Date
July 9, 2025, 12:11 a.m.
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.731017] ================================================================== [ 48.731966] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 48.731966] [ 48.732749] Use-after-free read at 0x(____ptrval____) (in kfence-#132): [ 48.732974] test_krealloc+0x6fc/0xbe0 [ 48.733342] kunit_try_run_case+0x1a5/0x480 [ 48.733725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.734176] kthread+0x337/0x6f0 [ 48.734302] ret_from_fork+0x116/0x1d0 [ 48.734435] ret_from_fork_asm+0x1a/0x30 [ 48.734596] [ 48.734671] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 48.734671] [ 48.734963] allocated by task 354 on cpu 0 at 48.730358s (0.004603s ago): [ 48.735203] test_alloc+0x364/0x10f0 [ 48.735400] test_krealloc+0xad/0xbe0 [ 48.735572] kunit_try_run_case+0x1a5/0x480 [ 48.735753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.735970] kthread+0x337/0x6f0 [ 48.736161] ret_from_fork+0x116/0x1d0 [ 48.736318] ret_from_fork_asm+0x1a/0x30 [ 48.736517] [ 48.736609] freed by task 354 on cpu 0 at 48.730628s (0.005979s ago): [ 48.736928] krealloc_noprof+0x108/0x340 [ 48.737111] test_krealloc+0x226/0xbe0 [ 48.737246] kunit_try_run_case+0x1a5/0x480 [ 48.737392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.737646] kthread+0x337/0x6f0 [ 48.737882] ret_from_fork+0x116/0x1d0 [ 48.738055] ret_from_fork_asm+0x1a/0x30 [ 48.738246] [ 48.738377] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 48.738792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.738930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.739336] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.648884] ================================================================== [ 48.649323] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.649323] [ 48.649749] Use-after-free read at 0x(____ptrval____) (in kfence-#131): [ 48.650228] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.650457] kunit_try_run_case+0x1a5/0x480 [ 48.650633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.650817] kthread+0x337/0x6f0 [ 48.650942] ret_from_fork+0x116/0x1d0 [ 48.651090] ret_from_fork_asm+0x1a/0x30 [ 48.651235] [ 48.651308] kfence-#131: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 48.651308] [ 48.652080] allocated by task 352 on cpu 0 at 48.626225s (0.025853s ago): [ 48.652745] test_alloc+0x2a6/0x10f0 [ 48.653090] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 48.653302] kunit_try_run_case+0x1a5/0x480 [ 48.653451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.653863] kthread+0x337/0x6f0 [ 48.654169] ret_from_fork+0x116/0x1d0 [ 48.654487] ret_from_fork_asm+0x1a/0x30 [ 48.654907] [ 48.655011] freed by task 352 on cpu 0 at 48.626333s (0.028676s ago): [ 48.655302] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 48.655761] kunit_try_run_case+0x1a5/0x480 [ 48.656068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.656272] kthread+0x337/0x6f0 [ 48.656438] ret_from_fork+0x116/0x1d0 [ 48.656604] ret_from_fork_asm+0x1a/0x30 [ 48.656780] [ 48.656904] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 48.657674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.657877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.658451] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.890582] ================================================================== [ 23.891193] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.891193] [ 23.891589] Invalid read at 0x(____ptrval____): [ 23.891822] test_invalid_access+0xf0/0x210 [ 23.892188] kunit_try_run_case+0x1a5/0x480 [ 23.892555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.892738] kthread+0x337/0x6f0 [ 23.893389] ret_from_fork+0x116/0x1d0 [ 23.893724] ret_from_fork_asm+0x1a/0x30 [ 23.893936] [ 23.894295] CPU: 1 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 23.894867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.895252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.895851] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 23.666534] ================================================================== [ 23.666946] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.666946] [ 23.667755] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#126): [ 23.668406] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.668605] kunit_try_run_case+0x1a5/0x480 [ 23.668824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.669100] kthread+0x337/0x6f0 [ 23.669256] ret_from_fork+0x116/0x1d0 [ 23.669427] ret_from_fork_asm+0x1a/0x30 [ 23.669581] [ 23.669677] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.669677] [ 23.670082] allocated by task 342 on cpu 1 at 23.666278s (0.003802s ago): [ 23.670313] test_alloc+0x364/0x10f0 [ 23.670498] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 23.670830] kunit_try_run_case+0x1a5/0x480 [ 23.670988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.671240] kthread+0x337/0x6f0 [ 23.671433] ret_from_fork+0x116/0x1d0 [ 23.671630] ret_from_fork_asm+0x1a/0x30 [ 23.671786] [ 23.671882] freed by task 342 on cpu 1 at 23.666413s (0.005467s ago): [ 23.672154] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.672398] kunit_try_run_case+0x1a5/0x480 [ 23.672574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.672747] kthread+0x337/0x6f0 [ 23.672879] ret_from_fork+0x116/0x1d0 [ 23.673077] ret_from_fork_asm+0x1a/0x30 [ 23.673283] [ 23.673415] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 23.673845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.673994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.674370] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.250518] ================================================================== [ 23.251055] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.251055] [ 23.251534] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#122): [ 23.251864] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.252097] kunit_try_run_case+0x1a5/0x480 [ 23.252270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.252542] kthread+0x337/0x6f0 [ 23.252721] ret_from_fork+0x116/0x1d0 [ 23.252915] ret_from_fork_asm+0x1a/0x30 [ 23.253120] [ 23.253218] kfence-#122: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.253218] [ 23.253578] allocated by task 340 on cpu 0 at 23.250307s (0.003270s ago): [ 23.253889] test_alloc+0x364/0x10f0 [ 23.254062] test_kmalloc_aligned_oob_read+0x105/0x560 [ 23.254235] kunit_try_run_case+0x1a5/0x480 [ 23.254412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.254675] kthread+0x337/0x6f0 [ 23.254851] ret_from_fork+0x116/0x1d0 [ 23.255052] ret_from_fork_asm+0x1a/0x30 [ 23.255222] [ 23.255327] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 23.255757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.255894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.256273] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 18.674589] ================================================================== [ 18.675039] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.675039] [ 18.675375] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#78): [ 18.676179] test_corruption+0x2d2/0x3e0 [ 18.676406] kunit_try_run_case+0x1a5/0x480 [ 18.676623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.676865] kthread+0x337/0x6f0 [ 18.677084] ret_from_fork+0x116/0x1d0 [ 18.677281] ret_from_fork_asm+0x1a/0x30 [ 18.677499] [ 18.677573] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.677573] [ 18.678146] allocated by task 328 on cpu 0 at 18.674328s (0.003815s ago): [ 18.678480] test_alloc+0x364/0x10f0 [ 18.678667] test_corruption+0xe6/0x3e0 [ 18.678888] kunit_try_run_case+0x1a5/0x480 [ 18.679135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.679328] kthread+0x337/0x6f0 [ 18.679519] ret_from_fork+0x116/0x1d0 [ 18.679726] ret_from_fork_asm+0x1a/0x30 [ 18.679876] [ 18.679957] freed by task 328 on cpu 0 at 18.674433s (0.005523s ago): [ 18.680204] test_corruption+0x2d2/0x3e0 [ 18.680469] kunit_try_run_case+0x1a5/0x480 [ 18.680654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.680826] kthread+0x337/0x6f0 [ 18.680968] ret_from_fork+0x116/0x1d0 [ 18.681160] ret_from_fork_asm+0x1a/0x30 [ 18.681442] [ 18.681597] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.682130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.682347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.682718] ================================================================== [ 18.882423] ================================================================== [ 18.882861] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 18.882861] [ 18.883221] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#80): [ 18.884153] test_corruption+0x131/0x3e0 [ 18.884569] kunit_try_run_case+0x1a5/0x480 [ 18.884847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.885192] kthread+0x337/0x6f0 [ 18.885382] ret_from_fork+0x116/0x1d0 [ 18.885547] ret_from_fork_asm+0x1a/0x30 [ 18.885737] [ 18.885822] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.885822] [ 18.886203] allocated by task 330 on cpu 1 at 18.882294s (0.003907s ago): [ 18.886496] test_alloc+0x2a6/0x10f0 [ 18.886655] test_corruption+0xe6/0x3e0 [ 18.886846] kunit_try_run_case+0x1a5/0x480 [ 18.887564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.887779] kthread+0x337/0x6f0 [ 18.888153] ret_from_fork+0x116/0x1d0 [ 18.888429] ret_from_fork_asm+0x1a/0x30 [ 18.888613] [ 18.888840] freed by task 330 on cpu 1 at 18.882347s (0.006491s ago): [ 18.889191] test_corruption+0x131/0x3e0 [ 18.889451] kunit_try_run_case+0x1a5/0x480 [ 18.889731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.890053] kthread+0x337/0x6f0 [ 18.890295] ret_from_fork+0x116/0x1d0 [ 18.890558] ret_from_fork_asm+0x1a/0x30 [ 18.890721] [ 18.890911] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.891530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.891800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.892243] ================================================================== [ 18.778469] ================================================================== [ 18.778865] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 18.778865] [ 18.779332] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#79): [ 18.779774] test_corruption+0x2df/0x3e0 [ 18.780000] kunit_try_run_case+0x1a5/0x480 [ 18.780200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.780374] kthread+0x337/0x6f0 [ 18.780566] ret_from_fork+0x116/0x1d0 [ 18.780822] ret_from_fork_asm+0x1a/0x30 [ 18.781047] [ 18.781146] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.781146] [ 18.781595] allocated by task 328 on cpu 0 at 18.778214s (0.003379s ago): [ 18.781917] test_alloc+0x364/0x10f0 [ 18.782056] test_corruption+0x1cb/0x3e0 [ 18.782245] kunit_try_run_case+0x1a5/0x480 [ 18.782563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.782799] kthread+0x337/0x6f0 [ 18.782983] ret_from_fork+0x116/0x1d0 [ 18.783188] ret_from_fork_asm+0x1a/0x30 [ 18.783418] [ 18.783502] freed by task 328 on cpu 0 at 18.778310s (0.005190s ago): [ 18.783811] test_corruption+0x2df/0x3e0 [ 18.783970] kunit_try_run_case+0x1a5/0x480 [ 18.784112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.784411] kthread+0x337/0x6f0 [ 18.784687] ret_from_fork+0x116/0x1d0 [ 18.784994] ret_from_fork_asm+0x1a/0x30 [ 18.785132] [ 18.785224] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.785832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.786080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.786631] ================================================================== [ 18.986464] ================================================================== [ 18.986846] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 18.986846] [ 18.987210] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#81): [ 18.987592] test_corruption+0x216/0x3e0 [ 18.987774] kunit_try_run_case+0x1a5/0x480 [ 18.988006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.988215] kthread+0x337/0x6f0 [ 18.988339] ret_from_fork+0x116/0x1d0 [ 18.988532] ret_from_fork_asm+0x1a/0x30 [ 18.988825] [ 18.988899] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.988899] [ 18.989255] allocated by task 330 on cpu 1 at 18.986332s (0.002921s ago): [ 18.989595] test_alloc+0x2a6/0x10f0 [ 18.989772] test_corruption+0x1cb/0x3e0 [ 18.989960] kunit_try_run_case+0x1a5/0x480 [ 18.990136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.990395] kthread+0x337/0x6f0 [ 18.990570] ret_from_fork+0x116/0x1d0 [ 18.990747] ret_from_fork_asm+0x1a/0x30 [ 18.990887] [ 18.990967] freed by task 330 on cpu 1 at 18.986393s (0.004572s ago): [ 18.991243] test_corruption+0x216/0x3e0 [ 18.991435] kunit_try_run_case+0x1a5/0x480 [ 18.991627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.991802] kthread+0x337/0x6f0 [ 18.991922] ret_from_fork+0x116/0x1d0 [ 18.992574] ret_from_fork_asm+0x1a/0x30 [ 18.992786] [ 18.992910] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.993905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.994139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.994720] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.570411] ================================================================== [ 18.570859] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.570859] [ 18.571249] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 18.571599] test_invalid_addr_free+0xfb/0x260 [ 18.571840] kunit_try_run_case+0x1a5/0x480 [ 18.572042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.572868] kthread+0x337/0x6f0 [ 18.573061] ret_from_fork+0x116/0x1d0 [ 18.573204] ret_from_fork_asm+0x1a/0x30 [ 18.573597] [ 18.573688] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.573688] [ 18.574218] allocated by task 326 on cpu 1 at 18.570302s (0.003913s ago): [ 18.574769] test_alloc+0x2a6/0x10f0 [ 18.575048] test_invalid_addr_free+0xdb/0x260 [ 18.575229] kunit_try_run_case+0x1a5/0x480 [ 18.575625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.575834] kthread+0x337/0x6f0 [ 18.576022] ret_from_fork+0x116/0x1d0 [ 18.576188] ret_from_fork_asm+0x1a/0x30 [ 18.576400] [ 18.576801] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.577376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.577569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.578093] ================================================================== [ 18.466442] ================================================================== [ 18.466843] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.466843] [ 18.467214] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 18.468200] test_invalid_addr_free+0x1e1/0x260 [ 18.468441] kunit_try_run_case+0x1a5/0x480 [ 18.468641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.468821] kthread+0x337/0x6f0 [ 18.469010] ret_from_fork+0x116/0x1d0 [ 18.469224] ret_from_fork_asm+0x1a/0x30 [ 18.469503] [ 18.469576] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.469576] [ 18.470007] allocated by task 324 on cpu 0 at 18.466316s (0.003689s ago): [ 18.470226] test_alloc+0x364/0x10f0 [ 18.470458] test_invalid_addr_free+0xdb/0x260 [ 18.470694] kunit_try_run_case+0x1a5/0x480 [ 18.470868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.471051] kthread+0x337/0x6f0 [ 18.471180] ret_from_fork+0x116/0x1d0 [ 18.471384] ret_from_fork_asm+0x1a/0x30 [ 18.471647] [ 18.471790] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.472240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.472508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.472894] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.362541] ================================================================== [ 18.362985] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.362985] [ 18.363334] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 18.363598] test_double_free+0x112/0x260 [ 18.363754] kunit_try_run_case+0x1a5/0x480 [ 18.363986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.364219] kthread+0x337/0x6f0 [ 18.364856] ret_from_fork+0x116/0x1d0 [ 18.365035] ret_from_fork_asm+0x1a/0x30 [ 18.365578] [ 18.365660] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.365660] [ 18.366243] allocated by task 322 on cpu 1 at 18.362293s (0.003947s ago): [ 18.366678] test_alloc+0x2a6/0x10f0 [ 18.366987] test_double_free+0xdb/0x260 [ 18.367287] kunit_try_run_case+0x1a5/0x480 [ 18.367578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.367899] kthread+0x337/0x6f0 [ 18.368172] ret_from_fork+0x116/0x1d0 [ 18.368381] ret_from_fork_asm+0x1a/0x30 [ 18.368662] [ 18.368742] freed by task 322 on cpu 1 at 18.362345s (0.006395s ago): [ 18.369012] test_double_free+0xfa/0x260 [ 18.369211] kunit_try_run_case+0x1a5/0x480 [ 18.369373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.369661] kthread+0x337/0x6f0 [ 18.369830] ret_from_fork+0x116/0x1d0 [ 18.370025] ret_from_fork_asm+0x1a/0x30 [ 18.370168] [ 18.370267] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.370732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.370938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.371381] ================================================================== [ 18.258596] ================================================================== [ 18.259068] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.259068] [ 18.260004] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 18.260619] test_double_free+0x1d3/0x260 [ 18.260846] kunit_try_run_case+0x1a5/0x480 [ 18.261251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.261622] kthread+0x337/0x6f0 [ 18.261786] ret_from_fork+0x116/0x1d0 [ 18.261994] ret_from_fork_asm+0x1a/0x30 [ 18.262209] [ 18.262304] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.262304] [ 18.263110] allocated by task 320 on cpu 0 at 18.258318s (0.004789s ago): [ 18.263579] test_alloc+0x364/0x10f0 [ 18.263844] test_double_free+0xdb/0x260 [ 18.264056] kunit_try_run_case+0x1a5/0x480 [ 18.264421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.264802] kthread+0x337/0x6f0 [ 18.265007] ret_from_fork+0x116/0x1d0 [ 18.265306] ret_from_fork_asm+0x1a/0x30 [ 18.265616] [ 18.265712] freed by task 320 on cpu 0 at 18.258385s (0.007325s ago): [ 18.266039] test_double_free+0x1e0/0x260 [ 18.266441] kunit_try_run_case+0x1a5/0x480 [ 18.266751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.267010] kthread+0x337/0x6f0 [ 18.267363] ret_from_fork+0x116/0x1d0 [ 18.267648] ret_from_fork_asm+0x1a/0x30 [ 18.267854] [ 18.268131] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.268675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.268999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.269499] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.946423] ================================================================== [ 17.946832] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.946832] [ 17.947338] Use-after-free read at 0x(____ptrval____) (in kfence-#71): [ 17.947733] test_use_after_free_read+0x129/0x270 [ 17.948019] kunit_try_run_case+0x1a5/0x480 [ 17.948173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.948429] kthread+0x337/0x6f0 [ 17.948662] ret_from_fork+0x116/0x1d0 [ 17.948833] ret_from_fork_asm+0x1a/0x30 [ 17.949039] [ 17.949127] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.949127] [ 17.949541] allocated by task 314 on cpu 0 at 17.946259s (0.003280s ago): [ 17.949824] test_alloc+0x2a6/0x10f0 [ 17.949960] test_use_after_free_read+0xdc/0x270 [ 17.950190] kunit_try_run_case+0x1a5/0x480 [ 17.950445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.950689] kthread+0x337/0x6f0 [ 17.950856] ret_from_fork+0x116/0x1d0 [ 17.951055] ret_from_fork_asm+0x1a/0x30 [ 17.951255] [ 17.951348] freed by task 314 on cpu 0 at 17.946312s (0.005035s ago): [ 17.951632] test_use_after_free_read+0xfb/0x270 [ 17.951786] kunit_try_run_case+0x1a5/0x480 [ 17.952005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.952278] kthread+0x337/0x6f0 [ 17.952602] ret_from_fork+0x116/0x1d0 [ 17.952864] ret_from_fork_asm+0x1a/0x30 [ 17.953060] [ 17.953159] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.953910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.954151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.954457] ================================================================== [ 17.842540] ================================================================== [ 17.843003] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.843003] [ 17.843501] Use-after-free read at 0x(____ptrval____) (in kfence-#70): [ 17.843762] test_use_after_free_read+0x129/0x270 [ 17.844000] kunit_try_run_case+0x1a5/0x480 [ 17.844207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.844382] kthread+0x337/0x6f0 [ 17.844560] ret_from_fork+0x116/0x1d0 [ 17.845066] ret_from_fork_asm+0x1a/0x30 [ 17.845572] [ 17.845691] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.845691] [ 17.846134] allocated by task 312 on cpu 1 at 17.842329s (0.003803s ago): [ 17.846730] test_alloc+0x364/0x10f0 [ 17.846976] test_use_after_free_read+0xdc/0x270 [ 17.847372] kunit_try_run_case+0x1a5/0x480 [ 17.847592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.847836] kthread+0x337/0x6f0 [ 17.848006] ret_from_fork+0x116/0x1d0 [ 17.848182] ret_from_fork_asm+0x1a/0x30 [ 17.848680] [ 17.849045] freed by task 312 on cpu 1 at 17.842384s (0.006569s ago): [ 17.849394] test_use_after_free_read+0x1e7/0x270 [ 17.849604] kunit_try_run_case+0x1a5/0x480 [ 17.849781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.850026] kthread+0x337/0x6f0 [ 17.850195] ret_from_fork+0x116/0x1d0 [ 17.850337] ret_from_fork_asm+0x1a/0x30 [ 17.850558] [ 17.850674] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.851121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.851328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.851653] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.634474] ================================================================== [ 17.634887] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.634887] [ 17.635361] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#68): [ 17.635677] test_out_of_bounds_write+0x10d/0x260 [ 17.635840] kunit_try_run_case+0x1a5/0x480 [ 17.636077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.636332] kthread+0x337/0x6f0 [ 17.636545] ret_from_fork+0x116/0x1d0 [ 17.636759] ret_from_fork_asm+0x1a/0x30 [ 17.636916] [ 17.636999] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.636999] [ 17.637555] allocated by task 308 on cpu 1 at 17.634329s (0.003223s ago): [ 17.637891] test_alloc+0x364/0x10f0 [ 17.638121] test_out_of_bounds_write+0xd4/0x260 [ 17.638337] kunit_try_run_case+0x1a5/0x480 [ 17.638660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.638883] kthread+0x337/0x6f0 [ 17.639065] ret_from_fork+0x116/0x1d0 [ 17.639235] ret_from_fork_asm+0x1a/0x30 [ 17.639435] [ 17.639554] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.640082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.640216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.640604] ================================================================== [ 17.738347] ================================================================== [ 17.738749] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.738749] [ 17.739254] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#69): [ 17.739564] test_out_of_bounds_write+0x10d/0x260 [ 17.739796] kunit_try_run_case+0x1a5/0x480 [ 17.740004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.740249] kthread+0x337/0x6f0 [ 17.740980] ret_from_fork+0x116/0x1d0 [ 17.741176] ret_from_fork_asm+0x1a/0x30 [ 17.741372] [ 17.741463] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.741463] [ 17.741823] allocated by task 310 on cpu 0 at 17.738289s (0.003532s ago): [ 17.742109] test_alloc+0x2a6/0x10f0 [ 17.742274] test_out_of_bounds_write+0xd4/0x260 [ 17.742475] kunit_try_run_case+0x1a5/0x480 [ 17.742661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.742889] kthread+0x337/0x6f0 [ 17.743614] ret_from_fork+0x116/0x1d0 [ 17.743765] ret_from_fork_asm+0x1a/0x30 [ 17.743909] [ 17.744238] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.744924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.745085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.745517] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.322370] ================================================================== [ 17.322772] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.322772] [ 17.323292] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#65): [ 17.323996] test_out_of_bounds_read+0x126/0x4e0 [ 17.324216] kunit_try_run_case+0x1a5/0x480 [ 17.324782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.325036] kthread+0x337/0x6f0 [ 17.325232] ret_from_fork+0x116/0x1d0 [ 17.325616] ret_from_fork_asm+0x1a/0x30 [ 17.325830] [ 17.326126] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.326126] [ 17.326536] allocated by task 306 on cpu 0 at 17.322302s (0.004232s ago): [ 17.327089] test_alloc+0x2a6/0x10f0 [ 17.327260] test_out_of_bounds_read+0xed/0x4e0 [ 17.327691] kunit_try_run_case+0x1a5/0x480 [ 17.328009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.328266] kthread+0x337/0x6f0 [ 17.328590] ret_from_fork+0x116/0x1d0 [ 17.328852] ret_from_fork_asm+0x1a/0x30 [ 17.329073] [ 17.329350] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.329796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.329984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.330535] ================================================================== [ 17.218480] ================================================================== [ 17.218884] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.218884] [ 17.219444] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#64): [ 17.219795] test_out_of_bounds_read+0x216/0x4e0 [ 17.220016] kunit_try_run_case+0x1a5/0x480 [ 17.220195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.220412] kthread+0x337/0x6f0 [ 17.220598] ret_from_fork+0x116/0x1d0 [ 17.220773] ret_from_fork_asm+0x1a/0x30 [ 17.220962] [ 17.221036] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.221036] [ 17.221422] allocated by task 304 on cpu 1 at 17.218311s (0.003109s ago): [ 17.221695] test_alloc+0x364/0x10f0 [ 17.221826] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.222282] kunit_try_run_case+0x1a5/0x480 [ 17.222497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.222726] kthread+0x337/0x6f0 [ 17.222846] ret_from_fork+0x116/0x1d0 [ 17.223013] ret_from_fork_asm+0x1a/0x30 [ 17.223213] [ 17.223353] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.223777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.223916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.224387] ================================================================== [ 17.115470] ================================================================== [ 17.115954] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.115954] [ 17.116451] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#63): [ 17.116823] test_out_of_bounds_read+0x126/0x4e0 [ 17.117094] kunit_try_run_case+0x1a5/0x480 [ 17.117354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.117582] kthread+0x337/0x6f0 [ 17.117709] ret_from_fork+0x116/0x1d0 [ 17.117903] ret_from_fork_asm+0x1a/0x30 [ 17.118133] [ 17.118385] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.118385] [ 17.118850] allocated by task 304 on cpu 1 at 17.114415s (0.004374s ago): [ 17.119441] test_alloc+0x364/0x10f0 [ 17.119702] test_out_of_bounds_read+0xed/0x4e0 [ 17.119882] kunit_try_run_case+0x1a5/0x480 [ 17.120087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.120302] kthread+0x337/0x6f0 [ 17.120479] ret_from_fork+0x116/0x1d0 [ 17.120670] ret_from_fork_asm+0x1a/0x30 [ 17.120918] [ 17.121082] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.121709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.121848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.122373] ================================================================== [ 17.426366] ================================================================== [ 17.426758] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.426758] [ 17.427295] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#66): [ 17.427561] test_out_of_bounds_read+0x216/0x4e0 [ 17.428237] kunit_try_run_case+0x1a5/0x480 [ 17.428562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.428818] kthread+0x337/0x6f0 [ 17.428999] ret_from_fork+0x116/0x1d0 [ 17.429170] ret_from_fork_asm+0x1a/0x30 [ 17.429619] [ 17.429719] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.429719] [ 17.430149] allocated by task 306 on cpu 0 at 17.426311s (0.003836s ago): [ 17.430618] test_alloc+0x2a6/0x10f0 [ 17.430877] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.431102] kunit_try_run_case+0x1a5/0x480 [ 17.431456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.431764] kthread+0x337/0x6f0 [ 17.431901] ret_from_fork+0x116/0x1d0 [ 17.432107] ret_from_fork_asm+0x1a/0x30 [ 17.432274] [ 17.432624] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.433174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.433377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.433924] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.772612] ================================================================== [ 16.772928] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.773664] Write of size 1 at addr ffff888102ab9c78 by task kunit_try_catch/302 [ 16.774050] [ 16.774417] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.774573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.774589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.774612] Call Trace: [ 16.774633] <TASK> [ 16.774652] dump_stack_lvl+0x73/0xb0 [ 16.774685] print_report+0xd1/0x650 [ 16.774717] ? __virt_addr_valid+0x1db/0x2d0 [ 16.774742] ? strncpy_from_user+0x1a5/0x1d0 [ 16.774765] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.774791] ? strncpy_from_user+0x1a5/0x1d0 [ 16.774815] kasan_report+0x141/0x180 [ 16.774837] ? strncpy_from_user+0x1a5/0x1d0 [ 16.774866] __asan_report_store1_noabort+0x1b/0x30 [ 16.774892] strncpy_from_user+0x1a5/0x1d0 [ 16.774919] copy_user_test_oob+0x760/0x10f0 [ 16.774959] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.774984] ? finish_task_switch.isra.0+0x153/0x700 [ 16.775008] ? __switch_to+0x47/0xf50 [ 16.775034] ? __schedule+0x10cc/0x2b60 [ 16.775058] ? __pfx_read_tsc+0x10/0x10 [ 16.775081] ? ktime_get_ts64+0x86/0x230 [ 16.775106] kunit_try_run_case+0x1a5/0x480 [ 16.775131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.775155] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.775182] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.775207] ? __kthread_parkme+0x82/0x180 [ 16.775229] ? preempt_count_sub+0x50/0x80 [ 16.775254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.775291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.775317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.775343] kthread+0x337/0x6f0 [ 16.775363] ? trace_preempt_on+0x20/0xc0 [ 16.775388] ? __pfx_kthread+0x10/0x10 [ 16.775410] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.775433] ? calculate_sigpending+0x7b/0xa0 [ 16.775458] ? __pfx_kthread+0x10/0x10 [ 16.775481] ret_from_fork+0x116/0x1d0 [ 16.775499] ? __pfx_kthread+0x10/0x10 [ 16.775521] ret_from_fork_asm+0x1a/0x30 [ 16.775553] </TASK> [ 16.775565] [ 16.783781] Allocated by task 302: [ 16.784031] kasan_save_stack+0x45/0x70 [ 16.784273] kasan_save_track+0x18/0x40 [ 16.784455] kasan_save_alloc_info+0x3b/0x50 [ 16.784605] __kasan_kmalloc+0xb7/0xc0 [ 16.784734] __kmalloc_noprof+0x1c9/0x500 [ 16.784955] kunit_kmalloc_array+0x25/0x60 [ 16.785399] copy_user_test_oob+0xab/0x10f0 [ 16.785607] kunit_try_run_case+0x1a5/0x480 [ 16.785752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.785928] kthread+0x337/0x6f0 [ 16.786100] ret_from_fork+0x116/0x1d0 [ 16.786329] ret_from_fork_asm+0x1a/0x30 [ 16.786546] [ 16.786685] The buggy address belongs to the object at ffff888102ab9c00 [ 16.786685] which belongs to the cache kmalloc-128 of size 128 [ 16.787622] The buggy address is located 0 bytes to the right of [ 16.787622] allocated 120-byte region [ffff888102ab9c00, ffff888102ab9c78) [ 16.788068] [ 16.788143] The buggy address belongs to the physical page: [ 16.788527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab9 [ 16.788884] flags: 0x200000000000000(node=0|zone=2) [ 16.789132] page_type: f5(slab) [ 16.789345] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.789614] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.789993] page dumped because: kasan: bad access detected [ 16.790182] [ 16.790252] Memory state around the buggy address: [ 16.790755] ffff888102ab9b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.791155] ffff888102ab9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.791490] >ffff888102ab9c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.791703] ^ [ 16.791987] ffff888102ab9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.792363] ffff888102ab9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.792724] ================================================================== [ 16.745844] ================================================================== [ 16.746245] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.746813] Write of size 121 at addr ffff888102ab9c00 by task kunit_try_catch/302 [ 16.747416] [ 16.747569] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.747710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.747726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.747786] Call Trace: [ 16.747807] <TASK> [ 16.747902] dump_stack_lvl+0x73/0xb0 [ 16.747955] print_report+0xd1/0x650 [ 16.747982] ? __virt_addr_valid+0x1db/0x2d0 [ 16.748007] ? strncpy_from_user+0x2e/0x1d0 [ 16.748032] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.748057] ? strncpy_from_user+0x2e/0x1d0 [ 16.748081] kasan_report+0x141/0x180 [ 16.748104] ? strncpy_from_user+0x2e/0x1d0 [ 16.748132] kasan_check_range+0x10c/0x1c0 [ 16.748157] __kasan_check_write+0x18/0x20 [ 16.748178] strncpy_from_user+0x2e/0x1d0 [ 16.748201] ? __kasan_check_read+0x15/0x20 [ 16.748223] copy_user_test_oob+0x760/0x10f0 [ 16.748251] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.748284] ? finish_task_switch.isra.0+0x153/0x700 [ 16.748309] ? __switch_to+0x47/0xf50 [ 16.748335] ? __schedule+0x10cc/0x2b60 [ 16.748359] ? __pfx_read_tsc+0x10/0x10 [ 16.748381] ? ktime_get_ts64+0x86/0x230 [ 16.748406] kunit_try_run_case+0x1a5/0x480 [ 16.748432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.748457] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.748483] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.748509] ? __kthread_parkme+0x82/0x180 [ 16.748532] ? preempt_count_sub+0x50/0x80 [ 16.748556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.748582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.748608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.748635] kthread+0x337/0x6f0 [ 16.748655] ? trace_preempt_on+0x20/0xc0 [ 16.748680] ? __pfx_kthread+0x10/0x10 [ 16.748702] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.748724] ? calculate_sigpending+0x7b/0xa0 [ 16.748750] ? __pfx_kthread+0x10/0x10 [ 16.748773] ret_from_fork+0x116/0x1d0 [ 16.748792] ? __pfx_kthread+0x10/0x10 [ 16.748814] ret_from_fork_asm+0x1a/0x30 [ 16.748847] </TASK> [ 16.748859] [ 16.760229] Allocated by task 302: [ 16.760516] kasan_save_stack+0x45/0x70 [ 16.760721] kasan_save_track+0x18/0x40 [ 16.760891] kasan_save_alloc_info+0x3b/0x50 [ 16.761110] __kasan_kmalloc+0xb7/0xc0 [ 16.761295] __kmalloc_noprof+0x1c9/0x500 [ 16.761822] kunit_kmalloc_array+0x25/0x60 [ 16.762218] copy_user_test_oob+0xab/0x10f0 [ 16.762474] kunit_try_run_case+0x1a5/0x480 [ 16.762806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.763182] kthread+0x337/0x6f0 [ 16.763519] ret_from_fork+0x116/0x1d0 [ 16.763825] ret_from_fork_asm+0x1a/0x30 [ 16.764058] [ 16.764151] The buggy address belongs to the object at ffff888102ab9c00 [ 16.764151] which belongs to the cache kmalloc-128 of size 128 [ 16.765073] The buggy address is located 0 bytes inside of [ 16.765073] allocated 120-byte region [ffff888102ab9c00, ffff888102ab9c78) [ 16.765727] [ 16.766019] The buggy address belongs to the physical page: [ 16.766425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab9 [ 16.766839] flags: 0x200000000000000(node=0|zone=2) [ 16.767074] page_type: f5(slab) [ 16.767238] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.767827] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.768285] page dumped because: kasan: bad access detected [ 16.768719] [ 16.768824] Memory state around the buggy address: [ 16.769271] ffff888102ab9b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.769724] ffff888102ab9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.770170] >ffff888102ab9c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.770604] ^ [ 16.771023] ffff888102ab9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.771464] ffff888102ab9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.771886] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.679088] ================================================================== [ 16.679405] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.679853] Read of size 121 at addr ffff888102ab9c00 by task kunit_try_catch/302 [ 16.680173] [ 16.680301] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.680347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.680360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.680382] Call Trace: [ 16.680401] <TASK> [ 16.680420] dump_stack_lvl+0x73/0xb0 [ 16.680478] print_report+0xd1/0x650 [ 16.680504] ? __virt_addr_valid+0x1db/0x2d0 [ 16.680528] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.680593] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.680631] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.680668] kasan_report+0x141/0x180 [ 16.680718] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.680747] kasan_check_range+0x10c/0x1c0 [ 16.680797] __kasan_check_read+0x15/0x20 [ 16.680818] copy_user_test_oob+0x4aa/0x10f0 [ 16.680844] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.680880] ? finish_task_switch.isra.0+0x153/0x700 [ 16.680904] ? __switch_to+0x47/0xf50 [ 16.680930] ? __schedule+0x10cc/0x2b60 [ 16.680968] ? __pfx_read_tsc+0x10/0x10 [ 16.680990] ? ktime_get_ts64+0x86/0x230 [ 16.681015] kunit_try_run_case+0x1a5/0x480 [ 16.681041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.681065] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.681091] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.681147] ? __kthread_parkme+0x82/0x180 [ 16.681170] ? preempt_count_sub+0x50/0x80 [ 16.681205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.681230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.681257] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.681314] kthread+0x337/0x6f0 [ 16.681335] ? trace_preempt_on+0x20/0xc0 [ 16.681359] ? __pfx_kthread+0x10/0x10 [ 16.681401] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.681424] ? calculate_sigpending+0x7b/0xa0 [ 16.681450] ? __pfx_kthread+0x10/0x10 [ 16.681483] ret_from_fork+0x116/0x1d0 [ 16.681502] ? __pfx_kthread+0x10/0x10 [ 16.681524] ret_from_fork_asm+0x1a/0x30 [ 16.681557] </TASK> [ 16.681569] [ 16.688952] Allocated by task 302: [ 16.689130] kasan_save_stack+0x45/0x70 [ 16.689373] kasan_save_track+0x18/0x40 [ 16.689622] kasan_save_alloc_info+0x3b/0x50 [ 16.689840] __kasan_kmalloc+0xb7/0xc0 [ 16.690057] __kmalloc_noprof+0x1c9/0x500 [ 16.690234] kunit_kmalloc_array+0x25/0x60 [ 16.690515] copy_user_test_oob+0xab/0x10f0 [ 16.690743] kunit_try_run_case+0x1a5/0x480 [ 16.690888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.691074] kthread+0x337/0x6f0 [ 16.691195] ret_from_fork+0x116/0x1d0 [ 16.691338] ret_from_fork_asm+0x1a/0x30 [ 16.691585] [ 16.691684] The buggy address belongs to the object at ffff888102ab9c00 [ 16.691684] which belongs to the cache kmalloc-128 of size 128 [ 16.692235] The buggy address is located 0 bytes inside of [ 16.692235] allocated 120-byte region [ffff888102ab9c00, ffff888102ab9c78) [ 16.692893] [ 16.693027] The buggy address belongs to the physical page: [ 16.693338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab9 [ 16.693580] flags: 0x200000000000000(node=0|zone=2) [ 16.693742] page_type: f5(slab) [ 16.693864] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.694184] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.694921] page dumped because: kasan: bad access detected [ 16.695206] [ 16.695307] Memory state around the buggy address: [ 16.695464] ffff888102ab9b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.695862] ffff888102ab9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.696142] >ffff888102ab9c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.696583] ^ [ 16.696795] ffff888102ab9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.697021] ffff888102ab9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.697435] ================================================================== [ 16.698253] ================================================================== [ 16.698620] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.698979] Write of size 121 at addr ffff888102ab9c00 by task kunit_try_catch/302 [ 16.699381] [ 16.699487] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.699532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.699545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.699566] Call Trace: [ 16.699585] <TASK> [ 16.699602] dump_stack_lvl+0x73/0xb0 [ 16.699633] print_report+0xd1/0x650 [ 16.699658] ? __virt_addr_valid+0x1db/0x2d0 [ 16.699698] ? copy_user_test_oob+0x557/0x10f0 [ 16.699723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.699748] ? copy_user_test_oob+0x557/0x10f0 [ 16.699773] kasan_report+0x141/0x180 [ 16.699796] ? copy_user_test_oob+0x557/0x10f0 [ 16.699860] kasan_check_range+0x10c/0x1c0 [ 16.699885] __kasan_check_write+0x18/0x20 [ 16.699917] copy_user_test_oob+0x557/0x10f0 [ 16.699954] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.699978] ? finish_task_switch.isra.0+0x153/0x700 [ 16.700002] ? __switch_to+0x47/0xf50 [ 16.700028] ? __schedule+0x10cc/0x2b60 [ 16.700052] ? __pfx_read_tsc+0x10/0x10 [ 16.700075] ? ktime_get_ts64+0x86/0x230 [ 16.700100] kunit_try_run_case+0x1a5/0x480 [ 16.700126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.700150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.700176] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.700202] ? __kthread_parkme+0x82/0x180 [ 16.700224] ? preempt_count_sub+0x50/0x80 [ 16.700248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.700275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.700329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.700356] kthread+0x337/0x6f0 [ 16.700387] ? trace_preempt_on+0x20/0xc0 [ 16.700412] ? __pfx_kthread+0x10/0x10 [ 16.700463] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.700485] ? calculate_sigpending+0x7b/0xa0 [ 16.700522] ? __pfx_kthread+0x10/0x10 [ 16.700544] ret_from_fork+0x116/0x1d0 [ 16.700564] ? __pfx_kthread+0x10/0x10 [ 16.700586] ret_from_fork_asm+0x1a/0x30 [ 16.700618] </TASK> [ 16.700631] [ 16.708312] Allocated by task 302: [ 16.708539] kasan_save_stack+0x45/0x70 [ 16.708743] kasan_save_track+0x18/0x40 [ 16.708956] kasan_save_alloc_info+0x3b/0x50 [ 16.709140] __kasan_kmalloc+0xb7/0xc0 [ 16.709270] __kmalloc_noprof+0x1c9/0x500 [ 16.709535] kunit_kmalloc_array+0x25/0x60 [ 16.709819] copy_user_test_oob+0xab/0x10f0 [ 16.710084] kunit_try_run_case+0x1a5/0x480 [ 16.710305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.710560] kthread+0x337/0x6f0 [ 16.710718] ret_from_fork+0x116/0x1d0 [ 16.710878] ret_from_fork_asm+0x1a/0x30 [ 16.711023] [ 16.711093] The buggy address belongs to the object at ffff888102ab9c00 [ 16.711093] which belongs to the cache kmalloc-128 of size 128 [ 16.711542] The buggy address is located 0 bytes inside of [ 16.711542] allocated 120-byte region [ffff888102ab9c00, ffff888102ab9c78) [ 16.713177] [ 16.713287] The buggy address belongs to the physical page: [ 16.713584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab9 [ 16.714152] flags: 0x200000000000000(node=0|zone=2) [ 16.714504] page_type: f5(slab) [ 16.714805] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.715243] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.715828] page dumped because: kasan: bad access detected [ 16.716195] [ 16.716410] Memory state around the buggy address: [ 16.716708] ffff888102ab9b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.717131] ffff888102ab9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.717643] >ffff888102ab9c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.717987] ^ [ 16.718303] ffff888102ab9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.718677] ffff888102ab9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.718963] ================================================================== [ 16.719569] ================================================================== [ 16.719813] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.720993] Read of size 121 at addr ffff888102ab9c00 by task kunit_try_catch/302 [ 16.721874] [ 16.722002] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.722050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.722325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.722350] Call Trace: [ 16.722371] <TASK> [ 16.722392] dump_stack_lvl+0x73/0xb0 [ 16.722427] print_report+0xd1/0x650 [ 16.722453] ? __virt_addr_valid+0x1db/0x2d0 [ 16.722478] ? copy_user_test_oob+0x604/0x10f0 [ 16.722503] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.722528] ? copy_user_test_oob+0x604/0x10f0 [ 16.722553] kasan_report+0x141/0x180 [ 16.722576] ? copy_user_test_oob+0x604/0x10f0 [ 16.722605] kasan_check_range+0x10c/0x1c0 [ 16.722630] __kasan_check_read+0x15/0x20 [ 16.722650] copy_user_test_oob+0x604/0x10f0 [ 16.722677] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.722701] ? finish_task_switch.isra.0+0x153/0x700 [ 16.722732] ? __switch_to+0x47/0xf50 [ 16.722758] ? __schedule+0x10cc/0x2b60 [ 16.722781] ? __pfx_read_tsc+0x10/0x10 [ 16.722804] ? ktime_get_ts64+0x86/0x230 [ 16.722829] kunit_try_run_case+0x1a5/0x480 [ 16.722854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.722879] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.722904] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.722929] ? __kthread_parkme+0x82/0x180 [ 16.722963] ? preempt_count_sub+0x50/0x80 [ 16.722988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.723014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.723040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.723066] kthread+0x337/0x6f0 [ 16.723086] ? trace_preempt_on+0x20/0xc0 [ 16.723111] ? __pfx_kthread+0x10/0x10 [ 16.723132] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.723155] ? calculate_sigpending+0x7b/0xa0 [ 16.723181] ? __pfx_kthread+0x10/0x10 [ 16.723203] ret_from_fork+0x116/0x1d0 [ 16.723223] ? __pfx_kthread+0x10/0x10 [ 16.723244] ret_from_fork_asm+0x1a/0x30 [ 16.723288] </TASK> [ 16.723300] [ 16.733240] Allocated by task 302: [ 16.733440] kasan_save_stack+0x45/0x70 [ 16.733651] kasan_save_track+0x18/0x40 [ 16.733833] kasan_save_alloc_info+0x3b/0x50 [ 16.734800] __kasan_kmalloc+0xb7/0xc0 [ 16.734972] __kmalloc_noprof+0x1c9/0x500 [ 16.735449] kunit_kmalloc_array+0x25/0x60 [ 16.735770] copy_user_test_oob+0xab/0x10f0 [ 16.736118] kunit_try_run_case+0x1a5/0x480 [ 16.736359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.736595] kthread+0x337/0x6f0 [ 16.736771] ret_from_fork+0x116/0x1d0 [ 16.736967] ret_from_fork_asm+0x1a/0x30 [ 16.737160] [ 16.737247] The buggy address belongs to the object at ffff888102ab9c00 [ 16.737247] which belongs to the cache kmalloc-128 of size 128 [ 16.738173] The buggy address is located 0 bytes inside of [ 16.738173] allocated 120-byte region [ffff888102ab9c00, ffff888102ab9c78) [ 16.739000] [ 16.739111] The buggy address belongs to the physical page: [ 16.739522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab9 [ 16.739998] flags: 0x200000000000000(node=0|zone=2) [ 16.740347] page_type: f5(slab) [ 16.740533] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.740812] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.741157] page dumped because: kasan: bad access detected [ 16.741656] [ 16.741752] Memory state around the buggy address: [ 16.742140] ffff888102ab9b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.742618] ffff888102ab9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.743038] >ffff888102ab9c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.743553] ^ [ 16.743975] ffff888102ab9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.744515] ffff888102ab9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.744826] ================================================================== [ 16.659661] ================================================================== [ 16.660066] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.660442] Write of size 121 at addr ffff888102ab9c00 by task kunit_try_catch/302 [ 16.660715] [ 16.660845] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.660915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.660929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.660964] Call Trace: [ 16.660980] <TASK> [ 16.660999] dump_stack_lvl+0x73/0xb0 [ 16.661033] print_report+0xd1/0x650 [ 16.661057] ? __virt_addr_valid+0x1db/0x2d0 [ 16.661081] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.661106] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.661131] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.661157] kasan_report+0x141/0x180 [ 16.661179] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.661241] kasan_check_range+0x10c/0x1c0 [ 16.661266] __kasan_check_write+0x18/0x20 [ 16.661310] copy_user_test_oob+0x3fd/0x10f0 [ 16.661337] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.661362] ? finish_task_switch.isra.0+0x153/0x700 [ 16.661386] ? __switch_to+0x47/0xf50 [ 16.661413] ? __schedule+0x10cc/0x2b60 [ 16.661437] ? __pfx_read_tsc+0x10/0x10 [ 16.661459] ? ktime_get_ts64+0x86/0x230 [ 16.661484] kunit_try_run_case+0x1a5/0x480 [ 16.661510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.661534] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.661559] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.661585] ? __kthread_parkme+0x82/0x180 [ 16.661607] ? preempt_count_sub+0x50/0x80 [ 16.661631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.661656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.661683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.661710] kthread+0x337/0x6f0 [ 16.661730] ? trace_preempt_on+0x20/0xc0 [ 16.661754] ? __pfx_kthread+0x10/0x10 [ 16.661776] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.661799] ? calculate_sigpending+0x7b/0xa0 [ 16.661824] ? __pfx_kthread+0x10/0x10 [ 16.661846] ret_from_fork+0x116/0x1d0 [ 16.661865] ? __pfx_kthread+0x10/0x10 [ 16.661887] ret_from_fork_asm+0x1a/0x30 [ 16.661919] </TASK> [ 16.661931] [ 16.669551] Allocated by task 302: [ 16.669799] kasan_save_stack+0x45/0x70 [ 16.670019] kasan_save_track+0x18/0x40 [ 16.670218] kasan_save_alloc_info+0x3b/0x50 [ 16.670499] __kasan_kmalloc+0xb7/0xc0 [ 16.670686] __kmalloc_noprof+0x1c9/0x500 [ 16.670910] kunit_kmalloc_array+0x25/0x60 [ 16.671139] copy_user_test_oob+0xab/0x10f0 [ 16.671379] kunit_try_run_case+0x1a5/0x480 [ 16.671528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.671704] kthread+0x337/0x6f0 [ 16.671879] ret_from_fork+0x116/0x1d0 [ 16.672084] ret_from_fork_asm+0x1a/0x30 [ 16.672286] [ 16.672424] The buggy address belongs to the object at ffff888102ab9c00 [ 16.672424] which belongs to the cache kmalloc-128 of size 128 [ 16.672924] The buggy address is located 0 bytes inside of [ 16.672924] allocated 120-byte region [ffff888102ab9c00, ffff888102ab9c78) [ 16.673531] [ 16.673607] The buggy address belongs to the physical page: [ 16.673781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab9 [ 16.674192] flags: 0x200000000000000(node=0|zone=2) [ 16.674647] page_type: f5(slab) [ 16.674825] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.675195] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.675609] page dumped because: kasan: bad access detected [ 16.675843] [ 16.675913] Memory state around the buggy address: [ 16.676149] ffff888102ab9b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.676624] ffff888102ab9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.676955] >ffff888102ab9c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.677169] ^ [ 16.677710] ffff888102ab9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.678068] ffff888102ab9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.678397] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.637287] ================================================================== [ 16.637637] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.637928] Read of size 121 at addr ffff888102ab9c00 by task kunit_try_catch/302 [ 16.638318] [ 16.638484] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.638531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.638544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.638576] Call Trace: [ 16.638592] <TASK> [ 16.638612] dump_stack_lvl+0x73/0xb0 [ 16.638656] print_report+0xd1/0x650 [ 16.638681] ? __virt_addr_valid+0x1db/0x2d0 [ 16.638712] ? _copy_to_user+0x3c/0x70 [ 16.638732] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.638767] ? _copy_to_user+0x3c/0x70 [ 16.638787] kasan_report+0x141/0x180 [ 16.638810] ? _copy_to_user+0x3c/0x70 [ 16.638845] kasan_check_range+0x10c/0x1c0 [ 16.638870] __kasan_check_read+0x15/0x20 [ 16.638890] _copy_to_user+0x3c/0x70 [ 16.638911] copy_user_test_oob+0x364/0x10f0 [ 16.638957] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.638982] ? finish_task_switch.isra.0+0x153/0x700 [ 16.639018] ? __switch_to+0x47/0xf50 [ 16.639045] ? __schedule+0x10cc/0x2b60 [ 16.639069] ? __pfx_read_tsc+0x10/0x10 [ 16.639091] ? ktime_get_ts64+0x86/0x230 [ 16.639125] kunit_try_run_case+0x1a5/0x480 [ 16.639151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.639175] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.639210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.639235] ? __kthread_parkme+0x82/0x180 [ 16.639258] ? preempt_count_sub+0x50/0x80 [ 16.639291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.639317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.639344] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.639370] kthread+0x337/0x6f0 [ 16.639390] ? trace_preempt_on+0x20/0xc0 [ 16.639415] ? __pfx_kthread+0x10/0x10 [ 16.639437] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.639459] ? calculate_sigpending+0x7b/0xa0 [ 16.639485] ? __pfx_kthread+0x10/0x10 [ 16.639508] ret_from_fork+0x116/0x1d0 [ 16.639527] ? __pfx_kthread+0x10/0x10 [ 16.639549] ret_from_fork_asm+0x1a/0x30 [ 16.639581] </TASK> [ 16.639593] [ 16.646967] Allocated by task 302: [ 16.647181] kasan_save_stack+0x45/0x70 [ 16.647445] kasan_save_track+0x18/0x40 [ 16.647666] kasan_save_alloc_info+0x3b/0x50 [ 16.647896] __kasan_kmalloc+0xb7/0xc0 [ 16.648089] __kmalloc_noprof+0x1c9/0x500 [ 16.648229] kunit_kmalloc_array+0x25/0x60 [ 16.648517] copy_user_test_oob+0xab/0x10f0 [ 16.648730] kunit_try_run_case+0x1a5/0x480 [ 16.648874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.649058] kthread+0x337/0x6f0 [ 16.649179] ret_from_fork+0x116/0x1d0 [ 16.649460] ret_from_fork_asm+0x1a/0x30 [ 16.649688] [ 16.649881] The buggy address belongs to the object at ffff888102ab9c00 [ 16.649881] which belongs to the cache kmalloc-128 of size 128 [ 16.650404] The buggy address is located 0 bytes inside of [ 16.650404] allocated 120-byte region [ffff888102ab9c00, ffff888102ab9c78) [ 16.650761] [ 16.650843] The buggy address belongs to the physical page: [ 16.651110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab9 [ 16.651612] flags: 0x200000000000000(node=0|zone=2) [ 16.651835] page_type: f5(slab) [ 16.652010] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.652393] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.652701] page dumped because: kasan: bad access detected [ 16.652903] [ 16.652983] Memory state around the buggy address: [ 16.653138] ffff888102ab9b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.653402] ffff888102ab9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.653732] >ffff888102ab9c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.654052] ^ [ 16.654367] ffff888102ab9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.654621] ffff888102ab9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.654947] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.606898] ================================================================== [ 16.608610] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.609477] Write of size 121 at addr ffff888102ab9c00 by task kunit_try_catch/302 [ 16.610502] [ 16.610862] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.610920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.610935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.610976] Call Trace: [ 16.610992] <TASK> [ 16.611067] dump_stack_lvl+0x73/0xb0 [ 16.611213] print_report+0xd1/0x650 [ 16.611246] ? __virt_addr_valid+0x1db/0x2d0 [ 16.611296] ? _copy_from_user+0x32/0x90 [ 16.611319] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.611347] ? _copy_from_user+0x32/0x90 [ 16.611369] kasan_report+0x141/0x180 [ 16.611392] ? _copy_from_user+0x32/0x90 [ 16.611418] kasan_check_range+0x10c/0x1c0 [ 16.611443] __kasan_check_write+0x18/0x20 [ 16.611465] _copy_from_user+0x32/0x90 [ 16.611488] copy_user_test_oob+0x2be/0x10f0 [ 16.611515] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.611541] ? finish_task_switch.isra.0+0x153/0x700 [ 16.611567] ? __switch_to+0x47/0xf50 [ 16.611595] ? __schedule+0x10cc/0x2b60 [ 16.611619] ? __pfx_read_tsc+0x10/0x10 [ 16.611642] ? ktime_get_ts64+0x86/0x230 [ 16.611669] kunit_try_run_case+0x1a5/0x480 [ 16.611694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.611718] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.611745] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.611771] ? __kthread_parkme+0x82/0x180 [ 16.611794] ? preempt_count_sub+0x50/0x80 [ 16.611818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.611844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.611870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.611897] kthread+0x337/0x6f0 [ 16.611917] ? trace_preempt_on+0x20/0xc0 [ 16.611955] ? __pfx_kthread+0x10/0x10 [ 16.611977] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.612000] ? calculate_sigpending+0x7b/0xa0 [ 16.612027] ? __pfx_kthread+0x10/0x10 [ 16.612049] ret_from_fork+0x116/0x1d0 [ 16.612069] ? __pfx_kthread+0x10/0x10 [ 16.612091] ret_from_fork_asm+0x1a/0x30 [ 16.612123] </TASK> [ 16.612136] [ 16.622847] Allocated by task 302: [ 16.623014] kasan_save_stack+0x45/0x70 [ 16.623276] kasan_save_track+0x18/0x40 [ 16.623694] kasan_save_alloc_info+0x3b/0x50 [ 16.624127] __kasan_kmalloc+0xb7/0xc0 [ 16.624510] __kmalloc_noprof+0x1c9/0x500 [ 16.624915] kunit_kmalloc_array+0x25/0x60 [ 16.625363] copy_user_test_oob+0xab/0x10f0 [ 16.625584] kunit_try_run_case+0x1a5/0x480 [ 16.625732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.625907] kthread+0x337/0x6f0 [ 16.626199] ret_from_fork+0x116/0x1d0 [ 16.626552] ret_from_fork_asm+0x1a/0x30 [ 16.627049] [ 16.627221] The buggy address belongs to the object at ffff888102ab9c00 [ 16.627221] which belongs to the cache kmalloc-128 of size 128 [ 16.628468] The buggy address is located 0 bytes inside of [ 16.628468] allocated 120-byte region [ffff888102ab9c00, ffff888102ab9c78) [ 16.629411] [ 16.629490] The buggy address belongs to the physical page: [ 16.629667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab9 [ 16.629908] flags: 0x200000000000000(node=0|zone=2) [ 16.630129] page_type: f5(slab) [ 16.630298] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.630646] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.631095] page dumped because: kasan: bad access detected [ 16.631318] [ 16.631387] Memory state around the buggy address: [ 16.631805] ffff888102ab9b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.632097] ffff888102ab9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.632450] >ffff888102ab9c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.632662] ^ [ 16.632988] ffff888102ab9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.633325] ffff888102ab9d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.633657] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.569699] ================================================================== [ 16.570079] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.570468] Write of size 8 at addr ffff8881026ad678 by task kunit_try_catch/298 [ 16.570987] [ 16.571287] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.571336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.571349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.571372] Call Trace: [ 16.571386] <TASK> [ 16.571402] dump_stack_lvl+0x73/0xb0 [ 16.571435] print_report+0xd1/0x650 [ 16.571459] ? __virt_addr_valid+0x1db/0x2d0 [ 16.571484] ? copy_to_kernel_nofault+0x99/0x260 [ 16.571677] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.571707] ? copy_to_kernel_nofault+0x99/0x260 [ 16.571733] kasan_report+0x141/0x180 [ 16.571757] ? copy_to_kernel_nofault+0x99/0x260 [ 16.571787] kasan_check_range+0x10c/0x1c0 [ 16.571812] __kasan_check_write+0x18/0x20 [ 16.571834] copy_to_kernel_nofault+0x99/0x260 [ 16.571861] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.571887] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.571912] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.571961] ? trace_hardirqs_on+0x37/0xe0 [ 16.571995] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.572025] kunit_try_run_case+0x1a5/0x480 [ 16.572052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.572076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.572102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.572127] ? __kthread_parkme+0x82/0x180 [ 16.572149] ? preempt_count_sub+0x50/0x80 [ 16.572175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.572201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.572227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.572255] kthread+0x337/0x6f0 [ 16.572276] ? trace_preempt_on+0x20/0xc0 [ 16.572299] ? __pfx_kthread+0x10/0x10 [ 16.572321] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.572344] ? calculate_sigpending+0x7b/0xa0 [ 16.572369] ? __pfx_kthread+0x10/0x10 [ 16.572393] ret_from_fork+0x116/0x1d0 [ 16.572413] ? __pfx_kthread+0x10/0x10 [ 16.572435] ret_from_fork_asm+0x1a/0x30 [ 16.572468] </TASK> [ 16.572480] [ 16.582171] Allocated by task 298: [ 16.582499] kasan_save_stack+0x45/0x70 [ 16.582809] kasan_save_track+0x18/0x40 [ 16.583192] kasan_save_alloc_info+0x3b/0x50 [ 16.583514] __kasan_kmalloc+0xb7/0xc0 [ 16.583686] __kmalloc_cache_noprof+0x189/0x420 [ 16.583894] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.584328] kunit_try_run_case+0x1a5/0x480 [ 16.584512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.584908] kthread+0x337/0x6f0 [ 16.585137] ret_from_fork+0x116/0x1d0 [ 16.585398] ret_from_fork_asm+0x1a/0x30 [ 16.585560] [ 16.585666] The buggy address belongs to the object at ffff8881026ad600 [ 16.585666] which belongs to the cache kmalloc-128 of size 128 [ 16.586112] The buggy address is located 0 bytes to the right of [ 16.586112] allocated 120-byte region [ffff8881026ad600, ffff8881026ad678) [ 16.586980] [ 16.587066] The buggy address belongs to the physical page: [ 16.587241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ad [ 16.587481] flags: 0x200000000000000(node=0|zone=2) [ 16.587644] page_type: f5(slab) [ 16.587767] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.588087] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.588316] page dumped because: kasan: bad access detected [ 16.588486] [ 16.588678] Memory state around the buggy address: [ 16.588867] ffff8881026ad500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.589097] ffff8881026ad580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.589311] >ffff8881026ad600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.589523] ^ [ 16.589753] ffff8881026ad680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.589985] ffff8881026ad700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.590412] ================================================================== [ 16.544278] ================================================================== [ 16.544826] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.545118] Read of size 8 at addr ffff8881026ad678 by task kunit_try_catch/298 [ 16.545726] [ 16.545893] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.546039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.546055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.546079] Call Trace: [ 16.546093] <TASK> [ 16.546115] dump_stack_lvl+0x73/0xb0 [ 16.546153] print_report+0xd1/0x650 [ 16.546181] ? __virt_addr_valid+0x1db/0x2d0 [ 16.546207] ? copy_to_kernel_nofault+0x225/0x260 [ 16.546234] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.546259] ? copy_to_kernel_nofault+0x225/0x260 [ 16.546569] kasan_report+0x141/0x180 [ 16.546598] ? copy_to_kernel_nofault+0x225/0x260 [ 16.546628] __asan_report_load8_noabort+0x18/0x20 [ 16.546655] copy_to_kernel_nofault+0x225/0x260 [ 16.546682] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.546715] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.546741] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.546770] ? trace_hardirqs_on+0x37/0xe0 [ 16.546804] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.546833] kunit_try_run_case+0x1a5/0x480 [ 16.546861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.546885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.546912] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.546946] ? __kthread_parkme+0x82/0x180 [ 16.546989] ? preempt_count_sub+0x50/0x80 [ 16.547015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.547041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.547068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.547094] kthread+0x337/0x6f0 [ 16.547114] ? trace_preempt_on+0x20/0xc0 [ 16.547138] ? __pfx_kthread+0x10/0x10 [ 16.547160] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.547184] ? calculate_sigpending+0x7b/0xa0 [ 16.547210] ? __pfx_kthread+0x10/0x10 [ 16.547232] ret_from_fork+0x116/0x1d0 [ 16.547253] ? __pfx_kthread+0x10/0x10 [ 16.547285] ret_from_fork_asm+0x1a/0x30 [ 16.547318] </TASK> [ 16.547331] [ 16.557789] Allocated by task 298: [ 16.558217] kasan_save_stack+0x45/0x70 [ 16.558527] kasan_save_track+0x18/0x40 [ 16.558787] kasan_save_alloc_info+0x3b/0x50 [ 16.559223] __kasan_kmalloc+0xb7/0xc0 [ 16.559384] __kmalloc_cache_noprof+0x189/0x420 [ 16.559762] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.560128] kunit_try_run_case+0x1a5/0x480 [ 16.560307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.560591] kthread+0x337/0x6f0 [ 16.561013] ret_from_fork+0x116/0x1d0 [ 16.561320] ret_from_fork_asm+0x1a/0x30 [ 16.561613] [ 16.561784] The buggy address belongs to the object at ffff8881026ad600 [ 16.561784] which belongs to the cache kmalloc-128 of size 128 [ 16.562479] The buggy address is located 0 bytes to the right of [ 16.562479] allocated 120-byte region [ffff8881026ad600, ffff8881026ad678) [ 16.563278] [ 16.563380] The buggy address belongs to the physical page: [ 16.563595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ad [ 16.564164] flags: 0x200000000000000(node=0|zone=2) [ 16.564383] page_type: f5(slab) [ 16.564681] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.565119] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.565409] page dumped because: kasan: bad access detected [ 16.565753] [ 16.565848] Memory state around the buggy address: [ 16.566197] ffff8881026ad500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.566702] ffff8881026ad580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.567152] >ffff8881026ad600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.567553] ^ [ 16.567832] ffff8881026ad680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.568279] ffff8881026ad700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.568654] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 16.137289] ================================================================== [ 16.137603] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 16.137899] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.138224] [ 16.138355] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.138399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.138411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.138432] Call Trace: [ 16.138449] <TASK> [ 16.138467] dump_stack_lvl+0x73/0xb0 [ 16.138498] print_report+0xd1/0x650 [ 16.138522] ? __virt_addr_valid+0x1db/0x2d0 [ 16.138546] ? kasan_atomics_helper+0x194a/0x5450 [ 16.138569] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.138593] ? kasan_atomics_helper+0x194a/0x5450 [ 16.138617] kasan_report+0x141/0x180 [ 16.138639] ? kasan_atomics_helper+0x194a/0x5450 [ 16.138666] kasan_check_range+0x10c/0x1c0 [ 16.138691] __kasan_check_write+0x18/0x20 [ 16.138720] kasan_atomics_helper+0x194a/0x5450 [ 16.138743] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.138768] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.138794] ? kasan_atomics+0x152/0x310 [ 16.138821] kasan_atomics+0x1dc/0x310 [ 16.138844] ? __pfx_kasan_atomics+0x10/0x10 [ 16.138870] ? __pfx_read_tsc+0x10/0x10 [ 16.138892] ? ktime_get_ts64+0x86/0x230 [ 16.138916] kunit_try_run_case+0x1a5/0x480 [ 16.138952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.138975] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.139001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.139026] ? __kthread_parkme+0x82/0x180 [ 16.139047] ? preempt_count_sub+0x50/0x80 [ 16.139072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.139098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.139123] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.139149] kthread+0x337/0x6f0 [ 16.139168] ? trace_preempt_on+0x20/0xc0 [ 16.139193] ? __pfx_kthread+0x10/0x10 [ 16.139214] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.139237] ? calculate_sigpending+0x7b/0xa0 [ 16.139282] ? __pfx_kthread+0x10/0x10 [ 16.139304] ret_from_fork+0x116/0x1d0 [ 16.139323] ? __pfx_kthread+0x10/0x10 [ 16.139344] ret_from_fork_asm+0x1a/0x30 [ 16.139376] </TASK> [ 16.139386] [ 16.146451] Allocated by task 282: [ 16.146630] kasan_save_stack+0x45/0x70 [ 16.146834] kasan_save_track+0x18/0x40 [ 16.146983] kasan_save_alloc_info+0x3b/0x50 [ 16.147147] __kasan_kmalloc+0xb7/0xc0 [ 16.147360] __kmalloc_cache_noprof+0x189/0x420 [ 16.147585] kasan_atomics+0x95/0x310 [ 16.147772] kunit_try_run_case+0x1a5/0x480 [ 16.147966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.148177] kthread+0x337/0x6f0 [ 16.148372] ret_from_fork+0x116/0x1d0 [ 16.148540] ret_from_fork_asm+0x1a/0x30 [ 16.148708] [ 16.148778] The buggy address belongs to the object at ffff888102ac2380 [ 16.148778] which belongs to the cache kmalloc-64 of size 64 [ 16.149137] The buggy address is located 0 bytes to the right of [ 16.149137] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.149520] [ 16.149593] The buggy address belongs to the physical page: [ 16.149763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.150125] flags: 0x200000000000000(node=0|zone=2) [ 16.150380] page_type: f5(slab) [ 16.150549] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.150886] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.151228] page dumped because: kasan: bad access detected [ 16.151499] [ 16.151579] Memory state around the buggy address: [ 16.151787] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.152040] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.152270] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.152482] ^ [ 16.152635] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.152847] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.153157] ================================================================== [ 16.171856] ================================================================== [ 16.172199] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 16.172466] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.172804] [ 16.172918] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.172972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.172985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.173006] Call Trace: [ 16.173026] <TASK> [ 16.173046] dump_stack_lvl+0x73/0xb0 [ 16.173077] print_report+0xd1/0x650 [ 16.173101] ? __virt_addr_valid+0x1db/0x2d0 [ 16.173125] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.173147] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.173171] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.173195] kasan_report+0x141/0x180 [ 16.173217] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.173244] kasan_check_range+0x10c/0x1c0 [ 16.173276] __kasan_check_write+0x18/0x20 [ 16.173297] kasan_atomics_helper+0x1a7f/0x5450 [ 16.173321] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.173344] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.173370] ? kasan_atomics+0x152/0x310 [ 16.173397] kasan_atomics+0x1dc/0x310 [ 16.173420] ? __pfx_kasan_atomics+0x10/0x10 [ 16.173445] ? __pfx_read_tsc+0x10/0x10 [ 16.173468] ? ktime_get_ts64+0x86/0x230 [ 16.173493] kunit_try_run_case+0x1a5/0x480 [ 16.173518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.173542] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.173568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.173592] ? __kthread_parkme+0x82/0x180 [ 16.173614] ? preempt_count_sub+0x50/0x80 [ 16.173639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.173664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.173690] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.173716] kthread+0x337/0x6f0 [ 16.173736] ? trace_preempt_on+0x20/0xc0 [ 16.173762] ? __pfx_kthread+0x10/0x10 [ 16.173783] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.173806] ? calculate_sigpending+0x7b/0xa0 [ 16.173831] ? __pfx_kthread+0x10/0x10 [ 16.173853] ret_from_fork+0x116/0x1d0 [ 16.173873] ? __pfx_kthread+0x10/0x10 [ 16.173894] ret_from_fork_asm+0x1a/0x30 [ 16.173925] </TASK> [ 16.173945] [ 16.181138] Allocated by task 282: [ 16.181293] kasan_save_stack+0x45/0x70 [ 16.181439] kasan_save_track+0x18/0x40 [ 16.181574] kasan_save_alloc_info+0x3b/0x50 [ 16.181723] __kasan_kmalloc+0xb7/0xc0 [ 16.181855] __kmalloc_cache_noprof+0x189/0x420 [ 16.182022] kasan_atomics+0x95/0x310 [ 16.182283] kunit_try_run_case+0x1a5/0x480 [ 16.182619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.182875] kthread+0x337/0x6f0 [ 16.183050] ret_from_fork+0x116/0x1d0 [ 16.183236] ret_from_fork_asm+0x1a/0x30 [ 16.183448] [ 16.183540] The buggy address belongs to the object at ffff888102ac2380 [ 16.183540] which belongs to the cache kmalloc-64 of size 64 [ 16.184064] The buggy address is located 0 bytes to the right of [ 16.184064] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.184566] [ 16.184639] The buggy address belongs to the physical page: [ 16.184809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.185057] flags: 0x200000000000000(node=0|zone=2) [ 16.185219] page_type: f5(slab) [ 16.185363] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.185667] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.186027] page dumped because: kasan: bad access detected [ 16.186307] [ 16.186403] Memory state around the buggy address: [ 16.186632] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.186972] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.187316] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.187583] ^ [ 16.187742] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.188078] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.188375] ================================================================== [ 16.223045] ================================================================== [ 16.223353] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.223594] Read of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.223814] [ 16.223904] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.223974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.223989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.224011] Call Trace: [ 16.224029] <TASK> [ 16.224048] dump_stack_lvl+0x73/0xb0 [ 16.224080] print_report+0xd1/0x650 [ 16.224103] ? __virt_addr_valid+0x1db/0x2d0 [ 16.224128] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.224171] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.224205] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.224229] kasan_report+0x141/0x180 [ 16.224285] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.224334] __asan_report_load8_noabort+0x18/0x20 [ 16.224360] kasan_atomics_helper+0x4f30/0x5450 [ 16.224384] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.224408] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.224447] ? kasan_atomics+0x152/0x310 [ 16.224474] kasan_atomics+0x1dc/0x310 [ 16.224498] ? __pfx_kasan_atomics+0x10/0x10 [ 16.224524] ? __pfx_read_tsc+0x10/0x10 [ 16.224547] ? ktime_get_ts64+0x86/0x230 [ 16.224573] kunit_try_run_case+0x1a5/0x480 [ 16.224599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.224622] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.224647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.224672] ? __kthread_parkme+0x82/0x180 [ 16.224694] ? preempt_count_sub+0x50/0x80 [ 16.224719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.224744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.224770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.224797] kthread+0x337/0x6f0 [ 16.224816] ? trace_preempt_on+0x20/0xc0 [ 16.224842] ? __pfx_kthread+0x10/0x10 [ 16.224863] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.224886] ? calculate_sigpending+0x7b/0xa0 [ 16.224911] ? __pfx_kthread+0x10/0x10 [ 16.224934] ret_from_fork+0x116/0x1d0 [ 16.224965] ? __pfx_kthread+0x10/0x10 [ 16.224987] ret_from_fork_asm+0x1a/0x30 [ 16.225019] </TASK> [ 16.225031] [ 16.232354] Allocated by task 282: [ 16.232539] kasan_save_stack+0x45/0x70 [ 16.232735] kasan_save_track+0x18/0x40 [ 16.232929] kasan_save_alloc_info+0x3b/0x50 [ 16.233147] __kasan_kmalloc+0xb7/0xc0 [ 16.233342] __kmalloc_cache_noprof+0x189/0x420 [ 16.233536] kasan_atomics+0x95/0x310 [ 16.233688] kunit_try_run_case+0x1a5/0x480 [ 16.233897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.234113] kthread+0x337/0x6f0 [ 16.234234] ret_from_fork+0x116/0x1d0 [ 16.234386] ret_from_fork_asm+0x1a/0x30 [ 16.234525] [ 16.234594] The buggy address belongs to the object at ffff888102ac2380 [ 16.234594] which belongs to the cache kmalloc-64 of size 64 [ 16.234957] The buggy address is located 0 bytes to the right of [ 16.234957] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.235529] [ 16.235629] The buggy address belongs to the physical page: [ 16.235885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.236270] flags: 0x200000000000000(node=0|zone=2) [ 16.236512] page_type: f5(slab) [ 16.236686] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.237043] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.237372] page dumped because: kasan: bad access detected [ 16.237600] [ 16.237687] Memory state around the buggy address: [ 16.237880] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.238164] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.238431] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.238643] ^ [ 16.238802] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.239060] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.239404] ================================================================== [ 15.849104] ================================================================== [ 15.849376] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.849919] Read of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.850210] [ 15.850316] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.850358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.850370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.850392] Call Trace: [ 15.850410] <TASK> [ 15.850429] dump_stack_lvl+0x73/0xb0 [ 15.850460] print_report+0xd1/0x650 [ 15.850484] ? __virt_addr_valid+0x1db/0x2d0 [ 15.850507] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.850530] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.850566] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.850589] kasan_report+0x141/0x180 [ 15.850613] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.850653] __asan_report_load4_noabort+0x18/0x20 [ 15.850680] kasan_atomics_helper+0x49e8/0x5450 [ 15.850704] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.850731] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.850758] ? kasan_atomics+0x152/0x310 [ 15.850784] kasan_atomics+0x1dc/0x310 [ 15.850807] ? __pfx_kasan_atomics+0x10/0x10 [ 15.850833] ? __pfx_read_tsc+0x10/0x10 [ 15.850856] ? ktime_get_ts64+0x86/0x230 [ 15.850881] kunit_try_run_case+0x1a5/0x480 [ 15.850908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.850931] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.850967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.850992] ? __kthread_parkme+0x82/0x180 [ 15.851014] ? preempt_count_sub+0x50/0x80 [ 15.851039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.851064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.851089] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.851115] kthread+0x337/0x6f0 [ 15.851134] ? trace_preempt_on+0x20/0xc0 [ 15.851160] ? __pfx_kthread+0x10/0x10 [ 15.851181] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.851204] ? calculate_sigpending+0x7b/0xa0 [ 15.851229] ? __pfx_kthread+0x10/0x10 [ 15.851251] ret_from_fork+0x116/0x1d0 [ 15.851282] ? __pfx_kthread+0x10/0x10 [ 15.851304] ret_from_fork_asm+0x1a/0x30 [ 15.851336] </TASK> [ 15.851348] [ 15.858998] Allocated by task 282: [ 15.859207] kasan_save_stack+0x45/0x70 [ 15.859411] kasan_save_track+0x18/0x40 [ 15.859548] kasan_save_alloc_info+0x3b/0x50 [ 15.859698] __kasan_kmalloc+0xb7/0xc0 [ 15.859875] __kmalloc_cache_noprof+0x189/0x420 [ 15.860135] kasan_atomics+0x95/0x310 [ 15.860392] kunit_try_run_case+0x1a5/0x480 [ 15.860628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.860909] kthread+0x337/0x6f0 [ 15.861053] ret_from_fork+0x116/0x1d0 [ 15.861236] ret_from_fork_asm+0x1a/0x30 [ 15.861458] [ 15.861530] The buggy address belongs to the object at ffff888102ac2380 [ 15.861530] which belongs to the cache kmalloc-64 of size 64 [ 15.861877] The buggy address is located 0 bytes to the right of [ 15.861877] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.862339] [ 15.862434] The buggy address belongs to the physical page: [ 15.862683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.863095] flags: 0x200000000000000(node=0|zone=2) [ 15.863339] page_type: f5(slab) [ 15.863458] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.863684] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.863907] page dumped because: kasan: bad access detected [ 15.864158] [ 15.864254] Memory state around the buggy address: [ 15.864490] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.864834] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.865174] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.865526] ^ [ 15.865755] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.866110] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.866489] ================================================================== [ 16.466565] ================================================================== [ 16.466871] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.467301] Read of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.467599] [ 16.467685] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.467727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.467739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.467760] Call Trace: [ 16.467779] <TASK> [ 16.467795] dump_stack_lvl+0x73/0xb0 [ 16.467825] print_report+0xd1/0x650 [ 16.467850] ? __virt_addr_valid+0x1db/0x2d0 [ 16.467873] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.467895] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.467920] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.467953] kasan_report+0x141/0x180 [ 16.467976] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.468004] __asan_report_load8_noabort+0x18/0x20 [ 16.468030] kasan_atomics_helper+0x4fa5/0x5450 [ 16.468054] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.468077] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.468104] ? kasan_atomics+0x152/0x310 [ 16.468131] kasan_atomics+0x1dc/0x310 [ 16.468155] ? __pfx_kasan_atomics+0x10/0x10 [ 16.468220] ? __pfx_read_tsc+0x10/0x10 [ 16.468244] ? ktime_get_ts64+0x86/0x230 [ 16.468289] kunit_try_run_case+0x1a5/0x480 [ 16.468315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.468371] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.468398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.468423] ? __kthread_parkme+0x82/0x180 [ 16.468446] ? preempt_count_sub+0x50/0x80 [ 16.468471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.468497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.468553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.468581] kthread+0x337/0x6f0 [ 16.468601] ? trace_preempt_on+0x20/0xc0 [ 16.468626] ? __pfx_kthread+0x10/0x10 [ 16.468648] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.468671] ? calculate_sigpending+0x7b/0xa0 [ 16.468727] ? __pfx_kthread+0x10/0x10 [ 16.468750] ret_from_fork+0x116/0x1d0 [ 16.468769] ? __pfx_kthread+0x10/0x10 [ 16.468792] ret_from_fork_asm+0x1a/0x30 [ 16.468854] </TASK> [ 16.468866] [ 16.476927] Allocated by task 282: [ 16.477140] kasan_save_stack+0x45/0x70 [ 16.477401] kasan_save_track+0x18/0x40 [ 16.477616] kasan_save_alloc_info+0x3b/0x50 [ 16.478038] __kasan_kmalloc+0xb7/0xc0 [ 16.478231] __kmalloc_cache_noprof+0x189/0x420 [ 16.478473] kasan_atomics+0x95/0x310 [ 16.478661] kunit_try_run_case+0x1a5/0x480 [ 16.478875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.479135] kthread+0x337/0x6f0 [ 16.479317] ret_from_fork+0x116/0x1d0 [ 16.479468] ret_from_fork_asm+0x1a/0x30 [ 16.479665] [ 16.479759] The buggy address belongs to the object at ffff888102ac2380 [ 16.479759] which belongs to the cache kmalloc-64 of size 64 [ 16.480618] The buggy address is located 0 bytes to the right of [ 16.480618] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.481175] [ 16.481301] The buggy address belongs to the physical page: [ 16.481556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.481903] flags: 0x200000000000000(node=0|zone=2) [ 16.482075] page_type: f5(slab) [ 16.482197] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.482562] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.482950] page dumped because: kasan: bad access detected [ 16.483226] [ 16.483337] Memory state around the buggy address: [ 16.483573] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.483827] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.484105] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.484500] ^ [ 16.484728] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.484978] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.485210] ================================================================== [ 15.351768] ================================================================== [ 15.352177] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.352549] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.352887] [ 15.353358] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.353411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.353436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.353458] Call Trace: [ 15.353477] <TASK> [ 15.353496] dump_stack_lvl+0x73/0xb0 [ 15.353539] print_report+0xd1/0x650 [ 15.353563] ? __virt_addr_valid+0x1db/0x2d0 [ 15.353598] ? kasan_atomics_helper+0x565/0x5450 [ 15.353622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.353647] ? kasan_atomics_helper+0x565/0x5450 [ 15.353680] kasan_report+0x141/0x180 [ 15.353703] ? kasan_atomics_helper+0x565/0x5450 [ 15.353740] kasan_check_range+0x10c/0x1c0 [ 15.353765] __kasan_check_write+0x18/0x20 [ 15.353787] kasan_atomics_helper+0x565/0x5450 [ 15.353820] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.353844] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.353871] ? kasan_atomics+0x152/0x310 [ 15.353910] kasan_atomics+0x1dc/0x310 [ 15.353954] ? __pfx_kasan_atomics+0x10/0x10 [ 15.353991] ? __pfx_read_tsc+0x10/0x10 [ 15.354015] ? ktime_get_ts64+0x86/0x230 [ 15.354041] kunit_try_run_case+0x1a5/0x480 [ 15.354078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.354126] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.354165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.354190] ? __kthread_parkme+0x82/0x180 [ 15.354213] ? preempt_count_sub+0x50/0x80 [ 15.354296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.354333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.354360] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.354416] kthread+0x337/0x6f0 [ 15.354436] ? trace_preempt_on+0x20/0xc0 [ 15.354461] ? __pfx_kthread+0x10/0x10 [ 15.354494] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.354518] ? calculate_sigpending+0x7b/0xa0 [ 15.354544] ? __pfx_kthread+0x10/0x10 [ 15.354566] ret_from_fork+0x116/0x1d0 [ 15.354586] ? __pfx_kthread+0x10/0x10 [ 15.354608] ret_from_fork_asm+0x1a/0x30 [ 15.354640] </TASK> [ 15.354651] [ 15.362380] Allocated by task 282: [ 15.362610] kasan_save_stack+0x45/0x70 [ 15.362847] kasan_save_track+0x18/0x40 [ 15.363050] kasan_save_alloc_info+0x3b/0x50 [ 15.363418] __kasan_kmalloc+0xb7/0xc0 [ 15.363678] __kmalloc_cache_noprof+0x189/0x420 [ 15.363954] kasan_atomics+0x95/0x310 [ 15.364159] kunit_try_run_case+0x1a5/0x480 [ 15.364436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.364616] kthread+0x337/0x6f0 [ 15.364737] ret_from_fork+0x116/0x1d0 [ 15.364918] ret_from_fork_asm+0x1a/0x30 [ 15.365161] [ 15.365295] The buggy address belongs to the object at ffff888102ac2380 [ 15.365295] which belongs to the cache kmalloc-64 of size 64 [ 15.365860] The buggy address is located 0 bytes to the right of [ 15.365860] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.366389] [ 15.366465] The buggy address belongs to the physical page: [ 15.366643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.366996] flags: 0x200000000000000(node=0|zone=2) [ 15.367311] page_type: f5(slab) [ 15.367487] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.367892] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.368377] page dumped because: kasan: bad access detected [ 15.368549] [ 15.368618] Memory state around the buggy address: [ 15.368773] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.369103] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.369490] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.369920] ^ [ 15.370198] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.370534] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.370755] ================================================================== [ 16.396394] ================================================================== [ 16.396743] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.397069] Read of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.397486] [ 16.397604] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.397649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.397662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.397683] Call Trace: [ 16.397703] <TASK> [ 16.397720] dump_stack_lvl+0x73/0xb0 [ 16.397753] print_report+0xd1/0x650 [ 16.397801] ? __virt_addr_valid+0x1db/0x2d0 [ 16.397826] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.397849] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.397873] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.397896] kasan_report+0x141/0x180 [ 16.397919] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.397959] __asan_report_load8_noabort+0x18/0x20 [ 16.398006] kasan_atomics_helper+0x4f98/0x5450 [ 16.398029] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.398053] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.398080] ? kasan_atomics+0x152/0x310 [ 16.398107] kasan_atomics+0x1dc/0x310 [ 16.398130] ? __pfx_kasan_atomics+0x10/0x10 [ 16.398171] ? __pfx_read_tsc+0x10/0x10 [ 16.398194] ? ktime_get_ts64+0x86/0x230 [ 16.398219] kunit_try_run_case+0x1a5/0x480 [ 16.398245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.398276] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.398301] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.398326] ? __kthread_parkme+0x82/0x180 [ 16.398348] ? preempt_count_sub+0x50/0x80 [ 16.398404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.398430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.398456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.398482] kthread+0x337/0x6f0 [ 16.398501] ? trace_preempt_on+0x20/0xc0 [ 16.398526] ? __pfx_kthread+0x10/0x10 [ 16.398548] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.398571] ? calculate_sigpending+0x7b/0xa0 [ 16.398596] ? __pfx_kthread+0x10/0x10 [ 16.398618] ret_from_fork+0x116/0x1d0 [ 16.398638] ? __pfx_kthread+0x10/0x10 [ 16.398659] ret_from_fork_asm+0x1a/0x30 [ 16.398691] </TASK> [ 16.398703] [ 16.405814] Allocated by task 282: [ 16.405990] kasan_save_stack+0x45/0x70 [ 16.406133] kasan_save_track+0x18/0x40 [ 16.406293] kasan_save_alloc_info+0x3b/0x50 [ 16.406526] __kasan_kmalloc+0xb7/0xc0 [ 16.406720] __kmalloc_cache_noprof+0x189/0x420 [ 16.406951] kasan_atomics+0x95/0x310 [ 16.407140] kunit_try_run_case+0x1a5/0x480 [ 16.407375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.407572] kthread+0x337/0x6f0 [ 16.407693] ret_from_fork+0x116/0x1d0 [ 16.407824] ret_from_fork_asm+0x1a/0x30 [ 16.407971] [ 16.408069] The buggy address belongs to the object at ffff888102ac2380 [ 16.408069] which belongs to the cache kmalloc-64 of size 64 [ 16.408614] The buggy address is located 0 bytes to the right of [ 16.408614] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.409086] [ 16.409159] The buggy address belongs to the physical page: [ 16.409354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.409643] flags: 0x200000000000000(node=0|zone=2) [ 16.409900] page_type: f5(slab) [ 16.410099] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.410486] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.410834] page dumped because: kasan: bad access detected [ 16.411093] [ 16.411178] Memory state around the buggy address: [ 16.411357] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.411601] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.411914] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.412280] ^ [ 16.412453] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.412668] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.412931] ================================================================== [ 16.343066] ================================================================== [ 16.343458] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.343783] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.344228] [ 16.344373] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.344420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.344454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.344476] Call Trace: [ 16.344496] <TASK> [ 16.344517] dump_stack_lvl+0x73/0xb0 [ 16.344551] print_report+0xd1/0x650 [ 16.344575] ? __virt_addr_valid+0x1db/0x2d0 [ 16.344619] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.344643] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.344668] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.344691] kasan_report+0x141/0x180 [ 16.344714] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.344742] kasan_check_range+0x10c/0x1c0 [ 16.344766] __kasan_check_write+0x18/0x20 [ 16.344786] kasan_atomics_helper+0x1f43/0x5450 [ 16.344810] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.344850] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.344877] ? kasan_atomics+0x152/0x310 [ 16.344905] kasan_atomics+0x1dc/0x310 [ 16.344927] ? __pfx_kasan_atomics+0x10/0x10 [ 16.344965] ? __pfx_read_tsc+0x10/0x10 [ 16.344988] ? ktime_get_ts64+0x86/0x230 [ 16.345014] kunit_try_run_case+0x1a5/0x480 [ 16.345057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.345081] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.345108] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.345134] ? __kthread_parkme+0x82/0x180 [ 16.345158] ? preempt_count_sub+0x50/0x80 [ 16.345184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.345230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.345276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.345304] kthread+0x337/0x6f0 [ 16.345324] ? trace_preempt_on+0x20/0xc0 [ 16.345349] ? __pfx_kthread+0x10/0x10 [ 16.345370] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.345413] ? calculate_sigpending+0x7b/0xa0 [ 16.345439] ? __pfx_kthread+0x10/0x10 [ 16.345461] ret_from_fork+0x116/0x1d0 [ 16.345480] ? __pfx_kthread+0x10/0x10 [ 16.345503] ret_from_fork_asm+0x1a/0x30 [ 16.345534] </TASK> [ 16.345546] [ 16.352743] Allocated by task 282: [ 16.352959] kasan_save_stack+0x45/0x70 [ 16.353206] kasan_save_track+0x18/0x40 [ 16.353425] kasan_save_alloc_info+0x3b/0x50 [ 16.353641] __kasan_kmalloc+0xb7/0xc0 [ 16.353829] __kmalloc_cache_noprof+0x189/0x420 [ 16.354040] kasan_atomics+0x95/0x310 [ 16.354228] kunit_try_run_case+0x1a5/0x480 [ 16.354441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.354690] kthread+0x337/0x6f0 [ 16.354874] ret_from_fork+0x116/0x1d0 [ 16.355053] ret_from_fork_asm+0x1a/0x30 [ 16.355273] [ 16.355388] The buggy address belongs to the object at ffff888102ac2380 [ 16.355388] which belongs to the cache kmalloc-64 of size 64 [ 16.355866] The buggy address is located 0 bytes to the right of [ 16.355866] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.356241] [ 16.356337] The buggy address belongs to the physical page: [ 16.356639] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.357005] flags: 0x200000000000000(node=0|zone=2) [ 16.357242] page_type: f5(slab) [ 16.357450] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.357786] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.358149] page dumped because: kasan: bad access detected [ 16.358339] [ 16.358409] Memory state around the buggy address: [ 16.358564] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.358830] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.359189] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.359564] ^ [ 16.359821] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360103] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360415] ================================================================== [ 15.544611] ================================================================== [ 15.544863] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.545144] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.545397] [ 15.545489] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.545535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.545548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.545570] Call Trace: [ 15.545583] <TASK> [ 15.545600] dump_stack_lvl+0x73/0xb0 [ 15.545632] print_report+0xd1/0x650 [ 15.545656] ? __virt_addr_valid+0x1db/0x2d0 [ 15.545681] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.545703] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.545728] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.545751] kasan_report+0x141/0x180 [ 15.545774] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.545800] kasan_check_range+0x10c/0x1c0 [ 15.545825] __kasan_check_write+0x18/0x20 [ 15.545845] kasan_atomics_helper+0xb6a/0x5450 [ 15.545868] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.545892] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.545918] ? kasan_atomics+0x152/0x310 [ 15.545957] kasan_atomics+0x1dc/0x310 [ 15.545980] ? __pfx_kasan_atomics+0x10/0x10 [ 15.546006] ? __pfx_read_tsc+0x10/0x10 [ 15.546030] ? ktime_get_ts64+0x86/0x230 [ 15.546056] kunit_try_run_case+0x1a5/0x480 [ 15.546081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.546106] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.546131] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.546157] ? __kthread_parkme+0x82/0x180 [ 15.546179] ? preempt_count_sub+0x50/0x80 [ 15.546205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.546232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.546280] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.546307] kthread+0x337/0x6f0 [ 15.546327] ? trace_preempt_on+0x20/0xc0 [ 15.546352] ? __pfx_kthread+0x10/0x10 [ 15.546374] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.546397] ? calculate_sigpending+0x7b/0xa0 [ 15.546422] ? __pfx_kthread+0x10/0x10 [ 15.546445] ret_from_fork+0x116/0x1d0 [ 15.546463] ? __pfx_kthread+0x10/0x10 [ 15.546486] ret_from_fork_asm+0x1a/0x30 [ 15.546520] </TASK> [ 15.546532] [ 15.553635] Allocated by task 282: [ 15.553835] kasan_save_stack+0x45/0x70 [ 15.554025] kasan_save_track+0x18/0x40 [ 15.554211] kasan_save_alloc_info+0x3b/0x50 [ 15.554385] __kasan_kmalloc+0xb7/0xc0 [ 15.554557] __kmalloc_cache_noprof+0x189/0x420 [ 15.554788] kasan_atomics+0x95/0x310 [ 15.554989] kunit_try_run_case+0x1a5/0x480 [ 15.555205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.555450] kthread+0x337/0x6f0 [ 15.555596] ret_from_fork+0x116/0x1d0 [ 15.555776] ret_from_fork_asm+0x1a/0x30 [ 15.555965] [ 15.556066] The buggy address belongs to the object at ffff888102ac2380 [ 15.556066] which belongs to the cache kmalloc-64 of size 64 [ 15.556553] The buggy address is located 0 bytes to the right of [ 15.556553] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.556984] [ 15.557057] The buggy address belongs to the physical page: [ 15.557230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.557489] flags: 0x200000000000000(node=0|zone=2) [ 15.557653] page_type: f5(slab) [ 15.557774] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.558123] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.558482] page dumped because: kasan: bad access detected [ 15.558734] [ 15.558826] Memory state around the buggy address: [ 15.559056] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.559383] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.559598] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.559807] ^ [ 15.559969] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.560182] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.560476] ================================================================== [ 15.505772] ================================================================== [ 15.506420] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.506956] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.507264] [ 15.507382] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.507434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.507447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.507468] Call Trace: [ 15.507488] <TASK> [ 15.507508] dump_stack_lvl+0x73/0xb0 [ 15.507540] print_report+0xd1/0x650 [ 15.507563] ? __virt_addr_valid+0x1db/0x2d0 [ 15.507587] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.507609] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.507634] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.507657] kasan_report+0x141/0x180 [ 15.507679] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.507707] kasan_check_range+0x10c/0x1c0 [ 15.507731] __kasan_check_write+0x18/0x20 [ 15.507751] kasan_atomics_helper+0xa2b/0x5450 [ 15.507775] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.507798] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.507824] ? kasan_atomics+0x152/0x310 [ 15.507852] kasan_atomics+0x1dc/0x310 [ 15.507875] ? __pfx_kasan_atomics+0x10/0x10 [ 15.507901] ? __pfx_read_tsc+0x10/0x10 [ 15.507923] ? ktime_get_ts64+0x86/0x230 [ 15.507960] kunit_try_run_case+0x1a5/0x480 [ 15.507985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.508010] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.508035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.508060] ? __kthread_parkme+0x82/0x180 [ 15.508082] ? preempt_count_sub+0x50/0x80 [ 15.508107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.508133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.508158] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.508184] kthread+0x337/0x6f0 [ 15.508204] ? trace_preempt_on+0x20/0xc0 [ 15.508228] ? __pfx_kthread+0x10/0x10 [ 15.508249] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.508282] ? calculate_sigpending+0x7b/0xa0 [ 15.508307] ? __pfx_kthread+0x10/0x10 [ 15.508330] ret_from_fork+0x116/0x1d0 [ 15.508350] ? __pfx_kthread+0x10/0x10 [ 15.508371] ret_from_fork_asm+0x1a/0x30 [ 15.508403] </TASK> [ 15.508415] [ 15.515884] Allocated by task 282: [ 15.516071] kasan_save_stack+0x45/0x70 [ 15.516269] kasan_save_track+0x18/0x40 [ 15.516422] kasan_save_alloc_info+0x3b/0x50 [ 15.516571] __kasan_kmalloc+0xb7/0xc0 [ 15.516704] __kmalloc_cache_noprof+0x189/0x420 [ 15.516860] kasan_atomics+0x95/0x310 [ 15.517125] kunit_try_run_case+0x1a5/0x480 [ 15.517422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.517679] kthread+0x337/0x6f0 [ 15.517852] ret_from_fork+0x116/0x1d0 [ 15.518055] ret_from_fork_asm+0x1a/0x30 [ 15.518252] [ 15.518355] The buggy address belongs to the object at ffff888102ac2380 [ 15.518355] which belongs to the cache kmalloc-64 of size 64 [ 15.518846] The buggy address is located 0 bytes to the right of [ 15.518846] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.519338] [ 15.519435] The buggy address belongs to the physical page: [ 15.519666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.520006] flags: 0x200000000000000(node=0|zone=2) [ 15.520201] page_type: f5(slab) [ 15.520389] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.520628] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.520896] page dumped because: kasan: bad access detected [ 15.521171] [ 15.521275] Memory state around the buggy address: [ 15.521506] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.521778] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.522074] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.522369] ^ [ 15.522537] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.522790] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.523126] ================================================================== [ 16.011330] ================================================================== [ 16.011884] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 16.012270] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.012684] [ 16.012775] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.012817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.012830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.012850] Call Trace: [ 16.012869] <TASK> [ 16.012887] dump_stack_lvl+0x73/0xb0 [ 16.012918] print_report+0xd1/0x650 [ 16.012954] ? __virt_addr_valid+0x1db/0x2d0 [ 16.012977] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.013000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.013024] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.013046] kasan_report+0x141/0x180 [ 16.013068] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.013096] kasan_check_range+0x10c/0x1c0 [ 16.013121] __kasan_check_write+0x18/0x20 [ 16.013142] kasan_atomics_helper+0x15b6/0x5450 [ 16.013166] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.013190] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.013217] ? kasan_atomics+0x152/0x310 [ 16.013244] kasan_atomics+0x1dc/0x310 [ 16.013276] ? __pfx_kasan_atomics+0x10/0x10 [ 16.013302] ? __pfx_read_tsc+0x10/0x10 [ 16.013324] ? ktime_get_ts64+0x86/0x230 [ 16.013349] kunit_try_run_case+0x1a5/0x480 [ 16.013375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.013400] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.013427] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.013452] ? __kthread_parkme+0x82/0x180 [ 16.013474] ? preempt_count_sub+0x50/0x80 [ 16.013499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.013525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.013550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.013577] kthread+0x337/0x6f0 [ 16.013596] ? trace_preempt_on+0x20/0xc0 [ 16.013621] ? __pfx_kthread+0x10/0x10 [ 16.013643] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.013666] ? calculate_sigpending+0x7b/0xa0 [ 16.013691] ? __pfx_kthread+0x10/0x10 [ 16.013713] ret_from_fork+0x116/0x1d0 [ 16.013733] ? __pfx_kthread+0x10/0x10 [ 16.013756] ret_from_fork_asm+0x1a/0x30 [ 16.013788] </TASK> [ 16.013800] [ 16.021085] Allocated by task 282: [ 16.021265] kasan_save_stack+0x45/0x70 [ 16.021568] kasan_save_track+0x18/0x40 [ 16.021757] kasan_save_alloc_info+0x3b/0x50 [ 16.021977] __kasan_kmalloc+0xb7/0xc0 [ 16.022162] __kmalloc_cache_noprof+0x189/0x420 [ 16.022529] kasan_atomics+0x95/0x310 [ 16.022715] kunit_try_run_case+0x1a5/0x480 [ 16.022861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.023107] kthread+0x337/0x6f0 [ 16.023287] ret_from_fork+0x116/0x1d0 [ 16.023479] ret_from_fork_asm+0x1a/0x30 [ 16.023656] [ 16.023725] The buggy address belongs to the object at ffff888102ac2380 [ 16.023725] which belongs to the cache kmalloc-64 of size 64 [ 16.024091] The buggy address is located 0 bytes to the right of [ 16.024091] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.024909] [ 16.024999] The buggy address belongs to the physical page: [ 16.025229] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.025589] flags: 0x200000000000000(node=0|zone=2) [ 16.025809] page_type: f5(slab) [ 16.025956] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.026258] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.026583] page dumped because: kasan: bad access detected [ 16.026803] [ 16.026895] Memory state around the buggy address: [ 16.027103] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.027438] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.027725] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.027948] ^ [ 16.028100] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.028350] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.028663] ================================================================== [ 15.524047] ================================================================== [ 15.524685] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.525059] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.525371] [ 15.525462] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.525507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.525520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.525541] Call Trace: [ 15.525560] <TASK> [ 15.525578] dump_stack_lvl+0x73/0xb0 [ 15.525609] print_report+0xd1/0x650 [ 15.525633] ? __virt_addr_valid+0x1db/0x2d0 [ 15.525656] ? kasan_atomics_helper+0xac7/0x5450 [ 15.525679] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.525704] ? kasan_atomics_helper+0xac7/0x5450 [ 15.525726] kasan_report+0x141/0x180 [ 15.525750] ? kasan_atomics_helper+0xac7/0x5450 [ 15.525776] kasan_check_range+0x10c/0x1c0 [ 15.525800] __kasan_check_write+0x18/0x20 [ 15.525821] kasan_atomics_helper+0xac7/0x5450 [ 15.525844] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.525869] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.525895] ? kasan_atomics+0x152/0x310 [ 15.525922] kasan_atomics+0x1dc/0x310 [ 15.525956] ? __pfx_kasan_atomics+0x10/0x10 [ 15.525982] ? __pfx_read_tsc+0x10/0x10 [ 15.526004] ? ktime_get_ts64+0x86/0x230 [ 15.526031] kunit_try_run_case+0x1a5/0x480 [ 15.526056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.526080] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.526106] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.526130] ? __kthread_parkme+0x82/0x180 [ 15.526153] ? preempt_count_sub+0x50/0x80 [ 15.526178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.526203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.526228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.526254] kthread+0x337/0x6f0 [ 15.526275] ? trace_preempt_on+0x20/0xc0 [ 15.526299] ? __pfx_kthread+0x10/0x10 [ 15.526320] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.526343] ? calculate_sigpending+0x7b/0xa0 [ 15.526368] ? __pfx_kthread+0x10/0x10 [ 15.526390] ret_from_fork+0x116/0x1d0 [ 15.526409] ? __pfx_kthread+0x10/0x10 [ 15.526430] ret_from_fork_asm+0x1a/0x30 [ 15.526463] </TASK> [ 15.526475] [ 15.535858] Allocated by task 282: [ 15.536021] kasan_save_stack+0x45/0x70 [ 15.536173] kasan_save_track+0x18/0x40 [ 15.536310] kasan_save_alloc_info+0x3b/0x50 [ 15.536461] __kasan_kmalloc+0xb7/0xc0 [ 15.536593] __kmalloc_cache_noprof+0x189/0x420 [ 15.536758] kasan_atomics+0x95/0x310 [ 15.536892] kunit_try_run_case+0x1a5/0x480 [ 15.537089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.537288] kthread+0x337/0x6f0 [ 15.537412] ret_from_fork+0x116/0x1d0 [ 15.537544] ret_from_fork_asm+0x1a/0x30 [ 15.537773] [ 15.537871] The buggy address belongs to the object at ffff888102ac2380 [ 15.537871] which belongs to the cache kmalloc-64 of size 64 [ 15.539127] The buggy address is located 0 bytes to the right of [ 15.539127] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.539912] [ 15.540044] The buggy address belongs to the physical page: [ 15.540316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.540645] flags: 0x200000000000000(node=0|zone=2) [ 15.540881] page_type: f5(slab) [ 15.541132] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.541394] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.541622] page dumped because: kasan: bad access detected [ 15.541794] [ 15.541865] Memory state around the buggy address: [ 15.542058] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.542301] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.542525] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.542745] ^ [ 15.542966] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.543317] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.543642] ================================================================== [ 16.103459] ================================================================== [ 16.103761] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 16.104137] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.104456] [ 16.104561] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.104605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.104618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.104639] Call Trace: [ 16.104660] <TASK> [ 16.104680] dump_stack_lvl+0x73/0xb0 [ 16.104712] print_report+0xd1/0x650 [ 16.104737] ? __virt_addr_valid+0x1db/0x2d0 [ 16.104761] ? kasan_atomics_helper+0x1818/0x5450 [ 16.104784] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.104807] ? kasan_atomics_helper+0x1818/0x5450 [ 16.104831] kasan_report+0x141/0x180 [ 16.104853] ? kasan_atomics_helper+0x1818/0x5450 [ 16.104880] kasan_check_range+0x10c/0x1c0 [ 16.104905] __kasan_check_write+0x18/0x20 [ 16.104925] kasan_atomics_helper+0x1818/0x5450 [ 16.104960] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.104984] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.105010] ? kasan_atomics+0x152/0x310 [ 16.105037] kasan_atomics+0x1dc/0x310 [ 16.105061] ? __pfx_kasan_atomics+0x10/0x10 [ 16.105087] ? __pfx_read_tsc+0x10/0x10 [ 16.105110] ? ktime_get_ts64+0x86/0x230 [ 16.105135] kunit_try_run_case+0x1a5/0x480 [ 16.105160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.105185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.105210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.105235] ? __kthread_parkme+0x82/0x180 [ 16.105277] ? preempt_count_sub+0x50/0x80 [ 16.105303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.105329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.105355] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.105381] kthread+0x337/0x6f0 [ 16.105402] ? trace_preempt_on+0x20/0xc0 [ 16.105427] ? __pfx_kthread+0x10/0x10 [ 16.105448] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.105470] ? calculate_sigpending+0x7b/0xa0 [ 16.105495] ? __pfx_kthread+0x10/0x10 [ 16.105518] ret_from_fork+0x116/0x1d0 [ 16.105537] ? __pfx_kthread+0x10/0x10 [ 16.105559] ret_from_fork_asm+0x1a/0x30 [ 16.105591] </TASK> [ 16.105602] [ 16.112628] Allocated by task 282: [ 16.112815] kasan_save_stack+0x45/0x70 [ 16.113024] kasan_save_track+0x18/0x40 [ 16.113213] kasan_save_alloc_info+0x3b/0x50 [ 16.113420] __kasan_kmalloc+0xb7/0xc0 [ 16.113561] __kmalloc_cache_noprof+0x189/0x420 [ 16.113717] kasan_atomics+0x95/0x310 [ 16.113880] kunit_try_run_case+0x1a5/0x480 [ 16.114123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.114400] kthread+0x337/0x6f0 [ 16.114573] ret_from_fork+0x116/0x1d0 [ 16.114764] ret_from_fork_asm+0x1a/0x30 [ 16.114978] [ 16.115074] The buggy address belongs to the object at ffff888102ac2380 [ 16.115074] which belongs to the cache kmalloc-64 of size 64 [ 16.115542] The buggy address is located 0 bytes to the right of [ 16.115542] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.115956] [ 16.116029] The buggy address belongs to the physical page: [ 16.116200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.116515] flags: 0x200000000000000(node=0|zone=2) [ 16.116747] page_type: f5(slab) [ 16.116918] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.117278] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.117580] page dumped because: kasan: bad access detected [ 16.117778] [ 16.117846] Memory state around the buggy address: [ 16.118010] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.118249] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.118589] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.118903] ^ [ 16.119140] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.119488] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.119759] ================================================================== [ 16.189012] ================================================================== [ 16.189347] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 16.189653] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.189970] [ 16.190063] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.190106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.190120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.190141] Call Trace: [ 16.190159] <TASK> [ 16.190178] dump_stack_lvl+0x73/0xb0 [ 16.190208] print_report+0xd1/0x650 [ 16.190232] ? __virt_addr_valid+0x1db/0x2d0 [ 16.190277] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.190301] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.190326] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.190349] kasan_report+0x141/0x180 [ 16.190372] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.190399] kasan_check_range+0x10c/0x1c0 [ 16.190424] __kasan_check_write+0x18/0x20 [ 16.190444] kasan_atomics_helper+0x1b22/0x5450 [ 16.190468] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.190492] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.190519] ? kasan_atomics+0x152/0x310 [ 16.190546] kasan_atomics+0x1dc/0x310 [ 16.190569] ? __pfx_kasan_atomics+0x10/0x10 [ 16.190595] ? __pfx_read_tsc+0x10/0x10 [ 16.190617] ? ktime_get_ts64+0x86/0x230 [ 16.190643] kunit_try_run_case+0x1a5/0x480 [ 16.190669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.190692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.190727] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.190752] ? __kthread_parkme+0x82/0x180 [ 16.190774] ? preempt_count_sub+0x50/0x80 [ 16.190799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.190823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.190849] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.190876] kthread+0x337/0x6f0 [ 16.190896] ? trace_preempt_on+0x20/0xc0 [ 16.190921] ? __pfx_kthread+0x10/0x10 [ 16.190953] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.190975] ? calculate_sigpending+0x7b/0xa0 [ 16.191001] ? __pfx_kthread+0x10/0x10 [ 16.191023] ret_from_fork+0x116/0x1d0 [ 16.191042] ? __pfx_kthread+0x10/0x10 [ 16.191063] ret_from_fork_asm+0x1a/0x30 [ 16.191095] </TASK> [ 16.191107] [ 16.198179] Allocated by task 282: [ 16.198382] kasan_save_stack+0x45/0x70 [ 16.198543] kasan_save_track+0x18/0x40 [ 16.198677] kasan_save_alloc_info+0x3b/0x50 [ 16.198829] __kasan_kmalloc+0xb7/0xc0 [ 16.198972] __kmalloc_cache_noprof+0x189/0x420 [ 16.199129] kasan_atomics+0x95/0x310 [ 16.199279] kunit_try_run_case+0x1a5/0x480 [ 16.199489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.199740] kthread+0x337/0x6f0 [ 16.199908] ret_from_fork+0x116/0x1d0 [ 16.200118] ret_from_fork_asm+0x1a/0x30 [ 16.200344] [ 16.200443] The buggy address belongs to the object at ffff888102ac2380 [ 16.200443] which belongs to the cache kmalloc-64 of size 64 [ 16.200996] The buggy address is located 0 bytes to the right of [ 16.200996] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.201566] [ 16.201647] The buggy address belongs to the physical page: [ 16.201865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.202159] flags: 0x200000000000000(node=0|zone=2) [ 16.202366] page_type: f5(slab) [ 16.202538] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.202887] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.203238] page dumped because: kasan: bad access detected [ 16.203457] [ 16.203537] Memory state around the buggy address: [ 16.203761] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.204069] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.204327] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.204539] ^ [ 16.204693] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.204911] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.205232] ================================================================== [ 15.706444] ================================================================== [ 15.706909] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.707279] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.707569] [ 15.707659] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.707703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.707716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.707737] Call Trace: [ 15.707757] <TASK> [ 15.707777] dump_stack_lvl+0x73/0xb0 [ 15.707808] print_report+0xd1/0x650 [ 15.707832] ? __virt_addr_valid+0x1db/0x2d0 [ 15.707855] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.707878] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.707902] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.707924] kasan_report+0x141/0x180 [ 15.707959] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.707986] kasan_check_range+0x10c/0x1c0 [ 15.708010] __kasan_check_write+0x18/0x20 [ 15.708040] kasan_atomics_helper+0xfa9/0x5450 [ 15.708065] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.708088] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.708134] ? kasan_atomics+0x152/0x310 [ 15.708161] kasan_atomics+0x1dc/0x310 [ 15.708185] ? __pfx_kasan_atomics+0x10/0x10 [ 15.708221] ? __pfx_read_tsc+0x10/0x10 [ 15.708245] ? ktime_get_ts64+0x86/0x230 [ 15.708288] kunit_try_run_case+0x1a5/0x480 [ 15.708314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.708349] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.708375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.708400] ? __kthread_parkme+0x82/0x180 [ 15.708421] ? preempt_count_sub+0x50/0x80 [ 15.708447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.708472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.708498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.708524] kthread+0x337/0x6f0 [ 15.708543] ? trace_preempt_on+0x20/0xc0 [ 15.708568] ? __pfx_kthread+0x10/0x10 [ 15.708599] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.708622] ? calculate_sigpending+0x7b/0xa0 [ 15.708647] ? __pfx_kthread+0x10/0x10 [ 15.708680] ret_from_fork+0x116/0x1d0 [ 15.708699] ? __pfx_kthread+0x10/0x10 [ 15.708721] ret_from_fork_asm+0x1a/0x30 [ 15.708753] </TASK> [ 15.708765] [ 15.716563] Allocated by task 282: [ 15.716753] kasan_save_stack+0x45/0x70 [ 15.716969] kasan_save_track+0x18/0x40 [ 15.717161] kasan_save_alloc_info+0x3b/0x50 [ 15.717389] __kasan_kmalloc+0xb7/0xc0 [ 15.717577] __kmalloc_cache_noprof+0x189/0x420 [ 15.717736] kasan_atomics+0x95/0x310 [ 15.717870] kunit_try_run_case+0x1a5/0x480 [ 15.718029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.718296] kthread+0x337/0x6f0 [ 15.718464] ret_from_fork+0x116/0x1d0 [ 15.718650] ret_from_fork_asm+0x1a/0x30 [ 15.718854] [ 15.719029] The buggy address belongs to the object at ffff888102ac2380 [ 15.719029] which belongs to the cache kmalloc-64 of size 64 [ 15.719578] The buggy address is located 0 bytes to the right of [ 15.719578] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.719953] [ 15.720050] The buggy address belongs to the physical page: [ 15.720301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.720685] flags: 0x200000000000000(node=0|zone=2) [ 15.721051] page_type: f5(slab) [ 15.721173] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.721752] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.722094] page dumped because: kasan: bad access detected [ 15.722384] [ 15.722460] Memory state around the buggy address: [ 15.722661] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.722922] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.723283] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.723591] ^ [ 15.723796] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.724113] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.724429] ================================================================== [ 16.205888] ================================================================== [ 16.206292] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.206577] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.206805] [ 16.206893] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.206945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.206958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.206980] Call Trace: [ 16.206999] <TASK> [ 16.207017] dump_stack_lvl+0x73/0xb0 [ 16.207048] print_report+0xd1/0x650 [ 16.207071] ? __virt_addr_valid+0x1db/0x2d0 [ 16.207095] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.207118] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.207143] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.207166] kasan_report+0x141/0x180 [ 16.207189] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.207217] kasan_check_range+0x10c/0x1c0 [ 16.207241] __kasan_check_write+0x18/0x20 [ 16.207282] kasan_atomics_helper+0x1c18/0x5450 [ 16.207308] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.207332] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.207359] ? kasan_atomics+0x152/0x310 [ 16.207386] kasan_atomics+0x1dc/0x310 [ 16.207409] ? __pfx_kasan_atomics+0x10/0x10 [ 16.207435] ? __pfx_read_tsc+0x10/0x10 [ 16.207457] ? ktime_get_ts64+0x86/0x230 [ 16.207482] kunit_try_run_case+0x1a5/0x480 [ 16.207508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.207531] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.207557] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.207582] ? __kthread_parkme+0x82/0x180 [ 16.207604] ? preempt_count_sub+0x50/0x80 [ 16.207629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.207654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.207682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.207708] kthread+0x337/0x6f0 [ 16.207727] ? trace_preempt_on+0x20/0xc0 [ 16.207752] ? __pfx_kthread+0x10/0x10 [ 16.207773] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.207796] ? calculate_sigpending+0x7b/0xa0 [ 16.207821] ? __pfx_kthread+0x10/0x10 [ 16.207843] ret_from_fork+0x116/0x1d0 [ 16.207862] ? __pfx_kthread+0x10/0x10 [ 16.207883] ret_from_fork_asm+0x1a/0x30 [ 16.207915] </TASK> [ 16.207926] [ 16.215050] Allocated by task 282: [ 16.215234] kasan_save_stack+0x45/0x70 [ 16.215454] kasan_save_track+0x18/0x40 [ 16.215652] kasan_save_alloc_info+0x3b/0x50 [ 16.215869] __kasan_kmalloc+0xb7/0xc0 [ 16.216068] __kmalloc_cache_noprof+0x189/0x420 [ 16.216317] kasan_atomics+0x95/0x310 [ 16.216507] kunit_try_run_case+0x1a5/0x480 [ 16.216719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.216960] kthread+0x337/0x6f0 [ 16.217082] ret_from_fork+0x116/0x1d0 [ 16.217293] ret_from_fork_asm+0x1a/0x30 [ 16.217501] [ 16.217599] The buggy address belongs to the object at ffff888102ac2380 [ 16.217599] which belongs to the cache kmalloc-64 of size 64 [ 16.218087] The buggy address is located 0 bytes to the right of [ 16.218087] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.218556] [ 16.218656] The buggy address belongs to the physical page: [ 16.218904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.219152] flags: 0x200000000000000(node=0|zone=2) [ 16.219339] page_type: f5(slab) [ 16.219463] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.219691] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.219963] page dumped because: kasan: bad access detected [ 16.220209] [ 16.220328] Memory state around the buggy address: [ 16.220551] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.220864] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.221187] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.221528] ^ [ 16.221752] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.222074] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.222401] ================================================================== [ 15.487259] ================================================================== [ 15.488001] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.488251] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.488478] [ 15.488565] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.488608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.488621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.488651] Call Trace: [ 15.488669] <TASK> [ 15.488686] dump_stack_lvl+0x73/0xb0 [ 15.488716] print_report+0xd1/0x650 [ 15.488740] ? __virt_addr_valid+0x1db/0x2d0 [ 15.488764] ? kasan_atomics_helper+0x992/0x5450 [ 15.488787] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.488812] ? kasan_atomics_helper+0x992/0x5450 [ 15.488835] kasan_report+0x141/0x180 [ 15.488857] ? kasan_atomics_helper+0x992/0x5450 [ 15.488885] kasan_check_range+0x10c/0x1c0 [ 15.488909] __kasan_check_write+0x18/0x20 [ 15.488930] kasan_atomics_helper+0x992/0x5450 [ 15.488965] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.488989] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.489016] ? kasan_atomics+0x152/0x310 [ 15.489043] kasan_atomics+0x1dc/0x310 [ 15.489067] ? __pfx_kasan_atomics+0x10/0x10 [ 15.489093] ? __pfx_read_tsc+0x10/0x10 [ 15.489115] ? ktime_get_ts64+0x86/0x230 [ 15.489140] kunit_try_run_case+0x1a5/0x480 [ 15.489165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.489188] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.489214] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.489240] ? __kthread_parkme+0x82/0x180 [ 15.489264] ? preempt_count_sub+0x50/0x80 [ 15.489291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.489317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.489342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.489369] kthread+0x337/0x6f0 [ 15.489389] ? trace_preempt_on+0x20/0xc0 [ 15.489414] ? __pfx_kthread+0x10/0x10 [ 15.489435] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.489458] ? calculate_sigpending+0x7b/0xa0 [ 15.489484] ? __pfx_kthread+0x10/0x10 [ 15.489508] ret_from_fork+0x116/0x1d0 [ 15.489527] ? __pfx_kthread+0x10/0x10 [ 15.489549] ret_from_fork_asm+0x1a/0x30 [ 15.489581] </TASK> [ 15.489592] [ 15.497439] Allocated by task 282: [ 15.497588] kasan_save_stack+0x45/0x70 [ 15.497740] kasan_save_track+0x18/0x40 [ 15.497874] kasan_save_alloc_info+0x3b/0x50 [ 15.498035] __kasan_kmalloc+0xb7/0xc0 [ 15.498214] __kmalloc_cache_noprof+0x189/0x420 [ 15.498575] kasan_atomics+0x95/0x310 [ 15.498770] kunit_try_run_case+0x1a5/0x480 [ 15.498985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.499240] kthread+0x337/0x6f0 [ 15.499419] ret_from_fork+0x116/0x1d0 [ 15.499606] ret_from_fork_asm+0x1a/0x30 [ 15.499800] [ 15.499894] The buggy address belongs to the object at ffff888102ac2380 [ 15.499894] which belongs to the cache kmalloc-64 of size 64 [ 15.500439] The buggy address is located 0 bytes to the right of [ 15.500439] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.500851] [ 15.500924] The buggy address belongs to the physical page: [ 15.501105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.501552] flags: 0x200000000000000(node=0|zone=2) [ 15.501793] page_type: f5(slab) [ 15.501976] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.502355] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.502585] page dumped because: kasan: bad access detected [ 15.502761] [ 15.502860] Memory state around the buggy address: [ 15.503094] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.503414] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.503770] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.503989] ^ [ 15.504142] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.504595] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.504911] ================================================================== [ 15.276339] ================================================================== [ 15.276718] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 15.278205] Read of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.278458] [ 15.278557] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.278603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.278616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.278639] Call Trace: [ 15.278652] <TASK> [ 15.278672] dump_stack_lvl+0x73/0xb0 [ 15.278709] print_report+0xd1/0x650 [ 15.278733] ? __virt_addr_valid+0x1db/0x2d0 [ 15.278758] ? kasan_atomics_helper+0x3df/0x5450 [ 15.278782] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.278807] ? kasan_atomics_helper+0x3df/0x5450 [ 15.278830] kasan_report+0x141/0x180 [ 15.278853] ? kasan_atomics_helper+0x3df/0x5450 [ 15.278879] kasan_check_range+0x10c/0x1c0 [ 15.278904] __kasan_check_read+0x15/0x20 [ 15.278924] kasan_atomics_helper+0x3df/0x5450 [ 15.278964] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.278988] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.279015] ? kasan_atomics+0x152/0x310 [ 15.279041] kasan_atomics+0x1dc/0x310 [ 15.279065] ? __pfx_kasan_atomics+0x10/0x10 [ 15.279089] ? __pfx_read_tsc+0x10/0x10 [ 15.279112] ? ktime_get_ts64+0x86/0x230 [ 15.279137] kunit_try_run_case+0x1a5/0x480 [ 15.279163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.279187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.279213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.279237] ? __kthread_parkme+0x82/0x180 [ 15.279259] ? preempt_count_sub+0x50/0x80 [ 15.279284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.279309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.279334] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.279360] kthread+0x337/0x6f0 [ 15.279380] ? trace_preempt_on+0x20/0xc0 [ 15.279405] ? __pfx_kthread+0x10/0x10 [ 15.279427] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.279450] ? calculate_sigpending+0x7b/0xa0 [ 15.279475] ? __pfx_kthread+0x10/0x10 [ 15.279497] ret_from_fork+0x116/0x1d0 [ 15.279795] ? __pfx_kthread+0x10/0x10 [ 15.279829] ret_from_fork_asm+0x1a/0x30 [ 15.279863] </TASK> [ 15.279877] [ 15.288871] Allocated by task 282: [ 15.289081] kasan_save_stack+0x45/0x70 [ 15.289297] kasan_save_track+0x18/0x40 [ 15.289438] kasan_save_alloc_info+0x3b/0x50 [ 15.289588] __kasan_kmalloc+0xb7/0xc0 [ 15.289734] __kmalloc_cache_noprof+0x189/0x420 [ 15.289966] kasan_atomics+0x95/0x310 [ 15.290160] kunit_try_run_case+0x1a5/0x480 [ 15.290395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.290646] kthread+0x337/0x6f0 [ 15.290817] ret_from_fork+0x116/0x1d0 [ 15.291018] ret_from_fork_asm+0x1a/0x30 [ 15.291163] [ 15.291235] The buggy address belongs to the object at ffff888102ac2380 [ 15.291235] which belongs to the cache kmalloc-64 of size 64 [ 15.291719] The buggy address is located 0 bytes to the right of [ 15.291719] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.292301] [ 15.292402] The buggy address belongs to the physical page: [ 15.292623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.292923] flags: 0x200000000000000(node=0|zone=2) [ 15.293161] page_type: f5(slab) [ 15.293332] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.293629] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.293948] page dumped because: kasan: bad access detected [ 15.294168] [ 15.294247] Memory state around the buggy address: [ 15.294452] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.294739] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.295057] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.295367] ^ [ 15.295588] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.295850] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.296150] ================================================================== [ 15.231782] ================================================================== [ 15.232493] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 15.232771] Read of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.233207] [ 15.233326] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.233370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.233381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.233402] Call Trace: [ 15.233414] <TASK> [ 15.233430] dump_stack_lvl+0x73/0xb0 [ 15.233462] print_report+0xd1/0x650 [ 15.233483] ? __virt_addr_valid+0x1db/0x2d0 [ 15.233506] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.233528] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.233551] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.233573] kasan_report+0x141/0x180 [ 15.233594] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.233620] __asan_report_load4_noabort+0x18/0x20 [ 15.233645] kasan_atomics_helper+0x4b88/0x5450 [ 15.233667] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.233689] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.233715] ? kasan_atomics+0x152/0x310 [ 15.233740] kasan_atomics+0x1dc/0x310 [ 15.233763] ? __pfx_kasan_atomics+0x10/0x10 [ 15.233787] ? __pfx_read_tsc+0x10/0x10 [ 15.233808] ? ktime_get_ts64+0x86/0x230 [ 15.233833] kunit_try_run_case+0x1a5/0x480 [ 15.233856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.233880] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.233904] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.233927] ? __kthread_parkme+0x82/0x180 [ 15.234005] ? preempt_count_sub+0x50/0x80 [ 15.234032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.234057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.234082] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.234107] kthread+0x337/0x6f0 [ 15.234126] ? trace_preempt_on+0x20/0xc0 [ 15.234150] ? __pfx_kthread+0x10/0x10 [ 15.234171] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.234193] ? calculate_sigpending+0x7b/0xa0 [ 15.234217] ? __pfx_kthread+0x10/0x10 [ 15.234238] ret_from_fork+0x116/0x1d0 [ 15.234256] ? __pfx_kthread+0x10/0x10 [ 15.234286] ret_from_fork_asm+0x1a/0x30 [ 15.234318] </TASK> [ 15.234327] [ 15.242284] Allocated by task 282: [ 15.242433] kasan_save_stack+0x45/0x70 [ 15.242581] kasan_save_track+0x18/0x40 [ 15.242718] kasan_save_alloc_info+0x3b/0x50 [ 15.242863] __kasan_kmalloc+0xb7/0xc0 [ 15.243278] __kmalloc_cache_noprof+0x189/0x420 [ 15.243617] kasan_atomics+0x95/0x310 [ 15.243805] kunit_try_run_case+0x1a5/0x480 [ 15.244022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.244750] kthread+0x337/0x6f0 [ 15.245158] ret_from_fork+0x116/0x1d0 [ 15.245370] ret_from_fork_asm+0x1a/0x30 [ 15.245567] [ 15.245643] The buggy address belongs to the object at ffff888102ac2380 [ 15.245643] which belongs to the cache kmalloc-64 of size 64 [ 15.246387] The buggy address is located 0 bytes to the right of [ 15.246387] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.246877] [ 15.247035] The buggy address belongs to the physical page: [ 15.247230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.247605] flags: 0x200000000000000(node=0|zone=2) [ 15.247797] page_type: f5(slab) [ 15.248030] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.248367] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.248671] page dumped because: kasan: bad access detected [ 15.248881] [ 15.249203] Memory state around the buggy address: [ 15.249449] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.249726] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.250016] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.250229] ^ [ 15.250614] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.251060] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.251285] ================================================================== [ 16.486134] ================================================================== [ 16.486558] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.486901] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.487310] [ 16.487431] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.487510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.487523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.487544] Call Trace: [ 16.487564] <TASK> [ 16.487583] dump_stack_lvl+0x73/0xb0 [ 16.487648] print_report+0xd1/0x650 [ 16.487673] ? __virt_addr_valid+0x1db/0x2d0 [ 16.487696] ? kasan_atomics_helper+0x224c/0x5450 [ 16.487733] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.487758] ? kasan_atomics_helper+0x224c/0x5450 [ 16.487781] kasan_report+0x141/0x180 [ 16.487804] ? kasan_atomics_helper+0x224c/0x5450 [ 16.487852] kasan_check_range+0x10c/0x1c0 [ 16.487877] __kasan_check_write+0x18/0x20 [ 16.487899] kasan_atomics_helper+0x224c/0x5450 [ 16.487923] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.487969] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.488031] ? kasan_atomics+0x152/0x310 [ 16.488058] kasan_atomics+0x1dc/0x310 [ 16.488082] ? __pfx_kasan_atomics+0x10/0x10 [ 16.488107] ? __pfx_read_tsc+0x10/0x10 [ 16.488129] ? ktime_get_ts64+0x86/0x230 [ 16.488154] kunit_try_run_case+0x1a5/0x480 [ 16.488210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.488235] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.488279] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.488305] ? __kthread_parkme+0x82/0x180 [ 16.488357] ? preempt_count_sub+0x50/0x80 [ 16.488384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.488409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.488434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.488461] kthread+0x337/0x6f0 [ 16.488511] ? trace_preempt_on+0x20/0xc0 [ 16.488537] ? __pfx_kthread+0x10/0x10 [ 16.488559] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.488581] ? calculate_sigpending+0x7b/0xa0 [ 16.488606] ? __pfx_kthread+0x10/0x10 [ 16.488628] ret_from_fork+0x116/0x1d0 [ 16.488648] ? __pfx_kthread+0x10/0x10 [ 16.488669] ret_from_fork_asm+0x1a/0x30 [ 16.488701] </TASK> [ 16.488712] [ 16.496748] Allocated by task 282: [ 16.496915] kasan_save_stack+0x45/0x70 [ 16.497163] kasan_save_track+0x18/0x40 [ 16.497391] kasan_save_alloc_info+0x3b/0x50 [ 16.497609] __kasan_kmalloc+0xb7/0xc0 [ 16.497752] __kmalloc_cache_noprof+0x189/0x420 [ 16.498057] kasan_atomics+0x95/0x310 [ 16.498316] kunit_try_run_case+0x1a5/0x480 [ 16.498539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.498768] kthread+0x337/0x6f0 [ 16.499006] ret_from_fork+0x116/0x1d0 [ 16.499180] ret_from_fork_asm+0x1a/0x30 [ 16.499419] [ 16.499495] The buggy address belongs to the object at ffff888102ac2380 [ 16.499495] which belongs to the cache kmalloc-64 of size 64 [ 16.500280] The buggy address is located 0 bytes to the right of [ 16.500280] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.500716] [ 16.500818] The buggy address belongs to the physical page: [ 16.501111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.501491] flags: 0x200000000000000(node=0|zone=2) [ 16.501726] page_type: f5(slab) [ 16.501888] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.502199] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.502449] page dumped because: kasan: bad access detected [ 16.502703] [ 16.502804] Memory state around the buggy address: [ 16.503074] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.503448] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.503757] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.504094] ^ [ 16.504351] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.504678] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.505001] ================================================================== [ 16.240054] ================================================================== [ 16.240438] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.240783] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.241132] [ 16.241224] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.241286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.241300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.241321] Call Trace: [ 16.241340] <TASK> [ 16.241358] dump_stack_lvl+0x73/0xb0 [ 16.241388] print_report+0xd1/0x650 [ 16.241413] ? __virt_addr_valid+0x1db/0x2d0 [ 16.241438] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.241461] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.241486] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.241509] kasan_report+0x141/0x180 [ 16.241532] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.241560] kasan_check_range+0x10c/0x1c0 [ 16.241585] __kasan_check_write+0x18/0x20 [ 16.241606] kasan_atomics_helper+0x1ce1/0x5450 [ 16.241630] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.241654] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.241681] ? kasan_atomics+0x152/0x310 [ 16.241708] kasan_atomics+0x1dc/0x310 [ 16.241731] ? __pfx_kasan_atomics+0x10/0x10 [ 16.241757] ? __pfx_read_tsc+0x10/0x10 [ 16.241779] ? ktime_get_ts64+0x86/0x230 [ 16.241804] kunit_try_run_case+0x1a5/0x480 [ 16.241829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.241854] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.241879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.241904] ? __kthread_parkme+0x82/0x180 [ 16.241926] ? preempt_count_sub+0x50/0x80 [ 16.241962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.241986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.242012] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.242039] kthread+0x337/0x6f0 [ 16.242058] ? trace_preempt_on+0x20/0xc0 [ 16.242082] ? __pfx_kthread+0x10/0x10 [ 16.242103] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.242126] ? calculate_sigpending+0x7b/0xa0 [ 16.242151] ? __pfx_kthread+0x10/0x10 [ 16.242174] ret_from_fork+0x116/0x1d0 [ 16.242192] ? __pfx_kthread+0x10/0x10 [ 16.242213] ret_from_fork_asm+0x1a/0x30 [ 16.242246] </TASK> [ 16.242275] [ 16.252705] Allocated by task 282: [ 16.253267] kasan_save_stack+0x45/0x70 [ 16.253851] kasan_save_track+0x18/0x40 [ 16.254421] kasan_save_alloc_info+0x3b/0x50 [ 16.255035] __kasan_kmalloc+0xb7/0xc0 [ 16.255416] __kmalloc_cache_noprof+0x189/0x420 [ 16.255586] kasan_atomics+0x95/0x310 [ 16.255722] kunit_try_run_case+0x1a5/0x480 [ 16.255871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.256664] kthread+0x337/0x6f0 [ 16.257206] ret_from_fork+0x116/0x1d0 [ 16.257851] ret_from_fork_asm+0x1a/0x30 [ 16.258417] [ 16.258589] The buggy address belongs to the object at ffff888102ac2380 [ 16.258589] which belongs to the cache kmalloc-64 of size 64 [ 16.259755] The buggy address is located 0 bytes to the right of [ 16.259755] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.260335] [ 16.260451] The buggy address belongs to the physical page: [ 16.260676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.261034] flags: 0x200000000000000(node=0|zone=2) [ 16.261284] page_type: f5(slab) [ 16.261452] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.261736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.262623] page dumped because: kasan: bad access detected [ 16.262979] [ 16.263083] Memory state around the buggy address: [ 16.263482] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.263987] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.264402] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.264750] ^ [ 16.265156] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.265603] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.266031] ================================================================== [ 15.668356] ================================================================== [ 15.668695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.668994] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.669310] [ 15.669413] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.669469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.669482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.669503] Call Trace: [ 15.669522] <TASK> [ 15.669542] dump_stack_lvl+0x73/0xb0 [ 15.669585] print_report+0xd1/0x650 [ 15.669611] ? __virt_addr_valid+0x1db/0x2d0 [ 15.669634] ? kasan_atomics_helper+0xe78/0x5450 [ 15.669669] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.669693] ? kasan_atomics_helper+0xe78/0x5450 [ 15.669716] kasan_report+0x141/0x180 [ 15.669738] ? kasan_atomics_helper+0xe78/0x5450 [ 15.669765] kasan_check_range+0x10c/0x1c0 [ 15.669789] __kasan_check_write+0x18/0x20 [ 15.669809] kasan_atomics_helper+0xe78/0x5450 [ 15.669833] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.669865] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.669894] ? kasan_atomics+0x152/0x310 [ 15.669921] kasan_atomics+0x1dc/0x310 [ 15.669961] ? __pfx_kasan_atomics+0x10/0x10 [ 15.669987] ? __pfx_read_tsc+0x10/0x10 [ 15.670009] ? ktime_get_ts64+0x86/0x230 [ 15.670035] kunit_try_run_case+0x1a5/0x480 [ 15.670059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.670083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.670109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.670134] ? __kthread_parkme+0x82/0x180 [ 15.670166] ? preempt_count_sub+0x50/0x80 [ 15.670191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.670227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.670253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.670288] kthread+0x337/0x6f0 [ 15.670308] ? trace_preempt_on+0x20/0xc0 [ 15.670333] ? __pfx_kthread+0x10/0x10 [ 15.670363] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.670386] ? calculate_sigpending+0x7b/0xa0 [ 15.670411] ? __pfx_kthread+0x10/0x10 [ 15.670446] ret_from_fork+0x116/0x1d0 [ 15.670465] ? __pfx_kthread+0x10/0x10 [ 15.670487] ret_from_fork_asm+0x1a/0x30 [ 15.670519] </TASK> [ 15.670530] [ 15.678121] Allocated by task 282: [ 15.678358] kasan_save_stack+0x45/0x70 [ 15.678555] kasan_save_track+0x18/0x40 [ 15.678747] kasan_save_alloc_info+0x3b/0x50 [ 15.678977] __kasan_kmalloc+0xb7/0xc0 [ 15.679111] __kmalloc_cache_noprof+0x189/0x420 [ 15.679290] kasan_atomics+0x95/0x310 [ 15.679480] kunit_try_run_case+0x1a5/0x480 [ 15.679704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.679985] kthread+0x337/0x6f0 [ 15.680111] ret_from_fork+0x116/0x1d0 [ 15.680244] ret_from_fork_asm+0x1a/0x30 [ 15.680383] [ 15.680455] The buggy address belongs to the object at ffff888102ac2380 [ 15.680455] which belongs to the cache kmalloc-64 of size 64 [ 15.681089] The buggy address is located 0 bytes to the right of [ 15.681089] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.681624] [ 15.681696] The buggy address belongs to the physical page: [ 15.681867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.682112] flags: 0x200000000000000(node=0|zone=2) [ 15.682505] page_type: f5(slab) [ 15.682676] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.683051] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.683292] page dumped because: kasan: bad access detected [ 15.683583] [ 15.683690] Memory state around the buggy address: [ 15.683906] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.684130] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.684577] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.684921] ^ [ 15.685144] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.685492] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.685810] ================================================================== [ 16.293506] ================================================================== [ 16.294191] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.294835] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.295490] [ 16.295605] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.295652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.295666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.295688] Call Trace: [ 16.295708] <TASK> [ 16.295727] dump_stack_lvl+0x73/0xb0 [ 16.295761] print_report+0xd1/0x650 [ 16.295911] ? __virt_addr_valid+0x1db/0x2d0 [ 16.295946] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.295971] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.295995] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.296018] kasan_report+0x141/0x180 [ 16.296041] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.296068] kasan_check_range+0x10c/0x1c0 [ 16.296094] __kasan_check_write+0x18/0x20 [ 16.296114] kasan_atomics_helper+0x1e12/0x5450 [ 16.296138] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.296162] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.296188] ? kasan_atomics+0x152/0x310 [ 16.296216] kasan_atomics+0x1dc/0x310 [ 16.296239] ? __pfx_kasan_atomics+0x10/0x10 [ 16.296266] ? __pfx_read_tsc+0x10/0x10 [ 16.296288] ? ktime_get_ts64+0x86/0x230 [ 16.296314] kunit_try_run_case+0x1a5/0x480 [ 16.296339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.296363] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.296389] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.296415] ? __kthread_parkme+0x82/0x180 [ 16.296436] ? preempt_count_sub+0x50/0x80 [ 16.296461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.296487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.296513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.296540] kthread+0x337/0x6f0 [ 16.296560] ? trace_preempt_on+0x20/0xc0 [ 16.296584] ? __pfx_kthread+0x10/0x10 [ 16.296605] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.296627] ? calculate_sigpending+0x7b/0xa0 [ 16.296653] ? __pfx_kthread+0x10/0x10 [ 16.296675] ret_from_fork+0x116/0x1d0 [ 16.296694] ? __pfx_kthread+0x10/0x10 [ 16.296716] ret_from_fork_asm+0x1a/0x30 [ 16.296748] </TASK> [ 16.296760] [ 16.308497] Allocated by task 282: [ 16.308908] kasan_save_stack+0x45/0x70 [ 16.309242] kasan_save_track+0x18/0x40 [ 16.309549] kasan_save_alloc_info+0x3b/0x50 [ 16.309847] __kasan_kmalloc+0xb7/0xc0 [ 16.310125] __kmalloc_cache_noprof+0x189/0x420 [ 16.310451] kasan_atomics+0x95/0x310 [ 16.310742] kunit_try_run_case+0x1a5/0x480 [ 16.310958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.311197] kthread+0x337/0x6f0 [ 16.311600] ret_from_fork+0x116/0x1d0 [ 16.311893] ret_from_fork_asm+0x1a/0x30 [ 16.312202] [ 16.312304] The buggy address belongs to the object at ffff888102ac2380 [ 16.312304] which belongs to the cache kmalloc-64 of size 64 [ 16.313304] The buggy address is located 0 bytes to the right of [ 16.313304] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.313949] [ 16.314198] The buggy address belongs to the physical page: [ 16.314524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.314931] flags: 0x200000000000000(node=0|zone=2) [ 16.315319] page_type: f5(slab) [ 16.315624] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.316077] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.316594] page dumped because: kasan: bad access detected [ 16.316926] [ 16.317038] Memory state around the buggy address: [ 16.317264] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.317770] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.318185] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.318733] ^ [ 16.319058] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.319485] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.319848] ================================================================== [ 15.809341] ================================================================== [ 15.809724] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.810108] Read of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.810629] [ 15.810760] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.810808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.810822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.810844] Call Trace: [ 15.810865] <TASK> [ 15.810885] dump_stack_lvl+0x73/0xb0 [ 15.810920] print_report+0xd1/0x650 [ 15.810955] ? __virt_addr_valid+0x1db/0x2d0 [ 15.810980] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.811004] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.811028] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.811094] kasan_report+0x141/0x180 [ 15.811120] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.811147] __asan_report_load4_noabort+0x18/0x20 [ 15.811223] kasan_atomics_helper+0x4a02/0x5450 [ 15.811248] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.811285] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.811311] ? kasan_atomics+0x152/0x310 [ 15.811339] kasan_atomics+0x1dc/0x310 [ 15.811431] ? __pfx_kasan_atomics+0x10/0x10 [ 15.811481] ? __pfx_read_tsc+0x10/0x10 [ 15.811505] ? ktime_get_ts64+0x86/0x230 [ 15.811530] kunit_try_run_case+0x1a5/0x480 [ 15.811556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.811580] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.811606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.811631] ? __kthread_parkme+0x82/0x180 [ 15.811653] ? preempt_count_sub+0x50/0x80 [ 15.811678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.811703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.811729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.811756] kthread+0x337/0x6f0 [ 15.811775] ? trace_preempt_on+0x20/0xc0 [ 15.811800] ? __pfx_kthread+0x10/0x10 [ 15.811821] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.811844] ? calculate_sigpending+0x7b/0xa0 [ 15.811869] ? __pfx_kthread+0x10/0x10 [ 15.811892] ret_from_fork+0x116/0x1d0 [ 15.811912] ? __pfx_kthread+0x10/0x10 [ 15.811945] ret_from_fork_asm+0x1a/0x30 [ 15.811978] </TASK> [ 15.811990] [ 15.820396] Allocated by task 282: [ 15.820583] kasan_save_stack+0x45/0x70 [ 15.820892] kasan_save_track+0x18/0x40 [ 15.821168] kasan_save_alloc_info+0x3b/0x50 [ 15.821319] __kasan_kmalloc+0xb7/0xc0 [ 15.821447] __kmalloc_cache_noprof+0x189/0x420 [ 15.821792] kasan_atomics+0x95/0x310 [ 15.822205] kunit_try_run_case+0x1a5/0x480 [ 15.822458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.822743] kthread+0x337/0x6f0 [ 15.822901] ret_from_fork+0x116/0x1d0 [ 15.823089] ret_from_fork_asm+0x1a/0x30 [ 15.823288] [ 15.823361] The buggy address belongs to the object at ffff888102ac2380 [ 15.823361] which belongs to the cache kmalloc-64 of size 64 [ 15.823760] The buggy address is located 0 bytes to the right of [ 15.823760] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.824543] [ 15.824645] The buggy address belongs to the physical page: [ 15.824829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.825103] flags: 0x200000000000000(node=0|zone=2) [ 15.825593] page_type: f5(slab) [ 15.825775] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.826189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.826607] page dumped because: kasan: bad access detected [ 15.826943] [ 15.827028] Memory state around the buggy address: [ 15.827319] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.827611] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.827913] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.828181] ^ [ 15.828468] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.828712] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.829038] ================================================================== [ 16.077890] ================================================================== [ 16.078611] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 16.079292] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.079887] [ 16.080080] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.080127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.080140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.080162] Call Trace: [ 16.080184] <TASK> [ 16.080206] dump_stack_lvl+0x73/0xb0 [ 16.080239] print_report+0xd1/0x650 [ 16.080288] ? __virt_addr_valid+0x1db/0x2d0 [ 16.080313] ? kasan_atomics_helper+0x177f/0x5450 [ 16.080336] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.080362] ? kasan_atomics_helper+0x177f/0x5450 [ 16.080385] kasan_report+0x141/0x180 [ 16.080408] ? kasan_atomics_helper+0x177f/0x5450 [ 16.080435] kasan_check_range+0x10c/0x1c0 [ 16.080460] __kasan_check_write+0x18/0x20 [ 16.080480] kasan_atomics_helper+0x177f/0x5450 [ 16.080504] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.080527] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.080554] ? kasan_atomics+0x152/0x310 [ 16.080581] kasan_atomics+0x1dc/0x310 [ 16.080604] ? __pfx_kasan_atomics+0x10/0x10 [ 16.080629] ? __pfx_read_tsc+0x10/0x10 [ 16.080651] ? ktime_get_ts64+0x86/0x230 [ 16.080676] kunit_try_run_case+0x1a5/0x480 [ 16.080702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.080725] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.080752] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.080777] ? __kthread_parkme+0x82/0x180 [ 16.080799] ? preempt_count_sub+0x50/0x80 [ 16.080824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.080850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.080875] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.080903] kthread+0x337/0x6f0 [ 16.080923] ? trace_preempt_on+0x20/0xc0 [ 16.080961] ? __pfx_kthread+0x10/0x10 [ 16.080983] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.081007] ? calculate_sigpending+0x7b/0xa0 [ 16.081034] ? __pfx_kthread+0x10/0x10 [ 16.081059] ret_from_fork+0x116/0x1d0 [ 16.081080] ? __pfx_kthread+0x10/0x10 [ 16.081102] ret_from_fork_asm+0x1a/0x30 [ 16.081134] </TASK> [ 16.081146] [ 16.093431] Allocated by task 282: [ 16.093764] kasan_save_stack+0x45/0x70 [ 16.094131] kasan_save_track+0x18/0x40 [ 16.094498] kasan_save_alloc_info+0x3b/0x50 [ 16.094885] __kasan_kmalloc+0xb7/0xc0 [ 16.095244] __kmalloc_cache_noprof+0x189/0x420 [ 16.095673] kasan_atomics+0x95/0x310 [ 16.096025] kunit_try_run_case+0x1a5/0x480 [ 16.096432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.096902] kthread+0x337/0x6f0 [ 16.097207] ret_from_fork+0x116/0x1d0 [ 16.097579] ret_from_fork_asm+0x1a/0x30 [ 16.097933] [ 16.098100] The buggy address belongs to the object at ffff888102ac2380 [ 16.098100] which belongs to the cache kmalloc-64 of size 64 [ 16.098645] The buggy address is located 0 bytes to the right of [ 16.098645] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.099027] [ 16.099129] The buggy address belongs to the physical page: [ 16.099375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.099670] flags: 0x200000000000000(node=0|zone=2) [ 16.099897] page_type: f5(slab) [ 16.100073] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.100393] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.100628] page dumped because: kasan: bad access detected [ 16.100882] [ 16.100987] Memory state around the buggy address: [ 16.101168] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.101477] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.101764] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.102068] ^ [ 16.102241] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.102518] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.102810] ================================================================== [ 15.253077] ================================================================== [ 15.253467] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 15.253707] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.254079] [ 15.254204] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.254248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.254273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.254295] Call Trace: [ 15.254315] <TASK> [ 15.254334] dump_stack_lvl+0x73/0xb0 [ 15.254367] print_report+0xd1/0x650 [ 15.254391] ? __virt_addr_valid+0x1db/0x2d0 [ 15.254415] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.254438] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.254462] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.254486] kasan_report+0x141/0x180 [ 15.254508] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.254535] __asan_report_store4_noabort+0x1b/0x30 [ 15.254562] kasan_atomics_helper+0x4b6e/0x5450 [ 15.254586] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.254610] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.254636] ? kasan_atomics+0x152/0x310 [ 15.254664] kasan_atomics+0x1dc/0x310 [ 15.254687] ? __pfx_kasan_atomics+0x10/0x10 [ 15.254719] ? __pfx_read_tsc+0x10/0x10 [ 15.254741] ? ktime_get_ts64+0x86/0x230 [ 15.254766] kunit_try_run_case+0x1a5/0x480 [ 15.254791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.254815] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.254841] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.254867] ? __kthread_parkme+0x82/0x180 [ 15.254890] ? preempt_count_sub+0x50/0x80 [ 15.254915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.254998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.255027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.255054] kthread+0x337/0x6f0 [ 15.255074] ? trace_preempt_on+0x20/0xc0 [ 15.255099] ? __pfx_kthread+0x10/0x10 [ 15.255120] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.255144] ? calculate_sigpending+0x7b/0xa0 [ 15.255169] ? __pfx_kthread+0x10/0x10 [ 15.255192] ret_from_fork+0x116/0x1d0 [ 15.255212] ? __pfx_kthread+0x10/0x10 [ 15.255235] ret_from_fork_asm+0x1a/0x30 [ 15.255267] </TASK> [ 15.255280] [ 15.263535] Allocated by task 282: [ 15.263821] kasan_save_stack+0x45/0x70 [ 15.264236] kasan_save_track+0x18/0x40 [ 15.264462] kasan_save_alloc_info+0x3b/0x50 [ 15.264676] __kasan_kmalloc+0xb7/0xc0 [ 15.264848] __kmalloc_cache_noprof+0x189/0x420 [ 15.265017] kasan_atomics+0x95/0x310 [ 15.265151] kunit_try_run_case+0x1a5/0x480 [ 15.265454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.265753] kthread+0x337/0x6f0 [ 15.265925] ret_from_fork+0x116/0x1d0 [ 15.266158] ret_from_fork_asm+0x1a/0x30 [ 15.266327] [ 15.266398] The buggy address belongs to the object at ffff888102ac2380 [ 15.266398] which belongs to the cache kmalloc-64 of size 64 [ 15.266893] The buggy address is located 0 bytes to the right of [ 15.266893] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.267558] [ 15.267660] The buggy address belongs to the physical page: [ 15.267840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.268353] flags: 0x200000000000000(node=0|zone=2) [ 15.268565] page_type: f5(slab) [ 15.268781] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.269146] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.269457] page dumped because: kasan: bad access detected [ 15.269629] [ 15.269722] Memory state around the buggy address: [ 15.269955] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.270273] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.270551] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.270776] ^ [ 15.270942] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.271267] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.271589] ================================================================== [ 16.505799] ================================================================== [ 16.506177] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.506549] Read of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.506882] [ 16.507014] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.507082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.507096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.507151] Call Trace: [ 16.507171] <TASK> [ 16.507191] dump_stack_lvl+0x73/0xb0 [ 16.507225] print_report+0xd1/0x650 [ 16.507279] ? __virt_addr_valid+0x1db/0x2d0 [ 16.507320] ? kasan_atomics_helper+0x5115/0x5450 [ 16.507344] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.507368] ? kasan_atomics_helper+0x5115/0x5450 [ 16.507391] kasan_report+0x141/0x180 [ 16.507449] ? kasan_atomics_helper+0x5115/0x5450 [ 16.507477] __asan_report_load8_noabort+0x18/0x20 [ 16.507503] kasan_atomics_helper+0x5115/0x5450 [ 16.507527] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.507550] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.507602] ? kasan_atomics+0x152/0x310 [ 16.507629] kasan_atomics+0x1dc/0x310 [ 16.507653] ? __pfx_kasan_atomics+0x10/0x10 [ 16.507678] ? __pfx_read_tsc+0x10/0x10 [ 16.507700] ? ktime_get_ts64+0x86/0x230 [ 16.507725] kunit_try_run_case+0x1a5/0x480 [ 16.507751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.507775] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.507801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.507826] ? __kthread_parkme+0x82/0x180 [ 16.507848] ? preempt_count_sub+0x50/0x80 [ 16.507873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.507899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.507924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.508004] kthread+0x337/0x6f0 [ 16.508026] ? trace_preempt_on+0x20/0xc0 [ 16.508051] ? __pfx_kthread+0x10/0x10 [ 16.508073] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.508096] ? calculate_sigpending+0x7b/0xa0 [ 16.508122] ? __pfx_kthread+0x10/0x10 [ 16.508143] ret_from_fork+0x116/0x1d0 [ 16.508163] ? __pfx_kthread+0x10/0x10 [ 16.508184] ret_from_fork_asm+0x1a/0x30 [ 16.508216] </TASK> [ 16.508227] [ 16.516075] Allocated by task 282: [ 16.516327] kasan_save_stack+0x45/0x70 [ 16.516538] kasan_save_track+0x18/0x40 [ 16.516726] kasan_save_alloc_info+0x3b/0x50 [ 16.516971] __kasan_kmalloc+0xb7/0xc0 [ 16.517173] __kmalloc_cache_noprof+0x189/0x420 [ 16.517432] kasan_atomics+0x95/0x310 [ 16.517675] kunit_try_run_case+0x1a5/0x480 [ 16.517861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.518152] kthread+0x337/0x6f0 [ 16.518324] ret_from_fork+0x116/0x1d0 [ 16.518520] ret_from_fork_asm+0x1a/0x30 [ 16.518728] [ 16.518856] The buggy address belongs to the object at ffff888102ac2380 [ 16.518856] which belongs to the cache kmalloc-64 of size 64 [ 16.519415] The buggy address is located 0 bytes to the right of [ 16.519415] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.519970] [ 16.520061] The buggy address belongs to the physical page: [ 16.520394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.520654] flags: 0x200000000000000(node=0|zone=2) [ 16.520818] page_type: f5(slab) [ 16.520951] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.521297] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.521638] page dumped because: kasan: bad access detected [ 16.521894] [ 16.522062] Memory state around the buggy address: [ 16.522305] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.522523] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.522745] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.522966] ^ [ 16.523228] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.523648] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.524066] ================================================================== [ 15.612954] ================================================================== [ 15.614042] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.614732] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.615415] [ 15.615617] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.615663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.615675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.615696] Call Trace: [ 15.615727] <TASK> [ 15.615748] dump_stack_lvl+0x73/0xb0 [ 15.615791] print_report+0xd1/0x650 [ 15.615816] ? __virt_addr_valid+0x1db/0x2d0 [ 15.615839] ? kasan_atomics_helper+0xd47/0x5450 [ 15.615862] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.615886] ? kasan_atomics_helper+0xd47/0x5450 [ 15.615909] kasan_report+0x141/0x180 [ 15.615931] ? kasan_atomics_helper+0xd47/0x5450 [ 15.615970] kasan_check_range+0x10c/0x1c0 [ 15.615995] __kasan_check_write+0x18/0x20 [ 15.616017] kasan_atomics_helper+0xd47/0x5450 [ 15.616041] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.616065] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.616091] ? kasan_atomics+0x152/0x310 [ 15.616119] kasan_atomics+0x1dc/0x310 [ 15.616142] ? __pfx_kasan_atomics+0x10/0x10 [ 15.616167] ? __pfx_read_tsc+0x10/0x10 [ 15.616190] ? ktime_get_ts64+0x86/0x230 [ 15.616215] kunit_try_run_case+0x1a5/0x480 [ 15.616241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.616286] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.616314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.616338] ? __kthread_parkme+0x82/0x180 [ 15.616361] ? preempt_count_sub+0x50/0x80 [ 15.616387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.616412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.616438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.616465] kthread+0x337/0x6f0 [ 15.616484] ? trace_preempt_on+0x20/0xc0 [ 15.616510] ? __pfx_kthread+0x10/0x10 [ 15.616531] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.616553] ? calculate_sigpending+0x7b/0xa0 [ 15.616580] ? __pfx_kthread+0x10/0x10 [ 15.616602] ret_from_fork+0x116/0x1d0 [ 15.616622] ? __pfx_kthread+0x10/0x10 [ 15.616643] ret_from_fork_asm+0x1a/0x30 [ 15.616675] </TASK> [ 15.616687] [ 15.629503] Allocated by task 282: [ 15.629862] kasan_save_stack+0x45/0x70 [ 15.630242] kasan_save_track+0x18/0x40 [ 15.630621] kasan_save_alloc_info+0x3b/0x50 [ 15.630782] __kasan_kmalloc+0xb7/0xc0 [ 15.630915] __kmalloc_cache_noprof+0x189/0x420 [ 15.631081] kasan_atomics+0x95/0x310 [ 15.631214] kunit_try_run_case+0x1a5/0x480 [ 15.631606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.632095] kthread+0x337/0x6f0 [ 15.632435] ret_from_fork+0x116/0x1d0 [ 15.632788] ret_from_fork_asm+0x1a/0x30 [ 15.633171] [ 15.633352] The buggy address belongs to the object at ffff888102ac2380 [ 15.633352] which belongs to the cache kmalloc-64 of size 64 [ 15.634431] The buggy address is located 0 bytes to the right of [ 15.634431] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.635198] [ 15.635352] The buggy address belongs to the physical page: [ 15.635837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.636413] flags: 0x200000000000000(node=0|zone=2) [ 15.636577] page_type: f5(slab) [ 15.636698] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.636927] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.637628] page dumped because: kasan: bad access detected [ 15.638119] [ 15.638295] Memory state around the buggy address: [ 15.638745] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.639374] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.639992] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.640563] ^ [ 15.640717] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.640929] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.641154] ================================================================== [ 16.320787] ================================================================== [ 16.321061] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.321301] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.321524] [ 16.321617] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.321662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.321676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.321697] Call Trace: [ 16.321717] <TASK> [ 16.321737] dump_stack_lvl+0x73/0xb0 [ 16.321768] print_report+0xd1/0x650 [ 16.321792] ? __virt_addr_valid+0x1db/0x2d0 [ 16.321815] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.321837] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.321859] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.321881] kasan_report+0x141/0x180 [ 16.321903] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.321929] kasan_check_range+0x10c/0x1c0 [ 16.321964] __kasan_check_write+0x18/0x20 [ 16.321983] kasan_atomics_helper+0x1eaa/0x5450 [ 16.322006] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.322028] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.322054] ? kasan_atomics+0x152/0x310 [ 16.322081] kasan_atomics+0x1dc/0x310 [ 16.322103] ? __pfx_kasan_atomics+0x10/0x10 [ 16.322128] ? __pfx_read_tsc+0x10/0x10 [ 16.322149] ? ktime_get_ts64+0x86/0x230 [ 16.322173] kunit_try_run_case+0x1a5/0x480 [ 16.322198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.322221] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.322247] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.322271] ? __kthread_parkme+0x82/0x180 [ 16.322292] ? preempt_count_sub+0x50/0x80 [ 16.322316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.322341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.322365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.322389] kthread+0x337/0x6f0 [ 16.322408] ? trace_preempt_on+0x20/0xc0 [ 16.322433] ? __pfx_kthread+0x10/0x10 [ 16.322454] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.322476] ? calculate_sigpending+0x7b/0xa0 [ 16.322500] ? __pfx_kthread+0x10/0x10 [ 16.322521] ret_from_fork+0x116/0x1d0 [ 16.322540] ? __pfx_kthread+0x10/0x10 [ 16.322561] ret_from_fork_asm+0x1a/0x30 [ 16.322593] </TASK> [ 16.322604] [ 16.331841] Allocated by task 282: [ 16.332004] kasan_save_stack+0x45/0x70 [ 16.332351] kasan_save_track+0x18/0x40 [ 16.332537] kasan_save_alloc_info+0x3b/0x50 [ 16.332888] __kasan_kmalloc+0xb7/0xc0 [ 16.333128] __kmalloc_cache_noprof+0x189/0x420 [ 16.333289] kasan_atomics+0x95/0x310 [ 16.333602] kunit_try_run_case+0x1a5/0x480 [ 16.333761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.333958] kthread+0x337/0x6f0 [ 16.334381] ret_from_fork+0x116/0x1d0 [ 16.334584] ret_from_fork_asm+0x1a/0x30 [ 16.334855] [ 16.334962] The buggy address belongs to the object at ffff888102ac2380 [ 16.334962] which belongs to the cache kmalloc-64 of size 64 [ 16.335668] The buggy address is located 0 bytes to the right of [ 16.335668] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.336850] [ 16.336947] The buggy address belongs to the physical page: [ 16.337129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.337748] flags: 0x200000000000000(node=0|zone=2) [ 16.338186] page_type: f5(slab) [ 16.339090] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.339349] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.339579] page dumped because: kasan: bad access detected [ 16.339752] [ 16.339824] Memory state around the buggy address: [ 16.340062] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.340736] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.341360] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.341577] ^ [ 16.341733] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341959] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.342233] ================================================================== [ 15.886517] ================================================================== [ 15.887070] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.887438] Read of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.887778] [ 15.887891] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.887956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.887969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.887991] Call Trace: [ 15.888009] <TASK> [ 15.888028] dump_stack_lvl+0x73/0xb0 [ 15.888058] print_report+0xd1/0x650 [ 15.888082] ? __virt_addr_valid+0x1db/0x2d0 [ 15.888106] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.888129] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.888153] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.888187] kasan_report+0x141/0x180 [ 15.888209] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.888248] __asan_report_load4_noabort+0x18/0x20 [ 15.888275] kasan_atomics_helper+0x49ce/0x5450 [ 15.888300] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.888335] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.888361] ? kasan_atomics+0x152/0x310 [ 15.888388] kasan_atomics+0x1dc/0x310 [ 15.888423] ? __pfx_kasan_atomics+0x10/0x10 [ 15.888448] ? __pfx_read_tsc+0x10/0x10 [ 15.888483] ? ktime_get_ts64+0x86/0x230 [ 15.888518] kunit_try_run_case+0x1a5/0x480 [ 15.888543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.888577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.888603] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.888628] ? __kthread_parkme+0x82/0x180 [ 15.888650] ? preempt_count_sub+0x50/0x80 [ 15.888674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.888708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.888735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.888771] kthread+0x337/0x6f0 [ 15.888790] ? trace_preempt_on+0x20/0xc0 [ 15.888816] ? __pfx_kthread+0x10/0x10 [ 15.888837] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.888860] ? calculate_sigpending+0x7b/0xa0 [ 15.888884] ? __pfx_kthread+0x10/0x10 [ 15.888907] ret_from_fork+0x116/0x1d0 [ 15.888926] ? __pfx_kthread+0x10/0x10 [ 15.888957] ret_from_fork_asm+0x1a/0x30 [ 15.888988] </TASK> [ 15.888999] [ 15.896618] Allocated by task 282: [ 15.896792] kasan_save_stack+0x45/0x70 [ 15.897007] kasan_save_track+0x18/0x40 [ 15.897212] kasan_save_alloc_info+0x3b/0x50 [ 15.897460] __kasan_kmalloc+0xb7/0xc0 [ 15.897655] __kmalloc_cache_noprof+0x189/0x420 [ 15.897886] kasan_atomics+0x95/0x310 [ 15.898105] kunit_try_run_case+0x1a5/0x480 [ 15.898249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.898574] kthread+0x337/0x6f0 [ 15.898767] ret_from_fork+0x116/0x1d0 [ 15.898979] ret_from_fork_asm+0x1a/0x30 [ 15.899240] [ 15.899410] The buggy address belongs to the object at ffff888102ac2380 [ 15.899410] which belongs to the cache kmalloc-64 of size 64 [ 15.899918] The buggy address is located 0 bytes to the right of [ 15.899918] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.900502] [ 15.900575] The buggy address belongs to the physical page: [ 15.900740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.900994] flags: 0x200000000000000(node=0|zone=2) [ 15.901223] page_type: f5(slab) [ 15.901385] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.901737] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.902084] page dumped because: kasan: bad access detected [ 15.902280] [ 15.902376] Memory state around the buggy address: [ 15.902639] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.902876] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.903092] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.903457] ^ [ 15.903735] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.904161] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.904779] ================================================================== [ 15.415283] ================================================================== [ 15.415531] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.415797] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.416127] [ 15.416218] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.416291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.416304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.416326] Call Trace: [ 15.416345] <TASK> [ 15.416366] dump_stack_lvl+0x73/0xb0 [ 15.416398] print_report+0xd1/0x650 [ 15.416422] ? __virt_addr_valid+0x1db/0x2d0 [ 15.416447] ? kasan_atomics_helper+0x72f/0x5450 [ 15.416469] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.416493] ? kasan_atomics_helper+0x72f/0x5450 [ 15.416516] kasan_report+0x141/0x180 [ 15.416539] ? kasan_atomics_helper+0x72f/0x5450 [ 15.416566] kasan_check_range+0x10c/0x1c0 [ 15.416590] __kasan_check_write+0x18/0x20 [ 15.416611] kasan_atomics_helper+0x72f/0x5450 [ 15.416635] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.416660] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.416687] ? kasan_atomics+0x152/0x310 [ 15.416714] kasan_atomics+0x1dc/0x310 [ 15.416737] ? __pfx_kasan_atomics+0x10/0x10 [ 15.416763] ? __pfx_read_tsc+0x10/0x10 [ 15.416785] ? ktime_get_ts64+0x86/0x230 [ 15.416810] kunit_try_run_case+0x1a5/0x480 [ 15.416836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.416860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.416886] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.416911] ? __kthread_parkme+0x82/0x180 [ 15.416944] ? preempt_count_sub+0x50/0x80 [ 15.416970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.416996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.417021] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.417049] kthread+0x337/0x6f0 [ 15.417068] ? trace_preempt_on+0x20/0xc0 [ 15.417092] ? __pfx_kthread+0x10/0x10 [ 15.417114] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.417137] ? calculate_sigpending+0x7b/0xa0 [ 15.417162] ? __pfx_kthread+0x10/0x10 [ 15.417184] ret_from_fork+0x116/0x1d0 [ 15.417204] ? __pfx_kthread+0x10/0x10 [ 15.417225] ret_from_fork_asm+0x1a/0x30 [ 15.417257] </TASK> [ 15.417269] [ 15.424894] Allocated by task 282: [ 15.425076] kasan_save_stack+0x45/0x70 [ 15.425223] kasan_save_track+0x18/0x40 [ 15.425358] kasan_save_alloc_info+0x3b/0x50 [ 15.425592] __kasan_kmalloc+0xb7/0xc0 [ 15.425780] __kmalloc_cache_noprof+0x189/0x420 [ 15.426009] kasan_atomics+0x95/0x310 [ 15.426196] kunit_try_run_case+0x1a5/0x480 [ 15.426396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.426571] kthread+0x337/0x6f0 [ 15.426719] ret_from_fork+0x116/0x1d0 [ 15.426906] ret_from_fork_asm+0x1a/0x30 [ 15.427112] [ 15.427206] The buggy address belongs to the object at ffff888102ac2380 [ 15.427206] which belongs to the cache kmalloc-64 of size 64 [ 15.427725] The buggy address is located 0 bytes to the right of [ 15.427725] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.428100] [ 15.428172] The buggy address belongs to the physical page: [ 15.428587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.428946] flags: 0x200000000000000(node=0|zone=2) [ 15.429176] page_type: f5(slab) [ 15.429315] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.429545] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.429769] page dumped because: kasan: bad access detected [ 15.429950] [ 15.430074] Memory state around the buggy address: [ 15.430324] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.430645] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.430981] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.431305] ^ [ 15.431535] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.431889] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.432174] ================================================================== [ 15.905537] ================================================================== [ 15.905968] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.906507] Read of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.906831] [ 15.906923] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.906976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.906990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.907011] Call Trace: [ 15.907028] <TASK> [ 15.907047] dump_stack_lvl+0x73/0xb0 [ 15.907079] print_report+0xd1/0x650 [ 15.907102] ? __virt_addr_valid+0x1db/0x2d0 [ 15.907127] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.907171] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.907207] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.907247] kasan_report+0x141/0x180 [ 15.907291] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.907318] kasan_check_range+0x10c/0x1c0 [ 15.907342] __kasan_check_read+0x15/0x20 [ 15.907363] kasan_atomics_helper+0x13b5/0x5450 [ 15.907386] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.907410] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.907436] ? kasan_atomics+0x152/0x310 [ 15.907490] kasan_atomics+0x1dc/0x310 [ 15.907513] ? __pfx_kasan_atomics+0x10/0x10 [ 15.907538] ? __pfx_read_tsc+0x10/0x10 [ 15.907570] ? ktime_get_ts64+0x86/0x230 [ 15.907596] kunit_try_run_case+0x1a5/0x480 [ 15.907621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.907645] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.907671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.907695] ? __kthread_parkme+0x82/0x180 [ 15.907717] ? preempt_count_sub+0x50/0x80 [ 15.907759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.907793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.907819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.907857] kthread+0x337/0x6f0 [ 15.907877] ? trace_preempt_on+0x20/0xc0 [ 15.907918] ? __pfx_kthread+0x10/0x10 [ 15.907956] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.907979] ? calculate_sigpending+0x7b/0xa0 [ 15.908015] ? __pfx_kthread+0x10/0x10 [ 15.908037] ret_from_fork+0x116/0x1d0 [ 15.908056] ? __pfx_kthread+0x10/0x10 [ 15.908105] ret_from_fork_asm+0x1a/0x30 [ 15.908152] </TASK> [ 15.908174] [ 15.916754] Allocated by task 282: [ 15.916976] kasan_save_stack+0x45/0x70 [ 15.917196] kasan_save_track+0x18/0x40 [ 15.917440] kasan_save_alloc_info+0x3b/0x50 [ 15.917678] __kasan_kmalloc+0xb7/0xc0 [ 15.917896] __kmalloc_cache_noprof+0x189/0x420 [ 15.918112] kasan_atomics+0x95/0x310 [ 15.918327] kunit_try_run_case+0x1a5/0x480 [ 15.918621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.918842] kthread+0x337/0x6f0 [ 15.919005] ret_from_fork+0x116/0x1d0 [ 15.919215] ret_from_fork_asm+0x1a/0x30 [ 15.919408] [ 15.919500] The buggy address belongs to the object at ffff888102ac2380 [ 15.919500] which belongs to the cache kmalloc-64 of size 64 [ 15.920050] The buggy address is located 0 bytes to the right of [ 15.920050] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.920647] [ 15.920749] The buggy address belongs to the physical page: [ 15.920990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.921252] flags: 0x200000000000000(node=0|zone=2) [ 15.921523] page_type: f5(slab) [ 15.921694] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.921953] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.922377] page dumped because: kasan: bad access detected [ 15.922638] [ 15.922712] Memory state around the buggy address: [ 15.922918] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.923297] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.923678] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.923923] ^ [ 15.924199] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.924568] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.924897] ================================================================== [ 16.361488] ================================================================== [ 16.361793] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.362085] Read of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.362400] [ 16.362517] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.362559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.362572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.362593] Call Trace: [ 16.362611] <TASK> [ 16.362629] dump_stack_lvl+0x73/0xb0 [ 16.362659] print_report+0xd1/0x650 [ 16.362682] ? __virt_addr_valid+0x1db/0x2d0 [ 16.362711] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.362733] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.362756] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.362778] kasan_report+0x141/0x180 [ 16.362800] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.362827] __asan_report_load8_noabort+0x18/0x20 [ 16.362851] kasan_atomics_helper+0x4f71/0x5450 [ 16.362874] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.362896] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.362921] ? kasan_atomics+0x152/0x310 [ 16.363011] kasan_atomics+0x1dc/0x310 [ 16.363036] ? __pfx_kasan_atomics+0x10/0x10 [ 16.363062] ? __pfx_read_tsc+0x10/0x10 [ 16.363086] ? ktime_get_ts64+0x86/0x230 [ 16.363112] kunit_try_run_case+0x1a5/0x480 [ 16.363138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.363162] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.363190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.363216] ? __kthread_parkme+0x82/0x180 [ 16.363238] ? preempt_count_sub+0x50/0x80 [ 16.363284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.363310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.363336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.363363] kthread+0x337/0x6f0 [ 16.363383] ? trace_preempt_on+0x20/0xc0 [ 16.363407] ? __pfx_kthread+0x10/0x10 [ 16.363429] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.363452] ? calculate_sigpending+0x7b/0xa0 [ 16.363478] ? __pfx_kthread+0x10/0x10 [ 16.363500] ret_from_fork+0x116/0x1d0 [ 16.363520] ? __pfx_kthread+0x10/0x10 [ 16.363541] ret_from_fork_asm+0x1a/0x30 [ 16.363573] </TASK> [ 16.363584] [ 16.370743] Allocated by task 282: [ 16.370878] kasan_save_stack+0x45/0x70 [ 16.371094] kasan_save_track+0x18/0x40 [ 16.371318] kasan_save_alloc_info+0x3b/0x50 [ 16.371552] __kasan_kmalloc+0xb7/0xc0 [ 16.371740] __kmalloc_cache_noprof+0x189/0x420 [ 16.371948] kasan_atomics+0x95/0x310 [ 16.372153] kunit_try_run_case+0x1a5/0x480 [ 16.372325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.372502] kthread+0x337/0x6f0 [ 16.372642] ret_from_fork+0x116/0x1d0 [ 16.372829] ret_from_fork_asm+0x1a/0x30 [ 16.373053] [ 16.373147] The buggy address belongs to the object at ffff888102ac2380 [ 16.373147] which belongs to the cache kmalloc-64 of size 64 [ 16.373702] The buggy address is located 0 bytes to the right of [ 16.373702] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.374100] [ 16.374175] The buggy address belongs to the physical page: [ 16.374447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.374819] flags: 0x200000000000000(node=0|zone=2) [ 16.374992] page_type: f5(slab) [ 16.375115] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.375417] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.375774] page dumped because: kasan: bad access detected [ 16.376041] [ 16.376153] Memory state around the buggy address: [ 16.376403] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.376675] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.376990] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.377204] ^ [ 16.377457] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.377775] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.378104] ================================================================== [ 15.392778] ================================================================== [ 15.393410] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.393763] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.394154] [ 15.394273] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.394352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.394388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.394411] Call Trace: [ 15.394430] <TASK> [ 15.394448] dump_stack_lvl+0x73/0xb0 [ 15.394480] print_report+0xd1/0x650 [ 15.394505] ? __virt_addr_valid+0x1db/0x2d0 [ 15.394530] ? kasan_atomics_helper+0x697/0x5450 [ 15.394553] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.394579] ? kasan_atomics_helper+0x697/0x5450 [ 15.394633] kasan_report+0x141/0x180 [ 15.394668] ? kasan_atomics_helper+0x697/0x5450 [ 15.394714] kasan_check_range+0x10c/0x1c0 [ 15.394738] __kasan_check_write+0x18/0x20 [ 15.394759] kasan_atomics_helper+0x697/0x5450 [ 15.394784] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.394808] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.394835] ? kasan_atomics+0x152/0x310 [ 15.394863] kasan_atomics+0x1dc/0x310 [ 15.394886] ? __pfx_kasan_atomics+0x10/0x10 [ 15.394912] ? __pfx_read_tsc+0x10/0x10 [ 15.394943] ? ktime_get_ts64+0x86/0x230 [ 15.394968] kunit_try_run_case+0x1a5/0x480 [ 15.394994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.395018] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.395043] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.395068] ? __kthread_parkme+0x82/0x180 [ 15.395090] ? preempt_count_sub+0x50/0x80 [ 15.395116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.395142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.395167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.395193] kthread+0x337/0x6f0 [ 15.395213] ? trace_preempt_on+0x20/0xc0 [ 15.395237] ? __pfx_kthread+0x10/0x10 [ 15.395278] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.395301] ? calculate_sigpending+0x7b/0xa0 [ 15.395327] ? __pfx_kthread+0x10/0x10 [ 15.395349] ret_from_fork+0x116/0x1d0 [ 15.395368] ? __pfx_kthread+0x10/0x10 [ 15.395389] ret_from_fork_asm+0x1a/0x30 [ 15.395421] </TASK> [ 15.395433] [ 15.402837] Allocated by task 282: [ 15.403363] kasan_save_stack+0x45/0x70 [ 15.403738] kasan_save_track+0x18/0x40 [ 15.403922] kasan_save_alloc_info+0x3b/0x50 [ 15.404125] __kasan_kmalloc+0xb7/0xc0 [ 15.404643] __kmalloc_cache_noprof+0x189/0x420 [ 15.405021] kasan_atomics+0x95/0x310 [ 15.405458] kunit_try_run_case+0x1a5/0x480 [ 15.405888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.406374] kthread+0x337/0x6f0 [ 15.406737] ret_from_fork+0x116/0x1d0 [ 15.406920] ret_from_fork_asm+0x1a/0x30 [ 15.407118] [ 15.407216] The buggy address belongs to the object at ffff888102ac2380 [ 15.407216] which belongs to the cache kmalloc-64 of size 64 [ 15.408461] The buggy address is located 0 bytes to the right of [ 15.408461] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.409407] [ 15.409656] The buggy address belongs to the physical page: [ 15.410131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.410756] flags: 0x200000000000000(node=0|zone=2) [ 15.411213] page_type: f5(slab) [ 15.411619] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.412177] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.412768] page dumped because: kasan: bad access detected [ 15.413103] [ 15.413189] Memory state around the buggy address: [ 15.413371] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.413594] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.413811] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.414044] ^ [ 15.414204] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.414459] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.414677] ================================================================== [ 15.765748] ================================================================== [ 15.766421] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.766787] Read of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.767154] [ 15.767278] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.767322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.767334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.767354] Call Trace: [ 15.767373] <TASK> [ 15.767391] dump_stack_lvl+0x73/0xb0 [ 15.767422] print_report+0xd1/0x650 [ 15.767446] ? __virt_addr_valid+0x1db/0x2d0 [ 15.767469] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.767492] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.767516] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.767538] kasan_report+0x141/0x180 [ 15.767561] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.767588] __asan_report_load4_noabort+0x18/0x20 [ 15.767614] kasan_atomics_helper+0x4a1c/0x5450 [ 15.767638] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.767662] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.767687] ? kasan_atomics+0x152/0x310 [ 15.767727] kasan_atomics+0x1dc/0x310 [ 15.767749] ? __pfx_kasan_atomics+0x10/0x10 [ 15.767775] ? __pfx_read_tsc+0x10/0x10 [ 15.767809] ? ktime_get_ts64+0x86/0x230 [ 15.767834] kunit_try_run_case+0x1a5/0x480 [ 15.767859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.767890] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.767916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.767956] ? __kthread_parkme+0x82/0x180 [ 15.767977] ? preempt_count_sub+0x50/0x80 [ 15.768003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.768028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.768053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.768088] kthread+0x337/0x6f0 [ 15.768108] ? trace_preempt_on+0x20/0xc0 [ 15.768133] ? __pfx_kthread+0x10/0x10 [ 15.768164] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.768187] ? calculate_sigpending+0x7b/0xa0 [ 15.768212] ? __pfx_kthread+0x10/0x10 [ 15.768244] ret_from_fork+0x116/0x1d0 [ 15.768264] ? __pfx_kthread+0x10/0x10 [ 15.768285] ret_from_fork_asm+0x1a/0x30 [ 15.768338] </TASK> [ 15.768350] [ 15.775949] Allocated by task 282: [ 15.776124] kasan_save_stack+0x45/0x70 [ 15.776357] kasan_save_track+0x18/0x40 [ 15.776535] kasan_save_alloc_info+0x3b/0x50 [ 15.776752] __kasan_kmalloc+0xb7/0xc0 [ 15.776953] __kmalloc_cache_noprof+0x189/0x420 [ 15.777179] kasan_atomics+0x95/0x310 [ 15.777384] kunit_try_run_case+0x1a5/0x480 [ 15.777605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.777844] kthread+0x337/0x6f0 [ 15.778026] ret_from_fork+0x116/0x1d0 [ 15.778172] ret_from_fork_asm+0x1a/0x30 [ 15.778451] [ 15.778548] The buggy address belongs to the object at ffff888102ac2380 [ 15.778548] which belongs to the cache kmalloc-64 of size 64 [ 15.778969] The buggy address is located 0 bytes to the right of [ 15.778969] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.779315] [ 15.779386] The buggy address belongs to the physical page: [ 15.779549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.779861] flags: 0x200000000000000(node=0|zone=2) [ 15.780211] page_type: f5(slab) [ 15.780398] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.780730] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.781074] page dumped because: kasan: bad access detected [ 15.781364] [ 15.781435] Memory state around the buggy address: [ 15.781589] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.781802] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.782025] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.782234] ^ [ 15.782725] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.783056] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.783518] ================================================================== [ 16.267158] ================================================================== [ 16.267845] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.268381] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.268950] [ 16.269192] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.269243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.269392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.269420] Call Trace: [ 16.269442] <TASK> [ 16.269464] dump_stack_lvl+0x73/0xb0 [ 16.269499] print_report+0xd1/0x650 [ 16.269524] ? __virt_addr_valid+0x1db/0x2d0 [ 16.269549] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.269573] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.269597] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.269620] kasan_report+0x141/0x180 [ 16.269643] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.269670] kasan_check_range+0x10c/0x1c0 [ 16.269695] __kasan_check_write+0x18/0x20 [ 16.269716] kasan_atomics_helper+0x1d7a/0x5450 [ 16.269740] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.269764] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.269791] ? kasan_atomics+0x152/0x310 [ 16.269819] kasan_atomics+0x1dc/0x310 [ 16.269842] ? __pfx_kasan_atomics+0x10/0x10 [ 16.269868] ? __pfx_read_tsc+0x10/0x10 [ 16.269890] ? ktime_get_ts64+0x86/0x230 [ 16.269915] kunit_try_run_case+0x1a5/0x480 [ 16.270007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.270034] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.270061] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.270087] ? __kthread_parkme+0x82/0x180 [ 16.270109] ? preempt_count_sub+0x50/0x80 [ 16.270135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.270161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.270186] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.270213] kthread+0x337/0x6f0 [ 16.270232] ? trace_preempt_on+0x20/0xc0 [ 16.270281] ? __pfx_kthread+0x10/0x10 [ 16.270304] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.270328] ? calculate_sigpending+0x7b/0xa0 [ 16.270353] ? __pfx_kthread+0x10/0x10 [ 16.270375] ret_from_fork+0x116/0x1d0 [ 16.270395] ? __pfx_kthread+0x10/0x10 [ 16.270417] ret_from_fork_asm+0x1a/0x30 [ 16.270449] </TASK> [ 16.270460] [ 16.281857] Allocated by task 282: [ 16.282162] kasan_save_stack+0x45/0x70 [ 16.282486] kasan_save_track+0x18/0x40 [ 16.282782] kasan_save_alloc_info+0x3b/0x50 [ 16.283114] __kasan_kmalloc+0xb7/0xc0 [ 16.283428] __kmalloc_cache_noprof+0x189/0x420 [ 16.283750] kasan_atomics+0x95/0x310 [ 16.284047] kunit_try_run_case+0x1a5/0x480 [ 16.284450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.284734] kthread+0x337/0x6f0 [ 16.284912] ret_from_fork+0x116/0x1d0 [ 16.285107] ret_from_fork_asm+0x1a/0x30 [ 16.285310] [ 16.285406] The buggy address belongs to the object at ffff888102ac2380 [ 16.285406] which belongs to the cache kmalloc-64 of size 64 [ 16.285877] The buggy address is located 0 bytes to the right of [ 16.285877] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.286380] [ 16.286473] The buggy address belongs to the physical page: [ 16.286726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.287678] flags: 0x200000000000000(node=0|zone=2) [ 16.288016] page_type: f5(slab) [ 16.288222] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.288764] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.289210] page dumped because: kasan: bad access detected [ 16.289589] [ 16.289811] Memory state around the buggy address: [ 16.290129] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.290580] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.291014] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.291428] ^ [ 16.291735] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.292167] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.292559] ================================================================== [ 16.029356] ================================================================== [ 16.029714] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 16.030054] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.030420] [ 16.030516] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.030559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.030572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.030592] Call Trace: [ 16.030611] <TASK> [ 16.030628] dump_stack_lvl+0x73/0xb0 [ 16.030658] print_report+0xd1/0x650 [ 16.030681] ? __virt_addr_valid+0x1db/0x2d0 [ 16.030710] ? kasan_atomics_helper+0x164f/0x5450 [ 16.030732] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.030756] ? kasan_atomics_helper+0x164f/0x5450 [ 16.030779] kasan_report+0x141/0x180 [ 16.030801] ? kasan_atomics_helper+0x164f/0x5450 [ 16.030828] kasan_check_range+0x10c/0x1c0 [ 16.030853] __kasan_check_write+0x18/0x20 [ 16.030873] kasan_atomics_helper+0x164f/0x5450 [ 16.030897] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.030920] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.030958] ? kasan_atomics+0x152/0x310 [ 16.030985] kasan_atomics+0x1dc/0x310 [ 16.031009] ? __pfx_kasan_atomics+0x10/0x10 [ 16.031035] ? __pfx_read_tsc+0x10/0x10 [ 16.031057] ? ktime_get_ts64+0x86/0x230 [ 16.031082] kunit_try_run_case+0x1a5/0x480 [ 16.031108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.031131] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.031157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.031182] ? __kthread_parkme+0x82/0x180 [ 16.031204] ? preempt_count_sub+0x50/0x80 [ 16.031230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.031256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.031293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.031319] kthread+0x337/0x6f0 [ 16.031339] ? trace_preempt_on+0x20/0xc0 [ 16.031364] ? __pfx_kthread+0x10/0x10 [ 16.031386] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.031408] ? calculate_sigpending+0x7b/0xa0 [ 16.031434] ? __pfx_kthread+0x10/0x10 [ 16.031456] ret_from_fork+0x116/0x1d0 [ 16.031475] ? __pfx_kthread+0x10/0x10 [ 16.031497] ret_from_fork_asm+0x1a/0x30 [ 16.031527] </TASK> [ 16.031539] [ 16.038720] Allocated by task 282: [ 16.038853] kasan_save_stack+0x45/0x70 [ 16.039009] kasan_save_track+0x18/0x40 [ 16.039145] kasan_save_alloc_info+0x3b/0x50 [ 16.039427] __kasan_kmalloc+0xb7/0xc0 [ 16.039620] __kmalloc_cache_noprof+0x189/0x420 [ 16.039847] kasan_atomics+0x95/0x310 [ 16.040048] kunit_try_run_case+0x1a5/0x480 [ 16.040256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.040579] kthread+0x337/0x6f0 [ 16.040726] ret_from_fork+0x116/0x1d0 [ 16.040859] ret_from_fork_asm+0x1a/0x30 [ 16.041314] [ 16.041478] The buggy address belongs to the object at ffff888102ac2380 [ 16.041478] which belongs to the cache kmalloc-64 of size 64 [ 16.043217] The buggy address is located 0 bytes to the right of [ 16.043217] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.043608] [ 16.043687] The buggy address belongs to the physical page: [ 16.043861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.044208] flags: 0x200000000000000(node=0|zone=2) [ 16.044448] page_type: f5(slab) [ 16.044717] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.045120] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.045567] page dumped because: kasan: bad access detected [ 16.045823] [ 16.045915] Memory state around the buggy address: [ 16.046220] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.046689] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.047022] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.047409] ^ [ 16.047642] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.047893] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.048369] ================================================================== [ 16.431687] ================================================================== [ 16.432189] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.432501] Read of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.432825] [ 16.432968] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.433013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.433027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.433048] Call Trace: [ 16.433067] <TASK> [ 16.433087] dump_stack_lvl+0x73/0xb0 [ 16.433118] print_report+0xd1/0x650 [ 16.433142] ? __virt_addr_valid+0x1db/0x2d0 [ 16.433167] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.433192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.433216] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.433239] kasan_report+0x141/0x180 [ 16.433283] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.433310] __asan_report_load8_noabort+0x18/0x20 [ 16.433336] kasan_atomics_helper+0x4fb2/0x5450 [ 16.433361] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.433386] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.433413] ? kasan_atomics+0x152/0x310 [ 16.433440] kasan_atomics+0x1dc/0x310 [ 16.433463] ? __pfx_kasan_atomics+0x10/0x10 [ 16.433488] ? __pfx_read_tsc+0x10/0x10 [ 16.433511] ? ktime_get_ts64+0x86/0x230 [ 16.433559] kunit_try_run_case+0x1a5/0x480 [ 16.433585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.433609] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.433635] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.433660] ? __kthread_parkme+0x82/0x180 [ 16.433682] ? preempt_count_sub+0x50/0x80 [ 16.433728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.433753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.433779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.433805] kthread+0x337/0x6f0 [ 16.433825] ? trace_preempt_on+0x20/0xc0 [ 16.433850] ? __pfx_kthread+0x10/0x10 [ 16.433890] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.433914] ? calculate_sigpending+0x7b/0xa0 [ 16.433950] ? __pfx_kthread+0x10/0x10 [ 16.433973] ret_from_fork+0x116/0x1d0 [ 16.433992] ? __pfx_kthread+0x10/0x10 [ 16.434014] ret_from_fork_asm+0x1a/0x30 [ 16.434046] </TASK> [ 16.434058] [ 16.441151] Allocated by task 282: [ 16.441359] kasan_save_stack+0x45/0x70 [ 16.441565] kasan_save_track+0x18/0x40 [ 16.441759] kasan_save_alloc_info+0x3b/0x50 [ 16.441928] __kasan_kmalloc+0xb7/0xc0 [ 16.442072] __kmalloc_cache_noprof+0x189/0x420 [ 16.442318] kasan_atomics+0x95/0x310 [ 16.442510] kunit_try_run_case+0x1a5/0x480 [ 16.442752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.443012] kthread+0x337/0x6f0 [ 16.443172] ret_from_fork+0x116/0x1d0 [ 16.443336] ret_from_fork_asm+0x1a/0x30 [ 16.443481] [ 16.443571] The buggy address belongs to the object at ffff888102ac2380 [ 16.443571] which belongs to the cache kmalloc-64 of size 64 [ 16.444138] The buggy address is located 0 bytes to the right of [ 16.444138] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.444574] [ 16.444648] The buggy address belongs to the physical page: [ 16.444901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.445304] flags: 0x200000000000000(node=0|zone=2) [ 16.445565] page_type: f5(slab) [ 16.445721] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.445987] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.446274] page dumped because: kasan: bad access detected [ 16.446522] [ 16.446615] Memory state around the buggy address: [ 16.446845] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.447180] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.447432] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.447748] ^ [ 16.447946] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.448239] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.448567] ================================================================== [ 15.561347] ================================================================== [ 15.561700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.562068] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.562423] [ 15.562539] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.562584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.562596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.562619] Call Trace: [ 15.562637] <TASK> [ 15.562654] dump_stack_lvl+0x73/0xb0 [ 15.562685] print_report+0xd1/0x650 [ 15.562715] ? __virt_addr_valid+0x1db/0x2d0 [ 15.562739] ? kasan_atomics_helper+0xc70/0x5450 [ 15.562762] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.562787] ? kasan_atomics_helper+0xc70/0x5450 [ 15.562810] kasan_report+0x141/0x180 [ 15.562832] ? kasan_atomics_helper+0xc70/0x5450 [ 15.562860] kasan_check_range+0x10c/0x1c0 [ 15.562884] __kasan_check_write+0x18/0x20 [ 15.562905] kasan_atomics_helper+0xc70/0x5450 [ 15.562930] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.562963] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.562990] ? kasan_atomics+0x152/0x310 [ 15.563017] kasan_atomics+0x1dc/0x310 [ 15.563040] ? __pfx_kasan_atomics+0x10/0x10 [ 15.563065] ? __pfx_read_tsc+0x10/0x10 [ 15.563088] ? ktime_get_ts64+0x86/0x230 [ 15.563113] kunit_try_run_case+0x1a5/0x480 [ 15.563138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.563162] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.563188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.563213] ? __kthread_parkme+0x82/0x180 [ 15.563235] ? preempt_count_sub+0x50/0x80 [ 15.563281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.563307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.563333] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.563360] kthread+0x337/0x6f0 [ 15.563379] ? trace_preempt_on+0x20/0xc0 [ 15.563404] ? __pfx_kthread+0x10/0x10 [ 15.563425] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.563448] ? calculate_sigpending+0x7b/0xa0 [ 15.563474] ? __pfx_kthread+0x10/0x10 [ 15.563495] ret_from_fork+0x116/0x1d0 [ 15.563514] ? __pfx_kthread+0x10/0x10 [ 15.563535] ret_from_fork_asm+0x1a/0x30 [ 15.563567] </TASK> [ 15.563579] [ 15.571579] Allocated by task 282: [ 15.571761] kasan_save_stack+0x45/0x70 [ 15.572923] kasan_save_track+0x18/0x40 [ 15.573219] kasan_save_alloc_info+0x3b/0x50 [ 15.573384] __kasan_kmalloc+0xb7/0xc0 [ 15.573523] __kmalloc_cache_noprof+0x189/0x420 [ 15.573678] kasan_atomics+0x95/0x310 [ 15.573813] kunit_try_run_case+0x1a5/0x480 [ 15.573973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.574149] kthread+0x337/0x6f0 [ 15.574268] ret_from_fork+0x116/0x1d0 [ 15.574555] ret_from_fork_asm+0x1a/0x30 [ 15.574701] [ 15.574780] The buggy address belongs to the object at ffff888102ac2380 [ 15.574780] which belongs to the cache kmalloc-64 of size 64 [ 15.575724] The buggy address is located 0 bytes to the right of [ 15.575724] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.576896] [ 15.577118] The buggy address belongs to the physical page: [ 15.577456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.577696] flags: 0x200000000000000(node=0|zone=2) [ 15.577866] page_type: f5(slab) [ 15.578000] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.578224] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.579044] page dumped because: kasan: bad access detected [ 15.579579] [ 15.579740] Memory state around the buggy address: [ 15.580205] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.580854] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.581504] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.582140] ^ [ 15.582593] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.583221] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.583692] ================================================================== [ 15.173512] ================================================================== [ 15.174798] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 15.176152] Read of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.177135] [ 15.177633] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.177781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.177800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.177824] Call Trace: [ 15.177838] <TASK> [ 15.177859] dump_stack_lvl+0x73/0xb0 [ 15.177896] print_report+0xd1/0x650 [ 15.177921] ? __virt_addr_valid+0x1db/0x2d0 [ 15.177980] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.178003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.178026] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.178048] kasan_report+0x141/0x180 [ 15.178070] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.178096] __asan_report_load4_noabort+0x18/0x20 [ 15.178121] kasan_atomics_helper+0x4bbc/0x5450 [ 15.178144] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.178168] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.178195] ? kasan_atomics+0x152/0x310 [ 15.178220] kasan_atomics+0x1dc/0x310 [ 15.178243] ? __pfx_kasan_atomics+0x10/0x10 [ 15.178267] ? __pfx_read_tsc+0x10/0x10 [ 15.178290] ? ktime_get_ts64+0x86/0x230 [ 15.178316] kunit_try_run_case+0x1a5/0x480 [ 15.178342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.178365] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.178390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.178414] ? __kthread_parkme+0x82/0x180 [ 15.178437] ? preempt_count_sub+0x50/0x80 [ 15.178462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.178487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.178512] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.178538] kthread+0x337/0x6f0 [ 15.178557] ? trace_preempt_on+0x20/0xc0 [ 15.178582] ? __pfx_kthread+0x10/0x10 [ 15.178603] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.178625] ? calculate_sigpending+0x7b/0xa0 [ 15.178650] ? __pfx_kthread+0x10/0x10 [ 15.178671] ret_from_fork+0x116/0x1d0 [ 15.178690] ? __pfx_kthread+0x10/0x10 [ 15.178715] ret_from_fork_asm+0x1a/0x30 [ 15.178748] </TASK> [ 15.178760] [ 15.194737] Allocated by task 282: [ 15.195214] kasan_save_stack+0x45/0x70 [ 15.195525] kasan_save_track+0x18/0x40 [ 15.195666] kasan_save_alloc_info+0x3b/0x50 [ 15.195810] __kasan_kmalloc+0xb7/0xc0 [ 15.195959] __kmalloc_cache_noprof+0x189/0x420 [ 15.196680] kasan_atomics+0x95/0x310 [ 15.197136] kunit_try_run_case+0x1a5/0x480 [ 15.197706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.198359] kthread+0x337/0x6f0 [ 15.198784] ret_from_fork+0x116/0x1d0 [ 15.199306] ret_from_fork_asm+0x1a/0x30 [ 15.199792] [ 15.199966] The buggy address belongs to the object at ffff888102ac2380 [ 15.199966] which belongs to the cache kmalloc-64 of size 64 [ 15.200666] The buggy address is located 0 bytes to the right of [ 15.200666] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.201668] [ 15.201845] The buggy address belongs to the physical page: [ 15.202573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.203506] flags: 0x200000000000000(node=0|zone=2) [ 15.204192] page_type: f5(slab) [ 15.204516] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.205095] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.205781] page dumped because: kasan: bad access detected [ 15.206133] [ 15.206479] Memory state around the buggy address: [ 15.207105] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.207692] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.207913] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.208801] ^ [ 15.209421] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.209874] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.210688] ================================================================== [ 15.945384] ================================================================== [ 15.946198] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.946435] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.946750] [ 15.946863] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.946905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.946917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.946949] Call Trace: [ 15.946968] <TASK> [ 15.946987] dump_stack_lvl+0x73/0xb0 [ 15.947017] print_report+0xd1/0x650 [ 15.947040] ? __virt_addr_valid+0x1db/0x2d0 [ 15.947062] ? kasan_atomics_helper+0x1467/0x5450 [ 15.947084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.947107] ? kasan_atomics_helper+0x1467/0x5450 [ 15.947128] kasan_report+0x141/0x180 [ 15.947149] ? kasan_atomics_helper+0x1467/0x5450 [ 15.947175] kasan_check_range+0x10c/0x1c0 [ 15.947198] __kasan_check_write+0x18/0x20 [ 15.947218] kasan_atomics_helper+0x1467/0x5450 [ 15.947241] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.947264] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.947289] ? kasan_atomics+0x152/0x310 [ 15.947315] kasan_atomics+0x1dc/0x310 [ 15.947337] ? __pfx_kasan_atomics+0x10/0x10 [ 15.947362] ? __pfx_read_tsc+0x10/0x10 [ 15.947411] ? ktime_get_ts64+0x86/0x230 [ 15.947449] kunit_try_run_case+0x1a5/0x480 [ 15.947475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.947511] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.947537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.947574] ? __kthread_parkme+0x82/0x180 [ 15.947597] ? preempt_count_sub+0x50/0x80 [ 15.948248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.948325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.948459] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.948493] kthread+0x337/0x6f0 [ 15.948514] ? trace_preempt_on+0x20/0xc0 [ 15.948742] ? __pfx_kthread+0x10/0x10 [ 15.948766] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.948792] ? calculate_sigpending+0x7b/0xa0 [ 15.948821] ? __pfx_kthread+0x10/0x10 [ 15.948844] ret_from_fork+0x116/0x1d0 [ 15.948864] ? __pfx_kthread+0x10/0x10 [ 15.948886] ret_from_fork_asm+0x1a/0x30 [ 15.948919] </TASK> [ 15.948932] [ 15.961763] Allocated by task 282: [ 15.962132] kasan_save_stack+0x45/0x70 [ 15.962652] kasan_save_track+0x18/0x40 [ 15.962919] kasan_save_alloc_info+0x3b/0x50 [ 15.963448] __kasan_kmalloc+0xb7/0xc0 [ 15.963679] __kmalloc_cache_noprof+0x189/0x420 [ 15.963897] kasan_atomics+0x95/0x310 [ 15.964086] kunit_try_run_case+0x1a5/0x480 [ 15.964534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.964924] kthread+0x337/0x6f0 [ 15.965248] ret_from_fork+0x116/0x1d0 [ 15.965575] ret_from_fork_asm+0x1a/0x30 [ 15.965892] [ 15.966001] The buggy address belongs to the object at ffff888102ac2380 [ 15.966001] which belongs to the cache kmalloc-64 of size 64 [ 15.966960] The buggy address is located 0 bytes to the right of [ 15.966960] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.967730] [ 15.967985] The buggy address belongs to the physical page: [ 15.968487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.968900] flags: 0x200000000000000(node=0|zone=2) [ 15.969138] page_type: f5(slab) [ 15.969577] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.970044] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.970627] page dumped because: kasan: bad access detected [ 15.970870] [ 15.970974] Memory state around the buggy address: [ 15.971183] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.972088] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.972569] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.973052] ^ [ 15.973476] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.973966] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.974503] ================================================================== [ 15.211751] ================================================================== [ 15.212027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 15.212579] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.212873] [ 15.213018] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.213064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.213076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.213097] Call Trace: [ 15.213116] <TASK> [ 15.213418] dump_stack_lvl+0x73/0xb0 [ 15.213457] print_report+0xd1/0x650 [ 15.213481] ? __virt_addr_valid+0x1db/0x2d0 [ 15.213504] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.213526] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.213548] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.213571] kasan_report+0x141/0x180 [ 15.213593] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.213618] __asan_report_store4_noabort+0x1b/0x30 [ 15.213644] kasan_atomics_helper+0x4ba2/0x5450 [ 15.213667] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.213689] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.213714] ? kasan_atomics+0x152/0x310 [ 15.213741] kasan_atomics+0x1dc/0x310 [ 15.213762] ? __pfx_kasan_atomics+0x10/0x10 [ 15.213786] ? __pfx_read_tsc+0x10/0x10 [ 15.213808] ? ktime_get_ts64+0x86/0x230 [ 15.213832] kunit_try_run_case+0x1a5/0x480 [ 15.213857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.213879] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.213903] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.213927] ? __kthread_parkme+0x82/0x180 [ 15.214139] ? preempt_count_sub+0x50/0x80 [ 15.214167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.214192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.214219] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.214245] kthread+0x337/0x6f0 [ 15.214279] ? trace_preempt_on+0x20/0xc0 [ 15.214304] ? __pfx_kthread+0x10/0x10 [ 15.214325] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.214348] ? calculate_sigpending+0x7b/0xa0 [ 15.214373] ? __pfx_kthread+0x10/0x10 [ 15.214394] ret_from_fork+0x116/0x1d0 [ 15.214413] ? __pfx_kthread+0x10/0x10 [ 15.214433] ret_from_fork_asm+0x1a/0x30 [ 15.214464] </TASK> [ 15.214475] [ 15.222740] Allocated by task 282: [ 15.222903] kasan_save_stack+0x45/0x70 [ 15.223096] kasan_save_track+0x18/0x40 [ 15.223261] kasan_save_alloc_info+0x3b/0x50 [ 15.223524] __kasan_kmalloc+0xb7/0xc0 [ 15.223685] __kmalloc_cache_noprof+0x189/0x420 [ 15.223840] kasan_atomics+0x95/0x310 [ 15.223983] kunit_try_run_case+0x1a5/0x480 [ 15.224149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.224556] kthread+0x337/0x6f0 [ 15.224776] ret_from_fork+0x116/0x1d0 [ 15.224970] ret_from_fork_asm+0x1a/0x30 [ 15.225239] [ 15.225418] The buggy address belongs to the object at ffff888102ac2380 [ 15.225418] which belongs to the cache kmalloc-64 of size 64 [ 15.225894] The buggy address is located 0 bytes to the right of [ 15.225894] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.226626] [ 15.226720] The buggy address belongs to the physical page: [ 15.227003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.227390] flags: 0x200000000000000(node=0|zone=2) [ 15.227581] page_type: f5(slab) [ 15.227701] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.228025] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.228464] page dumped because: kasan: bad access detected [ 15.228683] [ 15.228761] Memory state around the buggy address: [ 15.228962] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.229351] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.229723] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.229948] ^ [ 15.230100] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.230310] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.230623] ================================================================== [ 15.686439] ================================================================== [ 15.686745] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.687266] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.687587] [ 15.687704] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.687758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.687771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.687803] Call Trace: [ 15.687822] <TASK> [ 15.687843] dump_stack_lvl+0x73/0xb0 [ 15.687875] print_report+0xd1/0x650 [ 15.687900] ? __virt_addr_valid+0x1db/0x2d0 [ 15.687923] ? kasan_atomics_helper+0xf10/0x5450 [ 15.687957] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.687982] ? kasan_atomics_helper+0xf10/0x5450 [ 15.688004] kasan_report+0x141/0x180 [ 15.688027] ? kasan_atomics_helper+0xf10/0x5450 [ 15.688054] kasan_check_range+0x10c/0x1c0 [ 15.688078] __kasan_check_write+0x18/0x20 [ 15.688099] kasan_atomics_helper+0xf10/0x5450 [ 15.688123] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.688147] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.688173] ? kasan_atomics+0x152/0x310 [ 15.688200] kasan_atomics+0x1dc/0x310 [ 15.688226] ? __pfx_kasan_atomics+0x10/0x10 [ 15.688251] ? __pfx_read_tsc+0x10/0x10 [ 15.688301] ? ktime_get_ts64+0x86/0x230 [ 15.688329] kunit_try_run_case+0x1a5/0x480 [ 15.688354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.688388] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.688425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.688450] ? __kthread_parkme+0x82/0x180 [ 15.688474] ? preempt_count_sub+0x50/0x80 [ 15.688511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.688540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.688568] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.688594] kthread+0x337/0x6f0 [ 15.688614] ? trace_preempt_on+0x20/0xc0 [ 15.688639] ? __pfx_kthread+0x10/0x10 [ 15.688662] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.688684] ? calculate_sigpending+0x7b/0xa0 [ 15.688719] ? __pfx_kthread+0x10/0x10 [ 15.688742] ret_from_fork+0x116/0x1d0 [ 15.688762] ? __pfx_kthread+0x10/0x10 [ 15.688795] ret_from_fork_asm+0x1a/0x30 [ 15.688827] </TASK> [ 15.688839] [ 15.696864] Allocated by task 282: [ 15.697010] kasan_save_stack+0x45/0x70 [ 15.697162] kasan_save_track+0x18/0x40 [ 15.697317] kasan_save_alloc_info+0x3b/0x50 [ 15.697531] __kasan_kmalloc+0xb7/0xc0 [ 15.697750] __kmalloc_cache_noprof+0x189/0x420 [ 15.697979] kasan_atomics+0x95/0x310 [ 15.698167] kunit_try_run_case+0x1a5/0x480 [ 15.698374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.698549] kthread+0x337/0x6f0 [ 15.698671] ret_from_fork+0x116/0x1d0 [ 15.698813] ret_from_fork_asm+0x1a/0x30 [ 15.698962] [ 15.699069] The buggy address belongs to the object at ffff888102ac2380 [ 15.699069] which belongs to the cache kmalloc-64 of size 64 [ 15.700074] The buggy address is located 0 bytes to the right of [ 15.700074] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.700697] [ 15.700818] The buggy address belongs to the physical page: [ 15.701018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.701423] flags: 0x200000000000000(node=0|zone=2) [ 15.701687] page_type: f5(slab) [ 15.701840] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.702174] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.702544] page dumped because: kasan: bad access detected [ 15.702800] [ 15.702892] Memory state around the buggy address: [ 15.703118] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.703446] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.703742] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.704062] ^ [ 15.704284] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.704602] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.704914] ================================================================== [ 15.975276] ================================================================== [ 15.975545] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.975858] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.976189] [ 15.976410] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.976456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.976468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.976490] Call Trace: [ 15.976510] <TASK> [ 15.976530] dump_stack_lvl+0x73/0xb0 [ 15.976562] print_report+0xd1/0x650 [ 15.976586] ? __virt_addr_valid+0x1db/0x2d0 [ 15.976611] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.976634] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.976659] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.976682] kasan_report+0x141/0x180 [ 15.976705] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.976733] __asan_report_store8_noabort+0x1b/0x30 [ 15.976760] kasan_atomics_helper+0x50d4/0x5450 [ 15.976785] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.976809] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.976836] ? kasan_atomics+0x152/0x310 [ 15.976863] kasan_atomics+0x1dc/0x310 [ 15.976887] ? __pfx_kasan_atomics+0x10/0x10 [ 15.976912] ? __pfx_read_tsc+0x10/0x10 [ 15.976946] ? ktime_get_ts64+0x86/0x230 [ 15.976972] kunit_try_run_case+0x1a5/0x480 [ 15.976998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.977023] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.977049] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.977074] ? __kthread_parkme+0x82/0x180 [ 15.977096] ? preempt_count_sub+0x50/0x80 [ 15.977121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.977147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.977173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.977199] kthread+0x337/0x6f0 [ 15.977219] ? trace_preempt_on+0x20/0xc0 [ 15.977244] ? __pfx_kthread+0x10/0x10 [ 15.977266] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.977288] ? calculate_sigpending+0x7b/0xa0 [ 15.977314] ? __pfx_kthread+0x10/0x10 [ 15.977336] ret_from_fork+0x116/0x1d0 [ 15.977355] ? __pfx_kthread+0x10/0x10 [ 15.977377] ret_from_fork_asm+0x1a/0x30 [ 15.977409] </TASK> [ 15.977420] [ 15.984607] Allocated by task 282: [ 15.984778] kasan_save_stack+0x45/0x70 [ 15.984962] kasan_save_track+0x18/0x40 [ 15.985098] kasan_save_alloc_info+0x3b/0x50 [ 15.985248] __kasan_kmalloc+0xb7/0xc0 [ 15.985485] __kmalloc_cache_noprof+0x189/0x420 [ 15.985707] kasan_atomics+0x95/0x310 [ 15.986002] kunit_try_run_case+0x1a5/0x480 [ 15.986179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.986618] kthread+0x337/0x6f0 [ 15.986772] ret_from_fork+0x116/0x1d0 [ 15.986993] ret_from_fork_asm+0x1a/0x30 [ 15.987198] [ 15.987279] The buggy address belongs to the object at ffff888102ac2380 [ 15.987279] which belongs to the cache kmalloc-64 of size 64 [ 15.987747] The buggy address is located 0 bytes to the right of [ 15.987747] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.988196] [ 15.988273] The buggy address belongs to the physical page: [ 15.988536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.988851] flags: 0x200000000000000(node=0|zone=2) [ 15.989065] page_type: f5(slab) [ 15.989233] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.989461] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.989686] page dumped because: kasan: bad access detected [ 15.989855] [ 15.989925] Memory state around the buggy address: [ 15.990140] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.990518] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.990837] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.991147] ^ [ 15.991360] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.991645] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.991856] ================================================================== [ 16.120382] ================================================================== [ 16.120691] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 16.120925] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.121412] [ 16.121527] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.121572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.121587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.121611] Call Trace: [ 16.121631] <TASK> [ 16.121650] dump_stack_lvl+0x73/0xb0 [ 16.121681] print_report+0xd1/0x650 [ 16.121706] ? __virt_addr_valid+0x1db/0x2d0 [ 16.121730] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.121753] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.121777] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.121799] kasan_report+0x141/0x180 [ 16.121823] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.121851] kasan_check_range+0x10c/0x1c0 [ 16.121875] __kasan_check_write+0x18/0x20 [ 16.121896] kasan_atomics_helper+0x18b1/0x5450 [ 16.121919] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.121956] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.121982] ? kasan_atomics+0x152/0x310 [ 16.122009] kasan_atomics+0x1dc/0x310 [ 16.122033] ? __pfx_kasan_atomics+0x10/0x10 [ 16.122058] ? __pfx_read_tsc+0x10/0x10 [ 16.122080] ? ktime_get_ts64+0x86/0x230 [ 16.122104] kunit_try_run_case+0x1a5/0x480 [ 16.122130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.122154] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.122180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.122204] ? __kthread_parkme+0x82/0x180 [ 16.122226] ? preempt_count_sub+0x50/0x80 [ 16.122251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.122297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.122322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.122349] kthread+0x337/0x6f0 [ 16.122369] ? trace_preempt_on+0x20/0xc0 [ 16.122393] ? __pfx_kthread+0x10/0x10 [ 16.122414] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.122436] ? calculate_sigpending+0x7b/0xa0 [ 16.122462] ? __pfx_kthread+0x10/0x10 [ 16.122484] ret_from_fork+0x116/0x1d0 [ 16.122503] ? __pfx_kthread+0x10/0x10 [ 16.122524] ret_from_fork_asm+0x1a/0x30 [ 16.122556] </TASK> [ 16.122567] [ 16.129568] Allocated by task 282: [ 16.129744] kasan_save_stack+0x45/0x70 [ 16.129953] kasan_save_track+0x18/0x40 [ 16.130143] kasan_save_alloc_info+0x3b/0x50 [ 16.130379] __kasan_kmalloc+0xb7/0xc0 [ 16.130548] __kmalloc_cache_noprof+0x189/0x420 [ 16.130731] kasan_atomics+0x95/0x310 [ 16.130918] kunit_try_run_case+0x1a5/0x480 [ 16.131102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.131303] kthread+0x337/0x6f0 [ 16.131426] ret_from_fork+0x116/0x1d0 [ 16.131615] ret_from_fork_asm+0x1a/0x30 [ 16.131808] [ 16.131903] The buggy address belongs to the object at ffff888102ac2380 [ 16.131903] which belongs to the cache kmalloc-64 of size 64 [ 16.132447] The buggy address is located 0 bytes to the right of [ 16.132447] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.132901] [ 16.132982] The buggy address belongs to the physical page: [ 16.133153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.133418] flags: 0x200000000000000(node=0|zone=2) [ 16.133625] page_type: f5(slab) [ 16.133796] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.134150] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.134512] page dumped because: kasan: bad access detected [ 16.134763] [ 16.134855] Memory state around the buggy address: [ 16.135018] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.135233] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.135500] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.135816] ^ [ 16.136045] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.136390] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.136709] ================================================================== [ 15.867358] ================================================================== [ 15.867716] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.868644] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.868929] [ 15.869082] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.869126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.869138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.869159] Call Trace: [ 15.869178] <TASK> [ 15.869197] dump_stack_lvl+0x73/0xb0 [ 15.869230] print_report+0xd1/0x650 [ 15.869268] ? __virt_addr_valid+0x1db/0x2d0 [ 15.869292] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.869337] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.869363] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.869386] kasan_report+0x141/0x180 [ 15.869420] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.869457] kasan_check_range+0x10c/0x1c0 [ 15.869481] __kasan_check_write+0x18/0x20 [ 15.869501] kasan_atomics_helper+0x12e6/0x5450 [ 15.869536] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.869559] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.869586] ? kasan_atomics+0x152/0x310 [ 15.869622] kasan_atomics+0x1dc/0x310 [ 15.869645] ? __pfx_kasan_atomics+0x10/0x10 [ 15.869681] ? __pfx_read_tsc+0x10/0x10 [ 15.869704] ? ktime_get_ts64+0x86/0x230 [ 15.869729] kunit_try_run_case+0x1a5/0x480 [ 15.869764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.869787] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.869813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.869850] ? __kthread_parkme+0x82/0x180 [ 15.869873] ? preempt_count_sub+0x50/0x80 [ 15.869899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.869955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.869982] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.870018] kthread+0x337/0x6f0 [ 15.870038] ? trace_preempt_on+0x20/0xc0 [ 15.870064] ? __pfx_kthread+0x10/0x10 [ 15.870086] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.870108] ? calculate_sigpending+0x7b/0xa0 [ 15.870143] ? __pfx_kthread+0x10/0x10 [ 15.870167] ret_from_fork+0x116/0x1d0 [ 15.870198] ? __pfx_kthread+0x10/0x10 [ 15.870219] ret_from_fork_asm+0x1a/0x30 [ 15.870250] </TASK> [ 15.870261] [ 15.877878] Allocated by task 282: [ 15.878019] kasan_save_stack+0x45/0x70 [ 15.878166] kasan_save_track+0x18/0x40 [ 15.878403] kasan_save_alloc_info+0x3b/0x50 [ 15.878613] __kasan_kmalloc+0xb7/0xc0 [ 15.878804] __kmalloc_cache_noprof+0x189/0x420 [ 15.879037] kasan_atomics+0x95/0x310 [ 15.879225] kunit_try_run_case+0x1a5/0x480 [ 15.879660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.879872] kthread+0x337/0x6f0 [ 15.880015] ret_from_fork+0x116/0x1d0 [ 15.880150] ret_from_fork_asm+0x1a/0x30 [ 15.880290] [ 15.880361] The buggy address belongs to the object at ffff888102ac2380 [ 15.880361] which belongs to the cache kmalloc-64 of size 64 [ 15.881028] The buggy address is located 0 bytes to the right of [ 15.881028] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.881539] [ 15.881614] The buggy address belongs to the physical page: [ 15.881790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.882173] flags: 0x200000000000000(node=0|zone=2) [ 15.882510] page_type: f5(slab) [ 15.882684] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.883228] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.883666] page dumped because: kasan: bad access detected [ 15.883838] [ 15.883907] Memory state around the buggy address: [ 15.884072] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.884455] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.884803] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.885157] ^ [ 15.885376] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.885684] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.885982] ================================================================== [ 15.372192] ================================================================== [ 15.372985] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.373649] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.374303] [ 15.374516] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.374675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.374692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.374721] Call Trace: [ 15.374741] <TASK> [ 15.374761] dump_stack_lvl+0x73/0xb0 [ 15.374795] print_report+0xd1/0x650 [ 15.374820] ? __virt_addr_valid+0x1db/0x2d0 [ 15.374844] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.374867] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.374892] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.374915] kasan_report+0x141/0x180 [ 15.374948] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.374977] kasan_check_range+0x10c/0x1c0 [ 15.375001] __kasan_check_write+0x18/0x20 [ 15.375022] kasan_atomics_helper+0x5fe/0x5450 [ 15.375046] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.375070] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.375097] ? kasan_atomics+0x152/0x310 [ 15.375125] kasan_atomics+0x1dc/0x310 [ 15.375149] ? __pfx_kasan_atomics+0x10/0x10 [ 15.375174] ? __pfx_read_tsc+0x10/0x10 [ 15.375196] ? ktime_get_ts64+0x86/0x230 [ 15.375222] kunit_try_run_case+0x1a5/0x480 [ 15.375248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.375279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.375305] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.375330] ? __kthread_parkme+0x82/0x180 [ 15.375352] ? preempt_count_sub+0x50/0x80 [ 15.375378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.375403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.375430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.375456] kthread+0x337/0x6f0 [ 15.375476] ? trace_preempt_on+0x20/0xc0 [ 15.375500] ? __pfx_kthread+0x10/0x10 [ 15.375521] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.375544] ? calculate_sigpending+0x7b/0xa0 [ 15.375570] ? __pfx_kthread+0x10/0x10 [ 15.375592] ret_from_fork+0x116/0x1d0 [ 15.375611] ? __pfx_kthread+0x10/0x10 [ 15.375633] ret_from_fork_asm+0x1a/0x30 [ 15.375664] </TASK> [ 15.375676] [ 15.383558] Allocated by task 282: [ 15.383745] kasan_save_stack+0x45/0x70 [ 15.383961] kasan_save_track+0x18/0x40 [ 15.384136] kasan_save_alloc_info+0x3b/0x50 [ 15.384386] __kasan_kmalloc+0xb7/0xc0 [ 15.384522] __kmalloc_cache_noprof+0x189/0x420 [ 15.384678] kasan_atomics+0x95/0x310 [ 15.384836] kunit_try_run_case+0x1a5/0x480 [ 15.385091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.385432] kthread+0x337/0x6f0 [ 15.385604] ret_from_fork+0x116/0x1d0 [ 15.385825] ret_from_fork_asm+0x1a/0x30 [ 15.386047] [ 15.386186] The buggy address belongs to the object at ffff888102ac2380 [ 15.386186] which belongs to the cache kmalloc-64 of size 64 [ 15.386716] The buggy address is located 0 bytes to the right of [ 15.386716] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.387321] [ 15.387455] The buggy address belongs to the physical page: [ 15.387728] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.388117] flags: 0x200000000000000(node=0|zone=2) [ 15.388323] page_type: f5(slab) [ 15.388531] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.388893] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.389360] page dumped because: kasan: bad access detected [ 15.389626] [ 15.389719] Memory state around the buggy address: [ 15.389995] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.390312] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.390545] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.390872] ^ [ 15.391151] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.391506] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.391760] ================================================================== [ 15.830099] ================================================================== [ 15.831009] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.831353] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.831765] [ 15.831882] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.831927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.831951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.831983] Call Trace: [ 15.832004] <TASK> [ 15.832025] dump_stack_lvl+0x73/0xb0 [ 15.832070] print_report+0xd1/0x650 [ 15.832104] ? __virt_addr_valid+0x1db/0x2d0 [ 15.832130] ? kasan_atomics_helper+0x1217/0x5450 [ 15.832165] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.832190] ? kasan_atomics_helper+0x1217/0x5450 [ 15.832214] kasan_report+0x141/0x180 [ 15.832236] ? kasan_atomics_helper+0x1217/0x5450 [ 15.832264] kasan_check_range+0x10c/0x1c0 [ 15.832301] __kasan_check_write+0x18/0x20 [ 15.832321] kasan_atomics_helper+0x1217/0x5450 [ 15.832345] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.832370] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.832398] ? kasan_atomics+0x152/0x310 [ 15.832425] kasan_atomics+0x1dc/0x310 [ 15.832449] ? __pfx_kasan_atomics+0x10/0x10 [ 15.832475] ? __pfx_read_tsc+0x10/0x10 [ 15.832497] ? ktime_get_ts64+0x86/0x230 [ 15.832522] kunit_try_run_case+0x1a5/0x480 [ 15.832548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.832571] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.832607] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.832632] ? __kthread_parkme+0x82/0x180 [ 15.832653] ? preempt_count_sub+0x50/0x80 [ 15.832689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.832715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.832740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.832767] kthread+0x337/0x6f0 [ 15.832786] ? trace_preempt_on+0x20/0xc0 [ 15.832811] ? __pfx_kthread+0x10/0x10 [ 15.832833] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.832856] ? calculate_sigpending+0x7b/0xa0 [ 15.832881] ? __pfx_kthread+0x10/0x10 [ 15.832903] ret_from_fork+0x116/0x1d0 [ 15.832923] ? __pfx_kthread+0x10/0x10 [ 15.832953] ret_from_fork_asm+0x1a/0x30 [ 15.832987] </TASK> [ 15.832999] [ 15.840646] Allocated by task 282: [ 15.840828] kasan_save_stack+0x45/0x70 [ 15.841044] kasan_save_track+0x18/0x40 [ 15.841203] kasan_save_alloc_info+0x3b/0x50 [ 15.841555] __kasan_kmalloc+0xb7/0xc0 [ 15.841712] __kmalloc_cache_noprof+0x189/0x420 [ 15.841914] kasan_atomics+0x95/0x310 [ 15.842137] kunit_try_run_case+0x1a5/0x480 [ 15.842355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.842567] kthread+0x337/0x6f0 [ 15.842748] ret_from_fork+0x116/0x1d0 [ 15.842923] ret_from_fork_asm+0x1a/0x30 [ 15.843109] [ 15.843214] The buggy address belongs to the object at ffff888102ac2380 [ 15.843214] which belongs to the cache kmalloc-64 of size 64 [ 15.843719] The buggy address is located 0 bytes to the right of [ 15.843719] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.844215] [ 15.844290] The buggy address belongs to the physical page: [ 15.844464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.844705] flags: 0x200000000000000(node=0|zone=2) [ 15.845014] page_type: f5(slab) [ 15.845186] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.845708] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.845944] page dumped because: kasan: bad access detected [ 15.846114] [ 15.846182] Memory state around the buggy address: [ 15.846488] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.846811] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.847203] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.847644] ^ [ 15.847898] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.848255] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.848492] ================================================================== [ 15.992323] ================================================================== [ 15.992675] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.993223] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.993805] [ 15.993919] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.993975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.993987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.994008] Call Trace: [ 15.994026] <TASK> [ 15.994043] dump_stack_lvl+0x73/0xb0 [ 15.994074] print_report+0xd1/0x650 [ 15.994098] ? __virt_addr_valid+0x1db/0x2d0 [ 15.994122] ? kasan_atomics_helper+0x151d/0x5450 [ 15.994145] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.994170] ? kasan_atomics_helper+0x151d/0x5450 [ 15.994193] kasan_report+0x141/0x180 [ 15.994216] ? kasan_atomics_helper+0x151d/0x5450 [ 15.994243] kasan_check_range+0x10c/0x1c0 [ 15.994283] __kasan_check_write+0x18/0x20 [ 15.994305] kasan_atomics_helper+0x151d/0x5450 [ 15.994332] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.994357] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.994384] ? kasan_atomics+0x152/0x310 [ 15.994412] kasan_atomics+0x1dc/0x310 [ 15.994436] ? __pfx_kasan_atomics+0x10/0x10 [ 15.994462] ? __pfx_read_tsc+0x10/0x10 [ 15.994484] ? ktime_get_ts64+0x86/0x230 [ 15.994509] kunit_try_run_case+0x1a5/0x480 [ 15.994535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.994561] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.994586] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.994611] ? __kthread_parkme+0x82/0x180 [ 15.994633] ? preempt_count_sub+0x50/0x80 [ 15.994658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.994683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.994716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.994742] kthread+0x337/0x6f0 [ 15.994762] ? trace_preempt_on+0x20/0xc0 [ 15.994787] ? __pfx_kthread+0x10/0x10 [ 15.994808] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.994831] ? calculate_sigpending+0x7b/0xa0 [ 15.994857] ? __pfx_kthread+0x10/0x10 [ 15.994880] ret_from_fork+0x116/0x1d0 [ 15.994900] ? __pfx_kthread+0x10/0x10 [ 15.994922] ret_from_fork_asm+0x1a/0x30 [ 15.994966] </TASK> [ 15.994977] [ 16.002652] Allocated by task 282: [ 16.003330] kasan_save_stack+0x45/0x70 [ 16.003767] kasan_save_track+0x18/0x40 [ 16.003907] kasan_save_alloc_info+0x3b/0x50 [ 16.004070] __kasan_kmalloc+0xb7/0xc0 [ 16.004204] __kmalloc_cache_noprof+0x189/0x420 [ 16.004620] kasan_atomics+0x95/0x310 [ 16.004814] kunit_try_run_case+0x1a5/0x480 [ 16.005043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.005293] kthread+0x337/0x6f0 [ 16.005413] ret_from_fork+0x116/0x1d0 [ 16.005546] ret_from_fork_asm+0x1a/0x30 [ 16.005686] [ 16.005757] The buggy address belongs to the object at ffff888102ac2380 [ 16.005757] which belongs to the cache kmalloc-64 of size 64 [ 16.006532] The buggy address is located 0 bytes to the right of [ 16.006532] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.006972] [ 16.007048] The buggy address belongs to the physical page: [ 16.007219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.007575] flags: 0x200000000000000(node=0|zone=2) [ 16.007812] page_type: f5(slab) [ 16.007998] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.008423] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.008813] page dumped because: kasan: bad access detected [ 16.009058] [ 16.009143] Memory state around the buggy address: [ 16.009362] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.009628] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.009908] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.010129] ^ [ 16.010284] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.010500] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.010772] ================================================================== [ 15.747372] ================================================================== [ 15.747734] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.748050] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.748542] [ 15.748674] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.748730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.748743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.748765] Call Trace: [ 15.748794] <TASK> [ 15.748813] dump_stack_lvl+0x73/0xb0 [ 15.748846] print_report+0xd1/0x650 [ 15.748870] ? __virt_addr_valid+0x1db/0x2d0 [ 15.748893] ? kasan_atomics_helper+0x1079/0x5450 [ 15.748923] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.748957] ? kasan_atomics_helper+0x1079/0x5450 [ 15.748980] kasan_report+0x141/0x180 [ 15.749014] ? kasan_atomics_helper+0x1079/0x5450 [ 15.749043] kasan_check_range+0x10c/0x1c0 [ 15.749077] __kasan_check_write+0x18/0x20 [ 15.749098] kasan_atomics_helper+0x1079/0x5450 [ 15.749122] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.749156] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.749182] ? kasan_atomics+0x152/0x310 [ 15.749210] kasan_atomics+0x1dc/0x310 [ 15.749233] ? __pfx_kasan_atomics+0x10/0x10 [ 15.749259] ? __pfx_read_tsc+0x10/0x10 [ 15.749281] ? ktime_get_ts64+0x86/0x230 [ 15.749318] kunit_try_run_case+0x1a5/0x480 [ 15.749343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.749367] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.749393] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.749427] ? __kthread_parkme+0x82/0x180 [ 15.749449] ? preempt_count_sub+0x50/0x80 [ 15.749474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.749510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.749536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.749562] kthread+0x337/0x6f0 [ 15.749582] ? trace_preempt_on+0x20/0xc0 [ 15.749616] ? __pfx_kthread+0x10/0x10 [ 15.749638] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.749660] ? calculate_sigpending+0x7b/0xa0 [ 15.749697] ? __pfx_kthread+0x10/0x10 [ 15.749719] ret_from_fork+0x116/0x1d0 [ 15.749739] ? __pfx_kthread+0x10/0x10 [ 15.749762] ret_from_fork_asm+0x1a/0x30 [ 15.749795] </TASK> [ 15.749807] [ 15.757587] Allocated by task 282: [ 15.757773] kasan_save_stack+0x45/0x70 [ 15.758004] kasan_save_track+0x18/0x40 [ 15.758164] kasan_save_alloc_info+0x3b/0x50 [ 15.758355] __kasan_kmalloc+0xb7/0xc0 [ 15.758566] __kmalloc_cache_noprof+0x189/0x420 [ 15.758757] kasan_atomics+0x95/0x310 [ 15.758961] kunit_try_run_case+0x1a5/0x480 [ 15.759105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.759455] kthread+0x337/0x6f0 [ 15.759627] ret_from_fork+0x116/0x1d0 [ 15.759763] ret_from_fork_asm+0x1a/0x30 [ 15.759971] [ 15.760069] The buggy address belongs to the object at ffff888102ac2380 [ 15.760069] which belongs to the cache kmalloc-64 of size 64 [ 15.760615] The buggy address is located 0 bytes to the right of [ 15.760615] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.761175] [ 15.761283] The buggy address belongs to the physical page: [ 15.761511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.761862] flags: 0x200000000000000(node=0|zone=2) [ 15.762099] page_type: f5(slab) [ 15.762273] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.762514] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.762746] page dumped because: kasan: bad access detected [ 15.762917] [ 15.762996] Memory state around the buggy address: [ 15.763212] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.763528] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.763847] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.764170] ^ [ 15.764558] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.764855] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.765078] ================================================================== [ 16.153775] ================================================================== [ 16.154161] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 16.154587] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.154950] [ 16.155064] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.155107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.155120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.155141] Call Trace: [ 16.155159] <TASK> [ 16.155176] dump_stack_lvl+0x73/0xb0 [ 16.155207] print_report+0xd1/0x650 [ 16.155231] ? __virt_addr_valid+0x1db/0x2d0 [ 16.155255] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.155277] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.155302] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.155324] kasan_report+0x141/0x180 [ 16.155347] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.155374] kasan_check_range+0x10c/0x1c0 [ 16.155399] __kasan_check_write+0x18/0x20 [ 16.155419] kasan_atomics_helper+0x19e3/0x5450 [ 16.155442] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.155467] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.155492] ? kasan_atomics+0x152/0x310 [ 16.155520] kasan_atomics+0x1dc/0x310 [ 16.155543] ? __pfx_kasan_atomics+0x10/0x10 [ 16.155569] ? __pfx_read_tsc+0x10/0x10 [ 16.155590] ? ktime_get_ts64+0x86/0x230 [ 16.155615] kunit_try_run_case+0x1a5/0x480 [ 16.155640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.155664] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.155689] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.155714] ? __kthread_parkme+0x82/0x180 [ 16.155735] ? preempt_count_sub+0x50/0x80 [ 16.155760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.155785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.155811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.155837] kthread+0x337/0x6f0 [ 16.155856] ? trace_preempt_on+0x20/0xc0 [ 16.155881] ? __pfx_kthread+0x10/0x10 [ 16.155902] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.155925] ? calculate_sigpending+0x7b/0xa0 [ 16.155961] ? __pfx_kthread+0x10/0x10 [ 16.155983] ret_from_fork+0x116/0x1d0 [ 16.156002] ? __pfx_kthread+0x10/0x10 [ 16.156024] ret_from_fork_asm+0x1a/0x30 [ 16.156055] </TASK> [ 16.156066] [ 16.164078] Allocated by task 282: [ 16.164302] kasan_save_stack+0x45/0x70 [ 16.164470] kasan_save_track+0x18/0x40 [ 16.164653] kasan_save_alloc_info+0x3b/0x50 [ 16.164840] __kasan_kmalloc+0xb7/0xc0 [ 16.165010] __kmalloc_cache_noprof+0x189/0x420 [ 16.165211] kasan_atomics+0x95/0x310 [ 16.165386] kunit_try_run_case+0x1a5/0x480 [ 16.165594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.165803] kthread+0x337/0x6f0 [ 16.165970] ret_from_fork+0x116/0x1d0 [ 16.166152] ret_from_fork_asm+0x1a/0x30 [ 16.166309] [ 16.166380] The buggy address belongs to the object at ffff888102ac2380 [ 16.166380] which belongs to the cache kmalloc-64 of size 64 [ 16.166736] The buggy address is located 0 bytes to the right of [ 16.166736] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.167200] [ 16.167320] The buggy address belongs to the physical page: [ 16.167571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.167925] flags: 0x200000000000000(node=0|zone=2) [ 16.168176] page_type: f5(slab) [ 16.168369] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.168717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.169038] page dumped because: kasan: bad access detected [ 16.169210] [ 16.169311] Memory state around the buggy address: [ 16.169469] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.169684] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.170014] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.170363] ^ [ 16.170590] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.170916] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.171248] ================================================================== [ 15.584392] ================================================================== [ 15.585093] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.585792] Read of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.586468] [ 15.586658] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.586704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.586725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.586747] Call Trace: [ 15.586768] <TASK> [ 15.586798] dump_stack_lvl+0x73/0xb0 [ 15.586831] print_report+0xd1/0x650 [ 15.586855] ? __virt_addr_valid+0x1db/0x2d0 [ 15.586891] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.586914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.586948] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.586972] kasan_report+0x141/0x180 [ 15.586995] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.587022] __asan_report_load4_noabort+0x18/0x20 [ 15.587048] kasan_atomics_helper+0x4a84/0x5450 [ 15.587072] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.587097] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.587124] ? kasan_atomics+0x152/0x310 [ 15.587151] kasan_atomics+0x1dc/0x310 [ 15.587174] ? __pfx_kasan_atomics+0x10/0x10 [ 15.587200] ? __pfx_read_tsc+0x10/0x10 [ 15.587224] ? ktime_get_ts64+0x86/0x230 [ 15.587270] kunit_try_run_case+0x1a5/0x480 [ 15.587300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.587324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.587350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.587376] ? __kthread_parkme+0x82/0x180 [ 15.587399] ? preempt_count_sub+0x50/0x80 [ 15.587424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.587448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.587474] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.587501] kthread+0x337/0x6f0 [ 15.587521] ? trace_preempt_on+0x20/0xc0 [ 15.587546] ? __pfx_kthread+0x10/0x10 [ 15.587567] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.587590] ? calculate_sigpending+0x7b/0xa0 [ 15.587615] ? __pfx_kthread+0x10/0x10 [ 15.587638] ret_from_fork+0x116/0x1d0 [ 15.587657] ? __pfx_kthread+0x10/0x10 [ 15.587678] ret_from_fork_asm+0x1a/0x30 [ 15.587710] </TASK> [ 15.587722] [ 15.600101] Allocated by task 282: [ 15.600493] kasan_save_stack+0x45/0x70 [ 15.600879] kasan_save_track+0x18/0x40 [ 15.601279] kasan_save_alloc_info+0x3b/0x50 [ 15.601543] __kasan_kmalloc+0xb7/0xc0 [ 15.601677] __kmalloc_cache_noprof+0x189/0x420 [ 15.601833] kasan_atomics+0x95/0x310 [ 15.602027] kunit_try_run_case+0x1a5/0x480 [ 15.602481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.602997] kthread+0x337/0x6f0 [ 15.603327] ret_from_fork+0x116/0x1d0 [ 15.603692] ret_from_fork_asm+0x1a/0x30 [ 15.604079] [ 15.604234] The buggy address belongs to the object at ffff888102ac2380 [ 15.604234] which belongs to the cache kmalloc-64 of size 64 [ 15.605248] The buggy address is located 0 bytes to the right of [ 15.605248] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.605913] [ 15.605999] The buggy address belongs to the physical page: [ 15.606166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.606800] flags: 0x200000000000000(node=0|zone=2) [ 15.607277] page_type: f5(slab) [ 15.607593] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.608277] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.608942] page dumped because: kasan: bad access detected [ 15.609457] [ 15.609612] Memory state around the buggy address: [ 15.609979] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.610478] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.610979] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.611460] ^ [ 15.611615] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.611829] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.612054] ================================================================== [ 15.333497] ================================================================== [ 15.333866] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.334226] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.334566] [ 15.334679] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.334731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.334744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.334764] Call Trace: [ 15.334783] <TASK> [ 15.334800] dump_stack_lvl+0x73/0xb0 [ 15.334831] print_report+0xd1/0x650 [ 15.334854] ? __virt_addr_valid+0x1db/0x2d0 [ 15.334877] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.334900] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.334923] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.335354] kasan_report+0x141/0x180 [ 15.335382] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.335411] __asan_report_store4_noabort+0x1b/0x30 [ 15.335439] kasan_atomics_helper+0x4b3a/0x5450 [ 15.335463] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.335488] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.335515] ? kasan_atomics+0x152/0x310 [ 15.335555] kasan_atomics+0x1dc/0x310 [ 15.335581] ? __pfx_kasan_atomics+0x10/0x10 [ 15.335610] ? __pfx_read_tsc+0x10/0x10 [ 15.335646] ? ktime_get_ts64+0x86/0x230 [ 15.335672] kunit_try_run_case+0x1a5/0x480 [ 15.335697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.335721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.335747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.335772] ? __kthread_parkme+0x82/0x180 [ 15.335795] ? preempt_count_sub+0x50/0x80 [ 15.335820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.335846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.335872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.335898] kthread+0x337/0x6f0 [ 15.335918] ? trace_preempt_on+0x20/0xc0 [ 15.335951] ? __pfx_kthread+0x10/0x10 [ 15.335972] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.335995] ? calculate_sigpending+0x7b/0xa0 [ 15.336021] ? __pfx_kthread+0x10/0x10 [ 15.336044] ret_from_fork+0x116/0x1d0 [ 15.336063] ? __pfx_kthread+0x10/0x10 [ 15.336084] ret_from_fork_asm+0x1a/0x30 [ 15.336116] </TASK> [ 15.336137] [ 15.343403] Allocated by task 282: [ 15.343588] kasan_save_stack+0x45/0x70 [ 15.343821] kasan_save_track+0x18/0x40 [ 15.344046] kasan_save_alloc_info+0x3b/0x50 [ 15.344312] __kasan_kmalloc+0xb7/0xc0 [ 15.344525] __kmalloc_cache_noprof+0x189/0x420 [ 15.344767] kasan_atomics+0x95/0x310 [ 15.344964] kunit_try_run_case+0x1a5/0x480 [ 15.345203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.345444] kthread+0x337/0x6f0 [ 15.345581] ret_from_fork+0x116/0x1d0 [ 15.345798] ret_from_fork_asm+0x1a/0x30 [ 15.346010] [ 15.346099] The buggy address belongs to the object at ffff888102ac2380 [ 15.346099] which belongs to the cache kmalloc-64 of size 64 [ 15.346594] The buggy address is located 0 bytes to the right of [ 15.346594] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.347140] [ 15.347239] The buggy address belongs to the physical page: [ 15.347491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.347840] flags: 0x200000000000000(node=0|zone=2) [ 15.348033] page_type: f5(slab) [ 15.348156] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.348404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.348631] page dumped because: kasan: bad access detected [ 15.348902] [ 15.348999] Memory state around the buggy address: [ 15.349221] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.349563] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.349878] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.350203] ^ [ 15.350453] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.350759] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.350981] ================================================================== [ 16.378798] ================================================================== [ 16.379220] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.379578] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.379875] [ 16.379973] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.380015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.380027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.380049] Call Trace: [ 16.380091] <TASK> [ 16.380108] dump_stack_lvl+0x73/0xb0 [ 16.380138] print_report+0xd1/0x650 [ 16.380162] ? __virt_addr_valid+0x1db/0x2d0 [ 16.380186] ? kasan_atomics_helper+0x2006/0x5450 [ 16.380209] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.380233] ? kasan_atomics_helper+0x2006/0x5450 [ 16.380275] kasan_report+0x141/0x180 [ 16.380298] ? kasan_atomics_helper+0x2006/0x5450 [ 16.380325] kasan_check_range+0x10c/0x1c0 [ 16.380350] __kasan_check_write+0x18/0x20 [ 16.380371] kasan_atomics_helper+0x2006/0x5450 [ 16.380409] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.380433] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.380476] ? kasan_atomics+0x152/0x310 [ 16.380504] kasan_atomics+0x1dc/0x310 [ 16.380527] ? __pfx_kasan_atomics+0x10/0x10 [ 16.380552] ? __pfx_read_tsc+0x10/0x10 [ 16.380574] ? ktime_get_ts64+0x86/0x230 [ 16.380599] kunit_try_run_case+0x1a5/0x480 [ 16.380647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.380672] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.380698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.380733] ? __kthread_parkme+0x82/0x180 [ 16.380755] ? preempt_count_sub+0x50/0x80 [ 16.380780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.380806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.380832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.380859] kthread+0x337/0x6f0 [ 16.380909] ? trace_preempt_on+0x20/0xc0 [ 16.380934] ? __pfx_kthread+0x10/0x10 [ 16.380967] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.380991] ? calculate_sigpending+0x7b/0xa0 [ 16.381017] ? __pfx_kthread+0x10/0x10 [ 16.381039] ret_from_fork+0x116/0x1d0 [ 16.381059] ? __pfx_kthread+0x10/0x10 [ 16.381099] ret_from_fork_asm+0x1a/0x30 [ 16.381131] </TASK> [ 16.381144] [ 16.388387] Allocated by task 282: [ 16.388522] kasan_save_stack+0x45/0x70 [ 16.388666] kasan_save_track+0x18/0x40 [ 16.388849] kasan_save_alloc_info+0x3b/0x50 [ 16.389099] __kasan_kmalloc+0xb7/0xc0 [ 16.389337] __kmalloc_cache_noprof+0x189/0x420 [ 16.389596] kasan_atomics+0x95/0x310 [ 16.389790] kunit_try_run_case+0x1a5/0x480 [ 16.390008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.390282] kthread+0x337/0x6f0 [ 16.390452] ret_from_fork+0x116/0x1d0 [ 16.390589] ret_from_fork_asm+0x1a/0x30 [ 16.390734] [ 16.390804] The buggy address belongs to the object at ffff888102ac2380 [ 16.390804] which belongs to the cache kmalloc-64 of size 64 [ 16.391314] The buggy address is located 0 bytes to the right of [ 16.391314] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.391882] [ 16.392005] The buggy address belongs to the physical page: [ 16.392230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.392476] flags: 0x200000000000000(node=0|zone=2) [ 16.392639] page_type: f5(slab) [ 16.392809] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.393202] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.393590] page dumped because: kasan: bad access detected [ 16.393839] [ 16.393934] Memory state around the buggy address: [ 16.394188] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.394517] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.394800] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.395022] ^ [ 16.395178] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.395510] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.395824] ================================================================== [ 15.725304] ================================================================== [ 15.726057] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.726412] Read of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.726742] [ 15.726833] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.726877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.726891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.726912] Call Trace: [ 15.726932] <TASK> [ 15.726963] dump_stack_lvl+0x73/0xb0 [ 15.726992] print_report+0xd1/0x650 [ 15.727016] ? __virt_addr_valid+0x1db/0x2d0 [ 15.727040] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.727063] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.727087] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.727120] kasan_report+0x141/0x180 [ 15.727143] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.727170] __asan_report_load4_noabort+0x18/0x20 [ 15.727207] kasan_atomics_helper+0x4a36/0x5450 [ 15.727231] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.727254] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.727280] ? kasan_atomics+0x152/0x310 [ 15.727308] kasan_atomics+0x1dc/0x310 [ 15.727331] ? __pfx_kasan_atomics+0x10/0x10 [ 15.727356] ? __pfx_read_tsc+0x10/0x10 [ 15.727378] ? ktime_get_ts64+0x86/0x230 [ 15.727402] kunit_try_run_case+0x1a5/0x480 [ 15.727428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.727452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.727478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.727503] ? __kthread_parkme+0x82/0x180 [ 15.727525] ? preempt_count_sub+0x50/0x80 [ 15.727550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.727586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.727612] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.727638] kthread+0x337/0x6f0 [ 15.727658] ? trace_preempt_on+0x20/0xc0 [ 15.727682] ? __pfx_kthread+0x10/0x10 [ 15.727704] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.727727] ? calculate_sigpending+0x7b/0xa0 [ 15.727762] ? __pfx_kthread+0x10/0x10 [ 15.727784] ret_from_fork+0x116/0x1d0 [ 15.727803] ? __pfx_kthread+0x10/0x10 [ 15.727835] ret_from_fork_asm+0x1a/0x30 [ 15.727867] </TASK> [ 15.727879] [ 15.735324] Allocated by task 282: [ 15.735498] kasan_save_stack+0x45/0x70 [ 15.735701] kasan_save_track+0x18/0x40 [ 15.735864] kasan_save_alloc_info+0x3b/0x50 [ 15.736074] __kasan_kmalloc+0xb7/0xc0 [ 15.736472] __kmalloc_cache_noprof+0x189/0x420 [ 15.736629] kasan_atomics+0x95/0x310 [ 15.736761] kunit_try_run_case+0x1a5/0x480 [ 15.736906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.737092] kthread+0x337/0x6f0 [ 15.737216] ret_from_fork+0x116/0x1d0 [ 15.737348] ret_from_fork_asm+0x1a/0x30 [ 15.737531] [ 15.737697] The buggy address belongs to the object at ffff888102ac2380 [ 15.737697] which belongs to the cache kmalloc-64 of size 64 [ 15.738695] The buggy address is located 0 bytes to the right of [ 15.738695] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.739969] [ 15.740130] The buggy address belongs to the physical page: [ 15.740675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.741390] flags: 0x200000000000000(node=0|zone=2) [ 15.741831] page_type: f5(slab) [ 15.742149] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.742894] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.743698] page dumped because: kasan: bad access detected [ 15.744188] [ 15.744354] Memory state around the buggy address: [ 15.744815] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.745324] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.745548] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.745769] ^ [ 15.745923] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.746149] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.746548] ================================================================== [ 15.314452] ================================================================== [ 15.314698] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.315534] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.315874] [ 15.316160] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.316209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.316222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.316244] Call Trace: [ 15.316297] <TASK> [ 15.316316] dump_stack_lvl+0x73/0xb0 [ 15.316362] print_report+0xd1/0x650 [ 15.316386] ? __virt_addr_valid+0x1db/0x2d0 [ 15.316420] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.316443] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.316479] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.316502] kasan_report+0x141/0x180 [ 15.316524] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.316560] kasan_check_range+0x10c/0x1c0 [ 15.316584] __kasan_check_write+0x18/0x20 [ 15.316605] kasan_atomics_helper+0x4a0/0x5450 [ 15.316639] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.316664] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.316690] ? kasan_atomics+0x152/0x310 [ 15.316727] kasan_atomics+0x1dc/0x310 [ 15.316751] ? __pfx_kasan_atomics+0x10/0x10 [ 15.316776] ? __pfx_read_tsc+0x10/0x10 [ 15.316809] ? ktime_get_ts64+0x86/0x230 [ 15.316835] kunit_try_run_case+0x1a5/0x480 [ 15.316860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.316891] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.316917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.316957] ? __kthread_parkme+0x82/0x180 [ 15.316979] ? preempt_count_sub+0x50/0x80 [ 15.317005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.317031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.317056] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.317091] kthread+0x337/0x6f0 [ 15.317111] ? trace_preempt_on+0x20/0xc0 [ 15.317136] ? __pfx_kthread+0x10/0x10 [ 15.317167] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.317190] ? calculate_sigpending+0x7b/0xa0 [ 15.317215] ? __pfx_kthread+0x10/0x10 [ 15.317238] ret_from_fork+0x116/0x1d0 [ 15.317275] ? __pfx_kthread+0x10/0x10 [ 15.317297] ret_from_fork_asm+0x1a/0x30 [ 15.317329] </TASK> [ 15.317341] [ 15.325318] Allocated by task 282: [ 15.325491] kasan_save_stack+0x45/0x70 [ 15.325707] kasan_save_track+0x18/0x40 [ 15.325890] kasan_save_alloc_info+0x3b/0x50 [ 15.326051] __kasan_kmalloc+0xb7/0xc0 [ 15.326294] __kmalloc_cache_noprof+0x189/0x420 [ 15.326524] kasan_atomics+0x95/0x310 [ 15.326716] kunit_try_run_case+0x1a5/0x480 [ 15.326906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.327179] kthread+0x337/0x6f0 [ 15.327380] ret_from_fork+0x116/0x1d0 [ 15.327541] ret_from_fork_asm+0x1a/0x30 [ 15.327744] [ 15.327850] The buggy address belongs to the object at ffff888102ac2380 [ 15.327850] which belongs to the cache kmalloc-64 of size 64 [ 15.328340] The buggy address is located 0 bytes to the right of [ 15.328340] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.328841] [ 15.328947] The buggy address belongs to the physical page: [ 15.329209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.329491] flags: 0x200000000000000(node=0|zone=2) [ 15.329659] page_type: f5(slab) [ 15.329784] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.330023] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.330375] page dumped because: kasan: bad access detected [ 15.330645] [ 15.330746] Memory state around the buggy address: [ 15.330971] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.331308] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.331620] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.331841] ^ [ 15.332033] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.332384] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.332734] ================================================================== [ 16.049150] ================================================================== [ 16.049675] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 16.050156] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.050446] [ 16.050551] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.050595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.050630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.050652] Call Trace: [ 16.050671] <TASK> [ 16.050693] dump_stack_lvl+0x73/0xb0 [ 16.050731] print_report+0xd1/0x650 [ 16.050755] ? __virt_addr_valid+0x1db/0x2d0 [ 16.050804] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.050827] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.050864] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.050888] kasan_report+0x141/0x180 [ 16.050911] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.050950] kasan_check_range+0x10c/0x1c0 [ 16.050975] __kasan_check_write+0x18/0x20 [ 16.050995] kasan_atomics_helper+0x16e7/0x5450 [ 16.051019] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.051043] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.051069] ? kasan_atomics+0x152/0x310 [ 16.051096] kasan_atomics+0x1dc/0x310 [ 16.051118] ? __pfx_kasan_atomics+0x10/0x10 [ 16.051144] ? __pfx_read_tsc+0x10/0x10 [ 16.051166] ? ktime_get_ts64+0x86/0x230 [ 16.051191] kunit_try_run_case+0x1a5/0x480 [ 16.051216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.051240] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.051266] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.051290] ? __kthread_parkme+0x82/0x180 [ 16.051313] ? preempt_count_sub+0x50/0x80 [ 16.051338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.051364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.051390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.051416] kthread+0x337/0x6f0 [ 16.051436] ? trace_preempt_on+0x20/0xc0 [ 16.051461] ? __pfx_kthread+0x10/0x10 [ 16.051482] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.051505] ? calculate_sigpending+0x7b/0xa0 [ 16.051531] ? __pfx_kthread+0x10/0x10 [ 16.051553] ret_from_fork+0x116/0x1d0 [ 16.051572] ? __pfx_kthread+0x10/0x10 [ 16.051593] ret_from_fork_asm+0x1a/0x30 [ 16.051625] </TASK> [ 16.051636] [ 16.062609] Allocated by task 282: [ 16.062763] kasan_save_stack+0x45/0x70 [ 16.062913] kasan_save_track+0x18/0x40 [ 16.063681] kasan_save_alloc_info+0x3b/0x50 [ 16.064369] __kasan_kmalloc+0xb7/0xc0 [ 16.065319] __kmalloc_cache_noprof+0x189/0x420 [ 16.065574] kasan_atomics+0x95/0x310 [ 16.065767] kunit_try_run_case+0x1a5/0x480 [ 16.066814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.067356] kthread+0x337/0x6f0 [ 16.067654] ret_from_fork+0x116/0x1d0 [ 16.068019] ret_from_fork_asm+0x1a/0x30 [ 16.068433] [ 16.068594] The buggy address belongs to the object at ffff888102ac2380 [ 16.068594] which belongs to the cache kmalloc-64 of size 64 [ 16.070439] The buggy address is located 0 bytes to the right of [ 16.070439] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.070821] [ 16.070899] The buggy address belongs to the physical page: [ 16.071085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.071333] flags: 0x200000000000000(node=0|zone=2) [ 16.071499] page_type: f5(slab) [ 16.071622] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.071854] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.072416] page dumped because: kasan: bad access detected [ 16.072872] [ 16.073039] Memory state around the buggy address: [ 16.073466] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.074064] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.074677] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.075293] ^ [ 16.075705] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.076329] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.076928] ================================================================== [ 15.469662] ================================================================== [ 15.469946] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.470278] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.470623] [ 15.470737] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.470782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.470795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.470816] Call Trace: [ 15.470836] <TASK> [ 15.470854] dump_stack_lvl+0x73/0xb0 [ 15.470885] print_report+0xd1/0x650 [ 15.470909] ? __virt_addr_valid+0x1db/0x2d0 [ 15.470945] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.470967] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.470992] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.471015] kasan_report+0x141/0x180 [ 15.471037] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.471065] kasan_check_range+0x10c/0x1c0 [ 15.471090] __kasan_check_write+0x18/0x20 [ 15.471110] kasan_atomics_helper+0x8f9/0x5450 [ 15.471134] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.471158] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.471185] ? kasan_atomics+0x152/0x310 [ 15.471212] kasan_atomics+0x1dc/0x310 [ 15.471235] ? __pfx_kasan_atomics+0x10/0x10 [ 15.471261] ? __pfx_read_tsc+0x10/0x10 [ 15.471283] ? ktime_get_ts64+0x86/0x230 [ 15.471309] kunit_try_run_case+0x1a5/0x480 [ 15.471334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.471358] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.471385] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.471410] ? __kthread_parkme+0x82/0x180 [ 15.471432] ? preempt_count_sub+0x50/0x80 [ 15.471457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.471483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.471509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.471535] kthread+0x337/0x6f0 [ 15.471555] ? trace_preempt_on+0x20/0xc0 [ 15.471580] ? __pfx_kthread+0x10/0x10 [ 15.471602] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.471625] ? calculate_sigpending+0x7b/0xa0 [ 15.471650] ? __pfx_kthread+0x10/0x10 [ 15.471673] ret_from_fork+0x116/0x1d0 [ 15.471692] ? __pfx_kthread+0x10/0x10 [ 15.471714] ret_from_fork_asm+0x1a/0x30 [ 15.471746] </TASK> [ 15.471757] [ 15.478955] Allocated by task 282: [ 15.479084] kasan_save_stack+0x45/0x70 [ 15.479228] kasan_save_track+0x18/0x40 [ 15.479418] kasan_save_alloc_info+0x3b/0x50 [ 15.479691] __kasan_kmalloc+0xb7/0xc0 [ 15.479878] __kmalloc_cache_noprof+0x189/0x420 [ 15.480110] kasan_atomics+0x95/0x310 [ 15.480256] kunit_try_run_case+0x1a5/0x480 [ 15.480402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.480576] kthread+0x337/0x6f0 [ 15.480696] ret_from_fork+0x116/0x1d0 [ 15.480883] ret_from_fork_asm+0x1a/0x30 [ 15.481091] [ 15.481189] The buggy address belongs to the object at ffff888102ac2380 [ 15.481189] which belongs to the cache kmalloc-64 of size 64 [ 15.481712] The buggy address is located 0 bytes to the right of [ 15.481712] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.482615] [ 15.482720] The buggy address belongs to the physical page: [ 15.482929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.483222] flags: 0x200000000000000(node=0|zone=2) [ 15.483384] page_type: f5(slab) [ 15.483638] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.483992] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.484326] page dumped because: kasan: bad access detected [ 15.484521] [ 15.484591] Memory state around the buggy address: [ 15.484747] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.484982] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.485299] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.485609] ^ [ 15.485871] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.486386] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.486649] ================================================================== [ 15.641957] ================================================================== [ 15.642648] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.643473] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.644128] [ 15.644320] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.644367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.644380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.644402] Call Trace: [ 15.644431] <TASK> [ 15.644463] dump_stack_lvl+0x73/0xb0 [ 15.644506] print_report+0xd1/0x650 [ 15.644531] ? __virt_addr_valid+0x1db/0x2d0 [ 15.644554] ? kasan_atomics_helper+0xde0/0x5450 [ 15.644576] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.644601] ? kasan_atomics_helper+0xde0/0x5450 [ 15.644624] kasan_report+0x141/0x180 [ 15.644646] ? kasan_atomics_helper+0xde0/0x5450 [ 15.644673] kasan_check_range+0x10c/0x1c0 [ 15.644697] __kasan_check_write+0x18/0x20 [ 15.644718] kasan_atomics_helper+0xde0/0x5450 [ 15.644741] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.644765] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.644792] ? kasan_atomics+0x152/0x310 [ 15.644819] kasan_atomics+0x1dc/0x310 [ 15.644842] ? __pfx_kasan_atomics+0x10/0x10 [ 15.644867] ? __pfx_read_tsc+0x10/0x10 [ 15.644889] ? ktime_get_ts64+0x86/0x230 [ 15.644915] kunit_try_run_case+0x1a5/0x480 [ 15.644950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.644974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.645000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.645024] ? __kthread_parkme+0x82/0x180 [ 15.645046] ? preempt_count_sub+0x50/0x80 [ 15.645071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.645097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.645122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.645149] kthread+0x337/0x6f0 [ 15.645169] ? trace_preempt_on+0x20/0xc0 [ 15.645195] ? __pfx_kthread+0x10/0x10 [ 15.645217] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.645240] ? calculate_sigpending+0x7b/0xa0 [ 15.645275] ? __pfx_kthread+0x10/0x10 [ 15.645298] ret_from_fork+0x116/0x1d0 [ 15.645317] ? __pfx_kthread+0x10/0x10 [ 15.645339] ret_from_fork_asm+0x1a/0x30 [ 15.645371] </TASK> [ 15.645383] [ 15.658047] Allocated by task 282: [ 15.658334] kasan_save_stack+0x45/0x70 [ 15.658495] kasan_save_track+0x18/0x40 [ 15.658828] kasan_save_alloc_info+0x3b/0x50 [ 15.659124] __kasan_kmalloc+0xb7/0xc0 [ 15.659435] __kmalloc_cache_noprof+0x189/0x420 [ 15.659758] kasan_atomics+0x95/0x310 [ 15.659912] kunit_try_run_case+0x1a5/0x480 [ 15.660203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.660689] kthread+0x337/0x6f0 [ 15.660877] ret_from_fork+0x116/0x1d0 [ 15.661155] ret_from_fork_asm+0x1a/0x30 [ 15.661401] [ 15.661506] The buggy address belongs to the object at ffff888102ac2380 [ 15.661506] which belongs to the cache kmalloc-64 of size 64 [ 15.662318] The buggy address is located 0 bytes to the right of [ 15.662318] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.662943] [ 15.663026] The buggy address belongs to the physical page: [ 15.663426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.663767] flags: 0x200000000000000(node=0|zone=2) [ 15.663996] page_type: f5(slab) [ 15.664155] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.664709] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.665101] page dumped because: kasan: bad access detected [ 15.665419] [ 15.665540] Memory state around the buggy address: [ 15.665782] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.666103] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.666428] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.666711] ^ [ 15.666945] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.667226] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.667551] ================================================================== [ 15.784415] ================================================================== [ 15.784806] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.785241] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.785580] [ 15.785718] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.785762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.785775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.785796] Call Trace: [ 15.785815] <TASK> [ 15.785844] dump_stack_lvl+0x73/0xb0 [ 15.785876] print_report+0xd1/0x650 [ 15.785899] ? __virt_addr_valid+0x1db/0x2d0 [ 15.785945] ? kasan_atomics_helper+0x1148/0x5450 [ 15.785969] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.785994] ? kasan_atomics_helper+0x1148/0x5450 [ 15.786029] kasan_report+0x141/0x180 [ 15.786055] ? kasan_atomics_helper+0x1148/0x5450 [ 15.786093] kasan_check_range+0x10c/0x1c0 [ 15.786117] __kasan_check_write+0x18/0x20 [ 15.786138] kasan_atomics_helper+0x1148/0x5450 [ 15.786162] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.786194] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.786221] ? kasan_atomics+0x152/0x310 [ 15.786249] kasan_atomics+0x1dc/0x310 [ 15.786295] ? __pfx_kasan_atomics+0x10/0x10 [ 15.786320] ? __pfx_read_tsc+0x10/0x10 [ 15.786342] ? ktime_get_ts64+0x86/0x230 [ 15.786368] kunit_try_run_case+0x1a5/0x480 [ 15.786402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.786426] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.786462] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.786488] ? __kthread_parkme+0x82/0x180 [ 15.786511] ? preempt_count_sub+0x50/0x80 [ 15.786544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.786570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.786596] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.786632] kthread+0x337/0x6f0 [ 15.786652] ? trace_preempt_on+0x20/0xc0 [ 15.786676] ? __pfx_kthread+0x10/0x10 [ 15.786711] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.786733] ? calculate_sigpending+0x7b/0xa0 [ 15.786758] ? __pfx_kthread+0x10/0x10 [ 15.786791] ret_from_fork+0x116/0x1d0 [ 15.786811] ? __pfx_kthread+0x10/0x10 [ 15.786832] ret_from_fork_asm+0x1a/0x30 [ 15.786872] </TASK> [ 15.786884] [ 15.794524] Allocated by task 282: [ 15.794708] kasan_save_stack+0x45/0x70 [ 15.794910] kasan_save_track+0x18/0x40 [ 15.795107] kasan_save_alloc_info+0x3b/0x50 [ 15.795257] __kasan_kmalloc+0xb7/0xc0 [ 15.795453] __kmalloc_cache_noprof+0x189/0x420 [ 15.795674] kasan_atomics+0x95/0x310 [ 15.795805] kunit_try_run_case+0x1a5/0x480 [ 15.795960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.796135] kthread+0x337/0x6f0 [ 15.796278] ret_from_fork+0x116/0x1d0 [ 15.796471] ret_from_fork_asm+0x1a/0x30 [ 15.796698] [ 15.796795] The buggy address belongs to the object at ffff888102ac2380 [ 15.796795] which belongs to the cache kmalloc-64 of size 64 [ 15.797395] The buggy address is located 0 bytes to the right of [ 15.797395] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.797911] [ 15.798004] The buggy address belongs to the physical page: [ 15.798177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.798553] flags: 0x200000000000000(node=0|zone=2) [ 15.798758] page_type: f5(slab) [ 15.798928] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.801432] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.802367] page dumped because: kasan: bad access detected [ 15.802704] [ 15.802809] Memory state around the buggy address: [ 15.805098] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.806053] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.806999] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.807233] ^ [ 15.807395] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.807605] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.807812] ================================================================== [ 15.451299] ================================================================== [ 15.451672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.452376] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.452715] [ 15.452820] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.452864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.452877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.452899] Call Trace: [ 15.452918] <TASK> [ 15.452951] dump_stack_lvl+0x73/0xb0 [ 15.452985] print_report+0xd1/0x650 [ 15.453010] ? __virt_addr_valid+0x1db/0x2d0 [ 15.453034] ? kasan_atomics_helper+0x860/0x5450 [ 15.453057] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.453081] ? kasan_atomics_helper+0x860/0x5450 [ 15.453105] kasan_report+0x141/0x180 [ 15.453127] ? kasan_atomics_helper+0x860/0x5450 [ 15.453154] kasan_check_range+0x10c/0x1c0 [ 15.453179] __kasan_check_write+0x18/0x20 [ 15.453200] kasan_atomics_helper+0x860/0x5450 [ 15.453224] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.453248] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.453290] ? kasan_atomics+0x152/0x310 [ 15.453317] kasan_atomics+0x1dc/0x310 [ 15.453341] ? __pfx_kasan_atomics+0x10/0x10 [ 15.453367] ? __pfx_read_tsc+0x10/0x10 [ 15.453389] ? ktime_get_ts64+0x86/0x230 [ 15.453414] kunit_try_run_case+0x1a5/0x480 [ 15.453440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.453464] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.453490] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.453515] ? __kthread_parkme+0x82/0x180 [ 15.453538] ? preempt_count_sub+0x50/0x80 [ 15.453564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.453590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.453615] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.453643] kthread+0x337/0x6f0 [ 15.453663] ? trace_preempt_on+0x20/0xc0 [ 15.453687] ? __pfx_kthread+0x10/0x10 [ 15.453709] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.453732] ? calculate_sigpending+0x7b/0xa0 [ 15.453757] ? __pfx_kthread+0x10/0x10 [ 15.453780] ret_from_fork+0x116/0x1d0 [ 15.453799] ? __pfx_kthread+0x10/0x10 [ 15.453821] ret_from_fork_asm+0x1a/0x30 [ 15.453853] </TASK> [ 15.453865] [ 15.461009] Allocated by task 282: [ 15.461192] kasan_save_stack+0x45/0x70 [ 15.461565] kasan_save_track+0x18/0x40 [ 15.461762] kasan_save_alloc_info+0x3b/0x50 [ 15.461987] __kasan_kmalloc+0xb7/0xc0 [ 15.462179] __kmalloc_cache_noprof+0x189/0x420 [ 15.462518] kasan_atomics+0x95/0x310 [ 15.462718] kunit_try_run_case+0x1a5/0x480 [ 15.462921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.463140] kthread+0x337/0x6f0 [ 15.463263] ret_from_fork+0x116/0x1d0 [ 15.463466] ret_from_fork_asm+0x1a/0x30 [ 15.463670] [ 15.463766] The buggy address belongs to the object at ffff888102ac2380 [ 15.463766] which belongs to the cache kmalloc-64 of size 64 [ 15.464229] The buggy address is located 0 bytes to the right of [ 15.464229] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.464642] [ 15.464717] The buggy address belongs to the physical page: [ 15.464889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.465258] flags: 0x200000000000000(node=0|zone=2) [ 15.465504] page_type: f5(slab) [ 15.465675] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.466038] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.466393] page dumped because: kasan: bad access detected [ 15.466606] [ 15.466699] Memory state around the buggy address: [ 15.466909] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.467215] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.467481] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.467693] ^ [ 15.467915] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.468246] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.468579] ================================================================== [ 16.413695] ================================================================== [ 16.414100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.414477] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.414808] [ 16.414899] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.414951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.414964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.415007] Call Trace: [ 16.415025] <TASK> [ 16.415043] dump_stack_lvl+0x73/0xb0 [ 16.415074] print_report+0xd1/0x650 [ 16.415098] ? __virt_addr_valid+0x1db/0x2d0 [ 16.415122] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.415165] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.415190] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.415212] kasan_report+0x141/0x180 [ 16.415235] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.415282] kasan_check_range+0x10c/0x1c0 [ 16.415307] __kasan_check_write+0x18/0x20 [ 16.415327] kasan_atomics_helper+0x20c8/0x5450 [ 16.415351] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.415375] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.415401] ? kasan_atomics+0x152/0x310 [ 16.415429] kasan_atomics+0x1dc/0x310 [ 16.415452] ? __pfx_kasan_atomics+0x10/0x10 [ 16.415502] ? __pfx_read_tsc+0x10/0x10 [ 16.415527] ? ktime_get_ts64+0x86/0x230 [ 16.415553] kunit_try_run_case+0x1a5/0x480 [ 16.415581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.415606] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.415632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.415657] ? __kthread_parkme+0x82/0x180 [ 16.415679] ? preempt_count_sub+0x50/0x80 [ 16.415704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.415730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.415756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.415783] kthread+0x337/0x6f0 [ 16.415803] ? trace_preempt_on+0x20/0xc0 [ 16.415829] ? __pfx_kthread+0x10/0x10 [ 16.415850] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.415873] ? calculate_sigpending+0x7b/0xa0 [ 16.415898] ? __pfx_kthread+0x10/0x10 [ 16.415922] ret_from_fork+0x116/0x1d0 [ 16.415950] ? __pfx_kthread+0x10/0x10 [ 16.415971] ret_from_fork_asm+0x1a/0x30 [ 16.416004] </TASK> [ 16.416015] [ 16.423541] Allocated by task 282: [ 16.423745] kasan_save_stack+0x45/0x70 [ 16.423962] kasan_save_track+0x18/0x40 [ 16.424144] kasan_save_alloc_info+0x3b/0x50 [ 16.424347] __kasan_kmalloc+0xb7/0xc0 [ 16.424493] __kmalloc_cache_noprof+0x189/0x420 [ 16.424716] kasan_atomics+0x95/0x310 [ 16.424848] kunit_try_run_case+0x1a5/0x480 [ 16.425093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.425373] kthread+0x337/0x6f0 [ 16.425546] ret_from_fork+0x116/0x1d0 [ 16.425737] ret_from_fork_asm+0x1a/0x30 [ 16.425879] [ 16.425960] The buggy address belongs to the object at ffff888102ac2380 [ 16.425960] which belongs to the cache kmalloc-64 of size 64 [ 16.426353] The buggy address is located 0 bytes to the right of [ 16.426353] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.426947] [ 16.427072] The buggy address belongs to the physical page: [ 16.427381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.427754] flags: 0x200000000000000(node=0|zone=2) [ 16.428011] page_type: f5(slab) [ 16.428165] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.428422] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.428732] page dumped because: kasan: bad access detected [ 16.428989] [ 16.429083] Memory state around the buggy address: [ 16.429352] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.429619] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.429833] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.430112] ^ [ 16.430368] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.430743] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.431043] ================================================================== [ 16.449105] ================================================================== [ 16.449485] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.449862] Write of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 16.450164] [ 16.450271] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.450313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.450325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.450347] Call Trace: [ 16.450365] <TASK> [ 16.450381] dump_stack_lvl+0x73/0xb0 [ 16.450412] print_report+0xd1/0x650 [ 16.450435] ? __virt_addr_valid+0x1db/0x2d0 [ 16.450484] ? kasan_atomics_helper+0x218a/0x5450 [ 16.450507] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.450531] ? kasan_atomics_helper+0x218a/0x5450 [ 16.450554] kasan_report+0x141/0x180 [ 16.450594] ? kasan_atomics_helper+0x218a/0x5450 [ 16.450622] kasan_check_range+0x10c/0x1c0 [ 16.450647] __kasan_check_write+0x18/0x20 [ 16.450667] kasan_atomics_helper+0x218a/0x5450 [ 16.450691] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.450721] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.450748] ? kasan_atomics+0x152/0x310 [ 16.450775] kasan_atomics+0x1dc/0x310 [ 16.450798] ? __pfx_kasan_atomics+0x10/0x10 [ 16.450823] ? __pfx_read_tsc+0x10/0x10 [ 16.450865] ? ktime_get_ts64+0x86/0x230 [ 16.450890] kunit_try_run_case+0x1a5/0x480 [ 16.450915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.450948] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.450974] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.450999] ? __kthread_parkme+0x82/0x180 [ 16.451021] ? preempt_count_sub+0x50/0x80 [ 16.451046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.451071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.451097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.451143] kthread+0x337/0x6f0 [ 16.451163] ? trace_preempt_on+0x20/0xc0 [ 16.451187] ? __pfx_kthread+0x10/0x10 [ 16.451209] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.451232] ? calculate_sigpending+0x7b/0xa0 [ 16.451276] ? __pfx_kthread+0x10/0x10 [ 16.451299] ret_from_fork+0x116/0x1d0 [ 16.451317] ? __pfx_kthread+0x10/0x10 [ 16.451339] ret_from_fork_asm+0x1a/0x30 [ 16.451370] </TASK> [ 16.451382] [ 16.458791] Allocated by task 282: [ 16.458921] kasan_save_stack+0x45/0x70 [ 16.459153] kasan_save_track+0x18/0x40 [ 16.459370] kasan_save_alloc_info+0x3b/0x50 [ 16.459600] __kasan_kmalloc+0xb7/0xc0 [ 16.459784] __kmalloc_cache_noprof+0x189/0x420 [ 16.459990] kasan_atomics+0x95/0x310 [ 16.460120] kunit_try_run_case+0x1a5/0x480 [ 16.460281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.460453] kthread+0x337/0x6f0 [ 16.460588] ret_from_fork+0x116/0x1d0 [ 16.460796] ret_from_fork_asm+0x1a/0x30 [ 16.461005] [ 16.461122] The buggy address belongs to the object at ffff888102ac2380 [ 16.461122] which belongs to the cache kmalloc-64 of size 64 [ 16.461697] The buggy address is located 0 bytes to the right of [ 16.461697] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 16.462242] [ 16.462333] The buggy address belongs to the physical page: [ 16.462500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 16.462820] flags: 0x200000000000000(node=0|zone=2) [ 16.463125] page_type: f5(slab) [ 16.463328] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.463567] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.463790] page dumped because: kasan: bad access detected [ 16.464047] [ 16.464141] Memory state around the buggy address: [ 16.464457] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.464778] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.465125] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.465408] ^ [ 16.465621] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.465824] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.466105] ================================================================== [ 15.297395] ================================================================== [ 15.297720] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.298000] Read of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.298228] [ 15.298344] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.298389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.298402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.298423] Call Trace: [ 15.298443] <TASK> [ 15.298463] dump_stack_lvl+0x73/0xb0 [ 15.298494] print_report+0xd1/0x650 [ 15.298519] ? __virt_addr_valid+0x1db/0x2d0 [ 15.298543] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.298566] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.298590] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.298613] kasan_report+0x141/0x180 [ 15.298636] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.298663] __asan_report_load4_noabort+0x18/0x20 [ 15.298689] kasan_atomics_helper+0x4b54/0x5450 [ 15.298719] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.298744] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.298771] ? kasan_atomics+0x152/0x310 [ 15.298799] kasan_atomics+0x1dc/0x310 [ 15.298822] ? __pfx_kasan_atomics+0x10/0x10 [ 15.298849] ? __pfx_read_tsc+0x10/0x10 [ 15.298873] ? ktime_get_ts64+0x86/0x230 [ 15.298898] kunit_try_run_case+0x1a5/0x480 [ 15.298923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.298959] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.298985] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.299010] ? __kthread_parkme+0x82/0x180 [ 15.299031] ? preempt_count_sub+0x50/0x80 [ 15.299056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.299082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.299107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.299134] kthread+0x337/0x6f0 [ 15.299154] ? trace_preempt_on+0x20/0xc0 [ 15.299178] ? __pfx_kthread+0x10/0x10 [ 15.299200] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.299223] ? calculate_sigpending+0x7b/0xa0 [ 15.299248] ? __pfx_kthread+0x10/0x10 [ 15.299293] ret_from_fork+0x116/0x1d0 [ 15.299313] ? __pfx_kthread+0x10/0x10 [ 15.299334] ret_from_fork_asm+0x1a/0x30 [ 15.299366] </TASK> [ 15.299378] [ 15.306699] Allocated by task 282: [ 15.306852] kasan_save_stack+0x45/0x70 [ 15.307067] kasan_save_track+0x18/0x40 [ 15.307268] kasan_save_alloc_info+0x3b/0x50 [ 15.307483] __kasan_kmalloc+0xb7/0xc0 [ 15.307637] __kmalloc_cache_noprof+0x189/0x420 [ 15.307854] kasan_atomics+0x95/0x310 [ 15.308000] kunit_try_run_case+0x1a5/0x480 [ 15.308148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.308348] kthread+0x337/0x6f0 [ 15.308469] ret_from_fork+0x116/0x1d0 [ 15.308627] ret_from_fork_asm+0x1a/0x30 [ 15.308822] [ 15.308917] The buggy address belongs to the object at ffff888102ac2380 [ 15.308917] which belongs to the cache kmalloc-64 of size 64 [ 15.309469] The buggy address is located 0 bytes to the right of [ 15.309469] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.309850] [ 15.309923] The buggy address belongs to the physical page: [ 15.310127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.310488] flags: 0x200000000000000(node=0|zone=2) [ 15.310713] page_type: f5(slab) [ 15.310835] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.311077] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.311350] page dumped because: kasan: bad access detected [ 15.311623] [ 15.311719] Memory state around the buggy address: [ 15.311950] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.312296] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.312638] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.312982] ^ [ 15.313211] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.313556] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.313870] ================================================================== [ 15.925647] ================================================================== [ 15.926194] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.926606] Read of size 8 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.926916] [ 15.927080] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.927125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.927138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.927160] Call Trace: [ 15.927179] <TASK> [ 15.927200] dump_stack_lvl+0x73/0xb0 [ 15.927230] print_report+0xd1/0x650 [ 15.927254] ? __virt_addr_valid+0x1db/0x2d0 [ 15.927278] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.927301] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.927326] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.927350] kasan_report+0x141/0x180 [ 15.927372] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.927399] __asan_report_load8_noabort+0x18/0x20 [ 15.927425] kasan_atomics_helper+0x4eae/0x5450 [ 15.927448] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.927472] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.927508] ? kasan_atomics+0x152/0x310 [ 15.927566] kasan_atomics+0x1dc/0x310 [ 15.927590] ? __pfx_kasan_atomics+0x10/0x10 [ 15.927615] ? __pfx_read_tsc+0x10/0x10 [ 15.927648] ? ktime_get_ts64+0x86/0x230 [ 15.927674] kunit_try_run_case+0x1a5/0x480 [ 15.927699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.927724] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.927749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.927774] ? __kthread_parkme+0x82/0x180 [ 15.927796] ? preempt_count_sub+0x50/0x80 [ 15.927820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.927872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.927898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.927924] kthread+0x337/0x6f0 [ 15.927960] ? trace_preempt_on+0x20/0xc0 [ 15.927985] ? __pfx_kthread+0x10/0x10 [ 15.928007] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.928056] ? calculate_sigpending+0x7b/0xa0 [ 15.928081] ? __pfx_kthread+0x10/0x10 [ 15.928104] ret_from_fork+0x116/0x1d0 [ 15.928134] ? __pfx_kthread+0x10/0x10 [ 15.928156] ret_from_fork_asm+0x1a/0x30 [ 15.928214] </TASK> [ 15.928227] [ 15.936027] Allocated by task 282: [ 15.936239] kasan_save_stack+0x45/0x70 [ 15.936431] kasan_save_track+0x18/0x40 [ 15.936650] kasan_save_alloc_info+0x3b/0x50 [ 15.936879] __kasan_kmalloc+0xb7/0xc0 [ 15.937091] __kmalloc_cache_noprof+0x189/0x420 [ 15.937345] kasan_atomics+0x95/0x310 [ 15.937569] kunit_try_run_case+0x1a5/0x480 [ 15.937798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.938098] kthread+0x337/0x6f0 [ 15.938315] ret_from_fork+0x116/0x1d0 [ 15.938561] ret_from_fork_asm+0x1a/0x30 [ 15.938790] [ 15.938911] The buggy address belongs to the object at ffff888102ac2380 [ 15.938911] which belongs to the cache kmalloc-64 of size 64 [ 15.939630] The buggy address is located 0 bytes to the right of [ 15.939630] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.940209] [ 15.940369] The buggy address belongs to the physical page: [ 15.940539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.940838] flags: 0x200000000000000(node=0|zone=2) [ 15.941154] page_type: f5(slab) [ 15.941427] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.941681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.942038] page dumped because: kasan: bad access detected [ 15.942333] [ 15.942450] Memory state around the buggy address: [ 15.942661] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.943000] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.943342] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.943680] ^ [ 15.943925] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.944247] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.944575] ================================================================== [ 15.432814] ================================================================== [ 15.433561] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.433804] Write of size 4 at addr ffff888102ac23b0 by task kunit_try_catch/282 [ 15.434367] [ 15.434575] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.434619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.434631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.434654] Call Trace: [ 15.434672] <TASK> [ 15.434690] dump_stack_lvl+0x73/0xb0 [ 15.434728] print_report+0xd1/0x650 [ 15.434752] ? __virt_addr_valid+0x1db/0x2d0 [ 15.434775] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.434799] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.434823] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.434846] kasan_report+0x141/0x180 [ 15.434869] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.434896] kasan_check_range+0x10c/0x1c0 [ 15.434921] __kasan_check_write+0x18/0x20 [ 15.434954] kasan_atomics_helper+0x7c7/0x5450 [ 15.434979] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.435003] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.435030] ? kasan_atomics+0x152/0x310 [ 15.435057] kasan_atomics+0x1dc/0x310 [ 15.435080] ? __pfx_kasan_atomics+0x10/0x10 [ 15.435106] ? __pfx_read_tsc+0x10/0x10 [ 15.435129] ? ktime_get_ts64+0x86/0x230 [ 15.435154] kunit_try_run_case+0x1a5/0x480 [ 15.435179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.435204] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.435230] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.435255] ? __kthread_parkme+0x82/0x180 [ 15.435287] ? preempt_count_sub+0x50/0x80 [ 15.435313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.435339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.435365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.435392] kthread+0x337/0x6f0 [ 15.435412] ? trace_preempt_on+0x20/0xc0 [ 15.435437] ? __pfx_kthread+0x10/0x10 [ 15.435459] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.435482] ? calculate_sigpending+0x7b/0xa0 [ 15.435507] ? __pfx_kthread+0x10/0x10 [ 15.435530] ret_from_fork+0x116/0x1d0 [ 15.435549] ? __pfx_kthread+0x10/0x10 [ 15.435571] ret_from_fork_asm+0x1a/0x30 [ 15.435603] </TASK> [ 15.435615] [ 15.442796] Allocated by task 282: [ 15.442995] kasan_save_stack+0x45/0x70 [ 15.443182] kasan_save_track+0x18/0x40 [ 15.443447] kasan_save_alloc_info+0x3b/0x50 [ 15.443614] __kasan_kmalloc+0xb7/0xc0 [ 15.443792] __kmalloc_cache_noprof+0x189/0x420 [ 15.444008] kasan_atomics+0x95/0x310 [ 15.444159] kunit_try_run_case+0x1a5/0x480 [ 15.444390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.444647] kthread+0x337/0x6f0 [ 15.444781] ret_from_fork+0x116/0x1d0 [ 15.444976] ret_from_fork_asm+0x1a/0x30 [ 15.445147] [ 15.445240] The buggy address belongs to the object at ffff888102ac2380 [ 15.445240] which belongs to the cache kmalloc-64 of size 64 [ 15.445669] The buggy address is located 0 bytes to the right of [ 15.445669] allocated 48-byte region [ffff888102ac2380, ffff888102ac23b0) [ 15.446046] [ 15.446119] The buggy address belongs to the physical page: [ 15.446300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac2 [ 15.446770] flags: 0x200000000000000(node=0|zone=2) [ 15.447011] page_type: f5(slab) [ 15.447179] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.447446] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.447672] page dumped because: kasan: bad access detected [ 15.447841] [ 15.447910] Memory state around the buggy address: [ 15.448399] ffff888102ac2280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.448720] ffff888102ac2300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.449048] >ffff888102ac2380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.449501] ^ [ 15.449684] ffff888102ac2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449956] ffff888102ac2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.450169] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 15.044020] ================================================================== [ 15.044607] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.044892] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 15.045232] [ 15.045405] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.045450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.045462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.045482] Call Trace: [ 15.045501] <TASK> [ 15.045519] dump_stack_lvl+0x73/0xb0 [ 15.045551] print_report+0xd1/0x650 [ 15.045573] ? __virt_addr_valid+0x1db/0x2d0 [ 15.045596] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.045626] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.045648] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.045678] kasan_report+0x141/0x180 [ 15.045701] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.045735] kasan_check_range+0x10c/0x1c0 [ 15.045758] __kasan_check_write+0x18/0x20 [ 15.045777] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.045806] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.045837] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.045862] ? trace_hardirqs_on+0x37/0xe0 [ 15.045885] ? kasan_bitops_generic+0x92/0x1c0 [ 15.045912] kasan_bitops_generic+0x121/0x1c0 [ 15.045948] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.045973] ? __pfx_read_tsc+0x10/0x10 [ 15.045995] ? ktime_get_ts64+0x86/0x230 [ 15.046019] kunit_try_run_case+0x1a5/0x480 [ 15.046044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.046066] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.046092] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.046117] ? __kthread_parkme+0x82/0x180 [ 15.046137] ? preempt_count_sub+0x50/0x80 [ 15.046161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.046187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.046212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.046237] kthread+0x337/0x6f0 [ 15.046256] ? trace_preempt_on+0x20/0xc0 [ 15.046363] ? __pfx_kthread+0x10/0x10 [ 15.046388] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.046409] ? calculate_sigpending+0x7b/0xa0 [ 15.046434] ? __pfx_kthread+0x10/0x10 [ 15.046455] ret_from_fork+0x116/0x1d0 [ 15.046474] ? __pfx_kthread+0x10/0x10 [ 15.046494] ret_from_fork_asm+0x1a/0x30 [ 15.046525] </TASK> [ 15.046536] [ 15.055357] Allocated by task 278: [ 15.055492] kasan_save_stack+0x45/0x70 [ 15.055641] kasan_save_track+0x18/0x40 [ 15.055774] kasan_save_alloc_info+0x3b/0x50 [ 15.055921] __kasan_kmalloc+0xb7/0xc0 [ 15.056927] __kmalloc_cache_noprof+0x189/0x420 [ 15.057168] kasan_bitops_generic+0x92/0x1c0 [ 15.057381] kunit_try_run_case+0x1a5/0x480 [ 15.057587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.057835] kthread+0x337/0x6f0 [ 15.058594] ret_from_fork+0x116/0x1d0 [ 15.058918] ret_from_fork_asm+0x1a/0x30 [ 15.059419] [ 15.059641] The buggy address belongs to the object at ffff888102574300 [ 15.059641] which belongs to the cache kmalloc-16 of size 16 [ 15.060583] The buggy address is located 8 bytes inside of [ 15.060583] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 15.061498] [ 15.061601] The buggy address belongs to the physical page: [ 15.061835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 15.062752] flags: 0x200000000000000(node=0|zone=2) [ 15.063402] page_type: f5(slab) [ 15.063579] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.063898] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.064605] page dumped because: kasan: bad access detected [ 15.064859] [ 15.065213] Memory state around the buggy address: [ 15.065600] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.065903] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.066133] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.066446] ^ [ 15.066623] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.066904] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.067402] ================================================================== [ 15.126309] ================================================================== [ 15.126607] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.127185] Read of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 15.127468] [ 15.127561] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.127602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.127614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.127635] Call Trace: [ 15.127653] <TASK> [ 15.127671] dump_stack_lvl+0x73/0xb0 [ 15.127703] print_report+0xd1/0x650 [ 15.127725] ? __virt_addr_valid+0x1db/0x2d0 [ 15.127748] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.127777] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.127800] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.127829] kasan_report+0x141/0x180 [ 15.127851] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.127885] kasan_check_range+0x10c/0x1c0 [ 15.127907] __kasan_check_read+0x15/0x20 [ 15.127927] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.128046] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.128077] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.128102] ? trace_hardirqs_on+0x37/0xe0 [ 15.128124] ? kasan_bitops_generic+0x92/0x1c0 [ 15.128152] kasan_bitops_generic+0x121/0x1c0 [ 15.128175] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.128201] ? __pfx_read_tsc+0x10/0x10 [ 15.128222] ? ktime_get_ts64+0x86/0x230 [ 15.128247] kunit_try_run_case+0x1a5/0x480 [ 15.128271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.128294] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.128338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.128362] ? __kthread_parkme+0x82/0x180 [ 15.128385] ? preempt_count_sub+0x50/0x80 [ 15.128408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.128433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.128457] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.128483] kthread+0x337/0x6f0 [ 15.128503] ? trace_preempt_on+0x20/0xc0 [ 15.128525] ? __pfx_kthread+0x10/0x10 [ 15.128546] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.128568] ? calculate_sigpending+0x7b/0xa0 [ 15.128593] ? __pfx_kthread+0x10/0x10 [ 15.128614] ret_from_fork+0x116/0x1d0 [ 15.128632] ? __pfx_kthread+0x10/0x10 [ 15.128652] ret_from_fork_asm+0x1a/0x30 [ 15.128683] </TASK> [ 15.128693] [ 15.137269] Allocated by task 278: [ 15.137450] kasan_save_stack+0x45/0x70 [ 15.137598] kasan_save_track+0x18/0x40 [ 15.137731] kasan_save_alloc_info+0x3b/0x50 [ 15.137908] __kasan_kmalloc+0xb7/0xc0 [ 15.138165] __kmalloc_cache_noprof+0x189/0x420 [ 15.138421] kasan_bitops_generic+0x92/0x1c0 [ 15.138632] kunit_try_run_case+0x1a5/0x480 [ 15.138850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.139274] kthread+0x337/0x6f0 [ 15.139447] ret_from_fork+0x116/0x1d0 [ 15.139629] ret_from_fork_asm+0x1a/0x30 [ 15.139826] [ 15.139905] The buggy address belongs to the object at ffff888102574300 [ 15.139905] which belongs to the cache kmalloc-16 of size 16 [ 15.140482] The buggy address is located 8 bytes inside of [ 15.140482] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 15.140828] [ 15.140899] The buggy address belongs to the physical page: [ 15.141205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 15.141577] flags: 0x200000000000000(node=0|zone=2) [ 15.141805] page_type: f5(slab) [ 15.142037] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.142404] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.142708] page dumped because: kasan: bad access detected [ 15.142906] [ 15.143177] Memory state around the buggy address: [ 15.143402] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.143689] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.143919] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.144338] ^ [ 15.144523] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.144746] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.145065] ================================================================== [ 15.024189] ================================================================== [ 15.024586] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.024911] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 15.025323] [ 15.025430] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.025475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.025486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.025507] Call Trace: [ 15.025525] <TASK> [ 15.025542] dump_stack_lvl+0x73/0xb0 [ 15.025574] print_report+0xd1/0x650 [ 15.025596] ? __virt_addr_valid+0x1db/0x2d0 [ 15.025618] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.025646] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.025670] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.025699] kasan_report+0x141/0x180 [ 15.025720] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.025753] kasan_check_range+0x10c/0x1c0 [ 15.025776] __kasan_check_write+0x18/0x20 [ 15.025795] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.025824] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.025855] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.025880] ? trace_hardirqs_on+0x37/0xe0 [ 15.025904] ? kasan_bitops_generic+0x92/0x1c0 [ 15.025930] kasan_bitops_generic+0x121/0x1c0 [ 15.025986] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.026013] ? __pfx_read_tsc+0x10/0x10 [ 15.026036] ? ktime_get_ts64+0x86/0x230 [ 15.026062] kunit_try_run_case+0x1a5/0x480 [ 15.026087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.026109] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.026135] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.026159] ? __kthread_parkme+0x82/0x180 [ 15.026180] ? preempt_count_sub+0x50/0x80 [ 15.026204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.026229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.026253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.026336] kthread+0x337/0x6f0 [ 15.026357] ? trace_preempt_on+0x20/0xc0 [ 15.026380] ? __pfx_kthread+0x10/0x10 [ 15.026400] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.026422] ? calculate_sigpending+0x7b/0xa0 [ 15.026446] ? __pfx_kthread+0x10/0x10 [ 15.026468] ret_from_fork+0x116/0x1d0 [ 15.026487] ? __pfx_kthread+0x10/0x10 [ 15.026507] ret_from_fork_asm+0x1a/0x30 [ 15.026538] </TASK> [ 15.026550] [ 15.035061] Allocated by task 278: [ 15.035252] kasan_save_stack+0x45/0x70 [ 15.035459] kasan_save_track+0x18/0x40 [ 15.035771] kasan_save_alloc_info+0x3b/0x50 [ 15.035969] __kasan_kmalloc+0xb7/0xc0 [ 15.036100] __kmalloc_cache_noprof+0x189/0x420 [ 15.036259] kasan_bitops_generic+0x92/0x1c0 [ 15.036661] kunit_try_run_case+0x1a5/0x480 [ 15.036870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.037307] kthread+0x337/0x6f0 [ 15.037566] ret_from_fork+0x116/0x1d0 [ 15.037701] ret_from_fork_asm+0x1a/0x30 [ 15.037838] [ 15.037907] The buggy address belongs to the object at ffff888102574300 [ 15.037907] which belongs to the cache kmalloc-16 of size 16 [ 15.038586] The buggy address is located 8 bytes inside of [ 15.038586] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 15.039121] [ 15.039221] The buggy address belongs to the physical page: [ 15.039606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 15.039913] flags: 0x200000000000000(node=0|zone=2) [ 15.040360] page_type: f5(slab) [ 15.040536] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.040833] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.041208] page dumped because: kasan: bad access detected [ 15.041447] [ 15.041540] Memory state around the buggy address: [ 15.041740] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.042235] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.042583] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.042807] ^ [ 15.042943] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.043166] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.043469] ================================================================== [ 14.970353] ================================================================== [ 14.970740] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.971046] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 14.971791] [ 14.972159] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.972208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.972220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.972240] Call Trace: [ 14.972257] <TASK> [ 14.972275] dump_stack_lvl+0x73/0xb0 [ 14.972308] print_report+0xd1/0x650 [ 14.972331] ? __virt_addr_valid+0x1db/0x2d0 [ 14.972356] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.972386] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.972411] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.972442] kasan_report+0x141/0x180 [ 14.972464] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.972497] kasan_check_range+0x10c/0x1c0 [ 14.972522] __kasan_check_write+0x18/0x20 [ 14.972542] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.972571] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.972601] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.972627] ? trace_hardirqs_on+0x37/0xe0 [ 14.972650] ? kasan_bitops_generic+0x92/0x1c0 [ 14.972677] kasan_bitops_generic+0x121/0x1c0 [ 14.972701] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.972727] ? __pfx_read_tsc+0x10/0x10 [ 14.972748] ? ktime_get_ts64+0x86/0x230 [ 14.972773] kunit_try_run_case+0x1a5/0x480 [ 14.972798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.972821] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.972847] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.972870] ? __kthread_parkme+0x82/0x180 [ 14.972892] ? preempt_count_sub+0x50/0x80 [ 14.972915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.972974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.972999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.973025] kthread+0x337/0x6f0 [ 14.973044] ? trace_preempt_on+0x20/0xc0 [ 14.973066] ? __pfx_kthread+0x10/0x10 [ 14.973087] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.973109] ? calculate_sigpending+0x7b/0xa0 [ 14.973134] ? __pfx_kthread+0x10/0x10 [ 14.973155] ret_from_fork+0x116/0x1d0 [ 14.973174] ? __pfx_kthread+0x10/0x10 [ 14.973194] ret_from_fork_asm+0x1a/0x30 [ 14.973226] </TASK> [ 14.973237] [ 14.987590] Allocated by task 278: [ 14.988144] kasan_save_stack+0x45/0x70 [ 14.988570] kasan_save_track+0x18/0x40 [ 14.988910] kasan_save_alloc_info+0x3b/0x50 [ 14.989228] __kasan_kmalloc+0xb7/0xc0 [ 14.989588] __kmalloc_cache_noprof+0x189/0x420 [ 14.989915] kasan_bitops_generic+0x92/0x1c0 [ 14.990198] kunit_try_run_case+0x1a5/0x480 [ 14.990585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.991095] kthread+0x337/0x6f0 [ 14.991335] ret_from_fork+0x116/0x1d0 [ 14.991676] ret_from_fork_asm+0x1a/0x30 [ 14.991840] [ 14.991912] The buggy address belongs to the object at ffff888102574300 [ 14.991912] which belongs to the cache kmalloc-16 of size 16 [ 14.993613] The buggy address is located 8 bytes inside of [ 14.993613] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 14.994370] [ 14.994535] The buggy address belongs to the physical page: [ 14.995082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 14.995755] flags: 0x200000000000000(node=0|zone=2) [ 14.995927] page_type: f5(slab) [ 14.996411] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.997141] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.997711] page dumped because: kasan: bad access detected [ 14.997883] [ 14.998017] Memory state around the buggy address: [ 14.998465] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.999202] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.999922] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.000653] ^ [ 15.000788] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.001135] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.001897] ================================================================== [ 15.002885] ================================================================== [ 15.003553] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.004529] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 15.004780] [ 15.004871] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.004917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.004929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.004963] Call Trace: [ 15.004983] <TASK> [ 15.005001] dump_stack_lvl+0x73/0xb0 [ 15.005035] print_report+0xd1/0x650 [ 15.005058] ? __virt_addr_valid+0x1db/0x2d0 [ 15.005081] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.005110] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.005133] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.005162] kasan_report+0x141/0x180 [ 15.005183] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.005217] kasan_check_range+0x10c/0x1c0 [ 15.005240] __kasan_check_write+0x18/0x20 [ 15.005259] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.005289] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.005320] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.005345] ? trace_hardirqs_on+0x37/0xe0 [ 15.005368] ? kasan_bitops_generic+0x92/0x1c0 [ 15.005395] kasan_bitops_generic+0x121/0x1c0 [ 15.005419] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.005444] ? __pfx_read_tsc+0x10/0x10 [ 15.005466] ? ktime_get_ts64+0x86/0x230 [ 15.005490] kunit_try_run_case+0x1a5/0x480 [ 15.005514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.005538] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.005563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.005587] ? __kthread_parkme+0x82/0x180 [ 15.005608] ? preempt_count_sub+0x50/0x80 [ 15.005633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.005658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.005684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.005721] kthread+0x337/0x6f0 [ 15.005739] ? trace_preempt_on+0x20/0xc0 [ 15.005770] ? __pfx_kthread+0x10/0x10 [ 15.005791] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.005812] ? calculate_sigpending+0x7b/0xa0 [ 15.005837] ? __pfx_kthread+0x10/0x10 [ 15.005858] ret_from_fork+0x116/0x1d0 [ 15.005877] ? __pfx_kthread+0x10/0x10 [ 15.005898] ret_from_fork_asm+0x1a/0x30 [ 15.005929] </TASK> [ 15.005950] [ 15.012961] Allocated by task 278: [ 15.013149] kasan_save_stack+0x45/0x70 [ 15.013353] kasan_save_track+0x18/0x40 [ 15.013654] kasan_save_alloc_info+0x3b/0x50 [ 15.013871] __kasan_kmalloc+0xb7/0xc0 [ 15.014025] __kmalloc_cache_noprof+0x189/0x420 [ 15.014181] kasan_bitops_generic+0x92/0x1c0 [ 15.016119] kunit_try_run_case+0x1a5/0x480 [ 15.016292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.016470] kthread+0x337/0x6f0 [ 15.016590] ret_from_fork+0x116/0x1d0 [ 15.016727] ret_from_fork_asm+0x1a/0x30 [ 15.016865] [ 15.016953] The buggy address belongs to the object at ffff888102574300 [ 15.016953] which belongs to the cache kmalloc-16 of size 16 [ 15.017310] The buggy address is located 8 bytes inside of [ 15.017310] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 15.018349] [ 15.018433] The buggy address belongs to the physical page: [ 15.018606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 15.018856] flags: 0x200000000000000(node=0|zone=2) [ 15.019091] page_type: f5(slab) [ 15.019259] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.019603] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.020063] page dumped because: kasan: bad access detected [ 15.021163] [ 15.021245] Memory state around the buggy address: [ 15.021560] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.021783] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.022057] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.022571] ^ [ 15.022829] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.023414] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.023680] ================================================================== [ 15.106778] ================================================================== [ 15.107307] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.107649] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 15.108025] [ 15.108140] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.108184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.108196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.108218] Call Trace: [ 15.108237] <TASK> [ 15.108257] dump_stack_lvl+0x73/0xb0 [ 15.108309] print_report+0xd1/0x650 [ 15.108332] ? __virt_addr_valid+0x1db/0x2d0 [ 15.108355] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.108384] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.108407] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.108437] kasan_report+0x141/0x180 [ 15.108458] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.108492] kasan_check_range+0x10c/0x1c0 [ 15.108515] __kasan_check_write+0x18/0x20 [ 15.108535] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.108563] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.108593] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.108619] ? trace_hardirqs_on+0x37/0xe0 [ 15.108641] ? kasan_bitops_generic+0x92/0x1c0 [ 15.108668] kasan_bitops_generic+0x121/0x1c0 [ 15.108691] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.108717] ? __pfx_read_tsc+0x10/0x10 [ 15.108738] ? ktime_get_ts64+0x86/0x230 [ 15.108762] kunit_try_run_case+0x1a5/0x480 [ 15.108786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.108808] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.108833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.108856] ? __kthread_parkme+0x82/0x180 [ 15.108877] ? preempt_count_sub+0x50/0x80 [ 15.108902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.108926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.109025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.109050] kthread+0x337/0x6f0 [ 15.109069] ? trace_preempt_on+0x20/0xc0 [ 15.109091] ? __pfx_kthread+0x10/0x10 [ 15.109113] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.109134] ? calculate_sigpending+0x7b/0xa0 [ 15.109157] ? __pfx_kthread+0x10/0x10 [ 15.109179] ret_from_fork+0x116/0x1d0 [ 15.109197] ? __pfx_kthread+0x10/0x10 [ 15.109217] ret_from_fork_asm+0x1a/0x30 [ 15.109248] </TASK> [ 15.109258] [ 15.117799] Allocated by task 278: [ 15.118058] kasan_save_stack+0x45/0x70 [ 15.118256] kasan_save_track+0x18/0x40 [ 15.118479] kasan_save_alloc_info+0x3b/0x50 [ 15.118686] __kasan_kmalloc+0xb7/0xc0 [ 15.118823] __kmalloc_cache_noprof+0x189/0x420 [ 15.119173] kasan_bitops_generic+0x92/0x1c0 [ 15.119390] kunit_try_run_case+0x1a5/0x480 [ 15.119616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.119870] kthread+0x337/0x6f0 [ 15.120129] ret_from_fork+0x116/0x1d0 [ 15.120351] ret_from_fork_asm+0x1a/0x30 [ 15.120553] [ 15.120647] The buggy address belongs to the object at ffff888102574300 [ 15.120647] which belongs to the cache kmalloc-16 of size 16 [ 15.121245] The buggy address is located 8 bytes inside of [ 15.121245] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 15.121604] [ 15.121677] The buggy address belongs to the physical page: [ 15.121882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 15.122241] flags: 0x200000000000000(node=0|zone=2) [ 15.122471] page_type: f5(slab) [ 15.122636] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.123157] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.123458] page dumped because: kasan: bad access detected [ 15.123702] [ 15.123793] Memory state around the buggy address: [ 15.124031] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.124271] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.124576] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.124896] ^ [ 15.125134] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.125477] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.125775] ================================================================== [ 15.145571] ================================================================== [ 15.145904] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.146569] Read of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 15.146846] [ 15.147119] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.147165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.147177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.147198] Call Trace: [ 15.147216] <TASK> [ 15.147232] dump_stack_lvl+0x73/0xb0 [ 15.147291] print_report+0xd1/0x650 [ 15.147313] ? __virt_addr_valid+0x1db/0x2d0 [ 15.147336] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.147366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.147390] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.147419] kasan_report+0x141/0x180 [ 15.147440] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.147473] __asan_report_load8_noabort+0x18/0x20 [ 15.147498] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.147527] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.147557] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.147581] ? trace_hardirqs_on+0x37/0xe0 [ 15.147604] ? kasan_bitops_generic+0x92/0x1c0 [ 15.147631] kasan_bitops_generic+0x121/0x1c0 [ 15.147654] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.147680] ? __pfx_read_tsc+0x10/0x10 [ 15.147701] ? ktime_get_ts64+0x86/0x230 [ 15.147724] kunit_try_run_case+0x1a5/0x480 [ 15.147749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.147772] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.147796] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.147819] ? __kthread_parkme+0x82/0x180 [ 15.147840] ? preempt_count_sub+0x50/0x80 [ 15.147864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.147888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.147913] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.147963] kthread+0x337/0x6f0 [ 15.147982] ? trace_preempt_on+0x20/0xc0 [ 15.148004] ? __pfx_kthread+0x10/0x10 [ 15.148025] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.148046] ? calculate_sigpending+0x7b/0xa0 [ 15.148070] ? __pfx_kthread+0x10/0x10 [ 15.148092] ret_from_fork+0x116/0x1d0 [ 15.148110] ? __pfx_kthread+0x10/0x10 [ 15.148130] ret_from_fork_asm+0x1a/0x30 [ 15.148162] </TASK> [ 15.148172] [ 15.156561] Allocated by task 278: [ 15.156769] kasan_save_stack+0x45/0x70 [ 15.157076] kasan_save_track+0x18/0x40 [ 15.157272] kasan_save_alloc_info+0x3b/0x50 [ 15.157425] __kasan_kmalloc+0xb7/0xc0 [ 15.157631] __kmalloc_cache_noprof+0x189/0x420 [ 15.157848] kasan_bitops_generic+0x92/0x1c0 [ 15.158126] kunit_try_run_case+0x1a5/0x480 [ 15.158309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.158592] kthread+0x337/0x6f0 [ 15.158752] ret_from_fork+0x116/0x1d0 [ 15.158881] ret_from_fork_asm+0x1a/0x30 [ 15.159237] [ 15.159353] The buggy address belongs to the object at ffff888102574300 [ 15.159353] which belongs to the cache kmalloc-16 of size 16 [ 15.159888] The buggy address is located 8 bytes inside of [ 15.159888] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 15.160404] [ 15.160480] The buggy address belongs to the physical page: [ 15.160645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 15.160879] flags: 0x200000000000000(node=0|zone=2) [ 15.161234] page_type: f5(slab) [ 15.161438] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.161780] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.162215] page dumped because: kasan: bad access detected [ 15.162495] [ 15.162611] Memory state around the buggy address: [ 15.162813] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.163339] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.163622] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.164007] ^ [ 15.164192] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.164533] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.164789] ================================================================== [ 15.067855] ================================================================== [ 15.068292] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.068658] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 15.068922] [ 15.069106] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.069152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.069164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.069185] Call Trace: [ 15.069204] <TASK> [ 15.069221] dump_stack_lvl+0x73/0xb0 [ 15.069276] print_report+0xd1/0x650 [ 15.069300] ? __virt_addr_valid+0x1db/0x2d0 [ 15.069323] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.069351] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.069375] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.069404] kasan_report+0x141/0x180 [ 15.069426] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.069459] kasan_check_range+0x10c/0x1c0 [ 15.069483] __kasan_check_write+0x18/0x20 [ 15.069502] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.069532] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.069562] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.069586] ? trace_hardirqs_on+0x37/0xe0 [ 15.069609] ? kasan_bitops_generic+0x92/0x1c0 [ 15.069637] kasan_bitops_generic+0x121/0x1c0 [ 15.069661] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.069686] ? __pfx_read_tsc+0x10/0x10 [ 15.069707] ? ktime_get_ts64+0x86/0x230 [ 15.069732] kunit_try_run_case+0x1a5/0x480 [ 15.069758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.069782] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.069809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.069837] ? __kthread_parkme+0x82/0x180 [ 15.069857] ? preempt_count_sub+0x50/0x80 [ 15.069881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.069906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.070006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.070039] kthread+0x337/0x6f0 [ 15.070059] ? trace_preempt_on+0x20/0xc0 [ 15.070083] ? __pfx_kthread+0x10/0x10 [ 15.070103] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.070125] ? calculate_sigpending+0x7b/0xa0 [ 15.070150] ? __pfx_kthread+0x10/0x10 [ 15.070171] ret_from_fork+0x116/0x1d0 [ 15.070189] ? __pfx_kthread+0x10/0x10 [ 15.070210] ret_from_fork_asm+0x1a/0x30 [ 15.070241] </TASK> [ 15.070251] [ 15.078817] Allocated by task 278: [ 15.079190] kasan_save_stack+0x45/0x70 [ 15.079431] kasan_save_track+0x18/0x40 [ 15.079592] kasan_save_alloc_info+0x3b/0x50 [ 15.079765] __kasan_kmalloc+0xb7/0xc0 [ 15.080044] __kmalloc_cache_noprof+0x189/0x420 [ 15.080285] kasan_bitops_generic+0x92/0x1c0 [ 15.080465] kunit_try_run_case+0x1a5/0x480 [ 15.080611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.080864] kthread+0x337/0x6f0 [ 15.081105] ret_from_fork+0x116/0x1d0 [ 15.081306] ret_from_fork_asm+0x1a/0x30 [ 15.081504] [ 15.081599] The buggy address belongs to the object at ffff888102574300 [ 15.081599] which belongs to the cache kmalloc-16 of size 16 [ 15.082054] The buggy address is located 8 bytes inside of [ 15.082054] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 15.082404] [ 15.082492] The buggy address belongs to the physical page: [ 15.082744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 15.083350] flags: 0x200000000000000(node=0|zone=2) [ 15.083548] page_type: f5(slab) [ 15.083723] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.084082] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.084399] page dumped because: kasan: bad access detected [ 15.084649] [ 15.084743] Memory state around the buggy address: [ 15.085051] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.085396] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.085674] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.086029] ^ [ 15.086205] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.086493] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.086760] ================================================================== [ 15.087502] ================================================================== [ 15.087811] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.088273] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 15.088586] [ 15.088676] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.088720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.088731] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.088753] Call Trace: [ 15.088772] <TASK> [ 15.088790] dump_stack_lvl+0x73/0xb0 [ 15.088821] print_report+0xd1/0x650 [ 15.088844] ? __virt_addr_valid+0x1db/0x2d0 [ 15.088867] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.088896] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.088920] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.089024] kasan_report+0x141/0x180 [ 15.089047] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.089080] kasan_check_range+0x10c/0x1c0 [ 15.089104] __kasan_check_write+0x18/0x20 [ 15.089123] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.089152] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.089182] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.089207] ? trace_hardirqs_on+0x37/0xe0 [ 15.089230] ? kasan_bitops_generic+0x92/0x1c0 [ 15.089257] kasan_bitops_generic+0x121/0x1c0 [ 15.089280] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.089330] ? __pfx_read_tsc+0x10/0x10 [ 15.089353] ? ktime_get_ts64+0x86/0x230 [ 15.089377] kunit_try_run_case+0x1a5/0x480 [ 15.089402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.089425] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.089450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.089474] ? __kthread_parkme+0x82/0x180 [ 15.089495] ? preempt_count_sub+0x50/0x80 [ 15.089518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.089542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.089568] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.089593] kthread+0x337/0x6f0 [ 15.089612] ? trace_preempt_on+0x20/0xc0 [ 15.089634] ? __pfx_kthread+0x10/0x10 [ 15.089655] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.089676] ? calculate_sigpending+0x7b/0xa0 [ 15.089701] ? __pfx_kthread+0x10/0x10 [ 15.089722] ret_from_fork+0x116/0x1d0 [ 15.089741] ? __pfx_kthread+0x10/0x10 [ 15.089761] ret_from_fork_asm+0x1a/0x30 [ 15.089792] </TASK> [ 15.089802] [ 15.098261] Allocated by task 278: [ 15.098414] kasan_save_stack+0x45/0x70 [ 15.098620] kasan_save_track+0x18/0x40 [ 15.098832] kasan_save_alloc_info+0x3b/0x50 [ 15.099224] __kasan_kmalloc+0xb7/0xc0 [ 15.099454] __kmalloc_cache_noprof+0x189/0x420 [ 15.099678] kasan_bitops_generic+0x92/0x1c0 [ 15.099891] kunit_try_run_case+0x1a5/0x480 [ 15.100172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.100461] kthread+0x337/0x6f0 [ 15.100631] ret_from_fork+0x116/0x1d0 [ 15.100769] ret_from_fork_asm+0x1a/0x30 [ 15.101042] [ 15.101146] The buggy address belongs to the object at ffff888102574300 [ 15.101146] which belongs to the cache kmalloc-16 of size 16 [ 15.101641] The buggy address is located 8 bytes inside of [ 15.101641] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 15.102094] [ 15.102193] The buggy address belongs to the physical page: [ 15.102414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 15.102702] flags: 0x200000000000000(node=0|zone=2) [ 15.103169] page_type: f5(slab) [ 15.103360] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.103659] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.104051] page dumped because: kasan: bad access detected [ 15.104278] [ 15.104375] Memory state around the buggy address: [ 15.104554] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.104769] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.105081] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.105419] ^ [ 15.105592] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.105899] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.106282] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.731885] ================================================================== [ 14.732596] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.732977] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 14.733296] [ 14.733397] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.733443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.733455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.733477] Call Trace: [ 14.733489] <TASK> [ 14.733506] dump_stack_lvl+0x73/0xb0 [ 14.733537] print_report+0xd1/0x650 [ 14.733560] ? __virt_addr_valid+0x1db/0x2d0 [ 14.733585] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.733612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.733635] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.733662] kasan_report+0x141/0x180 [ 14.733683] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.733715] kasan_check_range+0x10c/0x1c0 [ 14.733738] __kasan_check_write+0x18/0x20 [ 14.733757] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.733784] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.733812] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.733837] ? trace_hardirqs_on+0x37/0xe0 [ 14.733860] ? kasan_bitops_generic+0x92/0x1c0 [ 14.733888] kasan_bitops_generic+0x116/0x1c0 [ 14.733912] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.734336] ? __pfx_read_tsc+0x10/0x10 [ 14.734374] ? ktime_get_ts64+0x86/0x230 [ 14.734402] kunit_try_run_case+0x1a5/0x480 [ 14.734429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.734453] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.734479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.734504] ? __kthread_parkme+0x82/0x180 [ 14.734527] ? preempt_count_sub+0x50/0x80 [ 14.734551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.734576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.734601] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.734626] kthread+0x337/0x6f0 [ 14.734645] ? trace_preempt_on+0x20/0xc0 [ 14.734669] ? __pfx_kthread+0x10/0x10 [ 14.734689] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.734717] ? calculate_sigpending+0x7b/0xa0 [ 14.734742] ? __pfx_kthread+0x10/0x10 [ 14.734762] ret_from_fork+0x116/0x1d0 [ 14.734780] ? __pfx_kthread+0x10/0x10 [ 14.734801] ret_from_fork_asm+0x1a/0x30 [ 14.734831] </TASK> [ 14.734841] [ 14.743276] Allocated by task 278: [ 14.743424] kasan_save_stack+0x45/0x70 [ 14.743849] kasan_save_track+0x18/0x40 [ 14.744080] kasan_save_alloc_info+0x3b/0x50 [ 14.744307] __kasan_kmalloc+0xb7/0xc0 [ 14.744501] __kmalloc_cache_noprof+0x189/0x420 [ 14.744656] kasan_bitops_generic+0x92/0x1c0 [ 14.744882] kunit_try_run_case+0x1a5/0x480 [ 14.745185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.745377] kthread+0x337/0x6f0 [ 14.745559] ret_from_fork+0x116/0x1d0 [ 14.745749] ret_from_fork_asm+0x1a/0x30 [ 14.745910] [ 14.746014] The buggy address belongs to the object at ffff888102574300 [ 14.746014] which belongs to the cache kmalloc-16 of size 16 [ 14.746354] The buggy address is located 8 bytes inside of [ 14.746354] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 14.746685] [ 14.746765] The buggy address belongs to the physical page: [ 14.746951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 14.747191] flags: 0x200000000000000(node=0|zone=2) [ 14.748373] page_type: f5(slab) [ 14.749293] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.750544] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.752367] page dumped because: kasan: bad access detected [ 14.752943] [ 14.753704] Memory state around the buggy address: [ 14.754331] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.754555] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.754776] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.754997] ^ [ 14.755120] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.755341] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.755590] ================================================================== [ 14.758647] ================================================================== [ 14.759591] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.760483] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 14.760955] [ 14.761055] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.761101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.761113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.761135] Call Trace: [ 14.761147] <TASK> [ 14.761165] dump_stack_lvl+0x73/0xb0 [ 14.761198] print_report+0xd1/0x650 [ 14.761221] ? __virt_addr_valid+0x1db/0x2d0 [ 14.761244] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.761470] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.761499] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.761526] kasan_report+0x141/0x180 [ 14.761549] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.761581] kasan_check_range+0x10c/0x1c0 [ 14.761605] __kasan_check_write+0x18/0x20 [ 14.761624] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.761651] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.761679] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.761705] ? trace_hardirqs_on+0x37/0xe0 [ 14.761729] ? kasan_bitops_generic+0x92/0x1c0 [ 14.761758] kasan_bitops_generic+0x116/0x1c0 [ 14.761781] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.761807] ? __pfx_read_tsc+0x10/0x10 [ 14.761829] ? ktime_get_ts64+0x86/0x230 [ 14.761853] kunit_try_run_case+0x1a5/0x480 [ 14.761879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.761902] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.761928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.762021] ? __kthread_parkme+0x82/0x180 [ 14.762044] ? preempt_count_sub+0x50/0x80 [ 14.762069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.762094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.762120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.762145] kthread+0x337/0x6f0 [ 14.762164] ? trace_preempt_on+0x20/0xc0 [ 14.762187] ? __pfx_kthread+0x10/0x10 [ 14.762207] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.762229] ? calculate_sigpending+0x7b/0xa0 [ 14.762254] ? __pfx_kthread+0x10/0x10 [ 14.762275] ret_from_fork+0x116/0x1d0 [ 14.762294] ? __pfx_kthread+0x10/0x10 [ 14.762314] ret_from_fork_asm+0x1a/0x30 [ 14.762346] </TASK> [ 14.762357] [ 14.777293] Allocated by task 278: [ 14.777514] kasan_save_stack+0x45/0x70 [ 14.777718] kasan_save_track+0x18/0x40 [ 14.777886] kasan_save_alloc_info+0x3b/0x50 [ 14.778631] __kasan_kmalloc+0xb7/0xc0 [ 14.778840] __kmalloc_cache_noprof+0x189/0x420 [ 14.779335] kasan_bitops_generic+0x92/0x1c0 [ 14.779556] kunit_try_run_case+0x1a5/0x480 [ 14.779890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.780571] kthread+0x337/0x6f0 [ 14.780767] ret_from_fork+0x116/0x1d0 [ 14.781249] ret_from_fork_asm+0x1a/0x30 [ 14.781577] [ 14.781680] The buggy address belongs to the object at ffff888102574300 [ 14.781680] which belongs to the cache kmalloc-16 of size 16 [ 14.782148] The buggy address is located 8 bytes inside of [ 14.782148] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 14.782596] [ 14.782696] The buggy address belongs to the physical page: [ 14.783523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 14.783833] flags: 0x200000000000000(node=0|zone=2) [ 14.784303] page_type: f5(slab) [ 14.784666] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.785332] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.785772] page dumped because: kasan: bad access detected [ 14.786442] [ 14.786553] Memory state around the buggy address: [ 14.786875] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.787416] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.787836] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.788359] ^ [ 14.788532] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.788833] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.789510] ================================================================== [ 14.848347] ================================================================== [ 14.848881] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.849458] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 14.849989] [ 14.850437] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.850486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.850499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.850521] Call Trace: [ 14.850540] <TASK> [ 14.850558] dump_stack_lvl+0x73/0xb0 [ 14.850591] print_report+0xd1/0x650 [ 14.850615] ? __virt_addr_valid+0x1db/0x2d0 [ 14.850639] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.850665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.850688] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.850723] kasan_report+0x141/0x180 [ 14.850745] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.850776] kasan_check_range+0x10c/0x1c0 [ 14.850800] __kasan_check_write+0x18/0x20 [ 14.850819] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.850846] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.850875] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.850900] ? trace_hardirqs_on+0x37/0xe0 [ 14.850923] ? kasan_bitops_generic+0x92/0x1c0 [ 14.851056] kasan_bitops_generic+0x116/0x1c0 [ 14.851081] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.851107] ? __pfx_read_tsc+0x10/0x10 [ 14.851129] ? ktime_get_ts64+0x86/0x230 [ 14.851154] kunit_try_run_case+0x1a5/0x480 [ 14.851180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.851203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.851228] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.851253] ? __kthread_parkme+0x82/0x180 [ 14.851282] ? preempt_count_sub+0x50/0x80 [ 14.851306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.851332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.851357] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.851383] kthread+0x337/0x6f0 [ 14.851402] ? trace_preempt_on+0x20/0xc0 [ 14.851424] ? __pfx_kthread+0x10/0x10 [ 14.851445] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.851467] ? calculate_sigpending+0x7b/0xa0 [ 14.851492] ? __pfx_kthread+0x10/0x10 [ 14.851512] ret_from_fork+0x116/0x1d0 [ 14.851530] ? __pfx_kthread+0x10/0x10 [ 14.851551] ret_from_fork_asm+0x1a/0x30 [ 14.851581] </TASK> [ 14.851592] [ 14.865744] Allocated by task 278: [ 14.866313] kasan_save_stack+0x45/0x70 [ 14.866532] kasan_save_track+0x18/0x40 [ 14.866685] kasan_save_alloc_info+0x3b/0x50 [ 14.866917] __kasan_kmalloc+0xb7/0xc0 [ 14.867562] __kmalloc_cache_noprof+0x189/0x420 [ 14.867854] kasan_bitops_generic+0x92/0x1c0 [ 14.868278] kunit_try_run_case+0x1a5/0x480 [ 14.868631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.868996] kthread+0x337/0x6f0 [ 14.869365] ret_from_fork+0x116/0x1d0 [ 14.869650] ret_from_fork_asm+0x1a/0x30 [ 14.869838] [ 14.869911] The buggy address belongs to the object at ffff888102574300 [ 14.869911] which belongs to the cache kmalloc-16 of size 16 [ 14.870775] The buggy address is located 8 bytes inside of [ 14.870775] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 14.871787] [ 14.871897] The buggy address belongs to the physical page: [ 14.872492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 14.872946] flags: 0x200000000000000(node=0|zone=2) [ 14.873365] page_type: f5(slab) [ 14.873634] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.874223] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.874661] page dumped because: kasan: bad access detected [ 14.875253] [ 14.875359] Memory state around the buggy address: [ 14.875558] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.876193] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.876672] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.877231] ^ [ 14.877582] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.878011] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.878524] ================================================================== [ 14.939458] ================================================================== [ 14.939782] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.940923] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 14.941375] [ 14.941614] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.941663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.941782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.941805] Call Trace: [ 14.941827] <TASK> [ 14.941847] dump_stack_lvl+0x73/0xb0 [ 14.941882] print_report+0xd1/0x650 [ 14.941906] ? __virt_addr_valid+0x1db/0x2d0 [ 14.941928] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.941982] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.942005] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.942032] kasan_report+0x141/0x180 [ 14.942053] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.942085] kasan_check_range+0x10c/0x1c0 [ 14.942108] __kasan_check_write+0x18/0x20 [ 14.942129] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.942158] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.942187] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.942212] ? trace_hardirqs_on+0x37/0xe0 [ 14.942234] ? kasan_bitops_generic+0x92/0x1c0 [ 14.942263] kasan_bitops_generic+0x116/0x1c0 [ 14.942287] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.942312] ? __pfx_read_tsc+0x10/0x10 [ 14.942333] ? ktime_get_ts64+0x86/0x230 [ 14.942358] kunit_try_run_case+0x1a5/0x480 [ 14.942385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.942408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.942433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.942457] ? __kthread_parkme+0x82/0x180 [ 14.942478] ? preempt_count_sub+0x50/0x80 [ 14.942502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.942526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.942551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.942576] kthread+0x337/0x6f0 [ 14.942594] ? trace_preempt_on+0x20/0xc0 [ 14.942616] ? __pfx_kthread+0x10/0x10 [ 14.942636] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.942657] ? calculate_sigpending+0x7b/0xa0 [ 14.942681] ? __pfx_kthread+0x10/0x10 [ 14.942702] ret_from_fork+0x116/0x1d0 [ 14.942727] ? __pfx_kthread+0x10/0x10 [ 14.942747] ret_from_fork_asm+0x1a/0x30 [ 14.942778] </TASK> [ 14.942788] [ 14.956819] Allocated by task 278: [ 14.957277] kasan_save_stack+0x45/0x70 [ 14.957487] kasan_save_track+0x18/0x40 [ 14.957653] kasan_save_alloc_info+0x3b/0x50 [ 14.957869] __kasan_kmalloc+0xb7/0xc0 [ 14.958456] __kmalloc_cache_noprof+0x189/0x420 [ 14.958650] kasan_bitops_generic+0x92/0x1c0 [ 14.959144] kunit_try_run_case+0x1a5/0x480 [ 14.959542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.959918] kthread+0x337/0x6f0 [ 14.960460] ret_from_fork+0x116/0x1d0 [ 14.960626] ret_from_fork_asm+0x1a/0x30 [ 14.961108] [ 14.961208] The buggy address belongs to the object at ffff888102574300 [ 14.961208] which belongs to the cache kmalloc-16 of size 16 [ 14.962114] The buggy address is located 8 bytes inside of [ 14.962114] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 14.962818] [ 14.962918] The buggy address belongs to the physical page: [ 14.963130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 14.964229] flags: 0x200000000000000(node=0|zone=2) [ 14.964751] page_type: f5(slab) [ 14.964883] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.965595] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.965849] page dumped because: kasan: bad access detected [ 14.966224] [ 14.966402] Memory state around the buggy address: [ 14.966818] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.967645] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.968175] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.969051] ^ [ 14.969372] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.969586] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.969799] ================================================================== [ 14.790572] ================================================================== [ 14.790907] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.791519] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 14.792197] [ 14.792686] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.792737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.792749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.792771] Call Trace: [ 14.792791] <TASK> [ 14.792810] dump_stack_lvl+0x73/0xb0 [ 14.792845] print_report+0xd1/0x650 [ 14.792869] ? __virt_addr_valid+0x1db/0x2d0 [ 14.792892] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.792918] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.793122] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.793155] kasan_report+0x141/0x180 [ 14.793178] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.793210] kasan_check_range+0x10c/0x1c0 [ 14.793233] __kasan_check_write+0x18/0x20 [ 14.793253] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.793293] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.793321] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.793346] ? trace_hardirqs_on+0x37/0xe0 [ 14.793370] ? kasan_bitops_generic+0x92/0x1c0 [ 14.793398] kasan_bitops_generic+0x116/0x1c0 [ 14.793422] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.793448] ? __pfx_read_tsc+0x10/0x10 [ 14.793470] ? ktime_get_ts64+0x86/0x230 [ 14.793494] kunit_try_run_case+0x1a5/0x480 [ 14.793519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.793542] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.793568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.793591] ? __kthread_parkme+0x82/0x180 [ 14.793612] ? preempt_count_sub+0x50/0x80 [ 14.793636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.793661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.793686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.793711] kthread+0x337/0x6f0 [ 14.793730] ? trace_preempt_on+0x20/0xc0 [ 14.793752] ? __pfx_kthread+0x10/0x10 [ 14.793773] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.793795] ? calculate_sigpending+0x7b/0xa0 [ 14.793821] ? __pfx_kthread+0x10/0x10 [ 14.793842] ret_from_fork+0x116/0x1d0 [ 14.793861] ? __pfx_kthread+0x10/0x10 [ 14.793882] ret_from_fork_asm+0x1a/0x30 [ 14.793913] </TASK> [ 14.793923] [ 14.806105] Allocated by task 278: [ 14.806287] kasan_save_stack+0x45/0x70 [ 14.806572] kasan_save_track+0x18/0x40 [ 14.806778] kasan_save_alloc_info+0x3b/0x50 [ 14.806990] __kasan_kmalloc+0xb7/0xc0 [ 14.807506] __kmalloc_cache_noprof+0x189/0x420 [ 14.807831] kasan_bitops_generic+0x92/0x1c0 [ 14.808240] kunit_try_run_case+0x1a5/0x480 [ 14.808538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.808776] kthread+0x337/0x6f0 [ 14.808901] ret_from_fork+0x116/0x1d0 [ 14.809509] ret_from_fork_asm+0x1a/0x30 [ 14.809723] [ 14.809822] The buggy address belongs to the object at ffff888102574300 [ 14.809822] which belongs to the cache kmalloc-16 of size 16 [ 14.810852] The buggy address is located 8 bytes inside of [ 14.810852] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 14.811704] [ 14.811812] The buggy address belongs to the physical page: [ 14.812356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 14.812821] flags: 0x200000000000000(node=0|zone=2) [ 14.813057] page_type: f5(slab) [ 14.813214] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.813602] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.814418] page dumped because: kasan: bad access detected [ 14.814696] [ 14.814786] Memory state around the buggy address: [ 14.815286] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.815714] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.816208] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.816663] ^ [ 14.816813] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.817404] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.817816] ================================================================== [ 14.909849] ================================================================== [ 14.910629] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.911497] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 14.911817] [ 14.911922] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.912345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.912360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.912382] Call Trace: [ 14.912404] <TASK> [ 14.912423] dump_stack_lvl+0x73/0xb0 [ 14.912458] print_report+0xd1/0x650 [ 14.912481] ? __virt_addr_valid+0x1db/0x2d0 [ 14.912505] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.912531] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.912554] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.912582] kasan_report+0x141/0x180 [ 14.912603] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.912634] kasan_check_range+0x10c/0x1c0 [ 14.912657] __kasan_check_write+0x18/0x20 [ 14.912677] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.912704] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.912734] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.912759] ? trace_hardirqs_on+0x37/0xe0 [ 14.912781] ? kasan_bitops_generic+0x92/0x1c0 [ 14.912809] kasan_bitops_generic+0x116/0x1c0 [ 14.912832] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.912858] ? __pfx_read_tsc+0x10/0x10 [ 14.912879] ? ktime_get_ts64+0x86/0x230 [ 14.912905] kunit_try_run_case+0x1a5/0x480 [ 14.912929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.913019] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.913045] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.913069] ? __kthread_parkme+0x82/0x180 [ 14.913091] ? preempt_count_sub+0x50/0x80 [ 14.913114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.913139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.913164] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.913189] kthread+0x337/0x6f0 [ 14.913208] ? trace_preempt_on+0x20/0xc0 [ 14.913230] ? __pfx_kthread+0x10/0x10 [ 14.913251] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.913273] ? calculate_sigpending+0x7b/0xa0 [ 14.913297] ? __pfx_kthread+0x10/0x10 [ 14.913320] ret_from_fork+0x116/0x1d0 [ 14.913338] ? __pfx_kthread+0x10/0x10 [ 14.913359] ret_from_fork_asm+0x1a/0x30 [ 14.913389] </TASK> [ 14.913400] [ 14.926134] Allocated by task 278: [ 14.926490] kasan_save_stack+0x45/0x70 [ 14.926805] kasan_save_track+0x18/0x40 [ 14.927102] kasan_save_alloc_info+0x3b/0x50 [ 14.927302] __kasan_kmalloc+0xb7/0xc0 [ 14.927812] __kmalloc_cache_noprof+0x189/0x420 [ 14.928402] kasan_bitops_generic+0x92/0x1c0 [ 14.928635] kunit_try_run_case+0x1a5/0x480 [ 14.928918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.929171] kthread+0x337/0x6f0 [ 14.929624] ret_from_fork+0x116/0x1d0 [ 14.929817] ret_from_fork_asm+0x1a/0x30 [ 14.930144] [ 14.930224] The buggy address belongs to the object at ffff888102574300 [ 14.930224] which belongs to the cache kmalloc-16 of size 16 [ 14.931328] The buggy address is located 8 bytes inside of [ 14.931328] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 14.931847] [ 14.931953] The buggy address belongs to the physical page: [ 14.932547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 14.933011] flags: 0x200000000000000(node=0|zone=2) [ 14.933501] page_type: f5(slab) [ 14.933775] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.934322] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.934759] page dumped because: kasan: bad access detected [ 14.935006] [ 14.935362] Memory state around the buggy address: [ 14.935704] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.936397] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.936811] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.937315] ^ [ 14.937613] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.938222] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.938692] ================================================================== [ 14.818773] ================================================================== [ 14.819429] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.819883] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 14.820600] [ 14.820715] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.820762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.820773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.820794] Call Trace: [ 14.820814] <TASK> [ 14.820832] dump_stack_lvl+0x73/0xb0 [ 14.820863] print_report+0xd1/0x650 [ 14.820910] ? __virt_addr_valid+0x1db/0x2d0 [ 14.820945] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.821059] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.821084] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.821111] kasan_report+0x141/0x180 [ 14.821134] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.821166] kasan_check_range+0x10c/0x1c0 [ 14.821190] __kasan_check_write+0x18/0x20 [ 14.821210] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.821236] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.821353] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.821381] ? trace_hardirqs_on+0x37/0xe0 [ 14.821406] ? kasan_bitops_generic+0x92/0x1c0 [ 14.821434] kasan_bitops_generic+0x116/0x1c0 [ 14.821458] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.821484] ? __pfx_read_tsc+0x10/0x10 [ 14.821506] ? ktime_get_ts64+0x86/0x230 [ 14.821530] kunit_try_run_case+0x1a5/0x480 [ 14.821555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.821579] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.821604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.821629] ? __kthread_parkme+0x82/0x180 [ 14.821650] ? preempt_count_sub+0x50/0x80 [ 14.821675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.821701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.821730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.821757] kthread+0x337/0x6f0 [ 14.821776] ? trace_preempt_on+0x20/0xc0 [ 14.821797] ? __pfx_kthread+0x10/0x10 [ 14.821818] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.821840] ? calculate_sigpending+0x7b/0xa0 [ 14.821865] ? __pfx_kthread+0x10/0x10 [ 14.821887] ret_from_fork+0x116/0x1d0 [ 14.821904] ? __pfx_kthread+0x10/0x10 [ 14.821925] ret_from_fork_asm+0x1a/0x30 [ 14.821985] </TASK> [ 14.821996] [ 14.835688] Allocated by task 278: [ 14.835870] kasan_save_stack+0x45/0x70 [ 14.836388] kasan_save_track+0x18/0x40 [ 14.836611] kasan_save_alloc_info+0x3b/0x50 [ 14.836929] __kasan_kmalloc+0xb7/0xc0 [ 14.837342] __kmalloc_cache_noprof+0x189/0x420 [ 14.837665] kasan_bitops_generic+0x92/0x1c0 [ 14.837870] kunit_try_run_case+0x1a5/0x480 [ 14.838385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.838746] kthread+0x337/0x6f0 [ 14.838928] ret_from_fork+0x116/0x1d0 [ 14.839243] ret_from_fork_asm+0x1a/0x30 [ 14.839645] [ 14.839764] The buggy address belongs to the object at ffff888102574300 [ 14.839764] which belongs to the cache kmalloc-16 of size 16 [ 14.840517] The buggy address is located 8 bytes inside of [ 14.840517] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 14.841381] [ 14.841490] The buggy address belongs to the physical page: [ 14.841703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 14.842369] flags: 0x200000000000000(node=0|zone=2) [ 14.842736] page_type: f5(slab) [ 14.842922] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.843501] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.843998] page dumped because: kasan: bad access detected [ 14.844300] [ 14.844588] Memory state around the buggy address: [ 14.844830] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.845403] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.845712] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.846357] ^ [ 14.846525] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.847051] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.847578] ================================================================== [ 14.879482] ================================================================== [ 14.879795] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.880658] Write of size 8 at addr ffff888102574308 by task kunit_try_catch/278 [ 14.881157] [ 14.881446] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.881500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.881513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.881534] Call Trace: [ 14.881555] <TASK> [ 14.881574] dump_stack_lvl+0x73/0xb0 [ 14.881607] print_report+0xd1/0x650 [ 14.881632] ? __virt_addr_valid+0x1db/0x2d0 [ 14.881656] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.881683] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.881706] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.881733] kasan_report+0x141/0x180 [ 14.881755] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.881786] kasan_check_range+0x10c/0x1c0 [ 14.881810] __kasan_check_write+0x18/0x20 [ 14.881830] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.881857] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.881885] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.881909] ? trace_hardirqs_on+0x37/0xe0 [ 14.881952] ? kasan_bitops_generic+0x92/0x1c0 [ 14.881981] kasan_bitops_generic+0x116/0x1c0 [ 14.882006] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.882032] ? __pfx_read_tsc+0x10/0x10 [ 14.882055] ? ktime_get_ts64+0x86/0x230 [ 14.882080] kunit_try_run_case+0x1a5/0x480 [ 14.882105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.882129] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.882154] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.882179] ? __kthread_parkme+0x82/0x180 [ 14.882200] ? preempt_count_sub+0x50/0x80 [ 14.882224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.882248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.882274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.882299] kthread+0x337/0x6f0 [ 14.882318] ? trace_preempt_on+0x20/0xc0 [ 14.882339] ? __pfx_kthread+0x10/0x10 [ 14.882360] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.882380] ? calculate_sigpending+0x7b/0xa0 [ 14.882405] ? __pfx_kthread+0x10/0x10 [ 14.882426] ret_from_fork+0x116/0x1d0 [ 14.882444] ? __pfx_kthread+0x10/0x10 [ 14.882463] ret_from_fork_asm+0x1a/0x30 [ 14.882495] </TASK> [ 14.882505] [ 14.896198] Allocated by task 278: [ 14.896496] kasan_save_stack+0x45/0x70 [ 14.896696] kasan_save_track+0x18/0x40 [ 14.896874] kasan_save_alloc_info+0x3b/0x50 [ 14.897144] __kasan_kmalloc+0xb7/0xc0 [ 14.897787] __kmalloc_cache_noprof+0x189/0x420 [ 14.898028] kasan_bitops_generic+0x92/0x1c0 [ 14.898521] kunit_try_run_case+0x1a5/0x480 [ 14.898833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.899458] kthread+0x337/0x6f0 [ 14.899725] ret_from_fork+0x116/0x1d0 [ 14.899891] ret_from_fork_asm+0x1a/0x30 [ 14.900472] [ 14.900579] The buggy address belongs to the object at ffff888102574300 [ 14.900579] which belongs to the cache kmalloc-16 of size 16 [ 14.901257] The buggy address is located 8 bytes inside of [ 14.901257] allocated 9-byte region [ffff888102574300, ffff888102574309) [ 14.902222] [ 14.902515] The buggy address belongs to the physical page: [ 14.902772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 14.903440] flags: 0x200000000000000(node=0|zone=2) [ 14.903755] page_type: f5(slab) [ 14.904217] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.904549] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.905133] page dumped because: kasan: bad access detected [ 14.905495] [ 14.905606] Memory state around the buggy address: [ 14.905885] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 14.906666] ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.907367] >ffff888102574300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.907813] ^ [ 14.908222] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.908644] ffff888102574400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.909193] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.704379] ================================================================== [ 14.704724] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.705120] Read of size 1 at addr ffff888102ab8ed0 by task kunit_try_catch/276 [ 14.705480] [ 14.705629] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.705673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.705685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.705706] Call Trace: [ 14.705724] <TASK> [ 14.705741] dump_stack_lvl+0x73/0xb0 [ 14.705806] print_report+0xd1/0x650 [ 14.705830] ? __virt_addr_valid+0x1db/0x2d0 [ 14.705853] ? strnlen+0x73/0x80 [ 14.705870] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.705894] ? strnlen+0x73/0x80 [ 14.706012] kasan_report+0x141/0x180 [ 14.706041] ? strnlen+0x73/0x80 [ 14.706102] __asan_report_load1_noabort+0x18/0x20 [ 14.706129] strnlen+0x73/0x80 [ 14.706148] kasan_strings+0x615/0xe80 [ 14.706168] ? trace_hardirqs_on+0x37/0xe0 [ 14.706192] ? __pfx_kasan_strings+0x10/0x10 [ 14.706242] ? finish_task_switch.isra.0+0x153/0x700 [ 14.706280] ? __switch_to+0x47/0xf50 [ 14.706306] ? __schedule+0x10cc/0x2b60 [ 14.706328] ? __pfx_read_tsc+0x10/0x10 [ 14.706349] ? ktime_get_ts64+0x86/0x230 [ 14.706374] kunit_try_run_case+0x1a5/0x480 [ 14.706398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.706421] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.706446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.706471] ? __kthread_parkme+0x82/0x180 [ 14.706491] ? preempt_count_sub+0x50/0x80 [ 14.706514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.706540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.706564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.706590] kthread+0x337/0x6f0 [ 14.706609] ? trace_preempt_on+0x20/0xc0 [ 14.706631] ? __pfx_kthread+0x10/0x10 [ 14.706651] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.706673] ? calculate_sigpending+0x7b/0xa0 [ 14.706697] ? __pfx_kthread+0x10/0x10 [ 14.706723] ret_from_fork+0x116/0x1d0 [ 14.706740] ? __pfx_kthread+0x10/0x10 [ 14.706761] ret_from_fork_asm+0x1a/0x30 [ 14.706792] </TASK> [ 14.706803] [ 14.715761] Allocated by task 276: [ 14.716042] kasan_save_stack+0x45/0x70 [ 14.716324] kasan_save_track+0x18/0x40 [ 14.716549] kasan_save_alloc_info+0x3b/0x50 [ 14.716737] __kasan_kmalloc+0xb7/0xc0 [ 14.717036] __kmalloc_cache_noprof+0x189/0x420 [ 14.717296] kasan_strings+0xc0/0xe80 [ 14.717515] kunit_try_run_case+0x1a5/0x480 [ 14.717738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.718074] kthread+0x337/0x6f0 [ 14.718307] ret_from_fork+0x116/0x1d0 [ 14.718522] ret_from_fork_asm+0x1a/0x30 [ 14.718737] [ 14.718831] Freed by task 276: [ 14.719089] kasan_save_stack+0x45/0x70 [ 14.719300] kasan_save_track+0x18/0x40 [ 14.719537] kasan_save_free_info+0x3f/0x60 [ 14.719768] __kasan_slab_free+0x56/0x70 [ 14.720227] kfree+0x222/0x3f0 [ 14.720426] kasan_strings+0x2aa/0xe80 [ 14.720615] kunit_try_run_case+0x1a5/0x480 [ 14.720790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.721156] kthread+0x337/0x6f0 [ 14.721367] ret_from_fork+0x116/0x1d0 [ 14.721581] ret_from_fork_asm+0x1a/0x30 [ 14.721761] [ 14.721886] The buggy address belongs to the object at ffff888102ab8ec0 [ 14.721886] which belongs to the cache kmalloc-32 of size 32 [ 14.722518] The buggy address is located 16 bytes inside of [ 14.722518] freed 32-byte region [ffff888102ab8ec0, ffff888102ab8ee0) [ 14.723064] [ 14.723143] The buggy address belongs to the physical page: [ 14.723430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 14.723888] flags: 0x200000000000000(node=0|zone=2) [ 14.724171] page_type: f5(slab) [ 14.724322] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.724733] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 14.725276] page dumped because: kasan: bad access detected [ 14.725539] [ 14.725650] Memory state around the buggy address: [ 14.725895] ffff888102ab8d80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.726196] ffff888102ab8e00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.726531] >ffff888102ab8e80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.726856] ^ [ 14.727203] ffff888102ab8f00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.727500] ffff888102ab8f80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.727867] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.680167] ================================================================== [ 14.680771] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.681141] Read of size 1 at addr ffff888102ab8ed0 by task kunit_try_catch/276 [ 14.681627] [ 14.681876] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.682023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.682040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.682061] Call Trace: [ 14.682082] <TASK> [ 14.682100] dump_stack_lvl+0x73/0xb0 [ 14.682176] print_report+0xd1/0x650 [ 14.682202] ? __virt_addr_valid+0x1db/0x2d0 [ 14.682226] ? strlen+0x8f/0xb0 [ 14.682243] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.682277] ? strlen+0x8f/0xb0 [ 14.682295] kasan_report+0x141/0x180 [ 14.682350] ? strlen+0x8f/0xb0 [ 14.682373] __asan_report_load1_noabort+0x18/0x20 [ 14.682398] strlen+0x8f/0xb0 [ 14.682415] kasan_strings+0x57b/0xe80 [ 14.682435] ? trace_hardirqs_on+0x37/0xe0 [ 14.682491] ? __pfx_kasan_strings+0x10/0x10 [ 14.682513] ? finish_task_switch.isra.0+0x153/0x700 [ 14.682536] ? __switch_to+0x47/0xf50 [ 14.682562] ? __schedule+0x10cc/0x2b60 [ 14.682584] ? __pfx_read_tsc+0x10/0x10 [ 14.682606] ? ktime_get_ts64+0x86/0x230 [ 14.682630] kunit_try_run_case+0x1a5/0x480 [ 14.682655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.682678] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.682738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.682788] ? __kthread_parkme+0x82/0x180 [ 14.682810] ? preempt_count_sub+0x50/0x80 [ 14.682834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.682859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.682884] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.682909] kthread+0x337/0x6f0 [ 14.682928] ? trace_preempt_on+0x20/0xc0 [ 14.683017] ? __pfx_kthread+0x10/0x10 [ 14.683040] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.683063] ? calculate_sigpending+0x7b/0xa0 [ 14.683087] ? __pfx_kthread+0x10/0x10 [ 14.683110] ret_from_fork+0x116/0x1d0 [ 14.683129] ? __pfx_kthread+0x10/0x10 [ 14.683149] ret_from_fork_asm+0x1a/0x30 [ 14.683180] </TASK> [ 14.683192] [ 14.691560] Allocated by task 276: [ 14.691733] kasan_save_stack+0x45/0x70 [ 14.691894] kasan_save_track+0x18/0x40 [ 14.692380] kasan_save_alloc_info+0x3b/0x50 [ 14.692645] __kasan_kmalloc+0xb7/0xc0 [ 14.692834] __kmalloc_cache_noprof+0x189/0x420 [ 14.693158] kasan_strings+0xc0/0xe80 [ 14.693322] kunit_try_run_case+0x1a5/0x480 [ 14.693468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.693641] kthread+0x337/0x6f0 [ 14.693784] ret_from_fork+0x116/0x1d0 [ 14.694153] ret_from_fork_asm+0x1a/0x30 [ 14.694465] [ 14.694561] Freed by task 276: [ 14.694723] kasan_save_stack+0x45/0x70 [ 14.694924] kasan_save_track+0x18/0x40 [ 14.695226] kasan_save_free_info+0x3f/0x60 [ 14.695459] __kasan_slab_free+0x56/0x70 [ 14.695694] kfree+0x222/0x3f0 [ 14.695890] kasan_strings+0x2aa/0xe80 [ 14.696197] kunit_try_run_case+0x1a5/0x480 [ 14.696424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.696601] kthread+0x337/0x6f0 [ 14.696805] ret_from_fork+0x116/0x1d0 [ 14.697303] ret_from_fork_asm+0x1a/0x30 [ 14.697571] [ 14.697670] The buggy address belongs to the object at ffff888102ab8ec0 [ 14.697670] which belongs to the cache kmalloc-32 of size 32 [ 14.698379] The buggy address is located 16 bytes inside of [ 14.698379] freed 32-byte region [ffff888102ab8ec0, ffff888102ab8ee0) [ 14.698888] [ 14.699094] The buggy address belongs to the physical page: [ 14.699390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 14.699772] flags: 0x200000000000000(node=0|zone=2) [ 14.699995] page_type: f5(slab) [ 14.700126] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.700472] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 14.700802] page dumped because: kasan: bad access detected [ 14.701119] [ 14.701191] Memory state around the buggy address: [ 14.701370] ffff888102ab8d80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.701688] ffff888102ab8e00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.702194] >ffff888102ab8e80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.702559] ^ [ 14.702831] ffff888102ab8f00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.703335] ffff888102ab8f80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.703670] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.655825] ================================================================== [ 14.656313] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.656588] Read of size 1 at addr ffff888102ab8ed0 by task kunit_try_catch/276 [ 14.656916] [ 14.657114] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.657162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.657174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.657194] Call Trace: [ 14.657213] <TASK> [ 14.657231] dump_stack_lvl+0x73/0xb0 [ 14.657262] print_report+0xd1/0x650 [ 14.657370] ? __virt_addr_valid+0x1db/0x2d0 [ 14.657394] ? kasan_strings+0xcbc/0xe80 [ 14.657416] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.657439] ? kasan_strings+0xcbc/0xe80 [ 14.657461] kasan_report+0x141/0x180 [ 14.657483] ? kasan_strings+0xcbc/0xe80 [ 14.657508] __asan_report_load1_noabort+0x18/0x20 [ 14.657533] kasan_strings+0xcbc/0xe80 [ 14.657552] ? trace_hardirqs_on+0x37/0xe0 [ 14.657610] ? __pfx_kasan_strings+0x10/0x10 [ 14.657655] ? finish_task_switch.isra.0+0x153/0x700 [ 14.657678] ? __switch_to+0x47/0xf50 [ 14.657704] ? __schedule+0x10cc/0x2b60 [ 14.657728] ? __pfx_read_tsc+0x10/0x10 [ 14.657749] ? ktime_get_ts64+0x86/0x230 [ 14.657774] kunit_try_run_case+0x1a5/0x480 [ 14.657829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.657852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.657902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.657927] ? __kthread_parkme+0x82/0x180 [ 14.658010] ? preempt_count_sub+0x50/0x80 [ 14.658035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.658060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.658086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.658150] kthread+0x337/0x6f0 [ 14.658170] ? trace_preempt_on+0x20/0xc0 [ 14.658194] ? __pfx_kthread+0x10/0x10 [ 14.658214] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.658236] ? calculate_sigpending+0x7b/0xa0 [ 14.658261] ? __pfx_kthread+0x10/0x10 [ 14.658312] ret_from_fork+0x116/0x1d0 [ 14.658332] ? __pfx_kthread+0x10/0x10 [ 14.658353] ret_from_fork_asm+0x1a/0x30 [ 14.658383] </TASK> [ 14.658394] [ 14.667427] Allocated by task 276: [ 14.667653] kasan_save_stack+0x45/0x70 [ 14.667859] kasan_save_track+0x18/0x40 [ 14.668060] kasan_save_alloc_info+0x3b/0x50 [ 14.668269] __kasan_kmalloc+0xb7/0xc0 [ 14.668639] __kmalloc_cache_noprof+0x189/0x420 [ 14.668865] kasan_strings+0xc0/0xe80 [ 14.669086] kunit_try_run_case+0x1a5/0x480 [ 14.669417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.669599] kthread+0x337/0x6f0 [ 14.669765] ret_from_fork+0x116/0x1d0 [ 14.670162] ret_from_fork_asm+0x1a/0x30 [ 14.670539] [ 14.670639] Freed by task 276: [ 14.670808] kasan_save_stack+0x45/0x70 [ 14.671099] kasan_save_track+0x18/0x40 [ 14.671284] kasan_save_free_info+0x3f/0x60 [ 14.671477] __kasan_slab_free+0x56/0x70 [ 14.671607] kfree+0x222/0x3f0 [ 14.671754] kasan_strings+0x2aa/0xe80 [ 14.671881] kunit_try_run_case+0x1a5/0x480 [ 14.672325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.672514] kthread+0x337/0x6f0 [ 14.672629] ret_from_fork+0x116/0x1d0 [ 14.672946] ret_from_fork_asm+0x1a/0x30 [ 14.673278] [ 14.673375] The buggy address belongs to the object at ffff888102ab8ec0 [ 14.673375] which belongs to the cache kmalloc-32 of size 32 [ 14.673829] The buggy address is located 16 bytes inside of [ 14.673829] freed 32-byte region [ffff888102ab8ec0, ffff888102ab8ee0) [ 14.674537] [ 14.674631] The buggy address belongs to the physical page: [ 14.674975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 14.675543] flags: 0x200000000000000(node=0|zone=2) [ 14.675764] page_type: f5(slab) [ 14.675928] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.676164] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 14.676562] page dumped because: kasan: bad access detected [ 14.677026] [ 14.677131] Memory state around the buggy address: [ 14.677335] ffff888102ab8d80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.677541] ffff888102ab8e00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.677744] >ffff888102ab8e80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.678347] ^ [ 14.678687] ffff888102ab8f00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.679408] ffff888102ab8f80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.679713] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.629676] ================================================================== [ 14.630862] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.631202] Read of size 1 at addr ffff888102ab8ed0 by task kunit_try_catch/276 [ 14.631627] [ 14.631748] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.631796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.631808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.631862] Call Trace: [ 14.631898] <TASK> [ 14.631916] dump_stack_lvl+0x73/0xb0 [ 14.631987] print_report+0xd1/0x650 [ 14.632039] ? __virt_addr_valid+0x1db/0x2d0 [ 14.632065] ? strcmp+0xb0/0xc0 [ 14.632082] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.632158] ? strcmp+0xb0/0xc0 [ 14.632178] kasan_report+0x141/0x180 [ 14.632203] ? strcmp+0xb0/0xc0 [ 14.632225] __asan_report_load1_noabort+0x18/0x20 [ 14.632250] strcmp+0xb0/0xc0 [ 14.632268] kasan_strings+0x431/0xe80 [ 14.632288] ? trace_hardirqs_on+0x37/0xe0 [ 14.632325] ? __pfx_kasan_strings+0x10/0x10 [ 14.632346] ? finish_task_switch.isra.0+0x153/0x700 [ 14.632371] ? __switch_to+0x47/0xf50 [ 14.632397] ? __schedule+0x10cc/0x2b60 [ 14.632420] ? __pfx_read_tsc+0x10/0x10 [ 14.632443] ? ktime_get_ts64+0x86/0x230 [ 14.632469] kunit_try_run_case+0x1a5/0x480 [ 14.632495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.632518] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.632545] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.632569] ? __kthread_parkme+0x82/0x180 [ 14.632591] ? preempt_count_sub+0x50/0x80 [ 14.632613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.632638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.632663] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.632688] kthread+0x337/0x6f0 [ 14.632706] ? trace_preempt_on+0x20/0xc0 [ 14.632728] ? __pfx_kthread+0x10/0x10 [ 14.632749] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.632770] ? calculate_sigpending+0x7b/0xa0 [ 14.632796] ? __pfx_kthread+0x10/0x10 [ 14.632817] ret_from_fork+0x116/0x1d0 [ 14.632835] ? __pfx_kthread+0x10/0x10 [ 14.632854] ret_from_fork_asm+0x1a/0x30 [ 14.632886] </TASK> [ 14.632897] [ 14.641972] Allocated by task 276: [ 14.642241] kasan_save_stack+0x45/0x70 [ 14.642485] kasan_save_track+0x18/0x40 [ 14.642702] kasan_save_alloc_info+0x3b/0x50 [ 14.642956] __kasan_kmalloc+0xb7/0xc0 [ 14.643225] __kmalloc_cache_noprof+0x189/0x420 [ 14.643486] kasan_strings+0xc0/0xe80 [ 14.643669] kunit_try_run_case+0x1a5/0x480 [ 14.643886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.644135] kthread+0x337/0x6f0 [ 14.644256] ret_from_fork+0x116/0x1d0 [ 14.644612] ret_from_fork_asm+0x1a/0x30 [ 14.644946] [ 14.645271] Freed by task 276: [ 14.645594] kasan_save_stack+0x45/0x70 [ 14.645806] kasan_save_track+0x18/0x40 [ 14.646133] kasan_save_free_info+0x3f/0x60 [ 14.646463] __kasan_slab_free+0x56/0x70 [ 14.646629] kfree+0x222/0x3f0 [ 14.646830] kasan_strings+0x2aa/0xe80 [ 14.647108] kunit_try_run_case+0x1a5/0x480 [ 14.647333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.647620] kthread+0x337/0x6f0 [ 14.647769] ret_from_fork+0x116/0x1d0 [ 14.647897] ret_from_fork_asm+0x1a/0x30 [ 14.648044] [ 14.648231] The buggy address belongs to the object at ffff888102ab8ec0 [ 14.648231] which belongs to the cache kmalloc-32 of size 32 [ 14.649077] The buggy address is located 16 bytes inside of [ 14.649077] freed 32-byte region [ffff888102ab8ec0, ffff888102ab8ee0) [ 14.649415] [ 14.649511] The buggy address belongs to the physical page: [ 14.649756] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 14.650445] flags: 0x200000000000000(node=0|zone=2) [ 14.650697] page_type: f5(slab) [ 14.650825] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.651170] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 14.651567] page dumped because: kasan: bad access detected [ 14.651988] [ 14.652114] Memory state around the buggy address: [ 14.652429] ffff888102ab8d80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.652897] ffff888102ab8e00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.653418] >ffff888102ab8e80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.653817] ^ [ 14.654207] ffff888102ab8f00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.654580] ffff888102ab8f80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.654889] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.592088] ================================================================== [ 14.592740] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.592977] Read of size 1 at addr ffff8881026bfb98 by task kunit_try_catch/274 [ 14.593370] [ 14.593493] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.593569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.593582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.593616] Call Trace: [ 14.593629] <TASK> [ 14.593646] dump_stack_lvl+0x73/0xb0 [ 14.593679] print_report+0xd1/0x650 [ 14.593705] ? __virt_addr_valid+0x1db/0x2d0 [ 14.593728] ? memcmp+0x1b4/0x1d0 [ 14.593747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.593772] ? memcmp+0x1b4/0x1d0 [ 14.593791] kasan_report+0x141/0x180 [ 14.593814] ? memcmp+0x1b4/0x1d0 [ 14.593837] __asan_report_load1_noabort+0x18/0x20 [ 14.593863] memcmp+0x1b4/0x1d0 [ 14.593884] kasan_memcmp+0x18f/0x390 [ 14.593905] ? trace_hardirqs_on+0x37/0xe0 [ 14.593942] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.593964] ? finish_task_switch.isra.0+0x153/0x700 [ 14.593989] ? __switch_to+0x47/0xf50 [ 14.594019] ? __pfx_read_tsc+0x10/0x10 [ 14.594043] ? ktime_get_ts64+0x86/0x230 [ 14.594068] kunit_try_run_case+0x1a5/0x480 [ 14.594094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.594142] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.594170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.594195] ? __kthread_parkme+0x82/0x180 [ 14.594219] ? preempt_count_sub+0x50/0x80 [ 14.594244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.594270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.594297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.594324] kthread+0x337/0x6f0 [ 14.594344] ? trace_preempt_on+0x20/0xc0 [ 14.594368] ? __pfx_kthread+0x10/0x10 [ 14.594390] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.594414] ? calculate_sigpending+0x7b/0xa0 [ 14.594440] ? __pfx_kthread+0x10/0x10 [ 14.594463] ret_from_fork+0x116/0x1d0 [ 14.594502] ? __pfx_kthread+0x10/0x10 [ 14.594525] ret_from_fork_asm+0x1a/0x30 [ 14.594558] </TASK> [ 14.594568] [ 14.609878] Allocated by task 274: [ 14.610427] kasan_save_stack+0x45/0x70 [ 14.610953] kasan_save_track+0x18/0x40 [ 14.611534] kasan_save_alloc_info+0x3b/0x50 [ 14.611974] __kasan_kmalloc+0xb7/0xc0 [ 14.612465] __kmalloc_cache_noprof+0x189/0x420 [ 14.612895] kasan_memcmp+0xb7/0x390 [ 14.613286] kunit_try_run_case+0x1a5/0x480 [ 14.613578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.613749] kthread+0x337/0x6f0 [ 14.613867] ret_from_fork+0x116/0x1d0 [ 14.614218] ret_from_fork_asm+0x1a/0x30 [ 14.614650] [ 14.614832] The buggy address belongs to the object at ffff8881026bfb80 [ 14.614832] which belongs to the cache kmalloc-32 of size 32 [ 14.616317] The buggy address is located 0 bytes to the right of [ 14.616317] allocated 24-byte region [ffff8881026bfb80, ffff8881026bfb98) [ 14.616916] [ 14.617161] The buggy address belongs to the physical page: [ 14.617740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026bf [ 14.618523] flags: 0x200000000000000(node=0|zone=2) [ 14.618871] page_type: f5(slab) [ 14.619159] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.619902] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.620476] page dumped because: kasan: bad access detected [ 14.620648] [ 14.620716] Memory state around the buggy address: [ 14.620866] ffff8881026bfa80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.621145] ffff8881026bfb00: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.621696] >ffff8881026bfb80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.622076] ^ [ 14.622396] ffff8881026bfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.622691] ffff8881026bfc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.623018] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.559358] ================================================================== [ 14.560657] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.561499] Read of size 1 at addr ffff888102c27c4a by task kunit_try_catch/270 [ 14.562055] [ 14.562467] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.562520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.562532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.562555] Call Trace: [ 14.562568] <TASK> [ 14.562586] dump_stack_lvl+0x73/0xb0 [ 14.562621] print_report+0xd1/0x650 [ 14.562644] ? __virt_addr_valid+0x1db/0x2d0 [ 14.562667] ? kasan_alloca_oob_right+0x329/0x390 [ 14.562690] ? kasan_addr_to_slab+0x11/0xa0 [ 14.562720] ? kasan_alloca_oob_right+0x329/0x390 [ 14.562743] kasan_report+0x141/0x180 [ 14.562765] ? kasan_alloca_oob_right+0x329/0x390 [ 14.562792] __asan_report_load1_noabort+0x18/0x20 [ 14.562817] kasan_alloca_oob_right+0x329/0x390 [ 14.562840] ? __kasan_check_write+0x18/0x20 [ 14.562859] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.562883] ? finish_task_switch.isra.0+0x153/0x700 [ 14.562907] ? preempt_schedule_common+0xbe/0x110 [ 14.562943] ? trace_hardirqs_on+0x37/0xe0 [ 14.563199] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.563227] ? __schedule+0x10cc/0x2b60 [ 14.563250] ? __pfx_read_tsc+0x10/0x10 [ 14.563271] ? ktime_get_ts64+0x86/0x230 [ 14.563296] kunit_try_run_case+0x1a5/0x480 [ 14.563323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.563346] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.563371] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.563395] ? __kthread_parkme+0x82/0x180 [ 14.563416] ? preempt_count_sub+0x50/0x80 [ 14.563439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.563464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.563489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.563514] kthread+0x337/0x6f0 [ 14.563533] ? trace_preempt_on+0x20/0xc0 [ 14.563555] ? __pfx_kthread+0x10/0x10 [ 14.563576] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.563598] ? calculate_sigpending+0x7b/0xa0 [ 14.563622] ? __pfx_kthread+0x10/0x10 [ 14.563643] ret_from_fork+0x116/0x1d0 [ 14.563661] ? __pfx_kthread+0x10/0x10 [ 14.563682] ret_from_fork_asm+0x1a/0x30 [ 14.563713] </TASK> [ 14.563724] [ 14.577794] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.578244] [ 14.578336] The buggy address belongs to the physical page: [ 14.578630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c27 [ 14.579052] flags: 0x200000000000000(node=0|zone=2) [ 14.579526] raw: 0200000000000000 0000000000000000 ffffea00040b09c8 0000000000000000 [ 14.579923] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.580517] page dumped because: kasan: bad access detected [ 14.580851] [ 14.580959] Memory state around the buggy address: [ 14.581220] ffff888102c27b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.581966] ffff888102c27b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.582340] >ffff888102c27c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.582635] ^ [ 14.583044] ffff888102c27c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.583330] ffff888102c27d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.583833] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.526187] ================================================================== [ 14.527355] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.528435] Read of size 1 at addr ffff88810a6bfc3f by task kunit_try_catch/268 [ 14.529075] [ 14.529409] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.529462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.529474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.529498] Call Trace: [ 14.529512] <TASK> [ 14.529532] dump_stack_lvl+0x73/0xb0 [ 14.529566] print_report+0xd1/0x650 [ 14.529591] ? __virt_addr_valid+0x1db/0x2d0 [ 14.529614] ? kasan_alloca_oob_left+0x320/0x380 [ 14.529637] ? kasan_addr_to_slab+0x11/0xa0 [ 14.529658] ? kasan_alloca_oob_left+0x320/0x380 [ 14.529681] kasan_report+0x141/0x180 [ 14.529704] ? kasan_alloca_oob_left+0x320/0x380 [ 14.529731] __asan_report_load1_noabort+0x18/0x20 [ 14.529756] kasan_alloca_oob_left+0x320/0x380 [ 14.529779] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.529801] ? irqentry_exit+0x2a/0x60 [ 14.529824] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.529850] ? trace_hardirqs_on+0x37/0xe0 [ 14.529876] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.529903] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.529942] kunit_try_run_case+0x1a5/0x480 [ 14.530093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.530117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.530187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.530213] ? __kthread_parkme+0x82/0x180 [ 14.530236] ? preempt_count_sub+0x50/0x80 [ 14.530261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.530297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.530322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.530349] kthread+0x337/0x6f0 [ 14.530368] ? trace_preempt_on+0x20/0xc0 [ 14.530391] ? __pfx_kthread+0x10/0x10 [ 14.530411] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.530433] ? calculate_sigpending+0x7b/0xa0 [ 14.530458] ? __pfx_kthread+0x10/0x10 [ 14.530479] ret_from_fork+0x116/0x1d0 [ 14.530499] ? __pfx_kthread+0x10/0x10 [ 14.530519] ret_from_fork_asm+0x1a/0x30 [ 14.530551] </TASK> [ 14.530563] [ 14.547692] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.548310] [ 14.548556] The buggy address belongs to the physical page: [ 14.549046] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a6bf [ 14.549336] flags: 0x200000000000000(node=0|zone=2) [ 14.549848] raw: 0200000000000000 ffffea000429afc8 ffffea000429afc8 0000000000000000 [ 14.550894] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.551752] page dumped because: kasan: bad access detected [ 14.552169] [ 14.552326] Memory state around the buggy address: [ 14.552864] ffff88810a6bfb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.553318] ffff88810a6bfb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.554061] >ffff88810a6bfc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.554800] ^ [ 14.554971] ffff88810a6bfc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.555179] ffff88810a6bfd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.555664] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.491729] ================================================================== [ 14.494059] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.495226] Read of size 1 at addr ffff88810a6cfd02 by task kunit_try_catch/266 [ 14.496012] [ 14.496162] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.496229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.496241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.496265] Call Trace: [ 14.496280] <TASK> [ 14.496302] dump_stack_lvl+0x73/0xb0 [ 14.496343] print_report+0xd1/0x650 [ 14.496368] ? __virt_addr_valid+0x1db/0x2d0 [ 14.496396] ? kasan_stack_oob+0x2b5/0x300 [ 14.496417] ? kasan_addr_to_slab+0x11/0xa0 [ 14.496439] ? kasan_stack_oob+0x2b5/0x300 [ 14.496460] kasan_report+0x141/0x180 [ 14.496483] ? kasan_stack_oob+0x2b5/0x300 [ 14.496509] __asan_report_load1_noabort+0x18/0x20 [ 14.496535] kasan_stack_oob+0x2b5/0x300 [ 14.496557] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.496578] ? finish_task_switch.isra.0+0x153/0x700 [ 14.496604] ? __switch_to+0x47/0xf50 [ 14.496633] ? __schedule+0x10cc/0x2b60 [ 14.496657] ? __pfx_read_tsc+0x10/0x10 [ 14.496682] ? ktime_get_ts64+0x86/0x230 [ 14.496711] kunit_try_run_case+0x1a5/0x480 [ 14.496743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.496768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.496794] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.496820] ? __kthread_parkme+0x82/0x180 [ 14.496844] ? preempt_count_sub+0x50/0x80 [ 14.496869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.496895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.496921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.497159] kthread+0x337/0x6f0 [ 14.497189] ? trace_preempt_on+0x20/0xc0 [ 14.497217] ? __pfx_kthread+0x10/0x10 [ 14.497240] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.497265] ? calculate_sigpending+0x7b/0xa0 [ 14.497338] ? __pfx_kthread+0x10/0x10 [ 14.497363] ret_from_fork+0x116/0x1d0 [ 14.497384] ? __pfx_kthread+0x10/0x10 [ 14.497406] ret_from_fork_asm+0x1a/0x30 [ 14.497440] </TASK> [ 14.497452] [ 14.515100] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.515679] and is located at offset 138 in frame: [ 14.516020] kasan_stack_oob+0x0/0x300 [ 14.516396] [ 14.516521] This frame has 4 objects: [ 14.516816] [48, 49) '__assertion' [ 14.516841] [64, 72) 'array' [ 14.517178] [96, 112) '__assertion' [ 14.517342] [128, 138) 'stack_array' [ 14.517549] [ 14.517812] The buggy address belongs to the physical page: [ 14.518204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a6cf [ 14.518484] flags: 0x200000000000000(node=0|zone=2) [ 14.518782] raw: 0200000000000000 ffffea000429b3c8 ffffea000429b3c8 0000000000000000 [ 14.519168] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.519585] page dumped because: kasan: bad access detected [ 14.519854] [ 14.519957] Memory state around the buggy address: [ 14.520511] ffff88810a6cfc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.520865] ffff88810a6cfc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.521311] >ffff88810a6cfd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.521617] ^ [ 14.521749] ffff88810a6cfd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.522115] ffff88810a6cfe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.522598] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.459449] ================================================================== [ 14.459885] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.460822] Read of size 1 at addr ffffffff94863e8d by task kunit_try_catch/262 [ 14.461366] [ 14.461839] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.461891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.461905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.461928] Call Trace: [ 14.461956] <TASK> [ 14.461975] dump_stack_lvl+0x73/0xb0 [ 14.462010] print_report+0xd1/0x650 [ 14.462033] ? __virt_addr_valid+0x1db/0x2d0 [ 14.462057] ? kasan_global_oob_right+0x286/0x2d0 [ 14.462079] ? kasan_addr_to_slab+0x11/0xa0 [ 14.462100] ? kasan_global_oob_right+0x286/0x2d0 [ 14.462121] kasan_report+0x141/0x180 [ 14.462143] ? kasan_global_oob_right+0x286/0x2d0 [ 14.462169] __asan_report_load1_noabort+0x18/0x20 [ 14.462194] kasan_global_oob_right+0x286/0x2d0 [ 14.462218] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.462243] ? __schedule+0x10cc/0x2b60 [ 14.462266] ? __pfx_read_tsc+0x10/0x10 [ 14.462288] ? ktime_get_ts64+0x86/0x230 [ 14.462312] kunit_try_run_case+0x1a5/0x480 [ 14.462338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.462360] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.462384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.462479] ? __kthread_parkme+0x82/0x180 [ 14.462502] ? preempt_count_sub+0x50/0x80 [ 14.462526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.462551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.462576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.462602] kthread+0x337/0x6f0 [ 14.462620] ? trace_preempt_on+0x20/0xc0 [ 14.462645] ? __pfx_kthread+0x10/0x10 [ 14.462666] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.462688] ? calculate_sigpending+0x7b/0xa0 [ 14.462720] ? __pfx_kthread+0x10/0x10 [ 14.462742] ret_from_fork+0x116/0x1d0 [ 14.462762] ? __pfx_kthread+0x10/0x10 [ 14.462783] ret_from_fork_asm+0x1a/0x30 [ 14.462815] </TASK> [ 14.462825] [ 14.473758] The buggy address belongs to the variable: [ 14.474012] global_array+0xd/0x40 [ 14.474166] [ 14.474259] The buggy address belongs to the physical page: [ 14.474578] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c63 [ 14.475082] flags: 0x200000000002000(reserved|node=0|zone=2) [ 14.475396] raw: 0200000000002000 ffffea00042718c8 ffffea00042718c8 0000000000000000 [ 14.475660] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.475967] page dumped because: kasan: bad access detected [ 14.476220] [ 14.476319] Memory state around the buggy address: [ 14.476513] ffffffff94863d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.476724] ffffffff94863e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.477006] >ffffffff94863e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.477324] ^ [ 14.477554] ffffffff94863f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.478190] ffffffff94863f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.478459] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.387214] ================================================================== [ 14.388291] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.389063] Free of addr ffff888102ab9801 by task kunit_try_catch/258 [ 14.389724] [ 14.389849] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.389894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.389906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.389926] Call Trace: [ 14.389949] <TASK> [ 14.389999] dump_stack_lvl+0x73/0xb0 [ 14.390031] print_report+0xd1/0x650 [ 14.390080] ? __virt_addr_valid+0x1db/0x2d0 [ 14.390105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.390128] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.390155] kasan_report_invalid_free+0x10a/0x130 [ 14.390182] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.390210] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.390237] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.390262] check_slab_allocation+0x11f/0x130 [ 14.390284] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.390309] mempool_free+0x2ec/0x380 [ 14.390336] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.390363] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.390392] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.390415] ? finish_task_switch.isra.0+0x153/0x700 [ 14.390441] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.390465] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.390494] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.390516] ? __pfx_mempool_kfree+0x10/0x10 [ 14.390541] ? __pfx_read_tsc+0x10/0x10 [ 14.390563] ? ktime_get_ts64+0x86/0x230 [ 14.390587] kunit_try_run_case+0x1a5/0x480 [ 14.390611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.390635] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.390659] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.390682] ? __kthread_parkme+0x82/0x180 [ 14.390703] ? preempt_count_sub+0x50/0x80 [ 14.390731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.390755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.390780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.390805] kthread+0x337/0x6f0 [ 14.390824] ? trace_preempt_on+0x20/0xc0 [ 14.390848] ? __pfx_kthread+0x10/0x10 [ 14.390868] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.390890] ? calculate_sigpending+0x7b/0xa0 [ 14.390914] ? __pfx_kthread+0x10/0x10 [ 14.390945] ret_from_fork+0x116/0x1d0 [ 14.390977] ? __pfx_kthread+0x10/0x10 [ 14.390998] ret_from_fork_asm+0x1a/0x30 [ 14.391029] </TASK> [ 14.391040] [ 14.405903] Allocated by task 258: [ 14.406254] kasan_save_stack+0x45/0x70 [ 14.406458] kasan_save_track+0x18/0x40 [ 14.406636] kasan_save_alloc_info+0x3b/0x50 [ 14.406838] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.407306] remove_element+0x11e/0x190 [ 14.407709] mempool_alloc_preallocated+0x4d/0x90 [ 14.408208] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.408756] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.409283] kunit_try_run_case+0x1a5/0x480 [ 14.409574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.409814] kthread+0x337/0x6f0 [ 14.410264] ret_from_fork+0x116/0x1d0 [ 14.410492] ret_from_fork_asm+0x1a/0x30 [ 14.410688] [ 14.410789] The buggy address belongs to the object at ffff888102ab9800 [ 14.410789] which belongs to the cache kmalloc-128 of size 128 [ 14.412145] The buggy address is located 1 bytes inside of [ 14.412145] 128-byte region [ffff888102ab9800, ffff888102ab9880) [ 14.413302] [ 14.413554] The buggy address belongs to the physical page: [ 14.414056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab9 [ 14.414554] flags: 0x200000000000000(node=0|zone=2) [ 14.414871] page_type: f5(slab) [ 14.415313] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.415692] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.416264] page dumped because: kasan: bad access detected [ 14.416742] [ 14.416828] Memory state around the buggy address: [ 14.417233] ffff888102ab9700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.417746] ffff888102ab9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.418219] >ffff888102ab9800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.418666] ^ [ 14.418822] ffff888102ab9880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.419593] ffff888102ab9900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.420089] ================================================================== [ 14.423757] ================================================================== [ 14.424264] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.424537] Free of addr ffff88810a62c001 by task kunit_try_catch/260 [ 14.424734] [ 14.424827] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.424875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.424888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.424910] Call Trace: [ 14.424922] <TASK> [ 14.424953] dump_stack_lvl+0x73/0xb0 [ 14.424987] print_report+0xd1/0x650 [ 14.425011] ? __virt_addr_valid+0x1db/0x2d0 [ 14.425038] ? kasan_addr_to_slab+0x11/0xa0 [ 14.425059] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.425087] kasan_report_invalid_free+0x10a/0x130 [ 14.425112] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.425141] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.425167] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.425192] mempool_free+0x2ec/0x380 [ 14.425220] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.425247] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.425277] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.425300] ? finish_task_switch.isra.0+0x153/0x700 [ 14.425327] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.425353] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.425382] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.425405] ? __pfx_mempool_kfree+0x10/0x10 [ 14.425429] ? __pfx_read_tsc+0x10/0x10 [ 14.425452] ? ktime_get_ts64+0x86/0x230 [ 14.425477] kunit_try_run_case+0x1a5/0x480 [ 14.425504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.425527] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.425552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.425576] ? __kthread_parkme+0x82/0x180 [ 14.425598] ? preempt_count_sub+0x50/0x80 [ 14.425622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.425646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.425671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.425696] kthread+0x337/0x6f0 [ 14.425715] ? trace_preempt_on+0x20/0xc0 [ 14.425739] ? __pfx_kthread+0x10/0x10 [ 14.425759] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.425781] ? calculate_sigpending+0x7b/0xa0 [ 14.425805] ? __pfx_kthread+0x10/0x10 [ 14.425827] ret_from_fork+0x116/0x1d0 [ 14.425845] ? __pfx_kthread+0x10/0x10 [ 14.425866] ret_from_fork_asm+0x1a/0x30 [ 14.425898] </TASK> [ 14.425909] [ 14.444363] The buggy address belongs to the physical page: [ 14.444815] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a62c [ 14.445534] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.446246] flags: 0x200000000000040(head|node=0|zone=2) [ 14.446525] page_type: f8(unknown) [ 14.446701] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.447350] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.447912] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.448787] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.449544] head: 0200000000000002 ffffea0004298b01 00000000ffffffff 00000000ffffffff [ 14.449879] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.450826] page dumped because: kasan: bad access detected [ 14.451515] [ 14.451766] Memory state around the buggy address: [ 14.452276] ffff88810a62bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.452578] ffff88810a62bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.452871] >ffff88810a62c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.453511] ^ [ 14.453674] ffff88810a62c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.454249] ffff88810a62c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.454574] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.354530] ================================================================== [ 14.355435] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.356232] Free of addr ffff88810a5ec000 by task kunit_try_catch/256 [ 14.356669] [ 14.356901] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.357061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.357077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.357100] Call Trace: [ 14.357126] <TASK> [ 14.357146] dump_stack_lvl+0x73/0xb0 [ 14.357183] print_report+0xd1/0x650 [ 14.357207] ? __virt_addr_valid+0x1db/0x2d0 [ 14.357233] ? kasan_addr_to_slab+0x11/0xa0 [ 14.357253] ? mempool_double_free_helper+0x184/0x370 [ 14.357289] kasan_report_invalid_free+0x10a/0x130 [ 14.357313] ? mempool_double_free_helper+0x184/0x370 [ 14.357340] ? mempool_double_free_helper+0x184/0x370 [ 14.357364] __kasan_mempool_poison_pages+0x115/0x130 [ 14.357389] mempool_free+0x290/0x380 [ 14.357417] mempool_double_free_helper+0x184/0x370 [ 14.357442] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.357469] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.357493] ? finish_task_switch.isra.0+0x153/0x700 [ 14.357520] mempool_page_alloc_double_free+0xe8/0x140 [ 14.357547] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.357577] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.357600] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.357627] ? __pfx_read_tsc+0x10/0x10 [ 14.357650] ? ktime_get_ts64+0x86/0x230 [ 14.357675] kunit_try_run_case+0x1a5/0x480 [ 14.357702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.357726] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.357751] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.357775] ? __kthread_parkme+0x82/0x180 [ 14.357797] ? preempt_count_sub+0x50/0x80 [ 14.357820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.357844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.357869] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.357895] kthread+0x337/0x6f0 [ 14.357913] ? trace_preempt_on+0x20/0xc0 [ 14.358001] ? __pfx_kthread+0x10/0x10 [ 14.358025] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.358047] ? calculate_sigpending+0x7b/0xa0 [ 14.358071] ? __pfx_kthread+0x10/0x10 [ 14.358093] ret_from_fork+0x116/0x1d0 [ 14.358112] ? __pfx_kthread+0x10/0x10 [ 14.358132] ret_from_fork_asm+0x1a/0x30 [ 14.358164] </TASK> [ 14.358175] [ 14.374049] The buggy address belongs to the physical page: [ 14.374671] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a5ec [ 14.375729] flags: 0x200000000000000(node=0|zone=2) [ 14.375925] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.376176] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.376993] page dumped because: kasan: bad access detected [ 14.377642] [ 14.377853] Memory state around the buggy address: [ 14.378452] ffff88810a5ebf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.379252] ffff88810a5ebf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.379650] >ffff88810a5ec000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.379866] ^ [ 14.380307] ffff88810a5ec080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.380977] ffff88810a5ec100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.381693] ================================================================== [ 14.329649] ================================================================== [ 14.330196] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.330517] Free of addr ffff88810a62c000 by task kunit_try_catch/254 [ 14.330777] [ 14.330893] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.330951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.330963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.330985] Call Trace: [ 14.330997] <TASK> [ 14.331016] dump_stack_lvl+0x73/0xb0 [ 14.331048] print_report+0xd1/0x650 [ 14.331071] ? __virt_addr_valid+0x1db/0x2d0 [ 14.331096] ? kasan_addr_to_slab+0x11/0xa0 [ 14.331116] ? mempool_double_free_helper+0x184/0x370 [ 14.331142] kasan_report_invalid_free+0x10a/0x130 [ 14.331167] ? mempool_double_free_helper+0x184/0x370 [ 14.331194] ? mempool_double_free_helper+0x184/0x370 [ 14.331219] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.331244] mempool_free+0x2ec/0x380 [ 14.331526] mempool_double_free_helper+0x184/0x370 [ 14.331559] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.331585] ? update_load_avg+0x1be/0x21b0 [ 14.331610] ? native_smp_send_reschedule+0x43/0x70 [ 14.331638] ? finish_task_switch.isra.0+0x153/0x700 [ 14.331664] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.331691] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.331721] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.331746] ? __pfx_mempool_kfree+0x10/0x10 [ 14.331772] ? __pfx_read_tsc+0x10/0x10 [ 14.331794] ? ktime_get_ts64+0x86/0x230 [ 14.331819] kunit_try_run_case+0x1a5/0x480 [ 14.331845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.331869] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.331895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.331919] ? __kthread_parkme+0x82/0x180 [ 14.332039] ? preempt_count_sub+0x50/0x80 [ 14.332065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.332092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.332118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.332142] kthread+0x337/0x6f0 [ 14.332162] ? trace_preempt_on+0x20/0xc0 [ 14.332187] ? __pfx_kthread+0x10/0x10 [ 14.332207] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.332232] ? calculate_sigpending+0x7b/0xa0 [ 14.332257] ? __pfx_kthread+0x10/0x10 [ 14.332292] ret_from_fork+0x116/0x1d0 [ 14.332311] ? __pfx_kthread+0x10/0x10 [ 14.332332] ret_from_fork_asm+0x1a/0x30 [ 14.332363] </TASK> [ 14.332374] [ 14.342987] The buggy address belongs to the physical page: [ 14.343528] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a62c [ 14.343872] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.344334] flags: 0x200000000000040(head|node=0|zone=2) [ 14.344636] page_type: f8(unknown) [ 14.344919] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.345555] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.345944] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.346281] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.346831] head: 0200000000000002 ffffea0004298b01 00000000ffffffff 00000000ffffffff [ 14.347339] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.347748] page dumped because: kasan: bad access detected [ 14.348129] [ 14.348212] Memory state around the buggy address: [ 14.348477] ffff88810a62bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.348769] ffff88810a62bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.349435] >ffff88810a62c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.349734] ^ [ 14.349890] ffff88810a62c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.350422] ffff88810a62c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.350721] ================================================================== [ 14.302143] ================================================================== [ 14.302727] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.303024] Free of addr ffff8881026ad400 by task kunit_try_catch/252 [ 14.303351] [ 14.303470] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.303514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.303526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.303548] Call Trace: [ 14.303560] <TASK> [ 14.303578] dump_stack_lvl+0x73/0xb0 [ 14.303609] print_report+0xd1/0x650 [ 14.303634] ? __virt_addr_valid+0x1db/0x2d0 [ 14.303658] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.303684] ? mempool_double_free_helper+0x184/0x370 [ 14.303722] kasan_report_invalid_free+0x10a/0x130 [ 14.303759] ? mempool_double_free_helper+0x184/0x370 [ 14.303787] ? mempool_double_free_helper+0x184/0x370 [ 14.303811] ? mempool_double_free_helper+0x184/0x370 [ 14.303834] check_slab_allocation+0x101/0x130 [ 14.303856] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.303882] mempool_free+0x2ec/0x380 [ 14.303909] mempool_double_free_helper+0x184/0x370 [ 14.303945] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.303982] ? kasan_save_track+0x18/0x40 [ 14.304001] ? kasan_save_alloc_info+0x3b/0x50 [ 14.304025] ? kasan_save_stack+0x45/0x70 [ 14.304049] mempool_kmalloc_double_free+0xed/0x140 [ 14.304074] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.304101] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.304125] ? __pfx_mempool_kfree+0x10/0x10 [ 14.304150] ? __pfx_read_tsc+0x10/0x10 [ 14.304172] ? ktime_get_ts64+0x86/0x230 [ 14.304197] kunit_try_run_case+0x1a5/0x480 [ 14.304223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.304246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.304271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.304294] ? __kthread_parkme+0x82/0x180 [ 14.304316] ? preempt_count_sub+0x50/0x80 [ 14.304341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.304373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.304407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.304441] kthread+0x337/0x6f0 [ 14.304460] ? trace_preempt_on+0x20/0xc0 [ 14.304484] ? __pfx_kthread+0x10/0x10 [ 14.304505] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.304527] ? calculate_sigpending+0x7b/0xa0 [ 14.304552] ? __pfx_kthread+0x10/0x10 [ 14.304573] ret_from_fork+0x116/0x1d0 [ 14.304592] ? __pfx_kthread+0x10/0x10 [ 14.304612] ret_from_fork_asm+0x1a/0x30 [ 14.304644] </TASK> [ 14.304655] [ 14.314059] Allocated by task 252: [ 14.314259] kasan_save_stack+0x45/0x70 [ 14.314458] kasan_save_track+0x18/0x40 [ 14.314622] kasan_save_alloc_info+0x3b/0x50 [ 14.314820] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.315213] remove_element+0x11e/0x190 [ 14.315434] mempool_alloc_preallocated+0x4d/0x90 [ 14.315620] mempool_double_free_helper+0x8a/0x370 [ 14.315852] mempool_kmalloc_double_free+0xed/0x140 [ 14.316203] kunit_try_run_case+0x1a5/0x480 [ 14.316394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.316589] kthread+0x337/0x6f0 [ 14.316772] ret_from_fork+0x116/0x1d0 [ 14.317023] ret_from_fork_asm+0x1a/0x30 [ 14.317224] [ 14.317341] Freed by task 252: [ 14.317471] kasan_save_stack+0x45/0x70 [ 14.317618] kasan_save_track+0x18/0x40 [ 14.317812] kasan_save_free_info+0x3f/0x60 [ 14.318206] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.318391] mempool_free+0x2ec/0x380 [ 14.318531] mempool_double_free_helper+0x109/0x370 [ 14.318697] mempool_kmalloc_double_free+0xed/0x140 [ 14.318866] kunit_try_run_case+0x1a5/0x480 [ 14.319068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.319321] kthread+0x337/0x6f0 [ 14.319586] ret_from_fork+0x116/0x1d0 [ 14.320072] ret_from_fork_asm+0x1a/0x30 [ 14.320282] [ 14.320377] The buggy address belongs to the object at ffff8881026ad400 [ 14.320377] which belongs to the cache kmalloc-128 of size 128 [ 14.320850] The buggy address is located 0 bytes inside of [ 14.320850] 128-byte region [ffff8881026ad400, ffff8881026ad480) [ 14.321522] [ 14.321624] The buggy address belongs to the physical page: [ 14.321817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ad [ 14.322147] flags: 0x200000000000000(node=0|zone=2) [ 14.322576] page_type: f5(slab) [ 14.322749] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.323369] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.323674] page dumped because: kasan: bad access detected [ 14.323854] [ 14.323924] Memory state around the buggy address: [ 14.324094] ffff8881026ad300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.324349] ffff8881026ad380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.324664] >ffff8881026ad400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.324993] ^ [ 14.325155] ffff8881026ad480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.325463] ffff8881026ad500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.325672] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.280617] ================================================================== [ 14.281073] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.281392] Read of size 1 at addr ffff88810a62c000 by task kunit_try_catch/250 [ 14.282213] [ 14.283080] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.283134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.283147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.283170] Call Trace: [ 14.283183] <TASK> [ 14.283203] dump_stack_lvl+0x73/0xb0 [ 14.283240] print_report+0xd1/0x650 [ 14.283278] ? __virt_addr_valid+0x1db/0x2d0 [ 14.283304] ? mempool_uaf_helper+0x392/0x400 [ 14.283327] ? kasan_addr_to_slab+0x11/0xa0 [ 14.283349] ? mempool_uaf_helper+0x392/0x400 [ 14.283371] kasan_report+0x141/0x180 [ 14.283393] ? mempool_uaf_helper+0x392/0x400 [ 14.283420] __asan_report_load1_noabort+0x18/0x20 [ 14.283446] mempool_uaf_helper+0x392/0x400 [ 14.283469] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.283493] ? __kasan_check_write+0x18/0x20 [ 14.283513] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.283538] ? finish_task_switch.isra.0+0x153/0x700 [ 14.283566] mempool_page_alloc_uaf+0xed/0x140 [ 14.283590] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.283617] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.283644] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.283671] ? __pfx_read_tsc+0x10/0x10 [ 14.283693] ? ktime_get_ts64+0x86/0x230 [ 14.283719] kunit_try_run_case+0x1a5/0x480 [ 14.283746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.283769] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.283795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.283819] ? __kthread_parkme+0x82/0x180 [ 14.283841] ? preempt_count_sub+0x50/0x80 [ 14.283864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.283889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.283915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.283954] kthread+0x337/0x6f0 [ 14.283974] ? trace_preempt_on+0x20/0xc0 [ 14.283999] ? __pfx_kthread+0x10/0x10 [ 14.284021] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.284042] ? calculate_sigpending+0x7b/0xa0 [ 14.284067] ? __pfx_kthread+0x10/0x10 [ 14.284089] ret_from_fork+0x116/0x1d0 [ 14.284107] ? __pfx_kthread+0x10/0x10 [ 14.284127] ret_from_fork_asm+0x1a/0x30 [ 14.284159] </TASK> [ 14.284171] [ 14.292795] The buggy address belongs to the physical page: [ 14.293083] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a62c [ 14.293598] flags: 0x200000000000000(node=0|zone=2) [ 14.293839] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.294150] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.294429] page dumped because: kasan: bad access detected [ 14.294600] [ 14.294667] Memory state around the buggy address: [ 14.294826] ffff88810a62bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.295129] ffff88810a62bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.295818] >ffff88810a62c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.296500] ^ [ 14.296633] ffff88810a62c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.296989] ffff88810a62c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.297276] ================================================================== [ 14.217484] ================================================================== [ 14.218314] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.218562] Read of size 1 at addr ffff88810a5ec000 by task kunit_try_catch/246 [ 14.218796] [ 14.218888] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.218949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.218961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.218984] Call Trace: [ 14.218997] <TASK> [ 14.219016] dump_stack_lvl+0x73/0xb0 [ 14.219048] print_report+0xd1/0x650 [ 14.219071] ? __virt_addr_valid+0x1db/0x2d0 [ 14.219095] ? mempool_uaf_helper+0x392/0x400 [ 14.219118] ? kasan_addr_to_slab+0x11/0xa0 [ 14.219139] ? mempool_uaf_helper+0x392/0x400 [ 14.219162] kasan_report+0x141/0x180 [ 14.219183] ? mempool_uaf_helper+0x392/0x400 [ 14.219211] __asan_report_load1_noabort+0x18/0x20 [ 14.219237] mempool_uaf_helper+0x392/0x400 [ 14.219261] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.219287] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.219310] ? finish_task_switch.isra.0+0x153/0x700 [ 14.219337] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.219362] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.219388] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.219413] ? __pfx_mempool_kfree+0x10/0x10 [ 14.219438] ? __pfx_read_tsc+0x10/0x10 [ 14.219459] ? ktime_get_ts64+0x86/0x230 [ 14.219483] kunit_try_run_case+0x1a5/0x480 [ 14.219509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.219532] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.219557] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.219581] ? __kthread_parkme+0x82/0x180 [ 14.219624] ? preempt_count_sub+0x50/0x80 [ 14.219647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.219672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.219696] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.219722] kthread+0x337/0x6f0 [ 14.219741] ? trace_preempt_on+0x20/0xc0 [ 14.219766] ? __pfx_kthread+0x10/0x10 [ 14.219787] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.219809] ? calculate_sigpending+0x7b/0xa0 [ 14.219835] ? __pfx_kthread+0x10/0x10 [ 14.219857] ret_from_fork+0x116/0x1d0 [ 14.219876] ? __pfx_kthread+0x10/0x10 [ 14.219896] ret_from_fork_asm+0x1a/0x30 [ 14.219937] </TASK> [ 14.219949] [ 14.229684] The buggy address belongs to the physical page: [ 14.229981] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a5ec [ 14.230259] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.230477] flags: 0x200000000000040(head|node=0|zone=2) [ 14.230654] page_type: f8(unknown) [ 14.230787] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.231066] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.231293] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.232573] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.233088] head: 0200000000000002 ffffea0004297b01 00000000ffffffff 00000000ffffffff [ 14.233344] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.233921] page dumped because: kasan: bad access detected [ 14.234421] [ 14.234511] Memory state around the buggy address: [ 14.234678] ffff88810a5ebf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.234903] ffff88810a5ebf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.235313] >ffff88810a5ec000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.235639] ^ [ 14.236011] ffff88810a5ec080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.236283] ffff88810a5ec100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.236683] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.242873] ================================================================== [ 14.243382] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.243721] Read of size 1 at addr ffff888102abe240 by task kunit_try_catch/248 [ 14.244030] [ 14.244401] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.244451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.244463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.244485] Call Trace: [ 14.244496] <TASK> [ 14.244515] dump_stack_lvl+0x73/0xb0 [ 14.244547] print_report+0xd1/0x650 [ 14.244571] ? __virt_addr_valid+0x1db/0x2d0 [ 14.244595] ? mempool_uaf_helper+0x392/0x400 [ 14.244617] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.244641] ? mempool_uaf_helper+0x392/0x400 [ 14.244663] kasan_report+0x141/0x180 [ 14.244685] ? mempool_uaf_helper+0x392/0x400 [ 14.244711] __asan_report_load1_noabort+0x18/0x20 [ 14.244736] mempool_uaf_helper+0x392/0x400 [ 14.244759] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.244789] mempool_slab_uaf+0xea/0x140 [ 14.244812] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.244835] ? schedule+0x7c/0x2e0 [ 14.244857] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.244882] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.244909] ? __pfx_read_tsc+0x10/0x10 [ 14.244946] ? ktime_get_ts64+0x86/0x230 [ 14.244991] kunit_try_run_case+0x1a5/0x480 [ 14.245017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.245041] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.245068] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.245093] ? __kthread_parkme+0x82/0x180 [ 14.245116] ? preempt_count_sub+0x50/0x80 [ 14.245140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.245164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.245189] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.245214] kthread+0x337/0x6f0 [ 14.245234] ? trace_preempt_on+0x20/0xc0 [ 14.245258] ? __pfx_kthread+0x10/0x10 [ 14.245279] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.245301] ? calculate_sigpending+0x7b/0xa0 [ 14.245325] ? __pfx_kthread+0x10/0x10 [ 14.245346] ret_from_fork+0x116/0x1d0 [ 14.245382] ? __pfx_kthread+0x10/0x10 [ 14.245403] ret_from_fork_asm+0x1a/0x30 [ 14.245434] </TASK> [ 14.245445] [ 14.260918] Allocated by task 248: [ 14.261098] kasan_save_stack+0x45/0x70 [ 14.261256] kasan_save_track+0x18/0x40 [ 14.261454] kasan_save_alloc_info+0x3b/0x50 [ 14.261659] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.261834] remove_element+0x11e/0x190 [ 14.262015] mempool_alloc_preallocated+0x4d/0x90 [ 14.262250] mempool_uaf_helper+0x96/0x400 [ 14.262604] mempool_slab_uaf+0xea/0x140 [ 14.262810] kunit_try_run_case+0x1a5/0x480 [ 14.263012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.263189] kthread+0x337/0x6f0 [ 14.263343] ret_from_fork+0x116/0x1d0 [ 14.263531] ret_from_fork_asm+0x1a/0x30 [ 14.263742] [ 14.263835] Freed by task 248: [ 14.264001] kasan_save_stack+0x45/0x70 [ 14.264149] kasan_save_track+0x18/0x40 [ 14.264414] kasan_save_free_info+0x3f/0x60 [ 14.264571] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.264741] mempool_free+0x2ec/0x380 [ 14.264919] mempool_uaf_helper+0x11a/0x400 [ 14.265130] mempool_slab_uaf+0xea/0x140 [ 14.265322] kunit_try_run_case+0x1a5/0x480 [ 14.265532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.265762] kthread+0x337/0x6f0 [ 14.265878] ret_from_fork+0x116/0x1d0 [ 14.266035] ret_from_fork_asm+0x1a/0x30 [ 14.266233] [ 14.266327] The buggy address belongs to the object at ffff888102abe240 [ 14.266327] which belongs to the cache test_cache of size 123 [ 14.267272] The buggy address is located 0 bytes inside of [ 14.267272] freed 123-byte region [ffff888102abe240, ffff888102abe2bb) [ 14.267794] [ 14.267905] The buggy address belongs to the physical page: [ 14.268213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102abe [ 14.268567] flags: 0x200000000000000(node=0|zone=2) [ 14.268768] page_type: f5(slab) [ 14.268951] raw: 0200000000000000 ffff888100929c80 dead000000000122 0000000000000000 [ 14.269252] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.269470] page dumped because: kasan: bad access detected [ 14.269709] [ 14.269802] Memory state around the buggy address: [ 14.270041] ffff888102abe100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.270296] ffff888102abe180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.270498] >ffff888102abe200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.271276] ^ [ 14.271537] ffff888102abe280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.271755] ffff888102abe300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.271992] ================================================================== [ 14.183840] ================================================================== [ 14.184940] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.185811] Read of size 1 at addr ffff888102ab9400 by task kunit_try_catch/244 [ 14.186680] [ 14.186791] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.186839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.186852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.186875] Call Trace: [ 14.186889] <TASK> [ 14.186909] dump_stack_lvl+0x73/0xb0 [ 14.186954] print_report+0xd1/0x650 [ 14.186977] ? __virt_addr_valid+0x1db/0x2d0 [ 14.187002] ? mempool_uaf_helper+0x392/0x400 [ 14.187051] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.187076] ? mempool_uaf_helper+0x392/0x400 [ 14.187234] kasan_report+0x141/0x180 [ 14.187437] ? mempool_uaf_helper+0x392/0x400 [ 14.187466] __asan_report_load1_noabort+0x18/0x20 [ 14.187493] mempool_uaf_helper+0x392/0x400 [ 14.187516] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.187541] ? __kasan_check_write+0x18/0x20 [ 14.187561] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.187587] ? finish_task_switch.isra.0+0x153/0x700 [ 14.187614] mempool_kmalloc_uaf+0xef/0x140 [ 14.187637] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.187663] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.187688] ? __pfx_mempool_kfree+0x10/0x10 [ 14.187712] ? __pfx_read_tsc+0x10/0x10 [ 14.187735] ? ktime_get_ts64+0x86/0x230 [ 14.187760] kunit_try_run_case+0x1a5/0x480 [ 14.187785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.187808] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.187833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.187857] ? __kthread_parkme+0x82/0x180 [ 14.187878] ? preempt_count_sub+0x50/0x80 [ 14.187901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.187925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.187999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.188025] kthread+0x337/0x6f0 [ 14.188044] ? trace_preempt_on+0x20/0xc0 [ 14.188068] ? __pfx_kthread+0x10/0x10 [ 14.188088] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.188110] ? calculate_sigpending+0x7b/0xa0 [ 14.188135] ? __pfx_kthread+0x10/0x10 [ 14.188156] ret_from_fork+0x116/0x1d0 [ 14.188174] ? __pfx_kthread+0x10/0x10 [ 14.188195] ret_from_fork_asm+0x1a/0x30 [ 14.188225] </TASK> [ 14.188238] [ 14.199527] Allocated by task 244: [ 14.199730] kasan_save_stack+0x45/0x70 [ 14.199898] kasan_save_track+0x18/0x40 [ 14.200048] kasan_save_alloc_info+0x3b/0x50 [ 14.200198] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.200446] remove_element+0x11e/0x190 [ 14.200698] mempool_alloc_preallocated+0x4d/0x90 [ 14.200926] mempool_uaf_helper+0x96/0x400 [ 14.201141] mempool_kmalloc_uaf+0xef/0x140 [ 14.201437] kunit_try_run_case+0x1a5/0x480 [ 14.201646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.201844] kthread+0x337/0x6f0 [ 14.202081] ret_from_fork+0x116/0x1d0 [ 14.202289] ret_from_fork_asm+0x1a/0x30 [ 14.202508] [ 14.202600] Freed by task 244: [ 14.202763] kasan_save_stack+0x45/0x70 [ 14.202927] kasan_save_track+0x18/0x40 [ 14.203207] kasan_save_free_info+0x3f/0x60 [ 14.203394] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.203564] mempool_free+0x2ec/0x380 [ 14.203695] mempool_uaf_helper+0x11a/0x400 [ 14.203898] mempool_kmalloc_uaf+0xef/0x140 [ 14.204135] kunit_try_run_case+0x1a5/0x480 [ 14.204546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.204780] kthread+0x337/0x6f0 [ 14.204901] ret_from_fork+0x116/0x1d0 [ 14.205310] ret_from_fork_asm+0x1a/0x30 [ 14.205494] [ 14.205565] The buggy address belongs to the object at ffff888102ab9400 [ 14.205565] which belongs to the cache kmalloc-128 of size 128 [ 14.206209] The buggy address is located 0 bytes inside of [ 14.206209] freed 128-byte region [ffff888102ab9400, ffff888102ab9480) [ 14.206873] [ 14.206960] The buggy address belongs to the physical page: [ 14.207132] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab9 [ 14.207462] flags: 0x200000000000000(node=0|zone=2) [ 14.207733] page_type: f5(slab) [ 14.207908] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.208270] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.208726] page dumped because: kasan: bad access detected [ 14.209032] [ 14.209108] Memory state around the buggy address: [ 14.209265] ffff888102ab9300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.209586] ffff888102ab9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.210083] >ffff888102ab9400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.210313] ^ [ 14.210432] ffff888102ab9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.210756] ffff888102ab9500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.211220] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.130169] ================================================================== [ 14.130777] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.131150] Read of size 1 at addr ffff88810a626001 by task kunit_try_catch/240 [ 14.131694] [ 14.131827] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.131875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.131888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.131910] Call Trace: [ 14.131922] <TASK> [ 14.131954] dump_stack_lvl+0x73/0xb0 [ 14.131992] print_report+0xd1/0x650 [ 14.132016] ? __virt_addr_valid+0x1db/0x2d0 [ 14.132042] ? mempool_oob_right_helper+0x318/0x380 [ 14.132066] ? kasan_addr_to_slab+0x11/0xa0 [ 14.132087] ? mempool_oob_right_helper+0x318/0x380 [ 14.132111] kasan_report+0x141/0x180 [ 14.132133] ? mempool_oob_right_helper+0x318/0x380 [ 14.132161] __asan_report_load1_noabort+0x18/0x20 [ 14.132186] mempool_oob_right_helper+0x318/0x380 [ 14.132211] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.132238] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.132439] ? finish_task_switch.isra.0+0x153/0x700 [ 14.132478] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 14.132506] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.132535] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.132560] ? __pfx_mempool_kfree+0x10/0x10 [ 14.132585] ? __pfx_read_tsc+0x10/0x10 [ 14.132607] ? ktime_get_ts64+0x86/0x230 [ 14.132632] kunit_try_run_case+0x1a5/0x480 [ 14.132659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.132682] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.132708] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.132731] ? __kthread_parkme+0x82/0x180 [ 14.132753] ? preempt_count_sub+0x50/0x80 [ 14.132776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.132801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.132825] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.132850] kthread+0x337/0x6f0 [ 14.132869] ? trace_preempt_on+0x20/0xc0 [ 14.132893] ? __pfx_kthread+0x10/0x10 [ 14.132914] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.132950] ? calculate_sigpending+0x7b/0xa0 [ 14.132989] ? __pfx_kthread+0x10/0x10 [ 14.133011] ret_from_fork+0x116/0x1d0 [ 14.133030] ? __pfx_kthread+0x10/0x10 [ 14.133049] ret_from_fork_asm+0x1a/0x30 [ 14.133081] </TASK> [ 14.133092] [ 14.143681] The buggy address belongs to the physical page: [ 14.143905] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a624 [ 14.144285] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.144501] flags: 0x200000000000040(head|node=0|zone=2) [ 14.144943] page_type: f8(unknown) [ 14.145332] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.145704] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.146244] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.146541] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.146856] head: 0200000000000002 ffffea0004298901 00000000ffffffff 00000000ffffffff [ 14.147266] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.147567] page dumped because: kasan: bad access detected [ 14.147820] [ 14.147942] Memory state around the buggy address: [ 14.148180] ffff88810a625f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.148560] ffff88810a625f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.148875] >ffff88810a626000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.149328] ^ [ 14.149451] ffff88810a626080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.149801] ffff88810a626100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.150127] ================================================================== [ 14.157827] ================================================================== [ 14.158461] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.158813] Read of size 1 at addr ffff8881026be2bb by task kunit_try_catch/242 [ 14.159149] [ 14.159268] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.159313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.159325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.159347] Call Trace: [ 14.159359] <TASK> [ 14.159380] dump_stack_lvl+0x73/0xb0 [ 14.159413] print_report+0xd1/0x650 [ 14.159437] ? __virt_addr_valid+0x1db/0x2d0 [ 14.159467] ? mempool_oob_right_helper+0x318/0x380 [ 14.159492] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.159535] ? mempool_oob_right_helper+0x318/0x380 [ 14.159560] kasan_report+0x141/0x180 [ 14.159581] ? mempool_oob_right_helper+0x318/0x380 [ 14.159610] __asan_report_load1_noabort+0x18/0x20 [ 14.159635] mempool_oob_right_helper+0x318/0x380 [ 14.159660] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.159688] ? finish_task_switch.isra.0+0x153/0x700 [ 14.159718] mempool_slab_oob_right+0xed/0x140 [ 14.159743] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.159770] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.159797] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.159823] ? __pfx_read_tsc+0x10/0x10 [ 14.159867] ? ktime_get_ts64+0x86/0x230 [ 14.159892] kunit_try_run_case+0x1a5/0x480 [ 14.159920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.159952] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.159978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.160002] ? __kthread_parkme+0x82/0x180 [ 14.160024] ? preempt_count_sub+0x50/0x80 [ 14.160048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.160073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.160097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.160122] kthread+0x337/0x6f0 [ 14.160141] ? trace_preempt_on+0x20/0xc0 [ 14.160165] ? __pfx_kthread+0x10/0x10 [ 14.160186] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.160207] ? calculate_sigpending+0x7b/0xa0 [ 14.160232] ? __pfx_kthread+0x10/0x10 [ 14.160253] ret_from_fork+0x116/0x1d0 [ 14.160286] ? __pfx_kthread+0x10/0x10 [ 14.160307] ret_from_fork_asm+0x1a/0x30 [ 14.160339] </TASK> [ 14.160350] [ 14.167665] Allocated by task 242: [ 14.167837] kasan_save_stack+0x45/0x70 [ 14.168041] kasan_save_track+0x18/0x40 [ 14.168212] kasan_save_alloc_info+0x3b/0x50 [ 14.168481] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.168699] remove_element+0x11e/0x190 [ 14.168886] mempool_alloc_preallocated+0x4d/0x90 [ 14.169116] mempool_oob_right_helper+0x8a/0x380 [ 14.169344] mempool_slab_oob_right+0xed/0x140 [ 14.169551] kunit_try_run_case+0x1a5/0x480 [ 14.169739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.169965] kthread+0x337/0x6f0 [ 14.170127] ret_from_fork+0x116/0x1d0 [ 14.170271] ret_from_fork_asm+0x1a/0x30 [ 14.170577] [ 14.170646] The buggy address belongs to the object at ffff8881026be240 [ 14.170646] which belongs to the cache test_cache of size 123 [ 14.171145] The buggy address is located 0 bytes to the right of [ 14.171145] allocated 123-byte region [ffff8881026be240, ffff8881026be2bb) [ 14.171495] [ 14.171565] The buggy address belongs to the physical page: [ 14.171730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026be [ 14.172102] flags: 0x200000000000000(node=0|zone=2) [ 14.172416] page_type: f5(slab) [ 14.172584] raw: 0200000000000000 ffff8881026b4500 dead000000000122 0000000000000000 [ 14.172919] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.173248] page dumped because: kasan: bad access detected [ 14.173489] [ 14.173579] Memory state around the buggy address: [ 14.173740] ffff8881026be180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.173956] ffff8881026be200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.174161] >ffff8881026be280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.174656] ^ [ 14.174901] ffff8881026be300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.175163] ffff8881026be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.175645] ================================================================== [ 14.097270] ================================================================== [ 14.097702] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.098179] Read of size 1 at addr ffff888102ab9073 by task kunit_try_catch/238 [ 14.098411] [ 14.098506] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.098555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.098566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.098588] Call Trace: [ 14.098601] <TASK> [ 14.098621] dump_stack_lvl+0x73/0xb0 [ 14.098655] print_report+0xd1/0x650 [ 14.098679] ? __virt_addr_valid+0x1db/0x2d0 [ 14.098711] ? mempool_oob_right_helper+0x318/0x380 [ 14.098735] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.098759] ? mempool_oob_right_helper+0x318/0x380 [ 14.098782] kasan_report+0x141/0x180 [ 14.098804] ? mempool_oob_right_helper+0x318/0x380 [ 14.098832] __asan_report_load1_noabort+0x18/0x20 [ 14.098857] mempool_oob_right_helper+0x318/0x380 [ 14.098882] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.098908] ? __kasan_check_write+0x18/0x20 [ 14.098937] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.098961] ? finish_task_switch.isra.0+0x153/0x700 [ 14.098989] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.099013] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 14.099039] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.099066] ? __pfx_mempool_kfree+0x10/0x10 [ 14.099090] ? __pfx_read_tsc+0x10/0x10 [ 14.099113] ? ktime_get_ts64+0x86/0x230 [ 14.099605] kunit_try_run_case+0x1a5/0x480 [ 14.099644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.099668] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.099694] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.099718] ? __kthread_parkme+0x82/0x180 [ 14.099740] ? preempt_count_sub+0x50/0x80 [ 14.099764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.099789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.099814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.099840] kthread+0x337/0x6f0 [ 14.099859] ? trace_preempt_on+0x20/0xc0 [ 14.099883] ? __pfx_kthread+0x10/0x10 [ 14.099903] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.099924] ? calculate_sigpending+0x7b/0xa0 [ 14.099960] ? __pfx_kthread+0x10/0x10 [ 14.099982] ret_from_fork+0x116/0x1d0 [ 14.100001] ? __pfx_kthread+0x10/0x10 [ 14.100021] ret_from_fork_asm+0x1a/0x30 [ 14.100053] </TASK> [ 14.100065] [ 14.112742] Allocated by task 238: [ 14.113102] kasan_save_stack+0x45/0x70 [ 14.113287] kasan_save_track+0x18/0x40 [ 14.113472] kasan_save_alloc_info+0x3b/0x50 [ 14.113676] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.113901] remove_element+0x11e/0x190 [ 14.114570] mempool_alloc_preallocated+0x4d/0x90 [ 14.114782] mempool_oob_right_helper+0x8a/0x380 [ 14.115359] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.115581] kunit_try_run_case+0x1a5/0x480 [ 14.116013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.116411] kthread+0x337/0x6f0 [ 14.116659] ret_from_fork+0x116/0x1d0 [ 14.116879] ret_from_fork_asm+0x1a/0x30 [ 14.117222] [ 14.117326] The buggy address belongs to the object at ffff888102ab9000 [ 14.117326] which belongs to the cache kmalloc-128 of size 128 [ 14.118110] The buggy address is located 0 bytes to the right of [ 14.118110] allocated 115-byte region [ffff888102ab9000, ffff888102ab9073) [ 14.118938] [ 14.119318] The buggy address belongs to the physical page: [ 14.119548] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab9 [ 14.119885] flags: 0x200000000000000(node=0|zone=2) [ 14.120432] page_type: f5(slab) [ 14.120697] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.121216] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.121649] page dumped because: kasan: bad access detected [ 14.121922] [ 14.122024] Memory state around the buggy address: [ 14.122538] ffff888102ab8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.122812] ffff888102ab8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.123526] >ffff888102ab9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.123945] ^ [ 14.124470] ffff888102ab9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.124746] ffff888102ab9100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.125360] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.531376] ================================================================== [ 13.531821] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.532281] Read of size 1 at addr ffff8881026b4140 by task kunit_try_catch/232 [ 13.532533] [ 13.532733] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.532782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.532794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.532821] Call Trace: [ 13.532835] <TASK> [ 13.532856] dump_stack_lvl+0x73/0xb0 [ 13.532895] print_report+0xd1/0x650 [ 13.532920] ? __virt_addr_valid+0x1db/0x2d0 [ 13.532959] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.532986] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.533009] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.533035] kasan_report+0x141/0x180 [ 13.533100] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.533130] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.533155] __kasan_check_byte+0x3d/0x50 [ 13.533189] kmem_cache_destroy+0x25/0x1d0 [ 13.533215] kmem_cache_double_destroy+0x1bf/0x380 [ 13.533240] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.533265] ? finish_task_switch.isra.0+0x153/0x700 [ 13.533289] ? __switch_to+0x47/0xf50 [ 13.533319] ? __pfx_read_tsc+0x10/0x10 [ 13.533341] ? ktime_get_ts64+0x86/0x230 [ 13.533367] kunit_try_run_case+0x1a5/0x480 [ 13.533396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.533432] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.533460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.533485] ? __kthread_parkme+0x82/0x180 [ 13.533544] ? preempt_count_sub+0x50/0x80 [ 13.533567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.533603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.533628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.533654] kthread+0x337/0x6f0 [ 13.533673] ? trace_preempt_on+0x20/0xc0 [ 13.533698] ? __pfx_kthread+0x10/0x10 [ 13.533718] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.533739] ? calculate_sigpending+0x7b/0xa0 [ 13.533764] ? __pfx_kthread+0x10/0x10 [ 13.533785] ret_from_fork+0x116/0x1d0 [ 13.533837] ? __pfx_kthread+0x10/0x10 [ 13.533858] ret_from_fork_asm+0x1a/0x30 [ 13.533900] </TASK> [ 13.533911] [ 13.545517] Allocated by task 232: [ 13.545660] kasan_save_stack+0x45/0x70 [ 13.545920] kasan_save_track+0x18/0x40 [ 13.546272] kasan_save_alloc_info+0x3b/0x50 [ 13.546532] __kasan_slab_alloc+0x91/0xa0 [ 13.546689] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.546866] __kmem_cache_create_args+0x169/0x240 [ 13.547060] kmem_cache_double_destroy+0xd5/0x380 [ 13.547376] kunit_try_run_case+0x1a5/0x480 [ 13.547590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.547993] kthread+0x337/0x6f0 [ 13.548232] ret_from_fork+0x116/0x1d0 [ 13.548445] ret_from_fork_asm+0x1a/0x30 [ 13.548599] [ 13.548668] Freed by task 232: [ 13.548777] kasan_save_stack+0x45/0x70 [ 13.548908] kasan_save_track+0x18/0x40 [ 13.549183] kasan_save_free_info+0x3f/0x60 [ 13.549455] __kasan_slab_free+0x56/0x70 [ 13.549775] kmem_cache_free+0x249/0x420 [ 13.550126] slab_kmem_cache_release+0x2e/0x40 [ 13.550630] kmem_cache_release+0x16/0x20 [ 13.550873] kobject_put+0x181/0x450 [ 13.551138] sysfs_slab_release+0x16/0x20 [ 13.551282] kmem_cache_destroy+0xf0/0x1d0 [ 13.551423] kmem_cache_double_destroy+0x14e/0x380 [ 13.551813] kunit_try_run_case+0x1a5/0x480 [ 13.552082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.552343] kthread+0x337/0x6f0 [ 13.552513] ret_from_fork+0x116/0x1d0 [ 13.552666] ret_from_fork_asm+0x1a/0x30 [ 13.553169] [ 13.553257] The buggy address belongs to the object at ffff8881026b4140 [ 13.553257] which belongs to the cache kmem_cache of size 208 [ 13.553808] The buggy address is located 0 bytes inside of [ 13.553808] freed 208-byte region [ffff8881026b4140, ffff8881026b4210) [ 13.554378] [ 13.554458] The buggy address belongs to the physical page: [ 13.554916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b4 [ 13.555321] flags: 0x200000000000000(node=0|zone=2) [ 13.555575] page_type: f5(slab) [ 13.555840] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.556263] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.556527] page dumped because: kasan: bad access detected [ 13.556742] [ 13.556838] Memory state around the buggy address: [ 13.557318] ffff8881026b4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.557702] ffff8881026b4080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.558264] >ffff8881026b4100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.558534] ^ [ 13.558752] ffff8881026b4180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.559079] ffff8881026b4200: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.559521] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.469115] ================================================================== [ 13.469752] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.470211] Read of size 1 at addr ffff888102ab6000 by task kunit_try_catch/230 [ 13.470660] [ 13.470982] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.471033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.471045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.471067] Call Trace: [ 13.471545] <TASK> [ 13.471574] dump_stack_lvl+0x73/0xb0 [ 13.471613] print_report+0xd1/0x650 [ 13.471637] ? __virt_addr_valid+0x1db/0x2d0 [ 13.471660] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.471683] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.471706] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.471729] kasan_report+0x141/0x180 [ 13.471750] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.471777] __asan_report_load1_noabort+0x18/0x20 [ 13.471801] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.471824] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.471847] ? finish_task_switch.isra.0+0x153/0x700 [ 13.471871] ? __switch_to+0x47/0xf50 [ 13.471898] ? __pfx_read_tsc+0x10/0x10 [ 13.471920] ? ktime_get_ts64+0x86/0x230 [ 13.472116] kunit_try_run_case+0x1a5/0x480 [ 13.472147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.472170] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.472195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.472464] ? __kthread_parkme+0x82/0x180 [ 13.472488] ? preempt_count_sub+0x50/0x80 [ 13.472512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.472537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.472561] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.472587] kthread+0x337/0x6f0 [ 13.472605] ? trace_preempt_on+0x20/0xc0 [ 13.472629] ? __pfx_kthread+0x10/0x10 [ 13.472650] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.472672] ? calculate_sigpending+0x7b/0xa0 [ 13.472696] ? __pfx_kthread+0x10/0x10 [ 13.472717] ret_from_fork+0x116/0x1d0 [ 13.472736] ? __pfx_kthread+0x10/0x10 [ 13.472756] ret_from_fork_asm+0x1a/0x30 [ 13.472787] </TASK> [ 13.472798] [ 13.484685] Allocated by task 230: [ 13.484896] kasan_save_stack+0x45/0x70 [ 13.485409] kasan_save_track+0x18/0x40 [ 13.485584] kasan_save_alloc_info+0x3b/0x50 [ 13.485970] __kasan_slab_alloc+0x91/0xa0 [ 13.486188] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.486459] kmem_cache_rcu_uaf+0x155/0x510 [ 13.486660] kunit_try_run_case+0x1a5/0x480 [ 13.486858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.487109] kthread+0x337/0x6f0 [ 13.487354] ret_from_fork+0x116/0x1d0 [ 13.487518] ret_from_fork_asm+0x1a/0x30 [ 13.488268] [ 13.488372] Freed by task 0: [ 13.488559] kasan_save_stack+0x45/0x70 [ 13.488794] kasan_save_track+0x18/0x40 [ 13.489357] kasan_save_free_info+0x3f/0x60 [ 13.489658] __kasan_slab_free+0x56/0x70 [ 13.489884] slab_free_after_rcu_debug+0xe4/0x310 [ 13.490275] rcu_core+0x66f/0x1c40 [ 13.490737] rcu_core_si+0x12/0x20 [ 13.490963] handle_softirqs+0x209/0x730 [ 13.491414] __irq_exit_rcu+0xc9/0x110 [ 13.491577] irq_exit_rcu+0x12/0x20 [ 13.491786] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.492431] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.492659] [ 13.492745] Last potentially related work creation: [ 13.493100] kasan_save_stack+0x45/0x70 [ 13.493680] kasan_record_aux_stack+0xb2/0xc0 [ 13.493854] kmem_cache_free+0x131/0x420 [ 13.494371] kmem_cache_rcu_uaf+0x194/0x510 [ 13.494583] kunit_try_run_case+0x1a5/0x480 [ 13.494921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.495354] kthread+0x337/0x6f0 [ 13.495603] ret_from_fork+0x116/0x1d0 [ 13.495847] ret_from_fork_asm+0x1a/0x30 [ 13.496095] [ 13.496505] The buggy address belongs to the object at ffff888102ab6000 [ 13.496505] which belongs to the cache test_cache of size 200 [ 13.497351] The buggy address is located 0 bytes inside of [ 13.497351] freed 200-byte region [ffff888102ab6000, ffff888102ab60c8) [ 13.497854] [ 13.498180] The buggy address belongs to the physical page: [ 13.498605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab6 [ 13.498963] flags: 0x200000000000000(node=0|zone=2) [ 13.499404] page_type: f5(slab) [ 13.499674] raw: 0200000000000000 ffff888100929b40 dead000000000122 0000000000000000 [ 13.500347] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.500776] page dumped because: kasan: bad access detected [ 13.501030] [ 13.501132] Memory state around the buggy address: [ 13.501630] ffff888102ab5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.501946] ffff888102ab5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.502576] >ffff888102ab6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.503085] ^ [ 13.503244] ffff888102ab6080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.503761] ffff888102ab6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.504269] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.408230] ================================================================== [ 13.408710] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.409103] Free of addr ffff8881026b7001 by task kunit_try_catch/228 [ 13.409375] [ 13.409575] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.409624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.409636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.409656] Call Trace: [ 13.409669] <TASK> [ 13.409688] dump_stack_lvl+0x73/0xb0 [ 13.409722] print_report+0xd1/0x650 [ 13.409745] ? __virt_addr_valid+0x1db/0x2d0 [ 13.409770] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.409793] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.409819] kasan_report_invalid_free+0x10a/0x130 [ 13.409843] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.409870] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.409895] check_slab_allocation+0x11f/0x130 [ 13.409916] __kasan_slab_pre_free+0x28/0x40 [ 13.409947] kmem_cache_free+0xed/0x420 [ 13.409967] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.410036] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.410066] kmem_cache_invalid_free+0x1d8/0x460 [ 13.410091] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.410137] ? finish_task_switch.isra.0+0x153/0x700 [ 13.410161] ? __switch_to+0x47/0xf50 [ 13.410201] ? __pfx_read_tsc+0x10/0x10 [ 13.410223] ? ktime_get_ts64+0x86/0x230 [ 13.410247] kunit_try_run_case+0x1a5/0x480 [ 13.410281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.410304] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.410338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.410361] ? __kthread_parkme+0x82/0x180 [ 13.410382] ? preempt_count_sub+0x50/0x80 [ 13.410415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.410439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.410463] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.410487] kthread+0x337/0x6f0 [ 13.410505] ? trace_preempt_on+0x20/0xc0 [ 13.410529] ? __pfx_kthread+0x10/0x10 [ 13.410549] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.410570] ? calculate_sigpending+0x7b/0xa0 [ 13.410594] ? __pfx_kthread+0x10/0x10 [ 13.410615] ret_from_fork+0x116/0x1d0 [ 13.410633] ? __pfx_kthread+0x10/0x10 [ 13.410652] ret_from_fork_asm+0x1a/0x30 [ 13.410683] </TASK> [ 13.410694] [ 13.419237] Allocated by task 228: [ 13.419423] kasan_save_stack+0x45/0x70 [ 13.419630] kasan_save_track+0x18/0x40 [ 13.419822] kasan_save_alloc_info+0x3b/0x50 [ 13.420053] __kasan_slab_alloc+0x91/0xa0 [ 13.420252] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.420544] kmem_cache_invalid_free+0x157/0x460 [ 13.420730] kunit_try_run_case+0x1a5/0x480 [ 13.420876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.421060] kthread+0x337/0x6f0 [ 13.421189] ret_from_fork+0x116/0x1d0 [ 13.421373] ret_from_fork_asm+0x1a/0x30 [ 13.421565] [ 13.421857] The buggy address belongs to the object at ffff8881026b7000 [ 13.421857] which belongs to the cache test_cache of size 200 [ 13.422728] The buggy address is located 1 bytes inside of [ 13.422728] 200-byte region [ffff8881026b7000, ffff8881026b70c8) [ 13.423374] [ 13.423518] The buggy address belongs to the physical page: [ 13.423912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b7 [ 13.424314] flags: 0x200000000000000(node=0|zone=2) [ 13.424488] page_type: f5(slab) [ 13.424609] raw: 0200000000000000 ffff8881026b4000 dead000000000122 0000000000000000 [ 13.425001] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.425423] page dumped because: kasan: bad access detected [ 13.425595] [ 13.425662] Memory state around the buggy address: [ 13.425860] ffff8881026b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.426557] ffff8881026b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.426889] >ffff8881026b7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.427430] ^ [ 13.427650] ffff8881026b7080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.427872] ffff8881026b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.428525] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.373847] ================================================================== [ 13.374331] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.374580] Free of addr ffff8881026b4000 by task kunit_try_catch/226 [ 13.374787] [ 13.374884] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.374944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.374955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.374977] Call Trace: [ 13.374989] <TASK> [ 13.375009] dump_stack_lvl+0x73/0xb0 [ 13.375040] print_report+0xd1/0x650 [ 13.375064] ? __virt_addr_valid+0x1db/0x2d0 [ 13.375090] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.375112] ? kmem_cache_double_free+0x1e5/0x480 [ 13.375138] kasan_report_invalid_free+0x10a/0x130 [ 13.375162] ? kmem_cache_double_free+0x1e5/0x480 [ 13.375242] ? kmem_cache_double_free+0x1e5/0x480 [ 13.375266] check_slab_allocation+0x101/0x130 [ 13.375300] __kasan_slab_pre_free+0x28/0x40 [ 13.375322] kmem_cache_free+0xed/0x420 [ 13.375342] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.375363] ? kmem_cache_double_free+0x1e5/0x480 [ 13.375390] kmem_cache_double_free+0x1e5/0x480 [ 13.375435] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.375460] ? finish_task_switch.isra.0+0x153/0x700 [ 13.375485] ? __switch_to+0x47/0xf50 [ 13.375521] ? __pfx_read_tsc+0x10/0x10 [ 13.375542] ? ktime_get_ts64+0x86/0x230 [ 13.375569] kunit_try_run_case+0x1a5/0x480 [ 13.375595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.375618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.375644] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.375668] ? __kthread_parkme+0x82/0x180 [ 13.375689] ? preempt_count_sub+0x50/0x80 [ 13.375711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.375736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.375760] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.375785] kthread+0x337/0x6f0 [ 13.375804] ? trace_preempt_on+0x20/0xc0 [ 13.375828] ? __pfx_kthread+0x10/0x10 [ 13.375848] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.375869] ? calculate_sigpending+0x7b/0xa0 [ 13.375893] ? __pfx_kthread+0x10/0x10 [ 13.375914] ret_from_fork+0x116/0x1d0 [ 13.375942] ? __pfx_kthread+0x10/0x10 [ 13.375962] ret_from_fork_asm+0x1a/0x30 [ 13.375993] </TASK> [ 13.376004] [ 13.389062] Allocated by task 226: [ 13.389203] kasan_save_stack+0x45/0x70 [ 13.389577] kasan_save_track+0x18/0x40 [ 13.389945] kasan_save_alloc_info+0x3b/0x50 [ 13.390367] __kasan_slab_alloc+0x91/0xa0 [ 13.390745] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.391175] kmem_cache_double_free+0x14f/0x480 [ 13.391605] kunit_try_run_case+0x1a5/0x480 [ 13.391990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.392331] kthread+0x337/0x6f0 [ 13.392460] ret_from_fork+0x116/0x1d0 [ 13.392593] ret_from_fork_asm+0x1a/0x30 [ 13.392733] [ 13.392803] Freed by task 226: [ 13.392914] kasan_save_stack+0x45/0x70 [ 13.393060] kasan_save_track+0x18/0x40 [ 13.393195] kasan_save_free_info+0x3f/0x60 [ 13.393400] __kasan_slab_free+0x56/0x70 [ 13.393709] kmem_cache_free+0x249/0x420 [ 13.393877] kmem_cache_double_free+0x16a/0x480 [ 13.394071] kunit_try_run_case+0x1a5/0x480 [ 13.394303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.394613] kthread+0x337/0x6f0 [ 13.394839] ret_from_fork+0x116/0x1d0 [ 13.394978] ret_from_fork_asm+0x1a/0x30 [ 13.395157] [ 13.395271] The buggy address belongs to the object at ffff8881026b4000 [ 13.395271] which belongs to the cache test_cache of size 200 [ 13.395758] The buggy address is located 0 bytes inside of [ 13.395758] 200-byte region [ffff8881026b4000, ffff8881026b40c8) [ 13.396194] [ 13.396270] The buggy address belongs to the physical page: [ 13.396498] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b4 [ 13.396866] flags: 0x200000000000000(node=0|zone=2) [ 13.397101] page_type: f5(slab) [ 13.397243] raw: 0200000000000000 ffff888101864dc0 dead000000000122 0000000000000000 [ 13.397548] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.397806] page dumped because: kasan: bad access detected [ 13.398068] [ 13.398138] Memory state around the buggy address: [ 13.398326] ffff8881026b3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.398647] ffff8881026b3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.398991] >ffff8881026b4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.399206] ^ [ 13.399499] ffff8881026b4080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.399838] ffff8881026b4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.400119] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.327462] ================================================================== [ 13.328127] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.328496] Read of size 1 at addr ffff888102ab10c8 by task kunit_try_catch/224 [ 13.328775] [ 13.328877] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.328924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.328948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.329261] Call Trace: [ 13.329274] <TASK> [ 13.329293] dump_stack_lvl+0x73/0xb0 [ 13.329345] print_report+0xd1/0x650 [ 13.329370] ? __virt_addr_valid+0x1db/0x2d0 [ 13.329394] ? kmem_cache_oob+0x402/0x530 [ 13.329417] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.329440] ? kmem_cache_oob+0x402/0x530 [ 13.329462] kasan_report+0x141/0x180 [ 13.329483] ? kmem_cache_oob+0x402/0x530 [ 13.329510] __asan_report_load1_noabort+0x18/0x20 [ 13.329535] kmem_cache_oob+0x402/0x530 [ 13.329556] ? trace_hardirqs_on+0x37/0xe0 [ 13.329580] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.329602] ? finish_task_switch.isra.0+0x153/0x700 [ 13.329626] ? __switch_to+0x47/0xf50 [ 13.329654] ? __pfx_read_tsc+0x10/0x10 [ 13.329675] ? ktime_get_ts64+0x86/0x230 [ 13.329700] kunit_try_run_case+0x1a5/0x480 [ 13.329726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.329748] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.329772] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.329796] ? __kthread_parkme+0x82/0x180 [ 13.329817] ? preempt_count_sub+0x50/0x80 [ 13.329839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.329863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.329888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.329913] kthread+0x337/0x6f0 [ 13.329944] ? trace_preempt_on+0x20/0xc0 [ 13.329978] ? __pfx_kthread+0x10/0x10 [ 13.329998] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.330019] ? calculate_sigpending+0x7b/0xa0 [ 13.330043] ? __pfx_kthread+0x10/0x10 [ 13.330064] ret_from_fork+0x116/0x1d0 [ 13.330082] ? __pfx_kthread+0x10/0x10 [ 13.330102] ret_from_fork_asm+0x1a/0x30 [ 13.330134] </TASK> [ 13.330145] [ 13.341492] Allocated by task 224: [ 13.341680] kasan_save_stack+0x45/0x70 [ 13.342126] kasan_save_track+0x18/0x40 [ 13.342454] kasan_save_alloc_info+0x3b/0x50 [ 13.342679] __kasan_slab_alloc+0x91/0xa0 [ 13.343094] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.343415] kmem_cache_oob+0x157/0x530 [ 13.343593] kunit_try_run_case+0x1a5/0x480 [ 13.343923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.344185] kthread+0x337/0x6f0 [ 13.344800] ret_from_fork+0x116/0x1d0 [ 13.345062] ret_from_fork_asm+0x1a/0x30 [ 13.345456] [ 13.345557] The buggy address belongs to the object at ffff888102ab1000 [ 13.345557] which belongs to the cache test_cache of size 200 [ 13.346331] The buggy address is located 0 bytes to the right of [ 13.346331] allocated 200-byte region [ffff888102ab1000, ffff888102ab10c8) [ 13.347009] [ 13.347222] The buggy address belongs to the physical page: [ 13.347522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab1 [ 13.347998] flags: 0x200000000000000(node=0|zone=2) [ 13.348499] page_type: f5(slab) [ 13.348759] raw: 0200000000000000 ffff888100929a00 dead000000000122 0000000000000000 [ 13.349417] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.349748] page dumped because: kasan: bad access detected [ 13.350160] [ 13.350258] Memory state around the buggy address: [ 13.350537] ffff888102ab0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.351153] ffff888102ab1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.351573] >ffff888102ab1080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.351849] ^ [ 13.352443] ffff888102ab1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.352743] ffff888102ab1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.353269] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.284676] ================================================================== [ 13.285138] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.285459] Read of size 8 at addr ffff8881026ae780 by task kunit_try_catch/217 [ 13.286106] [ 13.286216] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.286273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.286285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.286307] Call Trace: [ 13.286319] <TASK> [ 13.286337] dump_stack_lvl+0x73/0xb0 [ 13.286372] print_report+0xd1/0x650 [ 13.286395] ? __virt_addr_valid+0x1db/0x2d0 [ 13.286419] ? workqueue_uaf+0x4d6/0x560 [ 13.286439] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.286462] ? workqueue_uaf+0x4d6/0x560 [ 13.286483] kasan_report+0x141/0x180 [ 13.286504] ? workqueue_uaf+0x4d6/0x560 [ 13.286530] __asan_report_load8_noabort+0x18/0x20 [ 13.286554] workqueue_uaf+0x4d6/0x560 [ 13.286576] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.286597] ? __schedule+0x10cc/0x2b60 [ 13.286619] ? __pfx_read_tsc+0x10/0x10 [ 13.286640] ? ktime_get_ts64+0x86/0x230 [ 13.286665] kunit_try_run_case+0x1a5/0x480 [ 13.286690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.286719] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.286743] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.286766] ? __kthread_parkme+0x82/0x180 [ 13.286787] ? preempt_count_sub+0x50/0x80 [ 13.286811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.286834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.286859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.286883] kthread+0x337/0x6f0 [ 13.286901] ? trace_preempt_on+0x20/0xc0 [ 13.286935] ? __pfx_kthread+0x10/0x10 [ 13.287202] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.287230] ? calculate_sigpending+0x7b/0xa0 [ 13.287255] ? __pfx_kthread+0x10/0x10 [ 13.287296] ret_from_fork+0x116/0x1d0 [ 13.287316] ? __pfx_kthread+0x10/0x10 [ 13.287375] ret_from_fork_asm+0x1a/0x30 [ 13.287406] </TASK> [ 13.287419] [ 13.298832] Allocated by task 217: [ 13.299182] kasan_save_stack+0x45/0x70 [ 13.299842] kasan_save_track+0x18/0x40 [ 13.300078] kasan_save_alloc_info+0x3b/0x50 [ 13.300462] __kasan_kmalloc+0xb7/0xc0 [ 13.300657] __kmalloc_cache_noprof+0x189/0x420 [ 13.300868] workqueue_uaf+0x152/0x560 [ 13.301441] kunit_try_run_case+0x1a5/0x480 [ 13.301630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.301867] kthread+0x337/0x6f0 [ 13.302221] ret_from_fork+0x116/0x1d0 [ 13.302622] ret_from_fork_asm+0x1a/0x30 [ 13.302805] [ 13.302897] Freed by task 9: [ 13.303243] kasan_save_stack+0x45/0x70 [ 13.303423] kasan_save_track+0x18/0x40 [ 13.303603] kasan_save_free_info+0x3f/0x60 [ 13.303797] __kasan_slab_free+0x56/0x70 [ 13.304215] kfree+0x222/0x3f0 [ 13.304500] workqueue_uaf_work+0x12/0x20 [ 13.304686] process_one_work+0x5ee/0xf60 [ 13.304871] worker_thread+0x758/0x1220 [ 13.305229] kthread+0x337/0x6f0 [ 13.305398] ret_from_fork+0x116/0x1d0 [ 13.305572] ret_from_fork_asm+0x1a/0x30 [ 13.305754] [ 13.305841] Last potentially related work creation: [ 13.306099] kasan_save_stack+0x45/0x70 [ 13.306300] kasan_record_aux_stack+0xb2/0xc0 [ 13.306497] __queue_work+0x626/0xeb0 [ 13.306670] queue_work_on+0xb6/0xc0 [ 13.306842] workqueue_uaf+0x26d/0x560 [ 13.307065] kunit_try_run_case+0x1a5/0x480 [ 13.307262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.307490] kthread+0x337/0x6f0 [ 13.307638] ret_from_fork+0x116/0x1d0 [ 13.307806] ret_from_fork_asm+0x1a/0x30 [ 13.308038] [ 13.308127] The buggy address belongs to the object at ffff8881026ae780 [ 13.308127] which belongs to the cache kmalloc-32 of size 32 [ 13.308743] The buggy address is located 0 bytes inside of [ 13.308743] freed 32-byte region [ffff8881026ae780, ffff8881026ae7a0) [ 13.309621] [ 13.309723] The buggy address belongs to the physical page: [ 13.310030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ae [ 13.310472] flags: 0x200000000000000(node=0|zone=2) [ 13.310691] page_type: f5(slab) [ 13.310853] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.311222] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.311754] page dumped because: kasan: bad access detected [ 13.312074] [ 13.312165] Memory state around the buggy address: [ 13.313220] ffff8881026ae680: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.313470] ffff8881026ae700: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.313704] >ffff8881026ae780: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.314284] ^ [ 13.314450] ffff8881026ae800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.314746] ffff8881026ae880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.315106] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.230084] ================================================================== [ 13.230536] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.230783] Read of size 4 at addr ffff888102aad5c0 by task swapper/1/0 [ 13.230999] [ 13.231094] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.231139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.231151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.231173] Call Trace: [ 13.231200] <IRQ> [ 13.231220] dump_stack_lvl+0x73/0xb0 [ 13.231253] print_report+0xd1/0x650 [ 13.231275] ? __virt_addr_valid+0x1db/0x2d0 [ 13.231299] ? rcu_uaf_reclaim+0x50/0x60 [ 13.231318] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.231339] ? rcu_uaf_reclaim+0x50/0x60 [ 13.231358] kasan_report+0x141/0x180 [ 13.231379] ? rcu_uaf_reclaim+0x50/0x60 [ 13.231403] __asan_report_load4_noabort+0x18/0x20 [ 13.231427] rcu_uaf_reclaim+0x50/0x60 [ 13.231446] rcu_core+0x66f/0x1c40 [ 13.231473] ? __pfx_rcu_core+0x10/0x10 [ 13.231493] ? ktime_get+0x6b/0x150 [ 13.231514] ? handle_softirqs+0x18e/0x730 [ 13.231537] rcu_core_si+0x12/0x20 [ 13.231556] handle_softirqs+0x209/0x730 [ 13.231574] ? hrtimer_interrupt+0x2fe/0x780 [ 13.231595] ? __pfx_handle_softirqs+0x10/0x10 [ 13.231621] __irq_exit_rcu+0xc9/0x110 [ 13.231640] irq_exit_rcu+0x12/0x20 [ 13.231659] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.231686] </IRQ> [ 13.231709] <TASK> [ 13.231719] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.231807] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.232070] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d e3 81 21 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.232156] RSP: 0000:ffff888100877dc8 EFLAGS: 00010212 [ 13.232309] RAX: ffff8881c6972000 RBX: ffff888100853000 RCX: ffffffff92274105 [ 13.232357] RDX: ffffed102b62618b RSI: 0000000000000004 RDI: 000000000000efec [ 13.232401] RBP: ffff888100877dd0 R08: 0000000000000001 R09: ffffed102b62618a [ 13.232444] R10: ffff88815b130c53 R11: ffffffff947c36c0 R12: 0000000000000001 [ 13.232485] R13: ffffed102010a600 R14: ffffffff93fb1390 R15: 0000000000000000 [ 13.232546] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.232603] ? default_idle+0xd/0x20 [ 13.232625] arch_cpu_idle+0xd/0x20 [ 13.232647] default_idle_call+0x48/0x80 [ 13.232666] do_idle+0x379/0x4f0 [ 13.232689] ? complete+0x15b/0x1d0 [ 13.232706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.232733] ? __pfx_do_idle+0x10/0x10 [ 13.232754] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 13.232803] ? complete+0x15b/0x1d0 [ 13.232824] cpu_startup_entry+0x5c/0x70 [ 13.232843] start_secondary+0x211/0x290 [ 13.232865] ? __pfx_start_secondary+0x10/0x10 [ 13.232891] common_startup_64+0x13e/0x148 [ 13.232923] </TASK> [ 13.232947] [ 13.257135] Allocated by task 215: [ 13.257655] kasan_save_stack+0x45/0x70 [ 13.258285] kasan_save_track+0x18/0x40 [ 13.258789] kasan_save_alloc_info+0x3b/0x50 [ 13.258964] __kasan_kmalloc+0xb7/0xc0 [ 13.259115] __kmalloc_cache_noprof+0x189/0x420 [ 13.259705] rcu_uaf+0xb0/0x330 [ 13.260161] kunit_try_run_case+0x1a5/0x480 [ 13.260557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.261329] kthread+0x337/0x6f0 [ 13.261588] ret_from_fork+0x116/0x1d0 [ 13.262066] ret_from_fork_asm+0x1a/0x30 [ 13.262314] [ 13.262656] Freed by task 0: [ 13.263062] kasan_save_stack+0x45/0x70 [ 13.263294] kasan_save_track+0x18/0x40 [ 13.263807] kasan_save_free_info+0x3f/0x60 [ 13.264224] __kasan_slab_free+0x56/0x70 [ 13.264676] kfree+0x222/0x3f0 [ 13.264800] rcu_uaf_reclaim+0x1f/0x60 [ 13.264942] rcu_core+0x66f/0x1c40 [ 13.265437] rcu_core_si+0x12/0x20 [ 13.265766] handle_softirqs+0x209/0x730 [ 13.266438] __irq_exit_rcu+0xc9/0x110 [ 13.266588] irq_exit_rcu+0x12/0x20 [ 13.266723] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.266889] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.267304] [ 13.267700] Last potentially related work creation: [ 13.268235] kasan_save_stack+0x45/0x70 [ 13.268756] kasan_record_aux_stack+0xb2/0xc0 [ 13.269028] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 13.269445] call_rcu+0x12/0x20 [ 13.269686] rcu_uaf+0x168/0x330 [ 13.270150] kunit_try_run_case+0x1a5/0x480 [ 13.270348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.270596] kthread+0x337/0x6f0 [ 13.270771] ret_from_fork+0x116/0x1d0 [ 13.271321] ret_from_fork_asm+0x1a/0x30 [ 13.271536] [ 13.271627] The buggy address belongs to the object at ffff888102aad5c0 [ 13.271627] which belongs to the cache kmalloc-32 of size 32 [ 13.272402] The buggy address is located 0 bytes inside of [ 13.272402] freed 32-byte region [ffff888102aad5c0, ffff888102aad5e0) [ 13.273243] [ 13.273430] The buggy address belongs to the physical page: [ 13.273810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aad [ 13.274260] flags: 0x200000000000000(node=0|zone=2) [ 13.274805] page_type: f5(slab) [ 13.274958] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.275557] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.275984] page dumped because: kasan: bad access detected [ 13.276471] [ 13.276577] Memory state around the buggy address: [ 13.276792] ffff888102aad480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.277406] ffff888102aad500: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.277658] >ffff888102aad580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.278364] ^ [ 13.278606] ffff888102aad600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.279236] ffff888102aad680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.279657] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.129371] ================================================================== [ 13.129829] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.130336] Read of size 1 at addr ffff888102a9ed00 by task kunit_try_catch/213 [ 13.130923] [ 13.131319] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.131371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.131383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.131405] Call Trace: [ 13.131417] <TASK> [ 13.131436] dump_stack_lvl+0x73/0xb0 [ 13.131471] print_report+0xd1/0x650 [ 13.131494] ? __virt_addr_valid+0x1db/0x2d0 [ 13.131611] ? ksize_uaf+0x19d/0x6c0 [ 13.131633] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.131656] ? ksize_uaf+0x19d/0x6c0 [ 13.131677] kasan_report+0x141/0x180 [ 13.131699] ? ksize_uaf+0x19d/0x6c0 [ 13.131722] ? ksize_uaf+0x19d/0x6c0 [ 13.131742] __kasan_check_byte+0x3d/0x50 [ 13.131764] ksize+0x20/0x60 [ 13.131785] ksize_uaf+0x19d/0x6c0 [ 13.131805] ? __pfx_ksize_uaf+0x10/0x10 [ 13.131827] ? __schedule+0x10cc/0x2b60 [ 13.131850] ? __pfx_read_tsc+0x10/0x10 [ 13.131872] ? ktime_get_ts64+0x86/0x230 [ 13.131898] kunit_try_run_case+0x1a5/0x480 [ 13.131937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.132301] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.132334] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.132358] ? __kthread_parkme+0x82/0x180 [ 13.132380] ? preempt_count_sub+0x50/0x80 [ 13.132405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.132431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.132456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.132481] kthread+0x337/0x6f0 [ 13.132500] ? trace_preempt_on+0x20/0xc0 [ 13.132525] ? __pfx_kthread+0x10/0x10 [ 13.132545] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.132566] ? calculate_sigpending+0x7b/0xa0 [ 13.132591] ? __pfx_kthread+0x10/0x10 [ 13.132612] ret_from_fork+0x116/0x1d0 [ 13.132631] ? __pfx_kthread+0x10/0x10 [ 13.132651] ret_from_fork_asm+0x1a/0x30 [ 13.132683] </TASK> [ 13.132694] [ 13.144640] Allocated by task 213: [ 13.144942] kasan_save_stack+0x45/0x70 [ 13.145189] kasan_save_track+0x18/0x40 [ 13.145782] kasan_save_alloc_info+0x3b/0x50 [ 13.146046] __kasan_kmalloc+0xb7/0xc0 [ 13.146522] __kmalloc_cache_noprof+0x189/0x420 [ 13.146759] ksize_uaf+0xaa/0x6c0 [ 13.147114] kunit_try_run_case+0x1a5/0x480 [ 13.147516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.147781] kthread+0x337/0x6f0 [ 13.148122] ret_from_fork+0x116/0x1d0 [ 13.148602] ret_from_fork_asm+0x1a/0x30 [ 13.148799] [ 13.148888] Freed by task 213: [ 13.149359] kasan_save_stack+0x45/0x70 [ 13.149549] kasan_save_track+0x18/0x40 [ 13.150019] kasan_save_free_info+0x3f/0x60 [ 13.150221] __kasan_slab_free+0x56/0x70 [ 13.150541] kfree+0x222/0x3f0 [ 13.150726] ksize_uaf+0x12c/0x6c0 [ 13.151134] kunit_try_run_case+0x1a5/0x480 [ 13.151471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.151729] kthread+0x337/0x6f0 [ 13.151900] ret_from_fork+0x116/0x1d0 [ 13.152440] ret_from_fork_asm+0x1a/0x30 [ 13.152654] [ 13.152898] The buggy address belongs to the object at ffff888102a9ed00 [ 13.152898] which belongs to the cache kmalloc-128 of size 128 [ 13.154095] The buggy address is located 0 bytes inside of [ 13.154095] freed 128-byte region [ffff888102a9ed00, ffff888102a9ed80) [ 13.154834] [ 13.155151] The buggy address belongs to the physical page: [ 13.155514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a9e [ 13.155849] flags: 0x200000000000000(node=0|zone=2) [ 13.156294] page_type: f5(slab) [ 13.156643] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.157208] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.157756] page dumped because: kasan: bad access detected [ 13.158024] [ 13.158352] Memory state around the buggy address: [ 13.158596] ffff888102a9ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.158854] ffff888102a9ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.159574] >ffff888102a9ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.159851] ^ [ 13.160067] ffff888102a9ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.160588] ffff888102a9ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.160987] ================================================================== [ 13.194153] ================================================================== [ 13.194649] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.194908] Read of size 1 at addr ffff888102a9ed78 by task kunit_try_catch/213 [ 13.195416] [ 13.195529] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.195574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.195597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.195617] Call Trace: [ 13.195636] <TASK> [ 13.195655] dump_stack_lvl+0x73/0xb0 [ 13.195687] print_report+0xd1/0x650 [ 13.195720] ? __virt_addr_valid+0x1db/0x2d0 [ 13.195743] ? ksize_uaf+0x5e4/0x6c0 [ 13.195763] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.195797] ? ksize_uaf+0x5e4/0x6c0 [ 13.195818] kasan_report+0x141/0x180 [ 13.195839] ? ksize_uaf+0x5e4/0x6c0 [ 13.195864] __asan_report_load1_noabort+0x18/0x20 [ 13.195889] ksize_uaf+0x5e4/0x6c0 [ 13.195908] ? __pfx_ksize_uaf+0x10/0x10 [ 13.195944] ? __schedule+0x10cc/0x2b60 [ 13.196048] ? __pfx_read_tsc+0x10/0x10 [ 13.196084] ? ktime_get_ts64+0x86/0x230 [ 13.196110] kunit_try_run_case+0x1a5/0x480 [ 13.196136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.196170] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.196195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.196218] ? __kthread_parkme+0x82/0x180 [ 13.196239] ? preempt_count_sub+0x50/0x80 [ 13.196263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.196297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.196321] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.196357] kthread+0x337/0x6f0 [ 13.196376] ? trace_preempt_on+0x20/0xc0 [ 13.196400] ? __pfx_kthread+0x10/0x10 [ 13.196420] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.196441] ? calculate_sigpending+0x7b/0xa0 [ 13.196466] ? __pfx_kthread+0x10/0x10 [ 13.196486] ret_from_fork+0x116/0x1d0 [ 13.196506] ? __pfx_kthread+0x10/0x10 [ 13.196526] ret_from_fork_asm+0x1a/0x30 [ 13.196557] </TASK> [ 13.196568] [ 13.204359] Allocated by task 213: [ 13.204579] kasan_save_stack+0x45/0x70 [ 13.204810] kasan_save_track+0x18/0x40 [ 13.205071] kasan_save_alloc_info+0x3b/0x50 [ 13.205225] __kasan_kmalloc+0xb7/0xc0 [ 13.205502] __kmalloc_cache_noprof+0x189/0x420 [ 13.205752] ksize_uaf+0xaa/0x6c0 [ 13.205915] kunit_try_run_case+0x1a5/0x480 [ 13.206129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.206503] kthread+0x337/0x6f0 [ 13.206715] ret_from_fork+0x116/0x1d0 [ 13.207023] ret_from_fork_asm+0x1a/0x30 [ 13.207220] [ 13.207364] Freed by task 213: [ 13.207529] kasan_save_stack+0x45/0x70 [ 13.207700] kasan_save_track+0x18/0x40 [ 13.207881] kasan_save_free_info+0x3f/0x60 [ 13.208101] __kasan_slab_free+0x56/0x70 [ 13.208383] kfree+0x222/0x3f0 [ 13.208574] ksize_uaf+0x12c/0x6c0 [ 13.208726] kunit_try_run_case+0x1a5/0x480 [ 13.208869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.209054] kthread+0x337/0x6f0 [ 13.209173] ret_from_fork+0x116/0x1d0 [ 13.209324] ret_from_fork_asm+0x1a/0x30 [ 13.210817] [ 13.210920] The buggy address belongs to the object at ffff888102a9ed00 [ 13.210920] which belongs to the cache kmalloc-128 of size 128 [ 13.211707] The buggy address is located 120 bytes inside of [ 13.211707] freed 128-byte region [ffff888102a9ed00, ffff888102a9ed80) [ 13.212593] [ 13.212690] The buggy address belongs to the physical page: [ 13.212938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a9e [ 13.213264] flags: 0x200000000000000(node=0|zone=2) [ 13.213484] page_type: f5(slab) [ 13.213645] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.214572] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.215333] page dumped because: kasan: bad access detected [ 13.215818] [ 13.216069] Memory state around the buggy address: [ 13.216543] ffff888102a9ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.217304] ffff888102a9ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.217906] >ffff888102a9ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.218685] ^ [ 13.219071] ffff888102a9ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.219759] ffff888102a9ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.220240] ================================================================== [ 13.162006] ================================================================== [ 13.162318] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.162617] Read of size 1 at addr ffff888102a9ed00 by task kunit_try_catch/213 [ 13.163492] [ 13.163708] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.163844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.163858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.163878] Call Trace: [ 13.163897] <TASK> [ 13.163917] dump_stack_lvl+0x73/0xb0 [ 13.164227] print_report+0xd1/0x650 [ 13.164251] ? __virt_addr_valid+0x1db/0x2d0 [ 13.164274] ? ksize_uaf+0x5fe/0x6c0 [ 13.164294] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.164317] ? ksize_uaf+0x5fe/0x6c0 [ 13.164338] kasan_report+0x141/0x180 [ 13.164359] ? ksize_uaf+0x5fe/0x6c0 [ 13.164384] __asan_report_load1_noabort+0x18/0x20 [ 13.164408] ksize_uaf+0x5fe/0x6c0 [ 13.164428] ? __pfx_ksize_uaf+0x10/0x10 [ 13.164450] ? __schedule+0x10cc/0x2b60 [ 13.164472] ? __pfx_read_tsc+0x10/0x10 [ 13.164494] ? ktime_get_ts64+0x86/0x230 [ 13.164520] kunit_try_run_case+0x1a5/0x480 [ 13.164545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.164567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.164591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.164615] ? __kthread_parkme+0x82/0x180 [ 13.164636] ? preempt_count_sub+0x50/0x80 [ 13.164659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.164683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.164708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.164732] kthread+0x337/0x6f0 [ 13.164751] ? trace_preempt_on+0x20/0xc0 [ 13.164775] ? __pfx_kthread+0x10/0x10 [ 13.164796] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.164817] ? calculate_sigpending+0x7b/0xa0 [ 13.164841] ? __pfx_kthread+0x10/0x10 [ 13.164862] ret_from_fork+0x116/0x1d0 [ 13.164881] ? __pfx_kthread+0x10/0x10 [ 13.164901] ret_from_fork_asm+0x1a/0x30 [ 13.165015] </TASK> [ 13.165029] [ 13.175913] Allocated by task 213: [ 13.176460] kasan_save_stack+0x45/0x70 [ 13.176707] kasan_save_track+0x18/0x40 [ 13.177109] kasan_save_alloc_info+0x3b/0x50 [ 13.177306] __kasan_kmalloc+0xb7/0xc0 [ 13.177801] __kmalloc_cache_noprof+0x189/0x420 [ 13.178134] ksize_uaf+0xaa/0x6c0 [ 13.178275] kunit_try_run_case+0x1a5/0x480 [ 13.178513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.178900] kthread+0x337/0x6f0 [ 13.179424] ret_from_fork+0x116/0x1d0 [ 13.179603] ret_from_fork_asm+0x1a/0x30 [ 13.179755] [ 13.180043] Freed by task 213: [ 13.180298] kasan_save_stack+0x45/0x70 [ 13.180451] kasan_save_track+0x18/0x40 [ 13.180649] kasan_save_free_info+0x3f/0x60 [ 13.180871] __kasan_slab_free+0x56/0x70 [ 13.181530] kfree+0x222/0x3f0 [ 13.181704] ksize_uaf+0x12c/0x6c0 [ 13.181842] kunit_try_run_case+0x1a5/0x480 [ 13.182135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.182641] kthread+0x337/0x6f0 [ 13.182832] ret_from_fork+0x116/0x1d0 [ 13.183049] ret_from_fork_asm+0x1a/0x30 [ 13.183632] [ 13.183708] The buggy address belongs to the object at ffff888102a9ed00 [ 13.183708] which belongs to the cache kmalloc-128 of size 128 [ 13.184303] The buggy address is located 0 bytes inside of [ 13.184303] freed 128-byte region [ffff888102a9ed00, ffff888102a9ed80) [ 13.186696] [ 13.186795] The buggy address belongs to the physical page: [ 13.186979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a9e [ 13.187216] flags: 0x200000000000000(node=0|zone=2) [ 13.187378] page_type: f5(slab) [ 13.187536] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.187842] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.189705] page dumped because: kasan: bad access detected [ 13.190235] [ 13.190314] Memory state around the buggy address: [ 13.190475] ffff888102a9ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.190696] ffff888102a9ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.190918] >ffff888102a9ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.191168] ^ [ 13.191285] ffff888102a9ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.191498] ffff888102a9ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.191708] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 13.076266] ================================================================== [ 13.076622] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.077014] Read of size 1 at addr ffff8881026ad178 by task kunit_try_catch/211 [ 13.077847] [ 13.078286] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.078335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.078346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.078366] Call Trace: [ 13.078384] <TASK> [ 13.078401] dump_stack_lvl+0x73/0xb0 [ 13.078433] print_report+0xd1/0x650 [ 13.078455] ? __virt_addr_valid+0x1db/0x2d0 [ 13.078477] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.078500] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.078523] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.078546] kasan_report+0x141/0x180 [ 13.078567] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.078594] __asan_report_load1_noabort+0x18/0x20 [ 13.078618] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.078642] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.078665] ? finish_task_switch.isra.0+0x153/0x700 [ 13.078687] ? __switch_to+0x47/0xf50 [ 13.078717] ? __schedule+0x10cc/0x2b60 [ 13.078739] ? __pfx_read_tsc+0x10/0x10 [ 13.078760] ? ktime_get_ts64+0x86/0x230 [ 13.078783] kunit_try_run_case+0x1a5/0x480 [ 13.078807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.078829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.078853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.078876] ? __kthread_parkme+0x82/0x180 [ 13.078897] ? preempt_count_sub+0x50/0x80 [ 13.078919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.079017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.079042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.079069] kthread+0x337/0x6f0 [ 13.079088] ? trace_preempt_on+0x20/0xc0 [ 13.079112] ? __pfx_kthread+0x10/0x10 [ 13.079132] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.079154] ? calculate_sigpending+0x7b/0xa0 [ 13.079177] ? __pfx_kthread+0x10/0x10 [ 13.079198] ret_from_fork+0x116/0x1d0 [ 13.079216] ? __pfx_kthread+0x10/0x10 [ 13.079236] ret_from_fork_asm+0x1a/0x30 [ 13.079285] </TASK> [ 13.079295] [ 13.089786] Allocated by task 211: [ 13.089982] kasan_save_stack+0x45/0x70 [ 13.090147] kasan_save_track+0x18/0x40 [ 13.090343] kasan_save_alloc_info+0x3b/0x50 [ 13.090546] __kasan_kmalloc+0xb7/0xc0 [ 13.090746] __kmalloc_cache_noprof+0x189/0x420 [ 13.091646] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.091845] kunit_try_run_case+0x1a5/0x480 [ 13.092108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.092553] kthread+0x337/0x6f0 [ 13.092718] ret_from_fork+0x116/0x1d0 [ 13.093294] ret_from_fork_asm+0x1a/0x30 [ 13.093469] [ 13.093548] The buggy address belongs to the object at ffff8881026ad100 [ 13.093548] which belongs to the cache kmalloc-128 of size 128 [ 13.094441] The buggy address is located 5 bytes to the right of [ 13.094441] allocated 115-byte region [ffff8881026ad100, ffff8881026ad173) [ 13.095133] [ 13.095236] The buggy address belongs to the physical page: [ 13.095677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ad [ 13.096115] flags: 0x200000000000000(node=0|zone=2) [ 13.096340] page_type: f5(slab) [ 13.096481] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.096824] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.097156] page dumped because: kasan: bad access detected [ 13.097388] [ 13.097470] Memory state around the buggy address: [ 13.097676] ffff8881026ad000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.098428] ffff8881026ad080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.098690] >ffff8881026ad100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.099360] ^ [ 13.099673] ffff8881026ad180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.100232] ffff8881026ad200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.100654] ================================================================== [ 13.101532] ================================================================== [ 13.101845] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.102404] Read of size 1 at addr ffff8881026ad17f by task kunit_try_catch/211 [ 13.102733] [ 13.103127] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.103178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.103190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.103211] Call Trace: [ 13.103224] <TASK> [ 13.103242] dump_stack_lvl+0x73/0xb0 [ 13.103275] print_report+0xd1/0x650 [ 13.103320] ? __virt_addr_valid+0x1db/0x2d0 [ 13.103343] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.103366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.103389] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.103412] kasan_report+0x141/0x180 [ 13.103433] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.103460] __asan_report_load1_noabort+0x18/0x20 [ 13.103485] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.103508] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.103531] ? finish_task_switch.isra.0+0x153/0x700 [ 13.103554] ? __switch_to+0x47/0xf50 [ 13.103579] ? __schedule+0x10cc/0x2b60 [ 13.103601] ? __pfx_read_tsc+0x10/0x10 [ 13.103622] ? ktime_get_ts64+0x86/0x230 [ 13.103645] kunit_try_run_case+0x1a5/0x480 [ 13.103669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.103691] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.103715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.103738] ? __kthread_parkme+0x82/0x180 [ 13.103759] ? preempt_count_sub+0x50/0x80 [ 13.103782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.103805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.103829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.103854] kthread+0x337/0x6f0 [ 13.103872] ? trace_preempt_on+0x20/0xc0 [ 13.103895] ? __pfx_kthread+0x10/0x10 [ 13.103915] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.104013] ? calculate_sigpending+0x7b/0xa0 [ 13.104040] ? __pfx_kthread+0x10/0x10 [ 13.104061] ret_from_fork+0x116/0x1d0 [ 13.104079] ? __pfx_kthread+0x10/0x10 [ 13.104099] ret_from_fork_asm+0x1a/0x30 [ 13.104129] </TASK> [ 13.104140] [ 13.114351] Allocated by task 211: [ 13.114550] kasan_save_stack+0x45/0x70 [ 13.114759] kasan_save_track+0x18/0x40 [ 13.115418] kasan_save_alloc_info+0x3b/0x50 [ 13.115624] __kasan_kmalloc+0xb7/0xc0 [ 13.115765] __kmalloc_cache_noprof+0x189/0x420 [ 13.116210] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.116518] kunit_try_run_case+0x1a5/0x480 [ 13.116732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.117177] kthread+0x337/0x6f0 [ 13.117453] ret_from_fork+0x116/0x1d0 [ 13.117604] ret_from_fork_asm+0x1a/0x30 [ 13.117917] [ 13.118173] The buggy address belongs to the object at ffff8881026ad100 [ 13.118173] which belongs to the cache kmalloc-128 of size 128 [ 13.118759] The buggy address is located 12 bytes to the right of [ 13.118759] allocated 115-byte region [ffff8881026ad100, ffff8881026ad173) [ 13.119833] [ 13.120011] The buggy address belongs to the physical page: [ 13.120384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ad [ 13.120686] flags: 0x200000000000000(node=0|zone=2) [ 13.120916] page_type: f5(slab) [ 13.121348] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.121642] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.122168] page dumped because: kasan: bad access detected [ 13.122439] [ 13.122520] Memory state around the buggy address: [ 13.122740] ffff8881026ad000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.123050] ffff8881026ad080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.123348] >ffff8881026ad100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.123640] ^ [ 13.124399] ffff8881026ad180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.124683] ffff8881026ad200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.125426] ================================================================== [ 13.049719] ================================================================== [ 13.050204] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.050530] Read of size 1 at addr ffff8881026ad173 by task kunit_try_catch/211 [ 13.050831] [ 13.051270] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.051325] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.051337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.051360] Call Trace: [ 13.051373] <TASK> [ 13.051497] dump_stack_lvl+0x73/0xb0 [ 13.051532] print_report+0xd1/0x650 [ 13.051555] ? __virt_addr_valid+0x1db/0x2d0 [ 13.051580] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.051603] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.051626] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.051649] kasan_report+0x141/0x180 [ 13.051670] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.051698] __asan_report_load1_noabort+0x18/0x20 [ 13.051722] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.051745] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.051768] ? finish_task_switch.isra.0+0x153/0x700 [ 13.051793] ? __switch_to+0x47/0xf50 [ 13.051819] ? __schedule+0x10cc/0x2b60 [ 13.051841] ? __pfx_read_tsc+0x10/0x10 [ 13.051863] ? ktime_get_ts64+0x86/0x230 [ 13.051888] kunit_try_run_case+0x1a5/0x480 [ 13.051915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.051967] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.051993] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.052016] ? __kthread_parkme+0x82/0x180 [ 13.052037] ? preempt_count_sub+0x50/0x80 [ 13.052059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.052083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.052107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.052132] kthread+0x337/0x6f0 [ 13.052150] ? trace_preempt_on+0x20/0xc0 [ 13.052174] ? __pfx_kthread+0x10/0x10 [ 13.052193] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.052215] ? calculate_sigpending+0x7b/0xa0 [ 13.052239] ? __pfx_kthread+0x10/0x10 [ 13.052275] ret_from_fork+0x116/0x1d0 [ 13.052292] ? __pfx_kthread+0x10/0x10 [ 13.052312] ret_from_fork_asm+0x1a/0x30 [ 13.052343] </TASK> [ 13.052354] [ 13.062385] Allocated by task 211: [ 13.062591] kasan_save_stack+0x45/0x70 [ 13.062760] kasan_save_track+0x18/0x40 [ 13.063594] kasan_save_alloc_info+0x3b/0x50 [ 13.063783] __kasan_kmalloc+0xb7/0xc0 [ 13.064198] __kmalloc_cache_noprof+0x189/0x420 [ 13.064541] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.064723] kunit_try_run_case+0x1a5/0x480 [ 13.065134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.065486] kthread+0x337/0x6f0 [ 13.065671] ret_from_fork+0x116/0x1d0 [ 13.066217] ret_from_fork_asm+0x1a/0x30 [ 13.066398] [ 13.066594] The buggy address belongs to the object at ffff8881026ad100 [ 13.066594] which belongs to the cache kmalloc-128 of size 128 [ 13.067287] The buggy address is located 0 bytes to the right of [ 13.067287] allocated 115-byte region [ffff8881026ad100, ffff8881026ad173) [ 13.068127] [ 13.068214] The buggy address belongs to the physical page: [ 13.068593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ad [ 13.069091] flags: 0x200000000000000(node=0|zone=2) [ 13.069315] page_type: f5(slab) [ 13.069482] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.069791] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.070109] page dumped because: kasan: bad access detected [ 13.070343] [ 13.070412] Memory state around the buggy address: [ 13.070618] ffff8881026ad000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.071429] ffff8881026ad080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.071722] >ffff8881026ad100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.072423] ^ [ 13.072665] ffff8881026ad180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.073201] ffff8881026ad200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.073623] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 13.017398] ================================================================== [ 13.017739] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 13.018423] Free of addr ffff888101e0ed00 by task kunit_try_catch/209 [ 13.018822] [ 13.018945] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.018989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.019000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.019076] Call Trace: [ 13.019092] <TASK> [ 13.019111] dump_stack_lvl+0x73/0xb0 [ 13.019144] print_report+0xd1/0x650 [ 13.019166] ? __virt_addr_valid+0x1db/0x2d0 [ 13.019189] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.019211] ? kfree_sensitive+0x2e/0x90 [ 13.019232] kasan_report_invalid_free+0x10a/0x130 [ 13.019382] ? kfree_sensitive+0x2e/0x90 [ 13.019407] ? kfree_sensitive+0x2e/0x90 [ 13.019426] check_slab_allocation+0x101/0x130 [ 13.019448] __kasan_slab_pre_free+0x28/0x40 [ 13.019469] kfree+0xf0/0x3f0 [ 13.019490] ? kfree_sensitive+0x2e/0x90 [ 13.019511] kfree_sensitive+0x2e/0x90 [ 13.019532] kmalloc_double_kzfree+0x19c/0x350 [ 13.019555] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.019578] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.019604] ? trace_hardirqs_on+0x37/0xe0 [ 13.019627] ? __pfx_read_tsc+0x10/0x10 [ 13.019648] ? ktime_get_ts64+0x86/0x230 [ 13.019672] kunit_try_run_case+0x1a5/0x480 [ 13.019696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.019720] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.019745] ? __kthread_parkme+0x82/0x180 [ 13.019765] ? preempt_count_sub+0x50/0x80 [ 13.019789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.019812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.019836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.019860] kthread+0x337/0x6f0 [ 13.019878] ? trace_preempt_on+0x20/0xc0 [ 13.019900] ? __pfx_kthread+0x10/0x10 [ 13.019920] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.020123] ? calculate_sigpending+0x7b/0xa0 [ 13.020152] ? __pfx_kthread+0x10/0x10 [ 13.020173] ret_from_fork+0x116/0x1d0 [ 13.020193] ? __pfx_kthread+0x10/0x10 [ 13.020213] ret_from_fork_asm+0x1a/0x30 [ 13.020243] </TASK> [ 13.020253] [ 13.031313] Allocated by task 209: [ 13.031641] kasan_save_stack+0x45/0x70 [ 13.031842] kasan_save_track+0x18/0x40 [ 13.032043] kasan_save_alloc_info+0x3b/0x50 [ 13.032529] __kasan_kmalloc+0xb7/0xc0 [ 13.032683] __kmalloc_cache_noprof+0x189/0x420 [ 13.033225] kmalloc_double_kzfree+0xa9/0x350 [ 13.033466] kunit_try_run_case+0x1a5/0x480 [ 13.033659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.033890] kthread+0x337/0x6f0 [ 13.034066] ret_from_fork+0x116/0x1d0 [ 13.034231] ret_from_fork_asm+0x1a/0x30 [ 13.034919] [ 13.035015] Freed by task 209: [ 13.035459] kasan_save_stack+0x45/0x70 [ 13.035708] kasan_save_track+0x18/0x40 [ 13.035914] kasan_save_free_info+0x3f/0x60 [ 13.036344] __kasan_slab_free+0x56/0x70 [ 13.036623] kfree+0x222/0x3f0 [ 13.036827] kfree_sensitive+0x67/0x90 [ 13.037043] kmalloc_double_kzfree+0x12b/0x350 [ 13.037236] kunit_try_run_case+0x1a5/0x480 [ 13.037749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.038157] kthread+0x337/0x6f0 [ 13.038291] ret_from_fork+0x116/0x1d0 [ 13.038648] ret_from_fork_asm+0x1a/0x30 [ 13.038833] [ 13.039065] The buggy address belongs to the object at ffff888101e0ed00 [ 13.039065] which belongs to the cache kmalloc-16 of size 16 [ 13.039792] The buggy address is located 0 bytes inside of [ 13.039792] 16-byte region [ffff888101e0ed00, ffff888101e0ed10) [ 13.040294] [ 13.040404] The buggy address belongs to the physical page: [ 13.040619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e0e [ 13.041349] flags: 0x200000000000000(node=0|zone=2) [ 13.041576] page_type: f5(slab) [ 13.041700] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.042282] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.042869] page dumped because: kasan: bad access detected [ 13.043266] [ 13.043458] Memory state around the buggy address: [ 13.043629] ffff888101e0ec00: 00 04 fc fc 00 04 fc fc 00 05 fc fc fa fb fc fc [ 13.044084] ffff888101e0ec80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.044510] >ffff888101e0ed00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.044806] ^ [ 13.045109] ffff888101e0ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.045555] ffff888101e0ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.045940] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.988264] ================================================================== [ 12.988833] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.989401] Read of size 1 at addr ffff888101e0ed00 by task kunit_try_catch/209 [ 12.989681] [ 12.989800] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.989847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.989858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.989879] Call Trace: [ 12.989891] <TASK> [ 12.989908] dump_stack_lvl+0x73/0xb0 [ 12.989954] print_report+0xd1/0x650 [ 12.989977] ? __virt_addr_valid+0x1db/0x2d0 [ 12.989999] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.990022] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.990316] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.990340] kasan_report+0x141/0x180 [ 12.990361] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.990387] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.990409] __kasan_check_byte+0x3d/0x50 [ 12.990431] kfree_sensitive+0x22/0x90 [ 12.990454] kmalloc_double_kzfree+0x19c/0x350 [ 12.990476] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.990499] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.990525] ? trace_hardirqs_on+0x37/0xe0 [ 12.990548] ? __pfx_read_tsc+0x10/0x10 [ 12.990569] ? ktime_get_ts64+0x86/0x230 [ 12.990594] kunit_try_run_case+0x1a5/0x480 [ 12.990619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.990643] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.990668] ? __kthread_parkme+0x82/0x180 [ 12.990689] ? preempt_count_sub+0x50/0x80 [ 12.990720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.990743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.990767] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.990792] kthread+0x337/0x6f0 [ 12.990810] ? trace_preempt_on+0x20/0xc0 [ 12.990831] ? __pfx_kthread+0x10/0x10 [ 12.990851] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.990872] ? calculate_sigpending+0x7b/0xa0 [ 12.990896] ? __pfx_kthread+0x10/0x10 [ 12.990916] ret_from_fork+0x116/0x1d0 [ 12.991007] ? __pfx_kthread+0x10/0x10 [ 12.991031] ret_from_fork_asm+0x1a/0x30 [ 12.991062] </TASK> [ 12.991073] [ 13.001672] Allocated by task 209: [ 13.001833] kasan_save_stack+0x45/0x70 [ 13.002364] kasan_save_track+0x18/0x40 [ 13.002558] kasan_save_alloc_info+0x3b/0x50 [ 13.002758] __kasan_kmalloc+0xb7/0xc0 [ 13.002923] __kmalloc_cache_noprof+0x189/0x420 [ 13.003454] kmalloc_double_kzfree+0xa9/0x350 [ 13.003626] kunit_try_run_case+0x1a5/0x480 [ 13.003837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.004466] kthread+0x337/0x6f0 [ 13.004670] ret_from_fork+0x116/0x1d0 [ 13.004820] ret_from_fork_asm+0x1a/0x30 [ 13.005134] [ 13.005238] Freed by task 209: [ 13.005575] kasan_save_stack+0x45/0x70 [ 13.005755] kasan_save_track+0x18/0x40 [ 13.005949] kasan_save_free_info+0x3f/0x60 [ 13.006514] __kasan_slab_free+0x56/0x70 [ 13.006695] kfree+0x222/0x3f0 [ 13.007108] kfree_sensitive+0x67/0x90 [ 13.007272] kmalloc_double_kzfree+0x12b/0x350 [ 13.007497] kunit_try_run_case+0x1a5/0x480 [ 13.007699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.007938] kthread+0x337/0x6f0 [ 13.008522] ret_from_fork+0x116/0x1d0 [ 13.008670] ret_from_fork_asm+0x1a/0x30 [ 13.009112] [ 13.009309] The buggy address belongs to the object at ffff888101e0ed00 [ 13.009309] which belongs to the cache kmalloc-16 of size 16 [ 13.009939] The buggy address is located 0 bytes inside of [ 13.009939] freed 16-byte region [ffff888101e0ed00, ffff888101e0ed10) [ 13.010718] [ 13.010802] The buggy address belongs to the physical page: [ 13.011323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e0e [ 13.011646] flags: 0x200000000000000(node=0|zone=2) [ 13.011863] page_type: f5(slab) [ 13.012367] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.012646] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.013310] page dumped because: kasan: bad access detected [ 13.013516] [ 13.013614] Memory state around the buggy address: [ 13.013844] ffff888101e0ec00: 00 04 fc fc 00 04 fc fc 00 05 fc fc fa fb fc fc [ 13.014477] ffff888101e0ec80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.014794] >ffff888101e0ed00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.015313] ^ [ 13.015481] ffff888101e0ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.015860] ffff888101e0ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.016527] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.950875] ================================================================== [ 12.951686] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.952211] Read of size 1 at addr ffff8881026b0028 by task kunit_try_catch/205 [ 12.952810] [ 12.953089] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.953140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.953152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.953174] Call Trace: [ 12.953186] <TASK> [ 12.953205] dump_stack_lvl+0x73/0xb0 [ 12.953239] print_report+0xd1/0x650 [ 12.953380] ? __virt_addr_valid+0x1db/0x2d0 [ 12.953412] ? kmalloc_uaf2+0x4a8/0x520 [ 12.953432] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.953455] ? kmalloc_uaf2+0x4a8/0x520 [ 12.953475] kasan_report+0x141/0x180 [ 12.953496] ? kmalloc_uaf2+0x4a8/0x520 [ 12.953556] __asan_report_load1_noabort+0x18/0x20 [ 12.953583] kmalloc_uaf2+0x4a8/0x520 [ 12.953604] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.953623] ? finish_task_switch.isra.0+0x153/0x700 [ 12.953647] ? __switch_to+0x47/0xf50 [ 12.953674] ? __schedule+0x10cc/0x2b60 [ 12.953696] ? __pfx_read_tsc+0x10/0x10 [ 12.953717] ? ktime_get_ts64+0x86/0x230 [ 12.953741] kunit_try_run_case+0x1a5/0x480 [ 12.953765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.953788] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.953812] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.953835] ? __kthread_parkme+0x82/0x180 [ 12.953856] ? preempt_count_sub+0x50/0x80 [ 12.953878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.953902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.953936] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.953963] kthread+0x337/0x6f0 [ 12.953981] ? trace_preempt_on+0x20/0xc0 [ 12.954004] ? __pfx_kthread+0x10/0x10 [ 12.954025] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.954046] ? calculate_sigpending+0x7b/0xa0 [ 12.954070] ? __pfx_kthread+0x10/0x10 [ 12.954090] ret_from_fork+0x116/0x1d0 [ 12.954108] ? __pfx_kthread+0x10/0x10 [ 12.954128] ret_from_fork_asm+0x1a/0x30 [ 12.954159] </TASK> [ 12.954169] [ 12.964401] Allocated by task 205: [ 12.964564] kasan_save_stack+0x45/0x70 [ 12.964742] kasan_save_track+0x18/0x40 [ 12.964903] kasan_save_alloc_info+0x3b/0x50 [ 12.965081] __kasan_kmalloc+0xb7/0xc0 [ 12.965267] __kmalloc_cache_noprof+0x189/0x420 [ 12.965531] kmalloc_uaf2+0xc6/0x520 [ 12.965712] kunit_try_run_case+0x1a5/0x480 [ 12.965945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.966388] kthread+0x337/0x6f0 [ 12.966583] ret_from_fork+0x116/0x1d0 [ 12.966856] ret_from_fork_asm+0x1a/0x30 [ 12.967061] [ 12.967129] Freed by task 205: [ 12.967233] kasan_save_stack+0x45/0x70 [ 12.967361] kasan_save_track+0x18/0x40 [ 12.967488] kasan_save_free_info+0x3f/0x60 [ 12.967835] __kasan_slab_free+0x56/0x70 [ 12.968175] kfree+0x222/0x3f0 [ 12.968468] kmalloc_uaf2+0x14c/0x520 [ 12.968873] kunit_try_run_case+0x1a5/0x480 [ 12.969273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.970006] kthread+0x337/0x6f0 [ 12.970185] ret_from_fork+0x116/0x1d0 [ 12.970825] ret_from_fork_asm+0x1a/0x30 [ 12.971188] [ 12.971457] The buggy address belongs to the object at ffff8881026b0000 [ 12.971457] which belongs to the cache kmalloc-64 of size 64 [ 12.972191] The buggy address is located 40 bytes inside of [ 12.972191] freed 64-byte region [ffff8881026b0000, ffff8881026b0040) [ 12.973028] [ 12.973132] The buggy address belongs to the physical page: [ 12.973523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026b0 [ 12.973988] flags: 0x200000000000000(node=0|zone=2) [ 12.974442] page_type: f5(slab) [ 12.974641] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.975203] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.975629] page dumped because: kasan: bad access detected [ 12.975904] [ 12.976303] Memory state around the buggy address: [ 12.976529] ffff8881026aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.976815] ffff8881026aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.977470] >ffff8881026b0000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.977767] ^ [ 12.977983] ffff8881026b0080: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.978646] ffff8881026b0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.979115] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.913225] ================================================================== [ 12.913685] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.914053] Write of size 33 at addr ffff888102aaa580 by task kunit_try_catch/203 [ 12.914626] [ 12.914763] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.914814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.914826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.914848] Call Trace: [ 12.914862] <TASK> [ 12.914883] dump_stack_lvl+0x73/0xb0 [ 12.914920] print_report+0xd1/0x650 [ 12.914958] ? __virt_addr_valid+0x1db/0x2d0 [ 12.914983] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.915005] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.915028] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.915049] kasan_report+0x141/0x180 [ 12.915072] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.915098] kasan_check_range+0x10c/0x1c0 [ 12.915122] __asan_memset+0x27/0x50 [ 12.915141] kmalloc_uaf_memset+0x1a3/0x360 [ 12.915162] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.915184] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.915210] ? trace_hardirqs_on+0x37/0xe0 [ 12.915235] ? __pfx_read_tsc+0x10/0x10 [ 12.915257] ? ktime_get_ts64+0x86/0x230 [ 12.915283] kunit_try_run_case+0x1a5/0x480 [ 12.915311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.915336] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.915576] ? __kthread_parkme+0x82/0x180 [ 12.915602] ? preempt_count_sub+0x50/0x80 [ 12.915628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.915653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.915677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.915702] kthread+0x337/0x6f0 [ 12.915721] ? trace_preempt_on+0x20/0xc0 [ 12.915743] ? __pfx_kthread+0x10/0x10 [ 12.915764] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.915786] ? calculate_sigpending+0x7b/0xa0 [ 12.915811] ? __pfx_kthread+0x10/0x10 [ 12.915832] ret_from_fork+0x116/0x1d0 [ 12.915851] ? __pfx_kthread+0x10/0x10 [ 12.915872] ret_from_fork_asm+0x1a/0x30 [ 12.915903] </TASK> [ 12.915915] [ 12.925408] Allocated by task 203: [ 12.925554] kasan_save_stack+0x45/0x70 [ 12.925705] kasan_save_track+0x18/0x40 [ 12.927897] kasan_save_alloc_info+0x3b/0x50 [ 12.928486] __kasan_kmalloc+0xb7/0xc0 [ 12.928691] __kmalloc_cache_noprof+0x189/0x420 [ 12.928961] kmalloc_uaf_memset+0xa9/0x360 [ 12.929178] kunit_try_run_case+0x1a5/0x480 [ 12.929386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.929639] kthread+0x337/0x6f0 [ 12.929809] ret_from_fork+0x116/0x1d0 [ 12.930549] ret_from_fork_asm+0x1a/0x30 [ 12.930841] [ 12.931743] Freed by task 203: [ 12.932600] kasan_save_stack+0x45/0x70 [ 12.933145] kasan_save_track+0x18/0x40 [ 12.933531] kasan_save_free_info+0x3f/0x60 [ 12.934234] __kasan_slab_free+0x56/0x70 [ 12.934751] kfree+0x222/0x3f0 [ 12.935589] kmalloc_uaf_memset+0x12b/0x360 [ 12.936237] kunit_try_run_case+0x1a5/0x480 [ 12.936468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.936709] kthread+0x337/0x6f0 [ 12.936867] ret_from_fork+0x116/0x1d0 [ 12.937702] ret_from_fork_asm+0x1a/0x30 [ 12.938180] [ 12.938555] The buggy address belongs to the object at ffff888102aaa580 [ 12.938555] which belongs to the cache kmalloc-64 of size 64 [ 12.939483] The buggy address is located 0 bytes inside of [ 12.939483] freed 64-byte region [ffff888102aaa580, ffff888102aaa5c0) [ 12.940848] [ 12.941043] The buggy address belongs to the physical page: [ 12.941443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aaa [ 12.941786] flags: 0x200000000000000(node=0|zone=2) [ 12.942082] page_type: f5(slab) [ 12.942251] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.942569] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.942881] page dumped because: kasan: bad access detected [ 12.943992] [ 12.944079] Memory state around the buggy address: [ 12.944274] ffff888102aaa480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.945079] ffff888102aaa500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.945752] >ffff888102aaa580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.946489] ^ [ 12.946662] ffff888102aaa600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.947391] ffff888102aaa680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.947606] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.875514] ================================================================== [ 12.876328] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.876774] Read of size 1 at addr ffff8881025742e8 by task kunit_try_catch/201 [ 12.877369] [ 12.877741] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.877796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.877808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.877831] Call Trace: [ 12.877846] <TASK> [ 12.877907] dump_stack_lvl+0x73/0xb0 [ 12.877976] print_report+0xd1/0x650 [ 12.878000] ? __virt_addr_valid+0x1db/0x2d0 [ 12.878025] ? kmalloc_uaf+0x320/0x380 [ 12.878044] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.878067] ? kmalloc_uaf+0x320/0x380 [ 12.878086] kasan_report+0x141/0x180 [ 12.878108] ? kmalloc_uaf+0x320/0x380 [ 12.878132] __asan_report_load1_noabort+0x18/0x20 [ 12.878157] kmalloc_uaf+0x320/0x380 [ 12.878176] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.878196] ? __schedule+0x10cc/0x2b60 [ 12.878218] ? __pfx_read_tsc+0x10/0x10 [ 12.878240] ? ktime_get_ts64+0x86/0x230 [ 12.878266] kunit_try_run_case+0x1a5/0x480 [ 12.878293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.878315] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.878339] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.878362] ? __kthread_parkme+0x82/0x180 [ 12.878383] ? preempt_count_sub+0x50/0x80 [ 12.878408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.878431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.878455] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.878479] kthread+0x337/0x6f0 [ 12.878498] ? trace_preempt_on+0x20/0xc0 [ 12.878521] ? __pfx_kthread+0x10/0x10 [ 12.878541] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.878563] ? calculate_sigpending+0x7b/0xa0 [ 12.878587] ? __pfx_kthread+0x10/0x10 [ 12.878607] ret_from_fork+0x116/0x1d0 [ 12.878625] ? __pfx_kthread+0x10/0x10 [ 12.878645] ret_from_fork_asm+0x1a/0x30 [ 12.878676] </TASK> [ 12.878687] [ 12.890489] Allocated by task 201: [ 12.890674] kasan_save_stack+0x45/0x70 [ 12.890869] kasan_save_track+0x18/0x40 [ 12.891410] kasan_save_alloc_info+0x3b/0x50 [ 12.891749] __kasan_kmalloc+0xb7/0xc0 [ 12.892160] __kmalloc_cache_noprof+0x189/0x420 [ 12.892545] kmalloc_uaf+0xaa/0x380 [ 12.892730] kunit_try_run_case+0x1a5/0x480 [ 12.892937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.893428] kthread+0x337/0x6f0 [ 12.893589] ret_from_fork+0x116/0x1d0 [ 12.893759] ret_from_fork_asm+0x1a/0x30 [ 12.894233] [ 12.894357] Freed by task 201: [ 12.894639] kasan_save_stack+0x45/0x70 [ 12.895447] kasan_save_track+0x18/0x40 [ 12.895654] kasan_save_free_info+0x3f/0x60 [ 12.895849] __kasan_slab_free+0x56/0x70 [ 12.896373] kfree+0x222/0x3f0 [ 12.896656] kmalloc_uaf+0x12c/0x380 [ 12.897041] kunit_try_run_case+0x1a5/0x480 [ 12.897241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.897473] kthread+0x337/0x6f0 [ 12.897633] ret_from_fork+0x116/0x1d0 [ 12.897814] ret_from_fork_asm+0x1a/0x30 [ 12.898486] [ 12.898586] The buggy address belongs to the object at ffff8881025742e0 [ 12.898586] which belongs to the cache kmalloc-16 of size 16 [ 12.899757] The buggy address is located 8 bytes inside of [ 12.899757] freed 16-byte region [ffff8881025742e0, ffff8881025742f0) [ 12.900806] [ 12.900905] The buggy address belongs to the physical page: [ 12.901669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102574 [ 12.902346] flags: 0x200000000000000(node=0|zone=2) [ 12.902585] page_type: f5(slab) [ 12.902755] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.903492] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.904066] page dumped because: kasan: bad access detected [ 12.904455] [ 12.904557] Memory state around the buggy address: [ 12.904771] ffff888102574180: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 12.905699] ffff888102574200: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.906255] >ffff888102574280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.906556] ^ [ 12.906834] ffff888102574300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.907636] ffff888102574380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.908182] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.843538] ================================================================== [ 12.844329] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.844705] Read of size 64 at addr ffff888102aaa404 by task kunit_try_catch/199 [ 12.845031] [ 12.845137] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.845183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.845195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.845216] Call Trace: [ 12.845230] <TASK> [ 12.845251] dump_stack_lvl+0x73/0xb0 [ 12.845284] print_report+0xd1/0x650 [ 12.845307] ? __virt_addr_valid+0x1db/0x2d0 [ 12.845331] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.845355] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.845378] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.845402] kasan_report+0x141/0x180 [ 12.845424] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.845453] kasan_check_range+0x10c/0x1c0 [ 12.845475] __asan_memmove+0x27/0x70 [ 12.845494] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.845519] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.845545] ? __schedule+0x10cc/0x2b60 [ 12.845567] ? __pfx_read_tsc+0x10/0x10 [ 12.845588] ? ktime_get_ts64+0x86/0x230 [ 12.845614] kunit_try_run_case+0x1a5/0x480 [ 12.845640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.845662] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.845686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.845709] ? __kthread_parkme+0x82/0x180 [ 12.845730] ? preempt_count_sub+0x50/0x80 [ 12.845755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.845779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.845803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.845827] kthread+0x337/0x6f0 [ 12.845845] ? trace_preempt_on+0x20/0xc0 [ 12.845869] ? __pfx_kthread+0x10/0x10 [ 12.845889] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.845909] ? calculate_sigpending+0x7b/0xa0 [ 12.845973] ? __pfx_kthread+0x10/0x10 [ 12.845994] ret_from_fork+0x116/0x1d0 [ 12.846013] ? __pfx_kthread+0x10/0x10 [ 12.846045] ret_from_fork_asm+0x1a/0x30 [ 12.846077] </TASK> [ 12.846087] [ 12.857518] Allocated by task 199: [ 12.857693] kasan_save_stack+0x45/0x70 [ 12.857894] kasan_save_track+0x18/0x40 [ 12.858760] kasan_save_alloc_info+0x3b/0x50 [ 12.859118] __kasan_kmalloc+0xb7/0xc0 [ 12.859499] __kmalloc_cache_noprof+0x189/0x420 [ 12.859715] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.860194] kunit_try_run_case+0x1a5/0x480 [ 12.860501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.860906] kthread+0x337/0x6f0 [ 12.861255] ret_from_fork+0x116/0x1d0 [ 12.861609] ret_from_fork_asm+0x1a/0x30 [ 12.861922] [ 12.862374] The buggy address belongs to the object at ffff888102aaa400 [ 12.862374] which belongs to the cache kmalloc-64 of size 64 [ 12.863469] The buggy address is located 4 bytes inside of [ 12.863469] allocated 64-byte region [ffff888102aaa400, ffff888102aaa440) [ 12.863970] [ 12.864376] The buggy address belongs to the physical page: [ 12.864803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aaa [ 12.865302] flags: 0x200000000000000(node=0|zone=2) [ 12.865531] page_type: f5(slab) [ 12.865681] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.865911] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.866148] page dumped because: kasan: bad access detected [ 12.866902] [ 12.867132] Memory state around the buggy address: [ 12.867679] ffff888102aaa300: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 12.868239] ffff888102aaa380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.868723] >ffff888102aaa400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.869287] ^ [ 12.869531] ffff888102aaa480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.869831] ffff888102aaa500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.870521] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.808360] ================================================================== [ 12.808941] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.809574] Read of size 18446744073709551614 at addr ffff8881026a6d84 by task kunit_try_catch/197 [ 12.810161] [ 12.810288] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.810334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.810346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.810367] Call Trace: [ 12.810380] <TASK> [ 12.810400] dump_stack_lvl+0x73/0xb0 [ 12.810434] print_report+0xd1/0x650 [ 12.810458] ? __virt_addr_valid+0x1db/0x2d0 [ 12.810481] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.810508] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.810531] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.810578] kasan_report+0x141/0x180 [ 12.810600] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.810630] kasan_check_range+0x10c/0x1c0 [ 12.810653] __asan_memmove+0x27/0x70 [ 12.810673] kmalloc_memmove_negative_size+0x171/0x330 [ 12.810696] ? __kasan_check_write+0x18/0x20 [ 12.810723] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.810749] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.810776] ? trace_hardirqs_on+0x37/0xe0 [ 12.810800] ? __pfx_read_tsc+0x10/0x10 [ 12.810821] ? ktime_get_ts64+0x86/0x230 [ 12.810846] kunit_try_run_case+0x1a5/0x480 [ 12.810872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.810896] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.810922] ? __kthread_parkme+0x82/0x180 [ 12.811092] ? preempt_count_sub+0x50/0x80 [ 12.811120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.811145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.811170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.811195] kthread+0x337/0x6f0 [ 12.811214] ? trace_preempt_on+0x20/0xc0 [ 12.811236] ? __pfx_kthread+0x10/0x10 [ 12.811466] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.811492] ? calculate_sigpending+0x7b/0xa0 [ 12.811516] ? __pfx_kthread+0x10/0x10 [ 12.811537] ret_from_fork+0x116/0x1d0 [ 12.811555] ? __pfx_kthread+0x10/0x10 [ 12.811575] ret_from_fork_asm+0x1a/0x30 [ 12.811606] </TASK> [ 12.811617] [ 12.824872] Allocated by task 197: [ 12.825332] kasan_save_stack+0x45/0x70 [ 12.825796] kasan_save_track+0x18/0x40 [ 12.826226] kasan_save_alloc_info+0x3b/0x50 [ 12.826850] __kasan_kmalloc+0xb7/0xc0 [ 12.827332] __kmalloc_cache_noprof+0x189/0x420 [ 12.827561] kmalloc_memmove_negative_size+0xac/0x330 [ 12.827782] kunit_try_run_case+0x1a5/0x480 [ 12.828223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.829000] kthread+0x337/0x6f0 [ 12.829427] ret_from_fork+0x116/0x1d0 [ 12.829753] ret_from_fork_asm+0x1a/0x30 [ 12.830212] [ 12.830333] The buggy address belongs to the object at ffff8881026a6d80 [ 12.830333] which belongs to the cache kmalloc-64 of size 64 [ 12.830824] The buggy address is located 4 bytes inside of [ 12.830824] 64-byte region [ffff8881026a6d80, ffff8881026a6dc0) [ 12.831588] [ 12.831688] The buggy address belongs to the physical page: [ 12.831919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026a6 [ 12.832248] flags: 0x200000000000000(node=0|zone=2) [ 12.833263] page_type: f5(slab) [ 12.833631] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.834504] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.834822] page dumped because: kasan: bad access detected [ 12.835493] [ 12.835818] Memory state around the buggy address: [ 12.836485] ffff8881026a6c80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 12.836888] ffff8881026a6d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.837759] >ffff8881026a6d80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.838425] ^ [ 12.838803] ffff8881026a6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.839403] ffff8881026a6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.839698] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.773257] ================================================================== [ 12.773661] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.773904] Write of size 16 at addr ffff8881026ad069 by task kunit_try_catch/195 [ 12.774137] [ 12.774227] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.774272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.774283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.774303] Call Trace: [ 12.774314] <TASK> [ 12.774332] dump_stack_lvl+0x73/0xb0 [ 12.774360] print_report+0xd1/0x650 [ 12.774382] ? __virt_addr_valid+0x1db/0x2d0 [ 12.774404] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.774424] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.774447] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.774467] kasan_report+0x141/0x180 [ 12.774488] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.774513] kasan_check_range+0x10c/0x1c0 [ 12.774535] __asan_memset+0x27/0x50 [ 12.774553] kmalloc_oob_memset_16+0x166/0x330 [ 12.774574] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.774596] ? __schedule+0x10cc/0x2b60 [ 12.774617] ? __pfx_read_tsc+0x10/0x10 [ 12.774637] ? ktime_get_ts64+0x86/0x230 [ 12.774660] kunit_try_run_case+0x1a5/0x480 [ 12.774683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.774710] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.774734] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.774755] ? __kthread_parkme+0x82/0x180 [ 12.774775] ? preempt_count_sub+0x50/0x80 [ 12.774798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.774820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.774843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.774865] kthread+0x337/0x6f0 [ 12.774883] ? trace_preempt_on+0x20/0xc0 [ 12.774905] ? __pfx_kthread+0x10/0x10 [ 12.775337] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.775375] ? calculate_sigpending+0x7b/0xa0 [ 12.775402] ? __pfx_kthread+0x10/0x10 [ 12.775425] ret_from_fork+0x116/0x1d0 [ 12.775650] ? __pfx_kthread+0x10/0x10 [ 12.775698] ret_from_fork_asm+0x1a/0x30 [ 12.775730] </TASK> [ 12.775742] [ 12.790361] Allocated by task 195: [ 12.790557] kasan_save_stack+0x45/0x70 [ 12.790860] kasan_save_track+0x18/0x40 [ 12.791322] kasan_save_alloc_info+0x3b/0x50 [ 12.791683] __kasan_kmalloc+0xb7/0xc0 [ 12.791976] __kmalloc_cache_noprof+0x189/0x420 [ 12.792208] kmalloc_oob_memset_16+0xac/0x330 [ 12.792657] kunit_try_run_case+0x1a5/0x480 [ 12.793163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.793535] kthread+0x337/0x6f0 [ 12.793942] ret_from_fork+0x116/0x1d0 [ 12.794213] ret_from_fork_asm+0x1a/0x30 [ 12.794637] [ 12.794875] The buggy address belongs to the object at ffff8881026ad000 [ 12.794875] which belongs to the cache kmalloc-128 of size 128 [ 12.795646] The buggy address is located 105 bytes inside of [ 12.795646] allocated 120-byte region [ffff8881026ad000, ffff8881026ad078) [ 12.796494] [ 12.796594] The buggy address belongs to the physical page: [ 12.796804] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ad [ 12.797563] flags: 0x200000000000000(node=0|zone=2) [ 12.798028] page_type: f5(slab) [ 12.798200] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.798745] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.799287] page dumped because: kasan: bad access detected [ 12.799646] [ 12.799866] Memory state around the buggy address: [ 12.800290] ffff8881026acf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.800921] ffff8881026acf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.801532] >ffff8881026ad000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.801960] ^ [ 12.802281] ffff8881026ad080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.802897] ffff8881026ad100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.803496] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.742355] ================================================================== [ 12.742774] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.743039] Write of size 8 at addr ffff888102a9ec71 by task kunit_try_catch/193 [ 12.743282] [ 12.743376] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.743461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.743502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.743523] Call Trace: [ 12.743535] <TASK> [ 12.743554] dump_stack_lvl+0x73/0xb0 [ 12.743723] print_report+0xd1/0x650 [ 12.744037] ? __virt_addr_valid+0x1db/0x2d0 [ 12.744067] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.744271] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.744298] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.744321] kasan_report+0x141/0x180 [ 12.744344] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.744370] kasan_check_range+0x10c/0x1c0 [ 12.744394] __asan_memset+0x27/0x50 [ 12.744413] kmalloc_oob_memset_8+0x166/0x330 [ 12.744435] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.744458] ? __schedule+0x10cc/0x2b60 [ 12.744481] ? __pfx_read_tsc+0x10/0x10 [ 12.744504] ? ktime_get_ts64+0x86/0x230 [ 12.744530] kunit_try_run_case+0x1a5/0x480 [ 12.744556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.744578] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.744603] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.744627] ? __kthread_parkme+0x82/0x180 [ 12.744648] ? preempt_count_sub+0x50/0x80 [ 12.744673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.744696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.744720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.744745] kthread+0x337/0x6f0 [ 12.744763] ? trace_preempt_on+0x20/0xc0 [ 12.744787] ? __pfx_kthread+0x10/0x10 [ 12.744806] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.744827] ? calculate_sigpending+0x7b/0xa0 [ 12.744851] ? __pfx_kthread+0x10/0x10 [ 12.744872] ret_from_fork+0x116/0x1d0 [ 12.744889] ? __pfx_kthread+0x10/0x10 [ 12.744910] ret_from_fork_asm+0x1a/0x30 [ 12.744966] </TASK> [ 12.744977] [ 12.756763] Allocated by task 193: [ 12.757233] kasan_save_stack+0x45/0x70 [ 12.757434] kasan_save_track+0x18/0x40 [ 12.757568] kasan_save_alloc_info+0x3b/0x50 [ 12.757790] __kasan_kmalloc+0xb7/0xc0 [ 12.758399] __kmalloc_cache_noprof+0x189/0x420 [ 12.758634] kmalloc_oob_memset_8+0xac/0x330 [ 12.758942] kunit_try_run_case+0x1a5/0x480 [ 12.759315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.759662] kthread+0x337/0x6f0 [ 12.759921] ret_from_fork+0x116/0x1d0 [ 12.760365] ret_from_fork_asm+0x1a/0x30 [ 12.760609] [ 12.760684] The buggy address belongs to the object at ffff888102a9ec00 [ 12.760684] which belongs to the cache kmalloc-128 of size 128 [ 12.761577] The buggy address is located 113 bytes inside of [ 12.761577] allocated 120-byte region [ffff888102a9ec00, ffff888102a9ec78) [ 12.762419] [ 12.762615] The buggy address belongs to the physical page: [ 12.763028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a9e [ 12.763586] flags: 0x200000000000000(node=0|zone=2) [ 12.763935] page_type: f5(slab) [ 12.764281] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.764709] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.765253] page dumped because: kasan: bad access detected [ 12.765580] [ 12.765680] Memory state around the buggy address: [ 12.766140] ffff888102a9eb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.766612] ffff888102a9eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.767171] >ffff888102a9ec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.767519] ^ [ 12.767911] ffff888102a9ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.768509] ffff888102a9ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.768911] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.708691] ================================================================== [ 12.709701] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.710204] Write of size 4 at addr ffff88810269af75 by task kunit_try_catch/191 [ 12.710430] [ 12.710520] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.710566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.710577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.710599] Call Trace: [ 12.710611] <TASK> [ 12.710629] dump_stack_lvl+0x73/0xb0 [ 12.710661] print_report+0xd1/0x650 [ 12.710684] ? __virt_addr_valid+0x1db/0x2d0 [ 12.710713] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.710734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.710757] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.710779] kasan_report+0x141/0x180 [ 12.710801] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.710828] kasan_check_range+0x10c/0x1c0 [ 12.710851] __asan_memset+0x27/0x50 [ 12.710870] kmalloc_oob_memset_4+0x166/0x330 [ 12.710893] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.710915] ? __schedule+0x10cc/0x2b60 [ 12.710948] ? __pfx_read_tsc+0x10/0x10 [ 12.710969] ? ktime_get_ts64+0x86/0x230 [ 12.710994] kunit_try_run_case+0x1a5/0x480 [ 12.711020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.711042] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.711066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.711090] ? __kthread_parkme+0x82/0x180 [ 12.711111] ? preempt_count_sub+0x50/0x80 [ 12.711255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.711287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.711313] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.711338] kthread+0x337/0x6f0 [ 12.711357] ? trace_preempt_on+0x20/0xc0 [ 12.711396] ? __pfx_kthread+0x10/0x10 [ 12.711416] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.711438] ? calculate_sigpending+0x7b/0xa0 [ 12.711462] ? __pfx_kthread+0x10/0x10 [ 12.711549] ret_from_fork+0x116/0x1d0 [ 12.711568] ? __pfx_kthread+0x10/0x10 [ 12.711601] ret_from_fork_asm+0x1a/0x30 [ 12.711631] </TASK> [ 12.711642] [ 12.724648] Allocated by task 191: [ 12.725088] kasan_save_stack+0x45/0x70 [ 12.725511] kasan_save_track+0x18/0x40 [ 12.725837] kasan_save_alloc_info+0x3b/0x50 [ 12.726107] __kasan_kmalloc+0xb7/0xc0 [ 12.726486] __kmalloc_cache_noprof+0x189/0x420 [ 12.726938] kmalloc_oob_memset_4+0xac/0x330 [ 12.727349] kunit_try_run_case+0x1a5/0x480 [ 12.727507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.727681] kthread+0x337/0x6f0 [ 12.727801] ret_from_fork+0x116/0x1d0 [ 12.727957] ret_from_fork_asm+0x1a/0x30 [ 12.728354] [ 12.728513] The buggy address belongs to the object at ffff88810269af00 [ 12.728513] which belongs to the cache kmalloc-128 of size 128 [ 12.729722] The buggy address is located 117 bytes inside of [ 12.729722] allocated 120-byte region [ffff88810269af00, ffff88810269af78) [ 12.731023] [ 12.731208] The buggy address belongs to the physical page: [ 12.731595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10269a [ 12.731837] flags: 0x200000000000000(node=0|zone=2) [ 12.732199] page_type: f5(slab) [ 12.732510] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.733323] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.734189] page dumped because: kasan: bad access detected [ 12.734673] [ 12.734752] Memory state around the buggy address: [ 12.734911] ffff88810269ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.735597] ffff88810269ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.736360] >ffff88810269af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.736827] ^ [ 12.737345] ffff88810269af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.737978] ffff88810269b000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.738412] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.679662] ================================================================== [ 12.680150] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.680718] Write of size 2 at addr ffff88810269ae77 by task kunit_try_catch/189 [ 12.681266] [ 12.681423] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.681470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.681481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.681502] Call Trace: [ 12.681513] <TASK> [ 12.681531] dump_stack_lvl+0x73/0xb0 [ 12.681564] print_report+0xd1/0x650 [ 12.681586] ? __virt_addr_valid+0x1db/0x2d0 [ 12.681610] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.681632] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.681655] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.681677] kasan_report+0x141/0x180 [ 12.681698] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.681724] kasan_check_range+0x10c/0x1c0 [ 12.681748] __asan_memset+0x27/0x50 [ 12.681766] kmalloc_oob_memset_2+0x166/0x330 [ 12.681789] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.681812] ? __schedule+0x10cc/0x2b60 [ 12.681834] ? __pfx_read_tsc+0x10/0x10 [ 12.681855] ? ktime_get_ts64+0x86/0x230 [ 12.681879] kunit_try_run_case+0x1a5/0x480 [ 12.681904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.681940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.681964] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.681987] ? __kthread_parkme+0x82/0x180 [ 12.682008] ? preempt_count_sub+0x50/0x80 [ 12.682032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.682055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.682080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.682116] kthread+0x337/0x6f0 [ 12.682134] ? trace_preempt_on+0x20/0xc0 [ 12.682158] ? __pfx_kthread+0x10/0x10 [ 12.682179] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.682202] ? calculate_sigpending+0x7b/0xa0 [ 12.682228] ? __pfx_kthread+0x10/0x10 [ 12.682251] ret_from_fork+0x116/0x1d0 [ 12.682333] ? __pfx_kthread+0x10/0x10 [ 12.682355] ret_from_fork_asm+0x1a/0x30 [ 12.682387] </TASK> [ 12.682397] [ 12.692568] Allocated by task 189: [ 12.692758] kasan_save_stack+0x45/0x70 [ 12.692940] kasan_save_track+0x18/0x40 [ 12.693394] kasan_save_alloc_info+0x3b/0x50 [ 12.693710] __kasan_kmalloc+0xb7/0xc0 [ 12.693889] __kmalloc_cache_noprof+0x189/0x420 [ 12.694413] kmalloc_oob_memset_2+0xac/0x330 [ 12.694592] kunit_try_run_case+0x1a5/0x480 [ 12.694816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.695295] kthread+0x337/0x6f0 [ 12.695471] ret_from_fork+0x116/0x1d0 [ 12.695633] ret_from_fork_asm+0x1a/0x30 [ 12.695822] [ 12.695935] The buggy address belongs to the object at ffff88810269ae00 [ 12.695935] which belongs to the cache kmalloc-128 of size 128 [ 12.696908] The buggy address is located 119 bytes inside of [ 12.696908] allocated 120-byte region [ffff88810269ae00, ffff88810269ae78) [ 12.697638] [ 12.697748] The buggy address belongs to the physical page: [ 12.698222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10269a [ 12.698643] flags: 0x200000000000000(node=0|zone=2) [ 12.698863] page_type: f5(slab) [ 12.699054] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.699357] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.699664] page dumped because: kasan: bad access detected [ 12.699896] [ 12.700622] Memory state around the buggy address: [ 12.700849] ffff88810269ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.701440] ffff88810269ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.701834] >ffff88810269ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.702333] ^ [ 12.702606] ffff88810269ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.703188] ffff88810269af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.703660] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.643870] ================================================================== [ 12.644901] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.646349] Write of size 128 at addr ffff88810269ad00 by task kunit_try_catch/187 [ 12.647687] [ 12.648122] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.648174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.648186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.648209] Call Trace: [ 12.648275] <TASK> [ 12.648297] dump_stack_lvl+0x73/0xb0 [ 12.648333] print_report+0xd1/0x650 [ 12.648357] ? __virt_addr_valid+0x1db/0x2d0 [ 12.648382] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.648404] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.648426] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.648449] kasan_report+0x141/0x180 [ 12.648470] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.648497] kasan_check_range+0x10c/0x1c0 [ 12.648520] __asan_memset+0x27/0x50 [ 12.648539] kmalloc_oob_in_memset+0x15f/0x320 [ 12.648561] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.648585] ? __schedule+0x10cc/0x2b60 [ 12.648607] ? __pfx_read_tsc+0x10/0x10 [ 12.648629] ? ktime_get_ts64+0x86/0x230 [ 12.648655] kunit_try_run_case+0x1a5/0x480 [ 12.648681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648703] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.648728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.648751] ? __kthread_parkme+0x82/0x180 [ 12.648773] ? preempt_count_sub+0x50/0x80 [ 12.648798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.648846] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.648870] kthread+0x337/0x6f0 [ 12.648889] ? trace_preempt_on+0x20/0xc0 [ 12.648913] ? __pfx_kthread+0x10/0x10 [ 12.648944] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.648965] ? calculate_sigpending+0x7b/0xa0 [ 12.648991] ? __pfx_kthread+0x10/0x10 [ 12.649012] ret_from_fork+0x116/0x1d0 [ 12.649030] ? __pfx_kthread+0x10/0x10 [ 12.649050] ret_from_fork_asm+0x1a/0x30 [ 12.649081] </TASK> [ 12.649092] [ 12.661587] Allocated by task 187: [ 12.661805] kasan_save_stack+0x45/0x70 [ 12.662217] kasan_save_track+0x18/0x40 [ 12.662418] kasan_save_alloc_info+0x3b/0x50 [ 12.662630] __kasan_kmalloc+0xb7/0xc0 [ 12.662948] __kmalloc_cache_noprof+0x189/0x420 [ 12.664515] kmalloc_oob_in_memset+0xac/0x320 [ 12.664728] kunit_try_run_case+0x1a5/0x480 [ 12.664879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.665528] kthread+0x337/0x6f0 [ 12.665662] ret_from_fork+0x116/0x1d0 [ 12.665858] ret_from_fork_asm+0x1a/0x30 [ 12.666255] [ 12.666335] The buggy address belongs to the object at ffff88810269ad00 [ 12.666335] which belongs to the cache kmalloc-128 of size 128 [ 12.666695] The buggy address is located 0 bytes inside of [ 12.666695] allocated 120-byte region [ffff88810269ad00, ffff88810269ad78) [ 12.667068] [ 12.667144] The buggy address belongs to the physical page: [ 12.667318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10269a [ 12.668114] flags: 0x200000000000000(node=0|zone=2) [ 12.668369] page_type: f5(slab) [ 12.668506] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.668744] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.669764] page dumped because: kasan: bad access detected [ 12.670400] [ 12.670664] Memory state around the buggy address: [ 12.671107] ffff88810269ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.671637] ffff88810269ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.672196] >ffff88810269ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.672709] ^ [ 12.673288] ffff88810269ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.673631] ffff88810269ae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.673899] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.613646] ================================================================== [ 12.614128] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.614539] Read of size 16 at addr ffff888101e0ece0 by task kunit_try_catch/185 [ 12.614855] [ 12.614964] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.615009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.615020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.615040] Call Trace: [ 12.615052] <TASK> [ 12.615070] dump_stack_lvl+0x73/0xb0 [ 12.615101] print_report+0xd1/0x650 [ 12.615123] ? __virt_addr_valid+0x1db/0x2d0 [ 12.615145] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.615165] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.615187] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.615207] kasan_report+0x141/0x180 [ 12.615228] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.615253] __asan_report_load16_noabort+0x18/0x20 [ 12.615277] kmalloc_uaf_16+0x47b/0x4c0 [ 12.615298] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.615319] ? __schedule+0x10cc/0x2b60 [ 12.615756] ? __pfx_read_tsc+0x10/0x10 [ 12.615788] ? ktime_get_ts64+0x86/0x230 [ 12.615829] kunit_try_run_case+0x1a5/0x480 [ 12.615855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.615878] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.615903] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.615935] ? __kthread_parkme+0x82/0x180 [ 12.615956] ? preempt_count_sub+0x50/0x80 [ 12.615980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.616004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.616029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.616053] kthread+0x337/0x6f0 [ 12.616071] ? trace_preempt_on+0x20/0xc0 [ 12.616095] ? __pfx_kthread+0x10/0x10 [ 12.616115] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.616136] ? calculate_sigpending+0x7b/0xa0 [ 12.616160] ? __pfx_kthread+0x10/0x10 [ 12.616181] ret_from_fork+0x116/0x1d0 [ 12.616199] ? __pfx_kthread+0x10/0x10 [ 12.616219] ret_from_fork_asm+0x1a/0x30 [ 12.616249] </TASK> [ 12.616260] [ 12.625896] Allocated by task 185: [ 12.626215] kasan_save_stack+0x45/0x70 [ 12.626555] kasan_save_track+0x18/0x40 [ 12.626717] kasan_save_alloc_info+0x3b/0x50 [ 12.627019] __kasan_kmalloc+0xb7/0xc0 [ 12.627206] __kmalloc_cache_noprof+0x189/0x420 [ 12.627701] kmalloc_uaf_16+0x15b/0x4c0 [ 12.627874] kunit_try_run_case+0x1a5/0x480 [ 12.628301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.628683] kthread+0x337/0x6f0 [ 12.628962] ret_from_fork+0x116/0x1d0 [ 12.629273] ret_from_fork_asm+0x1a/0x30 [ 12.629444] [ 12.629540] Freed by task 185: [ 12.629702] kasan_save_stack+0x45/0x70 [ 12.629872] kasan_save_track+0x18/0x40 [ 12.630078] kasan_save_free_info+0x3f/0x60 [ 12.630671] __kasan_slab_free+0x56/0x70 [ 12.630869] kfree+0x222/0x3f0 [ 12.630998] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.631434] kunit_try_run_case+0x1a5/0x480 [ 12.631772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.632157] kthread+0x337/0x6f0 [ 12.632506] ret_from_fork+0x116/0x1d0 [ 12.632691] ret_from_fork_asm+0x1a/0x30 [ 12.633048] [ 12.633155] The buggy address belongs to the object at ffff888101e0ece0 [ 12.633155] which belongs to the cache kmalloc-16 of size 16 [ 12.633809] The buggy address is located 0 bytes inside of [ 12.633809] freed 16-byte region [ffff888101e0ece0, ffff888101e0ecf0) [ 12.634622] [ 12.634840] The buggy address belongs to the physical page: [ 12.635121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e0e [ 12.635758] flags: 0x200000000000000(node=0|zone=2) [ 12.636071] page_type: f5(slab) [ 12.636210] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.636450] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.636676] page dumped because: kasan: bad access detected [ 12.636846] [ 12.636915] Memory state around the buggy address: [ 12.637187] ffff888101e0eb80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 12.637509] ffff888101e0ec00: 00 04 fc fc 00 04 fc fc 00 05 fc fc fa fb fc fc [ 12.637724] >ffff888101e0ec80: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 12.637948] ^ [ 12.638492] ffff888101e0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.639117] ffff888101e0ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.639744] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.582064] ================================================================== [ 12.582502] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.582744] Write of size 16 at addr ffff888101e0ec80 by task kunit_try_catch/183 [ 12.583630] [ 12.583837] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.583885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.583896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.583917] Call Trace: [ 12.583941] <TASK> [ 12.583959] dump_stack_lvl+0x73/0xb0 [ 12.583993] print_report+0xd1/0x650 [ 12.584016] ? __virt_addr_valid+0x1db/0x2d0 [ 12.584039] ? kmalloc_oob_16+0x452/0x4a0 [ 12.584060] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.584083] ? kmalloc_oob_16+0x452/0x4a0 [ 12.584103] kasan_report+0x141/0x180 [ 12.584124] ? kmalloc_oob_16+0x452/0x4a0 [ 12.584149] __asan_report_store16_noabort+0x1b/0x30 [ 12.584174] kmalloc_oob_16+0x452/0x4a0 [ 12.584194] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.584216] ? __schedule+0x10cc/0x2b60 [ 12.584238] ? __pfx_read_tsc+0x10/0x10 [ 12.584472] ? ktime_get_ts64+0x86/0x230 [ 12.584506] kunit_try_run_case+0x1a5/0x480 [ 12.584532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.584555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.584626] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.584650] ? __kthread_parkme+0x82/0x180 [ 12.584671] ? preempt_count_sub+0x50/0x80 [ 12.584697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.584724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.584750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.584775] kthread+0x337/0x6f0 [ 12.584794] ? trace_preempt_on+0x20/0xc0 [ 12.584818] ? __pfx_kthread+0x10/0x10 [ 12.584839] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.584860] ? calculate_sigpending+0x7b/0xa0 [ 12.584884] ? __pfx_kthread+0x10/0x10 [ 12.584905] ret_from_fork+0x116/0x1d0 [ 12.584934] ? __pfx_kthread+0x10/0x10 [ 12.584955] ret_from_fork_asm+0x1a/0x30 [ 12.584987] </TASK> [ 12.584998] [ 12.599621] Allocated by task 183: [ 12.599802] kasan_save_stack+0x45/0x70 [ 12.599997] kasan_save_track+0x18/0x40 [ 12.600179] kasan_save_alloc_info+0x3b/0x50 [ 12.600766] __kasan_kmalloc+0xb7/0xc0 [ 12.600938] __kmalloc_cache_noprof+0x189/0x420 [ 12.601368] kmalloc_oob_16+0xa8/0x4a0 [ 12.601543] kunit_try_run_case+0x1a5/0x480 [ 12.601899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.602307] kthread+0x337/0x6f0 [ 12.602596] ret_from_fork+0x116/0x1d0 [ 12.602962] ret_from_fork_asm+0x1a/0x30 [ 12.603162] [ 12.603383] The buggy address belongs to the object at ffff888101e0ec80 [ 12.603383] which belongs to the cache kmalloc-16 of size 16 [ 12.604027] The buggy address is located 0 bytes inside of [ 12.604027] allocated 13-byte region [ffff888101e0ec80, ffff888101e0ec8d) [ 12.604705] [ 12.604883] The buggy address belongs to the physical page: [ 12.605350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e0e [ 12.605792] flags: 0x200000000000000(node=0|zone=2) [ 12.606027] page_type: f5(slab) [ 12.606164] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.606723] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.607150] page dumped because: kasan: bad access detected [ 12.607523] [ 12.607600] Memory state around the buggy address: [ 12.607997] ffff888101e0eb80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 12.608475] ffff888101e0ec00: 00 04 fc fc 00 04 fc fc 00 05 fc fc fa fb fc fc [ 12.608772] >ffff888101e0ec80: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 12.609093] ^ [ 12.609254] ffff888101e0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.609812] ffff888101e0ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.610135] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.551497] ================================================================== [ 12.551837] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.552293] Read of size 1 at addr ffff888102328a00 by task kunit_try_catch/181 [ 12.552625] [ 12.552716] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.552758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.552770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.552789] Call Trace: [ 12.552807] <TASK> [ 12.552824] dump_stack_lvl+0x73/0xb0 [ 12.552855] print_report+0xd1/0x650 [ 12.552876] ? __virt_addr_valid+0x1db/0x2d0 [ 12.552900] ? krealloc_uaf+0x53c/0x5e0 [ 12.552920] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.553052] ? krealloc_uaf+0x53c/0x5e0 [ 12.553074] kasan_report+0x141/0x180 [ 12.553096] ? krealloc_uaf+0x53c/0x5e0 [ 12.553121] __asan_report_load1_noabort+0x18/0x20 [ 12.553147] krealloc_uaf+0x53c/0x5e0 [ 12.553169] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.553191] ? finish_task_switch.isra.0+0x153/0x700 [ 12.553219] ? __switch_to+0x47/0xf50 [ 12.553245] ? __schedule+0x10cc/0x2b60 [ 12.553268] ? __pfx_read_tsc+0x10/0x10 [ 12.553290] ? ktime_get_ts64+0x86/0x230 [ 12.553333] kunit_try_run_case+0x1a5/0x480 [ 12.553358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.553381] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.553406] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.553430] ? __kthread_parkme+0x82/0x180 [ 12.553451] ? preempt_count_sub+0x50/0x80 [ 12.553474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.553498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.553523] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.553547] kthread+0x337/0x6f0 [ 12.553566] ? trace_preempt_on+0x20/0xc0 [ 12.553589] ? __pfx_kthread+0x10/0x10 [ 12.553610] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.553631] ? calculate_sigpending+0x7b/0xa0 [ 12.553655] ? __pfx_kthread+0x10/0x10 [ 12.553676] ret_from_fork+0x116/0x1d0 [ 12.553694] ? __pfx_kthread+0x10/0x10 [ 12.553715] ret_from_fork_asm+0x1a/0x30 [ 12.553745] </TASK> [ 12.553756] [ 12.561421] Allocated by task 181: [ 12.561599] kasan_save_stack+0x45/0x70 [ 12.561801] kasan_save_track+0x18/0x40 [ 12.562069] kasan_save_alloc_info+0x3b/0x50 [ 12.562278] __kasan_kmalloc+0xb7/0xc0 [ 12.562475] __kmalloc_cache_noprof+0x189/0x420 [ 12.562689] krealloc_uaf+0xbb/0x5e0 [ 12.562854] kunit_try_run_case+0x1a5/0x480 [ 12.563133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.563383] kthread+0x337/0x6f0 [ 12.563506] ret_from_fork+0x116/0x1d0 [ 12.563636] ret_from_fork_asm+0x1a/0x30 [ 12.563824] [ 12.563917] Freed by task 181: [ 12.564262] kasan_save_stack+0x45/0x70 [ 12.564488] kasan_save_track+0x18/0x40 [ 12.564675] kasan_save_free_info+0x3f/0x60 [ 12.564875] __kasan_slab_free+0x56/0x70 [ 12.565138] kfree+0x222/0x3f0 [ 12.565268] krealloc_uaf+0x13d/0x5e0 [ 12.565468] kunit_try_run_case+0x1a5/0x480 [ 12.565677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.565897] kthread+0x337/0x6f0 [ 12.566138] ret_from_fork+0x116/0x1d0 [ 12.566299] ret_from_fork_asm+0x1a/0x30 [ 12.566498] [ 12.566594] The buggy address belongs to the object at ffff888102328a00 [ 12.566594] which belongs to the cache kmalloc-256 of size 256 [ 12.567137] The buggy address is located 0 bytes inside of [ 12.567137] freed 256-byte region [ffff888102328a00, ffff888102328b00) [ 12.567649] [ 12.567754] The buggy address belongs to the physical page: [ 12.568154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102328 [ 12.568522] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.568809] flags: 0x200000000000040(head|node=0|zone=2) [ 12.569131] page_type: f5(slab) [ 12.569284] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.569599] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.569902] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.570292] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.570634] head: 0200000000000001 ffffea000408ca01 00000000ffffffff 00000000ffffffff [ 12.570905] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.571212] page dumped because: kasan: bad access detected [ 12.571432] [ 12.571527] Memory state around the buggy address: [ 12.571749] ffff888102328900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.572271] ffff888102328980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.572580] >ffff888102328a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.572790] ^ [ 12.572904] ffff888102328a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.573313] ffff888102328b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.573633] ================================================================== [ 12.527763] ================================================================== [ 12.528612] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.528894] Read of size 1 at addr ffff888102328a00 by task kunit_try_catch/181 [ 12.529453] [ 12.529578] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.529625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.529637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.529658] Call Trace: [ 12.529670] <TASK> [ 12.529689] dump_stack_lvl+0x73/0xb0 [ 12.529724] print_report+0xd1/0x650 [ 12.529747] ? __virt_addr_valid+0x1db/0x2d0 [ 12.529772] ? krealloc_uaf+0x1b8/0x5e0 [ 12.529793] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.529817] ? krealloc_uaf+0x1b8/0x5e0 [ 12.529838] kasan_report+0x141/0x180 [ 12.529859] ? krealloc_uaf+0x1b8/0x5e0 [ 12.529882] ? krealloc_uaf+0x1b8/0x5e0 [ 12.529903] __kasan_check_byte+0x3d/0x50 [ 12.530168] krealloc_noprof+0x3f/0x340 [ 12.530204] krealloc_uaf+0x1b8/0x5e0 [ 12.530226] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.530272] ? finish_task_switch.isra.0+0x153/0x700 [ 12.530297] ? __switch_to+0x47/0xf50 [ 12.530324] ? __schedule+0x10cc/0x2b60 [ 12.530347] ? __pfx_read_tsc+0x10/0x10 [ 12.530369] ? ktime_get_ts64+0x86/0x230 [ 12.530394] kunit_try_run_case+0x1a5/0x480 [ 12.530421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.530443] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.530468] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.530491] ? __kthread_parkme+0x82/0x180 [ 12.530514] ? preempt_count_sub+0x50/0x80 [ 12.530537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.530561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.530585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.530609] kthread+0x337/0x6f0 [ 12.530628] ? trace_preempt_on+0x20/0xc0 [ 12.530652] ? __pfx_kthread+0x10/0x10 [ 12.530672] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.530693] ? calculate_sigpending+0x7b/0xa0 [ 12.530724] ? __pfx_kthread+0x10/0x10 [ 12.530745] ret_from_fork+0x116/0x1d0 [ 12.530763] ? __pfx_kthread+0x10/0x10 [ 12.530784] ret_from_fork_asm+0x1a/0x30 [ 12.530815] </TASK> [ 12.530826] [ 12.538519] Allocated by task 181: [ 12.538692] kasan_save_stack+0x45/0x70 [ 12.538901] kasan_save_track+0x18/0x40 [ 12.539109] kasan_save_alloc_info+0x3b/0x50 [ 12.539262] __kasan_kmalloc+0xb7/0xc0 [ 12.539466] __kmalloc_cache_noprof+0x189/0x420 [ 12.539687] krealloc_uaf+0xbb/0x5e0 [ 12.539867] kunit_try_run_case+0x1a5/0x480 [ 12.540321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.540587] kthread+0x337/0x6f0 [ 12.540760] ret_from_fork+0x116/0x1d0 [ 12.540897] ret_from_fork_asm+0x1a/0x30 [ 12.541143] [ 12.541246] Freed by task 181: [ 12.541447] kasan_save_stack+0x45/0x70 [ 12.541641] kasan_save_track+0x18/0x40 [ 12.541827] kasan_save_free_info+0x3f/0x60 [ 12.542111] __kasan_slab_free+0x56/0x70 [ 12.542331] kfree+0x222/0x3f0 [ 12.542479] krealloc_uaf+0x13d/0x5e0 [ 12.542652] kunit_try_run_case+0x1a5/0x480 [ 12.542841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.543086] kthread+0x337/0x6f0 [ 12.543211] ret_from_fork+0x116/0x1d0 [ 12.543400] ret_from_fork_asm+0x1a/0x30 [ 12.543618] [ 12.543721] The buggy address belongs to the object at ffff888102328a00 [ 12.543721] which belongs to the cache kmalloc-256 of size 256 [ 12.544507] The buggy address is located 0 bytes inside of [ 12.544507] freed 256-byte region [ffff888102328a00, ffff888102328b00) [ 12.545143] [ 12.545251] The buggy address belongs to the physical page: [ 12.545471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102328 [ 12.545714] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.546093] flags: 0x200000000000040(head|node=0|zone=2) [ 12.546375] page_type: f5(slab) [ 12.546545] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.546882] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.547261] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.547545] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.547805] head: 0200000000000001 ffffea000408ca01 00000000ffffffff 00000000ffffffff [ 12.548314] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.548678] page dumped because: kasan: bad access detected [ 12.548902] [ 12.549088] Memory state around the buggy address: [ 12.549319] ffff888102328900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.549604] ffff888102328980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.549878] >ffff888102328a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.550218] ^ [ 12.550399] ffff888102328a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.550612] ffff888102328b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.550865] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.426863] ================================================================== [ 12.427959] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.429036] Write of size 1 at addr ffff88810a5da0c9 by task kunit_try_catch/179 [ 12.429520] [ 12.429744] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.429793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.429806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.429827] Call Trace: [ 12.429842] <TASK> [ 12.429863] dump_stack_lvl+0x73/0xb0 [ 12.429901] print_report+0xd1/0x650 [ 12.429937] ? __virt_addr_valid+0x1db/0x2d0 [ 12.430027] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.430051] ? kasan_addr_to_slab+0x11/0xa0 [ 12.430071] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.430095] kasan_report+0x141/0x180 [ 12.430117] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.430145] __asan_report_store1_noabort+0x1b/0x30 [ 12.430169] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.430195] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.430219] ? finish_task_switch.isra.0+0x153/0x700 [ 12.430244] ? __switch_to+0x47/0xf50 [ 12.430270] ? __schedule+0x10cc/0x2b60 [ 12.430293] ? __pfx_read_tsc+0x10/0x10 [ 12.430317] krealloc_large_less_oob+0x1c/0x30 [ 12.430340] kunit_try_run_case+0x1a5/0x480 [ 12.430366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.430389] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.430414] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.430437] ? __kthread_parkme+0x82/0x180 [ 12.430459] ? preempt_count_sub+0x50/0x80 [ 12.430482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.430506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.430531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.430557] kthread+0x337/0x6f0 [ 12.430578] ? trace_preempt_on+0x20/0xc0 [ 12.430602] ? __pfx_kthread+0x10/0x10 [ 12.430623] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.430645] ? calculate_sigpending+0x7b/0xa0 [ 12.430670] ? __pfx_kthread+0x10/0x10 [ 12.430691] ret_from_fork+0x116/0x1d0 [ 12.430717] ? __pfx_kthread+0x10/0x10 [ 12.430737] ret_from_fork_asm+0x1a/0x30 [ 12.430768] </TASK> [ 12.430779] [ 12.443650] The buggy address belongs to the physical page: [ 12.443850] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a5d8 [ 12.444470] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.445197] flags: 0x200000000000040(head|node=0|zone=2) [ 12.445684] page_type: f8(unknown) [ 12.446038] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.446830] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.447384] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.447617] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.447844] head: 0200000000000002 ffffea0004297601 00000000ffffffff 00000000ffffffff [ 12.448311] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.448710] page dumped because: kasan: bad access detected [ 12.448883] [ 12.449137] Memory state around the buggy address: [ 12.449561] ffff88810a5d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.450249] ffff88810a5da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.450858] >ffff88810a5da080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.451267] ^ [ 12.451446] ffff88810a5da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.451657] ffff88810a5da180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.451866] ================================================================== [ 12.260772] ================================================================== [ 12.261359] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.261815] Write of size 1 at addr ffff888100a17cc9 by task kunit_try_catch/175 [ 12.262131] [ 12.262257] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.262304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.262327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.262349] Call Trace: [ 12.262361] <TASK> [ 12.262380] dump_stack_lvl+0x73/0xb0 [ 12.262412] print_report+0xd1/0x650 [ 12.262435] ? __virt_addr_valid+0x1db/0x2d0 [ 12.262468] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.262492] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.262515] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.262550] kasan_report+0x141/0x180 [ 12.262571] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.262600] __asan_report_store1_noabort+0x1b/0x30 [ 12.262633] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.262660] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.262684] ? finish_task_switch.isra.0+0x153/0x700 [ 12.262725] ? __switch_to+0x47/0xf50 [ 12.262753] ? __schedule+0x10cc/0x2b60 [ 12.262777] ? __pfx_read_tsc+0x10/0x10 [ 12.262805] krealloc_less_oob+0x1c/0x30 [ 12.262826] kunit_try_run_case+0x1a5/0x480 [ 12.262852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.262874] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.262898] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.262938] ? __kthread_parkme+0x82/0x180 [ 12.262960] ? preempt_count_sub+0x50/0x80 [ 12.262982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.263017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.263042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.263067] kthread+0x337/0x6f0 [ 12.263086] ? trace_preempt_on+0x20/0xc0 [ 12.263110] ? __pfx_kthread+0x10/0x10 [ 12.263130] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.263160] ? calculate_sigpending+0x7b/0xa0 [ 12.263184] ? __pfx_kthread+0x10/0x10 [ 12.263205] ret_from_fork+0x116/0x1d0 [ 12.263233] ? __pfx_kthread+0x10/0x10 [ 12.263254] ret_from_fork_asm+0x1a/0x30 [ 12.263293] </TASK> [ 12.263304] [ 12.270794] Allocated by task 175: [ 12.270977] kasan_save_stack+0x45/0x70 [ 12.271125] kasan_save_track+0x18/0x40 [ 12.271260] kasan_save_alloc_info+0x3b/0x50 [ 12.271435] __kasan_krealloc+0x190/0x1f0 [ 12.271684] krealloc_noprof+0xf3/0x340 [ 12.271874] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.272108] krealloc_less_oob+0x1c/0x30 [ 12.272355] kunit_try_run_case+0x1a5/0x480 [ 12.272560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.272773] kthread+0x337/0x6f0 [ 12.272967] ret_from_fork+0x116/0x1d0 [ 12.273133] ret_from_fork_asm+0x1a/0x30 [ 12.273296] [ 12.273390] The buggy address belongs to the object at ffff888100a17c00 [ 12.273390] which belongs to the cache kmalloc-256 of size 256 [ 12.273880] The buggy address is located 0 bytes to the right of [ 12.273880] allocated 201-byte region [ffff888100a17c00, ffff888100a17cc9) [ 12.274511] [ 12.274623] The buggy address belongs to the physical page: [ 12.274844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a16 [ 12.275211] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.275540] flags: 0x200000000000040(head|node=0|zone=2) [ 12.275759] page_type: f5(slab) [ 12.275937] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.276232] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.276520] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.276747] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.276985] head: 0200000000000001 ffffea0004028581 00000000ffffffff 00000000ffffffff [ 12.277334] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.277670] page dumped because: kasan: bad access detected [ 12.277919] [ 12.278023] Memory state around the buggy address: [ 12.278249] ffff888100a17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.278567] ffff888100a17c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.278783] >ffff888100a17c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.279002] ^ [ 12.279174] ffff888100a17d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.279430] ffff888100a17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.279766] ================================================================== [ 12.281496] ================================================================== [ 12.281876] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.282317] Write of size 1 at addr ffff888100a17cd0 by task kunit_try_catch/175 [ 12.282664] [ 12.282787] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.282840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.282852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.282872] Call Trace: [ 12.282884] <TASK> [ 12.282914] dump_stack_lvl+0x73/0xb0 [ 12.282954] print_report+0xd1/0x650 [ 12.282976] ? __virt_addr_valid+0x1db/0x2d0 [ 12.282999] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.283023] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.283045] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.283069] kasan_report+0x141/0x180 [ 12.283090] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.283118] __asan_report_store1_noabort+0x1b/0x30 [ 12.283143] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.283169] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.283193] ? finish_task_switch.isra.0+0x153/0x700 [ 12.283217] ? __switch_to+0x47/0xf50 [ 12.283269] ? __schedule+0x10cc/0x2b60 [ 12.283291] ? __pfx_read_tsc+0x10/0x10 [ 12.283327] krealloc_less_oob+0x1c/0x30 [ 12.283349] kunit_try_run_case+0x1a5/0x480 [ 12.283373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.283407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.283431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.283455] ? __kthread_parkme+0x82/0x180 [ 12.283487] ? preempt_count_sub+0x50/0x80 [ 12.283509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.283533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.283569] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.283594] kthread+0x337/0x6f0 [ 12.283622] ? trace_preempt_on+0x20/0xc0 [ 12.283646] ? __pfx_kthread+0x10/0x10 [ 12.283666] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.283687] ? calculate_sigpending+0x7b/0xa0 [ 12.283711] ? __pfx_kthread+0x10/0x10 [ 12.283732] ret_from_fork+0x116/0x1d0 [ 12.283759] ? __pfx_kthread+0x10/0x10 [ 12.283779] ret_from_fork_asm+0x1a/0x30 [ 12.283810] </TASK> [ 12.283820] [ 12.291032] Allocated by task 175: [ 12.291183] kasan_save_stack+0x45/0x70 [ 12.291367] kasan_save_track+0x18/0x40 [ 12.291571] kasan_save_alloc_info+0x3b/0x50 [ 12.291813] __kasan_krealloc+0x190/0x1f0 [ 12.292041] krealloc_noprof+0xf3/0x340 [ 12.292282] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.292533] krealloc_less_oob+0x1c/0x30 [ 12.292750] kunit_try_run_case+0x1a5/0x480 [ 12.292983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.293219] kthread+0x337/0x6f0 [ 12.293396] ret_from_fork+0x116/0x1d0 [ 12.293527] ret_from_fork_asm+0x1a/0x30 [ 12.293721] [ 12.293827] The buggy address belongs to the object at ffff888100a17c00 [ 12.293827] which belongs to the cache kmalloc-256 of size 256 [ 12.294338] The buggy address is located 7 bytes to the right of [ 12.294338] allocated 201-byte region [ffff888100a17c00, ffff888100a17cc9) [ 12.294855] [ 12.294971] The buggy address belongs to the physical page: [ 12.295196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a16 [ 12.295556] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.295887] flags: 0x200000000000040(head|node=0|zone=2) [ 12.296090] page_type: f5(slab) [ 12.296210] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.296459] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.296686] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.297061] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.297421] head: 0200000000000001 ffffea0004028581 00000000ffffffff 00000000ffffffff [ 12.297755] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.298101] page dumped because: kasan: bad access detected [ 12.298374] [ 12.298467] Memory state around the buggy address: [ 12.298673] ffff888100a17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.298965] ffff888100a17c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.299176] >ffff888100a17c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.299408] ^ [ 12.299666] ffff888100a17d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.300013] ffff888100a17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.300402] ================================================================== [ 12.342446] ================================================================== [ 12.342741] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.343117] Write of size 1 at addr ffff888100a17ceb by task kunit_try_catch/175 [ 12.343462] [ 12.343576] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.343616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.343637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.343656] Call Trace: [ 12.343668] <TASK> [ 12.343684] dump_stack_lvl+0x73/0xb0 [ 12.343726] print_report+0xd1/0x650 [ 12.343749] ? __virt_addr_valid+0x1db/0x2d0 [ 12.343771] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.343794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.343826] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.343850] kasan_report+0x141/0x180 [ 12.343871] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.343911] __asan_report_store1_noabort+0x1b/0x30 [ 12.343944] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.343970] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.344003] ? finish_task_switch.isra.0+0x153/0x700 [ 12.344027] ? __switch_to+0x47/0xf50 [ 12.344051] ? __schedule+0x10cc/0x2b60 [ 12.344079] ? __pfx_read_tsc+0x10/0x10 [ 12.344103] krealloc_less_oob+0x1c/0x30 [ 12.344125] kunit_try_run_case+0x1a5/0x480 [ 12.344149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.344171] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.344195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.344218] ? __kthread_parkme+0x82/0x180 [ 12.344245] ? preempt_count_sub+0x50/0x80 [ 12.344268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.344292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.344316] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.344340] kthread+0x337/0x6f0 [ 12.344359] ? trace_preempt_on+0x20/0xc0 [ 12.344382] ? __pfx_kthread+0x10/0x10 [ 12.344402] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.344423] ? calculate_sigpending+0x7b/0xa0 [ 12.344447] ? __pfx_kthread+0x10/0x10 [ 12.344468] ret_from_fork+0x116/0x1d0 [ 12.344485] ? __pfx_kthread+0x10/0x10 [ 12.344505] ret_from_fork_asm+0x1a/0x30 [ 12.344536] </TASK> [ 12.344545] [ 12.351683] Allocated by task 175: [ 12.351811] kasan_save_stack+0x45/0x70 [ 12.351966] kasan_save_track+0x18/0x40 [ 12.352160] kasan_save_alloc_info+0x3b/0x50 [ 12.352402] __kasan_krealloc+0x190/0x1f0 [ 12.352602] krealloc_noprof+0xf3/0x340 [ 12.352819] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.353055] krealloc_less_oob+0x1c/0x30 [ 12.353268] kunit_try_run_case+0x1a5/0x480 [ 12.353503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.353707] kthread+0x337/0x6f0 [ 12.353827] ret_from_fork+0x116/0x1d0 [ 12.353964] ret_from_fork_asm+0x1a/0x30 [ 12.354163] [ 12.354297] The buggy address belongs to the object at ffff888100a17c00 [ 12.354297] which belongs to the cache kmalloc-256 of size 256 [ 12.354849] The buggy address is located 34 bytes to the right of [ 12.354849] allocated 201-byte region [ffff888100a17c00, ffff888100a17cc9) [ 12.355366] [ 12.355452] The buggy address belongs to the physical page: [ 12.355708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a16 [ 12.356070] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.356410] flags: 0x200000000000040(head|node=0|zone=2) [ 12.356648] page_type: f5(slab) [ 12.356808] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.357119] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.357369] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.357595] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.357914] head: 0200000000000001 ffffea0004028581 00000000ffffffff 00000000ffffffff [ 12.358271] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.358608] page dumped because: kasan: bad access detected [ 12.358862] [ 12.358966] Memory state around the buggy address: [ 12.359196] ffff888100a17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.359528] ffff888100a17c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.359741] >ffff888100a17c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.359959] ^ [ 12.360204] ffff888100a17d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.360576] ffff888100a17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.360919] ================================================================== [ 12.322362] ================================================================== [ 12.322628] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.323152] Write of size 1 at addr ffff888100a17cea by task kunit_try_catch/175 [ 12.323519] [ 12.323634] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.323676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.323687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.323707] Call Trace: [ 12.323735] <TASK> [ 12.323754] dump_stack_lvl+0x73/0xb0 [ 12.323783] print_report+0xd1/0x650 [ 12.323817] ? __virt_addr_valid+0x1db/0x2d0 [ 12.323840] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.323863] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.323893] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.323917] kasan_report+0x141/0x180 [ 12.323952] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.323981] __asan_report_store1_noabort+0x1b/0x30 [ 12.324005] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.324031] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.324056] ? finish_task_switch.isra.0+0x153/0x700 [ 12.324079] ? __switch_to+0x47/0xf50 [ 12.324113] ? __schedule+0x10cc/0x2b60 [ 12.324135] ? __pfx_read_tsc+0x10/0x10 [ 12.324170] krealloc_less_oob+0x1c/0x30 [ 12.324191] kunit_try_run_case+0x1a5/0x480 [ 12.324215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.324237] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.324280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.324303] ? __kthread_parkme+0x82/0x180 [ 12.324324] ? preempt_count_sub+0x50/0x80 [ 12.324347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.324370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.324394] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.324428] kthread+0x337/0x6f0 [ 12.324446] ? trace_preempt_on+0x20/0xc0 [ 12.324470] ? __pfx_kthread+0x10/0x10 [ 12.324502] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.324523] ? calculate_sigpending+0x7b/0xa0 [ 12.324547] ? __pfx_kthread+0x10/0x10 [ 12.324568] ret_from_fork+0x116/0x1d0 [ 12.324586] ? __pfx_kthread+0x10/0x10 [ 12.324606] ret_from_fork_asm+0x1a/0x30 [ 12.324636] </TASK> [ 12.324647] [ 12.331854] Allocated by task 175: [ 12.332043] kasan_save_stack+0x45/0x70 [ 12.332188] kasan_save_track+0x18/0x40 [ 12.332341] kasan_save_alloc_info+0x3b/0x50 [ 12.332579] __kasan_krealloc+0x190/0x1f0 [ 12.332778] krealloc_noprof+0xf3/0x340 [ 12.332962] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.333130] krealloc_less_oob+0x1c/0x30 [ 12.333317] kunit_try_run_case+0x1a5/0x480 [ 12.333528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.333810] kthread+0x337/0x6f0 [ 12.334011] ret_from_fork+0x116/0x1d0 [ 12.334214] ret_from_fork_asm+0x1a/0x30 [ 12.334395] [ 12.334514] The buggy address belongs to the object at ffff888100a17c00 [ 12.334514] which belongs to the cache kmalloc-256 of size 256 [ 12.334975] The buggy address is located 33 bytes to the right of [ 12.334975] allocated 201-byte region [ffff888100a17c00, ffff888100a17cc9) [ 12.335526] [ 12.335622] The buggy address belongs to the physical page: [ 12.335867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a16 [ 12.336210] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.336542] flags: 0x200000000000040(head|node=0|zone=2) [ 12.336721] page_type: f5(slab) [ 12.336841] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.337077] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.337451] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.337783] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.338121] head: 0200000000000001 ffffea0004028581 00000000ffffffff 00000000ffffffff [ 12.338484] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.338715] page dumped because: kasan: bad access detected [ 12.338883] [ 12.338969] Memory state around the buggy address: [ 12.339197] ffff888100a17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.339554] ffff888100a17c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.339885] >ffff888100a17c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.340220] ^ [ 12.340457] ffff888100a17d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.340696] ffff888100a17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.341073] ================================================================== [ 12.472982] ================================================================== [ 12.473539] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.473903] Write of size 1 at addr ffff88810a5da0da by task kunit_try_catch/179 [ 12.474248] [ 12.474596] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.474643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.474655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.474674] Call Trace: [ 12.474687] <TASK> [ 12.474709] dump_stack_lvl+0x73/0xb0 [ 12.474798] print_report+0xd1/0x650 [ 12.474824] ? __virt_addr_valid+0x1db/0x2d0 [ 12.474847] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.474870] ? kasan_addr_to_slab+0x11/0xa0 [ 12.474890] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.474913] kasan_report+0x141/0x180 [ 12.474948] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.474976] __asan_report_store1_noabort+0x1b/0x30 [ 12.475000] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.475026] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.475098] ? finish_task_switch.isra.0+0x153/0x700 [ 12.475123] ? __switch_to+0x47/0xf50 [ 12.475147] ? __schedule+0x10cc/0x2b60 [ 12.475169] ? __pfx_read_tsc+0x10/0x10 [ 12.475193] krealloc_large_less_oob+0x1c/0x30 [ 12.475216] kunit_try_run_case+0x1a5/0x480 [ 12.475240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.475274] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.475298] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.475321] ? __kthread_parkme+0x82/0x180 [ 12.475341] ? preempt_count_sub+0x50/0x80 [ 12.475363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.475387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.475411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.475435] kthread+0x337/0x6f0 [ 12.475453] ? trace_preempt_on+0x20/0xc0 [ 12.475477] ? __pfx_kthread+0x10/0x10 [ 12.475497] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.475518] ? calculate_sigpending+0x7b/0xa0 [ 12.475542] ? __pfx_kthread+0x10/0x10 [ 12.475562] ret_from_fork+0x116/0x1d0 [ 12.475580] ? __pfx_kthread+0x10/0x10 [ 12.475600] ret_from_fork_asm+0x1a/0x30 [ 12.475631] </TASK> [ 12.475641] [ 12.483285] The buggy address belongs to the physical page: [ 12.483563] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a5d8 [ 12.483911] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.484328] flags: 0x200000000000040(head|node=0|zone=2) [ 12.484542] page_type: f8(unknown) [ 12.484667] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.484948] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.485444] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.485762] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.486387] head: 0200000000000002 ffffea0004297601 00000000ffffffff 00000000ffffffff [ 12.486674] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.486910] page dumped because: kasan: bad access detected [ 12.487206] [ 12.487395] Memory state around the buggy address: [ 12.487634] ffff88810a5d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.487994] ffff88810a5da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.488292] >ffff88810a5da080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.488502] ^ [ 12.488778] ffff88810a5da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.489171] ffff88810a5da180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.489518] ================================================================== [ 12.506115] ================================================================== [ 12.506474] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.506791] Write of size 1 at addr ffff88810a5da0eb by task kunit_try_catch/179 [ 12.507309] [ 12.507448] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.507490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.507501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.507520] Call Trace: [ 12.507537] <TASK> [ 12.507554] dump_stack_lvl+0x73/0xb0 [ 12.507586] print_report+0xd1/0x650 [ 12.507609] ? __virt_addr_valid+0x1db/0x2d0 [ 12.507631] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.507655] ? kasan_addr_to_slab+0x11/0xa0 [ 12.507675] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.507699] kasan_report+0x141/0x180 [ 12.507720] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.507748] __asan_report_store1_noabort+0x1b/0x30 [ 12.507773] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.507799] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.507823] ? finish_task_switch.isra.0+0x153/0x700 [ 12.507846] ? __switch_to+0x47/0xf50 [ 12.507870] ? __schedule+0x10cc/0x2b60 [ 12.507892] ? __pfx_read_tsc+0x10/0x10 [ 12.507917] krealloc_large_less_oob+0x1c/0x30 [ 12.508017] kunit_try_run_case+0x1a5/0x480 [ 12.508041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.508064] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.508089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.508112] ? __kthread_parkme+0x82/0x180 [ 12.508132] ? preempt_count_sub+0x50/0x80 [ 12.508154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.508178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.508202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.508226] kthread+0x337/0x6f0 [ 12.508244] ? trace_preempt_on+0x20/0xc0 [ 12.508268] ? __pfx_kthread+0x10/0x10 [ 12.508304] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.508325] ? calculate_sigpending+0x7b/0xa0 [ 12.508349] ? __pfx_kthread+0x10/0x10 [ 12.508369] ret_from_fork+0x116/0x1d0 [ 12.508388] ? __pfx_kthread+0x10/0x10 [ 12.508408] ret_from_fork_asm+0x1a/0x30 [ 12.508438] </TASK> [ 12.508448] [ 12.515881] The buggy address belongs to the physical page: [ 12.516173] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a5d8 [ 12.516548] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.516868] flags: 0x200000000000040(head|node=0|zone=2) [ 12.517148] page_type: f8(unknown) [ 12.517317] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.517604] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.517916] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.518386] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.518647] head: 0200000000000002 ffffea0004297601 00000000ffffffff 00000000ffffffff [ 12.518882] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.519299] page dumped because: kasan: bad access detected [ 12.519551] [ 12.519642] Memory state around the buggy address: [ 12.519862] ffff88810a5d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.520248] ffff88810a5da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.520577] >ffff88810a5da080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.520885] ^ [ 12.521242] ffff88810a5da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.521474] ffff88810a5da180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.521722] ================================================================== [ 12.301543] ================================================================== [ 12.301874] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.302659] Write of size 1 at addr ffff888100a17cda by task kunit_try_catch/175 [ 12.303059] [ 12.303178] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.303221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.303232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.303277] Call Trace: [ 12.303296] <TASK> [ 12.303316] dump_stack_lvl+0x73/0xb0 [ 12.303361] print_report+0xd1/0x650 [ 12.303383] ? __virt_addr_valid+0x1db/0x2d0 [ 12.303407] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.303433] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.303456] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.303490] kasan_report+0x141/0x180 [ 12.303511] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.303552] __asan_report_store1_noabort+0x1b/0x30 [ 12.303578] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.303603] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.303628] ? finish_task_switch.isra.0+0x153/0x700 [ 12.303651] ? __switch_to+0x47/0xf50 [ 12.303676] ? __schedule+0x10cc/0x2b60 [ 12.303698] ? __pfx_read_tsc+0x10/0x10 [ 12.303731] krealloc_less_oob+0x1c/0x30 [ 12.303752] kunit_try_run_case+0x1a5/0x480 [ 12.303777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.303810] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.303834] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.303858] ? __kthread_parkme+0x82/0x180 [ 12.303879] ? preempt_count_sub+0x50/0x80 [ 12.303901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.303934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.303958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.303983] kthread+0x337/0x6f0 [ 12.304002] ? trace_preempt_on+0x20/0xc0 [ 12.304025] ? __pfx_kthread+0x10/0x10 [ 12.304045] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.304066] ? calculate_sigpending+0x7b/0xa0 [ 12.304090] ? __pfx_kthread+0x10/0x10 [ 12.304111] ret_from_fork+0x116/0x1d0 [ 12.304129] ? __pfx_kthread+0x10/0x10 [ 12.304158] ret_from_fork_asm+0x1a/0x30 [ 12.304189] </TASK> [ 12.304199] [ 12.311521] Allocated by task 175: [ 12.311660] kasan_save_stack+0x45/0x70 [ 12.311888] kasan_save_track+0x18/0x40 [ 12.312084] kasan_save_alloc_info+0x3b/0x50 [ 12.312317] __kasan_krealloc+0x190/0x1f0 [ 12.312499] krealloc_noprof+0xf3/0x340 [ 12.312631] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.312789] krealloc_less_oob+0x1c/0x30 [ 12.312997] kunit_try_run_case+0x1a5/0x480 [ 12.313206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.313510] kthread+0x337/0x6f0 [ 12.313693] ret_from_fork+0x116/0x1d0 [ 12.313902] ret_from_fork_asm+0x1a/0x30 [ 12.314102] [ 12.314171] The buggy address belongs to the object at ffff888100a17c00 [ 12.314171] which belongs to the cache kmalloc-256 of size 256 [ 12.314545] The buggy address is located 17 bytes to the right of [ 12.314545] allocated 201-byte region [ffff888100a17c00, ffff888100a17cc9) [ 12.315106] [ 12.315213] The buggy address belongs to the physical page: [ 12.315453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a16 [ 12.315697] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.315937] flags: 0x200000000000040(head|node=0|zone=2) [ 12.316190] page_type: f5(slab) [ 12.316410] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.316758] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.317114] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.317493] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.317818] head: 0200000000000001 ffffea0004028581 00000000ffffffff 00000000ffffffff [ 12.318795] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.319166] page dumped because: kasan: bad access detected [ 12.319459] [ 12.319561] Memory state around the buggy address: [ 12.319775] ffff888100a17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.320072] ffff888100a17c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.320376] >ffff888100a17c80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.320675] ^ [ 12.320896] ffff888100a17d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.321163] ffff888100a17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.321508] ================================================================== [ 12.489839] ================================================================== [ 12.490235] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.490610] Write of size 1 at addr ffff88810a5da0ea by task kunit_try_catch/179 [ 12.490903] [ 12.491002] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.491043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.491054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.491073] Call Trace: [ 12.491088] <TASK> [ 12.491104] dump_stack_lvl+0x73/0xb0 [ 12.491132] print_report+0xd1/0x650 [ 12.491154] ? __virt_addr_valid+0x1db/0x2d0 [ 12.491176] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.491199] ? kasan_addr_to_slab+0x11/0xa0 [ 12.491219] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.491243] kasan_report+0x141/0x180 [ 12.491264] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.491292] __asan_report_store1_noabort+0x1b/0x30 [ 12.491316] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.491343] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.491367] ? finish_task_switch.isra.0+0x153/0x700 [ 12.491390] ? __switch_to+0x47/0xf50 [ 12.491414] ? __schedule+0x10cc/0x2b60 [ 12.491435] ? __pfx_read_tsc+0x10/0x10 [ 12.491460] krealloc_large_less_oob+0x1c/0x30 [ 12.491483] kunit_try_run_case+0x1a5/0x480 [ 12.491506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.491528] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.491551] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.491575] ? __kthread_parkme+0x82/0x180 [ 12.491595] ? preempt_count_sub+0x50/0x80 [ 12.491617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.491641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.491664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.491689] kthread+0x337/0x6f0 [ 12.491708] ? trace_preempt_on+0x20/0xc0 [ 12.491731] ? __pfx_kthread+0x10/0x10 [ 12.491751] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.491772] ? calculate_sigpending+0x7b/0xa0 [ 12.491796] ? __pfx_kthread+0x10/0x10 [ 12.491816] ret_from_fork+0x116/0x1d0 [ 12.491834] ? __pfx_kthread+0x10/0x10 [ 12.491854] ret_from_fork_asm+0x1a/0x30 [ 12.491884] </TASK> [ 12.491894] [ 12.499537] The buggy address belongs to the physical page: [ 12.499756] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a5d8 [ 12.500066] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.500393] flags: 0x200000000000040(head|node=0|zone=2) [ 12.500660] page_type: f8(unknown) [ 12.500844] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.501277] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.501618] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.501900] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.502351] head: 0200000000000002 ffffea0004297601 00000000ffffffff 00000000ffffffff [ 12.502737] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.503155] page dumped because: kasan: bad access detected [ 12.503432] [ 12.503527] Memory state around the buggy address: [ 12.503753] ffff88810a5d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.504142] ffff88810a5da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.504440] >ffff88810a5da080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.504651] ^ [ 12.505016] ffff88810a5da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.505368] ffff88810a5da180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.505689] ================================================================== [ 12.452939] ================================================================== [ 12.453837] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.454593] Write of size 1 at addr ffff88810a5da0d0 by task kunit_try_catch/179 [ 12.455537] [ 12.455757] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.455803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.455814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.455833] Call Trace: [ 12.455852] <TASK> [ 12.455871] dump_stack_lvl+0x73/0xb0 [ 12.455904] print_report+0xd1/0x650 [ 12.455966] ? __virt_addr_valid+0x1db/0x2d0 [ 12.455991] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.456014] ? kasan_addr_to_slab+0x11/0xa0 [ 12.456034] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.456058] kasan_report+0x141/0x180 [ 12.456079] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.456107] __asan_report_store1_noabort+0x1b/0x30 [ 12.456145] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.456171] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.456195] ? finish_task_switch.isra.0+0x153/0x700 [ 12.456218] ? __switch_to+0x47/0xf50 [ 12.456259] ? __schedule+0x10cc/0x2b60 [ 12.456282] ? __pfx_read_tsc+0x10/0x10 [ 12.456306] krealloc_large_less_oob+0x1c/0x30 [ 12.456328] kunit_try_run_case+0x1a5/0x480 [ 12.456352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.456374] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.456398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.456422] ? __kthread_parkme+0x82/0x180 [ 12.456442] ? preempt_count_sub+0x50/0x80 [ 12.456464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.456487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.456511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.456536] kthread+0x337/0x6f0 [ 12.456554] ? trace_preempt_on+0x20/0xc0 [ 12.456577] ? __pfx_kthread+0x10/0x10 [ 12.456597] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.456618] ? calculate_sigpending+0x7b/0xa0 [ 12.456641] ? __pfx_kthread+0x10/0x10 [ 12.456662] ret_from_fork+0x116/0x1d0 [ 12.456680] ? __pfx_kthread+0x10/0x10 [ 12.456700] ret_from_fork_asm+0x1a/0x30 [ 12.456730] </TASK> [ 12.456740] [ 12.466287] The buggy address belongs to the physical page: [ 12.466574] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a5d8 [ 12.466932] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.467231] flags: 0x200000000000040(head|node=0|zone=2) [ 12.467712] page_type: f8(unknown) [ 12.467872] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.468112] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.468389] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.468793] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.469177] head: 0200000000000002 ffffea0004297601 00000000ffffffff 00000000ffffffff [ 12.469411] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.469986] page dumped because: kasan: bad access detected [ 12.470247] [ 12.470341] Memory state around the buggy address: [ 12.470569] ffff88810a5d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.470855] ffff88810a5da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.471216] >ffff88810a5da080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.471642] ^ [ 12.471865] ffff88810a5da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.472366] ffff88810a5da180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.472580] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.397714] ================================================================== [ 12.398276] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.398910] Write of size 1 at addr ffff88810a6120f0 by task kunit_try_catch/177 [ 12.399633] [ 12.399814] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.399858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.399869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.399889] Call Trace: [ 12.399907] <TASK> [ 12.399941] dump_stack_lvl+0x73/0xb0 [ 12.399972] print_report+0xd1/0x650 [ 12.399995] ? __virt_addr_valid+0x1db/0x2d0 [ 12.400409] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.400444] ? kasan_addr_to_slab+0x11/0xa0 [ 12.400465] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.400490] kasan_report+0x141/0x180 [ 12.400511] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.400539] __asan_report_store1_noabort+0x1b/0x30 [ 12.400564] krealloc_more_oob_helper+0x7eb/0x930 [ 12.400587] ? __schedule+0x10cc/0x2b60 [ 12.400609] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.400634] ? finish_task_switch.isra.0+0x153/0x700 [ 12.400657] ? __switch_to+0x47/0xf50 [ 12.400682] ? __schedule+0x10cc/0x2b60 [ 12.400703] ? __pfx_read_tsc+0x10/0x10 [ 12.400727] krealloc_large_more_oob+0x1c/0x30 [ 12.400751] kunit_try_run_case+0x1a5/0x480 [ 12.400776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.400799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.400822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.400845] ? __kthread_parkme+0x82/0x180 [ 12.400866] ? preempt_count_sub+0x50/0x80 [ 12.400888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.400912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.400952] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.400978] kthread+0x337/0x6f0 [ 12.400996] ? trace_preempt_on+0x20/0xc0 [ 12.401019] ? __pfx_kthread+0x10/0x10 [ 12.401039] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.401061] ? calculate_sigpending+0x7b/0xa0 [ 12.401085] ? __pfx_kthread+0x10/0x10 [ 12.401105] ret_from_fork+0x116/0x1d0 [ 12.401123] ? __pfx_kthread+0x10/0x10 [ 12.401143] ret_from_fork_asm+0x1a/0x30 [ 12.401174] </TASK> [ 12.401184] [ 12.415945] The buggy address belongs to the physical page: [ 12.416213] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a610 [ 12.416915] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.417222] flags: 0x200000000000040(head|node=0|zone=2) [ 12.417638] page_type: f8(unknown) [ 12.417796] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.418046] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.418384] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.418903] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.419155] head: 0200000000000002 ffffea0004298401 00000000ffffffff 00000000ffffffff [ 12.419730] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.420025] page dumped because: kasan: bad access detected [ 12.420196] [ 12.420291] Memory state around the buggy address: [ 12.420656] ffff88810a611f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.420993] ffff88810a612000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.421307] >ffff88810a612080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.421515] ^ [ 12.422103] ffff88810a612100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.422456] ffff88810a612180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.422805] ================================================================== [ 12.367155] ================================================================== [ 12.368380] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.368852] Write of size 1 at addr ffff88810a6120eb by task kunit_try_catch/177 [ 12.369315] [ 12.369753] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.369804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.369816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.369838] Call Trace: [ 12.369851] <TASK> [ 12.369870] dump_stack_lvl+0x73/0xb0 [ 12.369902] print_report+0xd1/0x650 [ 12.369935] ? __virt_addr_valid+0x1db/0x2d0 [ 12.370076] ? krealloc_more_oob_helper+0x821/0x930 [ 12.370102] ? kasan_addr_to_slab+0x11/0xa0 [ 12.370124] ? krealloc_more_oob_helper+0x821/0x930 [ 12.370147] kasan_report+0x141/0x180 [ 12.370169] ? krealloc_more_oob_helper+0x821/0x930 [ 12.370205] __asan_report_store1_noabort+0x1b/0x30 [ 12.370230] krealloc_more_oob_helper+0x821/0x930 [ 12.370253] ? __schedule+0x10cc/0x2b60 [ 12.370275] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.370300] ? finish_task_switch.isra.0+0x153/0x700 [ 12.370325] ? __switch_to+0x47/0xf50 [ 12.370353] ? __schedule+0x10cc/0x2b60 [ 12.370373] ? __pfx_read_tsc+0x10/0x10 [ 12.370397] krealloc_large_more_oob+0x1c/0x30 [ 12.370420] kunit_try_run_case+0x1a5/0x480 [ 12.370445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.370467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.370491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.370515] ? __kthread_parkme+0x82/0x180 [ 12.370535] ? preempt_count_sub+0x50/0x80 [ 12.370557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.370581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.370605] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.370629] kthread+0x337/0x6f0 [ 12.370647] ? trace_preempt_on+0x20/0xc0 [ 12.370671] ? __pfx_kthread+0x10/0x10 [ 12.370691] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.370718] ? calculate_sigpending+0x7b/0xa0 [ 12.370742] ? __pfx_kthread+0x10/0x10 [ 12.370762] ret_from_fork+0x116/0x1d0 [ 12.370780] ? __pfx_kthread+0x10/0x10 [ 12.370800] ret_from_fork_asm+0x1a/0x30 [ 12.370831] </TASK> [ 12.370841] [ 12.387659] The buggy address belongs to the physical page: [ 12.387860] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a610 [ 12.388656] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.389465] flags: 0x200000000000040(head|node=0|zone=2) [ 12.390008] page_type: f8(unknown) [ 12.390379] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.391062] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.391416] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.392335] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.393121] head: 0200000000000002 ffffea0004298401 00000000ffffffff 00000000ffffffff [ 12.393556] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.394195] page dumped because: kasan: bad access detected [ 12.394398] [ 12.394472] Memory state around the buggy address: [ 12.394629] ffff88810a611f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.394853] ffff88810a612000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.395350] >ffff88810a612080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.396123] ^ [ 12.396517] ffff88810a612100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.396738] ffff88810a612180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.396971] ================================================================== [ 12.232379] ================================================================== [ 12.232817] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.233526] Write of size 1 at addr ffff888100a17af0 by task kunit_try_catch/173 [ 12.233792] [ 12.233940] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.233986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.233997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.234061] Call Trace: [ 12.234075] <TASK> [ 12.234093] dump_stack_lvl+0x73/0xb0 [ 12.234126] print_report+0xd1/0x650 [ 12.234149] ? __virt_addr_valid+0x1db/0x2d0 [ 12.234172] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.234195] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.234218] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.234243] kasan_report+0x141/0x180 [ 12.234264] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.234292] __asan_report_store1_noabort+0x1b/0x30 [ 12.234317] krealloc_more_oob_helper+0x7eb/0x930 [ 12.234341] ? __schedule+0x10cc/0x2b60 [ 12.234363] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.234390] ? __kasan_check_write+0x18/0x20 [ 12.234409] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.234447] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 12.234472] ? __pfx_read_tsc+0x10/0x10 [ 12.234498] krealloc_more_oob+0x1c/0x30 [ 12.234532] kunit_try_run_case+0x1a5/0x480 [ 12.234558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.234581] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 12.234603] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.234626] ? __kthread_parkme+0x82/0x180 [ 12.234647] ? preempt_count_sub+0x50/0x80 [ 12.234672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.234696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.234726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.234751] kthread+0x337/0x6f0 [ 12.234769] ? trace_preempt_on+0x20/0xc0 [ 12.234793] ? __pfx_kthread+0x10/0x10 [ 12.234822] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.234843] ? calculate_sigpending+0x7b/0xa0 [ 12.234867] ? __pfx_kthread+0x10/0x10 [ 12.234888] ret_from_fork+0x116/0x1d0 [ 12.234907] ? __pfx_kthread+0x10/0x10 [ 12.234938] ret_from_fork_asm+0x1a/0x30 [ 12.235049] </TASK> [ 12.235060] [ 12.244012] Allocated by task 173: [ 12.244342] kasan_save_stack+0x45/0x70 [ 12.244579] kasan_save_track+0x18/0x40 [ 12.244727] kasan_save_alloc_info+0x3b/0x50 [ 12.245026] __kasan_krealloc+0x190/0x1f0 [ 12.245212] krealloc_noprof+0xf3/0x340 [ 12.245447] krealloc_more_oob_helper+0x1a9/0x930 [ 12.245673] krealloc_more_oob+0x1c/0x30 [ 12.245869] kunit_try_run_case+0x1a5/0x480 [ 12.246150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.246324] kthread+0x337/0x6f0 [ 12.246441] ret_from_fork+0x116/0x1d0 [ 12.246571] ret_from_fork_asm+0x1a/0x30 [ 12.246860] [ 12.247065] The buggy address belongs to the object at ffff888100a17a00 [ 12.247065] which belongs to the cache kmalloc-256 of size 256 [ 12.247579] The buggy address is located 5 bytes to the right of [ 12.247579] allocated 235-byte region [ffff888100a17a00, ffff888100a17aeb) [ 12.248150] [ 12.248302] The buggy address belongs to the physical page: [ 12.248604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a16 [ 12.249103] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.249534] flags: 0x200000000000040(head|node=0|zone=2) [ 12.249785] page_type: f5(slab) [ 12.249938] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.250257] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.250606] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.250874] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.251336] head: 0200000000000001 ffffea0004028581 00000000ffffffff 00000000ffffffff [ 12.251843] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.252548] page dumped because: kasan: bad access detected [ 12.252729] [ 12.252799] Memory state around the buggy address: [ 12.253043] ffff888100a17980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.253582] ffff888100a17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.253938] >ffff888100a17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.254286] ^ [ 12.254655] ffff888100a17b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.255090] ffff888100a17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.255396] ================================================================== [ 12.208560] ================================================================== [ 12.209048] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.209550] Write of size 1 at addr ffff888100a17aeb by task kunit_try_catch/173 [ 12.209876] [ 12.210040] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.210102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.210113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.210134] Call Trace: [ 12.210146] <TASK> [ 12.210163] dump_stack_lvl+0x73/0xb0 [ 12.210195] print_report+0xd1/0x650 [ 12.210218] ? __virt_addr_valid+0x1db/0x2d0 [ 12.210241] ? krealloc_more_oob_helper+0x821/0x930 [ 12.210288] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.210311] ? krealloc_more_oob_helper+0x821/0x930 [ 12.210346] kasan_report+0x141/0x180 [ 12.210367] ? krealloc_more_oob_helper+0x821/0x930 [ 12.210396] __asan_report_store1_noabort+0x1b/0x30 [ 12.210420] krealloc_more_oob_helper+0x821/0x930 [ 12.210443] ? __schedule+0x10cc/0x2b60 [ 12.210465] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.210491] ? __kasan_check_write+0x18/0x20 [ 12.210510] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.210546] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 12.210571] ? __pfx_read_tsc+0x10/0x10 [ 12.210596] krealloc_more_oob+0x1c/0x30 [ 12.210628] kunit_try_run_case+0x1a5/0x480 [ 12.210653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.210675] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 12.210714] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.210737] ? __kthread_parkme+0x82/0x180 [ 12.210759] ? preempt_count_sub+0x50/0x80 [ 12.210784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.210807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.210831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.210856] kthread+0x337/0x6f0 [ 12.210874] ? trace_preempt_on+0x20/0xc0 [ 12.210898] ? __pfx_kthread+0x10/0x10 [ 12.210918] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.211092] ? calculate_sigpending+0x7b/0xa0 [ 12.211124] ? __pfx_kthread+0x10/0x10 [ 12.211146] ret_from_fork+0x116/0x1d0 [ 12.211166] ? __pfx_kthread+0x10/0x10 [ 12.211186] ret_from_fork_asm+0x1a/0x30 [ 12.211217] </TASK> [ 12.211228] [ 12.220349] Allocated by task 173: [ 12.220544] kasan_save_stack+0x45/0x70 [ 12.220791] kasan_save_track+0x18/0x40 [ 12.221111] kasan_save_alloc_info+0x3b/0x50 [ 12.221365] __kasan_krealloc+0x190/0x1f0 [ 12.221574] krealloc_noprof+0xf3/0x340 [ 12.221714] krealloc_more_oob_helper+0x1a9/0x930 [ 12.221993] krealloc_more_oob+0x1c/0x30 [ 12.222242] kunit_try_run_case+0x1a5/0x480 [ 12.222465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.222683] kthread+0x337/0x6f0 [ 12.222811] ret_from_fork+0x116/0x1d0 [ 12.222978] ret_from_fork_asm+0x1a/0x30 [ 12.223189] [ 12.223302] The buggy address belongs to the object at ffff888100a17a00 [ 12.223302] which belongs to the cache kmalloc-256 of size 256 [ 12.223723] The buggy address is located 0 bytes to the right of [ 12.223723] allocated 235-byte region [ffff888100a17a00, ffff888100a17aeb) [ 12.224696] [ 12.224777] The buggy address belongs to the physical page: [ 12.225059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a16 [ 12.225668] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.225891] flags: 0x200000000000040(head|node=0|zone=2) [ 12.226330] page_type: f5(slab) [ 12.226601] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.226878] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.227250] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.227611] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.227944] head: 0200000000000001 ffffea0004028581 00000000ffffffff 00000000ffffffff [ 12.228445] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.228727] page dumped because: kasan: bad access detected [ 12.228976] [ 12.229069] Memory state around the buggy address: [ 12.229250] ffff888100a17980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.229834] ffff888100a17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.230209] >ffff888100a17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.230574] ^ [ 12.230849] ffff888100a17b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.231327] ffff888100a17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.231617] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.188494] ================================================================== [ 12.189162] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.189642] Read of size 1 at addr ffff88810a680000 by task kunit_try_catch/171 [ 12.190073] [ 12.190169] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.190280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.190293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.190327] Call Trace: [ 12.190339] <TASK> [ 12.190357] dump_stack_lvl+0x73/0xb0 [ 12.190391] print_report+0xd1/0x650 [ 12.190414] ? __virt_addr_valid+0x1db/0x2d0 [ 12.190439] ? page_alloc_uaf+0x356/0x3d0 [ 12.190460] ? kasan_addr_to_slab+0x11/0xa0 [ 12.190490] ? page_alloc_uaf+0x356/0x3d0 [ 12.190513] kasan_report+0x141/0x180 [ 12.190534] ? page_alloc_uaf+0x356/0x3d0 [ 12.190572] __asan_report_load1_noabort+0x18/0x20 [ 12.190596] page_alloc_uaf+0x356/0x3d0 [ 12.190618] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.190649] ? __schedule+0x10cc/0x2b60 [ 12.190672] ? __pfx_read_tsc+0x10/0x10 [ 12.190694] ? ktime_get_ts64+0x86/0x230 [ 12.190736] kunit_try_run_case+0x1a5/0x480 [ 12.190764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.190789] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.190813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.190837] ? __kthread_parkme+0x82/0x180 [ 12.190858] ? preempt_count_sub+0x50/0x80 [ 12.190885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.190909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.190989] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.191019] kthread+0x337/0x6f0 [ 12.191039] ? trace_preempt_on+0x20/0xc0 [ 12.191063] ? __pfx_kthread+0x10/0x10 [ 12.191083] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.191105] ? calculate_sigpending+0x7b/0xa0 [ 12.191129] ? __pfx_kthread+0x10/0x10 [ 12.191150] ret_from_fork+0x116/0x1d0 [ 12.191169] ? __pfx_kthread+0x10/0x10 [ 12.191190] ret_from_fork_asm+0x1a/0x30 [ 12.191223] </TASK> [ 12.191236] [ 12.198825] The buggy address belongs to the physical page: [ 12.199382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a680 [ 12.199765] flags: 0x200000000000000(node=0|zone=2) [ 12.200061] page_type: f0(buddy) [ 12.200211] raw: 0200000000000000 ffff88817fffc538 ffff88817fffc538 0000000000000000 [ 12.200572] raw: 0000000000000000 0000000000000007 00000000f0000000 0000000000000000 [ 12.200909] page dumped because: kasan: bad access detected [ 12.201319] [ 12.201420] Memory state around the buggy address: [ 12.201578] ffff88810a67ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.201791] ffff88810a67ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.202111] >ffff88810a680000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.202425] ^ [ 12.202822] ffff88810a680080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.203204] ffff88810a680100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.203719] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.164553] ================================================================== [ 12.165086] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.165390] Free of addr ffff88810a5d8001 by task kunit_try_catch/167 [ 12.165822] [ 12.165941] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.165987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.165998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.166018] Call Trace: [ 12.166033] <TASK> [ 12.166050] dump_stack_lvl+0x73/0xb0 [ 12.166083] print_report+0xd1/0x650 [ 12.166106] ? __virt_addr_valid+0x1db/0x2d0 [ 12.166131] ? kasan_addr_to_slab+0x11/0xa0 [ 12.166151] ? kfree+0x274/0x3f0 [ 12.166172] kasan_report_invalid_free+0x10a/0x130 [ 12.166197] ? kfree+0x274/0x3f0 [ 12.166219] ? kfree+0x274/0x3f0 [ 12.166238] __kasan_kfree_large+0x86/0xd0 [ 12.166332] free_large_kmalloc+0x4b/0x110 [ 12.166357] kfree+0x274/0x3f0 [ 12.166381] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.166404] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.166429] ? __schedule+0x10cc/0x2b60 [ 12.166451] ? __pfx_read_tsc+0x10/0x10 [ 12.166472] ? ktime_get_ts64+0x86/0x230 [ 12.166497] kunit_try_run_case+0x1a5/0x480 [ 12.166521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.166544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.166569] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.166592] ? __kthread_parkme+0x82/0x180 [ 12.166613] ? preempt_count_sub+0x50/0x80 [ 12.166637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.166661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.166685] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.166717] kthread+0x337/0x6f0 [ 12.166735] ? trace_preempt_on+0x20/0xc0 [ 12.166759] ? __pfx_kthread+0x10/0x10 [ 12.166779] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.166801] ? calculate_sigpending+0x7b/0xa0 [ 12.166826] ? __pfx_kthread+0x10/0x10 [ 12.166846] ret_from_fork+0x116/0x1d0 [ 12.166865] ? __pfx_kthread+0x10/0x10 [ 12.166885] ret_from_fork_asm+0x1a/0x30 [ 12.166915] </TASK> [ 12.166937] [ 12.174776] The buggy address belongs to the physical page: [ 12.174976] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a5d8 [ 12.175796] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.176102] flags: 0x200000000000040(head|node=0|zone=2) [ 12.176406] page_type: f8(unknown) [ 12.176577] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.176835] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.177444] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.177706] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.177963] head: 0200000000000002 ffffea0004297601 00000000ffffffff 00000000ffffffff [ 12.178306] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.178636] page dumped because: kasan: bad access detected [ 12.178891] [ 12.179040] Memory state around the buggy address: [ 12.179212] ffff88810a5d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.179529] ffff88810a5d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.179795] >ffff88810a5d8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.180017] ^ [ 12.180134] ffff88810a5d8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.180406] ffff88810a5d8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.181200] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.141453] ================================================================== [ 12.141895] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.142152] Read of size 1 at addr ffff88810a5d8000 by task kunit_try_catch/165 [ 12.142374] [ 12.142463] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.142509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.142519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.142541] Call Trace: [ 12.142552] <TASK> [ 12.142571] dump_stack_lvl+0x73/0xb0 [ 12.142602] print_report+0xd1/0x650 [ 12.142626] ? __virt_addr_valid+0x1db/0x2d0 [ 12.142649] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.142669] ? kasan_addr_to_slab+0x11/0xa0 [ 12.142688] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.142715] kasan_report+0x141/0x180 [ 12.142736] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.142761] __asan_report_load1_noabort+0x18/0x20 [ 12.142784] kmalloc_large_uaf+0x2f1/0x340 [ 12.142804] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.142825] ? __schedule+0x10cc/0x2b60 [ 12.142846] ? __pfx_read_tsc+0x10/0x10 [ 12.142868] ? ktime_get_ts64+0x86/0x230 [ 12.142891] kunit_try_run_case+0x1a5/0x480 [ 12.142915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.143233] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.143284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.143307] ? __kthread_parkme+0x82/0x180 [ 12.143330] ? preempt_count_sub+0x50/0x80 [ 12.143354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.143378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.143403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.143427] kthread+0x337/0x6f0 [ 12.143446] ? trace_preempt_on+0x20/0xc0 [ 12.143469] ? __pfx_kthread+0x10/0x10 [ 12.143489] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.143510] ? calculate_sigpending+0x7b/0xa0 [ 12.143535] ? __pfx_kthread+0x10/0x10 [ 12.143556] ret_from_fork+0x116/0x1d0 [ 12.143574] ? __pfx_kthread+0x10/0x10 [ 12.143594] ret_from_fork_asm+0x1a/0x30 [ 12.143624] </TASK> [ 12.143635] [ 12.156778] The buggy address belongs to the physical page: [ 12.157028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a5d8 [ 12.157605] flags: 0x200000000000000(node=0|zone=2) [ 12.157868] raw: 0200000000000000 ffffea0004297708 ffff88815b139f80 0000000000000000 [ 12.158254] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.158603] page dumped because: kasan: bad access detected [ 12.158856] [ 12.158938] Memory state around the buggy address: [ 12.159169] ffff88810a5d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.159552] ffff88810a5d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.159784] >ffff88810a5d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.160106] ^ [ 12.160345] ffff88810a5d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.160559] ffff88810a5d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.160842] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.119897] ================================================================== [ 12.120613] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.120935] Write of size 1 at addr ffff88810a5d600a by task kunit_try_catch/163 [ 12.121419] [ 12.121557] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.121603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.121615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.121636] Call Trace: [ 12.121648] <TASK> [ 12.121666] dump_stack_lvl+0x73/0xb0 [ 12.121699] print_report+0xd1/0x650 [ 12.121721] ? __virt_addr_valid+0x1db/0x2d0 [ 12.121744] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.121765] ? kasan_addr_to_slab+0x11/0xa0 [ 12.121785] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.121807] kasan_report+0x141/0x180 [ 12.121828] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.121855] __asan_report_store1_noabort+0x1b/0x30 [ 12.121879] kmalloc_large_oob_right+0x2e9/0x330 [ 12.121901] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.121938] ? __schedule+0x10cc/0x2b60 [ 12.122018] ? __pfx_read_tsc+0x10/0x10 [ 12.122040] ? ktime_get_ts64+0x86/0x230 [ 12.122065] kunit_try_run_case+0x1a5/0x480 [ 12.122089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.122113] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.122137] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.122160] ? __kthread_parkme+0x82/0x180 [ 12.122181] ? preempt_count_sub+0x50/0x80 [ 12.122205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.122229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.122253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.122277] kthread+0x337/0x6f0 [ 12.122296] ? trace_preempt_on+0x20/0xc0 [ 12.122333] ? __pfx_kthread+0x10/0x10 [ 12.122353] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.122374] ? calculate_sigpending+0x7b/0xa0 [ 12.122398] ? __pfx_kthread+0x10/0x10 [ 12.122419] ret_from_fork+0x116/0x1d0 [ 12.122436] ? __pfx_kthread+0x10/0x10 [ 12.122456] ret_from_fork_asm+0x1a/0x30 [ 12.122486] </TASK> [ 12.122497] [ 12.129608] The buggy address belongs to the physical page: [ 12.129800] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a5d4 [ 12.130258] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.130638] flags: 0x200000000000040(head|node=0|zone=2) [ 12.130898] page_type: f8(unknown) [ 12.131092] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.131472] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.131723] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.132080] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.132312] head: 0200000000000002 ffffea0004297501 00000000ffffffff 00000000ffffffff [ 12.133049] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.133335] page dumped because: kasan: bad access detected [ 12.133507] [ 12.133575] Memory state around the buggy address: [ 12.134075] ffff88810a5d5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.134377] ffff88810a5d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.134593] >ffff88810a5d6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.134810] ^ [ 12.135043] ffff88810a5d6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.135504] ffff88810a5d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.135837] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.080617] ================================================================== [ 12.081760] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.082035] Write of size 1 at addr ffff888102ba5f00 by task kunit_try_catch/161 [ 12.082250] [ 12.082346] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.082394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.082406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.082428] Call Trace: [ 12.082442] <TASK> [ 12.082461] dump_stack_lvl+0x73/0xb0 [ 12.082493] print_report+0xd1/0x650 [ 12.082528] ? __virt_addr_valid+0x1db/0x2d0 [ 12.082552] ? kmalloc_big_oob_right+0x316/0x370 [ 12.082574] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.082597] ? kmalloc_big_oob_right+0x316/0x370 [ 12.082619] kasan_report+0x141/0x180 [ 12.082640] ? kmalloc_big_oob_right+0x316/0x370 [ 12.082666] __asan_report_store1_noabort+0x1b/0x30 [ 12.082691] kmalloc_big_oob_right+0x316/0x370 [ 12.082721] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.082744] ? __schedule+0x10cc/0x2b60 [ 12.082766] ? __pfx_read_tsc+0x10/0x10 [ 12.082787] ? ktime_get_ts64+0x86/0x230 [ 12.082813] kunit_try_run_case+0x1a5/0x480 [ 12.082839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.082861] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.082886] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.082910] ? __kthread_parkme+0x82/0x180 [ 12.082942] ? preempt_count_sub+0x50/0x80 [ 12.082967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.082991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.083015] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.083040] kthread+0x337/0x6f0 [ 12.083058] ? trace_preempt_on+0x20/0xc0 [ 12.083082] ? __pfx_kthread+0x10/0x10 [ 12.083104] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.083510] ? calculate_sigpending+0x7b/0xa0 [ 12.083538] ? __pfx_kthread+0x10/0x10 [ 12.083560] ret_from_fork+0x116/0x1d0 [ 12.083579] ? __pfx_kthread+0x10/0x10 [ 12.083599] ret_from_fork_asm+0x1a/0x30 [ 12.083631] </TASK> [ 12.083643] [ 12.099653] Allocated by task 161: [ 12.100067] kasan_save_stack+0x45/0x70 [ 12.100402] kasan_save_track+0x18/0x40 [ 12.100537] kasan_save_alloc_info+0x3b/0x50 [ 12.100684] __kasan_kmalloc+0xb7/0xc0 [ 12.100814] __kmalloc_cache_noprof+0x189/0x420 [ 12.101203] kmalloc_big_oob_right+0xa9/0x370 [ 12.101647] kunit_try_run_case+0x1a5/0x480 [ 12.102042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.102592] kthread+0x337/0x6f0 [ 12.102902] ret_from_fork+0x116/0x1d0 [ 12.103304] ret_from_fork_asm+0x1a/0x30 [ 12.103761] [ 12.103946] The buggy address belongs to the object at ffff888102ba4000 [ 12.103946] which belongs to the cache kmalloc-8k of size 8192 [ 12.105173] The buggy address is located 0 bytes to the right of [ 12.105173] allocated 7936-byte region [ffff888102ba4000, ffff888102ba5f00) [ 12.105991] [ 12.106225] The buggy address belongs to the physical page: [ 12.106763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba0 [ 12.107465] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.107700] flags: 0x200000000000040(head|node=0|zone=2) [ 12.107885] page_type: f5(slab) [ 12.108142] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.108523] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.109240] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.109627] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.110293] head: 0200000000000003 ffffea00040ae801 00000000ffffffff 00000000ffffffff [ 12.110619] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.111150] page dumped because: kasan: bad access detected [ 12.111779] [ 12.112046] Memory state around the buggy address: [ 12.112368] ffff888102ba5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.112682] ffff888102ba5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.113203] >ffff888102ba5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.113900] ^ [ 12.114608] ffff888102ba5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.114941] ffff888102ba6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.115233] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.037403] ================================================================== [ 12.037849] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.038428] Write of size 1 at addr ffff88810269ab78 by task kunit_try_catch/159 [ 12.038724] [ 12.038848] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.038893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.038904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.038938] Call Trace: [ 12.038963] <TASK> [ 12.038982] dump_stack_lvl+0x73/0xb0 [ 12.039014] print_report+0xd1/0x650 [ 12.039037] ? __virt_addr_valid+0x1db/0x2d0 [ 12.039061] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.039086] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.039108] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.039133] kasan_report+0x141/0x180 [ 12.039154] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.039184] __asan_report_store1_noabort+0x1b/0x30 [ 12.039209] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.039234] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.039308] ? __schedule+0x10cc/0x2b60 [ 12.039333] ? __pfx_read_tsc+0x10/0x10 [ 12.039355] ? ktime_get_ts64+0x86/0x230 [ 12.039381] kunit_try_run_case+0x1a5/0x480 [ 12.039408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.039430] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.039454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.039478] ? __kthread_parkme+0x82/0x180 [ 12.039498] ? preempt_count_sub+0x50/0x80 [ 12.039523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.039546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.039570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.039594] kthread+0x337/0x6f0 [ 12.039613] ? trace_preempt_on+0x20/0xc0 [ 12.039637] ? __pfx_kthread+0x10/0x10 [ 12.039657] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.039677] ? calculate_sigpending+0x7b/0xa0 [ 12.039702] ? __pfx_kthread+0x10/0x10 [ 12.039722] ret_from_fork+0x116/0x1d0 [ 12.039740] ? __pfx_kthread+0x10/0x10 [ 12.039760] ret_from_fork_asm+0x1a/0x30 [ 12.039792] </TASK> [ 12.039802] [ 12.047456] Allocated by task 159: [ 12.047593] kasan_save_stack+0x45/0x70 [ 12.048597] kasan_save_track+0x18/0x40 [ 12.048801] kasan_save_alloc_info+0x3b/0x50 [ 12.049245] __kasan_kmalloc+0xb7/0xc0 [ 12.049441] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.049685] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.050012] kunit_try_run_case+0x1a5/0x480 [ 12.050235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.050504] kthread+0x337/0x6f0 [ 12.050661] ret_from_fork+0x116/0x1d0 [ 12.050810] ret_from_fork_asm+0x1a/0x30 [ 12.051085] [ 12.051183] The buggy address belongs to the object at ffff88810269ab00 [ 12.051183] which belongs to the cache kmalloc-128 of size 128 [ 12.051699] The buggy address is located 0 bytes to the right of [ 12.051699] allocated 120-byte region [ffff88810269ab00, ffff88810269ab78) [ 12.052257] [ 12.052375] The buggy address belongs to the physical page: [ 12.052553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10269a [ 12.052890] flags: 0x200000000000000(node=0|zone=2) [ 12.053150] page_type: f5(slab) [ 12.053293] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.053645] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.054221] page dumped because: kasan: bad access detected [ 12.054479] [ 12.054559] Memory state around the buggy address: [ 12.054788] ffff88810269aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.055076] ffff88810269aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.055362] >ffff88810269ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.055673] ^ [ 12.056011] ffff88810269ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.056333] ffff88810269ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.056583] ================================================================== [ 12.057368] ================================================================== [ 12.057672] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.058116] Write of size 1 at addr ffff88810269ac78 by task kunit_try_catch/159 [ 12.058444] [ 12.058541] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.058582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.058593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.058612] Call Trace: [ 12.058624] <TASK> [ 12.058640] dump_stack_lvl+0x73/0xb0 [ 12.058668] print_report+0xd1/0x650 [ 12.058689] ? __virt_addr_valid+0x1db/0x2d0 [ 12.058728] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.058755] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.058778] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.058804] kasan_report+0x141/0x180 [ 12.058825] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.058856] __asan_report_store1_noabort+0x1b/0x30 [ 12.058881] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.058906] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.059013] ? __schedule+0x10cc/0x2b60 [ 12.059037] ? __pfx_read_tsc+0x10/0x10 [ 12.059058] ? ktime_get_ts64+0x86/0x230 [ 12.059081] kunit_try_run_case+0x1a5/0x480 [ 12.059106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.059128] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.059151] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.059175] ? __kthread_parkme+0x82/0x180 [ 12.059195] ? preempt_count_sub+0x50/0x80 [ 12.059218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.059242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.059268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.059308] kthread+0x337/0x6f0 [ 12.059327] ? trace_preempt_on+0x20/0xc0 [ 12.059350] ? __pfx_kthread+0x10/0x10 [ 12.059370] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.059391] ? calculate_sigpending+0x7b/0xa0 [ 12.059415] ? __pfx_kthread+0x10/0x10 [ 12.059436] ret_from_fork+0x116/0x1d0 [ 12.059453] ? __pfx_kthread+0x10/0x10 [ 12.059473] ret_from_fork_asm+0x1a/0x30 [ 12.059504] </TASK> [ 12.059514] [ 12.066902] Allocated by task 159: [ 12.067060] kasan_save_stack+0x45/0x70 [ 12.067255] kasan_save_track+0x18/0x40 [ 12.067445] kasan_save_alloc_info+0x3b/0x50 [ 12.067594] __kasan_kmalloc+0xb7/0xc0 [ 12.067740] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.068070] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.068336] kunit_try_run_case+0x1a5/0x480 [ 12.068481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.068723] kthread+0x337/0x6f0 [ 12.068889] ret_from_fork+0x116/0x1d0 [ 12.069149] ret_from_fork_asm+0x1a/0x30 [ 12.069356] [ 12.069453] The buggy address belongs to the object at ffff88810269ac00 [ 12.069453] which belongs to the cache kmalloc-128 of size 128 [ 12.069820] The buggy address is located 0 bytes to the right of [ 12.069820] allocated 120-byte region [ffff88810269ac00, ffff88810269ac78) [ 12.070743] [ 12.070846] The buggy address belongs to the physical page: [ 12.071176] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10269a [ 12.071509] flags: 0x200000000000000(node=0|zone=2) [ 12.071732] page_type: f5(slab) [ 12.071854] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.072162] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.072532] page dumped because: kasan: bad access detected [ 12.072783] [ 12.072874] Memory state around the buggy address: [ 12.073166] ffff88810269ab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.073518] ffff88810269ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.073784] >ffff88810269ac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.074157] ^ [ 12.074464] ffff88810269ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.074729] ffff88810269ad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.075227] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.012273] ================================================================== [ 12.012737] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 12.013114] Read of size 1 at addr ffff888102b6d000 by task kunit_try_catch/157 [ 12.013507] [ 12.013641] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.013689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.013700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.013720] Call Trace: [ 12.013733] <TASK> [ 12.013751] dump_stack_lvl+0x73/0xb0 [ 12.013782] print_report+0xd1/0x650 [ 12.013805] ? __virt_addr_valid+0x1db/0x2d0 [ 12.013828] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.013851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.013874] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.013898] kasan_report+0x141/0x180 [ 12.013919] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.014020] __asan_report_load1_noabort+0x18/0x20 [ 12.014047] kmalloc_node_oob_right+0x369/0x3c0 [ 12.014071] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.014095] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.014122] ? trace_hardirqs_on+0x37/0xe0 [ 12.014145] ? __pfx_read_tsc+0x10/0x10 [ 12.014167] ? ktime_get_ts64+0x86/0x230 [ 12.014190] kunit_try_run_case+0x1a5/0x480 [ 12.014215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.014239] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.014276] ? __kthread_parkme+0x82/0x180 [ 12.014297] ? preempt_count_sub+0x50/0x80 [ 12.014321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.014344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.014368] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.014393] kthread+0x337/0x6f0 [ 12.014411] ? trace_preempt_on+0x20/0xc0 [ 12.014432] ? __pfx_kthread+0x10/0x10 [ 12.014452] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.014473] ? calculate_sigpending+0x7b/0xa0 [ 12.014497] ? __pfx_kthread+0x10/0x10 [ 12.014518] ret_from_fork+0x116/0x1d0 [ 12.014535] ? __pfx_kthread+0x10/0x10 [ 12.014555] ret_from_fork_asm+0x1a/0x30 [ 12.014585] </TASK> [ 12.014596] [ 12.022037] Allocated by task 157: [ 12.022229] kasan_save_stack+0x45/0x70 [ 12.022446] kasan_save_track+0x18/0x40 [ 12.022634] kasan_save_alloc_info+0x3b/0x50 [ 12.022850] __kasan_kmalloc+0xb7/0xc0 [ 12.023063] __kmalloc_cache_node_noprof+0x188/0x420 [ 12.023456] kmalloc_node_oob_right+0xab/0x3c0 [ 12.023627] kunit_try_run_case+0x1a5/0x480 [ 12.023808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.024071] kthread+0x337/0x6f0 [ 12.024237] ret_from_fork+0x116/0x1d0 [ 12.024476] ret_from_fork_asm+0x1a/0x30 [ 12.024621] [ 12.024691] The buggy address belongs to the object at ffff888102b6c000 [ 12.024691] which belongs to the cache kmalloc-4k of size 4096 [ 12.025331] The buggy address is located 0 bytes to the right of [ 12.025331] allocated 4096-byte region [ffff888102b6c000, ffff888102b6d000) [ 12.025785] [ 12.025857] The buggy address belongs to the physical page: [ 12.026105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b68 [ 12.027044] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.027694] flags: 0x200000000000040(head|node=0|zone=2) [ 12.027989] page_type: f5(slab) [ 12.028119] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.028671] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.029053] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.029542] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.029890] head: 0200000000000003 ffffea00040ada01 00000000ffffffff 00000000ffffffff [ 12.030273] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.030624] page dumped because: kasan: bad access detected [ 12.030851] [ 12.030944] Memory state around the buggy address: [ 12.031147] ffff888102b6cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.031593] ffff888102b6cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.031844] >ffff888102b6d000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.032373] ^ [ 12.032520] ffff888102b6d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.032796] ffff888102b6d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.033145] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.986476] ================================================================== [ 11.987344] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.988147] Read of size 1 at addr ffff888101e0ec5f by task kunit_try_catch/155 [ 11.988973] [ 11.989241] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.989293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.989304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.989327] Call Trace: [ 11.989339] <TASK> [ 11.989361] dump_stack_lvl+0x73/0xb0 [ 11.989397] print_report+0xd1/0x650 [ 11.989422] ? __virt_addr_valid+0x1db/0x2d0 [ 11.989446] ? kmalloc_oob_left+0x361/0x3c0 [ 11.989467] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.989490] ? kmalloc_oob_left+0x361/0x3c0 [ 11.989511] kasan_report+0x141/0x180 [ 11.989532] ? kmalloc_oob_left+0x361/0x3c0 [ 11.989557] __asan_report_load1_noabort+0x18/0x20 [ 11.989581] kmalloc_oob_left+0x361/0x3c0 [ 11.989603] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.989625] ? __schedule+0x10cc/0x2b60 [ 11.989647] ? __pfx_read_tsc+0x10/0x10 [ 11.989669] ? ktime_get_ts64+0x86/0x230 [ 11.989695] kunit_try_run_case+0x1a5/0x480 [ 11.989720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.989742] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.989767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.989790] ? __kthread_parkme+0x82/0x180 [ 11.989811] ? preempt_count_sub+0x50/0x80 [ 11.989835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.989859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.989883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.989907] kthread+0x337/0x6f0 [ 11.989938] ? trace_preempt_on+0x20/0xc0 [ 11.989980] ? __pfx_kthread+0x10/0x10 [ 11.989999] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.990021] ? calculate_sigpending+0x7b/0xa0 [ 11.990045] ? __pfx_kthread+0x10/0x10 [ 11.990066] ret_from_fork+0x116/0x1d0 [ 11.990084] ? __pfx_kthread+0x10/0x10 [ 11.990104] ret_from_fork_asm+0x1a/0x30 [ 11.990135] </TASK> [ 11.990146] [ 11.997756] Allocated by task 1: [ 11.997960] kasan_save_stack+0x45/0x70 [ 11.998172] kasan_save_track+0x18/0x40 [ 11.998364] kasan_save_alloc_info+0x3b/0x50 [ 11.998576] __kasan_kmalloc+0xb7/0xc0 [ 11.998774] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.999144] kvasprintf+0xc5/0x150 [ 11.999333] __kthread_create_on_node+0x18b/0x3a0 [ 11.999520] kthread_create_on_node+0xab/0xe0 [ 11.999668] create_worker+0x3e5/0x7b0 [ 11.999841] alloc_unbound_pwq+0x8ea/0xdb0 [ 12.000057] apply_wqattrs_prepare+0x332/0xd20 [ 12.000276] apply_workqueue_attrs_locked+0x4d/0xa0 [ 12.000639] alloc_workqueue+0xcc7/0x1ad0 [ 12.000781] latency_fsnotify_init+0x1b/0x50 [ 12.000986] do_one_initcall+0xd8/0x370 [ 12.001195] kernel_init_freeable+0x420/0x6f0 [ 12.001506] kernel_init+0x23/0x1e0 [ 12.001690] ret_from_fork+0x116/0x1d0 [ 12.001881] ret_from_fork_asm+0x1a/0x30 [ 12.002191] [ 12.002298] The buggy address belongs to the object at ffff888101e0ec40 [ 12.002298] which belongs to the cache kmalloc-16 of size 16 [ 12.002665] The buggy address is located 18 bytes to the right of [ 12.002665] allocated 13-byte region [ffff888101e0ec40, ffff888101e0ec4d) [ 12.003233] [ 12.003332] The buggy address belongs to the physical page: [ 12.003739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e0e [ 12.004027] flags: 0x200000000000000(node=0|zone=2) [ 12.004309] page_type: f5(slab) [ 12.004489] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.004810] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.005241] page dumped because: kasan: bad access detected [ 12.005455] [ 12.005548] Memory state around the buggy address: [ 12.005724] ffff888101e0eb00: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 12.005946] ffff888101e0eb80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 12.006170] >ffff888101e0ec00: 00 04 fc fc 00 04 fc fc 00 05 fc fc 00 07 fc fc [ 12.006483] ^ [ 12.006770] ffff888101e0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.007265] ffff888101e0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.007559] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.944832] ================================================================== [ 11.945169] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.945525] Write of size 1 at addr ffff88810269aa78 by task kunit_try_catch/153 [ 11.945801] [ 11.945886] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.945936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.945949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.945970] Call Trace: [ 11.945986] <TASK> [ 11.946002] dump_stack_lvl+0x73/0xb0 [ 11.946029] print_report+0xd1/0x650 [ 11.946067] ? __virt_addr_valid+0x1db/0x2d0 [ 11.946091] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.946111] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.946134] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.946156] kasan_report+0x141/0x180 [ 11.946177] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.946204] __asan_report_store1_noabort+0x1b/0x30 [ 11.946229] kmalloc_oob_right+0x6bd/0x7f0 [ 11.946259] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.946284] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.946309] kunit_try_run_case+0x1a5/0x480 [ 11.946334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.946356] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.946380] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.946403] ? __kthread_parkme+0x82/0x180 [ 11.946423] ? preempt_count_sub+0x50/0x80 [ 11.946447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.946471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.946495] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.946520] kthread+0x337/0x6f0 [ 11.946538] ? trace_preempt_on+0x20/0xc0 [ 11.946562] ? __pfx_kthread+0x10/0x10 [ 11.946582] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.946603] ? calculate_sigpending+0x7b/0xa0 [ 11.946628] ? __pfx_kthread+0x10/0x10 [ 11.946650] ret_from_fork+0x116/0x1d0 [ 11.946668] ? __pfx_kthread+0x10/0x10 [ 11.946688] ret_from_fork_asm+0x1a/0x30 [ 11.946726] </TASK> [ 11.946736] [ 11.954207] Allocated by task 153: [ 11.954335] kasan_save_stack+0x45/0x70 [ 11.954477] kasan_save_track+0x18/0x40 [ 11.954692] kasan_save_alloc_info+0x3b/0x50 [ 11.955146] __kasan_kmalloc+0xb7/0xc0 [ 11.955430] __kmalloc_cache_noprof+0x189/0x420 [ 11.955664] kmalloc_oob_right+0xa9/0x7f0 [ 11.955830] kunit_try_run_case+0x1a5/0x480 [ 11.956072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.956378] kthread+0x337/0x6f0 [ 11.956539] ret_from_fork+0x116/0x1d0 [ 11.956718] ret_from_fork_asm+0x1a/0x30 [ 11.956895] [ 11.957044] The buggy address belongs to the object at ffff88810269aa00 [ 11.957044] which belongs to the cache kmalloc-128 of size 128 [ 11.957482] The buggy address is located 5 bytes to the right of [ 11.957482] allocated 115-byte region [ffff88810269aa00, ffff88810269aa73) [ 11.957962] [ 11.958033] The buggy address belongs to the physical page: [ 11.958201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10269a [ 11.958546] flags: 0x200000000000000(node=0|zone=2) [ 11.958957] page_type: f5(slab) [ 11.959103] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.959528] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.959795] page dumped because: kasan: bad access detected [ 11.959972] [ 11.960063] Memory state around the buggy address: [ 11.960298] ffff88810269a900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.960717] ffff88810269a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.961123] >ffff88810269aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.961457] ^ [ 11.961714] ffff88810269aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.962098] ffff88810269ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.962365] ================================================================== [ 11.962933] ================================================================== [ 11.963291] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.963624] Read of size 1 at addr ffff88810269aa80 by task kunit_try_catch/153 [ 11.963852] [ 11.963975] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.964015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.964026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.964045] Call Trace: [ 11.964062] <TASK> [ 11.964077] dump_stack_lvl+0x73/0xb0 [ 11.964104] print_report+0xd1/0x650 [ 11.964125] ? __virt_addr_valid+0x1db/0x2d0 [ 11.964147] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.964168] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.964191] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.964213] kasan_report+0x141/0x180 [ 11.964234] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.964260] __asan_report_load1_noabort+0x18/0x20 [ 11.964284] kmalloc_oob_right+0x68a/0x7f0 [ 11.964306] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.964331] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.964356] kunit_try_run_case+0x1a5/0x480 [ 11.964380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.964402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.964426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.964449] ? __kthread_parkme+0x82/0x180 [ 11.964469] ? preempt_count_sub+0x50/0x80 [ 11.964493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.964516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.964540] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.964565] kthread+0x337/0x6f0 [ 11.964583] ? trace_preempt_on+0x20/0xc0 [ 11.964607] ? __pfx_kthread+0x10/0x10 [ 11.964627] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.964648] ? calculate_sigpending+0x7b/0xa0 [ 11.964672] ? __pfx_kthread+0x10/0x10 [ 11.964693] ret_from_fork+0x116/0x1d0 [ 11.964711] ? __pfx_kthread+0x10/0x10 [ 11.964731] ret_from_fork_asm+0x1a/0x30 [ 11.964761] </TASK> [ 11.964771] [ 11.971452] Allocated by task 153: [ 11.971638] kasan_save_stack+0x45/0x70 [ 11.971797] kasan_save_track+0x18/0x40 [ 11.971993] kasan_save_alloc_info+0x3b/0x50 [ 11.972202] __kasan_kmalloc+0xb7/0xc0 [ 11.972467] __kmalloc_cache_noprof+0x189/0x420 [ 11.972621] kmalloc_oob_right+0xa9/0x7f0 [ 11.972760] kunit_try_run_case+0x1a5/0x480 [ 11.972904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.973089] kthread+0x337/0x6f0 [ 11.973209] ret_from_fork+0x116/0x1d0 [ 11.973339] ret_from_fork_asm+0x1a/0x30 [ 11.973479] [ 11.973546] The buggy address belongs to the object at ffff88810269aa00 [ 11.973546] which belongs to the cache kmalloc-128 of size 128 [ 11.974656] The buggy address is located 13 bytes to the right of [ 11.974656] allocated 115-byte region [ffff88810269aa00, ffff88810269aa73) [ 11.975792] [ 11.975902] The buggy address belongs to the physical page: [ 11.976941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10269a [ 11.977280] flags: 0x200000000000000(node=0|zone=2) [ 11.977677] page_type: f5(slab) [ 11.977843] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.978405] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.978819] page dumped because: kasan: bad access detected [ 11.979003] [ 11.979071] Memory state around the buggy address: [ 11.979226] ffff88810269a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.979436] ffff88810269aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.979648] >ffff88810269aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.979856] ^ [ 11.979979] ffff88810269ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.980339] ffff88810269ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.982638] ================================================================== [ 11.920294] ================================================================== [ 11.921362] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.922482] Write of size 1 at addr ffff88810269aa73 by task kunit_try_catch/153 [ 11.923094] [ 11.924218] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.924579] Tainted: [N]=TEST [ 11.924610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.924821] Call Trace: [ 11.924888] <TASK> [ 11.925056] dump_stack_lvl+0x73/0xb0 [ 11.925149] print_report+0xd1/0x650 [ 11.925179] ? __virt_addr_valid+0x1db/0x2d0 [ 11.925205] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.925226] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.925249] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.925271] kasan_report+0x141/0x180 [ 11.925293] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.925319] __asan_report_store1_noabort+0x1b/0x30 [ 11.925344] kmalloc_oob_right+0x6f0/0x7f0 [ 11.925366] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.925390] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.925416] kunit_try_run_case+0x1a5/0x480 [ 11.925442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.925465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.925490] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.925514] ? __kthread_parkme+0x82/0x180 [ 11.925535] ? preempt_count_sub+0x50/0x80 [ 11.925561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.925585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.925610] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.925634] kthread+0x337/0x6f0 [ 11.925653] ? trace_preempt_on+0x20/0xc0 [ 11.925678] ? __pfx_kthread+0x10/0x10 [ 11.925698] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.925720] ? calculate_sigpending+0x7b/0xa0 [ 11.925744] ? __pfx_kthread+0x10/0x10 [ 11.925766] ret_from_fork+0x116/0x1d0 [ 11.925786] ? __pfx_kthread+0x10/0x10 [ 11.925807] ret_from_fork_asm+0x1a/0x30 [ 11.925860] </TASK> [ 11.925936] [ 11.933753] Allocated by task 153: [ 11.934066] kasan_save_stack+0x45/0x70 [ 11.934235] kasan_save_track+0x18/0x40 [ 11.934474] kasan_save_alloc_info+0x3b/0x50 [ 11.934724] __kasan_kmalloc+0xb7/0xc0 [ 11.935010] __kmalloc_cache_noprof+0x189/0x420 [ 11.935263] kmalloc_oob_right+0xa9/0x7f0 [ 11.935450] kunit_try_run_case+0x1a5/0x480 [ 11.935626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.935800] kthread+0x337/0x6f0 [ 11.935919] ret_from_fork+0x116/0x1d0 [ 11.936114] ret_from_fork_asm+0x1a/0x30 [ 11.936366] [ 11.936513] The buggy address belongs to the object at ffff88810269aa00 [ 11.936513] which belongs to the cache kmalloc-128 of size 128 [ 11.937220] The buggy address is located 0 bytes to the right of [ 11.937220] allocated 115-byte region [ffff88810269aa00, ffff88810269aa73) [ 11.937668] [ 11.937809] The buggy address belongs to the physical page: [ 11.938201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10269a [ 11.938798] flags: 0x200000000000000(node=0|zone=2) [ 11.939507] page_type: f5(slab) [ 11.940014] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.940284] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.940903] page dumped because: kasan: bad access detected [ 11.941134] [ 11.941265] Memory state around the buggy address: [ 11.941858] ffff88810269a900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.942255] ffff88810269a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.942516] >ffff88810269aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.942906] ^ [ 11.943333] ffff88810269aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.943660] ffff88810269ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.943904] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 140.970752] WARNING: CPU: 0 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 140.972323] Modules linked in: [ 140.972545] CPU: 0 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.972878] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.973053] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.974162] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 140.974765] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.975899] RSP: 0000:ffff888110e8fc78 EFLAGS: 00010286 [ 140.976688] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 140.977565] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff928337f4 [ 140.977787] RBP: ffff888110e8fca0 R08: 0000000000000000 R09: ffffed1021c32120 [ 140.978298] R10: ffff88810e190907 R11: 0000000000000000 R12: ffffffff928337e0 [ 140.978869] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888110e8fd38 [ 140.979681] FS: 0000000000000000(0000) GS:ffff8881c6872000(0000) knlGS:0000000000000000 [ 140.980167] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.980590] CR2: 00007ffff7ffe000 CR3: 00000001088bc000 CR4: 00000000000006f0 [ 140.981044] DR0: ffffffff94852440 DR1: ffffffff94852441 DR2: ffffffff94852443 [ 140.981351] DR3: ffffffff94852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.981863] Call Trace: [ 140.982165] <TASK> [ 140.982426] drm_test_rect_calc_vscale+0x108/0x270 [ 140.982654] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 140.983862] ? __schedule+0x10cc/0x2b60 [ 140.984041] ? __pfx_read_tsc+0x10/0x10 [ 140.984200] ? ktime_get_ts64+0x86/0x230 [ 140.984342] kunit_try_run_case+0x1a5/0x480 [ 140.984487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.985598] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.985810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.986039] ? __kthread_parkme+0x82/0x180 [ 140.987166] ? preempt_count_sub+0x50/0x80 [ 140.987357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.988409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.988609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.988803] kthread+0x337/0x6f0 [ 140.988925] ? trace_preempt_on+0x20/0xc0 [ 140.989079] ? __pfx_kthread+0x10/0x10 [ 140.989213] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.989361] ? calculate_sigpending+0x7b/0xa0 [ 140.989505] ? __pfx_kthread+0x10/0x10 [ 140.989636] ret_from_fork+0x116/0x1d0 [ 140.989764] ? __pfx_kthread+0x10/0x10 [ 140.989894] ret_from_fork_asm+0x1a/0x30 [ 140.990037] </TASK> [ 140.991316] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.950432] WARNING: CPU: 0 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 140.950886] Modules linked in: [ 140.951919] CPU: 0 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.952456] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.952835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.953402] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 140.953835] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.954850] RSP: 0000:ffff888110de7c78 EFLAGS: 00010286 [ 140.955392] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 140.955781] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff928337bc [ 140.956269] RBP: ffff888110de7ca0 R08: 0000000000000000 R09: ffffed1021c32100 [ 140.956660] R10: ffff88810e190807 R11: 0000000000000000 R12: ffffffff928337a8 [ 140.956969] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888110de7d38 [ 140.957397] FS: 0000000000000000(0000) GS:ffff8881c6872000(0000) knlGS:0000000000000000 [ 140.957746] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.958006] CR2: 00007ffff7ffe000 CR3: 00000001088bc000 CR4: 00000000000006f0 [ 140.958419] DR0: ffffffff94852440 DR1: ffffffff94852441 DR2: ffffffff94852443 [ 140.958711] DR3: ffffffff94852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.959050] Call Trace: [ 140.959340] <TASK> [ 140.959478] drm_test_rect_calc_vscale+0x108/0x270 [ 140.959842] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 140.960301] ? __schedule+0x10cc/0x2b60 [ 140.960516] ? __pfx_read_tsc+0x10/0x10 [ 140.960767] ? ktime_get_ts64+0x86/0x230 [ 140.961128] kunit_try_run_case+0x1a5/0x480 [ 140.961336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.961641] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.961971] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.962453] ? __kthread_parkme+0x82/0x180 [ 140.962746] ? preempt_count_sub+0x50/0x80 [ 140.963168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.963409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.963664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.963892] kthread+0x337/0x6f0 [ 140.964158] ? trace_preempt_on+0x20/0xc0 [ 140.964601] ? __pfx_kthread+0x10/0x10 [ 140.964777] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.965135] ? calculate_sigpending+0x7b/0xa0 [ 140.965400] ? __pfx_kthread+0x10/0x10 [ 140.965560] ret_from_fork+0x116/0x1d0 [ 140.965874] ? __pfx_kthread+0x10/0x10 [ 140.966360] ret_from_fork_asm+0x1a/0x30 [ 140.966609] </TASK> [ 140.966707] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 140.921076] WARNING: CPU: 0 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 140.921716] Modules linked in: [ 140.922131] CPU: 0 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.923013] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.923443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.923731] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 140.923904] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b dc 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.924831] RSP: 0000:ffff888110bd7c78 EFLAGS: 00010286 [ 140.925124] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 140.925681] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff928337f8 [ 140.925947] RBP: ffff888110bd7ca0 R08: 0000000000000000 R09: ffffed1021c320a0 [ 140.926451] R10: ffff88810e190507 R11: 0000000000000000 R12: ffffffff928337e0 [ 140.926726] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888110bd7d38 [ 140.927243] FS: 0000000000000000(0000) GS:ffff8881c6872000(0000) knlGS:0000000000000000 [ 140.927667] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.927882] CR2: 00007ffff7ffe000 CR3: 00000001088bc000 CR4: 00000000000006f0 [ 140.928317] DR0: ffffffff94852440 DR1: ffffffff94852441 DR2: ffffffff94852443 [ 140.928856] DR3: ffffffff94852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.929199] Call Trace: [ 140.929344] <TASK> [ 140.929472] drm_test_rect_calc_hscale+0x108/0x270 [ 140.929680] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 140.929926] ? __schedule+0x10cc/0x2b60 [ 140.930223] ? __pfx_read_tsc+0x10/0x10 [ 140.930377] ? ktime_get_ts64+0x86/0x230 [ 140.930519] kunit_try_run_case+0x1a5/0x480 [ 140.930769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.931223] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.931533] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.931710] ? __kthread_parkme+0x82/0x180 [ 140.931921] ? preempt_count_sub+0x50/0x80 [ 140.932220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.932857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.933088] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.933747] kthread+0x337/0x6f0 [ 140.933890] ? trace_preempt_on+0x20/0xc0 [ 140.934408] ? __pfx_kthread+0x10/0x10 [ 140.934729] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.935087] ? calculate_sigpending+0x7b/0xa0 [ 140.935542] ? __pfx_kthread+0x10/0x10 [ 140.935879] ret_from_fork+0x116/0x1d0 [ 140.936252] ? __pfx_kthread+0x10/0x10 [ 140.936636] ret_from_fork_asm+0x1a/0x30 [ 140.936847] </TASK> [ 140.937270] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.895869] WARNING: CPU: 1 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 140.896903] Modules linked in: [ 140.897082] CPU: 1 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.897416] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.897591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.897852] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 140.898032] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b dc 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.900021] RSP: 0000:ffff888110d0fc78 EFLAGS: 00010286 [ 140.900595] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 140.901307] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff928337c0 [ 140.902187] RBP: ffff888110d0fca0 R08: 0000000000000000 R09: ffffed10218d29a0 [ 140.902835] R10: ffff88810c694d07 R11: 0000000000000000 R12: ffffffff928337a8 [ 140.903652] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888110d0fd38 [ 140.904464] FS: 0000000000000000(0000) GS:ffff8881c6972000(0000) knlGS:0000000000000000 [ 140.905205] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.905587] CR2: 00007ffff7ffe000 CR3: 00000001088bc000 CR4: 00000000000006f0 [ 140.905801] DR0: ffffffff94852444 DR1: ffffffff94852449 DR2: ffffffff9485244a [ 140.906330] DR3: ffffffff9485244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.907326] Call Trace: [ 140.907721] <TASK> [ 140.908152] drm_test_rect_calc_hscale+0x108/0x270 [ 140.908740] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 140.909352] ? __schedule+0x10cc/0x2b60 [ 140.909841] ? __pfx_read_tsc+0x10/0x10 [ 140.910347] ? ktime_get_ts64+0x86/0x230 [ 140.910519] kunit_try_run_case+0x1a5/0x480 [ 140.910678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.910845] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.911007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.911241] ? __kthread_parkme+0x82/0x180 [ 140.911925] ? preempt_count_sub+0x50/0x80 [ 140.912592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.912798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.913488] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.914201] kthread+0x337/0x6f0 [ 140.914346] ? trace_preempt_on+0x20/0xc0 [ 140.914746] ? __pfx_kthread+0x10/0x10 [ 140.915278] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.915700] ? calculate_sigpending+0x7b/0xa0 [ 140.916009] ? __pfx_kthread+0x10/0x10 [ 140.916345] ret_from_fork+0x116/0x1d0 [ 140.916680] ? __pfx_kthread+0x10/0x10 [ 140.916817] ret_from_fork_asm+0x1a/0x30 [ 140.917074] </TASK> [ 140.917338] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 140.292336] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 140.292466] WARNING: CPU: 0 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 140.293614] Modules linked in: [ 140.293800] CPU: 0 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.294538] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.294805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.295195] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 140.295548] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 6d 1d 80 00 48 c7 c1 a0 86 7e 92 4c 89 f2 48 c7 c7 60 83 7e 92 48 89 c6 e8 34 cf 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 140.296820] RSP: 0000:ffff888110517d18 EFLAGS: 00010286 [ 140.297169] RAX: 0000000000000000 RBX: ffff88810e1dc800 RCX: 1ffffffff26a4ce8 [ 140.297478] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.297810] RBP: ffff888110517d48 R08: 0000000000000000 R09: fffffbfff26a4ce8 [ 140.298436] R10: 0000000000000003 R11: 0000000000038ff8 R12: ffff88811085a000 [ 140.298772] R13: ffff88810e1dc8f8 R14: ffff88810c71eb80 R15: ffff88810039fb40 [ 140.299331] FS: 0000000000000000(0000) GS:ffff8881c6872000(0000) knlGS:0000000000000000 [ 140.299821] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.301048] CR2: 00007ffff7ffe000 CR3: 00000001088bc000 CR4: 00000000000006f0 [ 140.301347] DR0: ffffffff94852440 DR1: ffffffff94852441 DR2: ffffffff94852443 [ 140.301566] DR3: ffffffff94852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.301773] Call Trace: [ 140.301874] <TASK> [ 140.301962] ? trace_preempt_on+0x20/0xc0 [ 140.302210] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 140.302531] drm_gem_shmem_free_wrapper+0x12/0x20 [ 140.302785] __kunit_action_free+0x57/0x70 [ 140.303100] kunit_remove_resource+0x133/0x200 [ 140.303502] ? preempt_count_sub+0x50/0x80 [ 140.303654] kunit_cleanup+0x7a/0x120 [ 140.303790] kunit_try_run_case_cleanup+0xbd/0xf0 [ 140.304032] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 140.304644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.305245] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.306020] kthread+0x337/0x6f0 [ 140.306401] ? trace_preempt_on+0x20/0xc0 [ 140.306782] ? __pfx_kthread+0x10/0x10 [ 140.306929] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.307505] ? calculate_sigpending+0x7b/0xa0 [ 140.308001] ? __pfx_kthread+0x10/0x10 [ 140.308325] ret_from_fork+0x116/0x1d0 [ 140.308663] ? __pfx_kthread+0x10/0x10 [ 140.308798] ret_from_fork_asm+0x1a/0x30 [ 140.309024] </TASK> [ 140.309322] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.160217] WARNING: CPU: 0 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 140.161178] Modules linked in: [ 140.161769] CPU: 0 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.162741] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.162934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.164157] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 140.164590] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 140.165426] RSP: 0000:ffff88811046fb30 EFLAGS: 00010246 [ 140.165659] RAX: dffffc0000000000 RBX: ffff88811046fc28 RCX: 0000000000000000 [ 140.165954] RDX: 1ffff1102208df8e RSI: ffff88811046fc28 RDI: ffff88811046fc70 [ 140.166584] RBP: ffff88811046fb70 R08: ffff888110613000 R09: ffffffff927d89e0 [ 140.166850] R10: 0000000000000003 R11: 00000000a5734cfb R12: ffff888110613000 [ 140.167567] R13: ffff88810039fae8 R14: ffff88811046fba8 R15: 0000000000000000 [ 140.167890] FS: 0000000000000000(0000) GS:ffff8881c6872000(0000) knlGS:0000000000000000 [ 140.168451] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.168906] CR2: 00007ffff7ffe000 CR3: 00000001088bc000 CR4: 00000000000006f0 [ 140.169479] DR0: ffffffff94852440 DR1: ffffffff94852441 DR2: ffffffff94852443 [ 140.169933] DR3: ffffffff94852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.170510] Call Trace: [ 140.170624] <TASK> [ 140.170750] ? add_dr+0xc1/0x1d0 [ 140.170964] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.171584] ? add_dr+0x148/0x1d0 [ 140.171723] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.172306] ? __drmm_add_action+0x1a4/0x280 [ 140.172680] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.173070] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.173544] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.173800] ? __schedule+0x10cc/0x2b60 [ 140.174205] ? __pfx_read_tsc+0x10/0x10 [ 140.174533] ? ktime_get_ts64+0x86/0x230 [ 140.174748] kunit_try_run_case+0x1a5/0x480 [ 140.174933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.175564] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.175932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.176403] ? __kthread_parkme+0x82/0x180 [ 140.176619] ? preempt_count_sub+0x50/0x80 [ 140.176815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.177313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.177522] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.178043] kthread+0x337/0x6f0 [ 140.178335] ? trace_preempt_on+0x20/0xc0 [ 140.178535] ? __pfx_kthread+0x10/0x10 [ 140.178865] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.179270] ? calculate_sigpending+0x7b/0xa0 [ 140.179786] ? __pfx_kthread+0x10/0x10 [ 140.180214] ret_from_fork+0x116/0x1d0 [ 140.180573] ? __pfx_kthread+0x10/0x10 [ 140.180767] ret_from_fork_asm+0x1a/0x30 [ 140.181127] </TASK> [ 140.181311] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 140.119374] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 140.119505] WARNING: CPU: 0 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.121625] Modules linked in: [ 140.122247] CPU: 0 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.122900] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.123204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.124312] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.124928] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 3b 3a 87 00 48 c7 c1 c0 38 7d 92 4c 89 fa 48 c7 c7 20 39 7d 92 48 89 c6 e8 02 ec 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.126469] RSP: 0000:ffff888110757b68 EFLAGS: 00010282 [ 140.126660] RAX: 0000000000000000 RBX: ffff888110757c40 RCX: 1ffffffff26a4ce8 [ 140.126876] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.127638] RBP: ffff888110757b90 R08: 0000000000000000 R09: fffffbfff26a4ce8 [ 140.128479] R10: 0000000000000003 R11: 00000000000375b0 R12: ffff888110757c18 [ 140.129482] R13: ffff8881102f3000 R14: ffff888110611000 R15: ffff88810c73e200 [ 140.130455] FS: 0000000000000000(0000) GS:ffff8881c6872000(0000) knlGS:0000000000000000 [ 140.131047] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.131703] CR2: 00007ffff7ffe000 CR3: 00000001088bc000 CR4: 00000000000006f0 [ 140.131917] DR0: ffffffff94852440 DR1: ffffffff94852441 DR2: ffffffff94852443 [ 140.132877] DR3: ffffffff94852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.133704] Call Trace: [ 140.134011] <TASK> [ 140.134406] drm_test_framebuffer_free+0x1ab/0x610 [ 140.134829] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.135100] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.135632] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.136080] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.136702] ? __schedule+0x10cc/0x2b60 [ 140.137101] ? __pfx_read_tsc+0x10/0x10 [ 140.137276] ? ktime_get_ts64+0x86/0x230 [ 140.137939] kunit_try_run_case+0x1a5/0x480 [ 140.138261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.138432] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.138678] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.139262] ? __kthread_parkme+0x82/0x180 [ 140.139778] ? preempt_count_sub+0x50/0x80 [ 140.140231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.140778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.141037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.141764] kthread+0x337/0x6f0 [ 140.142199] ? trace_preempt_on+0x20/0xc0 [ 140.142496] ? __pfx_kthread+0x10/0x10 [ 140.142653] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.143226] ? calculate_sigpending+0x7b/0xa0 [ 140.143479] ? __pfx_kthread+0x10/0x10 [ 140.143619] ret_from_fork+0x116/0x1d0 [ 140.143753] ? __pfx_kthread+0x10/0x10 [ 140.143887] ret_from_fork_asm+0x1a/0x30 [ 140.144275] </TASK> [ 140.144413] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 138.874628] WARNING: CPU: 1 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.875389] Modules linked in: [ 138.875792] CPU: 1 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 138.876495] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.876749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.877189] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.877616] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 25 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 138.878469] RSP: 0000:ffff88810f79fc90 EFLAGS: 00010246 [ 138.878885] RAX: dffffc0000000000 RBX: ffff88810f7aa000 RCX: 0000000000000000 [ 138.879259] RDX: 1ffff11021ef5432 RSI: ffffffff8fa05938 RDI: ffff88810f7aa190 [ 138.879716] RBP: ffff88810f79fca0 R08: 1ffff11020073f69 R09: ffffed1021ef3f65 [ 138.879975] R10: 0000000000000003 R11: ffffffff8e4049da R12: 0000000000000000 [ 138.880420] R13: ffff88810f79fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 138.880778] FS: 0000000000000000(0000) GS:ffff8881c6972000(0000) knlGS:0000000000000000 [ 138.881319] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.881602] CR2: 00007ffff7ffe000 CR3: 00000001088bc000 CR4: 00000000000006f0 [ 138.881885] DR0: ffffffff94852444 DR1: ffffffff94852449 DR2: ffffffff9485244a [ 138.882312] DR3: ffffffff9485244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.882731] Call Trace: [ 138.882903] <TASK> [ 138.883088] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 138.883559] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 138.883899] ? __schedule+0x10cc/0x2b60 [ 138.884246] ? __pfx_read_tsc+0x10/0x10 [ 138.884518] ? ktime_get_ts64+0x86/0x230 [ 138.884727] kunit_try_run_case+0x1a5/0x480 [ 138.884949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.885374] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.885593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.885819] ? __kthread_parkme+0x82/0x180 [ 138.886167] ? preempt_count_sub+0x50/0x80 [ 138.886356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.886589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.886942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.887302] kthread+0x337/0x6f0 [ 138.887570] ? trace_preempt_on+0x20/0xc0 [ 138.887900] ? __pfx_kthread+0x10/0x10 [ 138.888183] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.888399] ? calculate_sigpending+0x7b/0xa0 [ 138.888670] ? __pfx_kthread+0x10/0x10 [ 138.888858] ret_from_fork+0x116/0x1d0 [ 138.889151] ? __pfx_kthread+0x10/0x10 [ 138.889727] ret_from_fork_asm+0x1a/0x30 [ 138.889947] </TASK> [ 138.890244] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 138.796985] WARNING: CPU: 1 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.797639] Modules linked in: [ 138.797866] CPU: 1 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 138.798689] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.798932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.799285] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.799668] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 25 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 138.800741] RSP: 0000:ffff88810f01fc90 EFLAGS: 00010246 [ 138.801236] RAX: dffffc0000000000 RBX: ffff88810f9b0000 RCX: 0000000000000000 [ 138.801724] RDX: 1ffff11021f36032 RSI: ffffffff8fa05938 RDI: ffff88810f9b0190 [ 138.802221] RBP: ffff88810f01fca0 R08: 1ffff11020073f69 R09: ffffed1021e03f65 [ 138.802489] R10: 0000000000000003 R11: ffffffff8ef85b48 R12: 0000000000000000 [ 138.803158] R13: ffff88810f01fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 138.803669] FS: 0000000000000000(0000) GS:ffff8881c6972000(0000) knlGS:0000000000000000 [ 138.804241] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.804525] CR2: 00007ffff7ffe000 CR3: 00000001088bc000 CR4: 00000000000006f0 [ 138.804803] DR0: ffffffff94852444 DR1: ffffffff94852449 DR2: ffffffff9485244a [ 138.805333] DR3: ffffffff9485244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.805741] Call Trace: [ 138.805849] <TASK> [ 138.805985] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 138.806649] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 138.807267] ? __schedule+0x10cc/0x2b60 [ 138.807435] ? __pfx_read_tsc+0x10/0x10 [ 138.807651] ? ktime_get_ts64+0x86/0x230 [ 138.807821] kunit_try_run_case+0x1a5/0x480 [ 138.808342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.808548] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.808774] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.809197] ? __kthread_parkme+0x82/0x180 [ 138.809395] ? preempt_count_sub+0x50/0x80 [ 138.809576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.809806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.810027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.810349] kthread+0x337/0x6f0 [ 138.810592] ? trace_preempt_on+0x20/0xc0 [ 138.810761] ? __pfx_kthread+0x10/0x10 [ 138.810928] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.811265] ? calculate_sigpending+0x7b/0xa0 [ 138.811437] ? __pfx_kthread+0x10/0x10 [ 138.811638] ret_from_fork+0x116/0x1d0 [ 138.811819] ? __pfx_kthread+0x10/0x10 [ 138.811978] ret_from_fork_asm+0x1a/0x30 [ 138.812224] </TASK> [ 138.812316] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 107.315673] WARNING: CPU: 1 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 107.315984] Modules linked in: [ 107.316553] CPU: 1 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 107.317010] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 107.317349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.317719] RIP: 0010:intlog10+0x2a/0x40 [ 107.317916] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 c7 a8 86 02 90 <0f> 0b 90 31 c0 e9 bc a8 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 107.318702] RSP: 0000:ffff888102d97cb0 EFLAGS: 00010246 [ 107.318943] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110205b2fb4 [ 107.319500] RDX: 1ffffffff24d2db4 RSI: 1ffff110205b2fb3 RDI: 0000000000000000 [ 107.319803] RBP: ffff888102d97d60 R08: 0000000000000000 R09: ffffed102196a180 [ 107.320085] R10: ffff88810cb50c07 R11: 0000000000000000 R12: 1ffff110205b2f97 [ 107.320434] R13: ffffffff92696da0 R14: 0000000000000000 R15: ffff888102d97d38 [ 107.320740] FS: 0000000000000000(0000) GS:ffff8881c6972000(0000) knlGS:0000000000000000 [ 107.321309] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.321532] CR2: dffffc0000000000 CR3: 00000001088bc000 CR4: 00000000000006f0 [ 107.321801] DR0: ffffffff94852444 DR1: ffffffff94852449 DR2: ffffffff9485244a [ 107.322433] DR3: ffffffff9485244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.322738] Call Trace: [ 107.322862] <TASK> [ 107.322979] ? intlog10_test+0xf2/0x220 [ 107.323166] ? __pfx_intlog10_test+0x10/0x10 [ 107.323609] ? __schedule+0x10cc/0x2b60 [ 107.323801] ? __pfx_read_tsc+0x10/0x10 [ 107.323965] ? ktime_get_ts64+0x86/0x230 [ 107.324164] kunit_try_run_case+0x1a5/0x480 [ 107.324565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.324774] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.324987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 107.325260] ? __kthread_parkme+0x82/0x180 [ 107.325475] ? preempt_count_sub+0x50/0x80 [ 107.325769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.326122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.326337] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.326556] kthread+0x337/0x6f0 [ 107.326767] ? trace_preempt_on+0x20/0xc0 [ 107.327066] ? __pfx_kthread+0x10/0x10 [ 107.327246] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.327512] ? calculate_sigpending+0x7b/0xa0 [ 107.327709] ? __pfx_kthread+0x10/0x10 [ 107.327877] ret_from_fork+0x116/0x1d0 [ 107.328262] ? __pfx_kthread+0x10/0x10 [ 107.328433] ret_from_fork_asm+0x1a/0x30 [ 107.328654] </TASK> [ 107.328778] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 107.273653] WARNING: CPU: 1 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 107.274814] Modules linked in: [ 107.275298] CPU: 1 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 107.276323] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 107.276822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.277555] RIP: 0010:intlog2+0xdf/0x110 [ 107.278043] Code: 69 92 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 bf e8 55 ff 8b 45 e4 eb [ 107.278832] RSP: 0000:ffff888102667cb0 EFLAGS: 00010246 [ 107.279434] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110204ccfb4 [ 107.280173] RDX: 1ffffffff24d2e08 RSI: 1ffff110204ccfb3 RDI: 0000000000000000 [ 107.280848] RBP: ffff888102667d60 R08: 0000000000000000 R09: ffffed102196a060 [ 107.281674] R10: ffff88810cb50307 R11: 0000000000000000 R12: 1ffff110204ccf97 [ 107.282294] R13: ffffffff92697040 R14: 0000000000000000 R15: ffff888102667d38 [ 107.282555] FS: 0000000000000000(0000) GS:ffff8881c6972000(0000) knlGS:0000000000000000 [ 107.283207] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.283770] CR2: dffffc0000000000 CR3: 00000001088bc000 CR4: 00000000000006f0 [ 107.284544] DR0: ffffffff94852444 DR1: ffffffff94852449 DR2: ffffffff9485244a [ 107.284751] DR3: ffffffff9485244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.284958] Call Trace: [ 107.285065] <TASK> [ 107.285154] ? intlog2_test+0xf2/0x220 [ 107.285305] ? __pfx_intlog2_test+0x10/0x10 [ 107.285448] ? __schedule+0x10cc/0x2b60 [ 107.285587] ? __pfx_read_tsc+0x10/0x10 [ 107.285723] ? ktime_get_ts64+0x86/0x230 [ 107.285862] kunit_try_run_case+0x1a5/0x480 [ 107.286006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.286693] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.287255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 107.287814] ? __kthread_parkme+0x82/0x180 [ 107.288434] ? preempt_count_sub+0x50/0x80 [ 107.288855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.289450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.290036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.290615] kthread+0x337/0x6f0 [ 107.291050] ? trace_preempt_on+0x20/0xc0 [ 107.291498] ? __pfx_kthread+0x10/0x10 [ 107.291876] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.292506] ? calculate_sigpending+0x7b/0xa0 [ 107.292998] ? __pfx_kthread+0x10/0x10 [ 107.293505] ret_from_fork+0x116/0x1d0 [ 107.293908] ? __pfx_kthread+0x10/0x10 [ 107.294419] ret_from_fork_asm+0x1a/0x30 [ 107.294831] </TASK> [ 107.295205] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 106.698288] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI