Date
July 1, 2025, 3:08 p.m.
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.775809] ================================================================== [ 49.776240] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 49.776240] [ 49.776699] Use-after-free read at 0x(____ptrval____) (in kfence-#150): [ 49.776944] test_krealloc+0x6fc/0xbe0 [ 49.777162] kunit_try_run_case+0x1a5/0x480 [ 49.777395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.777620] kthread+0x337/0x6f0 [ 49.777875] ret_from_fork+0x116/0x1d0 [ 49.778099] ret_from_fork_asm+0x1a/0x30 [ 49.778321] [ 49.778428] kfence-#150: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.778428] [ 49.778796] allocated by task 354 on cpu 1 at 49.775020s (0.003774s ago): [ 49.779118] test_alloc+0x364/0x10f0 [ 49.779328] test_krealloc+0xad/0xbe0 [ 49.779459] kunit_try_run_case+0x1a5/0x480 [ 49.779603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.780034] kthread+0x337/0x6f0 [ 49.780209] ret_from_fork+0x116/0x1d0 [ 49.780369] ret_from_fork_asm+0x1a/0x30 [ 49.780582] [ 49.780699] freed by task 354 on cpu 1 at 49.775320s (0.005376s ago): [ 49.781002] krealloc_noprof+0x108/0x340 [ 49.781529] test_krealloc+0x226/0xbe0 [ 49.781750] kunit_try_run_case+0x1a5/0x480 [ 49.782360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.782797] kthread+0x337/0x6f0 [ 49.783080] ret_from_fork+0x116/0x1d0 [ 49.783233] ret_from_fork_asm+0x1a/0x30 [ 49.783431] [ 49.783564] CPU: 1 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 49.784005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.784200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.784549] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 17.951342] ================================================================== [ 17.951891] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 17.951891] [ 17.952232] Invalid free of 0x(____ptrval____) (in kfence-#81): [ 17.952530] test_double_free+0x1d3/0x260 [ 17.952768] kunit_try_run_case+0x1a5/0x480 [ 17.952923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.953174] kthread+0x337/0x6f0 [ 17.953351] ret_from_fork+0x116/0x1d0 [ 17.953548] ret_from_fork_asm+0x1a/0x30 [ 17.953703] [ 17.953836] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.953836] [ 17.954215] allocated by task 320 on cpu 1 at 17.951091s (0.003121s ago): [ 17.954516] test_alloc+0x364/0x10f0 [ 17.954668] test_double_free+0xdb/0x260 [ 17.954888] kunit_try_run_case+0x1a5/0x480 [ 17.955103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.955280] kthread+0x337/0x6f0 [ 17.955429] ret_from_fork+0x116/0x1d0 [ 17.955626] ret_from_fork_asm+0x1a/0x30 [ 17.955857] [ 17.955968] freed by task 320 on cpu 1 at 17.951145s (0.004820s ago): [ 17.956201] test_double_free+0x1e0/0x260 [ 17.956390] kunit_try_run_case+0x1a5/0x480 [ 17.956611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.956905] kthread+0x337/0x6f0 [ 17.957091] ret_from_fork+0x116/0x1d0 [ 17.957277] ret_from_fork_asm+0x1a/0x30 [ 17.957486] [ 17.957620] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.958099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.958290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.958713] ================================================================== [ 18.055204] ================================================================== [ 18.055603] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.055603] [ 18.055936] Invalid free of 0x(____ptrval____) (in kfence-#82): [ 18.056244] test_double_free+0x112/0x260 [ 18.056419] kunit_try_run_case+0x1a5/0x480 [ 18.056654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.056869] kthread+0x337/0x6f0 [ 18.056998] ret_from_fork+0x116/0x1d0 [ 18.057184] ret_from_fork_asm+0x1a/0x30 [ 18.057393] [ 18.057496] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.057496] [ 18.058016] allocated by task 322 on cpu 1 at 18.055039s (0.002975s ago): [ 18.058309] test_alloc+0x2a6/0x10f0 [ 18.058443] test_double_free+0xdb/0x260 [ 18.058594] kunit_try_run_case+0x1a5/0x480 [ 18.058806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.059060] kthread+0x337/0x6f0 [ 18.059244] ret_from_fork+0x116/0x1d0 [ 18.059414] ret_from_fork_asm+0x1a/0x30 [ 18.059615] [ 18.059730] freed by task 322 on cpu 1 at 18.055090s (0.004637s ago): [ 18.059964] test_double_free+0xfa/0x260 [ 18.060118] kunit_try_run_case+0x1a5/0x480 [ 18.060335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.060596] kthread+0x337/0x6f0 [ 18.060773] ret_from_fork+0x116/0x1d0 [ 18.060908] ret_from_fork_asm+0x1a/0x30 [ 18.061070] [ 18.061198] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.061676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.061907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.062254] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.694807] ================================================================== [ 49.695247] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.695247] [ 49.695633] Use-after-free read at 0x(____ptrval____) (in kfence-#149): [ 49.696019] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.696238] kunit_try_run_case+0x1a5/0x480 [ 49.696450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.697316] kthread+0x337/0x6f0 [ 49.697501] ret_from_fork+0x116/0x1d0 [ 49.697651] ret_from_fork_asm+0x1a/0x30 [ 49.698040] [ 49.698151] kfence-#149: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 49.698151] [ 49.698647] allocated by task 352 on cpu 0 at 49.670895s (0.027749s ago): [ 49.699072] test_alloc+0x2a6/0x10f0 [ 49.699248] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 49.699461] kunit_try_run_case+0x1a5/0x480 [ 49.699936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.700194] kthread+0x337/0x6f0 [ 49.700354] ret_from_fork+0x116/0x1d0 [ 49.700678] ret_from_fork_asm+0x1a/0x30 [ 49.700944] [ 49.701040] freed by task 352 on cpu 0 at 49.671004s (0.030033s ago): [ 49.701469] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 49.701733] kunit_try_run_case+0x1a5/0x480 [ 49.701994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.702239] kthread+0x337/0x6f0 [ 49.702394] ret_from_fork+0x116/0x1d0 [ 49.702567] ret_from_fork_asm+0x1a/0x30 [ 49.702752] [ 49.703129] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 49.703625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.703810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.704319] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 24.832719] ================================================================== [ 24.833275] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 24.833275] [ 24.833707] Invalid read at 0x(____ptrval____): [ 24.834633] test_invalid_access+0xf0/0x210 [ 24.835053] kunit_try_run_case+0x1a5/0x480 [ 24.835386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.835823] kthread+0x337/0x6f0 [ 24.835999] ret_from_fork+0x116/0x1d0 [ 24.836223] ret_from_fork_asm+0x1a/0x30 [ 24.836440] [ 24.836588] CPU: 1 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 24.837092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.837265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.837607] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 24.607297] ================================================================== [ 24.607756] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.607756] [ 24.608189] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#145): [ 24.608825] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.609100] kunit_try_run_case+0x1a5/0x480 [ 24.609322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.609601] kthread+0x337/0x6f0 [ 24.609773] ret_from_fork+0x116/0x1d0 [ 24.609980] ret_from_fork_asm+0x1a/0x30 [ 24.610196] [ 24.610287] kfence-#145: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.610287] [ 24.610648] allocated by task 342 on cpu 0 at 24.606983s (0.003655s ago): [ 24.610976] test_alloc+0x364/0x10f0 [ 24.611178] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 24.611403] kunit_try_run_case+0x1a5/0x480 [ 24.611645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.611854] kthread+0x337/0x6f0 [ 24.612054] ret_from_fork+0x116/0x1d0 [ 24.612259] ret_from_fork_asm+0x1a/0x30 [ 24.612425] [ 24.612542] freed by task 342 on cpu 0 at 24.607157s (0.005382s ago): [ 24.612913] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.613138] kunit_try_run_case+0x1a5/0x480 [ 24.613307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.613575] kthread+0x337/0x6f0 [ 24.613771] ret_from_fork+0x116/0x1d0 [ 24.614003] ret_from_fork_asm+0x1a/0x30 [ 24.614231] [ 24.614360] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 24.614825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.615033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.615351] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.879289] ================================================================== [ 23.879726] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.879726] [ 23.880131] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#138): [ 23.880469] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.881147] kunit_try_run_case+0x1a5/0x480 [ 23.881374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.881601] kthread+0x337/0x6f0 [ 23.882012] ret_from_fork+0x116/0x1d0 [ 23.882293] ret_from_fork_asm+0x1a/0x30 [ 23.882468] [ 23.882788] kfence-#138: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.882788] [ 23.883221] allocated by task 340 on cpu 1 at 23.879056s (0.004163s ago): [ 23.883539] test_alloc+0x364/0x10f0 [ 23.883927] test_kmalloc_aligned_oob_read+0x105/0x560 [ 23.884246] kunit_try_run_case+0x1a5/0x480 [ 23.884422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.884848] kthread+0x337/0x6f0 [ 23.885111] ret_from_fork+0x116/0x1d0 [ 23.885272] ret_from_fork_asm+0x1a/0x30 [ 23.885578] [ 23.885691] CPU: 1 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 23.886291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.886484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.886955] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 18.783143] ================================================================== [ 18.783536] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 18.783536] [ 18.783924] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#89): [ 18.784505] test_corruption+0x131/0x3e0 [ 18.784694] kunit_try_run_case+0x1a5/0x480 [ 18.784915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.785182] kthread+0x337/0x6f0 [ 18.785348] ret_from_fork+0x116/0x1d0 [ 18.785529] ret_from_fork_asm+0x1a/0x30 [ 18.785743] [ 18.785835] kfence-#89: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.785835] [ 18.786203] allocated by task 330 on cpu 0 at 18.782994s (0.003206s ago): [ 18.786424] test_alloc+0x2a6/0x10f0 [ 18.786608] test_corruption+0xe6/0x3e0 [ 18.786800] kunit_try_run_case+0x1a5/0x480 [ 18.787008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.787230] kthread+0x337/0x6f0 [ 18.787355] ret_from_fork+0x116/0x1d0 [ 18.787544] ret_from_fork_asm+0x1a/0x30 [ 18.787861] [ 18.787960] freed by task 330 on cpu 0 at 18.783069s (0.004889s ago): [ 18.788240] test_corruption+0x131/0x3e0 [ 18.788433] kunit_try_run_case+0x1a5/0x480 [ 18.788597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.788973] kthread+0x337/0x6f0 [ 18.789104] ret_from_fork+0x116/0x1d0 [ 18.789298] ret_from_fork_asm+0x1a/0x30 [ 18.789459] [ 18.789564] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.789957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.790168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.790534] ================================================================== [ 18.575271] ================================================================== [ 18.575703] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.575703] [ 18.576095] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#87): [ 18.576871] test_corruption+0x2d2/0x3e0 [ 18.577070] kunit_try_run_case+0x1a5/0x480 [ 18.577230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.577492] kthread+0x337/0x6f0 [ 18.577669] ret_from_fork+0x116/0x1d0 [ 18.577947] ret_from_fork_asm+0x1a/0x30 [ 18.578145] [ 18.578247] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.578247] [ 18.578636] allocated by task 328 on cpu 1 at 18.574996s (0.003638s ago): [ 18.578894] test_alloc+0x364/0x10f0 [ 18.579082] test_corruption+0xe6/0x3e0 [ 18.579281] kunit_try_run_case+0x1a5/0x480 [ 18.579487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.579665] kthread+0x337/0x6f0 [ 18.579847] ret_from_fork+0x116/0x1d0 [ 18.580136] ret_from_fork_asm+0x1a/0x30 [ 18.580314] [ 18.580390] freed by task 328 on cpu 1 at 18.575110s (0.005277s ago): [ 18.580651] test_corruption+0x2d2/0x3e0 [ 18.580854] kunit_try_run_case+0x1a5/0x480 [ 18.581077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.581305] kthread+0x337/0x6f0 [ 18.581434] ret_from_fork+0x116/0x1d0 [ 18.581628] ret_from_fork_asm+0x1a/0x30 [ 18.581815] [ 18.581944] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.582290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.582447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.582893] ================================================================== [ 18.679340] ================================================================== [ 18.679740] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 18.679740] [ 18.680048] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#88): [ 18.680452] test_corruption+0x2df/0x3e0 [ 18.680662] kunit_try_run_case+0x1a5/0x480 [ 18.680930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.681158] kthread+0x337/0x6f0 [ 18.681292] ret_from_fork+0x116/0x1d0 [ 18.681438] ret_from_fork_asm+0x1a/0x30 [ 18.681648] [ 18.681751] kfence-#88: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.681751] [ 18.682198] allocated by task 328 on cpu 1 at 18.679092s (0.003104s ago): [ 18.682535] test_alloc+0x364/0x10f0 [ 18.682704] test_corruption+0x1cb/0x3e0 [ 18.682845] kunit_try_run_case+0x1a5/0x480 [ 18.683219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.683436] kthread+0x337/0x6f0 [ 18.683559] ret_from_fork+0x116/0x1d0 [ 18.683742] ret_from_fork_asm+0x1a/0x30 [ 18.684039] [ 18.684146] freed by task 328 on cpu 1 at 18.679189s (0.004955s ago): [ 18.684362] test_corruption+0x2df/0x3e0 [ 18.684547] kunit_try_run_case+0x1a5/0x480 [ 18.684755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.685030] kthread+0x337/0x6f0 [ 18.685152] ret_from_fork+0x116/0x1d0 [ 18.685282] ret_from_fork_asm+0x1a/0x30 [ 18.685511] [ 18.685635] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.686136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.686348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.686784] ================================================================== [ 19.199060] ================================================================== [ 19.199451] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.199451] [ 19.199722] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#93): [ 19.200137] test_corruption+0x216/0x3e0 [ 19.200354] kunit_try_run_case+0x1a5/0x480 [ 19.200580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.200824] kthread+0x337/0x6f0 [ 19.200954] ret_from_fork+0x116/0x1d0 [ 19.201162] ret_from_fork_asm+0x1a/0x30 [ 19.201364] [ 19.201465] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.201465] [ 19.201856] allocated by task 330 on cpu 0 at 19.198909s (0.002945s ago): [ 19.202151] test_alloc+0x2a6/0x10f0 [ 19.202293] test_corruption+0x1cb/0x3e0 [ 19.202497] kunit_try_run_case+0x1a5/0x480 [ 19.202712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.202904] kthread+0x337/0x6f0 [ 19.203040] ret_from_fork+0x116/0x1d0 [ 19.203174] ret_from_fork_asm+0x1a/0x30 [ 19.203376] [ 19.203472] freed by task 330 on cpu 0 at 19.198970s (0.004500s ago): [ 19.203779] test_corruption+0x216/0x3e0 [ 19.203948] kunit_try_run_case+0x1a5/0x480 [ 19.204110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.204507] kthread+0x337/0x6f0 [ 19.204699] ret_from_fork+0x116/0x1d0 [ 19.204901] ret_from_fork_asm+0x1a/0x30 [ 19.205100] [ 19.205207] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 19.205620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.205760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.206125] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.263174] ================================================================== [ 18.263555] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.263555] [ 18.263894] Invalid free of 0x(____ptrval____) (in kfence-#84): [ 18.264203] test_invalid_addr_free+0xfb/0x260 [ 18.264409] kunit_try_run_case+0x1a5/0x480 [ 18.264564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.265050] kthread+0x337/0x6f0 [ 18.265221] ret_from_fork+0x116/0x1d0 [ 18.265359] ret_from_fork_asm+0x1a/0x30 [ 18.265529] [ 18.265630] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.265630] [ 18.266101] allocated by task 326 on cpu 0 at 18.263045s (0.003055s ago): [ 18.266395] test_alloc+0x2a6/0x10f0 [ 18.266548] test_invalid_addr_free+0xdb/0x260 [ 18.266765] kunit_try_run_case+0x1a5/0x480 [ 18.266993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.267228] kthread+0x337/0x6f0 [ 18.267351] ret_from_fork+0x116/0x1d0 [ 18.267484] ret_from_fork_asm+0x1a/0x30 [ 18.267723] [ 18.267851] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.268350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.268545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.268828] ================================================================== [ 18.159169] ================================================================== [ 18.159625] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.159625] [ 18.160047] Invalid free of 0x(____ptrval____) (in kfence-#83): [ 18.160335] test_invalid_addr_free+0x1e1/0x260 [ 18.160522] kunit_try_run_case+0x1a5/0x480 [ 18.160771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.160961] kthread+0x337/0x6f0 [ 18.161153] ret_from_fork+0x116/0x1d0 [ 18.161316] ret_from_fork_asm+0x1a/0x30 [ 18.161454] [ 18.161579] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.161579] [ 18.162241] allocated by task 324 on cpu 0 at 18.159033s (0.003205s ago): [ 18.162554] test_alloc+0x364/0x10f0 [ 18.162756] test_invalid_addr_free+0xdb/0x260 [ 18.162966] kunit_try_run_case+0x1a5/0x480 [ 18.163211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.163377] kthread+0x337/0x6f0 [ 18.163727] ret_from_fork+0x116/0x1d0 [ 18.163926] ret_from_fork_asm+0x1a/0x30 [ 18.164144] [ 18.164271] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 18.164735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.164926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.165231] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.639243] ================================================================== [ 17.639658] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.639658] [ 17.640035] Use-after-free read at 0x(____ptrval____) (in kfence-#78): [ 17.640324] test_use_after_free_read+0x129/0x270 [ 17.640494] kunit_try_run_case+0x1a5/0x480 [ 17.640716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.640985] kthread+0x337/0x6f0 [ 17.641194] ret_from_fork+0x116/0x1d0 [ 17.641367] ret_from_fork_asm+0x1a/0x30 [ 17.641566] [ 17.641656] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.641656] [ 17.642016] allocated by task 314 on cpu 0 at 17.639071s (0.002943s ago): [ 17.642315] test_alloc+0x2a6/0x10f0 [ 17.642482] test_use_after_free_read+0xdc/0x270 [ 17.642740] kunit_try_run_case+0x1a5/0x480 [ 17.642888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.643076] kthread+0x337/0x6f0 [ 17.643222] ret_from_fork+0x116/0x1d0 [ 17.643409] ret_from_fork_asm+0x1a/0x30 [ 17.643603] [ 17.643716] freed by task 314 on cpu 0 at 17.639133s (0.004581s ago): [ 17.644055] test_use_after_free_read+0xfb/0x270 [ 17.644257] kunit_try_run_case+0x1a5/0x480 [ 17.644405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.644601] kthread+0x337/0x6f0 [ 17.644852] ret_from_fork+0x116/0x1d0 [ 17.645055] ret_from_fork_asm+0x1a/0x30 [ 17.645253] [ 17.645381] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.645827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.645993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.646336] ================================================================== [ 17.535239] ================================================================== [ 17.535697] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.535697] [ 17.536178] Use-after-free read at 0x(____ptrval____) (in kfence-#77): [ 17.536771] test_use_after_free_read+0x129/0x270 [ 17.537175] kunit_try_run_case+0x1a5/0x480 [ 17.537512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.537803] kthread+0x337/0x6f0 [ 17.537939] ret_from_fork+0x116/0x1d0 [ 17.538094] ret_from_fork_asm+0x1a/0x30 [ 17.538243] [ 17.538320] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.538320] [ 17.538606] allocated by task 312 on cpu 1 at 17.535010s (0.003594s ago): [ 17.539463] test_alloc+0x364/0x10f0 [ 17.539732] test_use_after_free_read+0xdc/0x270 [ 17.540040] kunit_try_run_case+0x1a5/0x480 [ 17.540327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.540630] kthread+0x337/0x6f0 [ 17.540787] ret_from_fork+0x116/0x1d0 [ 17.541098] ret_from_fork_asm+0x1a/0x30 [ 17.541378] [ 17.541744] freed by task 312 on cpu 1 at 17.535082s (0.006497s ago): [ 17.542098] test_use_after_free_read+0x1e7/0x270 [ 17.542312] kunit_try_run_case+0x1a5/0x480 [ 17.542509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.542909] kthread+0x337/0x6f0 [ 17.543098] ret_from_fork+0x116/0x1d0 [ 17.543389] ret_from_fork_asm+0x1a/0x30 [ 17.543685] [ 17.543797] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.544405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.544702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.545144] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 16.911103] ================================================================== [ 16.911508] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.911508] [ 16.912001] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#71): [ 16.912337] test_out_of_bounds_write+0x10d/0x260 [ 16.912542] kunit_try_run_case+0x1a5/0x480 [ 16.912889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.913140] kthread+0x337/0x6f0 [ 16.913331] ret_from_fork+0x116/0x1d0 [ 16.913524] ret_from_fork_asm+0x1a/0x30 [ 16.913793] [ 16.913930] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.913930] [ 16.914218] allocated by task 308 on cpu 1 at 16.910975s (0.003241s ago): [ 16.914577] test_alloc+0x364/0x10f0 [ 16.914819] test_out_of_bounds_write+0xd4/0x260 [ 16.915056] kunit_try_run_case+0x1a5/0x480 [ 16.915254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.915529] kthread+0x337/0x6f0 [ 16.915695] ret_from_fork+0x116/0x1d0 [ 16.915886] ret_from_fork_asm+0x1a/0x30 [ 16.916111] [ 16.916238] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.916693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.916908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.917354] ================================================================== [ 17.431088] ================================================================== [ 17.431513] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.431513] [ 17.431944] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#76): [ 17.432306] test_out_of_bounds_write+0x10d/0x260 [ 17.432536] kunit_try_run_case+0x1a5/0x480 [ 17.432771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.432998] kthread+0x337/0x6f0 [ 17.433152] ret_from_fork+0x116/0x1d0 [ 17.433348] ret_from_fork_asm+0x1a/0x30 [ 17.433527] [ 17.433629] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.433629] [ 17.433928] allocated by task 310 on cpu 1 at 17.431010s (0.002916s ago): [ 17.434275] test_alloc+0x2a6/0x10f0 [ 17.434466] test_out_of_bounds_write+0xd4/0x260 [ 17.434721] kunit_try_run_case+0x1a5/0x480 [ 17.434876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.435061] kthread+0x337/0x6f0 [ 17.435237] ret_from_fork+0x116/0x1d0 [ 17.435429] ret_from_fork_asm+0x1a/0x30 [ 17.435626] [ 17.435724] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 17.436385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.436594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.436982] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.079183] ================================================================== [ 16.079592] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.079592] [ 16.080006] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#63): [ 16.080372] test_out_of_bounds_read+0x216/0x4e0 [ 16.080574] kunit_try_run_case+0x1a5/0x480 [ 16.080807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.080995] kthread+0x337/0x6f0 [ 16.081175] ret_from_fork+0x116/0x1d0 [ 16.081372] ret_from_fork_asm+0x1a/0x30 [ 16.081580] [ 16.081687] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.081687] [ 16.082044] allocated by task 304 on cpu 0 at 16.078961s (0.003081s ago): [ 16.082342] test_alloc+0x364/0x10f0 [ 16.082475] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.082695] kunit_try_run_case+0x1a5/0x480 [ 16.082930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.083145] kthread+0x337/0x6f0 [ 16.083274] ret_from_fork+0x116/0x1d0 [ 16.083410] ret_from_fork_asm+0x1a/0x30 [ 16.083608] [ 16.083809] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.084312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.084522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.084845] ================================================================== [ 16.287056] ================================================================== [ 16.287459] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.287459] [ 16.288036] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#65): [ 16.288355] test_out_of_bounds_read+0x126/0x4e0 [ 16.288521] kunit_try_run_case+0x1a5/0x480 [ 16.288765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.289150] kthread+0x337/0x6f0 [ 16.289343] ret_from_fork+0x116/0x1d0 [ 16.289516] ret_from_fork_asm+0x1a/0x30 [ 16.289656] [ 16.289733] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.289733] [ 16.290189] allocated by task 306 on cpu 1 at 16.286978s (0.003208s ago): [ 16.290576] test_alloc+0x2a6/0x10f0 [ 16.290803] test_out_of_bounds_read+0xed/0x4e0 [ 16.291028] kunit_try_run_case+0x1a5/0x480 [ 16.291175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.291470] kthread+0x337/0x6f0 [ 16.291642] ret_from_fork+0x116/0x1d0 [ 16.291854] ret_from_fork_asm+0x1a/0x30 [ 16.292086] [ 16.292219] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.292643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.292836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.293269] ================================================================== [ 16.807061] ================================================================== [ 16.807460] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.807460] [ 16.807963] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#70): [ 16.808261] test_out_of_bounds_read+0x216/0x4e0 [ 16.808504] kunit_try_run_case+0x1a5/0x480 [ 16.808741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.808920] kthread+0x337/0x6f0 [ 16.809060] ret_from_fork+0x116/0x1d0 [ 16.809256] ret_from_fork_asm+0x1a/0x30 [ 16.809464] [ 16.809567] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.809567] [ 16.810098] allocated by task 306 on cpu 1 at 16.806986s (0.003109s ago): [ 16.810335] test_alloc+0x2a6/0x10f0 [ 16.810480] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.810698] kunit_try_run_case+0x1a5/0x480 [ 16.810903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.811182] kthread+0x337/0x6f0 [ 16.811355] ret_from_fork+0x116/0x1d0 [ 16.811505] ret_from_fork_asm+0x1a/0x30 [ 16.811751] [ 16.811851] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 16.812300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.812490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.812881] ================================================================== [ 15.872050] ================================================================== [ 15.872521] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.872521] [ 15.873015] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#61): [ 15.873463] test_out_of_bounds_read+0x126/0x4e0 [ 15.873708] kunit_try_run_case+0x1a5/0x480 [ 15.873909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.874169] kthread+0x337/0x6f0 [ 15.874355] ret_from_fork+0x116/0x1d0 [ 15.874536] ret_from_fork_asm+0x1a/0x30 [ 15.874759] [ 15.874997] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.874997] [ 15.875510] allocated by task 304 on cpu 0 at 15.870971s (0.004482s ago): [ 15.876098] test_alloc+0x364/0x10f0 [ 15.876326] test_out_of_bounds_read+0xed/0x4e0 [ 15.876556] kunit_try_run_case+0x1a5/0x480 [ 15.876805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.876999] kthread+0x337/0x6f0 [ 15.877190] ret_from_fork+0x116/0x1d0 [ 15.877374] ret_from_fork_asm+0x1a/0x30 [ 15.877616] [ 15.877770] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.878202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.878402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.878727] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 15.582845] ================================================================== [ 15.583237] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 15.583747] Write of size 121 at addr ffff8881027e1800 by task kunit_try_catch/302 [ 15.583982] [ 15.584086] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.584131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.584149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.584173] Call Trace: [ 15.584192] <TASK> [ 15.584211] dump_stack_lvl+0x73/0xb0 [ 15.584240] print_report+0xd1/0x650 [ 15.584263] ? __virt_addr_valid+0x1db/0x2d0 [ 15.584287] ? strncpy_from_user+0x2e/0x1d0 [ 15.584311] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.584335] ? strncpy_from_user+0x2e/0x1d0 [ 15.584359] kasan_report+0x141/0x180 [ 15.584381] ? strncpy_from_user+0x2e/0x1d0 [ 15.584409] kasan_check_range+0x10c/0x1c0 [ 15.584467] __kasan_check_write+0x18/0x20 [ 15.584488] strncpy_from_user+0x2e/0x1d0 [ 15.584542] copy_user_test_oob+0x760/0x10f0 [ 15.584569] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.584607] ? finish_task_switch.isra.0+0x153/0x700 [ 15.584631] ? __switch_to+0x47/0xf50 [ 15.584672] ? __schedule+0x10cc/0x2b60 [ 15.584709] ? __pfx_read_tsc+0x10/0x10 [ 15.584743] ? ktime_get_ts64+0x86/0x230 [ 15.584801] kunit_try_run_case+0x1a5/0x480 [ 15.584825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.584860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.584884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.584908] ? __kthread_parkme+0x82/0x180 [ 15.584928] ? preempt_count_sub+0x50/0x80 [ 15.584951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.584976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.584999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.585032] kthread+0x337/0x6f0 [ 15.585051] ? trace_preempt_on+0x20/0xc0 [ 15.585076] ? __pfx_kthread+0x10/0x10 [ 15.585098] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.585119] ? calculate_sigpending+0x7b/0xa0 [ 15.585144] ? __pfx_kthread+0x10/0x10 [ 15.585166] ret_from_fork+0x116/0x1d0 [ 15.585184] ? __pfx_kthread+0x10/0x10 [ 15.585206] ret_from_fork_asm+0x1a/0x30 [ 15.585236] </TASK> [ 15.585248] [ 15.593840] Allocated by task 302: [ 15.593986] kasan_save_stack+0x45/0x70 [ 15.594152] kasan_save_track+0x18/0x40 [ 15.594429] kasan_save_alloc_info+0x3b/0x50 [ 15.594708] __kasan_kmalloc+0xb7/0xc0 [ 15.594916] __kmalloc_noprof+0x1c9/0x500 [ 15.595157] kunit_kmalloc_array+0x25/0x60 [ 15.595450] copy_user_test_oob+0xab/0x10f0 [ 15.595792] kunit_try_run_case+0x1a5/0x480 [ 15.596048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.596270] kthread+0x337/0x6f0 [ 15.596390] ret_from_fork+0x116/0x1d0 [ 15.596559] ret_from_fork_asm+0x1a/0x30 [ 15.596886] [ 15.597039] The buggy address belongs to the object at ffff8881027e1800 [ 15.597039] which belongs to the cache kmalloc-128 of size 128 [ 15.597565] The buggy address is located 0 bytes inside of [ 15.597565] allocated 120-byte region [ffff8881027e1800, ffff8881027e1878) [ 15.598134] [ 15.598244] The buggy address belongs to the physical page: [ 15.598540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e1 [ 15.598963] flags: 0x200000000000000(node=0|zone=2) [ 15.599251] page_type: f5(slab) [ 15.599438] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.599827] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.600309] page dumped because: kasan: bad access detected [ 15.600660] [ 15.600780] Memory state around the buggy address: [ 15.601003] ffff8881027e1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.601320] ffff8881027e1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.601624] >ffff8881027e1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.601835] ^ [ 15.602055] ffff8881027e1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.602384] ffff8881027e1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.602835] ================================================================== [ 15.603932] ================================================================== [ 15.604382] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 15.604816] Write of size 1 at addr ffff8881027e1878 by task kunit_try_catch/302 [ 15.605186] [ 15.605308] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.605384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.605414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.605448] Call Trace: [ 15.605469] <TASK> [ 15.605490] dump_stack_lvl+0x73/0xb0 [ 15.605519] print_report+0xd1/0x650 [ 15.605543] ? __virt_addr_valid+0x1db/0x2d0 [ 15.605569] ? strncpy_from_user+0x1a5/0x1d0 [ 15.605619] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.605651] ? strncpy_from_user+0x1a5/0x1d0 [ 15.605674] kasan_report+0x141/0x180 [ 15.605735] ? strncpy_from_user+0x1a5/0x1d0 [ 15.605764] __asan_report_store1_noabort+0x1b/0x30 [ 15.605796] strncpy_from_user+0x1a5/0x1d0 [ 15.605822] copy_user_test_oob+0x760/0x10f0 [ 15.605849] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.605872] ? finish_task_switch.isra.0+0x153/0x700 [ 15.605921] ? __switch_to+0x47/0xf50 [ 15.605947] ? __schedule+0x10cc/0x2b60 [ 15.605996] ? __pfx_read_tsc+0x10/0x10 [ 15.606018] ? ktime_get_ts64+0x86/0x230 [ 15.606052] kunit_try_run_case+0x1a5/0x480 [ 15.606075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.606098] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.606122] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.606145] ? __kthread_parkme+0x82/0x180 [ 15.606191] ? preempt_count_sub+0x50/0x80 [ 15.606215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.606267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.606315] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.606338] kthread+0x337/0x6f0 [ 15.606359] ? trace_preempt_on+0x20/0xc0 [ 15.606394] ? __pfx_kthread+0x10/0x10 [ 15.606416] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.606437] ? calculate_sigpending+0x7b/0xa0 [ 15.606462] ? __pfx_kthread+0x10/0x10 [ 15.606484] ret_from_fork+0x116/0x1d0 [ 15.606527] ? __pfx_kthread+0x10/0x10 [ 15.606549] ret_from_fork_asm+0x1a/0x30 [ 15.606608] </TASK> [ 15.606640] [ 15.614371] Allocated by task 302: [ 15.614592] kasan_save_stack+0x45/0x70 [ 15.614837] kasan_save_track+0x18/0x40 [ 15.615046] kasan_save_alloc_info+0x3b/0x50 [ 15.615303] __kasan_kmalloc+0xb7/0xc0 [ 15.615506] __kmalloc_noprof+0x1c9/0x500 [ 15.615780] kunit_kmalloc_array+0x25/0x60 [ 15.615986] copy_user_test_oob+0xab/0x10f0 [ 15.616230] kunit_try_run_case+0x1a5/0x480 [ 15.616456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.616731] kthread+0x337/0x6f0 [ 15.616936] ret_from_fork+0x116/0x1d0 [ 15.617272] ret_from_fork_asm+0x1a/0x30 [ 15.617516] [ 15.617634] The buggy address belongs to the object at ffff8881027e1800 [ 15.617634] which belongs to the cache kmalloc-128 of size 128 [ 15.618130] The buggy address is located 0 bytes to the right of [ 15.618130] allocated 120-byte region [ffff8881027e1800, ffff8881027e1878) [ 15.618672] [ 15.618789] The buggy address belongs to the physical page: [ 15.619070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e1 [ 15.619417] flags: 0x200000000000000(node=0|zone=2) [ 15.619644] page_type: f5(slab) [ 15.619813] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.620139] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.620375] page dumped because: kasan: bad access detected [ 15.620549] [ 15.620646] Memory state around the buggy address: [ 15.620874] ffff8881027e1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.621249] ffff8881027e1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.621612] >ffff8881027e1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.621961] ^ [ 15.622284] ffff8881027e1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.622629] ffff8881027e1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.622937] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 15.541760] ================================================================== [ 15.542223] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 15.542548] Write of size 121 at addr ffff8881027e1800 by task kunit_try_catch/302 [ 15.542879] [ 15.542988] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.543048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.543060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.543082] Call Trace: [ 15.543098] <TASK> [ 15.543113] dump_stack_lvl+0x73/0xb0 [ 15.543141] print_report+0xd1/0x650 [ 15.543174] ? __virt_addr_valid+0x1db/0x2d0 [ 15.543199] ? copy_user_test_oob+0x557/0x10f0 [ 15.543234] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.543257] ? copy_user_test_oob+0x557/0x10f0 [ 15.543282] kasan_report+0x141/0x180 [ 15.543314] ? copy_user_test_oob+0x557/0x10f0 [ 15.543342] kasan_check_range+0x10c/0x1c0 [ 15.543367] __kasan_check_write+0x18/0x20 [ 15.543397] copy_user_test_oob+0x557/0x10f0 [ 15.543423] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.543446] ? finish_task_switch.isra.0+0x153/0x700 [ 15.543478] ? __switch_to+0x47/0xf50 [ 15.543504] ? __schedule+0x10cc/0x2b60 [ 15.543529] ? __pfx_read_tsc+0x10/0x10 [ 15.543561] ? ktime_get_ts64+0x86/0x230 [ 15.543585] kunit_try_run_case+0x1a5/0x480 [ 15.543611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.543652] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.543676] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.543711] ? __kthread_parkme+0x82/0x180 [ 15.543733] ? preempt_count_sub+0x50/0x80 [ 15.543755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.543779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.543803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.543826] kthread+0x337/0x6f0 [ 15.543846] ? trace_preempt_on+0x20/0xc0 [ 15.543870] ? __pfx_kthread+0x10/0x10 [ 15.543891] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.543921] ? calculate_sigpending+0x7b/0xa0 [ 15.543946] ? __pfx_kthread+0x10/0x10 [ 15.543968] ret_from_fork+0x116/0x1d0 [ 15.543998] ? __pfx_kthread+0x10/0x10 [ 15.544028] ret_from_fork_asm+0x1a/0x30 [ 15.544058] </TASK> [ 15.544071] [ 15.552005] Allocated by task 302: [ 15.552207] kasan_save_stack+0x45/0x70 [ 15.552408] kasan_save_track+0x18/0x40 [ 15.552587] kasan_save_alloc_info+0x3b/0x50 [ 15.552848] __kasan_kmalloc+0xb7/0xc0 [ 15.553091] __kmalloc_noprof+0x1c9/0x500 [ 15.553327] kunit_kmalloc_array+0x25/0x60 [ 15.553547] copy_user_test_oob+0xab/0x10f0 [ 15.553854] kunit_try_run_case+0x1a5/0x480 [ 15.554110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.554349] kthread+0x337/0x6f0 [ 15.554534] ret_from_fork+0x116/0x1d0 [ 15.554728] ret_from_fork_asm+0x1a/0x30 [ 15.555070] [ 15.555165] The buggy address belongs to the object at ffff8881027e1800 [ 15.555165] which belongs to the cache kmalloc-128 of size 128 [ 15.555747] The buggy address is located 0 bytes inside of [ 15.555747] allocated 120-byte region [ffff8881027e1800, ffff8881027e1878) [ 15.556277] [ 15.556410] The buggy address belongs to the physical page: [ 15.556656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e1 [ 15.556985] flags: 0x200000000000000(node=0|zone=2) [ 15.557161] page_type: f5(slab) [ 15.557288] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.557521] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.557809] page dumped because: kasan: bad access detected [ 15.558305] [ 15.558419] Memory state around the buggy address: [ 15.558678] ffff8881027e1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.558983] ffff8881027e1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.559252] >ffff8881027e1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.559503] ^ [ 15.559878] ffff8881027e1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.560281] ffff8881027e1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.560707] ================================================================== [ 15.523056] ================================================================== [ 15.523524] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 15.524064] Read of size 121 at addr ffff8881027e1800 by task kunit_try_catch/302 [ 15.524303] [ 15.524399] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.524445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.524460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.524483] Call Trace: [ 15.524503] <TASK> [ 15.524523] dump_stack_lvl+0x73/0xb0 [ 15.524556] print_report+0xd1/0x650 [ 15.524580] ? __virt_addr_valid+0x1db/0x2d0 [ 15.524606] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.524630] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.524654] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.524678] kasan_report+0x141/0x180 [ 15.524700] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.524729] kasan_check_range+0x10c/0x1c0 [ 15.524753] __kasan_check_read+0x15/0x20 [ 15.524773] copy_user_test_oob+0x4aa/0x10f0 [ 15.524798] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.524821] ? finish_task_switch.isra.0+0x153/0x700 [ 15.524845] ? __switch_to+0x47/0xf50 [ 15.524871] ? __schedule+0x10cc/0x2b60 [ 15.524895] ? __pfx_read_tsc+0x10/0x10 [ 15.524917] ? ktime_get_ts64+0x86/0x230 [ 15.524941] kunit_try_run_case+0x1a5/0x480 [ 15.524990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.525012] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.525053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.525077] ? __kthread_parkme+0x82/0x180 [ 15.525099] ? preempt_count_sub+0x50/0x80 [ 15.525121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.525145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.525169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.525201] kthread+0x337/0x6f0 [ 15.525222] ? trace_preempt_on+0x20/0xc0 [ 15.525246] ? __pfx_kthread+0x10/0x10 [ 15.525278] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.525299] ? calculate_sigpending+0x7b/0xa0 [ 15.525324] ? __pfx_kthread+0x10/0x10 [ 15.525347] ret_from_fork+0x116/0x1d0 [ 15.525365] ? __pfx_kthread+0x10/0x10 [ 15.525386] ret_from_fork_asm+0x1a/0x30 [ 15.525417] </TASK> [ 15.525429] [ 15.533076] Allocated by task 302: [ 15.533205] kasan_save_stack+0x45/0x70 [ 15.533354] kasan_save_track+0x18/0x40 [ 15.533571] kasan_save_alloc_info+0x3b/0x50 [ 15.533879] __kasan_kmalloc+0xb7/0xc0 [ 15.534122] __kmalloc_noprof+0x1c9/0x500 [ 15.534323] kunit_kmalloc_array+0x25/0x60 [ 15.534527] copy_user_test_oob+0xab/0x10f0 [ 15.534850] kunit_try_run_case+0x1a5/0x480 [ 15.535070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.535250] kthread+0x337/0x6f0 [ 15.535374] ret_from_fork+0x116/0x1d0 [ 15.535506] ret_from_fork_asm+0x1a/0x30 [ 15.535765] [ 15.535861] The buggy address belongs to the object at ffff8881027e1800 [ 15.535861] which belongs to the cache kmalloc-128 of size 128 [ 15.536460] The buggy address is located 0 bytes inside of [ 15.536460] allocated 120-byte region [ffff8881027e1800, ffff8881027e1878) [ 15.536956] [ 15.537062] The buggy address belongs to the physical page: [ 15.537328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e1 [ 15.537597] flags: 0x200000000000000(node=0|zone=2) [ 15.537955] page_type: f5(slab) [ 15.538118] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.538617] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.538941] page dumped because: kasan: bad access detected [ 15.539182] [ 15.539277] Memory state around the buggy address: [ 15.539492] ffff8881027e1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.539805] ffff8881027e1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.540135] >ffff8881027e1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.540444] ^ [ 15.540698] ffff8881027e1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.540916] ffff8881027e1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.541216] ================================================================== [ 15.561898] ================================================================== [ 15.562330] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 15.562633] Read of size 121 at addr ffff8881027e1800 by task kunit_try_catch/302 [ 15.563003] [ 15.563112] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.563158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.563171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.563194] Call Trace: [ 15.563215] <TASK> [ 15.563234] dump_stack_lvl+0x73/0xb0 [ 15.563265] print_report+0xd1/0x650 [ 15.563290] ? __virt_addr_valid+0x1db/0x2d0 [ 15.563315] ? copy_user_test_oob+0x604/0x10f0 [ 15.563339] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.563362] ? copy_user_test_oob+0x604/0x10f0 [ 15.563421] kasan_report+0x141/0x180 [ 15.563459] ? copy_user_test_oob+0x604/0x10f0 [ 15.563513] kasan_check_range+0x10c/0x1c0 [ 15.563550] __kasan_check_read+0x15/0x20 [ 15.563584] copy_user_test_oob+0x604/0x10f0 [ 15.563636] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.563672] ? finish_task_switch.isra.0+0x153/0x700 [ 15.563708] ? __switch_to+0x47/0xf50 [ 15.563748] ? __schedule+0x10cc/0x2b60 [ 15.563785] ? __pfx_read_tsc+0x10/0x10 [ 15.563806] ? ktime_get_ts64+0x86/0x230 [ 15.563844] kunit_try_run_case+0x1a5/0x480 [ 15.563895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.563940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.563964] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.563988] ? __kthread_parkme+0x82/0x180 [ 15.564028] ? preempt_count_sub+0x50/0x80 [ 15.564051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.564075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.564099] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.564122] kthread+0x337/0x6f0 [ 15.564147] ? trace_preempt_on+0x20/0xc0 [ 15.564172] ? __pfx_kthread+0x10/0x10 [ 15.564194] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.564216] ? calculate_sigpending+0x7b/0xa0 [ 15.564241] ? __pfx_kthread+0x10/0x10 [ 15.564263] ret_from_fork+0x116/0x1d0 [ 15.564282] ? __pfx_kthread+0x10/0x10 [ 15.564313] ret_from_fork_asm+0x1a/0x30 [ 15.564344] </TASK> [ 15.564358] [ 15.572997] Allocated by task 302: [ 15.573239] kasan_save_stack+0x45/0x70 [ 15.573456] kasan_save_track+0x18/0x40 [ 15.573709] kasan_save_alloc_info+0x3b/0x50 [ 15.573935] __kasan_kmalloc+0xb7/0xc0 [ 15.574144] __kmalloc_noprof+0x1c9/0x500 [ 15.574368] kunit_kmalloc_array+0x25/0x60 [ 15.574570] copy_user_test_oob+0xab/0x10f0 [ 15.574803] kunit_try_run_case+0x1a5/0x480 [ 15.575050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.575317] kthread+0x337/0x6f0 [ 15.575484] ret_from_fork+0x116/0x1d0 [ 15.575738] ret_from_fork_asm+0x1a/0x30 [ 15.575909] [ 15.576007] The buggy address belongs to the object at ffff8881027e1800 [ 15.576007] which belongs to the cache kmalloc-128 of size 128 [ 15.576607] The buggy address is located 0 bytes inside of [ 15.576607] allocated 120-byte region [ffff8881027e1800, ffff8881027e1878) [ 15.577186] [ 15.577317] The buggy address belongs to the physical page: [ 15.577590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e1 [ 15.578013] flags: 0x200000000000000(node=0|zone=2) [ 15.578310] page_type: f5(slab) [ 15.578509] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.578946] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.579387] page dumped because: kasan: bad access detected [ 15.579633] [ 15.579728] Memory state around the buggy address: [ 15.579975] ffff8881027e1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.580422] ffff8881027e1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.580784] >ffff8881027e1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.581126] ^ [ 15.581435] ffff8881027e1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.581784] ffff8881027e1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.582100] ================================================================== [ 15.505161] ================================================================== [ 15.505527] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 15.505902] Write of size 121 at addr ffff8881027e1800 by task kunit_try_catch/302 [ 15.506263] [ 15.506362] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.506410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.506424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.506448] Call Trace: [ 15.506464] <TASK> [ 15.506485] dump_stack_lvl+0x73/0xb0 [ 15.506526] print_report+0xd1/0x650 [ 15.506551] ? __virt_addr_valid+0x1db/0x2d0 [ 15.506576] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.506612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.506636] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.506672] kasan_report+0x141/0x180 [ 15.506695] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.506733] kasan_check_range+0x10c/0x1c0 [ 15.506757] __kasan_check_write+0x18/0x20 [ 15.506777] copy_user_test_oob+0x3fd/0x10f0 [ 15.506814] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.506837] ? finish_task_switch.isra.0+0x153/0x700 [ 15.506861] ? __switch_to+0x47/0xf50 [ 15.506896] ? __schedule+0x10cc/0x2b60 [ 15.506920] ? __pfx_read_tsc+0x10/0x10 [ 15.506942] ? ktime_get_ts64+0x86/0x230 [ 15.506976] kunit_try_run_case+0x1a5/0x480 [ 15.507001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.507032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.507056] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.507080] ? __kthread_parkme+0x82/0x180 [ 15.507101] ? preempt_count_sub+0x50/0x80 [ 15.507124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.507148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.507172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.507195] kthread+0x337/0x6f0 [ 15.507215] ? trace_preempt_on+0x20/0xc0 [ 15.507239] ? __pfx_kthread+0x10/0x10 [ 15.507260] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.507281] ? calculate_sigpending+0x7b/0xa0 [ 15.507306] ? __pfx_kthread+0x10/0x10 [ 15.507328] ret_from_fork+0x116/0x1d0 [ 15.507347] ? __pfx_kthread+0x10/0x10 [ 15.507368] ret_from_fork_asm+0x1a/0x30 [ 15.507398] </TASK> [ 15.507410] [ 15.514809] Allocated by task 302: [ 15.514961] kasan_save_stack+0x45/0x70 [ 15.515122] kasan_save_track+0x18/0x40 [ 15.515260] kasan_save_alloc_info+0x3b/0x50 [ 15.515498] __kasan_kmalloc+0xb7/0xc0 [ 15.515684] __kmalloc_noprof+0x1c9/0x500 [ 15.515885] kunit_kmalloc_array+0x25/0x60 [ 15.516078] copy_user_test_oob+0xab/0x10f0 [ 15.516230] kunit_try_run_case+0x1a5/0x480 [ 15.516399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.516656] kthread+0x337/0x6f0 [ 15.516831] ret_from_fork+0x116/0x1d0 [ 15.517056] ret_from_fork_asm+0x1a/0x30 [ 15.517248] [ 15.517323] The buggy address belongs to the object at ffff8881027e1800 [ 15.517323] which belongs to the cache kmalloc-128 of size 128 [ 15.517843] The buggy address is located 0 bytes inside of [ 15.517843] allocated 120-byte region [ffff8881027e1800, ffff8881027e1878) [ 15.518342] [ 15.518432] The buggy address belongs to the physical page: [ 15.518607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e1 [ 15.519012] flags: 0x200000000000000(node=0|zone=2) [ 15.519223] page_type: f5(slab) [ 15.519393] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.519764] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.520090] page dumped because: kasan: bad access detected [ 15.520353] [ 15.520447] Memory state around the buggy address: [ 15.520677] ffff8881027e1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.520980] ffff8881027e1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.521223] >ffff8881027e1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.521440] ^ [ 15.521659] ffff8881027e1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.522006] ffff8881027e1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.522327] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 15.481099] ================================================================== [ 15.481421] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 15.482127] Read of size 121 at addr ffff8881027e1800 by task kunit_try_catch/302 [ 15.482857] [ 15.483063] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.483111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.483124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.483147] Call Trace: [ 15.483163] <TASK> [ 15.483190] dump_stack_lvl+0x73/0xb0 [ 15.483221] print_report+0xd1/0x650 [ 15.483245] ? __virt_addr_valid+0x1db/0x2d0 [ 15.483281] ? _copy_to_user+0x3c/0x70 [ 15.483301] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.483326] ? _copy_to_user+0x3c/0x70 [ 15.483345] kasan_report+0x141/0x180 [ 15.483368] ? _copy_to_user+0x3c/0x70 [ 15.483393] kasan_check_range+0x10c/0x1c0 [ 15.483417] __kasan_check_read+0x15/0x20 [ 15.483437] _copy_to_user+0x3c/0x70 [ 15.483457] copy_user_test_oob+0x364/0x10f0 [ 15.483483] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.483506] ? finish_task_switch.isra.0+0x153/0x700 [ 15.483530] ? __switch_to+0x47/0xf50 [ 15.483556] ? __schedule+0x10cc/0x2b60 [ 15.483579] ? __pfx_read_tsc+0x10/0x10 [ 15.483601] ? ktime_get_ts64+0x86/0x230 [ 15.483626] kunit_try_run_case+0x1a5/0x480 [ 15.483659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.483682] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.483706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.483730] ? __kthread_parkme+0x82/0x180 [ 15.483752] ? preempt_count_sub+0x50/0x80 [ 15.483775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.483799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.483823] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.483846] kthread+0x337/0x6f0 [ 15.483866] ? trace_preempt_on+0x20/0xc0 [ 15.483890] ? __pfx_kthread+0x10/0x10 [ 15.483911] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.483932] ? calculate_sigpending+0x7b/0xa0 [ 15.483958] ? __pfx_kthread+0x10/0x10 [ 15.483979] ret_from_fork+0x116/0x1d0 [ 15.483998] ? __pfx_kthread+0x10/0x10 [ 15.484019] ret_from_fork_asm+0x1a/0x30 [ 15.484059] </TASK> [ 15.484072] [ 15.491621] Allocated by task 302: [ 15.491814] kasan_save_stack+0x45/0x70 [ 15.492041] kasan_save_track+0x18/0x40 [ 15.492242] kasan_save_alloc_info+0x3b/0x50 [ 15.492457] __kasan_kmalloc+0xb7/0xc0 [ 15.492616] __kmalloc_noprof+0x1c9/0x500 [ 15.492848] kunit_kmalloc_array+0x25/0x60 [ 15.493068] copy_user_test_oob+0xab/0x10f0 [ 15.493264] kunit_try_run_case+0x1a5/0x480 [ 15.493451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.493630] kthread+0x337/0x6f0 [ 15.493843] ret_from_fork+0x116/0x1d0 [ 15.494051] ret_from_fork_asm+0x1a/0x30 [ 15.494378] [ 15.494508] The buggy address belongs to the object at ffff8881027e1800 [ 15.494508] which belongs to the cache kmalloc-128 of size 128 [ 15.495094] The buggy address is located 0 bytes inside of [ 15.495094] allocated 120-byte region [ffff8881027e1800, ffff8881027e1878) [ 15.495575] [ 15.495650] The buggy address belongs to the physical page: [ 15.495824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e1 [ 15.496076] flags: 0x200000000000000(node=0|zone=2) [ 15.496331] page_type: f5(slab) [ 15.496527] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.497126] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.497356] page dumped because: kasan: bad access detected [ 15.497529] [ 15.497601] Memory state around the buggy address: [ 15.498063] ffff8881027e1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.498383] ffff8881027e1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.498837] >ffff8881027e1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.499149] ^ [ 15.499364] ffff8881027e1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.499683] ffff8881027e1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.500014] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 15.458624] ================================================================== [ 15.459262] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 15.459678] Write of size 121 at addr ffff8881027e1800 by task kunit_try_catch/302 [ 15.460043] [ 15.460202] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.460255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.460269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.460296] Call Trace: [ 15.460311] <TASK> [ 15.460334] dump_stack_lvl+0x73/0xb0 [ 15.460407] print_report+0xd1/0x650 [ 15.460466] ? __virt_addr_valid+0x1db/0x2d0 [ 15.460494] ? _copy_from_user+0x32/0x90 [ 15.460514] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.460538] ? _copy_from_user+0x32/0x90 [ 15.460559] kasan_report+0x141/0x180 [ 15.460582] ? _copy_from_user+0x32/0x90 [ 15.460607] kasan_check_range+0x10c/0x1c0 [ 15.460631] __kasan_check_write+0x18/0x20 [ 15.460652] _copy_from_user+0x32/0x90 [ 15.460672] copy_user_test_oob+0x2be/0x10f0 [ 15.460725] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.460749] ? finish_task_switch.isra.0+0x153/0x700 [ 15.460775] ? __switch_to+0x47/0xf50 [ 15.460814] ? __schedule+0x10cc/0x2b60 [ 15.460838] ? __pfx_read_tsc+0x10/0x10 [ 15.460861] ? ktime_get_ts64+0x86/0x230 [ 15.460913] kunit_try_run_case+0x1a5/0x480 [ 15.460938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.460961] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.460998] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.461029] ? __kthread_parkme+0x82/0x180 [ 15.461053] ? preempt_count_sub+0x50/0x80 [ 15.461076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.461100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.461126] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.461153] kthread+0x337/0x6f0 [ 15.461173] ? trace_preempt_on+0x20/0xc0 [ 15.461199] ? __pfx_kthread+0x10/0x10 [ 15.461220] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.461241] ? calculate_sigpending+0x7b/0xa0 [ 15.461266] ? __pfx_kthread+0x10/0x10 [ 15.461289] ret_from_fork+0x116/0x1d0 [ 15.461308] ? __pfx_kthread+0x10/0x10 [ 15.461329] ret_from_fork_asm+0x1a/0x30 [ 15.461361] </TASK> [ 15.461376] [ 15.469213] Allocated by task 302: [ 15.469418] kasan_save_stack+0x45/0x70 [ 15.469639] kasan_save_track+0x18/0x40 [ 15.469844] kasan_save_alloc_info+0x3b/0x50 [ 15.470067] __kasan_kmalloc+0xb7/0xc0 [ 15.470290] __kmalloc_noprof+0x1c9/0x500 [ 15.470508] kunit_kmalloc_array+0x25/0x60 [ 15.470709] copy_user_test_oob+0xab/0x10f0 [ 15.470864] kunit_try_run_case+0x1a5/0x480 [ 15.471080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.471334] kthread+0x337/0x6f0 [ 15.471552] ret_from_fork+0x116/0x1d0 [ 15.471785] ret_from_fork_asm+0x1a/0x30 [ 15.472005] [ 15.472111] The buggy address belongs to the object at ffff8881027e1800 [ 15.472111] which belongs to the cache kmalloc-128 of size 128 [ 15.472658] The buggy address is located 0 bytes inside of [ 15.472658] allocated 120-byte region [ffff8881027e1800, ffff8881027e1878) [ 15.473212] [ 15.473311] The buggy address belongs to the physical page: [ 15.473480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e1 [ 15.473727] flags: 0x200000000000000(node=0|zone=2) [ 15.474014] page_type: f5(slab) [ 15.474267] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.474713] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.475069] page dumped because: kasan: bad access detected [ 15.475314] [ 15.475388] Memory state around the buggy address: [ 15.475543] ffff8881027e1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.475992] ffff8881027e1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.476376] >ffff8881027e1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.476741] ^ [ 15.477051] ffff8881027e1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.477262] ffff8881027e1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.477534] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 15.424238] ================================================================== [ 15.424568] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 15.424955] Write of size 8 at addr ffff8881027e1778 by task kunit_try_catch/298 [ 15.425303] [ 15.425454] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.425531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.425544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.425568] Call Trace: [ 15.425584] <TASK> [ 15.425606] dump_stack_lvl+0x73/0xb0 [ 15.425636] print_report+0xd1/0x650 [ 15.425673] ? __virt_addr_valid+0x1db/0x2d0 [ 15.425698] ? copy_to_kernel_nofault+0x99/0x260 [ 15.425722] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.425745] ? copy_to_kernel_nofault+0x99/0x260 [ 15.425798] kasan_report+0x141/0x180 [ 15.425821] ? copy_to_kernel_nofault+0x99/0x260 [ 15.425849] kasan_check_range+0x10c/0x1c0 [ 15.425884] __kasan_check_write+0x18/0x20 [ 15.425904] copy_to_kernel_nofault+0x99/0x260 [ 15.425956] copy_to_kernel_nofault_oob+0x288/0x560 [ 15.425981] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.426016] ? finish_task_switch.isra.0+0x153/0x700 [ 15.426049] ? __schedule+0x10cc/0x2b60 [ 15.426072] ? trace_hardirqs_on+0x37/0xe0 [ 15.426104] ? __pfx_read_tsc+0x10/0x10 [ 15.426126] ? ktime_get_ts64+0x86/0x230 [ 15.426151] kunit_try_run_case+0x1a5/0x480 [ 15.426176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.426199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.426223] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.426246] ? __kthread_parkme+0x82/0x180 [ 15.426267] ? preempt_count_sub+0x50/0x80 [ 15.426290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.426314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.426338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.426361] kthread+0x337/0x6f0 [ 15.426380] ? trace_preempt_on+0x20/0xc0 [ 15.426403] ? __pfx_kthread+0x10/0x10 [ 15.426424] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.426444] ? calculate_sigpending+0x7b/0xa0 [ 15.426469] ? __pfx_kthread+0x10/0x10 [ 15.426490] ret_from_fork+0x116/0x1d0 [ 15.426509] ? __pfx_kthread+0x10/0x10 [ 15.426530] ret_from_fork_asm+0x1a/0x30 [ 15.426562] </TASK> [ 15.426575] [ 15.434735] Allocated by task 298: [ 15.434931] kasan_save_stack+0x45/0x70 [ 15.435139] kasan_save_track+0x18/0x40 [ 15.435331] kasan_save_alloc_info+0x3b/0x50 [ 15.435567] __kasan_kmalloc+0xb7/0xc0 [ 15.435793] __kmalloc_cache_noprof+0x189/0x420 [ 15.436043] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.436328] kunit_try_run_case+0x1a5/0x480 [ 15.436538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.436862] kthread+0x337/0x6f0 [ 15.437084] ret_from_fork+0x116/0x1d0 [ 15.437305] ret_from_fork_asm+0x1a/0x30 [ 15.437537] [ 15.437664] The buggy address belongs to the object at ffff8881027e1700 [ 15.437664] which belongs to the cache kmalloc-128 of size 128 [ 15.438160] The buggy address is located 0 bytes to the right of [ 15.438160] allocated 120-byte region [ffff8881027e1700, ffff8881027e1778) [ 15.438716] [ 15.438792] The buggy address belongs to the physical page: [ 15.438963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e1 [ 15.439382] flags: 0x200000000000000(node=0|zone=2) [ 15.439663] page_type: f5(slab) [ 15.439835] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.440233] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.440598] page dumped because: kasan: bad access detected [ 15.440859] [ 15.440930] Memory state around the buggy address: [ 15.441163] ffff8881027e1600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.441518] ffff8881027e1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.441854] >ffff8881027e1700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.442166] ^ [ 15.442487] ffff8881027e1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.442874] ffff8881027e1800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.443261] ================================================================== [ 15.398891] ================================================================== [ 15.400489] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 15.401465] Read of size 8 at addr ffff8881027e1778 by task kunit_try_catch/298 [ 15.402138] [ 15.402359] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.402416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.402431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.402456] Call Trace: [ 15.402471] <TASK> [ 15.402493] dump_stack_lvl+0x73/0xb0 [ 15.402529] print_report+0xd1/0x650 [ 15.402557] ? __virt_addr_valid+0x1db/0x2d0 [ 15.402583] ? copy_to_kernel_nofault+0x225/0x260 [ 15.402608] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.402632] ? copy_to_kernel_nofault+0x225/0x260 [ 15.402658] kasan_report+0x141/0x180 [ 15.402681] ? copy_to_kernel_nofault+0x225/0x260 [ 15.402710] __asan_report_load8_noabort+0x18/0x20 [ 15.402736] copy_to_kernel_nofault+0x225/0x260 [ 15.402761] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 15.402785] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.402820] ? finish_task_switch.isra.0+0x153/0x700 [ 15.402846] ? __schedule+0x10cc/0x2b60 [ 15.402868] ? trace_hardirqs_on+0x37/0xe0 [ 15.402912] ? __pfx_read_tsc+0x10/0x10 [ 15.402935] ? ktime_get_ts64+0x86/0x230 [ 15.402960] kunit_try_run_case+0x1a5/0x480 [ 15.402988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.403011] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.403044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.403066] ? __kthread_parkme+0x82/0x180 [ 15.403088] ? preempt_count_sub+0x50/0x80 [ 15.403111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.403134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.403158] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.403182] kthread+0x337/0x6f0 [ 15.403201] ? trace_preempt_on+0x20/0xc0 [ 15.403224] ? __pfx_kthread+0x10/0x10 [ 15.403245] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.403266] ? calculate_sigpending+0x7b/0xa0 [ 15.403291] ? __pfx_kthread+0x10/0x10 [ 15.403313] ret_from_fork+0x116/0x1d0 [ 15.403331] ? __pfx_kthread+0x10/0x10 [ 15.403352] ret_from_fork_asm+0x1a/0x30 [ 15.403384] </TASK> [ 15.403398] [ 15.413446] Allocated by task 298: [ 15.413659] kasan_save_stack+0x45/0x70 [ 15.413922] kasan_save_track+0x18/0x40 [ 15.414157] kasan_save_alloc_info+0x3b/0x50 [ 15.414387] __kasan_kmalloc+0xb7/0xc0 [ 15.414585] __kmalloc_cache_noprof+0x189/0x420 [ 15.414826] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.415062] kunit_try_run_case+0x1a5/0x480 [ 15.415250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.415418] kthread+0x337/0x6f0 [ 15.415536] ret_from_fork+0x116/0x1d0 [ 15.415814] ret_from_fork_asm+0x1a/0x30 [ 15.416031] [ 15.416130] The buggy address belongs to the object at ffff8881027e1700 [ 15.416130] which belongs to the cache kmalloc-128 of size 128 [ 15.416674] The buggy address is located 0 bytes to the right of [ 15.416674] allocated 120-byte region [ffff8881027e1700, ffff8881027e1778) [ 15.417251] [ 15.417350] The buggy address belongs to the physical page: [ 15.417630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e1 [ 15.417933] flags: 0x200000000000000(node=0|zone=2) [ 15.418144] page_type: f5(slab) [ 15.418275] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.418853] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.419250] page dumped because: kasan: bad access detected [ 15.419503] [ 15.419598] Memory state around the buggy address: [ 15.419864] ffff8881027e1600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.420269] ffff8881027e1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.420598] >ffff8881027e1700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.420967] ^ [ 15.421316] ffff8881027e1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.421658] ffff8881027e1800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.422006] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.902893] ================================================================== [ 14.903237] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.903482] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.904107] [ 14.904214] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.904261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.904285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.904309] Call Trace: [ 14.904330] <TASK> [ 14.904362] dump_stack_lvl+0x73/0xb0 [ 14.904392] print_report+0xd1/0x650 [ 14.904416] ? __virt_addr_valid+0x1db/0x2d0 [ 14.904450] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.904474] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.904496] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.904530] kasan_report+0x141/0x180 [ 14.904553] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.904579] kasan_check_range+0x10c/0x1c0 [ 14.904613] __kasan_check_write+0x18/0x20 [ 14.904633] kasan_atomics_helper+0x16e7/0x5450 [ 14.904665] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.904698] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.904725] ? trace_hardirqs_on+0x37/0xe0 [ 14.904749] ? kasan_atomics+0x152/0x310 [ 14.904777] kasan_atomics+0x1dc/0x310 [ 14.904800] ? __pfx_kasan_atomics+0x10/0x10 [ 14.904824] ? __pfx_kasan_atomics+0x10/0x10 [ 14.904851] kunit_try_run_case+0x1a5/0x480 [ 14.904877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.904899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.904925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.904948] ? __kthread_parkme+0x82/0x180 [ 14.904970] ? preempt_count_sub+0x50/0x80 [ 14.904995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.905019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.905054] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.905077] kthread+0x337/0x6f0 [ 14.905098] ? trace_preempt_on+0x20/0xc0 [ 14.905120] ? __pfx_kthread+0x10/0x10 [ 14.905142] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.905164] ? calculate_sigpending+0x7b/0xa0 [ 14.905189] ? __pfx_kthread+0x10/0x10 [ 14.905211] ret_from_fork+0x116/0x1d0 [ 14.905240] ? __pfx_kthread+0x10/0x10 [ 14.905262] ret_from_fork_asm+0x1a/0x30 [ 14.905294] </TASK> [ 14.905318] [ 14.912497] Allocated by task 282: [ 14.912631] kasan_save_stack+0x45/0x70 [ 14.912834] kasan_save_track+0x18/0x40 [ 14.913047] kasan_save_alloc_info+0x3b/0x50 [ 14.913272] __kasan_kmalloc+0xb7/0xc0 [ 14.913469] __kmalloc_cache_noprof+0x189/0x420 [ 14.913717] kasan_atomics+0x95/0x310 [ 14.913937] kunit_try_run_case+0x1a5/0x480 [ 14.914170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.914427] kthread+0x337/0x6f0 [ 14.914623] ret_from_fork+0x116/0x1d0 [ 14.914826] ret_from_fork_asm+0x1a/0x30 [ 14.915050] [ 14.915155] The buggy address belongs to the object at ffff8881033c5500 [ 14.915155] which belongs to the cache kmalloc-64 of size 64 [ 14.915543] The buggy address is located 0 bytes to the right of [ 14.915543] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.915910] [ 14.915984] The buggy address belongs to the physical page: [ 14.916230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.916583] flags: 0x200000000000000(node=0|zone=2) [ 14.916991] page_type: f5(slab) [ 14.917189] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.917490] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.917772] page dumped because: kasan: bad access detected [ 14.918030] [ 14.918124] Memory state around the buggy address: [ 14.918313] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.918530] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.919013] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.919341] ^ [ 14.919594] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.919873] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.920137] ================================================================== [ 14.123606] ================================================================== [ 14.124377] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.124705] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.124971] [ 14.125111] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.125167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.125180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.125202] Call Trace: [ 14.125220] <TASK> [ 14.125238] dump_stack_lvl+0x73/0xb0 [ 14.125276] print_report+0xd1/0x650 [ 14.125300] ? __virt_addr_valid+0x1db/0x2d0 [ 14.125324] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.125357] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.125380] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.125403] kasan_report+0x141/0x180 [ 14.125425] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.125451] __asan_report_store4_noabort+0x1b/0x30 [ 14.125473] kasan_atomics_helper+0x4b6e/0x5450 [ 14.125496] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.125518] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.125544] ? trace_hardirqs_on+0x37/0xe0 [ 14.125567] ? kasan_atomics+0x152/0x310 [ 14.125595] kasan_atomics+0x1dc/0x310 [ 14.125618] ? __pfx_kasan_atomics+0x10/0x10 [ 14.125652] ? __pfx_kasan_atomics+0x10/0x10 [ 14.125688] kunit_try_run_case+0x1a5/0x480 [ 14.125713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.125737] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.125773] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.125796] ? __kthread_parkme+0x82/0x180 [ 14.125818] ? preempt_count_sub+0x50/0x80 [ 14.125842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.125867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.125891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.125914] kthread+0x337/0x6f0 [ 14.125934] ? trace_preempt_on+0x20/0xc0 [ 14.125957] ? __pfx_kthread+0x10/0x10 [ 14.125978] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.126000] ? calculate_sigpending+0x7b/0xa0 [ 14.126033] ? __pfx_kthread+0x10/0x10 [ 14.126054] ret_from_fork+0x116/0x1d0 [ 14.126074] ? __pfx_kthread+0x10/0x10 [ 14.126095] ret_from_fork_asm+0x1a/0x30 [ 14.126126] </TASK> [ 14.126139] [ 14.133487] Allocated by task 282: [ 14.133768] kasan_save_stack+0x45/0x70 [ 14.134001] kasan_save_track+0x18/0x40 [ 14.134175] kasan_save_alloc_info+0x3b/0x50 [ 14.134388] __kasan_kmalloc+0xb7/0xc0 [ 14.134524] __kmalloc_cache_noprof+0x189/0x420 [ 14.134854] kasan_atomics+0x95/0x310 [ 14.135075] kunit_try_run_case+0x1a5/0x480 [ 14.135272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.135516] kthread+0x337/0x6f0 [ 14.135703] ret_from_fork+0x116/0x1d0 [ 14.135891] ret_from_fork_asm+0x1a/0x30 [ 14.136052] [ 14.136174] The buggy address belongs to the object at ffff8881033c5500 [ 14.136174] which belongs to the cache kmalloc-64 of size 64 [ 14.136640] The buggy address is located 0 bytes to the right of [ 14.136640] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.137075] [ 14.137150] The buggy address belongs to the physical page: [ 14.137323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.137645] flags: 0x200000000000000(node=0|zone=2) [ 14.137877] page_type: f5(slab) [ 14.138054] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.138395] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.138824] page dumped because: kasan: bad access detected [ 14.139186] [ 14.139258] Memory state around the buggy address: [ 14.139417] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.139634] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.139974] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.140331] ^ [ 14.140586] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.140944] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.141202] ================================================================== [ 14.258080] ================================================================== [ 14.258707] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 14.259054] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.259344] [ 14.259459] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.259516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.259530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.259553] Call Trace: [ 14.259573] <TASK> [ 14.259594] dump_stack_lvl+0x73/0xb0 [ 14.259623] print_report+0xd1/0x650 [ 14.259659] ? __virt_addr_valid+0x1db/0x2d0 [ 14.259685] ? kasan_atomics_helper+0x697/0x5450 [ 14.259707] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.259730] ? kasan_atomics_helper+0x697/0x5450 [ 14.259754] kasan_report+0x141/0x180 [ 14.259776] ? kasan_atomics_helper+0x697/0x5450 [ 14.259803] kasan_check_range+0x10c/0x1c0 [ 14.259829] __kasan_check_write+0x18/0x20 [ 14.259859] kasan_atomics_helper+0x697/0x5450 [ 14.259883] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.259906] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.259944] ? trace_hardirqs_on+0x37/0xe0 [ 14.259968] ? kasan_atomics+0x152/0x310 [ 14.259995] kasan_atomics+0x1dc/0x310 [ 14.260018] ? __pfx_kasan_atomics+0x10/0x10 [ 14.260052] ? __pfx_kasan_atomics+0x10/0x10 [ 14.260078] kunit_try_run_case+0x1a5/0x480 [ 14.260102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.260125] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.260153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.260176] ? __kthread_parkme+0x82/0x180 [ 14.260197] ? preempt_count_sub+0x50/0x80 [ 14.260222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.260246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.260269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.260292] kthread+0x337/0x6f0 [ 14.260312] ? trace_preempt_on+0x20/0xc0 [ 14.260335] ? __pfx_kthread+0x10/0x10 [ 14.260356] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.260378] ? calculate_sigpending+0x7b/0xa0 [ 14.260401] ? __pfx_kthread+0x10/0x10 [ 14.260423] ret_from_fork+0x116/0x1d0 [ 14.260442] ? __pfx_kthread+0x10/0x10 [ 14.260464] ret_from_fork_asm+0x1a/0x30 [ 14.260504] </TASK> [ 14.260517] [ 14.268064] Allocated by task 282: [ 14.268270] kasan_save_stack+0x45/0x70 [ 14.268485] kasan_save_track+0x18/0x40 [ 14.268696] kasan_save_alloc_info+0x3b/0x50 [ 14.269006] __kasan_kmalloc+0xb7/0xc0 [ 14.269165] __kmalloc_cache_noprof+0x189/0x420 [ 14.269389] kasan_atomics+0x95/0x310 [ 14.269603] kunit_try_run_case+0x1a5/0x480 [ 14.269805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.270074] kthread+0x337/0x6f0 [ 14.270253] ret_from_fork+0x116/0x1d0 [ 14.270430] ret_from_fork_asm+0x1a/0x30 [ 14.270572] [ 14.270654] The buggy address belongs to the object at ffff8881033c5500 [ 14.270654] which belongs to the cache kmalloc-64 of size 64 [ 14.271204] The buggy address is located 0 bytes to the right of [ 14.271204] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.271660] [ 14.271772] The buggy address belongs to the physical page: [ 14.272052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.272401] flags: 0x200000000000000(node=0|zone=2) [ 14.272651] page_type: f5(slab) [ 14.272804] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.273143] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.273483] page dumped because: kasan: bad access detected [ 14.273736] [ 14.273808] Memory state around the buggy address: [ 14.273964] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.274192] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.274409] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.274623] ^ [ 14.274796] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.275154] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.275469] ================================================================== [ 15.264906] ================================================================== [ 15.265284] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 15.265675] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.266010] [ 15.266138] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.266182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.266196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.266220] Call Trace: [ 15.266241] <TASK> [ 15.266261] dump_stack_lvl+0x73/0xb0 [ 15.266292] print_report+0xd1/0x650 [ 15.266314] ? __virt_addr_valid+0x1db/0x2d0 [ 15.266340] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.266362] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.266384] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.266407] kasan_report+0x141/0x180 [ 15.266429] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.266456] kasan_check_range+0x10c/0x1c0 [ 15.266481] __kasan_check_write+0x18/0x20 [ 15.266502] kasan_atomics_helper+0x20c8/0x5450 [ 15.266525] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.266547] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.266573] ? trace_hardirqs_on+0x37/0xe0 [ 15.266596] ? kasan_atomics+0x152/0x310 [ 15.266643] kasan_atomics+0x1dc/0x310 [ 15.266667] ? __pfx_kasan_atomics+0x10/0x10 [ 15.266691] ? __pfx_kasan_atomics+0x10/0x10 [ 15.266718] kunit_try_run_case+0x1a5/0x480 [ 15.266744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.266767] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.266792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.266815] ? __kthread_parkme+0x82/0x180 [ 15.266836] ? preempt_count_sub+0x50/0x80 [ 15.266861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.266885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.266909] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.266933] kthread+0x337/0x6f0 [ 15.266955] ? trace_preempt_on+0x20/0xc0 [ 15.266978] ? __pfx_kthread+0x10/0x10 [ 15.266998] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.267031] ? calculate_sigpending+0x7b/0xa0 [ 15.267056] ? __pfx_kthread+0x10/0x10 [ 15.267077] ret_from_fork+0x116/0x1d0 [ 15.267096] ? __pfx_kthread+0x10/0x10 [ 15.267117] ret_from_fork_asm+0x1a/0x30 [ 15.267147] </TASK> [ 15.267160] [ 15.274282] Allocated by task 282: [ 15.274412] kasan_save_stack+0x45/0x70 [ 15.274611] kasan_save_track+0x18/0x40 [ 15.274822] kasan_save_alloc_info+0x3b/0x50 [ 15.275041] __kasan_kmalloc+0xb7/0xc0 [ 15.275223] __kmalloc_cache_noprof+0x189/0x420 [ 15.275442] kasan_atomics+0x95/0x310 [ 15.275645] kunit_try_run_case+0x1a5/0x480 [ 15.275851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.276109] kthread+0x337/0x6f0 [ 15.276280] ret_from_fork+0x116/0x1d0 [ 15.276468] ret_from_fork_asm+0x1a/0x30 [ 15.276676] [ 15.276752] The buggy address belongs to the object at ffff8881033c5500 [ 15.276752] which belongs to the cache kmalloc-64 of size 64 [ 15.277200] The buggy address is located 0 bytes to the right of [ 15.277200] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.277564] [ 15.277691] The buggy address belongs to the physical page: [ 15.277950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.278332] flags: 0x200000000000000(node=0|zone=2) [ 15.278572] page_type: f5(slab) [ 15.278720] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.279069] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.279378] page dumped because: kasan: bad access detected [ 15.279596] [ 15.279709] Memory state around the buggy address: [ 15.279903] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.280188] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.280500] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.280781] ^ [ 15.281006] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.281297] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.281561] ================================================================== [ 14.796015] ================================================================== [ 14.796426] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.796953] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.797275] [ 14.797384] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.797429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.797442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.797464] Call Trace: [ 14.797482] <TASK> [ 14.797498] dump_stack_lvl+0x73/0xb0 [ 14.797528] print_report+0xd1/0x650 [ 14.797553] ? __virt_addr_valid+0x1db/0x2d0 [ 14.797578] ? kasan_atomics_helper+0x1467/0x5450 [ 14.797600] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.797623] ? kasan_atomics_helper+0x1467/0x5450 [ 14.797646] kasan_report+0x141/0x180 [ 14.797670] ? kasan_atomics_helper+0x1467/0x5450 [ 14.797697] kasan_check_range+0x10c/0x1c0 [ 14.797721] __kasan_check_write+0x18/0x20 [ 14.797741] kasan_atomics_helper+0x1467/0x5450 [ 14.797764] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.797787] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.797813] ? trace_hardirqs_on+0x37/0xe0 [ 14.797838] ? kasan_atomics+0x152/0x310 [ 14.797865] kasan_atomics+0x1dc/0x310 [ 14.797890] ? __pfx_kasan_atomics+0x10/0x10 [ 14.797914] ? __pfx_kasan_atomics+0x10/0x10 [ 14.797942] kunit_try_run_case+0x1a5/0x480 [ 14.797967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.797990] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.798015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.798048] ? __kthread_parkme+0x82/0x180 [ 14.798071] ? preempt_count_sub+0x50/0x80 [ 14.798096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.798120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.798143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.798167] kthread+0x337/0x6f0 [ 14.798187] ? trace_preempt_on+0x20/0xc0 [ 14.798208] ? __pfx_kthread+0x10/0x10 [ 14.798230] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.798251] ? calculate_sigpending+0x7b/0xa0 [ 14.798277] ? __pfx_kthread+0x10/0x10 [ 14.798298] ret_from_fork+0x116/0x1d0 [ 14.798317] ? __pfx_kthread+0x10/0x10 [ 14.798338] ret_from_fork_asm+0x1a/0x30 [ 14.798370] </TASK> [ 14.798382] [ 14.805882] Allocated by task 282: [ 14.806044] kasan_save_stack+0x45/0x70 [ 14.806773] kasan_save_track+0x18/0x40 [ 14.807178] kasan_save_alloc_info+0x3b/0x50 [ 14.807553] __kasan_kmalloc+0xb7/0xc0 [ 14.808014] __kmalloc_cache_noprof+0x189/0x420 [ 14.808489] kasan_atomics+0x95/0x310 [ 14.808914] kunit_try_run_case+0x1a5/0x480 [ 14.809360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.809899] kthread+0x337/0x6f0 [ 14.810226] ret_from_fork+0x116/0x1d0 [ 14.810580] ret_from_fork_asm+0x1a/0x30 [ 14.810948] [ 14.811127] The buggy address belongs to the object at ffff8881033c5500 [ 14.811127] which belongs to the cache kmalloc-64 of size 64 [ 14.812313] The buggy address is located 0 bytes to the right of [ 14.812313] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.813419] [ 14.813606] The buggy address belongs to the physical page: [ 14.814125] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.814854] flags: 0x200000000000000(node=0|zone=2) [ 14.815323] page_type: f5(slab) [ 14.815611] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.816401] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.817238] page dumped because: kasan: bad access detected [ 14.817761] [ 14.817926] Memory state around the buggy address: [ 14.818193] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.818415] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.818631] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.819265] ^ [ 14.819687] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.820356] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.821007] ================================================================== [ 14.559868] ================================================================== [ 14.560288] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 14.560777] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.561168] [ 14.561292] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.561337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.561351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.561373] Call Trace: [ 14.561402] <TASK> [ 14.561421] dump_stack_lvl+0x73/0xb0 [ 14.561450] print_report+0xd1/0x650 [ 14.561486] ? __virt_addr_valid+0x1db/0x2d0 [ 14.561512] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.561533] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.561555] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.561577] kasan_report+0x141/0x180 [ 14.561600] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.561626] kasan_check_range+0x10c/0x1c0 [ 14.561663] __kasan_check_write+0x18/0x20 [ 14.561683] kasan_atomics_helper+0xfa9/0x5450 [ 14.561706] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.561729] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.561754] ? trace_hardirqs_on+0x37/0xe0 [ 14.561778] ? kasan_atomics+0x152/0x310 [ 14.561806] kasan_atomics+0x1dc/0x310 [ 14.561829] ? __pfx_kasan_atomics+0x10/0x10 [ 14.561853] ? __pfx_kasan_atomics+0x10/0x10 [ 14.561879] kunit_try_run_case+0x1a5/0x480 [ 14.561905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.561938] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.561963] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.561986] ? __kthread_parkme+0x82/0x180 [ 14.562018] ? preempt_count_sub+0x50/0x80 [ 14.562051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.562076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.562099] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.562123] kthread+0x337/0x6f0 [ 14.562143] ? trace_preempt_on+0x20/0xc0 [ 14.562165] ? __pfx_kthread+0x10/0x10 [ 14.562186] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.562208] ? calculate_sigpending+0x7b/0xa0 [ 14.562232] ? __pfx_kthread+0x10/0x10 [ 14.562255] ret_from_fork+0x116/0x1d0 [ 14.562275] ? __pfx_kthread+0x10/0x10 [ 14.562301] ret_from_fork_asm+0x1a/0x30 [ 14.562333] </TASK> [ 14.562346] [ 14.570050] Allocated by task 282: [ 14.570239] kasan_save_stack+0x45/0x70 [ 14.570416] kasan_save_track+0x18/0x40 [ 14.570633] kasan_save_alloc_info+0x3b/0x50 [ 14.570820] __kasan_kmalloc+0xb7/0xc0 [ 14.571035] __kmalloc_cache_noprof+0x189/0x420 [ 14.571256] kasan_atomics+0x95/0x310 [ 14.571441] kunit_try_run_case+0x1a5/0x480 [ 14.571648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.571965] kthread+0x337/0x6f0 [ 14.572166] ret_from_fork+0x116/0x1d0 [ 14.572305] ret_from_fork_asm+0x1a/0x30 [ 14.572448] [ 14.572525] The buggy address belongs to the object at ffff8881033c5500 [ 14.572525] which belongs to the cache kmalloc-64 of size 64 [ 14.573098] The buggy address is located 0 bytes to the right of [ 14.573098] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.573572] [ 14.573693] The buggy address belongs to the physical page: [ 14.573954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.574303] flags: 0x200000000000000(node=0|zone=2) [ 14.574541] page_type: f5(slab) [ 14.574750] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.575090] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.575340] page dumped because: kasan: bad access detected [ 14.575512] [ 14.575583] Memory state around the buggy address: [ 14.575738] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.575954] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.576443] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.576889] ^ [ 14.577124] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.577375] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.577587] ================================================================== [ 14.141861] ================================================================== [ 14.142217] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.142510] Read of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.143258] [ 14.143397] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.143445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.143458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.143482] Call Trace: [ 14.143498] <TASK> [ 14.143515] dump_stack_lvl+0x73/0xb0 [ 14.143546] print_report+0xd1/0x650 [ 14.143581] ? __virt_addr_valid+0x1db/0x2d0 [ 14.143605] ? kasan_atomics_helper+0x3df/0x5450 [ 14.143627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.143661] ? kasan_atomics_helper+0x3df/0x5450 [ 14.143684] kasan_report+0x141/0x180 [ 14.143706] ? kasan_atomics_helper+0x3df/0x5450 [ 14.143744] kasan_check_range+0x10c/0x1c0 [ 14.143768] __kasan_check_read+0x15/0x20 [ 14.143788] kasan_atomics_helper+0x3df/0x5450 [ 14.143821] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.143844] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.143870] ? trace_hardirqs_on+0x37/0xe0 [ 14.143893] ? kasan_atomics+0x152/0x310 [ 14.143920] kasan_atomics+0x1dc/0x310 [ 14.143952] ? __pfx_kasan_atomics+0x10/0x10 [ 14.143977] ? __pfx_kasan_atomics+0x10/0x10 [ 14.144003] kunit_try_run_case+0x1a5/0x480 [ 14.144049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.144073] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.144098] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.144122] ? __kthread_parkme+0x82/0x180 [ 14.144150] ? preempt_count_sub+0x50/0x80 [ 14.144175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.144199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.144223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.144246] kthread+0x337/0x6f0 [ 14.144267] ? trace_preempt_on+0x20/0xc0 [ 14.144289] ? __pfx_kthread+0x10/0x10 [ 14.144311] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.144333] ? calculate_sigpending+0x7b/0xa0 [ 14.144366] ? __pfx_kthread+0x10/0x10 [ 14.144389] ret_from_fork+0x116/0x1d0 [ 14.144409] ? __pfx_kthread+0x10/0x10 [ 14.144441] ret_from_fork_asm+0x1a/0x30 [ 14.144472] </TASK> [ 14.144485] [ 14.152378] Allocated by task 282: [ 14.152514] kasan_save_stack+0x45/0x70 [ 14.152679] kasan_save_track+0x18/0x40 [ 14.152902] kasan_save_alloc_info+0x3b/0x50 [ 14.153125] __kasan_kmalloc+0xb7/0xc0 [ 14.153316] __kmalloc_cache_noprof+0x189/0x420 [ 14.153556] kasan_atomics+0x95/0x310 [ 14.153784] kunit_try_run_case+0x1a5/0x480 [ 14.153932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.154120] kthread+0x337/0x6f0 [ 14.154242] ret_from_fork+0x116/0x1d0 [ 14.154375] ret_from_fork_asm+0x1a/0x30 [ 14.154556] [ 14.154653] The buggy address belongs to the object at ffff8881033c5500 [ 14.154653] which belongs to the cache kmalloc-64 of size 64 [ 14.155189] The buggy address is located 0 bytes to the right of [ 14.155189] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.155800] [ 14.155904] The buggy address belongs to the physical page: [ 14.156197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.156552] flags: 0x200000000000000(node=0|zone=2) [ 14.156721] page_type: f5(slab) [ 14.156846] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.157406] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.157811] page dumped because: kasan: bad access detected [ 14.158040] [ 14.158115] Memory state around the buggy address: [ 14.158343] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.158674] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.158969] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.159282] ^ [ 14.159509] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.159853] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.160177] ================================================================== [ 14.105047] ================================================================== [ 14.105422] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.105823] Read of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.106325] [ 14.106456] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.106500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.106512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.106534] Call Trace: [ 14.106556] <TASK> [ 14.106574] dump_stack_lvl+0x73/0xb0 [ 14.106604] print_report+0xd1/0x650 [ 14.106648] ? __virt_addr_valid+0x1db/0x2d0 [ 14.106671] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.106692] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.106712] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.106742] kasan_report+0x141/0x180 [ 14.106764] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.106789] __asan_report_load4_noabort+0x18/0x20 [ 14.106822] kasan_atomics_helper+0x4b88/0x5450 [ 14.106845] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.106866] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.106889] ? trace_hardirqs_on+0x37/0xe0 [ 14.106912] ? kasan_atomics+0x152/0x310 [ 14.106938] kasan_atomics+0x1dc/0x310 [ 14.106961] ? __pfx_kasan_atomics+0x10/0x10 [ 14.106983] ? __pfx_kasan_atomics+0x10/0x10 [ 14.107009] kunit_try_run_case+0x1a5/0x480 [ 14.107046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.107068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.107091] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.107123] ? __kthread_parkme+0x82/0x180 [ 14.107143] ? preempt_count_sub+0x50/0x80 [ 14.107166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.107199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.107221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.107245] kthread+0x337/0x6f0 [ 14.107264] ? trace_preempt_on+0x20/0xc0 [ 14.107286] ? __pfx_kthread+0x10/0x10 [ 14.107306] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.107326] ? calculate_sigpending+0x7b/0xa0 [ 14.107349] ? __pfx_kthread+0x10/0x10 [ 14.107369] ret_from_fork+0x116/0x1d0 [ 14.107388] ? __pfx_kthread+0x10/0x10 [ 14.107408] ret_from_fork_asm+0x1a/0x30 [ 14.107439] </TASK> [ 14.107450] [ 14.114997] Allocated by task 282: [ 14.115186] kasan_save_stack+0x45/0x70 [ 14.115387] kasan_save_track+0x18/0x40 [ 14.115581] kasan_save_alloc_info+0x3b/0x50 [ 14.115822] __kasan_kmalloc+0xb7/0xc0 [ 14.116016] __kmalloc_cache_noprof+0x189/0x420 [ 14.116189] kasan_atomics+0x95/0x310 [ 14.116342] kunit_try_run_case+0x1a5/0x480 [ 14.116552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.116796] kthread+0x337/0x6f0 [ 14.117138] ret_from_fork+0x116/0x1d0 [ 14.117302] ret_from_fork_asm+0x1a/0x30 [ 14.117464] [ 14.117580] The buggy address belongs to the object at ffff8881033c5500 [ 14.117580] which belongs to the cache kmalloc-64 of size 64 [ 14.118126] The buggy address is located 0 bytes to the right of [ 14.118126] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.118605] [ 14.118675] The buggy address belongs to the physical page: [ 14.118840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.119125] flags: 0x200000000000000(node=0|zone=2) [ 14.119392] page_type: f5(slab) [ 14.119554] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.120151] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.120371] page dumped because: kasan: bad access detected [ 14.120537] [ 14.120649] Memory state around the buggy address: [ 14.120887] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.121397] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.121799] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.122163] ^ [ 14.122387] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.122729] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.122951] ================================================================== [ 14.315081] ================================================================== [ 14.315412] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 14.315638] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.316356] [ 14.316544] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.316619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.316632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.316667] Call Trace: [ 14.316684] <TASK> [ 14.316702] dump_stack_lvl+0x73/0xb0 [ 14.316733] print_report+0xd1/0x650 [ 14.316756] ? __virt_addr_valid+0x1db/0x2d0 [ 14.316780] ? kasan_atomics_helper+0x860/0x5450 [ 14.316802] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.316825] ? kasan_atomics_helper+0x860/0x5450 [ 14.316847] kasan_report+0x141/0x180 [ 14.316870] ? kasan_atomics_helper+0x860/0x5450 [ 14.316897] kasan_check_range+0x10c/0x1c0 [ 14.316921] __kasan_check_write+0x18/0x20 [ 14.316941] kasan_atomics_helper+0x860/0x5450 [ 14.316964] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.316986] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.317013] ? trace_hardirqs_on+0x37/0xe0 [ 14.317047] ? kasan_atomics+0x152/0x310 [ 14.317075] kasan_atomics+0x1dc/0x310 [ 14.317098] ? __pfx_kasan_atomics+0x10/0x10 [ 14.317123] ? __pfx_kasan_atomics+0x10/0x10 [ 14.317150] kunit_try_run_case+0x1a5/0x480 [ 14.317175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.317199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.317224] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.317247] ? __kthread_parkme+0x82/0x180 [ 14.317270] ? preempt_count_sub+0x50/0x80 [ 14.317294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.317319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.317342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.317366] kthread+0x337/0x6f0 [ 14.317385] ? trace_preempt_on+0x20/0xc0 [ 14.317407] ? __pfx_kthread+0x10/0x10 [ 14.317429] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.317480] ? calculate_sigpending+0x7b/0xa0 [ 14.317505] ? __pfx_kthread+0x10/0x10 [ 14.317554] ret_from_fork+0x116/0x1d0 [ 14.317588] ? __pfx_kthread+0x10/0x10 [ 14.317622] ret_from_fork_asm+0x1a/0x30 [ 14.317654] </TASK> [ 14.317667] [ 14.326099] Allocated by task 282: [ 14.326290] kasan_save_stack+0x45/0x70 [ 14.326524] kasan_save_track+0x18/0x40 [ 14.326787] kasan_save_alloc_info+0x3b/0x50 [ 14.327065] __kasan_kmalloc+0xb7/0xc0 [ 14.327257] __kmalloc_cache_noprof+0x189/0x420 [ 14.327514] kasan_atomics+0x95/0x310 [ 14.327659] kunit_try_run_case+0x1a5/0x480 [ 14.327942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.328250] kthread+0x337/0x6f0 [ 14.328442] ret_from_fork+0x116/0x1d0 [ 14.328644] ret_from_fork_asm+0x1a/0x30 [ 14.328859] [ 14.328976] The buggy address belongs to the object at ffff8881033c5500 [ 14.328976] which belongs to the cache kmalloc-64 of size 64 [ 14.329354] The buggy address is located 0 bytes to the right of [ 14.329354] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.329880] [ 14.329992] The buggy address belongs to the physical page: [ 14.330244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.330628] flags: 0x200000000000000(node=0|zone=2) [ 14.330836] page_type: f5(slab) [ 14.330959] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.331290] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.331696] page dumped because: kasan: bad access detected [ 14.331980] [ 14.332067] Memory state around the buggy address: [ 14.332228] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.332467] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.333087] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.333430] ^ [ 14.333653] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.333994] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.334315] ================================================================== [ 14.492844] ================================================================== [ 14.493256] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 14.494102] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.494934] [ 14.495099] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.495270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.495289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.495314] Call Trace: [ 14.495348] <TASK> [ 14.495369] dump_stack_lvl+0x73/0xb0 [ 14.495438] print_report+0xd1/0x650 [ 14.495465] ? __virt_addr_valid+0x1db/0x2d0 [ 14.495491] ? kasan_atomics_helper+0xde0/0x5450 [ 14.495513] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.495536] ? kasan_atomics_helper+0xde0/0x5450 [ 14.495558] kasan_report+0x141/0x180 [ 14.495581] ? kasan_atomics_helper+0xde0/0x5450 [ 14.495609] kasan_check_range+0x10c/0x1c0 [ 14.495633] __kasan_check_write+0x18/0x20 [ 14.495654] kasan_atomics_helper+0xde0/0x5450 [ 14.495679] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.495705] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.495731] ? trace_hardirqs_on+0x37/0xe0 [ 14.495757] ? kasan_atomics+0x152/0x310 [ 14.495784] kasan_atomics+0x1dc/0x310 [ 14.495808] ? __pfx_kasan_atomics+0x10/0x10 [ 14.495832] ? __pfx_kasan_atomics+0x10/0x10 [ 14.495860] kunit_try_run_case+0x1a5/0x480 [ 14.495885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.495908] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.495933] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.495957] ? __kthread_parkme+0x82/0x180 [ 14.495978] ? preempt_count_sub+0x50/0x80 [ 14.496003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.496038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.496064] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.496088] kthread+0x337/0x6f0 [ 14.496108] ? trace_preempt_on+0x20/0xc0 [ 14.496130] ? __pfx_kthread+0x10/0x10 [ 14.496155] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.496178] ? calculate_sigpending+0x7b/0xa0 [ 14.496204] ? __pfx_kthread+0x10/0x10 [ 14.496226] ret_from_fork+0x116/0x1d0 [ 14.496246] ? __pfx_kthread+0x10/0x10 [ 14.496267] ret_from_fork_asm+0x1a/0x30 [ 14.496299] </TASK> [ 14.496312] [ 14.509008] Allocated by task 282: [ 14.509383] kasan_save_stack+0x45/0x70 [ 14.509742] kasan_save_track+0x18/0x40 [ 14.509934] kasan_save_alloc_info+0x3b/0x50 [ 14.510146] __kasan_kmalloc+0xb7/0xc0 [ 14.510323] __kmalloc_cache_noprof+0x189/0x420 [ 14.510529] kasan_atomics+0x95/0x310 [ 14.510987] kunit_try_run_case+0x1a5/0x480 [ 14.511393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.511829] kthread+0x337/0x6f0 [ 14.512133] ret_from_fork+0x116/0x1d0 [ 14.512479] ret_from_fork_asm+0x1a/0x30 [ 14.512869] [ 14.512983] The buggy address belongs to the object at ffff8881033c5500 [ 14.512983] which belongs to the cache kmalloc-64 of size 64 [ 14.513634] The buggy address is located 0 bytes to the right of [ 14.513634] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.514139] [ 14.514234] The buggy address belongs to the physical page: [ 14.514467] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.515242] flags: 0x200000000000000(node=0|zone=2) [ 14.515558] page_type: f5(slab) [ 14.515975] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.516451] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.517283] page dumped because: kasan: bad access detected [ 14.517738] [ 14.517971] Memory state around the buggy address: [ 14.518406] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.519095] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.519598] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.520118] ^ [ 14.520336] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.520632] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.520920] ================================================================== [ 14.750682] ================================================================== [ 14.751166] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.751448] Read of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.751924] [ 14.752039] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.752085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.752098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.752120] Call Trace: [ 14.752136] <TASK> [ 14.752158] dump_stack_lvl+0x73/0xb0 [ 14.752187] print_report+0xd1/0x650 [ 14.752210] ? __virt_addr_valid+0x1db/0x2d0 [ 14.752235] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.752256] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.752279] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.752302] kasan_report+0x141/0x180 [ 14.752324] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.752350] kasan_check_range+0x10c/0x1c0 [ 14.752374] __kasan_check_read+0x15/0x20 [ 14.752395] kasan_atomics_helper+0x13b5/0x5450 [ 14.752418] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.752440] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.752464] ? trace_hardirqs_on+0x37/0xe0 [ 14.752488] ? kasan_atomics+0x152/0x310 [ 14.752514] kasan_atomics+0x1dc/0x310 [ 14.752537] ? __pfx_kasan_atomics+0x10/0x10 [ 14.752561] ? __pfx_kasan_atomics+0x10/0x10 [ 14.752588] kunit_try_run_case+0x1a5/0x480 [ 14.752612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.752635] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.752670] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.752694] ? __kthread_parkme+0x82/0x180 [ 14.752714] ? preempt_count_sub+0x50/0x80 [ 14.752738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.752762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.752787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.752812] kthread+0x337/0x6f0 [ 14.752834] ? trace_preempt_on+0x20/0xc0 [ 14.752857] ? __pfx_kthread+0x10/0x10 [ 14.752879] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.752901] ? calculate_sigpending+0x7b/0xa0 [ 14.752925] ? __pfx_kthread+0x10/0x10 [ 14.752947] ret_from_fork+0x116/0x1d0 [ 14.752967] ? __pfx_kthread+0x10/0x10 [ 14.752989] ret_from_fork_asm+0x1a/0x30 [ 14.753030] </TASK> [ 14.753044] [ 14.760488] Allocated by task 282: [ 14.760652] kasan_save_stack+0x45/0x70 [ 14.760858] kasan_save_track+0x18/0x40 [ 14.761063] kasan_save_alloc_info+0x3b/0x50 [ 14.761277] __kasan_kmalloc+0xb7/0xc0 [ 14.761469] __kmalloc_cache_noprof+0x189/0x420 [ 14.761757] kasan_atomics+0x95/0x310 [ 14.761947] kunit_try_run_case+0x1a5/0x480 [ 14.762108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.762283] kthread+0x337/0x6f0 [ 14.762404] ret_from_fork+0x116/0x1d0 [ 14.762536] ret_from_fork_asm+0x1a/0x30 [ 14.762675] [ 14.762746] The buggy address belongs to the object at ffff8881033c5500 [ 14.762746] which belongs to the cache kmalloc-64 of size 64 [ 14.763271] The buggy address is located 0 bytes to the right of [ 14.763271] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.763813] [ 14.763910] The buggy address belongs to the physical page: [ 14.764203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.764445] flags: 0x200000000000000(node=0|zone=2) [ 14.764612] page_type: f5(slab) [ 14.764966] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.765327] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.765654] page dumped because: kasan: bad access detected [ 14.765874] [ 14.765952] Memory state around the buggy address: [ 14.766127] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.766343] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.766632] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.766960] ^ [ 14.767199] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.767531] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.767837] ================================================================== [ 14.920772] ================================================================== [ 14.921132] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.921662] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.921934] [ 14.922038] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.922083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.922096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.922118] Call Trace: [ 14.922135] <TASK> [ 14.922153] dump_stack_lvl+0x73/0xb0 [ 14.922194] print_report+0xd1/0x650 [ 14.922216] ? __virt_addr_valid+0x1db/0x2d0 [ 14.922252] ? kasan_atomics_helper+0x177f/0x5450 [ 14.922274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.922297] ? kasan_atomics_helper+0x177f/0x5450 [ 14.922319] kasan_report+0x141/0x180 [ 14.922351] ? kasan_atomics_helper+0x177f/0x5450 [ 14.922379] kasan_check_range+0x10c/0x1c0 [ 14.922403] __kasan_check_write+0x18/0x20 [ 14.922433] kasan_atomics_helper+0x177f/0x5450 [ 14.922457] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.922479] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.922514] ? trace_hardirqs_on+0x37/0xe0 [ 14.922538] ? kasan_atomics+0x152/0x310 [ 14.922576] kasan_atomics+0x1dc/0x310 [ 14.922600] ? __pfx_kasan_atomics+0x10/0x10 [ 14.922624] ? __pfx_kasan_atomics+0x10/0x10 [ 14.922660] kunit_try_run_case+0x1a5/0x480 [ 14.922693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.922716] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.922740] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.922775] ? __kthread_parkme+0x82/0x180 [ 14.922797] ? preempt_count_sub+0x50/0x80 [ 14.922821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.922855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.922879] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.922903] kthread+0x337/0x6f0 [ 14.922934] ? trace_preempt_on+0x20/0xc0 [ 14.922957] ? __pfx_kthread+0x10/0x10 [ 14.922978] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.923007] ? calculate_sigpending+0x7b/0xa0 [ 14.923041] ? __pfx_kthread+0x10/0x10 [ 14.923063] ret_from_fork+0x116/0x1d0 [ 14.923093] ? __pfx_kthread+0x10/0x10 [ 14.923114] ret_from_fork_asm+0x1a/0x30 [ 14.923146] </TASK> [ 14.923158] [ 14.932413] Allocated by task 282: [ 14.932566] kasan_save_stack+0x45/0x70 [ 14.932935] kasan_save_track+0x18/0x40 [ 14.933338] kasan_save_alloc_info+0x3b/0x50 [ 14.933770] __kasan_kmalloc+0xb7/0xc0 [ 14.934172] __kmalloc_cache_noprof+0x189/0x420 [ 14.934595] kasan_atomics+0x95/0x310 [ 14.934998] kunit_try_run_case+0x1a5/0x480 [ 14.935402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.935922] kthread+0x337/0x6f0 [ 14.936091] ret_from_fork+0x116/0x1d0 [ 14.936470] ret_from_fork_asm+0x1a/0x30 [ 14.936824] [ 14.936966] The buggy address belongs to the object at ffff8881033c5500 [ 14.936966] which belongs to the cache kmalloc-64 of size 64 [ 14.937625] The buggy address is located 0 bytes to the right of [ 14.937625] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.938753] [ 14.938947] The buggy address belongs to the physical page: [ 14.939291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.939534] flags: 0x200000000000000(node=0|zone=2) [ 14.939740] page_type: f5(slab) [ 14.940077] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.940761] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.941407] page dumped because: kasan: bad access detected [ 14.941894] [ 14.942070] Memory state around the buggy address: [ 14.942513] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.943237] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.943623] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.944274] ^ [ 14.944722] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.945153] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.945368] ================================================================== [ 15.342863] ================================================================== [ 15.343551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 15.343938] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.344461] [ 15.344704] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.344755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.344790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.344813] Call Trace: [ 15.344833] <TASK> [ 15.344851] dump_stack_lvl+0x73/0xb0 [ 15.344882] print_report+0xd1/0x650 [ 15.344906] ? __virt_addr_valid+0x1db/0x2d0 [ 15.344931] ? kasan_atomics_helper+0x224c/0x5450 [ 15.344954] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.344977] ? kasan_atomics_helper+0x224c/0x5450 [ 15.345000] kasan_report+0x141/0x180 [ 15.345034] ? kasan_atomics_helper+0x224c/0x5450 [ 15.345062] kasan_check_range+0x10c/0x1c0 [ 15.345086] __kasan_check_write+0x18/0x20 [ 15.345109] kasan_atomics_helper+0x224c/0x5450 [ 15.345134] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.345157] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.345182] ? trace_hardirqs_on+0x37/0xe0 [ 15.345206] ? kasan_atomics+0x152/0x310 [ 15.345233] kasan_atomics+0x1dc/0x310 [ 15.345257] ? __pfx_kasan_atomics+0x10/0x10 [ 15.345280] ? __pfx_kasan_atomics+0x10/0x10 [ 15.345308] kunit_try_run_case+0x1a5/0x480 [ 15.345332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.345355] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.345380] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.345405] ? __kthread_parkme+0x82/0x180 [ 15.345426] ? preempt_count_sub+0x50/0x80 [ 15.345451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.345476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.345500] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.345524] kthread+0x337/0x6f0 [ 15.345543] ? trace_preempt_on+0x20/0xc0 [ 15.345566] ? __pfx_kthread+0x10/0x10 [ 15.345587] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.345608] ? calculate_sigpending+0x7b/0xa0 [ 15.345640] ? __pfx_kthread+0x10/0x10 [ 15.345662] ret_from_fork+0x116/0x1d0 [ 15.345681] ? __pfx_kthread+0x10/0x10 [ 15.345703] ret_from_fork_asm+0x1a/0x30 [ 15.345734] </TASK> [ 15.345746] [ 15.353068] Allocated by task 282: [ 15.353203] kasan_save_stack+0x45/0x70 [ 15.353479] kasan_save_track+0x18/0x40 [ 15.353705] kasan_save_alloc_info+0x3b/0x50 [ 15.353920] __kasan_kmalloc+0xb7/0xc0 [ 15.354078] __kmalloc_cache_noprof+0x189/0x420 [ 15.354237] kasan_atomics+0x95/0x310 [ 15.354383] kunit_try_run_case+0x1a5/0x480 [ 15.354590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.355099] kthread+0x337/0x6f0 [ 15.355275] ret_from_fork+0x116/0x1d0 [ 15.355446] ret_from_fork_asm+0x1a/0x30 [ 15.355587] [ 15.355658] The buggy address belongs to the object at ffff8881033c5500 [ 15.355658] which belongs to the cache kmalloc-64 of size 64 [ 15.356074] The buggy address is located 0 bytes to the right of [ 15.356074] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.356625] [ 15.356713] The buggy address belongs to the physical page: [ 15.356886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.357136] flags: 0x200000000000000(node=0|zone=2) [ 15.357394] page_type: f5(slab) [ 15.357565] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.358065] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.358413] page dumped because: kasan: bad access detected [ 15.358687] [ 15.358784] Memory state around the buggy address: [ 15.358976] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.359243] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.359549] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.359933] ^ [ 15.360114] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.360447] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.360754] ================================================================== [ 14.396045] ================================================================== [ 14.396316] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 14.396795] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.397073] [ 14.397222] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.397270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.397294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.397318] Call Trace: [ 14.397339] <TASK> [ 14.397369] dump_stack_lvl+0x73/0xb0 [ 14.397400] print_report+0xd1/0x650 [ 14.397426] ? __virt_addr_valid+0x1db/0x2d0 [ 14.397451] ? kasan_atomics_helper+0xac7/0x5450 [ 14.397473] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.397495] ? kasan_atomics_helper+0xac7/0x5450 [ 14.397516] kasan_report+0x141/0x180 [ 14.397539] ? kasan_atomics_helper+0xac7/0x5450 [ 14.397565] kasan_check_range+0x10c/0x1c0 [ 14.397590] __kasan_check_write+0x18/0x20 [ 14.397610] kasan_atomics_helper+0xac7/0x5450 [ 14.397632] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.397665] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.397693] ? trace_hardirqs_on+0x37/0xe0 [ 14.397720] ? kasan_atomics+0x152/0x310 [ 14.397759] kasan_atomics+0x1dc/0x310 [ 14.397782] ? __pfx_kasan_atomics+0x10/0x10 [ 14.397817] ? __pfx_kasan_atomics+0x10/0x10 [ 14.397845] kunit_try_run_case+0x1a5/0x480 [ 14.397869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.397902] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.397928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.397953] ? __kthread_parkme+0x82/0x180 [ 14.397975] ? preempt_count_sub+0x50/0x80 [ 14.397999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.398033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.398057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.398081] kthread+0x337/0x6f0 [ 14.398101] ? trace_preempt_on+0x20/0xc0 [ 14.398123] ? __pfx_kthread+0x10/0x10 [ 14.398144] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.398165] ? calculate_sigpending+0x7b/0xa0 [ 14.398202] ? __pfx_kthread+0x10/0x10 [ 14.398224] ret_from_fork+0x116/0x1d0 [ 14.398244] ? __pfx_kthread+0x10/0x10 [ 14.398276] ret_from_fork_asm+0x1a/0x30 [ 14.398308] </TASK> [ 14.398320] [ 14.405998] Allocated by task 282: [ 14.406140] kasan_save_stack+0x45/0x70 [ 14.406283] kasan_save_track+0x18/0x40 [ 14.406474] kasan_save_alloc_info+0x3b/0x50 [ 14.406689] __kasan_kmalloc+0xb7/0xc0 [ 14.406871] __kmalloc_cache_noprof+0x189/0x420 [ 14.407097] kasan_atomics+0x95/0x310 [ 14.407254] kunit_try_run_case+0x1a5/0x480 [ 14.407398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.407694] kthread+0x337/0x6f0 [ 14.407865] ret_from_fork+0x116/0x1d0 [ 14.408066] ret_from_fork_asm+0x1a/0x30 [ 14.408298] [ 14.408408] The buggy address belongs to the object at ffff8881033c5500 [ 14.408408] which belongs to the cache kmalloc-64 of size 64 [ 14.408906] The buggy address is located 0 bytes to the right of [ 14.408906] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.409455] [ 14.409555] The buggy address belongs to the physical page: [ 14.409793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.410107] flags: 0x200000000000000(node=0|zone=2) [ 14.410343] page_type: f5(slab) [ 14.410494] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.410727] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.410955] page dumped because: kasan: bad access detected [ 14.411149] [ 14.411278] Memory state around the buggy address: [ 14.411503] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.412079] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.412316] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.412530] ^ [ 14.412713] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.413055] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.413413] ================================================================== [ 14.672888] ================================================================== [ 14.673357] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 14.673874] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.674118] [ 14.674238] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.674318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.674331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.674367] Call Trace: [ 14.674399] <TASK> [ 14.674430] dump_stack_lvl+0x73/0xb0 [ 14.674474] print_report+0xd1/0x650 [ 14.674525] ? __virt_addr_valid+0x1db/0x2d0 [ 14.674563] ? kasan_atomics_helper+0x1217/0x5450 [ 14.674599] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.674635] ? kasan_atomics_helper+0x1217/0x5450 [ 14.674683] kasan_report+0x141/0x180 [ 14.674718] ? kasan_atomics_helper+0x1217/0x5450 [ 14.674758] kasan_check_range+0x10c/0x1c0 [ 14.674813] __kasan_check_write+0x18/0x20 [ 14.674833] kasan_atomics_helper+0x1217/0x5450 [ 14.674869] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.674904] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.674930] ? trace_hardirqs_on+0x37/0xe0 [ 14.674964] ? kasan_atomics+0x152/0x310 [ 14.674990] kasan_atomics+0x1dc/0x310 [ 14.675014] ? __pfx_kasan_atomics+0x10/0x10 [ 14.675048] ? __pfx_kasan_atomics+0x10/0x10 [ 14.675075] kunit_try_run_case+0x1a5/0x480 [ 14.675099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.675122] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.675146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.675169] ? __kthread_parkme+0x82/0x180 [ 14.675190] ? preempt_count_sub+0x50/0x80 [ 14.675214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.675238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.675262] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.675285] kthread+0x337/0x6f0 [ 14.675305] ? trace_preempt_on+0x20/0xc0 [ 14.675327] ? __pfx_kthread+0x10/0x10 [ 14.675349] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.675372] ? calculate_sigpending+0x7b/0xa0 [ 14.675395] ? __pfx_kthread+0x10/0x10 [ 14.675417] ret_from_fork+0x116/0x1d0 [ 14.675437] ? __pfx_kthread+0x10/0x10 [ 14.675457] ret_from_fork_asm+0x1a/0x30 [ 14.675488] </TASK> [ 14.675500] [ 14.686198] Allocated by task 282: [ 14.686408] kasan_save_stack+0x45/0x70 [ 14.686726] kasan_save_track+0x18/0x40 [ 14.686909] kasan_save_alloc_info+0x3b/0x50 [ 14.687122] __kasan_kmalloc+0xb7/0xc0 [ 14.687287] __kmalloc_cache_noprof+0x189/0x420 [ 14.687481] kasan_atomics+0x95/0x310 [ 14.687644] kunit_try_run_case+0x1a5/0x480 [ 14.687826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.688062] kthread+0x337/0x6f0 [ 14.688227] ret_from_fork+0x116/0x1d0 [ 14.688386] ret_from_fork_asm+0x1a/0x30 [ 14.688562] [ 14.688646] The buggy address belongs to the object at ffff8881033c5500 [ 14.688646] which belongs to the cache kmalloc-64 of size 64 [ 14.689595] The buggy address is located 0 bytes to the right of [ 14.689595] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.690301] [ 14.690403] The buggy address belongs to the physical page: [ 14.690629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.691221] flags: 0x200000000000000(node=0|zone=2) [ 14.691515] page_type: f5(slab) [ 14.691760] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.692161] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.692522] page dumped because: kasan: bad access detected [ 14.692796] [ 14.693064] Memory state around the buggy address: [ 14.693281] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.693676] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.694064] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.694436] ^ [ 14.694605] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.695067] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.695406] ================================================================== [ 14.768835] ================================================================== [ 14.769537] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.770208] Read of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.770442] [ 14.770534] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.770589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.770603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.770626] Call Trace: [ 14.770646] <TASK> [ 14.770664] dump_stack_lvl+0x73/0xb0 [ 14.770694] print_report+0xd1/0x650 [ 14.770716] ? __virt_addr_valid+0x1db/0x2d0 [ 14.770749] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.770771] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.770793] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.770817] kasan_report+0x141/0x180 [ 14.770839] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.770866] __asan_report_load8_noabort+0x18/0x20 [ 14.770891] kasan_atomics_helper+0x4eae/0x5450 [ 14.770914] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.770937] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.770963] ? trace_hardirqs_on+0x37/0xe0 [ 14.770987] ? kasan_atomics+0x152/0x310 [ 14.771015] kasan_atomics+0x1dc/0x310 [ 14.771297] ? __pfx_kasan_atomics+0x10/0x10 [ 14.771324] ? __pfx_kasan_atomics+0x10/0x10 [ 14.771354] kunit_try_run_case+0x1a5/0x480 [ 14.771378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.771410] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.771437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.771462] ? __kthread_parkme+0x82/0x180 [ 14.771484] ? preempt_count_sub+0x50/0x80 [ 14.771508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.771534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.771557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.771582] kthread+0x337/0x6f0 [ 14.771602] ? trace_preempt_on+0x20/0xc0 [ 14.771626] ? __pfx_kthread+0x10/0x10 [ 14.772086] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.772122] ? calculate_sigpending+0x7b/0xa0 [ 14.772154] ? __pfx_kthread+0x10/0x10 [ 14.772178] ret_from_fork+0x116/0x1d0 [ 14.772199] ? __pfx_kthread+0x10/0x10 [ 14.772220] ret_from_fork_asm+0x1a/0x30 [ 14.772252] </TASK> [ 14.772266] [ 14.783210] Allocated by task 282: [ 14.783386] kasan_save_stack+0x45/0x70 [ 14.783585] kasan_save_track+0x18/0x40 [ 14.783973] kasan_save_alloc_info+0x3b/0x50 [ 14.784383] __kasan_kmalloc+0xb7/0xc0 [ 14.784687] __kmalloc_cache_noprof+0x189/0x420 [ 14.784909] kasan_atomics+0x95/0x310 [ 14.785099] kunit_try_run_case+0x1a5/0x480 [ 14.785294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.785529] kthread+0x337/0x6f0 [ 14.785982] ret_from_fork+0x116/0x1d0 [ 14.786315] ret_from_fork_asm+0x1a/0x30 [ 14.786739] [ 14.786963] The buggy address belongs to the object at ffff8881033c5500 [ 14.786963] which belongs to the cache kmalloc-64 of size 64 [ 14.787860] The buggy address is located 0 bytes to the right of [ 14.787860] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.788402] [ 14.788499] The buggy address belongs to the physical page: [ 14.788939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.789456] flags: 0x200000000000000(node=0|zone=2) [ 14.790059] page_type: f5(slab) [ 14.790238] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.790557] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.791091] page dumped because: kasan: bad access detected [ 14.791514] [ 14.791609] Memory state around the buggy address: [ 14.791988] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.792298] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.792592] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.793182] ^ [ 14.793640] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.794102] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.794524] ================================================================== [ 15.361363] ================================================================== [ 15.361715] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 15.362038] Read of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.362309] [ 15.362420] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.362465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.362478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.362502] Call Trace: [ 15.362521] <TASK> [ 15.362540] dump_stack_lvl+0x73/0xb0 [ 15.362568] print_report+0xd1/0x650 [ 15.362591] ? __virt_addr_valid+0x1db/0x2d0 [ 15.362617] ? kasan_atomics_helper+0x5115/0x5450 [ 15.362639] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.362673] ? kasan_atomics_helper+0x5115/0x5450 [ 15.362696] kasan_report+0x141/0x180 [ 15.362718] ? kasan_atomics_helper+0x5115/0x5450 [ 15.362745] __asan_report_load8_noabort+0x18/0x20 [ 15.362770] kasan_atomics_helper+0x5115/0x5450 [ 15.362793] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.362817] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.362843] ? trace_hardirqs_on+0x37/0xe0 [ 15.362866] ? kasan_atomics+0x152/0x310 [ 15.362893] kasan_atomics+0x1dc/0x310 [ 15.362917] ? __pfx_kasan_atomics+0x10/0x10 [ 15.362941] ? __pfx_kasan_atomics+0x10/0x10 [ 15.362969] kunit_try_run_case+0x1a5/0x480 [ 15.362994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.363016] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.363052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.363077] ? __kthread_parkme+0x82/0x180 [ 15.363099] ? preempt_count_sub+0x50/0x80 [ 15.363124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.363149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.363172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.363197] kthread+0x337/0x6f0 [ 15.363216] ? trace_preempt_on+0x20/0xc0 [ 15.363239] ? __pfx_kthread+0x10/0x10 [ 15.363260] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.363281] ? calculate_sigpending+0x7b/0xa0 [ 15.363306] ? __pfx_kthread+0x10/0x10 [ 15.363329] ret_from_fork+0x116/0x1d0 [ 15.363349] ? __pfx_kthread+0x10/0x10 [ 15.363370] ret_from_fork_asm+0x1a/0x30 [ 15.363401] </TASK> [ 15.363414] [ 15.370585] Allocated by task 282: [ 15.370792] kasan_save_stack+0x45/0x70 [ 15.371046] kasan_save_track+0x18/0x40 [ 15.371239] kasan_save_alloc_info+0x3b/0x50 [ 15.371422] __kasan_kmalloc+0xb7/0xc0 [ 15.371612] __kmalloc_cache_noprof+0x189/0x420 [ 15.371816] kasan_atomics+0x95/0x310 [ 15.371991] kunit_try_run_case+0x1a5/0x480 [ 15.372184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.372393] kthread+0x337/0x6f0 [ 15.372563] ret_from_fork+0x116/0x1d0 [ 15.372751] ret_from_fork_asm+0x1a/0x30 [ 15.372987] [ 15.373067] The buggy address belongs to the object at ffff8881033c5500 [ 15.373067] which belongs to the cache kmalloc-64 of size 64 [ 15.373667] The buggy address is located 0 bytes to the right of [ 15.373667] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.374175] [ 15.374273] The buggy address belongs to the physical page: [ 15.374499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.374817] flags: 0x200000000000000(node=0|zone=2) [ 15.374980] page_type: f5(slab) [ 15.375110] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.375342] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.375566] page dumped because: kasan: bad access detected [ 15.375735] [ 15.375806] Memory state around the buggy address: [ 15.375959] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.376273] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.376598] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.376906] ^ [ 15.377136] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.377460] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.377837] ================================================================== [ 14.238260] ================================================================== [ 14.238623] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 14.239437] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.239778] [ 14.239914] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.239972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.239985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.240009] Call Trace: [ 14.240036] <TASK> [ 14.240055] dump_stack_lvl+0x73/0xb0 [ 14.240084] print_report+0xd1/0x650 [ 14.240108] ? __virt_addr_valid+0x1db/0x2d0 [ 14.240132] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.240160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.240186] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.240208] kasan_report+0x141/0x180 [ 14.240231] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.240257] kasan_check_range+0x10c/0x1c0 [ 14.240293] __kasan_check_write+0x18/0x20 [ 14.240314] kasan_atomics_helper+0x5fe/0x5450 [ 14.240337] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.240370] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.240397] ? trace_hardirqs_on+0x37/0xe0 [ 14.240420] ? kasan_atomics+0x152/0x310 [ 14.240448] kasan_atomics+0x1dc/0x310 [ 14.240480] ? __pfx_kasan_atomics+0x10/0x10 [ 14.240504] ? __pfx_kasan_atomics+0x10/0x10 [ 14.240543] kunit_try_run_case+0x1a5/0x480 [ 14.240567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.240589] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.240624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.240656] ? __kthread_parkme+0x82/0x180 [ 14.240677] ? preempt_count_sub+0x50/0x80 [ 14.240712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.240736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.240760] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.240785] kthread+0x337/0x6f0 [ 14.240804] ? trace_preempt_on+0x20/0xc0 [ 14.240836] ? __pfx_kthread+0x10/0x10 [ 14.240856] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.240879] ? calculate_sigpending+0x7b/0xa0 [ 14.240913] ? __pfx_kthread+0x10/0x10 [ 14.240935] ret_from_fork+0x116/0x1d0 [ 14.240955] ? __pfx_kthread+0x10/0x10 [ 14.240982] ret_from_fork_asm+0x1a/0x30 [ 14.241014] </TASK> [ 14.241042] [ 14.248810] Allocated by task 282: [ 14.249178] kasan_save_stack+0x45/0x70 [ 14.249332] kasan_save_track+0x18/0x40 [ 14.249554] kasan_save_alloc_info+0x3b/0x50 [ 14.249789] __kasan_kmalloc+0xb7/0xc0 [ 14.249996] __kmalloc_cache_noprof+0x189/0x420 [ 14.250173] kasan_atomics+0x95/0x310 [ 14.250363] kunit_try_run_case+0x1a5/0x480 [ 14.250601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.250835] kthread+0x337/0x6f0 [ 14.251032] ret_from_fork+0x116/0x1d0 [ 14.251175] ret_from_fork_asm+0x1a/0x30 [ 14.251390] [ 14.251485] The buggy address belongs to the object at ffff8881033c5500 [ 14.251485] which belongs to the cache kmalloc-64 of size 64 [ 14.251984] The buggy address is located 0 bytes to the right of [ 14.251984] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.252491] [ 14.252570] The buggy address belongs to the physical page: [ 14.252880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.253252] flags: 0x200000000000000(node=0|zone=2) [ 14.253439] page_type: f5(slab) [ 14.253563] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.253883] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.254244] page dumped because: kasan: bad access detected [ 14.254417] [ 14.254486] Memory state around the buggy address: [ 14.254643] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.255008] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.255353] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.255738] ^ [ 14.255928] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.256211] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.256553] ================================================================== [ 14.276518] ================================================================== [ 14.277101] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 14.277511] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.277982] [ 14.278097] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.278142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.278156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.278179] Call Trace: [ 14.278193] <TASK> [ 14.278209] dump_stack_lvl+0x73/0xb0 [ 14.278237] print_report+0xd1/0x650 [ 14.278262] ? __virt_addr_valid+0x1db/0x2d0 [ 14.278286] ? kasan_atomics_helper+0x72f/0x5450 [ 14.278309] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.278332] ? kasan_atomics_helper+0x72f/0x5450 [ 14.278366] kasan_report+0x141/0x180 [ 14.278389] ? kasan_atomics_helper+0x72f/0x5450 [ 14.278426] kasan_check_range+0x10c/0x1c0 [ 14.278451] __kasan_check_write+0x18/0x20 [ 14.278471] kasan_atomics_helper+0x72f/0x5450 [ 14.278494] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.278517] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.278542] ? trace_hardirqs_on+0x37/0xe0 [ 14.278566] ? kasan_atomics+0x152/0x310 [ 14.278594] kasan_atomics+0x1dc/0x310 [ 14.278617] ? __pfx_kasan_atomics+0x10/0x10 [ 14.278640] ? __pfx_kasan_atomics+0x10/0x10 [ 14.278667] kunit_try_run_case+0x1a5/0x480 [ 14.278692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.278714] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.278739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.278762] ? __kthread_parkme+0x82/0x180 [ 14.278782] ? preempt_count_sub+0x50/0x80 [ 14.278808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.278831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.278854] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.278878] kthread+0x337/0x6f0 [ 14.278897] ? trace_preempt_on+0x20/0xc0 [ 14.278920] ? __pfx_kthread+0x10/0x10 [ 14.278942] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.278962] ? calculate_sigpending+0x7b/0xa0 [ 14.278987] ? __pfx_kthread+0x10/0x10 [ 14.279008] ret_from_fork+0x116/0x1d0 [ 14.279036] ? __pfx_kthread+0x10/0x10 [ 14.279057] ret_from_fork_asm+0x1a/0x30 [ 14.279088] </TASK> [ 14.279100] [ 14.286988] Allocated by task 282: [ 14.287179] kasan_save_stack+0x45/0x70 [ 14.287370] kasan_save_track+0x18/0x40 [ 14.287509] kasan_save_alloc_info+0x3b/0x50 [ 14.287789] __kasan_kmalloc+0xb7/0xc0 [ 14.287947] __kmalloc_cache_noprof+0x189/0x420 [ 14.288117] kasan_atomics+0x95/0x310 [ 14.288259] kunit_try_run_case+0x1a5/0x480 [ 14.288408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.288583] kthread+0x337/0x6f0 [ 14.288704] ret_from_fork+0x116/0x1d0 [ 14.288837] ret_from_fork_asm+0x1a/0x30 [ 14.289000] [ 14.289139] The buggy address belongs to the object at ffff8881033c5500 [ 14.289139] which belongs to the cache kmalloc-64 of size 64 [ 14.289664] The buggy address is located 0 bytes to the right of [ 14.289664] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.290213] [ 14.290309] The buggy address belongs to the physical page: [ 14.290556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.291068] flags: 0x200000000000000(node=0|zone=2) [ 14.291234] page_type: f5(slab) [ 14.291360] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.291591] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.292125] page dumped because: kasan: bad access detected [ 14.292384] [ 14.292490] Memory state around the buggy address: [ 14.292736] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.293157] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.293413] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.293761] ^ [ 14.294066] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.294323] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.294540] ================================================================== [ 14.733277] ================================================================== [ 14.733635] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 14.733979] Read of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.734302] [ 14.734422] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.734468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.734481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.734503] Call Trace: [ 14.734521] <TASK> [ 14.734539] dump_stack_lvl+0x73/0xb0 [ 14.734567] print_report+0xd1/0x650 [ 14.734590] ? __virt_addr_valid+0x1db/0x2d0 [ 14.734614] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.734635] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.734658] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.734680] kasan_report+0x141/0x180 [ 14.734703] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.734729] __asan_report_load4_noabort+0x18/0x20 [ 14.734754] kasan_atomics_helper+0x49ce/0x5450 [ 14.734776] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.734798] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.734823] ? trace_hardirqs_on+0x37/0xe0 [ 14.734846] ? kasan_atomics+0x152/0x310 [ 14.734873] kasan_atomics+0x1dc/0x310 [ 14.734895] ? __pfx_kasan_atomics+0x10/0x10 [ 14.734919] ? __pfx_kasan_atomics+0x10/0x10 [ 14.734945] kunit_try_run_case+0x1a5/0x480 [ 14.734970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.734992] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.735017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.735051] ? __kthread_parkme+0x82/0x180 [ 14.735074] ? preempt_count_sub+0x50/0x80 [ 14.735098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.735123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.735146] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.735170] kthread+0x337/0x6f0 [ 14.735189] ? trace_preempt_on+0x20/0xc0 [ 14.735211] ? __pfx_kthread+0x10/0x10 [ 14.735232] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.735255] ? calculate_sigpending+0x7b/0xa0 [ 14.735279] ? __pfx_kthread+0x10/0x10 [ 14.735301] ret_from_fork+0x116/0x1d0 [ 14.735321] ? __pfx_kthread+0x10/0x10 [ 14.735343] ret_from_fork_asm+0x1a/0x30 [ 14.735373] </TASK> [ 14.735386] [ 14.742552] Allocated by task 282: [ 14.742843] kasan_save_stack+0x45/0x70 [ 14.743054] kasan_save_track+0x18/0x40 [ 14.743248] kasan_save_alloc_info+0x3b/0x50 [ 14.743463] __kasan_kmalloc+0xb7/0xc0 [ 14.743627] __kmalloc_cache_noprof+0x189/0x420 [ 14.743840] kasan_atomics+0x95/0x310 [ 14.743997] kunit_try_run_case+0x1a5/0x480 [ 14.744159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.744360] kthread+0x337/0x6f0 [ 14.744524] ret_from_fork+0x116/0x1d0 [ 14.744719] ret_from_fork_asm+0x1a/0x30 [ 14.745110] [ 14.745198] The buggy address belongs to the object at ffff8881033c5500 [ 14.745198] which belongs to the cache kmalloc-64 of size 64 [ 14.745663] The buggy address is located 0 bytes to the right of [ 14.745663] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.746096] [ 14.746194] The buggy address belongs to the physical page: [ 14.746448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.746797] flags: 0x200000000000000(node=0|zone=2) [ 14.747006] page_type: f5(slab) [ 14.747191] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.747495] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.747958] page dumped because: kasan: bad access detected [ 14.748204] [ 14.748281] Memory state around the buggy address: [ 14.748473] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.748803] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.749113] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.749377] ^ [ 14.749571] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.749787] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.749999] ================================================================== [ 14.615314] ================================================================== [ 14.615947] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 14.616301] Read of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.616605] [ 14.617607] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.617664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.617678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.617701] Call Trace: [ 14.617719] <TASK> [ 14.617737] dump_stack_lvl+0x73/0xb0 [ 14.617769] print_report+0xd1/0x650 [ 14.617794] ? __virt_addr_valid+0x1db/0x2d0 [ 14.617818] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.617841] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.617863] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.617885] kasan_report+0x141/0x180 [ 14.617908] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.617934] __asan_report_load4_noabort+0x18/0x20 [ 14.617959] kasan_atomics_helper+0x4a1c/0x5450 [ 14.617982] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.618004] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.618044] ? trace_hardirqs_on+0x37/0xe0 [ 14.618067] ? kasan_atomics+0x152/0x310 [ 14.618094] kasan_atomics+0x1dc/0x310 [ 14.618118] ? __pfx_kasan_atomics+0x10/0x10 [ 14.618142] ? __pfx_kasan_atomics+0x10/0x10 [ 14.618170] kunit_try_run_case+0x1a5/0x480 [ 14.618195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.618217] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.618241] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.618265] ? __kthread_parkme+0x82/0x180 [ 14.618287] ? preempt_count_sub+0x50/0x80 [ 14.618311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.618336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.618359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.618383] kthread+0x337/0x6f0 [ 14.618403] ? trace_preempt_on+0x20/0xc0 [ 14.618425] ? __pfx_kthread+0x10/0x10 [ 14.618446] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.618468] ? calculate_sigpending+0x7b/0xa0 [ 14.618492] ? __pfx_kthread+0x10/0x10 [ 14.618514] ret_from_fork+0x116/0x1d0 [ 14.618534] ? __pfx_kthread+0x10/0x10 [ 14.618555] ret_from_fork_asm+0x1a/0x30 [ 14.618585] </TASK> [ 14.618598] [ 14.626124] Allocated by task 282: [ 14.626309] kasan_save_stack+0x45/0x70 [ 14.626513] kasan_save_track+0x18/0x40 [ 14.626702] kasan_save_alloc_info+0x3b/0x50 [ 14.626910] __kasan_kmalloc+0xb7/0xc0 [ 14.627166] __kmalloc_cache_noprof+0x189/0x420 [ 14.627323] kasan_atomics+0x95/0x310 [ 14.627456] kunit_try_run_case+0x1a5/0x480 [ 14.627600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.627768] kthread+0x337/0x6f0 [ 14.628010] ret_from_fork+0x116/0x1d0 [ 14.628218] ret_from_fork_asm+0x1a/0x30 [ 14.628440] [ 14.628558] The buggy address belongs to the object at ffff8881033c5500 [ 14.628558] which belongs to the cache kmalloc-64 of size 64 [ 14.629454] The buggy address is located 0 bytes to the right of [ 14.629454] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.630051] [ 14.630169] The buggy address belongs to the physical page: [ 14.630428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.630929] flags: 0x200000000000000(node=0|zone=2) [ 14.631113] page_type: f5(slab) [ 14.631235] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.631462] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.631841] page dumped because: kasan: bad access detected [ 14.632105] [ 14.632208] Memory state around the buggy address: [ 14.632453] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.632796] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.633216] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.633575] ^ [ 14.633826] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.634157] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.634501] ================================================================== [ 14.039214] ================================================================== [ 14.040470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.041017] Read of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.041255] [ 14.041354] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.041409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.041421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.041445] Call Trace: [ 14.041459] <TASK> [ 14.041480] dump_stack_lvl+0x73/0xb0 [ 14.041512] print_report+0xd1/0x650 [ 14.041536] ? __virt_addr_valid+0x1db/0x2d0 [ 14.041560] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.041581] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.041602] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.041623] kasan_report+0x141/0x180 [ 14.041643] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.041668] __asan_report_load4_noabort+0x18/0x20 [ 14.041692] kasan_atomics_helper+0x4bbc/0x5450 [ 14.041713] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.041734] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.041758] ? trace_hardirqs_on+0x37/0xe0 [ 14.041781] ? kasan_atomics+0x152/0x310 [ 14.041806] kasan_atomics+0x1dc/0x310 [ 14.041828] ? __pfx_kasan_atomics+0x10/0x10 [ 14.041851] ? __pfx_kasan_atomics+0x10/0x10 [ 14.041878] kunit_try_run_case+0x1a5/0x480 [ 14.041904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.041925] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.041949] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.041971] ? __kthread_parkme+0x82/0x180 [ 14.041992] ? preempt_count_sub+0x50/0x80 [ 14.042016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.042050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.042072] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.042094] kthread+0x337/0x6f0 [ 14.042113] ? trace_preempt_on+0x20/0xc0 [ 14.042134] ? __pfx_kthread+0x10/0x10 [ 14.042154] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.042175] ? calculate_sigpending+0x7b/0xa0 [ 14.042200] ? __pfx_kthread+0x10/0x10 [ 14.042221] ret_from_fork+0x116/0x1d0 [ 14.042240] ? __pfx_kthread+0x10/0x10 [ 14.042260] ret_from_fork_asm+0x1a/0x30 [ 14.042290] </TASK> [ 14.042302] [ 14.058589] Allocated by task 282: [ 14.059172] kasan_save_stack+0x45/0x70 [ 14.059552] kasan_save_track+0x18/0x40 [ 14.060088] kasan_save_alloc_info+0x3b/0x50 [ 14.060648] __kasan_kmalloc+0xb7/0xc0 [ 14.061149] __kmalloc_cache_noprof+0x189/0x420 [ 14.061356] kasan_atomics+0x95/0x310 [ 14.061495] kunit_try_run_case+0x1a5/0x480 [ 14.061715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.062430] kthread+0x337/0x6f0 [ 14.062859] ret_from_fork+0x116/0x1d0 [ 14.063328] ret_from_fork_asm+0x1a/0x30 [ 14.063792] [ 14.063973] The buggy address belongs to the object at ffff8881033c5500 [ 14.063973] which belongs to the cache kmalloc-64 of size 64 [ 14.065205] The buggy address is located 0 bytes to the right of [ 14.065205] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.065578] [ 14.065680] The buggy address belongs to the physical page: [ 14.066604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.067395] flags: 0x200000000000000(node=0|zone=2) [ 14.067939] page_type: f5(slab) [ 14.068391] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.069193] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.069981] page dumped because: kasan: bad access detected [ 14.070467] [ 14.070557] Memory state around the buggy address: [ 14.071042] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.071390] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.071612] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.072328] ^ [ 14.072854] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.073476] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.074200] ================================================================== [ 14.847147] ================================================================== [ 14.847514] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.847868] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.848287] [ 14.848409] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.848464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.848478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.848501] Call Trace: [ 14.848532] <TASK> [ 14.848552] dump_stack_lvl+0x73/0xb0 [ 14.848582] print_report+0xd1/0x650 [ 14.848607] ? __virt_addr_valid+0x1db/0x2d0 [ 14.848646] ? kasan_atomics_helper+0x151d/0x5450 [ 14.848668] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.848713] ? kasan_atomics_helper+0x151d/0x5450 [ 14.848737] kasan_report+0x141/0x180 [ 14.848762] ? kasan_atomics_helper+0x151d/0x5450 [ 14.848789] kasan_check_range+0x10c/0x1c0 [ 14.848814] __kasan_check_write+0x18/0x20 [ 14.848835] kasan_atomics_helper+0x151d/0x5450 [ 14.848859] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.848883] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.848908] ? trace_hardirqs_on+0x37/0xe0 [ 14.848932] ? kasan_atomics+0x152/0x310 [ 14.848959] kasan_atomics+0x1dc/0x310 [ 14.848990] ? __pfx_kasan_atomics+0x10/0x10 [ 14.849014] ? __pfx_kasan_atomics+0x10/0x10 [ 14.849057] kunit_try_run_case+0x1a5/0x480 [ 14.849082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.849105] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.849130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.849154] ? __kthread_parkme+0x82/0x180 [ 14.849175] ? preempt_count_sub+0x50/0x80 [ 14.849200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.849223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.849247] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.849271] kthread+0x337/0x6f0 [ 14.849291] ? trace_preempt_on+0x20/0xc0 [ 14.849322] ? __pfx_kthread+0x10/0x10 [ 14.849343] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.849365] ? calculate_sigpending+0x7b/0xa0 [ 14.849400] ? __pfx_kthread+0x10/0x10 [ 14.849422] ret_from_fork+0x116/0x1d0 [ 14.849442] ? __pfx_kthread+0x10/0x10 [ 14.849472] ret_from_fork_asm+0x1a/0x30 [ 14.849504] </TASK> [ 14.849516] [ 14.857076] Allocated by task 282: [ 14.857259] kasan_save_stack+0x45/0x70 [ 14.857457] kasan_save_track+0x18/0x40 [ 14.857649] kasan_save_alloc_info+0x3b/0x50 [ 14.857820] __kasan_kmalloc+0xb7/0xc0 [ 14.858028] __kmalloc_cache_noprof+0x189/0x420 [ 14.858187] kasan_atomics+0x95/0x310 [ 14.858368] kunit_try_run_case+0x1a5/0x480 [ 14.858607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.858871] kthread+0x337/0x6f0 [ 14.859047] ret_from_fork+0x116/0x1d0 [ 14.859218] ret_from_fork_asm+0x1a/0x30 [ 14.859422] [ 14.859516] The buggy address belongs to the object at ffff8881033c5500 [ 14.859516] which belongs to the cache kmalloc-64 of size 64 [ 14.860097] The buggy address is located 0 bytes to the right of [ 14.860097] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.860619] [ 14.860712] The buggy address belongs to the physical page: [ 14.860946] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.861289] flags: 0x200000000000000(node=0|zone=2) [ 14.861526] page_type: f5(slab) [ 14.861677] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.862005] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.862337] page dumped because: kasan: bad access detected [ 14.862582] [ 14.862694] Memory state around the buggy address: [ 14.862880] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.863107] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.863323] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.863612] ^ [ 14.863857] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.864202] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.864457] ================================================================== [ 14.696344] ================================================================== [ 14.696647] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 14.697380] Read of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.697743] [ 14.697869] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.697916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.697929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.697951] Call Trace: [ 14.697970] <TASK> [ 14.697988] dump_stack_lvl+0x73/0xb0 [ 14.698032] print_report+0xd1/0x650 [ 14.698056] ? __virt_addr_valid+0x1db/0x2d0 [ 14.698082] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.698104] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.698126] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.698149] kasan_report+0x141/0x180 [ 14.698171] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.698198] __asan_report_load4_noabort+0x18/0x20 [ 14.698223] kasan_atomics_helper+0x49e8/0x5450 [ 14.698247] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.698269] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.698295] ? trace_hardirqs_on+0x37/0xe0 [ 14.698318] ? kasan_atomics+0x152/0x310 [ 14.698345] kasan_atomics+0x1dc/0x310 [ 14.698368] ? __pfx_kasan_atomics+0x10/0x10 [ 14.698392] ? __pfx_kasan_atomics+0x10/0x10 [ 14.698419] kunit_try_run_case+0x1a5/0x480 [ 14.698444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.698466] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.698491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.698514] ? __kthread_parkme+0x82/0x180 [ 14.698535] ? preempt_count_sub+0x50/0x80 [ 14.698560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.698583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.698607] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.698631] kthread+0x337/0x6f0 [ 14.698662] ? trace_preempt_on+0x20/0xc0 [ 14.698684] ? __pfx_kthread+0x10/0x10 [ 14.698706] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.698728] ? calculate_sigpending+0x7b/0xa0 [ 14.698752] ? __pfx_kthread+0x10/0x10 [ 14.698774] ret_from_fork+0x116/0x1d0 [ 14.698795] ? __pfx_kthread+0x10/0x10 [ 14.698816] ret_from_fork_asm+0x1a/0x30 [ 14.698848] </TASK> [ 14.698860] [ 14.707315] Allocated by task 282: [ 14.707450] kasan_save_stack+0x45/0x70 [ 14.707599] kasan_save_track+0x18/0x40 [ 14.707776] kasan_save_alloc_info+0x3b/0x50 [ 14.707999] __kasan_kmalloc+0xb7/0xc0 [ 14.708198] __kmalloc_cache_noprof+0x189/0x420 [ 14.708418] kasan_atomics+0x95/0x310 [ 14.708603] kunit_try_run_case+0x1a5/0x480 [ 14.708797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.708973] kthread+0x337/0x6f0 [ 14.709585] ret_from_fork+0x116/0x1d0 [ 14.709809] ret_from_fork_asm+0x1a/0x30 [ 14.710009] [ 14.710115] The buggy address belongs to the object at ffff8881033c5500 [ 14.710115] which belongs to the cache kmalloc-64 of size 64 [ 14.710573] The buggy address is located 0 bytes to the right of [ 14.710573] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.711139] [ 14.711216] The buggy address belongs to the physical page: [ 14.711438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.711817] flags: 0x200000000000000(node=0|zone=2) [ 14.712041] page_type: f5(slab) [ 14.712186] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.712422] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.712758] page dumped because: kasan: bad access detected [ 14.713030] [ 14.713127] Memory state around the buggy address: [ 14.713309] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.713526] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.714105] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.714388] ^ [ 14.714600] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.714916] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.715150] ================================================================== [ 15.320042] ================================================================== [ 15.320607] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 15.321044] Read of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.321412] [ 15.321509] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.321555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.321569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.321592] Call Trace: [ 15.321609] <TASK> [ 15.321833] dump_stack_lvl+0x73/0xb0 [ 15.321872] print_report+0xd1/0x650 [ 15.321896] ? __virt_addr_valid+0x1db/0x2d0 [ 15.321922] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.321944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.321968] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.321991] kasan_report+0x141/0x180 [ 15.322013] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.322053] __asan_report_load8_noabort+0x18/0x20 [ 15.322079] kasan_atomics_helper+0x4fa5/0x5450 [ 15.322103] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.322126] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.322152] ? trace_hardirqs_on+0x37/0xe0 [ 15.322175] ? kasan_atomics+0x152/0x310 [ 15.322203] kasan_atomics+0x1dc/0x310 [ 15.322226] ? __pfx_kasan_atomics+0x10/0x10 [ 15.322249] ? __pfx_kasan_atomics+0x10/0x10 [ 15.322277] kunit_try_run_case+0x1a5/0x480 [ 15.322302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.322325] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.322350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.322374] ? __kthread_parkme+0x82/0x180 [ 15.322396] ? preempt_count_sub+0x50/0x80 [ 15.322421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.322446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.322470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.322494] kthread+0x337/0x6f0 [ 15.322514] ? trace_preempt_on+0x20/0xc0 [ 15.322537] ? __pfx_kthread+0x10/0x10 [ 15.322558] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.322580] ? calculate_sigpending+0x7b/0xa0 [ 15.322603] ? __pfx_kthread+0x10/0x10 [ 15.322649] ret_from_fork+0x116/0x1d0 [ 15.322669] ? __pfx_kthread+0x10/0x10 [ 15.322690] ret_from_fork_asm+0x1a/0x30 [ 15.322721] </TASK> [ 15.322734] [ 15.332335] Allocated by task 282: [ 15.332524] kasan_save_stack+0x45/0x70 [ 15.332872] kasan_save_track+0x18/0x40 [ 15.333083] kasan_save_alloc_info+0x3b/0x50 [ 15.333283] __kasan_kmalloc+0xb7/0xc0 [ 15.333452] __kmalloc_cache_noprof+0x189/0x420 [ 15.333907] kasan_atomics+0x95/0x310 [ 15.334090] kunit_try_run_case+0x1a5/0x480 [ 15.334390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.334824] kthread+0x337/0x6f0 [ 15.334991] ret_from_fork+0x116/0x1d0 [ 15.335319] ret_from_fork_asm+0x1a/0x30 [ 15.335505] [ 15.335585] The buggy address belongs to the object at ffff8881033c5500 [ 15.335585] which belongs to the cache kmalloc-64 of size 64 [ 15.336265] The buggy address is located 0 bytes to the right of [ 15.336265] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.336939] [ 15.337050] The buggy address belongs to the physical page: [ 15.337394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.337851] flags: 0x200000000000000(node=0|zone=2) [ 15.338165] page_type: f5(slab) [ 15.338338] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.338789] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.339181] page dumped because: kasan: bad access detected [ 15.339382] [ 15.339553] Memory state around the buggy address: [ 15.339903] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.340238] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.340547] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.341013] ^ [ 15.341316] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.341580] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.342004] ================================================================== [ 15.061425] ================================================================== [ 15.062126] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 15.062554] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.063004] [ 15.063303] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.063354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.063367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.063390] Call Trace: [ 15.063407] <TASK> [ 15.063424] dump_stack_lvl+0x73/0xb0 [ 15.063454] print_report+0xd1/0x650 [ 15.063478] ? __virt_addr_valid+0x1db/0x2d0 [ 15.063503] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.063525] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.063547] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.063766] kasan_report+0x141/0x180 [ 15.063795] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.063823] kasan_check_range+0x10c/0x1c0 [ 15.063849] __kasan_check_write+0x18/0x20 [ 15.063869] kasan_atomics_helper+0x1c18/0x5450 [ 15.063893] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.063915] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.063942] ? trace_hardirqs_on+0x37/0xe0 [ 15.063965] ? kasan_atomics+0x152/0x310 [ 15.063993] kasan_atomics+0x1dc/0x310 [ 15.064016] ? __pfx_kasan_atomics+0x10/0x10 [ 15.064052] ? __pfx_kasan_atomics+0x10/0x10 [ 15.064079] kunit_try_run_case+0x1a5/0x480 [ 15.064103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.064126] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.064155] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.064179] ? __kthread_parkme+0x82/0x180 [ 15.064201] ? preempt_count_sub+0x50/0x80 [ 15.064225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.064249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.064272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.064296] kthread+0x337/0x6f0 [ 15.064317] ? trace_preempt_on+0x20/0xc0 [ 15.064339] ? __pfx_kthread+0x10/0x10 [ 15.064359] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.064382] ? calculate_sigpending+0x7b/0xa0 [ 15.064407] ? __pfx_kthread+0x10/0x10 [ 15.064429] ret_from_fork+0x116/0x1d0 [ 15.064448] ? __pfx_kthread+0x10/0x10 [ 15.064469] ret_from_fork_asm+0x1a/0x30 [ 15.064500] </TASK> [ 15.064513] [ 15.075007] Allocated by task 282: [ 15.075308] kasan_save_stack+0x45/0x70 [ 15.075479] kasan_save_track+0x18/0x40 [ 15.075681] kasan_save_alloc_info+0x3b/0x50 [ 15.076160] __kasan_kmalloc+0xb7/0xc0 [ 15.076480] __kmalloc_cache_noprof+0x189/0x420 [ 15.076705] kasan_atomics+0x95/0x310 [ 15.077070] kunit_try_run_case+0x1a5/0x480 [ 15.077274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.077627] kthread+0x337/0x6f0 [ 15.077776] ret_from_fork+0x116/0x1d0 [ 15.078097] ret_from_fork_asm+0x1a/0x30 [ 15.078390] [ 15.078476] The buggy address belongs to the object at ffff8881033c5500 [ 15.078476] which belongs to the cache kmalloc-64 of size 64 [ 15.079144] The buggy address is located 0 bytes to the right of [ 15.079144] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.079936] [ 15.080039] The buggy address belongs to the physical page: [ 15.080302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.080800] flags: 0x200000000000000(node=0|zone=2) [ 15.081118] page_type: f5(slab) [ 15.081429] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.081795] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.082193] page dumped because: kasan: bad access detected [ 15.082448] [ 15.082528] Memory state around the buggy address: [ 15.082986] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.083302] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.083730] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.084122] ^ [ 15.084316] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.084787] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.085163] ================================================================== [ 14.075517] ================================================================== [ 14.076459] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.077038] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.078070] [ 14.078273] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.078320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.078333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.078365] Call Trace: [ 14.078378] <TASK> [ 14.078396] dump_stack_lvl+0x73/0xb0 [ 14.078438] print_report+0xd1/0x650 [ 14.078461] ? __virt_addr_valid+0x1db/0x2d0 [ 14.078484] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.078505] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.078526] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.078547] kasan_report+0x141/0x180 [ 14.078568] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.078592] __asan_report_store4_noabort+0x1b/0x30 [ 14.078613] kasan_atomics_helper+0x4ba2/0x5450 [ 14.078634] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.078665] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.078690] ? trace_hardirqs_on+0x37/0xe0 [ 14.078711] ? kasan_atomics+0x152/0x310 [ 14.078737] kasan_atomics+0x1dc/0x310 [ 14.078760] ? __pfx_kasan_atomics+0x10/0x10 [ 14.078782] ? __pfx_kasan_atomics+0x10/0x10 [ 14.078808] kunit_try_run_case+0x1a5/0x480 [ 14.078831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.078853] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.078876] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.078899] ? __kthread_parkme+0x82/0x180 [ 14.078919] ? preempt_count_sub+0x50/0x80 [ 14.078942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.078965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.078987] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.079009] kthread+0x337/0x6f0 [ 14.079038] ? trace_preempt_on+0x20/0xc0 [ 14.079059] ? __pfx_kthread+0x10/0x10 [ 14.079079] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.079100] ? calculate_sigpending+0x7b/0xa0 [ 14.079123] ? __pfx_kthread+0x10/0x10 [ 14.079144] ret_from_fork+0x116/0x1d0 [ 14.079163] ? __pfx_kthread+0x10/0x10 [ 14.079182] ret_from_fork_asm+0x1a/0x30 [ 14.079212] </TASK> [ 14.079224] [ 14.092476] Allocated by task 282: [ 14.092917] kasan_save_stack+0x45/0x70 [ 14.093320] kasan_save_track+0x18/0x40 [ 14.093685] kasan_save_alloc_info+0x3b/0x50 [ 14.094174] __kasan_kmalloc+0xb7/0xc0 [ 14.094309] __kmalloc_cache_noprof+0x189/0x420 [ 14.094695] kasan_atomics+0x95/0x310 [ 14.095060] kunit_try_run_case+0x1a5/0x480 [ 14.095448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.095912] kthread+0x337/0x6f0 [ 14.096315] ret_from_fork+0x116/0x1d0 [ 14.096456] ret_from_fork_asm+0x1a/0x30 [ 14.096595] [ 14.096785] The buggy address belongs to the object at ffff8881033c5500 [ 14.096785] which belongs to the cache kmalloc-64 of size 64 [ 14.097902] The buggy address is located 0 bytes to the right of [ 14.097902] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.099157] [ 14.099344] The buggy address belongs to the physical page: [ 14.099760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.100184] flags: 0x200000000000000(node=0|zone=2) [ 14.100354] page_type: f5(slab) [ 14.100475] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.100724] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.101162] page dumped because: kasan: bad access detected [ 14.101367] [ 14.101461] Memory state around the buggy address: [ 14.101733] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.102036] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.102473] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.102770] ^ [ 14.103239] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.103535] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.103878] ================================================================== [ 14.201379] ================================================================== [ 14.202172] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 14.202519] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.202867] [ 14.203070] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.203119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.203133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.203156] Call Trace: [ 14.203175] <TASK> [ 14.203194] dump_stack_lvl+0x73/0xb0 [ 14.203236] print_report+0xd1/0x650 [ 14.203261] ? __virt_addr_valid+0x1db/0x2d0 [ 14.203287] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.203321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.203344] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.203366] kasan_report+0x141/0x180 [ 14.203388] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.203414] __asan_report_store4_noabort+0x1b/0x30 [ 14.203444] kasan_atomics_helper+0x4b3a/0x5450 [ 14.203467] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.203490] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.203526] ? trace_hardirqs_on+0x37/0xe0 [ 14.203549] ? kasan_atomics+0x152/0x310 [ 14.203577] kasan_atomics+0x1dc/0x310 [ 14.203600] ? __pfx_kasan_atomics+0x10/0x10 [ 14.203624] ? __pfx_kasan_atomics+0x10/0x10 [ 14.203671] kunit_try_run_case+0x1a5/0x480 [ 14.203696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.203718] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.203754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.203778] ? __kthread_parkme+0x82/0x180 [ 14.203799] ? preempt_count_sub+0x50/0x80 [ 14.203823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.203847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.203871] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.203894] kthread+0x337/0x6f0 [ 14.203914] ? trace_preempt_on+0x20/0xc0 [ 14.203936] ? __pfx_kthread+0x10/0x10 [ 14.203957] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.203978] ? calculate_sigpending+0x7b/0xa0 [ 14.204003] ? __pfx_kthread+0x10/0x10 [ 14.204033] ret_from_fork+0x116/0x1d0 [ 14.204053] ? __pfx_kthread+0x10/0x10 [ 14.204074] ret_from_fork_asm+0x1a/0x30 [ 14.204107] </TASK> [ 14.204119] [ 14.211462] Allocated by task 282: [ 14.211660] kasan_save_stack+0x45/0x70 [ 14.211861] kasan_save_track+0x18/0x40 [ 14.212102] kasan_save_alloc_info+0x3b/0x50 [ 14.212311] __kasan_kmalloc+0xb7/0xc0 [ 14.212447] __kmalloc_cache_noprof+0x189/0x420 [ 14.212604] kasan_atomics+0x95/0x310 [ 14.212973] kunit_try_run_case+0x1a5/0x480 [ 14.213191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.213517] kthread+0x337/0x6f0 [ 14.213770] ret_from_fork+0x116/0x1d0 [ 14.213940] ret_from_fork_asm+0x1a/0x30 [ 14.214093] [ 14.214191] The buggy address belongs to the object at ffff8881033c5500 [ 14.214191] which belongs to the cache kmalloc-64 of size 64 [ 14.214768] The buggy address is located 0 bytes to the right of [ 14.214768] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.215284] [ 14.215395] The buggy address belongs to the physical page: [ 14.215580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.215982] flags: 0x200000000000000(node=0|zone=2) [ 14.216192] page_type: f5(slab) [ 14.216314] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.216627] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.217002] page dumped because: kasan: bad access detected [ 14.217246] [ 14.217344] Memory state around the buggy address: [ 14.217576] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.217906] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.218219] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.218508] ^ [ 14.218769] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.218988] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.219321] ================================================================== [ 14.295532] ================================================================== [ 14.296212] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.296459] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.296715] [ 14.296923] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.296968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.296981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.297004] Call Trace: [ 14.297035] <TASK> [ 14.297054] dump_stack_lvl+0x73/0xb0 [ 14.297083] print_report+0xd1/0x650 [ 14.297108] ? __virt_addr_valid+0x1db/0x2d0 [ 14.297133] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.297166] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.297189] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.297213] kasan_report+0x141/0x180 [ 14.297248] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.297274] kasan_check_range+0x10c/0x1c0 [ 14.297299] __kasan_check_write+0x18/0x20 [ 14.297319] kasan_atomics_helper+0x7c7/0x5450 [ 14.297342] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.297365] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.297391] ? trace_hardirqs_on+0x37/0xe0 [ 14.297415] ? kasan_atomics+0x152/0x310 [ 14.297442] kasan_atomics+0x1dc/0x310 [ 14.297466] ? __pfx_kasan_atomics+0x10/0x10 [ 14.297490] ? __pfx_kasan_atomics+0x10/0x10 [ 14.297517] kunit_try_run_case+0x1a5/0x480 [ 14.297542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.297565] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.297591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.297613] ? __kthread_parkme+0x82/0x180 [ 14.297635] ? preempt_count_sub+0x50/0x80 [ 14.297660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.297683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.297707] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.297740] kthread+0x337/0x6f0 [ 14.297759] ? trace_preempt_on+0x20/0xc0 [ 14.297782] ? __pfx_kthread+0x10/0x10 [ 14.297813] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.297835] ? calculate_sigpending+0x7b/0xa0 [ 14.297859] ? __pfx_kthread+0x10/0x10 [ 14.297881] ret_from_fork+0x116/0x1d0 [ 14.297900] ? __pfx_kthread+0x10/0x10 [ 14.297921] ret_from_fork_asm+0x1a/0x30 [ 14.297952] </TASK> [ 14.297965] [ 14.305268] Allocated by task 282: [ 14.305495] kasan_save_stack+0x45/0x70 [ 14.305758] kasan_save_track+0x18/0x40 [ 14.305974] kasan_save_alloc_info+0x3b/0x50 [ 14.306205] __kasan_kmalloc+0xb7/0xc0 [ 14.306412] __kmalloc_cache_noprof+0x189/0x420 [ 14.306707] kasan_atomics+0x95/0x310 [ 14.306902] kunit_try_run_case+0x1a5/0x480 [ 14.307109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.307406] kthread+0x337/0x6f0 [ 14.307600] ret_from_fork+0x116/0x1d0 [ 14.307838] ret_from_fork_asm+0x1a/0x30 [ 14.307976] [ 14.308065] The buggy address belongs to the object at ffff8881033c5500 [ 14.308065] which belongs to the cache kmalloc-64 of size 64 [ 14.308771] The buggy address is located 0 bytes to the right of [ 14.308771] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.309298] [ 14.309400] The buggy address belongs to the physical page: [ 14.309761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.310123] flags: 0x200000000000000(node=0|zone=2) [ 14.310403] page_type: f5(slab) [ 14.310571] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.311012] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.311360] page dumped because: kasan: bad access detected [ 14.311615] [ 14.311785] Memory state around the buggy address: [ 14.312014] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.312360] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.312693] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.312971] ^ [ 14.313247] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.313609] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.313906] ================================================================== [ 14.433531] ================================================================== [ 14.433900] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 14.434401] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.434862] [ 14.435095] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.435142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.435168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.435190] Call Trace: [ 14.435211] <TASK> [ 14.435230] dump_stack_lvl+0x73/0xb0 [ 14.435271] print_report+0xd1/0x650 [ 14.435295] ? __virt_addr_valid+0x1db/0x2d0 [ 14.435320] ? kasan_atomics_helper+0xc70/0x5450 [ 14.435341] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.435364] ? kasan_atomics_helper+0xc70/0x5450 [ 14.435388] kasan_report+0x141/0x180 [ 14.435410] ? kasan_atomics_helper+0xc70/0x5450 [ 14.435436] kasan_check_range+0x10c/0x1c0 [ 14.435460] __kasan_check_write+0x18/0x20 [ 14.435479] kasan_atomics_helper+0xc70/0x5450 [ 14.435502] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.435525] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.435550] ? trace_hardirqs_on+0x37/0xe0 [ 14.435573] ? kasan_atomics+0x152/0x310 [ 14.435600] kasan_atomics+0x1dc/0x310 [ 14.435623] ? __pfx_kasan_atomics+0x10/0x10 [ 14.435647] ? __pfx_kasan_atomics+0x10/0x10 [ 14.435674] kunit_try_run_case+0x1a5/0x480 [ 14.435699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.435721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.435745] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.435769] ? __kthread_parkme+0x82/0x180 [ 14.435790] ? preempt_count_sub+0x50/0x80 [ 14.435814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.435838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.435862] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.435885] kthread+0x337/0x6f0 [ 14.435907] ? trace_preempt_on+0x20/0xc0 [ 14.435929] ? __pfx_kthread+0x10/0x10 [ 14.435950] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.435971] ? calculate_sigpending+0x7b/0xa0 [ 14.435995] ? __pfx_kthread+0x10/0x10 [ 14.436018] ret_from_fork+0x116/0x1d0 [ 14.436046] ? __pfx_kthread+0x10/0x10 [ 14.436068] ret_from_fork_asm+0x1a/0x30 [ 14.436099] </TASK> [ 14.436112] [ 14.443727] Allocated by task 282: [ 14.443896] kasan_save_stack+0x45/0x70 [ 14.444052] kasan_save_track+0x18/0x40 [ 14.444196] kasan_save_alloc_info+0x3b/0x50 [ 14.444547] __kasan_kmalloc+0xb7/0xc0 [ 14.444850] __kmalloc_cache_noprof+0x189/0x420 [ 14.445109] kasan_atomics+0x95/0x310 [ 14.445270] kunit_try_run_case+0x1a5/0x480 [ 14.445458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.445717] kthread+0x337/0x6f0 [ 14.445882] ret_from_fork+0x116/0x1d0 [ 14.446015] ret_from_fork_asm+0x1a/0x30 [ 14.446226] [ 14.446322] The buggy address belongs to the object at ffff8881033c5500 [ 14.446322] which belongs to the cache kmalloc-64 of size 64 [ 14.446848] The buggy address is located 0 bytes to the right of [ 14.446848] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.447372] [ 14.447470] The buggy address belongs to the physical page: [ 14.447733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.448082] flags: 0x200000000000000(node=0|zone=2) [ 14.448320] page_type: f5(slab) [ 14.448477] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.448810] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.449051] page dumped because: kasan: bad access detected [ 14.449224] [ 14.449293] Memory state around the buggy address: [ 14.449448] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.449770] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.450094] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.450670] ^ [ 14.450827] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.451059] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.451282] ================================================================== [ 14.219887] ================================================================== [ 14.220438] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.220824] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.221169] [ 14.221289] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.221335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.221360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.221382] Call Trace: [ 14.221397] <TASK> [ 14.221413] dump_stack_lvl+0x73/0xb0 [ 14.221442] print_report+0xd1/0x650 [ 14.221465] ? __virt_addr_valid+0x1db/0x2d0 [ 14.221499] ? kasan_atomics_helper+0x565/0x5450 [ 14.221521] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.221545] ? kasan_atomics_helper+0x565/0x5450 [ 14.221578] kasan_report+0x141/0x180 [ 14.221602] ? kasan_atomics_helper+0x565/0x5450 [ 14.221628] kasan_check_range+0x10c/0x1c0 [ 14.221665] __kasan_check_write+0x18/0x20 [ 14.221685] kasan_atomics_helper+0x565/0x5450 [ 14.221709] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.221734] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.221760] ? trace_hardirqs_on+0x37/0xe0 [ 14.221785] ? kasan_atomics+0x152/0x310 [ 14.221812] kasan_atomics+0x1dc/0x310 [ 14.221836] ? __pfx_kasan_atomics+0x10/0x10 [ 14.221860] ? __pfx_kasan_atomics+0x10/0x10 [ 14.221886] kunit_try_run_case+0x1a5/0x480 [ 14.221911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.221933] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.221959] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.221982] ? __kthread_parkme+0x82/0x180 [ 14.222003] ? preempt_count_sub+0x50/0x80 [ 14.222037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.222061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.222094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.222118] kthread+0x337/0x6f0 [ 14.222138] ? trace_preempt_on+0x20/0xc0 [ 14.222170] ? __pfx_kthread+0x10/0x10 [ 14.222192] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.222215] ? calculate_sigpending+0x7b/0xa0 [ 14.222238] ? __pfx_kthread+0x10/0x10 [ 14.222261] ret_from_fork+0x116/0x1d0 [ 14.222280] ? __pfx_kthread+0x10/0x10 [ 14.222301] ret_from_fork_asm+0x1a/0x30 [ 14.222332] </TASK> [ 14.222346] [ 14.230088] Allocated by task 282: [ 14.230302] kasan_save_stack+0x45/0x70 [ 14.230512] kasan_save_track+0x18/0x40 [ 14.230699] kasan_save_alloc_info+0x3b/0x50 [ 14.230948] __kasan_kmalloc+0xb7/0xc0 [ 14.231129] __kmalloc_cache_noprof+0x189/0x420 [ 14.231352] kasan_atomics+0x95/0x310 [ 14.231542] kunit_try_run_case+0x1a5/0x480 [ 14.231741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.232003] kthread+0x337/0x6f0 [ 14.232138] ret_from_fork+0x116/0x1d0 [ 14.232276] ret_from_fork_asm+0x1a/0x30 [ 14.232496] [ 14.232591] The buggy address belongs to the object at ffff8881033c5500 [ 14.232591] which belongs to the cache kmalloc-64 of size 64 [ 14.233010] The buggy address is located 0 bytes to the right of [ 14.233010] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.233546] [ 14.233664] The buggy address belongs to the physical page: [ 14.233902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.234244] flags: 0x200000000000000(node=0|zone=2) [ 14.234427] page_type: f5(slab) [ 14.234551] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.234784] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.235012] page dumped because: kasan: bad access detected [ 14.235333] [ 14.235466] Memory state around the buggy address: [ 14.235749] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.236077] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.236353] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.236568] ^ [ 14.236938] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.237288] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.237630] ================================================================== [ 15.151396] ================================================================== [ 15.151708] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 15.151986] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.152392] [ 15.152510] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.152877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.152891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.152914] Call Trace: [ 15.152931] <TASK> [ 15.152947] dump_stack_lvl+0x73/0xb0 [ 15.152977] print_report+0xd1/0x650 [ 15.153000] ? __virt_addr_valid+0x1db/0x2d0 [ 15.153036] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.153058] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.153081] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.153104] kasan_report+0x141/0x180 [ 15.153126] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.153153] kasan_check_range+0x10c/0x1c0 [ 15.153178] __kasan_check_write+0x18/0x20 [ 15.153197] kasan_atomics_helper+0x1e12/0x5450 [ 15.153221] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.153266] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.153291] ? trace_hardirqs_on+0x37/0xe0 [ 15.153314] ? kasan_atomics+0x152/0x310 [ 15.153341] kasan_atomics+0x1dc/0x310 [ 15.153365] ? __pfx_kasan_atomics+0x10/0x10 [ 15.153389] ? __pfx_kasan_atomics+0x10/0x10 [ 15.153416] kunit_try_run_case+0x1a5/0x480 [ 15.153440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.153462] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.153508] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.153532] ? __kthread_parkme+0x82/0x180 [ 15.153553] ? preempt_count_sub+0x50/0x80 [ 15.153577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.153601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.153624] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.153658] kthread+0x337/0x6f0 [ 15.153679] ? trace_preempt_on+0x20/0xc0 [ 15.153701] ? __pfx_kthread+0x10/0x10 [ 15.153722] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.153744] ? calculate_sigpending+0x7b/0xa0 [ 15.153768] ? __pfx_kthread+0x10/0x10 [ 15.153790] ret_from_fork+0x116/0x1d0 [ 15.153809] ? __pfx_kthread+0x10/0x10 [ 15.153830] ret_from_fork_asm+0x1a/0x30 [ 15.153861] </TASK> [ 15.153873] [ 15.162346] Allocated by task 282: [ 15.162562] kasan_save_stack+0x45/0x70 [ 15.162770] kasan_save_track+0x18/0x40 [ 15.163135] kasan_save_alloc_info+0x3b/0x50 [ 15.163372] __kasan_kmalloc+0xb7/0xc0 [ 15.163507] __kmalloc_cache_noprof+0x189/0x420 [ 15.163664] kasan_atomics+0x95/0x310 [ 15.163798] kunit_try_run_case+0x1a5/0x480 [ 15.164001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.164275] kthread+0x337/0x6f0 [ 15.164449] ret_from_fork+0x116/0x1d0 [ 15.164637] ret_from_fork_asm+0x1a/0x30 [ 15.165013] [ 15.165102] The buggy address belongs to the object at ffff8881033c5500 [ 15.165102] which belongs to the cache kmalloc-64 of size 64 [ 15.165542] The buggy address is located 0 bytes to the right of [ 15.165542] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.166071] [ 15.166206] The buggy address belongs to the physical page: [ 15.166465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.166869] flags: 0x200000000000000(node=0|zone=2) [ 15.167144] page_type: f5(slab) [ 15.167267] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.167491] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.167755] page dumped because: kasan: bad access detected [ 15.168077] [ 15.168207] Memory state around the buggy address: [ 15.168557] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.169089] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.169393] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.169703] ^ [ 15.169895] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.170240] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.170448] ================================================================== [ 14.355184] ================================================================== [ 14.355521] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 14.356031] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.356265] [ 14.356353] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.356396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.356410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.356464] Call Trace: [ 14.356484] <TASK> [ 14.356517] dump_stack_lvl+0x73/0xb0 [ 14.356592] print_report+0xd1/0x650 [ 14.356617] ? __virt_addr_valid+0x1db/0x2d0 [ 14.356661] ? kasan_atomics_helper+0x992/0x5450 [ 14.356709] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.356732] ? kasan_atomics_helper+0x992/0x5450 [ 14.356753] kasan_report+0x141/0x180 [ 14.356788] ? kasan_atomics_helper+0x992/0x5450 [ 14.356814] kasan_check_range+0x10c/0x1c0 [ 14.356838] __kasan_check_write+0x18/0x20 [ 14.356858] kasan_atomics_helper+0x992/0x5450 [ 14.356881] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.356904] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.356929] ? trace_hardirqs_on+0x37/0xe0 [ 14.356976] ? kasan_atomics+0x152/0x310 [ 14.357002] kasan_atomics+0x1dc/0x310 [ 14.357042] ? __pfx_kasan_atomics+0x10/0x10 [ 14.357066] ? __pfx_kasan_atomics+0x10/0x10 [ 14.357093] kunit_try_run_case+0x1a5/0x480 [ 14.357143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.357166] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.357191] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.357225] ? __kthread_parkme+0x82/0x180 [ 14.357247] ? preempt_count_sub+0x50/0x80 [ 14.357297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.357321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.357346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.357380] kthread+0x337/0x6f0 [ 14.357417] ? trace_preempt_on+0x20/0xc0 [ 14.357449] ? __pfx_kthread+0x10/0x10 [ 14.357471] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.357492] ? calculate_sigpending+0x7b/0xa0 [ 14.357528] ? __pfx_kthread+0x10/0x10 [ 14.357575] ret_from_fork+0x116/0x1d0 [ 14.357595] ? __pfx_kthread+0x10/0x10 [ 14.357616] ret_from_fork_asm+0x1a/0x30 [ 14.357658] </TASK> [ 14.357670] [ 14.365707] Allocated by task 282: [ 14.365945] kasan_save_stack+0x45/0x70 [ 14.366351] kasan_save_track+0x18/0x40 [ 14.366629] kasan_save_alloc_info+0x3b/0x50 [ 14.366897] __kasan_kmalloc+0xb7/0xc0 [ 14.367044] __kmalloc_cache_noprof+0x189/0x420 [ 14.367198] kasan_atomics+0x95/0x310 [ 14.367430] kunit_try_run_case+0x1a5/0x480 [ 14.367712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.367962] kthread+0x337/0x6f0 [ 14.368150] ret_from_fork+0x116/0x1d0 [ 14.368373] ret_from_fork_asm+0x1a/0x30 [ 14.368575] [ 14.368719] The buggy address belongs to the object at ffff8881033c5500 [ 14.368719] which belongs to the cache kmalloc-64 of size 64 [ 14.369240] The buggy address is located 0 bytes to the right of [ 14.369240] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.369845] [ 14.369950] The buggy address belongs to the physical page: [ 14.370215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.370612] flags: 0x200000000000000(node=0|zone=2) [ 14.370895] page_type: f5(slab) [ 14.371083] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.371465] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.371825] page dumped because: kasan: bad access detected [ 14.372132] [ 14.372230] Memory state around the buggy address: [ 14.372453] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.372765] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.373115] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.373322] ^ [ 14.373470] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.374101] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.374419] ================================================================== [ 14.964445] ================================================================== [ 14.964833] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 14.965176] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.965497] [ 14.965618] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.965664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.965678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.965700] Call Trace: [ 14.965718] <TASK> [ 14.965747] dump_stack_lvl+0x73/0xb0 [ 14.965776] print_report+0xd1/0x650 [ 14.965811] ? __virt_addr_valid+0x1db/0x2d0 [ 14.965836] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.965858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.965881] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.965911] kasan_report+0x141/0x180 [ 14.965934] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.965960] kasan_check_range+0x10c/0x1c0 [ 14.965995] __kasan_check_write+0x18/0x20 [ 14.966015] kasan_atomics_helper+0x18b1/0x5450 [ 14.966047] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.966070] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.966095] ? trace_hardirqs_on+0x37/0xe0 [ 14.966117] ? kasan_atomics+0x152/0x310 [ 14.966145] kasan_atomics+0x1dc/0x310 [ 14.966168] ? __pfx_kasan_atomics+0x10/0x10 [ 14.966191] ? __pfx_kasan_atomics+0x10/0x10 [ 14.966219] kunit_try_run_case+0x1a5/0x480 [ 14.966244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.966266] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.966292] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.966325] ? __kthread_parkme+0x82/0x180 [ 14.966348] ? preempt_count_sub+0x50/0x80 [ 14.966383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.966407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.966431] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.966454] kthread+0x337/0x6f0 [ 14.966475] ? trace_preempt_on+0x20/0xc0 [ 14.966499] ? __pfx_kthread+0x10/0x10 [ 14.966520] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.966542] ? calculate_sigpending+0x7b/0xa0 [ 14.966567] ? __pfx_kthread+0x10/0x10 [ 14.966589] ret_from_fork+0x116/0x1d0 [ 14.966609] ? __pfx_kthread+0x10/0x10 [ 14.966630] ret_from_fork_asm+0x1a/0x30 [ 14.966675] </TASK> [ 14.966687] [ 14.974298] Allocated by task 282: [ 14.974445] kasan_save_stack+0x45/0x70 [ 14.974592] kasan_save_track+0x18/0x40 [ 14.974728] kasan_save_alloc_info+0x3b/0x50 [ 14.974876] __kasan_kmalloc+0xb7/0xc0 [ 14.975087] __kmalloc_cache_noprof+0x189/0x420 [ 14.975311] kasan_atomics+0x95/0x310 [ 14.975497] kunit_try_run_case+0x1a5/0x480 [ 14.975706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.976087] kthread+0x337/0x6f0 [ 14.976214] ret_from_fork+0x116/0x1d0 [ 14.976346] ret_from_fork_asm+0x1a/0x30 [ 14.976495] [ 14.976591] The buggy address belongs to the object at ffff8881033c5500 [ 14.976591] which belongs to the cache kmalloc-64 of size 64 [ 14.977546] The buggy address is located 0 bytes to the right of [ 14.977546] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.977971] [ 14.978057] The buggy address belongs to the physical page: [ 14.978231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.978602] flags: 0x200000000000000(node=0|zone=2) [ 14.979112] page_type: f5(slab) [ 14.979281] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.979571] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.980065] page dumped because: kasan: bad access detected [ 14.980243] [ 14.980314] Memory state around the buggy address: [ 14.980470] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.980849] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.981179] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.981520] ^ [ 14.981915] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.982238] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.982525] ================================================================== [ 15.039874] ================================================================== [ 15.040240] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.040475] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.041016] [ 15.041122] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.041167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.041180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.041203] Call Trace: [ 15.041220] <TASK> [ 15.041238] dump_stack_lvl+0x73/0xb0 [ 15.041266] print_report+0xd1/0x650 [ 15.041290] ? __virt_addr_valid+0x1db/0x2d0 [ 15.041314] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.041336] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.041359] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.041382] kasan_report+0x141/0x180 [ 15.041404] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.041430] kasan_check_range+0x10c/0x1c0 [ 15.041454] __kasan_check_write+0x18/0x20 [ 15.041474] kasan_atomics_helper+0x1b22/0x5450 [ 15.041498] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.041520] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.041546] ? trace_hardirqs_on+0x37/0xe0 [ 15.041570] ? kasan_atomics+0x152/0x310 [ 15.041597] kasan_atomics+0x1dc/0x310 [ 15.041620] ? __pfx_kasan_atomics+0x10/0x10 [ 15.041644] ? __pfx_kasan_atomics+0x10/0x10 [ 15.041697] kunit_try_run_case+0x1a5/0x480 [ 15.041728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.041763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.041789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.041812] ? __kthread_parkme+0x82/0x180 [ 15.041834] ? preempt_count_sub+0x50/0x80 [ 15.041859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.041883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.041907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.041941] kthread+0x337/0x6f0 [ 15.041962] ? trace_preempt_on+0x20/0xc0 [ 15.041985] ? __pfx_kthread+0x10/0x10 [ 15.042016] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.042048] ? calculate_sigpending+0x7b/0xa0 [ 15.042073] ? __pfx_kthread+0x10/0x10 [ 15.042095] ret_from_fork+0x116/0x1d0 [ 15.042114] ? __pfx_kthread+0x10/0x10 [ 15.042135] ret_from_fork_asm+0x1a/0x30 [ 15.042166] </TASK> [ 15.042178] [ 15.050256] Allocated by task 282: [ 15.050459] kasan_save_stack+0x45/0x70 [ 15.050724] kasan_save_track+0x18/0x40 [ 15.050906] kasan_save_alloc_info+0x3b/0x50 [ 15.051079] __kasan_kmalloc+0xb7/0xc0 [ 15.051214] __kmalloc_cache_noprof+0x189/0x420 [ 15.051371] kasan_atomics+0x95/0x310 [ 15.051505] kunit_try_run_case+0x1a5/0x480 [ 15.051774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.052044] kthread+0x337/0x6f0 [ 15.052381] ret_from_fork+0x116/0x1d0 [ 15.052601] ret_from_fork_asm+0x1a/0x30 [ 15.052873] [ 15.052945] The buggy address belongs to the object at ffff8881033c5500 [ 15.052945] which belongs to the cache kmalloc-64 of size 64 [ 15.053595] The buggy address is located 0 bytes to the right of [ 15.053595] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.054104] [ 15.054177] The buggy address belongs to the physical page: [ 15.054350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.054697] flags: 0x200000000000000(node=0|zone=2) [ 15.054964] page_type: f5(slab) [ 15.055162] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.055505] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.056317] page dumped because: kasan: bad access detected [ 15.057029] [ 15.057219] Memory state around the buggy address: [ 15.057410] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.058592] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.058923] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.059378] ^ [ 15.059784] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.060096] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.060485] ================================================================== [ 14.180074] ================================================================== [ 14.180434] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 14.181006] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.181247] [ 14.181335] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.181378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.181390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.181413] Call Trace: [ 14.181431] <TASK> [ 14.181450] dump_stack_lvl+0x73/0xb0 [ 14.181478] print_report+0xd1/0x650 [ 14.181501] ? __virt_addr_valid+0x1db/0x2d0 [ 14.181525] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.181547] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.181570] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.181592] kasan_report+0x141/0x180 [ 14.181615] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.181641] kasan_check_range+0x10c/0x1c0 [ 14.181665] __kasan_check_write+0x18/0x20 [ 14.181684] kasan_atomics_helper+0x4a0/0x5450 [ 14.181708] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.181731] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.181756] ? trace_hardirqs_on+0x37/0xe0 [ 14.181778] ? kasan_atomics+0x152/0x310 [ 14.181805] kasan_atomics+0x1dc/0x310 [ 14.181828] ? __pfx_kasan_atomics+0x10/0x10 [ 14.181852] ? __pfx_kasan_atomics+0x10/0x10 [ 14.181880] kunit_try_run_case+0x1a5/0x480 [ 14.181925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.181948] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.181973] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.182008] ? __kthread_parkme+0x82/0x180 [ 14.182039] ? preempt_count_sub+0x50/0x80 [ 14.182063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.182087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.182110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.182133] kthread+0x337/0x6f0 [ 14.182154] ? trace_preempt_on+0x20/0xc0 [ 14.182176] ? __pfx_kthread+0x10/0x10 [ 14.182198] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.182219] ? calculate_sigpending+0x7b/0xa0 [ 14.182243] ? __pfx_kthread+0x10/0x10 [ 14.182265] ret_from_fork+0x116/0x1d0 [ 14.182285] ? __pfx_kthread+0x10/0x10 [ 14.182305] ret_from_fork_asm+0x1a/0x30 [ 14.182337] </TASK> [ 14.182350] [ 14.190552] Allocated by task 282: [ 14.190779] kasan_save_stack+0x45/0x70 [ 14.190980] kasan_save_track+0x18/0x40 [ 14.191187] kasan_save_alloc_info+0x3b/0x50 [ 14.191358] __kasan_kmalloc+0xb7/0xc0 [ 14.191494] __kmalloc_cache_noprof+0x189/0x420 [ 14.191842] kasan_atomics+0x95/0x310 [ 14.192043] kunit_try_run_case+0x1a5/0x480 [ 14.192194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.192400] kthread+0x337/0x6f0 [ 14.192599] ret_from_fork+0x116/0x1d0 [ 14.192994] ret_from_fork_asm+0x1a/0x30 [ 14.193324] [ 14.193403] The buggy address belongs to the object at ffff8881033c5500 [ 14.193403] which belongs to the cache kmalloc-64 of size 64 [ 14.195788] The buggy address is located 0 bytes to the right of [ 14.195788] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.196267] [ 14.196374] The buggy address belongs to the physical page: [ 14.196661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.196935] flags: 0x200000000000000(node=0|zone=2) [ 14.197215] page_type: f5(slab) [ 14.197385] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.197716] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.198054] page dumped because: kasan: bad access detected [ 14.198318] [ 14.198410] Memory state around the buggy address: [ 14.198630] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.198948] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.199279] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.199592] ^ [ 14.199823] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.200136] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.200456] ================================================================== [ 14.715807] ================================================================== [ 14.716392] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 14.716720] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.717012] [ 14.717115] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.717160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.717173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.717195] Call Trace: [ 14.717212] <TASK> [ 14.717229] dump_stack_lvl+0x73/0xb0 [ 14.717257] print_report+0xd1/0x650 [ 14.717281] ? __virt_addr_valid+0x1db/0x2d0 [ 14.717305] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.717327] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.717349] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.717371] kasan_report+0x141/0x180 [ 14.717394] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.717421] kasan_check_range+0x10c/0x1c0 [ 14.717444] __kasan_check_write+0x18/0x20 [ 14.717464] kasan_atomics_helper+0x12e6/0x5450 [ 14.717487] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.717509] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.717536] ? trace_hardirqs_on+0x37/0xe0 [ 14.717558] ? kasan_atomics+0x152/0x310 [ 14.717585] kasan_atomics+0x1dc/0x310 [ 14.717608] ? __pfx_kasan_atomics+0x10/0x10 [ 14.717631] ? __pfx_kasan_atomics+0x10/0x10 [ 14.717658] kunit_try_run_case+0x1a5/0x480 [ 14.717682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.717708] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.717734] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.717758] ? __kthread_parkme+0x82/0x180 [ 14.717780] ? preempt_count_sub+0x50/0x80 [ 14.717804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.717828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.717852] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.717876] kthread+0x337/0x6f0 [ 14.717895] ? trace_preempt_on+0x20/0xc0 [ 14.717918] ? __pfx_kthread+0x10/0x10 [ 14.717939] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.717961] ? calculate_sigpending+0x7b/0xa0 [ 14.717985] ? __pfx_kthread+0x10/0x10 [ 14.718007] ret_from_fork+0x116/0x1d0 [ 14.718036] ? __pfx_kthread+0x10/0x10 [ 14.718058] ret_from_fork_asm+0x1a/0x30 [ 14.718088] </TASK> [ 14.718102] [ 14.725248] Allocated by task 282: [ 14.725442] kasan_save_stack+0x45/0x70 [ 14.725653] kasan_save_track+0x18/0x40 [ 14.725843] kasan_save_alloc_info+0x3b/0x50 [ 14.726067] __kasan_kmalloc+0xb7/0xc0 [ 14.726258] __kmalloc_cache_noprof+0x189/0x420 [ 14.726483] kasan_atomics+0x95/0x310 [ 14.726653] kunit_try_run_case+0x1a5/0x480 [ 14.726833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.727045] kthread+0x337/0x6f0 [ 14.727212] ret_from_fork+0x116/0x1d0 [ 14.727383] ret_from_fork_asm+0x1a/0x30 [ 14.727555] [ 14.727658] The buggy address belongs to the object at ffff8881033c5500 [ 14.727658] which belongs to the cache kmalloc-64 of size 64 [ 14.728102] The buggy address is located 0 bytes to the right of [ 14.728102] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.728472] [ 14.728546] The buggy address belongs to the physical page: [ 14.728816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.729177] flags: 0x200000000000000(node=0|zone=2) [ 14.729414] page_type: f5(slab) [ 14.729583] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.730037] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.730300] page dumped because: kasan: bad access detected [ 14.730473] [ 14.730546] Memory state around the buggy address: [ 14.730705] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.730989] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.731317] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.731635] ^ [ 14.731860] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.732377] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.732592] ================================================================== [ 14.452231] ================================================================== [ 14.452589] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 14.453241] Read of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.453617] [ 14.453740] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.453785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.453809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.453832] Call Trace: [ 14.453848] <TASK> [ 14.453866] dump_stack_lvl+0x73/0xb0 [ 14.453907] print_report+0xd1/0x650 [ 14.453929] ? __virt_addr_valid+0x1db/0x2d0 [ 14.453954] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.453976] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.453999] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.454032] kasan_report+0x141/0x180 [ 14.454055] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.454081] __asan_report_load4_noabort+0x18/0x20 [ 14.454105] kasan_atomics_helper+0x4a84/0x5450 [ 14.454127] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.454150] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.454184] ? trace_hardirqs_on+0x37/0xe0 [ 14.454208] ? kasan_atomics+0x152/0x310 [ 14.454245] kasan_atomics+0x1dc/0x310 [ 14.454269] ? __pfx_kasan_atomics+0x10/0x10 [ 14.454293] ? __pfx_kasan_atomics+0x10/0x10 [ 14.454329] kunit_try_run_case+0x1a5/0x480 [ 14.454353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.454376] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.454411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.454434] ? __kthread_parkme+0x82/0x180 [ 14.454457] ? preempt_count_sub+0x50/0x80 [ 14.454492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.454518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.454544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.454577] kthread+0x337/0x6f0 [ 14.454598] ? trace_preempt_on+0x20/0xc0 [ 14.454620] ? __pfx_kthread+0x10/0x10 [ 14.454651] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.454672] ? calculate_sigpending+0x7b/0xa0 [ 14.454697] ? __pfx_kthread+0x10/0x10 [ 14.454730] ret_from_fork+0x116/0x1d0 [ 14.454762] ? __pfx_kthread+0x10/0x10 [ 14.454784] ret_from_fork_asm+0x1a/0x30 [ 14.454815] </TASK> [ 14.454827] [ 14.462555] Allocated by task 282: [ 14.462769] kasan_save_stack+0x45/0x70 [ 14.462986] kasan_save_track+0x18/0x40 [ 14.463174] kasan_save_alloc_info+0x3b/0x50 [ 14.463402] __kasan_kmalloc+0xb7/0xc0 [ 14.463553] __kmalloc_cache_noprof+0x189/0x420 [ 14.463852] kasan_atomics+0x95/0x310 [ 14.464000] kunit_try_run_case+0x1a5/0x480 [ 14.464237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.464414] kthread+0x337/0x6f0 [ 14.464537] ret_from_fork+0x116/0x1d0 [ 14.464671] ret_from_fork_asm+0x1a/0x30 [ 14.464811] [ 14.464882] The buggy address belongs to the object at ffff8881033c5500 [ 14.464882] which belongs to the cache kmalloc-64 of size 64 [ 14.465359] The buggy address is located 0 bytes to the right of [ 14.465359] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.466169] [ 14.466269] The buggy address belongs to the physical page: [ 14.466469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.466708] flags: 0x200000000000000(node=0|zone=2) [ 14.466872] page_type: f5(slab) [ 14.466994] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.467233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.467586] page dumped because: kasan: bad access detected [ 14.468089] [ 14.468205] Memory state around the buggy address: [ 14.468455] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.468986] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.469333] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.469630] ^ [ 14.469864] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.470173] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.470389] ================================================================== [ 14.983196] ================================================================== [ 14.983598] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 14.983904] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.984264] [ 14.984381] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.984427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.984441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.984462] Call Trace: [ 14.984478] <TASK> [ 14.984494] dump_stack_lvl+0x73/0xb0 [ 14.984522] print_report+0xd1/0x650 [ 14.984545] ? __virt_addr_valid+0x1db/0x2d0 [ 14.984568] ? kasan_atomics_helper+0x194a/0x5450 [ 14.984590] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.984613] ? kasan_atomics_helper+0x194a/0x5450 [ 14.984636] kasan_report+0x141/0x180 [ 14.984671] ? kasan_atomics_helper+0x194a/0x5450 [ 14.984708] kasan_check_range+0x10c/0x1c0 [ 14.984732] __kasan_check_write+0x18/0x20 [ 14.984763] kasan_atomics_helper+0x194a/0x5450 [ 14.984787] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.984809] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.984834] ? trace_hardirqs_on+0x37/0xe0 [ 14.984867] ? kasan_atomics+0x152/0x310 [ 14.984897] kasan_atomics+0x1dc/0x310 [ 14.984924] ? __pfx_kasan_atomics+0x10/0x10 [ 14.984960] ? __pfx_kasan_atomics+0x10/0x10 [ 14.984988] kunit_try_run_case+0x1a5/0x480 [ 14.985019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.985050] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.985076] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.985112] ? __kthread_parkme+0x82/0x180 [ 14.985133] ? preempt_count_sub+0x50/0x80 [ 14.985159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.985194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.985218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.985243] kthread+0x337/0x6f0 [ 14.985263] ? trace_preempt_on+0x20/0xc0 [ 14.985285] ? __pfx_kthread+0x10/0x10 [ 14.985306] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.985327] ? calculate_sigpending+0x7b/0xa0 [ 14.985352] ? __pfx_kthread+0x10/0x10 [ 14.985374] ret_from_fork+0x116/0x1d0 [ 14.985395] ? __pfx_kthread+0x10/0x10 [ 14.985425] ret_from_fork_asm+0x1a/0x30 [ 14.985456] </TASK> [ 14.985469] [ 14.993335] Allocated by task 282: [ 14.993529] kasan_save_stack+0x45/0x70 [ 14.993696] kasan_save_track+0x18/0x40 [ 14.993875] kasan_save_alloc_info+0x3b/0x50 [ 14.994076] __kasan_kmalloc+0xb7/0xc0 [ 14.994244] __kmalloc_cache_noprof+0x189/0x420 [ 14.994444] kasan_atomics+0x95/0x310 [ 14.994619] kunit_try_run_case+0x1a5/0x480 [ 14.994826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.995070] kthread+0x337/0x6f0 [ 14.995195] ret_from_fork+0x116/0x1d0 [ 14.995330] ret_from_fork_asm+0x1a/0x30 [ 14.995486] [ 14.995620] The buggy address belongs to the object at ffff8881033c5500 [ 14.995620] which belongs to the cache kmalloc-64 of size 64 [ 14.996153] The buggy address is located 0 bytes to the right of [ 14.996153] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.996574] [ 14.996649] The buggy address belongs to the physical page: [ 14.996915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.997311] flags: 0x200000000000000(node=0|zone=2) [ 14.997540] page_type: f5(slab) [ 14.997665] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.997898] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.998137] page dumped because: kasan: bad access detected [ 14.998421] [ 14.998530] Memory state around the buggy address: [ 14.998759] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.999104] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.999465] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.999920] ^ [ 15.000109] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.000404] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.000616] ================================================================== [ 14.375158] ================================================================== [ 14.375564] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 14.375934] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.376293] [ 14.376454] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.376499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.376512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.376560] Call Trace: [ 14.376580] <TASK> [ 14.376599] dump_stack_lvl+0x73/0xb0 [ 14.376640] print_report+0xd1/0x650 [ 14.376664] ? __virt_addr_valid+0x1db/0x2d0 [ 14.376688] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.376736] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.376759] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.376781] kasan_report+0x141/0x180 [ 14.376814] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.376841] kasan_check_range+0x10c/0x1c0 [ 14.376867] __kasan_check_write+0x18/0x20 [ 14.376912] kasan_atomics_helper+0xa2b/0x5450 [ 14.376936] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.376958] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.376994] ? trace_hardirqs_on+0x37/0xe0 [ 14.377018] ? kasan_atomics+0x152/0x310 [ 14.377083] kasan_atomics+0x1dc/0x310 [ 14.377106] ? __pfx_kasan_atomics+0x10/0x10 [ 14.377141] ? __pfx_kasan_atomics+0x10/0x10 [ 14.377169] kunit_try_run_case+0x1a5/0x480 [ 14.377220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.377256] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.377293] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.377318] ? __kthread_parkme+0x82/0x180 [ 14.377341] ? preempt_count_sub+0x50/0x80 [ 14.377378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.377402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.377427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.377463] kthread+0x337/0x6f0 [ 14.377484] ? trace_preempt_on+0x20/0xc0 [ 14.377506] ? __pfx_kthread+0x10/0x10 [ 14.377528] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.377566] ? calculate_sigpending+0x7b/0xa0 [ 14.377604] ? __pfx_kthread+0x10/0x10 [ 14.377626] ret_from_fork+0x116/0x1d0 [ 14.377667] ? __pfx_kthread+0x10/0x10 [ 14.377689] ret_from_fork_asm+0x1a/0x30 [ 14.377721] </TASK> [ 14.377745] [ 14.385696] Allocated by task 282: [ 14.385888] kasan_save_stack+0x45/0x70 [ 14.386095] kasan_save_track+0x18/0x40 [ 14.386284] kasan_save_alloc_info+0x3b/0x50 [ 14.386453] __kasan_kmalloc+0xb7/0xc0 [ 14.386584] __kmalloc_cache_noprof+0x189/0x420 [ 14.387001] kasan_atomics+0x95/0x310 [ 14.387194] kunit_try_run_case+0x1a5/0x480 [ 14.387396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.387703] kthread+0x337/0x6f0 [ 14.387873] ret_from_fork+0x116/0x1d0 [ 14.388073] ret_from_fork_asm+0x1a/0x30 [ 14.388217] [ 14.388288] The buggy address belongs to the object at ffff8881033c5500 [ 14.388288] which belongs to the cache kmalloc-64 of size 64 [ 14.389049] The buggy address is located 0 bytes to the right of [ 14.389049] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.389581] [ 14.389681] The buggy address belongs to the physical page: [ 14.389936] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.390298] flags: 0x200000000000000(node=0|zone=2) [ 14.390551] page_type: f5(slab) [ 14.390779] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.391123] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.391469] page dumped because: kasan: bad access detected [ 14.391749] [ 14.391878] Memory state around the buggy address: [ 14.392149] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.392541] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.392952] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.393270] ^ [ 14.393654] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.393920] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.394725] ================================================================== [ 15.085959] ================================================================== [ 15.086549] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 15.087064] Read of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.087653] [ 15.087777] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.087825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.087852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.087874] Call Trace: [ 15.087893] <TASK> [ 15.087992] dump_stack_lvl+0x73/0xb0 [ 15.088039] print_report+0xd1/0x650 [ 15.088064] ? __virt_addr_valid+0x1db/0x2d0 [ 15.088089] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.088111] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.088135] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.088161] kasan_report+0x141/0x180 [ 15.088183] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.088210] __asan_report_load8_noabort+0x18/0x20 [ 15.088234] kasan_atomics_helper+0x4f30/0x5450 [ 15.088258] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.088280] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.088305] ? trace_hardirqs_on+0x37/0xe0 [ 15.088328] ? kasan_atomics+0x152/0x310 [ 15.088357] kasan_atomics+0x1dc/0x310 [ 15.088380] ? __pfx_kasan_atomics+0x10/0x10 [ 15.088405] ? __pfx_kasan_atomics+0x10/0x10 [ 15.088432] kunit_try_run_case+0x1a5/0x480 [ 15.088456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.088479] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.088503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.088527] ? __kthread_parkme+0x82/0x180 [ 15.088549] ? preempt_count_sub+0x50/0x80 [ 15.088573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.088599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.088622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.088645] kthread+0x337/0x6f0 [ 15.088667] ? trace_preempt_on+0x20/0xc0 [ 15.088688] ? __pfx_kthread+0x10/0x10 [ 15.088709] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.088730] ? calculate_sigpending+0x7b/0xa0 [ 15.088755] ? __pfx_kthread+0x10/0x10 [ 15.088776] ret_from_fork+0x116/0x1d0 [ 15.088795] ? __pfx_kthread+0x10/0x10 [ 15.088816] ret_from_fork_asm+0x1a/0x30 [ 15.088849] </TASK> [ 15.088861] [ 15.099075] Allocated by task 282: [ 15.099277] kasan_save_stack+0x45/0x70 [ 15.099484] kasan_save_track+0x18/0x40 [ 15.100081] kasan_save_alloc_info+0x3b/0x50 [ 15.100302] __kasan_kmalloc+0xb7/0xc0 [ 15.100462] __kmalloc_cache_noprof+0x189/0x420 [ 15.100909] kasan_atomics+0x95/0x310 [ 15.101208] kunit_try_run_case+0x1a5/0x480 [ 15.101513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.101986] kthread+0x337/0x6f0 [ 15.102196] ret_from_fork+0x116/0x1d0 [ 15.102494] ret_from_fork_asm+0x1a/0x30 [ 15.102849] [ 15.102977] The buggy address belongs to the object at ffff8881033c5500 [ 15.102977] which belongs to the cache kmalloc-64 of size 64 [ 15.103799] The buggy address is located 0 bytes to the right of [ 15.103799] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.104425] [ 15.104537] The buggy address belongs to the physical page: [ 15.104954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.105325] flags: 0x200000000000000(node=0|zone=2) [ 15.105549] page_type: f5(slab) [ 15.105988] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.106299] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.106801] page dumped because: kasan: bad access detected [ 15.107156] [ 15.107261] Memory state around the buggy address: [ 15.107631] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.108158] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.108493] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.109065] ^ [ 15.109300] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.109907] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.110318] ================================================================== [ 15.171059] ================================================================== [ 15.171493] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 15.172174] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.172486] [ 15.172591] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.172674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.172689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.172713] Call Trace: [ 15.172733] <TASK> [ 15.172754] dump_stack_lvl+0x73/0xb0 [ 15.172784] print_report+0xd1/0x650 [ 15.172807] ? __virt_addr_valid+0x1db/0x2d0 [ 15.172866] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.172889] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.172911] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.172933] kasan_report+0x141/0x180 [ 15.172957] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.173013] kasan_check_range+0x10c/0x1c0 [ 15.173049] __kasan_check_write+0x18/0x20 [ 15.173069] kasan_atomics_helper+0x1eaa/0x5450 [ 15.173091] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.173114] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.173140] ? trace_hardirqs_on+0x37/0xe0 [ 15.173197] ? kasan_atomics+0x152/0x310 [ 15.173225] kasan_atomics+0x1dc/0x310 [ 15.173248] ? __pfx_kasan_atomics+0x10/0x10 [ 15.173272] ? __pfx_kasan_atomics+0x10/0x10 [ 15.173299] kunit_try_run_case+0x1a5/0x480 [ 15.173354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.173377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.173402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.173425] ? __kthread_parkme+0x82/0x180 [ 15.173446] ? preempt_count_sub+0x50/0x80 [ 15.173500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.173525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.173548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.173572] kthread+0x337/0x6f0 [ 15.173592] ? trace_preempt_on+0x20/0xc0 [ 15.173641] ? __pfx_kthread+0x10/0x10 [ 15.173663] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.173684] ? calculate_sigpending+0x7b/0xa0 [ 15.173708] ? __pfx_kthread+0x10/0x10 [ 15.173730] ret_from_fork+0x116/0x1d0 [ 15.173750] ? __pfx_kthread+0x10/0x10 [ 15.173770] ret_from_fork_asm+0x1a/0x30 [ 15.173801] </TASK> [ 15.173840] [ 15.181927] Allocated by task 282: [ 15.182204] kasan_save_stack+0x45/0x70 [ 15.182424] kasan_save_track+0x18/0x40 [ 15.182589] kasan_save_alloc_info+0x3b/0x50 [ 15.182962] __kasan_kmalloc+0xb7/0xc0 [ 15.183184] __kmalloc_cache_noprof+0x189/0x420 [ 15.183373] kasan_atomics+0x95/0x310 [ 15.183504] kunit_try_run_case+0x1a5/0x480 [ 15.183662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.183915] kthread+0x337/0x6f0 [ 15.184193] ret_from_fork+0x116/0x1d0 [ 15.184396] ret_from_fork_asm+0x1a/0x30 [ 15.184627] [ 15.184719] The buggy address belongs to the object at ffff8881033c5500 [ 15.184719] which belongs to the cache kmalloc-64 of size 64 [ 15.185234] The buggy address is located 0 bytes to the right of [ 15.185234] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.185778] [ 15.185909] The buggy address belongs to the physical page: [ 15.186169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.186529] flags: 0x200000000000000(node=0|zone=2) [ 15.186846] page_type: f5(slab) [ 15.187012] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.187381] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.187633] page dumped because: kasan: bad access detected [ 15.187914] [ 15.188053] Memory state around the buggy address: [ 15.188233] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.188578] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.188947] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.189250] ^ [ 15.189489] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.189842] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.190091] ================================================================== [ 15.248137] ================================================================== [ 15.248485] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 15.248834] Read of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.249130] [ 15.249245] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.249291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.249304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.249326] Call Trace: [ 15.249343] <TASK> [ 15.249360] dump_stack_lvl+0x73/0xb0 [ 15.249387] print_report+0xd1/0x650 [ 15.249410] ? __virt_addr_valid+0x1db/0x2d0 [ 15.249434] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.249455] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.249478] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.249501] kasan_report+0x141/0x180 [ 15.249523] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.249550] __asan_report_load8_noabort+0x18/0x20 [ 15.249575] kasan_atomics_helper+0x4f98/0x5450 [ 15.249599] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.249621] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.249646] ? trace_hardirqs_on+0x37/0xe0 [ 15.249670] ? kasan_atomics+0x152/0x310 [ 15.249698] kasan_atomics+0x1dc/0x310 [ 15.249721] ? __pfx_kasan_atomics+0x10/0x10 [ 15.249745] ? __pfx_kasan_atomics+0x10/0x10 [ 15.249772] kunit_try_run_case+0x1a5/0x480 [ 15.249796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.249818] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.249843] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.249866] ? __kthread_parkme+0x82/0x180 [ 15.249887] ? preempt_count_sub+0x50/0x80 [ 15.249911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.249935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.249958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.249981] kthread+0x337/0x6f0 [ 15.250001] ? trace_preempt_on+0x20/0xc0 [ 15.250058] ? __pfx_kthread+0x10/0x10 [ 15.250080] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.250103] ? calculate_sigpending+0x7b/0xa0 [ 15.250128] ? __pfx_kthread+0x10/0x10 [ 15.250150] ret_from_fork+0x116/0x1d0 [ 15.250169] ? __pfx_kthread+0x10/0x10 [ 15.250190] ret_from_fork_asm+0x1a/0x30 [ 15.250221] </TASK> [ 15.250234] [ 15.257335] Allocated by task 282: [ 15.257515] kasan_save_stack+0x45/0x70 [ 15.257717] kasan_save_track+0x18/0x40 [ 15.257900] kasan_save_alloc_info+0x3b/0x50 [ 15.258101] __kasan_kmalloc+0xb7/0xc0 [ 15.258273] __kmalloc_cache_noprof+0x189/0x420 [ 15.258484] kasan_atomics+0x95/0x310 [ 15.258680] kunit_try_run_case+0x1a5/0x480 [ 15.258886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.259110] kthread+0x337/0x6f0 [ 15.259279] ret_from_fork+0x116/0x1d0 [ 15.259445] ret_from_fork_asm+0x1a/0x30 [ 15.259609] [ 15.259701] The buggy address belongs to the object at ffff8881033c5500 [ 15.259701] which belongs to the cache kmalloc-64 of size 64 [ 15.260227] The buggy address is located 0 bytes to the right of [ 15.260227] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.260671] [ 15.260770] The buggy address belongs to the physical page: [ 15.261035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.261384] flags: 0x200000000000000(node=0|zone=2) [ 15.261614] page_type: f5(slab) [ 15.261799] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.262042] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.262270] page dumped because: kasan: bad access detected [ 15.262442] [ 15.262511] Memory state around the buggy address: [ 15.262764] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.263100] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.263416] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.263702] ^ [ 15.263857] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264081] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264300] ================================================================== [ 15.190596] ================================================================== [ 15.191346] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 15.191735] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.192145] [ 15.192265] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.192312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.192325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.192348] Call Trace: [ 15.192367] <TASK> [ 15.192385] dump_stack_lvl+0x73/0xb0 [ 15.192415] print_report+0xd1/0x650 [ 15.192439] ? __virt_addr_valid+0x1db/0x2d0 [ 15.192464] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.192486] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.192508] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.192531] kasan_report+0x141/0x180 [ 15.192554] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.192580] kasan_check_range+0x10c/0x1c0 [ 15.192604] __kasan_check_write+0x18/0x20 [ 15.192624] kasan_atomics_helper+0x1f43/0x5450 [ 15.192647] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.192670] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.192695] ? trace_hardirqs_on+0x37/0xe0 [ 15.192718] ? kasan_atomics+0x152/0x310 [ 15.192745] kasan_atomics+0x1dc/0x310 [ 15.192768] ? __pfx_kasan_atomics+0x10/0x10 [ 15.192791] ? __pfx_kasan_atomics+0x10/0x10 [ 15.192819] kunit_try_run_case+0x1a5/0x480 [ 15.192844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.192868] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.192893] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.192930] ? __kthread_parkme+0x82/0x180 [ 15.192952] ? preempt_count_sub+0x50/0x80 [ 15.192976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.193000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.193034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.193093] kthread+0x337/0x6f0 [ 15.193139] ? trace_preempt_on+0x20/0xc0 [ 15.193162] ? __pfx_kthread+0x10/0x10 [ 15.193182] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.193204] ? calculate_sigpending+0x7b/0xa0 [ 15.193228] ? __pfx_kthread+0x10/0x10 [ 15.193250] ret_from_fork+0x116/0x1d0 [ 15.193269] ? __pfx_kthread+0x10/0x10 [ 15.193290] ret_from_fork_asm+0x1a/0x30 [ 15.193321] </TASK> [ 15.193333] [ 15.201611] Allocated by task 282: [ 15.201817] kasan_save_stack+0x45/0x70 [ 15.202044] kasan_save_track+0x18/0x40 [ 15.202295] kasan_save_alloc_info+0x3b/0x50 [ 15.202487] __kasan_kmalloc+0xb7/0xc0 [ 15.202642] __kmalloc_cache_noprof+0x189/0x420 [ 15.202890] kasan_atomics+0x95/0x310 [ 15.203084] kunit_try_run_case+0x1a5/0x480 [ 15.203289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.203533] kthread+0x337/0x6f0 [ 15.203651] ret_from_fork+0x116/0x1d0 [ 15.203780] ret_from_fork_asm+0x1a/0x30 [ 15.203976] [ 15.204086] The buggy address belongs to the object at ffff8881033c5500 [ 15.204086] which belongs to the cache kmalloc-64 of size 64 [ 15.204758] The buggy address is located 0 bytes to the right of [ 15.204758] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.205262] [ 15.205396] The buggy address belongs to the physical page: [ 15.205649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.206016] flags: 0x200000000000000(node=0|zone=2) [ 15.206277] page_type: f5(slab) [ 15.206442] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.206846] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.207203] page dumped because: kasan: bad access detected [ 15.207461] [ 15.207550] Memory state around the buggy address: [ 15.207876] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.208207] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.208524] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.208858] ^ [ 15.209085] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.209383] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.209774] ================================================================== [ 14.414315] ================================================================== [ 14.414585] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 14.415119] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.415451] [ 14.415592] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.415637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.415662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.415686] Call Trace: [ 14.415705] <TASK> [ 14.415723] dump_stack_lvl+0x73/0xb0 [ 14.415752] print_report+0xd1/0x650 [ 14.415776] ? __virt_addr_valid+0x1db/0x2d0 [ 14.415802] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.415824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.415846] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.415868] kasan_report+0x141/0x180 [ 14.415902] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.415928] kasan_check_range+0x10c/0x1c0 [ 14.415952] __kasan_check_write+0x18/0x20 [ 14.415985] kasan_atomics_helper+0xb6a/0x5450 [ 14.416007] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.416040] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.416065] ? trace_hardirqs_on+0x37/0xe0 [ 14.416088] ? kasan_atomics+0x152/0x310 [ 14.416115] kasan_atomics+0x1dc/0x310 [ 14.416138] ? __pfx_kasan_atomics+0x10/0x10 [ 14.416168] ? __pfx_kasan_atomics+0x10/0x10 [ 14.416196] kunit_try_run_case+0x1a5/0x480 [ 14.416219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.416242] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.416267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.416290] ? __kthread_parkme+0x82/0x180 [ 14.416311] ? preempt_count_sub+0x50/0x80 [ 14.416335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.416359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.416382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.416406] kthread+0x337/0x6f0 [ 14.416435] ? trace_preempt_on+0x20/0xc0 [ 14.416458] ? __pfx_kthread+0x10/0x10 [ 14.416480] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.416511] ? calculate_sigpending+0x7b/0xa0 [ 14.416536] ? __pfx_kthread+0x10/0x10 [ 14.416559] ret_from_fork+0x116/0x1d0 [ 14.416578] ? __pfx_kthread+0x10/0x10 [ 14.416609] ret_from_fork_asm+0x1a/0x30 [ 14.416639] </TASK> [ 14.416652] [ 14.424552] Allocated by task 282: [ 14.424785] kasan_save_stack+0x45/0x70 [ 14.424970] kasan_save_track+0x18/0x40 [ 14.425181] kasan_save_alloc_info+0x3b/0x50 [ 14.425333] __kasan_kmalloc+0xb7/0xc0 [ 14.425469] __kmalloc_cache_noprof+0x189/0x420 [ 14.425667] kasan_atomics+0x95/0x310 [ 14.425895] kunit_try_run_case+0x1a5/0x480 [ 14.426112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.426348] kthread+0x337/0x6f0 [ 14.426471] ret_from_fork+0x116/0x1d0 [ 14.426604] ret_from_fork_asm+0x1a/0x30 [ 14.426798] [ 14.426893] The buggy address belongs to the object at ffff8881033c5500 [ 14.426893] which belongs to the cache kmalloc-64 of size 64 [ 14.427630] The buggy address is located 0 bytes to the right of [ 14.427630] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.428101] [ 14.428206] The buggy address belongs to the physical page: [ 14.428484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.428812] flags: 0x200000000000000(node=0|zone=2) [ 14.429061] page_type: f5(slab) [ 14.429235] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.429568] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.429946] page dumped because: kasan: bad access detected [ 14.430192] [ 14.430288] Memory state around the buggy address: [ 14.430507] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.430804] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.431032] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.431249] ^ [ 14.431404] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.431744] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.432067] ================================================================== [ 14.471054] ================================================================== [ 14.471410] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 14.471877] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.472208] [ 14.472350] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.472398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.472412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.472434] Call Trace: [ 14.472463] <TASK> [ 14.472480] dump_stack_lvl+0x73/0xb0 [ 14.472509] print_report+0xd1/0x650 [ 14.472545] ? __virt_addr_valid+0x1db/0x2d0 [ 14.472570] ? kasan_atomics_helper+0xd47/0x5450 [ 14.472591] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.472615] ? kasan_atomics_helper+0xd47/0x5450 [ 14.472637] kasan_report+0x141/0x180 [ 14.472670] ? kasan_atomics_helper+0xd47/0x5450 [ 14.472706] kasan_check_range+0x10c/0x1c0 [ 14.472730] __kasan_check_write+0x18/0x20 [ 14.472760] kasan_atomics_helper+0xd47/0x5450 [ 14.472784] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.472807] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.472832] ? trace_hardirqs_on+0x37/0xe0 [ 14.472864] ? kasan_atomics+0x152/0x310 [ 14.472891] kasan_atomics+0x1dc/0x310 [ 14.472914] ? __pfx_kasan_atomics+0x10/0x10 [ 14.472949] ? __pfx_kasan_atomics+0x10/0x10 [ 14.472976] kunit_try_run_case+0x1a5/0x480 [ 14.473001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.473041] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.473066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.473089] ? __kthread_parkme+0x82/0x180 [ 14.473122] ? preempt_count_sub+0x50/0x80 [ 14.473146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.473171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.473203] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.473226] kthread+0x337/0x6f0 [ 14.473246] ? trace_preempt_on+0x20/0xc0 [ 14.473277] ? __pfx_kthread+0x10/0x10 [ 14.473299] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.473320] ? calculate_sigpending+0x7b/0xa0 [ 14.473345] ? __pfx_kthread+0x10/0x10 [ 14.473366] ret_from_fork+0x116/0x1d0 [ 14.473386] ? __pfx_kthread+0x10/0x10 [ 14.473406] ret_from_fork_asm+0x1a/0x30 [ 14.473438] </TASK> [ 14.473450] [ 14.481223] Allocated by task 282: [ 14.481353] kasan_save_stack+0x45/0x70 [ 14.481502] kasan_save_track+0x18/0x40 [ 14.481643] kasan_save_alloc_info+0x3b/0x50 [ 14.481896] __kasan_kmalloc+0xb7/0xc0 [ 14.482097] __kmalloc_cache_noprof+0x189/0x420 [ 14.482319] kasan_atomics+0x95/0x310 [ 14.482536] kunit_try_run_case+0x1a5/0x480 [ 14.482868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.483133] kthread+0x337/0x6f0 [ 14.483322] ret_from_fork+0x116/0x1d0 [ 14.483518] ret_from_fork_asm+0x1a/0x30 [ 14.483659] [ 14.483730] The buggy address belongs to the object at ffff8881033c5500 [ 14.483730] which belongs to the cache kmalloc-64 of size 64 [ 14.484090] The buggy address is located 0 bytes to the right of [ 14.484090] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.484958] [ 14.485069] The buggy address belongs to the physical page: [ 14.485352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.485758] flags: 0x200000000000000(node=0|zone=2) [ 14.486029] page_type: f5(slab) [ 14.486196] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.486432] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.486990] page dumped because: kasan: bad access detected [ 14.487237] [ 14.487309] Memory state around the buggy address: [ 14.487464] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.488641] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.489013] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.489339] ^ [ 14.489563] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.490546] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.491166] ================================================================== [ 15.001609] ================================================================== [ 15.002340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.002831] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.003220] [ 15.003340] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.003388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.003401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.003436] Call Trace: [ 15.003457] <TASK> [ 15.003476] dump_stack_lvl+0x73/0xb0 [ 15.003507] print_report+0xd1/0x650 [ 15.003531] ? __virt_addr_valid+0x1db/0x2d0 [ 15.003556] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.003578] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.003600] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.003623] kasan_report+0x141/0x180 [ 15.003653] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.003689] kasan_check_range+0x10c/0x1c0 [ 15.003714] __kasan_check_write+0x18/0x20 [ 15.003734] kasan_atomics_helper+0x19e3/0x5450 [ 15.003768] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.003790] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.003815] ? trace_hardirqs_on+0x37/0xe0 [ 15.003838] ? kasan_atomics+0x152/0x310 [ 15.003865] kasan_atomics+0x1dc/0x310 [ 15.003888] ? __pfx_kasan_atomics+0x10/0x10 [ 15.003912] ? __pfx_kasan_atomics+0x10/0x10 [ 15.003949] kunit_try_run_case+0x1a5/0x480 [ 15.003973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.003995] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.004039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.004063] ? __kthread_parkme+0x82/0x180 [ 15.004084] ? preempt_count_sub+0x50/0x80 [ 15.004118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.004148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.004172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.004206] kthread+0x337/0x6f0 [ 15.004226] ? trace_preempt_on+0x20/0xc0 [ 15.004248] ? __pfx_kthread+0x10/0x10 [ 15.004270] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.004300] ? calculate_sigpending+0x7b/0xa0 [ 15.004325] ? __pfx_kthread+0x10/0x10 [ 15.004346] ret_from_fork+0x116/0x1d0 [ 15.004376] ? __pfx_kthread+0x10/0x10 [ 15.004397] ret_from_fork_asm+0x1a/0x30 [ 15.004430] </TASK> [ 15.004443] [ 15.012299] Allocated by task 282: [ 15.012481] kasan_save_stack+0x45/0x70 [ 15.012633] kasan_save_track+0x18/0x40 [ 15.012837] kasan_save_alloc_info+0x3b/0x50 [ 15.013065] __kasan_kmalloc+0xb7/0xc0 [ 15.013212] __kmalloc_cache_noprof+0x189/0x420 [ 15.013368] kasan_atomics+0x95/0x310 [ 15.013551] kunit_try_run_case+0x1a5/0x480 [ 15.013934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.014200] kthread+0x337/0x6f0 [ 15.014358] ret_from_fork+0x116/0x1d0 [ 15.014529] ret_from_fork_asm+0x1a/0x30 [ 15.014735] [ 15.014857] The buggy address belongs to the object at ffff8881033c5500 [ 15.014857] which belongs to the cache kmalloc-64 of size 64 [ 15.015373] The buggy address is located 0 bytes to the right of [ 15.015373] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.015905] [ 15.016016] The buggy address belongs to the physical page: [ 15.016228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.016476] flags: 0x200000000000000(node=0|zone=2) [ 15.016649] page_type: f5(slab) [ 15.016774] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.017461] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.017797] page dumped because: kasan: bad access detected [ 15.018061] [ 15.018189] Memory state around the buggy address: [ 15.018362] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.018581] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.019229] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.019546] ^ [ 15.019803] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.020091] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.020312] ================================================================== [ 14.335079] ================================================================== [ 14.335657] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 14.336013] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.336350] [ 14.336497] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.336558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.336585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.336620] Call Trace: [ 14.336638] <TASK> [ 14.336669] dump_stack_lvl+0x73/0xb0 [ 14.336699] print_report+0xd1/0x650 [ 14.336733] ? __virt_addr_valid+0x1db/0x2d0 [ 14.336757] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.336779] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.336814] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.336836] kasan_report+0x141/0x180 [ 14.336860] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.336888] kasan_check_range+0x10c/0x1c0 [ 14.336912] __kasan_check_write+0x18/0x20 [ 14.336960] kasan_atomics_helper+0x8f9/0x5450 [ 14.336983] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.337006] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.337053] ? trace_hardirqs_on+0x37/0xe0 [ 14.337106] ? kasan_atomics+0x152/0x310 [ 14.337134] kasan_atomics+0x1dc/0x310 [ 14.337159] ? __pfx_kasan_atomics+0x10/0x10 [ 14.337194] ? __pfx_kasan_atomics+0x10/0x10 [ 14.337249] kunit_try_run_case+0x1a5/0x480 [ 14.337274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.337297] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.337334] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.337357] ? __kthread_parkme+0x82/0x180 [ 14.337405] ? preempt_count_sub+0x50/0x80 [ 14.337430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.337454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.337490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.337539] kthread+0x337/0x6f0 [ 14.337559] ? trace_preempt_on+0x20/0xc0 [ 14.337582] ? __pfx_kthread+0x10/0x10 [ 14.337613] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.337634] ? calculate_sigpending+0x7b/0xa0 [ 14.337670] ? __pfx_kthread+0x10/0x10 [ 14.337691] ret_from_fork+0x116/0x1d0 [ 14.337737] ? __pfx_kthread+0x10/0x10 [ 14.337759] ret_from_fork_asm+0x1a/0x30 [ 14.337790] </TASK> [ 14.337814] [ 14.346034] Allocated by task 282: [ 14.346188] kasan_save_stack+0x45/0x70 [ 14.346428] kasan_save_track+0x18/0x40 [ 14.346634] kasan_save_alloc_info+0x3b/0x50 [ 14.346873] __kasan_kmalloc+0xb7/0xc0 [ 14.347066] __kmalloc_cache_noprof+0x189/0x420 [ 14.347328] kasan_atomics+0x95/0x310 [ 14.347571] kunit_try_run_case+0x1a5/0x480 [ 14.347802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.348092] kthread+0x337/0x6f0 [ 14.348263] ret_from_fork+0x116/0x1d0 [ 14.348451] ret_from_fork_asm+0x1a/0x30 [ 14.348637] [ 14.348708] The buggy address belongs to the object at ffff8881033c5500 [ 14.348708] which belongs to the cache kmalloc-64 of size 64 [ 14.349076] The buggy address is located 0 bytes to the right of [ 14.349076] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.349682] [ 14.349818] The buggy address belongs to the physical page: [ 14.350085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.350461] flags: 0x200000000000000(node=0|zone=2) [ 14.350799] page_type: f5(slab) [ 14.350978] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.351334] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.351633] page dumped because: kasan: bad access detected [ 14.351900] [ 14.352035] Memory state around the buggy address: [ 14.352250] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.352599] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.352944] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.353267] ^ [ 14.353498] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.354137] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.354479] ================================================================== [ 14.578769] ================================================================== [ 14.579120] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 14.579361] Read of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.579706] [ 14.579859] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.579905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.579918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.579941] Call Trace: [ 14.579959] <TASK> [ 14.579976] dump_stack_lvl+0x73/0xb0 [ 14.580004] print_report+0xd1/0x650 [ 14.580039] ? __virt_addr_valid+0x1db/0x2d0 [ 14.580064] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.580085] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.580109] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.580132] kasan_report+0x141/0x180 [ 14.580158] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.580185] __asan_report_load4_noabort+0x18/0x20 [ 14.580209] kasan_atomics_helper+0x4a36/0x5450 [ 14.580233] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.580255] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.580280] ? trace_hardirqs_on+0x37/0xe0 [ 14.580304] ? kasan_atomics+0x152/0x310 [ 14.580331] kasan_atomics+0x1dc/0x310 [ 14.580355] ? __pfx_kasan_atomics+0x10/0x10 [ 14.580379] ? __pfx_kasan_atomics+0x10/0x10 [ 14.580406] kunit_try_run_case+0x1a5/0x480 [ 14.580431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.580453] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.580478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.580501] ? __kthread_parkme+0x82/0x180 [ 14.580523] ? preempt_count_sub+0x50/0x80 [ 14.580548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.580572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.580596] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.580620] kthread+0x337/0x6f0 [ 14.580640] ? trace_preempt_on+0x20/0xc0 [ 14.580662] ? __pfx_kthread+0x10/0x10 [ 14.580684] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.580705] ? calculate_sigpending+0x7b/0xa0 [ 14.580729] ? __pfx_kthread+0x10/0x10 [ 14.580751] ret_from_fork+0x116/0x1d0 [ 14.580770] ? __pfx_kthread+0x10/0x10 [ 14.580791] ret_from_fork_asm+0x1a/0x30 [ 14.580822] </TASK> [ 14.580835] [ 14.588536] Allocated by task 282: [ 14.588742] kasan_save_stack+0x45/0x70 [ 14.588944] kasan_save_track+0x18/0x40 [ 14.589143] kasan_save_alloc_info+0x3b/0x50 [ 14.589351] __kasan_kmalloc+0xb7/0xc0 [ 14.589546] __kmalloc_cache_noprof+0x189/0x420 [ 14.589773] kasan_atomics+0x95/0x310 [ 14.589954] kunit_try_run_case+0x1a5/0x480 [ 14.590168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.590428] kthread+0x337/0x6f0 [ 14.590601] ret_from_fork+0x116/0x1d0 [ 14.590789] ret_from_fork_asm+0x1a/0x30 [ 14.590972] [ 14.591056] The buggy address belongs to the object at ffff8881033c5500 [ 14.591056] which belongs to the cache kmalloc-64 of size 64 [ 14.591553] The buggy address is located 0 bytes to the right of [ 14.591553] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.592072] [ 14.592176] The buggy address belongs to the physical page: [ 14.592429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.592813] flags: 0x200000000000000(node=0|zone=2) [ 14.592982] page_type: f5(slab) [ 14.593158] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.593522] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.593866] page dumped because: kasan: bad access detected [ 14.594048] [ 14.594143] Memory state around the buggy address: [ 14.594370] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.594802] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.595087] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.595381] ^ [ 14.595540] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.595753] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.595965] ================================================================== [ 14.653986] ================================================================== [ 14.654340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 14.655165] Read of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.655505] [ 14.655627] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.655672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.655705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.655742] Call Trace: [ 14.655761] <TASK> [ 14.655791] dump_stack_lvl+0x73/0xb0 [ 14.655836] print_report+0xd1/0x650 [ 14.655859] ? __virt_addr_valid+0x1db/0x2d0 [ 14.655885] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.655921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.655957] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.655979] kasan_report+0x141/0x180 [ 14.656015] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.656066] __asan_report_load4_noabort+0x18/0x20 [ 14.656091] kasan_atomics_helper+0x4a02/0x5450 [ 14.656115] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.656137] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.656167] ? trace_hardirqs_on+0x37/0xe0 [ 14.656190] ? kasan_atomics+0x152/0x310 [ 14.656218] kasan_atomics+0x1dc/0x310 [ 14.656240] ? __pfx_kasan_atomics+0x10/0x10 [ 14.656265] ? __pfx_kasan_atomics+0x10/0x10 [ 14.656293] kunit_try_run_case+0x1a5/0x480 [ 14.656317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.656340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.656366] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.656390] ? __kthread_parkme+0x82/0x180 [ 14.656411] ? preempt_count_sub+0x50/0x80 [ 14.656436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.656460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.656484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.656508] kthread+0x337/0x6f0 [ 14.656528] ? trace_preempt_on+0x20/0xc0 [ 14.656550] ? __pfx_kthread+0x10/0x10 [ 14.656571] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.656593] ? calculate_sigpending+0x7b/0xa0 [ 14.656618] ? __pfx_kthread+0x10/0x10 [ 14.656652] ret_from_fork+0x116/0x1d0 [ 14.656672] ? __pfx_kthread+0x10/0x10 [ 14.656694] ret_from_fork_asm+0x1a/0x30 [ 14.656725] </TASK> [ 14.656738] [ 14.664303] Allocated by task 282: [ 14.664473] kasan_save_stack+0x45/0x70 [ 14.664705] kasan_save_track+0x18/0x40 [ 14.664911] kasan_save_alloc_info+0x3b/0x50 [ 14.665092] __kasan_kmalloc+0xb7/0xc0 [ 14.665304] __kmalloc_cache_noprof+0x189/0x420 [ 14.665536] kasan_atomics+0x95/0x310 [ 14.665762] kunit_try_run_case+0x1a5/0x480 [ 14.665945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.666159] kthread+0x337/0x6f0 [ 14.666327] ret_from_fork+0x116/0x1d0 [ 14.666536] ret_from_fork_asm+0x1a/0x30 [ 14.666756] [ 14.666871] The buggy address belongs to the object at ffff8881033c5500 [ 14.666871] which belongs to the cache kmalloc-64 of size 64 [ 14.667357] The buggy address is located 0 bytes to the right of [ 14.667357] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.667952] [ 14.668040] The buggy address belongs to the physical page: [ 14.668267] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.668656] flags: 0x200000000000000(node=0|zone=2) [ 14.668888] page_type: f5(slab) [ 14.669036] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.669398] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.669746] page dumped because: kasan: bad access detected [ 14.669955] [ 14.670079] Memory state around the buggy address: [ 14.670316] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.670570] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.671071] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.671358] ^ [ 14.671509] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.671943] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.672282] ================================================================== [ 14.865050] ================================================================== [ 14.865400] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.866002] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.866376] [ 14.866466] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.866510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.866524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.866547] Call Trace: [ 14.866574] <TASK> [ 14.866592] dump_stack_lvl+0x73/0xb0 [ 14.866622] print_report+0xd1/0x650 [ 14.866657] ? __virt_addr_valid+0x1db/0x2d0 [ 14.866682] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.866703] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.866726] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.866749] kasan_report+0x141/0x180 [ 14.866781] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.866808] kasan_check_range+0x10c/0x1c0 [ 14.866832] __kasan_check_write+0x18/0x20 [ 14.866863] kasan_atomics_helper+0x15b6/0x5450 [ 14.866885] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.866909] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.866942] ? trace_hardirqs_on+0x37/0xe0 [ 14.866966] ? kasan_atomics+0x152/0x310 [ 14.866993] kasan_atomics+0x1dc/0x310 [ 14.867034] ? __pfx_kasan_atomics+0x10/0x10 [ 14.867058] ? __pfx_kasan_atomics+0x10/0x10 [ 14.867086] kunit_try_run_case+0x1a5/0x480 [ 14.867120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.867144] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.867168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.867202] ? __kthread_parkme+0x82/0x180 [ 14.867224] ? preempt_count_sub+0x50/0x80 [ 14.867248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.867281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.867305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.867328] kthread+0x337/0x6f0 [ 14.867359] ? trace_preempt_on+0x20/0xc0 [ 14.867382] ? __pfx_kthread+0x10/0x10 [ 14.867404] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.867435] ? calculate_sigpending+0x7b/0xa0 [ 14.867460] ? __pfx_kthread+0x10/0x10 [ 14.867482] ret_from_fork+0x116/0x1d0 [ 14.867512] ? __pfx_kthread+0x10/0x10 [ 14.867533] ret_from_fork_asm+0x1a/0x30 [ 14.867565] </TASK> [ 14.867578] [ 14.875409] Allocated by task 282: [ 14.875592] kasan_save_stack+0x45/0x70 [ 14.875861] kasan_save_track+0x18/0x40 [ 14.876043] kasan_save_alloc_info+0x3b/0x50 [ 14.876202] __kasan_kmalloc+0xb7/0xc0 [ 14.876336] __kmalloc_cache_noprof+0x189/0x420 [ 14.876493] kasan_atomics+0x95/0x310 [ 14.876626] kunit_try_run_case+0x1a5/0x480 [ 14.876773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.876967] kthread+0x337/0x6f0 [ 14.877206] ret_from_fork+0x116/0x1d0 [ 14.877412] ret_from_fork_asm+0x1a/0x30 [ 14.877609] [ 14.877706] The buggy address belongs to the object at ffff8881033c5500 [ 14.877706] which belongs to the cache kmalloc-64 of size 64 [ 14.878243] The buggy address is located 0 bytes to the right of [ 14.878243] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.879173] [ 14.879247] The buggy address belongs to the physical page: [ 14.879418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.879652] flags: 0x200000000000000(node=0|zone=2) [ 14.879822] page_type: f5(slab) [ 14.879991] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.880378] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.880823] page dumped because: kasan: bad access detected [ 14.881110] [ 14.881216] Memory state around the buggy address: [ 14.881477] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.881965] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.882205] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.882427] ^ [ 14.882679] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.882999] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.883309] ================================================================== [ 14.884281] ================================================================== [ 14.884547] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.885349] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.885662] [ 14.885790] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.885836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.885860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.885882] Call Trace: [ 14.885900] <TASK> [ 14.885916] dump_stack_lvl+0x73/0xb0 [ 14.885953] print_report+0xd1/0x650 [ 14.885978] ? __virt_addr_valid+0x1db/0x2d0 [ 14.886003] ? kasan_atomics_helper+0x164f/0x5450 [ 14.886041] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.886064] ? kasan_atomics_helper+0x164f/0x5450 [ 14.886087] kasan_report+0x141/0x180 [ 14.886110] ? kasan_atomics_helper+0x164f/0x5450 [ 14.886146] kasan_check_range+0x10c/0x1c0 [ 14.886171] __kasan_check_write+0x18/0x20 [ 14.886192] kasan_atomics_helper+0x164f/0x5450 [ 14.886226] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.886249] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.886275] ? trace_hardirqs_on+0x37/0xe0 [ 14.886307] ? kasan_atomics+0x152/0x310 [ 14.886334] kasan_atomics+0x1dc/0x310 [ 14.886369] ? __pfx_kasan_atomics+0x10/0x10 [ 14.886393] ? __pfx_kasan_atomics+0x10/0x10 [ 14.886420] kunit_try_run_case+0x1a5/0x480 [ 14.886446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.886469] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.886494] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.886518] ? __kthread_parkme+0x82/0x180 [ 14.886539] ? preempt_count_sub+0x50/0x80 [ 14.886563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.886587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.886611] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.886636] kthread+0x337/0x6f0 [ 14.886665] ? trace_preempt_on+0x20/0xc0 [ 14.886697] ? __pfx_kthread+0x10/0x10 [ 14.886718] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.886740] ? calculate_sigpending+0x7b/0xa0 [ 14.886776] ? __pfx_kthread+0x10/0x10 [ 14.886798] ret_from_fork+0x116/0x1d0 [ 14.886817] ? __pfx_kthread+0x10/0x10 [ 14.886839] ret_from_fork_asm+0x1a/0x30 [ 14.886871] </TASK> [ 14.886884] [ 14.894265] Allocated by task 282: [ 14.894403] kasan_save_stack+0x45/0x70 [ 14.894549] kasan_save_track+0x18/0x40 [ 14.894816] kasan_save_alloc_info+0x3b/0x50 [ 14.895039] __kasan_kmalloc+0xb7/0xc0 [ 14.895260] __kmalloc_cache_noprof+0x189/0x420 [ 14.895531] kasan_atomics+0x95/0x310 [ 14.895756] kunit_try_run_case+0x1a5/0x480 [ 14.895992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.896280] kthread+0x337/0x6f0 [ 14.896477] ret_from_fork+0x116/0x1d0 [ 14.896696] ret_from_fork_asm+0x1a/0x30 [ 14.896893] [ 14.896993] The buggy address belongs to the object at ffff8881033c5500 [ 14.896993] which belongs to the cache kmalloc-64 of size 64 [ 14.897383] The buggy address is located 0 bytes to the right of [ 14.897383] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.898124] [ 14.898235] The buggy address belongs to the physical page: [ 14.898467] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.898775] flags: 0x200000000000000(node=0|zone=2) [ 14.898933] page_type: f5(slab) [ 14.899106] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.899457] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.899783] page dumped because: kasan: bad access detected [ 14.899948] [ 14.900085] Memory state around the buggy address: [ 14.900343] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.900652] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.900960] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.901212] ^ [ 14.901449] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.901757] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.902073] ================================================================== [ 15.210342] ================================================================== [ 15.210661] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 15.211142] Read of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.211356] [ 15.211490] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.211536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.211549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.211572] Call Trace: [ 15.211589] <TASK> [ 15.211606] dump_stack_lvl+0x73/0xb0 [ 15.211634] print_report+0xd1/0x650 [ 15.211657] ? __virt_addr_valid+0x1db/0x2d0 [ 15.211682] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.211704] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.211727] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.211750] kasan_report+0x141/0x180 [ 15.211772] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.211799] __asan_report_load8_noabort+0x18/0x20 [ 15.211823] kasan_atomics_helper+0x4f71/0x5450 [ 15.211846] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.211870] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.211895] ? trace_hardirqs_on+0x37/0xe0 [ 15.211918] ? kasan_atomics+0x152/0x310 [ 15.211945] kasan_atomics+0x1dc/0x310 [ 15.211968] ? __pfx_kasan_atomics+0x10/0x10 [ 15.211992] ? __pfx_kasan_atomics+0x10/0x10 [ 15.212030] kunit_try_run_case+0x1a5/0x480 [ 15.212055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.212077] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.212101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.212124] ? __kthread_parkme+0x82/0x180 [ 15.212151] ? preempt_count_sub+0x50/0x80 [ 15.212175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.212198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.212257] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.212306] kthread+0x337/0x6f0 [ 15.212327] ? trace_preempt_on+0x20/0xc0 [ 15.212377] ? __pfx_kthread+0x10/0x10 [ 15.212439] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.212462] ? calculate_sigpending+0x7b/0xa0 [ 15.212486] ? __pfx_kthread+0x10/0x10 [ 15.212509] ret_from_fork+0x116/0x1d0 [ 15.212530] ? __pfx_kthread+0x10/0x10 [ 15.212553] ret_from_fork_asm+0x1a/0x30 [ 15.212584] </TASK> [ 15.212596] [ 15.221059] Allocated by task 282: [ 15.221187] kasan_save_stack+0x45/0x70 [ 15.221428] kasan_save_track+0x18/0x40 [ 15.221656] kasan_save_alloc_info+0x3b/0x50 [ 15.221854] __kasan_kmalloc+0xb7/0xc0 [ 15.222041] __kmalloc_cache_noprof+0x189/0x420 [ 15.222273] kasan_atomics+0x95/0x310 [ 15.222466] kunit_try_run_case+0x1a5/0x480 [ 15.222709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.222911] kthread+0x337/0x6f0 [ 15.223042] ret_from_fork+0x116/0x1d0 [ 15.223232] ret_from_fork_asm+0x1a/0x30 [ 15.223434] [ 15.223532] The buggy address belongs to the object at ffff8881033c5500 [ 15.223532] which belongs to the cache kmalloc-64 of size 64 [ 15.223962] The buggy address is located 0 bytes to the right of [ 15.223962] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.224379] [ 15.224508] The buggy address belongs to the physical page: [ 15.224913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.225278] flags: 0x200000000000000(node=0|zone=2) [ 15.225516] page_type: f5(slab) [ 15.225704] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.226057] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.226415] page dumped because: kasan: bad access detected [ 15.226682] [ 15.226777] Memory state around the buggy address: [ 15.227012] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.227331] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.227662] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.227965] ^ [ 15.228187] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.228498] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.228895] ================================================================== [ 14.521492] ================================================================== [ 14.521888] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 14.522370] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.522714] [ 14.522825] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.522870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.522883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.522906] Call Trace: [ 14.522925] <TASK> [ 14.522945] dump_stack_lvl+0x73/0xb0 [ 14.522973] print_report+0xd1/0x650 [ 14.522997] ? __virt_addr_valid+0x1db/0x2d0 [ 14.523042] ? kasan_atomics_helper+0xe78/0x5450 [ 14.523064] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.523087] ? kasan_atomics_helper+0xe78/0x5450 [ 14.523109] kasan_report+0x141/0x180 [ 14.523141] ? kasan_atomics_helper+0xe78/0x5450 [ 14.523168] kasan_check_range+0x10c/0x1c0 [ 14.523192] __kasan_check_write+0x18/0x20 [ 14.523223] kasan_atomics_helper+0xe78/0x5450 [ 14.523246] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.523268] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.523294] ? trace_hardirqs_on+0x37/0xe0 [ 14.523317] ? kasan_atomics+0x152/0x310 [ 14.523345] kasan_atomics+0x1dc/0x310 [ 14.523368] ? __pfx_kasan_atomics+0x10/0x10 [ 14.523391] ? __pfx_kasan_atomics+0x10/0x10 [ 14.523418] kunit_try_run_case+0x1a5/0x480 [ 14.523442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.523465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.523499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.523523] ? __kthread_parkme+0x82/0x180 [ 14.523544] ? preempt_count_sub+0x50/0x80 [ 14.523580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.523604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.523627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.523663] kthread+0x337/0x6f0 [ 14.523683] ? trace_preempt_on+0x20/0xc0 [ 14.523706] ? __pfx_kthread+0x10/0x10 [ 14.523727] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.523749] ? calculate_sigpending+0x7b/0xa0 [ 14.523783] ? __pfx_kthread+0x10/0x10 [ 14.523805] ret_from_fork+0x116/0x1d0 [ 14.523824] ? __pfx_kthread+0x10/0x10 [ 14.523856] ret_from_fork_asm+0x1a/0x30 [ 14.523888] </TASK> [ 14.523901] [ 14.531546] Allocated by task 282: [ 14.531732] kasan_save_stack+0x45/0x70 [ 14.531935] kasan_save_track+0x18/0x40 [ 14.532161] kasan_save_alloc_info+0x3b/0x50 [ 14.532309] __kasan_kmalloc+0xb7/0xc0 [ 14.532440] __kmalloc_cache_noprof+0x189/0x420 [ 14.532924] kasan_atomics+0x95/0x310 [ 14.533126] kunit_try_run_case+0x1a5/0x480 [ 14.533359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.533658] kthread+0x337/0x6f0 [ 14.533831] ret_from_fork+0x116/0x1d0 [ 14.534011] ret_from_fork_asm+0x1a/0x30 [ 14.534162] [ 14.534234] The buggy address belongs to the object at ffff8881033c5500 [ 14.534234] which belongs to the cache kmalloc-64 of size 64 [ 14.534660] The buggy address is located 0 bytes to the right of [ 14.534660] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.535226] [ 14.535336] The buggy address belongs to the physical page: [ 14.535591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.536042] flags: 0x200000000000000(node=0|zone=2) [ 14.536216] page_type: f5(slab) [ 14.536360] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.536759] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.537127] page dumped because: kasan: bad access detected [ 14.537377] [ 14.537466] Memory state around the buggy address: [ 14.537675] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.537953] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.538178] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.538392] ^ [ 14.538623] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.538936] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.539257] ================================================================== [ 14.541173] ================================================================== [ 14.541545] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 14.541986] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.542321] [ 14.542430] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.542472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.542497] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.542518] Call Trace: [ 14.542534] <TASK> [ 14.542549] dump_stack_lvl+0x73/0xb0 [ 14.542642] print_report+0xd1/0x650 [ 14.542665] ? __virt_addr_valid+0x1db/0x2d0 [ 14.542690] ? kasan_atomics_helper+0xf10/0x5450 [ 14.542723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.542746] ? kasan_atomics_helper+0xf10/0x5450 [ 14.542768] kasan_report+0x141/0x180 [ 14.542791] ? kasan_atomics_helper+0xf10/0x5450 [ 14.542817] kasan_check_range+0x10c/0x1c0 [ 14.542850] __kasan_check_write+0x18/0x20 [ 14.542870] kasan_atomics_helper+0xf10/0x5450 [ 14.542893] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.542926] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.542951] ? trace_hardirqs_on+0x37/0xe0 [ 14.542975] ? kasan_atomics+0x152/0x310 [ 14.543001] kasan_atomics+0x1dc/0x310 [ 14.543033] ? __pfx_kasan_atomics+0x10/0x10 [ 14.543057] ? __pfx_kasan_atomics+0x10/0x10 [ 14.543084] kunit_try_run_case+0x1a5/0x480 [ 14.543108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.543130] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.543155] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.543179] ? __kthread_parkme+0x82/0x180 [ 14.543209] ? preempt_count_sub+0x50/0x80 [ 14.543233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.543258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.543291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.543315] kthread+0x337/0x6f0 [ 14.543336] ? trace_preempt_on+0x20/0xc0 [ 14.543358] ? __pfx_kthread+0x10/0x10 [ 14.543379] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.543400] ? calculate_sigpending+0x7b/0xa0 [ 14.543424] ? __pfx_kthread+0x10/0x10 [ 14.543446] ret_from_fork+0x116/0x1d0 [ 14.543465] ? __pfx_kthread+0x10/0x10 [ 14.543486] ret_from_fork_asm+0x1a/0x30 [ 14.543527] </TASK> [ 14.543541] [ 14.551418] Allocated by task 282: [ 14.551624] kasan_save_stack+0x45/0x70 [ 14.551868] kasan_save_track+0x18/0x40 [ 14.552088] kasan_save_alloc_info+0x3b/0x50 [ 14.552299] __kasan_kmalloc+0xb7/0xc0 [ 14.552457] __kmalloc_cache_noprof+0x189/0x420 [ 14.552659] kasan_atomics+0x95/0x310 [ 14.552863] kunit_try_run_case+0x1a5/0x480 [ 14.553092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.553326] kthread+0x337/0x6f0 [ 14.553496] ret_from_fork+0x116/0x1d0 [ 14.553679] ret_from_fork_asm+0x1a/0x30 [ 14.553879] [ 14.553970] The buggy address belongs to the object at ffff8881033c5500 [ 14.553970] which belongs to the cache kmalloc-64 of size 64 [ 14.554458] The buggy address is located 0 bytes to the right of [ 14.554458] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.555064] [ 14.555150] The buggy address belongs to the physical page: [ 14.555391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.555753] flags: 0x200000000000000(node=0|zone=2) [ 14.555987] page_type: f5(slab) [ 14.556151] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.556428] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.556657] page dumped because: kasan: bad access detected [ 14.556830] [ 14.556900] Memory state around the buggy address: [ 14.557199] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.557526] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.558124] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.558448] ^ [ 14.558636] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.558961] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.559206] ================================================================== [ 14.821989] ================================================================== [ 14.822599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.823057] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.823655] [ 14.823868] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.823916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.823938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.823962] Call Trace: [ 14.823981] <TASK> [ 14.824000] dump_stack_lvl+0x73/0xb0 [ 14.824051] print_report+0xd1/0x650 [ 14.824075] ? __virt_addr_valid+0x1db/0x2d0 [ 14.824100] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.824122] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.824148] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.824171] kasan_report+0x141/0x180 [ 14.824194] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.824220] __asan_report_store8_noabort+0x1b/0x30 [ 14.824242] kasan_atomics_helper+0x50d4/0x5450 [ 14.824265] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.824289] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.824325] ? trace_hardirqs_on+0x37/0xe0 [ 14.824348] ? kasan_atomics+0x152/0x310 [ 14.824386] kasan_atomics+0x1dc/0x310 [ 14.824410] ? __pfx_kasan_atomics+0x10/0x10 [ 14.824434] ? __pfx_kasan_atomics+0x10/0x10 [ 14.824461] kunit_try_run_case+0x1a5/0x480 [ 14.824486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.824518] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.824544] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.824567] ? __kthread_parkme+0x82/0x180 [ 14.824600] ? preempt_count_sub+0x50/0x80 [ 14.824623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.824659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.824683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.824706] kthread+0x337/0x6f0 [ 14.824726] ? trace_preempt_on+0x20/0xc0 [ 14.824748] ? __pfx_kthread+0x10/0x10 [ 14.824769] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.824791] ? calculate_sigpending+0x7b/0xa0 [ 14.824816] ? __pfx_kthread+0x10/0x10 [ 14.824837] ret_from_fork+0x116/0x1d0 [ 14.824858] ? __pfx_kthread+0x10/0x10 [ 14.824878] ret_from_fork_asm+0x1a/0x30 [ 14.824910] </TASK> [ 14.824922] [ 14.836863] Allocated by task 282: [ 14.837209] kasan_save_stack+0x45/0x70 [ 14.837584] kasan_save_track+0x18/0x40 [ 14.838017] kasan_save_alloc_info+0x3b/0x50 [ 14.838363] __kasan_kmalloc+0xb7/0xc0 [ 14.838498] __kmalloc_cache_noprof+0x189/0x420 [ 14.838675] kasan_atomics+0x95/0x310 [ 14.839053] kunit_try_run_case+0x1a5/0x480 [ 14.839455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.839940] kthread+0x337/0x6f0 [ 14.840281] ret_from_fork+0x116/0x1d0 [ 14.840649] ret_from_fork_asm+0x1a/0x30 [ 14.840925] [ 14.840998] The buggy address belongs to the object at ffff8881033c5500 [ 14.840998] which belongs to the cache kmalloc-64 of size 64 [ 14.841346] The buggy address is located 0 bytes to the right of [ 14.841346] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.841734] [ 14.841901] The buggy address belongs to the physical page: [ 14.842531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.843037] flags: 0x200000000000000(node=0|zone=2) [ 14.843203] page_type: f5(slab) [ 14.843323] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.843547] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.843812] page dumped because: kasan: bad access detected [ 14.844127] [ 14.844218] Memory state around the buggy address: [ 14.844438] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.844707] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.845032] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.845343] ^ [ 14.845497] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.845957] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.846281] ================================================================== [ 14.946132] ================================================================== [ 14.946466] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.946821] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.947136] [ 14.947255] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.947312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.947325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.947361] Call Trace: [ 14.947380] <TASK> [ 14.947399] dump_stack_lvl+0x73/0xb0 [ 14.947440] print_report+0xd1/0x650 [ 14.947465] ? __virt_addr_valid+0x1db/0x2d0 [ 14.947489] ? kasan_atomics_helper+0x1818/0x5450 [ 14.947511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.947534] ? kasan_atomics_helper+0x1818/0x5450 [ 14.947556] kasan_report+0x141/0x180 [ 14.947588] ? kasan_atomics_helper+0x1818/0x5450 [ 14.947614] kasan_check_range+0x10c/0x1c0 [ 14.947639] __kasan_check_write+0x18/0x20 [ 14.947678] kasan_atomics_helper+0x1818/0x5450 [ 14.947701] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.947724] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.947749] ? trace_hardirqs_on+0x37/0xe0 [ 14.947781] ? kasan_atomics+0x152/0x310 [ 14.947808] kasan_atomics+0x1dc/0x310 [ 14.947843] ? __pfx_kasan_atomics+0x10/0x10 [ 14.947867] ? __pfx_kasan_atomics+0x10/0x10 [ 14.947894] kunit_try_run_case+0x1a5/0x480 [ 14.947918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.947941] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.947965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.947989] ? __kthread_parkme+0x82/0x180 [ 14.948010] ? preempt_count_sub+0x50/0x80 [ 14.948053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.948077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.948101] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.948134] kthread+0x337/0x6f0 [ 14.948157] ? trace_preempt_on+0x20/0xc0 [ 14.948180] ? __pfx_kthread+0x10/0x10 [ 14.948201] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.948223] ? calculate_sigpending+0x7b/0xa0 [ 14.948256] ? __pfx_kthread+0x10/0x10 [ 14.948278] ret_from_fork+0x116/0x1d0 [ 14.948297] ? __pfx_kthread+0x10/0x10 [ 14.948318] ret_from_fork_asm+0x1a/0x30 [ 14.948360] </TASK> [ 14.948373] [ 14.956213] Allocated by task 282: [ 14.956407] kasan_save_stack+0x45/0x70 [ 14.956625] kasan_save_track+0x18/0x40 [ 14.956853] kasan_save_alloc_info+0x3b/0x50 [ 14.957062] __kasan_kmalloc+0xb7/0xc0 [ 14.957230] __kmalloc_cache_noprof+0x189/0x420 [ 14.957449] kasan_atomics+0x95/0x310 [ 14.957629] kunit_try_run_case+0x1a5/0x480 [ 14.957875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.958144] kthread+0x337/0x6f0 [ 14.958324] ret_from_fork+0x116/0x1d0 [ 14.958497] ret_from_fork_asm+0x1a/0x30 [ 14.958638] [ 14.958771] The buggy address belongs to the object at ffff8881033c5500 [ 14.958771] which belongs to the cache kmalloc-64 of size 64 [ 14.959300] The buggy address is located 0 bytes to the right of [ 14.959300] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.959874] [ 14.959996] The buggy address belongs to the physical page: [ 14.960241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.960582] flags: 0x200000000000000(node=0|zone=2) [ 14.960856] page_type: f5(slab) [ 14.961040] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.961281] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.961511] page dumped because: kasan: bad access detected [ 14.961704] [ 14.961828] Memory state around the buggy address: [ 14.962060] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.962376] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.962654] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.962936] ^ [ 14.963101] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.963317] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.963615] ================================================================== [ 14.596783] ================================================================== [ 14.597478] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 14.598085] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.598363] [ 14.598456] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.598499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.598513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.598535] Call Trace: [ 14.598556] <TASK> [ 14.598574] dump_stack_lvl+0x73/0xb0 [ 14.598603] print_report+0xd1/0x650 [ 14.598625] ? __virt_addr_valid+0x1db/0x2d0 [ 14.598660] ? kasan_atomics_helper+0x1079/0x5450 [ 14.598681] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.598716] ? kasan_atomics_helper+0x1079/0x5450 [ 14.598737] kasan_report+0x141/0x180 [ 14.598760] ? kasan_atomics_helper+0x1079/0x5450 [ 14.598798] kasan_check_range+0x10c/0x1c0 [ 14.598822] __kasan_check_write+0x18/0x20 [ 14.598842] kasan_atomics_helper+0x1079/0x5450 [ 14.598865] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.598897] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.598921] ? trace_hardirqs_on+0x37/0xe0 [ 14.598945] ? kasan_atomics+0x152/0x310 [ 14.598982] kasan_atomics+0x1dc/0x310 [ 14.599006] ? __pfx_kasan_atomics+0x10/0x10 [ 14.599039] ? __pfx_kasan_atomics+0x10/0x10 [ 14.599075] kunit_try_run_case+0x1a5/0x480 [ 14.599099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.599132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.599158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.599181] ? __kthread_parkme+0x82/0x180 [ 14.599203] ? preempt_count_sub+0x50/0x80 [ 14.599236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.599260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.599284] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.599318] kthread+0x337/0x6f0 [ 14.599339] ? trace_preempt_on+0x20/0xc0 [ 14.599361] ? __pfx_kthread+0x10/0x10 [ 14.599391] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.599413] ? calculate_sigpending+0x7b/0xa0 [ 14.599436] ? __pfx_kthread+0x10/0x10 [ 14.599469] ret_from_fork+0x116/0x1d0 [ 14.599489] ? __pfx_kthread+0x10/0x10 [ 14.599510] ret_from_fork_asm+0x1a/0x30 [ 14.599550] </TASK> [ 14.599562] [ 14.607363] Allocated by task 282: [ 14.607489] kasan_save_stack+0x45/0x70 [ 14.607632] kasan_save_track+0x18/0x40 [ 14.607854] kasan_save_alloc_info+0x3b/0x50 [ 14.608076] __kasan_kmalloc+0xb7/0xc0 [ 14.608270] __kmalloc_cache_noprof+0x189/0x420 [ 14.608435] kasan_atomics+0x95/0x310 [ 14.608655] kunit_try_run_case+0x1a5/0x480 [ 14.608811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.608979] kthread+0x337/0x6f0 [ 14.609107] ret_from_fork+0x116/0x1d0 [ 14.609235] ret_from_fork_asm+0x1a/0x30 [ 14.609370] [ 14.609439] The buggy address belongs to the object at ffff8881033c5500 [ 14.609439] which belongs to the cache kmalloc-64 of size 64 [ 14.609868] The buggy address is located 0 bytes to the right of [ 14.609868] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.610506] [ 14.610617] The buggy address belongs to the physical page: [ 14.610886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.611161] flags: 0x200000000000000(node=0|zone=2) [ 14.611319] page_type: f5(slab) [ 14.611436] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.611660] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.612237] page dumped because: kasan: bad access detected [ 14.612490] [ 14.612608] Memory state around the buggy address: [ 14.613076] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.613426] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.613899] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.614134] ^ [ 14.614359] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.614672] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.614916] ================================================================== [ 15.298786] ================================================================== [ 15.299146] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 15.299795] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.300118] [ 15.300223] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.300266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.300279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.300302] Call Trace: [ 15.300319] <TASK> [ 15.300335] dump_stack_lvl+0x73/0xb0 [ 15.300364] print_report+0xd1/0x650 [ 15.300387] ? __virt_addr_valid+0x1db/0x2d0 [ 15.300412] ? kasan_atomics_helper+0x218a/0x5450 [ 15.300434] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.300457] ? kasan_atomics_helper+0x218a/0x5450 [ 15.300479] kasan_report+0x141/0x180 [ 15.300502] ? kasan_atomics_helper+0x218a/0x5450 [ 15.300528] kasan_check_range+0x10c/0x1c0 [ 15.300552] __kasan_check_write+0x18/0x20 [ 15.300572] kasan_atomics_helper+0x218a/0x5450 [ 15.300595] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.300618] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.300667] ? trace_hardirqs_on+0x37/0xe0 [ 15.300690] ? kasan_atomics+0x152/0x310 [ 15.300718] kasan_atomics+0x1dc/0x310 [ 15.300741] ? __pfx_kasan_atomics+0x10/0x10 [ 15.300765] ? __pfx_kasan_atomics+0x10/0x10 [ 15.300792] kunit_try_run_case+0x1a5/0x480 [ 15.300816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.300839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.300864] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.300888] ? __kthread_parkme+0x82/0x180 [ 15.300910] ? preempt_count_sub+0x50/0x80 [ 15.300935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.300960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.300984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.301008] kthread+0x337/0x6f0 [ 15.301037] ? trace_preempt_on+0x20/0xc0 [ 15.301060] ? __pfx_kthread+0x10/0x10 [ 15.301081] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.301102] ? calculate_sigpending+0x7b/0xa0 [ 15.301126] ? __pfx_kthread+0x10/0x10 [ 15.301149] ret_from_fork+0x116/0x1d0 [ 15.301168] ? __pfx_kthread+0x10/0x10 [ 15.301190] ret_from_fork_asm+0x1a/0x30 [ 15.301221] </TASK> [ 15.301233] [ 15.308788] Allocated by task 282: [ 15.308915] kasan_save_stack+0x45/0x70 [ 15.309730] kasan_save_track+0x18/0x40 [ 15.309934] kasan_save_alloc_info+0x3b/0x50 [ 15.310158] __kasan_kmalloc+0xb7/0xc0 [ 15.310321] __kmalloc_cache_noprof+0x189/0x420 [ 15.310542] kasan_atomics+0x95/0x310 [ 15.311751] kunit_try_run_case+0x1a5/0x480 [ 15.311933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.312202] kthread+0x337/0x6f0 [ 15.312360] ret_from_fork+0x116/0x1d0 [ 15.312528] ret_from_fork_asm+0x1a/0x30 [ 15.312981] [ 15.313087] The buggy address belongs to the object at ffff8881033c5500 [ 15.313087] which belongs to the cache kmalloc-64 of size 64 [ 15.313783] The buggy address is located 0 bytes to the right of [ 15.313783] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.314335] [ 15.314559] The buggy address belongs to the physical page: [ 15.314813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.315279] flags: 0x200000000000000(node=0|zone=2) [ 15.315525] page_type: f5(slab) [ 15.315820] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.316150] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.316466] page dumped because: kasan: bad access detected [ 15.316857] [ 15.316962] Memory state around the buggy address: [ 15.317342] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.317672] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.317923] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.318367] ^ [ 15.318692] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.318964] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.319287] ================================================================== [ 15.021171] ================================================================== [ 15.021532] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.022102] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.022445] [ 15.022563] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.022618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.022632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.022654] Call Trace: [ 15.022686] <TASK> [ 15.022716] dump_stack_lvl+0x73/0xb0 [ 15.022746] print_report+0xd1/0x650 [ 15.022770] ? __virt_addr_valid+0x1db/0x2d0 [ 15.022805] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.022827] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.022849] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.022882] kasan_report+0x141/0x180 [ 15.022905] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.022931] kasan_check_range+0x10c/0x1c0 [ 15.022963] __kasan_check_write+0x18/0x20 [ 15.022983] kasan_atomics_helper+0x1a7f/0x5450 [ 15.023006] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.023044] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.023069] ? trace_hardirqs_on+0x37/0xe0 [ 15.023093] ? kasan_atomics+0x152/0x310 [ 15.023121] kasan_atomics+0x1dc/0x310 [ 15.023154] ? __pfx_kasan_atomics+0x10/0x10 [ 15.023178] ? __pfx_kasan_atomics+0x10/0x10 [ 15.023205] kunit_try_run_case+0x1a5/0x480 [ 15.023239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.023263] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.023287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.023311] ? __kthread_parkme+0x82/0x180 [ 15.023333] ? preempt_count_sub+0x50/0x80 [ 15.023357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.023381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.023405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.023430] kthread+0x337/0x6f0 [ 15.023449] ? trace_preempt_on+0x20/0xc0 [ 15.023480] ? __pfx_kthread+0x10/0x10 [ 15.023502] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.023523] ? calculate_sigpending+0x7b/0xa0 [ 15.023558] ? __pfx_kthread+0x10/0x10 [ 15.023580] ret_from_fork+0x116/0x1d0 [ 15.023600] ? __pfx_kthread+0x10/0x10 [ 15.023620] ret_from_fork_asm+0x1a/0x30 [ 15.023653] </TASK> [ 15.023666] [ 15.031281] Allocated by task 282: [ 15.031413] kasan_save_stack+0x45/0x70 [ 15.031616] kasan_save_track+0x18/0x40 [ 15.031848] kasan_save_alloc_info+0x3b/0x50 [ 15.032059] __kasan_kmalloc+0xb7/0xc0 [ 15.032257] __kmalloc_cache_noprof+0x189/0x420 [ 15.032476] kasan_atomics+0x95/0x310 [ 15.032674] kunit_try_run_case+0x1a5/0x480 [ 15.032874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.033130] kthread+0x337/0x6f0 [ 15.033311] ret_from_fork+0x116/0x1d0 [ 15.033494] ret_from_fork_asm+0x1a/0x30 [ 15.033740] [ 15.033826] The buggy address belongs to the object at ffff8881033c5500 [ 15.033826] which belongs to the cache kmalloc-64 of size 64 [ 15.034341] The buggy address is located 0 bytes to the right of [ 15.034341] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.034885] [ 15.035003] The buggy address belongs to the physical page: [ 15.035250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.035560] flags: 0x200000000000000(node=0|zone=2) [ 15.035867] page_type: f5(slab) [ 15.036032] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.036370] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.036730] page dumped because: kasan: bad access detected [ 15.036974] [ 15.037103] Memory state around the buggy address: [ 15.037310] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.037528] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.037743] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.037955] ^ [ 15.038123] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.038703] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.039041] ================================================================== [ 15.281982] ================================================================== [ 15.282227] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 15.282456] Read of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.282792] [ 15.282901] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.282942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.282954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.282976] Call Trace: [ 15.282992] <TASK> [ 15.283007] dump_stack_lvl+0x73/0xb0 [ 15.283045] print_report+0xd1/0x650 [ 15.283068] ? __virt_addr_valid+0x1db/0x2d0 [ 15.283092] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.283115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.283137] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.283159] kasan_report+0x141/0x180 [ 15.283182] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.283208] __asan_report_load8_noabort+0x18/0x20 [ 15.283233] kasan_atomics_helper+0x4fb2/0x5450 [ 15.283256] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.283279] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.283302] ? trace_hardirqs_on+0x37/0xe0 [ 15.283325] ? kasan_atomics+0x152/0x310 [ 15.283351] kasan_atomics+0x1dc/0x310 [ 15.283375] ? __pfx_kasan_atomics+0x10/0x10 [ 15.283399] ? __pfx_kasan_atomics+0x10/0x10 [ 15.283426] kunit_try_run_case+0x1a5/0x480 [ 15.283451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.283473] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.283498] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.283522] ? __kthread_parkme+0x82/0x180 [ 15.283542] ? preempt_count_sub+0x50/0x80 [ 15.283567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.283591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.283614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.283659] kthread+0x337/0x6f0 [ 15.283680] ? trace_preempt_on+0x20/0xc0 [ 15.283702] ? __pfx_kthread+0x10/0x10 [ 15.283724] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.283745] ? calculate_sigpending+0x7b/0xa0 [ 15.283769] ? __pfx_kthread+0x10/0x10 [ 15.283792] ret_from_fork+0x116/0x1d0 [ 15.283811] ? __pfx_kthread+0x10/0x10 [ 15.283831] ret_from_fork_asm+0x1a/0x30 [ 15.283862] </TASK> [ 15.283874] [ 15.290933] Allocated by task 282: [ 15.291083] kasan_save_stack+0x45/0x70 [ 15.291285] kasan_save_track+0x18/0x40 [ 15.291476] kasan_save_alloc_info+0x3b/0x50 [ 15.291713] __kasan_kmalloc+0xb7/0xc0 [ 15.291900] __kmalloc_cache_noprof+0x189/0x420 [ 15.292133] kasan_atomics+0x95/0x310 [ 15.292326] kunit_try_run_case+0x1a5/0x480 [ 15.292534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.292809] kthread+0x337/0x6f0 [ 15.292977] ret_from_fork+0x116/0x1d0 [ 15.293158] ret_from_fork_asm+0x1a/0x30 [ 15.293342] [ 15.293426] The buggy address belongs to the object at ffff8881033c5500 [ 15.293426] which belongs to the cache kmalloc-64 of size 64 [ 15.293870] The buggy address is located 0 bytes to the right of [ 15.293870] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.294366] [ 15.294462] The buggy address belongs to the physical page: [ 15.294743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.295029] flags: 0x200000000000000(node=0|zone=2) [ 15.295252] page_type: f5(slab) [ 15.295423] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.295773] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.296102] page dumped because: kasan: bad access detected [ 15.296359] [ 15.296443] Memory state around the buggy address: [ 15.296685] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.296989] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.297286] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.297534] ^ [ 15.297706] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.297921] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.298143] ================================================================== [ 15.111050] ================================================================== [ 15.111294] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 15.111580] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.111987] [ 15.112627] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.112679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.112692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.112715] Call Trace: [ 15.112925] <TASK> [ 15.112952] dump_stack_lvl+0x73/0xb0 [ 15.112986] print_report+0xd1/0x650 [ 15.113010] ? __virt_addr_valid+0x1db/0x2d0 [ 15.113048] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.113072] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.113095] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.113117] kasan_report+0x141/0x180 [ 15.113139] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.113166] kasan_check_range+0x10c/0x1c0 [ 15.113190] __kasan_check_write+0x18/0x20 [ 15.113210] kasan_atomics_helper+0x1ce1/0x5450 [ 15.113232] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.113255] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.113281] ? trace_hardirqs_on+0x37/0xe0 [ 15.113305] ? kasan_atomics+0x152/0x310 [ 15.113331] kasan_atomics+0x1dc/0x310 [ 15.113355] ? __pfx_kasan_atomics+0x10/0x10 [ 15.113378] ? __pfx_kasan_atomics+0x10/0x10 [ 15.113405] kunit_try_run_case+0x1a5/0x480 [ 15.113429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.113452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.113476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.113499] ? __kthread_parkme+0x82/0x180 [ 15.113521] ? preempt_count_sub+0x50/0x80 [ 15.113546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.113569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.113593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.113616] kthread+0x337/0x6f0 [ 15.113636] ? trace_preempt_on+0x20/0xc0 [ 15.113658] ? __pfx_kthread+0x10/0x10 [ 15.113679] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.113701] ? calculate_sigpending+0x7b/0xa0 [ 15.113725] ? __pfx_kthread+0x10/0x10 [ 15.113746] ret_from_fork+0x116/0x1d0 [ 15.113767] ? __pfx_kthread+0x10/0x10 [ 15.113788] ret_from_fork_asm+0x1a/0x30 [ 15.113819] </TASK> [ 15.113831] [ 15.124824] Allocated by task 282: [ 15.125003] kasan_save_stack+0x45/0x70 [ 15.125215] kasan_save_track+0x18/0x40 [ 15.125397] kasan_save_alloc_info+0x3b/0x50 [ 15.125604] __kasan_kmalloc+0xb7/0xc0 [ 15.125829] __kmalloc_cache_noprof+0x189/0x420 [ 15.126038] kasan_atomics+0x95/0x310 [ 15.126224] kunit_try_run_case+0x1a5/0x480 [ 15.126424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.126677] kthread+0x337/0x6f0 [ 15.126851] ret_from_fork+0x116/0x1d0 [ 15.127049] ret_from_fork_asm+0x1a/0x30 [ 15.127250] [ 15.127342] The buggy address belongs to the object at ffff8881033c5500 [ 15.127342] which belongs to the cache kmalloc-64 of size 64 [ 15.127858] The buggy address is located 0 bytes to the right of [ 15.127858] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.128246] [ 15.128322] The buggy address belongs to the physical page: [ 15.128491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.128782] flags: 0x200000000000000(node=0|zone=2) [ 15.129035] page_type: f5(slab) [ 15.129209] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.129560] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.129944] page dumped because: kasan: bad access detected [ 15.130207] [ 15.130307] Memory state around the buggy address: [ 15.130505] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.130827] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.131123] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.131333] ^ [ 15.131483] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.131724] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.132054] ================================================================== [ 15.132752] ================================================================== [ 15.133272] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 15.133589] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.133910] [ 15.134003] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.134061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.134075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.134098] Call Trace: [ 15.134118] <TASK> [ 15.134137] dump_stack_lvl+0x73/0xb0 [ 15.134167] print_report+0xd1/0x650 [ 15.134192] ? __virt_addr_valid+0x1db/0x2d0 [ 15.134216] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.134237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.134260] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.134306] kasan_report+0x141/0x180 [ 15.134332] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.134359] kasan_check_range+0x10c/0x1c0 [ 15.134382] __kasan_check_write+0x18/0x20 [ 15.134403] kasan_atomics_helper+0x1d7a/0x5450 [ 15.134426] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.134448] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.134493] ? trace_hardirqs_on+0x37/0xe0 [ 15.134517] ? kasan_atomics+0x152/0x310 [ 15.134544] kasan_atomics+0x1dc/0x310 [ 15.134567] ? __pfx_kasan_atomics+0x10/0x10 [ 15.134592] ? __pfx_kasan_atomics+0x10/0x10 [ 15.134618] kunit_try_run_case+0x1a5/0x480 [ 15.134654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.134676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.134701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.134725] ? __kthread_parkme+0x82/0x180 [ 15.134746] ? preempt_count_sub+0x50/0x80 [ 15.134770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.134794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.134838] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.134862] kthread+0x337/0x6f0 [ 15.134882] ? trace_preempt_on+0x20/0xc0 [ 15.134905] ? __pfx_kthread+0x10/0x10 [ 15.134925] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.134947] ? calculate_sigpending+0x7b/0xa0 [ 15.134971] ? __pfx_kthread+0x10/0x10 [ 15.134993] ret_from_fork+0x116/0x1d0 [ 15.135012] ? __pfx_kthread+0x10/0x10 [ 15.135044] ret_from_fork_asm+0x1a/0x30 [ 15.135079] </TASK> [ 15.135092] [ 15.142860] Allocated by task 282: [ 15.143030] kasan_save_stack+0x45/0x70 [ 15.143230] kasan_save_track+0x18/0x40 [ 15.143423] kasan_save_alloc_info+0x3b/0x50 [ 15.143589] __kasan_kmalloc+0xb7/0xc0 [ 15.143919] __kmalloc_cache_noprof+0x189/0x420 [ 15.144092] kasan_atomics+0x95/0x310 [ 15.144233] kunit_try_run_case+0x1a5/0x480 [ 15.144381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.144634] kthread+0x337/0x6f0 [ 15.144802] ret_from_fork+0x116/0x1d0 [ 15.145056] ret_from_fork_asm+0x1a/0x30 [ 15.145259] [ 15.145355] The buggy address belongs to the object at ffff8881033c5500 [ 15.145355] which belongs to the cache kmalloc-64 of size 64 [ 15.145761] The buggy address is located 0 bytes to the right of [ 15.145761] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.146334] [ 15.146430] The buggy address belongs to the physical page: [ 15.146695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.146936] flags: 0x200000000000000(node=0|zone=2) [ 15.147113] page_type: f5(slab) [ 15.147270] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.147637] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.147980] page dumped because: kasan: bad access detected [ 15.148290] [ 15.148365] Memory state around the buggy address: [ 15.148558] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.148777] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.149092] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.149607] ^ [ 15.149851] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.150074] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.150578] ================================================================== [ 15.229843] ================================================================== [ 15.230190] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 15.230424] Write of size 8 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 15.230745] [ 15.230982] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 15.231066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.231079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.231103] Call Trace: [ 15.231124] <TASK> [ 15.231143] dump_stack_lvl+0x73/0xb0 [ 15.231173] print_report+0xd1/0x650 [ 15.231197] ? __virt_addr_valid+0x1db/0x2d0 [ 15.231222] ? kasan_atomics_helper+0x2006/0x5450 [ 15.231244] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.231267] ? kasan_atomics_helper+0x2006/0x5450 [ 15.231289] kasan_report+0x141/0x180 [ 15.231312] ? kasan_atomics_helper+0x2006/0x5450 [ 15.231338] kasan_check_range+0x10c/0x1c0 [ 15.231362] __kasan_check_write+0x18/0x20 [ 15.231383] kasan_atomics_helper+0x2006/0x5450 [ 15.231406] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.231430] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.231455] ? trace_hardirqs_on+0x37/0xe0 [ 15.231479] ? kasan_atomics+0x152/0x310 [ 15.231505] kasan_atomics+0x1dc/0x310 [ 15.231528] ? __pfx_kasan_atomics+0x10/0x10 [ 15.231552] ? __pfx_kasan_atomics+0x10/0x10 [ 15.231579] kunit_try_run_case+0x1a5/0x480 [ 15.231604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.231627] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.231663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.231685] ? __kthread_parkme+0x82/0x180 [ 15.231706] ? preempt_count_sub+0x50/0x80 [ 15.231731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.231754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.231778] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.231801] kthread+0x337/0x6f0 [ 15.231820] ? trace_preempt_on+0x20/0xc0 [ 15.231843] ? __pfx_kthread+0x10/0x10 [ 15.231863] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.231886] ? calculate_sigpending+0x7b/0xa0 [ 15.231910] ? __pfx_kthread+0x10/0x10 [ 15.231932] ret_from_fork+0x116/0x1d0 [ 15.231951] ? __pfx_kthread+0x10/0x10 [ 15.231972] ret_from_fork_asm+0x1a/0x30 [ 15.232004] </TASK> [ 15.232017] [ 15.239494] Allocated by task 282: [ 15.239666] kasan_save_stack+0x45/0x70 [ 15.239866] kasan_save_track+0x18/0x40 [ 15.240063] kasan_save_alloc_info+0x3b/0x50 [ 15.240274] __kasan_kmalloc+0xb7/0xc0 [ 15.240481] __kmalloc_cache_noprof+0x189/0x420 [ 15.240938] kasan_atomics+0x95/0x310 [ 15.241133] kunit_try_run_case+0x1a5/0x480 [ 15.241288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.241458] kthread+0x337/0x6f0 [ 15.241575] ret_from_fork+0x116/0x1d0 [ 15.241882] ret_from_fork_asm+0x1a/0x30 [ 15.242098] [ 15.242218] The buggy address belongs to the object at ffff8881033c5500 [ 15.242218] which belongs to the cache kmalloc-64 of size 64 [ 15.242820] The buggy address is located 0 bytes to the right of [ 15.242820] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 15.243279] [ 15.243351] The buggy address belongs to the physical page: [ 15.243518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 15.243825] flags: 0x200000000000000(node=0|zone=2) [ 15.244074] page_type: f5(slab) [ 15.244250] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.244736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.244959] page dumped because: kasan: bad access detected [ 15.245136] [ 15.245206] Memory state around the buggy address: [ 15.245452] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.245763] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.246244] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.246448] ^ [ 15.246596] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.246801] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.247005] ================================================================== [ 14.635843] ================================================================== [ 14.636229] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 14.636557] Write of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.637005] [ 14.637154] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.637200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.637214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.637235] Call Trace: [ 14.637273] <TASK> [ 14.637292] dump_stack_lvl+0x73/0xb0 [ 14.637336] print_report+0xd1/0x650 [ 14.637374] ? __virt_addr_valid+0x1db/0x2d0 [ 14.637411] ? kasan_atomics_helper+0x1148/0x5450 [ 14.637433] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.637469] ? kasan_atomics_helper+0x1148/0x5450 [ 14.637491] kasan_report+0x141/0x180 [ 14.637528] ? kasan_atomics_helper+0x1148/0x5450 [ 14.637555] kasan_check_range+0x10c/0x1c0 [ 14.637591] __kasan_check_write+0x18/0x20 [ 14.637624] kasan_atomics_helper+0x1148/0x5450 [ 14.637660] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.637683] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.637709] ? trace_hardirqs_on+0x37/0xe0 [ 14.637732] ? kasan_atomics+0x152/0x310 [ 14.637759] kasan_atomics+0x1dc/0x310 [ 14.637782] ? __pfx_kasan_atomics+0x10/0x10 [ 14.637805] ? __pfx_kasan_atomics+0x10/0x10 [ 14.637833] kunit_try_run_case+0x1a5/0x480 [ 14.637858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.637880] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.637905] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.637928] ? __kthread_parkme+0x82/0x180 [ 14.637950] ? preempt_count_sub+0x50/0x80 [ 14.637974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.637999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.638032] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.638056] kthread+0x337/0x6f0 [ 14.638075] ? trace_preempt_on+0x20/0xc0 [ 14.638097] ? __pfx_kthread+0x10/0x10 [ 14.638118] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.638141] ? calculate_sigpending+0x7b/0xa0 [ 14.638165] ? __pfx_kthread+0x10/0x10 [ 14.638187] ret_from_fork+0x116/0x1d0 [ 14.638207] ? __pfx_kthread+0x10/0x10 [ 14.638228] ret_from_fork_asm+0x1a/0x30 [ 14.638260] </TASK> [ 14.638273] [ 14.645917] Allocated by task 282: [ 14.646222] kasan_save_stack+0x45/0x70 [ 14.646369] kasan_save_track+0x18/0x40 [ 14.646501] kasan_save_alloc_info+0x3b/0x50 [ 14.646739] __kasan_kmalloc+0xb7/0xc0 [ 14.646951] __kmalloc_cache_noprof+0x189/0x420 [ 14.647209] kasan_atomics+0x95/0x310 [ 14.647399] kunit_try_run_case+0x1a5/0x480 [ 14.647610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.647845] kthread+0x337/0x6f0 [ 14.647969] ret_from_fork+0x116/0x1d0 [ 14.648192] ret_from_fork_asm+0x1a/0x30 [ 14.648390] [ 14.648487] The buggy address belongs to the object at ffff8881033c5500 [ 14.648487] which belongs to the cache kmalloc-64 of size 64 [ 14.648988] The buggy address is located 0 bytes to the right of [ 14.648988] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.649493] [ 14.649592] The buggy address belongs to the physical page: [ 14.649859] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.650215] flags: 0x200000000000000(node=0|zone=2) [ 14.650419] page_type: f5(slab) [ 14.650570] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.650930] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.651326] page dumped because: kasan: bad access detected [ 14.651597] [ 14.651669] Memory state around the buggy address: [ 14.651906] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.652228] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.652536] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.652816] ^ [ 14.652968] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.653184] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.653393] ================================================================== [ 14.161299] ================================================================== [ 14.161824] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 14.162195] Read of size 4 at addr ffff8881033c5530 by task kunit_try_catch/282 [ 14.162465] [ 14.162557] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.162603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.162616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.162639] Call Trace: [ 14.162658] <TASK> [ 14.162676] dump_stack_lvl+0x73/0xb0 [ 14.162716] print_report+0xd1/0x650 [ 14.162740] ? __virt_addr_valid+0x1db/0x2d0 [ 14.162765] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.162799] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.162821] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.162844] kasan_report+0x141/0x180 [ 14.162867] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.162893] __asan_report_load4_noabort+0x18/0x20 [ 14.162918] kasan_atomics_helper+0x4b54/0x5450 [ 14.162941] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.162963] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.162989] ? trace_hardirqs_on+0x37/0xe0 [ 14.163012] ? kasan_atomics+0x152/0x310 [ 14.163048] kasan_atomics+0x1dc/0x310 [ 14.163072] ? __pfx_kasan_atomics+0x10/0x10 [ 14.163095] ? __pfx_kasan_atomics+0x10/0x10 [ 14.163135] kunit_try_run_case+0x1a5/0x480 [ 14.163160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.163183] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.163209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.163232] ? __kthread_parkme+0x82/0x180 [ 14.163253] ? preempt_count_sub+0x50/0x80 [ 14.163287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.163311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.163335] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.163371] kthread+0x337/0x6f0 [ 14.163390] ? trace_preempt_on+0x20/0xc0 [ 14.163413] ? __pfx_kthread+0x10/0x10 [ 14.163434] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.163456] ? calculate_sigpending+0x7b/0xa0 [ 14.163480] ? __pfx_kthread+0x10/0x10 [ 14.163503] ret_from_fork+0x116/0x1d0 [ 14.163523] ? __pfx_kthread+0x10/0x10 [ 14.163544] ret_from_fork_asm+0x1a/0x30 [ 14.163575] </TASK> [ 14.163587] [ 14.171756] Allocated by task 282: [ 14.171894] kasan_save_stack+0x45/0x70 [ 14.172049] kasan_save_track+0x18/0x40 [ 14.172246] kasan_save_alloc_info+0x3b/0x50 [ 14.172493] __kasan_kmalloc+0xb7/0xc0 [ 14.172708] __kmalloc_cache_noprof+0x189/0x420 [ 14.172929] kasan_atomics+0x95/0x310 [ 14.173093] kunit_try_run_case+0x1a5/0x480 [ 14.173243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.173433] kthread+0x337/0x6f0 [ 14.173615] ret_from_fork+0x116/0x1d0 [ 14.173825] ret_from_fork_asm+0x1a/0x30 [ 14.174034] [ 14.174145] The buggy address belongs to the object at ffff8881033c5500 [ 14.174145] which belongs to the cache kmalloc-64 of size 64 [ 14.174656] The buggy address is located 0 bytes to the right of [ 14.174656] allocated 48-byte region [ffff8881033c5500, ffff8881033c5530) [ 14.175175] [ 14.175296] The buggy address belongs to the physical page: [ 14.175519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c5 [ 14.175894] flags: 0x200000000000000(node=0|zone=2) [ 14.176135] page_type: f5(slab) [ 14.176327] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.176654] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.176978] page dumped because: kasan: bad access detected [ 14.177236] [ 14.177330] Memory state around the buggy address: [ 14.177509] ffff8881033c5400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.177905] ffff8881033c5480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.178134] >ffff8881033c5500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.178349] ^ [ 14.178504] ffff8881033c5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.178794] ffff8881033c5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.179130] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 13.969556] ================================================================== [ 13.969916] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.970332] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.970879] [ 13.970998] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.971067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.971081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.971108] Call Trace: [ 13.971126] <TASK> [ 13.971144] dump_stack_lvl+0x73/0xb0 [ 13.971176] print_report+0xd1/0x650 [ 13.971199] ? __virt_addr_valid+0x1db/0x2d0 [ 13.971223] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.971252] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.971277] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.971306] kasan_report+0x141/0x180 [ 13.971328] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.971362] kasan_check_range+0x10c/0x1c0 [ 13.971388] __kasan_check_write+0x18/0x20 [ 13.971408] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.971438] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.971468] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.971494] ? trace_hardirqs_on+0x37/0xe0 [ 13.971519] ? kasan_bitops_generic+0x92/0x1c0 [ 13.971546] kasan_bitops_generic+0x121/0x1c0 [ 13.971570] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.971596] ? __pfx_read_tsc+0x10/0x10 [ 13.971617] ? ktime_get_ts64+0x86/0x230 [ 13.971642] kunit_try_run_case+0x1a5/0x480 [ 13.971690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.971713] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.971739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.971762] ? __kthread_parkme+0x82/0x180 [ 13.971783] ? preempt_count_sub+0x50/0x80 [ 13.971808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.971832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.971857] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.971881] kthread+0x337/0x6f0 [ 13.971901] ? trace_preempt_on+0x20/0xc0 [ 13.971923] ? __pfx_kthread+0x10/0x10 [ 13.971943] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.971965] ? calculate_sigpending+0x7b/0xa0 [ 13.971990] ? __pfx_kthread+0x10/0x10 [ 13.972011] ret_from_fork+0x116/0x1d0 [ 13.972040] ? __pfx_kthread+0x10/0x10 [ 13.972060] ret_from_fork_asm+0x1a/0x30 [ 13.972092] </TASK> [ 13.972103] [ 13.980556] Allocated by task 278: [ 13.980858] kasan_save_stack+0x45/0x70 [ 13.981054] kasan_save_track+0x18/0x40 [ 13.981230] kasan_save_alloc_info+0x3b/0x50 [ 13.981420] __kasan_kmalloc+0xb7/0xc0 [ 13.981579] __kmalloc_cache_noprof+0x189/0x420 [ 13.981757] kasan_bitops_generic+0x92/0x1c0 [ 13.982016] kunit_try_run_case+0x1a5/0x480 [ 13.982244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.982420] kthread+0x337/0x6f0 [ 13.982660] ret_from_fork+0x116/0x1d0 [ 13.982846] ret_from_fork_asm+0x1a/0x30 [ 13.983056] [ 13.983178] The buggy address belongs to the object at ffff88810191e8e0 [ 13.983178] which belongs to the cache kmalloc-16 of size 16 [ 13.983710] The buggy address is located 8 bytes inside of [ 13.983710] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.984308] [ 13.984384] The buggy address belongs to the physical page: [ 13.984618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.984863] flags: 0x200000000000000(node=0|zone=2) [ 13.985038] page_type: f5(slab) [ 13.985159] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.985393] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.986064] page dumped because: kasan: bad access detected [ 13.986426] [ 13.986495] Memory state around the buggy address: [ 13.986652] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.986870] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.987100] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.987316] ^ [ 13.987517] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.988100] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.988818] ================================================================== [ 13.901835] ================================================================== [ 13.902189] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.902466] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.902905] [ 13.903112] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.903165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.903179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.903207] Call Trace: [ 13.903227] <TASK> [ 13.903245] dump_stack_lvl+0x73/0xb0 [ 13.903276] print_report+0xd1/0x650 [ 13.903298] ? __virt_addr_valid+0x1db/0x2d0 [ 13.903322] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.903352] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.903376] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.903405] kasan_report+0x141/0x180 [ 13.903427] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.903461] kasan_check_range+0x10c/0x1c0 [ 13.903486] __kasan_check_write+0x18/0x20 [ 13.903505] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.903534] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.903564] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.903590] ? trace_hardirqs_on+0x37/0xe0 [ 13.903614] ? kasan_bitops_generic+0x92/0x1c0 [ 13.903655] kasan_bitops_generic+0x121/0x1c0 [ 13.903679] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.903705] ? __pfx_read_tsc+0x10/0x10 [ 13.903726] ? ktime_get_ts64+0x86/0x230 [ 13.903751] kunit_try_run_case+0x1a5/0x480 [ 13.903775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.903799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.903825] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.903849] ? __kthread_parkme+0x82/0x180 [ 13.903870] ? preempt_count_sub+0x50/0x80 [ 13.903894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.903918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.903942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.903968] kthread+0x337/0x6f0 [ 13.903986] ? trace_preempt_on+0x20/0xc0 [ 13.904008] ? __pfx_kthread+0x10/0x10 [ 13.904040] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.904063] ? calculate_sigpending+0x7b/0xa0 [ 13.904087] ? __pfx_kthread+0x10/0x10 [ 13.904108] ret_from_fork+0x116/0x1d0 [ 13.904127] ? __pfx_kthread+0x10/0x10 [ 13.904154] ret_from_fork_asm+0x1a/0x30 [ 13.904185] </TASK> [ 13.904196] [ 13.913285] Allocated by task 278: [ 13.913460] kasan_save_stack+0x45/0x70 [ 13.913685] kasan_save_track+0x18/0x40 [ 13.913881] kasan_save_alloc_info+0x3b/0x50 [ 13.914091] __kasan_kmalloc+0xb7/0xc0 [ 13.914267] __kmalloc_cache_noprof+0x189/0x420 [ 13.914454] kasan_bitops_generic+0x92/0x1c0 [ 13.914747] kunit_try_run_case+0x1a5/0x480 [ 13.914964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.915225] kthread+0x337/0x6f0 [ 13.915384] ret_from_fork+0x116/0x1d0 [ 13.915534] ret_from_fork_asm+0x1a/0x30 [ 13.915813] [ 13.915908] The buggy address belongs to the object at ffff88810191e8e0 [ 13.915908] which belongs to the cache kmalloc-16 of size 16 [ 13.916371] The buggy address is located 8 bytes inside of [ 13.916371] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.916729] [ 13.916802] The buggy address belongs to the physical page: [ 13.916978] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.917694] flags: 0x200000000000000(node=0|zone=2) [ 13.917987] page_type: f5(slab) [ 13.918761] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.919133] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.919373] page dumped because: kasan: bad access detected [ 13.919549] [ 13.919621] Memory state around the buggy address: [ 13.920320] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.921071] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.921376] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.922126] ^ [ 13.922579] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.923190] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.923879] ================================================================== [ 13.842076] ================================================================== [ 13.842379] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.842789] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.843228] [ 13.843341] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.843391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.843403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.843429] Call Trace: [ 13.843447] <TASK> [ 13.843463] dump_stack_lvl+0x73/0xb0 [ 13.843490] print_report+0xd1/0x650 [ 13.843514] ? __virt_addr_valid+0x1db/0x2d0 [ 13.843537] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.843566] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.843590] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.843620] kasan_report+0x141/0x180 [ 13.843641] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.843675] kasan_check_range+0x10c/0x1c0 [ 13.843698] __kasan_check_write+0x18/0x20 [ 13.843718] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.843748] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.843779] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.843805] ? trace_hardirqs_on+0x37/0xe0 [ 13.843827] ? kasan_bitops_generic+0x92/0x1c0 [ 13.843855] kasan_bitops_generic+0x121/0x1c0 [ 13.843879] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.843904] ? __pfx_read_tsc+0x10/0x10 [ 13.844018] ? ktime_get_ts64+0x86/0x230 [ 13.844061] kunit_try_run_case+0x1a5/0x480 [ 13.844086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.844110] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.844134] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.844166] ? __kthread_parkme+0x82/0x180 [ 13.844187] ? preempt_count_sub+0x50/0x80 [ 13.844211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.844235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.844260] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.844284] kthread+0x337/0x6f0 [ 13.844304] ? trace_preempt_on+0x20/0xc0 [ 13.844326] ? __pfx_kthread+0x10/0x10 [ 13.844346] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.844368] ? calculate_sigpending+0x7b/0xa0 [ 13.844392] ? __pfx_kthread+0x10/0x10 [ 13.844413] ret_from_fork+0x116/0x1d0 [ 13.844432] ? __pfx_kthread+0x10/0x10 [ 13.844453] ret_from_fork_asm+0x1a/0x30 [ 13.844484] </TASK> [ 13.844495] [ 13.853190] Allocated by task 278: [ 13.853326] kasan_save_stack+0x45/0x70 [ 13.853769] kasan_save_track+0x18/0x40 [ 13.854077] kasan_save_alloc_info+0x3b/0x50 [ 13.854375] __kasan_kmalloc+0xb7/0xc0 [ 13.854528] __kmalloc_cache_noprof+0x189/0x420 [ 13.855042] kasan_bitops_generic+0x92/0x1c0 [ 13.855273] kunit_try_run_case+0x1a5/0x480 [ 13.855436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.855624] kthread+0x337/0x6f0 [ 13.855974] ret_from_fork+0x116/0x1d0 [ 13.856192] ret_from_fork_asm+0x1a/0x30 [ 13.856392] [ 13.856479] The buggy address belongs to the object at ffff88810191e8e0 [ 13.856479] which belongs to the cache kmalloc-16 of size 16 [ 13.857048] The buggy address is located 8 bytes inside of [ 13.857048] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.857532] [ 13.857628] The buggy address belongs to the physical page: [ 13.857903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.858158] flags: 0x200000000000000(node=0|zone=2) [ 13.858328] page_type: f5(slab) [ 13.858497] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.858837] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.859200] page dumped because: kasan: bad access detected [ 13.859453] [ 13.859542] Memory state around the buggy address: [ 13.859985] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.860296] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.860582] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.860968] ^ [ 13.861204] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.861522] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.861901] ================================================================== [ 13.924453] ================================================================== [ 13.924705] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.925199] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.925493] [ 13.925612] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.925677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.925691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.925720] Call Trace: [ 13.925741] <TASK> [ 13.925762] dump_stack_lvl+0x73/0xb0 [ 13.925791] print_report+0xd1/0x650 [ 13.925815] ? __virt_addr_valid+0x1db/0x2d0 [ 13.925840] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.925873] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.925898] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.925926] kasan_report+0x141/0x180 [ 13.925948] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.925985] kasan_check_range+0x10c/0x1c0 [ 13.926008] __kasan_check_write+0x18/0x20 [ 13.926040] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.926069] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.926101] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.926128] ? trace_hardirqs_on+0x37/0xe0 [ 13.926152] ? kasan_bitops_generic+0x92/0x1c0 [ 13.926180] kasan_bitops_generic+0x121/0x1c0 [ 13.926204] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.926229] ? __pfx_read_tsc+0x10/0x10 [ 13.926251] ? ktime_get_ts64+0x86/0x230 [ 13.926276] kunit_try_run_case+0x1a5/0x480 [ 13.926301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.926323] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.926348] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.926373] ? __kthread_parkme+0x82/0x180 [ 13.926394] ? preempt_count_sub+0x50/0x80 [ 13.926418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.926443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.926467] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.926492] kthread+0x337/0x6f0 [ 13.926510] ? trace_preempt_on+0x20/0xc0 [ 13.926533] ? __pfx_kthread+0x10/0x10 [ 13.926553] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.926574] ? calculate_sigpending+0x7b/0xa0 [ 13.926598] ? __pfx_kthread+0x10/0x10 [ 13.926620] ret_from_fork+0x116/0x1d0 [ 13.926638] ? __pfx_kthread+0x10/0x10 [ 13.927010] ret_from_fork_asm+0x1a/0x30 [ 13.927068] </TASK> [ 13.927081] [ 13.935430] Allocated by task 278: [ 13.935605] kasan_save_stack+0x45/0x70 [ 13.935778] kasan_save_track+0x18/0x40 [ 13.935969] kasan_save_alloc_info+0x3b/0x50 [ 13.936176] __kasan_kmalloc+0xb7/0xc0 [ 13.936373] __kmalloc_cache_noprof+0x189/0x420 [ 13.936554] kasan_bitops_generic+0x92/0x1c0 [ 13.936886] kunit_try_run_case+0x1a5/0x480 [ 13.937117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.937332] kthread+0x337/0x6f0 [ 13.937502] ret_from_fork+0x116/0x1d0 [ 13.937866] ret_from_fork_asm+0x1a/0x30 [ 13.938074] [ 13.938159] The buggy address belongs to the object at ffff88810191e8e0 [ 13.938159] which belongs to the cache kmalloc-16 of size 16 [ 13.938554] The buggy address is located 8 bytes inside of [ 13.938554] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.938945] [ 13.939146] The buggy address belongs to the physical page: [ 13.939688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.940121] flags: 0x200000000000000(node=0|zone=2) [ 13.940343] page_type: f5(slab) [ 13.940466] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.940909] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.941476] page dumped because: kasan: bad access detected [ 13.941912] [ 13.941989] Memory state around the buggy address: [ 13.942165] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.942499] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.942790] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.943007] ^ [ 13.943316] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.943637] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.943974] ================================================================== [ 13.989367] ================================================================== [ 13.989713] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.990106] Read of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.990551] [ 13.990667] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.990719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.990731] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.990759] Call Trace: [ 13.990777] <TASK> [ 13.990793] dump_stack_lvl+0x73/0xb0 [ 13.990822] print_report+0xd1/0x650 [ 13.990845] ? __virt_addr_valid+0x1db/0x2d0 [ 13.990869] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.990899] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.990923] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.990953] kasan_report+0x141/0x180 [ 13.990974] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.991008] kasan_check_range+0x10c/0x1c0 [ 13.991045] __kasan_check_read+0x15/0x20 [ 13.991064] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.991093] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.991123] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.991150] ? trace_hardirqs_on+0x37/0xe0 [ 13.991174] ? kasan_bitops_generic+0x92/0x1c0 [ 13.991202] kasan_bitops_generic+0x121/0x1c0 [ 13.991226] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.991254] ? __pfx_read_tsc+0x10/0x10 [ 13.991275] ? ktime_get_ts64+0x86/0x230 [ 13.991301] kunit_try_run_case+0x1a5/0x480 [ 13.991334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.991359] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.991383] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.991407] ? __kthread_parkme+0x82/0x180 [ 13.991428] ? preempt_count_sub+0x50/0x80 [ 13.991452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.991476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.991502] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.991527] kthread+0x337/0x6f0 [ 13.991546] ? trace_preempt_on+0x20/0xc0 [ 13.991568] ? __pfx_kthread+0x10/0x10 [ 13.991589] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.991610] ? calculate_sigpending+0x7b/0xa0 [ 13.991647] ? __pfx_kthread+0x10/0x10 [ 13.991669] ret_from_fork+0x116/0x1d0 [ 13.991699] ? __pfx_kthread+0x10/0x10 [ 13.991720] ret_from_fork_asm+0x1a/0x30 [ 13.991751] </TASK> [ 13.991764] [ 14.000184] Allocated by task 278: [ 14.000527] kasan_save_stack+0x45/0x70 [ 14.000788] kasan_save_track+0x18/0x40 [ 14.000934] kasan_save_alloc_info+0x3b/0x50 [ 14.001098] __kasan_kmalloc+0xb7/0xc0 [ 14.001231] __kmalloc_cache_noprof+0x189/0x420 [ 14.001386] kasan_bitops_generic+0x92/0x1c0 [ 14.001537] kunit_try_run_case+0x1a5/0x480 [ 14.001692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.002043] kthread+0x337/0x6f0 [ 14.002225] ret_from_fork+0x116/0x1d0 [ 14.002414] ret_from_fork_asm+0x1a/0x30 [ 14.002677] [ 14.002803] The buggy address belongs to the object at ffff88810191e8e0 [ 14.002803] which belongs to the cache kmalloc-16 of size 16 [ 14.003583] The buggy address is located 8 bytes inside of [ 14.003583] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 14.004096] [ 14.004174] The buggy address belongs to the physical page: [ 14.004459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 14.004701] flags: 0x200000000000000(node=0|zone=2) [ 14.004866] page_type: f5(slab) [ 14.004987] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.005230] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.005666] page dumped because: kasan: bad access detected [ 14.005989] [ 14.006095] Memory state around the buggy address: [ 14.006319] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.006641] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.006905] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.007131] ^ [ 14.007332] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.007550] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.007764] ================================================================== [ 13.944471] ================================================================== [ 13.944957] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.945355] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.945583] [ 13.945869] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.945924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.945937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.945965] Call Trace: [ 13.945981] <TASK> [ 13.945996] dump_stack_lvl+0x73/0xb0 [ 13.946042] print_report+0xd1/0x650 [ 13.946065] ? __virt_addr_valid+0x1db/0x2d0 [ 13.946089] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.946118] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.946141] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.946171] kasan_report+0x141/0x180 [ 13.946193] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.946226] kasan_check_range+0x10c/0x1c0 [ 13.946250] __kasan_check_write+0x18/0x20 [ 13.946270] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.946299] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.946330] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.946356] ? trace_hardirqs_on+0x37/0xe0 [ 13.946378] ? kasan_bitops_generic+0x92/0x1c0 [ 13.946406] kasan_bitops_generic+0x121/0x1c0 [ 13.946430] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.946455] ? __pfx_read_tsc+0x10/0x10 [ 13.946477] ? ktime_get_ts64+0x86/0x230 [ 13.946501] kunit_try_run_case+0x1a5/0x480 [ 13.946526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.946549] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.946574] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.946597] ? __kthread_parkme+0x82/0x180 [ 13.946619] ? preempt_count_sub+0x50/0x80 [ 13.946997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.947036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.947062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.947087] kthread+0x337/0x6f0 [ 13.947107] ? trace_preempt_on+0x20/0xc0 [ 13.947129] ? __pfx_kthread+0x10/0x10 [ 13.947150] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.947171] ? calculate_sigpending+0x7b/0xa0 [ 13.947196] ? __pfx_kthread+0x10/0x10 [ 13.947217] ret_from_fork+0x116/0x1d0 [ 13.947236] ? __pfx_kthread+0x10/0x10 [ 13.947256] ret_from_fork_asm+0x1a/0x30 [ 13.947288] </TASK> [ 13.947298] [ 13.958008] Allocated by task 278: [ 13.958260] kasan_save_stack+0x45/0x70 [ 13.958473] kasan_save_track+0x18/0x40 [ 13.958672] kasan_save_alloc_info+0x3b/0x50 [ 13.959151] __kasan_kmalloc+0xb7/0xc0 [ 13.959354] __kmalloc_cache_noprof+0x189/0x420 [ 13.959582] kasan_bitops_generic+0x92/0x1c0 [ 13.959822] kunit_try_run_case+0x1a5/0x480 [ 13.960344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.960778] kthread+0x337/0x6f0 [ 13.960968] ret_from_fork+0x116/0x1d0 [ 13.961279] ret_from_fork_asm+0x1a/0x30 [ 13.961592] [ 13.961682] The buggy address belongs to the object at ffff88810191e8e0 [ 13.961682] which belongs to the cache kmalloc-16 of size 16 [ 13.962449] The buggy address is located 8 bytes inside of [ 13.962449] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.962985] [ 13.963127] The buggy address belongs to the physical page: [ 13.963719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.964055] flags: 0x200000000000000(node=0|zone=2) [ 13.964432] page_type: f5(slab) [ 13.964564] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.965249] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.965706] page dumped because: kasan: bad access detected [ 13.966037] [ 13.966139] Memory state around the buggy address: [ 13.966368] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.966904] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.967297] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.967615] ^ [ 13.968105] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.968503] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.968807] ================================================================== [ 13.862391] ================================================================== [ 13.862801] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.863161] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.863439] [ 13.863553] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.863603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.863615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.863818] Call Trace: [ 13.863842] <TASK> [ 13.863858] dump_stack_lvl+0x73/0xb0 [ 13.863889] print_report+0xd1/0x650 [ 13.863913] ? __virt_addr_valid+0x1db/0x2d0 [ 13.863938] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.863966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.863989] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.864034] kasan_report+0x141/0x180 [ 13.864057] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.864091] kasan_check_range+0x10c/0x1c0 [ 13.864115] __kasan_check_write+0x18/0x20 [ 13.864135] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.864167] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.864198] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.864223] ? trace_hardirqs_on+0x37/0xe0 [ 13.864246] ? kasan_bitops_generic+0x92/0x1c0 [ 13.864273] kasan_bitops_generic+0x121/0x1c0 [ 13.864297] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.864323] ? __pfx_read_tsc+0x10/0x10 [ 13.864344] ? ktime_get_ts64+0x86/0x230 [ 13.864368] kunit_try_run_case+0x1a5/0x480 [ 13.864392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.864415] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.864440] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.864463] ? __kthread_parkme+0x82/0x180 [ 13.864485] ? preempt_count_sub+0x50/0x80 [ 13.864510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.864534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.864559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.864584] kthread+0x337/0x6f0 [ 13.864603] ? trace_preempt_on+0x20/0xc0 [ 13.864625] ? __pfx_kthread+0x10/0x10 [ 13.864658] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.864680] ? calculate_sigpending+0x7b/0xa0 [ 13.864704] ? __pfx_kthread+0x10/0x10 [ 13.864726] ret_from_fork+0x116/0x1d0 [ 13.864744] ? __pfx_kthread+0x10/0x10 [ 13.864765] ret_from_fork_asm+0x1a/0x30 [ 13.864795] </TASK> [ 13.864807] [ 13.873533] Allocated by task 278: [ 13.873870] kasan_save_stack+0x45/0x70 [ 13.874093] kasan_save_track+0x18/0x40 [ 13.874296] kasan_save_alloc_info+0x3b/0x50 [ 13.874516] __kasan_kmalloc+0xb7/0xc0 [ 13.874831] __kmalloc_cache_noprof+0x189/0x420 [ 13.875042] kasan_bitops_generic+0x92/0x1c0 [ 13.875192] kunit_try_run_case+0x1a5/0x480 [ 13.875337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.875511] kthread+0x337/0x6f0 [ 13.875660] ret_from_fork+0x116/0x1d0 [ 13.875848] ret_from_fork_asm+0x1a/0x30 [ 13.876058] [ 13.876154] The buggy address belongs to the object at ffff88810191e8e0 [ 13.876154] which belongs to the cache kmalloc-16 of size 16 [ 13.876669] The buggy address is located 8 bytes inside of [ 13.876669] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.877224] [ 13.877336] The buggy address belongs to the physical page: [ 13.877596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.878044] flags: 0x200000000000000(node=0|zone=2) [ 13.878286] page_type: f5(slab) [ 13.878465] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.879007] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.879258] page dumped because: kasan: bad access detected [ 13.879433] [ 13.879518] Memory state around the buggy address: [ 13.879737] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.880132] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.880440] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.880699] ^ [ 13.881002] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.881314] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.881584] ================================================================== [ 13.882057] ================================================================== [ 13.882505] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.883006] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.883316] [ 13.883400] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.883449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.883462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.883490] Call Trace: [ 13.883506] <TASK> [ 13.883520] dump_stack_lvl+0x73/0xb0 [ 13.883549] print_report+0xd1/0x650 [ 13.883572] ? __virt_addr_valid+0x1db/0x2d0 [ 13.883595] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.883799] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.883827] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.883856] kasan_report+0x141/0x180 [ 13.883879] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.883913] kasan_check_range+0x10c/0x1c0 [ 13.883937] __kasan_check_write+0x18/0x20 [ 13.883956] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.883985] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.884016] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.884058] ? trace_hardirqs_on+0x37/0xe0 [ 13.884082] ? kasan_bitops_generic+0x92/0x1c0 [ 13.884109] kasan_bitops_generic+0x121/0x1c0 [ 13.884133] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.884161] ? __pfx_read_tsc+0x10/0x10 [ 13.884184] ? ktime_get_ts64+0x86/0x230 [ 13.884208] kunit_try_run_case+0x1a5/0x480 [ 13.884233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.884255] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.884280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.884304] ? __kthread_parkme+0x82/0x180 [ 13.884324] ? preempt_count_sub+0x50/0x80 [ 13.884348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.884372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.884396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.884422] kthread+0x337/0x6f0 [ 13.884440] ? trace_preempt_on+0x20/0xc0 [ 13.884462] ? __pfx_kthread+0x10/0x10 [ 13.884483] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.884504] ? calculate_sigpending+0x7b/0xa0 [ 13.884528] ? __pfx_kthread+0x10/0x10 [ 13.884550] ret_from_fork+0x116/0x1d0 [ 13.884569] ? __pfx_kthread+0x10/0x10 [ 13.884590] ret_from_fork_asm+0x1a/0x30 [ 13.884621] </TASK> [ 13.884632] [ 13.893394] Allocated by task 278: [ 13.893539] kasan_save_stack+0x45/0x70 [ 13.893766] kasan_save_track+0x18/0x40 [ 13.893985] kasan_save_alloc_info+0x3b/0x50 [ 13.894227] __kasan_kmalloc+0xb7/0xc0 [ 13.894419] __kmalloc_cache_noprof+0x189/0x420 [ 13.894631] kasan_bitops_generic+0x92/0x1c0 [ 13.894906] kunit_try_run_case+0x1a5/0x480 [ 13.895114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.895343] kthread+0x337/0x6f0 [ 13.895494] ret_from_fork+0x116/0x1d0 [ 13.895849] ret_from_fork_asm+0x1a/0x30 [ 13.896014] [ 13.896119] The buggy address belongs to the object at ffff88810191e8e0 [ 13.896119] which belongs to the cache kmalloc-16 of size 16 [ 13.896592] The buggy address is located 8 bytes inside of [ 13.896592] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.897098] [ 13.897195] The buggy address belongs to the physical page: [ 13.897404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.897838] flags: 0x200000000000000(node=0|zone=2) [ 13.898117] page_type: f5(slab) [ 13.898288] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.898586] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.898928] page dumped because: kasan: bad access detected [ 13.899120] [ 13.899192] Memory state around the buggy address: [ 13.899350] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.899569] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.899870] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.900223] ^ [ 13.900520] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.901063] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.901354] ================================================================== [ 14.008130] ================================================================== [ 14.008490] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.009245] Read of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 14.009580] [ 14.009735] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.009791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.009804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.009833] Call Trace: [ 14.009852] <TASK> [ 14.009870] dump_stack_lvl+0x73/0xb0 [ 14.009908] print_report+0xd1/0x650 [ 14.009930] ? __virt_addr_valid+0x1db/0x2d0 [ 14.009955] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.009985] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.010009] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.010051] kasan_report+0x141/0x180 [ 14.010073] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.010107] __asan_report_load8_noabort+0x18/0x20 [ 14.010132] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.010161] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.010192] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.010217] ? trace_hardirqs_on+0x37/0xe0 [ 14.010241] ? kasan_bitops_generic+0x92/0x1c0 [ 14.010268] kasan_bitops_generic+0x121/0x1c0 [ 14.010293] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.010318] ? __pfx_read_tsc+0x10/0x10 [ 14.010340] ? ktime_get_ts64+0x86/0x230 [ 14.010364] kunit_try_run_case+0x1a5/0x480 [ 14.010389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.010411] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.010437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.010462] ? __kthread_parkme+0x82/0x180 [ 14.010483] ? preempt_count_sub+0x50/0x80 [ 14.010508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.010532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.010556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.010582] kthread+0x337/0x6f0 [ 14.010600] ? trace_preempt_on+0x20/0xc0 [ 14.010625] ? __pfx_kthread+0x10/0x10 [ 14.010657] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.010680] ? calculate_sigpending+0x7b/0xa0 [ 14.010705] ? __pfx_kthread+0x10/0x10 [ 14.010726] ret_from_fork+0x116/0x1d0 [ 14.010745] ? __pfx_kthread+0x10/0x10 [ 14.010766] ret_from_fork_asm+0x1a/0x30 [ 14.010797] </TASK> [ 14.010810] [ 14.023059] Allocated by task 278: [ 14.023425] kasan_save_stack+0x45/0x70 [ 14.023659] kasan_save_track+0x18/0x40 [ 14.024073] kasan_save_alloc_info+0x3b/0x50 [ 14.024344] __kasan_kmalloc+0xb7/0xc0 [ 14.024719] __kmalloc_cache_noprof+0x189/0x420 [ 14.024935] kasan_bitops_generic+0x92/0x1c0 [ 14.025153] kunit_try_run_case+0x1a5/0x480 [ 14.025345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.025580] kthread+0x337/0x6f0 [ 14.026069] ret_from_fork+0x116/0x1d0 [ 14.026285] ret_from_fork_asm+0x1a/0x30 [ 14.026467] [ 14.026568] The buggy address belongs to the object at ffff88810191e8e0 [ 14.026568] which belongs to the cache kmalloc-16 of size 16 [ 14.027343] The buggy address is located 8 bytes inside of [ 14.027343] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 14.028201] [ 14.028386] The buggy address belongs to the physical page: [ 14.028595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 14.029174] flags: 0x200000000000000(node=0|zone=2) [ 14.029409] page_type: f5(slab) [ 14.029559] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.030048] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.030402] page dumped because: kasan: bad access detected [ 14.030697] [ 14.030921] Memory state around the buggy address: [ 14.031180] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.031706] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.031994] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.032446] ^ [ 14.032820] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.033156] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.033565] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 13.710500] ================================================================== [ 13.710808] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.711423] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.711828] [ 13.711935] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.711986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.711999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.712039] Call Trace: [ 13.712058] <TASK> [ 13.712075] dump_stack_lvl+0x73/0xb0 [ 13.712104] print_report+0xd1/0x650 [ 13.712128] ? __virt_addr_valid+0x1db/0x2d0 [ 13.712156] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.712183] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.712207] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.712234] kasan_report+0x141/0x180 [ 13.712257] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.712289] kasan_check_range+0x10c/0x1c0 [ 13.712313] __kasan_check_write+0x18/0x20 [ 13.712333] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.712360] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.712388] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.712414] ? trace_hardirqs_on+0x37/0xe0 [ 13.712439] ? kasan_bitops_generic+0x92/0x1c0 [ 13.712468] kasan_bitops_generic+0x116/0x1c0 [ 13.712492] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.712518] ? __pfx_read_tsc+0x10/0x10 [ 13.712540] ? ktime_get_ts64+0x86/0x230 [ 13.712564] kunit_try_run_case+0x1a5/0x480 [ 13.712588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.712611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.712637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.712661] ? __kthread_parkme+0x82/0x180 [ 13.712683] ? preempt_count_sub+0x50/0x80 [ 13.712706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.712744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.712768] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.712793] kthread+0x337/0x6f0 [ 13.712813] ? trace_preempt_on+0x20/0xc0 [ 13.712835] ? __pfx_kthread+0x10/0x10 [ 13.712855] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.712877] ? calculate_sigpending+0x7b/0xa0 [ 13.712901] ? __pfx_kthread+0x10/0x10 [ 13.712923] ret_from_fork+0x116/0x1d0 [ 13.712942] ? __pfx_kthread+0x10/0x10 [ 13.712962] ret_from_fork_asm+0x1a/0x30 [ 13.712994] </TASK> [ 13.713006] [ 13.721543] Allocated by task 278: [ 13.721735] kasan_save_stack+0x45/0x70 [ 13.721883] kasan_save_track+0x18/0x40 [ 13.722018] kasan_save_alloc_info+0x3b/0x50 [ 13.722245] __kasan_kmalloc+0xb7/0xc0 [ 13.722435] __kmalloc_cache_noprof+0x189/0x420 [ 13.722870] kasan_bitops_generic+0x92/0x1c0 [ 13.723108] kunit_try_run_case+0x1a5/0x480 [ 13.723301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.723526] kthread+0x337/0x6f0 [ 13.723775] ret_from_fork+0x116/0x1d0 [ 13.723963] ret_from_fork_asm+0x1a/0x30 [ 13.724135] [ 13.724212] The buggy address belongs to the object at ffff88810191e8e0 [ 13.724212] which belongs to the cache kmalloc-16 of size 16 [ 13.724573] The buggy address is located 8 bytes inside of [ 13.724573] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.725106] [ 13.725202] The buggy address belongs to the physical page: [ 13.725589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.725848] flags: 0x200000000000000(node=0|zone=2) [ 13.726012] page_type: f5(slab) [ 13.726295] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.726649] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.727001] page dumped because: kasan: bad access detected [ 13.727256] [ 13.727348] Memory state around the buggy address: [ 13.727544] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.728090] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.728373] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.728817] ^ [ 13.729124] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.729383] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.729614] ================================================================== [ 13.775640] ================================================================== [ 13.775985] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.776550] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.776962] [ 13.777088] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.777142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.777156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.777184] Call Trace: [ 13.777203] <TASK> [ 13.777222] dump_stack_lvl+0x73/0xb0 [ 13.777252] print_report+0xd1/0x650 [ 13.777276] ? __virt_addr_valid+0x1db/0x2d0 [ 13.777300] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.777327] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.777351] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.777378] kasan_report+0x141/0x180 [ 13.777400] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.777432] kasan_check_range+0x10c/0x1c0 [ 13.777456] __kasan_check_write+0x18/0x20 [ 13.777476] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.777503] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.777531] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.777557] ? trace_hardirqs_on+0x37/0xe0 [ 13.777581] ? kasan_bitops_generic+0x92/0x1c0 [ 13.777609] kasan_bitops_generic+0x116/0x1c0 [ 13.777633] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.777689] ? __pfx_read_tsc+0x10/0x10 [ 13.777711] ? ktime_get_ts64+0x86/0x230 [ 13.777736] kunit_try_run_case+0x1a5/0x480 [ 13.777761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.777784] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.777810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.777835] ? __kthread_parkme+0x82/0x180 [ 13.777856] ? preempt_count_sub+0x50/0x80 [ 13.777880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.777905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.777929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.777955] kthread+0x337/0x6f0 [ 13.777974] ? trace_preempt_on+0x20/0xc0 [ 13.777996] ? __pfx_kthread+0x10/0x10 [ 13.778017] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.778048] ? calculate_sigpending+0x7b/0xa0 [ 13.778073] ? __pfx_kthread+0x10/0x10 [ 13.778094] ret_from_fork+0x116/0x1d0 [ 13.778113] ? __pfx_kthread+0x10/0x10 [ 13.778133] ret_from_fork_asm+0x1a/0x30 [ 13.778163] </TASK> [ 13.778175] [ 13.786746] Allocated by task 278: [ 13.786933] kasan_save_stack+0x45/0x70 [ 13.787204] kasan_save_track+0x18/0x40 [ 13.787353] kasan_save_alloc_info+0x3b/0x50 [ 13.787502] __kasan_kmalloc+0xb7/0xc0 [ 13.787634] __kmalloc_cache_noprof+0x189/0x420 [ 13.787825] kasan_bitops_generic+0x92/0x1c0 [ 13.788042] kunit_try_run_case+0x1a5/0x480 [ 13.788258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.788651] kthread+0x337/0x6f0 [ 13.788817] ret_from_fork+0x116/0x1d0 [ 13.788972] ret_from_fork_asm+0x1a/0x30 [ 13.789351] [ 13.789459] The buggy address belongs to the object at ffff88810191e8e0 [ 13.789459] which belongs to the cache kmalloc-16 of size 16 [ 13.790086] The buggy address is located 8 bytes inside of [ 13.790086] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.790461] [ 13.790555] The buggy address belongs to the physical page: [ 13.790973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.791350] flags: 0x200000000000000(node=0|zone=2) [ 13.791557] page_type: f5(slab) [ 13.791788] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.792075] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.792313] page dumped because: kasan: bad access detected [ 13.792526] [ 13.792620] Memory state around the buggy address: [ 13.792845] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.793228] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.793602] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.794013] ^ [ 13.794223] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.794900] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.795626] ================================================================== [ 13.796562] ================================================================== [ 13.797439] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.798050] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.798563] [ 13.798789] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.798846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.798860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.798897] Call Trace: [ 13.798915] <TASK> [ 13.798932] dump_stack_lvl+0x73/0xb0 [ 13.798964] print_report+0xd1/0x650 [ 13.798987] ? __virt_addr_valid+0x1db/0x2d0 [ 13.799012] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.799049] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.799075] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.799102] kasan_report+0x141/0x180 [ 13.799124] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.799156] kasan_check_range+0x10c/0x1c0 [ 13.799180] __kasan_check_write+0x18/0x20 [ 13.799200] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.799227] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.799255] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.799282] ? trace_hardirqs_on+0x37/0xe0 [ 13.799307] ? kasan_bitops_generic+0x92/0x1c0 [ 13.799335] kasan_bitops_generic+0x116/0x1c0 [ 13.799359] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.799386] ? __pfx_read_tsc+0x10/0x10 [ 13.799407] ? ktime_get_ts64+0x86/0x230 [ 13.799431] kunit_try_run_case+0x1a5/0x480 [ 13.799456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.799479] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.799504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.799528] ? __kthread_parkme+0x82/0x180 [ 13.799549] ? preempt_count_sub+0x50/0x80 [ 13.799573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.799598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.799622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.799648] kthread+0x337/0x6f0 [ 13.799667] ? trace_preempt_on+0x20/0xc0 [ 13.799799] ? __pfx_kthread+0x10/0x10 [ 13.799828] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.799852] ? calculate_sigpending+0x7b/0xa0 [ 13.799876] ? __pfx_kthread+0x10/0x10 [ 13.799898] ret_from_fork+0x116/0x1d0 [ 13.799917] ? __pfx_kthread+0x10/0x10 [ 13.799979] ret_from_fork_asm+0x1a/0x30 [ 13.800012] </TASK> [ 13.800036] [ 13.813249] Allocated by task 278: [ 13.813425] kasan_save_stack+0x45/0x70 [ 13.813585] kasan_save_track+0x18/0x40 [ 13.813802] kasan_save_alloc_info+0x3b/0x50 [ 13.813952] __kasan_kmalloc+0xb7/0xc0 [ 13.814276] __kmalloc_cache_noprof+0x189/0x420 [ 13.814565] kasan_bitops_generic+0x92/0x1c0 [ 13.814911] kunit_try_run_case+0x1a5/0x480 [ 13.815157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.815380] kthread+0x337/0x6f0 [ 13.815551] ret_from_fork+0x116/0x1d0 [ 13.815706] ret_from_fork_asm+0x1a/0x30 [ 13.816014] [ 13.816147] The buggy address belongs to the object at ffff88810191e8e0 [ 13.816147] which belongs to the cache kmalloc-16 of size 16 [ 13.816619] The buggy address is located 8 bytes inside of [ 13.816619] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.817131] [ 13.817204] The buggy address belongs to the physical page: [ 13.817379] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.817817] flags: 0x200000000000000(node=0|zone=2) [ 13.817991] page_type: f5(slab) [ 13.818121] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.818584] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.819280] page dumped because: kasan: bad access detected [ 13.819511] [ 13.819611] Memory state around the buggy address: [ 13.819905] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.820371] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.820738] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.821131] ^ [ 13.821405] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.821685] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.821980] ================================================================== [ 13.669296] ================================================================== [ 13.669889] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.670417] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.671017] [ 13.671147] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.671203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.671217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.671245] Call Trace: [ 13.671258] <TASK> [ 13.671279] dump_stack_lvl+0x73/0xb0 [ 13.671312] print_report+0xd1/0x650 [ 13.671336] ? __virt_addr_valid+0x1db/0x2d0 [ 13.671362] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.671389] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.671413] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.671440] kasan_report+0x141/0x180 [ 13.671462] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.671493] kasan_check_range+0x10c/0x1c0 [ 13.671518] __kasan_check_write+0x18/0x20 [ 13.671538] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.671565] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.671593] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.671620] ? trace_hardirqs_on+0x37/0xe0 [ 13.671747] ? kasan_bitops_generic+0x92/0x1c0 [ 13.671781] kasan_bitops_generic+0x116/0x1c0 [ 13.671807] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.671833] ? __pfx_read_tsc+0x10/0x10 [ 13.671856] ? ktime_get_ts64+0x86/0x230 [ 13.671882] kunit_try_run_case+0x1a5/0x480 [ 13.671908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.671932] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.671958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.671982] ? __kthread_parkme+0x82/0x180 [ 13.672002] ? preempt_count_sub+0x50/0x80 [ 13.672039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.672064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.672089] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.672115] kthread+0x337/0x6f0 [ 13.672135] ? trace_preempt_on+0x20/0xc0 [ 13.672161] ? __pfx_kthread+0x10/0x10 [ 13.672182] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.672204] ? calculate_sigpending+0x7b/0xa0 [ 13.672229] ? __pfx_kthread+0x10/0x10 [ 13.672251] ret_from_fork+0x116/0x1d0 [ 13.672270] ? __pfx_kthread+0x10/0x10 [ 13.672290] ret_from_fork_asm+0x1a/0x30 [ 13.672322] </TASK> [ 13.672334] [ 13.680787] Allocated by task 278: [ 13.680968] kasan_save_stack+0x45/0x70 [ 13.681129] kasan_save_track+0x18/0x40 [ 13.681283] kasan_save_alloc_info+0x3b/0x50 [ 13.681488] __kasan_kmalloc+0xb7/0xc0 [ 13.681668] __kmalloc_cache_noprof+0x189/0x420 [ 13.681887] kasan_bitops_generic+0x92/0x1c0 [ 13.682042] kunit_try_run_case+0x1a5/0x480 [ 13.682507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.682840] kthread+0x337/0x6f0 [ 13.682968] ret_from_fork+0x116/0x1d0 [ 13.683111] ret_from_fork_asm+0x1a/0x30 [ 13.683247] [ 13.683316] The buggy address belongs to the object at ffff88810191e8e0 [ 13.683316] which belongs to the cache kmalloc-16 of size 16 [ 13.683774] The buggy address is located 8 bytes inside of [ 13.683774] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.684364] [ 13.684437] The buggy address belongs to the physical page: [ 13.684606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.684841] flags: 0x200000000000000(node=0|zone=2) [ 13.684999] page_type: f5(slab) [ 13.685198] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.685544] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.685882] page dumped because: kasan: bad access detected [ 13.686152] [ 13.686246] Memory state around the buggy address: [ 13.686473] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.686823] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.687132] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.687346] ^ [ 13.687541] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.688019] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.688421] ================================================================== [ 13.822418] ================================================================== [ 13.822749] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.823356] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.823688] [ 13.823881] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.823936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.823950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.823978] Call Trace: [ 13.823996] <TASK> [ 13.824014] dump_stack_lvl+0x73/0xb0 [ 13.824061] print_report+0xd1/0x650 [ 13.824085] ? __virt_addr_valid+0x1db/0x2d0 [ 13.824109] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.824137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.824165] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.824193] kasan_report+0x141/0x180 [ 13.824217] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.824248] kasan_check_range+0x10c/0x1c0 [ 13.824272] __kasan_check_write+0x18/0x20 [ 13.824291] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.824320] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.824350] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.824378] ? trace_hardirqs_on+0x37/0xe0 [ 13.824401] ? kasan_bitops_generic+0x92/0x1c0 [ 13.824429] kasan_bitops_generic+0x116/0x1c0 [ 13.824454] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.824479] ? __pfx_read_tsc+0x10/0x10 [ 13.824501] ? ktime_get_ts64+0x86/0x230 [ 13.824525] kunit_try_run_case+0x1a5/0x480 [ 13.824550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.824573] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.824600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.824626] ? __kthread_parkme+0x82/0x180 [ 13.824750] ? preempt_count_sub+0x50/0x80 [ 13.824782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.824808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.824832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.824858] kthread+0x337/0x6f0 [ 13.824877] ? trace_preempt_on+0x20/0xc0 [ 13.824899] ? __pfx_kthread+0x10/0x10 [ 13.824919] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.824942] ? calculate_sigpending+0x7b/0xa0 [ 13.824967] ? __pfx_kthread+0x10/0x10 [ 13.824987] ret_from_fork+0x116/0x1d0 [ 13.825007] ? __pfx_kthread+0x10/0x10 [ 13.825039] ret_from_fork_asm+0x1a/0x30 [ 13.825070] </TASK> [ 13.825081] [ 13.833273] Allocated by task 278: [ 13.833459] kasan_save_stack+0x45/0x70 [ 13.833742] kasan_save_track+0x18/0x40 [ 13.833949] kasan_save_alloc_info+0x3b/0x50 [ 13.834184] __kasan_kmalloc+0xb7/0xc0 [ 13.834366] __kmalloc_cache_noprof+0x189/0x420 [ 13.834574] kasan_bitops_generic+0x92/0x1c0 [ 13.834891] kunit_try_run_case+0x1a5/0x480 [ 13.835085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.835326] kthread+0x337/0x6f0 [ 13.835482] ret_from_fork+0x116/0x1d0 [ 13.835685] ret_from_fork_asm+0x1a/0x30 [ 13.835862] [ 13.835941] The buggy address belongs to the object at ffff88810191e8e0 [ 13.835941] which belongs to the cache kmalloc-16 of size 16 [ 13.836434] The buggy address is located 8 bytes inside of [ 13.836434] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.837094] [ 13.837196] The buggy address belongs to the physical page: [ 13.837422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.837674] flags: 0x200000000000000(node=0|zone=2) [ 13.837840] page_type: f5(slab) [ 13.837961] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.838206] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.838551] page dumped because: kasan: bad access detected [ 13.838919] [ 13.839032] Memory state around the buggy address: [ 13.839259] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.839485] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.839922] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.840279] ^ [ 13.840548] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.841003] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.841500] ================================================================== [ 13.730223] ================================================================== [ 13.730578] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.730978] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.731267] [ 13.731388] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.731440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.731453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.731482] Call Trace: [ 13.731500] <TASK> [ 13.731518] dump_stack_lvl+0x73/0xb0 [ 13.731547] print_report+0xd1/0x650 [ 13.731569] ? __virt_addr_valid+0x1db/0x2d0 [ 13.731594] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.731621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.731644] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.731672] kasan_report+0x141/0x180 [ 13.731693] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.731725] kasan_check_range+0x10c/0x1c0 [ 13.731748] __kasan_check_write+0x18/0x20 [ 13.731767] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.731795] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.731822] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.731848] ? trace_hardirqs_on+0x37/0xe0 [ 13.731873] ? kasan_bitops_generic+0x92/0x1c0 [ 13.731901] kasan_bitops_generic+0x116/0x1c0 [ 13.731937] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.731963] ? __pfx_read_tsc+0x10/0x10 [ 13.731989] ? ktime_get_ts64+0x86/0x230 [ 13.732017] kunit_try_run_case+0x1a5/0x480 [ 13.732053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.732077] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.732102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.732126] ? __kthread_parkme+0x82/0x180 [ 13.732152] ? preempt_count_sub+0x50/0x80 [ 13.732177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.732202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.732227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.732254] kthread+0x337/0x6f0 [ 13.732274] ? trace_preempt_on+0x20/0xc0 [ 13.732296] ? __pfx_kthread+0x10/0x10 [ 13.732317] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.732338] ? calculate_sigpending+0x7b/0xa0 [ 13.732363] ? __pfx_kthread+0x10/0x10 [ 13.732385] ret_from_fork+0x116/0x1d0 [ 13.732403] ? __pfx_kthread+0x10/0x10 [ 13.732424] ret_from_fork_asm+0x1a/0x30 [ 13.732455] </TASK> [ 13.732467] [ 13.741435] Allocated by task 278: [ 13.741572] kasan_save_stack+0x45/0x70 [ 13.741772] kasan_save_track+0x18/0x40 [ 13.741964] kasan_save_alloc_info+0x3b/0x50 [ 13.742564] __kasan_kmalloc+0xb7/0xc0 [ 13.743054] __kmalloc_cache_noprof+0x189/0x420 [ 13.743224] kasan_bitops_generic+0x92/0x1c0 [ 13.743397] kunit_try_run_case+0x1a5/0x480 [ 13.743605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.743895] kthread+0x337/0x6f0 [ 13.744067] ret_from_fork+0x116/0x1d0 [ 13.744240] ret_from_fork_asm+0x1a/0x30 [ 13.744408] [ 13.744501] The buggy address belongs to the object at ffff88810191e8e0 [ 13.744501] which belongs to the cache kmalloc-16 of size 16 [ 13.745035] The buggy address is located 8 bytes inside of [ 13.745035] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.745534] [ 13.745631] The buggy address belongs to the physical page: [ 13.746035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.746306] flags: 0x200000000000000(node=0|zone=2) [ 13.746476] page_type: f5(slab) [ 13.746598] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.747051] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.747387] page dumped because: kasan: bad access detected [ 13.747880] [ 13.747979] Memory state around the buggy address: [ 13.748171] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.748406] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.748726] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.749160] ^ [ 13.749445] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.749740] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.750260] ================================================================== [ 13.688856] ================================================================== [ 13.689453] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.690160] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.690488] [ 13.690606] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.690707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.690721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.690749] Call Trace: [ 13.690768] <TASK> [ 13.690784] dump_stack_lvl+0x73/0xb0 [ 13.690813] print_report+0xd1/0x650 [ 13.690836] ? __virt_addr_valid+0x1db/0x2d0 [ 13.690861] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.690887] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.690912] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.690939] kasan_report+0x141/0x180 [ 13.690961] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.690993] kasan_check_range+0x10c/0x1c0 [ 13.691017] __kasan_check_write+0x18/0x20 [ 13.691048] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.691075] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.691104] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.691130] ? trace_hardirqs_on+0x37/0xe0 [ 13.691154] ? kasan_bitops_generic+0x92/0x1c0 [ 13.691182] kasan_bitops_generic+0x116/0x1c0 [ 13.691206] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.691232] ? __pfx_read_tsc+0x10/0x10 [ 13.691254] ? ktime_get_ts64+0x86/0x230 [ 13.691280] kunit_try_run_case+0x1a5/0x480 [ 13.691304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.691327] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.691352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.691376] ? __kthread_parkme+0x82/0x180 [ 13.691397] ? preempt_count_sub+0x50/0x80 [ 13.691422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.691446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.691470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.691495] kthread+0x337/0x6f0 [ 13.691515] ? trace_preempt_on+0x20/0xc0 [ 13.691538] ? __pfx_kthread+0x10/0x10 [ 13.691559] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.691580] ? calculate_sigpending+0x7b/0xa0 [ 13.691605] ? __pfx_kthread+0x10/0x10 [ 13.691627] ret_from_fork+0x116/0x1d0 [ 13.691645] ? __pfx_kthread+0x10/0x10 [ 13.691666] ret_from_fork_asm+0x1a/0x30 [ 13.691697] </TASK> [ 13.691709] [ 13.700229] Allocated by task 278: [ 13.700366] kasan_save_stack+0x45/0x70 [ 13.700514] kasan_save_track+0x18/0x40 [ 13.701188] kasan_save_alloc_info+0x3b/0x50 [ 13.701432] __kasan_kmalloc+0xb7/0xc0 [ 13.701622] __kmalloc_cache_noprof+0x189/0x420 [ 13.702355] kasan_bitops_generic+0x92/0x1c0 [ 13.702573] kunit_try_run_case+0x1a5/0x480 [ 13.703062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.703493] kthread+0x337/0x6f0 [ 13.703815] ret_from_fork+0x116/0x1d0 [ 13.704219] ret_from_fork_asm+0x1a/0x30 [ 13.704480] [ 13.704707] The buggy address belongs to the object at ffff88810191e8e0 [ 13.704707] which belongs to the cache kmalloc-16 of size 16 [ 13.705436] The buggy address is located 8 bytes inside of [ 13.705436] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.705873] [ 13.705975] The buggy address belongs to the physical page: [ 13.706244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.706583] flags: 0x200000000000000(node=0|zone=2) [ 13.706867] page_type: f5(slab) [ 13.707061] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.707345] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.707663] page dumped because: kasan: bad access detected [ 13.707959] [ 13.708062] Memory state around the buggy address: [ 13.708228] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.708550] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.708869] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.709140] ^ [ 13.709435] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.709741] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.710033] ================================================================== [ 13.751791] ================================================================== [ 13.752089] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.752414] Write of size 8 at addr ffff88810191e8e8 by task kunit_try_catch/278 [ 13.753063] [ 13.753194] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.753247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.753260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.753288] Call Trace: [ 13.753307] <TASK> [ 13.753325] dump_stack_lvl+0x73/0xb0 [ 13.753354] print_report+0xd1/0x650 [ 13.753377] ? __virt_addr_valid+0x1db/0x2d0 [ 13.753401] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.753428] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.753453] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.753480] kasan_report+0x141/0x180 [ 13.753503] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.753534] kasan_check_range+0x10c/0x1c0 [ 13.753558] __kasan_check_write+0x18/0x20 [ 13.753578] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.753606] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.753634] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.753848] ? trace_hardirqs_on+0x37/0xe0 [ 13.753881] ? kasan_bitops_generic+0x92/0x1c0 [ 13.753909] kasan_bitops_generic+0x116/0x1c0 [ 13.753935] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.753962] ? __pfx_read_tsc+0x10/0x10 [ 13.753984] ? ktime_get_ts64+0x86/0x230 [ 13.754008] kunit_try_run_case+0x1a5/0x480 [ 13.754047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.754070] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.754096] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.754120] ? __kthread_parkme+0x82/0x180 [ 13.754142] ? preempt_count_sub+0x50/0x80 [ 13.754166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.754191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.754215] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.754240] kthread+0x337/0x6f0 [ 13.754259] ? trace_preempt_on+0x20/0xc0 [ 13.754282] ? __pfx_kthread+0x10/0x10 [ 13.754302] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.754324] ? calculate_sigpending+0x7b/0xa0 [ 13.754349] ? __pfx_kthread+0x10/0x10 [ 13.754370] ret_from_fork+0x116/0x1d0 [ 13.754389] ? __pfx_kthread+0x10/0x10 [ 13.754410] ret_from_fork_asm+0x1a/0x30 [ 13.754441] </TASK> [ 13.754453] [ 13.762748] Allocated by task 278: [ 13.762928] kasan_save_stack+0x45/0x70 [ 13.764269] kasan_save_track+0x18/0x40 [ 13.764852] kasan_save_alloc_info+0x3b/0x50 [ 13.765101] __kasan_kmalloc+0xb7/0xc0 [ 13.765285] __kmalloc_cache_noprof+0x189/0x420 [ 13.765491] kasan_bitops_generic+0x92/0x1c0 [ 13.766117] kunit_try_run_case+0x1a5/0x480 [ 13.766401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.767098] kthread+0x337/0x6f0 [ 13.767332] ret_from_fork+0x116/0x1d0 [ 13.768095] ret_from_fork_asm+0x1a/0x30 [ 13.768506] [ 13.768600] The buggy address belongs to the object at ffff88810191e8e0 [ 13.768600] which belongs to the cache kmalloc-16 of size 16 [ 13.769542] The buggy address is located 8 bytes inside of [ 13.769542] allocated 9-byte region [ffff88810191e8e0, ffff88810191e8e9) [ 13.770836] [ 13.770945] The buggy address belongs to the physical page: [ 13.771198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 13.771462] flags: 0x200000000000000(node=0|zone=2) [ 13.771916] page_type: f5(slab) [ 13.772148] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.772449] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.772876] page dumped because: kasan: bad access detected [ 13.773096] [ 13.773194] Memory state around the buggy address: [ 13.773424] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.773754] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.774041] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.774356] ^ [ 13.774637] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.774912] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.775210] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 13.642559] ================================================================== [ 13.643082] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 13.643302] Read of size 1 at addr ffff8881033c1910 by task kunit_try_catch/276 [ 13.643523] [ 13.643615] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.643717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.643732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.643753] Call Trace: [ 13.643772] <TASK> [ 13.643791] dump_stack_lvl+0x73/0xb0 [ 13.643819] print_report+0xd1/0x650 [ 13.643841] ? __virt_addr_valid+0x1db/0x2d0 [ 13.643866] ? strnlen+0x73/0x80 [ 13.643883] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.643905] ? strnlen+0x73/0x80 [ 13.643922] kasan_report+0x141/0x180 [ 13.643943] ? strnlen+0x73/0x80 [ 13.643964] __asan_report_load1_noabort+0x18/0x20 [ 13.643988] strnlen+0x73/0x80 [ 13.644005] kasan_strings+0x615/0xe80 [ 13.644038] ? trace_hardirqs_on+0x37/0xe0 [ 13.644061] ? __pfx_kasan_strings+0x10/0x10 [ 13.644081] ? finish_task_switch.isra.0+0x153/0x700 [ 13.644102] ? __switch_to+0x47/0xf50 [ 13.644128] ? __schedule+0x10cc/0x2b60 [ 13.644155] ? __pfx_read_tsc+0x10/0x10 [ 13.644176] ? ktime_get_ts64+0x86/0x230 [ 13.644199] kunit_try_run_case+0x1a5/0x480 [ 13.644223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.644244] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.644267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.644289] ? __kthread_parkme+0x82/0x180 [ 13.644311] ? preempt_count_sub+0x50/0x80 [ 13.644334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.644357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.644379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.644401] kthread+0x337/0x6f0 [ 13.644420] ? trace_preempt_on+0x20/0xc0 [ 13.644441] ? __pfx_kthread+0x10/0x10 [ 13.644461] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.644481] ? calculate_sigpending+0x7b/0xa0 [ 13.644505] ? __pfx_kthread+0x10/0x10 [ 13.644526] ret_from_fork+0x116/0x1d0 [ 13.644543] ? __pfx_kthread+0x10/0x10 [ 13.644563] ret_from_fork_asm+0x1a/0x30 [ 13.644594] </TASK> [ 13.644605] [ 13.652803] Allocated by task 276: [ 13.652987] kasan_save_stack+0x45/0x70 [ 13.653189] kasan_save_track+0x18/0x40 [ 13.653378] kasan_save_alloc_info+0x3b/0x50 [ 13.653573] __kasan_kmalloc+0xb7/0xc0 [ 13.653798] __kmalloc_cache_noprof+0x189/0x420 [ 13.654013] kasan_strings+0xc0/0xe80 [ 13.654343] kunit_try_run_case+0x1a5/0x480 [ 13.654488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.654660] kthread+0x337/0x6f0 [ 13.654825] ret_from_fork+0x116/0x1d0 [ 13.655140] ret_from_fork_asm+0x1a/0x30 [ 13.655339] [ 13.655506] Freed by task 276: [ 13.655740] kasan_save_stack+0x45/0x70 [ 13.656117] kasan_save_track+0x18/0x40 [ 13.656265] kasan_save_free_info+0x3f/0x60 [ 13.656468] __kasan_slab_free+0x56/0x70 [ 13.656666] kfree+0x222/0x3f0 [ 13.656961] kasan_strings+0x2aa/0xe80 [ 13.657186] kunit_try_run_case+0x1a5/0x480 [ 13.657329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.657549] kthread+0x337/0x6f0 [ 13.657894] ret_from_fork+0x116/0x1d0 [ 13.658229] ret_from_fork_asm+0x1a/0x30 [ 13.658447] [ 13.658534] The buggy address belongs to the object at ffff8881033c1900 [ 13.658534] which belongs to the cache kmalloc-32 of size 32 [ 13.659039] The buggy address is located 16 bytes inside of [ 13.659039] freed 32-byte region [ffff8881033c1900, ffff8881033c1920) [ 13.659588] [ 13.659763] The buggy address belongs to the physical page: [ 13.659959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c1 [ 13.660314] flags: 0x200000000000000(node=0|zone=2) [ 13.660588] page_type: f5(slab) [ 13.660991] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.661471] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.661829] page dumped because: kasan: bad access detected [ 13.662137] [ 13.662230] Memory state around the buggy address: [ 13.662533] ffff8881033c1800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.662829] ffff8881033c1880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.663048] >ffff8881033c1900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.663251] ^ [ 13.663487] ffff8881033c1980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.664080] ffff8881033c1a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.664444] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 13.612459] ================================================================== [ 13.613267] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 13.613736] Read of size 1 at addr ffff8881033c1910 by task kunit_try_catch/276 [ 13.614080] [ 13.614197] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.614241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.614254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.614276] Call Trace: [ 13.614293] <TASK> [ 13.614309] dump_stack_lvl+0x73/0xb0 [ 13.614338] print_report+0xd1/0x650 [ 13.614361] ? __virt_addr_valid+0x1db/0x2d0 [ 13.614384] ? strlen+0x8f/0xb0 [ 13.614402] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.614425] ? strlen+0x8f/0xb0 [ 13.614443] kasan_report+0x141/0x180 [ 13.614464] ? strlen+0x8f/0xb0 [ 13.614485] __asan_report_load1_noabort+0x18/0x20 [ 13.614508] strlen+0x8f/0xb0 [ 13.614526] kasan_strings+0x57b/0xe80 [ 13.614544] ? trace_hardirqs_on+0x37/0xe0 [ 13.614568] ? __pfx_kasan_strings+0x10/0x10 [ 13.614587] ? finish_task_switch.isra.0+0x153/0x700 [ 13.614609] ? __switch_to+0x47/0xf50 [ 13.614635] ? __schedule+0x10cc/0x2b60 [ 13.614658] ? __pfx_read_tsc+0x10/0x10 [ 13.614678] ? ktime_get_ts64+0x86/0x230 [ 13.614701] kunit_try_run_case+0x1a5/0x480 [ 13.614725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.614746] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.614769] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.614791] ? __kthread_parkme+0x82/0x180 [ 13.614811] ? preempt_count_sub+0x50/0x80 [ 13.614832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.614855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.614877] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.614900] kthread+0x337/0x6f0 [ 13.614919] ? trace_preempt_on+0x20/0xc0 [ 13.614939] ? __pfx_kthread+0x10/0x10 [ 13.614959] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.614979] ? calculate_sigpending+0x7b/0xa0 [ 13.615003] ? __pfx_kthread+0x10/0x10 [ 13.615035] ret_from_fork+0x116/0x1d0 [ 13.615053] ? __pfx_kthread+0x10/0x10 [ 13.615073] ret_from_fork_asm+0x1a/0x30 [ 13.615103] </TASK> [ 13.615115] [ 13.625136] Allocated by task 276: [ 13.625339] kasan_save_stack+0x45/0x70 [ 13.625539] kasan_save_track+0x18/0x40 [ 13.626071] kasan_save_alloc_info+0x3b/0x50 [ 13.626334] __kasan_kmalloc+0xb7/0xc0 [ 13.626511] __kmalloc_cache_noprof+0x189/0x420 [ 13.627348] kasan_strings+0xc0/0xe80 [ 13.627608] kunit_try_run_case+0x1a5/0x480 [ 13.627982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.628240] kthread+0x337/0x6f0 [ 13.628398] ret_from_fork+0x116/0x1d0 [ 13.628568] ret_from_fork_asm+0x1a/0x30 [ 13.629190] [ 13.629276] Freed by task 276: [ 13.629547] kasan_save_stack+0x45/0x70 [ 13.630037] kasan_save_track+0x18/0x40 [ 13.630324] kasan_save_free_info+0x3f/0x60 [ 13.630774] __kasan_slab_free+0x56/0x70 [ 13.631101] kfree+0x222/0x3f0 [ 13.631269] kasan_strings+0x2aa/0xe80 [ 13.631445] kunit_try_run_case+0x1a5/0x480 [ 13.632086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.632434] kthread+0x337/0x6f0 [ 13.632599] ret_from_fork+0x116/0x1d0 [ 13.633126] ret_from_fork_asm+0x1a/0x30 [ 13.633362] [ 13.633454] The buggy address belongs to the object at ffff8881033c1900 [ 13.633454] which belongs to the cache kmalloc-32 of size 32 [ 13.634132] The buggy address is located 16 bytes inside of [ 13.634132] freed 32-byte region [ffff8881033c1900, ffff8881033c1920) [ 13.634608] [ 13.635170] The buggy address belongs to the physical page: [ 13.635480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c1 [ 13.636002] flags: 0x200000000000000(node=0|zone=2) [ 13.636246] page_type: f5(slab) [ 13.636408] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.637139] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.637631] page dumped because: kasan: bad access detected [ 13.638286] [ 13.638525] Memory state around the buggy address: [ 13.639165] ffff8881033c1800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.639480] ffff8881033c1880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.640192] >ffff8881033c1900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.640699] ^ [ 13.640883] ffff8881033c1980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.641187] ffff8881033c1a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.641474] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 13.591381] ================================================================== [ 13.591751] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 13.592209] Read of size 1 at addr ffff8881033c1910 by task kunit_try_catch/276 [ 13.592752] [ 13.592851] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.592896] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.592908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.592929] Call Trace: [ 13.592942] <TASK> [ 13.592961] dump_stack_lvl+0x73/0xb0 [ 13.592990] print_report+0xd1/0x650 [ 13.593013] ? __virt_addr_valid+0x1db/0x2d0 [ 13.593048] ? kasan_strings+0xcbc/0xe80 [ 13.593067] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.593089] ? kasan_strings+0xcbc/0xe80 [ 13.593109] kasan_report+0x141/0x180 [ 13.593130] ? kasan_strings+0xcbc/0xe80 [ 13.593155] __asan_report_load1_noabort+0x18/0x20 [ 13.593178] kasan_strings+0xcbc/0xe80 [ 13.593198] ? trace_hardirqs_on+0x37/0xe0 [ 13.593222] ? __pfx_kasan_strings+0x10/0x10 [ 13.593241] ? finish_task_switch.isra.0+0x153/0x700 [ 13.593262] ? __switch_to+0x47/0xf50 [ 13.593288] ? __schedule+0x10cc/0x2b60 [ 13.593311] ? __pfx_read_tsc+0x10/0x10 [ 13.593334] ? ktime_get_ts64+0x86/0x230 [ 13.593358] kunit_try_run_case+0x1a5/0x480 [ 13.593383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.593404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.593427] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.593449] ? __kthread_parkme+0x82/0x180 [ 13.593469] ? preempt_count_sub+0x50/0x80 [ 13.593491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.593514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.593536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.593559] kthread+0x337/0x6f0 [ 13.593577] ? trace_preempt_on+0x20/0xc0 [ 13.593598] ? __pfx_kthread+0x10/0x10 [ 13.593618] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.593638] ? calculate_sigpending+0x7b/0xa0 [ 13.593661] ? __pfx_kthread+0x10/0x10 [ 13.593682] ret_from_fork+0x116/0x1d0 [ 13.593700] ? __pfx_kthread+0x10/0x10 [ 13.593720] ret_from_fork_asm+0x1a/0x30 [ 13.593749] </TASK> [ 13.593760] [ 13.601632] Allocated by task 276: [ 13.601798] kasan_save_stack+0x45/0x70 [ 13.601991] kasan_save_track+0x18/0x40 [ 13.602159] kasan_save_alloc_info+0x3b/0x50 [ 13.602362] __kasan_kmalloc+0xb7/0xc0 [ 13.602807] __kmalloc_cache_noprof+0x189/0x420 [ 13.603052] kasan_strings+0xc0/0xe80 [ 13.603201] kunit_try_run_case+0x1a5/0x480 [ 13.603409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.603619] kthread+0x337/0x6f0 [ 13.603863] ret_from_fork+0x116/0x1d0 [ 13.604051] ret_from_fork_asm+0x1a/0x30 [ 13.604220] [ 13.604289] Freed by task 276: [ 13.604402] kasan_save_stack+0x45/0x70 [ 13.604594] kasan_save_track+0x18/0x40 [ 13.604787] kasan_save_free_info+0x3f/0x60 [ 13.605001] __kasan_slab_free+0x56/0x70 [ 13.605143] kfree+0x222/0x3f0 [ 13.605487] kasan_strings+0x2aa/0xe80 [ 13.605720] kunit_try_run_case+0x1a5/0x480 [ 13.605926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.606164] kthread+0x337/0x6f0 [ 13.606318] ret_from_fork+0x116/0x1d0 [ 13.606479] ret_from_fork_asm+0x1a/0x30 [ 13.606656] [ 13.606747] The buggy address belongs to the object at ffff8881033c1900 [ 13.606747] which belongs to the cache kmalloc-32 of size 32 [ 13.607249] The buggy address is located 16 bytes inside of [ 13.607249] freed 32-byte region [ffff8881033c1900, ffff8881033c1920) [ 13.607803] [ 13.608091] The buggy address belongs to the physical page: [ 13.608295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c1 [ 13.608709] flags: 0x200000000000000(node=0|zone=2) [ 13.608916] page_type: f5(slab) [ 13.609074] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.609409] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.609782] page dumped because: kasan: bad access detected [ 13.610002] [ 13.610083] Memory state around the buggy address: [ 13.610238] ffff8881033c1800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.610452] ffff8881033c1880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.610682] >ffff8881033c1900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.611046] ^ [ 13.611228] ffff8881033c1980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.611554] ffff8881033c1a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.611978] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 13.561844] ================================================================== [ 13.564079] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 13.564553] Read of size 1 at addr ffff8881033c1910 by task kunit_try_catch/276 [ 13.564831] [ 13.565006] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.565067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.565079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.565102] Call Trace: [ 13.565116] <TASK> [ 13.565137] dump_stack_lvl+0x73/0xb0 [ 13.565165] print_report+0xd1/0x650 [ 13.565189] ? __virt_addr_valid+0x1db/0x2d0 [ 13.565214] ? strcmp+0xb0/0xc0 [ 13.565234] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.565256] ? strcmp+0xb0/0xc0 [ 13.565276] kasan_report+0x141/0x180 [ 13.565297] ? strcmp+0xb0/0xc0 [ 13.565323] __asan_report_load1_noabort+0x18/0x20 [ 13.565346] strcmp+0xb0/0xc0 [ 13.565367] kasan_strings+0x431/0xe80 [ 13.565386] ? trace_hardirqs_on+0x37/0xe0 [ 13.565409] ? __pfx_kasan_strings+0x10/0x10 [ 13.565429] ? finish_task_switch.isra.0+0x153/0x700 [ 13.565450] ? __switch_to+0x47/0xf50 [ 13.565477] ? __schedule+0x10cc/0x2b60 [ 13.565499] ? __pfx_read_tsc+0x10/0x10 [ 13.565520] ? ktime_get_ts64+0x86/0x230 [ 13.565544] kunit_try_run_case+0x1a5/0x480 [ 13.565569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.565590] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.565612] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.565635] ? __kthread_parkme+0x82/0x180 [ 13.565686] ? preempt_count_sub+0x50/0x80 [ 13.565708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.565731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.565768] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.565953] kthread+0x337/0x6f0 [ 13.565979] ? trace_preempt_on+0x20/0xc0 [ 13.566001] ? __pfx_kthread+0x10/0x10 [ 13.566034] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.566055] ? calculate_sigpending+0x7b/0xa0 [ 13.566079] ? __pfx_kthread+0x10/0x10 [ 13.566100] ret_from_fork+0x116/0x1d0 [ 13.566118] ? __pfx_kthread+0x10/0x10 [ 13.566138] ret_from_fork_asm+0x1a/0x30 [ 13.566170] </TASK> [ 13.566183] [ 13.579130] Allocated by task 276: [ 13.579320] kasan_save_stack+0x45/0x70 [ 13.579520] kasan_save_track+0x18/0x40 [ 13.579762] kasan_save_alloc_info+0x3b/0x50 [ 13.579965] __kasan_kmalloc+0xb7/0xc0 [ 13.580161] __kmalloc_cache_noprof+0x189/0x420 [ 13.580369] kasan_strings+0xc0/0xe80 [ 13.580540] kunit_try_run_case+0x1a5/0x480 [ 13.581179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.581389] kthread+0x337/0x6f0 [ 13.581540] ret_from_fork+0x116/0x1d0 [ 13.581871] ret_from_fork_asm+0x1a/0x30 [ 13.582079] [ 13.582180] Freed by task 276: [ 13.582337] kasan_save_stack+0x45/0x70 [ 13.582519] kasan_save_track+0x18/0x40 [ 13.582959] kasan_save_free_info+0x3f/0x60 [ 13.583179] __kasan_slab_free+0x56/0x70 [ 13.583364] kfree+0x222/0x3f0 [ 13.583520] kasan_strings+0x2aa/0xe80 [ 13.583762] kunit_try_run_case+0x1a5/0x480 [ 13.583961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.584206] kthread+0x337/0x6f0 [ 13.584360] ret_from_fork+0x116/0x1d0 [ 13.584530] ret_from_fork_asm+0x1a/0x30 [ 13.584826] [ 13.584920] The buggy address belongs to the object at ffff8881033c1900 [ 13.584920] which belongs to the cache kmalloc-32 of size 32 [ 13.585403] The buggy address is located 16 bytes inside of [ 13.585403] freed 32-byte region [ffff8881033c1900, ffff8881033c1920) [ 13.585915] [ 13.586006] The buggy address belongs to the physical page: [ 13.586246] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c1 [ 13.586564] flags: 0x200000000000000(node=0|zone=2) [ 13.586838] page_type: f5(slab) [ 13.586999] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.587315] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.587614] page dumped because: kasan: bad access detected [ 13.588978] [ 13.589072] Memory state around the buggy address: [ 13.589234] ffff8881033c1800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.589449] ffff8881033c1880: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.589784] >ffff8881033c1900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.590009] ^ [ 13.590150] ffff8881033c1980: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.590440] ffff8881033c1a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.590666] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 13.522583] ================================================================== [ 13.523489] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 13.524301] Read of size 1 at addr ffff8881027e5058 by task kunit_try_catch/274 [ 13.524643] [ 13.524746] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.524796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.524808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.524831] Call Trace: [ 13.524845] <TASK> [ 13.524864] dump_stack_lvl+0x73/0xb0 [ 13.524934] print_report+0xd1/0x650 [ 13.524964] ? __virt_addr_valid+0x1db/0x2d0 [ 13.524989] ? memcmp+0x1b4/0x1d0 [ 13.525007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.525041] ? memcmp+0x1b4/0x1d0 [ 13.525059] kasan_report+0x141/0x180 [ 13.525080] ? memcmp+0x1b4/0x1d0 [ 13.525101] __asan_report_load1_noabort+0x18/0x20 [ 13.525154] memcmp+0x1b4/0x1d0 [ 13.525198] kasan_memcmp+0x18f/0x390 [ 13.525219] ? trace_hardirqs_on+0x37/0xe0 [ 13.525244] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.525264] ? finish_task_switch.isra.0+0x153/0x700 [ 13.525287] ? __switch_to+0x47/0xf50 [ 13.525315] ? __pfx_read_tsc+0x10/0x10 [ 13.525337] ? ktime_get_ts64+0x86/0x230 [ 13.525361] kunit_try_run_case+0x1a5/0x480 [ 13.525386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.525408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.525431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.525453] ? __kthread_parkme+0x82/0x180 [ 13.525474] ? preempt_count_sub+0x50/0x80 [ 13.525495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.525519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.525540] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.525562] kthread+0x337/0x6f0 [ 13.525581] ? trace_preempt_on+0x20/0xc0 [ 13.525601] ? __pfx_kthread+0x10/0x10 [ 13.525621] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.525809] ? calculate_sigpending+0x7b/0xa0 [ 13.525843] ? __pfx_kthread+0x10/0x10 [ 13.525865] ret_from_fork+0x116/0x1d0 [ 13.525885] ? __pfx_kthread+0x10/0x10 [ 13.525907] ret_from_fork_asm+0x1a/0x30 [ 13.525937] </TASK> [ 13.525950] [ 13.540591] Allocated by task 274: [ 13.540978] kasan_save_stack+0x45/0x70 [ 13.541483] kasan_save_track+0x18/0x40 [ 13.541623] kasan_save_alloc_info+0x3b/0x50 [ 13.542277] __kasan_kmalloc+0xb7/0xc0 [ 13.542687] __kmalloc_cache_noprof+0x189/0x420 [ 13.543247] kasan_memcmp+0xb7/0x390 [ 13.543692] kunit_try_run_case+0x1a5/0x480 [ 13.543889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.544450] kthread+0x337/0x6f0 [ 13.544829] ret_from_fork+0x116/0x1d0 [ 13.545155] ret_from_fork_asm+0x1a/0x30 [ 13.545297] [ 13.545370] The buggy address belongs to the object at ffff8881027e5040 [ 13.545370] which belongs to the cache kmalloc-32 of size 32 [ 13.545879] The buggy address is located 0 bytes to the right of [ 13.545879] allocated 24-byte region [ffff8881027e5040, ffff8881027e5058) [ 13.547195] [ 13.547364] The buggy address belongs to the physical page: [ 13.547930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e5 [ 13.548633] flags: 0x200000000000000(node=0|zone=2) [ 13.549156] page_type: f5(slab) [ 13.549469] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.549928] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.550624] page dumped because: kasan: bad access detected [ 13.551046] [ 13.551124] Memory state around the buggy address: [ 13.551283] ffff8881027e4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.551500] ffff8881027e4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.551847] >ffff8881027e5000: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.552580] ^ [ 13.553221] ffff8881027e5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.553446] ffff8881027e5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.553676] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 11.659377] ================================================================== [ 11.660266] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 11.661074] Write of size 2 at addr ffff8881027c2877 by task kunit_try_catch/189 [ 11.661348] [ 11.661470] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.661517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.661565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.661586] Call Trace: [ 11.661599] <TASK> [ 11.661620] dump_stack_lvl+0x73/0xb0 [ 11.661659] print_report+0xd1/0x650 [ 11.661681] ? __virt_addr_valid+0x1db/0x2d0 [ 11.661705] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.661725] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.661745] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.661830] kasan_report+0x141/0x180 [ 11.661855] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.661916] kasan_check_range+0x10c/0x1c0 [ 11.661966] __asan_memset+0x27/0x50 [ 11.661985] kmalloc_oob_memset_2+0x166/0x330 [ 11.662006] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.662038] ? __schedule+0x10cc/0x2b60 [ 11.662060] ? __pfx_read_tsc+0x10/0x10 [ 11.662081] ? ktime_get_ts64+0x86/0x230 [ 11.662106] kunit_try_run_case+0x1a5/0x480 [ 11.662129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.662150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.662172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.662193] ? __kthread_parkme+0x82/0x180 [ 11.662213] ? preempt_count_sub+0x50/0x80 [ 11.662235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.662257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.662279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.662300] kthread+0x337/0x6f0 [ 11.662318] ? trace_preempt_on+0x20/0xc0 [ 11.662341] ? __pfx_kthread+0x10/0x10 [ 11.662360] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.662379] ? calculate_sigpending+0x7b/0xa0 [ 11.662402] ? __pfx_kthread+0x10/0x10 [ 11.662421] ret_from_fork+0x116/0x1d0 [ 11.662438] ? __pfx_kthread+0x10/0x10 [ 11.662457] ret_from_fork_asm+0x1a/0x30 [ 11.662487] </TASK> [ 11.662498] [ 11.673321] Allocated by task 189: [ 11.673492] kasan_save_stack+0x45/0x70 [ 11.674088] kasan_save_track+0x18/0x40 [ 11.674487] kasan_save_alloc_info+0x3b/0x50 [ 11.674880] __kasan_kmalloc+0xb7/0xc0 [ 11.675072] __kmalloc_cache_noprof+0x189/0x420 [ 11.675276] kmalloc_oob_memset_2+0xac/0x330 [ 11.675465] kunit_try_run_case+0x1a5/0x480 [ 11.675858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.676113] kthread+0x337/0x6f0 [ 11.676274] ret_from_fork+0x116/0x1d0 [ 11.676447] ret_from_fork_asm+0x1a/0x30 [ 11.676626] [ 11.677191] The buggy address belongs to the object at ffff8881027c2800 [ 11.677191] which belongs to the cache kmalloc-128 of size 128 [ 11.678076] The buggy address is located 119 bytes inside of [ 11.678076] allocated 120-byte region [ffff8881027c2800, ffff8881027c2878) [ 11.678578] [ 11.678715] The buggy address belongs to the physical page: [ 11.678944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027c2 [ 11.679276] flags: 0x200000000000000(node=0|zone=2) [ 11.679489] page_type: f5(slab) [ 11.679715] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.680045] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.680358] page dumped because: kasan: bad access detected [ 11.680584] [ 11.680718] Memory state around the buggy address: [ 11.680923] ffff8881027c2700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.681220] ffff8881027c2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.681504] >ffff8881027c2800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.681833] ^ [ 11.682126] ffff8881027c2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.682407] ffff8881027c2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.683463] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 11.625573] ================================================================== [ 11.626219] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 11.626469] Write of size 128 at addr ffff8881033ae000 by task kunit_try_catch/187 [ 11.626876] [ 11.627088] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.627166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.627178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.627200] Call Trace: [ 11.627212] <TASK> [ 11.627234] dump_stack_lvl+0x73/0xb0 [ 11.627265] print_report+0xd1/0x650 [ 11.627288] ? __virt_addr_valid+0x1db/0x2d0 [ 11.627312] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.627333] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.627353] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.627374] kasan_report+0x141/0x180 [ 11.627395] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.627420] kasan_check_range+0x10c/0x1c0 [ 11.627443] __asan_memset+0x27/0x50 [ 11.627461] kmalloc_oob_in_memset+0x15f/0x320 [ 11.627482] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.627503] ? __schedule+0x10cc/0x2b60 [ 11.627524] ? __pfx_read_tsc+0x10/0x10 [ 11.627545] ? ktime_get_ts64+0x86/0x230 [ 11.627569] kunit_try_run_case+0x1a5/0x480 [ 11.627592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.627612] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.627663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.627685] ? __kthread_parkme+0x82/0x180 [ 11.627716] ? preempt_count_sub+0x50/0x80 [ 11.627752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.627774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.627796] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.627819] kthread+0x337/0x6f0 [ 11.627837] ? trace_preempt_on+0x20/0xc0 [ 11.627859] ? __pfx_kthread+0x10/0x10 [ 11.627878] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.627898] ? calculate_sigpending+0x7b/0xa0 [ 11.627920] ? __pfx_kthread+0x10/0x10 [ 11.627940] ret_from_fork+0x116/0x1d0 [ 11.627958] ? __pfx_kthread+0x10/0x10 [ 11.627976] ret_from_fork_asm+0x1a/0x30 [ 11.628006] </TASK> [ 11.628018] [ 11.639846] Allocated by task 187: [ 11.640233] kasan_save_stack+0x45/0x70 [ 11.640726] kasan_save_track+0x18/0x40 [ 11.641106] kasan_save_alloc_info+0x3b/0x50 [ 11.641524] __kasan_kmalloc+0xb7/0xc0 [ 11.641955] __kmalloc_cache_noprof+0x189/0x420 [ 11.642516] kmalloc_oob_in_memset+0xac/0x320 [ 11.642965] kunit_try_run_case+0x1a5/0x480 [ 11.643371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.643984] kthread+0x337/0x6f0 [ 11.644368] ret_from_fork+0x116/0x1d0 [ 11.644764] ret_from_fork_asm+0x1a/0x30 [ 11.645220] [ 11.645411] The buggy address belongs to the object at ffff8881033ae000 [ 11.645411] which belongs to the cache kmalloc-128 of size 128 [ 11.646597] The buggy address is located 0 bytes inside of [ 11.646597] allocated 120-byte region [ffff8881033ae000, ffff8881033ae078) [ 11.647927] [ 11.648111] The buggy address belongs to the physical page: [ 11.648689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033ae [ 11.649430] flags: 0x200000000000000(node=0|zone=2) [ 11.649983] page_type: f5(slab) [ 11.650146] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.650864] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.651624] page dumped because: kasan: bad access detected [ 11.651916] [ 11.652099] Memory state around the buggy address: [ 11.652571] ffff8881033adf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.653233] ffff8881033adf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.653855] >ffff8881033ae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.654138] ^ [ 11.654807] ffff8881033ae080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.655423] ffff8881033ae100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.655650] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 11.587138] ================================================================== [ 11.587557] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 11.588267] Read of size 16 at addr ffff8881021d56c0 by task kunit_try_catch/185 [ 11.588599] [ 11.588725] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.588771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.588782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.588803] Call Trace: [ 11.588868] <TASK> [ 11.588920] dump_stack_lvl+0x73/0xb0 [ 11.588953] print_report+0xd1/0x650 [ 11.589018] ? __virt_addr_valid+0x1db/0x2d0 [ 11.589053] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.589073] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.589094] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.589113] kasan_report+0x141/0x180 [ 11.589143] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.589167] __asan_report_load16_noabort+0x18/0x20 [ 11.589191] kmalloc_uaf_16+0x47b/0x4c0 [ 11.589221] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 11.589242] ? __schedule+0x10cc/0x2b60 [ 11.589264] ? __pfx_read_tsc+0x10/0x10 [ 11.589284] ? ktime_get_ts64+0x86/0x230 [ 11.589317] kunit_try_run_case+0x1a5/0x480 [ 11.589341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.589362] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.589394] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.589415] ? __kthread_parkme+0x82/0x180 [ 11.589435] ? preempt_count_sub+0x50/0x80 [ 11.589457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.589479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.589500] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.589521] kthread+0x337/0x6f0 [ 11.589539] ? trace_preempt_on+0x20/0xc0 [ 11.589570] ? __pfx_kthread+0x10/0x10 [ 11.589589] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.589609] ? calculate_sigpending+0x7b/0xa0 [ 11.589718] ? __pfx_kthread+0x10/0x10 [ 11.589742] ret_from_fork+0x116/0x1d0 [ 11.589761] ? __pfx_kthread+0x10/0x10 [ 11.589780] ret_from_fork_asm+0x1a/0x30 [ 11.589810] </TASK> [ 11.589822] [ 11.600700] Allocated by task 185: [ 11.601058] kasan_save_stack+0x45/0x70 [ 11.601440] kasan_save_track+0x18/0x40 [ 11.601876] kasan_save_alloc_info+0x3b/0x50 [ 11.602283] __kasan_kmalloc+0xb7/0xc0 [ 11.602739] __kmalloc_cache_noprof+0x189/0x420 [ 11.603217] kmalloc_uaf_16+0x15b/0x4c0 [ 11.603578] kunit_try_run_case+0x1a5/0x480 [ 11.604089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.604577] kthread+0x337/0x6f0 [ 11.604925] ret_from_fork+0x116/0x1d0 [ 11.605199] ret_from_fork_asm+0x1a/0x30 [ 11.605342] [ 11.605412] Freed by task 185: [ 11.605524] kasan_save_stack+0x45/0x70 [ 11.605844] kasan_save_track+0x18/0x40 [ 11.606214] kasan_save_free_info+0x3f/0x60 [ 11.606615] __kasan_slab_free+0x56/0x70 [ 11.607072] kfree+0x222/0x3f0 [ 11.607379] kmalloc_uaf_16+0x1d6/0x4c0 [ 11.607829] kunit_try_run_case+0x1a5/0x480 [ 11.608235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.608458] kthread+0x337/0x6f0 [ 11.608849] ret_from_fork+0x116/0x1d0 [ 11.609117] ret_from_fork_asm+0x1a/0x30 [ 11.609257] [ 11.609327] The buggy address belongs to the object at ffff8881021d56c0 [ 11.609327] which belongs to the cache kmalloc-16 of size 16 [ 11.609870] The buggy address is located 0 bytes inside of [ 11.609870] freed 16-byte region [ffff8881021d56c0, ffff8881021d56d0) [ 11.610981] [ 11.611154] The buggy address belongs to the physical page: [ 11.611655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1021d5 [ 11.612478] flags: 0x200000000000000(node=0|zone=2) [ 11.612935] page_type: f5(slab) [ 11.613134] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.613782] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.614009] page dumped because: kasan: bad access detected [ 11.614188] [ 11.614257] Memory state around the buggy address: [ 11.614413] ffff8881021d5580: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 11.614686] ffff8881021d5600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.615320] >ffff8881021d5680: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 11.616031] ^ [ 11.616505] ffff8881021d5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.617192] ffff8881021d5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.617870] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 11.557177] ================================================================== [ 11.558365] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 11.559075] Write of size 16 at addr ffff8881021d5660 by task kunit_try_catch/183 [ 11.559780] [ 11.560019] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.560095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.560107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.560152] Call Trace: [ 11.560166] <TASK> [ 11.560186] dump_stack_lvl+0x73/0xb0 [ 11.560245] print_report+0xd1/0x650 [ 11.560267] ? __virt_addr_valid+0x1db/0x2d0 [ 11.560291] ? kmalloc_oob_16+0x452/0x4a0 [ 11.560323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.560343] ? kmalloc_oob_16+0x452/0x4a0 [ 11.560363] kasan_report+0x141/0x180 [ 11.560383] ? kmalloc_oob_16+0x452/0x4a0 [ 11.560407] __asan_report_store16_noabort+0x1b/0x30 [ 11.560427] kmalloc_oob_16+0x452/0x4a0 [ 11.560446] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 11.560467] ? __schedule+0x10cc/0x2b60 [ 11.560488] ? __pfx_read_tsc+0x10/0x10 [ 11.560510] ? ktime_get_ts64+0x86/0x230 [ 11.560534] kunit_try_run_case+0x1a5/0x480 [ 11.560559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.560579] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.560601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.560642] ? __kthread_parkme+0x82/0x180 [ 11.560663] ? preempt_count_sub+0x50/0x80 [ 11.560697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.560719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.560740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.560762] kthread+0x337/0x6f0 [ 11.560779] ? trace_preempt_on+0x20/0xc0 [ 11.560803] ? __pfx_kthread+0x10/0x10 [ 11.560822] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.560841] ? calculate_sigpending+0x7b/0xa0 [ 11.560864] ? __pfx_kthread+0x10/0x10 [ 11.560884] ret_from_fork+0x116/0x1d0 [ 11.560902] ? __pfx_kthread+0x10/0x10 [ 11.560921] ret_from_fork_asm+0x1a/0x30 [ 11.560951] </TASK> [ 11.560963] [ 11.574007] Allocated by task 183: [ 11.574170] kasan_save_stack+0x45/0x70 [ 11.574320] kasan_save_track+0x18/0x40 [ 11.574512] kasan_save_alloc_info+0x3b/0x50 [ 11.574722] __kasan_kmalloc+0xb7/0xc0 [ 11.574912] __kmalloc_cache_noprof+0x189/0x420 [ 11.575291] kmalloc_oob_16+0xa8/0x4a0 [ 11.575435] kunit_try_run_case+0x1a5/0x480 [ 11.575578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.575966] kthread+0x337/0x6f0 [ 11.576253] ret_from_fork+0x116/0x1d0 [ 11.576469] ret_from_fork_asm+0x1a/0x30 [ 11.576751] [ 11.576850] The buggy address belongs to the object at ffff8881021d5660 [ 11.576850] which belongs to the cache kmalloc-16 of size 16 [ 11.577424] The buggy address is located 0 bytes inside of [ 11.577424] allocated 13-byte region [ffff8881021d5660, ffff8881021d566d) [ 11.578106] [ 11.578200] The buggy address belongs to the physical page: [ 11.578474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1021d5 [ 11.578983] flags: 0x200000000000000(node=0|zone=2) [ 11.579264] page_type: f5(slab) [ 11.579479] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.579949] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.580327] page dumped because: kasan: bad access detected [ 11.580727] [ 11.580870] Memory state around the buggy address: [ 11.581064] ffff8881021d5500: 00 05 fc fc 00 00 fc fc 00 06 fc fc 00 06 fc fc [ 11.581434] ffff8881021d5580: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 11.581873] >ffff8881021d5600: 00 06 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 11.582189] ^ [ 11.582541] ffff8881021d5680: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.583046] ffff8881021d5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.583381] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 11.528759] ================================================================== [ 11.529098] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 11.529389] Read of size 1 at addr ffff888100ab3600 by task kunit_try_catch/181 [ 11.529901] [ 11.530047] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.530092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.530103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.530123] Call Trace: [ 11.530143] <TASK> [ 11.530161] dump_stack_lvl+0x73/0xb0 [ 11.530190] print_report+0xd1/0x650 [ 11.530212] ? __virt_addr_valid+0x1db/0x2d0 [ 11.530235] ? krealloc_uaf+0x53c/0x5e0 [ 11.530255] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.530275] ? krealloc_uaf+0x53c/0x5e0 [ 11.530295] kasan_report+0x141/0x180 [ 11.530316] ? krealloc_uaf+0x53c/0x5e0 [ 11.530340] __asan_report_load1_noabort+0x18/0x20 [ 11.530363] krealloc_uaf+0x53c/0x5e0 [ 11.530383] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.530402] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.530430] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.530454] kunit_try_run_case+0x1a5/0x480 [ 11.530477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.530497] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.530520] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.530540] ? __kthread_parkme+0x82/0x180 [ 11.530559] ? preempt_count_sub+0x50/0x80 [ 11.530582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.530603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.530624] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.530645] kthread+0x337/0x6f0 [ 11.530663] ? trace_preempt_on+0x20/0xc0 [ 11.530686] ? __pfx_kthread+0x10/0x10 [ 11.530705] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.530725] ? calculate_sigpending+0x7b/0xa0 [ 11.530747] ? __pfx_kthread+0x10/0x10 [ 11.530767] ret_from_fork+0x116/0x1d0 [ 11.530785] ? __pfx_kthread+0x10/0x10 [ 11.530804] ret_from_fork_asm+0x1a/0x30 [ 11.530834] </TASK> [ 11.530845] [ 11.538378] Allocated by task 181: [ 11.538550] kasan_save_stack+0x45/0x70 [ 11.539830] kasan_save_track+0x18/0x40 [ 11.539994] kasan_save_alloc_info+0x3b/0x50 [ 11.540164] __kasan_kmalloc+0xb7/0xc0 [ 11.540300] __kmalloc_cache_noprof+0x189/0x420 [ 11.540466] krealloc_uaf+0xbb/0x5e0 [ 11.540595] kunit_try_run_case+0x1a5/0x480 [ 11.540971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.541239] kthread+0x337/0x6f0 [ 11.541392] ret_from_fork+0x116/0x1d0 [ 11.541567] ret_from_fork_asm+0x1a/0x30 [ 11.541817] [ 11.541912] Freed by task 181: [ 11.542063] kasan_save_stack+0x45/0x70 [ 11.542234] kasan_save_track+0x18/0x40 [ 11.542405] kasan_save_free_info+0x3f/0x60 [ 11.542550] __kasan_slab_free+0x56/0x70 [ 11.542761] kfree+0x222/0x3f0 [ 11.542934] krealloc_uaf+0x13d/0x5e0 [ 11.543135] kunit_try_run_case+0x1a5/0x480 [ 11.543342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.543554] kthread+0x337/0x6f0 [ 11.543791] ret_from_fork+0x116/0x1d0 [ 11.543970] ret_from_fork_asm+0x1a/0x30 [ 11.544149] [ 11.544242] The buggy address belongs to the object at ffff888100ab3600 [ 11.544242] which belongs to the cache kmalloc-256 of size 256 [ 11.545073] The buggy address is located 0 bytes inside of [ 11.545073] freed 256-byte region [ffff888100ab3600, ffff888100ab3700) [ 11.545436] [ 11.545510] The buggy address belongs to the physical page: [ 11.545688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab2 [ 11.545936] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.546175] flags: 0x200000000000040(head|node=0|zone=2) [ 11.546438] page_type: f5(slab) [ 11.546607] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.547170] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.547517] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.547862] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.548201] head: 0200000000000001 ffffea000402ac81 00000000ffffffff 00000000ffffffff [ 11.548587] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.548938] page dumped because: kasan: bad access detected [ 11.549260] [ 11.550122] Memory state around the buggy address: [ 11.550328] ffff888100ab3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.550548] ffff888100ab3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.550771] >ffff888100ab3600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.550986] ^ [ 11.551192] ffff888100ab3680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.552273] ffff888100ab3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.552993] ================================================================== [ 11.497882] ================================================================== [ 11.498358] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 11.498644] Read of size 1 at addr ffff888100ab3600 by task kunit_try_catch/181 [ 11.498957] [ 11.499093] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.499138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.499149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.499169] Call Trace: [ 11.499181] <TASK> [ 11.499198] dump_stack_lvl+0x73/0xb0 [ 11.499460] print_report+0xd1/0x650 [ 11.499483] ? __virt_addr_valid+0x1db/0x2d0 [ 11.499508] ? krealloc_uaf+0x1b8/0x5e0 [ 11.499527] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.499548] ? krealloc_uaf+0x1b8/0x5e0 [ 11.499568] kasan_report+0x141/0x180 [ 11.499588] ? krealloc_uaf+0x1b8/0x5e0 [ 11.499611] ? krealloc_uaf+0x1b8/0x5e0 [ 11.499631] __kasan_check_byte+0x3d/0x50 [ 11.499652] krealloc_noprof+0x3f/0x340 [ 11.499673] krealloc_uaf+0x1b8/0x5e0 [ 11.499693] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.499713] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.499741] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.499765] kunit_try_run_case+0x1a5/0x480 [ 11.499789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.499810] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.499875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.499899] ? __kthread_parkme+0x82/0x180 [ 11.499919] ? preempt_count_sub+0x50/0x80 [ 11.499941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.499963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.499985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.500006] kthread+0x337/0x6f0 [ 11.500035] ? trace_preempt_on+0x20/0xc0 [ 11.500058] ? __pfx_kthread+0x10/0x10 [ 11.500077] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.500097] ? calculate_sigpending+0x7b/0xa0 [ 11.500119] ? __pfx_kthread+0x10/0x10 [ 11.500139] ret_from_fork+0x116/0x1d0 [ 11.500164] ? __pfx_kthread+0x10/0x10 [ 11.500183] ret_from_fork_asm+0x1a/0x30 [ 11.500213] </TASK> [ 11.500225] [ 11.508335] Allocated by task 181: [ 11.508513] kasan_save_stack+0x45/0x70 [ 11.509131] kasan_save_track+0x18/0x40 [ 11.509351] kasan_save_alloc_info+0x3b/0x50 [ 11.509935] __kasan_kmalloc+0xb7/0xc0 [ 11.510193] __kmalloc_cache_noprof+0x189/0x420 [ 11.510405] krealloc_uaf+0xbb/0x5e0 [ 11.510851] kunit_try_run_case+0x1a5/0x480 [ 11.511246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.511600] kthread+0x337/0x6f0 [ 11.511912] ret_from_fork+0x116/0x1d0 [ 11.512101] ret_from_fork_asm+0x1a/0x30 [ 11.512285] [ 11.512407] Freed by task 181: [ 11.512571] kasan_save_stack+0x45/0x70 [ 11.513064] kasan_save_track+0x18/0x40 [ 11.513475] kasan_save_free_info+0x3f/0x60 [ 11.513791] __kasan_slab_free+0x56/0x70 [ 11.514320] kfree+0x222/0x3f0 [ 11.514483] krealloc_uaf+0x13d/0x5e0 [ 11.514901] kunit_try_run_case+0x1a5/0x480 [ 11.515240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.515629] kthread+0x337/0x6f0 [ 11.515990] ret_from_fork+0x116/0x1d0 [ 11.516181] ret_from_fork_asm+0x1a/0x30 [ 11.516383] [ 11.516478] The buggy address belongs to the object at ffff888100ab3600 [ 11.516478] which belongs to the cache kmalloc-256 of size 256 [ 11.517613] The buggy address is located 0 bytes inside of [ 11.517613] freed 256-byte region [ffff888100ab3600, ffff888100ab3700) [ 11.518388] [ 11.518633] The buggy address belongs to the physical page: [ 11.519097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab2 [ 11.519701] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.520214] flags: 0x200000000000040(head|node=0|zone=2) [ 11.520608] page_type: f5(slab) [ 11.520917] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.521257] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.521573] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.522190] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.522901] head: 0200000000000001 ffffea000402ac81 00000000ffffffff 00000000ffffffff [ 11.523358] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.524209] page dumped because: kasan: bad access detected [ 11.524589] [ 11.524948] Memory state around the buggy address: [ 11.525158] ffff888100ab3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.525456] ffff888100ab3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.526120] >ffff888100ab3600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.526581] ^ [ 11.526903] ffff888100ab3680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.527422] ffff888100ab3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.527943] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 11.208044] ================================================================== [ 11.209047] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.209948] Write of size 1 at addr ffff888100ab34d0 by task kunit_try_catch/175 [ 11.210469] [ 11.210572] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.210615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.210627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.210708] Call Trace: [ 11.210725] <TASK> [ 11.210742] dump_stack_lvl+0x73/0xb0 [ 11.210772] print_report+0xd1/0x650 [ 11.210794] ? __virt_addr_valid+0x1db/0x2d0 [ 11.210816] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.210838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.210859] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.210881] kasan_report+0x141/0x180 [ 11.210902] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.210928] __asan_report_store1_noabort+0x1b/0x30 [ 11.210947] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.210971] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.210992] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.211020] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.211056] krealloc_less_oob+0x1c/0x30 [ 11.211076] kunit_try_run_case+0x1a5/0x480 [ 11.211099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.211120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.211143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.211166] ? __kthread_parkme+0x82/0x180 [ 11.211186] ? preempt_count_sub+0x50/0x80 [ 11.211209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.211231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.211252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.211273] kthread+0x337/0x6f0 [ 11.211292] ? trace_preempt_on+0x20/0xc0 [ 11.211314] ? __pfx_kthread+0x10/0x10 [ 11.211334] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.211353] ? calculate_sigpending+0x7b/0xa0 [ 11.211375] ? __pfx_kthread+0x10/0x10 [ 11.211395] ret_from_fork+0x116/0x1d0 [ 11.211413] ? __pfx_kthread+0x10/0x10 [ 11.211432] ret_from_fork_asm+0x1a/0x30 [ 11.211462] </TASK> [ 11.211473] [ 11.224908] Allocated by task 175: [ 11.225073] kasan_save_stack+0x45/0x70 [ 11.225232] kasan_save_track+0x18/0x40 [ 11.225368] kasan_save_alloc_info+0x3b/0x50 [ 11.225516] __kasan_krealloc+0x190/0x1f0 [ 11.225668] krealloc_noprof+0xf3/0x340 [ 11.226011] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.226426] krealloc_less_oob+0x1c/0x30 [ 11.226802] kunit_try_run_case+0x1a5/0x480 [ 11.227228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.227810] kthread+0x337/0x6f0 [ 11.228158] ret_from_fork+0x116/0x1d0 [ 11.228506] ret_from_fork_asm+0x1a/0x30 [ 11.228893] [ 11.229074] The buggy address belongs to the object at ffff888100ab3400 [ 11.229074] which belongs to the cache kmalloc-256 of size 256 [ 11.230278] The buggy address is located 7 bytes to the right of [ 11.230278] allocated 201-byte region [ffff888100ab3400, ffff888100ab34c9) [ 11.231037] [ 11.231154] The buggy address belongs to the physical page: [ 11.231616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab2 [ 11.232536] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.233202] flags: 0x200000000000040(head|node=0|zone=2) [ 11.233423] page_type: f5(slab) [ 11.233742] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.234508] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.235263] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.236009] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.236323] head: 0200000000000001 ffffea000402ac81 00000000ffffffff 00000000ffffffff [ 11.236555] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.236800] page dumped because: kasan: bad access detected [ 11.236977] [ 11.237059] Memory state around the buggy address: [ 11.237215] ffff888100ab3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.237429] ffff888100ab3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.237651] >ffff888100ab3480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.238324] ^ [ 11.239036] ffff888100ab3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.239810] ffff888100ab3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.240620] ================================================================== [ 11.457327] ================================================================== [ 11.457557] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.458040] Write of size 1 at addr ffff88810291e0ea by task kunit_try_catch/179 [ 11.458369] [ 11.458570] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.458615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.458626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.458829] Call Trace: [ 11.458850] <TASK> [ 11.458868] dump_stack_lvl+0x73/0xb0 [ 11.458900] print_report+0xd1/0x650 [ 11.458924] ? __virt_addr_valid+0x1db/0x2d0 [ 11.458947] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.458970] ? kasan_addr_to_slab+0x11/0xa0 [ 11.458989] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.459011] kasan_report+0x141/0x180 [ 11.459045] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.459072] __asan_report_store1_noabort+0x1b/0x30 [ 11.459091] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.459115] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.459137] ? finish_task_switch.isra.0+0x153/0x700 [ 11.459159] ? __switch_to+0x47/0xf50 [ 11.459183] ? __schedule+0x10cc/0x2b60 [ 11.459204] ? __pfx_read_tsc+0x10/0x10 [ 11.459227] krealloc_large_less_oob+0x1c/0x30 [ 11.459248] kunit_try_run_case+0x1a5/0x480 [ 11.459271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.459292] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.459314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.459335] ? __kthread_parkme+0x82/0x180 [ 11.459354] ? preempt_count_sub+0x50/0x80 [ 11.459375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.459397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.459418] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.459440] kthread+0x337/0x6f0 [ 11.459459] ? trace_preempt_on+0x20/0xc0 [ 11.459482] ? __pfx_kthread+0x10/0x10 [ 11.459501] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.459520] ? calculate_sigpending+0x7b/0xa0 [ 11.459543] ? __pfx_kthread+0x10/0x10 [ 11.459563] ret_from_fork+0x116/0x1d0 [ 11.459580] ? __pfx_kthread+0x10/0x10 [ 11.459599] ret_from_fork_asm+0x1a/0x30 [ 11.459628] </TASK> [ 11.459638] [ 11.467477] The buggy address belongs to the physical page: [ 11.467795] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291c [ 11.468112] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.468384] flags: 0x200000000000040(head|node=0|zone=2) [ 11.468634] page_type: f8(unknown) [ 11.468812] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.469168] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.469461] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.469963] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.470266] head: 0200000000000002 ffffea00040a4701 00000000ffffffff 00000000ffffffff [ 11.470551] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.471194] page dumped because: kasan: bad access detected [ 11.471375] [ 11.471445] Memory state around the buggy address: [ 11.471790] ffff88810291df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.472238] ffff88810291e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.472630] >ffff88810291e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.472870] ^ [ 11.473126] ffff88810291e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.473448] ffff88810291e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.473758] ================================================================== [ 11.437501] ================================================================== [ 11.438474] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.439046] Write of size 1 at addr ffff88810291e0da by task kunit_try_catch/179 [ 11.439276] [ 11.439371] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.439413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.439424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.439445] Call Trace: [ 11.439464] <TASK> [ 11.439482] dump_stack_lvl+0x73/0xb0 [ 11.439511] print_report+0xd1/0x650 [ 11.439534] ? __virt_addr_valid+0x1db/0x2d0 [ 11.439556] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.439578] ? kasan_addr_to_slab+0x11/0xa0 [ 11.439597] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.439620] kasan_report+0x141/0x180 [ 11.439694] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.439726] __asan_report_store1_noabort+0x1b/0x30 [ 11.439746] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.439770] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.439793] ? finish_task_switch.isra.0+0x153/0x700 [ 11.439813] ? __switch_to+0x47/0xf50 [ 11.439838] ? __schedule+0x10cc/0x2b60 [ 11.439859] ? __pfx_read_tsc+0x10/0x10 [ 11.439882] krealloc_large_less_oob+0x1c/0x30 [ 11.439903] kunit_try_run_case+0x1a5/0x480 [ 11.439927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.439947] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.439969] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.439990] ? __kthread_parkme+0x82/0x180 [ 11.440010] ? preempt_count_sub+0x50/0x80 [ 11.440042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.440065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.440086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.440107] kthread+0x337/0x6f0 [ 11.440125] ? trace_preempt_on+0x20/0xc0 [ 11.440153] ? __pfx_kthread+0x10/0x10 [ 11.440173] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.440192] ? calculate_sigpending+0x7b/0xa0 [ 11.440215] ? __pfx_kthread+0x10/0x10 [ 11.440235] ret_from_fork+0x116/0x1d0 [ 11.440252] ? __pfx_kthread+0x10/0x10 [ 11.440271] ret_from_fork_asm+0x1a/0x30 [ 11.440301] </TASK> [ 11.440313] [ 11.450525] The buggy address belongs to the physical page: [ 11.450942] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291c [ 11.451299] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.451612] flags: 0x200000000000040(head|node=0|zone=2) [ 11.451832] page_type: f8(unknown) [ 11.451961] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.452318] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.452649] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.453054] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.453392] head: 0200000000000002 ffffea00040a4701 00000000ffffffff 00000000ffffffff [ 11.453622] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.453981] page dumped because: kasan: bad access detected [ 11.454213] [ 11.454281] Memory state around the buggy address: [ 11.454438] ffff88810291df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.455236] ffff88810291e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.455475] >ffff88810291e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.455710] ^ [ 11.456107] ffff88810291e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.456608] ffff88810291e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.456975] ================================================================== [ 11.174009] ================================================================== [ 11.174421] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.175221] Write of size 1 at addr ffff888100ab34c9 by task kunit_try_catch/175 [ 11.176136] [ 11.176465] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.176529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.176541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.176563] Call Trace: [ 11.176576] <TASK> [ 11.176596] dump_stack_lvl+0x73/0xb0 [ 11.176768] print_report+0xd1/0x650 [ 11.176799] ? __virt_addr_valid+0x1db/0x2d0 [ 11.176824] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.176846] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.176867] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.176889] kasan_report+0x141/0x180 [ 11.176918] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.176945] __asan_report_store1_noabort+0x1b/0x30 [ 11.176964] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.176988] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.177010] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.177048] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.177073] krealloc_less_oob+0x1c/0x30 [ 11.177093] kunit_try_run_case+0x1a5/0x480 [ 11.177119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.177139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.177162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.177183] ? __kthread_parkme+0x82/0x180 [ 11.177204] ? preempt_count_sub+0x50/0x80 [ 11.177229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.177252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.177273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.177294] kthread+0x337/0x6f0 [ 11.177313] ? trace_preempt_on+0x20/0xc0 [ 11.177336] ? __pfx_kthread+0x10/0x10 [ 11.177355] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.177375] ? calculate_sigpending+0x7b/0xa0 [ 11.177398] ? __pfx_kthread+0x10/0x10 [ 11.177419] ret_from_fork+0x116/0x1d0 [ 11.177437] ? __pfx_kthread+0x10/0x10 [ 11.177456] ret_from_fork_asm+0x1a/0x30 [ 11.177486] </TASK> [ 11.177498] [ 11.189761] Allocated by task 175: [ 11.190115] kasan_save_stack+0x45/0x70 [ 11.190476] kasan_save_track+0x18/0x40 [ 11.190849] kasan_save_alloc_info+0x3b/0x50 [ 11.191302] __kasan_krealloc+0x190/0x1f0 [ 11.191857] krealloc_noprof+0xf3/0x340 [ 11.192230] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.192658] krealloc_less_oob+0x1c/0x30 [ 11.193072] kunit_try_run_case+0x1a5/0x480 [ 11.193451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.193956] kthread+0x337/0x6f0 [ 11.194318] ret_from_fork+0x116/0x1d0 [ 11.194606] ret_from_fork_asm+0x1a/0x30 [ 11.194749] [ 11.194837] The buggy address belongs to the object at ffff888100ab3400 [ 11.194837] which belongs to the cache kmalloc-256 of size 256 [ 11.195331] The buggy address is located 0 bytes to the right of [ 11.195331] allocated 201-byte region [ffff888100ab3400, ffff888100ab34c9) [ 11.196564] [ 11.196749] The buggy address belongs to the physical page: [ 11.197385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab2 [ 11.198227] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.199068] flags: 0x200000000000040(head|node=0|zone=2) [ 11.199597] page_type: f5(slab) [ 11.199815] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.200291] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.200527] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.201173] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.201888] head: 0200000000000001 ffffea000402ac81 00000000ffffffff 00000000ffffffff [ 11.202800] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.203308] page dumped because: kasan: bad access detected [ 11.203482] [ 11.203552] Memory state around the buggy address: [ 11.203774] ffff888100ab3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.204414] ffff888100ab3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.205160] >ffff888100ab3480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.205968] ^ [ 11.206479] ffff888100ab3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.207043] ffff888100ab3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.207422] ================================================================== [ 11.407833] ================================================================== [ 11.408509] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.409507] Write of size 1 at addr ffff88810291e0d0 by task kunit_try_catch/179 [ 11.410371] [ 11.410577] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.410620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.410631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.410651] Call Trace: [ 11.410680] <TASK> [ 11.410717] dump_stack_lvl+0x73/0xb0 [ 11.410810] print_report+0xd1/0x650 [ 11.410834] ? __virt_addr_valid+0x1db/0x2d0 [ 11.410857] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.410879] ? kasan_addr_to_slab+0x11/0xa0 [ 11.410898] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.410921] kasan_report+0x141/0x180 [ 11.410942] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.410968] __asan_report_store1_noabort+0x1b/0x30 [ 11.410988] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.411012] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.411046] ? finish_task_switch.isra.0+0x153/0x700 [ 11.411067] ? __switch_to+0x47/0xf50 [ 11.411092] ? __schedule+0x10cc/0x2b60 [ 11.411113] ? __pfx_read_tsc+0x10/0x10 [ 11.411136] krealloc_large_less_oob+0x1c/0x30 [ 11.411157] kunit_try_run_case+0x1a5/0x480 [ 11.411181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.411202] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.411224] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.411245] ? __kthread_parkme+0x82/0x180 [ 11.411265] ? preempt_count_sub+0x50/0x80 [ 11.411286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.411308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.411329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.411350] kthread+0x337/0x6f0 [ 11.411368] ? trace_preempt_on+0x20/0xc0 [ 11.411392] ? __pfx_kthread+0x10/0x10 [ 11.411411] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.411430] ? calculate_sigpending+0x7b/0xa0 [ 11.411453] ? __pfx_kthread+0x10/0x10 [ 11.411473] ret_from_fork+0x116/0x1d0 [ 11.411490] ? __pfx_kthread+0x10/0x10 [ 11.411509] ret_from_fork_asm+0x1a/0x30 [ 11.411539] </TASK> [ 11.411550] [ 11.425786] The buggy address belongs to the physical page: [ 11.426422] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291c [ 11.427264] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.428077] flags: 0x200000000000040(head|node=0|zone=2) [ 11.428269] page_type: f8(unknown) [ 11.428397] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.428628] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.429418] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.430165] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.430878] head: 0200000000000002 ffffea00040a4701 00000000ffffffff 00000000ffffffff [ 11.431652] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.432355] page dumped because: kasan: bad access detected [ 11.432964] [ 11.433054] Memory state around the buggy address: [ 11.433210] ffff88810291df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.433427] ffff88810291e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.433651] >ffff88810291e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.434387] ^ [ 11.434971] ffff88810291e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.435891] ffff88810291e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.436538] ================================================================== [ 11.313086] ================================================================== [ 11.313426] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.313681] Write of size 1 at addr ffff888100ab34eb by task kunit_try_catch/175 [ 11.314087] [ 11.314209] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.314264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.314275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.314296] Call Trace: [ 11.314316] <TASK> [ 11.314346] dump_stack_lvl+0x73/0xb0 [ 11.314376] print_report+0xd1/0x650 [ 11.314399] ? __virt_addr_valid+0x1db/0x2d0 [ 11.314422] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.314443] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.314464] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.314487] kasan_report+0x141/0x180 [ 11.314508] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.314535] __asan_report_store1_noabort+0x1b/0x30 [ 11.314564] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.314589] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.314611] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.314711] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.314740] krealloc_less_oob+0x1c/0x30 [ 11.314760] kunit_try_run_case+0x1a5/0x480 [ 11.314783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.314804] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.314827] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.314858] ? __kthread_parkme+0x82/0x180 [ 11.314878] ? preempt_count_sub+0x50/0x80 [ 11.314901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.314935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.314957] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.314979] kthread+0x337/0x6f0 [ 11.314997] ? trace_preempt_on+0x20/0xc0 [ 11.315036] ? __pfx_kthread+0x10/0x10 [ 11.315056] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.315076] ? calculate_sigpending+0x7b/0xa0 [ 11.315110] ? __pfx_kthread+0x10/0x10 [ 11.315130] ret_from_fork+0x116/0x1d0 [ 11.315149] ? __pfx_kthread+0x10/0x10 [ 11.315168] ret_from_fork_asm+0x1a/0x30 [ 11.315198] </TASK> [ 11.315209] [ 11.323234] Allocated by task 175: [ 11.323382] kasan_save_stack+0x45/0x70 [ 11.323596] kasan_save_track+0x18/0x40 [ 11.324004] kasan_save_alloc_info+0x3b/0x50 [ 11.324239] __kasan_krealloc+0x190/0x1f0 [ 11.324428] krealloc_noprof+0xf3/0x340 [ 11.324579] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.325081] krealloc_less_oob+0x1c/0x30 [ 11.325287] kunit_try_run_case+0x1a5/0x480 [ 11.325497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.325783] kthread+0x337/0x6f0 [ 11.326040] ret_from_fork+0x116/0x1d0 [ 11.326266] ret_from_fork_asm+0x1a/0x30 [ 11.326450] [ 11.326549] The buggy address belongs to the object at ffff888100ab3400 [ 11.326549] which belongs to the cache kmalloc-256 of size 256 [ 11.326909] The buggy address is located 34 bytes to the right of [ 11.326909] allocated 201-byte region [ffff888100ab3400, ffff888100ab34c9) [ 11.327822] [ 11.327916] The buggy address belongs to the physical page: [ 11.328102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab2 [ 11.328806] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.329180] flags: 0x200000000000040(head|node=0|zone=2) [ 11.329423] page_type: f5(slab) [ 11.329582] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.330909] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.331312] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.331634] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.331945] head: 0200000000000001 ffffea000402ac81 00000000ffffffff 00000000ffffffff [ 11.332269] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.332576] page dumped because: kasan: bad access detected [ 11.333488] [ 11.333588] Memory state around the buggy address: [ 11.334314] ffff888100ab3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.335061] ffff888100ab3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.335369] >ffff888100ab3480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.335915] ^ [ 11.336369] ffff888100ab3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.337215] ffff888100ab3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.337517] ================================================================== [ 11.474136] ================================================================== [ 11.474421] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.474656] Write of size 1 at addr ffff88810291e0eb by task kunit_try_catch/179 [ 11.474976] [ 11.475258] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.475305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.475317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.475336] Call Trace: [ 11.475351] <TASK> [ 11.475365] dump_stack_lvl+0x73/0xb0 [ 11.475393] print_report+0xd1/0x650 [ 11.475416] ? __virt_addr_valid+0x1db/0x2d0 [ 11.475438] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.475460] ? kasan_addr_to_slab+0x11/0xa0 [ 11.475479] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.475504] kasan_report+0x141/0x180 [ 11.475528] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.475556] __asan_report_store1_noabort+0x1b/0x30 [ 11.475575] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.475599] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.475622] ? finish_task_switch.isra.0+0x153/0x700 [ 11.475705] ? __switch_to+0x47/0xf50 [ 11.475733] ? __schedule+0x10cc/0x2b60 [ 11.475755] ? __pfx_read_tsc+0x10/0x10 [ 11.475780] krealloc_large_less_oob+0x1c/0x30 [ 11.475804] kunit_try_run_case+0x1a5/0x480 [ 11.475828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.475850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.475871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.475893] ? __kthread_parkme+0x82/0x180 [ 11.475912] ? preempt_count_sub+0x50/0x80 [ 11.475934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.475956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.475977] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.475999] kthread+0x337/0x6f0 [ 11.476017] ? trace_preempt_on+0x20/0xc0 [ 11.476051] ? __pfx_kthread+0x10/0x10 [ 11.476070] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.476089] ? calculate_sigpending+0x7b/0xa0 [ 11.476111] ? __pfx_kthread+0x10/0x10 [ 11.476131] ret_from_fork+0x116/0x1d0 [ 11.476156] ? __pfx_kthread+0x10/0x10 [ 11.476175] ret_from_fork_asm+0x1a/0x30 [ 11.476204] </TASK> [ 11.476214] [ 11.483425] The buggy address belongs to the physical page: [ 11.483894] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291c [ 11.484283] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.484611] flags: 0x200000000000040(head|node=0|zone=2) [ 11.484944] page_type: f8(unknown) [ 11.485143] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.485490] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.485869] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.486187] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.486482] head: 0200000000000002 ffffea00040a4701 00000000ffffffff 00000000ffffffff [ 11.486888] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.487187] page dumped because: kasan: bad access detected [ 11.487426] [ 11.487519] Memory state around the buggy address: [ 11.487954] ffff88810291df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.488245] ffff88810291e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.488481] >ffff88810291e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.488693] ^ [ 11.488891] ffff88810291e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.489243] ffff88810291e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.489557] ================================================================== [ 11.385477] ================================================================== [ 11.386260] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.386615] Write of size 1 at addr ffff88810291e0c9 by task kunit_try_catch/179 [ 11.387017] [ 11.387156] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.387202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.387213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.387245] Call Trace: [ 11.387258] <TASK> [ 11.387276] dump_stack_lvl+0x73/0xb0 [ 11.387316] print_report+0xd1/0x650 [ 11.387339] ? __virt_addr_valid+0x1db/0x2d0 [ 11.387362] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.387384] ? kasan_addr_to_slab+0x11/0xa0 [ 11.387413] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.387435] kasan_report+0x141/0x180 [ 11.387456] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.387493] __asan_report_store1_noabort+0x1b/0x30 [ 11.387513] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.387537] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.387560] ? finish_task_switch.isra.0+0x153/0x700 [ 11.387582] ? __switch_to+0x47/0xf50 [ 11.387607] ? __schedule+0x10cc/0x2b60 [ 11.387629] ? __pfx_read_tsc+0x10/0x10 [ 11.387667] krealloc_large_less_oob+0x1c/0x30 [ 11.387690] kunit_try_run_case+0x1a5/0x480 [ 11.387714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.387735] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.387810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.387848] ? __kthread_parkme+0x82/0x180 [ 11.387868] ? preempt_count_sub+0x50/0x80 [ 11.387890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.387912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.387934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.387955] kthread+0x337/0x6f0 [ 11.387981] ? trace_preempt_on+0x20/0xc0 [ 11.388004] ? __pfx_kthread+0x10/0x10 [ 11.388038] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.388059] ? calculate_sigpending+0x7b/0xa0 [ 11.388082] ? __pfx_kthread+0x10/0x10 [ 11.388102] ret_from_fork+0x116/0x1d0 [ 11.388119] ? __pfx_kthread+0x10/0x10 [ 11.388138] ret_from_fork_asm+0x1a/0x30 [ 11.388172] </TASK> [ 11.388183] [ 11.396773] The buggy address belongs to the physical page: [ 11.396966] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291c [ 11.397626] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.398312] flags: 0x200000000000040(head|node=0|zone=2) [ 11.399091] page_type: f8(unknown) [ 11.399387] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.399719] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.400647] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.401273] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.401515] head: 0200000000000002 ffffea00040a4701 00000000ffffffff 00000000ffffffff [ 11.402127] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.402847] page dumped because: kasan: bad access detected [ 11.403476] [ 11.403715] Memory state around the buggy address: [ 11.404254] ffff88810291df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.404913] ffff88810291e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.405533] >ffff88810291e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.406193] ^ [ 11.406740] ffff88810291e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.407224] ffff88810291e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.407440] ================================================================== [ 11.277245] ================================================================== [ 11.277698] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.278490] Write of size 1 at addr ffff888100ab34ea by task kunit_try_catch/175 [ 11.279194] [ 11.279299] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.279342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.279354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.279375] Call Trace: [ 11.279394] <TASK> [ 11.279413] dump_stack_lvl+0x73/0xb0 [ 11.279443] print_report+0xd1/0x650 [ 11.279465] ? __virt_addr_valid+0x1db/0x2d0 [ 11.279487] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.279509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.279530] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.279552] kasan_report+0x141/0x180 [ 11.279573] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.279599] __asan_report_store1_noabort+0x1b/0x30 [ 11.279619] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.279655] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.279676] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.279704] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.279729] krealloc_less_oob+0x1c/0x30 [ 11.279750] kunit_try_run_case+0x1a5/0x480 [ 11.279773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.279829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.279853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.279874] ? __kthread_parkme+0x82/0x180 [ 11.279894] ? preempt_count_sub+0x50/0x80 [ 11.279917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.279939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.279961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.279982] kthread+0x337/0x6f0 [ 11.280000] ? trace_preempt_on+0x20/0xc0 [ 11.280034] ? __pfx_kthread+0x10/0x10 [ 11.280055] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.280074] ? calculate_sigpending+0x7b/0xa0 [ 11.280097] ? __pfx_kthread+0x10/0x10 [ 11.280117] ret_from_fork+0x116/0x1d0 [ 11.280135] ? __pfx_kthread+0x10/0x10 [ 11.280160] ret_from_fork_asm+0x1a/0x30 [ 11.280190] </TASK> [ 11.280201] [ 11.294326] Allocated by task 175: [ 11.294707] kasan_save_stack+0x45/0x70 [ 11.295188] kasan_save_track+0x18/0x40 [ 11.295474] kasan_save_alloc_info+0x3b/0x50 [ 11.295625] __kasan_krealloc+0x190/0x1f0 [ 11.296139] krealloc_noprof+0xf3/0x340 [ 11.296535] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.297155] krealloc_less_oob+0x1c/0x30 [ 11.297517] kunit_try_run_case+0x1a5/0x480 [ 11.297783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.298272] kthread+0x337/0x6f0 [ 11.298498] ret_from_fork+0x116/0x1d0 [ 11.298631] ret_from_fork_asm+0x1a/0x30 [ 11.299054] [ 11.299264] The buggy address belongs to the object at ffff888100ab3400 [ 11.299264] which belongs to the cache kmalloc-256 of size 256 [ 11.300230] The buggy address is located 33 bytes to the right of [ 11.300230] allocated 201-byte region [ffff888100ab3400, ffff888100ab34c9) [ 11.300610] [ 11.300812] The buggy address belongs to the physical page: [ 11.301339] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab2 [ 11.302190] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.302926] flags: 0x200000000000040(head|node=0|zone=2) [ 11.303582] page_type: f5(slab) [ 11.303950] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.304852] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.305224] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.305458] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.305828] head: 0200000000000001 ffffea000402ac81 00000000ffffffff 00000000ffffffff [ 11.306518] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.307232] page dumped because: kasan: bad access detected [ 11.307918] [ 11.308123] Memory state around the buggy address: [ 11.308571] ffff888100ab3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.309323] ffff888100ab3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.309728] >ffff888100ab3480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.310347] ^ [ 11.310809] ffff888100ab3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.311444] ffff888100ab3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.312296] ================================================================== [ 11.241588] ================================================================== [ 11.242290] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.243015] Write of size 1 at addr ffff888100ab34da by task kunit_try_catch/175 [ 11.243747] [ 11.243947] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.244267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.244278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.244300] Call Trace: [ 11.244319] <TASK> [ 11.244339] dump_stack_lvl+0x73/0xb0 [ 11.244369] print_report+0xd1/0x650 [ 11.244391] ? __virt_addr_valid+0x1db/0x2d0 [ 11.244414] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.244436] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.244458] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.244480] kasan_report+0x141/0x180 [ 11.244504] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.244533] __asan_report_store1_noabort+0x1b/0x30 [ 11.244554] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.244578] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.244600] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.244628] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.244665] krealloc_less_oob+0x1c/0x30 [ 11.244685] kunit_try_run_case+0x1a5/0x480 [ 11.244716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.244738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.244761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.244782] ? __kthread_parkme+0x82/0x180 [ 11.244801] ? preempt_count_sub+0x50/0x80 [ 11.244824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.244846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.244868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.244890] kthread+0x337/0x6f0 [ 11.244908] ? trace_preempt_on+0x20/0xc0 [ 11.244930] ? __pfx_kthread+0x10/0x10 [ 11.244950] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.244970] ? calculate_sigpending+0x7b/0xa0 [ 11.244993] ? __pfx_kthread+0x10/0x10 [ 11.245013] ret_from_fork+0x116/0x1d0 [ 11.245041] ? __pfx_kthread+0x10/0x10 [ 11.245060] ret_from_fork_asm+0x1a/0x30 [ 11.245090] </TASK> [ 11.245101] [ 11.258257] Allocated by task 175: [ 11.258395] kasan_save_stack+0x45/0x70 [ 11.258549] kasan_save_track+0x18/0x40 [ 11.258864] kasan_save_alloc_info+0x3b/0x50 [ 11.259268] __kasan_krealloc+0x190/0x1f0 [ 11.259657] krealloc_noprof+0xf3/0x340 [ 11.260162] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.260615] krealloc_less_oob+0x1c/0x30 [ 11.261153] kunit_try_run_case+0x1a5/0x480 [ 11.261511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.261883] kthread+0x337/0x6f0 [ 11.262221] ret_from_fork+0x116/0x1d0 [ 11.262578] ret_from_fork_asm+0x1a/0x30 [ 11.262999] [ 11.263210] The buggy address belongs to the object at ffff888100ab3400 [ 11.263210] which belongs to the cache kmalloc-256 of size 256 [ 11.263929] The buggy address is located 17 bytes to the right of [ 11.263929] allocated 201-byte region [ffff888100ab3400, ffff888100ab34c9) [ 11.264328] [ 11.264401] The buggy address belongs to the physical page: [ 11.264577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab2 [ 11.265329] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.266377] flags: 0x200000000000040(head|node=0|zone=2) [ 11.267048] page_type: f5(slab) [ 11.267440] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.268173] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.268920] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.269597] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.270600] head: 0200000000000001 ffffea000402ac81 00000000ffffffff 00000000ffffffff [ 11.271142] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.271376] page dumped because: kasan: bad access detected [ 11.271547] [ 11.271617] Memory state around the buggy address: [ 11.272179] ffff888100ab3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.272816] ffff888100ab3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.273601] >ffff888100ab3480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.274426] ^ [ 11.275440] ffff888100ab3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.275921] ffff888100ab3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.276559] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 11.365142] ================================================================== [ 11.365524] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.366202] Write of size 1 at addr ffff888102a6e0f0 by task kunit_try_catch/177 [ 11.366554] [ 11.366677] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.366719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.366730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.366759] Call Trace: [ 11.366770] <TASK> [ 11.366785] dump_stack_lvl+0x73/0xb0 [ 11.366813] print_report+0xd1/0x650 [ 11.366848] ? __virt_addr_valid+0x1db/0x2d0 [ 11.366870] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.366892] ? kasan_addr_to_slab+0x11/0xa0 [ 11.366911] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.366933] kasan_report+0x141/0x180 [ 11.366954] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.366980] __asan_report_store1_noabort+0x1b/0x30 [ 11.367000] krealloc_more_oob_helper+0x7eb/0x930 [ 11.367030] ? __schedule+0x10cc/0x2b60 [ 11.367052] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.367074] ? finish_task_switch.isra.0+0x153/0x700 [ 11.367095] ? __switch_to+0x47/0xf50 [ 11.367121] ? __schedule+0x10cc/0x2b60 [ 11.367140] ? __pfx_read_tsc+0x10/0x10 [ 11.367163] krealloc_large_more_oob+0x1c/0x30 [ 11.367185] kunit_try_run_case+0x1a5/0x480 [ 11.367217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.367237] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.367259] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.367291] ? __kthread_parkme+0x82/0x180 [ 11.367311] ? preempt_count_sub+0x50/0x80 [ 11.367332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.367354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.367385] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.367406] kthread+0x337/0x6f0 [ 11.367424] ? trace_preempt_on+0x20/0xc0 [ 11.367457] ? __pfx_kthread+0x10/0x10 [ 11.367476] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.367495] ? calculate_sigpending+0x7b/0xa0 [ 11.367518] ? __pfx_kthread+0x10/0x10 [ 11.367546] ret_from_fork+0x116/0x1d0 [ 11.367564] ? __pfx_kthread+0x10/0x10 [ 11.367583] ret_from_fork_asm+0x1a/0x30 [ 11.367623] </TASK> [ 11.367633] [ 11.375257] The buggy address belongs to the physical page: [ 11.375513] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a6c [ 11.375981] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.376310] flags: 0x200000000000040(head|node=0|zone=2) [ 11.376579] page_type: f8(unknown) [ 11.376835] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.377166] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.377499] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.377862] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.378194] head: 0200000000000002 ffffea00040a9b01 00000000ffffffff 00000000ffffffff [ 11.378483] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.378890] page dumped because: kasan: bad access detected [ 11.379073] [ 11.379142] Memory state around the buggy address: [ 11.379300] ffff888102a6df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.379513] ffff888102a6e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.379818] >ffff888102a6e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.380137] ^ [ 11.380437] ffff888102a6e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.380750] ffff888102a6e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.381169] ================================================================== [ 11.347971] ================================================================== [ 11.348454] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.349190] Write of size 1 at addr ffff888102a6e0eb by task kunit_try_catch/177 [ 11.349480] [ 11.349621] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.349670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.349682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.349704] Call Trace: [ 11.349716] <TASK> [ 11.349735] dump_stack_lvl+0x73/0xb0 [ 11.349767] print_report+0xd1/0x650 [ 11.349802] ? __virt_addr_valid+0x1db/0x2d0 [ 11.349827] ? krealloc_more_oob_helper+0x821/0x930 [ 11.349849] ? kasan_addr_to_slab+0x11/0xa0 [ 11.349880] ? krealloc_more_oob_helper+0x821/0x930 [ 11.349903] kasan_report+0x141/0x180 [ 11.349923] ? krealloc_more_oob_helper+0x821/0x930 [ 11.349950] __asan_report_store1_noabort+0x1b/0x30 [ 11.349969] krealloc_more_oob_helper+0x821/0x930 [ 11.349990] ? __schedule+0x10cc/0x2b60 [ 11.350011] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.350043] ? finish_task_switch.isra.0+0x153/0x700 [ 11.350065] ? __switch_to+0x47/0xf50 [ 11.350091] ? __schedule+0x10cc/0x2b60 [ 11.350112] ? __pfx_read_tsc+0x10/0x10 [ 11.350145] krealloc_large_more_oob+0x1c/0x30 [ 11.350167] kunit_try_run_case+0x1a5/0x480 [ 11.350192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.350224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.350247] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.350268] ? __kthread_parkme+0x82/0x180 [ 11.350288] ? preempt_count_sub+0x50/0x80 [ 11.350310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.350332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.350353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.350384] kthread+0x337/0x6f0 [ 11.350403] ? trace_preempt_on+0x20/0xc0 [ 11.350426] ? __pfx_kthread+0x10/0x10 [ 11.350445] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.350475] ? calculate_sigpending+0x7b/0xa0 [ 11.350500] ? __pfx_kthread+0x10/0x10 [ 11.350519] ret_from_fork+0x116/0x1d0 [ 11.350537] ? __pfx_kthread+0x10/0x10 [ 11.350557] ret_from_fork_asm+0x1a/0x30 [ 11.350586] </TASK> [ 11.350598] [ 11.358529] The buggy address belongs to the physical page: [ 11.358791] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a6c [ 11.359160] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.359494] flags: 0x200000000000040(head|node=0|zone=2) [ 11.359762] page_type: f8(unknown) [ 11.359946] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.360227] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.360514] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.360862] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.361177] head: 0200000000000002 ffffea00040a9b01 00000000ffffffff 00000000ffffffff [ 11.361403] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.361851] page dumped because: kasan: bad access detected [ 11.362085] [ 11.362204] Memory state around the buggy address: [ 11.362364] ffff888102a6df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.362577] ffff888102a6e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.362789] >ffff888102a6e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.363162] ^ [ 11.363453] ffff888102a6e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.363762] ffff888102a6e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.364083] ================================================================== [ 11.107898] ================================================================== [ 11.108391] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.108717] Write of size 1 at addr ffff88810033f0eb by task kunit_try_catch/173 [ 11.109565] [ 11.109845] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.109893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.109904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.109926] Call Trace: [ 11.109937] <TASK> [ 11.109954] dump_stack_lvl+0x73/0xb0 [ 11.109983] print_report+0xd1/0x650 [ 11.110007] ? __virt_addr_valid+0x1db/0x2d0 [ 11.110041] ? krealloc_more_oob_helper+0x821/0x930 [ 11.110127] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.110150] ? krealloc_more_oob_helper+0x821/0x930 [ 11.110185] kasan_report+0x141/0x180 [ 11.110206] ? krealloc_more_oob_helper+0x821/0x930 [ 11.110233] __asan_report_store1_noabort+0x1b/0x30 [ 11.110252] krealloc_more_oob_helper+0x821/0x930 [ 11.110272] ? __schedule+0x10cc/0x2b60 [ 11.110295] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.110318] ? finish_task_switch.isra.0+0x153/0x700 [ 11.110339] ? __switch_to+0x47/0xf50 [ 11.110365] ? __schedule+0x10cc/0x2b60 [ 11.110384] ? __pfx_read_tsc+0x10/0x10 [ 11.110408] krealloc_more_oob+0x1c/0x30 [ 11.110429] kunit_try_run_case+0x1a5/0x480 [ 11.110453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.110473] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.110496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.110516] ? __kthread_parkme+0x82/0x180 [ 11.110536] ? preempt_count_sub+0x50/0x80 [ 11.110557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.110579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.110600] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.110621] kthread+0x337/0x6f0 [ 11.110660] ? trace_preempt_on+0x20/0xc0 [ 11.110694] ? __pfx_kthread+0x10/0x10 [ 11.110713] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.110733] ? calculate_sigpending+0x7b/0xa0 [ 11.110755] ? __pfx_kthread+0x10/0x10 [ 11.110775] ret_from_fork+0x116/0x1d0 [ 11.110793] ? __pfx_kthread+0x10/0x10 [ 11.110812] ret_from_fork_asm+0x1a/0x30 [ 11.110841] </TASK> [ 11.110853] [ 11.124259] Allocated by task 173: [ 11.124618] kasan_save_stack+0x45/0x70 [ 11.125057] kasan_save_track+0x18/0x40 [ 11.125477] kasan_save_alloc_info+0x3b/0x50 [ 11.125784] __kasan_krealloc+0x190/0x1f0 [ 11.125925] krealloc_noprof+0xf3/0x340 [ 11.126073] krealloc_more_oob_helper+0x1a9/0x930 [ 11.126584] krealloc_more_oob+0x1c/0x30 [ 11.127044] kunit_try_run_case+0x1a5/0x480 [ 11.127444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.127975] kthread+0x337/0x6f0 [ 11.128306] ret_from_fork+0x116/0x1d0 [ 11.128674] ret_from_fork_asm+0x1a/0x30 [ 11.129038] [ 11.129146] The buggy address belongs to the object at ffff88810033f000 [ 11.129146] which belongs to the cache kmalloc-256 of size 256 [ 11.129504] The buggy address is located 0 bytes to the right of [ 11.129504] allocated 235-byte region [ffff88810033f000, ffff88810033f0eb) [ 11.130508] [ 11.130726] The buggy address belongs to the physical page: [ 11.131264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10033e [ 11.132028] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.132710] flags: 0x200000000000040(head|node=0|zone=2) [ 11.133326] page_type: f5(slab) [ 11.133633] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.134096] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.134329] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.134559] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.134832] head: 0200000000000001 ffffea000400cf81 00000000ffffffff 00000000ffffffff [ 11.135346] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.135634] page dumped because: kasan: bad access detected [ 11.135822] [ 11.135901] Memory state around the buggy address: [ 11.136264] ffff88810033ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.136759] ffff88810033f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.137495] >ffff88810033f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.138445] ^ [ 11.139096] ffff88810033f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.139885] ffff88810033f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.140610] ================================================================== [ 11.141496] ================================================================== [ 11.142327] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.142573] Write of size 1 at addr ffff88810033f0f0 by task kunit_try_catch/173 [ 11.142859] [ 11.142978] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.143099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.143112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.143133] Call Trace: [ 11.143151] <TASK> [ 11.143169] dump_stack_lvl+0x73/0xb0 [ 11.143197] print_report+0xd1/0x650 [ 11.143219] ? __virt_addr_valid+0x1db/0x2d0 [ 11.143242] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.143264] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.143284] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.143307] kasan_report+0x141/0x180 [ 11.143327] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.143353] __asan_report_store1_noabort+0x1b/0x30 [ 11.143374] krealloc_more_oob_helper+0x7eb/0x930 [ 11.143395] ? __schedule+0x10cc/0x2b60 [ 11.143416] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.143440] ? finish_task_switch.isra.0+0x153/0x700 [ 11.143461] ? __switch_to+0x47/0xf50 [ 11.143485] ? __schedule+0x10cc/0x2b60 [ 11.143504] ? __pfx_read_tsc+0x10/0x10 [ 11.143527] krealloc_more_oob+0x1c/0x30 [ 11.143547] kunit_try_run_case+0x1a5/0x480 [ 11.143570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.143591] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.143613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.143634] ? __kthread_parkme+0x82/0x180 [ 11.143653] ? preempt_count_sub+0x50/0x80 [ 11.143674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.143696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.143737] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.143759] kthread+0x337/0x6f0 [ 11.143778] ? trace_preempt_on+0x20/0xc0 [ 11.143801] ? __pfx_kthread+0x10/0x10 [ 11.143820] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.143839] ? calculate_sigpending+0x7b/0xa0 [ 11.143862] ? __pfx_kthread+0x10/0x10 [ 11.143882] ret_from_fork+0x116/0x1d0 [ 11.143899] ? __pfx_kthread+0x10/0x10 [ 11.143918] ret_from_fork_asm+0x1a/0x30 [ 11.143948] </TASK> [ 11.143959] [ 11.155128] Allocated by task 173: [ 11.155302] kasan_save_stack+0x45/0x70 [ 11.155485] kasan_save_track+0x18/0x40 [ 11.155919] kasan_save_alloc_info+0x3b/0x50 [ 11.156219] __kasan_krealloc+0x190/0x1f0 [ 11.156443] krealloc_noprof+0xf3/0x340 [ 11.156621] krealloc_more_oob_helper+0x1a9/0x930 [ 11.157080] krealloc_more_oob+0x1c/0x30 [ 11.157252] kunit_try_run_case+0x1a5/0x480 [ 11.157433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.157931] kthread+0x337/0x6f0 [ 11.158187] ret_from_fork+0x116/0x1d0 [ 11.158521] ret_from_fork_asm+0x1a/0x30 [ 11.158942] [ 11.159171] The buggy address belongs to the object at ffff88810033f000 [ 11.159171] which belongs to the cache kmalloc-256 of size 256 [ 11.160078] The buggy address is located 5 bytes to the right of [ 11.160078] allocated 235-byte region [ffff88810033f000, ffff88810033f0eb) [ 11.160932] [ 11.161051] The buggy address belongs to the physical page: [ 11.161288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10033e [ 11.161609] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.162610] flags: 0x200000000000040(head|node=0|zone=2) [ 11.163203] page_type: f5(slab) [ 11.163369] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.163943] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.164331] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.164857] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.165344] head: 0200000000000001 ffffea000400cf81 00000000ffffffff 00000000ffffffff [ 11.166043] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.166452] page dumped because: kasan: bad access detected [ 11.166965] [ 11.167166] Memory state around the buggy address: [ 11.167519] ffff88810033ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.168159] ffff88810033f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.168586] >ffff88810033f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.169057] ^ [ 11.169345] ffff88810033f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.169631] ffff88810033f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.170182] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 13.490824] ================================================================== [ 13.491338] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 13.492081] Read of size 1 at addr ffff888103a17c4a by task kunit_try_catch/270 [ 13.492573] [ 13.492732] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.492783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.492796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.492985] Call Trace: [ 13.493000] <TASK> [ 13.493033] dump_stack_lvl+0x73/0xb0 [ 13.493066] print_report+0xd1/0x650 [ 13.493091] ? __virt_addr_valid+0x1db/0x2d0 [ 13.493117] ? kasan_alloca_oob_right+0x329/0x390 [ 13.493138] ? kasan_addr_to_slab+0x11/0xa0 [ 13.493157] ? kasan_alloca_oob_right+0x329/0x390 [ 13.493179] kasan_report+0x141/0x180 [ 13.493210] ? kasan_alloca_oob_right+0x329/0x390 [ 13.493237] __asan_report_load1_noabort+0x18/0x20 [ 13.493260] kasan_alloca_oob_right+0x329/0x390 [ 13.493295] ? irqentry_exit+0x2a/0x60 [ 13.493316] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.493340] ? trace_hardirqs_on+0x37/0xe0 [ 13.493367] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.493392] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.493419] kunit_try_run_case+0x1a5/0x480 [ 13.493444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.493465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.493489] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.493511] ? __kthread_parkme+0x82/0x180 [ 13.493533] ? preempt_count_sub+0x50/0x80 [ 13.493557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.493579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.493601] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.493624] kthread+0x337/0x6f0 [ 13.493694] ? trace_preempt_on+0x20/0xc0 [ 13.493718] ? __pfx_kthread+0x10/0x10 [ 13.493738] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.493758] ? calculate_sigpending+0x7b/0xa0 [ 13.493782] ? __pfx_kthread+0x10/0x10 [ 13.493804] ret_from_fork+0x116/0x1d0 [ 13.493823] ? __pfx_kthread+0x10/0x10 [ 13.493843] ret_from_fork_asm+0x1a/0x30 [ 13.493874] </TASK> [ 13.493885] [ 13.502508] The buggy address belongs to stack of task kunit_try_catch/270 [ 13.502871] [ 13.502991] The buggy address belongs to the physical page: [ 13.503245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a17 [ 13.503538] flags: 0x200000000000000(node=0|zone=2) [ 13.503817] raw: 0200000000000000 ffffea00040e85c8 ffffea00040e85c8 0000000000000000 [ 13.504406] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.504897] page dumped because: kasan: bad access detected [ 13.505199] [ 13.505271] Memory state around the buggy address: [ 13.505428] ffff888103a17b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.505728] ffff888103a17b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.506090] >ffff888103a17c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.506311] ^ [ 13.506504] ffff888103a17c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.507088] ffff888103a17d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.507484] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 13.466586] ================================================================== [ 13.467252] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 13.467753] Read of size 1 at addr ffff8881039f7c3f by task kunit_try_catch/268 [ 13.468076] [ 13.468209] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.468256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.468268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.468291] Call Trace: [ 13.468304] <TASK> [ 13.468323] dump_stack_lvl+0x73/0xb0 [ 13.468365] print_report+0xd1/0x650 [ 13.468389] ? __virt_addr_valid+0x1db/0x2d0 [ 13.468425] ? kasan_alloca_oob_left+0x320/0x380 [ 13.468447] ? kasan_addr_to_slab+0x11/0xa0 [ 13.468467] ? kasan_alloca_oob_left+0x320/0x380 [ 13.468489] kasan_report+0x141/0x180 [ 13.468510] ? kasan_alloca_oob_left+0x320/0x380 [ 13.468538] __asan_report_load1_noabort+0x18/0x20 [ 13.468561] kasan_alloca_oob_left+0x320/0x380 [ 13.468591] ? __kasan_check_write+0x18/0x20 [ 13.468611] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.468633] ? finish_task_switch.isra.0+0x153/0x700 [ 13.468677] ? out_of_line_wait_on_bit_timeout+0x7e/0x190 [ 13.468702] ? trace_hardirqs_on+0x37/0xe0 [ 13.468726] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.468751] ? __schedule+0x10cc/0x2b60 [ 13.468772] ? __pfx_read_tsc+0x10/0x10 [ 13.468793] ? ktime_get_ts64+0x86/0x230 [ 13.468863] kunit_try_run_case+0x1a5/0x480 [ 13.468901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.468922] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.468946] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.468968] ? __kthread_parkme+0x82/0x180 [ 13.468988] ? preempt_count_sub+0x50/0x80 [ 13.469010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.469041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.469063] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.469086] kthread+0x337/0x6f0 [ 13.469105] ? trace_preempt_on+0x20/0xc0 [ 13.469125] ? __pfx_kthread+0x10/0x10 [ 13.469145] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.469165] ? calculate_sigpending+0x7b/0xa0 [ 13.469187] ? __pfx_kthread+0x10/0x10 [ 13.469207] ret_from_fork+0x116/0x1d0 [ 13.469226] ? __pfx_kthread+0x10/0x10 [ 13.469246] ret_from_fork_asm+0x1a/0x30 [ 13.469277] </TASK> [ 13.469290] [ 13.478962] The buggy address belongs to stack of task kunit_try_catch/268 [ 13.479333] [ 13.479445] The buggy address belongs to the physical page: [ 13.479773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f7 [ 13.480167] flags: 0x200000000000000(node=0|zone=2) [ 13.480467] raw: 0200000000000000 ffffea00040e7dc8 ffffea00040e7dc8 0000000000000000 [ 13.480881] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.481200] page dumped because: kasan: bad access detected [ 13.481800] [ 13.482168] Memory state around the buggy address: [ 13.482429] ffff8881039f7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.483187] ffff8881039f7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.483494] >ffff8881039f7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.484274] ^ [ 13.484533] ffff8881039f7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.485052] ffff8881039f7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.485357] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 13.443416] ================================================================== [ 13.444350] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 13.445100] Read of size 1 at addr ffff88810397fd02 by task kunit_try_catch/266 [ 13.445424] [ 13.445572] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.445721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.445738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.445761] Call Trace: [ 13.445775] <TASK> [ 13.445804] dump_stack_lvl+0x73/0xb0 [ 13.445834] print_report+0xd1/0x650 [ 13.445858] ? __virt_addr_valid+0x1db/0x2d0 [ 13.445881] ? kasan_stack_oob+0x2b5/0x300 [ 13.445900] ? kasan_addr_to_slab+0x11/0xa0 [ 13.445921] ? kasan_stack_oob+0x2b5/0x300 [ 13.445941] kasan_report+0x141/0x180 [ 13.445962] ? kasan_stack_oob+0x2b5/0x300 [ 13.445986] __asan_report_load1_noabort+0x18/0x20 [ 13.446010] kasan_stack_oob+0x2b5/0x300 [ 13.446038] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.446058] ? finish_task_switch.isra.0+0x153/0x700 [ 13.446080] ? __switch_to+0x47/0xf50 [ 13.446106] ? __schedule+0x10cc/0x2b60 [ 13.446129] ? __pfx_read_tsc+0x10/0x10 [ 13.446149] ? ktime_get_ts64+0x86/0x230 [ 13.446173] kunit_try_run_case+0x1a5/0x480 [ 13.446196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.446218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.446241] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.446263] ? __kthread_parkme+0x82/0x180 [ 13.446282] ? preempt_count_sub+0x50/0x80 [ 13.446304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.446327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.446349] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.446371] kthread+0x337/0x6f0 [ 13.446390] ? trace_preempt_on+0x20/0xc0 [ 13.446414] ? __pfx_kthread+0x10/0x10 [ 13.446434] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.446456] ? calculate_sigpending+0x7b/0xa0 [ 13.446478] ? __pfx_kthread+0x10/0x10 [ 13.446499] ret_from_fork+0x116/0x1d0 [ 13.446517] ? __pfx_kthread+0x10/0x10 [ 13.446537] ret_from_fork_asm+0x1a/0x30 [ 13.446567] </TASK> [ 13.446578] [ 13.455473] The buggy address belongs to stack of task kunit_try_catch/266 [ 13.456075] and is located at offset 138 in frame: [ 13.456361] kasan_stack_oob+0x0/0x300 [ 13.456785] [ 13.456974] This frame has 4 objects: [ 13.457240] [48, 49) '__assertion' [ 13.457279] [64, 72) 'array' [ 13.457507] [96, 112) '__assertion' [ 13.458048] [128, 138) 'stack_array' [ 13.458259] [ 13.458555] The buggy address belongs to the physical page: [ 13.458910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10397f [ 13.459401] flags: 0x200000000000000(node=0|zone=2) [ 13.459745] raw: 0200000000000000 ffffea00040e5fc8 ffffea00040e5fc8 0000000000000000 [ 13.460091] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.460428] page dumped because: kasan: bad access detected [ 13.460802] [ 13.460877] Memory state around the buggy address: [ 13.461149] ffff88810397fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.461496] ffff88810397fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 13.461908] >ffff88810397fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.462239] ^ [ 13.462434] ffff88810397fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 13.462903] ffff88810397fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.463221] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 13.419938] ================================================================== [ 13.420637] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 13.421189] Read of size 1 at addr ffffffff87c61e8d by task kunit_try_catch/262 [ 13.421511] [ 13.421675] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.421818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.421835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.421857] Call Trace: [ 13.421871] <TASK> [ 13.421890] dump_stack_lvl+0x73/0xb0 [ 13.421921] print_report+0xd1/0x650 [ 13.421945] ? __virt_addr_valid+0x1db/0x2d0 [ 13.421969] ? kasan_global_oob_right+0x286/0x2d0 [ 13.421990] ? kasan_addr_to_slab+0x11/0xa0 [ 13.422010] ? kasan_global_oob_right+0x286/0x2d0 [ 13.422044] kasan_report+0x141/0x180 [ 13.422066] ? kasan_global_oob_right+0x286/0x2d0 [ 13.422091] __asan_report_load1_noabort+0x18/0x20 [ 13.422114] kasan_global_oob_right+0x286/0x2d0 [ 13.422135] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.422158] ? __schedule+0x10cc/0x2b60 [ 13.422180] ? __pfx_read_tsc+0x10/0x10 [ 13.422203] ? ktime_get_ts64+0x86/0x230 [ 13.422226] kunit_try_run_case+0x1a5/0x480 [ 13.422251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.422273] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.422296] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.422318] ? __kthread_parkme+0x82/0x180 [ 13.422338] ? preempt_count_sub+0x50/0x80 [ 13.422361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.422384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.422407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.422430] kthread+0x337/0x6f0 [ 13.422449] ? trace_preempt_on+0x20/0xc0 [ 13.422473] ? __pfx_kthread+0x10/0x10 [ 13.422493] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.422515] ? calculate_sigpending+0x7b/0xa0 [ 13.422539] ? __pfx_kthread+0x10/0x10 [ 13.422563] ret_from_fork+0x116/0x1d0 [ 13.422582] ? __pfx_kthread+0x10/0x10 [ 13.422601] ret_from_fork_asm+0x1a/0x30 [ 13.422633] </TASK> [ 13.422708] [ 13.430730] The buggy address belongs to the variable: [ 13.431084] global_array+0xd/0x40 [ 13.431289] [ 13.431404] The buggy address belongs to the physical page: [ 13.431878] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5ec61 [ 13.432307] flags: 0x100000000002000(reserved|node=0|zone=1) [ 13.432720] raw: 0100000000002000 ffffea00017b1848 ffffea00017b1848 0000000000000000 [ 13.433094] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.433411] page dumped because: kasan: bad access detected [ 13.433794] [ 13.433901] Memory state around the buggy address: [ 13.434158] ffffffff87c61d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.434479] ffffffff87c61e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.434946] >ffffffff87c61e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 13.435303] ^ [ 13.435450] ffffffff87c61f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 13.436088] ffffffff87c61f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 13.436432] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 13.394238] ================================================================== [ 13.394933] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.395539] Free of addr ffff8881039c8001 by task kunit_try_catch/260 [ 13.395848] [ 13.396129] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.396189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.396202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.396224] Call Trace: [ 13.396237] <TASK> [ 13.396256] dump_stack_lvl+0x73/0xb0 [ 13.396287] print_report+0xd1/0x650 [ 13.396310] ? __virt_addr_valid+0x1db/0x2d0 [ 13.396470] ? kasan_addr_to_slab+0x11/0xa0 [ 13.396499] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.396552] kasan_report_invalid_free+0x10a/0x130 [ 13.396576] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.396605] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.396629] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.396711] mempool_free+0x2ec/0x380 [ 13.396759] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.396786] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.396810] ? update_load_avg+0x1be/0x21b0 [ 13.396836] ? finish_task_switch.isra.0+0x153/0x700 [ 13.396861] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 13.396885] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.396911] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.396935] ? __pfx_mempool_kfree+0x10/0x10 [ 13.396959] ? __pfx_read_tsc+0x10/0x10 [ 13.396980] ? ktime_get_ts64+0x86/0x230 [ 13.397003] kunit_try_run_case+0x1a5/0x480 [ 13.397041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.397063] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.397087] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.397110] ? __kthread_parkme+0x82/0x180 [ 13.397131] ? preempt_count_sub+0x50/0x80 [ 13.397153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.397176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.397199] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.397221] kthread+0x337/0x6f0 [ 13.397240] ? trace_preempt_on+0x20/0xc0 [ 13.397264] ? __pfx_kthread+0x10/0x10 [ 13.397283] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.397304] ? calculate_sigpending+0x7b/0xa0 [ 13.397327] ? __pfx_kthread+0x10/0x10 [ 13.397348] ret_from_fork+0x116/0x1d0 [ 13.397366] ? __pfx_kthread+0x10/0x10 [ 13.397385] ret_from_fork_asm+0x1a/0x30 [ 13.397416] </TASK> [ 13.397428] [ 13.407186] The buggy address belongs to the physical page: [ 13.407478] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c8 [ 13.407927] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.408320] flags: 0x200000000000040(head|node=0|zone=2) [ 13.408579] page_type: f8(unknown) [ 13.408750] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.409098] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.409321] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.409833] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.410221] head: 0200000000000002 ffffea00040e7201 00000000ffffffff 00000000ffffffff [ 13.410588] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.411075] page dumped because: kasan: bad access detected [ 13.411312] [ 13.411411] Memory state around the buggy address: [ 13.411627] ffff8881039c7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.411954] ffff8881039c7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.412301] >ffff8881039c8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.412769] ^ [ 13.413055] ffff8881039c8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.413333] ffff8881039c8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.413670] ================================================================== [ 13.367056] ================================================================== [ 13.367593] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.368040] Free of addr ffff8881027e1501 by task kunit_try_catch/258 [ 13.368537] [ 13.368638] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.368703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.368715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.368738] Call Trace: [ 13.368765] <TASK> [ 13.368963] dump_stack_lvl+0x73/0xb0 [ 13.368998] print_report+0xd1/0x650 [ 13.369035] ? __virt_addr_valid+0x1db/0x2d0 [ 13.369084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.369107] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.369132] kasan_report_invalid_free+0x10a/0x130 [ 13.369157] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.369183] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.369206] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.369229] check_slab_allocation+0x11f/0x130 [ 13.369268] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.369291] mempool_free+0x2ec/0x380 [ 13.369313] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.369337] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.369360] ? update_load_avg+0x1be/0x21b0 [ 13.369388] ? finish_task_switch.isra.0+0x153/0x700 [ 13.369413] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.369436] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.369460] ? __kasan_check_write+0x18/0x20 [ 13.369480] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.369501] ? __pfx_mempool_kfree+0x10/0x10 [ 13.369526] ? __pfx_read_tsc+0x10/0x10 [ 13.369547] ? ktime_get_ts64+0x86/0x230 [ 13.369567] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.369593] kunit_try_run_case+0x1a5/0x480 [ 13.369617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.369777] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.369810] ? __kthread_parkme+0x82/0x180 [ 13.369831] ? preempt_count_sub+0x50/0x80 [ 13.369854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.369877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.369899] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.369921] kthread+0x337/0x6f0 [ 13.369940] ? trace_preempt_on+0x20/0xc0 [ 13.369963] ? __pfx_kthread+0x10/0x10 [ 13.369983] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.370004] ? calculate_sigpending+0x7b/0xa0 [ 13.370041] ? __pfx_kthread+0x10/0x10 [ 13.370062] ret_from_fork+0x116/0x1d0 [ 13.370081] ? __pfx_kthread+0x10/0x10 [ 13.370100] ret_from_fork_asm+0x1a/0x30 [ 13.370132] </TASK> [ 13.370144] [ 13.380286] Allocated by task 258: [ 13.380450] kasan_save_stack+0x45/0x70 [ 13.380675] kasan_save_track+0x18/0x40 [ 13.380918] kasan_save_alloc_info+0x3b/0x50 [ 13.381164] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.381794] remove_element+0x11e/0x190 [ 13.382125] mempool_alloc_preallocated+0x4d/0x90 [ 13.382284] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 13.382456] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.382613] kunit_try_run_case+0x1a5/0x480 [ 13.383197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.383471] kthread+0x337/0x6f0 [ 13.383707] ret_from_fork+0x116/0x1d0 [ 13.383947] ret_from_fork_asm+0x1a/0x30 [ 13.384271] [ 13.384373] The buggy address belongs to the object at ffff8881027e1500 [ 13.384373] which belongs to the cache kmalloc-128 of size 128 [ 13.384940] The buggy address is located 1 bytes inside of [ 13.384940] 128-byte region [ffff8881027e1500, ffff8881027e1580) [ 13.385269] [ 13.385342] The buggy address belongs to the physical page: [ 13.385617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e1 [ 13.386369] flags: 0x200000000000000(node=0|zone=2) [ 13.386641] page_type: f5(slab) [ 13.386922] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.387270] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.387503] page dumped because: kasan: bad access detected [ 13.387727] [ 13.387819] Memory state around the buggy address: [ 13.388057] ffff8881027e1400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.388384] ffff8881027e1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.388612] >ffff8881027e1500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.388976] ^ [ 13.389162] ffff8881027e1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.389422] ffff8881027e1600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.389629] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.317367] ================================================================== [ 13.317894] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.318266] Free of addr ffff8881039c4000 by task kunit_try_catch/254 [ 13.318542] [ 13.318649] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.318699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.318712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.318735] Call Trace: [ 13.318748] <TASK> [ 13.318767] dump_stack_lvl+0x73/0xb0 [ 13.318795] print_report+0xd1/0x650 [ 13.318819] ? __virt_addr_valid+0x1db/0x2d0 [ 13.318843] ? kasan_addr_to_slab+0x11/0xa0 [ 13.318863] ? mempool_double_free_helper+0x184/0x370 [ 13.318886] kasan_report_invalid_free+0x10a/0x130 [ 13.318910] ? mempool_double_free_helper+0x184/0x370 [ 13.318935] ? mempool_double_free_helper+0x184/0x370 [ 13.318957] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.318981] mempool_free+0x2ec/0x380 [ 13.319002] mempool_double_free_helper+0x184/0x370 [ 13.319036] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.319058] ? update_load_avg+0x1be/0x21b0 [ 13.319084] ? finish_task_switch.isra.0+0x153/0x700 [ 13.319108] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.319133] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.319159] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.319181] ? __pfx_mempool_kfree+0x10/0x10 [ 13.319204] ? __pfx_read_tsc+0x10/0x10 [ 13.319224] ? ktime_get_ts64+0x86/0x230 [ 13.319247] kunit_try_run_case+0x1a5/0x480 [ 13.319272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.319293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.319316] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.319339] ? __kthread_parkme+0x82/0x180 [ 13.319359] ? preempt_count_sub+0x50/0x80 [ 13.319381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.319404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.319426] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.319448] kthread+0x337/0x6f0 [ 13.319467] ? trace_preempt_on+0x20/0xc0 [ 13.319490] ? __pfx_kthread+0x10/0x10 [ 13.319509] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.319530] ? calculate_sigpending+0x7b/0xa0 [ 13.319553] ? __pfx_kthread+0x10/0x10 [ 13.319573] ret_from_fork+0x116/0x1d0 [ 13.319591] ? __pfx_kthread+0x10/0x10 [ 13.319611] ret_from_fork_asm+0x1a/0x30 [ 13.319641] </TASK> [ 13.319653] [ 13.328355] The buggy address belongs to the physical page: [ 13.328554] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c4 [ 13.328886] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.329135] flags: 0x200000000000040(head|node=0|zone=2) [ 13.329339] page_type: f8(unknown) [ 13.329525] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.330126] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.330437] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.330816] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.331186] head: 0200000000000002 ffffea00040e7101 00000000ffffffff 00000000ffffffff [ 13.331535] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.331961] page dumped because: kasan: bad access detected [ 13.332239] [ 13.332337] Memory state around the buggy address: [ 13.332570] ffff8881039c3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.332961] ffff8881039c3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.333194] >ffff8881039c4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.333407] ^ [ 13.333523] ffff8881039c4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.334003] ffff8881039c4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.334343] ================================================================== [ 13.342409] ================================================================== [ 13.343115] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.343535] Free of addr ffff888102a8c000 by task kunit_try_catch/256 [ 13.343901] [ 13.344038] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.344086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.344100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.344122] Call Trace: [ 13.344135] <TASK> [ 13.344161] dump_stack_lvl+0x73/0xb0 [ 13.344194] print_report+0xd1/0x650 [ 13.344218] ? __virt_addr_valid+0x1db/0x2d0 [ 13.344244] ? kasan_addr_to_slab+0x11/0xa0 [ 13.344264] ? mempool_double_free_helper+0x184/0x370 [ 13.344288] kasan_report_invalid_free+0x10a/0x130 [ 13.344311] ? mempool_double_free_helper+0x184/0x370 [ 13.344336] ? mempool_double_free_helper+0x184/0x370 [ 13.344358] __kasan_mempool_poison_pages+0x115/0x130 [ 13.344381] mempool_free+0x290/0x380 [ 13.344404] mempool_double_free_helper+0x184/0x370 [ 13.344427] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.344453] ? finish_task_switch.isra.0+0x153/0x700 [ 13.344481] mempool_page_alloc_double_free+0xe8/0x140 [ 13.344504] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.344531] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.344550] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.344571] ? __pfx_read_tsc+0x10/0x10 [ 13.344592] ? ktime_get_ts64+0x86/0x230 [ 13.344617] kunit_try_run_case+0x1a5/0x480 [ 13.344701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.344726] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.344751] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.344773] ? __kthread_parkme+0x82/0x180 [ 13.344794] ? preempt_count_sub+0x50/0x80 [ 13.344816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.344839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.344861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.344884] kthread+0x337/0x6f0 [ 13.344903] ? trace_preempt_on+0x20/0xc0 [ 13.344927] ? __pfx_kthread+0x10/0x10 [ 13.344948] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.344968] ? calculate_sigpending+0x7b/0xa0 [ 13.344992] ? __pfx_kthread+0x10/0x10 [ 13.345013] ret_from_fork+0x116/0x1d0 [ 13.345043] ? __pfx_kthread+0x10/0x10 [ 13.345063] ret_from_fork_asm+0x1a/0x30 [ 13.345093] </TASK> [ 13.345106] [ 13.356191] The buggy address belongs to the physical page: [ 13.356428] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a8c [ 13.356793] flags: 0x200000000000000(node=0|zone=2) [ 13.357768] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.358094] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.358421] page dumped because: kasan: bad access detected [ 13.358741] [ 13.358850] Memory state around the buggy address: [ 13.359078] ffff888102a8bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.359422] ffff888102a8bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.359734] >ffff888102a8c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.360014] ^ [ 13.360194] ffff888102a8c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.360587] ffff888102a8c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.360914] ================================================================== [ 13.275224] ================================================================== [ 13.276467] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.277597] Free of addr ffff8881027e1100 by task kunit_try_catch/252 [ 13.277948] [ 13.278063] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.278113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.278125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.278149] Call Trace: [ 13.278162] <TASK> [ 13.278181] dump_stack_lvl+0x73/0xb0 [ 13.278213] print_report+0xd1/0x650 [ 13.278236] ? __virt_addr_valid+0x1db/0x2d0 [ 13.278263] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.278284] ? mempool_double_free_helper+0x184/0x370 [ 13.278307] kasan_report_invalid_free+0x10a/0x130 [ 13.278330] ? mempool_double_free_helper+0x184/0x370 [ 13.278355] ? mempool_double_free_helper+0x184/0x370 [ 13.278376] ? mempool_double_free_helper+0x184/0x370 [ 13.278398] check_slab_allocation+0x101/0x130 [ 13.278418] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.278466] mempool_free+0x2ec/0x380 [ 13.278491] mempool_double_free_helper+0x184/0x370 [ 13.278514] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.278540] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.278561] ? finish_task_switch.isra.0+0x153/0x700 [ 13.278588] mempool_kmalloc_double_free+0xed/0x140 [ 13.278611] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.278708] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.278736] ? __pfx_mempool_kfree+0x10/0x10 [ 13.278761] ? __pfx_read_tsc+0x10/0x10 [ 13.278783] ? ktime_get_ts64+0x86/0x230 [ 13.278809] kunit_try_run_case+0x1a5/0x480 [ 13.278836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.278857] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.278881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.278903] ? __kthread_parkme+0x82/0x180 [ 13.278925] ? preempt_count_sub+0x50/0x80 [ 13.278948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.278971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.278993] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.279015] kthread+0x337/0x6f0 [ 13.279046] ? trace_preempt_on+0x20/0xc0 [ 13.279071] ? __pfx_kthread+0x10/0x10 [ 13.279090] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.279111] ? calculate_sigpending+0x7b/0xa0 [ 13.279135] ? __pfx_kthread+0x10/0x10 [ 13.279156] ret_from_fork+0x116/0x1d0 [ 13.279175] ? __pfx_kthread+0x10/0x10 [ 13.279194] ret_from_fork_asm+0x1a/0x30 [ 13.279224] </TASK> [ 13.279237] [ 13.290129] Allocated by task 252: [ 13.290303] kasan_save_stack+0x45/0x70 [ 13.290507] kasan_save_track+0x18/0x40 [ 13.290988] kasan_save_alloc_info+0x3b/0x50 [ 13.291237] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.291474] remove_element+0x11e/0x190 [ 13.292130] mempool_alloc_preallocated+0x4d/0x90 [ 13.292348] mempool_double_free_helper+0x8a/0x370 [ 13.292569] mempool_kmalloc_double_free+0xed/0x140 [ 13.293013] kunit_try_run_case+0x1a5/0x480 [ 13.293231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.293462] kthread+0x337/0x6f0 [ 13.293625] ret_from_fork+0x116/0x1d0 [ 13.294119] ret_from_fork_asm+0x1a/0x30 [ 13.294309] [ 13.294401] Freed by task 252: [ 13.294545] kasan_save_stack+0x45/0x70 [ 13.295163] kasan_save_track+0x18/0x40 [ 13.295440] kasan_save_free_info+0x3f/0x60 [ 13.295830] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.296069] mempool_free+0x2ec/0x380 [ 13.296240] mempool_double_free_helper+0x109/0x370 [ 13.296447] mempool_kmalloc_double_free+0xed/0x140 [ 13.297185] kunit_try_run_case+0x1a5/0x480 [ 13.297377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.297557] kthread+0x337/0x6f0 [ 13.298059] ret_from_fork+0x116/0x1d0 [ 13.298798] ret_from_fork_asm+0x1a/0x30 [ 13.299265] [ 13.299479] The buggy address belongs to the object at ffff8881027e1100 [ 13.299479] which belongs to the cache kmalloc-128 of size 128 [ 13.300401] The buggy address is located 0 bytes inside of [ 13.300401] 128-byte region [ffff8881027e1100, ffff8881027e1180) [ 13.301785] [ 13.301887] The buggy address belongs to the physical page: [ 13.302149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e1 [ 13.303051] flags: 0x200000000000000(node=0|zone=2) [ 13.303547] page_type: f5(slab) [ 13.303705] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.304206] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.304606] page dumped because: kasan: bad access detected [ 13.304902] [ 13.305132] Memory state around the buggy address: [ 13.305635] ffff8881027e1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.306263] ffff8881027e1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.306886] >ffff8881027e1100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.307545] ^ [ 13.307887] ffff8881027e1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.308404] ffff8881027e1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.309102] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.241401] ================================================================== [ 13.241806] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.242056] Read of size 1 at addr ffff8881039c4000 by task kunit_try_catch/250 [ 13.242277] [ 13.242370] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.242418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.242430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.242452] Call Trace: [ 13.242464] <TASK> [ 13.242484] dump_stack_lvl+0x73/0xb0 [ 13.242511] print_report+0xd1/0x650 [ 13.242534] ? __virt_addr_valid+0x1db/0x2d0 [ 13.242557] ? mempool_uaf_helper+0x392/0x400 [ 13.242579] ? kasan_addr_to_slab+0x11/0xa0 [ 13.242598] ? mempool_uaf_helper+0x392/0x400 [ 13.242619] kasan_report+0x141/0x180 [ 13.242641] ? mempool_uaf_helper+0x392/0x400 [ 13.242666] __asan_report_load1_noabort+0x18/0x20 [ 13.242689] mempool_uaf_helper+0x392/0x400 [ 13.242712] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.242734] ? __kasan_check_write+0x18/0x20 [ 13.242753] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.242774] ? finish_task_switch.isra.0+0x153/0x700 [ 13.242799] mempool_page_alloc_uaf+0xed/0x140 [ 13.242821] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.242848] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.242869] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.242891] ? __pfx_read_tsc+0x10/0x10 [ 13.242913] ? ktime_get_ts64+0x86/0x230 [ 13.242937] kunit_try_run_case+0x1a5/0x480 [ 13.242962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.242983] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.243007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.243453] ? __kthread_parkme+0x82/0x180 [ 13.243485] ? preempt_count_sub+0x50/0x80 [ 13.243509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.243533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.243558] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.243833] kthread+0x337/0x6f0 [ 13.243859] ? trace_preempt_on+0x20/0xc0 [ 13.243884] ? __pfx_kthread+0x10/0x10 [ 13.243904] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.243926] ? calculate_sigpending+0x7b/0xa0 [ 13.243950] ? __pfx_kthread+0x10/0x10 [ 13.243971] ret_from_fork+0x116/0x1d0 [ 13.243990] ? __pfx_kthread+0x10/0x10 [ 13.244010] ret_from_fork_asm+0x1a/0x30 [ 13.244053] </TASK> [ 13.244066] [ 13.262998] The buggy address belongs to the physical page: [ 13.263509] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c4 [ 13.264058] flags: 0x200000000000000(node=0|zone=2) [ 13.264249] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.264481] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.264940] page dumped because: kasan: bad access detected [ 13.265422] [ 13.265585] Memory state around the buggy address: [ 13.266077] ffff8881039c3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.266780] ffff8881039c3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.267400] >ffff8881039c4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.267999] ^ [ 13.268131] ffff8881039c4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.268351] ffff8881039c4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.268565] ================================================================== [ 13.177172] ================================================================== [ 13.177611] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.177956] Read of size 1 at addr ffff8881039c4000 by task kunit_try_catch/246 [ 13.178216] [ 13.178331] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.178376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.178388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.178411] Call Trace: [ 13.178423] <TASK> [ 13.178441] dump_stack_lvl+0x73/0xb0 [ 13.178468] print_report+0xd1/0x650 [ 13.178491] ? __virt_addr_valid+0x1db/0x2d0 [ 13.178514] ? mempool_uaf_helper+0x392/0x400 [ 13.178535] ? kasan_addr_to_slab+0x11/0xa0 [ 13.178556] ? mempool_uaf_helper+0x392/0x400 [ 13.178577] kasan_report+0x141/0x180 [ 13.178598] ? mempool_uaf_helper+0x392/0x400 [ 13.178623] __asan_report_load1_noabort+0x18/0x20 [ 13.178648] mempool_uaf_helper+0x392/0x400 [ 13.178670] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.178691] ? update_curr+0x5c1/0x810 [ 13.178719] mempool_kmalloc_large_uaf+0xef/0x140 [ 13.178742] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.178764] ? schedule+0x7c/0x2e0 [ 13.178785] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.178909] ? __pfx_mempool_kfree+0x10/0x10 [ 13.178937] ? __pfx_read_tsc+0x10/0x10 [ 13.178958] ? ktime_get_ts64+0x86/0x230 [ 13.178981] kunit_try_run_case+0x1a5/0x480 [ 13.179005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.179038] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.179063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.179086] ? __kthread_parkme+0x82/0x180 [ 13.179106] ? preempt_count_sub+0x50/0x80 [ 13.179130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.179154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.179175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.179198] kthread+0x337/0x6f0 [ 13.179216] ? trace_preempt_on+0x20/0xc0 [ 13.179239] ? __pfx_kthread+0x10/0x10 [ 13.179259] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.179280] ? calculate_sigpending+0x7b/0xa0 [ 13.179303] ? __pfx_kthread+0x10/0x10 [ 13.179323] ret_from_fork+0x116/0x1d0 [ 13.179341] ? __pfx_kthread+0x10/0x10 [ 13.179361] ret_from_fork_asm+0x1a/0x30 [ 13.179391] </TASK> [ 13.179402] [ 13.187979] The buggy address belongs to the physical page: [ 13.188290] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c4 [ 13.188592] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.189032] flags: 0x200000000000040(head|node=0|zone=2) [ 13.189291] page_type: f8(unknown) [ 13.189514] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.189962] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.190465] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.190809] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.191443] head: 0200000000000002 ffffea00040e7101 00000000ffffffff 00000000ffffffff [ 13.191999] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.192356] page dumped because: kasan: bad access detected [ 13.192617] [ 13.192788] Memory state around the buggy address: [ 13.192996] ffff8881039c3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.193277] ffff8881039c3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.193604] >ffff8881039c4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.194121] ^ [ 13.194263] ffff8881039c4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.194609] ffff8881039c4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.195187] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.141130] ================================================================== [ 13.141535] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.141791] Read of size 1 at addr ffff8881033ae600 by task kunit_try_catch/244 [ 13.142019] [ 13.142127] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.142183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.142197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.142227] Call Trace: [ 13.142242] <TASK> [ 13.142261] dump_stack_lvl+0x73/0xb0 [ 13.142292] print_report+0xd1/0x650 [ 13.142316] ? __virt_addr_valid+0x1db/0x2d0 [ 13.142344] ? mempool_uaf_helper+0x392/0x400 [ 13.142367] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.142393] ? mempool_uaf_helper+0x392/0x400 [ 13.142416] kasan_report+0x141/0x180 [ 13.142439] ? mempool_uaf_helper+0x392/0x400 [ 13.142467] __asan_report_load1_noabort+0x18/0x20 [ 13.142494] mempool_uaf_helper+0x392/0x400 [ 13.142518] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.142543] ? __kasan_check_write+0x18/0x20 [ 13.142563] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.142588] ? finish_task_switch.isra.0+0x153/0x700 [ 13.142616] mempool_kmalloc_uaf+0xef/0x140 [ 13.142639] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.142665] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.142691] ? __pfx_mempool_kfree+0x10/0x10 [ 13.142716] ? __pfx_read_tsc+0x10/0x10 [ 13.142740] ? ktime_get_ts64+0x86/0x230 [ 13.142765] kunit_try_run_case+0x1a5/0x480 [ 13.142793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.142816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.142842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.142867] ? __kthread_parkme+0x82/0x180 [ 13.142890] ? preempt_count_sub+0x50/0x80 [ 13.142913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.142938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.142963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.142988] kthread+0x337/0x6f0 [ 13.143007] ? trace_preempt_on+0x20/0xc0 [ 13.143463] ? __pfx_kthread+0x10/0x10 [ 13.143493] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.143769] ? calculate_sigpending+0x7b/0xa0 [ 13.143802] ? __pfx_kthread+0x10/0x10 [ 13.143906] ret_from_fork+0x116/0x1d0 [ 13.143931] ? __pfx_kthread+0x10/0x10 [ 13.143952] ret_from_fork_asm+0x1a/0x30 [ 13.143986] </TASK> [ 13.143998] [ 13.157168] Allocated by task 244: [ 13.157444] kasan_save_stack+0x45/0x70 [ 13.157845] kasan_save_track+0x18/0x40 [ 13.158013] kasan_save_alloc_info+0x3b/0x50 [ 13.158383] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.158631] remove_element+0x11e/0x190 [ 13.159040] mempool_alloc_preallocated+0x4d/0x90 [ 13.159266] mempool_uaf_helper+0x96/0x400 [ 13.159454] mempool_kmalloc_uaf+0xef/0x140 [ 13.159642] kunit_try_run_case+0x1a5/0x480 [ 13.159840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.160077] kthread+0x337/0x6f0 [ 13.160247] ret_from_fork+0x116/0x1d0 [ 13.160414] ret_from_fork_asm+0x1a/0x30 [ 13.160588] [ 13.160684] Freed by task 244: [ 13.161197] kasan_save_stack+0x45/0x70 [ 13.161393] kasan_save_track+0x18/0x40 [ 13.161532] kasan_save_free_info+0x3f/0x60 [ 13.161682] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.161929] mempool_free+0x2ec/0x380 [ 13.162135] mempool_uaf_helper+0x11a/0x400 [ 13.162346] mempool_kmalloc_uaf+0xef/0x140 [ 13.162628] kunit_try_run_case+0x1a5/0x480 [ 13.162894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.163095] kthread+0x337/0x6f0 [ 13.163238] ret_from_fork+0x116/0x1d0 [ 13.163434] ret_from_fork_asm+0x1a/0x30 [ 13.163630] [ 13.163730] The buggy address belongs to the object at ffff8881033ae600 [ 13.163730] which belongs to the cache kmalloc-128 of size 128 [ 13.164457] The buggy address is located 0 bytes inside of [ 13.164457] freed 128-byte region [ffff8881033ae600, ffff8881033ae680) [ 13.164855] [ 13.165152] The buggy address belongs to the physical page: [ 13.165414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033ae [ 13.165815] flags: 0x200000000000000(node=0|zone=2) [ 13.166046] page_type: f5(slab) [ 13.166173] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.166495] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.166837] page dumped because: kasan: bad access detected [ 13.167278] [ 13.167370] Memory state around the buggy address: [ 13.167576] ffff8881033ae500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.167960] ffff8881033ae580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.168284] >ffff8881033ae600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.168541] ^ [ 13.168660] ffff8881033ae680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.168982] ffff8881033ae700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.169296] ================================================================== [ 13.208047] ================================================================== [ 13.208584] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.209057] Read of size 1 at addr ffff8881027e0240 by task kunit_try_catch/248 [ 13.209338] [ 13.209483] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.209541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.209556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.209605] Call Trace: [ 13.209619] <TASK> [ 13.209638] dump_stack_lvl+0x73/0xb0 [ 13.209673] print_report+0xd1/0x650 [ 13.209697] ? __virt_addr_valid+0x1db/0x2d0 [ 13.209724] ? mempool_uaf_helper+0x392/0x400 [ 13.209747] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.209772] ? mempool_uaf_helper+0x392/0x400 [ 13.209795] kasan_report+0x141/0x180 [ 13.209817] ? mempool_uaf_helper+0x392/0x400 [ 13.209844] __asan_report_load1_noabort+0x18/0x20 [ 13.209870] mempool_uaf_helper+0x392/0x400 [ 13.209958] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.209987] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.210013] ? finish_task_switch.isra.0+0x153/0x700 [ 13.210053] mempool_slab_uaf+0xea/0x140 [ 13.210078] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.210106] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.210153] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.210176] ? __pfx_read_tsc+0x10/0x10 [ 13.210199] ? ktime_get_ts64+0x86/0x230 [ 13.210226] kunit_try_run_case+0x1a5/0x480 [ 13.210253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.210276] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.210304] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.210327] ? __kthread_parkme+0x82/0x180 [ 13.210349] ? preempt_count_sub+0x50/0x80 [ 13.210374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.210398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.210423] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.210450] kthread+0x337/0x6f0 [ 13.210469] ? trace_preempt_on+0x20/0xc0 [ 13.210495] ? __pfx_kthread+0x10/0x10 [ 13.210516] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.210538] ? calculate_sigpending+0x7b/0xa0 [ 13.210564] ? __pfx_kthread+0x10/0x10 [ 13.210586] ret_from_fork+0x116/0x1d0 [ 13.210605] ? __pfx_kthread+0x10/0x10 [ 13.210626] ret_from_fork_asm+0x1a/0x30 [ 13.210697] </TASK> [ 13.210711] [ 13.219675] Allocated by task 248: [ 13.220095] kasan_save_stack+0x45/0x70 [ 13.220319] kasan_save_track+0x18/0x40 [ 13.220517] kasan_save_alloc_info+0x3b/0x50 [ 13.220724] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.220899] remove_element+0x11e/0x190 [ 13.221048] mempool_alloc_preallocated+0x4d/0x90 [ 13.221345] mempool_uaf_helper+0x96/0x400 [ 13.221620] mempool_slab_uaf+0xea/0x140 [ 13.222102] kunit_try_run_case+0x1a5/0x480 [ 13.222578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.222851] kthread+0x337/0x6f0 [ 13.222981] ret_from_fork+0x116/0x1d0 [ 13.223191] ret_from_fork_asm+0x1a/0x30 [ 13.223400] [ 13.223503] Freed by task 248: [ 13.223782] kasan_save_stack+0x45/0x70 [ 13.224003] kasan_save_track+0x18/0x40 [ 13.224154] kasan_save_free_info+0x3f/0x60 [ 13.224299] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.224500] mempool_free+0x2ec/0x380 [ 13.224753] mempool_uaf_helper+0x11a/0x400 [ 13.225141] mempool_slab_uaf+0xea/0x140 [ 13.225391] kunit_try_run_case+0x1a5/0x480 [ 13.225684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.225950] kthread+0x337/0x6f0 [ 13.226172] ret_from_fork+0x116/0x1d0 [ 13.226394] ret_from_fork_asm+0x1a/0x30 [ 13.226597] [ 13.226726] The buggy address belongs to the object at ffff8881027e0240 [ 13.226726] which belongs to the cache test_cache of size 123 [ 13.227199] The buggy address is located 0 bytes inside of [ 13.227199] freed 123-byte region [ffff8881027e0240, ffff8881027e02bb) [ 13.227896] [ 13.228019] The buggy address belongs to the physical page: [ 13.228327] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e0 [ 13.228732] flags: 0x200000000000000(node=0|zone=2) [ 13.229053] page_type: f5(slab) [ 13.229269] raw: 0200000000000000 ffff8881015c4b40 dead000000000122 0000000000000000 [ 13.229608] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.229998] page dumped because: kasan: bad access detected [ 13.230379] [ 13.230483] Memory state around the buggy address: [ 13.230718] ffff8881027e0100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.231149] ffff8881027e0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.231463] >ffff8881027e0200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.231923] ^ [ 13.232311] ffff8881027e0280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.232840] ffff8881027e0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.233190] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.085480] ================================================================== [ 13.086112] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.086410] Read of size 1 at addr ffff888102a8a001 by task kunit_try_catch/240 [ 13.086725] [ 13.086872] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.086928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.086943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.086972] Call Trace: [ 13.086987] <TASK> [ 13.087009] dump_stack_lvl+0x73/0xb0 [ 13.087050] print_report+0xd1/0x650 [ 13.087074] ? __virt_addr_valid+0x1db/0x2d0 [ 13.087101] ? mempool_oob_right_helper+0x318/0x380 [ 13.087125] ? kasan_addr_to_slab+0x11/0xa0 [ 13.087147] ? mempool_oob_right_helper+0x318/0x380 [ 13.087171] kasan_report+0x141/0x180 [ 13.087193] ? mempool_oob_right_helper+0x318/0x380 [ 13.087223] __asan_report_load1_noabort+0x18/0x20 [ 13.087250] mempool_oob_right_helper+0x318/0x380 [ 13.087276] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.087317] ? __kasan_check_write+0x18/0x20 [ 13.087357] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.087394] ? finish_task_switch.isra.0+0x153/0x700 [ 13.087422] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.087448] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.087477] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.087501] ? __pfx_mempool_kfree+0x10/0x10 [ 13.087526] ? __pfx_read_tsc+0x10/0x10 [ 13.087548] ? ktime_get_ts64+0x86/0x230 [ 13.087574] kunit_try_run_case+0x1a5/0x480 [ 13.087601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.087624] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.087674] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.087699] ? __kthread_parkme+0x82/0x180 [ 13.087734] ? preempt_count_sub+0x50/0x80 [ 13.087756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.087781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.087806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.087860] kthread+0x337/0x6f0 [ 13.087885] ? trace_preempt_on+0x20/0xc0 [ 13.087909] ? __pfx_kthread+0x10/0x10 [ 13.087930] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.087951] ? calculate_sigpending+0x7b/0xa0 [ 13.087975] ? __pfx_kthread+0x10/0x10 [ 13.087997] ret_from_fork+0x116/0x1d0 [ 13.088016] ? __pfx_kthread+0x10/0x10 [ 13.088047] ret_from_fork_asm+0x1a/0x30 [ 13.088078] </TASK> [ 13.088091] [ 13.096438] The buggy address belongs to the physical page: [ 13.096736] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a88 [ 13.097060] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.097379] flags: 0x200000000000040(head|node=0|zone=2) [ 13.097584] page_type: f8(unknown) [ 13.097848] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.098158] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.098397] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.098952] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.099325] head: 0200000000000002 ffffea00040aa201 00000000ffffffff 00000000ffffffff [ 13.099769] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.100054] page dumped because: kasan: bad access detected [ 13.100260] [ 13.100353] Memory state around the buggy address: [ 13.100594] ffff888102a89f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.100965] ffff888102a89f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.101206] >ffff888102a8a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.101528] ^ [ 13.101770] ffff888102a8a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.102055] ffff888102a8a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.102356] ================================================================== [ 13.054893] ================================================================== [ 13.055342] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.055737] Read of size 1 at addr ffff8881027c2d73 by task kunit_try_catch/238 [ 13.056054] [ 13.056160] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.056210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.056222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.056245] Call Trace: [ 13.056258] <TASK> [ 13.056283] dump_stack_lvl+0x73/0xb0 [ 13.056758] print_report+0xd1/0x650 [ 13.056787] ? __virt_addr_valid+0x1db/0x2d0 [ 13.056816] ? mempool_oob_right_helper+0x318/0x380 [ 13.056839] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.056861] ? mempool_oob_right_helper+0x318/0x380 [ 13.056884] kasan_report+0x141/0x180 [ 13.056905] ? mempool_oob_right_helper+0x318/0x380 [ 13.056932] __asan_report_load1_noabort+0x18/0x20 [ 13.056955] mempool_oob_right_helper+0x318/0x380 [ 13.056979] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.057002] ? __kasan_check_write+0x18/0x20 [ 13.057031] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.057055] ? finish_task_switch.isra.0+0x153/0x700 [ 13.057080] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.057103] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.057128] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.057152] ? __pfx_mempool_kfree+0x10/0x10 [ 13.057176] ? __pfx_read_tsc+0x10/0x10 [ 13.057198] ? ktime_get_ts64+0x86/0x230 [ 13.057223] kunit_try_run_case+0x1a5/0x480 [ 13.057250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.057270] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.057294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.057316] ? __kthread_parkme+0x82/0x180 [ 13.057338] ? preempt_count_sub+0x50/0x80 [ 13.057361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.057386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.057408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.057430] kthread+0x337/0x6f0 [ 13.057448] ? trace_preempt_on+0x20/0xc0 [ 13.057472] ? __pfx_kthread+0x10/0x10 [ 13.057491] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.057512] ? calculate_sigpending+0x7b/0xa0 [ 13.057535] ? __pfx_kthread+0x10/0x10 [ 13.057556] ret_from_fork+0x116/0x1d0 [ 13.057573] ? __pfx_kthread+0x10/0x10 [ 13.057593] ret_from_fork_asm+0x1a/0x30 [ 13.057625] </TASK> [ 13.057812] [ 13.069492] Allocated by task 238: [ 13.069970] kasan_save_stack+0x45/0x70 [ 13.070192] kasan_save_track+0x18/0x40 [ 13.070465] kasan_save_alloc_info+0x3b/0x50 [ 13.070804] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.071066] remove_element+0x11e/0x190 [ 13.071425] mempool_alloc_preallocated+0x4d/0x90 [ 13.071844] mempool_oob_right_helper+0x8a/0x380 [ 13.072065] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.072422] kunit_try_run_case+0x1a5/0x480 [ 13.072628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.073001] kthread+0x337/0x6f0 [ 13.073153] ret_from_fork+0x116/0x1d0 [ 13.073345] ret_from_fork_asm+0x1a/0x30 [ 13.073552] [ 13.073647] The buggy address belongs to the object at ffff8881027c2d00 [ 13.073647] which belongs to the cache kmalloc-128 of size 128 [ 13.074217] The buggy address is located 0 bytes to the right of [ 13.074217] allocated 115-byte region [ffff8881027c2d00, ffff8881027c2d73) [ 13.075118] [ 13.075247] The buggy address belongs to the physical page: [ 13.075616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027c2 [ 13.076000] flags: 0x200000000000000(node=0|zone=2) [ 13.076415] page_type: f5(slab) [ 13.076951] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.077254] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.077608] page dumped because: kasan: bad access detected [ 13.078057] [ 13.078137] Memory state around the buggy address: [ 13.078396] ffff8881027c2c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.078985] ffff8881027c2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.079292] >ffff8881027c2d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.079873] ^ [ 13.080270] ffff8881027c2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.080678] ffff8881027c2e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.081152] ================================================================== [ 13.107863] ================================================================== [ 13.108375] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.108746] Read of size 1 at addr ffff8881033c02bb by task kunit_try_catch/242 [ 13.109068] [ 13.109165] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.109216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.109227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.109251] Call Trace: [ 13.109264] <TASK> [ 13.109284] dump_stack_lvl+0x73/0xb0 [ 13.109315] print_report+0xd1/0x650 [ 13.109338] ? __virt_addr_valid+0x1db/0x2d0 [ 13.109364] ? mempool_oob_right_helper+0x318/0x380 [ 13.109386] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.109408] ? mempool_oob_right_helper+0x318/0x380 [ 13.109430] kasan_report+0x141/0x180 [ 13.109451] ? mempool_oob_right_helper+0x318/0x380 [ 13.109478] __asan_report_load1_noabort+0x18/0x20 [ 13.109502] mempool_oob_right_helper+0x318/0x380 [ 13.109525] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.109551] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.109574] ? finish_task_switch.isra.0+0x153/0x700 [ 13.109600] mempool_slab_oob_right+0xed/0x140 [ 13.109623] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.109649] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.109670] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.109689] ? __pfx_read_tsc+0x10/0x10 [ 13.109711] ? ktime_get_ts64+0x86/0x230 [ 13.109736] kunit_try_run_case+0x1a5/0x480 [ 13.109761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.109783] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.109806] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.109828] ? __kthread_parkme+0x82/0x180 [ 13.109850] ? preempt_count_sub+0x50/0x80 [ 13.109871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.109916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.109939] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.109961] kthread+0x337/0x6f0 [ 13.109979] ? trace_preempt_on+0x20/0xc0 [ 13.110003] ? __pfx_kthread+0x10/0x10 [ 13.110032] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.110052] ? calculate_sigpending+0x7b/0xa0 [ 13.110076] ? __pfx_kthread+0x10/0x10 [ 13.110096] ret_from_fork+0x116/0x1d0 [ 13.110114] ? __pfx_kthread+0x10/0x10 [ 13.110133] ret_from_fork_asm+0x1a/0x30 [ 13.110164] </TASK> [ 13.110176] [ 13.120271] Allocated by task 242: [ 13.120569] kasan_save_stack+0x45/0x70 [ 13.120953] kasan_save_track+0x18/0x40 [ 13.121159] kasan_save_alloc_info+0x3b/0x50 [ 13.121469] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.121800] remove_element+0x11e/0x190 [ 13.121944] mempool_alloc_preallocated+0x4d/0x90 [ 13.122185] mempool_oob_right_helper+0x8a/0x380 [ 13.122376] mempool_slab_oob_right+0xed/0x140 [ 13.122578] kunit_try_run_case+0x1a5/0x480 [ 13.123130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.123434] kthread+0x337/0x6f0 [ 13.123563] ret_from_fork+0x116/0x1d0 [ 13.123876] ret_from_fork_asm+0x1a/0x30 [ 13.124069] [ 13.124176] The buggy address belongs to the object at ffff8881033c0240 [ 13.124176] which belongs to the cache test_cache of size 123 [ 13.124829] The buggy address is located 0 bytes to the right of [ 13.124829] allocated 123-byte region [ffff8881033c0240, ffff8881033c02bb) [ 13.125352] [ 13.125432] The buggy address belongs to the physical page: [ 13.125649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033c0 [ 13.126343] flags: 0x200000000000000(node=0|zone=2) [ 13.126776] page_type: f5(slab) [ 13.126966] raw: 0200000000000000 ffff8881033b63c0 dead000000000122 0000000000000000 [ 13.127330] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.127781] page dumped because: kasan: bad access detected [ 13.128117] [ 13.128347] Memory state around the buggy address: [ 13.128516] ffff8881033c0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.129083] ffff8881033c0200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.129510] >ffff8881033c0280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.129920] ^ [ 13.130249] ffff8881033c0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.130504] ffff8881033c0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.131150] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 12.482769] ================================================================== [ 12.483424] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 12.484254] Read of size 1 at addr ffff8881015c4a00 by task kunit_try_catch/232 [ 12.484628] [ 12.484870] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.484963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.484999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.485082] Call Trace: [ 12.485097] <TASK> [ 12.485119] dump_stack_lvl+0x73/0xb0 [ 12.485164] print_report+0xd1/0x650 [ 12.485189] ? __virt_addr_valid+0x1db/0x2d0 [ 12.485214] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.485238] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.485259] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.485284] kasan_report+0x141/0x180 [ 12.485305] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.485331] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.485355] __kasan_check_byte+0x3d/0x50 [ 12.485376] kmem_cache_destroy+0x25/0x1d0 [ 12.485399] kmem_cache_double_destroy+0x1bf/0x380 [ 12.485422] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.485445] ? finish_task_switch.isra.0+0x153/0x700 [ 12.485468] ? __switch_to+0x47/0xf50 [ 12.485497] ? __pfx_read_tsc+0x10/0x10 [ 12.485518] ? ktime_get_ts64+0x86/0x230 [ 12.485543] kunit_try_run_case+0x1a5/0x480 [ 12.485570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.485591] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.485615] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.485636] ? __kthread_parkme+0x82/0x180 [ 12.485658] ? preempt_count_sub+0x50/0x80 [ 12.485680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.485703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.485724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.485747] kthread+0x337/0x6f0 [ 12.485766] ? trace_preempt_on+0x20/0xc0 [ 12.485789] ? __pfx_kthread+0x10/0x10 [ 12.485809] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.485829] ? calculate_sigpending+0x7b/0xa0 [ 12.485853] ? __pfx_kthread+0x10/0x10 [ 12.485873] ret_from_fork+0x116/0x1d0 [ 12.485891] ? __pfx_kthread+0x10/0x10 [ 12.485911] ret_from_fork_asm+0x1a/0x30 [ 12.485942] </TASK> [ 12.485955] [ 12.495470] Allocated by task 232: [ 12.495897] kasan_save_stack+0x45/0x70 [ 12.496092] kasan_save_track+0x18/0x40 [ 12.496235] kasan_save_alloc_info+0x3b/0x50 [ 12.496395] __kasan_slab_alloc+0x91/0xa0 [ 12.497073] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.497552] __kmem_cache_create_args+0x169/0x240 [ 12.497929] kmem_cache_double_destroy+0xd5/0x380 [ 12.498295] kunit_try_run_case+0x1a5/0x480 [ 12.498662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.499069] kthread+0x337/0x6f0 [ 12.499344] ret_from_fork+0x116/0x1d0 [ 12.499638] ret_from_fork_asm+0x1a/0x30 [ 12.499929] [ 12.500009] Freed by task 232: [ 12.500189] kasan_save_stack+0x45/0x70 [ 12.500385] kasan_save_track+0x18/0x40 [ 12.500788] kasan_save_free_info+0x3f/0x60 [ 12.501196] __kasan_slab_free+0x56/0x70 [ 12.501470] kmem_cache_free+0x249/0x420 [ 12.501665] slab_kmem_cache_release+0x2e/0x40 [ 12.502156] kmem_cache_release+0x16/0x20 [ 12.502367] kobject_put+0x181/0x450 [ 12.502544] sysfs_slab_release+0x16/0x20 [ 12.502938] kmem_cache_destroy+0xf0/0x1d0 [ 12.503232] kmem_cache_double_destroy+0x14e/0x380 [ 12.503410] kunit_try_run_case+0x1a5/0x480 [ 12.504019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.504402] kthread+0x337/0x6f0 [ 12.504581] ret_from_fork+0x116/0x1d0 [ 12.504871] ret_from_fork_asm+0x1a/0x30 [ 12.505061] [ 12.505163] The buggy address belongs to the object at ffff8881015c4a00 [ 12.505163] which belongs to the cache kmem_cache of size 208 [ 12.505646] The buggy address is located 0 bytes inside of [ 12.505646] freed 208-byte region [ffff8881015c4a00, ffff8881015c4ad0) [ 12.506489] [ 12.506663] The buggy address belongs to the physical page: [ 12.507113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015c4 [ 12.507467] flags: 0x200000000000000(node=0|zone=2) [ 12.508078] page_type: f5(slab) [ 12.508257] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.508543] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 12.508971] page dumped because: kasan: bad access detected [ 12.509225] [ 12.509316] Memory state around the buggy address: [ 12.509523] ffff8881015c4900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.510176] ffff8881015c4980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.510466] >ffff8881015c4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.510876] ^ [ 12.511187] ffff8881015c4a80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.511618] ffff8881015c4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.512076] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 12.409965] ================================================================== [ 12.410792] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.412272] Read of size 1 at addr ffff8881033b9000 by task kunit_try_catch/230 [ 12.412599] [ 12.413190] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.413245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.413258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.413280] Call Trace: [ 12.413294] <TASK> [ 12.413315] dump_stack_lvl+0x73/0xb0 [ 12.413350] print_report+0xd1/0x650 [ 12.413374] ? __virt_addr_valid+0x1db/0x2d0 [ 12.413399] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.413421] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.413442] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.413464] kasan_report+0x141/0x180 [ 12.413484] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.413510] __asan_report_load1_noabort+0x18/0x20 [ 12.413533] kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.413554] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.413575] ? finish_task_switch.isra.0+0x153/0x700 [ 12.413597] ? __switch_to+0x47/0xf50 [ 12.413626] ? __pfx_read_tsc+0x10/0x10 [ 12.413646] ? ktime_get_ts64+0x86/0x230 [ 12.413670] kunit_try_run_case+0x1a5/0x480 [ 12.413710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.413731] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.413754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.413775] ? __kthread_parkme+0x82/0x180 [ 12.413795] ? preempt_count_sub+0x50/0x80 [ 12.413816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.413838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.413859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.413880] kthread+0x337/0x6f0 [ 12.413898] ? trace_preempt_on+0x20/0xc0 [ 12.413921] ? __pfx_kthread+0x10/0x10 [ 12.413940] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.413959] ? calculate_sigpending+0x7b/0xa0 [ 12.413982] ? __pfx_kthread+0x10/0x10 [ 12.414002] ret_from_fork+0x116/0x1d0 [ 12.414018] ? __pfx_kthread+0x10/0x10 [ 12.414049] ret_from_fork_asm+0x1a/0x30 [ 12.414322] </TASK> [ 12.414337] [ 12.427995] Allocated by task 230: [ 12.428877] kasan_save_stack+0x45/0x70 [ 12.429261] kasan_save_track+0x18/0x40 [ 12.429402] kasan_save_alloc_info+0x3b/0x50 [ 12.429547] __kasan_slab_alloc+0x91/0xa0 [ 12.430205] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.430809] kmem_cache_rcu_uaf+0x155/0x510 [ 12.431453] kunit_try_run_case+0x1a5/0x480 [ 12.432088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.432591] kthread+0x337/0x6f0 [ 12.433014] ret_from_fork+0x116/0x1d0 [ 12.433336] ret_from_fork_asm+0x1a/0x30 [ 12.433479] [ 12.433551] Freed by task 0: [ 12.434050] kasan_save_stack+0x45/0x70 [ 12.434504] kasan_save_track+0x18/0x40 [ 12.434919] kasan_save_free_info+0x3f/0x60 [ 12.435540] __kasan_slab_free+0x56/0x70 [ 12.435831] slab_free_after_rcu_debug+0xe4/0x310 [ 12.435995] rcu_core+0x66f/0x1c40 [ 12.436135] rcu_core_si+0x12/0x20 [ 12.436264] handle_softirqs+0x209/0x730 [ 12.436405] __irq_exit_rcu+0xc9/0x110 [ 12.436535] irq_exit_rcu+0x12/0x20 [ 12.436676] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.436836] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.437290] [ 12.437461] Last potentially related work creation: [ 12.437637] kasan_save_stack+0x45/0x70 [ 12.438206] kasan_record_aux_stack+0xb2/0xc0 [ 12.438695] kmem_cache_free+0x131/0x420 [ 12.438926] kmem_cache_rcu_uaf+0x194/0x510 [ 12.439087] kunit_try_run_case+0x1a5/0x480 [ 12.439234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.439406] kthread+0x337/0x6f0 [ 12.439525] ret_from_fork+0x116/0x1d0 [ 12.439730] ret_from_fork_asm+0x1a/0x30 [ 12.440088] [ 12.440252] The buggy address belongs to the object at ffff8881033b9000 [ 12.440252] which belongs to the cache test_cache of size 200 [ 12.441484] The buggy address is located 0 bytes inside of [ 12.441484] freed 200-byte region [ffff8881033b9000, ffff8881033b90c8) [ 12.442775] [ 12.443055] The buggy address belongs to the physical page: [ 12.443535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b9 [ 12.444110] flags: 0x200000000000000(node=0|zone=2) [ 12.444285] page_type: f5(slab) [ 12.444411] raw: 0200000000000000 ffff8881033b6000 dead000000000122 0000000000000000 [ 12.444641] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.445311] page dumped because: kasan: bad access detected [ 12.445800] [ 12.446136] Memory state around the buggy address: [ 12.446555] ffff8881033b8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.447274] ffff8881033b8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.448087] >ffff8881033b9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.448312] ^ [ 12.448428] ffff8881033b9080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.448684] ffff8881033b9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.449390] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.340580] ================================================================== [ 12.342446] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.343223] Free of addr ffff8881027dc001 by task kunit_try_catch/228 [ 12.343893] [ 12.344134] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.344197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.344209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.344230] Call Trace: [ 12.344243] <TASK> [ 12.344274] dump_stack_lvl+0x73/0xb0 [ 12.344306] print_report+0xd1/0x650 [ 12.344329] ? __virt_addr_valid+0x1db/0x2d0 [ 12.344354] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.344375] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.344399] kasan_report_invalid_free+0x10a/0x130 [ 12.344421] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.344446] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.344469] check_slab_allocation+0x11f/0x130 [ 12.344489] __kasan_slab_pre_free+0x28/0x40 [ 12.344508] kmem_cache_free+0xed/0x420 [ 12.344528] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.344547] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.344572] kmem_cache_invalid_free+0x1d8/0x460 [ 12.344595] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.344617] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.344656] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.344683] kunit_try_run_case+0x1a5/0x480 [ 12.344709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.344729] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.344752] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.344773] ? __kthread_parkme+0x82/0x180 [ 12.344793] ? preempt_count_sub+0x50/0x80 [ 12.344817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.344839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.344860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.344881] kthread+0x337/0x6f0 [ 12.344900] ? trace_preempt_on+0x20/0xc0 [ 12.344923] ? __pfx_kthread+0x10/0x10 [ 12.344942] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.344962] ? calculate_sigpending+0x7b/0xa0 [ 12.344985] ? __pfx_kthread+0x10/0x10 [ 12.345005] ret_from_fork+0x116/0x1d0 [ 12.345032] ? __pfx_kthread+0x10/0x10 [ 12.345051] ret_from_fork_asm+0x1a/0x30 [ 12.345081] </TASK> [ 12.345093] [ 12.357176] Allocated by task 228: [ 12.357525] kasan_save_stack+0x45/0x70 [ 12.358131] kasan_save_track+0x18/0x40 [ 12.358512] kasan_save_alloc_info+0x3b/0x50 [ 12.359013] __kasan_slab_alloc+0x91/0xa0 [ 12.359406] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.359887] kmem_cache_invalid_free+0x157/0x460 [ 12.360333] kunit_try_run_case+0x1a5/0x480 [ 12.360779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.361403] kthread+0x337/0x6f0 [ 12.361805] ret_from_fork+0x116/0x1d0 [ 12.362143] ret_from_fork_asm+0x1a/0x30 [ 12.362293] [ 12.362365] The buggy address belongs to the object at ffff8881027dc000 [ 12.362365] which belongs to the cache test_cache of size 200 [ 12.362722] The buggy address is located 1 bytes inside of [ 12.362722] 200-byte region [ffff8881027dc000, ffff8881027dc0c8) [ 12.363859] [ 12.364081] The buggy address belongs to the physical page: [ 12.364589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027dc [ 12.365442] flags: 0x200000000000000(node=0|zone=2) [ 12.365952] page_type: f5(slab) [ 12.366357] raw: 0200000000000000 ffff8881015c48c0 dead000000000122 0000000000000000 [ 12.367204] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.367441] page dumped because: kasan: bad access detected [ 12.367614] [ 12.367818] Memory state around the buggy address: [ 12.368281] ffff8881027dbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.369034] ffff8881027dbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.369670] >ffff8881027dc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.370339] ^ [ 12.370463] ffff8881027dc080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.370778] ffff8881027dc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.371520] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.292388] ================================================================== [ 12.293178] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.293854] Free of addr ffff8881033b6000 by task kunit_try_catch/226 [ 12.294433] [ 12.294650] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.294700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.294712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.294733] Call Trace: [ 12.294747] <TASK> [ 12.294766] dump_stack_lvl+0x73/0xb0 [ 12.294799] print_report+0xd1/0x650 [ 12.294822] ? __virt_addr_valid+0x1db/0x2d0 [ 12.294847] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.294867] ? kmem_cache_double_free+0x1e5/0x480 [ 12.294892] kasan_report_invalid_free+0x10a/0x130 [ 12.294915] ? kmem_cache_double_free+0x1e5/0x480 [ 12.294940] ? kmem_cache_double_free+0x1e5/0x480 [ 12.294962] check_slab_allocation+0x101/0x130 [ 12.294983] __kasan_slab_pre_free+0x28/0x40 [ 12.295002] kmem_cache_free+0xed/0x420 [ 12.295032] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.295052] ? kmem_cache_double_free+0x1e5/0x480 [ 12.295077] kmem_cache_double_free+0x1e5/0x480 [ 12.295100] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.295122] ? finish_task_switch.isra.0+0x153/0x700 [ 12.295145] ? __switch_to+0x47/0xf50 [ 12.295173] ? __pfx_read_tsc+0x10/0x10 [ 12.295194] ? ktime_get_ts64+0x86/0x230 [ 12.295218] kunit_try_run_case+0x1a5/0x480 [ 12.295244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.295265] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.295287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.295308] ? __kthread_parkme+0x82/0x180 [ 12.295328] ? preempt_count_sub+0x50/0x80 [ 12.295351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.295374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.295395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.295417] kthread+0x337/0x6f0 [ 12.295435] ? trace_preempt_on+0x20/0xc0 [ 12.295458] ? __pfx_kthread+0x10/0x10 [ 12.295477] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.295497] ? calculate_sigpending+0x7b/0xa0 [ 12.295520] ? __pfx_kthread+0x10/0x10 [ 12.295541] ret_from_fork+0x116/0x1d0 [ 12.295558] ? __pfx_kthread+0x10/0x10 [ 12.295577] ret_from_fork_asm+0x1a/0x30 [ 12.295607] </TASK> [ 12.295618] [ 12.309375] Allocated by task 226: [ 12.309523] kasan_save_stack+0x45/0x70 [ 12.310012] kasan_save_track+0x18/0x40 [ 12.310377] kasan_save_alloc_info+0x3b/0x50 [ 12.310803] __kasan_slab_alloc+0x91/0xa0 [ 12.311220] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.311631] kmem_cache_double_free+0x14f/0x480 [ 12.312162] kunit_try_run_case+0x1a5/0x480 [ 12.312548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.313019] kthread+0x337/0x6f0 [ 12.313159] ret_from_fork+0x116/0x1d0 [ 12.313290] ret_from_fork_asm+0x1a/0x30 [ 12.313428] [ 12.313496] Freed by task 226: [ 12.313607] kasan_save_stack+0x45/0x70 [ 12.314083] kasan_save_track+0x18/0x40 [ 12.314428] kasan_save_free_info+0x3f/0x60 [ 12.314884] __kasan_slab_free+0x56/0x70 [ 12.315361] kmem_cache_free+0x249/0x420 [ 12.315762] kmem_cache_double_free+0x16a/0x480 [ 12.316186] kunit_try_run_case+0x1a5/0x480 [ 12.316573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.317183] kthread+0x337/0x6f0 [ 12.317486] ret_from_fork+0x116/0x1d0 [ 12.317866] ret_from_fork_asm+0x1a/0x30 [ 12.318103] [ 12.318178] The buggy address belongs to the object at ffff8881033b6000 [ 12.318178] which belongs to the cache test_cache of size 200 [ 12.318529] The buggy address is located 0 bytes inside of [ 12.318529] 200-byte region [ffff8881033b6000, ffff8881033b60c8) [ 12.319704] [ 12.319937] The buggy address belongs to the physical page: [ 12.320661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b6 [ 12.321369] flags: 0x200000000000000(node=0|zone=2) [ 12.321870] page_type: f5(slab) [ 12.322286] raw: 0200000000000000 ffff888101cf3dc0 dead000000000122 0000000000000000 [ 12.322999] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.323341] page dumped because: kasan: bad access detected [ 12.323514] [ 12.323586] Memory state around the buggy address: [ 12.323794] ffff8881033b5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.324515] ffff8881033b5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.325297] >ffff8881033b6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.325771] ^ [ 12.326125] ffff8881033b6080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.326737] ffff8881033b6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.327243] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.251385] ================================================================== [ 12.251890] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.252520] Read of size 1 at addr ffff8881027d80c8 by task kunit_try_catch/224 [ 12.252825] [ 12.253233] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.253284] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.253297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.253318] Call Trace: [ 12.253331] <TASK> [ 12.253349] dump_stack_lvl+0x73/0xb0 [ 12.253380] print_report+0xd1/0x650 [ 12.253402] ? __virt_addr_valid+0x1db/0x2d0 [ 12.253425] ? kmem_cache_oob+0x402/0x530 [ 12.253446] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.253467] ? kmem_cache_oob+0x402/0x530 [ 12.253488] kasan_report+0x141/0x180 [ 12.253508] ? kmem_cache_oob+0x402/0x530 [ 12.253534] __asan_report_load1_noabort+0x18/0x20 [ 12.253557] kmem_cache_oob+0x402/0x530 [ 12.253576] ? trace_hardirqs_on+0x37/0xe0 [ 12.253599] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.253620] ? finish_task_switch.isra.0+0x153/0x700 [ 12.253657] ? __switch_to+0x47/0xf50 [ 12.253685] ? __pfx_read_tsc+0x10/0x10 [ 12.253705] ? ktime_get_ts64+0x86/0x230 [ 12.253728] kunit_try_run_case+0x1a5/0x480 [ 12.253752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.253773] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.253795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.253816] ? __kthread_parkme+0x82/0x180 [ 12.253835] ? preempt_count_sub+0x50/0x80 [ 12.253857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.253878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.253900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.253921] kthread+0x337/0x6f0 [ 12.253939] ? trace_preempt_on+0x20/0xc0 [ 12.253959] ? __pfx_kthread+0x10/0x10 [ 12.253979] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.253998] ? calculate_sigpending+0x7b/0xa0 [ 12.254030] ? __pfx_kthread+0x10/0x10 [ 12.254050] ret_from_fork+0x116/0x1d0 [ 12.254067] ? __pfx_kthread+0x10/0x10 [ 12.254086] ret_from_fork_asm+0x1a/0x30 [ 12.254115] </TASK> [ 12.254127] [ 12.264114] Allocated by task 224: [ 12.264298] kasan_save_stack+0x45/0x70 [ 12.264505] kasan_save_track+0x18/0x40 [ 12.264748] kasan_save_alloc_info+0x3b/0x50 [ 12.264904] __kasan_slab_alloc+0x91/0xa0 [ 12.265115] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.265321] kmem_cache_oob+0x157/0x530 [ 12.265497] kunit_try_run_case+0x1a5/0x480 [ 12.265658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.265883] kthread+0x337/0x6f0 [ 12.266078] ret_from_fork+0x116/0x1d0 [ 12.266222] ret_from_fork_asm+0x1a/0x30 [ 12.266423] [ 12.266503] The buggy address belongs to the object at ffff8881027d8000 [ 12.266503] which belongs to the cache test_cache of size 200 [ 12.266993] The buggy address is located 0 bytes to the right of [ 12.266993] allocated 200-byte region [ffff8881027d8000, ffff8881027d80c8) [ 12.267521] [ 12.267615] The buggy address belongs to the physical page: [ 12.267863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027d8 [ 12.268289] flags: 0x200000000000000(node=0|zone=2) [ 12.268454] page_type: f5(slab) [ 12.268622] raw: 0200000000000000 ffff8881015c4780 dead000000000122 0000000000000000 [ 12.269049] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.269400] page dumped because: kasan: bad access detected [ 12.269706] [ 12.269809] Memory state around the buggy address: [ 12.270047] ffff8881027d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.270384] ffff8881027d8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.270614] >ffff8881027d8080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.270820] ^ [ 12.271215] ffff8881027d8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.271498] ffff8881027d8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.272273] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.210840] ================================================================== [ 12.211569] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.212192] Read of size 8 at addr ffff8881027cfc40 by task kunit_try_catch/217 [ 12.212998] [ 12.213135] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.213185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.213197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.213218] Call Trace: [ 12.213231] <TASK> [ 12.213249] dump_stack_lvl+0x73/0xb0 [ 12.213280] print_report+0xd1/0x650 [ 12.213302] ? __virt_addr_valid+0x1db/0x2d0 [ 12.213325] ? workqueue_uaf+0x4d6/0x560 [ 12.213345] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.213365] ? workqueue_uaf+0x4d6/0x560 [ 12.213385] kasan_report+0x141/0x180 [ 12.213406] ? workqueue_uaf+0x4d6/0x560 [ 12.213430] __asan_report_load8_noabort+0x18/0x20 [ 12.213453] workqueue_uaf+0x4d6/0x560 [ 12.213474] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.213495] ? __schedule+0x10cc/0x2b60 [ 12.213516] ? __pfx_read_tsc+0x10/0x10 [ 12.213535] ? ktime_get_ts64+0x86/0x230 [ 12.213558] kunit_try_run_case+0x1a5/0x480 [ 12.213581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.213602] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.213625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.213646] ? __kthread_parkme+0x82/0x180 [ 12.213667] ? preempt_count_sub+0x50/0x80 [ 12.213796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.213826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.213849] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.213871] kthread+0x337/0x6f0 [ 12.213890] ? trace_preempt_on+0x20/0xc0 [ 12.213913] ? __pfx_kthread+0x10/0x10 [ 12.213974] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.213997] ? calculate_sigpending+0x7b/0xa0 [ 12.214019] ? __pfx_kthread+0x10/0x10 [ 12.214048] ret_from_fork+0x116/0x1d0 [ 12.214066] ? __pfx_kthread+0x10/0x10 [ 12.214085] ret_from_fork_asm+0x1a/0x30 [ 12.214116] </TASK> [ 12.214128] [ 12.225920] Allocated by task 217: [ 12.226223] kasan_save_stack+0x45/0x70 [ 12.226552] kasan_save_track+0x18/0x40 [ 12.226895] kasan_save_alloc_info+0x3b/0x50 [ 12.227095] __kasan_kmalloc+0xb7/0xc0 [ 12.227273] __kmalloc_cache_noprof+0x189/0x420 [ 12.227480] workqueue_uaf+0x152/0x560 [ 12.227972] kunit_try_run_case+0x1a5/0x480 [ 12.228317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.228572] kthread+0x337/0x6f0 [ 12.228911] ret_from_fork+0x116/0x1d0 [ 12.229111] ret_from_fork_asm+0x1a/0x30 [ 12.229298] [ 12.229388] Freed by task 41: [ 12.229530] kasan_save_stack+0x45/0x70 [ 12.230340] kasan_save_track+0x18/0x40 [ 12.230539] kasan_save_free_info+0x3f/0x60 [ 12.230879] __kasan_slab_free+0x56/0x70 [ 12.231090] kfree+0x222/0x3f0 [ 12.231243] workqueue_uaf_work+0x12/0x20 [ 12.231425] process_one_work+0x5ee/0xf60 [ 12.231610] worker_thread+0x758/0x1220 [ 12.232145] kthread+0x337/0x6f0 [ 12.232325] ret_from_fork+0x116/0x1d0 [ 12.232470] ret_from_fork_asm+0x1a/0x30 [ 12.232611] [ 12.232720] Last potentially related work creation: [ 12.233068] kasan_save_stack+0x45/0x70 [ 12.233487] kasan_record_aux_stack+0xb2/0xc0 [ 12.233737] __queue_work+0x626/0xeb0 [ 12.233942] queue_work_on+0xb6/0xc0 [ 12.234120] workqueue_uaf+0x26d/0x560 [ 12.234308] kunit_try_run_case+0x1a5/0x480 [ 12.234499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.234905] kthread+0x337/0x6f0 [ 12.235098] ret_from_fork+0x116/0x1d0 [ 12.235254] ret_from_fork_asm+0x1a/0x30 [ 12.235433] [ 12.235526] The buggy address belongs to the object at ffff8881027cfc40 [ 12.235526] which belongs to the cache kmalloc-32 of size 32 [ 12.236737] The buggy address is located 0 bytes inside of [ 12.236737] freed 32-byte region [ffff8881027cfc40, ffff8881027cfc60) [ 12.237304] [ 12.237402] The buggy address belongs to the physical page: [ 12.237638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027cf [ 12.238264] flags: 0x200000000000000(node=0|zone=2) [ 12.238505] page_type: f5(slab) [ 12.238657] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.239115] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.239430] page dumped because: kasan: bad access detected [ 12.239664] [ 12.239952] Memory state around the buggy address: [ 12.240205] ffff8881027cfb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.240514] ffff8881027cfb80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.240926] >ffff8881027cfc00: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 12.241181] ^ [ 12.241435] ffff8881027cfc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.242385] ffff8881027cfd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.242682] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.171758] ================================================================== [ 12.172259] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.172533] Read of size 4 at addr ffff8881027cfb80 by task swapper/1/0 [ 12.173197] [ 12.173336] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.173385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.173396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.173418] Call Trace: [ 12.173447] <IRQ> [ 12.173466] dump_stack_lvl+0x73/0xb0 [ 12.173498] print_report+0xd1/0x650 [ 12.173522] ? __virt_addr_valid+0x1db/0x2d0 [ 12.173545] ? rcu_uaf_reclaim+0x50/0x60 [ 12.173565] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.173586] ? rcu_uaf_reclaim+0x50/0x60 [ 12.173605] kasan_report+0x141/0x180 [ 12.173626] ? rcu_uaf_reclaim+0x50/0x60 [ 12.173907] __asan_report_load4_noabort+0x18/0x20 [ 12.173941] rcu_uaf_reclaim+0x50/0x60 [ 12.173961] rcu_core+0x66f/0x1c40 [ 12.173991] ? __pfx_rcu_core+0x10/0x10 [ 12.174011] ? ktime_get+0x6b/0x150 [ 12.174049] ? handle_softirqs+0x18e/0x730 [ 12.174073] rcu_core_si+0x12/0x20 [ 12.174091] handle_softirqs+0x209/0x730 [ 12.174109] ? hrtimer_interrupt+0x2fe/0x780 [ 12.174130] ? __pfx_handle_softirqs+0x10/0x10 [ 12.174154] __irq_exit_rcu+0xc9/0x110 [ 12.174172] irq_exit_rcu+0x12/0x20 [ 12.174191] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.174214] </IRQ> [ 12.174245] <TASK> [ 12.174256] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.174347] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.174560] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 03 8a 21 00 fb f4 <e9> 7c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.174683] RSP: 0000:ffff888100877dc8 EFLAGS: 00010206 [ 12.174786] RAX: ffff8881d3574000 RBX: ffff888100853000 RCX: ffffffff856730e5 [ 12.174830] RDX: ffffed102b62618b RSI: 0000000000000004 RDI: 000000000000faa4 [ 12.174879] RBP: ffff888100877dd0 R08: 0000000000000001 R09: ffffed102b62618a [ 12.174920] R10: ffff88815b130c53 R11: 0000000000023c00 R12: 0000000000000001 [ 12.174978] R13: ffffed102010a600 R14: ffffffff873b0690 R15: 0000000000000000 [ 12.175049] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.175103] ? default_idle+0xd/0x20 [ 12.175124] arch_cpu_idle+0xd/0x20 [ 12.175144] default_idle_call+0x48/0x80 [ 12.175165] do_idle+0x379/0x4f0 [ 12.175188] ? complete+0x15b/0x1d0 [ 12.175205] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.175229] ? __pfx_do_idle+0x10/0x10 [ 12.175248] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 12.175270] ? complete+0x15b/0x1d0 [ 12.175290] cpu_startup_entry+0x5c/0x70 [ 12.175312] start_secondary+0x211/0x290 [ 12.175333] ? __pfx_start_secondary+0x10/0x10 [ 12.175357] common_startup_64+0x13e/0x148 [ 12.175387] </TASK> [ 12.175398] [ 12.188457] Allocated by task 215: [ 12.188794] kasan_save_stack+0x45/0x70 [ 12.189005] kasan_save_track+0x18/0x40 [ 12.189198] kasan_save_alloc_info+0x3b/0x50 [ 12.189397] __kasan_kmalloc+0xb7/0xc0 [ 12.189571] __kmalloc_cache_noprof+0x189/0x420 [ 12.189844] rcu_uaf+0xb0/0x330 [ 12.190004] kunit_try_run_case+0x1a5/0x480 [ 12.190211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.190446] kthread+0x337/0x6f0 [ 12.190604] ret_from_fork+0x116/0x1d0 [ 12.190837] ret_from_fork_asm+0x1a/0x30 [ 12.191031] [ 12.191120] Freed by task 0: [ 12.191256] kasan_save_stack+0x45/0x70 [ 12.191435] kasan_save_track+0x18/0x40 [ 12.191607] kasan_save_free_info+0x3f/0x60 [ 12.191836] __kasan_slab_free+0x56/0x70 [ 12.192019] kfree+0x222/0x3f0 [ 12.192187] rcu_uaf_reclaim+0x1f/0x60 [ 12.192360] rcu_core+0x66f/0x1c40 [ 12.192522] rcu_core_si+0x12/0x20 [ 12.192736] handle_softirqs+0x209/0x730 [ 12.192920] __irq_exit_rcu+0xc9/0x110 [ 12.193103] irq_exit_rcu+0x12/0x20 [ 12.193268] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.193480] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.193881] [ 12.193988] Last potentially related work creation: [ 12.194242] kasan_save_stack+0x45/0x70 [ 12.194441] kasan_record_aux_stack+0xb2/0xc0 [ 12.194632] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 12.194903] call_rcu+0x12/0x20 [ 12.195018] rcu_uaf+0x168/0x330 [ 12.195146] kunit_try_run_case+0x1a5/0x480 [ 12.195289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.195459] kthread+0x337/0x6f0 [ 12.195578] ret_from_fork+0x116/0x1d0 [ 12.195708] ret_from_fork_asm+0x1a/0x30 [ 12.195851] [ 12.195929] The buggy address belongs to the object at ffff8881027cfb80 [ 12.195929] which belongs to the cache kmalloc-32 of size 32 [ 12.196543] The buggy address is located 0 bytes inside of [ 12.196543] freed 32-byte region [ffff8881027cfb80, ffff8881027cfba0) [ 12.197323] [ 12.197433] The buggy address belongs to the physical page: [ 12.197687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027cf [ 12.198985] flags: 0x200000000000000(node=0|zone=2) [ 12.199175] page_type: f5(slab) [ 12.199301] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.199533] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.200284] page dumped because: kasan: bad access detected [ 12.200549] [ 12.200655] Memory state around the buggy address: [ 12.200884] ffff8881027cfa80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.201214] ffff8881027cfb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.201526] >ffff8881027cfb80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.202656] ^ [ 12.202907] ffff8881027cfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.203189] ffff8881027cfc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.203408] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.112403] ================================================================== [ 12.112785] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 12.113075] Read of size 1 at addr ffff8881033ae300 by task kunit_try_catch/213 [ 12.113394] [ 12.113492] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.113533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.113544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.113564] Call Trace: [ 12.113579] <TASK> [ 12.113595] dump_stack_lvl+0x73/0xb0 [ 12.113621] print_report+0xd1/0x650 [ 12.113809] ? __virt_addr_valid+0x1db/0x2d0 [ 12.113842] ? ksize_uaf+0x5fe/0x6c0 [ 12.113861] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.113882] ? ksize_uaf+0x5fe/0x6c0 [ 12.113902] kasan_report+0x141/0x180 [ 12.113922] ? ksize_uaf+0x5fe/0x6c0 [ 12.113946] __asan_report_load1_noabort+0x18/0x20 [ 12.113969] ksize_uaf+0x5fe/0x6c0 [ 12.113989] ? __pfx_ksize_uaf+0x10/0x10 [ 12.114009] ? __schedule+0x10cc/0x2b60 [ 12.114045] ? __pfx_read_tsc+0x10/0x10 [ 12.114065] ? ktime_get_ts64+0x86/0x230 [ 12.114088] kunit_try_run_case+0x1a5/0x480 [ 12.114110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.114131] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.114153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.114175] ? __kthread_parkme+0x82/0x180 [ 12.114194] ? preempt_count_sub+0x50/0x80 [ 12.114217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.114239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.114261] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.114282] kthread+0x337/0x6f0 [ 12.114300] ? trace_preempt_on+0x20/0xc0 [ 12.114322] ? __pfx_kthread+0x10/0x10 [ 12.114355] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.114375] ? calculate_sigpending+0x7b/0xa0 [ 12.114398] ? __pfx_kthread+0x10/0x10 [ 12.114418] ret_from_fork+0x116/0x1d0 [ 12.114435] ? __pfx_kthread+0x10/0x10 [ 12.114455] ret_from_fork_asm+0x1a/0x30 [ 12.114484] </TASK> [ 12.114496] [ 12.121615] Allocated by task 213: [ 12.121815] kasan_save_stack+0x45/0x70 [ 12.121960] kasan_save_track+0x18/0x40 [ 12.122107] kasan_save_alloc_info+0x3b/0x50 [ 12.122254] __kasan_kmalloc+0xb7/0xc0 [ 12.122407] __kmalloc_cache_noprof+0x189/0x420 [ 12.122627] ksize_uaf+0xaa/0x6c0 [ 12.123091] kunit_try_run_case+0x1a5/0x480 [ 12.123322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.123571] kthread+0x337/0x6f0 [ 12.123920] ret_from_fork+0x116/0x1d0 [ 12.124131] ret_from_fork_asm+0x1a/0x30 [ 12.124317] [ 12.124394] Freed by task 213: [ 12.124537] kasan_save_stack+0x45/0x70 [ 12.124792] kasan_save_track+0x18/0x40 [ 12.124990] kasan_save_free_info+0x3f/0x60 [ 12.125171] __kasan_slab_free+0x56/0x70 [ 12.125369] kfree+0x222/0x3f0 [ 12.125541] ksize_uaf+0x12c/0x6c0 [ 12.125670] kunit_try_run_case+0x1a5/0x480 [ 12.125816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.125988] kthread+0x337/0x6f0 [ 12.126158] ret_from_fork+0x116/0x1d0 [ 12.126340] ret_from_fork_asm+0x1a/0x30 [ 12.126792] [ 12.126901] The buggy address belongs to the object at ffff8881033ae300 [ 12.126901] which belongs to the cache kmalloc-128 of size 128 [ 12.127293] The buggy address is located 0 bytes inside of [ 12.127293] freed 128-byte region [ffff8881033ae300, ffff8881033ae380) [ 12.128002] [ 12.128114] The buggy address belongs to the physical page: [ 12.128359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033ae [ 12.128747] flags: 0x200000000000000(node=0|zone=2) [ 12.128954] page_type: f5(slab) [ 12.129135] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.129424] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.129793] page dumped because: kasan: bad access detected [ 12.130003] [ 12.130113] Memory state around the buggy address: [ 12.130309] ffff8881033ae200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.130602] ffff8881033ae280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.131093] >ffff8881033ae300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.131365] ^ [ 12.131482] ffff8881033ae380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.131724] ffff8881033ae400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.132234] ================================================================== [ 12.132831] ================================================================== [ 12.133189] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 12.133421] Read of size 1 at addr ffff8881033ae378 by task kunit_try_catch/213 [ 12.134007] [ 12.134153] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.134197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.134209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.134230] Call Trace: [ 12.134248] <TASK> [ 12.134264] dump_stack_lvl+0x73/0xb0 [ 12.134293] print_report+0xd1/0x650 [ 12.134314] ? __virt_addr_valid+0x1db/0x2d0 [ 12.134337] ? ksize_uaf+0x5e4/0x6c0 [ 12.134356] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.134377] ? ksize_uaf+0x5e4/0x6c0 [ 12.134397] kasan_report+0x141/0x180 [ 12.134418] ? ksize_uaf+0x5e4/0x6c0 [ 12.134442] __asan_report_load1_noabort+0x18/0x20 [ 12.134465] ksize_uaf+0x5e4/0x6c0 [ 12.134484] ? __pfx_ksize_uaf+0x10/0x10 [ 12.134504] ? __schedule+0x10cc/0x2b60 [ 12.134525] ? __pfx_read_tsc+0x10/0x10 [ 12.134545] ? ktime_get_ts64+0x86/0x230 [ 12.134568] kunit_try_run_case+0x1a5/0x480 [ 12.134590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.134611] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.134633] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.134654] ? __kthread_parkme+0x82/0x180 [ 12.134673] ? preempt_count_sub+0x50/0x80 [ 12.134695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.134717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.134910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.134942] kthread+0x337/0x6f0 [ 12.134962] ? trace_preempt_on+0x20/0xc0 [ 12.134985] ? __pfx_kthread+0x10/0x10 [ 12.135004] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.135039] ? calculate_sigpending+0x7b/0xa0 [ 12.135062] ? __pfx_kthread+0x10/0x10 [ 12.135083] ret_from_fork+0x116/0x1d0 [ 12.135100] ? __pfx_kthread+0x10/0x10 [ 12.135119] ret_from_fork_asm+0x1a/0x30 [ 12.135149] </TASK> [ 12.135161] [ 12.142054] Allocated by task 213: [ 12.142217] kasan_save_stack+0x45/0x70 [ 12.142361] kasan_save_track+0x18/0x40 [ 12.142535] kasan_save_alloc_info+0x3b/0x50 [ 12.142910] __kasan_kmalloc+0xb7/0xc0 [ 12.143111] __kmalloc_cache_noprof+0x189/0x420 [ 12.143312] ksize_uaf+0xaa/0x6c0 [ 12.143473] kunit_try_run_case+0x1a5/0x480 [ 12.143674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.143886] kthread+0x337/0x6f0 [ 12.144006] ret_from_fork+0x116/0x1d0 [ 12.144153] ret_from_fork_asm+0x1a/0x30 [ 12.144290] [ 12.144358] Freed by task 213: [ 12.144468] kasan_save_stack+0x45/0x70 [ 12.144600] kasan_save_track+0x18/0x40 [ 12.144731] kasan_save_free_info+0x3f/0x60 [ 12.144936] __kasan_slab_free+0x56/0x70 [ 12.145138] kfree+0x222/0x3f0 [ 12.145298] ksize_uaf+0x12c/0x6c0 [ 12.145469] kunit_try_run_case+0x1a5/0x480 [ 12.145863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.146150] kthread+0x337/0x6f0 [ 12.146316] ret_from_fork+0x116/0x1d0 [ 12.146463] ret_from_fork_asm+0x1a/0x30 [ 12.146604] [ 12.146848] The buggy address belongs to the object at ffff8881033ae300 [ 12.146848] which belongs to the cache kmalloc-128 of size 128 [ 12.147394] The buggy address is located 120 bytes inside of [ 12.147394] freed 128-byte region [ffff8881033ae300, ffff8881033ae380) [ 12.147947] [ 12.148046] The buggy address belongs to the physical page: [ 12.148259] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033ae [ 12.148496] flags: 0x200000000000000(node=0|zone=2) [ 12.148657] page_type: f5(slab) [ 12.148965] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.149325] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.149666] page dumped because: kasan: bad access detected [ 12.149927] [ 12.150034] Memory state around the buggy address: [ 12.150242] ffff8881033ae200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.150822] ffff8881033ae280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.151057] >ffff8881033ae300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.151377] ^ [ 12.151733] ffff8881033ae380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.152029] ffff8881033ae400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.152281] ================================================================== [ 12.091975] ================================================================== [ 12.092518] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 12.093065] Read of size 1 at addr ffff8881033ae300 by task kunit_try_catch/213 [ 12.093387] [ 12.093497] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.093545] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.093557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.093579] Call Trace: [ 12.093591] <TASK> [ 12.093612] dump_stack_lvl+0x73/0xb0 [ 12.093644] print_report+0xd1/0x650 [ 12.093731] ? __virt_addr_valid+0x1db/0x2d0 [ 12.093756] ? ksize_uaf+0x19d/0x6c0 [ 12.093776] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.093797] ? ksize_uaf+0x19d/0x6c0 [ 12.093816] kasan_report+0x141/0x180 [ 12.093836] ? ksize_uaf+0x19d/0x6c0 [ 12.093858] ? ksize_uaf+0x19d/0x6c0 [ 12.093878] __kasan_check_byte+0x3d/0x50 [ 12.093899] ksize+0x20/0x60 [ 12.093920] ksize_uaf+0x19d/0x6c0 [ 12.093939] ? __pfx_ksize_uaf+0x10/0x10 [ 12.093959] ? __schedule+0x10cc/0x2b60 [ 12.093981] ? __pfx_read_tsc+0x10/0x10 [ 12.094001] ? ktime_get_ts64+0x86/0x230 [ 12.094039] kunit_try_run_case+0x1a5/0x480 [ 12.094064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.094085] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.094108] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.094129] ? __kthread_parkme+0x82/0x180 [ 12.094149] ? preempt_count_sub+0x50/0x80 [ 12.094172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.094194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.094215] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.094236] kthread+0x337/0x6f0 [ 12.094254] ? trace_preempt_on+0x20/0xc0 [ 12.094276] ? __pfx_kthread+0x10/0x10 [ 12.094295] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.094314] ? calculate_sigpending+0x7b/0xa0 [ 12.094337] ? __pfx_kthread+0x10/0x10 [ 12.094357] ret_from_fork+0x116/0x1d0 [ 12.094374] ? __pfx_kthread+0x10/0x10 [ 12.094392] ret_from_fork_asm+0x1a/0x30 [ 12.094422] </TASK> [ 12.094434] [ 12.101846] Allocated by task 213: [ 12.102055] kasan_save_stack+0x45/0x70 [ 12.102252] kasan_save_track+0x18/0x40 [ 12.102413] kasan_save_alloc_info+0x3b/0x50 [ 12.102561] __kasan_kmalloc+0xb7/0xc0 [ 12.102691] __kmalloc_cache_noprof+0x189/0x420 [ 12.102909] ksize_uaf+0xaa/0x6c0 [ 12.103090] kunit_try_run_case+0x1a5/0x480 [ 12.103313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.103544] kthread+0x337/0x6f0 [ 12.103775] ret_from_fork+0x116/0x1d0 [ 12.103973] ret_from_fork_asm+0x1a/0x30 [ 12.104185] [ 12.104273] Freed by task 213: [ 12.104418] kasan_save_stack+0x45/0x70 [ 12.104556] kasan_save_track+0x18/0x40 [ 12.104688] kasan_save_free_info+0x3f/0x60 [ 12.105128] __kasan_slab_free+0x56/0x70 [ 12.105351] kfree+0x222/0x3f0 [ 12.105518] ksize_uaf+0x12c/0x6c0 [ 12.105823] kunit_try_run_case+0x1a5/0x480 [ 12.106014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.106197] kthread+0x337/0x6f0 [ 12.106316] ret_from_fork+0x116/0x1d0 [ 12.106446] ret_from_fork_asm+0x1a/0x30 [ 12.106613] [ 12.106708] The buggy address belongs to the object at ffff8881033ae300 [ 12.106708] which belongs to the cache kmalloc-128 of size 128 [ 12.107244] The buggy address is located 0 bytes inside of [ 12.107244] freed 128-byte region [ffff8881033ae300, ffff8881033ae380) [ 12.107733] [ 12.107839] The buggy address belongs to the physical page: [ 12.108091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033ae [ 12.108371] flags: 0x200000000000000(node=0|zone=2) [ 12.108537] page_type: f5(slab) [ 12.108658] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.109238] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.109635] page dumped because: kasan: bad access detected [ 12.110055] [ 12.110154] Memory state around the buggy address: [ 12.110381] ffff8881033ae200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.110666] ffff8881033ae280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.110893] >ffff8881033ae300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.111190] ^ [ 12.111352] ffff8881033ae380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.111648] ffff8881033ae400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.111932] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.066288] ================================================================== [ 12.066846] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.067207] Read of size 1 at addr ffff8881027c2a7f by task kunit_try_catch/211 [ 12.067503] [ 12.067615] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.067656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.067667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.067687] Call Trace: [ 12.067704] <TASK> [ 12.067720] dump_stack_lvl+0x73/0xb0 [ 12.067746] print_report+0xd1/0x650 [ 12.067767] ? __virt_addr_valid+0x1db/0x2d0 [ 12.067812] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.067833] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.067854] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.067876] kasan_report+0x141/0x180 [ 12.067896] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.067923] __asan_report_load1_noabort+0x18/0x20 [ 12.067945] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.067967] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.067988] ? finish_task_switch.isra.0+0x153/0x700 [ 12.068009] ? __switch_to+0x47/0xf50 [ 12.068042] ? __schedule+0x10cc/0x2b60 [ 12.068063] ? __pfx_read_tsc+0x10/0x10 [ 12.068083] ? ktime_get_ts64+0x86/0x230 [ 12.068106] kunit_try_run_case+0x1a5/0x480 [ 12.068128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.068152] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.068174] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.068195] ? __kthread_parkme+0x82/0x180 [ 12.068215] ? preempt_count_sub+0x50/0x80 [ 12.068236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.068258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.068279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.068300] kthread+0x337/0x6f0 [ 12.068318] ? trace_preempt_on+0x20/0xc0 [ 12.068340] ? __pfx_kthread+0x10/0x10 [ 12.068359] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.068379] ? calculate_sigpending+0x7b/0xa0 [ 12.068401] ? __pfx_kthread+0x10/0x10 [ 12.068421] ret_from_fork+0x116/0x1d0 [ 12.068457] ? __pfx_kthread+0x10/0x10 [ 12.068478] ret_from_fork_asm+0x1a/0x30 [ 12.068508] </TASK> [ 12.068519] [ 12.076488] Allocated by task 211: [ 12.076635] kasan_save_stack+0x45/0x70 [ 12.076841] kasan_save_track+0x18/0x40 [ 12.077040] kasan_save_alloc_info+0x3b/0x50 [ 12.077253] __kasan_kmalloc+0xb7/0xc0 [ 12.077422] __kmalloc_cache_noprof+0x189/0x420 [ 12.077579] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.077825] kunit_try_run_case+0x1a5/0x480 [ 12.078013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.078245] kthread+0x337/0x6f0 [ 12.078366] ret_from_fork+0x116/0x1d0 [ 12.078552] ret_from_fork_asm+0x1a/0x30 [ 12.078887] [ 12.078973] The buggy address belongs to the object at ffff8881027c2a00 [ 12.078973] which belongs to the cache kmalloc-128 of size 128 [ 12.079355] The buggy address is located 12 bytes to the right of [ 12.079355] allocated 115-byte region [ffff8881027c2a00, ffff8881027c2a73) [ 12.079898] [ 12.079970] The buggy address belongs to the physical page: [ 12.080157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027c2 [ 12.080798] flags: 0x200000000000000(node=0|zone=2) [ 12.081051] page_type: f5(slab) [ 12.081196] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.081503] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.081737] page dumped because: kasan: bad access detected [ 12.082141] [ 12.082224] Memory state around the buggy address: [ 12.082422] ffff8881027c2900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.082696] ffff8881027c2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.083005] >ffff8881027c2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.083312] ^ [ 12.083563] ffff8881027c2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.083834] ffff8881027c2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.084159] ================================================================== [ 12.047222] ================================================================== [ 12.047535] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.048122] Read of size 1 at addr ffff8881027c2a78 by task kunit_try_catch/211 [ 12.048783] [ 12.048934] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.048981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.048992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.049013] Call Trace: [ 12.049038] <TASK> [ 12.049055] dump_stack_lvl+0x73/0xb0 [ 12.049106] print_report+0xd1/0x650 [ 12.049128] ? __virt_addr_valid+0x1db/0x2d0 [ 12.049152] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.049173] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.049195] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.049216] kasan_report+0x141/0x180 [ 12.049255] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.049282] __asan_report_load1_noabort+0x18/0x20 [ 12.049305] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.049327] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.049348] ? finish_task_switch.isra.0+0x153/0x700 [ 12.049369] ? __switch_to+0x47/0xf50 [ 12.049393] ? __schedule+0x10cc/0x2b60 [ 12.049414] ? __pfx_read_tsc+0x10/0x10 [ 12.049435] ? ktime_get_ts64+0x86/0x230 [ 12.049460] kunit_try_run_case+0x1a5/0x480 [ 12.049483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.049504] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.049526] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.049567] ? __kthread_parkme+0x82/0x180 [ 12.049588] ? preempt_count_sub+0x50/0x80 [ 12.049609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.049631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.049652] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.049674] kthread+0x337/0x6f0 [ 12.049692] ? trace_preempt_on+0x20/0xc0 [ 12.049715] ? __pfx_kthread+0x10/0x10 [ 12.049735] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.049755] ? calculate_sigpending+0x7b/0xa0 [ 12.049777] ? __pfx_kthread+0x10/0x10 [ 12.049797] ret_from_fork+0x116/0x1d0 [ 12.049814] ? __pfx_kthread+0x10/0x10 [ 12.049833] ret_from_fork_asm+0x1a/0x30 [ 12.049864] </TASK> [ 12.049875] [ 12.057213] Allocated by task 211: [ 12.057341] kasan_save_stack+0x45/0x70 [ 12.057750] kasan_save_track+0x18/0x40 [ 12.057942] kasan_save_alloc_info+0x3b/0x50 [ 12.058184] __kasan_kmalloc+0xb7/0xc0 [ 12.058376] __kmalloc_cache_noprof+0x189/0x420 [ 12.058597] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.058890] kunit_try_run_case+0x1a5/0x480 [ 12.059048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.059286] kthread+0x337/0x6f0 [ 12.059407] ret_from_fork+0x116/0x1d0 [ 12.059537] ret_from_fork_asm+0x1a/0x30 [ 12.059676] [ 12.059790] The buggy address belongs to the object at ffff8881027c2a00 [ 12.059790] which belongs to the cache kmalloc-128 of size 128 [ 12.060329] The buggy address is located 5 bytes to the right of [ 12.060329] allocated 115-byte region [ffff8881027c2a00, ffff8881027c2a73) [ 12.060861] [ 12.060936] The buggy address belongs to the physical page: [ 12.061160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027c2 [ 12.061518] flags: 0x200000000000000(node=0|zone=2) [ 12.061787] page_type: f5(slab) [ 12.061912] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.062232] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.062561] page dumped because: kasan: bad access detected [ 12.062872] [ 12.062948] Memory state around the buggy address: [ 12.063120] ffff8881027c2900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.063341] ffff8881027c2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.063553] >ffff8881027c2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.064117] ^ [ 12.064651] ffff8881027c2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.064991] ffff8881027c2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.065267] ================================================================== [ 12.028608] ================================================================== [ 12.029123] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.029467] Read of size 1 at addr ffff8881027c2a73 by task kunit_try_catch/211 [ 12.029753] [ 12.029882] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.029928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.029939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.029960] Call Trace: [ 12.029972] <TASK> [ 12.029990] dump_stack_lvl+0x73/0xb0 [ 12.030019] print_report+0xd1/0x650 [ 12.030053] ? __virt_addr_valid+0x1db/0x2d0 [ 12.030098] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.030120] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.030141] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.030163] kasan_report+0x141/0x180 [ 12.030183] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.030209] __asan_report_load1_noabort+0x18/0x20 [ 12.030232] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.030254] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.030275] ? finish_task_switch.isra.0+0x153/0x700 [ 12.030296] ? __switch_to+0x47/0xf50 [ 12.030321] ? __schedule+0x10cc/0x2b60 [ 12.030343] ? __pfx_read_tsc+0x10/0x10 [ 12.030363] ? ktime_get_ts64+0x86/0x230 [ 12.030386] kunit_try_run_case+0x1a5/0x480 [ 12.030430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.030450] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.030474] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.030495] ? __kthread_parkme+0x82/0x180 [ 12.030515] ? preempt_count_sub+0x50/0x80 [ 12.030536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.030558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.030580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.030601] kthread+0x337/0x6f0 [ 12.030619] ? trace_preempt_on+0x20/0xc0 [ 12.030641] ? __pfx_kthread+0x10/0x10 [ 12.030660] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.030680] ? calculate_sigpending+0x7b/0xa0 [ 12.030702] ? __pfx_kthread+0x10/0x10 [ 12.030724] ret_from_fork+0x116/0x1d0 [ 12.030741] ? __pfx_kthread+0x10/0x10 [ 12.030760] ret_from_fork_asm+0x1a/0x30 [ 12.030790] </TASK> [ 12.030801] [ 12.038383] Allocated by task 211: [ 12.038566] kasan_save_stack+0x45/0x70 [ 12.038860] kasan_save_track+0x18/0x40 [ 12.038997] kasan_save_alloc_info+0x3b/0x50 [ 12.039155] __kasan_kmalloc+0xb7/0xc0 [ 12.039342] __kmalloc_cache_noprof+0x189/0x420 [ 12.039570] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.039934] kunit_try_run_case+0x1a5/0x480 [ 12.040090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.040267] kthread+0x337/0x6f0 [ 12.040437] ret_from_fork+0x116/0x1d0 [ 12.040623] ret_from_fork_asm+0x1a/0x30 [ 12.040831] [ 12.040926] The buggy address belongs to the object at ffff8881027c2a00 [ 12.040926] which belongs to the cache kmalloc-128 of size 128 [ 12.041408] The buggy address is located 0 bytes to the right of [ 12.041408] allocated 115-byte region [ffff8881027c2a00, ffff8881027c2a73) [ 12.041813] [ 12.041914] The buggy address belongs to the physical page: [ 12.042188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027c2 [ 12.042546] flags: 0x200000000000000(node=0|zone=2) [ 12.042946] page_type: f5(slab) [ 12.043152] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.043453] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.043766] page dumped because: kasan: bad access detected [ 12.043931] [ 12.043999] Memory state around the buggy address: [ 12.044168] ffff8881027c2900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.044377] ffff8881027c2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.044584] >ffff8881027c2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.045235] ^ [ 12.045557] ffff8881027c2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.045875] ffff8881027c2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.046222] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 11.998006] ================================================================== [ 11.998510] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 11.999059] Free of addr ffff88810191e8c0 by task kunit_try_catch/209 [ 11.999526] [ 11.999945] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 12.000046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.000059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.000079] Call Trace: [ 12.000091] <TASK> [ 12.000109] dump_stack_lvl+0x73/0xb0 [ 12.000138] print_report+0xd1/0x650 [ 12.000166] ? __virt_addr_valid+0x1db/0x2d0 [ 12.000189] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.000210] ? kfree_sensitive+0x2e/0x90 [ 12.000230] kasan_report_invalid_free+0x10a/0x130 [ 12.000253] ? kfree_sensitive+0x2e/0x90 [ 12.000274] ? kfree_sensitive+0x2e/0x90 [ 12.000292] check_slab_allocation+0x101/0x130 [ 12.000312] __kasan_slab_pre_free+0x28/0x40 [ 12.000332] kfree+0xf0/0x3f0 [ 12.000354] ? kfree_sensitive+0x2e/0x90 [ 12.000375] kfree_sensitive+0x2e/0x90 [ 12.000393] kmalloc_double_kzfree+0x19c/0x350 [ 12.000414] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.000437] ? __schedule+0x10cc/0x2b60 [ 12.000458] ? __pfx_read_tsc+0x10/0x10 [ 12.000478] ? ktime_get_ts64+0x86/0x230 [ 12.000501] kunit_try_run_case+0x1a5/0x480 [ 12.000523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.000544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.000567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.000588] ? __kthread_parkme+0x82/0x180 [ 12.000608] ? preempt_count_sub+0x50/0x80 [ 12.000630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.000652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.000673] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.000695] kthread+0x337/0x6f0 [ 12.000713] ? trace_preempt_on+0x20/0xc0 [ 12.000735] ? __pfx_kthread+0x10/0x10 [ 12.000755] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.000774] ? calculate_sigpending+0x7b/0xa0 [ 12.000797] ? __pfx_kthread+0x10/0x10 [ 12.000817] ret_from_fork+0x116/0x1d0 [ 12.000850] ? __pfx_kthread+0x10/0x10 [ 12.000870] ret_from_fork_asm+0x1a/0x30 [ 12.000901] </TASK> [ 12.000912] [ 12.010217] Allocated by task 209: [ 12.010394] kasan_save_stack+0x45/0x70 [ 12.010547] kasan_save_track+0x18/0x40 [ 12.010895] kasan_save_alloc_info+0x3b/0x50 [ 12.011132] __kasan_kmalloc+0xb7/0xc0 [ 12.011425] __kmalloc_cache_noprof+0x189/0x420 [ 12.011631] kmalloc_double_kzfree+0xa9/0x350 [ 12.011910] kunit_try_run_case+0x1a5/0x480 [ 12.012265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.012555] kthread+0x337/0x6f0 [ 12.012736] ret_from_fork+0x116/0x1d0 [ 12.012981] ret_from_fork_asm+0x1a/0x30 [ 12.013250] [ 12.013369] Freed by task 209: [ 12.013527] kasan_save_stack+0x45/0x70 [ 12.013897] kasan_save_track+0x18/0x40 [ 12.014057] kasan_save_free_info+0x3f/0x60 [ 12.014199] __kasan_slab_free+0x56/0x70 [ 12.014329] kfree+0x222/0x3f0 [ 12.014492] kfree_sensitive+0x67/0x90 [ 12.014920] kmalloc_double_kzfree+0x12b/0x350 [ 12.015396] kunit_try_run_case+0x1a5/0x480 [ 12.015594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.015896] kthread+0x337/0x6f0 [ 12.016012] ret_from_fork+0x116/0x1d0 [ 12.016155] ret_from_fork_asm+0x1a/0x30 [ 12.016505] [ 12.016845] The buggy address belongs to the object at ffff88810191e8c0 [ 12.016845] which belongs to the cache kmalloc-16 of size 16 [ 12.017435] The buggy address is located 0 bytes inside of [ 12.017435] 16-byte region [ffff88810191e8c0, ffff88810191e8d0) [ 12.018082] [ 12.018159] The buggy address belongs to the physical page: [ 12.018343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 12.018923] flags: 0x200000000000000(node=0|zone=2) [ 12.019361] page_type: f5(slab) [ 12.019497] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.019861] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.020313] page dumped because: kasan: bad access detected [ 12.020597] [ 12.020693] Memory state around the buggy address: [ 12.021037] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.021633] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.022151] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 12.022419] ^ [ 12.023112] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.023362] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.023679] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 11.967162] ================================================================== [ 11.967920] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 11.968195] Read of size 1 at addr ffff88810191e8c0 by task kunit_try_catch/209 [ 11.968418] [ 11.968512] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.968558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.968570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.968590] Call Trace: [ 11.968602] <TASK> [ 11.968619] dump_stack_lvl+0x73/0xb0 [ 11.968659] print_report+0xd1/0x650 [ 11.968681] ? __virt_addr_valid+0x1db/0x2d0 [ 11.968704] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.968725] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.968746] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.968768] kasan_report+0x141/0x180 [ 11.968788] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.968813] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.968835] __kasan_check_byte+0x3d/0x50 [ 11.968855] kfree_sensitive+0x22/0x90 [ 11.968877] kmalloc_double_kzfree+0x19c/0x350 [ 11.968898] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.968920] ? __schedule+0x10cc/0x2b60 [ 11.968941] ? __pfx_read_tsc+0x10/0x10 [ 11.968961] ? ktime_get_ts64+0x86/0x230 [ 11.968985] kunit_try_run_case+0x1a5/0x480 [ 11.969008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.969041] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.969063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.969084] ? __kthread_parkme+0x82/0x180 [ 11.969103] ? preempt_count_sub+0x50/0x80 [ 11.969127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.969149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.969171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.969193] kthread+0x337/0x6f0 [ 11.969213] ? trace_preempt_on+0x20/0xc0 [ 11.969236] ? __pfx_kthread+0x10/0x10 [ 11.969256] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.969275] ? calculate_sigpending+0x7b/0xa0 [ 11.969298] ? __pfx_kthread+0x10/0x10 [ 11.969318] ret_from_fork+0x116/0x1d0 [ 11.969335] ? __pfx_kthread+0x10/0x10 [ 11.969353] ret_from_fork_asm+0x1a/0x30 [ 11.969384] </TASK> [ 11.969395] [ 11.983325] Allocated by task 209: [ 11.983759] kasan_save_stack+0x45/0x70 [ 11.984166] kasan_save_track+0x18/0x40 [ 11.984551] kasan_save_alloc_info+0x3b/0x50 [ 11.985065] __kasan_kmalloc+0xb7/0xc0 [ 11.985201] __kmalloc_cache_noprof+0x189/0x420 [ 11.985352] kmalloc_double_kzfree+0xa9/0x350 [ 11.985495] kunit_try_run_case+0x1a5/0x480 [ 11.985702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.986232] kthread+0x337/0x6f0 [ 11.986541] ret_from_fork+0x116/0x1d0 [ 11.986977] ret_from_fork_asm+0x1a/0x30 [ 11.987410] [ 11.987567] Freed by task 209: [ 11.987956] kasan_save_stack+0x45/0x70 [ 11.988349] kasan_save_track+0x18/0x40 [ 11.988794] kasan_save_free_info+0x3f/0x60 [ 11.989151] __kasan_slab_free+0x56/0x70 [ 11.989287] kfree+0x222/0x3f0 [ 11.989401] kfree_sensitive+0x67/0x90 [ 11.989531] kmalloc_double_kzfree+0x12b/0x350 [ 11.989728] kunit_try_run_case+0x1a5/0x480 [ 11.990032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.990273] kthread+0x337/0x6f0 [ 11.990445] ret_from_fork+0x116/0x1d0 [ 11.990608] ret_from_fork_asm+0x1a/0x30 [ 11.990898] [ 11.990983] The buggy address belongs to the object at ffff88810191e8c0 [ 11.990983] which belongs to the cache kmalloc-16 of size 16 [ 11.991529] The buggy address is located 0 bytes inside of [ 11.991529] freed 16-byte region [ffff88810191e8c0, ffff88810191e8d0) [ 11.991969] [ 11.992054] The buggy address belongs to the physical page: [ 11.992227] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 11.992728] flags: 0x200000000000000(node=0|zone=2) [ 11.992945] page_type: f5(slab) [ 11.993074] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.993506] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.993962] page dumped because: kasan: bad access detected [ 11.994194] [ 11.994284] Memory state around the buggy address: [ 11.994466] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 11.994921] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.995145] >ffff88810191e880: 00 05 fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.995349] ^ [ 11.995592] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.996406] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.996680] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 11.923184] ================================================================== [ 11.924253] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 11.924682] Read of size 1 at addr ffff8881027cbfa8 by task kunit_try_catch/205 [ 11.925428] [ 11.925799] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.925850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.925862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.925883] Call Trace: [ 11.925895] <TASK> [ 11.925914] dump_stack_lvl+0x73/0xb0 [ 11.925945] print_report+0xd1/0x650 [ 11.925968] ? __virt_addr_valid+0x1db/0x2d0 [ 11.925992] ? kmalloc_uaf2+0x4a8/0x520 [ 11.926011] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.926046] ? kmalloc_uaf2+0x4a8/0x520 [ 11.926065] kasan_report+0x141/0x180 [ 11.926086] ? kmalloc_uaf2+0x4a8/0x520 [ 11.926109] __asan_report_load1_noabort+0x18/0x20 [ 11.926132] kmalloc_uaf2+0x4a8/0x520 [ 11.926151] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.926169] ? finish_task_switch.isra.0+0x153/0x700 [ 11.926191] ? __switch_to+0x47/0xf50 [ 11.926218] ? __schedule+0x10cc/0x2b60 [ 11.926239] ? __pfx_read_tsc+0x10/0x10 [ 11.926260] ? ktime_get_ts64+0x86/0x230 [ 11.926283] kunit_try_run_case+0x1a5/0x480 [ 11.926306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.926328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.926350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.926371] ? __kthread_parkme+0x82/0x180 [ 11.926391] ? preempt_count_sub+0x50/0x80 [ 11.926412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.926434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.926456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.926477] kthread+0x337/0x6f0 [ 11.926495] ? trace_preempt_on+0x20/0xc0 [ 11.926518] ? __pfx_kthread+0x10/0x10 [ 11.926537] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.926556] ? calculate_sigpending+0x7b/0xa0 [ 11.926579] ? __pfx_kthread+0x10/0x10 [ 11.926599] ret_from_fork+0x116/0x1d0 [ 11.926616] ? __pfx_kthread+0x10/0x10 [ 11.926636] ret_from_fork_asm+0x1a/0x30 [ 11.926666] </TASK> [ 11.926678] [ 11.941155] Allocated by task 205: [ 11.941352] kasan_save_stack+0x45/0x70 [ 11.941504] kasan_save_track+0x18/0x40 [ 11.941682] kasan_save_alloc_info+0x3b/0x50 [ 11.942099] __kasan_kmalloc+0xb7/0xc0 [ 11.942446] __kmalloc_cache_noprof+0x189/0x420 [ 11.942941] kmalloc_uaf2+0xc6/0x520 [ 11.943288] kunit_try_run_case+0x1a5/0x480 [ 11.943823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.944018] kthread+0x337/0x6f0 [ 11.944162] ret_from_fork+0x116/0x1d0 [ 11.944294] ret_from_fork_asm+0x1a/0x30 [ 11.944433] [ 11.944503] Freed by task 205: [ 11.944614] kasan_save_stack+0x45/0x70 [ 11.945299] kasan_save_track+0x18/0x40 [ 11.945691] kasan_save_free_info+0x3f/0x60 [ 11.946180] __kasan_slab_free+0x56/0x70 [ 11.946530] kfree+0x222/0x3f0 [ 11.946850] kmalloc_uaf2+0x14c/0x520 [ 11.947250] kunit_try_run_case+0x1a5/0x480 [ 11.947787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.948290] kthread+0x337/0x6f0 [ 11.948596] ret_from_fork+0x116/0x1d0 [ 11.949061] ret_from_fork_asm+0x1a/0x30 [ 11.949410] [ 11.949482] The buggy address belongs to the object at ffff8881027cbf80 [ 11.949482] which belongs to the cache kmalloc-64 of size 64 [ 11.949941] The buggy address is located 40 bytes inside of [ 11.949941] freed 64-byte region [ffff8881027cbf80, ffff8881027cbfc0) [ 11.951167] [ 11.951333] The buggy address belongs to the physical page: [ 11.951847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027cb [ 11.952668] flags: 0x200000000000000(node=0|zone=2) [ 11.952976] page_type: f5(slab) [ 11.953117] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.953350] raw: 0000000000000000 0000000000200020 00000000f5000000 0000000000000000 [ 11.953577] page dumped because: kasan: bad access detected [ 11.954087] [ 11.954245] Memory state around the buggy address: [ 11.954719] ffff8881027cbe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.955327] ffff8881027cbf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.956260] >ffff8881027cbf80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.956482] ^ [ 11.956696] ffff8881027cc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.957479] ffff8881027cc080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.958306] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 11.883809] ================================================================== [ 11.884652] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 11.884899] Write of size 33 at addr ffff8881027cbf00 by task kunit_try_catch/203 [ 11.885140] [ 11.885239] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.885287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.885299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.885322] Call Trace: [ 11.885335] <TASK> [ 11.885356] dump_stack_lvl+0x73/0xb0 [ 11.885386] print_report+0xd1/0x650 [ 11.885408] ? __virt_addr_valid+0x1db/0x2d0 [ 11.885432] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.885452] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.885472] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.885492] kasan_report+0x141/0x180 [ 11.885513] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.885537] kasan_check_range+0x10c/0x1c0 [ 11.885559] __asan_memset+0x27/0x50 [ 11.885577] kmalloc_uaf_memset+0x1a3/0x360 [ 11.885597] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 11.885618] ? __schedule+0x10cc/0x2b60 [ 11.885639] ? __pfx_read_tsc+0x10/0x10 [ 11.885660] ? ktime_get_ts64+0x86/0x230 [ 11.885684] kunit_try_run_case+0x1a5/0x480 [ 11.885708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.885728] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.885750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.885771] ? __kthread_parkme+0x82/0x180 [ 11.885792] ? preempt_count_sub+0x50/0x80 [ 11.885815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.885838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.885860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.885882] kthread+0x337/0x6f0 [ 11.885900] ? trace_preempt_on+0x20/0xc0 [ 11.885924] ? __pfx_kthread+0x10/0x10 [ 11.885943] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.885962] ? calculate_sigpending+0x7b/0xa0 [ 11.885985] ? __pfx_kthread+0x10/0x10 [ 11.886006] ret_from_fork+0x116/0x1d0 [ 11.886049] ? __pfx_kthread+0x10/0x10 [ 11.886080] ret_from_fork_asm+0x1a/0x30 [ 11.886110] </TASK> [ 11.886121] [ 11.900431] Allocated by task 203: [ 11.900811] kasan_save_stack+0x45/0x70 [ 11.901250] kasan_save_track+0x18/0x40 [ 11.901663] kasan_save_alloc_info+0x3b/0x50 [ 11.902162] __kasan_kmalloc+0xb7/0xc0 [ 11.902542] __kmalloc_cache_noprof+0x189/0x420 [ 11.903084] kmalloc_uaf_memset+0xa9/0x360 [ 11.903592] kunit_try_run_case+0x1a5/0x480 [ 11.904073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.904612] kthread+0x337/0x6f0 [ 11.905011] ret_from_fork+0x116/0x1d0 [ 11.905469] ret_from_fork_asm+0x1a/0x30 [ 11.906013] [ 11.906203] Freed by task 203: [ 11.906534] kasan_save_stack+0x45/0x70 [ 11.906995] kasan_save_track+0x18/0x40 [ 11.907431] kasan_save_free_info+0x3f/0x60 [ 11.907896] __kasan_slab_free+0x56/0x70 [ 11.908290] kfree+0x222/0x3f0 [ 11.908554] kmalloc_uaf_memset+0x12b/0x360 [ 11.908707] kunit_try_run_case+0x1a5/0x480 [ 11.908856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.909040] kthread+0x337/0x6f0 [ 11.909164] ret_from_fork+0x116/0x1d0 [ 11.909418] ret_from_fork_asm+0x1a/0x30 [ 11.909561] [ 11.909689] The buggy address belongs to the object at ffff8881027cbf00 [ 11.909689] which belongs to the cache kmalloc-64 of size 64 [ 11.910926] The buggy address is located 0 bytes inside of [ 11.910926] freed 64-byte region [ffff8881027cbf00, ffff8881027cbf40) [ 11.911321] [ 11.911398] The buggy address belongs to the physical page: [ 11.911571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027cb [ 11.912398] flags: 0x200000000000000(node=0|zone=2) [ 11.912947] page_type: f5(slab) [ 11.913278] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.914004] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.914722] page dumped because: kasan: bad access detected [ 11.914992] [ 11.915076] Memory state around the buggy address: [ 11.915235] ffff8881027cbe00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.915448] ffff8881027cbe80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.915896] >ffff8881027cbf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.916519] ^ [ 11.916944] ffff8881027cbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.917570] ffff8881027cc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.918264] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 11.855953] ================================================================== [ 11.856481] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 11.856977] Read of size 1 at addr ffff8881021d56e8 by task kunit_try_catch/201 [ 11.857371] [ 11.857472] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.857856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.857871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.857892] Call Trace: [ 11.857906] <TASK> [ 11.857925] dump_stack_lvl+0x73/0xb0 [ 11.857957] print_report+0xd1/0x650 [ 11.857979] ? __virt_addr_valid+0x1db/0x2d0 [ 11.858002] ? kmalloc_uaf+0x320/0x380 [ 11.858035] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.858056] ? kmalloc_uaf+0x320/0x380 [ 11.858075] kasan_report+0x141/0x180 [ 11.858096] ? kmalloc_uaf+0x320/0x380 [ 11.858119] __asan_report_load1_noabort+0x18/0x20 [ 11.858142] kmalloc_uaf+0x320/0x380 [ 11.858160] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.858179] ? __schedule+0x10cc/0x2b60 [ 11.858201] ? __pfx_read_tsc+0x10/0x10 [ 11.858222] ? ktime_get_ts64+0x86/0x230 [ 11.858245] kunit_try_run_case+0x1a5/0x480 [ 11.858268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.858289] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.858311] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.858332] ? __kthread_parkme+0x82/0x180 [ 11.858351] ? preempt_count_sub+0x50/0x80 [ 11.858374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.858396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.858417] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.858439] kthread+0x337/0x6f0 [ 11.858456] ? trace_preempt_on+0x20/0xc0 [ 11.858479] ? __pfx_kthread+0x10/0x10 [ 11.858499] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.858518] ? calculate_sigpending+0x7b/0xa0 [ 11.858540] ? __pfx_kthread+0x10/0x10 [ 11.858560] ret_from_fork+0x116/0x1d0 [ 11.858577] ? __pfx_kthread+0x10/0x10 [ 11.858597] ret_from_fork_asm+0x1a/0x30 [ 11.858627] </TASK> [ 11.858801] [ 11.867875] Allocated by task 201: [ 11.868203] kasan_save_stack+0x45/0x70 [ 11.868405] kasan_save_track+0x18/0x40 [ 11.868579] kasan_save_alloc_info+0x3b/0x50 [ 11.868963] __kasan_kmalloc+0xb7/0xc0 [ 11.869160] __kmalloc_cache_noprof+0x189/0x420 [ 11.869490] kmalloc_uaf+0xaa/0x380 [ 11.869677] kunit_try_run_case+0x1a5/0x480 [ 11.869955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.870295] kthread+0x337/0x6f0 [ 11.870463] ret_from_fork+0x116/0x1d0 [ 11.870634] ret_from_fork_asm+0x1a/0x30 [ 11.870805] [ 11.870903] Freed by task 201: [ 11.871283] kasan_save_stack+0x45/0x70 [ 11.871510] kasan_save_track+0x18/0x40 [ 11.871819] kasan_save_free_info+0x3f/0x60 [ 11.872019] __kasan_slab_free+0x56/0x70 [ 11.872348] kfree+0x222/0x3f0 [ 11.872518] kmalloc_uaf+0x12c/0x380 [ 11.872778] kunit_try_run_case+0x1a5/0x480 [ 11.873045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.873280] kthread+0x337/0x6f0 [ 11.873433] ret_from_fork+0x116/0x1d0 [ 11.873604] ret_from_fork_asm+0x1a/0x30 [ 11.874046] [ 11.874138] The buggy address belongs to the object at ffff8881021d56e0 [ 11.874138] which belongs to the cache kmalloc-16 of size 16 [ 11.874788] The buggy address is located 8 bytes inside of [ 11.874788] freed 16-byte region [ffff8881021d56e0, ffff8881021d56f0) [ 11.875387] [ 11.875627] The buggy address belongs to the physical page: [ 11.875912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1021d5 [ 11.876329] flags: 0x200000000000000(node=0|zone=2) [ 11.876617] page_type: f5(slab) [ 11.876758] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.877089] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.877410] page dumped because: kasan: bad access detected [ 11.877641] [ 11.877740] Memory state around the buggy address: [ 11.878250] ffff8881021d5580: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 11.878625] ffff8881021d5600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.878983] >ffff8881021d5680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.879381] ^ [ 11.879787] ffff8881021d5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.880088] ffff8881021d5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.880522] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 11.823042] ================================================================== [ 11.823605] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.824152] Read of size 64 at addr ffff8881033ab484 by task kunit_try_catch/199 [ 11.824622] [ 11.824810] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.824859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.824871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.824892] Call Trace: [ 11.824904] <TASK> [ 11.824924] dump_stack_lvl+0x73/0xb0 [ 11.824955] print_report+0xd1/0x650 [ 11.824979] ? __virt_addr_valid+0x1db/0x2d0 [ 11.825003] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.825044] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.825065] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.825099] kasan_report+0x141/0x180 [ 11.825120] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.825147] kasan_check_range+0x10c/0x1c0 [ 11.825169] __asan_memmove+0x27/0x70 [ 11.825188] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.825219] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.825242] ? __schedule+0x10cc/0x2b60 [ 11.825265] ? __pfx_read_tsc+0x10/0x10 [ 11.825296] ? ktime_get_ts64+0x86/0x230 [ 11.825319] kunit_try_run_case+0x1a5/0x480 [ 11.825342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.825363] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.825394] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.825416] ? __kthread_parkme+0x82/0x180 [ 11.825435] ? preempt_count_sub+0x50/0x80 [ 11.825469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.825491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.825512] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.825534] kthread+0x337/0x6f0 [ 11.825552] ? trace_preempt_on+0x20/0xc0 [ 11.825575] ? __pfx_kthread+0x10/0x10 [ 11.825594] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.825614] ? calculate_sigpending+0x7b/0xa0 [ 11.825636] ? __pfx_kthread+0x10/0x10 [ 11.825713] ret_from_fork+0x116/0x1d0 [ 11.825734] ? __pfx_kthread+0x10/0x10 [ 11.825754] ret_from_fork_asm+0x1a/0x30 [ 11.825784] </TASK> [ 11.825795] [ 11.836406] Allocated by task 199: [ 11.836752] kasan_save_stack+0x45/0x70 [ 11.836973] kasan_save_track+0x18/0x40 [ 11.837386] kasan_save_alloc_info+0x3b/0x50 [ 11.837736] __kasan_kmalloc+0xb7/0xc0 [ 11.838014] __kmalloc_cache_noprof+0x189/0x420 [ 11.838332] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.838559] kunit_try_run_case+0x1a5/0x480 [ 11.838944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.839523] kthread+0x337/0x6f0 [ 11.839679] ret_from_fork+0x116/0x1d0 [ 11.840230] ret_from_fork_asm+0x1a/0x30 [ 11.840423] [ 11.840523] The buggy address belongs to the object at ffff8881033ab480 [ 11.840523] which belongs to the cache kmalloc-64 of size 64 [ 11.841248] The buggy address is located 4 bytes inside of [ 11.841248] allocated 64-byte region [ffff8881033ab480, ffff8881033ab4c0) [ 11.842112] [ 11.842207] The buggy address belongs to the physical page: [ 11.842517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033ab [ 11.843000] flags: 0x200000000000000(node=0|zone=2) [ 11.843250] page_type: f5(slab) [ 11.843409] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.844126] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.844439] page dumped because: kasan: bad access detected [ 11.844750] [ 11.845001] Memory state around the buggy address: [ 11.845236] ffff8881033ab380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.845665] ffff8881033ab400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.846120] >ffff8881033ab480: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.846428] ^ [ 11.846804] ffff8881033ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.847125] ffff8881033ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.847419] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 11.793098] ================================================================== [ 11.793836] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.794392] Read of size 18446744073709551614 at addr ffff8881033ab404 by task kunit_try_catch/197 [ 11.795119] [ 11.795249] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.795300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.795312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.795335] Call Trace: [ 11.795348] <TASK> [ 11.795369] dump_stack_lvl+0x73/0xb0 [ 11.795402] print_report+0xd1/0x650 [ 11.795424] ? __virt_addr_valid+0x1db/0x2d0 [ 11.795448] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.795471] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.795534] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.795581] kasan_report+0x141/0x180 [ 11.795604] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.795631] kasan_check_range+0x10c/0x1c0 [ 11.795653] __asan_memmove+0x27/0x70 [ 11.795672] kmalloc_memmove_negative_size+0x171/0x330 [ 11.795695] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.795719] ? __schedule+0x10cc/0x2b60 [ 11.795741] ? __pfx_read_tsc+0x10/0x10 [ 11.795763] ? ktime_get_ts64+0x86/0x230 [ 11.795788] kunit_try_run_case+0x1a5/0x480 [ 11.795813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.795834] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.795856] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.795877] ? __kthread_parkme+0x82/0x180 [ 11.795898] ? preempt_count_sub+0x50/0x80 [ 11.795921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.795943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.795964] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.795986] kthread+0x337/0x6f0 [ 11.796004] ? trace_preempt_on+0x20/0xc0 [ 11.796039] ? __pfx_kthread+0x10/0x10 [ 11.796058] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.796078] ? calculate_sigpending+0x7b/0xa0 [ 11.796101] ? __pfx_kthread+0x10/0x10 [ 11.796121] ret_from_fork+0x116/0x1d0 [ 11.796138] ? __pfx_kthread+0x10/0x10 [ 11.796165] ret_from_fork_asm+0x1a/0x30 [ 11.796195] </TASK> [ 11.796206] [ 11.807065] Allocated by task 197: [ 11.807204] kasan_save_stack+0x45/0x70 [ 11.807411] kasan_save_track+0x18/0x40 [ 11.807635] kasan_save_alloc_info+0x3b/0x50 [ 11.807886] __kasan_kmalloc+0xb7/0xc0 [ 11.808226] __kmalloc_cache_noprof+0x189/0x420 [ 11.808463] kmalloc_memmove_negative_size+0xac/0x330 [ 11.808754] kunit_try_run_case+0x1a5/0x480 [ 11.808979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.809171] kthread+0x337/0x6f0 [ 11.809290] ret_from_fork+0x116/0x1d0 [ 11.809437] ret_from_fork_asm+0x1a/0x30 [ 11.809635] [ 11.809864] The buggy address belongs to the object at ffff8881033ab400 [ 11.809864] which belongs to the cache kmalloc-64 of size 64 [ 11.810414] The buggy address is located 4 bytes inside of [ 11.810414] 64-byte region [ffff8881033ab400, ffff8881033ab440) [ 11.811097] [ 11.811181] The buggy address belongs to the physical page: [ 11.811406] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033ab [ 11.811892] flags: 0x200000000000000(node=0|zone=2) [ 11.812072] page_type: f5(slab) [ 11.812404] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.812811] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.813137] page dumped because: kasan: bad access detected [ 11.813370] [ 11.813459] Memory state around the buggy address: [ 11.814239] ffff8881033ab300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.814493] ffff8881033ab380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.815146] >ffff8881033ab400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.815444] ^ [ 11.815597] ffff8881033ab480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.815946] ffff8881033ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.816257] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 11.745070] ================================================================== [ 11.746430] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.747149] Write of size 16 at addr ffff8881027c2969 by task kunit_try_catch/195 [ 11.747901] [ 11.748009] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.748069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.748081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.748101] Call Trace: [ 11.748115] <TASK> [ 11.748133] dump_stack_lvl+0x73/0xb0 [ 11.748373] print_report+0xd1/0x650 [ 11.748406] ? __virt_addr_valid+0x1db/0x2d0 [ 11.748475] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.748497] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.748518] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.748539] kasan_report+0x141/0x180 [ 11.748560] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.748585] kasan_check_range+0x10c/0x1c0 [ 11.748607] __asan_memset+0x27/0x50 [ 11.748625] kmalloc_oob_memset_16+0x166/0x330 [ 11.748659] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.748694] ? __schedule+0x10cc/0x2b60 [ 11.748717] ? __pfx_read_tsc+0x10/0x10 [ 11.748737] ? ktime_get_ts64+0x86/0x230 [ 11.748759] kunit_try_run_case+0x1a5/0x480 [ 11.748782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.748805] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.748827] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.748848] ? __kthread_parkme+0x82/0x180 [ 11.748867] ? preempt_count_sub+0x50/0x80 [ 11.748890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.748913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.748934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.748956] kthread+0x337/0x6f0 [ 11.748973] ? trace_preempt_on+0x20/0xc0 [ 11.748995] ? __pfx_kthread+0x10/0x10 [ 11.749014] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.749046] ? calculate_sigpending+0x7b/0xa0 [ 11.749069] ? __pfx_kthread+0x10/0x10 [ 11.749088] ret_from_fork+0x116/0x1d0 [ 11.749105] ? __pfx_kthread+0x10/0x10 [ 11.749124] ret_from_fork_asm+0x1a/0x30 [ 11.749153] </TASK> [ 11.749165] [ 11.767990] Allocated by task 195: [ 11.768209] kasan_save_stack+0x45/0x70 [ 11.768412] kasan_save_track+0x18/0x40 [ 11.768584] kasan_save_alloc_info+0x3b/0x50 [ 11.769359] __kasan_kmalloc+0xb7/0xc0 [ 11.769972] __kmalloc_cache_noprof+0x189/0x420 [ 11.770745] kmalloc_oob_memset_16+0xac/0x330 [ 11.771296] kunit_try_run_case+0x1a5/0x480 [ 11.771904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.772658] kthread+0x337/0x6f0 [ 11.773185] ret_from_fork+0x116/0x1d0 [ 11.773781] ret_from_fork_asm+0x1a/0x30 [ 11.774404] [ 11.774762] The buggy address belongs to the object at ffff8881027c2900 [ 11.774762] which belongs to the cache kmalloc-128 of size 128 [ 11.776060] The buggy address is located 105 bytes inside of [ 11.776060] allocated 120-byte region [ffff8881027c2900, ffff8881027c2978) [ 11.776528] [ 11.776624] The buggy address belongs to the physical page: [ 11.777554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027c2 [ 11.778797] flags: 0x200000000000000(node=0|zone=2) [ 11.779442] page_type: f5(slab) [ 11.779977] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.780990] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.781925] page dumped because: kasan: bad access detected [ 11.782166] [ 11.782255] Memory state around the buggy address: [ 11.782455] ffff8881027c2800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.783338] ffff8881027c2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.784461] >ffff8881027c2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.785313] ^ [ 11.786291] ffff8881027c2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.787300] ffff8881027c2a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.788333] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 11.715747] ================================================================== [ 11.716445] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.717104] Write of size 8 at addr ffff8881033ae271 by task kunit_try_catch/193 [ 11.717780] [ 11.717900] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.717946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.717957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.717978] Call Trace: [ 11.717990] <TASK> [ 11.718008] dump_stack_lvl+0x73/0xb0 [ 11.718052] print_report+0xd1/0x650 [ 11.718075] ? __virt_addr_valid+0x1db/0x2d0 [ 11.718138] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.718159] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.718180] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.718200] kasan_report+0x141/0x180 [ 11.718221] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.718247] kasan_check_range+0x10c/0x1c0 [ 11.718269] __asan_memset+0x27/0x50 [ 11.718288] kmalloc_oob_memset_8+0x166/0x330 [ 11.718309] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.718330] ? __schedule+0x10cc/0x2b60 [ 11.718351] ? __pfx_read_tsc+0x10/0x10 [ 11.718371] ? ktime_get_ts64+0x86/0x230 [ 11.718394] kunit_try_run_case+0x1a5/0x480 [ 11.718417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.718437] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.718460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.718481] ? __kthread_parkme+0x82/0x180 [ 11.718501] ? preempt_count_sub+0x50/0x80 [ 11.718523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.718545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.718566] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.718587] kthread+0x337/0x6f0 [ 11.718605] ? trace_preempt_on+0x20/0xc0 [ 11.718628] ? __pfx_kthread+0x10/0x10 [ 11.718724] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.718749] ? calculate_sigpending+0x7b/0xa0 [ 11.718774] ? __pfx_kthread+0x10/0x10 [ 11.718794] ret_from_fork+0x116/0x1d0 [ 11.718812] ? __pfx_kthread+0x10/0x10 [ 11.718831] ret_from_fork_asm+0x1a/0x30 [ 11.718861] </TASK> [ 11.718873] [ 11.730510] Allocated by task 193: [ 11.730931] kasan_save_stack+0x45/0x70 [ 11.731259] kasan_save_track+0x18/0x40 [ 11.731571] kasan_save_alloc_info+0x3b/0x50 [ 11.731920] __kasan_kmalloc+0xb7/0xc0 [ 11.732115] __kmalloc_cache_noprof+0x189/0x420 [ 11.732334] kmalloc_oob_memset_8+0xac/0x330 [ 11.732528] kunit_try_run_case+0x1a5/0x480 [ 11.732973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.733424] kthread+0x337/0x6f0 [ 11.733723] ret_from_fork+0x116/0x1d0 [ 11.734077] ret_from_fork_asm+0x1a/0x30 [ 11.734410] [ 11.734620] The buggy address belongs to the object at ffff8881033ae200 [ 11.734620] which belongs to the cache kmalloc-128 of size 128 [ 11.735424] The buggy address is located 113 bytes inside of [ 11.735424] allocated 120-byte region [ffff8881033ae200, ffff8881033ae278) [ 11.736454] [ 11.736535] The buggy address belongs to the physical page: [ 11.736892] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033ae [ 11.737580] flags: 0x200000000000000(node=0|zone=2) [ 11.737929] page_type: f5(slab) [ 11.738118] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.738439] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.738971] page dumped because: kasan: bad access detected [ 11.739226] [ 11.739482] Memory state around the buggy address: [ 11.739765] ffff8881033ae100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.740251] ffff8881033ae180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.740562] >ffff8881033ae200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.740953] ^ [ 11.741263] ffff8881033ae280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.741645] ffff8881033ae300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.741995] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 11.687399] ================================================================== [ 11.687955] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 11.688365] Write of size 4 at addr ffff8881033ae175 by task kunit_try_catch/191 [ 11.688690] [ 11.688803] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.688869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.688880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.688901] Call Trace: [ 11.689043] <TASK> [ 11.689062] dump_stack_lvl+0x73/0xb0 [ 11.689093] print_report+0xd1/0x650 [ 11.689115] ? __virt_addr_valid+0x1db/0x2d0 [ 11.689139] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.689159] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.689180] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.689200] kasan_report+0x141/0x180 [ 11.689221] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.689246] kasan_check_range+0x10c/0x1c0 [ 11.689267] __asan_memset+0x27/0x50 [ 11.689286] kmalloc_oob_memset_4+0x166/0x330 [ 11.689307] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 11.689328] ? __schedule+0x10cc/0x2b60 [ 11.689349] ? __pfx_read_tsc+0x10/0x10 [ 11.689370] ? ktime_get_ts64+0x86/0x230 [ 11.689394] kunit_try_run_case+0x1a5/0x480 [ 11.689419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.689440] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.689462] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.689485] ? __kthread_parkme+0x82/0x180 [ 11.689504] ? preempt_count_sub+0x50/0x80 [ 11.689528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.689551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.689572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.689593] kthread+0x337/0x6f0 [ 11.689612] ? trace_preempt_on+0x20/0xc0 [ 11.689634] ? __pfx_kthread+0x10/0x10 [ 11.689672] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.689692] ? calculate_sigpending+0x7b/0xa0 [ 11.689715] ? __pfx_kthread+0x10/0x10 [ 11.689735] ret_from_fork+0x116/0x1d0 [ 11.689752] ? __pfx_kthread+0x10/0x10 [ 11.689771] ret_from_fork_asm+0x1a/0x30 [ 11.689801] </TASK> [ 11.689813] [ 11.697965] Allocated by task 191: [ 11.699015] kasan_save_stack+0x45/0x70 [ 11.699196] kasan_save_track+0x18/0x40 [ 11.699332] kasan_save_alloc_info+0x3b/0x50 [ 11.699481] __kasan_kmalloc+0xb7/0xc0 [ 11.699611] __kmalloc_cache_noprof+0x189/0x420 [ 11.700188] kmalloc_oob_memset_4+0xac/0x330 [ 11.700568] kunit_try_run_case+0x1a5/0x480 [ 11.701039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.701521] kthread+0x337/0x6f0 [ 11.701896] ret_from_fork+0x116/0x1d0 [ 11.702257] ret_from_fork_asm+0x1a/0x30 [ 11.702710] [ 11.702889] The buggy address belongs to the object at ffff8881033ae100 [ 11.702889] which belongs to the cache kmalloc-128 of size 128 [ 11.703938] The buggy address is located 117 bytes inside of [ 11.703938] allocated 120-byte region [ffff8881033ae100, ffff8881033ae178) [ 11.704311] [ 11.704385] The buggy address belongs to the physical page: [ 11.704560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033ae [ 11.705146] flags: 0x200000000000000(node=0|zone=2) [ 11.705736] page_type: f5(slab) [ 11.706135] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.706973] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.708007] page dumped because: kasan: bad access detected [ 11.708669] [ 11.708830] Memory state around the buggy address: [ 11.709285] ffff8881033ae000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.709872] ffff8881033ae080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.710340] >ffff8881033ae100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.710554] ^ [ 11.711136] ffff8881033ae180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.711821] ffff8881033ae200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.712544] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.088692] ================================================================== [ 11.089329] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.089617] Read of size 1 at addr ffff888103950000 by task kunit_try_catch/171 [ 11.089939] [ 11.090068] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.090113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.090125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.090147] Call Trace: [ 11.090159] <TASK> [ 11.090177] dump_stack_lvl+0x73/0xb0 [ 11.090206] print_report+0xd1/0x650 [ 11.090229] ? __virt_addr_valid+0x1db/0x2d0 [ 11.090252] ? page_alloc_uaf+0x356/0x3d0 [ 11.090274] ? kasan_addr_to_slab+0x11/0xa0 [ 11.090294] ? page_alloc_uaf+0x356/0x3d0 [ 11.090315] kasan_report+0x141/0x180 [ 11.090336] ? page_alloc_uaf+0x356/0x3d0 [ 11.090363] __asan_report_load1_noabort+0x18/0x20 [ 11.090386] page_alloc_uaf+0x356/0x3d0 [ 11.090406] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.090428] ? __schedule+0x10cc/0x2b60 [ 11.090449] ? __pfx_read_tsc+0x10/0x10 [ 11.090471] ? ktime_get_ts64+0x86/0x230 [ 11.090495] kunit_try_run_case+0x1a5/0x480 [ 11.090521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.090542] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.090564] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.090585] ? __kthread_parkme+0x82/0x180 [ 11.090605] ? preempt_count_sub+0x50/0x80 [ 11.090628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.090658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.090680] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.090701] kthread+0x337/0x6f0 [ 11.090719] ? trace_preempt_on+0x20/0xc0 [ 11.090742] ? __pfx_kthread+0x10/0x10 [ 11.090761] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.090781] ? calculate_sigpending+0x7b/0xa0 [ 11.090803] ? __pfx_kthread+0x10/0x10 [ 11.090823] ret_from_fork+0x116/0x1d0 [ 11.090841] ? __pfx_kthread+0x10/0x10 [ 11.090860] ret_from_fork_asm+0x1a/0x30 [ 11.090893] </TASK> [ 11.090905] [ 11.098290] The buggy address belongs to the physical page: [ 11.098559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103950 [ 11.099900] flags: 0x200000000000000(node=0|zone=2) [ 11.100162] page_type: f0(buddy) [ 11.100328] raw: 0200000000000000 ffff88817fffb460 ffff88817fffb460 0000000000000000 [ 11.100633] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 11.100944] page dumped because: kasan: bad access detected [ 11.101183] [ 11.101269] Memory state around the buggy address: [ 11.101467] ffff88810394ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.101814] ffff88810394ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.102970] >ffff888103950000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.103212] ^ [ 11.103333] ffff888103950080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.103546] ffff888103950100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.104255] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.065861] ================================================================== [ 11.066365] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.066631] Free of addr ffff888102914001 by task kunit_try_catch/167 [ 11.066922] [ 11.067066] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.067113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.067125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.067147] Call Trace: [ 11.067160] <TASK> [ 11.067180] dump_stack_lvl+0x73/0xb0 [ 11.067210] print_report+0xd1/0x650 [ 11.067233] ? __virt_addr_valid+0x1db/0x2d0 [ 11.067258] ? kasan_addr_to_slab+0x11/0xa0 [ 11.067277] ? kfree+0x274/0x3f0 [ 11.067299] kasan_report_invalid_free+0x10a/0x130 [ 11.067322] ? kfree+0x274/0x3f0 [ 11.067345] ? kfree+0x274/0x3f0 [ 11.067364] __kasan_kfree_large+0x86/0xd0 [ 11.067384] free_large_kmalloc+0x4b/0x110 [ 11.067406] kfree+0x274/0x3f0 [ 11.067430] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.067451] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.067475] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.067500] kunit_try_run_case+0x1a5/0x480 [ 11.067525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.067545] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.067567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.067588] ? __kthread_parkme+0x82/0x180 [ 11.067608] ? preempt_count_sub+0x50/0x80 [ 11.067632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.067653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.067675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.067696] kthread+0x337/0x6f0 [ 11.067714] ? trace_preempt_on+0x20/0xc0 [ 11.067736] ? __pfx_kthread+0x10/0x10 [ 11.067755] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.067775] ? calculate_sigpending+0x7b/0xa0 [ 11.067797] ? __pfx_kthread+0x10/0x10 [ 11.067817] ret_from_fork+0x116/0x1d0 [ 11.067835] ? __pfx_kthread+0x10/0x10 [ 11.067854] ret_from_fork_asm+0x1a/0x30 [ 11.067884] </TASK> [ 11.067895] [ 11.074584] The buggy address belongs to the physical page: [ 11.074861] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102914 [ 11.075120] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.075451] flags: 0x200000000000040(head|node=0|zone=2) [ 11.075778] page_type: f8(unknown) [ 11.075957] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.076320] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.076557] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.076844] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.077208] head: 0200000000000002 ffffea00040a4501 00000000ffffffff 00000000ffffffff [ 11.077547] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.077805] page dumped because: kasan: bad access detected [ 11.078215] [ 11.078292] Memory state around the buggy address: [ 11.078449] ffff888102913f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.078663] ffff888102913f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.079079] >ffff888102914000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.079391] ^ [ 11.079555] ffff888102914080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.080126] ffff888102914100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.080369] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.043874] ================================================================== [ 11.044413] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.044733] Read of size 1 at addr ffff888102914000 by task kunit_try_catch/165 [ 11.045065] [ 11.045269] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.045318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.045330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.045351] Call Trace: [ 11.045364] <TASK> [ 11.045382] dump_stack_lvl+0x73/0xb0 [ 11.045411] print_report+0xd1/0x650 [ 11.045444] ? __virt_addr_valid+0x1db/0x2d0 [ 11.045468] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.045487] ? kasan_addr_to_slab+0x11/0xa0 [ 11.045517] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.045537] kasan_report+0x141/0x180 [ 11.045558] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.045583] __asan_report_load1_noabort+0x18/0x20 [ 11.045605] kmalloc_large_uaf+0x2f1/0x340 [ 11.045625] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.045645] ? __schedule+0x10cc/0x2b60 [ 11.045666] ? __pfx_read_tsc+0x10/0x10 [ 11.045687] ? ktime_get_ts64+0x86/0x230 [ 11.045710] kunit_try_run_case+0x1a5/0x480 [ 11.045735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.045817] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.045845] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.045866] ? __kthread_parkme+0x82/0x180 [ 11.045899] ? preempt_count_sub+0x50/0x80 [ 11.045922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.045944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.045966] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.045988] kthread+0x337/0x6f0 [ 11.046006] ? trace_preempt_on+0x20/0xc0 [ 11.046038] ? __pfx_kthread+0x10/0x10 [ 11.046058] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.046077] ? calculate_sigpending+0x7b/0xa0 [ 11.046099] ? __pfx_kthread+0x10/0x10 [ 11.046119] ret_from_fork+0x116/0x1d0 [ 11.046137] ? __pfx_kthread+0x10/0x10 [ 11.046156] ret_from_fork_asm+0x1a/0x30 [ 11.046186] </TASK> [ 11.046197] [ 11.056153] The buggy address belongs to the physical page: [ 11.056438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102914 [ 11.057161] flags: 0x200000000000000(node=0|zone=2) [ 11.057413] raw: 0200000000000000 ffffea00040a4608 ffff88815b039f80 0000000000000000 [ 11.057785] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.058104] page dumped because: kasan: bad access detected [ 11.058315] [ 11.058409] Memory state around the buggy address: [ 11.058607] ffff888102913f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.058977] ffff888102913f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.059245] >ffff888102914000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.059548] ^ [ 11.059689] ffff888102914080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.060011] ffff888102914100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.060480] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.018996] ================================================================== [ 11.019507] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.019877] Write of size 1 at addr ffff88810291600a by task kunit_try_catch/163 [ 11.020240] [ 11.020364] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 11.020410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.020422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.020443] Call Trace: [ 11.020456] <TASK> [ 11.020475] dump_stack_lvl+0x73/0xb0 [ 11.020505] print_report+0xd1/0x650 [ 11.020528] ? __virt_addr_valid+0x1db/0x2d0 [ 11.020552] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.020572] ? kasan_addr_to_slab+0x11/0xa0 [ 11.020592] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.020613] kasan_report+0x141/0x180 [ 11.020634] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.020762] __asan_report_store1_noabort+0x1b/0x30 [ 11.020789] kmalloc_large_oob_right+0x2e9/0x330 [ 11.020811] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.020833] ? __schedule+0x10cc/0x2b60 [ 11.020855] ? __pfx_read_tsc+0x10/0x10 [ 11.020876] ? ktime_get_ts64+0x86/0x230 [ 11.020900] kunit_try_run_case+0x1a5/0x480 [ 11.020924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.020945] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.020968] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.020989] ? __kthread_parkme+0x82/0x180 [ 11.021010] ? preempt_count_sub+0x50/0x80 [ 11.021049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.021071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.021093] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.021114] kthread+0x337/0x6f0 [ 11.021132] ? trace_preempt_on+0x20/0xc0 [ 11.021156] ? __pfx_kthread+0x10/0x10 [ 11.021175] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.021195] ? calculate_sigpending+0x7b/0xa0 [ 11.021218] ? __pfx_kthread+0x10/0x10 [ 11.021238] ret_from_fork+0x116/0x1d0 [ 11.021255] ? __pfx_kthread+0x10/0x10 [ 11.021275] ret_from_fork_asm+0x1a/0x30 [ 11.021305] </TASK> [ 11.021316] [ 11.031274] The buggy address belongs to the physical page: [ 11.031539] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102914 [ 11.032399] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.032935] flags: 0x200000000000040(head|node=0|zone=2) [ 11.033220] page_type: f8(unknown) [ 11.033388] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.034003] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.034456] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.034860] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.035341] head: 0200000000000002 ffffea00040a4501 00000000ffffffff 00000000ffffffff [ 11.035961] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.036434] page dumped because: kasan: bad access detected [ 11.036656] [ 11.036934] Memory state around the buggy address: [ 11.037121] ffff888102915f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.037618] ffff888102915f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.038276] >ffff888102916000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.038635] ^ [ 11.038917] ffff888102916080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.039235] ffff888102916100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.039563] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 10.986603] ================================================================== [ 10.987134] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 10.987488] Write of size 1 at addr ffff8881038a1f00 by task kunit_try_catch/161 [ 10.987773] [ 10.987927] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.987976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.987988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.988011] Call Trace: [ 10.988036] <TASK> [ 10.988058] dump_stack_lvl+0x73/0xb0 [ 10.988091] print_report+0xd1/0x650 [ 10.988114] ? __virt_addr_valid+0x1db/0x2d0 [ 10.988139] ? kmalloc_big_oob_right+0x316/0x370 [ 10.988167] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.988188] ? kmalloc_big_oob_right+0x316/0x370 [ 10.988209] kasan_report+0x141/0x180 [ 10.988231] ? kmalloc_big_oob_right+0x316/0x370 [ 10.988258] __asan_report_store1_noabort+0x1b/0x30 [ 10.988279] kmalloc_big_oob_right+0x316/0x370 [ 10.988301] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 10.988323] ? __schedule+0x10cc/0x2b60 [ 10.988345] ? __pfx_read_tsc+0x10/0x10 [ 10.988366] ? ktime_get_ts64+0x86/0x230 [ 10.988392] kunit_try_run_case+0x1a5/0x480 [ 10.988418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.988438] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.988475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.988497] ? __kthread_parkme+0x82/0x180 [ 10.988518] ? preempt_count_sub+0x50/0x80 [ 10.988554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.988577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.988598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.988620] kthread+0x337/0x6f0 [ 10.988638] ? trace_preempt_on+0x20/0xc0 [ 10.988661] ? __pfx_kthread+0x10/0x10 [ 10.988681] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.988700] ? calculate_sigpending+0x7b/0xa0 [ 10.988724] ? __pfx_kthread+0x10/0x10 [ 10.988745] ret_from_fork+0x116/0x1d0 [ 10.988762] ? __pfx_kthread+0x10/0x10 [ 10.988781] ret_from_fork_asm+0x1a/0x30 [ 10.988812] </TASK> [ 10.988824] [ 10.997618] Allocated by task 161: [ 10.998242] kasan_save_stack+0x45/0x70 [ 10.998565] kasan_save_track+0x18/0x40 [ 10.999048] kasan_save_alloc_info+0x3b/0x50 [ 10.999371] __kasan_kmalloc+0xb7/0xc0 [ 10.999565] __kmalloc_cache_noprof+0x189/0x420 [ 11.000193] kmalloc_big_oob_right+0xa9/0x370 [ 11.000410] kunit_try_run_case+0x1a5/0x480 [ 11.000605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.001102] kthread+0x337/0x6f0 [ 11.001273] ret_from_fork+0x116/0x1d0 [ 11.001446] ret_from_fork_asm+0x1a/0x30 [ 11.001628] [ 11.002000] The buggy address belongs to the object at ffff8881038a0000 [ 11.002000] which belongs to the cache kmalloc-8k of size 8192 [ 11.002733] The buggy address is located 0 bytes to the right of [ 11.002733] allocated 7936-byte region [ffff8881038a0000, ffff8881038a1f00) [ 11.003262] [ 11.003354] The buggy address belongs to the physical page: [ 11.003589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038a0 [ 11.004257] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.004572] flags: 0x200000000000040(head|node=0|zone=2) [ 11.005365] page_type: f5(slab) [ 11.005559] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.006262] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.006965] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.007319] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.007869] head: 0200000000000003 ffffea00040e2801 00000000ffffffff 00000000ffffffff [ 11.008340] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.008877] page dumped because: kasan: bad access detected [ 11.009129] [ 11.009217] Memory state around the buggy address: [ 11.009428] ffff8881038a1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.010095] ffff8881038a1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.010563] >ffff8881038a1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.011168] ^ [ 11.011324] ffff8881038a1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.011615] ffff8881038a2000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.012295] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 10.960812] ================================================================== [ 10.961156] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.961473] Write of size 1 at addr ffff88810339bf78 by task kunit_try_catch/159 [ 10.961780] [ 10.962095] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.962148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.962161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.962181] Call Trace: [ 10.962194] <TASK> [ 10.962212] dump_stack_lvl+0x73/0xb0 [ 10.962241] print_report+0xd1/0x650 [ 10.962263] ? __virt_addr_valid+0x1db/0x2d0 [ 10.962286] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.962310] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.962330] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.962354] kasan_report+0x141/0x180 [ 10.962375] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.962402] __asan_report_store1_noabort+0x1b/0x30 [ 10.962422] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.962445] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.962469] ? __schedule+0x10cc/0x2b60 [ 10.962490] ? __pfx_read_tsc+0x10/0x10 [ 10.962510] ? ktime_get_ts64+0x86/0x230 [ 10.962534] kunit_try_run_case+0x1a5/0x480 [ 10.962559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.962580] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.962602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.962623] ? __kthread_parkme+0x82/0x180 [ 10.962643] ? preempt_count_sub+0x50/0x80 [ 10.962666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.962688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.962709] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.962731] kthread+0x337/0x6f0 [ 10.962749] ? trace_preempt_on+0x20/0xc0 [ 10.962772] ? __pfx_kthread+0x10/0x10 [ 10.962791] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.962810] ? calculate_sigpending+0x7b/0xa0 [ 10.962833] ? __pfx_kthread+0x10/0x10 [ 10.962853] ret_from_fork+0x116/0x1d0 [ 10.962870] ? __pfx_kthread+0x10/0x10 [ 10.962889] ret_from_fork_asm+0x1a/0x30 [ 10.962919] </TASK> [ 10.962929] [ 10.970840] Allocated by task 159: [ 10.970973] kasan_save_stack+0x45/0x70 [ 10.971130] kasan_save_track+0x18/0x40 [ 10.971267] kasan_save_alloc_info+0x3b/0x50 [ 10.971419] __kasan_kmalloc+0xb7/0xc0 [ 10.972116] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.972403] kmalloc_track_caller_oob_right+0x19a/0x520 [ 10.972654] kunit_try_run_case+0x1a5/0x480 [ 10.973036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.973597] kthread+0x337/0x6f0 [ 10.974010] ret_from_fork+0x116/0x1d0 [ 10.974281] ret_from_fork_asm+0x1a/0x30 [ 10.974576] [ 10.974862] The buggy address belongs to the object at ffff88810339bf00 [ 10.974862] which belongs to the cache kmalloc-128 of size 128 [ 10.975373] The buggy address is located 0 bytes to the right of [ 10.975373] allocated 120-byte region [ffff88810339bf00, ffff88810339bf78) [ 10.976151] [ 10.976385] The buggy address belongs to the physical page: [ 10.976816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10339b [ 10.977302] flags: 0x200000000000000(node=0|zone=2) [ 10.977529] page_type: f5(slab) [ 10.977862] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.978392] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.979117] page dumped because: kasan: bad access detected [ 10.979411] [ 10.979633] Memory state around the buggy address: [ 10.979865] ffff88810339be00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.980171] ffff88810339be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.980466] >ffff88810339bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.980976] ^ [ 10.981467] ffff88810339bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.982127] ffff88810339c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.982627] ================================================================== [ 10.939927] ================================================================== [ 10.940414] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.940768] Write of size 1 at addr ffff88810339be78 by task kunit_try_catch/159 [ 10.941260] [ 10.941383] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.941429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.941441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.941462] Call Trace: [ 10.941474] <TASK> [ 10.941493] dump_stack_lvl+0x73/0xb0 [ 10.941521] print_report+0xd1/0x650 [ 10.941544] ? __virt_addr_valid+0x1db/0x2d0 [ 10.941568] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.941591] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.941612] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.941635] kasan_report+0x141/0x180 [ 10.941656] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.941684] __asan_report_store1_noabort+0x1b/0x30 [ 10.941703] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.941726] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.941750] ? __schedule+0x10cc/0x2b60 [ 10.941771] ? __pfx_read_tsc+0x10/0x10 [ 10.941791] ? ktime_get_ts64+0x86/0x230 [ 10.941815] kunit_try_run_case+0x1a5/0x480 [ 10.941839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.941860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.941882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.941902] ? __kthread_parkme+0x82/0x180 [ 10.941922] ? preempt_count_sub+0x50/0x80 [ 10.941945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.941967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.941988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.942009] kthread+0x337/0x6f0 [ 10.942040] ? trace_preempt_on+0x20/0xc0 [ 10.942063] ? __pfx_kthread+0x10/0x10 [ 10.942082] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.942102] ? calculate_sigpending+0x7b/0xa0 [ 10.942125] ? __pfx_kthread+0x10/0x10 [ 10.942145] ret_from_fork+0x116/0x1d0 [ 10.942162] ? __pfx_kthread+0x10/0x10 [ 10.942181] ret_from_fork_asm+0x1a/0x30 [ 10.942211] </TASK> [ 10.942222] [ 10.949212] Allocated by task 159: [ 10.949389] kasan_save_stack+0x45/0x70 [ 10.949594] kasan_save_track+0x18/0x40 [ 10.949840] kasan_save_alloc_info+0x3b/0x50 [ 10.950056] __kasan_kmalloc+0xb7/0xc0 [ 10.950222] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.950403] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.950652] kunit_try_run_case+0x1a5/0x480 [ 10.950860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.951123] kthread+0x337/0x6f0 [ 10.951284] ret_from_fork+0x116/0x1d0 [ 10.951435] ret_from_fork_asm+0x1a/0x30 [ 10.951590] [ 10.951698] The buggy address belongs to the object at ffff88810339be00 [ 10.951698] which belongs to the cache kmalloc-128 of size 128 [ 10.952215] The buggy address is located 0 bytes to the right of [ 10.952215] allocated 120-byte region [ffff88810339be00, ffff88810339be78) [ 10.952711] [ 10.952805] The buggy address belongs to the physical page: [ 10.952979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10339b [ 10.953231] flags: 0x200000000000000(node=0|zone=2) [ 10.953443] page_type: f5(slab) [ 10.953674] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.954010] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.954350] page dumped because: kasan: bad access detected [ 10.954602] [ 10.954760] Memory state around the buggy address: [ 10.954937] ffff88810339bd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.955160] ffff88810339bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.955407] >ffff88810339be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.955814] ^ [ 10.956139] ffff88810339be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.956462] ffff88810339bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.956846] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 10.907620] ================================================================== [ 10.908105] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.908432] Read of size 1 at addr ffff8881029c7000 by task kunit_try_catch/157 [ 10.909323] [ 10.909456] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.909506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.909517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.909539] Call Trace: [ 10.909551] <TASK> [ 10.909570] dump_stack_lvl+0x73/0xb0 [ 10.909602] print_report+0xd1/0x650 [ 10.909625] ? __virt_addr_valid+0x1db/0x2d0 [ 10.909755] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.909783] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.909804] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.909827] kasan_report+0x141/0x180 [ 10.909848] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.909876] __asan_report_load1_noabort+0x18/0x20 [ 10.909899] kmalloc_node_oob_right+0x369/0x3c0 [ 10.909922] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.909944] ? __schedule+0x10cc/0x2b60 [ 10.909966] ? __pfx_read_tsc+0x10/0x10 [ 10.909987] ? ktime_get_ts64+0x86/0x230 [ 10.910011] kunit_try_run_case+0x1a5/0x480 [ 10.910050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.910071] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.910093] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.910114] ? __kthread_parkme+0x82/0x180 [ 10.910133] ? preempt_count_sub+0x50/0x80 [ 10.910156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.910178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.910199] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.910221] kthread+0x337/0x6f0 [ 10.910239] ? trace_preempt_on+0x20/0xc0 [ 10.910261] ? __pfx_kthread+0x10/0x10 [ 10.910280] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.910300] ? calculate_sigpending+0x7b/0xa0 [ 10.910322] ? __pfx_kthread+0x10/0x10 [ 10.910342] ret_from_fork+0x116/0x1d0 [ 10.910360] ? __pfx_kthread+0x10/0x10 [ 10.910379] ret_from_fork_asm+0x1a/0x30 [ 10.910408] </TASK> [ 10.910420] [ 10.917369] Allocated by task 157: [ 10.917627] kasan_save_stack+0x45/0x70 [ 10.917832] kasan_save_track+0x18/0x40 [ 10.918029] kasan_save_alloc_info+0x3b/0x50 [ 10.918239] __kasan_kmalloc+0xb7/0xc0 [ 10.918422] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.918593] kmalloc_node_oob_right+0xab/0x3c0 [ 10.918743] kunit_try_run_case+0x1a5/0x480 [ 10.919065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.919315] kthread+0x337/0x6f0 [ 10.919482] ret_from_fork+0x116/0x1d0 [ 10.919737] ret_from_fork_asm+0x1a/0x30 [ 10.919896] [ 10.919992] The buggy address belongs to the object at ffff8881029c6000 [ 10.919992] which belongs to the cache kmalloc-4k of size 4096 [ 10.920411] The buggy address is located 0 bytes to the right of [ 10.920411] allocated 4096-byte region [ffff8881029c6000, ffff8881029c7000) [ 10.921212] [ 10.921317] The buggy address belongs to the physical page: [ 10.921596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c0 [ 10.922141] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.922377] flags: 0x200000000000040(head|node=0|zone=2) [ 10.923322] page_type: f5(slab) [ 10.923512] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.924213] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.924568] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.925041] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.925346] head: 0200000000000003 ffffea00040a7001 00000000ffffffff 00000000ffffffff [ 10.925745] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.925989] page dumped because: kasan: bad access detected [ 10.926181] [ 10.926279] Memory state around the buggy address: [ 10.926510] ffff8881029c6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.926971] ffff8881029c6f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.927339] >ffff8881029c7000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.927618] ^ [ 10.927948] ffff8881029c7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.928194] ffff8881029c7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.928434] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 10.883901] ================================================================== [ 10.884923] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.885249] Read of size 1 at addr ffff88810191e89f by task kunit_try_catch/155 [ 10.885516] [ 10.885638] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.885685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.885697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.885721] Call Trace: [ 10.885734] <TASK> [ 10.885754] dump_stack_lvl+0x73/0xb0 [ 10.885784] print_report+0xd1/0x650 [ 10.885806] ? __virt_addr_valid+0x1db/0x2d0 [ 10.885829] ? kmalloc_oob_left+0x361/0x3c0 [ 10.885849] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.885869] ? kmalloc_oob_left+0x361/0x3c0 [ 10.885889] kasan_report+0x141/0x180 [ 10.885910] ? kmalloc_oob_left+0x361/0x3c0 [ 10.885934] __asan_report_load1_noabort+0x18/0x20 [ 10.885957] kmalloc_oob_left+0x361/0x3c0 [ 10.885977] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.885998] ? __schedule+0x10cc/0x2b60 [ 10.886019] ? __pfx_read_tsc+0x10/0x10 [ 10.886050] ? ktime_get_ts64+0x86/0x230 [ 10.886074] kunit_try_run_case+0x1a5/0x480 [ 10.886098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.886118] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.886141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.886163] ? __kthread_parkme+0x82/0x180 [ 10.886182] ? preempt_count_sub+0x50/0x80 [ 10.886205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.886227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.886248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.886270] kthread+0x337/0x6f0 [ 10.886288] ? trace_preempt_on+0x20/0xc0 [ 10.886311] ? __pfx_kthread+0x10/0x10 [ 10.886331] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.886350] ? calculate_sigpending+0x7b/0xa0 [ 10.886373] ? __pfx_kthread+0x10/0x10 [ 10.886393] ret_from_fork+0x116/0x1d0 [ 10.886410] ? __pfx_kthread+0x10/0x10 [ 10.886429] ret_from_fork_asm+0x1a/0x30 [ 10.886459] </TASK> [ 10.886470] [ 10.893822] Allocated by task 1: [ 10.894174] kasan_save_stack+0x45/0x70 [ 10.894332] kasan_save_track+0x18/0x40 [ 10.894469] kasan_save_alloc_info+0x3b/0x50 [ 10.894616] __kasan_kmalloc+0xb7/0xc0 [ 10.894790] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.895058] kvasprintf+0xc5/0x150 [ 10.895233] __kthread_create_on_node+0x18b/0x3a0 [ 10.895504] kthread_create_on_node+0xab/0xe0 [ 10.895818] create_worker+0x3e5/0x7b0 [ 10.895970] alloc_unbound_pwq+0x8ea/0xdb0 [ 10.896127] apply_wqattrs_prepare+0x332/0xd20 [ 10.896283] apply_workqueue_attrs_locked+0x4d/0xa0 [ 10.896505] alloc_workqueue+0xcc7/0x1ad0 [ 10.896966] latency_fsnotify_init+0x1b/0x50 [ 10.897218] do_one_initcall+0xd8/0x370 [ 10.897412] kernel_init_freeable+0x420/0x6f0 [ 10.897610] kernel_init+0x23/0x1e0 [ 10.897851] ret_from_fork+0x116/0x1d0 [ 10.898003] ret_from_fork_asm+0x1a/0x30 [ 10.898155] [ 10.898228] The buggy address belongs to the object at ffff88810191e880 [ 10.898228] which belongs to the cache kmalloc-16 of size 16 [ 10.898959] The buggy address is located 18 bytes to the right of [ 10.898959] allocated 13-byte region [ffff88810191e880, ffff88810191e88d) [ 10.899411] [ 10.899489] The buggy address belongs to the physical page: [ 10.899737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10191e [ 10.900317] flags: 0x200000000000000(node=0|zone=2) [ 10.900551] page_type: f5(slab) [ 10.900675] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.901200] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.901849] page dumped because: kasan: bad access detected [ 10.902082] [ 10.902153] Memory state around the buggy address: [ 10.902311] ffff88810191e780: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 10.902538] ffff88810191e800: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 10.903181] >ffff88810191e880: 00 05 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 10.903505] ^ [ 10.903698] ffff88810191e900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.903963] ffff88810191e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.904242] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 10.864872] ================================================================== [ 10.865396] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.865944] Read of size 1 at addr ffff88810339bd80 by task kunit_try_catch/153 [ 10.866428] [ 10.866538] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.866583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.866594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.866616] Call Trace: [ 10.866629] <TASK> [ 10.866647] dump_stack_lvl+0x73/0xb0 [ 10.866676] print_report+0xd1/0x650 [ 10.866698] ? __virt_addr_valid+0x1db/0x2d0 [ 10.866721] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.866741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.866762] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.866782] kasan_report+0x141/0x180 [ 10.866803] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.866827] __asan_report_load1_noabort+0x18/0x20 [ 10.866850] kmalloc_oob_right+0x68a/0x7f0 [ 10.866871] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.866892] ? __schedule+0x10cc/0x2b60 [ 10.866913] ? __pfx_read_tsc+0x10/0x10 [ 10.866933] ? ktime_get_ts64+0x86/0x230 [ 10.866956] kunit_try_run_case+0x1a5/0x480 [ 10.866979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.867000] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.867033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.867054] ? __kthread_parkme+0x82/0x180 [ 10.867074] ? preempt_count_sub+0x50/0x80 [ 10.867097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.867120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.867141] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.867164] kthread+0x337/0x6f0 [ 10.867183] ? trace_preempt_on+0x20/0xc0 [ 10.867208] ? __pfx_kthread+0x10/0x10 [ 10.867229] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.867249] ? calculate_sigpending+0x7b/0xa0 [ 10.867272] ? __pfx_kthread+0x10/0x10 [ 10.867292] ret_from_fork+0x116/0x1d0 [ 10.867309] ? __pfx_kthread+0x10/0x10 [ 10.867328] ret_from_fork_asm+0x1a/0x30 [ 10.867358] </TASK> [ 10.867370] [ 10.873610] Allocated by task 153: [ 10.873795] kasan_save_stack+0x45/0x70 [ 10.873992] kasan_save_track+0x18/0x40 [ 10.874184] kasan_save_alloc_info+0x3b/0x50 [ 10.874381] __kasan_kmalloc+0xb7/0xc0 [ 10.874513] __kmalloc_cache_noprof+0x189/0x420 [ 10.874729] kmalloc_oob_right+0xa9/0x7f0 [ 10.874928] kunit_try_run_case+0x1a5/0x480 [ 10.875145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.875397] kthread+0x337/0x6f0 [ 10.875553] ret_from_fork+0x116/0x1d0 [ 10.875721] ret_from_fork_asm+0x1a/0x30 [ 10.875889] [ 10.875983] The buggy address belongs to the object at ffff88810339bd00 [ 10.875983] which belongs to the cache kmalloc-128 of size 128 [ 10.876363] The buggy address is located 13 bytes to the right of [ 10.876363] allocated 115-byte region [ffff88810339bd00, ffff88810339bd73) [ 10.876969] [ 10.877062] The buggy address belongs to the physical page: [ 10.877265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10339b [ 10.877592] flags: 0x200000000000000(node=0|zone=2) [ 10.877766] page_type: f5(slab) [ 10.877881] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.878111] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.878324] page dumped because: kasan: bad access detected [ 10.878564] [ 10.878665] Memory state around the buggy address: [ 10.878882] ffff88810339bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.879197] ffff88810339bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.879505] >ffff88810339bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.879908] ^ [ 10.880031] ffff88810339be00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.880242] ffff88810339be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.880548] ================================================================== [ 10.812395] ================================================================== [ 10.813015] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.814050] Write of size 1 at addr ffff88810339bd73 by task kunit_try_catch/153 [ 10.814447] [ 10.815498] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.815912] Tainted: [N]=TEST [ 10.815947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.816174] Call Trace: [ 10.816241] <TASK> [ 10.816394] dump_stack_lvl+0x73/0xb0 [ 10.816479] print_report+0xd1/0x650 [ 10.816507] ? __virt_addr_valid+0x1db/0x2d0 [ 10.816532] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.816552] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.816573] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.816594] kasan_report+0x141/0x180 [ 10.816615] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.816727] __asan_report_store1_noabort+0x1b/0x30 [ 10.816752] kmalloc_oob_right+0x6f0/0x7f0 [ 10.816774] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.816796] ? __schedule+0x10cc/0x2b60 [ 10.816818] ? __pfx_read_tsc+0x10/0x10 [ 10.816839] ? ktime_get_ts64+0x86/0x230 [ 10.816864] kunit_try_run_case+0x1a5/0x480 [ 10.816889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.816910] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.816933] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.816954] ? __kthread_parkme+0x82/0x180 [ 10.816975] ? preempt_count_sub+0x50/0x80 [ 10.816999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.817032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.817054] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.817075] kthread+0x337/0x6f0 [ 10.817093] ? trace_preempt_on+0x20/0xc0 [ 10.817116] ? __pfx_kthread+0x10/0x10 [ 10.817136] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.817155] ? calculate_sigpending+0x7b/0xa0 [ 10.817178] ? __pfx_kthread+0x10/0x10 [ 10.817198] ret_from_fork+0x116/0x1d0 [ 10.817215] ? __pfx_kthread+0x10/0x10 [ 10.817234] ret_from_fork_asm+0x1a/0x30 [ 10.817295] </TASK> [ 10.817360] [ 10.825178] Allocated by task 153: [ 10.825530] kasan_save_stack+0x45/0x70 [ 10.826174] kasan_save_track+0x18/0x40 [ 10.826347] kasan_save_alloc_info+0x3b/0x50 [ 10.826497] __kasan_kmalloc+0xb7/0xc0 [ 10.826707] __kmalloc_cache_noprof+0x189/0x420 [ 10.826942] kmalloc_oob_right+0xa9/0x7f0 [ 10.827174] kunit_try_run_case+0x1a5/0x480 [ 10.827390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.827829] kthread+0x337/0x6f0 [ 10.828262] ret_from_fork+0x116/0x1d0 [ 10.828926] ret_from_fork_asm+0x1a/0x30 [ 10.829278] [ 10.829570] The buggy address belongs to the object at ffff88810339bd00 [ 10.829570] which belongs to the cache kmalloc-128 of size 128 [ 10.830530] The buggy address is located 0 bytes to the right of [ 10.830530] allocated 115-byte region [ffff88810339bd00, ffff88810339bd73) [ 10.831476] [ 10.831650] The buggy address belongs to the physical page: [ 10.832334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10339b [ 10.833067] flags: 0x200000000000000(node=0|zone=2) [ 10.833970] page_type: f5(slab) [ 10.834641] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.835369] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.835780] page dumped because: kasan: bad access detected [ 10.836403] [ 10.836529] Memory state around the buggy address: [ 10.837435] ffff88810339bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.837745] ffff88810339bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.838295] >ffff88810339bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.838888] ^ [ 10.839329] ffff88810339bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.839639] ffff88810339be00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.840156] ================================================================== [ 10.843119] ================================================================== [ 10.843614] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.844054] Write of size 1 at addr ffff88810339bd78 by task kunit_try_catch/153 [ 10.844416] [ 10.844516] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 10.844757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.844773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.844795] Call Trace: [ 10.844837] <TASK> [ 10.844918] dump_stack_lvl+0x73/0xb0 [ 10.844950] print_report+0xd1/0x650 [ 10.844972] ? __virt_addr_valid+0x1db/0x2d0 [ 10.845015] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.845048] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.845084] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.845104] kasan_report+0x141/0x180 [ 10.845126] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.845256] __asan_report_store1_noabort+0x1b/0x30 [ 10.845278] kmalloc_oob_right+0x6bd/0x7f0 [ 10.845300] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.845321] ? __schedule+0x10cc/0x2b60 [ 10.845342] ? __pfx_read_tsc+0x10/0x10 [ 10.845362] ? ktime_get_ts64+0x86/0x230 [ 10.845385] kunit_try_run_case+0x1a5/0x480 [ 10.845409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.845429] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.845450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.845472] ? __kthread_parkme+0x82/0x180 [ 10.845491] ? preempt_count_sub+0x50/0x80 [ 10.845513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.845535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.845556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.845578] kthread+0x337/0x6f0 [ 10.845595] ? trace_preempt_on+0x20/0xc0 [ 10.845618] ? __pfx_kthread+0x10/0x10 [ 10.845714] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.845739] ? calculate_sigpending+0x7b/0xa0 [ 10.845765] ? __pfx_kthread+0x10/0x10 [ 10.845787] ret_from_fork+0x116/0x1d0 [ 10.845805] ? __pfx_kthread+0x10/0x10 [ 10.845824] ret_from_fork_asm+0x1a/0x30 [ 10.845855] </TASK> [ 10.845866] [ 10.854134] Allocated by task 153: [ 10.854341] kasan_save_stack+0x45/0x70 [ 10.854563] kasan_save_track+0x18/0x40 [ 10.854837] kasan_save_alloc_info+0x3b/0x50 [ 10.855003] __kasan_kmalloc+0xb7/0xc0 [ 10.855142] __kmalloc_cache_noprof+0x189/0x420 [ 10.855415] kmalloc_oob_right+0xa9/0x7f0 [ 10.855740] kunit_try_run_case+0x1a5/0x480 [ 10.855963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.856331] kthread+0x337/0x6f0 [ 10.856514] ret_from_fork+0x116/0x1d0 [ 10.856730] ret_from_fork_asm+0x1a/0x30 [ 10.856865] [ 10.857040] The buggy address belongs to the object at ffff88810339bd00 [ 10.857040] which belongs to the cache kmalloc-128 of size 128 [ 10.857698] The buggy address is located 5 bytes to the right of [ 10.857698] allocated 115-byte region [ffff88810339bd00, ffff88810339bd73) [ 10.858201] [ 10.858273] The buggy address belongs to the physical page: [ 10.858525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10339b [ 10.859006] flags: 0x200000000000000(node=0|zone=2) [ 10.859283] page_type: f5(slab) [ 10.859429] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.859715] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.860305] page dumped because: kasan: bad access detected [ 10.860651] [ 10.860748] Memory state around the buggy address: [ 10.861291] ffff88810339bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.861637] ffff88810339bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.861994] >ffff88810339bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.862367] ^ [ 10.862575] ffff88810339bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.863119] ffff88810339be00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.863553] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 142.994589] WARNING: CPU: 0 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 142.995116] Modules linked in: [ 142.995320] CPU: 0 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 142.996323] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.996517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.997812] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 142.998354] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 80 cf 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.999263] RSP: 0000:ffff88810309fc78 EFLAGS: 00010286 [ 142.999459] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 142.999727] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff85c3275c [ 143.000239] RBP: ffff88810309fca0 R08: 0000000000000000 R09: ffffed10208c7280 [ 143.000497] R10: ffff888104639407 R11: 0000000000000000 R12: ffffffff85c32748 [ 143.001208] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810309fd38 [ 143.001541] FS: 0000000000000000(0000) GS:ffff8881d3474000(0000) knlGS:0000000000000000 [ 143.002075] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.002348] CR2: 00007ffff7ffe000 CR3: 000000005d8bc000 CR4: 00000000000006f0 [ 143.002680] DR0: ffffffff87c50440 DR1: ffffffff87c50441 DR2: ffffffff87c50442 [ 143.003182] DR3: ffffffff87c50443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.003463] Call Trace: [ 143.003605] <TASK> [ 143.003767] drm_test_rect_calc_vscale+0x108/0x270 [ 143.004107] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 143.004391] ? __schedule+0x10cc/0x2b60 [ 143.004655] ? __pfx_read_tsc+0x10/0x10 [ 143.005312] ? ktime_get_ts64+0x86/0x230 [ 143.005633] kunit_try_run_case+0x1a5/0x480 [ 143.005959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.006255] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.006471] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.006800] ? __kthread_parkme+0x82/0x180 [ 143.007133] ? preempt_count_sub+0x50/0x80 [ 143.007402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.007766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.008082] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.008377] kthread+0x337/0x6f0 [ 143.008577] ? trace_preempt_on+0x20/0xc0 [ 143.008746] ? __pfx_kthread+0x10/0x10 [ 143.009359] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.009741] ? calculate_sigpending+0x7b/0xa0 [ 143.009965] ? __pfx_kthread+0x10/0x10 [ 143.010165] ret_from_fork+0x116/0x1d0 [ 143.010348] ? __pfx_kthread+0x10/0x10 [ 143.010531] ret_from_fork_asm+0x1a/0x30 [ 143.010829] </TASK> [ 143.011016] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 143.015293] WARNING: CPU: 1 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 143.016008] Modules linked in: [ 143.016321] CPU: 1 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 143.017364] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.017657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.018180] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 143.018483] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 80 cf 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 143.019399] RSP: 0000:ffff888102ba7c78 EFLAGS: 00010286 [ 143.019878] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 143.020210] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff85c32794 [ 143.020514] RBP: ffff888102ba7ca0 R08: 0000000000000000 R09: ffffed10201bfdc0 [ 143.020932] R10: ffff888100dfee07 R11: 0000000000000000 R12: ffffffff85c32780 [ 143.021779] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102ba7d38 [ 143.022197] FS: 0000000000000000(0000) GS:ffff8881d3574000(0000) knlGS:0000000000000000 [ 143.022542] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.022995] CR2: 00007ffff7ffe000 CR3: 000000005d8bc000 CR4: 00000000000006f0 [ 143.023333] DR0: ffffffff87c50440 DR1: ffffffff87c50441 DR2: ffffffff87c50443 [ 143.023708] DR3: ffffffff87c50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.024023] Call Trace: [ 143.024167] <TASK> [ 143.024301] drm_test_rect_calc_vscale+0x108/0x270 [ 143.024546] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 143.025056] ? __schedule+0x10cc/0x2b60 [ 143.025275] ? __pfx_read_tsc+0x10/0x10 [ 143.025507] ? ktime_get_ts64+0x86/0x230 [ 143.025669] kunit_try_run_case+0x1a5/0x480 [ 143.026057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.026282] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.026580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.026980] ? __kthread_parkme+0x82/0x180 [ 143.027247] ? preempt_count_sub+0x50/0x80 [ 143.027419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.027673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.028258] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.028534] kthread+0x337/0x6f0 [ 143.028735] ? trace_preempt_on+0x20/0xc0 [ 143.029100] ? __pfx_kthread+0x10/0x10 [ 143.029272] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.029447] ? calculate_sigpending+0x7b/0xa0 [ 143.029829] ? __pfx_kthread+0x10/0x10 [ 143.030043] ret_from_fork+0x116/0x1d0 [ 143.030273] ? __pfx_kthread+0x10/0x10 [ 143.030475] ret_from_fork_asm+0x1a/0x30 [ 143.030716] </TASK> [ 143.030998] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 142.941477] WARNING: CPU: 1 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 142.941797] Modules linked in: [ 142.941963] CPU: 1 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 142.942280] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.942452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.942705] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 142.942877] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.944757] RSP: 0000:ffff888102f87c78 EFLAGS: 00010286 [ 142.945516] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 142.946206] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff85c32760 [ 142.947224] RBP: ffff888102f87ca0 R08: 0000000000000000 R09: ffffed10201bfca0 [ 142.948035] R10: ffff888100dfe507 R11: 000000000000001a R12: ffffffff85c32748 [ 142.949076] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102f87d38 [ 142.949853] FS: 0000000000000000(0000) GS:ffff8881d3574000(0000) knlGS:0000000000000000 [ 142.950571] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.950937] CR2: 00007ffff7ffe000 CR3: 000000005d8bc000 CR4: 00000000000006f0 [ 142.951160] DR0: ffffffff87c50440 DR1: ffffffff87c50441 DR2: ffffffff87c50443 [ 142.951365] DR3: ffffffff87c50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.951569] Call Trace: [ 142.951690] <TASK> [ 142.952044] drm_test_rect_calc_hscale+0x108/0x270 [ 142.952309] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 142.952557] ? __schedule+0x10cc/0x2b60 [ 142.952861] ? __pfx_read_tsc+0x10/0x10 [ 142.953079] ? ktime_get_ts64+0x86/0x230 [ 142.953280] kunit_try_run_case+0x1a5/0x480 [ 142.953479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.953707] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.953915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.954312] ? __kthread_parkme+0x82/0x180 [ 142.954512] ? preempt_count_sub+0x50/0x80 [ 142.954716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.955070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.955357] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.955634] kthread+0x337/0x6f0 [ 142.955815] ? trace_preempt_on+0x20/0xc0 [ 142.956006] ? __pfx_kthread+0x10/0x10 [ 142.956189] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.956413] ? calculate_sigpending+0x7b/0xa0 [ 142.956908] ? __pfx_kthread+0x10/0x10 [ 142.957085] ret_from_fork+0x116/0x1d0 [ 142.957217] ? __pfx_kthread+0x10/0x10 [ 142.957409] ret_from_fork_asm+0x1a/0x30 [ 142.957872] </TASK> [ 142.958045] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 142.961996] WARNING: CPU: 0 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 142.962659] Modules linked in: [ 142.963295] CPU: 0 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 142.963865] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.964150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.964527] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 142.964857] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.965704] RSP: 0000:ffff88810329fc78 EFLAGS: 00010286 [ 142.965964] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 142.966296] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff85c32798 [ 142.966581] RBP: ffff88810329fca0 R08: 0000000000000000 R09: ffffed10201bfce0 [ 142.967074] R10: ffff888100dfe707 R11: 0000000000000000 R12: ffffffff85c32780 [ 142.967364] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810329fd38 [ 142.967837] FS: 0000000000000000(0000) GS:ffff8881d3474000(0000) knlGS:0000000000000000 [ 142.968214] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.968456] CR2: 00007ffff7ffe000 CR3: 000000005d8bc000 CR4: 00000000000006f0 [ 142.968891] DR0: ffffffff87c50440 DR1: ffffffff87c50441 DR2: ffffffff87c50442 [ 142.969198] DR3: ffffffff87c50443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.969492] Call Trace: [ 142.969803] <TASK> [ 142.969937] drm_test_rect_calc_hscale+0x108/0x270 [ 142.970195] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 142.970428] ? __schedule+0x10cc/0x2b60 [ 142.970624] ? __pfx_read_tsc+0x10/0x10 [ 142.970862] ? ktime_get_ts64+0x86/0x230 [ 142.971123] kunit_try_run_case+0x1a5/0x480 [ 142.971341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.971511] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.971998] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.972263] ? __kthread_parkme+0x82/0x180 [ 142.972506] ? preempt_count_sub+0x50/0x80 [ 142.972738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.973026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.973486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.973772] kthread+0x337/0x6f0 [ 142.974082] ? trace_preempt_on+0x20/0xc0 [ 142.974376] ? __pfx_kthread+0x10/0x10 [ 142.974571] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.974741] ? calculate_sigpending+0x7b/0xa0 [ 142.975127] ? __pfx_kthread+0x10/0x10 [ 142.975298] ret_from_fork+0x116/0x1d0 [ 142.975447] ? __pfx_kthread+0x10/0x10 [ 142.975659] ret_from_fork_asm+0x1a/0x30 [ 142.975959] </TASK> [ 142.976321] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 142.305506] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 142.305713] WARNING: CPU: 1 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 142.307149] Modules linked in: [ 142.307536] CPU: 1 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 142.308175] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.308533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.309157] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 142.309530] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 9d 24 80 00 48 c7 c1 40 76 be 85 4c 89 f2 48 c7 c7 00 73 be 85 48 89 c6 e8 b4 c7 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 142.310462] RSP: 0000:ffff8881022b7d18 EFLAGS: 00010286 [ 142.310913] RAX: 0000000000000000 RBX: ffff888103b23800 RCX: 1ffffffff0d24c80 [ 142.311324] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 142.311794] RBP: ffff8881022b7d48 R08: 0000000000000000 R09: fffffbfff0d24c80 [ 142.312213] R10: 0000000000000003 R11: 0000000000039118 R12: ffff888101db2800 [ 142.312622] R13: ffff888103b238f8 R14: ffff888104691100 R15: ffff88810039fb40 [ 142.313194] FS: 0000000000000000(0000) GS:ffff8881d3574000(0000) knlGS:0000000000000000 [ 142.313716] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.314069] CR2: 00007ffff7ffe000 CR3: 000000005d8bc000 CR4: 00000000000006f0 [ 142.314346] DR0: ffffffff87c50440 DR1: ffffffff87c50441 DR2: ffffffff87c50443 [ 142.314843] DR3: ffffffff87c50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.315217] Call Trace: [ 142.315341] <TASK> [ 142.315804] ? trace_preempt_on+0x20/0xc0 [ 142.316066] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 142.316411] drm_gem_shmem_free_wrapper+0x12/0x20 [ 142.316830] __kunit_action_free+0x57/0x70 [ 142.317131] kunit_remove_resource+0x133/0x200 [ 142.317442] ? preempt_count_sub+0x50/0x80 [ 142.317870] kunit_cleanup+0x7a/0x120 [ 142.318049] kunit_try_run_case_cleanup+0xbd/0xf0 [ 142.318366] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 142.318807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.319163] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.319431] kthread+0x337/0x6f0 [ 142.319824] ? trace_preempt_on+0x20/0xc0 [ 142.320133] ? __pfx_kthread+0x10/0x10 [ 142.320312] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.320531] ? calculate_sigpending+0x7b/0xa0 [ 142.321016] ? __pfx_kthread+0x10/0x10 [ 142.321303] ret_from_fork+0x116/0x1d0 [ 142.321501] ? __pfx_kthread+0x10/0x10 [ 142.321727] ret_from_fork_asm+0x1a/0x30 [ 142.322321] </TASK> [ 142.322556] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 142.166665] WARNING: CPU: 1 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 142.167332] Modules linked in: [ 142.167588] CPU: 1 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 142.168818] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.169070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.169556] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 142.170174] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 142.171190] RSP: 0000:ffff8881023c7b30 EFLAGS: 00010246 [ 142.171447] RAX: dffffc0000000000 RBX: ffff8881023c7c28 RCX: 0000000000000000 [ 142.171973] RDX: 1ffff11020478f8e RSI: ffff8881023c7c28 RDI: ffff8881023c7c70 [ 142.172381] RBP: ffff8881023c7b70 R08: ffff888101dcc000 R09: ffffffff85bd7980 [ 142.172867] R10: 0000000000000003 R11: 000000004ac7f0c3 R12: ffff888101dcc000 [ 142.173310] R13: ffff88810039fae8 R14: ffff8881023c7ba8 R15: 0000000000000000 [ 142.173890] FS: 0000000000000000(0000) GS:ffff8881d3574000(0000) knlGS:0000000000000000 [ 142.174243] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.174478] CR2: 00007ffff7ffe000 CR3: 000000005d8bc000 CR4: 00000000000006f0 [ 142.175148] DR0: ffffffff87c50440 DR1: ffffffff87c50441 DR2: ffffffff87c50443 [ 142.175444] DR3: ffffffff87c50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.175786] Call Trace: [ 142.176271] <TASK> [ 142.176395] ? add_dr+0xc1/0x1d0 [ 142.176790] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 142.177183] ? add_dr+0x148/0x1d0 [ 142.177453] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 142.178020] ? __drmm_add_action+0x1a4/0x280 [ 142.178243] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 142.178487] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 142.179042] ? __drmm_add_action_or_reset+0x22/0x50 [ 142.179271] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 142.179501] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 142.180040] kunit_try_run_case+0x1a5/0x480 [ 142.180251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.180456] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.181143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.181383] ? __kthread_parkme+0x82/0x180 [ 142.181697] ? preempt_count_sub+0x50/0x80 [ 142.182071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.182397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.183054] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.183300] kthread+0x337/0x6f0 [ 142.183455] ? trace_preempt_on+0x20/0xc0 [ 142.183872] ? __pfx_kthread+0x10/0x10 [ 142.184184] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.184491] ? calculate_sigpending+0x7b/0xa0 [ 142.185052] ? __pfx_kthread+0x10/0x10 [ 142.185255] ret_from_fork+0x116/0x1d0 [ 142.185434] ? __pfx_kthread+0x10/0x10 [ 142.185909] ret_from_fork_asm+0x1a/0x30 [ 142.186141] </TASK> [ 142.186241] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 142.129431] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 142.129562] WARNING: CPU: 1 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 142.132150] Modules linked in: [ 142.132572] CPU: 1 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 142.133148] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.133337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.133610] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 142.134031] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 cb 3e 87 00 48 c7 c1 40 29 bd 85 4c 89 fa 48 c7 c7 a0 29 bd 85 48 89 c6 e8 e2 e1 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 142.134849] RSP: 0000:ffff8881028afb68 EFLAGS: 00010282 [ 142.135119] RAX: 0000000000000000 RBX: ffff8881028afc40 RCX: 1ffffffff0d24c80 [ 142.135524] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 142.136219] RBP: ffff8881028afb90 R08: 0000000000000000 R09: fffffbfff0d24c80 [ 142.136509] R10: 0000000000000003 R11: 00000000000377d8 R12: ffff8881028afc18 [ 142.136991] R13: ffff888102832800 R14: ffff888101dc8000 R15: ffff8881051e3900 [ 142.137450] FS: 0000000000000000(0000) GS:ffff8881d3574000(0000) knlGS:0000000000000000 [ 142.138104] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.138351] CR2: 00007ffff7ffe000 CR3: 000000005d8bc000 CR4: 00000000000006f0 [ 142.138690] DR0: ffffffff87c50440 DR1: ffffffff87c50441 DR2: ffffffff87c50443 [ 142.139247] DR3: ffffffff87c50445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.139564] Call Trace: [ 142.139974] <TASK> [ 142.140104] drm_test_framebuffer_free+0x1ab/0x610 [ 142.140539] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 142.141045] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 142.141314] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 142.141788] ? __drmm_add_action_or_reset+0x22/0x50 [ 142.142207] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 142.142561] kunit_try_run_case+0x1a5/0x480 [ 142.142972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.143296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.143543] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.144189] ? __kthread_parkme+0x82/0x180 [ 142.144364] ? preempt_count_sub+0x50/0x80 [ 142.144576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.145288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.145525] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.145841] kthread+0x337/0x6f0 [ 142.146038] ? trace_preempt_on+0x20/0xc0 [ 142.146200] ? __pfx_kthread+0x10/0x10 [ 142.146395] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.146594] ? calculate_sigpending+0x7b/0xa0 [ 142.146834] ? __pfx_kthread+0x10/0x10 [ 142.147066] ret_from_fork+0x116/0x1d0 [ 142.147204] ? __pfx_kthread+0x10/0x10 [ 142.147683] ret_from_fork_asm+0x1a/0x30 [ 142.147915] </TASK> [ 142.148029] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 140.799621] WARNING: CPU: 0 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 140.800189] Modules linked in: [ 140.800365] CPU: 0 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 140.801880] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.802465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.803663] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 140.804605] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 140.805571] RSP: 0000:ffff88810a3d7c90 EFLAGS: 00010246 [ 140.805763] RAX: dffffc0000000000 RBX: ffff88810a838000 RCX: 0000000000000000 [ 140.805998] RDX: 1ffff11021507032 RSI: ffffffff82e05658 RDI: ffff88810a838190 [ 140.806310] RBP: ffff88810a3d7ca0 R08: 1ffff11020073f69 R09: ffffed102147af65 [ 140.806816] R10: 0000000000000003 R11: ffffffff82386fb8 R12: 0000000000000000 [ 140.807236] R13: ffff88810a3d7d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 140.807956] FS: 0000000000000000(0000) GS:ffff8881d3474000(0000) knlGS:0000000000000000 [ 140.808205] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.808382] CR2: 00007ffff7ffe000 CR3: 000000005d8bc000 CR4: 00000000000006f0 [ 140.808738] DR0: ffffffff87c50440 DR1: ffffffff87c50441 DR2: ffffffff87c50442 [ 140.809782] DR3: ffffffff87c50443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.810473] Call Trace: [ 140.810807] <TASK> [ 140.811052] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 140.811827] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 140.812430] ? __schedule+0x10cc/0x2b60 [ 140.812686] ? __pfx_read_tsc+0x10/0x10 [ 140.813124] ? ktime_get_ts64+0x86/0x230 [ 140.813492] kunit_try_run_case+0x1a5/0x480 [ 140.813891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.814124] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.814294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.814466] ? __kthread_parkme+0x82/0x180 [ 140.814809] ? preempt_count_sub+0x50/0x80 [ 140.815245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.815849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.816415] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.817181] kthread+0x337/0x6f0 [ 140.817592] ? trace_preempt_on+0x20/0xc0 [ 140.818069] ? __pfx_kthread+0x10/0x10 [ 140.818334] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.818489] ? calculate_sigpending+0x7b/0xa0 [ 140.818913] ? __pfx_kthread+0x10/0x10 [ 140.819293] ret_from_fork+0x116/0x1d0 [ 140.819739] ? __pfx_kthread+0x10/0x10 [ 140.820091] ret_from_fork_asm+0x1a/0x30 [ 140.820246] </TASK> [ 140.820338] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.884501] WARNING: CPU: 0 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 140.884857] Modules linked in: [ 140.885218] CPU: 0 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 140.887072] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.887961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.888827] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 140.889053] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 140.889589] RSP: 0000:ffff88810a367c90 EFLAGS: 00010246 [ 140.890418] RAX: dffffc0000000000 RBX: ffff88810a2be000 RCX: 0000000000000000 [ 140.891316] RDX: 1ffff11021457c32 RSI: ffffffff82e05658 RDI: ffff88810a2be190 [ 140.892163] RBP: ffff88810a367ca0 R08: 1ffff11020073f69 R09: ffffed102146cf65 [ 140.892986] R10: 0000000000000003 R11: ffffffff818049da R12: 0000000000000000 [ 140.893798] R13: ffff88810a367d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 140.894365] FS: 0000000000000000(0000) GS:ffff8881d3474000(0000) knlGS:0000000000000000 [ 140.894790] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.895310] CR2: 00007ffff7ffe000 CR3: 000000005d8bc000 CR4: 00000000000006f0 [ 140.895822] DR0: ffffffff87c50440 DR1: ffffffff87c50441 DR2: ffffffff87c50442 [ 140.896052] DR3: ffffffff87c50443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.896271] Call Trace: [ 140.896374] <TASK> [ 140.896476] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 140.897133] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 140.897842] ? __schedule+0x10cc/0x2b60 [ 140.898243] ? __pfx_read_tsc+0x10/0x10 [ 140.898702] ? ktime_get_ts64+0x86/0x230 [ 140.899141] kunit_try_run_case+0x1a5/0x480 [ 140.899741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.900193] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.900611] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.901107] ? __kthread_parkme+0x82/0x180 [ 140.901398] ? preempt_count_sub+0x50/0x80 [ 140.901553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.901779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.902269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.902981] kthread+0x337/0x6f0 [ 140.903305] ? trace_preempt_on+0x20/0xc0 [ 140.903696] ? __pfx_kthread+0x10/0x10 [ 140.904036] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.904472] ? calculate_sigpending+0x7b/0xa0 [ 140.904652] ? __pfx_kthread+0x10/0x10 [ 140.905049] ret_from_fork+0x116/0x1d0 [ 140.905276] ? __pfx_kthread+0x10/0x10 [ 140.905413] ret_from_fork_asm+0x1a/0x30 [ 140.905563] </TASK> [ 140.905697] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 110.438487] WARNING: CPU: 0 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 110.438757] Modules linked in: [ 110.438913] CPU: 0 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 110.439244] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 110.439417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.439667] RIP: 0010:intlog10+0x2a/0x40 [ 110.439809] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 110.442793] RSP: 0000:ffff88810863fcb0 EFLAGS: 00010246 [ 110.443372] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110210c7fb4 [ 110.444484] RDX: 1ffffffff0b52bc4 RSI: 1ffff110210c7fb3 RDI: 0000000000000000 [ 110.445443] RBP: ffff88810863fd60 R08: 0000000000000000 R09: ffffed1020a49a40 [ 110.446408] R10: ffff88810524d207 R11: 0000000000000000 R12: 1ffff110210c7f97 [ 110.447305] R13: ffffffff85a95e20 R14: 0000000000000000 R15: ffff88810863fd38 [ 110.448301] FS: 0000000000000000(0000) GS:ffff8881d3474000(0000) knlGS:0000000000000000 [ 110.449406] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.450359] CR2: dffffc0000000000 CR3: 000000005d8bc000 CR4: 00000000000006f0 [ 110.451285] DR0: ffffffff87c50440 DR1: ffffffff87c50441 DR2: ffffffff87c50442 [ 110.451762] DR3: ffffffff87c50443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 110.452473] Call Trace: [ 110.452606] <TASK> [ 110.453059] ? intlog10_test+0xf2/0x220 [ 110.453550] ? __pfx_intlog10_test+0x10/0x10 [ 110.454113] ? __schedule+0x10cc/0x2b60 [ 110.454732] ? __pfx_read_tsc+0x10/0x10 [ 110.455228] ? ktime_get_ts64+0x86/0x230 [ 110.455399] kunit_try_run_case+0x1a5/0x480 [ 110.455555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.455723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 110.455883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 110.456266] ? __kthread_parkme+0x82/0x180 [ 110.456787] ? preempt_count_sub+0x50/0x80 [ 110.457201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.457723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 110.457995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 110.458190] kthread+0x337/0x6f0 [ 110.458316] ? trace_preempt_on+0x20/0xc0 [ 110.458463] ? __pfx_kthread+0x10/0x10 [ 110.458747] ? _raw_spin_unlock_irq+0x47/0x80 [ 110.459149] ? calculate_sigpending+0x7b/0xa0 [ 110.459538] ? __pfx_kthread+0x10/0x10 [ 110.460182] ret_from_fork+0x116/0x1d0 [ 110.460533] ? __pfx_kthread+0x10/0x10 [ 110.460981] ret_from_fork_asm+0x1a/0x30 [ 110.461384] </TASK> [ 110.461714] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 110.396919] WARNING: CPU: 0 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 110.397715] Modules linked in: [ 110.398005] CPU: 0 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 110.398563] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 110.399248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.400108] RIP: 0010:intlog2+0xdf/0x110 [ 110.400273] Code: a9 85 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 12 9c 86 02 90 <0f> 0b 90 31 c0 e9 07 9c 86 02 89 45 e4 e8 0f 00 56 ff 8b 45 e4 eb [ 110.401468] RSP: 0000:ffff88810837fcb0 EFLAGS: 00010246 [ 110.402099] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102106ffb4 [ 110.402840] RDX: 1ffffffff0b52c18 RSI: 1ffff1102106ffb3 RDI: 0000000000000000 [ 110.403740] RBP: ffff88810837fd60 R08: 0000000000000000 R09: ffffed1020e69d20 [ 110.404478] R10: ffff88810734e907 R11: 0000000000000000 R12: 1ffff1102106ff97 [ 110.404703] R13: ffffffff85a960c0 R14: 0000000000000000 R15: ffff88810837fd38 [ 110.404916] FS: 0000000000000000(0000) GS:ffff8881d3474000(0000) knlGS:0000000000000000 [ 110.405913] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.406173] CR2: dffffc0000000000 CR3: 000000005d8bc000 CR4: 00000000000006f0 [ 110.406389] DR0: ffffffff87c50440 DR1: ffffffff87c50441 DR2: ffffffff87c50442 [ 110.406952] DR3: ffffffff87c50443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 110.407807] Call Trace: [ 110.408173] <TASK> [ 110.408398] ? intlog2_test+0xf2/0x220 [ 110.409058] ? __pfx_intlog2_test+0x10/0x10 [ 110.409541] ? __schedule+0x10cc/0x2b60 [ 110.410150] ? __pfx_read_tsc+0x10/0x10 [ 110.410401] ? ktime_get_ts64+0x86/0x230 [ 110.410552] kunit_try_run_case+0x1a5/0x480 [ 110.411083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.411566] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 110.412145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 110.412398] ? __kthread_parkme+0x82/0x180 [ 110.412548] ? preempt_count_sub+0x50/0x80 [ 110.413048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.413499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 110.414132] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 110.414552] kthread+0x337/0x6f0 [ 110.415030] ? trace_preempt_on+0x20/0xc0 [ 110.415344] ? __pfx_kthread+0x10/0x10 [ 110.415492] ? _raw_spin_unlock_irq+0x47/0x80 [ 110.415862] ? calculate_sigpending+0x7b/0xa0 [ 110.416371] ? __pfx_kthread+0x10/0x10 [ 110.416870] ret_from_fork+0x116/0x1d0 [ 110.417247] ? __pfx_kthread+0x10/0x10 [ 110.417567] ret_from_fork_asm+0x1a/0x30 [ 110.417946] </TASK> [ 110.418106] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 109.856395] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI