Date
July 9, 2025, 2:07 p.m.
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.232112] ================================================================== [ 48.232511] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 48.232511] [ 48.232868] Use-after-free read at 0x(____ptrval____) (in kfence-#125): [ 48.233162] test_krealloc+0x6fc/0xbe0 [ 48.233305] kunit_try_run_case+0x1a5/0x480 [ 48.233546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.233863] kthread+0x337/0x6f0 [ 48.234026] ret_from_fork+0x116/0x1d0 [ 48.234229] ret_from_fork_asm+0x1a/0x30 [ 48.234387] [ 48.234463] kfence-#125: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 48.234463] [ 48.234870] allocated by task 354 on cpu 0 at 48.231217s (0.003651s ago): [ 48.235230] test_alloc+0x364/0x10f0 [ 48.235405] test_krealloc+0xad/0xbe0 [ 48.235536] kunit_try_run_case+0x1a5/0x480 [ 48.235735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.236278] kthread+0x337/0x6f0 [ 48.236457] ret_from_fork+0x116/0x1d0 [ 48.236621] ret_from_fork_asm+0x1a/0x30 [ 48.236762] [ 48.236834] freed by task 354 on cpu 0 at 48.231651s (0.005181s ago): [ 48.237137] krealloc_noprof+0x108/0x340 [ 48.237360] test_krealloc+0x226/0xbe0 [ 48.237805] kunit_try_run_case+0x1a5/0x480 [ 48.237993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.238210] kthread+0x337/0x6f0 [ 48.238369] ret_from_fork+0x116/0x1d0 [ 48.238539] ret_from_fork_asm+0x1a/0x30 [ 48.238738] [ 48.239403] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 48.240195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.240521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.241131] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.124631] ================================================================== [ 48.125088] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.125088] [ 48.125561] Use-after-free read at 0x(____ptrval____) (in kfence-#124): [ 48.125950] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.126215] kunit_try_run_case+0x1a5/0x480 [ 48.126448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.126854] kthread+0x337/0x6f0 [ 48.127046] ret_from_fork+0x116/0x1d0 [ 48.127198] ret_from_fork_asm+0x1a/0x30 [ 48.127383] [ 48.127483] kfence-#124: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 48.127483] [ 48.127974] allocated by task 352 on cpu 0 at 48.123135s (0.004836s ago): [ 48.128309] test_alloc+0x2a6/0x10f0 [ 48.128504] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 48.128702] kunit_try_run_case+0x1a5/0x480 [ 48.129086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.129392] kthread+0x337/0x6f0 [ 48.129544] ret_from_fork+0x116/0x1d0 [ 48.129687] ret_from_fork_asm+0x1a/0x30 [ 48.130035] [ 48.130193] freed by task 352 on cpu 0 at 48.123286s (0.006905s ago): [ 48.130508] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 48.130790] kunit_try_run_case+0x1a5/0x480 [ 48.131093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.131314] kthread+0x337/0x6f0 [ 48.131468] ret_from_fork+0x116/0x1d0 [ 48.131667] ret_from_fork_asm+0x1a/0x30 [ 48.131857] [ 48.131988] CPU: 1 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 48.132358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.132508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.132857] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.173175] ================================================================== [ 23.173753] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.173753] [ 23.174378] Invalid read at 0x(____ptrval____): [ 23.174637] test_invalid_access+0xf0/0x210 [ 23.174811] kunit_try_run_case+0x1a5/0x480 [ 23.175027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.175199] kthread+0x337/0x6f0 [ 23.175428] ret_from_fork+0x116/0x1d0 [ 23.175640] ret_from_fork_asm+0x1a/0x30 [ 23.176364] [ 23.176512] CPU: 0 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 23.177473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.177672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.178112] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 22.951362] ================================================================== [ 22.951789] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.951789] [ 22.952194] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#119): [ 22.952907] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.953133] kunit_try_run_case+0x1a5/0x480 [ 22.953351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.953758] kthread+0x337/0x6f0 [ 22.953966] ret_from_fork+0x116/0x1d0 [ 22.954147] ret_from_fork_asm+0x1a/0x30 [ 22.954357] [ 22.954454] kfence-#119: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.954454] [ 22.954889] allocated by task 342 on cpu 0 at 22.951090s (0.003797s ago): [ 22.955137] test_alloc+0x364/0x10f0 [ 22.955346] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 22.955569] kunit_try_run_case+0x1a5/0x480 [ 22.955838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.956097] kthread+0x337/0x6f0 [ 22.956264] ret_from_fork+0x116/0x1d0 [ 22.956448] ret_from_fork_asm+0x1a/0x30 [ 22.956590] [ 22.956691] freed by task 342 on cpu 0 at 22.951235s (0.005454s ago): [ 22.957136] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.957391] kunit_try_run_case+0x1a5/0x480 [ 22.957571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.957828] kthread+0x337/0x6f0 [ 22.958019] ret_from_fork+0x116/0x1d0 [ 22.958226] ret_from_fork_asm+0x1a/0x30 [ 22.958395] [ 22.958520] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 22.959051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.959238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.959527] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 22.743266] ================================================================== [ 22.743710] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.743710] [ 22.744177] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#117): [ 22.744508] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.744701] kunit_try_run_case+0x1a5/0x480 [ 22.744925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.745187] kthread+0x337/0x6f0 [ 22.745366] ret_from_fork+0x116/0x1d0 [ 22.745530] ret_from_fork_asm+0x1a/0x30 [ 22.745725] [ 22.745820] kfence-#117: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.745820] [ 22.746118] allocated by task 340 on cpu 1 at 22.743051s (0.003064s ago): [ 22.746651] test_alloc+0x364/0x10f0 [ 22.746782] test_kmalloc_aligned_oob_read+0x105/0x560 [ 22.746961] kunit_try_run_case+0x1a5/0x480 [ 22.747114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.747382] kthread+0x337/0x6f0 [ 22.747555] ret_from_fork+0x116/0x1d0 [ 22.747757] ret_from_fork_asm+0x1a/0x30 [ 22.747963] [ 22.748089] CPU: 1 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 22.748604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.748782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.749056] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 18.895443] ================================================================== [ 18.895903] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 18.895903] [ 18.896188] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#80): [ 18.896592] test_corruption+0x2df/0x3e0 [ 18.896819] kunit_try_run_case+0x1a5/0x480 [ 18.896978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.897282] kthread+0x337/0x6f0 [ 18.897408] ret_from_fork+0x116/0x1d0 [ 18.897558] ret_from_fork_asm+0x1a/0x30 [ 18.897787] [ 18.897886] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.897886] [ 18.898282] allocated by task 328 on cpu 1 at 18.895179s (0.003101s ago): [ 18.898614] test_alloc+0x364/0x10f0 [ 18.898829] test_corruption+0x1cb/0x3e0 [ 18.898982] kunit_try_run_case+0x1a5/0x480 [ 18.899190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.899368] kthread+0x337/0x6f0 [ 18.899489] ret_from_fork+0x116/0x1d0 [ 18.899692] ret_from_fork_asm+0x1a/0x30 [ 18.899896] [ 18.899992] freed by task 328 on cpu 1 at 18.895282s (0.004707s ago): [ 18.900366] test_corruption+0x2df/0x3e0 [ 18.900504] kunit_try_run_case+0x1a5/0x480 [ 18.900710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.901190] kthread+0x337/0x6f0 [ 18.901322] ret_from_fork+0x116/0x1d0 [ 18.901487] ret_from_fork_asm+0x1a/0x30 [ 18.901636] [ 18.901733] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.902062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.902221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.902619] ================================================================== [ 18.791379] ================================================================== [ 18.791822] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.791822] [ 18.792230] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#79): [ 18.793114] test_corruption+0x2d2/0x3e0 [ 18.793269] kunit_try_run_case+0x1a5/0x480 [ 18.793535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.793819] kthread+0x337/0x6f0 [ 18.794002] ret_from_fork+0x116/0x1d0 [ 18.794201] ret_from_fork_asm+0x1a/0x30 [ 18.794347] [ 18.794443] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.794443] [ 18.794904] allocated by task 328 on cpu 1 at 18.791132s (0.003770s ago): [ 18.795129] test_alloc+0x364/0x10f0 [ 18.795276] test_corruption+0xe6/0x3e0 [ 18.795472] kunit_try_run_case+0x1a5/0x480 [ 18.795695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.795964] kthread+0x337/0x6f0 [ 18.796157] ret_from_fork+0x116/0x1d0 [ 18.796332] ret_from_fork_asm+0x1a/0x30 [ 18.796482] [ 18.796580] freed by task 328 on cpu 1 at 18.791208s (0.005370s ago): [ 18.796879] test_corruption+0x2d2/0x3e0 [ 18.797053] kunit_try_run_case+0x1a5/0x480 [ 18.797203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.797406] kthread+0x337/0x6f0 [ 18.797575] ret_from_fork+0x116/0x1d0 [ 18.797775] ret_from_fork_asm+0x1a/0x30 [ 18.797976] [ 18.798077] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.798456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.798672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.799244] ================================================================== [ 18.999305] ================================================================== [ 18.999724] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 18.999724] [ 19.000168] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#81): [ 19.000741] test_corruption+0x131/0x3e0 [ 19.000891] kunit_try_run_case+0x1a5/0x480 [ 19.001234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.001502] kthread+0x337/0x6f0 [ 19.001676] ret_from_fork+0x116/0x1d0 [ 19.001812] ret_from_fork_asm+0x1a/0x30 [ 19.002025] [ 19.002127] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.002127] [ 19.002450] allocated by task 330 on cpu 1 at 18.999167s (0.003280s ago): [ 19.002790] test_alloc+0x2a6/0x10f0 [ 19.002984] test_corruption+0xe6/0x3e0 [ 19.003133] kunit_try_run_case+0x1a5/0x480 [ 19.003340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.003535] kthread+0x337/0x6f0 [ 19.003716] ret_from_fork+0x116/0x1d0 [ 19.003909] ret_from_fork_asm+0x1a/0x30 [ 19.004431] [ 19.004540] freed by task 330 on cpu 1 at 18.999227s (0.005311s ago): [ 19.004989] test_corruption+0x131/0x3e0 [ 19.005490] kunit_try_run_case+0x1a5/0x480 [ 19.005698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.006054] kthread+0x337/0x6f0 [ 19.006428] ret_from_fork+0x116/0x1d0 [ 19.006617] ret_from_fork_asm+0x1a/0x30 [ 19.006801] [ 19.007069] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.007710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.007947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.008488] ================================================================== [ 19.415246] ================================================================== [ 19.415671] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.415671] [ 19.416023] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#85): [ 19.416799] test_corruption+0x216/0x3e0 [ 19.417009] kunit_try_run_case+0x1a5/0x480 [ 19.417216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.417434] kthread+0x337/0x6f0 [ 19.417628] ret_from_fork+0x116/0x1d0 [ 19.417814] ret_from_fork_asm+0x1a/0x30 [ 19.418482] [ 19.418562] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.418562] [ 19.419161] allocated by task 330 on cpu 1 at 19.415126s (0.004032s ago): [ 19.419627] test_alloc+0x2a6/0x10f0 [ 19.419938] test_corruption+0x1cb/0x3e0 [ 19.420131] kunit_try_run_case+0x1a5/0x480 [ 19.420455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.420776] kthread+0x337/0x6f0 [ 19.420967] ret_from_fork+0x116/0x1d0 [ 19.421143] ret_from_fork_asm+0x1a/0x30 [ 19.421328] [ 19.421407] freed by task 330 on cpu 1 at 19.415165s (0.006240s ago): [ 19.421704] test_corruption+0x216/0x3e0 [ 19.422194] kunit_try_run_case+0x1a5/0x480 [ 19.422372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.422661] kthread+0x337/0x6f0 [ 19.422792] ret_from_fork+0x116/0x1d0 [ 19.422935] ret_from_fork_asm+0x1a/0x30 [ 19.423197] [ 19.423530] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.424163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.424342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.424624] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.583315] ================================================================== [ 18.583738] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.583738] [ 18.584105] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 18.584394] test_invalid_addr_free+0xfb/0x260 [ 18.584606] kunit_try_run_case+0x1a5/0x480 [ 18.584769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.585037] kthread+0x337/0x6f0 [ 18.585209] ret_from_fork+0x116/0x1d0 [ 18.585396] ret_from_fork_asm+0x1a/0x30 [ 18.585542] [ 18.585625] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.585625] [ 18.586046] allocated by task 326 on cpu 0 at 18.583187s (0.002857s ago): [ 18.586360] test_alloc+0x2a6/0x10f0 [ 18.586538] test_invalid_addr_free+0xdb/0x260 [ 18.586750] kunit_try_run_case+0x1a5/0x480 [ 18.586966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.587152] kthread+0x337/0x6f0 [ 18.587324] ret_from_fork+0x116/0x1d0 [ 18.587515] ret_from_fork_asm+0x1a/0x30 [ 18.587725] [ 18.587872] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.588247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.588385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.588794] ================================================================== [ 18.479343] ================================================================== [ 18.479756] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.479756] [ 18.480108] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 18.480391] test_invalid_addr_free+0x1e1/0x260 [ 18.480635] kunit_try_run_case+0x1a5/0x480 [ 18.481416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.481680] kthread+0x337/0x6f0 [ 18.482017] ret_from_fork+0x116/0x1d0 [ 18.482207] ret_from_fork_asm+0x1a/0x30 [ 18.482603] [ 18.482803] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.482803] [ 18.483238] allocated by task 324 on cpu 1 at 18.479191s (0.004045s ago): [ 18.483755] test_alloc+0x364/0x10f0 [ 18.484098] test_invalid_addr_free+0xdb/0x260 [ 18.484310] kunit_try_run_case+0x1a5/0x480 [ 18.484646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.485001] kthread+0x337/0x6f0 [ 18.485183] ret_from_fork+0x116/0x1d0 [ 18.485500] ret_from_fork_asm+0x1a/0x30 [ 18.485790] [ 18.485969] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.486555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.486772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.487272] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.375395] ================================================================== [ 18.375850] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.375850] [ 18.376168] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 18.376459] test_double_free+0x112/0x260 [ 18.376678] kunit_try_run_case+0x1a5/0x480 [ 18.376838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.377064] kthread+0x337/0x6f0 [ 18.377213] ret_from_fork+0x116/0x1d0 [ 18.377351] ret_from_fork_asm+0x1a/0x30 [ 18.377575] [ 18.377684] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.377684] [ 18.378117] allocated by task 322 on cpu 1 at 18.375205s (0.002910s ago): [ 18.378378] test_alloc+0x2a6/0x10f0 [ 18.378543] test_double_free+0xdb/0x260 [ 18.378751] kunit_try_run_case+0x1a5/0x480 [ 18.378972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.379267] kthread+0x337/0x6f0 [ 18.379440] ret_from_fork+0x116/0x1d0 [ 18.379603] ret_from_fork_asm+0x1a/0x30 [ 18.379746] [ 18.379818] freed by task 322 on cpu 1 at 18.375266s (0.004549s ago): [ 18.380098] test_double_free+0xfa/0x260 [ 18.380294] kunit_try_run_case+0x1a5/0x480 [ 18.380546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.380743] kthread+0x337/0x6f0 [ 18.381057] ret_from_fork+0x116/0x1d0 [ 18.381193] ret_from_fork_asm+0x1a/0x30 [ 18.381356] [ 18.381464] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.381841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.382050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.382389] ================================================================== [ 18.271470] ================================================================== [ 18.272040] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.272040] [ 18.272458] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 18.272746] test_double_free+0x1d3/0x260 [ 18.272909] kunit_try_run_case+0x1a5/0x480 [ 18.273294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.273517] kthread+0x337/0x6f0 [ 18.273726] ret_from_fork+0x116/0x1d0 [ 18.273920] ret_from_fork_asm+0x1a/0x30 [ 18.274116] [ 18.274213] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.274213] [ 18.274622] allocated by task 320 on cpu 0 at 18.271182s (0.003437s ago): [ 18.274967] test_alloc+0x364/0x10f0 [ 18.275183] test_double_free+0xdb/0x260 [ 18.275325] kunit_try_run_case+0x1a5/0x480 [ 18.275553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.275839] kthread+0x337/0x6f0 [ 18.275993] ret_from_fork+0x116/0x1d0 [ 18.276198] ret_from_fork_asm+0x1a/0x30 [ 18.276340] [ 18.276411] freed by task 320 on cpu 0 at 18.271248s (0.005160s ago): [ 18.276627] test_double_free+0x1e0/0x260 [ 18.276829] kunit_try_run_case+0x1a5/0x480 [ 18.277034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.277382] kthread+0x337/0x6f0 [ 18.277508] ret_from_fork+0x116/0x1d0 [ 18.277674] ret_from_fork_asm+0x1a/0x30 [ 18.277987] [ 18.278119] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.278635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.278837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.279220] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.855410] ================================================================== [ 17.855922] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.855922] [ 17.856355] Use-after-free read at 0x(____ptrval____) (in kfence-#70): [ 17.856626] test_use_after_free_read+0x129/0x270 [ 17.856859] kunit_try_run_case+0x1a5/0x480 [ 17.857022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.857329] kthread+0x337/0x6f0 [ 17.857501] ret_from_fork+0x116/0x1d0 [ 17.857706] ret_from_fork_asm+0x1a/0x30 [ 17.857906] [ 17.858010] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.858010] [ 17.858415] allocated by task 312 on cpu 1 at 17.855168s (0.003245s ago): [ 17.858661] test_alloc+0x364/0x10f0 [ 17.858861] test_use_after_free_read+0xdc/0x270 [ 17.859167] kunit_try_run_case+0x1a5/0x480 [ 17.859331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.859581] kthread+0x337/0x6f0 [ 17.859713] ret_from_fork+0x116/0x1d0 [ 17.859847] ret_from_fork_asm+0x1a/0x30 [ 17.860293] [ 17.860529] freed by task 312 on cpu 1 at 17.855249s (0.005196s ago): [ 17.861053] test_use_after_free_read+0x1e7/0x270 [ 17.861225] kunit_try_run_case+0x1a5/0x480 [ 17.861413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.861712] kthread+0x337/0x6f0 [ 17.862434] ret_from_fork+0x116/0x1d0 [ 17.862589] ret_from_fork_asm+0x1a/0x30 [ 17.862772] [ 17.862994] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.863326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.863467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.863754] ================================================================== [ 17.959312] ================================================================== [ 17.959766] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.959766] [ 17.960165] Use-after-free read at 0x(____ptrval____) (in kfence-#71): [ 17.960474] test_use_after_free_read+0x129/0x270 [ 17.960704] kunit_try_run_case+0x1a5/0x480 [ 17.961217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.961978] kthread+0x337/0x6f0 [ 17.962160] ret_from_fork+0x116/0x1d0 [ 17.962331] ret_from_fork_asm+0x1a/0x30 [ 17.962527] [ 17.962639] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.962639] [ 17.963393] allocated by task 314 on cpu 1 at 17.959167s (0.004223s ago): [ 17.963759] test_alloc+0x2a6/0x10f0 [ 17.964133] test_use_after_free_read+0xdc/0x270 [ 17.964352] kunit_try_run_case+0x1a5/0x480 [ 17.964702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.965117] kthread+0x337/0x6f0 [ 17.965270] ret_from_fork+0x116/0x1d0 [ 17.965589] ret_from_fork_asm+0x1a/0x30 [ 17.965822] [ 17.965922] freed by task 314 on cpu 1 at 17.959230s (0.006690s ago): [ 17.966484] test_use_after_free_read+0xfb/0x270 [ 17.966704] kunit_try_run_case+0x1a5/0x480 [ 17.967148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.967503] kthread+0x337/0x6f0 [ 17.967704] ret_from_fork+0x116/0x1d0 [ 17.968062] ret_from_fork_asm+0x1a/0x30 [ 17.968252] [ 17.968393] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.969032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.969240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.969758] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.543294] ================================================================== [ 17.543708] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.543708] [ 17.544303] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#67): [ 17.544658] test_out_of_bounds_write+0x10d/0x260 [ 17.545086] kunit_try_run_case+0x1a5/0x480 [ 17.545310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.545503] kthread+0x337/0x6f0 [ 17.545639] ret_from_fork+0x116/0x1d0 [ 17.545803] ret_from_fork_asm+0x1a/0x30 [ 17.546115] [ 17.546369] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.546369] [ 17.546855] allocated by task 308 on cpu 1 at 17.543157s (0.003696s ago): [ 17.547196] test_alloc+0x364/0x10f0 [ 17.547391] test_out_of_bounds_write+0xd4/0x260 [ 17.547558] kunit_try_run_case+0x1a5/0x480 [ 17.547763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.548185] kthread+0x337/0x6f0 [ 17.548391] ret_from_fork+0x116/0x1d0 [ 17.548533] ret_from_fork_asm+0x1a/0x30 [ 17.548730] [ 17.548910] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.549470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.549645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.550202] ================================================================== [ 17.751141] ================================================================== [ 17.751533] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.751533] [ 17.752109] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#69): [ 17.752752] test_out_of_bounds_write+0x10d/0x260 [ 17.752961] kunit_try_run_case+0x1a5/0x480 [ 17.753116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.753381] kthread+0x337/0x6f0 [ 17.753558] ret_from_fork+0x116/0x1d0 [ 17.753763] ret_from_fork_asm+0x1a/0x30 [ 17.754089] [ 17.754178] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.754178] [ 17.754489] allocated by task 310 on cpu 0 at 17.751078s (0.003410s ago): [ 17.754754] test_alloc+0x2a6/0x10f0 [ 17.755026] test_out_of_bounds_write+0xd4/0x260 [ 17.755333] kunit_try_run_case+0x1a5/0x480 [ 17.755571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.755874] kthread+0x337/0x6f0 [ 17.755999] ret_from_fork+0x116/0x1d0 [ 17.756193] ret_from_fork_asm+0x1a/0x30 [ 17.756443] [ 17.756566] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.757158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.757372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.757806] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.439214] ================================================================== [ 17.439616] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.439616] [ 17.440087] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#66): [ 17.440423] test_out_of_bounds_read+0x216/0x4e0 [ 17.440646] kunit_try_run_case+0x1a5/0x480 [ 17.440890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.441081] kthread+0x337/0x6f0 [ 17.441211] ret_from_fork+0x116/0x1d0 [ 17.441406] ret_from_fork_asm+0x1a/0x30 [ 17.441619] [ 17.441720] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.441720] [ 17.442128] allocated by task 306 on cpu 1 at 17.439155s (0.002971s ago): [ 17.442415] test_alloc+0x2a6/0x10f0 [ 17.442551] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.442742] kunit_try_run_case+0x1a5/0x480 [ 17.442959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.443247] kthread+0x337/0x6f0 [ 17.443367] ret_from_fork+0x116/0x1d0 [ 17.443514] ret_from_fork_asm+0x1a/0x30 [ 17.443741] [ 17.443857] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.444431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.444570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.445249] ================================================================== [ 16.920529] ================================================================== [ 16.921515] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.921515] [ 16.922689] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#61): [ 16.923205] test_out_of_bounds_read+0x126/0x4e0 [ 16.923805] kunit_try_run_case+0x1a5/0x480 [ 16.924183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.924452] kthread+0x337/0x6f0 [ 16.924797] ret_from_fork+0x116/0x1d0 [ 16.925094] ret_from_fork_asm+0x1a/0x30 [ 16.925323] [ 16.925855] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.925855] [ 16.926582] allocated by task 304 on cpu 0 at 16.919216s (0.007297s ago): [ 16.927262] test_alloc+0x364/0x10f0 [ 16.927455] test_out_of_bounds_read+0xed/0x4e0 [ 16.927664] kunit_try_run_case+0x1a5/0x480 [ 16.927989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.928498] kthread+0x337/0x6f0 [ 16.928665] ret_from_fork+0x116/0x1d0 [ 16.928899] ret_from_fork_asm+0x1a/0x30 [ 16.929373] [ 16.929532] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.930278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.930580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.931090] ================================================================== [ 17.127332] ================================================================== [ 17.127775] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.127775] [ 17.128276] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#63): [ 17.129104] test_out_of_bounds_read+0x216/0x4e0 [ 17.129526] kunit_try_run_case+0x1a5/0x480 [ 17.129940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.130217] kthread+0x337/0x6f0 [ 17.130514] ret_from_fork+0x116/0x1d0 [ 17.130731] ret_from_fork_asm+0x1a/0x30 [ 17.131149] [ 17.131272] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.131272] [ 17.131821] allocated by task 304 on cpu 0 at 17.127193s (0.004625s ago): [ 17.132243] test_alloc+0x364/0x10f0 [ 17.132416] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.132626] kunit_try_run_case+0x1a5/0x480 [ 17.133149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.133369] kthread+0x337/0x6f0 [ 17.133708] ret_from_fork+0x116/0x1d0 [ 17.134063] ret_from_fork_asm+0x1a/0x30 [ 17.134264] [ 17.134381] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.135084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.135296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.135836] ================================================================== [ 17.335354] ================================================================== [ 17.335771] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.335771] [ 17.336099] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#65): [ 17.336327] test_out_of_bounds_read+0x126/0x4e0 [ 17.336491] kunit_try_run_case+0x1a5/0x480 [ 17.336663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.337000] kthread+0x337/0x6f0 [ 17.337185] ret_from_fork+0x116/0x1d0 [ 17.337327] ret_from_fork_asm+0x1a/0x30 [ 17.337471] [ 17.337544] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.337544] [ 17.337984] allocated by task 306 on cpu 1 at 17.335196s (0.002785s ago): [ 17.338313] test_alloc+0x2a6/0x10f0 [ 17.338447] test_out_of_bounds_read+0xed/0x4e0 [ 17.338618] kunit_try_run_case+0x1a5/0x480 [ 17.338808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.339081] kthread+0x337/0x6f0 [ 17.339257] ret_from_fork+0x116/0x1d0 [ 17.339945] ret_from_fork_asm+0x1a/0x30 [ 17.340122] [ 17.340331] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.340673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.340811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.341075] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.788753] ================================================================== [ 16.789209] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.789459] Write of size 1 at addr ffff8881029c7e78 by task kunit_try_catch/302 [ 16.789703] [ 16.789790] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.789833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.789846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.789867] Call Trace: [ 16.789883] <TASK> [ 16.789899] dump_stack_lvl+0x73/0xb0 [ 16.789926] print_report+0xd1/0x650 [ 16.789949] ? __virt_addr_valid+0x1db/0x2d0 [ 16.789972] ? strncpy_from_user+0x1a5/0x1d0 [ 16.789997] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.790021] ? strncpy_from_user+0x1a5/0x1d0 [ 16.790045] kasan_report+0x141/0x180 [ 16.790068] ? strncpy_from_user+0x1a5/0x1d0 [ 16.790096] __asan_report_store1_noabort+0x1b/0x30 [ 16.790123] strncpy_from_user+0x1a5/0x1d0 [ 16.790149] copy_user_test_oob+0x760/0x10f0 [ 16.790176] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.790200] ? finish_task_switch.isra.0+0x153/0x700 [ 16.790224] ? __switch_to+0x47/0xf50 [ 16.790251] ? __schedule+0x10cc/0x2b60 [ 16.790273] ? __pfx_read_tsc+0x10/0x10 [ 16.790296] ? ktime_get_ts64+0x86/0x230 [ 16.790321] kunit_try_run_case+0x1a5/0x480 [ 16.790346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.790370] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.790395] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.790420] ? __kthread_parkme+0x82/0x180 [ 16.790441] ? preempt_count_sub+0x50/0x80 [ 16.790465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.790491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.790516] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.790543] kthread+0x337/0x6f0 [ 16.790562] ? trace_preempt_on+0x20/0xc0 [ 16.790587] ? __pfx_kthread+0x10/0x10 [ 16.790618] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.790640] ? calculate_sigpending+0x7b/0xa0 [ 16.790665] ? __pfx_kthread+0x10/0x10 [ 16.790687] ret_from_fork+0x116/0x1d0 [ 16.790706] ? __pfx_kthread+0x10/0x10 [ 16.790728] ret_from_fork_asm+0x1a/0x30 [ 16.790760] </TASK> [ 16.790771] [ 16.798642] Allocated by task 302: [ 16.798775] kasan_save_stack+0x45/0x70 [ 16.798990] kasan_save_track+0x18/0x40 [ 16.799181] kasan_save_alloc_info+0x3b/0x50 [ 16.799393] __kasan_kmalloc+0xb7/0xc0 [ 16.799581] __kmalloc_noprof+0x1c9/0x500 [ 16.799937] kunit_kmalloc_array+0x25/0x60 [ 16.800204] copy_user_test_oob+0xab/0x10f0 [ 16.800537] kunit_try_run_case+0x1a5/0x480 [ 16.800694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.800872] kthread+0x337/0x6f0 [ 16.800994] ret_from_fork+0x116/0x1d0 [ 16.801127] ret_from_fork_asm+0x1a/0x30 [ 16.801267] [ 16.801339] The buggy address belongs to the object at ffff8881029c7e00 [ 16.801339] which belongs to the cache kmalloc-128 of size 128 [ 16.802044] The buggy address is located 0 bytes to the right of [ 16.802044] allocated 120-byte region [ffff8881029c7e00, ffff8881029c7e78) [ 16.802605] [ 16.802701] The buggy address belongs to the physical page: [ 16.803114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c7 [ 16.803356] flags: 0x200000000000000(node=0|zone=2) [ 16.803519] page_type: f5(slab) [ 16.803648] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.804145] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.804488] page dumped because: kasan: bad access detected [ 16.804753] [ 16.804847] Memory state around the buggy address: [ 16.805124] ffff8881029c7d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.805402] ffff8881029c7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.805706] >ffff8881029c7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.806013] ^ [ 16.806287] ffff8881029c7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.806505] ffff8881029c7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.806731] ================================================================== [ 16.770495] ================================================================== [ 16.771086] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.771419] Write of size 121 at addr ffff8881029c7e00 by task kunit_try_catch/302 [ 16.771773] [ 16.771882] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.771924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.771951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.771972] Call Trace: [ 16.771989] <TASK> [ 16.772005] dump_stack_lvl+0x73/0xb0 [ 16.772033] print_report+0xd1/0x650 [ 16.772056] ? __virt_addr_valid+0x1db/0x2d0 [ 16.772079] ? strncpy_from_user+0x2e/0x1d0 [ 16.772103] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.772128] ? strncpy_from_user+0x2e/0x1d0 [ 16.772152] kasan_report+0x141/0x180 [ 16.772175] ? strncpy_from_user+0x2e/0x1d0 [ 16.772202] kasan_check_range+0x10c/0x1c0 [ 16.772227] __kasan_check_write+0x18/0x20 [ 16.772248] strncpy_from_user+0x2e/0x1d0 [ 16.772271] ? __kasan_check_read+0x15/0x20 [ 16.772293] copy_user_test_oob+0x760/0x10f0 [ 16.772320] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.772344] ? finish_task_switch.isra.0+0x153/0x700 [ 16.772368] ? __switch_to+0x47/0xf50 [ 16.772395] ? __schedule+0x10cc/0x2b60 [ 16.772417] ? __pfx_read_tsc+0x10/0x10 [ 16.772439] ? ktime_get_ts64+0x86/0x230 [ 16.772464] kunit_try_run_case+0x1a5/0x480 [ 16.772490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.772514] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.772539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.772565] ? __kthread_parkme+0x82/0x180 [ 16.772588] ? preempt_count_sub+0x50/0x80 [ 16.772623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.772648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.772674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.772701] kthread+0x337/0x6f0 [ 16.772721] ? trace_preempt_on+0x20/0xc0 [ 16.772746] ? __pfx_kthread+0x10/0x10 [ 16.772767] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.772789] ? calculate_sigpending+0x7b/0xa0 [ 16.772814] ? __pfx_kthread+0x10/0x10 [ 16.772835] ret_from_fork+0x116/0x1d0 [ 16.772854] ? __pfx_kthread+0x10/0x10 [ 16.772875] ret_from_fork_asm+0x1a/0x30 [ 16.772906] </TASK> [ 16.772917] [ 16.780580] Allocated by task 302: [ 16.780782] kasan_save_stack+0x45/0x70 [ 16.780986] kasan_save_track+0x18/0x40 [ 16.781184] kasan_save_alloc_info+0x3b/0x50 [ 16.781392] __kasan_kmalloc+0xb7/0xc0 [ 16.781580] __kmalloc_noprof+0x1c9/0x500 [ 16.781801] kunit_kmalloc_array+0x25/0x60 [ 16.782011] copy_user_test_oob+0xab/0x10f0 [ 16.782219] kunit_try_run_case+0x1a5/0x480 [ 16.782430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.782676] kthread+0x337/0x6f0 [ 16.782871] ret_from_fork+0x116/0x1d0 [ 16.783033] ret_from_fork_asm+0x1a/0x30 [ 16.783205] [ 16.783288] The buggy address belongs to the object at ffff8881029c7e00 [ 16.783288] which belongs to the cache kmalloc-128 of size 128 [ 16.783678] The buggy address is located 0 bytes inside of [ 16.783678] allocated 120-byte region [ffff8881029c7e00, ffff8881029c7e78) [ 16.784034] [ 16.784105] The buggy address belongs to the physical page: [ 16.784278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c7 [ 16.784517] flags: 0x200000000000000(node=0|zone=2) [ 16.784786] page_type: f5(slab) [ 16.784962] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.785309] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.785662] page dumped because: kasan: bad access detected [ 16.785919] [ 16.786013] Memory state around the buggy address: [ 16.786233] ffff8881029c7d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.786447] ffff8881029c7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.786671] >ffff8881029c7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.787029] ^ [ 16.787352] ffff8881029c7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.787693] ffff8881029c7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.788121] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.691608] ================================================================== [ 16.691991] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.692287] Write of size 121 at addr ffff8881029c7e00 by task kunit_try_catch/302 [ 16.692610] [ 16.692728] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.692777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.692790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.692815] Call Trace: [ 16.692828] <TASK> [ 16.692846] dump_stack_lvl+0x73/0xb0 [ 16.692875] print_report+0xd1/0x650 [ 16.692899] ? __virt_addr_valid+0x1db/0x2d0 [ 16.692924] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.692959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.692985] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.693009] kasan_report+0x141/0x180 [ 16.693033] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.693063] kasan_check_range+0x10c/0x1c0 [ 16.693087] __kasan_check_write+0x18/0x20 [ 16.693107] copy_user_test_oob+0x3fd/0x10f0 [ 16.693134] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.693158] ? finish_task_switch.isra.0+0x153/0x700 [ 16.693184] ? __switch_to+0x47/0xf50 [ 16.693211] ? __schedule+0x10cc/0x2b60 [ 16.693234] ? __pfx_read_tsc+0x10/0x10 [ 16.693256] ? ktime_get_ts64+0x86/0x230 [ 16.693282] kunit_try_run_case+0x1a5/0x480 [ 16.693308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.693332] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.693357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.693382] ? __kthread_parkme+0x82/0x180 [ 16.693404] ? preempt_count_sub+0x50/0x80 [ 16.693429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.693455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.693480] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.693507] kthread+0x337/0x6f0 [ 16.693526] ? trace_preempt_on+0x20/0xc0 [ 16.693551] ? __pfx_kthread+0x10/0x10 [ 16.693573] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.693606] ? calculate_sigpending+0x7b/0xa0 [ 16.693633] ? __pfx_kthread+0x10/0x10 [ 16.693655] ret_from_fork+0x116/0x1d0 [ 16.693675] ? __pfx_kthread+0x10/0x10 [ 16.693696] ret_from_fork_asm+0x1a/0x30 [ 16.693728] </TASK> [ 16.693739] [ 16.700791] Allocated by task 302: [ 16.701113] kasan_save_stack+0x45/0x70 [ 16.701316] kasan_save_track+0x18/0x40 [ 16.701486] kasan_save_alloc_info+0x3b/0x50 [ 16.701646] __kasan_kmalloc+0xb7/0xc0 [ 16.701782] __kmalloc_noprof+0x1c9/0x500 [ 16.701924] kunit_kmalloc_array+0x25/0x60 [ 16.702207] copy_user_test_oob+0xab/0x10f0 [ 16.702419] kunit_try_run_case+0x1a5/0x480 [ 16.702644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.702942] kthread+0x337/0x6f0 [ 16.703115] ret_from_fork+0x116/0x1d0 [ 16.703307] ret_from_fork_asm+0x1a/0x30 [ 16.703678] [ 16.703757] The buggy address belongs to the object at ffff8881029c7e00 [ 16.703757] which belongs to the cache kmalloc-128 of size 128 [ 16.704243] The buggy address is located 0 bytes inside of [ 16.704243] allocated 120-byte region [ffff8881029c7e00, ffff8881029c7e78) [ 16.704691] [ 16.704802] The buggy address belongs to the physical page: [ 16.705061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c7 [ 16.705370] flags: 0x200000000000000(node=0|zone=2) [ 16.705535] page_type: f5(slab) [ 16.705691] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.706034] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.706447] page dumped because: kasan: bad access detected [ 16.706631] [ 16.706700] Memory state around the buggy address: [ 16.707093] ffff8881029c7d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.707403] ffff8881029c7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.707970] >ffff8881029c7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.708243] ^ [ 16.708460] ffff8881029c7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.708740] ffff8881029c7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.709886] ================================================================== [ 16.710683] ================================================================== [ 16.711675] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.712372] Read of size 121 at addr ffff8881029c7e00 by task kunit_try_catch/302 [ 16.713160] [ 16.713328] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.713387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.713402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.713424] Call Trace: [ 16.713442] <TASK> [ 16.713459] dump_stack_lvl+0x73/0xb0 [ 16.713489] print_report+0xd1/0x650 [ 16.713512] ? __virt_addr_valid+0x1db/0x2d0 [ 16.713537] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.713561] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.713585] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.713618] kasan_report+0x141/0x180 [ 16.713641] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.713670] kasan_check_range+0x10c/0x1c0 [ 16.713694] __kasan_check_read+0x15/0x20 [ 16.713714] copy_user_test_oob+0x4aa/0x10f0 [ 16.713740] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.713817] ? finish_task_switch.isra.0+0x153/0x700 [ 16.713844] ? __switch_to+0x47/0xf50 [ 16.713871] ? __schedule+0x10cc/0x2b60 [ 16.713905] ? __pfx_read_tsc+0x10/0x10 [ 16.713927] ? ktime_get_ts64+0x86/0x230 [ 16.713951] kunit_try_run_case+0x1a5/0x480 [ 16.713977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.714001] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.714026] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.714051] ? __kthread_parkme+0x82/0x180 [ 16.714073] ? preempt_count_sub+0x50/0x80 [ 16.714097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.714122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.714148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.714174] kthread+0x337/0x6f0 [ 16.714195] ? trace_preempt_on+0x20/0xc0 [ 16.714219] ? __pfx_kthread+0x10/0x10 [ 16.714241] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.714263] ? calculate_sigpending+0x7b/0xa0 [ 16.714289] ? __pfx_kthread+0x10/0x10 [ 16.714312] ret_from_fork+0x116/0x1d0 [ 16.714330] ? __pfx_kthread+0x10/0x10 [ 16.714351] ret_from_fork_asm+0x1a/0x30 [ 16.714382] </TASK> [ 16.714393] [ 16.726543] Allocated by task 302: [ 16.726747] kasan_save_stack+0x45/0x70 [ 16.726965] kasan_save_track+0x18/0x40 [ 16.727106] kasan_save_alloc_info+0x3b/0x50 [ 16.727276] __kasan_kmalloc+0xb7/0xc0 [ 16.727464] __kmalloc_noprof+0x1c9/0x500 [ 16.727674] kunit_kmalloc_array+0x25/0x60 [ 16.727910] copy_user_test_oob+0xab/0x10f0 [ 16.728071] kunit_try_run_case+0x1a5/0x480 [ 16.728219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.728478] kthread+0x337/0x6f0 [ 16.728663] ret_from_fork+0x116/0x1d0 [ 16.728849] ret_from_fork_asm+0x1a/0x30 [ 16.729007] [ 16.729089] The buggy address belongs to the object at ffff8881029c7e00 [ 16.729089] which belongs to the cache kmalloc-128 of size 128 [ 16.729553] The buggy address is located 0 bytes inside of [ 16.729553] allocated 120-byte region [ffff8881029c7e00, ffff8881029c7e78) [ 16.729983] [ 16.730081] The buggy address belongs to the physical page: [ 16.730328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c7 [ 16.730570] flags: 0x200000000000000(node=0|zone=2) [ 16.730745] page_type: f5(slab) [ 16.730928] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.731279] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.731640] page dumped because: kasan: bad access detected [ 16.731985] [ 16.732058] Memory state around the buggy address: [ 16.732249] ffff8881029c7d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.732467] ffff8881029c7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.732798] >ffff8881029c7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.733151] ^ [ 16.733403] ffff8881029c7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.733634] ffff8881029c7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.734072] ================================================================== [ 16.753006] ================================================================== [ 16.753752] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.754041] Read of size 121 at addr ffff8881029c7e00 by task kunit_try_catch/302 [ 16.754273] [ 16.754362] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.754407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.754420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.754442] Call Trace: [ 16.754459] <TASK> [ 16.754476] dump_stack_lvl+0x73/0xb0 [ 16.754505] print_report+0xd1/0x650 [ 16.754528] ? __virt_addr_valid+0x1db/0x2d0 [ 16.754552] ? copy_user_test_oob+0x604/0x10f0 [ 16.754576] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.754611] ? copy_user_test_oob+0x604/0x10f0 [ 16.754636] kasan_report+0x141/0x180 [ 16.754658] ? copy_user_test_oob+0x604/0x10f0 [ 16.754687] kasan_check_range+0x10c/0x1c0 [ 16.754713] __kasan_check_read+0x15/0x20 [ 16.754733] copy_user_test_oob+0x604/0x10f0 [ 16.754759] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.754783] ? finish_task_switch.isra.0+0x153/0x700 [ 16.754819] ? __switch_to+0x47/0xf50 [ 16.754852] ? __schedule+0x10cc/0x2b60 [ 16.754875] ? __pfx_read_tsc+0x10/0x10 [ 16.754898] ? ktime_get_ts64+0x86/0x230 [ 16.754923] kunit_try_run_case+0x1a5/0x480 [ 16.754950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.754974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.755000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.755025] ? __kthread_parkme+0x82/0x180 [ 16.755047] ? preempt_count_sub+0x50/0x80 [ 16.755071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.755097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.755123] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.755149] kthread+0x337/0x6f0 [ 16.755169] ? trace_preempt_on+0x20/0xc0 [ 16.755194] ? __pfx_kthread+0x10/0x10 [ 16.755216] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.755240] ? calculate_sigpending+0x7b/0xa0 [ 16.755265] ? __pfx_kthread+0x10/0x10 [ 16.755287] ret_from_fork+0x116/0x1d0 [ 16.755306] ? __pfx_kthread+0x10/0x10 [ 16.755327] ret_from_fork_asm+0x1a/0x30 [ 16.755358] </TASK> [ 16.755369] [ 16.762600] Allocated by task 302: [ 16.762754] kasan_save_stack+0x45/0x70 [ 16.762976] kasan_save_track+0x18/0x40 [ 16.763140] kasan_save_alloc_info+0x3b/0x50 [ 16.763339] __kasan_kmalloc+0xb7/0xc0 [ 16.763507] __kmalloc_noprof+0x1c9/0x500 [ 16.763711] kunit_kmalloc_array+0x25/0x60 [ 16.763923] copy_user_test_oob+0xab/0x10f0 [ 16.764114] kunit_try_run_case+0x1a5/0x480 [ 16.764273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.764474] kthread+0x337/0x6f0 [ 16.764654] ret_from_fork+0x116/0x1d0 [ 16.764842] ret_from_fork_asm+0x1a/0x30 [ 16.765052] [ 16.765123] The buggy address belongs to the object at ffff8881029c7e00 [ 16.765123] which belongs to the cache kmalloc-128 of size 128 [ 16.765642] The buggy address is located 0 bytes inside of [ 16.765642] allocated 120-byte region [ffff8881029c7e00, ffff8881029c7e78) [ 16.766147] [ 16.766234] The buggy address belongs to the physical page: [ 16.766471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c7 [ 16.766807] flags: 0x200000000000000(node=0|zone=2) [ 16.767021] page_type: f5(slab) [ 16.767185] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.767478] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.767765] page dumped because: kasan: bad access detected [ 16.768007] [ 16.768076] Memory state around the buggy address: [ 16.768232] ffff8881029c7d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.768450] ffff8881029c7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.768676] >ffff8881029c7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.768979] ^ [ 16.769455] ffff8881029c7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.769740] ffff8881029c7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.769959] ================================================================== [ 16.734854] ================================================================== [ 16.735133] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.735452] Write of size 121 at addr ffff8881029c7e00 by task kunit_try_catch/302 [ 16.735866] [ 16.735967] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.736013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.736025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.736048] Call Trace: [ 16.736065] <TASK> [ 16.736082] dump_stack_lvl+0x73/0xb0 [ 16.736112] print_report+0xd1/0x650 [ 16.736136] ? __virt_addr_valid+0x1db/0x2d0 [ 16.736160] ? copy_user_test_oob+0x557/0x10f0 [ 16.736184] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.736209] ? copy_user_test_oob+0x557/0x10f0 [ 16.736234] kasan_report+0x141/0x180 [ 16.736256] ? copy_user_test_oob+0x557/0x10f0 [ 16.736285] kasan_check_range+0x10c/0x1c0 [ 16.736309] __kasan_check_write+0x18/0x20 [ 16.736329] copy_user_test_oob+0x557/0x10f0 [ 16.736355] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.736379] ? finish_task_switch.isra.0+0x153/0x700 [ 16.736404] ? __switch_to+0x47/0xf50 [ 16.736430] ? __schedule+0x10cc/0x2b60 [ 16.736453] ? __pfx_read_tsc+0x10/0x10 [ 16.736475] ? ktime_get_ts64+0x86/0x230 [ 16.736501] kunit_try_run_case+0x1a5/0x480 [ 16.736526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.736550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.736575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.736612] ? __kthread_parkme+0x82/0x180 [ 16.736634] ? preempt_count_sub+0x50/0x80 [ 16.736658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.736684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.736710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.736736] kthread+0x337/0x6f0 [ 16.736755] ? trace_preempt_on+0x20/0xc0 [ 16.736788] ? __pfx_kthread+0x10/0x10 [ 16.736809] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.736832] ? calculate_sigpending+0x7b/0xa0 [ 16.736858] ? __pfx_kthread+0x10/0x10 [ 16.736880] ret_from_fork+0x116/0x1d0 [ 16.736898] ? __pfx_kthread+0x10/0x10 [ 16.736919] ret_from_fork_asm+0x1a/0x30 [ 16.736954] </TASK> [ 16.736965] [ 16.743862] Allocated by task 302: [ 16.744043] kasan_save_stack+0x45/0x70 [ 16.744241] kasan_save_track+0x18/0x40 [ 16.744431] kasan_save_alloc_info+0x3b/0x50 [ 16.744648] __kasan_kmalloc+0xb7/0xc0 [ 16.744791] __kmalloc_noprof+0x1c9/0x500 [ 16.744997] kunit_kmalloc_array+0x25/0x60 [ 16.745184] copy_user_test_oob+0xab/0x10f0 [ 16.745331] kunit_try_run_case+0x1a5/0x480 [ 16.745478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.745737] kthread+0x337/0x6f0 [ 16.746071] ret_from_fork+0x116/0x1d0 [ 16.746262] ret_from_fork_asm+0x1a/0x30 [ 16.746460] [ 16.746560] The buggy address belongs to the object at ffff8881029c7e00 [ 16.746560] which belongs to the cache kmalloc-128 of size 128 [ 16.747069] The buggy address is located 0 bytes inside of [ 16.747069] allocated 120-byte region [ffff8881029c7e00, ffff8881029c7e78) [ 16.747528] [ 16.747635] The buggy address belongs to the physical page: [ 16.747866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c7 [ 16.748192] flags: 0x200000000000000(node=0|zone=2) [ 16.748405] page_type: f5(slab) [ 16.748575] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.748924] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.749229] page dumped because: kasan: bad access detected [ 16.749457] [ 16.749533] Memory state around the buggy address: [ 16.749750] ffff8881029c7d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.750035] ffff8881029c7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.750327] >ffff8881029c7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.750542] ^ [ 16.750858] ffff8881029c7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.751330] ffff8881029c7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.751552] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.670034] ================================================================== [ 16.670403] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.670851] Read of size 121 at addr ffff8881029c7e00 by task kunit_try_catch/302 [ 16.671135] [ 16.671232] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.671279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.671292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.671315] Call Trace: [ 16.671329] <TASK> [ 16.671347] dump_stack_lvl+0x73/0xb0 [ 16.671377] print_report+0xd1/0x650 [ 16.671401] ? __virt_addr_valid+0x1db/0x2d0 [ 16.671428] ? _copy_to_user+0x3c/0x70 [ 16.671448] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.671473] ? _copy_to_user+0x3c/0x70 [ 16.671493] kasan_report+0x141/0x180 [ 16.671517] ? _copy_to_user+0x3c/0x70 [ 16.671541] kasan_check_range+0x10c/0x1c0 [ 16.671567] __kasan_check_read+0x15/0x20 [ 16.671587] _copy_to_user+0x3c/0x70 [ 16.671621] copy_user_test_oob+0x364/0x10f0 [ 16.671650] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.671676] ? finish_task_switch.isra.0+0x153/0x700 [ 16.671701] ? __switch_to+0x47/0xf50 [ 16.671728] ? __schedule+0x10cc/0x2b60 [ 16.671752] ? __pfx_read_tsc+0x10/0x10 [ 16.671774] ? ktime_get_ts64+0x86/0x230 [ 16.671812] kunit_try_run_case+0x1a5/0x480 [ 16.671837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.671862] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.671888] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.671914] ? __kthread_parkme+0x82/0x180 [ 16.671937] ? preempt_count_sub+0x50/0x80 [ 16.671962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.671987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.672013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.672040] kthread+0x337/0x6f0 [ 16.672061] ? trace_preempt_on+0x20/0xc0 [ 16.672086] ? __pfx_kthread+0x10/0x10 [ 16.672108] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.672131] ? calculate_sigpending+0x7b/0xa0 [ 16.672156] ? __pfx_kthread+0x10/0x10 [ 16.672179] ret_from_fork+0x116/0x1d0 [ 16.672199] ? __pfx_kthread+0x10/0x10 [ 16.672221] ret_from_fork_asm+0x1a/0x30 [ 16.672254] </TASK> [ 16.672265] [ 16.679407] Allocated by task 302: [ 16.679540] kasan_save_stack+0x45/0x70 [ 16.679754] kasan_save_track+0x18/0x40 [ 16.679964] kasan_save_alloc_info+0x3b/0x50 [ 16.680186] __kasan_kmalloc+0xb7/0xc0 [ 16.680376] __kmalloc_noprof+0x1c9/0x500 [ 16.680575] kunit_kmalloc_array+0x25/0x60 [ 16.680810] copy_user_test_oob+0xab/0x10f0 [ 16.680983] kunit_try_run_case+0x1a5/0x480 [ 16.681161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.681422] kthread+0x337/0x6f0 [ 16.681578] ret_from_fork+0x116/0x1d0 [ 16.681749] ret_from_fork_asm+0x1a/0x30 [ 16.681943] [ 16.682018] The buggy address belongs to the object at ffff8881029c7e00 [ 16.682018] which belongs to the cache kmalloc-128 of size 128 [ 16.682422] The buggy address is located 0 bytes inside of [ 16.682422] allocated 120-byte region [ffff8881029c7e00, ffff8881029c7e78) [ 16.683028] [ 16.683132] The buggy address belongs to the physical page: [ 16.683437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c7 [ 16.683690] flags: 0x200000000000000(node=0|zone=2) [ 16.684086] page_type: f5(slab) [ 16.684380] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.684715] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.685044] page dumped because: kasan: bad access detected [ 16.685219] [ 16.685288] Memory state around the buggy address: [ 16.685445] ffff8881029c7d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.685811] ffff8881029c7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.686139] >ffff8881029c7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.686457] ^ [ 16.686761] ffff8881029c7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.687027] ffff8881029c7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.687243] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.648456] ================================================================== [ 16.649125] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.649481] Write of size 121 at addr ffff8881029c7e00 by task kunit_try_catch/302 [ 16.649752] [ 16.649875] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.649927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.649940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.649964] Call Trace: [ 16.649978] <TASK> [ 16.650001] dump_stack_lvl+0x73/0xb0 [ 16.650034] print_report+0xd1/0x650 [ 16.650061] ? __virt_addr_valid+0x1db/0x2d0 [ 16.650112] ? _copy_from_user+0x32/0x90 [ 16.650147] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.650172] ? _copy_from_user+0x32/0x90 [ 16.650195] kasan_report+0x141/0x180 [ 16.650218] ? _copy_from_user+0x32/0x90 [ 16.650244] kasan_check_range+0x10c/0x1c0 [ 16.650269] __kasan_check_write+0x18/0x20 [ 16.650290] _copy_from_user+0x32/0x90 [ 16.650312] copy_user_test_oob+0x2be/0x10f0 [ 16.650340] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.650365] ? finish_task_switch.isra.0+0x153/0x700 [ 16.650391] ? __switch_to+0x47/0xf50 [ 16.650419] ? __schedule+0x10cc/0x2b60 [ 16.650444] ? __pfx_read_tsc+0x10/0x10 [ 16.650468] ? ktime_get_ts64+0x86/0x230 [ 16.650495] kunit_try_run_case+0x1a5/0x480 [ 16.650520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.650544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.650571] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.650607] ? __kthread_parkme+0x82/0x180 [ 16.650630] ? preempt_count_sub+0x50/0x80 [ 16.650655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.650682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.650707] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.650734] kthread+0x337/0x6f0 [ 16.650754] ? trace_preempt_on+0x20/0xc0 [ 16.650781] ? __pfx_kthread+0x10/0x10 [ 16.650835] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.650858] ? calculate_sigpending+0x7b/0xa0 [ 16.650886] ? __pfx_kthread+0x10/0x10 [ 16.650909] ret_from_fork+0x116/0x1d0 [ 16.650929] ? __pfx_kthread+0x10/0x10 [ 16.650951] ret_from_fork_asm+0x1a/0x30 [ 16.650986] </TASK> [ 16.650998] [ 16.658770] Allocated by task 302: [ 16.658918] kasan_save_stack+0x45/0x70 [ 16.659069] kasan_save_track+0x18/0x40 [ 16.659203] kasan_save_alloc_info+0x3b/0x50 [ 16.659601] __kasan_kmalloc+0xb7/0xc0 [ 16.659807] __kmalloc_noprof+0x1c9/0x500 [ 16.660013] kunit_kmalloc_array+0x25/0x60 [ 16.660219] copy_user_test_oob+0xab/0x10f0 [ 16.660434] kunit_try_run_case+0x1a5/0x480 [ 16.660644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.660823] kthread+0x337/0x6f0 [ 16.660945] ret_from_fork+0x116/0x1d0 [ 16.661078] ret_from_fork_asm+0x1a/0x30 [ 16.661220] [ 16.661292] The buggy address belongs to the object at ffff8881029c7e00 [ 16.661292] which belongs to the cache kmalloc-128 of size 128 [ 16.661954] The buggy address is located 0 bytes inside of [ 16.661954] allocated 120-byte region [ffff8881029c7e00, ffff8881029c7e78) [ 16.662604] [ 16.662704] The buggy address belongs to the physical page: [ 16.662937] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c7 [ 16.663188] flags: 0x200000000000000(node=0|zone=2) [ 16.663405] page_type: f5(slab) [ 16.663576] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.663920] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.664179] page dumped because: kasan: bad access detected [ 16.664353] [ 16.664489] Memory state around the buggy address: [ 16.664732] ffff8881029c7d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.665227] ffff8881029c7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.665447] >ffff8881029c7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.665671] ^ [ 16.665886] ffff8881029c7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.666153] ffff8881029c7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.666478] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.585935] ================================================================== [ 16.586652] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.586994] Read of size 8 at addr ffff8881029c7d78 by task kunit_try_catch/298 [ 16.587285] [ 16.587383] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.587433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.587447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.587470] Call Trace: [ 16.587483] <TASK> [ 16.587501] dump_stack_lvl+0x73/0xb0 [ 16.587530] print_report+0xd1/0x650 [ 16.587555] ? __virt_addr_valid+0x1db/0x2d0 [ 16.587579] ? copy_to_kernel_nofault+0x225/0x260 [ 16.588101] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.588136] ? copy_to_kernel_nofault+0x225/0x260 [ 16.588164] kasan_report+0x141/0x180 [ 16.588192] ? copy_to_kernel_nofault+0x225/0x260 [ 16.588224] __asan_report_load8_noabort+0x18/0x20 [ 16.588252] copy_to_kernel_nofault+0x225/0x260 [ 16.588280] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.588307] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.588332] ? finish_task_switch.isra.0+0x153/0x700 [ 16.588358] ? __schedule+0x10cc/0x2b60 [ 16.588381] ? trace_hardirqs_on+0x37/0xe0 [ 16.588414] ? __pfx_read_tsc+0x10/0x10 [ 16.588438] ? ktime_get_ts64+0x86/0x230 [ 16.588464] kunit_try_run_case+0x1a5/0x480 [ 16.588490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.588515] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.588540] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.588565] ? __kthread_parkme+0x82/0x180 [ 16.588589] ? preempt_count_sub+0x50/0x80 [ 16.588625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.588652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.588677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.588705] kthread+0x337/0x6f0 [ 16.588725] ? trace_preempt_on+0x20/0xc0 [ 16.588749] ? __pfx_kthread+0x10/0x10 [ 16.588805] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.588829] ? calculate_sigpending+0x7b/0xa0 [ 16.588855] ? __pfx_kthread+0x10/0x10 [ 16.588878] ret_from_fork+0x116/0x1d0 [ 16.588898] ? __pfx_kthread+0x10/0x10 [ 16.588920] ret_from_fork_asm+0x1a/0x30 [ 16.588952] </TASK> [ 16.588964] [ 16.600838] Allocated by task 298: [ 16.601211] kasan_save_stack+0x45/0x70 [ 16.601641] kasan_save_track+0x18/0x40 [ 16.601964] kasan_save_alloc_info+0x3b/0x50 [ 16.602188] __kasan_kmalloc+0xb7/0xc0 [ 16.602533] __kmalloc_cache_noprof+0x189/0x420 [ 16.602771] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.603251] kunit_try_run_case+0x1a5/0x480 [ 16.603665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.603955] kthread+0x337/0x6f0 [ 16.604319] ret_from_fork+0x116/0x1d0 [ 16.604468] ret_from_fork_asm+0x1a/0x30 [ 16.604835] [ 16.604944] The buggy address belongs to the object at ffff8881029c7d00 [ 16.604944] which belongs to the cache kmalloc-128 of size 128 [ 16.605501] The buggy address is located 0 bytes to the right of [ 16.605501] allocated 120-byte region [ffff8881029c7d00, ffff8881029c7d78) [ 16.606309] [ 16.606591] The buggy address belongs to the physical page: [ 16.606868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c7 [ 16.607447] flags: 0x200000000000000(node=0|zone=2) [ 16.607824] page_type: f5(slab) [ 16.608113] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.608641] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.609062] page dumped because: kasan: bad access detected [ 16.609345] [ 16.609513] Memory state around the buggy address: [ 16.609734] ffff8881029c7c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.610348] ffff8881029c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.610690] >ffff8881029c7d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.611245] ^ [ 16.611555] ffff8881029c7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.612079] ffff8881029c7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.612389] ================================================================== [ 16.613083] ================================================================== [ 16.613486] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.614106] Write of size 8 at addr ffff8881029c7d78 by task kunit_try_catch/298 [ 16.614462] [ 16.614586] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.614643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.614657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.614681] Call Trace: [ 16.614704] <TASK> [ 16.614724] dump_stack_lvl+0x73/0xb0 [ 16.614758] print_report+0xd1/0x650 [ 16.615021] ? __virt_addr_valid+0x1db/0x2d0 [ 16.615051] ? copy_to_kernel_nofault+0x99/0x260 [ 16.615078] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.615103] ? copy_to_kernel_nofault+0x99/0x260 [ 16.615129] kasan_report+0x141/0x180 [ 16.615152] ? copy_to_kernel_nofault+0x99/0x260 [ 16.615181] kasan_check_range+0x10c/0x1c0 [ 16.615206] __kasan_check_write+0x18/0x20 [ 16.615227] copy_to_kernel_nofault+0x99/0x260 [ 16.615254] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.615281] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.615307] ? finish_task_switch.isra.0+0x153/0x700 [ 16.615332] ? __schedule+0x10cc/0x2b60 [ 16.615354] ? trace_hardirqs_on+0x37/0xe0 [ 16.615389] ? __pfx_read_tsc+0x10/0x10 [ 16.615412] ? ktime_get_ts64+0x86/0x230 [ 16.615438] kunit_try_run_case+0x1a5/0x480 [ 16.615464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.615488] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.615514] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.615539] ? __kthread_parkme+0x82/0x180 [ 16.615561] ? preempt_count_sub+0x50/0x80 [ 16.615585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.615625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.615651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.615677] kthread+0x337/0x6f0 [ 16.615697] ? trace_preempt_on+0x20/0xc0 [ 16.615721] ? __pfx_kthread+0x10/0x10 [ 16.615743] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.615766] ? calculate_sigpending+0x7b/0xa0 [ 16.615813] ? __pfx_kthread+0x10/0x10 [ 16.615842] ret_from_fork+0x116/0x1d0 [ 16.615863] ? __pfx_kthread+0x10/0x10 [ 16.615885] ret_from_fork_asm+0x1a/0x30 [ 16.615918] </TASK> [ 16.615929] [ 16.626497] Allocated by task 298: [ 16.626885] kasan_save_stack+0x45/0x70 [ 16.627074] kasan_save_track+0x18/0x40 [ 16.627256] kasan_save_alloc_info+0x3b/0x50 [ 16.627533] __kasan_kmalloc+0xb7/0xc0 [ 16.627869] __kmalloc_cache_noprof+0x189/0x420 [ 16.628074] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.628417] kunit_try_run_case+0x1a5/0x480 [ 16.628634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.629007] kthread+0x337/0x6f0 [ 16.629162] ret_from_fork+0x116/0x1d0 [ 16.629311] ret_from_fork_asm+0x1a/0x30 [ 16.629630] [ 16.629731] The buggy address belongs to the object at ffff8881029c7d00 [ 16.629731] which belongs to the cache kmalloc-128 of size 128 [ 16.630493] The buggy address is located 0 bytes to the right of [ 16.630493] allocated 120-byte region [ffff8881029c7d00, ffff8881029c7d78) [ 16.631257] [ 16.631432] The buggy address belongs to the physical page: [ 16.631809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c7 [ 16.632101] flags: 0x200000000000000(node=0|zone=2) [ 16.632455] page_type: f5(slab) [ 16.632642] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.633049] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.633355] page dumped because: kasan: bad access detected [ 16.633623] [ 16.633710] Memory state around the buggy address: [ 16.634147] ffff8881029c7c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.634403] ffff8881029c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.634818] >ffff8881029c7d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.635285] ^ [ 16.635542] ffff8881029c7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.635994] ffff8881029c7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.636249] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 15.404007] ================================================================== [ 15.404829] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.405274] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.405859] [ 15.406102] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.406152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.406165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.406292] Call Trace: [ 15.406310] <TASK> [ 15.406329] dump_stack_lvl+0x73/0xb0 [ 15.406362] print_report+0xd1/0x650 [ 15.406386] ? __virt_addr_valid+0x1db/0x2d0 [ 15.406413] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.406437] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.406466] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.406489] kasan_report+0x141/0x180 [ 15.406513] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.406541] kasan_check_range+0x10c/0x1c0 [ 15.406566] __kasan_check_write+0x18/0x20 [ 15.406586] kasan_atomics_helper+0x7c7/0x5450 [ 15.406624] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.406648] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.406674] ? kasan_atomics+0x152/0x310 [ 15.406701] kasan_atomics+0x1dc/0x310 [ 15.406724] ? __pfx_kasan_atomics+0x10/0x10 [ 15.406750] ? __pfx_read_tsc+0x10/0x10 [ 15.406783] ? ktime_get_ts64+0x86/0x230 [ 15.406809] kunit_try_run_case+0x1a5/0x480 [ 15.406842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.406866] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.406891] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.406917] ? __kthread_parkme+0x82/0x180 [ 15.406939] ? preempt_count_sub+0x50/0x80 [ 15.406965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.406990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.407016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.407042] kthread+0x337/0x6f0 [ 15.407061] ? trace_preempt_on+0x20/0xc0 [ 15.407087] ? __pfx_kthread+0x10/0x10 [ 15.407108] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.407130] ? calculate_sigpending+0x7b/0xa0 [ 15.407156] ? __pfx_kthread+0x10/0x10 [ 15.407178] ret_from_fork+0x116/0x1d0 [ 15.407198] ? __pfx_kthread+0x10/0x10 [ 15.407219] ret_from_fork_asm+0x1a/0x30 [ 15.407251] </TASK> [ 15.407262] [ 15.418207] Allocated by task 282: [ 15.418502] kasan_save_stack+0x45/0x70 [ 15.418798] kasan_save_track+0x18/0x40 [ 15.419010] kasan_save_alloc_info+0x3b/0x50 [ 15.419369] __kasan_kmalloc+0xb7/0xc0 [ 15.419553] __kmalloc_cache_noprof+0x189/0x420 [ 15.419775] kasan_atomics+0x95/0x310 [ 15.420250] kunit_try_run_case+0x1a5/0x480 [ 15.420413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.420824] kthread+0x337/0x6f0 [ 15.421107] ret_from_fork+0x116/0x1d0 [ 15.421246] ret_from_fork_asm+0x1a/0x30 [ 15.421589] [ 15.421697] The buggy address belongs to the object at ffff8881029cd380 [ 15.421697] which belongs to the cache kmalloc-64 of size 64 [ 15.422514] The buggy address is located 0 bytes to the right of [ 15.422514] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.423146] [ 15.423361] The buggy address belongs to the physical page: [ 15.423550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.424083] flags: 0x200000000000000(node=0|zone=2) [ 15.424318] page_type: f5(slab) [ 15.424474] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.424947] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.425262] page dumped because: kasan: bad access detected [ 15.425485] [ 15.425558] Memory state around the buggy address: [ 15.425768] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.426386] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.426650] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.427169] ^ [ 15.427437] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.427712] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.428171] ================================================================== [ 15.881625] ================================================================== [ 15.882423] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.883193] Read of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.883707] [ 15.883811] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.883857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.883905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.883927] Call Trace: [ 15.883946] <TASK> [ 15.883965] dump_stack_lvl+0x73/0xb0 [ 15.883995] print_report+0xd1/0x650 [ 15.884045] ? __virt_addr_valid+0x1db/0x2d0 [ 15.884070] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.884092] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.884116] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.884139] kasan_report+0x141/0x180 [ 15.884161] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.884188] __asan_report_load4_noabort+0x18/0x20 [ 15.884214] kasan_atomics_helper+0x49ce/0x5450 [ 15.884237] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.884261] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.884291] ? kasan_atomics+0x152/0x310 [ 15.884320] kasan_atomics+0x1dc/0x310 [ 15.884344] ? __pfx_kasan_atomics+0x10/0x10 [ 15.884370] ? __pfx_read_tsc+0x10/0x10 [ 15.884391] ? ktime_get_ts64+0x86/0x230 [ 15.884418] kunit_try_run_case+0x1a5/0x480 [ 15.884444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.884467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.884493] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.884521] ? __kthread_parkme+0x82/0x180 [ 15.884542] ? preempt_count_sub+0x50/0x80 [ 15.884567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.884603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.884628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.884654] kthread+0x337/0x6f0 [ 15.884673] ? trace_preempt_on+0x20/0xc0 [ 15.884699] ? __pfx_kthread+0x10/0x10 [ 15.884720] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.884742] ? calculate_sigpending+0x7b/0xa0 [ 15.884768] ? __pfx_kthread+0x10/0x10 [ 15.884801] ret_from_fork+0x116/0x1d0 [ 15.884820] ? __pfx_kthread+0x10/0x10 [ 15.884841] ret_from_fork_asm+0x1a/0x30 [ 15.884874] </TASK> [ 15.884885] [ 15.898044] Allocated by task 282: [ 15.898389] kasan_save_stack+0x45/0x70 [ 15.898793] kasan_save_track+0x18/0x40 [ 15.899030] kasan_save_alloc_info+0x3b/0x50 [ 15.899176] __kasan_kmalloc+0xb7/0xc0 [ 15.899304] __kmalloc_cache_noprof+0x189/0x420 [ 15.899455] kasan_atomics+0x95/0x310 [ 15.899584] kunit_try_run_case+0x1a5/0x480 [ 15.899737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.900234] kthread+0x337/0x6f0 [ 15.900525] ret_from_fork+0x116/0x1d0 [ 15.900916] ret_from_fork_asm+0x1a/0x30 [ 15.901352] [ 15.901533] The buggy address belongs to the object at ffff8881029cd380 [ 15.901533] which belongs to the cache kmalloc-64 of size 64 [ 15.902617] The buggy address is located 0 bytes to the right of [ 15.902617] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.903867] [ 15.904027] The buggy address belongs to the physical page: [ 15.904530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.905224] flags: 0x200000000000000(node=0|zone=2) [ 15.905472] page_type: f5(slab) [ 15.905590] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.905931] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.906564] page dumped because: kasan: bad access detected [ 15.907080] [ 15.907263] Memory state around the buggy address: [ 15.907717] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.908319] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.908535] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.908759] ^ [ 15.909189] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.909839] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.910565] ================================================================== [ 16.240027] ================================================================== [ 16.240361] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.240696] Read of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.241296] [ 16.241515] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.241563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.241577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.241699] Call Trace: [ 16.241717] <TASK> [ 16.241736] dump_stack_lvl+0x73/0xb0 [ 16.241769] print_report+0xd1/0x650 [ 16.241802] ? __virt_addr_valid+0x1db/0x2d0 [ 16.241826] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.241884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.241910] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.241932] kasan_report+0x141/0x180 [ 16.241956] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.241983] __asan_report_load8_noabort+0x18/0x20 [ 16.242009] kasan_atomics_helper+0x4f30/0x5450 [ 16.242033] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.242056] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.242082] ? kasan_atomics+0x152/0x310 [ 16.242109] kasan_atomics+0x1dc/0x310 [ 16.242132] ? __pfx_kasan_atomics+0x10/0x10 [ 16.242158] ? __pfx_read_tsc+0x10/0x10 [ 16.242179] ? ktime_get_ts64+0x86/0x230 [ 16.242205] kunit_try_run_case+0x1a5/0x480 [ 16.242230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.242254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.242278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.242303] ? __kthread_parkme+0x82/0x180 [ 16.242325] ? preempt_count_sub+0x50/0x80 [ 16.242350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.242375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.242401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.242427] kthread+0x337/0x6f0 [ 16.242446] ? trace_preempt_on+0x20/0xc0 [ 16.242471] ? __pfx_kthread+0x10/0x10 [ 16.242493] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.242516] ? calculate_sigpending+0x7b/0xa0 [ 16.242541] ? __pfx_kthread+0x10/0x10 [ 16.242563] ret_from_fork+0x116/0x1d0 [ 16.242583] ? __pfx_kthread+0x10/0x10 [ 16.242617] ret_from_fork_asm+0x1a/0x30 [ 16.242649] </TASK> [ 16.242661] [ 16.251575] Allocated by task 282: [ 16.251824] kasan_save_stack+0x45/0x70 [ 16.252071] kasan_save_track+0x18/0x40 [ 16.252282] kasan_save_alloc_info+0x3b/0x50 [ 16.252491] __kasan_kmalloc+0xb7/0xc0 [ 16.252699] __kmalloc_cache_noprof+0x189/0x420 [ 16.252858] kasan_atomics+0x95/0x310 [ 16.252992] kunit_try_run_case+0x1a5/0x480 [ 16.253201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.253689] kthread+0x337/0x6f0 [ 16.253814] ret_from_fork+0x116/0x1d0 [ 16.254128] ret_from_fork_asm+0x1a/0x30 [ 16.254320] [ 16.254425] The buggy address belongs to the object at ffff8881029cd380 [ 16.254425] which belongs to the cache kmalloc-64 of size 64 [ 16.254858] The buggy address is located 0 bytes to the right of [ 16.254858] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.255535] [ 16.255627] The buggy address belongs to the physical page: [ 16.255806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.256373] flags: 0x200000000000000(node=0|zone=2) [ 16.257219] page_type: f5(slab) [ 16.257741] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.258198] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.258631] page dumped because: kasan: bad access detected [ 16.259000] [ 16.259088] Memory state around the buggy address: [ 16.259470] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.259927] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.260297] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.260707] ^ [ 16.261072] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.261364] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.261670] ================================================================== [ 15.669890] ================================================================== [ 15.670131] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.670977] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.671414] [ 15.671525] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.671570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.671582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.671679] Call Trace: [ 15.671749] <TASK> [ 15.671768] dump_stack_lvl+0x73/0xb0 [ 15.671799] print_report+0xd1/0x650 [ 15.671823] ? __virt_addr_valid+0x1db/0x2d0 [ 15.671846] ? kasan_atomics_helper+0xf10/0x5450 [ 15.671869] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.671895] ? kasan_atomics_helper+0xf10/0x5450 [ 15.671918] kasan_report+0x141/0x180 [ 15.671941] ? kasan_atomics_helper+0xf10/0x5450 [ 15.671970] kasan_check_range+0x10c/0x1c0 [ 15.672097] __kasan_check_write+0x18/0x20 [ 15.672119] kasan_atomics_helper+0xf10/0x5450 [ 15.672142] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.672167] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.672194] ? kasan_atomics+0x152/0x310 [ 15.672221] kasan_atomics+0x1dc/0x310 [ 15.672245] ? __pfx_kasan_atomics+0x10/0x10 [ 15.672271] ? __pfx_read_tsc+0x10/0x10 [ 15.672292] ? ktime_get_ts64+0x86/0x230 [ 15.672318] kunit_try_run_case+0x1a5/0x480 [ 15.672343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.672367] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.672392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.672416] ? __kthread_parkme+0x82/0x180 [ 15.672438] ? preempt_count_sub+0x50/0x80 [ 15.672463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.672488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.672513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.672540] kthread+0x337/0x6f0 [ 15.672559] ? trace_preempt_on+0x20/0xc0 [ 15.672585] ? __pfx_kthread+0x10/0x10 [ 15.672618] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.672640] ? calculate_sigpending+0x7b/0xa0 [ 15.672666] ? __pfx_kthread+0x10/0x10 [ 15.672688] ret_from_fork+0x116/0x1d0 [ 15.672708] ? __pfx_kthread+0x10/0x10 [ 15.672728] ret_from_fork_asm+0x1a/0x30 [ 15.672760] </TASK> [ 15.672772] [ 15.682942] Allocated by task 282: [ 15.683128] kasan_save_stack+0x45/0x70 [ 15.683330] kasan_save_track+0x18/0x40 [ 15.683511] kasan_save_alloc_info+0x3b/0x50 [ 15.683734] __kasan_kmalloc+0xb7/0xc0 [ 15.683924] __kmalloc_cache_noprof+0x189/0x420 [ 15.684530] kasan_atomics+0x95/0x310 [ 15.684688] kunit_try_run_case+0x1a5/0x480 [ 15.685073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.685294] kthread+0x337/0x6f0 [ 15.685569] ret_from_fork+0x116/0x1d0 [ 15.685730] ret_from_fork_asm+0x1a/0x30 [ 15.686084] [ 15.686180] The buggy address belongs to the object at ffff8881029cd380 [ 15.686180] which belongs to the cache kmalloc-64 of size 64 [ 15.686747] The buggy address is located 0 bytes to the right of [ 15.686747] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.687525] [ 15.687644] The buggy address belongs to the physical page: [ 15.688054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.688423] flags: 0x200000000000000(node=0|zone=2) [ 15.688742] page_type: f5(slab) [ 15.689007] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.689330] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.689632] page dumped because: kasan: bad access detected [ 15.690066] [ 15.690151] Memory state around the buggy address: [ 15.690369] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.690772] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.691187] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.691475] ^ [ 15.691795] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.692169] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.692454] ================================================================== [ 16.202062] ================================================================== [ 16.202548] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 16.202944] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.203234] [ 16.203346] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.203390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.203402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.203424] Call Trace: [ 16.203440] <TASK> [ 16.203457] dump_stack_lvl+0x73/0xb0 [ 16.203485] print_report+0xd1/0x650 [ 16.203508] ? __virt_addr_valid+0x1db/0x2d0 [ 16.203532] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.203554] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.203578] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.203616] kasan_report+0x141/0x180 [ 16.203638] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.203666] kasan_check_range+0x10c/0x1c0 [ 16.203690] __kasan_check_write+0x18/0x20 [ 16.203711] kasan_atomics_helper+0x1b22/0x5450 [ 16.203734] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.203757] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.203782] ? kasan_atomics+0x152/0x310 [ 16.203808] kasan_atomics+0x1dc/0x310 [ 16.203831] ? __pfx_kasan_atomics+0x10/0x10 [ 16.203856] ? __pfx_read_tsc+0x10/0x10 [ 16.203879] ? ktime_get_ts64+0x86/0x230 [ 16.203903] kunit_try_run_case+0x1a5/0x480 [ 16.203928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.203952] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.203976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.204000] ? __kthread_parkme+0x82/0x180 [ 16.204021] ? preempt_count_sub+0x50/0x80 [ 16.204046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.204070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.204096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.204122] kthread+0x337/0x6f0 [ 16.204141] ? trace_preempt_on+0x20/0xc0 [ 16.204165] ? __pfx_kthread+0x10/0x10 [ 16.204186] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.204208] ? calculate_sigpending+0x7b/0xa0 [ 16.204245] ? __pfx_kthread+0x10/0x10 [ 16.204267] ret_from_fork+0x116/0x1d0 [ 16.204286] ? __pfx_kthread+0x10/0x10 [ 16.204307] ret_from_fork_asm+0x1a/0x30 [ 16.204338] </TASK> [ 16.204350] [ 16.211553] Allocated by task 282: [ 16.211734] kasan_save_stack+0x45/0x70 [ 16.212140] kasan_save_track+0x18/0x40 [ 16.212332] kasan_save_alloc_info+0x3b/0x50 [ 16.212553] __kasan_kmalloc+0xb7/0xc0 [ 16.212756] __kmalloc_cache_noprof+0x189/0x420 [ 16.212988] kasan_atomics+0x95/0x310 [ 16.213162] kunit_try_run_case+0x1a5/0x480 [ 16.213316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.213555] kthread+0x337/0x6f0 [ 16.213735] ret_from_fork+0x116/0x1d0 [ 16.213937] ret_from_fork_asm+0x1a/0x30 [ 16.214083] [ 16.214157] The buggy address belongs to the object at ffff8881029cd380 [ 16.214157] which belongs to the cache kmalloc-64 of size 64 [ 16.214684] The buggy address is located 0 bytes to the right of [ 16.214684] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.215138] [ 16.215229] The buggy address belongs to the physical page: [ 16.215477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.215734] flags: 0x200000000000000(node=0|zone=2) [ 16.216209] page_type: f5(slab) [ 16.216338] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.216569] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.216861] page dumped because: kasan: bad access detected [ 16.217113] [ 16.217206] Memory state around the buggy address: [ 16.217430] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.217725] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.218063] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.218279] ^ [ 16.218433] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.218659] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.218976] ================================================================== [ 15.693026] ================================================================== [ 15.693305] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.694100] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.694536] [ 15.694728] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.694774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.694787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.694809] Call Trace: [ 15.694948] <TASK> [ 15.694966] dump_stack_lvl+0x73/0xb0 [ 15.694997] print_report+0xd1/0x650 [ 15.695019] ? __virt_addr_valid+0x1db/0x2d0 [ 15.695043] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.695065] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.695090] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.695112] kasan_report+0x141/0x180 [ 15.695134] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.695161] kasan_check_range+0x10c/0x1c0 [ 15.695186] __kasan_check_write+0x18/0x20 [ 15.695207] kasan_atomics_helper+0xfa9/0x5450 [ 15.695230] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.695254] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.695280] ? kasan_atomics+0x152/0x310 [ 15.695307] kasan_atomics+0x1dc/0x310 [ 15.695329] ? __pfx_kasan_atomics+0x10/0x10 [ 15.695354] ? __pfx_read_tsc+0x10/0x10 [ 15.695377] ? ktime_get_ts64+0x86/0x230 [ 15.695403] kunit_try_run_case+0x1a5/0x480 [ 15.695427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.695451] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.695475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.695500] ? __kthread_parkme+0x82/0x180 [ 15.695522] ? preempt_count_sub+0x50/0x80 [ 15.695547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.695572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.695609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.695636] kthread+0x337/0x6f0 [ 15.695656] ? trace_preempt_on+0x20/0xc0 [ 15.695681] ? __pfx_kthread+0x10/0x10 [ 15.695704] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.695727] ? calculate_sigpending+0x7b/0xa0 [ 15.695753] ? __pfx_kthread+0x10/0x10 [ 15.695788] ret_from_fork+0x116/0x1d0 [ 15.695807] ? __pfx_kthread+0x10/0x10 [ 15.695829] ret_from_fork_asm+0x1a/0x30 [ 15.695861] </TASK> [ 15.695872] [ 15.705520] Allocated by task 282: [ 15.705802] kasan_save_stack+0x45/0x70 [ 15.706164] kasan_save_track+0x18/0x40 [ 15.706416] kasan_save_alloc_info+0x3b/0x50 [ 15.706700] __kasan_kmalloc+0xb7/0xc0 [ 15.706903] __kmalloc_cache_noprof+0x189/0x420 [ 15.707234] kasan_atomics+0x95/0x310 [ 15.707423] kunit_try_run_case+0x1a5/0x480 [ 15.707619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.707848] kthread+0x337/0x6f0 [ 15.708198] ret_from_fork+0x116/0x1d0 [ 15.708446] ret_from_fork_asm+0x1a/0x30 [ 15.708619] [ 15.708713] The buggy address belongs to the object at ffff8881029cd380 [ 15.708713] which belongs to the cache kmalloc-64 of size 64 [ 15.709459] The buggy address is located 0 bytes to the right of [ 15.709459] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.710150] [ 15.710227] The buggy address belongs to the physical page: [ 15.710611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.711008] flags: 0x200000000000000(node=0|zone=2) [ 15.711293] page_type: f5(slab) [ 15.711430] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.711857] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.712263] page dumped because: kasan: bad access detected [ 15.712499] [ 15.712576] Memory state around the buggy address: [ 15.712981] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.713274] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.713632] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.713989] ^ [ 15.714326] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.714652] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.715058] ================================================================== [ 15.501341] ================================================================== [ 15.501931] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.502375] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.502612] [ 15.502722] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.502785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.502815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.502840] Call Trace: [ 15.502857] <TASK> [ 15.502874] dump_stack_lvl+0x73/0xb0 [ 15.502903] print_report+0xd1/0x650 [ 15.502925] ? __virt_addr_valid+0x1db/0x2d0 [ 15.502950] ? kasan_atomics_helper+0xac7/0x5450 [ 15.502972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.502997] ? kasan_atomics_helper+0xac7/0x5450 [ 15.503019] kasan_report+0x141/0x180 [ 15.503051] ? kasan_atomics_helper+0xac7/0x5450 [ 15.503078] kasan_check_range+0x10c/0x1c0 [ 15.503120] __kasan_check_write+0x18/0x20 [ 15.503141] kasan_atomics_helper+0xac7/0x5450 [ 15.503164] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.503188] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.503214] ? kasan_atomics+0x152/0x310 [ 15.503241] kasan_atomics+0x1dc/0x310 [ 15.503273] ? __pfx_kasan_atomics+0x10/0x10 [ 15.503297] ? __pfx_read_tsc+0x10/0x10 [ 15.503319] ? ktime_get_ts64+0x86/0x230 [ 15.503344] kunit_try_run_case+0x1a5/0x480 [ 15.503368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.503401] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.503426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.503450] ? __kthread_parkme+0x82/0x180 [ 15.503471] ? preempt_count_sub+0x50/0x80 [ 15.503496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.503522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.503547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.503573] kthread+0x337/0x6f0 [ 15.503603] ? trace_preempt_on+0x20/0xc0 [ 15.503628] ? __pfx_kthread+0x10/0x10 [ 15.503649] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.503672] ? calculate_sigpending+0x7b/0xa0 [ 15.503696] ? __pfx_kthread+0x10/0x10 [ 15.503718] ret_from_fork+0x116/0x1d0 [ 15.503738] ? __pfx_kthread+0x10/0x10 [ 15.503759] ret_from_fork_asm+0x1a/0x30 [ 15.503808] </TASK> [ 15.503820] [ 15.511018] Allocated by task 282: [ 15.511198] kasan_save_stack+0x45/0x70 [ 15.511401] kasan_save_track+0x18/0x40 [ 15.511617] kasan_save_alloc_info+0x3b/0x50 [ 15.511815] __kasan_kmalloc+0xb7/0xc0 [ 15.512012] __kmalloc_cache_noprof+0x189/0x420 [ 15.512198] kasan_atomics+0x95/0x310 [ 15.512371] kunit_try_run_case+0x1a5/0x480 [ 15.512573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.512777] kthread+0x337/0x6f0 [ 15.512911] ret_from_fork+0x116/0x1d0 [ 15.513098] ret_from_fork_asm+0x1a/0x30 [ 15.513296] [ 15.513389] The buggy address belongs to the object at ffff8881029cd380 [ 15.513389] which belongs to the cache kmalloc-64 of size 64 [ 15.513778] The buggy address is located 0 bytes to the right of [ 15.513778] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.514329] [ 15.514428] The buggy address belongs to the physical page: [ 15.514672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.515039] flags: 0x200000000000000(node=0|zone=2) [ 15.515219] page_type: f5(slab) [ 15.515338] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.515570] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.516265] page dumped because: kasan: bad access detected [ 15.516943] [ 15.517025] Memory state around the buggy address: [ 15.517229] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.517545] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.518731] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.518978] ^ [ 15.519139] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.519360] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.519578] ================================================================== [ 15.239441] ================================================================== [ 15.239942] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.240275] Read of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.240563] [ 15.240692] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.240735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.240748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.240843] Call Trace: [ 15.240863] <TASK> [ 15.240879] dump_stack_lvl+0x73/0xb0 [ 15.240907] print_report+0xd1/0x650 [ 15.240930] ? __virt_addr_valid+0x1db/0x2d0 [ 15.240954] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.240977] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.241001] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.241024] kasan_report+0x141/0x180 [ 15.241047] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.241074] __asan_report_load4_noabort+0x18/0x20 [ 15.241100] kasan_atomics_helper+0x4b54/0x5450 [ 15.241124] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.241148] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.241174] ? kasan_atomics+0x152/0x310 [ 15.241201] kasan_atomics+0x1dc/0x310 [ 15.241224] ? __pfx_kasan_atomics+0x10/0x10 [ 15.241249] ? __pfx_read_tsc+0x10/0x10 [ 15.241271] ? ktime_get_ts64+0x86/0x230 [ 15.241296] kunit_try_run_case+0x1a5/0x480 [ 15.241320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.241344] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.241369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.241397] ? __kthread_parkme+0x82/0x180 [ 15.241419] ? preempt_count_sub+0x50/0x80 [ 15.241444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.241471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.241496] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.241522] kthread+0x337/0x6f0 [ 15.241542] ? trace_preempt_on+0x20/0xc0 [ 15.241566] ? __pfx_kthread+0x10/0x10 [ 15.241587] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.241622] ? calculate_sigpending+0x7b/0xa0 [ 15.241648] ? __pfx_kthread+0x10/0x10 [ 15.241670] ret_from_fork+0x116/0x1d0 [ 15.241690] ? __pfx_kthread+0x10/0x10 [ 15.241711] ret_from_fork_asm+0x1a/0x30 [ 15.241743] </TASK> [ 15.241753] [ 15.249460] Allocated by task 282: [ 15.249664] kasan_save_stack+0x45/0x70 [ 15.249936] kasan_save_track+0x18/0x40 [ 15.250136] kasan_save_alloc_info+0x3b/0x50 [ 15.250349] __kasan_kmalloc+0xb7/0xc0 [ 15.250539] __kmalloc_cache_noprof+0x189/0x420 [ 15.250783] kasan_atomics+0x95/0x310 [ 15.250947] kunit_try_run_case+0x1a5/0x480 [ 15.251096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.251304] kthread+0x337/0x6f0 [ 15.251474] ret_from_fork+0x116/0x1d0 [ 15.251942] ret_from_fork_asm+0x1a/0x30 [ 15.252151] [ 15.252248] The buggy address belongs to the object at ffff8881029cd380 [ 15.252248] which belongs to the cache kmalloc-64 of size 64 [ 15.252744] The buggy address is located 0 bytes to the right of [ 15.252744] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.253300] [ 15.253400] The buggy address belongs to the physical page: [ 15.253633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.254038] flags: 0x200000000000000(node=0|zone=2) [ 15.254256] page_type: f5(slab) [ 15.254422] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.254707] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.255149] page dumped because: kasan: bad access detected [ 15.255412] [ 15.255509] Memory state around the buggy address: [ 15.255752] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.256096] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.256367] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.256582] ^ [ 15.256748] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.257072] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.257394] ================================================================== [ 15.842227] ================================================================== [ 15.842492] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.843261] Read of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.843562] [ 15.843689] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.843735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.843748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.843770] Call Trace: [ 15.843789] <TASK> [ 15.843808] dump_stack_lvl+0x73/0xb0 [ 15.843836] print_report+0xd1/0x650 [ 15.843859] ? __virt_addr_valid+0x1db/0x2d0 [ 15.843883] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.843905] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.843929] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.843952] kasan_report+0x141/0x180 [ 15.843974] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.844001] __asan_report_load4_noabort+0x18/0x20 [ 15.844026] kasan_atomics_helper+0x49e8/0x5450 [ 15.844050] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.844073] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.844100] ? kasan_atomics+0x152/0x310 [ 15.844126] kasan_atomics+0x1dc/0x310 [ 15.844148] ? __pfx_kasan_atomics+0x10/0x10 [ 15.844173] ? __pfx_read_tsc+0x10/0x10 [ 15.844194] ? ktime_get_ts64+0x86/0x230 [ 15.844219] kunit_try_run_case+0x1a5/0x480 [ 15.844245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.844268] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.844293] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.844318] ? __kthread_parkme+0x82/0x180 [ 15.844340] ? preempt_count_sub+0x50/0x80 [ 15.844365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.844390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.844416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.844442] kthread+0x337/0x6f0 [ 15.844463] ? trace_preempt_on+0x20/0xc0 [ 15.844488] ? __pfx_kthread+0x10/0x10 [ 15.844509] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.844531] ? calculate_sigpending+0x7b/0xa0 [ 15.844556] ? __pfx_kthread+0x10/0x10 [ 15.844579] ret_from_fork+0x116/0x1d0 [ 15.844614] ? __pfx_kthread+0x10/0x10 [ 15.844635] ret_from_fork_asm+0x1a/0x30 [ 15.844666] </TASK> [ 15.844678] [ 15.852004] Allocated by task 282: [ 15.852220] kasan_save_stack+0x45/0x70 [ 15.852445] kasan_save_track+0x18/0x40 [ 15.852637] kasan_save_alloc_info+0x3b/0x50 [ 15.852785] __kasan_kmalloc+0xb7/0xc0 [ 15.853015] __kmalloc_cache_noprof+0x189/0x420 [ 15.853417] kasan_atomics+0x95/0x310 [ 15.853583] kunit_try_run_case+0x1a5/0x480 [ 15.853775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.853988] kthread+0x337/0x6f0 [ 15.854171] ret_from_fork+0x116/0x1d0 [ 15.854381] ret_from_fork_asm+0x1a/0x30 [ 15.854519] [ 15.854588] The buggy address belongs to the object at ffff8881029cd380 [ 15.854588] which belongs to the cache kmalloc-64 of size 64 [ 15.855373] The buggy address is located 0 bytes to the right of [ 15.855373] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.855887] [ 15.856005] The buggy address belongs to the physical page: [ 15.856252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.856506] flags: 0x200000000000000(node=0|zone=2) [ 15.856678] page_type: f5(slab) [ 15.856797] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.857253] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.857585] page dumped because: kasan: bad access detected [ 15.858047] [ 15.858116] Memory state around the buggy address: [ 15.858268] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.858473] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.858913] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.859233] ^ [ 15.859465] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.859812] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.860135] ================================================================== [ 15.446538] ================================================================== [ 15.447051] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.447310] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.447636] [ 15.447722] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.448672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.448684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.448705] Call Trace: [ 15.448722] <TASK> [ 15.448740] dump_stack_lvl+0x73/0xb0 [ 15.448776] print_report+0xd1/0x650 [ 15.448798] ? __virt_addr_valid+0x1db/0x2d0 [ 15.448821] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.448844] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.448894] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.448939] kasan_report+0x141/0x180 [ 15.448965] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.449004] kasan_check_range+0x10c/0x1c0 [ 15.449028] __kasan_check_write+0x18/0x20 [ 15.449049] kasan_atomics_helper+0x8f9/0x5450 [ 15.449072] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.449096] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.449124] ? kasan_atomics+0x152/0x310 [ 15.449151] kasan_atomics+0x1dc/0x310 [ 15.449174] ? __pfx_kasan_atomics+0x10/0x10 [ 15.449199] ? __pfx_read_tsc+0x10/0x10 [ 15.449222] ? ktime_get_ts64+0x86/0x230 [ 15.449247] kunit_try_run_case+0x1a5/0x480 [ 15.449272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.449296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.449321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.449346] ? __kthread_parkme+0x82/0x180 [ 15.449368] ? preempt_count_sub+0x50/0x80 [ 15.449393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.449438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.449465] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.449491] kthread+0x337/0x6f0 [ 15.449511] ? trace_preempt_on+0x20/0xc0 [ 15.449537] ? __pfx_kthread+0x10/0x10 [ 15.449558] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.449581] ? calculate_sigpending+0x7b/0xa0 [ 15.449615] ? __pfx_kthread+0x10/0x10 [ 15.449638] ret_from_fork+0x116/0x1d0 [ 15.449657] ? __pfx_kthread+0x10/0x10 [ 15.449701] ret_from_fork_asm+0x1a/0x30 [ 15.449734] </TASK> [ 15.449745] [ 15.456933] Allocated by task 282: [ 15.457064] kasan_save_stack+0x45/0x70 [ 15.457270] kasan_save_track+0x18/0x40 [ 15.457480] kasan_save_alloc_info+0x3b/0x50 [ 15.457715] __kasan_kmalloc+0xb7/0xc0 [ 15.457929] __kmalloc_cache_noprof+0x189/0x420 [ 15.458155] kasan_atomics+0x95/0x310 [ 15.458344] kunit_try_run_case+0x1a5/0x480 [ 15.458524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.458705] kthread+0x337/0x6f0 [ 15.458862] ret_from_fork+0x116/0x1d0 [ 15.459073] ret_from_fork_asm+0x1a/0x30 [ 15.459268] [ 15.459359] The buggy address belongs to the object at ffff8881029cd380 [ 15.459359] which belongs to the cache kmalloc-64 of size 64 [ 15.459828] The buggy address is located 0 bytes to the right of [ 15.459828] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.460235] [ 15.460333] The buggy address belongs to the physical page: [ 15.460619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.461031] flags: 0x200000000000000(node=0|zone=2) [ 15.461273] page_type: f5(slab) [ 15.461452] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.461723] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.461969] page dumped because: kasan: bad access detected [ 15.462212] [ 15.462302] Memory state around the buggy address: [ 15.462545] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.462889] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.463105] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.463362] ^ [ 15.463588] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.463956] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.464243] ================================================================== [ 15.624766] ================================================================== [ 15.625029] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.625868] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.626320] [ 15.626478] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.626582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.626607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.626629] Call Trace: [ 15.626645] <TASK> [ 15.626663] dump_stack_lvl+0x73/0xb0 [ 15.626694] print_report+0xd1/0x650 [ 15.626718] ? __virt_addr_valid+0x1db/0x2d0 [ 15.626743] ? kasan_atomics_helper+0xde0/0x5450 [ 15.626765] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.626804] ? kasan_atomics_helper+0xde0/0x5450 [ 15.626832] kasan_report+0x141/0x180 [ 15.626855] ? kasan_atomics_helper+0xde0/0x5450 [ 15.626883] kasan_check_range+0x10c/0x1c0 [ 15.626908] __kasan_check_write+0x18/0x20 [ 15.626928] kasan_atomics_helper+0xde0/0x5450 [ 15.626952] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.626976] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.627002] ? kasan_atomics+0x152/0x310 [ 15.627028] kasan_atomics+0x1dc/0x310 [ 15.627052] ? __pfx_kasan_atomics+0x10/0x10 [ 15.627077] ? __pfx_read_tsc+0x10/0x10 [ 15.627099] ? ktime_get_ts64+0x86/0x230 [ 15.627124] kunit_try_run_case+0x1a5/0x480 [ 15.627149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.627173] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.627198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.627223] ? __kthread_parkme+0x82/0x180 [ 15.627246] ? preempt_count_sub+0x50/0x80 [ 15.627271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.627297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.627322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.627348] kthread+0x337/0x6f0 [ 15.627369] ? trace_preempt_on+0x20/0xc0 [ 15.627394] ? __pfx_kthread+0x10/0x10 [ 15.627415] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.627438] ? calculate_sigpending+0x7b/0xa0 [ 15.627464] ? __pfx_kthread+0x10/0x10 [ 15.627486] ret_from_fork+0x116/0x1d0 [ 15.627509] ? __pfx_kthread+0x10/0x10 [ 15.627530] ret_from_fork_asm+0x1a/0x30 [ 15.627562] </TASK> [ 15.627574] [ 15.637178] Allocated by task 282: [ 15.637514] kasan_save_stack+0x45/0x70 [ 15.637697] kasan_save_track+0x18/0x40 [ 15.638084] kasan_save_alloc_info+0x3b/0x50 [ 15.638361] __kasan_kmalloc+0xb7/0xc0 [ 15.638609] __kmalloc_cache_noprof+0x189/0x420 [ 15.638938] kasan_atomics+0x95/0x310 [ 15.639103] kunit_try_run_case+0x1a5/0x480 [ 15.639312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.639551] kthread+0x337/0x6f0 [ 15.639723] ret_from_fork+0x116/0x1d0 [ 15.640166] ret_from_fork_asm+0x1a/0x30 [ 15.640417] [ 15.640506] The buggy address belongs to the object at ffff8881029cd380 [ 15.640506] which belongs to the cache kmalloc-64 of size 64 [ 15.641220] The buggy address is located 0 bytes to the right of [ 15.641220] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.641874] [ 15.641953] The buggy address belongs to the physical page: [ 15.642296] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.642647] flags: 0x200000000000000(node=0|zone=2) [ 15.643031] page_type: f5(slab) [ 15.643202] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.643633] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.644062] page dumped because: kasan: bad access detected [ 15.644286] [ 15.644477] Memory state around the buggy address: [ 15.644749] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.645141] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.645432] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.645844] ^ [ 15.646117] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.646408] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.646724] ================================================================== [ 16.124324] ================================================================== [ 16.124647] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 16.125016] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.125246] [ 16.125327] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.125366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.125378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.125399] Call Trace: [ 16.125413] <TASK> [ 16.125429] dump_stack_lvl+0x73/0xb0 [ 16.125456] print_report+0xd1/0x650 [ 16.125478] ? __virt_addr_valid+0x1db/0x2d0 [ 16.125501] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.125523] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.125547] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.125570] kasan_report+0x141/0x180 [ 16.125604] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.125631] kasan_check_range+0x10c/0x1c0 [ 16.125655] __kasan_check_write+0x18/0x20 [ 16.125676] kasan_atomics_helper+0x18b1/0x5450 [ 16.125700] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.125723] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.125748] ? kasan_atomics+0x152/0x310 [ 16.125775] kasan_atomics+0x1dc/0x310 [ 16.125797] ? __pfx_kasan_atomics+0x10/0x10 [ 16.125823] ? __pfx_read_tsc+0x10/0x10 [ 16.125845] ? ktime_get_ts64+0x86/0x230 [ 16.125869] kunit_try_run_case+0x1a5/0x480 [ 16.125894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.125917] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.125941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.125966] ? __kthread_parkme+0x82/0x180 [ 16.125986] ? preempt_count_sub+0x50/0x80 [ 16.126011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.126036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.126061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.126088] kthread+0x337/0x6f0 [ 16.126107] ? trace_preempt_on+0x20/0xc0 [ 16.126131] ? __pfx_kthread+0x10/0x10 [ 16.126152] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.126175] ? calculate_sigpending+0x7b/0xa0 [ 16.126199] ? __pfx_kthread+0x10/0x10 [ 16.126222] ret_from_fork+0x116/0x1d0 [ 16.126241] ? __pfx_kthread+0x10/0x10 [ 16.126262] ret_from_fork_asm+0x1a/0x30 [ 16.126293] </TASK> [ 16.126304] [ 16.134286] Allocated by task 282: [ 16.134415] kasan_save_stack+0x45/0x70 [ 16.134556] kasan_save_track+0x18/0x40 [ 16.134703] kasan_save_alloc_info+0x3b/0x50 [ 16.134858] __kasan_kmalloc+0xb7/0xc0 [ 16.134991] __kmalloc_cache_noprof+0x189/0x420 [ 16.135409] kasan_atomics+0x95/0x310 [ 16.135610] kunit_try_run_case+0x1a5/0x480 [ 16.135822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.136298] kthread+0x337/0x6f0 [ 16.136476] ret_from_fork+0x116/0x1d0 [ 16.136675] ret_from_fork_asm+0x1a/0x30 [ 16.136981] [ 16.137079] The buggy address belongs to the object at ffff8881029cd380 [ 16.137079] which belongs to the cache kmalloc-64 of size 64 [ 16.137560] The buggy address is located 0 bytes to the right of [ 16.137560] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.138250] [ 16.138351] The buggy address belongs to the physical page: [ 16.138548] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.138858] flags: 0x200000000000000(node=0|zone=2) [ 16.139103] page_type: f5(slab) [ 16.139258] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.139527] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.139848] page dumped because: kasan: bad access detected [ 16.140093] [ 16.140171] Memory state around the buggy address: [ 16.140363] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.140663] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.140976] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.141222] ^ [ 16.141379] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.141604] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.142105] ================================================================== [ 15.555468] ================================================================== [ 15.555809] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.556898] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.557144] [ 15.557240] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.557286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.557300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.557323] Call Trace: [ 15.557341] <TASK> [ 15.557361] dump_stack_lvl+0x73/0xb0 [ 15.557393] print_report+0xd1/0x650 [ 15.557417] ? __virt_addr_valid+0x1db/0x2d0 [ 15.557442] ? kasan_atomics_helper+0xc70/0x5450 [ 15.557465] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.557490] ? kasan_atomics_helper+0xc70/0x5450 [ 15.557512] kasan_report+0x141/0x180 [ 15.557535] ? kasan_atomics_helper+0xc70/0x5450 [ 15.557562] kasan_check_range+0x10c/0x1c0 [ 15.557587] __kasan_check_write+0x18/0x20 [ 15.557622] kasan_atomics_helper+0xc70/0x5450 [ 15.557855] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.557881] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.557909] ? kasan_atomics+0x152/0x310 [ 15.557936] kasan_atomics+0x1dc/0x310 [ 15.557959] ? __pfx_kasan_atomics+0x10/0x10 [ 15.558151] ? __pfx_read_tsc+0x10/0x10 [ 15.558176] ? ktime_get_ts64+0x86/0x230 [ 15.558203] kunit_try_run_case+0x1a5/0x480 [ 15.558229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.558253] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.558279] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.558303] ? __kthread_parkme+0x82/0x180 [ 15.558325] ? preempt_count_sub+0x50/0x80 [ 15.558351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.558376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.558401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.558428] kthread+0x337/0x6f0 [ 15.558447] ? trace_preempt_on+0x20/0xc0 [ 15.558474] ? __pfx_kthread+0x10/0x10 [ 15.558496] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.558518] ? calculate_sigpending+0x7b/0xa0 [ 15.558543] ? __pfx_kthread+0x10/0x10 [ 15.558565] ret_from_fork+0x116/0x1d0 [ 15.558584] ? __pfx_kthread+0x10/0x10 [ 15.558618] ret_from_fork_asm+0x1a/0x30 [ 15.558651] </TASK> [ 15.558664] [ 15.569683] Allocated by task 282: [ 15.570125] kasan_save_stack+0x45/0x70 [ 15.570388] kasan_save_track+0x18/0x40 [ 15.570683] kasan_save_alloc_info+0x3b/0x50 [ 15.571043] __kasan_kmalloc+0xb7/0xc0 [ 15.571331] __kmalloc_cache_noprof+0x189/0x420 [ 15.571562] kasan_atomics+0x95/0x310 [ 15.571746] kunit_try_run_case+0x1a5/0x480 [ 15.572180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.572527] kthread+0x337/0x6f0 [ 15.572765] ret_from_fork+0x116/0x1d0 [ 15.573128] ret_from_fork_asm+0x1a/0x30 [ 15.573328] [ 15.573418] The buggy address belongs to the object at ffff8881029cd380 [ 15.573418] which belongs to the cache kmalloc-64 of size 64 [ 15.574131] The buggy address is located 0 bytes to the right of [ 15.574131] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.575049] [ 15.575159] The buggy address belongs to the physical page: [ 15.575399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.575705] flags: 0x200000000000000(node=0|zone=2) [ 15.575875] page_type: f5(slab) [ 15.576073] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.576400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.576649] page dumped because: kasan: bad access detected [ 15.576903] [ 15.577033] Memory state around the buggy address: [ 15.577234] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.577498] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.577846] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.578145] ^ [ 15.578338] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.578588] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.578932] ================================================================== [ 16.358330] ================================================================== [ 16.358705] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.359091] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.359420] [ 16.359527] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.359571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.359583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.359617] Call Trace: [ 16.359635] <TASK> [ 16.359653] dump_stack_lvl+0x73/0xb0 [ 16.359683] print_report+0xd1/0x650 [ 16.359706] ? __virt_addr_valid+0x1db/0x2d0 [ 16.359731] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.359753] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.359778] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.359812] kasan_report+0x141/0x180 [ 16.359854] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.359882] kasan_check_range+0x10c/0x1c0 [ 16.359910] __kasan_check_write+0x18/0x20 [ 16.359929] kasan_atomics_helper+0x1f43/0x5450 [ 16.359953] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.359977] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.360003] ? kasan_atomics+0x152/0x310 [ 16.360030] kasan_atomics+0x1dc/0x310 [ 16.360053] ? __pfx_kasan_atomics+0x10/0x10 [ 16.360079] ? __pfx_read_tsc+0x10/0x10 [ 16.360101] ? ktime_get_ts64+0x86/0x230 [ 16.360126] kunit_try_run_case+0x1a5/0x480 [ 16.360151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.360175] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.360201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.360226] ? __kthread_parkme+0x82/0x180 [ 16.360248] ? preempt_count_sub+0x50/0x80 [ 16.360273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.360299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.360324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.360351] kthread+0x337/0x6f0 [ 16.360370] ? trace_preempt_on+0x20/0xc0 [ 16.360396] ? __pfx_kthread+0x10/0x10 [ 16.360417] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.360440] ? calculate_sigpending+0x7b/0xa0 [ 16.360466] ? __pfx_kthread+0x10/0x10 [ 16.360488] ret_from_fork+0x116/0x1d0 [ 16.360507] ? __pfx_kthread+0x10/0x10 [ 16.360528] ret_from_fork_asm+0x1a/0x30 [ 16.360559] </TASK> [ 16.360570] [ 16.368216] Allocated by task 282: [ 16.368476] kasan_save_stack+0x45/0x70 [ 16.368717] kasan_save_track+0x18/0x40 [ 16.368962] kasan_save_alloc_info+0x3b/0x50 [ 16.369112] __kasan_kmalloc+0xb7/0xc0 [ 16.369244] __kmalloc_cache_noprof+0x189/0x420 [ 16.369439] kasan_atomics+0x95/0x310 [ 16.369638] kunit_try_run_case+0x1a5/0x480 [ 16.369975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.370235] kthread+0x337/0x6f0 [ 16.370415] ret_from_fork+0x116/0x1d0 [ 16.370572] ret_from_fork_asm+0x1a/0x30 [ 16.370800] [ 16.370954] The buggy address belongs to the object at ffff8881029cd380 [ 16.370954] which belongs to the cache kmalloc-64 of size 64 [ 16.371449] The buggy address is located 0 bytes to the right of [ 16.371449] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.372118] [ 16.372206] The buggy address belongs to the physical page: [ 16.372445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.372767] flags: 0x200000000000000(node=0|zone=2) [ 16.373033] page_type: f5(slab) [ 16.373181] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.373416] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.373693] page dumped because: kasan: bad access detected [ 16.373949] [ 16.374048] Memory state around the buggy address: [ 16.374295] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.374628] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.375039] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.375327] ^ [ 16.375483] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.375758] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.376419] ================================================================== [ 16.415092] ================================================================== [ 16.415642] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.416013] Read of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.416340] [ 16.416468] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.416513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.416525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.416547] Call Trace: [ 16.416565] <TASK> [ 16.416583] dump_stack_lvl+0x73/0xb0 [ 16.416625] print_report+0xd1/0x650 [ 16.416648] ? __virt_addr_valid+0x1db/0x2d0 [ 16.416672] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.416695] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.416720] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.416744] kasan_report+0x141/0x180 [ 16.416766] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.416802] __asan_report_load8_noabort+0x18/0x20 [ 16.416850] kasan_atomics_helper+0x4f98/0x5450 [ 16.416874] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.416898] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.416925] ? kasan_atomics+0x152/0x310 [ 16.416952] kasan_atomics+0x1dc/0x310 [ 16.416975] ? __pfx_kasan_atomics+0x10/0x10 [ 16.417000] ? __pfx_read_tsc+0x10/0x10 [ 16.417023] ? ktime_get_ts64+0x86/0x230 [ 16.417049] kunit_try_run_case+0x1a5/0x480 [ 16.417074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.417098] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.417124] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.417149] ? __kthread_parkme+0x82/0x180 [ 16.417193] ? preempt_count_sub+0x50/0x80 [ 16.417218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.417243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.417269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.417295] kthread+0x337/0x6f0 [ 16.417315] ? trace_preempt_on+0x20/0xc0 [ 16.417340] ? __pfx_kthread+0x10/0x10 [ 16.417362] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.417385] ? calculate_sigpending+0x7b/0xa0 [ 16.417410] ? __pfx_kthread+0x10/0x10 [ 16.417432] ret_from_fork+0x116/0x1d0 [ 16.417453] ? __pfx_kthread+0x10/0x10 [ 16.417475] ret_from_fork_asm+0x1a/0x30 [ 16.417507] </TASK> [ 16.417518] [ 16.425043] Allocated by task 282: [ 16.425230] kasan_save_stack+0x45/0x70 [ 16.425433] kasan_save_track+0x18/0x40 [ 16.425638] kasan_save_alloc_info+0x3b/0x50 [ 16.425931] __kasan_kmalloc+0xb7/0xc0 [ 16.426068] __kmalloc_cache_noprof+0x189/0x420 [ 16.426225] kasan_atomics+0x95/0x310 [ 16.426378] kunit_try_run_case+0x1a5/0x480 [ 16.426587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.426875] kthread+0x337/0x6f0 [ 16.427050] ret_from_fork+0x116/0x1d0 [ 16.427298] ret_from_fork_asm+0x1a/0x30 [ 16.427440] [ 16.427509] The buggy address belongs to the object at ffff8881029cd380 [ 16.427509] which belongs to the cache kmalloc-64 of size 64 [ 16.428468] The buggy address is located 0 bytes to the right of [ 16.428468] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.429649] [ 16.429953] The buggy address belongs to the physical page: [ 16.430391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.431250] flags: 0x200000000000000(node=0|zone=2) [ 16.431549] page_type: f5(slab) [ 16.431849] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.432388] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.432696] page dumped because: kasan: bad access detected [ 16.433120] [ 16.433341] Memory state around the buggy address: [ 16.433795] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.434124] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.434401] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.434700] ^ [ 16.435236] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.435706] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.436200] ================================================================== [ 16.262843] ================================================================== [ 16.263614] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.264034] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.264394] [ 16.264615] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.264662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.264674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.264697] Call Trace: [ 16.264719] <TASK> [ 16.264921] dump_stack_lvl+0x73/0xb0 [ 16.265108] print_report+0xd1/0x650 [ 16.265138] ? __virt_addr_valid+0x1db/0x2d0 [ 16.265163] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.265185] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.265210] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.265233] kasan_report+0x141/0x180 [ 16.265256] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.265284] kasan_check_range+0x10c/0x1c0 [ 16.265308] __kasan_check_write+0x18/0x20 [ 16.265329] kasan_atomics_helper+0x1ce1/0x5450 [ 16.265353] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.265376] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.265404] ? kasan_atomics+0x152/0x310 [ 16.265430] kasan_atomics+0x1dc/0x310 [ 16.265453] ? __pfx_kasan_atomics+0x10/0x10 [ 16.265478] ? __pfx_read_tsc+0x10/0x10 [ 16.265501] ? ktime_get_ts64+0x86/0x230 [ 16.265526] kunit_try_run_case+0x1a5/0x480 [ 16.265552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.265576] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.265613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.265637] ? __kthread_parkme+0x82/0x180 [ 16.265659] ? preempt_count_sub+0x50/0x80 [ 16.265685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.265710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.265735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.265762] kthread+0x337/0x6f0 [ 16.265794] ? trace_preempt_on+0x20/0xc0 [ 16.265820] ? __pfx_kthread+0x10/0x10 [ 16.265841] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.265863] ? calculate_sigpending+0x7b/0xa0 [ 16.265889] ? __pfx_kthread+0x10/0x10 [ 16.265911] ret_from_fork+0x116/0x1d0 [ 16.265930] ? __pfx_kthread+0x10/0x10 [ 16.265951] ret_from_fork_asm+0x1a/0x30 [ 16.265983] </TASK> [ 16.265994] [ 16.276320] Allocated by task 282: [ 16.276653] kasan_save_stack+0x45/0x70 [ 16.276906] kasan_save_track+0x18/0x40 [ 16.277169] kasan_save_alloc_info+0x3b/0x50 [ 16.277460] __kasan_kmalloc+0xb7/0xc0 [ 16.277731] __kmalloc_cache_noprof+0x189/0x420 [ 16.278089] kasan_atomics+0x95/0x310 [ 16.278296] kunit_try_run_case+0x1a5/0x480 [ 16.278590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.279117] kthread+0x337/0x6f0 [ 16.279313] ret_from_fork+0x116/0x1d0 [ 16.279629] ret_from_fork_asm+0x1a/0x30 [ 16.279865] [ 16.280206] The buggy address belongs to the object at ffff8881029cd380 [ 16.280206] which belongs to the cache kmalloc-64 of size 64 [ 16.280703] The buggy address is located 0 bytes to the right of [ 16.280703] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.281499] [ 16.281606] The buggy address belongs to the physical page: [ 16.282001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.282341] flags: 0x200000000000000(node=0|zone=2) [ 16.282642] page_type: f5(slab) [ 16.282917] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.283226] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.283543] page dumped because: kasan: bad access detected [ 16.284008] [ 16.284109] Memory state around the buggy address: [ 16.284396] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.284792] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.285151] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.285527] ^ [ 16.285714] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.286292] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.286671] ================================================================== [ 15.912069] ================================================================== [ 15.912796] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.913043] Read of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.913266] [ 15.913355] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.913400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.913412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.913434] Call Trace: [ 15.913453] <TASK> [ 15.913471] dump_stack_lvl+0x73/0xb0 [ 15.913499] print_report+0xd1/0x650 [ 15.913522] ? __virt_addr_valid+0x1db/0x2d0 [ 15.913546] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.913569] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.914032] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.914084] kasan_report+0x141/0x180 [ 15.914109] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.914136] kasan_check_range+0x10c/0x1c0 [ 15.914161] __kasan_check_read+0x15/0x20 [ 15.914180] kasan_atomics_helper+0x13b5/0x5450 [ 15.914204] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.914228] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.914255] ? kasan_atomics+0x152/0x310 [ 15.914282] kasan_atomics+0x1dc/0x310 [ 15.914304] ? __pfx_kasan_atomics+0x10/0x10 [ 15.914329] ? __pfx_read_tsc+0x10/0x10 [ 15.914351] ? ktime_get_ts64+0x86/0x230 [ 15.914396] kunit_try_run_case+0x1a5/0x480 [ 15.914422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.914445] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.914471] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.914496] ? __kthread_parkme+0x82/0x180 [ 15.914517] ? preempt_count_sub+0x50/0x80 [ 15.914542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.914567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.914622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.914649] kthread+0x337/0x6f0 [ 15.914668] ? trace_preempt_on+0x20/0xc0 [ 15.914693] ? __pfx_kthread+0x10/0x10 [ 15.914715] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.914737] ? calculate_sigpending+0x7b/0xa0 [ 15.914763] ? __pfx_kthread+0x10/0x10 [ 15.914798] ret_from_fork+0x116/0x1d0 [ 15.914818] ? __pfx_kthread+0x10/0x10 [ 15.914846] ret_from_fork_asm+0x1a/0x30 [ 15.914879] </TASK> [ 15.914891] [ 15.929253] Allocated by task 282: [ 15.929402] kasan_save_stack+0x45/0x70 [ 15.929555] kasan_save_track+0x18/0x40 [ 15.929715] kasan_save_alloc_info+0x3b/0x50 [ 15.929937] __kasan_kmalloc+0xb7/0xc0 [ 15.930071] __kmalloc_cache_noprof+0x189/0x420 [ 15.930332] kasan_atomics+0x95/0x310 [ 15.930521] kunit_try_run_case+0x1a5/0x480 [ 15.930688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.930920] kthread+0x337/0x6f0 [ 15.931131] ret_from_fork+0x116/0x1d0 [ 15.931285] ret_from_fork_asm+0x1a/0x30 [ 15.931425] [ 15.931517] The buggy address belongs to the object at ffff8881029cd380 [ 15.931517] which belongs to the cache kmalloc-64 of size 64 [ 15.932231] The buggy address is located 0 bytes to the right of [ 15.932231] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.932737] [ 15.932907] The buggy address belongs to the physical page: [ 15.933162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.933430] flags: 0x200000000000000(node=0|zone=2) [ 15.933697] page_type: f5(slab) [ 15.933939] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.934261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.934584] page dumped because: kasan: bad access detected [ 15.934840] [ 15.934931] Memory state around the buggy address: [ 15.935167] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.935426] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.935651] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.936113] ^ [ 15.936300] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.936621] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.936932] ================================================================== [ 16.106664] ================================================================== [ 16.107019] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 16.107342] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.107558] [ 16.107657] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.107701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.107714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.107735] Call Trace: [ 16.107753] <TASK> [ 16.107771] dump_stack_lvl+0x73/0xb0 [ 16.107799] print_report+0xd1/0x650 [ 16.107822] ? __virt_addr_valid+0x1db/0x2d0 [ 16.107846] ? kasan_atomics_helper+0x1818/0x5450 [ 16.107868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.107893] ? kasan_atomics_helper+0x1818/0x5450 [ 16.107916] kasan_report+0x141/0x180 [ 16.107938] ? kasan_atomics_helper+0x1818/0x5450 [ 16.107965] kasan_check_range+0x10c/0x1c0 [ 16.107990] __kasan_check_write+0x18/0x20 [ 16.108010] kasan_atomics_helper+0x1818/0x5450 [ 16.108043] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.108067] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.108094] ? kasan_atomics+0x152/0x310 [ 16.108119] kasan_atomics+0x1dc/0x310 [ 16.108142] ? __pfx_kasan_atomics+0x10/0x10 [ 16.108168] ? __pfx_read_tsc+0x10/0x10 [ 16.108190] ? ktime_get_ts64+0x86/0x230 [ 16.108215] kunit_try_run_case+0x1a5/0x480 [ 16.108240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.108264] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.108289] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.108314] ? __kthread_parkme+0x82/0x180 [ 16.108335] ? preempt_count_sub+0x50/0x80 [ 16.108360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.108387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.108412] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.108439] kthread+0x337/0x6f0 [ 16.108458] ? trace_preempt_on+0x20/0xc0 [ 16.108483] ? __pfx_kthread+0x10/0x10 [ 16.108503] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.108526] ? calculate_sigpending+0x7b/0xa0 [ 16.108551] ? __pfx_kthread+0x10/0x10 [ 16.108573] ret_from_fork+0x116/0x1d0 [ 16.108606] ? __pfx_kthread+0x10/0x10 [ 16.108628] ret_from_fork_asm+0x1a/0x30 [ 16.108658] </TASK> [ 16.108669] [ 16.116476] Allocated by task 282: [ 16.116636] kasan_save_stack+0x45/0x70 [ 16.116836] kasan_save_track+0x18/0x40 [ 16.116968] kasan_save_alloc_info+0x3b/0x50 [ 16.117113] __kasan_kmalloc+0xb7/0xc0 [ 16.117241] __kmalloc_cache_noprof+0x189/0x420 [ 16.117391] kasan_atomics+0x95/0x310 [ 16.117518] kunit_try_run_case+0x1a5/0x480 [ 16.117739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.117987] kthread+0x337/0x6f0 [ 16.118151] ret_from_fork+0x116/0x1d0 [ 16.118334] ret_from_fork_asm+0x1a/0x30 [ 16.118526] [ 16.118602] The buggy address belongs to the object at ffff8881029cd380 [ 16.118602] which belongs to the cache kmalloc-64 of size 64 [ 16.118943] The buggy address is located 0 bytes to the right of [ 16.118943] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.119292] [ 16.119466] The buggy address belongs to the physical page: [ 16.119728] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.120470] flags: 0x200000000000000(node=0|zone=2) [ 16.120717] page_type: f5(slab) [ 16.120884] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.121310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.121619] page dumped because: kasan: bad access detected [ 16.121880] [ 16.121949] Memory state around the buggy address: [ 16.122105] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.122435] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.122761] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.123031] ^ [ 16.123253] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.123523] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.123841] ================================================================== [ 16.161261] ================================================================== [ 16.161703] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 16.162240] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.162477] [ 16.162563] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.162617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.162629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.162651] Call Trace: [ 16.162668] <TASK> [ 16.162684] dump_stack_lvl+0x73/0xb0 [ 16.162713] print_report+0xd1/0x650 [ 16.162735] ? __virt_addr_valid+0x1db/0x2d0 [ 16.162760] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.162781] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.162815] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.162845] kasan_report+0x141/0x180 [ 16.162867] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.162894] kasan_check_range+0x10c/0x1c0 [ 16.162918] __kasan_check_write+0x18/0x20 [ 16.162939] kasan_atomics_helper+0x19e3/0x5450 [ 16.162962] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.162986] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.163011] ? kasan_atomics+0x152/0x310 [ 16.163037] kasan_atomics+0x1dc/0x310 [ 16.163061] ? __pfx_kasan_atomics+0x10/0x10 [ 16.163085] ? __pfx_read_tsc+0x10/0x10 [ 16.163107] ? ktime_get_ts64+0x86/0x230 [ 16.163132] kunit_try_run_case+0x1a5/0x480 [ 16.163156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.163180] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.163206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.163231] ? __kthread_parkme+0x82/0x180 [ 16.163251] ? preempt_count_sub+0x50/0x80 [ 16.163276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.163301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.163326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.163352] kthread+0x337/0x6f0 [ 16.163372] ? trace_preempt_on+0x20/0xc0 [ 16.163397] ? __pfx_kthread+0x10/0x10 [ 16.163417] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.163440] ? calculate_sigpending+0x7b/0xa0 [ 16.163464] ? __pfx_kthread+0x10/0x10 [ 16.163487] ret_from_fork+0x116/0x1d0 [ 16.163505] ? __pfx_kthread+0x10/0x10 [ 16.163527] ret_from_fork_asm+0x1a/0x30 [ 16.163557] </TASK> [ 16.163568] [ 16.170998] Allocated by task 282: [ 16.171155] kasan_save_stack+0x45/0x70 [ 16.171361] kasan_save_track+0x18/0x40 [ 16.171722] kasan_save_alloc_info+0x3b/0x50 [ 16.172137] __kasan_kmalloc+0xb7/0xc0 [ 16.172323] __kmalloc_cache_noprof+0x189/0x420 [ 16.172580] kasan_atomics+0x95/0x310 [ 16.172795] kunit_try_run_case+0x1a5/0x480 [ 16.173002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.173257] kthread+0x337/0x6f0 [ 16.173425] ret_from_fork+0x116/0x1d0 [ 16.173618] ret_from_fork_asm+0x1a/0x30 [ 16.173860] [ 16.173955] The buggy address belongs to the object at ffff8881029cd380 [ 16.173955] which belongs to the cache kmalloc-64 of size 64 [ 16.175527] The buggy address is located 0 bytes to the right of [ 16.175527] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.176537] [ 16.176660] The buggy address belongs to the physical page: [ 16.177122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.177734] flags: 0x200000000000000(node=0|zone=2) [ 16.178195] page_type: f5(slab) [ 16.178508] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.179070] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.179570] page dumped because: kasan: bad access detected [ 16.180023] [ 16.180131] Memory state around the buggy address: [ 16.180367] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.180699] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.181350] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.181763] ^ [ 16.182207] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.182712] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.183200] ================================================================== [ 16.142732] ================================================================== [ 16.143249] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 16.143560] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.143833] [ 16.143989] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.144031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.144044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.144065] Call Trace: [ 16.144081] <TASK> [ 16.144098] dump_stack_lvl+0x73/0xb0 [ 16.144125] print_report+0xd1/0x650 [ 16.144148] ? __virt_addr_valid+0x1db/0x2d0 [ 16.144172] ? kasan_atomics_helper+0x194a/0x5450 [ 16.144194] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.144217] ? kasan_atomics_helper+0x194a/0x5450 [ 16.144240] kasan_report+0x141/0x180 [ 16.144264] ? kasan_atomics_helper+0x194a/0x5450 [ 16.144292] kasan_check_range+0x10c/0x1c0 [ 16.144316] __kasan_check_write+0x18/0x20 [ 16.144337] kasan_atomics_helper+0x194a/0x5450 [ 16.144361] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.144385] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.144411] ? kasan_atomics+0x152/0x310 [ 16.144437] kasan_atomics+0x1dc/0x310 [ 16.144460] ? __pfx_kasan_atomics+0x10/0x10 [ 16.144484] ? __pfx_read_tsc+0x10/0x10 [ 16.144506] ? ktime_get_ts64+0x86/0x230 [ 16.144531] kunit_try_run_case+0x1a5/0x480 [ 16.144556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.144580] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.144615] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.144640] ? __kthread_parkme+0x82/0x180 [ 16.144662] ? preempt_count_sub+0x50/0x80 [ 16.144687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.144712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.144738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.144764] kthread+0x337/0x6f0 [ 16.144784] ? trace_preempt_on+0x20/0xc0 [ 16.144809] ? __pfx_kthread+0x10/0x10 [ 16.144831] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.144854] ? calculate_sigpending+0x7b/0xa0 [ 16.144879] ? __pfx_kthread+0x10/0x10 [ 16.144901] ret_from_fork+0x116/0x1d0 [ 16.144920] ? __pfx_kthread+0x10/0x10 [ 16.144940] ret_from_fork_asm+0x1a/0x30 [ 16.144973] </TASK> [ 16.144984] [ 16.153216] Allocated by task 282: [ 16.153405] kasan_save_stack+0x45/0x70 [ 16.153616] kasan_save_track+0x18/0x40 [ 16.153838] kasan_save_alloc_info+0x3b/0x50 [ 16.154038] __kasan_kmalloc+0xb7/0xc0 [ 16.154171] __kmalloc_cache_noprof+0x189/0x420 [ 16.154328] kasan_atomics+0x95/0x310 [ 16.154463] kunit_try_run_case+0x1a5/0x480 [ 16.154619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.154997] kthread+0x337/0x6f0 [ 16.155169] ret_from_fork+0x116/0x1d0 [ 16.155361] ret_from_fork_asm+0x1a/0x30 [ 16.155563] [ 16.155668] The buggy address belongs to the object at ffff8881029cd380 [ 16.155668] which belongs to the cache kmalloc-64 of size 64 [ 16.156268] The buggy address is located 0 bytes to the right of [ 16.156268] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.156784] [ 16.156874] The buggy address belongs to the physical page: [ 16.157072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.157377] flags: 0x200000000000000(node=0|zone=2) [ 16.157542] page_type: f5(slab) [ 16.157726] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.158242] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.158532] page dumped because: kasan: bad access detected [ 16.158713] [ 16.158783] Memory state around the buggy address: [ 16.158945] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.159160] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.159372] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.159714] ^ [ 16.160060] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.160375] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.160697] ================================================================== [ 16.464630] ================================================================== [ 16.465244] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.465572] Read of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.466142] [ 16.466259] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.466521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.466535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.466558] Call Trace: [ 16.466575] <TASK> [ 16.466633] dump_stack_lvl+0x73/0xb0 [ 16.466669] print_report+0xd1/0x650 [ 16.466693] ? __virt_addr_valid+0x1db/0x2d0 [ 16.466718] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.466741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.466765] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.466804] kasan_report+0x141/0x180 [ 16.466832] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.466859] __asan_report_load8_noabort+0x18/0x20 [ 16.466885] kasan_atomics_helper+0x4fb2/0x5450 [ 16.466909] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.466933] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.466959] ? kasan_atomics+0x152/0x310 [ 16.466986] kasan_atomics+0x1dc/0x310 [ 16.467009] ? __pfx_kasan_atomics+0x10/0x10 [ 16.467034] ? __pfx_read_tsc+0x10/0x10 [ 16.467056] ? ktime_get_ts64+0x86/0x230 [ 16.467081] kunit_try_run_case+0x1a5/0x480 [ 16.467107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.467132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.467157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.467183] ? __kthread_parkme+0x82/0x180 [ 16.467205] ? preempt_count_sub+0x50/0x80 [ 16.467230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.467258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.467283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.467310] kthread+0x337/0x6f0 [ 16.467330] ? trace_preempt_on+0x20/0xc0 [ 16.467356] ? __pfx_kthread+0x10/0x10 [ 16.467378] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.467400] ? calculate_sigpending+0x7b/0xa0 [ 16.467425] ? __pfx_kthread+0x10/0x10 [ 16.467448] ret_from_fork+0x116/0x1d0 [ 16.467467] ? __pfx_kthread+0x10/0x10 [ 16.467489] ret_from_fork_asm+0x1a/0x30 [ 16.467521] </TASK> [ 16.467533] [ 16.478748] Allocated by task 282: [ 16.479139] kasan_save_stack+0x45/0x70 [ 16.479335] kasan_save_track+0x18/0x40 [ 16.479514] kasan_save_alloc_info+0x3b/0x50 [ 16.479714] __kasan_kmalloc+0xb7/0xc0 [ 16.480315] __kmalloc_cache_noprof+0x189/0x420 [ 16.480589] kasan_atomics+0x95/0x310 [ 16.480967] kunit_try_run_case+0x1a5/0x480 [ 16.481282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.481712] kthread+0x337/0x6f0 [ 16.481992] ret_from_fork+0x116/0x1d0 [ 16.482370] ret_from_fork_asm+0x1a/0x30 [ 16.482707] [ 16.482830] The buggy address belongs to the object at ffff8881029cd380 [ 16.482830] which belongs to the cache kmalloc-64 of size 64 [ 16.483305] The buggy address is located 0 bytes to the right of [ 16.483305] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.483761] [ 16.483835] The buggy address belongs to the physical page: [ 16.484100] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.484431] flags: 0x200000000000000(node=0|zone=2) [ 16.484616] page_type: f5(slab) [ 16.484796] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.485145] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.485435] page dumped because: kasan: bad access detected [ 16.485669] [ 16.485738] Memory state around the buggy address: [ 16.486121] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.486422] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.486728] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.487033] ^ [ 16.487227] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.487515] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.487742] ================================================================== [ 16.524521] ================================================================== [ 16.524971] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.525355] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.525726] [ 16.525868] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.525913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.525926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.525947] Call Trace: [ 16.525963] <TASK> [ 16.525980] dump_stack_lvl+0x73/0xb0 [ 16.526010] print_report+0xd1/0x650 [ 16.526032] ? __virt_addr_valid+0x1db/0x2d0 [ 16.526056] ? kasan_atomics_helper+0x224c/0x5450 [ 16.526079] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.526102] ? kasan_atomics_helper+0x224c/0x5450 [ 16.526126] kasan_report+0x141/0x180 [ 16.526149] ? kasan_atomics_helper+0x224c/0x5450 [ 16.526176] kasan_check_range+0x10c/0x1c0 [ 16.526201] __kasan_check_write+0x18/0x20 [ 16.526221] kasan_atomics_helper+0x224c/0x5450 [ 16.526245] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.526269] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.526295] ? kasan_atomics+0x152/0x310 [ 16.526322] kasan_atomics+0x1dc/0x310 [ 16.526346] ? __pfx_kasan_atomics+0x10/0x10 [ 16.526371] ? __pfx_read_tsc+0x10/0x10 [ 16.526392] ? ktime_get_ts64+0x86/0x230 [ 16.526418] kunit_try_run_case+0x1a5/0x480 [ 16.526443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.526467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.526492] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.526517] ? __kthread_parkme+0x82/0x180 [ 16.526565] ? preempt_count_sub+0x50/0x80 [ 16.526591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.526627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.526652] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.526679] kthread+0x337/0x6f0 [ 16.526698] ? trace_preempt_on+0x20/0xc0 [ 16.526723] ? __pfx_kthread+0x10/0x10 [ 16.526744] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.526787] ? calculate_sigpending+0x7b/0xa0 [ 16.526813] ? __pfx_kthread+0x10/0x10 [ 16.526844] ret_from_fork+0x116/0x1d0 [ 16.526864] ? __pfx_kthread+0x10/0x10 [ 16.526886] ret_from_fork_asm+0x1a/0x30 [ 16.526918] </TASK> [ 16.526929] [ 16.534375] Allocated by task 282: [ 16.534564] kasan_save_stack+0x45/0x70 [ 16.534789] kasan_save_track+0x18/0x40 [ 16.534989] kasan_save_alloc_info+0x3b/0x50 [ 16.535189] __kasan_kmalloc+0xb7/0xc0 [ 16.535319] __kmalloc_cache_noprof+0x189/0x420 [ 16.535470] kasan_atomics+0x95/0x310 [ 16.535610] kunit_try_run_case+0x1a5/0x480 [ 16.535830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.536109] kthread+0x337/0x6f0 [ 16.536280] ret_from_fork+0x116/0x1d0 [ 16.536483] ret_from_fork_asm+0x1a/0x30 [ 16.536693] [ 16.536809] The buggy address belongs to the object at ffff8881029cd380 [ 16.536809] which belongs to the cache kmalloc-64 of size 64 [ 16.537285] The buggy address is located 0 bytes to the right of [ 16.537285] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.537647] [ 16.537717] The buggy address belongs to the physical page: [ 16.538011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.538359] flags: 0x200000000000000(node=0|zone=2) [ 16.538589] page_type: f5(slab) [ 16.538780] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.539097] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.539315] page dumped because: kasan: bad access detected [ 16.539481] [ 16.539548] Memory state around the buggy address: [ 16.539783] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.540109] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.540434] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.540807] ^ [ 16.540960] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.541256] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.541573] ================================================================== [ 15.336235] ================================================================== [ 15.336543] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.337339] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.337693] [ 15.337812] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.337858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.337870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.337892] Call Trace: [ 15.337920] <TASK> [ 15.337938] dump_stack_lvl+0x73/0xb0 [ 15.337968] print_report+0xd1/0x650 [ 15.338003] ? __virt_addr_valid+0x1db/0x2d0 [ 15.338029] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.338051] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.338084] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.338107] kasan_report+0x141/0x180 [ 15.338130] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.338168] kasan_check_range+0x10c/0x1c0 [ 15.338194] __kasan_check_write+0x18/0x20 [ 15.338214] kasan_atomics_helper+0x5fe/0x5450 [ 15.338238] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.338263] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.338291] ? kasan_atomics+0x152/0x310 [ 15.338318] kasan_atomics+0x1dc/0x310 [ 15.338341] ? __pfx_kasan_atomics+0x10/0x10 [ 15.338375] ? __pfx_read_tsc+0x10/0x10 [ 15.338397] ? ktime_get_ts64+0x86/0x230 [ 15.338422] kunit_try_run_case+0x1a5/0x480 [ 15.338458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.338482] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.338507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.338538] ? __kthread_parkme+0x82/0x180 [ 15.338560] ? preempt_count_sub+0x50/0x80 [ 15.338585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.338626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.338652] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.338678] kthread+0x337/0x6f0 [ 15.338698] ? trace_preempt_on+0x20/0xc0 [ 15.338722] ? __pfx_kthread+0x10/0x10 [ 15.338744] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.338766] ? calculate_sigpending+0x7b/0xa0 [ 15.338800] ? __pfx_kthread+0x10/0x10 [ 15.338822] ret_from_fork+0x116/0x1d0 [ 15.338846] ? __pfx_kthread+0x10/0x10 [ 15.338867] ret_from_fork_asm+0x1a/0x30 [ 15.338900] </TASK> [ 15.338911] [ 15.347257] Allocated by task 282: [ 15.347479] kasan_save_stack+0x45/0x70 [ 15.347657] kasan_save_track+0x18/0x40 [ 15.347977] kasan_save_alloc_info+0x3b/0x50 [ 15.348159] __kasan_kmalloc+0xb7/0xc0 [ 15.348386] __kmalloc_cache_noprof+0x189/0x420 [ 15.348634] kasan_atomics+0x95/0x310 [ 15.348855] kunit_try_run_case+0x1a5/0x480 [ 15.349101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.349349] kthread+0x337/0x6f0 [ 15.349570] ret_from_fork+0x116/0x1d0 [ 15.349799] ret_from_fork_asm+0x1a/0x30 [ 15.349977] [ 15.350045] The buggy address belongs to the object at ffff8881029cd380 [ 15.350045] which belongs to the cache kmalloc-64 of size 64 [ 15.350426] The buggy address is located 0 bytes to the right of [ 15.350426] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.350992] [ 15.351069] The buggy address belongs to the physical page: [ 15.351237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.351500] flags: 0x200000000000000(node=0|zone=2) [ 15.351756] page_type: f5(slab) [ 15.351978] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.352327] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.352683] page dumped because: kasan: bad access detected [ 15.352978] [ 15.353094] Memory state around the buggy address: [ 15.353283] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.353616] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.353952] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.354316] ^ [ 15.354531] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.354882] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.355148] ================================================================== [ 15.428866] ================================================================== [ 15.429249] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.429787] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.430139] [ 15.430252] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.430296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.430308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.430329] Call Trace: [ 15.430348] <TASK> [ 15.430365] dump_stack_lvl+0x73/0xb0 [ 15.430394] print_report+0xd1/0x650 [ 15.430417] ? __virt_addr_valid+0x1db/0x2d0 [ 15.430441] ? kasan_atomics_helper+0x860/0x5450 [ 15.430464] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.430488] ? kasan_atomics_helper+0x860/0x5450 [ 15.430511] kasan_report+0x141/0x180 [ 15.430534] ? kasan_atomics_helper+0x860/0x5450 [ 15.430561] kasan_check_range+0x10c/0x1c0 [ 15.430585] __kasan_check_write+0x18/0x20 [ 15.430618] kasan_atomics_helper+0x860/0x5450 [ 15.430642] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.430665] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.430692] ? kasan_atomics+0x152/0x310 [ 15.430718] kasan_atomics+0x1dc/0x310 [ 15.430742] ? __pfx_kasan_atomics+0x10/0x10 [ 15.430767] ? __pfx_read_tsc+0x10/0x10 [ 15.430801] ? ktime_get_ts64+0x86/0x230 [ 15.430833] kunit_try_run_case+0x1a5/0x480 [ 15.430859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.430883] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.430910] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.430936] ? __kthread_parkme+0x82/0x180 [ 15.430957] ? preempt_count_sub+0x50/0x80 [ 15.430982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.431008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.431034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.431061] kthread+0x337/0x6f0 [ 15.431080] ? trace_preempt_on+0x20/0xc0 [ 15.431106] ? __pfx_kthread+0x10/0x10 [ 15.431128] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.431151] ? calculate_sigpending+0x7b/0xa0 [ 15.431175] ? __pfx_kthread+0x10/0x10 [ 15.431197] ret_from_fork+0x116/0x1d0 [ 15.431216] ? __pfx_kthread+0x10/0x10 [ 15.431237] ret_from_fork_asm+0x1a/0x30 [ 15.431267] </TASK> [ 15.431278] [ 15.438712] Allocated by task 282: [ 15.438931] kasan_save_stack+0x45/0x70 [ 15.439082] kasan_save_track+0x18/0x40 [ 15.439278] kasan_save_alloc_info+0x3b/0x50 [ 15.439494] __kasan_kmalloc+0xb7/0xc0 [ 15.439672] __kmalloc_cache_noprof+0x189/0x420 [ 15.439903] kasan_atomics+0x95/0x310 [ 15.440055] kunit_try_run_case+0x1a5/0x480 [ 15.440258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.440493] kthread+0x337/0x6f0 [ 15.440640] ret_from_fork+0x116/0x1d0 [ 15.440887] ret_from_fork_asm+0x1a/0x30 [ 15.441085] [ 15.441174] The buggy address belongs to the object at ffff8881029cd380 [ 15.441174] which belongs to the cache kmalloc-64 of size 64 [ 15.441640] The buggy address is located 0 bytes to the right of [ 15.441640] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.442139] [ 15.442231] The buggy address belongs to the physical page: [ 15.442405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.442654] flags: 0x200000000000000(node=0|zone=2) [ 15.442818] page_type: f5(slab) [ 15.442940] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.443298] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.443645] page dumped because: kasan: bad access detected [ 15.443948] [ 15.444018] Memory state around the buggy address: [ 15.444174] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.444391] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.444618] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.444905] ^ [ 15.445131] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.445454] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.445784] ================================================================== [ 16.183928] ================================================================== [ 16.184721] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 16.185255] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.185752] [ 16.185879] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.185925] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.185938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.185959] Call Trace: [ 16.185976] <TASK> [ 16.185992] dump_stack_lvl+0x73/0xb0 [ 16.186022] print_report+0xd1/0x650 [ 16.186044] ? __virt_addr_valid+0x1db/0x2d0 [ 16.186068] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.186091] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.186114] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.186137] kasan_report+0x141/0x180 [ 16.186160] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.186187] kasan_check_range+0x10c/0x1c0 [ 16.186211] __kasan_check_write+0x18/0x20 [ 16.186231] kasan_atomics_helper+0x1a7f/0x5450 [ 16.186255] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.186278] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.186305] ? kasan_atomics+0x152/0x310 [ 16.186332] kasan_atomics+0x1dc/0x310 [ 16.186355] ? __pfx_kasan_atomics+0x10/0x10 [ 16.186381] ? __pfx_read_tsc+0x10/0x10 [ 16.186402] ? ktime_get_ts64+0x86/0x230 [ 16.186427] kunit_try_run_case+0x1a5/0x480 [ 16.186452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.186476] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.186499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.186524] ? __kthread_parkme+0x82/0x180 [ 16.186545] ? preempt_count_sub+0x50/0x80 [ 16.186569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.186605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.186632] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.186657] kthread+0x337/0x6f0 [ 16.186676] ? trace_preempt_on+0x20/0xc0 [ 16.186702] ? __pfx_kthread+0x10/0x10 [ 16.186725] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.186747] ? calculate_sigpending+0x7b/0xa0 [ 16.186772] ? __pfx_kthread+0x10/0x10 [ 16.186794] ret_from_fork+0x116/0x1d0 [ 16.186813] ? __pfx_kthread+0x10/0x10 [ 16.186841] ret_from_fork_asm+0x1a/0x30 [ 16.186872] </TASK> [ 16.186882] [ 16.193941] Allocated by task 282: [ 16.194073] kasan_save_stack+0x45/0x70 [ 16.194471] kasan_save_track+0x18/0x40 [ 16.194675] kasan_save_alloc_info+0x3b/0x50 [ 16.194893] __kasan_kmalloc+0xb7/0xc0 [ 16.195086] __kmalloc_cache_noprof+0x189/0x420 [ 16.195322] kasan_atomics+0x95/0x310 [ 16.195505] kunit_try_run_case+0x1a5/0x480 [ 16.195726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.195940] kthread+0x337/0x6f0 [ 16.196074] ret_from_fork+0x116/0x1d0 [ 16.196266] ret_from_fork_asm+0x1a/0x30 [ 16.196462] [ 16.196549] The buggy address belongs to the object at ffff8881029cd380 [ 16.196549] which belongs to the cache kmalloc-64 of size 64 [ 16.197026] The buggy address is located 0 bytes to the right of [ 16.197026] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.197397] [ 16.197469] The buggy address belongs to the physical page: [ 16.197652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.198210] flags: 0x200000000000000(node=0|zone=2) [ 16.198442] page_type: f5(slab) [ 16.198623] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.198972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.199230] page dumped because: kasan: bad access detected [ 16.199402] [ 16.199470] Memory state around the buggy address: [ 16.199636] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.199853] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.200176] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.200496] ^ [ 16.200735] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.201064] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.201581] ================================================================== [ 15.220649] ================================================================== [ 15.220984] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 15.221282] Read of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.221619] [ 15.221735] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.221779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.221791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.221878] Call Trace: [ 15.221898] <TASK> [ 15.221917] dump_stack_lvl+0x73/0xb0 [ 15.221946] print_report+0xd1/0x650 [ 15.221969] ? __virt_addr_valid+0x1db/0x2d0 [ 15.221993] ? kasan_atomics_helper+0x3df/0x5450 [ 15.222016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.222041] ? kasan_atomics_helper+0x3df/0x5450 [ 15.222065] kasan_report+0x141/0x180 [ 15.222087] ? kasan_atomics_helper+0x3df/0x5450 [ 15.222114] kasan_check_range+0x10c/0x1c0 [ 15.222138] __kasan_check_read+0x15/0x20 [ 15.222160] kasan_atomics_helper+0x3df/0x5450 [ 15.222184] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.222207] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.222234] ? kasan_atomics+0x152/0x310 [ 15.222261] kasan_atomics+0x1dc/0x310 [ 15.222284] ? __pfx_kasan_atomics+0x10/0x10 [ 15.222308] ? __pfx_read_tsc+0x10/0x10 [ 15.222331] ? ktime_get_ts64+0x86/0x230 [ 15.222357] kunit_try_run_case+0x1a5/0x480 [ 15.222381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.222405] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.222431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.222455] ? __kthread_parkme+0x82/0x180 [ 15.222477] ? preempt_count_sub+0x50/0x80 [ 15.222505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.222531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.222557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.222583] kthread+0x337/0x6f0 [ 15.222613] ? trace_preempt_on+0x20/0xc0 [ 15.222639] ? __pfx_kthread+0x10/0x10 [ 15.222660] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.222683] ? calculate_sigpending+0x7b/0xa0 [ 15.222709] ? __pfx_kthread+0x10/0x10 [ 15.222731] ret_from_fork+0x116/0x1d0 [ 15.222751] ? __pfx_kthread+0x10/0x10 [ 15.222772] ret_from_fork_asm+0x1a/0x30 [ 15.223125] </TASK> [ 15.223144] [ 15.231109] Allocated by task 282: [ 15.231299] kasan_save_stack+0x45/0x70 [ 15.231503] kasan_save_track+0x18/0x40 [ 15.231719] kasan_save_alloc_info+0x3b/0x50 [ 15.232034] __kasan_kmalloc+0xb7/0xc0 [ 15.232229] __kmalloc_cache_noprof+0x189/0x420 [ 15.232451] kasan_atomics+0x95/0x310 [ 15.232646] kunit_try_run_case+0x1a5/0x480 [ 15.232906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.233143] kthread+0x337/0x6f0 [ 15.233278] ret_from_fork+0x116/0x1d0 [ 15.233411] ret_from_fork_asm+0x1a/0x30 [ 15.233553] [ 15.233635] The buggy address belongs to the object at ffff8881029cd380 [ 15.233635] which belongs to the cache kmalloc-64 of size 64 [ 15.234236] The buggy address is located 0 bytes to the right of [ 15.234236] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.234784] [ 15.235046] The buggy address belongs to the physical page: [ 15.235226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.235471] flags: 0x200000000000000(node=0|zone=2) [ 15.235722] page_type: f5(slab) [ 15.235892] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.236315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.236680] page dumped because: kasan: bad access detected [ 15.237016] [ 15.237117] Memory state around the buggy address: [ 15.237355] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.237663] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.237955] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.238197] ^ [ 15.238420] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.238747] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.239087] ================================================================== [ 16.396512] ================================================================== [ 16.396886] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.397276] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.397583] [ 16.397681] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.397726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.397738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.397759] Call Trace: [ 16.397776] <TASK> [ 16.397803] dump_stack_lvl+0x73/0xb0 [ 16.397832] print_report+0xd1/0x650 [ 16.397856] ? __virt_addr_valid+0x1db/0x2d0 [ 16.397880] ? kasan_atomics_helper+0x2006/0x5450 [ 16.397902] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.397926] ? kasan_atomics_helper+0x2006/0x5450 [ 16.397972] kasan_report+0x141/0x180 [ 16.397994] ? kasan_atomics_helper+0x2006/0x5450 [ 16.398021] kasan_check_range+0x10c/0x1c0 [ 16.398046] __kasan_check_write+0x18/0x20 [ 16.398067] kasan_atomics_helper+0x2006/0x5450 [ 16.398091] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.398115] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.398142] ? kasan_atomics+0x152/0x310 [ 16.398168] kasan_atomics+0x1dc/0x310 [ 16.398191] ? __pfx_kasan_atomics+0x10/0x10 [ 16.398216] ? __pfx_read_tsc+0x10/0x10 [ 16.398238] ? ktime_get_ts64+0x86/0x230 [ 16.398264] kunit_try_run_case+0x1a5/0x480 [ 16.398289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.398313] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.398338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.398363] ? __kthread_parkme+0x82/0x180 [ 16.398386] ? preempt_count_sub+0x50/0x80 [ 16.398411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.398436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.398479] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.398505] kthread+0x337/0x6f0 [ 16.398525] ? trace_preempt_on+0x20/0xc0 [ 16.398552] ? __pfx_kthread+0x10/0x10 [ 16.398574] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.398608] ? calculate_sigpending+0x7b/0xa0 [ 16.398634] ? __pfx_kthread+0x10/0x10 [ 16.398657] ret_from_fork+0x116/0x1d0 [ 16.398676] ? __pfx_kthread+0x10/0x10 [ 16.398697] ret_from_fork_asm+0x1a/0x30 [ 16.398730] </TASK> [ 16.398742] [ 16.406973] Allocated by task 282: [ 16.407155] kasan_save_stack+0x45/0x70 [ 16.407351] kasan_save_track+0x18/0x40 [ 16.407528] kasan_save_alloc_info+0x3b/0x50 [ 16.407738] __kasan_kmalloc+0xb7/0xc0 [ 16.407951] __kmalloc_cache_noprof+0x189/0x420 [ 16.408131] kasan_atomics+0x95/0x310 [ 16.408263] kunit_try_run_case+0x1a5/0x480 [ 16.408490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.408759] kthread+0x337/0x6f0 [ 16.409020] ret_from_fork+0x116/0x1d0 [ 16.409233] ret_from_fork_asm+0x1a/0x30 [ 16.409426] [ 16.409498] The buggy address belongs to the object at ffff8881029cd380 [ 16.409498] which belongs to the cache kmalloc-64 of size 64 [ 16.410031] The buggy address is located 0 bytes to the right of [ 16.410031] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.410404] [ 16.410481] The buggy address belongs to the physical page: [ 16.410745] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.411105] flags: 0x200000000000000(node=0|zone=2) [ 16.411351] page_type: f5(slab) [ 16.411521] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.411845] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.412172] page dumped because: kasan: bad access detected [ 16.412429] [ 16.412522] Memory state around the buggy address: [ 16.412746] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.413024] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.413243] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.413458] ^ [ 16.413698] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.414188] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.414616] ================================================================== [ 15.993974] ================================================================== [ 15.994310] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.994668] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.995062] [ 15.995152] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.995199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.995211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.995233] Call Trace: [ 15.995251] <TASK> [ 15.995268] dump_stack_lvl+0x73/0xb0 [ 15.995299] print_report+0xd1/0x650 [ 15.995322] ? __virt_addr_valid+0x1db/0x2d0 [ 15.995401] ? kasan_atomics_helper+0x151d/0x5450 [ 15.995464] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.995489] ? kasan_atomics_helper+0x151d/0x5450 [ 15.995512] kasan_report+0x141/0x180 [ 15.995535] ? kasan_atomics_helper+0x151d/0x5450 [ 15.995562] kasan_check_range+0x10c/0x1c0 [ 15.995587] __kasan_check_write+0x18/0x20 [ 15.995619] kasan_atomics_helper+0x151d/0x5450 [ 15.995642] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.995666] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.995693] ? kasan_atomics+0x152/0x310 [ 15.995720] kasan_atomics+0x1dc/0x310 [ 15.995743] ? __pfx_kasan_atomics+0x10/0x10 [ 15.995768] ? __pfx_read_tsc+0x10/0x10 [ 15.995819] ? ktime_get_ts64+0x86/0x230 [ 15.995844] kunit_try_run_case+0x1a5/0x480 [ 15.995869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.995894] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.995919] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.995944] ? __kthread_parkme+0x82/0x180 [ 15.995966] ? preempt_count_sub+0x50/0x80 [ 15.995991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.996017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.996042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.996069] kthread+0x337/0x6f0 [ 15.996089] ? trace_preempt_on+0x20/0xc0 [ 15.996113] ? __pfx_kthread+0x10/0x10 [ 15.996134] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.996157] ? calculate_sigpending+0x7b/0xa0 [ 15.996182] ? __pfx_kthread+0x10/0x10 [ 15.996204] ret_from_fork+0x116/0x1d0 [ 15.996223] ? __pfx_kthread+0x10/0x10 [ 15.996245] ret_from_fork_asm+0x1a/0x30 [ 15.996276] </TASK> [ 15.996287] [ 16.004464] Allocated by task 282: [ 16.004689] kasan_save_stack+0x45/0x70 [ 16.005038] kasan_save_track+0x18/0x40 [ 16.005217] kasan_save_alloc_info+0x3b/0x50 [ 16.005435] __kasan_kmalloc+0xb7/0xc0 [ 16.005635] __kmalloc_cache_noprof+0x189/0x420 [ 16.005885] kasan_atomics+0x95/0x310 [ 16.006100] kunit_try_run_case+0x1a5/0x480 [ 16.006312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.006571] kthread+0x337/0x6f0 [ 16.006744] ret_from_fork+0x116/0x1d0 [ 16.006984] ret_from_fork_asm+0x1a/0x30 [ 16.007175] [ 16.007299] The buggy address belongs to the object at ffff8881029cd380 [ 16.007299] which belongs to the cache kmalloc-64 of size 64 [ 16.007774] The buggy address is located 0 bytes to the right of [ 16.007774] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.008342] [ 16.008436] The buggy address belongs to the physical page: [ 16.008616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.009047] flags: 0x200000000000000(node=0|zone=2) [ 16.009277] page_type: f5(slab) [ 16.009476] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.009756] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.009999] page dumped because: kasan: bad access detected [ 16.010317] [ 16.010432] Memory state around the buggy address: [ 16.010703] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.011023] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.011346] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.011553] ^ [ 16.011806] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.012422] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.012700] ================================================================== [ 15.937662] ================================================================== [ 15.938023] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.938278] Read of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.938523] [ 15.938645] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.938690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.938702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.938722] Call Trace: [ 15.938742] <TASK> [ 15.938759] dump_stack_lvl+0x73/0xb0 [ 15.938801] print_report+0xd1/0x650 [ 15.938831] ? __virt_addr_valid+0x1db/0x2d0 [ 15.938858] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.938880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.938904] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.938926] kasan_report+0x141/0x180 [ 15.938949] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.938976] __asan_report_load8_noabort+0x18/0x20 [ 15.939002] kasan_atomics_helper+0x4eae/0x5450 [ 15.939025] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.939048] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.939075] ? kasan_atomics+0x152/0x310 [ 15.939101] kasan_atomics+0x1dc/0x310 [ 15.939123] ? __pfx_kasan_atomics+0x10/0x10 [ 15.939149] ? __pfx_read_tsc+0x10/0x10 [ 15.939170] ? ktime_get_ts64+0x86/0x230 [ 15.939195] kunit_try_run_case+0x1a5/0x480 [ 15.939245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.939270] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.939294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.939318] ? __kthread_parkme+0x82/0x180 [ 15.939340] ? preempt_count_sub+0x50/0x80 [ 15.939383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.939408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.939434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.939459] kthread+0x337/0x6f0 [ 15.939479] ? trace_preempt_on+0x20/0xc0 [ 15.939505] ? __pfx_kthread+0x10/0x10 [ 15.939526] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.939564] ? calculate_sigpending+0x7b/0xa0 [ 15.939589] ? __pfx_kthread+0x10/0x10 [ 15.939624] ret_from_fork+0x116/0x1d0 [ 15.939644] ? __pfx_kthread+0x10/0x10 [ 15.939664] ret_from_fork_asm+0x1a/0x30 [ 15.939713] </TASK> [ 15.939725] [ 15.947605] Allocated by task 282: [ 15.947790] kasan_save_stack+0x45/0x70 [ 15.948036] kasan_save_track+0x18/0x40 [ 15.948229] kasan_save_alloc_info+0x3b/0x50 [ 15.948441] __kasan_kmalloc+0xb7/0xc0 [ 15.948634] __kmalloc_cache_noprof+0x189/0x420 [ 15.948803] kasan_atomics+0x95/0x310 [ 15.948941] kunit_try_run_case+0x1a5/0x480 [ 15.949090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.949340] kthread+0x337/0x6f0 [ 15.949587] ret_from_fork+0x116/0x1d0 [ 15.949813] ret_from_fork_asm+0x1a/0x30 [ 15.950077] [ 15.950149] The buggy address belongs to the object at ffff8881029cd380 [ 15.950149] which belongs to the cache kmalloc-64 of size 64 [ 15.950719] The buggy address is located 0 bytes to the right of [ 15.950719] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.951358] [ 15.951431] The buggy address belongs to the physical page: [ 15.951903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.952227] flags: 0x200000000000000(node=0|zone=2) [ 15.952384] page_type: f5(slab) [ 15.952500] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.952733] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.953063] page dumped because: kasan: bad access detected [ 15.953316] [ 15.953410] Memory state around the buggy address: [ 15.953842] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.954111] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.954370] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.954701] ^ [ 15.955116] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.955339] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.955544] ================================================================== [ 15.141364] ================================================================== [ 15.142216] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 15.142553] Read of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.142972] [ 15.143096] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.143144] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.143156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.143177] Call Trace: [ 15.143189] <TASK> [ 15.143206] dump_stack_lvl+0x73/0xb0 [ 15.143234] print_report+0xd1/0x650 [ 15.143282] ? __virt_addr_valid+0x1db/0x2d0 [ 15.143306] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.143327] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.143350] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.143372] kasan_report+0x141/0x180 [ 15.143393] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.143420] __asan_report_load4_noabort+0x18/0x20 [ 15.143444] kasan_atomics_helper+0x4bbc/0x5450 [ 15.143484] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.143507] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.143534] ? kasan_atomics+0x152/0x310 [ 15.143559] kasan_atomics+0x1dc/0x310 [ 15.143582] ? __pfx_kasan_atomics+0x10/0x10 [ 15.143619] ? __pfx_read_tsc+0x10/0x10 [ 15.143657] ? ktime_get_ts64+0x86/0x230 [ 15.143683] kunit_try_run_case+0x1a5/0x480 [ 15.143707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.143731] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.143755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.143810] ? __kthread_parkme+0x82/0x180 [ 15.143832] ? preempt_count_sub+0x50/0x80 [ 15.143857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.143882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.143942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.143968] kthread+0x337/0x6f0 [ 15.143986] ? trace_preempt_on+0x20/0xc0 [ 15.144012] ? __pfx_kthread+0x10/0x10 [ 15.144031] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.144053] ? calculate_sigpending+0x7b/0xa0 [ 15.144077] ? __pfx_kthread+0x10/0x10 [ 15.144099] ret_from_fork+0x116/0x1d0 [ 15.144118] ? __pfx_kthread+0x10/0x10 [ 15.144138] ret_from_fork_asm+0x1a/0x30 [ 15.144186] </TASK> [ 15.144196] [ 15.152428] Allocated by task 282: [ 15.152736] kasan_save_stack+0x45/0x70 [ 15.152984] kasan_save_track+0x18/0x40 [ 15.153148] kasan_save_alloc_info+0x3b/0x50 [ 15.153346] __kasan_kmalloc+0xb7/0xc0 [ 15.153532] __kmalloc_cache_noprof+0x189/0x420 [ 15.153726] kasan_atomics+0x95/0x310 [ 15.153905] kunit_try_run_case+0x1a5/0x480 [ 15.154054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.154230] kthread+0x337/0x6f0 [ 15.154352] ret_from_fork+0x116/0x1d0 [ 15.154485] ret_from_fork_asm+0x1a/0x30 [ 15.154701] [ 15.154890] The buggy address belongs to the object at ffff8881029cd380 [ 15.154890] which belongs to the cache kmalloc-64 of size 64 [ 15.155488] The buggy address is located 0 bytes to the right of [ 15.155488] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.156122] [ 15.156224] The buggy address belongs to the physical page: [ 15.156775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.157109] flags: 0x200000000000000(node=0|zone=2) [ 15.157368] page_type: f5(slab) [ 15.157580] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.158033] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.158693] page dumped because: kasan: bad access detected [ 15.159008] [ 15.159102] Memory state around the buggy address: [ 15.159267] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.159483] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.159719] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.159933] ^ [ 15.160290] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.160835] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.161182] ================================================================== [ 15.183153] ================================================================== [ 15.183474] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 15.183841] Read of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.184090] [ 15.184176] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.184219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.184230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.184250] Call Trace: [ 15.184263] <TASK> [ 15.184278] dump_stack_lvl+0x73/0xb0 [ 15.184305] print_report+0xd1/0x650 [ 15.184327] ? __virt_addr_valid+0x1db/0x2d0 [ 15.184349] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.184371] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.184394] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.184415] kasan_report+0x141/0x180 [ 15.184436] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.184463] __asan_report_load4_noabort+0x18/0x20 [ 15.184488] kasan_atomics_helper+0x4b88/0x5450 [ 15.184510] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.184533] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.184566] ? kasan_atomics+0x152/0x310 [ 15.184604] kasan_atomics+0x1dc/0x310 [ 15.184626] ? __pfx_kasan_atomics+0x10/0x10 [ 15.184650] ? __pfx_read_tsc+0x10/0x10 [ 15.184670] ? ktime_get_ts64+0x86/0x230 [ 15.184697] kunit_try_run_case+0x1a5/0x480 [ 15.184722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.184745] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.184788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.184846] ? __kthread_parkme+0x82/0x180 [ 15.184866] ? preempt_count_sub+0x50/0x80 [ 15.184891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.184915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.184939] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.184965] kthread+0x337/0x6f0 [ 15.184984] ? trace_preempt_on+0x20/0xc0 [ 15.185008] ? __pfx_kthread+0x10/0x10 [ 15.185028] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.185049] ? calculate_sigpending+0x7b/0xa0 [ 15.185074] ? __pfx_kthread+0x10/0x10 [ 15.185095] ret_from_fork+0x116/0x1d0 [ 15.185114] ? __pfx_kthread+0x10/0x10 [ 15.185134] ret_from_fork_asm+0x1a/0x30 [ 15.185165] </TASK> [ 15.185175] [ 15.192821] Allocated by task 282: [ 15.192998] kasan_save_stack+0x45/0x70 [ 15.193172] kasan_save_track+0x18/0x40 [ 15.193307] kasan_save_alloc_info+0x3b/0x50 [ 15.193456] __kasan_kmalloc+0xb7/0xc0 [ 15.193588] __kmalloc_cache_noprof+0x189/0x420 [ 15.193992] kasan_atomics+0x95/0x310 [ 15.194184] kunit_try_run_case+0x1a5/0x480 [ 15.194396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.194666] kthread+0x337/0x6f0 [ 15.194968] ret_from_fork+0x116/0x1d0 [ 15.195122] ret_from_fork_asm+0x1a/0x30 [ 15.195321] [ 15.195400] The buggy address belongs to the object at ffff8881029cd380 [ 15.195400] which belongs to the cache kmalloc-64 of size 64 [ 15.195991] The buggy address is located 0 bytes to the right of [ 15.195991] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.196675] [ 15.196793] The buggy address belongs to the physical page: [ 15.197010] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.197359] flags: 0x200000000000000(node=0|zone=2) [ 15.197676] page_type: f5(slab) [ 15.197873] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.198137] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.198366] page dumped because: kasan: bad access detected [ 15.198539] [ 15.198619] Memory state around the buggy address: [ 15.198895] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.199521] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.199790] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.200104] ^ [ 15.200278] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.200514] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.201081] ================================================================== [ 16.437651] ================================================================== [ 16.438287] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.438687] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.439224] [ 16.439339] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.439384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.439396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.439417] Call Trace: [ 16.439434] <TASK> [ 16.439452] dump_stack_lvl+0x73/0xb0 [ 16.439482] print_report+0xd1/0x650 [ 16.439505] ? __virt_addr_valid+0x1db/0x2d0 [ 16.439529] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.439551] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.439576] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.439611] kasan_report+0x141/0x180 [ 16.439633] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.439661] kasan_check_range+0x10c/0x1c0 [ 16.439686] __kasan_check_write+0x18/0x20 [ 16.439706] kasan_atomics_helper+0x20c8/0x5450 [ 16.439729] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.439753] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.439931] ? kasan_atomics+0x152/0x310 [ 16.439963] kasan_atomics+0x1dc/0x310 [ 16.439987] ? __pfx_kasan_atomics+0x10/0x10 [ 16.440013] ? __pfx_read_tsc+0x10/0x10 [ 16.440035] ? ktime_get_ts64+0x86/0x230 [ 16.440097] kunit_try_run_case+0x1a5/0x480 [ 16.440125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.440149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.440177] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.440202] ? __kthread_parkme+0x82/0x180 [ 16.440223] ? preempt_count_sub+0x50/0x80 [ 16.440249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.440274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.440300] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.440326] kthread+0x337/0x6f0 [ 16.440346] ? trace_preempt_on+0x20/0xc0 [ 16.440371] ? __pfx_kthread+0x10/0x10 [ 16.440392] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.440415] ? calculate_sigpending+0x7b/0xa0 [ 16.440440] ? __pfx_kthread+0x10/0x10 [ 16.440462] ret_from_fork+0x116/0x1d0 [ 16.440482] ? __pfx_kthread+0x10/0x10 [ 16.440504] ret_from_fork_asm+0x1a/0x30 [ 16.440536] </TASK> [ 16.440548] [ 16.451561] Allocated by task 282: [ 16.451760] kasan_save_stack+0x45/0x70 [ 16.452284] kasan_save_track+0x18/0x40 [ 16.452574] kasan_save_alloc_info+0x3b/0x50 [ 16.452977] __kasan_kmalloc+0xb7/0xc0 [ 16.453280] __kmalloc_cache_noprof+0x189/0x420 [ 16.453489] kasan_atomics+0x95/0x310 [ 16.453672] kunit_try_run_case+0x1a5/0x480 [ 16.454204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.454505] kthread+0x337/0x6f0 [ 16.454776] ret_from_fork+0x116/0x1d0 [ 16.455174] ret_from_fork_asm+0x1a/0x30 [ 16.455467] [ 16.455696] The buggy address belongs to the object at ffff8881029cd380 [ 16.455696] which belongs to the cache kmalloc-64 of size 64 [ 16.456357] The buggy address is located 0 bytes to the right of [ 16.456357] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.457084] [ 16.457309] The buggy address belongs to the physical page: [ 16.457806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.458272] flags: 0x200000000000000(node=0|zone=2) [ 16.458624] page_type: f5(slab) [ 16.458953] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.459359] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.459684] page dumped because: kasan: bad access detected [ 16.460069] [ 16.460298] Memory state around the buggy address: [ 16.460690] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.461141] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.461443] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.461743] ^ [ 16.462298] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.462793] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.463279] ================================================================== [ 15.520702] ================================================================== [ 15.522073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.523187] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.524200] [ 15.524570] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.524811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.524827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.524849] Call Trace: [ 15.524866] <TASK> [ 15.524885] dump_stack_lvl+0x73/0xb0 [ 15.524927] print_report+0xd1/0x650 [ 15.524950] ? __virt_addr_valid+0x1db/0x2d0 [ 15.524973] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.524996] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.525020] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.525042] kasan_report+0x141/0x180 [ 15.525065] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.525092] kasan_check_range+0x10c/0x1c0 [ 15.525117] __kasan_check_write+0x18/0x20 [ 15.525137] kasan_atomics_helper+0xb6a/0x5450 [ 15.525161] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.525184] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.525210] ? kasan_atomics+0x152/0x310 [ 15.525237] kasan_atomics+0x1dc/0x310 [ 15.525260] ? __pfx_kasan_atomics+0x10/0x10 [ 15.525284] ? __pfx_read_tsc+0x10/0x10 [ 15.525307] ? ktime_get_ts64+0x86/0x230 [ 15.525331] kunit_try_run_case+0x1a5/0x480 [ 15.525356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.525379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.525403] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.525428] ? __kthread_parkme+0x82/0x180 [ 15.525452] ? preempt_count_sub+0x50/0x80 [ 15.525476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.525580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.525631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.525657] kthread+0x337/0x6f0 [ 15.525677] ? trace_preempt_on+0x20/0xc0 [ 15.525702] ? __pfx_kthread+0x10/0x10 [ 15.525723] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.525746] ? calculate_sigpending+0x7b/0xa0 [ 15.525772] ? __pfx_kthread+0x10/0x10 [ 15.525793] ret_from_fork+0x116/0x1d0 [ 15.525813] ? __pfx_kthread+0x10/0x10 [ 15.525835] ret_from_fork_asm+0x1a/0x30 [ 15.525867] </TASK> [ 15.525878] [ 15.542088] Allocated by task 282: [ 15.542487] kasan_save_stack+0x45/0x70 [ 15.542982] kasan_save_track+0x18/0x40 [ 15.543122] kasan_save_alloc_info+0x3b/0x50 [ 15.543270] __kasan_kmalloc+0xb7/0xc0 [ 15.543398] __kmalloc_cache_noprof+0x189/0x420 [ 15.543550] kasan_atomics+0x95/0x310 [ 15.543689] kunit_try_run_case+0x1a5/0x480 [ 15.543854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.544024] kthread+0x337/0x6f0 [ 15.544559] ret_from_fork+0x116/0x1d0 [ 15.545116] ret_from_fork_asm+0x1a/0x30 [ 15.545513] [ 15.545719] The buggy address belongs to the object at ffff8881029cd380 [ 15.545719] which belongs to the cache kmalloc-64 of size 64 [ 15.546490] The buggy address is located 0 bytes to the right of [ 15.546490] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.547275] [ 15.547376] The buggy address belongs to the physical page: [ 15.547575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.548318] flags: 0x200000000000000(node=0|zone=2) [ 15.548965] page_type: f5(slab) [ 15.549458] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.550300] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.550894] page dumped because: kasan: bad access detected [ 15.551511] [ 15.551698] Memory state around the buggy address: [ 15.552123] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.552855] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.553081] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.553288] ^ [ 15.553438] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.553670] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.554323] ================================================================== [ 16.013321] ================================================================== [ 16.013575] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 16.013824] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.014047] [ 16.014126] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.014167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.014179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.014198] Call Trace: [ 16.014262] <TASK> [ 16.014279] dump_stack_lvl+0x73/0xb0 [ 16.014306] print_report+0xd1/0x650 [ 16.014328] ? __virt_addr_valid+0x1db/0x2d0 [ 16.014351] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.014374] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.014398] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.014421] kasan_report+0x141/0x180 [ 16.014444] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.014470] kasan_check_range+0x10c/0x1c0 [ 16.014495] __kasan_check_write+0x18/0x20 [ 16.014516] kasan_atomics_helper+0x15b6/0x5450 [ 16.014539] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.014563] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.014589] ? kasan_atomics+0x152/0x310 [ 16.014627] kasan_atomics+0x1dc/0x310 [ 16.014652] ? __pfx_kasan_atomics+0x10/0x10 [ 16.014676] ? __pfx_read_tsc+0x10/0x10 [ 16.014700] ? ktime_get_ts64+0x86/0x230 [ 16.014725] kunit_try_run_case+0x1a5/0x480 [ 16.014750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.014774] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.014808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.014843] ? __kthread_parkme+0x82/0x180 [ 16.014901] ? preempt_count_sub+0x50/0x80 [ 16.014926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.014952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.014979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.015006] kthread+0x337/0x6f0 [ 16.015026] ? trace_preempt_on+0x20/0xc0 [ 16.015049] ? __pfx_kthread+0x10/0x10 [ 16.015071] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.015094] ? calculate_sigpending+0x7b/0xa0 [ 16.015119] ? __pfx_kthread+0x10/0x10 [ 16.015141] ret_from_fork+0x116/0x1d0 [ 16.015190] ? __pfx_kthread+0x10/0x10 [ 16.015235] ret_from_fork_asm+0x1a/0x30 [ 16.015266] </TASK> [ 16.015278] [ 16.023777] Allocated by task 282: [ 16.023958] kasan_save_stack+0x45/0x70 [ 16.024106] kasan_save_track+0x18/0x40 [ 16.024238] kasan_save_alloc_info+0x3b/0x50 [ 16.024384] __kasan_kmalloc+0xb7/0xc0 [ 16.024616] __kmalloc_cache_noprof+0x189/0x420 [ 16.025034] kasan_atomics+0x95/0x310 [ 16.025287] kunit_try_run_case+0x1a5/0x480 [ 16.025505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.025817] kthread+0x337/0x6f0 [ 16.026002] ret_from_fork+0x116/0x1d0 [ 16.026131] ret_from_fork_asm+0x1a/0x30 [ 16.026302] [ 16.026429] The buggy address belongs to the object at ffff8881029cd380 [ 16.026429] which belongs to the cache kmalloc-64 of size 64 [ 16.027062] The buggy address is located 0 bytes to the right of [ 16.027062] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.027616] [ 16.027719] The buggy address belongs to the physical page: [ 16.027989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.028435] flags: 0x200000000000000(node=0|zone=2) [ 16.028609] page_type: f5(slab) [ 16.028727] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.028967] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.029295] page dumped because: kasan: bad access detected [ 16.029540] [ 16.029676] Memory state around the buggy address: [ 16.029897] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.030207] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.030627] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.031273] ^ [ 16.031516] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.032264] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.033060] ================================================================== [ 16.089301] ================================================================== [ 16.089613] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 16.089869] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.090162] [ 16.090250] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.090298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.090310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.090333] Call Trace: [ 16.090353] <TASK> [ 16.090373] dump_stack_lvl+0x73/0xb0 [ 16.090403] print_report+0xd1/0x650 [ 16.090426] ? __virt_addr_valid+0x1db/0x2d0 [ 16.090451] ? kasan_atomics_helper+0x177f/0x5450 [ 16.090474] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.090498] ? kasan_atomics_helper+0x177f/0x5450 [ 16.090521] kasan_report+0x141/0x180 [ 16.090544] ? kasan_atomics_helper+0x177f/0x5450 [ 16.090571] kasan_check_range+0x10c/0x1c0 [ 16.090606] __kasan_check_write+0x18/0x20 [ 16.090627] kasan_atomics_helper+0x177f/0x5450 [ 16.090651] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.090674] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.090701] ? kasan_atomics+0x152/0x310 [ 16.090727] kasan_atomics+0x1dc/0x310 [ 16.090750] ? __pfx_kasan_atomics+0x10/0x10 [ 16.090775] ? __pfx_read_tsc+0x10/0x10 [ 16.090810] ? ktime_get_ts64+0x86/0x230 [ 16.090839] kunit_try_run_case+0x1a5/0x480 [ 16.090864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.090888] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.090913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.090938] ? __kthread_parkme+0x82/0x180 [ 16.090960] ? preempt_count_sub+0x50/0x80 [ 16.090985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.091010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.091035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.091061] kthread+0x337/0x6f0 [ 16.091081] ? trace_preempt_on+0x20/0xc0 [ 16.091107] ? __pfx_kthread+0x10/0x10 [ 16.091127] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.091151] ? calculate_sigpending+0x7b/0xa0 [ 16.091176] ? __pfx_kthread+0x10/0x10 [ 16.091198] ret_from_fork+0x116/0x1d0 [ 16.091218] ? __pfx_kthread+0x10/0x10 [ 16.091239] ret_from_fork_asm+0x1a/0x30 [ 16.091271] </TASK> [ 16.091282] [ 16.098588] Allocated by task 282: [ 16.098734] kasan_save_stack+0x45/0x70 [ 16.098893] kasan_save_track+0x18/0x40 [ 16.099027] kasan_save_alloc_info+0x3b/0x50 [ 16.099425] __kasan_kmalloc+0xb7/0xc0 [ 16.099619] __kmalloc_cache_noprof+0x189/0x420 [ 16.099834] kasan_atomics+0x95/0x310 [ 16.099997] kunit_try_run_case+0x1a5/0x480 [ 16.100139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.100309] kthread+0x337/0x6f0 [ 16.100425] ret_from_fork+0x116/0x1d0 [ 16.100553] ret_from_fork_asm+0x1a/0x30 [ 16.100768] [ 16.100864] The buggy address belongs to the object at ffff8881029cd380 [ 16.100864] which belongs to the cache kmalloc-64 of size 64 [ 16.101401] The buggy address is located 0 bytes to the right of [ 16.101401] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.102147] [ 16.102219] The buggy address belongs to the physical page: [ 16.102384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.102643] flags: 0x200000000000000(node=0|zone=2) [ 16.102878] page_type: f5(slab) [ 16.103045] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.103383] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.103745] page dumped because: kasan: bad access detected [ 16.104104] [ 16.104205] Memory state around the buggy address: [ 16.104408] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.104624] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.104831] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.105121] ^ [ 16.105351] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.105687] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.106126] ================================================================== [ 16.542225] ================================================================== [ 16.542471] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.542859] Read of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.543193] [ 16.543292] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.543336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.543347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.543369] Call Trace: [ 16.543384] <TASK> [ 16.543404] dump_stack_lvl+0x73/0xb0 [ 16.543431] print_report+0xd1/0x650 [ 16.543453] ? __virt_addr_valid+0x1db/0x2d0 [ 16.543477] ? kasan_atomics_helper+0x5115/0x5450 [ 16.543499] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.543523] ? kasan_atomics_helper+0x5115/0x5450 [ 16.543547] kasan_report+0x141/0x180 [ 16.543570] ? kasan_atomics_helper+0x5115/0x5450 [ 16.543608] __asan_report_load8_noabort+0x18/0x20 [ 16.543634] kasan_atomics_helper+0x5115/0x5450 [ 16.543658] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.543682] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.543708] ? kasan_atomics+0x152/0x310 [ 16.543735] kasan_atomics+0x1dc/0x310 [ 16.543758] ? __pfx_kasan_atomics+0x10/0x10 [ 16.543790] ? __pfx_read_tsc+0x10/0x10 [ 16.543812] ? ktime_get_ts64+0x86/0x230 [ 16.543837] kunit_try_run_case+0x1a5/0x480 [ 16.543862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.543885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.543910] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.543936] ? __kthread_parkme+0x82/0x180 [ 16.543957] ? preempt_count_sub+0x50/0x80 [ 16.543982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.544007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.544033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.544059] kthread+0x337/0x6f0 [ 16.544079] ? trace_preempt_on+0x20/0xc0 [ 16.544104] ? __pfx_kthread+0x10/0x10 [ 16.544126] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.544148] ? calculate_sigpending+0x7b/0xa0 [ 16.544175] ? __pfx_kthread+0x10/0x10 [ 16.544196] ret_from_fork+0x116/0x1d0 [ 16.544216] ? __pfx_kthread+0x10/0x10 [ 16.544237] ret_from_fork_asm+0x1a/0x30 [ 16.544269] </TASK> [ 16.544280] [ 16.554966] Allocated by task 282: [ 16.555301] kasan_save_stack+0x45/0x70 [ 16.555540] kasan_save_track+0x18/0x40 [ 16.555757] kasan_save_alloc_info+0x3b/0x50 [ 16.556172] __kasan_kmalloc+0xb7/0xc0 [ 16.556479] __kmalloc_cache_noprof+0x189/0x420 [ 16.556710] kasan_atomics+0x95/0x310 [ 16.557000] kunit_try_run_case+0x1a5/0x480 [ 16.557305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.557636] kthread+0x337/0x6f0 [ 16.557950] ret_from_fork+0x116/0x1d0 [ 16.558292] ret_from_fork_asm+0x1a/0x30 [ 16.558491] [ 16.558572] The buggy address belongs to the object at ffff8881029cd380 [ 16.558572] which belongs to the cache kmalloc-64 of size 64 [ 16.559381] The buggy address is located 0 bytes to the right of [ 16.559381] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.560081] [ 16.560166] The buggy address belongs to the physical page: [ 16.560547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.560855] flags: 0x200000000000000(node=0|zone=2) [ 16.561020] page_type: f5(slab) [ 16.561138] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.561363] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.561584] page dumped because: kasan: bad access detected [ 16.561781] [ 16.561850] Memory state around the buggy address: [ 16.562003] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.562213] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.562424] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.562644] ^ [ 16.562834] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.563045] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.563576] ================================================================== [ 16.065644] ================================================================== [ 16.066400] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 16.067096] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.067880] [ 16.068055] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.068124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.068138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.068171] Call Trace: [ 16.068190] <TASK> [ 16.068208] dump_stack_lvl+0x73/0xb0 [ 16.068238] print_report+0xd1/0x650 [ 16.068261] ? __virt_addr_valid+0x1db/0x2d0 [ 16.068285] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.068307] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.068331] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.068354] kasan_report+0x141/0x180 [ 16.068377] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.068404] kasan_check_range+0x10c/0x1c0 [ 16.068428] __kasan_check_write+0x18/0x20 [ 16.068449] kasan_atomics_helper+0x16e7/0x5450 [ 16.068472] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.068496] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.068523] ? kasan_atomics+0x152/0x310 [ 16.068549] kasan_atomics+0x1dc/0x310 [ 16.068571] ? __pfx_kasan_atomics+0x10/0x10 [ 16.068607] ? __pfx_read_tsc+0x10/0x10 [ 16.068629] ? ktime_get_ts64+0x86/0x230 [ 16.068653] kunit_try_run_case+0x1a5/0x480 [ 16.068678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.068702] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.068728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.068753] ? __kthread_parkme+0x82/0x180 [ 16.068785] ? preempt_count_sub+0x50/0x80 [ 16.068813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.068839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.068865] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.068891] kthread+0x337/0x6f0 [ 16.068911] ? trace_preempt_on+0x20/0xc0 [ 16.068937] ? __pfx_kthread+0x10/0x10 [ 16.068959] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.068981] ? calculate_sigpending+0x7b/0xa0 [ 16.069007] ? __pfx_kthread+0x10/0x10 [ 16.069029] ret_from_fork+0x116/0x1d0 [ 16.069049] ? __pfx_kthread+0x10/0x10 [ 16.069070] ret_from_fork_asm+0x1a/0x30 [ 16.069102] </TASK> [ 16.069112] [ 16.076738] Allocated by task 282: [ 16.077628] kasan_save_stack+0x45/0x70 [ 16.077907] kasan_save_track+0x18/0x40 [ 16.078111] kasan_save_alloc_info+0x3b/0x50 [ 16.078324] __kasan_kmalloc+0xb7/0xc0 [ 16.078512] __kmalloc_cache_noprof+0x189/0x420 [ 16.078726] kasan_atomics+0x95/0x310 [ 16.079180] kunit_try_run_case+0x1a5/0x480 [ 16.079549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.079828] kthread+0x337/0x6f0 [ 16.079988] ret_from_fork+0x116/0x1d0 [ 16.080166] ret_from_fork_asm+0x1a/0x30 [ 16.080349] [ 16.080439] The buggy address belongs to the object at ffff8881029cd380 [ 16.080439] which belongs to the cache kmalloc-64 of size 64 [ 16.081313] The buggy address is located 0 bytes to the right of [ 16.081313] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.082147] [ 16.082251] The buggy address belongs to the physical page: [ 16.082483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.083040] flags: 0x200000000000000(node=0|zone=2) [ 16.083257] page_type: f5(slab) [ 16.083410] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.083727] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.084722] page dumped because: kasan: bad access detected [ 16.085117] [ 16.085286] Memory state around the buggy address: [ 16.085714] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.086202] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.086681] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.087196] ^ [ 16.087536] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.088079] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.088492] ================================================================== [ 15.600704] ================================================================== [ 15.601480] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.601909] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.602362] [ 15.602626] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.602676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.602689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.602712] Call Trace: [ 15.602731] <TASK> [ 15.602750] dump_stack_lvl+0x73/0xb0 [ 15.602782] print_report+0xd1/0x650 [ 15.602815] ? __virt_addr_valid+0x1db/0x2d0 [ 15.602845] ? kasan_atomics_helper+0xd47/0x5450 [ 15.602868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.602892] ? kasan_atomics_helper+0xd47/0x5450 [ 15.602914] kasan_report+0x141/0x180 [ 15.602937] ? kasan_atomics_helper+0xd47/0x5450 [ 15.602964] kasan_check_range+0x10c/0x1c0 [ 15.602989] __kasan_check_write+0x18/0x20 [ 15.603010] kasan_atomics_helper+0xd47/0x5450 [ 15.603033] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.603057] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.603085] ? kasan_atomics+0x152/0x310 [ 15.603112] kasan_atomics+0x1dc/0x310 [ 15.603135] ? __pfx_kasan_atomics+0x10/0x10 [ 15.603161] ? __pfx_read_tsc+0x10/0x10 [ 15.603184] ? ktime_get_ts64+0x86/0x230 [ 15.603209] kunit_try_run_case+0x1a5/0x480 [ 15.603234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.603261] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.603285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.603310] ? __kthread_parkme+0x82/0x180 [ 15.603332] ? preempt_count_sub+0x50/0x80 [ 15.603357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.603383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.603408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.603435] kthread+0x337/0x6f0 [ 15.603454] ? trace_preempt_on+0x20/0xc0 [ 15.603479] ? __pfx_kthread+0x10/0x10 [ 15.603500] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.603523] ? calculate_sigpending+0x7b/0xa0 [ 15.603549] ? __pfx_kthread+0x10/0x10 [ 15.603572] ret_from_fork+0x116/0x1d0 [ 15.603591] ? __pfx_kthread+0x10/0x10 [ 15.603624] ret_from_fork_asm+0x1a/0x30 [ 15.603655] </TASK> [ 15.603667] [ 15.615170] Allocated by task 282: [ 15.615304] kasan_save_stack+0x45/0x70 [ 15.615464] kasan_save_track+0x18/0x40 [ 15.615648] kasan_save_alloc_info+0x3b/0x50 [ 15.615864] __kasan_kmalloc+0xb7/0xc0 [ 15.615998] __kmalloc_cache_noprof+0x189/0x420 [ 15.616247] kasan_atomics+0x95/0x310 [ 15.616448] kunit_try_run_case+0x1a5/0x480 [ 15.616631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.616908] kthread+0x337/0x6f0 [ 15.617029] ret_from_fork+0x116/0x1d0 [ 15.617163] ret_from_fork_asm+0x1a/0x30 [ 15.617358] [ 15.617453] The buggy address belongs to the object at ffff8881029cd380 [ 15.617453] which belongs to the cache kmalloc-64 of size 64 [ 15.618067] The buggy address is located 0 bytes to the right of [ 15.618067] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.618892] [ 15.618994] The buggy address belongs to the physical page: [ 15.619221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.619551] flags: 0x200000000000000(node=0|zone=2) [ 15.620423] page_type: f5(slab) [ 15.620588] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.620986] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.621404] page dumped because: kasan: bad access detected [ 15.621721] [ 15.621823] Memory state around the buggy address: [ 15.621987] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.622422] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.622728] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.623136] ^ [ 15.623364] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.623750] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.624185] ================================================================== [ 15.974260] ================================================================== [ 15.974545] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.975056] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.975274] [ 15.975356] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.975397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.975409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.975429] Call Trace: [ 15.975444] <TASK> [ 15.975461] dump_stack_lvl+0x73/0xb0 [ 15.975489] print_report+0xd1/0x650 [ 15.975510] ? __virt_addr_valid+0x1db/0x2d0 [ 15.975533] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.975607] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.975661] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.975685] kasan_report+0x141/0x180 [ 15.975731] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.975758] __asan_report_store8_noabort+0x1b/0x30 [ 15.975824] kasan_atomics_helper+0x50d4/0x5450 [ 15.975848] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.975895] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.975921] ? kasan_atomics+0x152/0x310 [ 15.975948] kasan_atomics+0x1dc/0x310 [ 15.975970] ? __pfx_kasan_atomics+0x10/0x10 [ 15.975996] ? __pfx_read_tsc+0x10/0x10 [ 15.976017] ? ktime_get_ts64+0x86/0x230 [ 15.976041] kunit_try_run_case+0x1a5/0x480 [ 15.976066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.976090] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.976115] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.976139] ? __kthread_parkme+0x82/0x180 [ 15.976161] ? preempt_count_sub+0x50/0x80 [ 15.976217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.976242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.976268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.976294] kthread+0x337/0x6f0 [ 15.976313] ? trace_preempt_on+0x20/0xc0 [ 15.976369] ? __pfx_kthread+0x10/0x10 [ 15.976390] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.976412] ? calculate_sigpending+0x7b/0xa0 [ 15.976438] ? __pfx_kthread+0x10/0x10 [ 15.976460] ret_from_fork+0x116/0x1d0 [ 15.976508] ? __pfx_kthread+0x10/0x10 [ 15.976529] ret_from_fork_asm+0x1a/0x30 [ 15.976561] </TASK> [ 15.976572] [ 15.984863] Allocated by task 282: [ 15.985076] kasan_save_stack+0x45/0x70 [ 15.985241] kasan_save_track+0x18/0x40 [ 15.985405] kasan_save_alloc_info+0x3b/0x50 [ 15.985560] __kasan_kmalloc+0xb7/0xc0 [ 15.985702] __kmalloc_cache_noprof+0x189/0x420 [ 15.985854] kasan_atomics+0x95/0x310 [ 15.985985] kunit_try_run_case+0x1a5/0x480 [ 15.986128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.986333] kthread+0x337/0x6f0 [ 15.986497] ret_from_fork+0x116/0x1d0 [ 15.986733] ret_from_fork_asm+0x1a/0x30 [ 15.987153] [ 15.987247] The buggy address belongs to the object at ffff8881029cd380 [ 15.987247] which belongs to the cache kmalloc-64 of size 64 [ 15.987772] The buggy address is located 0 bytes to the right of [ 15.987772] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.988184] [ 15.988256] The buggy address belongs to the physical page: [ 15.988424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.988669] flags: 0x200000000000000(node=0|zone=2) [ 15.989003] page_type: f5(slab) [ 15.989174] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.989627] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.990330] page dumped because: kasan: bad access detected [ 15.990625] [ 15.990720] Memory state around the buggy address: [ 15.991172] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.991518] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.991741] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.992416] ^ [ 15.992641] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.993006] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.993318] ================================================================== [ 15.733687] ================================================================== [ 15.734058] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.734369] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.734689] [ 15.734778] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.734822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.734841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.734863] Call Trace: [ 15.734882] <TASK> [ 15.734902] dump_stack_lvl+0x73/0xb0 [ 15.734930] print_report+0xd1/0x650 [ 15.734954] ? __virt_addr_valid+0x1db/0x2d0 [ 15.734978] ? kasan_atomics_helper+0x1079/0x5450 [ 15.735000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.735024] ? kasan_atomics_helper+0x1079/0x5450 [ 15.735047] kasan_report+0x141/0x180 [ 15.735069] ? kasan_atomics_helper+0x1079/0x5450 [ 15.735097] kasan_check_range+0x10c/0x1c0 [ 15.735121] __kasan_check_write+0x18/0x20 [ 15.735142] kasan_atomics_helper+0x1079/0x5450 [ 15.735165] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.735192] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.735219] ? kasan_atomics+0x152/0x310 [ 15.735246] kasan_atomics+0x1dc/0x310 [ 15.735269] ? __pfx_kasan_atomics+0x10/0x10 [ 15.735294] ? __pfx_read_tsc+0x10/0x10 [ 15.735316] ? ktime_get_ts64+0x86/0x230 [ 15.735342] kunit_try_run_case+0x1a5/0x480 [ 15.735367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.735391] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.735415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.735440] ? __kthread_parkme+0x82/0x180 [ 15.735462] ? preempt_count_sub+0x50/0x80 [ 15.735487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.735513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.735538] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.735564] kthread+0x337/0x6f0 [ 15.735584] ? trace_preempt_on+0x20/0xc0 [ 15.735618] ? __pfx_kthread+0x10/0x10 [ 15.735639] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.735662] ? calculate_sigpending+0x7b/0xa0 [ 15.735688] ? __pfx_kthread+0x10/0x10 [ 15.735711] ret_from_fork+0x116/0x1d0 [ 15.735730] ? __pfx_kthread+0x10/0x10 [ 15.735751] ret_from_fork_asm+0x1a/0x30 [ 15.735784] </TASK> [ 15.735795] [ 15.743497] Allocated by task 282: [ 15.743688] kasan_save_stack+0x45/0x70 [ 15.743986] kasan_save_track+0x18/0x40 [ 15.744180] kasan_save_alloc_info+0x3b/0x50 [ 15.744389] __kasan_kmalloc+0xb7/0xc0 [ 15.744547] __kmalloc_cache_noprof+0x189/0x420 [ 15.744772] kasan_atomics+0x95/0x310 [ 15.744959] kunit_try_run_case+0x1a5/0x480 [ 15.745145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.745371] kthread+0x337/0x6f0 [ 15.745494] ret_from_fork+0x116/0x1d0 [ 15.745637] ret_from_fork_asm+0x1a/0x30 [ 15.745778] [ 15.745848] The buggy address belongs to the object at ffff8881029cd380 [ 15.745848] which belongs to the cache kmalloc-64 of size 64 [ 15.746203] The buggy address is located 0 bytes to the right of [ 15.746203] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.746960] [ 15.747058] The buggy address belongs to the physical page: [ 15.747312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.747674] flags: 0x200000000000000(node=0|zone=2) [ 15.748002] page_type: f5(slab) [ 15.748133] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.748366] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.748609] page dumped because: kasan: bad access detected [ 15.748789] [ 15.748886] Memory state around the buggy address: [ 15.749125] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.749454] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.749796] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.750119] ^ [ 15.750339] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.750653] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.750944] ================================================================== [ 16.377575] ================================================================== [ 16.377925] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.378814] Read of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.379055] [ 16.379221] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.379290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.379303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.379323] Call Trace: [ 16.379339] <TASK> [ 16.379357] dump_stack_lvl+0x73/0xb0 [ 16.379387] print_report+0xd1/0x650 [ 16.379409] ? __virt_addr_valid+0x1db/0x2d0 [ 16.379434] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.379475] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.379500] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.379523] kasan_report+0x141/0x180 [ 16.379545] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.379573] __asan_report_load8_noabort+0x18/0x20 [ 16.379610] kasan_atomics_helper+0x4f71/0x5450 [ 16.379634] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.379658] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.379684] ? kasan_atomics+0x152/0x310 [ 16.379728] kasan_atomics+0x1dc/0x310 [ 16.379752] ? __pfx_kasan_atomics+0x10/0x10 [ 16.379777] ? __pfx_read_tsc+0x10/0x10 [ 16.379799] ? ktime_get_ts64+0x86/0x230 [ 16.379824] kunit_try_run_case+0x1a5/0x480 [ 16.379849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.379873] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.379899] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.379925] ? __kthread_parkme+0x82/0x180 [ 16.379946] ? preempt_count_sub+0x50/0x80 [ 16.379973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.379998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.380025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.380052] kthread+0x337/0x6f0 [ 16.380072] ? trace_preempt_on+0x20/0xc0 [ 16.380097] ? __pfx_kthread+0x10/0x10 [ 16.380118] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.380141] ? calculate_sigpending+0x7b/0xa0 [ 16.380167] ? __pfx_kthread+0x10/0x10 [ 16.380189] ret_from_fork+0x116/0x1d0 [ 16.380208] ? __pfx_kthread+0x10/0x10 [ 16.380237] ret_from_fork_asm+0x1a/0x30 [ 16.380288] </TASK> [ 16.380299] [ 16.387708] Allocated by task 282: [ 16.387943] kasan_save_stack+0x45/0x70 [ 16.388097] kasan_save_track+0x18/0x40 [ 16.388233] kasan_save_alloc_info+0x3b/0x50 [ 16.388415] __kasan_kmalloc+0xb7/0xc0 [ 16.388611] __kmalloc_cache_noprof+0x189/0x420 [ 16.388832] kasan_atomics+0x95/0x310 [ 16.389021] kunit_try_run_case+0x1a5/0x480 [ 16.389169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.389429] kthread+0x337/0x6f0 [ 16.389611] ret_from_fork+0x116/0x1d0 [ 16.389857] ret_from_fork_asm+0x1a/0x30 [ 16.390063] [ 16.390153] The buggy address belongs to the object at ffff8881029cd380 [ 16.390153] which belongs to the cache kmalloc-64 of size 64 [ 16.390506] The buggy address is located 0 bytes to the right of [ 16.390506] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.391110] [ 16.391208] The buggy address belongs to the physical page: [ 16.391545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.391797] flags: 0x200000000000000(node=0|zone=2) [ 16.391971] page_type: f5(slab) [ 16.392227] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.392606] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.393157] page dumped because: kasan: bad access detected [ 16.393418] [ 16.393489] Memory state around the buggy address: [ 16.393714] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.394041] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.394257] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.394764] ^ [ 16.394945] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.395161] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.395374] ================================================================== [ 15.860787] ================================================================== [ 15.861087] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.861406] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.861902] [ 15.861995] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.862040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.862053] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.862075] Call Trace: [ 15.862094] <TASK> [ 15.862111] dump_stack_lvl+0x73/0xb0 [ 15.862169] print_report+0xd1/0x650 [ 15.862191] ? __virt_addr_valid+0x1db/0x2d0 [ 15.862215] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.862237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.862261] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.862284] kasan_report+0x141/0x180 [ 15.862330] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.862358] kasan_check_range+0x10c/0x1c0 [ 15.862383] __kasan_check_write+0x18/0x20 [ 15.862403] kasan_atomics_helper+0x12e6/0x5450 [ 15.862427] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.862450] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.862494] ? kasan_atomics+0x152/0x310 [ 15.862520] kasan_atomics+0x1dc/0x310 [ 15.862544] ? __pfx_kasan_atomics+0x10/0x10 [ 15.862568] ? __pfx_read_tsc+0x10/0x10 [ 15.862590] ? ktime_get_ts64+0x86/0x230 [ 15.862626] kunit_try_run_case+0x1a5/0x480 [ 15.862651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.862674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.862699] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.862725] ? __kthread_parkme+0x82/0x180 [ 15.862746] ? preempt_count_sub+0x50/0x80 [ 15.862771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.862804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.862834] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.862880] kthread+0x337/0x6f0 [ 15.862900] ? trace_preempt_on+0x20/0xc0 [ 15.862924] ? __pfx_kthread+0x10/0x10 [ 15.862946] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.862968] ? calculate_sigpending+0x7b/0xa0 [ 15.862994] ? __pfx_kthread+0x10/0x10 [ 15.863017] ret_from_fork+0x116/0x1d0 [ 15.863036] ? __pfx_kthread+0x10/0x10 [ 15.863058] ret_from_fork_asm+0x1a/0x30 [ 15.863090] </TASK> [ 15.863100] [ 15.870562] Allocated by task 282: [ 15.870747] kasan_save_stack+0x45/0x70 [ 15.870935] kasan_save_track+0x18/0x40 [ 15.871070] kasan_save_alloc_info+0x3b/0x50 [ 15.871217] __kasan_kmalloc+0xb7/0xc0 [ 15.871346] __kmalloc_cache_noprof+0x189/0x420 [ 15.871498] kasan_atomics+0x95/0x310 [ 15.871696] kunit_try_run_case+0x1a5/0x480 [ 15.871927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.872216] kthread+0x337/0x6f0 [ 15.872412] ret_from_fork+0x116/0x1d0 [ 15.872601] ret_from_fork_asm+0x1a/0x30 [ 15.872798] [ 15.872890] The buggy address belongs to the object at ffff8881029cd380 [ 15.872890] which belongs to the cache kmalloc-64 of size 64 [ 15.873418] The buggy address is located 0 bytes to the right of [ 15.873418] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.873976] [ 15.874066] The buggy address belongs to the physical page: [ 15.874300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.874566] flags: 0x200000000000000(node=0|zone=2) [ 15.875127] page_type: f5(slab) [ 15.875485] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.876074] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.876891] page dumped because: kasan: bad access detected [ 15.877376] [ 15.877448] Memory state around the buggy address: [ 15.877616] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.878009] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.878636] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.879332] ^ [ 15.879795] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.880425] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.880801] ================================================================== [ 15.956026] ================================================================== [ 15.956358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.956729] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.957019] [ 15.957102] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.957142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.957155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.957202] Call Trace: [ 15.957217] <TASK> [ 15.957233] dump_stack_lvl+0x73/0xb0 [ 15.957261] print_report+0xd1/0x650 [ 15.957282] ? __virt_addr_valid+0x1db/0x2d0 [ 15.957306] ? kasan_atomics_helper+0x1467/0x5450 [ 15.957328] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.957352] ? kasan_atomics_helper+0x1467/0x5450 [ 15.957375] kasan_report+0x141/0x180 [ 15.957397] ? kasan_atomics_helper+0x1467/0x5450 [ 15.957423] kasan_check_range+0x10c/0x1c0 [ 15.957447] __kasan_check_write+0x18/0x20 [ 15.957468] kasan_atomics_helper+0x1467/0x5450 [ 15.957491] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.957515] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.957540] ? kasan_atomics+0x152/0x310 [ 15.957566] kasan_atomics+0x1dc/0x310 [ 15.957589] ? __pfx_kasan_atomics+0x10/0x10 [ 15.957625] ? __pfx_read_tsc+0x10/0x10 [ 15.957646] ? ktime_get_ts64+0x86/0x230 [ 15.957673] kunit_try_run_case+0x1a5/0x480 [ 15.957698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.957722] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.957747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.957772] ? __kthread_parkme+0x82/0x180 [ 15.957824] ? preempt_count_sub+0x50/0x80 [ 15.957849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.957875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.957901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.957927] kthread+0x337/0x6f0 [ 15.957947] ? trace_preempt_on+0x20/0xc0 [ 15.957970] ? __pfx_kthread+0x10/0x10 [ 15.958009] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.958032] ? calculate_sigpending+0x7b/0xa0 [ 15.958068] ? __pfx_kthread+0x10/0x10 [ 15.958091] ret_from_fork+0x116/0x1d0 [ 15.958110] ? __pfx_kthread+0x10/0x10 [ 15.958131] ret_from_fork_asm+0x1a/0x30 [ 15.958163] </TASK> [ 15.958173] [ 15.965538] Allocated by task 282: [ 15.965742] kasan_save_stack+0x45/0x70 [ 15.965944] kasan_save_track+0x18/0x40 [ 15.966150] kasan_save_alloc_info+0x3b/0x50 [ 15.966313] __kasan_kmalloc+0xb7/0xc0 [ 15.966506] __kmalloc_cache_noprof+0x189/0x420 [ 15.966747] kasan_atomics+0x95/0x310 [ 15.966946] kunit_try_run_case+0x1a5/0x480 [ 15.967146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.967367] kthread+0x337/0x6f0 [ 15.967549] ret_from_fork+0x116/0x1d0 [ 15.967737] ret_from_fork_asm+0x1a/0x30 [ 15.967941] [ 15.968050] The buggy address belongs to the object at ffff8881029cd380 [ 15.968050] which belongs to the cache kmalloc-64 of size 64 [ 15.968481] The buggy address is located 0 bytes to the right of [ 15.968481] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.969111] [ 15.969262] The buggy address belongs to the physical page: [ 15.969546] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.970003] flags: 0x200000000000000(node=0|zone=2) [ 15.970165] page_type: f5(slab) [ 15.970282] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.970636] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.970964] page dumped because: kasan: bad access detected [ 15.971208] [ 15.971379] Memory state around the buggy address: [ 15.971558] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.971920] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.972216] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.972456] ^ [ 15.972616] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.972908] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.973289] ================================================================== [ 16.219481] ================================================================== [ 16.220111] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.220455] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.220762] [ 16.220934] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.220974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.220985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.221006] Call Trace: [ 16.221019] <TASK> [ 16.221033] dump_stack_lvl+0x73/0xb0 [ 16.221060] print_report+0xd1/0x650 [ 16.221082] ? __virt_addr_valid+0x1db/0x2d0 [ 16.221106] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.221128] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.221152] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.221175] kasan_report+0x141/0x180 [ 16.221198] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.221225] kasan_check_range+0x10c/0x1c0 [ 16.221249] __kasan_check_write+0x18/0x20 [ 16.221270] kasan_atomics_helper+0x1c18/0x5450 [ 16.221293] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.221317] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.221343] ? kasan_atomics+0x152/0x310 [ 16.221369] kasan_atomics+0x1dc/0x310 [ 16.221393] ? __pfx_kasan_atomics+0x10/0x10 [ 16.221419] ? __pfx_read_tsc+0x10/0x10 [ 16.221440] ? ktime_get_ts64+0x86/0x230 [ 16.221464] kunit_try_run_case+0x1a5/0x480 [ 16.221488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.221512] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.221536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.221561] ? __kthread_parkme+0x82/0x180 [ 16.221583] ? preempt_count_sub+0x50/0x80 [ 16.221619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.221645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.221671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.221697] kthread+0x337/0x6f0 [ 16.221716] ? trace_preempt_on+0x20/0xc0 [ 16.221740] ? __pfx_kthread+0x10/0x10 [ 16.221761] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.221783] ? calculate_sigpending+0x7b/0xa0 [ 16.221807] ? __pfx_kthread+0x10/0x10 [ 16.221829] ret_from_fork+0x116/0x1d0 [ 16.221848] ? __pfx_kthread+0x10/0x10 [ 16.221869] ret_from_fork_asm+0x1a/0x30 [ 16.221900] </TASK> [ 16.221910] [ 16.229634] Allocated by task 282: [ 16.229823] kasan_save_stack+0x45/0x70 [ 16.229998] kasan_save_track+0x18/0x40 [ 16.230163] kasan_save_alloc_info+0x3b/0x50 [ 16.230317] __kasan_kmalloc+0xb7/0xc0 [ 16.230507] __kmalloc_cache_noprof+0x189/0x420 [ 16.230739] kasan_atomics+0x95/0x310 [ 16.230906] kunit_try_run_case+0x1a5/0x480 [ 16.231115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.231341] kthread+0x337/0x6f0 [ 16.231497] ret_from_fork+0x116/0x1d0 [ 16.231683] ret_from_fork_asm+0x1a/0x30 [ 16.231944] [ 16.232027] The buggy address belongs to the object at ffff8881029cd380 [ 16.232027] which belongs to the cache kmalloc-64 of size 64 [ 16.232495] The buggy address is located 0 bytes to the right of [ 16.232495] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.232876] [ 16.232947] The buggy address belongs to the physical page: [ 16.233121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.233361] flags: 0x200000000000000(node=0|zone=2) [ 16.233522] page_type: f5(slab) [ 16.233695] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.234424] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.234766] page dumped because: kasan: bad access detected [ 16.234981] [ 16.235051] Memory state around the buggy address: [ 16.235207] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.235425] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.235650] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.236300] ^ [ 16.237207] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.237716] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.238563] ================================================================== [ 15.162059] ================================================================== [ 15.162418] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 15.162760] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.163123] [ 15.163218] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.163266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.163277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.163299] Call Trace: [ 15.163318] <TASK> [ 15.163336] dump_stack_lvl+0x73/0xb0 [ 15.163365] print_report+0xd1/0x650 [ 15.163386] ? __virt_addr_valid+0x1db/0x2d0 [ 15.163410] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.163432] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.163454] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.163477] kasan_report+0x141/0x180 [ 15.163498] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.163546] __asan_report_store4_noabort+0x1b/0x30 [ 15.163571] kasan_atomics_helper+0x4ba2/0x5450 [ 15.163604] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.163627] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.163671] ? kasan_atomics+0x152/0x310 [ 15.163707] kasan_atomics+0x1dc/0x310 [ 15.163728] ? __pfx_kasan_atomics+0x10/0x10 [ 15.163753] ? __pfx_read_tsc+0x10/0x10 [ 15.163807] ? ktime_get_ts64+0x86/0x230 [ 15.163832] kunit_try_run_case+0x1a5/0x480 [ 15.163857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.163881] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.163906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.163930] ? __kthread_parkme+0x82/0x180 [ 15.163951] ? preempt_count_sub+0x50/0x80 [ 15.163975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.164000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.164024] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.164069] kthread+0x337/0x6f0 [ 15.164088] ? trace_preempt_on+0x20/0xc0 [ 15.164114] ? __pfx_kthread+0x10/0x10 [ 15.164135] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.164156] ? calculate_sigpending+0x7b/0xa0 [ 15.164181] ? __pfx_kthread+0x10/0x10 [ 15.164202] ret_from_fork+0x116/0x1d0 [ 15.164221] ? __pfx_kthread+0x10/0x10 [ 15.164242] ret_from_fork_asm+0x1a/0x30 [ 15.164273] </TASK> [ 15.164283] [ 15.173739] Allocated by task 282: [ 15.174240] kasan_save_stack+0x45/0x70 [ 15.174610] kasan_save_track+0x18/0x40 [ 15.175017] kasan_save_alloc_info+0x3b/0x50 [ 15.175377] __kasan_kmalloc+0xb7/0xc0 [ 15.175571] __kmalloc_cache_noprof+0x189/0x420 [ 15.175753] kasan_atomics+0x95/0x310 [ 15.175981] kunit_try_run_case+0x1a5/0x480 [ 15.176205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.176441] kthread+0x337/0x6f0 [ 15.176624] ret_from_fork+0x116/0x1d0 [ 15.176845] ret_from_fork_asm+0x1a/0x30 [ 15.177001] [ 15.177168] The buggy address belongs to the object at ffff8881029cd380 [ 15.177168] which belongs to the cache kmalloc-64 of size 64 [ 15.177585] The buggy address is located 0 bytes to the right of [ 15.177585] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.178239] [ 15.178314] The buggy address belongs to the physical page: [ 15.178533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.178966] flags: 0x200000000000000(node=0|zone=2) [ 15.179223] page_type: f5(slab) [ 15.179361] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.179678] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.179986] page dumped because: kasan: bad access detected [ 15.180232] [ 15.180327] Memory state around the buggy address: [ 15.180518] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.180743] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.181107] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.181392] ^ [ 15.181547] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.181834] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.182184] ================================================================== [ 15.311610] ================================================================== [ 15.312355] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.312736] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.313145] [ 15.313338] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.313384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.313397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.313421] Call Trace: [ 15.313442] <TASK> [ 15.313505] dump_stack_lvl+0x73/0xb0 [ 15.313538] print_report+0xd1/0x650 [ 15.313623] ? __virt_addr_valid+0x1db/0x2d0 [ 15.313651] ? kasan_atomics_helper+0x565/0x5450 [ 15.313673] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.313708] ? kasan_atomics_helper+0x565/0x5450 [ 15.313731] kasan_report+0x141/0x180 [ 15.313754] ? kasan_atomics_helper+0x565/0x5450 [ 15.313791] kasan_check_range+0x10c/0x1c0 [ 15.313817] __kasan_check_write+0x18/0x20 [ 15.313839] kasan_atomics_helper+0x565/0x5450 [ 15.313862] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.313886] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.313914] ? kasan_atomics+0x152/0x310 [ 15.313941] kasan_atomics+0x1dc/0x310 [ 15.313966] ? __pfx_kasan_atomics+0x10/0x10 [ 15.313991] ? __pfx_read_tsc+0x10/0x10 [ 15.314013] ? ktime_get_ts64+0x86/0x230 [ 15.314040] kunit_try_run_case+0x1a5/0x480 [ 15.314065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.314090] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.314116] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.314143] ? __kthread_parkme+0x82/0x180 [ 15.314165] ? preempt_count_sub+0x50/0x80 [ 15.314191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.314215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.314242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.314268] kthread+0x337/0x6f0 [ 15.314290] ? trace_preempt_on+0x20/0xc0 [ 15.314317] ? __pfx_kthread+0x10/0x10 [ 15.314339] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.314362] ? calculate_sigpending+0x7b/0xa0 [ 15.314386] ? __pfx_kthread+0x10/0x10 [ 15.314409] ret_from_fork+0x116/0x1d0 [ 15.314428] ? __pfx_kthread+0x10/0x10 [ 15.314449] ret_from_fork_asm+0x1a/0x30 [ 15.314481] </TASK> [ 15.314492] [ 15.327002] Allocated by task 282: [ 15.327350] kasan_save_stack+0x45/0x70 [ 15.327510] kasan_save_track+0x18/0x40 [ 15.327657] kasan_save_alloc_info+0x3b/0x50 [ 15.327920] __kasan_kmalloc+0xb7/0xc0 [ 15.328116] __kmalloc_cache_noprof+0x189/0x420 [ 15.328407] kasan_atomics+0x95/0x310 [ 15.328632] kunit_try_run_case+0x1a5/0x480 [ 15.328792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.329050] kthread+0x337/0x6f0 [ 15.329379] ret_from_fork+0x116/0x1d0 [ 15.329574] ret_from_fork_asm+0x1a/0x30 [ 15.329774] [ 15.329947] The buggy address belongs to the object at ffff8881029cd380 [ 15.329947] which belongs to the cache kmalloc-64 of size 64 [ 15.330401] The buggy address is located 0 bytes to the right of [ 15.330401] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.330934] [ 15.331009] The buggy address belongs to the physical page: [ 15.331479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.331770] flags: 0x200000000000000(node=0|zone=2) [ 15.332093] page_type: f5(slab) [ 15.332226] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.332465] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.332799] page dumped because: kasan: bad access detected [ 15.333111] [ 15.333210] Memory state around the buggy address: [ 15.333470] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.333795] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.334051] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.334444] ^ [ 15.334722] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335092] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335383] ================================================================== [ 15.464885] ================================================================== [ 15.465210] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.465532] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.465849] [ 15.465937] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.465980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.465994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.466015] Call Trace: [ 15.466031] <TASK> [ 15.466047] dump_stack_lvl+0x73/0xb0 [ 15.466075] print_report+0xd1/0x650 [ 15.466119] ? __virt_addr_valid+0x1db/0x2d0 [ 15.466144] ? kasan_atomics_helper+0x992/0x5450 [ 15.466166] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.466191] ? kasan_atomics_helper+0x992/0x5450 [ 15.466213] kasan_report+0x141/0x180 [ 15.466236] ? kasan_atomics_helper+0x992/0x5450 [ 15.466263] kasan_check_range+0x10c/0x1c0 [ 15.466287] __kasan_check_write+0x18/0x20 [ 15.466308] kasan_atomics_helper+0x992/0x5450 [ 15.466331] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.466354] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.466379] ? kasan_atomics+0x152/0x310 [ 15.466405] kasan_atomics+0x1dc/0x310 [ 15.466429] ? __pfx_kasan_atomics+0x10/0x10 [ 15.466454] ? __pfx_read_tsc+0x10/0x10 [ 15.466476] ? ktime_get_ts64+0x86/0x230 [ 15.466501] kunit_try_run_case+0x1a5/0x480 [ 15.466525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.466550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.466575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.466609] ? __kthread_parkme+0x82/0x180 [ 15.466631] ? preempt_count_sub+0x50/0x80 [ 15.466655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.466681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.466707] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.466734] kthread+0x337/0x6f0 [ 15.466754] ? trace_preempt_on+0x20/0xc0 [ 15.466800] ? __pfx_kthread+0x10/0x10 [ 15.466821] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.466848] ? calculate_sigpending+0x7b/0xa0 [ 15.466873] ? __pfx_kthread+0x10/0x10 [ 15.466895] ret_from_fork+0x116/0x1d0 [ 15.466914] ? __pfx_kthread+0x10/0x10 [ 15.466936] ret_from_fork_asm+0x1a/0x30 [ 15.466967] </TASK> [ 15.466979] [ 15.474260] Allocated by task 282: [ 15.474410] kasan_save_stack+0x45/0x70 [ 15.474551] kasan_save_track+0x18/0x40 [ 15.474709] kasan_save_alloc_info+0x3b/0x50 [ 15.474972] __kasan_kmalloc+0xb7/0xc0 [ 15.475163] __kmalloc_cache_noprof+0x189/0x420 [ 15.475380] kasan_atomics+0x95/0x310 [ 15.475567] kunit_try_run_case+0x1a5/0x480 [ 15.475804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.476038] kthread+0x337/0x6f0 [ 15.476191] ret_from_fork+0x116/0x1d0 [ 15.476376] ret_from_fork_asm+0x1a/0x30 [ 15.476549] [ 15.476630] The buggy address belongs to the object at ffff8881029cd380 [ 15.476630] which belongs to the cache kmalloc-64 of size 64 [ 15.477138] The buggy address is located 0 bytes to the right of [ 15.477138] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.477496] [ 15.477613] The buggy address belongs to the physical page: [ 15.477891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.478240] flags: 0x200000000000000(node=0|zone=2) [ 15.478467] page_type: f5(slab) [ 15.478609] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.478864] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.479174] page dumped because: kasan: bad access detected [ 15.479448] [ 15.479543] Memory state around the buggy address: [ 15.479852] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.480141] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.480886] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.481676] ^ [ 15.482414] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.482673] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.483282] ================================================================== [ 15.647684] ================================================================== [ 15.648006] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.648645] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.649035] [ 15.649272] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.649321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.649334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.649356] Call Trace: [ 15.649374] <TASK> [ 15.649391] dump_stack_lvl+0x73/0xb0 [ 15.649423] print_report+0xd1/0x650 [ 15.649447] ? __virt_addr_valid+0x1db/0x2d0 [ 15.649472] ? kasan_atomics_helper+0xe78/0x5450 [ 15.649494] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.649518] ? kasan_atomics_helper+0xe78/0x5450 [ 15.649541] kasan_report+0x141/0x180 [ 15.649564] ? kasan_atomics_helper+0xe78/0x5450 [ 15.649591] kasan_check_range+0x10c/0x1c0 [ 15.649632] __kasan_check_write+0x18/0x20 [ 15.649652] kasan_atomics_helper+0xe78/0x5450 [ 15.649676] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.649700] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.649727] ? kasan_atomics+0x152/0x310 [ 15.649754] kasan_atomics+0x1dc/0x310 [ 15.649888] ? __pfx_kasan_atomics+0x10/0x10 [ 15.649921] ? __pfx_read_tsc+0x10/0x10 [ 15.649944] ? ktime_get_ts64+0x86/0x230 [ 15.649971] kunit_try_run_case+0x1a5/0x480 [ 15.649996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.650021] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.650047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.650073] ? __kthread_parkme+0x82/0x180 [ 15.650095] ? preempt_count_sub+0x50/0x80 [ 15.650121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.650146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.650172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.650199] kthread+0x337/0x6f0 [ 15.650218] ? trace_preempt_on+0x20/0xc0 [ 15.650244] ? __pfx_kthread+0x10/0x10 [ 15.650266] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.650288] ? calculate_sigpending+0x7b/0xa0 [ 15.650314] ? __pfx_kthread+0x10/0x10 [ 15.650336] ret_from_fork+0x116/0x1d0 [ 15.650355] ? __pfx_kthread+0x10/0x10 [ 15.650376] ret_from_fork_asm+0x1a/0x30 [ 15.650408] </TASK> [ 15.650420] [ 15.659781] Allocated by task 282: [ 15.660233] kasan_save_stack+0x45/0x70 [ 15.660441] kasan_save_track+0x18/0x40 [ 15.660625] kasan_save_alloc_info+0x3b/0x50 [ 15.661008] __kasan_kmalloc+0xb7/0xc0 [ 15.661188] __kmalloc_cache_noprof+0x189/0x420 [ 15.661464] kasan_atomics+0x95/0x310 [ 15.661615] kunit_try_run_case+0x1a5/0x480 [ 15.661828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.662234] kthread+0x337/0x6f0 [ 15.662410] ret_from_fork+0x116/0x1d0 [ 15.662712] ret_from_fork_asm+0x1a/0x30 [ 15.662938] [ 15.663037] The buggy address belongs to the object at ffff8881029cd380 [ 15.663037] which belongs to the cache kmalloc-64 of size 64 [ 15.663493] The buggy address is located 0 bytes to the right of [ 15.663493] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.664297] [ 15.664395] The buggy address belongs to the physical page: [ 15.664585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.665207] flags: 0x200000000000000(node=0|zone=2) [ 15.665492] page_type: f5(slab) [ 15.665681] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.666160] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.666548] page dumped because: kasan: bad access detected [ 15.666755] [ 15.666940] Memory state around the buggy address: [ 15.667168] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.667591] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.668005] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.668312] ^ [ 15.668646] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.668972] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.669249] ================================================================== [ 15.376943] ================================================================== [ 15.377784] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.378172] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.378502] [ 15.378628] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.378697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.378710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.378753] Call Trace: [ 15.378771] <TASK> [ 15.378802] dump_stack_lvl+0x73/0xb0 [ 15.378837] print_report+0xd1/0x650 [ 15.378860] ? __virt_addr_valid+0x1db/0x2d0 [ 15.378884] ? kasan_atomics_helper+0x72f/0x5450 [ 15.378906] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.378931] ? kasan_atomics_helper+0x72f/0x5450 [ 15.378953] kasan_report+0x141/0x180 [ 15.378979] ? kasan_atomics_helper+0x72f/0x5450 [ 15.379005] kasan_check_range+0x10c/0x1c0 [ 15.379031] __kasan_check_write+0x18/0x20 [ 15.379051] kasan_atomics_helper+0x72f/0x5450 [ 15.379075] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.379098] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.379124] ? kasan_atomics+0x152/0x310 [ 15.379151] kasan_atomics+0x1dc/0x310 [ 15.379174] ? __pfx_kasan_atomics+0x10/0x10 [ 15.379199] ? __pfx_read_tsc+0x10/0x10 [ 15.379222] ? ktime_get_ts64+0x86/0x230 [ 15.379247] kunit_try_run_case+0x1a5/0x480 [ 15.379273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.379296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.379320] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.379345] ? __kthread_parkme+0x82/0x180 [ 15.379366] ? preempt_count_sub+0x50/0x80 [ 15.379391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.379416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.379442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.379468] kthread+0x337/0x6f0 [ 15.379488] ? trace_preempt_on+0x20/0xc0 [ 15.379513] ? __pfx_kthread+0x10/0x10 [ 15.379534] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.379557] ? calculate_sigpending+0x7b/0xa0 [ 15.379582] ? __pfx_kthread+0x10/0x10 [ 15.379615] ret_from_fork+0x116/0x1d0 [ 15.379645] ? __pfx_kthread+0x10/0x10 [ 15.379667] ret_from_fork_asm+0x1a/0x30 [ 15.379699] </TASK> [ 15.379722] [ 15.391143] Allocated by task 282: [ 15.391288] kasan_save_stack+0x45/0x70 [ 15.391443] kasan_save_track+0x18/0x40 [ 15.391582] kasan_save_alloc_info+0x3b/0x50 [ 15.391751] __kasan_kmalloc+0xb7/0xc0 [ 15.392368] __kmalloc_cache_noprof+0x189/0x420 [ 15.392890] kasan_atomics+0x95/0x310 [ 15.393249] kunit_try_run_case+0x1a5/0x480 [ 15.393409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.393590] kthread+0x337/0x6f0 [ 15.393728] ret_from_fork+0x116/0x1d0 [ 15.394355] ret_from_fork_asm+0x1a/0x30 [ 15.394857] [ 15.395022] The buggy address belongs to the object at ffff8881029cd380 [ 15.395022] which belongs to the cache kmalloc-64 of size 64 [ 15.396408] The buggy address is located 0 bytes to the right of [ 15.396408] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.397509] [ 15.397845] The buggy address belongs to the physical page: [ 15.398222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.398481] flags: 0x200000000000000(node=0|zone=2) [ 15.398670] page_type: f5(slab) [ 15.399112] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.399424] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.399857] page dumped because: kasan: bad access detected [ 15.400326] [ 15.400430] Memory state around the buggy address: [ 15.400859] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.401272] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.401692] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.402086] ^ [ 15.402327] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.402903] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.403341] ================================================================== [ 15.751678] ================================================================== [ 15.752246] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.752610] Read of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.753018] [ 15.753107] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.753151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.753164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.753184] Call Trace: [ 15.753200] <TASK> [ 15.753217] dump_stack_lvl+0x73/0xb0 [ 15.753245] print_report+0xd1/0x650 [ 15.753269] ? __virt_addr_valid+0x1db/0x2d0 [ 15.753292] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.753314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.753338] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.753361] kasan_report+0x141/0x180 [ 15.753383] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.753419] __asan_report_load4_noabort+0x18/0x20 [ 15.753450] kasan_atomics_helper+0x4a1c/0x5450 [ 15.753474] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.753498] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.753523] ? kasan_atomics+0x152/0x310 [ 15.753550] kasan_atomics+0x1dc/0x310 [ 15.753573] ? __pfx_kasan_atomics+0x10/0x10 [ 15.753609] ? __pfx_read_tsc+0x10/0x10 [ 15.753632] ? ktime_get_ts64+0x86/0x230 [ 15.753656] kunit_try_run_case+0x1a5/0x480 [ 15.753681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.753705] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.753730] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.753755] ? __kthread_parkme+0x82/0x180 [ 15.753787] ? preempt_count_sub+0x50/0x80 [ 15.753813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.753838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.753865] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.753892] kthread+0x337/0x6f0 [ 15.753913] ? trace_preempt_on+0x20/0xc0 [ 15.753938] ? __pfx_kthread+0x10/0x10 [ 15.753960] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.753982] ? calculate_sigpending+0x7b/0xa0 [ 15.754007] ? __pfx_kthread+0x10/0x10 [ 15.754029] ret_from_fork+0x116/0x1d0 [ 15.754049] ? __pfx_kthread+0x10/0x10 [ 15.754070] ret_from_fork_asm+0x1a/0x30 [ 15.754102] </TASK> [ 15.754112] [ 15.761591] Allocated by task 282: [ 15.761730] kasan_save_stack+0x45/0x70 [ 15.762155] kasan_save_track+0x18/0x40 [ 15.762352] kasan_save_alloc_info+0x3b/0x50 [ 15.762565] __kasan_kmalloc+0xb7/0xc0 [ 15.762764] __kmalloc_cache_noprof+0x189/0x420 [ 15.762954] kasan_atomics+0x95/0x310 [ 15.763089] kunit_try_run_case+0x1a5/0x480 [ 15.763242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.763428] kthread+0x337/0x6f0 [ 15.763552] ret_from_fork+0x116/0x1d0 [ 15.763750] ret_from_fork_asm+0x1a/0x30 [ 15.763962] [ 15.764054] The buggy address belongs to the object at ffff8881029cd380 [ 15.764054] which belongs to the cache kmalloc-64 of size 64 [ 15.764610] The buggy address is located 0 bytes to the right of [ 15.764610] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.765340] [ 15.765414] The buggy address belongs to the physical page: [ 15.765589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.765838] flags: 0x200000000000000(node=0|zone=2) [ 15.766091] page_type: f5(slab) [ 15.766257] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.766601] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.767053] page dumped because: kasan: bad access detected [ 15.767225] [ 15.767293] Memory state around the buggy address: [ 15.767448] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.767674] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.768290] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.768620] ^ [ 15.768854] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.769103] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.769321] ================================================================== [ 15.201609] ================================================================== [ 15.202056] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 15.202410] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.202735] [ 15.203085] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.203134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.203147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.203169] Call Trace: [ 15.203188] <TASK> [ 15.203207] dump_stack_lvl+0x73/0xb0 [ 15.203238] print_report+0xd1/0x650 [ 15.203261] ? __virt_addr_valid+0x1db/0x2d0 [ 15.203286] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.203308] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.203333] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.203356] kasan_report+0x141/0x180 [ 15.203379] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.203406] __asan_report_store4_noabort+0x1b/0x30 [ 15.203432] kasan_atomics_helper+0x4b6e/0x5450 [ 15.203456] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.203479] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.203506] ? kasan_atomics+0x152/0x310 [ 15.203533] kasan_atomics+0x1dc/0x310 [ 15.203556] ? __pfx_kasan_atomics+0x10/0x10 [ 15.203581] ? __pfx_read_tsc+0x10/0x10 [ 15.203618] ? ktime_get_ts64+0x86/0x230 [ 15.203645] kunit_try_run_case+0x1a5/0x480 [ 15.203672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.203696] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.203722] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.203746] ? __kthread_parkme+0x82/0x180 [ 15.203851] ? preempt_count_sub+0x50/0x80 [ 15.203882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.203908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.203936] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.203963] kthread+0x337/0x6f0 [ 15.203983] ? trace_preempt_on+0x20/0xc0 [ 15.204009] ? __pfx_kthread+0x10/0x10 [ 15.204030] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.204053] ? calculate_sigpending+0x7b/0xa0 [ 15.204078] ? __pfx_kthread+0x10/0x10 [ 15.204102] ret_from_fork+0x116/0x1d0 [ 15.204122] ? __pfx_kthread+0x10/0x10 [ 15.204144] ret_from_fork_asm+0x1a/0x30 [ 15.204176] </TASK> [ 15.204187] [ 15.211988] Allocated by task 282: [ 15.212140] kasan_save_stack+0x45/0x70 [ 15.212299] kasan_save_track+0x18/0x40 [ 15.212477] kasan_save_alloc_info+0x3b/0x50 [ 15.212708] __kasan_kmalloc+0xb7/0xc0 [ 15.212971] __kmalloc_cache_noprof+0x189/0x420 [ 15.213203] kasan_atomics+0x95/0x310 [ 15.213402] kunit_try_run_case+0x1a5/0x480 [ 15.213627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.213947] kthread+0x337/0x6f0 [ 15.214077] ret_from_fork+0x116/0x1d0 [ 15.214211] ret_from_fork_asm+0x1a/0x30 [ 15.214374] [ 15.214470] The buggy address belongs to the object at ffff8881029cd380 [ 15.214470] which belongs to the cache kmalloc-64 of size 64 [ 15.215229] The buggy address is located 0 bytes to the right of [ 15.215229] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.215782] [ 15.215881] The buggy address belongs to the physical page: [ 15.216183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.216488] flags: 0x200000000000000(node=0|zone=2) [ 15.216733] page_type: f5(slab) [ 15.216901] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.217205] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.217514] page dumped because: kasan: bad access detected [ 15.217881] [ 15.217971] Memory state around the buggy address: [ 15.218202] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.218485] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.218757] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.219184] ^ [ 15.219422] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.219756] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.220159] ================================================================== [ 15.769805] ================================================================== [ 15.770340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.770705] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.771212] [ 15.771300] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.771343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.771356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.771377] Call Trace: [ 15.771393] <TASK> [ 15.771410] dump_stack_lvl+0x73/0xb0 [ 15.771439] print_report+0xd1/0x650 [ 15.771462] ? __virt_addr_valid+0x1db/0x2d0 [ 15.771485] ? kasan_atomics_helper+0x1148/0x5450 [ 15.771507] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.771532] ? kasan_atomics_helper+0x1148/0x5450 [ 15.771554] kasan_report+0x141/0x180 [ 15.771577] ? kasan_atomics_helper+0x1148/0x5450 [ 15.771615] kasan_check_range+0x10c/0x1c0 [ 15.771640] __kasan_check_write+0x18/0x20 [ 15.771660] kasan_atomics_helper+0x1148/0x5450 [ 15.771684] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.771708] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.771733] ? kasan_atomics+0x152/0x310 [ 15.771760] kasan_atomics+0x1dc/0x310 [ 15.771783] ? __pfx_kasan_atomics+0x10/0x10 [ 15.771808] ? __pfx_read_tsc+0x10/0x10 [ 15.771830] ? ktime_get_ts64+0x86/0x230 [ 15.771856] kunit_try_run_case+0x1a5/0x480 [ 15.771881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.771904] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.771930] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.771955] ? __kthread_parkme+0x82/0x180 [ 15.771975] ? preempt_count_sub+0x50/0x80 [ 15.772000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.772026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.772052] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.772078] kthread+0x337/0x6f0 [ 15.772097] ? trace_preempt_on+0x20/0xc0 [ 15.772123] ? __pfx_kthread+0x10/0x10 [ 15.772144] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.772166] ? calculate_sigpending+0x7b/0xa0 [ 15.772191] ? __pfx_kthread+0x10/0x10 [ 15.772213] ret_from_fork+0x116/0x1d0 [ 15.772232] ? __pfx_kthread+0x10/0x10 [ 15.772253] ret_from_fork_asm+0x1a/0x30 [ 15.772285] </TASK> [ 15.772296] [ 15.785892] Allocated by task 282: [ 15.786636] kasan_save_stack+0x45/0x70 [ 15.787294] kasan_save_track+0x18/0x40 [ 15.787457] kasan_save_alloc_info+0x3b/0x50 [ 15.787622] __kasan_kmalloc+0xb7/0xc0 [ 15.787757] __kmalloc_cache_noprof+0x189/0x420 [ 15.788415] kasan_atomics+0x95/0x310 [ 15.788638] kunit_try_run_case+0x1a5/0x480 [ 15.788805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.789101] kthread+0x337/0x6f0 [ 15.789517] ret_from_fork+0x116/0x1d0 [ 15.789748] ret_from_fork_asm+0x1a/0x30 [ 15.790091] [ 15.790203] The buggy address belongs to the object at ffff8881029cd380 [ 15.790203] which belongs to the cache kmalloc-64 of size 64 [ 15.790677] The buggy address is located 0 bytes to the right of [ 15.790677] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.791222] [ 15.791316] The buggy address belongs to the physical page: [ 15.791545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.792012] flags: 0x200000000000000(node=0|zone=2) [ 15.792221] page_type: f5(slab) [ 15.792383] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.792671] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.792971] page dumped because: kasan: bad access detected [ 15.793177] [ 15.793713] Memory state around the buggy address: [ 15.793920] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.794198] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.794514] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.795122] ^ [ 15.795336] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.795720] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.796073] ================================================================== [ 16.033732] ================================================================== [ 16.034311] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 16.034539] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.035829] [ 16.036059] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.036240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.036259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.036282] Call Trace: [ 16.036302] <TASK> [ 16.036319] dump_stack_lvl+0x73/0xb0 [ 16.036352] print_report+0xd1/0x650 [ 16.036374] ? __virt_addr_valid+0x1db/0x2d0 [ 16.036445] ? kasan_atomics_helper+0x164f/0x5450 [ 16.036469] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.036493] ? kasan_atomics_helper+0x164f/0x5450 [ 16.036516] kasan_report+0x141/0x180 [ 16.036538] ? kasan_atomics_helper+0x164f/0x5450 [ 16.036565] kasan_check_range+0x10c/0x1c0 [ 16.036589] __kasan_check_write+0x18/0x20 [ 16.036620] kasan_atomics_helper+0x164f/0x5450 [ 16.036644] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.036669] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.036695] ? kasan_atomics+0x152/0x310 [ 16.036722] kasan_atomics+0x1dc/0x310 [ 16.036745] ? __pfx_kasan_atomics+0x10/0x10 [ 16.036770] ? __pfx_read_tsc+0x10/0x10 [ 16.036802] ? ktime_get_ts64+0x86/0x230 [ 16.036827] kunit_try_run_case+0x1a5/0x480 [ 16.036852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.036876] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.036901] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.036926] ? __kthread_parkme+0x82/0x180 [ 16.036948] ? preempt_count_sub+0x50/0x80 [ 16.036973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.036998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.037023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.037050] kthread+0x337/0x6f0 [ 16.037070] ? trace_preempt_on+0x20/0xc0 [ 16.037097] ? __pfx_kthread+0x10/0x10 [ 16.037119] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.037142] ? calculate_sigpending+0x7b/0xa0 [ 16.037168] ? __pfx_kthread+0x10/0x10 [ 16.037190] ret_from_fork+0x116/0x1d0 [ 16.037209] ? __pfx_kthread+0x10/0x10 [ 16.037230] ret_from_fork_asm+0x1a/0x30 [ 16.037262] </TASK> [ 16.037273] [ 16.051462] Allocated by task 282: [ 16.051855] kasan_save_stack+0x45/0x70 [ 16.052311] kasan_save_track+0x18/0x40 [ 16.052538] kasan_save_alloc_info+0x3b/0x50 [ 16.052696] __kasan_kmalloc+0xb7/0xc0 [ 16.052890] __kmalloc_cache_noprof+0x189/0x420 [ 16.053396] kasan_atomics+0x95/0x310 [ 16.053771] kunit_try_run_case+0x1a5/0x480 [ 16.054181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.054695] kthread+0x337/0x6f0 [ 16.055075] ret_from_fork+0x116/0x1d0 [ 16.055429] ret_from_fork_asm+0x1a/0x30 [ 16.055703] [ 16.055787] The buggy address belongs to the object at ffff8881029cd380 [ 16.055787] which belongs to the cache kmalloc-64 of size 64 [ 16.056979] The buggy address is located 0 bytes to the right of [ 16.056979] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.057339] [ 16.057414] The buggy address belongs to the physical page: [ 16.057583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.057952] flags: 0x200000000000000(node=0|zone=2) [ 16.058419] page_type: f5(slab) [ 16.058740] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.059415] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.060247] page dumped because: kasan: bad access detected [ 16.060922] [ 16.061097] Memory state around the buggy address: [ 16.061611] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.062300] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.063037] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.063787] ^ [ 16.064232] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.064491] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.064711] ================================================================== [ 16.507200] ================================================================== [ 16.507512] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.508004] Read of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.508316] [ 16.508406] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.508451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.508463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.508485] Call Trace: [ 16.508505] <TASK> [ 16.508524] dump_stack_lvl+0x73/0xb0 [ 16.508555] print_report+0xd1/0x650 [ 16.508579] ? __virt_addr_valid+0x1db/0x2d0 [ 16.508616] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.508640] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.508664] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.508688] kasan_report+0x141/0x180 [ 16.508710] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.508738] __asan_report_load8_noabort+0x18/0x20 [ 16.508765] kasan_atomics_helper+0x4fa5/0x5450 [ 16.508800] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.508823] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.508851] ? kasan_atomics+0x152/0x310 [ 16.508877] kasan_atomics+0x1dc/0x310 [ 16.508901] ? __pfx_kasan_atomics+0x10/0x10 [ 16.508926] ? __pfx_read_tsc+0x10/0x10 [ 16.508948] ? ktime_get_ts64+0x86/0x230 [ 16.508975] kunit_try_run_case+0x1a5/0x480 [ 16.509001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.509025] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.509051] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.509077] ? __kthread_parkme+0x82/0x180 [ 16.509099] ? preempt_count_sub+0x50/0x80 [ 16.509125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.509150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.509176] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.509203] kthread+0x337/0x6f0 [ 16.509222] ? trace_preempt_on+0x20/0xc0 [ 16.509247] ? __pfx_kthread+0x10/0x10 [ 16.509269] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.509291] ? calculate_sigpending+0x7b/0xa0 [ 16.509317] ? __pfx_kthread+0x10/0x10 [ 16.509339] ret_from_fork+0x116/0x1d0 [ 16.509358] ? __pfx_kthread+0x10/0x10 [ 16.509379] ret_from_fork_asm+0x1a/0x30 [ 16.509412] </TASK> [ 16.509423] [ 16.516876] Allocated by task 282: [ 16.517059] kasan_save_stack+0x45/0x70 [ 16.517218] kasan_save_track+0x18/0x40 [ 16.517413] kasan_save_alloc_info+0x3b/0x50 [ 16.517569] __kasan_kmalloc+0xb7/0xc0 [ 16.517784] __kmalloc_cache_noprof+0x189/0x420 [ 16.517998] kasan_atomics+0x95/0x310 [ 16.518189] kunit_try_run_case+0x1a5/0x480 [ 16.518374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.518638] kthread+0x337/0x6f0 [ 16.518774] ret_from_fork+0x116/0x1d0 [ 16.518984] ret_from_fork_asm+0x1a/0x30 [ 16.519145] [ 16.519241] The buggy address belongs to the object at ffff8881029cd380 [ 16.519241] which belongs to the cache kmalloc-64 of size 64 [ 16.519719] The buggy address is located 0 bytes to the right of [ 16.519719] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.520210] [ 16.520307] The buggy address belongs to the physical page: [ 16.520482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.520734] flags: 0x200000000000000(node=0|zone=2) [ 16.520903] page_type: f5(slab) [ 16.521025] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.521260] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.521659] page dumped because: kasan: bad access detected [ 16.521942] [ 16.522035] Memory state around the buggy address: [ 16.522258] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.522576] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.522895] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.523110] ^ [ 16.523266] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.523484] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.523708] ================================================================== [ 15.258010] ================================================================== [ 15.258348] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.260110] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.260464] [ 15.260583] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.261792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.261808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.261833] Call Trace: [ 15.261854] <TASK> [ 15.261874] dump_stack_lvl+0x73/0xb0 [ 15.261910] print_report+0xd1/0x650 [ 15.261933] ? __virt_addr_valid+0x1db/0x2d0 [ 15.261958] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.261979] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.262004] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.262027] kasan_report+0x141/0x180 [ 15.262049] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.262076] kasan_check_range+0x10c/0x1c0 [ 15.262100] __kasan_check_write+0x18/0x20 [ 15.262121] kasan_atomics_helper+0x4a0/0x5450 [ 15.262143] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.262167] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.262194] ? kasan_atomics+0x152/0x310 [ 15.262220] kasan_atomics+0x1dc/0x310 [ 15.262243] ? __pfx_kasan_atomics+0x10/0x10 [ 15.262268] ? __pfx_read_tsc+0x10/0x10 [ 15.262290] ? ktime_get_ts64+0x86/0x230 [ 15.262315] kunit_try_run_case+0x1a5/0x480 [ 15.262340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.262368] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.262393] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.262418] ? __kthread_parkme+0x82/0x180 [ 15.262440] ? preempt_count_sub+0x50/0x80 [ 15.262465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.262489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.262515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.262541] kthread+0x337/0x6f0 [ 15.262560] ? trace_preempt_on+0x20/0xc0 [ 15.262586] ? __pfx_kthread+0x10/0x10 [ 15.262620] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.262642] ? calculate_sigpending+0x7b/0xa0 [ 15.262667] ? __pfx_kthread+0x10/0x10 [ 15.262689] ret_from_fork+0x116/0x1d0 [ 15.262708] ? __pfx_kthread+0x10/0x10 [ 15.262730] ret_from_fork_asm+0x1a/0x30 [ 15.262787] </TASK> [ 15.262798] [ 15.276058] Allocated by task 282: [ 15.276229] kasan_save_stack+0x45/0x70 [ 15.276449] kasan_save_track+0x18/0x40 [ 15.276663] kasan_save_alloc_info+0x3b/0x50 [ 15.276993] __kasan_kmalloc+0xb7/0xc0 [ 15.277158] __kmalloc_cache_noprof+0x189/0x420 [ 15.277438] kasan_atomics+0x95/0x310 [ 15.277633] kunit_try_run_case+0x1a5/0x480 [ 15.277906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.278368] kthread+0x337/0x6f0 [ 15.278622] ret_from_fork+0x116/0x1d0 [ 15.278778] ret_from_fork_asm+0x1a/0x30 [ 15.278929] [ 15.279056] The buggy address belongs to the object at ffff8881029cd380 [ 15.279056] which belongs to the cache kmalloc-64 of size 64 [ 15.280241] The buggy address is located 0 bytes to the right of [ 15.280241] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.280765] [ 15.281665] The buggy address belongs to the physical page: [ 15.282396] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.283009] flags: 0x200000000000000(node=0|zone=2) [ 15.283273] page_type: f5(slab) [ 15.283440] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.283773] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.284380] page dumped because: kasan: bad access detected [ 15.284623] [ 15.284714] Memory state around the buggy address: [ 15.285580] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.286218] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.286927] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.287355] ^ [ 15.287562] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.288182] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.289196] ================================================================== [ 15.484223] ================================================================== [ 15.484584] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.484944] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.485251] [ 15.485363] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.485407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.485420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.485441] Call Trace: [ 15.485457] <TASK> [ 15.485473] dump_stack_lvl+0x73/0xb0 [ 15.485500] print_report+0xd1/0x650 [ 15.485522] ? __virt_addr_valid+0x1db/0x2d0 [ 15.485545] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.485565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.485588] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.485642] kasan_report+0x141/0x180 [ 15.485665] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.485692] kasan_check_range+0x10c/0x1c0 [ 15.485716] __kasan_check_write+0x18/0x20 [ 15.485737] kasan_atomics_helper+0xa2b/0x5450 [ 15.485779] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.485804] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.485829] ? kasan_atomics+0x152/0x310 [ 15.485856] kasan_atomics+0x1dc/0x310 [ 15.485879] ? __pfx_kasan_atomics+0x10/0x10 [ 15.485904] ? __pfx_read_tsc+0x10/0x10 [ 15.485926] ? ktime_get_ts64+0x86/0x230 [ 15.485951] kunit_try_run_case+0x1a5/0x480 [ 15.485975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.485999] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.486024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.486049] ? __kthread_parkme+0x82/0x180 [ 15.486071] ? preempt_count_sub+0x50/0x80 [ 15.486097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.486122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.486148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.486175] kthread+0x337/0x6f0 [ 15.486196] ? trace_preempt_on+0x20/0xc0 [ 15.486222] ? __pfx_kthread+0x10/0x10 [ 15.486243] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.486266] ? calculate_sigpending+0x7b/0xa0 [ 15.486292] ? __pfx_kthread+0x10/0x10 [ 15.486314] ret_from_fork+0x116/0x1d0 [ 15.486333] ? __pfx_kthread+0x10/0x10 [ 15.486355] ret_from_fork_asm+0x1a/0x30 [ 15.486386] </TASK> [ 15.486398] [ 15.493661] Allocated by task 282: [ 15.493839] kasan_save_stack+0x45/0x70 [ 15.493996] kasan_save_track+0x18/0x40 [ 15.494134] kasan_save_alloc_info+0x3b/0x50 [ 15.494285] __kasan_kmalloc+0xb7/0xc0 [ 15.494435] __kmalloc_cache_noprof+0x189/0x420 [ 15.494670] kasan_atomics+0x95/0x310 [ 15.494892] kunit_try_run_case+0x1a5/0x480 [ 15.495105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.495363] kthread+0x337/0x6f0 [ 15.495533] ret_from_fork+0x116/0x1d0 [ 15.495722] ret_from_fork_asm+0x1a/0x30 [ 15.495886] [ 15.495957] The buggy address belongs to the object at ffff8881029cd380 [ 15.495957] which belongs to the cache kmalloc-64 of size 64 [ 15.496353] The buggy address is located 0 bytes to the right of [ 15.496353] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.496937] [ 15.497034] The buggy address belongs to the physical page: [ 15.497293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.497632] flags: 0x200000000000000(node=0|zone=2) [ 15.497825] page_type: f5(slab) [ 15.497962] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.498311] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.498641] page dumped because: kasan: bad access detected [ 15.498891] [ 15.498984] Memory state around the buggy address: [ 15.499183] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.499451] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.499743] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.500038] ^ [ 15.500252] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.500488] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.500722] ================================================================== [ 15.715631] ================================================================== [ 15.715987] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.716448] Read of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.716771] [ 15.717215] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.717259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.717273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.717293] Call Trace: [ 15.717307] <TASK> [ 15.717323] dump_stack_lvl+0x73/0xb0 [ 15.717351] print_report+0xd1/0x650 [ 15.717374] ? __virt_addr_valid+0x1db/0x2d0 [ 15.717398] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.717419] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.717443] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.717466] kasan_report+0x141/0x180 [ 15.717488] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.717516] __asan_report_load4_noabort+0x18/0x20 [ 15.717541] kasan_atomics_helper+0x4a36/0x5450 [ 15.717565] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.717589] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.717628] ? kasan_atomics+0x152/0x310 [ 15.717655] kasan_atomics+0x1dc/0x310 [ 15.717679] ? __pfx_kasan_atomics+0x10/0x10 [ 15.717704] ? __pfx_read_tsc+0x10/0x10 [ 15.717726] ? ktime_get_ts64+0x86/0x230 [ 15.717750] kunit_try_run_case+0x1a5/0x480 [ 15.717774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.717813] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.717837] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.717863] ? __kthread_parkme+0x82/0x180 [ 15.717884] ? preempt_count_sub+0x50/0x80 [ 15.717909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.717934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.717960] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.717986] kthread+0x337/0x6f0 [ 15.718006] ? trace_preempt_on+0x20/0xc0 [ 15.718031] ? __pfx_kthread+0x10/0x10 [ 15.718052] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.718074] ? calculate_sigpending+0x7b/0xa0 [ 15.718099] ? __pfx_kthread+0x10/0x10 [ 15.718121] ret_from_fork+0x116/0x1d0 [ 15.718141] ? __pfx_kthread+0x10/0x10 [ 15.718162] ret_from_fork_asm+0x1a/0x30 [ 15.718194] </TASK> [ 15.718204] [ 15.725574] Allocated by task 282: [ 15.725778] kasan_save_stack+0x45/0x70 [ 15.725991] kasan_save_track+0x18/0x40 [ 15.726188] kasan_save_alloc_info+0x3b/0x50 [ 15.726408] __kasan_kmalloc+0xb7/0xc0 [ 15.726604] __kmalloc_cache_noprof+0x189/0x420 [ 15.726896] kasan_atomics+0x95/0x310 [ 15.727035] kunit_try_run_case+0x1a5/0x480 [ 15.727232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.727489] kthread+0x337/0x6f0 [ 15.727630] ret_from_fork+0x116/0x1d0 [ 15.727765] ret_from_fork_asm+0x1a/0x30 [ 15.727974] [ 15.728074] The buggy address belongs to the object at ffff8881029cd380 [ 15.728074] which belongs to the cache kmalloc-64 of size 64 [ 15.728543] The buggy address is located 0 bytes to the right of [ 15.728543] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.729066] [ 15.729171] The buggy address belongs to the physical page: [ 15.729387] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.729658] flags: 0x200000000000000(node=0|zone=2) [ 15.729991] page_type: f5(slab) [ 15.730157] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.730477] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.730817] page dumped because: kasan: bad access detected [ 15.731005] [ 15.731103] Memory state around the buggy address: [ 15.731331] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.731614] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.731832] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.732045] ^ [ 15.732201] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.732518] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.733000] ================================================================== [ 15.796863] ================================================================== [ 15.798011] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.798447] Read of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.798779] [ 15.799040] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.799090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.799103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.799126] Call Trace: [ 15.799212] <TASK> [ 15.799286] dump_stack_lvl+0x73/0xb0 [ 15.799321] print_report+0xd1/0x650 [ 15.799345] ? __virt_addr_valid+0x1db/0x2d0 [ 15.799369] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.799391] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.799416] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.799438] kasan_report+0x141/0x180 [ 15.799461] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.799488] __asan_report_load4_noabort+0x18/0x20 [ 15.799515] kasan_atomics_helper+0x4a02/0x5450 [ 15.799538] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.799561] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.799588] ? kasan_atomics+0x152/0x310 [ 15.799626] kasan_atomics+0x1dc/0x310 [ 15.799649] ? __pfx_kasan_atomics+0x10/0x10 [ 15.799674] ? __pfx_read_tsc+0x10/0x10 [ 15.799696] ? ktime_get_ts64+0x86/0x230 [ 15.799722] kunit_try_run_case+0x1a5/0x480 [ 15.799748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.799771] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.799863] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.799888] ? __kthread_parkme+0x82/0x180 [ 15.799910] ? preempt_count_sub+0x50/0x80 [ 15.799936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.799961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.799986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.800013] kthread+0x337/0x6f0 [ 15.800032] ? trace_preempt_on+0x20/0xc0 [ 15.800058] ? __pfx_kthread+0x10/0x10 [ 15.800080] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.800102] ? calculate_sigpending+0x7b/0xa0 [ 15.800128] ? __pfx_kthread+0x10/0x10 [ 15.800150] ret_from_fork+0x116/0x1d0 [ 15.800169] ? __pfx_kthread+0x10/0x10 [ 15.800191] ret_from_fork_asm+0x1a/0x30 [ 15.800223] </TASK> [ 15.800234] [ 15.809770] Allocated by task 282: [ 15.810120] kasan_save_stack+0x45/0x70 [ 15.810280] kasan_save_track+0x18/0x40 [ 15.810474] kasan_save_alloc_info+0x3b/0x50 [ 15.810679] __kasan_kmalloc+0xb7/0xc0 [ 15.810858] __kmalloc_cache_noprof+0x189/0x420 [ 15.811302] kasan_atomics+0x95/0x310 [ 15.811548] kunit_try_run_case+0x1a5/0x480 [ 15.811723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.812174] kthread+0x337/0x6f0 [ 15.812422] ret_from_fork+0x116/0x1d0 [ 15.812613] ret_from_fork_asm+0x1a/0x30 [ 15.812818] [ 15.813079] The buggy address belongs to the object at ffff8881029cd380 [ 15.813079] which belongs to the cache kmalloc-64 of size 64 [ 15.813588] The buggy address is located 0 bytes to the right of [ 15.813588] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.814429] [ 15.814522] The buggy address belongs to the physical page: [ 15.814731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.815306] flags: 0x200000000000000(node=0|zone=2) [ 15.815620] page_type: f5(slab) [ 15.815791] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.816233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.816550] page dumped because: kasan: bad access detected [ 15.816811] [ 15.816887] Memory state around the buggy address: [ 15.817287] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.817666] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.818101] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.818359] ^ [ 15.818689] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.819123] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.819484] ================================================================== [ 16.287454] ================================================================== [ 16.288096] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.288515] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.289126] [ 16.289239] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.289282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.289379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.289404] Call Trace: [ 16.289420] <TASK> [ 16.289435] dump_stack_lvl+0x73/0xb0 [ 16.289466] print_report+0xd1/0x650 [ 16.289488] ? __virt_addr_valid+0x1db/0x2d0 [ 16.289511] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.289534] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.289559] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.289581] kasan_report+0x141/0x180 [ 16.289616] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.289643] kasan_check_range+0x10c/0x1c0 [ 16.289668] __kasan_check_write+0x18/0x20 [ 16.289688] kasan_atomics_helper+0x1d7a/0x5450 [ 16.289712] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.289736] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.289765] ? kasan_atomics+0x152/0x310 [ 16.289804] kasan_atomics+0x1dc/0x310 [ 16.289828] ? __pfx_kasan_atomics+0x10/0x10 [ 16.289854] ? __pfx_read_tsc+0x10/0x10 [ 16.289877] ? ktime_get_ts64+0x86/0x230 [ 16.289904] kunit_try_run_case+0x1a5/0x480 [ 16.289929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.289954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.289980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.290005] ? __kthread_parkme+0x82/0x180 [ 16.290026] ? preempt_count_sub+0x50/0x80 [ 16.290051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.290077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.290103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.290130] kthread+0x337/0x6f0 [ 16.290151] ? trace_preempt_on+0x20/0xc0 [ 16.290174] ? __pfx_kthread+0x10/0x10 [ 16.290196] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.290218] ? calculate_sigpending+0x7b/0xa0 [ 16.290244] ? __pfx_kthread+0x10/0x10 [ 16.290266] ret_from_fork+0x116/0x1d0 [ 16.290286] ? __pfx_kthread+0x10/0x10 [ 16.290307] ret_from_fork_asm+0x1a/0x30 [ 16.290338] </TASK> [ 16.290350] [ 16.300475] Allocated by task 282: [ 16.300636] kasan_save_stack+0x45/0x70 [ 16.300800] kasan_save_track+0x18/0x40 [ 16.300938] kasan_save_alloc_info+0x3b/0x50 [ 16.301089] __kasan_kmalloc+0xb7/0xc0 [ 16.301223] __kmalloc_cache_noprof+0x189/0x420 [ 16.301382] kasan_atomics+0x95/0x310 [ 16.301518] kunit_try_run_case+0x1a5/0x480 [ 16.302499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.304157] kthread+0x337/0x6f0 [ 16.304460] ret_from_fork+0x116/0x1d0 [ 16.304822] ret_from_fork_asm+0x1a/0x30 [ 16.305182] [ 16.305339] The buggy address belongs to the object at ffff8881029cd380 [ 16.305339] which belongs to the cache kmalloc-64 of size 64 [ 16.306994] The buggy address is located 0 bytes to the right of [ 16.306994] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.308089] [ 16.308252] The buggy address belongs to the physical page: [ 16.308854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.309549] flags: 0x200000000000000(node=0|zone=2) [ 16.310037] page_type: f5(slab) [ 16.310359] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.311071] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.311329] page dumped because: kasan: bad access detected [ 16.311502] [ 16.311572] Memory state around the buggy address: [ 16.312027] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.312642] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.313255] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.313884] ^ [ 16.314282] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.314492] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.314710] ================================================================== [ 15.289956] ================================================================== [ 15.290274] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.290584] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.290822] [ 15.291197] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.291262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.291275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.291297] Call Trace: [ 15.291315] <TASK> [ 15.291335] dump_stack_lvl+0x73/0xb0 [ 15.291367] print_report+0xd1/0x650 [ 15.291390] ? __virt_addr_valid+0x1db/0x2d0 [ 15.291414] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.291436] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.291461] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.291484] kasan_report+0x141/0x180 [ 15.291508] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.291535] __asan_report_store4_noabort+0x1b/0x30 [ 15.291609] kasan_atomics_helper+0x4b3a/0x5450 [ 15.291659] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.291741] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.291777] ? kasan_atomics+0x152/0x310 [ 15.292036] kasan_atomics+0x1dc/0x310 [ 15.292063] ? __pfx_kasan_atomics+0x10/0x10 [ 15.292102] ? __pfx_read_tsc+0x10/0x10 [ 15.292127] ? ktime_get_ts64+0x86/0x230 [ 15.292152] kunit_try_run_case+0x1a5/0x480 [ 15.292178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.292202] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.292227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.292252] ? __kthread_parkme+0x82/0x180 [ 15.292274] ? preempt_count_sub+0x50/0x80 [ 15.292300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.292324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.292350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.292376] kthread+0x337/0x6f0 [ 15.292396] ? trace_preempt_on+0x20/0xc0 [ 15.292420] ? __pfx_kthread+0x10/0x10 [ 15.292442] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.292465] ? calculate_sigpending+0x7b/0xa0 [ 15.292490] ? __pfx_kthread+0x10/0x10 [ 15.292512] ret_from_fork+0x116/0x1d0 [ 15.292531] ? __pfx_kthread+0x10/0x10 [ 15.292553] ret_from_fork_asm+0x1a/0x30 [ 15.292585] </TASK> [ 15.292606] [ 15.301605] Allocated by task 282: [ 15.301758] kasan_save_stack+0x45/0x70 [ 15.301913] kasan_save_track+0x18/0x40 [ 15.302179] kasan_save_alloc_info+0x3b/0x50 [ 15.302572] __kasan_kmalloc+0xb7/0xc0 [ 15.303292] __kmalloc_cache_noprof+0x189/0x420 [ 15.303523] kasan_atomics+0x95/0x310 [ 15.303765] kunit_try_run_case+0x1a5/0x480 [ 15.303995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.304301] kthread+0x337/0x6f0 [ 15.304473] ret_from_fork+0x116/0x1d0 [ 15.304685] ret_from_fork_asm+0x1a/0x30 [ 15.304914] [ 15.305014] The buggy address belongs to the object at ffff8881029cd380 [ 15.305014] which belongs to the cache kmalloc-64 of size 64 [ 15.305575] The buggy address is located 0 bytes to the right of [ 15.305575] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.306133] [ 15.306271] The buggy address belongs to the physical page: [ 15.306518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.306890] flags: 0x200000000000000(node=0|zone=2) [ 15.307246] page_type: f5(slab) [ 15.307378] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.307840] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.308098] page dumped because: kasan: bad access detected [ 15.308352] [ 15.308446] Memory state around the buggy address: [ 15.308659] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.309033] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.309283] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.309611] ^ [ 15.310000] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.310228] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.310646] ================================================================== [ 15.579518] ================================================================== [ 15.580005] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.580314] Read of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.580631] [ 15.580731] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.580775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.580789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.580813] Call Trace: [ 15.580832] <TASK> [ 15.580852] dump_stack_lvl+0x73/0xb0 [ 15.580881] print_report+0xd1/0x650 [ 15.580904] ? __virt_addr_valid+0x1db/0x2d0 [ 15.580942] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.580965] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.580991] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.581014] kasan_report+0x141/0x180 [ 15.581037] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.581065] __asan_report_load4_noabort+0x18/0x20 [ 15.581092] kasan_atomics_helper+0x4a84/0x5450 [ 15.581118] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.581143] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.581170] ? kasan_atomics+0x152/0x310 [ 15.581197] kasan_atomics+0x1dc/0x310 [ 15.581221] ? __pfx_kasan_atomics+0x10/0x10 [ 15.581248] ? __pfx_read_tsc+0x10/0x10 [ 15.581271] ? ktime_get_ts64+0x86/0x230 [ 15.581297] kunit_try_run_case+0x1a5/0x480 [ 15.581322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.581347] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.581373] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.581398] ? __kthread_parkme+0x82/0x180 [ 15.581421] ? preempt_count_sub+0x50/0x80 [ 15.581446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.581471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.581496] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.581522] kthread+0x337/0x6f0 [ 15.581542] ? trace_preempt_on+0x20/0xc0 [ 15.581566] ? __pfx_kthread+0x10/0x10 [ 15.581588] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.581621] ? calculate_sigpending+0x7b/0xa0 [ 15.581647] ? __pfx_kthread+0x10/0x10 [ 15.581670] ret_from_fork+0x116/0x1d0 [ 15.581689] ? __pfx_kthread+0x10/0x10 [ 15.581710] ret_from_fork_asm+0x1a/0x30 [ 15.581742] </TASK> [ 15.581753] [ 15.590022] Allocated by task 282: [ 15.590522] kasan_save_stack+0x45/0x70 [ 15.590734] kasan_save_track+0x18/0x40 [ 15.591092] kasan_save_alloc_info+0x3b/0x50 [ 15.591304] __kasan_kmalloc+0xb7/0xc0 [ 15.591481] __kmalloc_cache_noprof+0x189/0x420 [ 15.591704] kasan_atomics+0x95/0x310 [ 15.592200] kunit_try_run_case+0x1a5/0x480 [ 15.592372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.592653] kthread+0x337/0x6f0 [ 15.593001] ret_from_fork+0x116/0x1d0 [ 15.593158] ret_from_fork_asm+0x1a/0x30 [ 15.593483] [ 15.593652] The buggy address belongs to the object at ffff8881029cd380 [ 15.593652] which belongs to the cache kmalloc-64 of size 64 [ 15.594339] The buggy address is located 0 bytes to the right of [ 15.594339] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.594991] [ 15.595096] The buggy address belongs to the physical page: [ 15.595494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.595862] flags: 0x200000000000000(node=0|zone=2) [ 15.596170] page_type: f5(slab) [ 15.596315] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.596742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.597196] page dumped because: kasan: bad access detected [ 15.597482] [ 15.597581] Memory state around the buggy address: [ 15.597800] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.598074] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.598360] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.598654] ^ [ 15.598878] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.599502] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.599953] ================================================================== [ 15.820314] ================================================================== [ 15.820641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.821206] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.821677] [ 15.821785] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.821828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.821841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.821984] Call Trace: [ 15.822002] <TASK> [ 15.822021] dump_stack_lvl+0x73/0xb0 [ 15.822052] print_report+0xd1/0x650 [ 15.822074] ? __virt_addr_valid+0x1db/0x2d0 [ 15.822098] ? kasan_atomics_helper+0x1217/0x5450 [ 15.822120] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.822145] ? kasan_atomics_helper+0x1217/0x5450 [ 15.822169] kasan_report+0x141/0x180 [ 15.822192] ? kasan_atomics_helper+0x1217/0x5450 [ 15.822220] kasan_check_range+0x10c/0x1c0 [ 15.822244] __kasan_check_write+0x18/0x20 [ 15.822263] kasan_atomics_helper+0x1217/0x5450 [ 15.822287] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.822310] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.822337] ? kasan_atomics+0x152/0x310 [ 15.822363] kasan_atomics+0x1dc/0x310 [ 15.822386] ? __pfx_kasan_atomics+0x10/0x10 [ 15.822411] ? __pfx_read_tsc+0x10/0x10 [ 15.822433] ? ktime_get_ts64+0x86/0x230 [ 15.822458] kunit_try_run_case+0x1a5/0x480 [ 15.822483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.822507] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.822531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.822556] ? __kthread_parkme+0x82/0x180 [ 15.822577] ? preempt_count_sub+0x50/0x80 [ 15.822617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.822643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.822668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.822694] kthread+0x337/0x6f0 [ 15.822714] ? trace_preempt_on+0x20/0xc0 [ 15.822738] ? __pfx_kthread+0x10/0x10 [ 15.822759] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.822795] ? calculate_sigpending+0x7b/0xa0 [ 15.822821] ? __pfx_kthread+0x10/0x10 [ 15.822847] ret_from_fork+0x116/0x1d0 [ 15.822867] ? __pfx_kthread+0x10/0x10 [ 15.822888] ret_from_fork_asm+0x1a/0x30 [ 15.822921] </TASK> [ 15.822933] [ 15.832334] Allocated by task 282: [ 15.832660] kasan_save_stack+0x45/0x70 [ 15.832873] kasan_save_track+0x18/0x40 [ 15.833049] kasan_save_alloc_info+0x3b/0x50 [ 15.833235] __kasan_kmalloc+0xb7/0xc0 [ 15.833413] __kmalloc_cache_noprof+0x189/0x420 [ 15.833625] kasan_atomics+0x95/0x310 [ 15.833794] kunit_try_run_case+0x1a5/0x480 [ 15.834306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.834507] kthread+0x337/0x6f0 [ 15.834759] ret_from_fork+0x116/0x1d0 [ 15.835073] ret_from_fork_asm+0x1a/0x30 [ 15.835231] [ 15.835329] The buggy address belongs to the object at ffff8881029cd380 [ 15.835329] which belongs to the cache kmalloc-64 of size 64 [ 15.836037] The buggy address is located 0 bytes to the right of [ 15.836037] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.836716] [ 15.836874] The buggy address belongs to the physical page: [ 15.837101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.837533] flags: 0x200000000000000(node=0|zone=2) [ 15.837758] page_type: f5(slab) [ 15.837940] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.838250] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.838549] page dumped because: kasan: bad access detected [ 15.839077] [ 15.839171] Memory state around the buggy address: [ 15.839358] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.839660] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.840113] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.840469] ^ [ 15.840646] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.841137] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.841435] ================================================================== [ 16.340606] ================================================================== [ 16.340982] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.341416] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.341884] [ 16.342001] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.342048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.342060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.342083] Call Trace: [ 16.342102] <TASK> [ 16.342121] dump_stack_lvl+0x73/0xb0 [ 16.342155] print_report+0xd1/0x650 [ 16.342179] ? __virt_addr_valid+0x1db/0x2d0 [ 16.342203] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.342226] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.342251] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.342274] kasan_report+0x141/0x180 [ 16.342297] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.342325] kasan_check_range+0x10c/0x1c0 [ 16.342349] __kasan_check_write+0x18/0x20 [ 16.342370] kasan_atomics_helper+0x1eaa/0x5450 [ 16.342394] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.342418] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.342444] ? kasan_atomics+0x152/0x310 [ 16.342471] kasan_atomics+0x1dc/0x310 [ 16.342494] ? __pfx_kasan_atomics+0x10/0x10 [ 16.342520] ? __pfx_read_tsc+0x10/0x10 [ 16.342542] ? ktime_get_ts64+0x86/0x230 [ 16.342569] kunit_try_run_case+0x1a5/0x480 [ 16.342606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.342631] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.342656] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.342681] ? __kthread_parkme+0x82/0x180 [ 16.342704] ? preempt_count_sub+0x50/0x80 [ 16.342729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.342756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.342782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.342809] kthread+0x337/0x6f0 [ 16.342834] ? trace_preempt_on+0x20/0xc0 [ 16.342860] ? __pfx_kthread+0x10/0x10 [ 16.342881] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.342903] ? calculate_sigpending+0x7b/0xa0 [ 16.342929] ? __pfx_kthread+0x10/0x10 [ 16.342951] ret_from_fork+0x116/0x1d0 [ 16.342969] ? __pfx_kthread+0x10/0x10 [ 16.342991] ret_from_fork_asm+0x1a/0x30 [ 16.343023] </TASK> [ 16.343034] [ 16.350361] Allocated by task 282: [ 16.350552] kasan_save_stack+0x45/0x70 [ 16.350754] kasan_save_track+0x18/0x40 [ 16.350943] kasan_save_alloc_info+0x3b/0x50 [ 16.351097] __kasan_kmalloc+0xb7/0xc0 [ 16.351281] __kmalloc_cache_noprof+0x189/0x420 [ 16.351523] kasan_atomics+0x95/0x310 [ 16.351758] kunit_try_run_case+0x1a5/0x480 [ 16.351945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.352202] kthread+0x337/0x6f0 [ 16.352326] ret_from_fork+0x116/0x1d0 [ 16.352464] ret_from_fork_asm+0x1a/0x30 [ 16.352617] [ 16.352713] The buggy address belongs to the object at ffff8881029cd380 [ 16.352713] which belongs to the cache kmalloc-64 of size 64 [ 16.353223] The buggy address is located 0 bytes to the right of [ 16.353223] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.353668] [ 16.353742] The buggy address belongs to the physical page: [ 16.353917] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.354297] flags: 0x200000000000000(node=0|zone=2) [ 16.354550] page_type: f5(slab) [ 16.354753] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.355134] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.355413] page dumped because: kasan: bad access detected [ 16.355587] [ 16.355690] Memory state around the buggy address: [ 16.355911] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.356252] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.356516] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.356754] ^ [ 16.357019] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.357350] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.357603] ================================================================== [ 16.488514] ================================================================== [ 16.489339] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.489682] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.490012] [ 16.490122] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.490164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.490176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.490198] Call Trace: [ 16.490215] <TASK> [ 16.490231] dump_stack_lvl+0x73/0xb0 [ 16.490260] print_report+0xd1/0x650 [ 16.490283] ? __virt_addr_valid+0x1db/0x2d0 [ 16.490307] ? kasan_atomics_helper+0x218a/0x5450 [ 16.490330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.490354] ? kasan_atomics_helper+0x218a/0x5450 [ 16.490377] kasan_report+0x141/0x180 [ 16.490400] ? kasan_atomics_helper+0x218a/0x5450 [ 16.490427] kasan_check_range+0x10c/0x1c0 [ 16.490465] __kasan_check_write+0x18/0x20 [ 16.490486] kasan_atomics_helper+0x218a/0x5450 [ 16.490509] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.490533] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.490559] ? kasan_atomics+0x152/0x310 [ 16.490586] kasan_atomics+0x1dc/0x310 [ 16.490620] ? __pfx_kasan_atomics+0x10/0x10 [ 16.490646] ? __pfx_read_tsc+0x10/0x10 [ 16.490668] ? ktime_get_ts64+0x86/0x230 [ 16.490693] kunit_try_run_case+0x1a5/0x480 [ 16.490718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.490741] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.490766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.490792] ? __kthread_parkme+0x82/0x180 [ 16.490813] ? preempt_count_sub+0x50/0x80 [ 16.490846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.490871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.490897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.490934] kthread+0x337/0x6f0 [ 16.490953] ? trace_preempt_on+0x20/0xc0 [ 16.490979] ? __pfx_kthread+0x10/0x10 [ 16.491001] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.491023] ? calculate_sigpending+0x7b/0xa0 [ 16.491049] ? __pfx_kthread+0x10/0x10 [ 16.491072] ret_from_fork+0x116/0x1d0 [ 16.491091] ? __pfx_kthread+0x10/0x10 [ 16.491114] ret_from_fork_asm+0x1a/0x30 [ 16.491146] </TASK> [ 16.491156] [ 16.498739] Allocated by task 282: [ 16.498969] kasan_save_stack+0x45/0x70 [ 16.499139] kasan_save_track+0x18/0x40 [ 16.499303] kasan_save_alloc_info+0x3b/0x50 [ 16.499464] __kasan_kmalloc+0xb7/0xc0 [ 16.499667] __kmalloc_cache_noprof+0x189/0x420 [ 16.499980] kasan_atomics+0x95/0x310 [ 16.500115] kunit_try_run_case+0x1a5/0x480 [ 16.500266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.500520] kthread+0x337/0x6f0 [ 16.500698] ret_from_fork+0x116/0x1d0 [ 16.501035] ret_from_fork_asm+0x1a/0x30 [ 16.501189] [ 16.501259] The buggy address belongs to the object at ffff8881029cd380 [ 16.501259] which belongs to the cache kmalloc-64 of size 64 [ 16.501738] The buggy address is located 0 bytes to the right of [ 16.501738] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.502291] [ 16.502365] The buggy address belongs to the physical page: [ 16.502538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.502784] flags: 0x200000000000000(node=0|zone=2) [ 16.503544] page_type: f5(slab) [ 16.503749] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.504078] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.504312] page dumped because: kasan: bad access detected [ 16.504484] [ 16.504579] Memory state around the buggy address: [ 16.504846] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.505169] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.505490] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.505843] ^ [ 16.506032] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506327] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506627] ================================================================== [ 16.315318] ================================================================== [ 16.315553] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.316197] Write of size 8 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 16.316544] [ 16.316676] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.316723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.316735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.316758] Call Trace: [ 16.316777] <TASK> [ 16.316796] dump_stack_lvl+0x73/0xb0 [ 16.316826] print_report+0xd1/0x650 [ 16.316850] ? __virt_addr_valid+0x1db/0x2d0 [ 16.316874] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.316897] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.316921] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.316944] kasan_report+0x141/0x180 [ 16.316966] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.316994] kasan_check_range+0x10c/0x1c0 [ 16.317018] __kasan_check_write+0x18/0x20 [ 16.317039] kasan_atomics_helper+0x1e12/0x5450 [ 16.317063] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.317087] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.317113] ? kasan_atomics+0x152/0x310 [ 16.317160] kasan_atomics+0x1dc/0x310 [ 16.317184] ? __pfx_kasan_atomics+0x10/0x10 [ 16.317210] ? __pfx_read_tsc+0x10/0x10 [ 16.317240] ? ktime_get_ts64+0x86/0x230 [ 16.317265] kunit_try_run_case+0x1a5/0x480 [ 16.317291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.317315] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.317341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.317366] ? __kthread_parkme+0x82/0x180 [ 16.317388] ? preempt_count_sub+0x50/0x80 [ 16.317413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.317439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.317465] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.317492] kthread+0x337/0x6f0 [ 16.317514] ? trace_preempt_on+0x20/0xc0 [ 16.317539] ? __pfx_kthread+0x10/0x10 [ 16.317560] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.317583] ? calculate_sigpending+0x7b/0xa0 [ 16.317619] ? __pfx_kthread+0x10/0x10 [ 16.317641] ret_from_fork+0x116/0x1d0 [ 16.317660] ? __pfx_kthread+0x10/0x10 [ 16.317681] ret_from_fork_asm+0x1a/0x30 [ 16.317713] </TASK> [ 16.317725] [ 16.328782] Allocated by task 282: [ 16.329346] kasan_save_stack+0x45/0x70 [ 16.329812] kasan_save_track+0x18/0x40 [ 16.330241] kasan_save_alloc_info+0x3b/0x50 [ 16.330707] __kasan_kmalloc+0xb7/0xc0 [ 16.331194] __kmalloc_cache_noprof+0x189/0x420 [ 16.331567] kasan_atomics+0x95/0x310 [ 16.332038] kunit_try_run_case+0x1a5/0x480 [ 16.332369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.332548] kthread+0x337/0x6f0 [ 16.332682] ret_from_fork+0x116/0x1d0 [ 16.332834] ret_from_fork_asm+0x1a/0x30 [ 16.332982] [ 16.333057] The buggy address belongs to the object at ffff8881029cd380 [ 16.333057] which belongs to the cache kmalloc-64 of size 64 [ 16.333889] The buggy address is located 0 bytes to the right of [ 16.333889] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 16.334379] [ 16.334462] The buggy address belongs to the physical page: [ 16.334689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 16.335305] flags: 0x200000000000000(node=0|zone=2) [ 16.335522] page_type: f5(slab) [ 16.335857] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.336252] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.336632] page dumped because: kasan: bad access detected [ 16.336926] [ 16.337026] Memory state around the buggy address: [ 16.337331] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.337711] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.338153] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.338425] ^ [ 16.338652] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.339102] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.339489] ================================================================== [ 15.356007] ================================================================== [ 15.356369] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.356737] Write of size 4 at addr ffff8881029cd3b0 by task kunit_try_catch/282 [ 15.357633] [ 15.357839] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.357898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.357910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.357932] Call Trace: [ 15.357950] <TASK> [ 15.357968] dump_stack_lvl+0x73/0xb0 [ 15.357999] print_report+0xd1/0x650 [ 15.358022] ? __virt_addr_valid+0x1db/0x2d0 [ 15.358047] ? kasan_atomics_helper+0x697/0x5450 [ 15.358070] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.358094] ? kasan_atomics_helper+0x697/0x5450 [ 15.358117] kasan_report+0x141/0x180 [ 15.358139] ? kasan_atomics_helper+0x697/0x5450 [ 15.358167] kasan_check_range+0x10c/0x1c0 [ 15.358193] __kasan_check_write+0x18/0x20 [ 15.358214] kasan_atomics_helper+0x697/0x5450 [ 15.358238] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.358294] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.358321] ? kasan_atomics+0x152/0x310 [ 15.358358] kasan_atomics+0x1dc/0x310 [ 15.358381] ? __pfx_kasan_atomics+0x10/0x10 [ 15.358406] ? __pfx_read_tsc+0x10/0x10 [ 15.358429] ? ktime_get_ts64+0x86/0x230 [ 15.358455] kunit_try_run_case+0x1a5/0x480 [ 15.358480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.358504] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.358557] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.358610] ? __kthread_parkme+0x82/0x180 [ 15.358632] ? preempt_count_sub+0x50/0x80 [ 15.358657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.358683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.358708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.358734] kthread+0x337/0x6f0 [ 15.358753] ? trace_preempt_on+0x20/0xc0 [ 15.358788] ? __pfx_kthread+0x10/0x10 [ 15.358810] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.358836] ? calculate_sigpending+0x7b/0xa0 [ 15.358862] ? __pfx_kthread+0x10/0x10 [ 15.358884] ret_from_fork+0x116/0x1d0 [ 15.358903] ? __pfx_kthread+0x10/0x10 [ 15.358925] ret_from_fork_asm+0x1a/0x30 [ 15.358957] </TASK> [ 15.358969] [ 15.366707] Allocated by task 282: [ 15.367059] kasan_save_stack+0x45/0x70 [ 15.367297] kasan_save_track+0x18/0x40 [ 15.367442] kasan_save_alloc_info+0x3b/0x50 [ 15.367602] __kasan_kmalloc+0xb7/0xc0 [ 15.367736] __kmalloc_cache_noprof+0x189/0x420 [ 15.367894] kasan_atomics+0x95/0x310 [ 15.368112] kunit_try_run_case+0x1a5/0x480 [ 15.368340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.368609] kthread+0x337/0x6f0 [ 15.368826] ret_from_fork+0x116/0x1d0 [ 15.369155] ret_from_fork_asm+0x1a/0x30 [ 15.369402] [ 15.369544] The buggy address belongs to the object at ffff8881029cd380 [ 15.369544] which belongs to the cache kmalloc-64 of size 64 [ 15.370062] The buggy address is located 0 bytes to the right of [ 15.370062] allocated 48-byte region [ffff8881029cd380, ffff8881029cd3b0) [ 15.370613] [ 15.370689] The buggy address belongs to the physical page: [ 15.370867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cd [ 15.371481] flags: 0x200000000000000(node=0|zone=2) [ 15.371731] page_type: f5(slab) [ 15.371947] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.372305] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.372580] page dumped because: kasan: bad access detected [ 15.372900] [ 15.372994] Memory state around the buggy address: [ 15.373243] ffff8881029cd280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.373548] ffff8881029cd300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.373897] >ffff8881029cd380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.374112] ^ [ 15.374272] ffff8881029cd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.374547] ffff8881029cd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.375062] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.982383] ================================================================== [ 14.982709] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.983487] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 14.984124] [ 14.984375] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.984425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.984438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.984459] Call Trace: [ 14.984473] <TASK> [ 14.984526] dump_stack_lvl+0x73/0xb0 [ 14.984559] print_report+0xd1/0x650 [ 14.984581] ? __virt_addr_valid+0x1db/0x2d0 [ 14.984616] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.984644] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.984667] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.984696] kasan_report+0x141/0x180 [ 14.984719] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.984752] kasan_check_range+0x10c/0x1c0 [ 14.984785] __kasan_check_write+0x18/0x20 [ 14.984805] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.984833] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.984863] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.984887] ? trace_hardirqs_on+0x37/0xe0 [ 14.984910] ? kasan_bitops_generic+0x92/0x1c0 [ 14.984937] kasan_bitops_generic+0x121/0x1c0 [ 14.984962] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.984987] ? __pfx_read_tsc+0x10/0x10 [ 14.985007] ? ktime_get_ts64+0x86/0x230 [ 14.985032] kunit_try_run_case+0x1a5/0x480 [ 14.985055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.985078] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.985101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.985125] ? __kthread_parkme+0x82/0x180 [ 14.985145] ? preempt_count_sub+0x50/0x80 [ 14.985169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.985193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.985217] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.985241] kthread+0x337/0x6f0 [ 14.985261] ? trace_preempt_on+0x20/0xc0 [ 14.985283] ? __pfx_kthread+0x10/0x10 [ 14.985302] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.985324] ? calculate_sigpending+0x7b/0xa0 [ 14.985348] ? __pfx_kthread+0x10/0x10 [ 14.985369] ret_from_fork+0x116/0x1d0 [ 14.985387] ? __pfx_kthread+0x10/0x10 [ 14.985406] ret_from_fork_asm+0x1a/0x30 [ 14.985437] </TASK> [ 14.985446] [ 14.996760] Allocated by task 278: [ 14.996915] kasan_save_stack+0x45/0x70 [ 14.997137] kasan_save_track+0x18/0x40 [ 14.997342] kasan_save_alloc_info+0x3b/0x50 [ 14.997559] __kasan_kmalloc+0xb7/0xc0 [ 14.997733] __kmalloc_cache_noprof+0x189/0x420 [ 14.998024] kasan_bitops_generic+0x92/0x1c0 [ 14.998174] kunit_try_run_case+0x1a5/0x480 [ 14.998372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.998643] kthread+0x337/0x6f0 [ 14.999249] ret_from_fork+0x116/0x1d0 [ 14.999398] ret_from_fork_asm+0x1a/0x30 [ 14.999540] [ 14.999624] The buggy address belongs to the object at ffff888102434620 [ 14.999624] which belongs to the cache kmalloc-16 of size 16 [ 15.000072] The buggy address is located 8 bytes inside of [ 15.000072] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 15.002068] [ 15.002154] The buggy address belongs to the physical page: [ 15.002333] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 15.002580] flags: 0x200000000000000(node=0|zone=2) [ 15.003933] page_type: f5(slab) [ 15.004523] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.005188] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.006149] page dumped because: kasan: bad access detected [ 15.006372] [ 15.006445] Memory state around the buggy address: [ 15.006614] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 15.006844] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.007062] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.007274] ^ [ 15.007422] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.008335] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.009087] ================================================================== [ 14.929035] ================================================================== [ 14.929380] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.929949] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 14.930229] [ 14.930312] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.930354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.930366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.930386] Call Trace: [ 14.930403] <TASK> [ 14.930418] dump_stack_lvl+0x73/0xb0 [ 14.930444] print_report+0xd1/0x650 [ 14.930465] ? __virt_addr_valid+0x1db/0x2d0 [ 14.930486] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.930537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.930561] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.930590] kasan_report+0x141/0x180 [ 14.930620] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.930657] kasan_check_range+0x10c/0x1c0 [ 14.930679] __kasan_check_write+0x18/0x20 [ 14.930699] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.930728] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.930757] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.930814] ? trace_hardirqs_on+0x37/0xe0 [ 14.930843] ? kasan_bitops_generic+0x92/0x1c0 [ 14.930870] kasan_bitops_generic+0x121/0x1c0 [ 14.930894] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.930919] ? __pfx_read_tsc+0x10/0x10 [ 14.930941] ? ktime_get_ts64+0x86/0x230 [ 14.930965] kunit_try_run_case+0x1a5/0x480 [ 14.930989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.931011] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.931035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.931059] ? __kthread_parkme+0x82/0x180 [ 14.931078] ? preempt_count_sub+0x50/0x80 [ 14.931104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.931130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.931163] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.931189] kthread+0x337/0x6f0 [ 14.931208] ? trace_preempt_on+0x20/0xc0 [ 14.931229] ? __pfx_kthread+0x10/0x10 [ 14.931249] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.931270] ? calculate_sigpending+0x7b/0xa0 [ 14.931295] ? __pfx_kthread+0x10/0x10 [ 14.931316] ret_from_fork+0x116/0x1d0 [ 14.931333] ? __pfx_kthread+0x10/0x10 [ 14.931354] ret_from_fork_asm+0x1a/0x30 [ 14.931384] </TASK> [ 14.931394] [ 14.943539] Allocated by task 278: [ 14.944310] kasan_save_stack+0x45/0x70 [ 14.944644] kasan_save_track+0x18/0x40 [ 14.945106] kasan_save_alloc_info+0x3b/0x50 [ 14.945480] __kasan_kmalloc+0xb7/0xc0 [ 14.945680] __kmalloc_cache_noprof+0x189/0x420 [ 14.946322] kasan_bitops_generic+0x92/0x1c0 [ 14.946727] kunit_try_run_case+0x1a5/0x480 [ 14.947190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.947674] kthread+0x337/0x6f0 [ 14.948113] ret_from_fork+0x116/0x1d0 [ 14.948359] ret_from_fork_asm+0x1a/0x30 [ 14.948673] [ 14.948911] The buggy address belongs to the object at ffff888102434620 [ 14.948911] which belongs to the cache kmalloc-16 of size 16 [ 14.949590] The buggy address is located 8 bytes inside of [ 14.949590] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 14.950629] [ 14.950734] The buggy address belongs to the physical page: [ 14.951272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 14.951754] flags: 0x200000000000000(node=0|zone=2) [ 14.952190] page_type: f5(slab) [ 14.952364] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.952684] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.953300] page dumped because: kasan: bad access detected [ 14.953790] [ 14.953873] Memory state around the buggy address: [ 14.954266] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 14.954565] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.954841] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.955124] ^ [ 14.955333] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.955682] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.955979] ================================================================== [ 15.115095] ================================================================== [ 15.115388] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.115792] Read of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 15.116176] [ 15.116293] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.116337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.116348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.116369] Call Trace: [ 15.116387] <TASK> [ 15.116405] dump_stack_lvl+0x73/0xb0 [ 15.116432] print_report+0xd1/0x650 [ 15.116453] ? __virt_addr_valid+0x1db/0x2d0 [ 15.116476] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.116505] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.116528] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.116557] kasan_report+0x141/0x180 [ 15.116578] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.116625] __asan_report_load8_noabort+0x18/0x20 [ 15.116671] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.116715] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.116745] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.116770] ? trace_hardirqs_on+0x37/0xe0 [ 15.116819] ? kasan_bitops_generic+0x92/0x1c0 [ 15.116860] kasan_bitops_generic+0x121/0x1c0 [ 15.116896] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.116935] ? __pfx_read_tsc+0x10/0x10 [ 15.116970] ? ktime_get_ts64+0x86/0x230 [ 15.117008] kunit_try_run_case+0x1a5/0x480 [ 15.117044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.117080] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.117131] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.117168] ? __kthread_parkme+0x82/0x180 [ 15.117202] ? preempt_count_sub+0x50/0x80 [ 15.117253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.117290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.117341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.117379] kthread+0x337/0x6f0 [ 15.117411] ? trace_preempt_on+0x20/0xc0 [ 15.117459] ? __pfx_kthread+0x10/0x10 [ 15.117492] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.117514] ? calculate_sigpending+0x7b/0xa0 [ 15.117552] ? __pfx_kthread+0x10/0x10 [ 15.117587] ret_from_fork+0x116/0x1d0 [ 15.117615] ? __pfx_kthread+0x10/0x10 [ 15.117636] ret_from_fork_asm+0x1a/0x30 [ 15.117667] </TASK> [ 15.117678] [ 15.126324] Allocated by task 278: [ 15.126519] kasan_save_stack+0x45/0x70 [ 15.126754] kasan_save_track+0x18/0x40 [ 15.126960] kasan_save_alloc_info+0x3b/0x50 [ 15.127174] __kasan_kmalloc+0xb7/0xc0 [ 15.127372] __kmalloc_cache_noprof+0x189/0x420 [ 15.127572] kasan_bitops_generic+0x92/0x1c0 [ 15.127732] kunit_try_run_case+0x1a5/0x480 [ 15.127988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.128425] kthread+0x337/0x6f0 [ 15.128584] ret_from_fork+0x116/0x1d0 [ 15.128745] ret_from_fork_asm+0x1a/0x30 [ 15.128894] [ 15.128994] The buggy address belongs to the object at ffff888102434620 [ 15.128994] which belongs to the cache kmalloc-16 of size 16 [ 15.129558] The buggy address is located 8 bytes inside of [ 15.129558] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 15.130141] [ 15.130238] The buggy address belongs to the physical page: [ 15.130482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 15.130734] flags: 0x200000000000000(node=0|zone=2) [ 15.130901] page_type: f5(slab) [ 15.131083] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.131473] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.131850] page dumped because: kasan: bad access detected [ 15.132156] [ 15.132247] Memory state around the buggy address: [ 15.132401] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 15.132721] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.133080] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.133379] ^ [ 15.133582] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.133846] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.134184] ================================================================== [ 15.010300] ================================================================== [ 15.010751] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.011170] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 15.011919] [ 15.012101] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.012147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.012159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.012180] Call Trace: [ 15.012199] <TASK> [ 15.012217] dump_stack_lvl+0x73/0xb0 [ 15.012247] print_report+0xd1/0x650 [ 15.012270] ? __virt_addr_valid+0x1db/0x2d0 [ 15.012295] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.012323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.012346] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.012387] kasan_report+0x141/0x180 [ 15.012407] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.012441] kasan_check_range+0x10c/0x1c0 [ 15.012464] __kasan_check_write+0x18/0x20 [ 15.012483] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.012512] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.012543] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.012569] ? trace_hardirqs_on+0x37/0xe0 [ 15.012604] ? kasan_bitops_generic+0x92/0x1c0 [ 15.012639] kasan_bitops_generic+0x121/0x1c0 [ 15.012662] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.012688] ? __pfx_read_tsc+0x10/0x10 [ 15.012709] ? ktime_get_ts64+0x86/0x230 [ 15.012734] kunit_try_run_case+0x1a5/0x480 [ 15.012757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.012791] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.012815] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.012838] ? __kthread_parkme+0x82/0x180 [ 15.012859] ? preempt_count_sub+0x50/0x80 [ 15.012884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.012908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.012933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.012958] kthread+0x337/0x6f0 [ 15.012976] ? trace_preempt_on+0x20/0xc0 [ 15.012998] ? __pfx_kthread+0x10/0x10 [ 15.013018] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.013039] ? calculate_sigpending+0x7b/0xa0 [ 15.013064] ? __pfx_kthread+0x10/0x10 [ 15.013085] ret_from_fork+0x116/0x1d0 [ 15.013103] ? __pfx_kthread+0x10/0x10 [ 15.013123] ret_from_fork_asm+0x1a/0x30 [ 15.013154] </TASK> [ 15.013164] [ 15.027436] Allocated by task 278: [ 15.027764] kasan_save_stack+0x45/0x70 [ 15.028176] kasan_save_track+0x18/0x40 [ 15.028533] kasan_save_alloc_info+0x3b/0x50 [ 15.028957] __kasan_kmalloc+0xb7/0xc0 [ 15.029356] __kmalloc_cache_noprof+0x189/0x420 [ 15.029765] kasan_bitops_generic+0x92/0x1c0 [ 15.030148] kunit_try_run_case+0x1a5/0x480 [ 15.030522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.031038] kthread+0x337/0x6f0 [ 15.031352] ret_from_fork+0x116/0x1d0 [ 15.031530] ret_from_fork_asm+0x1a/0x30 [ 15.031686] [ 15.031759] The buggy address belongs to the object at ffff888102434620 [ 15.031759] which belongs to the cache kmalloc-16 of size 16 [ 15.032119] The buggy address is located 8 bytes inside of [ 15.032119] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 15.032472] [ 15.032543] The buggy address belongs to the physical page: [ 15.032744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 15.033126] flags: 0x200000000000000(node=0|zone=2) [ 15.033292] page_type: f5(slab) [ 15.033411] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.033789] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.034079] page dumped because: kasan: bad access detected [ 15.034285] [ 15.034379] Memory state around the buggy address: [ 15.034618] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 15.035141] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.035419] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.035679] ^ [ 15.036033] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.036312] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.036566] ================================================================== [ 15.037181] ================================================================== [ 15.037869] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.038240] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 15.038524] [ 15.038621] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.038664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.038676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.038697] Call Trace: [ 15.038712] <TASK> [ 15.038730] dump_stack_lvl+0x73/0xb0 [ 15.038757] print_report+0xd1/0x650 [ 15.038778] ? __virt_addr_valid+0x1db/0x2d0 [ 15.038811] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.038843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.038866] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.038894] kasan_report+0x141/0x180 [ 15.038916] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.038949] kasan_check_range+0x10c/0x1c0 [ 15.038973] __kasan_check_write+0x18/0x20 [ 15.038993] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.039022] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.039051] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.039075] ? trace_hardirqs_on+0x37/0xe0 [ 15.039097] ? kasan_bitops_generic+0x92/0x1c0 [ 15.039124] kasan_bitops_generic+0x121/0x1c0 [ 15.039148] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.039174] ? __pfx_read_tsc+0x10/0x10 [ 15.039194] ? ktime_get_ts64+0x86/0x230 [ 15.039218] kunit_try_run_case+0x1a5/0x480 [ 15.039241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.039264] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.039288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.039312] ? __kthread_parkme+0x82/0x180 [ 15.039332] ? preempt_count_sub+0x50/0x80 [ 15.039356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.039380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.039404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.039429] kthread+0x337/0x6f0 [ 15.039447] ? trace_preempt_on+0x20/0xc0 [ 15.039469] ? __pfx_kthread+0x10/0x10 [ 15.039489] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.039510] ? calculate_sigpending+0x7b/0xa0 [ 15.039534] ? __pfx_kthread+0x10/0x10 [ 15.039556] ret_from_fork+0x116/0x1d0 [ 15.039574] ? __pfx_kthread+0x10/0x10 [ 15.039604] ret_from_fork_asm+0x1a/0x30 [ 15.039634] </TASK> [ 15.039643] [ 15.047547] Allocated by task 278: [ 15.047689] kasan_save_stack+0x45/0x70 [ 15.047972] kasan_save_track+0x18/0x40 [ 15.048170] kasan_save_alloc_info+0x3b/0x50 [ 15.048388] __kasan_kmalloc+0xb7/0xc0 [ 15.048576] __kmalloc_cache_noprof+0x189/0x420 [ 15.048834] kasan_bitops_generic+0x92/0x1c0 [ 15.049021] kunit_try_run_case+0x1a5/0x480 [ 15.049191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.049367] kthread+0x337/0x6f0 [ 15.049487] ret_from_fork+0x116/0x1d0 [ 15.049629] ret_from_fork_asm+0x1a/0x30 [ 15.049822] [ 15.049913] The buggy address belongs to the object at ffff888102434620 [ 15.049913] which belongs to the cache kmalloc-16 of size 16 [ 15.050440] The buggy address is located 8 bytes inside of [ 15.050440] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 15.051091] [ 15.051163] The buggy address belongs to the physical page: [ 15.051334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 15.051572] flags: 0x200000000000000(node=0|zone=2) [ 15.051852] page_type: f5(slab) [ 15.052024] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.052365] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.052716] page dumped because: kasan: bad access detected [ 15.053138] [ 15.053209] Memory state around the buggy address: [ 15.053409] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 15.053679] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.054107] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.054320] ^ [ 15.054519] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.054873] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.055214] ================================================================== [ 15.074609] ================================================================== [ 15.075017] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.075423] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 15.075751] [ 15.075929] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.075994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.076019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.076052] Call Trace: [ 15.076068] <TASK> [ 15.076098] dump_stack_lvl+0x73/0xb0 [ 15.076151] print_report+0xd1/0x650 [ 15.076186] ? __virt_addr_valid+0x1db/0x2d0 [ 15.076223] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.076252] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.076302] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.076344] kasan_report+0x141/0x180 [ 15.076366] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.076399] kasan_check_range+0x10c/0x1c0 [ 15.076424] __kasan_check_write+0x18/0x20 [ 15.076443] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.076472] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.076503] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.076527] ? trace_hardirqs_on+0x37/0xe0 [ 15.076551] ? kasan_bitops_generic+0x92/0x1c0 [ 15.076577] kasan_bitops_generic+0x121/0x1c0 [ 15.076611] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.076637] ? __pfx_read_tsc+0x10/0x10 [ 15.076657] ? ktime_get_ts64+0x86/0x230 [ 15.076681] kunit_try_run_case+0x1a5/0x480 [ 15.076704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.076727] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.076751] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.076774] ? __kthread_parkme+0x82/0x180 [ 15.076794] ? preempt_count_sub+0x50/0x80 [ 15.076819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.076843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.076866] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.076891] kthread+0x337/0x6f0 [ 15.076910] ? trace_preempt_on+0x20/0xc0 [ 15.076932] ? __pfx_kthread+0x10/0x10 [ 15.076951] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.076973] ? calculate_sigpending+0x7b/0xa0 [ 15.076997] ? __pfx_kthread+0x10/0x10 [ 15.077018] ret_from_fork+0x116/0x1d0 [ 15.077035] ? __pfx_kthread+0x10/0x10 [ 15.077056] ret_from_fork_asm+0x1a/0x30 [ 15.077087] </TASK> [ 15.077097] [ 15.086352] Allocated by task 278: [ 15.086551] kasan_save_stack+0x45/0x70 [ 15.086754] kasan_save_track+0x18/0x40 [ 15.086954] kasan_save_alloc_info+0x3b/0x50 [ 15.087192] __kasan_kmalloc+0xb7/0xc0 [ 15.087377] __kmalloc_cache_noprof+0x189/0x420 [ 15.087575] kasan_bitops_generic+0x92/0x1c0 [ 15.087738] kunit_try_run_case+0x1a5/0x480 [ 15.088170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.088434] kthread+0x337/0x6f0 [ 15.088630] ret_from_fork+0x116/0x1d0 [ 15.088827] ret_from_fork_asm+0x1a/0x30 [ 15.088998] [ 15.089080] The buggy address belongs to the object at ffff888102434620 [ 15.089080] which belongs to the cache kmalloc-16 of size 16 [ 15.089620] The buggy address is located 8 bytes inside of [ 15.089620] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 15.090178] [ 15.090302] The buggy address belongs to the physical page: [ 15.090586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 15.090949] flags: 0x200000000000000(node=0|zone=2) [ 15.091188] page_type: f5(slab) [ 15.091486] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.091838] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.092185] page dumped because: kasan: bad access detected [ 15.092364] [ 15.092433] Memory state around the buggy address: [ 15.092588] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 15.092948] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.093290] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.093621] ^ [ 15.093920] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.094268] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.094546] ================================================================== [ 14.956522] ================================================================== [ 14.956874] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.957275] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 14.957584] [ 14.957683] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.957727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.957738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.957758] Call Trace: [ 14.957775] <TASK> [ 14.957793] dump_stack_lvl+0x73/0xb0 [ 14.957821] print_report+0xd1/0x650 [ 14.957844] ? __virt_addr_valid+0x1db/0x2d0 [ 14.957867] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.957895] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.957919] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.957948] kasan_report+0x141/0x180 [ 14.957969] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.958002] kasan_check_range+0x10c/0x1c0 [ 14.958025] __kasan_check_write+0x18/0x20 [ 14.958044] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.958072] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.958102] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.958127] ? trace_hardirqs_on+0x37/0xe0 [ 14.958150] ? kasan_bitops_generic+0x92/0x1c0 [ 14.958177] kasan_bitops_generic+0x121/0x1c0 [ 14.958201] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.958226] ? __pfx_read_tsc+0x10/0x10 [ 14.958247] ? ktime_get_ts64+0x86/0x230 [ 14.958271] kunit_try_run_case+0x1a5/0x480 [ 14.958295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.958317] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.958341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.958364] ? __kthread_parkme+0x82/0x180 [ 14.958385] ? preempt_count_sub+0x50/0x80 [ 14.958409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.958433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.958458] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.958484] kthread+0x337/0x6f0 [ 14.958503] ? trace_preempt_on+0x20/0xc0 [ 14.958524] ? __pfx_kthread+0x10/0x10 [ 14.958545] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.958567] ? calculate_sigpending+0x7b/0xa0 [ 14.958591] ? __pfx_kthread+0x10/0x10 [ 14.958623] ret_from_fork+0x116/0x1d0 [ 14.958642] ? __pfx_kthread+0x10/0x10 [ 14.958662] ret_from_fork_asm+0x1a/0x30 [ 14.958693] </TASK> [ 14.958703] [ 14.969028] Allocated by task 278: [ 14.969166] kasan_save_stack+0x45/0x70 [ 14.969657] kasan_save_track+0x18/0x40 [ 14.970064] kasan_save_alloc_info+0x3b/0x50 [ 14.970413] __kasan_kmalloc+0xb7/0xc0 [ 14.970757] __kmalloc_cache_noprof+0x189/0x420 [ 14.971048] kasan_bitops_generic+0x92/0x1c0 [ 14.971541] kunit_try_run_case+0x1a5/0x480 [ 14.971881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.972317] kthread+0x337/0x6f0 [ 14.972717] ret_from_fork+0x116/0x1d0 [ 14.972995] ret_from_fork_asm+0x1a/0x30 [ 14.973181] [ 14.973270] The buggy address belongs to the object at ffff888102434620 [ 14.973270] which belongs to the cache kmalloc-16 of size 16 [ 14.973762] The buggy address is located 8 bytes inside of [ 14.973762] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 14.974646] [ 14.974878] The buggy address belongs to the physical page: [ 14.975328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 14.976319] flags: 0x200000000000000(node=0|zone=2) [ 14.976557] page_type: f5(slab) [ 14.976725] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.977287] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.977741] page dumped because: kasan: bad access detected [ 14.978164] [ 14.978266] Memory state around the buggy address: [ 14.978471] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 14.979018] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.979459] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.980036] ^ [ 14.980234] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.980529] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.981145] ================================================================== [ 15.055648] ================================================================== [ 15.056202] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.056673] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 15.056898] [ 15.056977] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.057018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.057030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.057051] Call Trace: [ 15.057064] <TASK> [ 15.057078] dump_stack_lvl+0x73/0xb0 [ 15.057104] print_report+0xd1/0x650 [ 15.057125] ? __virt_addr_valid+0x1db/0x2d0 [ 15.057147] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.057176] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.057201] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.057229] kasan_report+0x141/0x180 [ 15.057250] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.057283] kasan_check_range+0x10c/0x1c0 [ 15.057306] __kasan_check_write+0x18/0x20 [ 15.057326] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.057355] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.057385] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.057409] ? trace_hardirqs_on+0x37/0xe0 [ 15.057432] ? kasan_bitops_generic+0x92/0x1c0 [ 15.057459] kasan_bitops_generic+0x121/0x1c0 [ 15.057483] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.057508] ? __pfx_read_tsc+0x10/0x10 [ 15.057543] ? ktime_get_ts64+0x86/0x230 [ 15.057569] kunit_try_run_case+0x1a5/0x480 [ 15.057603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.057625] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.057649] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.057673] ? __kthread_parkme+0x82/0x180 [ 15.057692] ? preempt_count_sub+0x50/0x80 [ 15.057716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.057740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.057764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.057789] kthread+0x337/0x6f0 [ 15.057809] ? trace_preempt_on+0x20/0xc0 [ 15.057830] ? __pfx_kthread+0x10/0x10 [ 15.057850] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.057871] ? calculate_sigpending+0x7b/0xa0 [ 15.057896] ? __pfx_kthread+0x10/0x10 [ 15.057916] ret_from_fork+0x116/0x1d0 [ 15.057934] ? __pfx_kthread+0x10/0x10 [ 15.057954] ret_from_fork_asm+0x1a/0x30 [ 15.057984] </TASK> [ 15.057996] [ 15.065980] Allocated by task 278: [ 15.066164] kasan_save_stack+0x45/0x70 [ 15.066343] kasan_save_track+0x18/0x40 [ 15.066475] kasan_save_alloc_info+0x3b/0x50 [ 15.066629] __kasan_kmalloc+0xb7/0xc0 [ 15.066759] __kmalloc_cache_noprof+0x189/0x420 [ 15.066918] kasan_bitops_generic+0x92/0x1c0 [ 15.067062] kunit_try_run_case+0x1a5/0x480 [ 15.067252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.067521] kthread+0x337/0x6f0 [ 15.067710] ret_from_fork+0x116/0x1d0 [ 15.067925] ret_from_fork_asm+0x1a/0x30 [ 15.068134] [ 15.068244] The buggy address belongs to the object at ffff888102434620 [ 15.068244] which belongs to the cache kmalloc-16 of size 16 [ 15.069031] The buggy address is located 8 bytes inside of [ 15.069031] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 15.069658] [ 15.069758] The buggy address belongs to the physical page: [ 15.070019] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 15.070370] flags: 0x200000000000000(node=0|zone=2) [ 15.070617] page_type: f5(slab) [ 15.070797] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.071103] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.071332] page dumped because: kasan: bad access detected [ 15.071503] [ 15.071571] Memory state around the buggy address: [ 15.071736] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 15.072007] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.072350] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.072835] ^ [ 15.073072] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.073419] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.073896] ================================================================== [ 15.095117] ================================================================== [ 15.095457] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.095882] Read of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 15.096202] [ 15.096307] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.096366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.096377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.096396] Call Trace: [ 15.096411] <TASK> [ 15.096426] dump_stack_lvl+0x73/0xb0 [ 15.096453] print_report+0xd1/0x650 [ 15.096474] ? __virt_addr_valid+0x1db/0x2d0 [ 15.096515] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.096544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.096567] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.096607] kasan_report+0x141/0x180 [ 15.096628] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.096661] kasan_check_range+0x10c/0x1c0 [ 15.096684] __kasan_check_read+0x15/0x20 [ 15.096703] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.096732] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.096762] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.096794] ? trace_hardirqs_on+0x37/0xe0 [ 15.096816] ? kasan_bitops_generic+0x92/0x1c0 [ 15.096861] kasan_bitops_generic+0x121/0x1c0 [ 15.096885] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.096910] ? __pfx_read_tsc+0x10/0x10 [ 15.096932] ? ktime_get_ts64+0x86/0x230 [ 15.096956] kunit_try_run_case+0x1a5/0x480 [ 15.096980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.097003] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.097043] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.097068] ? __kthread_parkme+0x82/0x180 [ 15.097087] ? preempt_count_sub+0x50/0x80 [ 15.097110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.097134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.097159] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.097184] kthread+0x337/0x6f0 [ 15.097203] ? trace_preempt_on+0x20/0xc0 [ 15.097241] ? __pfx_kthread+0x10/0x10 [ 15.097262] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.097283] ? calculate_sigpending+0x7b/0xa0 [ 15.097324] ? __pfx_kthread+0x10/0x10 [ 15.097345] ret_from_fork+0x116/0x1d0 [ 15.097363] ? __pfx_kthread+0x10/0x10 [ 15.097384] ret_from_fork_asm+0x1a/0x30 [ 15.097414] </TASK> [ 15.097424] [ 15.106153] Allocated by task 278: [ 15.106327] kasan_save_stack+0x45/0x70 [ 15.106526] kasan_save_track+0x18/0x40 [ 15.106732] kasan_save_alloc_info+0x3b/0x50 [ 15.107007] __kasan_kmalloc+0xb7/0xc0 [ 15.107160] __kmalloc_cache_noprof+0x189/0x420 [ 15.107381] kasan_bitops_generic+0x92/0x1c0 [ 15.107604] kunit_try_run_case+0x1a5/0x480 [ 15.107826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.108142] kthread+0x337/0x6f0 [ 15.108358] ret_from_fork+0x116/0x1d0 [ 15.108574] ret_from_fork_asm+0x1a/0x30 [ 15.108762] [ 15.108854] The buggy address belongs to the object at ffff888102434620 [ 15.108854] which belongs to the cache kmalloc-16 of size 16 [ 15.109395] The buggy address is located 8 bytes inside of [ 15.109395] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 15.109874] [ 15.109970] The buggy address belongs to the physical page: [ 15.110188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 15.110433] flags: 0x200000000000000(node=0|zone=2) [ 15.110608] page_type: f5(slab) [ 15.110728] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.111400] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.111783] page dumped because: kasan: bad access detected [ 15.112059] [ 15.112174] Memory state around the buggy address: [ 15.112423] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 15.112718] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.113216] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.113538] ^ [ 15.113707] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.113932] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.114274] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.842269] ================================================================== [ 14.842511] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.842953] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 14.843179] [ 14.843354] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.843397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.843407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.843427] Call Trace: [ 14.843444] <TASK> [ 14.843460] dump_stack_lvl+0x73/0xb0 [ 14.843487] print_report+0xd1/0x650 [ 14.843509] ? __virt_addr_valid+0x1db/0x2d0 [ 14.843533] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.843559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.843582] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.843621] kasan_report+0x141/0x180 [ 14.843642] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.843673] kasan_check_range+0x10c/0x1c0 [ 14.843697] __kasan_check_write+0x18/0x20 [ 14.843717] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.843743] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.843790] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.843832] ? trace_hardirqs_on+0x37/0xe0 [ 14.843854] ? kasan_bitops_generic+0x92/0x1c0 [ 14.843881] kasan_bitops_generic+0x116/0x1c0 [ 14.843905] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.843930] ? __pfx_read_tsc+0x10/0x10 [ 14.843951] ? ktime_get_ts64+0x86/0x230 [ 14.843976] kunit_try_run_case+0x1a5/0x480 [ 14.844000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844023] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.844047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.844070] ? __kthread_parkme+0x82/0x180 [ 14.844091] ? preempt_count_sub+0x50/0x80 [ 14.844127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.844176] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.844203] kthread+0x337/0x6f0 [ 14.844221] ? trace_preempt_on+0x20/0xc0 [ 14.844243] ? __pfx_kthread+0x10/0x10 [ 14.844263] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.844285] ? calculate_sigpending+0x7b/0xa0 [ 14.844308] ? __pfx_kthread+0x10/0x10 [ 14.844329] ret_from_fork+0x116/0x1d0 [ 14.844348] ? __pfx_kthread+0x10/0x10 [ 14.844367] ret_from_fork_asm+0x1a/0x30 [ 14.844397] </TASK> [ 14.844408] [ 14.852264] Allocated by task 278: [ 14.852409] kasan_save_stack+0x45/0x70 [ 14.852559] kasan_save_track+0x18/0x40 [ 14.852879] kasan_save_alloc_info+0x3b/0x50 [ 14.853344] __kasan_kmalloc+0xb7/0xc0 [ 14.853539] __kmalloc_cache_noprof+0x189/0x420 [ 14.853828] kasan_bitops_generic+0x92/0x1c0 [ 14.854250] kunit_try_run_case+0x1a5/0x480 [ 14.854462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.854729] kthread+0x337/0x6f0 [ 14.854949] ret_from_fork+0x116/0x1d0 [ 14.855231] ret_from_fork_asm+0x1a/0x30 [ 14.855406] [ 14.855501] The buggy address belongs to the object at ffff888102434620 [ 14.855501] which belongs to the cache kmalloc-16 of size 16 [ 14.855914] The buggy address is located 8 bytes inside of [ 14.855914] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 14.856400] [ 14.856496] The buggy address belongs to the physical page: [ 14.856759] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 14.857395] flags: 0x200000000000000(node=0|zone=2) [ 14.857573] page_type: f5(slab) [ 14.857759] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.858567] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.858905] page dumped because: kasan: bad access detected [ 14.859083] [ 14.859155] Memory state around the buggy address: [ 14.859311] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 14.859526] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.860360] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.860701] ^ [ 14.860923] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.861239] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.861551] ================================================================== [ 14.863345] ================================================================== [ 14.864078] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.864464] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 14.865173] [ 14.865396] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.865536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.865550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.865572] Call Trace: [ 14.865631] <TASK> [ 14.865650] dump_stack_lvl+0x73/0xb0 [ 14.865682] print_report+0xd1/0x650 [ 14.865704] ? __virt_addr_valid+0x1db/0x2d0 [ 14.865727] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.865754] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.865816] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.865843] kasan_report+0x141/0x180 [ 14.865864] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.865895] kasan_check_range+0x10c/0x1c0 [ 14.865919] __kasan_check_write+0x18/0x20 [ 14.865938] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.865965] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.865992] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.866017] ? trace_hardirqs_on+0x37/0xe0 [ 14.866039] ? kasan_bitops_generic+0x92/0x1c0 [ 14.866066] kasan_bitops_generic+0x116/0x1c0 [ 14.866090] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.866115] ? __pfx_read_tsc+0x10/0x10 [ 14.866138] ? ktime_get_ts64+0x86/0x230 [ 14.866162] kunit_try_run_case+0x1a5/0x480 [ 14.866185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.866208] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.866232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.866257] ? __kthread_parkme+0x82/0x180 [ 14.866278] ? preempt_count_sub+0x50/0x80 [ 14.866302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.866327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.866352] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.866377] kthread+0x337/0x6f0 [ 14.866396] ? trace_preempt_on+0x20/0xc0 [ 14.866418] ? __pfx_kthread+0x10/0x10 [ 14.866438] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.866460] ? calculate_sigpending+0x7b/0xa0 [ 14.866485] ? __pfx_kthread+0x10/0x10 [ 14.866505] ret_from_fork+0x116/0x1d0 [ 14.866522] ? __pfx_kthread+0x10/0x10 [ 14.866542] ret_from_fork_asm+0x1a/0x30 [ 14.866573] </TASK> [ 14.866583] [ 14.879252] Allocated by task 278: [ 14.879414] kasan_save_stack+0x45/0x70 [ 14.879580] kasan_save_track+0x18/0x40 [ 14.879764] kasan_save_alloc_info+0x3b/0x50 [ 14.880057] __kasan_kmalloc+0xb7/0xc0 [ 14.880212] __kmalloc_cache_noprof+0x189/0x420 [ 14.880446] kasan_bitops_generic+0x92/0x1c0 [ 14.880634] kunit_try_run_case+0x1a5/0x480 [ 14.880782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.881172] kthread+0x337/0x6f0 [ 14.881340] ret_from_fork+0x116/0x1d0 [ 14.881583] ret_from_fork_asm+0x1a/0x30 [ 14.881750] [ 14.881936] The buggy address belongs to the object at ffff888102434620 [ 14.881936] which belongs to the cache kmalloc-16 of size 16 [ 14.882392] The buggy address is located 8 bytes inside of [ 14.882392] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 14.882802] [ 14.882901] The buggy address belongs to the physical page: [ 14.883154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 14.883553] flags: 0x200000000000000(node=0|zone=2) [ 14.883725] page_type: f5(slab) [ 14.883845] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.884579] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.884926] page dumped because: kasan: bad access detected [ 14.885140] [ 14.885227] Memory state around the buggy address: [ 14.885428] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 14.885726] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.886024] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.886327] ^ [ 14.886519] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.886759] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.887232] ================================================================== [ 14.823302] ================================================================== [ 14.823658] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.824083] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 14.824419] [ 14.824522] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.824565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.824577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.824607] Call Trace: [ 14.824623] <TASK> [ 14.824640] dump_stack_lvl+0x73/0xb0 [ 14.824666] print_report+0xd1/0x650 [ 14.824688] ? __virt_addr_valid+0x1db/0x2d0 [ 14.824710] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.824736] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.824759] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.824820] kasan_report+0x141/0x180 [ 14.824842] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.824873] kasan_check_range+0x10c/0x1c0 [ 14.824896] __kasan_check_write+0x18/0x20 [ 14.824915] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.824941] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.824969] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.824992] ? trace_hardirqs_on+0x37/0xe0 [ 14.825015] ? kasan_bitops_generic+0x92/0x1c0 [ 14.825043] kasan_bitops_generic+0x116/0x1c0 [ 14.825067] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.825092] ? __pfx_read_tsc+0x10/0x10 [ 14.825114] ? ktime_get_ts64+0x86/0x230 [ 14.825138] kunit_try_run_case+0x1a5/0x480 [ 14.825162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.825186] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.825209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.825233] ? __kthread_parkme+0x82/0x180 [ 14.825254] ? preempt_count_sub+0x50/0x80 [ 14.825278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.825303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.825327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.825352] kthread+0x337/0x6f0 [ 14.825371] ? trace_preempt_on+0x20/0xc0 [ 14.825394] ? __pfx_kthread+0x10/0x10 [ 14.825413] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.825435] ? calculate_sigpending+0x7b/0xa0 [ 14.825459] ? __pfx_kthread+0x10/0x10 [ 14.825481] ret_from_fork+0x116/0x1d0 [ 14.825500] ? __pfx_kthread+0x10/0x10 [ 14.825521] ret_from_fork_asm+0x1a/0x30 [ 14.825551] </TASK> [ 14.825561] [ 14.834165] Allocated by task 278: [ 14.834347] kasan_save_stack+0x45/0x70 [ 14.834549] kasan_save_track+0x18/0x40 [ 14.834748] kasan_save_alloc_info+0x3b/0x50 [ 14.835019] __kasan_kmalloc+0xb7/0xc0 [ 14.835191] __kmalloc_cache_noprof+0x189/0x420 [ 14.835346] kasan_bitops_generic+0x92/0x1c0 [ 14.835493] kunit_try_run_case+0x1a5/0x480 [ 14.835650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.835866] kthread+0x337/0x6f0 [ 14.835985] ret_from_fork+0x116/0x1d0 [ 14.836118] ret_from_fork_asm+0x1a/0x30 [ 14.836289] [ 14.836383] The buggy address belongs to the object at ffff888102434620 [ 14.836383] which belongs to the cache kmalloc-16 of size 16 [ 14.836963] The buggy address is located 8 bytes inside of [ 14.836963] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 14.837507] [ 14.837615] The buggy address belongs to the physical page: [ 14.837902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 14.838140] flags: 0x200000000000000(node=0|zone=2) [ 14.838301] page_type: f5(slab) [ 14.838418] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.838920] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.839257] page dumped because: kasan: bad access detected [ 14.839511] [ 14.839610] Memory state around the buggy address: [ 14.839936] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 14.840258] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.840536] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.840882] ^ [ 14.841102] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.841377] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.841671] ================================================================== [ 14.780870] ================================================================== [ 14.781524] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.782273] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 14.782997] [ 14.783201] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.783246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.783257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.783277] Call Trace: [ 14.783290] <TASK> [ 14.783308] dump_stack_lvl+0x73/0xb0 [ 14.783338] print_report+0xd1/0x650 [ 14.783359] ? __virt_addr_valid+0x1db/0x2d0 [ 14.783384] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.783410] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.783434] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.783460] kasan_report+0x141/0x180 [ 14.783481] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.783512] kasan_check_range+0x10c/0x1c0 [ 14.783535] __kasan_check_write+0x18/0x20 [ 14.783555] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.783581] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.783621] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.783646] ? trace_hardirqs_on+0x37/0xe0 [ 14.783669] ? kasan_bitops_generic+0x92/0x1c0 [ 14.783697] kasan_bitops_generic+0x116/0x1c0 [ 14.783720] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.783745] ? __pfx_read_tsc+0x10/0x10 [ 14.783787] ? ktime_get_ts64+0x86/0x230 [ 14.783812] kunit_try_run_case+0x1a5/0x480 [ 14.783837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.783860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.783884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.783908] ? __kthread_parkme+0x82/0x180 [ 14.783946] ? preempt_count_sub+0x50/0x80 [ 14.783971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.783995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.784022] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.784049] kthread+0x337/0x6f0 [ 14.784068] ? trace_preempt_on+0x20/0xc0 [ 14.784090] ? __pfx_kthread+0x10/0x10 [ 14.784112] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.784133] ? calculate_sigpending+0x7b/0xa0 [ 14.784158] ? __pfx_kthread+0x10/0x10 [ 14.784179] ret_from_fork+0x116/0x1d0 [ 14.784198] ? __pfx_kthread+0x10/0x10 [ 14.784219] ret_from_fork_asm+0x1a/0x30 [ 14.784251] </TASK> [ 14.784261] [ 14.795495] Allocated by task 278: [ 14.795703] kasan_save_stack+0x45/0x70 [ 14.795966] kasan_save_track+0x18/0x40 [ 14.796150] kasan_save_alloc_info+0x3b/0x50 [ 14.796301] __kasan_kmalloc+0xb7/0xc0 [ 14.796432] __kmalloc_cache_noprof+0x189/0x420 [ 14.796629] kasan_bitops_generic+0x92/0x1c0 [ 14.796905] kunit_try_run_case+0x1a5/0x480 [ 14.797114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.797562] kthread+0x337/0x6f0 [ 14.797695] ret_from_fork+0x116/0x1d0 [ 14.798034] ret_from_fork_asm+0x1a/0x30 [ 14.798238] [ 14.798331] The buggy address belongs to the object at ffff888102434620 [ 14.798331] which belongs to the cache kmalloc-16 of size 16 [ 14.798787] The buggy address is located 8 bytes inside of [ 14.798787] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 14.799161] [ 14.799257] The buggy address belongs to the physical page: [ 14.799666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 14.800077] flags: 0x200000000000000(node=0|zone=2) [ 14.800321] page_type: f5(slab) [ 14.800496] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.800745] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.801121] page dumped because: kasan: bad access detected [ 14.801298] [ 14.801388] Memory state around the buggy address: [ 14.801617] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 14.801883] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.802186] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.802516] ^ [ 14.802742] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.803029] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.803244] ================================================================== [ 14.803720] ================================================================== [ 14.804494] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.805075] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 14.805303] [ 14.805391] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.805435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.805447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.805467] Call Trace: [ 14.805486] <TASK> [ 14.805504] dump_stack_lvl+0x73/0xb0 [ 14.805534] print_report+0xd1/0x650 [ 14.805556] ? __virt_addr_valid+0x1db/0x2d0 [ 14.805580] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.805619] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.805642] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.805669] kasan_report+0x141/0x180 [ 14.805690] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.805721] kasan_check_range+0x10c/0x1c0 [ 14.805745] __kasan_check_write+0x18/0x20 [ 14.805783] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.805810] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.805856] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.805883] ? trace_hardirqs_on+0x37/0xe0 [ 14.805908] ? kasan_bitops_generic+0x92/0x1c0 [ 14.805935] kasan_bitops_generic+0x116/0x1c0 [ 14.805959] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.805985] ? __pfx_read_tsc+0x10/0x10 [ 14.806006] ? ktime_get_ts64+0x86/0x230 [ 14.806031] kunit_try_run_case+0x1a5/0x480 [ 14.806055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.806078] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.806102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.806127] ? __kthread_parkme+0x82/0x180 [ 14.806148] ? preempt_count_sub+0x50/0x80 [ 14.806172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.806196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.806221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.806247] kthread+0x337/0x6f0 [ 14.806265] ? trace_preempt_on+0x20/0xc0 [ 14.806286] ? __pfx_kthread+0x10/0x10 [ 14.806307] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.806328] ? calculate_sigpending+0x7b/0xa0 [ 14.806352] ? __pfx_kthread+0x10/0x10 [ 14.806374] ret_from_fork+0x116/0x1d0 [ 14.806393] ? __pfx_kthread+0x10/0x10 [ 14.806413] ret_from_fork_asm+0x1a/0x30 [ 14.806444] </TASK> [ 14.806454] [ 14.815004] Allocated by task 278: [ 14.815189] kasan_save_stack+0x45/0x70 [ 14.815368] kasan_save_track+0x18/0x40 [ 14.815534] kasan_save_alloc_info+0x3b/0x50 [ 14.815692] __kasan_kmalloc+0xb7/0xc0 [ 14.815851] __kmalloc_cache_noprof+0x189/0x420 [ 14.816246] kasan_bitops_generic+0x92/0x1c0 [ 14.816461] kunit_try_run_case+0x1a5/0x480 [ 14.816681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.816996] kthread+0x337/0x6f0 [ 14.817232] ret_from_fork+0x116/0x1d0 [ 14.817365] ret_from_fork_asm+0x1a/0x30 [ 14.817561] [ 14.817669] The buggy address belongs to the object at ffff888102434620 [ 14.817669] which belongs to the cache kmalloc-16 of size 16 [ 14.818251] The buggy address is located 8 bytes inside of [ 14.818251] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 14.818705] [ 14.818802] The buggy address belongs to the physical page: [ 14.818979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 14.819238] flags: 0x200000000000000(node=0|zone=2) [ 14.819418] page_type: f5(slab) [ 14.819584] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.819961] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.820478] page dumped because: kasan: bad access detected [ 14.820801] [ 14.820891] Memory state around the buggy address: [ 14.821112] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 14.821339] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.821550] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.821768] ^ [ 14.821911] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.822122] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.822822] ================================================================== [ 14.909746] ================================================================== [ 14.910420] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.910905] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 14.911283] [ 14.911378] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.911422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.911433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.911453] Call Trace: [ 14.911470] <TASK> [ 14.911487] dump_stack_lvl+0x73/0xb0 [ 14.911516] print_report+0xd1/0x650 [ 14.911538] ? __virt_addr_valid+0x1db/0x2d0 [ 14.911561] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.911587] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.911624] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.911652] kasan_report+0x141/0x180 [ 14.911673] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.911704] kasan_check_range+0x10c/0x1c0 [ 14.911728] __kasan_check_write+0x18/0x20 [ 14.911748] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.911810] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.911839] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.911865] ? trace_hardirqs_on+0x37/0xe0 [ 14.911888] ? kasan_bitops_generic+0x92/0x1c0 [ 14.911915] kasan_bitops_generic+0x116/0x1c0 [ 14.911938] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.911984] ? __pfx_read_tsc+0x10/0x10 [ 14.912005] ? ktime_get_ts64+0x86/0x230 [ 14.912029] kunit_try_run_case+0x1a5/0x480 [ 14.912052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.912075] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.912099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.912122] ? __kthread_parkme+0x82/0x180 [ 14.912143] ? preempt_count_sub+0x50/0x80 [ 14.912167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.912191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.912216] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.912241] kthread+0x337/0x6f0 [ 14.912259] ? trace_preempt_on+0x20/0xc0 [ 14.912280] ? __pfx_kthread+0x10/0x10 [ 14.912300] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.912321] ? calculate_sigpending+0x7b/0xa0 [ 14.912345] ? __pfx_kthread+0x10/0x10 [ 14.912366] ret_from_fork+0x116/0x1d0 [ 14.912385] ? __pfx_kthread+0x10/0x10 [ 14.912404] ret_from_fork_asm+0x1a/0x30 [ 14.912434] </TASK> [ 14.912444] [ 14.920690] Allocated by task 278: [ 14.920878] kasan_save_stack+0x45/0x70 [ 14.921078] kasan_save_track+0x18/0x40 [ 14.921268] kasan_save_alloc_info+0x3b/0x50 [ 14.921461] __kasan_kmalloc+0xb7/0xc0 [ 14.921633] __kmalloc_cache_noprof+0x189/0x420 [ 14.922088] kasan_bitops_generic+0x92/0x1c0 [ 14.922256] kunit_try_run_case+0x1a5/0x480 [ 14.922450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.922720] kthread+0x337/0x6f0 [ 14.922904] ret_from_fork+0x116/0x1d0 [ 14.923037] ret_from_fork_asm+0x1a/0x30 [ 14.923177] [ 14.923247] The buggy address belongs to the object at ffff888102434620 [ 14.923247] which belongs to the cache kmalloc-16 of size 16 [ 14.923818] The buggy address is located 8 bytes inside of [ 14.923818] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 14.924332] [ 14.924411] The buggy address belongs to the physical page: [ 14.924587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 14.925006] flags: 0x200000000000000(node=0|zone=2) [ 14.925243] page_type: f5(slab) [ 14.925414] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.925892] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.926272] page dumped because: kasan: bad access detected [ 14.926539] [ 14.926641] Memory state around the buggy address: [ 14.926881] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 14.927168] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.927381] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.927690] ^ [ 14.927908] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.928184] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.928466] ================================================================== [ 14.887735] ================================================================== [ 14.888279] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.888766] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 14.889106] [ 14.889194] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.889237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.889247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.889268] Call Trace: [ 14.889280] <TASK> [ 14.889295] dump_stack_lvl+0x73/0xb0 [ 14.889323] print_report+0xd1/0x650 [ 14.889344] ? __virt_addr_valid+0x1db/0x2d0 [ 14.889367] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.889393] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.889416] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.889443] kasan_report+0x141/0x180 [ 14.889464] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.889495] kasan_check_range+0x10c/0x1c0 [ 14.889518] __kasan_check_write+0x18/0x20 [ 14.889538] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.889564] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.889592] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.889628] ? trace_hardirqs_on+0x37/0xe0 [ 14.889651] ? kasan_bitops_generic+0x92/0x1c0 [ 14.889678] kasan_bitops_generic+0x116/0x1c0 [ 14.889702] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.889751] ? __pfx_read_tsc+0x10/0x10 [ 14.889774] ? ktime_get_ts64+0x86/0x230 [ 14.889801] kunit_try_run_case+0x1a5/0x480 [ 14.889825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.889847] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.889871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.889895] ? __kthread_parkme+0x82/0x180 [ 14.889916] ? preempt_count_sub+0x50/0x80 [ 14.889940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.889965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.889988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.890013] kthread+0x337/0x6f0 [ 14.890032] ? trace_preempt_on+0x20/0xc0 [ 14.890053] ? __pfx_kthread+0x10/0x10 [ 14.890074] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.890094] ? calculate_sigpending+0x7b/0xa0 [ 14.890119] ? __pfx_kthread+0x10/0x10 [ 14.890139] ret_from_fork+0x116/0x1d0 [ 14.890157] ? __pfx_kthread+0x10/0x10 [ 14.890177] ret_from_fork_asm+0x1a/0x30 [ 14.890220] </TASK> [ 14.890230] [ 14.898628] Allocated by task 278: [ 14.898761] kasan_save_stack+0x45/0x70 [ 14.898913] kasan_save_track+0x18/0x40 [ 14.899172] kasan_save_alloc_info+0x3b/0x50 [ 14.899506] __kasan_kmalloc+0xb7/0xc0 [ 14.899706] __kmalloc_cache_noprof+0x189/0x420 [ 14.899949] kasan_bitops_generic+0x92/0x1c0 [ 14.900146] kunit_try_run_case+0x1a5/0x480 [ 14.900292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.900467] kthread+0x337/0x6f0 [ 14.900590] ret_from_fork+0x116/0x1d0 [ 14.900899] ret_from_fork_asm+0x1a/0x30 [ 14.901116] [ 14.901206] The buggy address belongs to the object at ffff888102434620 [ 14.901206] which belongs to the cache kmalloc-16 of size 16 [ 14.901587] The buggy address is located 8 bytes inside of [ 14.901587] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 14.901944] [ 14.902015] The buggy address belongs to the physical page: [ 14.902359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 14.903636] flags: 0x200000000000000(node=0|zone=2) [ 14.904813] page_type: f5(slab) [ 14.904981] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.905301] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.905635] page dumped because: kasan: bad access detected [ 14.905869] [ 14.905946] Memory state around the buggy address: [ 14.906166] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 14.906453] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.907612] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.907971] ^ [ 14.908159] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.908648] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.909157] ================================================================== [ 14.750361] ================================================================== [ 14.750890] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.751247] Write of size 8 at addr ffff888102434628 by task kunit_try_catch/278 [ 14.751548] [ 14.751696] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.751758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.751772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.751793] Call Trace: [ 14.751818] <TASK> [ 14.751836] dump_stack_lvl+0x73/0xb0 [ 14.751867] print_report+0xd1/0x650 [ 14.751890] ? __virt_addr_valid+0x1db/0x2d0 [ 14.751915] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.751941] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.751976] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.752003] kasan_report+0x141/0x180 [ 14.752025] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.752067] kasan_check_range+0x10c/0x1c0 [ 14.752091] __kasan_check_write+0x18/0x20 [ 14.752110] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.752137] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.752165] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.752200] ? trace_hardirqs_on+0x37/0xe0 [ 14.752223] ? kasan_bitops_generic+0x92/0x1c0 [ 14.752250] kasan_bitops_generic+0x116/0x1c0 [ 14.752285] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.752310] ? __pfx_read_tsc+0x10/0x10 [ 14.752331] ? ktime_get_ts64+0x86/0x230 [ 14.752365] kunit_try_run_case+0x1a5/0x480 [ 14.752391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.752414] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.752450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.752474] ? __kthread_parkme+0x82/0x180 [ 14.752496] ? preempt_count_sub+0x50/0x80 [ 14.752522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.752553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.752579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.752630] kthread+0x337/0x6f0 [ 14.752651] ? trace_preempt_on+0x20/0xc0 [ 14.752673] ? __pfx_kthread+0x10/0x10 [ 14.752694] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.752716] ? calculate_sigpending+0x7b/0xa0 [ 14.752741] ? __pfx_kthread+0x10/0x10 [ 14.752763] ret_from_fork+0x116/0x1d0 [ 14.752800] ? __pfx_kthread+0x10/0x10 [ 14.752822] ret_from_fork_asm+0x1a/0x30 [ 14.752855] </TASK> [ 14.752865] [ 14.766251] Allocated by task 278: [ 14.766401] kasan_save_stack+0x45/0x70 [ 14.767375] kasan_save_track+0x18/0x40 [ 14.767851] kasan_save_alloc_info+0x3b/0x50 [ 14.768172] __kasan_kmalloc+0xb7/0xc0 [ 14.768309] __kmalloc_cache_noprof+0x189/0x420 [ 14.768468] kasan_bitops_generic+0x92/0x1c0 [ 14.768627] kunit_try_run_case+0x1a5/0x480 [ 14.768829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.769395] kthread+0x337/0x6f0 [ 14.769792] ret_from_fork+0x116/0x1d0 [ 14.770148] ret_from_fork_asm+0x1a/0x30 [ 14.770519] [ 14.770690] The buggy address belongs to the object at ffff888102434620 [ 14.770690] which belongs to the cache kmalloc-16 of size 16 [ 14.772007] The buggy address is located 8 bytes inside of [ 14.772007] allocated 9-byte region [ffff888102434620, ffff888102434629) [ 14.773108] [ 14.773272] The buggy address belongs to the physical page: [ 14.773669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 14.774454] flags: 0x200000000000000(node=0|zone=2) [ 14.774641] page_type: f5(slab) [ 14.774786] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.775540] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.776393] page dumped because: kasan: bad access detected [ 14.776900] [ 14.777067] Memory state around the buggy address: [ 14.777523] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 14.777757] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.778485] >ffff888102434600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.779231] ^ [ 14.779790] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.780049] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.780272] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.720646] ================================================================== [ 14.721227] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.721500] Read of size 1 at addr ffff8881029cc7d0 by task kunit_try_catch/276 [ 14.721901] [ 14.722038] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.722084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.722097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.722119] Call Trace: [ 14.722136] <TASK> [ 14.722153] dump_stack_lvl+0x73/0xb0 [ 14.722181] print_report+0xd1/0x650 [ 14.722202] ? __virt_addr_valid+0x1db/0x2d0 [ 14.722226] ? strnlen+0x73/0x80 [ 14.722243] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.722267] ? strnlen+0x73/0x80 [ 14.722284] kasan_report+0x141/0x180 [ 14.722306] ? strnlen+0x73/0x80 [ 14.722327] __asan_report_load1_noabort+0x18/0x20 [ 14.722352] strnlen+0x73/0x80 [ 14.722369] kasan_strings+0x615/0xe80 [ 14.722389] ? trace_hardirqs_on+0x37/0xe0 [ 14.722424] ? __pfx_kasan_strings+0x10/0x10 [ 14.722444] ? finish_task_switch.isra.0+0x153/0x700 [ 14.722468] ? __switch_to+0x47/0xf50 [ 14.722504] ? __schedule+0x10cc/0x2b60 [ 14.722525] ? __pfx_read_tsc+0x10/0x10 [ 14.722546] ? ktime_get_ts64+0x86/0x230 [ 14.722570] kunit_try_run_case+0x1a5/0x480 [ 14.722603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.722626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.722650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.722674] ? __kthread_parkme+0x82/0x180 [ 14.722695] ? preempt_count_sub+0x50/0x80 [ 14.722718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.722741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.722785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.722811] kthread+0x337/0x6f0 [ 14.722832] ? trace_preempt_on+0x20/0xc0 [ 14.722855] ? __pfx_kthread+0x10/0x10 [ 14.722876] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.722898] ? calculate_sigpending+0x7b/0xa0 [ 14.722922] ? __pfx_kthread+0x10/0x10 [ 14.722943] ret_from_fork+0x116/0x1d0 [ 14.722971] ? __pfx_kthread+0x10/0x10 [ 14.722992] ret_from_fork_asm+0x1a/0x30 [ 14.723023] </TASK> [ 14.723043] [ 14.730399] Allocated by task 276: [ 14.730585] kasan_save_stack+0x45/0x70 [ 14.730740] kasan_save_track+0x18/0x40 [ 14.730898] kasan_save_alloc_info+0x3b/0x50 [ 14.731047] __kasan_kmalloc+0xb7/0xc0 [ 14.731225] __kmalloc_cache_noprof+0x189/0x420 [ 14.731458] kasan_strings+0xc0/0xe80 [ 14.731650] kunit_try_run_case+0x1a5/0x480 [ 14.731882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.732135] kthread+0x337/0x6f0 [ 14.732307] ret_from_fork+0x116/0x1d0 [ 14.732492] ret_from_fork_asm+0x1a/0x30 [ 14.732657] [ 14.732751] Freed by task 276: [ 14.732935] kasan_save_stack+0x45/0x70 [ 14.733105] kasan_save_track+0x18/0x40 [ 14.733306] kasan_save_free_info+0x3f/0x60 [ 14.733453] __kasan_slab_free+0x56/0x70 [ 14.733628] kfree+0x222/0x3f0 [ 14.733830] kasan_strings+0x2aa/0xe80 [ 14.734033] kunit_try_run_case+0x1a5/0x480 [ 14.734209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.734467] kthread+0x337/0x6f0 [ 14.734630] ret_from_fork+0x116/0x1d0 [ 14.734866] ret_from_fork_asm+0x1a/0x30 [ 14.735039] [ 14.735144] The buggy address belongs to the object at ffff8881029cc7c0 [ 14.735144] which belongs to the cache kmalloc-32 of size 32 [ 14.735636] The buggy address is located 16 bytes inside of [ 14.735636] freed 32-byte region [ffff8881029cc7c0, ffff8881029cc7e0) [ 14.736154] [ 14.736244] The buggy address belongs to the physical page: [ 14.736495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 14.736785] flags: 0x200000000000000(node=0|zone=2) [ 14.736951] page_type: f5(slab) [ 14.737068] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.737298] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.737586] page dumped because: kasan: bad access detected [ 14.737877] [ 14.737969] Memory state around the buggy address: [ 14.738191] ffff8881029cc680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.738509] ffff8881029cc700: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.738879] >ffff8881029cc780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.739183] ^ [ 14.739361] ffff8881029cc800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.739583] ffff8881029cc880: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.740785] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.699195] ================================================================== [ 14.699617] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.699869] Read of size 1 at addr ffff8881029cc7d0 by task kunit_try_catch/276 [ 14.700108] [ 14.700223] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.700266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.700278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.700298] Call Trace: [ 14.700316] <TASK> [ 14.700334] dump_stack_lvl+0x73/0xb0 [ 14.700360] print_report+0xd1/0x650 [ 14.700381] ? __virt_addr_valid+0x1db/0x2d0 [ 14.700402] ? strlen+0x8f/0xb0 [ 14.700418] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.700439] ? strlen+0x8f/0xb0 [ 14.700456] kasan_report+0x141/0x180 [ 14.700477] ? strlen+0x8f/0xb0 [ 14.700497] __asan_report_load1_noabort+0x18/0x20 [ 14.700520] strlen+0x8f/0xb0 [ 14.700537] kasan_strings+0x57b/0xe80 [ 14.700556] ? trace_hardirqs_on+0x37/0xe0 [ 14.700578] ? __pfx_kasan_strings+0x10/0x10 [ 14.700951] ? finish_task_switch.isra.0+0x153/0x700 [ 14.700983] ? __switch_to+0x47/0xf50 [ 14.701010] ? __schedule+0x10cc/0x2b60 [ 14.701032] ? __pfx_read_tsc+0x10/0x10 [ 14.701054] ? ktime_get_ts64+0x86/0x230 [ 14.701078] kunit_try_run_case+0x1a5/0x480 [ 14.701102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.701125] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.701149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.701183] ? __kthread_parkme+0x82/0x180 [ 14.701203] ? preempt_count_sub+0x50/0x80 [ 14.701225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.701261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.701285] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.701310] kthread+0x337/0x6f0 [ 14.701329] ? trace_preempt_on+0x20/0xc0 [ 14.701351] ? __pfx_kthread+0x10/0x10 [ 14.701372] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.701393] ? calculate_sigpending+0x7b/0xa0 [ 14.701418] ? __pfx_kthread+0x10/0x10 [ 14.701439] ret_from_fork+0x116/0x1d0 [ 14.701457] ? __pfx_kthread+0x10/0x10 [ 14.701477] ret_from_fork_asm+0x1a/0x30 [ 14.701508] </TASK> [ 14.701518] [ 14.708878] Allocated by task 276: [ 14.709095] kasan_save_stack+0x45/0x70 [ 14.709330] kasan_save_track+0x18/0x40 [ 14.709518] kasan_save_alloc_info+0x3b/0x50 [ 14.709709] __kasan_kmalloc+0xb7/0xc0 [ 14.709948] __kmalloc_cache_noprof+0x189/0x420 [ 14.710173] kasan_strings+0xc0/0xe80 [ 14.710359] kunit_try_run_case+0x1a5/0x480 [ 14.710572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.710871] kthread+0x337/0x6f0 [ 14.711050] ret_from_fork+0x116/0x1d0 [ 14.711236] ret_from_fork_asm+0x1a/0x30 [ 14.711405] [ 14.711516] Freed by task 276: [ 14.711673] kasan_save_stack+0x45/0x70 [ 14.711897] kasan_save_track+0x18/0x40 [ 14.712081] kasan_save_free_info+0x3f/0x60 [ 14.712246] __kasan_slab_free+0x56/0x70 [ 14.712441] kfree+0x222/0x3f0 [ 14.712616] kasan_strings+0x2aa/0xe80 [ 14.712798] kunit_try_run_case+0x1a5/0x480 [ 14.712943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.713118] kthread+0x337/0x6f0 [ 14.713239] ret_from_fork+0x116/0x1d0 [ 14.713370] ret_from_fork_asm+0x1a/0x30 [ 14.713577] [ 14.713686] The buggy address belongs to the object at ffff8881029cc7c0 [ 14.713686] which belongs to the cache kmalloc-32 of size 32 [ 14.714240] The buggy address is located 16 bytes inside of [ 14.714240] freed 32-byte region [ffff8881029cc7c0, ffff8881029cc7e0) [ 14.714793] [ 14.714911] The buggy address belongs to the physical page: [ 14.715152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 14.715394] flags: 0x200000000000000(node=0|zone=2) [ 14.715558] page_type: f5(slab) [ 14.715688] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.715947] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.716314] page dumped because: kasan: bad access detected [ 14.716602] [ 14.716700] Memory state around the buggy address: [ 14.716987] ffff8881029cc680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.717329] ffff8881029cc700: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.717659] >ffff8881029cc780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.718008] ^ [ 14.718275] ffff8881029cc800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.718577] ffff8881029cc880: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.718879] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.676882] ================================================================== [ 14.677401] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.677636] Read of size 1 at addr ffff8881029cc7d0 by task kunit_try_catch/276 [ 14.678083] [ 14.678265] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.678328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.678339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.678358] Call Trace: [ 14.678369] <TASK> [ 14.678383] dump_stack_lvl+0x73/0xb0 [ 14.678422] print_report+0xd1/0x650 [ 14.678443] ? __virt_addr_valid+0x1db/0x2d0 [ 14.678467] ? kasan_strings+0xcbc/0xe80 [ 14.678487] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.678510] ? kasan_strings+0xcbc/0xe80 [ 14.678530] kasan_report+0x141/0x180 [ 14.678552] ? kasan_strings+0xcbc/0xe80 [ 14.678576] __asan_report_load1_noabort+0x18/0x20 [ 14.678611] kasan_strings+0xcbc/0xe80 [ 14.678630] ? trace_hardirqs_on+0x37/0xe0 [ 14.678653] ? __pfx_kasan_strings+0x10/0x10 [ 14.678673] ? finish_task_switch.isra.0+0x153/0x700 [ 14.678697] ? __switch_to+0x47/0xf50 [ 14.678729] ? __schedule+0x10cc/0x2b60 [ 14.678751] ? __pfx_read_tsc+0x10/0x10 [ 14.678796] ? ktime_get_ts64+0x86/0x230 [ 14.678836] kunit_try_run_case+0x1a5/0x480 [ 14.678860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.678883] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.678917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.678941] ? __kthread_parkme+0x82/0x180 [ 14.678960] ? preempt_count_sub+0x50/0x80 [ 14.678983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.679007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.679031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.679057] kthread+0x337/0x6f0 [ 14.679075] ? trace_preempt_on+0x20/0xc0 [ 14.679097] ? __pfx_kthread+0x10/0x10 [ 14.679118] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.679140] ? calculate_sigpending+0x7b/0xa0 [ 14.679164] ? __pfx_kthread+0x10/0x10 [ 14.679185] ret_from_fork+0x116/0x1d0 [ 14.679203] ? __pfx_kthread+0x10/0x10 [ 14.679224] ret_from_fork_asm+0x1a/0x30 [ 14.679255] </TASK> [ 14.679265] [ 14.688657] Allocated by task 276: [ 14.688851] kasan_save_stack+0x45/0x70 [ 14.689091] kasan_save_track+0x18/0x40 [ 14.689226] kasan_save_alloc_info+0x3b/0x50 [ 14.689375] __kasan_kmalloc+0xb7/0xc0 [ 14.689505] __kmalloc_cache_noprof+0x189/0x420 [ 14.689735] kasan_strings+0xc0/0xe80 [ 14.689962] kunit_try_run_case+0x1a5/0x480 [ 14.690170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.690395] kthread+0x337/0x6f0 [ 14.690513] ret_from_fork+0x116/0x1d0 [ 14.690658] ret_from_fork_asm+0x1a/0x30 [ 14.690858] [ 14.690951] Freed by task 276: [ 14.691139] kasan_save_stack+0x45/0x70 [ 14.691334] kasan_save_track+0x18/0x40 [ 14.691538] kasan_save_free_info+0x3f/0x60 [ 14.691833] __kasan_slab_free+0x56/0x70 [ 14.692069] kfree+0x222/0x3f0 [ 14.692237] kasan_strings+0x2aa/0xe80 [ 14.692421] kunit_try_run_case+0x1a5/0x480 [ 14.692630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.692902] kthread+0x337/0x6f0 [ 14.693055] ret_from_fork+0x116/0x1d0 [ 14.693186] ret_from_fork_asm+0x1a/0x30 [ 14.693322] [ 14.693436] The buggy address belongs to the object at ffff8881029cc7c0 [ 14.693436] which belongs to the cache kmalloc-32 of size 32 [ 14.694026] The buggy address is located 16 bytes inside of [ 14.694026] freed 32-byte region [ffff8881029cc7c0, ffff8881029cc7e0) [ 14.694422] [ 14.694494] The buggy address belongs to the physical page: [ 14.694675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 14.695056] flags: 0x200000000000000(node=0|zone=2) [ 14.695292] page_type: f5(slab) [ 14.695463] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.695848] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.696079] page dumped because: kasan: bad access detected [ 14.696257] [ 14.696351] Memory state around the buggy address: [ 14.696570] ffff8881029cc680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.696946] ffff8881029cc700: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.697294] >ffff8881029cc780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.697616] ^ [ 14.697852] ffff8881029cc800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.698171] ffff8881029cc880: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.698462] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.648298] ================================================================== [ 14.649237] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.649508] Read of size 1 at addr ffff8881029cc7d0 by task kunit_try_catch/276 [ 14.649793] [ 14.649886] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.649933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.649945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.649966] Call Trace: [ 14.649977] <TASK> [ 14.649994] dump_stack_lvl+0x73/0xb0 [ 14.650021] print_report+0xd1/0x650 [ 14.650045] ? __virt_addr_valid+0x1db/0x2d0 [ 14.650070] ? strcmp+0xb0/0xc0 [ 14.650087] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.650110] ? strcmp+0xb0/0xc0 [ 14.650127] kasan_report+0x141/0x180 [ 14.650148] ? strcmp+0xb0/0xc0 [ 14.650169] __asan_report_load1_noabort+0x18/0x20 [ 14.650194] strcmp+0xb0/0xc0 [ 14.650212] kasan_strings+0x431/0xe80 [ 14.650232] ? trace_hardirqs_on+0x37/0xe0 [ 14.650257] ? __pfx_kasan_strings+0x10/0x10 [ 14.650277] ? finish_task_switch.isra.0+0x153/0x700 [ 14.650301] ? __switch_to+0x47/0xf50 [ 14.650328] ? __schedule+0x10cc/0x2b60 [ 14.650350] ? __pfx_read_tsc+0x10/0x10 [ 14.650372] ? ktime_get_ts64+0x86/0x230 [ 14.650396] kunit_try_run_case+0x1a5/0x480 [ 14.650420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.650443] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.650467] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.650491] ? __kthread_parkme+0x82/0x180 [ 14.650513] ? preempt_count_sub+0x50/0x80 [ 14.650536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.650561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.650586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.650674] kthread+0x337/0x6f0 [ 14.650693] ? trace_preempt_on+0x20/0xc0 [ 14.650715] ? __pfx_kthread+0x10/0x10 [ 14.650736] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.650758] ? calculate_sigpending+0x7b/0xa0 [ 14.650793] ? __pfx_kthread+0x10/0x10 [ 14.650858] ret_from_fork+0x116/0x1d0 [ 14.650877] ? __pfx_kthread+0x10/0x10 [ 14.650898] ret_from_fork_asm+0x1a/0x30 [ 14.650928] </TASK> [ 14.650938] [ 14.659179] Allocated by task 276: [ 14.659318] kasan_save_stack+0x45/0x70 [ 14.659468] kasan_save_track+0x18/0x40 [ 14.659693] kasan_save_alloc_info+0x3b/0x50 [ 14.660184] __kasan_kmalloc+0xb7/0xc0 [ 14.660532] __kmalloc_cache_noprof+0x189/0x420 [ 14.660951] kasan_strings+0xc0/0xe80 [ 14.661094] kunit_try_run_case+0x1a5/0x480 [ 14.661244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.661429] kthread+0x337/0x6f0 [ 14.661645] ret_from_fork+0x116/0x1d0 [ 14.662165] ret_from_fork_asm+0x1a/0x30 [ 14.662636] [ 14.662803] Freed by task 276: [ 14.663232] kasan_save_stack+0x45/0x70 [ 14.663616] kasan_save_track+0x18/0x40 [ 14.664058] kasan_save_free_info+0x3f/0x60 [ 14.664475] __kasan_slab_free+0x56/0x70 [ 14.664907] kfree+0x222/0x3f0 [ 14.665029] kasan_strings+0x2aa/0xe80 [ 14.665163] kunit_try_run_case+0x1a5/0x480 [ 14.665310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.665488] kthread+0x337/0x6f0 [ 14.665622] ret_from_fork+0x116/0x1d0 [ 14.666292] ret_from_fork_asm+0x1a/0x30 [ 14.666675] [ 14.666846] The buggy address belongs to the object at ffff8881029cc7c0 [ 14.666846] which belongs to the cache kmalloc-32 of size 32 [ 14.667661] The buggy address is located 16 bytes inside of [ 14.667661] freed 32-byte region [ffff8881029cc7c0, ffff8881029cc7e0) [ 14.668780] [ 14.668975] The buggy address belongs to the physical page: [ 14.669470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 14.670037] flags: 0x200000000000000(node=0|zone=2) [ 14.670305] page_type: f5(slab) [ 14.670633] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.670973] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.671623] page dumped because: kasan: bad access detected [ 14.671963] [ 14.672032] Memory state around the buggy address: [ 14.672189] ffff8881029cc680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.672406] ffff8881029cc700: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.672666] >ffff8881029cc780: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.673301] ^ [ 14.673838] ffff8881029cc800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.674446] ffff8881029cc880: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.675107] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.623306] ================================================================== [ 14.623784] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.624238] Read of size 1 at addr ffff8881029cc658 by task kunit_try_catch/274 [ 14.624513] [ 14.624640] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.624686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.624697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.624718] Call Trace: [ 14.624729] <TASK> [ 14.624745] dump_stack_lvl+0x73/0xb0 [ 14.624771] print_report+0xd1/0x650 [ 14.624810] ? __virt_addr_valid+0x1db/0x2d0 [ 14.624834] ? memcmp+0x1b4/0x1d0 [ 14.624851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.624874] ? memcmp+0x1b4/0x1d0 [ 14.624892] kasan_report+0x141/0x180 [ 14.624912] ? memcmp+0x1b4/0x1d0 [ 14.624934] __asan_report_load1_noabort+0x18/0x20 [ 14.624958] memcmp+0x1b4/0x1d0 [ 14.624978] kasan_memcmp+0x18f/0x390 [ 14.624998] ? trace_hardirqs_on+0x37/0xe0 [ 14.625022] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.625042] ? finish_task_switch.isra.0+0x153/0x700 [ 14.625065] ? __switch_to+0x47/0xf50 [ 14.625094] ? __pfx_read_tsc+0x10/0x10 [ 14.625115] ? ktime_get_ts64+0x86/0x230 [ 14.625139] kunit_try_run_case+0x1a5/0x480 [ 14.625163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.625186] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.625209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.625233] ? __kthread_parkme+0x82/0x180 [ 14.625255] ? preempt_count_sub+0x50/0x80 [ 14.625277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.625302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.625327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.625351] kthread+0x337/0x6f0 [ 14.625371] ? trace_preempt_on+0x20/0xc0 [ 14.625393] ? __pfx_kthread+0x10/0x10 [ 14.625413] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.625434] ? calculate_sigpending+0x7b/0xa0 [ 14.625459] ? __pfx_kthread+0x10/0x10 [ 14.625481] ret_from_fork+0x116/0x1d0 [ 14.625499] ? __pfx_kthread+0x10/0x10 [ 14.625519] ret_from_fork_asm+0x1a/0x30 [ 14.625550] </TASK> [ 14.625560] [ 14.633097] Allocated by task 274: [ 14.633240] kasan_save_stack+0x45/0x70 [ 14.633392] kasan_save_track+0x18/0x40 [ 14.633555] kasan_save_alloc_info+0x3b/0x50 [ 14.633776] __kasan_kmalloc+0xb7/0xc0 [ 14.633964] __kmalloc_cache_noprof+0x189/0x420 [ 14.634185] kasan_memcmp+0xb7/0x390 [ 14.634364] kunit_try_run_case+0x1a5/0x480 [ 14.634718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.635096] kthread+0x337/0x6f0 [ 14.635270] ret_from_fork+0x116/0x1d0 [ 14.635425] ret_from_fork_asm+0x1a/0x30 [ 14.635565] [ 14.635648] The buggy address belongs to the object at ffff8881029cc640 [ 14.635648] which belongs to the cache kmalloc-32 of size 32 [ 14.636356] The buggy address is located 0 bytes to the right of [ 14.636356] allocated 24-byte region [ffff8881029cc640, ffff8881029cc658) [ 14.636993] [ 14.637098] The buggy address belongs to the physical page: [ 14.637308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 14.637644] flags: 0x200000000000000(node=0|zone=2) [ 14.638064] page_type: f5(slab) [ 14.638222] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.638539] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.638789] page dumped because: kasan: bad access detected [ 14.638968] [ 14.639038] Memory state around the buggy address: [ 14.639195] ffff8881029cc500: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.639479] ffff8881029cc580: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.639886] >ffff8881029cc600: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.640201] ^ [ 14.640476] ffff8881029cc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.640851] ffff8881029cc700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.641129] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.602173] ================================================================== [ 14.602648] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.603021] Read of size 1 at addr ffff888103aafc4a by task kunit_try_catch/270 [ 14.603405] [ 14.603511] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.603562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.603573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.603607] Call Trace: [ 14.603621] <TASK> [ 14.603639] dump_stack_lvl+0x73/0xb0 [ 14.603674] print_report+0xd1/0x650 [ 14.603697] ? __virt_addr_valid+0x1db/0x2d0 [ 14.603723] ? kasan_alloca_oob_right+0x329/0x390 [ 14.603746] ? kasan_addr_to_slab+0x11/0xa0 [ 14.603767] ? kasan_alloca_oob_right+0x329/0x390 [ 14.603856] kasan_report+0x141/0x180 [ 14.603881] ? kasan_alloca_oob_right+0x329/0x390 [ 14.603909] __asan_report_load1_noabort+0x18/0x20 [ 14.603935] kasan_alloca_oob_right+0x329/0x390 [ 14.603959] ? finish_task_switch.isra.0+0x153/0x700 [ 14.603986] ? preempt_schedule_common+0xbe/0x110 [ 14.604011] ? trace_hardirqs_on+0x37/0xe0 [ 14.604038] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.604064] ? __schedule+0x10cc/0x2b60 [ 14.604086] ? __pfx_read_tsc+0x10/0x10 [ 14.604108] ? ktime_get_ts64+0x86/0x230 [ 14.604133] kunit_try_run_case+0x1a5/0x480 [ 14.604160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.604184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.604208] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.604233] ? __kthread_parkme+0x82/0x180 [ 14.604256] ? preempt_count_sub+0x50/0x80 [ 14.604279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.604303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.604329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.604354] kthread+0x337/0x6f0 [ 14.604373] ? trace_preempt_on+0x20/0xc0 [ 14.604395] ? __pfx_kthread+0x10/0x10 [ 14.604416] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.604438] ? calculate_sigpending+0x7b/0xa0 [ 14.604463] ? __pfx_kthread+0x10/0x10 [ 14.604484] ret_from_fork+0x116/0x1d0 [ 14.604503] ? __pfx_kthread+0x10/0x10 [ 14.604523] ret_from_fork_asm+0x1a/0x30 [ 14.604556] </TASK> [ 14.604567] [ 14.612620] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.613053] [ 14.613159] The buggy address belongs to the physical page: [ 14.613414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103aaf [ 14.613706] flags: 0x200000000000000(node=0|zone=2) [ 14.613950] raw: 0200000000000000 ffffea00040eabc8 ffffea00040eabc8 0000000000000000 [ 14.614237] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.614817] page dumped because: kasan: bad access detected [ 14.615048] [ 14.615141] Memory state around the buggy address: [ 14.615340] ffff888103aafb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.615580] ffff888103aafb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.615808] >ffff888103aafc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.616023] ^ [ 14.616280] ffff888103aafc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.616638] ffff888103aafd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.617154] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.582168] ================================================================== [ 14.582633] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.582987] Read of size 1 at addr ffff888103a7fc3f by task kunit_try_catch/268 [ 14.583311] [ 14.583433] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.583481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.583492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.583512] Call Trace: [ 14.583526] <TASK> [ 14.583541] dump_stack_lvl+0x73/0xb0 [ 14.583570] print_report+0xd1/0x650 [ 14.583603] ? __virt_addr_valid+0x1db/0x2d0 [ 14.583626] ? kasan_alloca_oob_left+0x320/0x380 [ 14.583648] ? kasan_addr_to_slab+0x11/0xa0 [ 14.583670] ? kasan_alloca_oob_left+0x320/0x380 [ 14.583707] kasan_report+0x141/0x180 [ 14.583729] ? kasan_alloca_oob_left+0x320/0x380 [ 14.583758] __asan_report_load1_noabort+0x18/0x20 [ 14.583783] kasan_alloca_oob_left+0x320/0x380 [ 14.583825] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.583857] ? finish_task_switch.isra.0+0x153/0x700 [ 14.583882] ? preempt_schedule_common+0xbe/0x110 [ 14.583906] ? trace_hardirqs_on+0x37/0xe0 [ 14.583932] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.583958] ? __schedule+0x10cc/0x2b60 [ 14.583979] ? __pfx_read_tsc+0x10/0x10 [ 14.584000] ? ktime_get_ts64+0x86/0x230 [ 14.584025] kunit_try_run_case+0x1a5/0x480 [ 14.584049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.584073] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.584096] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.584119] ? __kthread_parkme+0x82/0x180 [ 14.584142] ? preempt_count_sub+0x50/0x80 [ 14.584165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.584189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.584214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.584238] kthread+0x337/0x6f0 [ 14.584257] ? trace_preempt_on+0x20/0xc0 [ 14.584279] ? __pfx_kthread+0x10/0x10 [ 14.584300] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.584322] ? calculate_sigpending+0x7b/0xa0 [ 14.584347] ? __pfx_kthread+0x10/0x10 [ 14.584368] ret_from_fork+0x116/0x1d0 [ 14.584387] ? __pfx_kthread+0x10/0x10 [ 14.584408] ret_from_fork_asm+0x1a/0x30 [ 14.584439] </TASK> [ 14.584449] [ 14.592359] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.592852] [ 14.592950] The buggy address belongs to the physical page: [ 14.593128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a7f [ 14.593492] flags: 0x200000000000000(node=0|zone=2) [ 14.593749] raw: 0200000000000000 ffffea00040e9fc8 ffffea00040e9fc8 0000000000000000 [ 14.594074] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.594449] page dumped because: kasan: bad access detected [ 14.594636] [ 14.594704] Memory state around the buggy address: [ 14.595185] ffff888103a7fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.595493] ffff888103a7fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.595732] >ffff888103a7fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.595970] ^ [ 14.596250] ffff888103a7fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.596566] ffff888103a7fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.597052] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.561681] ================================================================== [ 14.562346] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.562656] Read of size 1 at addr ffff888103aafd02 by task kunit_try_catch/266 [ 14.562946] [ 14.563069] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.563115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.563127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.563149] Call Trace: [ 14.563161] <TASK> [ 14.563177] dump_stack_lvl+0x73/0xb0 [ 14.563207] print_report+0xd1/0x650 [ 14.563229] ? __virt_addr_valid+0x1db/0x2d0 [ 14.563253] ? kasan_stack_oob+0x2b5/0x300 [ 14.563273] ? kasan_addr_to_slab+0x11/0xa0 [ 14.563294] ? kasan_stack_oob+0x2b5/0x300 [ 14.563315] kasan_report+0x141/0x180 [ 14.563336] ? kasan_stack_oob+0x2b5/0x300 [ 14.563362] __asan_report_load1_noabort+0x18/0x20 [ 14.563387] kasan_stack_oob+0x2b5/0x300 [ 14.563406] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.563426] ? finish_task_switch.isra.0+0x153/0x700 [ 14.563451] ? __switch_to+0x47/0xf50 [ 14.563479] ? __schedule+0x10cc/0x2b60 [ 14.563501] ? __pfx_read_tsc+0x10/0x10 [ 14.563523] ? ktime_get_ts64+0x86/0x230 [ 14.563547] kunit_try_run_case+0x1a5/0x480 [ 14.563573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.563607] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.563631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.563655] ? __kthread_parkme+0x82/0x180 [ 14.563678] ? preempt_count_sub+0x50/0x80 [ 14.563700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.563725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.563749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.563775] kthread+0x337/0x6f0 [ 14.563793] ? trace_preempt_on+0x20/0xc0 [ 14.563817] ? __pfx_kthread+0x10/0x10 [ 14.563838] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.563860] ? calculate_sigpending+0x7b/0xa0 [ 14.563885] ? __pfx_kthread+0x10/0x10 [ 14.563906] ret_from_fork+0x116/0x1d0 [ 14.563935] ? __pfx_kthread+0x10/0x10 [ 14.563955] ret_from_fork_asm+0x1a/0x30 [ 14.563986] </TASK> [ 14.563997] [ 14.571576] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.572007] and is located at offset 138 in frame: [ 14.572338] kasan_stack_oob+0x0/0x300 [ 14.572687] [ 14.572851] This frame has 4 objects: [ 14.573122] [48, 49) '__assertion' [ 14.573143] [64, 72) 'array' [ 14.573289] [96, 112) '__assertion' [ 14.573460] [128, 138) 'stack_array' [ 14.573671] [ 14.574112] The buggy address belongs to the physical page: [ 14.574296] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103aaf [ 14.574633] flags: 0x200000000000000(node=0|zone=2) [ 14.575067] raw: 0200000000000000 ffffea00040eabc8 ffffea00040eabc8 0000000000000000 [ 14.575424] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.575747] page dumped because: kasan: bad access detected [ 14.576032] [ 14.576128] Memory state around the buggy address: [ 14.576311] ffff888103aafc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.576529] ffff888103aafc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.576959] >ffff888103aafd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.577284] ^ [ 14.577420] ffff888103aafd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.577663] ffff888103aafe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.577985] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.539934] ================================================================== [ 14.540623] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.541027] Read of size 1 at addr ffffffffa4a63e8d by task kunit_try_catch/262 [ 14.541297] [ 14.541450] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.541501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.541512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.541534] Call Trace: [ 14.541548] <TASK> [ 14.541566] dump_stack_lvl+0x73/0xb0 [ 14.541613] print_report+0xd1/0x650 [ 14.541637] ? __virt_addr_valid+0x1db/0x2d0 [ 14.541663] ? kasan_global_oob_right+0x286/0x2d0 [ 14.541685] ? kasan_addr_to_slab+0x11/0xa0 [ 14.541706] ? kasan_global_oob_right+0x286/0x2d0 [ 14.541728] kasan_report+0x141/0x180 [ 14.541749] ? kasan_global_oob_right+0x286/0x2d0 [ 14.541776] __asan_report_load1_noabort+0x18/0x20 [ 14.541961] kasan_global_oob_right+0x286/0x2d0 [ 14.541986] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.542009] ? __kasan_check_write+0x18/0x20 [ 14.542028] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.542057] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.542084] ? __pfx_read_tsc+0x10/0x10 [ 14.542110] ? ktime_get_ts64+0x86/0x230 [ 14.542141] kunit_try_run_case+0x1a5/0x480 [ 14.542170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.542193] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.542217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.542241] ? __kthread_parkme+0x82/0x180 [ 14.542264] ? preempt_count_sub+0x50/0x80 [ 14.542290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.542315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.542341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.542366] kthread+0x337/0x6f0 [ 14.542387] ? trace_preempt_on+0x20/0xc0 [ 14.542412] ? __pfx_kthread+0x10/0x10 [ 14.542432] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.542454] ? calculate_sigpending+0x7b/0xa0 [ 14.542478] ? __pfx_kthread+0x10/0x10 [ 14.542499] ret_from_fork+0x116/0x1d0 [ 14.542518] ? __pfx_kthread+0x10/0x10 [ 14.542539] ret_from_fork_asm+0x1a/0x30 [ 14.542570] </TASK> [ 14.542581] [ 14.550488] The buggy address belongs to the variable: [ 14.550769] global_array+0xd/0x40 [ 14.551029] [ 14.551442] The buggy address belongs to the physical page: [ 14.551669] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x36863 [ 14.552184] flags: 0x100000000002000(reserved|node=0|zone=1) [ 14.552423] raw: 0100000000002000 ffffea0000da18c8 ffffea0000da18c8 0000000000000000 [ 14.552670] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.553297] page dumped because: kasan: bad access detected [ 14.553566] [ 14.553675] Memory state around the buggy address: [ 14.553963] ffffffffa4a63d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.554263] ffffffffa4a63e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.554480] >ffffffffa4a63e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.554808] ^ [ 14.555212] ffffffffa4a63f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.555457] ffffffffa4a63f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.555748] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.518109] ================================================================== [ 14.518612] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.518931] Free of addr ffff888103a40001 by task kunit_try_catch/260 [ 14.519359] [ 14.519476] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.519522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.519534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.519554] Call Trace: [ 14.519564] <TASK> [ 14.519580] dump_stack_lvl+0x73/0xb0 [ 14.519622] print_report+0xd1/0x650 [ 14.519645] ? __virt_addr_valid+0x1db/0x2d0 [ 14.519670] ? kasan_addr_to_slab+0x11/0xa0 [ 14.519690] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.519717] kasan_report_invalid_free+0x10a/0x130 [ 14.519742] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.519771] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.519810] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.519835] mempool_free+0x2ec/0x380 [ 14.519862] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.519889] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.519917] ? __kasan_check_write+0x18/0x20 [ 14.519937] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.519960] ? finish_task_switch.isra.0+0x153/0x700 [ 14.519987] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.520013] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.520043] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.520065] ? __pfx_mempool_kfree+0x10/0x10 [ 14.520090] ? __pfx_read_tsc+0x10/0x10 [ 14.520112] ? ktime_get_ts64+0x86/0x230 [ 14.520136] kunit_try_run_case+0x1a5/0x480 [ 14.520160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.520183] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.520207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.520231] ? __kthread_parkme+0x82/0x180 [ 14.520253] ? preempt_count_sub+0x50/0x80 [ 14.520276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.520301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.520325] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.520350] kthread+0x337/0x6f0 [ 14.520368] ? trace_preempt_on+0x20/0xc0 [ 14.520392] ? __pfx_kthread+0x10/0x10 [ 14.520413] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.520435] ? calculate_sigpending+0x7b/0xa0 [ 14.520459] ? __pfx_kthread+0x10/0x10 [ 14.520481] ret_from_fork+0x116/0x1d0 [ 14.520499] ? __pfx_kthread+0x10/0x10 [ 14.520520] ret_from_fork_asm+0x1a/0x30 [ 14.520551] </TASK> [ 14.520561] [ 14.529087] The buggy address belongs to the physical page: [ 14.529303] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a40 [ 14.529832] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.530118] flags: 0x200000000000040(head|node=0|zone=2) [ 14.530300] page_type: f8(unknown) [ 14.530430] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.530779] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.531128] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.531472] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.532023] head: 0200000000000002 ffffea00040e9001 00000000ffffffff 00000000ffffffff [ 14.532320] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.532624] page dumped because: kasan: bad access detected [ 14.532915] [ 14.533004] Memory state around the buggy address: [ 14.533199] ffff888103a3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.533418] ffff888103a3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.533648] >ffff888103a40000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.533884] ^ [ 14.534049] ffff888103a40080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.534369] ffff888103a40100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.534744] ================================================================== [ 14.492718] ================================================================== [ 14.493515] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.494074] Free of addr ffff8881029c7901 by task kunit_try_catch/258 [ 14.494343] [ 14.494463] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.494512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.494524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.494546] Call Trace: [ 14.494559] <TASK> [ 14.494577] dump_stack_lvl+0x73/0xb0 [ 14.494622] print_report+0xd1/0x650 [ 14.494646] ? __virt_addr_valid+0x1db/0x2d0 [ 14.494672] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.494695] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.494723] kasan_report_invalid_free+0x10a/0x130 [ 14.494747] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.494776] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.494816] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.494864] check_slab_allocation+0x11f/0x130 [ 14.494887] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.494911] mempool_free+0x2ec/0x380 [ 14.494939] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.494965] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.494994] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.495017] ? finish_task_switch.isra.0+0x153/0x700 [ 14.495043] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.495068] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.495096] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.495119] ? __pfx_mempool_kfree+0x10/0x10 [ 14.495144] ? __pfx_read_tsc+0x10/0x10 [ 14.495165] ? ktime_get_ts64+0x86/0x230 [ 14.495190] kunit_try_run_case+0x1a5/0x480 [ 14.495216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.495239] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.495263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.495287] ? __kthread_parkme+0x82/0x180 [ 14.495310] ? preempt_count_sub+0x50/0x80 [ 14.495332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.495356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.495382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.495407] kthread+0x337/0x6f0 [ 14.495426] ? trace_preempt_on+0x20/0xc0 [ 14.495451] ? __pfx_kthread+0x10/0x10 [ 14.495471] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.495493] ? calculate_sigpending+0x7b/0xa0 [ 14.495518] ? __pfx_kthread+0x10/0x10 [ 14.495539] ret_from_fork+0x116/0x1d0 [ 14.495557] ? __pfx_kthread+0x10/0x10 [ 14.495578] ret_from_fork_asm+0x1a/0x30 [ 14.495620] </TASK> [ 14.495630] [ 14.504574] Allocated by task 258: [ 14.504777] kasan_save_stack+0x45/0x70 [ 14.504996] kasan_save_track+0x18/0x40 [ 14.505197] kasan_save_alloc_info+0x3b/0x50 [ 14.505413] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.505678] remove_element+0x11e/0x190 [ 14.505926] mempool_alloc_preallocated+0x4d/0x90 [ 14.506086] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.506318] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.506554] kunit_try_run_case+0x1a5/0x480 [ 14.506779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.507077] kthread+0x337/0x6f0 [ 14.507221] ret_from_fork+0x116/0x1d0 [ 14.507387] ret_from_fork_asm+0x1a/0x30 [ 14.507588] [ 14.507679] The buggy address belongs to the object at ffff8881029c7900 [ 14.507679] which belongs to the cache kmalloc-128 of size 128 [ 14.508246] The buggy address is located 1 bytes inside of [ 14.508246] 128-byte region [ffff8881029c7900, ffff8881029c7980) [ 14.508693] [ 14.508776] The buggy address belongs to the physical page: [ 14.509263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c7 [ 14.509575] flags: 0x200000000000000(node=0|zone=2) [ 14.509790] page_type: f5(slab) [ 14.510010] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.510309] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.510573] page dumped because: kasan: bad access detected [ 14.510757] [ 14.510977] Memory state around the buggy address: [ 14.511210] ffff8881029c7800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.511527] ffff8881029c7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.511762] >ffff8881029c7900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.512347] ^ [ 14.512481] ffff8881029c7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.512753] ffff8881029c7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.513062] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.419153] ================================================================== [ 14.419660] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.420101] Free of addr ffff888103966200 by task kunit_try_catch/252 [ 14.420402] [ 14.420512] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.420558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.420569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.420589] Call Trace: [ 14.420618] <TASK> [ 14.420634] dump_stack_lvl+0x73/0xb0 [ 14.420666] print_report+0xd1/0x650 [ 14.420689] ? __virt_addr_valid+0x1db/0x2d0 [ 14.420715] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.420737] ? mempool_double_free_helper+0x184/0x370 [ 14.420762] kasan_report_invalid_free+0x10a/0x130 [ 14.420787] ? mempool_double_free_helper+0x184/0x370 [ 14.420813] ? mempool_double_free_helper+0x184/0x370 [ 14.420835] ? mempool_double_free_helper+0x184/0x370 [ 14.420859] check_slab_allocation+0x101/0x130 [ 14.420935] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.420961] mempool_free+0x2ec/0x380 [ 14.420985] ? mempool_alloc_preallocated+0x5b/0x90 [ 14.421011] mempool_double_free_helper+0x184/0x370 [ 14.421038] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.421068] ? finish_task_switch.isra.0+0x153/0x700 [ 14.421099] mempool_kmalloc_double_free+0xed/0x140 [ 14.421124] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.421152] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.421175] ? __pfx_mempool_kfree+0x10/0x10 [ 14.421201] ? __pfx_read_tsc+0x10/0x10 [ 14.421223] ? ktime_get_ts64+0x86/0x230 [ 14.421249] kunit_try_run_case+0x1a5/0x480 [ 14.421275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.421298] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.421324] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.421348] ? __kthread_parkme+0x82/0x180 [ 14.421370] ? preempt_count_sub+0x50/0x80 [ 14.421393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.421418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.421443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.421468] kthread+0x337/0x6f0 [ 14.421487] ? trace_preempt_on+0x20/0xc0 [ 14.421511] ? __pfx_kthread+0x10/0x10 [ 14.421531] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.421553] ? calculate_sigpending+0x7b/0xa0 [ 14.421577] ? __pfx_kthread+0x10/0x10 [ 14.421609] ret_from_fork+0x116/0x1d0 [ 14.421628] ? __pfx_kthread+0x10/0x10 [ 14.421647] ret_from_fork_asm+0x1a/0x30 [ 14.421679] </TASK> [ 14.421690] [ 14.430741] Allocated by task 252: [ 14.431272] kasan_save_stack+0x45/0x70 [ 14.431512] kasan_save_track+0x18/0x40 [ 14.431704] kasan_save_alloc_info+0x3b/0x50 [ 14.432010] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.432260] remove_element+0x11e/0x190 [ 14.432434] mempool_alloc_preallocated+0x4d/0x90 [ 14.432640] mempool_double_free_helper+0x8a/0x370 [ 14.432990] mempool_kmalloc_double_free+0xed/0x140 [ 14.433191] kunit_try_run_case+0x1a5/0x480 [ 14.433369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.433612] kthread+0x337/0x6f0 [ 14.433792] ret_from_fork+0x116/0x1d0 [ 14.433967] ret_from_fork_asm+0x1a/0x30 [ 14.434137] [ 14.434234] Freed by task 252: [ 14.434374] kasan_save_stack+0x45/0x70 [ 14.434552] kasan_save_track+0x18/0x40 [ 14.434790] kasan_save_free_info+0x3f/0x60 [ 14.435196] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.435421] mempool_free+0x2ec/0x380 [ 14.435615] mempool_double_free_helper+0x109/0x370 [ 14.435803] mempool_kmalloc_double_free+0xed/0x140 [ 14.436107] kunit_try_run_case+0x1a5/0x480 [ 14.436285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.436512] kthread+0x337/0x6f0 [ 14.436646] ret_from_fork+0x116/0x1d0 [ 14.436780] ret_from_fork_asm+0x1a/0x30 [ 14.436923] [ 14.436998] The buggy address belongs to the object at ffff888103966200 [ 14.436998] which belongs to the cache kmalloc-128 of size 128 [ 14.437443] The buggy address is located 0 bytes inside of [ 14.437443] 128-byte region [ffff888103966200, ffff888103966280) [ 14.438528] [ 14.438646] The buggy address belongs to the physical page: [ 14.438878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103966 [ 14.439127] flags: 0x200000000000000(node=0|zone=2) [ 14.439293] page_type: f5(slab) [ 14.439417] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.439658] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.440475] page dumped because: kasan: bad access detected [ 14.440764] [ 14.440860] Memory state around the buggy address: [ 14.441167] ffff888103966100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.441430] ffff888103966180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.441768] >ffff888103966200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.441983] ^ [ 14.442098] ffff888103966280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.442764] ffff888103966300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.443132] ================================================================== [ 14.447769] ================================================================== [ 14.448286] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.448624] Free of addr ffff888102acc000 by task kunit_try_catch/254 [ 14.448908] [ 14.449019] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.449068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.449136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.449159] Call Trace: [ 14.449172] <TASK> [ 14.449189] dump_stack_lvl+0x73/0xb0 [ 14.449222] print_report+0xd1/0x650 [ 14.449244] ? __virt_addr_valid+0x1db/0x2d0 [ 14.449270] ? kasan_addr_to_slab+0x11/0xa0 [ 14.449290] ? mempool_double_free_helper+0x184/0x370 [ 14.449315] kasan_report_invalid_free+0x10a/0x130 [ 14.449341] ? mempool_double_free_helper+0x184/0x370 [ 14.449368] ? mempool_double_free_helper+0x184/0x370 [ 14.449392] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.449417] mempool_free+0x2ec/0x380 [ 14.449444] mempool_double_free_helper+0x184/0x370 [ 14.449468] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.449496] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.449519] ? finish_task_switch.isra.0+0x153/0x700 [ 14.449546] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.449571] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.449611] ? __kasan_check_write+0x18/0x20 [ 14.449632] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.449655] ? __pfx_mempool_kfree+0x10/0x10 [ 14.449681] ? __pfx_read_tsc+0x10/0x10 [ 14.449704] ? ktime_get_ts64+0x86/0x230 [ 14.449729] kunit_try_run_case+0x1a5/0x480 [ 14.449754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.449777] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.449813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.449877] ? __kthread_parkme+0x82/0x180 [ 14.449901] ? preempt_count_sub+0x50/0x80 [ 14.449925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.449950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.449975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.450001] kthread+0x337/0x6f0 [ 14.450020] ? trace_preempt_on+0x20/0xc0 [ 14.450045] ? __pfx_kthread+0x10/0x10 [ 14.450065] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.450087] ? calculate_sigpending+0x7b/0xa0 [ 14.450113] ? __pfx_kthread+0x10/0x10 [ 14.450135] ret_from_fork+0x116/0x1d0 [ 14.450155] ? __pfx_kthread+0x10/0x10 [ 14.450176] ret_from_fork_asm+0x1a/0x30 [ 14.450208] </TASK> [ 14.450220] [ 14.459316] The buggy address belongs to the physical page: [ 14.459505] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102acc [ 14.460130] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.460491] flags: 0x200000000000040(head|node=0|zone=2) [ 14.460737] page_type: f8(unknown) [ 14.461051] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.461352] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.461675] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.462041] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.462279] head: 0200000000000002 ffffea00040ab301 00000000ffffffff 00000000ffffffff [ 14.462635] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.463211] page dumped because: kasan: bad access detected [ 14.463417] [ 14.463517] Memory state around the buggy address: [ 14.463744] ffff888102acbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.464157] ffff888102acbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.464389] >ffff888102acc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.464719] ^ [ 14.464894] ffff888102acc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.465417] ffff888102acc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.465649] ================================================================== [ 14.468994] ================================================================== [ 14.470373] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.470742] Free of addr ffff888103a40000 by task kunit_try_catch/256 [ 14.471210] [ 14.471308] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.471353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.471364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.471384] Call Trace: [ 14.471396] <TASK> [ 14.471411] dump_stack_lvl+0x73/0xb0 [ 14.471440] print_report+0xd1/0x650 [ 14.471463] ? __virt_addr_valid+0x1db/0x2d0 [ 14.471487] ? kasan_addr_to_slab+0x11/0xa0 [ 14.471507] ? mempool_double_free_helper+0x184/0x370 [ 14.471532] kasan_report_invalid_free+0x10a/0x130 [ 14.471557] ? mempool_double_free_helper+0x184/0x370 [ 14.471583] ? mempool_double_free_helper+0x184/0x370 [ 14.471618] __kasan_mempool_poison_pages+0x115/0x130 [ 14.471643] mempool_free+0x290/0x380 [ 14.471670] mempool_double_free_helper+0x184/0x370 [ 14.471694] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.471719] ? update_load_avg+0x1be/0x21b0 [ 14.471746] ? finish_task_switch.isra.0+0x153/0x700 [ 14.471772] mempool_page_alloc_double_free+0xe8/0x140 [ 14.471798] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.471874] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.471898] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.471925] ? __pfx_read_tsc+0x10/0x10 [ 14.471946] ? ktime_get_ts64+0x86/0x230 [ 14.471970] kunit_try_run_case+0x1a5/0x480 [ 14.471995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.472020] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.472044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.472069] ? __kthread_parkme+0x82/0x180 [ 14.472091] ? preempt_count_sub+0x50/0x80 [ 14.472114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.472138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.472162] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.472189] kthread+0x337/0x6f0 [ 14.472208] ? trace_preempt_on+0x20/0xc0 [ 14.472233] ? __pfx_kthread+0x10/0x10 [ 14.472253] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.472275] ? calculate_sigpending+0x7b/0xa0 [ 14.472299] ? __pfx_kthread+0x10/0x10 [ 14.472320] ret_from_fork+0x116/0x1d0 [ 14.472338] ? __pfx_kthread+0x10/0x10 [ 14.472358] ret_from_fork_asm+0x1a/0x30 [ 14.472389] </TASK> [ 14.472399] [ 14.482434] The buggy address belongs to the physical page: [ 14.482730] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a40 [ 14.482982] flags: 0x200000000000000(node=0|zone=2) [ 14.484985] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.485234] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.485453] page dumped because: kasan: bad access detected [ 14.485633] [ 14.485701] Memory state around the buggy address: [ 14.486121] ffff888103a3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.486336] ffff888103a3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.486543] >ffff888103a40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.486810] ^ [ 14.486994] ffff888103a40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.487311] ffff888103a40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.487526] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.399007] ================================================================== [ 14.399959] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.400209] Read of size 1 at addr ffff888103a40000 by task kunit_try_catch/250 [ 14.400433] [ 14.400528] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.400577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.400588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.400621] Call Trace: [ 14.400634] <TASK> [ 14.400652] dump_stack_lvl+0x73/0xb0 [ 14.400683] print_report+0xd1/0x650 [ 14.400705] ? __virt_addr_valid+0x1db/0x2d0 [ 14.400731] ? mempool_uaf_helper+0x392/0x400 [ 14.400755] ? kasan_addr_to_slab+0x11/0xa0 [ 14.400801] ? mempool_uaf_helper+0x392/0x400 [ 14.400825] kasan_report+0x141/0x180 [ 14.400847] ? mempool_uaf_helper+0x392/0x400 [ 14.400874] __asan_report_load1_noabort+0x18/0x20 [ 14.400900] mempool_uaf_helper+0x392/0x400 [ 14.400923] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.400947] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.400972] ? finish_task_switch.isra.0+0x153/0x700 [ 14.401000] mempool_page_alloc_uaf+0xed/0x140 [ 14.401024] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.401051] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.401079] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.401105] ? __pfx_read_tsc+0x10/0x10 [ 14.401128] ? ktime_get_ts64+0x86/0x230 [ 14.401154] kunit_try_run_case+0x1a5/0x480 [ 14.401180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.401203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.401229] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.401253] ? __kthread_parkme+0x82/0x180 [ 14.401275] ? preempt_count_sub+0x50/0x80 [ 14.401298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.401323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.401347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.401372] kthread+0x337/0x6f0 [ 14.401391] ? trace_preempt_on+0x20/0xc0 [ 14.401415] ? __pfx_kthread+0x10/0x10 [ 14.401435] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.401457] ? calculate_sigpending+0x7b/0xa0 [ 14.401482] ? __pfx_kthread+0x10/0x10 [ 14.401503] ret_from_fork+0x116/0x1d0 [ 14.401522] ? __pfx_kthread+0x10/0x10 [ 14.401542] ret_from_fork_asm+0x1a/0x30 [ 14.401588] </TASK> [ 14.401608] [ 14.409549] The buggy address belongs to the physical page: [ 14.409753] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a40 [ 14.410014] flags: 0x200000000000000(node=0|zone=2) [ 14.410269] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.410619] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.410906] page dumped because: kasan: bad access detected [ 14.411078] [ 14.411146] Memory state around the buggy address: [ 14.411564] ffff888103a3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.411909] ffff888103a3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.412426] >ffff888103a40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.412654] ^ [ 14.412770] ffff888103a40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.413433] ffff888103a40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.414166] ================================================================== [ 14.329520] ================================================================== [ 14.330098] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.330763] Read of size 1 at addr ffff888103a40000 by task kunit_try_catch/246 [ 14.331248] [ 14.331349] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.331395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.331407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.331428] Call Trace: [ 14.331441] <TASK> [ 14.331457] dump_stack_lvl+0x73/0xb0 [ 14.331488] print_report+0xd1/0x650 [ 14.331510] ? __virt_addr_valid+0x1db/0x2d0 [ 14.331534] ? mempool_uaf_helper+0x392/0x400 [ 14.331555] ? kasan_addr_to_slab+0x11/0xa0 [ 14.331575] ? mempool_uaf_helper+0x392/0x400 [ 14.331610] kasan_report+0x141/0x180 [ 14.331631] ? mempool_uaf_helper+0x392/0x400 [ 14.331658] __asan_report_load1_noabort+0x18/0x20 [ 14.331683] mempool_uaf_helper+0x392/0x400 [ 14.331705] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.331730] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.331753] ? finish_task_switch.isra.0+0x153/0x700 [ 14.331792] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.331816] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.331844] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.331868] ? __pfx_mempool_kfree+0x10/0x10 [ 14.331917] ? __pfx_read_tsc+0x10/0x10 [ 14.331938] ? ktime_get_ts64+0x86/0x230 [ 14.331963] kunit_try_run_case+0x1a5/0x480 [ 14.331989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.332013] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.332059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.332083] ? __kthread_parkme+0x82/0x180 [ 14.332105] ? preempt_count_sub+0x50/0x80 [ 14.332127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.332151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.332194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.332220] kthread+0x337/0x6f0 [ 14.332238] ? trace_preempt_on+0x20/0xc0 [ 14.332262] ? __pfx_kthread+0x10/0x10 [ 14.332282] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.332303] ? calculate_sigpending+0x7b/0xa0 [ 14.332328] ? __pfx_kthread+0x10/0x10 [ 14.332349] ret_from_fork+0x116/0x1d0 [ 14.332367] ? __pfx_kthread+0x10/0x10 [ 14.332387] ret_from_fork_asm+0x1a/0x30 [ 14.332418] </TASK> [ 14.332428] [ 14.345516] The buggy address belongs to the physical page: [ 14.345920] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a40 [ 14.346421] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.346745] flags: 0x200000000000040(head|node=0|zone=2) [ 14.347036] page_type: f8(unknown) [ 14.347217] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.347573] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.347827] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.348360] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.348813] head: 0200000000000002 ffffea00040e9001 00000000ffffffff 00000000ffffffff [ 14.349170] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.349408] page dumped because: kasan: bad access detected [ 14.349689] [ 14.349785] Memory state around the buggy address: [ 14.350221] ffff888103a3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.350512] ffff888103a3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.350803] >ffff888103a40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.351244] ^ [ 14.351426] ffff888103a40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.351677] ffff888103a40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.352214] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.285017] ================================================================== [ 14.286444] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.287725] Read of size 1 at addr ffff8881029c7500 by task kunit_try_catch/244 [ 14.288630] [ 14.288736] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.288794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.288807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.288829] Call Trace: [ 14.288843] <TASK> [ 14.288861] dump_stack_lvl+0x73/0xb0 [ 14.288896] print_report+0xd1/0x650 [ 14.288919] ? __virt_addr_valid+0x1db/0x2d0 [ 14.288944] ? mempool_uaf_helper+0x392/0x400 [ 14.288966] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.288990] ? mempool_uaf_helper+0x392/0x400 [ 14.289013] kasan_report+0x141/0x180 [ 14.289034] ? mempool_uaf_helper+0x392/0x400 [ 14.289061] __asan_report_load1_noabort+0x18/0x20 [ 14.289086] mempool_uaf_helper+0x392/0x400 [ 14.289108] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.289132] ? __kasan_check_write+0x18/0x20 [ 14.289152] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.289175] ? finish_task_switch.isra.0+0x153/0x700 [ 14.289201] mempool_kmalloc_uaf+0xef/0x140 [ 14.289223] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.289248] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.289274] ? __pfx_mempool_kfree+0x10/0x10 [ 14.289298] ? __pfx_read_tsc+0x10/0x10 [ 14.289319] ? ktime_get_ts64+0x86/0x230 [ 14.289343] kunit_try_run_case+0x1a5/0x480 [ 14.289368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.289391] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.289416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.289440] ? __kthread_parkme+0x82/0x180 [ 14.289460] ? preempt_count_sub+0x50/0x80 [ 14.289483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.289507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.289531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.289556] kthread+0x337/0x6f0 [ 14.289575] ? trace_preempt_on+0x20/0xc0 [ 14.289610] ? __pfx_kthread+0x10/0x10 [ 14.289631] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.289651] ? calculate_sigpending+0x7b/0xa0 [ 14.289676] ? __pfx_kthread+0x10/0x10 [ 14.289696] ret_from_fork+0x116/0x1d0 [ 14.289715] ? __pfx_kthread+0x10/0x10 [ 14.289735] ret_from_fork_asm+0x1a/0x30 [ 14.289766] </TASK> [ 14.289777] [ 14.306104] Allocated by task 244: [ 14.306256] kasan_save_stack+0x45/0x70 [ 14.306416] kasan_save_track+0x18/0x40 [ 14.306552] kasan_save_alloc_info+0x3b/0x50 [ 14.306926] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.307409] remove_element+0x11e/0x190 [ 14.307813] mempool_alloc_preallocated+0x4d/0x90 [ 14.308490] mempool_uaf_helper+0x96/0x400 [ 14.308895] mempool_kmalloc_uaf+0xef/0x140 [ 14.309384] kunit_try_run_case+0x1a5/0x480 [ 14.309838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.310442] kthread+0x337/0x6f0 [ 14.310783] ret_from_fork+0x116/0x1d0 [ 14.311250] ret_from_fork_asm+0x1a/0x30 [ 14.311644] [ 14.311816] Freed by task 244: [ 14.312126] kasan_save_stack+0x45/0x70 [ 14.312561] kasan_save_track+0x18/0x40 [ 14.313031] kasan_save_free_info+0x3f/0x60 [ 14.313429] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.313990] mempool_free+0x2ec/0x380 [ 14.314371] mempool_uaf_helper+0x11a/0x400 [ 14.314520] mempool_kmalloc_uaf+0xef/0x140 [ 14.314675] kunit_try_run_case+0x1a5/0x480 [ 14.314871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.315355] kthread+0x337/0x6f0 [ 14.315680] ret_from_fork+0x116/0x1d0 [ 14.316129] ret_from_fork_asm+0x1a/0x30 [ 14.316510] [ 14.316677] The buggy address belongs to the object at ffff8881029c7500 [ 14.316677] which belongs to the cache kmalloc-128 of size 128 [ 14.317632] The buggy address is located 0 bytes inside of [ 14.317632] freed 128-byte region [ffff8881029c7500, ffff8881029c7580) [ 14.318274] [ 14.318457] The buggy address belongs to the physical page: [ 14.319055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c7 [ 14.319821] flags: 0x200000000000000(node=0|zone=2) [ 14.320405] page_type: f5(slab) [ 14.320536] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.321045] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.321900] page dumped because: kasan: bad access detected [ 14.322331] [ 14.322444] Memory state around the buggy address: [ 14.322685] ffff8881029c7400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.323242] ffff8881029c7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.323930] >ffff8881029c7500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.324247] ^ [ 14.324364] ffff8881029c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.324578] ffff8881029c7600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.325060] ================================================================== [ 14.357720] ================================================================== [ 14.358508] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.359525] Read of size 1 at addr ffff8881029cc240 by task kunit_try_catch/248 [ 14.360322] [ 14.360493] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.360737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.360754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.360776] Call Trace: [ 14.360790] <TASK> [ 14.360809] dump_stack_lvl+0x73/0xb0 [ 14.360844] print_report+0xd1/0x650 [ 14.360867] ? __virt_addr_valid+0x1db/0x2d0 [ 14.360893] ? mempool_uaf_helper+0x392/0x400 [ 14.360915] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.360938] ? mempool_uaf_helper+0x392/0x400 [ 14.360960] kasan_report+0x141/0x180 [ 14.360981] ? mempool_uaf_helper+0x392/0x400 [ 14.361008] __asan_report_load1_noabort+0x18/0x20 [ 14.361033] mempool_uaf_helper+0x392/0x400 [ 14.361056] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.361081] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.361106] ? finish_task_switch.isra.0+0x153/0x700 [ 14.361133] mempool_slab_uaf+0xea/0x140 [ 14.361156] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.361181] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.361208] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.361233] ? __pfx_read_tsc+0x10/0x10 [ 14.361256] ? ktime_get_ts64+0x86/0x230 [ 14.361281] kunit_try_run_case+0x1a5/0x480 [ 14.361306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.361329] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.361355] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.361379] ? __kthread_parkme+0x82/0x180 [ 14.361401] ? preempt_count_sub+0x50/0x80 [ 14.361424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.361448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.361473] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.361498] kthread+0x337/0x6f0 [ 14.361516] ? trace_preempt_on+0x20/0xc0 [ 14.361540] ? __pfx_kthread+0x10/0x10 [ 14.361560] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.361582] ? calculate_sigpending+0x7b/0xa0 [ 14.361619] ? __pfx_kthread+0x10/0x10 [ 14.361640] ret_from_fork+0x116/0x1d0 [ 14.361659] ? __pfx_kthread+0x10/0x10 [ 14.361679] ret_from_fork_asm+0x1a/0x30 [ 14.361711] </TASK> [ 14.361721] [ 14.375533] Allocated by task 248: [ 14.375900] kasan_save_stack+0x45/0x70 [ 14.376202] kasan_save_track+0x18/0x40 [ 14.376611] kasan_save_alloc_info+0x3b/0x50 [ 14.377084] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.377609] remove_element+0x11e/0x190 [ 14.377753] mempool_alloc_preallocated+0x4d/0x90 [ 14.378211] mempool_uaf_helper+0x96/0x400 [ 14.378694] mempool_slab_uaf+0xea/0x140 [ 14.379196] kunit_try_run_case+0x1a5/0x480 [ 14.379554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.379746] kthread+0x337/0x6f0 [ 14.380157] ret_from_fork+0x116/0x1d0 [ 14.380538] ret_from_fork_asm+0x1a/0x30 [ 14.380962] [ 14.381152] Freed by task 248: [ 14.381514] kasan_save_stack+0x45/0x70 [ 14.381736] kasan_save_track+0x18/0x40 [ 14.382031] kasan_save_free_info+0x3f/0x60 [ 14.382523] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.383044] mempool_free+0x2ec/0x380 [ 14.383302] mempool_uaf_helper+0x11a/0x400 [ 14.383643] mempool_slab_uaf+0xea/0x140 [ 14.384093] kunit_try_run_case+0x1a5/0x480 [ 14.384427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.384617] kthread+0x337/0x6f0 [ 14.384737] ret_from_fork+0x116/0x1d0 [ 14.384965] ret_from_fork_asm+0x1a/0x30 [ 14.385112] [ 14.385183] The buggy address belongs to the object at ffff8881029cc240 [ 14.385183] which belongs to the cache test_cache of size 123 [ 14.385545] The buggy address is located 0 bytes inside of [ 14.385545] freed 123-byte region [ffff8881029cc240, ffff8881029cc2bb) [ 14.386027] [ 14.386106] The buggy address belongs to the physical page: [ 14.386358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 14.387021] flags: 0x200000000000000(node=0|zone=2) [ 14.387246] page_type: f5(slab) [ 14.387414] raw: 0200000000000000 ffff8881029c4140 dead000000000122 0000000000000000 [ 14.387764] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.388607] page dumped because: kasan: bad access detected [ 14.388802] [ 14.388873] Memory state around the buggy address: [ 14.389031] ffff8881029cc100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.389252] ffff8881029cc180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.389469] >ffff8881029cc200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.389693] ^ [ 14.389861] ffff8881029cc280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.390078] ffff8881029cc300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.390290] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.227901] ================================================================== [ 14.228440] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.228796] Read of size 1 at addr ffff888102ac6001 by task kunit_try_catch/240 [ 14.229258] [ 14.229381] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.229432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.229444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.229466] Call Trace: [ 14.229479] <TASK> [ 14.229497] dump_stack_lvl+0x73/0xb0 [ 14.229533] print_report+0xd1/0x650 [ 14.229556] ? __virt_addr_valid+0x1db/0x2d0 [ 14.229581] ? mempool_oob_right_helper+0x318/0x380 [ 14.229662] ? kasan_addr_to_slab+0x11/0xa0 [ 14.229683] ? mempool_oob_right_helper+0x318/0x380 [ 14.229707] kasan_report+0x141/0x180 [ 14.229729] ? mempool_oob_right_helper+0x318/0x380 [ 14.229758] __asan_report_load1_noabort+0x18/0x20 [ 14.229782] mempool_oob_right_helper+0x318/0x380 [ 14.229807] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.229833] ? __kasan_check_write+0x18/0x20 [ 14.229852] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.229877] ? finish_task_switch.isra.0+0x153/0x700 [ 14.229904] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 14.229929] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.229957] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.230053] ? __pfx_mempool_kfree+0x10/0x10 [ 14.230078] ? __pfx_read_tsc+0x10/0x10 [ 14.230101] ? ktime_get_ts64+0x86/0x230 [ 14.230127] kunit_try_run_case+0x1a5/0x480 [ 14.230153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.230176] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.230203] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.230226] ? __kthread_parkme+0x82/0x180 [ 14.230248] ? preempt_count_sub+0x50/0x80 [ 14.230271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.230295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.230319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.230344] kthread+0x337/0x6f0 [ 14.230363] ? trace_preempt_on+0x20/0xc0 [ 14.230388] ? __pfx_kthread+0x10/0x10 [ 14.230408] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.230429] ? calculate_sigpending+0x7b/0xa0 [ 14.230455] ? __pfx_kthread+0x10/0x10 [ 14.230475] ret_from_fork+0x116/0x1d0 [ 14.230493] ? __pfx_kthread+0x10/0x10 [ 14.230513] ret_from_fork_asm+0x1a/0x30 [ 14.230546] </TASK> [ 14.230557] [ 14.242635] The buggy address belongs to the physical page: [ 14.243094] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 14.243445] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.243975] flags: 0x200000000000040(head|node=0|zone=2) [ 14.244306] page_type: f8(unknown) [ 14.244613] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.245219] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.245524] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.246054] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.246383] head: 0200000000000002 ffffea00040ab101 00000000ffffffff 00000000ffffffff [ 14.246880] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.247354] page dumped because: kasan: bad access detected [ 14.247715] [ 14.247883] Memory state around the buggy address: [ 14.248241] ffff888102ac5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.248642] ffff888102ac5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.249149] >ffff888102ac6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.249561] ^ [ 14.249813] ffff888102ac6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.250271] ffff888102ac6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.250677] ================================================================== [ 14.255285] ================================================================== [ 14.255847] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.256361] Read of size 1 at addr ffff8881039662bb by task kunit_try_catch/242 [ 14.256707] [ 14.257059] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.257130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.257143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.257165] Call Trace: [ 14.257177] <TASK> [ 14.257194] dump_stack_lvl+0x73/0xb0 [ 14.257227] print_report+0xd1/0x650 [ 14.257251] ? __virt_addr_valid+0x1db/0x2d0 [ 14.257275] ? mempool_oob_right_helper+0x318/0x380 [ 14.257299] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.257321] ? mempool_oob_right_helper+0x318/0x380 [ 14.257346] kasan_report+0x141/0x180 [ 14.257367] ? mempool_oob_right_helper+0x318/0x380 [ 14.257396] __asan_report_load1_noabort+0x18/0x20 [ 14.257421] mempool_oob_right_helper+0x318/0x380 [ 14.257446] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.257469] ? update_load_avg+0x1be/0x21b0 [ 14.257497] ? finish_task_switch.isra.0+0x153/0x700 [ 14.257522] mempool_slab_oob_right+0xed/0x140 [ 14.257548] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.257574] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.257614] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.257640] ? __pfx_read_tsc+0x10/0x10 [ 14.257661] ? ktime_get_ts64+0x86/0x230 [ 14.257686] kunit_try_run_case+0x1a5/0x480 [ 14.257713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.257735] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.257761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.257797] ? __kthread_parkme+0x82/0x180 [ 14.258023] ? preempt_count_sub+0x50/0x80 [ 14.258048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.258072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.258097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.258123] kthread+0x337/0x6f0 [ 14.258141] ? trace_preempt_on+0x20/0xc0 [ 14.258166] ? __pfx_kthread+0x10/0x10 [ 14.258186] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.258209] ? calculate_sigpending+0x7b/0xa0 [ 14.258234] ? __pfx_kthread+0x10/0x10 [ 14.258254] ret_from_fork+0x116/0x1d0 [ 14.258273] ? __pfx_kthread+0x10/0x10 [ 14.258293] ret_from_fork_asm+0x1a/0x30 [ 14.258324] </TASK> [ 14.258335] [ 14.267478] Allocated by task 242: [ 14.267678] kasan_save_stack+0x45/0x70 [ 14.267856] kasan_save_track+0x18/0x40 [ 14.267993] kasan_save_alloc_info+0x3b/0x50 [ 14.268461] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.268737] remove_element+0x11e/0x190 [ 14.268988] mempool_alloc_preallocated+0x4d/0x90 [ 14.269182] mempool_oob_right_helper+0x8a/0x380 [ 14.269334] mempool_slab_oob_right+0xed/0x140 [ 14.269483] kunit_try_run_case+0x1a5/0x480 [ 14.269651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.269956] kthread+0x337/0x6f0 [ 14.270158] ret_from_fork+0x116/0x1d0 [ 14.270460] ret_from_fork_asm+0x1a/0x30 [ 14.270700] [ 14.271041] The buggy address belongs to the object at ffff888103966240 [ 14.271041] which belongs to the cache test_cache of size 123 [ 14.271465] The buggy address is located 0 bytes to the right of [ 14.271465] allocated 123-byte region [ffff888103966240, ffff8881039662bb) [ 14.271834] [ 14.271905] The buggy address belongs to the physical page: [ 14.272251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103966 [ 14.272668] flags: 0x200000000000000(node=0|zone=2) [ 14.272933] page_type: f5(slab) [ 14.273239] raw: 0200000000000000 ffff88810395f280 dead000000000122 0000000000000000 [ 14.273656] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.274159] page dumped because: kasan: bad access detected [ 14.274424] [ 14.274507] Memory state around the buggy address: [ 14.274679] ffff888103966180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.275241] ffff888103966200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.275568] >ffff888103966280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.275993] ^ [ 14.276209] ffff888103966300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.276527] ffff888103966380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.276857] ================================================================== [ 14.200339] ================================================================== [ 14.200763] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.201787] Read of size 1 at addr ffff8881029c7173 by task kunit_try_catch/238 [ 14.202299] [ 14.202440] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.202517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.202529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.202551] Call Trace: [ 14.202564] <TASK> [ 14.202583] dump_stack_lvl+0x73/0xb0 [ 14.202631] print_report+0xd1/0x650 [ 14.202656] ? __virt_addr_valid+0x1db/0x2d0 [ 14.202682] ? mempool_oob_right_helper+0x318/0x380 [ 14.202705] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.202729] ? mempool_oob_right_helper+0x318/0x380 [ 14.202753] kasan_report+0x141/0x180 [ 14.202774] ? mempool_oob_right_helper+0x318/0x380 [ 14.202816] __asan_report_load1_noabort+0x18/0x20 [ 14.202846] mempool_oob_right_helper+0x318/0x380 [ 14.202871] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.202898] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.202923] ? finish_task_switch.isra.0+0x153/0x700 [ 14.202949] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.202973] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 14.202999] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.203025] ? __pfx_mempool_kfree+0x10/0x10 [ 14.203050] ? __pfx_read_tsc+0x10/0x10 [ 14.203072] ? ktime_get_ts64+0x86/0x230 [ 14.203097] kunit_try_run_case+0x1a5/0x480 [ 14.203124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.203146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.203172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.203195] ? __kthread_parkme+0x82/0x180 [ 14.203217] ? preempt_count_sub+0x50/0x80 [ 14.203240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.203264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.203288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.203313] kthread+0x337/0x6f0 [ 14.203331] ? trace_preempt_on+0x20/0xc0 [ 14.203356] ? __pfx_kthread+0x10/0x10 [ 14.203375] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.203397] ? calculate_sigpending+0x7b/0xa0 [ 14.203422] ? __pfx_kthread+0x10/0x10 [ 14.203443] ret_from_fork+0x116/0x1d0 [ 14.203461] ? __pfx_kthread+0x10/0x10 [ 14.203481] ret_from_fork_asm+0x1a/0x30 [ 14.203513] </TASK> [ 14.203523] [ 14.211627] Allocated by task 238: [ 14.211828] kasan_save_stack+0x45/0x70 [ 14.211972] kasan_save_track+0x18/0x40 [ 14.212102] kasan_save_alloc_info+0x3b/0x50 [ 14.212246] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.212413] remove_element+0x11e/0x190 [ 14.212547] mempool_alloc_preallocated+0x4d/0x90 [ 14.212710] mempool_oob_right_helper+0x8a/0x380 [ 14.212917] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.213134] kunit_try_run_case+0x1a5/0x480 [ 14.213345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.213639] kthread+0x337/0x6f0 [ 14.213841] ret_from_fork+0x116/0x1d0 [ 14.214063] ret_from_fork_asm+0x1a/0x30 [ 14.214265] [ 14.214363] The buggy address belongs to the object at ffff8881029c7100 [ 14.214363] which belongs to the cache kmalloc-128 of size 128 [ 14.214792] The buggy address is located 0 bytes to the right of [ 14.214792] allocated 115-byte region [ffff8881029c7100, ffff8881029c7173) [ 14.215237] [ 14.215308] The buggy address belongs to the physical page: [ 14.215474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c7 [ 14.215808] flags: 0x200000000000000(node=0|zone=2) [ 14.216036] page_type: f5(slab) [ 14.216210] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.216552] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.216793] page dumped because: kasan: bad access detected [ 14.217958] [ 14.218086] Memory state around the buggy address: [ 14.218319] ffff8881029c7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.218659] ffff8881029c7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.218893] >ffff8881029c7100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.219136] ^ [ 14.219430] ffff8881029c7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.220018] ffff8881029c7200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.220233] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.629556] ================================================================== [ 13.630420] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.630967] Read of size 1 at addr ffff888100eebdc0 by task kunit_try_catch/232 [ 13.631728] [ 13.632136] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.632190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.632201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.632223] Call Trace: [ 13.632239] <TASK> [ 13.632259] dump_stack_lvl+0x73/0xb0 [ 13.632295] print_report+0xd1/0x650 [ 13.632319] ? __virt_addr_valid+0x1db/0x2d0 [ 13.632344] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.632370] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.632393] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.632419] kasan_report+0x141/0x180 [ 13.632441] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.632468] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.632493] __kasan_check_byte+0x3d/0x50 [ 13.632515] kmem_cache_destroy+0x25/0x1d0 [ 13.632539] kmem_cache_double_destroy+0x1bf/0x380 [ 13.632564] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.632589] ? finish_task_switch.isra.0+0x153/0x700 [ 13.632630] ? __switch_to+0x47/0xf50 [ 13.632659] ? __pfx_read_tsc+0x10/0x10 [ 13.632681] ? ktime_get_ts64+0x86/0x230 [ 13.632707] kunit_try_run_case+0x1a5/0x480 [ 13.632734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.632757] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.632793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.632830] ? __kthread_parkme+0x82/0x180 [ 13.632853] ? preempt_count_sub+0x50/0x80 [ 13.632875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.632899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.632924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.632949] kthread+0x337/0x6f0 [ 13.632967] ? trace_preempt_on+0x20/0xc0 [ 13.632991] ? __pfx_kthread+0x10/0x10 [ 13.633011] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.633032] ? calculate_sigpending+0x7b/0xa0 [ 13.633057] ? __pfx_kthread+0x10/0x10 [ 13.633078] ret_from_fork+0x116/0x1d0 [ 13.633098] ? __pfx_kthread+0x10/0x10 [ 13.633118] ret_from_fork_asm+0x1a/0x30 [ 13.633152] </TASK> [ 13.633162] [ 13.644512] Allocated by task 232: [ 13.644719] kasan_save_stack+0x45/0x70 [ 13.645067] kasan_save_track+0x18/0x40 [ 13.645231] kasan_save_alloc_info+0x3b/0x50 [ 13.645449] __kasan_slab_alloc+0x91/0xa0 [ 13.645618] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.645894] __kmem_cache_create_args+0x169/0x240 [ 13.646145] kmem_cache_double_destroy+0xd5/0x380 [ 13.646351] kunit_try_run_case+0x1a5/0x480 [ 13.646564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.646757] kthread+0x337/0x6f0 [ 13.646930] ret_from_fork+0x116/0x1d0 [ 13.647125] ret_from_fork_asm+0x1a/0x30 [ 13.647299] [ 13.647713] Freed by task 232: [ 13.647916] kasan_save_stack+0x45/0x70 [ 13.648110] kasan_save_track+0x18/0x40 [ 13.648263] kasan_save_free_info+0x3f/0x60 [ 13.648441] __kasan_slab_free+0x56/0x70 [ 13.648656] kmem_cache_free+0x249/0x420 [ 13.649523] slab_kmem_cache_release+0x2e/0x40 [ 13.649721] kmem_cache_release+0x16/0x20 [ 13.650025] kobject_put+0x181/0x450 [ 13.650479] sysfs_slab_release+0x16/0x20 [ 13.650761] kmem_cache_destroy+0xf0/0x1d0 [ 13.651155] kmem_cache_double_destroy+0x14e/0x380 [ 13.651391] kunit_try_run_case+0x1a5/0x480 [ 13.651610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.652122] kthread+0x337/0x6f0 [ 13.652289] ret_from_fork+0x116/0x1d0 [ 13.652456] ret_from_fork_asm+0x1a/0x30 [ 13.653050] [ 13.653162] The buggy address belongs to the object at ffff888100eebdc0 [ 13.653162] which belongs to the cache kmem_cache of size 208 [ 13.653625] The buggy address is located 0 bytes inside of [ 13.653625] freed 208-byte region [ffff888100eebdc0, ffff888100eebe90) [ 13.654141] [ 13.654241] The buggy address belongs to the physical page: [ 13.654466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100eeb [ 13.654812] flags: 0x200000000000000(node=0|zone=2) [ 13.655006] page_type: f5(slab) [ 13.655209] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.655584] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.655914] page dumped because: kasan: bad access detected [ 13.656150] [ 13.656242] Memory state around the buggy address: [ 13.656425] ffff888100eebc80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.656671] ffff888100eebd00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.657149] >ffff888100eebd80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.657689] ^ [ 13.658554] ffff888100eebe00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.659074] ffff888100eebe80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.659460] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.569172] ================================================================== [ 13.569765] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.570294] Read of size 1 at addr ffff888103961000 by task kunit_try_catch/230 [ 13.570589] [ 13.570700] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.570751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.570763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.570814] Call Trace: [ 13.570832] <TASK> [ 13.570852] dump_stack_lvl+0x73/0xb0 [ 13.570902] print_report+0xd1/0x650 [ 13.570926] ? __virt_addr_valid+0x1db/0x2d0 [ 13.570951] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.571033] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.571057] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.571080] kasan_report+0x141/0x180 [ 13.571144] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.571175] __asan_report_load1_noabort+0x18/0x20 [ 13.571200] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.571226] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.571250] ? finish_task_switch.isra.0+0x153/0x700 [ 13.571275] ? __switch_to+0x47/0xf50 [ 13.571305] ? __pfx_read_tsc+0x10/0x10 [ 13.571327] ? ktime_get_ts64+0x86/0x230 [ 13.571353] kunit_try_run_case+0x1a5/0x480 [ 13.571379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.571428] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.571454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.571478] ? __kthread_parkme+0x82/0x180 [ 13.571510] ? preempt_count_sub+0x50/0x80 [ 13.571533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.571585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.571625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.571650] kthread+0x337/0x6f0 [ 13.571668] ? trace_preempt_on+0x20/0xc0 [ 13.571693] ? __pfx_kthread+0x10/0x10 [ 13.571713] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.571734] ? calculate_sigpending+0x7b/0xa0 [ 13.571758] ? __pfx_kthread+0x10/0x10 [ 13.572224] ret_from_fork+0x116/0x1d0 [ 13.572248] ? __pfx_kthread+0x10/0x10 [ 13.572268] ret_from_fork_asm+0x1a/0x30 [ 13.572301] </TASK> [ 13.572312] [ 13.580864] Allocated by task 230: [ 13.581060] kasan_save_stack+0x45/0x70 [ 13.581581] kasan_save_track+0x18/0x40 [ 13.581758] kasan_save_alloc_info+0x3b/0x50 [ 13.582113] __kasan_slab_alloc+0x91/0xa0 [ 13.582269] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.582476] kmem_cache_rcu_uaf+0x155/0x510 [ 13.582696] kunit_try_run_case+0x1a5/0x480 [ 13.582962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.583189] kthread+0x337/0x6f0 [ 13.583457] ret_from_fork+0x116/0x1d0 [ 13.583617] ret_from_fork_asm+0x1a/0x30 [ 13.583902] [ 13.584060] Freed by task 0: [ 13.584190] kasan_save_stack+0x45/0x70 [ 13.584330] kasan_save_track+0x18/0x40 [ 13.584528] kasan_save_free_info+0x3f/0x60 [ 13.584756] __kasan_slab_free+0x56/0x70 [ 13.585039] slab_free_after_rcu_debug+0xe4/0x310 [ 13.585515] rcu_core+0x66f/0x1c40 [ 13.585710] rcu_core_si+0x12/0x20 [ 13.586107] handle_softirqs+0x209/0x730 [ 13.586255] __irq_exit_rcu+0xc9/0x110 [ 13.586452] irq_exit_rcu+0x12/0x20 [ 13.586661] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.586908] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.587283] [ 13.587399] Last potentially related work creation: [ 13.587561] kasan_save_stack+0x45/0x70 [ 13.587731] kasan_record_aux_stack+0xb2/0xc0 [ 13.588178] kmem_cache_free+0x131/0x420 [ 13.589041] kmem_cache_rcu_uaf+0x194/0x510 [ 13.589378] kunit_try_run_case+0x1a5/0x480 [ 13.589824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.590132] kthread+0x337/0x6f0 [ 13.590268] ret_from_fork+0x116/0x1d0 [ 13.590460] ret_from_fork_asm+0x1a/0x30 [ 13.590660] [ 13.590746] The buggy address belongs to the object at ffff888103961000 [ 13.590746] which belongs to the cache test_cache of size 200 [ 13.591921] The buggy address is located 0 bytes inside of [ 13.591921] freed 200-byte region [ffff888103961000, ffff8881039610c8) [ 13.592605] [ 13.592718] The buggy address belongs to the physical page: [ 13.593007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103961 [ 13.593584] flags: 0x200000000000000(node=0|zone=2) [ 13.594024] page_type: f5(slab) [ 13.594201] raw: 0200000000000000 ffff88810395f000 dead000000000122 0000000000000000 [ 13.594532] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.594953] page dumped because: kasan: bad access detected [ 13.595425] [ 13.595507] Memory state around the buggy address: [ 13.596046] ffff888103960f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.596554] ffff888103960f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.597232] >ffff888103961000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.597737] ^ [ 13.597956] ffff888103961080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.598277] ffff888103961100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.598585] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.498729] ================================================================== [ 13.499348] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.500033] Free of addr ffff8881029c1001 by task kunit_try_catch/228 [ 13.500860] [ 13.501102] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.501151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.501162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.501183] Call Trace: [ 13.501197] <TASK> [ 13.501217] dump_stack_lvl+0x73/0xb0 [ 13.501254] print_report+0xd1/0x650 [ 13.501278] ? __virt_addr_valid+0x1db/0x2d0 [ 13.501305] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.501327] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.501353] kasan_report_invalid_free+0x10a/0x130 [ 13.501377] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.501403] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.501427] check_slab_allocation+0x11f/0x130 [ 13.501449] __kasan_slab_pre_free+0x28/0x40 [ 13.501469] kmem_cache_free+0xed/0x420 [ 13.501489] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.501510] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.501537] kmem_cache_invalid_free+0x1d8/0x460 [ 13.501561] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.501585] ? finish_task_switch.isra.0+0x153/0x700 [ 13.501620] ? __switch_to+0x47/0xf50 [ 13.501649] ? __pfx_read_tsc+0x10/0x10 [ 13.501671] ? ktime_get_ts64+0x86/0x230 [ 13.501696] kunit_try_run_case+0x1a5/0x480 [ 13.501722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.501745] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.501789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.501850] ? __kthread_parkme+0x82/0x180 [ 13.501872] ? preempt_count_sub+0x50/0x80 [ 13.501894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.501918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.501942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.501966] kthread+0x337/0x6f0 [ 13.501985] ? trace_preempt_on+0x20/0xc0 [ 13.502009] ? __pfx_kthread+0x10/0x10 [ 13.502029] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.502050] ? calculate_sigpending+0x7b/0xa0 [ 13.502074] ? __pfx_kthread+0x10/0x10 [ 13.502095] ret_from_fork+0x116/0x1d0 [ 13.502113] ? __pfx_kthread+0x10/0x10 [ 13.502133] ret_from_fork_asm+0x1a/0x30 [ 13.502164] </TASK> [ 13.502174] [ 13.514161] Allocated by task 228: [ 13.514502] kasan_save_stack+0x45/0x70 [ 13.514974] kasan_save_track+0x18/0x40 [ 13.515322] kasan_save_alloc_info+0x3b/0x50 [ 13.515727] __kasan_slab_alloc+0x91/0xa0 [ 13.516149] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.516561] kmem_cache_invalid_free+0x157/0x460 [ 13.517036] kunit_try_run_case+0x1a5/0x480 [ 13.517421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.517989] kthread+0x337/0x6f0 [ 13.518297] ret_from_fork+0x116/0x1d0 [ 13.518658] ret_from_fork_asm+0x1a/0x30 [ 13.519068] [ 13.519164] The buggy address belongs to the object at ffff8881029c1000 [ 13.519164] which belongs to the cache test_cache of size 200 [ 13.519521] The buggy address is located 1 bytes inside of [ 13.519521] 200-byte region [ffff8881029c1000, ffff8881029c10c8) [ 13.520449] [ 13.520620] The buggy address belongs to the physical page: [ 13.521142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c1 [ 13.521887] flags: 0x200000000000000(node=0|zone=2) [ 13.522145] page_type: f5(slab) [ 13.522271] raw: 0200000000000000 ffff888100eebc80 dead000000000122 0000000000000000 [ 13.522503] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.523147] page dumped because: kasan: bad access detected [ 13.523636] [ 13.523789] Memory state around the buggy address: [ 13.524283] ffff8881029c0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.524957] ffff8881029c0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.525384] >ffff8881029c1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.525608] ^ [ 13.525723] ffff8881029c1080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.526275] ffff8881029c1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.526933] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.456912] ================================================================== [ 13.458865] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.459401] Free of addr ffff88810395e000 by task kunit_try_catch/226 [ 13.459626] [ 13.459722] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.459769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.460018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.460045] Call Trace: [ 13.460061] <TASK> [ 13.460080] dump_stack_lvl+0x73/0xb0 [ 13.460115] print_report+0xd1/0x650 [ 13.460139] ? __virt_addr_valid+0x1db/0x2d0 [ 13.460406] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.460436] ? kmem_cache_double_free+0x1e5/0x480 [ 13.460477] kasan_report_invalid_free+0x10a/0x130 [ 13.460502] ? kmem_cache_double_free+0x1e5/0x480 [ 13.460528] ? kmem_cache_double_free+0x1e5/0x480 [ 13.460564] check_slab_allocation+0x101/0x130 [ 13.460585] __kasan_slab_pre_free+0x28/0x40 [ 13.460615] kmem_cache_free+0xed/0x420 [ 13.460635] ? kasan_save_track+0x18/0x40 [ 13.460654] ? kasan_save_stack+0x45/0x70 [ 13.460672] ? kmem_cache_double_free+0x1e5/0x480 [ 13.460696] ? __kasan_slab_free+0x61/0x70 [ 13.460717] kmem_cache_double_free+0x1e5/0x480 [ 13.460742] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.460766] ? finish_task_switch.isra.0+0x153/0x700 [ 13.460798] ? __switch_to+0x47/0xf50 [ 13.460838] ? __pfx_read_tsc+0x10/0x10 [ 13.460859] ? ktime_get_ts64+0x86/0x230 [ 13.460884] kunit_try_run_case+0x1a5/0x480 [ 13.460909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.460932] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.460957] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.460980] ? __kthread_parkme+0x82/0x180 [ 13.461001] ? preempt_count_sub+0x50/0x80 [ 13.461023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.461046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.461070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.461094] kthread+0x337/0x6f0 [ 13.461112] ? trace_preempt_on+0x20/0xc0 [ 13.461135] ? __pfx_kthread+0x10/0x10 [ 13.461155] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.461176] ? calculate_sigpending+0x7b/0xa0 [ 13.461201] ? __pfx_kthread+0x10/0x10 [ 13.461222] ret_from_fork+0x116/0x1d0 [ 13.461239] ? __pfx_kthread+0x10/0x10 [ 13.461259] ret_from_fork_asm+0x1a/0x30 [ 13.461290] </TASK> [ 13.461300] [ 13.474633] Allocated by task 226: [ 13.474904] kasan_save_stack+0x45/0x70 [ 13.475102] kasan_save_track+0x18/0x40 [ 13.475278] kasan_save_alloc_info+0x3b/0x50 [ 13.475476] __kasan_slab_alloc+0x91/0xa0 [ 13.475671] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.476437] kmem_cache_double_free+0x14f/0x480 [ 13.477158] kunit_try_run_case+0x1a5/0x480 [ 13.477443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.478118] kthread+0x337/0x6f0 [ 13.478455] ret_from_fork+0x116/0x1d0 [ 13.478647] ret_from_fork_asm+0x1a/0x30 [ 13.479115] [ 13.479353] Freed by task 226: [ 13.479526] kasan_save_stack+0x45/0x70 [ 13.479717] kasan_save_track+0x18/0x40 [ 13.480195] kasan_save_free_info+0x3f/0x60 [ 13.480549] __kasan_slab_free+0x56/0x70 [ 13.480741] kmem_cache_free+0x249/0x420 [ 13.481489] kmem_cache_double_free+0x16a/0x480 [ 13.481801] kunit_try_run_case+0x1a5/0x480 [ 13.482288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.482678] kthread+0x337/0x6f0 [ 13.483107] ret_from_fork+0x116/0x1d0 [ 13.483308] ret_from_fork_asm+0x1a/0x30 [ 13.483491] [ 13.483581] The buggy address belongs to the object at ffff88810395e000 [ 13.483581] which belongs to the cache test_cache of size 200 [ 13.484134] The buggy address is located 0 bytes inside of [ 13.484134] 200-byte region [ffff88810395e000, ffff88810395e0c8) [ 13.484977] [ 13.485086] The buggy address belongs to the physical page: [ 13.485264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10395e [ 13.485629] flags: 0x200000000000000(node=0|zone=2) [ 13.486045] page_type: f5(slab) [ 13.486272] raw: 0200000000000000 ffff8881018c9dc0 dead000000000122 0000000000000000 [ 13.486606] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.487105] page dumped because: kasan: bad access detected [ 13.487431] [ 13.487545] Memory state around the buggy address: [ 13.487738] ffff88810395df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.488174] ffff88810395df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.488425] >ffff88810395e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.488747] ^ [ 13.489146] ffff88810395e080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.489548] ffff88810395e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.489842] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.419142] ================================================================== [ 13.419577] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.419943] Read of size 1 at addr ffff88810395a0c8 by task kunit_try_catch/224 [ 13.420309] [ 13.420424] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.420473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.420483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.420504] Call Trace: [ 13.420517] <TASK> [ 13.420535] dump_stack_lvl+0x73/0xb0 [ 13.420567] print_report+0xd1/0x650 [ 13.420591] ? __virt_addr_valid+0x1db/0x2d0 [ 13.420629] ? kmem_cache_oob+0x402/0x530 [ 13.420651] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.420674] ? kmem_cache_oob+0x402/0x530 [ 13.420697] kasan_report+0x141/0x180 [ 13.420718] ? kmem_cache_oob+0x402/0x530 [ 13.420745] __asan_report_load1_noabort+0x18/0x20 [ 13.420769] kmem_cache_oob+0x402/0x530 [ 13.420800] ? trace_hardirqs_on+0x37/0xe0 [ 13.420908] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.420936] ? finish_task_switch.isra.0+0x153/0x700 [ 13.420960] ? __switch_to+0x47/0xf50 [ 13.420988] ? __pfx_read_tsc+0x10/0x10 [ 13.421010] ? ktime_get_ts64+0x86/0x230 [ 13.421036] kunit_try_run_case+0x1a5/0x480 [ 13.421062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.421085] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.421110] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.421134] ? __kthread_parkme+0x82/0x180 [ 13.421158] ? preempt_count_sub+0x50/0x80 [ 13.421181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.421208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.421233] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.421257] kthread+0x337/0x6f0 [ 13.421276] ? trace_preempt_on+0x20/0xc0 [ 13.421299] ? __pfx_kthread+0x10/0x10 [ 13.421320] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.421341] ? calculate_sigpending+0x7b/0xa0 [ 13.421365] ? __pfx_kthread+0x10/0x10 [ 13.421386] ret_from_fork+0x116/0x1d0 [ 13.421404] ? __pfx_kthread+0x10/0x10 [ 13.421424] ret_from_fork_asm+0x1a/0x30 [ 13.421455] </TASK> [ 13.421465] [ 13.429663] Allocated by task 224: [ 13.429801] kasan_save_stack+0x45/0x70 [ 13.429950] kasan_save_track+0x18/0x40 [ 13.430146] kasan_save_alloc_info+0x3b/0x50 [ 13.430535] __kasan_slab_alloc+0x91/0xa0 [ 13.430754] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.431097] kmem_cache_oob+0x157/0x530 [ 13.431239] kunit_try_run_case+0x1a5/0x480 [ 13.431425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.431696] kthread+0x337/0x6f0 [ 13.431943] ret_from_fork+0x116/0x1d0 [ 13.432141] ret_from_fork_asm+0x1a/0x30 [ 13.432333] [ 13.432419] The buggy address belongs to the object at ffff88810395a000 [ 13.432419] which belongs to the cache test_cache of size 200 [ 13.432821] The buggy address is located 0 bytes to the right of [ 13.432821] allocated 200-byte region [ffff88810395a000, ffff88810395a0c8) [ 13.433306] [ 13.433403] The buggy address belongs to the physical page: [ 13.433778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10395a [ 13.434068] flags: 0x200000000000000(node=0|zone=2) [ 13.434234] page_type: f5(slab) [ 13.434356] raw: 0200000000000000 ffff8881018c9c80 dead000000000122 0000000000000000 [ 13.434699] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.435140] page dumped because: kasan: bad access detected [ 13.435398] [ 13.435491] Memory state around the buggy address: [ 13.435682] ffff888103959f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.437504] ffff88810395a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.438030] >ffff88810395a080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.438258] ^ [ 13.438442] ffff88810395a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.438673] ffff88810395a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.438902] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.381534] ================================================================== [ 13.382585] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.383340] Read of size 8 at addr ffff888103950d40 by task kunit_try_catch/217 [ 13.383573] [ 13.383683] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.383730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.383741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.383762] Call Trace: [ 13.383774] <TASK> [ 13.383791] dump_stack_lvl+0x73/0xb0 [ 13.383835] print_report+0xd1/0x650 [ 13.383857] ? __virt_addr_valid+0x1db/0x2d0 [ 13.383881] ? workqueue_uaf+0x4d6/0x560 [ 13.383901] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.383923] ? workqueue_uaf+0x4d6/0x560 [ 13.383944] kasan_report+0x141/0x180 [ 13.383966] ? workqueue_uaf+0x4d6/0x560 [ 13.383991] __asan_report_load8_noabort+0x18/0x20 [ 13.384016] workqueue_uaf+0x4d6/0x560 [ 13.384037] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.384059] ? __schedule+0x10cc/0x2b60 [ 13.384081] ? __pfx_read_tsc+0x10/0x10 [ 13.384102] ? ktime_get_ts64+0x86/0x230 [ 13.384127] kunit_try_run_case+0x1a5/0x480 [ 13.384152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.384174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.384198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.384220] ? __kthread_parkme+0x82/0x180 [ 13.384242] ? preempt_count_sub+0x50/0x80 [ 13.384278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.384302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.384325] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.384350] kthread+0x337/0x6f0 [ 13.384368] ? trace_preempt_on+0x20/0xc0 [ 13.384392] ? __pfx_kthread+0x10/0x10 [ 13.384412] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.384433] ? calculate_sigpending+0x7b/0xa0 [ 13.384457] ? __pfx_kthread+0x10/0x10 [ 13.384478] ret_from_fork+0x116/0x1d0 [ 13.384496] ? __pfx_kthread+0x10/0x10 [ 13.384515] ret_from_fork_asm+0x1a/0x30 [ 13.384546] </TASK> [ 13.384556] [ 13.393180] Allocated by task 217: [ 13.393346] kasan_save_stack+0x45/0x70 [ 13.393562] kasan_save_track+0x18/0x40 [ 13.393769] kasan_save_alloc_info+0x3b/0x50 [ 13.394177] __kasan_kmalloc+0xb7/0xc0 [ 13.394376] __kmalloc_cache_noprof+0x189/0x420 [ 13.394615] workqueue_uaf+0x152/0x560 [ 13.394767] kunit_try_run_case+0x1a5/0x480 [ 13.395058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.395304] kthread+0x337/0x6f0 [ 13.395455] ret_from_fork+0x116/0x1d0 [ 13.395588] ret_from_fork_asm+0x1a/0x30 [ 13.395740] [ 13.395809] Freed by task 70: [ 13.395963] kasan_save_stack+0x45/0x70 [ 13.396151] kasan_save_track+0x18/0x40 [ 13.396384] kasan_save_free_info+0x3f/0x60 [ 13.396567] __kasan_slab_free+0x56/0x70 [ 13.396740] kfree+0x222/0x3f0 [ 13.397083] workqueue_uaf_work+0x12/0x20 [ 13.397248] process_one_work+0x5ee/0xf60 [ 13.397393] worker_thread+0x758/0x1220 [ 13.397587] kthread+0x337/0x6f0 [ 13.397790] ret_from_fork+0x116/0x1d0 [ 13.398218] ret_from_fork_asm+0x1a/0x30 [ 13.398399] [ 13.398494] Last potentially related work creation: [ 13.398683] kasan_save_stack+0x45/0x70 [ 13.398851] kasan_record_aux_stack+0xb2/0xc0 [ 13.399133] __queue_work+0x626/0xeb0 [ 13.399324] queue_work_on+0xb6/0xc0 [ 13.399474] workqueue_uaf+0x26d/0x560 [ 13.399622] kunit_try_run_case+0x1a5/0x480 [ 13.399919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.400190] kthread+0x337/0x6f0 [ 13.400361] ret_from_fork+0x116/0x1d0 [ 13.400499] ret_from_fork_asm+0x1a/0x30 [ 13.400651] [ 13.400748] The buggy address belongs to the object at ffff888103950d40 [ 13.400748] which belongs to the cache kmalloc-32 of size 32 [ 13.401362] The buggy address is located 0 bytes inside of [ 13.401362] freed 32-byte region [ffff888103950d40, ffff888103950d60) [ 13.402075] [ 13.402161] The buggy address belongs to the physical page: [ 13.402407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103950 [ 13.402669] flags: 0x200000000000000(node=0|zone=2) [ 13.402977] page_type: f5(slab) [ 13.403162] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.403462] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.403796] page dumped because: kasan: bad access detected [ 13.404021] [ 13.404115] Memory state around the buggy address: [ 13.404309] ffff888103950c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.404568] ffff888103950c80: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.404864] >ffff888103950d00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.405171] ^ [ 13.405412] ffff888103950d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.405729] ffff888103950e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.405995] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.340943] ================================================================== [ 13.341474] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.341789] Read of size 4 at addr ffff8881029b6f80 by task swapper/0/0 [ 13.342689] [ 13.342970] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.343018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.343029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.343050] Call Trace: [ 13.343082] <IRQ> [ 13.343101] dump_stack_lvl+0x73/0xb0 [ 13.343138] print_report+0xd1/0x650 [ 13.343189] ? __virt_addr_valid+0x1db/0x2d0 [ 13.343215] ? rcu_uaf_reclaim+0x50/0x60 [ 13.343234] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.343257] ? rcu_uaf_reclaim+0x50/0x60 [ 13.343278] kasan_report+0x141/0x180 [ 13.343299] ? rcu_uaf_reclaim+0x50/0x60 [ 13.343323] __asan_report_load4_noabort+0x18/0x20 [ 13.343348] rcu_uaf_reclaim+0x50/0x60 [ 13.343369] rcu_core+0x66f/0x1c40 [ 13.343398] ? __pfx_rcu_core+0x10/0x10 [ 13.343418] ? ktime_get+0x6b/0x150 [ 13.343443] rcu_core_si+0x12/0x20 [ 13.343462] handle_softirqs+0x209/0x730 [ 13.343483] ? hrtimer_interrupt+0x2fe/0x780 [ 13.343505] ? __pfx_handle_softirqs+0x10/0x10 [ 13.343530] __irq_exit_rcu+0xc9/0x110 [ 13.343550] irq_exit_rcu+0x12/0x20 [ 13.343569] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.343607] </IRQ> [ 13.343634] <TASK> [ 13.343644] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.343735] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.344084] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d e3 81 21 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.344171] RSP: 0000:ffffffffa3607dd8 EFLAGS: 00010202 [ 13.344258] RAX: ffff8881b6672000 RBX: ffffffffa361cac0 RCX: ffffffffa2474105 [ 13.344302] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 00000000000153e4 [ 13.344344] RBP: ffffffffa3607de0 R08: 0000000000000001 R09: ffffed102b60618a [ 13.344393] R10: ffff88815b030c53 R11: 00000000000df400 R12: 0000000000000000 [ 13.344473] R13: fffffbfff46c3958 R14: ffffffffa41b1390 R15: 0000000000000000 [ 13.344531] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.344585] ? default_idle+0xd/0x20 [ 13.344624] arch_cpu_idle+0xd/0x20 [ 13.344646] default_idle_call+0x48/0x80 [ 13.344664] do_idle+0x379/0x4f0 [ 13.344690] ? __pfx_do_idle+0x10/0x10 [ 13.344717] cpu_startup_entry+0x5c/0x70 [ 13.344736] rest_init+0x11a/0x140 [ 13.344753] ? acpi_subsystem_init+0x5d/0x150 [ 13.344818] start_kernel+0x330/0x410 [ 13.344844] x86_64_start_reservations+0x1c/0x30 [ 13.344868] x86_64_start_kernel+0x10d/0x120 [ 13.344892] common_startup_64+0x13e/0x148 [ 13.344925] </TASK> [ 13.344936] [ 13.360639] Allocated by task 215: [ 13.360957] kasan_save_stack+0x45/0x70 [ 13.361168] kasan_save_track+0x18/0x40 [ 13.361354] kasan_save_alloc_info+0x3b/0x50 [ 13.361555] __kasan_kmalloc+0xb7/0xc0 [ 13.361752] __kmalloc_cache_noprof+0x189/0x420 [ 13.361973] rcu_uaf+0xb0/0x330 [ 13.362091] kunit_try_run_case+0x1a5/0x480 [ 13.362346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.362624] kthread+0x337/0x6f0 [ 13.362750] ret_from_fork+0x116/0x1d0 [ 13.363355] ret_from_fork_asm+0x1a/0x30 [ 13.363523] [ 13.363606] Freed by task 0: [ 13.363714] kasan_save_stack+0x45/0x70 [ 13.364122] kasan_save_track+0x18/0x40 [ 13.364325] kasan_save_free_info+0x3f/0x60 [ 13.364559] __kasan_slab_free+0x56/0x70 [ 13.364771] kfree+0x222/0x3f0 [ 13.365010] rcu_uaf_reclaim+0x1f/0x60 [ 13.365142] rcu_core+0x66f/0x1c40 [ 13.365299] rcu_core_si+0x12/0x20 [ 13.365543] handle_softirqs+0x209/0x730 [ 13.365754] __irq_exit_rcu+0xc9/0x110 [ 13.366167] irq_exit_rcu+0x12/0x20 [ 13.366320] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.366510] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.366764] [ 13.366915] Last potentially related work creation: [ 13.367203] kasan_save_stack+0x45/0x70 [ 13.367348] kasan_record_aux_stack+0xb2/0xc0 [ 13.367518] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 13.367815] call_rcu+0x12/0x20 [ 13.368218] rcu_uaf+0x168/0x330 [ 13.368551] kunit_try_run_case+0x1a5/0x480 [ 13.368773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.369029] kthread+0x337/0x6f0 [ 13.369198] ret_from_fork+0x116/0x1d0 [ 13.369383] ret_from_fork_asm+0x1a/0x30 [ 13.369622] [ 13.369706] The buggy address belongs to the object at ffff8881029b6f80 [ 13.369706] which belongs to the cache kmalloc-32 of size 32 [ 13.370326] The buggy address is located 0 bytes inside of [ 13.370326] freed 32-byte region [ffff8881029b6f80, ffff8881029b6fa0) [ 13.370832] [ 13.370983] The buggy address belongs to the physical page: [ 13.371338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b6 [ 13.371628] flags: 0x200000000000000(node=0|zone=2) [ 13.371879] page_type: f5(slab) [ 13.372161] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.372394] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.372995] page dumped because: kasan: bad access detected [ 13.373217] [ 13.373297] Memory state around the buggy address: [ 13.373547] ffff8881029b6e80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.373794] ffff8881029b6f00: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.374060] >ffff8881029b6f80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.374399] ^ [ 13.374779] ffff8881029b7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.375114] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.375434] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.284578] ================================================================== [ 13.285240] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.285958] Read of size 1 at addr ffff8881029ade00 by task kunit_try_catch/213 [ 13.286208] [ 13.286302] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.286345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.286356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.286377] Call Trace: [ 13.286396] <TASK> [ 13.286413] dump_stack_lvl+0x73/0xb0 [ 13.286443] print_report+0xd1/0x650 [ 13.286465] ? __virt_addr_valid+0x1db/0x2d0 [ 13.286488] ? ksize_uaf+0x5fe/0x6c0 [ 13.286506] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.286529] ? ksize_uaf+0x5fe/0x6c0 [ 13.286548] kasan_report+0x141/0x180 [ 13.286569] ? ksize_uaf+0x5fe/0x6c0 [ 13.286606] __asan_report_load1_noabort+0x18/0x20 [ 13.286630] ksize_uaf+0x5fe/0x6c0 [ 13.286650] ? __pfx_ksize_uaf+0x10/0x10 [ 13.286670] ? __schedule+0x10cc/0x2b60 [ 13.286692] ? __pfx_read_tsc+0x10/0x10 [ 13.286712] ? ktime_get_ts64+0x86/0x230 [ 13.286736] kunit_try_run_case+0x1a5/0x480 [ 13.286759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.286782] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.286817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.286847] ? __kthread_parkme+0x82/0x180 [ 13.286867] ? preempt_count_sub+0x50/0x80 [ 13.286891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.286914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.286938] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.286962] kthread+0x337/0x6f0 [ 13.286981] ? trace_preempt_on+0x20/0xc0 [ 13.287004] ? __pfx_kthread+0x10/0x10 [ 13.287024] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.287045] ? calculate_sigpending+0x7b/0xa0 [ 13.287069] ? __pfx_kthread+0x10/0x10 [ 13.287090] ret_from_fork+0x116/0x1d0 [ 13.287107] ? __pfx_kthread+0x10/0x10 [ 13.287127] ret_from_fork_asm+0x1a/0x30 [ 13.287157] </TASK> [ 13.287167] [ 13.294464] Allocated by task 213: [ 13.294655] kasan_save_stack+0x45/0x70 [ 13.295120] kasan_save_track+0x18/0x40 [ 13.295323] kasan_save_alloc_info+0x3b/0x50 [ 13.295518] __kasan_kmalloc+0xb7/0xc0 [ 13.295660] __kmalloc_cache_noprof+0x189/0x420 [ 13.296005] ksize_uaf+0xaa/0x6c0 [ 13.296176] kunit_try_run_case+0x1a5/0x480 [ 13.296317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.296487] kthread+0x337/0x6f0 [ 13.296615] ret_from_fork+0x116/0x1d0 [ 13.296743] ret_from_fork_asm+0x1a/0x30 [ 13.296941] [ 13.297035] Freed by task 213: [ 13.297193] kasan_save_stack+0x45/0x70 [ 13.297388] kasan_save_track+0x18/0x40 [ 13.297580] kasan_save_free_info+0x3f/0x60 [ 13.297858] __kasan_slab_free+0x56/0x70 [ 13.298059] kfree+0x222/0x3f0 [ 13.298196] ksize_uaf+0x12c/0x6c0 [ 13.298350] kunit_try_run_case+0x1a5/0x480 [ 13.298531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.298776] kthread+0x337/0x6f0 [ 13.298986] ret_from_fork+0x116/0x1d0 [ 13.299158] ret_from_fork_asm+0x1a/0x30 [ 13.299292] [ 13.299359] The buggy address belongs to the object at ffff8881029ade00 [ 13.299359] which belongs to the cache kmalloc-128 of size 128 [ 13.299901] The buggy address is located 0 bytes inside of [ 13.299901] freed 128-byte region [ffff8881029ade00, ffff8881029ade80) [ 13.300548] [ 13.300633] The buggy address belongs to the physical page: [ 13.300810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ad [ 13.301179] flags: 0x200000000000000(node=0|zone=2) [ 13.301760] page_type: f5(slab) [ 13.301942] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.302183] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.302411] page dumped because: kasan: bad access detected [ 13.302585] [ 13.302692] Memory state around the buggy address: [ 13.302930] ffff8881029add00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.303253] ffff8881029add80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.303578] >ffff8881029ade00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.304156] ^ [ 13.304326] ffff8881029ade80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.304605] ffff8881029adf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.304979] ================================================================== [ 13.251533] ================================================================== [ 13.252197] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.252424] Read of size 1 at addr ffff8881029ade00 by task kunit_try_catch/213 [ 13.252661] [ 13.252755] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.252844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.252855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.252876] Call Trace: [ 13.252888] <TASK> [ 13.252904] dump_stack_lvl+0x73/0xb0 [ 13.252934] print_report+0xd1/0x650 [ 13.252957] ? __virt_addr_valid+0x1db/0x2d0 [ 13.252980] ? ksize_uaf+0x19d/0x6c0 [ 13.252998] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.253021] ? ksize_uaf+0x19d/0x6c0 [ 13.253040] kasan_report+0x141/0x180 [ 13.253061] ? ksize_uaf+0x19d/0x6c0 [ 13.253083] ? ksize_uaf+0x19d/0x6c0 [ 13.253103] __kasan_check_byte+0x3d/0x50 [ 13.253124] ksize+0x20/0x60 [ 13.253143] ksize_uaf+0x19d/0x6c0 [ 13.253162] ? __pfx_ksize_uaf+0x10/0x10 [ 13.253183] ? __schedule+0x10cc/0x2b60 [ 13.253206] ? __pfx_read_tsc+0x10/0x10 [ 13.253227] ? ktime_get_ts64+0x86/0x230 [ 13.253250] kunit_try_run_case+0x1a5/0x480 [ 13.253275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.253297] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.253321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.253344] ? __kthread_parkme+0x82/0x180 [ 13.253367] ? preempt_count_sub+0x50/0x80 [ 13.253393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.253418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.253443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.253468] kthread+0x337/0x6f0 [ 13.253486] ? trace_preempt_on+0x20/0xc0 [ 13.253509] ? __pfx_kthread+0x10/0x10 [ 13.253529] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.253550] ? calculate_sigpending+0x7b/0xa0 [ 13.253575] ? __pfx_kthread+0x10/0x10 [ 13.253607] ret_from_fork+0x116/0x1d0 [ 13.253626] ? __pfx_kthread+0x10/0x10 [ 13.253646] ret_from_fork_asm+0x1a/0x30 [ 13.253678] </TASK> [ 13.253688] [ 13.266426] Allocated by task 213: [ 13.266863] kasan_save_stack+0x45/0x70 [ 13.267251] kasan_save_track+0x18/0x40 [ 13.267611] kasan_save_alloc_info+0x3b/0x50 [ 13.268069] __kasan_kmalloc+0xb7/0xc0 [ 13.268400] __kmalloc_cache_noprof+0x189/0x420 [ 13.268909] ksize_uaf+0xaa/0x6c0 [ 13.269231] kunit_try_run_case+0x1a5/0x480 [ 13.269622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.270146] kthread+0x337/0x6f0 [ 13.270288] ret_from_fork+0x116/0x1d0 [ 13.270422] ret_from_fork_asm+0x1a/0x30 [ 13.270563] [ 13.270645] Freed by task 213: [ 13.270757] kasan_save_stack+0x45/0x70 [ 13.271522] kasan_save_track+0x18/0x40 [ 13.271918] kasan_save_free_info+0x3f/0x60 [ 13.272397] __kasan_slab_free+0x56/0x70 [ 13.272847] kfree+0x222/0x3f0 [ 13.273151] ksize_uaf+0x12c/0x6c0 [ 13.273457] kunit_try_run_case+0x1a5/0x480 [ 13.273831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.274335] kthread+0x337/0x6f0 [ 13.274459] ret_from_fork+0x116/0x1d0 [ 13.274591] ret_from_fork_asm+0x1a/0x30 [ 13.274742] [ 13.274895] The buggy address belongs to the object at ffff8881029ade00 [ 13.274895] which belongs to the cache kmalloc-128 of size 128 [ 13.276044] The buggy address is located 0 bytes inside of [ 13.276044] freed 128-byte region [ffff8881029ade00, ffff8881029ade80) [ 13.277029] [ 13.277185] The buggy address belongs to the physical page: [ 13.277533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ad [ 13.277847] flags: 0x200000000000000(node=0|zone=2) [ 13.278278] page_type: f5(slab) [ 13.278570] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.279285] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.279714] page dumped because: kasan: bad access detected [ 13.280119] [ 13.280273] Memory state around the buggy address: [ 13.280700] ffff8881029add00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.281361] ffff8881029add80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.281718] >ffff8881029ade00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.282304] ^ [ 13.282711] ffff8881029ade80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.283348] ffff8881029adf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.283686] ================================================================== [ 13.305686] ================================================================== [ 13.306039] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.306358] Read of size 1 at addr ffff8881029ade78 by task kunit_try_catch/213 [ 13.306915] [ 13.307009] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.307052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.307062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.307082] Call Trace: [ 13.307093] <TASK> [ 13.307109] dump_stack_lvl+0x73/0xb0 [ 13.307140] print_report+0xd1/0x650 [ 13.307161] ? __virt_addr_valid+0x1db/0x2d0 [ 13.307184] ? ksize_uaf+0x5e4/0x6c0 [ 13.307203] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.307226] ? ksize_uaf+0x5e4/0x6c0 [ 13.307245] kasan_report+0x141/0x180 [ 13.307266] ? ksize_uaf+0x5e4/0x6c0 [ 13.307290] __asan_report_load1_noabort+0x18/0x20 [ 13.307314] ksize_uaf+0x5e4/0x6c0 [ 13.307333] ? __pfx_ksize_uaf+0x10/0x10 [ 13.307354] ? __schedule+0x10cc/0x2b60 [ 13.307375] ? __pfx_read_tsc+0x10/0x10 [ 13.307396] ? ktime_get_ts64+0x86/0x230 [ 13.307421] kunit_try_run_case+0x1a5/0x480 [ 13.307444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.307466] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.307491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.307516] ? __kthread_parkme+0x82/0x180 [ 13.307536] ? preempt_count_sub+0x50/0x80 [ 13.307560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.307584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.307618] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.307643] kthread+0x337/0x6f0 [ 13.307661] ? trace_preempt_on+0x20/0xc0 [ 13.307685] ? __pfx_kthread+0x10/0x10 [ 13.307704] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.307725] ? calculate_sigpending+0x7b/0xa0 [ 13.307749] ? __pfx_kthread+0x10/0x10 [ 13.307770] ret_from_fork+0x116/0x1d0 [ 13.307788] ? __pfx_kthread+0x10/0x10 [ 13.307807] ret_from_fork_asm+0x1a/0x30 [ 13.307837] </TASK> [ 13.307848] [ 13.314783] Allocated by task 213: [ 13.314980] kasan_save_stack+0x45/0x70 [ 13.315239] kasan_save_track+0x18/0x40 [ 13.315436] kasan_save_alloc_info+0x3b/0x50 [ 13.315659] __kasan_kmalloc+0xb7/0xc0 [ 13.315944] __kmalloc_cache_noprof+0x189/0x420 [ 13.316183] ksize_uaf+0xaa/0x6c0 [ 13.316342] kunit_try_run_case+0x1a5/0x480 [ 13.316526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.316724] kthread+0x337/0x6f0 [ 13.316847] ret_from_fork+0x116/0x1d0 [ 13.316980] ret_from_fork_asm+0x1a/0x30 [ 13.317122] [ 13.317315] Freed by task 213: [ 13.317477] kasan_save_stack+0x45/0x70 [ 13.317688] kasan_save_track+0x18/0x40 [ 13.317878] kasan_save_free_info+0x3f/0x60 [ 13.318087] __kasan_slab_free+0x56/0x70 [ 13.318415] kfree+0x222/0x3f0 [ 13.318655] ksize_uaf+0x12c/0x6c0 [ 13.318917] kunit_try_run_case+0x1a5/0x480 [ 13.319073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.319258] kthread+0x337/0x6f0 [ 13.319378] ret_from_fork+0x116/0x1d0 [ 13.319516] ret_from_fork_asm+0x1a/0x30 [ 13.319729] [ 13.319826] The buggy address belongs to the object at ffff8881029ade00 [ 13.319826] which belongs to the cache kmalloc-128 of size 128 [ 13.320658] The buggy address is located 120 bytes inside of [ 13.320658] freed 128-byte region [ffff8881029ade00, ffff8881029ade80) [ 13.321235] [ 13.321340] The buggy address belongs to the physical page: [ 13.321535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ad [ 13.321791] flags: 0x200000000000000(node=0|zone=2) [ 13.322027] page_type: f5(slab) [ 13.322194] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.322747] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.322995] page dumped because: kasan: bad access detected [ 13.323167] [ 13.323235] Memory state around the buggy address: [ 13.323391] ffff8881029add00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.323664] ffff8881029add80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.323999] >ffff8881029ade00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.324320] ^ [ 13.324922] ffff8881029ade80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.325463] ffff8881029adf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.325771] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 13.169761] ================================================================== [ 13.170625] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.171229] Read of size 1 at addr ffff888102c29f73 by task kunit_try_catch/211 [ 13.171565] [ 13.171677] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.171725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.171736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.171757] Call Trace: [ 13.171768] <TASK> [ 13.171785] dump_stack_lvl+0x73/0xb0 [ 13.171819] print_report+0xd1/0x650 [ 13.171841] ? __virt_addr_valid+0x1db/0x2d0 [ 13.171864] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.171887] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.171909] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.171932] kasan_report+0x141/0x180 [ 13.171953] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.171981] __asan_report_load1_noabort+0x18/0x20 [ 13.172005] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.172029] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.172051] ? finish_task_switch.isra.0+0x153/0x700 [ 13.172074] ? __switch_to+0x47/0xf50 [ 13.172100] ? __schedule+0x10cc/0x2b60 [ 13.172122] ? __pfx_read_tsc+0x10/0x10 [ 13.172143] ? ktime_get_ts64+0x86/0x230 [ 13.172167] kunit_try_run_case+0x1a5/0x480 [ 13.172192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.172214] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.172238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.172262] ? __kthread_parkme+0x82/0x180 [ 13.172294] ? preempt_count_sub+0x50/0x80 [ 13.172324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.172348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.172372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.172396] kthread+0x337/0x6f0 [ 13.172414] ? trace_preempt_on+0x20/0xc0 [ 13.172437] ? __pfx_kthread+0x10/0x10 [ 13.172457] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.172478] ? calculate_sigpending+0x7b/0xa0 [ 13.172503] ? __pfx_kthread+0x10/0x10 [ 13.172523] ret_from_fork+0x116/0x1d0 [ 13.172541] ? __pfx_kthread+0x10/0x10 [ 13.172561] ret_from_fork_asm+0x1a/0x30 [ 13.172592] </TASK> [ 13.172614] [ 13.185036] Allocated by task 211: [ 13.185434] kasan_save_stack+0x45/0x70 [ 13.186117] kasan_save_track+0x18/0x40 [ 13.186343] kasan_save_alloc_info+0x3b/0x50 [ 13.186517] __kasan_kmalloc+0xb7/0xc0 [ 13.186782] __kmalloc_cache_noprof+0x189/0x420 [ 13.187283] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.187538] kunit_try_run_case+0x1a5/0x480 [ 13.187788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.188172] kthread+0x337/0x6f0 [ 13.188348] ret_from_fork+0x116/0x1d0 [ 13.188539] ret_from_fork_asm+0x1a/0x30 [ 13.188745] [ 13.188880] The buggy address belongs to the object at ffff888102c29f00 [ 13.188880] which belongs to the cache kmalloc-128 of size 128 [ 13.189359] The buggy address is located 0 bytes to the right of [ 13.189359] allocated 115-byte region [ffff888102c29f00, ffff888102c29f73) [ 13.190097] [ 13.190230] The buggy address belongs to the physical page: [ 13.190497] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c29 [ 13.191146] flags: 0x200000000000000(node=0|zone=2) [ 13.191350] page_type: f5(slab) [ 13.191525] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.191888] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.192359] page dumped because: kasan: bad access detected [ 13.192622] [ 13.192719] Memory state around the buggy address: [ 13.193087] ffff888102c29e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.193407] ffff888102c29e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.193747] >ffff888102c29f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.194219] ^ [ 13.194535] ffff888102c29f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.195124] ffff888102c2a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.195432] ================================================================== [ 13.196093] ================================================================== [ 13.196464] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.196998] Read of size 1 at addr ffff888102c29f78 by task kunit_try_catch/211 [ 13.197360] [ 13.197474] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.197518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.197529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.197576] Call Trace: [ 13.197612] <TASK> [ 13.197656] dump_stack_lvl+0x73/0xb0 [ 13.197687] print_report+0xd1/0x650 [ 13.197710] ? __virt_addr_valid+0x1db/0x2d0 [ 13.197744] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.197786] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.197929] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.197953] kasan_report+0x141/0x180 [ 13.197987] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.198015] __asan_report_load1_noabort+0x18/0x20 [ 13.198039] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.198062] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.198085] ? finish_task_switch.isra.0+0x153/0x700 [ 13.198108] ? __switch_to+0x47/0xf50 [ 13.198161] ? __schedule+0x10cc/0x2b60 [ 13.198183] ? __pfx_read_tsc+0x10/0x10 [ 13.198204] ? ktime_get_ts64+0x86/0x230 [ 13.198239] kunit_try_run_case+0x1a5/0x480 [ 13.198263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.198312] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.198337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.198359] ? __kthread_parkme+0x82/0x180 [ 13.198390] ? preempt_count_sub+0x50/0x80 [ 13.198413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.198436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.198460] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.198484] kthread+0x337/0x6f0 [ 13.198502] ? trace_preempt_on+0x20/0xc0 [ 13.198526] ? __pfx_kthread+0x10/0x10 [ 13.198545] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.198567] ? calculate_sigpending+0x7b/0xa0 [ 13.198591] ? __pfx_kthread+0x10/0x10 [ 13.198620] ret_from_fork+0x116/0x1d0 [ 13.198638] ? __pfx_kthread+0x10/0x10 [ 13.198657] ret_from_fork_asm+0x1a/0x30 [ 13.198688] </TASK> [ 13.198698] [ 13.207796] Allocated by task 211: [ 13.208027] kasan_save_stack+0x45/0x70 [ 13.208382] kasan_save_track+0x18/0x40 [ 13.208571] kasan_save_alloc_info+0x3b/0x50 [ 13.208890] __kasan_kmalloc+0xb7/0xc0 [ 13.209132] __kmalloc_cache_noprof+0x189/0x420 [ 13.209355] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.209571] kunit_try_run_case+0x1a5/0x480 [ 13.209930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.210216] kthread+0x337/0x6f0 [ 13.210384] ret_from_fork+0x116/0x1d0 [ 13.210613] ret_from_fork_asm+0x1a/0x30 [ 13.210750] [ 13.211164] The buggy address belongs to the object at ffff888102c29f00 [ 13.211164] which belongs to the cache kmalloc-128 of size 128 [ 13.211643] The buggy address is located 5 bytes to the right of [ 13.211643] allocated 115-byte region [ffff888102c29f00, ffff888102c29f73) [ 13.212173] [ 13.212260] The buggy address belongs to the physical page: [ 13.212494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c29 [ 13.212811] flags: 0x200000000000000(node=0|zone=2) [ 13.212970] page_type: f5(slab) [ 13.213086] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.213484] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.213963] page dumped because: kasan: bad access detected [ 13.214387] [ 13.214474] Memory state around the buggy address: [ 13.214742] ffff888102c29e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.215237] ffff888102c29e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.215566] >ffff888102c29f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.216175] ^ [ 13.216500] ffff888102c29f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.216933] ffff888102c2a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.217286] ================================================================== [ 13.218095] ================================================================== [ 13.219099] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.219451] Read of size 1 at addr ffff888102c29f7f by task kunit_try_catch/211 [ 13.219972] [ 13.220082] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.220164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.220175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.220196] Call Trace: [ 13.220208] <TASK> [ 13.220237] dump_stack_lvl+0x73/0xb0 [ 13.220270] print_report+0xd1/0x650 [ 13.220292] ? __virt_addr_valid+0x1db/0x2d0 [ 13.220344] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.220366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.220388] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.220423] kasan_report+0x141/0x180 [ 13.220444] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.220471] __asan_report_load1_noabort+0x18/0x20 [ 13.220523] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.220546] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.220606] ? finish_task_switch.isra.0+0x153/0x700 [ 13.220630] ? __switch_to+0x47/0xf50 [ 13.220654] ? __schedule+0x10cc/0x2b60 [ 13.220677] ? __pfx_read_tsc+0x10/0x10 [ 13.220699] ? ktime_get_ts64+0x86/0x230 [ 13.220722] kunit_try_run_case+0x1a5/0x480 [ 13.220747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.220769] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.220861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.220887] ? __kthread_parkme+0x82/0x180 [ 13.220908] ? preempt_count_sub+0x50/0x80 [ 13.220931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.220954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.220978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.221002] kthread+0x337/0x6f0 [ 13.221020] ? trace_preempt_on+0x20/0xc0 [ 13.221044] ? __pfx_kthread+0x10/0x10 [ 13.221064] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.221085] ? calculate_sigpending+0x7b/0xa0 [ 13.221109] ? __pfx_kthread+0x10/0x10 [ 13.221129] ret_from_fork+0x116/0x1d0 [ 13.221147] ? __pfx_kthread+0x10/0x10 [ 13.221168] ret_from_fork_asm+0x1a/0x30 [ 13.221198] </TASK> [ 13.221209] [ 13.232763] Allocated by task 211: [ 13.233063] kasan_save_stack+0x45/0x70 [ 13.233566] kasan_save_track+0x18/0x40 [ 13.233884] kasan_save_alloc_info+0x3b/0x50 [ 13.234299] __kasan_kmalloc+0xb7/0xc0 [ 13.234665] __kmalloc_cache_noprof+0x189/0x420 [ 13.235224] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.235584] kunit_try_run_case+0x1a5/0x480 [ 13.236036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.236279] kthread+0x337/0x6f0 [ 13.236550] ret_from_fork+0x116/0x1d0 [ 13.236828] ret_from_fork_asm+0x1a/0x30 [ 13.237137] [ 13.237213] The buggy address belongs to the object at ffff888102c29f00 [ 13.237213] which belongs to the cache kmalloc-128 of size 128 [ 13.237743] The buggy address is located 12 bytes to the right of [ 13.237743] allocated 115-byte region [ffff888102c29f00, ffff888102c29f73) [ 13.238787] [ 13.239196] The buggy address belongs to the physical page: [ 13.239407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c29 [ 13.240042] flags: 0x200000000000000(node=0|zone=2) [ 13.240502] page_type: f5(slab) [ 13.240873] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.241248] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.241698] page dumped because: kasan: bad access detected [ 13.242231] [ 13.242316] Memory state around the buggy address: [ 13.242705] ffff888102c29e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.243329] ffff888102c29e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.243762] >ffff888102c29f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.244288] ^ [ 13.244700] ffff888102c29f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.245162] ffff888102c2a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.245574] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 13.143577] ================================================================== [ 13.144054] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 13.144266] Free of addr ffff888102434600 by task kunit_try_catch/209 [ 13.144462] [ 13.144573] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.144628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.144638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.144658] Call Trace: [ 13.144671] <TASK> [ 13.144688] dump_stack_lvl+0x73/0xb0 [ 13.144716] print_report+0xd1/0x650 [ 13.144740] ? __virt_addr_valid+0x1db/0x2d0 [ 13.144764] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.144801] ? kfree_sensitive+0x2e/0x90 [ 13.144821] kasan_report_invalid_free+0x10a/0x130 [ 13.144845] ? kfree_sensitive+0x2e/0x90 [ 13.144866] ? kfree_sensitive+0x2e/0x90 [ 13.144885] check_slab_allocation+0x101/0x130 [ 13.144906] __kasan_slab_pre_free+0x28/0x40 [ 13.144926] kfree+0xf0/0x3f0 [ 13.144947] ? kfree_sensitive+0x2e/0x90 [ 13.144968] kfree_sensitive+0x2e/0x90 [ 13.144987] kmalloc_double_kzfree+0x19c/0x350 [ 13.145010] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.145034] ? __schedule+0x10cc/0x2b60 [ 13.145055] ? __pfx_read_tsc+0x10/0x10 [ 13.145076] ? ktime_get_ts64+0x86/0x230 [ 13.145100] kunit_try_run_case+0x1a5/0x480 [ 13.145124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.145146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.145170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.145193] ? __kthread_parkme+0x82/0x180 [ 13.145213] ? preempt_count_sub+0x50/0x80 [ 13.145237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.145261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.145284] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.145308] kthread+0x337/0x6f0 [ 13.145326] ? trace_preempt_on+0x20/0xc0 [ 13.145349] ? __pfx_kthread+0x10/0x10 [ 13.145418] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.145441] ? calculate_sigpending+0x7b/0xa0 [ 13.145465] ? __pfx_kthread+0x10/0x10 [ 13.145486] ret_from_fork+0x116/0x1d0 [ 13.145506] ? __pfx_kthread+0x10/0x10 [ 13.145525] ret_from_fork_asm+0x1a/0x30 [ 13.145555] </TASK> [ 13.145566] [ 13.154434] Allocated by task 209: [ 13.154588] kasan_save_stack+0x45/0x70 [ 13.154813] kasan_save_track+0x18/0x40 [ 13.155075] kasan_save_alloc_info+0x3b/0x50 [ 13.155288] __kasan_kmalloc+0xb7/0xc0 [ 13.155477] __kmalloc_cache_noprof+0x189/0x420 [ 13.155691] kmalloc_double_kzfree+0xa9/0x350 [ 13.155939] kunit_try_run_case+0x1a5/0x480 [ 13.156117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.156294] kthread+0x337/0x6f0 [ 13.156414] ret_from_fork+0x116/0x1d0 [ 13.156547] ret_from_fork_asm+0x1a/0x30 [ 13.156758] [ 13.156921] Freed by task 209: [ 13.157087] kasan_save_stack+0x45/0x70 [ 13.157276] kasan_save_track+0x18/0x40 [ 13.157470] kasan_save_free_info+0x3f/0x60 [ 13.157688] __kasan_slab_free+0x56/0x70 [ 13.158017] kfree+0x222/0x3f0 [ 13.158162] kfree_sensitive+0x67/0x90 [ 13.158329] kmalloc_double_kzfree+0x12b/0x350 [ 13.158528] kunit_try_run_case+0x1a5/0x480 [ 13.158725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.159054] kthread+0x337/0x6f0 [ 13.159218] ret_from_fork+0x116/0x1d0 [ 13.159403] ret_from_fork_asm+0x1a/0x30 [ 13.159577] [ 13.159673] The buggy address belongs to the object at ffff888102434600 [ 13.159673] which belongs to the cache kmalloc-16 of size 16 [ 13.160421] The buggy address is located 0 bytes inside of [ 13.160421] 16-byte region [ffff888102434600, ffff888102434610) [ 13.160974] [ 13.161059] The buggy address belongs to the physical page: [ 13.161264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 13.161605] flags: 0x200000000000000(node=0|zone=2) [ 13.161875] page_type: f5(slab) [ 13.162007] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.162236] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.162461] page dumped because: kasan: bad access detected [ 13.162647] [ 13.162717] Memory state around the buggy address: [ 13.162952] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.163484] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.163805] >ffff888102434600: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.164114] ^ [ 13.164311] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.164526] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.164752] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 13.122956] ================================================================== [ 13.123409] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 13.123676] Read of size 1 at addr ffff888102434600 by task kunit_try_catch/209 [ 13.123905] [ 13.124021] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.124066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.124076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.124096] Call Trace: [ 13.124108] <TASK> [ 13.124124] dump_stack_lvl+0x73/0xb0 [ 13.124154] print_report+0xd1/0x650 [ 13.124194] ? __virt_addr_valid+0x1db/0x2d0 [ 13.124218] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.124240] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.124263] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.124285] kasan_report+0x141/0x180 [ 13.124306] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.124332] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.124354] __kasan_check_byte+0x3d/0x50 [ 13.124376] kfree_sensitive+0x22/0x90 [ 13.124399] kmalloc_double_kzfree+0x19c/0x350 [ 13.124421] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.124445] ? __schedule+0x10cc/0x2b60 [ 13.124468] ? __pfx_read_tsc+0x10/0x10 [ 13.124489] ? ktime_get_ts64+0x86/0x230 [ 13.124512] kunit_try_run_case+0x1a5/0x480 [ 13.124537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.124560] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.124584] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.124618] ? __kthread_parkme+0x82/0x180 [ 13.124640] ? preempt_count_sub+0x50/0x80 [ 13.124664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.124687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.124711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.124735] kthread+0x337/0x6f0 [ 13.124754] ? trace_preempt_on+0x20/0xc0 [ 13.124777] ? __pfx_kthread+0x10/0x10 [ 13.124814] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.124835] ? calculate_sigpending+0x7b/0xa0 [ 13.124859] ? __pfx_kthread+0x10/0x10 [ 13.124881] ret_from_fork+0x116/0x1d0 [ 13.124899] ? __pfx_kthread+0x10/0x10 [ 13.124918] ret_from_fork_asm+0x1a/0x30 [ 13.124949] </TASK> [ 13.124959] [ 13.132383] Allocated by task 209: [ 13.132571] kasan_save_stack+0x45/0x70 [ 13.132788] kasan_save_track+0x18/0x40 [ 13.133023] kasan_save_alloc_info+0x3b/0x50 [ 13.133190] __kasan_kmalloc+0xb7/0xc0 [ 13.133348] __kmalloc_cache_noprof+0x189/0x420 [ 13.133577] kmalloc_double_kzfree+0xa9/0x350 [ 13.133775] kunit_try_run_case+0x1a5/0x480 [ 13.134189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.134413] kthread+0x337/0x6f0 [ 13.134578] ret_from_fork+0x116/0x1d0 [ 13.134770] ret_from_fork_asm+0x1a/0x30 [ 13.135025] [ 13.135095] Freed by task 209: [ 13.135205] kasan_save_stack+0x45/0x70 [ 13.135340] kasan_save_track+0x18/0x40 [ 13.135473] kasan_save_free_info+0x3f/0x60 [ 13.135629] __kasan_slab_free+0x56/0x70 [ 13.135821] kfree+0x222/0x3f0 [ 13.135982] kfree_sensitive+0x67/0x90 [ 13.136226] kmalloc_double_kzfree+0x12b/0x350 [ 13.136441] kunit_try_run_case+0x1a5/0x480 [ 13.136819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.137024] kthread+0x337/0x6f0 [ 13.137144] ret_from_fork+0x116/0x1d0 [ 13.137275] ret_from_fork_asm+0x1a/0x30 [ 13.137414] [ 13.137487] The buggy address belongs to the object at ffff888102434600 [ 13.137487] which belongs to the cache kmalloc-16 of size 16 [ 13.138197] The buggy address is located 0 bytes inside of [ 13.138197] freed 16-byte region [ffff888102434600, ffff888102434610) [ 13.138728] [ 13.138828] The buggy address belongs to the physical page: [ 13.139148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 13.139476] flags: 0x200000000000000(node=0|zone=2) [ 13.139699] page_type: f5(slab) [ 13.140081] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.140385] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.140704] page dumped because: kasan: bad access detected [ 13.141008] [ 13.141104] Memory state around the buggy address: [ 13.141306] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.141590] ffff888102434580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.141952] >ffff888102434600: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.142170] ^ [ 13.142284] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.142532] ffff888102434700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.142901] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 13.086493] ================================================================== [ 13.087070] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 13.087416] Read of size 1 at addr ffff8881029b5928 by task kunit_try_catch/205 [ 13.087756] [ 13.087921] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.087969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.088560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.088588] Call Trace: [ 13.088615] <TASK> [ 13.088633] dump_stack_lvl+0x73/0xb0 [ 13.088670] print_report+0xd1/0x650 [ 13.088693] ? __virt_addr_valid+0x1db/0x2d0 [ 13.088718] ? kmalloc_uaf2+0x4a8/0x520 [ 13.088738] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.088761] ? kmalloc_uaf2+0x4a8/0x520 [ 13.088796] kasan_report+0x141/0x180 [ 13.088861] ? kmalloc_uaf2+0x4a8/0x520 [ 13.088887] __asan_report_load1_noabort+0x18/0x20 [ 13.088911] kmalloc_uaf2+0x4a8/0x520 [ 13.088931] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 13.088950] ? finish_task_switch.isra.0+0x153/0x700 [ 13.088976] ? __switch_to+0x47/0xf50 [ 13.089003] ? __schedule+0x10cc/0x2b60 [ 13.089025] ? __pfx_read_tsc+0x10/0x10 [ 13.089047] ? ktime_get_ts64+0x86/0x230 [ 13.089072] kunit_try_run_case+0x1a5/0x480 [ 13.089098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.089120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.089145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.089169] ? __kthread_parkme+0x82/0x180 [ 13.089190] ? preempt_count_sub+0x50/0x80 [ 13.089213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.089238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.089264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.089290] kthread+0x337/0x6f0 [ 13.089308] ? trace_preempt_on+0x20/0xc0 [ 13.089332] ? __pfx_kthread+0x10/0x10 [ 13.089352] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.089373] ? calculate_sigpending+0x7b/0xa0 [ 13.089398] ? __pfx_kthread+0x10/0x10 [ 13.089418] ret_from_fork+0x116/0x1d0 [ 13.089436] ? __pfx_kthread+0x10/0x10 [ 13.089456] ret_from_fork_asm+0x1a/0x30 [ 13.089487] </TASK> [ 13.089498] [ 13.101463] Allocated by task 205: [ 13.101664] kasan_save_stack+0x45/0x70 [ 13.101866] kasan_save_track+0x18/0x40 [ 13.102058] kasan_save_alloc_info+0x3b/0x50 [ 13.102260] __kasan_kmalloc+0xb7/0xc0 [ 13.102424] __kmalloc_cache_noprof+0x189/0x420 [ 13.103235] kmalloc_uaf2+0xc6/0x520 [ 13.103590] kunit_try_run_case+0x1a5/0x480 [ 13.104016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.104380] kthread+0x337/0x6f0 [ 13.104646] ret_from_fork+0x116/0x1d0 [ 13.105033] ret_from_fork_asm+0x1a/0x30 [ 13.105332] [ 13.105453] Freed by task 205: [ 13.105739] kasan_save_stack+0x45/0x70 [ 13.106142] kasan_save_track+0x18/0x40 [ 13.106435] kasan_save_free_info+0x3f/0x60 [ 13.106739] __kasan_slab_free+0x56/0x70 [ 13.107144] kfree+0x222/0x3f0 [ 13.107413] kmalloc_uaf2+0x14c/0x520 [ 13.107613] kunit_try_run_case+0x1a5/0x480 [ 13.107831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.108079] kthread+0x337/0x6f0 [ 13.108254] ret_from_fork+0x116/0x1d0 [ 13.108444] ret_from_fork_asm+0x1a/0x30 [ 13.109168] [ 13.109273] The buggy address belongs to the object at ffff8881029b5900 [ 13.109273] which belongs to the cache kmalloc-64 of size 64 [ 13.110018] The buggy address is located 40 bytes inside of [ 13.110018] freed 64-byte region [ffff8881029b5900, ffff8881029b5940) [ 13.110741] [ 13.110859] The buggy address belongs to the physical page: [ 13.111359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b5 [ 13.111821] flags: 0x200000000000000(node=0|zone=2) [ 13.112230] page_type: f5(slab) [ 13.112501] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.113011] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.113451] page dumped because: kasan: bad access detected [ 13.113896] [ 13.113979] Memory state around the buggy address: [ 13.114364] ffff8881029b5800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.114997] ffff8881029b5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.115323] >ffff8881029b5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.115731] ^ [ 13.116143] ffff8881029b5980: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 13.116564] ffff8881029b5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.117062] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 13.053526] ================================================================== [ 13.054018] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 13.054369] Write of size 33 at addr ffff888102c36c80 by task kunit_try_catch/203 [ 13.054745] [ 13.055040] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.055091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.055104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.055126] Call Trace: [ 13.055332] <TASK> [ 13.055354] dump_stack_lvl+0x73/0xb0 [ 13.055636] print_report+0xd1/0x650 [ 13.055661] ? __virt_addr_valid+0x1db/0x2d0 [ 13.055685] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.055706] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.055730] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.055751] kasan_report+0x141/0x180 [ 13.055808] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.055837] kasan_check_range+0x10c/0x1c0 [ 13.055860] __asan_memset+0x27/0x50 [ 13.055879] kmalloc_uaf_memset+0x1a3/0x360 [ 13.055900] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 13.055922] ? __schedule+0x10cc/0x2b60 [ 13.055944] ? __pfx_read_tsc+0x10/0x10 [ 13.055965] ? ktime_get_ts64+0x86/0x230 [ 13.055992] kunit_try_run_case+0x1a5/0x480 [ 13.056017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.056039] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.056063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.056086] ? __kthread_parkme+0x82/0x180 [ 13.056108] ? preempt_count_sub+0x50/0x80 [ 13.056132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.056155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.056180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.056204] kthread+0x337/0x6f0 [ 13.056222] ? trace_preempt_on+0x20/0xc0 [ 13.056245] ? __pfx_kthread+0x10/0x10 [ 13.056265] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.056286] ? calculate_sigpending+0x7b/0xa0 [ 13.056310] ? __pfx_kthread+0x10/0x10 [ 13.056331] ret_from_fork+0x116/0x1d0 [ 13.056349] ? __pfx_kthread+0x10/0x10 [ 13.056369] ret_from_fork_asm+0x1a/0x30 [ 13.056400] </TASK> [ 13.056411] [ 13.066484] Allocated by task 203: [ 13.067034] kasan_save_stack+0x45/0x70 [ 13.067227] kasan_save_track+0x18/0x40 [ 13.067640] kasan_save_alloc_info+0x3b/0x50 [ 13.068065] __kasan_kmalloc+0xb7/0xc0 [ 13.068406] __kmalloc_cache_noprof+0x189/0x420 [ 13.068744] kmalloc_uaf_memset+0xa9/0x360 [ 13.069187] kunit_try_run_case+0x1a5/0x480 [ 13.069551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.070056] kthread+0x337/0x6f0 [ 13.070202] ret_from_fork+0x116/0x1d0 [ 13.070646] ret_from_fork_asm+0x1a/0x30 [ 13.071056] [ 13.071135] Freed by task 203: [ 13.071493] kasan_save_stack+0x45/0x70 [ 13.071689] kasan_save_track+0x18/0x40 [ 13.071879] kasan_save_free_info+0x3f/0x60 [ 13.072076] __kasan_slab_free+0x56/0x70 [ 13.072259] kfree+0x222/0x3f0 [ 13.072416] kmalloc_uaf_memset+0x12b/0x360 [ 13.073060] kunit_try_run_case+0x1a5/0x480 [ 13.073397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.074117] kthread+0x337/0x6f0 [ 13.074292] ret_from_fork+0x116/0x1d0 [ 13.074446] ret_from_fork_asm+0x1a/0x30 [ 13.074960] [ 13.075254] The buggy address belongs to the object at ffff888102c36c80 [ 13.075254] which belongs to the cache kmalloc-64 of size 64 [ 13.075779] The buggy address is located 0 bytes inside of [ 13.075779] freed 64-byte region [ffff888102c36c80, ffff888102c36cc0) [ 13.076521] [ 13.076638] The buggy address belongs to the physical page: [ 13.076820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c36 [ 13.077065] flags: 0x200000000000000(node=0|zone=2) [ 13.077232] page_type: f5(slab) [ 13.077353] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.077583] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.078196] page dumped because: kasan: bad access detected [ 13.078374] [ 13.078444] Memory state around the buggy address: [ 13.078616] ffff888102c36b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.080015] ffff888102c36c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.080388] >ffff888102c36c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.080963] ^ [ 13.081138] ffff888102c36d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.081412] ffff888102c36d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.081714] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 13.024247] ================================================================== [ 13.024778] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 13.025216] Read of size 1 at addr ffff888101902a08 by task kunit_try_catch/201 [ 13.025762] [ 13.026082] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.026132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.026144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.026164] Call Trace: [ 13.026177] <TASK> [ 13.026192] dump_stack_lvl+0x73/0xb0 [ 13.026257] print_report+0xd1/0x650 [ 13.026280] ? __virt_addr_valid+0x1db/0x2d0 [ 13.026304] ? kmalloc_uaf+0x320/0x380 [ 13.026322] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.026344] ? kmalloc_uaf+0x320/0x380 [ 13.026363] kasan_report+0x141/0x180 [ 13.026384] ? kmalloc_uaf+0x320/0x380 [ 13.026436] __asan_report_load1_noabort+0x18/0x20 [ 13.026460] kmalloc_uaf+0x320/0x380 [ 13.026480] ? __pfx_kmalloc_uaf+0x10/0x10 [ 13.026500] ? __schedule+0x10cc/0x2b60 [ 13.026522] ? __pfx_read_tsc+0x10/0x10 [ 13.026543] ? ktime_get_ts64+0x86/0x230 [ 13.026567] kunit_try_run_case+0x1a5/0x480 [ 13.026591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.026626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.026651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.026674] ? __kthread_parkme+0x82/0x180 [ 13.026695] ? preempt_count_sub+0x50/0x80 [ 13.026719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.026742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.026766] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.026790] kthread+0x337/0x6f0 [ 13.026831] ? trace_preempt_on+0x20/0xc0 [ 13.026855] ? __pfx_kthread+0x10/0x10 [ 13.026875] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.026896] ? calculate_sigpending+0x7b/0xa0 [ 13.026921] ? __pfx_kthread+0x10/0x10 [ 13.026941] ret_from_fork+0x116/0x1d0 [ 13.026958] ? __pfx_kthread+0x10/0x10 [ 13.026978] ret_from_fork_asm+0x1a/0x30 [ 13.027008] </TASK> [ 13.027018] [ 13.034760] Allocated by task 201: [ 13.035083] kasan_save_stack+0x45/0x70 [ 13.035582] kasan_save_track+0x18/0x40 [ 13.035940] kasan_save_alloc_info+0x3b/0x50 [ 13.036173] __kasan_kmalloc+0xb7/0xc0 [ 13.036414] __kmalloc_cache_noprof+0x189/0x420 [ 13.036680] kmalloc_uaf+0xaa/0x380 [ 13.036888] kunit_try_run_case+0x1a5/0x480 [ 13.037035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.037415] kthread+0x337/0x6f0 [ 13.037662] ret_from_fork+0x116/0x1d0 [ 13.037855] ret_from_fork_asm+0x1a/0x30 [ 13.038173] [ 13.038260] Freed by task 201: [ 13.038435] kasan_save_stack+0x45/0x70 [ 13.038610] kasan_save_track+0x18/0x40 [ 13.038797] kasan_save_free_info+0x3f/0x60 [ 13.039116] __kasan_slab_free+0x56/0x70 [ 13.039357] kfree+0x222/0x3f0 [ 13.039497] kmalloc_uaf+0x12c/0x380 [ 13.039723] kunit_try_run_case+0x1a5/0x480 [ 13.040050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.040252] kthread+0x337/0x6f0 [ 13.040375] ret_from_fork+0x116/0x1d0 [ 13.040558] ret_from_fork_asm+0x1a/0x30 [ 13.040768] [ 13.040895] The buggy address belongs to the object at ffff888101902a00 [ 13.040895] which belongs to the cache kmalloc-16 of size 16 [ 13.041881] The buggy address is located 8 bytes inside of [ 13.041881] freed 16-byte region [ffff888101902a00, ffff888101902a10) [ 13.042422] [ 13.042586] The buggy address belongs to the physical page: [ 13.043354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101902 [ 13.044052] flags: 0x200000000000000(node=0|zone=2) [ 13.044223] page_type: f5(slab) [ 13.044347] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.044576] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.044937] page dumped because: kasan: bad access detected [ 13.045171] [ 13.045327] Memory state around the buggy address: [ 13.045664] ffff888101902900: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 13.045929] ffff888101902980: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.046490] >ffff888101902a00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.047018] ^ [ 13.047195] ffff888101902a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.047501] ffff888101902b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.047906] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.988855] ================================================================== [ 12.989999] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.991086] Read of size 64 at addr ffff888102c36a84 by task kunit_try_catch/199 [ 12.991333] [ 12.991438] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.991489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.991501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.991526] Call Trace: [ 12.991542] <TASK> [ 12.991565] dump_stack_lvl+0x73/0xb0 [ 12.991614] print_report+0xd1/0x650 [ 12.991637] ? __virt_addr_valid+0x1db/0x2d0 [ 12.991663] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.991687] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.991710] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.991735] kasan_report+0x141/0x180 [ 12.991756] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.991792] kasan_check_range+0x10c/0x1c0 [ 12.991815] __asan_memmove+0x27/0x70 [ 12.991836] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.991860] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.991886] ? __schedule+0x10cc/0x2b60 [ 12.991908] ? __pfx_read_tsc+0x10/0x10 [ 12.991931] ? ktime_get_ts64+0x86/0x230 [ 12.991957] kunit_try_run_case+0x1a5/0x480 [ 12.991984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.992006] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.992030] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.992054] ? __kthread_parkme+0x82/0x180 [ 12.992076] ? preempt_count_sub+0x50/0x80 [ 12.992100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.992124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.992148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.992173] kthread+0x337/0x6f0 [ 12.992191] ? trace_preempt_on+0x20/0xc0 [ 12.992215] ? __pfx_kthread+0x10/0x10 [ 12.992235] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.992256] ? calculate_sigpending+0x7b/0xa0 [ 12.992281] ? __pfx_kthread+0x10/0x10 [ 12.992301] ret_from_fork+0x116/0x1d0 [ 12.992319] ? __pfx_kthread+0x10/0x10 [ 12.992339] ret_from_fork_asm+0x1a/0x30 [ 12.992372] </TASK> [ 12.992383] [ 13.007329] Allocated by task 199: [ 13.007485] kasan_save_stack+0x45/0x70 [ 13.007659] kasan_save_track+0x18/0x40 [ 13.007853] kasan_save_alloc_info+0x3b/0x50 [ 13.008321] __kasan_kmalloc+0xb7/0xc0 [ 13.008698] __kmalloc_cache_noprof+0x189/0x420 [ 13.009298] kmalloc_memmove_invalid_size+0xac/0x330 [ 13.009798] kunit_try_run_case+0x1a5/0x480 [ 13.010343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.010708] kthread+0x337/0x6f0 [ 13.010991] ret_from_fork+0x116/0x1d0 [ 13.011438] ret_from_fork_asm+0x1a/0x30 [ 13.011666] [ 13.011739] The buggy address belongs to the object at ffff888102c36a80 [ 13.011739] which belongs to the cache kmalloc-64 of size 64 [ 13.012811] The buggy address is located 4 bytes inside of [ 13.012811] allocated 64-byte region [ffff888102c36a80, ffff888102c36ac0) [ 13.013585] [ 13.013681] The buggy address belongs to the physical page: [ 13.014093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c36 [ 13.014795] flags: 0x200000000000000(node=0|zone=2) [ 13.015317] page_type: f5(slab) [ 13.015755] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.016390] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.016626] page dumped because: kasan: bad access detected [ 13.016802] [ 13.017145] Memory state around the buggy address: [ 13.017614] ffff888102c36980: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 13.018485] ffff888102c36a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.019234] >ffff888102c36a80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.019609] ^ [ 13.019969] ffff888102c36b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.020281] ffff888102c36b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.020558] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.960621] ================================================================== [ 12.961959] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.962225] Read of size 18446744073709551614 at addr ffff8881029b5704 by task kunit_try_catch/197 [ 12.962531] [ 12.962645] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.962695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.962706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.962729] Call Trace: [ 12.962742] <TASK> [ 12.963440] dump_stack_lvl+0x73/0xb0 [ 12.963486] print_report+0xd1/0x650 [ 12.963518] ? __virt_addr_valid+0x1db/0x2d0 [ 12.963543] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.963568] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.963590] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.963647] kasan_report+0x141/0x180 [ 12.963669] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.963698] kasan_check_range+0x10c/0x1c0 [ 12.963721] __asan_memmove+0x27/0x70 [ 12.963740] kmalloc_memmove_negative_size+0x171/0x330 [ 12.963766] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.963794] ? __schedule+0x10cc/0x2b60 [ 12.963860] ? __pfx_read_tsc+0x10/0x10 [ 12.963881] ? ktime_get_ts64+0x86/0x230 [ 12.963906] kunit_try_run_case+0x1a5/0x480 [ 12.963931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.963954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.963978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.964001] ? __kthread_parkme+0x82/0x180 [ 12.964022] ? preempt_count_sub+0x50/0x80 [ 12.964046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.964070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.964093] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.964118] kthread+0x337/0x6f0 [ 12.964137] ? trace_preempt_on+0x20/0xc0 [ 12.964160] ? __pfx_kthread+0x10/0x10 [ 12.964180] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.964201] ? calculate_sigpending+0x7b/0xa0 [ 12.964225] ? __pfx_kthread+0x10/0x10 [ 12.964245] ret_from_fork+0x116/0x1d0 [ 12.964263] ? __pfx_kthread+0x10/0x10 [ 12.964283] ret_from_fork_asm+0x1a/0x30 [ 12.964315] </TASK> [ 12.964326] [ 12.972449] Allocated by task 197: [ 12.972670] kasan_save_stack+0x45/0x70 [ 12.972876] kasan_save_track+0x18/0x40 [ 12.973067] kasan_save_alloc_info+0x3b/0x50 [ 12.973521] __kasan_kmalloc+0xb7/0xc0 [ 12.973749] __kmalloc_cache_noprof+0x189/0x420 [ 12.974202] kmalloc_memmove_negative_size+0xac/0x330 [ 12.974440] kunit_try_run_case+0x1a5/0x480 [ 12.974642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.975493] kthread+0x337/0x6f0 [ 12.975707] ret_from_fork+0x116/0x1d0 [ 12.975942] ret_from_fork_asm+0x1a/0x30 [ 12.976130] [ 12.976221] The buggy address belongs to the object at ffff8881029b5700 [ 12.976221] which belongs to the cache kmalloc-64 of size 64 [ 12.976720] The buggy address is located 4 bytes inside of [ 12.976720] 64-byte region [ffff8881029b5700, ffff8881029b5740) [ 12.977986] [ 12.978244] The buggy address belongs to the physical page: [ 12.978722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b5 [ 12.979314] flags: 0x200000000000000(node=0|zone=2) [ 12.979689] page_type: f5(slab) [ 12.980102] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.980740] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.981233] page dumped because: kasan: bad access detected [ 12.981458] [ 12.981549] Memory state around the buggy address: [ 12.981766] ffff8881029b5600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.982567] ffff8881029b5680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.983229] >ffff8881029b5700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.983916] ^ [ 12.984157] ffff8881029b5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.984456] ffff8881029b5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.984753] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.915923] ================================================================== [ 12.916314] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.916605] Write of size 16 at addr ffff8881029add69 by task kunit_try_catch/195 [ 12.916863] [ 12.917037] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.917087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.917117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.917139] Call Trace: [ 12.917152] <TASK> [ 12.917169] dump_stack_lvl+0x73/0xb0 [ 12.917200] print_report+0xd1/0x650 [ 12.917223] ? __virt_addr_valid+0x1db/0x2d0 [ 12.917247] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.917269] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.917292] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.917315] kasan_report+0x141/0x180 [ 12.917336] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.917363] kasan_check_range+0x10c/0x1c0 [ 12.917387] __asan_memset+0x27/0x50 [ 12.917407] kmalloc_oob_memset_16+0x166/0x330 [ 12.917430] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.917473] ? __schedule+0x10cc/0x2b60 [ 12.917496] ? __pfx_read_tsc+0x10/0x10 [ 12.917518] ? ktime_get_ts64+0x86/0x230 [ 12.917543] kunit_try_run_case+0x1a5/0x480 [ 12.917569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.917591] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.917637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.917662] ? __kthread_parkme+0x82/0x180 [ 12.917711] ? preempt_count_sub+0x50/0x80 [ 12.917737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.917761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.917786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.917812] kthread+0x337/0x6f0 [ 12.917833] ? trace_preempt_on+0x20/0xc0 [ 12.917858] ? __pfx_kthread+0x10/0x10 [ 12.917945] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.917968] ? calculate_sigpending+0x7b/0xa0 [ 12.917993] ? __pfx_kthread+0x10/0x10 [ 12.918015] ret_from_fork+0x116/0x1d0 [ 12.918500] ? __pfx_kthread+0x10/0x10 [ 12.918526] ret_from_fork_asm+0x1a/0x30 [ 12.918611] </TASK> [ 12.918623] [ 12.934460] Allocated by task 195: [ 12.934686] kasan_save_stack+0x45/0x70 [ 12.935386] kasan_save_track+0x18/0x40 [ 12.936128] kasan_save_alloc_info+0x3b/0x50 [ 12.936709] __kasan_kmalloc+0xb7/0xc0 [ 12.937321] __kmalloc_cache_noprof+0x189/0x420 [ 12.937761] kmalloc_oob_memset_16+0xac/0x330 [ 12.937979] kunit_try_run_case+0x1a5/0x480 [ 12.938879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.939101] kthread+0x337/0x6f0 [ 12.939260] ret_from_fork+0x116/0x1d0 [ 12.939451] ret_from_fork_asm+0x1a/0x30 [ 12.939652] [ 12.939741] The buggy address belongs to the object at ffff8881029add00 [ 12.939741] which belongs to the cache kmalloc-128 of size 128 [ 12.941747] The buggy address is located 105 bytes inside of [ 12.941747] allocated 120-byte region [ffff8881029add00, ffff8881029add78) [ 12.942236] [ 12.942342] The buggy address belongs to the physical page: [ 12.942567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ad [ 12.942896] flags: 0x200000000000000(node=0|zone=2) [ 12.943109] page_type: f5(slab) [ 12.943266] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.943561] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.945566] page dumped because: kasan: bad access detected [ 12.946715] [ 12.947634] Memory state around the buggy address: [ 12.948346] ffff8881029adc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.949629] ffff8881029adc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.950756] >ffff8881029add00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.951950] ^ [ 12.953167] ffff8881029add80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.954648] ffff8881029ade00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.955605] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.890799] ================================================================== [ 12.891271] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.891640] Write of size 8 at addr ffff8881029adc71 by task kunit_try_catch/193 [ 12.891982] [ 12.892085] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.892154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.892165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.892186] Call Trace: [ 12.892199] <TASK> [ 12.892216] dump_stack_lvl+0x73/0xb0 [ 12.892246] print_report+0xd1/0x650 [ 12.892269] ? __virt_addr_valid+0x1db/0x2d0 [ 12.892294] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.892315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.892338] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.892360] kasan_report+0x141/0x180 [ 12.892400] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.892427] kasan_check_range+0x10c/0x1c0 [ 12.892450] __asan_memset+0x27/0x50 [ 12.892469] kmalloc_oob_memset_8+0x166/0x330 [ 12.892509] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.892532] ? __schedule+0x10cc/0x2b60 [ 12.892555] ? __pfx_read_tsc+0x10/0x10 [ 12.892576] ? ktime_get_ts64+0x86/0x230 [ 12.892613] kunit_try_run_case+0x1a5/0x480 [ 12.892639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.892661] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.892686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.892709] ? __kthread_parkme+0x82/0x180 [ 12.892731] ? preempt_count_sub+0x50/0x80 [ 12.892756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.892780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.892804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.892846] kthread+0x337/0x6f0 [ 12.892864] ? trace_preempt_on+0x20/0xc0 [ 12.892902] ? __pfx_kthread+0x10/0x10 [ 12.892923] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.892944] ? calculate_sigpending+0x7b/0xa0 [ 12.892968] ? __pfx_kthread+0x10/0x10 [ 12.893111] ret_from_fork+0x116/0x1d0 [ 12.893133] ? __pfx_kthread+0x10/0x10 [ 12.893153] ret_from_fork_asm+0x1a/0x30 [ 12.893184] </TASK> [ 12.893195] [ 12.901742] Allocated by task 193: [ 12.902029] kasan_save_stack+0x45/0x70 [ 12.902200] kasan_save_track+0x18/0x40 [ 12.902336] kasan_save_alloc_info+0x3b/0x50 [ 12.902505] __kasan_kmalloc+0xb7/0xc0 [ 12.902668] __kmalloc_cache_noprof+0x189/0x420 [ 12.902955] kmalloc_oob_memset_8+0xac/0x330 [ 12.903205] kunit_try_run_case+0x1a5/0x480 [ 12.903416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.903660] kthread+0x337/0x6f0 [ 12.903803] ret_from_fork+0x116/0x1d0 [ 12.903938] ret_from_fork_asm+0x1a/0x30 [ 12.904079] [ 12.904149] The buggy address belongs to the object at ffff8881029adc00 [ 12.904149] which belongs to the cache kmalloc-128 of size 128 [ 12.904713] The buggy address is located 113 bytes inside of [ 12.904713] allocated 120-byte region [ffff8881029adc00, ffff8881029adc78) [ 12.905320] [ 12.905451] The buggy address belongs to the physical page: [ 12.905737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ad [ 12.906197] flags: 0x200000000000000(node=0|zone=2) [ 12.906436] page_type: f5(slab) [ 12.906560] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.906804] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.907194] page dumped because: kasan: bad access detected [ 12.907466] [ 12.907579] Memory state around the buggy address: [ 12.907856] ffff8881029adb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.908219] ffff8881029adb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.908563] >ffff8881029adc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.909277] ^ [ 12.909502] ffff8881029adc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.909947] ffff8881029add00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.910307] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.866177] ================================================================== [ 12.866674] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.867170] Write of size 4 at addr ffff8881029adb75 by task kunit_try_catch/191 [ 12.867428] [ 12.867543] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.867587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.867611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.867631] Call Trace: [ 12.867644] <TASK> [ 12.867660] dump_stack_lvl+0x73/0xb0 [ 12.867691] print_report+0xd1/0x650 [ 12.867713] ? __virt_addr_valid+0x1db/0x2d0 [ 12.867736] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.867757] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.867780] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.867801] kasan_report+0x141/0x180 [ 12.867822] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.867847] kasan_check_range+0x10c/0x1c0 [ 12.867870] __asan_memset+0x27/0x50 [ 12.867888] kmalloc_oob_memset_4+0x166/0x330 [ 12.867910] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.867932] ? __schedule+0x10cc/0x2b60 [ 12.867954] ? __pfx_read_tsc+0x10/0x10 [ 12.867975] ? ktime_get_ts64+0x86/0x230 [ 12.868000] kunit_try_run_case+0x1a5/0x480 [ 12.868026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.868048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.868097] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.868120] ? __kthread_parkme+0x82/0x180 [ 12.868141] ? preempt_count_sub+0x50/0x80 [ 12.868165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.868189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.868213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.868237] kthread+0x337/0x6f0 [ 12.868255] ? trace_preempt_on+0x20/0xc0 [ 12.868279] ? __pfx_kthread+0x10/0x10 [ 12.868299] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.868319] ? calculate_sigpending+0x7b/0xa0 [ 12.868343] ? __pfx_kthread+0x10/0x10 [ 12.868363] ret_from_fork+0x116/0x1d0 [ 12.868381] ? __pfx_kthread+0x10/0x10 [ 12.868401] ret_from_fork_asm+0x1a/0x30 [ 12.868432] </TASK> [ 12.868442] [ 12.876728] Allocated by task 191: [ 12.877156] kasan_save_stack+0x45/0x70 [ 12.877402] kasan_save_track+0x18/0x40 [ 12.877624] kasan_save_alloc_info+0x3b/0x50 [ 12.877861] __kasan_kmalloc+0xb7/0xc0 [ 12.878069] __kmalloc_cache_noprof+0x189/0x420 [ 12.878393] kmalloc_oob_memset_4+0xac/0x330 [ 12.878605] kunit_try_run_case+0x1a5/0x480 [ 12.878934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.879117] kthread+0x337/0x6f0 [ 12.879242] ret_from_fork+0x116/0x1d0 [ 12.879389] ret_from_fork_asm+0x1a/0x30 [ 12.879587] [ 12.879722] The buggy address belongs to the object at ffff8881029adb00 [ 12.879722] which belongs to the cache kmalloc-128 of size 128 [ 12.880577] The buggy address is located 117 bytes inside of [ 12.880577] allocated 120-byte region [ffff8881029adb00, ffff8881029adb78) [ 12.881788] [ 12.882407] The buggy address belongs to the physical page: [ 12.882623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ad [ 12.883359] flags: 0x200000000000000(node=0|zone=2) [ 12.883618] page_type: f5(slab) [ 12.883887] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.884352] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.884695] page dumped because: kasan: bad access detected [ 12.885117] [ 12.885218] Memory state around the buggy address: [ 12.885428] ffff8881029ada00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.885770] ffff8881029ada80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.886340] >ffff8881029adb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.886893] ^ [ 12.887169] ffff8881029adb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.887495] ffff8881029adc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.887788] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.836979] ================================================================== [ 12.838148] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.838750] Write of size 2 at addr ffff888102c29e77 by task kunit_try_catch/189 [ 12.839264] [ 12.839362] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.839410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.839421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.839441] Call Trace: [ 12.839457] <TASK> [ 12.839475] dump_stack_lvl+0x73/0xb0 [ 12.839528] print_report+0xd1/0x650 [ 12.839551] ? __virt_addr_valid+0x1db/0x2d0 [ 12.839586] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.839617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.839641] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.839674] kasan_report+0x141/0x180 [ 12.839696] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.839722] kasan_check_range+0x10c/0x1c0 [ 12.839757] __asan_memset+0x27/0x50 [ 12.840033] kmalloc_oob_memset_2+0x166/0x330 [ 12.840061] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.840100] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.840127] kunit_try_run_case+0x1a5/0x480 [ 12.840153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.840186] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.840211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.840234] ? __kthread_parkme+0x82/0x180 [ 12.840267] ? preempt_count_sub+0x50/0x80 [ 12.840293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.840317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.840341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.840365] kthread+0x337/0x6f0 [ 12.840383] ? trace_preempt_on+0x20/0xc0 [ 12.840407] ? __pfx_kthread+0x10/0x10 [ 12.840427] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.840448] ? calculate_sigpending+0x7b/0xa0 [ 12.840472] ? __pfx_kthread+0x10/0x10 [ 12.840493] ret_from_fork+0x116/0x1d0 [ 12.840512] ? __pfx_kthread+0x10/0x10 [ 12.840531] ret_from_fork_asm+0x1a/0x30 [ 12.840564] </TASK> [ 12.840574] [ 12.853159] Allocated by task 189: [ 12.853650] kasan_save_stack+0x45/0x70 [ 12.853881] kasan_save_track+0x18/0x40 [ 12.854300] kasan_save_alloc_info+0x3b/0x50 [ 12.854459] __kasan_kmalloc+0xb7/0xc0 [ 12.854605] __kmalloc_cache_noprof+0x189/0x420 [ 12.854766] kmalloc_oob_memset_2+0xac/0x330 [ 12.855270] kunit_try_run_case+0x1a5/0x480 [ 12.855690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.856247] kthread+0x337/0x6f0 [ 12.856739] ret_from_fork+0x116/0x1d0 [ 12.857222] ret_from_fork_asm+0x1a/0x30 [ 12.857612] [ 12.857747] The buggy address belongs to the object at ffff888102c29e00 [ 12.857747] which belongs to the cache kmalloc-128 of size 128 [ 12.858363] The buggy address is located 119 bytes inside of [ 12.858363] allocated 120-byte region [ffff888102c29e00, ffff888102c29e78) [ 12.858740] [ 12.858859] The buggy address belongs to the physical page: [ 12.859031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c29 [ 12.859391] flags: 0x200000000000000(node=0|zone=2) [ 12.859723] page_type: f5(slab) [ 12.860003] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.860241] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.860619] page dumped because: kasan: bad access detected [ 12.860981] [ 12.861173] Memory state around the buggy address: [ 12.861388] ffff888102c29d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.861663] ffff888102c29d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.861924] >ffff888102c29e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.862241] ^ [ 12.862671] ffff888102c29e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.863001] ffff888102c29f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.863351] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.804005] ================================================================== [ 12.804554] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.805061] Write of size 128 at addr ffff888102c29d00 by task kunit_try_catch/187 [ 12.805850] [ 12.806092] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.806140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.806152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.806173] Call Trace: [ 12.806186] <TASK> [ 12.806203] dump_stack_lvl+0x73/0xb0 [ 12.806236] print_report+0xd1/0x650 [ 12.806258] ? __virt_addr_valid+0x1db/0x2d0 [ 12.806283] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.806305] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.806328] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.806350] kasan_report+0x141/0x180 [ 12.806371] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.806397] kasan_check_range+0x10c/0x1c0 [ 12.806420] __asan_memset+0x27/0x50 [ 12.806439] kmalloc_oob_in_memset+0x15f/0x320 [ 12.806460] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.806483] ? __schedule+0x10cc/0x2b60 [ 12.806505] ? __pfx_read_tsc+0x10/0x10 [ 12.806527] ? ktime_get_ts64+0x86/0x230 [ 12.806553] kunit_try_run_case+0x1a5/0x480 [ 12.806578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.806616] ? irqentry_exit+0x2a/0x60 [ 12.806640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.806668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.806692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.806715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.806740] kthread+0x337/0x6f0 [ 12.806833] ? trace_preempt_on+0x20/0xc0 [ 12.806861] ? __pfx_kthread+0x10/0x10 [ 12.806893] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.806919] ? calculate_sigpending+0x7b/0xa0 [ 12.806944] ? __pfx_kthread+0x10/0x10 [ 12.806964] ret_from_fork+0x116/0x1d0 [ 12.806983] ? __pfx_kthread+0x10/0x10 [ 12.807002] ret_from_fork_asm+0x1a/0x30 [ 12.807036] </TASK> [ 12.807046] [ 12.821049] Allocated by task 187: [ 12.821366] kasan_save_stack+0x45/0x70 [ 12.821710] kasan_save_track+0x18/0x40 [ 12.821858] kasan_save_alloc_info+0x3b/0x50 [ 12.822008] __kasan_kmalloc+0xb7/0xc0 [ 12.822141] __kmalloc_cache_noprof+0x189/0x420 [ 12.822298] kmalloc_oob_in_memset+0xac/0x320 [ 12.822445] kunit_try_run_case+0x1a5/0x480 [ 12.822591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.822777] kthread+0x337/0x6f0 [ 12.822905] ret_from_fork+0x116/0x1d0 [ 12.823198] ret_from_fork_asm+0x1a/0x30 [ 12.823468] [ 12.823655] The buggy address belongs to the object at ffff888102c29d00 [ 12.823655] which belongs to the cache kmalloc-128 of size 128 [ 12.824647] The buggy address is located 0 bytes inside of [ 12.824647] allocated 120-byte region [ffff888102c29d00, ffff888102c29d78) [ 12.825946] [ 12.826030] The buggy address belongs to the physical page: [ 12.826205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c29 [ 12.826448] flags: 0x200000000000000(node=0|zone=2) [ 12.826625] page_type: f5(slab) [ 12.826747] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.827547] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.828317] page dumped because: kasan: bad access detected [ 12.829014] [ 12.829176] Memory state around the buggy address: [ 12.829635] ffff888102c29c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.830303] ffff888102c29c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.830994] >ffff888102c29d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.831513] ^ [ 12.832105] ffff888102c29d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.832611] ffff888102c29e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.833232] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.776710] ================================================================== [ 12.777677] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.777941] Read of size 16 at addr ffff8881024345e0 by task kunit_try_catch/185 [ 12.778224] [ 12.778349] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.778396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.778408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.778429] Call Trace: [ 12.778440] <TASK> [ 12.778455] dump_stack_lvl+0x73/0xb0 [ 12.778484] print_report+0xd1/0x650 [ 12.778506] ? __virt_addr_valid+0x1db/0x2d0 [ 12.778528] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.778548] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.778570] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.778591] kasan_report+0x141/0x180 [ 12.778624] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.778648] __asan_report_load16_noabort+0x18/0x20 [ 12.778672] kmalloc_uaf_16+0x47b/0x4c0 [ 12.778693] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.778714] ? __schedule+0x10cc/0x2b60 [ 12.778736] ? __pfx_read_tsc+0x10/0x10 [ 12.778757] ? ktime_get_ts64+0x86/0x230 [ 12.778792] kunit_try_run_case+0x1a5/0x480 [ 12.778831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.778854] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.778877] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.778900] ? __kthread_parkme+0x82/0x180 [ 12.778932] ? preempt_count_sub+0x50/0x80 [ 12.778957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.778981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.779004] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.779031] kthread+0x337/0x6f0 [ 12.779050] ? trace_preempt_on+0x20/0xc0 [ 12.779074] ? __pfx_kthread+0x10/0x10 [ 12.779093] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.779114] ? calculate_sigpending+0x7b/0xa0 [ 12.779138] ? __pfx_kthread+0x10/0x10 [ 12.779158] ret_from_fork+0x116/0x1d0 [ 12.779177] ? __pfx_kthread+0x10/0x10 [ 12.779196] ret_from_fork_asm+0x1a/0x30 [ 12.779227] </TASK> [ 12.779237] [ 12.786534] Allocated by task 185: [ 12.786725] kasan_save_stack+0x45/0x70 [ 12.787081] kasan_save_track+0x18/0x40 [ 12.787240] kasan_save_alloc_info+0x3b/0x50 [ 12.787388] __kasan_kmalloc+0xb7/0xc0 [ 12.787520] __kmalloc_cache_noprof+0x189/0x420 [ 12.787688] kmalloc_uaf_16+0x15b/0x4c0 [ 12.787823] kunit_try_run_case+0x1a5/0x480 [ 12.788491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.788994] kthread+0x337/0x6f0 [ 12.789163] ret_from_fork+0x116/0x1d0 [ 12.789351] ret_from_fork_asm+0x1a/0x30 [ 12.789548] [ 12.789721] Freed by task 185: [ 12.790044] kasan_save_stack+0x45/0x70 [ 12.790217] kasan_save_track+0x18/0x40 [ 12.790415] kasan_save_free_info+0x3f/0x60 [ 12.790638] __kasan_slab_free+0x56/0x70 [ 12.791250] kfree+0x222/0x3f0 [ 12.791723] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.792008] kunit_try_run_case+0x1a5/0x480 [ 12.792271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.792501] kthread+0x337/0x6f0 [ 12.792655] ret_from_fork+0x116/0x1d0 [ 12.793084] ret_from_fork_asm+0x1a/0x30 [ 12.793501] [ 12.793578] The buggy address belongs to the object at ffff8881024345e0 [ 12.793578] which belongs to the cache kmalloc-16 of size 16 [ 12.794528] The buggy address is located 0 bytes inside of [ 12.794528] freed 16-byte region [ffff8881024345e0, ffff8881024345f0) [ 12.795001] [ 12.795204] The buggy address belongs to the physical page: [ 12.795530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 12.796044] flags: 0x200000000000000(node=0|zone=2) [ 12.796365] page_type: f5(slab) [ 12.796580] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.796952] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.797405] page dumped because: kasan: bad access detected [ 12.797622] [ 12.797887] Memory state around the buggy address: [ 12.798177] ffff888102434480: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 12.798494] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.798790] >ffff888102434580: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 12.799260] ^ [ 12.799621] ffff888102434600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.800188] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.800693] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.754326] ================================================================== [ 12.754788] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.755175] Write of size 16 at addr ffff888102434580 by task kunit_try_catch/183 [ 12.755471] [ 12.755587] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.755644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.755655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.755675] Call Trace: [ 12.755686] <TASK> [ 12.755702] dump_stack_lvl+0x73/0xb0 [ 12.755730] print_report+0xd1/0x650 [ 12.755752] ? __virt_addr_valid+0x1db/0x2d0 [ 12.755775] ? kmalloc_oob_16+0x452/0x4a0 [ 12.755815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.755854] ? kmalloc_oob_16+0x452/0x4a0 [ 12.755875] kasan_report+0x141/0x180 [ 12.755897] ? kmalloc_oob_16+0x452/0x4a0 [ 12.755922] __asan_report_store16_noabort+0x1b/0x30 [ 12.755949] kmalloc_oob_16+0x452/0x4a0 [ 12.755970] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.755994] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.756018] kunit_try_run_case+0x1a5/0x480 [ 12.756042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.756064] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.756089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.756112] ? __kthread_parkme+0x82/0x180 [ 12.756133] ? preempt_count_sub+0x50/0x80 [ 12.756158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.756182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.756206] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.756232] kthread+0x337/0x6f0 [ 12.756250] ? trace_preempt_on+0x20/0xc0 [ 12.756273] ? __pfx_kthread+0x10/0x10 [ 12.756292] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.756313] ? calculate_sigpending+0x7b/0xa0 [ 12.756337] ? __pfx_kthread+0x10/0x10 [ 12.756357] ret_from_fork+0x116/0x1d0 [ 12.756375] ? __pfx_kthread+0x10/0x10 [ 12.756395] ret_from_fork_asm+0x1a/0x30 [ 12.756424] </TASK> [ 12.756434] [ 12.763414] Allocated by task 183: [ 12.763605] kasan_save_stack+0x45/0x70 [ 12.763858] kasan_save_track+0x18/0x40 [ 12.764052] kasan_save_alloc_info+0x3b/0x50 [ 12.764263] __kasan_kmalloc+0xb7/0xc0 [ 12.764431] __kmalloc_cache_noprof+0x189/0x420 [ 12.764623] kmalloc_oob_16+0xa8/0x4a0 [ 12.764755] kunit_try_run_case+0x1a5/0x480 [ 12.764962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.765522] kthread+0x337/0x6f0 [ 12.765697] ret_from_fork+0x116/0x1d0 [ 12.765929] ret_from_fork_asm+0x1a/0x30 [ 12.766100] [ 12.766172] The buggy address belongs to the object at ffff888102434580 [ 12.766172] which belongs to the cache kmalloc-16 of size 16 [ 12.766637] The buggy address is located 0 bytes inside of [ 12.766637] allocated 13-byte region [ffff888102434580, ffff88810243458d) [ 12.767187] [ 12.767281] The buggy address belongs to the physical page: [ 12.767553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102434 [ 12.767825] flags: 0x200000000000000(node=0|zone=2) [ 12.768062] page_type: f5(slab) [ 12.768281] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.768588] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.768861] page dumped because: kasan: bad access detected [ 12.769218] [ 12.769309] Memory state around the buggy address: [ 12.769465] ffff888102434480: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 12.769690] ffff888102434500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.769919] >ffff888102434580: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 12.770536] ^ [ 12.770715] ffff888102434600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.771119] ffff888102434680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.771327] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.723801] ================================================================== [ 12.724099] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.724574] Read of size 1 at addr ffff888100341a00 by task kunit_try_catch/181 [ 12.725803] [ 12.725916] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.725963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.725973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.725994] Call Trace: [ 12.726013] <TASK> [ 12.726033] dump_stack_lvl+0x73/0xb0 [ 12.726066] print_report+0xd1/0x650 [ 12.726089] ? __virt_addr_valid+0x1db/0x2d0 [ 12.726113] ? krealloc_uaf+0x53c/0x5e0 [ 12.726132] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.726155] ? krealloc_uaf+0x53c/0x5e0 [ 12.726175] kasan_report+0x141/0x180 [ 12.726196] ? krealloc_uaf+0x53c/0x5e0 [ 12.726221] __asan_report_load1_noabort+0x18/0x20 [ 12.726245] krealloc_uaf+0x53c/0x5e0 [ 12.726266] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.726286] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.726316] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.726340] kunit_try_run_case+0x1a5/0x480 [ 12.726365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.726387] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.726411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.726434] ? __kthread_parkme+0x82/0x180 [ 12.726455] ? preempt_count_sub+0x50/0x80 [ 12.726480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.726503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.726527] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.726551] kthread+0x337/0x6f0 [ 12.726569] ? trace_preempt_on+0x20/0xc0 [ 12.726606] ? __pfx_kthread+0x10/0x10 [ 12.726626] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.726647] ? calculate_sigpending+0x7b/0xa0 [ 12.726671] ? __pfx_kthread+0x10/0x10 [ 12.726692] ret_from_fork+0x116/0x1d0 [ 12.726830] ? __pfx_kthread+0x10/0x10 [ 12.726854] ret_from_fork_asm+0x1a/0x30 [ 12.726885] </TASK> [ 12.726896] [ 12.736741] Allocated by task 181: [ 12.737234] kasan_save_stack+0x45/0x70 [ 12.737396] kasan_save_track+0x18/0x40 [ 12.737585] kasan_save_alloc_info+0x3b/0x50 [ 12.737813] __kasan_kmalloc+0xb7/0xc0 [ 12.738054] __kmalloc_cache_noprof+0x189/0x420 [ 12.738226] krealloc_uaf+0xbb/0x5e0 [ 12.738382] kunit_try_run_case+0x1a5/0x480 [ 12.738603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.738924] kthread+0x337/0x6f0 [ 12.739073] ret_from_fork+0x116/0x1d0 [ 12.739223] ret_from_fork_asm+0x1a/0x30 [ 12.739414] [ 12.739526] Freed by task 181: [ 12.739671] kasan_save_stack+0x45/0x70 [ 12.739879] kasan_save_track+0x18/0x40 [ 12.740038] kasan_save_free_info+0x3f/0x60 [ 12.740239] __kasan_slab_free+0x56/0x70 [ 12.740392] kfree+0x222/0x3f0 [ 12.740508] krealloc_uaf+0x13d/0x5e0 [ 12.740647] kunit_try_run_case+0x1a5/0x480 [ 12.740852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.741154] kthread+0x337/0x6f0 [ 12.741322] ret_from_fork+0x116/0x1d0 [ 12.741509] ret_from_fork_asm+0x1a/0x30 [ 12.741693] [ 12.741764] The buggy address belongs to the object at ffff888100341a00 [ 12.741764] which belongs to the cache kmalloc-256 of size 256 [ 12.742400] The buggy address is located 0 bytes inside of [ 12.742400] freed 256-byte region [ffff888100341a00, ffff888100341b00) [ 12.743146] [ 12.743252] The buggy address belongs to the physical page: [ 12.743451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 12.743798] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.744041] flags: 0x200000000000040(head|node=0|zone=2) [ 12.744215] page_type: f5(slab) [ 12.744344] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.744742] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.745068] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.745383] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.745679] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 12.746283] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.746561] page dumped because: kasan: bad access detected [ 12.746770] [ 12.746987] Memory state around the buggy address: [ 12.747197] ffff888100341900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.747461] ffff888100341980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.747753] >ffff888100341a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.748288] ^ [ 12.748453] ffff888100341a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.748757] ffff888100341b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.749102] ================================================================== [ 12.689127] ================================================================== [ 12.689681] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.690339] Read of size 1 at addr ffff888100341a00 by task kunit_try_catch/181 [ 12.690572] [ 12.690718] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.690777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.690788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.690808] Call Trace: [ 12.690820] <TASK> [ 12.690843] dump_stack_lvl+0x73/0xb0 [ 12.690875] print_report+0xd1/0x650 [ 12.690898] ? __virt_addr_valid+0x1db/0x2d0 [ 12.690923] ? krealloc_uaf+0x1b8/0x5e0 [ 12.690943] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.690965] ? krealloc_uaf+0x1b8/0x5e0 [ 12.691010] kasan_report+0x141/0x180 [ 12.691031] ? krealloc_uaf+0x1b8/0x5e0 [ 12.691065] ? krealloc_uaf+0x1b8/0x5e0 [ 12.691103] __kasan_check_byte+0x3d/0x50 [ 12.691125] krealloc_noprof+0x3f/0x340 [ 12.691148] krealloc_uaf+0x1b8/0x5e0 [ 12.691178] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.691198] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.691239] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.691264] kunit_try_run_case+0x1a5/0x480 [ 12.691289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.691311] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.691337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.691360] ? __kthread_parkme+0x82/0x180 [ 12.691382] ? preempt_count_sub+0x50/0x80 [ 12.691407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.691430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.691454] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.691478] kthread+0x337/0x6f0 [ 12.691496] ? trace_preempt_on+0x20/0xc0 [ 12.691520] ? __pfx_kthread+0x10/0x10 [ 12.691539] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.691561] ? calculate_sigpending+0x7b/0xa0 [ 12.691585] ? __pfx_kthread+0x10/0x10 [ 12.691616] ret_from_fork+0x116/0x1d0 [ 12.691636] ? __pfx_kthread+0x10/0x10 [ 12.691656] ret_from_fork_asm+0x1a/0x30 [ 12.691687] </TASK> [ 12.691697] [ 12.699654] Allocated by task 181: [ 12.700171] kasan_save_stack+0x45/0x70 [ 12.700364] kasan_save_track+0x18/0x40 [ 12.700542] kasan_save_alloc_info+0x3b/0x50 [ 12.700750] __kasan_kmalloc+0xb7/0xc0 [ 12.701704] __kmalloc_cache_noprof+0x189/0x420 [ 12.702001] krealloc_uaf+0xbb/0x5e0 [ 12.702173] kunit_try_run_case+0x1a5/0x480 [ 12.702365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.702609] kthread+0x337/0x6f0 [ 12.702766] ret_from_fork+0x116/0x1d0 [ 12.703352] ret_from_fork_asm+0x1a/0x30 [ 12.703707] [ 12.704022] Freed by task 181: [ 12.704367] kasan_save_stack+0x45/0x70 [ 12.704553] kasan_save_track+0x18/0x40 [ 12.704742] kasan_save_free_info+0x3f/0x60 [ 12.705314] __kasan_slab_free+0x56/0x70 [ 12.705696] kfree+0x222/0x3f0 [ 12.706168] krealloc_uaf+0x13d/0x5e0 [ 12.706451] kunit_try_run_case+0x1a5/0x480 [ 12.706888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.707092] kthread+0x337/0x6f0 [ 12.707410] ret_from_fork+0x116/0x1d0 [ 12.707903] ret_from_fork_asm+0x1a/0x30 [ 12.708437] [ 12.708803] The buggy address belongs to the object at ffff888100341a00 [ 12.708803] which belongs to the cache kmalloc-256 of size 256 [ 12.709881] The buggy address is located 0 bytes inside of [ 12.709881] freed 256-byte region [ffff888100341a00, ffff888100341b00) [ 12.710914] [ 12.711210] The buggy address belongs to the physical page: [ 12.711965] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 12.712532] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.712784] flags: 0x200000000000040(head|node=0|zone=2) [ 12.713543] page_type: f5(slab) [ 12.714001] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.715038] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.715553] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.715839] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.716735] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 12.717543] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.718294] page dumped because: kasan: bad access detected [ 12.718882] [ 12.719172] Memory state around the buggy address: [ 12.719343] ffff888100341900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.719569] ffff888100341980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.720242] >ffff888100341a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.721035] ^ [ 12.721426] ffff888100341a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.722205] ffff888100341b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.723167] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.459652] ================================================================== [ 12.460262] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.460637] Write of size 1 at addr ffff8881003418da by task kunit_try_catch/175 [ 12.461145] [ 12.461440] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.461486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.461497] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.461517] Call Trace: [ 12.461635] <TASK> [ 12.461652] dump_stack_lvl+0x73/0xb0 [ 12.461684] print_report+0xd1/0x650 [ 12.461705] ? __virt_addr_valid+0x1db/0x2d0 [ 12.461728] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.461752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.461774] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.461798] kasan_report+0x141/0x180 [ 12.461872] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.461900] __asan_report_store1_noabort+0x1b/0x30 [ 12.461925] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.461950] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.461974] ? finish_task_switch.isra.0+0x153/0x700 [ 12.461997] ? __switch_to+0x47/0xf50 [ 12.462021] ? __schedule+0x10cc/0x2b60 [ 12.462043] ? __pfx_read_tsc+0x10/0x10 [ 12.462067] krealloc_less_oob+0x1c/0x30 [ 12.462088] kunit_try_run_case+0x1a5/0x480 [ 12.462113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.462137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.462162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.462186] ? __kthread_parkme+0x82/0x180 [ 12.462207] ? preempt_count_sub+0x50/0x80 [ 12.462229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.462252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.462276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.462301] kthread+0x337/0x6f0 [ 12.462319] ? trace_preempt_on+0x20/0xc0 [ 12.462342] ? __pfx_kthread+0x10/0x10 [ 12.462362] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.462384] ? calculate_sigpending+0x7b/0xa0 [ 12.462409] ? __pfx_kthread+0x10/0x10 [ 12.462429] ret_from_fork+0x116/0x1d0 [ 12.462448] ? __pfx_kthread+0x10/0x10 [ 12.462467] ret_from_fork_asm+0x1a/0x30 [ 12.462498] </TASK> [ 12.462507] [ 12.473745] Allocated by task 175: [ 12.473997] kasan_save_stack+0x45/0x70 [ 12.474292] kasan_save_track+0x18/0x40 [ 12.474492] kasan_save_alloc_info+0x3b/0x50 [ 12.475135] __kasan_krealloc+0x190/0x1f0 [ 12.475347] krealloc_noprof+0xf3/0x340 [ 12.475536] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.475777] krealloc_less_oob+0x1c/0x30 [ 12.476286] kunit_try_run_case+0x1a5/0x480 [ 12.476467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.476952] kthread+0x337/0x6f0 [ 12.477101] ret_from_fork+0x116/0x1d0 [ 12.477446] ret_from_fork_asm+0x1a/0x30 [ 12.477759] [ 12.477856] The buggy address belongs to the object at ffff888100341800 [ 12.477856] which belongs to the cache kmalloc-256 of size 256 [ 12.478652] The buggy address is located 17 bytes to the right of [ 12.478652] allocated 201-byte region [ffff888100341800, ffff8881003418c9) [ 12.479551] [ 12.479674] The buggy address belongs to the physical page: [ 12.480319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 12.480887] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.481300] flags: 0x200000000000040(head|node=0|zone=2) [ 12.481654] page_type: f5(slab) [ 12.481829] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.482325] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.482671] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.483192] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.483624] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 12.484151] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.484560] page dumped because: kasan: bad access detected [ 12.484947] [ 12.485150] Memory state around the buggy address: [ 12.485722] ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.486189] ffff888100341800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.486475] >ffff888100341880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.487029] ^ [ 12.487297] ffff888100341900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.487667] ffff888100341980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.488172] ================================================================== [ 12.646899] ================================================================== [ 12.647453] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.647718] Write of size 1 at addr ffff888101eae0ea by task kunit_try_catch/179 [ 12.649707] [ 12.649933] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.649980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.649991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.650011] Call Trace: [ 12.650026] <TASK> [ 12.650042] dump_stack_lvl+0x73/0xb0 [ 12.650072] print_report+0xd1/0x650 [ 12.650094] ? __virt_addr_valid+0x1db/0x2d0 [ 12.650117] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.650140] ? kasan_addr_to_slab+0x11/0xa0 [ 12.650161] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.650185] kasan_report+0x141/0x180 [ 12.650206] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.650234] __asan_report_store1_noabort+0x1b/0x30 [ 12.650259] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.650284] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.650308] ? finish_task_switch.isra.0+0x153/0x700 [ 12.650330] ? __switch_to+0x47/0xf50 [ 12.650354] ? __schedule+0x10cc/0x2b60 [ 12.650375] ? __pfx_read_tsc+0x10/0x10 [ 12.650398] krealloc_large_less_oob+0x1c/0x30 [ 12.650421] kunit_try_run_case+0x1a5/0x480 [ 12.650444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.650466] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.650489] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.650512] ? __kthread_parkme+0x82/0x180 [ 12.650532] ? preempt_count_sub+0x50/0x80 [ 12.650554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.650578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.650624] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.650649] kthread+0x337/0x6f0 [ 12.650667] ? trace_preempt_on+0x20/0xc0 [ 12.650690] ? __pfx_kthread+0x10/0x10 [ 12.650709] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.650730] ? calculate_sigpending+0x7b/0xa0 [ 12.650754] ? __pfx_kthread+0x10/0x10 [ 12.650774] ret_from_fork+0x116/0x1d0 [ 12.650804] ? __pfx_kthread+0x10/0x10 [ 12.650828] ret_from_fork_asm+0x1a/0x30 [ 12.650858] </TASK> [ 12.650868] [ 12.659353] The buggy address belongs to the physical page: [ 12.659557] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101eac [ 12.659897] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.660125] flags: 0x200000000000040(head|node=0|zone=2) [ 12.660573] page_type: f8(unknown) [ 12.660785] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.661196] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.661430] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.662946] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.663269] head: 0200000000000002 ffffea000407ab01 00000000ffffffff 00000000ffffffff [ 12.663561] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.663879] page dumped because: kasan: bad access detected [ 12.664133] [ 12.664215] Memory state around the buggy address: [ 12.664447] ffff888101eadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.664768] ffff888101eae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.665158] >ffff888101eae080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.665425] ^ [ 12.665722] ffff888101eae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.666119] ffff888101eae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.666401] ================================================================== [ 12.593382] ================================================================== [ 12.594060] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.594374] Write of size 1 at addr ffff888101eae0c9 by task kunit_try_catch/179 [ 12.594707] [ 12.595143] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.595338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.595354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.595375] Call Trace: [ 12.595390] <TASK> [ 12.595406] dump_stack_lvl+0x73/0xb0 [ 12.595439] print_report+0xd1/0x650 [ 12.595461] ? __virt_addr_valid+0x1db/0x2d0 [ 12.595484] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.595507] ? kasan_addr_to_slab+0x11/0xa0 [ 12.595527] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.595551] kasan_report+0x141/0x180 [ 12.595571] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.595611] __asan_report_store1_noabort+0x1b/0x30 [ 12.595635] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.595660] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.595684] ? finish_task_switch.isra.0+0x153/0x700 [ 12.595708] ? __switch_to+0x47/0xf50 [ 12.595732] ? __schedule+0x10cc/0x2b60 [ 12.595754] ? __pfx_read_tsc+0x10/0x10 [ 12.595793] krealloc_large_less_oob+0x1c/0x30 [ 12.595817] kunit_try_run_case+0x1a5/0x480 [ 12.595843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.595866] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.595890] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.595913] ? __kthread_parkme+0x82/0x180 [ 12.595934] ? preempt_count_sub+0x50/0x80 [ 12.595956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.595980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.596003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.596028] kthread+0x337/0x6f0 [ 12.596046] ? trace_preempt_on+0x20/0xc0 [ 12.596069] ? __pfx_kthread+0x10/0x10 [ 12.596089] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.596110] ? calculate_sigpending+0x7b/0xa0 [ 12.596134] ? __pfx_kthread+0x10/0x10 [ 12.596154] ret_from_fork+0x116/0x1d0 [ 12.596171] ? __pfx_kthread+0x10/0x10 [ 12.596191] ret_from_fork_asm+0x1a/0x30 [ 12.596222] </TASK> [ 12.596232] [ 12.605260] The buggy address belongs to the physical page: [ 12.605515] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101eac [ 12.605851] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.606169] flags: 0x200000000000040(head|node=0|zone=2) [ 12.606355] page_type: f8(unknown) [ 12.606531] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.607050] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.607344] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.607666] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.608104] head: 0200000000000002 ffffea000407ab01 00000000ffffffff 00000000ffffffff [ 12.608401] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.608720] page dumped because: kasan: bad access detected [ 12.608993] [ 12.609077] Memory state around the buggy address: [ 12.609233] ffff888101eadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.609460] ffff888101eae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.609789] >ffff888101eae080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.610100] ^ [ 12.610676] ffff888101eae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.611111] ffff888101eae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.611392] ================================================================== [ 12.628118] ================================================================== [ 12.628461] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.628973] Write of size 1 at addr ffff888101eae0da by task kunit_try_catch/179 [ 12.629263] [ 12.629354] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.629395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.629406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.629426] Call Trace: [ 12.629439] <TASK> [ 12.629454] dump_stack_lvl+0x73/0xb0 [ 12.629485] print_report+0xd1/0x650 [ 12.629508] ? __virt_addr_valid+0x1db/0x2d0 [ 12.629531] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.629554] ? kasan_addr_to_slab+0x11/0xa0 [ 12.629574] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.629611] kasan_report+0x141/0x180 [ 12.629632] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.629660] __asan_report_store1_noabort+0x1b/0x30 [ 12.629685] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.629711] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.629735] ? finish_task_switch.isra.0+0x153/0x700 [ 12.629758] ? __switch_to+0x47/0xf50 [ 12.629783] ? __schedule+0x10cc/0x2b60 [ 12.629804] ? __pfx_read_tsc+0x10/0x10 [ 12.629879] krealloc_large_less_oob+0x1c/0x30 [ 12.629904] kunit_try_run_case+0x1a5/0x480 [ 12.629932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.629955] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.629980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.630004] ? __kthread_parkme+0x82/0x180 [ 12.630024] ? preempt_count_sub+0x50/0x80 [ 12.630047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.630071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.630096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.630121] kthread+0x337/0x6f0 [ 12.630139] ? trace_preempt_on+0x20/0xc0 [ 12.630163] ? __pfx_kthread+0x10/0x10 [ 12.630182] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.630203] ? calculate_sigpending+0x7b/0xa0 [ 12.630227] ? __pfx_kthread+0x10/0x10 [ 12.630248] ret_from_fork+0x116/0x1d0 [ 12.630267] ? __pfx_kthread+0x10/0x10 [ 12.630287] ret_from_fork_asm+0x1a/0x30 [ 12.630317] </TASK> [ 12.630327] [ 12.638207] The buggy address belongs to the physical page: [ 12.638392] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101eac [ 12.638810] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.639163] flags: 0x200000000000040(head|node=0|zone=2) [ 12.639452] page_type: f8(unknown) [ 12.639581] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.639903] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.640133] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.640736] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.641173] head: 0200000000000002 ffffea000407ab01 00000000ffffffff 00000000ffffffff [ 12.641518] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.641937] page dumped because: kasan: bad access detected [ 12.642147] [ 12.642216] Memory state around the buggy address: [ 12.642371] ffff888101eadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.642587] ffff888101eae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.643904] >ffff888101eae080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.644714] ^ [ 12.645533] ffff888101eae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.646294] ffff888101eae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.646517] ================================================================== [ 12.488713] ================================================================== [ 12.488945] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.489689] Write of size 1 at addr ffff8881003418ea by task kunit_try_catch/175 [ 12.490293] [ 12.490408] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.490610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.490623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.490642] Call Trace: [ 12.490662] <TASK> [ 12.490680] dump_stack_lvl+0x73/0xb0 [ 12.490712] print_report+0xd1/0x650 [ 12.490734] ? __virt_addr_valid+0x1db/0x2d0 [ 12.490757] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.490781] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.490819] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.490851] kasan_report+0x141/0x180 [ 12.490872] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.490899] __asan_report_store1_noabort+0x1b/0x30 [ 12.490924] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.490949] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.490973] ? finish_task_switch.isra.0+0x153/0x700 [ 12.490995] ? __switch_to+0x47/0xf50 [ 12.491020] ? __schedule+0x10cc/0x2b60 [ 12.491041] ? __pfx_read_tsc+0x10/0x10 [ 12.491065] krealloc_less_oob+0x1c/0x30 [ 12.491088] kunit_try_run_case+0x1a5/0x480 [ 12.491113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.491135] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.491159] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.491181] ? __kthread_parkme+0x82/0x180 [ 12.491201] ? preempt_count_sub+0x50/0x80 [ 12.491223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.491247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.491272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.491296] kthread+0x337/0x6f0 [ 12.491314] ? trace_preempt_on+0x20/0xc0 [ 12.491337] ? __pfx_kthread+0x10/0x10 [ 12.491357] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.491378] ? calculate_sigpending+0x7b/0xa0 [ 12.491402] ? __pfx_kthread+0x10/0x10 [ 12.491422] ret_from_fork+0x116/0x1d0 [ 12.491439] ? __pfx_kthread+0x10/0x10 [ 12.491459] ret_from_fork_asm+0x1a/0x30 [ 12.491489] </TASK> [ 12.491499] [ 12.502208] Allocated by task 175: [ 12.502577] kasan_save_stack+0x45/0x70 [ 12.502808] kasan_save_track+0x18/0x40 [ 12.503037] kasan_save_alloc_info+0x3b/0x50 [ 12.503464] __kasan_krealloc+0x190/0x1f0 [ 12.503668] krealloc_noprof+0xf3/0x340 [ 12.504027] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.504205] krealloc_less_oob+0x1c/0x30 [ 12.504433] kunit_try_run_case+0x1a5/0x480 [ 12.504647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.505408] kthread+0x337/0x6f0 [ 12.505571] ret_from_fork+0x116/0x1d0 [ 12.506004] ret_from_fork_asm+0x1a/0x30 [ 12.506335] [ 12.506412] The buggy address belongs to the object at ffff888100341800 [ 12.506412] which belongs to the cache kmalloc-256 of size 256 [ 12.507241] The buggy address is located 33 bytes to the right of [ 12.507241] allocated 201-byte region [ffff888100341800, ffff8881003418c9) [ 12.507900] [ 12.508013] The buggy address belongs to the physical page: [ 12.508255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 12.508555] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.509217] flags: 0x200000000000040(head|node=0|zone=2) [ 12.509419] page_type: f5(slab) [ 12.509793] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.510464] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.511016] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.511451] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.511966] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 12.512289] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.512625] page dumped because: kasan: bad access detected [ 12.513152] [ 12.513250] Memory state around the buggy address: [ 12.513443] ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.513943] ffff888100341800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.514349] >ffff888100341880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.514714] ^ [ 12.515170] ffff888100341900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.515753] ffff888100341980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.516386] ================================================================== [ 12.517146] ================================================================== [ 12.517682] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.518356] Write of size 1 at addr ffff8881003418eb by task kunit_try_catch/175 [ 12.518693] [ 12.518793] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.518841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.518852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.518872] Call Trace: [ 12.518891] <TASK> [ 12.518909] dump_stack_lvl+0x73/0xb0 [ 12.518939] print_report+0xd1/0x650 [ 12.518960] ? __virt_addr_valid+0x1db/0x2d0 [ 12.518984] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.519007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.519030] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.519054] kasan_report+0x141/0x180 [ 12.519074] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.519102] __asan_report_store1_noabort+0x1b/0x30 [ 12.519127] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.519152] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.519176] ? finish_task_switch.isra.0+0x153/0x700 [ 12.519198] ? __switch_to+0x47/0xf50 [ 12.519224] ? __schedule+0x10cc/0x2b60 [ 12.519245] ? __pfx_read_tsc+0x10/0x10 [ 12.519269] krealloc_less_oob+0x1c/0x30 [ 12.519289] kunit_try_run_case+0x1a5/0x480 [ 12.519314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.519336] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.519360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.519382] ? __kthread_parkme+0x82/0x180 [ 12.519403] ? preempt_count_sub+0x50/0x80 [ 12.519424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.519448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.519471] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.519496] kthread+0x337/0x6f0 [ 12.519513] ? trace_preempt_on+0x20/0xc0 [ 12.519536] ? __pfx_kthread+0x10/0x10 [ 12.519556] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.519577] ? calculate_sigpending+0x7b/0xa0 [ 12.519610] ? __pfx_kthread+0x10/0x10 [ 12.519630] ret_from_fork+0x116/0x1d0 [ 12.519649] ? __pfx_kthread+0x10/0x10 [ 12.519884] ret_from_fork_asm+0x1a/0x30 [ 12.519916] </TASK> [ 12.519926] [ 12.529928] Allocated by task 175: [ 12.530109] kasan_save_stack+0x45/0x70 [ 12.530269] kasan_save_track+0x18/0x40 [ 12.530465] kasan_save_alloc_info+0x3b/0x50 [ 12.531182] __kasan_krealloc+0x190/0x1f0 [ 12.531362] krealloc_noprof+0xf3/0x340 [ 12.531719] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.532002] krealloc_less_oob+0x1c/0x30 [ 12.532323] kunit_try_run_case+0x1a5/0x480 [ 12.532616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.533272] kthread+0x337/0x6f0 [ 12.533411] ret_from_fork+0x116/0x1d0 [ 12.533770] ret_from_fork_asm+0x1a/0x30 [ 12.534131] [ 12.534225] The buggy address belongs to the object at ffff888100341800 [ 12.534225] which belongs to the cache kmalloc-256 of size 256 [ 12.534879] The buggy address is located 34 bytes to the right of [ 12.534879] allocated 201-byte region [ffff888100341800, ffff8881003418c9) [ 12.535607] [ 12.535693] The buggy address belongs to the physical page: [ 12.535955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 12.536609] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.537114] flags: 0x200000000000040(head|node=0|zone=2) [ 12.537490] page_type: f5(slab) [ 12.537631] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.538471] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.539007] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.539467] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.539934] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 12.540432] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.540969] page dumped because: kasan: bad access detected [ 12.541196] [ 12.541493] Memory state around the buggy address: [ 12.541887] ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.542183] ffff888100341800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.542746] >ffff888100341880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.543136] ^ [ 12.543433] ffff888100341900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.543752] ffff888100341980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.544532] ================================================================== [ 12.611972] ================================================================== [ 12.612278] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.612605] Write of size 1 at addr ffff888101eae0d0 by task kunit_try_catch/179 [ 12.612839] [ 12.612952] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.613141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.613157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.613176] Call Trace: [ 12.613188] <TASK> [ 12.613203] dump_stack_lvl+0x73/0xb0 [ 12.613233] print_report+0xd1/0x650 [ 12.613255] ? __virt_addr_valid+0x1db/0x2d0 [ 12.613279] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.613301] ? kasan_addr_to_slab+0x11/0xa0 [ 12.613321] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.613345] kasan_report+0x141/0x180 [ 12.613366] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.613394] __asan_report_store1_noabort+0x1b/0x30 [ 12.613418] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.613443] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.613467] ? finish_task_switch.isra.0+0x153/0x700 [ 12.613490] ? __switch_to+0x47/0xf50 [ 12.613514] ? __schedule+0x10cc/0x2b60 [ 12.613536] ? __pfx_read_tsc+0x10/0x10 [ 12.613559] krealloc_large_less_oob+0x1c/0x30 [ 12.613581] kunit_try_run_case+0x1a5/0x480 [ 12.613621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.613644] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.613667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.613691] ? __kthread_parkme+0x82/0x180 [ 12.613711] ? preempt_count_sub+0x50/0x80 [ 12.613733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.613757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.613790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.613867] kthread+0x337/0x6f0 [ 12.613887] ? trace_preempt_on+0x20/0xc0 [ 12.613911] ? __pfx_kthread+0x10/0x10 [ 12.613930] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.613952] ? calculate_sigpending+0x7b/0xa0 [ 12.613976] ? __pfx_kthread+0x10/0x10 [ 12.613997] ret_from_fork+0x116/0x1d0 [ 12.614016] ? __pfx_kthread+0x10/0x10 [ 12.614036] ret_from_fork_asm+0x1a/0x30 [ 12.614067] </TASK> [ 12.614077] [ 12.621492] The buggy address belongs to the physical page: [ 12.621788] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101eac [ 12.622158] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.622537] flags: 0x200000000000040(head|node=0|zone=2) [ 12.622779] page_type: f8(unknown) [ 12.622969] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.623197] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.623582] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.623877] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.624413] head: 0200000000000002 ffffea000407ab01 00000000ffffffff 00000000ffffffff [ 12.624693] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.625002] page dumped because: kasan: bad access detected [ 12.625274] [ 12.625430] Memory state around the buggy address: [ 12.625618] ffff888101eadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.625834] ffff888101eae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.626145] >ffff888101eae080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.626462] ^ [ 12.626741] ffff888101eae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.626959] ffff888101eae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.627360] ================================================================== [ 12.666835] ================================================================== [ 12.667340] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.667754] Write of size 1 at addr ffff888101eae0eb by task kunit_try_catch/179 [ 12.668038] [ 12.668131] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.668175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.668186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.668205] Call Trace: [ 12.668223] <TASK> [ 12.668241] dump_stack_lvl+0x73/0xb0 [ 12.668270] print_report+0xd1/0x650 [ 12.668291] ? __virt_addr_valid+0x1db/0x2d0 [ 12.668315] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.668338] ? kasan_addr_to_slab+0x11/0xa0 [ 12.668358] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.668381] kasan_report+0x141/0x180 [ 12.668402] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.668430] __asan_report_store1_noabort+0x1b/0x30 [ 12.668454] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.668480] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.668504] ? finish_task_switch.isra.0+0x153/0x700 [ 12.668526] ? __switch_to+0x47/0xf50 [ 12.668550] ? __schedule+0x10cc/0x2b60 [ 12.668571] ? __pfx_read_tsc+0x10/0x10 [ 12.668657] krealloc_large_less_oob+0x1c/0x30 [ 12.668684] kunit_try_run_case+0x1a5/0x480 [ 12.668709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.668731] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.668755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.668792] ? __kthread_parkme+0x82/0x180 [ 12.668848] ? preempt_count_sub+0x50/0x80 [ 12.668871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.668895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.668920] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.668944] kthread+0x337/0x6f0 [ 12.668962] ? trace_preempt_on+0x20/0xc0 [ 12.668986] ? __pfx_kthread+0x10/0x10 [ 12.669005] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.669026] ? calculate_sigpending+0x7b/0xa0 [ 12.669051] ? __pfx_kthread+0x10/0x10 [ 12.669071] ret_from_fork+0x116/0x1d0 [ 12.669090] ? __pfx_kthread+0x10/0x10 [ 12.669110] ret_from_fork_asm+0x1a/0x30 [ 12.669140] </TASK> [ 12.669149] [ 12.676724] The buggy address belongs to the physical page: [ 12.677079] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101eac [ 12.677360] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.677634] flags: 0x200000000000040(head|node=0|zone=2) [ 12.677883] page_type: f8(unknown) [ 12.678056] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.678369] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.678608] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.679405] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.679676] head: 0200000000000002 ffffea000407ab01 00000000ffffffff 00000000ffffffff [ 12.680259] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.680551] page dumped because: kasan: bad access detected [ 12.680775] [ 12.680922] Memory state around the buggy address: [ 12.681130] ffff888101eadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.681347] ffff888101eae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.681671] >ffff888101eae080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.682059] ^ [ 12.682313] ffff888101eae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.682531] ffff888101eae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.682998] ================================================================== [ 12.430454] ================================================================== [ 12.430790] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.431657] Write of size 1 at addr ffff8881003418d0 by task kunit_try_catch/175 [ 12.432308] [ 12.432424] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.432470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.432481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.432501] Call Trace: [ 12.432513] <TASK> [ 12.432532] dump_stack_lvl+0x73/0xb0 [ 12.432566] print_report+0xd1/0x650 [ 12.432589] ? __virt_addr_valid+0x1db/0x2d0 [ 12.432627] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.432651] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.432674] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.432697] kasan_report+0x141/0x180 [ 12.432718] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.432746] __asan_report_store1_noabort+0x1b/0x30 [ 12.432770] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.433177] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.433204] ? finish_task_switch.isra.0+0x153/0x700 [ 12.433227] ? __switch_to+0x47/0xf50 [ 12.433253] ? __schedule+0x10cc/0x2b60 [ 12.433276] ? __pfx_read_tsc+0x10/0x10 [ 12.433301] krealloc_less_oob+0x1c/0x30 [ 12.433321] kunit_try_run_case+0x1a5/0x480 [ 12.433347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.433369] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.433394] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.433417] ? __kthread_parkme+0x82/0x180 [ 12.433437] ? preempt_count_sub+0x50/0x80 [ 12.433459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.433483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.433507] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.433532] kthread+0x337/0x6f0 [ 12.433550] ? trace_preempt_on+0x20/0xc0 [ 12.433573] ? __pfx_kthread+0x10/0x10 [ 12.433607] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.433628] ? calculate_sigpending+0x7b/0xa0 [ 12.433652] ? __pfx_kthread+0x10/0x10 [ 12.433673] ret_from_fork+0x116/0x1d0 [ 12.433691] ? __pfx_kthread+0x10/0x10 [ 12.433710] ret_from_fork_asm+0x1a/0x30 [ 12.433740] </TASK> [ 12.433750] [ 12.444537] Allocated by task 175: [ 12.444740] kasan_save_stack+0x45/0x70 [ 12.445232] kasan_save_track+0x18/0x40 [ 12.445401] kasan_save_alloc_info+0x3b/0x50 [ 12.445755] __kasan_krealloc+0x190/0x1f0 [ 12.446171] krealloc_noprof+0xf3/0x340 [ 12.446460] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.446694] krealloc_less_oob+0x1c/0x30 [ 12.447281] kunit_try_run_case+0x1a5/0x480 [ 12.447475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.447990] kthread+0x337/0x6f0 [ 12.448179] ret_from_fork+0x116/0x1d0 [ 12.448363] ret_from_fork_asm+0x1a/0x30 [ 12.448550] [ 12.448658] The buggy address belongs to the object at ffff888100341800 [ 12.448658] which belongs to the cache kmalloc-256 of size 256 [ 12.449629] The buggy address is located 7 bytes to the right of [ 12.449629] allocated 201-byte region [ffff888100341800, ffff8881003418c9) [ 12.450341] [ 12.450587] The buggy address belongs to the physical page: [ 12.450842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 12.451322] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.451671] flags: 0x200000000000040(head|node=0|zone=2) [ 12.452304] page_type: f5(slab) [ 12.452458] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.453105] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.453517] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.454001] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.454447] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 12.454879] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.455356] page dumped because: kasan: bad access detected [ 12.455685] [ 12.455796] Memory state around the buggy address: [ 12.456156] ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.456481] ffff888100341800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.456792] >ffff888100341880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.457482] ^ [ 12.457974] ffff888100341900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.458297] ffff888100341980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.458657] ================================================================== [ 12.397482] ================================================================== [ 12.398795] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.399574] Write of size 1 at addr ffff8881003418c9 by task kunit_try_catch/175 [ 12.400505] [ 12.400727] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.400777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.400787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.400943] Call Trace: [ 12.400958] <TASK> [ 12.400976] dump_stack_lvl+0x73/0xb0 [ 12.401012] print_report+0xd1/0x650 [ 12.401035] ? __virt_addr_valid+0x1db/0x2d0 [ 12.401060] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.401083] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.401106] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.401130] kasan_report+0x141/0x180 [ 12.401151] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.401179] __asan_report_store1_noabort+0x1b/0x30 [ 12.401204] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.401230] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.401254] ? finish_task_switch.isra.0+0x153/0x700 [ 12.401279] ? __switch_to+0x47/0xf50 [ 12.401305] ? __schedule+0x10cc/0x2b60 [ 12.401328] ? __pfx_read_tsc+0x10/0x10 [ 12.401353] krealloc_less_oob+0x1c/0x30 [ 12.401373] kunit_try_run_case+0x1a5/0x480 [ 12.401399] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.401421] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.401446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.401469] ? __kthread_parkme+0x82/0x180 [ 12.401490] ? preempt_count_sub+0x50/0x80 [ 12.401512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.401536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.401560] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.401584] kthread+0x337/0x6f0 [ 12.401625] ? trace_preempt_on+0x20/0xc0 [ 12.401649] ? __pfx_kthread+0x10/0x10 [ 12.401669] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.401689] ? calculate_sigpending+0x7b/0xa0 [ 12.401714] ? __pfx_kthread+0x10/0x10 [ 12.401734] ret_from_fork+0x116/0x1d0 [ 12.401752] ? __pfx_kthread+0x10/0x10 [ 12.401771] ret_from_fork_asm+0x1a/0x30 [ 12.401812] </TASK> [ 12.401822] [ 12.414720] Allocated by task 175: [ 12.415306] kasan_save_stack+0x45/0x70 [ 12.415765] kasan_save_track+0x18/0x40 [ 12.416454] kasan_save_alloc_info+0x3b/0x50 [ 12.417047] __kasan_krealloc+0x190/0x1f0 [ 12.417495] krealloc_noprof+0xf3/0x340 [ 12.418025] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.418258] krealloc_less_oob+0x1c/0x30 [ 12.418401] kunit_try_run_case+0x1a5/0x480 [ 12.418551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.418748] kthread+0x337/0x6f0 [ 12.419008] ret_from_fork+0x116/0x1d0 [ 12.419303] ret_from_fork_asm+0x1a/0x30 [ 12.419971] [ 12.420075] The buggy address belongs to the object at ffff888100341800 [ 12.420075] which belongs to the cache kmalloc-256 of size 256 [ 12.420721] The buggy address is located 0 bytes to the right of [ 12.420721] allocated 201-byte region [ffff888100341800, ffff8881003418c9) [ 12.421708] [ 12.421816] The buggy address belongs to the physical page: [ 12.422079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 12.422414] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.422746] flags: 0x200000000000040(head|node=0|zone=2) [ 12.423389] page_type: f5(slab) [ 12.423535] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.424073] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.424513] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.425047] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.425377] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 12.425712] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.426255] page dumped because: kasan: bad access detected [ 12.426628] [ 12.426703] Memory state around the buggy address: [ 12.427303] ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.427623] ffff888100341800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.428161] >ffff888100341880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.428530] ^ [ 12.428802] ffff888100341900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.429269] ffff888100341980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.429670] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.321482] ================================================================== [ 12.321972] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.322242] Write of size 1 at addr ffff8881003416eb by task kunit_try_catch/173 [ 12.322468] [ 12.322564] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.322623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.322634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.322655] Call Trace: [ 12.322667] <TASK> [ 12.322683] dump_stack_lvl+0x73/0xb0 [ 12.322715] print_report+0xd1/0x650 [ 12.322737] ? __virt_addr_valid+0x1db/0x2d0 [ 12.322761] ? krealloc_more_oob_helper+0x821/0x930 [ 12.322782] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.322803] ? krealloc_more_oob_helper+0x821/0x930 [ 12.322832] kasan_report+0x141/0x180 [ 12.322852] ? krealloc_more_oob_helper+0x821/0x930 [ 12.322879] __asan_report_store1_noabort+0x1b/0x30 [ 12.322901] krealloc_more_oob_helper+0x821/0x930 [ 12.322923] ? __schedule+0x10cc/0x2b60 [ 12.322943] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.322966] ? finish_task_switch.isra.0+0x153/0x700 [ 12.322989] ? __switch_to+0x47/0xf50 [ 12.323015] ? __schedule+0x10cc/0x2b60 [ 12.323034] ? __pfx_read_tsc+0x10/0x10 [ 12.323058] krealloc_more_oob+0x1c/0x30 [ 12.323078] kunit_try_run_case+0x1a5/0x480 [ 12.323103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.323123] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.323146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.323169] ? __kthread_parkme+0x82/0x180 [ 12.323190] ? preempt_count_sub+0x50/0x80 [ 12.323211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.323233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.323255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.323277] kthread+0x337/0x6f0 [ 12.323295] ? trace_preempt_on+0x20/0xc0 [ 12.323318] ? __pfx_kthread+0x10/0x10 [ 12.323337] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.323356] ? calculate_sigpending+0x7b/0xa0 [ 12.323379] ? __pfx_kthread+0x10/0x10 [ 12.323398] ret_from_fork+0x116/0x1d0 [ 12.323415] ? __pfx_kthread+0x10/0x10 [ 12.323434] ret_from_fork_asm+0x1a/0x30 [ 12.323464] </TASK> [ 12.323474] [ 12.340571] Allocated by task 173: [ 12.341035] kasan_save_stack+0x45/0x70 [ 12.341421] kasan_save_track+0x18/0x40 [ 12.341555] kasan_save_alloc_info+0x3b/0x50 [ 12.341714] __kasan_krealloc+0x190/0x1f0 [ 12.342090] krealloc_noprof+0xf3/0x340 [ 12.342565] krealloc_more_oob_helper+0x1a9/0x930 [ 12.343266] krealloc_more_oob+0x1c/0x30 [ 12.343672] kunit_try_run_case+0x1a5/0x480 [ 12.344137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.344360] kthread+0x337/0x6f0 [ 12.344482] ret_from_fork+0x116/0x1d0 [ 12.344626] ret_from_fork_asm+0x1a/0x30 [ 12.344766] [ 12.345093] The buggy address belongs to the object at ffff888100341600 [ 12.345093] which belongs to the cache kmalloc-256 of size 256 [ 12.346259] The buggy address is located 0 bytes to the right of [ 12.346259] allocated 235-byte region [ffff888100341600, ffff8881003416eb) [ 12.347587] [ 12.347845] The buggy address belongs to the physical page: [ 12.348359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 12.348634] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.349179] flags: 0x200000000000040(head|node=0|zone=2) [ 12.349693] page_type: f5(slab) [ 12.350090] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.350798] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.351484] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.351734] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.352372] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 12.353208] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.354134] page dumped because: kasan: bad access detected [ 12.354316] [ 12.354386] Memory state around the buggy address: [ 12.354543] ffff888100341580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.354835] ffff888100341600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.355481] >ffff888100341680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.356230] ^ [ 12.356433] ffff888100341700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.356662] ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.357164] ================================================================== [ 12.357975] ================================================================== [ 12.358806] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.359229] Write of size 1 at addr ffff8881003416f0 by task kunit_try_catch/173 [ 12.359792] [ 12.360095] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.360239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.360252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.360272] Call Trace: [ 12.360288] <TASK> [ 12.360307] dump_stack_lvl+0x73/0xb0 [ 12.360341] print_report+0xd1/0x650 [ 12.360364] ? __virt_addr_valid+0x1db/0x2d0 [ 12.360388] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.360411] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.360434] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.360457] kasan_report+0x141/0x180 [ 12.360478] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.360506] __asan_report_store1_noabort+0x1b/0x30 [ 12.360531] krealloc_more_oob_helper+0x7eb/0x930 [ 12.360553] ? __schedule+0x10cc/0x2b60 [ 12.360574] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.360612] ? finish_task_switch.isra.0+0x153/0x700 [ 12.360636] ? __switch_to+0x47/0xf50 [ 12.360661] ? __schedule+0x10cc/0x2b60 [ 12.360681] ? __pfx_read_tsc+0x10/0x10 [ 12.360706] krealloc_more_oob+0x1c/0x30 [ 12.360726] kunit_try_run_case+0x1a5/0x480 [ 12.360750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.360772] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.360795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.360879] ? __kthread_parkme+0x82/0x180 [ 12.360900] ? preempt_count_sub+0x50/0x80 [ 12.360923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.360947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.360970] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.360995] kthread+0x337/0x6f0 [ 12.361013] ? trace_preempt_on+0x20/0xc0 [ 12.361038] ? __pfx_kthread+0x10/0x10 [ 12.361060] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.361083] ? calculate_sigpending+0x7b/0xa0 [ 12.361110] ? __pfx_kthread+0x10/0x10 [ 12.361132] ret_from_fork+0x116/0x1d0 [ 12.361150] ? __pfx_kthread+0x10/0x10 [ 12.361170] ret_from_fork_asm+0x1a/0x30 [ 12.361201] </TASK> [ 12.361211] [ 12.372661] Allocated by task 173: [ 12.373157] kasan_save_stack+0x45/0x70 [ 12.373383] kasan_save_track+0x18/0x40 [ 12.373571] kasan_save_alloc_info+0x3b/0x50 [ 12.373771] __kasan_krealloc+0x190/0x1f0 [ 12.374442] krealloc_noprof+0xf3/0x340 [ 12.374622] krealloc_more_oob_helper+0x1a9/0x930 [ 12.375122] krealloc_more_oob+0x1c/0x30 [ 12.375279] kunit_try_run_case+0x1a5/0x480 [ 12.375658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.376173] kthread+0x337/0x6f0 [ 12.376327] ret_from_fork+0x116/0x1d0 [ 12.376540] ret_from_fork_asm+0x1a/0x30 [ 12.376717] [ 12.377148] The buggy address belongs to the object at ffff888100341600 [ 12.377148] which belongs to the cache kmalloc-256 of size 256 [ 12.377767] The buggy address is located 5 bytes to the right of [ 12.377767] allocated 235-byte region [ffff888100341600, ffff8881003416eb) [ 12.378720] [ 12.379093] The buggy address belongs to the physical page: [ 12.379433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 12.379915] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.380344] flags: 0x200000000000040(head|node=0|zone=2) [ 12.380615] page_type: f5(slab) [ 12.380786] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.381397] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.381828] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.382327] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.382683] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 12.383278] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.383517] page dumped because: kasan: bad access detected [ 12.384378] [ 12.384560] Memory state around the buggy address: [ 12.385226] ffff888100341580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.386024] ffff888100341600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.386873] >ffff888100341680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.387095] ^ [ 12.387297] ffff888100341700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.387503] ffff888100341780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.387925] ================================================================== [ 12.551002] ================================================================== [ 12.551473] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.551746] Write of size 1 at addr ffff888101eae0eb by task kunit_try_catch/177 [ 12.552604] [ 12.552807] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.552855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.552866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.552886] Call Trace: [ 12.552899] <TASK> [ 12.552916] dump_stack_lvl+0x73/0xb0 [ 12.552947] print_report+0xd1/0x650 [ 12.552970] ? __virt_addr_valid+0x1db/0x2d0 [ 12.552993] ? krealloc_more_oob_helper+0x821/0x930 [ 12.553016] ? kasan_addr_to_slab+0x11/0xa0 [ 12.553036] ? krealloc_more_oob_helper+0x821/0x930 [ 12.553060] kasan_report+0x141/0x180 [ 12.553081] ? krealloc_more_oob_helper+0x821/0x930 [ 12.553109] __asan_report_store1_noabort+0x1b/0x30 [ 12.553133] krealloc_more_oob_helper+0x821/0x930 [ 12.553156] ? __schedule+0x10cc/0x2b60 [ 12.553177] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.553202] ? finish_task_switch.isra.0+0x153/0x700 [ 12.553226] ? __switch_to+0x47/0xf50 [ 12.553251] ? __schedule+0x10cc/0x2b60 [ 12.553271] ? __pfx_read_tsc+0x10/0x10 [ 12.553295] krealloc_large_more_oob+0x1c/0x30 [ 12.553318] kunit_try_run_case+0x1a5/0x480 [ 12.553343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.553365] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.553390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.553413] ? __kthread_parkme+0x82/0x180 [ 12.553435] ? preempt_count_sub+0x50/0x80 [ 12.553457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.553480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.553504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.553560] kthread+0x337/0x6f0 [ 12.553579] ? trace_preempt_on+0x20/0xc0 [ 12.553612] ? __pfx_kthread+0x10/0x10 [ 12.553631] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.553652] ? calculate_sigpending+0x7b/0xa0 [ 12.553677] ? __pfx_kthread+0x10/0x10 [ 12.553697] ret_from_fork+0x116/0x1d0 [ 12.553715] ? __pfx_kthread+0x10/0x10 [ 12.553734] ret_from_fork_asm+0x1a/0x30 [ 12.553782] </TASK> [ 12.553797] [ 12.564770] The buggy address belongs to the physical page: [ 12.565047] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101eac [ 12.565707] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.566497] flags: 0x200000000000040(head|node=0|zone=2) [ 12.567070] page_type: f8(unknown) [ 12.567210] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.567442] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.567719] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.568112] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.568441] head: 0200000000000002 ffffea000407ab01 00000000ffffffff 00000000ffffffff [ 12.568728] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.569069] page dumped because: kasan: bad access detected [ 12.569339] [ 12.569435] Memory state around the buggy address: [ 12.569619] ffff888101eadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.569919] ffff888101eae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.570496] >ffff888101eae080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.570893] ^ [ 12.571105] ffff888101eae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.571424] ffff888101eae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.571707] ================================================================== [ 12.572501] ================================================================== [ 12.572995] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.573377] Write of size 1 at addr ffff888101eae0f0 by task kunit_try_catch/177 [ 12.573670] [ 12.573788] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.573832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.573842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.573863] Call Trace: [ 12.573876] <TASK> [ 12.573894] dump_stack_lvl+0x73/0xb0 [ 12.573925] print_report+0xd1/0x650 [ 12.573948] ? __virt_addr_valid+0x1db/0x2d0 [ 12.573973] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.574039] ? kasan_addr_to_slab+0x11/0xa0 [ 12.574061] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.574084] kasan_report+0x141/0x180 [ 12.574105] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.574133] __asan_report_store1_noabort+0x1b/0x30 [ 12.574158] krealloc_more_oob_helper+0x7eb/0x930 [ 12.574180] ? __schedule+0x10cc/0x2b60 [ 12.574202] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.574227] ? finish_task_switch.isra.0+0x153/0x700 [ 12.574252] ? __switch_to+0x47/0xf50 [ 12.574278] ? __schedule+0x10cc/0x2b60 [ 12.574298] ? __pfx_read_tsc+0x10/0x10 [ 12.574323] krealloc_large_more_oob+0x1c/0x30 [ 12.574346] kunit_try_run_case+0x1a5/0x480 [ 12.574372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.574394] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.574418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.574441] ? __kthread_parkme+0x82/0x180 [ 12.574462] ? preempt_count_sub+0x50/0x80 [ 12.574484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.574507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.574531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.574556] kthread+0x337/0x6f0 [ 12.574574] ? trace_preempt_on+0x20/0xc0 [ 12.574609] ? __pfx_kthread+0x10/0x10 [ 12.574629] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.574650] ? calculate_sigpending+0x7b/0xa0 [ 12.574674] ? __pfx_kthread+0x10/0x10 [ 12.574695] ret_from_fork+0x116/0x1d0 [ 12.574712] ? __pfx_kthread+0x10/0x10 [ 12.574732] ret_from_fork_asm+0x1a/0x30 [ 12.574762] </TASK> [ 12.574773] [ 12.582942] The buggy address belongs to the physical page: [ 12.583195] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101eac [ 12.583443] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.583753] flags: 0x200000000000040(head|node=0|zone=2) [ 12.584047] page_type: f8(unknown) [ 12.584221] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.584563] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.585283] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.585577] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.585996] head: 0200000000000002 ffffea000407ab01 00000000ffffffff 00000000ffffffff [ 12.586310] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.586558] page dumped because: kasan: bad access detected [ 12.586741] [ 12.586810] Memory state around the buggy address: [ 12.587028] ffff888101eadf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.587644] ffff888101eae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.587861] >ffff888101eae080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.588073] ^ [ 12.588681] ffff888101eae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.589155] ffff888101eae180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.589471] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.302766] ================================================================== [ 12.303522] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.303952] Read of size 1 at addr ffff8881039c0000 by task kunit_try_catch/171 [ 12.304571] [ 12.304681] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.304727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.304738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.304758] Call Trace: [ 12.304771] <TASK> [ 12.304878] dump_stack_lvl+0x73/0xb0 [ 12.304912] print_report+0xd1/0x650 [ 12.304935] ? __virt_addr_valid+0x1db/0x2d0 [ 12.304958] ? page_alloc_uaf+0x356/0x3d0 [ 12.304979] ? kasan_addr_to_slab+0x11/0xa0 [ 12.305000] ? page_alloc_uaf+0x356/0x3d0 [ 12.305021] kasan_report+0x141/0x180 [ 12.305042] ? page_alloc_uaf+0x356/0x3d0 [ 12.305069] __asan_report_load1_noabort+0x18/0x20 [ 12.305093] page_alloc_uaf+0x356/0x3d0 [ 12.305114] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.305137] ? __schedule+0x10cc/0x2b60 [ 12.305159] ? __pfx_read_tsc+0x10/0x10 [ 12.305179] ? ktime_get_ts64+0x86/0x230 [ 12.305204] kunit_try_run_case+0x1a5/0x480 [ 12.305229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.305251] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.305275] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.305298] ? __kthread_parkme+0x82/0x180 [ 12.305320] ? preempt_count_sub+0x50/0x80 [ 12.305344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.305368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.305392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.305417] kthread+0x337/0x6f0 [ 12.305435] ? trace_preempt_on+0x20/0xc0 [ 12.305459] ? __pfx_kthread+0x10/0x10 [ 12.305479] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.305500] ? calculate_sigpending+0x7b/0xa0 [ 12.305524] ? __pfx_kthread+0x10/0x10 [ 12.305545] ret_from_fork+0x116/0x1d0 [ 12.305563] ? __pfx_kthread+0x10/0x10 [ 12.305583] ret_from_fork_asm+0x1a/0x30 [ 12.305624] </TASK> [ 12.305635] [ 12.312916] The buggy address belongs to the physical page: [ 12.313190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c0 [ 12.313485] flags: 0x200000000000000(node=0|zone=2) [ 12.313701] page_type: f0(buddy) [ 12.313892] raw: 0200000000000000 ffff88817fffb4f0 ffff88817fffb4f0 0000000000000000 [ 12.314115] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 12.314351] page dumped because: kasan: bad access detected [ 12.314605] [ 12.314694] Memory state around the buggy address: [ 12.314917] ffff8881039bff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.315381] ffff8881039bff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.315590] >ffff8881039c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.315804] ^ [ 12.316019] ffff8881039c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.316728] ffff8881039c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.317131] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.276528] ================================================================== [ 12.277058] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.277321] Free of addr ffff888102ab0001 by task kunit_try_catch/167 [ 12.277615] [ 12.277736] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.277782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.277793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.278115] Call Trace: [ 12.278132] <TASK> [ 12.278149] dump_stack_lvl+0x73/0xb0 [ 12.278183] print_report+0xd1/0x650 [ 12.278207] ? __virt_addr_valid+0x1db/0x2d0 [ 12.278301] ? kasan_addr_to_slab+0x11/0xa0 [ 12.278388] ? kfree+0x274/0x3f0 [ 12.278410] kasan_report_invalid_free+0x10a/0x130 [ 12.278435] ? kfree+0x274/0x3f0 [ 12.278457] ? kfree+0x274/0x3f0 [ 12.278477] __kasan_kfree_large+0x86/0xd0 [ 12.278498] free_large_kmalloc+0x4b/0x110 [ 12.278521] kfree+0x274/0x3f0 [ 12.278545] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.278570] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.278604] ? __schedule+0x10cc/0x2b60 [ 12.278626] ? __pfx_read_tsc+0x10/0x10 [ 12.278648] ? ktime_get_ts64+0x86/0x230 [ 12.278674] kunit_try_run_case+0x1a5/0x480 [ 12.278700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.278723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.278747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.278771] ? __kthread_parkme+0x82/0x180 [ 12.278793] ? preempt_count_sub+0x50/0x80 [ 12.278839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.278863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.278888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.278913] kthread+0x337/0x6f0 [ 12.278932] ? trace_preempt_on+0x20/0xc0 [ 12.278957] ? __pfx_kthread+0x10/0x10 [ 12.278977] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.278998] ? calculate_sigpending+0x7b/0xa0 [ 12.279022] ? __pfx_kthread+0x10/0x10 [ 12.279043] ret_from_fork+0x116/0x1d0 [ 12.279061] ? __pfx_kthread+0x10/0x10 [ 12.279081] ret_from_fork_asm+0x1a/0x30 [ 12.279113] </TASK> [ 12.279123] [ 12.290206] The buggy address belongs to the physical page: [ 12.290618] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab0 [ 12.291166] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.291556] flags: 0x200000000000040(head|node=0|zone=2) [ 12.291924] page_type: f8(unknown) [ 12.292063] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.292623] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.293020] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.293540] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.294018] head: 0200000000000002 ffffea00040aac01 00000000ffffffff 00000000ffffffff [ 12.294304] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.294783] page dumped because: kasan: bad access detected [ 12.295185] [ 12.295275] Memory state around the buggy address: [ 12.295669] ffff888102aaff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.296171] ffff888102aaff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.296538] >ffff888102ab0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.297018] ^ [ 12.297178] ffff888102ab0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.297627] ffff888102ab0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.297978] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.258209] ================================================================== [ 12.258719] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.259176] Read of size 1 at addr ffff888102ab0000 by task kunit_try_catch/165 [ 12.259424] [ 12.259541] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.259588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.259609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.259630] Call Trace: [ 12.259642] <TASK> [ 12.259659] dump_stack_lvl+0x73/0xb0 [ 12.259690] print_report+0xd1/0x650 [ 12.259713] ? __virt_addr_valid+0x1db/0x2d0 [ 12.259749] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.259770] ? kasan_addr_to_slab+0x11/0xa0 [ 12.259790] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.259811] kasan_report+0x141/0x180 [ 12.259845] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.259871] __asan_report_load1_noabort+0x18/0x20 [ 12.259897] kmalloc_large_uaf+0x2f1/0x340 [ 12.259918] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.259940] ? __schedule+0x10cc/0x2b60 [ 12.259963] ? __pfx_read_tsc+0x10/0x10 [ 12.259984] ? ktime_get_ts64+0x86/0x230 [ 12.260022] kunit_try_run_case+0x1a5/0x480 [ 12.260048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.260071] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.260096] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.260129] ? __kthread_parkme+0x82/0x180 [ 12.260159] ? preempt_count_sub+0x50/0x80 [ 12.260204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.260228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.260253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.260278] kthread+0x337/0x6f0 [ 12.260296] ? trace_preempt_on+0x20/0xc0 [ 12.260320] ? __pfx_kthread+0x10/0x10 [ 12.260340] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.260361] ? calculate_sigpending+0x7b/0xa0 [ 12.260395] ? __pfx_kthread+0x10/0x10 [ 12.260416] ret_from_fork+0x116/0x1d0 [ 12.260434] ? __pfx_kthread+0x10/0x10 [ 12.260465] ret_from_fork_asm+0x1a/0x30 [ 12.260498] </TASK> [ 12.260509] [ 12.267752] The buggy address belongs to the physical page: [ 12.268166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab0 [ 12.268732] flags: 0x200000000000000(node=0|zone=2) [ 12.268969] raw: 0200000000000000 ffffea00040aad08 ffff88815b139f80 0000000000000000 [ 12.269254] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.269639] page dumped because: kasan: bad access detected [ 12.269915] [ 12.270017] Memory state around the buggy address: [ 12.270263] ffff888102aaff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.270546] ffff888102aaff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.270919] >ffff888102ab0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.271190] ^ [ 12.271355] ffff888102ab0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.271641] ffff888102ab0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.271905] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.237988] ================================================================== [ 12.238543] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.238855] Write of size 1 at addr ffff888102ab200a by task kunit_try_catch/163 [ 12.239255] [ 12.239375] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.239422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.239434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.239454] Call Trace: [ 12.239466] <TASK> [ 12.239483] dump_stack_lvl+0x73/0xb0 [ 12.239513] print_report+0xd1/0x650 [ 12.239535] ? __virt_addr_valid+0x1db/0x2d0 [ 12.239559] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.239581] ? kasan_addr_to_slab+0x11/0xa0 [ 12.239613] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.239635] kasan_report+0x141/0x180 [ 12.239657] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.239685] __asan_report_store1_noabort+0x1b/0x30 [ 12.239709] kmalloc_large_oob_right+0x2e9/0x330 [ 12.239732] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.239757] ? __schedule+0x10cc/0x2b60 [ 12.239779] ? __pfx_read_tsc+0x10/0x10 [ 12.239810] ? ktime_get_ts64+0x86/0x230 [ 12.239835] kunit_try_run_case+0x1a5/0x480 [ 12.239870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.239893] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.239917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.239954] ? __kthread_parkme+0x82/0x180 [ 12.239986] ? preempt_count_sub+0x50/0x80 [ 12.240014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.240039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.240064] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.240089] kthread+0x337/0x6f0 [ 12.240117] ? trace_preempt_on+0x20/0xc0 [ 12.240141] ? __pfx_kthread+0x10/0x10 [ 12.240161] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.240193] ? calculate_sigpending+0x7b/0xa0 [ 12.240218] ? __pfx_kthread+0x10/0x10 [ 12.240239] ret_from_fork+0x116/0x1d0 [ 12.240258] ? __pfx_kthread+0x10/0x10 [ 12.240278] ret_from_fork_asm+0x1a/0x30 [ 12.240311] </TASK> [ 12.240320] [ 12.247752] The buggy address belongs to the physical page: [ 12.248178] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab0 [ 12.248427] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.248794] flags: 0x200000000000040(head|node=0|zone=2) [ 12.249087] page_type: f8(unknown) [ 12.249265] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.249512] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.250134] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.250407] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.250659] head: 0200000000000002 ffffea00040aac01 00000000ffffffff 00000000ffffffff [ 12.250987] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.251386] page dumped because: kasan: bad access detected [ 12.251569] [ 12.251645] Memory state around the buggy address: [ 12.251800] ffff888102ab1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.252467] ffff888102ab1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.252964] >ffff888102ab2000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.253285] ^ [ 12.253410] ffff888102ab2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.253806] ffff888102ab2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.254393] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.207630] ================================================================== [ 12.208798] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.209492] Write of size 1 at addr ffff888102035f00 by task kunit_try_catch/161 [ 12.209930] [ 12.210027] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.210074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.210085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.210106] Call Trace: [ 12.210120] <TASK> [ 12.210137] dump_stack_lvl+0x73/0xb0 [ 12.210168] print_report+0xd1/0x650 [ 12.210192] ? __virt_addr_valid+0x1db/0x2d0 [ 12.210216] ? kmalloc_big_oob_right+0x316/0x370 [ 12.210237] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.210260] ? kmalloc_big_oob_right+0x316/0x370 [ 12.210282] kasan_report+0x141/0x180 [ 12.210304] ? kmalloc_big_oob_right+0x316/0x370 [ 12.210331] __asan_report_store1_noabort+0x1b/0x30 [ 12.210356] kmalloc_big_oob_right+0x316/0x370 [ 12.210379] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.210402] ? __schedule+0x10cc/0x2b60 [ 12.210425] ? __pfx_read_tsc+0x10/0x10 [ 12.210446] ? ktime_get_ts64+0x86/0x230 [ 12.210473] kunit_try_run_case+0x1a5/0x480 [ 12.210501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.210524] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.210550] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.210573] ? __kthread_parkme+0x82/0x180 [ 12.210607] ? preempt_count_sub+0x50/0x80 [ 12.210632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.210657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.210681] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.210706] kthread+0x337/0x6f0 [ 12.210726] ? trace_preempt_on+0x20/0xc0 [ 12.210751] ? __pfx_kthread+0x10/0x10 [ 12.210771] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.210792] ? calculate_sigpending+0x7b/0xa0 [ 12.210817] ? __pfx_kthread+0x10/0x10 [ 12.210844] ret_from_fork+0x116/0x1d0 [ 12.210863] ? __pfx_kthread+0x10/0x10 [ 12.210883] ret_from_fork_asm+0x1a/0x30 [ 12.210916] </TASK> [ 12.210926] [ 12.219188] Allocated by task 161: [ 12.219361] kasan_save_stack+0x45/0x70 [ 12.219562] kasan_save_track+0x18/0x40 [ 12.219749] kasan_save_alloc_info+0x3b/0x50 [ 12.220376] __kasan_kmalloc+0xb7/0xc0 [ 12.220567] __kmalloc_cache_noprof+0x189/0x420 [ 12.221118] kmalloc_big_oob_right+0xa9/0x370 [ 12.221532] kunit_try_run_case+0x1a5/0x480 [ 12.222005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.222310] kthread+0x337/0x6f0 [ 12.222469] ret_from_fork+0x116/0x1d0 [ 12.222654] ret_from_fork_asm+0x1a/0x30 [ 12.223298] [ 12.223577] The buggy address belongs to the object at ffff888102034000 [ 12.223577] which belongs to the cache kmalloc-8k of size 8192 [ 12.224489] The buggy address is located 0 bytes to the right of [ 12.224489] allocated 7936-byte region [ffff888102034000, ffff888102035f00) [ 12.225244] [ 12.225478] The buggy address belongs to the physical page: [ 12.225750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102030 [ 12.226242] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.226545] flags: 0x200000000000040(head|node=0|zone=2) [ 12.227011] page_type: f5(slab) [ 12.227264] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.227898] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.228346] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.228684] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.229432] head: 0200000000000003 ffffea0004080c01 00000000ffffffff 00000000ffffffff [ 12.230095] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.230615] page dumped because: kasan: bad access detected [ 12.231274] [ 12.231656] Memory state around the buggy address: [ 12.231959] ffff888102035e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.232453] ffff888102035e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.233077] >ffff888102035f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.233369] ^ [ 12.233521] ffff888102035f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.234100] ffff888102036000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.234533] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.140135] ================================================================== [ 12.141222] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.142080] Write of size 1 at addr ffff888102c29b78 by task kunit_try_catch/159 [ 12.142312] [ 12.142405] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.142451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.142461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.142482] Call Trace: [ 12.142496] <TASK> [ 12.142513] dump_stack_lvl+0x73/0xb0 [ 12.142545] print_report+0xd1/0x650 [ 12.142568] ? __virt_addr_valid+0x1db/0x2d0 [ 12.142606] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.142632] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.142655] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.142680] kasan_report+0x141/0x180 [ 12.142979] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.143011] __asan_report_store1_noabort+0x1b/0x30 [ 12.143037] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.143063] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.143215] ? __schedule+0x10cc/0x2b60 [ 12.143239] ? __pfx_read_tsc+0x10/0x10 [ 12.143261] ? ktime_get_ts64+0x86/0x230 [ 12.143285] kunit_try_run_case+0x1a5/0x480 [ 12.143310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.143332] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.143356] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.143379] ? __kthread_parkme+0x82/0x180 [ 12.143401] ? preempt_count_sub+0x50/0x80 [ 12.143425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.143449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.143472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.143496] kthread+0x337/0x6f0 [ 12.143514] ? trace_preempt_on+0x20/0xc0 [ 12.143538] ? __pfx_kthread+0x10/0x10 [ 12.143558] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.143578] ? calculate_sigpending+0x7b/0xa0 [ 12.143616] ? __pfx_kthread+0x10/0x10 [ 12.143637] ret_from_fork+0x116/0x1d0 [ 12.143654] ? __pfx_kthread+0x10/0x10 [ 12.143674] ret_from_fork_asm+0x1a/0x30 [ 12.143705] </TASK> [ 12.143715] [ 12.156624] Allocated by task 159: [ 12.157220] kasan_save_stack+0x45/0x70 [ 12.157396] kasan_save_track+0x18/0x40 [ 12.157534] kasan_save_alloc_info+0x3b/0x50 [ 12.157697] __kasan_kmalloc+0xb7/0xc0 [ 12.157838] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.158021] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.158193] kunit_try_run_case+0x1a5/0x480 [ 12.158338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.158512] kthread+0x337/0x6f0 [ 12.158711] ret_from_fork+0x116/0x1d0 [ 12.159042] ret_from_fork_asm+0x1a/0x30 [ 12.159420] [ 12.159612] The buggy address belongs to the object at ffff888102c29b00 [ 12.159612] which belongs to the cache kmalloc-128 of size 128 [ 12.160813] The buggy address is located 0 bytes to the right of [ 12.160813] allocated 120-byte region [ffff888102c29b00, ffff888102c29b78) [ 12.162245] [ 12.162407] The buggy address belongs to the physical page: [ 12.163013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c29 [ 12.163850] flags: 0x200000000000000(node=0|zone=2) [ 12.164370] page_type: f5(slab) [ 12.164745] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.165542] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.166448] page dumped because: kasan: bad access detected [ 12.167030] [ 12.167217] Memory state around the buggy address: [ 12.167448] ffff888102c29a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.167852] ffff888102c29a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.168664] >ffff888102c29b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.169402] ^ [ 12.169803] ffff888102c29b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.170229] ffff888102c29c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.170912] ================================================================== [ 12.171909] ================================================================== [ 12.172155] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.172726] Write of size 1 at addr ffff888102c29c78 by task kunit_try_catch/159 [ 12.173222] [ 12.173402] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.173446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.173457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.173476] Call Trace: [ 12.173487] <TASK> [ 12.173504] dump_stack_lvl+0x73/0xb0 [ 12.173534] print_report+0xd1/0x650 [ 12.173556] ? __virt_addr_valid+0x1db/0x2d0 [ 12.173579] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.173616] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.173638] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.173674] kasan_report+0x141/0x180 [ 12.173696] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.173725] __asan_report_store1_noabort+0x1b/0x30 [ 12.173756] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.173781] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.173808] ? __schedule+0x10cc/0x2b60 [ 12.173830] ? __pfx_read_tsc+0x10/0x10 [ 12.173851] ? ktime_get_ts64+0x86/0x230 [ 12.173876] kunit_try_run_case+0x1a5/0x480 [ 12.173900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.173948] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.173971] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.173994] ? __kthread_parkme+0x82/0x180 [ 12.174015] ? preempt_count_sub+0x50/0x80 [ 12.174039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.174062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.174088] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.174112] kthread+0x337/0x6f0 [ 12.174130] ? trace_preempt_on+0x20/0xc0 [ 12.174154] ? __pfx_kthread+0x10/0x10 [ 12.174173] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.174194] ? calculate_sigpending+0x7b/0xa0 [ 12.174219] ? __pfx_kthread+0x10/0x10 [ 12.174239] ret_from_fork+0x116/0x1d0 [ 12.174257] ? __pfx_kthread+0x10/0x10 [ 12.174277] ret_from_fork_asm+0x1a/0x30 [ 12.174307] </TASK> [ 12.174317] [ 12.188456] Allocated by task 159: [ 12.188832] kasan_save_stack+0x45/0x70 [ 12.189234] kasan_save_track+0x18/0x40 [ 12.189711] kasan_save_alloc_info+0x3b/0x50 [ 12.190145] __kasan_kmalloc+0xb7/0xc0 [ 12.190472] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.191046] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.191230] kunit_try_run_case+0x1a5/0x480 [ 12.191752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.192343] kthread+0x337/0x6f0 [ 12.192528] ret_from_fork+0x116/0x1d0 [ 12.192754] ret_from_fork_asm+0x1a/0x30 [ 12.193181] [ 12.193364] The buggy address belongs to the object at ffff888102c29c00 [ 12.193364] which belongs to the cache kmalloc-128 of size 128 [ 12.194583] The buggy address is located 0 bytes to the right of [ 12.194583] allocated 120-byte region [ffff888102c29c00, ffff888102c29c78) [ 12.195624] [ 12.195760] The buggy address belongs to the physical page: [ 12.196223] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c29 [ 12.196837] flags: 0x200000000000000(node=0|zone=2) [ 12.197315] page_type: f5(slab) [ 12.197586] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.198283] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.198510] page dumped because: kasan: bad access detected [ 12.198693] [ 12.198763] Memory state around the buggy address: [ 12.199290] ffff888102c29b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.200029] ffff888102c29b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.200841] >ffff888102c29c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.201664] ^ [ 12.202337] ffff888102c29c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.203049] ffff888102c29d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.203506] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.106498] ================================================================== [ 12.107535] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 12.107828] Read of size 1 at addr ffff888103921000 by task kunit_try_catch/157 [ 12.108052] [ 12.108161] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.108211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.108222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.108246] Call Trace: [ 12.108259] <TASK> [ 12.108281] dump_stack_lvl+0x73/0xb0 [ 12.108313] print_report+0xd1/0x650 [ 12.108336] ? __virt_addr_valid+0x1db/0x2d0 [ 12.108361] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.108384] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.108406] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.108430] kasan_report+0x141/0x180 [ 12.108450] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.108477] __asan_report_load1_noabort+0x18/0x20 [ 12.108501] kmalloc_node_oob_right+0x369/0x3c0 [ 12.108525] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.108549] ? __schedule+0x10cc/0x2b60 [ 12.108571] ? __pfx_read_tsc+0x10/0x10 [ 12.108603] ? ktime_get_ts64+0x86/0x230 [ 12.108630] kunit_try_run_case+0x1a5/0x480 [ 12.108656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.108678] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.108702] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.108725] ? __kthread_parkme+0x82/0x180 [ 12.108747] ? preempt_count_sub+0x50/0x80 [ 12.108771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.108795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.108819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.108842] kthread+0x337/0x6f0 [ 12.108860] ? trace_preempt_on+0x20/0xc0 [ 12.108884] ? __pfx_kthread+0x10/0x10 [ 12.108904] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.108925] ? calculate_sigpending+0x7b/0xa0 [ 12.108949] ? __pfx_kthread+0x10/0x10 [ 12.108969] ret_from_fork+0x116/0x1d0 [ 12.108986] ? __pfx_kthread+0x10/0x10 [ 12.109005] ret_from_fork_asm+0x1a/0x30 [ 12.109037] </TASK> [ 12.109048] [ 12.118533] Allocated by task 157: [ 12.119038] kasan_save_stack+0x45/0x70 [ 12.119237] kasan_save_track+0x18/0x40 [ 12.119429] kasan_save_alloc_info+0x3b/0x50 [ 12.119873] __kasan_kmalloc+0xb7/0xc0 [ 12.120049] __kmalloc_cache_node_noprof+0x188/0x420 [ 12.120422] kmalloc_node_oob_right+0xab/0x3c0 [ 12.120609] kunit_try_run_case+0x1a5/0x480 [ 12.121009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.121405] kthread+0x337/0x6f0 [ 12.121571] ret_from_fork+0x116/0x1d0 [ 12.121726] ret_from_fork_asm+0x1a/0x30 [ 12.122171] [ 12.122258] The buggy address belongs to the object at ffff888103920000 [ 12.122258] which belongs to the cache kmalloc-4k of size 4096 [ 12.123070] The buggy address is located 0 bytes to the right of [ 12.123070] allocated 4096-byte region [ffff888103920000, ffff888103921000) [ 12.123738] [ 12.124002] The buggy address belongs to the physical page: [ 12.124331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103920 [ 12.125611] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.125885] flags: 0x200000000000040(head|node=0|zone=2) [ 12.126173] page_type: f5(slab) [ 12.126300] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.126531] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.126838] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.127635] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.129618] head: 0200000000000003 ffffea00040e4801 00000000ffffffff 00000000ffffffff [ 12.130481] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.131515] page dumped because: kasan: bad access detected [ 12.132336] [ 12.132415] Memory state around the buggy address: [ 12.132575] ffff888103920f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.133027] ffff888103920f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.133651] >ffff888103921000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.134299] ^ [ 12.134584] ffff888103921080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.135292] ffff888103921100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.136027] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 12.071556] ================================================================== [ 12.072485] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 12.073091] Read of size 1 at addr ffff8881019029df by task kunit_try_catch/155 [ 12.073545] [ 12.074019] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.074072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.074083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.074104] Call Trace: [ 12.074119] <TASK> [ 12.074138] dump_stack_lvl+0x73/0xb0 [ 12.074173] print_report+0xd1/0x650 [ 12.074197] ? __virt_addr_valid+0x1db/0x2d0 [ 12.074222] ? kmalloc_oob_left+0x361/0x3c0 [ 12.074242] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.074265] ? kmalloc_oob_left+0x361/0x3c0 [ 12.074285] kasan_report+0x141/0x180 [ 12.074306] ? kmalloc_oob_left+0x361/0x3c0 [ 12.074331] __asan_report_load1_noabort+0x18/0x20 [ 12.074356] kmalloc_oob_left+0x361/0x3c0 [ 12.074378] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.074400] ? __schedule+0x10cc/0x2b60 [ 12.074422] ? __pfx_read_tsc+0x10/0x10 [ 12.074443] ? ktime_get_ts64+0x86/0x230 [ 12.074468] kunit_try_run_case+0x1a5/0x480 [ 12.074493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.074515] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.074539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.074562] ? __kthread_parkme+0x82/0x180 [ 12.074583] ? preempt_count_sub+0x50/0x80 [ 12.074623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.074646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.074670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.074694] kthread+0x337/0x6f0 [ 12.074712] ? trace_preempt_on+0x20/0xc0 [ 12.074736] ? __pfx_kthread+0x10/0x10 [ 12.074756] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.074777] ? calculate_sigpending+0x7b/0xa0 [ 12.074834] ? __pfx_kthread+0x10/0x10 [ 12.074855] ret_from_fork+0x116/0x1d0 [ 12.074874] ? __pfx_kthread+0x10/0x10 [ 12.074894] ret_from_fork_asm+0x1a/0x30 [ 12.074925] </TASK> [ 12.074935] [ 12.086110] Allocated by task 1: [ 12.086630] kasan_save_stack+0x45/0x70 [ 12.086831] kasan_save_track+0x18/0x40 [ 12.087295] kasan_save_alloc_info+0x3b/0x50 [ 12.087649] __kasan_kmalloc+0xb7/0xc0 [ 12.087926] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.088402] kstrdup+0x3e/0xa0 [ 12.088701] kstrdup_const+0x2c/0x40 [ 12.088862] __kernfs_new_node+0xa7/0x6d0 [ 12.089207] kernfs_new_node+0x140/0x1e0 [ 12.089646] __kernfs_create_file+0x2d/0x290 [ 12.090056] sysfs_add_bin_file_mode_ns+0x13f/0x4f0 [ 12.090330] sysfs_create_bin_file+0x150/0x200 [ 12.090484] pci_create_attr+0x1e2/0x460 [ 12.091123] pci_create_resource_files+0xb0/0x160 [ 12.091552] pci_sysfs_init+0x32/0x90 [ 12.091958] do_one_initcall+0xd8/0x370 [ 12.092316] kernel_init_freeable+0x420/0x6f0 [ 12.092618] kernel_init+0x23/0x1e0 [ 12.092746] ret_from_fork+0x116/0x1d0 [ 12.093164] ret_from_fork_asm+0x1a/0x30 [ 12.093556] [ 12.093721] The buggy address belongs to the object at ffff8881019029c0 [ 12.093721] which belongs to the cache kmalloc-16 of size 16 [ 12.094885] The buggy address is located 21 bytes to the right of [ 12.094885] allocated 10-byte region [ffff8881019029c0, ffff8881019029ca) [ 12.095401] [ 12.095474] The buggy address belongs to the physical page: [ 12.095663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101902 [ 12.096239] flags: 0x200000000000000(node=0|zone=2) [ 12.096700] page_type: f5(slab) [ 12.097082] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.097885] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.098634] page dumped because: kasan: bad access detected [ 12.099221] [ 12.099408] Memory state around the buggy address: [ 12.099894] ffff888101902880: 00 05 fc fc 00 05 fc fc 00 02 fc fc 00 03 fc fc [ 12.100672] ffff888101902900: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 12.101274] >ffff888101902980: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 07 fc fc [ 12.101485] ^ [ 12.101682] ffff888101902a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.102241] ffff888101902a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.102950] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 12.026587] ================================================================== [ 12.027581] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.028320] Write of size 1 at addr ffff888102c29a78 by task kunit_try_catch/153 [ 12.028616] [ 12.028711] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.028757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.028769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.028792] Call Trace: [ 12.028961] <TASK> [ 12.028985] dump_stack_lvl+0x73/0xb0 [ 12.029018] print_report+0xd1/0x650 [ 12.029041] ? __virt_addr_valid+0x1db/0x2d0 [ 12.029064] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.029085] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.029108] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.029129] kasan_report+0x141/0x180 [ 12.029150] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.029176] __asan_report_store1_noabort+0x1b/0x30 [ 12.029201] kmalloc_oob_right+0x6bd/0x7f0 [ 12.029223] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.029245] ? __schedule+0x10cc/0x2b60 [ 12.029267] ? __pfx_read_tsc+0x10/0x10 [ 12.029289] ? ktime_get_ts64+0x86/0x230 [ 12.029314] kunit_try_run_case+0x1a5/0x480 [ 12.029339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.029361] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.029385] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.029408] ? __kthread_parkme+0x82/0x180 [ 12.029429] ? preempt_count_sub+0x50/0x80 [ 12.029454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.029477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.029501] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.029526] kthread+0x337/0x6f0 [ 12.029545] ? trace_preempt_on+0x20/0xc0 [ 12.029569] ? __pfx_kthread+0x10/0x10 [ 12.029589] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.029625] ? calculate_sigpending+0x7b/0xa0 [ 12.029649] ? __pfx_kthread+0x10/0x10 [ 12.029670] ret_from_fork+0x116/0x1d0 [ 12.029688] ? __pfx_kthread+0x10/0x10 [ 12.029708] ret_from_fork_asm+0x1a/0x30 [ 12.029739] </TASK> [ 12.029750] [ 12.040878] Allocated by task 153: [ 12.041221] kasan_save_stack+0x45/0x70 [ 12.041443] kasan_save_track+0x18/0x40 [ 12.041590] kasan_save_alloc_info+0x3b/0x50 [ 12.041754] __kasan_kmalloc+0xb7/0xc0 [ 12.041940] __kmalloc_cache_noprof+0x189/0x420 [ 12.042165] kmalloc_oob_right+0xa9/0x7f0 [ 12.042526] kunit_try_run_case+0x1a5/0x480 [ 12.042741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.043040] kthread+0x337/0x6f0 [ 12.043258] ret_from_fork+0x116/0x1d0 [ 12.043448] ret_from_fork_asm+0x1a/0x30 [ 12.043653] [ 12.043736] The buggy address belongs to the object at ffff888102c29a00 [ 12.043736] which belongs to the cache kmalloc-128 of size 128 [ 12.044301] The buggy address is located 5 bytes to the right of [ 12.044301] allocated 115-byte region [ffff888102c29a00, ffff888102c29a73) [ 12.044878] [ 12.045181] The buggy address belongs to the physical page: [ 12.045404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c29 [ 12.045691] flags: 0x200000000000000(node=0|zone=2) [ 12.045858] page_type: f5(slab) [ 12.046009] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.046346] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.046766] page dumped because: kasan: bad access detected [ 12.047088] [ 12.047183] Memory state around the buggy address: [ 12.047380] ffff888102c29900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.047616] ffff888102c29980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.048140] >ffff888102c29a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.048412] ^ [ 12.048665] ffff888102c29a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.048880] ffff888102c29b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.049194] ================================================================== [ 12.049745] ================================================================== [ 12.050250] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.050525] Read of size 1 at addr ffff888102c29a80 by task kunit_try_catch/153 [ 12.050969] [ 12.051090] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.051134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.051145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.051167] Call Trace: [ 12.051184] <TASK> [ 12.051201] dump_stack_lvl+0x73/0xb0 [ 12.051230] print_report+0xd1/0x650 [ 12.051252] ? __virt_addr_valid+0x1db/0x2d0 [ 12.051275] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.051296] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.051318] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.051340] kasan_report+0x141/0x180 [ 12.051362] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.051387] __asan_report_load1_noabort+0x18/0x20 [ 12.051412] kmalloc_oob_right+0x68a/0x7f0 [ 12.051434] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.051456] ? __schedule+0x10cc/0x2b60 [ 12.051478] ? __pfx_read_tsc+0x10/0x10 [ 12.051499] ? ktime_get_ts64+0x86/0x230 [ 12.051523] kunit_try_run_case+0x1a5/0x480 [ 12.051546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.051569] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.051606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.051630] ? __kthread_parkme+0x82/0x180 [ 12.051651] ? preempt_count_sub+0x50/0x80 [ 12.051675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.051699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.051723] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.051748] kthread+0x337/0x6f0 [ 12.051766] ? trace_preempt_on+0x20/0xc0 [ 12.051802] ? __pfx_kthread+0x10/0x10 [ 12.051822] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.051843] ? calculate_sigpending+0x7b/0xa0 [ 12.051868] ? __pfx_kthread+0x10/0x10 [ 12.051889] ret_from_fork+0x116/0x1d0 [ 12.051907] ? __pfx_kthread+0x10/0x10 [ 12.051928] ret_from_fork_asm+0x1a/0x30 [ 12.051959] </TASK> [ 12.051969] [ 12.059319] Allocated by task 153: [ 12.059453] kasan_save_stack+0x45/0x70 [ 12.059611] kasan_save_track+0x18/0x40 [ 12.059747] kasan_save_alloc_info+0x3b/0x50 [ 12.059974] __kasan_kmalloc+0xb7/0xc0 [ 12.060159] __kmalloc_cache_noprof+0x189/0x420 [ 12.060490] kmalloc_oob_right+0xa9/0x7f0 [ 12.061064] kunit_try_run_case+0x1a5/0x480 [ 12.061273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.061536] kthread+0x337/0x6f0 [ 12.061694] ret_from_fork+0x116/0x1d0 [ 12.061971] ret_from_fork_asm+0x1a/0x30 [ 12.062115] [ 12.062186] The buggy address belongs to the object at ffff888102c29a00 [ 12.062186] which belongs to the cache kmalloc-128 of size 128 [ 12.062668] The buggy address is located 13 bytes to the right of [ 12.062668] allocated 115-byte region [ffff888102c29a00, ffff888102c29a73) [ 12.063216] [ 12.063293] The buggy address belongs to the physical page: [ 12.063523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c29 [ 12.064091] flags: 0x200000000000000(node=0|zone=2) [ 12.064333] page_type: f5(slab) [ 12.064502] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.065098] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.065351] page dumped because: kasan: bad access detected [ 12.065524] [ 12.065607] Memory state around the buggy address: [ 12.065954] ffff888102c29980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.066281] ffff888102c29a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.066561] >ffff888102c29a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.066784] ^ [ 12.066907] ffff888102c29b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.067247] ffff888102c29b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.067884] ================================================================== [ 11.995267] ================================================================== [ 11.996276] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.997284] Write of size 1 at addr ffff888102c29a73 by task kunit_try_catch/153 [ 11.997609] [ 11.998520] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 11.998957] Tainted: [N]=TEST [ 11.998994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.999221] Call Trace: [ 11.999287] <TASK> [ 11.999430] dump_stack_lvl+0x73/0xb0 [ 11.999519] print_report+0xd1/0x650 [ 11.999559] ? __virt_addr_valid+0x1db/0x2d0 [ 11.999585] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.999626] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.999649] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.999670] kasan_report+0x141/0x180 [ 11.999704] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.999730] __asan_report_store1_noabort+0x1b/0x30 [ 11.999755] kmalloc_oob_right+0x6f0/0x7f0 [ 11.999830] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.999853] ? __schedule+0x10cc/0x2b60 [ 11.999876] ? __pfx_read_tsc+0x10/0x10 [ 11.999898] ? ktime_get_ts64+0x86/0x230 [ 11.999925] kunit_try_run_case+0x1a5/0x480 [ 11.999952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.999974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.999999] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.000022] ? __kthread_parkme+0x82/0x180 [ 12.000044] ? preempt_count_sub+0x50/0x80 [ 12.000069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.000093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.000117] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.000142] kthread+0x337/0x6f0 [ 12.000160] ? trace_preempt_on+0x20/0xc0 [ 12.000185] ? __pfx_kthread+0x10/0x10 [ 12.000204] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.000226] ? calculate_sigpending+0x7b/0xa0 [ 12.000250] ? __pfx_kthread+0x10/0x10 [ 12.000271] ret_from_fork+0x116/0x1d0 [ 12.000289] ? __pfx_kthread+0x10/0x10 [ 12.000309] ret_from_fork_asm+0x1a/0x30 [ 12.000372] </TASK> [ 12.000440] [ 12.009227] Allocated by task 153: [ 12.009572] kasan_save_stack+0x45/0x70 [ 12.009884] kasan_save_track+0x18/0x40 [ 12.010107] kasan_save_alloc_info+0x3b/0x50 [ 12.010324] __kasan_kmalloc+0xb7/0xc0 [ 12.010532] __kmalloc_cache_noprof+0x189/0x420 [ 12.010755] kmalloc_oob_right+0xa9/0x7f0 [ 12.011007] kunit_try_run_case+0x1a5/0x480 [ 12.011248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.011437] kthread+0x337/0x6f0 [ 12.011560] ret_from_fork+0x116/0x1d0 [ 12.011836] ret_from_fork_asm+0x1a/0x30 [ 12.012098] [ 12.012250] The buggy address belongs to the object at ffff888102c29a00 [ 12.012250] which belongs to the cache kmalloc-128 of size 128 [ 12.012902] The buggy address is located 0 bytes to the right of [ 12.012902] allocated 115-byte region [ffff888102c29a00, ffff888102c29a73) [ 12.013542] [ 12.015004] The buggy address belongs to the physical page: [ 12.016643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c29 [ 12.017507] flags: 0x200000000000000(node=0|zone=2) [ 12.018283] page_type: f5(slab) [ 12.018932] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.019263] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.019824] page dumped because: kasan: bad access detected [ 12.020188] [ 12.020422] Memory state around the buggy address: [ 12.021110] ffff888102c29900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.021423] ffff888102c29980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.021953] >ffff888102c29a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.022443] ^ [ 12.022787] ffff888102c29a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.023320] ffff888102c29b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.023781] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 141.854359] WARNING: CPU: 1 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.855008] Modules linked in: [ 141.855349] CPU: 1 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.855703] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.856325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.857657] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.858544] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.859633] RSP: 0000:ffff88810385fc78 EFLAGS: 00010286 [ 141.859842] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.860335] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa2a337f4 [ 141.860711] RBP: ffff88810385fca0 R08: 0000000000000000 R09: ffffed1020fcf8a0 [ 141.861159] R10: ffff888107e7c507 R11: 0000000000000000 R12: ffffffffa2a337e0 [ 141.861458] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810385fd38 [ 141.861817] FS: 0000000000000000(0000) GS:ffff8881b6772000(0000) knlGS:0000000000000000 [ 141.862392] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.862654] CR2: 00007ffff7ffe000 CR3: 00000000354bc000 CR4: 00000000000006f0 [ 141.863040] DR0: ffffffffa4a52444 DR1: ffffffffa4a52449 DR2: ffffffffa4a5244a [ 141.863346] DR3: ffffffffa4a5244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.863749] Call Trace: [ 141.863890] <TASK> [ 141.863992] drm_test_rect_calc_vscale+0x108/0x270 [ 141.864442] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.864737] ? __schedule+0x10cc/0x2b60 [ 141.864967] ? __pfx_read_tsc+0x10/0x10 [ 141.865218] ? ktime_get_ts64+0x86/0x230 [ 141.865468] kunit_try_run_case+0x1a5/0x480 [ 141.865664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.865938] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.866423] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.866707] ? __kthread_parkme+0x82/0x180 [ 141.867134] ? preempt_count_sub+0x50/0x80 [ 141.867360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.867608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.867882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.868290] kthread+0x337/0x6f0 [ 141.868518] ? trace_preempt_on+0x20/0xc0 [ 141.868687] ? __pfx_kthread+0x10/0x10 [ 141.868996] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.869237] ? calculate_sigpending+0x7b/0xa0 [ 141.869501] ? __pfx_kthread+0x10/0x10 [ 141.869692] ret_from_fork+0x116/0x1d0 [ 141.870121] ? __pfx_kthread+0x10/0x10 [ 141.870312] ret_from_fork_asm+0x1a/0x30 [ 141.870557] </TASK> [ 141.870721] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.828147] WARNING: CPU: 0 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.829209] Modules linked in: [ 141.829377] CPU: 0 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.830068] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.830747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.831806] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.832395] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.834140] RSP: 0000:ffff888102eafc78 EFLAGS: 00010286 [ 141.834517] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.834743] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa2a337bc [ 141.834967] RBP: ffff888102eafca0 R08: 0000000000000000 R09: ffffed10203c8320 [ 141.835179] R10: ffff888101e41907 R11: 0000000000000000 R12: ffffffffa2a337a8 [ 141.835391] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102eafd38 [ 141.835670] FS: 0000000000000000(0000) GS:ffff8881b6672000(0000) knlGS:0000000000000000 [ 141.836453] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.837125] CR2: 00007ffff7ffe000 CR3: 00000000354bc000 CR4: 00000000000006f0 [ 141.837887] DR0: ffffffffa4a52440 DR1: ffffffffa4a52441 DR2: ffffffffa4a52443 [ 141.838612] DR3: ffffffffa4a52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.839629] Call Trace: [ 141.840013] <TASK> [ 141.840269] drm_test_rect_calc_vscale+0x108/0x270 [ 141.840746] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.841368] ? __schedule+0x207f/0x2b60 [ 141.841974] ? __pfx_read_tsc+0x10/0x10 [ 141.842447] ? ktime_get_ts64+0x86/0x230 [ 141.843038] kunit_try_run_case+0x1a5/0x480 [ 141.843539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.844101] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.844278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.844450] ? __kthread_parkme+0x82/0x180 [ 141.844613] ? preempt_count_sub+0x50/0x80 [ 141.845245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.845873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.846317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.846861] kthread+0x337/0x6f0 [ 141.847266] ? trace_preempt_on+0x20/0xc0 [ 141.847573] ? __pfx_kthread+0x10/0x10 [ 141.847734] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.848402] ? calculate_sigpending+0x7b/0xa0 [ 141.849052] ? __pfx_kthread+0x10/0x10 [ 141.849427] ret_from_fork+0x116/0x1d0 [ 141.849745] ? __pfx_kthread+0x10/0x10 [ 141.850197] ret_from_fork_asm+0x1a/0x30 [ 141.850362] </TASK> [ 141.850454] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 141.770364] WARNING: CPU: 0 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.770706] Modules linked in: [ 141.770893] CPU: 0 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.771636] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.772142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.772475] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.772736] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b dc 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.774200] RSP: 0000:ffff888102ebfc78 EFLAGS: 00010286 [ 141.774401] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.774628] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa2a337c0 [ 141.774978] RBP: ffff888102ebfca0 R08: 0000000000000000 R09: ffffed10203c8240 [ 141.776005] R10: ffff888101e41207 R11: 0000000000000000 R12: ffffffffa2a337a8 [ 141.776922] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102ebfd38 [ 141.777942] FS: 0000000000000000(0000) GS:ffff8881b6672000(0000) knlGS:0000000000000000 [ 141.778372] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.778558] CR2: 00007ffff7ffe000 CR3: 00000000354bc000 CR4: 00000000000006f0 [ 141.778783] DR0: ffffffffa4a52440 DR1: ffffffffa4a52441 DR2: ffffffffa4a52443 [ 141.779078] DR3: ffffffffa4a52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.779382] Call Trace: [ 141.779510] <TASK> [ 141.780041] drm_test_rect_calc_hscale+0x108/0x270 [ 141.780247] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.780649] ? __schedule+0x10cc/0x2b60 [ 141.781160] ? __pfx_read_tsc+0x10/0x10 [ 141.781370] ? ktime_get_ts64+0x86/0x230 [ 141.781541] kunit_try_run_case+0x1a5/0x480 [ 141.782015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.782219] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.782460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.782697] ? __kthread_parkme+0x82/0x180 [ 141.783188] ? preempt_count_sub+0x50/0x80 [ 141.783397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.783587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.784126] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.784518] kthread+0x337/0x6f0 [ 141.784778] ? trace_preempt_on+0x20/0xc0 [ 141.785106] ? __pfx_kthread+0x10/0x10 [ 141.785290] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.785480] ? calculate_sigpending+0x7b/0xa0 [ 141.785698] ? __pfx_kthread+0x10/0x10 [ 141.786307] ret_from_fork+0x116/0x1d0 [ 141.786509] ? __pfx_kthread+0x10/0x10 [ 141.786670] ret_from_fork_asm+0x1a/0x30 [ 141.787058] </TASK> [ 141.787342] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.790987] WARNING: CPU: 1 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.791308] Modules linked in: [ 141.791571] CPU: 1 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.792642] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.793161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.793501] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.793700] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b dc 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.794213] RSP: 0000:ffff888102eafc78 EFLAGS: 00010286 [ 141.794397] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.794619] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa2a337f8 [ 141.794836] RBP: ffff888102eafca0 R08: 0000000000000000 R09: ffffed1020fcf800 [ 141.795046] R10: ffff888107e7c007 R11: 0000000000000000 R12: ffffffffa2a337e0 [ 141.795258] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102eafd38 [ 141.795466] FS: 0000000000000000(0000) GS:ffff8881b6772000(0000) knlGS:0000000000000000 [ 141.796179] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.796687] CR2: 00007ffff7ffe000 CR3: 00000000354bc000 CR4: 00000000000006f0 [ 141.797311] DR0: ffffffffa4a52444 DR1: ffffffffa4a52449 DR2: ffffffffa4a5244a [ 141.798109] DR3: ffffffffa4a5244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.798906] Call Trace: [ 141.799163] <TASK> [ 141.799390] drm_test_rect_calc_hscale+0x108/0x270 [ 141.800032] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.800530] ? __schedule+0x10cc/0x2b60 [ 141.800974] ? __pfx_read_tsc+0x10/0x10 [ 141.801513] ? ktime_get_ts64+0x86/0x230 [ 141.802012] kunit_try_run_case+0x1a5/0x480 [ 141.802451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.802973] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.803414] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.803972] ? __kthread_parkme+0x82/0x180 [ 141.804557] ? preempt_count_sub+0x50/0x80 [ 141.805021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.805493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.806055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.806605] kthread+0x337/0x6f0 [ 141.806994] ? trace_preempt_on+0x20/0xc0 [ 141.807368] ? __pfx_kthread+0x10/0x10 [ 141.807687] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.808082] ? calculate_sigpending+0x7b/0xa0 [ 141.808495] ? __pfx_kthread+0x10/0x10 [ 141.808862] ret_from_fork+0x116/0x1d0 [ 141.809104] ? __pfx_kthread+0x10/0x10 [ 141.809244] ret_from_fork_asm+0x1a/0x30 [ 141.809398] </TASK> [ 141.809490] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 141.070102] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 141.070731] WARNING: CPU: 0 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 141.072727] Modules linked in: [ 141.073083] CPU: 0 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 141.074283] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.074607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.075477] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 141.076250] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 6d 1d 80 00 48 c7 c1 a0 86 9e a2 4c 89 f2 48 c7 c7 60 83 9e a2 48 89 c6 e8 34 cf 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 141.077398] RSP: 0000:ffff88810c2ffd18 EFLAGS: 00010286 [ 141.077967] RAX: 0000000000000000 RBX: ffff8881065d2800 RCX: 1ffffffff46e4ce8 [ 141.078247] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 141.078856] RBP: ffff88810c2ffd48 R08: 0000000000000000 R09: fffffbfff46e4ce8 [ 141.079659] R10: 0000000000000003 R11: 0000000000039088 R12: ffff8881030d7800 [ 141.080617] R13: ffff8881065d28f8 R14: ffff888108759a00 R15: ffff88810039fb40 [ 141.081144] FS: 0000000000000000(0000) GS:ffff8881b6672000(0000) knlGS:0000000000000000 [ 141.081390] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.081569] CR2: 00007ffff7ffe000 CR3: 00000000354bc000 CR4: 00000000000006f0 [ 141.082318] DR0: ffffffffa4a52440 DR1: ffffffffa4a52441 DR2: ffffffffa4a52443 [ 141.083017] DR3: ffffffffa4a52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.083337] Call Trace: [ 141.083467] <TASK> [ 141.083586] ? trace_preempt_on+0x20/0xc0 [ 141.083817] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 141.084304] drm_gem_shmem_free_wrapper+0x12/0x20 [ 141.084499] __kunit_action_free+0x57/0x70 [ 141.084899] kunit_remove_resource+0x133/0x200 [ 141.085074] ? preempt_count_sub+0x50/0x80 [ 141.085285] kunit_cleanup+0x7a/0x120 [ 141.085443] kunit_try_run_case_cleanup+0xbd/0xf0 [ 141.085789] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 141.086460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.086740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.087187] kthread+0x337/0x6f0 [ 141.087459] ? trace_preempt_on+0x20/0xc0 [ 141.087657] ? __pfx_kthread+0x10/0x10 [ 141.087897] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.088141] ? calculate_sigpending+0x7b/0xa0 [ 141.088368] ? __pfx_kthread+0x10/0x10 [ 141.088543] ret_from_fork+0x116/0x1d0 [ 141.088729] ? __pfx_kthread+0x10/0x10 [ 141.089036] ret_from_fork_asm+0x1a/0x30 [ 141.089194] </TASK> [ 141.089354] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.921255] WARNING: CPU: 0 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 140.921587] Modules linked in: [ 140.921768] CPU: 0 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.923354] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.923563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.924319] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 140.925017] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 140.927378] RSP: 0000:ffff888103297b30 EFLAGS: 00010246 [ 140.928199] RAX: dffffc0000000000 RBX: ffff888103297c28 RCX: 0000000000000000 [ 140.928447] RDX: 1ffff11020652f8e RSI: ffff888103297c28 RDI: ffff888103297c70 [ 140.928666] RBP: ffff888103297b70 R08: ffff8881030ea000 R09: ffffffffa29d89e0 [ 140.929577] R10: 0000000000000003 R11: 00000000f16f094d R12: ffff8881030ea000 [ 140.930535] R13: ffff88810039fae8 R14: ffff888103297ba8 R15: 0000000000000000 [ 140.931379] FS: 0000000000000000(0000) GS:ffff8881b6672000(0000) knlGS:0000000000000000 [ 140.932431] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.933235] CR2: 00007ffff7ffe000 CR3: 00000000354bc000 CR4: 00000000000006f0 [ 140.933828] DR0: ffffffffa4a52440 DR1: ffffffffa4a52441 DR2: ffffffffa4a52443 [ 140.934044] DR3: ffffffffa4a52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.934254] Call Trace: [ 140.934359] <TASK> [ 140.934449] ? add_dr+0xc1/0x1d0 [ 140.934622] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.934935] ? add_dr+0x148/0x1d0 [ 140.935770] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.936748] ? __drmm_add_action+0x1a4/0x280 [ 140.937361] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.938057] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.938664] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.939389] ? __schedule+0x10cc/0x2b60 [ 140.940004] ? __pfx_read_tsc+0x10/0x10 [ 140.940551] ? ktime_get_ts64+0x86/0x230 [ 140.941086] kunit_try_run_case+0x1a5/0x480 [ 140.941603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.942168] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.942704] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.943232] ? __kthread_parkme+0x82/0x180 [ 140.943387] ? preempt_count_sub+0x50/0x80 [ 140.943535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.943708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.943895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.944534] kthread+0x337/0x6f0 [ 140.944718] ? trace_preempt_on+0x20/0xc0 [ 140.945318] ? __pfx_kthread+0x10/0x10 [ 140.945523] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.945870] ? calculate_sigpending+0x7b/0xa0 [ 140.946138] ? __pfx_kthread+0x10/0x10 [ 140.946315] ret_from_fork+0x116/0x1d0 [ 140.946487] ? __pfx_kthread+0x10/0x10 [ 140.946682] ret_from_fork_asm+0x1a/0x30 [ 140.947217] </TASK> [ 140.947358] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 140.880493] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 140.880670] WARNING: CPU: 1 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.882561] Modules linked in: [ 140.883168] CPU: 1 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 140.883705] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.884342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.884972] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.885318] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 3b 3a 87 00 48 c7 c1 c0 38 9d a2 4c 89 fa 48 c7 c7 20 39 9d a2 48 89 c6 e8 02 ec 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.886726] RSP: 0000:ffff8881030e7b68 EFLAGS: 00010282 [ 140.887177] RAX: 0000000000000000 RBX: ffff8881030e7c40 RCX: 1ffffffff46e4ce8 [ 140.887680] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.888335] RBP: ffff8881030e7b90 R08: 0000000000000000 R09: fffffbfff46e4ce8 [ 140.888722] R10: 0000000000000003 R11: 00000000000376e8 R12: ffff8881030e7c18 [ 140.889324] R13: ffff888103010000 R14: ffff888103279000 R15: ffff888102717580 [ 140.889637] FS: 0000000000000000(0000) GS:ffff8881b6772000(0000) knlGS:0000000000000000 [ 140.890544] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.891439] CR2: 00007ffff7ffe000 CR3: 00000000354bc000 CR4: 00000000000006f0 [ 140.892361] DR0: ffffffffa4a52444 DR1: ffffffffa4a52449 DR2: ffffffffa4a5244a [ 140.893115] DR3: ffffffffa4a5244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.893434] Call Trace: [ 140.893566] <TASK> [ 140.893711] drm_test_framebuffer_free+0x1ab/0x610 [ 140.894228] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.894654] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.895193] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.895583] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.896115] ? __schedule+0x10cc/0x2b60 [ 140.896529] ? __pfx_read_tsc+0x10/0x10 [ 140.896855] ? ktime_get_ts64+0x86/0x230 [ 140.897063] kunit_try_run_case+0x1a5/0x480 [ 140.897265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.897476] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.897700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.898426] ? __kthread_parkme+0x82/0x180 [ 140.898709] ? preempt_count_sub+0x50/0x80 [ 140.899235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.899646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.900204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.900490] kthread+0x337/0x6f0 [ 140.900661] ? trace_preempt_on+0x20/0xc0 [ 140.901128] ? __pfx_kthread+0x10/0x10 [ 140.901564] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.902057] ? calculate_sigpending+0x7b/0xa0 [ 140.902342] ? __pfx_kthread+0x10/0x10 [ 140.902534] ret_from_fork+0x116/0x1d0 [ 140.902723] ? __pfx_kthread+0x10/0x10 [ 140.903364] ret_from_fork_asm+0x1a/0x30 [ 140.903647] </TASK> [ 140.903777] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 139.536554] WARNING: CPU: 0 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.537332] Modules linked in: [ 139.537503] CPU: 0 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 139.539094] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.539393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.540013] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.540540] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 25 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.542321] RSP: 0000:ffff88810bac7c90 EFLAGS: 00010246 [ 139.542732] RAX: dffffc0000000000 RBX: ffff88810ba90000 RCX: 0000000000000000 [ 139.543295] RDX: 1ffff11021752032 RSI: ffffffff9fc05938 RDI: ffff88810ba90190 [ 139.543558] RBP: ffff88810bac7ca0 R08: 1ffff11020073f69 R09: ffffed1021758f65 [ 139.543861] R10: 0000000000000003 R11: ffffffff9f185b48 R12: 0000000000000000 [ 139.544421] R13: ffff88810bac7d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.545272] FS: 0000000000000000(0000) GS:ffff8881b6672000(0000) knlGS:0000000000000000 [ 139.545743] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.546536] CR2: 00007ffff7ffe000 CR3: 00000000354bc000 CR4: 00000000000006f0 [ 139.547039] DR0: ffffffffa4a52440 DR1: ffffffffa4a52441 DR2: ffffffffa4a52443 [ 139.547580] DR3: ffffffffa4a52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.548282] Call Trace: [ 139.548402] <TASK> [ 139.548509] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 139.549027] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 139.549265] ? __schedule+0x10cc/0x2b60 [ 139.549411] ? __pfx_read_tsc+0x10/0x10 [ 139.549550] ? ktime_get_ts64+0x86/0x230 [ 139.550071] kunit_try_run_case+0x1a5/0x480 [ 139.550541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.551086] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.552491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.552773] ? __kthread_parkme+0x82/0x180 [ 139.552981] ? preempt_count_sub+0x50/0x80 [ 139.553186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.553415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.554678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.555422] kthread+0x337/0x6f0 [ 139.555946] ? trace_preempt_on+0x20/0xc0 [ 139.556381] ? __pfx_kthread+0x10/0x10 [ 139.556877] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.557337] ? calculate_sigpending+0x7b/0xa0 [ 139.557556] ? __pfx_kthread+0x10/0x10 [ 139.557739] ret_from_fork+0x116/0x1d0 [ 139.558419] ? __pfx_kthread+0x10/0x10 [ 139.558953] ret_from_fork_asm+0x1a/0x30 [ 139.559204] </TASK> [ 139.559329] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.395353] WARNING: CPU: 0 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.396344] Modules linked in: [ 139.396729] CPU: 0 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 139.397155] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.397426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.398207] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.398474] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 25 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.398999] RSP: 0000:ffff88810be27c90 EFLAGS: 00010246 [ 139.399564] RAX: dffffc0000000000 RBX: ffff88810b8ce000 RCX: 0000000000000000 [ 139.400154] RDX: 1ffff11021719c32 RSI: ffffffff9fc05938 RDI: ffff88810b8ce190 [ 139.401218] RBP: ffff88810be27ca0 R08: 1ffff11020073f69 R09: ffffed10217c4f65 [ 139.401578] R10: 0000000000000003 R11: ffffffff9f185b48 R12: 0000000000000000 [ 139.402388] R13: ffff88810be27d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.402666] FS: 0000000000000000(0000) GS:ffff8881b6672000(0000) knlGS:0000000000000000 [ 139.403265] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.403586] CR2: 00007ffff7ffe000 CR3: 00000000354bc000 CR4: 00000000000006f0 [ 139.403817] DR0: ffffffffa4a52440 DR1: ffffffffa4a52441 DR2: ffffffffa4a52443 [ 139.404029] DR3: ffffffffa4a52445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.404240] Call Trace: [ 139.404344] <TASK> [ 139.404452] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 139.404745] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 139.404987] ? __schedule+0x10cc/0x2b60 [ 139.405132] ? __pfx_read_tsc+0x10/0x10 [ 139.405274] ? ktime_get_ts64+0x86/0x230 [ 139.405419] kunit_try_run_case+0x1a5/0x480 [ 139.405571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.405740] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.405900] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.406065] ? __kthread_parkme+0x82/0x180 [ 139.406208] ? preempt_count_sub+0x50/0x80 [ 139.406356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.406516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.406701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.407610] kthread+0x337/0x6f0 [ 139.407758] ? trace_preempt_on+0x20/0xc0 [ 139.407910] ? __pfx_kthread+0x10/0x10 [ 139.408220] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.408772] ? calculate_sigpending+0x7b/0xa0 [ 139.409214] ? __pfx_kthread+0x10/0x10 [ 139.409420] ret_from_fork+0x116/0x1d0 [ 139.409623] ? __pfx_kthread+0x10/0x10 [ 139.410129] ret_from_fork_asm+0x1a/0x30 [ 139.410583] </TASK> [ 139.410747] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 107.073540] WARNING: CPU: 1 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 107.074128] Modules linked in: [ 107.074683] CPU: 1 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 107.076067] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 107.076766] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.077312] RIP: 0010:intlog10+0x2a/0x40 [ 107.077479] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 c7 a8 86 02 90 <0f> 0b 90 31 c0 e9 bc a8 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 107.078226] RSP: 0000:ffff888109d37cb0 EFLAGS: 00010246 [ 107.078570] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110213a6fb4 [ 107.079145] RDX: 1ffffffff4512db4 RSI: 1ffff110213a6fb3 RDI: 0000000000000000 [ 107.079521] RBP: ffff888109d37d60 R08: 0000000000000000 R09: ffffed1020238d40 [ 107.079911] R10: ffff8881011c6a07 R11: 0000000000000048 R12: 1ffff110213a6f97 [ 107.080217] R13: ffffffffa2896da0 R14: 0000000000000000 R15: ffff888109d37d38 [ 107.080517] FS: 0000000000000000(0000) GS:ffff8881b6772000(0000) knlGS:0000000000000000 [ 107.080967] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.081229] CR2: ffff88815a8fa000 CR3: 00000000354bc000 CR4: 00000000000006f0 [ 107.081526] DR0: ffffffffa4a52444 DR1: ffffffffa4a52449 DR2: ffffffffa4a5244a [ 107.081829] DR3: ffffffffa4a5244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.082150] Call Trace: [ 107.082384] <TASK> [ 107.082511] ? intlog10_test+0xf2/0x220 [ 107.082749] ? __pfx_intlog10_test+0x10/0x10 [ 107.083044] ? __schedule+0x10cc/0x2b60 [ 107.083316] ? __pfx_read_tsc+0x10/0x10 [ 107.083483] ? ktime_get_ts64+0x86/0x230 [ 107.083892] kunit_try_run_case+0x1a5/0x480 [ 107.084108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.084285] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.084513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 107.084790] ? __kthread_parkme+0x82/0x180 [ 107.085073] ? preempt_count_sub+0x50/0x80 [ 107.085338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.085617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.085964] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.086299] kthread+0x337/0x6f0 [ 107.086458] ? trace_preempt_on+0x20/0xc0 [ 107.086672] ? __pfx_kthread+0x10/0x10 [ 107.087000] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.087250] ? calculate_sigpending+0x7b/0xa0 [ 107.087432] ? __pfx_kthread+0x10/0x10 [ 107.087642] ret_from_fork+0x116/0x1d0 [ 107.087796] ? __pfx_kthread+0x10/0x10 [ 107.088146] ret_from_fork_asm+0x1a/0x30 [ 107.088466] </TASK> [ 107.088572] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 107.032987] WARNING: CPU: 1 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 107.033677] Modules linked in: [ 107.034016] CPU: 1 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 107.035222] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 107.035390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.035676] RIP: 0010:intlog2+0xdf/0x110 [ 107.035946] Code: 89 a2 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 bf e8 55 ff 8b 45 e4 eb [ 107.038005] RSP: 0000:ffff888103f6fcb0 EFLAGS: 00010246 [ 107.038513] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110207edfb4 [ 107.039512] RDX: 1ffffffff4512e08 RSI: 1ffff110207edfb3 RDI: 0000000000000000 [ 107.040330] RBP: ffff888103f6fd60 R08: 0000000000000000 R09: ffffed1020238c00 [ 107.040554] R10: ffff8881011c6007 R11: 0000000000000000 R12: 1ffff110207edf97 [ 107.040799] R13: ffffffffa2897040 R14: 0000000000000000 R15: ffff888103f6fd38 [ 107.041639] FS: 0000000000000000(0000) GS:ffff8881b6772000(0000) knlGS:0000000000000000 [ 107.042330] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.042522] CR2: ffff88815a8fa000 CR3: 00000000354bc000 CR4: 00000000000006f0 [ 107.042750] DR0: ffffffffa4a52444 DR1: ffffffffa4a52449 DR2: ffffffffa4a5244a [ 107.042978] DR3: ffffffffa4a5244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.043382] Call Trace: [ 107.043522] <TASK> [ 107.043625] ? intlog2_test+0xf2/0x220 [ 107.044081] ? __pfx_intlog2_test+0x10/0x10 [ 107.044322] ? __schedule+0x10cc/0x2b60 [ 107.044481] ? __pfx_read_tsc+0x10/0x10 [ 107.044678] ? ktime_get_ts64+0x86/0x230 [ 107.045128] kunit_try_run_case+0x1a5/0x480 [ 107.045386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.045574] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.045934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 107.046133] ? __kthread_parkme+0x82/0x180 [ 107.046366] ? preempt_count_sub+0x50/0x80 [ 107.046518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.046781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.047095] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.047502] kthread+0x337/0x6f0 [ 107.047716] ? trace_preempt_on+0x20/0xc0 [ 107.047950] ? __pfx_kthread+0x10/0x10 [ 107.048113] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.048429] ? calculate_sigpending+0x7b/0xa0 [ 107.048663] ? __pfx_kthread+0x10/0x10 [ 107.049030] ret_from_fork+0x116/0x1d0 [ 107.049197] ? __pfx_kthread+0x10/0x10 [ 107.049357] ret_from_fork_asm+0x1a/0x30 [ 107.049573] </TASK> [ 107.049742] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 106.443580] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI