/0xc0 [ 10.958669] __kmalloc_cache_noprof+0x189/0x420 [ 10.958988] kmalloc_big_oob_right+0xa9/0x370 [ 10.959404] kunit_try_run_case+0x1a5/0x480 [ 10.959798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.960367] kthread+0x337/0x6f0 [ 10.960508] ret_from_fork+0x116/0x1d0 [ 10.960957] ret_from_fork_asm+0x1a/0x30 [ 10.961324] [ 10.961427] The buggy address belongs to the object at ffff888102984000 [ 10.961427] which belongs to the cache kmalloc-8k of size 8192 [ 10.961932] The buggy address is located 0 bytes to the right of [ 10.961932] allocated 7936-byte region [ffff888102984000, ffff888102985f00) [ 10.963045] [ 10.963205] The buggy address belongs to the physical page: [ 10.963742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102980 [ 10.964422] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.964822] flags: 0x200000000000040(head|node=0|zone=2) [ 10.965382] page_type: f5(slab) [ 10.965520] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.966194] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.967411] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.967705] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.967963] head: 0200000000000003 ffffea00040a6001 00000000ffffffff 00000000ffffffff [ 10.968225] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.968453] page dumped because: kasan: bad access detected [ 10.968621] [ 10.968692] Memory state around the buggy address: [ 10.968847] ffff888102985e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.969734] ffff888102985e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.970860] >ffff888102985f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.971957] ^ [ 10.972652] ffff888102985f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.973882] ffff888102986000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.975073] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 10.909073] ================================================================== [ 10.909832] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.910692] Write of size 1 at addr ffff8881030fba78 by task kunit_try_catch/159 [ 10.910999] [ 10.911783] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.911831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.911843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.911863] Call Trace: [ 10.911874] <TASK> [ 10.911889] dump_stack_lvl+0x73/0xb0 [ 10.911917] print_report+0xd1/0x650 [ 10.911938] ? __virt_addr_valid+0x1db/0x2d0 [ 10.911959] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.911982] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.912002] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.912038] kasan_report+0x141/0x180 [ 10.912104] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.912134] __asan_report_store1_noabort+0x1b/0x30 [ 10.912153] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.912176] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.912200] ? __schedule+0x10cc/0x2b60 [ 10.912221] ? __pfx_read_tsc+0x10/0x10 [ 10.912241] ? ktime_get_ts64+0x86/0x230 [ 10.912263] kunit_try_run_case+0x1a5/0x480 [ 10.912286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.912306] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.912328] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.912349] ? __kthread_parkme+0x82/0x180 [ 10.912368] ? preempt_count_sub+0x50/0x80 [ 10.912389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.912411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.912432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.912453] kthread+0x337/0x6f0 [ 10.912471] ? trace_preempt_on+0x20/0xc0 [ 10.912493] ? __pfx_kthread+0x10/0x10 [ 10.912512] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.912532] ? calculate_sigpending+0x7b/0xa0 [ 10.912554] ? __pfx_kthread+0x10/0x10 [ 10.912574] ret_from_fork+0x116/0x1d0 [ 10.912590] ? __pfx_kthread+0x10/0x10 [ 10.912609] ret_from_fork_asm+0x1a/0x30 [ 10.912637] </TASK> [ 10.912648] [ 10.924826] Allocated by task 159: [ 10.925354] kasan_save_stack+0x45/0x70 [ 10.925719] kasan_save_track+0x18/0x40 [ 10.926016] kasan_save_alloc_info+0x3b/0x50 [ 10.926455] __kasan_kmalloc+0xb7/0xc0 [ 10.926753] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.927244] kmalloc_track_caller_oob_right+0x19a/0x520 [ 10.927490] kunit_try_run_case+0x1a5/0x480 [ 10.927907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.928384] kthread+0x337/0x6f0 [ 10.928547] ret_from_fork+0x116/0x1d0 [ 10.928723] ret_from_fork_asm+0x1a/0x30 [ 10.928911] [ 10.929007] The buggy address belongs to the object at ffff8881030fba00 [ 10.929007] which belongs to the cache kmalloc-128 of size 128 [ 10.930183] The buggy address is located 0 bytes to the right of [ 10.930183] allocated 120-byte region [ffff8881030fba00, ffff8881030fba78) [ 10.931001] [ 10.931284] The buggy address belongs to the physical page: [ 10.931764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030fb [ 10.932361] flags: 0x200000000000000(node=0|zone=2) [ 10.932584] page_type: f5(slab) [ 10.932829] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.933393] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.933879] page dumped because: kasan: bad access detected [ 10.934400] [ 10.934489] Memory state around the buggy address: [ 10.934808] ffff8881030fb900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.935419] ffff8881030fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.935813] >ffff8881030fba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.936316] ^ [ 10.936811] ffff8881030fba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.937439] ffff8881030fbb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.937870] ================================================================== [ 10.873979] ================================================================== [ 10.874872] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.875767] Write of size 1 at addr ffff8881030fb978 by task kunit_try_catch/159 [ 10.876873] [ 10.877254] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.877301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.877314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.877349] Call Trace: [ 10.877362] <TASK> [ 10.877377] dump_stack_lvl+0x73/0xb0 [ 10.877404] print_report+0xd1/0x650 [ 10.877426] ? __virt_addr_valid+0x1db/0x2d0 [ 10.877472] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.877496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.877517] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.877541] kasan_report+0x141/0x180 [ 10.877562] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.877590] __asan_report_store1_noabort+0x1b/0x30 [ 10.877609] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.877632] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.877656] ? __schedule+0x10cc/0x2b60 [ 10.877676] ? __pfx_read_tsc+0x10/0x10 [ 10.877696] ? ktime_get_ts64+0x86/0x230 [ 10.877718] kunit_try_run_case+0x1a5/0x480 [ 10.877741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.877761] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.877782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.877803] ? __kthread_parkme+0x82/0x180 [ 10.877823] ? preempt_count_sub+0x50/0x80 [ 10.877844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.877866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.877887] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.877908] kthread+0x337/0x6f0 [ 10.877926] ? trace_preempt_on+0x20/0xc0 [ 10.877948] ? __pfx_kthread+0x10/0x10 [ 10.877967] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.877986] ? calculate_sigpending+0x7b/0xa0 [ 10.878008] ? __pfx_kthread+0x10/0x10 [ 10.878040] ret_from_fork+0x116/0x1d0 [ 10.878057] ? __pfx_kthread+0x10/0x10 [ 10.878076] ret_from_fork_asm+0x1a/0x30 [ 10.878105] </TASK> [ 10.878115] [ 10.894162] Allocated by task 159: [ 10.894580] kasan_save_stack+0x45/0x70 [ 10.894935] kasan_save_track+0x18/0x40 [ 10.895331] kasan_save_alloc_info+0x3b/0x50 [ 10.895851] __kasan_kmalloc+0xb7/0xc0 [ 10.896379] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.896868] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.897072] kunit_try_run_case+0x1a5/0x480 [ 10.897677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.898331] kthread+0x337/0x6f0 [ 10.898823] ret_from_fork+0x116/0x1d0 [ 10.899202] ret_from_fork_asm+0x1a/0x30 [ 10.899572] [ 10.899870] The buggy address belongs to the object at ffff8881030fb900 [ 10.899870] which belongs to the cache kmalloc-128 of size 128 [ 10.900615] The buggy address is located 0 bytes to the right of [ 10.900615] allocated 120-byte region [ffff8881030fb900, ffff8881030fb978) [ 10.901428] [ 10.901527] The buggy address belongs to the physical page: [ 10.901741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030fb [ 10.902362] flags: 0x200000000000000(node=0|zone=2) [ 10.902713] page_type: f5(slab) [ 10.903016] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.903505] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.903954] page dumped because: kasan: bad access detected [ 10.904428] [ 10.904522] Memory state around the buggy address: [ 10.904905] ffff8881030fb800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.905639] ffff8881030fb880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.906218] >ffff8881030fb900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.906634] ^ [ 10.907276] ffff8881030fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.907629] ffff8881030fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.908296] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 10.840223] ================================================================== [ 10.840610] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.840858] Read of size 1 at addr ffff888102977000 by task kunit_try_catch/157 [ 10.841206] [ 10.841470] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.841514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.841526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.841546] Call Trace: [ 10.841558] <TASK> [ 10.841574] dump_stack_lvl+0x73/0xb0 [ 10.841602] print_report+0xd1/0x650 [ 10.841623] ? __virt_addr_valid+0x1db/0x2d0 [ 10.841646] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.841667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.841688] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.841710] kasan_report+0x141/0x180 [ 10.841730] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.841758] __asan_report_load1_noabort+0x18/0x20 [ 10.841780] kmalloc_node_oob_right+0x369/0x3c0 [ 10.841803] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.841826] ? __schedule+0x10cc/0x2b60 [ 10.841846] ? __pfx_read_tsc+0x10/0x10 [ 10.841867] ? ktime_get_ts64+0x86/0x230 [ 10.841890] kunit_try_run_case+0x1a5/0x480 [ 10.841914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.841935] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.841957] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.841978] ? __kthread_parkme+0x82/0x180 [ 10.841997] ? preempt_count_sub+0x50/0x80 [ 10.842020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.842054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.842076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.842097] kthread+0x337/0x6f0 [ 10.842114] ? trace_preempt_on+0x20/0xc0 [ 10.842137] ? __pfx_kthread+0x10/0x10 [ 10.842156] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.842189] ? calculate_sigpending+0x7b/0xa0 [ 10.842212] ? __pfx_kthread+0x10/0x10 [ 10.842232] ret_from_fork+0x116/0x1d0 [ 10.842249] ? __pfx_kthread+0x10/0x10 [ 10.842268] ret_from_fork_asm+0x1a/0x30 [ 10.842297] </TASK> [ 10.842307] [ 10.856019] Allocated by task 157: [ 10.856248] kasan_save_stack+0x45/0x70 [ 10.856619] kasan_save_track+0x18/0x40 [ 10.857068] kasan_save_alloc_info+0x3b/0x50 [ 10.857465] __kasan_kmalloc+0xb7/0xc0 [ 10.857819] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.858317] kmalloc_node_oob_right+0xab/0x3c0 [ 10.858734] kunit_try_run_case+0x1a5/0x480 [ 10.858889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.859075] kthread+0x337/0x6f0 [ 10.859226] ret_from_fork+0x116/0x1d0 [ 10.859373] ret_from_fork_asm+0x1a/0x30 [ 10.859652] [ 10.859806] The buggy address belongs to the object at ffff888102976000 [ 10.859806] which belongs to the cache kmalloc-4k of size 4096 [ 10.860989] The buggy address is located 0 bytes to the right of [ 10.860989] allocated 4096-byte region [ffff888102976000, ffff888102977000) [ 10.861800] [ 10.861955] The buggy address belongs to the physical page: [ 10.862542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102970 [ 10.862968] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.863634] flags: 0x200000000000040(head|node=0|zone=2) [ 10.864391] page_type: f5(slab) [ 10.864703] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.865534] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.866337] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.866646] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.866877] head: 0200000000000003 ffffea00040a5c01 00000000ffffffff 00000000ffffffff [ 10.867136] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.867623] page dumped because: kasan: bad access detected [ 10.868207] [ 10.868281] Memory state around the buggy address: [ 10.868703] ffff888102976f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.868967] ffff888102976f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.869349] >ffff888102977000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.869756] ^ [ 10.869916] ffff888102977080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.870249] ffff888102977100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.870539] ==================================================================
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 140.841052] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 140.841441] WARNING: CPU: 0 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 140.842719] Modules linked in: [ 140.843000] CPU: 0 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 140.843607] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.843935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.844618] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 140.844901] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 9d 24 80 00 48 c7 c1 40 76 fe 8c 4c 89 f2 48 c7 c7 00 73 fe 8c 48 89 c6 e8 b4 c7 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 140.845839] RSP: 0000:ffff88810a007d18 EFLAGS: 00010286 [ 140.846235] RAX: 0000000000000000 RBX: ffff888108527400 RCX: 1ffffffff1ba4c80 [ 140.846655] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.846997] RBP: ffff88810a007d48 R08: 0000000000000000 R09: fffffbfff1ba4c80 [ 140.847443] R10: 0000000000000003 R11: 00000000000394c0 R12: ffff888109f83000 [ 140.847818] R13: ffff8881085274f8 R14: ffff88810474d400 R15: ffff88810039fb40 [ 140.848277] FS: 0000000000000000(0000) GS:ffff8881cc074000(0000) knlGS:0000000000000000 [ 140.848775] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.849074] CR2: 00007ffff7ffe000 CR3: 00000001208bc000 CR4: 00000000000006f0 [ 140.849547] DR0: ffffffff8f050440 DR1: ffffffff8f050441 DR2: ffffffff8f050442 [ 140.849835] DR3: ffffffff8f050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.850304] Call Trace: [ 140.850553] <TASK> [ 140.850650] ? trace_preempt_on+0x20/0xc0 [ 140.850999] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 140.851410] drm_gem_shmem_free_wrapper+0x12/0x20 [ 140.851634] __kunit_action_free+0x57/0x70 [ 140.851835] kunit_remove_resource+0x133/0x200 [ 140.852041] ? preempt_count_sub+0x50/0x80 [ 140.852561] kunit_cleanup+0x7a/0x120 [ 140.852723] kunit_try_run_case_cleanup+0xbd/0xf0 [ 140.852950] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 140.853450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.853870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.854343] kthread+0x337/0x6f0 [ 140.854517] ? trace_preempt_on+0x20/0xc0 [ 140.854705] ? __pfx_kthread+0x10/0x10 [ 140.854879] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.855373] ? calculate_sigpending+0x7b/0xa0 [ 140.855591] ? __pfx_kthread+0x10/0x10 [ 140.855747] ret_from_fork+0x116/0x1d0 [ 140.856180] ? __pfx_kthread+0x10/0x10 [ 140.856353] ret_from_fork_asm+0x1a/0x30 [ 140.856885] </TASK> [ 140.856986] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.712002] WARNING: CPU: 0 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 140.712793] Modules linked in: [ 140.713004] CPU: 0 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 140.713712] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.713957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.714476] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 140.714856] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 140.715708] RSP: 0000:ffff888109f87b30 EFLAGS: 00010246 [ 140.716259] RAX: dffffc0000000000 RBX: ffff888109f87c28 RCX: 0000000000000000 [ 140.716477] RDX: 1ffff110213f0f8e RSI: ffff888109f87c28 RDI: ffff888109f87c70 [ 140.716682] RBP: ffff888109f87b70 R08: ffff888109dea000 R09: ffffffff8cfd7980 [ 140.716885] R10: 0000000000000003 R11: 00000000478c721b R12: ffff888109dea000 [ 140.717261] R13: ffff88810039fae8 R14: ffff888109f87ba8 R15: 0000000000000000 [ 140.717741] FS: 0000000000000000(0000) GS:ffff8881cc074000(0000) knlGS:0000000000000000 [ 140.718403] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.718870] CR2: 00007ffff7ffe000 CR3: 00000001208bc000 CR4: 00000000000006f0 [ 140.719388] DR0: ffffffff8f050440 DR1: ffffffff8f050441 DR2: ffffffff8f050442 [ 140.719765] DR3: ffffffff8f050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.719980] Call Trace: [ 140.720454] <TASK> [ 140.720606] ? add_dr+0xc1/0x1d0 [ 140.720864] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.721397] ? add_dr+0x148/0x1d0 [ 140.721573] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.721857] ? __drmm_add_action+0x1a4/0x280 [ 140.722052] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.722631] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.722909] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.723217] ? __schedule+0x10cc/0x2b60 [ 140.723678] ? __pfx_read_tsc+0x10/0x10 [ 140.723911] ? ktime_get_ts64+0x86/0x230 [ 140.724297] kunit_try_run_case+0x1a5/0x480 [ 140.724727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.725001] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.725245] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.725652] ? __kthread_parkme+0x82/0x180 [ 140.725841] ? preempt_count_sub+0x50/0x80 [ 140.726167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.726470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.726783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.727051] kthread+0x337/0x6f0 [ 140.727310] ? trace_preempt_on+0x20/0xc0 [ 140.727765] ? __pfx_kthread+0x10/0x10 [ 140.728051] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.728240] ? calculate_sigpending+0x7b/0xa0 [ 140.729369] ? __pfx_kthread+0x10/0x10 [ 140.729539] ret_from_fork+0x116/0x1d0 [ 140.729736] ? __pfx_kthread+0x10/0x10 [ 140.730043] ret_from_fork_asm+0x1a/0x30 [ 140.730398] </TASK> [ 140.730576] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 140.672586] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 140.672713] WARNING: CPU: 0 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.673541] Modules linked in: [ 140.673884] CPU: 0 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 140.674841] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.675153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.675684] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.676005] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 cb 3e 87 00 48 c7 c1 40 29 fd 8c 4c 89 fa 48 c7 c7 a0 29 fd 8c 48 89 c6 e8 e2 e1 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.677051] RSP: 0000:ffff88810a147b68 EFLAGS: 00010282 [ 140.677392] RAX: 0000000000000000 RBX: ffff88810a147c40 RCX: 1ffffffff1ba4c80 [ 140.677691] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.677985] RBP: ffff88810a147b90 R08: 0000000000000000 R09: fffffbfff1ba4c80 [ 140.678804] R10: 0000000000000003 R11: 0000000000037b40 R12: ffff88810a147c18 [ 140.679018] R13: ffff888109d95000 R14: ffff888109de8000 R15: ffff88810113f280 [ 140.679715] FS: 0000000000000000(0000) GS:ffff8881cc074000(0000) knlGS:0000000000000000 [ 140.680663] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.681416] CR2: 00007ffff7ffe000 CR3: 00000001208bc000 CR4: 00000000000006f0 [ 140.681920] DR0: ffffffff8f050440 DR1: ffffffff8f050441 DR2: ffffffff8f050442 [ 140.682560] DR3: ffffffff8f050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.683340] Call Trace: [ 140.683535] <TASK> [ 140.683689] drm_test_framebuffer_free+0x1ab/0x610 [ 140.684188] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.684508] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.684690] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.684865] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.685035] ? __schedule+0x10cc/0x2b60 [ 140.685622] ? __pfx_read_tsc+0x10/0x10 [ 140.686345] ? ktime_get_ts64+0x86/0x230 [ 140.686792] kunit_try_run_case+0x1a5/0x480 [ 140.687344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.687803] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.688380] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.688712] ? __kthread_parkme+0x82/0x180 [ 140.688867] ? preempt_count_sub+0x50/0x80 [ 140.689017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.689284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.689720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.690119] kthread+0x337/0x6f0 [ 140.692106] ? trace_preempt_on+0x20/0xc0 [ 140.692356] ? __pfx_kthread+0x10/0x10 [ 140.692539] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.692754] ? calculate_sigpending+0x7b/0xa0 [ 140.692982] ? __pfx_kthread+0x10/0x10 [ 140.693184] ret_from_fork+0x116/0x1d0 [ 140.693547] ? __pfx_kthread+0x10/0x10 [ 140.693739] ret_from_fork_asm+0x1a/0x30 [ 140.693989] </TASK> [ 140.694227] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 139.464155] WARNING: CPU: 0 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.465610] Modules linked in: [ 139.466307] CPU: 0 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 139.466751] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.466934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.467429] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.467952] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.468804] RSP: 0000:ffff8881086efc90 EFLAGS: 00010246 [ 139.469373] RAX: dffffc0000000000 RBX: ffff888108a04000 RCX: 0000000000000000 [ 139.469971] RDX: 1ffff11021140832 RSI: ffffffff8a205658 RDI: ffff888108a04190 [ 139.470387] RBP: ffff8881086efca0 R08: 1ffff11020073f69 R09: ffffed10210ddf65 [ 139.470982] R10: 0000000000000003 R11: ffffffff89786fb8 R12: 0000000000000000 [ 139.471381] R13: ffff8881086efd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.471943] FS: 0000000000000000(0000) GS:ffff8881cc074000(0000) knlGS:0000000000000000 [ 139.472566] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.472819] CR2: 00007ffff7ffe000 CR3: 00000001208bc000 CR4: 00000000000006f0 [ 139.473032] DR0: ffffffff8f050440 DR1: ffffffff8f050441 DR2: ffffffff8f050442 [ 139.473891] DR3: ffffffff8f050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.474579] Call Trace: [ 139.474815] <TASK> [ 139.474921] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 139.475433] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 139.476138] ? __wake_up_klogd.part.0+0x50/0x80 [ 139.476423] ? ktime_get_ts64+0x7e/0x230 [ 139.476569] ? __pfx_read_tsc+0x10/0x10 [ 139.476711] ? ktime_get_ts64+0x86/0x230 [ 139.476854] kunit_try_run_case+0x1a5/0x480 [ 139.477008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.477502] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.477951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.478501] ? __kthread_parkme+0x82/0x180 [ 139.478879] ? preempt_count_sub+0x50/0x80 [ 139.479337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.479771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.480357] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.480717] kthread+0x337/0x6f0 [ 139.480846] ? trace_preempt_on+0x20/0xc0 [ 139.480996] ? __pfx_kthread+0x10/0x10 [ 139.481177] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.481498] ? calculate_sigpending+0x7b/0xa0 [ 139.481729] ? __pfx_kthread+0x10/0x10 [ 139.481923] ret_from_fork+0x116/0x1d0 [ 139.482150] ? __pfx_kthread+0x10/0x10 [ 139.482350] ret_from_fork_asm+0x1a/0x30 [ 139.482590] </TASK> [ 139.482716] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.383770] WARNING: CPU: 0 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.384374] Modules linked in: [ 139.384593] CPU: 0 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 139.385076] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.385377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.385841] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.386158] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.387193] RSP: 0000:ffff888103cb7c90 EFLAGS: 00010246 [ 139.387650] RAX: dffffc0000000000 RBX: ffff88810875e000 RCX: 0000000000000000 [ 139.387923] RDX: 1ffff110210ebc32 RSI: ffffffff8a205658 RDI: ffff88810875e190 [ 139.389322] RBP: ffff888103cb7ca0 R08: 1ffff11020073f69 R09: ffffed1020796f65 [ 139.389618] R10: 0000000000000003 R11: ffffffff89786fb8 R12: 0000000000000000 [ 139.389914] R13: ffff888103cb7d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.390732] FS: 0000000000000000(0000) GS:ffff8881cc074000(0000) knlGS:0000000000000000 [ 139.391324] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.391582] CR2: 00007ffff7ffe000 CR3: 00000001208bc000 CR4: 00000000000006f0 [ 139.391895] DR0: ffffffff8f050440 DR1: ffffffff8f050441 DR2: ffffffff8f050442 [ 139.392304] DR3: ffffffff8f050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.392924] Call Trace: [ 139.393271] <TASK> [ 139.393524] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 139.393901] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 139.394430] ? __schedule+0x10cc/0x2b60 [ 139.394693] ? __pfx_read_tsc+0x10/0x10 [ 139.394936] ? ktime_get_ts64+0x86/0x230 [ 139.395133] kunit_try_run_case+0x1a5/0x480 [ 139.395498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.395744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.396014] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.396384] ? __kthread_parkme+0x82/0x180 [ 139.396604] ? preempt_count_sub+0x50/0x80 [ 139.396767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.396993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.397649] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.397956] kthread+0x337/0x6f0 [ 139.398208] ? trace_preempt_on+0x20/0xc0 [ 139.398476] ? __pfx_kthread+0x10/0x10 [ 139.398675] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.398912] ? calculate_sigpending+0x7b/0xa0 [ 139.399167] ? __pfx_kthread+0x10/0x10 [ 139.399436] ret_from_fork+0x116/0x1d0 [ 139.399762] ? __pfx_kthread+0x10/0x10 [ 139.399946] ret_from_fork_asm+0x1a/0x30 [ 139.400334] </TASK> [ 139.400461] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 109.167643] WARNING: CPU: 1 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 109.167928] Modules linked in: [ 109.168081] CPU: 1 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 109.168404] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 109.168582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 109.168904] RIP: 0010:intlog10+0x2a/0x40 [ 109.169379] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 109.171405] RSP: 0000:ffff88810368fcb0 EFLAGS: 00010246 [ 109.171991] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110206d1fb4 [ 109.172713] RDX: 1ffffffff19d2bc4 RSI: 1ffff110206d1fb3 RDI: 0000000000000000 [ 109.173805] RBP: ffff88810368fd60 R08: 0000000000000000 R09: ffffed1020781f80 [ 109.174565] R10: ffff888103c0fc07 R11: 0000000000000000 R12: 1ffff110206d1f97 [ 109.175421] R13: ffffffff8ce95e20 R14: 0000000000000000 R15: ffff88810368fd38 [ 109.176309] FS: 0000000000000000(0000) GS:ffff8881cc174000(0000) knlGS:0000000000000000 [ 109.176999] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.177477] CR2: ffff88815a912000 CR3: 00000001208bc000 CR4: 00000000000006f0 [ 109.177947] DR0: ffffffff8f050440 DR1: ffffffff8f050441 DR2: ffffffff8f050443 [ 109.178624] DR3: ffffffff8f050445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 109.179148] Call Trace: [ 109.179572] <TASK> [ 109.179752] ? intlog10_test+0xf2/0x220 [ 109.180115] ? __pfx_intlog10_test+0x10/0x10 [ 109.180547] ? __schedule+0x10cc/0x2b60 [ 109.180695] ? __pfx_read_tsc+0x10/0x10 [ 109.180858] ? ktime_get_ts64+0x86/0x230 [ 109.181251] kunit_try_run_case+0x1a5/0x480 [ 109.181694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.182246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 109.182686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 109.183184] ? __kthread_parkme+0x82/0x180 [ 109.183701] ? preempt_count_sub+0x50/0x80 [ 109.183883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.184152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 109.184652] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 109.185291] kthread+0x337/0x6f0 [ 109.185632] ? trace_preempt_on+0x20/0xc0 [ 109.186015] ? __pfx_kthread+0x10/0x10 [ 109.186346] ? _raw_spin_unlock_irq+0x47/0x80 [ 109.186769] ? calculate_sigpending+0x7b/0xa0 [ 109.186938] ? __pfx_kthread+0x10/0x10 [ 109.187229] ret_from_fork+0x116/0x1d0 [ 109.187778] ? __pfx_kthread+0x10/0x10 [ 109.188012] ret_from_fork_asm+0x1a/0x30 [ 109.188217] </TASK> [ 109.188341] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 109.131672] WARNING: CPU: 0 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 109.132079] Modules linked in: [ 109.132590] CPU: 0 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 109.133256] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 109.133443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 109.133883] RIP: 0010:intlog2+0xdf/0x110 [ 109.134288] Code: e9 8c c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 12 9c 86 02 90 <0f> 0b 90 31 c0 e9 07 9c 86 02 89 45 e4 e8 0f 00 56 ff 8b 45 e4 eb [ 109.134997] RSP: 0000:ffff88810375fcb0 EFLAGS: 00010246 [ 109.135583] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110206ebfb4 [ 109.136029] RDX: 1ffffffff19d2c18 RSI: 1ffff110206ebfb3 RDI: 0000000000000000 [ 109.136482] RBP: ffff88810375fd60 R08: 0000000000000000 R09: ffffed1020781e40 [ 109.136774] R10: ffff888103c0f207 R11: 0000000000000000 R12: 1ffff110206ebf97 [ 109.137306] R13: ffffffff8ce960c0 R14: 0000000000000000 R15: ffff88810375fd38 [ 109.137717] FS: 0000000000000000(0000) GS:ffff8881cc074000(0000) knlGS:0000000000000000 [ 109.138301] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.138683] CR2: dffffc0000000000 CR3: 00000001208bc000 CR4: 00000000000006f0 [ 109.139155] DR0: ffffffff8f050440 DR1: ffffffff8f050441 DR2: ffffffff8f050442 [ 109.139580] DR3: ffffffff8f050443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 109.140014] Call Trace: [ 109.140352] <TASK> [ 109.140639] ? intlog2_test+0xf2/0x220 [ 109.140858] ? __pfx_intlog2_test+0x10/0x10 [ 109.141256] ? __schedule+0x10cc/0x2b60 [ 109.141571] ? __pfx_read_tsc+0x10/0x10 [ 109.141881] ? ktime_get_ts64+0x86/0x230 [ 109.142293] kunit_try_run_case+0x1a5/0x480 [ 109.142630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.142864] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 109.143287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 109.143646] ? __kthread_parkme+0x82/0x180 [ 109.144023] ? preempt_count_sub+0x50/0x80 [ 109.144383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.144752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 109.145267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 109.145669] kthread+0x337/0x6f0 [ 109.145852] ? trace_preempt_on+0x20/0xc0 [ 109.146240] ? __pfx_kthread+0x10/0x10 [ 109.146544] ? _raw_spin_unlock_irq+0x47/0x80 [ 109.146865] ? calculate_sigpending+0x7b/0xa0 [ 109.147306] ? __pfx_kthread+0x10/0x10 [ 109.147511] ret_from_fork+0x116/0x1d0 [ 109.147888] ? __pfx_kthread+0x10/0x10 [ 109.148243] ret_from_fork_asm+0x1a/0x30 [ 109.148563] </TASK> [ 109.148827] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 108.598084] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI