Date
July 8, 2025, 7:07 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.158010] ================================================================== [ 12.158910] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 12.159392] Read of size 1 at addr ffff8881039e9000 by task kunit_try_catch/157 [ 12.160003] [ 12.160357] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.160409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.160421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.160443] Call Trace: [ 12.160456] <TASK> [ 12.160474] dump_stack_lvl+0x73/0xb0 [ 12.160503] print_report+0xd1/0x650 [ 12.160525] ? __virt_addr_valid+0x1db/0x2d0 [ 12.160547] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.160569] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.160594] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.160616] kasan_report+0x141/0x180 [ 12.160638] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.160666] __asan_report_load1_noabort+0x18/0x20 [ 12.160688] kmalloc_node_oob_right+0x369/0x3c0 [ 12.160711] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.160734] ? __schedule+0x10cc/0x2b60 [ 12.160756] ? __pfx_read_tsc+0x10/0x10 [ 12.160777] ? ktime_get_ts64+0x86/0x230 [ 12.160801] kunit_try_run_case+0x1a5/0x480 [ 12.160825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.160846] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.160868] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.160890] ? __kthread_parkme+0x82/0x180 [ 12.160909] ? preempt_count_sub+0x50/0x80 [ 12.160932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.160954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.160976] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.160997] kthread+0x337/0x6f0 [ 12.161016] ? trace_preempt_on+0x20/0xc0 [ 12.161038] ? __pfx_kthread+0x10/0x10 [ 12.161071] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.161091] ? calculate_sigpending+0x7b/0xa0 [ 12.161113] ? __pfx_kthread+0x10/0x10 [ 12.161133] ret_from_fork+0x116/0x1d0 [ 12.161151] ? __pfx_kthread+0x10/0x10 [ 12.161170] ret_from_fork_asm+0x1a/0x30 [ 12.161201] </TASK> [ 12.161213] [ 12.172964] Allocated by task 157: [ 12.173214] kasan_save_stack+0x45/0x70 [ 12.173739] kasan_save_track+0x18/0x40 [ 12.173906] kasan_save_alloc_info+0x3b/0x50 [ 12.174445] __kasan_kmalloc+0xb7/0xc0 [ 12.174831] __kmalloc_cache_node_noprof+0x188/0x420 [ 12.175083] kmalloc_node_oob_right+0xab/0x3c0 [ 12.175375] kunit_try_run_case+0x1a5/0x480 [ 12.175570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.176126] kthread+0x337/0x6f0 [ 12.176404] ret_from_fork+0x116/0x1d0 [ 12.176733] ret_from_fork_asm+0x1a/0x30 [ 12.176909] [ 12.177218] The buggy address belongs to the object at ffff8881039e8000 [ 12.177218] which belongs to the cache kmalloc-4k of size 4096 [ 12.177981] The buggy address is located 0 bytes to the right of [ 12.177981] allocated 4096-byte region [ffff8881039e8000, ffff8881039e9000) [ 12.178914] [ 12.179029] The buggy address belongs to the physical page: [ 12.179356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e8 [ 12.180434] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.180781] flags: 0x200000000000040(head|node=0|zone=2) [ 12.181381] page_type: f5(slab) [ 12.181679] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.182167] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.182681] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.183202] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.183597] head: 0200000000000003 ffffea00040e7a01 00000000ffffffff 00000000ffffffff [ 12.183925] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.184489] page dumped because: kasan: bad access detected [ 12.184892] [ 12.184995] Memory state around the buggy address: [ 12.185597] ffff8881039e8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.186031] ffff8881039e8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.186360] >ffff8881039e9000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.186876] ^ [ 12.187198] ffff8881039e9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.187712] ffff8881039e9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.188161] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 12.123620] ================================================================== [ 12.124593] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 12.125030] Read of size 1 at addr ffff8881022bac3f by task kunit_try_catch/155 [ 12.125727] [ 12.126028] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.126107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.126119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.126143] Call Trace: [ 12.126158] <TASK> [ 12.126178] dump_stack_lvl+0x73/0xb0 [ 12.126209] print_report+0xd1/0x650 [ 12.126231] ? __virt_addr_valid+0x1db/0x2d0 [ 12.126254] ? kmalloc_oob_left+0x361/0x3c0 [ 12.126274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.126298] ? kmalloc_oob_left+0x361/0x3c0 [ 12.126319] kasan_report+0x141/0x180 [ 12.126339] ? kmalloc_oob_left+0x361/0x3c0 [ 12.126364] __asan_report_load1_noabort+0x18/0x20 [ 12.126387] kmalloc_oob_left+0x361/0x3c0 [ 12.126407] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.126428] ? __schedule+0x10cc/0x2b60 [ 12.126449] ? __pfx_read_tsc+0x10/0x10 [ 12.126470] ? ktime_get_ts64+0x86/0x230 [ 12.126495] kunit_try_run_case+0x1a5/0x480 [ 12.126519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.126540] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.126562] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.126584] ? __kthread_parkme+0x82/0x180 [ 12.126604] ? preempt_count_sub+0x50/0x80 [ 12.126628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.126650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.126671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.126692] kthread+0x337/0x6f0 [ 12.126710] ? trace_preempt_on+0x20/0xc0 [ 12.126733] ? __pfx_kthread+0x10/0x10 [ 12.126752] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.126771] ? calculate_sigpending+0x7b/0xa0 [ 12.126795] ? __pfx_kthread+0x10/0x10 [ 12.126815] ret_from_fork+0x116/0x1d0 [ 12.126832] ? __pfx_kthread+0x10/0x10 [ 12.126851] ret_from_fork_asm+0x1a/0x30 [ 12.126882] </TASK> [ 12.126894] [ 12.138540] Allocated by task 1: [ 12.138801] kasan_save_stack+0x45/0x70 [ 12.139206] kasan_save_track+0x18/0x40 [ 12.139407] kasan_save_alloc_info+0x3b/0x50 [ 12.139630] __kasan_kmalloc+0xb7/0xc0 [ 12.139824] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.140496] kstrdup+0x3e/0xa0 [ 12.140662] kstrdup_const+0x2c/0x40 [ 12.140996] __kernfs_new_node+0xa7/0x6d0 [ 12.141464] kernfs_new_node+0x140/0x1e0 [ 12.141773] kernfs_create_dir_ns+0x30/0x140 [ 12.142171] sysfs_create_dir_ns+0x130/0x290 [ 12.142400] kobject_add_internal+0x222/0x9b0 [ 12.142755] kobject_init_and_add+0xf1/0x160 [ 12.143091] sysfs_slab_add+0x19a/0x1f0 [ 12.143270] slab_sysfs_init+0x76/0x110 [ 12.143455] do_one_initcall+0xd8/0x370 [ 12.143886] kernel_init_freeable+0x420/0x6f0 [ 12.144086] kernel_init+0x23/0x1e0 [ 12.144576] ret_from_fork+0x116/0x1d0 [ 12.144867] ret_from_fork_asm+0x1a/0x30 [ 12.145425] [ 12.145635] The buggy address belongs to the object at ffff8881022bac20 [ 12.145635] which belongs to the cache kmalloc-16 of size 16 [ 12.146335] The buggy address is located 19 bytes to the right of [ 12.146335] allocated 12-byte region [ffff8881022bac20, ffff8881022bac2c) [ 12.147057] [ 12.147185] The buggy address belongs to the physical page: [ 12.147536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 12.147886] flags: 0x200000000000000(node=0|zone=2) [ 12.148400] page_type: f5(slab) [ 12.148704] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.149168] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.149633] page dumped because: kasan: bad access detected [ 12.149951] [ 12.150065] Memory state around the buggy address: [ 12.150368] ffff8881022bab00: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 12.151095] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 12.151635] >ffff8881022bac00: 00 04 fc fc 00 04 fc fc 00 07 fc fc fc fc fc fc [ 12.152002] ^ [ 12.152464] ffff8881022bac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.152923] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.153471] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 12.072827] ================================================================== [ 12.073153] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.073561] Write of size 1 at addr ffff888102602478 by task kunit_try_catch/153 [ 12.073902] [ 12.074023] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.074270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.074287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.074308] Call Trace: [ 12.074346] <TASK> [ 12.074364] dump_stack_lvl+0x73/0xb0 [ 12.074393] print_report+0xd1/0x650 [ 12.074414] ? __virt_addr_valid+0x1db/0x2d0 [ 12.074435] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.074454] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.074479] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.074499] kasan_report+0x141/0x180 [ 12.074519] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.074544] __asan_report_store1_noabort+0x1b/0x30 [ 12.074567] kmalloc_oob_right+0x6bd/0x7f0 [ 12.074588] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.074629] ? __schedule+0x10cc/0x2b60 [ 12.074651] ? __pfx_read_tsc+0x10/0x10 [ 12.074670] ? ktime_get_ts64+0x86/0x230 [ 12.074695] kunit_try_run_case+0x1a5/0x480 [ 12.074717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.074738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.074760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.074799] ? __kthread_parkme+0x82/0x180 [ 12.074818] ? preempt_count_sub+0x50/0x80 [ 12.074840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.074863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.074884] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.074905] kthread+0x337/0x6f0 [ 12.074923] ? trace_preempt_on+0x20/0xc0 [ 12.074945] ? __pfx_kthread+0x10/0x10 [ 12.074964] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.074983] ? calculate_sigpending+0x7b/0xa0 [ 12.075007] ? __pfx_kthread+0x10/0x10 [ 12.075027] ret_from_fork+0x116/0x1d0 [ 12.075055] ? __pfx_kthread+0x10/0x10 [ 12.075075] ret_from_fork_asm+0x1a/0x30 [ 12.075106] </TASK> [ 12.075119] [ 12.083483] Allocated by task 153: [ 12.083682] kasan_save_stack+0x45/0x70 [ 12.083887] kasan_save_track+0x18/0x40 [ 12.084101] kasan_save_alloc_info+0x3b/0x50 [ 12.084439] __kasan_kmalloc+0xb7/0xc0 [ 12.084748] __kmalloc_cache_noprof+0x189/0x420 [ 12.084967] kmalloc_oob_right+0xa9/0x7f0 [ 12.085217] kunit_try_run_case+0x1a5/0x480 [ 12.085430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.085685] kthread+0x337/0x6f0 [ 12.086026] ret_from_fork+0x116/0x1d0 [ 12.086174] ret_from_fork_asm+0x1a/0x30 [ 12.086370] [ 12.086462] The buggy address belongs to the object at ffff888102602400 [ 12.086462] which belongs to the cache kmalloc-128 of size 128 [ 12.087417] The buggy address is located 5 bytes to the right of [ 12.087417] allocated 115-byte region [ffff888102602400, ffff888102602473) [ 12.088006] [ 12.088113] The buggy address belongs to the physical page: [ 12.088400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 12.088645] flags: 0x200000000000000(node=0|zone=2) [ 12.088973] page_type: f5(slab) [ 12.089289] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.089753] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.090065] page dumped because: kasan: bad access detected [ 12.090237] [ 12.090307] Memory state around the buggy address: [ 12.090602] ffff888102602300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.090989] ffff888102602380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.091719] >ffff888102602400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.091942] ^ [ 12.092563] ffff888102602480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.093161] ffff888102602500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.093599] ================================================================== [ 12.038174] ================================================================== [ 12.039339] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.040859] Write of size 1 at addr ffff888102602473 by task kunit_try_catch/153 [ 12.042146] [ 12.043545] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.043899] Tainted: [N]=TEST [ 12.043930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.044175] Call Trace: [ 12.044243] <TASK> [ 12.044387] dump_stack_lvl+0x73/0xb0 [ 12.044475] print_report+0xd1/0x650 [ 12.044534] ? __virt_addr_valid+0x1db/0x2d0 [ 12.044561] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.044581] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.044606] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.044626] kasan_report+0x141/0x180 [ 12.044647] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.044673] __asan_report_store1_noabort+0x1b/0x30 [ 12.044695] kmalloc_oob_right+0x6f0/0x7f0 [ 12.044716] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.044738] ? __schedule+0x10cc/0x2b60 [ 12.044760] ? __pfx_read_tsc+0x10/0x10 [ 12.044781] ? ktime_get_ts64+0x86/0x230 [ 12.044806] kunit_try_run_case+0x1a5/0x480 [ 12.044832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.044852] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.044876] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.044897] ? __kthread_parkme+0x82/0x180 [ 12.044918] ? preempt_count_sub+0x50/0x80 [ 12.044942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.044964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.044985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.045007] kthread+0x337/0x6f0 [ 12.045026] ? trace_preempt_on+0x20/0xc0 [ 12.045077] ? __pfx_kthread+0x10/0x10 [ 12.045097] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.045117] ? calculate_sigpending+0x7b/0xa0 [ 12.045141] ? __pfx_kthread+0x10/0x10 [ 12.045161] ret_from_fork+0x116/0x1d0 [ 12.045179] ? __pfx_kthread+0x10/0x10 [ 12.045198] ret_from_fork_asm+0x1a/0x30 [ 12.045257] </TASK> [ 12.045322] [ 12.057872] Allocated by task 153: [ 12.058487] kasan_save_stack+0x45/0x70 [ 12.058829] kasan_save_track+0x18/0x40 [ 12.059191] kasan_save_alloc_info+0x3b/0x50 [ 12.059454] __kasan_kmalloc+0xb7/0xc0 [ 12.059664] __kmalloc_cache_noprof+0x189/0x420 [ 12.059950] kmalloc_oob_right+0xa9/0x7f0 [ 12.060260] kunit_try_run_case+0x1a5/0x480 [ 12.060446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.060810] kthread+0x337/0x6f0 [ 12.060977] ret_from_fork+0x116/0x1d0 [ 12.061338] ret_from_fork_asm+0x1a/0x30 [ 12.061651] [ 12.061840] The buggy address belongs to the object at ffff888102602400 [ 12.061840] which belongs to the cache kmalloc-128 of size 128 [ 12.062773] The buggy address is located 0 bytes to the right of [ 12.062773] allocated 115-byte region [ffff888102602400, ffff888102602473) [ 12.063779] [ 12.064238] The buggy address belongs to the physical page: [ 12.064745] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 12.065451] flags: 0x200000000000000(node=0|zone=2) [ 12.066095] page_type: f5(slab) [ 12.066868] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.067346] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.067820] page dumped because: kasan: bad access detected [ 12.068084] [ 12.068213] Memory state around the buggy address: [ 12.068756] ffff888102602300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.069220] ffff888102602380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.069545] >ffff888102602400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.069951] ^ [ 12.070417] ffff888102602480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.070927] ffff888102602500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.071338] ================================================================== [ 12.094158] ================================================================== [ 12.094502] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.095545] Read of size 1 at addr ffff888102602480 by task kunit_try_catch/153 [ 12.095890] [ 12.096008] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.096067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.096079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.096100] Call Trace: [ 12.096115] <TASK> [ 12.096130] dump_stack_lvl+0x73/0xb0 [ 12.096156] print_report+0xd1/0x650 [ 12.096177] ? __virt_addr_valid+0x1db/0x2d0 [ 12.096197] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.096217] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.096241] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.096262] kasan_report+0x141/0x180 [ 12.096283] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.096308] __asan_report_load1_noabort+0x18/0x20 [ 12.096330] kmalloc_oob_right+0x68a/0x7f0 [ 12.096350] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.096371] ? __schedule+0x10cc/0x2b60 [ 12.096392] ? __pfx_read_tsc+0x10/0x10 [ 12.096411] ? ktime_get_ts64+0x86/0x230 [ 12.096435] kunit_try_run_case+0x1a5/0x480 [ 12.096458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.096479] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.096499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.096521] ? __kthread_parkme+0x82/0x180 [ 12.096539] ? preempt_count_sub+0x50/0x80 [ 12.096561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.096582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.096604] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.096625] kthread+0x337/0x6f0 [ 12.096643] ? trace_preempt_on+0x20/0xc0 [ 12.096664] ? __pfx_kthread+0x10/0x10 [ 12.096683] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.096702] ? calculate_sigpending+0x7b/0xa0 [ 12.096725] ? __pfx_kthread+0x10/0x10 [ 12.096745] ret_from_fork+0x116/0x1d0 [ 12.096761] ? __pfx_kthread+0x10/0x10 [ 12.096780] ret_from_fork_asm+0x1a/0x30 [ 12.096810] </TASK> [ 12.096820] [ 12.108415] Allocated by task 153: [ 12.108766] kasan_save_stack+0x45/0x70 [ 12.109226] kasan_save_track+0x18/0x40 [ 12.109425] kasan_save_alloc_info+0x3b/0x50 [ 12.109662] __kasan_kmalloc+0xb7/0xc0 [ 12.109836] __kmalloc_cache_noprof+0x189/0x420 [ 12.110061] kmalloc_oob_right+0xa9/0x7f0 [ 12.110645] kunit_try_run_case+0x1a5/0x480 [ 12.110819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.111301] kthread+0x337/0x6f0 [ 12.111627] ret_from_fork+0x116/0x1d0 [ 12.111907] ret_from_fork_asm+0x1a/0x30 [ 12.112087] [ 12.112358] The buggy address belongs to the object at ffff888102602400 [ 12.112358] which belongs to the cache kmalloc-128 of size 128 [ 12.113024] The buggy address is located 13 bytes to the right of [ 12.113024] allocated 115-byte region [ffff888102602400, ffff888102602473) [ 12.113952] [ 12.114055] The buggy address belongs to the physical page: [ 12.114494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 12.114791] flags: 0x200000000000000(node=0|zone=2) [ 12.115031] page_type: f5(slab) [ 12.115201] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.115922] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.116418] page dumped because: kasan: bad access detected [ 12.116613] [ 12.116899] Memory state around the buggy address: [ 12.117279] ffff888102602380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.117884] ffff888102602400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.118426] >ffff888102602480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.118903] ^ [ 12.119185] ffff888102602500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.119646] ffff888102602580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.120034] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 144.578632] WARNING: CPU: 1 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 144.579078] Modules linked in: [ 144.579534] CPU: 1 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 144.580604] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.581055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.581880] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 144.582073] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.584112] RSP: 0000:ffff8881093a7c78 EFLAGS: 00010286 [ 144.584524] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 144.585396] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff91033074 [ 144.585789] RBP: ffff8881093a7ca0 R08: 0000000000000000 R09: ffffed1020ada1c0 [ 144.586531] R10: ffff8881056d0e07 R11: 0000000000000000 R12: ffffffff91033060 [ 144.587258] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881093a7d38 [ 144.588131] FS: 0000000000000000(0000) GS:ffff8881c8172000(0000) knlGS:0000000000000000 [ 144.588872] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.589321] CR2: 00007ffff7ffe000 CR3: 00000001210bc000 CR4: 00000000000006f0 [ 144.589849] DR0: ffffffff93052440 DR1: ffffffff93052441 DR2: ffffffff93052443 [ 144.590065] DR3: ffffffff93052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.590861] Call Trace: [ 144.591181] <TASK> [ 144.591453] drm_test_rect_calc_vscale+0x108/0x270 [ 144.591972] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 144.592620] ? __schedule+0x10cc/0x2b60 [ 144.592909] ? __pfx_read_tsc+0x10/0x10 [ 144.593269] ? ktime_get_ts64+0x86/0x230 [ 144.593425] kunit_try_run_case+0x1a5/0x480 [ 144.593620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.594079] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.594713] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.595239] ? __kthread_parkme+0x82/0x180 [ 144.595708] ? preempt_count_sub+0x50/0x80 [ 144.596172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.596545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.596734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.596929] kthread+0x337/0x6f0 [ 144.597056] ? trace_preempt_on+0x20/0xc0 [ 144.597550] ? __pfx_kthread+0x10/0x10 [ 144.598041] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.598659] ? calculate_sigpending+0x7b/0xa0 [ 144.599204] ? __pfx_kthread+0x10/0x10 [ 144.599605] ret_from_fork+0x116/0x1d0 [ 144.599981] ? __pfx_kthread+0x10/0x10 [ 144.600421] ret_from_fork_asm+0x1a/0x30 [ 144.601151] </TASK> [ 144.601586] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 144.562209] WARNING: CPU: 1 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 144.562819] Modules linked in: [ 144.563001] CPU: 1 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 144.563885] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.564242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.564615] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 144.564877] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.565678] RSP: 0000:ffff888109767c78 EFLAGS: 00010286 [ 144.565905] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 144.566400] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9103303c [ 144.566717] RBP: ffff888109767ca0 R08: 0000000000000000 R09: ffffed1020ada180 [ 144.566987] R10: ffff8881056d0c07 R11: 0000000000000000 R12: ffffffff91033028 [ 144.567375] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888109767d38 [ 144.567688] FS: 0000000000000000(0000) GS:ffff8881c8172000(0000) knlGS:0000000000000000 [ 144.568009] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.568340] CR2: 00007ffff7ffe000 CR3: 00000001210bc000 CR4: 00000000000006f0 [ 144.568648] DR0: ffffffff93052440 DR1: ffffffff93052441 DR2: ffffffff93052443 [ 144.568925] DR3: ffffffff93052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.569334] Call Trace: [ 144.569482] <TASK> [ 144.569633] drm_test_rect_calc_vscale+0x108/0x270 [ 144.569869] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 144.570107] ? __schedule+0x10cc/0x2b60 [ 144.570301] ? __pfx_read_tsc+0x10/0x10 [ 144.570452] ? ktime_get_ts64+0x86/0x230 [ 144.570660] kunit_try_run_case+0x1a5/0x480 [ 144.570859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.571096] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.571286] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.571481] ? __kthread_parkme+0x82/0x180 [ 144.571686] ? preempt_count_sub+0x50/0x80 [ 144.571860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.572073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.572519] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.572811] kthread+0x337/0x6f0 [ 144.572988] ? trace_preempt_on+0x20/0xc0 [ 144.573272] ? __pfx_kthread+0x10/0x10 [ 144.573442] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.573696] ? calculate_sigpending+0x7b/0xa0 [ 144.573923] ? __pfx_kthread+0x10/0x10 [ 144.574207] ret_from_fork+0x116/0x1d0 [ 144.574370] ? __pfx_kthread+0x10/0x10 [ 144.574585] ret_from_fork_asm+0x1a/0x30 [ 144.574779] </TASK> [ 144.574891] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 144.527571] WARNING: CPU: 0 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 144.529307] Modules linked in: [ 144.529630] CPU: 0 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 144.529962] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.530591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.531647] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 144.532188] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b db 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.533750] RSP: 0000:ffff88810996fc78 EFLAGS: 00010286 [ 144.533947] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 144.534174] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff91033078 [ 144.534388] RBP: ffff88810996fca0 R08: 0000000000000000 R09: ffffed1020cbde60 [ 144.534601] R10: ffff8881065ef307 R11: 0000000000000000 R12: ffffffff91033060 [ 144.534811] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810996fd38 [ 144.535023] FS: 0000000000000000(0000) GS:ffff8881c8072000(0000) knlGS:0000000000000000 [ 144.535928] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.536724] CR2: 00007ffff7ffe000 CR3: 00000001210bc000 CR4: 00000000000006f0 [ 144.537613] DR0: ffffffff93052440 DR1: ffffffff93052441 DR2: ffffffff93052442 [ 144.538349] DR3: ffffffff93052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.539224] Call Trace: [ 144.539499] <TASK> [ 144.539765] drm_test_rect_calc_hscale+0x108/0x270 [ 144.540332] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 144.540842] ? __schedule+0x10cc/0x2b60 [ 144.541319] ? __pfx_read_tsc+0x10/0x10 [ 144.541805] ? ktime_get_ts64+0x86/0x230 [ 144.542281] kunit_try_run_case+0x1a5/0x480 [ 144.542727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.543246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.543712] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.544266] ? __kthread_parkme+0x82/0x180 [ 144.544767] ? preempt_count_sub+0x50/0x80 [ 144.545269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.545610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.545792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.545986] kthread+0x337/0x6f0 [ 144.546125] ? trace_preempt_on+0x20/0xc0 [ 144.546274] ? __pfx_kthread+0x10/0x10 [ 144.546411] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.546562] ? calculate_sigpending+0x7b/0xa0 [ 144.546716] ? __pfx_kthread+0x10/0x10 [ 144.546854] ret_from_fork+0x116/0x1d0 [ 144.546988] ? __pfx_kthread+0x10/0x10 [ 144.547208] ret_from_fork_asm+0x1a/0x30 [ 144.547630] </TASK> [ 144.547878] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 144.499923] WARNING: CPU: 1 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 144.500974] Modules linked in: [ 144.501557] CPU: 1 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 144.502615] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.502825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.503348] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 144.503960] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b db 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.505957] RSP: 0000:ffff888109aefc78 EFLAGS: 00010286 [ 144.506763] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 144.507501] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff91033040 [ 144.508017] RBP: ffff888109aefca0 R08: 0000000000000000 R09: ffffed1020ada0c0 [ 144.508829] R10: ffff8881056d0607 R11: 0000000000000000 R12: ffffffff91033028 [ 144.509620] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888109aefd38 [ 144.510341] FS: 0000000000000000(0000) GS:ffff8881c8172000(0000) knlGS:0000000000000000 [ 144.510940] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.511357] CR2: 00007ffff7ffe000 CR3: 00000001210bc000 CR4: 00000000000006f0 [ 144.512331] DR0: ffffffff93052440 DR1: ffffffff93052441 DR2: ffffffff93052443 [ 144.513106] DR3: ffffffff93052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.513691] Call Trace: [ 144.514064] <TASK> [ 144.514481] drm_test_rect_calc_hscale+0x108/0x270 [ 144.514912] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 144.515609] ? __schedule+0x10cc/0x2b60 [ 144.516012] ? __pfx_read_tsc+0x10/0x10 [ 144.516573] ? ktime_get_ts64+0x86/0x230 [ 144.517056] kunit_try_run_case+0x1a5/0x480 [ 144.517416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.517798] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.518497] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.519263] ? __kthread_parkme+0x82/0x180 [ 144.519674] ? preempt_count_sub+0x50/0x80 [ 144.519839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.520003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.520606] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.521248] kthread+0x337/0x6f0 [ 144.521398] ? trace_preempt_on+0x20/0xc0 [ 144.521549] ? __pfx_kthread+0x10/0x10 [ 144.521695] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.521849] ? calculate_sigpending+0x7b/0xa0 [ 144.522010] ? __pfx_kthread+0x10/0x10 [ 144.522545] ret_from_fork+0x116/0x1d0 [ 144.522981] ? __pfx_kthread+0x10/0x10 [ 144.523448] ret_from_fork_asm+0x1a/0x30 [ 144.523904] </TASK> [ 144.524241] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.057249] ================================================================== [ 50.057736] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 50.057736] [ 50.058117] Use-after-free read at 0x(____ptrval____) (in kfence-#134): [ 50.058441] test_krealloc+0x6fc/0xbe0 [ 50.058605] kunit_try_run_case+0x1a5/0x480 [ 50.058899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.059280] kthread+0x337/0x6f0 [ 50.059410] ret_from_fork+0x116/0x1d0 [ 50.059722] ret_from_fork_asm+0x1a/0x30 [ 50.059931] [ 50.060045] kfence-#134: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 50.060045] [ 50.060439] allocated by task 354 on cpu 0 at 50.056480s (0.003957s ago): [ 50.060701] test_alloc+0x364/0x10f0 [ 50.060991] test_krealloc+0xad/0xbe0 [ 50.061131] kunit_try_run_case+0x1a5/0x480 [ 50.061280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.061558] kthread+0x337/0x6f0 [ 50.061838] ret_from_fork+0x116/0x1d0 [ 50.062063] ret_from_fork_asm+0x1a/0x30 [ 50.062266] [ 50.062340] freed by task 354 on cpu 0 at 50.056768s (0.005570s ago): [ 50.062662] krealloc_noprof+0x108/0x340 [ 50.062882] test_krealloc+0x226/0xbe0 [ 50.063056] kunit_try_run_case+0x1a5/0x480 [ 50.063272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.063513] kthread+0x337/0x6f0 [ 50.063680] ret_from_fork+0x116/0x1d0 [ 50.063835] ret_from_fork_asm+0x1a/0x30 [ 50.063972] [ 50.064080] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 50.064561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.064763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.065173] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.974656] ================================================================== [ 49.975084] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.975084] [ 49.975741] Use-after-free read at 0x(____ptrval____) (in kfence-#133): [ 49.976085] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.976336] kunit_try_run_case+0x1a5/0x480 [ 49.976499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.976803] kthread+0x337/0x6f0 [ 49.976991] ret_from_fork+0x116/0x1d0 [ 49.977180] ret_from_fork_asm+0x1a/0x30 [ 49.977429] [ 49.977524] kfence-#133: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 49.977524] [ 49.977975] allocated by task 352 on cpu 0 at 49.952356s (0.025616s ago): [ 49.978339] test_alloc+0x2a6/0x10f0 [ 49.978559] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 49.978827] kunit_try_run_case+0x1a5/0x480 [ 49.979088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.979348] kthread+0x337/0x6f0 [ 49.979557] ret_from_fork+0x116/0x1d0 [ 49.979726] ret_from_fork_asm+0x1a/0x30 [ 49.979933] [ 49.980072] freed by task 352 on cpu 0 at 49.952477s (0.027592s ago): [ 49.980372] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 49.980679] kunit_try_run_case+0x1a5/0x480 [ 49.980908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.981178] kthread+0x337/0x6f0 [ 49.981342] ret_from_fork+0x116/0x1d0 [ 49.981476] ret_from_fork_asm+0x1a/0x30 [ 49.981733] [ 49.981865] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 49.982368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.982509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.982944] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 24.799539] ================================================================== [ 24.800417] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 24.800417] [ 24.800777] Invalid read at 0x(____ptrval____): [ 24.801636] test_invalid_access+0xf0/0x210 [ 24.801971] kunit_try_run_case+0x1a5/0x480 [ 24.802369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.802764] kthread+0x337/0x6f0 [ 24.802940] ret_from_fork+0x116/0x1d0 [ 24.803313] ret_from_fork_asm+0x1a/0x30 [ 24.803697] [ 24.803926] CPU: 1 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 24.804559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.804909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.805471] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 24.576687] ================================================================== [ 24.577050] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.577050] [ 24.577361] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#129): [ 24.578400] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.578921] kunit_try_run_case+0x1a5/0x480 [ 24.579357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.579863] kthread+0x337/0x6f0 [ 24.579996] ret_from_fork+0x116/0x1d0 [ 24.580146] ret_from_fork_asm+0x1a/0x30 [ 24.580293] [ 24.580368] kfence-#129: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.580368] [ 24.580677] allocated by task 342 on cpu 0 at 24.576407s (0.004268s ago): [ 24.581098] test_alloc+0x364/0x10f0 [ 24.581249] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 24.581437] kunit_try_run_case+0x1a5/0x480 [ 24.581853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.582079] kthread+0x337/0x6f0 [ 24.582238] ret_from_fork+0x116/0x1d0 [ 24.582384] ret_from_fork_asm+0x1a/0x30 [ 24.582524] [ 24.582623] freed by task 342 on cpu 0 at 24.576564s (0.006057s ago): [ 24.582928] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.583175] kunit_try_run_case+0x1a5/0x480 [ 24.583323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.583655] kthread+0x337/0x6f0 [ 24.583830] ret_from_fork+0x116/0x1d0 [ 24.584003] ret_from_fork_asm+0x1a/0x30 [ 24.584204] [ 24.584334] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 24.584677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.584860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.585285] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 24.472578] ================================================================== [ 24.472984] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.472984] [ 24.473454] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#128): [ 24.474253] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.474865] kunit_try_run_case+0x1a5/0x480 [ 24.475093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.475347] kthread+0x337/0x6f0 [ 24.475775] ret_from_fork+0x116/0x1d0 [ 24.475979] ret_from_fork_asm+0x1a/0x30 [ 24.476378] [ 24.476580] kfence-#128: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.476580] [ 24.477158] allocated by task 340 on cpu 1 at 24.472378s (0.004777s ago): [ 24.477477] test_alloc+0x364/0x10f0 [ 24.477814] test_kmalloc_aligned_oob_read+0x105/0x560 [ 24.478142] kunit_try_run_case+0x1a5/0x480 [ 24.478440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.478784] kthread+0x337/0x6f0 [ 24.478970] ret_from_fork+0x116/0x1d0 [ 24.479280] ret_from_fork_asm+0x1a/0x30 [ 24.479617] [ 24.479770] CPU: 1 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 24.480398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.480635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.481018] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 20.104507] ================================================================== [ 20.104892] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 20.104892] [ 20.105358] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#86): [ 20.105730] test_corruption+0x216/0x3e0 [ 20.105876] kunit_try_run_case+0x1a5/0x480 [ 20.106152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.106436] kthread+0x337/0x6f0 [ 20.106582] ret_from_fork+0x116/0x1d0 [ 20.106719] ret_from_fork_asm+0x1a/0x30 [ 20.106938] [ 20.107047] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.107047] [ 20.107405] allocated by task 330 on cpu 1 at 20.104398s (0.003005s ago): [ 20.107691] test_alloc+0x2a6/0x10f0 [ 20.107900] test_corruption+0x1cb/0x3e0 [ 20.108082] kunit_try_run_case+0x1a5/0x480 [ 20.108242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.108478] kthread+0x337/0x6f0 [ 20.108678] ret_from_fork+0x116/0x1d0 [ 20.108809] ret_from_fork_asm+0x1a/0x30 [ 20.108985] [ 20.109093] freed by task 330 on cpu 1 at 20.104435s (0.004655s ago): [ 20.109380] test_corruption+0x216/0x3e0 [ 20.109531] kunit_try_run_case+0x1a5/0x480 [ 20.109749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.109996] kthread+0x337/0x6f0 [ 20.110161] ret_from_fork+0x116/0x1d0 [ 20.110296] ret_from_fork_asm+0x1a/0x30 [ 20.110479] [ 20.110683] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 20.111128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.111275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.111757] ================================================================== [ 19.792700] ================================================================== [ 19.793181] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.793181] [ 19.793523] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#83): [ 19.794468] test_corruption+0x2df/0x3e0 [ 19.794795] kunit_try_run_case+0x1a5/0x480 [ 19.795093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.795353] kthread+0x337/0x6f0 [ 19.795734] ret_from_fork+0x116/0x1d0 [ 19.796027] ret_from_fork_asm+0x1a/0x30 [ 19.796332] [ 19.796454] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.796454] [ 19.797096] allocated by task 328 on cpu 0 at 19.792419s (0.004675s ago): [ 19.797499] test_alloc+0x364/0x10f0 [ 19.797870] test_corruption+0x1cb/0x3e0 [ 19.798171] kunit_try_run_case+0x1a5/0x480 [ 19.798384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.798820] kthread+0x337/0x6f0 [ 19.799109] ret_from_fork+0x116/0x1d0 [ 19.799424] ret_from_fork_asm+0x1a/0x30 [ 19.799666] [ 19.799936] freed by task 328 on cpu 0 at 19.792519s (0.007415s ago): [ 19.800258] test_corruption+0x2df/0x3e0 [ 19.800453] kunit_try_run_case+0x1a5/0x480 [ 19.800850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.801207] kthread+0x337/0x6f0 [ 19.801398] ret_from_fork+0x116/0x1d0 [ 19.801584] ret_from_fork_asm+0x1a/0x30 [ 19.801772] [ 19.801894] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.802344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.802637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.803297] ================================================================== [ 19.896505] ================================================================== [ 19.896871] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.896871] [ 19.897336] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#84): [ 19.898006] test_corruption+0x131/0x3e0 [ 19.898224] kunit_try_run_case+0x1a5/0x480 [ 19.898398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.898634] kthread+0x337/0x6f0 [ 19.898792] ret_from_fork+0x116/0x1d0 [ 19.898962] ret_from_fork_asm+0x1a/0x30 [ 19.899163] [ 19.899263] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.899263] [ 19.899722] allocated by task 330 on cpu 1 at 19.896383s (0.003337s ago): [ 19.899974] test_alloc+0x2a6/0x10f0 [ 19.900169] test_corruption+0xe6/0x3e0 [ 19.900312] kunit_try_run_case+0x1a5/0x480 [ 19.900460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.900952] kthread+0x337/0x6f0 [ 19.901124] ret_from_fork+0x116/0x1d0 [ 19.901259] ret_from_fork_asm+0x1a/0x30 [ 19.901399] [ 19.901497] freed by task 330 on cpu 1 at 19.896441s (0.005054s ago): [ 19.901825] test_corruption+0x131/0x3e0 [ 19.902017] kunit_try_run_case+0x1a5/0x480 [ 19.902214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.902450] kthread+0x337/0x6f0 [ 19.902712] ret_from_fork+0x116/0x1d0 [ 19.902883] ret_from_fork_asm+0x1a/0x30 [ 19.903053] [ 19.903180] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.903663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.903807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.904206] ================================================================== [ 19.480636] ================================================================== [ 19.481064] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 19.481064] [ 19.481798] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#80): [ 19.483052] test_corruption+0x2d2/0x3e0 [ 19.483281] kunit_try_run_case+0x1a5/0x480 [ 19.483511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.483893] kthread+0x337/0x6f0 [ 19.484211] ret_from_fork+0x116/0x1d0 [ 19.484470] ret_from_fork_asm+0x1a/0x30 [ 19.484701] [ 19.484829] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.484829] [ 19.485444] allocated by task 328 on cpu 0 at 19.480382s (0.005059s ago): [ 19.485925] test_alloc+0x364/0x10f0 [ 19.486138] test_corruption+0xe6/0x3e0 [ 19.486323] kunit_try_run_case+0x1a5/0x480 [ 19.486786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.487036] kthread+0x337/0x6f0 [ 19.487333] ret_from_fork+0x116/0x1d0 [ 19.487509] ret_from_fork_asm+0x1a/0x30 [ 19.487859] [ 19.487982] freed by task 328 on cpu 0 at 19.480475s (0.007505s ago): [ 19.488413] test_corruption+0x2d2/0x3e0 [ 19.488727] kunit_try_run_case+0x1a5/0x480 [ 19.488986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.489279] kthread+0x337/0x6f0 [ 19.489589] ret_from_fork+0x116/0x1d0 [ 19.489795] ret_from_fork_asm+0x1a/0x30 [ 19.490109] [ 19.490275] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.490892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.491120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.491517] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 19.272515] ================================================================== [ 19.272897] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 19.272897] [ 19.273343] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 19.273730] test_invalid_addr_free+0x1e1/0x260 [ 19.273913] kunit_try_run_case+0x1a5/0x480 [ 19.274165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.274462] kthread+0x337/0x6f0 [ 19.274662] ret_from_fork+0x116/0x1d0 [ 19.274866] ret_from_fork_asm+0x1a/0x30 [ 19.275103] [ 19.275180] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.275180] [ 19.275526] allocated by task 324 on cpu 0 at 19.272391s (0.003134s ago): [ 19.275870] test_alloc+0x364/0x10f0 [ 19.276077] test_invalid_addr_free+0xdb/0x260 [ 19.276322] kunit_try_run_case+0x1a5/0x480 [ 19.276527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.276851] kthread+0x337/0x6f0 [ 19.276972] ret_from_fork+0x116/0x1d0 [ 19.277198] ret_from_fork_asm+0x1a/0x30 [ 19.277404] [ 19.277547] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.278068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.278237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.278710] ================================================================== [ 19.376561] ================================================================== [ 19.376940] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 19.376940] [ 19.377348] Invalid free of 0x(____ptrval____) (in kfence-#79): [ 19.377689] test_invalid_addr_free+0xfb/0x260 [ 19.377857] kunit_try_run_case+0x1a5/0x480 [ 19.378022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.378304] kthread+0x337/0x6f0 [ 19.378486] ret_from_fork+0x116/0x1d0 [ 19.378651] ret_from_fork_asm+0x1a/0x30 [ 19.378873] [ 19.378968] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.378968] [ 19.379294] allocated by task 326 on cpu 1 at 19.376447s (0.002846s ago): [ 19.379615] test_alloc+0x2a6/0x10f0 [ 19.379802] test_invalid_addr_free+0xdb/0x260 [ 19.380025] kunit_try_run_case+0x1a5/0x480 [ 19.380204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.380428] kthread+0x337/0x6f0 [ 19.380679] ret_from_fork+0x116/0x1d0 [ 19.380837] ret_from_fork_asm+0x1a/0x30 [ 19.381026] [ 19.381158] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.381575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.381744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.382012] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 19.168654] ================================================================== [ 19.169240] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 19.169240] [ 19.169617] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 19.169877] test_double_free+0x112/0x260 [ 19.170113] kunit_try_run_case+0x1a5/0x480 [ 19.170327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.170581] kthread+0x337/0x6f0 [ 19.170836] ret_from_fork+0x116/0x1d0 [ 19.170976] ret_from_fork_asm+0x1a/0x30 [ 19.171196] [ 19.171322] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.171322] [ 19.171706] allocated by task 322 on cpu 0 at 19.168379s (0.003325s ago): [ 19.172023] test_alloc+0x2a6/0x10f0 [ 19.172189] test_double_free+0xdb/0x260 [ 19.172406] kunit_try_run_case+0x1a5/0x480 [ 19.172582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.172968] kthread+0x337/0x6f0 [ 19.173155] ret_from_fork+0x116/0x1d0 [ 19.173402] ret_from_fork_asm+0x1a/0x30 [ 19.173710] [ 19.173809] freed by task 322 on cpu 0 at 19.168440s (0.005367s ago): [ 19.174086] test_double_free+0xfa/0x260 [ 19.174221] kunit_try_run_case+0x1a5/0x480 [ 19.174434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.174884] kthread+0x337/0x6f0 [ 19.175103] ret_from_fork+0x116/0x1d0 [ 19.175286] ret_from_fork_asm+0x1a/0x30 [ 19.175443] [ 19.175615] CPU: 0 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.176130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.176271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.176771] ================================================================== [ 19.064657] ================================================================== [ 19.065084] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 19.065084] [ 19.065416] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 19.066050] test_double_free+0x1d3/0x260 [ 19.066273] kunit_try_run_case+0x1a5/0x480 [ 19.066458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.067019] kthread+0x337/0x6f0 [ 19.067289] ret_from_fork+0x116/0x1d0 [ 19.067451] ret_from_fork_asm+0x1a/0x30 [ 19.067761] [ 19.067850] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.067850] [ 19.068280] allocated by task 320 on cpu 1 at 19.064404s (0.003874s ago): [ 19.068771] test_alloc+0x364/0x10f0 [ 19.068944] test_double_free+0xdb/0x260 [ 19.069250] kunit_try_run_case+0x1a5/0x480 [ 19.069512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.069849] kthread+0x337/0x6f0 [ 19.070096] ret_from_fork+0x116/0x1d0 [ 19.070354] ret_from_fork_asm+0x1a/0x30 [ 19.070541] [ 19.070685] freed by task 320 on cpu 1 at 19.064473s (0.006210s ago): [ 19.071130] test_double_free+0x1e0/0x260 [ 19.071297] kunit_try_run_case+0x1a5/0x480 [ 19.071578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.071825] kthread+0x337/0x6f0 [ 19.071983] ret_from_fork+0x116/0x1d0 [ 19.072170] ret_from_fork_asm+0x1a/0x30 [ 19.072356] [ 19.072463] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 19.073256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.073533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.073975] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 18.752474] ================================================================== [ 18.752856] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.752856] [ 18.753263] Use-after-free read at 0x(____ptrval____) (in kfence-#73): [ 18.753610] test_use_after_free_read+0x129/0x270 [ 18.753781] kunit_try_run_case+0x1a5/0x480 [ 18.753997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.754265] kthread+0x337/0x6f0 [ 18.754425] ret_from_fork+0x116/0x1d0 [ 18.754646] ret_from_fork_asm+0x1a/0x30 [ 18.754806] [ 18.754909] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.754909] [ 18.755242] allocated by task 314 on cpu 0 at 18.752346s (0.002894s ago): [ 18.755538] test_alloc+0x2a6/0x10f0 [ 18.755728] test_use_after_free_read+0xdc/0x270 [ 18.755947] kunit_try_run_case+0x1a5/0x480 [ 18.756106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.756305] kthread+0x337/0x6f0 [ 18.756475] ret_from_fork+0x116/0x1d0 [ 18.756711] ret_from_fork_asm+0x1a/0x30 [ 18.756914] [ 18.757014] freed by task 314 on cpu 0 at 18.752397s (0.004615s ago): [ 18.757270] test_use_after_free_read+0xfb/0x270 [ 18.757430] kunit_try_run_case+0x1a5/0x480 [ 18.757647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.757902] kthread+0x337/0x6f0 [ 18.758088] ret_from_fork+0x116/0x1d0 [ 18.758276] ret_from_fork_asm+0x1a/0x30 [ 18.758423] [ 18.758524] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.758957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.759145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.759485] ================================================================== [ 18.648563] ================================================================== [ 18.648992] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.648992] [ 18.649512] Use-after-free read at 0x(____ptrval____) (in kfence-#72): [ 18.649769] test_use_after_free_read+0x129/0x270 [ 18.649989] kunit_try_run_case+0x1a5/0x480 [ 18.650216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.650461] kthread+0x337/0x6f0 [ 18.650867] ret_from_fork+0x116/0x1d0 [ 18.651575] ret_from_fork_asm+0x1a/0x30 [ 18.651863] [ 18.651952] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.651952] [ 18.652443] allocated by task 312 on cpu 1 at 18.648353s (0.004087s ago): [ 18.653009] test_alloc+0x364/0x10f0 [ 18.653298] test_use_after_free_read+0xdc/0x270 [ 18.653629] kunit_try_run_case+0x1a5/0x480 [ 18.653840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.654216] kthread+0x337/0x6f0 [ 18.654459] ret_from_fork+0x116/0x1d0 [ 18.654780] ret_from_fork_asm+0x1a/0x30 [ 18.654978] [ 18.655418] freed by task 312 on cpu 1 at 18.648409s (0.006737s ago): [ 18.655866] test_use_after_free_read+0x1e7/0x270 [ 18.656102] kunit_try_run_case+0x1a5/0x480 [ 18.656449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.656803] kthread+0x337/0x6f0 [ 18.657076] ret_from_fork+0x116/0x1d0 [ 18.657293] ret_from_fork_asm+0x1a/0x30 [ 18.657669] [ 18.657910] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.658382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.658736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.659214] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 18.544466] ================================================================== [ 18.544880] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 18.544880] [ 18.545405] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#71): [ 18.545840] test_out_of_bounds_write+0x10d/0x260 [ 18.546079] kunit_try_run_case+0x1a5/0x480 [ 18.546296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.546523] kthread+0x337/0x6f0 [ 18.546739] ret_from_fork+0x116/0x1d0 [ 18.546915] ret_from_fork_asm+0x1a/0x30 [ 18.547140] [ 18.547239] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.547239] [ 18.547504] allocated by task 310 on cpu 1 at 18.544402s (0.003100s ago): [ 18.547829] test_alloc+0x2a6/0x10f0 [ 18.548050] test_out_of_bounds_write+0xd4/0x260 [ 18.548317] kunit_try_run_case+0x1a5/0x480 [ 18.548487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.548772] kthread+0x337/0x6f0 [ 18.548966] ret_from_fork+0x116/0x1d0 [ 18.549158] ret_from_fork_asm+0x1a/0x30 [ 18.549356] [ 18.549528] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.550018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.550243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.550660] ================================================================== [ 18.232488] ================================================================== [ 18.232887] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 18.232887] [ 18.233368] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#68): [ 18.233677] test_out_of_bounds_write+0x10d/0x260 [ 18.233924] kunit_try_run_case+0x1a5/0x480 [ 18.234133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.234367] kthread+0x337/0x6f0 [ 18.234496] ret_from_fork+0x116/0x1d0 [ 18.234650] ret_from_fork_asm+0x1a/0x30 [ 18.234863] [ 18.234963] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.234963] [ 18.235386] allocated by task 308 on cpu 0 at 18.232364s (0.003020s ago): [ 18.235713] test_alloc+0x364/0x10f0 [ 18.235843] test_out_of_bounds_write+0xd4/0x260 [ 18.236080] kunit_try_run_case+0x1a5/0x480 [ 18.236289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.236539] kthread+0x337/0x6f0 [ 18.236679] ret_from_fork+0x116/0x1d0 [ 18.236871] ret_from_fork_asm+0x1a/0x30 [ 18.237029] [ 18.237164] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.237647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.237796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.238138] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.920424] ================================================================== [ 17.920828] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.920828] [ 17.921301] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#65): [ 17.921701] test_out_of_bounds_read+0x126/0x4e0 [ 17.921870] kunit_try_run_case+0x1a5/0x480 [ 17.922065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.922355] kthread+0x337/0x6f0 [ 17.922562] ret_from_fork+0x116/0x1d0 [ 17.922719] ret_from_fork_asm+0x1a/0x30 [ 17.922940] [ 17.923036] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.923036] [ 17.923466] allocated by task 306 on cpu 1 at 17.920361s (0.003103s ago): [ 17.923844] test_alloc+0x2a6/0x10f0 [ 17.924016] test_out_of_bounds_read+0xed/0x4e0 [ 17.924281] kunit_try_run_case+0x1a5/0x480 [ 17.924513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.924795] kthread+0x337/0x6f0 [ 17.924973] ret_from_fork+0x116/0x1d0 [ 17.925125] ret_from_fork_asm+0x1a/0x30 [ 17.925301] [ 17.925446] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.925930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.926147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.926539] ================================================================== [ 17.712697] ================================================================== [ 17.713210] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.713210] [ 17.713672] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#63): [ 17.713984] test_out_of_bounds_read+0x216/0x4e0 [ 17.714167] kunit_try_run_case+0x1a5/0x480 [ 17.714383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.714637] kthread+0x337/0x6f0 [ 17.714770] ret_from_fork+0x116/0x1d0 [ 17.714979] ret_from_fork_asm+0x1a/0x30 [ 17.715169] [ 17.715271] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.715271] [ 17.715588] allocated by task 304 on cpu 0 at 17.712508s (0.003078s ago): [ 17.715985] test_alloc+0x364/0x10f0 [ 17.716129] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.716355] kunit_try_run_case+0x1a5/0x480 [ 17.716620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.716831] kthread+0x337/0x6f0 [ 17.717002] ret_from_fork+0x116/0x1d0 [ 17.717161] ret_from_fork_asm+0x1a/0x30 [ 17.717347] [ 17.717446] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.717987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.718207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.718543] ================================================================== [ 17.505513] ================================================================== [ 17.506213] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.506213] [ 17.507191] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#61): [ 17.508237] test_out_of_bounds_read+0x126/0x4e0 [ 17.508561] kunit_try_run_case+0x1a5/0x480 [ 17.508733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.508908] kthread+0x337/0x6f0 [ 17.509034] ret_from_fork+0x116/0x1d0 [ 17.509180] ret_from_fork_asm+0x1a/0x30 [ 17.509329] [ 17.509583] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.509583] [ 17.510608] allocated by task 304 on cpu 0 at 17.504295s (0.006256s ago): [ 17.511499] test_alloc+0x364/0x10f0 [ 17.511925] test_out_of_bounds_read+0xed/0x4e0 [ 17.512336] kunit_try_run_case+0x1a5/0x480 [ 17.512801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.513306] kthread+0x337/0x6f0 [ 17.513607] ret_from_fork+0x116/0x1d0 [ 17.513933] ret_from_fork_asm+0x1a/0x30 [ 17.514406] [ 17.514646] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.515711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.516098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.516535] ================================================================== [ 18.024447] ================================================================== [ 18.024834] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 18.024834] [ 18.025447] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#66): [ 18.025737] test_out_of_bounds_read+0x216/0x4e0 [ 18.025920] kunit_try_run_case+0x1a5/0x480 [ 18.026178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.026471] kthread+0x337/0x6f0 [ 18.026725] ret_from_fork+0x116/0x1d0 [ 18.026927] ret_from_fork_asm+0x1a/0x30 [ 18.027143] [ 18.027221] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.027221] [ 18.027586] allocated by task 306 on cpu 1 at 18.024393s (0.003191s ago): [ 18.027943] test_alloc+0x2a6/0x10f0 [ 18.028188] test_out_of_bounds_read+0x1e2/0x4e0 [ 18.028442] kunit_try_run_case+0x1a5/0x480 [ 18.028636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.028850] kthread+0x337/0x6f0 [ 18.029028] ret_from_fork+0x116/0x1d0 [ 18.029231] ret_from_fork_asm+0x1a/0x30 [ 18.029454] [ 18.029598] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 18.030050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.030268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.030720] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 17.427442] ================================================================== [ 17.427684] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 17.427912] Write of size 121 at addr ffff888102629100 by task kunit_try_catch/302 [ 17.428372] [ 17.428542] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.428584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.428596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.428618] Call Trace: [ 17.428634] <TASK> [ 17.428650] dump_stack_lvl+0x73/0xb0 [ 17.428676] print_report+0xd1/0x650 [ 17.428699] ? __virt_addr_valid+0x1db/0x2d0 [ 17.428722] ? strncpy_from_user+0x2e/0x1d0 [ 17.428745] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.428772] ? strncpy_from_user+0x2e/0x1d0 [ 17.428795] kasan_report+0x141/0x180 [ 17.428817] ? strncpy_from_user+0x2e/0x1d0 [ 17.428845] kasan_check_range+0x10c/0x1c0 [ 17.428869] __kasan_check_write+0x18/0x20 [ 17.428890] strncpy_from_user+0x2e/0x1d0 [ 17.428913] ? __kasan_check_read+0x15/0x20 [ 17.428934] copy_user_test_oob+0x760/0x10f0 [ 17.428961] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.428983] ? finish_task_switch.isra.0+0x153/0x700 [ 17.429006] ? __switch_to+0x47/0xf50 [ 17.429032] ? __schedule+0x10cc/0x2b60 [ 17.429066] ? __pfx_read_tsc+0x10/0x10 [ 17.429103] ? ktime_get_ts64+0x86/0x230 [ 17.429139] kunit_try_run_case+0x1a5/0x480 [ 17.429167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.429203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.429227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.429251] ? __kthread_parkme+0x82/0x180 [ 17.429272] ? preempt_count_sub+0x50/0x80 [ 17.429296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.429320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.429344] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.429368] kthread+0x337/0x6f0 [ 17.429389] ? trace_preempt_on+0x20/0xc0 [ 17.429412] ? __pfx_kthread+0x10/0x10 [ 17.429434] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.429457] ? calculate_sigpending+0x7b/0xa0 [ 17.429480] ? __pfx_kthread+0x10/0x10 [ 17.429502] ret_from_fork+0x116/0x1d0 [ 17.429522] ? __pfx_kthread+0x10/0x10 [ 17.429544] ret_from_fork_asm+0x1a/0x30 [ 17.429584] </TASK> [ 17.429597] [ 17.444259] Allocated by task 302: [ 17.444465] kasan_save_stack+0x45/0x70 [ 17.444675] kasan_save_track+0x18/0x40 [ 17.444882] kasan_save_alloc_info+0x3b/0x50 [ 17.445119] __kasan_kmalloc+0xb7/0xc0 [ 17.445286] __kmalloc_noprof+0x1c9/0x500 [ 17.445429] kunit_kmalloc_array+0x25/0x60 [ 17.445576] copy_user_test_oob+0xab/0x10f0 [ 17.445787] kunit_try_run_case+0x1a5/0x480 [ 17.446014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.446309] kthread+0x337/0x6f0 [ 17.446485] ret_from_fork+0x116/0x1d0 [ 17.446665] ret_from_fork_asm+0x1a/0x30 [ 17.446833] [ 17.446932] The buggy address belongs to the object at ffff888102629100 [ 17.446932] which belongs to the cache kmalloc-128 of size 128 [ 17.447438] The buggy address is located 0 bytes inside of [ 17.447438] allocated 120-byte region [ffff888102629100, ffff888102629178) [ 17.447987] [ 17.448099] The buggy address belongs to the physical page: [ 17.448339] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102629 [ 17.448710] flags: 0x200000000000000(node=0|zone=2) [ 17.448947] page_type: f5(slab) [ 17.449135] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.449465] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.449814] page dumped because: kasan: bad access detected [ 17.450062] [ 17.450164] Memory state around the buggy address: [ 17.450358] ffff888102629000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.450596] ffff888102629080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.450858] >ffff888102629100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.451204] ^ [ 17.451545] ffff888102629180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.451855] ffff888102629200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.452077] ================================================================== [ 17.452720] ================================================================== [ 17.453108] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 17.453450] Write of size 1 at addr ffff888102629178 by task kunit_try_catch/302 [ 17.453792] [ 17.453880] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.453923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.453937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.453960] Call Trace: [ 17.453977] <TASK> [ 17.453994] dump_stack_lvl+0x73/0xb0 [ 17.454021] print_report+0xd1/0x650 [ 17.454062] ? __virt_addr_valid+0x1db/0x2d0 [ 17.454084] ? strncpy_from_user+0x1a5/0x1d0 [ 17.454119] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.454146] ? strncpy_from_user+0x1a5/0x1d0 [ 17.454170] kasan_report+0x141/0x180 [ 17.454192] ? strncpy_from_user+0x1a5/0x1d0 [ 17.454220] __asan_report_store1_noabort+0x1b/0x30 [ 17.454245] strncpy_from_user+0x1a5/0x1d0 [ 17.454271] copy_user_test_oob+0x760/0x10f0 [ 17.454297] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.454320] ? finish_task_switch.isra.0+0x153/0x700 [ 17.454343] ? __switch_to+0x47/0xf50 [ 17.454368] ? __schedule+0x10cc/0x2b60 [ 17.454391] ? __pfx_read_tsc+0x10/0x10 [ 17.454412] ? ktime_get_ts64+0x86/0x230 [ 17.454436] kunit_try_run_case+0x1a5/0x480 [ 17.454462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.454505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.454528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.454553] ? __kthread_parkme+0x82/0x180 [ 17.454573] ? preempt_count_sub+0x50/0x80 [ 17.454596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.454621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.454644] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.454668] kthread+0x337/0x6f0 [ 17.454688] ? trace_preempt_on+0x20/0xc0 [ 17.454711] ? __pfx_kthread+0x10/0x10 [ 17.454735] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.454757] ? calculate_sigpending+0x7b/0xa0 [ 17.454782] ? __pfx_kthread+0x10/0x10 [ 17.454805] ret_from_fork+0x116/0x1d0 [ 17.454845] ? __pfx_kthread+0x10/0x10 [ 17.454866] ret_from_fork_asm+0x1a/0x30 [ 17.454909] </TASK> [ 17.454922] [ 17.462362] Allocated by task 302: [ 17.462580] kasan_save_stack+0x45/0x70 [ 17.462778] kasan_save_track+0x18/0x40 [ 17.462968] kasan_save_alloc_info+0x3b/0x50 [ 17.463192] __kasan_kmalloc+0xb7/0xc0 [ 17.463357] __kmalloc_noprof+0x1c9/0x500 [ 17.463514] kunit_kmalloc_array+0x25/0x60 [ 17.463663] copy_user_test_oob+0xab/0x10f0 [ 17.463871] kunit_try_run_case+0x1a5/0x480 [ 17.464109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.464373] kthread+0x337/0x6f0 [ 17.464567] ret_from_fork+0x116/0x1d0 [ 17.464784] ret_from_fork_asm+0x1a/0x30 [ 17.464973] [ 17.465084] The buggy address belongs to the object at ffff888102629100 [ 17.465084] which belongs to the cache kmalloc-128 of size 128 [ 17.465622] The buggy address is located 0 bytes to the right of [ 17.465622] allocated 120-byte region [ffff888102629100, ffff888102629178) [ 17.466148] [ 17.466248] The buggy address belongs to the physical page: [ 17.466523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102629 [ 17.466851] flags: 0x200000000000000(node=0|zone=2) [ 17.467015] page_type: f5(slab) [ 17.467146] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.467379] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.467736] page dumped because: kasan: bad access detected [ 17.467994] [ 17.468098] Memory state around the buggy address: [ 17.468325] ffff888102629000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.468656] ffff888102629080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.468986] >ffff888102629100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.469325] ^ [ 17.469572] ffff888102629180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.469793] ffff888102629200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.470086] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 17.311468] ================================================================== [ 17.311801] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 17.312249] Write of size 121 at addr ffff888102629100 by task kunit_try_catch/302 [ 17.312986] [ 17.313161] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.313210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.313225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.313248] Call Trace: [ 17.313262] <TASK> [ 17.313277] dump_stack_lvl+0x73/0xb0 [ 17.313471] print_report+0xd1/0x650 [ 17.313506] ? __virt_addr_valid+0x1db/0x2d0 [ 17.313530] ? copy_user_test_oob+0x3fd/0x10f0 [ 17.313558] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.313586] ? copy_user_test_oob+0x3fd/0x10f0 [ 17.313610] kasan_report+0x141/0x180 [ 17.313632] ? copy_user_test_oob+0x3fd/0x10f0 [ 17.313661] kasan_check_range+0x10c/0x1c0 [ 17.313685] __kasan_check_write+0x18/0x20 [ 17.313705] copy_user_test_oob+0x3fd/0x10f0 [ 17.313731] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.313755] ? finish_task_switch.isra.0+0x153/0x700 [ 17.313778] ? __switch_to+0x47/0xf50 [ 17.313804] ? __schedule+0x10cc/0x2b60 [ 17.313830] ? __pfx_read_tsc+0x10/0x10 [ 17.313852] ? ktime_get_ts64+0x86/0x230 [ 17.313877] kunit_try_run_case+0x1a5/0x480 [ 17.313902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.313926] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.313950] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.313974] ? __kthread_parkme+0x82/0x180 [ 17.313996] ? preempt_count_sub+0x50/0x80 [ 17.314021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.314057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.314083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.314107] kthread+0x337/0x6f0 [ 17.314127] ? trace_preempt_on+0x20/0xc0 [ 17.314151] ? __pfx_kthread+0x10/0x10 [ 17.314172] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.314194] ? calculate_sigpending+0x7b/0xa0 [ 17.314218] ? __pfx_kthread+0x10/0x10 [ 17.314241] ret_from_fork+0x116/0x1d0 [ 17.314260] ? __pfx_kthread+0x10/0x10 [ 17.314282] ret_from_fork_asm+0x1a/0x30 [ 17.314314] </TASK> [ 17.314327] [ 17.325101] Allocated by task 302: [ 17.325527] kasan_save_stack+0x45/0x70 [ 17.325734] kasan_save_track+0x18/0x40 [ 17.325910] kasan_save_alloc_info+0x3b/0x50 [ 17.326139] __kasan_kmalloc+0xb7/0xc0 [ 17.326336] __kmalloc_noprof+0x1c9/0x500 [ 17.326529] kunit_kmalloc_array+0x25/0x60 [ 17.326934] copy_user_test_oob+0xab/0x10f0 [ 17.327148] kunit_try_run_case+0x1a5/0x480 [ 17.327350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.327947] kthread+0x337/0x6f0 [ 17.328112] ret_from_fork+0x116/0x1d0 [ 17.328486] ret_from_fork_asm+0x1a/0x30 [ 17.328864] [ 17.328969] The buggy address belongs to the object at ffff888102629100 [ 17.328969] which belongs to the cache kmalloc-128 of size 128 [ 17.329491] The buggy address is located 0 bytes inside of [ 17.329491] allocated 120-byte region [ffff888102629100, ffff888102629178) [ 17.329993] [ 17.330091] The buggy address belongs to the physical page: [ 17.330343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102629 [ 17.331130] flags: 0x200000000000000(node=0|zone=2) [ 17.331334] page_type: f5(slab) [ 17.331865] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.332377] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.332879] page dumped because: kasan: bad access detected [ 17.333251] [ 17.333339] Memory state around the buggy address: [ 17.333509] ffff888102629000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.333739] ffff888102629080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.333956] >ffff888102629100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.334211] ^ [ 17.334429] ffff888102629180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.335008] ffff888102629200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.335650] ================================================================== [ 17.399386] ================================================================== [ 17.400168] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 17.401025] Read of size 121 at addr ffff888102629100 by task kunit_try_catch/302 [ 17.401774] [ 17.401973] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.402022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.402036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.402069] Call Trace: [ 17.402084] <TASK> [ 17.402101] dump_stack_lvl+0x73/0xb0 [ 17.402187] print_report+0xd1/0x650 [ 17.402222] ? __virt_addr_valid+0x1db/0x2d0 [ 17.402246] ? copy_user_test_oob+0x604/0x10f0 [ 17.402270] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.402297] ? copy_user_test_oob+0x604/0x10f0 [ 17.402321] kasan_report+0x141/0x180 [ 17.402344] ? copy_user_test_oob+0x604/0x10f0 [ 17.402373] kasan_check_range+0x10c/0x1c0 [ 17.402397] __kasan_check_read+0x15/0x20 [ 17.402417] copy_user_test_oob+0x604/0x10f0 [ 17.402442] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.402465] ? finish_task_switch.isra.0+0x153/0x700 [ 17.402488] ? __switch_to+0x47/0xf50 [ 17.402526] ? __schedule+0x10cc/0x2b60 [ 17.402549] ? __pfx_read_tsc+0x10/0x10 [ 17.402571] ? ktime_get_ts64+0x86/0x230 [ 17.402596] kunit_try_run_case+0x1a5/0x480 [ 17.402622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.402645] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.402670] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.402693] ? __kthread_parkme+0x82/0x180 [ 17.402715] ? preempt_count_sub+0x50/0x80 [ 17.402739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.402765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.402788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.402812] kthread+0x337/0x6f0 [ 17.402833] ? trace_preempt_on+0x20/0xc0 [ 17.402857] ? __pfx_kthread+0x10/0x10 [ 17.402878] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.402900] ? calculate_sigpending+0x7b/0xa0 [ 17.402925] ? __pfx_kthread+0x10/0x10 [ 17.402947] ret_from_fork+0x116/0x1d0 [ 17.402967] ? __pfx_kthread+0x10/0x10 [ 17.402988] ret_from_fork_asm+0x1a/0x30 [ 17.403020] </TASK> [ 17.403033] [ 17.414844] Allocated by task 302: [ 17.414980] kasan_save_stack+0x45/0x70 [ 17.415130] kasan_save_track+0x18/0x40 [ 17.415265] kasan_save_alloc_info+0x3b/0x50 [ 17.415410] __kasan_kmalloc+0xb7/0xc0 [ 17.415602] __kmalloc_noprof+0x1c9/0x500 [ 17.415975] kunit_kmalloc_array+0x25/0x60 [ 17.416358] copy_user_test_oob+0xab/0x10f0 [ 17.416821] kunit_try_run_case+0x1a5/0x480 [ 17.417225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.417728] kthread+0x337/0x6f0 [ 17.418104] ret_from_fork+0x116/0x1d0 [ 17.418468] ret_from_fork_asm+0x1a/0x30 [ 17.418849] [ 17.419033] The buggy address belongs to the object at ffff888102629100 [ 17.419033] which belongs to the cache kmalloc-128 of size 128 [ 17.420130] The buggy address is located 0 bytes inside of [ 17.420130] allocated 120-byte region [ffff888102629100, ffff888102629178) [ 17.420479] [ 17.420620] The buggy address belongs to the physical page: [ 17.421136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102629 [ 17.421876] flags: 0x200000000000000(node=0|zone=2) [ 17.422338] page_type: f5(slab) [ 17.422644] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.423106] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.423330] page dumped because: kasan: bad access detected [ 17.423499] [ 17.423680] Memory state around the buggy address: [ 17.424141] ffff888102629000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.424779] ffff888102629080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.425412] >ffff888102629100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.426051] ^ [ 17.426486] ffff888102629180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.426708] ffff888102629200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.426921] ================================================================== [ 17.367074] ================================================================== [ 17.368155] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 17.369149] Write of size 121 at addr ffff888102629100 by task kunit_try_catch/302 [ 17.370221] [ 17.370450] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.370497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.370510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.370533] Call Trace: [ 17.370717] <TASK> [ 17.370737] dump_stack_lvl+0x73/0xb0 [ 17.370767] print_report+0xd1/0x650 [ 17.370790] ? __virt_addr_valid+0x1db/0x2d0 [ 17.370814] ? copy_user_test_oob+0x557/0x10f0 [ 17.370839] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.370867] ? copy_user_test_oob+0x557/0x10f0 [ 17.370893] kasan_report+0x141/0x180 [ 17.370916] ? copy_user_test_oob+0x557/0x10f0 [ 17.370946] kasan_check_range+0x10c/0x1c0 [ 17.370970] __kasan_check_write+0x18/0x20 [ 17.370990] copy_user_test_oob+0x557/0x10f0 [ 17.371016] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.371039] ? finish_task_switch.isra.0+0x153/0x700 [ 17.371073] ? __switch_to+0x47/0xf50 [ 17.371101] ? __schedule+0x10cc/0x2b60 [ 17.371123] ? __pfx_read_tsc+0x10/0x10 [ 17.371144] ? ktime_get_ts64+0x86/0x230 [ 17.371168] kunit_try_run_case+0x1a5/0x480 [ 17.371193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.371216] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.371240] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.371263] ? __kthread_parkme+0x82/0x180 [ 17.371285] ? preempt_count_sub+0x50/0x80 [ 17.371309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.371333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.371357] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.371380] kthread+0x337/0x6f0 [ 17.371401] ? trace_preempt_on+0x20/0xc0 [ 17.371425] ? __pfx_kthread+0x10/0x10 [ 17.371446] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.371468] ? calculate_sigpending+0x7b/0xa0 [ 17.371492] ? __pfx_kthread+0x10/0x10 [ 17.371514] ret_from_fork+0x116/0x1d0 [ 17.371534] ? __pfx_kthread+0x10/0x10 [ 17.371554] ret_from_fork_asm+0x1a/0x30 [ 17.371586] </TASK> [ 17.371597] [ 17.385748] Allocated by task 302: [ 17.386465] kasan_save_stack+0x45/0x70 [ 17.386884] kasan_save_track+0x18/0x40 [ 17.387267] kasan_save_alloc_info+0x3b/0x50 [ 17.387772] __kasan_kmalloc+0xb7/0xc0 [ 17.388168] __kmalloc_noprof+0x1c9/0x500 [ 17.388572] kunit_kmalloc_array+0x25/0x60 [ 17.388972] copy_user_test_oob+0xab/0x10f0 [ 17.389246] kunit_try_run_case+0x1a5/0x480 [ 17.389399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.389599] kthread+0x337/0x6f0 [ 17.389981] ret_from_fork+0x116/0x1d0 [ 17.390152] ret_from_fork_asm+0x1a/0x30 [ 17.390294] [ 17.390370] The buggy address belongs to the object at ffff888102629100 [ 17.390370] which belongs to the cache kmalloc-128 of size 128 [ 17.391244] The buggy address is located 0 bytes inside of [ 17.391244] allocated 120-byte region [ffff888102629100, ffff888102629178) [ 17.392364] [ 17.392565] The buggy address belongs to the physical page: [ 17.392773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102629 [ 17.393020] flags: 0x200000000000000(node=0|zone=2) [ 17.393197] page_type: f5(slab) [ 17.393322] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.393665] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.394344] page dumped because: kasan: bad access detected [ 17.394877] [ 17.395035] Memory state around the buggy address: [ 17.395525] ffff888102629000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.396164] ffff888102629080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.396956] >ffff888102629100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.397532] ^ [ 17.397998] ffff888102629180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.398231] ffff888102629200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.398448] ================================================================== [ 17.336587] ================================================================== [ 17.337079] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 17.337662] Read of size 121 at addr ffff888102629100 by task kunit_try_catch/302 [ 17.338181] [ 17.338373] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.338417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.338431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.338452] Call Trace: [ 17.338466] <TASK> [ 17.338481] dump_stack_lvl+0x73/0xb0 [ 17.338534] print_report+0xd1/0x650 [ 17.338577] ? __virt_addr_valid+0x1db/0x2d0 [ 17.338599] ? copy_user_test_oob+0x4aa/0x10f0 [ 17.338622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.338649] ? copy_user_test_oob+0x4aa/0x10f0 [ 17.338673] kasan_report+0x141/0x180 [ 17.338696] ? copy_user_test_oob+0x4aa/0x10f0 [ 17.338724] kasan_check_range+0x10c/0x1c0 [ 17.338749] __kasan_check_read+0x15/0x20 [ 17.338769] copy_user_test_oob+0x4aa/0x10f0 [ 17.338795] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.338817] ? finish_task_switch.isra.0+0x153/0x700 [ 17.338840] ? __switch_to+0x47/0xf50 [ 17.338865] ? __schedule+0x10cc/0x2b60 [ 17.338887] ? __pfx_read_tsc+0x10/0x10 [ 17.338908] ? ktime_get_ts64+0x86/0x230 [ 17.338932] kunit_try_run_case+0x1a5/0x480 [ 17.338957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.338979] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.339002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.339026] ? __kthread_parkme+0x82/0x180 [ 17.339056] ? preempt_count_sub+0x50/0x80 [ 17.339081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.339106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.339129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.339153] kthread+0x337/0x6f0 [ 17.339173] ? trace_preempt_on+0x20/0xc0 [ 17.339197] ? __pfx_kthread+0x10/0x10 [ 17.339217] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.339239] ? calculate_sigpending+0x7b/0xa0 [ 17.339264] ? __pfx_kthread+0x10/0x10 [ 17.339286] ret_from_fork+0x116/0x1d0 [ 17.339305] ? __pfx_kthread+0x10/0x10 [ 17.339326] ret_from_fork_asm+0x1a/0x30 [ 17.339357] </TASK> [ 17.339368] [ 17.350472] Allocated by task 302: [ 17.350917] kasan_save_stack+0x45/0x70 [ 17.351281] kasan_save_track+0x18/0x40 [ 17.351664] kasan_save_alloc_info+0x3b/0x50 [ 17.352073] __kasan_kmalloc+0xb7/0xc0 [ 17.352417] __kmalloc_noprof+0x1c9/0x500 [ 17.352750] kunit_kmalloc_array+0x25/0x60 [ 17.352952] copy_user_test_oob+0xab/0x10f0 [ 17.353148] kunit_try_run_case+0x1a5/0x480 [ 17.353319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.354364] kthread+0x337/0x6f0 [ 17.354829] ret_from_fork+0x116/0x1d0 [ 17.355592] ret_from_fork_asm+0x1a/0x30 [ 17.356333] [ 17.356698] The buggy address belongs to the object at ffff888102629100 [ 17.356698] which belongs to the cache kmalloc-128 of size 128 [ 17.358509] The buggy address is located 0 bytes inside of [ 17.358509] allocated 120-byte region [ffff888102629100, ffff888102629178) [ 17.359841] [ 17.359927] The buggy address belongs to the physical page: [ 17.360125] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102629 [ 17.360372] flags: 0x200000000000000(node=0|zone=2) [ 17.360557] page_type: f5(slab) [ 17.360899] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.362020] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.362872] page dumped because: kasan: bad access detected [ 17.363496] [ 17.363674] Memory state around the buggy address: [ 17.364318] ffff888102629000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.364812] ffff888102629080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.365056] >ffff888102629100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.365277] ^ [ 17.365494] ffff888102629180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.365721] ffff888102629200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.365940] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 17.281794] ================================================================== [ 17.282191] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 17.282648] Read of size 121 at addr ffff888102629100 by task kunit_try_catch/302 [ 17.283064] [ 17.283448] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.283496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.283521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.283545] Call Trace: [ 17.283565] <TASK> [ 17.283583] dump_stack_lvl+0x73/0xb0 [ 17.283613] print_report+0xd1/0x650 [ 17.283637] ? __virt_addr_valid+0x1db/0x2d0 [ 17.283799] ? _copy_to_user+0x3c/0x70 [ 17.283819] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.283847] ? _copy_to_user+0x3c/0x70 [ 17.283867] kasan_report+0x141/0x180 [ 17.283890] ? _copy_to_user+0x3c/0x70 [ 17.283916] kasan_check_range+0x10c/0x1c0 [ 17.283941] __kasan_check_read+0x15/0x20 [ 17.283961] _copy_to_user+0x3c/0x70 [ 17.283982] copy_user_test_oob+0x364/0x10f0 [ 17.284009] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.284033] ? finish_task_switch.isra.0+0x153/0x700 [ 17.284068] ? __switch_to+0x47/0xf50 [ 17.284094] ? __schedule+0x10cc/0x2b60 [ 17.284118] ? __pfx_read_tsc+0x10/0x10 [ 17.284139] ? ktime_get_ts64+0x86/0x230 [ 17.284164] kunit_try_run_case+0x1a5/0x480 [ 17.284188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.284211] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.284235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.284259] ? __kthread_parkme+0x82/0x180 [ 17.284280] ? preempt_count_sub+0x50/0x80 [ 17.284304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.284329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.284353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.284377] kthread+0x337/0x6f0 [ 17.284397] ? trace_preempt_on+0x20/0xc0 [ 17.284420] ? __pfx_kthread+0x10/0x10 [ 17.284442] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.284464] ? calculate_sigpending+0x7b/0xa0 [ 17.284488] ? __pfx_kthread+0x10/0x10 [ 17.284520] ret_from_fork+0x116/0x1d0 [ 17.284540] ? __pfx_kthread+0x10/0x10 [ 17.284561] ret_from_fork_asm+0x1a/0x30 [ 17.284594] </TASK> [ 17.284608] [ 17.295318] Allocated by task 302: [ 17.295729] kasan_save_stack+0x45/0x70 [ 17.296058] kasan_save_track+0x18/0x40 [ 17.296268] kasan_save_alloc_info+0x3b/0x50 [ 17.296469] __kasan_kmalloc+0xb7/0xc0 [ 17.296694] __kmalloc_noprof+0x1c9/0x500 [ 17.297206] kunit_kmalloc_array+0x25/0x60 [ 17.297409] copy_user_test_oob+0xab/0x10f0 [ 17.297585] kunit_try_run_case+0x1a5/0x480 [ 17.297799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.298065] kthread+0x337/0x6f0 [ 17.298231] ret_from_fork+0x116/0x1d0 [ 17.298407] ret_from_fork_asm+0x1a/0x30 [ 17.299012] [ 17.299122] The buggy address belongs to the object at ffff888102629100 [ 17.299122] which belongs to the cache kmalloc-128 of size 128 [ 17.299827] The buggy address is located 0 bytes inside of [ 17.299827] allocated 120-byte region [ffff888102629100, ffff888102629178) [ 17.300551] [ 17.300670] The buggy address belongs to the physical page: [ 17.301106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102629 [ 17.301588] flags: 0x200000000000000(node=0|zone=2) [ 17.301785] page_type: f5(slab) [ 17.301958] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.302562] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.303015] page dumped because: kasan: bad access detected [ 17.303447] [ 17.303573] Memory state around the buggy address: [ 17.303898] ffff888102629000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.304367] ffff888102629080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.304816] >ffff888102629100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.305253] ^ [ 17.305669] ffff888102629180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.306009] ffff888102629200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.306473] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 17.253460] ================================================================== [ 17.254063] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 17.254654] Write of size 121 at addr ffff888102629100 by task kunit_try_catch/302 [ 17.255239] [ 17.255353] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.255572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.255589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.255615] Call Trace: [ 17.255630] <TASK> [ 17.255650] dump_stack_lvl+0x73/0xb0 [ 17.255683] print_report+0xd1/0x650 [ 17.255709] ? __virt_addr_valid+0x1db/0x2d0 [ 17.255734] ? _copy_from_user+0x32/0x90 [ 17.255754] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.255782] ? _copy_from_user+0x32/0x90 [ 17.255803] kasan_report+0x141/0x180 [ 17.255824] ? _copy_from_user+0x32/0x90 [ 17.255849] kasan_check_range+0x10c/0x1c0 [ 17.255874] __kasan_check_write+0x18/0x20 [ 17.255893] _copy_from_user+0x32/0x90 [ 17.255915] copy_user_test_oob+0x2be/0x10f0 [ 17.255942] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.255965] ? finish_task_switch.isra.0+0x153/0x700 [ 17.255989] ? __switch_to+0x47/0xf50 [ 17.256017] ? __schedule+0x10cc/0x2b60 [ 17.256051] ? __pfx_read_tsc+0x10/0x10 [ 17.256074] ? ktime_get_ts64+0x86/0x230 [ 17.256100] kunit_try_run_case+0x1a5/0x480 [ 17.256124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.256146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.256172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.256196] ? __kthread_parkme+0x82/0x180 [ 17.256218] ? preempt_count_sub+0x50/0x80 [ 17.256242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.256267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.256291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.256315] kthread+0x337/0x6f0 [ 17.256334] ? trace_preempt_on+0x20/0xc0 [ 17.256358] ? __pfx_kthread+0x10/0x10 [ 17.256380] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.256401] ? calculate_sigpending+0x7b/0xa0 [ 17.256427] ? __pfx_kthread+0x10/0x10 [ 17.256449] ret_from_fork+0x116/0x1d0 [ 17.256469] ? __pfx_kthread+0x10/0x10 [ 17.256490] ret_from_fork_asm+0x1a/0x30 [ 17.256523] </TASK> [ 17.256537] [ 17.267027] Allocated by task 302: [ 17.267252] kasan_save_stack+0x45/0x70 [ 17.267511] kasan_save_track+0x18/0x40 [ 17.267700] kasan_save_alloc_info+0x3b/0x50 [ 17.267903] __kasan_kmalloc+0xb7/0xc0 [ 17.268087] __kmalloc_noprof+0x1c9/0x500 [ 17.268282] kunit_kmalloc_array+0x25/0x60 [ 17.268471] copy_user_test_oob+0xab/0x10f0 [ 17.269216] kunit_try_run_case+0x1a5/0x480 [ 17.269385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.269901] kthread+0x337/0x6f0 [ 17.270216] ret_from_fork+0x116/0x1d0 [ 17.270370] ret_from_fork_asm+0x1a/0x30 [ 17.270614] [ 17.270747] The buggy address belongs to the object at ffff888102629100 [ 17.270747] which belongs to the cache kmalloc-128 of size 128 [ 17.271638] The buggy address is located 0 bytes inside of [ 17.271638] allocated 120-byte region [ffff888102629100, ffff888102629178) [ 17.272183] [ 17.272295] The buggy address belongs to the physical page: [ 17.272538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102629 [ 17.273240] flags: 0x200000000000000(node=0|zone=2) [ 17.273461] page_type: f5(slab) [ 17.273844] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.274166] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.274671] page dumped because: kasan: bad access detected [ 17.275012] [ 17.275136] Memory state around the buggy address: [ 17.275361] ffff888102629000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.275916] ffff888102629080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.276228] >ffff888102629100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.276731] ^ [ 17.277170] ffff888102629180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.277607] ffff888102629200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.278057] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 17.215526] ================================================================== [ 17.215769] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 17.216007] Write of size 8 at addr ffff888102629078 by task kunit_try_catch/298 [ 17.216280] [ 17.216375] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.216421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.216434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.216457] Call Trace: [ 17.216471] <TASK> [ 17.216489] dump_stack_lvl+0x73/0xb0 [ 17.216538] print_report+0xd1/0x650 [ 17.216562] ? __virt_addr_valid+0x1db/0x2d0 [ 17.217187] ? copy_to_kernel_nofault+0x99/0x260 [ 17.217221] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.217251] ? copy_to_kernel_nofault+0x99/0x260 [ 17.217275] kasan_report+0x141/0x180 [ 17.217299] ? copy_to_kernel_nofault+0x99/0x260 [ 17.217408] kasan_check_range+0x10c/0x1c0 [ 17.217436] __kasan_check_write+0x18/0x20 [ 17.217458] copy_to_kernel_nofault+0x99/0x260 [ 17.217590] copy_to_kernel_nofault_oob+0x288/0x560 [ 17.217616] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 17.217639] ? finish_task_switch.isra.0+0x153/0x700 [ 17.217663] ? __schedule+0x10cc/0x2b60 [ 17.217685] ? trace_hardirqs_on+0x37/0xe0 [ 17.217717] ? __pfx_read_tsc+0x10/0x10 [ 17.217739] ? ktime_get_ts64+0x86/0x230 [ 17.217764] kunit_try_run_case+0x1a5/0x480 [ 17.217789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.217812] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.217836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.217860] ? __kthread_parkme+0x82/0x180 [ 17.217881] ? preempt_count_sub+0x50/0x80 [ 17.217905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.217930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.217954] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.217979] kthread+0x337/0x6f0 [ 17.217998] ? trace_preempt_on+0x20/0xc0 [ 17.218021] ? __pfx_kthread+0x10/0x10 [ 17.218230] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.218261] ? calculate_sigpending+0x7b/0xa0 [ 17.218286] ? __pfx_kthread+0x10/0x10 [ 17.218308] ret_from_fork+0x116/0x1d0 [ 17.218328] ? __pfx_kthread+0x10/0x10 [ 17.218349] ret_from_fork_asm+0x1a/0x30 [ 17.218381] </TASK> [ 17.218394] [ 17.229767] Allocated by task 298: [ 17.229960] kasan_save_stack+0x45/0x70 [ 17.230159] kasan_save_track+0x18/0x40 [ 17.230361] kasan_save_alloc_info+0x3b/0x50 [ 17.230921] __kasan_kmalloc+0xb7/0xc0 [ 17.231171] __kmalloc_cache_noprof+0x189/0x420 [ 17.231345] copy_to_kernel_nofault_oob+0x12f/0x560 [ 17.231798] kunit_try_run_case+0x1a5/0x480 [ 17.232138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.232573] kthread+0x337/0x6f0 [ 17.232721] ret_from_fork+0x116/0x1d0 [ 17.233002] ret_from_fork_asm+0x1a/0x30 [ 17.233205] [ 17.233308] The buggy address belongs to the object at ffff888102629000 [ 17.233308] which belongs to the cache kmalloc-128 of size 128 [ 17.233798] The buggy address is located 0 bytes to the right of [ 17.233798] allocated 120-byte region [ffff888102629000, ffff888102629078) [ 17.234319] [ 17.234413] The buggy address belongs to the physical page: [ 17.234648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102629 [ 17.234981] flags: 0x200000000000000(node=0|zone=2) [ 17.235840] page_type: f5(slab) [ 17.236052] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.236548] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.237126] page dumped because: kasan: bad access detected [ 17.237549] [ 17.237640] Memory state around the buggy address: [ 17.237999] ffff888102628f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.238317] ffff888102628f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.238639] >ffff888102629000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.238937] ^ [ 17.239237] ffff888102629080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.239536] ffff888102629100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.239834] ================================================================== [ 17.189485] ================================================================== [ 17.190151] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 17.190491] Read of size 8 at addr ffff888102629078 by task kunit_try_catch/298 [ 17.190797] [ 17.190911] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.190961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.190974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.190997] Call Trace: [ 17.191011] <TASK> [ 17.191031] dump_stack_lvl+0x73/0xb0 [ 17.191097] print_report+0xd1/0x650 [ 17.191122] ? __virt_addr_valid+0x1db/0x2d0 [ 17.191146] ? copy_to_kernel_nofault+0x225/0x260 [ 17.191197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.191224] ? copy_to_kernel_nofault+0x225/0x260 [ 17.191249] kasan_report+0x141/0x180 [ 17.191271] ? copy_to_kernel_nofault+0x225/0x260 [ 17.191301] __asan_report_load8_noabort+0x18/0x20 [ 17.191326] copy_to_kernel_nofault+0x225/0x260 [ 17.191351] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 17.191376] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 17.191400] ? finish_task_switch.isra.0+0x153/0x700 [ 17.191423] ? __schedule+0x10cc/0x2b60 [ 17.191446] ? trace_hardirqs_on+0x37/0xe0 [ 17.191478] ? __pfx_read_tsc+0x10/0x10 [ 17.191700] ? ktime_get_ts64+0x86/0x230 [ 17.191733] kunit_try_run_case+0x1a5/0x480 [ 17.191761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.191784] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.191808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.191832] ? __kthread_parkme+0x82/0x180 [ 17.191854] ? preempt_count_sub+0x50/0x80 [ 17.191878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.191903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.191927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.191951] kthread+0x337/0x6f0 [ 17.191970] ? trace_preempt_on+0x20/0xc0 [ 17.191994] ? __pfx_kthread+0x10/0x10 [ 17.192016] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.192038] ? calculate_sigpending+0x7b/0xa0 [ 17.192362] ? __pfx_kthread+0x10/0x10 [ 17.192385] ret_from_fork+0x116/0x1d0 [ 17.192406] ? __pfx_kthread+0x10/0x10 [ 17.192427] ret_from_fork_asm+0x1a/0x30 [ 17.192460] </TASK> [ 17.192473] [ 17.203458] Allocated by task 298: [ 17.203651] kasan_save_stack+0x45/0x70 [ 17.203950] kasan_save_track+0x18/0x40 [ 17.204333] kasan_save_alloc_info+0x3b/0x50 [ 17.204667] __kasan_kmalloc+0xb7/0xc0 [ 17.204979] __kmalloc_cache_noprof+0x189/0x420 [ 17.205295] copy_to_kernel_nofault_oob+0x12f/0x560 [ 17.205687] kunit_try_run_case+0x1a5/0x480 [ 17.205970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.206355] kthread+0x337/0x6f0 [ 17.206562] ret_from_fork+0x116/0x1d0 [ 17.206895] ret_from_fork_asm+0x1a/0x30 [ 17.207223] [ 17.207329] The buggy address belongs to the object at ffff888102629000 [ 17.207329] which belongs to the cache kmalloc-128 of size 128 [ 17.208093] The buggy address is located 0 bytes to the right of [ 17.208093] allocated 120-byte region [ffff888102629000, ffff888102629078) [ 17.209076] [ 17.209174] The buggy address belongs to the physical page: [ 17.209437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102629 [ 17.209773] flags: 0x200000000000000(node=0|zone=2) [ 17.210009] page_type: f5(slab) [ 17.210187] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.210480] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.211198] page dumped because: kasan: bad access detected [ 17.211384] [ 17.211459] Memory state around the buggy address: [ 17.212080] ffff888102628f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.212939] ffff888102628f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.213656] >ffff888102629000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.214130] ^ [ 17.214356] ffff888102629080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.214577] ffff888102629100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.214794] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 16.140365] ================================================================== [ 16.141257] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 16.142157] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.142824] [ 16.142984] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.143031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.143057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.143080] Call Trace: [ 16.143096] <TASK> [ 16.143112] dump_stack_lvl+0x73/0xb0 [ 16.143141] print_report+0xd1/0x650 [ 16.143163] ? __virt_addr_valid+0x1db/0x2d0 [ 16.143187] ? kasan_atomics_helper+0xd47/0x5450 [ 16.143218] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.143245] ? kasan_atomics_helper+0xd47/0x5450 [ 16.143267] kasan_report+0x141/0x180 [ 16.143290] ? kasan_atomics_helper+0xd47/0x5450 [ 16.143317] kasan_check_range+0x10c/0x1c0 [ 16.143341] __kasan_check_write+0x18/0x20 [ 16.143361] kasan_atomics_helper+0xd47/0x5450 [ 16.143383] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.143406] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.143431] ? kasan_atomics+0x152/0x310 [ 16.143458] kasan_atomics+0x1dc/0x310 [ 16.143481] ? __pfx_kasan_atomics+0x10/0x10 [ 16.143505] ? __pfx_read_tsc+0x10/0x10 [ 16.143526] ? ktime_get_ts64+0x86/0x230 [ 16.143551] kunit_try_run_case+0x1a5/0x480 [ 16.143576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.143600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.143622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.143645] ? __kthread_parkme+0x82/0x180 [ 16.143666] ? preempt_count_sub+0x50/0x80 [ 16.143689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.143713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.143736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.143760] kthread+0x337/0x6f0 [ 16.143780] ? trace_preempt_on+0x20/0xc0 [ 16.143805] ? __pfx_kthread+0x10/0x10 [ 16.143826] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.143847] ? calculate_sigpending+0x7b/0xa0 [ 16.143871] ? __pfx_kthread+0x10/0x10 [ 16.143893] ret_from_fork+0x116/0x1d0 [ 16.143912] ? __pfx_kthread+0x10/0x10 [ 16.143932] ret_from_fork_asm+0x1a/0x30 [ 16.143965] </TASK> [ 16.143976] [ 16.158023] Allocated by task 282: [ 16.158408] kasan_save_stack+0x45/0x70 [ 16.158803] kasan_save_track+0x18/0x40 [ 16.159249] kasan_save_alloc_info+0x3b/0x50 [ 16.159694] __kasan_kmalloc+0xb7/0xc0 [ 16.160001] __kmalloc_cache_noprof+0x189/0x420 [ 16.160289] kasan_atomics+0x95/0x310 [ 16.160656] kunit_try_run_case+0x1a5/0x480 [ 16.161032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.161732] kthread+0x337/0x6f0 [ 16.161867] ret_from_fork+0x116/0x1d0 [ 16.162003] ret_from_fork_asm+0x1a/0x30 [ 16.162256] [ 16.162422] The buggy address belongs to the object at ffff88810261fc00 [ 16.162422] which belongs to the cache kmalloc-64 of size 64 [ 16.163553] The buggy address is located 0 bytes to the right of [ 16.163553] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.164749] [ 16.164996] The buggy address belongs to the physical page: [ 16.165459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.165929] flags: 0x200000000000000(node=0|zone=2) [ 16.166451] page_type: f5(slab) [ 16.166961] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.167465] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.168106] page dumped because: kasan: bad access detected [ 16.168643] [ 16.168767] Memory state around the buggy address: [ 16.168926] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.169364] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.169969] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.170696] ^ [ 16.171215] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.171947] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.172473] ================================================================== [ 15.908959] ================================================================== [ 15.909225] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.910338] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.910858] [ 15.911225] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.911274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.911288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.911311] Call Trace: [ 15.911327] <TASK> [ 15.911344] dump_stack_lvl+0x73/0xb0 [ 15.911374] print_report+0xd1/0x650 [ 15.911397] ? __virt_addr_valid+0x1db/0x2d0 [ 15.911421] ? kasan_atomics_helper+0x860/0x5450 [ 15.911443] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.911470] ? kasan_atomics_helper+0x860/0x5450 [ 15.911492] kasan_report+0x141/0x180 [ 15.911528] ? kasan_atomics_helper+0x860/0x5450 [ 15.911555] kasan_check_range+0x10c/0x1c0 [ 15.911581] __kasan_check_write+0x18/0x20 [ 15.911601] kasan_atomics_helper+0x860/0x5450 [ 15.911624] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.911647] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.911673] ? kasan_atomics+0x152/0x310 [ 15.911700] kasan_atomics+0x1dc/0x310 [ 15.911723] ? __pfx_kasan_atomics+0x10/0x10 [ 15.911747] ? __pfx_read_tsc+0x10/0x10 [ 15.911768] ? ktime_get_ts64+0x86/0x230 [ 15.911794] kunit_try_run_case+0x1a5/0x480 [ 15.911819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.911842] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.911865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.911889] ? __kthread_parkme+0x82/0x180 [ 15.911909] ? preempt_count_sub+0x50/0x80 [ 15.911934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.911958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.911981] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.912003] kthread+0x337/0x6f0 [ 15.912024] ? trace_preempt_on+0x20/0xc0 [ 15.912109] ? __pfx_kthread+0x10/0x10 [ 15.912135] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.912156] ? calculate_sigpending+0x7b/0xa0 [ 15.912181] ? __pfx_kthread+0x10/0x10 [ 15.912203] ret_from_fork+0x116/0x1d0 [ 15.912222] ? __pfx_kthread+0x10/0x10 [ 15.912243] ret_from_fork_asm+0x1a/0x30 [ 15.912274] </TASK> [ 15.912286] [ 15.925740] Allocated by task 282: [ 15.925887] kasan_save_stack+0x45/0x70 [ 15.926316] kasan_save_track+0x18/0x40 [ 15.926759] kasan_save_alloc_info+0x3b/0x50 [ 15.927016] __kasan_kmalloc+0xb7/0xc0 [ 15.927259] __kmalloc_cache_noprof+0x189/0x420 [ 15.927499] kasan_atomics+0x95/0x310 [ 15.927953] kunit_try_run_case+0x1a5/0x480 [ 15.928373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.928756] kthread+0x337/0x6f0 [ 15.929360] ret_from_fork+0x116/0x1d0 [ 15.929730] ret_from_fork_asm+0x1a/0x30 [ 15.929963] [ 15.930253] The buggy address belongs to the object at ffff88810261fc00 [ 15.930253] which belongs to the cache kmalloc-64 of size 64 [ 15.930853] The buggy address is located 0 bytes to the right of [ 15.930853] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.931864] [ 15.931977] The buggy address belongs to the physical page: [ 15.932392] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.932876] flags: 0x200000000000000(node=0|zone=2) [ 15.933179] page_type: f5(slab) [ 15.933328] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.933967] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.934684] page dumped because: kasan: bad access detected [ 15.935056] [ 15.935299] Memory state around the buggy address: [ 15.935759] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.936301] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.936640] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.937053] ^ [ 15.937598] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.938058] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.938536] ================================================================== [ 16.456487] ================================================================== [ 16.456804] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 16.457419] Read of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.457964] [ 16.458143] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.458191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.458204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.458226] Call Trace: [ 16.458241] <TASK> [ 16.458257] dump_stack_lvl+0x73/0xb0 [ 16.458285] print_report+0xd1/0x650 [ 16.458308] ? __virt_addr_valid+0x1db/0x2d0 [ 16.458330] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.458351] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.458377] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.458400] kasan_report+0x141/0x180 [ 16.458421] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.458448] __asan_report_load4_noabort+0x18/0x20 [ 16.458472] kasan_atomics_helper+0x49ce/0x5450 [ 16.458495] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.458606] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.458632] ? kasan_atomics+0x152/0x310 [ 16.458658] kasan_atomics+0x1dc/0x310 [ 16.458682] ? __pfx_kasan_atomics+0x10/0x10 [ 16.458706] ? __pfx_read_tsc+0x10/0x10 [ 16.458727] ? ktime_get_ts64+0x86/0x230 [ 16.458751] kunit_try_run_case+0x1a5/0x480 [ 16.458776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.458798] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.458821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.458844] ? __kthread_parkme+0x82/0x180 [ 16.458864] ? preempt_count_sub+0x50/0x80 [ 16.458888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.458912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.458936] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.458959] kthread+0x337/0x6f0 [ 16.458979] ? trace_preempt_on+0x20/0xc0 [ 16.459001] ? __pfx_kthread+0x10/0x10 [ 16.459023] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.459080] ? calculate_sigpending+0x7b/0xa0 [ 16.459104] ? __pfx_kthread+0x10/0x10 [ 16.459127] ret_from_fork+0x116/0x1d0 [ 16.459146] ? __pfx_kthread+0x10/0x10 [ 16.459167] ret_from_fork_asm+0x1a/0x30 [ 16.459199] </TASK> [ 16.459211] [ 16.469938] Allocated by task 282: [ 16.470218] kasan_save_stack+0x45/0x70 [ 16.470539] kasan_save_track+0x18/0x40 [ 16.470829] kasan_save_alloc_info+0x3b/0x50 [ 16.471001] __kasan_kmalloc+0xb7/0xc0 [ 16.471275] __kmalloc_cache_noprof+0x189/0x420 [ 16.471861] kasan_atomics+0x95/0x310 [ 16.472062] kunit_try_run_case+0x1a5/0x480 [ 16.472438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.472800] kthread+0x337/0x6f0 [ 16.472977] ret_from_fork+0x116/0x1d0 [ 16.473361] ret_from_fork_asm+0x1a/0x30 [ 16.473569] [ 16.473773] The buggy address belongs to the object at ffff88810261fc00 [ 16.473773] which belongs to the cache kmalloc-64 of size 64 [ 16.474291] The buggy address is located 0 bytes to the right of [ 16.474291] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.475068] [ 16.475361] The buggy address belongs to the physical page: [ 16.475686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.476005] flags: 0x200000000000000(node=0|zone=2) [ 16.476548] page_type: f5(slab) [ 16.476727] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.477079] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.477773] page dumped because: kasan: bad access detected [ 16.478175] [ 16.478274] Memory state around the buggy address: [ 16.478624] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.478999] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.479550] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.479839] ^ [ 16.480288] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.480696] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.480988] ================================================================== [ 16.081520] ================================================================== [ 16.082319] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 16.082703] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.083353] [ 16.083585] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.083632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.083645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.083678] Call Trace: [ 16.083694] <TASK> [ 16.083711] dump_stack_lvl+0x73/0xb0 [ 16.083824] print_report+0xd1/0x650 [ 16.083848] ? __virt_addr_valid+0x1db/0x2d0 [ 16.083871] ? kasan_atomics_helper+0xc70/0x5450 [ 16.083893] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.083920] ? kasan_atomics_helper+0xc70/0x5450 [ 16.083941] kasan_report+0x141/0x180 [ 16.083964] ? kasan_atomics_helper+0xc70/0x5450 [ 16.083991] kasan_check_range+0x10c/0x1c0 [ 16.084015] __kasan_check_write+0x18/0x20 [ 16.084034] kasan_atomics_helper+0xc70/0x5450 [ 16.084080] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.084102] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.084127] ? kasan_atomics+0x152/0x310 [ 16.084154] kasan_atomics+0x1dc/0x310 [ 16.084177] ? __pfx_kasan_atomics+0x10/0x10 [ 16.084202] ? __pfx_read_tsc+0x10/0x10 [ 16.084223] ? ktime_get_ts64+0x86/0x230 [ 16.084247] kunit_try_run_case+0x1a5/0x480 [ 16.084271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.084293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.084317] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.084340] ? __kthread_parkme+0x82/0x180 [ 16.084361] ? preempt_count_sub+0x50/0x80 [ 16.084384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.084411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.084434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.084458] kthread+0x337/0x6f0 [ 16.084477] ? trace_preempt_on+0x20/0xc0 [ 16.084500] ? __pfx_kthread+0x10/0x10 [ 16.084573] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.084596] ? calculate_sigpending+0x7b/0xa0 [ 16.084622] ? __pfx_kthread+0x10/0x10 [ 16.084645] ret_from_fork+0x116/0x1d0 [ 16.084664] ? __pfx_kthread+0x10/0x10 [ 16.084685] ret_from_fork_asm+0x1a/0x30 [ 16.084717] </TASK> [ 16.084729] [ 16.096878] Allocated by task 282: [ 16.097074] kasan_save_stack+0x45/0x70 [ 16.097665] kasan_save_track+0x18/0x40 [ 16.097818] kasan_save_alloc_info+0x3b/0x50 [ 16.098207] __kasan_kmalloc+0xb7/0xc0 [ 16.098551] __kmalloc_cache_noprof+0x189/0x420 [ 16.098949] kasan_atomics+0x95/0x310 [ 16.099221] kunit_try_run_case+0x1a5/0x480 [ 16.099543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.099927] kthread+0x337/0x6f0 [ 16.100364] ret_from_fork+0x116/0x1d0 [ 16.100581] ret_from_fork_asm+0x1a/0x30 [ 16.100870] [ 16.100976] The buggy address belongs to the object at ffff88810261fc00 [ 16.100976] which belongs to the cache kmalloc-64 of size 64 [ 16.101773] The buggy address is located 0 bytes to the right of [ 16.101773] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.102868] [ 16.102971] The buggy address belongs to the physical page: [ 16.103187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.103787] flags: 0x200000000000000(node=0|zone=2) [ 16.104316] page_type: f5(slab) [ 16.104499] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.104956] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.105497] page dumped because: kasan: bad access detected [ 16.105782] [ 16.105875] Memory state around the buggy address: [ 16.106363] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.106631] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.107486] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.107937] ^ [ 16.108510] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.108849] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.109370] ================================================================== [ 15.704659] ================================================================== [ 15.705001] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.705408] Read of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.705833] [ 15.705926] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.705973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.705987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.706011] Call Trace: [ 15.706076] <TASK> [ 15.706119] dump_stack_lvl+0x73/0xb0 [ 15.706149] print_report+0xd1/0x650 [ 15.706171] ? __virt_addr_valid+0x1db/0x2d0 [ 15.706194] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.706216] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.706243] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.706266] kasan_report+0x141/0x180 [ 15.706288] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.706315] __asan_report_load4_noabort+0x18/0x20 [ 15.706340] kasan_atomics_helper+0x4b54/0x5450 [ 15.706363] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.706386] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.706411] ? kasan_atomics+0x152/0x310 [ 15.706438] kasan_atomics+0x1dc/0x310 [ 15.706460] ? __pfx_kasan_atomics+0x10/0x10 [ 15.706486] ? __pfx_read_tsc+0x10/0x10 [ 15.706586] ? ktime_get_ts64+0x86/0x230 [ 15.706640] kunit_try_run_case+0x1a5/0x480 [ 15.706696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.706719] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.706742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.706766] ? __kthread_parkme+0x82/0x180 [ 15.706788] ? preempt_count_sub+0x50/0x80 [ 15.706813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.706837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.706861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.706884] kthread+0x337/0x6f0 [ 15.706905] ? trace_preempt_on+0x20/0xc0 [ 15.706928] ? __pfx_kthread+0x10/0x10 [ 15.706949] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.706971] ? calculate_sigpending+0x7b/0xa0 [ 15.706995] ? __pfx_kthread+0x10/0x10 [ 15.707017] ret_from_fork+0x116/0x1d0 [ 15.707037] ? __pfx_kthread+0x10/0x10 [ 15.707107] ret_from_fork_asm+0x1a/0x30 [ 15.707142] </TASK> [ 15.707154] [ 15.716552] Allocated by task 282: [ 15.716798] kasan_save_stack+0x45/0x70 [ 15.717036] kasan_save_track+0x18/0x40 [ 15.717329] kasan_save_alloc_info+0x3b/0x50 [ 15.717614] __kasan_kmalloc+0xb7/0xc0 [ 15.717755] __kmalloc_cache_noprof+0x189/0x420 [ 15.718002] kasan_atomics+0x95/0x310 [ 15.718255] kunit_try_run_case+0x1a5/0x480 [ 15.718539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.718797] kthread+0x337/0x6f0 [ 15.718973] ret_from_fork+0x116/0x1d0 [ 15.719346] ret_from_fork_asm+0x1a/0x30 [ 15.719586] [ 15.719712] The buggy address belongs to the object at ffff88810261fc00 [ 15.719712] which belongs to the cache kmalloc-64 of size 64 [ 15.720358] The buggy address is located 0 bytes to the right of [ 15.720358] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.720808] [ 15.721131] The buggy address belongs to the physical page: [ 15.721488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.721800] flags: 0x200000000000000(node=0|zone=2) [ 15.721970] page_type: f5(slab) [ 15.722107] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.722699] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.723285] page dumped because: kasan: bad access detected [ 15.723758] [ 15.723853] Memory state around the buggy address: [ 15.724219] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.724451] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.725068] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.725408] ^ [ 15.725653] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.726386] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.726800] ================================================================== [ 15.998645] ================================================================== [ 15.999404] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.999833] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.000459] [ 16.000583] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.000777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.000798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.000820] Call Trace: [ 16.000834] <TASK> [ 16.000850] dump_stack_lvl+0x73/0xb0 [ 16.000884] print_report+0xd1/0x650 [ 16.000906] ? __virt_addr_valid+0x1db/0x2d0 [ 16.000929] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.000951] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.000977] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.001001] kasan_report+0x141/0x180 [ 16.001024] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.001063] kasan_check_range+0x10c/0x1c0 [ 16.001088] __kasan_check_write+0x18/0x20 [ 16.001108] kasan_atomics_helper+0xa2b/0x5450 [ 16.001130] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.001153] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.001178] ? kasan_atomics+0x152/0x310 [ 16.001205] kasan_atomics+0x1dc/0x310 [ 16.001228] ? __pfx_kasan_atomics+0x10/0x10 [ 16.001253] ? __pfx_read_tsc+0x10/0x10 [ 16.001274] ? ktime_get_ts64+0x86/0x230 [ 16.001299] kunit_try_run_case+0x1a5/0x480 [ 16.001323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.001345] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.001369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.001393] ? __kthread_parkme+0x82/0x180 [ 16.001414] ? preempt_count_sub+0x50/0x80 [ 16.001438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.001463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.001486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.001510] kthread+0x337/0x6f0 [ 16.001530] ? trace_preempt_on+0x20/0xc0 [ 16.001560] ? __pfx_kthread+0x10/0x10 [ 16.001582] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.001603] ? calculate_sigpending+0x7b/0xa0 [ 16.001627] ? __pfx_kthread+0x10/0x10 [ 16.001649] ret_from_fork+0x116/0x1d0 [ 16.001668] ? __pfx_kthread+0x10/0x10 [ 16.001689] ret_from_fork_asm+0x1a/0x30 [ 16.001720] </TASK> [ 16.001732] [ 16.013678] Allocated by task 282: [ 16.014076] kasan_save_stack+0x45/0x70 [ 16.014644] kasan_save_track+0x18/0x40 [ 16.014826] kasan_save_alloc_info+0x3b/0x50 [ 16.015058] __kasan_kmalloc+0xb7/0xc0 [ 16.015475] __kmalloc_cache_noprof+0x189/0x420 [ 16.015799] kasan_atomics+0x95/0x310 [ 16.016123] kunit_try_run_case+0x1a5/0x480 [ 16.016417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.016757] kthread+0x337/0x6f0 [ 16.016900] ret_from_fork+0x116/0x1d0 [ 16.017361] ret_from_fork_asm+0x1a/0x30 [ 16.017721] [ 16.017978] The buggy address belongs to the object at ffff88810261fc00 [ 16.017978] which belongs to the cache kmalloc-64 of size 64 [ 16.018752] The buggy address is located 0 bytes to the right of [ 16.018752] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.019364] [ 16.019776] The buggy address belongs to the physical page: [ 16.019987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.020363] flags: 0x200000000000000(node=0|zone=2) [ 16.020588] page_type: f5(slab) [ 16.020747] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.021048] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.021374] page dumped because: kasan: bad access detected [ 16.021616] [ 16.021703] Memory state around the buggy address: [ 16.021917] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.022773] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.023282] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.023733] ^ [ 16.023948] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.024644] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.025052] ================================================================== [ 16.837170] ================================================================== [ 16.837414] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.837694] Read of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.838333] [ 16.838550] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.838595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.838608] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.838636] Call Trace: [ 16.838655] <TASK> [ 16.838672] dump_stack_lvl+0x73/0xb0 [ 16.838699] print_report+0xd1/0x650 [ 16.838722] ? __virt_addr_valid+0x1db/0x2d0 [ 16.838745] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.838766] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.838794] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.838816] kasan_report+0x141/0x180 [ 16.838838] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.838865] __asan_report_load8_noabort+0x18/0x20 [ 16.838889] kasan_atomics_helper+0x4f30/0x5450 [ 16.838912] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.838935] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.838960] ? kasan_atomics+0x152/0x310 [ 16.838986] kasan_atomics+0x1dc/0x310 [ 16.839008] ? __pfx_kasan_atomics+0x10/0x10 [ 16.839033] ? __pfx_read_tsc+0x10/0x10 [ 16.839065] ? ktime_get_ts64+0x86/0x230 [ 16.839090] kunit_try_run_case+0x1a5/0x480 [ 16.839114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.839137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.839161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.839184] ? __kthread_parkme+0x82/0x180 [ 16.839204] ? preempt_count_sub+0x50/0x80 [ 16.839229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.839252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.839275] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.839299] kthread+0x337/0x6f0 [ 16.839318] ? trace_preempt_on+0x20/0xc0 [ 16.839342] ? __pfx_kthread+0x10/0x10 [ 16.839363] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.839386] ? calculate_sigpending+0x7b/0xa0 [ 16.839410] ? __pfx_kthread+0x10/0x10 [ 16.839432] ret_from_fork+0x116/0x1d0 [ 16.839451] ? __pfx_kthread+0x10/0x10 [ 16.839471] ret_from_fork_asm+0x1a/0x30 [ 16.839502] </TASK> [ 16.839523] [ 16.851823] Allocated by task 282: [ 16.852155] kasan_save_stack+0x45/0x70 [ 16.852516] kasan_save_track+0x18/0x40 [ 16.852856] kasan_save_alloc_info+0x3b/0x50 [ 16.853250] __kasan_kmalloc+0xb7/0xc0 [ 16.853653] __kmalloc_cache_noprof+0x189/0x420 [ 16.854077] kasan_atomics+0x95/0x310 [ 16.854415] kunit_try_run_case+0x1a5/0x480 [ 16.854770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.854944] kthread+0x337/0x6f0 [ 16.855076] ret_from_fork+0x116/0x1d0 [ 16.855211] ret_from_fork_asm+0x1a/0x30 [ 16.855352] [ 16.855425] The buggy address belongs to the object at ffff88810261fc00 [ 16.855425] which belongs to the cache kmalloc-64 of size 64 [ 16.856336] The buggy address is located 0 bytes to the right of [ 16.856336] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.857573] [ 16.857739] The buggy address belongs to the physical page: [ 16.858234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.858949] flags: 0x200000000000000(node=0|zone=2) [ 16.859402] page_type: f5(slab) [ 16.859747] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.860366] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.860632] page dumped because: kasan: bad access detected [ 16.861108] [ 16.861264] Memory state around the buggy address: [ 16.861723] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.862338] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.862615] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.862832] ^ [ 16.862989] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.863514] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.864251] ================================================================== [ 16.865349] ================================================================== [ 16.865982] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.866859] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.867582] [ 16.867761] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.867805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.867818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.867840] Call Trace: [ 16.867859] <TASK> [ 16.867876] dump_stack_lvl+0x73/0xb0 [ 16.867903] print_report+0xd1/0x650 [ 16.867926] ? __virt_addr_valid+0x1db/0x2d0 [ 16.867948] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.867970] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.867997] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.868019] kasan_report+0x141/0x180 [ 16.868053] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.868081] kasan_check_range+0x10c/0x1c0 [ 16.868106] __kasan_check_write+0x18/0x20 [ 16.868126] kasan_atomics_helper+0x1ce1/0x5450 [ 16.868149] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.868171] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.868196] ? kasan_atomics+0x152/0x310 [ 16.868223] kasan_atomics+0x1dc/0x310 [ 16.868246] ? __pfx_kasan_atomics+0x10/0x10 [ 16.868271] ? __pfx_read_tsc+0x10/0x10 [ 16.868292] ? ktime_get_ts64+0x86/0x230 [ 16.868315] kunit_try_run_case+0x1a5/0x480 [ 16.868339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.868361] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.868384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.868407] ? __kthread_parkme+0x82/0x180 [ 16.868428] ? preempt_count_sub+0x50/0x80 [ 16.868452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.868476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.868499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.868532] kthread+0x337/0x6f0 [ 16.868552] ? trace_preempt_on+0x20/0xc0 [ 16.868574] ? __pfx_kthread+0x10/0x10 [ 16.868595] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.868616] ? calculate_sigpending+0x7b/0xa0 [ 16.868640] ? __pfx_kthread+0x10/0x10 [ 16.868662] ret_from_fork+0x116/0x1d0 [ 16.868680] ? __pfx_kthread+0x10/0x10 [ 16.868701] ret_from_fork_asm+0x1a/0x30 [ 16.868733] </TASK> [ 16.868744] [ 16.880545] Allocated by task 282: [ 16.880703] kasan_save_stack+0x45/0x70 [ 16.880884] kasan_save_track+0x18/0x40 [ 16.881068] kasan_save_alloc_info+0x3b/0x50 [ 16.881950] __kasan_kmalloc+0xb7/0xc0 [ 16.882184] __kmalloc_cache_noprof+0x189/0x420 [ 16.882411] kasan_atomics+0x95/0x310 [ 16.883147] kunit_try_run_case+0x1a5/0x480 [ 16.883476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.883907] kthread+0x337/0x6f0 [ 16.884182] ret_from_fork+0x116/0x1d0 [ 16.884381] ret_from_fork_asm+0x1a/0x30 [ 16.884742] [ 16.884841] The buggy address belongs to the object at ffff88810261fc00 [ 16.884841] which belongs to the cache kmalloc-64 of size 64 [ 16.885717] The buggy address is located 0 bytes to the right of [ 16.885717] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.886257] [ 16.886353] The buggy address belongs to the physical page: [ 16.886861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.887281] flags: 0x200000000000000(node=0|zone=2) [ 16.887646] page_type: f5(slab) [ 16.888085] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.888395] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.888968] page dumped because: kasan: bad access detected [ 16.889327] [ 16.889432] Memory state around the buggy address: [ 16.890016] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.890321] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.890795] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.891180] ^ [ 16.891371] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.892010] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.892479] ================================================================== [ 15.549986] ================================================================== [ 15.551501] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 15.552755] Read of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.554334] [ 15.554451] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.554501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.554513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.554536] Call Trace: [ 15.554550] <TASK> [ 15.554569] dump_stack_lvl+0x73/0xb0 [ 15.554599] print_report+0xd1/0x650 [ 15.554621] ? __virt_addr_valid+0x1db/0x2d0 [ 15.554643] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.554664] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.554688] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.554709] kasan_report+0x141/0x180 [ 15.554731] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.554756] __asan_report_load4_noabort+0x18/0x20 [ 15.554779] kasan_atomics_helper+0x4bbc/0x5450 [ 15.554801] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.554822] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.554846] ? kasan_atomics+0x152/0x310 [ 15.554872] kasan_atomics+0x1dc/0x310 [ 15.554893] ? __pfx_kasan_atomics+0x10/0x10 [ 15.554916] ? __pfx_read_tsc+0x10/0x10 [ 15.554937] ? ktime_get_ts64+0x86/0x230 [ 15.554962] kunit_try_run_case+0x1a5/0x480 [ 15.554986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.555007] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.555031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.555065] ? __kthread_parkme+0x82/0x180 [ 15.555085] ? preempt_count_sub+0x50/0x80 [ 15.555109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.555132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.555154] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.555176] kthread+0x337/0x6f0 [ 15.555196] ? trace_preempt_on+0x20/0xc0 [ 15.555218] ? __pfx_kthread+0x10/0x10 [ 15.555238] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.555258] ? calculate_sigpending+0x7b/0xa0 [ 15.555280] ? __pfx_kthread+0x10/0x10 [ 15.555301] ret_from_fork+0x116/0x1d0 [ 15.555319] ? __pfx_kthread+0x10/0x10 [ 15.555338] ret_from_fork_asm+0x1a/0x30 [ 15.555369] </TASK> [ 15.555381] [ 15.570544] Allocated by task 282: [ 15.571169] kasan_save_stack+0x45/0x70 [ 15.571566] kasan_save_track+0x18/0x40 [ 15.572075] kasan_save_alloc_info+0x3b/0x50 [ 15.572567] __kasan_kmalloc+0xb7/0xc0 [ 15.573005] __kmalloc_cache_noprof+0x189/0x420 [ 15.573571] kasan_atomics+0x95/0x310 [ 15.574158] kunit_try_run_case+0x1a5/0x480 [ 15.574685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.574871] kthread+0x337/0x6f0 [ 15.575360] ret_from_fork+0x116/0x1d0 [ 15.575837] ret_from_fork_asm+0x1a/0x30 [ 15.576367] [ 15.576642] The buggy address belongs to the object at ffff88810261fc00 [ 15.576642] which belongs to the cache kmalloc-64 of size 64 [ 15.577008] The buggy address is located 0 bytes to the right of [ 15.577008] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.578496] [ 15.578671] The buggy address belongs to the physical page: [ 15.579358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.580272] flags: 0x200000000000000(node=0|zone=2) [ 15.580831] page_type: f5(slab) [ 15.580965] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.581252] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.582252] page dumped because: kasan: bad access detected [ 15.582922] [ 15.583384] Memory state around the buggy address: [ 15.583912] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.584696] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.585236] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.585807] ^ [ 15.586295] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.587108] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.587716] ================================================================== [ 16.653760] ================================================================== [ 16.653988] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 16.654587] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.654807] [ 16.655875] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.655926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.655940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.655961] Call Trace: [ 16.655980] <TASK> [ 16.655997] dump_stack_lvl+0x73/0xb0 [ 16.656026] print_report+0xd1/0x650 [ 16.656094] ? __virt_addr_valid+0x1db/0x2d0 [ 16.656118] ? kasan_atomics_helper+0x177f/0x5450 [ 16.656139] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.656165] ? kasan_atomics_helper+0x177f/0x5450 [ 16.656187] kasan_report+0x141/0x180 [ 16.656209] ? kasan_atomics_helper+0x177f/0x5450 [ 16.656236] kasan_check_range+0x10c/0x1c0 [ 16.656260] __kasan_check_write+0x18/0x20 [ 16.656279] kasan_atomics_helper+0x177f/0x5450 [ 16.656302] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.656324] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.656348] ? kasan_atomics+0x152/0x310 [ 16.656375] kasan_atomics+0x1dc/0x310 [ 16.656397] ? __pfx_kasan_atomics+0x10/0x10 [ 16.656421] ? __pfx_read_tsc+0x10/0x10 [ 16.656442] ? ktime_get_ts64+0x86/0x230 [ 16.656468] kunit_try_run_case+0x1a5/0x480 [ 16.656491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.656514] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.656537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.656560] ? __kthread_parkme+0x82/0x180 [ 16.656580] ? preempt_count_sub+0x50/0x80 [ 16.656605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.656629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.656653] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.656677] kthread+0x337/0x6f0 [ 16.656697] ? trace_preempt_on+0x20/0xc0 [ 16.656720] ? __pfx_kthread+0x10/0x10 [ 16.656741] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.656762] ? calculate_sigpending+0x7b/0xa0 [ 16.656786] ? __pfx_kthread+0x10/0x10 [ 16.656808] ret_from_fork+0x116/0x1d0 [ 16.656827] ? __pfx_kthread+0x10/0x10 [ 16.656847] ret_from_fork_asm+0x1a/0x30 [ 16.656879] </TASK> [ 16.656892] [ 16.664304] Allocated by task 282: [ 16.664456] kasan_save_stack+0x45/0x70 [ 16.664762] kasan_save_track+0x18/0x40 [ 16.664953] kasan_save_alloc_info+0x3b/0x50 [ 16.665151] __kasan_kmalloc+0xb7/0xc0 [ 16.665285] __kmalloc_cache_noprof+0x189/0x420 [ 16.665441] kasan_atomics+0x95/0x310 [ 16.665686] kunit_try_run_case+0x1a5/0x480 [ 16.665893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.666166] kthread+0x337/0x6f0 [ 16.666336] ret_from_fork+0x116/0x1d0 [ 16.666500] ret_from_fork_asm+0x1a/0x30 [ 16.666692] [ 16.666768] The buggy address belongs to the object at ffff88810261fc00 [ 16.666768] which belongs to the cache kmalloc-64 of size 64 [ 16.667207] The buggy address is located 0 bytes to the right of [ 16.667207] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.667903] [ 16.668003] The buggy address belongs to the physical page: [ 16.668247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.668597] flags: 0x200000000000000(node=0|zone=2) [ 16.668803] page_type: f5(slab) [ 16.668966] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.669265] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.669639] page dumped because: kasan: bad access detected [ 16.669817] [ 16.669888] Memory state around the buggy address: [ 16.670057] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.670377] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.670700] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.671131] ^ [ 16.671292] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.671511] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.671831] ================================================================== [ 16.614312] ================================================================== [ 16.614638] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 16.614965] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.615294] [ 16.615407] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.615450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.615463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.615484] Call Trace: [ 16.615501] <TASK> [ 16.615525] dump_stack_lvl+0x73/0xb0 [ 16.615551] print_report+0xd1/0x650 [ 16.615574] ? __virt_addr_valid+0x1db/0x2d0 [ 16.615595] ? kasan_atomics_helper+0x164f/0x5450 [ 16.615617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.615644] ? kasan_atomics_helper+0x164f/0x5450 [ 16.615665] kasan_report+0x141/0x180 [ 16.615689] ? kasan_atomics_helper+0x164f/0x5450 [ 16.615716] kasan_check_range+0x10c/0x1c0 [ 16.615740] __kasan_check_write+0x18/0x20 [ 16.615760] kasan_atomics_helper+0x164f/0x5450 [ 16.615784] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.615805] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.615830] ? kasan_atomics+0x152/0x310 [ 16.615857] kasan_atomics+0x1dc/0x310 [ 16.615880] ? __pfx_kasan_atomics+0x10/0x10 [ 16.615905] ? __pfx_read_tsc+0x10/0x10 [ 16.615926] ? ktime_get_ts64+0x86/0x230 [ 16.615951] kunit_try_run_case+0x1a5/0x480 [ 16.615976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.615999] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.616023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.616058] ? __kthread_parkme+0x82/0x180 [ 16.616079] ? preempt_count_sub+0x50/0x80 [ 16.616104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.616128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.616152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.616176] kthread+0x337/0x6f0 [ 16.616196] ? trace_preempt_on+0x20/0xc0 [ 16.616219] ? __pfx_kthread+0x10/0x10 [ 16.616239] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.616261] ? calculate_sigpending+0x7b/0xa0 [ 16.616285] ? __pfx_kthread+0x10/0x10 [ 16.616307] ret_from_fork+0x116/0x1d0 [ 16.616326] ? __pfx_kthread+0x10/0x10 [ 16.616347] ret_from_fork_asm+0x1a/0x30 [ 16.616379] </TASK> [ 16.616391] [ 16.624100] Allocated by task 282: [ 16.624286] kasan_save_stack+0x45/0x70 [ 16.624490] kasan_save_track+0x18/0x40 [ 16.624698] kasan_save_alloc_info+0x3b/0x50 [ 16.624884] __kasan_kmalloc+0xb7/0xc0 [ 16.625071] __kmalloc_cache_noprof+0x189/0x420 [ 16.625284] kasan_atomics+0x95/0x310 [ 16.625452] kunit_try_run_case+0x1a5/0x480 [ 16.625647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.625849] kthread+0x337/0x6f0 [ 16.625970] ret_from_fork+0x116/0x1d0 [ 16.626115] ret_from_fork_asm+0x1a/0x30 [ 16.626257] [ 16.626330] The buggy address belongs to the object at ffff88810261fc00 [ 16.626330] which belongs to the cache kmalloc-64 of size 64 [ 16.626774] The buggy address is located 0 bytes to the right of [ 16.626774] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.627335] [ 16.627433] The buggy address belongs to the physical page: [ 16.627685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.628058] flags: 0x200000000000000(node=0|zone=2) [ 16.628237] page_type: f5(slab) [ 16.628360] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.628809] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.629171] page dumped because: kasan: bad access detected [ 16.629424] [ 16.629525] Memory state around the buggy address: [ 16.629733] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.629969] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.630303] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.630631] ^ [ 16.630820] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.631094] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.631398] ================================================================== [ 16.380237] ================================================================== [ 16.380609] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 16.380845] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.381091] [ 16.381201] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.381243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.381256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.381278] Call Trace: [ 16.381291] <TASK> [ 16.381305] dump_stack_lvl+0x73/0xb0 [ 16.381331] print_report+0xd1/0x650 [ 16.381353] ? __virt_addr_valid+0x1db/0x2d0 [ 16.381374] ? kasan_atomics_helper+0x1217/0x5450 [ 16.381395] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.381421] ? kasan_atomics_helper+0x1217/0x5450 [ 16.381442] kasan_report+0x141/0x180 [ 16.381465] ? kasan_atomics_helper+0x1217/0x5450 [ 16.381492] kasan_check_range+0x10c/0x1c0 [ 16.381516] __kasan_check_write+0x18/0x20 [ 16.381535] kasan_atomics_helper+0x1217/0x5450 [ 16.381563] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.381585] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.381610] ? kasan_atomics+0x152/0x310 [ 16.381636] kasan_atomics+0x1dc/0x310 [ 16.381659] ? __pfx_kasan_atomics+0x10/0x10 [ 16.381683] ? __pfx_read_tsc+0x10/0x10 [ 16.381704] ? ktime_get_ts64+0x86/0x230 [ 16.381777] kunit_try_run_case+0x1a5/0x480 [ 16.381806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.381829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.381852] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.381876] ? __kthread_parkme+0x82/0x180 [ 16.381896] ? preempt_count_sub+0x50/0x80 [ 16.381921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.381945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.381969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.381992] kthread+0x337/0x6f0 [ 16.382012] ? trace_preempt_on+0x20/0xc0 [ 16.382035] ? __pfx_kthread+0x10/0x10 [ 16.382095] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.382120] ? calculate_sigpending+0x7b/0xa0 [ 16.382143] ? __pfx_kthread+0x10/0x10 [ 16.382166] ret_from_fork+0x116/0x1d0 [ 16.382186] ? __pfx_kthread+0x10/0x10 [ 16.382207] ret_from_fork_asm+0x1a/0x30 [ 16.382238] </TASK> [ 16.382250] [ 16.394779] Allocated by task 282: [ 16.394917] kasan_save_stack+0x45/0x70 [ 16.395134] kasan_save_track+0x18/0x40 [ 16.395452] kasan_save_alloc_info+0x3b/0x50 [ 16.395634] __kasan_kmalloc+0xb7/0xc0 [ 16.395770] __kmalloc_cache_noprof+0x189/0x420 [ 16.395990] kasan_atomics+0x95/0x310 [ 16.396289] kunit_try_run_case+0x1a5/0x480 [ 16.396592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.396841] kthread+0x337/0x6f0 [ 16.396965] ret_from_fork+0x116/0x1d0 [ 16.397119] ret_from_fork_asm+0x1a/0x30 [ 16.397283] [ 16.397414] The buggy address belongs to the object at ffff88810261fc00 [ 16.397414] which belongs to the cache kmalloc-64 of size 64 [ 16.398321] The buggy address is located 0 bytes to the right of [ 16.398321] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.398864] [ 16.398941] The buggy address belongs to the physical page: [ 16.399381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.399894] flags: 0x200000000000000(node=0|zone=2) [ 16.400206] page_type: f5(slab) [ 16.400377] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.400738] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.401123] page dumped because: kasan: bad access detected [ 16.401315] [ 16.401389] Memory state around the buggy address: [ 16.401564] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.401885] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.402216] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.402537] ^ [ 16.402772] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.403248] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.403561] ================================================================== [ 16.729260] ================================================================== [ 16.729647] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 16.730006] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.730338] [ 16.730425] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.730469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.730482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.730523] Call Trace: [ 16.730538] <TASK> [ 16.730553] dump_stack_lvl+0x73/0xb0 [ 16.730580] print_report+0xd1/0x650 [ 16.730603] ? __virt_addr_valid+0x1db/0x2d0 [ 16.730625] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.730667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.730694] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.730716] kasan_report+0x141/0x180 [ 16.730756] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.730784] kasan_check_range+0x10c/0x1c0 [ 16.730807] __kasan_check_write+0x18/0x20 [ 16.730826] kasan_atomics_helper+0x19e3/0x5450 [ 16.730849] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.730871] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.730895] ? kasan_atomics+0x152/0x310 [ 16.730922] kasan_atomics+0x1dc/0x310 [ 16.730961] ? __pfx_kasan_atomics+0x10/0x10 [ 16.730986] ? __pfx_read_tsc+0x10/0x10 [ 16.731007] ? ktime_get_ts64+0x86/0x230 [ 16.731058] kunit_try_run_case+0x1a5/0x480 [ 16.731082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.731118] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.731154] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.731191] ? __kthread_parkme+0x82/0x180 [ 16.731224] ? preempt_count_sub+0x50/0x80 [ 16.731248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.731272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.731295] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.731318] kthread+0x337/0x6f0 [ 16.731337] ? trace_preempt_on+0x20/0xc0 [ 16.731360] ? __pfx_kthread+0x10/0x10 [ 16.731382] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.731404] ? calculate_sigpending+0x7b/0xa0 [ 16.731427] ? __pfx_kthread+0x10/0x10 [ 16.731449] ret_from_fork+0x116/0x1d0 [ 16.731467] ? __pfx_kthread+0x10/0x10 [ 16.731488] ret_from_fork_asm+0x1a/0x30 [ 16.731538] </TASK> [ 16.731549] [ 16.739283] Allocated by task 282: [ 16.739421] kasan_save_stack+0x45/0x70 [ 16.739670] kasan_save_track+0x18/0x40 [ 16.739896] kasan_save_alloc_info+0x3b/0x50 [ 16.740121] __kasan_kmalloc+0xb7/0xc0 [ 16.740273] __kmalloc_cache_noprof+0x189/0x420 [ 16.740563] kasan_atomics+0x95/0x310 [ 16.740754] kunit_try_run_case+0x1a5/0x480 [ 16.740953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.741211] kthread+0x337/0x6f0 [ 16.741355] ret_from_fork+0x116/0x1d0 [ 16.741544] ret_from_fork_asm+0x1a/0x30 [ 16.741773] [ 16.741886] The buggy address belongs to the object at ffff88810261fc00 [ 16.741886] which belongs to the cache kmalloc-64 of size 64 [ 16.742375] The buggy address is located 0 bytes to the right of [ 16.742375] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.743052] [ 16.743158] The buggy address belongs to the physical page: [ 16.743408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.743789] flags: 0x200000000000000(node=0|zone=2) [ 16.744025] page_type: f5(slab) [ 16.744200] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.744561] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.744913] page dumped because: kasan: bad access detected [ 16.745154] [ 16.745249] Memory state around the buggy address: [ 16.745458] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.745830] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.746158] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.746489] ^ [ 16.746734] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.746965] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.747609] ================================================================== [ 16.748935] ================================================================== [ 16.749562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 16.749890] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.750208] [ 16.750309] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.750352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.750365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.750388] Call Trace: [ 16.750403] <TASK> [ 16.750417] dump_stack_lvl+0x73/0xb0 [ 16.750444] print_report+0xd1/0x650 [ 16.750466] ? __virt_addr_valid+0x1db/0x2d0 [ 16.750489] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.750789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.750819] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.750841] kasan_report+0x141/0x180 [ 16.750865] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.750995] kasan_check_range+0x10c/0x1c0 [ 16.751025] __kasan_check_write+0x18/0x20 [ 16.751058] kasan_atomics_helper+0x1a7f/0x5450 [ 16.751082] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.751104] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.751128] ? kasan_atomics+0x152/0x310 [ 16.751155] kasan_atomics+0x1dc/0x310 [ 16.751178] ? __pfx_kasan_atomics+0x10/0x10 [ 16.751202] ? __pfx_read_tsc+0x10/0x10 [ 16.751224] ? ktime_get_ts64+0x86/0x230 [ 16.751247] kunit_try_run_case+0x1a5/0x480 [ 16.751271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.751295] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.751317] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.751340] ? __kthread_parkme+0x82/0x180 [ 16.751361] ? preempt_count_sub+0x50/0x80 [ 16.751384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.751408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.751431] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.751455] kthread+0x337/0x6f0 [ 16.751474] ? trace_preempt_on+0x20/0xc0 [ 16.751646] ? __pfx_kthread+0x10/0x10 [ 16.751677] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.751701] ? calculate_sigpending+0x7b/0xa0 [ 16.751727] ? __pfx_kthread+0x10/0x10 [ 16.751749] ret_from_fork+0x116/0x1d0 [ 16.751769] ? __pfx_kthread+0x10/0x10 [ 16.751789] ret_from_fork_asm+0x1a/0x30 [ 16.751820] </TASK> [ 16.751832] [ 16.763021] Allocated by task 282: [ 16.763331] kasan_save_stack+0x45/0x70 [ 16.763691] kasan_save_track+0x18/0x40 [ 16.764000] kasan_save_alloc_info+0x3b/0x50 [ 16.764226] __kasan_kmalloc+0xb7/0xc0 [ 16.764400] __kmalloc_cache_noprof+0x189/0x420 [ 16.764809] kasan_atomics+0x95/0x310 [ 16.765001] kunit_try_run_case+0x1a5/0x480 [ 16.765527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.765785] kthread+0x337/0x6f0 [ 16.765949] ret_from_fork+0x116/0x1d0 [ 16.766139] ret_from_fork_asm+0x1a/0x30 [ 16.766325] [ 16.766418] The buggy address belongs to the object at ffff88810261fc00 [ 16.766418] which belongs to the cache kmalloc-64 of size 64 [ 16.767465] The buggy address is located 0 bytes to the right of [ 16.767465] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.768232] [ 16.768318] The buggy address belongs to the physical page: [ 16.768499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.768745] flags: 0x200000000000000(node=0|zone=2) [ 16.768914] page_type: f5(slab) [ 16.769051] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.769288] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.769526] page dumped because: kasan: bad access detected [ 16.770479] [ 16.770667] Memory state around the buggy address: [ 16.771401] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.772214] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.773067] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.773886] ^ [ 16.774445] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.775258] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.775938] ================================================================== [ 17.027322] ================================================================== [ 17.027653] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 17.027981] Read of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 17.028312] [ 17.028418] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.028459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.028472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.028493] Call Trace: [ 17.028509] <TASK> [ 17.028525] dump_stack_lvl+0x73/0xb0 [ 17.028550] print_report+0xd1/0x650 [ 17.028572] ? __virt_addr_valid+0x1db/0x2d0 [ 17.028593] ? kasan_atomics_helper+0x4f98/0x5450 [ 17.028662] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.028689] ? kasan_atomics_helper+0x4f98/0x5450 [ 17.028710] kasan_report+0x141/0x180 [ 17.028733] ? kasan_atomics_helper+0x4f98/0x5450 [ 17.028760] __asan_report_load8_noabort+0x18/0x20 [ 17.028784] kasan_atomics_helper+0x4f98/0x5450 [ 17.028806] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.028828] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.028853] ? kasan_atomics+0x152/0x310 [ 17.028880] kasan_atomics+0x1dc/0x310 [ 17.028903] ? __pfx_kasan_atomics+0x10/0x10 [ 17.028929] ? __pfx_read_tsc+0x10/0x10 [ 17.028950] ? ktime_get_ts64+0x86/0x230 [ 17.028974] kunit_try_run_case+0x1a5/0x480 [ 17.028998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.029021] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.029055] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.029080] ? __kthread_parkme+0x82/0x180 [ 17.029099] ? preempt_count_sub+0x50/0x80 [ 17.029123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.029147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.029170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.029194] kthread+0x337/0x6f0 [ 17.029214] ? trace_preempt_on+0x20/0xc0 [ 17.029236] ? __pfx_kthread+0x10/0x10 [ 17.029257] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.029279] ? calculate_sigpending+0x7b/0xa0 [ 17.029303] ? __pfx_kthread+0x10/0x10 [ 17.029325] ret_from_fork+0x116/0x1d0 [ 17.029344] ? __pfx_kthread+0x10/0x10 [ 17.029366] ret_from_fork_asm+0x1a/0x30 [ 17.029400] </TASK> [ 17.029412] [ 17.037492] Allocated by task 282: [ 17.037699] kasan_save_stack+0x45/0x70 [ 17.037900] kasan_save_track+0x18/0x40 [ 17.038106] kasan_save_alloc_info+0x3b/0x50 [ 17.038321] __kasan_kmalloc+0xb7/0xc0 [ 17.038523] __kmalloc_cache_noprof+0x189/0x420 [ 17.038750] kasan_atomics+0x95/0x310 [ 17.038950] kunit_try_run_case+0x1a5/0x480 [ 17.039189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.039415] kthread+0x337/0x6f0 [ 17.039612] ret_from_fork+0x116/0x1d0 [ 17.039822] ret_from_fork_asm+0x1a/0x30 [ 17.039969] [ 17.040096] The buggy address belongs to the object at ffff88810261fc00 [ 17.040096] which belongs to the cache kmalloc-64 of size 64 [ 17.040676] The buggy address is located 0 bytes to the right of [ 17.040676] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 17.041217] [ 17.041306] The buggy address belongs to the physical page: [ 17.041606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 17.041948] flags: 0x200000000000000(node=0|zone=2) [ 17.042200] page_type: f5(slab) [ 17.042384] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.042744] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.043144] page dumped because: kasan: bad access detected [ 17.043400] [ 17.043505] Memory state around the buggy address: [ 17.043747] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.044103] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.044317] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.044525] ^ [ 17.044745] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.045063] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.045371] ================================================================== [ 16.532591] ================================================================== [ 16.532886] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 16.533943] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.534428] [ 16.534645] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.534696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.534708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.534732] Call Trace: [ 16.534811] <TASK> [ 16.534832] dump_stack_lvl+0x73/0xb0 [ 16.534862] print_report+0xd1/0x650 [ 16.534886] ? __virt_addr_valid+0x1db/0x2d0 [ 16.534908] ? kasan_atomics_helper+0x1467/0x5450 [ 16.534931] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.534956] ? kasan_atomics_helper+0x1467/0x5450 [ 16.534978] kasan_report+0x141/0x180 [ 16.535001] ? kasan_atomics_helper+0x1467/0x5450 [ 16.535027] kasan_check_range+0x10c/0x1c0 [ 16.535127] __kasan_check_write+0x18/0x20 [ 16.535149] kasan_atomics_helper+0x1467/0x5450 [ 16.535173] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.535195] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.535221] ? kasan_atomics+0x152/0x310 [ 16.535247] kasan_atomics+0x1dc/0x310 [ 16.535270] ? __pfx_kasan_atomics+0x10/0x10 [ 16.535295] ? __pfx_read_tsc+0x10/0x10 [ 16.535316] ? ktime_get_ts64+0x86/0x230 [ 16.535342] kunit_try_run_case+0x1a5/0x480 [ 16.535366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.535389] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.535412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.535436] ? __kthread_parkme+0x82/0x180 [ 16.535456] ? preempt_count_sub+0x50/0x80 [ 16.535481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.535524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.535547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.535571] kthread+0x337/0x6f0 [ 16.535593] ? trace_preempt_on+0x20/0xc0 [ 16.535616] ? __pfx_kthread+0x10/0x10 [ 16.535637] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.535659] ? calculate_sigpending+0x7b/0xa0 [ 16.535684] ? __pfx_kthread+0x10/0x10 [ 16.535706] ret_from_fork+0x116/0x1d0 [ 16.535725] ? __pfx_kthread+0x10/0x10 [ 16.535746] ret_from_fork_asm+0x1a/0x30 [ 16.535778] </TASK> [ 16.535790] [ 16.546583] Allocated by task 282: [ 16.546934] kasan_save_stack+0x45/0x70 [ 16.547306] kasan_save_track+0x18/0x40 [ 16.547567] kasan_save_alloc_info+0x3b/0x50 [ 16.547800] __kasan_kmalloc+0xb7/0xc0 [ 16.548181] __kmalloc_cache_noprof+0x189/0x420 [ 16.548368] kasan_atomics+0x95/0x310 [ 16.548732] kunit_try_run_case+0x1a5/0x480 [ 16.549009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.549399] kthread+0x337/0x6f0 [ 16.549676] ret_from_fork+0x116/0x1d0 [ 16.549829] ret_from_fork_asm+0x1a/0x30 [ 16.550359] [ 16.550466] The buggy address belongs to the object at ffff88810261fc00 [ 16.550466] which belongs to the cache kmalloc-64 of size 64 [ 16.551187] The buggy address is located 0 bytes to the right of [ 16.551187] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.551674] [ 16.551774] The buggy address belongs to the physical page: [ 16.552009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.552735] flags: 0x200000000000000(node=0|zone=2) [ 16.553111] page_type: f5(slab) [ 16.553382] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.553820] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.554275] page dumped because: kasan: bad access detected [ 16.554620] [ 16.554716] Memory state around the buggy address: [ 16.554922] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.555609] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.556027] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.556410] ^ [ 16.556636] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.556936] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.557530] ================================================================== [ 16.507236] ================================================================== [ 16.507545] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 16.508373] Read of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.508768] [ 16.508887] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.508932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.508945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.508967] Call Trace: [ 16.508985] <TASK> [ 16.509002] dump_stack_lvl+0x73/0xb0 [ 16.509031] print_report+0xd1/0x650 [ 16.509310] ? __virt_addr_valid+0x1db/0x2d0 [ 16.509341] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.509363] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.509390] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.509413] kasan_report+0x141/0x180 [ 16.509436] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.509463] __asan_report_load8_noabort+0x18/0x20 [ 16.509488] kasan_atomics_helper+0x4eae/0x5450 [ 16.509523] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.509546] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.509574] ? kasan_atomics+0x152/0x310 [ 16.509604] kasan_atomics+0x1dc/0x310 [ 16.509627] ? __pfx_kasan_atomics+0x10/0x10 [ 16.509651] ? __pfx_read_tsc+0x10/0x10 [ 16.509672] ? ktime_get_ts64+0x86/0x230 [ 16.509697] kunit_try_run_case+0x1a5/0x480 [ 16.509722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.509744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.509768] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.509793] ? __kthread_parkme+0x82/0x180 [ 16.509814] ? preempt_count_sub+0x50/0x80 [ 16.509838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.509863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.509886] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.509910] kthread+0x337/0x6f0 [ 16.509930] ? trace_preempt_on+0x20/0xc0 [ 16.509952] ? __pfx_kthread+0x10/0x10 [ 16.509974] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.509996] ? calculate_sigpending+0x7b/0xa0 [ 16.510020] ? __pfx_kthread+0x10/0x10 [ 16.510054] ret_from_fork+0x116/0x1d0 [ 16.510123] ? __pfx_kthread+0x10/0x10 [ 16.510146] ret_from_fork_asm+0x1a/0x30 [ 16.510178] </TASK> [ 16.510190] [ 16.521335] Allocated by task 282: [ 16.521668] kasan_save_stack+0x45/0x70 [ 16.521876] kasan_save_track+0x18/0x40 [ 16.522443] kasan_save_alloc_info+0x3b/0x50 [ 16.522742] __kasan_kmalloc+0xb7/0xc0 [ 16.522934] __kmalloc_cache_noprof+0x189/0x420 [ 16.523371] kasan_atomics+0x95/0x310 [ 16.523615] kunit_try_run_case+0x1a5/0x480 [ 16.523811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.524037] kthread+0x337/0x6f0 [ 16.524203] ret_from_fork+0x116/0x1d0 [ 16.524386] ret_from_fork_asm+0x1a/0x30 [ 16.524863] [ 16.524965] The buggy address belongs to the object at ffff88810261fc00 [ 16.524965] which belongs to the cache kmalloc-64 of size 64 [ 16.525695] The buggy address is located 0 bytes to the right of [ 16.525695] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.526238] [ 16.526345] The buggy address belongs to the physical page: [ 16.526891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.527583] flags: 0x200000000000000(node=0|zone=2) [ 16.527794] page_type: f5(slab) [ 16.527972] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.528680] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.528997] page dumped because: kasan: bad access detected [ 16.529417] [ 16.529560] Memory state around the buggy address: [ 16.529845] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.530345] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.530786] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.531256] ^ [ 16.531462] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.531782] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.532111] ================================================================== [ 17.064496] ================================================================== [ 17.064961] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 17.065431] Read of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 17.065799] [ 17.065943] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.065988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.066199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.066222] Call Trace: [ 17.066237] <TASK> [ 17.066252] dump_stack_lvl+0x73/0xb0 [ 17.066279] print_report+0xd1/0x650 [ 17.066301] ? __virt_addr_valid+0x1db/0x2d0 [ 17.066324] ? kasan_atomics_helper+0x4fb2/0x5450 [ 17.066346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.066372] ? kasan_atomics_helper+0x4fb2/0x5450 [ 17.066394] kasan_report+0x141/0x180 [ 17.066417] ? kasan_atomics_helper+0x4fb2/0x5450 [ 17.066444] __asan_report_load8_noabort+0x18/0x20 [ 17.066467] kasan_atomics_helper+0x4fb2/0x5450 [ 17.066491] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.066512] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.066537] ? kasan_atomics+0x152/0x310 [ 17.066563] kasan_atomics+0x1dc/0x310 [ 17.066586] ? __pfx_kasan_atomics+0x10/0x10 [ 17.066611] ? __pfx_read_tsc+0x10/0x10 [ 17.066632] ? ktime_get_ts64+0x86/0x230 [ 17.066656] kunit_try_run_case+0x1a5/0x480 [ 17.066680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.066703] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.066727] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.066751] ? __kthread_parkme+0x82/0x180 [ 17.066771] ? preempt_count_sub+0x50/0x80 [ 17.066795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.066819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.066842] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.066866] kthread+0x337/0x6f0 [ 17.066885] ? trace_preempt_on+0x20/0xc0 [ 17.066909] ? __pfx_kthread+0x10/0x10 [ 17.066930] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.066952] ? calculate_sigpending+0x7b/0xa0 [ 17.066976] ? __pfx_kthread+0x10/0x10 [ 17.066997] ret_from_fork+0x116/0x1d0 [ 17.067016] ? __pfx_kthread+0x10/0x10 [ 17.067037] ret_from_fork_asm+0x1a/0x30 [ 17.067078] </TASK> [ 17.067089] [ 17.074701] Allocated by task 282: [ 17.074916] kasan_save_stack+0x45/0x70 [ 17.075121] kasan_save_track+0x18/0x40 [ 17.075330] kasan_save_alloc_info+0x3b/0x50 [ 17.075594] __kasan_kmalloc+0xb7/0xc0 [ 17.075802] __kmalloc_cache_noprof+0x189/0x420 [ 17.076032] kasan_atomics+0x95/0x310 [ 17.076249] kunit_try_run_case+0x1a5/0x480 [ 17.076456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.076747] kthread+0x337/0x6f0 [ 17.076950] ret_from_fork+0x116/0x1d0 [ 17.077152] ret_from_fork_asm+0x1a/0x30 [ 17.077372] [ 17.077474] The buggy address belongs to the object at ffff88810261fc00 [ 17.077474] which belongs to the cache kmalloc-64 of size 64 [ 17.077830] The buggy address is located 0 bytes to the right of [ 17.077830] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 17.078197] [ 17.078268] The buggy address belongs to the physical page: [ 17.078540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 17.078897] flags: 0x200000000000000(node=0|zone=2) [ 17.079144] page_type: f5(slab) [ 17.079313] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.079897] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.080147] page dumped because: kasan: bad access detected [ 17.080321] [ 17.080392] Memory state around the buggy address: [ 17.080548] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.080764] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.081079] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.081504] ^ [ 17.081838] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.082464] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.082910] ================================================================== [ 15.800022] ================================================================== [ 15.800401] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.800885] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.801326] [ 15.801434] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.801542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.801574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.801640] Call Trace: [ 15.801661] <TASK> [ 15.801691] dump_stack_lvl+0x73/0xb0 [ 15.801722] print_report+0xd1/0x650 [ 15.801746] ? __virt_addr_valid+0x1db/0x2d0 [ 15.801770] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.801791] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.801817] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.801839] kasan_report+0x141/0x180 [ 15.801872] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.801899] kasan_check_range+0x10c/0x1c0 [ 15.801923] __kasan_check_write+0x18/0x20 [ 15.801987] kasan_atomics_helper+0x5fe/0x5450 [ 15.802012] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.802055] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.802127] ? kasan_atomics+0x152/0x310 [ 15.802155] kasan_atomics+0x1dc/0x310 [ 15.802178] ? __pfx_kasan_atomics+0x10/0x10 [ 15.802202] ? __pfx_read_tsc+0x10/0x10 [ 15.802224] ? ktime_get_ts64+0x86/0x230 [ 15.802250] kunit_try_run_case+0x1a5/0x480 [ 15.802275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.802298] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.802322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.802346] ? __kthread_parkme+0x82/0x180 [ 15.802367] ? preempt_count_sub+0x50/0x80 [ 15.802390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.802415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.802438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.802462] kthread+0x337/0x6f0 [ 15.802482] ? trace_preempt_on+0x20/0xc0 [ 15.802505] ? __pfx_kthread+0x10/0x10 [ 15.802526] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.802547] ? calculate_sigpending+0x7b/0xa0 [ 15.802571] ? __pfx_kthread+0x10/0x10 [ 15.802593] ret_from_fork+0x116/0x1d0 [ 15.802611] ? __pfx_kthread+0x10/0x10 [ 15.802633] ret_from_fork_asm+0x1a/0x30 [ 15.802665] </TASK> [ 15.802677] [ 15.813297] Allocated by task 282: [ 15.813432] kasan_save_stack+0x45/0x70 [ 15.813759] kasan_save_track+0x18/0x40 [ 15.814115] kasan_save_alloc_info+0x3b/0x50 [ 15.814330] __kasan_kmalloc+0xb7/0xc0 [ 15.814465] __kmalloc_cache_noprof+0x189/0x420 [ 15.815003] kasan_atomics+0x95/0x310 [ 15.815507] kunit_try_run_case+0x1a5/0x480 [ 15.815735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.816084] kthread+0x337/0x6f0 [ 15.816405] ret_from_fork+0x116/0x1d0 [ 15.816756] ret_from_fork_asm+0x1a/0x30 [ 15.817051] [ 15.817205] The buggy address belongs to the object at ffff88810261fc00 [ 15.817205] which belongs to the cache kmalloc-64 of size 64 [ 15.817994] The buggy address is located 0 bytes to the right of [ 15.817994] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.818739] [ 15.818862] The buggy address belongs to the physical page: [ 15.819269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.819602] flags: 0x200000000000000(node=0|zone=2) [ 15.819821] page_type: f5(slab) [ 15.819989] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.820483] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.820838] page dumped because: kasan: bad access detected [ 15.821248] [ 15.821430] Memory state around the buggy address: [ 15.821695] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.822144] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.822486] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.822995] ^ [ 15.823294] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.823686] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.824062] ================================================================== [ 16.560108] ================================================================== [ 16.560386] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 16.560947] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.561256] [ 16.561348] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.561394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.561408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.561430] Call Trace: [ 16.561444] <TASK> [ 16.561460] dump_stack_lvl+0x73/0xb0 [ 16.561488] print_report+0xd1/0x650 [ 16.561511] ? __virt_addr_valid+0x1db/0x2d0 [ 16.561534] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.561560] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.561586] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.561608] kasan_report+0x141/0x180 [ 16.561631] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.561792] __asan_report_store8_noabort+0x1b/0x30 [ 16.561824] kasan_atomics_helper+0x50d4/0x5450 [ 16.561848] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.561871] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.561896] ? kasan_atomics+0x152/0x310 [ 16.561924] kasan_atomics+0x1dc/0x310 [ 16.561947] ? __pfx_kasan_atomics+0x10/0x10 [ 16.561972] ? __pfx_read_tsc+0x10/0x10 [ 16.561994] ? ktime_get_ts64+0x86/0x230 [ 16.562018] kunit_try_run_case+0x1a5/0x480 [ 16.562056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.562369] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.562395] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.562420] ? __kthread_parkme+0x82/0x180 [ 16.562441] ? preempt_count_sub+0x50/0x80 [ 16.562465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.562490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.562513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.562537] kthread+0x337/0x6f0 [ 16.562557] ? trace_preempt_on+0x20/0xc0 [ 16.562582] ? __pfx_kthread+0x10/0x10 [ 16.562602] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.562624] ? calculate_sigpending+0x7b/0xa0 [ 16.562649] ? __pfx_kthread+0x10/0x10 [ 16.562671] ret_from_fork+0x116/0x1d0 [ 16.562691] ? __pfx_kthread+0x10/0x10 [ 16.562713] ret_from_fork_asm+0x1a/0x30 [ 16.562744] </TASK> [ 16.562755] [ 16.570048] Allocated by task 282: [ 16.570198] kasan_save_stack+0x45/0x70 [ 16.570407] kasan_save_track+0x18/0x40 [ 16.570605] kasan_save_alloc_info+0x3b/0x50 [ 16.570854] __kasan_kmalloc+0xb7/0xc0 [ 16.571019] __kmalloc_cache_noprof+0x189/0x420 [ 16.571230] kasan_atomics+0x95/0x310 [ 16.571405] kunit_try_run_case+0x1a5/0x480 [ 16.571662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.571889] kthread+0x337/0x6f0 [ 16.572031] ret_from_fork+0x116/0x1d0 [ 16.572176] ret_from_fork_asm+0x1a/0x30 [ 16.572375] [ 16.572471] The buggy address belongs to the object at ffff88810261fc00 [ 16.572471] which belongs to the cache kmalloc-64 of size 64 [ 16.572933] The buggy address is located 0 bytes to the right of [ 16.572933] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.573470] [ 16.573609] The buggy address belongs to the physical page: [ 16.573839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.574152] flags: 0x200000000000000(node=0|zone=2) [ 16.574365] page_type: f5(slab) [ 16.574549] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.574855] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.575160] page dumped because: kasan: bad access detected [ 16.575375] [ 16.575448] Memory state around the buggy address: [ 16.575606] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.575827] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.576056] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.576380] ^ [ 16.576603] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.576942] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.577269] ================================================================== [ 16.893225] ================================================================== [ 16.893924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.894437] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.894995] [ 16.895245] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.895296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.895310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.895332] Call Trace: [ 16.895348] <TASK> [ 16.895364] dump_stack_lvl+0x73/0xb0 [ 16.895392] print_report+0xd1/0x650 [ 16.895415] ? __virt_addr_valid+0x1db/0x2d0 [ 16.895439] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.895460] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.895487] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.895656] kasan_report+0x141/0x180 [ 16.895689] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.895717] kasan_check_range+0x10c/0x1c0 [ 16.895742] __kasan_check_write+0x18/0x20 [ 16.895762] kasan_atomics_helper+0x1d7a/0x5450 [ 16.895785] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.895808] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.895834] ? kasan_atomics+0x152/0x310 [ 16.895860] kasan_atomics+0x1dc/0x310 [ 16.895884] ? __pfx_kasan_atomics+0x10/0x10 [ 16.895908] ? __pfx_read_tsc+0x10/0x10 [ 16.895930] ? ktime_get_ts64+0x86/0x230 [ 16.895954] kunit_try_run_case+0x1a5/0x480 [ 16.895978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.896001] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.896025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.896059] ? __kthread_parkme+0x82/0x180 [ 16.896081] ? preempt_count_sub+0x50/0x80 [ 16.896104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.896128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.896151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.896175] kthread+0x337/0x6f0 [ 16.896194] ? trace_preempt_on+0x20/0xc0 [ 16.896217] ? __pfx_kthread+0x10/0x10 [ 16.896238] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.896260] ? calculate_sigpending+0x7b/0xa0 [ 16.896284] ? __pfx_kthread+0x10/0x10 [ 16.896305] ret_from_fork+0x116/0x1d0 [ 16.896324] ? __pfx_kthread+0x10/0x10 [ 16.896345] ret_from_fork_asm+0x1a/0x30 [ 16.896377] </TASK> [ 16.896390] [ 16.908321] Allocated by task 282: [ 16.908458] kasan_save_stack+0x45/0x70 [ 16.908609] kasan_save_track+0x18/0x40 [ 16.908743] kasan_save_alloc_info+0x3b/0x50 [ 16.908887] __kasan_kmalloc+0xb7/0xc0 [ 16.909017] __kmalloc_cache_noprof+0x189/0x420 [ 16.909178] kasan_atomics+0x95/0x310 [ 16.909308] kunit_try_run_case+0x1a5/0x480 [ 16.909450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.909624] kthread+0x337/0x6f0 [ 16.909745] ret_from_fork+0x116/0x1d0 [ 16.909874] ret_from_fork_asm+0x1a/0x30 [ 16.910011] [ 16.911711] The buggy address belongs to the object at ffff88810261fc00 [ 16.911711] which belongs to the cache kmalloc-64 of size 64 [ 16.912193] The buggy address is located 0 bytes to the right of [ 16.912193] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.912806] [ 16.912891] The buggy address belongs to the physical page: [ 16.913083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.913329] flags: 0x200000000000000(node=0|zone=2) [ 16.913524] page_type: f5(slab) [ 16.914876] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.915408] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.916474] page dumped because: kasan: bad access detected [ 16.916915] [ 16.916992] Memory state around the buggy address: [ 16.917437] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.918110] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.918326] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.918659] ^ [ 16.919139] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.919793] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.920434] ================================================================== [ 17.102198] ================================================================== [ 17.102525] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 17.102813] Read of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 17.103261] [ 17.103364] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.103407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.103420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.103476] Call Trace: [ 17.103494] <TASK> [ 17.103510] dump_stack_lvl+0x73/0xb0 [ 17.103539] print_report+0xd1/0x650 [ 17.103563] ? __virt_addr_valid+0x1db/0x2d0 [ 17.103585] ? kasan_atomics_helper+0x4fa5/0x5450 [ 17.103638] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.103666] ? kasan_atomics_helper+0x4fa5/0x5450 [ 17.103687] kasan_report+0x141/0x180 [ 17.103710] ? kasan_atomics_helper+0x4fa5/0x5450 [ 17.103738] __asan_report_load8_noabort+0x18/0x20 [ 17.103793] kasan_atomics_helper+0x4fa5/0x5450 [ 17.103816] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.103839] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.103864] ? kasan_atomics+0x152/0x310 [ 17.103919] kasan_atomics+0x1dc/0x310 [ 17.103943] ? __pfx_kasan_atomics+0x10/0x10 [ 17.103968] ? __pfx_read_tsc+0x10/0x10 [ 17.103988] ? ktime_get_ts64+0x86/0x230 [ 17.104013] kunit_try_run_case+0x1a5/0x480 [ 17.104037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.104070] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.104094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.104118] ? __kthread_parkme+0x82/0x180 [ 17.104139] ? preempt_count_sub+0x50/0x80 [ 17.104163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.104218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.104242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.104266] kthread+0x337/0x6f0 [ 17.104287] ? trace_preempt_on+0x20/0xc0 [ 17.104336] ? __pfx_kthread+0x10/0x10 [ 17.104359] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.104380] ? calculate_sigpending+0x7b/0xa0 [ 17.104404] ? __pfx_kthread+0x10/0x10 [ 17.104426] ret_from_fork+0x116/0x1d0 [ 17.104471] ? __pfx_kthread+0x10/0x10 [ 17.104492] ret_from_fork_asm+0x1a/0x30 [ 17.104537] </TASK> [ 17.104551] [ 17.112597] Allocated by task 282: [ 17.112804] kasan_save_stack+0x45/0x70 [ 17.113015] kasan_save_track+0x18/0x40 [ 17.113210] kasan_save_alloc_info+0x3b/0x50 [ 17.113434] __kasan_kmalloc+0xb7/0xc0 [ 17.113722] __kmalloc_cache_noprof+0x189/0x420 [ 17.113978] kasan_atomics+0x95/0x310 [ 17.114189] kunit_try_run_case+0x1a5/0x480 [ 17.114441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.114824] kthread+0x337/0x6f0 [ 17.114950] ret_from_fork+0x116/0x1d0 [ 17.115112] ret_from_fork_asm+0x1a/0x30 [ 17.115312] [ 17.115408] The buggy address belongs to the object at ffff88810261fc00 [ 17.115408] which belongs to the cache kmalloc-64 of size 64 [ 17.116175] The buggy address is located 0 bytes to the right of [ 17.116175] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 17.116803] [ 17.116877] The buggy address belongs to the physical page: [ 17.117060] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 17.117301] flags: 0x200000000000000(node=0|zone=2) [ 17.117819] page_type: f5(slab) [ 17.117991] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.118443] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.119010] page dumped because: kasan: bad access detected [ 17.119351] [ 17.119426] Memory state around the buggy address: [ 17.119761] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.120091] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.120443] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.120740] ^ [ 17.120900] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.121213] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.121650] ================================================================== [ 15.660136] ================================================================== [ 15.660788] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 15.661280] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.661701] [ 15.661827] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.661874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.661887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.661910] Call Trace: [ 15.661932] <TASK> [ 15.661987] dump_stack_lvl+0x73/0xb0 [ 15.662017] print_report+0xd1/0x650 [ 15.662053] ? __virt_addr_valid+0x1db/0x2d0 [ 15.662129] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.662191] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.662219] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.662240] kasan_report+0x141/0x180 [ 15.662264] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.662291] __asan_report_store4_noabort+0x1b/0x30 [ 15.662316] kasan_atomics_helper+0x4b6e/0x5450 [ 15.662340] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.662362] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.662419] ? kasan_atomics+0x152/0x310 [ 15.662447] kasan_atomics+0x1dc/0x310 [ 15.662471] ? __pfx_kasan_atomics+0x10/0x10 [ 15.662497] ? __pfx_read_tsc+0x10/0x10 [ 15.662520] ? ktime_get_ts64+0x86/0x230 [ 15.662545] kunit_try_run_case+0x1a5/0x480 [ 15.662603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.662626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.662651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.662675] ? __kthread_parkme+0x82/0x180 [ 15.662697] ? preempt_count_sub+0x50/0x80 [ 15.662722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.662746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.662769] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.662794] kthread+0x337/0x6f0 [ 15.662813] ? trace_preempt_on+0x20/0xc0 [ 15.662837] ? __pfx_kthread+0x10/0x10 [ 15.662858] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.662879] ? calculate_sigpending+0x7b/0xa0 [ 15.662905] ? __pfx_kthread+0x10/0x10 [ 15.662927] ret_from_fork+0x116/0x1d0 [ 15.662946] ? __pfx_kthread+0x10/0x10 [ 15.662967] ret_from_fork_asm+0x1a/0x30 [ 15.662999] </TASK> [ 15.663012] [ 15.672284] Allocated by task 282: [ 15.672458] kasan_save_stack+0x45/0x70 [ 15.672623] kasan_save_track+0x18/0x40 [ 15.672901] kasan_save_alloc_info+0x3b/0x50 [ 15.673141] __kasan_kmalloc+0xb7/0xc0 [ 15.673282] __kmalloc_cache_noprof+0x189/0x420 [ 15.673441] kasan_atomics+0x95/0x310 [ 15.673708] kunit_try_run_case+0x1a5/0x480 [ 15.674020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.674344] kthread+0x337/0x6f0 [ 15.674579] ret_from_fork+0x116/0x1d0 [ 15.674799] ret_from_fork_asm+0x1a/0x30 [ 15.674954] [ 15.675145] The buggy address belongs to the object at ffff88810261fc00 [ 15.675145] which belongs to the cache kmalloc-64 of size 64 [ 15.675740] The buggy address is located 0 bytes to the right of [ 15.675740] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.676429] [ 15.676717] The buggy address belongs to the physical page: [ 15.676920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.677578] flags: 0x200000000000000(node=0|zone=2) [ 15.677844] page_type: f5(slab) [ 15.678033] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.678503] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.678839] page dumped because: kasan: bad access detected [ 15.679183] [ 15.679301] Memory state around the buggy address: [ 15.679544] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.679805] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.680265] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.680531] ^ [ 15.680807] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.681211] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.681837] ================================================================== [ 16.776472] ================================================================== [ 16.776713] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 16.776948] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.777856] [ 16.778464] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.778536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.778550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.778572] Call Trace: [ 16.778591] <TASK> [ 16.778608] dump_stack_lvl+0x73/0xb0 [ 16.778638] print_report+0xd1/0x650 [ 16.778662] ? __virt_addr_valid+0x1db/0x2d0 [ 16.778685] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.778706] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.778732] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.778754] kasan_report+0x141/0x180 [ 16.778778] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.778805] kasan_check_range+0x10c/0x1c0 [ 16.778828] __kasan_check_write+0x18/0x20 [ 16.778848] kasan_atomics_helper+0x1b22/0x5450 [ 16.778870] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.778894] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.778919] ? kasan_atomics+0x152/0x310 [ 16.778946] kasan_atomics+0x1dc/0x310 [ 16.778968] ? __pfx_kasan_atomics+0x10/0x10 [ 16.778992] ? __pfx_read_tsc+0x10/0x10 [ 16.779013] ? ktime_get_ts64+0x86/0x230 [ 16.779038] kunit_try_run_case+0x1a5/0x480 [ 16.779073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.779095] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.779117] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.779141] ? __kthread_parkme+0x82/0x180 [ 16.779163] ? preempt_count_sub+0x50/0x80 [ 16.779187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.779211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.779234] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.779257] kthread+0x337/0x6f0 [ 16.779276] ? trace_preempt_on+0x20/0xc0 [ 16.779300] ? __pfx_kthread+0x10/0x10 [ 16.779321] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.779341] ? calculate_sigpending+0x7b/0xa0 [ 16.779365] ? __pfx_kthread+0x10/0x10 [ 16.779387] ret_from_fork+0x116/0x1d0 [ 16.779406] ? __pfx_kthread+0x10/0x10 [ 16.779426] ret_from_fork_asm+0x1a/0x30 [ 16.779458] </TASK> [ 16.779469] [ 16.795845] Allocated by task 282: [ 16.795983] kasan_save_stack+0x45/0x70 [ 16.796146] kasan_save_track+0x18/0x40 [ 16.796287] kasan_save_alloc_info+0x3b/0x50 [ 16.796438] __kasan_kmalloc+0xb7/0xc0 [ 16.796604] __kmalloc_cache_noprof+0x189/0x420 [ 16.797346] kasan_atomics+0x95/0x310 [ 16.797763] kunit_try_run_case+0x1a5/0x480 [ 16.798306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.798879] kthread+0x337/0x6f0 [ 16.799287] ret_from_fork+0x116/0x1d0 [ 16.799747] ret_from_fork_asm+0x1a/0x30 [ 16.800208] [ 16.800372] The buggy address belongs to the object at ffff88810261fc00 [ 16.800372] which belongs to the cache kmalloc-64 of size 64 [ 16.801463] The buggy address is located 0 bytes to the right of [ 16.801463] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.802275] [ 16.802357] The buggy address belongs to the physical page: [ 16.802686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.803470] flags: 0x200000000000000(node=0|zone=2) [ 16.803983] page_type: f5(slab) [ 16.804378] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.804970] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.805438] page dumped because: kasan: bad access detected [ 16.805953] [ 16.806030] Memory state around the buggy address: [ 16.806204] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.806426] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.806796] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.807636] ^ [ 16.808067] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.808754] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.809374] ================================================================== [ 15.751896] ================================================================== [ 15.752370] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.752892] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.753392] [ 15.753598] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.753658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.753672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.753696] Call Trace: [ 15.753717] <TASK> [ 15.753736] dump_stack_lvl+0x73/0xb0 [ 15.753767] print_report+0xd1/0x650 [ 15.753790] ? __virt_addr_valid+0x1db/0x2d0 [ 15.753814] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.753835] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.753861] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.753884] kasan_report+0x141/0x180 [ 15.753907] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.753934] __asan_report_store4_noabort+0x1b/0x30 [ 15.753959] kasan_atomics_helper+0x4b3a/0x5450 [ 15.753981] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.754004] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.754029] ? kasan_atomics+0x152/0x310 [ 15.754148] kasan_atomics+0x1dc/0x310 [ 15.754178] ? __pfx_kasan_atomics+0x10/0x10 [ 15.754202] ? __pfx_read_tsc+0x10/0x10 [ 15.754238] ? ktime_get_ts64+0x86/0x230 [ 15.754263] kunit_try_run_case+0x1a5/0x480 [ 15.754288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.754311] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.754335] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.754359] ? __kthread_parkme+0x82/0x180 [ 15.754380] ? preempt_count_sub+0x50/0x80 [ 15.754405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.754429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.754452] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.754476] kthread+0x337/0x6f0 [ 15.754495] ? trace_preempt_on+0x20/0xc0 [ 15.754519] ? __pfx_kthread+0x10/0x10 [ 15.754540] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.754561] ? calculate_sigpending+0x7b/0xa0 [ 15.754585] ? __pfx_kthread+0x10/0x10 [ 15.754607] ret_from_fork+0x116/0x1d0 [ 15.754626] ? __pfx_kthread+0x10/0x10 [ 15.754647] ret_from_fork_asm+0x1a/0x30 [ 15.754680] </TASK> [ 15.754692] [ 15.764992] Allocated by task 282: [ 15.765290] kasan_save_stack+0x45/0x70 [ 15.765719] kasan_save_track+0x18/0x40 [ 15.765874] kasan_save_alloc_info+0x3b/0x50 [ 15.766212] __kasan_kmalloc+0xb7/0xc0 [ 15.766464] __kmalloc_cache_noprof+0x189/0x420 [ 15.766737] kasan_atomics+0x95/0x310 [ 15.766911] kunit_try_run_case+0x1a5/0x480 [ 15.767427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.767813] kthread+0x337/0x6f0 [ 15.767990] ret_from_fork+0x116/0x1d0 [ 15.768224] ret_from_fork_asm+0x1a/0x30 [ 15.768429] [ 15.768508] The buggy address belongs to the object at ffff88810261fc00 [ 15.768508] which belongs to the cache kmalloc-64 of size 64 [ 15.769025] The buggy address is located 0 bytes to the right of [ 15.769025] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.769682] [ 15.769793] The buggy address belongs to the physical page: [ 15.769972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.770328] flags: 0x200000000000000(node=0|zone=2) [ 15.770761] page_type: f5(slab) [ 15.770912] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.771461] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.772003] page dumped because: kasan: bad access detected [ 15.772294] [ 15.772394] Memory state around the buggy address: [ 15.772760] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.773179] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.773849] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.774247] ^ [ 15.774631] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.774964] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.775338] ================================================================== [ 15.824769] ================================================================== [ 15.825238] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.825949] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.826437] [ 15.826644] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.826691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.826748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.826774] Call Trace: [ 15.826792] <TASK> [ 15.826857] dump_stack_lvl+0x73/0xb0 [ 15.826888] print_report+0xd1/0x650 [ 15.826923] ? __virt_addr_valid+0x1db/0x2d0 [ 15.826947] ? kasan_atomics_helper+0x697/0x5450 [ 15.826968] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.826994] ? kasan_atomics_helper+0x697/0x5450 [ 15.827016] kasan_report+0x141/0x180 [ 15.827048] ? kasan_atomics_helper+0x697/0x5450 [ 15.827076] kasan_check_range+0x10c/0x1c0 [ 15.827100] __kasan_check_write+0x18/0x20 [ 15.827120] kasan_atomics_helper+0x697/0x5450 [ 15.827143] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.827166] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.827191] ? kasan_atomics+0x152/0x310 [ 15.827218] kasan_atomics+0x1dc/0x310 [ 15.827241] ? __pfx_kasan_atomics+0x10/0x10 [ 15.827265] ? __pfx_read_tsc+0x10/0x10 [ 15.827287] ? ktime_get_ts64+0x86/0x230 [ 15.827312] kunit_try_run_case+0x1a5/0x480 [ 15.827337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.827359] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.827383] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.827407] ? __kthread_parkme+0x82/0x180 [ 15.827428] ? preempt_count_sub+0x50/0x80 [ 15.827452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.827476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.827499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.827569] kthread+0x337/0x6f0 [ 15.827591] ? trace_preempt_on+0x20/0xc0 [ 15.827614] ? __pfx_kthread+0x10/0x10 [ 15.827636] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.827657] ? calculate_sigpending+0x7b/0xa0 [ 15.827682] ? __pfx_kthread+0x10/0x10 [ 15.827703] ret_from_fork+0x116/0x1d0 [ 15.827723] ? __pfx_kthread+0x10/0x10 [ 15.827744] ret_from_fork_asm+0x1a/0x30 [ 15.827776] </TASK> [ 15.827788] [ 15.836858] Allocated by task 282: [ 15.837097] kasan_save_stack+0x45/0x70 [ 15.837623] kasan_save_track+0x18/0x40 [ 15.838225] kasan_save_alloc_info+0x3b/0x50 [ 15.838466] __kasan_kmalloc+0xb7/0xc0 [ 15.838767] __kmalloc_cache_noprof+0x189/0x420 [ 15.839289] kasan_atomics+0x95/0x310 [ 15.839446] kunit_try_run_case+0x1a5/0x480 [ 15.839811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.840032] kthread+0x337/0x6f0 [ 15.840500] ret_from_fork+0x116/0x1d0 [ 15.840764] ret_from_fork_asm+0x1a/0x30 [ 15.840978] [ 15.841179] The buggy address belongs to the object at ffff88810261fc00 [ 15.841179] which belongs to the cache kmalloc-64 of size 64 [ 15.841809] The buggy address is located 0 bytes to the right of [ 15.841809] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.842483] [ 15.842589] The buggy address belongs to the physical page: [ 15.842898] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.843519] flags: 0x200000000000000(node=0|zone=2) [ 15.843803] page_type: f5(slab) [ 15.844028] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.844371] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.845131] page dumped because: kasan: bad access detected [ 15.845435] [ 15.845543] Memory state around the buggy address: [ 15.845776] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.846258] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.846549] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.846982] ^ [ 15.847247] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.847813] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.848285] ================================================================== [ 15.848933] ================================================================== [ 15.849240] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.849851] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.850647] [ 15.850747] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.850905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.850922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.850945] Call Trace: [ 15.850976] <TASK> [ 15.850994] dump_stack_lvl+0x73/0xb0 [ 15.851023] print_report+0xd1/0x650 [ 15.851060] ? __virt_addr_valid+0x1db/0x2d0 [ 15.851083] ? kasan_atomics_helper+0x72f/0x5450 [ 15.851104] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.851182] ? kasan_atomics_helper+0x72f/0x5450 [ 15.851256] kasan_report+0x141/0x180 [ 15.851281] ? kasan_atomics_helper+0x72f/0x5450 [ 15.851318] kasan_check_range+0x10c/0x1c0 [ 15.851343] __kasan_check_write+0x18/0x20 [ 15.851363] kasan_atomics_helper+0x72f/0x5450 [ 15.851387] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.851408] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.851433] ? kasan_atomics+0x152/0x310 [ 15.851460] kasan_atomics+0x1dc/0x310 [ 15.851482] ? __pfx_kasan_atomics+0x10/0x10 [ 15.851516] ? __pfx_read_tsc+0x10/0x10 [ 15.851538] ? ktime_get_ts64+0x86/0x230 [ 15.851562] kunit_try_run_case+0x1a5/0x480 [ 15.851586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.851609] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.851632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.851656] ? __kthread_parkme+0x82/0x180 [ 15.851676] ? preempt_count_sub+0x50/0x80 [ 15.851700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.851724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.851747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.851772] kthread+0x337/0x6f0 [ 15.851793] ? trace_preempt_on+0x20/0xc0 [ 15.851815] ? __pfx_kthread+0x10/0x10 [ 15.851836] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.851858] ? calculate_sigpending+0x7b/0xa0 [ 15.851882] ? __pfx_kthread+0x10/0x10 [ 15.851904] ret_from_fork+0x116/0x1d0 [ 15.851922] ? __pfx_kthread+0x10/0x10 [ 15.851943] ret_from_fork_asm+0x1a/0x30 [ 15.851975] </TASK> [ 15.851986] [ 15.865306] Allocated by task 282: [ 15.865450] kasan_save_stack+0x45/0x70 [ 15.865677] kasan_save_track+0x18/0x40 [ 15.866527] kasan_save_alloc_info+0x3b/0x50 [ 15.866723] __kasan_kmalloc+0xb7/0xc0 [ 15.866858] __kmalloc_cache_noprof+0x189/0x420 [ 15.867011] kasan_atomics+0x95/0x310 [ 15.867160] kunit_try_run_case+0x1a5/0x480 [ 15.867300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.867469] kthread+0x337/0x6f0 [ 15.867587] ret_from_fork+0x116/0x1d0 [ 15.867716] ret_from_fork_asm+0x1a/0x30 [ 15.868973] [ 15.869079] The buggy address belongs to the object at ffff88810261fc00 [ 15.869079] which belongs to the cache kmalloc-64 of size 64 [ 15.870140] The buggy address is located 0 bytes to the right of [ 15.870140] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.870684] [ 15.870759] The buggy address belongs to the physical page: [ 15.872095] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.872777] flags: 0x200000000000000(node=0|zone=2) [ 15.873213] page_type: f5(slab) [ 15.873500] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.873973] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.874358] page dumped because: kasan: bad access detected [ 15.874905] [ 15.875009] Memory state around the buggy address: [ 15.875469] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.875973] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.876544] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.877002] ^ [ 15.877364] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.878026] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.878508] ================================================================== [ 16.322990] ================================================================== [ 16.323243] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 16.323568] Read of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.323976] [ 16.324092] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.324135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.324149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.324170] Call Trace: [ 16.324185] <TASK> [ 16.324201] dump_stack_lvl+0x73/0xb0 [ 16.324227] print_report+0xd1/0x650 [ 16.324249] ? __virt_addr_valid+0x1db/0x2d0 [ 16.324273] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.324294] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.324320] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.324343] kasan_report+0x141/0x180 [ 16.324366] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.324394] __asan_report_load4_noabort+0x18/0x20 [ 16.324418] kasan_atomics_helper+0x4a1c/0x5450 [ 16.324441] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.324464] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.324488] ? kasan_atomics+0x152/0x310 [ 16.324515] kasan_atomics+0x1dc/0x310 [ 16.324539] ? __pfx_kasan_atomics+0x10/0x10 [ 16.324564] ? __pfx_read_tsc+0x10/0x10 [ 16.324603] ? ktime_get_ts64+0x86/0x230 [ 16.324629] kunit_try_run_case+0x1a5/0x480 [ 16.324653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.324675] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.324698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.324722] ? __kthread_parkme+0x82/0x180 [ 16.324743] ? preempt_count_sub+0x50/0x80 [ 16.324767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.324792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.324815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.324839] kthread+0x337/0x6f0 [ 16.324859] ? trace_preempt_on+0x20/0xc0 [ 16.324882] ? __pfx_kthread+0x10/0x10 [ 16.324904] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.324925] ? calculate_sigpending+0x7b/0xa0 [ 16.324950] ? __pfx_kthread+0x10/0x10 [ 16.324972] ret_from_fork+0x116/0x1d0 [ 16.324991] ? __pfx_kthread+0x10/0x10 [ 16.325012] ret_from_fork_asm+0x1a/0x30 [ 16.325054] </TASK> [ 16.325067] [ 16.332569] Allocated by task 282: [ 16.332700] kasan_save_stack+0x45/0x70 [ 16.332927] kasan_save_track+0x18/0x40 [ 16.333172] kasan_save_alloc_info+0x3b/0x50 [ 16.333394] __kasan_kmalloc+0xb7/0xc0 [ 16.333595] __kmalloc_cache_noprof+0x189/0x420 [ 16.333865] kasan_atomics+0x95/0x310 [ 16.334036] kunit_try_run_case+0x1a5/0x480 [ 16.334244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.334422] kthread+0x337/0x6f0 [ 16.334560] ret_from_fork+0x116/0x1d0 [ 16.334878] ret_from_fork_asm+0x1a/0x30 [ 16.335362] [ 16.335450] The buggy address belongs to the object at ffff88810261fc00 [ 16.335450] which belongs to the cache kmalloc-64 of size 64 [ 16.335986] The buggy address is located 0 bytes to the right of [ 16.335986] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.336660] [ 16.336755] The buggy address belongs to the physical page: [ 16.337012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.337401] flags: 0x200000000000000(node=0|zone=2) [ 16.337635] page_type: f5(slab) [ 16.337761] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.337996] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.338273] page dumped because: kasan: bad access detected [ 16.338563] [ 16.338659] Memory state around the buggy address: [ 16.338887] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.339219] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.339440] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.339799] ^ [ 16.340029] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.340715] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341436] ================================================================== [ 16.631951] ================================================================== [ 16.632635] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 16.632952] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.633264] [ 16.633378] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.633421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.633435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.633456] Call Trace: [ 16.633471] <TASK> [ 16.633487] dump_stack_lvl+0x73/0xb0 [ 16.633525] print_report+0xd1/0x650 [ 16.633547] ? __virt_addr_valid+0x1db/0x2d0 [ 16.633575] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.633596] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.633622] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.633645] kasan_report+0x141/0x180 [ 16.633667] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.633694] kasan_check_range+0x10c/0x1c0 [ 16.633719] __kasan_check_write+0x18/0x20 [ 16.633738] kasan_atomics_helper+0x16e7/0x5450 [ 16.633760] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.633783] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.633808] ? kasan_atomics+0x152/0x310 [ 16.633835] kasan_atomics+0x1dc/0x310 [ 16.633858] ? __pfx_kasan_atomics+0x10/0x10 [ 16.633883] ? __pfx_read_tsc+0x10/0x10 [ 16.633905] ? ktime_get_ts64+0x86/0x230 [ 16.633929] kunit_try_run_case+0x1a5/0x480 [ 16.633954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.633976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.634001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.634024] ? __kthread_parkme+0x82/0x180 [ 16.634056] ? preempt_count_sub+0x50/0x80 [ 16.634080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.634104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.634128] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.634151] kthread+0x337/0x6f0 [ 16.634171] ? trace_preempt_on+0x20/0xc0 [ 16.634195] ? __pfx_kthread+0x10/0x10 [ 16.634216] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.634239] ? calculate_sigpending+0x7b/0xa0 [ 16.634263] ? __pfx_kthread+0x10/0x10 [ 16.634285] ret_from_fork+0x116/0x1d0 [ 16.634304] ? __pfx_kthread+0x10/0x10 [ 16.634325] ret_from_fork_asm+0x1a/0x30 [ 16.634357] </TASK> [ 16.634369] [ 16.641307] Allocated by task 282: [ 16.641483] kasan_save_stack+0x45/0x70 [ 16.641689] kasan_save_track+0x18/0x40 [ 16.641880] kasan_save_alloc_info+0x3b/0x50 [ 16.642133] __kasan_kmalloc+0xb7/0xc0 [ 16.642335] __kmalloc_cache_noprof+0x189/0x420 [ 16.642605] kasan_atomics+0x95/0x310 [ 16.642794] kunit_try_run_case+0x1a5/0x480 [ 16.643002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.643264] kthread+0x337/0x6f0 [ 16.643432] ret_from_fork+0x116/0x1d0 [ 16.643734] ret_from_fork_asm+0x1a/0x30 [ 16.643880] [ 16.643952] The buggy address belongs to the object at ffff88810261fc00 [ 16.643952] which belongs to the cache kmalloc-64 of size 64 [ 16.644315] The buggy address is located 0 bytes to the right of [ 16.644315] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.645287] [ 16.645394] The buggy address belongs to the physical page: [ 16.647680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.648087] flags: 0x200000000000000(node=0|zone=2) [ 16.648292] page_type: f5(slab) [ 16.648414] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.648734] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.649078] page dumped because: kasan: bad access detected [ 16.649253] [ 16.649325] Memory state around the buggy address: [ 16.649518] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.649784] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.652088] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.652429] ^ [ 16.652830] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.653078] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.653289] ================================================================== [ 17.122283] ================================================================== [ 17.122671] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 17.123017] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 17.123390] [ 17.123508] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.123582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.123596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.123617] Call Trace: [ 17.123633] <TASK> [ 17.123649] dump_stack_lvl+0x73/0xb0 [ 17.123675] print_report+0xd1/0x650 [ 17.123731] ? __virt_addr_valid+0x1db/0x2d0 [ 17.123753] ? kasan_atomics_helper+0x224c/0x5450 [ 17.123794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.123821] ? kasan_atomics_helper+0x224c/0x5450 [ 17.123874] kasan_report+0x141/0x180 [ 17.123898] ? kasan_atomics_helper+0x224c/0x5450 [ 17.123926] kasan_check_range+0x10c/0x1c0 [ 17.123950] __kasan_check_write+0x18/0x20 [ 17.123970] kasan_atomics_helper+0x224c/0x5450 [ 17.124020] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.124054] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.124079] ? kasan_atomics+0x152/0x310 [ 17.124134] kasan_atomics+0x1dc/0x310 [ 17.124158] ? __pfx_kasan_atomics+0x10/0x10 [ 17.124182] ? __pfx_read_tsc+0x10/0x10 [ 17.124203] ? ktime_get_ts64+0x86/0x230 [ 17.124228] kunit_try_run_case+0x1a5/0x480 [ 17.124252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.124306] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.124330] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.124353] ? __kthread_parkme+0x82/0x180 [ 17.124374] ? preempt_count_sub+0x50/0x80 [ 17.124424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.124450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.124473] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.124497] kthread+0x337/0x6f0 [ 17.124527] ? trace_preempt_on+0x20/0xc0 [ 17.124577] ? __pfx_kthread+0x10/0x10 [ 17.124599] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.124621] ? calculate_sigpending+0x7b/0xa0 [ 17.124645] ? __pfx_kthread+0x10/0x10 [ 17.124667] ret_from_fork+0x116/0x1d0 [ 17.124715] ? __pfx_kthread+0x10/0x10 [ 17.124759] ret_from_fork_asm+0x1a/0x30 [ 17.124817] </TASK> [ 17.124829] [ 17.133475] Allocated by task 282: [ 17.133712] kasan_save_stack+0x45/0x70 [ 17.133921] kasan_save_track+0x18/0x40 [ 17.134163] kasan_save_alloc_info+0x3b/0x50 [ 17.134392] __kasan_kmalloc+0xb7/0xc0 [ 17.134640] __kmalloc_cache_noprof+0x189/0x420 [ 17.134864] kasan_atomics+0x95/0x310 [ 17.135014] kunit_try_run_case+0x1a5/0x480 [ 17.135169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.135341] kthread+0x337/0x6f0 [ 17.135512] ret_from_fork+0x116/0x1d0 [ 17.135697] ret_from_fork_asm+0x1a/0x30 [ 17.136012] [ 17.136236] The buggy address belongs to the object at ffff88810261fc00 [ 17.136236] which belongs to the cache kmalloc-64 of size 64 [ 17.136885] The buggy address is located 0 bytes to the right of [ 17.136885] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 17.137369] [ 17.137501] The buggy address belongs to the physical page: [ 17.137771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 17.138027] flags: 0x200000000000000(node=0|zone=2) [ 17.138310] page_type: f5(slab) [ 17.138514] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.138831] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.139150] page dumped because: kasan: bad access detected [ 17.139427] [ 17.139530] Memory state around the buggy address: [ 17.139750] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.140101] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.140481] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.140828] ^ [ 17.141063] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.141311] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.141717] ================================================================== [ 16.280876] ================================================================== [ 16.281121] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 16.281458] Read of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.281798] [ 16.282007] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.282062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.282075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.282096] Call Trace: [ 16.282112] <TASK> [ 16.282127] dump_stack_lvl+0x73/0xb0 [ 16.282153] print_report+0xd1/0x650 [ 16.282176] ? __virt_addr_valid+0x1db/0x2d0 [ 16.282198] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.282220] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.282247] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.282269] kasan_report+0x141/0x180 [ 16.282293] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.282320] __asan_report_load4_noabort+0x18/0x20 [ 16.282344] kasan_atomics_helper+0x4a36/0x5450 [ 16.282367] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.282390] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.282414] ? kasan_atomics+0x152/0x310 [ 16.282441] kasan_atomics+0x1dc/0x310 [ 16.282464] ? __pfx_kasan_atomics+0x10/0x10 [ 16.282489] ? __pfx_read_tsc+0x10/0x10 [ 16.282566] ? ktime_get_ts64+0x86/0x230 [ 16.282593] kunit_try_run_case+0x1a5/0x480 [ 16.282618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.282640] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.282664] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.282688] ? __kthread_parkme+0x82/0x180 [ 16.282708] ? preempt_count_sub+0x50/0x80 [ 16.282732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.282757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.282780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.282804] kthread+0x337/0x6f0 [ 16.282823] ? trace_preempt_on+0x20/0xc0 [ 16.282846] ? __pfx_kthread+0x10/0x10 [ 16.282867] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.282889] ? calculate_sigpending+0x7b/0xa0 [ 16.282912] ? __pfx_kthread+0x10/0x10 [ 16.282934] ret_from_fork+0x116/0x1d0 [ 16.282953] ? __pfx_kthread+0x10/0x10 [ 16.282975] ret_from_fork_asm+0x1a/0x30 [ 16.283007] </TASK> [ 16.283018] [ 16.290925] Allocated by task 282: [ 16.291067] kasan_save_stack+0x45/0x70 [ 16.291257] kasan_save_track+0x18/0x40 [ 16.291449] kasan_save_alloc_info+0x3b/0x50 [ 16.291660] __kasan_kmalloc+0xb7/0xc0 [ 16.291851] __kmalloc_cache_noprof+0x189/0x420 [ 16.292223] kasan_atomics+0x95/0x310 [ 16.292383] kunit_try_run_case+0x1a5/0x480 [ 16.292573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.292829] kthread+0x337/0x6f0 [ 16.292998] ret_from_fork+0x116/0x1d0 [ 16.293366] ret_from_fork_asm+0x1a/0x30 [ 16.293613] [ 16.293706] The buggy address belongs to the object at ffff88810261fc00 [ 16.293706] which belongs to the cache kmalloc-64 of size 64 [ 16.294227] The buggy address is located 0 bytes to the right of [ 16.294227] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.294794] [ 16.294891] The buggy address belongs to the physical page: [ 16.295198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.295446] flags: 0x200000000000000(node=0|zone=2) [ 16.295900] page_type: f5(slab) [ 16.296125] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.296442] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.296770] page dumped because: kasan: bad access detected [ 16.296947] [ 16.297018] Memory state around the buggy address: [ 16.297255] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.297583] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.298330] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.298679] ^ [ 16.298907] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.299266] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.299596] ================================================================== [ 16.968573] ================================================================== [ 16.969215] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.969700] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.970006] [ 16.970127] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.970170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.970183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.970204] Call Trace: [ 16.970218] <TASK> [ 16.970233] dump_stack_lvl+0x73/0xb0 [ 16.970259] print_report+0xd1/0x650 [ 16.970281] ? __virt_addr_valid+0x1db/0x2d0 [ 16.970303] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.970325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.970350] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.970372] kasan_report+0x141/0x180 [ 16.970433] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.970461] kasan_check_range+0x10c/0x1c0 [ 16.970485] __kasan_check_write+0x18/0x20 [ 16.970504] kasan_atomics_helper+0x1f43/0x5450 [ 16.970540] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.970561] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.970619] ? kasan_atomics+0x152/0x310 [ 16.970646] kasan_atomics+0x1dc/0x310 [ 16.970669] ? __pfx_kasan_atomics+0x10/0x10 [ 16.970693] ? __pfx_read_tsc+0x10/0x10 [ 16.970715] ? ktime_get_ts64+0x86/0x230 [ 16.970771] kunit_try_run_case+0x1a5/0x480 [ 16.970795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.970817] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.970842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.970866] ? __kthread_parkme+0x82/0x180 [ 16.970918] ? preempt_count_sub+0x50/0x80 [ 16.970942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.970967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.970991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.971014] kthread+0x337/0x6f0 [ 16.971034] ? trace_preempt_on+0x20/0xc0 [ 16.971069] ? __pfx_kthread+0x10/0x10 [ 16.971090] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.971112] ? calculate_sigpending+0x7b/0xa0 [ 16.971136] ? __pfx_kthread+0x10/0x10 [ 16.971158] ret_from_fork+0x116/0x1d0 [ 16.971176] ? __pfx_kthread+0x10/0x10 [ 16.971197] ret_from_fork_asm+0x1a/0x30 [ 16.971228] </TASK> [ 16.971239] [ 16.979318] Allocated by task 282: [ 16.979496] kasan_save_stack+0x45/0x70 [ 16.979693] kasan_save_track+0x18/0x40 [ 16.979923] kasan_save_alloc_info+0x3b/0x50 [ 16.980155] __kasan_kmalloc+0xb7/0xc0 [ 16.980315] __kmalloc_cache_noprof+0x189/0x420 [ 16.980466] kasan_atomics+0x95/0x310 [ 16.980716] kunit_try_run_case+0x1a5/0x480 [ 16.981002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.981228] kthread+0x337/0x6f0 [ 16.981537] ret_from_fork+0x116/0x1d0 [ 16.981889] ret_from_fork_asm+0x1a/0x30 [ 16.982093] [ 16.982188] The buggy address belongs to the object at ffff88810261fc00 [ 16.982188] which belongs to the cache kmalloc-64 of size 64 [ 16.982708] The buggy address is located 0 bytes to the right of [ 16.982708] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.983227] [ 16.983298] The buggy address belongs to the physical page: [ 16.983464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.984212] flags: 0x200000000000000(node=0|zone=2) [ 16.984445] page_type: f5(slab) [ 16.984692] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.985058] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.985382] page dumped because: kasan: bad access detected [ 16.985625] [ 16.985754] Memory state around the buggy address: [ 16.985999] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.986225] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.986433] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.987072] ^ [ 16.987364] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.987921] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.988210] ================================================================== [ 16.053633] ================================================================== [ 16.053936] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 16.054573] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.055155] [ 16.055415] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.055477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.055491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.055514] Call Trace: [ 16.055529] <TASK> [ 16.055545] dump_stack_lvl+0x73/0xb0 [ 16.055574] print_report+0xd1/0x650 [ 16.055597] ? __virt_addr_valid+0x1db/0x2d0 [ 16.055620] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.055641] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.055668] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.055689] kasan_report+0x141/0x180 [ 16.055714] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.055741] kasan_check_range+0x10c/0x1c0 [ 16.055765] __kasan_check_write+0x18/0x20 [ 16.055785] kasan_atomics_helper+0xb6a/0x5450 [ 16.055807] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.055830] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.055855] ? kasan_atomics+0x152/0x310 [ 16.055883] kasan_atomics+0x1dc/0x310 [ 16.055906] ? __pfx_kasan_atomics+0x10/0x10 [ 16.055931] ? __pfx_read_tsc+0x10/0x10 [ 16.055952] ? ktime_get_ts64+0x86/0x230 [ 16.055977] kunit_try_run_case+0x1a5/0x480 [ 16.056002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.056025] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.056058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.056132] ? __kthread_parkme+0x82/0x180 [ 16.056153] ? preempt_count_sub+0x50/0x80 [ 16.056177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.056202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.056226] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.056249] kthread+0x337/0x6f0 [ 16.056269] ? trace_preempt_on+0x20/0xc0 [ 16.056293] ? __pfx_kthread+0x10/0x10 [ 16.056313] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.056335] ? calculate_sigpending+0x7b/0xa0 [ 16.056360] ? __pfx_kthread+0x10/0x10 [ 16.056382] ret_from_fork+0x116/0x1d0 [ 16.056401] ? __pfx_kthread+0x10/0x10 [ 16.056422] ret_from_fork_asm+0x1a/0x30 [ 16.056454] </TASK> [ 16.056467] [ 16.068737] Allocated by task 282: [ 16.068913] kasan_save_stack+0x45/0x70 [ 16.069129] kasan_save_track+0x18/0x40 [ 16.069748] kasan_save_alloc_info+0x3b/0x50 [ 16.070117] __kasan_kmalloc+0xb7/0xc0 [ 16.070430] __kmalloc_cache_noprof+0x189/0x420 [ 16.070825] kasan_atomics+0x95/0x310 [ 16.071017] kunit_try_run_case+0x1a5/0x480 [ 16.071399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.071666] kthread+0x337/0x6f0 [ 16.071986] ret_from_fork+0x116/0x1d0 [ 16.072359] ret_from_fork_asm+0x1a/0x30 [ 16.072567] [ 16.072770] The buggy address belongs to the object at ffff88810261fc00 [ 16.072770] which belongs to the cache kmalloc-64 of size 64 [ 16.073545] The buggy address is located 0 bytes to the right of [ 16.073545] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.074421] [ 16.074563] The buggy address belongs to the physical page: [ 16.074759] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.075438] flags: 0x200000000000000(node=0|zone=2) [ 16.075647] page_type: f5(slab) [ 16.075956] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.076540] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.076960] page dumped because: kasan: bad access detected [ 16.077371] [ 16.077477] Memory state around the buggy address: [ 16.077913] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.078551] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.078861] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.079315] ^ [ 16.079497] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.080289] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.080789] ================================================================== [ 16.809994] ================================================================== [ 16.810557] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.811198] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.811812] [ 16.811997] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.812054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.812067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.812091] Call Trace: [ 16.812106] <TASK> [ 16.812124] dump_stack_lvl+0x73/0xb0 [ 16.812152] print_report+0xd1/0x650 [ 16.812174] ? __virt_addr_valid+0x1db/0x2d0 [ 16.812197] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.812219] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.812245] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.812268] kasan_report+0x141/0x180 [ 16.812289] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.812317] kasan_check_range+0x10c/0x1c0 [ 16.812341] __kasan_check_write+0x18/0x20 [ 16.812361] kasan_atomics_helper+0x1c18/0x5450 [ 16.812383] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.812404] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.812430] ? kasan_atomics+0x152/0x310 [ 16.812456] kasan_atomics+0x1dc/0x310 [ 16.812479] ? __pfx_kasan_atomics+0x10/0x10 [ 16.812503] ? __pfx_read_tsc+0x10/0x10 [ 16.812525] ? ktime_get_ts64+0x86/0x230 [ 16.812550] kunit_try_run_case+0x1a5/0x480 [ 16.812574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.812596] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.812620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.812644] ? __kthread_parkme+0x82/0x180 [ 16.812674] ? preempt_count_sub+0x50/0x80 [ 16.812698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.812722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.812746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.812769] kthread+0x337/0x6f0 [ 16.812790] ? trace_preempt_on+0x20/0xc0 [ 16.812814] ? __pfx_kthread+0x10/0x10 [ 16.812835] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.812857] ? calculate_sigpending+0x7b/0xa0 [ 16.812881] ? __pfx_kthread+0x10/0x10 [ 16.812903] ret_from_fork+0x116/0x1d0 [ 16.812921] ? __pfx_kthread+0x10/0x10 [ 16.812943] ret_from_fork_asm+0x1a/0x30 [ 16.812974] </TASK> [ 16.812986] [ 16.824008] Allocated by task 282: [ 16.824152] kasan_save_stack+0x45/0x70 [ 16.824296] kasan_save_track+0x18/0x40 [ 16.824433] kasan_save_alloc_info+0x3b/0x50 [ 16.824609] __kasan_kmalloc+0xb7/0xc0 [ 16.824936] __kmalloc_cache_noprof+0x189/0x420 [ 16.825345] kasan_atomics+0x95/0x310 [ 16.825710] kunit_try_run_case+0x1a5/0x480 [ 16.826086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.826670] kthread+0x337/0x6f0 [ 16.826978] ret_from_fork+0x116/0x1d0 [ 16.827388] ret_from_fork_asm+0x1a/0x30 [ 16.827760] [ 16.827928] The buggy address belongs to the object at ffff88810261fc00 [ 16.827928] which belongs to the cache kmalloc-64 of size 64 [ 16.828991] The buggy address is located 0 bytes to the right of [ 16.828991] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.830293] [ 16.830453] The buggy address belongs to the physical page: [ 16.831003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.831296] flags: 0x200000000000000(node=0|zone=2) [ 16.831462] page_type: f5(slab) [ 16.831716] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.832369] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.833121] page dumped because: kasan: bad access detected [ 16.833636] [ 16.833793] Memory state around the buggy address: [ 16.834199] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.834569] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.835197] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.835455] ^ [ 16.835648] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.836107] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.836621] ================================================================== [ 15.682380] ================================================================== [ 15.682839] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 15.683307] Read of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.683644] [ 15.683770] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.683849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.683862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.683884] Call Trace: [ 15.683902] <TASK> [ 15.683920] dump_stack_lvl+0x73/0xb0 [ 15.683981] print_report+0xd1/0x650 [ 15.684004] ? __virt_addr_valid+0x1db/0x2d0 [ 15.684027] ? kasan_atomics_helper+0x3df/0x5450 [ 15.684107] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.684137] ? kasan_atomics_helper+0x3df/0x5450 [ 15.684199] kasan_report+0x141/0x180 [ 15.684222] ? kasan_atomics_helper+0x3df/0x5450 [ 15.684249] kasan_check_range+0x10c/0x1c0 [ 15.684273] __kasan_check_read+0x15/0x20 [ 15.684292] kasan_atomics_helper+0x3df/0x5450 [ 15.684315] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.684337] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.684361] ? kasan_atomics+0x152/0x310 [ 15.684389] kasan_atomics+0x1dc/0x310 [ 15.684413] ? __pfx_kasan_atomics+0x10/0x10 [ 15.684437] ? __pfx_read_tsc+0x10/0x10 [ 15.684459] ? ktime_get_ts64+0x86/0x230 [ 15.684484] kunit_try_run_case+0x1a5/0x480 [ 15.684509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.684531] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.684555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.684579] ? __kthread_parkme+0x82/0x180 [ 15.684601] ? preempt_count_sub+0x50/0x80 [ 15.684626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.684652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.684676] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.684700] kthread+0x337/0x6f0 [ 15.684720] ? trace_preempt_on+0x20/0xc0 [ 15.684743] ? __pfx_kthread+0x10/0x10 [ 15.684764] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.684788] ? calculate_sigpending+0x7b/0xa0 [ 15.684812] ? __pfx_kthread+0x10/0x10 [ 15.684833] ret_from_fork+0x116/0x1d0 [ 15.684852] ? __pfx_kthread+0x10/0x10 [ 15.684873] ret_from_fork_asm+0x1a/0x30 [ 15.684906] </TASK> [ 15.684918] [ 15.694588] Allocated by task 282: [ 15.694810] kasan_save_stack+0x45/0x70 [ 15.694960] kasan_save_track+0x18/0x40 [ 15.695105] kasan_save_alloc_info+0x3b/0x50 [ 15.695357] __kasan_kmalloc+0xb7/0xc0 [ 15.695613] __kmalloc_cache_noprof+0x189/0x420 [ 15.695957] kasan_atomics+0x95/0x310 [ 15.696339] kunit_try_run_case+0x1a5/0x480 [ 15.696557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.696885] kthread+0x337/0x6f0 [ 15.697251] ret_from_fork+0x116/0x1d0 [ 15.697416] ret_from_fork_asm+0x1a/0x30 [ 15.697746] [ 15.697825] The buggy address belongs to the object at ffff88810261fc00 [ 15.697825] which belongs to the cache kmalloc-64 of size 64 [ 15.698372] The buggy address is located 0 bytes to the right of [ 15.698372] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.699256] [ 15.699338] The buggy address belongs to the physical page: [ 15.699614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.699985] flags: 0x200000000000000(node=0|zone=2) [ 15.700339] page_type: f5(slab) [ 15.700502] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.700736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.701187] page dumped because: kasan: bad access detected [ 15.701372] [ 15.701442] Memory state around the buggy address: [ 15.701852] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.702227] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.702776] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.703086] ^ [ 15.703264] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.703673] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.704063] ================================================================== [ 16.949728] ================================================================== [ 16.950218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.950606] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.950910] [ 16.951075] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.951126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.951140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.951161] Call Trace: [ 16.951178] <TASK> [ 16.951195] dump_stack_lvl+0x73/0xb0 [ 16.951222] print_report+0xd1/0x650 [ 16.951244] ? __virt_addr_valid+0x1db/0x2d0 [ 16.951268] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.951290] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.951316] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.951338] kasan_report+0x141/0x180 [ 16.951360] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.951386] kasan_check_range+0x10c/0x1c0 [ 16.951411] __kasan_check_write+0x18/0x20 [ 16.951430] kasan_atomics_helper+0x1eaa/0x5450 [ 16.951454] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.951476] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.951502] ? kasan_atomics+0x152/0x310 [ 16.951529] kasan_atomics+0x1dc/0x310 [ 16.951553] ? __pfx_kasan_atomics+0x10/0x10 [ 16.951577] ? __pfx_read_tsc+0x10/0x10 [ 16.951599] ? ktime_get_ts64+0x86/0x230 [ 16.951625] kunit_try_run_case+0x1a5/0x480 [ 16.951649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.951672] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.951695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.951718] ? __kthread_parkme+0x82/0x180 [ 16.951739] ? preempt_count_sub+0x50/0x80 [ 16.951763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.951787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.951811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.951835] kthread+0x337/0x6f0 [ 16.951855] ? trace_preempt_on+0x20/0xc0 [ 16.951877] ? __pfx_kthread+0x10/0x10 [ 16.951897] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.951919] ? calculate_sigpending+0x7b/0xa0 [ 16.951942] ? __pfx_kthread+0x10/0x10 [ 16.951964] ret_from_fork+0x116/0x1d0 [ 16.951983] ? __pfx_kthread+0x10/0x10 [ 16.952004] ret_from_fork_asm+0x1a/0x30 [ 16.952035] </TASK> [ 16.952055] [ 16.960186] Allocated by task 282: [ 16.960428] kasan_save_stack+0x45/0x70 [ 16.960654] kasan_save_track+0x18/0x40 [ 16.960865] kasan_save_alloc_info+0x3b/0x50 [ 16.961117] __kasan_kmalloc+0xb7/0xc0 [ 16.961309] __kmalloc_cache_noprof+0x189/0x420 [ 16.961528] kasan_atomics+0x95/0x310 [ 16.961733] kunit_try_run_case+0x1a5/0x480 [ 16.961970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.962254] kthread+0x337/0x6f0 [ 16.962443] ret_from_fork+0x116/0x1d0 [ 16.962678] ret_from_fork_asm+0x1a/0x30 [ 16.962878] [ 16.963003] The buggy address belongs to the object at ffff88810261fc00 [ 16.963003] which belongs to the cache kmalloc-64 of size 64 [ 16.963514] The buggy address is located 0 bytes to the right of [ 16.963514] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.963976] [ 16.964063] The buggy address belongs to the physical page: [ 16.964231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.964572] flags: 0x200000000000000(node=0|zone=2) [ 16.964802] page_type: f5(slab) [ 16.964967] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.965321] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.965621] page dumped because: kasan: bad access detected [ 16.965908] [ 16.966073] Memory state around the buggy address: [ 16.966346] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.966650] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.966861] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.967080] ^ [ 16.967242] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.967644] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.968068] ================================================================== [ 15.775930] ================================================================== [ 15.776579] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.777060] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.777491] [ 15.777676] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.777791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.777805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.777841] Call Trace: [ 15.777861] <TASK> [ 15.777880] dump_stack_lvl+0x73/0xb0 [ 15.777909] print_report+0xd1/0x650 [ 15.777933] ? __virt_addr_valid+0x1db/0x2d0 [ 15.777958] ? kasan_atomics_helper+0x565/0x5450 [ 15.778061] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.778090] ? kasan_atomics_helper+0x565/0x5450 [ 15.778114] kasan_report+0x141/0x180 [ 15.778137] ? kasan_atomics_helper+0x565/0x5450 [ 15.778164] kasan_check_range+0x10c/0x1c0 [ 15.778188] __kasan_check_write+0x18/0x20 [ 15.778208] kasan_atomics_helper+0x565/0x5450 [ 15.778243] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.778267] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.778293] ? kasan_atomics+0x152/0x310 [ 15.778319] kasan_atomics+0x1dc/0x310 [ 15.778342] ? __pfx_kasan_atomics+0x10/0x10 [ 15.778366] ? __pfx_read_tsc+0x10/0x10 [ 15.778387] ? ktime_get_ts64+0x86/0x230 [ 15.778412] kunit_try_run_case+0x1a5/0x480 [ 15.778438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.778461] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.778485] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.778510] ? __kthread_parkme+0x82/0x180 [ 15.778531] ? preempt_count_sub+0x50/0x80 [ 15.778556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.778581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.778604] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.778627] kthread+0x337/0x6f0 [ 15.778648] ? trace_preempt_on+0x20/0xc0 [ 15.778672] ? __pfx_kthread+0x10/0x10 [ 15.778693] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.778717] ? calculate_sigpending+0x7b/0xa0 [ 15.778741] ? __pfx_kthread+0x10/0x10 [ 15.778763] ret_from_fork+0x116/0x1d0 [ 15.778782] ? __pfx_kthread+0x10/0x10 [ 15.778803] ret_from_fork_asm+0x1a/0x30 [ 15.778835] </TASK> [ 15.778847] [ 15.788489] Allocated by task 282: [ 15.788735] kasan_save_stack+0x45/0x70 [ 15.788901] kasan_save_track+0x18/0x40 [ 15.789037] kasan_save_alloc_info+0x3b/0x50 [ 15.789199] __kasan_kmalloc+0xb7/0xc0 [ 15.789668] __kmalloc_cache_noprof+0x189/0x420 [ 15.790200] kasan_atomics+0x95/0x310 [ 15.790471] kunit_try_run_case+0x1a5/0x480 [ 15.790700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.790933] kthread+0x337/0x6f0 [ 15.791106] ret_from_fork+0x116/0x1d0 [ 15.791611] ret_from_fork_asm+0x1a/0x30 [ 15.791845] [ 15.791919] The buggy address belongs to the object at ffff88810261fc00 [ 15.791919] which belongs to the cache kmalloc-64 of size 64 [ 15.792379] The buggy address is located 0 bytes to the right of [ 15.792379] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.793396] [ 15.793672] The buggy address belongs to the physical page: [ 15.793862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.794341] flags: 0x200000000000000(node=0|zone=2) [ 15.794706] page_type: f5(slab) [ 15.795181] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.795656] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.795957] page dumped because: kasan: bad access detected [ 15.796488] [ 15.796597] Memory state around the buggy address: [ 15.796852] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.797307] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.797774] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.798210] ^ [ 15.798506] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.798990] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.799436] ================================================================== [ 15.879451] ================================================================== [ 15.880253] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.880786] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.881395] [ 15.881633] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.881785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.881804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.881829] Call Trace: [ 15.881849] <TASK> [ 15.881868] dump_stack_lvl+0x73/0xb0 [ 15.881898] print_report+0xd1/0x650 [ 15.881921] ? __virt_addr_valid+0x1db/0x2d0 [ 15.881944] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.881966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.881993] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.882015] kasan_report+0x141/0x180 [ 15.882037] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.882170] kasan_check_range+0x10c/0x1c0 [ 15.882198] __kasan_check_write+0x18/0x20 [ 15.882218] kasan_atomics_helper+0x7c7/0x5450 [ 15.882242] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.882265] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.882290] ? kasan_atomics+0x152/0x310 [ 15.882318] kasan_atomics+0x1dc/0x310 [ 15.882340] ? __pfx_kasan_atomics+0x10/0x10 [ 15.882365] ? __pfx_read_tsc+0x10/0x10 [ 15.882387] ? ktime_get_ts64+0x86/0x230 [ 15.882412] kunit_try_run_case+0x1a5/0x480 [ 15.882438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.882460] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.882484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.882509] ? __kthread_parkme+0x82/0x180 [ 15.882530] ? preempt_count_sub+0x50/0x80 [ 15.882554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.882579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.882603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.882627] kthread+0x337/0x6f0 [ 15.882646] ? trace_preempt_on+0x20/0xc0 [ 15.882671] ? __pfx_kthread+0x10/0x10 [ 15.882692] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.882714] ? calculate_sigpending+0x7b/0xa0 [ 15.882737] ? __pfx_kthread+0x10/0x10 [ 15.882760] ret_from_fork+0x116/0x1d0 [ 15.882778] ? __pfx_kthread+0x10/0x10 [ 15.882801] ret_from_fork_asm+0x1a/0x30 [ 15.882833] </TASK> [ 15.882846] [ 15.895714] Allocated by task 282: [ 15.895895] kasan_save_stack+0x45/0x70 [ 15.896340] kasan_save_track+0x18/0x40 [ 15.896671] kasan_save_alloc_info+0x3b/0x50 [ 15.897003] __kasan_kmalloc+0xb7/0xc0 [ 15.897431] __kmalloc_cache_noprof+0x189/0x420 [ 15.897760] kasan_atomics+0x95/0x310 [ 15.897937] kunit_try_run_case+0x1a5/0x480 [ 15.898587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.898830] kthread+0x337/0x6f0 [ 15.899231] ret_from_fork+0x116/0x1d0 [ 15.899430] ret_from_fork_asm+0x1a/0x30 [ 15.899579] [ 15.899679] The buggy address belongs to the object at ffff88810261fc00 [ 15.899679] which belongs to the cache kmalloc-64 of size 64 [ 15.900659] The buggy address is located 0 bytes to the right of [ 15.900659] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.901421] [ 15.901835] The buggy address belongs to the physical page: [ 15.902098] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.902725] flags: 0x200000000000000(node=0|zone=2) [ 15.903091] page_type: f5(slab) [ 15.903498] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.903972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.904451] page dumped because: kasan: bad access detected [ 15.904901] [ 15.904999] Memory state around the buggy address: [ 15.905476] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.906005] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.906641] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.907104] ^ [ 15.907546] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.907857] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.908465] ================================================================== [ 16.025912] ================================================================== [ 16.026767] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 16.027290] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.027539] [ 16.027873] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.028004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.028021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.028054] Call Trace: [ 16.028080] <TASK> [ 16.028097] dump_stack_lvl+0x73/0xb0 [ 16.028126] print_report+0xd1/0x650 [ 16.028149] ? __virt_addr_valid+0x1db/0x2d0 [ 16.028172] ? kasan_atomics_helper+0xac7/0x5450 [ 16.028193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.028219] ? kasan_atomics_helper+0xac7/0x5450 [ 16.028241] kasan_report+0x141/0x180 [ 16.028264] ? kasan_atomics_helper+0xac7/0x5450 [ 16.028290] kasan_check_range+0x10c/0x1c0 [ 16.028315] __kasan_check_write+0x18/0x20 [ 16.028335] kasan_atomics_helper+0xac7/0x5450 [ 16.028357] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.028380] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.028405] ? kasan_atomics+0x152/0x310 [ 16.028432] kasan_atomics+0x1dc/0x310 [ 16.028455] ? __pfx_kasan_atomics+0x10/0x10 [ 16.028480] ? __pfx_read_tsc+0x10/0x10 [ 16.028501] ? ktime_get_ts64+0x86/0x230 [ 16.028577] kunit_try_run_case+0x1a5/0x480 [ 16.028602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.028625] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.028648] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.028671] ? __kthread_parkme+0x82/0x180 [ 16.028693] ? preempt_count_sub+0x50/0x80 [ 16.028717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.028742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.028765] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.028788] kthread+0x337/0x6f0 [ 16.028809] ? trace_preempt_on+0x20/0xc0 [ 16.028832] ? __pfx_kthread+0x10/0x10 [ 16.028853] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.028875] ? calculate_sigpending+0x7b/0xa0 [ 16.028900] ? __pfx_kthread+0x10/0x10 [ 16.028922] ret_from_fork+0x116/0x1d0 [ 16.028941] ? __pfx_kthread+0x10/0x10 [ 16.028961] ret_from_fork_asm+0x1a/0x30 [ 16.028993] </TASK> [ 16.029005] [ 16.041098] Allocated by task 282: [ 16.041269] kasan_save_stack+0x45/0x70 [ 16.041716] kasan_save_track+0x18/0x40 [ 16.041906] kasan_save_alloc_info+0x3b/0x50 [ 16.042114] __kasan_kmalloc+0xb7/0xc0 [ 16.042289] __kmalloc_cache_noprof+0x189/0x420 [ 16.042493] kasan_atomics+0x95/0x310 [ 16.043176] kunit_try_run_case+0x1a5/0x480 [ 16.043342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.043870] kthread+0x337/0x6f0 [ 16.044136] ret_from_fork+0x116/0x1d0 [ 16.044380] ret_from_fork_asm+0x1a/0x30 [ 16.044757] [ 16.044864] The buggy address belongs to the object at ffff88810261fc00 [ 16.044864] which belongs to the cache kmalloc-64 of size 64 [ 16.045543] The buggy address is located 0 bytes to the right of [ 16.045543] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.046406] [ 16.046493] The buggy address belongs to the physical page: [ 16.047183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.047635] flags: 0x200000000000000(node=0|zone=2) [ 16.047953] page_type: f5(slab) [ 16.048093] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.048703] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.049029] page dumped because: kasan: bad access detected [ 16.049490] [ 16.049617] Memory state around the buggy address: [ 16.050149] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.050607] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.051022] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.051691] ^ [ 16.052006] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.052431] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.052888] ================================================================== [ 15.627844] ================================================================== [ 15.629075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 15.629932] Read of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.630656] [ 15.630754] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.630801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.630813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.630834] Call Trace: [ 15.630853] <TASK> [ 15.630873] dump_stack_lvl+0x73/0xb0 [ 15.630901] print_report+0xd1/0x650 [ 15.630923] ? __virt_addr_valid+0x1db/0x2d0 [ 15.630946] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.630966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.630991] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.631011] kasan_report+0x141/0x180 [ 15.631032] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.631072] __asan_report_load4_noabort+0x18/0x20 [ 15.631097] kasan_atomics_helper+0x4b88/0x5450 [ 15.631118] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.631139] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.631164] ? kasan_atomics+0x152/0x310 [ 15.631189] kasan_atomics+0x1dc/0x310 [ 15.631210] ? __pfx_kasan_atomics+0x10/0x10 [ 15.631233] ? __pfx_read_tsc+0x10/0x10 [ 15.631253] ? ktime_get_ts64+0x86/0x230 [ 15.631278] kunit_try_run_case+0x1a5/0x480 [ 15.631303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.631324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.631348] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.631370] ? __kthread_parkme+0x82/0x180 [ 15.631390] ? preempt_count_sub+0x50/0x80 [ 15.631413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.631436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.631459] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.631481] kthread+0x337/0x6f0 [ 15.631500] ? trace_preempt_on+0x20/0xc0 [ 15.631522] ? __pfx_kthread+0x10/0x10 [ 15.631541] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.631562] ? calculate_sigpending+0x7b/0xa0 [ 15.631585] ? __pfx_kthread+0x10/0x10 [ 15.631606] ret_from_fork+0x116/0x1d0 [ 15.631623] ? __pfx_kthread+0x10/0x10 [ 15.631643] ret_from_fork_asm+0x1a/0x30 [ 15.631674] </TASK> [ 15.631685] [ 15.647851] Allocated by task 282: [ 15.648353] kasan_save_stack+0x45/0x70 [ 15.648770] kasan_save_track+0x18/0x40 [ 15.649236] kasan_save_alloc_info+0x3b/0x50 [ 15.649395] __kasan_kmalloc+0xb7/0xc0 [ 15.649579] __kmalloc_cache_noprof+0x189/0x420 [ 15.650031] kasan_atomics+0x95/0x310 [ 15.650524] kunit_try_run_case+0x1a5/0x480 [ 15.650927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.651426] kthread+0x337/0x6f0 [ 15.651835] ret_from_fork+0x116/0x1d0 [ 15.652184] ret_from_fork_asm+0x1a/0x30 [ 15.652556] [ 15.652636] The buggy address belongs to the object at ffff88810261fc00 [ 15.652636] which belongs to the cache kmalloc-64 of size 64 [ 15.652993] The buggy address is located 0 bytes to the right of [ 15.652993] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.653871] [ 15.653985] The buggy address belongs to the physical page: [ 15.654539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.654947] flags: 0x200000000000000(node=0|zone=2) [ 15.655293] page_type: f5(slab) [ 15.655472] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.655940] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.656326] page dumped because: kasan: bad access detected [ 15.656668] [ 15.656774] Memory state around the buggy address: [ 15.656986] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.657658] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.657959] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.658364] ^ [ 15.658772] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.659095] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.659554] ================================================================== [ 17.045861] ================================================================== [ 17.046324] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 17.046550] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 17.046764] [ 17.046844] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.046885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.046897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.046920] Call Trace: [ 17.046933] <TASK> [ 17.046949] dump_stack_lvl+0x73/0xb0 [ 17.046973] print_report+0xd1/0x650 [ 17.046995] ? __virt_addr_valid+0x1db/0x2d0 [ 17.047016] ? kasan_atomics_helper+0x20c8/0x5450 [ 17.047037] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.047074] ? kasan_atomics_helper+0x20c8/0x5450 [ 17.047113] kasan_report+0x141/0x180 [ 17.047135] ? kasan_atomics_helper+0x20c8/0x5450 [ 17.047200] kasan_check_range+0x10c/0x1c0 [ 17.047250] __kasan_check_write+0x18/0x20 [ 17.047270] kasan_atomics_helper+0x20c8/0x5450 [ 17.047292] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.047315] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.047340] ? kasan_atomics+0x152/0x310 [ 17.047366] kasan_atomics+0x1dc/0x310 [ 17.047389] ? __pfx_kasan_atomics+0x10/0x10 [ 17.047414] ? __pfx_read_tsc+0x10/0x10 [ 17.047435] ? ktime_get_ts64+0x86/0x230 [ 17.047458] kunit_try_run_case+0x1a5/0x480 [ 17.047483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.047516] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.047539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.047593] ? __kthread_parkme+0x82/0x180 [ 17.047614] ? preempt_count_sub+0x50/0x80 [ 17.047639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.047664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.047687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.047740] kthread+0x337/0x6f0 [ 17.047761] ? trace_preempt_on+0x20/0xc0 [ 17.047783] ? __pfx_kthread+0x10/0x10 [ 17.047807] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.047829] ? calculate_sigpending+0x7b/0xa0 [ 17.047883] ? __pfx_kthread+0x10/0x10 [ 17.047905] ret_from_fork+0x116/0x1d0 [ 17.047924] ? __pfx_kthread+0x10/0x10 [ 17.047945] ret_from_fork_asm+0x1a/0x30 [ 17.047979] </TASK> [ 17.048022] [ 17.056275] Allocated by task 282: [ 17.056467] kasan_save_stack+0x45/0x70 [ 17.056696] kasan_save_track+0x18/0x40 [ 17.056891] kasan_save_alloc_info+0x3b/0x50 [ 17.057072] __kasan_kmalloc+0xb7/0xc0 [ 17.057304] __kmalloc_cache_noprof+0x189/0x420 [ 17.057580] kasan_atomics+0x95/0x310 [ 17.057776] kunit_try_run_case+0x1a5/0x480 [ 17.057918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.058097] kthread+0x337/0x6f0 [ 17.058215] ret_from_fork+0x116/0x1d0 [ 17.058390] ret_from_fork_asm+0x1a/0x30 [ 17.058583] [ 17.058676] The buggy address belongs to the object at ffff88810261fc00 [ 17.058676] which belongs to the cache kmalloc-64 of size 64 [ 17.059232] The buggy address is located 0 bytes to the right of [ 17.059232] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 17.059768] [ 17.059863] The buggy address belongs to the physical page: [ 17.060106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 17.060522] flags: 0x200000000000000(node=0|zone=2) [ 17.060753] page_type: f5(slab) [ 17.060871] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.061107] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.061326] page dumped because: kasan: bad access detected [ 17.061518] [ 17.061621] Memory state around the buggy address: [ 17.061886] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.062226] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.062640] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.062985] ^ [ 17.063226] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.063582] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.063905] ================================================================== [ 16.921016] ================================================================== [ 16.921803] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.922489] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.922884] [ 16.922974] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.923018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.923031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.923067] Call Trace: [ 16.923082] <TASK> [ 16.923099] dump_stack_lvl+0x73/0xb0 [ 16.923128] print_report+0xd1/0x650 [ 16.923150] ? __virt_addr_valid+0x1db/0x2d0 [ 16.923173] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.923194] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.923220] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.923242] kasan_report+0x141/0x180 [ 16.923266] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.923294] kasan_check_range+0x10c/0x1c0 [ 16.923318] __kasan_check_write+0x18/0x20 [ 16.923337] kasan_atomics_helper+0x1e12/0x5450 [ 16.923360] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.923383] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.923409] ? kasan_atomics+0x152/0x310 [ 16.923436] kasan_atomics+0x1dc/0x310 [ 16.923459] ? __pfx_kasan_atomics+0x10/0x10 [ 16.923485] ? __pfx_read_tsc+0x10/0x10 [ 16.923535] ? ktime_get_ts64+0x86/0x230 [ 16.923559] kunit_try_run_case+0x1a5/0x480 [ 16.923624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.923649] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.923672] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.923696] ? __kthread_parkme+0x82/0x180 [ 16.923717] ? preempt_count_sub+0x50/0x80 [ 16.923768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.923793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.923816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.923840] kthread+0x337/0x6f0 [ 16.923859] ? trace_preempt_on+0x20/0xc0 [ 16.923883] ? __pfx_kthread+0x10/0x10 [ 16.923903] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.923925] ? calculate_sigpending+0x7b/0xa0 [ 16.923948] ? __pfx_kthread+0x10/0x10 [ 16.923971] ret_from_fork+0x116/0x1d0 [ 16.923990] ? __pfx_kthread+0x10/0x10 [ 16.924011] ret_from_fork_asm+0x1a/0x30 [ 16.924051] </TASK> [ 16.924064] [ 16.937125] Allocated by task 282: [ 16.937526] kasan_save_stack+0x45/0x70 [ 16.937909] kasan_save_track+0x18/0x40 [ 16.938292] kasan_save_alloc_info+0x3b/0x50 [ 16.938715] __kasan_kmalloc+0xb7/0xc0 [ 16.939093] __kmalloc_cache_noprof+0x189/0x420 [ 16.939404] kasan_atomics+0x95/0x310 [ 16.939710] kunit_try_run_case+0x1a5/0x480 [ 16.940118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.940524] kthread+0x337/0x6f0 [ 16.940828] ret_from_fork+0x116/0x1d0 [ 16.940963] ret_from_fork_asm+0x1a/0x30 [ 16.941113] [ 16.941186] The buggy address belongs to the object at ffff88810261fc00 [ 16.941186] which belongs to the cache kmalloc-64 of size 64 [ 16.941690] The buggy address is located 0 bytes to the right of [ 16.941690] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.942824] [ 16.943020] The buggy address belongs to the physical page: [ 16.943559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.944254] flags: 0x200000000000000(node=0|zone=2) [ 16.944732] page_type: f5(slab) [ 16.944974] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.945267] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.945547] page dumped because: kasan: bad access detected [ 16.946099] [ 16.946292] Memory state around the buggy address: [ 16.946755] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.947389] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.947822] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.948052] ^ [ 16.948222] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.948600] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.948874] ================================================================== [ 16.403968] ================================================================== [ 16.404406] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 16.404663] Read of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.404990] [ 16.405111] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.405156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.405169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.405191] Call Trace: [ 16.405207] <TASK> [ 16.405224] dump_stack_lvl+0x73/0xb0 [ 16.405253] print_report+0xd1/0x650 [ 16.405276] ? __virt_addr_valid+0x1db/0x2d0 [ 16.405299] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.405320] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.405346] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.405368] kasan_report+0x141/0x180 [ 16.405391] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.405417] __asan_report_load4_noabort+0x18/0x20 [ 16.405441] kasan_atomics_helper+0x49e8/0x5450 [ 16.405464] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.405486] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.406259] ? kasan_atomics+0x152/0x310 [ 16.406297] kasan_atomics+0x1dc/0x310 [ 16.406321] ? __pfx_kasan_atomics+0x10/0x10 [ 16.406347] ? __pfx_read_tsc+0x10/0x10 [ 16.406369] ? ktime_get_ts64+0x86/0x230 [ 16.406394] kunit_try_run_case+0x1a5/0x480 [ 16.406418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.406441] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.406464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.406488] ? __kthread_parkme+0x82/0x180 [ 16.406509] ? preempt_count_sub+0x50/0x80 [ 16.406533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.406557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.406580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.406604] kthread+0x337/0x6f0 [ 16.406623] ? trace_preempt_on+0x20/0xc0 [ 16.406648] ? __pfx_kthread+0x10/0x10 [ 16.406669] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.406691] ? calculate_sigpending+0x7b/0xa0 [ 16.406714] ? __pfx_kthread+0x10/0x10 [ 16.406736] ret_from_fork+0x116/0x1d0 [ 16.406755] ? __pfx_kthread+0x10/0x10 [ 16.406775] ret_from_fork_asm+0x1a/0x30 [ 16.406806] </TASK> [ 16.406819] [ 16.418015] Allocated by task 282: [ 16.418240] kasan_save_stack+0x45/0x70 [ 16.418750] kasan_save_track+0x18/0x40 [ 16.418955] kasan_save_alloc_info+0x3b/0x50 [ 16.419400] __kasan_kmalloc+0xb7/0xc0 [ 16.419654] __kmalloc_cache_noprof+0x189/0x420 [ 16.419938] kasan_atomics+0x95/0x310 [ 16.420360] kunit_try_run_case+0x1a5/0x480 [ 16.420609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.421030] kthread+0x337/0x6f0 [ 16.421213] ret_from_fork+0x116/0x1d0 [ 16.421590] ret_from_fork_asm+0x1a/0x30 [ 16.421797] [ 16.421878] The buggy address belongs to the object at ffff88810261fc00 [ 16.421878] which belongs to the cache kmalloc-64 of size 64 [ 16.422725] The buggy address is located 0 bytes to the right of [ 16.422725] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.423427] [ 16.423616] The buggy address belongs to the physical page: [ 16.423986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.424557] flags: 0x200000000000000(node=0|zone=2) [ 16.424832] page_type: f5(slab) [ 16.424987] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.425857] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.426442] page dumped because: kasan: bad access detected [ 16.426782] [ 16.426883] Memory state around the buggy address: [ 16.427250] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.427567] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.427854] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.428411] ^ [ 16.428614] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.429324] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.429615] ================================================================== [ 16.577969] ================================================================== [ 16.578434] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 16.578868] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.579198] [ 16.579292] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.579333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.579346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.579367] Call Trace: [ 16.579382] <TASK> [ 16.579397] dump_stack_lvl+0x73/0xb0 [ 16.579424] print_report+0xd1/0x650 [ 16.579446] ? __virt_addr_valid+0x1db/0x2d0 [ 16.579469] ? kasan_atomics_helper+0x151d/0x5450 [ 16.579490] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.579516] ? kasan_atomics_helper+0x151d/0x5450 [ 16.579540] kasan_report+0x141/0x180 [ 16.579562] ? kasan_atomics_helper+0x151d/0x5450 [ 16.579589] kasan_check_range+0x10c/0x1c0 [ 16.579613] __kasan_check_write+0x18/0x20 [ 16.579633] kasan_atomics_helper+0x151d/0x5450 [ 16.579658] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.579681] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.579706] ? kasan_atomics+0x152/0x310 [ 16.579733] kasan_atomics+0x1dc/0x310 [ 16.579755] ? __pfx_kasan_atomics+0x10/0x10 [ 16.579780] ? __pfx_read_tsc+0x10/0x10 [ 16.579801] ? ktime_get_ts64+0x86/0x230 [ 16.579825] kunit_try_run_case+0x1a5/0x480 [ 16.579849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.579872] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.579895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.579919] ? __kthread_parkme+0x82/0x180 [ 16.579939] ? preempt_count_sub+0x50/0x80 [ 16.579964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.579989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.580012] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.580036] kthread+0x337/0x6f0 [ 16.580067] ? trace_preempt_on+0x20/0xc0 [ 16.580090] ? __pfx_kthread+0x10/0x10 [ 16.580111] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.580133] ? calculate_sigpending+0x7b/0xa0 [ 16.580156] ? __pfx_kthread+0x10/0x10 [ 16.580180] ret_from_fork+0x116/0x1d0 [ 16.580199] ? __pfx_kthread+0x10/0x10 [ 16.580220] ret_from_fork_asm+0x1a/0x30 [ 16.580251] </TASK> [ 16.580263] [ 16.587728] Allocated by task 282: [ 16.587903] kasan_save_stack+0x45/0x70 [ 16.588062] kasan_save_track+0x18/0x40 [ 16.588219] kasan_save_alloc_info+0x3b/0x50 [ 16.588433] __kasan_kmalloc+0xb7/0xc0 [ 16.588621] __kmalloc_cache_noprof+0x189/0x420 [ 16.588971] kasan_atomics+0x95/0x310 [ 16.589117] kunit_try_run_case+0x1a5/0x480 [ 16.589266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.589442] kthread+0x337/0x6f0 [ 16.589572] ret_from_fork+0x116/0x1d0 [ 16.589705] ret_from_fork_asm+0x1a/0x30 [ 16.589844] [ 16.589916] The buggy address belongs to the object at ffff88810261fc00 [ 16.589916] which belongs to the cache kmalloc-64 of size 64 [ 16.590523] The buggy address is located 0 bytes to the right of [ 16.590523] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.591087] [ 16.591184] The buggy address belongs to the physical page: [ 16.591423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.591665] flags: 0x200000000000000(node=0|zone=2) [ 16.591833] page_type: f5(slab) [ 16.591954] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.592199] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.592602] page dumped because: kasan: bad access detected [ 16.592856] [ 16.592952] Memory state around the buggy address: [ 16.593190] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.593529] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.593861] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.594201] ^ [ 16.594436] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.595096] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.595374] ================================================================== [ 16.430237] ================================================================== [ 16.430519] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 16.431644] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.431978] [ 16.432196] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.432372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.432387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.432411] Call Trace: [ 16.432427] <TASK> [ 16.432443] dump_stack_lvl+0x73/0xb0 [ 16.432472] print_report+0xd1/0x650 [ 16.432495] ? __virt_addr_valid+0x1db/0x2d0 [ 16.432526] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.432549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.432575] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.432597] kasan_report+0x141/0x180 [ 16.432619] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.432646] kasan_check_range+0x10c/0x1c0 [ 16.432670] __kasan_check_write+0x18/0x20 [ 16.432689] kasan_atomics_helper+0x12e6/0x5450 [ 16.432712] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.432734] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.432758] ? kasan_atomics+0x152/0x310 [ 16.432785] kasan_atomics+0x1dc/0x310 [ 16.432808] ? __pfx_kasan_atomics+0x10/0x10 [ 16.432833] ? __pfx_read_tsc+0x10/0x10 [ 16.432854] ? ktime_get_ts64+0x86/0x230 [ 16.432877] kunit_try_run_case+0x1a5/0x480 [ 16.432902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.432924] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.432947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.432970] ? __kthread_parkme+0x82/0x180 [ 16.432990] ? preempt_count_sub+0x50/0x80 [ 16.433013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.433053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.433088] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.433112] kthread+0x337/0x6f0 [ 16.433131] ? trace_preempt_on+0x20/0xc0 [ 16.433154] ? __pfx_kthread+0x10/0x10 [ 16.433175] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.433196] ? calculate_sigpending+0x7b/0xa0 [ 16.433220] ? __pfx_kthread+0x10/0x10 [ 16.433242] ret_from_fork+0x116/0x1d0 [ 16.433261] ? __pfx_kthread+0x10/0x10 [ 16.433282] ret_from_fork_asm+0x1a/0x30 [ 16.433314] </TASK> [ 16.433325] [ 16.444694] Allocated by task 282: [ 16.444963] kasan_save_stack+0x45/0x70 [ 16.445439] kasan_save_track+0x18/0x40 [ 16.445658] kasan_save_alloc_info+0x3b/0x50 [ 16.445950] __kasan_kmalloc+0xb7/0xc0 [ 16.446381] __kmalloc_cache_noprof+0x189/0x420 [ 16.446649] kasan_atomics+0x95/0x310 [ 16.446905] kunit_try_run_case+0x1a5/0x480 [ 16.447087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.447488] kthread+0x337/0x6f0 [ 16.447666] ret_from_fork+0x116/0x1d0 [ 16.447954] ret_from_fork_asm+0x1a/0x30 [ 16.448175] [ 16.448337] The buggy address belongs to the object at ffff88810261fc00 [ 16.448337] which belongs to the cache kmalloc-64 of size 64 [ 16.449056] The buggy address is located 0 bytes to the right of [ 16.449056] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.449975] [ 16.450098] The buggy address belongs to the physical page: [ 16.450749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.451157] flags: 0x200000000000000(node=0|zone=2) [ 16.451469] page_type: f5(slab) [ 16.451701] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.452017] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.452555] page dumped because: kasan: bad access detected [ 16.452813] [ 16.452902] Memory state around the buggy address: [ 16.453350] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.453799] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.454264] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.454578] ^ [ 16.454787] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.455094] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.455765] ================================================================== [ 16.299987] ================================================================== [ 16.300587] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 16.300878] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.301115] [ 16.301203] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.301247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.301261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.301283] Call Trace: [ 16.301301] <TASK> [ 16.301319] dump_stack_lvl+0x73/0xb0 [ 16.301345] print_report+0xd1/0x650 [ 16.301369] ? __virt_addr_valid+0x1db/0x2d0 [ 16.301391] ? kasan_atomics_helper+0x1079/0x5450 [ 16.301412] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.301439] ? kasan_atomics_helper+0x1079/0x5450 [ 16.301461] kasan_report+0x141/0x180 [ 16.301483] ? kasan_atomics_helper+0x1079/0x5450 [ 16.301510] kasan_check_range+0x10c/0x1c0 [ 16.301535] __kasan_check_write+0x18/0x20 [ 16.301559] kasan_atomics_helper+0x1079/0x5450 [ 16.301583] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.301605] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.301631] ? kasan_atomics+0x152/0x310 [ 16.301657] kasan_atomics+0x1dc/0x310 [ 16.301681] ? __pfx_kasan_atomics+0x10/0x10 [ 16.301705] ? __pfx_read_tsc+0x10/0x10 [ 16.301727] ? ktime_get_ts64+0x86/0x230 [ 16.301751] kunit_try_run_case+0x1a5/0x480 [ 16.301777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.301800] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.301868] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.301895] ? __kthread_parkme+0x82/0x180 [ 16.301916] ? preempt_count_sub+0x50/0x80 [ 16.301941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.301966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.301990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.302014] kthread+0x337/0x6f0 [ 16.302034] ? trace_preempt_on+0x20/0xc0 [ 16.302099] ? __pfx_kthread+0x10/0x10 [ 16.302122] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.302144] ? calculate_sigpending+0x7b/0xa0 [ 16.302168] ? __pfx_kthread+0x10/0x10 [ 16.302191] ret_from_fork+0x116/0x1d0 [ 16.302210] ? __pfx_kthread+0x10/0x10 [ 16.302230] ret_from_fork_asm+0x1a/0x30 [ 16.302263] </TASK> [ 16.302276] [ 16.310367] Allocated by task 282: [ 16.310692] kasan_save_stack+0x45/0x70 [ 16.310897] kasan_save_track+0x18/0x40 [ 16.311191] kasan_save_alloc_info+0x3b/0x50 [ 16.311410] __kasan_kmalloc+0xb7/0xc0 [ 16.311710] __kmalloc_cache_noprof+0x189/0x420 [ 16.311929] kasan_atomics+0x95/0x310 [ 16.312264] kunit_try_run_case+0x1a5/0x480 [ 16.313195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.313467] kthread+0x337/0x6f0 [ 16.313693] ret_from_fork+0x116/0x1d0 [ 16.314129] ret_from_fork_asm+0x1a/0x30 [ 16.314353] [ 16.314455] The buggy address belongs to the object at ffff88810261fc00 [ 16.314455] which belongs to the cache kmalloc-64 of size 64 [ 16.315708] The buggy address is located 0 bytes to the right of [ 16.315708] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.316747] [ 16.316851] The buggy address belongs to the physical page: [ 16.317463] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.318033] flags: 0x200000000000000(node=0|zone=2) [ 16.318522] page_type: f5(slab) [ 16.318696] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.319013] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.319712] page dumped because: kasan: bad access detected [ 16.320171] [ 16.320273] Memory state around the buggy address: [ 16.320484] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.321205] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.321520] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.321818] ^ [ 16.322027] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.322262] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.322563] ================================================================== [ 16.481828] ================================================================== [ 16.482140] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 16.482991] Read of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.483248] [ 16.483340] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.483384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.483399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.483422] Call Trace: [ 16.483440] <TASK> [ 16.483457] dump_stack_lvl+0x73/0xb0 [ 16.483485] print_report+0xd1/0x650 [ 16.483507] ? __virt_addr_valid+0x1db/0x2d0 [ 16.483531] ? kasan_atomics_helper+0x13b5/0x5450 [ 16.483552] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.483579] ? kasan_atomics_helper+0x13b5/0x5450 [ 16.483601] kasan_report+0x141/0x180 [ 16.483624] ? kasan_atomics_helper+0x13b5/0x5450 [ 16.483651] kasan_check_range+0x10c/0x1c0 [ 16.483674] __kasan_check_read+0x15/0x20 [ 16.483694] kasan_atomics_helper+0x13b5/0x5450 [ 16.483718] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.483739] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.483765] ? kasan_atomics+0x152/0x310 [ 16.483792] kasan_atomics+0x1dc/0x310 [ 16.483814] ? __pfx_kasan_atomics+0x10/0x10 [ 16.483839] ? __pfx_read_tsc+0x10/0x10 [ 16.483860] ? ktime_get_ts64+0x86/0x230 [ 16.483885] kunit_try_run_case+0x1a5/0x480 [ 16.483909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.483932] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.483955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.483979] ? __kthread_parkme+0x82/0x180 [ 16.484000] ? preempt_count_sub+0x50/0x80 [ 16.484024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.484059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.484083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.484106] kthread+0x337/0x6f0 [ 16.484126] ? trace_preempt_on+0x20/0xc0 [ 16.484148] ? __pfx_kthread+0x10/0x10 [ 16.484170] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.484191] ? calculate_sigpending+0x7b/0xa0 [ 16.484215] ? __pfx_kthread+0x10/0x10 [ 16.484236] ret_from_fork+0x116/0x1d0 [ 16.484256] ? __pfx_kthread+0x10/0x10 [ 16.484278] ret_from_fork_asm+0x1a/0x30 [ 16.484310] </TASK> [ 16.484322] [ 16.495634] Allocated by task 282: [ 16.495997] kasan_save_stack+0x45/0x70 [ 16.496261] kasan_save_track+0x18/0x40 [ 16.496458] kasan_save_alloc_info+0x3b/0x50 [ 16.496813] __kasan_kmalloc+0xb7/0xc0 [ 16.496999] __kmalloc_cache_noprof+0x189/0x420 [ 16.497644] kasan_atomics+0x95/0x310 [ 16.497843] kunit_try_run_case+0x1a5/0x480 [ 16.498057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.498239] kthread+0x337/0x6f0 [ 16.498415] ret_from_fork+0x116/0x1d0 [ 16.498611] ret_from_fork_asm+0x1a/0x30 [ 16.498799] [ 16.498887] The buggy address belongs to the object at ffff88810261fc00 [ 16.498887] which belongs to the cache kmalloc-64 of size 64 [ 16.499827] The buggy address is located 0 bytes to the right of [ 16.499827] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.500721] [ 16.500805] The buggy address belongs to the physical page: [ 16.501198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.501505] flags: 0x200000000000000(node=0|zone=2) [ 16.501971] page_type: f5(slab) [ 16.502221] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.502471] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.503097] page dumped because: kasan: bad access detected [ 16.503356] [ 16.503443] Memory state around the buggy address: [ 16.503887] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.504271] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.504624] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.505035] ^ [ 16.505452] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506005] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506531] ================================================================== [ 15.727382] ================================================================== [ 15.727712] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.728603] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.729022] [ 15.729226] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.729276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.729291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.729314] Call Trace: [ 15.729332] <TASK> [ 15.729417] dump_stack_lvl+0x73/0xb0 [ 15.729532] print_report+0xd1/0x650 [ 15.729565] ? __virt_addr_valid+0x1db/0x2d0 [ 15.729607] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.729628] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.729655] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.729678] kasan_report+0x141/0x180 [ 15.729700] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.729727] kasan_check_range+0x10c/0x1c0 [ 15.729754] __kasan_check_write+0x18/0x20 [ 15.729773] kasan_atomics_helper+0x4a0/0x5450 [ 15.729796] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.729820] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.729845] ? kasan_atomics+0x152/0x310 [ 15.729871] kasan_atomics+0x1dc/0x310 [ 15.729895] ? __pfx_kasan_atomics+0x10/0x10 [ 15.729920] ? __pfx_read_tsc+0x10/0x10 [ 15.729943] ? ktime_get_ts64+0x86/0x230 [ 15.729968] kunit_try_run_case+0x1a5/0x480 [ 15.729992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.730015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.730050] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.730073] ? __kthread_parkme+0x82/0x180 [ 15.730095] ? preempt_count_sub+0x50/0x80 [ 15.730119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.730143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.730167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.730190] kthread+0x337/0x6f0 [ 15.730210] ? trace_preempt_on+0x20/0xc0 [ 15.730234] ? __pfx_kthread+0x10/0x10 [ 15.730254] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.730275] ? calculate_sigpending+0x7b/0xa0 [ 15.730300] ? __pfx_kthread+0x10/0x10 [ 15.730323] ret_from_fork+0x116/0x1d0 [ 15.730342] ? __pfx_kthread+0x10/0x10 [ 15.730363] ret_from_fork_asm+0x1a/0x30 [ 15.730395] </TASK> [ 15.730408] [ 15.740873] Allocated by task 282: [ 15.741156] kasan_save_stack+0x45/0x70 [ 15.741376] kasan_save_track+0x18/0x40 [ 15.741537] kasan_save_alloc_info+0x3b/0x50 [ 15.741757] __kasan_kmalloc+0xb7/0xc0 [ 15.742000] __kmalloc_cache_noprof+0x189/0x420 [ 15.742340] kasan_atomics+0x95/0x310 [ 15.742600] kunit_try_run_case+0x1a5/0x480 [ 15.742833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.743063] kthread+0x337/0x6f0 [ 15.743508] ret_from_fork+0x116/0x1d0 [ 15.743684] ret_from_fork_asm+0x1a/0x30 [ 15.743937] [ 15.744034] The buggy address belongs to the object at ffff88810261fc00 [ 15.744034] which belongs to the cache kmalloc-64 of size 64 [ 15.744842] The buggy address is located 0 bytes to the right of [ 15.744842] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.745621] [ 15.745727] The buggy address belongs to the physical page: [ 15.746074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.746629] flags: 0x200000000000000(node=0|zone=2) [ 15.746837] page_type: f5(slab) [ 15.746989] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.747524] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.747924] page dumped because: kasan: bad access detected [ 15.748384] [ 15.748476] Memory state around the buggy address: [ 15.748886] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.749206] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.749685] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.750003] ^ [ 15.750238] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.750851] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.751268] ================================================================== [ 16.109975] ================================================================== [ 16.110256] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 16.111006] Read of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.111403] [ 16.111766] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.111816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.111830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.111852] Call Trace: [ 16.111872] <TASK> [ 16.111889] dump_stack_lvl+0x73/0xb0 [ 16.111919] print_report+0xd1/0x650 [ 16.111941] ? __virt_addr_valid+0x1db/0x2d0 [ 16.111963] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.111984] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.112010] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.112032] kasan_report+0x141/0x180 [ 16.112068] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.112095] __asan_report_load4_noabort+0x18/0x20 [ 16.112119] kasan_atomics_helper+0x4a84/0x5450 [ 16.112142] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.112165] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.112190] ? kasan_atomics+0x152/0x310 [ 16.112216] kasan_atomics+0x1dc/0x310 [ 16.112241] ? __pfx_kasan_atomics+0x10/0x10 [ 16.112265] ? __pfx_read_tsc+0x10/0x10 [ 16.112287] ? ktime_get_ts64+0x86/0x230 [ 16.112311] kunit_try_run_case+0x1a5/0x480 [ 16.112335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.112359] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.112382] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.112405] ? __kthread_parkme+0x82/0x180 [ 16.112426] ? preempt_count_sub+0x50/0x80 [ 16.112450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.112474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.112497] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.112771] kthread+0x337/0x6f0 [ 16.112794] ? trace_preempt_on+0x20/0xc0 [ 16.112833] ? __pfx_kthread+0x10/0x10 [ 16.112854] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.112876] ? calculate_sigpending+0x7b/0xa0 [ 16.112900] ? __pfx_kthread+0x10/0x10 [ 16.112923] ret_from_fork+0x116/0x1d0 [ 16.112941] ? __pfx_kthread+0x10/0x10 [ 16.112963] ret_from_fork_asm+0x1a/0x30 [ 16.112995] </TASK> [ 16.113006] [ 16.125793] Allocated by task 282: [ 16.125933] kasan_save_stack+0x45/0x70 [ 16.126171] kasan_save_track+0x18/0x40 [ 16.126625] kasan_save_alloc_info+0x3b/0x50 [ 16.127021] __kasan_kmalloc+0xb7/0xc0 [ 16.128162] __kmalloc_cache_noprof+0x189/0x420 [ 16.128570] kasan_atomics+0x95/0x310 [ 16.128959] kunit_try_run_case+0x1a5/0x480 [ 16.129345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.129667] kthread+0x337/0x6f0 [ 16.130136] ret_from_fork+0x116/0x1d0 [ 16.130583] ret_from_fork_asm+0x1a/0x30 [ 16.130939] [ 16.131014] The buggy address belongs to the object at ffff88810261fc00 [ 16.131014] which belongs to the cache kmalloc-64 of size 64 [ 16.131870] The buggy address is located 0 bytes to the right of [ 16.131870] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.133576] [ 16.133701] The buggy address belongs to the physical page: [ 16.133876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.134126] flags: 0x200000000000000(node=0|zone=2) [ 16.134343] page_type: f5(slab) [ 16.134657] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.134995] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.135506] page dumped because: kasan: bad access detected [ 16.136009] [ 16.136119] Memory state around the buggy address: [ 16.136757] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.137246] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.137899] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.138190] ^ [ 16.138654] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.139356] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.139869] ================================================================== [ 15.969196] ================================================================== [ 15.969448] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.970722] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.971213] [ 15.972234] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.972287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.972301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.972324] Call Trace: [ 15.972337] <TASK> [ 15.972353] dump_stack_lvl+0x73/0xb0 [ 15.972382] print_report+0xd1/0x650 [ 15.972405] ? __virt_addr_valid+0x1db/0x2d0 [ 15.972428] ? kasan_atomics_helper+0x992/0x5450 [ 15.972450] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.972475] ? kasan_atomics_helper+0x992/0x5450 [ 15.972496] kasan_report+0x141/0x180 [ 15.972518] ? kasan_atomics_helper+0x992/0x5450 [ 15.972545] kasan_check_range+0x10c/0x1c0 [ 15.972569] __kasan_check_write+0x18/0x20 [ 15.972589] kasan_atomics_helper+0x992/0x5450 [ 15.972612] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.972634] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.972659] ? kasan_atomics+0x152/0x310 [ 15.972686] kasan_atomics+0x1dc/0x310 [ 15.972709] ? __pfx_kasan_atomics+0x10/0x10 [ 15.972733] ? __pfx_read_tsc+0x10/0x10 [ 15.972755] ? ktime_get_ts64+0x86/0x230 [ 15.972780] kunit_try_run_case+0x1a5/0x480 [ 15.972804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.972827] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.972851] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.972876] ? __kthread_parkme+0x82/0x180 [ 15.972896] ? preempt_count_sub+0x50/0x80 [ 15.972920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.972945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.972969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.972994] kthread+0x337/0x6f0 [ 15.973014] ? trace_preempt_on+0x20/0xc0 [ 15.973037] ? __pfx_kthread+0x10/0x10 [ 15.973070] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.973092] ? calculate_sigpending+0x7b/0xa0 [ 15.973115] ? __pfx_kthread+0x10/0x10 [ 15.973139] ret_from_fork+0x116/0x1d0 [ 15.973157] ? __pfx_kthread+0x10/0x10 [ 15.973179] ret_from_fork_asm+0x1a/0x30 [ 15.973211] </TASK> [ 15.973225] [ 15.985917] Allocated by task 282: [ 15.986494] kasan_save_stack+0x45/0x70 [ 15.986702] kasan_save_track+0x18/0x40 [ 15.986860] kasan_save_alloc_info+0x3b/0x50 [ 15.987486] __kasan_kmalloc+0xb7/0xc0 [ 15.987798] __kmalloc_cache_noprof+0x189/0x420 [ 15.988012] kasan_atomics+0x95/0x310 [ 15.988443] kunit_try_run_case+0x1a5/0x480 [ 15.988681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.989029] kthread+0x337/0x6f0 [ 15.989370] ret_from_fork+0x116/0x1d0 [ 15.989559] ret_from_fork_asm+0x1a/0x30 [ 15.989899] [ 15.990005] The buggy address belongs to the object at ffff88810261fc00 [ 15.990005] which belongs to the cache kmalloc-64 of size 64 [ 15.990889] The buggy address is located 0 bytes to the right of [ 15.990889] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.991903] [ 15.992007] The buggy address belongs to the physical page: [ 15.992389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.992865] flags: 0x200000000000000(node=0|zone=2) [ 15.993295] page_type: f5(slab) [ 15.993470] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.994141] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.994588] page dumped because: kasan: bad access detected [ 15.994926] [ 15.995006] Memory state around the buggy address: [ 15.995283] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.995794] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.996091] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.996418] ^ [ 15.997116] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.997400] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.997861] ================================================================== [ 16.238534] ================================================================== [ 16.239027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 16.239549] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.240418] [ 16.240658] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.240706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.240719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.240742] Call Trace: [ 16.240759] <TASK> [ 16.240789] dump_stack_lvl+0x73/0xb0 [ 16.240818] print_report+0xd1/0x650 [ 16.240840] ? __virt_addr_valid+0x1db/0x2d0 [ 16.240863] ? kasan_atomics_helper+0xf10/0x5450 [ 16.240884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.240911] ? kasan_atomics_helper+0xf10/0x5450 [ 16.240932] kasan_report+0x141/0x180 [ 16.240955] ? kasan_atomics_helper+0xf10/0x5450 [ 16.240982] kasan_check_range+0x10c/0x1c0 [ 16.241006] __kasan_check_write+0x18/0x20 [ 16.241025] kasan_atomics_helper+0xf10/0x5450 [ 16.241060] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.241083] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.241108] ? kasan_atomics+0x152/0x310 [ 16.241135] kasan_atomics+0x1dc/0x310 [ 16.241157] ? __pfx_kasan_atomics+0x10/0x10 [ 16.241181] ? __pfx_read_tsc+0x10/0x10 [ 16.241204] ? ktime_get_ts64+0x86/0x230 [ 16.241230] kunit_try_run_case+0x1a5/0x480 [ 16.241254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.241277] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.241300] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.241324] ? __kthread_parkme+0x82/0x180 [ 16.241345] ? preempt_count_sub+0x50/0x80 [ 16.241370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.241396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.241419] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.241443] kthread+0x337/0x6f0 [ 16.241462] ? trace_preempt_on+0x20/0xc0 [ 16.241486] ? __pfx_kthread+0x10/0x10 [ 16.241544] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.241575] ? calculate_sigpending+0x7b/0xa0 [ 16.241599] ? __pfx_kthread+0x10/0x10 [ 16.241621] ret_from_fork+0x116/0x1d0 [ 16.241641] ? __pfx_kthread+0x10/0x10 [ 16.241662] ret_from_fork_asm+0x1a/0x30 [ 16.241694] </TASK> [ 16.241705] [ 16.252470] Allocated by task 282: [ 16.252666] kasan_save_stack+0x45/0x70 [ 16.252879] kasan_save_track+0x18/0x40 [ 16.253285] kasan_save_alloc_info+0x3b/0x50 [ 16.253519] __kasan_kmalloc+0xb7/0xc0 [ 16.253722] __kmalloc_cache_noprof+0x189/0x420 [ 16.253912] kasan_atomics+0x95/0x310 [ 16.254057] kunit_try_run_case+0x1a5/0x480 [ 16.254268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.254511] kthread+0x337/0x6f0 [ 16.254729] ret_from_fork+0x116/0x1d0 [ 16.254894] ret_from_fork_asm+0x1a/0x30 [ 16.255180] [ 16.255269] The buggy address belongs to the object at ffff88810261fc00 [ 16.255269] which belongs to the cache kmalloc-64 of size 64 [ 16.255625] The buggy address is located 0 bytes to the right of [ 16.255625] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.256192] [ 16.256283] The buggy address belongs to the physical page: [ 16.256580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.256832] flags: 0x200000000000000(node=0|zone=2) [ 16.257016] page_type: f5(slab) [ 16.257389] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.257877] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.258428] page dumped because: kasan: bad access detected [ 16.258723] [ 16.258814] Memory state around the buggy address: [ 16.259015] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.259382] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.259707] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.259981] ^ [ 16.260152] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.260372] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.260825] ================================================================== [ 16.988610] ================================================================== [ 16.988996] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.989325] Read of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.989694] [ 16.989798] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.989840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.989853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.989907] Call Trace: [ 16.989922] <TASK> [ 16.989938] dump_stack_lvl+0x73/0xb0 [ 16.989964] print_report+0xd1/0x650 [ 16.989986] ? __virt_addr_valid+0x1db/0x2d0 [ 16.990011] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.990076] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.990102] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.990125] kasan_report+0x141/0x180 [ 16.990147] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.990206] __asan_report_load8_noabort+0x18/0x20 [ 16.990232] kasan_atomics_helper+0x4f71/0x5450 [ 16.990254] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.990276] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.990323] ? kasan_atomics+0x152/0x310 [ 16.990349] kasan_atomics+0x1dc/0x310 [ 16.990372] ? __pfx_kasan_atomics+0x10/0x10 [ 16.990397] ? __pfx_read_tsc+0x10/0x10 [ 16.990417] ? ktime_get_ts64+0x86/0x230 [ 16.990442] kunit_try_run_case+0x1a5/0x480 [ 16.990465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.990489] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.990522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.990546] ? __kthread_parkme+0x82/0x180 [ 16.990567] ? preempt_count_sub+0x50/0x80 [ 16.990591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.990643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.990690] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.990759] kthread+0x337/0x6f0 [ 16.990824] ? trace_preempt_on+0x20/0xc0 [ 16.990914] ? __pfx_kthread+0x10/0x10 [ 16.990959] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.990981] ? calculate_sigpending+0x7b/0xa0 [ 16.991005] ? __pfx_kthread+0x10/0x10 [ 16.991028] ret_from_fork+0x116/0x1d0 [ 16.991055] ? __pfx_kthread+0x10/0x10 [ 16.991077] ret_from_fork_asm+0x1a/0x30 [ 16.991109] </TASK> [ 16.991120] [ 16.999035] Allocated by task 282: [ 16.999250] kasan_save_stack+0x45/0x70 [ 16.999454] kasan_save_track+0x18/0x40 [ 16.999653] kasan_save_alloc_info+0x3b/0x50 [ 16.999885] __kasan_kmalloc+0xb7/0xc0 [ 17.000148] __kmalloc_cache_noprof+0x189/0x420 [ 17.000433] kasan_atomics+0x95/0x310 [ 17.000700] kunit_try_run_case+0x1a5/0x480 [ 17.000913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.001135] kthread+0x337/0x6f0 [ 17.001306] ret_from_fork+0x116/0x1d0 [ 17.001563] ret_from_fork_asm+0x1a/0x30 [ 17.001710] [ 17.001822] The buggy address belongs to the object at ffff88810261fc00 [ 17.001822] which belongs to the cache kmalloc-64 of size 64 [ 17.002363] The buggy address is located 0 bytes to the right of [ 17.002363] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 17.002934] [ 17.003032] The buggy address belongs to the physical page: [ 17.003320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 17.003656] flags: 0x200000000000000(node=0|zone=2) [ 17.003917] page_type: f5(slab) [ 17.004083] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.004448] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.004803] page dumped because: kasan: bad access detected [ 17.005070] [ 17.005160] Memory state around the buggy address: [ 17.005384] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.005792] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.006104] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.006456] ^ [ 17.006682] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.007002] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.007221] ================================================================== [ 16.341878] ================================================================== [ 16.342252] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 16.342492] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.342826] [ 16.342936] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.342978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.342991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.343012] Call Trace: [ 16.343027] <TASK> [ 16.343055] dump_stack_lvl+0x73/0xb0 [ 16.343082] print_report+0xd1/0x650 [ 16.343103] ? __virt_addr_valid+0x1db/0x2d0 [ 16.343126] ? kasan_atomics_helper+0x1148/0x5450 [ 16.343148] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.343174] ? kasan_atomics_helper+0x1148/0x5450 [ 16.343197] kasan_report+0x141/0x180 [ 16.343220] ? kasan_atomics_helper+0x1148/0x5450 [ 16.343246] kasan_check_range+0x10c/0x1c0 [ 16.343270] __kasan_check_write+0x18/0x20 [ 16.343290] kasan_atomics_helper+0x1148/0x5450 [ 16.343312] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.343335] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.343359] ? kasan_atomics+0x152/0x310 [ 16.343385] kasan_atomics+0x1dc/0x310 [ 16.343408] ? __pfx_kasan_atomics+0x10/0x10 [ 16.343432] ? __pfx_read_tsc+0x10/0x10 [ 16.343453] ? ktime_get_ts64+0x86/0x230 [ 16.343477] kunit_try_run_case+0x1a5/0x480 [ 16.343501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.343523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.343547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.343570] ? __kthread_parkme+0x82/0x180 [ 16.343590] ? preempt_count_sub+0x50/0x80 [ 16.343614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.343638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.343661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.343684] kthread+0x337/0x6f0 [ 16.343704] ? trace_preempt_on+0x20/0xc0 [ 16.343726] ? __pfx_kthread+0x10/0x10 [ 16.343748] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.343770] ? calculate_sigpending+0x7b/0xa0 [ 16.343794] ? __pfx_kthread+0x10/0x10 [ 16.343816] ret_from_fork+0x116/0x1d0 [ 16.343835] ? __pfx_kthread+0x10/0x10 [ 16.343856] ret_from_fork_asm+0x1a/0x30 [ 16.343888] </TASK> [ 16.343900] [ 16.352021] Allocated by task 282: [ 16.352402] kasan_save_stack+0x45/0x70 [ 16.352622] kasan_save_track+0x18/0x40 [ 16.353006] kasan_save_alloc_info+0x3b/0x50 [ 16.353403] __kasan_kmalloc+0xb7/0xc0 [ 16.353633] __kmalloc_cache_noprof+0x189/0x420 [ 16.353853] kasan_atomics+0x95/0x310 [ 16.353987] kunit_try_run_case+0x1a5/0x480 [ 16.354282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.354544] kthread+0x337/0x6f0 [ 16.354715] ret_from_fork+0x116/0x1d0 [ 16.354936] ret_from_fork_asm+0x1a/0x30 [ 16.355093] [ 16.355193] The buggy address belongs to the object at ffff88810261fc00 [ 16.355193] which belongs to the cache kmalloc-64 of size 64 [ 16.355674] The buggy address is located 0 bytes to the right of [ 16.355674] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.356333] [ 16.356437] The buggy address belongs to the physical page: [ 16.356736] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.357029] flags: 0x200000000000000(node=0|zone=2) [ 16.357282] page_type: f5(slab) [ 16.357435] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.357938] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.358330] page dumped because: kasan: bad access detected [ 16.358513] [ 16.358610] Memory state around the buggy address: [ 16.358840] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.359235] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.359548] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.359836] ^ [ 16.360019] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360248] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360463] ================================================================== [ 17.142245] ================================================================== [ 17.142590] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 17.142994] Read of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 17.143414] [ 17.143532] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.143576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.143589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.143611] Call Trace: [ 17.143624] <TASK> [ 17.143640] dump_stack_lvl+0x73/0xb0 [ 17.143668] print_report+0xd1/0x650 [ 17.143690] ? __virt_addr_valid+0x1db/0x2d0 [ 17.143713] ? kasan_atomics_helper+0x5115/0x5450 [ 17.143773] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.143799] ? kasan_atomics_helper+0x5115/0x5450 [ 17.143821] kasan_report+0x141/0x180 [ 17.143845] ? kasan_atomics_helper+0x5115/0x5450 [ 17.143872] __asan_report_load8_noabort+0x18/0x20 [ 17.143927] kasan_atomics_helper+0x5115/0x5450 [ 17.143953] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.143976] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.144002] ? kasan_atomics+0x152/0x310 [ 17.144029] kasan_atomics+0x1dc/0x310 [ 17.144064] ? __pfx_kasan_atomics+0x10/0x10 [ 17.144118] ? __pfx_read_tsc+0x10/0x10 [ 17.144142] ? ktime_get_ts64+0x86/0x230 [ 17.144166] kunit_try_run_case+0x1a5/0x480 [ 17.144191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.144213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.144237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.144262] ? __kthread_parkme+0x82/0x180 [ 17.144282] ? preempt_count_sub+0x50/0x80 [ 17.144306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.144331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.144354] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.144378] kthread+0x337/0x6f0 [ 17.144398] ? trace_preempt_on+0x20/0xc0 [ 17.144421] ? __pfx_kthread+0x10/0x10 [ 17.144442] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.144464] ? calculate_sigpending+0x7b/0xa0 [ 17.144488] ? __pfx_kthread+0x10/0x10 [ 17.144542] ret_from_fork+0x116/0x1d0 [ 17.144562] ? __pfx_kthread+0x10/0x10 [ 17.144582] ret_from_fork_asm+0x1a/0x30 [ 17.144614] </TASK> [ 17.144626] [ 17.152356] Allocated by task 282: [ 17.152484] kasan_save_stack+0x45/0x70 [ 17.152643] kasan_save_track+0x18/0x40 [ 17.152996] kasan_save_alloc_info+0x3b/0x50 [ 17.153331] __kasan_kmalloc+0xb7/0xc0 [ 17.153608] __kmalloc_cache_noprof+0x189/0x420 [ 17.153981] kasan_atomics+0x95/0x310 [ 17.154233] kunit_try_run_case+0x1a5/0x480 [ 17.154473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.154750] kthread+0x337/0x6f0 [ 17.154884] ret_from_fork+0x116/0x1d0 [ 17.155013] ret_from_fork_asm+0x1a/0x30 [ 17.155157] [ 17.155228] The buggy address belongs to the object at ffff88810261fc00 [ 17.155228] which belongs to the cache kmalloc-64 of size 64 [ 17.156272] The buggy address is located 0 bytes to the right of [ 17.156272] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 17.156912] [ 17.157019] The buggy address belongs to the physical page: [ 17.157290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 17.157680] flags: 0x200000000000000(node=0|zone=2) [ 17.157848] page_type: f5(slab) [ 17.158065] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.158409] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.158802] page dumped because: kasan: bad access detected [ 17.159051] [ 17.159169] Memory state around the buggy address: [ 17.159399] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.159745] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.160053] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.160368] ^ [ 17.160653] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.160994] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.161323] ================================================================== [ 16.689696] ================================================================== [ 16.690060] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 16.690540] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.690879] [ 16.691024] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.691076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.691089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.691109] Call Trace: [ 16.691125] <TASK> [ 16.691140] dump_stack_lvl+0x73/0xb0 [ 16.691165] print_report+0xd1/0x650 [ 16.691187] ? __virt_addr_valid+0x1db/0x2d0 [ 16.691210] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.691230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.691258] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.691280] kasan_report+0x141/0x180 [ 16.691302] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.691329] kasan_check_range+0x10c/0x1c0 [ 16.691353] __kasan_check_write+0x18/0x20 [ 16.691372] kasan_atomics_helper+0x18b1/0x5450 [ 16.691395] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.691417] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.691443] ? kasan_atomics+0x152/0x310 [ 16.691487] kasan_atomics+0x1dc/0x310 [ 16.691520] ? __pfx_kasan_atomics+0x10/0x10 [ 16.691545] ? __pfx_read_tsc+0x10/0x10 [ 16.691566] ? ktime_get_ts64+0x86/0x230 [ 16.691590] kunit_try_run_case+0x1a5/0x480 [ 16.691613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.691636] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.691659] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.691681] ? __kthread_parkme+0x82/0x180 [ 16.691702] ? preempt_count_sub+0x50/0x80 [ 16.691726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.691750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.691773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.691796] kthread+0x337/0x6f0 [ 16.691815] ? trace_preempt_on+0x20/0xc0 [ 16.691839] ? __pfx_kthread+0x10/0x10 [ 16.691859] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.691880] ? calculate_sigpending+0x7b/0xa0 [ 16.691903] ? __pfx_kthread+0x10/0x10 [ 16.691926] ret_from_fork+0x116/0x1d0 [ 16.691944] ? __pfx_kthread+0x10/0x10 [ 16.691964] ret_from_fork_asm+0x1a/0x30 [ 16.691996] </TASK> [ 16.692008] [ 16.699519] Allocated by task 282: [ 16.699678] kasan_save_stack+0x45/0x70 [ 16.699848] kasan_save_track+0x18/0x40 [ 16.699985] kasan_save_alloc_info+0x3b/0x50 [ 16.700145] __kasan_kmalloc+0xb7/0xc0 [ 16.700337] __kmalloc_cache_noprof+0x189/0x420 [ 16.700604] kasan_atomics+0x95/0x310 [ 16.700811] kunit_try_run_case+0x1a5/0x480 [ 16.701028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.701263] kthread+0x337/0x6f0 [ 16.701415] ret_from_fork+0x116/0x1d0 [ 16.701633] ret_from_fork_asm+0x1a/0x30 [ 16.701803] [ 16.701875] The buggy address belongs to the object at ffff88810261fc00 [ 16.701875] which belongs to the cache kmalloc-64 of size 64 [ 16.702239] The buggy address is located 0 bytes to the right of [ 16.702239] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.702649] [ 16.702749] The buggy address belongs to the physical page: [ 16.702998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.703362] flags: 0x200000000000000(node=0|zone=2) [ 16.703723] page_type: f5(slab) [ 16.703894] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.704252] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.704706] page dumped because: kasan: bad access detected [ 16.704962] [ 16.705066] Memory state around the buggy address: [ 16.705269] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.705583] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.705850] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.706141] ^ [ 16.706342] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.706643] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.706860] ================================================================== [ 16.710683] ================================================================== [ 16.710999] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 16.711321] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.711625] [ 16.711723] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.712109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.712125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.712148] Call Trace: [ 16.712162] <TASK> [ 16.712178] dump_stack_lvl+0x73/0xb0 [ 16.712205] print_report+0xd1/0x650 [ 16.712227] ? __virt_addr_valid+0x1db/0x2d0 [ 16.712249] ? kasan_atomics_helper+0x194a/0x5450 [ 16.712270] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.712297] ? kasan_atomics_helper+0x194a/0x5450 [ 16.712319] kasan_report+0x141/0x180 [ 16.712341] ? kasan_atomics_helper+0x194a/0x5450 [ 16.712368] kasan_check_range+0x10c/0x1c0 [ 16.712392] __kasan_check_write+0x18/0x20 [ 16.712412] kasan_atomics_helper+0x194a/0x5450 [ 16.712434] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.712456] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.712482] ? kasan_atomics+0x152/0x310 [ 16.712510] kasan_atomics+0x1dc/0x310 [ 16.712532] ? __pfx_kasan_atomics+0x10/0x10 [ 16.712557] ? __pfx_read_tsc+0x10/0x10 [ 16.712578] ? ktime_get_ts64+0x86/0x230 [ 16.712682] kunit_try_run_case+0x1a5/0x480 [ 16.712709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.712731] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.712755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.712779] ? __kthread_parkme+0x82/0x180 [ 16.712798] ? preempt_count_sub+0x50/0x80 [ 16.712823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.712847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.712870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.712894] kthread+0x337/0x6f0 [ 16.712914] ? trace_preempt_on+0x20/0xc0 [ 16.712936] ? __pfx_kthread+0x10/0x10 [ 16.712958] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.712979] ? calculate_sigpending+0x7b/0xa0 [ 16.713003] ? __pfx_kthread+0x10/0x10 [ 16.713025] ret_from_fork+0x116/0x1d0 [ 16.713054] ? __pfx_kthread+0x10/0x10 [ 16.713076] ret_from_fork_asm+0x1a/0x30 [ 16.713108] </TASK> [ 16.713119] [ 16.720682] Allocated by task 282: [ 16.720857] kasan_save_stack+0x45/0x70 [ 16.721035] kasan_save_track+0x18/0x40 [ 16.721274] kasan_save_alloc_info+0x3b/0x50 [ 16.721489] __kasan_kmalloc+0xb7/0xc0 [ 16.721702] __kmalloc_cache_noprof+0x189/0x420 [ 16.721909] kasan_atomics+0x95/0x310 [ 16.722051] kunit_try_run_case+0x1a5/0x480 [ 16.722199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.722420] kthread+0x337/0x6f0 [ 16.722642] ret_from_fork+0x116/0x1d0 [ 16.722854] ret_from_fork_asm+0x1a/0x30 [ 16.723084] [ 16.723205] The buggy address belongs to the object at ffff88810261fc00 [ 16.723205] which belongs to the cache kmalloc-64 of size 64 [ 16.723670] The buggy address is located 0 bytes to the right of [ 16.723670] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.724249] [ 16.724347] The buggy address belongs to the physical page: [ 16.724627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.724983] flags: 0x200000000000000(node=0|zone=2) [ 16.725205] page_type: f5(slab) [ 16.725394] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.725758] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.726113] page dumped because: kasan: bad access detected [ 16.726350] [ 16.726445] Memory state around the buggy address: [ 16.726699] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.726994] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.727309] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.727673] ^ [ 16.727959] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.728319] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.728662] ================================================================== [ 16.360857] ================================================================== [ 16.361369] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 16.361723] Read of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.361946] [ 16.362028] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.362080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.362093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.362114] Call Trace: [ 16.362130] <TASK> [ 16.362146] dump_stack_lvl+0x73/0xb0 [ 16.362220] print_report+0xd1/0x650 [ 16.362245] ? __virt_addr_valid+0x1db/0x2d0 [ 16.362269] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.362291] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.362317] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.362339] kasan_report+0x141/0x180 [ 16.362361] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.362389] __asan_report_load4_noabort+0x18/0x20 [ 16.362414] kasan_atomics_helper+0x4a02/0x5450 [ 16.362436] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.362458] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.362483] ? kasan_atomics+0x152/0x310 [ 16.362509] kasan_atomics+0x1dc/0x310 [ 16.362531] ? __pfx_kasan_atomics+0x10/0x10 [ 16.362557] ? __pfx_read_tsc+0x10/0x10 [ 16.362578] ? ktime_get_ts64+0x86/0x230 [ 16.362603] kunit_try_run_case+0x1a5/0x480 [ 16.362627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.362650] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.362673] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.362697] ? __kthread_parkme+0x82/0x180 [ 16.362718] ? preempt_count_sub+0x50/0x80 [ 16.362742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.362767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.362790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.362813] kthread+0x337/0x6f0 [ 16.362834] ? trace_preempt_on+0x20/0xc0 [ 16.362856] ? __pfx_kthread+0x10/0x10 [ 16.362878] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.362900] ? calculate_sigpending+0x7b/0xa0 [ 16.362925] ? __pfx_kthread+0x10/0x10 [ 16.362948] ret_from_fork+0x116/0x1d0 [ 16.362967] ? __pfx_kthread+0x10/0x10 [ 16.362989] ret_from_fork_asm+0x1a/0x30 [ 16.363020] </TASK> [ 16.363032] [ 16.371357] Allocated by task 282: [ 16.371558] kasan_save_stack+0x45/0x70 [ 16.371753] kasan_save_track+0x18/0x40 [ 16.371903] kasan_save_alloc_info+0x3b/0x50 [ 16.372152] __kasan_kmalloc+0xb7/0xc0 [ 16.372401] __kmalloc_cache_noprof+0x189/0x420 [ 16.372639] kasan_atomics+0x95/0x310 [ 16.372820] kunit_try_run_case+0x1a5/0x480 [ 16.373008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.373283] kthread+0x337/0x6f0 [ 16.373445] ret_from_fork+0x116/0x1d0 [ 16.373634] ret_from_fork_asm+0x1a/0x30 [ 16.373900] [ 16.373974] The buggy address belongs to the object at ffff88810261fc00 [ 16.373974] which belongs to the cache kmalloc-64 of size 64 [ 16.374335] The buggy address is located 0 bytes to the right of [ 16.374335] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.374699] [ 16.374772] The buggy address belongs to the physical page: [ 16.374943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.375553] flags: 0x200000000000000(node=0|zone=2) [ 16.375792] page_type: f5(slab) [ 16.375963] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.376713] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.377016] page dumped because: kasan: bad access detected [ 16.377604] [ 16.377690] Memory state around the buggy address: [ 16.377918] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.378259] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.378483] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.378821] ^ [ 16.379105] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.379432] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.379806] ================================================================== [ 15.939462] ================================================================== [ 15.940247] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.940745] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.941398] [ 15.941497] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.941542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.941603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.941628] Call Trace: [ 15.941647] <TASK> [ 15.941795] dump_stack_lvl+0x73/0xb0 [ 15.941830] print_report+0xd1/0x650 [ 15.941853] ? __virt_addr_valid+0x1db/0x2d0 [ 15.941877] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.941898] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.941925] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.941947] kasan_report+0x141/0x180 [ 15.941970] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.941998] kasan_check_range+0x10c/0x1c0 [ 15.942022] __kasan_check_write+0x18/0x20 [ 15.942053] kasan_atomics_helper+0x8f9/0x5450 [ 15.942125] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.942149] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.942174] ? kasan_atomics+0x152/0x310 [ 15.942201] kasan_atomics+0x1dc/0x310 [ 15.942224] ? __pfx_kasan_atomics+0x10/0x10 [ 15.942249] ? __pfx_read_tsc+0x10/0x10 [ 15.942270] ? ktime_get_ts64+0x86/0x230 [ 15.942295] kunit_try_run_case+0x1a5/0x480 [ 15.942319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.942342] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.942365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.942390] ? __kthread_parkme+0x82/0x180 [ 15.942412] ? preempt_count_sub+0x50/0x80 [ 15.942436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.942461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.942486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.942511] kthread+0x337/0x6f0 [ 15.942531] ? trace_preempt_on+0x20/0xc0 [ 15.942553] ? __pfx_kthread+0x10/0x10 [ 15.942574] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.942596] ? calculate_sigpending+0x7b/0xa0 [ 15.942619] ? __pfx_kthread+0x10/0x10 [ 15.942643] ret_from_fork+0x116/0x1d0 [ 15.942662] ? __pfx_kthread+0x10/0x10 [ 15.942684] ret_from_fork_asm+0x1a/0x30 [ 15.942715] </TASK> [ 15.942728] [ 15.955664] Allocated by task 282: [ 15.955862] kasan_save_stack+0x45/0x70 [ 15.956346] kasan_save_track+0x18/0x40 [ 15.956552] kasan_save_alloc_info+0x3b/0x50 [ 15.956850] __kasan_kmalloc+0xb7/0xc0 [ 15.957022] __kmalloc_cache_noprof+0x189/0x420 [ 15.957567] kasan_atomics+0x95/0x310 [ 15.957881] kunit_try_run_case+0x1a5/0x480 [ 15.958216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.958607] kthread+0x337/0x6f0 [ 15.958789] ret_from_fork+0x116/0x1d0 [ 15.959268] ret_from_fork_asm+0x1a/0x30 [ 15.959678] [ 15.959785] The buggy address belongs to the object at ffff88810261fc00 [ 15.959785] which belongs to the cache kmalloc-64 of size 64 [ 15.960627] The buggy address is located 0 bytes to the right of [ 15.960627] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.961543] [ 15.961805] The buggy address belongs to the physical page: [ 15.962106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.962455] flags: 0x200000000000000(node=0|zone=2) [ 15.962928] page_type: f5(slab) [ 15.963339] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.963843] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.964468] page dumped because: kasan: bad access detected [ 15.964819] [ 15.964927] Memory state around the buggy address: [ 15.965445] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.965949] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.966539] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.966978] ^ [ 15.967452] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.967902] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.968512] ================================================================== [ 17.083439] ================================================================== [ 17.083796] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 17.084021] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 17.084611] [ 17.084720] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.084761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.084774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.084795] Call Trace: [ 17.084809] <TASK> [ 17.084823] dump_stack_lvl+0x73/0xb0 [ 17.084850] print_report+0xd1/0x650 [ 17.084871] ? __virt_addr_valid+0x1db/0x2d0 [ 17.084894] ? kasan_atomics_helper+0x218a/0x5450 [ 17.084914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.084940] ? kasan_atomics_helper+0x218a/0x5450 [ 17.084963] kasan_report+0x141/0x180 [ 17.084984] ? kasan_atomics_helper+0x218a/0x5450 [ 17.085011] kasan_check_range+0x10c/0x1c0 [ 17.085036] __kasan_check_write+0x18/0x20 [ 17.085066] kasan_atomics_helper+0x218a/0x5450 [ 17.085090] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.085113] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.085139] ? kasan_atomics+0x152/0x310 [ 17.085166] kasan_atomics+0x1dc/0x310 [ 17.085189] ? __pfx_kasan_atomics+0x10/0x10 [ 17.085213] ? __pfx_read_tsc+0x10/0x10 [ 17.085234] ? ktime_get_ts64+0x86/0x230 [ 17.085257] kunit_try_run_case+0x1a5/0x480 [ 17.085282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.085304] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.085327] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.085351] ? __kthread_parkme+0x82/0x180 [ 17.085371] ? preempt_count_sub+0x50/0x80 [ 17.085395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.085420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.085443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.085467] kthread+0x337/0x6f0 [ 17.085486] ? trace_preempt_on+0x20/0xc0 [ 17.085509] ? __pfx_kthread+0x10/0x10 [ 17.085531] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.085557] ? calculate_sigpending+0x7b/0xa0 [ 17.085581] ? __pfx_kthread+0x10/0x10 [ 17.085603] ret_from_fork+0x116/0x1d0 [ 17.085622] ? __pfx_kthread+0x10/0x10 [ 17.085643] ret_from_fork_asm+0x1a/0x30 [ 17.085674] </TASK> [ 17.085694] [ 17.093377] Allocated by task 282: [ 17.093618] kasan_save_stack+0x45/0x70 [ 17.093853] kasan_save_track+0x18/0x40 [ 17.094094] kasan_save_alloc_info+0x3b/0x50 [ 17.094286] __kasan_kmalloc+0xb7/0xc0 [ 17.094438] __kmalloc_cache_noprof+0x189/0x420 [ 17.094789] kasan_atomics+0x95/0x310 [ 17.094995] kunit_try_run_case+0x1a5/0x480 [ 17.095243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.095497] kthread+0x337/0x6f0 [ 17.095669] ret_from_fork+0x116/0x1d0 [ 17.095854] ret_from_fork_asm+0x1a/0x30 [ 17.096035] [ 17.096134] The buggy address belongs to the object at ffff88810261fc00 [ 17.096134] which belongs to the cache kmalloc-64 of size 64 [ 17.096683] The buggy address is located 0 bytes to the right of [ 17.096683] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 17.097219] [ 17.097323] The buggy address belongs to the physical page: [ 17.097598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 17.097953] flags: 0x200000000000000(node=0|zone=2) [ 17.098182] page_type: f5(slab) [ 17.098382] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.098805] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.099028] page dumped because: kasan: bad access detected [ 17.099286] [ 17.099379] Memory state around the buggy address: [ 17.099724] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.100051] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.100346] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.100672] ^ [ 17.100964] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.101291] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.101542] ================================================================== [ 16.261397] ================================================================== [ 16.261951] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 16.262280] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.262695] [ 16.262804] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.262847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.262861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.262883] Call Trace: [ 16.262899] <TASK> [ 16.262915] dump_stack_lvl+0x73/0xb0 [ 16.262942] print_report+0xd1/0x650 [ 16.262965] ? __virt_addr_valid+0x1db/0x2d0 [ 16.262988] ? kasan_atomics_helper+0xfa9/0x5450 [ 16.263009] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.263035] ? kasan_atomics_helper+0xfa9/0x5450 [ 16.263123] kasan_report+0x141/0x180 [ 16.263148] ? kasan_atomics_helper+0xfa9/0x5450 [ 16.263177] kasan_check_range+0x10c/0x1c0 [ 16.263202] __kasan_check_write+0x18/0x20 [ 16.263222] kasan_atomics_helper+0xfa9/0x5450 [ 16.263245] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.263267] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.263292] ? kasan_atomics+0x152/0x310 [ 16.263320] kasan_atomics+0x1dc/0x310 [ 16.263344] ? __pfx_kasan_atomics+0x10/0x10 [ 16.263368] ? __pfx_read_tsc+0x10/0x10 [ 16.263390] ? ktime_get_ts64+0x86/0x230 [ 16.263417] kunit_try_run_case+0x1a5/0x480 [ 16.263442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.263464] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.263488] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.263522] ? __kthread_parkme+0x82/0x180 [ 16.263543] ? preempt_count_sub+0x50/0x80 [ 16.263567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.263591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.263614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.263638] kthread+0x337/0x6f0 [ 16.263658] ? trace_preempt_on+0x20/0xc0 [ 16.263681] ? __pfx_kthread+0x10/0x10 [ 16.263703] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.263724] ? calculate_sigpending+0x7b/0xa0 [ 16.263748] ? __pfx_kthread+0x10/0x10 [ 16.263771] ret_from_fork+0x116/0x1d0 [ 16.263789] ? __pfx_kthread+0x10/0x10 [ 16.263811] ret_from_fork_asm+0x1a/0x30 [ 16.263843] </TASK> [ 16.263856] [ 16.272292] Allocated by task 282: [ 16.272488] kasan_save_stack+0x45/0x70 [ 16.272695] kasan_save_track+0x18/0x40 [ 16.272887] kasan_save_alloc_info+0x3b/0x50 [ 16.273237] __kasan_kmalloc+0xb7/0xc0 [ 16.273371] __kmalloc_cache_noprof+0x189/0x420 [ 16.273526] kasan_atomics+0x95/0x310 [ 16.273742] kunit_try_run_case+0x1a5/0x480 [ 16.273954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.274222] kthread+0x337/0x6f0 [ 16.274401] ret_from_fork+0x116/0x1d0 [ 16.274620] ret_from_fork_asm+0x1a/0x30 [ 16.274820] [ 16.274902] The buggy address belongs to the object at ffff88810261fc00 [ 16.274902] which belongs to the cache kmalloc-64 of size 64 [ 16.275302] The buggy address is located 0 bytes to the right of [ 16.275302] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.275768] [ 16.275866] The buggy address belongs to the physical page: [ 16.276208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.276639] flags: 0x200000000000000(node=0|zone=2) [ 16.276847] page_type: f5(slab) [ 16.277014] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.277428] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.277756] page dumped because: kasan: bad access detected [ 16.277930] [ 16.278002] Memory state around the buggy address: [ 16.278175] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.278503] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.278828] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.279382] ^ [ 16.279675] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.279994] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.280449] ================================================================== [ 16.173192] ================================================================== [ 16.173919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 16.174384] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.174642] [ 16.174730] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.174772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.174786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.174807] Call Trace: [ 16.174825] <TASK> [ 16.174842] dump_stack_lvl+0x73/0xb0 [ 16.174869] print_report+0xd1/0x650 [ 16.174892] ? __virt_addr_valid+0x1db/0x2d0 [ 16.174914] ? kasan_atomics_helper+0xde0/0x5450 [ 16.174935] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.174962] ? kasan_atomics_helper+0xde0/0x5450 [ 16.174983] kasan_report+0x141/0x180 [ 16.175005] ? kasan_atomics_helper+0xde0/0x5450 [ 16.175032] kasan_check_range+0x10c/0x1c0 [ 16.175080] __kasan_check_write+0x18/0x20 [ 16.175101] kasan_atomics_helper+0xde0/0x5450 [ 16.175124] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.175146] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.175171] ? kasan_atomics+0x152/0x310 [ 16.175199] kasan_atomics+0x1dc/0x310 [ 16.175221] ? __pfx_kasan_atomics+0x10/0x10 [ 16.175246] ? __pfx_read_tsc+0x10/0x10 [ 16.175267] ? ktime_get_ts64+0x86/0x230 [ 16.175291] kunit_try_run_case+0x1a5/0x480 [ 16.175315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.175338] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.175361] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.175386] ? __kthread_parkme+0x82/0x180 [ 16.175406] ? preempt_count_sub+0x50/0x80 [ 16.175431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.175455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.175479] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.175502] kthread+0x337/0x6f0 [ 16.175567] ? trace_preempt_on+0x20/0xc0 [ 16.175590] ? __pfx_kthread+0x10/0x10 [ 16.175612] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.175633] ? calculate_sigpending+0x7b/0xa0 [ 16.175657] ? __pfx_kthread+0x10/0x10 [ 16.175679] ret_from_fork+0x116/0x1d0 [ 16.175698] ? __pfx_kthread+0x10/0x10 [ 16.175719] ret_from_fork_asm+0x1a/0x30 [ 16.175751] </TASK> [ 16.175763] [ 16.190987] Allocated by task 282: [ 16.191360] kasan_save_stack+0x45/0x70 [ 16.191743] kasan_save_track+0x18/0x40 [ 16.192139] kasan_save_alloc_info+0x3b/0x50 [ 16.192482] __kasan_kmalloc+0xb7/0xc0 [ 16.192847] __kmalloc_cache_noprof+0x189/0x420 [ 16.193215] kasan_atomics+0x95/0x310 [ 16.193778] kunit_try_run_case+0x1a5/0x480 [ 16.194174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.194654] kthread+0x337/0x6f0 [ 16.194894] ret_from_fork+0x116/0x1d0 [ 16.195029] ret_from_fork_asm+0x1a/0x30 [ 16.195431] [ 16.195591] The buggy address belongs to the object at ffff88810261fc00 [ 16.195591] which belongs to the cache kmalloc-64 of size 64 [ 16.196744] The buggy address is located 0 bytes to the right of [ 16.196744] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.197269] [ 16.197433] The buggy address belongs to the physical page: [ 16.197991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.198893] flags: 0x200000000000000(node=0|zone=2) [ 16.199441] page_type: f5(slab) [ 16.199770] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.200314] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.201137] page dumped because: kasan: bad access detected [ 16.201686] [ 16.201849] Memory state around the buggy address: [ 16.202009] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.202746] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.203605] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.204249] ^ [ 16.204413] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.204872] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.205568] ================================================================== [ 16.596650] ================================================================== [ 16.596906] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 16.597152] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.597414] [ 16.597821] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.597872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.597890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.597912] Call Trace: [ 16.597929] <TASK> [ 16.597944] dump_stack_lvl+0x73/0xb0 [ 16.597973] print_report+0xd1/0x650 [ 16.597995] ? __virt_addr_valid+0x1db/0x2d0 [ 16.598018] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.598052] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.598079] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.598102] kasan_report+0x141/0x180 [ 16.598125] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.598153] kasan_check_range+0x10c/0x1c0 [ 16.598178] __kasan_check_write+0x18/0x20 [ 16.598197] kasan_atomics_helper+0x15b6/0x5450 [ 16.598221] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.598243] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.598268] ? kasan_atomics+0x152/0x310 [ 16.598295] kasan_atomics+0x1dc/0x310 [ 16.598318] ? __pfx_kasan_atomics+0x10/0x10 [ 16.598343] ? __pfx_read_tsc+0x10/0x10 [ 16.598365] ? ktime_get_ts64+0x86/0x230 [ 16.598389] kunit_try_run_case+0x1a5/0x480 [ 16.598415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.598438] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.598461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.598485] ? __kthread_parkme+0x82/0x180 [ 16.598517] ? preempt_count_sub+0x50/0x80 [ 16.598541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.598565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.598590] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.598614] kthread+0x337/0x6f0 [ 16.598634] ? trace_preempt_on+0x20/0xc0 [ 16.598657] ? __pfx_kthread+0x10/0x10 [ 16.598680] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.598703] ? calculate_sigpending+0x7b/0xa0 [ 16.598729] ? __pfx_kthread+0x10/0x10 [ 16.598752] ret_from_fork+0x116/0x1d0 [ 16.598772] ? __pfx_kthread+0x10/0x10 [ 16.598793] ret_from_fork_asm+0x1a/0x30 [ 16.598826] </TASK> [ 16.598838] [ 16.606101] Allocated by task 282: [ 16.606281] kasan_save_stack+0x45/0x70 [ 16.606479] kasan_save_track+0x18/0x40 [ 16.606717] kasan_save_alloc_info+0x3b/0x50 [ 16.606868] __kasan_kmalloc+0xb7/0xc0 [ 16.607035] __kmalloc_cache_noprof+0x189/0x420 [ 16.607276] kasan_atomics+0x95/0x310 [ 16.607468] kunit_try_run_case+0x1a5/0x480 [ 16.607803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.608026] kthread+0x337/0x6f0 [ 16.608206] ret_from_fork+0x116/0x1d0 [ 16.608373] ret_from_fork_asm+0x1a/0x30 [ 16.608583] [ 16.608674] The buggy address belongs to the object at ffff88810261fc00 [ 16.608674] which belongs to the cache kmalloc-64 of size 64 [ 16.609056] The buggy address is located 0 bytes to the right of [ 16.609056] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.609621] [ 16.609782] The buggy address belongs to the physical page: [ 16.609964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.610222] flags: 0x200000000000000(node=0|zone=2) [ 16.610389] page_type: f5(slab) [ 16.610512] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.610780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.611126] page dumped because: kasan: bad access detected [ 16.611378] [ 16.611487] Memory state around the buggy address: [ 16.611832] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.612061] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.612278] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.612492] ^ [ 16.612728] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.613059] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.613378] ================================================================== [ 15.588737] ================================================================== [ 15.588983] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 15.589829] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 15.590572] [ 15.590761] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.590804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.590816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.590838] Call Trace: [ 15.590862] <TASK> [ 15.590878] dump_stack_lvl+0x73/0xb0 [ 15.590907] print_report+0xd1/0x650 [ 15.590940] ? __virt_addr_valid+0x1db/0x2d0 [ 15.590971] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.590991] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.591016] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.591057] kasan_report+0x141/0x180 [ 15.591079] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.591103] __asan_report_store4_noabort+0x1b/0x30 [ 15.591128] kasan_atomics_helper+0x4ba2/0x5450 [ 15.591150] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.591171] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.591196] ? kasan_atomics+0x152/0x310 [ 15.591221] kasan_atomics+0x1dc/0x310 [ 15.591244] ? __pfx_kasan_atomics+0x10/0x10 [ 15.591268] ? __pfx_read_tsc+0x10/0x10 [ 15.591288] ? ktime_get_ts64+0x86/0x230 [ 15.591312] kunit_try_run_case+0x1a5/0x480 [ 15.591336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.591357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.591383] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.591406] ? __kthread_parkme+0x82/0x180 [ 15.591425] ? preempt_count_sub+0x50/0x80 [ 15.591448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.591471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.591494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.591516] kthread+0x337/0x6f0 [ 15.591535] ? trace_preempt_on+0x20/0xc0 [ 15.591556] ? __pfx_kthread+0x10/0x10 [ 15.591577] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.591597] ? calculate_sigpending+0x7b/0xa0 [ 15.591620] ? __pfx_kthread+0x10/0x10 [ 15.591641] ret_from_fork+0x116/0x1d0 [ 15.591658] ? __pfx_kthread+0x10/0x10 [ 15.591678] ret_from_fork_asm+0x1a/0x30 [ 15.591708] </TASK> [ 15.591719] [ 15.608975] Allocated by task 282: [ 15.609948] kasan_save_stack+0x45/0x70 [ 15.610748] kasan_save_track+0x18/0x40 [ 15.611445] kasan_save_alloc_info+0x3b/0x50 [ 15.612264] __kasan_kmalloc+0xb7/0xc0 [ 15.612979] __kmalloc_cache_noprof+0x189/0x420 [ 15.613868] kasan_atomics+0x95/0x310 [ 15.614465] kunit_try_run_case+0x1a5/0x480 [ 15.615024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.615227] kthread+0x337/0x6f0 [ 15.615352] ret_from_fork+0x116/0x1d0 [ 15.615487] ret_from_fork_asm+0x1a/0x30 [ 15.615627] [ 15.615701] The buggy address belongs to the object at ffff88810261fc00 [ 15.615701] which belongs to the cache kmalloc-64 of size 64 [ 15.616075] The buggy address is located 0 bytes to the right of [ 15.616075] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 15.617838] [ 15.618010] The buggy address belongs to the physical page: [ 15.618749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 15.619755] flags: 0x200000000000000(node=0|zone=2) [ 15.620374] page_type: f5(slab) [ 15.620796] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.621694] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.621991] page dumped because: kasan: bad access detected [ 15.622727] [ 15.623088] Memory state around the buggy address: [ 15.623523] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.623750] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.623968] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.624245] ^ [ 15.625065] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.625873] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.626675] ================================================================== [ 16.206471] ================================================================== [ 16.206944] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 16.207187] Write of size 4 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.207886] [ 16.208085] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.208130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.208182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.208205] Call Trace: [ 16.208223] <TASK> [ 16.208240] dump_stack_lvl+0x73/0xb0 [ 16.208268] print_report+0xd1/0x650 [ 16.208291] ? __virt_addr_valid+0x1db/0x2d0 [ 16.208314] ? kasan_atomics_helper+0xe78/0x5450 [ 16.208335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.208361] ? kasan_atomics_helper+0xe78/0x5450 [ 16.208383] kasan_report+0x141/0x180 [ 16.208406] ? kasan_atomics_helper+0xe78/0x5450 [ 16.208432] kasan_check_range+0x10c/0x1c0 [ 16.208456] __kasan_check_write+0x18/0x20 [ 16.208476] kasan_atomics_helper+0xe78/0x5450 [ 16.208501] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.208524] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.208549] ? kasan_atomics+0x152/0x310 [ 16.208576] kasan_atomics+0x1dc/0x310 [ 16.208599] ? __pfx_kasan_atomics+0x10/0x10 [ 16.208623] ? __pfx_read_tsc+0x10/0x10 [ 16.208645] ? ktime_get_ts64+0x86/0x230 [ 16.208670] kunit_try_run_case+0x1a5/0x480 [ 16.208695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.208718] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.208741] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.208764] ? __kthread_parkme+0x82/0x180 [ 16.208785] ? preempt_count_sub+0x50/0x80 [ 16.208810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.208834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.208858] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.208882] kthread+0x337/0x6f0 [ 16.208902] ? trace_preempt_on+0x20/0xc0 [ 16.208925] ? __pfx_kthread+0x10/0x10 [ 16.208947] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.208969] ? calculate_sigpending+0x7b/0xa0 [ 16.208994] ? __pfx_kthread+0x10/0x10 [ 16.209016] ret_from_fork+0x116/0x1d0 [ 16.209035] ? __pfx_kthread+0x10/0x10 [ 16.209078] ret_from_fork_asm+0x1a/0x30 [ 16.209111] </TASK> [ 16.209123] [ 16.222945] Allocated by task 282: [ 16.223273] kasan_save_stack+0x45/0x70 [ 16.223760] kasan_save_track+0x18/0x40 [ 16.224185] kasan_save_alloc_info+0x3b/0x50 [ 16.224655] __kasan_kmalloc+0xb7/0xc0 [ 16.224987] __kmalloc_cache_noprof+0x189/0x420 [ 16.225525] kasan_atomics+0x95/0x310 [ 16.225687] kunit_try_run_case+0x1a5/0x480 [ 16.225836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.226012] kthread+0x337/0x6f0 [ 16.226289] ret_from_fork+0x116/0x1d0 [ 16.226670] ret_from_fork_asm+0x1a/0x30 [ 16.227320] [ 16.227491] The buggy address belongs to the object at ffff88810261fc00 [ 16.227491] which belongs to the cache kmalloc-64 of size 64 [ 16.228689] The buggy address is located 0 bytes to the right of [ 16.228689] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.230008] [ 16.230137] The buggy address belongs to the physical page: [ 16.230593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.231271] flags: 0x200000000000000(node=0|zone=2) [ 16.231448] page_type: f5(slab) [ 16.231645] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.232489] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.233229] page dumped because: kasan: bad access detected [ 16.233796] [ 16.234005] Memory state around the buggy address: [ 16.234402] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.234899] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.235319] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.235928] ^ [ 16.236407] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.236985] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.237602] ================================================================== [ 17.007672] ================================================================== [ 17.008419] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 17.008804] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 17.009182] [ 17.009290] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 17.009362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.009375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.009397] Call Trace: [ 17.009411] <TASK> [ 17.009426] dump_stack_lvl+0x73/0xb0 [ 17.009484] print_report+0xd1/0x650 [ 17.009506] ? __virt_addr_valid+0x1db/0x2d0 [ 17.009528] ? kasan_atomics_helper+0x2006/0x5450 [ 17.009549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.009579] ? kasan_atomics_helper+0x2006/0x5450 [ 17.009602] kasan_report+0x141/0x180 [ 17.009624] ? kasan_atomics_helper+0x2006/0x5450 [ 17.009652] kasan_check_range+0x10c/0x1c0 [ 17.009675] __kasan_check_write+0x18/0x20 [ 17.009695] kasan_atomics_helper+0x2006/0x5450 [ 17.009719] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.009743] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.009768] ? kasan_atomics+0x152/0x310 [ 17.009795] kasan_atomics+0x1dc/0x310 [ 17.009817] ? __pfx_kasan_atomics+0x10/0x10 [ 17.009841] ? __pfx_read_tsc+0x10/0x10 [ 17.009862] ? ktime_get_ts64+0x86/0x230 [ 17.009886] kunit_try_run_case+0x1a5/0x480 [ 17.009910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.009933] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.009955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.009980] ? __kthread_parkme+0x82/0x180 [ 17.010001] ? preempt_count_sub+0x50/0x80 [ 17.010025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.010059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.010082] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.010106] kthread+0x337/0x6f0 [ 17.010126] ? trace_preempt_on+0x20/0xc0 [ 17.010149] ? __pfx_kthread+0x10/0x10 [ 17.010170] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.010192] ? calculate_sigpending+0x7b/0xa0 [ 17.010215] ? __pfx_kthread+0x10/0x10 [ 17.010237] ret_from_fork+0x116/0x1d0 [ 17.010256] ? __pfx_kthread+0x10/0x10 [ 17.010277] ret_from_fork_asm+0x1a/0x30 [ 17.010320] </TASK> [ 17.010333] [ 17.018678] Allocated by task 282: [ 17.018850] kasan_save_stack+0x45/0x70 [ 17.019037] kasan_save_track+0x18/0x40 [ 17.019271] kasan_save_alloc_info+0x3b/0x50 [ 17.019452] __kasan_kmalloc+0xb7/0xc0 [ 17.019703] __kmalloc_cache_noprof+0x189/0x420 [ 17.019911] kasan_atomics+0x95/0x310 [ 17.020142] kunit_try_run_case+0x1a5/0x480 [ 17.020352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.020628] kthread+0x337/0x6f0 [ 17.020810] ret_from_fork+0x116/0x1d0 [ 17.021000] ret_from_fork_asm+0x1a/0x30 [ 17.021211] [ 17.021310] The buggy address belongs to the object at ffff88810261fc00 [ 17.021310] which belongs to the cache kmalloc-64 of size 64 [ 17.021917] The buggy address is located 0 bytes to the right of [ 17.021917] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 17.022366] [ 17.022498] The buggy address belongs to the physical page: [ 17.022754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 17.023134] flags: 0x200000000000000(node=0|zone=2) [ 17.023375] page_type: f5(slab) [ 17.023553] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.023905] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.024235] page dumped because: kasan: bad access detected [ 17.024483] [ 17.024607] Memory state around the buggy address: [ 17.024813] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.025138] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.025444] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.025813] ^ [ 17.026054] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.026349] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.026866] ================================================================== [ 16.672454] ================================================================== [ 16.672792] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 16.673027] Write of size 8 at addr ffff88810261fc30 by task kunit_try_catch/282 [ 16.673372] [ 16.673497] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 16.673538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.673558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.673580] Call Trace: [ 16.673594] <TASK> [ 16.673609] dump_stack_lvl+0x73/0xb0 [ 16.673635] print_report+0xd1/0x650 [ 16.673656] ? __virt_addr_valid+0x1db/0x2d0 [ 16.673679] ? kasan_atomics_helper+0x1818/0x5450 [ 16.673700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.673726] ? kasan_atomics_helper+0x1818/0x5450 [ 16.673748] kasan_report+0x141/0x180 [ 16.673770] ? kasan_atomics_helper+0x1818/0x5450 [ 16.673797] kasan_check_range+0x10c/0x1c0 [ 16.673820] __kasan_check_write+0x18/0x20 [ 16.673839] kasan_atomics_helper+0x1818/0x5450 [ 16.673862] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.673884] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.673909] ? kasan_atomics+0x152/0x310 [ 16.673937] kasan_atomics+0x1dc/0x310 [ 16.673960] ? __pfx_kasan_atomics+0x10/0x10 [ 16.673984] ? __pfx_read_tsc+0x10/0x10 [ 16.674005] ? ktime_get_ts64+0x86/0x230 [ 16.674028] kunit_try_run_case+0x1a5/0x480 [ 16.674063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.674085] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.674109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.674132] ? __kthread_parkme+0x82/0x180 [ 16.674153] ? preempt_count_sub+0x50/0x80 [ 16.674178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.674204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.674227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.674251] kthread+0x337/0x6f0 [ 16.674270] ? trace_preempt_on+0x20/0xc0 [ 16.674292] ? __pfx_kthread+0x10/0x10 [ 16.674314] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.674334] ? calculate_sigpending+0x7b/0xa0 [ 16.674358] ? __pfx_kthread+0x10/0x10 [ 16.674381] ret_from_fork+0x116/0x1d0 [ 16.674401] ? __pfx_kthread+0x10/0x10 [ 16.674422] ret_from_fork_asm+0x1a/0x30 [ 16.674454] </TASK> [ 16.674466] [ 16.681939] Allocated by task 282: [ 16.682104] kasan_save_stack+0x45/0x70 [ 16.682297] kasan_save_track+0x18/0x40 [ 16.682433] kasan_save_alloc_info+0x3b/0x50 [ 16.682584] __kasan_kmalloc+0xb7/0xc0 [ 16.682777] __kmalloc_cache_noprof+0x189/0x420 [ 16.683161] kasan_atomics+0x95/0x310 [ 16.683333] kunit_try_run_case+0x1a5/0x480 [ 16.683527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.683740] kthread+0x337/0x6f0 [ 16.683901] ret_from_fork+0x116/0x1d0 [ 16.684057] ret_from_fork_asm+0x1a/0x30 [ 16.684261] [ 16.684359] The buggy address belongs to the object at ffff88810261fc00 [ 16.684359] which belongs to the cache kmalloc-64 of size 64 [ 16.684852] The buggy address is located 0 bytes to the right of [ 16.684852] allocated 48-byte region [ffff88810261fc00, ffff88810261fc30) [ 16.685230] [ 16.685303] The buggy address belongs to the physical page: [ 16.685477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 16.685722] flags: 0x200000000000000(node=0|zone=2) [ 16.685885] page_type: f5(slab) [ 16.686024] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.686656] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.686992] page dumped because: kasan: bad access detected [ 16.687252] [ 16.687347] Memory state around the buggy address: [ 16.687534] ffff88810261fb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.687800] ffff88810261fb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.688019] >ffff88810261fc00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.688242] ^ [ 16.688398] ffff88810261fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.688616] ffff88810261fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.689073] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 15.348933] ================================================================== [ 15.349589] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.349954] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.350471] [ 15.350598] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.350646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.350659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.350680] Call Trace: [ 15.350698] <TASK> [ 15.350717] dump_stack_lvl+0x73/0xb0 [ 15.350746] print_report+0xd1/0x650 [ 15.350769] ? __virt_addr_valid+0x1db/0x2d0 [ 15.350791] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.350818] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.350843] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.350870] kasan_report+0x141/0x180 [ 15.350891] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.350923] kasan_check_range+0x10c/0x1c0 [ 15.350946] __kasan_check_write+0x18/0x20 [ 15.350965] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.350990] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.351018] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.351056] ? trace_hardirqs_on+0x37/0xe0 [ 15.351079] ? kasan_bitops_generic+0x92/0x1c0 [ 15.351105] kasan_bitops_generic+0x121/0x1c0 [ 15.351127] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.351152] ? __pfx_read_tsc+0x10/0x10 [ 15.351175] ? ktime_get_ts64+0x86/0x230 [ 15.351199] kunit_try_run_case+0x1a5/0x480 [ 15.351223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.351245] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.351268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.351290] ? __kthread_parkme+0x82/0x180 [ 15.351310] ? preempt_count_sub+0x50/0x80 [ 15.351333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.351356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.351744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.351817] kthread+0x337/0x6f0 [ 15.351857] ? trace_preempt_on+0x20/0xc0 [ 15.351880] ? __pfx_kthread+0x10/0x10 [ 15.351915] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.351950] ? calculate_sigpending+0x7b/0xa0 [ 15.351976] ? __pfx_kthread+0x10/0x10 [ 15.351997] ret_from_fork+0x116/0x1d0 [ 15.352029] ? __pfx_kthread+0x10/0x10 [ 15.352082] ret_from_fork_asm+0x1a/0x30 [ 15.352115] </TASK> [ 15.352128] [ 15.365758] Allocated by task 278: [ 15.366075] kasan_save_stack+0x45/0x70 [ 15.366429] kasan_save_track+0x18/0x40 [ 15.366616] kasan_save_alloc_info+0x3b/0x50 [ 15.366900] __kasan_kmalloc+0xb7/0xc0 [ 15.367298] __kmalloc_cache_noprof+0x189/0x420 [ 15.367671] kasan_bitops_generic+0x92/0x1c0 [ 15.368030] kunit_try_run_case+0x1a5/0x480 [ 15.368398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.368765] kthread+0x337/0x6f0 [ 15.368943] ret_from_fork+0x116/0x1d0 [ 15.369400] ret_from_fork_asm+0x1a/0x30 [ 15.369646] [ 15.369789] The buggy address belongs to the object at ffff8881022bacc0 [ 15.369789] which belongs to the cache kmalloc-16 of size 16 [ 15.370734] The buggy address is located 8 bytes inside of [ 15.370734] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.371603] [ 15.371718] The buggy address belongs to the physical page: [ 15.371972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.372812] flags: 0x200000000000000(node=0|zone=2) [ 15.373207] page_type: f5(slab) [ 15.373468] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.373987] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.374498] page dumped because: kasan: bad access detected [ 15.374872] [ 15.375186] Memory state around the buggy address: [ 15.375418] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.375999] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.376573] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.376999] ^ [ 15.377381] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.377946] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.378442] ================================================================== [ 15.407890] ================================================================== [ 15.408830] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.409417] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.409991] [ 15.410297] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.410484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.410524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.410548] Call Trace: [ 15.410567] <TASK> [ 15.410586] dump_stack_lvl+0x73/0xb0 [ 15.410618] print_report+0xd1/0x650 [ 15.410640] ? __virt_addr_valid+0x1db/0x2d0 [ 15.410664] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.410691] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.410715] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.410742] kasan_report+0x141/0x180 [ 15.410764] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.410796] kasan_check_range+0x10c/0x1c0 [ 15.410818] __kasan_check_write+0x18/0x20 [ 15.410837] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.410864] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.410891] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.410916] ? trace_hardirqs_on+0x37/0xe0 [ 15.410938] ? kasan_bitops_generic+0x92/0x1c0 [ 15.410965] kasan_bitops_generic+0x121/0x1c0 [ 15.410987] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.411011] ? __pfx_read_tsc+0x10/0x10 [ 15.411032] ? ktime_get_ts64+0x86/0x230 [ 15.411132] kunit_try_run_case+0x1a5/0x480 [ 15.411158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.411180] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.411204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.411225] ? __kthread_parkme+0x82/0x180 [ 15.411246] ? preempt_count_sub+0x50/0x80 [ 15.411269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.411293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.411314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.411337] kthread+0x337/0x6f0 [ 15.411355] ? trace_preempt_on+0x20/0xc0 [ 15.411375] ? __pfx_kthread+0x10/0x10 [ 15.411396] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.411417] ? calculate_sigpending+0x7b/0xa0 [ 15.411441] ? __pfx_kthread+0x10/0x10 [ 15.411463] ret_from_fork+0x116/0x1d0 [ 15.411481] ? __pfx_kthread+0x10/0x10 [ 15.411521] ret_from_fork_asm+0x1a/0x30 [ 15.411552] </TASK> [ 15.411564] [ 15.424185] Allocated by task 278: [ 15.424393] kasan_save_stack+0x45/0x70 [ 15.424587] kasan_save_track+0x18/0x40 [ 15.424769] kasan_save_alloc_info+0x3b/0x50 [ 15.424970] __kasan_kmalloc+0xb7/0xc0 [ 15.425967] __kmalloc_cache_noprof+0x189/0x420 [ 15.426427] kasan_bitops_generic+0x92/0x1c0 [ 15.426767] kunit_try_run_case+0x1a5/0x480 [ 15.426992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.427468] kthread+0x337/0x6f0 [ 15.427797] ret_from_fork+0x116/0x1d0 [ 15.427994] ret_from_fork_asm+0x1a/0x30 [ 15.428410] [ 15.428633] The buggy address belongs to the object at ffff8881022bacc0 [ 15.428633] which belongs to the cache kmalloc-16 of size 16 [ 15.429468] The buggy address is located 8 bytes inside of [ 15.429468] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.430289] [ 15.430422] The buggy address belongs to the physical page: [ 15.430839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.431201] flags: 0x200000000000000(node=0|zone=2) [ 15.431653] page_type: f5(slab) [ 15.431952] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.432430] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.432925] page dumped because: kasan: bad access detected [ 15.433454] [ 15.433592] Memory state around the buggy address: [ 15.433963] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.434412] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.434897] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.435368] ^ [ 15.435788] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.436097] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.436657] ================================================================== [ 15.321636] ================================================================== [ 15.322285] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.322820] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.323476] [ 15.323696] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.323744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.323757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.323778] Call Trace: [ 15.323814] <TASK> [ 15.323830] dump_stack_lvl+0x73/0xb0 [ 15.323860] print_report+0xd1/0x650 [ 15.323882] ? __virt_addr_valid+0x1db/0x2d0 [ 15.323904] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.323931] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.323957] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.323982] kasan_report+0x141/0x180 [ 15.324004] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.324036] kasan_check_range+0x10c/0x1c0 [ 15.324073] __kasan_check_write+0x18/0x20 [ 15.324092] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.324118] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.324146] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.324168] ? trace_hardirqs_on+0x37/0xe0 [ 15.324190] ? kasan_bitops_generic+0x92/0x1c0 [ 15.324218] kasan_bitops_generic+0x121/0x1c0 [ 15.324240] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.324265] ? __pfx_read_tsc+0x10/0x10 [ 15.324285] ? ktime_get_ts64+0x86/0x230 [ 15.324309] kunit_try_run_case+0x1a5/0x480 [ 15.324333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.324354] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.324378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.324401] ? __kthread_parkme+0x82/0x180 [ 15.324421] ? preempt_count_sub+0x50/0x80 [ 15.324444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.324467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.324489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.324512] kthread+0x337/0x6f0 [ 15.324531] ? trace_preempt_on+0x20/0xc0 [ 15.324552] ? __pfx_kthread+0x10/0x10 [ 15.324572] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.324593] ? calculate_sigpending+0x7b/0xa0 [ 15.324617] ? __pfx_kthread+0x10/0x10 [ 15.324638] ret_from_fork+0x116/0x1d0 [ 15.324655] ? __pfx_kthread+0x10/0x10 [ 15.324675] ret_from_fork_asm+0x1a/0x30 [ 15.324706] </TASK> [ 15.324718] [ 15.337701] Allocated by task 278: [ 15.338034] kasan_save_stack+0x45/0x70 [ 15.338266] kasan_save_track+0x18/0x40 [ 15.338454] kasan_save_alloc_info+0x3b/0x50 [ 15.339264] __kasan_kmalloc+0xb7/0xc0 [ 15.339803] __kmalloc_cache_noprof+0x189/0x420 [ 15.340119] kasan_bitops_generic+0x92/0x1c0 [ 15.340276] kunit_try_run_case+0x1a5/0x480 [ 15.340422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.340595] kthread+0x337/0x6f0 [ 15.340714] ret_from_fork+0x116/0x1d0 [ 15.340843] ret_from_fork_asm+0x1a/0x30 [ 15.340977] [ 15.341058] The buggy address belongs to the object at ffff8881022bacc0 [ 15.341058] which belongs to the cache kmalloc-16 of size 16 [ 15.341404] The buggy address is located 8 bytes inside of [ 15.341404] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.341761] [ 15.341838] The buggy address belongs to the physical page: [ 15.342010] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.342262] flags: 0x200000000000000(node=0|zone=2) [ 15.342428] page_type: f5(slab) [ 15.342608] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.343245] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.343757] page dumped because: kasan: bad access detected [ 15.343942] [ 15.344019] Memory state around the buggy address: [ 15.345688] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.346033] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.346375] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.346685] ^ [ 15.347507] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.347839] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.348211] ================================================================== [ 15.290864] ================================================================== [ 15.291405] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.292028] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.292508] [ 15.292872] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.292921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.292932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.292953] Call Trace: [ 15.292968] <TASK> [ 15.292983] dump_stack_lvl+0x73/0xb0 [ 15.293010] print_report+0xd1/0x650 [ 15.293326] ? __virt_addr_valid+0x1db/0x2d0 [ 15.293351] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.293381] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.293408] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.293435] kasan_report+0x141/0x180 [ 15.293458] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.293490] kasan_check_range+0x10c/0x1c0 [ 15.293513] __kasan_check_write+0x18/0x20 [ 15.293532] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.293567] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.293595] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.293619] ? trace_hardirqs_on+0x37/0xe0 [ 15.293641] ? kasan_bitops_generic+0x92/0x1c0 [ 15.293668] kasan_bitops_generic+0x121/0x1c0 [ 15.293690] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.293715] ? __pfx_read_tsc+0x10/0x10 [ 15.293735] ? ktime_get_ts64+0x86/0x230 [ 15.293759] kunit_try_run_case+0x1a5/0x480 [ 15.293784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.293806] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.293828] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.293851] ? __kthread_parkme+0x82/0x180 [ 15.293872] ? preempt_count_sub+0x50/0x80 [ 15.293895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.293919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.293942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.293966] kthread+0x337/0x6f0 [ 15.293985] ? trace_preempt_on+0x20/0xc0 [ 15.294007] ? __pfx_kthread+0x10/0x10 [ 15.294027] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.294116] ? calculate_sigpending+0x7b/0xa0 [ 15.294145] ? __pfx_kthread+0x10/0x10 [ 15.294166] ret_from_fork+0x116/0x1d0 [ 15.294185] ? __pfx_kthread+0x10/0x10 [ 15.294206] ret_from_fork_asm+0x1a/0x30 [ 15.294236] </TASK> [ 15.294248] [ 15.308499] Allocated by task 278: [ 15.308698] kasan_save_stack+0x45/0x70 [ 15.309247] kasan_save_track+0x18/0x40 [ 15.309434] kasan_save_alloc_info+0x3b/0x50 [ 15.309912] __kasan_kmalloc+0xb7/0xc0 [ 15.310092] __kmalloc_cache_noprof+0x189/0x420 [ 15.310469] kasan_bitops_generic+0x92/0x1c0 [ 15.310811] kunit_try_run_case+0x1a5/0x480 [ 15.311052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.311552] kthread+0x337/0x6f0 [ 15.311740] ret_from_fork+0x116/0x1d0 [ 15.312058] ret_from_fork_asm+0x1a/0x30 [ 15.312357] [ 15.312441] The buggy address belongs to the object at ffff8881022bacc0 [ 15.312441] which belongs to the cache kmalloc-16 of size 16 [ 15.313627] The buggy address is located 8 bytes inside of [ 15.313627] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.314143] [ 15.314596] The buggy address belongs to the physical page: [ 15.314838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.315572] flags: 0x200000000000000(node=0|zone=2) [ 15.315822] page_type: f5(slab) [ 15.316146] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.316619] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.316936] page dumped because: kasan: bad access detected [ 15.317502] [ 15.317685] Memory state around the buggy address: [ 15.318129] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.318541] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.318845] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.319451] ^ [ 15.319764] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.320116] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.320701] ================================================================== [ 15.379127] ================================================================== [ 15.379874] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.380310] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.381192] [ 15.381325] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.381538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.381561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.381584] Call Trace: [ 15.381603] <TASK> [ 15.381621] dump_stack_lvl+0x73/0xb0 [ 15.381653] print_report+0xd1/0x650 [ 15.381675] ? __virt_addr_valid+0x1db/0x2d0 [ 15.381698] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.381724] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.381750] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.381776] kasan_report+0x141/0x180 [ 15.381798] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.381828] kasan_check_range+0x10c/0x1c0 [ 15.381851] __kasan_check_write+0x18/0x20 [ 15.381870] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.381896] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.381923] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.381947] ? trace_hardirqs_on+0x37/0xe0 [ 15.381968] ? kasan_bitops_generic+0x92/0x1c0 [ 15.381995] kasan_bitops_generic+0x121/0x1c0 [ 15.382018] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.382115] ? __pfx_read_tsc+0x10/0x10 [ 15.382141] ? ktime_get_ts64+0x86/0x230 [ 15.382166] kunit_try_run_case+0x1a5/0x480 [ 15.382190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.382213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.382235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.382259] ? __kthread_parkme+0x82/0x180 [ 15.382278] ? preempt_count_sub+0x50/0x80 [ 15.382301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.382324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.382345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.382368] kthread+0x337/0x6f0 [ 15.382386] ? trace_preempt_on+0x20/0xc0 [ 15.382407] ? __pfx_kthread+0x10/0x10 [ 15.382426] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.382446] ? calculate_sigpending+0x7b/0xa0 [ 15.382470] ? __pfx_kthread+0x10/0x10 [ 15.382510] ret_from_fork+0x116/0x1d0 [ 15.382528] ? __pfx_kthread+0x10/0x10 [ 15.382548] ret_from_fork_asm+0x1a/0x30 [ 15.382579] </TASK> [ 15.382592] [ 15.395309] Allocated by task 278: [ 15.395730] kasan_save_stack+0x45/0x70 [ 15.396024] kasan_save_track+0x18/0x40 [ 15.396435] kasan_save_alloc_info+0x3b/0x50 [ 15.396825] __kasan_kmalloc+0xb7/0xc0 [ 15.397180] __kmalloc_cache_noprof+0x189/0x420 [ 15.397397] kasan_bitops_generic+0x92/0x1c0 [ 15.397762] kunit_try_run_case+0x1a5/0x480 [ 15.398143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.398400] kthread+0x337/0x6f0 [ 15.398583] ret_from_fork+0x116/0x1d0 [ 15.398774] ret_from_fork_asm+0x1a/0x30 [ 15.398969] [ 15.399459] The buggy address belongs to the object at ffff8881022bacc0 [ 15.399459] which belongs to the cache kmalloc-16 of size 16 [ 15.400430] The buggy address is located 8 bytes inside of [ 15.400430] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.401225] [ 15.401314] The buggy address belongs to the physical page: [ 15.401762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.402262] flags: 0x200000000000000(node=0|zone=2) [ 15.402651] page_type: f5(slab) [ 15.402901] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.403427] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.403857] page dumped because: kasan: bad access detected [ 15.404427] [ 15.404523] Memory state around the buggy address: [ 15.404912] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.405250] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.405585] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.405860] ^ [ 15.406133] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.406461] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.406769] ================================================================== [ 15.496262] ================================================================== [ 15.497011] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.497515] Read of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.498420] [ 15.498550] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.498597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.498609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.498632] Call Trace: [ 15.498651] <TASK> [ 15.498669] dump_stack_lvl+0x73/0xb0 [ 15.498722] print_report+0xd1/0x650 [ 15.498744] ? __virt_addr_valid+0x1db/0x2d0 [ 15.498768] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.498794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.498819] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.498846] kasan_report+0x141/0x180 [ 15.498867] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.498898] kasan_check_range+0x10c/0x1c0 [ 15.498921] __kasan_check_read+0x15/0x20 [ 15.498939] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.498966] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.498993] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.499017] ? trace_hardirqs_on+0x37/0xe0 [ 15.499053] ? kasan_bitops_generic+0x92/0x1c0 [ 15.499080] kasan_bitops_generic+0x121/0x1c0 [ 15.499103] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.499126] ? __pfx_read_tsc+0x10/0x10 [ 15.499147] ? ktime_get_ts64+0x86/0x230 [ 15.499171] kunit_try_run_case+0x1a5/0x480 [ 15.499267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.499288] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.499313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.499336] ? __kthread_parkme+0x82/0x180 [ 15.499357] ? preempt_count_sub+0x50/0x80 [ 15.499380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.499403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.499426] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.499449] kthread+0x337/0x6f0 [ 15.499468] ? trace_preempt_on+0x20/0xc0 [ 15.499490] ? __pfx_kthread+0x10/0x10 [ 15.499511] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.499532] ? calculate_sigpending+0x7b/0xa0 [ 15.499556] ? __pfx_kthread+0x10/0x10 [ 15.499576] ret_from_fork+0x116/0x1d0 [ 15.499596] ? __pfx_kthread+0x10/0x10 [ 15.499616] ret_from_fork_asm+0x1a/0x30 [ 15.499647] </TASK> [ 15.499658] [ 15.508910] Allocated by task 278: [ 15.509176] kasan_save_stack+0x45/0x70 [ 15.509425] kasan_save_track+0x18/0x40 [ 15.509664] kasan_save_alloc_info+0x3b/0x50 [ 15.509875] __kasan_kmalloc+0xb7/0xc0 [ 15.510142] __kmalloc_cache_noprof+0x189/0x420 [ 15.510556] kasan_bitops_generic+0x92/0x1c0 [ 15.510779] kunit_try_run_case+0x1a5/0x480 [ 15.510974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.511366] kthread+0x337/0x6f0 [ 15.511489] ret_from_fork+0x116/0x1d0 [ 15.511643] ret_from_fork_asm+0x1a/0x30 [ 15.511938] [ 15.512022] The buggy address belongs to the object at ffff8881022bacc0 [ 15.512022] which belongs to the cache kmalloc-16 of size 16 [ 15.512449] The buggy address is located 8 bytes inside of [ 15.512449] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.513189] [ 15.513263] The buggy address belongs to the physical page: [ 15.513433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.514053] flags: 0x200000000000000(node=0|zone=2) [ 15.514479] page_type: f5(slab) [ 15.514683] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.514947] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.515255] page dumped because: kasan: bad access detected [ 15.515758] [ 15.515880] Memory state around the buggy address: [ 15.516223] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.516551] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.516851] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.517077] ^ [ 15.517301] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.517691] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.518031] ================================================================== [ 15.437518] ================================================================== [ 15.437865] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.438714] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.439348] [ 15.439467] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.439697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.439713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.439736] Call Trace: [ 15.439755] <TASK> [ 15.439774] dump_stack_lvl+0x73/0xb0 [ 15.439803] print_report+0xd1/0x650 [ 15.439825] ? __virt_addr_valid+0x1db/0x2d0 [ 15.439848] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.439874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.439899] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.439926] kasan_report+0x141/0x180 [ 15.439946] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.439977] kasan_check_range+0x10c/0x1c0 [ 15.439999] __kasan_check_write+0x18/0x20 [ 15.440018] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.440123] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.440156] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.440181] ? trace_hardirqs_on+0x37/0xe0 [ 15.440201] ? kasan_bitops_generic+0x92/0x1c0 [ 15.440228] kasan_bitops_generic+0x121/0x1c0 [ 15.440250] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.440274] ? __pfx_read_tsc+0x10/0x10 [ 15.440294] ? ktime_get_ts64+0x86/0x230 [ 15.440318] kunit_try_run_case+0x1a5/0x480 [ 15.440342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.440362] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.440386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.440408] ? __kthread_parkme+0x82/0x180 [ 15.440428] ? preempt_count_sub+0x50/0x80 [ 15.440450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.440473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.440513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.440536] kthread+0x337/0x6f0 [ 15.440554] ? trace_preempt_on+0x20/0xc0 [ 15.440575] ? __pfx_kthread+0x10/0x10 [ 15.440596] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.440615] ? calculate_sigpending+0x7b/0xa0 [ 15.440638] ? __pfx_kthread+0x10/0x10 [ 15.440660] ret_from_fork+0x116/0x1d0 [ 15.440678] ? __pfx_kthread+0x10/0x10 [ 15.440697] ret_from_fork_asm+0x1a/0x30 [ 15.440727] </TASK> [ 15.440739] [ 15.453869] Allocated by task 278: [ 15.454016] kasan_save_stack+0x45/0x70 [ 15.454515] kasan_save_track+0x18/0x40 [ 15.454708] kasan_save_alloc_info+0x3b/0x50 [ 15.455013] __kasan_kmalloc+0xb7/0xc0 [ 15.455420] __kmalloc_cache_noprof+0x189/0x420 [ 15.455653] kasan_bitops_generic+0x92/0x1c0 [ 15.455864] kunit_try_run_case+0x1a5/0x480 [ 15.456070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.456666] kthread+0x337/0x6f0 [ 15.456937] ret_from_fork+0x116/0x1d0 [ 15.457440] ret_from_fork_asm+0x1a/0x30 [ 15.457761] [ 15.457864] The buggy address belongs to the object at ffff8881022bacc0 [ 15.457864] which belongs to the cache kmalloc-16 of size 16 [ 15.458688] The buggy address is located 8 bytes inside of [ 15.458688] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.459424] [ 15.459722] The buggy address belongs to the physical page: [ 15.460135] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.460659] flags: 0x200000000000000(node=0|zone=2) [ 15.460892] page_type: f5(slab) [ 15.461242] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.461842] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.462439] page dumped because: kasan: bad access detected [ 15.462705] [ 15.462780] Memory state around the buggy address: [ 15.463294] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.463797] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.464252] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.464682] ^ [ 15.464894] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.465558] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.465974] ================================================================== [ 15.518745] ================================================================== [ 15.519061] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.519499] Read of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.519868] [ 15.520069] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.520114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.520126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.520147] Call Trace: [ 15.520166] <TASK> [ 15.520184] dump_stack_lvl+0x73/0xb0 [ 15.520211] print_report+0xd1/0x650 [ 15.520233] ? __virt_addr_valid+0x1db/0x2d0 [ 15.520256] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.520346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.520395] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.520422] kasan_report+0x141/0x180 [ 15.520444] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.520476] __asan_report_load8_noabort+0x18/0x20 [ 15.520500] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.520527] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.520572] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.520595] ? trace_hardirqs_on+0x37/0xe0 [ 15.520616] ? kasan_bitops_generic+0x92/0x1c0 [ 15.520644] kasan_bitops_generic+0x121/0x1c0 [ 15.520666] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.520691] ? __pfx_read_tsc+0x10/0x10 [ 15.520712] ? ktime_get_ts64+0x86/0x230 [ 15.520755] kunit_try_run_case+0x1a5/0x480 [ 15.520779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.520801] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.520824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.520847] ? __kthread_parkme+0x82/0x180 [ 15.520868] ? preempt_count_sub+0x50/0x80 [ 15.520891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.520914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.520936] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.520960] kthread+0x337/0x6f0 [ 15.520979] ? trace_preempt_on+0x20/0xc0 [ 15.521018] ? __pfx_kthread+0x10/0x10 [ 15.521038] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.521104] ? calculate_sigpending+0x7b/0xa0 [ 15.521131] ? __pfx_kthread+0x10/0x10 [ 15.521151] ret_from_fork+0x116/0x1d0 [ 15.521170] ? __pfx_kthread+0x10/0x10 [ 15.521209] ret_from_fork_asm+0x1a/0x30 [ 15.521242] </TASK> [ 15.521253] [ 15.530912] Allocated by task 278: [ 15.531204] kasan_save_stack+0x45/0x70 [ 15.531405] kasan_save_track+0x18/0x40 [ 15.531662] kasan_save_alloc_info+0x3b/0x50 [ 15.531875] __kasan_kmalloc+0xb7/0xc0 [ 15.532054] __kmalloc_cache_noprof+0x189/0x420 [ 15.532350] kasan_bitops_generic+0x92/0x1c0 [ 15.532600] kunit_try_run_case+0x1a5/0x480 [ 15.532841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.533161] kthread+0x337/0x6f0 [ 15.533338] ret_from_fork+0x116/0x1d0 [ 15.533523] ret_from_fork_asm+0x1a/0x30 [ 15.533684] [ 15.533757] The buggy address belongs to the object at ffff8881022bacc0 [ 15.533757] which belongs to the cache kmalloc-16 of size 16 [ 15.534735] The buggy address is located 8 bytes inside of [ 15.534735] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.535441] [ 15.535561] The buggy address belongs to the physical page: [ 15.535743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.536179] flags: 0x200000000000000(node=0|zone=2) [ 15.536447] page_type: f5(slab) [ 15.536661] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.536996] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.537421] page dumped because: kasan: bad access detected [ 15.537686] [ 15.537775] Memory state around the buggy address: [ 15.538024] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.538558] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.538821] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.539165] ^ [ 15.539410] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.539738] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.540003] ================================================================== [ 15.466735] ================================================================== [ 15.467452] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.467973] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.468558] [ 15.468776] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.468824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.468837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.468858] Call Trace: [ 15.468876] <TASK> [ 15.468894] dump_stack_lvl+0x73/0xb0 [ 15.468923] print_report+0xd1/0x650 [ 15.468944] ? __virt_addr_valid+0x1db/0x2d0 [ 15.468966] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.468993] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.469020] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.469059] kasan_report+0x141/0x180 [ 15.469080] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.469112] kasan_check_range+0x10c/0x1c0 [ 15.469135] __kasan_check_write+0x18/0x20 [ 15.469153] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.469179] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.469206] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.469230] ? trace_hardirqs_on+0x37/0xe0 [ 15.469252] ? kasan_bitops_generic+0x92/0x1c0 [ 15.469278] kasan_bitops_generic+0x121/0x1c0 [ 15.469301] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.469325] ? __pfx_read_tsc+0x10/0x10 [ 15.469346] ? ktime_get_ts64+0x86/0x230 [ 15.469370] kunit_try_run_case+0x1a5/0x480 [ 15.469394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.469415] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.469439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.469460] ? __kthread_parkme+0x82/0x180 [ 15.469480] ? preempt_count_sub+0x50/0x80 [ 15.469503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.469526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.469548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.469578] kthread+0x337/0x6f0 [ 15.469596] ? trace_preempt_on+0x20/0xc0 [ 15.469618] ? __pfx_kthread+0x10/0x10 [ 15.469638] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.469659] ? calculate_sigpending+0x7b/0xa0 [ 15.469682] ? __pfx_kthread+0x10/0x10 [ 15.469703] ret_from_fork+0x116/0x1d0 [ 15.469721] ? __pfx_kthread+0x10/0x10 [ 15.469741] ret_from_fork_asm+0x1a/0x30 [ 15.469772] </TASK> [ 15.469784] [ 15.482815] Allocated by task 278: [ 15.483374] kasan_save_stack+0x45/0x70 [ 15.483666] kasan_save_track+0x18/0x40 [ 15.483960] kasan_save_alloc_info+0x3b/0x50 [ 15.484262] __kasan_kmalloc+0xb7/0xc0 [ 15.484673] __kmalloc_cache_noprof+0x189/0x420 [ 15.484887] kasan_bitops_generic+0x92/0x1c0 [ 15.485383] kunit_try_run_case+0x1a5/0x480 [ 15.485547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.485904] kthread+0x337/0x6f0 [ 15.486433] ret_from_fork+0x116/0x1d0 [ 15.486624] ret_from_fork_asm+0x1a/0x30 [ 15.486974] [ 15.487185] The buggy address belongs to the object at ffff8881022bacc0 [ 15.487185] which belongs to the cache kmalloc-16 of size 16 [ 15.487917] The buggy address is located 8 bytes inside of [ 15.487917] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.488723] [ 15.488981] The buggy address belongs to the physical page: [ 15.489413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.489901] flags: 0x200000000000000(node=0|zone=2) [ 15.490311] page_type: f5(slab) [ 15.490763] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.491230] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.491712] page dumped because: kasan: bad access detected [ 15.491965] [ 15.492091] Memory state around the buggy address: [ 15.492542] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.492861] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.493430] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.493893] ^ [ 15.494340] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.494956] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.495567] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 15.228371] ================================================================== [ 15.229114] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.229794] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.230576] [ 15.230699] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.230747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.230759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.230781] Call Trace: [ 15.230800] <TASK> [ 15.230817] dump_stack_lvl+0x73/0xb0 [ 15.230848] print_report+0xd1/0x650 [ 15.230870] ? __virt_addr_valid+0x1db/0x2d0 [ 15.230894] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.230919] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.230944] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.230969] kasan_report+0x141/0x180 [ 15.230991] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.231021] kasan_check_range+0x10c/0x1c0 [ 15.231054] __kasan_check_write+0x18/0x20 [ 15.231072] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.231096] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.231123] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.231146] ? trace_hardirqs_on+0x37/0xe0 [ 15.231168] ? kasan_bitops_generic+0x92/0x1c0 [ 15.231194] kasan_bitops_generic+0x116/0x1c0 [ 15.231216] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.231240] ? __pfx_read_tsc+0x10/0x10 [ 15.231261] ? ktime_get_ts64+0x86/0x230 [ 15.231285] kunit_try_run_case+0x1a5/0x480 [ 15.231308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.231329] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.231352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.231375] ? __kthread_parkme+0x82/0x180 [ 15.231394] ? preempt_count_sub+0x50/0x80 [ 15.231417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.231440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.231462] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.231484] kthread+0x337/0x6f0 [ 15.231502] ? trace_preempt_on+0x20/0xc0 [ 15.231523] ? __pfx_kthread+0x10/0x10 [ 15.231542] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.231562] ? calculate_sigpending+0x7b/0xa0 [ 15.231585] ? __pfx_kthread+0x10/0x10 [ 15.231606] ret_from_fork+0x116/0x1d0 [ 15.231623] ? __pfx_kthread+0x10/0x10 [ 15.231643] ret_from_fork_asm+0x1a/0x30 [ 15.231673] </TASK> [ 15.231685] [ 15.245688] Allocated by task 278: [ 15.245871] kasan_save_stack+0x45/0x70 [ 15.246234] kasan_save_track+0x18/0x40 [ 15.246552] kasan_save_alloc_info+0x3b/0x50 [ 15.246864] __kasan_kmalloc+0xb7/0xc0 [ 15.247240] __kmalloc_cache_noprof+0x189/0x420 [ 15.247556] kasan_bitops_generic+0x92/0x1c0 [ 15.247904] kunit_try_run_case+0x1a5/0x480 [ 15.248408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.248667] kthread+0x337/0x6f0 [ 15.248842] ret_from_fork+0x116/0x1d0 [ 15.249448] ret_from_fork_asm+0x1a/0x30 [ 15.249909] [ 15.250012] The buggy address belongs to the object at ffff8881022bacc0 [ 15.250012] which belongs to the cache kmalloc-16 of size 16 [ 15.250953] The buggy address is located 8 bytes inside of [ 15.250953] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.251818] [ 15.252034] The buggy address belongs to the physical page: [ 15.252452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.252921] flags: 0x200000000000000(node=0|zone=2) [ 15.253457] page_type: f5(slab) [ 15.253814] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.254370] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.254923] page dumped because: kasan: bad access detected [ 15.255344] [ 15.255669] Memory state around the buggy address: [ 15.255907] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.256621] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.256954] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.257338] ^ [ 15.257987] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.258461] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.259248] ================================================================== [ 15.037893] ================================================================== [ 15.038314] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.038587] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.038814] [ 15.038911] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.038958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.038970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.038992] Call Trace: [ 15.039005] <TASK> [ 15.039022] dump_stack_lvl+0x73/0xb0 [ 15.039063] print_report+0xd1/0x650 [ 15.039085] ? __virt_addr_valid+0x1db/0x2d0 [ 15.039108] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.039133] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.039158] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.039182] kasan_report+0x141/0x180 [ 15.039203] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.039232] kasan_check_range+0x10c/0x1c0 [ 15.039255] __kasan_check_write+0x18/0x20 [ 15.039273] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.039297] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.039322] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.039346] ? trace_hardirqs_on+0x37/0xe0 [ 15.039369] ? kasan_bitops_generic+0x92/0x1c0 [ 15.039395] kasan_bitops_generic+0x116/0x1c0 [ 15.039417] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.039442] ? __pfx_read_tsc+0x10/0x10 [ 15.039462] ? ktime_get_ts64+0x86/0x230 [ 15.039487] kunit_try_run_case+0x1a5/0x480 [ 15.039512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.039533] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.039558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.039580] ? __kthread_parkme+0x82/0x180 [ 15.039600] ? preempt_count_sub+0x50/0x80 [ 15.039624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.039647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.039669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.039691] kthread+0x337/0x6f0 [ 15.039710] ? trace_preempt_on+0x20/0xc0 [ 15.039730] ? __pfx_kthread+0x10/0x10 [ 15.039750] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.039770] ? calculate_sigpending+0x7b/0xa0 [ 15.039793] ? __pfx_kthread+0x10/0x10 [ 15.039815] ret_from_fork+0x116/0x1d0 [ 15.039832] ? __pfx_kthread+0x10/0x10 [ 15.039851] ret_from_fork_asm+0x1a/0x30 [ 15.039882] </TASK> [ 15.039893] [ 15.053625] Allocated by task 278: [ 15.054184] kasan_save_stack+0x45/0x70 [ 15.054394] kasan_save_track+0x18/0x40 [ 15.054608] kasan_save_alloc_info+0x3b/0x50 [ 15.055203] __kasan_kmalloc+0xb7/0xc0 [ 15.055670] __kmalloc_cache_noprof+0x189/0x420 [ 15.055893] kasan_bitops_generic+0x92/0x1c0 [ 15.056423] kunit_try_run_case+0x1a5/0x480 [ 15.056867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.057361] kthread+0x337/0x6f0 [ 15.057763] ret_from_fork+0x116/0x1d0 [ 15.058420] ret_from_fork_asm+0x1a/0x30 [ 15.058758] [ 15.058866] The buggy address belongs to the object at ffff8881022bacc0 [ 15.058866] which belongs to the cache kmalloc-16 of size 16 [ 15.059914] The buggy address is located 8 bytes inside of [ 15.059914] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.060832] [ 15.061088] The buggy address belongs to the physical page: [ 15.061349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.061984] flags: 0x200000000000000(node=0|zone=2) [ 15.062612] page_type: f5(slab) [ 15.062792] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.063528] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.063832] page dumped because: kasan: bad access detected [ 15.064496] [ 15.064624] Memory state around the buggy address: [ 15.064849] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.065432] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.065745] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.066452] ^ [ 15.066927] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.067529] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.067804] ================================================================== [ 15.196443] ================================================================== [ 15.196685] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.197885] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.198366] [ 15.198483] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.198732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.198750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.198773] Call Trace: [ 15.198792] <TASK> [ 15.198812] dump_stack_lvl+0x73/0xb0 [ 15.198844] print_report+0xd1/0x650 [ 15.198866] ? __virt_addr_valid+0x1db/0x2d0 [ 15.198889] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.198915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.198940] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.198964] kasan_report+0x141/0x180 [ 15.198986] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.199015] kasan_check_range+0x10c/0x1c0 [ 15.199038] __kasan_check_write+0x18/0x20 [ 15.199068] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.199093] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.199118] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.199142] ? trace_hardirqs_on+0x37/0xe0 [ 15.199163] ? kasan_bitops_generic+0x92/0x1c0 [ 15.199191] kasan_bitops_generic+0x116/0x1c0 [ 15.199213] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.199237] ? __pfx_read_tsc+0x10/0x10 [ 15.199259] ? ktime_get_ts64+0x86/0x230 [ 15.199283] kunit_try_run_case+0x1a5/0x480 [ 15.199308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.199328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.199352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.199373] ? __kthread_parkme+0x82/0x180 [ 15.199393] ? preempt_count_sub+0x50/0x80 [ 15.199416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.199439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.199461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.199483] kthread+0x337/0x6f0 [ 15.199501] ? trace_preempt_on+0x20/0xc0 [ 15.199522] ? __pfx_kthread+0x10/0x10 [ 15.199541] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.199561] ? calculate_sigpending+0x7b/0xa0 [ 15.199583] ? __pfx_kthread+0x10/0x10 [ 15.199604] ret_from_fork+0x116/0x1d0 [ 15.199621] ? __pfx_kthread+0x10/0x10 [ 15.199641] ret_from_fork_asm+0x1a/0x30 [ 15.199672] </TASK> [ 15.199683] [ 15.213878] Allocated by task 278: [ 15.214318] kasan_save_stack+0x45/0x70 [ 15.214720] kasan_save_track+0x18/0x40 [ 15.215008] kasan_save_alloc_info+0x3b/0x50 [ 15.215411] __kasan_kmalloc+0xb7/0xc0 [ 15.215772] __kmalloc_cache_noprof+0x189/0x420 [ 15.216292] kasan_bitops_generic+0x92/0x1c0 [ 15.216520] kunit_try_run_case+0x1a5/0x480 [ 15.216862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.217500] kthread+0x337/0x6f0 [ 15.217658] ret_from_fork+0x116/0x1d0 [ 15.218020] ret_from_fork_asm+0x1a/0x30 [ 15.218344] [ 15.218450] The buggy address belongs to the object at ffff8881022bacc0 [ 15.218450] which belongs to the cache kmalloc-16 of size 16 [ 15.219614] The buggy address is located 8 bytes inside of [ 15.219614] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.220246] [ 15.220713] The buggy address belongs to the physical page: [ 15.220974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.221711] flags: 0x200000000000000(node=0|zone=2) [ 15.222217] page_type: f5(slab) [ 15.222393] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.222982] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.223670] page dumped because: kasan: bad access detected [ 15.224136] [ 15.224265] Memory state around the buggy address: [ 15.224727] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.225055] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.225432] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.226078] ^ [ 15.226458] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.227015] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.227518] ================================================================== [ 15.101831] ================================================================== [ 15.102609] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.102962] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.103760] [ 15.103883] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.103931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.103944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.103966] Call Trace: [ 15.103985] <TASK> [ 15.104003] dump_stack_lvl+0x73/0xb0 [ 15.104218] print_report+0xd1/0x650 [ 15.104249] ? __virt_addr_valid+0x1db/0x2d0 [ 15.104273] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.104298] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.104323] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.104348] kasan_report+0x141/0x180 [ 15.104369] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.104400] kasan_check_range+0x10c/0x1c0 [ 15.104422] __kasan_check_write+0x18/0x20 [ 15.104441] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.104466] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.104492] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.104532] ? trace_hardirqs_on+0x37/0xe0 [ 15.104554] ? kasan_bitops_generic+0x92/0x1c0 [ 15.104584] kasan_bitops_generic+0x116/0x1c0 [ 15.104608] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.104632] ? __pfx_read_tsc+0x10/0x10 [ 15.104652] ? ktime_get_ts64+0x86/0x230 [ 15.104676] kunit_try_run_case+0x1a5/0x480 [ 15.104699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.104721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.104745] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.104767] ? __kthread_parkme+0x82/0x180 [ 15.104787] ? preempt_count_sub+0x50/0x80 [ 15.104811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.104834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.104857] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.104879] kthread+0x337/0x6f0 [ 15.104897] ? trace_preempt_on+0x20/0xc0 [ 15.104918] ? __pfx_kthread+0x10/0x10 [ 15.104939] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.104959] ? calculate_sigpending+0x7b/0xa0 [ 15.104983] ? __pfx_kthread+0x10/0x10 [ 15.105004] ret_from_fork+0x116/0x1d0 [ 15.105022] ? __pfx_kthread+0x10/0x10 [ 15.105055] ret_from_fork_asm+0x1a/0x30 [ 15.105239] </TASK> [ 15.105253] [ 15.119721] Allocated by task 278: [ 15.119899] kasan_save_stack+0x45/0x70 [ 15.120440] kasan_save_track+0x18/0x40 [ 15.120707] kasan_save_alloc_info+0x3b/0x50 [ 15.120974] __kasan_kmalloc+0xb7/0xc0 [ 15.121417] __kmalloc_cache_noprof+0x189/0x420 [ 15.121832] kasan_bitops_generic+0x92/0x1c0 [ 15.122137] kunit_try_run_case+0x1a5/0x480 [ 15.122528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.122880] kthread+0x337/0x6f0 [ 15.123284] ret_from_fork+0x116/0x1d0 [ 15.123594] ret_from_fork_asm+0x1a/0x30 [ 15.123887] [ 15.124220] The buggy address belongs to the object at ffff8881022bacc0 [ 15.124220] which belongs to the cache kmalloc-16 of size 16 [ 15.124941] The buggy address is located 8 bytes inside of [ 15.124941] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.125809] [ 15.126090] The buggy address belongs to the physical page: [ 15.126526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.126978] flags: 0x200000000000000(node=0|zone=2) [ 15.127309] page_type: f5(slab) [ 15.127659] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.128181] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.128639] page dumped because: kasan: bad access detected [ 15.128963] [ 15.129097] Memory state around the buggy address: [ 15.129694] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.130316] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.130708] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.131084] ^ [ 15.131453] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.131865] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.132342] ================================================================== [ 15.165159] ================================================================== [ 15.166158] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.166672] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.167261] [ 15.167373] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.167643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.167657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.167680] Call Trace: [ 15.167699] <TASK> [ 15.167715] dump_stack_lvl+0x73/0xb0 [ 15.167746] print_report+0xd1/0x650 [ 15.167769] ? __virt_addr_valid+0x1db/0x2d0 [ 15.167791] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.167817] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.167843] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.167867] kasan_report+0x141/0x180 [ 15.167888] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.167919] kasan_check_range+0x10c/0x1c0 [ 15.167943] __kasan_check_write+0x18/0x20 [ 15.167963] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.167988] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.168014] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.168037] ? trace_hardirqs_on+0x37/0xe0 [ 15.168076] ? kasan_bitops_generic+0x92/0x1c0 [ 15.168102] kasan_bitops_generic+0x116/0x1c0 [ 15.168125] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.168149] ? __pfx_read_tsc+0x10/0x10 [ 15.168168] ? ktime_get_ts64+0x86/0x230 [ 15.168192] kunit_try_run_case+0x1a5/0x480 [ 15.168215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.168236] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.168260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.168283] ? __kthread_parkme+0x82/0x180 [ 15.168302] ? preempt_count_sub+0x50/0x80 [ 15.168325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.168349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.168370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.168394] kthread+0x337/0x6f0 [ 15.168411] ? trace_preempt_on+0x20/0xc0 [ 15.168432] ? __pfx_kthread+0x10/0x10 [ 15.168451] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.168471] ? calculate_sigpending+0x7b/0xa0 [ 15.168494] ? __pfx_kthread+0x10/0x10 [ 15.168514] ret_from_fork+0x116/0x1d0 [ 15.168532] ? __pfx_kthread+0x10/0x10 [ 15.168553] ret_from_fork_asm+0x1a/0x30 [ 15.168583] </TASK> [ 15.168594] [ 15.182459] Allocated by task 278: [ 15.183134] kasan_save_stack+0x45/0x70 [ 15.183336] kasan_save_track+0x18/0x40 [ 15.183706] kasan_save_alloc_info+0x3b/0x50 [ 15.184022] __kasan_kmalloc+0xb7/0xc0 [ 15.184359] __kmalloc_cache_noprof+0x189/0x420 [ 15.184761] kasan_bitops_generic+0x92/0x1c0 [ 15.185262] kunit_try_run_case+0x1a5/0x480 [ 15.185491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.186056] kthread+0x337/0x6f0 [ 15.186424] ret_from_fork+0x116/0x1d0 [ 15.186748] ret_from_fork_asm+0x1a/0x30 [ 15.187052] [ 15.187269] The buggy address belongs to the object at ffff8881022bacc0 [ 15.187269] which belongs to the cache kmalloc-16 of size 16 [ 15.188226] The buggy address is located 8 bytes inside of [ 15.188226] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.188946] [ 15.189313] The buggy address belongs to the physical page: [ 15.189565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.190218] flags: 0x200000000000000(node=0|zone=2) [ 15.190546] page_type: f5(slab) [ 15.190726] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.191323] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.191682] page dumped because: kasan: bad access detected [ 15.191909] [ 15.192244] Memory state around the buggy address: [ 15.192796] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.193419] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.193869] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.194374] ^ [ 15.194701] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.195278] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.195733] ================================================================== [ 15.069788] ================================================================== [ 15.070368] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.070900] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.071702] [ 15.071831] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.072024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.072059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.072137] Call Trace: [ 15.072152] <TASK> [ 15.072171] dump_stack_lvl+0x73/0xb0 [ 15.072202] print_report+0xd1/0x650 [ 15.072224] ? __virt_addr_valid+0x1db/0x2d0 [ 15.072247] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.072271] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.072296] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.072321] kasan_report+0x141/0x180 [ 15.072342] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.072373] kasan_check_range+0x10c/0x1c0 [ 15.072397] __kasan_check_write+0x18/0x20 [ 15.072415] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.072440] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.072465] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.072489] ? trace_hardirqs_on+0x37/0xe0 [ 15.072511] ? kasan_bitops_generic+0x92/0x1c0 [ 15.072538] kasan_bitops_generic+0x116/0x1c0 [ 15.072560] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.072584] ? __pfx_read_tsc+0x10/0x10 [ 15.072605] ? ktime_get_ts64+0x86/0x230 [ 15.072629] kunit_try_run_case+0x1a5/0x480 [ 15.072652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.072674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.072698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.072721] ? __kthread_parkme+0x82/0x180 [ 15.072741] ? preempt_count_sub+0x50/0x80 [ 15.072764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.072788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.072811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.072833] kthread+0x337/0x6f0 [ 15.072852] ? trace_preempt_on+0x20/0xc0 [ 15.072873] ? __pfx_kthread+0x10/0x10 [ 15.072893] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.072914] ? calculate_sigpending+0x7b/0xa0 [ 15.072937] ? __pfx_kthread+0x10/0x10 [ 15.072958] ret_from_fork+0x116/0x1d0 [ 15.072976] ? __pfx_kthread+0x10/0x10 [ 15.072996] ret_from_fork_asm+0x1a/0x30 [ 15.073026] </TASK> [ 15.073037] [ 15.086549] Allocated by task 278: [ 15.086945] kasan_save_stack+0x45/0x70 [ 15.087239] kasan_save_track+0x18/0x40 [ 15.087709] kasan_save_alloc_info+0x3b/0x50 [ 15.087875] __kasan_kmalloc+0xb7/0xc0 [ 15.088013] __kmalloc_cache_noprof+0x189/0x420 [ 15.088353] kasan_bitops_generic+0x92/0x1c0 [ 15.088997] kunit_try_run_case+0x1a5/0x480 [ 15.090008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.090534] kthread+0x337/0x6f0 [ 15.090704] ret_from_fork+0x116/0x1d0 [ 15.090902] ret_from_fork_asm+0x1a/0x30 [ 15.091104] [ 15.091206] The buggy address belongs to the object at ffff8881022bacc0 [ 15.091206] which belongs to the cache kmalloc-16 of size 16 [ 15.092315] The buggy address is located 8 bytes inside of [ 15.092315] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.092983] [ 15.093142] The buggy address belongs to the physical page: [ 15.093623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.094716] flags: 0x200000000000000(node=0|zone=2) [ 15.095270] page_type: f5(slab) [ 15.095420] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.096063] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.096901] page dumped because: kasan: bad access detected [ 15.097406] [ 15.097858] Memory state around the buggy address: [ 15.098204] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.098771] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.099145] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.099615] ^ [ 15.099960] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.100456] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.100886] ================================================================== [ 15.133051] ================================================================== [ 15.133771] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.134381] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.135025] [ 15.135212] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.135261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.135273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.135296] Call Trace: [ 15.135315] <TASK> [ 15.135332] dump_stack_lvl+0x73/0xb0 [ 15.135362] print_report+0xd1/0x650 [ 15.135384] ? __virt_addr_valid+0x1db/0x2d0 [ 15.135407] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.135431] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.135457] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.135482] kasan_report+0x141/0x180 [ 15.135504] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.135534] kasan_check_range+0x10c/0x1c0 [ 15.135557] __kasan_check_write+0x18/0x20 [ 15.135576] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.135601] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.135626] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.135650] ? trace_hardirqs_on+0x37/0xe0 [ 15.135672] ? kasan_bitops_generic+0x92/0x1c0 [ 15.135699] kasan_bitops_generic+0x116/0x1c0 [ 15.135721] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.135746] ? __pfx_read_tsc+0x10/0x10 [ 15.135767] ? ktime_get_ts64+0x86/0x230 [ 15.135790] kunit_try_run_case+0x1a5/0x480 [ 15.135814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.135835] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.135859] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.135881] ? __kthread_parkme+0x82/0x180 [ 15.135901] ? preempt_count_sub+0x50/0x80 [ 15.135924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.135947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.135969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.135993] kthread+0x337/0x6f0 [ 15.136011] ? trace_preempt_on+0x20/0xc0 [ 15.136032] ? __pfx_kthread+0x10/0x10 [ 15.136306] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.136330] ? calculate_sigpending+0x7b/0xa0 [ 15.136370] ? __pfx_kthread+0x10/0x10 [ 15.136393] ret_from_fork+0x116/0x1d0 [ 15.136411] ? __pfx_kthread+0x10/0x10 [ 15.136432] ret_from_fork_asm+0x1a/0x30 [ 15.136463] </TASK> [ 15.136474] [ 15.151079] Allocated by task 278: [ 15.151436] kasan_save_stack+0x45/0x70 [ 15.151849] kasan_save_track+0x18/0x40 [ 15.152130] kasan_save_alloc_info+0x3b/0x50 [ 15.152502] __kasan_kmalloc+0xb7/0xc0 [ 15.152795] __kmalloc_cache_noprof+0x189/0x420 [ 15.153246] kasan_bitops_generic+0x92/0x1c0 [ 15.153436] kunit_try_run_case+0x1a5/0x480 [ 15.153924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.154156] kthread+0x337/0x6f0 [ 15.154725] ret_from_fork+0x116/0x1d0 [ 15.155008] ret_from_fork_asm+0x1a/0x30 [ 15.155527] [ 15.155782] The buggy address belongs to the object at ffff8881022bacc0 [ 15.155782] which belongs to the cache kmalloc-16 of size 16 [ 15.156589] The buggy address is located 8 bytes inside of [ 15.156589] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.157525] [ 15.157623] The buggy address belongs to the physical page: [ 15.157987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.158686] flags: 0x200000000000000(node=0|zone=2) [ 15.159005] page_type: f5(slab) [ 15.159341] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.159898] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.160531] page dumped because: kasan: bad access detected [ 15.160854] [ 15.160943] Memory state around the buggy address: [ 15.161222] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.162031] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.162707] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.163237] ^ [ 15.163469] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.163959] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.164377] ================================================================== [ 15.259861] ================================================================== [ 15.260586] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.261311] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.261953] [ 15.262201] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.262353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.262370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.262391] Call Trace: [ 15.262407] <TASK> [ 15.262425] dump_stack_lvl+0x73/0xb0 [ 15.262454] print_report+0xd1/0x650 [ 15.262476] ? __virt_addr_valid+0x1db/0x2d0 [ 15.262498] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.262523] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.262548] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.262572] kasan_report+0x141/0x180 [ 15.262595] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.262624] kasan_check_range+0x10c/0x1c0 [ 15.262647] __kasan_check_write+0x18/0x20 [ 15.262666] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.262689] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.262715] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.262737] ? trace_hardirqs_on+0x37/0xe0 [ 15.262757] ? kasan_bitops_generic+0x92/0x1c0 [ 15.262785] kasan_bitops_generic+0x116/0x1c0 [ 15.262808] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.262833] ? __pfx_read_tsc+0x10/0x10 [ 15.262854] ? ktime_get_ts64+0x86/0x230 [ 15.262876] kunit_try_run_case+0x1a5/0x480 [ 15.262899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.262921] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.262943] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.262965] ? __kthread_parkme+0x82/0x180 [ 15.262985] ? preempt_count_sub+0x50/0x80 [ 15.263007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.263030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.263065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.263087] kthread+0x337/0x6f0 [ 15.263105] ? trace_preempt_on+0x20/0xc0 [ 15.263126] ? __pfx_kthread+0x10/0x10 [ 15.263145] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.263165] ? calculate_sigpending+0x7b/0xa0 [ 15.263188] ? __pfx_kthread+0x10/0x10 [ 15.263208] ret_from_fork+0x116/0x1d0 [ 15.263226] ? __pfx_kthread+0x10/0x10 [ 15.263245] ret_from_fork_asm+0x1a/0x30 [ 15.263276] </TASK> [ 15.263287] [ 15.276959] Allocated by task 278: [ 15.277643] kasan_save_stack+0x45/0x70 [ 15.277846] kasan_save_track+0x18/0x40 [ 15.278232] kasan_save_alloc_info+0x3b/0x50 [ 15.278415] __kasan_kmalloc+0xb7/0xc0 [ 15.278642] __kmalloc_cache_noprof+0x189/0x420 [ 15.278860] kasan_bitops_generic+0x92/0x1c0 [ 15.279451] kunit_try_run_case+0x1a5/0x480 [ 15.279677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.280006] kthread+0x337/0x6f0 [ 15.280356] ret_from_fork+0x116/0x1d0 [ 15.280723] ret_from_fork_asm+0x1a/0x30 [ 15.281032] [ 15.281451] The buggy address belongs to the object at ffff8881022bacc0 [ 15.281451] which belongs to the cache kmalloc-16 of size 16 [ 15.282113] The buggy address is located 8 bytes inside of [ 15.282113] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.282863] [ 15.283017] The buggy address belongs to the physical page: [ 15.283468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.284055] flags: 0x200000000000000(node=0|zone=2) [ 15.284461] page_type: f5(slab) [ 15.284780] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.285358] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.285966] page dumped because: kasan: bad access detected [ 15.286568] [ 15.286655] Memory state around the buggy address: [ 15.286920] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.287422] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.287804] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.288396] ^ [ 15.288700] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.289395] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.289869] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 15.011191] ================================================================== [ 15.011677] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 15.011960] Read of size 1 at addr ffff888102b12e50 by task kunit_try_catch/276 [ 15.012246] [ 15.012337] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.012382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.012394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.012415] Call Trace: [ 15.012433] <TASK> [ 15.012451] dump_stack_lvl+0x73/0xb0 [ 15.012476] print_report+0xd1/0x650 [ 15.012497] ? __virt_addr_valid+0x1db/0x2d0 [ 15.012680] ? strnlen+0x73/0x80 [ 15.012705] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.012732] ? strnlen+0x73/0x80 [ 15.012749] kasan_report+0x141/0x180 [ 15.012771] ? strnlen+0x73/0x80 [ 15.012794] __asan_report_load1_noabort+0x18/0x20 [ 15.012819] strnlen+0x73/0x80 [ 15.012837] kasan_strings+0x615/0xe80 [ 15.012856] ? trace_hardirqs_on+0x37/0xe0 [ 15.012879] ? __pfx_kasan_strings+0x10/0x10 [ 15.012898] ? finish_task_switch.isra.0+0x153/0x700 [ 15.012919] ? __switch_to+0x47/0xf50 [ 15.012944] ? __schedule+0x10cc/0x2b60 [ 15.012966] ? __pfx_read_tsc+0x10/0x10 [ 15.012986] ? ktime_get_ts64+0x86/0x230 [ 15.013009] kunit_try_run_case+0x1a5/0x480 [ 15.013032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.013110] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.013135] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.013158] ? __kthread_parkme+0x82/0x180 [ 15.013178] ? preempt_count_sub+0x50/0x80 [ 15.013200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.013223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.013246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.013269] kthread+0x337/0x6f0 [ 15.013288] ? trace_preempt_on+0x20/0xc0 [ 15.013309] ? __pfx_kthread+0x10/0x10 [ 15.013329] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.013349] ? calculate_sigpending+0x7b/0xa0 [ 15.013372] ? __pfx_kthread+0x10/0x10 [ 15.013393] ret_from_fork+0x116/0x1d0 [ 15.013411] ? __pfx_kthread+0x10/0x10 [ 15.013430] ret_from_fork_asm+0x1a/0x30 [ 15.013461] </TASK> [ 15.013473] [ 15.022100] Allocated by task 276: [ 15.022249] kasan_save_stack+0x45/0x70 [ 15.022401] kasan_save_track+0x18/0x40 [ 15.022536] kasan_save_alloc_info+0x3b/0x50 [ 15.022909] __kasan_kmalloc+0xb7/0xc0 [ 15.023287] __kmalloc_cache_noprof+0x189/0x420 [ 15.023516] kasan_strings+0xc0/0xe80 [ 15.023716] kunit_try_run_case+0x1a5/0x480 [ 15.023926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.024192] kthread+0x337/0x6f0 [ 15.024322] ret_from_fork+0x116/0x1d0 [ 15.024454] ret_from_fork_asm+0x1a/0x30 [ 15.024593] [ 15.024679] Freed by task 276: [ 15.024836] kasan_save_stack+0x45/0x70 [ 15.025026] kasan_save_track+0x18/0x40 [ 15.025302] kasan_save_free_info+0x3f/0x60 [ 15.025449] __kasan_slab_free+0x56/0x70 [ 15.025589] kfree+0x222/0x3f0 [ 15.025705] kasan_strings+0x2aa/0xe80 [ 15.026118] kunit_try_run_case+0x1a5/0x480 [ 15.026353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.026732] kthread+0x337/0x6f0 [ 15.026902] ret_from_fork+0x116/0x1d0 [ 15.027175] ret_from_fork_asm+0x1a/0x30 [ 15.027389] [ 15.027485] The buggy address belongs to the object at ffff888102b12e40 [ 15.027485] which belongs to the cache kmalloc-32 of size 32 [ 15.027962] The buggy address is located 16 bytes inside of [ 15.027962] freed 32-byte region [ffff888102b12e40, ffff888102b12e60) [ 15.028447] [ 15.028528] The buggy address belongs to the physical page: [ 15.028784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b12 [ 15.029159] flags: 0x200000000000000(node=0|zone=2) [ 15.029573] page_type: f5(slab) [ 15.029761] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.030197] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 15.030436] page dumped because: kasan: bad access detected [ 15.030609] [ 15.030699] Memory state around the buggy address: [ 15.030974] ffff888102b12d00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.031565] ffff888102b12d80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.031801] >ffff888102b12e00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.032014] ^ [ 15.032603] ffff888102b12e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.033358] ffff888102b12f00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.033990] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.988356] ================================================================== [ 14.988722] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.988978] Read of size 1 at addr ffff888102b12e50 by task kunit_try_catch/276 [ 14.989300] [ 14.989387] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.989430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.989442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.989463] Call Trace: [ 14.989479] <TASK> [ 14.989494] dump_stack_lvl+0x73/0xb0 [ 14.989519] print_report+0xd1/0x650 [ 14.989540] ? __virt_addr_valid+0x1db/0x2d0 [ 14.989569] ? strlen+0x8f/0xb0 [ 14.989586] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.989611] ? strlen+0x8f/0xb0 [ 14.989628] kasan_report+0x141/0x180 [ 14.989648] ? strlen+0x8f/0xb0 [ 14.989670] __asan_report_load1_noabort+0x18/0x20 [ 14.989693] strlen+0x8f/0xb0 [ 14.989711] kasan_strings+0x57b/0xe80 [ 14.989730] ? trace_hardirqs_on+0x37/0xe0 [ 14.989753] ? __pfx_kasan_strings+0x10/0x10 [ 14.989772] ? finish_task_switch.isra.0+0x153/0x700 [ 14.989793] ? __switch_to+0x47/0xf50 [ 14.989816] ? __schedule+0x10cc/0x2b60 [ 14.989838] ? __pfx_read_tsc+0x10/0x10 [ 14.989858] ? ktime_get_ts64+0x86/0x230 [ 14.989882] kunit_try_run_case+0x1a5/0x480 [ 14.989904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.989925] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.989948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.989970] ? __kthread_parkme+0x82/0x180 [ 14.989989] ? preempt_count_sub+0x50/0x80 [ 14.990012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.990034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.990068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.990091] kthread+0x337/0x6f0 [ 14.990110] ? trace_preempt_on+0x20/0xc0 [ 14.990131] ? __pfx_kthread+0x10/0x10 [ 14.990151] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.990172] ? calculate_sigpending+0x7b/0xa0 [ 14.990195] ? __pfx_kthread+0x10/0x10 [ 14.990216] ret_from_fork+0x116/0x1d0 [ 14.990234] ? __pfx_kthread+0x10/0x10 [ 14.990253] ret_from_fork_asm+0x1a/0x30 [ 14.990283] </TASK> [ 14.990294] [ 14.999037] Allocated by task 276: [ 14.999361] kasan_save_stack+0x45/0x70 [ 14.999924] kasan_save_track+0x18/0x40 [ 15.000257] kasan_save_alloc_info+0x3b/0x50 [ 15.000418] __kasan_kmalloc+0xb7/0xc0 [ 15.000551] __kmalloc_cache_noprof+0x189/0x420 [ 15.000937] kasan_strings+0xc0/0xe80 [ 15.001139] kunit_try_run_case+0x1a5/0x480 [ 15.001346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.001532] kthread+0x337/0x6f0 [ 15.001903] ret_from_fork+0x116/0x1d0 [ 15.002142] ret_from_fork_asm+0x1a/0x30 [ 15.002310] [ 15.002406] Freed by task 276: [ 15.002541] kasan_save_stack+0x45/0x70 [ 15.002729] kasan_save_track+0x18/0x40 [ 15.002893] kasan_save_free_info+0x3f/0x60 [ 15.003055] __kasan_slab_free+0x56/0x70 [ 15.003192] kfree+0x222/0x3f0 [ 15.003308] kasan_strings+0x2aa/0xe80 [ 15.003442] kunit_try_run_case+0x1a5/0x480 [ 15.003594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.003844] kthread+0x337/0x6f0 [ 15.004010] ret_from_fork+0x116/0x1d0 [ 15.004566] ret_from_fork_asm+0x1a/0x30 [ 15.004740] [ 15.004813] The buggy address belongs to the object at ffff888102b12e40 [ 15.004813] which belongs to the cache kmalloc-32 of size 32 [ 15.005558] The buggy address is located 16 bytes inside of [ 15.005558] freed 32-byte region [ffff888102b12e40, ffff888102b12e60) [ 15.006260] [ 15.006364] The buggy address belongs to the physical page: [ 15.006624] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b12 [ 15.006933] flags: 0x200000000000000(node=0|zone=2) [ 15.007114] page_type: f5(slab) [ 15.007236] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.007542] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 15.007879] page dumped because: kasan: bad access detected [ 15.008492] [ 15.008616] Memory state around the buggy address: [ 15.008800] ffff888102b12d00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.009019] ffff888102b12d80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.009250] >ffff888102b12e00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.009541] ^ [ 15.009912] ffff888102b12e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.010308] ffff888102b12f00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 15.010632] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.966444] ================================================================== [ 14.966833] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.967087] Read of size 1 at addr ffff888102b12e50 by task kunit_try_catch/276 [ 14.967415] [ 14.967741] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.967789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.967801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.967824] Call Trace: [ 14.967838] <TASK> [ 14.967854] dump_stack_lvl+0x73/0xb0 [ 14.967883] print_report+0xd1/0x650 [ 14.967905] ? __virt_addr_valid+0x1db/0x2d0 [ 14.967927] ? kasan_strings+0xcbc/0xe80 [ 14.967947] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.967972] ? kasan_strings+0xcbc/0xe80 [ 14.967993] kasan_report+0x141/0x180 [ 14.968014] ? kasan_strings+0xcbc/0xe80 [ 14.968052] __asan_report_load1_noabort+0x18/0x20 [ 14.968128] kasan_strings+0xcbc/0xe80 [ 14.968148] ? trace_hardirqs_on+0x37/0xe0 [ 14.968171] ? __pfx_kasan_strings+0x10/0x10 [ 14.968191] ? finish_task_switch.isra.0+0x153/0x700 [ 14.968212] ? __switch_to+0x47/0xf50 [ 14.968237] ? __schedule+0x10cc/0x2b60 [ 14.968259] ? __pfx_read_tsc+0x10/0x10 [ 14.968279] ? ktime_get_ts64+0x86/0x230 [ 14.968303] kunit_try_run_case+0x1a5/0x480 [ 14.968326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.968347] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.968370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.968393] ? __kthread_parkme+0x82/0x180 [ 14.968413] ? preempt_count_sub+0x50/0x80 [ 14.968436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.968459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.968482] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.968505] kthread+0x337/0x6f0 [ 14.968524] ? trace_preempt_on+0x20/0xc0 [ 14.968546] ? __pfx_kthread+0x10/0x10 [ 14.968566] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.968587] ? calculate_sigpending+0x7b/0xa0 [ 14.968610] ? __pfx_kthread+0x10/0x10 [ 14.968631] ret_from_fork+0x116/0x1d0 [ 14.968649] ? __pfx_kthread+0x10/0x10 [ 14.968669] ret_from_fork_asm+0x1a/0x30 [ 14.968700] </TASK> [ 14.968711] [ 14.976457] Allocated by task 276: [ 14.976594] kasan_save_stack+0x45/0x70 [ 14.976815] kasan_save_track+0x18/0x40 [ 14.977011] kasan_save_alloc_info+0x3b/0x50 [ 14.977229] __kasan_kmalloc+0xb7/0xc0 [ 14.977417] __kmalloc_cache_noprof+0x189/0x420 [ 14.977890] kasan_strings+0xc0/0xe80 [ 14.978161] kunit_try_run_case+0x1a5/0x480 [ 14.978377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.978782] kthread+0x337/0x6f0 [ 14.978956] ret_from_fork+0x116/0x1d0 [ 14.979422] ret_from_fork_asm+0x1a/0x30 [ 14.979627] [ 14.979719] Freed by task 276: [ 14.979881] kasan_save_stack+0x45/0x70 [ 14.980066] kasan_save_track+0x18/0x40 [ 14.980231] kasan_save_free_info+0x3f/0x60 [ 14.980376] __kasan_slab_free+0x56/0x70 [ 14.980514] kfree+0x222/0x3f0 [ 14.980684] kasan_strings+0x2aa/0xe80 [ 14.980881] kunit_try_run_case+0x1a5/0x480 [ 14.981102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.981357] kthread+0x337/0x6f0 [ 14.981540] ret_from_fork+0x116/0x1d0 [ 14.981823] ret_from_fork_asm+0x1a/0x30 [ 14.981994] [ 14.982164] The buggy address belongs to the object at ffff888102b12e40 [ 14.982164] which belongs to the cache kmalloc-32 of size 32 [ 14.982550] The buggy address is located 16 bytes inside of [ 14.982550] freed 32-byte region [ffff888102b12e40, ffff888102b12e60) [ 14.983032] [ 14.983137] The buggy address belongs to the physical page: [ 14.983508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b12 [ 14.984241] flags: 0x200000000000000(node=0|zone=2) [ 14.984428] page_type: f5(slab) [ 14.984634] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.984951] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 14.985369] page dumped because: kasan: bad access detected [ 14.985623] [ 14.985695] Memory state around the buggy address: [ 14.985849] ffff888102b12d00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.986162] ffff888102b12d80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.986498] >ffff888102b12e00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.986826] ^ [ 14.987253] ffff888102b12e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.987587] ffff888102b12f00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.987821] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.941906] ================================================================== [ 14.944192] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.944427] Read of size 1 at addr ffff888102b12e50 by task kunit_try_catch/276 [ 14.945000] [ 14.945242] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.945292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.945305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.945328] Call Trace: [ 14.945340] <TASK> [ 14.945359] dump_stack_lvl+0x73/0xb0 [ 14.945387] print_report+0xd1/0x650 [ 14.945412] ? __virt_addr_valid+0x1db/0x2d0 [ 14.945436] ? strcmp+0xb0/0xc0 [ 14.945452] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.945477] ? strcmp+0xb0/0xc0 [ 14.945503] kasan_report+0x141/0x180 [ 14.945525] ? strcmp+0xb0/0xc0 [ 14.945547] __asan_report_load1_noabort+0x18/0x20 [ 14.945574] strcmp+0xb0/0xc0 [ 14.945592] kasan_strings+0x431/0xe80 [ 14.945612] ? trace_hardirqs_on+0x37/0xe0 [ 14.945635] ? __pfx_kasan_strings+0x10/0x10 [ 14.945655] ? finish_task_switch.isra.0+0x153/0x700 [ 14.945677] ? __switch_to+0x47/0xf50 [ 14.945704] ? __schedule+0x10cc/0x2b60 [ 14.945726] ? __pfx_read_tsc+0x10/0x10 [ 14.945746] ? ktime_get_ts64+0x86/0x230 [ 14.945771] kunit_try_run_case+0x1a5/0x480 [ 14.945795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.945816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.945840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.945862] ? __kthread_parkme+0x82/0x180 [ 14.945882] ? preempt_count_sub+0x50/0x80 [ 14.945905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.945928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.945951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.945973] kthread+0x337/0x6f0 [ 14.945992] ? trace_preempt_on+0x20/0xc0 [ 14.946013] ? __pfx_kthread+0x10/0x10 [ 14.946033] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.946063] ? calculate_sigpending+0x7b/0xa0 [ 14.946088] ? __pfx_kthread+0x10/0x10 [ 14.946108] ret_from_fork+0x116/0x1d0 [ 14.946126] ? __pfx_kthread+0x10/0x10 [ 14.946146] ret_from_fork_asm+0x1a/0x30 [ 14.946177] </TASK> [ 14.946188] [ 14.955344] Allocated by task 276: [ 14.955487] kasan_save_stack+0x45/0x70 [ 14.955697] kasan_save_track+0x18/0x40 [ 14.955882] kasan_save_alloc_info+0x3b/0x50 [ 14.956029] __kasan_kmalloc+0xb7/0xc0 [ 14.956311] __kmalloc_cache_noprof+0x189/0x420 [ 14.956550] kasan_strings+0xc0/0xe80 [ 14.956746] kunit_try_run_case+0x1a5/0x480 [ 14.956929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.957278] kthread+0x337/0x6f0 [ 14.957435] ret_from_fork+0x116/0x1d0 [ 14.957576] ret_from_fork_asm+0x1a/0x30 [ 14.957714] [ 14.957840] Freed by task 276: [ 14.957998] kasan_save_stack+0x45/0x70 [ 14.958201] kasan_save_track+0x18/0x40 [ 14.958390] kasan_save_free_info+0x3f/0x60 [ 14.958589] __kasan_slab_free+0x56/0x70 [ 14.958726] kfree+0x222/0x3f0 [ 14.958842] kasan_strings+0x2aa/0xe80 [ 14.959166] kunit_try_run_case+0x1a5/0x480 [ 14.959394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.959672] kthread+0x337/0x6f0 [ 14.959841] ret_from_fork+0x116/0x1d0 [ 14.960005] ret_from_fork_asm+0x1a/0x30 [ 14.960232] [ 14.960307] The buggy address belongs to the object at ffff888102b12e40 [ 14.960307] which belongs to the cache kmalloc-32 of size 32 [ 14.960771] The buggy address is located 16 bytes inside of [ 14.960771] freed 32-byte region [ffff888102b12e40, ffff888102b12e60) [ 14.961263] [ 14.961456] The buggy address belongs to the physical page: [ 14.961759] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b12 [ 14.962004] flags: 0x200000000000000(node=0|zone=2) [ 14.962186] page_type: f5(slab) [ 14.962310] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.962649] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 14.962987] page dumped because: kasan: bad access detected [ 14.963526] [ 14.963631] Memory state around the buggy address: [ 14.963797] ffff888102b12d00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.964015] ffff888102b12d80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.964583] >ffff888102b12e00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.965010] ^ [ 14.965320] ffff888102b12e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.965649] ffff888102b12f00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.965865] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.905682] ================================================================== [ 14.906470] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.906752] Read of size 1 at addr ffff88810261dbd8 by task kunit_try_catch/274 [ 14.907081] [ 14.907494] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.907546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.907801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.907827] Call Trace: [ 14.907840] <TASK> [ 14.907857] dump_stack_lvl+0x73/0xb0 [ 14.907886] print_report+0xd1/0x650 [ 14.907911] ? __virt_addr_valid+0x1db/0x2d0 [ 14.907934] ? memcmp+0x1b4/0x1d0 [ 14.907951] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.907976] ? memcmp+0x1b4/0x1d0 [ 14.907994] kasan_report+0x141/0x180 [ 14.908015] ? memcmp+0x1b4/0x1d0 [ 14.908038] __asan_report_load1_noabort+0x18/0x20 [ 14.908123] memcmp+0x1b4/0x1d0 [ 14.908143] kasan_memcmp+0x18f/0x390 [ 14.908164] ? trace_hardirqs_on+0x37/0xe0 [ 14.908187] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.908208] ? __kasan_check_write+0x18/0x20 [ 14.908226] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.908252] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 14.908276] ? __pfx_read_tsc+0x10/0x10 [ 14.908296] ? ktime_get_ts64+0x86/0x230 [ 14.908320] kunit_try_run_case+0x1a5/0x480 [ 14.908344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.908365] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.908386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.908410] ? __kthread_parkme+0x82/0x180 [ 14.908430] ? preempt_count_sub+0x50/0x80 [ 14.908454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.908478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.908501] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.908523] kthread+0x337/0x6f0 [ 14.908542] ? trace_preempt_on+0x20/0xc0 [ 14.908563] ? __pfx_kthread+0x10/0x10 [ 14.908583] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.908604] ? calculate_sigpending+0x7b/0xa0 [ 14.908627] ? __pfx_kthread+0x10/0x10 [ 14.908648] ret_from_fork+0x116/0x1d0 [ 14.908666] ? __pfx_kthread+0x10/0x10 [ 14.908686] ret_from_fork_asm+0x1a/0x30 [ 14.908718] </TASK> [ 14.908730] [ 14.922062] Allocated by task 274: [ 14.922311] kasan_save_stack+0x45/0x70 [ 14.922587] kasan_save_track+0x18/0x40 [ 14.922760] kasan_save_alloc_info+0x3b/0x50 [ 14.922969] __kasan_kmalloc+0xb7/0xc0 [ 14.923490] __kmalloc_cache_noprof+0x189/0x420 [ 14.923684] kasan_memcmp+0xb7/0x390 [ 14.923974] kunit_try_run_case+0x1a5/0x480 [ 14.924371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.924879] kthread+0x337/0x6f0 [ 14.925060] ret_from_fork+0x116/0x1d0 [ 14.925420] ret_from_fork_asm+0x1a/0x30 [ 14.925670] [ 14.925766] The buggy address belongs to the object at ffff88810261dbc0 [ 14.925766] which belongs to the cache kmalloc-32 of size 32 [ 14.926634] The buggy address is located 0 bytes to the right of [ 14.926634] allocated 24-byte region [ffff88810261dbc0, ffff88810261dbd8) [ 14.927571] [ 14.927679] The buggy address belongs to the physical page: [ 14.927884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261d [ 14.928674] flags: 0x200000000000000(node=0|zone=2) [ 14.928909] page_type: f5(slab) [ 14.929271] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.929823] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.930441] page dumped because: kasan: bad access detected [ 14.930929] [ 14.931053] Memory state around the buggy address: [ 14.931505] ffff88810261da80: 00 00 07 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.931822] ffff88810261db00: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 14.932585] >ffff88810261db80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.933012] ^ [ 14.933529] ffff88810261dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.933955] ffff88810261dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.934329] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.871393] ================================================================== [ 14.872709] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.873053] Read of size 1 at addr ffff88810398fc4a by task kunit_try_catch/270 [ 14.873767] [ 14.874023] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.874309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.874324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.874347] Call Trace: [ 14.874361] <TASK> [ 14.874378] dump_stack_lvl+0x73/0xb0 [ 14.874408] print_report+0xd1/0x650 [ 14.874431] ? __virt_addr_valid+0x1db/0x2d0 [ 14.874452] ? kasan_alloca_oob_right+0x329/0x390 [ 14.874474] ? kasan_addr_to_slab+0x11/0xa0 [ 14.874494] ? kasan_alloca_oob_right+0x329/0x390 [ 14.874528] kasan_report+0x141/0x180 [ 14.874549] ? kasan_alloca_oob_right+0x329/0x390 [ 14.874576] __asan_report_load1_noabort+0x18/0x20 [ 14.874599] kasan_alloca_oob_right+0x329/0x390 [ 14.874622] ? finish_task_switch.isra.0+0x153/0x700 [ 14.874644] ? out_of_line_wait_on_bit_timeout+0x7e/0x190 [ 14.874669] ? trace_hardirqs_on+0x37/0xe0 [ 14.874693] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.874715] ? __kasan_check_write+0x18/0x20 [ 14.874732] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.874757] ? trace_hardirqs_on+0x37/0xe0 [ 14.874778] ? __pfx_read_tsc+0x10/0x10 [ 14.874799] ? ktime_get_ts64+0x86/0x230 [ 14.874822] kunit_try_run_case+0x1a5/0x480 [ 14.874846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.874871] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.874893] ? __kthread_parkme+0x82/0x180 [ 14.874913] ? preempt_count_sub+0x50/0x80 [ 14.874935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.874958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.874980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.875003] kthread+0x337/0x6f0 [ 14.875021] ? trace_preempt_on+0x20/0xc0 [ 14.875056] ? __pfx_kthread+0x10/0x10 [ 14.875113] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.875134] ? calculate_sigpending+0x7b/0xa0 [ 14.875157] ? __pfx_kthread+0x10/0x10 [ 14.875178] ret_from_fork+0x116/0x1d0 [ 14.875196] ? __pfx_kthread+0x10/0x10 [ 14.875216] ret_from_fork_asm+0x1a/0x30 [ 14.875248] </TASK> [ 14.875259] [ 14.888367] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.888884] [ 14.889149] The buggy address belongs to the physical page: [ 14.889690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10398f [ 14.890239] flags: 0x200000000000000(node=0|zone=2) [ 14.890624] raw: 0200000000000000 ffffea00040e63c8 ffffea00040e63c8 0000000000000000 [ 14.891153] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.891476] page dumped because: kasan: bad access detected [ 14.891891] [ 14.892123] Memory state around the buggy address: [ 14.892684] ffff88810398fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.893287] ffff88810398fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.893786] >ffff88810398fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.894330] ^ [ 14.894766] ffff88810398fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.895278] ffff88810398fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.895852] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.842661] ================================================================== [ 14.843962] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.844820] Read of size 1 at addr ffff888103adfc3f by task kunit_try_catch/268 [ 14.845118] [ 14.845218] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.845267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.845279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.845300] Call Trace: [ 14.845314] <TASK> [ 14.845332] dump_stack_lvl+0x73/0xb0 [ 14.845362] print_report+0xd1/0x650 [ 14.845384] ? __virt_addr_valid+0x1db/0x2d0 [ 14.845407] ? kasan_alloca_oob_left+0x320/0x380 [ 14.845428] ? kasan_addr_to_slab+0x11/0xa0 [ 14.845448] ? kasan_alloca_oob_left+0x320/0x380 [ 14.845470] kasan_report+0x141/0x180 [ 14.845491] ? kasan_alloca_oob_left+0x320/0x380 [ 14.845518] __asan_report_load1_noabort+0x18/0x20 [ 14.845541] kasan_alloca_oob_left+0x320/0x380 [ 14.845568] ? __kasan_check_write+0x18/0x20 [ 14.845587] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.845609] ? finish_task_switch.isra.0+0x153/0x700 [ 14.845631] ? out_of_line_wait_on_bit_timeout+0x7e/0x190 [ 14.845655] ? trace_hardirqs_on+0x37/0xe0 [ 14.845679] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.845704] ? __schedule+0x10cc/0x2b60 [ 14.845724] ? __pfx_read_tsc+0x10/0x10 [ 14.845747] ? ktime_get_ts64+0x86/0x230 [ 14.845773] kunit_try_run_case+0x1a5/0x480 [ 14.845797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.845820] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.845843] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.845865] ? __kthread_parkme+0x82/0x180 [ 14.845886] ? preempt_count_sub+0x50/0x80 [ 14.845910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.845933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.845955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.845976] kthread+0x337/0x6f0 [ 14.845996] ? trace_preempt_on+0x20/0xc0 [ 14.846017] ? __pfx_kthread+0x10/0x10 [ 14.846037] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.846499] ? calculate_sigpending+0x7b/0xa0 [ 14.846540] ? __pfx_kthread+0x10/0x10 [ 14.846563] ret_from_fork+0x116/0x1d0 [ 14.846582] ? __pfx_kthread+0x10/0x10 [ 14.846602] ret_from_fork_asm+0x1a/0x30 [ 14.846635] </TASK> [ 14.846647] [ 14.860569] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.861158] [ 14.861406] The buggy address belongs to the physical page: [ 14.861643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103adf [ 14.862067] flags: 0x200000000000000(node=0|zone=2) [ 14.862645] raw: 0200000000000000 ffffea00040eb7c8 ffffea00040eb7c8 0000000000000000 [ 14.863145] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.863481] page dumped because: kasan: bad access detected [ 14.863800] [ 14.864272] Memory state around the buggy address: [ 14.864533] ffff888103adfb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.864810] ffff888103adfb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.865452] >ffff888103adfc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.866036] ^ [ 14.866334] ffff888103adfc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.866823] ffff888103adfd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.867383] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.809345] ================================================================== [ 14.810366] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.810713] Read of size 1 at addr ffff888103a7fd02 by task kunit_try_catch/266 [ 14.811120] [ 14.811511] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.811561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.811573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.811597] Call Trace: [ 14.811611] <TASK> [ 14.811628] dump_stack_lvl+0x73/0xb0 [ 14.811658] print_report+0xd1/0x650 [ 14.811681] ? __virt_addr_valid+0x1db/0x2d0 [ 14.811704] ? kasan_stack_oob+0x2b5/0x300 [ 14.811723] ? kasan_addr_to_slab+0x11/0xa0 [ 14.811744] ? kasan_stack_oob+0x2b5/0x300 [ 14.811764] kasan_report+0x141/0x180 [ 14.811786] ? kasan_stack_oob+0x2b5/0x300 [ 14.811810] __asan_report_load1_noabort+0x18/0x20 [ 14.811834] kasan_stack_oob+0x2b5/0x300 [ 14.811854] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.811872] ? finish_task_switch.isra.0+0x153/0x700 [ 14.811895] ? __switch_to+0x47/0xf50 [ 14.811922] ? __schedule+0x10cc/0x2b60 [ 14.811945] ? __pfx_read_tsc+0x10/0x10 [ 14.811966] ? ktime_get_ts64+0x86/0x230 [ 14.811991] kunit_try_run_case+0x1a5/0x480 [ 14.812014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.812036] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.812073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.812097] ? __kthread_parkme+0x82/0x180 [ 14.812116] ? preempt_count_sub+0x50/0x80 [ 14.812140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.812162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.812186] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.812208] kthread+0x337/0x6f0 [ 14.812227] ? trace_preempt_on+0x20/0xc0 [ 14.812251] ? __pfx_kthread+0x10/0x10 [ 14.812271] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.812292] ? calculate_sigpending+0x7b/0xa0 [ 14.812316] ? __pfx_kthread+0x10/0x10 [ 14.812337] ret_from_fork+0x116/0x1d0 [ 14.812356] ? __pfx_kthread+0x10/0x10 [ 14.812375] ret_from_fork_asm+0x1a/0x30 [ 14.812407] </TASK> [ 14.812420] [ 14.827438] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.827941] and is located at offset 138 in frame: [ 14.828521] kasan_stack_oob+0x0/0x300 [ 14.829289] [ 14.829504] This frame has 4 objects: [ 14.830279] [48, 49) '__assertion' [ 14.830316] [64, 72) 'array' [ 14.830861] [96, 112) '__assertion' [ 14.831112] [128, 138) 'stack_array' [ 14.831656] [ 14.831859] The buggy address belongs to the physical page: [ 14.832054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a7f [ 14.833442] flags: 0x200000000000000(node=0|zone=2) [ 14.833969] raw: 0200000000000000 ffffea00040e9fc8 ffffea00040e9fc8 0000000000000000 [ 14.834990] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.835433] page dumped because: kasan: bad access detected [ 14.835678] [ 14.835780] Memory state around the buggy address: [ 14.835997] ffff888103a7fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.836292] ffff888103a7fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.836621] >ffff888103a7fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.836882] ^ [ 14.837547] ffff888103a7fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.837999] ffff888103a7fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.838509] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.780435] ================================================================== [ 14.781848] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.782416] Read of size 1 at addr ffffffff93063e8d by task kunit_try_catch/262 [ 14.782950] [ 14.783232] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.783283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.783296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.783318] Call Trace: [ 14.783330] <TASK> [ 14.783347] dump_stack_lvl+0x73/0xb0 [ 14.783406] print_report+0xd1/0x650 [ 14.783440] ? __virt_addr_valid+0x1db/0x2d0 [ 14.783465] ? kasan_global_oob_right+0x286/0x2d0 [ 14.783485] ? kasan_addr_to_slab+0x11/0xa0 [ 14.783504] ? kasan_global_oob_right+0x286/0x2d0 [ 14.783525] kasan_report+0x141/0x180 [ 14.783547] ? kasan_global_oob_right+0x286/0x2d0 [ 14.783573] __asan_report_load1_noabort+0x18/0x20 [ 14.783597] kasan_global_oob_right+0x286/0x2d0 [ 14.783618] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.783639] ? __kasan_check_write+0x18/0x20 [ 14.783657] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.783680] ? irqentry_exit+0x2a/0x60 [ 14.783704] ? trace_hardirqs_on+0x37/0xe0 [ 14.783727] ? __pfx_read_tsc+0x10/0x10 [ 14.783748] ? ktime_get_ts64+0x86/0x230 [ 14.783771] kunit_try_run_case+0x1a5/0x480 [ 14.783796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.783819] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.783841] ? __kthread_parkme+0x82/0x180 [ 14.783861] ? preempt_count_sub+0x50/0x80 [ 14.783885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.783908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.783930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.783953] kthread+0x337/0x6f0 [ 14.783972] ? trace_preempt_on+0x20/0xc0 [ 14.783993] ? __pfx_kthread+0x10/0x10 [ 14.784013] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.784034] ? calculate_sigpending+0x7b/0xa0 [ 14.784068] ? __pfx_kthread+0x10/0x10 [ 14.784089] ret_from_fork+0x116/0x1d0 [ 14.784106] ? __pfx_kthread+0x10/0x10 [ 14.784126] ret_from_fork_asm+0x1a/0x30 [ 14.784158] </TASK> [ 14.784170] [ 14.796720] The buggy address belongs to the variable: [ 14.797022] global_array+0xd/0x40 [ 14.797421] [ 14.797579] The buggy address belongs to the physical page: [ 14.797845] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x122463 [ 14.798309] flags: 0x200000000002000(reserved|node=0|zone=2) [ 14.798613] raw: 0200000000002000 ffffea00048918c8 ffffea00048918c8 0000000000000000 [ 14.798954] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.799437] page dumped because: kasan: bad access detected [ 14.799753] [ 14.799824] Memory state around the buggy address: [ 14.800013] ffffffff93063d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.800405] ffffffff93063e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.800743] >ffffffff93063e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.801260] ^ [ 14.801442] ffffffff93063f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.801777] ffffffff93063f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.802275] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.744324] ================================================================== [ 14.744975] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.745715] Free of addr ffff888103a50001 by task kunit_try_catch/260 [ 14.746086] [ 14.746229] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.746279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.746291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.746314] Call Trace: [ 14.746328] <TASK> [ 14.746347] dump_stack_lvl+0x73/0xb0 [ 14.746378] print_report+0xd1/0x650 [ 14.746401] ? __virt_addr_valid+0x1db/0x2d0 [ 14.746426] ? kasan_addr_to_slab+0x11/0xa0 [ 14.746526] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.746557] kasan_report_invalid_free+0x10a/0x130 [ 14.746581] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.746622] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.746646] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.746670] mempool_free+0x2ec/0x380 [ 14.746698] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.746723] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.746746] ? update_load_avg+0x1be/0x21b0 [ 14.746774] ? finish_task_switch.isra.0+0x153/0x700 [ 14.746799] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.746823] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.746849] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.746872] ? __pfx_mempool_kfree+0x10/0x10 [ 14.746896] ? __pfx_read_tsc+0x10/0x10 [ 14.746917] ? ktime_get_ts64+0x86/0x230 [ 14.746942] kunit_try_run_case+0x1a5/0x480 [ 14.746967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.746989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.747014] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.747036] ? __kthread_parkme+0x82/0x180 [ 14.747110] ? preempt_count_sub+0x50/0x80 [ 14.747135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.747158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.747181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.747203] kthread+0x337/0x6f0 [ 14.747222] ? trace_preempt_on+0x20/0xc0 [ 14.747246] ? __pfx_kthread+0x10/0x10 [ 14.747266] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.747287] ? calculate_sigpending+0x7b/0xa0 [ 14.747311] ? __pfx_kthread+0x10/0x10 [ 14.747332] ret_from_fork+0x116/0x1d0 [ 14.747351] ? __pfx_kthread+0x10/0x10 [ 14.747371] ret_from_fork_asm+0x1a/0x30 [ 14.747402] </TASK> [ 14.747415] [ 14.763299] The buggy address belongs to the physical page: [ 14.763952] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a50 [ 14.764945] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.765406] flags: 0x200000000000040(head|node=0|zone=2) [ 14.765814] page_type: f8(unknown) [ 14.766221] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.767008] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.767624] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.768027] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.768686] head: 0200000000000002 ffffea00040e9401 00000000ffffffff 00000000ffffffff [ 14.769569] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.770237] page dumped because: kasan: bad access detected [ 14.770618] [ 14.770692] Memory state around the buggy address: [ 14.770852] ffff888103a4ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.771134] ffff888103a4ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.771866] >ffff888103a50000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.772744] ^ [ 14.773118] ffff888103a50080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.773916] ffff888103a50100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.774354] ================================================================== [ 14.705339] ================================================================== [ 14.705888] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.706651] Free of addr ffff888102602e01 by task kunit_try_catch/258 [ 14.706859] [ 14.706956] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.707002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.707014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.707036] Call Trace: [ 14.707086] <TASK> [ 14.707105] dump_stack_lvl+0x73/0xb0 [ 14.707133] print_report+0xd1/0x650 [ 14.707157] ? __virt_addr_valid+0x1db/0x2d0 [ 14.707181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.707206] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.707230] kasan_report_invalid_free+0x10a/0x130 [ 14.707254] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.707280] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.707303] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.707326] check_slab_allocation+0x11f/0x130 [ 14.707347] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.707370] mempool_free+0x2ec/0x380 [ 14.707398] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.707422] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.707447] ? __kasan_check_write+0x18/0x20 [ 14.707466] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.707487] ? finish_task_switch.isra.0+0x153/0x700 [ 14.707523] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.707547] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.707573] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.707594] ? __pfx_mempool_kfree+0x10/0x10 [ 14.707618] ? __pfx_read_tsc+0x10/0x10 [ 14.707639] ? ktime_get_ts64+0x86/0x230 [ 14.707663] kunit_try_run_case+0x1a5/0x480 [ 14.707688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.707710] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.707732] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.707755] ? __kthread_parkme+0x82/0x180 [ 14.707776] ? preempt_count_sub+0x50/0x80 [ 14.707798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.707821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.707844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.707865] kthread+0x337/0x6f0 [ 14.707884] ? trace_preempt_on+0x20/0xc0 [ 14.707907] ? __pfx_kthread+0x10/0x10 [ 14.707927] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.707947] ? calculate_sigpending+0x7b/0xa0 [ 14.707970] ? __pfx_kthread+0x10/0x10 [ 14.707991] ret_from_fork+0x116/0x1d0 [ 14.708009] ? __pfx_kthread+0x10/0x10 [ 14.708029] ret_from_fork_asm+0x1a/0x30 [ 14.708071] </TASK> [ 14.708084] [ 14.725738] Allocated by task 258: [ 14.726175] kasan_save_stack+0x45/0x70 [ 14.726667] kasan_save_track+0x18/0x40 [ 14.726808] kasan_save_alloc_info+0x3b/0x50 [ 14.726959] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.727146] remove_element+0x11e/0x190 [ 14.727298] mempool_alloc_preallocated+0x4d/0x90 [ 14.727459] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.727642] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.727806] kunit_try_run_case+0x1a5/0x480 [ 14.727954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.728137] kthread+0x337/0x6f0 [ 14.728260] ret_from_fork+0x116/0x1d0 [ 14.728392] ret_from_fork_asm+0x1a/0x30 [ 14.728534] [ 14.728605] The buggy address belongs to the object at ffff888102602e00 [ 14.728605] which belongs to the cache kmalloc-128 of size 128 [ 14.728967] The buggy address is located 1 bytes inside of [ 14.728967] 128-byte region [ffff888102602e00, ffff888102602e80) [ 14.729683] [ 14.729886] The buggy address belongs to the physical page: [ 14.730354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 14.731299] flags: 0x200000000000000(node=0|zone=2) [ 14.731998] page_type: f5(slab) [ 14.732406] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.733296] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.734180] page dumped because: kasan: bad access detected [ 14.734879] [ 14.735057] Memory state around the buggy address: [ 14.735432] ffff888102602d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.736025] ffff888102602d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.736791] >ffff888102602e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.737012] ^ [ 14.737469] ffff888102602e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.738244] ffff888102602f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.738809] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.683889] ================================================================== [ 14.684425] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.684701] Free of addr ffff888102b84000 by task kunit_try_catch/256 [ 14.684991] [ 14.685121] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.685167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.685179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.685201] Call Trace: [ 14.685213] <TASK> [ 14.685230] dump_stack_lvl+0x73/0xb0 [ 14.685258] print_report+0xd1/0x650 [ 14.685281] ? __virt_addr_valid+0x1db/0x2d0 [ 14.685306] ? kasan_addr_to_slab+0x11/0xa0 [ 14.685325] ? mempool_double_free_helper+0x184/0x370 [ 14.685349] kasan_report_invalid_free+0x10a/0x130 [ 14.685372] ? mempool_double_free_helper+0x184/0x370 [ 14.685398] ? mempool_double_free_helper+0x184/0x370 [ 14.685420] __kasan_mempool_poison_pages+0x115/0x130 [ 14.685444] mempool_free+0x290/0x380 [ 14.685470] mempool_double_free_helper+0x184/0x370 [ 14.685493] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.685517] ? __kasan_check_write+0x18/0x20 [ 14.685536] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.685563] ? finish_task_switch.isra.0+0x153/0x700 [ 14.685589] mempool_page_alloc_double_free+0xe8/0x140 [ 14.685614] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.685641] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.685663] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.685688] ? __pfx_read_tsc+0x10/0x10 [ 14.685709] ? ktime_get_ts64+0x86/0x230 [ 14.685733] kunit_try_run_case+0x1a5/0x480 [ 14.685757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.685778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.685801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.685824] ? __kthread_parkme+0x82/0x180 [ 14.685844] ? preempt_count_sub+0x50/0x80 [ 14.685867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.685889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.685912] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.685935] kthread+0x337/0x6f0 [ 14.685953] ? trace_preempt_on+0x20/0xc0 [ 14.685976] ? __pfx_kthread+0x10/0x10 [ 14.685996] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.686016] ? calculate_sigpending+0x7b/0xa0 [ 14.686078] ? __pfx_kthread+0x10/0x10 [ 14.686100] ret_from_fork+0x116/0x1d0 [ 14.686119] ? __pfx_kthread+0x10/0x10 [ 14.686139] ret_from_fork_asm+0x1a/0x30 [ 14.686171] </TASK> [ 14.686182] [ 14.695322] The buggy address belongs to the physical page: [ 14.695522] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b84 [ 14.695891] flags: 0x200000000000000(node=0|zone=2) [ 14.696221] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.696484] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.696841] page dumped because: kasan: bad access detected [ 14.697163] [ 14.697262] Memory state around the buggy address: [ 14.697435] ffff888102b83f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.697773] ffff888102b83f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.698266] >ffff888102b84000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.698570] ^ [ 14.698770] ffff888102b84080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.698994] ffff888102b84100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.699288] ================================================================== [ 14.662027] ================================================================== [ 14.662766] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.663285] Free of addr ffff888103a50000 by task kunit_try_catch/254 [ 14.663620] [ 14.663726] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.663774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.663786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.663810] Call Trace: [ 14.663823] <TASK> [ 14.663842] dump_stack_lvl+0x73/0xb0 [ 14.663874] print_report+0xd1/0x650 [ 14.663897] ? __virt_addr_valid+0x1db/0x2d0 [ 14.663922] ? kasan_addr_to_slab+0x11/0xa0 [ 14.663941] ? mempool_double_free_helper+0x184/0x370 [ 14.663965] kasan_report_invalid_free+0x10a/0x130 [ 14.663989] ? mempool_double_free_helper+0x184/0x370 [ 14.664014] ? mempool_double_free_helper+0x184/0x370 [ 14.664037] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.664150] mempool_free+0x2ec/0x380 [ 14.664179] mempool_double_free_helper+0x184/0x370 [ 14.664202] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.664224] ? update_load_avg+0x1be/0x21b0 [ 14.664249] ? update_load_avg+0x1be/0x21b0 [ 14.664269] ? update_curr+0x80/0x810 [ 14.664291] ? finish_task_switch.isra.0+0x153/0x700 [ 14.664317] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.664340] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.664367] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.664389] ? __pfx_mempool_kfree+0x10/0x10 [ 14.664413] ? __pfx_read_tsc+0x10/0x10 [ 14.664434] ? ktime_get_ts64+0x86/0x230 [ 14.664459] kunit_try_run_case+0x1a5/0x480 [ 14.664484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.664505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.664530] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.664572] ? __kthread_parkme+0x82/0x180 [ 14.664595] ? preempt_count_sub+0x50/0x80 [ 14.664619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.664644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.664666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.664689] kthread+0x337/0x6f0 [ 14.664708] ? trace_preempt_on+0x20/0xc0 [ 14.664732] ? __pfx_kthread+0x10/0x10 [ 14.664752] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.664773] ? calculate_sigpending+0x7b/0xa0 [ 14.664797] ? __pfx_kthread+0x10/0x10 [ 14.664818] ret_from_fork+0x116/0x1d0 [ 14.664835] ? __pfx_kthread+0x10/0x10 [ 14.664856] ret_from_fork_asm+0x1a/0x30 [ 14.664887] </TASK> [ 14.664899] [ 14.674155] The buggy address belongs to the physical page: [ 14.674399] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a50 [ 14.674678] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.674990] flags: 0x200000000000040(head|node=0|zone=2) [ 14.675442] page_type: f8(unknown) [ 14.675659] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.676007] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.676432] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.676694] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.676965] head: 0200000000000002 ffffea00040e9401 00000000ffffffff 00000000ffffffff [ 14.677329] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.677674] page dumped because: kasan: bad access detected [ 14.677940] [ 14.678030] Memory state around the buggy address: [ 14.678325] ffff888103a4ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.678666] ffff888103a4ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.678942] >ffff888103a50000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.679418] ^ [ 14.679598] ffff888103a50080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.679820] ffff888103a50100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.680162] ================================================================== [ 14.633588] ================================================================== [ 14.634108] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.634425] Free of addr ffff888102af6e00 by task kunit_try_catch/252 [ 14.634709] [ 14.634824] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.634873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.634888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.634915] Call Trace: [ 14.634928] <TASK> [ 14.634946] dump_stack_lvl+0x73/0xb0 [ 14.634977] print_report+0xd1/0x650 [ 14.635001] ? __virt_addr_valid+0x1db/0x2d0 [ 14.635028] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.635068] ? mempool_double_free_helper+0x184/0x370 [ 14.635094] kasan_report_invalid_free+0x10a/0x130 [ 14.635119] ? mempool_double_free_helper+0x184/0x370 [ 14.635146] ? mempool_double_free_helper+0x184/0x370 [ 14.635170] ? mempool_double_free_helper+0x184/0x370 [ 14.635193] check_slab_allocation+0x101/0x130 [ 14.635215] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.635240] mempool_free+0x2ec/0x380 [ 14.635269] mempool_double_free_helper+0x184/0x370 [ 14.635293] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.635320] ? __kasan_check_write+0x18/0x20 [ 14.635340] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.635363] ? finish_task_switch.isra.0+0x153/0x700 [ 14.635391] mempool_kmalloc_double_free+0xed/0x140 [ 14.635415] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.635443] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.635466] ? __pfx_mempool_kfree+0x10/0x10 [ 14.635492] ? __pfx_read_tsc+0x10/0x10 [ 14.635514] ? ktime_get_ts64+0x86/0x230 [ 14.635539] kunit_try_run_case+0x1a5/0x480 [ 14.635565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.635588] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.635613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.635637] ? __kthread_parkme+0x82/0x180 [ 14.635659] ? preempt_count_sub+0x50/0x80 [ 14.635682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.635706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.635730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.635755] kthread+0x337/0x6f0 [ 14.635773] ? trace_preempt_on+0x20/0xc0 [ 14.635797] ? __pfx_kthread+0x10/0x10 [ 14.635818] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.635839] ? calculate_sigpending+0x7b/0xa0 [ 14.635865] ? __pfx_kthread+0x10/0x10 [ 14.635886] ret_from_fork+0x116/0x1d0 [ 14.635906] ? __pfx_kthread+0x10/0x10 [ 14.635926] ret_from_fork_asm+0x1a/0x30 [ 14.635959] </TASK> [ 14.635970] [ 14.644957] Allocated by task 252: [ 14.645236] kasan_save_stack+0x45/0x70 [ 14.645393] kasan_save_track+0x18/0x40 [ 14.645602] kasan_save_alloc_info+0x3b/0x50 [ 14.645819] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.646156] remove_element+0x11e/0x190 [ 14.646334] mempool_alloc_preallocated+0x4d/0x90 [ 14.646518] mempool_double_free_helper+0x8a/0x370 [ 14.646733] mempool_kmalloc_double_free+0xed/0x140 [ 14.646971] kunit_try_run_case+0x1a5/0x480 [ 14.647251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.647471] kthread+0x337/0x6f0 [ 14.647656] ret_from_fork+0x116/0x1d0 [ 14.647852] ret_from_fork_asm+0x1a/0x30 [ 14.648109] [ 14.648207] Freed by task 252: [ 14.648340] kasan_save_stack+0x45/0x70 [ 14.648493] kasan_save_track+0x18/0x40 [ 14.648707] kasan_save_free_info+0x3f/0x60 [ 14.648913] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.649211] mempool_free+0x2ec/0x380 [ 14.649391] mempool_double_free_helper+0x109/0x370 [ 14.649631] mempool_kmalloc_double_free+0xed/0x140 [ 14.649798] kunit_try_run_case+0x1a5/0x480 [ 14.649942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.650266] kthread+0x337/0x6f0 [ 14.650440] ret_from_fork+0x116/0x1d0 [ 14.650643] ret_from_fork_asm+0x1a/0x30 [ 14.650837] [ 14.650932] The buggy address belongs to the object at ffff888102af6e00 [ 14.650932] which belongs to the cache kmalloc-128 of size 128 [ 14.651487] The buggy address is located 0 bytes inside of [ 14.651487] 128-byte region [ffff888102af6e00, ffff888102af6e80) [ 14.651964] [ 14.652135] The buggy address belongs to the physical page: [ 14.652343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af6 [ 14.652685] flags: 0x200000000000000(node=0|zone=2) [ 14.652931] page_type: f5(slab) [ 14.653178] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.653501] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.653830] page dumped because: kasan: bad access detected [ 14.654112] [ 14.654214] Memory state around the buggy address: [ 14.654425] ffff888102af6d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.654736] ffff888102af6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.655018] >ffff888102af6e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.655434] ^ [ 14.655611] ffff888102af6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.655886] ffff888102af6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.656275] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.533949] ================================================================== [ 14.534516] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.534743] Read of size 1 at addr ffff888102b80000 by task kunit_try_catch/246 [ 14.534968] [ 14.535074] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.535125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.535138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.535164] Call Trace: [ 14.535175] <TASK> [ 14.535192] dump_stack_lvl+0x73/0xb0 [ 14.535221] print_report+0xd1/0x650 [ 14.535244] ? __virt_addr_valid+0x1db/0x2d0 [ 14.535266] ? mempool_uaf_helper+0x392/0x400 [ 14.535288] ? kasan_addr_to_slab+0x11/0xa0 [ 14.535308] ? mempool_uaf_helper+0x392/0x400 [ 14.535330] kasan_report+0x141/0x180 [ 14.535352] ? mempool_uaf_helper+0x392/0x400 [ 14.535378] __asan_report_load1_noabort+0x18/0x20 [ 14.535403] mempool_uaf_helper+0x392/0x400 [ 14.535424] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.535448] ? __kasan_check_write+0x18/0x20 [ 14.535468] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.535490] ? finish_task_switch.isra.0+0x153/0x700 [ 14.535517] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.535540] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.535567] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.535590] ? __pfx_mempool_kfree+0x10/0x10 [ 14.535615] ? __pfx_read_tsc+0x10/0x10 [ 14.535637] ? ktime_get_ts64+0x86/0x230 [ 14.535660] kunit_try_run_case+0x1a5/0x480 [ 14.535686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.535708] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.535734] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.535758] ? __kthread_parkme+0x82/0x180 [ 14.535779] ? preempt_count_sub+0x50/0x80 [ 14.535803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.535828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.535853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.535878] kthread+0x337/0x6f0 [ 14.535897] ? trace_preempt_on+0x20/0xc0 [ 14.535920] ? __pfx_kthread+0x10/0x10 [ 14.535941] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.535962] ? calculate_sigpending+0x7b/0xa0 [ 14.535987] ? __pfx_kthread+0x10/0x10 [ 14.536009] ret_from_fork+0x116/0x1d0 [ 14.536028] ? __pfx_kthread+0x10/0x10 [ 14.536072] ret_from_fork_asm+0x1a/0x30 [ 14.536326] </TASK> [ 14.536355] [ 14.554322] The buggy address belongs to the physical page: [ 14.554523] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b80 [ 14.554779] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.555014] flags: 0x200000000000040(head|node=0|zone=2) [ 14.555789] page_type: f8(unknown) [ 14.555982] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.556320] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.556576] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.556807] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.557048] head: 0200000000000002 ffffea00040ae001 00000000ffffffff 00000000ffffffff [ 14.558613] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.558973] page dumped because: kasan: bad access detected [ 14.559729] [ 14.559812] Memory state around the buggy address: [ 14.559980] ffff888102b7ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.560243] ffff888102b7ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.560467] >ffff888102b80000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.560688] ^ [ 14.560806] ffff888102b80080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.561436] ffff888102b80100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.561777] ================================================================== [ 14.613379] ================================================================== [ 14.614375] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.614613] Read of size 1 at addr ffff888103a4c000 by task kunit_try_catch/250 [ 14.614837] [ 14.614933] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.614981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.614992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.615015] Call Trace: [ 14.615027] <TASK> [ 14.615055] dump_stack_lvl+0x73/0xb0 [ 14.615085] print_report+0xd1/0x650 [ 14.615107] ? __virt_addr_valid+0x1db/0x2d0 [ 14.615130] ? mempool_uaf_helper+0x392/0x400 [ 14.615152] ? kasan_addr_to_slab+0x11/0xa0 [ 14.615171] ? mempool_uaf_helper+0x392/0x400 [ 14.615192] kasan_report+0x141/0x180 [ 14.615215] ? mempool_uaf_helper+0x392/0x400 [ 14.615241] __asan_report_load1_noabort+0x18/0x20 [ 14.615263] mempool_uaf_helper+0x392/0x400 [ 14.615286] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.615310] ? __kasan_check_write+0x18/0x20 [ 14.615329] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.615352] ? finish_task_switch.isra.0+0x153/0x700 [ 14.615378] mempool_page_alloc_uaf+0xed/0x140 [ 14.615400] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.615425] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.615450] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.615475] ? __pfx_read_tsc+0x10/0x10 [ 14.615495] ? ktime_get_ts64+0x86/0x230 [ 14.615520] kunit_try_run_case+0x1a5/0x480 [ 14.615545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.615567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.615591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.615613] ? __kthread_parkme+0x82/0x180 [ 14.615633] ? preempt_count_sub+0x50/0x80 [ 14.615656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.615678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.615700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.615723] kthread+0x337/0x6f0 [ 14.615741] ? trace_preempt_on+0x20/0xc0 [ 14.615764] ? __pfx_kthread+0x10/0x10 [ 14.615784] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.615803] ? calculate_sigpending+0x7b/0xa0 [ 14.615828] ? __pfx_kthread+0x10/0x10 [ 14.615848] ret_from_fork+0x116/0x1d0 [ 14.615866] ? __pfx_kthread+0x10/0x10 [ 14.615886] ret_from_fork_asm+0x1a/0x30 [ 14.615919] </TASK> [ 14.615931] [ 14.624426] The buggy address belongs to the physical page: [ 14.624690] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a4c [ 14.625007] flags: 0x200000000000000(node=0|zone=2) [ 14.625340] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.625681] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.625981] page dumped because: kasan: bad access detected [ 14.626264] [ 14.626366] Memory state around the buggy address: [ 14.626612] ffff888103a4bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.626902] ffff888103a4bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.627224] >ffff888103a4c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.627441] ^ [ 14.627577] ffff888103a4c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.627896] ffff888103a4c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.628283] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.569958] ================================================================== [ 14.571346] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.572307] Read of size 1 at addr ffff888102b16240 by task kunit_try_catch/248 [ 14.573022] [ 14.573246] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.573304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.573321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.573378] Call Trace: [ 14.573391] <TASK> [ 14.573409] dump_stack_lvl+0x73/0xb0 [ 14.573444] print_report+0xd1/0x650 [ 14.573468] ? __virt_addr_valid+0x1db/0x2d0 [ 14.573494] ? mempool_uaf_helper+0x392/0x400 [ 14.573516] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.573544] ? mempool_uaf_helper+0x392/0x400 [ 14.573583] kasan_report+0x141/0x180 [ 14.573606] ? mempool_uaf_helper+0x392/0x400 [ 14.573633] __asan_report_load1_noabort+0x18/0x20 [ 14.573659] mempool_uaf_helper+0x392/0x400 [ 14.573683] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.573705] ? update_load_avg+0x1be/0x21b0 [ 14.573735] ? finish_task_switch.isra.0+0x153/0x700 [ 14.573764] mempool_slab_uaf+0xea/0x140 [ 14.573788] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.573815] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.573843] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.573871] ? __pfx_read_tsc+0x10/0x10 [ 14.573893] ? ktime_get_ts64+0x86/0x230 [ 14.573920] kunit_try_run_case+0x1a5/0x480 [ 14.573947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.573970] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.573996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.574021] ? __kthread_parkme+0x82/0x180 [ 14.574055] ? preempt_count_sub+0x50/0x80 [ 14.574092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.574117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.574141] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.574166] kthread+0x337/0x6f0 [ 14.574185] ? trace_preempt_on+0x20/0xc0 [ 14.574209] ? __pfx_kthread+0x10/0x10 [ 14.574230] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.574251] ? calculate_sigpending+0x7b/0xa0 [ 14.574276] ? __pfx_kthread+0x10/0x10 [ 14.574297] ret_from_fork+0x116/0x1d0 [ 14.574316] ? __pfx_kthread+0x10/0x10 [ 14.574337] ret_from_fork_asm+0x1a/0x30 [ 14.574370] </TASK> [ 14.574382] [ 14.587255] Allocated by task 248: [ 14.587418] kasan_save_stack+0x45/0x70 [ 14.587565] kasan_save_track+0x18/0x40 [ 14.587912] kasan_save_alloc_info+0x3b/0x50 [ 14.588348] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.588894] remove_element+0x11e/0x190 [ 14.589331] mempool_alloc_preallocated+0x4d/0x90 [ 14.589784] mempool_uaf_helper+0x96/0x400 [ 14.590222] mempool_slab_uaf+0xea/0x140 [ 14.590363] kunit_try_run_case+0x1a5/0x480 [ 14.590513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.590689] kthread+0x337/0x6f0 [ 14.590809] ret_from_fork+0x116/0x1d0 [ 14.590941] ret_from_fork_asm+0x1a/0x30 [ 14.591128] [ 14.591282] Freed by task 248: [ 14.591564] kasan_save_stack+0x45/0x70 [ 14.591938] kasan_save_track+0x18/0x40 [ 14.592445] kasan_save_free_info+0x3f/0x60 [ 14.592880] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.593237] mempool_free+0x2ec/0x380 [ 14.593381] mempool_uaf_helper+0x11a/0x400 [ 14.593556] mempool_slab_uaf+0xea/0x140 [ 14.593903] kunit_try_run_case+0x1a5/0x480 [ 14.594346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.594943] kthread+0x337/0x6f0 [ 14.595330] ret_from_fork+0x116/0x1d0 [ 14.595748] ret_from_fork_asm+0x1a/0x30 [ 14.595894] [ 14.595969] The buggy address belongs to the object at ffff888102b16240 [ 14.595969] which belongs to the cache test_cache of size 123 [ 14.596971] The buggy address is located 0 bytes inside of [ 14.596971] freed 123-byte region [ffff888102b16240, ffff888102b162bb) [ 14.598056] [ 14.598276] The buggy address belongs to the physical page: [ 14.598712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b16 [ 14.598961] flags: 0x200000000000000(node=0|zone=2) [ 14.599245] page_type: f5(slab) [ 14.599549] raw: 0200000000000000 ffff88810161cc80 dead000000000122 0000000000000000 [ 14.600297] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.601172] page dumped because: kasan: bad access detected [ 14.601689] [ 14.601845] Memory state around the buggy address: [ 14.602252] ffff888102b16100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.602913] ffff888102b16180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.603305] >ffff888102b16200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.603916] ^ [ 14.604469] ffff888102b16280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.604889] ffff888102b16300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.605277] ================================================================== [ 14.502136] ================================================================== [ 14.503358] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.504241] Read of size 1 at addr ffff888102af6a00 by task kunit_try_catch/244 [ 14.505271] [ 14.505417] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.505473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.505487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.505522] Call Trace: [ 14.505538] <TASK> [ 14.505562] dump_stack_lvl+0x73/0xb0 [ 14.505595] print_report+0xd1/0x650 [ 14.505619] ? __virt_addr_valid+0x1db/0x2d0 [ 14.505644] ? mempool_uaf_helper+0x392/0x400 [ 14.505668] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.505697] ? mempool_uaf_helper+0x392/0x400 [ 14.505720] kasan_report+0x141/0x180 [ 14.505742] ? mempool_uaf_helper+0x392/0x400 [ 14.505771] __asan_report_load1_noabort+0x18/0x20 [ 14.505796] mempool_uaf_helper+0x392/0x400 [ 14.505820] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.505846] ? __kasan_check_write+0x18/0x20 [ 14.505867] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.505890] ? finish_task_switch.isra.0+0x153/0x700 [ 14.505916] mempool_kmalloc_uaf+0xef/0x140 [ 14.505939] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.505966] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.505991] ? __pfx_mempool_kfree+0x10/0x10 [ 14.506016] ? __pfx_read_tsc+0x10/0x10 [ 14.506037] ? ktime_get_ts64+0x86/0x230 [ 14.506074] kunit_try_run_case+0x1a5/0x480 [ 14.506099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.506122] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.506148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.506172] ? __kthread_parkme+0x82/0x180 [ 14.506193] ? preempt_count_sub+0x50/0x80 [ 14.506216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.506241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.506266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.506292] kthread+0x337/0x6f0 [ 14.506311] ? trace_preempt_on+0x20/0xc0 [ 14.506335] ? __pfx_kthread+0x10/0x10 [ 14.506356] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.506391] ? calculate_sigpending+0x7b/0xa0 [ 14.506417] ? __pfx_kthread+0x10/0x10 [ 14.506439] ret_from_fork+0x116/0x1d0 [ 14.506457] ? __pfx_kthread+0x10/0x10 [ 14.506478] ret_from_fork_asm+0x1a/0x30 [ 14.506510] </TASK> [ 14.506522] [ 14.518329] Allocated by task 244: [ 14.518527] kasan_save_stack+0x45/0x70 [ 14.518698] kasan_save_track+0x18/0x40 [ 14.518835] kasan_save_alloc_info+0x3b/0x50 [ 14.519058] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.519380] remove_element+0x11e/0x190 [ 14.519662] mempool_alloc_preallocated+0x4d/0x90 [ 14.519827] mempool_uaf_helper+0x96/0x400 [ 14.520007] mempool_kmalloc_uaf+0xef/0x140 [ 14.520333] kunit_try_run_case+0x1a5/0x480 [ 14.520542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.520898] kthread+0x337/0x6f0 [ 14.521163] ret_from_fork+0x116/0x1d0 [ 14.521344] ret_from_fork_asm+0x1a/0x30 [ 14.521564] [ 14.521661] Freed by task 244: [ 14.521795] kasan_save_stack+0x45/0x70 [ 14.521931] kasan_save_track+0x18/0x40 [ 14.522079] kasan_save_free_info+0x3f/0x60 [ 14.522430] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.522671] mempool_free+0x2ec/0x380 [ 14.522985] mempool_uaf_helper+0x11a/0x400 [ 14.523363] mempool_kmalloc_uaf+0xef/0x140 [ 14.523589] kunit_try_run_case+0x1a5/0x480 [ 14.523785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.524012] kthread+0x337/0x6f0 [ 14.524332] ret_from_fork+0x116/0x1d0 [ 14.524476] ret_from_fork_asm+0x1a/0x30 [ 14.524636] [ 14.524734] The buggy address belongs to the object at ffff888102af6a00 [ 14.524734] which belongs to the cache kmalloc-128 of size 128 [ 14.525331] The buggy address is located 0 bytes inside of [ 14.525331] freed 128-byte region [ffff888102af6a00, ffff888102af6a80) [ 14.525851] [ 14.525929] The buggy address belongs to the physical page: [ 14.526114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af6 [ 14.526591] flags: 0x200000000000000(node=0|zone=2) [ 14.526831] page_type: f5(slab) [ 14.527002] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.527314] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.527663] page dumped because: kasan: bad access detected [ 14.527840] [ 14.527909] Memory state around the buggy address: [ 14.528099] ffff888102af6900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.528417] ffff888102af6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.528765] >ffff888102af6a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.529136] ^ [ 14.529253] ffff888102af6a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.529786] ffff888102af6b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.530213] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.400815] ================================================================== [ 14.401498] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.401884] Read of size 1 at addr ffff888102af6673 by task kunit_try_catch/238 [ 14.402189] [ 14.402318] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.402368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.402380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.402403] Call Trace: [ 14.402428] <TASK> [ 14.402447] dump_stack_lvl+0x73/0xb0 [ 14.402479] print_report+0xd1/0x650 [ 14.402514] ? __virt_addr_valid+0x1db/0x2d0 [ 14.402540] ? mempool_oob_right_helper+0x318/0x380 [ 14.402563] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.402588] ? mempool_oob_right_helper+0x318/0x380 [ 14.402610] kasan_report+0x141/0x180 [ 14.402631] ? mempool_oob_right_helper+0x318/0x380 [ 14.402659] __asan_report_load1_noabort+0x18/0x20 [ 14.402682] mempool_oob_right_helper+0x318/0x380 [ 14.402715] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.402741] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.402763] ? finish_task_switch.isra.0+0x153/0x700 [ 14.402800] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.402823] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 14.402849] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.402873] ? __pfx_mempool_kfree+0x10/0x10 [ 14.402897] ? __pfx_read_tsc+0x10/0x10 [ 14.402919] ? ktime_get_ts64+0x86/0x230 [ 14.402943] kunit_try_run_case+0x1a5/0x480 [ 14.402969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.402991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.403014] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.403037] ? __kthread_parkme+0x82/0x180 [ 14.403066] ? preempt_count_sub+0x50/0x80 [ 14.403089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.403112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.403135] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.403158] kthread+0x337/0x6f0 [ 14.403177] ? trace_preempt_on+0x20/0xc0 [ 14.403200] ? __pfx_kthread+0x10/0x10 [ 14.403220] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.403240] ? calculate_sigpending+0x7b/0xa0 [ 14.403264] ? __pfx_kthread+0x10/0x10 [ 14.403285] ret_from_fork+0x116/0x1d0 [ 14.403303] ? __pfx_kthread+0x10/0x10 [ 14.403322] ret_from_fork_asm+0x1a/0x30 [ 14.403354] </TASK> [ 14.403367] [ 14.412690] Allocated by task 238: [ 14.412884] kasan_save_stack+0x45/0x70 [ 14.413102] kasan_save_track+0x18/0x40 [ 14.413256] kasan_save_alloc_info+0x3b/0x50 [ 14.413415] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.413706] remove_element+0x11e/0x190 [ 14.413905] mempool_alloc_preallocated+0x4d/0x90 [ 14.414079] mempool_oob_right_helper+0x8a/0x380 [ 14.414238] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.414466] kunit_try_run_case+0x1a5/0x480 [ 14.414675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.414852] kthread+0x337/0x6f0 [ 14.414973] ret_from_fork+0x116/0x1d0 [ 14.415174] ret_from_fork_asm+0x1a/0x30 [ 14.415383] [ 14.415484] The buggy address belongs to the object at ffff888102af6600 [ 14.415484] which belongs to the cache kmalloc-128 of size 128 [ 14.416139] The buggy address is located 0 bytes to the right of [ 14.416139] allocated 115-byte region [ffff888102af6600, ffff888102af6673) [ 14.416706] [ 14.416797] The buggy address belongs to the physical page: [ 14.417007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af6 [ 14.417346] flags: 0x200000000000000(node=0|zone=2) [ 14.417611] page_type: f5(slab) [ 14.417761] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.418005] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.418361] page dumped because: kasan: bad access detected [ 14.418583] [ 14.418656] Memory state around the buggy address: [ 14.418819] ffff888102af6500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.419423] ffff888102af6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.419771] >ffff888102af6600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.420073] ^ [ 14.420336] ffff888102af6680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.420602] ffff888102af6700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.421007] ================================================================== [ 14.424962] ================================================================== [ 14.425463] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.425782] Read of size 1 at addr ffff888102b82001 by task kunit_try_catch/240 [ 14.426050] [ 14.426226] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.426277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.426291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.426319] Call Trace: [ 14.426334] <TASK> [ 14.426352] dump_stack_lvl+0x73/0xb0 [ 14.426382] print_report+0xd1/0x650 [ 14.426405] ? __virt_addr_valid+0x1db/0x2d0 [ 14.426429] ? mempool_oob_right_helper+0x318/0x380 [ 14.426453] ? kasan_addr_to_slab+0x11/0xa0 [ 14.426474] ? mempool_oob_right_helper+0x318/0x380 [ 14.426499] kasan_report+0x141/0x180 [ 14.426520] ? mempool_oob_right_helper+0x318/0x380 [ 14.426549] __asan_report_load1_noabort+0x18/0x20 [ 14.426574] mempool_oob_right_helper+0x318/0x380 [ 14.426600] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.426627] ? __kasan_check_write+0x18/0x20 [ 14.426646] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.426670] ? finish_task_switch.isra.0+0x153/0x700 [ 14.426697] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 14.426722] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.426750] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.426775] ? __pfx_mempool_kfree+0x10/0x10 [ 14.426799] ? __pfx_read_tsc+0x10/0x10 [ 14.426820] ? ktime_get_ts64+0x86/0x230 [ 14.426845] kunit_try_run_case+0x1a5/0x480 [ 14.426870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.426893] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.426917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.426941] ? __kthread_parkme+0x82/0x180 [ 14.426962] ? preempt_count_sub+0x50/0x80 [ 14.426985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.427009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.427033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.427469] kthread+0x337/0x6f0 [ 14.427492] ? trace_preempt_on+0x20/0xc0 [ 14.427518] ? __pfx_kthread+0x10/0x10 [ 14.427539] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.427561] ? calculate_sigpending+0x7b/0xa0 [ 14.427586] ? __pfx_kthread+0x10/0x10 [ 14.427608] ret_from_fork+0x116/0x1d0 [ 14.427626] ? __pfx_kthread+0x10/0x10 [ 14.427646] ret_from_fork_asm+0x1a/0x30 [ 14.427680] </TASK> [ 14.427693] [ 14.440554] The buggy address belongs to the physical page: [ 14.441255] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b80 [ 14.441797] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.442299] flags: 0x200000000000040(head|node=0|zone=2) [ 14.442702] page_type: f8(unknown) [ 14.442836] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.443128] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.443510] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.444121] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.444597] head: 0200000000000002 ffffea00040ae001 00000000ffffffff 00000000ffffffff [ 14.444924] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.445562] page dumped because: kasan: bad access detected [ 14.445838] [ 14.446163] Memory state around the buggy address: [ 14.446504] ffff888102b81f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.446812] ffff888102b81f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.447338] >ffff888102b82000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.447795] ^ [ 14.448054] ffff888102b82080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.448542] ffff888102b82100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.448834] ================================================================== [ 14.461805] ================================================================== [ 14.462721] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.463302] Read of size 1 at addr ffff88810261f2bb by task kunit_try_catch/242 [ 14.463818] [ 14.464239] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.464312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.464325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.464349] Call Trace: [ 14.464362] <TASK> [ 14.464381] dump_stack_lvl+0x73/0xb0 [ 14.464413] print_report+0xd1/0x650 [ 14.464436] ? __virt_addr_valid+0x1db/0x2d0 [ 14.464461] ? mempool_oob_right_helper+0x318/0x380 [ 14.464484] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.464662] ? mempool_oob_right_helper+0x318/0x380 [ 14.464692] kasan_report+0x141/0x180 [ 14.464714] ? mempool_oob_right_helper+0x318/0x380 [ 14.464742] __asan_report_load1_noabort+0x18/0x20 [ 14.464766] mempool_oob_right_helper+0x318/0x380 [ 14.464789] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.464815] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.464839] ? finish_task_switch.isra.0+0x153/0x700 [ 14.464864] mempool_slab_oob_right+0xed/0x140 [ 14.464887] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.464911] ? __kasan_check_write+0x18/0x20 [ 14.464931] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.464955] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.464981] ? __pfx_read_tsc+0x10/0x10 [ 14.465002] ? ktime_get_ts64+0x86/0x230 [ 14.465023] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.465133] kunit_try_run_case+0x1a5/0x480 [ 14.465164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.465187] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.465212] ? __kthread_parkme+0x82/0x180 [ 14.465233] ? preempt_count_sub+0x50/0x80 [ 14.465256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.465278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.465301] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.465323] kthread+0x337/0x6f0 [ 14.465341] ? trace_preempt_on+0x20/0xc0 [ 14.465365] ? __pfx_kthread+0x10/0x10 [ 14.465384] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.465405] ? calculate_sigpending+0x7b/0xa0 [ 14.465428] ? __pfx_kthread+0x10/0x10 [ 14.465449] ret_from_fork+0x116/0x1d0 [ 14.465467] ? __pfx_kthread+0x10/0x10 [ 14.465487] ret_from_fork_asm+0x1a/0x30 [ 14.465519] </TASK> [ 14.465531] [ 14.478795] Allocated by task 242: [ 14.479355] kasan_save_stack+0x45/0x70 [ 14.479681] kasan_save_track+0x18/0x40 [ 14.479842] kasan_save_alloc_info+0x3b/0x50 [ 14.480306] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.480820] remove_element+0x11e/0x190 [ 14.481010] mempool_alloc_preallocated+0x4d/0x90 [ 14.481361] mempool_oob_right_helper+0x8a/0x380 [ 14.481856] mempool_slab_oob_right+0xed/0x140 [ 14.482171] kunit_try_run_case+0x1a5/0x480 [ 14.482463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.482906] kthread+0x337/0x6f0 [ 14.483077] ret_from_fork+0x116/0x1d0 [ 14.483756] ret_from_fork_asm+0x1a/0x30 [ 14.483957] [ 14.484038] The buggy address belongs to the object at ffff88810261f240 [ 14.484038] which belongs to the cache test_cache of size 123 [ 14.485032] The buggy address is located 0 bytes to the right of [ 14.485032] allocated 123-byte region [ffff88810261f240, ffff88810261f2bb) [ 14.485923] [ 14.486059] The buggy address belongs to the physical page: [ 14.486472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 14.486834] flags: 0x200000000000000(node=0|zone=2) [ 14.487299] page_type: f5(slab) [ 14.487646] raw: 0200000000000000 ffff888101f21500 dead000000000122 0000000000000000 [ 14.488059] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.488427] page dumped because: kasan: bad access detected [ 14.488958] [ 14.489274] Memory state around the buggy address: [ 14.489586] ffff88810261f180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.489989] ffff88810261f200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.490443] >ffff88810261f280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.490968] ^ [ 14.491481] ffff88810261f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.492028] ffff88810261f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.492359] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.830269] ================================================================== [ 13.830916] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.831407] Read of size 1 at addr ffff88810161c8c0 by task kunit_try_catch/232 [ 13.832582] [ 13.832780] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.832829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.832843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.832865] Call Trace: [ 13.832879] <TASK> [ 13.832901] dump_stack_lvl+0x73/0xb0 [ 13.832935] print_report+0xd1/0x650 [ 13.832957] ? __virt_addr_valid+0x1db/0x2d0 [ 13.832983] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.833006] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.833032] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.833198] kasan_report+0x141/0x180 [ 13.833224] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.833251] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.833275] __kasan_check_byte+0x3d/0x50 [ 13.833298] kmem_cache_destroy+0x25/0x1d0 [ 13.833321] kmem_cache_double_destroy+0x1bf/0x380 [ 13.833345] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.833368] ? finish_task_switch.isra.0+0x153/0x700 [ 13.833390] ? __switch_to+0x47/0xf50 [ 13.833421] ? __pfx_read_tsc+0x10/0x10 [ 13.833442] ? ktime_get_ts64+0x86/0x230 [ 13.833466] kunit_try_run_case+0x1a5/0x480 [ 13.833492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.833513] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.833537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.833565] ? __kthread_parkme+0x82/0x180 [ 13.833586] ? preempt_count_sub+0x50/0x80 [ 13.833609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.833631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.833653] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.833676] kthread+0x337/0x6f0 [ 13.833694] ? trace_preempt_on+0x20/0xc0 [ 13.833717] ? __pfx_kthread+0x10/0x10 [ 13.833736] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.833757] ? calculate_sigpending+0x7b/0xa0 [ 13.833781] ? __pfx_kthread+0x10/0x10 [ 13.833801] ret_from_fork+0x116/0x1d0 [ 13.833819] ? __pfx_kthread+0x10/0x10 [ 13.833839] ret_from_fork_asm+0x1a/0x30 [ 13.833871] </TASK> [ 13.833883] [ 13.844907] Allocated by task 232: [ 13.845118] kasan_save_stack+0x45/0x70 [ 13.845387] kasan_save_track+0x18/0x40 [ 13.845616] kasan_save_alloc_info+0x3b/0x50 [ 13.845904] __kasan_slab_alloc+0x91/0xa0 [ 13.846378] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.846644] __kmem_cache_create_args+0x169/0x240 [ 13.846860] kmem_cache_double_destroy+0xd5/0x380 [ 13.847118] kunit_try_run_case+0x1a5/0x480 [ 13.847441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.847724] kthread+0x337/0x6f0 [ 13.847889] ret_from_fork+0x116/0x1d0 [ 13.848201] ret_from_fork_asm+0x1a/0x30 [ 13.848456] [ 13.848626] Freed by task 232: [ 13.848741] kasan_save_stack+0x45/0x70 [ 13.848984] kasan_save_track+0x18/0x40 [ 13.849291] kasan_save_free_info+0x3f/0x60 [ 13.849486] __kasan_slab_free+0x56/0x70 [ 13.849755] kmem_cache_free+0x249/0x420 [ 13.849981] slab_kmem_cache_release+0x2e/0x40 [ 13.850397] kmem_cache_release+0x16/0x20 [ 13.850630] kobject_put+0x181/0x450 [ 13.850854] sysfs_slab_release+0x16/0x20 [ 13.851054] kmem_cache_destroy+0xf0/0x1d0 [ 13.851249] kmem_cache_double_destroy+0x14e/0x380 [ 13.851485] kunit_try_run_case+0x1a5/0x480 [ 13.851697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.851942] kthread+0x337/0x6f0 [ 13.852110] ret_from_fork+0x116/0x1d0 [ 13.852286] ret_from_fork_asm+0x1a/0x30 [ 13.852471] [ 13.852562] The buggy address belongs to the object at ffff88810161c8c0 [ 13.852562] which belongs to the cache kmem_cache of size 208 [ 13.853204] The buggy address is located 0 bytes inside of [ 13.853204] freed 208-byte region [ffff88810161c8c0, ffff88810161c990) [ 13.853592] [ 13.853670] The buggy address belongs to the physical page: [ 13.853928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10161c [ 13.854606] flags: 0x200000000000000(node=0|zone=2) [ 13.854888] page_type: f5(slab) [ 13.855128] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.855456] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.855880] page dumped because: kasan: bad access detected [ 13.856202] [ 13.856300] Memory state around the buggy address: [ 13.856546] ffff88810161c780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.856894] ffff88810161c800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.857307] >ffff88810161c880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.857696] ^ [ 13.857956] ffff88810161c900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.858457] ffff88810161c980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.858805] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.770289] ================================================================== [ 13.770781] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.771507] Read of size 1 at addr ffff88810261a000 by task kunit_try_catch/230 [ 13.771855] [ 13.771967] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.772015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.772027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.772060] Call Trace: [ 13.772072] <TASK> [ 13.772093] dump_stack_lvl+0x73/0xb0 [ 13.772126] print_report+0xd1/0x650 [ 13.772148] ? __virt_addr_valid+0x1db/0x2d0 [ 13.772172] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.772193] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.772218] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.772239] kasan_report+0x141/0x180 [ 13.772260] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.772287] __asan_report_load1_noabort+0x18/0x20 [ 13.772310] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.772333] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.772353] ? finish_task_switch.isra.0+0x153/0x700 [ 13.772376] ? __switch_to+0x47/0xf50 [ 13.772405] ? __pfx_read_tsc+0x10/0x10 [ 13.772425] ? ktime_get_ts64+0x86/0x230 [ 13.772449] kunit_try_run_case+0x1a5/0x480 [ 13.772473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.772494] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.772518] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.772540] ? __kthread_parkme+0x82/0x180 [ 13.772562] ? preempt_count_sub+0x50/0x80 [ 13.772583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.772605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.772626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.772648] kthread+0x337/0x6f0 [ 13.772666] ? trace_preempt_on+0x20/0xc0 [ 13.772689] ? __pfx_kthread+0x10/0x10 [ 13.772708] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.772728] ? calculate_sigpending+0x7b/0xa0 [ 13.772751] ? __pfx_kthread+0x10/0x10 [ 13.772771] ret_from_fork+0x116/0x1d0 [ 13.772788] ? __pfx_kthread+0x10/0x10 [ 13.772808] ret_from_fork_asm+0x1a/0x30 [ 13.772839] </TASK> [ 13.772851] [ 13.783530] Allocated by task 230: [ 13.783683] kasan_save_stack+0x45/0x70 [ 13.784144] kasan_save_track+0x18/0x40 [ 13.784284] kasan_save_alloc_info+0x3b/0x50 [ 13.784431] __kasan_slab_alloc+0x91/0xa0 [ 13.785501] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.785693] kmem_cache_rcu_uaf+0x155/0x510 [ 13.785851] kunit_try_run_case+0x1a5/0x480 [ 13.786072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.786284] kthread+0x337/0x6f0 [ 13.786455] ret_from_fork+0x116/0x1d0 [ 13.787388] ret_from_fork_asm+0x1a/0x30 [ 13.787545] [ 13.787619] Freed by task 0: [ 13.787730] kasan_save_stack+0x45/0x70 [ 13.788615] kasan_save_track+0x18/0x40 [ 13.788873] kasan_save_free_info+0x3f/0x60 [ 13.789062] __kasan_slab_free+0x56/0x70 [ 13.789373] slab_free_after_rcu_debug+0xe4/0x310 [ 13.789630] rcu_core+0x66f/0x1c40 [ 13.789805] rcu_core_si+0x12/0x20 [ 13.790052] handle_softirqs+0x209/0x730 [ 13.790465] __irq_exit_rcu+0xc9/0x110 [ 13.791131] irq_exit_rcu+0x12/0x20 [ 13.791336] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.791770] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.792009] [ 13.792138] Last potentially related work creation: [ 13.792476] kasan_save_stack+0x45/0x70 [ 13.792960] kasan_record_aux_stack+0xb2/0xc0 [ 13.793366] kmem_cache_free+0x131/0x420 [ 13.793580] kmem_cache_rcu_uaf+0x194/0x510 [ 13.793889] kunit_try_run_case+0x1a5/0x480 [ 13.794242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.794478] kthread+0x337/0x6f0 [ 13.794725] ret_from_fork+0x116/0x1d0 [ 13.794877] ret_from_fork_asm+0x1a/0x30 [ 13.795221] [ 13.795378] The buggy address belongs to the object at ffff88810261a000 [ 13.795378] which belongs to the cache test_cache of size 200 [ 13.795982] The buggy address is located 0 bytes inside of [ 13.795982] freed 200-byte region [ffff88810261a000, ffff88810261a0c8) [ 13.796874] [ 13.796985] The buggy address belongs to the physical page: [ 13.797435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261a [ 13.797809] flags: 0x200000000000000(node=0|zone=2) [ 13.798083] page_type: f5(slab) [ 13.798386] raw: 0200000000000000 ffff888101f213c0 dead000000000122 0000000000000000 [ 13.798759] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.799083] page dumped because: kasan: bad access detected [ 13.799332] [ 13.799420] Memory state around the buggy address: [ 13.799936] ffff888102619f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.800415] ffff888102619f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.800754] >ffff88810261a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.801196] ^ [ 13.801356] ffff88810261a080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.801847] ffff88810261a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.802228] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.695975] ================================================================== [ 13.696751] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.697567] Free of addr ffff888102b0c001 by task kunit_try_catch/228 [ 13.698210] [ 13.698483] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.698532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.698544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.698566] Call Trace: [ 13.698579] <TASK> [ 13.698598] dump_stack_lvl+0x73/0xb0 [ 13.698629] print_report+0xd1/0x650 [ 13.698690] ? __virt_addr_valid+0x1db/0x2d0 [ 13.698716] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.698752] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.698777] kasan_report_invalid_free+0x10a/0x130 [ 13.698800] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.698825] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.698847] check_slab_allocation+0x11f/0x130 [ 13.698868] __kasan_slab_pre_free+0x28/0x40 [ 13.698887] kmem_cache_free+0xed/0x420 [ 13.698906] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.698925] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.698952] kmem_cache_invalid_free+0x1d8/0x460 [ 13.698975] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.698997] ? finish_task_switch.isra.0+0x153/0x700 [ 13.699019] ? __switch_to+0x47/0xf50 [ 13.699058] ? __pfx_read_tsc+0x10/0x10 [ 13.699078] ? ktime_get_ts64+0x86/0x230 [ 13.699103] kunit_try_run_case+0x1a5/0x480 [ 13.699128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.699149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.699172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.699195] ? __kthread_parkme+0x82/0x180 [ 13.699215] ? preempt_count_sub+0x50/0x80 [ 13.699237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.699259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.699281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.699302] kthread+0x337/0x6f0 [ 13.699320] ? trace_preempt_on+0x20/0xc0 [ 13.699343] ? __pfx_kthread+0x10/0x10 [ 13.699362] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.699383] ? calculate_sigpending+0x7b/0xa0 [ 13.699406] ? __pfx_kthread+0x10/0x10 [ 13.699427] ret_from_fork+0x116/0x1d0 [ 13.699444] ? __pfx_kthread+0x10/0x10 [ 13.699463] ret_from_fork_asm+0x1a/0x30 [ 13.699494] </TASK> [ 13.699505] [ 13.713531] Allocated by task 228: [ 13.713765] kasan_save_stack+0x45/0x70 [ 13.713914] kasan_save_track+0x18/0x40 [ 13.714075] kasan_save_alloc_info+0x3b/0x50 [ 13.714325] __kasan_slab_alloc+0x91/0xa0 [ 13.714780] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.714996] kmem_cache_invalid_free+0x157/0x460 [ 13.715185] kunit_try_run_case+0x1a5/0x480 [ 13.715393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.715928] kthread+0x337/0x6f0 [ 13.716281] ret_from_fork+0x116/0x1d0 [ 13.716435] ret_from_fork_asm+0x1a/0x30 [ 13.716868] [ 13.717069] The buggy address belongs to the object at ffff888102b0c000 [ 13.717069] which belongs to the cache test_cache of size 200 [ 13.717751] The buggy address is located 1 bytes inside of [ 13.717751] 200-byte region [ffff888102b0c000, ffff888102b0c0c8) [ 13.718107] [ 13.718270] The buggy address belongs to the physical page: [ 13.718844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b0c [ 13.719628] flags: 0x200000000000000(node=0|zone=2) [ 13.720140] page_type: f5(slab) [ 13.720468] raw: 0200000000000000 ffff88810161c780 dead000000000122 0000000000000000 [ 13.721269] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.721925] page dumped because: kasan: bad access detected [ 13.722468] [ 13.722594] Memory state around the buggy address: [ 13.723031] ffff888102b0bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.723416] ffff888102b0bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.723895] >ffff888102b0c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.724557] ^ [ 13.724907] ffff888102b0c080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.725279] ffff888102b0c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.725780] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.655695] ================================================================== [ 13.656189] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.656908] Free of addr ffff888102618000 by task kunit_try_catch/226 [ 13.657488] [ 13.657746] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.657795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.657807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.657828] Call Trace: [ 13.657841] <TASK> [ 13.657858] dump_stack_lvl+0x73/0xb0 [ 13.657889] print_report+0xd1/0x650 [ 13.657933] ? __virt_addr_valid+0x1db/0x2d0 [ 13.657960] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.657986] ? kmem_cache_double_free+0x1e5/0x480 [ 13.658010] kasan_report_invalid_free+0x10a/0x130 [ 13.658033] ? kmem_cache_double_free+0x1e5/0x480 [ 13.658170] ? kmem_cache_double_free+0x1e5/0x480 [ 13.658193] check_slab_allocation+0x101/0x130 [ 13.658215] __kasan_slab_pre_free+0x28/0x40 [ 13.658235] kmem_cache_free+0xed/0x420 [ 13.658255] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.658274] ? kmem_cache_double_free+0x1e5/0x480 [ 13.658300] kmem_cache_double_free+0x1e5/0x480 [ 13.658322] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.658344] ? finish_task_switch.isra.0+0x153/0x700 [ 13.658365] ? __switch_to+0x47/0xf50 [ 13.658394] ? __pfx_read_tsc+0x10/0x10 [ 13.658414] ? ktime_get_ts64+0x86/0x230 [ 13.658437] kunit_try_run_case+0x1a5/0x480 [ 13.658460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.658481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.658524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.658546] ? __kthread_parkme+0x82/0x180 [ 13.658565] ? preempt_count_sub+0x50/0x80 [ 13.658588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.658610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.658631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.658653] kthread+0x337/0x6f0 [ 13.658671] ? trace_preempt_on+0x20/0xc0 [ 13.658693] ? __pfx_kthread+0x10/0x10 [ 13.658713] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.658732] ? calculate_sigpending+0x7b/0xa0 [ 13.658756] ? __pfx_kthread+0x10/0x10 [ 13.658776] ret_from_fork+0x116/0x1d0 [ 13.658793] ? __pfx_kthread+0x10/0x10 [ 13.658812] ret_from_fork_asm+0x1a/0x30 [ 13.658843] </TASK> [ 13.658854] [ 13.670895] Allocated by task 226: [ 13.671710] kasan_save_stack+0x45/0x70 [ 13.671908] kasan_save_track+0x18/0x40 [ 13.672147] kasan_save_alloc_info+0x3b/0x50 [ 13.672334] __kasan_slab_alloc+0x91/0xa0 [ 13.672755] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.673054] kmem_cache_double_free+0x14f/0x480 [ 13.673326] kunit_try_run_case+0x1a5/0x480 [ 13.673737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.673991] kthread+0x337/0x6f0 [ 13.674351] ret_from_fork+0x116/0x1d0 [ 13.674636] ret_from_fork_asm+0x1a/0x30 [ 13.674859] [ 13.675096] Freed by task 226: [ 13.675408] kasan_save_stack+0x45/0x70 [ 13.675562] kasan_save_track+0x18/0x40 [ 13.676155] kasan_save_free_info+0x3f/0x60 [ 13.676456] __kasan_slab_free+0x56/0x70 [ 13.676826] kmem_cache_free+0x249/0x420 [ 13.677025] kmem_cache_double_free+0x16a/0x480 [ 13.677604] kunit_try_run_case+0x1a5/0x480 [ 13.677803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.678162] kthread+0x337/0x6f0 [ 13.678406] ret_from_fork+0x116/0x1d0 [ 13.678624] ret_from_fork_asm+0x1a/0x30 [ 13.678946] [ 13.679061] The buggy address belongs to the object at ffff888102618000 [ 13.679061] which belongs to the cache test_cache of size 200 [ 13.680295] The buggy address is located 0 bytes inside of [ 13.680295] 200-byte region [ffff888102618000, ffff8881026180c8) [ 13.681017] [ 13.681380] The buggy address belongs to the physical page: [ 13.681658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102618 [ 13.682156] flags: 0x200000000000000(node=0|zone=2) [ 13.682561] page_type: f5(slab) [ 13.682756] raw: 0200000000000000 ffff888101f21280 dead000000000122 0000000000000000 [ 13.683297] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.683954] page dumped because: kasan: bad access detected [ 13.684422] [ 13.684558] Memory state around the buggy address: [ 13.684869] ffff888102617f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.685243] ffff888102617f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.685849] >ffff888102618000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.686401] ^ [ 13.686628] ffff888102618080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.687018] ffff888102618100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.687679] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.609316] ================================================================== [ 13.610526] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.610761] Read of size 1 at addr ffff8881026160c8 by task kunit_try_catch/224 [ 13.610978] [ 13.611374] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.611725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.611742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.611765] Call Trace: [ 13.611779] <TASK> [ 13.611797] dump_stack_lvl+0x73/0xb0 [ 13.611830] print_report+0xd1/0x650 [ 13.611851] ? __virt_addr_valid+0x1db/0x2d0 [ 13.611873] ? kmem_cache_oob+0x402/0x530 [ 13.611894] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.611919] ? kmem_cache_oob+0x402/0x530 [ 13.611940] kasan_report+0x141/0x180 [ 13.611961] ? kmem_cache_oob+0x402/0x530 [ 13.611987] __asan_report_load1_noabort+0x18/0x20 [ 13.612010] kmem_cache_oob+0x402/0x530 [ 13.612032] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.612065] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.612094] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.612119] kunit_try_run_case+0x1a5/0x480 [ 13.612143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.612164] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.612186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.612208] ? __kthread_parkme+0x82/0x180 [ 13.612227] ? preempt_count_sub+0x50/0x80 [ 13.612250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.612272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.612293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.612314] kthread+0x337/0x6f0 [ 13.612332] ? trace_preempt_on+0x20/0xc0 [ 13.612354] ? __pfx_kthread+0x10/0x10 [ 13.612373] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.612392] ? calculate_sigpending+0x7b/0xa0 [ 13.612415] ? __pfx_kthread+0x10/0x10 [ 13.612435] ret_from_fork+0x116/0x1d0 [ 13.612452] ? __pfx_kthread+0x10/0x10 [ 13.612471] ret_from_fork_asm+0x1a/0x30 [ 13.612502] </TASK> [ 13.612513] [ 13.626015] Allocated by task 224: [ 13.626522] kasan_save_stack+0x45/0x70 [ 13.626743] kasan_save_track+0x18/0x40 [ 13.627057] kasan_save_alloc_info+0x3b/0x50 [ 13.627320] __kasan_slab_alloc+0x91/0xa0 [ 13.627707] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.627919] kmem_cache_oob+0x157/0x530 [ 13.628198] kunit_try_run_case+0x1a5/0x480 [ 13.628531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.628972] kthread+0x337/0x6f0 [ 13.629258] ret_from_fork+0x116/0x1d0 [ 13.629416] ret_from_fork_asm+0x1a/0x30 [ 13.629785] [ 13.630006] The buggy address belongs to the object at ffff888102616000 [ 13.630006] which belongs to the cache test_cache of size 200 [ 13.630946] The buggy address is located 0 bytes to the right of [ 13.630946] allocated 200-byte region [ffff888102616000, ffff8881026160c8) [ 13.631736] [ 13.631912] The buggy address belongs to the physical page: [ 13.632142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102616 [ 13.632889] flags: 0x200000000000000(node=0|zone=2) [ 13.633220] page_type: f5(slab) [ 13.633563] raw: 0200000000000000 ffff888101f21140 dead000000000122 0000000000000000 [ 13.633910] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.634602] page dumped because: kasan: bad access detected [ 13.634936] [ 13.635267] Memory state around the buggy address: [ 13.635505] ffff888102615f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.635859] ffff888102616000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.636456] >ffff888102616080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.636822] ^ [ 13.637108] ffff888102616100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.637679] ffff888102616180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.637991] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.571212] ================================================================== [ 13.571819] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.572735] Read of size 8 at addr ffff88810260e7c0 by task kunit_try_catch/217 [ 13.573570] [ 13.573759] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.573806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.573817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.573837] Call Trace: [ 13.573851] <TASK> [ 13.573868] dump_stack_lvl+0x73/0xb0 [ 13.573898] print_report+0xd1/0x650 [ 13.573919] ? __virt_addr_valid+0x1db/0x2d0 [ 13.573940] ? workqueue_uaf+0x4d6/0x560 [ 13.573961] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.573985] ? workqueue_uaf+0x4d6/0x560 [ 13.574005] kasan_report+0x141/0x180 [ 13.574027] ? workqueue_uaf+0x4d6/0x560 [ 13.574066] __asan_report_load8_noabort+0x18/0x20 [ 13.574090] workqueue_uaf+0x4d6/0x560 [ 13.574111] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.574135] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.574160] kunit_try_run_case+0x1a5/0x480 [ 13.574182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.574203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.574227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.574248] ? __kthread_parkme+0x82/0x180 [ 13.574267] ? preempt_count_sub+0x50/0x80 [ 13.574290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.574312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.574335] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.574356] kthread+0x337/0x6f0 [ 13.574374] ? trace_preempt_on+0x20/0xc0 [ 13.574397] ? __pfx_kthread+0x10/0x10 [ 13.574417] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.574436] ? calculate_sigpending+0x7b/0xa0 [ 13.574459] ? __pfx_kthread+0x10/0x10 [ 13.574479] ret_from_fork+0x116/0x1d0 [ 13.574496] ? __pfx_kthread+0x10/0x10 [ 13.574524] ret_from_fork_asm+0x1a/0x30 [ 13.574555] </TASK> [ 13.574566] [ 13.586697] Allocated by task 217: [ 13.586920] kasan_save_stack+0x45/0x70 [ 13.587142] kasan_save_track+0x18/0x40 [ 13.587497] kasan_save_alloc_info+0x3b/0x50 [ 13.587889] __kasan_kmalloc+0xb7/0xc0 [ 13.588306] __kmalloc_cache_noprof+0x189/0x420 [ 13.588521] workqueue_uaf+0x152/0x560 [ 13.588656] kunit_try_run_case+0x1a5/0x480 [ 13.588802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.588976] kthread+0x337/0x6f0 [ 13.589208] ret_from_fork+0x116/0x1d0 [ 13.589365] ret_from_fork_asm+0x1a/0x30 [ 13.589596] [ 13.589683] Freed by task 44: [ 13.589801] kasan_save_stack+0x45/0x70 [ 13.589944] kasan_save_track+0x18/0x40 [ 13.590223] kasan_save_free_info+0x3f/0x60 [ 13.590440] __kasan_slab_free+0x56/0x70 [ 13.590578] kfree+0x222/0x3f0 [ 13.590709] workqueue_uaf_work+0x12/0x20 [ 13.590923] process_one_work+0x5ee/0xf60 [ 13.591134] worker_thread+0x758/0x1220 [ 13.591284] kthread+0x337/0x6f0 [ 13.591448] ret_from_fork+0x116/0x1d0 [ 13.591814] ret_from_fork_asm+0x1a/0x30 [ 13.592008] [ 13.592186] Last potentially related work creation: [ 13.592346] kasan_save_stack+0x45/0x70 [ 13.592509] kasan_record_aux_stack+0xb2/0xc0 [ 13.592723] __queue_work+0x626/0xeb0 [ 13.592929] queue_work_on+0xb6/0xc0 [ 13.593254] workqueue_uaf+0x26d/0x560 [ 13.593402] kunit_try_run_case+0x1a5/0x480 [ 13.593548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.593934] kthread+0x337/0x6f0 [ 13.594119] ret_from_fork+0x116/0x1d0 [ 13.594394] ret_from_fork_asm+0x1a/0x30 [ 13.594625] [ 13.594697] The buggy address belongs to the object at ffff88810260e7c0 [ 13.594697] which belongs to the cache kmalloc-32 of size 32 [ 13.595170] The buggy address is located 0 bytes inside of [ 13.595170] freed 32-byte region [ffff88810260e7c0, ffff88810260e7e0) [ 13.595584] [ 13.595658] The buggy address belongs to the physical page: [ 13.596261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10260e [ 13.596657] flags: 0x200000000000000(node=0|zone=2) [ 13.596858] page_type: f5(slab) [ 13.596982] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.597536] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.597834] page dumped because: kasan: bad access detected [ 13.598132] [ 13.598212] Memory state around the buggy address: [ 13.598431] ffff88810260e680: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 13.598748] ffff88810260e700: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 13.599006] >ffff88810260e780: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.599231] ^ [ 13.599508] ffff88810260e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.599830] ffff88810260e880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.600300] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.520195] ================================================================== [ 13.520672] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.521915] Read of size 4 at addr ffff88810260e680 by task swapper/1/0 [ 13.523158] [ 13.523620] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.523671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.523684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.523706] Call Trace: [ 13.523737] <IRQ> [ 13.523756] dump_stack_lvl+0x73/0xb0 [ 13.523790] print_report+0xd1/0x650 [ 13.523813] ? __virt_addr_valid+0x1db/0x2d0 [ 13.523836] ? rcu_uaf_reclaim+0x50/0x60 [ 13.523854] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.523879] ? rcu_uaf_reclaim+0x50/0x60 [ 13.523898] kasan_report+0x141/0x180 [ 13.523919] ? rcu_uaf_reclaim+0x50/0x60 [ 13.523943] __asan_report_load4_noabort+0x18/0x20 [ 13.523965] rcu_uaf_reclaim+0x50/0x60 [ 13.523984] rcu_core+0x66f/0x1c40 [ 13.524013] ? __pfx_rcu_core+0x10/0x10 [ 13.524033] ? ktime_get+0x6b/0x150 [ 13.524068] ? handle_softirqs+0x18e/0x730 [ 13.524093] rcu_core_si+0x12/0x20 [ 13.524114] handle_softirqs+0x209/0x730 [ 13.524132] ? hrtimer_interrupt+0x2fe/0x780 [ 13.524158] ? __pfx_handle_softirqs+0x10/0x10 [ 13.524182] __irq_exit_rcu+0xc9/0x110 [ 13.524201] irq_exit_rcu+0x12/0x20 [ 13.524220] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.524242] </IRQ> [ 13.524270] <TASK> [ 13.524281] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.524377] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.524635] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 8a 21 00 fb f4 <e9> 7c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.524722] RSP: 0000:ffff888100877dc8 EFLAGS: 00010212 [ 13.524810] RAX: ffff8881c8172000 RBX: ffff888100853000 RCX: ffffffff90a730e5 [ 13.524855] RDX: ffffed102b62618b RSI: 0000000000000004 RDI: 000000000001334c [ 13.524898] RBP: ffff888100877dd0 R08: 0000000000000001 R09: ffffed102b62618a [ 13.524940] R10: ffff88815b130c53 R11: 000000000000b400 R12: 0000000000000001 [ 13.524980] R13: ffffed102010a600 R14: ffffffff927b0f90 R15: 0000000000000000 [ 13.525038] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.525107] ? default_idle+0xd/0x20 [ 13.525128] arch_cpu_idle+0xd/0x20 [ 13.525148] default_idle_call+0x48/0x80 [ 13.525166] do_idle+0x379/0x4f0 [ 13.525191] ? __pfx_do_idle+0x10/0x10 [ 13.525218] cpu_startup_entry+0x5c/0x70 [ 13.525240] start_secondary+0x211/0x290 [ 13.525261] ? __pfx_start_secondary+0x10/0x10 [ 13.525285] common_startup_64+0x13e/0x148 [ 13.525317] </TASK> [ 13.525329] [ 13.543825] Allocated by task 215: [ 13.544099] kasan_save_stack+0x45/0x70 [ 13.544500] kasan_save_track+0x18/0x40 [ 13.544637] kasan_save_alloc_info+0x3b/0x50 [ 13.544781] __kasan_kmalloc+0xb7/0xc0 [ 13.544908] __kmalloc_cache_noprof+0x189/0x420 [ 13.545136] rcu_uaf+0xb0/0x330 [ 13.545468] kunit_try_run_case+0x1a5/0x480 [ 13.545890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.546509] kthread+0x337/0x6f0 [ 13.546878] ret_from_fork+0x116/0x1d0 [ 13.547371] ret_from_fork_asm+0x1a/0x30 [ 13.547768] [ 13.547946] Freed by task 0: [ 13.548275] kasan_save_stack+0x45/0x70 [ 13.548700] kasan_save_track+0x18/0x40 [ 13.549109] kasan_save_free_info+0x3f/0x60 [ 13.549468] __kasan_slab_free+0x56/0x70 [ 13.549642] kfree+0x222/0x3f0 [ 13.549967] rcu_uaf_reclaim+0x1f/0x60 [ 13.550386] rcu_core+0x66f/0x1c40 [ 13.550785] rcu_core_si+0x12/0x20 [ 13.551070] handle_softirqs+0x209/0x730 [ 13.551489] __irq_exit_rcu+0xc9/0x110 [ 13.551675] irq_exit_rcu+0x12/0x20 [ 13.551799] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.551955] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.552206] [ 13.552395] Last potentially related work creation: [ 13.552820] kasan_save_stack+0x45/0x70 [ 13.553240] kasan_record_aux_stack+0xb2/0xc0 [ 13.553672] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 13.554193] call_rcu+0x12/0x20 [ 13.554497] rcu_uaf+0x168/0x330 [ 13.554857] kunit_try_run_case+0x1a5/0x480 [ 13.555310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.555745] kthread+0x337/0x6f0 [ 13.555862] ret_from_fork+0x116/0x1d0 [ 13.555989] ret_from_fork_asm+0x1a/0x30 [ 13.556375] [ 13.556548] The buggy address belongs to the object at ffff88810260e680 [ 13.556548] which belongs to the cache kmalloc-32 of size 32 [ 13.557831] The buggy address is located 0 bytes inside of [ 13.557831] freed 32-byte region [ffff88810260e680, ffff88810260e6a0) [ 13.558680] [ 13.558760] The buggy address belongs to the physical page: [ 13.558929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10260e [ 13.559446] flags: 0x200000000000000(node=0|zone=2) [ 13.559887] page_type: f5(slab) [ 13.560214] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.560997] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.561776] page dumped because: kasan: bad access detected [ 13.562348] [ 13.562421] Memory state around the buggy address: [ 13.562691] ffff88810260e580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.563431] ffff88810260e600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.563987] >ffff88810260e680: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.564583] ^ [ 13.564876] ffff88810260e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.565343] ffff88810260e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.565627] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.430713] ================================================================== [ 13.432070] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.432827] Read of size 1 at addr ffff888102602b00 by task kunit_try_catch/213 [ 13.433676] [ 13.433894] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.433940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.433951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.433972] Call Trace: [ 13.433984] <TASK> [ 13.434000] dump_stack_lvl+0x73/0xb0 [ 13.434028] print_report+0xd1/0x650 [ 13.434060] ? __virt_addr_valid+0x1db/0x2d0 [ 13.434082] ? ksize_uaf+0x19d/0x6c0 [ 13.434101] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.434126] ? ksize_uaf+0x19d/0x6c0 [ 13.434146] kasan_report+0x141/0x180 [ 13.434167] ? ksize_uaf+0x19d/0x6c0 [ 13.434189] ? ksize_uaf+0x19d/0x6c0 [ 13.434209] __kasan_check_byte+0x3d/0x50 [ 13.434230] ksize+0x20/0x60 [ 13.434250] ksize_uaf+0x19d/0x6c0 [ 13.434269] ? __pfx_ksize_uaf+0x10/0x10 [ 13.434289] ? __schedule+0x10cc/0x2b60 [ 13.434310] ? __pfx_read_tsc+0x10/0x10 [ 13.434330] ? ktime_get_ts64+0x86/0x230 [ 13.434353] kunit_try_run_case+0x1a5/0x480 [ 13.434376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.434397] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.434418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.434440] ? __kthread_parkme+0x82/0x180 [ 13.434459] ? preempt_count_sub+0x50/0x80 [ 13.434482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.434575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.434615] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.434637] kthread+0x337/0x6f0 [ 13.434655] ? trace_preempt_on+0x20/0xc0 [ 13.434677] ? __pfx_kthread+0x10/0x10 [ 13.434696] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.434716] ? calculate_sigpending+0x7b/0xa0 [ 13.434740] ? __pfx_kthread+0x10/0x10 [ 13.434762] ret_from_fork+0x116/0x1d0 [ 13.434779] ? __pfx_kthread+0x10/0x10 [ 13.434799] ret_from_fork_asm+0x1a/0x30 [ 13.434829] </TASK> [ 13.434841] [ 13.448639] Allocated by task 213: [ 13.448977] kasan_save_stack+0x45/0x70 [ 13.449479] kasan_save_track+0x18/0x40 [ 13.449894] kasan_save_alloc_info+0x3b/0x50 [ 13.450422] __kasan_kmalloc+0xb7/0xc0 [ 13.450664] __kmalloc_cache_noprof+0x189/0x420 [ 13.450825] ksize_uaf+0xaa/0x6c0 [ 13.450948] kunit_try_run_case+0x1a5/0x480 [ 13.451167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.451690] kthread+0x337/0x6f0 [ 13.452062] ret_from_fork+0x116/0x1d0 [ 13.452661] ret_from_fork_asm+0x1a/0x30 [ 13.453128] [ 13.453291] Freed by task 213: [ 13.453637] kasan_save_stack+0x45/0x70 [ 13.453998] kasan_save_track+0x18/0x40 [ 13.454488] kasan_save_free_info+0x3f/0x60 [ 13.454743] __kasan_slab_free+0x56/0x70 [ 13.454882] kfree+0x222/0x3f0 [ 13.455001] ksize_uaf+0x12c/0x6c0 [ 13.455272] kunit_try_run_case+0x1a5/0x480 [ 13.455831] kthread+0x337/0x6f0 [ 13.455967] ret_from_fork+0x116/0x1d0 [ 13.456109] ret_from_fork_asm+0x1a/0x30 [ 13.456541] [ 13.456669] The buggy address belongs to the object at ffff888102602b00 [ 13.456669] which belongs to the cache kmalloc-128 of size 128 [ 13.457185] The buggy address is located 0 bytes inside of [ 13.457185] freed 128-byte region [ffff888102602b00, ffff888102602b80) [ 13.457749] [ 13.457881] The buggy address belongs to the physical page: [ 13.458101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 13.458678] flags: 0x200000000000000(node=0|zone=2) [ 13.458853] page_type: f5(slab) [ 13.459110] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.459470] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.459795] page dumped because: kasan: bad access detected [ 13.459979] [ 13.460059] Memory state around the buggy address: [ 13.460487] ffff888102602a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.460821] ffff888102602a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.461182] >ffff888102602b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.461590] ^ [ 13.461725] ffff888102602b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.462006] ffff888102602c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.462411] ================================================================== [ 13.484792] ================================================================== [ 13.485247] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.485576] Read of size 1 at addr ffff888102602b78 by task kunit_try_catch/213 [ 13.485873] [ 13.485983] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.486032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.486121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.486143] Call Trace: [ 13.486158] <TASK> [ 13.486173] dump_stack_lvl+0x73/0xb0 [ 13.486209] print_report+0xd1/0x650 [ 13.486230] ? __virt_addr_valid+0x1db/0x2d0 [ 13.486251] ? ksize_uaf+0x5e4/0x6c0 [ 13.486271] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.486307] ? ksize_uaf+0x5e4/0x6c0 [ 13.486327] kasan_report+0x141/0x180 [ 13.486347] ? ksize_uaf+0x5e4/0x6c0 [ 13.486381] __asan_report_load1_noabort+0x18/0x20 [ 13.486405] ksize_uaf+0x5e4/0x6c0 [ 13.486424] ? __pfx_ksize_uaf+0x10/0x10 [ 13.486456] ? __schedule+0x10cc/0x2b60 [ 13.486479] ? __pfx_read_tsc+0x10/0x10 [ 13.486499] ? ktime_get_ts64+0x86/0x230 [ 13.486522] kunit_try_run_case+0x1a5/0x480 [ 13.486559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.486581] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.486623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.486645] ? __kthread_parkme+0x82/0x180 [ 13.486664] ? preempt_count_sub+0x50/0x80 [ 13.486687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.486709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.486731] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.486753] kthread+0x337/0x6f0 [ 13.486771] ? trace_preempt_on+0x20/0xc0 [ 13.486793] ? __pfx_kthread+0x10/0x10 [ 13.486812] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.486832] ? calculate_sigpending+0x7b/0xa0 [ 13.486854] ? __pfx_kthread+0x10/0x10 [ 13.486875] ret_from_fork+0x116/0x1d0 [ 13.486892] ? __pfx_kthread+0x10/0x10 [ 13.486911] ret_from_fork_asm+0x1a/0x30 [ 13.486941] </TASK> [ 13.486951] [ 13.494673] Allocated by task 213: [ 13.494859] kasan_save_stack+0x45/0x70 [ 13.495145] kasan_save_track+0x18/0x40 [ 13.495364] kasan_save_alloc_info+0x3b/0x50 [ 13.495580] __kasan_kmalloc+0xb7/0xc0 [ 13.495766] __kmalloc_cache_noprof+0x189/0x420 [ 13.495946] ksize_uaf+0xaa/0x6c0 [ 13.496360] kunit_try_run_case+0x1a5/0x480 [ 13.496593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.496862] kthread+0x337/0x6f0 [ 13.497068] ret_from_fork+0x116/0x1d0 [ 13.497326] ret_from_fork_asm+0x1a/0x30 [ 13.497534] [ 13.497637] Freed by task 213: [ 13.497796] kasan_save_stack+0x45/0x70 [ 13.497985] kasan_save_track+0x18/0x40 [ 13.498252] kasan_save_free_info+0x3f/0x60 [ 13.498465] __kasan_slab_free+0x56/0x70 [ 13.498615] kfree+0x222/0x3f0 [ 13.498732] ksize_uaf+0x12c/0x6c0 [ 13.498856] kunit_try_run_case+0x1a5/0x480 [ 13.499071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.499320] kthread+0x337/0x6f0 [ 13.499489] ret_from_fork+0x116/0x1d0 [ 13.499674] ret_from_fork_asm+0x1a/0x30 [ 13.499868] [ 13.499944] The buggy address belongs to the object at ffff888102602b00 [ 13.499944] which belongs to the cache kmalloc-128 of size 128 [ 13.500656] The buggy address is located 120 bytes inside of [ 13.500656] freed 128-byte region [ffff888102602b00, ffff888102602b80) [ 13.501266] [ 13.501381] The buggy address belongs to the physical page: [ 13.501643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 13.501954] flags: 0x200000000000000(node=0|zone=2) [ 13.502193] page_type: f5(slab) [ 13.502322] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.502711] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.503165] page dumped because: kasan: bad access detected [ 13.503433] [ 13.503543] Memory state around the buggy address: [ 13.503801] ffff888102602a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.504293] ffff888102602a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.504680] >ffff888102602b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.505003] ^ [ 13.505409] ffff888102602b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.505760] ffff888102602c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.506134] ================================================================== [ 13.463298] ================================================================== [ 13.463584] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.463923] Read of size 1 at addr ffff888102602b00 by task kunit_try_catch/213 [ 13.464529] [ 13.464650] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.464695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.464707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.464735] Call Trace: [ 13.464748] <TASK> [ 13.464764] dump_stack_lvl+0x73/0xb0 [ 13.464794] print_report+0xd1/0x650 [ 13.464815] ? __virt_addr_valid+0x1db/0x2d0 [ 13.464838] ? ksize_uaf+0x5fe/0x6c0 [ 13.464859] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.464884] ? ksize_uaf+0x5fe/0x6c0 [ 13.464903] kasan_report+0x141/0x180 [ 13.464924] ? ksize_uaf+0x5fe/0x6c0 [ 13.464950] __asan_report_load1_noabort+0x18/0x20 [ 13.464974] ksize_uaf+0x5fe/0x6c0 [ 13.464993] ? __pfx_ksize_uaf+0x10/0x10 [ 13.465013] ? __schedule+0x10cc/0x2b60 [ 13.465035] ? __pfx_read_tsc+0x10/0x10 [ 13.465065] ? ktime_get_ts64+0x86/0x230 [ 13.465090] kunit_try_run_case+0x1a5/0x480 [ 13.465113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.465134] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.465156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.465178] ? __kthread_parkme+0x82/0x180 [ 13.465198] ? preempt_count_sub+0x50/0x80 [ 13.465222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.465244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.465266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.465288] kthread+0x337/0x6f0 [ 13.465306] ? trace_preempt_on+0x20/0xc0 [ 13.465328] ? __pfx_kthread+0x10/0x10 [ 13.465348] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.465368] ? calculate_sigpending+0x7b/0xa0 [ 13.465392] ? __pfx_kthread+0x10/0x10 [ 13.465413] ret_from_fork+0x116/0x1d0 [ 13.465430] ? __pfx_kthread+0x10/0x10 [ 13.465449] ret_from_fork_asm+0x1a/0x30 [ 13.465480] </TASK> [ 13.465491] [ 13.473185] Allocated by task 213: [ 13.473372] kasan_save_stack+0x45/0x70 [ 13.473538] kasan_save_track+0x18/0x40 [ 13.473736] kasan_save_alloc_info+0x3b/0x50 [ 13.473973] __kasan_kmalloc+0xb7/0xc0 [ 13.474245] __kmalloc_cache_noprof+0x189/0x420 [ 13.474454] ksize_uaf+0xaa/0x6c0 [ 13.474657] kunit_try_run_case+0x1a5/0x480 [ 13.474879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.475221] kthread+0x337/0x6f0 [ 13.475365] ret_from_fork+0x116/0x1d0 [ 13.475570] ret_from_fork_asm+0x1a/0x30 [ 13.475752] [ 13.475856] Freed by task 213: [ 13.476013] kasan_save_stack+0x45/0x70 [ 13.476228] kasan_save_track+0x18/0x40 [ 13.476367] kasan_save_free_info+0x3f/0x60 [ 13.476514] __kasan_slab_free+0x56/0x70 [ 13.476665] kfree+0x222/0x3f0 [ 13.476828] ksize_uaf+0x12c/0x6c0 [ 13.477273] kunit_try_run_case+0x1a5/0x480 [ 13.477510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.477781] kthread+0x337/0x6f0 [ 13.477963] ret_from_fork+0x116/0x1d0 [ 13.478240] ret_from_fork_asm+0x1a/0x30 [ 13.478401] [ 13.478476] The buggy address belongs to the object at ffff888102602b00 [ 13.478476] which belongs to the cache kmalloc-128 of size 128 [ 13.479005] The buggy address is located 0 bytes inside of [ 13.479005] freed 128-byte region [ffff888102602b00, ffff888102602b80) [ 13.479572] [ 13.479649] The buggy address belongs to the physical page: [ 13.479873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 13.480452] flags: 0x200000000000000(node=0|zone=2) [ 13.480740] page_type: f5(slab) [ 13.480912] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.481322] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.481661] page dumped because: kasan: bad access detected [ 13.481835] [ 13.481932] Memory state around the buggy address: [ 13.482247] ffff888102602a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.482562] ffff888102602a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.482875] >ffff888102602b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.483274] ^ [ 13.483435] ffff888102602b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.483783] ffff888102602c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.484258] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 13.327733] ================================================================== [ 13.329202] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.330304] Read of size 1 at addr ffff888102602a73 by task kunit_try_catch/211 [ 13.331112] [ 13.331438] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.331489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.331501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.331522] Call Trace: [ 13.331537] <TASK> [ 13.331555] dump_stack_lvl+0x73/0xb0 [ 13.331588] print_report+0xd1/0x650 [ 13.331610] ? __virt_addr_valid+0x1db/0x2d0 [ 13.331632] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.331653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.331678] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.331699] kasan_report+0x141/0x180 [ 13.331720] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.331746] __asan_report_load1_noabort+0x18/0x20 [ 13.331768] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.331790] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.331810] ? finish_task_switch.isra.0+0x153/0x700 [ 13.331832] ? __switch_to+0x47/0xf50 [ 13.331857] ? __schedule+0x10cc/0x2b60 [ 13.331879] ? __pfx_read_tsc+0x10/0x10 [ 13.331899] ? ktime_get_ts64+0x86/0x230 [ 13.331922] kunit_try_run_case+0x1a5/0x480 [ 13.331946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.331966] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.331989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.332010] ? __kthread_parkme+0x82/0x180 [ 13.332029] ? preempt_count_sub+0x50/0x80 [ 13.332164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.332190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.332213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.332234] kthread+0x337/0x6f0 [ 13.332253] ? trace_preempt_on+0x20/0xc0 [ 13.332277] ? __pfx_kthread+0x10/0x10 [ 13.332338] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.332359] ? calculate_sigpending+0x7b/0xa0 [ 13.332384] ? __pfx_kthread+0x10/0x10 [ 13.332416] ret_from_fork+0x116/0x1d0 [ 13.332433] ? __pfx_kthread+0x10/0x10 [ 13.332452] ret_from_fork_asm+0x1a/0x30 [ 13.332482] </TASK> [ 13.332494] [ 13.347207] Allocated by task 211: [ 13.347449] kasan_save_stack+0x45/0x70 [ 13.347771] kasan_save_track+0x18/0x40 [ 13.348221] kasan_save_alloc_info+0x3b/0x50 [ 13.348427] __kasan_kmalloc+0xb7/0xc0 [ 13.348796] __kmalloc_cache_noprof+0x189/0x420 [ 13.349307] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.349703] kunit_try_run_case+0x1a5/0x480 [ 13.349990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.350524] kthread+0x337/0x6f0 [ 13.350673] ret_from_fork+0x116/0x1d0 [ 13.350966] ret_from_fork_asm+0x1a/0x30 [ 13.351400] [ 13.351567] The buggy address belongs to the object at ffff888102602a00 [ 13.351567] which belongs to the cache kmalloc-128 of size 128 [ 13.352682] The buggy address is located 0 bytes to the right of [ 13.352682] allocated 115-byte region [ffff888102602a00, ffff888102602a73) [ 13.353872] [ 13.354125] The buggy address belongs to the physical page: [ 13.354712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 13.355280] flags: 0x200000000000000(node=0|zone=2) [ 13.355824] page_type: f5(slab) [ 13.356201] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.356879] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.357281] page dumped because: kasan: bad access detected [ 13.357784] [ 13.357856] Memory state around the buggy address: [ 13.358058] ffff888102602900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.358419] ffff888102602980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.359197] >ffff888102602a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.359929] ^ [ 13.360385] ffff888102602a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.360854] ffff888102602b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.361086] ================================================================== [ 13.362079] ================================================================== [ 13.362750] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.363644] Read of size 1 at addr ffff888102602a78 by task kunit_try_catch/211 [ 13.364414] [ 13.364575] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.364620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.364631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.364651] Call Trace: [ 13.364670] <TASK> [ 13.364689] dump_stack_lvl+0x73/0xb0 [ 13.364715] print_report+0xd1/0x650 [ 13.364737] ? __virt_addr_valid+0x1db/0x2d0 [ 13.364758] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.364779] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.364803] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.364825] kasan_report+0x141/0x180 [ 13.364845] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.364872] __asan_report_load1_noabort+0x18/0x20 [ 13.364895] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.364917] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.364938] ? finish_task_switch.isra.0+0x153/0x700 [ 13.364959] ? __switch_to+0x47/0xf50 [ 13.364984] ? __schedule+0x10cc/0x2b60 [ 13.365016] ? __pfx_read_tsc+0x10/0x10 [ 13.365036] ? ktime_get_ts64+0x86/0x230 [ 13.365078] kunit_try_run_case+0x1a5/0x480 [ 13.365101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.365121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.365144] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.365165] ? __kthread_parkme+0x82/0x180 [ 13.365184] ? preempt_count_sub+0x50/0x80 [ 13.365205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.365227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.365249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.365270] kthread+0x337/0x6f0 [ 13.365288] ? trace_preempt_on+0x20/0xc0 [ 13.365309] ? __pfx_kthread+0x10/0x10 [ 13.365329] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.365348] ? calculate_sigpending+0x7b/0xa0 [ 13.365371] ? __pfx_kthread+0x10/0x10 [ 13.365391] ret_from_fork+0x116/0x1d0 [ 13.365407] ? __pfx_kthread+0x10/0x10 [ 13.365427] ret_from_fork_asm+0x1a/0x30 [ 13.365458] </TASK> [ 13.365468] [ 13.378831] Allocated by task 211: [ 13.378969] kasan_save_stack+0x45/0x70 [ 13.379198] kasan_save_track+0x18/0x40 [ 13.379590] kasan_save_alloc_info+0x3b/0x50 [ 13.380007] __kasan_kmalloc+0xb7/0xc0 [ 13.380426] __kmalloc_cache_noprof+0x189/0x420 [ 13.380902] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.381497] kunit_try_run_case+0x1a5/0x480 [ 13.381915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.382500] kthread+0x337/0x6f0 [ 13.382907] ret_from_fork+0x116/0x1d0 [ 13.383209] ret_from_fork_asm+0x1a/0x30 [ 13.383592] [ 13.383750] The buggy address belongs to the object at ffff888102602a00 [ 13.383750] which belongs to the cache kmalloc-128 of size 128 [ 13.384413] The buggy address is located 5 bytes to the right of [ 13.384413] allocated 115-byte region [ffff888102602a00, ffff888102602a73) [ 13.385414] [ 13.385637] The buggy address belongs to the physical page: [ 13.386383] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 13.387034] flags: 0x200000000000000(node=0|zone=2) [ 13.387587] page_type: f5(slab) [ 13.387831] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.388348] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.388736] page dumped because: kasan: bad access detected [ 13.389260] [ 13.389505] Memory state around the buggy address: [ 13.389943] ffff888102602900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.390253] ffff888102602980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.390473] >ffff888102602a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.391122] ^ [ 13.391948] ffff888102602a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.392727] ffff888102602b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.393573] ================================================================== [ 13.393982] ================================================================== [ 13.394679] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.395534] Read of size 1 at addr ffff888102602a7f by task kunit_try_catch/211 [ 13.396372] [ 13.396666] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.396738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.396750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.396792] Call Trace: [ 13.396810] <TASK> [ 13.396825] dump_stack_lvl+0x73/0xb0 [ 13.396866] print_report+0xd1/0x650 [ 13.396887] ? __virt_addr_valid+0x1db/0x2d0 [ 13.396909] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.396930] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.396954] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.396976] kasan_report+0x141/0x180 [ 13.396996] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.397023] __asan_report_load1_noabort+0x18/0x20 [ 13.397056] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.397079] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.397099] ? finish_task_switch.isra.0+0x153/0x700 [ 13.397120] ? __switch_to+0x47/0xf50 [ 13.397144] ? __schedule+0x10cc/0x2b60 [ 13.397166] ? __pfx_read_tsc+0x10/0x10 [ 13.397185] ? ktime_get_ts64+0x86/0x230 [ 13.397208] kunit_try_run_case+0x1a5/0x480 [ 13.397231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.397251] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.397274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.397295] ? __kthread_parkme+0x82/0x180 [ 13.397314] ? preempt_count_sub+0x50/0x80 [ 13.397335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.397357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.397379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.397400] kthread+0x337/0x6f0 [ 13.397418] ? trace_preempt_on+0x20/0xc0 [ 13.397440] ? __pfx_kthread+0x10/0x10 [ 13.397460] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.397479] ? calculate_sigpending+0x7b/0xa0 [ 13.397502] ? __pfx_kthread+0x10/0x10 [ 13.397522] ret_from_fork+0x116/0x1d0 [ 13.397540] ? __pfx_kthread+0x10/0x10 [ 13.397568] ret_from_fork_asm+0x1a/0x30 [ 13.397598] </TASK> [ 13.397608] [ 13.412038] Allocated by task 211: [ 13.412196] kasan_save_stack+0x45/0x70 [ 13.412345] kasan_save_track+0x18/0x40 [ 13.412480] kasan_save_alloc_info+0x3b/0x50 [ 13.413107] __kasan_kmalloc+0xb7/0xc0 [ 13.413494] __kmalloc_cache_noprof+0x189/0x420 [ 13.413942] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.414618] kunit_try_run_case+0x1a5/0x480 [ 13.415115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.415650] kthread+0x337/0x6f0 [ 13.415982] ret_from_fork+0x116/0x1d0 [ 13.416457] ret_from_fork_asm+0x1a/0x30 [ 13.416884] [ 13.417148] The buggy address belongs to the object at ffff888102602a00 [ 13.417148] which belongs to the cache kmalloc-128 of size 128 [ 13.417956] The buggy address is located 12 bytes to the right of [ 13.417956] allocated 115-byte region [ffff888102602a00, ffff888102602a73) [ 13.418618] [ 13.418841] The buggy address belongs to the physical page: [ 13.419419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 13.420342] flags: 0x200000000000000(node=0|zone=2) [ 13.420783] page_type: f5(slab) [ 13.420999] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.421559] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.422390] page dumped because: kasan: bad access detected [ 13.422597] [ 13.422806] Memory state around the buggy address: [ 13.423398] ffff888102602900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.424161] ffff888102602980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.424382] >ffff888102602a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.424630] ^ [ 13.425337] ffff888102602a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.426255] ffff888102602b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.426928] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 13.301309] ================================================================== [ 13.301797] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 13.302026] Free of addr ffff8881022baca0 by task kunit_try_catch/209 [ 13.302475] [ 13.302651] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.302694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.302706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.302726] Call Trace: [ 13.302744] <TASK> [ 13.302762] dump_stack_lvl+0x73/0xb0 [ 13.302790] print_report+0xd1/0x650 [ 13.302811] ? __virt_addr_valid+0x1db/0x2d0 [ 13.302834] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.302858] ? kfree_sensitive+0x2e/0x90 [ 13.302899] kasan_report_invalid_free+0x10a/0x130 [ 13.302923] ? kfree_sensitive+0x2e/0x90 [ 13.302944] ? kfree_sensitive+0x2e/0x90 [ 13.302962] check_slab_allocation+0x101/0x130 [ 13.303001] __kasan_slab_pre_free+0x28/0x40 [ 13.303020] kfree+0xf0/0x3f0 [ 13.303053] ? kfree_sensitive+0x2e/0x90 [ 13.303074] kfree_sensitive+0x2e/0x90 [ 13.303092] kmalloc_double_kzfree+0x19c/0x350 [ 13.303115] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.303137] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.303160] ? trace_hardirqs_on+0x37/0xe0 [ 13.303182] ? __pfx_read_tsc+0x10/0x10 [ 13.303202] ? ktime_get_ts64+0x86/0x230 [ 13.303225] kunit_try_run_case+0x1a5/0x480 [ 13.303248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.303271] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.303294] ? __kthread_parkme+0x82/0x180 [ 13.303332] ? preempt_count_sub+0x50/0x80 [ 13.303354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.303377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.303398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.303420] kthread+0x337/0x6f0 [ 13.303438] ? trace_preempt_on+0x20/0xc0 [ 13.303458] ? __pfx_kthread+0x10/0x10 [ 13.303478] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.303498] ? calculate_sigpending+0x7b/0xa0 [ 13.303521] ? __pfx_kthread+0x10/0x10 [ 13.303541] ret_from_fork+0x116/0x1d0 [ 13.303558] ? __pfx_kthread+0x10/0x10 [ 13.303578] ret_from_fork_asm+0x1a/0x30 [ 13.303608] </TASK> [ 13.303619] [ 13.311911] Allocated by task 209: [ 13.312061] kasan_save_stack+0x45/0x70 [ 13.312840] kasan_save_track+0x18/0x40 [ 13.313035] kasan_save_alloc_info+0x3b/0x50 [ 13.313220] __kasan_kmalloc+0xb7/0xc0 [ 13.313346] __kmalloc_cache_noprof+0x189/0x420 [ 13.313495] kmalloc_double_kzfree+0xa9/0x350 [ 13.313983] kunit_try_run_case+0x1a5/0x480 [ 13.314186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.314353] kthread+0x337/0x6f0 [ 13.314469] ret_from_fork+0x116/0x1d0 [ 13.314597] ret_from_fork_asm+0x1a/0x30 [ 13.314763] [ 13.314855] Freed by task 209: [ 13.315006] kasan_save_stack+0x45/0x70 [ 13.315246] kasan_save_track+0x18/0x40 [ 13.315498] kasan_save_free_info+0x3f/0x60 [ 13.315835] __kasan_slab_free+0x56/0x70 [ 13.315993] kfree+0x222/0x3f0 [ 13.316185] kfree_sensitive+0x67/0x90 [ 13.316376] kmalloc_double_kzfree+0x12b/0x350 [ 13.316594] kunit_try_run_case+0x1a5/0x480 [ 13.316827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.317108] kthread+0x337/0x6f0 [ 13.317286] ret_from_fork+0x116/0x1d0 [ 13.317435] ret_from_fork_asm+0x1a/0x30 [ 13.317685] [ 13.317772] The buggy address belongs to the object at ffff8881022baca0 [ 13.317772] which belongs to the cache kmalloc-16 of size 16 [ 13.318346] The buggy address is located 0 bytes inside of [ 13.318346] 16-byte region [ffff8881022baca0, ffff8881022bacb0) [ 13.318837] [ 13.319019] The buggy address belongs to the physical page: [ 13.319299] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 13.319615] flags: 0x200000000000000(node=0|zone=2) [ 13.319775] page_type: f5(slab) [ 13.319893] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.320276] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.320710] page dumped because: kasan: bad access detected [ 13.321070] [ 13.321190] Memory state around the buggy address: [ 13.321342] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.321759] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.322088] >ffff8881022bac80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 13.322424] ^ [ 13.322803] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.323103] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.323416] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 13.268366] ================================================================== [ 13.269122] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 13.269717] Read of size 1 at addr ffff8881022baca0 by task kunit_try_catch/209 [ 13.270385] [ 13.270520] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.270745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.270826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.270851] Call Trace: [ 13.270864] <TASK> [ 13.270883] dump_stack_lvl+0x73/0xb0 [ 13.270916] print_report+0xd1/0x650 [ 13.270939] ? __virt_addr_valid+0x1db/0x2d0 [ 13.270964] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.270986] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.271010] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.271032] kasan_report+0x141/0x180 [ 13.271088] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.271114] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.271135] __kasan_check_byte+0x3d/0x50 [ 13.271156] kfree_sensitive+0x22/0x90 [ 13.271178] kmalloc_double_kzfree+0x19c/0x350 [ 13.271200] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.271221] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.271245] ? trace_hardirqs_on+0x37/0xe0 [ 13.271267] ? __pfx_read_tsc+0x10/0x10 [ 13.271288] ? ktime_get_ts64+0x86/0x230 [ 13.271313] kunit_try_run_case+0x1a5/0x480 [ 13.271338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.271360] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.271384] ? __kthread_parkme+0x82/0x180 [ 13.271405] ? preempt_count_sub+0x50/0x80 [ 13.271429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.271451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.271473] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.271494] kthread+0x337/0x6f0 [ 13.271512] ? trace_preempt_on+0x20/0xc0 [ 13.271532] ? __pfx_kthread+0x10/0x10 [ 13.271552] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.271571] ? calculate_sigpending+0x7b/0xa0 [ 13.271595] ? __pfx_kthread+0x10/0x10 [ 13.271615] ret_from_fork+0x116/0x1d0 [ 13.271632] ? __pfx_kthread+0x10/0x10 [ 13.271652] ret_from_fork_asm+0x1a/0x30 [ 13.271684] </TASK> [ 13.271695] [ 13.285120] Allocated by task 209: [ 13.285255] kasan_save_stack+0x45/0x70 [ 13.285402] kasan_save_track+0x18/0x40 [ 13.285538] kasan_save_alloc_info+0x3b/0x50 [ 13.285708] __kasan_kmalloc+0xb7/0xc0 [ 13.285838] __kmalloc_cache_noprof+0x189/0x420 [ 13.286056] kmalloc_double_kzfree+0xa9/0x350 [ 13.286483] kunit_try_run_case+0x1a5/0x480 [ 13.286969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.287463] kthread+0x337/0x6f0 [ 13.287798] ret_from_fork+0x116/0x1d0 [ 13.288147] ret_from_fork_asm+0x1a/0x30 [ 13.288540] [ 13.288683] Freed by task 209: [ 13.288982] kasan_save_stack+0x45/0x70 [ 13.289225] kasan_save_track+0x18/0x40 [ 13.289377] kasan_save_free_info+0x3f/0x60 [ 13.289858] __kasan_slab_free+0x56/0x70 [ 13.290290] kfree+0x222/0x3f0 [ 13.290458] kfree_sensitive+0x67/0x90 [ 13.290609] kmalloc_double_kzfree+0x12b/0x350 [ 13.291101] kunit_try_run_case+0x1a5/0x480 [ 13.291584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.292175] kthread+0x337/0x6f0 [ 13.292478] ret_from_fork+0x116/0x1d0 [ 13.292638] ret_from_fork_asm+0x1a/0x30 [ 13.292855] [ 13.293012] The buggy address belongs to the object at ffff8881022baca0 [ 13.293012] which belongs to the cache kmalloc-16 of size 16 [ 13.294153] The buggy address is located 0 bytes inside of [ 13.294153] freed 16-byte region [ffff8881022baca0, ffff8881022bacb0) [ 13.294754] [ 13.294916] The buggy address belongs to the physical page: [ 13.295215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 13.295750] flags: 0x200000000000000(node=0|zone=2) [ 13.296301] page_type: f5(slab) [ 13.296669] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.297415] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.297693] page dumped because: kasan: bad access detected [ 13.298289] [ 13.298504] Memory state around the buggy address: [ 13.299019] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 13.299559] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 13.299768] >ffff8881022bac80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 13.299970] ^ [ 13.300145] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.300526] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.300818] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 13.232886] ================================================================== [ 13.233716] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 13.234026] Read of size 1 at addr ffff88810260d3a8 by task kunit_try_catch/205 [ 13.234775] [ 13.234888] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.234935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.234947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.235000] Call Trace: [ 13.235012] <TASK> [ 13.235028] dump_stack_lvl+0x73/0xb0 [ 13.235172] print_report+0xd1/0x650 [ 13.235195] ? __virt_addr_valid+0x1db/0x2d0 [ 13.235231] ? kmalloc_uaf2+0x4a8/0x520 [ 13.235250] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.235275] ? kmalloc_uaf2+0x4a8/0x520 [ 13.235294] kasan_report+0x141/0x180 [ 13.235314] ? kmalloc_uaf2+0x4a8/0x520 [ 13.235339] __asan_report_load1_noabort+0x18/0x20 [ 13.235361] kmalloc_uaf2+0x4a8/0x520 [ 13.235380] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 13.235398] ? finish_task_switch.isra.0+0x153/0x700 [ 13.235419] ? __switch_to+0x47/0xf50 [ 13.235446] ? __schedule+0x10cc/0x2b60 [ 13.235467] ? __pfx_read_tsc+0x10/0x10 [ 13.235487] ? ktime_get_ts64+0x86/0x230 [ 13.235518] kunit_try_run_case+0x1a5/0x480 [ 13.235541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.235562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.235584] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.235606] ? __kthread_parkme+0x82/0x180 [ 13.235625] ? preempt_count_sub+0x50/0x80 [ 13.235647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.235669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.235690] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.235711] kthread+0x337/0x6f0 [ 13.235730] ? trace_preempt_on+0x20/0xc0 [ 13.235752] ? __pfx_kthread+0x10/0x10 [ 13.235771] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.235791] ? calculate_sigpending+0x7b/0xa0 [ 13.235814] ? __pfx_kthread+0x10/0x10 [ 13.235834] ret_from_fork+0x116/0x1d0 [ 13.235851] ? __pfx_kthread+0x10/0x10 [ 13.235870] ret_from_fork_asm+0x1a/0x30 [ 13.235900] </TASK> [ 13.235912] [ 13.244832] Allocated by task 205: [ 13.245033] kasan_save_stack+0x45/0x70 [ 13.245418] kasan_save_track+0x18/0x40 [ 13.245648] kasan_save_alloc_info+0x3b/0x50 [ 13.245866] __kasan_kmalloc+0xb7/0xc0 [ 13.246064] __kmalloc_cache_noprof+0x189/0x420 [ 13.246548] kmalloc_uaf2+0xc6/0x520 [ 13.246811] kunit_try_run_case+0x1a5/0x480 [ 13.246960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.247510] kthread+0x337/0x6f0 [ 13.247716] ret_from_fork+0x116/0x1d0 [ 13.247900] ret_from_fork_asm+0x1a/0x30 [ 13.248121] [ 13.248263] Freed by task 205: [ 13.248376] kasan_save_stack+0x45/0x70 [ 13.248560] kasan_save_track+0x18/0x40 [ 13.248804] kasan_save_free_info+0x3f/0x60 [ 13.249015] __kasan_slab_free+0x56/0x70 [ 13.249343] kfree+0x222/0x3f0 [ 13.249611] kmalloc_uaf2+0x14c/0x520 [ 13.249748] kunit_try_run_case+0x1a5/0x480 [ 13.249893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.250418] kthread+0x337/0x6f0 [ 13.250648] ret_from_fork+0x116/0x1d0 [ 13.250839] ret_from_fork_asm+0x1a/0x30 [ 13.251121] [ 13.251208] The buggy address belongs to the object at ffff88810260d380 [ 13.251208] which belongs to the cache kmalloc-64 of size 64 [ 13.251790] The buggy address is located 40 bytes inside of [ 13.251790] freed 64-byte region [ffff88810260d380, ffff88810260d3c0) [ 13.252419] [ 13.252526] The buggy address belongs to the physical page: [ 13.252813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10260d [ 13.253209] flags: 0x200000000000000(node=0|zone=2) [ 13.253486] page_type: f5(slab) [ 13.253859] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.254466] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.254753] page dumped because: kasan: bad access detected [ 13.254927] [ 13.254997] Memory state around the buggy address: [ 13.255272] ffff88810260d280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.255861] ffff88810260d300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.256166] >ffff88810260d380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.256600] ^ [ 13.256754] ffff88810260d400: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 13.256970] ffff88810260d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.257244] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 13.196640] ================================================================== [ 13.197412] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 13.197829] Write of size 33 at addr ffff888102b07180 by task kunit_try_catch/203 [ 13.198188] [ 13.198436] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.198483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.198494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.198517] Call Trace: [ 13.198530] <TASK> [ 13.198547] dump_stack_lvl+0x73/0xb0 [ 13.198579] print_report+0xd1/0x650 [ 13.198601] ? __virt_addr_valid+0x1db/0x2d0 [ 13.198696] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.198730] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.198756] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.198777] kasan_report+0x141/0x180 [ 13.198798] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.198824] kasan_check_range+0x10c/0x1c0 [ 13.198846] __asan_memset+0x27/0x50 [ 13.198865] kmalloc_uaf_memset+0x1a3/0x360 [ 13.198885] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 13.198906] ? __schedule+0x10cc/0x2b60 [ 13.198996] ? __pfx_read_tsc+0x10/0x10 [ 13.199029] ? ktime_get_ts64+0x86/0x230 [ 13.199111] kunit_try_run_case+0x1a5/0x480 [ 13.199140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.199161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.199184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.199206] ? __kthread_parkme+0x82/0x180 [ 13.199226] ? preempt_count_sub+0x50/0x80 [ 13.199250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.199273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.199295] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.199317] kthread+0x337/0x6f0 [ 13.199336] ? trace_preempt_on+0x20/0xc0 [ 13.199359] ? __pfx_kthread+0x10/0x10 [ 13.199378] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.199398] ? calculate_sigpending+0x7b/0xa0 [ 13.199422] ? __pfx_kthread+0x10/0x10 [ 13.199442] ret_from_fork+0x116/0x1d0 [ 13.199460] ? __pfx_kthread+0x10/0x10 [ 13.199479] ret_from_fork_asm+0x1a/0x30 [ 13.199511] </TASK> [ 13.199522] [ 13.211513] Allocated by task 203: [ 13.211918] kasan_save_stack+0x45/0x70 [ 13.212364] kasan_save_track+0x18/0x40 [ 13.212903] kasan_save_alloc_info+0x3b/0x50 [ 13.213375] __kasan_kmalloc+0xb7/0xc0 [ 13.213917] __kmalloc_cache_noprof+0x189/0x420 [ 13.214610] kmalloc_uaf_memset+0xa9/0x360 [ 13.215028] kunit_try_run_case+0x1a5/0x480 [ 13.215524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.215979] kthread+0x337/0x6f0 [ 13.216419] ret_from_fork+0x116/0x1d0 [ 13.216929] ret_from_fork_asm+0x1a/0x30 [ 13.217557] [ 13.217725] Freed by task 203: [ 13.218037] kasan_save_stack+0x45/0x70 [ 13.218495] kasan_save_track+0x18/0x40 [ 13.218910] kasan_save_free_info+0x3f/0x60 [ 13.219568] __kasan_slab_free+0x56/0x70 [ 13.219942] kfree+0x222/0x3f0 [ 13.220403] kmalloc_uaf_memset+0x12b/0x360 [ 13.220706] kunit_try_run_case+0x1a5/0x480 [ 13.221341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.221699] kthread+0x337/0x6f0 [ 13.221864] ret_from_fork+0x116/0x1d0 [ 13.222029] ret_from_fork_asm+0x1a/0x30 [ 13.222181] [ 13.222255] The buggy address belongs to the object at ffff888102b07180 [ 13.222255] which belongs to the cache kmalloc-64 of size 64 [ 13.223115] The buggy address is located 0 bytes inside of [ 13.223115] freed 64-byte region [ffff888102b07180, ffff888102b071c0) [ 13.223838] [ 13.224049] The buggy address belongs to the physical page: [ 13.224638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b07 [ 13.224942] flags: 0x200000000000000(node=0|zone=2) [ 13.225369] page_type: f5(slab) [ 13.225547] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.225919] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.226398] page dumped because: kasan: bad access detected [ 13.226744] [ 13.226827] Memory state around the buggy address: [ 13.227108] ffff888102b07080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.227420] ffff888102b07100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.227635] >ffff888102b07180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.227974] ^ [ 13.228150] ffff888102b07200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.228461] ffff888102b07280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.228871] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 13.167412] ================================================================== [ 13.168115] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 13.168767] Read of size 1 at addr ffff88810256a328 by task kunit_try_catch/201 [ 13.169283] [ 13.169467] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.169513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.169524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.169544] Call Trace: [ 13.169566] <TASK> [ 13.169581] dump_stack_lvl+0x73/0xb0 [ 13.169610] print_report+0xd1/0x650 [ 13.169631] ? __virt_addr_valid+0x1db/0x2d0 [ 13.169703] ? kmalloc_uaf+0x320/0x380 [ 13.169724] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.169760] ? kmalloc_uaf+0x320/0x380 [ 13.169780] kasan_report+0x141/0x180 [ 13.169800] ? kmalloc_uaf+0x320/0x380 [ 13.169825] __asan_report_load1_noabort+0x18/0x20 [ 13.169848] kmalloc_uaf+0x320/0x380 [ 13.169866] ? __pfx_kmalloc_uaf+0x10/0x10 [ 13.169886] ? __schedule+0x10cc/0x2b60 [ 13.169908] ? __pfx_read_tsc+0x10/0x10 [ 13.169928] ? ktime_get_ts64+0x86/0x230 [ 13.169951] kunit_try_run_case+0x1a5/0x480 [ 13.169973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.169994] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.170016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.170038] ? __kthread_parkme+0x82/0x180 [ 13.170068] ? preempt_count_sub+0x50/0x80 [ 13.170091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.170114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.170136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.170158] kthread+0x337/0x6f0 [ 13.170176] ? trace_preempt_on+0x20/0xc0 [ 13.170197] ? __pfx_kthread+0x10/0x10 [ 13.170217] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.170237] ? calculate_sigpending+0x7b/0xa0 [ 13.170260] ? __pfx_kthread+0x10/0x10 [ 13.170281] ret_from_fork+0x116/0x1d0 [ 13.170298] ? __pfx_kthread+0x10/0x10 [ 13.170317] ret_from_fork_asm+0x1a/0x30 [ 13.170347] </TASK> [ 13.170358] [ 13.179684] Allocated by task 201: [ 13.179891] kasan_save_stack+0x45/0x70 [ 13.180057] kasan_save_track+0x18/0x40 [ 13.180201] kasan_save_alloc_info+0x3b/0x50 [ 13.180749] __kasan_kmalloc+0xb7/0xc0 [ 13.180975] __kmalloc_cache_noprof+0x189/0x420 [ 13.181198] kmalloc_uaf+0xaa/0x380 [ 13.181522] kunit_try_run_case+0x1a5/0x480 [ 13.181831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.182206] kthread+0x337/0x6f0 [ 13.182498] ret_from_fork+0x116/0x1d0 [ 13.182660] ret_from_fork_asm+0x1a/0x30 [ 13.183018] [ 13.183252] Freed by task 201: [ 13.183396] kasan_save_stack+0x45/0x70 [ 13.183626] kasan_save_track+0x18/0x40 [ 13.183916] kasan_save_free_info+0x3f/0x60 [ 13.184322] __kasan_slab_free+0x56/0x70 [ 13.184609] kfree+0x222/0x3f0 [ 13.184850] kmalloc_uaf+0x12c/0x380 [ 13.185002] kunit_try_run_case+0x1a5/0x480 [ 13.185313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.185820] kthread+0x337/0x6f0 [ 13.185996] ret_from_fork+0x116/0x1d0 [ 13.186246] ret_from_fork_asm+0x1a/0x30 [ 13.186535] [ 13.186727] The buggy address belongs to the object at ffff88810256a320 [ 13.186727] which belongs to the cache kmalloc-16 of size 16 [ 13.187236] The buggy address is located 8 bytes inside of [ 13.187236] freed 16-byte region [ffff88810256a320, ffff88810256a330) [ 13.187943] [ 13.188057] The buggy address belongs to the physical page: [ 13.188522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10256a [ 13.188946] flags: 0x200000000000000(node=0|zone=2) [ 13.189335] page_type: f5(slab) [ 13.189556] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.189940] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.190404] page dumped because: kasan: bad access detected [ 13.190853] [ 13.190934] Memory state around the buggy address: [ 13.191215] ffff88810256a200: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.191761] ffff88810256a280: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.192228] >ffff88810256a300: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 13.192754] ^ [ 13.192975] ffff88810256a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.193561] ffff88810256a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.193969] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 13.135736] ================================================================== [ 13.136533] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.136916] Read of size 64 at addr ffff888102b00f04 by task kunit_try_catch/199 [ 13.137636] [ 13.137771] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.137812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.137825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.137845] Call Trace: [ 13.137904] <TASK> [ 13.137920] dump_stack_lvl+0x73/0xb0 [ 13.137949] print_report+0xd1/0x650 [ 13.137982] ? __virt_addr_valid+0x1db/0x2d0 [ 13.138004] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.138027] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.138062] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.138085] kasan_report+0x141/0x180 [ 13.138106] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.138134] kasan_check_range+0x10c/0x1c0 [ 13.138157] __asan_memmove+0x27/0x70 [ 13.138175] kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.138198] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 13.138222] ? __schedule+0x10cc/0x2b60 [ 13.138244] ? __pfx_read_tsc+0x10/0x10 [ 13.138264] ? ktime_get_ts64+0x86/0x230 [ 13.138287] kunit_try_run_case+0x1a5/0x480 [ 13.138309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.138330] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.138352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.138373] ? __kthread_parkme+0x82/0x180 [ 13.138392] ? preempt_count_sub+0x50/0x80 [ 13.138415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.138437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.138458] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.138480] kthread+0x337/0x6f0 [ 13.138498] ? trace_preempt_on+0x20/0xc0 [ 13.138520] ? __pfx_kthread+0x10/0x10 [ 13.138539] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.138559] ? calculate_sigpending+0x7b/0xa0 [ 13.138582] ? __pfx_kthread+0x10/0x10 [ 13.138602] ret_from_fork+0x116/0x1d0 [ 13.138619] ? __pfx_kthread+0x10/0x10 [ 13.138639] ret_from_fork_asm+0x1a/0x30 [ 13.138669] </TASK> [ 13.138679] [ 13.148774] Allocated by task 199: [ 13.148912] kasan_save_stack+0x45/0x70 [ 13.149217] kasan_save_track+0x18/0x40 [ 13.149692] kasan_save_alloc_info+0x3b/0x50 [ 13.150038] __kasan_kmalloc+0xb7/0xc0 [ 13.150332] __kmalloc_cache_noprof+0x189/0x420 [ 13.150593] kmalloc_memmove_invalid_size+0xac/0x330 [ 13.150773] kunit_try_run_case+0x1a5/0x480 [ 13.150925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.151404] kthread+0x337/0x6f0 [ 13.151655] ret_from_fork+0x116/0x1d0 [ 13.151882] ret_from_fork_asm+0x1a/0x30 [ 13.152297] [ 13.152429] The buggy address belongs to the object at ffff888102b00f00 [ 13.152429] which belongs to the cache kmalloc-64 of size 64 [ 13.153135] The buggy address is located 4 bytes inside of [ 13.153135] allocated 64-byte region [ffff888102b00f00, ffff888102b00f40) [ 13.153975] [ 13.154158] The buggy address belongs to the physical page: [ 13.154445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b00 [ 13.154956] flags: 0x200000000000000(node=0|zone=2) [ 13.155350] page_type: f5(slab) [ 13.155545] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.155887] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.156552] page dumped because: kasan: bad access detected [ 13.156819] [ 13.156954] Memory state around the buggy address: [ 13.157160] ffff888102b00e00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 13.157748] ffff888102b00e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.158160] >ffff888102b00f00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.158451] ^ [ 13.158700] ffff888102b00f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.159012] ffff888102b01000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.159328] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 13.108931] ================================================================== [ 13.109669] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 13.110057] Read of size 18446744073709551614 at addr ffff888102b00d84 by task kunit_try_catch/197 [ 13.110913] [ 13.111211] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.111273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.111286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.111307] Call Trace: [ 13.111318] <TASK> [ 13.111332] dump_stack_lvl+0x73/0xb0 [ 13.111361] print_report+0xd1/0x650 [ 13.111382] ? __virt_addr_valid+0x1db/0x2d0 [ 13.111402] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.111425] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.111449] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.111493] kasan_report+0x141/0x180 [ 13.111515] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.111543] kasan_check_range+0x10c/0x1c0 [ 13.111565] __asan_memmove+0x27/0x70 [ 13.111584] kmalloc_memmove_negative_size+0x171/0x330 [ 13.111608] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 13.111632] ? __schedule+0x10cc/0x2b60 [ 13.111653] ? __pfx_read_tsc+0x10/0x10 [ 13.111673] ? ktime_get_ts64+0x86/0x230 [ 13.111696] kunit_try_run_case+0x1a5/0x480 [ 13.111719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.111740] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.111762] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.111785] ? __kthread_parkme+0x82/0x180 [ 13.111804] ? preempt_count_sub+0x50/0x80 [ 13.111826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.111848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.111870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.111892] kthread+0x337/0x6f0 [ 13.111910] ? trace_preempt_on+0x20/0xc0 [ 13.111931] ? __pfx_kthread+0x10/0x10 [ 13.111951] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.111970] ? calculate_sigpending+0x7b/0xa0 [ 13.111993] ? __pfx_kthread+0x10/0x10 [ 13.112013] ret_from_fork+0x116/0x1d0 [ 13.112030] ? __pfx_kthread+0x10/0x10 [ 13.112129] ret_from_fork_asm+0x1a/0x30 [ 13.112164] </TASK> [ 13.112176] [ 13.122148] Allocated by task 197: [ 13.122421] kasan_save_stack+0x45/0x70 [ 13.122717] kasan_save_track+0x18/0x40 [ 13.122896] kasan_save_alloc_info+0x3b/0x50 [ 13.123146] __kasan_kmalloc+0xb7/0xc0 [ 13.123374] __kmalloc_cache_noprof+0x189/0x420 [ 13.123738] kmalloc_memmove_negative_size+0xac/0x330 [ 13.124033] kunit_try_run_case+0x1a5/0x480 [ 13.124194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.124569] kthread+0x337/0x6f0 [ 13.124846] ret_from_fork+0x116/0x1d0 [ 13.125019] ret_from_fork_asm+0x1a/0x30 [ 13.125203] [ 13.125300] The buggy address belongs to the object at ffff888102b00d80 [ 13.125300] which belongs to the cache kmalloc-64 of size 64 [ 13.126074] The buggy address is located 4 bytes inside of [ 13.126074] 64-byte region [ffff888102b00d80, ffff888102b00dc0) [ 13.126765] [ 13.126896] The buggy address belongs to the physical page: [ 13.127187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b00 [ 13.127766] flags: 0x200000000000000(node=0|zone=2) [ 13.128056] page_type: f5(slab) [ 13.128188] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.128561] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.128947] page dumped because: kasan: bad access detected [ 13.129364] [ 13.129656] Memory state around the buggy address: [ 13.129833] ffff888102b00c80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 13.130182] ffff888102b00d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.130632] >ffff888102b00d80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.131050] ^ [ 13.131387] ffff888102b00e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.131859] ffff888102b00e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.132305] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 13.075316] ================================================================== [ 13.075849] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 13.076201] Write of size 16 at addr ffff888102af6369 by task kunit_try_catch/195 [ 13.076627] [ 13.076909] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.077002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.077015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.077035] Call Trace: [ 13.077078] <TASK> [ 13.077093] dump_stack_lvl+0x73/0xb0 [ 13.077122] print_report+0xd1/0x650 [ 13.077155] ? __virt_addr_valid+0x1db/0x2d0 [ 13.077177] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.077197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.077221] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.077242] kasan_report+0x141/0x180 [ 13.077263] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.077288] kasan_check_range+0x10c/0x1c0 [ 13.077310] __asan_memset+0x27/0x50 [ 13.077329] kmalloc_oob_memset_16+0x166/0x330 [ 13.077350] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 13.077373] ? __schedule+0x10cc/0x2b60 [ 13.077394] ? __pfx_read_tsc+0x10/0x10 [ 13.077414] ? ktime_get_ts64+0x86/0x230 [ 13.077437] kunit_try_run_case+0x1a5/0x480 [ 13.077460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.077481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.077503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.077525] ? __kthread_parkme+0x82/0x180 [ 13.077544] ? preempt_count_sub+0x50/0x80 [ 13.077573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.077595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.077616] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.077638] kthread+0x337/0x6f0 [ 13.077656] ? trace_preempt_on+0x20/0xc0 [ 13.077677] ? __pfx_kthread+0x10/0x10 [ 13.077697] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.077716] ? calculate_sigpending+0x7b/0xa0 [ 13.077738] ? __pfx_kthread+0x10/0x10 [ 13.077759] ret_from_fork+0x116/0x1d0 [ 13.077776] ? __pfx_kthread+0x10/0x10 [ 13.077795] ret_from_fork_asm+0x1a/0x30 [ 13.077825] </TASK> [ 13.077836] [ 13.089603] Allocated by task 195: [ 13.089738] kasan_save_stack+0x45/0x70 [ 13.089880] kasan_save_track+0x18/0x40 [ 13.090009] kasan_save_alloc_info+0x3b/0x50 [ 13.090692] __kasan_kmalloc+0xb7/0xc0 [ 13.091104] __kmalloc_cache_noprof+0x189/0x420 [ 13.091604] kmalloc_oob_memset_16+0xac/0x330 [ 13.092150] kunit_try_run_case+0x1a5/0x480 [ 13.092658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.093204] kthread+0x337/0x6f0 [ 13.093334] ret_from_fork+0x116/0x1d0 [ 13.093466] ret_from_fork_asm+0x1a/0x30 [ 13.093905] [ 13.094275] The buggy address belongs to the object at ffff888102af6300 [ 13.094275] which belongs to the cache kmalloc-128 of size 128 [ 13.095567] The buggy address is located 105 bytes inside of [ 13.095567] allocated 120-byte region [ffff888102af6300, ffff888102af6378) [ 13.095934] [ 13.096008] The buggy address belongs to the physical page: [ 13.096311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af6 [ 13.097200] flags: 0x200000000000000(node=0|zone=2) [ 13.097714] page_type: f5(slab) [ 13.098077] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.099147] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.099953] page dumped because: kasan: bad access detected [ 13.100213] [ 13.100462] Memory state around the buggy address: [ 13.100991] ffff888102af6200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.101687] ffff888102af6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.102346] >ffff888102af6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.102888] ^ [ 13.103525] ffff888102af6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.103951] ffff888102af6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.104384] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 13.050303] ================================================================== [ 13.050977] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 13.051458] Write of size 8 at addr ffff888102602971 by task kunit_try_catch/193 [ 13.051920] [ 13.052196] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.052241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.052253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.052272] Call Trace: [ 13.052284] <TASK> [ 13.052299] dump_stack_lvl+0x73/0xb0 [ 13.052328] print_report+0xd1/0x650 [ 13.052349] ? __virt_addr_valid+0x1db/0x2d0 [ 13.052370] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.052391] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.052414] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.052435] kasan_report+0x141/0x180 [ 13.052456] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.052481] kasan_check_range+0x10c/0x1c0 [ 13.052502] __asan_memset+0x27/0x50 [ 13.052521] kmalloc_oob_memset_8+0x166/0x330 [ 13.052542] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 13.052566] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 13.052591] kunit_try_run_case+0x1a5/0x480 [ 13.052613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.052633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.052655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.052676] ? __kthread_parkme+0x82/0x180 [ 13.052696] ? preempt_count_sub+0x50/0x80 [ 13.052718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.052740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.052762] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.052784] kthread+0x337/0x6f0 [ 13.052802] ? trace_preempt_on+0x20/0xc0 [ 13.052823] ? __pfx_kthread+0x10/0x10 [ 13.052842] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.052861] ? calculate_sigpending+0x7b/0xa0 [ 13.052884] ? __pfx_kthread+0x10/0x10 [ 13.052904] ret_from_fork+0x116/0x1d0 [ 13.052921] ? __pfx_kthread+0x10/0x10 [ 13.052941] ret_from_fork_asm+0x1a/0x30 [ 13.052970] </TASK> [ 13.052980] [ 13.062344] Allocated by task 193: [ 13.062586] kasan_save_stack+0x45/0x70 [ 13.062925] kasan_save_track+0x18/0x40 [ 13.063105] kasan_save_alloc_info+0x3b/0x50 [ 13.063504] __kasan_kmalloc+0xb7/0xc0 [ 13.063725] __kmalloc_cache_noprof+0x189/0x420 [ 13.064056] kmalloc_oob_memset_8+0xac/0x330 [ 13.064387] kunit_try_run_case+0x1a5/0x480 [ 13.064602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.064949] kthread+0x337/0x6f0 [ 13.065253] ret_from_fork+0x116/0x1d0 [ 13.065414] ret_from_fork_asm+0x1a/0x30 [ 13.065614] [ 13.065714] The buggy address belongs to the object at ffff888102602900 [ 13.065714] which belongs to the cache kmalloc-128 of size 128 [ 13.066458] The buggy address is located 113 bytes inside of [ 13.066458] allocated 120-byte region [ffff888102602900, ffff888102602978) [ 13.067104] [ 13.067272] The buggy address belongs to the physical page: [ 13.067608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 13.067988] flags: 0x200000000000000(node=0|zone=2) [ 13.068350] page_type: f5(slab) [ 13.068475] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.068943] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.069407] page dumped because: kasan: bad access detected [ 13.069696] [ 13.069868] Memory state around the buggy address: [ 13.070099] ffff888102602800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.070658] ffff888102602880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.071016] >ffff888102602900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.071353] ^ [ 13.071701] ffff888102602980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.072256] ffff888102602a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.072518] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 13.022362] ================================================================== [ 13.023477] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 13.024234] Write of size 4 at addr ffff888102602875 by task kunit_try_catch/191 [ 13.025180] [ 13.025404] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 13.025454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.025466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.025488] Call Trace: [ 13.025507] <TASK> [ 13.025525] dump_stack_lvl+0x73/0xb0 [ 13.025561] print_report+0xd1/0x650 [ 13.025582] ? __virt_addr_valid+0x1db/0x2d0 [ 13.025605] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.025626] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.025650] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.025670] kasan_report+0x141/0x180 [ 13.025691] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.025716] kasan_check_range+0x10c/0x1c0 [ 13.025738] __asan_memset+0x27/0x50 [ 13.025756] kmalloc_oob_memset_4+0x166/0x330 [ 13.025777] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 13.025798] ? __schedule+0x10cc/0x2b60 [ 13.025822] ? __pfx_read_tsc+0x10/0x10 [ 13.025842] ? ktime_get_ts64+0x86/0x230 [ 13.025867] kunit_try_run_case+0x1a5/0x480 [ 13.025892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.025912] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.025934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.025956] ? __kthread_parkme+0x82/0x180 [ 13.025975] ? preempt_count_sub+0x50/0x80 [ 13.025998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.026021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.026053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.026075] kthread+0x337/0x6f0 [ 13.026094] ? trace_preempt_on+0x20/0xc0 [ 13.026116] ? __pfx_kthread+0x10/0x10 [ 13.026135] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.026155] ? calculate_sigpending+0x7b/0xa0 [ 13.026178] ? __pfx_kthread+0x10/0x10 [ 13.026198] ret_from_fork+0x116/0x1d0 [ 13.026215] ? __pfx_kthread+0x10/0x10 [ 13.026235] ret_from_fork_asm+0x1a/0x30 [ 13.026265] </TASK> [ 13.026277] [ 13.038896] Allocated by task 191: [ 13.039026] kasan_save_stack+0x45/0x70 [ 13.039471] kasan_save_track+0x18/0x40 [ 13.039861] kasan_save_alloc_info+0x3b/0x50 [ 13.040109] __kasan_kmalloc+0xb7/0xc0 [ 13.040300] __kmalloc_cache_noprof+0x189/0x420 [ 13.040480] kmalloc_oob_memset_4+0xac/0x330 [ 13.040673] kunit_try_run_case+0x1a5/0x480 [ 13.040817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.040997] kthread+0x337/0x6f0 [ 13.041262] ret_from_fork+0x116/0x1d0 [ 13.041470] ret_from_fork_asm+0x1a/0x30 [ 13.041750] [ 13.041852] The buggy address belongs to the object at ffff888102602800 [ 13.041852] which belongs to the cache kmalloc-128 of size 128 [ 13.042253] The buggy address is located 117 bytes inside of [ 13.042253] allocated 120-byte region [ffff888102602800, ffff888102602878) [ 13.042802] [ 13.042986] The buggy address belongs to the physical page: [ 13.043258] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 13.043622] flags: 0x200000000000000(node=0|zone=2) [ 13.043796] page_type: f5(slab) [ 13.043966] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.044429] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.044721] page dumped because: kasan: bad access detected [ 13.044892] [ 13.044961] Memory state around the buggy address: [ 13.045201] ffff888102602700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.045476] ffff888102602780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.045929] >ffff888102602800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.046206] ^ [ 13.046418] ffff888102602880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.046652] ffff888102602900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.046970] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.972405] ================================================================== [ 12.973787] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.974994] Write of size 2 at addr ffff888102af6277 by task kunit_try_catch/189 [ 12.975759] [ 12.976160] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.976210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.976388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.976448] Call Trace: [ 12.976473] <TASK> [ 12.976497] dump_stack_lvl+0x73/0xb0 [ 12.976544] print_report+0xd1/0x650 [ 12.976567] ? __virt_addr_valid+0x1db/0x2d0 [ 12.976592] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.976614] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.976640] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.976662] kasan_report+0x141/0x180 [ 12.976682] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.976708] kasan_check_range+0x10c/0x1c0 [ 12.976730] __asan_memset+0x27/0x50 [ 12.976749] kmalloc_oob_memset_2+0x166/0x330 [ 12.976770] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.976792] ? __schedule+0x10cc/0x2b60 [ 12.976813] ? __pfx_read_tsc+0x10/0x10 [ 12.976834] ? ktime_get_ts64+0x86/0x230 [ 12.976859] kunit_try_run_case+0x1a5/0x480 [ 12.976883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.976903] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.976925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.976948] ? __kthread_parkme+0x82/0x180 [ 12.976969] ? preempt_count_sub+0x50/0x80 [ 12.976991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.977015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.977037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.977070] kthread+0x337/0x6f0 [ 12.977089] ? trace_preempt_on+0x20/0xc0 [ 12.977112] ? __pfx_kthread+0x10/0x10 [ 12.977131] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.977151] ? calculate_sigpending+0x7b/0xa0 [ 12.977175] ? __pfx_kthread+0x10/0x10 [ 12.977198] ret_from_fork+0x116/0x1d0 [ 12.977215] ? __pfx_kthread+0x10/0x10 [ 12.977236] ret_from_fork_asm+0x1a/0x30 [ 12.977268] </TASK> [ 12.977281] [ 12.996116] Allocated by task 189: [ 12.996298] kasan_save_stack+0x45/0x70 [ 12.999170] kasan_save_track+0x18/0x40 [ 12.999391] kasan_save_alloc_info+0x3b/0x50 [ 12.999617] __kasan_kmalloc+0xb7/0xc0 [ 12.999776] __kmalloc_cache_noprof+0x189/0x420 [ 12.999937] kmalloc_oob_memset_2+0xac/0x330 [ 13.002030] kunit_try_run_case+0x1a5/0x480 [ 13.003178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.003955] kthread+0x337/0x6f0 [ 13.004555] ret_from_fork+0x116/0x1d0 [ 13.005527] ret_from_fork_asm+0x1a/0x30 [ 13.006096] [ 13.006303] The buggy address belongs to the object at ffff888102af6200 [ 13.006303] which belongs to the cache kmalloc-128 of size 128 [ 13.006979] The buggy address is located 119 bytes inside of [ 13.006979] allocated 120-byte region [ffff888102af6200, ffff888102af6278) [ 13.008423] [ 13.008595] The buggy address belongs to the physical page: [ 13.009548] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af6 [ 13.010430] flags: 0x200000000000000(node=0|zone=2) [ 13.010975] page_type: f5(slab) [ 13.011363] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.012411] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.013262] page dumped because: kasan: bad access detected [ 13.013924] [ 13.014025] Memory state around the buggy address: [ 13.014785] ffff888102af6100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.015600] ffff888102af6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.016190] >ffff888102af6200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.016911] ^ [ 13.017574] ffff888102af6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.018139] ffff888102af6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.018683] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.951287] ================================================================== [ 12.952149] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.952464] Write of size 128 at addr ffff888102602700 by task kunit_try_catch/187 [ 12.952766] [ 12.952882] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.952926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.952937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.952957] Call Trace: [ 12.952970] <TASK> [ 12.952986] dump_stack_lvl+0x73/0xb0 [ 12.953012] print_report+0xd1/0x650 [ 12.953033] ? __virt_addr_valid+0x1db/0x2d0 [ 12.953089] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.953110] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.953134] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.953155] kasan_report+0x141/0x180 [ 12.953176] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.953202] kasan_check_range+0x10c/0x1c0 [ 12.953224] __asan_memset+0x27/0x50 [ 12.953242] kmalloc_oob_in_memset+0x15f/0x320 [ 12.953263] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.953285] ? __schedule+0x10cc/0x2b60 [ 12.953306] ? __pfx_read_tsc+0x10/0x10 [ 12.953326] ? ktime_get_ts64+0x86/0x230 [ 12.953350] kunit_try_run_case+0x1a5/0x480 [ 12.953373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.953393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.953416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.953437] ? __kthread_parkme+0x82/0x180 [ 12.953456] ? preempt_count_sub+0x50/0x80 [ 12.953478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.953517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.953539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.953566] kthread+0x337/0x6f0 [ 12.953585] ? trace_preempt_on+0x20/0xc0 [ 12.953607] ? __pfx_kthread+0x10/0x10 [ 12.953626] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.953646] ? calculate_sigpending+0x7b/0xa0 [ 12.953668] ? __pfx_kthread+0x10/0x10 [ 12.953688] ret_from_fork+0x116/0x1d0 [ 12.953706] ? __pfx_kthread+0x10/0x10 [ 12.953725] ret_from_fork_asm+0x1a/0x30 [ 12.953755] </TASK> [ 12.953766] [ 12.960783] Allocated by task 187: [ 12.960910] kasan_save_stack+0x45/0x70 [ 12.961060] kasan_save_track+0x18/0x40 [ 12.961369] kasan_save_alloc_info+0x3b/0x50 [ 12.961699] __kasan_kmalloc+0xb7/0xc0 [ 12.961897] __kmalloc_cache_noprof+0x189/0x420 [ 12.962088] kmalloc_oob_in_memset+0xac/0x320 [ 12.962237] kunit_try_run_case+0x1a5/0x480 [ 12.962449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.962735] kthread+0x337/0x6f0 [ 12.962902] ret_from_fork+0x116/0x1d0 [ 12.963227] ret_from_fork_asm+0x1a/0x30 [ 12.963393] [ 12.963466] The buggy address belongs to the object at ffff888102602700 [ 12.963466] which belongs to the cache kmalloc-128 of size 128 [ 12.963835] The buggy address is located 0 bytes inside of [ 12.963835] allocated 120-byte region [ffff888102602700, ffff888102602778) [ 12.964353] [ 12.964450] The buggy address belongs to the physical page: [ 12.964700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 12.965006] flags: 0x200000000000000(node=0|zone=2) [ 12.965205] page_type: f5(slab) [ 12.965328] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.965602] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.965957] page dumped because: kasan: bad access detected [ 12.966228] [ 12.966321] Memory state around the buggy address: [ 12.966547] ffff888102602600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.966866] ffff888102602680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.967179] >ffff888102602700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.967442] ^ [ 12.967724] ffff888102602780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.968000] ffff888102602800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.968248] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.918474] ================================================================== [ 12.919622] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.920261] Read of size 16 at addr ffff88810256a300 by task kunit_try_catch/185 [ 12.920996] [ 12.921240] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.921286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.921298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.921318] Call Trace: [ 12.921330] <TASK> [ 12.921347] dump_stack_lvl+0x73/0xb0 [ 12.921377] print_report+0xd1/0x650 [ 12.921399] ? __virt_addr_valid+0x1db/0x2d0 [ 12.921422] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.921441] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.921466] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.921485] kasan_report+0x141/0x180 [ 12.921525] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.921555] __asan_report_load16_noabort+0x18/0x20 [ 12.921578] kmalloc_uaf_16+0x47b/0x4c0 [ 12.921597] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.921618] ? __schedule+0x10cc/0x2b60 [ 12.921640] ? __pfx_read_tsc+0x10/0x10 [ 12.921660] ? ktime_get_ts64+0x86/0x230 [ 12.921684] kunit_try_run_case+0x1a5/0x480 [ 12.921707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.921728] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.921750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.921771] ? __kthread_parkme+0x82/0x180 [ 12.921791] ? preempt_count_sub+0x50/0x80 [ 12.921814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.921836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.921857] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.921879] kthread+0x337/0x6f0 [ 12.921897] ? trace_preempt_on+0x20/0xc0 [ 12.921919] ? __pfx_kthread+0x10/0x10 [ 12.921938] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.921957] ? calculate_sigpending+0x7b/0xa0 [ 12.921980] ? __pfx_kthread+0x10/0x10 [ 12.922000] ret_from_fork+0x116/0x1d0 [ 12.922018] ? __pfx_kthread+0x10/0x10 [ 12.922037] ret_from_fork_asm+0x1a/0x30 [ 12.922090] </TASK> [ 12.922101] [ 12.931643] Allocated by task 185: [ 12.932070] kasan_save_stack+0x45/0x70 [ 12.932432] kasan_save_track+0x18/0x40 [ 12.932820] kasan_save_alloc_info+0x3b/0x50 [ 12.933302] __kasan_kmalloc+0xb7/0xc0 [ 12.933700] __kmalloc_cache_noprof+0x189/0x420 [ 12.934135] kmalloc_uaf_16+0x15b/0x4c0 [ 12.934474] kunit_try_run_case+0x1a5/0x480 [ 12.934896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.935491] kthread+0x337/0x6f0 [ 12.935844] ret_from_fork+0x116/0x1d0 [ 12.936145] ret_from_fork_asm+0x1a/0x30 [ 12.936656] [ 12.936829] Freed by task 185: [ 12.937164] kasan_save_stack+0x45/0x70 [ 12.937535] kasan_save_track+0x18/0x40 [ 12.937935] kasan_save_free_info+0x3f/0x60 [ 12.938368] __kasan_slab_free+0x56/0x70 [ 12.938794] kfree+0x222/0x3f0 [ 12.939101] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.939547] kunit_try_run_case+0x1a5/0x480 [ 12.940003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.940332] kthread+0x337/0x6f0 [ 12.940635] ret_from_fork+0x116/0x1d0 [ 12.941110] ret_from_fork_asm+0x1a/0x30 [ 12.941451] [ 12.941535] The buggy address belongs to the object at ffff88810256a300 [ 12.941535] which belongs to the cache kmalloc-16 of size 16 [ 12.941896] The buggy address is located 0 bytes inside of [ 12.941896] freed 16-byte region [ffff88810256a300, ffff88810256a310) [ 12.942619] [ 12.942756] The buggy address belongs to the physical page: [ 12.943026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10256a [ 12.943386] flags: 0x200000000000000(node=0|zone=2) [ 12.943666] page_type: f5(slab) [ 12.943816] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.944088] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.944350] page dumped because: kasan: bad access detected [ 12.944696] [ 12.944788] Memory state around the buggy address: [ 12.945009] ffff88810256a200: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.945893] ffff88810256a280: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 12.946447] >ffff88810256a300: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.946896] ^ [ 12.947310] ffff88810256a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.947766] ffff88810256a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.948324] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.879392] ================================================================== [ 12.880393] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.880632] Write of size 16 at addr ffff8881022bac60 by task kunit_try_catch/183 [ 12.880862] [ 12.880954] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.880999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.881010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.881031] Call Trace: [ 12.881092] <TASK> [ 12.881109] dump_stack_lvl+0x73/0xb0 [ 12.881140] print_report+0xd1/0x650 [ 12.881161] ? __virt_addr_valid+0x1db/0x2d0 [ 12.881185] ? kmalloc_oob_16+0x452/0x4a0 [ 12.881204] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.881229] ? kmalloc_oob_16+0x452/0x4a0 [ 12.881248] kasan_report+0x141/0x180 [ 12.881269] ? kmalloc_oob_16+0x452/0x4a0 [ 12.881293] __asan_report_store16_noabort+0x1b/0x30 [ 12.881316] kmalloc_oob_16+0x452/0x4a0 [ 12.881336] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.881404] ? __pfx_read_tsc+0x10/0x10 [ 12.881452] ? ktime_get_ts64+0x86/0x230 [ 12.881571] kunit_try_run_case+0x1a5/0x480 [ 12.881608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.881629] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.881653] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.881674] ? __kthread_parkme+0x82/0x180 [ 12.881694] ? preempt_count_sub+0x50/0x80 [ 12.881717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.881781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.881827] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.881863] kthread+0x337/0x6f0 [ 12.881882] ? trace_preempt_on+0x20/0xc0 [ 12.881904] ? __pfx_kthread+0x10/0x10 [ 12.881923] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.881943] ? calculate_sigpending+0x7b/0xa0 [ 12.881966] ? __pfx_kthread+0x10/0x10 [ 12.881986] ret_from_fork+0x116/0x1d0 [ 12.882004] ? __pfx_kthread+0x10/0x10 [ 12.882023] ret_from_fork_asm+0x1a/0x30 [ 12.882077] </TASK> [ 12.882089] [ 12.892566] Allocated by task 183: [ 12.892700] kasan_save_stack+0x45/0x70 [ 12.892845] kasan_save_track+0x18/0x40 [ 12.892980] kasan_save_alloc_info+0x3b/0x50 [ 12.893752] __kasan_kmalloc+0xb7/0xc0 [ 12.894988] __kmalloc_cache_noprof+0x189/0x420 [ 12.895742] kmalloc_oob_16+0xa8/0x4a0 [ 12.896381] kunit_try_run_case+0x1a5/0x480 [ 12.897067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.897838] kthread+0x337/0x6f0 [ 12.898428] ret_from_fork+0x116/0x1d0 [ 12.899200] ret_from_fork_asm+0x1a/0x30 [ 12.899721] [ 12.900020] The buggy address belongs to the object at ffff8881022bac60 [ 12.900020] which belongs to the cache kmalloc-16 of size 16 [ 12.901811] The buggy address is located 0 bytes inside of [ 12.901811] allocated 13-byte region [ffff8881022bac60, ffff8881022bac6d) [ 12.903414] [ 12.903804] The buggy address belongs to the physical page: [ 12.904635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 12.905715] flags: 0x200000000000000(node=0|zone=2) [ 12.906553] page_type: f5(slab) [ 12.907001] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.908058] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.908679] page dumped because: kasan: bad access detected [ 12.909456] [ 12.909817] Memory state around the buggy address: [ 12.910032] ffff8881022bab00: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 12.911153] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 12.911408] >ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 12.911921] ^ [ 12.912837] ffff8881022bac80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.913989] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.914812] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.818835] ================================================================== [ 12.819931] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.820836] Read of size 1 at addr ffff888100a2da00 by task kunit_try_catch/181 [ 12.821676] [ 12.821930] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.821994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.822007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.822072] Call Trace: [ 12.822086] <TASK> [ 12.822104] dump_stack_lvl+0x73/0xb0 [ 12.822137] print_report+0xd1/0x650 [ 12.822158] ? __virt_addr_valid+0x1db/0x2d0 [ 12.822182] ? krealloc_uaf+0x1b8/0x5e0 [ 12.822202] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.822227] ? krealloc_uaf+0x1b8/0x5e0 [ 12.822247] kasan_report+0x141/0x180 [ 12.822268] ? krealloc_uaf+0x1b8/0x5e0 [ 12.822291] ? krealloc_uaf+0x1b8/0x5e0 [ 12.822312] __kasan_check_byte+0x3d/0x50 [ 12.822333] krealloc_noprof+0x3f/0x340 [ 12.822355] krealloc_uaf+0x1b8/0x5e0 [ 12.822375] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.822395] ? finish_task_switch.isra.0+0x153/0x700 [ 12.822417] ? __switch_to+0x47/0xf50 [ 12.822442] ? __schedule+0x10cc/0x2b60 [ 12.822464] ? __pfx_read_tsc+0x10/0x10 [ 12.822483] ? ktime_get_ts64+0x86/0x230 [ 12.822517] kunit_try_run_case+0x1a5/0x480 [ 12.822541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.822562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.822585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.822606] ? __kthread_parkme+0x82/0x180 [ 12.822627] ? preempt_count_sub+0x50/0x80 [ 12.822648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.822671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.822692] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.822713] kthread+0x337/0x6f0 [ 12.822732] ? trace_preempt_on+0x20/0xc0 [ 12.822754] ? __pfx_kthread+0x10/0x10 [ 12.822774] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.822794] ? calculate_sigpending+0x7b/0xa0 [ 12.822817] ? __pfx_kthread+0x10/0x10 [ 12.822837] ret_from_fork+0x116/0x1d0 [ 12.822854] ? __pfx_kthread+0x10/0x10 [ 12.822873] ret_from_fork_asm+0x1a/0x30 [ 12.822904] </TASK> [ 12.822917] [ 12.835691] Allocated by task 181: [ 12.836149] kasan_save_stack+0x45/0x70 [ 12.836606] kasan_save_track+0x18/0x40 [ 12.836752] kasan_save_alloc_info+0x3b/0x50 [ 12.836901] __kasan_kmalloc+0xb7/0xc0 [ 12.837032] __kmalloc_cache_noprof+0x189/0x420 [ 12.837268] krealloc_uaf+0xbb/0x5e0 [ 12.837401] kunit_try_run_case+0x1a5/0x480 [ 12.837561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.837735] kthread+0x337/0x6f0 [ 12.837855] ret_from_fork+0x116/0x1d0 [ 12.837985] ret_from_fork_asm+0x1a/0x30 [ 12.838363] [ 12.838587] Freed by task 181: [ 12.838969] kasan_save_stack+0x45/0x70 [ 12.839364] kasan_save_track+0x18/0x40 [ 12.839781] kasan_save_free_info+0x3f/0x60 [ 12.840191] __kasan_slab_free+0x56/0x70 [ 12.840549] kfree+0x222/0x3f0 [ 12.840853] krealloc_uaf+0x13d/0x5e0 [ 12.841203] kunit_try_run_case+0x1a5/0x480 [ 12.841607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.842074] kthread+0x337/0x6f0 [ 12.842383] ret_from_fork+0x116/0x1d0 [ 12.842764] ret_from_fork_asm+0x1a/0x30 [ 12.843173] [ 12.843338] The buggy address belongs to the object at ffff888100a2da00 [ 12.843338] which belongs to the cache kmalloc-256 of size 256 [ 12.844368] The buggy address is located 0 bytes inside of [ 12.844368] freed 256-byte region [ffff888100a2da00, ffff888100a2db00) [ 12.845165] [ 12.845327] The buggy address belongs to the physical page: [ 12.845848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2c [ 12.846545] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.846779] flags: 0x200000000000040(head|node=0|zone=2) [ 12.846963] page_type: f5(slab) [ 12.847098] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.847328] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.847651] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.848296] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.848955] head: 0200000000000001 ffffea0004028b01 00000000ffffffff 00000000ffffffff [ 12.849644] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.850285] page dumped because: kasan: bad access detected [ 12.850826] [ 12.851013] Memory state around the buggy address: [ 12.851518] ffff888100a2d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.852137] ffff888100a2d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.852864] >ffff888100a2da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.853710] ^ [ 12.854080] ffff888100a2da80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.854492] ffff888100a2db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.854721] ================================================================== [ 12.855345] ================================================================== [ 12.855647] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.856017] Read of size 1 at addr ffff888100a2da00 by task kunit_try_catch/181 [ 12.856289] [ 12.856416] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.856460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.856471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.856491] Call Trace: [ 12.856506] <TASK> [ 12.856522] dump_stack_lvl+0x73/0xb0 [ 12.856548] print_report+0xd1/0x650 [ 12.856569] ? __virt_addr_valid+0x1db/0x2d0 [ 12.856589] ? krealloc_uaf+0x53c/0x5e0 [ 12.856609] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.856633] ? krealloc_uaf+0x53c/0x5e0 [ 12.856653] kasan_report+0x141/0x180 [ 12.856673] ? krealloc_uaf+0x53c/0x5e0 [ 12.856698] __asan_report_load1_noabort+0x18/0x20 [ 12.856720] krealloc_uaf+0x53c/0x5e0 [ 12.856740] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.856761] ? finish_task_switch.isra.0+0x153/0x700 [ 12.856782] ? __switch_to+0x47/0xf50 [ 12.856807] ? __schedule+0x10cc/0x2b60 [ 12.856828] ? __pfx_read_tsc+0x10/0x10 [ 12.856848] ? ktime_get_ts64+0x86/0x230 [ 12.856870] kunit_try_run_case+0x1a5/0x480 [ 12.856893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.856914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.856935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.856956] ? __kthread_parkme+0x82/0x180 [ 12.856975] ? preempt_count_sub+0x50/0x80 [ 12.856996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.857018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.857051] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.857072] kthread+0x337/0x6f0 [ 12.857091] ? trace_preempt_on+0x20/0xc0 [ 12.857112] ? __pfx_kthread+0x10/0x10 [ 12.857131] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.857150] ? calculate_sigpending+0x7b/0xa0 [ 12.857172] ? __pfx_kthread+0x10/0x10 [ 12.857192] ret_from_fork+0x116/0x1d0 [ 12.857209] ? __pfx_kthread+0x10/0x10 [ 12.857228] ret_from_fork_asm+0x1a/0x30 [ 12.857257] </TASK> [ 12.857268] [ 12.864127] Allocated by task 181: [ 12.864302] kasan_save_stack+0x45/0x70 [ 12.864494] kasan_save_track+0x18/0x40 [ 12.864666] kasan_save_alloc_info+0x3b/0x50 [ 12.864814] __kasan_kmalloc+0xb7/0xc0 [ 12.864945] __kmalloc_cache_noprof+0x189/0x420 [ 12.865140] krealloc_uaf+0xbb/0x5e0 [ 12.865319] kunit_try_run_case+0x1a5/0x480 [ 12.865532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.865795] kthread+0x337/0x6f0 [ 12.865933] ret_from_fork+0x116/0x1d0 [ 12.866076] ret_from_fork_asm+0x1a/0x30 [ 12.866214] [ 12.866308] Freed by task 181: [ 12.866469] kasan_save_stack+0x45/0x70 [ 12.866842] kasan_save_track+0x18/0x40 [ 12.867021] kasan_save_free_info+0x3f/0x60 [ 12.867202] __kasan_slab_free+0x56/0x70 [ 12.867376] kfree+0x222/0x3f0 [ 12.867555] krealloc_uaf+0x13d/0x5e0 [ 12.867712] kunit_try_run_case+0x1a5/0x480 [ 12.867907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.868139] kthread+0x337/0x6f0 [ 12.868300] ret_from_fork+0x116/0x1d0 [ 12.868482] ret_from_fork_asm+0x1a/0x30 [ 12.868644] [ 12.868725] The buggy address belongs to the object at ffff888100a2da00 [ 12.868725] which belongs to the cache kmalloc-256 of size 256 [ 12.869237] The buggy address is located 0 bytes inside of [ 12.869237] freed 256-byte region [ffff888100a2da00, ffff888100a2db00) [ 12.869702] [ 12.869800] The buggy address belongs to the physical page: [ 12.869974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2c [ 12.870224] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.870449] flags: 0x200000000000040(head|node=0|zone=2) [ 12.870689] page_type: f5(slab) [ 12.870854] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.871390] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.871662] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.871891] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.872128] head: 0200000000000001 ffffea0004028b01 00000000ffffffff 00000000ffffffff [ 12.872356] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.872988] page dumped because: kasan: bad access detected [ 12.873258] [ 12.873351] Memory state around the buggy address: [ 12.873645] ffff888100a2d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.873971] ffff888100a2d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.874225] >ffff888100a2da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.874553] ^ [ 12.874675] ffff888100a2da80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.874888] ffff888100a2db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.875175] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.760682] ================================================================== [ 12.761035] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.761450] Write of size 1 at addr ffff888102b6a0ea by task kunit_try_catch/179 [ 12.761890] [ 12.761977] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.762019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.762030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.762063] Call Trace: [ 12.762074] <TASK> [ 12.762088] dump_stack_lvl+0x73/0xb0 [ 12.762114] print_report+0xd1/0x650 [ 12.762134] ? __virt_addr_valid+0x1db/0x2d0 [ 12.762155] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.762177] ? kasan_addr_to_slab+0x11/0xa0 [ 12.762196] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.762218] kasan_report+0x141/0x180 [ 12.762239] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.762266] __asan_report_store1_noabort+0x1b/0x30 [ 12.762289] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.762313] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.762335] ? finish_task_switch.isra.0+0x153/0x700 [ 12.762356] ? __switch_to+0x47/0xf50 [ 12.762381] ? __schedule+0x10cc/0x2b60 [ 12.762402] ? __pfx_read_tsc+0x10/0x10 [ 12.762424] krealloc_large_less_oob+0x1c/0x30 [ 12.762446] kunit_try_run_case+0x1a5/0x480 [ 12.762468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.762488] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.762521] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.762543] ? __kthread_parkme+0x82/0x180 [ 12.762561] ? preempt_count_sub+0x50/0x80 [ 12.762595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.762618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.762639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.762661] kthread+0x337/0x6f0 [ 12.762678] ? trace_preempt_on+0x20/0xc0 [ 12.762700] ? __pfx_kthread+0x10/0x10 [ 12.762728] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.762755] ? calculate_sigpending+0x7b/0xa0 [ 12.762777] ? __pfx_kthread+0x10/0x10 [ 12.762809] ret_from_fork+0x116/0x1d0 [ 12.762826] ? __pfx_kthread+0x10/0x10 [ 12.762845] ret_from_fork_asm+0x1a/0x30 [ 12.762874] </TASK> [ 12.762885] [ 12.771473] The buggy address belongs to the physical page: [ 12.771745] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b68 [ 12.772117] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.772421] flags: 0x200000000000040(head|node=0|zone=2) [ 12.773164] page_type: f8(unknown) [ 12.773329] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.773549] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.774157] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.774537] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.775258] head: 0200000000000002 ffffea00040ada01 00000000ffffffff 00000000ffffffff [ 12.776416] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.776806] page dumped because: kasan: bad access detected [ 12.777073] [ 12.777389] Memory state around the buggy address: [ 12.777793] ffff888102b69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.778358] ffff888102b6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.779325] >ffff888102b6a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.779983] ^ [ 12.780315] ffff888102b6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.781025] ffff888102b6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.781471] ================================================================== [ 12.742285] ================================================================== [ 12.742645] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.743034] Write of size 1 at addr ffff888102b6a0da by task kunit_try_catch/179 [ 12.743267] [ 12.743357] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.743400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.743412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.743433] Call Trace: [ 12.743445] <TASK> [ 12.743462] dump_stack_lvl+0x73/0xb0 [ 12.743516] print_report+0xd1/0x650 [ 12.743538] ? __virt_addr_valid+0x1db/0x2d0 [ 12.743559] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.743582] ? kasan_addr_to_slab+0x11/0xa0 [ 12.743601] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.743623] kasan_report+0x141/0x180 [ 12.743644] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.743671] __asan_report_store1_noabort+0x1b/0x30 [ 12.743705] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.743742] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.743777] ? finish_task_switch.isra.0+0x153/0x700 [ 12.743800] ? __switch_to+0x47/0xf50 [ 12.743826] ? __schedule+0x10cc/0x2b60 [ 12.743848] ? __pfx_read_tsc+0x10/0x10 [ 12.743871] krealloc_large_less_oob+0x1c/0x30 [ 12.743892] kunit_try_run_case+0x1a5/0x480 [ 12.743916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.743936] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.743959] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.743981] ? __kthread_parkme+0x82/0x180 [ 12.744000] ? preempt_count_sub+0x50/0x80 [ 12.744022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.744058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.744080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.744101] kthread+0x337/0x6f0 [ 12.744119] ? trace_preempt_on+0x20/0xc0 [ 12.744141] ? __pfx_kthread+0x10/0x10 [ 12.744160] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.744180] ? calculate_sigpending+0x7b/0xa0 [ 12.744203] ? __pfx_kthread+0x10/0x10 [ 12.744223] ret_from_fork+0x116/0x1d0 [ 12.744240] ? __pfx_kthread+0x10/0x10 [ 12.744260] ret_from_fork_asm+0x1a/0x30 [ 12.744289] </TASK> [ 12.744301] [ 12.753392] The buggy address belongs to the physical page: [ 12.753716] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b68 [ 12.753998] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.754484] flags: 0x200000000000040(head|node=0|zone=2) [ 12.754845] page_type: f8(unknown) [ 12.754973] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.755423] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.755806] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.756028] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.756256] head: 0200000000000002 ffffea00040ada01 00000000ffffffff 00000000ffffffff [ 12.757029] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.757626] page dumped because: kasan: bad access detected [ 12.757950] [ 12.758030] Memory state around the buggy address: [ 12.758313] ffff888102b69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.758564] ffff888102b6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.758772] >ffff888102b6a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.759023] ^ [ 12.759576] ffff888102b6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.759814] ffff888102b6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.760018] ================================================================== [ 12.783100] ================================================================== [ 12.783419] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.783996] Write of size 1 at addr ffff888102b6a0eb by task kunit_try_catch/179 [ 12.784935] [ 12.785064] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.785111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.785123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.785144] Call Trace: [ 12.785158] <TASK> [ 12.785174] dump_stack_lvl+0x73/0xb0 [ 12.785203] print_report+0xd1/0x650 [ 12.785225] ? __virt_addr_valid+0x1db/0x2d0 [ 12.785247] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.785270] ? kasan_addr_to_slab+0x11/0xa0 [ 12.785290] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.785313] kasan_report+0x141/0x180 [ 12.785334] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.785362] __asan_report_store1_noabort+0x1b/0x30 [ 12.785385] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.785409] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.785432] ? finish_task_switch.isra.0+0x153/0x700 [ 12.785454] ? __switch_to+0x47/0xf50 [ 12.785481] ? __schedule+0x10cc/0x2b60 [ 12.785502] ? __pfx_read_tsc+0x10/0x10 [ 12.785526] krealloc_large_less_oob+0x1c/0x30 [ 12.785548] kunit_try_run_case+0x1a5/0x480 [ 12.785579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.785600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.785622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.785645] ? __kthread_parkme+0x82/0x180 [ 12.785664] ? preempt_count_sub+0x50/0x80 [ 12.785686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.785709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.785731] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.785752] kthread+0x337/0x6f0 [ 12.785771] ? trace_preempt_on+0x20/0xc0 [ 12.785794] ? __pfx_kthread+0x10/0x10 [ 12.785813] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.785833] ? calculate_sigpending+0x7b/0xa0 [ 12.785856] ? __pfx_kthread+0x10/0x10 [ 12.785876] ret_from_fork+0x116/0x1d0 [ 12.785894] ? __pfx_kthread+0x10/0x10 [ 12.785914] ret_from_fork_asm+0x1a/0x30 [ 12.785944] </TASK> [ 12.785955] [ 12.798661] The buggy address belongs to the physical page: [ 12.798904] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b68 [ 12.799827] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.800724] flags: 0x200000000000040(head|node=0|zone=2) [ 12.800999] page_type: f8(unknown) [ 12.801495] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.801846] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.802526] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.803216] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.804321] head: 0200000000000002 ffffea00040ada01 00000000ffffffff 00000000ffffffff [ 12.804873] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.805740] page dumped because: kasan: bad access detected [ 12.806150] [ 12.806258] Memory state around the buggy address: [ 12.806471] ffff888102b69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.807262] ffff888102b6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.807872] >ffff888102b6a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.808455] ^ [ 12.809282] ffff888102b6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.809746] ffff888102b6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.810428] ================================================================== [ 12.510016] ================================================================== [ 12.510408] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.510869] Write of size 1 at addr ffff8881003466d0 by task kunit_try_catch/175 [ 12.511469] [ 12.511706] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.511753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.511765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.511786] Call Trace: [ 12.511800] <TASK> [ 12.511818] dump_stack_lvl+0x73/0xb0 [ 12.511869] print_report+0xd1/0x650 [ 12.511890] ? __virt_addr_valid+0x1db/0x2d0 [ 12.511912] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.511934] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.511959] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.511981] kasan_report+0x141/0x180 [ 12.512002] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.512029] __asan_report_store1_noabort+0x1b/0x30 [ 12.512322] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.512359] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.512381] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.512410] ? __pfx_krealloc_less_oob+0x10/0x10 [ 12.512437] krealloc_less_oob+0x1c/0x30 [ 12.512459] kunit_try_run_case+0x1a5/0x480 [ 12.512482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.512520] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.512545] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.512567] ? __kthread_parkme+0x82/0x180 [ 12.512587] ? preempt_count_sub+0x50/0x80 [ 12.512610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.512633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.512654] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.512675] kthread+0x337/0x6f0 [ 12.512693] ? trace_preempt_on+0x20/0xc0 [ 12.512716] ? __pfx_kthread+0x10/0x10 [ 12.512736] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.512755] ? calculate_sigpending+0x7b/0xa0 [ 12.512778] ? __pfx_kthread+0x10/0x10 [ 12.512799] ret_from_fork+0x116/0x1d0 [ 12.512817] ? __pfx_kthread+0x10/0x10 [ 12.512837] ret_from_fork_asm+0x1a/0x30 [ 12.512867] </TASK> [ 12.512878] [ 12.524233] Allocated by task 175: [ 12.524395] kasan_save_stack+0x45/0x70 [ 12.524913] kasan_save_track+0x18/0x40 [ 12.525122] kasan_save_alloc_info+0x3b/0x50 [ 12.525758] __kasan_krealloc+0x190/0x1f0 [ 12.525970] krealloc_noprof+0xf3/0x340 [ 12.526445] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.526763] krealloc_less_oob+0x1c/0x30 [ 12.526988] kunit_try_run_case+0x1a5/0x480 [ 12.527387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.527830] kthread+0x337/0x6f0 [ 12.528003] ret_from_fork+0x116/0x1d0 [ 12.528279] ret_from_fork_asm+0x1a/0x30 [ 12.528464] [ 12.528570] The buggy address belongs to the object at ffff888100346600 [ 12.528570] which belongs to the cache kmalloc-256 of size 256 [ 12.529086] The buggy address is located 7 bytes to the right of [ 12.529086] allocated 201-byte region [ffff888100346600, ffff8881003466c9) [ 12.530259] [ 12.530362] The buggy address belongs to the physical page: [ 12.530578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.531203] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.531645] flags: 0x200000000000040(head|node=0|zone=2) [ 12.531982] page_type: f5(slab) [ 12.532255] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.532758] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.533408] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.533998] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.534631] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.534938] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.535581] page dumped because: kasan: bad access detected [ 12.535843] [ 12.535943] Memory state around the buggy address: [ 12.536396] ffff888100346580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.536849] ffff888100346600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.537522] >ffff888100346680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.537823] ^ [ 12.538126] ffff888100346700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.538676] ffff888100346780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.539161] ================================================================== [ 12.686779] ================================================================== [ 12.687263] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.687584] Write of size 1 at addr ffff888102b6a0c9 by task kunit_try_catch/179 [ 12.687888] [ 12.687994] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.688051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.688063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.688439] Call Trace: [ 12.688453] <TASK> [ 12.688472] dump_stack_lvl+0x73/0xb0 [ 12.688527] print_report+0xd1/0x650 [ 12.688567] ? __virt_addr_valid+0x1db/0x2d0 [ 12.688590] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.688624] ? kasan_addr_to_slab+0x11/0xa0 [ 12.688644] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.688666] kasan_report+0x141/0x180 [ 12.688799] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.688832] __asan_report_store1_noabort+0x1b/0x30 [ 12.688855] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.688880] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.688902] ? finish_task_switch.isra.0+0x153/0x700 [ 12.688925] ? __switch_to+0x47/0xf50 [ 12.688951] ? __schedule+0x10cc/0x2b60 [ 12.688973] ? __pfx_read_tsc+0x10/0x10 [ 12.688997] krealloc_large_less_oob+0x1c/0x30 [ 12.689019] kunit_try_run_case+0x1a5/0x480 [ 12.689054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.689075] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.689098] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.689121] ? __kthread_parkme+0x82/0x180 [ 12.689141] ? preempt_count_sub+0x50/0x80 [ 12.689163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.689199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.689221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.689243] kthread+0x337/0x6f0 [ 12.689273] ? trace_preempt_on+0x20/0xc0 [ 12.689296] ? __pfx_kthread+0x10/0x10 [ 12.689315] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.689346] ? calculate_sigpending+0x7b/0xa0 [ 12.689370] ? __pfx_kthread+0x10/0x10 [ 12.689390] ret_from_fork+0x116/0x1d0 [ 12.689420] ? __pfx_kthread+0x10/0x10 [ 12.689440] ret_from_fork_asm+0x1a/0x30 [ 12.689472] </TASK> [ 12.689496] [ 12.702451] The buggy address belongs to the physical page: [ 12.702922] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b68 [ 12.703563] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.704139] flags: 0x200000000000040(head|node=0|zone=2) [ 12.704581] page_type: f8(unknown) [ 12.704893] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.705403] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.705944] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.706517] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.706983] head: 0200000000000002 ffffea00040ada01 00000000ffffffff 00000000ffffffff [ 12.707453] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.708015] page dumped because: kasan: bad access detected [ 12.708506] [ 12.708632] Memory state around the buggy address: [ 12.709113] ffff888102b69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.709566] ffff888102b6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.710009] >ffff888102b6a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.710460] ^ [ 12.710895] ffff888102b6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.711417] ffff888102b6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.711866] ================================================================== [ 12.540170] ================================================================== [ 12.540490] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.540968] Write of size 1 at addr ffff8881003466da by task kunit_try_catch/175 [ 12.541802] [ 12.541937] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.541984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.542013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.542035] Call Trace: [ 12.542067] <TASK> [ 12.542139] dump_stack_lvl+0x73/0xb0 [ 12.542170] print_report+0xd1/0x650 [ 12.542192] ? __virt_addr_valid+0x1db/0x2d0 [ 12.542214] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.542236] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.542261] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.542283] kasan_report+0x141/0x180 [ 12.542304] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.542331] __asan_report_store1_noabort+0x1b/0x30 [ 12.542354] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.542379] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.542400] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.542430] ? __pfx_krealloc_less_oob+0x10/0x10 [ 12.542456] krealloc_less_oob+0x1c/0x30 [ 12.542476] kunit_try_run_case+0x1a5/0x480 [ 12.542498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.542519] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.542542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.542563] ? __kthread_parkme+0x82/0x180 [ 12.542583] ? preempt_count_sub+0x50/0x80 [ 12.542606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.542628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.542650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.542671] kthread+0x337/0x6f0 [ 12.542690] ? trace_preempt_on+0x20/0xc0 [ 12.542711] ? __pfx_kthread+0x10/0x10 [ 12.542731] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.542750] ? calculate_sigpending+0x7b/0xa0 [ 12.542773] ? __pfx_kthread+0x10/0x10 [ 12.542793] ret_from_fork+0x116/0x1d0 [ 12.542811] ? __pfx_kthread+0x10/0x10 [ 12.542830] ret_from_fork_asm+0x1a/0x30 [ 12.542861] </TASK> [ 12.542872] [ 12.554723] Allocated by task 175: [ 12.554932] kasan_save_stack+0x45/0x70 [ 12.555277] kasan_save_track+0x18/0x40 [ 12.555621] kasan_save_alloc_info+0x3b/0x50 [ 12.555829] __kasan_krealloc+0x190/0x1f0 [ 12.556014] krealloc_noprof+0xf3/0x340 [ 12.556239] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.556746] krealloc_less_oob+0x1c/0x30 [ 12.556946] kunit_try_run_case+0x1a5/0x480 [ 12.557525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.557978] kthread+0x337/0x6f0 [ 12.558283] ret_from_fork+0x116/0x1d0 [ 12.558645] ret_from_fork_asm+0x1a/0x30 [ 12.558846] [ 12.558946] The buggy address belongs to the object at ffff888100346600 [ 12.558946] which belongs to the cache kmalloc-256 of size 256 [ 12.559810] The buggy address is located 17 bytes to the right of [ 12.559810] allocated 201-byte region [ffff888100346600, ffff8881003466c9) [ 12.560834] [ 12.561089] The buggy address belongs to the physical page: [ 12.561721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.562246] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.562650] flags: 0x200000000000040(head|node=0|zone=2) [ 12.562886] page_type: f5(slab) [ 12.563330] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.563654] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.563980] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.564521] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.564943] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.565722] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.566199] page dumped because: kasan: bad access detected [ 12.566466] [ 12.566775] Memory state around the buggy address: [ 12.567015] ffff888100346580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.567382] ffff888100346600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.567936] >ffff888100346680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.568414] ^ [ 12.568894] ffff888100346700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.569602] ffff888100346780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.569932] ================================================================== [ 12.602394] ================================================================== [ 12.602937] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.603628] Write of size 1 at addr ffff8881003466eb by task kunit_try_catch/175 [ 12.603945] [ 12.604066] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.604111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.604124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.604147] Call Trace: [ 12.604165] <TASK> [ 12.604184] dump_stack_lvl+0x73/0xb0 [ 12.604214] print_report+0xd1/0x650 [ 12.604236] ? __virt_addr_valid+0x1db/0x2d0 [ 12.604257] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.604279] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.604304] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.604327] kasan_report+0x141/0x180 [ 12.604348] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.604376] __asan_report_store1_noabort+0x1b/0x30 [ 12.604399] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.604423] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.604444] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.604473] ? __pfx_krealloc_less_oob+0x10/0x10 [ 12.604499] krealloc_less_oob+0x1c/0x30 [ 12.604519] kunit_try_run_case+0x1a5/0x480 [ 12.604543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.604564] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.604587] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.604608] ? __kthread_parkme+0x82/0x180 [ 12.604628] ? preempt_count_sub+0x50/0x80 [ 12.604652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.604674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.604695] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.604717] kthread+0x337/0x6f0 [ 12.604736] ? trace_preempt_on+0x20/0xc0 [ 12.604757] ? __pfx_kthread+0x10/0x10 [ 12.604777] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.604797] ? calculate_sigpending+0x7b/0xa0 [ 12.604820] ? __pfx_kthread+0x10/0x10 [ 12.604840] ret_from_fork+0x116/0x1d0 [ 12.604859] ? __pfx_kthread+0x10/0x10 [ 12.604878] ret_from_fork_asm+0x1a/0x30 [ 12.604908] </TASK> [ 12.604919] [ 12.616644] Allocated by task 175: [ 12.616806] kasan_save_stack+0x45/0x70 [ 12.617398] kasan_save_track+0x18/0x40 [ 12.617608] kasan_save_alloc_info+0x3b/0x50 [ 12.617777] __kasan_krealloc+0x190/0x1f0 [ 12.618140] krealloc_noprof+0xf3/0x340 [ 12.618314] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.618810] krealloc_less_oob+0x1c/0x30 [ 12.619051] kunit_try_run_case+0x1a5/0x480 [ 12.619595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.619857] kthread+0x337/0x6f0 [ 12.620186] ret_from_fork+0x116/0x1d0 [ 12.620456] ret_from_fork_asm+0x1a/0x30 [ 12.620841] [ 12.620944] The buggy address belongs to the object at ffff888100346600 [ 12.620944] which belongs to the cache kmalloc-256 of size 256 [ 12.621721] The buggy address is located 34 bytes to the right of [ 12.621721] allocated 201-byte region [ffff888100346600, ffff8881003466c9) [ 12.622575] [ 12.622704] The buggy address belongs to the physical page: [ 12.623201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.623522] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.623858] flags: 0x200000000000040(head|node=0|zone=2) [ 12.624095] page_type: f5(slab) [ 12.624579] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.624953] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.625523] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.626007] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.626528] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.626962] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.627589] page dumped because: kasan: bad access detected [ 12.628010] [ 12.628228] Memory state around the buggy address: [ 12.628412] ffff888100346580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.629163] ffff888100346600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.629752] >ffff888100346680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.630197] ^ [ 12.630619] ffff888100346700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.630916] ffff888100346780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.631637] ================================================================== [ 12.712746] ================================================================== [ 12.713429] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.713929] Write of size 1 at addr ffff888102b6a0d0 by task kunit_try_catch/179 [ 12.714721] [ 12.715067] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.715119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.715131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.715153] Call Trace: [ 12.715165] <TASK> [ 12.715182] dump_stack_lvl+0x73/0xb0 [ 12.715212] print_report+0xd1/0x650 [ 12.715233] ? __virt_addr_valid+0x1db/0x2d0 [ 12.715255] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.715278] ? kasan_addr_to_slab+0x11/0xa0 [ 12.715297] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.715320] kasan_report+0x141/0x180 [ 12.715341] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.715368] __asan_report_store1_noabort+0x1b/0x30 [ 12.715391] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.715416] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.715438] ? finish_task_switch.isra.0+0x153/0x700 [ 12.715459] ? __switch_to+0x47/0xf50 [ 12.715486] ? __schedule+0x10cc/0x2b60 [ 12.715507] ? __pfx_read_tsc+0x10/0x10 [ 12.715532] krealloc_large_less_oob+0x1c/0x30 [ 12.715553] kunit_try_run_case+0x1a5/0x480 [ 12.715577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.715598] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.715620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.715642] ? __kthread_parkme+0x82/0x180 [ 12.715662] ? preempt_count_sub+0x50/0x80 [ 12.715683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.715705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.715727] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.715748] kthread+0x337/0x6f0 [ 12.715766] ? trace_preempt_on+0x20/0xc0 [ 12.715789] ? __pfx_kthread+0x10/0x10 [ 12.715808] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.715828] ? calculate_sigpending+0x7b/0xa0 [ 12.715851] ? __pfx_kthread+0x10/0x10 [ 12.715871] ret_from_fork+0x116/0x1d0 [ 12.715888] ? __pfx_kthread+0x10/0x10 [ 12.715907] ret_from_fork_asm+0x1a/0x30 [ 12.715937] </TASK> [ 12.715949] [ 12.729532] The buggy address belongs to the physical page: [ 12.730067] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b68 [ 12.730887] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.731401] flags: 0x200000000000040(head|node=0|zone=2) [ 12.731720] page_type: f8(unknown) [ 12.732106] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.732576] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.733022] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.733613] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.733964] head: 0200000000000002 ffffea00040ada01 00000000ffffffff 00000000ffffffff [ 12.734631] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.735261] page dumped because: kasan: bad access detected [ 12.735473] [ 12.735549] Memory state around the buggy address: [ 12.736528] ffff888102b69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.738253] ffff888102b6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.738474] >ffff888102b6a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.738682] ^ [ 12.738859] ffff888102b6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.739202] ffff888102b6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.739464] ================================================================== [ 12.470281] ================================================================== [ 12.470866] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.471397] Write of size 1 at addr ffff8881003466c9 by task kunit_try_catch/175 [ 12.472336] [ 12.472599] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.472647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.472658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.472679] Call Trace: [ 12.472691] <TASK> [ 12.472708] dump_stack_lvl+0x73/0xb0 [ 12.472738] print_report+0xd1/0x650 [ 12.472760] ? __virt_addr_valid+0x1db/0x2d0 [ 12.472781] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.472803] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.472828] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.472850] kasan_report+0x141/0x180 [ 12.472870] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.472897] __asan_report_store1_noabort+0x1b/0x30 [ 12.472920] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.472944] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.472965] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.472994] ? __pfx_krealloc_less_oob+0x10/0x10 [ 12.473019] krealloc_less_oob+0x1c/0x30 [ 12.473057] kunit_try_run_case+0x1a5/0x480 [ 12.473081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.473101] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.473125] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.473146] ? __kthread_parkme+0x82/0x180 [ 12.473166] ? preempt_count_sub+0x50/0x80 [ 12.473189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.473210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.473232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.473253] kthread+0x337/0x6f0 [ 12.473271] ? trace_preempt_on+0x20/0xc0 [ 12.473293] ? __pfx_kthread+0x10/0x10 [ 12.473312] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.473332] ? calculate_sigpending+0x7b/0xa0 [ 12.473354] ? __pfx_kthread+0x10/0x10 [ 12.473375] ret_from_fork+0x116/0x1d0 [ 12.473392] ? __pfx_kthread+0x10/0x10 [ 12.473412] ret_from_fork_asm+0x1a/0x30 [ 12.473442] </TASK> [ 12.473453] [ 12.488594] Allocated by task 175: [ 12.488783] kasan_save_stack+0x45/0x70 [ 12.488983] kasan_save_track+0x18/0x40 [ 12.491034] kasan_save_alloc_info+0x3b/0x50 [ 12.491285] __kasan_krealloc+0x190/0x1f0 [ 12.491476] krealloc_noprof+0xf3/0x340 [ 12.492325] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.492903] krealloc_less_oob+0x1c/0x30 [ 12.493333] kunit_try_run_case+0x1a5/0x480 [ 12.494275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.494597] kthread+0x337/0x6f0 [ 12.494907] ret_from_fork+0x116/0x1d0 [ 12.495673] ret_from_fork_asm+0x1a/0x30 [ 12.495951] [ 12.496307] The buggy address belongs to the object at ffff888100346600 [ 12.496307] which belongs to the cache kmalloc-256 of size 256 [ 12.497486] The buggy address is located 0 bytes to the right of [ 12.497486] allocated 201-byte region [ffff888100346600, ffff8881003466c9) [ 12.498822] [ 12.498953] The buggy address belongs to the physical page: [ 12.499974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.500502] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.500822] flags: 0x200000000000040(head|node=0|zone=2) [ 12.501543] page_type: f5(slab) [ 12.501721] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.502054] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.502428] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.503236] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.503781] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.504111] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.504639] page dumped because: kasan: bad access detected [ 12.504991] [ 12.505082] Memory state around the buggy address: [ 12.505461] ffff888100346580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.506198] ffff888100346600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.506502] >ffff888100346680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.506933] ^ [ 12.507496] ffff888100346700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.507826] ffff888100346780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.508492] ================================================================== [ 12.571325] ================================================================== [ 12.572434] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.572881] Write of size 1 at addr ffff8881003466ea by task kunit_try_catch/175 [ 12.573431] [ 12.573692] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.573741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.573753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.573774] Call Trace: [ 12.573789] <TASK> [ 12.573807] dump_stack_lvl+0x73/0xb0 [ 12.573837] print_report+0xd1/0x650 [ 12.573858] ? __virt_addr_valid+0x1db/0x2d0 [ 12.573879] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.573902] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.573926] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.573949] kasan_report+0x141/0x180 [ 12.573971] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.573999] __asan_report_store1_noabort+0x1b/0x30 [ 12.574021] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.574061] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.574082] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.574111] ? __pfx_krealloc_less_oob+0x10/0x10 [ 12.574137] krealloc_less_oob+0x1c/0x30 [ 12.574157] kunit_try_run_case+0x1a5/0x480 [ 12.574181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.574202] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.574224] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.574247] ? __kthread_parkme+0x82/0x180 [ 12.574266] ? preempt_count_sub+0x50/0x80 [ 12.574289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.574311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.574333] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.574355] kthread+0x337/0x6f0 [ 12.574373] ? trace_preempt_on+0x20/0xc0 [ 12.574394] ? __pfx_kthread+0x10/0x10 [ 12.574414] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.574433] ? calculate_sigpending+0x7b/0xa0 [ 12.574456] ? __pfx_kthread+0x10/0x10 [ 12.574477] ret_from_fork+0x116/0x1d0 [ 12.574495] ? __pfx_kthread+0x10/0x10 [ 12.574514] ret_from_fork_asm+0x1a/0x30 [ 12.574545] </TASK> [ 12.574555] [ 12.586322] Allocated by task 175: [ 12.586730] kasan_save_stack+0x45/0x70 [ 12.586945] kasan_save_track+0x18/0x40 [ 12.587341] kasan_save_alloc_info+0x3b/0x50 [ 12.587802] __kasan_krealloc+0x190/0x1f0 [ 12.587998] krealloc_noprof+0xf3/0x340 [ 12.588401] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.588692] krealloc_less_oob+0x1c/0x30 [ 12.588910] kunit_try_run_case+0x1a5/0x480 [ 12.589372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.589642] kthread+0x337/0x6f0 [ 12.589820] ret_from_fork+0x116/0x1d0 [ 12.590230] ret_from_fork_asm+0x1a/0x30 [ 12.590412] [ 12.590512] The buggy address belongs to the object at ffff888100346600 [ 12.590512] which belongs to the cache kmalloc-256 of size 256 [ 12.591515] The buggy address is located 33 bytes to the right of [ 12.591515] allocated 201-byte region [ffff888100346600, ffff8881003466c9) [ 12.592374] [ 12.592809] The buggy address belongs to the physical page: [ 12.593073] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.593712] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.594253] flags: 0x200000000000040(head|node=0|zone=2) [ 12.594520] page_type: f5(slab) [ 12.594695] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.594986] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.595825] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.596357] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.596824] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.597388] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.597918] page dumped because: kasan: bad access detected [ 12.598213] [ 12.598500] Memory state around the buggy address: [ 12.598822] ffff888100346580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.599145] ffff888100346600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.599794] >ffff888100346680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.600263] ^ [ 12.600530] ffff888100346700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.600994] ffff888100346780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.601472] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.419559] ================================================================== [ 12.419985] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.423312] Write of size 1 at addr ffff8881003464eb by task kunit_try_catch/173 [ 12.423569] [ 12.423670] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.423715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.423727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.423748] Call Trace: [ 12.423762] <TASK> [ 12.423782] dump_stack_lvl+0x73/0xb0 [ 12.423814] print_report+0xd1/0x650 [ 12.423837] ? __virt_addr_valid+0x1db/0x2d0 [ 12.423859] ? krealloc_more_oob_helper+0x821/0x930 [ 12.423882] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.423906] ? krealloc_more_oob_helper+0x821/0x930 [ 12.423929] kasan_report+0x141/0x180 [ 12.423949] ? krealloc_more_oob_helper+0x821/0x930 [ 12.423977] __asan_report_store1_noabort+0x1b/0x30 [ 12.423999] krealloc_more_oob_helper+0x821/0x930 [ 12.424020] ? __schedule+0x10cc/0x2b60 [ 12.424054] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.424077] ? finish_task_switch.isra.0+0x153/0x700 [ 12.424099] ? __switch_to+0x47/0xf50 [ 12.424127] ? __schedule+0x10cc/0x2b60 [ 12.424147] ? __pfx_read_tsc+0x10/0x10 [ 12.424170] krealloc_more_oob+0x1c/0x30 [ 12.424190] kunit_try_run_case+0x1a5/0x480 [ 12.424214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.424234] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.424257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.424278] ? __kthread_parkme+0x82/0x180 [ 12.424298] ? preempt_count_sub+0x50/0x80 [ 12.424319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.424341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.424363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.424384] kthread+0x337/0x6f0 [ 12.424402] ? trace_preempt_on+0x20/0xc0 [ 12.424424] ? __pfx_kthread+0x10/0x10 [ 12.424443] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.424463] ? calculate_sigpending+0x7b/0xa0 [ 12.424486] ? __pfx_kthread+0x10/0x10 [ 12.424764] ret_from_fork+0x116/0x1d0 [ 12.424793] ? __pfx_kthread+0x10/0x10 [ 12.424814] ret_from_fork_asm+0x1a/0x30 [ 12.424845] </TASK> [ 12.424857] [ 12.433062] Allocated by task 173: [ 12.433357] kasan_save_stack+0x45/0x70 [ 12.433522] kasan_save_track+0x18/0x40 [ 12.433719] kasan_save_alloc_info+0x3b/0x50 [ 12.433912] __kasan_krealloc+0x190/0x1f0 [ 12.434165] krealloc_noprof+0xf3/0x340 [ 12.434339] krealloc_more_oob_helper+0x1a9/0x930 [ 12.434520] krealloc_more_oob+0x1c/0x30 [ 12.434661] kunit_try_run_case+0x1a5/0x480 [ 12.434862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.435181] kthread+0x337/0x6f0 [ 12.435357] ret_from_fork+0x116/0x1d0 [ 12.435552] ret_from_fork_asm+0x1a/0x30 [ 12.435722] [ 12.435795] The buggy address belongs to the object at ffff888100346400 [ 12.435795] which belongs to the cache kmalloc-256 of size 256 [ 12.436383] The buggy address is located 0 bytes to the right of [ 12.436383] allocated 235-byte region [ffff888100346400, ffff8881003464eb) [ 12.436986] [ 12.437118] The buggy address belongs to the physical page: [ 12.437379] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.437825] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.438158] flags: 0x200000000000040(head|node=0|zone=2) [ 12.438422] page_type: f5(slab) [ 12.438587] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.438889] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.439266] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.439519] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.439837] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.440357] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.440702] page dumped because: kasan: bad access detected [ 12.440875] [ 12.440964] Memory state around the buggy address: [ 12.441274] ffff888100346380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.441605] ffff888100346400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.441923] >ffff888100346480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.442216] ^ [ 12.442463] ffff888100346500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.442724] ffff888100346580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.443003] ================================================================== [ 12.443929] ================================================================== [ 12.444391] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.444777] Write of size 1 at addr ffff8881003464f0 by task kunit_try_catch/173 [ 12.445164] [ 12.445257] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.445301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.445312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.445332] Call Trace: [ 12.445344] <TASK> [ 12.445359] dump_stack_lvl+0x73/0xb0 [ 12.445386] print_report+0xd1/0x650 [ 12.445408] ? __virt_addr_valid+0x1db/0x2d0 [ 12.445429] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.445451] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.445475] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.445519] kasan_report+0x141/0x180 [ 12.445542] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.445575] __asan_report_store1_noabort+0x1b/0x30 [ 12.445599] krealloc_more_oob_helper+0x7eb/0x930 [ 12.445620] ? __schedule+0x10cc/0x2b60 [ 12.445642] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.445664] ? finish_task_switch.isra.0+0x153/0x700 [ 12.445685] ? __switch_to+0x47/0xf50 [ 12.445711] ? __schedule+0x10cc/0x2b60 [ 12.445731] ? __pfx_read_tsc+0x10/0x10 [ 12.445754] krealloc_more_oob+0x1c/0x30 [ 12.445774] kunit_try_run_case+0x1a5/0x480 [ 12.445797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.445817] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.445839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.445861] ? __kthread_parkme+0x82/0x180 [ 12.445879] ? preempt_count_sub+0x50/0x80 [ 12.445901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.445923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.445944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.445965] kthread+0x337/0x6f0 [ 12.445983] ? trace_preempt_on+0x20/0xc0 [ 12.446005] ? __pfx_kthread+0x10/0x10 [ 12.446024] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.446106] ? calculate_sigpending+0x7b/0xa0 [ 12.446133] ? __pfx_kthread+0x10/0x10 [ 12.446153] ret_from_fork+0x116/0x1d0 [ 12.446171] ? __pfx_kthread+0x10/0x10 [ 12.446190] ret_from_fork_asm+0x1a/0x30 [ 12.446220] </TASK> [ 12.446231] [ 12.454176] Allocated by task 173: [ 12.454357] kasan_save_stack+0x45/0x70 [ 12.454582] kasan_save_track+0x18/0x40 [ 12.454777] kasan_save_alloc_info+0x3b/0x50 [ 12.454989] __kasan_krealloc+0x190/0x1f0 [ 12.455223] krealloc_noprof+0xf3/0x340 [ 12.455419] krealloc_more_oob_helper+0x1a9/0x930 [ 12.455675] krealloc_more_oob+0x1c/0x30 [ 12.455818] kunit_try_run_case+0x1a5/0x480 [ 12.455962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.456393] kthread+0x337/0x6f0 [ 12.456572] ret_from_fork+0x116/0x1d0 [ 12.456791] ret_from_fork_asm+0x1a/0x30 [ 12.456990] [ 12.457174] The buggy address belongs to the object at ffff888100346400 [ 12.457174] which belongs to the cache kmalloc-256 of size 256 [ 12.457610] The buggy address is located 5 bytes to the right of [ 12.457610] allocated 235-byte region [ffff888100346400, ffff8881003464eb) [ 12.458199] [ 12.458305] The buggy address belongs to the physical page: [ 12.460633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100346 [ 12.460934] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.461380] flags: 0x200000000000040(head|node=0|zone=2) [ 12.461632] page_type: f5(slab) [ 12.461795] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.462168] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.462515] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.462819] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.463190] head: 0200000000000001 ffffea000400d181 00000000ffffffff 00000000ffffffff [ 12.463501] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.463834] page dumped because: kasan: bad access detected [ 12.464244] [ 12.464341] Memory state around the buggy address: [ 12.464555] ffff888100346380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.464864] ffff888100346400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.465244] >ffff888100346480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.465529] ^ [ 12.465813] ffff888100346500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.466823] ffff888100346580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.467224] ================================================================== [ 12.659954] ================================================================== [ 12.660465] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.661343] Write of size 1 at addr ffff888102b6a0f0 by task kunit_try_catch/177 [ 12.661645] [ 12.661764] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.661809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.661820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.661842] Call Trace: [ 12.661860] <TASK> [ 12.661878] dump_stack_lvl+0x73/0xb0 [ 12.661907] print_report+0xd1/0x650 [ 12.661929] ? __virt_addr_valid+0x1db/0x2d0 [ 12.661951] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.661973] ? kasan_addr_to_slab+0x11/0xa0 [ 12.661993] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.662015] kasan_report+0x141/0x180 [ 12.662036] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.662074] __asan_report_store1_noabort+0x1b/0x30 [ 12.662096] krealloc_more_oob_helper+0x7eb/0x930 [ 12.662118] ? __schedule+0x10cc/0x2b60 [ 12.662140] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.662164] ? finish_task_switch.isra.0+0x153/0x700 [ 12.662185] ? __switch_to+0x47/0xf50 [ 12.662211] ? __schedule+0x10cc/0x2b60 [ 12.662232] ? __pfx_read_tsc+0x10/0x10 [ 12.662255] krealloc_large_more_oob+0x1c/0x30 [ 12.662277] kunit_try_run_case+0x1a5/0x480 [ 12.662300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.662322] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.662346] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.662368] ? __kthread_parkme+0x82/0x180 [ 12.662388] ? preempt_count_sub+0x50/0x80 [ 12.662409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.662432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.662453] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.662475] kthread+0x337/0x6f0 [ 12.662493] ? trace_preempt_on+0x20/0xc0 [ 12.662515] ? __pfx_kthread+0x10/0x10 [ 12.662534] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.662555] ? calculate_sigpending+0x7b/0xa0 [ 12.662578] ? __pfx_kthread+0x10/0x10 [ 12.662599] ret_from_fork+0x116/0x1d0 [ 12.662616] ? __pfx_kthread+0x10/0x10 [ 12.662636] ret_from_fork_asm+0x1a/0x30 [ 12.662666] </TASK> [ 12.662677] [ 12.674737] The buggy address belongs to the physical page: [ 12.675151] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b68 [ 12.675623] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.676148] flags: 0x200000000000040(head|node=0|zone=2) [ 12.676547] page_type: f8(unknown) [ 12.676823] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.677352] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.677922] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.678297] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.678978] head: 0200000000000002 ffffea00040ada01 00000000ffffffff 00000000ffffffff [ 12.679672] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.680165] page dumped because: kasan: bad access detected [ 12.680517] [ 12.680641] Memory state around the buggy address: [ 12.681015] ffff888102b69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.681456] ffff888102b6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.681896] >ffff888102b6a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.682478] ^ [ 12.682920] ffff888102b6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.683447] ffff888102b6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.683841] ================================================================== [ 12.636302] ================================================================== [ 12.636766] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.637331] Write of size 1 at addr ffff888102b6a0eb by task kunit_try_catch/177 [ 12.637926] [ 12.638066] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.638222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.638236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.638258] Call Trace: [ 12.638270] <TASK> [ 12.638288] dump_stack_lvl+0x73/0xb0 [ 12.638319] print_report+0xd1/0x650 [ 12.638340] ? __virt_addr_valid+0x1db/0x2d0 [ 12.638363] ? krealloc_more_oob_helper+0x821/0x930 [ 12.638385] ? kasan_addr_to_slab+0x11/0xa0 [ 12.638405] ? krealloc_more_oob_helper+0x821/0x930 [ 12.638427] kasan_report+0x141/0x180 [ 12.638448] ? krealloc_more_oob_helper+0x821/0x930 [ 12.638475] __asan_report_store1_noabort+0x1b/0x30 [ 12.638498] krealloc_more_oob_helper+0x821/0x930 [ 12.638519] ? __schedule+0x10cc/0x2b60 [ 12.638541] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.638675] ? finish_task_switch.isra.0+0x153/0x700 [ 12.638701] ? __switch_to+0x47/0xf50 [ 12.638728] ? __schedule+0x10cc/0x2b60 [ 12.638748] ? __pfx_read_tsc+0x10/0x10 [ 12.638772] krealloc_large_more_oob+0x1c/0x30 [ 12.638794] kunit_try_run_case+0x1a5/0x480 [ 12.638818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.638839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.638862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.638883] ? __kthread_parkme+0x82/0x180 [ 12.638903] ? preempt_count_sub+0x50/0x80 [ 12.638925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.638947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.638969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.638991] kthread+0x337/0x6f0 [ 12.639009] ? trace_preempt_on+0x20/0xc0 [ 12.639031] ? __pfx_kthread+0x10/0x10 [ 12.639078] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.639099] ? calculate_sigpending+0x7b/0xa0 [ 12.639122] ? __pfx_kthread+0x10/0x10 [ 12.639143] ret_from_fork+0x116/0x1d0 [ 12.639160] ? __pfx_kthread+0x10/0x10 [ 12.639180] ret_from_fork_asm+0x1a/0x30 [ 12.639210] </TASK> [ 12.639222] [ 12.650632] The buggy address belongs to the physical page: [ 12.651061] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b68 [ 12.651659] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.651981] flags: 0x200000000000040(head|node=0|zone=2) [ 12.652357] page_type: f8(unknown) [ 12.652808] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.653440] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.653970] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.654438] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.654851] head: 0200000000000002 ffffea00040ada01 00000000ffffffff 00000000ffffffff [ 12.655376] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.655687] page dumped because: kasan: bad access detected [ 12.656096] [ 12.656281] Memory state around the buggy address: [ 12.656489] ffff888102b69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.657098] ffff888102b6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.657659] >ffff888102b6a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.658098] ^ [ 12.658458] ffff888102b6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.658931] ffff888102b6a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.659454] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.392833] ================================================================== [ 12.394920] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.395624] Read of size 1 at addr ffff888103a00000 by task kunit_try_catch/171 [ 12.396238] [ 12.396657] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.396706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.396718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.396739] Call Trace: [ 12.396753] <TASK> [ 12.396770] dump_stack_lvl+0x73/0xb0 [ 12.396803] print_report+0xd1/0x650 [ 12.396826] ? __virt_addr_valid+0x1db/0x2d0 [ 12.396849] ? page_alloc_uaf+0x356/0x3d0 [ 12.396870] ? kasan_addr_to_slab+0x11/0xa0 [ 12.396889] ? page_alloc_uaf+0x356/0x3d0 [ 12.396910] kasan_report+0x141/0x180 [ 12.396931] ? page_alloc_uaf+0x356/0x3d0 [ 12.396957] __asan_report_load1_noabort+0x18/0x20 [ 12.396979] page_alloc_uaf+0x356/0x3d0 [ 12.397000] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.397022] ? __schedule+0x10cc/0x2b60 [ 12.397058] ? __pfx_read_tsc+0x10/0x10 [ 12.397080] ? ktime_get_ts64+0x86/0x230 [ 12.397104] kunit_try_run_case+0x1a5/0x480 [ 12.397128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.397149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.397172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.397194] ? __kthread_parkme+0x82/0x180 [ 12.397214] ? preempt_count_sub+0x50/0x80 [ 12.397237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.397260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.397282] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.397303] kthread+0x337/0x6f0 [ 12.397322] ? trace_preempt_on+0x20/0xc0 [ 12.397344] ? __pfx_kthread+0x10/0x10 [ 12.397363] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.397384] ? calculate_sigpending+0x7b/0xa0 [ 12.397407] ? __pfx_kthread+0x10/0x10 [ 12.397428] ret_from_fork+0x116/0x1d0 [ 12.397445] ? __pfx_kthread+0x10/0x10 [ 12.397465] ret_from_fork_asm+0x1a/0x30 [ 12.397496] </TASK> [ 12.397566] [ 12.409678] The buggy address belongs to the physical page: [ 12.410220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00 [ 12.410987] flags: 0x200000000000000(node=0|zone=2) [ 12.411503] page_type: f0(buddy) [ 12.411835] raw: 0200000000000000 ffff88817fffc5c8 ffff88817fffc5c8 0000000000000000 [ 12.412222] raw: 0000000000000000 0000000000000009 00000000f0000000 0000000000000000 [ 12.412584] page dumped because: kasan: bad access detected [ 12.412942] [ 12.413028] Memory state around the buggy address: [ 12.413232] ffff8881039fff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.413713] ffff8881039fff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.414026] >ffff888103a00000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.414404] ^ [ 12.414556] ffff888103a00080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.414893] ffff888103a00100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.415267] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.358386] ================================================================== [ 12.359534] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.360002] Free of addr ffff888102b68001 by task kunit_try_catch/167 [ 12.360600] [ 12.360794] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.360840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.360852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.360873] Call Trace: [ 12.360885] <TASK> [ 12.360903] dump_stack_lvl+0x73/0xb0 [ 12.360935] print_report+0xd1/0x650 [ 12.360958] ? __virt_addr_valid+0x1db/0x2d0 [ 12.360981] ? kasan_addr_to_slab+0x11/0xa0 [ 12.361000] ? kfree+0x274/0x3f0 [ 12.361021] kasan_report_invalid_free+0x10a/0x130 [ 12.361057] ? kfree+0x274/0x3f0 [ 12.361080] ? kfree+0x274/0x3f0 [ 12.361099] __kasan_kfree_large+0x86/0xd0 [ 12.361119] free_large_kmalloc+0x4b/0x110 [ 12.361141] kfree+0x274/0x3f0 [ 12.361166] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.361189] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.361211] ? __schedule+0x10cc/0x2b60 [ 12.361233] ? __pfx_read_tsc+0x10/0x10 [ 12.361253] ? ktime_get_ts64+0x86/0x230 [ 12.361277] kunit_try_run_case+0x1a5/0x480 [ 12.361301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.361322] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.361345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.361367] ? __kthread_parkme+0x82/0x180 [ 12.361387] ? preempt_count_sub+0x50/0x80 [ 12.361409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.361431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.361453] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.361475] kthread+0x337/0x6f0 [ 12.361493] ? trace_preempt_on+0x20/0xc0 [ 12.361515] ? __pfx_kthread+0x10/0x10 [ 12.361534] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.361562] ? calculate_sigpending+0x7b/0xa0 [ 12.361586] ? __pfx_kthread+0x10/0x10 [ 12.361606] ret_from_fork+0x116/0x1d0 [ 12.361623] ? __pfx_kthread+0x10/0x10 [ 12.361643] ret_from_fork_asm+0x1a/0x30 [ 12.361674] </TASK> [ 12.361686] [ 12.374028] The buggy address belongs to the physical page: [ 12.374683] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b68 [ 12.375521] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.376263] flags: 0x200000000000040(head|node=0|zone=2) [ 12.376859] page_type: f8(unknown) [ 12.377134] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.377370] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.377729] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.378534] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.379383] head: 0200000000000002 ffffea00040ada01 00000000ffffffff 00000000ffffffff [ 12.380297] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.380874] page dumped because: kasan: bad access detected [ 12.381366] [ 12.381477] Memory state around the buggy address: [ 12.381670] ffff888102b67f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.382305] ffff888102b67f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.383014] >ffff888102b68000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.383696] ^ [ 12.383822] ffff888102b68080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.384053] ffff888102b68100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.384299] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.331576] ================================================================== [ 12.333574] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.333829] Read of size 1 at addr ffff888102838000 by task kunit_try_catch/165 [ 12.334078] [ 12.334261] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.334307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.334318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.334339] Call Trace: [ 12.334352] <TASK> [ 12.334369] dump_stack_lvl+0x73/0xb0 [ 12.334399] print_report+0xd1/0x650 [ 12.334420] ? __virt_addr_valid+0x1db/0x2d0 [ 12.334443] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.334462] ? kasan_addr_to_slab+0x11/0xa0 [ 12.334481] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.334501] kasan_report+0x141/0x180 [ 12.334521] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.334546] __asan_report_load1_noabort+0x18/0x20 [ 12.334568] kmalloc_large_uaf+0x2f1/0x340 [ 12.334588] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.334608] ? __schedule+0x10cc/0x2b60 [ 12.334630] ? __pfx_read_tsc+0x10/0x10 [ 12.334650] ? ktime_get_ts64+0x86/0x230 [ 12.334724] kunit_try_run_case+0x1a5/0x480 [ 12.334750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.334772] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.334795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.334817] ? __kthread_parkme+0x82/0x180 [ 12.334837] ? preempt_count_sub+0x50/0x80 [ 12.334859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.334881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.334903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.334925] kthread+0x337/0x6f0 [ 12.334943] ? trace_preempt_on+0x20/0xc0 [ 12.334964] ? __pfx_kthread+0x10/0x10 [ 12.334984] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.335003] ? calculate_sigpending+0x7b/0xa0 [ 12.335026] ? __pfx_kthread+0x10/0x10 [ 12.335059] ret_from_fork+0x116/0x1d0 [ 12.335107] ? __pfx_kthread+0x10/0x10 [ 12.335127] ret_from_fork_asm+0x1a/0x30 [ 12.335158] </TASK> [ 12.335171] [ 12.348302] The buggy address belongs to the physical page: [ 12.348720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102838 [ 12.348972] flags: 0x200000000000000(node=0|zone=2) [ 12.349378] raw: 0200000000000000 ffff88815b139f80 ffff88815b139f80 0000000000000000 [ 12.350116] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.351054] page dumped because: kasan: bad access detected [ 12.351608] [ 12.351785] Memory state around the buggy address: [ 12.352239] ffff888102837f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.352882] ffff888102837f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.353176] >ffff888102838000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.353804] ^ [ 12.354195] ffff888102838080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.354893] ffff888102838100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.355181] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.303465] ================================================================== [ 12.304578] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.304964] Write of size 1 at addr ffff888102b6a00a by task kunit_try_catch/163 [ 12.305259] [ 12.305359] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.305406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.305417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.305439] Call Trace: [ 12.305452] <TASK> [ 12.305470] dump_stack_lvl+0x73/0xb0 [ 12.305500] print_report+0xd1/0x650 [ 12.305522] ? __virt_addr_valid+0x1db/0x2d0 [ 12.305546] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.305574] ? kasan_addr_to_slab+0x11/0xa0 [ 12.305593] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.305614] kasan_report+0x141/0x180 [ 12.305635] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.305660] __asan_report_store1_noabort+0x1b/0x30 [ 12.305683] kmalloc_large_oob_right+0x2e9/0x330 [ 12.305704] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.305725] ? __schedule+0x10cc/0x2b60 [ 12.305747] ? __pfx_read_tsc+0x10/0x10 [ 12.305768] ? ktime_get_ts64+0x86/0x230 [ 12.305793] kunit_try_run_case+0x1a5/0x480 [ 12.305818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.305838] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.305861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.305883] ? __kthread_parkme+0x82/0x180 [ 12.305903] ? preempt_count_sub+0x50/0x80 [ 12.305927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.305949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.305970] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.305992] kthread+0x337/0x6f0 [ 12.306010] ? trace_preempt_on+0x20/0xc0 [ 12.306033] ? __pfx_kthread+0x10/0x10 [ 12.306079] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.306099] ? calculate_sigpending+0x7b/0xa0 [ 12.306123] ? __pfx_kthread+0x10/0x10 [ 12.306143] ret_from_fork+0x116/0x1d0 [ 12.306161] ? __pfx_kthread+0x10/0x10 [ 12.306180] ret_from_fork_asm+0x1a/0x30 [ 12.306211] </TASK> [ 12.306223] [ 12.316660] The buggy address belongs to the physical page: [ 12.317213] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b68 [ 12.318184] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.318766] flags: 0x200000000000040(head|node=0|zone=2) [ 12.319361] page_type: f8(unknown) [ 12.319642] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.320452] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.320862] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.321223] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.321889] head: 0200000000000002 ffffea00040ada01 00000000ffffffff 00000000ffffffff [ 12.322690] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.323380] page dumped because: kasan: bad access detected [ 12.323574] [ 12.323729] Memory state around the buggy address: [ 12.324184] ffff888102b69f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.324840] ffff888102b69f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.325355] >ffff888102b6a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.325954] ^ [ 12.326231] ffff888102b6a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.326939] ffff888102b6a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.327490] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.267703] ================================================================== [ 12.269153] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.269831] Write of size 1 at addr ffff8881039d1f00 by task kunit_try_catch/161 [ 12.270462] [ 12.270644] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.270691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.270703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.270724] Call Trace: [ 12.270737] <TASK> [ 12.270755] dump_stack_lvl+0x73/0xb0 [ 12.270785] print_report+0xd1/0x650 [ 12.270807] ? __virt_addr_valid+0x1db/0x2d0 [ 12.270829] ? kmalloc_big_oob_right+0x316/0x370 [ 12.270850] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.270874] ? kmalloc_big_oob_right+0x316/0x370 [ 12.270895] kasan_report+0x141/0x180 [ 12.270916] ? kmalloc_big_oob_right+0x316/0x370 [ 12.270942] __asan_report_store1_noabort+0x1b/0x30 [ 12.270964] kmalloc_big_oob_right+0x316/0x370 [ 12.270985] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.271006] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.271029] ? trace_hardirqs_on+0x37/0xe0 [ 12.271063] ? __pfx_read_tsc+0x10/0x10 [ 12.271084] ? ktime_get_ts64+0x86/0x230 [ 12.271108] kunit_try_run_case+0x1a5/0x480 [ 12.271133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.271155] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.271180] ? __kthread_parkme+0x82/0x180 [ 12.271200] ? preempt_count_sub+0x50/0x80 [ 12.271223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.271245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.271267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.271288] kthread+0x337/0x6f0 [ 12.271306] ? trace_preempt_on+0x20/0xc0 [ 12.271326] ? __pfx_kthread+0x10/0x10 [ 12.271346] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.271365] ? calculate_sigpending+0x7b/0xa0 [ 12.271389] ? __pfx_kthread+0x10/0x10 [ 12.271409] ret_from_fork+0x116/0x1d0 [ 12.271426] ? __pfx_kthread+0x10/0x10 [ 12.271445] ret_from_fork_asm+0x1a/0x30 [ 12.271476] </TASK> [ 12.271487] [ 12.282594] Allocated by task 161: [ 12.282846] kasan_save_stack+0x45/0x70 [ 12.282993] kasan_save_track+0x18/0x40 [ 12.283140] kasan_save_alloc_info+0x3b/0x50 [ 12.283289] __kasan_kmalloc+0xb7/0xc0 [ 12.283421] __kmalloc_cache_noprof+0x189/0x420 [ 12.283641] kmalloc_big_oob_right+0xa9/0x370 [ 12.284016] kunit_try_run_case+0x1a5/0x480 [ 12.284388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.284969] kthread+0x337/0x6f0 [ 12.285300] ret_from_fork+0x116/0x1d0 [ 12.285680] ret_from_fork_asm+0x1a/0x30 [ 12.286034] [ 12.286204] The buggy address belongs to the object at ffff8881039d0000 [ 12.286204] which belongs to the cache kmalloc-8k of size 8192 [ 12.287377] The buggy address is located 0 bytes to the right of [ 12.287377] allocated 7936-byte region [ffff8881039d0000, ffff8881039d1f00) [ 12.288094] [ 12.288171] The buggy address belongs to the physical page: [ 12.288346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d0 [ 12.288619] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.289245] flags: 0x200000000000040(head|node=0|zone=2) [ 12.289832] page_type: f5(slab) [ 12.290146] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.290838] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.291488] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.292180] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.292669] head: 0200000000000003 ffffea00040e7401 00000000ffffffff 00000000ffffffff [ 12.292904] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.293140] page dumped because: kasan: bad access detected [ 12.293311] [ 12.293380] Memory state around the buggy address: [ 12.293575] ffff8881039d1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.294163] ffff8881039d1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.294872] >ffff8881039d1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.295462] ^ [ 12.295761] ffff8881039d1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.296356] ffff8881039d2000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.297052] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.193847] ================================================================== [ 12.194701] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.195174] Write of size 1 at addr ffff888102602578 by task kunit_try_catch/159 [ 12.195429] [ 12.195540] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.195588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.195600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.195622] Call Trace: [ 12.195636] <TASK> [ 12.195655] dump_stack_lvl+0x73/0xb0 [ 12.195686] print_report+0xd1/0x650 [ 12.195709] ? __virt_addr_valid+0x1db/0x2d0 [ 12.195733] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.195756] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.195780] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.195804] kasan_report+0x141/0x180 [ 12.195825] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.195854] __asan_report_store1_noabort+0x1b/0x30 [ 12.195878] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.195901] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.195927] ? __schedule+0x10cc/0x2b60 [ 12.195949] ? __pfx_read_tsc+0x10/0x10 [ 12.195970] ? ktime_get_ts64+0x86/0x230 [ 12.195996] kunit_try_run_case+0x1a5/0x480 [ 12.196021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.196052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.196075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.196097] ? __kthread_parkme+0x82/0x180 [ 12.196119] ? preempt_count_sub+0x50/0x80 [ 12.196143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.196165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.196187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.196209] kthread+0x337/0x6f0 [ 12.196227] ? trace_preempt_on+0x20/0xc0 [ 12.196250] ? __pfx_kthread+0x10/0x10 [ 12.196269] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.196289] ? calculate_sigpending+0x7b/0xa0 [ 12.196313] ? __pfx_kthread+0x10/0x10 [ 12.196333] ret_from_fork+0x116/0x1d0 [ 12.196351] ? __pfx_kthread+0x10/0x10 [ 12.196370] ret_from_fork_asm+0x1a/0x30 [ 12.196403] </TASK> [ 12.196415] [ 12.210990] Allocated by task 159: [ 12.211420] kasan_save_stack+0x45/0x70 [ 12.211876] kasan_save_track+0x18/0x40 [ 12.212330] kasan_save_alloc_info+0x3b/0x50 [ 12.212800] __kasan_kmalloc+0xb7/0xc0 [ 12.213276] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.214160] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.214364] kunit_try_run_case+0x1a5/0x480 [ 12.214510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.215323] kthread+0x337/0x6f0 [ 12.215458] ret_from_fork+0x116/0x1d0 [ 12.215600] ret_from_fork_asm+0x1a/0x30 [ 12.215741] [ 12.215816] The buggy address belongs to the object at ffff888102602500 [ 12.215816] which belongs to the cache kmalloc-128 of size 128 [ 12.216187] The buggy address is located 0 bytes to the right of [ 12.216187] allocated 120-byte region [ffff888102602500, ffff888102602578) [ 12.216555] [ 12.216631] The buggy address belongs to the physical page: [ 12.216807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 12.219544] flags: 0x200000000000000(node=0|zone=2) [ 12.221376] page_type: f5(slab) [ 12.222684] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.224301] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.225372] page dumped because: kasan: bad access detected [ 12.225939] [ 12.226312] Memory state around the buggy address: [ 12.226877] ffff888102602400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.227753] ffff888102602480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.228522] >ffff888102602500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.229181] ^ [ 12.229900] ffff888102602580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.230482] ffff888102602600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.231169] ================================================================== [ 12.231988] ================================================================== [ 12.232857] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.233189] Write of size 1 at addr ffff888102602678 by task kunit_try_catch/159 [ 12.233418] [ 12.233512] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 12.233564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.233575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.233596] Call Trace: [ 12.233609] <TASK> [ 12.233628] dump_stack_lvl+0x73/0xb0 [ 12.233656] print_report+0xd1/0x650 [ 12.233678] ? __virt_addr_valid+0x1db/0x2d0 [ 12.233701] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.233724] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.233748] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.233772] kasan_report+0x141/0x180 [ 12.233793] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.233822] __asan_report_store1_noabort+0x1b/0x30 [ 12.233844] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.233867] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.233892] ? __schedule+0x10cc/0x2b60 [ 12.233914] ? __pfx_read_tsc+0x10/0x10 [ 12.233934] ? ktime_get_ts64+0x86/0x230 [ 12.233959] kunit_try_run_case+0x1a5/0x480 [ 12.233983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.234004] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.234027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.234067] ? __kthread_parkme+0x82/0x180 [ 12.234088] ? preempt_count_sub+0x50/0x80 [ 12.234111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.234134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.234180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.234203] kthread+0x337/0x6f0 [ 12.234221] ? trace_preempt_on+0x20/0xc0 [ 12.234243] ? __pfx_kthread+0x10/0x10 [ 12.234263] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.234283] ? calculate_sigpending+0x7b/0xa0 [ 12.234306] ? __pfx_kthread+0x10/0x10 [ 12.234327] ret_from_fork+0x116/0x1d0 [ 12.234344] ? __pfx_kthread+0x10/0x10 [ 12.234363] ret_from_fork_asm+0x1a/0x30 [ 12.234395] </TASK> [ 12.234406] [ 12.248089] Allocated by task 159: [ 12.248291] kasan_save_stack+0x45/0x70 [ 12.248665] kasan_save_track+0x18/0x40 [ 12.249005] kasan_save_alloc_info+0x3b/0x50 [ 12.249494] __kasan_kmalloc+0xb7/0xc0 [ 12.249836] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.250545] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.251005] kunit_try_run_case+0x1a5/0x480 [ 12.251458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.251923] kthread+0x337/0x6f0 [ 12.252057] ret_from_fork+0x116/0x1d0 [ 12.252190] ret_from_fork_asm+0x1a/0x30 [ 12.252331] [ 12.252403] The buggy address belongs to the object at ffff888102602600 [ 12.252403] which belongs to the cache kmalloc-128 of size 128 [ 12.253405] The buggy address is located 0 bytes to the right of [ 12.253405] allocated 120-byte region [ffff888102602600, ffff888102602678) [ 12.254890] [ 12.255138] The buggy address belongs to the physical page: [ 12.255696] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102602 [ 12.256145] flags: 0x200000000000000(node=0|zone=2) [ 12.256592] page_type: f5(slab) [ 12.256896] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.257230] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.258035] page dumped because: kasan: bad access detected [ 12.258633] [ 12.258751] Memory state around the buggy address: [ 12.258910] ffff888102602500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.259405] ffff888102602580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.260019] >ffff888102602600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.260791] ^ [ 12.261522] ffff888102602680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.261782] ffff888102602700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.261995] ==================================================================
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 143.867908] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 143.868015] WARNING: CPU: 0 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 143.869722] Modules linked in: [ 143.870218] CPU: 0 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 143.870867] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.871331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.871923] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 143.872268] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 6d 1d 80 00 48 c7 c1 20 7f fe 90 4c 89 f2 48 c7 c7 e0 7b fe 90 48 89 c6 e8 34 ce 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 143.873576] RSP: 0000:ffff888109337d18 EFLAGS: 00010286 [ 143.874005] RAX: 0000000000000000 RBX: ffff888107e1a000 RCX: 1ffffffff23a4c80 [ 143.874610] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 143.874981] RBP: ffff888109337d48 R08: 0000000000000000 R09: fffffbfff23a4c80 [ 143.875440] R10: 0000000000000003 R11: 0000000000039340 R12: ffff8881090c9000 [ 143.875959] R13: ffff888107e1a0f8 R14: ffff888105673d80 R15: ffff88810039fb40 [ 143.876407] FS: 0000000000000000(0000) GS:ffff8881c8072000(0000) knlGS:0000000000000000 [ 143.876860] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.877165] CR2: 00007ffff7ffe000 CR3: 00000001210bc000 CR4: 00000000000006f0 [ 143.877442] DR0: ffffffff93052440 DR1: ffffffff93052441 DR2: ffffffff93052442 [ 143.877973] DR3: ffffffff93052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.878558] Call Trace: [ 143.878759] <TASK> [ 143.879021] ? trace_preempt_on+0x20/0xc0 [ 143.879545] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 143.879975] drm_gem_shmem_free_wrapper+0x12/0x20 [ 143.880385] __kunit_action_free+0x57/0x70 [ 143.880729] kunit_remove_resource+0x133/0x200 [ 143.881065] ? preempt_count_sub+0x50/0x80 [ 143.881451] kunit_cleanup+0x7a/0x120 [ 143.881599] kunit_try_run_case_cleanup+0xbd/0xf0 [ 143.881770] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 143.881944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.882132] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.882319] kthread+0x337/0x6f0 [ 143.882444] ? trace_preempt_on+0x20/0xc0 [ 143.882797] ? __pfx_kthread+0x10/0x10 [ 143.883844] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.884026] ? calculate_sigpending+0x7b/0xa0 [ 143.884201] ? __pfx_kthread+0x10/0x10 [ 143.884343] ret_from_fork+0x116/0x1d0 [ 143.884481] ? __pfx_kthread+0x10/0x10 [ 143.884625] ret_from_fork_asm+0x1a/0x30 [ 143.884778] </TASK> [ 143.884870] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 143.733807] WARNING: CPU: 0 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 143.735712] Modules linked in: [ 143.736174] CPU: 0 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 143.737208] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.737843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.738732] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 143.738925] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 143.740340] RSP: 0000:ffff8881091d7b30 EFLAGS: 00010246 [ 143.740905] RAX: dffffc0000000000 RBX: ffff8881091d7c28 RCX: 0000000000000000 [ 143.741407] RDX: 1ffff1102123af8e RSI: ffff8881091d7c28 RDI: ffff8881091d7c70 [ 143.741791] RBP: ffff8881091d7b70 R08: ffff888108feb000 R09: ffffffff90fd8260 [ 143.742001] R10: 0000000000000003 R11: 00000000f360c40e R12: ffff888108feb000 [ 143.742626] R13: ffff88810039fae8 R14: ffff8881091d7ba8 R15: 0000000000000000 [ 143.743457] FS: 0000000000000000(0000) GS:ffff8881c8072000(0000) knlGS:0000000000000000 [ 143.744306] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.744917] CR2: 00007ffff7ffe000 CR3: 00000001210bc000 CR4: 00000000000006f0 [ 143.745402] DR0: ffffffff93052440 DR1: ffffffff93052441 DR2: ffffffff93052442 [ 143.745982] DR3: ffffffff93052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.746446] Call Trace: [ 143.746753] <TASK> [ 143.746961] ? add_dr+0xc1/0x1d0 [ 143.747387] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 143.747803] ? add_dr+0x148/0x1d0 [ 143.747936] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 143.748231] ? __drmm_add_action+0x1a4/0x280 [ 143.748775] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.749379] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.749667] ? __drmm_add_action_or_reset+0x22/0x50 [ 143.750215] ? __schedule+0x10cc/0x2b60 [ 143.750651] ? __pfx_read_tsc+0x10/0x10 [ 143.750796] ? ktime_get_ts64+0x86/0x230 [ 143.750939] kunit_try_run_case+0x1a5/0x480 [ 143.751184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.751720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.752274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.752942] ? __kthread_parkme+0x82/0x180 [ 143.753502] ? preempt_count_sub+0x50/0x80 [ 143.754145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.754481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.754907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.755557] kthread+0x337/0x6f0 [ 143.755811] ? trace_preempt_on+0x20/0xc0 [ 143.756279] ? __pfx_kthread+0x10/0x10 [ 143.756451] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.756889] ? calculate_sigpending+0x7b/0xa0 [ 143.757389] ? __pfx_kthread+0x10/0x10 [ 143.757680] ret_from_fork+0x116/0x1d0 [ 143.757818] ? __pfx_kthread+0x10/0x10 [ 143.757954] ret_from_fork_asm+0x1a/0x30 [ 143.758169] </TASK> [ 143.758420] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 143.698967] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 143.699127] WARNING: CPU: 1 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 143.701804] Modules linked in: [ 143.702435] CPU: 1 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 143.702787] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.702971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.703256] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 143.703843] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 3b 3a 87 00 48 c7 c1 40 31 fd 90 4c 89 fa 48 c7 c7 a0 31 fd 90 48 89 c6 e8 02 eb 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 143.705020] RSP: 0000:ffff8881090cfb68 EFLAGS: 00010282 [ 143.705636] RAX: 0000000000000000 RBX: ffff8881090cfc40 RCX: 1ffffffff23a4c80 [ 143.706470] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 143.706924] RBP: ffff8881090cfb90 R08: 0000000000000000 R09: fffffbfff23a4c80 [ 143.707368] R10: 0000000000000003 R11: 00000000000379e0 R12: ffff8881090cfc18 [ 143.708161] R13: ffff88810900e000 R14: ffff888109079000 R15: ffff888105638100 [ 143.708571] FS: 0000000000000000(0000) GS:ffff8881c8172000(0000) knlGS:0000000000000000 [ 143.709236] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.709644] CR2: 00007ffff7ffe000 CR3: 00000001210bc000 CR4: 00000000000006f0 [ 143.710363] DR0: ffffffff93052440 DR1: ffffffff93052441 DR2: ffffffff93052443 [ 143.710817] DR3: ffffffff93052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.711034] Call Trace: [ 143.711387] <TASK> [ 143.711671] drm_test_framebuffer_free+0x1ab/0x610 [ 143.712229] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 143.712760] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.713018] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.713771] ? __drmm_add_action_or_reset+0x22/0x50 [ 143.714134] ? __schedule+0x10cc/0x2b60 [ 143.714290] ? __pfx_read_tsc+0x10/0x10 [ 143.714434] ? ktime_get_ts64+0x86/0x230 [ 143.714583] kunit_try_run_case+0x1a5/0x480 [ 143.714740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.714899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.715062] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.715245] ? __kthread_parkme+0x82/0x180 [ 143.715394] ? preempt_count_sub+0x50/0x80 [ 143.715610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.715844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.716200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.716458] kthread+0x337/0x6f0 [ 143.716614] ? trace_preempt_on+0x20/0xc0 [ 143.716766] ? __pfx_kthread+0x10/0x10 [ 143.716918] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.717210] ? calculate_sigpending+0x7b/0xa0 [ 143.717438] ? __pfx_kthread+0x10/0x10 [ 143.717697] ret_from_fork+0x116/0x1d0 [ 143.717897] ? __pfx_kthread+0x10/0x10 [ 143.718129] ret_from_fork_asm+0x1a/0x30 [ 143.718285] </TASK> [ 143.718413] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 142.443891] WARNING: CPU: 0 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 142.444535] Modules linked in: [ 142.444752] CPU: 0 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 142.445464] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.445936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.446505] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 142.446885] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 24 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 142.447947] RSP: 0000:ffff88810368fc90 EFLAGS: 00010246 [ 142.448387] RAX: dffffc0000000000 RBX: ffff888103528000 RCX: 0000000000000000 [ 142.448704] RDX: 1ffff110206a5032 RSI: ffffffff8e204a18 RDI: ffff888103528190 [ 142.448997] RBP: ffff88810368fca0 R08: 1ffff11020073f69 R09: ffffed10206d1f65 [ 142.449565] R10: 0000000000000003 R11: ffffffff8cc049da R12: 0000000000000000 [ 142.449987] R13: ffff88810368fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 142.450471] FS: 0000000000000000(0000) GS:ffff8881c8072000(0000) knlGS:0000000000000000 [ 142.450932] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.451490] CR2: 00007ffff7ffe000 CR3: 00000001210bc000 CR4: 00000000000006f0 [ 142.452013] DR0: ffffffff93052440 DR1: ffffffff93052441 DR2: ffffffff93052442 [ 142.452409] DR3: ffffffff93052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.452842] Call Trace: [ 142.452969] <TASK> [ 142.453328] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 142.453783] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 142.454264] ? __schedule+0x10cc/0x2b60 [ 142.454466] ? __pfx_read_tsc+0x10/0x10 [ 142.454654] ? ktime_get_ts64+0x86/0x230 [ 142.454842] kunit_try_run_case+0x1a5/0x480 [ 142.455035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.455454] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.455633] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.455879] ? __kthread_parkme+0x82/0x180 [ 142.456251] ? preempt_count_sub+0x50/0x80 [ 142.456519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.456770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.457009] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.457361] kthread+0x337/0x6f0 [ 142.457505] ? trace_preempt_on+0x20/0xc0 [ 142.457665] ? __pfx_kthread+0x10/0x10 [ 142.457868] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.458101] ? calculate_sigpending+0x7b/0xa0 [ 142.458386] ? __pfx_kthread+0x10/0x10 [ 142.458606] ret_from_fork+0x116/0x1d0 [ 142.458751] ? __pfx_kthread+0x10/0x10 [ 142.458905] ret_from_fork_asm+0x1a/0x30 [ 142.459285] </TASK> [ 142.459436] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 142.362769] WARNING: CPU: 0 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 142.363212] Modules linked in: [ 142.363377] CPU: 0 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 142.364860] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.365506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.366303] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 142.366529] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 42 24 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 142.367360] RSP: 0000:ffff8881035afc90 EFLAGS: 00010246 [ 142.367887] RAX: dffffc0000000000 RBX: ffff888103462000 RCX: 0000000000000000 [ 142.368122] RDX: 1ffff1102068c432 RSI: ffffffff8e204a18 RDI: ffff888103462190 [ 142.368331] RBP: ffff8881035afca0 R08: 1ffff11020073f69 R09: ffffed10206b5f65 [ 142.368534] R10: 0000000000000003 R11: ffffffff8d784c28 R12: 0000000000000000 [ 142.368739] R13: ffff8881035afd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 142.368945] FS: 0000000000000000(0000) GS:ffff8881c8072000(0000) knlGS:0000000000000000 [ 142.370675] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.371600] CR2: 00007ffff7ffe000 CR3: 00000001210bc000 CR4: 00000000000006f0 [ 142.373006] DR0: ffffffff93052440 DR1: ffffffff93052441 DR2: ffffffff93052442 [ 142.374145] DR3: ffffffff93052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.375408] Call Trace: [ 142.375564] <TASK> [ 142.375697] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 142.376006] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 142.377196] ? __schedule+0x10cc/0x2b60 [ 142.377376] ? __pfx_read_tsc+0x10/0x10 [ 142.377530] ? ktime_get_ts64+0x86/0x230 [ 142.377700] kunit_try_run_case+0x1a5/0x480 [ 142.377859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.378021] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.378361] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.378550] ? __kthread_parkme+0x82/0x180 [ 142.378766] ? preempt_count_sub+0x50/0x80 [ 142.378967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.379340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.379890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.380566] kthread+0x337/0x6f0 [ 142.380985] ? trace_preempt_on+0x20/0xc0 [ 142.381676] ? __pfx_kthread+0x10/0x10 [ 142.381824] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.381977] ? calculate_sigpending+0x7b/0xa0 [ 142.382169] ? __pfx_kthread+0x10/0x10 [ 142.382387] ret_from_fork+0x116/0x1d0 [ 142.382592] ? __pfx_kthread+0x10/0x10 [ 142.382746] ret_from_fork_asm+0x1a/0x30 [ 142.382963] </TASK> [ 142.383145] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 112.213892] WARNING: CPU: 1 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 112.214659] Modules linked in: [ 112.214875] CPU: 1 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 112.215454] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 112.215791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 112.216192] RIP: 0010:intlog10+0x2a/0x40 [ 112.216384] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 112.217216] RSP: 0000:ffff88810b177cb0 EFLAGS: 00010246 [ 112.217486] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102162efb4 [ 112.217779] RDX: 1ffffffff21d2cc4 RSI: 1ffff1102162efb3 RDI: 0000000000000000 [ 112.218040] RBP: ffff88810b177d60 R08: 0000000000000000 R09: ffffed1020f0b480 [ 112.218429] R10: ffff88810785a407 R11: 0000000000000000 R12: 1ffff1102162ef97 [ 112.218919] R13: ffffffff90e96620 R14: 0000000000000000 R15: ffff88810b177d38 [ 112.219357] FS: 0000000000000000(0000) GS:ffff8881c8172000(0000) knlGS:0000000000000000 [ 112.219690] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.219936] CR2: dffffc0000000000 CR3: 00000001210bc000 CR4: 00000000000006f0 [ 112.220227] DR0: ffffffff93052440 DR1: ffffffff93052441 DR2: ffffffff93052443 [ 112.220640] DR3: ffffffff93052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 112.220930] Call Trace: [ 112.221035] <TASK> [ 112.221167] ? intlog10_test+0xf2/0x220 [ 112.221509] ? __pfx_intlog10_test+0x10/0x10 [ 112.221784] ? __schedule+0x10cc/0x2b60 [ 112.221930] ? __pfx_read_tsc+0x10/0x10 [ 112.222343] ? ktime_get_ts64+0x86/0x230 [ 112.222561] kunit_try_run_case+0x1a5/0x480 [ 112.222768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 112.222958] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 112.223247] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 112.223451] ? __kthread_parkme+0x82/0x180 [ 112.223734] ? preempt_count_sub+0x50/0x80 [ 112.223905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 112.224170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 112.224380] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 112.224650] kthread+0x337/0x6f0 [ 112.224801] ? trace_preempt_on+0x20/0xc0 [ 112.224984] ? __pfx_kthread+0x10/0x10 [ 112.225132] ? _raw_spin_unlock_irq+0x47/0x80 [ 112.225339] ? calculate_sigpending+0x7b/0xa0 [ 112.225564] ? __pfx_kthread+0x10/0x10 [ 112.225918] ret_from_fork+0x116/0x1d0 [ 112.226347] ? __pfx_kthread+0x10/0x10 [ 112.226524] ret_from_fork_asm+0x1a/0x30 [ 112.226747] </TASK> [ 112.226845] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 112.160692] WARNING: CPU: 0 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 112.160972] Modules linked in: [ 112.161167] CPU: 0 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 112.161833] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 112.162049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 112.162601] RIP: 0010:intlog2+0xdf/0x110 [ 112.162800] Code: e9 90 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 52 a8 86 02 90 <0f> 0b 90 31 c0 e9 47 a8 86 02 89 45 e4 e8 bf e8 55 ff 8b 45 e4 eb [ 112.163639] RSP: 0000:ffff88810ad77cb0 EFLAGS: 00010246 [ 112.163872] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110215aefb4 [ 112.164102] RDX: 1ffffffff21d2d18 RSI: 1ffff110215aefb3 RDI: 0000000000000000 [ 112.164505] RBP: ffff88810ad77d60 R08: 0000000000000000 R09: ffffed1020dcc360 [ 112.164834] R10: ffff888106e61b07 R11: 0000000000000000 R12: 1ffff110215aef97 [ 112.165138] R13: ffffffff90e968c0 R14: 0000000000000000 R15: ffff88810ad77d38 [ 112.165562] FS: 0000000000000000(0000) GS:ffff8881c8072000(0000) knlGS:0000000000000000 [ 112.165924] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.166265] CR2: ffff88815a90e000 CR3: 00000001210bc000 CR4: 00000000000006f0 [ 112.166583] DR0: ffffffff93052440 DR1: ffffffff93052441 DR2: ffffffff93052442 [ 112.166861] DR3: ffffffff93052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 112.167396] Call Trace: [ 112.167511] <TASK> [ 112.167665] ? intlog2_test+0xf2/0x220 [ 112.167860] ? __pfx_intlog2_test+0x10/0x10 [ 112.168011] ? __schedule+0x10cc/0x2b60 [ 112.168173] ? __pfx_read_tsc+0x10/0x10 [ 112.168497] ? ktime_get_ts64+0x86/0x230 [ 112.168925] kunit_try_run_case+0x1a5/0x480 [ 112.169373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 112.169600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 112.169871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 112.170085] ? __kthread_parkme+0x82/0x180 [ 112.170345] ? preempt_count_sub+0x50/0x80 [ 112.170685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 112.170870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 112.171265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 112.171556] kthread+0x337/0x6f0 [ 112.171690] ? trace_preempt_on+0x20/0xc0 [ 112.171898] ? __pfx_kthread+0x10/0x10 [ 112.172148] ? _raw_spin_unlock_irq+0x47/0x80 [ 112.172357] ? calculate_sigpending+0x7b/0xa0 [ 112.172516] ? __pfx_kthread+0x10/0x10 [ 112.172665] ret_from_fork+0x116/0x1d0 [ 112.172857] ? __pfx_kthread+0x10/0x10 [ 112.173374] ret_from_fork_asm+0x1a/0x30 [ 112.173672] </TASK> [ 112.173805] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 111.588332] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI