Date
July 16, 2025, 3:10 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.532681] ================================================================== [ 14.533728] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.534159] Read of size 1 at addr ffff888103a5c550 by task kunit_try_catch/276 [ 14.534446] [ 14.534561] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.534608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.534620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.534641] Call Trace: [ 14.534652] <TASK> [ 14.534667] dump_stack_lvl+0x73/0xb0 [ 14.534698] print_report+0xd1/0x610 [ 14.534724] ? __virt_addr_valid+0x1db/0x2d0 [ 14.534749] ? strcmp+0xb0/0xc0 [ 14.534780] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.534806] ? strcmp+0xb0/0xc0 [ 14.534824] kasan_report+0x141/0x180 [ 14.534847] ? strcmp+0xb0/0xc0 [ 14.534870] __asan_report_load1_noabort+0x18/0x20 [ 14.534896] strcmp+0xb0/0xc0 [ 14.534916] kasan_strings+0x431/0xe80 [ 14.534936] ? trace_hardirqs_on+0x37/0xe0 [ 14.534962] ? __pfx_kasan_strings+0x10/0x10 [ 14.534984] ? finish_task_switch.isra.0+0x153/0x700 [ 14.535010] ? __switch_to+0x47/0xf50 [ 14.535036] ? __schedule+0x10cc/0x2b60 [ 14.535117] ? __pfx_read_tsc+0x10/0x10 [ 14.535141] ? ktime_get_ts64+0x86/0x230 [ 14.535166] kunit_try_run_case+0x1a5/0x480 [ 14.535201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.535226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.535252] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.535279] ? __kthread_parkme+0x82/0x180 [ 14.535300] ? preempt_count_sub+0x50/0x80 [ 14.535325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.535354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.535380] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.535408] kthread+0x337/0x6f0 [ 14.535427] ? trace_preempt_on+0x20/0xc0 [ 14.535460] ? __pfx_kthread+0x10/0x10 [ 14.535481] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.535505] ? calculate_sigpending+0x7b/0xa0 [ 14.535531] ? __pfx_kthread+0x10/0x10 [ 14.535553] ret_from_fork+0x116/0x1d0 [ 14.535573] ? __pfx_kthread+0x10/0x10 [ 14.535595] ret_from_fork_asm+0x1a/0x30 [ 14.535626] </TASK> [ 14.535637] [ 14.543601] Allocated by task 276: [ 14.543800] kasan_save_stack+0x45/0x70 [ 14.544009] kasan_save_track+0x18/0x40 [ 14.544211] kasan_save_alloc_info+0x3b/0x50 [ 14.544608] __kasan_kmalloc+0xb7/0xc0 [ 14.544828] __kmalloc_cache_noprof+0x189/0x420 [ 14.545150] kasan_strings+0xc0/0xe80 [ 14.545325] kunit_try_run_case+0x1a5/0x480 [ 14.545474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.545730] kthread+0x337/0x6f0 [ 14.545923] ret_from_fork+0x116/0x1d0 [ 14.546165] ret_from_fork_asm+0x1a/0x30 [ 14.546315] [ 14.546387] Freed by task 276: [ 14.546500] kasan_save_stack+0x45/0x70 [ 14.546638] kasan_save_track+0x18/0x40 [ 14.546845] kasan_save_free_info+0x3f/0x60 [ 14.547054] __kasan_slab_free+0x56/0x70 [ 14.547260] kfree+0x222/0x3f0 [ 14.547591] kasan_strings+0x2aa/0xe80 [ 14.547797] kunit_try_run_case+0x1a5/0x480 [ 14.547958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.548370] kthread+0x337/0x6f0 [ 14.548527] ret_from_fork+0x116/0x1d0 [ 14.548665] ret_from_fork_asm+0x1a/0x30 [ 14.548840] [ 14.548937] The buggy address belongs to the object at ffff888103a5c540 [ 14.548937] which belongs to the cache kmalloc-32 of size 32 [ 14.549729] The buggy address is located 16 bytes inside of [ 14.549729] freed 32-byte region [ffff888103a5c540, ffff888103a5c560) [ 14.550247] [ 14.550355] The buggy address belongs to the physical page: [ 14.550597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a5c [ 14.550945] flags: 0x200000000000000(node=0|zone=2) [ 14.551250] page_type: f5(slab) [ 14.551426] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.551672] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.551916] page dumped because: kasan: bad access detected [ 14.552154] [ 14.552250] Memory state around the buggy address: [ 14.552483] ffff888103a5c400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.552817] ffff888103a5c480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.553405] >ffff888103a5c500: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.553629] ^ [ 14.553917] ffff888103a5c580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.554373] ffff888103a5c600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.554668] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.506836] ================================================================== [ 14.507550] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.507826] Read of size 1 at addr ffff888103a5c418 by task kunit_try_catch/274 [ 14.508325] [ 14.508428] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.508476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.508488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.508510] Call Trace: [ 14.508522] <TASK> [ 14.508538] dump_stack_lvl+0x73/0xb0 [ 14.508583] print_report+0xd1/0x610 [ 14.508611] ? __virt_addr_valid+0x1db/0x2d0 [ 14.508638] ? memcmp+0x1b4/0x1d0 [ 14.508657] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.508682] ? memcmp+0x1b4/0x1d0 [ 14.508701] kasan_report+0x141/0x180 [ 14.508725] ? memcmp+0x1b4/0x1d0 [ 14.508748] __asan_report_load1_noabort+0x18/0x20 [ 14.508787] memcmp+0x1b4/0x1d0 [ 14.508807] kasan_memcmp+0x18f/0x390 [ 14.508828] ? trace_hardirqs_on+0x37/0xe0 [ 14.508855] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.508877] ? finish_task_switch.isra.0+0x153/0x700 [ 14.508903] ? __switch_to+0x47/0xf50 [ 14.508933] ? __pfx_read_tsc+0x10/0x10 [ 14.508956] ? ktime_get_ts64+0x86/0x230 [ 14.508982] kunit_try_run_case+0x1a5/0x480 [ 14.509013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.509038] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.509134] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.509161] ? __kthread_parkme+0x82/0x180 [ 14.509184] ? preempt_count_sub+0x50/0x80 [ 14.509208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.509235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.509261] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.509287] kthread+0x337/0x6f0 [ 14.509308] ? trace_preempt_on+0x20/0xc0 [ 14.509331] ? __pfx_kthread+0x10/0x10 [ 14.509353] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.509375] ? calculate_sigpending+0x7b/0xa0 [ 14.509401] ? __pfx_kthread+0x10/0x10 [ 14.509424] ret_from_fork+0x116/0x1d0 [ 14.509451] ? __pfx_kthread+0x10/0x10 [ 14.509473] ret_from_fork_asm+0x1a/0x30 [ 14.509505] </TASK> [ 14.509516] [ 14.517179] Allocated by task 274: [ 14.517352] kasan_save_stack+0x45/0x70 [ 14.517516] kasan_save_track+0x18/0x40 [ 14.517655] kasan_save_alloc_info+0x3b/0x50 [ 14.517820] __kasan_kmalloc+0xb7/0xc0 [ 14.518016] __kmalloc_cache_noprof+0x189/0x420 [ 14.518238] kasan_memcmp+0xb7/0x390 [ 14.518420] kunit_try_run_case+0x1a5/0x480 [ 14.518646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.518832] kthread+0x337/0x6f0 [ 14.518954] ret_from_fork+0x116/0x1d0 [ 14.519340] ret_from_fork_asm+0x1a/0x30 [ 14.519680] [ 14.519792] The buggy address belongs to the object at ffff888103a5c400 [ 14.519792] which belongs to the cache kmalloc-32 of size 32 [ 14.520537] The buggy address is located 0 bytes to the right of [ 14.520537] allocated 24-byte region [ffff888103a5c400, ffff888103a5c418) [ 14.521019] [ 14.521094] The buggy address belongs to the physical page: [ 14.521437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a5c [ 14.521770] flags: 0x200000000000000(node=0|zone=2) [ 14.522127] page_type: f5(slab) [ 14.522284] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.522620] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.522894] page dumped because: kasan: bad access detected [ 14.523298] [ 14.523519] Memory state around the buggy address: [ 14.523683] ffff888103a5c300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.523916] ffff888103a5c380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.524133] >ffff888103a5c400: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.525017] ^ [ 14.525235] ffff888103a5c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.525644] ffff888103a5c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.525874] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.477156] ================================================================== [ 14.478581] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.479099] Read of size 1 at addr ffff8881039afc4a by task kunit_try_catch/270 [ 14.479780] [ 14.479978] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.480079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.480090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.480123] Call Trace: [ 14.480137] <TASK> [ 14.480153] dump_stack_lvl+0x73/0xb0 [ 14.480197] print_report+0xd1/0x610 [ 14.480221] ? __virt_addr_valid+0x1db/0x2d0 [ 14.480245] ? kasan_alloca_oob_right+0x329/0x390 [ 14.480269] ? kasan_addr_to_slab+0x11/0xa0 [ 14.480291] ? kasan_alloca_oob_right+0x329/0x390 [ 14.480316] kasan_report+0x141/0x180 [ 14.480338] ? kasan_alloca_oob_right+0x329/0x390 [ 14.480367] __asan_report_load1_noabort+0x18/0x20 [ 14.480394] kasan_alloca_oob_right+0x329/0x390 [ 14.480417] ? __kasan_check_write+0x18/0x20 [ 14.480448] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.480472] ? finish_task_switch.isra.0+0x153/0x700 [ 14.480497] ? __schedule+0x200e/0x2b60 [ 14.480519] ? trace_hardirqs_on+0x37/0xe0 [ 14.480547] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.480576] ? __schedule+0x10cc/0x2b60 [ 14.480599] ? __pfx_read_tsc+0x10/0x10 [ 14.480621] ? ktime_get_ts64+0x86/0x230 [ 14.480646] kunit_try_run_case+0x1a5/0x480 [ 14.480672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.480696] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.480721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.480746] ? __kthread_parkme+0x82/0x180 [ 14.480778] ? preempt_count_sub+0x50/0x80 [ 14.480802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.480828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.480854] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.480881] kthread+0x337/0x6f0 [ 14.480901] ? trace_preempt_on+0x20/0xc0 [ 14.480923] ? __pfx_kthread+0x10/0x10 [ 14.480945] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.480968] ? calculate_sigpending+0x7b/0xa0 [ 14.481010] ? __pfx_kthread+0x10/0x10 [ 14.481033] ret_from_fork+0x116/0x1d0 [ 14.481052] ? __pfx_kthread+0x10/0x10 [ 14.481075] ret_from_fork_asm+0x1a/0x30 [ 14.481106] </TASK> [ 14.481117] [ 14.495231] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.495653] [ 14.495730] The buggy address belongs to the physical page: [ 14.495921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039af [ 14.496215] flags: 0x200000000000000(node=0|zone=2) [ 14.496599] raw: 0200000000000000 ffffea00040e6bc8 ffffea00040e6bc8 0000000000000000 [ 14.496906] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.497351] page dumped because: kasan: bad access detected [ 14.497649] [ 14.497722] Memory state around the buggy address: [ 14.497970] ffff8881039afb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.498387] ffff8881039afb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.498699] >ffff8881039afc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.499001] ^ [ 14.499299] ffff8881039afc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.499793] ffff8881039afd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.500184] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.449617] ================================================================== [ 14.450904] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.451692] Read of size 1 at addr ffff88810398fc3f by task kunit_try_catch/268 [ 14.452330] [ 14.452543] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.452598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.452610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.452630] Call Trace: [ 14.452643] <TASK> [ 14.452660] dump_stack_lvl+0x73/0xb0 [ 14.452692] print_report+0xd1/0x610 [ 14.452716] ? __virt_addr_valid+0x1db/0x2d0 [ 14.452740] ? kasan_alloca_oob_left+0x320/0x380 [ 14.452775] ? kasan_addr_to_slab+0x11/0xa0 [ 14.452796] ? kasan_alloca_oob_left+0x320/0x380 [ 14.452820] kasan_report+0x141/0x180 [ 14.452842] ? kasan_alloca_oob_left+0x320/0x380 [ 14.452871] __asan_report_load1_noabort+0x18/0x20 [ 14.452897] kasan_alloca_oob_left+0x320/0x380 [ 14.452920] ? __kasan_check_write+0x18/0x20 [ 14.452940] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.452964] ? finish_task_switch.isra.0+0x153/0x700 [ 14.452989] ? __schedule+0x200e/0x2b60 [ 14.453011] ? trace_hardirqs_on+0x37/0xe0 [ 14.453038] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.453062] ? __kasan_check_write+0x18/0x20 [ 14.453083] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.453110] ? trace_hardirqs_on+0x37/0xe0 [ 14.453134] ? __pfx_read_tsc+0x10/0x10 [ 14.453156] ? ktime_get_ts64+0x86/0x230 [ 14.453180] kunit_try_run_case+0x1a5/0x480 [ 14.453207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.453234] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.453258] ? __kthread_parkme+0x82/0x180 [ 14.453279] ? preempt_count_sub+0x50/0x80 [ 14.453303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.453328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.453354] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.453380] kthread+0x337/0x6f0 [ 14.453401] ? trace_preempt_on+0x20/0xc0 [ 14.453424] ? __pfx_kthread+0x10/0x10 [ 14.453454] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.453477] ? calculate_sigpending+0x7b/0xa0 [ 14.453503] ? __pfx_kthread+0x10/0x10 [ 14.453524] ret_from_fork+0x116/0x1d0 [ 14.453544] ? __pfx_kthread+0x10/0x10 [ 14.453565] ret_from_fork_asm+0x1a/0x30 [ 14.453597] </TASK> [ 14.453609] [ 14.466245] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.466701] [ 14.466786] The buggy address belongs to the physical page: [ 14.466964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10398f [ 14.467214] flags: 0x200000000000000(node=0|zone=2) [ 14.467389] raw: 0200000000000000 ffffea00040e63c8 ffffea00040e63c8 0000000000000000 [ 14.468038] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.468748] page dumped because: kasan: bad access detected [ 14.469321] [ 14.469515] Memory state around the buggy address: [ 14.469964] ffff88810398fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.470614] ffff88810398fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.471233] >ffff88810398fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.471938] ^ [ 14.472105] ffff88810398fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.472322] ffff88810398fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.472786] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.419343] ================================================================== [ 14.420701] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.420963] Read of size 1 at addr ffff8881039afd02 by task kunit_try_catch/266 [ 14.421200] [ 14.421290] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.421339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.421351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.421375] Call Trace: [ 14.421389] <TASK> [ 14.421405] dump_stack_lvl+0x73/0xb0 [ 14.421436] print_report+0xd1/0x610 [ 14.421460] ? __virt_addr_valid+0x1db/0x2d0 [ 14.421484] ? kasan_stack_oob+0x2b5/0x300 [ 14.421505] ? kasan_addr_to_slab+0x11/0xa0 [ 14.421526] ? kasan_stack_oob+0x2b5/0x300 [ 14.421547] kasan_report+0x141/0x180 [ 14.421569] ? kasan_stack_oob+0x2b5/0x300 [ 14.421594] __asan_report_load1_noabort+0x18/0x20 [ 14.421620] kasan_stack_oob+0x2b5/0x300 [ 14.421640] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.421660] ? finish_task_switch.isra.0+0x153/0x700 [ 14.421687] ? __switch_to+0x47/0xf50 [ 14.421715] ? __schedule+0x10cc/0x2b60 [ 14.421738] ? __pfx_read_tsc+0x10/0x10 [ 14.421811] ? ktime_get_ts64+0x86/0x230 [ 14.421839] kunit_try_run_case+0x1a5/0x480 [ 14.421865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.421901] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.421931] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.421986] ? __kthread_parkme+0x82/0x180 [ 14.422009] ? preempt_count_sub+0x50/0x80 [ 14.422033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.422059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.422085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.422111] kthread+0x337/0x6f0 [ 14.422132] ? trace_preempt_on+0x20/0xc0 [ 14.422158] ? __pfx_kthread+0x10/0x10 [ 14.422179] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.422201] ? calculate_sigpending+0x7b/0xa0 [ 14.422227] ? __pfx_kthread+0x10/0x10 [ 14.422248] ret_from_fork+0x116/0x1d0 [ 14.422267] ? __pfx_kthread+0x10/0x10 [ 14.422298] ret_from_fork_asm+0x1a/0x30 [ 14.422330] </TASK> [ 14.422340] [ 14.434406] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.434856] and is located at offset 138 in frame: [ 14.435033] kasan_stack_oob+0x0/0x300 [ 14.435294] [ 14.435379] This frame has 4 objects: [ 14.435588] [48, 49) '__assertion' [ 14.435610] [64, 72) 'array' [ 14.435737] [96, 112) '__assertion' [ 14.435874] [128, 138) 'stack_array' [ 14.436013] [ 14.436202] The buggy address belongs to the physical page: [ 14.436378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039af [ 14.436622] flags: 0x200000000000000(node=0|zone=2) [ 14.436861] raw: 0200000000000000 ffffea00040e6bc8 ffffea00040e6bc8 0000000000000000 [ 14.437513] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.438380] page dumped because: kasan: bad access detected [ 14.439087] [ 14.439280] Memory state around the buggy address: [ 14.439750] ffff8881039afc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.440624] ffff8881039afc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.441445] >ffff8881039afd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.442258] ^ [ 14.442658] ffff8881039afd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.443377] ffff8881039afe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.444118] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.389240] ================================================================== [ 14.389862] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.390286] Read of size 1 at addr ffffffff9a863e8d by task kunit_try_catch/262 [ 14.390664] [ 14.390828] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.390878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.390891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.390915] Call Trace: [ 14.390929] <TASK> [ 14.390946] dump_stack_lvl+0x73/0xb0 [ 14.391036] print_report+0xd1/0x610 [ 14.391065] ? __virt_addr_valid+0x1db/0x2d0 [ 14.391094] ? kasan_global_oob_right+0x286/0x2d0 [ 14.391120] ? kasan_addr_to_slab+0x11/0xa0 [ 14.391142] ? kasan_global_oob_right+0x286/0x2d0 [ 14.391166] kasan_report+0x141/0x180 [ 14.391195] ? kasan_global_oob_right+0x286/0x2d0 [ 14.391223] __asan_report_load1_noabort+0x18/0x20 [ 14.391250] kasan_global_oob_right+0x286/0x2d0 [ 14.391274] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.391301] ? __schedule+0x10cc/0x2b60 [ 14.391327] ? __pfx_read_tsc+0x10/0x10 [ 14.391352] ? ktime_get_ts64+0x86/0x230 [ 14.391379] kunit_try_run_case+0x1a5/0x480 [ 14.391408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.391433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.391472] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.391497] ? __kthread_parkme+0x82/0x180 [ 14.391521] ? preempt_count_sub+0x50/0x80 [ 14.391547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.391573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.391599] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.391626] kthread+0x337/0x6f0 [ 14.391646] ? trace_preempt_on+0x20/0xc0 [ 14.391672] ? __pfx_kthread+0x10/0x10 [ 14.391694] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.391718] ? calculate_sigpending+0x7b/0xa0 [ 14.391746] ? __pfx_kthread+0x10/0x10 [ 14.391780] ret_from_fork+0x116/0x1d0 [ 14.391799] ? __pfx_kthread+0x10/0x10 [ 14.391821] ret_from_fork_asm+0x1a/0x30 [ 14.391855] </TASK> [ 14.391865] [ 14.402887] The buggy address belongs to the variable: [ 14.403266] global_array+0xd/0x40 [ 14.403656] [ 14.403800] The buggy address belongs to the physical page: [ 14.404319] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12ba63 [ 14.404898] flags: 0x200000000002000(reserved|node=0|zone=2) [ 14.405390] raw: 0200000000002000 ffffea0004ae98c8 ffffea0004ae98c8 0000000000000000 [ 14.405733] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.406364] page dumped because: kasan: bad access detected [ 14.406727] [ 14.406840] Memory state around the buggy address: [ 14.407268] ffffffff9a863d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.407689] ffffffff9a863e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.408189] >ffffffff9a863e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.408495] ^ [ 14.408887] ffffffff9a863f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.409371] ffffffff9a863f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.409878] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.335446] ================================================================== [ 14.335976] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.336493] Free of addr ffff88810307a301 by task kunit_try_catch/258 [ 14.336930] [ 14.337058] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.337104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.337117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.337139] Call Trace: [ 14.337153] <TASK> [ 14.337228] dump_stack_lvl+0x73/0xb0 [ 14.337260] print_report+0xd1/0x610 [ 14.337521] ? __virt_addr_valid+0x1db/0x2d0 [ 14.337586] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.337610] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.337651] kasan_report_invalid_free+0x10a/0x130 [ 14.337677] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.337707] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.337733] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.337768] check_slab_allocation+0x11f/0x130 [ 14.337791] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.337817] mempool_free+0x2ec/0x380 [ 14.337844] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.337872] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.337903] ? finish_task_switch.isra.0+0x153/0x700 [ 14.337931] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.337956] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.338036] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.338062] ? __pfx_mempool_kfree+0x10/0x10 [ 14.338087] ? __pfx_read_tsc+0x10/0x10 [ 14.338109] ? ktime_get_ts64+0x86/0x230 [ 14.338133] kunit_try_run_case+0x1a5/0x480 [ 14.338159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.338183] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.338208] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.338233] ? __kthread_parkme+0x82/0x180 [ 14.338254] ? preempt_count_sub+0x50/0x80 [ 14.338279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.338303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.338329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.338356] kthread+0x337/0x6f0 [ 14.338375] ? trace_preempt_on+0x20/0xc0 [ 14.338399] ? __pfx_kthread+0x10/0x10 [ 14.338420] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.338443] ? calculate_sigpending+0x7b/0xa0 [ 14.338469] ? __pfx_kthread+0x10/0x10 [ 14.338490] ret_from_fork+0x116/0x1d0 [ 14.338509] ? __pfx_kthread+0x10/0x10 [ 14.338530] ret_from_fork_asm+0x1a/0x30 [ 14.338561] </TASK> [ 14.338571] [ 14.348958] Allocated by task 258: [ 14.349154] kasan_save_stack+0x45/0x70 [ 14.349311] kasan_save_track+0x18/0x40 [ 14.349642] kasan_save_alloc_info+0x3b/0x50 [ 14.349892] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.350127] remove_element+0x11e/0x190 [ 14.350463] mempool_alloc_preallocated+0x4d/0x90 [ 14.350645] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.350839] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.351292] kunit_try_run_case+0x1a5/0x480 [ 14.351523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.351795] kthread+0x337/0x6f0 [ 14.352141] ret_from_fork+0x116/0x1d0 [ 14.352322] ret_from_fork_asm+0x1a/0x30 [ 14.352553] [ 14.352627] The buggy address belongs to the object at ffff88810307a300 [ 14.352627] which belongs to the cache kmalloc-128 of size 128 [ 14.353338] The buggy address is located 1 bytes inside of [ 14.353338] 128-byte region [ffff88810307a300, ffff88810307a380) [ 14.353909] [ 14.354031] The buggy address belongs to the physical page: [ 14.354343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307a [ 14.354684] flags: 0x200000000000000(node=0|zone=2) [ 14.354986] page_type: f5(slab) [ 14.355161] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.355592] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.356231] page dumped because: kasan: bad access detected [ 14.356497] [ 14.356638] Memory state around the buggy address: [ 14.356858] ffff88810307a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.357167] ffff88810307a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.357612] >ffff88810307a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.358004] ^ [ 14.358145] ffff88810307a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.358434] ffff88810307a400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.358734] ================================================================== [ 14.362205] ================================================================== [ 14.362643] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.362914] Free of addr ffff888103a20001 by task kunit_try_catch/260 [ 14.363115] [ 14.363209] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.363254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.363267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.363288] Call Trace: [ 14.363300] <TASK> [ 14.363317] dump_stack_lvl+0x73/0xb0 [ 14.363346] print_report+0xd1/0x610 [ 14.363368] ? __virt_addr_valid+0x1db/0x2d0 [ 14.363391] ? kasan_addr_to_slab+0x11/0xa0 [ 14.363411] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.363437] kasan_report_invalid_free+0x10a/0x130 [ 14.363461] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.363489] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.363514] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.363539] mempool_free+0x2ec/0x380 [ 14.363565] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.363591] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.363615] ? update_load_avg+0x1be/0x21b0 [ 14.363638] ? update_load_avg+0x1be/0x21b0 [ 14.363659] ? update_curr+0x80/0x810 [ 14.363680] ? finish_task_switch.isra.0+0x153/0x700 [ 14.363706] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.363730] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.364361] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.364403] ? __pfx_mempool_kfree+0x10/0x10 [ 14.364445] ? __pfx_read_tsc+0x10/0x10 [ 14.364468] ? ktime_get_ts64+0x86/0x230 [ 14.364497] kunit_try_run_case+0x1a5/0x480 [ 14.364523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.364547] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.364573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.364641] ? __kthread_parkme+0x82/0x180 [ 14.364663] ? preempt_count_sub+0x50/0x80 [ 14.364687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.364712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.364738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.364780] kthread+0x337/0x6f0 [ 14.364799] ? trace_preempt_on+0x20/0xc0 [ 14.364824] ? __pfx_kthread+0x10/0x10 [ 14.364844] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.364866] ? calculate_sigpending+0x7b/0xa0 [ 14.364891] ? __pfx_kthread+0x10/0x10 [ 14.364912] ret_from_fork+0x116/0x1d0 [ 14.364931] ? __pfx_kthread+0x10/0x10 [ 14.364953] ret_from_fork_asm+0x1a/0x30 [ 14.365616] </TASK> [ 14.365629] [ 14.378228] The buggy address belongs to the physical page: [ 14.378479] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a20 [ 14.378804] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.379243] flags: 0x200000000000040(head|node=0|zone=2) [ 14.379433] page_type: f8(unknown) [ 14.379592] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.379844] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.380463] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.380839] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.381285] head: 0200000000000002 ffffea00040e8801 00000000ffffffff 00000000ffffffff [ 14.381661] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.382087] page dumped because: kasan: bad access detected [ 14.382318] [ 14.382414] Memory state around the buggy address: [ 14.382600] ffff888103a1ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.382830] ffff888103a1ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.383248] >ffff888103a20000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.383595] ^ [ 14.383772] ffff888103a20080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.384166] ffff888103a20100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.384478] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.236375] ================================================================== [ 14.236933] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.237378] Free of addr ffff88810307d600 by task kunit_try_catch/252 [ 14.237905] [ 14.238136] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.238185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.238198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.238221] Call Trace: [ 14.238233] <TASK> [ 14.238248] dump_stack_lvl+0x73/0xb0 [ 14.238281] print_report+0xd1/0x610 [ 14.238306] ? __virt_addr_valid+0x1db/0x2d0 [ 14.238332] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.238357] ? mempool_double_free_helper+0x184/0x370 [ 14.238384] kasan_report_invalid_free+0x10a/0x130 [ 14.238411] ? mempool_double_free_helper+0x184/0x370 [ 14.238522] ? mempool_double_free_helper+0x184/0x370 [ 14.238721] ? mempool_double_free_helper+0x184/0x370 [ 14.238748] check_slab_allocation+0x101/0x130 [ 14.238787] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.238814] mempool_free+0x2ec/0x380 [ 14.238844] mempool_double_free_helper+0x184/0x370 [ 14.238870] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.238896] ? update_load_avg+0x1be/0x21b0 [ 14.238925] ? finish_task_switch.isra.0+0x153/0x700 [ 14.238951] mempool_kmalloc_double_free+0xed/0x140 [ 14.239048] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.239080] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.239104] ? __pfx_mempool_kfree+0x10/0x10 [ 14.239130] ? __pfx_read_tsc+0x10/0x10 [ 14.239153] ? ktime_get_ts64+0x86/0x230 [ 14.239185] kunit_try_run_case+0x1a5/0x480 [ 14.239212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.239237] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.239263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.239289] ? __kthread_parkme+0x82/0x180 [ 14.239311] ? preempt_count_sub+0x50/0x80 [ 14.239336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.239362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.239388] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.239415] kthread+0x337/0x6f0 [ 14.239436] ? trace_preempt_on+0x20/0xc0 [ 14.239461] ? __pfx_kthread+0x10/0x10 [ 14.239482] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.239505] ? calculate_sigpending+0x7b/0xa0 [ 14.239531] ? __pfx_kthread+0x10/0x10 [ 14.239553] ret_from_fork+0x116/0x1d0 [ 14.239572] ? __pfx_kthread+0x10/0x10 [ 14.239593] ret_from_fork_asm+0x1a/0x30 [ 14.239625] </TASK> [ 14.239636] [ 14.253518] Allocated by task 252: [ 14.254104] kasan_save_stack+0x45/0x70 [ 14.254414] kasan_save_track+0x18/0x40 [ 14.254629] kasan_save_alloc_info+0x3b/0x50 [ 14.254961] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.255396] remove_element+0x11e/0x190 [ 14.255710] mempool_alloc_preallocated+0x4d/0x90 [ 14.255958] mempool_double_free_helper+0x8a/0x370 [ 14.256586] mempool_kmalloc_double_free+0xed/0x140 [ 14.256936] kunit_try_run_case+0x1a5/0x480 [ 14.257260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.257790] kthread+0x337/0x6f0 [ 14.257992] ret_from_fork+0x116/0x1d0 [ 14.258391] ret_from_fork_asm+0x1a/0x30 [ 14.258628] [ 14.258732] Freed by task 252: [ 14.259134] kasan_save_stack+0x45/0x70 [ 14.259547] kasan_save_track+0x18/0x40 [ 14.259822] kasan_save_free_info+0x3f/0x60 [ 14.260258] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.260596] mempool_free+0x2ec/0x380 [ 14.260787] mempool_double_free_helper+0x109/0x370 [ 14.261397] mempool_kmalloc_double_free+0xed/0x140 [ 14.261605] kunit_try_run_case+0x1a5/0x480 [ 14.261940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.262505] kthread+0x337/0x6f0 [ 14.262679] ret_from_fork+0x116/0x1d0 [ 14.262844] ret_from_fork_asm+0x1a/0x30 [ 14.263165] [ 14.263453] The buggy address belongs to the object at ffff88810307d600 [ 14.263453] which belongs to the cache kmalloc-128 of size 128 [ 14.264199] The buggy address is located 0 bytes inside of [ 14.264199] 128-byte region [ffff88810307d600, ffff88810307d680) [ 14.264989] [ 14.265096] The buggy address belongs to the physical page: [ 14.265576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307d [ 14.266004] flags: 0x200000000000000(node=0|zone=2) [ 14.266319] page_type: f5(slab) [ 14.266715] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.267140] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.267539] page dumped because: kasan: bad access detected [ 14.267871] [ 14.268062] Memory state around the buggy address: [ 14.268290] ffff88810307d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.268908] ffff88810307d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.269517] >ffff88810307d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.269948] ^ [ 14.270349] ffff88810307d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.270789] ffff88810307d700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.271332] ================================================================== [ 14.307244] ================================================================== [ 14.307825] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.308583] Free of addr ffff8881039b0000 by task kunit_try_catch/256 [ 14.309066] [ 14.309370] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.309422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.309591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.309619] Call Trace: [ 14.309633] <TASK> [ 14.309652] dump_stack_lvl+0x73/0xb0 [ 14.309687] print_report+0xd1/0x610 [ 14.309710] ? __virt_addr_valid+0x1db/0x2d0 [ 14.309735] ? kasan_addr_to_slab+0x11/0xa0 [ 14.309769] ? mempool_double_free_helper+0x184/0x370 [ 14.309795] kasan_report_invalid_free+0x10a/0x130 [ 14.309820] ? mempool_double_free_helper+0x184/0x370 [ 14.309848] ? mempool_double_free_helper+0x184/0x370 [ 14.309872] __kasan_mempool_poison_pages+0x115/0x130 [ 14.309898] mempool_free+0x290/0x380 [ 14.309926] mempool_double_free_helper+0x184/0x370 [ 14.309951] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.310034] ? __kasan_check_write+0x18/0x20 [ 14.310057] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.310080] ? irqentry_exit+0x2a/0x60 [ 14.310103] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.310131] mempool_page_alloc_double_free+0xe8/0x140 [ 14.310158] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.310189] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.310213] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.310239] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.310269] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.310298] kunit_try_run_case+0x1a5/0x480 [ 14.310324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.310347] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.310373] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.310398] ? __kthread_parkme+0x82/0x180 [ 14.310419] ? preempt_count_sub+0x50/0x80 [ 14.310444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.310468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.310492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.310518] kthread+0x337/0x6f0 [ 14.310538] ? trace_preempt_on+0x20/0xc0 [ 14.310561] ? __pfx_kthread+0x10/0x10 [ 14.310582] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.310603] ? calculate_sigpending+0x7b/0xa0 [ 14.310629] ? __pfx_kthread+0x10/0x10 [ 14.310651] ret_from_fork+0x116/0x1d0 [ 14.310670] ? __pfx_kthread+0x10/0x10 [ 14.310691] ret_from_fork_asm+0x1a/0x30 [ 14.310722] </TASK> [ 14.310732] [ 14.325455] The buggy address belongs to the physical page: [ 14.325970] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b0 [ 14.326361] flags: 0x200000000000000(node=0|zone=2) [ 14.326800] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.327189] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.327789] page dumped because: kasan: bad access detected [ 14.328203] [ 14.328283] Memory state around the buggy address: [ 14.328737] ffff8881039aff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.329398] ffff8881039aff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.329865] >ffff8881039b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.330297] ^ [ 14.330771] ffff8881039b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.331372] ffff8881039b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.331729] ================================================================== [ 14.275237] ================================================================== [ 14.275753] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.276144] Free of addr ffff888102a50000 by task kunit_try_catch/254 [ 14.276588] [ 14.276699] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.277157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.277175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.277201] Call Trace: [ 14.277214] <TASK> [ 14.277231] dump_stack_lvl+0x73/0xb0 [ 14.277267] print_report+0xd1/0x610 [ 14.277291] ? __virt_addr_valid+0x1db/0x2d0 [ 14.277317] ? kasan_addr_to_slab+0x11/0xa0 [ 14.277337] ? mempool_double_free_helper+0x184/0x370 [ 14.277364] kasan_report_invalid_free+0x10a/0x130 [ 14.277390] ? mempool_double_free_helper+0x184/0x370 [ 14.277418] ? mempool_double_free_helper+0x184/0x370 [ 14.277441] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.277468] mempool_free+0x2ec/0x380 [ 14.277495] mempool_double_free_helper+0x184/0x370 [ 14.277521] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.277547] ? __kasan_check_write+0x18/0x20 [ 14.277568] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.277591] ? irqentry_exit+0x2a/0x60 [ 14.277613] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.277641] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.277668] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.277697] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.277721] ? __pfx_mempool_kfree+0x10/0x10 [ 14.277745] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.277789] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.277818] kunit_try_run_case+0x1a5/0x480 [ 14.277845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.277869] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.277895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.277919] ? __kthread_parkme+0x82/0x180 [ 14.277942] ? preempt_count_sub+0x50/0x80 [ 14.277967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.278040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.278065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.278091] kthread+0x337/0x6f0 [ 14.278110] ? trace_preempt_on+0x20/0xc0 [ 14.278135] ? __pfx_kthread+0x10/0x10 [ 14.278156] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.278179] ? calculate_sigpending+0x7b/0xa0 [ 14.278204] ? __pfx_kthread+0x10/0x10 [ 14.278226] ret_from_fork+0x116/0x1d0 [ 14.278247] ? __pfx_kthread+0x10/0x10 [ 14.278267] ret_from_fork_asm+0x1a/0x30 [ 14.278298] </TASK> [ 14.278308] [ 14.293108] The buggy address belongs to the physical page: [ 14.293373] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a50 [ 14.293950] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.294464] flags: 0x200000000000040(head|node=0|zone=2) [ 14.294948] page_type: f8(unknown) [ 14.295290] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.295852] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.296397] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.296881] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.297412] head: 0200000000000002 ffffea00040a9401 00000000ffffffff 00000000ffffffff [ 14.297952] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.298486] page dumped because: kasan: bad access detected [ 14.298891] [ 14.299227] Memory state around the buggy address: [ 14.299506] ffff888102a4ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.299942] ffff888102a4ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.301027] >ffff888102a50000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.301932] ^ [ 14.302570] ffff888102a50080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.303153] ffff888102a50100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.304039] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.208835] ================================================================== [ 14.209473] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.209813] Read of size 1 at addr ffff888102a50000 by task kunit_try_catch/250 [ 14.210229] [ 14.210339] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.210387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.210399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.210422] Call Trace: [ 14.210434] <TASK> [ 14.210451] dump_stack_lvl+0x73/0xb0 [ 14.210484] print_report+0xd1/0x610 [ 14.210518] ? __virt_addr_valid+0x1db/0x2d0 [ 14.210544] ? mempool_uaf_helper+0x392/0x400 [ 14.210568] ? kasan_addr_to_slab+0x11/0xa0 [ 14.210589] ? mempool_uaf_helper+0x392/0x400 [ 14.210613] kasan_report+0x141/0x180 [ 14.210636] ? mempool_uaf_helper+0x392/0x400 [ 14.210663] __asan_report_load1_noabort+0x18/0x20 [ 14.210689] mempool_uaf_helper+0x392/0x400 [ 14.210712] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.210738] ? __kasan_check_write+0x18/0x20 [ 14.210772] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.210798] ? finish_task_switch.isra.0+0x153/0x700 [ 14.210827] mempool_page_alloc_uaf+0xed/0x140 [ 14.210853] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.210881] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.210908] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.210936] ? __pfx_read_tsc+0x10/0x10 [ 14.210958] ? ktime_get_ts64+0x86/0x230 [ 14.211129] kunit_try_run_case+0x1a5/0x480 [ 14.211161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.211192] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.211219] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.211244] ? __kthread_parkme+0x82/0x180 [ 14.211267] ? preempt_count_sub+0x50/0x80 [ 14.211292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.211318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.211343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.211370] kthread+0x337/0x6f0 [ 14.211390] ? trace_preempt_on+0x20/0xc0 [ 14.211415] ? __pfx_kthread+0x10/0x10 [ 14.211449] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.211472] ? calculate_sigpending+0x7b/0xa0 [ 14.211498] ? __pfx_kthread+0x10/0x10 [ 14.211520] ret_from_fork+0x116/0x1d0 [ 14.211540] ? __pfx_kthread+0x10/0x10 [ 14.211561] ret_from_fork_asm+0x1a/0x30 [ 14.211594] </TASK> [ 14.211605] [ 14.224339] The buggy address belongs to the physical page: [ 14.224745] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a50 [ 14.225405] flags: 0x200000000000000(node=0|zone=2) [ 14.225662] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.226274] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.226842] page dumped because: kasan: bad access detected [ 14.227301] [ 14.227429] Memory state around the buggy address: [ 14.227935] ffff888102a4ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.228272] ffff888102a4ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.228823] >ffff888102a50000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.229352] ^ [ 14.229563] ffff888102a50080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.229972] ffff888102a50100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.230382] ================================================================== [ 14.134828] ================================================================== [ 14.135305] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.135583] Read of size 1 at addr ffff8881039b0000 by task kunit_try_catch/246 [ 14.135857] [ 14.135958] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.136004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.136016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.136037] Call Trace: [ 14.136049] <TASK> [ 14.136067] dump_stack_lvl+0x73/0xb0 [ 14.136095] print_report+0xd1/0x610 [ 14.136118] ? __virt_addr_valid+0x1db/0x2d0 [ 14.136140] ? mempool_uaf_helper+0x392/0x400 [ 14.136161] ? kasan_addr_to_slab+0x11/0xa0 [ 14.136181] ? mempool_uaf_helper+0x392/0x400 [ 14.136204] kasan_report+0x141/0x180 [ 14.136225] ? mempool_uaf_helper+0x392/0x400 [ 14.136251] __asan_report_load1_noabort+0x18/0x20 [ 14.136275] mempool_uaf_helper+0x392/0x400 [ 14.136296] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.136320] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.136343] ? finish_task_switch.isra.0+0x153/0x700 [ 14.136368] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.136390] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.136416] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.136439] ? __pfx_mempool_kfree+0x10/0x10 [ 14.136463] ? __pfx_read_tsc+0x10/0x10 [ 14.136484] ? ktime_get_ts64+0x86/0x230 [ 14.136506] kunit_try_run_case+0x1a5/0x480 [ 14.136531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.136555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.136579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.136602] ? __kthread_parkme+0x82/0x180 [ 14.136622] ? preempt_count_sub+0x50/0x80 [ 14.136644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.136668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.136691] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.136714] kthread+0x337/0x6f0 [ 14.136733] ? trace_preempt_on+0x20/0xc0 [ 14.137110] ? __pfx_kthread+0x10/0x10 [ 14.137163] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.137188] ? calculate_sigpending+0x7b/0xa0 [ 14.137464] ? __pfx_kthread+0x10/0x10 [ 14.137490] ret_from_fork+0x116/0x1d0 [ 14.137551] ? __pfx_kthread+0x10/0x10 [ 14.137573] ret_from_fork_asm+0x1a/0x30 [ 14.137604] </TASK> [ 14.137614] [ 14.154711] The buggy address belongs to the physical page: [ 14.155220] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b0 [ 14.155920] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.156890] flags: 0x200000000000040(head|node=0|zone=2) [ 14.157295] page_type: f8(unknown) [ 14.157621] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.157950] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.158605] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.158939] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.159724] head: 0200000000000002 ffffea00040e6c01 00000000ffffffff 00000000ffffffff [ 14.160252] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.160892] page dumped because: kasan: bad access detected [ 14.161557] [ 14.161684] Memory state around the buggy address: [ 14.161911] ffff8881039aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.162429] ffff8881039aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.162737] >ffff8881039b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.162987] ^ [ 14.163215] ffff8881039b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.163487] ffff8881039b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.163828] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.168807] ================================================================== [ 14.169431] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.169775] Read of size 1 at addr ffff888103082240 by task kunit_try_catch/248 [ 14.170089] [ 14.170274] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.170327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.170339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.170363] Call Trace: [ 14.170375] <TASK> [ 14.170394] dump_stack_lvl+0x73/0xb0 [ 14.170427] print_report+0xd1/0x610 [ 14.170452] ? __virt_addr_valid+0x1db/0x2d0 [ 14.170479] ? mempool_uaf_helper+0x392/0x400 [ 14.170502] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.170526] ? mempool_uaf_helper+0x392/0x400 [ 14.170550] kasan_report+0x141/0x180 [ 14.170572] ? mempool_uaf_helper+0x392/0x400 [ 14.170600] __asan_report_load1_noabort+0x18/0x20 [ 14.170627] mempool_uaf_helper+0x392/0x400 [ 14.170650] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.170678] ? finish_task_switch.isra.0+0x153/0x700 [ 14.170709] mempool_slab_uaf+0xea/0x140 [ 14.170733] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.170773] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.170802] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.170829] ? __pfx_read_tsc+0x10/0x10 [ 14.170853] ? ktime_get_ts64+0x86/0x230 [ 14.170880] kunit_try_run_case+0x1a5/0x480 [ 14.170908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.170933] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.170962] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.171005] ? __kthread_parkme+0x82/0x180 [ 14.171028] ? preempt_count_sub+0x50/0x80 [ 14.171053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.171079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.171105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.171132] kthread+0x337/0x6f0 [ 14.171153] ? trace_preempt_on+0x20/0xc0 [ 14.171184] ? __pfx_kthread+0x10/0x10 [ 14.171206] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.171229] ? calculate_sigpending+0x7b/0xa0 [ 14.171255] ? __pfx_kthread+0x10/0x10 [ 14.171276] ret_from_fork+0x116/0x1d0 [ 14.171297] ? __pfx_kthread+0x10/0x10 [ 14.171318] ret_from_fork_asm+0x1a/0x30 [ 14.171352] </TASK> [ 14.171363] [ 14.183293] Allocated by task 248: [ 14.183714] kasan_save_stack+0x45/0x70 [ 14.184048] kasan_save_track+0x18/0x40 [ 14.184241] kasan_save_alloc_info+0x3b/0x50 [ 14.184659] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.184901] remove_element+0x11e/0x190 [ 14.185512] mempool_alloc_preallocated+0x4d/0x90 [ 14.185831] mempool_uaf_helper+0x96/0x400 [ 14.186343] mempool_slab_uaf+0xea/0x140 [ 14.186619] kunit_try_run_case+0x1a5/0x480 [ 14.186837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.187449] kthread+0x337/0x6f0 [ 14.187613] ret_from_fork+0x116/0x1d0 [ 14.187798] ret_from_fork_asm+0x1a/0x30 [ 14.188178] [ 14.188286] Freed by task 248: [ 14.188645] kasan_save_stack+0x45/0x70 [ 14.188820] kasan_save_track+0x18/0x40 [ 14.189097] kasan_save_free_info+0x3f/0x60 [ 14.189302] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.189894] mempool_free+0x2ec/0x380 [ 14.190357] mempool_uaf_helper+0x11a/0x400 [ 14.190682] mempool_slab_uaf+0xea/0x140 [ 14.190895] kunit_try_run_case+0x1a5/0x480 [ 14.191451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.191807] kthread+0x337/0x6f0 [ 14.191971] ret_from_fork+0x116/0x1d0 [ 14.192456] ret_from_fork_asm+0x1a/0x30 [ 14.192657] [ 14.192750] The buggy address belongs to the object at ffff888103082240 [ 14.192750] which belongs to the cache test_cache of size 123 [ 14.193729] The buggy address is located 0 bytes inside of [ 14.193729] freed 123-byte region [ffff888103082240, ffff8881030822bb) [ 14.194900] [ 14.195206] The buggy address belongs to the physical page: [ 14.195624] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 14.196034] flags: 0x200000000000000(node=0|zone=2) [ 14.196262] page_type: f5(slab) [ 14.196425] raw: 0200000000000000 ffff888103074640 dead000000000122 0000000000000000 [ 14.196735] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.196976] page dumped because: kasan: bad access detected [ 14.197276] [ 14.197379] Memory state around the buggy address: [ 14.197625] ffff888103082100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.197946] ffff888103082180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.198367] >ffff888103082200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.198662] ^ [ 14.198925] ffff888103082280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.199289] ffff888103082300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.199573] ================================================================== [ 14.087951] ================================================================== [ 14.088583] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.088959] Read of size 1 at addr ffff8881029ccf00 by task kunit_try_catch/244 [ 14.089996] [ 14.090367] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.090420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.090443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.090467] Call Trace: [ 14.090481] <TASK> [ 14.090500] dump_stack_lvl+0x73/0xb0 [ 14.090671] print_report+0xd1/0x610 [ 14.090698] ? __virt_addr_valid+0x1db/0x2d0 [ 14.090724] ? mempool_uaf_helper+0x392/0x400 [ 14.090747] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.090783] ? mempool_uaf_helper+0x392/0x400 [ 14.090806] kasan_report+0x141/0x180 [ 14.090829] ? mempool_uaf_helper+0x392/0x400 [ 14.090857] __asan_report_load1_noabort+0x18/0x20 [ 14.090883] mempool_uaf_helper+0x392/0x400 [ 14.090907] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.090929] ? update_load_avg+0x1be/0x21b0 [ 14.090958] ? finish_task_switch.isra.0+0x153/0x700 [ 14.091002] mempool_kmalloc_uaf+0xef/0x140 [ 14.091025] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.091052] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.091077] ? __pfx_mempool_kfree+0x10/0x10 [ 14.091103] ? __pfx_read_tsc+0x10/0x10 [ 14.091125] ? ktime_get_ts64+0x86/0x230 [ 14.091152] kunit_try_run_case+0x1a5/0x480 [ 14.091182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.091206] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.091232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.091256] ? __kthread_parkme+0x82/0x180 [ 14.091278] ? preempt_count_sub+0x50/0x80 [ 14.091302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.091326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.091352] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.091378] kthread+0x337/0x6f0 [ 14.091397] ? trace_preempt_on+0x20/0xc0 [ 14.091421] ? __pfx_kthread+0x10/0x10 [ 14.091443] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.091465] ? calculate_sigpending+0x7b/0xa0 [ 14.091491] ? __pfx_kthread+0x10/0x10 [ 14.091512] ret_from_fork+0x116/0x1d0 [ 14.091531] ? __pfx_kthread+0x10/0x10 [ 14.091552] ret_from_fork_asm+0x1a/0x30 [ 14.091584] </TASK> [ 14.091595] [ 14.106581] Allocated by task 244: [ 14.106964] kasan_save_stack+0x45/0x70 [ 14.107376] kasan_save_track+0x18/0x40 [ 14.107714] kasan_save_alloc_info+0x3b/0x50 [ 14.109065] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.109533] remove_element+0x11e/0x190 [ 14.109686] mempool_alloc_preallocated+0x4d/0x90 [ 14.111181] mempool_uaf_helper+0x96/0x400 [ 14.111741] mempool_kmalloc_uaf+0xef/0x140 [ 14.112488] kunit_try_run_case+0x1a5/0x480 [ 14.113065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.113735] kthread+0x337/0x6f0 [ 14.114232] ret_from_fork+0x116/0x1d0 [ 14.114572] ret_from_fork_asm+0x1a/0x30 [ 14.114725] [ 14.115196] Freed by task 244: [ 14.115648] kasan_save_stack+0x45/0x70 [ 14.116247] kasan_save_track+0x18/0x40 [ 14.116718] kasan_save_free_info+0x3f/0x60 [ 14.117284] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.117520] mempool_free+0x2ec/0x380 [ 14.118159] mempool_uaf_helper+0x11a/0x400 [ 14.118801] mempool_kmalloc_uaf+0xef/0x140 [ 14.119464] kunit_try_run_case+0x1a5/0x480 [ 14.120091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.120569] kthread+0x337/0x6f0 [ 14.120703] ret_from_fork+0x116/0x1d0 [ 14.120850] ret_from_fork_asm+0x1a/0x30 [ 14.120993] [ 14.121516] The buggy address belongs to the object at ffff8881029ccf00 [ 14.121516] which belongs to the cache kmalloc-128 of size 128 [ 14.123152] The buggy address is located 0 bytes inside of [ 14.123152] freed 128-byte region [ffff8881029ccf00, ffff8881029ccf80) [ 14.124857] [ 14.124966] The buggy address belongs to the physical page: [ 14.125145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 14.125402] flags: 0x200000000000000(node=0|zone=2) [ 14.125572] page_type: f5(slab) [ 14.125698] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.126295] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 14.127002] page dumped because: kasan: bad access detected [ 14.127601] [ 14.127799] Memory state around the buggy address: [ 14.128268] ffff8881029cce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.128940] ffff8881029cce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.129616] >ffff8881029ccf00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.130300] ^ [ 14.130437] ffff8881029ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.131100] ffff8881029cd000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.131326] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.980440] ================================================================== [ 13.980896] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.981400] Read of size 1 at addr ffff88810307d273 by task kunit_try_catch/238 [ 13.982083] [ 13.982271] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.982328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.982359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.982382] Call Trace: [ 13.982396] <TASK> [ 13.982415] dump_stack_lvl+0x73/0xb0 [ 13.982664] print_report+0xd1/0x610 [ 13.982693] ? __virt_addr_valid+0x1db/0x2d0 [ 13.982721] ? mempool_oob_right_helper+0x318/0x380 [ 13.982748] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.982789] ? mempool_oob_right_helper+0x318/0x380 [ 13.982816] kasan_report+0x141/0x180 [ 13.982840] ? mempool_oob_right_helper+0x318/0x380 [ 13.982871] __asan_report_load1_noabort+0x18/0x20 [ 13.982899] mempool_oob_right_helper+0x318/0x380 [ 13.982926] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.982955] ? __kasan_check_write+0x18/0x20 [ 13.982989] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.983015] ? finish_task_switch.isra.0+0x153/0x700 [ 13.983045] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.983072] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.983102] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.983131] ? __pfx_mempool_kfree+0x10/0x10 [ 13.983159] ? __pfx_read_tsc+0x10/0x10 [ 13.983187] ? ktime_get_ts64+0x86/0x230 [ 13.983214] kunit_try_run_case+0x1a5/0x480 [ 13.983243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.983268] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.983297] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.983322] ? __kthread_parkme+0x82/0x180 [ 13.983346] ? preempt_count_sub+0x50/0x80 [ 13.983372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.983398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.983424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.983450] kthread+0x337/0x6f0 [ 13.983471] ? trace_preempt_on+0x20/0xc0 [ 13.983497] ? __pfx_kthread+0x10/0x10 [ 13.983519] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.983543] ? calculate_sigpending+0x7b/0xa0 [ 13.983570] ? __pfx_kthread+0x10/0x10 [ 13.983593] ret_from_fork+0x116/0x1d0 [ 13.983613] ? __pfx_kthread+0x10/0x10 [ 13.983635] ret_from_fork_asm+0x1a/0x30 [ 13.983668] </TASK> [ 13.983680] [ 13.997061] Allocated by task 238: [ 13.997313] kasan_save_stack+0x45/0x70 [ 13.997615] kasan_save_track+0x18/0x40 [ 13.997875] kasan_save_alloc_info+0x3b/0x50 [ 13.998172] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.998392] remove_element+0x11e/0x190 [ 13.998809] mempool_alloc_preallocated+0x4d/0x90 [ 13.999167] mempool_oob_right_helper+0x8a/0x380 [ 13.999522] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.999724] kunit_try_run_case+0x1a5/0x480 [ 14.000360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.000790] kthread+0x337/0x6f0 [ 14.000958] ret_from_fork+0x116/0x1d0 [ 14.001300] ret_from_fork_asm+0x1a/0x30 [ 14.001573] [ 14.001655] The buggy address belongs to the object at ffff88810307d200 [ 14.001655] which belongs to the cache kmalloc-128 of size 128 [ 14.002544] The buggy address is located 0 bytes to the right of [ 14.002544] allocated 115-byte region [ffff88810307d200, ffff88810307d273) [ 14.003078] [ 14.003418] The buggy address belongs to the physical page: [ 14.003702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307d [ 14.004361] flags: 0x200000000000000(node=0|zone=2) [ 14.004595] page_type: f5(slab) [ 14.005055] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.005390] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.005949] page dumped because: kasan: bad access detected [ 14.006376] [ 14.006467] Memory state around the buggy address: [ 14.006813] ffff88810307d100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.007227] ffff88810307d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.007666] >ffff88810307d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.007975] ^ [ 14.008576] ffff88810307d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.009042] ffff88810307d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.009417] ================================================================== [ 14.037653] ================================================================== [ 14.038817] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.039542] Read of size 1 at addr ffff88810307f2bb by task kunit_try_catch/242 [ 14.040451] [ 14.040708] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.040769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.040945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.040970] Call Trace: [ 14.040983] <TASK> [ 14.041000] dump_stack_lvl+0x73/0xb0 [ 14.041036] print_report+0xd1/0x610 [ 14.041062] ? __virt_addr_valid+0x1db/0x2d0 [ 14.041088] ? mempool_oob_right_helper+0x318/0x380 [ 14.041112] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.041136] ? mempool_oob_right_helper+0x318/0x380 [ 14.041161] kasan_report+0x141/0x180 [ 14.041183] ? mempool_oob_right_helper+0x318/0x380 [ 14.041213] __asan_report_load1_noabort+0x18/0x20 [ 14.041240] mempool_oob_right_helper+0x318/0x380 [ 14.041266] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.041290] ? update_load_avg+0x1be/0x21b0 [ 14.041319] ? finish_task_switch.isra.0+0x153/0x700 [ 14.041347] mempool_slab_oob_right+0xed/0x140 [ 14.041373] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.041399] ? __kasan_check_write+0x18/0x20 [ 14.041420] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.041463] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.041490] ? __pfx_read_tsc+0x10/0x10 [ 14.041512] ? ktime_get_ts64+0x86/0x230 [ 14.041537] kunit_try_run_case+0x1a5/0x480 [ 14.041566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.041589] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.041616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.041640] ? __kthread_parkme+0x82/0x180 [ 14.041663] ? preempt_count_sub+0x50/0x80 [ 14.041686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.041711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.041736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.041774] kthread+0x337/0x6f0 [ 14.041793] ? trace_preempt_on+0x20/0xc0 [ 14.041818] ? __pfx_kthread+0x10/0x10 [ 14.041838] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.041860] ? calculate_sigpending+0x7b/0xa0 [ 14.041886] ? __pfx_kthread+0x10/0x10 [ 14.041908] ret_from_fork+0x116/0x1d0 [ 14.041927] ? __pfx_kthread+0x10/0x10 [ 14.041948] ret_from_fork_asm+0x1a/0x30 [ 14.042096] </TASK> [ 14.042107] [ 14.059802] Allocated by task 242: [ 14.059963] kasan_save_stack+0x45/0x70 [ 14.060123] kasan_save_track+0x18/0x40 [ 14.060260] kasan_save_alloc_info+0x3b/0x50 [ 14.060412] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.061403] remove_element+0x11e/0x190 [ 14.061876] mempool_alloc_preallocated+0x4d/0x90 [ 14.062589] mempool_oob_right_helper+0x8a/0x380 [ 14.063138] mempool_slab_oob_right+0xed/0x140 [ 14.063788] kunit_try_run_case+0x1a5/0x480 [ 14.064308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.064938] kthread+0x337/0x6f0 [ 14.065297] ret_from_fork+0x116/0x1d0 [ 14.065454] ret_from_fork_asm+0x1a/0x30 [ 14.065935] [ 14.066113] The buggy address belongs to the object at ffff88810307f240 [ 14.066113] which belongs to the cache test_cache of size 123 [ 14.067368] The buggy address is located 0 bytes to the right of [ 14.067368] allocated 123-byte region [ffff88810307f240, ffff88810307f2bb) [ 14.068457] [ 14.068542] The buggy address belongs to the physical page: [ 14.068722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307f [ 14.068996] flags: 0x200000000000000(node=0|zone=2) [ 14.069470] page_type: f5(slab) [ 14.069820] raw: 0200000000000000 ffff888103074500 dead000000000122 0000000000000000 [ 14.070674] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.071537] page dumped because: kasan: bad access detected [ 14.072146] [ 14.072314] Memory state around the buggy address: [ 14.072735] ffff88810307f180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.072990] ffff88810307f200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.073902] >ffff88810307f280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.074573] ^ [ 14.074822] ffff88810307f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.075332] ffff88810307f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.076111] ================================================================== [ 14.012841] ================================================================== [ 14.013330] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.014040] Read of size 1 at addr ffff888102a4e001 by task kunit_try_catch/240 [ 14.014666] [ 14.014838] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.014889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.014900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.014922] Call Trace: [ 14.014935] <TASK> [ 14.014952] dump_stack_lvl+0x73/0xb0 [ 14.015023] print_report+0xd1/0x610 [ 14.015050] ? __virt_addr_valid+0x1db/0x2d0 [ 14.015077] ? mempool_oob_right_helper+0x318/0x380 [ 14.015103] ? kasan_addr_to_slab+0x11/0xa0 [ 14.015126] ? mempool_oob_right_helper+0x318/0x380 [ 14.015155] kasan_report+0x141/0x180 [ 14.015183] ? mempool_oob_right_helper+0x318/0x380 [ 14.015215] __asan_report_load1_noabort+0x18/0x20 [ 14.015243] mempool_oob_right_helper+0x318/0x380 [ 14.015282] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.015310] ? __kasan_check_write+0x18/0x20 [ 14.015353] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.015380] ? finish_task_switch.isra.0+0x153/0x700 [ 14.015408] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 14.015445] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.015478] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.015505] ? __pfx_mempool_kfree+0x10/0x10 [ 14.015532] ? __pfx_read_tsc+0x10/0x10 [ 14.015555] ? ktime_get_ts64+0x86/0x230 [ 14.015582] kunit_try_run_case+0x1a5/0x480 [ 14.015610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.015635] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.015663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.015688] ? __kthread_parkme+0x82/0x180 [ 14.015712] ? preempt_count_sub+0x50/0x80 [ 14.015737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.015772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.015798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.015825] kthread+0x337/0x6f0 [ 14.015844] ? trace_preempt_on+0x20/0xc0 [ 14.015871] ? __pfx_kthread+0x10/0x10 [ 14.015892] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.015916] ? calculate_sigpending+0x7b/0xa0 [ 14.015942] ? __pfx_kthread+0x10/0x10 [ 14.015965] ret_from_fork+0x116/0x1d0 [ 14.015993] ? __pfx_kthread+0x10/0x10 [ 14.016014] ret_from_fork_asm+0x1a/0x30 [ 14.016047] </TASK> [ 14.016057] [ 14.026065] The buggy address belongs to the physical page: [ 14.026338] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a4c [ 14.026657] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.026937] flags: 0x200000000000040(head|node=0|zone=2) [ 14.027321] page_type: f8(unknown) [ 14.027564] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.027942] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.028291] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.028522] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.029292] head: 0200000000000002 ffffea00040a9301 00000000ffffffff 00000000ffffffff [ 14.029627] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.030096] page dumped because: kasan: bad access detected [ 14.030372] [ 14.030457] Memory state around the buggy address: [ 14.030688] ffff888102a4df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.031078] ffff888102a4df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.031428] >ffff888102a4e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.031750] ^ [ 14.031962] ffff888102a4e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.032354] ffff888102a4e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.032723] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.403542] ================================================================== [ 13.403998] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.404680] Read of size 1 at addr ffff888101b6ab40 by task kunit_try_catch/232 [ 13.405062] [ 13.405187] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.405238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.405250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.405274] Call Trace: [ 13.405287] <TASK> [ 13.405305] dump_stack_lvl+0x73/0xb0 [ 13.405339] print_report+0xd1/0x610 [ 13.405446] ? __virt_addr_valid+0x1db/0x2d0 [ 13.405622] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.405651] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.405676] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.405703] kasan_report+0x141/0x180 [ 13.405726] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.405767] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.405794] __kasan_check_byte+0x3d/0x50 [ 13.405817] kmem_cache_destroy+0x25/0x1d0 [ 13.405842] kmem_cache_double_destroy+0x1bf/0x380 [ 13.405869] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.405895] ? finish_task_switch.isra.0+0x153/0x700 [ 13.405921] ? __switch_to+0x47/0xf50 [ 13.405951] ? __pfx_read_tsc+0x10/0x10 [ 13.405991] ? ktime_get_ts64+0x86/0x230 [ 13.406017] kunit_try_run_case+0x1a5/0x480 [ 13.406045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.406069] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.406096] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.406121] ? __kthread_parkme+0x82/0x180 [ 13.406143] ? preempt_count_sub+0x50/0x80 [ 13.406167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.406192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.406217] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.406243] kthread+0x337/0x6f0 [ 13.406263] ? trace_preempt_on+0x20/0xc0 [ 13.406288] ? __pfx_kthread+0x10/0x10 [ 13.406309] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.406331] ? calculate_sigpending+0x7b/0xa0 [ 13.406357] ? __pfx_kthread+0x10/0x10 [ 13.406379] ret_from_fork+0x116/0x1d0 [ 13.406399] ? __pfx_kthread+0x10/0x10 [ 13.406420] ret_from_fork_asm+0x1a/0x30 [ 13.406465] </TASK> [ 13.406477] [ 13.417317] Allocated by task 232: [ 13.417558] kasan_save_stack+0x45/0x70 [ 13.417717] kasan_save_track+0x18/0x40 [ 13.418002] kasan_save_alloc_info+0x3b/0x50 [ 13.418354] __kasan_slab_alloc+0x91/0xa0 [ 13.418532] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.418712] __kmem_cache_create_args+0x169/0x240 [ 13.419085] kmem_cache_double_destroy+0xd5/0x380 [ 13.419423] kunit_try_run_case+0x1a5/0x480 [ 13.419616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.419881] kthread+0x337/0x6f0 [ 13.420184] ret_from_fork+0x116/0x1d0 [ 13.420348] ret_from_fork_asm+0x1a/0x30 [ 13.420680] [ 13.420835] Freed by task 232: [ 13.421179] kasan_save_stack+0x45/0x70 [ 13.421380] kasan_save_track+0x18/0x40 [ 13.421788] kasan_save_free_info+0x3f/0x60 [ 13.421984] __kasan_slab_free+0x56/0x70 [ 13.422243] kmem_cache_free+0x249/0x420 [ 13.422551] slab_kmem_cache_release+0x2e/0x40 [ 13.422787] kmem_cache_release+0x16/0x20 [ 13.423038] kobject_put+0x181/0x450 [ 13.423252] sysfs_slab_release+0x16/0x20 [ 13.423612] kmem_cache_destroy+0xf0/0x1d0 [ 13.423844] kmem_cache_double_destroy+0x14e/0x380 [ 13.424079] kunit_try_run_case+0x1a5/0x480 [ 13.424268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.424528] kthread+0x337/0x6f0 [ 13.424865] ret_from_fork+0x116/0x1d0 [ 13.425006] ret_from_fork_asm+0x1a/0x30 [ 13.425704] [ 13.425824] The buggy address belongs to the object at ffff888101b6ab40 [ 13.425824] which belongs to the cache kmem_cache of size 208 [ 13.426631] The buggy address is located 0 bytes inside of [ 13.426631] freed 208-byte region [ffff888101b6ab40, ffff888101b6ac10) [ 13.427512] [ 13.427738] The buggy address belongs to the physical page: [ 13.427987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b6a [ 13.428721] flags: 0x200000000000000(node=0|zone=2) [ 13.429320] page_type: f5(slab) [ 13.429772] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.430138] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.430684] page dumped because: kasan: bad access detected [ 13.431019] [ 13.431324] Memory state around the buggy address: [ 13.431802] ffff888101b6aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.432343] ffff888101b6aa80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.432690] >ffff888101b6ab00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.433342] ^ [ 13.433786] ffff888101b6ab80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.434262] ffff888101b6ac00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.434730] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.349152] ================================================================== [ 13.349688] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.350313] Read of size 1 at addr ffff888103078000 by task kunit_try_catch/230 [ 13.350625] [ 13.350765] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.350813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.350825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.350846] Call Trace: [ 13.350858] <TASK> [ 13.350877] dump_stack_lvl+0x73/0xb0 [ 13.350910] print_report+0xd1/0x610 [ 13.350934] ? __virt_addr_valid+0x1db/0x2d0 [ 13.350960] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.350982] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.351006] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.351029] kasan_report+0x141/0x180 [ 13.351051] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.351078] __asan_report_load1_noabort+0x18/0x20 [ 13.351103] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.351126] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.351149] ? finish_task_switch.isra.0+0x153/0x700 [ 13.351178] ? __switch_to+0x47/0xf50 [ 13.351269] ? __pfx_read_tsc+0x10/0x10 [ 13.351292] ? ktime_get_ts64+0x86/0x230 [ 13.351317] kunit_try_run_case+0x1a5/0x480 [ 13.351344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.351367] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.351393] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.351417] ? __kthread_parkme+0x82/0x180 [ 13.351438] ? preempt_count_sub+0x50/0x80 [ 13.351475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.351499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.351524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.351549] kthread+0x337/0x6f0 [ 13.351568] ? trace_preempt_on+0x20/0xc0 [ 13.351592] ? __pfx_kthread+0x10/0x10 [ 13.351613] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.351634] ? calculate_sigpending+0x7b/0xa0 [ 13.351659] ? __pfx_kthread+0x10/0x10 [ 13.351680] ret_from_fork+0x116/0x1d0 [ 13.351699] ? __pfx_kthread+0x10/0x10 [ 13.351720] ret_from_fork_asm+0x1a/0x30 [ 13.352163] </TASK> [ 13.352178] [ 13.361017] Allocated by task 230: [ 13.361238] kasan_save_stack+0x45/0x70 [ 13.361465] kasan_save_track+0x18/0x40 [ 13.361623] kasan_save_alloc_info+0x3b/0x50 [ 13.361784] __kasan_slab_alloc+0x91/0xa0 [ 13.361959] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.362779] kmem_cache_rcu_uaf+0x155/0x510 [ 13.362989] kunit_try_run_case+0x1a5/0x480 [ 13.363187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.363423] kthread+0x337/0x6f0 [ 13.363581] ret_from_fork+0x116/0x1d0 [ 13.363766] ret_from_fork_asm+0x1a/0x30 [ 13.363951] [ 13.364043] Freed by task 0: [ 13.364191] kasan_save_stack+0x45/0x70 [ 13.364371] kasan_save_track+0x18/0x40 [ 13.364546] kasan_save_free_info+0x3f/0x60 [ 13.364735] __kasan_slab_free+0x56/0x70 [ 13.365468] slab_free_after_rcu_debug+0xe4/0x310 [ 13.365644] rcu_core+0x66f/0x1c40 [ 13.365784] rcu_core_si+0x12/0x20 [ 13.365954] handle_softirqs+0x209/0x730 [ 13.366367] __irq_exit_rcu+0xc9/0x110 [ 13.366620] irq_exit_rcu+0x12/0x20 [ 13.366849] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.367234] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.367510] [ 13.367610] Last potentially related work creation: [ 13.367846] kasan_save_stack+0x45/0x70 [ 13.368464] kasan_record_aux_stack+0xb2/0xc0 [ 13.368743] kmem_cache_free+0x131/0x420 [ 13.369072] kmem_cache_rcu_uaf+0x194/0x510 [ 13.369319] kunit_try_run_case+0x1a5/0x480 [ 13.369530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.369872] kthread+0x337/0x6f0 [ 13.370111] ret_from_fork+0x116/0x1d0 [ 13.370390] ret_from_fork_asm+0x1a/0x30 [ 13.370567] [ 13.370774] The buggy address belongs to the object at ffff888103078000 [ 13.370774] which belongs to the cache test_cache of size 200 [ 13.371482] The buggy address is located 0 bytes inside of [ 13.371482] freed 200-byte region [ffff888103078000, ffff8881030780c8) [ 13.372193] [ 13.372321] The buggy address belongs to the physical page: [ 13.372553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103078 [ 13.373123] flags: 0x200000000000000(node=0|zone=2) [ 13.373330] page_type: f5(slab) [ 13.373578] raw: 0200000000000000 ffff888103074140 dead000000000122 0000000000000000 [ 13.373884] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.374414] page dumped because: kasan: bad access detected [ 13.374719] [ 13.374823] Memory state around the buggy address: [ 13.375221] ffff888103077f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.375600] ffff888103077f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.375907] >ffff888103078000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.376447] ^ [ 13.376655] ffff888103078080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.377084] ffff888103078100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.377434] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.285813] ================================================================== [ 13.287138] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.287395] Free of addr ffff888103939001 by task kunit_try_catch/228 [ 13.288325] [ 13.288534] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.288733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.288748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.288779] Call Trace: [ 13.288792] <TASK> [ 13.288810] dump_stack_lvl+0x73/0xb0 [ 13.288846] print_report+0xd1/0x610 [ 13.288869] ? __virt_addr_valid+0x1db/0x2d0 [ 13.288896] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.288920] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.288946] kasan_report_invalid_free+0x10a/0x130 [ 13.288971] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.289000] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.289025] check_slab_allocation+0x11f/0x130 [ 13.289047] __kasan_slab_pre_free+0x28/0x40 [ 13.289068] kmem_cache_free+0xed/0x420 [ 13.289089] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.289110] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.289138] kmem_cache_invalid_free+0x1d8/0x460 [ 13.289163] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.289188] ? finish_task_switch.isra.0+0x153/0x700 [ 13.289213] ? __switch_to+0x47/0xf50 [ 13.289243] ? __pfx_read_tsc+0x10/0x10 [ 13.289266] ? ktime_get_ts64+0x86/0x230 [ 13.289291] kunit_try_run_case+0x1a5/0x480 [ 13.289319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.289343] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.289369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.289393] ? __kthread_parkme+0x82/0x180 [ 13.289416] ? preempt_count_sub+0x50/0x80 [ 13.289450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.289475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.289499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.289525] kthread+0x337/0x6f0 [ 13.289545] ? trace_preempt_on+0x20/0xc0 [ 13.289570] ? __pfx_kthread+0x10/0x10 [ 13.289591] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.289613] ? calculate_sigpending+0x7b/0xa0 [ 13.289638] ? __pfx_kthread+0x10/0x10 [ 13.289660] ret_from_fork+0x116/0x1d0 [ 13.289679] ? __pfx_kthread+0x10/0x10 [ 13.289699] ret_from_fork_asm+0x1a/0x30 [ 13.289731] </TASK> [ 13.289742] [ 13.303180] Allocated by task 228: [ 13.303374] kasan_save_stack+0x45/0x70 [ 13.303703] kasan_save_track+0x18/0x40 [ 13.304410] kasan_save_alloc_info+0x3b/0x50 [ 13.304841] __kasan_slab_alloc+0x91/0xa0 [ 13.305262] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.305631] kmem_cache_invalid_free+0x157/0x460 [ 13.306165] kunit_try_run_case+0x1a5/0x480 [ 13.306430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.306856] kthread+0x337/0x6f0 [ 13.307232] ret_from_fork+0x116/0x1d0 [ 13.307417] ret_from_fork_asm+0x1a/0x30 [ 13.307853] [ 13.307954] The buggy address belongs to the object at ffff888103939000 [ 13.307954] which belongs to the cache test_cache of size 200 [ 13.308792] The buggy address is located 1 bytes inside of [ 13.308792] 200-byte region [ffff888103939000, ffff8881039390c8) [ 13.309848] [ 13.310199] The buggy address belongs to the physical page: [ 13.310446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103939 [ 13.310923] flags: 0x200000000000000(node=0|zone=2) [ 13.311404] page_type: f5(slab) [ 13.311706] raw: 0200000000000000 ffff888101b6aa00 dead000000000122 0000000000000000 [ 13.312374] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.312827] page dumped because: kasan: bad access detected [ 13.313271] [ 13.313367] Memory state around the buggy address: [ 13.313796] ffff888103938f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.314667] ffff888103938f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.315159] >ffff888103939000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.315485] ^ [ 13.315642] ffff888103939080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.315941] ffff888103939100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.316231] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.254381] ================================================================== [ 13.255335] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.256394] Free of addr ffff888103076000 by task kunit_try_catch/226 [ 13.256726] [ 13.256862] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.256912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.256923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.256945] Call Trace: [ 13.256957] <TASK> [ 13.256973] dump_stack_lvl+0x73/0xb0 [ 13.257007] print_report+0xd1/0x610 [ 13.257032] ? __virt_addr_valid+0x1db/0x2d0 [ 13.257057] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.257080] ? kmem_cache_double_free+0x1e5/0x480 [ 13.257107] kasan_report_invalid_free+0x10a/0x130 [ 13.257132] ? kmem_cache_double_free+0x1e5/0x480 [ 13.257159] ? kmem_cache_double_free+0x1e5/0x480 [ 13.257184] check_slab_allocation+0x101/0x130 [ 13.257207] __kasan_slab_pre_free+0x28/0x40 [ 13.257228] kmem_cache_free+0xed/0x420 [ 13.257249] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.257271] ? kmem_cache_double_free+0x1e5/0x480 [ 13.257298] kmem_cache_double_free+0x1e5/0x480 [ 13.257323] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.257348] ? finish_task_switch.isra.0+0x153/0x700 [ 13.257373] ? __switch_to+0x47/0xf50 [ 13.257403] ? __pfx_read_tsc+0x10/0x10 [ 13.257425] ? ktime_get_ts64+0x86/0x230 [ 13.257464] kunit_try_run_case+0x1a5/0x480 [ 13.257490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.257514] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.257540] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.257564] ? __kthread_parkme+0x82/0x180 [ 13.257586] ? preempt_count_sub+0x50/0x80 [ 13.257609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.257634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.257660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.257685] kthread+0x337/0x6f0 [ 13.257704] ? trace_preempt_on+0x20/0xc0 [ 13.257729] ? __pfx_kthread+0x10/0x10 [ 13.257749] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.257781] ? calculate_sigpending+0x7b/0xa0 [ 13.257806] ? __pfx_kthread+0x10/0x10 [ 13.257827] ret_from_fork+0x116/0x1d0 [ 13.257846] ? __pfx_kthread+0x10/0x10 [ 13.257868] ret_from_fork_asm+0x1a/0x30 [ 13.257898] </TASK> [ 13.257908] [ 13.267045] Allocated by task 226: [ 13.267240] kasan_save_stack+0x45/0x70 [ 13.267485] kasan_save_track+0x18/0x40 [ 13.267629] kasan_save_alloc_info+0x3b/0x50 [ 13.267793] __kasan_slab_alloc+0x91/0xa0 [ 13.268056] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.268321] kmem_cache_double_free+0x14f/0x480 [ 13.268658] kunit_try_run_case+0x1a5/0x480 [ 13.268819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.269056] kthread+0x337/0x6f0 [ 13.269225] ret_from_fork+0x116/0x1d0 [ 13.269434] ret_from_fork_asm+0x1a/0x30 [ 13.269677] [ 13.269751] Freed by task 226: [ 13.269876] kasan_save_stack+0x45/0x70 [ 13.270308] kasan_save_track+0x18/0x40 [ 13.270673] kasan_save_free_info+0x3f/0x60 [ 13.270922] __kasan_slab_free+0x56/0x70 [ 13.271157] kmem_cache_free+0x249/0x420 [ 13.271362] kmem_cache_double_free+0x16a/0x480 [ 13.271648] kunit_try_run_case+0x1a5/0x480 [ 13.271850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.272057] kthread+0x337/0x6f0 [ 13.272179] ret_from_fork+0x116/0x1d0 [ 13.272374] ret_from_fork_asm+0x1a/0x30 [ 13.272574] [ 13.272707] The buggy address belongs to the object at ffff888103076000 [ 13.272707] which belongs to the cache test_cache of size 200 [ 13.273380] The buggy address is located 0 bytes inside of [ 13.273380] 200-byte region [ffff888103076000, ffff8881030760c8) [ 13.273887] [ 13.273964] The buggy address belongs to the physical page: [ 13.274242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103076 [ 13.274831] flags: 0x200000000000000(node=0|zone=2) [ 13.275012] page_type: f5(slab) [ 13.275246] raw: 0200000000000000 ffff888103074000 dead000000000122 0000000000000000 [ 13.275676] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.276186] page dumped because: kasan: bad access detected [ 13.276378] [ 13.276448] Memory state around the buggy address: [ 13.276608] ffff888103075f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.276938] ffff888103075f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.277308] >ffff888103076000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.277645] ^ [ 13.277828] ffff888103076080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.278307] ffff888103076100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.278615] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.219797] ================================================================== [ 13.220345] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.220731] Read of size 1 at addr ffff8881030720c8 by task kunit_try_catch/224 [ 13.221028] [ 13.221235] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.221286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.221297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.221319] Call Trace: [ 13.221332] <TASK> [ 13.221351] dump_stack_lvl+0x73/0xb0 [ 13.221384] print_report+0xd1/0x610 [ 13.221408] ? __virt_addr_valid+0x1db/0x2d0 [ 13.221434] ? kmem_cache_oob+0x402/0x530 [ 13.221456] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.221481] ? kmem_cache_oob+0x402/0x530 [ 13.221504] kasan_report+0x141/0x180 [ 13.221526] ? kmem_cache_oob+0x402/0x530 [ 13.221554] __asan_report_load1_noabort+0x18/0x20 [ 13.221579] kmem_cache_oob+0x402/0x530 [ 13.221600] ? trace_hardirqs_on+0x37/0xe0 [ 13.221626] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.221650] ? finish_task_switch.isra.0+0x153/0x700 [ 13.221675] ? __switch_to+0x47/0xf50 [ 13.221704] ? __pfx_read_tsc+0x10/0x10 [ 13.221726] ? ktime_get_ts64+0x86/0x230 [ 13.221752] kunit_try_run_case+0x1a5/0x480 [ 13.221792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.221815] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.221842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.221866] ? __kthread_parkme+0x82/0x180 [ 13.221888] ? preempt_count_sub+0x50/0x80 [ 13.221912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.221937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.221962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.221989] kthread+0x337/0x6f0 [ 13.222008] ? trace_preempt_on+0x20/0xc0 [ 13.222030] ? __pfx_kthread+0x10/0x10 [ 13.222100] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.222124] ? calculate_sigpending+0x7b/0xa0 [ 13.222150] ? __pfx_kthread+0x10/0x10 [ 13.222172] ret_from_fork+0x116/0x1d0 [ 13.222192] ? __pfx_kthread+0x10/0x10 [ 13.222212] ret_from_fork_asm+0x1a/0x30 [ 13.222244] </TASK> [ 13.222255] [ 13.230263] Allocated by task 224: [ 13.230394] kasan_save_stack+0x45/0x70 [ 13.230839] kasan_save_track+0x18/0x40 [ 13.230989] kasan_save_alloc_info+0x3b/0x50 [ 13.231141] __kasan_slab_alloc+0x91/0xa0 [ 13.231407] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.231644] kmem_cache_oob+0x157/0x530 [ 13.231853] kunit_try_run_case+0x1a5/0x480 [ 13.232202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.232445] kthread+0x337/0x6f0 [ 13.232575] ret_from_fork+0x116/0x1d0 [ 13.232751] ret_from_fork_asm+0x1a/0x30 [ 13.232963] [ 13.233106] The buggy address belongs to the object at ffff888103072000 [ 13.233106] which belongs to the cache test_cache of size 200 [ 13.233624] The buggy address is located 0 bytes to the right of [ 13.233624] allocated 200-byte region [ffff888103072000, ffff8881030720c8) [ 13.234009] [ 13.234089] The buggy address belongs to the physical page: [ 13.234349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103072 [ 13.234901] flags: 0x200000000000000(node=0|zone=2) [ 13.235068] page_type: f5(slab) [ 13.235195] raw: 0200000000000000 ffff888101253dc0 dead000000000122 0000000000000000 [ 13.235427] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.235945] page dumped because: kasan: bad access detected [ 13.236365] [ 13.236516] Memory state around the buggy address: [ 13.236748] ffff888103071f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.237213] ffff888103072000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.237543] >ffff888103072080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.237799] ^ [ 13.237978] ffff888103072100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.238271] ffff888103072180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.238582] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.183214] ================================================================== [ 13.184430] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.184961] Read of size 8 at addr ffff888103085140 by task kunit_try_catch/217 [ 13.185520] [ 13.185618] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.185663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.185674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.185695] Call Trace: [ 13.185707] <TASK> [ 13.185723] dump_stack_lvl+0x73/0xb0 [ 13.185768] print_report+0xd1/0x610 [ 13.185791] ? __virt_addr_valid+0x1db/0x2d0 [ 13.185814] ? workqueue_uaf+0x4d6/0x560 [ 13.185835] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.185859] ? workqueue_uaf+0x4d6/0x560 [ 13.185881] kasan_report+0x141/0x180 [ 13.185903] ? workqueue_uaf+0x4d6/0x560 [ 13.185929] __asan_report_load8_noabort+0x18/0x20 [ 13.185954] workqueue_uaf+0x4d6/0x560 [ 13.186088] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.186111] ? __schedule+0x10cc/0x2b60 [ 13.186134] ? __pfx_read_tsc+0x10/0x10 [ 13.186155] ? ktime_get_ts64+0x86/0x230 [ 13.186181] kunit_try_run_case+0x1a5/0x480 [ 13.186206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.186230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.186255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.186279] ? __kthread_parkme+0x82/0x180 [ 13.186300] ? preempt_count_sub+0x50/0x80 [ 13.186324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.186349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.186373] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.186399] kthread+0x337/0x6f0 [ 13.186420] ? trace_preempt_on+0x20/0xc0 [ 13.186444] ? __pfx_kthread+0x10/0x10 [ 13.186465] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.186487] ? calculate_sigpending+0x7b/0xa0 [ 13.186512] ? __pfx_kthread+0x10/0x10 [ 13.186544] ret_from_fork+0x116/0x1d0 [ 13.186563] ? __pfx_kthread+0x10/0x10 [ 13.186583] ret_from_fork_asm+0x1a/0x30 [ 13.186616] </TASK> [ 13.186627] [ 13.197064] Allocated by task 217: [ 13.197213] kasan_save_stack+0x45/0x70 [ 13.197360] kasan_save_track+0x18/0x40 [ 13.197507] kasan_save_alloc_info+0x3b/0x50 [ 13.197657] __kasan_kmalloc+0xb7/0xc0 [ 13.198325] __kmalloc_cache_noprof+0x189/0x420 [ 13.198685] workqueue_uaf+0x152/0x560 [ 13.198889] kunit_try_run_case+0x1a5/0x480 [ 13.199184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.199402] kthread+0x337/0x6f0 [ 13.199608] ret_from_fork+0x116/0x1d0 [ 13.199797] ret_from_fork_asm+0x1a/0x30 [ 13.199940] [ 13.200012] Freed by task 41: [ 13.200122] kasan_save_stack+0x45/0x70 [ 13.200403] kasan_save_track+0x18/0x40 [ 13.200619] kasan_save_free_info+0x3f/0x60 [ 13.200844] __kasan_slab_free+0x56/0x70 [ 13.201084] kfree+0x222/0x3f0 [ 13.201256] workqueue_uaf_work+0x12/0x20 [ 13.201447] process_one_work+0x5ee/0xf60 [ 13.201643] worker_thread+0x758/0x1220 [ 13.201833] kthread+0x337/0x6f0 [ 13.202040] ret_from_fork+0x116/0x1d0 [ 13.202183] ret_from_fork_asm+0x1a/0x30 [ 13.202323] [ 13.202414] Last potentially related work creation: [ 13.202649] kasan_save_stack+0x45/0x70 [ 13.202859] kasan_record_aux_stack+0xb2/0xc0 [ 13.203077] __queue_work+0x626/0xeb0 [ 13.203419] queue_work_on+0xb6/0xc0 [ 13.203579] workqueue_uaf+0x26d/0x560 [ 13.203717] kunit_try_run_case+0x1a5/0x480 [ 13.204104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.204367] kthread+0x337/0x6f0 [ 13.204532] ret_from_fork+0x116/0x1d0 [ 13.204666] ret_from_fork_asm+0x1a/0x30 [ 13.204846] [ 13.204942] The buggy address belongs to the object at ffff888103085140 [ 13.204942] which belongs to the cache kmalloc-32 of size 32 [ 13.205640] The buggy address is located 0 bytes inside of [ 13.205640] freed 32-byte region [ffff888103085140, ffff888103085160) [ 13.206225] [ 13.206316] The buggy address belongs to the physical page: [ 13.206559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103085 [ 13.206893] flags: 0x200000000000000(node=0|zone=2) [ 13.207189] page_type: f5(slab) [ 13.207328] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.207558] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.207849] page dumped because: kasan: bad access detected [ 13.208099] [ 13.208423] Memory state around the buggy address: [ 13.208604] ffff888103085000: 00 00 05 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.208838] ffff888103085080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.209439] >ffff888103085100: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 13.209774] ^ [ 13.209985] ffff888103085180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.210300] ffff888103085200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.210597] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.143106] ================================================================== [ 13.143581] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.143925] Read of size 4 at addr ffff888103067c40 by task swapper/0/0 [ 13.144210] [ 13.144324] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.144368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.144379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.144399] Call Trace: [ 13.144429] <IRQ> [ 13.144457] dump_stack_lvl+0x73/0xb0 [ 13.144489] print_report+0xd1/0x610 [ 13.144512] ? __virt_addr_valid+0x1db/0x2d0 [ 13.144535] ? rcu_uaf_reclaim+0x50/0x60 [ 13.144556] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.144579] ? rcu_uaf_reclaim+0x50/0x60 [ 13.144600] kasan_report+0x141/0x180 [ 13.144622] ? rcu_uaf_reclaim+0x50/0x60 [ 13.144734] __asan_report_load4_noabort+0x18/0x20 [ 13.144773] rcu_uaf_reclaim+0x50/0x60 [ 13.144794] rcu_core+0x66f/0x1c40 [ 13.144823] ? __pfx_rcu_core+0x10/0x10 [ 13.144846] ? ktime_get+0x6b/0x150 [ 13.144868] ? handle_softirqs+0x18e/0x730 [ 13.144893] rcu_core_si+0x12/0x20 [ 13.144913] handle_softirqs+0x209/0x730 [ 13.144932] ? hrtimer_interrupt+0x2fe/0x780 [ 13.144955] ? __pfx_handle_softirqs+0x10/0x10 [ 13.144992] __irq_exit_rcu+0xc9/0x110 [ 13.145012] irq_exit_rcu+0x12/0x20 [ 13.145032] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.145057] </IRQ> [ 13.145084] <TASK> [ 13.145094] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.145187] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.145401] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 72 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.145544] RSP: 0000:ffffffff99407dd8 EFLAGS: 00010212 [ 13.145633] RAX: ffff8881c0872000 RBX: ffffffff9941cac0 RCX: ffffffff98275125 [ 13.145679] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 0000000000013b5c [ 13.145722] RBP: ffffffff99407de0 R08: 0000000000000001 R09: ffffed102b60618a [ 13.145792] R10: ffff88815b030c53 R11: 0000000000015800 R12: 0000000000000000 [ 13.145843] R13: fffffbfff3283958 R14: ffffffff99fb1490 R15: 0000000000000000 [ 13.145904] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.145961] ? default_idle+0xd/0x20 [ 13.146126] arch_cpu_idle+0xd/0x20 [ 13.146149] default_idle_call+0x48/0x80 [ 13.146168] do_idle+0x379/0x4f0 [ 13.146194] ? __pfx_do_idle+0x10/0x10 [ 13.146223] cpu_startup_entry+0x5c/0x70 [ 13.146242] rest_init+0x11a/0x140 [ 13.146260] ? acpi_subsystem_init+0x5d/0x150 [ 13.146286] start_kernel+0x330/0x410 [ 13.146311] x86_64_start_reservations+0x1c/0x30 [ 13.146336] x86_64_start_kernel+0x10d/0x120 [ 13.146361] common_startup_64+0x13e/0x148 [ 13.146393] </TASK> [ 13.146404] [ 13.158776] Allocated by task 215: [ 13.158952] kasan_save_stack+0x45/0x70 [ 13.159159] kasan_save_track+0x18/0x40 [ 13.159350] kasan_save_alloc_info+0x3b/0x50 [ 13.160227] __kasan_kmalloc+0xb7/0xc0 [ 13.160724] __kmalloc_cache_noprof+0x189/0x420 [ 13.161037] rcu_uaf+0xb0/0x330 [ 13.161210] kunit_try_run_case+0x1a5/0x480 [ 13.161411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.161914] kthread+0x337/0x6f0 [ 13.162361] ret_from_fork+0x116/0x1d0 [ 13.162782] ret_from_fork_asm+0x1a/0x30 [ 13.163311] [ 13.163423] Freed by task 0: [ 13.163571] kasan_save_stack+0x45/0x70 [ 13.163765] kasan_save_track+0x18/0x40 [ 13.163904] kasan_save_free_info+0x3f/0x60 [ 13.164148] __kasan_slab_free+0x56/0x70 [ 13.164360] kfree+0x222/0x3f0 [ 13.164545] rcu_uaf_reclaim+0x1f/0x60 [ 13.164722] rcu_core+0x66f/0x1c40 [ 13.164913] rcu_core_si+0x12/0x20 [ 13.165074] handle_softirqs+0x209/0x730 [ 13.165286] __irq_exit_rcu+0xc9/0x110 [ 13.165430] irq_exit_rcu+0x12/0x20 [ 13.165607] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.165868] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.166209] [ 13.166309] Last potentially related work creation: [ 13.166610] kasan_save_stack+0x45/0x70 [ 13.166807] kasan_record_aux_stack+0xb2/0xc0 [ 13.167221] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 13.167454] call_rcu+0x12/0x20 [ 13.167602] rcu_uaf+0x168/0x330 [ 13.167726] kunit_try_run_case+0x1a5/0x480 [ 13.167942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.168201] kthread+0x337/0x6f0 [ 13.168416] ret_from_fork+0x116/0x1d0 [ 13.168629] ret_from_fork_asm+0x1a/0x30 [ 13.168854] [ 13.168965] The buggy address belongs to the object at ffff888103067c40 [ 13.168965] which belongs to the cache kmalloc-32 of size 32 [ 13.169506] The buggy address is located 0 bytes inside of [ 13.169506] freed 32-byte region [ffff888103067c40, ffff888103067c60) [ 13.170013] [ 13.170146] The buggy address belongs to the physical page: [ 13.170369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103067 [ 13.170709] flags: 0x200000000000000(node=0|zone=2) [ 13.170882] page_type: f5(slab) [ 13.171012] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.171693] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.172159] page dumped because: kasan: bad access detected [ 13.172446] [ 13.172569] Memory state around the buggy address: [ 13.172766] ffff888103067b00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.173570] ffff888103067b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.173813] >ffff888103067c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.174234] ^ [ 13.174631] ffff888103067c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.175288] ffff888103067d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.175908] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.109907] ================================================================== [ 13.110314] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.110526] Read of size 1 at addr ffff88810305bf78 by task kunit_try_catch/213 [ 13.110876] [ 13.110985] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.111028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.111039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.111058] Call Trace: [ 13.111071] <TASK> [ 13.111084] dump_stack_lvl+0x73/0xb0 [ 13.111111] print_report+0xd1/0x610 [ 13.111134] ? __virt_addr_valid+0x1db/0x2d0 [ 13.111156] ? ksize_uaf+0x5e4/0x6c0 [ 13.111180] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.111204] ? ksize_uaf+0x5e4/0x6c0 [ 13.111224] kasan_report+0x141/0x180 [ 13.111246] ? ksize_uaf+0x5e4/0x6c0 [ 13.111271] __asan_report_load1_noabort+0x18/0x20 [ 13.111296] ksize_uaf+0x5e4/0x6c0 [ 13.111316] ? __pfx_ksize_uaf+0x10/0x10 [ 13.111338] ? __schedule+0x10cc/0x2b60 [ 13.111360] ? __pfx_read_tsc+0x10/0x10 [ 13.111381] ? ktime_get_ts64+0x86/0x230 [ 13.111405] kunit_try_run_case+0x1a5/0x480 [ 13.111428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.111452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.111476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.111500] ? __kthread_parkme+0x82/0x180 [ 13.111521] ? preempt_count_sub+0x50/0x80 [ 13.111545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.111571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.111596] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.111637] kthread+0x337/0x6f0 [ 13.111697] ? trace_preempt_on+0x20/0xc0 [ 13.111722] ? __pfx_kthread+0x10/0x10 [ 13.111742] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.111777] ? calculate_sigpending+0x7b/0xa0 [ 13.111802] ? __pfx_kthread+0x10/0x10 [ 13.111823] ret_from_fork+0x116/0x1d0 [ 13.111842] ? __pfx_kthread+0x10/0x10 [ 13.111862] ret_from_fork_asm+0x1a/0x30 [ 13.111892] </TASK> [ 13.111902] [ 13.120719] Allocated by task 213: [ 13.121043] kasan_save_stack+0x45/0x70 [ 13.121258] kasan_save_track+0x18/0x40 [ 13.121440] kasan_save_alloc_info+0x3b/0x50 [ 13.122490] __kasan_kmalloc+0xb7/0xc0 [ 13.122692] __kmalloc_cache_noprof+0x189/0x420 [ 13.122933] ksize_uaf+0xaa/0x6c0 [ 13.123297] kunit_try_run_case+0x1a5/0x480 [ 13.123515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.123742] kthread+0x337/0x6f0 [ 13.123921] ret_from_fork+0x116/0x1d0 [ 13.124152] ret_from_fork_asm+0x1a/0x30 [ 13.124330] [ 13.124402] Freed by task 213: [ 13.124668] kasan_save_stack+0x45/0x70 [ 13.124919] kasan_save_track+0x18/0x40 [ 13.125142] kasan_save_free_info+0x3f/0x60 [ 13.125336] __kasan_slab_free+0x56/0x70 [ 13.125543] kfree+0x222/0x3f0 [ 13.125662] ksize_uaf+0x12c/0x6c0 [ 13.125813] kunit_try_run_case+0x1a5/0x480 [ 13.126171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.126455] kthread+0x337/0x6f0 [ 13.126584] ret_from_fork+0x116/0x1d0 [ 13.126718] ret_from_fork_asm+0x1a/0x30 [ 13.126873] [ 13.126965] The buggy address belongs to the object at ffff88810305bf00 [ 13.126965] which belongs to the cache kmalloc-128 of size 128 [ 13.127558] The buggy address is located 120 bytes inside of [ 13.127558] freed 128-byte region [ffff88810305bf00, ffff88810305bf80) [ 13.127962] [ 13.128035] The buggy address belongs to the physical page: [ 13.128595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305b [ 13.128977] flags: 0x200000000000000(node=0|zone=2) [ 13.129214] page_type: f5(slab) [ 13.129363] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.129644] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.129925] page dumped because: kasan: bad access detected [ 13.130172] [ 13.130265] Memory state around the buggy address: [ 13.130458] ffff88810305be00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.130673] ffff88810305be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.130931] >ffff88810305bf00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.131257] ^ [ 13.131582] ffff88810305bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.131921] ffff88810305c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.132226] ================================================================== [ 13.089354] ================================================================== [ 13.089646] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.089968] Read of size 1 at addr ffff88810305bf00 by task kunit_try_catch/213 [ 13.090342] [ 13.090453] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.090498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.090509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.090531] Call Trace: [ 13.090544] <TASK> [ 13.090560] dump_stack_lvl+0x73/0xb0 [ 13.090591] print_report+0xd1/0x610 [ 13.090614] ? __virt_addr_valid+0x1db/0x2d0 [ 13.090639] ? ksize_uaf+0x5fe/0x6c0 [ 13.090659] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.090683] ? ksize_uaf+0x5fe/0x6c0 [ 13.090703] kasan_report+0x141/0x180 [ 13.090725] ? ksize_uaf+0x5fe/0x6c0 [ 13.090750] __asan_report_load1_noabort+0x18/0x20 [ 13.090788] ksize_uaf+0x5fe/0x6c0 [ 13.090809] ? __pfx_ksize_uaf+0x10/0x10 [ 13.090831] ? __schedule+0x10cc/0x2b60 [ 13.090854] ? __pfx_read_tsc+0x10/0x10 [ 13.090876] ? ktime_get_ts64+0x86/0x230 [ 13.090902] kunit_try_run_case+0x1a5/0x480 [ 13.090927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.090951] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.090976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.091000] ? __kthread_parkme+0x82/0x180 [ 13.091022] ? preempt_count_sub+0x50/0x80 [ 13.091047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.091072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.091097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.091123] kthread+0x337/0x6f0 [ 13.091142] ? trace_preempt_on+0x20/0xc0 [ 13.091225] ? __pfx_kthread+0x10/0x10 [ 13.091248] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.091271] ? calculate_sigpending+0x7b/0xa0 [ 13.091297] ? __pfx_kthread+0x10/0x10 [ 13.091319] ret_from_fork+0x116/0x1d0 [ 13.091339] ? __pfx_kthread+0x10/0x10 [ 13.091360] ret_from_fork_asm+0x1a/0x30 [ 13.091391] </TASK> [ 13.091401] [ 13.098750] Allocated by task 213: [ 13.098949] kasan_save_stack+0x45/0x70 [ 13.099153] kasan_save_track+0x18/0x40 [ 13.099360] kasan_save_alloc_info+0x3b/0x50 [ 13.099672] __kasan_kmalloc+0xb7/0xc0 [ 13.099846] __kmalloc_cache_noprof+0x189/0x420 [ 13.100006] ksize_uaf+0xaa/0x6c0 [ 13.100131] kunit_try_run_case+0x1a5/0x480 [ 13.100325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.100581] kthread+0x337/0x6f0 [ 13.100921] ret_from_fork+0x116/0x1d0 [ 13.101220] ret_from_fork_asm+0x1a/0x30 [ 13.101371] [ 13.101457] Freed by task 213: [ 13.101617] kasan_save_stack+0x45/0x70 [ 13.101830] kasan_save_track+0x18/0x40 [ 13.102126] kasan_save_free_info+0x3f/0x60 [ 13.102345] __kasan_slab_free+0x56/0x70 [ 13.102614] kfree+0x222/0x3f0 [ 13.102791] ksize_uaf+0x12c/0x6c0 [ 13.102935] kunit_try_run_case+0x1a5/0x480 [ 13.103228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.103476] kthread+0x337/0x6f0 [ 13.103619] ret_from_fork+0x116/0x1d0 [ 13.103820] ret_from_fork_asm+0x1a/0x30 [ 13.103963] [ 13.104053] The buggy address belongs to the object at ffff88810305bf00 [ 13.104053] which belongs to the cache kmalloc-128 of size 128 [ 13.104465] The buggy address is located 0 bytes inside of [ 13.104465] freed 128-byte region [ffff88810305bf00, ffff88810305bf80) [ 13.104929] [ 13.105045] The buggy address belongs to the physical page: [ 13.105298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305b [ 13.105697] flags: 0x200000000000000(node=0|zone=2) [ 13.105872] page_type: f5(slab) [ 13.105993] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.106268] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.106604] page dumped because: kasan: bad access detected [ 13.107120] [ 13.107231] Memory state around the buggy address: [ 13.107552] ffff88810305be00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.107893] ffff88810305be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.108293] >ffff88810305bf00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.108625] ^ [ 13.108801] ffff88810305bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.109018] ffff88810305c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.109293] ================================================================== [ 13.057613] ================================================================== [ 13.058102] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.058543] Read of size 1 at addr ffff88810305bf00 by task kunit_try_catch/213 [ 13.058840] [ 13.058952] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.059079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.059092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.059113] Call Trace: [ 13.059125] <TASK> [ 13.059141] dump_stack_lvl+0x73/0xb0 [ 13.059179] print_report+0xd1/0x610 [ 13.059203] ? __virt_addr_valid+0x1db/0x2d0 [ 13.059226] ? ksize_uaf+0x19d/0x6c0 [ 13.059246] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.059270] ? ksize_uaf+0x19d/0x6c0 [ 13.059290] kasan_report+0x141/0x180 [ 13.059313] ? ksize_uaf+0x19d/0x6c0 [ 13.059337] ? ksize_uaf+0x19d/0x6c0 [ 13.059358] __kasan_check_byte+0x3d/0x50 [ 13.059380] ksize+0x20/0x60 [ 13.059401] ksize_uaf+0x19d/0x6c0 [ 13.059422] ? __pfx_ksize_uaf+0x10/0x10 [ 13.059453] ? __schedule+0x10cc/0x2b60 [ 13.059476] ? __pfx_read_tsc+0x10/0x10 [ 13.059498] ? ktime_get_ts64+0x86/0x230 [ 13.059522] kunit_try_run_case+0x1a5/0x480 [ 13.059546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.059570] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.059595] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.059619] ? __kthread_parkme+0x82/0x180 [ 13.059640] ? preempt_count_sub+0x50/0x80 [ 13.059665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.059690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.059715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.059741] kthread+0x337/0x6f0 [ 13.059772] ? trace_preempt_on+0x20/0xc0 [ 13.059795] ? __pfx_kthread+0x10/0x10 [ 13.059816] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.059838] ? calculate_sigpending+0x7b/0xa0 [ 13.059862] ? __pfx_kthread+0x10/0x10 [ 13.059884] ret_from_fork+0x116/0x1d0 [ 13.059902] ? __pfx_kthread+0x10/0x10 [ 13.059923] ret_from_fork_asm+0x1a/0x30 [ 13.059954] </TASK> [ 13.059965] [ 13.071474] Allocated by task 213: [ 13.071618] kasan_save_stack+0x45/0x70 [ 13.071789] kasan_save_track+0x18/0x40 [ 13.071936] kasan_save_alloc_info+0x3b/0x50 [ 13.072088] __kasan_kmalloc+0xb7/0xc0 [ 13.072223] __kmalloc_cache_noprof+0x189/0x420 [ 13.072383] ksize_uaf+0xaa/0x6c0 [ 13.072507] kunit_try_run_case+0x1a5/0x480 [ 13.073346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.073634] kthread+0x337/0x6f0 [ 13.075069] ret_from_fork+0x116/0x1d0 [ 13.075904] ret_from_fork_asm+0x1a/0x30 [ 13.076844] [ 13.077086] Freed by task 213: [ 13.077885] kasan_save_stack+0x45/0x70 [ 13.078587] kasan_save_track+0x18/0x40 [ 13.079352] kasan_save_free_info+0x3f/0x60 [ 13.080240] __kasan_slab_free+0x56/0x70 [ 13.081046] kfree+0x222/0x3f0 [ 13.081216] ksize_uaf+0x12c/0x6c0 [ 13.081379] kunit_try_run_case+0x1a5/0x480 [ 13.081576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.081902] kthread+0x337/0x6f0 [ 13.082155] ret_from_fork+0x116/0x1d0 [ 13.082323] ret_from_fork_asm+0x1a/0x30 [ 13.082526] [ 13.082681] The buggy address belongs to the object at ffff88810305bf00 [ 13.082681] which belongs to the cache kmalloc-128 of size 128 [ 13.083151] The buggy address is located 0 bytes inside of [ 13.083151] freed 128-byte region [ffff88810305bf00, ffff88810305bf80) [ 13.083901] [ 13.083985] The buggy address belongs to the physical page: [ 13.084410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305b [ 13.084715] flags: 0x200000000000000(node=0|zone=2) [ 13.085124] page_type: f5(slab) [ 13.085314] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.085682] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.086100] page dumped because: kasan: bad access detected [ 13.086320] [ 13.086399] Memory state around the buggy address: [ 13.086655] ffff88810305be00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.086994] ffff88810305be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.087238] >ffff88810305bf00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.087530] ^ [ 13.087693] ffff88810305bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.087980] ffff88810305c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.088255] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 13.034103] ================================================================== [ 13.034438] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.034784] Read of size 1 at addr ffff88810305be7f by task kunit_try_catch/211 [ 13.035251] [ 13.035368] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.035410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.035421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.035440] Call Trace: [ 13.035455] <TASK> [ 13.035468] dump_stack_lvl+0x73/0xb0 [ 13.035497] print_report+0xd1/0x610 [ 13.035520] ? __virt_addr_valid+0x1db/0x2d0 [ 13.035543] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.035567] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.035592] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.035616] kasan_report+0x141/0x180 [ 13.035638] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.035667] __asan_report_load1_noabort+0x18/0x20 [ 13.035692] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.035717] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.035741] ? finish_task_switch.isra.0+0x153/0x700 [ 13.035781] ? __switch_to+0x47/0xf50 [ 13.035806] ? __schedule+0x10cc/0x2b60 [ 13.035828] ? __pfx_read_tsc+0x10/0x10 [ 13.035849] ? ktime_get_ts64+0x86/0x230 [ 13.035872] kunit_try_run_case+0x1a5/0x480 [ 13.035897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.035920] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.035944] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.035968] ? __kthread_parkme+0x82/0x180 [ 13.036048] ? preempt_count_sub+0x50/0x80 [ 13.036072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.036097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.036122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.036148] kthread+0x337/0x6f0 [ 13.036168] ? trace_preempt_on+0x20/0xc0 [ 13.036191] ? __pfx_kthread+0x10/0x10 [ 13.036211] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.036233] ? calculate_sigpending+0x7b/0xa0 [ 13.036257] ? __pfx_kthread+0x10/0x10 [ 13.036279] ret_from_fork+0x116/0x1d0 [ 13.036298] ? __pfx_kthread+0x10/0x10 [ 13.036318] ret_from_fork_asm+0x1a/0x30 [ 13.036349] </TASK> [ 13.036359] [ 13.044742] Allocated by task 211: [ 13.044886] kasan_save_stack+0x45/0x70 [ 13.045233] kasan_save_track+0x18/0x40 [ 13.045377] kasan_save_alloc_info+0x3b/0x50 [ 13.045563] __kasan_kmalloc+0xb7/0xc0 [ 13.045770] __kmalloc_cache_noprof+0x189/0x420 [ 13.045998] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.046186] kunit_try_run_case+0x1a5/0x480 [ 13.046334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.046511] kthread+0x337/0x6f0 [ 13.046631] ret_from_fork+0x116/0x1d0 [ 13.046772] ret_from_fork_asm+0x1a/0x30 [ 13.046913] [ 13.047139] The buggy address belongs to the object at ffff88810305be00 [ 13.047139] which belongs to the cache kmalloc-128 of size 128 [ 13.047807] The buggy address is located 12 bytes to the right of [ 13.047807] allocated 115-byte region [ffff88810305be00, ffff88810305be73) [ 13.048786] [ 13.048870] The buggy address belongs to the physical page: [ 13.049049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305b [ 13.049290] flags: 0x200000000000000(node=0|zone=2) [ 13.049452] page_type: f5(slab) [ 13.049671] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.050113] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.050479] page dumped because: kasan: bad access detected [ 13.050735] [ 13.050844] Memory state around the buggy address: [ 13.051413] ffff88810305bd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.051770] ffff88810305bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.052046] >ffff88810305be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.052331] ^ [ 13.052835] ffff88810305be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.053323] ffff88810305bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.053742] ================================================================== [ 12.995592] ================================================================== [ 12.996119] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.996685] Read of size 1 at addr ffff88810305be73 by task kunit_try_catch/211 [ 12.997061] [ 12.997195] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.997242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.997254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.997275] Call Trace: [ 12.997289] <TASK> [ 12.997306] dump_stack_lvl+0x73/0xb0 [ 12.997339] print_report+0xd1/0x610 [ 12.997366] ? __virt_addr_valid+0x1db/0x2d0 [ 12.997392] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.997417] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.997440] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.997464] kasan_report+0x141/0x180 [ 12.997487] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.997516] __asan_report_load1_noabort+0x18/0x20 [ 12.997541] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.997566] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.997590] ? finish_task_switch.isra.0+0x153/0x700 [ 12.997630] ? __switch_to+0x47/0xf50 [ 12.997657] ? __schedule+0x10cc/0x2b60 [ 12.997680] ? __pfx_read_tsc+0x10/0x10 [ 12.997702] ? ktime_get_ts64+0x86/0x230 [ 12.997727] kunit_try_run_case+0x1a5/0x480 [ 12.997765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.997789] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.997814] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.997838] ? __kthread_parkme+0x82/0x180 [ 12.997860] ? preempt_count_sub+0x50/0x80 [ 12.997883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.997908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.997933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.997959] kthread+0x337/0x6f0 [ 12.997997] ? trace_preempt_on+0x20/0xc0 [ 12.998022] ? __pfx_kthread+0x10/0x10 [ 12.998043] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.998065] ? calculate_sigpending+0x7b/0xa0 [ 12.998091] ? __pfx_kthread+0x10/0x10 [ 12.998112] ret_from_fork+0x116/0x1d0 [ 12.998132] ? __pfx_kthread+0x10/0x10 [ 12.998152] ret_from_fork_asm+0x1a/0x30 [ 12.998183] </TASK> [ 12.998193] [ 13.006069] Allocated by task 211: [ 13.006375] kasan_save_stack+0x45/0x70 [ 13.006550] kasan_save_track+0x18/0x40 [ 13.006810] kasan_save_alloc_info+0x3b/0x50 [ 13.007091] __kasan_kmalloc+0xb7/0xc0 [ 13.007269] __kmalloc_cache_noprof+0x189/0x420 [ 13.007492] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.007660] kunit_try_run_case+0x1a5/0x480 [ 13.007876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.008241] kthread+0x337/0x6f0 [ 13.008372] ret_from_fork+0x116/0x1d0 [ 13.008506] ret_from_fork_asm+0x1a/0x30 [ 13.008646] [ 13.008741] The buggy address belongs to the object at ffff88810305be00 [ 13.008741] which belongs to the cache kmalloc-128 of size 128 [ 13.009408] The buggy address is located 0 bytes to the right of [ 13.009408] allocated 115-byte region [ffff88810305be00, ffff88810305be73) [ 13.009843] [ 13.009918] The buggy address belongs to the physical page: [ 13.010126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305b [ 13.010528] flags: 0x200000000000000(node=0|zone=2) [ 13.010776] page_type: f5(slab) [ 13.010946] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.011292] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.011661] page dumped because: kasan: bad access detected [ 13.011881] [ 13.011951] Memory state around the buggy address: [ 13.012105] ffff88810305bd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.012325] ffff88810305bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.012642] >ffff88810305be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.012963] ^ [ 13.013203] ffff88810305be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.013419] ffff88810305bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.013896] ================================================================== [ 13.014845] ================================================================== [ 13.015193] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.015469] Read of size 1 at addr ffff88810305be78 by task kunit_try_catch/211 [ 13.016049] [ 13.016166] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.016207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.016218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.016237] Call Trace: [ 13.016248] <TASK> [ 13.016261] dump_stack_lvl+0x73/0xb0 [ 13.016288] print_report+0xd1/0x610 [ 13.016311] ? __virt_addr_valid+0x1db/0x2d0 [ 13.016333] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.016357] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.016380] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.016405] kasan_report+0x141/0x180 [ 13.016427] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.016465] __asan_report_load1_noabort+0x18/0x20 [ 13.016491] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.016515] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.016539] ? finish_task_switch.isra.0+0x153/0x700 [ 13.016562] ? __switch_to+0x47/0xf50 [ 13.016587] ? __schedule+0x10cc/0x2b60 [ 13.016609] ? __pfx_read_tsc+0x10/0x10 [ 13.016630] ? ktime_get_ts64+0x86/0x230 [ 13.016653] kunit_try_run_case+0x1a5/0x480 [ 13.016678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.016701] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.016725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.016750] ? __kthread_parkme+0x82/0x180 [ 13.016785] ? preempt_count_sub+0x50/0x80 [ 13.016808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.016833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.016858] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.016884] kthread+0x337/0x6f0 [ 13.016903] ? trace_preempt_on+0x20/0xc0 [ 13.016926] ? __pfx_kthread+0x10/0x10 [ 13.016947] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.016969] ? calculate_sigpending+0x7b/0xa0 [ 13.017141] ? __pfx_kthread+0x10/0x10 [ 13.017164] ret_from_fork+0x116/0x1d0 [ 13.017183] ? __pfx_kthread+0x10/0x10 [ 13.017204] ret_from_fork_asm+0x1a/0x30 [ 13.017235] </TASK> [ 13.017245] [ 13.024981] Allocated by task 211: [ 13.025353] kasan_save_stack+0x45/0x70 [ 13.025559] kasan_save_track+0x18/0x40 [ 13.025750] kasan_save_alloc_info+0x3b/0x50 [ 13.025973] __kasan_kmalloc+0xb7/0xc0 [ 13.026430] __kmalloc_cache_noprof+0x189/0x420 [ 13.026625] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.026829] kunit_try_run_case+0x1a5/0x480 [ 13.027159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.027414] kthread+0x337/0x6f0 [ 13.027566] ret_from_fork+0x116/0x1d0 [ 13.027743] ret_from_fork_asm+0x1a/0x30 [ 13.027946] [ 13.028120] The buggy address belongs to the object at ffff88810305be00 [ 13.028120] which belongs to the cache kmalloc-128 of size 128 [ 13.028658] The buggy address is located 5 bytes to the right of [ 13.028658] allocated 115-byte region [ffff88810305be00, ffff88810305be73) [ 13.029250] [ 13.029350] The buggy address belongs to the physical page: [ 13.029599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305b [ 13.029912] flags: 0x200000000000000(node=0|zone=2) [ 13.030357] page_type: f5(slab) [ 13.030567] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.030889] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.031221] page dumped because: kasan: bad access detected [ 13.031485] [ 13.031581] Memory state around the buggy address: [ 13.031780] ffff88810305bd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.032148] ffff88810305bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.032368] >ffff88810305be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.032581] ^ [ 13.032827] ffff88810305be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.033142] ffff88810305bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.033741] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.952995] ================================================================== [ 12.953688] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.954548] Free of addr ffff8881009b2fe0 by task kunit_try_catch/209 [ 12.955359] [ 12.955733] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.955794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.955806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.955826] Call Trace: [ 12.955837] <TASK> [ 12.955853] dump_stack_lvl+0x73/0xb0 [ 12.955886] print_report+0xd1/0x610 [ 12.955910] ? __virt_addr_valid+0x1db/0x2d0 [ 12.955934] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.955957] ? kfree_sensitive+0x2e/0x90 [ 12.955979] kasan_report_invalid_free+0x10a/0x130 [ 12.956022] ? kfree_sensitive+0x2e/0x90 [ 12.956044] ? kfree_sensitive+0x2e/0x90 [ 12.956064] check_slab_allocation+0x101/0x130 [ 12.956087] __kasan_slab_pre_free+0x28/0x40 [ 12.956109] kfree+0xf0/0x3f0 [ 12.956130] ? kfree_sensitive+0x2e/0x90 [ 12.956153] kfree_sensitive+0x2e/0x90 [ 12.956173] kmalloc_double_kzfree+0x19c/0x350 [ 12.956197] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.956222] ? __schedule+0x10cc/0x2b60 [ 12.956246] ? __pfx_read_tsc+0x10/0x10 [ 12.956267] ? ktime_get_ts64+0x86/0x230 [ 12.956292] kunit_try_run_case+0x1a5/0x480 [ 12.956317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.956341] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.956366] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.956390] ? __kthread_parkme+0x82/0x180 [ 12.956410] ? preempt_count_sub+0x50/0x80 [ 12.956435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.956461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.956486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.956512] kthread+0x337/0x6f0 [ 12.956531] ? trace_preempt_on+0x20/0xc0 [ 12.956555] ? __pfx_kthread+0x10/0x10 [ 12.956576] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.956598] ? calculate_sigpending+0x7b/0xa0 [ 12.956623] ? __pfx_kthread+0x10/0x10 [ 12.956644] ret_from_fork+0x116/0x1d0 [ 12.956663] ? __pfx_kthread+0x10/0x10 [ 12.956683] ret_from_fork_asm+0x1a/0x30 [ 12.956714] </TASK> [ 12.956724] [ 12.971600] Allocated by task 209: [ 12.971774] kasan_save_stack+0x45/0x70 [ 12.971926] kasan_save_track+0x18/0x40 [ 12.972269] kasan_save_alloc_info+0x3b/0x50 [ 12.972660] __kasan_kmalloc+0xb7/0xc0 [ 12.973006] __kmalloc_cache_noprof+0x189/0x420 [ 12.973544] kmalloc_double_kzfree+0xa9/0x350 [ 12.973937] kunit_try_run_case+0x1a5/0x480 [ 12.974168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.974710] kthread+0x337/0x6f0 [ 12.975041] ret_from_fork+0x116/0x1d0 [ 12.975514] ret_from_fork_asm+0x1a/0x30 [ 12.975878] [ 12.975952] Freed by task 209: [ 12.976267] kasan_save_stack+0x45/0x70 [ 12.976646] kasan_save_track+0x18/0x40 [ 12.976796] kasan_save_free_info+0x3f/0x60 [ 12.976947] __kasan_slab_free+0x56/0x70 [ 12.977358] kfree+0x222/0x3f0 [ 12.977663] kfree_sensitive+0x67/0x90 [ 12.978148] kmalloc_double_kzfree+0x12b/0x350 [ 12.978570] kunit_try_run_case+0x1a5/0x480 [ 12.978958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.979349] kthread+0x337/0x6f0 [ 12.979496] ret_from_fork+0x116/0x1d0 [ 12.979854] ret_from_fork_asm+0x1a/0x30 [ 12.980262] [ 12.980421] The buggy address belongs to the object at ffff8881009b2fe0 [ 12.980421] which belongs to the cache kmalloc-16 of size 16 [ 12.981235] The buggy address is located 0 bytes inside of [ 12.981235] 16-byte region [ffff8881009b2fe0, ffff8881009b2ff0) [ 12.981798] [ 12.981955] The buggy address belongs to the physical page: [ 12.982585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009b2 [ 12.983454] flags: 0x200000000000000(node=0|zone=2) [ 12.984003] page_type: f5(slab) [ 12.984353] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.984680] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.984922] page dumped because: kasan: bad access detected [ 12.985393] [ 12.985587] Memory state around the buggy address: [ 12.986145] ffff8881009b2e80: 00 00 fc fc 00 06 fc fc 00 06 fc fc 00 00 fc fc [ 12.986933] ffff8881009b2f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.987697] >ffff8881009b2f80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.988267] ^ [ 12.988746] ffff8881009b3000: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 12.989032] ffff8881009b3080: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 12.989782] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.920583] ================================================================== [ 12.921822] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.922533] Read of size 1 at addr ffff8881009b2fe0 by task kunit_try_catch/209 [ 12.923125] [ 12.923315] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.923440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.923452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.923474] Call Trace: [ 12.923487] <TASK> [ 12.923503] dump_stack_lvl+0x73/0xb0 [ 12.923537] print_report+0xd1/0x610 [ 12.923561] ? __virt_addr_valid+0x1db/0x2d0 [ 12.923584] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.923608] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.923632] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.923656] kasan_report+0x141/0x180 [ 12.923678] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.923705] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.923729] __kasan_check_byte+0x3d/0x50 [ 12.923752] kfree_sensitive+0x22/0x90 [ 12.923789] kmalloc_double_kzfree+0x19c/0x350 [ 12.923813] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.923839] ? __schedule+0x10cc/0x2b60 [ 12.923862] ? __pfx_read_tsc+0x10/0x10 [ 12.923884] ? ktime_get_ts64+0x86/0x230 [ 12.923909] kunit_try_run_case+0x1a5/0x480 [ 12.923935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.923959] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.924051] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.924077] ? __kthread_parkme+0x82/0x180 [ 12.924099] ? preempt_count_sub+0x50/0x80 [ 12.924124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.924149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.924175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.924201] kthread+0x337/0x6f0 [ 12.924220] ? trace_preempt_on+0x20/0xc0 [ 12.924245] ? __pfx_kthread+0x10/0x10 [ 12.924266] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.924288] ? calculate_sigpending+0x7b/0xa0 [ 12.924313] ? __pfx_kthread+0x10/0x10 [ 12.924334] ret_from_fork+0x116/0x1d0 [ 12.924354] ? __pfx_kthread+0x10/0x10 [ 12.924375] ret_from_fork_asm+0x1a/0x30 [ 12.924405] </TASK> [ 12.924416] [ 12.936885] Allocated by task 209: [ 12.937215] kasan_save_stack+0x45/0x70 [ 12.937638] kasan_save_track+0x18/0x40 [ 12.937800] kasan_save_alloc_info+0x3b/0x50 [ 12.937953] __kasan_kmalloc+0xb7/0xc0 [ 12.938087] __kmalloc_cache_noprof+0x189/0x420 [ 12.938260] kmalloc_double_kzfree+0xa9/0x350 [ 12.938424] kunit_try_run_case+0x1a5/0x480 [ 12.938583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.938772] kthread+0x337/0x6f0 [ 12.938896] ret_from_fork+0x116/0x1d0 [ 12.939059] ret_from_fork_asm+0x1a/0x30 [ 12.939384] [ 12.939540] Freed by task 209: [ 12.939824] kasan_save_stack+0x45/0x70 [ 12.939982] kasan_save_track+0x18/0x40 [ 12.940134] kasan_save_free_info+0x3f/0x60 [ 12.940571] __kasan_slab_free+0x56/0x70 [ 12.940939] kfree+0x222/0x3f0 [ 12.941256] kfree_sensitive+0x67/0x90 [ 12.941672] kmalloc_double_kzfree+0x12b/0x350 [ 12.942044] kunit_try_run_case+0x1a5/0x480 [ 12.942195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.942373] kthread+0x337/0x6f0 [ 12.942523] ret_from_fork+0x116/0x1d0 [ 12.942658] ret_from_fork_asm+0x1a/0x30 [ 12.942807] [ 12.942877] The buggy address belongs to the object at ffff8881009b2fe0 [ 12.942877] which belongs to the cache kmalloc-16 of size 16 [ 12.943382] The buggy address is located 0 bytes inside of [ 12.943382] freed 16-byte region [ffff8881009b2fe0, ffff8881009b2ff0) [ 12.944482] [ 12.944742] The buggy address belongs to the physical page: [ 12.945209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009b2 [ 12.945480] flags: 0x200000000000000(node=0|zone=2) [ 12.945913] page_type: f5(slab) [ 12.946266] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.946949] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.947564] page dumped because: kasan: bad access detected [ 12.947742] [ 12.947823] Memory state around the buggy address: [ 12.947992] ffff8881009b2e80: 00 00 fc fc 00 06 fc fc 00 06 fc fc 00 00 fc fc [ 12.949080] ffff8881009b2f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.949830] >ffff8881009b2f80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.950584] ^ [ 12.951359] ffff8881009b3000: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 12.951718] ffff8881009b3080: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 12.951947] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.883377] ================================================================== [ 12.884161] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.884732] Read of size 1 at addr ffff88810306b128 by task kunit_try_catch/205 [ 12.885223] [ 12.885639] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.885821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.885834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.885855] Call Trace: [ 12.885868] <TASK> [ 12.885884] dump_stack_lvl+0x73/0xb0 [ 12.885918] print_report+0xd1/0x610 [ 12.885942] ? __virt_addr_valid+0x1db/0x2d0 [ 12.885987] ? kmalloc_uaf2+0x4a8/0x520 [ 12.886007] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.886032] ? kmalloc_uaf2+0x4a8/0x520 [ 12.886052] kasan_report+0x141/0x180 [ 12.886074] ? kmalloc_uaf2+0x4a8/0x520 [ 12.886098] __asan_report_load1_noabort+0x18/0x20 [ 12.886123] kmalloc_uaf2+0x4a8/0x520 [ 12.886144] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.886163] ? finish_task_switch.isra.0+0x153/0x700 [ 12.886188] ? __switch_to+0x47/0xf50 [ 12.886214] ? __schedule+0x10cc/0x2b60 [ 12.886237] ? __pfx_read_tsc+0x10/0x10 [ 12.886259] ? ktime_get_ts64+0x86/0x230 [ 12.886284] kunit_try_run_case+0x1a5/0x480 [ 12.886309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.886332] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.886357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.886381] ? __kthread_parkme+0x82/0x180 [ 12.886402] ? preempt_count_sub+0x50/0x80 [ 12.886440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.886465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.886490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.886515] kthread+0x337/0x6f0 [ 12.886535] ? trace_preempt_on+0x20/0xc0 [ 12.886561] ? __pfx_kthread+0x10/0x10 [ 12.886582] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.886603] ? calculate_sigpending+0x7b/0xa0 [ 12.886628] ? __pfx_kthread+0x10/0x10 [ 12.886649] ret_from_fork+0x116/0x1d0 [ 12.886668] ? __pfx_kthread+0x10/0x10 [ 12.886689] ret_from_fork_asm+0x1a/0x30 [ 12.886720] </TASK> [ 12.886731] [ 12.898348] Allocated by task 205: [ 12.898752] kasan_save_stack+0x45/0x70 [ 12.899240] kasan_save_track+0x18/0x40 [ 12.899574] kasan_save_alloc_info+0x3b/0x50 [ 12.899906] __kasan_kmalloc+0xb7/0xc0 [ 12.900299] __kmalloc_cache_noprof+0x189/0x420 [ 12.900579] kmalloc_uaf2+0xc6/0x520 [ 12.900777] kunit_try_run_case+0x1a5/0x480 [ 12.900978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.901223] kthread+0x337/0x6f0 [ 12.901379] ret_from_fork+0x116/0x1d0 [ 12.901531] ret_from_fork_asm+0x1a/0x30 [ 12.901716] [ 12.902363] Freed by task 205: [ 12.902663] kasan_save_stack+0x45/0x70 [ 12.903182] kasan_save_track+0x18/0x40 [ 12.903532] kasan_save_free_info+0x3f/0x60 [ 12.903858] __kasan_slab_free+0x56/0x70 [ 12.904264] kfree+0x222/0x3f0 [ 12.904575] kmalloc_uaf2+0x14c/0x520 [ 12.904889] kunit_try_run_case+0x1a5/0x480 [ 12.905284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.905527] kthread+0x337/0x6f0 [ 12.905709] ret_from_fork+0x116/0x1d0 [ 12.905895] ret_from_fork_asm+0x1a/0x30 [ 12.906067] [ 12.906167] The buggy address belongs to the object at ffff88810306b100 [ 12.906167] which belongs to the cache kmalloc-64 of size 64 [ 12.906650] The buggy address is located 40 bytes inside of [ 12.906650] freed 64-byte region [ffff88810306b100, ffff88810306b140) [ 12.907872] [ 12.908184] The buggy address belongs to the physical page: [ 12.908559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306b [ 12.909094] flags: 0x200000000000000(node=0|zone=2) [ 12.909407] page_type: f5(slab) [ 12.909703] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.910248] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.910718] page dumped because: kasan: bad access detected [ 12.911318] [ 12.911423] Memory state around the buggy address: [ 12.911838] ffff88810306b000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.912348] ffff88810306b080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.912809] >ffff88810306b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.913325] ^ [ 12.913687] ffff88810306b180: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.914170] ffff88810306b200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.914602] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.849601] ================================================================== [ 12.850042] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.850356] Write of size 33 at addr ffff888103084480 by task kunit_try_catch/203 [ 12.850679] [ 12.850779] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.850823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.850835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.850855] Call Trace: [ 12.850867] <TASK> [ 12.850883] dump_stack_lvl+0x73/0xb0 [ 12.850913] print_report+0xd1/0x610 [ 12.850935] ? __virt_addr_valid+0x1db/0x2d0 [ 12.850958] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.850977] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.850999] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.851019] kasan_report+0x141/0x180 [ 12.851040] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.851066] kasan_check_range+0x10c/0x1c0 [ 12.851089] __asan_memset+0x27/0x50 [ 12.851107] kmalloc_uaf_memset+0x1a3/0x360 [ 12.851127] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.851148] ? __schedule+0x10cc/0x2b60 [ 12.851170] ? __pfx_read_tsc+0x10/0x10 [ 12.851194] ? ktime_get_ts64+0x86/0x230 [ 12.851218] kunit_try_run_case+0x1a5/0x480 [ 12.851242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.851264] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.851288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.851310] ? __kthread_parkme+0x82/0x180 [ 12.851331] ? preempt_count_sub+0x50/0x80 [ 12.851354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.851377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.851400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.851423] kthread+0x337/0x6f0 [ 12.851441] ? trace_preempt_on+0x20/0xc0 [ 12.851465] ? __pfx_kthread+0x10/0x10 [ 12.851484] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.851505] ? calculate_sigpending+0x7b/0xa0 [ 12.851528] ? __pfx_kthread+0x10/0x10 [ 12.851548] ret_from_fork+0x116/0x1d0 [ 12.851566] ? __pfx_kthread+0x10/0x10 [ 12.851586] ret_from_fork_asm+0x1a/0x30 [ 12.851616] </TASK> [ 12.851626] [ 12.863902] Allocated by task 203: [ 12.864159] kasan_save_stack+0x45/0x70 [ 12.864499] kasan_save_track+0x18/0x40 [ 12.864844] kasan_save_alloc_info+0x3b/0x50 [ 12.865242] __kasan_kmalloc+0xb7/0xc0 [ 12.865543] __kmalloc_cache_noprof+0x189/0x420 [ 12.865892] kmalloc_uaf_memset+0xa9/0x360 [ 12.866399] kunit_try_run_case+0x1a5/0x480 [ 12.866737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.867160] kthread+0x337/0x6f0 [ 12.867467] ret_from_fork+0x116/0x1d0 [ 12.867763] ret_from_fork_asm+0x1a/0x30 [ 12.868070] [ 12.868171] Freed by task 203: [ 12.868342] kasan_save_stack+0x45/0x70 [ 12.868525] kasan_save_track+0x18/0x40 [ 12.868689] kasan_save_free_info+0x3f/0x60 [ 12.869317] __kasan_slab_free+0x56/0x70 [ 12.869634] kfree+0x222/0x3f0 [ 12.870064] kmalloc_uaf_memset+0x12b/0x360 [ 12.870271] kunit_try_run_case+0x1a5/0x480 [ 12.870578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.871248] kthread+0x337/0x6f0 [ 12.871449] ret_from_fork+0x116/0x1d0 [ 12.871712] ret_from_fork_asm+0x1a/0x30 [ 12.872083] [ 12.872294] The buggy address belongs to the object at ffff888103084480 [ 12.872294] which belongs to the cache kmalloc-64 of size 64 [ 12.873070] The buggy address is located 0 bytes inside of [ 12.873070] freed 64-byte region [ffff888103084480, ffff8881030844c0) [ 12.873577] [ 12.873677] The buggy address belongs to the physical page: [ 12.874287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103084 [ 12.874810] flags: 0x200000000000000(node=0|zone=2) [ 12.875239] page_type: f5(slab) [ 12.875522] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.876269] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.876575] page dumped because: kasan: bad access detected [ 12.876951] [ 12.877234] Memory state around the buggy address: [ 12.877500] ffff888103084380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.877819] ffff888103084400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.878100] >ffff888103084480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.878426] ^ [ 12.878583] ffff888103084500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.879337] ffff888103084580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.879945] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.813169] ================================================================== [ 12.813608] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.813853] Read of size 1 at addr ffff8881009b2fc8 by task kunit_try_catch/201 [ 12.814077] [ 12.814175] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.814222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.814233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.814256] Call Trace: [ 12.814268] <TASK> [ 12.814286] dump_stack_lvl+0x73/0xb0 [ 12.814316] print_report+0xd1/0x610 [ 12.814339] ? __virt_addr_valid+0x1db/0x2d0 [ 12.814362] ? kmalloc_uaf+0x320/0x380 [ 12.814381] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.814403] ? kmalloc_uaf+0x320/0x380 [ 12.814422] kasan_report+0x141/0x180 [ 12.814443] ? kmalloc_uaf+0x320/0x380 [ 12.814466] __asan_report_load1_noabort+0x18/0x20 [ 12.814490] kmalloc_uaf+0x320/0x380 [ 12.814929] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.814955] ? __schedule+0x10cc/0x2b60 [ 12.815004] ? __pfx_read_tsc+0x10/0x10 [ 12.815027] ? ktime_get_ts64+0x86/0x230 [ 12.815239] kunit_try_run_case+0x1a5/0x480 [ 12.815267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.815291] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.815317] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.815341] ? __kthread_parkme+0x82/0x180 [ 12.815363] ? preempt_count_sub+0x50/0x80 [ 12.815389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.815414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.815460] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.815486] kthread+0x337/0x6f0 [ 12.815505] ? trace_preempt_on+0x20/0xc0 [ 12.815531] ? __pfx_kthread+0x10/0x10 [ 12.815552] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.815573] ? calculate_sigpending+0x7b/0xa0 [ 12.815599] ? __pfx_kthread+0x10/0x10 [ 12.815620] ret_from_fork+0x116/0x1d0 [ 12.815640] ? __pfx_kthread+0x10/0x10 [ 12.815660] ret_from_fork_asm+0x1a/0x30 [ 12.815692] </TASK> [ 12.815704] [ 12.826772] Allocated by task 201: [ 12.826970] kasan_save_stack+0x45/0x70 [ 12.827162] kasan_save_track+0x18/0x40 [ 12.827806] kasan_save_alloc_info+0x3b/0x50 [ 12.828225] __kasan_kmalloc+0xb7/0xc0 [ 12.828530] __kmalloc_cache_noprof+0x189/0x420 [ 12.828837] kmalloc_uaf+0xaa/0x380 [ 12.829163] kunit_try_run_case+0x1a5/0x480 [ 12.829347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.829644] kthread+0x337/0x6f0 [ 12.829819] ret_from_fork+0x116/0x1d0 [ 12.829979] ret_from_fork_asm+0x1a/0x30 [ 12.830612] [ 12.830711] Freed by task 201: [ 12.831107] kasan_save_stack+0x45/0x70 [ 12.831323] kasan_save_track+0x18/0x40 [ 12.831716] kasan_save_free_info+0x3f/0x60 [ 12.832077] __kasan_slab_free+0x56/0x70 [ 12.832225] kfree+0x222/0x3f0 [ 12.832620] kmalloc_uaf+0x12c/0x380 [ 12.832887] kunit_try_run_case+0x1a5/0x480 [ 12.833312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.833650] kthread+0x337/0x6f0 [ 12.833793] ret_from_fork+0x116/0x1d0 [ 12.834186] ret_from_fork_asm+0x1a/0x30 [ 12.834509] [ 12.834648] The buggy address belongs to the object at ffff8881009b2fc0 [ 12.834648] which belongs to the cache kmalloc-16 of size 16 [ 12.835725] The buggy address is located 8 bytes inside of [ 12.835725] freed 16-byte region [ffff8881009b2fc0, ffff8881009b2fd0) [ 12.836711] [ 12.837037] The buggy address belongs to the physical page: [ 12.837918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009b2 [ 12.838843] flags: 0x200000000000000(node=0|zone=2) [ 12.839022] page_type: f5(slab) [ 12.839784] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.840669] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.841030] page dumped because: kasan: bad access detected [ 12.841297] [ 12.841390] Memory state around the buggy address: [ 12.841617] ffff8881009b2e80: 00 00 fc fc 00 06 fc fc 00 06 fc fc 00 00 fc fc [ 12.841937] ffff8881009b2f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.842249] >ffff8881009b2f80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 12.842560] ^ [ 12.843415] ffff8881009b3000: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 12.843840] ffff8881009b3080: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 12.844488] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.774347] ================================================================== [ 12.775670] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.776895] Read of size 64 at addr ffff888103084384 by task kunit_try_catch/199 [ 12.777984] [ 12.778367] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.778418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.778430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.778504] Call Trace: [ 12.778519] <TASK> [ 12.778539] dump_stack_lvl+0x73/0xb0 [ 12.778666] print_report+0xd1/0x610 [ 12.778691] ? __virt_addr_valid+0x1db/0x2d0 [ 12.778718] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.778744] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.778779] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.778805] kasan_report+0x141/0x180 [ 12.778826] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.778857] kasan_check_range+0x10c/0x1c0 [ 12.778881] __asan_memmove+0x27/0x70 [ 12.778901] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.778926] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.778954] ? __schedule+0x10cc/0x2b60 [ 12.779039] ? __pfx_read_tsc+0x10/0x10 [ 12.779065] ? ktime_get_ts64+0x86/0x230 [ 12.779091] kunit_try_run_case+0x1a5/0x480 [ 12.779119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.779142] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.779166] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.779197] ? __kthread_parkme+0x82/0x180 [ 12.779219] ? preempt_count_sub+0x50/0x80 [ 12.779244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.779268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.779293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.779319] kthread+0x337/0x6f0 [ 12.779338] ? trace_preempt_on+0x20/0xc0 [ 12.779363] ? __pfx_kthread+0x10/0x10 [ 12.779384] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.779405] ? calculate_sigpending+0x7b/0xa0 [ 12.779431] ? __pfx_kthread+0x10/0x10 [ 12.779453] ret_from_fork+0x116/0x1d0 [ 12.779472] ? __pfx_kthread+0x10/0x10 [ 12.779493] ret_from_fork_asm+0x1a/0x30 [ 12.779525] </TASK> [ 12.779537] [ 12.791728] Allocated by task 199: [ 12.792094] kasan_save_stack+0x45/0x70 [ 12.792414] kasan_save_track+0x18/0x40 [ 12.792723] kasan_save_alloc_info+0x3b/0x50 [ 12.792942] __kasan_kmalloc+0xb7/0xc0 [ 12.793366] __kmalloc_cache_noprof+0x189/0x420 [ 12.793796] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.794267] kunit_try_run_case+0x1a5/0x480 [ 12.794704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.794969] kthread+0x337/0x6f0 [ 12.795316] ret_from_fork+0x116/0x1d0 [ 12.795608] ret_from_fork_asm+0x1a/0x30 [ 12.795929] [ 12.796068] The buggy address belongs to the object at ffff888103084380 [ 12.796068] which belongs to the cache kmalloc-64 of size 64 [ 12.796909] The buggy address is located 4 bytes inside of [ 12.796909] allocated 64-byte region [ffff888103084380, ffff8881030843c0) [ 12.797729] [ 12.797870] The buggy address belongs to the physical page: [ 12.798489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103084 [ 12.798868] flags: 0x200000000000000(node=0|zone=2) [ 12.799451] page_type: f5(slab) [ 12.799801] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.800273] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.800837] page dumped because: kasan: bad access detected [ 12.801367] [ 12.801474] Memory state around the buggy address: [ 12.801909] ffff888103084280: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 12.802341] ffff888103084300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.802849] >ffff888103084380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.803322] ^ [ 12.803825] ffff888103084400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.804513] ffff888103084480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.804955] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.741497] ================================================================== [ 12.742642] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.743685] Read of size 18446744073709551614 at addr ffff888103063e04 by task kunit_try_catch/197 [ 12.744113] [ 12.744214] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.744260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.744271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.744292] Call Trace: [ 12.744304] <TASK> [ 12.744320] dump_stack_lvl+0x73/0xb0 [ 12.744351] print_report+0xd1/0x610 [ 12.744374] ? __virt_addr_valid+0x1db/0x2d0 [ 12.744397] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.744428] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.744451] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.744495] kasan_report+0x141/0x180 [ 12.744517] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.744547] kasan_check_range+0x10c/0x1c0 [ 12.744571] __asan_memmove+0x27/0x70 [ 12.744591] kmalloc_memmove_negative_size+0x171/0x330 [ 12.744617] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.744645] ? __schedule+0x10cc/0x2b60 [ 12.744667] ? __pfx_read_tsc+0x10/0x10 [ 12.744688] ? ktime_get_ts64+0x86/0x230 [ 12.744714] kunit_try_run_case+0x1a5/0x480 [ 12.744740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.744775] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.745138] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.745164] ? __kthread_parkme+0x82/0x180 [ 12.745186] ? preempt_count_sub+0x50/0x80 [ 12.745210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.745235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.745260] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.745286] kthread+0x337/0x6f0 [ 12.745306] ? trace_preempt_on+0x20/0xc0 [ 12.745330] ? __pfx_kthread+0x10/0x10 [ 12.745351] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.745372] ? calculate_sigpending+0x7b/0xa0 [ 12.745397] ? __pfx_kthread+0x10/0x10 [ 12.745418] ret_from_fork+0x116/0x1d0 [ 12.745451] ? __pfx_kthread+0x10/0x10 [ 12.745472] ret_from_fork_asm+0x1a/0x30 [ 12.745502] </TASK> [ 12.745512] [ 12.758082] Allocated by task 197: [ 12.758500] kasan_save_stack+0x45/0x70 [ 12.758817] kasan_save_track+0x18/0x40 [ 12.759283] kasan_save_alloc_info+0x3b/0x50 [ 12.759541] __kasan_kmalloc+0xb7/0xc0 [ 12.759876] __kmalloc_cache_noprof+0x189/0x420 [ 12.760251] kmalloc_memmove_negative_size+0xac/0x330 [ 12.760479] kunit_try_run_case+0x1a5/0x480 [ 12.760927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.761358] kthread+0x337/0x6f0 [ 12.761667] ret_from_fork+0x116/0x1d0 [ 12.762236] ret_from_fork_asm+0x1a/0x30 [ 12.762466] [ 12.762730] The buggy address belongs to the object at ffff888103063e00 [ 12.762730] which belongs to the cache kmalloc-64 of size 64 [ 12.763597] The buggy address is located 4 bytes inside of [ 12.763597] 64-byte region [ffff888103063e00, ffff888103063e40) [ 12.764097] [ 12.764184] The buggy address belongs to the physical page: [ 12.764361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103063 [ 12.764607] flags: 0x200000000000000(node=0|zone=2) [ 12.764786] page_type: f5(slab) [ 12.765023] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.765941] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.766559] page dumped because: kasan: bad access detected [ 12.766738] [ 12.766820] Memory state around the buggy address: [ 12.766979] ffff888103063d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.767450] ffff888103063d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.768078] >ffff888103063e00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.768724] ^ [ 12.769032] ffff888103063e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.769773] ffff888103063f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.770518] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.711320] ================================================================== [ 12.711889] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.712329] Write of size 16 at addr ffff8881029ccc69 by task kunit_try_catch/195 [ 12.712638] [ 12.712843] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.712918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.712930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.712950] Call Trace: [ 12.712963] <TASK> [ 12.712978] dump_stack_lvl+0x73/0xb0 [ 12.713010] print_report+0xd1/0x610 [ 12.713033] ? __virt_addr_valid+0x1db/0x2d0 [ 12.713127] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.713164] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.713189] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.713241] kasan_report+0x141/0x180 [ 12.713265] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.713293] kasan_check_range+0x10c/0x1c0 [ 12.713329] __asan_memset+0x27/0x50 [ 12.713350] kmalloc_oob_memset_16+0x166/0x330 [ 12.713402] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.713427] ? __schedule+0x10cc/0x2b60 [ 12.713450] ? __pfx_read_tsc+0x10/0x10 [ 12.713483] ? ktime_get_ts64+0x86/0x230 [ 12.713524] kunit_try_run_case+0x1a5/0x480 [ 12.713551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.713575] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.713602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.713627] ? __kthread_parkme+0x82/0x180 [ 12.713648] ? preempt_count_sub+0x50/0x80 [ 12.713672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.713697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.713723] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.713749] kthread+0x337/0x6f0 [ 12.713778] ? trace_preempt_on+0x20/0xc0 [ 12.713801] ? __pfx_kthread+0x10/0x10 [ 12.713824] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.713847] ? calculate_sigpending+0x7b/0xa0 [ 12.713871] ? __pfx_kthread+0x10/0x10 [ 12.713893] ret_from_fork+0x116/0x1d0 [ 12.713912] ? __pfx_kthread+0x10/0x10 [ 12.713933] ret_from_fork_asm+0x1a/0x30 [ 12.713965] </TASK> [ 12.714024] [ 12.725140] Allocated by task 195: [ 12.725440] kasan_save_stack+0x45/0x70 [ 12.725750] kasan_save_track+0x18/0x40 [ 12.726243] kasan_save_alloc_info+0x3b/0x50 [ 12.726505] __kasan_kmalloc+0xb7/0xc0 [ 12.726820] __kmalloc_cache_noprof+0x189/0x420 [ 12.727279] kmalloc_oob_memset_16+0xac/0x330 [ 12.727627] kunit_try_run_case+0x1a5/0x480 [ 12.727841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.728244] kthread+0x337/0x6f0 [ 12.728531] ret_from_fork+0x116/0x1d0 [ 12.728819] ret_from_fork_asm+0x1a/0x30 [ 12.729237] [ 12.729337] The buggy address belongs to the object at ffff8881029ccc00 [ 12.729337] which belongs to the cache kmalloc-128 of size 128 [ 12.730372] The buggy address is located 105 bytes inside of [ 12.730372] allocated 120-byte region [ffff8881029ccc00, ffff8881029ccc78) [ 12.731278] [ 12.731635] The buggy address belongs to the physical page: [ 12.731990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 12.732510] flags: 0x200000000000000(node=0|zone=2) [ 12.732826] page_type: f5(slab) [ 12.733005] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.733632] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.734083] page dumped because: kasan: bad access detected [ 12.734672] [ 12.734801] Memory state around the buggy address: [ 12.735243] ffff8881029ccb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.735722] ffff8881029ccb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.736271] >ffff8881029ccc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.736821] ^ [ 12.737223] ffff8881029ccc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.737728] ffff8881029ccd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.738189] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.681213] ================================================================== [ 12.681915] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.682295] Write of size 8 at addr ffff8881029ccb71 by task kunit_try_catch/193 [ 12.682749] [ 12.682877] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.682938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.682969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.682989] Call Trace: [ 12.683001] <TASK> [ 12.683015] dump_stack_lvl+0x73/0xb0 [ 12.683044] print_report+0xd1/0x610 [ 12.683068] ? __virt_addr_valid+0x1db/0x2d0 [ 12.683127] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.683150] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.683187] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.683210] kasan_report+0x141/0x180 [ 12.683251] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.683288] kasan_check_range+0x10c/0x1c0 [ 12.683312] __asan_memset+0x27/0x50 [ 12.683342] kmalloc_oob_memset_8+0x166/0x330 [ 12.683365] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.683389] ? __schedule+0x10cc/0x2b60 [ 12.683411] ? __pfx_read_tsc+0x10/0x10 [ 12.683448] ? ktime_get_ts64+0x86/0x230 [ 12.683473] kunit_try_run_case+0x1a5/0x480 [ 12.683499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.683541] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.683575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.683599] ? __kthread_parkme+0x82/0x180 [ 12.683631] ? preempt_count_sub+0x50/0x80 [ 12.683655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.683704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.683729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.683771] kthread+0x337/0x6f0 [ 12.683791] ? trace_preempt_on+0x20/0xc0 [ 12.683815] ? __pfx_kthread+0x10/0x10 [ 12.683846] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.683868] ? calculate_sigpending+0x7b/0xa0 [ 12.683893] ? __pfx_kthread+0x10/0x10 [ 12.683914] ret_from_fork+0x116/0x1d0 [ 12.683933] ? __pfx_kthread+0x10/0x10 [ 12.683953] ret_from_fork_asm+0x1a/0x30 [ 12.684011] </TASK> [ 12.684021] [ 12.694314] Allocated by task 193: [ 12.694702] kasan_save_stack+0x45/0x70 [ 12.695154] kasan_save_track+0x18/0x40 [ 12.695672] kasan_save_alloc_info+0x3b/0x50 [ 12.696184] __kasan_kmalloc+0xb7/0xc0 [ 12.696577] __kmalloc_cache_noprof+0x189/0x420 [ 12.697096] kmalloc_oob_memset_8+0xac/0x330 [ 12.697540] kunit_try_run_case+0x1a5/0x480 [ 12.697958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.698547] kthread+0x337/0x6f0 [ 12.698890] ret_from_fork+0x116/0x1d0 [ 12.699466] ret_from_fork_asm+0x1a/0x30 [ 12.699869] [ 12.700137] The buggy address belongs to the object at ffff8881029ccb00 [ 12.700137] which belongs to the cache kmalloc-128 of size 128 [ 12.701310] The buggy address is located 113 bytes inside of [ 12.701310] allocated 120-byte region [ffff8881029ccb00, ffff8881029ccb78) [ 12.702422] [ 12.702628] The buggy address belongs to the physical page: [ 12.703084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 12.703529] flags: 0x200000000000000(node=0|zone=2) [ 12.704191] page_type: f5(slab) [ 12.704429] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.704663] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.704902] page dumped because: kasan: bad access detected [ 12.705074] [ 12.705143] Memory state around the buggy address: [ 12.705353] ffff8881029cca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.706005] ffff8881029cca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.706293] >ffff8881029ccb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.706793] ^ [ 12.707237] ffff8881029ccb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.707623] ffff8881029ccc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.707970] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.658200] ================================================================== [ 12.658708] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.659072] Write of size 4 at addr ffff8881029cca75 by task kunit_try_catch/191 [ 12.659462] [ 12.659573] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.659616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.659627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.659649] Call Trace: [ 12.659661] <TASK> [ 12.659688] dump_stack_lvl+0x73/0xb0 [ 12.659717] print_report+0xd1/0x610 [ 12.659740] ? __virt_addr_valid+0x1db/0x2d0 [ 12.659793] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.659815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.659839] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.659872] kasan_report+0x141/0x180 [ 12.659894] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.659921] kasan_check_range+0x10c/0x1c0 [ 12.659945] __asan_memset+0x27/0x50 [ 12.659965] kmalloc_oob_memset_4+0x166/0x330 [ 12.660001] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.660024] ? kasan_save_stack+0x45/0x70 [ 12.660045] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.660072] kunit_try_run_case+0x1a5/0x480 [ 12.660097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.660120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.660145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.660169] ? __kthread_parkme+0x82/0x180 [ 12.660191] ? preempt_count_sub+0x50/0x80 [ 12.660216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.660247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.660281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.660307] kthread+0x337/0x6f0 [ 12.660326] ? trace_preempt_on+0x20/0xc0 [ 12.660362] ? __pfx_kthread+0x10/0x10 [ 12.660382] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.660404] ? calculate_sigpending+0x7b/0xa0 [ 12.660428] ? __pfx_kthread+0x10/0x10 [ 12.660460] ret_from_fork+0x116/0x1d0 [ 12.660480] ? __pfx_kthread+0x10/0x10 [ 12.660500] ret_from_fork_asm+0x1a/0x30 [ 12.660532] </TASK> [ 12.660541] [ 12.668881] Allocated by task 191: [ 12.669011] kasan_save_stack+0x45/0x70 [ 12.669151] kasan_save_track+0x18/0x40 [ 12.669450] kasan_save_alloc_info+0x3b/0x50 [ 12.669663] __kasan_kmalloc+0xb7/0xc0 [ 12.669861] __kmalloc_cache_noprof+0x189/0x420 [ 12.670086] kmalloc_oob_memset_4+0xac/0x330 [ 12.670492] kunit_try_run_case+0x1a5/0x480 [ 12.670873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.671266] kthread+0x337/0x6f0 [ 12.671410] ret_from_fork+0x116/0x1d0 [ 12.671697] ret_from_fork_asm+0x1a/0x30 [ 12.671856] [ 12.671927] The buggy address belongs to the object at ffff8881029cca00 [ 12.671927] which belongs to the cache kmalloc-128 of size 128 [ 12.672441] The buggy address is located 117 bytes inside of [ 12.672441] allocated 120-byte region [ffff8881029cca00, ffff8881029cca78) [ 12.673116] [ 12.673286] The buggy address belongs to the physical page: [ 12.673572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 12.673911] flags: 0x200000000000000(node=0|zone=2) [ 12.674183] page_type: f5(slab) [ 12.674405] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.674774] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.675244] page dumped because: kasan: bad access detected [ 12.675521] [ 12.675667] Memory state around the buggy address: [ 12.675985] ffff8881029cc900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.676276] ffff8881029cc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.676713] >ffff8881029cca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.677117] ^ [ 12.677506] ffff8881029cca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.678113] ffff8881029ccb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.678390] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.630588] ================================================================== [ 12.631289] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.631963] Write of size 2 at addr ffff88810305bd77 by task kunit_try_catch/189 [ 12.632448] [ 12.632578] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.632638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.632660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.632680] Call Trace: [ 12.632692] <TASK> [ 12.632706] dump_stack_lvl+0x73/0xb0 [ 12.632777] print_report+0xd1/0x610 [ 12.632800] ? __virt_addr_valid+0x1db/0x2d0 [ 12.632834] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.632856] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.632880] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.632902] kasan_report+0x141/0x180 [ 12.632924] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.632951] kasan_check_range+0x10c/0x1c0 [ 12.633066] __asan_memset+0x27/0x50 [ 12.633091] kmalloc_oob_memset_2+0x166/0x330 [ 12.633115] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.633257] ? __schedule+0x10cc/0x2b60 [ 12.633282] ? __pfx_read_tsc+0x10/0x10 [ 12.633303] ? ktime_get_ts64+0x86/0x230 [ 12.633328] kunit_try_run_case+0x1a5/0x480 [ 12.633354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.633377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.633401] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.633425] ? __kthread_parkme+0x82/0x180 [ 12.633458] ? preempt_count_sub+0x50/0x80 [ 12.633483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.633508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.633533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.633558] kthread+0x337/0x6f0 [ 12.633577] ? trace_preempt_on+0x20/0xc0 [ 12.633601] ? __pfx_kthread+0x10/0x10 [ 12.633622] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.633643] ? calculate_sigpending+0x7b/0xa0 [ 12.633668] ? __pfx_kthread+0x10/0x10 [ 12.633689] ret_from_fork+0x116/0x1d0 [ 12.633709] ? __pfx_kthread+0x10/0x10 [ 12.633733] ret_from_fork_asm+0x1a/0x30 [ 12.633777] </TASK> [ 12.633787] [ 12.644267] Allocated by task 189: [ 12.644494] kasan_save_stack+0x45/0x70 [ 12.644837] kasan_save_track+0x18/0x40 [ 12.645425] kasan_save_alloc_info+0x3b/0x50 [ 12.645654] __kasan_kmalloc+0xb7/0xc0 [ 12.645854] __kmalloc_cache_noprof+0x189/0x420 [ 12.646084] kmalloc_oob_memset_2+0xac/0x330 [ 12.646423] kunit_try_run_case+0x1a5/0x480 [ 12.646663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.646942] kthread+0x337/0x6f0 [ 12.647284] ret_from_fork+0x116/0x1d0 [ 12.647538] ret_from_fork_asm+0x1a/0x30 [ 12.647742] [ 12.647899] The buggy address belongs to the object at ffff88810305bd00 [ 12.647899] which belongs to the cache kmalloc-128 of size 128 [ 12.648567] The buggy address is located 119 bytes inside of [ 12.648567] allocated 120-byte region [ffff88810305bd00, ffff88810305bd78) [ 12.649100] [ 12.649377] The buggy address belongs to the physical page: [ 12.649710] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305b [ 12.650170] flags: 0x200000000000000(node=0|zone=2) [ 12.650617] page_type: f5(slab) [ 12.651165] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.651645] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.652195] page dumped because: kasan: bad access detected [ 12.652456] [ 12.652560] Memory state around the buggy address: [ 12.652776] ffff88810305bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.653288] ffff88810305bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.653567] >ffff88810305bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.654344] ^ [ 12.654798] ffff88810305bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.655269] ffff88810305be00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.655660] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.601477] ================================================================== [ 12.601874] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.602785] Write of size 128 at addr ffff8881029cc900 by task kunit_try_catch/187 [ 12.603628] [ 12.603863] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.603911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.603922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.603943] Call Trace: [ 12.603955] <TASK> [ 12.603971] dump_stack_lvl+0x73/0xb0 [ 12.604003] print_report+0xd1/0x610 [ 12.604026] ? __virt_addr_valid+0x1db/0x2d0 [ 12.604085] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.604108] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.604131] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.604181] kasan_report+0x141/0x180 [ 12.604203] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.604230] kasan_check_range+0x10c/0x1c0 [ 12.604254] __asan_memset+0x27/0x50 [ 12.604273] kmalloc_oob_in_memset+0x15f/0x320 [ 12.604296] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.604320] ? __schedule+0x10cc/0x2b60 [ 12.604343] ? __pfx_read_tsc+0x10/0x10 [ 12.604365] ? ktime_get_ts64+0x86/0x230 [ 12.604391] kunit_try_run_case+0x1a5/0x480 [ 12.604418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.604483] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.604510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.604534] ? __kthread_parkme+0x82/0x180 [ 12.604555] ? preempt_count_sub+0x50/0x80 [ 12.604580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.604606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.604631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.604656] kthread+0x337/0x6f0 [ 12.604676] ? trace_preempt_on+0x20/0xc0 [ 12.604701] ? __pfx_kthread+0x10/0x10 [ 12.604722] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.604743] ? calculate_sigpending+0x7b/0xa0 [ 12.604780] ? __pfx_kthread+0x10/0x10 [ 12.604801] ret_from_fork+0x116/0x1d0 [ 12.604821] ? __pfx_kthread+0x10/0x10 [ 12.604842] ret_from_fork_asm+0x1a/0x30 [ 12.604874] </TASK> [ 12.604885] [ 12.617206] Allocated by task 187: [ 12.617522] kasan_save_stack+0x45/0x70 [ 12.617810] kasan_save_track+0x18/0x40 [ 12.618107] kasan_save_alloc_info+0x3b/0x50 [ 12.618356] __kasan_kmalloc+0xb7/0xc0 [ 12.618741] __kmalloc_cache_noprof+0x189/0x420 [ 12.619092] kmalloc_oob_in_memset+0xac/0x320 [ 12.619348] kunit_try_run_case+0x1a5/0x480 [ 12.619580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.619846] kthread+0x337/0x6f0 [ 12.620079] ret_from_fork+0x116/0x1d0 [ 12.620350] ret_from_fork_asm+0x1a/0x30 [ 12.620685] [ 12.620770] The buggy address belongs to the object at ffff8881029cc900 [ 12.620770] which belongs to the cache kmalloc-128 of size 128 [ 12.621291] The buggy address is located 0 bytes inside of [ 12.621291] allocated 120-byte region [ffff8881029cc900, ffff8881029cc978) [ 12.622171] [ 12.622255] The buggy address belongs to the physical page: [ 12.622566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 12.622852] flags: 0x200000000000000(node=0|zone=2) [ 12.623131] page_type: f5(slab) [ 12.623538] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.623965] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.624443] page dumped because: kasan: bad access detected [ 12.624808] [ 12.624882] Memory state around the buggy address: [ 12.625069] ffff8881029cc800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.625576] ffff8881029cc880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.625951] >ffff8881029cc900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.626306] ^ [ 12.626650] ffff8881029cc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.627032] ffff8881029cca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.627411] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.561261] ================================================================== [ 12.561692] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.561958] Read of size 16 at addr ffff8881009b2fa0 by task kunit_try_catch/185 [ 12.563091] [ 12.563343] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.563390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.563402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.563422] Call Trace: [ 12.563434] <TASK> [ 12.563450] dump_stack_lvl+0x73/0xb0 [ 12.563482] print_report+0xd1/0x610 [ 12.563505] ? __virt_addr_valid+0x1db/0x2d0 [ 12.563527] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.563548] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.563572] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.563593] kasan_report+0x141/0x180 [ 12.563615] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.563640] __asan_report_load16_noabort+0x18/0x20 [ 12.563666] kmalloc_uaf_16+0x47b/0x4c0 [ 12.563687] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.563710] ? __schedule+0x10cc/0x2b60 [ 12.563733] ? __pfx_read_tsc+0x10/0x10 [ 12.563766] ? ktime_get_ts64+0x86/0x230 [ 12.563792] kunit_try_run_case+0x1a5/0x480 [ 12.563817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.563840] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.563865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.563889] ? __kthread_parkme+0x82/0x180 [ 12.563910] ? preempt_count_sub+0x50/0x80 [ 12.563934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.563959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.564076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.564104] kthread+0x337/0x6f0 [ 12.564138] ? trace_preempt_on+0x20/0xc0 [ 12.564162] ? __pfx_kthread+0x10/0x10 [ 12.564183] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.564205] ? calculate_sigpending+0x7b/0xa0 [ 12.564230] ? __pfx_kthread+0x10/0x10 [ 12.564252] ret_from_fork+0x116/0x1d0 [ 12.564271] ? __pfx_kthread+0x10/0x10 [ 12.564293] ret_from_fork_asm+0x1a/0x30 [ 12.564325] </TASK> [ 12.564335] [ 12.578524] Allocated by task 185: [ 12.578945] kasan_save_stack+0x45/0x70 [ 12.579391] kasan_save_track+0x18/0x40 [ 12.579806] kasan_save_alloc_info+0x3b/0x50 [ 12.579969] __kasan_kmalloc+0xb7/0xc0 [ 12.580439] __kmalloc_cache_noprof+0x189/0x420 [ 12.581032] kmalloc_uaf_16+0x15b/0x4c0 [ 12.581590] kunit_try_run_case+0x1a5/0x480 [ 12.581751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.581946] kthread+0x337/0x6f0 [ 12.582371] ret_from_fork+0x116/0x1d0 [ 12.582778] ret_from_fork_asm+0x1a/0x30 [ 12.583275] [ 12.583497] Freed by task 185: [ 12.583851] kasan_save_stack+0x45/0x70 [ 12.584332] kasan_save_track+0x18/0x40 [ 12.584682] kasan_save_free_info+0x3f/0x60 [ 12.584846] __kasan_slab_free+0x56/0x70 [ 12.585183] kfree+0x222/0x3f0 [ 12.585509] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.585907] kunit_try_run_case+0x1a5/0x480 [ 12.586448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.587147] kthread+0x337/0x6f0 [ 12.587476] ret_from_fork+0x116/0x1d0 [ 12.587616] ret_from_fork_asm+0x1a/0x30 [ 12.587768] [ 12.587842] The buggy address belongs to the object at ffff8881009b2fa0 [ 12.587842] which belongs to the cache kmalloc-16 of size 16 [ 12.588921] The buggy address is located 0 bytes inside of [ 12.588921] freed 16-byte region [ffff8881009b2fa0, ffff8881009b2fb0) [ 12.590236] [ 12.590472] The buggy address belongs to the physical page: [ 12.591009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009b2 [ 12.591452] flags: 0x200000000000000(node=0|zone=2) [ 12.591950] page_type: f5(slab) [ 12.592350] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.592805] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.593563] page dumped because: kasan: bad access detected [ 12.593843] [ 12.593915] Memory state around the buggy address: [ 12.594327] ffff8881009b2e80: 00 00 fc fc 00 06 fc fc 00 06 fc fc 00 00 fc fc [ 12.594985] ffff8881009b2f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.595741] >ffff8881009b2f80: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.596322] ^ [ 12.596507] ffff8881009b3000: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 12.597281] ffff8881009b3080: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 12.597633] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.527460] ================================================================== [ 12.528659] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.529771] Write of size 16 at addr ffff8881009b2f40 by task kunit_try_catch/183 [ 12.530502] [ 12.530610] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.530656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.530668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.530687] Call Trace: [ 12.530698] <TASK> [ 12.530713] dump_stack_lvl+0x73/0xb0 [ 12.530743] print_report+0xd1/0x610 [ 12.530779] ? __virt_addr_valid+0x1db/0x2d0 [ 12.530801] ? kmalloc_oob_16+0x452/0x4a0 [ 12.530822] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.530845] ? kmalloc_oob_16+0x452/0x4a0 [ 12.530866] kasan_report+0x141/0x180 [ 12.530889] ? kmalloc_oob_16+0x452/0x4a0 [ 12.530914] __asan_report_store16_noabort+0x1b/0x30 [ 12.530940] kmalloc_oob_16+0x452/0x4a0 [ 12.530961] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.530984] ? __schedule+0x10cc/0x2b60 [ 12.531005] ? __pfx_read_tsc+0x10/0x10 [ 12.531026] ? ktime_get_ts64+0x86/0x230 [ 12.531051] kunit_try_run_case+0x1a5/0x480 [ 12.531076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.531100] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.531125] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.531149] ? __kthread_parkme+0x82/0x180 [ 12.531170] ? preempt_count_sub+0x50/0x80 [ 12.531201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.531226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.531250] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.531276] kthread+0x337/0x6f0 [ 12.531295] ? trace_preempt_on+0x20/0xc0 [ 12.531320] ? __pfx_kthread+0x10/0x10 [ 12.531340] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.531362] ? calculate_sigpending+0x7b/0xa0 [ 12.531539] ? __pfx_kthread+0x10/0x10 [ 12.531565] ret_from_fork+0x116/0x1d0 [ 12.531585] ? __pfx_kthread+0x10/0x10 [ 12.531607] ret_from_fork_asm+0x1a/0x30 [ 12.531772] </TASK> [ 12.531787] [ 12.545136] Allocated by task 183: [ 12.545471] kasan_save_stack+0x45/0x70 [ 12.545649] kasan_save_track+0x18/0x40 [ 12.545823] kasan_save_alloc_info+0x3b/0x50 [ 12.546818] __kasan_kmalloc+0xb7/0xc0 [ 12.547153] __kmalloc_cache_noprof+0x189/0x420 [ 12.547352] kmalloc_oob_16+0xa8/0x4a0 [ 12.547524] kunit_try_run_case+0x1a5/0x480 [ 12.547690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.547950] kthread+0x337/0x6f0 [ 12.548204] ret_from_fork+0x116/0x1d0 [ 12.548404] ret_from_fork_asm+0x1a/0x30 [ 12.548623] [ 12.548721] The buggy address belongs to the object at ffff8881009b2f40 [ 12.548721] which belongs to the cache kmalloc-16 of size 16 [ 12.549251] The buggy address is located 0 bytes inside of [ 12.549251] allocated 13-byte region [ffff8881009b2f40, ffff8881009b2f4d) [ 12.549680] [ 12.549890] The buggy address belongs to the physical page: [ 12.551646] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009b2 [ 12.552542] flags: 0x200000000000000(node=0|zone=2) [ 12.552715] page_type: f5(slab) [ 12.552852] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.554267] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.555251] page dumped because: kasan: bad access detected [ 12.555504] [ 12.555586] Memory state around the buggy address: [ 12.555904] ffff8881009b2e00: 00 00 fc fc fa fb fc fc 00 05 fc fc 00 05 fc fc [ 12.556278] ffff8881009b2e80: 00 00 fc fc 00 06 fc fc 00 06 fc fc 00 00 fc fc [ 12.556588] >ffff8881009b2f00: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 12.556904] ^ [ 12.557232] ffff8881009b2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.557538] ffff8881009b3000: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 12.557854] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.501054] ================================================================== [ 12.501347] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.501780] Read of size 1 at addr ffff888100342400 by task kunit_try_catch/181 [ 12.502467] [ 12.502580] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.502622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.502633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.502653] Call Trace: [ 12.502664] <TASK> [ 12.502678] dump_stack_lvl+0x73/0xb0 [ 12.502706] print_report+0xd1/0x610 [ 12.502729] ? __virt_addr_valid+0x1db/0x2d0 [ 12.502765] ? krealloc_uaf+0x53c/0x5e0 [ 12.502787] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.502811] ? krealloc_uaf+0x53c/0x5e0 [ 12.502832] kasan_report+0x141/0x180 [ 12.502854] ? krealloc_uaf+0x53c/0x5e0 [ 12.502880] __asan_report_load1_noabort+0x18/0x20 [ 12.502906] krealloc_uaf+0x53c/0x5e0 [ 12.502927] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.502948] ? finish_task_switch.isra.0+0x153/0x700 [ 12.502972] ? __switch_to+0x47/0xf50 [ 12.503047] ? __schedule+0x10cc/0x2b60 [ 12.503070] ? __pfx_read_tsc+0x10/0x10 [ 12.503091] ? ktime_get_ts64+0x86/0x230 [ 12.503116] kunit_try_run_case+0x1a5/0x480 [ 12.503140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.503164] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.503193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.503217] ? __kthread_parkme+0x82/0x180 [ 12.503238] ? preempt_count_sub+0x50/0x80 [ 12.503262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.503287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.503312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.503338] kthread+0x337/0x6f0 [ 12.503357] ? trace_preempt_on+0x20/0xc0 [ 12.503381] ? __pfx_kthread+0x10/0x10 [ 12.503401] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.503423] ? calculate_sigpending+0x7b/0xa0 [ 12.503448] ? __pfx_kthread+0x10/0x10 [ 12.503469] ret_from_fork+0x116/0x1d0 [ 12.503488] ? __pfx_kthread+0x10/0x10 [ 12.503508] ret_from_fork_asm+0x1a/0x30 [ 12.503539] </TASK> [ 12.503548] [ 12.511424] Allocated by task 181: [ 12.511598] kasan_save_stack+0x45/0x70 [ 12.511799] kasan_save_track+0x18/0x40 [ 12.511940] kasan_save_alloc_info+0x3b/0x50 [ 12.512142] __kasan_kmalloc+0xb7/0xc0 [ 12.512344] __kmalloc_cache_noprof+0x189/0x420 [ 12.512566] krealloc_uaf+0xbb/0x5e0 [ 12.512750] kunit_try_run_case+0x1a5/0x480 [ 12.513133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.513320] kthread+0x337/0x6f0 [ 12.513444] ret_from_fork+0x116/0x1d0 [ 12.513633] ret_from_fork_asm+0x1a/0x30 [ 12.513845] [ 12.514129] Freed by task 181: [ 12.514307] kasan_save_stack+0x45/0x70 [ 12.514521] kasan_save_track+0x18/0x40 [ 12.514678] kasan_save_free_info+0x3f/0x60 [ 12.514880] __kasan_slab_free+0x56/0x70 [ 12.515024] kfree+0x222/0x3f0 [ 12.515147] krealloc_uaf+0x13d/0x5e0 [ 12.515304] kunit_try_run_case+0x1a5/0x480 [ 12.515514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.515964] kthread+0x337/0x6f0 [ 12.516089] ret_from_fork+0x116/0x1d0 [ 12.516225] ret_from_fork_asm+0x1a/0x30 [ 12.516427] [ 12.516582] The buggy address belongs to the object at ffff888100342400 [ 12.516582] which belongs to the cache kmalloc-256 of size 256 [ 12.517212] The buggy address is located 0 bytes inside of [ 12.517212] freed 256-byte region [ffff888100342400, ffff888100342500) [ 12.517764] [ 12.517863] The buggy address belongs to the physical page: [ 12.518291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.518655] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.518981] flags: 0x200000000000040(head|node=0|zone=2) [ 12.519199] page_type: f5(slab) [ 12.519325] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.519563] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.519908] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.520414] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.520770] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.521101] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.521446] page dumped because: kasan: bad access detected [ 12.521703] [ 12.521792] Memory state around the buggy address: [ 12.521952] ffff888100342300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.522374] ffff888100342380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.522855] >ffff888100342400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.523155] ^ [ 12.523300] ffff888100342480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.523636] ffff888100342500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.523874] ================================================================== [ 12.476607] ================================================================== [ 12.477120] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.477535] Read of size 1 at addr ffff888100342400 by task kunit_try_catch/181 [ 12.477834] [ 12.477944] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.477999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.478011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.478031] Call Trace: [ 12.478043] <TASK> [ 12.478058] dump_stack_lvl+0x73/0xb0 [ 12.478089] print_report+0xd1/0x610 [ 12.478113] ? __virt_addr_valid+0x1db/0x2d0 [ 12.478136] ? krealloc_uaf+0x1b8/0x5e0 [ 12.478158] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.478182] ? krealloc_uaf+0x1b8/0x5e0 [ 12.478203] kasan_report+0x141/0x180 [ 12.478225] ? krealloc_uaf+0x1b8/0x5e0 [ 12.478250] ? krealloc_uaf+0x1b8/0x5e0 [ 12.478271] __kasan_check_byte+0x3d/0x50 [ 12.478293] krealloc_noprof+0x3f/0x340 [ 12.478317] krealloc_uaf+0x1b8/0x5e0 [ 12.478338] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.478360] ? finish_task_switch.isra.0+0x153/0x700 [ 12.478384] ? __switch_to+0x47/0xf50 [ 12.478410] ? __schedule+0x10cc/0x2b60 [ 12.478482] ? __pfx_read_tsc+0x10/0x10 [ 12.478507] ? ktime_get_ts64+0x86/0x230 [ 12.478532] kunit_try_run_case+0x1a5/0x480 [ 12.478559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.478583] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.478607] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.478632] ? __kthread_parkme+0x82/0x180 [ 12.478654] ? preempt_count_sub+0x50/0x80 [ 12.478677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.478702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.478727] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.478762] kthread+0x337/0x6f0 [ 12.478782] ? trace_preempt_on+0x20/0xc0 [ 12.478806] ? __pfx_kthread+0x10/0x10 [ 12.478827] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.478848] ? calculate_sigpending+0x7b/0xa0 [ 12.478873] ? __pfx_kthread+0x10/0x10 [ 12.478895] ret_from_fork+0x116/0x1d0 [ 12.478914] ? __pfx_kthread+0x10/0x10 [ 12.478934] ret_from_fork_asm+0x1a/0x30 [ 12.478965] </TASK> [ 12.479100] [ 12.487362] Allocated by task 181: [ 12.487543] kasan_save_stack+0x45/0x70 [ 12.487763] kasan_save_track+0x18/0x40 [ 12.487965] kasan_save_alloc_info+0x3b/0x50 [ 12.488329] __kasan_kmalloc+0xb7/0xc0 [ 12.488741] __kmalloc_cache_noprof+0x189/0x420 [ 12.488934] krealloc_uaf+0xbb/0x5e0 [ 12.489299] kunit_try_run_case+0x1a5/0x480 [ 12.489479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.489662] kthread+0x337/0x6f0 [ 12.489800] ret_from_fork+0x116/0x1d0 [ 12.490106] ret_from_fork_asm+0x1a/0x30 [ 12.490321] [ 12.490451] Freed by task 181: [ 12.490629] kasan_save_stack+0x45/0x70 [ 12.490896] kasan_save_track+0x18/0x40 [ 12.491174] kasan_save_free_info+0x3f/0x60 [ 12.491378] __kasan_slab_free+0x56/0x70 [ 12.491595] kfree+0x222/0x3f0 [ 12.491765] krealloc_uaf+0x13d/0x5e0 [ 12.491941] kunit_try_run_case+0x1a5/0x480 [ 12.492125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.492358] kthread+0x337/0x6f0 [ 12.492570] ret_from_fork+0x116/0x1d0 [ 12.492708] ret_from_fork_asm+0x1a/0x30 [ 12.492925] [ 12.493031] The buggy address belongs to the object at ffff888100342400 [ 12.493031] which belongs to the cache kmalloc-256 of size 256 [ 12.493611] The buggy address is located 0 bytes inside of [ 12.493611] freed 256-byte region [ffff888100342400, ffff888100342500) [ 12.494020] [ 12.494105] The buggy address belongs to the physical page: [ 12.494352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.494786] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.495124] flags: 0x200000000000040(head|node=0|zone=2) [ 12.495315] page_type: f5(slab) [ 12.495466] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.495831] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.496467] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.496815] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.497167] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.497421] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.497774] page dumped because: kasan: bad access detected [ 12.498006] [ 12.498080] Memory state around the buggy address: [ 12.498239] ffff888100342300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.498584] ffff888100342380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.499147] >ffff888100342400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.499390] ^ [ 12.499706] ffff888100342480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.500027] ffff888100342500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.500530] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.420778] ================================================================== [ 12.421434] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.422117] Write of size 1 at addr ffff88810278a0da by task kunit_try_catch/179 [ 12.422361] [ 12.422481] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.422521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.422532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.422550] Call Trace: [ 12.422563] <TASK> [ 12.422577] dump_stack_lvl+0x73/0xb0 [ 12.422604] print_report+0xd1/0x610 [ 12.422626] ? __virt_addr_valid+0x1db/0x2d0 [ 12.422648] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.422672] ? kasan_addr_to_slab+0x11/0xa0 [ 12.422693] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.422719] kasan_report+0x141/0x180 [ 12.422741] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.422783] __asan_report_store1_noabort+0x1b/0x30 [ 12.422809] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.422835] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.422861] ? __schedule+0x207f/0x2b60 [ 12.422880] ? schedule+0x7c/0x2e0 [ 12.422900] ? trace_hardirqs_on+0x37/0xe0 [ 12.422923] ? __schedule+0x207f/0x2b60 [ 12.422944] ? __pfx_read_tsc+0x10/0x10 [ 12.422968] krealloc_large_less_oob+0x1c/0x30 [ 12.423003] kunit_try_run_case+0x1a5/0x480 [ 12.423027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.423050] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.423074] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.423098] ? __kthread_parkme+0x82/0x180 [ 12.423118] ? preempt_count_sub+0x50/0x80 [ 12.423142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.423166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.423197] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.423223] kthread+0x337/0x6f0 [ 12.423242] ? trace_preempt_on+0x20/0xc0 [ 12.423264] ? __pfx_kthread+0x10/0x10 [ 12.423285] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.423307] ? calculate_sigpending+0x7b/0xa0 [ 12.423330] ? __pfx_kthread+0x10/0x10 [ 12.423352] ret_from_fork+0x116/0x1d0 [ 12.423371] ? __pfx_kthread+0x10/0x10 [ 12.423391] ret_from_fork_asm+0x1a/0x30 [ 12.423422] </TASK> [ 12.423443] [ 12.431554] The buggy address belongs to the physical page: [ 12.431929] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102788 [ 12.432253] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.432480] flags: 0x200000000000040(head|node=0|zone=2) [ 12.432799] page_type: f8(unknown) [ 12.432983] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.433459] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.433837] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.434356] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.434699] head: 0200000000000002 ffffea000409e201 00000000ffffffff 00000000ffffffff [ 12.435076] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.435324] page dumped because: kasan: bad access detected [ 12.435579] [ 12.435750] Memory state around the buggy address: [ 12.436068] ffff888102789f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.436355] ffff88810278a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.436665] >ffff88810278a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.436932] ^ [ 12.437405] ffff88810278a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.437706] ffff88810278a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.438093] ================================================================== [ 12.306225] ================================================================== [ 12.306864] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.307749] Write of size 1 at addr ffff8881003422eb by task kunit_try_catch/175 [ 12.307998] [ 12.308085] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.308128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.308140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.308160] Call Trace: [ 12.308176] <TASK> [ 12.308190] dump_stack_lvl+0x73/0xb0 [ 12.308219] print_report+0xd1/0x610 [ 12.308241] ? __virt_addr_valid+0x1db/0x2d0 [ 12.308263] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.308287] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.308311] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.308336] kasan_report+0x141/0x180 [ 12.308358] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.308387] __asan_report_store1_noabort+0x1b/0x30 [ 12.308412] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.308470] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.308494] ? finish_task_switch.isra.0+0x153/0x700 [ 12.308517] ? __switch_to+0x47/0xf50 [ 12.308543] ? __schedule+0x10cc/0x2b60 [ 12.308565] ? __pfx_read_tsc+0x10/0x10 [ 12.308588] krealloc_less_oob+0x1c/0x30 [ 12.308610] kunit_try_run_case+0x1a5/0x480 [ 12.308734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.308766] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.308790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.308814] ? __kthread_parkme+0x82/0x180 [ 12.308835] ? preempt_count_sub+0x50/0x80 [ 12.308857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.308881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.308907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.308932] kthread+0x337/0x6f0 [ 12.308951] ? trace_preempt_on+0x20/0xc0 [ 12.308974] ? __pfx_kthread+0x10/0x10 [ 12.308994] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.309015] ? calculate_sigpending+0x7b/0xa0 [ 12.309039] ? __pfx_kthread+0x10/0x10 [ 12.309060] ret_from_fork+0x116/0x1d0 [ 12.309078] ? __pfx_kthread+0x10/0x10 [ 12.309099] ret_from_fork_asm+0x1a/0x30 [ 12.309129] </TASK> [ 12.309138] [ 12.323332] Allocated by task 175: [ 12.323706] kasan_save_stack+0x45/0x70 [ 12.323955] kasan_save_track+0x18/0x40 [ 12.324265] kasan_save_alloc_info+0x3b/0x50 [ 12.324642] __kasan_krealloc+0x190/0x1f0 [ 12.324794] krealloc_noprof+0xf3/0x340 [ 12.324932] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.325095] krealloc_less_oob+0x1c/0x30 [ 12.325235] kunit_try_run_case+0x1a5/0x480 [ 12.325382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.325899] kthread+0x337/0x6f0 [ 12.326212] ret_from_fork+0x116/0x1d0 [ 12.326584] ret_from_fork_asm+0x1a/0x30 [ 12.326956] [ 12.327119] The buggy address belongs to the object at ffff888100342200 [ 12.327119] which belongs to the cache kmalloc-256 of size 256 [ 12.328208] The buggy address is located 34 bytes to the right of [ 12.328208] allocated 201-byte region [ffff888100342200, ffff8881003422c9) [ 12.329330] [ 12.329532] The buggy address belongs to the physical page: [ 12.330018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.330552] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.330992] flags: 0x200000000000040(head|node=0|zone=2) [ 12.331176] page_type: f5(slab) [ 12.331298] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.331802] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.332481] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.333148] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.333844] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.334524] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.334939] page dumped because: kasan: bad access detected [ 12.335388] [ 12.335556] Memory state around the buggy address: [ 12.335868] ffff888100342180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.336084] ffff888100342200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.336299] >ffff888100342280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.336731] ^ [ 12.337312] ffff888100342300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.337941] ffff888100342380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.338569] ================================================================== [ 12.438421] ================================================================== [ 12.438701] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.439123] Write of size 1 at addr ffff88810278a0ea by task kunit_try_catch/179 [ 12.439360] [ 12.439446] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.439487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.439498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.439517] Call Trace: [ 12.439530] <TASK> [ 12.439543] dump_stack_lvl+0x73/0xb0 [ 12.439581] print_report+0xd1/0x610 [ 12.439604] ? __virt_addr_valid+0x1db/0x2d0 [ 12.439627] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.439651] ? kasan_addr_to_slab+0x11/0xa0 [ 12.439672] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.439698] kasan_report+0x141/0x180 [ 12.439719] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.439749] __asan_report_store1_noabort+0x1b/0x30 [ 12.439786] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.439813] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.439838] ? __schedule+0x207f/0x2b60 [ 12.439858] ? schedule+0x7c/0x2e0 [ 12.439878] ? trace_hardirqs_on+0x37/0xe0 [ 12.439902] ? __schedule+0x207f/0x2b60 [ 12.439923] ? __pfx_read_tsc+0x10/0x10 [ 12.439947] krealloc_large_less_oob+0x1c/0x30 [ 12.439970] kunit_try_run_case+0x1a5/0x480 [ 12.440011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.440035] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.440059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.440083] ? __kthread_parkme+0x82/0x180 [ 12.440105] ? preempt_count_sub+0x50/0x80 [ 12.440130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.440155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.440180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.440205] kthread+0x337/0x6f0 [ 12.440224] ? trace_preempt_on+0x20/0xc0 [ 12.440247] ? __pfx_kthread+0x10/0x10 [ 12.440268] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.440289] ? calculate_sigpending+0x7b/0xa0 [ 12.440313] ? __pfx_kthread+0x10/0x10 [ 12.440335] ret_from_fork+0x116/0x1d0 [ 12.440354] ? __pfx_kthread+0x10/0x10 [ 12.440374] ret_from_fork_asm+0x1a/0x30 [ 12.440405] </TASK> [ 12.440414] [ 12.449089] The buggy address belongs to the physical page: [ 12.449438] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102788 [ 12.450124] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.450438] flags: 0x200000000000040(head|node=0|zone=2) [ 12.450732] page_type: f8(unknown) [ 12.450871] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.451103] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.451340] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.451675] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.452027] head: 0200000000000002 ffffea000409e201 00000000ffffffff 00000000ffffffff [ 12.452420] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.452872] page dumped because: kasan: bad access detected [ 12.453333] [ 12.453446] Memory state around the buggy address: [ 12.453664] ffff888102789f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.453895] ffff88810278a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.454399] >ffff88810278a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.454898] ^ [ 12.455250] ffff88810278a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.455565] ffff88810278a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.455849] ================================================================== [ 12.403773] ================================================================== [ 12.404382] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.404668] Write of size 1 at addr ffff88810278a0d0 by task kunit_try_catch/179 [ 12.404933] [ 12.405397] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.405443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.405455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.405475] Call Trace: [ 12.405486] <TASK> [ 12.405500] dump_stack_lvl+0x73/0xb0 [ 12.405529] print_report+0xd1/0x610 [ 12.405554] ? __virt_addr_valid+0x1db/0x2d0 [ 12.405578] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.405602] ? kasan_addr_to_slab+0x11/0xa0 [ 12.405623] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.405649] kasan_report+0x141/0x180 [ 12.405671] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.405700] __asan_report_store1_noabort+0x1b/0x30 [ 12.405726] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.405768] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.405793] ? __schedule+0x207f/0x2b60 [ 12.405813] ? schedule+0x7c/0x2e0 [ 12.405833] ? trace_hardirqs_on+0x37/0xe0 [ 12.405856] ? __schedule+0x207f/0x2b60 [ 12.405878] ? __pfx_read_tsc+0x10/0x10 [ 12.405903] krealloc_large_less_oob+0x1c/0x30 [ 12.405926] kunit_try_run_case+0x1a5/0x480 [ 12.405951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.405974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.406017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.406041] ? __kthread_parkme+0x82/0x180 [ 12.406062] ? preempt_count_sub+0x50/0x80 [ 12.406087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.406111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.406136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.406162] kthread+0x337/0x6f0 [ 12.406181] ? trace_preempt_on+0x20/0xc0 [ 12.406203] ? __pfx_kthread+0x10/0x10 [ 12.406224] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.406246] ? calculate_sigpending+0x7b/0xa0 [ 12.406270] ? __pfx_kthread+0x10/0x10 [ 12.406291] ret_from_fork+0x116/0x1d0 [ 12.406311] ? __pfx_kthread+0x10/0x10 [ 12.406332] ret_from_fork_asm+0x1a/0x30 [ 12.406365] </TASK> [ 12.406376] [ 12.414217] The buggy address belongs to the physical page: [ 12.414485] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102788 [ 12.414976] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.415250] flags: 0x200000000000040(head|node=0|zone=2) [ 12.415500] page_type: f8(unknown) [ 12.415674] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.415994] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.416282] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.416811] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.417114] head: 0200000000000002 ffffea000409e201 00000000ffffffff 00000000ffffffff [ 12.417419] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.417939] page dumped because: kasan: bad access detected [ 12.418180] [ 12.418381] Memory state around the buggy address: [ 12.418612] ffff888102789f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.418913] ffff88810278a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.419242] >ffff88810278a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.419580] ^ [ 12.419866] ffff88810278a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.420181] ffff88810278a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.420434] ================================================================== [ 12.274554] ================================================================== [ 12.274925] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.275516] Write of size 1 at addr ffff8881003422ea by task kunit_try_catch/175 [ 12.275802] [ 12.275888] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.275928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.275940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.275959] Call Trace: [ 12.275972] <TASK> [ 12.275985] dump_stack_lvl+0x73/0xb0 [ 12.276012] print_report+0xd1/0x610 [ 12.276033] ? __virt_addr_valid+0x1db/0x2d0 [ 12.276056] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.276080] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.276103] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.276128] kasan_report+0x141/0x180 [ 12.276150] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.276179] __asan_report_store1_noabort+0x1b/0x30 [ 12.276204] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.276231] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.276256] ? finish_task_switch.isra.0+0x153/0x700 [ 12.276279] ? __switch_to+0x47/0xf50 [ 12.276304] ? __schedule+0x10cc/0x2b60 [ 12.276326] ? __pfx_read_tsc+0x10/0x10 [ 12.276349] krealloc_less_oob+0x1c/0x30 [ 12.276371] kunit_try_run_case+0x1a5/0x480 [ 12.276394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.276417] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.276454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.276478] ? __kthread_parkme+0x82/0x180 [ 12.276498] ? preempt_count_sub+0x50/0x80 [ 12.276521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.276545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.276570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.276595] kthread+0x337/0x6f0 [ 12.276614] ? trace_preempt_on+0x20/0xc0 [ 12.276637] ? __pfx_kthread+0x10/0x10 [ 12.276658] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.276679] ? calculate_sigpending+0x7b/0xa0 [ 12.276704] ? __pfx_kthread+0x10/0x10 [ 12.276725] ret_from_fork+0x116/0x1d0 [ 12.276743] ? __pfx_kthread+0x10/0x10 [ 12.276773] ret_from_fork_asm+0x1a/0x30 [ 12.276803] </TASK> [ 12.276813] [ 12.285846] Allocated by task 175: [ 12.286027] kasan_save_stack+0x45/0x70 [ 12.286234] kasan_save_track+0x18/0x40 [ 12.286367] kasan_save_alloc_info+0x3b/0x50 [ 12.286669] __kasan_krealloc+0x190/0x1f0 [ 12.286881] krealloc_noprof+0xf3/0x340 [ 12.287018] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.287182] krealloc_less_oob+0x1c/0x30 [ 12.287673] kunit_try_run_case+0x1a5/0x480 [ 12.289731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.289996] kthread+0x337/0x6f0 [ 12.290126] ret_from_fork+0x116/0x1d0 [ 12.290263] ret_from_fork_asm+0x1a/0x30 [ 12.290405] [ 12.290486] The buggy address belongs to the object at ffff888100342200 [ 12.290486] which belongs to the cache kmalloc-256 of size 256 [ 12.291861] The buggy address is located 33 bytes to the right of [ 12.291861] allocated 201-byte region [ffff888100342200, ffff8881003422c9) [ 12.292974] [ 12.293063] The buggy address belongs to the physical page: [ 12.293235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.294463] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.295379] flags: 0x200000000000040(head|node=0|zone=2) [ 12.296264] page_type: f5(slab) [ 12.296869] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.297534] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.298211] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.298960] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.299713] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.300613] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.301259] page dumped because: kasan: bad access detected [ 12.301820] [ 12.301983] Memory state around the buggy address: [ 12.302395] ffff888100342180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.303021] ffff888100342200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.303454] >ffff888100342280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.303671] ^ [ 12.303883] ffff888100342300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.304098] ffff888100342380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.304311] ================================================================== [ 12.235047] ================================================================== [ 12.235403] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.235910] Write of size 1 at addr ffff8881003422d0 by task kunit_try_catch/175 [ 12.236427] [ 12.236546] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.236590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.236601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.236622] Call Trace: [ 12.236633] <TASK> [ 12.236647] dump_stack_lvl+0x73/0xb0 [ 12.236676] print_report+0xd1/0x610 [ 12.236698] ? __virt_addr_valid+0x1db/0x2d0 [ 12.236721] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.236745] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.236782] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.236807] kasan_report+0x141/0x180 [ 12.236829] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.236858] __asan_report_store1_noabort+0x1b/0x30 [ 12.236884] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.236910] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.236935] ? finish_task_switch.isra.0+0x153/0x700 [ 12.236959] ? __switch_to+0x47/0xf50 [ 12.236983] ? __schedule+0x10cc/0x2b60 [ 12.237006] ? __pfx_read_tsc+0x10/0x10 [ 12.237030] krealloc_less_oob+0x1c/0x30 [ 12.237052] kunit_try_run_case+0x1a5/0x480 [ 12.237076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.237099] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.237123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.237147] ? __kthread_parkme+0x82/0x180 [ 12.237167] ? preempt_count_sub+0x50/0x80 [ 12.237190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.237215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.237239] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.237264] kthread+0x337/0x6f0 [ 12.237283] ? trace_preempt_on+0x20/0xc0 [ 12.237306] ? __pfx_kthread+0x10/0x10 [ 12.237327] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.237348] ? calculate_sigpending+0x7b/0xa0 [ 12.237373] ? __pfx_kthread+0x10/0x10 [ 12.237394] ret_from_fork+0x116/0x1d0 [ 12.237413] ? __pfx_kthread+0x10/0x10 [ 12.237433] ret_from_fork_asm+0x1a/0x30 [ 12.237464] </TASK> [ 12.237473] [ 12.244784] Allocated by task 175: [ 12.244917] kasan_save_stack+0x45/0x70 [ 12.245058] kasan_save_track+0x18/0x40 [ 12.245244] kasan_save_alloc_info+0x3b/0x50 [ 12.245456] __kasan_krealloc+0x190/0x1f0 [ 12.245782] krealloc_noprof+0xf3/0x340 [ 12.246004] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.246218] krealloc_less_oob+0x1c/0x30 [ 12.246373] kunit_try_run_case+0x1a5/0x480 [ 12.246623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.246892] kthread+0x337/0x6f0 [ 12.247060] ret_from_fork+0x116/0x1d0 [ 12.247197] ret_from_fork_asm+0x1a/0x30 [ 12.247395] [ 12.247530] The buggy address belongs to the object at ffff888100342200 [ 12.247530] which belongs to the cache kmalloc-256 of size 256 [ 12.247982] The buggy address is located 7 bytes to the right of [ 12.247982] allocated 201-byte region [ffff888100342200, ffff8881003422c9) [ 12.248551] [ 12.248624] The buggy address belongs to the physical page: [ 12.248822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.249183] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.249509] flags: 0x200000000000040(head|node=0|zone=2) [ 12.249729] page_type: f5(slab) [ 12.249870] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.250162] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.250496] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.250803] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.251063] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.251298] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.251581] page dumped because: kasan: bad access detected [ 12.251854] [ 12.251946] Memory state around the buggy address: [ 12.252165] ffff888100342180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.252395] ffff888100342200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.252609] >ffff888100342280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.253066] ^ [ 12.253329] ffff888100342300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.253649] ffff888100342380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.253909] ================================================================== [ 12.254490] ================================================================== [ 12.255069] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.255458] Write of size 1 at addr ffff8881003422da by task kunit_try_catch/175 [ 12.255789] [ 12.255873] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.255911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.255923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.255941] Call Trace: [ 12.255954] <TASK> [ 12.255967] dump_stack_lvl+0x73/0xb0 [ 12.255992] print_report+0xd1/0x610 [ 12.256014] ? __virt_addr_valid+0x1db/0x2d0 [ 12.256035] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.256060] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.256083] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.256107] kasan_report+0x141/0x180 [ 12.256129] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.256158] __asan_report_store1_noabort+0x1b/0x30 [ 12.256184] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.256210] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.256235] ? finish_task_switch.isra.0+0x153/0x700 [ 12.256258] ? __switch_to+0x47/0xf50 [ 12.256283] ? __schedule+0x10cc/0x2b60 [ 12.256304] ? __pfx_read_tsc+0x10/0x10 [ 12.256328] krealloc_less_oob+0x1c/0x30 [ 12.256350] kunit_try_run_case+0x1a5/0x480 [ 12.256374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.256397] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.256420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.256444] ? __kthread_parkme+0x82/0x180 [ 12.256463] ? preempt_count_sub+0x50/0x80 [ 12.256486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.256511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.256535] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.256561] kthread+0x337/0x6f0 [ 12.256579] ? trace_preempt_on+0x20/0xc0 [ 12.256602] ? __pfx_kthread+0x10/0x10 [ 12.256623] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.256644] ? calculate_sigpending+0x7b/0xa0 [ 12.256668] ? __pfx_kthread+0x10/0x10 [ 12.256700] ret_from_fork+0x116/0x1d0 [ 12.256718] ? __pfx_kthread+0x10/0x10 [ 12.256738] ret_from_fork_asm+0x1a/0x30 [ 12.256779] </TASK> [ 12.256788] [ 12.264128] Allocated by task 175: [ 12.264312] kasan_save_stack+0x45/0x70 [ 12.264494] kasan_save_track+0x18/0x40 [ 12.264630] kasan_save_alloc_info+0x3b/0x50 [ 12.264789] __kasan_krealloc+0x190/0x1f0 [ 12.264931] krealloc_noprof+0xf3/0x340 [ 12.265102] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.265338] krealloc_less_oob+0x1c/0x30 [ 12.265536] kunit_try_run_case+0x1a5/0x480 [ 12.265746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.266010] kthread+0x337/0x6f0 [ 12.266179] ret_from_fork+0x116/0x1d0 [ 12.266349] ret_from_fork_asm+0x1a/0x30 [ 12.266489] [ 12.266559] The buggy address belongs to the object at ffff888100342200 [ 12.266559] which belongs to the cache kmalloc-256 of size 256 [ 12.267446] The buggy address is located 17 bytes to the right of [ 12.267446] allocated 201-byte region [ffff888100342200, ffff8881003422c9) [ 12.268007] [ 12.268086] The buggy address belongs to the physical page: [ 12.268260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.268539] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.268891] flags: 0x200000000000040(head|node=0|zone=2) [ 12.269150] page_type: f5(slab) [ 12.269318] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.269646] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.269889] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.270154] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.270545] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.270903] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.271239] page dumped because: kasan: bad access detected [ 12.271481] [ 12.271560] Memory state around the buggy address: [ 12.271717] ffff888100342180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.272034] ffff888100342200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.272344] >ffff888100342280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.272661] ^ [ 12.272888] ffff888100342300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.273103] ffff888100342380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.273342] ================================================================== [ 12.212894] ================================================================== [ 12.213649] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.213970] Write of size 1 at addr ffff8881003422c9 by task kunit_try_catch/175 [ 12.214310] [ 12.214506] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.214552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.214563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.214583] Call Trace: [ 12.214595] <TASK> [ 12.214610] dump_stack_lvl+0x73/0xb0 [ 12.214640] print_report+0xd1/0x610 [ 12.214662] ? __virt_addr_valid+0x1db/0x2d0 [ 12.214684] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.214709] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.214732] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.214769] kasan_report+0x141/0x180 [ 12.214792] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.214821] __asan_report_store1_noabort+0x1b/0x30 [ 12.214847] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.214873] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.214900] ? finish_task_switch.isra.0+0x153/0x700 [ 12.214923] ? __switch_to+0x47/0xf50 [ 12.214949] ? __schedule+0x10cc/0x2b60 [ 12.214971] ? __pfx_read_tsc+0x10/0x10 [ 12.215037] krealloc_less_oob+0x1c/0x30 [ 12.215060] kunit_try_run_case+0x1a5/0x480 [ 12.215085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.215108] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.215132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.215156] ? __kthread_parkme+0x82/0x180 [ 12.215186] ? preempt_count_sub+0x50/0x80 [ 12.215209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.215233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.215258] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.215283] kthread+0x337/0x6f0 [ 12.215302] ? trace_preempt_on+0x20/0xc0 [ 12.215325] ? __pfx_kthread+0x10/0x10 [ 12.215345] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.215367] ? calculate_sigpending+0x7b/0xa0 [ 12.215392] ? __pfx_kthread+0x10/0x10 [ 12.215413] ret_from_fork+0x116/0x1d0 [ 12.215441] ? __pfx_kthread+0x10/0x10 [ 12.215462] ret_from_fork_asm+0x1a/0x30 [ 12.215492] </TASK> [ 12.215502] [ 12.223705] Allocated by task 175: [ 12.223904] kasan_save_stack+0x45/0x70 [ 12.224203] kasan_save_track+0x18/0x40 [ 12.224463] kasan_save_alloc_info+0x3b/0x50 [ 12.224642] __kasan_krealloc+0x190/0x1f0 [ 12.224829] krealloc_noprof+0xf3/0x340 [ 12.225014] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.225243] krealloc_less_oob+0x1c/0x30 [ 12.225510] kunit_try_run_case+0x1a5/0x480 [ 12.225695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.225920] kthread+0x337/0x6f0 [ 12.226181] ret_from_fork+0x116/0x1d0 [ 12.226353] ret_from_fork_asm+0x1a/0x30 [ 12.226537] [ 12.226609] The buggy address belongs to the object at ffff888100342200 [ 12.226609] which belongs to the cache kmalloc-256 of size 256 [ 12.226977] The buggy address is located 0 bytes to the right of [ 12.226977] allocated 201-byte region [ffff888100342200, ffff8881003422c9) [ 12.227570] [ 12.227659] The buggy address belongs to the physical page: [ 12.227887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100342 [ 12.228583] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.228899] flags: 0x200000000000040(head|node=0|zone=2) [ 12.229321] page_type: f5(slab) [ 12.229505] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.229775] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.230043] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.230533] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.230912] head: 0200000000000001 ffffea000400d081 00000000ffffffff 00000000ffffffff [ 12.231456] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.231727] page dumped because: kasan: bad access detected [ 12.231913] [ 12.231984] Memory state around the buggy address: [ 12.232142] ffff888100342180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.232461] ffff888100342200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.232790] >ffff888100342280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.233349] ^ [ 12.233621] ffff888100342300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.233963] ffff888100342380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.234389] ================================================================== [ 12.386345] ================================================================== [ 12.386952] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.387384] Write of size 1 at addr ffff88810278a0c9 by task kunit_try_catch/179 [ 12.387711] [ 12.387829] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.387871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.387883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.387902] Call Trace: [ 12.387914] <TASK> [ 12.387929] dump_stack_lvl+0x73/0xb0 [ 12.387960] print_report+0xd1/0x610 [ 12.387982] ? __virt_addr_valid+0x1db/0x2d0 [ 12.388005] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.388030] ? kasan_addr_to_slab+0x11/0xa0 [ 12.388051] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.388076] kasan_report+0x141/0x180 [ 12.388098] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.388127] __asan_report_store1_noabort+0x1b/0x30 [ 12.388153] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.388192] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.388217] ? __schedule+0x207f/0x2b60 [ 12.388238] ? schedule+0x7c/0x2e0 [ 12.388258] ? trace_hardirqs_on+0x37/0xe0 [ 12.388282] ? __schedule+0x207f/0x2b60 [ 12.388304] ? __pfx_read_tsc+0x10/0x10 [ 12.388329] krealloc_large_less_oob+0x1c/0x30 [ 12.388353] kunit_try_run_case+0x1a5/0x480 [ 12.388377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.388400] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.388425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.388505] ? __kthread_parkme+0x82/0x180 [ 12.388528] ? preempt_count_sub+0x50/0x80 [ 12.388552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.388577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.388602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.388628] kthread+0x337/0x6f0 [ 12.388647] ? trace_preempt_on+0x20/0xc0 [ 12.388669] ? __pfx_kthread+0x10/0x10 [ 12.388690] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.388712] ? calculate_sigpending+0x7b/0xa0 [ 12.388737] ? __pfx_kthread+0x10/0x10 [ 12.388768] ret_from_fork+0x116/0x1d0 [ 12.388787] ? __pfx_kthread+0x10/0x10 [ 12.388808] ret_from_fork_asm+0x1a/0x30 [ 12.388838] </TASK> [ 12.388848] [ 12.396918] The buggy address belongs to the physical page: [ 12.397107] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102788 [ 12.397538] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.397903] flags: 0x200000000000040(head|node=0|zone=2) [ 12.398499] page_type: f8(unknown) [ 12.398674] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.398961] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.399463] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.399770] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.400186] head: 0200000000000002 ffffea000409e201 00000000ffffffff 00000000ffffffff [ 12.400526] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.400823] page dumped because: kasan: bad access detected [ 12.401137] [ 12.401232] Memory state around the buggy address: [ 12.401471] ffff888102789f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.401768] ffff88810278a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.402142] >ffff88810278a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.402499] ^ [ 12.402676] ffff88810278a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.402979] ffff88810278a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.403406] ================================================================== [ 12.456404] ================================================================== [ 12.456645] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.456961] Write of size 1 at addr ffff88810278a0eb by task kunit_try_catch/179 [ 12.457285] [ 12.457390] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.457429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.457440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.457458] Call Trace: [ 12.457470] <TASK> [ 12.457482] dump_stack_lvl+0x73/0xb0 [ 12.457508] print_report+0xd1/0x610 [ 12.457530] ? __virt_addr_valid+0x1db/0x2d0 [ 12.457551] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.457574] ? kasan_addr_to_slab+0x11/0xa0 [ 12.457594] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.457617] kasan_report+0x141/0x180 [ 12.457638] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.457682] __asan_report_store1_noabort+0x1b/0x30 [ 12.457708] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.457735] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.457769] ? __schedule+0x207f/0x2b60 [ 12.457789] ? schedule+0x7c/0x2e0 [ 12.457809] ? trace_hardirqs_on+0x37/0xe0 [ 12.457833] ? __schedule+0x207f/0x2b60 [ 12.457854] ? __pfx_read_tsc+0x10/0x10 [ 12.457878] krealloc_large_less_oob+0x1c/0x30 [ 12.457901] kunit_try_run_case+0x1a5/0x480 [ 12.457925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.457949] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.457972] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.457996] ? __kthread_parkme+0x82/0x180 [ 12.458017] ? preempt_count_sub+0x50/0x80 [ 12.458041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.458066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.458091] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.458116] kthread+0x337/0x6f0 [ 12.458136] ? trace_preempt_on+0x20/0xc0 [ 12.458158] ? __pfx_kthread+0x10/0x10 [ 12.458178] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.458200] ? calculate_sigpending+0x7b/0xa0 [ 12.458224] ? __pfx_kthread+0x10/0x10 [ 12.458245] ret_from_fork+0x116/0x1d0 [ 12.458264] ? __pfx_kthread+0x10/0x10 [ 12.458285] ret_from_fork_asm+0x1a/0x30 [ 12.458315] </TASK> [ 12.458324] [ 12.466509] The buggy address belongs to the physical page: [ 12.466791] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102788 [ 12.467320] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.467657] flags: 0x200000000000040(head|node=0|zone=2) [ 12.467875] page_type: f8(unknown) [ 12.468066] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.468364] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.468645] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.468984] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.469297] head: 0200000000000002 ffffea000409e201 00000000ffffffff 00000000ffffffff [ 12.469605] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.470035] page dumped because: kasan: bad access detected [ 12.470273] [ 12.470343] Memory state around the buggy address: [ 12.470524] ffff888102789f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.470743] ffff88810278a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.471264] >ffff88810278a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.471613] ^ [ 12.471920] ffff88810278a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.472277] ffff88810278a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.472550] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.365269] ================================================================== [ 12.365532] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.365950] Write of size 1 at addr ffff88810278a0f0 by task kunit_try_catch/177 [ 12.366715] [ 12.366958] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.367111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.367123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.367141] Call Trace: [ 12.367155] <TASK> [ 12.367169] dump_stack_lvl+0x73/0xb0 [ 12.367208] print_report+0xd1/0x610 [ 12.367231] ? __virt_addr_valid+0x1db/0x2d0 [ 12.367254] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.367278] ? kasan_addr_to_slab+0x11/0xa0 [ 12.367299] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.367324] kasan_report+0x141/0x180 [ 12.367346] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.367376] __asan_report_store1_noabort+0x1b/0x30 [ 12.367401] krealloc_more_oob_helper+0x7eb/0x930 [ 12.367424] ? __schedule+0x10cc/0x2b60 [ 12.367446] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.367472] ? finish_task_switch.isra.0+0x153/0x700 [ 12.367495] ? __switch_to+0x47/0xf50 [ 12.367521] ? __schedule+0x10cc/0x2b60 [ 12.367543] ? __pfx_read_tsc+0x10/0x10 [ 12.367567] krealloc_large_more_oob+0x1c/0x30 [ 12.367591] kunit_try_run_case+0x1a5/0x480 [ 12.367616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.367639] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.367663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.367687] ? __kthread_parkme+0x82/0x180 [ 12.367708] ? preempt_count_sub+0x50/0x80 [ 12.367731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.367767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.367792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.367817] kthread+0x337/0x6f0 [ 12.367837] ? trace_preempt_on+0x20/0xc0 [ 12.367861] ? __pfx_kthread+0x10/0x10 [ 12.367882] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.367904] ? calculate_sigpending+0x7b/0xa0 [ 12.367929] ? __pfx_kthread+0x10/0x10 [ 12.367951] ret_from_fork+0x116/0x1d0 [ 12.367970] ? __pfx_kthread+0x10/0x10 [ 12.368138] ret_from_fork_asm+0x1a/0x30 [ 12.368171] </TASK> [ 12.368181] [ 12.376383] The buggy address belongs to the physical page: [ 12.376670] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102788 [ 12.376934] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.377456] flags: 0x200000000000040(head|node=0|zone=2) [ 12.377725] page_type: f8(unknown) [ 12.377963] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.378259] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.378605] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.378861] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.379094] head: 0200000000000002 ffffea000409e201 00000000ffffffff 00000000ffffffff [ 12.379441] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.379810] page dumped because: kasan: bad access detected [ 12.380074] [ 12.380173] Memory state around the buggy address: [ 12.380408] ffff888102789f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.380924] ffff88810278a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.381289] >ffff88810278a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.381595] ^ [ 12.381869] ffff88810278a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.382115] ffff88810278a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.382435] ================================================================== [ 12.342148] ================================================================== [ 12.342791] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.343336] Write of size 1 at addr ffff88810278a0eb by task kunit_try_catch/177 [ 12.343882] [ 12.344359] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.344411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.344423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.344445] Call Trace: [ 12.344457] <TASK> [ 12.344474] dump_stack_lvl+0x73/0xb0 [ 12.344509] print_report+0xd1/0x610 [ 12.344532] ? __virt_addr_valid+0x1db/0x2d0 [ 12.344557] ? krealloc_more_oob_helper+0x821/0x930 [ 12.344581] ? kasan_addr_to_slab+0x11/0xa0 [ 12.344602] ? krealloc_more_oob_helper+0x821/0x930 [ 12.344627] kasan_report+0x141/0x180 [ 12.344649] ? krealloc_more_oob_helper+0x821/0x930 [ 12.344679] __asan_report_store1_noabort+0x1b/0x30 [ 12.344705] krealloc_more_oob_helper+0x821/0x930 [ 12.344728] ? __schedule+0x10cc/0x2b60 [ 12.344766] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.344792] ? finish_task_switch.isra.0+0x153/0x700 [ 12.344816] ? __switch_to+0x47/0xf50 [ 12.344843] ? __schedule+0x10cc/0x2b60 [ 12.344865] ? __pfx_read_tsc+0x10/0x10 [ 12.344890] krealloc_large_more_oob+0x1c/0x30 [ 12.344914] kunit_try_run_case+0x1a5/0x480 [ 12.344940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.344963] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.345048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.345073] ? __kthread_parkme+0x82/0x180 [ 12.345095] ? preempt_count_sub+0x50/0x80 [ 12.345119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.345144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.345169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.345195] kthread+0x337/0x6f0 [ 12.345214] ? trace_preempt_on+0x20/0xc0 [ 12.345238] ? __pfx_kthread+0x10/0x10 [ 12.345259] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.345281] ? calculate_sigpending+0x7b/0xa0 [ 12.345306] ? __pfx_kthread+0x10/0x10 [ 12.345328] ret_from_fork+0x116/0x1d0 [ 12.345347] ? __pfx_kthread+0x10/0x10 [ 12.345368] ret_from_fork_asm+0x1a/0x30 [ 12.345400] </TASK> [ 12.345411] [ 12.356441] The buggy address belongs to the physical page: [ 12.357074] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102788 [ 12.357578] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.358020] flags: 0x200000000000040(head|node=0|zone=2) [ 12.358415] page_type: f8(unknown) [ 12.358591] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.358916] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.359413] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.359907] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.360380] head: 0200000000000002 ffffea000409e201 00000000ffffffff 00000000ffffffff [ 12.361031] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.361426] page dumped because: kasan: bad access detected [ 12.361655] [ 12.361886] Memory state around the buggy address: [ 12.362151] ffff888102789f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.362636] ffff88810278a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.362929] >ffff88810278a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.363420] ^ [ 12.363816] ffff88810278a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.364247] ffff88810278a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.364782] ================================================================== [ 12.153403] ================================================================== [ 12.153857] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.154312] Write of size 1 at addr ffff888100a322eb by task kunit_try_catch/173 [ 12.154623] [ 12.154741] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.154797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.154809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.154830] Call Trace: [ 12.154841] <TASK> [ 12.154856] dump_stack_lvl+0x73/0xb0 [ 12.154883] print_report+0xd1/0x610 [ 12.154905] ? __virt_addr_valid+0x1db/0x2d0 [ 12.154929] ? krealloc_more_oob_helper+0x821/0x930 [ 12.154953] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.154977] ? krealloc_more_oob_helper+0x821/0x930 [ 12.155013] kasan_report+0x141/0x180 [ 12.155035] ? krealloc_more_oob_helper+0x821/0x930 [ 12.155064] __asan_report_store1_noabort+0x1b/0x30 [ 12.155089] krealloc_more_oob_helper+0x821/0x930 [ 12.155112] ? __schedule+0x10cc/0x2b60 [ 12.155134] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.155159] ? finish_task_switch.isra.0+0x153/0x700 [ 12.155186] ? __switch_to+0x47/0xf50 [ 12.155213] ? __schedule+0x10cc/0x2b60 [ 12.155234] ? __pfx_read_tsc+0x10/0x10 [ 12.155258] krealloc_more_oob+0x1c/0x30 [ 12.155280] kunit_try_run_case+0x1a5/0x480 [ 12.155304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.155327] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.155351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.155375] ? __kthread_parkme+0x82/0x180 [ 12.155395] ? preempt_count_sub+0x50/0x80 [ 12.155418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.155606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.155640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.155666] kthread+0x337/0x6f0 [ 12.155685] ? trace_preempt_on+0x20/0xc0 [ 12.155709] ? __pfx_kthread+0x10/0x10 [ 12.155730] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.155764] ? calculate_sigpending+0x7b/0xa0 [ 12.155789] ? __pfx_kthread+0x10/0x10 [ 12.155810] ret_from_fork+0x116/0x1d0 [ 12.155829] ? __pfx_kthread+0x10/0x10 [ 12.155849] ret_from_fork_asm+0x1a/0x30 [ 12.155880] </TASK> [ 12.155889] [ 12.164333] Allocated by task 173: [ 12.164514] kasan_save_stack+0x45/0x70 [ 12.164662] kasan_save_track+0x18/0x40 [ 12.164864] kasan_save_alloc_info+0x3b/0x50 [ 12.165251] __kasan_krealloc+0x190/0x1f0 [ 12.165449] krealloc_noprof+0xf3/0x340 [ 12.165646] krealloc_more_oob_helper+0x1a9/0x930 [ 12.165838] krealloc_more_oob+0x1c/0x30 [ 12.166085] kunit_try_run_case+0x1a5/0x480 [ 12.166298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.166544] kthread+0x337/0x6f0 [ 12.166686] ret_from_fork+0x116/0x1d0 [ 12.166830] ret_from_fork_asm+0x1a/0x30 [ 12.166971] [ 12.167043] The buggy address belongs to the object at ffff888100a32200 [ 12.167043] which belongs to the cache kmalloc-256 of size 256 [ 12.167517] The buggy address is located 0 bytes to the right of [ 12.167517] allocated 235-byte region [ffff888100a32200, ffff888100a322eb) [ 12.168093] [ 12.168190] The buggy address belongs to the physical page: [ 12.168595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a32 [ 12.168944] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.169327] flags: 0x200000000000040(head|node=0|zone=2) [ 12.169596] page_type: f5(slab) [ 12.169716] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.170043] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.170388] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.170813] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.171236] head: 0200000000000001 ffffea0004028c81 00000000ffffffff 00000000ffffffff [ 12.171495] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.171739] page dumped because: kasan: bad access detected [ 12.172008] [ 12.172103] Memory state around the buggy address: [ 12.172324] ffff888100a32180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.172783] ffff888100a32200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.172997] >ffff888100a32280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.173485] ^ [ 12.173807] ffff888100a32300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.174123] ffff888100a32380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.174337] ================================================================== [ 12.175149] ================================================================== [ 12.175443] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.175726] Write of size 1 at addr ffff888100a322f0 by task kunit_try_catch/173 [ 12.175964] [ 12.176072] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.176110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.176121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.176139] Call Trace: [ 12.176152] <TASK> [ 12.176164] dump_stack_lvl+0x73/0xb0 [ 12.176189] print_report+0xd1/0x610 [ 12.176209] ? __virt_addr_valid+0x1db/0x2d0 [ 12.176230] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.176496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.176528] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.176554] kasan_report+0x141/0x180 [ 12.176576] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.176606] __asan_report_store1_noabort+0x1b/0x30 [ 12.176631] krealloc_more_oob_helper+0x7eb/0x930 [ 12.176654] ? __schedule+0x10cc/0x2b60 [ 12.176676] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.176702] ? finish_task_switch.isra.0+0x153/0x700 [ 12.176725] ? __switch_to+0x47/0xf50 [ 12.176750] ? __schedule+0x10cc/0x2b60 [ 12.176785] ? __pfx_read_tsc+0x10/0x10 [ 12.176809] krealloc_more_oob+0x1c/0x30 [ 12.176831] kunit_try_run_case+0x1a5/0x480 [ 12.176855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.176878] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.176901] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.176925] ? __kthread_parkme+0x82/0x180 [ 12.176946] ? preempt_count_sub+0x50/0x80 [ 12.176969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.177136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.177163] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.177188] kthread+0x337/0x6f0 [ 12.177207] ? trace_preempt_on+0x20/0xc0 [ 12.177231] ? __pfx_kthread+0x10/0x10 [ 12.177251] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.177273] ? calculate_sigpending+0x7b/0xa0 [ 12.177297] ? __pfx_kthread+0x10/0x10 [ 12.177318] ret_from_fork+0x116/0x1d0 [ 12.177337] ? __pfx_kthread+0x10/0x10 [ 12.177357] ret_from_fork_asm+0x1a/0x30 [ 12.177387] </TASK> [ 12.177397] [ 12.189799] Allocated by task 173: [ 12.190212] kasan_save_stack+0x45/0x70 [ 12.190463] kasan_save_track+0x18/0x40 [ 12.190832] kasan_save_alloc_info+0x3b/0x50 [ 12.191207] __kasan_krealloc+0x190/0x1f0 [ 12.191403] krealloc_noprof+0xf3/0x340 [ 12.191734] krealloc_more_oob_helper+0x1a9/0x930 [ 12.191958] krealloc_more_oob+0x1c/0x30 [ 12.192389] kunit_try_run_case+0x1a5/0x480 [ 12.192690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.192934] kthread+0x337/0x6f0 [ 12.193231] ret_from_fork+0x116/0x1d0 [ 12.193738] ret_from_fork_asm+0x1a/0x30 [ 12.193961] [ 12.194160] The buggy address belongs to the object at ffff888100a32200 [ 12.194160] which belongs to the cache kmalloc-256 of size 256 [ 12.194900] The buggy address is located 5 bytes to the right of [ 12.194900] allocated 235-byte region [ffff888100a32200, ffff888100a322eb) [ 12.195766] [ 12.195866] The buggy address belongs to the physical page: [ 12.196303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a32 [ 12.196818] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.197256] flags: 0x200000000000040(head|node=0|zone=2) [ 12.197748] page_type: f5(slab) [ 12.197918] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.198547] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.199080] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.199405] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.200060] head: 0200000000000001 ffffea0004028c81 00000000ffffffff 00000000ffffffff [ 12.200390] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.201245] page dumped because: kasan: bad access detected [ 12.201825] [ 12.201922] Memory state around the buggy address: [ 12.202617] ffff888100a32180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.203168] ffff888100a32200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.203839] >ffff888100a32280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.204459] ^ [ 12.204917] ffff888100a32300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.205242] ffff888100a32380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.205884] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.134783] ================================================================== [ 12.135482] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.135773] Read of size 1 at addr ffff888103900000 by task kunit_try_catch/171 [ 12.136062] [ 12.136238] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.136283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.136295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.136315] Call Trace: [ 12.136327] <TASK> [ 12.136342] dump_stack_lvl+0x73/0xb0 [ 12.136372] print_report+0xd1/0x610 [ 12.136394] ? __virt_addr_valid+0x1db/0x2d0 [ 12.136417] ? page_alloc_uaf+0x356/0x3d0 [ 12.136446] ? kasan_addr_to_slab+0x11/0xa0 [ 12.136467] ? page_alloc_uaf+0x356/0x3d0 [ 12.136489] kasan_report+0x141/0x180 [ 12.136511] ? page_alloc_uaf+0x356/0x3d0 [ 12.136537] __asan_report_load1_noabort+0x18/0x20 [ 12.136562] page_alloc_uaf+0x356/0x3d0 [ 12.136584] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.136607] ? __schedule+0x10cc/0x2b60 [ 12.136630] ? __pfx_read_tsc+0x10/0x10 [ 12.136651] ? ktime_get_ts64+0x86/0x230 [ 12.136675] kunit_try_run_case+0x1a5/0x480 [ 12.136699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.136723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.136746] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.136782] ? __kthread_parkme+0x82/0x180 [ 12.136803] ? preempt_count_sub+0x50/0x80 [ 12.136827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.136852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.136876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.136902] kthread+0x337/0x6f0 [ 12.136920] ? trace_preempt_on+0x20/0xc0 [ 12.136944] ? __pfx_kthread+0x10/0x10 [ 12.136965] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.136986] ? calculate_sigpending+0x7b/0xa0 [ 12.137010] ? __pfx_kthread+0x10/0x10 [ 12.137042] ret_from_fork+0x116/0x1d0 [ 12.137061] ? __pfx_kthread+0x10/0x10 [ 12.137081] ret_from_fork_asm+0x1a/0x30 [ 12.137112] </TASK> [ 12.137122] [ 12.144988] The buggy address belongs to the physical page: [ 12.145243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103900 [ 12.145561] flags: 0x200000000000000(node=0|zone=2) [ 12.145880] page_type: f0(buddy) [ 12.146194] raw: 0200000000000000 ffff88817fffc580 ffff88817fffc580 0000000000000000 [ 12.146591] raw: 0000000000000000 0000000000000008 00000000f0000000 0000000000000000 [ 12.146883] page dumped because: kasan: bad access detected [ 12.147056] [ 12.147150] Memory state around the buggy address: [ 12.147480] ffff8881038fff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.147767] ffff8881038fff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.148259] >ffff888103900000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.148609] ^ [ 12.148784] ffff888103900080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.149171] ffff888103900100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.149420] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.111270] ================================================================== [ 12.111843] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.112084] Free of addr ffff888102a34001 by task kunit_try_catch/167 [ 12.112522] [ 12.112620] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.112662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.112673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.112693] Call Trace: [ 12.112704] <TASK> [ 12.112719] dump_stack_lvl+0x73/0xb0 [ 12.112749] print_report+0xd1/0x610 [ 12.112789] ? __virt_addr_valid+0x1db/0x2d0 [ 12.112812] ? kasan_addr_to_slab+0x11/0xa0 [ 12.112833] ? kfree+0x274/0x3f0 [ 12.112854] kasan_report_invalid_free+0x10a/0x130 [ 12.112879] ? kfree+0x274/0x3f0 [ 12.112902] ? kfree+0x274/0x3f0 [ 12.112923] __kasan_kfree_large+0x86/0xd0 [ 12.112945] free_large_kmalloc+0x4b/0x110 [ 12.112969] kfree+0x274/0x3f0 [ 12.112993] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.113239] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.113272] ? __schedule+0x10cc/0x2b60 [ 12.113294] ? __pfx_read_tsc+0x10/0x10 [ 12.113315] ? ktime_get_ts64+0x86/0x230 [ 12.113339] kunit_try_run_case+0x1a5/0x480 [ 12.113364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.113387] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.113411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.113445] ? __kthread_parkme+0x82/0x180 [ 12.113466] ? preempt_count_sub+0x50/0x80 [ 12.113490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.113514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.113539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.113564] kthread+0x337/0x6f0 [ 12.113583] ? trace_preempt_on+0x20/0xc0 [ 12.113607] ? __pfx_kthread+0x10/0x10 [ 12.113627] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.113649] ? calculate_sigpending+0x7b/0xa0 [ 12.113673] ? __pfx_kthread+0x10/0x10 [ 12.113695] ret_from_fork+0x116/0x1d0 [ 12.113713] ? __pfx_kthread+0x10/0x10 [ 12.113734] ret_from_fork_asm+0x1a/0x30 [ 12.113777] </TASK> [ 12.113787] [ 12.121317] The buggy address belongs to the physical page: [ 12.121568] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a34 [ 12.121923] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.122302] flags: 0x200000000000040(head|node=0|zone=2) [ 12.122564] page_type: f8(unknown) [ 12.122698] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.122942] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.123261] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.123829] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.124291] head: 0200000000000002 ffffea00040a8d01 00000000ffffffff 00000000ffffffff [ 12.124608] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.125138] page dumped because: kasan: bad access detected [ 12.125363] [ 12.125464] Memory state around the buggy address: [ 12.125655] ffff888102a33f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.125952] ffff888102a33f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.126305] >ffff888102a34000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.126628] ^ [ 12.126746] ffff888102a34080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.126974] ffff888102a34100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.127288] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.090119] ================================================================== [ 12.090583] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.090869] Read of size 1 at addr ffff888102a34000 by task kunit_try_catch/165 [ 12.091368] [ 12.091491] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.091535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.091546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.091565] Call Trace: [ 12.091577] <TASK> [ 12.091591] dump_stack_lvl+0x73/0xb0 [ 12.091622] print_report+0xd1/0x610 [ 12.091644] ? __virt_addr_valid+0x1db/0x2d0 [ 12.091668] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.091689] ? kasan_addr_to_slab+0x11/0xa0 [ 12.091710] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.091731] kasan_report+0x141/0x180 [ 12.091767] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.091794] __asan_report_load1_noabort+0x18/0x20 [ 12.091819] kmalloc_large_uaf+0x2f1/0x340 [ 12.091840] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.091862] ? __schedule+0x10cc/0x2b60 [ 12.091885] ? __pfx_read_tsc+0x10/0x10 [ 12.091907] ? ktime_get_ts64+0x86/0x230 [ 12.091935] kunit_try_run_case+0x1a5/0x480 [ 12.091960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.091983] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.092008] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.092032] ? __kthread_parkme+0x82/0x180 [ 12.092053] ? preempt_count_sub+0x50/0x80 [ 12.092133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.092160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.092185] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.092211] kthread+0x337/0x6f0 [ 12.092230] ? trace_preempt_on+0x20/0xc0 [ 12.092255] ? __pfx_kthread+0x10/0x10 [ 12.092275] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.092297] ? calculate_sigpending+0x7b/0xa0 [ 12.092323] ? __pfx_kthread+0x10/0x10 [ 12.092345] ret_from_fork+0x116/0x1d0 [ 12.092365] ? __pfx_kthread+0x10/0x10 [ 12.092386] ret_from_fork_asm+0x1a/0x30 [ 12.092418] </TASK> [ 12.092427] [ 12.100268] The buggy address belongs to the physical page: [ 12.100550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a34 [ 12.100879] flags: 0x200000000000000(node=0|zone=2) [ 12.101189] raw: 0200000000000000 ffffea00040a8e08 ffff88815b039f80 0000000000000000 [ 12.101453] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.101830] page dumped because: kasan: bad access detected [ 12.102130] [ 12.102349] Memory state around the buggy address: [ 12.102706] ffff888102a33f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.103072] ffff888102a33f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.103362] >ffff888102a34000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.103670] ^ [ 12.103885] ffff888102a34080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.104115] ffff888102a34100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.104330] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.828989] ================================================================== [ 49.829402] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 49.829402] [ 49.829892] Use-after-free read at 0x(____ptrval____) (in kfence-#143): [ 49.830140] test_krealloc+0x6fc/0xbe0 [ 49.830328] kunit_try_run_case+0x1a5/0x480 [ 49.830567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.830811] kthread+0x337/0x6f0 [ 49.830948] ret_from_fork+0x116/0x1d0 [ 49.831143] ret_from_fork_asm+0x1a/0x30 [ 49.831324] [ 49.831399] kfence-#143: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.831399] [ 49.831907] allocated by task 354 on cpu 1 at 49.828296s (0.003609s ago): [ 49.832215] test_alloc+0x364/0x10f0 [ 49.832382] test_krealloc+0xad/0xbe0 [ 49.832610] kunit_try_run_case+0x1a5/0x480 [ 49.832906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.833093] kthread+0x337/0x6f0 [ 49.833247] ret_from_fork+0x116/0x1d0 [ 49.833440] ret_from_fork_asm+0x1a/0x30 [ 49.833729] [ 49.833819] freed by task 354 on cpu 1 at 49.828578s (0.005239s ago): [ 49.834096] krealloc_noprof+0x108/0x340 [ 49.834260] test_krealloc+0x226/0xbe0 [ 49.834451] kunit_try_run_case+0x1a5/0x480 [ 49.834648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.834893] kthread+0x337/0x6f0 [ 49.835062] ret_from_fork+0x116/0x1d0 [ 49.835222] ret_from_fork_asm+0x1a/0x30 [ 49.835429] [ 49.835529] CPU: 1 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 49.835955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.836159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.836538] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.747917] ================================================================== [ 49.748380] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.748380] [ 49.748823] Use-after-free read at 0x(____ptrval____) (in kfence-#142): [ 49.749153] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.749381] kunit_try_run_case+0x1a5/0x480 [ 49.749663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.749868] kthread+0x337/0x6f0 [ 49.749997] ret_from_fork+0x116/0x1d0 [ 49.750186] ret_from_fork_asm+0x1a/0x30 [ 49.750391] [ 49.750492] kfence-#142: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 49.750492] [ 49.750955] allocated by task 352 on cpu 1 at 49.724201s (0.026722s ago): [ 49.751315] test_alloc+0x2a6/0x10f0 [ 49.751472] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 49.751873] kunit_try_run_case+0x1a5/0x480 [ 49.752138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.752451] kthread+0x337/0x6f0 [ 49.752716] ret_from_fork+0x116/0x1d0 [ 49.752919] ret_from_fork_asm+0x1a/0x30 [ 49.753064] [ 49.753163] freed by task 352 on cpu 1 at 49.724300s (0.028860s ago): [ 49.753528] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 49.753734] kunit_try_run_case+0x1a5/0x480 [ 49.753922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.754103] kthread+0x337/0x6f0 [ 49.754278] ret_from_fork+0x116/0x1d0 [ 49.754473] ret_from_fork_asm+0x1a/0x30 [ 49.754897] [ 49.755010] CPU: 1 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 49.755480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.755688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.756143] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 25.091308] ================================================================== [ 25.091915] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 25.091915] [ 25.092416] Invalid read at 0x(____ptrval____): [ 25.093249] test_invalid_access+0xf0/0x210 [ 25.093756] kunit_try_run_case+0x1a5/0x480 [ 25.094010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.094327] kthread+0x337/0x6f0 [ 25.094513] ret_from_fork+0x116/0x1d0 [ 25.094803] ret_from_fork_asm+0x1a/0x30 [ 25.095207] [ 25.095319] CPU: 1 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 25.095818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.096108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.096449] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 24.868512] ================================================================== [ 24.868925] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.868925] [ 24.869329] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#138): [ 24.869881] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.870150] kunit_try_run_case+0x1a5/0x480 [ 24.870340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.871136] kthread+0x337/0x6f0 [ 24.871294] ret_from_fork+0x116/0x1d0 [ 24.871729] ret_from_fork_asm+0x1a/0x30 [ 24.872026] [ 24.872121] kfence-#138: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.872121] [ 24.872684] allocated by task 342 on cpu 1 at 24.868275s (0.004406s ago): [ 24.873106] test_alloc+0x364/0x10f0 [ 24.873304] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 24.873698] kunit_try_run_case+0x1a5/0x480 [ 24.873922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.874274] kthread+0x337/0x6f0 [ 24.874516] ret_from_fork+0x116/0x1d0 [ 24.874670] ret_from_fork_asm+0x1a/0x30 [ 24.875000] [ 24.875101] freed by task 342 on cpu 1 at 24.868399s (0.006700s ago): [ 24.875482] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.875856] kunit_try_run_case+0x1a5/0x480 [ 24.876137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.876352] kthread+0x337/0x6f0 [ 24.876541] ret_from_fork+0x116/0x1d0 [ 24.876912] ret_from_fork_asm+0x1a/0x30 [ 24.877090] [ 24.877223] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.877884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.878080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.878597] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 24.764482] ================================================================== [ 24.764905] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.764905] [ 24.765405] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#137): [ 24.765801] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 24.766086] kunit_try_run_case+0x1a5/0x480 [ 24.766262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.766587] kthread+0x337/0x6f0 [ 24.766738] ret_from_fork+0x116/0x1d0 [ 24.766963] ret_from_fork_asm+0x1a/0x30 [ 24.767148] [ 24.767274] kfence-#137: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.767274] [ 24.767703] allocated by task 340 on cpu 1 at 24.764280s (0.003421s ago): [ 24.768025] test_alloc+0x364/0x10f0 [ 24.768233] test_kmalloc_aligned_oob_read+0x105/0x560 [ 24.768493] kunit_try_run_case+0x1a5/0x480 [ 24.768708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.768968] kthread+0x337/0x6f0 [ 24.769101] ret_from_fork+0x116/0x1d0 [ 24.769294] ret_from_fork_asm+0x1a/0x30 [ 24.769591] [ 24.769707] CPU: 1 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.770204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.770381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.770864] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.980559] ================================================================== [ 19.980976] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.980976] [ 19.981351] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#91): [ 19.982028] test_corruption+0x2df/0x3e0 [ 19.982557] kunit_try_run_case+0x1a5/0x480 [ 19.982888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.983157] kthread+0x337/0x6f0 [ 19.983474] ret_from_fork+0x116/0x1d0 [ 19.983781] ret_from_fork_asm+0x1a/0x30 [ 19.984076] [ 19.984200] kfence-#91: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.984200] [ 19.984789] allocated by task 328 on cpu 1 at 19.980300s (0.004486s ago): [ 19.985231] test_alloc+0x364/0x10f0 [ 19.985528] test_corruption+0x1cb/0x3e0 [ 19.985754] kunit_try_run_case+0x1a5/0x480 [ 19.986153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.986412] kthread+0x337/0x6f0 [ 19.986786] ret_from_fork+0x116/0x1d0 [ 19.987076] ret_from_fork_asm+0x1a/0x30 [ 19.987274] [ 19.987576] freed by task 328 on cpu 1 at 19.980398s (0.007175s ago): [ 19.987899] test_corruption+0x2df/0x3e0 [ 19.988237] kunit_try_run_case+0x1a5/0x480 [ 19.988544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.988811] kthread+0x337/0x6f0 [ 19.989109] ret_from_fork+0x116/0x1d0 [ 19.989396] ret_from_fork_asm+0x1a/0x30 [ 19.989699] [ 19.989838] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.990450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.990699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.991104] ================================================================== [ 20.292384] ================================================================== [ 20.292906] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 20.292906] [ 20.294143] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#94): [ 20.294506] test_corruption+0x216/0x3e0 [ 20.294678] kunit_try_run_case+0x1a5/0x480 [ 20.294918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.295169] kthread+0x337/0x6f0 [ 20.295340] ret_from_fork+0x116/0x1d0 [ 20.295493] ret_from_fork_asm+0x1a/0x30 [ 20.296133] [ 20.296214] kfence-#94: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.296214] [ 20.296799] allocated by task 330 on cpu 0 at 20.292270s (0.004527s ago): [ 20.297260] test_alloc+0x2a6/0x10f0 [ 20.297536] test_corruption+0x1cb/0x3e0 [ 20.297731] kunit_try_run_case+0x1a5/0x480 [ 20.297947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.298178] kthread+0x337/0x6f0 [ 20.298335] ret_from_fork+0x116/0x1d0 [ 20.298765] ret_from_fork_asm+0x1a/0x30 [ 20.299054] [ 20.299137] freed by task 330 on cpu 0 at 20.292309s (0.006826s ago): [ 20.299680] test_corruption+0x216/0x3e0 [ 20.299955] kunit_try_run_case+0x1a5/0x480 [ 20.300219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.300445] kthread+0x337/0x6f0 [ 20.300630] ret_from_fork+0x116/0x1d0 [ 20.300991] ret_from_fork_asm+0x1a/0x30 [ 20.301189] [ 20.301374] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 20.301985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.302244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.302707] ================================================================== [ 19.772465] ================================================================== [ 19.772898] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 19.772898] [ 19.773415] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#89): [ 19.774367] test_corruption+0x2d2/0x3e0 [ 19.774595] kunit_try_run_case+0x1a5/0x480 [ 19.774828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.775510] kthread+0x337/0x6f0 [ 19.775710] ret_from_fork+0x116/0x1d0 [ 19.775931] ret_from_fork_asm+0x1a/0x30 [ 19.776295] [ 19.776417] kfence-#89: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.776417] [ 19.776849] allocated by task 328 on cpu 1 at 19.772233s (0.004615s ago): [ 19.777390] test_alloc+0x364/0x10f0 [ 19.777691] test_corruption+0xe6/0x3e0 [ 19.777982] kunit_try_run_case+0x1a5/0x480 [ 19.778187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.778558] kthread+0x337/0x6f0 [ 19.778825] ret_from_fork+0x116/0x1d0 [ 19.779018] ret_from_fork_asm+0x1a/0x30 [ 19.779366] [ 19.779584] freed by task 328 on cpu 1 at 19.772311s (0.007271s ago): [ 19.779906] test_corruption+0x2d2/0x3e0 [ 19.780224] kunit_try_run_case+0x1a5/0x480 [ 19.780542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.780896] kthread+0x337/0x6f0 [ 19.781074] ret_from_fork+0x116/0x1d0 [ 19.781380] ret_from_fork_asm+0x1a/0x30 [ 19.781749] [ 19.781945] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.782536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.782751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.783298] ================================================================== [ 20.084393] ================================================================== [ 20.084798] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 20.084798] [ 20.085147] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#92): [ 20.085820] test_corruption+0x131/0x3e0 [ 20.085971] kunit_try_run_case+0x1a5/0x480 [ 20.086192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.086448] kthread+0x337/0x6f0 [ 20.086655] ret_from_fork+0x116/0x1d0 [ 20.087241] ret_from_fork_asm+0x1a/0x30 [ 20.087398] [ 20.087475] kfence-#92: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.087475] [ 20.087741] allocated by task 330 on cpu 0 at 20.084271s (0.003468s ago): [ 20.087969] test_alloc+0x2a6/0x10f0 [ 20.088097] test_corruption+0xe6/0x3e0 [ 20.088231] kunit_try_run_case+0x1a5/0x480 [ 20.088374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.088545] kthread+0x337/0x6f0 [ 20.088663] ret_from_fork+0x116/0x1d0 [ 20.088896] ret_from_fork_asm+0x1a/0x30 [ 20.089043] [ 20.089115] freed by task 330 on cpu 0 at 20.084323s (0.004790s ago): [ 20.090375] test_corruption+0x131/0x3e0 [ 20.090525] kunit_try_run_case+0x1a5/0x480 [ 20.090670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.090946] kthread+0x337/0x6f0 [ 20.091068] ret_from_fork+0x116/0x1d0 [ 20.091204] ret_from_fork_asm+0x1a/0x30 [ 20.091347] [ 20.091443] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 20.091783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.091988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.092389] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 19.564389] ================================================================== [ 19.564794] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 19.564794] [ 19.565125] Invalid free of 0x(____ptrval____) (in kfence-#87): [ 19.565431] test_invalid_addr_free+0x1e1/0x260 [ 19.565656] kunit_try_run_case+0x1a5/0x480 [ 19.565827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.566052] kthread+0x337/0x6f0 [ 19.566191] ret_from_fork+0x116/0x1d0 [ 19.566330] ret_from_fork_asm+0x1a/0x30 [ 19.566476] [ 19.566637] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.566637] [ 19.567093] allocated by task 324 on cpu 0 at 19.564275s (0.002817s ago): [ 19.567324] test_alloc+0x364/0x10f0 [ 19.567458] test_invalid_addr_free+0xdb/0x260 [ 19.567614] kunit_try_run_case+0x1a5/0x480 [ 19.567764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.567952] kthread+0x337/0x6f0 [ 19.568076] ret_from_fork+0x116/0x1d0 [ 19.568212] ret_from_fork_asm+0x1a/0x30 [ 19.568354] [ 19.568447] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.568793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.568997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.569272] ================================================================== [ 19.668406] ================================================================== [ 19.668967] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 19.668967] [ 19.669340] Invalid free of 0x(____ptrval____) (in kfence-#88): [ 19.670336] test_invalid_addr_free+0xfb/0x260 [ 19.670697] kunit_try_run_case+0x1a5/0x480 [ 19.670904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.671151] kthread+0x337/0x6f0 [ 19.671314] ret_from_fork+0x116/0x1d0 [ 19.671734] ret_from_fork_asm+0x1a/0x30 [ 19.671946] [ 19.672026] kfence-#88: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.672026] [ 19.672586] allocated by task 326 on cpu 1 at 19.668293s (0.004290s ago): [ 19.672998] test_alloc+0x2a6/0x10f0 [ 19.673168] test_invalid_addr_free+0xdb/0x260 [ 19.673373] kunit_try_run_case+0x1a5/0x480 [ 19.673816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.674063] kthread+0x337/0x6f0 [ 19.674360] ret_from_fork+0x116/0x1d0 [ 19.674548] ret_from_fork_asm+0x1a/0x30 [ 19.674890] [ 19.675013] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.675639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.675914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.676360] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 19.356573] ================================================================== [ 19.357018] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 19.357018] [ 19.357360] Invalid free of 0x(____ptrval____) (in kfence-#85): [ 19.357716] test_double_free+0x1d3/0x260 [ 19.357971] kunit_try_run_case+0x1a5/0x480 [ 19.358185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.358403] kthread+0x337/0x6f0 [ 19.358532] ret_from_fork+0x116/0x1d0 [ 19.358683] ret_from_fork_asm+0x1a/0x30 [ 19.358899] [ 19.359003] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.359003] [ 19.359389] allocated by task 320 on cpu 0 at 19.356316s (0.003071s ago): [ 19.359791] test_alloc+0x364/0x10f0 [ 19.359924] test_double_free+0xdb/0x260 [ 19.360065] kunit_try_run_case+0x1a5/0x480 [ 19.360294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.360564] kthread+0x337/0x6f0 [ 19.360738] ret_from_fork+0x116/0x1d0 [ 19.361080] ret_from_fork_asm+0x1a/0x30 [ 19.361263] [ 19.361364] freed by task 320 on cpu 0 at 19.356388s (0.004974s ago): [ 19.361664] test_double_free+0x1e0/0x260 [ 19.361867] kunit_try_run_case+0x1a5/0x480 [ 19.362034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.362213] kthread+0x337/0x6f0 [ 19.362387] ret_from_fork+0x116/0x1d0 [ 19.362616] ret_from_fork_asm+0x1a/0x30 [ 19.362828] [ 19.362951] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.363315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.363457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.363882] ================================================================== [ 19.460506] ================================================================== [ 19.460916] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 19.460916] [ 19.461322] Invalid free of 0x(____ptrval____) (in kfence-#86): [ 19.461666] test_double_free+0x112/0x260 [ 19.461941] kunit_try_run_case+0x1a5/0x480 [ 19.462164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.462342] kthread+0x337/0x6f0 [ 19.462465] ret_from_fork+0x116/0x1d0 [ 19.462599] ret_from_fork_asm+0x1a/0x30 [ 19.462907] [ 19.463103] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.463103] [ 19.463549] allocated by task 322 on cpu 1 at 19.460330s (0.003217s ago): [ 19.463899] test_alloc+0x2a6/0x10f0 [ 19.464124] test_double_free+0xdb/0x260 [ 19.464338] kunit_try_run_case+0x1a5/0x480 [ 19.464659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.464848] kthread+0x337/0x6f0 [ 19.464967] ret_from_fork+0x116/0x1d0 [ 19.465099] ret_from_fork_asm+0x1a/0x30 [ 19.465325] [ 19.465424] freed by task 322 on cpu 1 at 19.460385s (0.005037s ago): [ 19.465757] test_double_free+0xfa/0x260 [ 19.465970] kunit_try_run_case+0x1a5/0x480 [ 19.466183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.466419] kthread+0x337/0x6f0 [ 19.466613] ret_from_fork+0x116/0x1d0 [ 19.466793] ret_from_fork_asm+0x1a/0x30 [ 19.466994] [ 19.467109] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.467614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.467805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.468182] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 19.044547] ================================================================== [ 19.044991] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 19.044991] [ 19.045408] Use-after-free read at 0x(____ptrval____) (in kfence-#82): [ 19.046581] test_use_after_free_read+0x129/0x270 [ 19.046811] kunit_try_run_case+0x1a5/0x480 [ 19.047017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.047205] kthread+0x337/0x6f0 [ 19.047332] ret_from_fork+0x116/0x1d0 [ 19.047706] ret_from_fork_asm+0x1a/0x30 [ 19.048002] [ 19.048108] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.048108] [ 19.048385] allocated by task 314 on cpu 1 at 19.044379s (0.004004s ago): [ 19.048616] test_alloc+0x2a6/0x10f0 [ 19.048748] test_use_after_free_read+0xdc/0x270 [ 19.049362] kunit_try_run_case+0x1a5/0x480 [ 19.049662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.050814] kthread+0x337/0x6f0 [ 19.051000] ret_from_fork+0x116/0x1d0 [ 19.051149] ret_from_fork_asm+0x1a/0x30 [ 19.051295] [ 19.051369] freed by task 314 on cpu 1 at 19.044421s (0.006946s ago): [ 19.051607] test_use_after_free_read+0xfb/0x270 [ 19.051765] kunit_try_run_case+0x1a5/0x480 [ 19.052610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.053255] kthread+0x337/0x6f0 [ 19.053621] ret_from_fork+0x116/0x1d0 [ 19.054048] ret_from_fork_asm+0x1a/0x30 [ 19.054208] [ 19.054312] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.055619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.056111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.056688] ================================================================== [ 18.940458] ================================================================== [ 18.940879] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.940879] [ 18.941430] Use-after-free read at 0x(____ptrval____) (in kfence-#81): [ 18.941657] test_use_after_free_read+0x129/0x270 [ 18.941927] kunit_try_run_case+0x1a5/0x480 [ 18.942138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.942387] kthread+0x337/0x6f0 [ 18.942532] ret_from_fork+0x116/0x1d0 [ 18.942672] ret_from_fork_asm+0x1a/0x30 [ 18.942903] [ 18.943005] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.943005] [ 18.943417] allocated by task 312 on cpu 0 at 18.940251s (0.003164s ago): [ 18.943670] test_alloc+0x364/0x10f0 [ 18.943872] test_use_after_free_read+0xdc/0x270 [ 18.944095] kunit_try_run_case+0x1a5/0x480 [ 18.944246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.944518] kthread+0x337/0x6f0 [ 18.944760] ret_from_fork+0x116/0x1d0 [ 18.944931] ret_from_fork_asm+0x1a/0x30 [ 18.945099] [ 18.945316] freed by task 312 on cpu 0 at 18.940310s (0.004924s ago): [ 18.945779] test_use_after_free_read+0x1e7/0x270 [ 18.945979] kunit_try_run_case+0x1a5/0x480 [ 18.946162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.946344] kthread+0x337/0x6f0 [ 18.946600] ret_from_fork+0x116/0x1d0 [ 18.946804] ret_from_fork_asm+0x1a/0x30 [ 18.947023] [ 18.947127] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.947585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.947848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.948216] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 18.420377] ================================================================== [ 18.420802] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 18.420802] [ 18.421359] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#76): [ 18.421733] test_out_of_bounds_write+0x10d/0x260 [ 18.422472] kunit_try_run_case+0x1a5/0x480 [ 18.422707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.423172] kthread+0x337/0x6f0 [ 18.423454] ret_from_fork+0x116/0x1d0 [ 18.423612] ret_from_fork_asm+0x1a/0x30 [ 18.423866] [ 18.424146] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.424146] [ 18.424667] allocated by task 308 on cpu 0 at 18.420254s (0.004410s ago): [ 18.424981] test_alloc+0x364/0x10f0 [ 18.425171] test_out_of_bounds_write+0xd4/0x260 [ 18.425414] kunit_try_run_case+0x1a5/0x480 [ 18.425690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.425937] kthread+0x337/0x6f0 [ 18.426086] ret_from_fork+0x116/0x1d0 [ 18.426299] ret_from_fork_asm+0x1a/0x30 [ 18.426525] [ 18.426658] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.427109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.427319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.427625] ================================================================== [ 18.836347] ================================================================== [ 18.836745] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 18.836745] [ 18.837304] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#80): [ 18.837554] test_out_of_bounds_write+0x10d/0x260 [ 18.837828] kunit_try_run_case+0x1a5/0x480 [ 18.838214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.838550] kthread+0x337/0x6f0 [ 18.838682] ret_from_fork+0x116/0x1d0 [ 18.838878] ret_from_fork_asm+0x1a/0x30 [ 18.839113] [ 18.839222] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.839222] [ 18.839685] allocated by task 310 on cpu 0 at 18.836288s (0.003395s ago): [ 18.840007] test_alloc+0x2a6/0x10f0 [ 18.840222] test_out_of_bounds_write+0xd4/0x260 [ 18.840452] kunit_try_run_case+0x1a5/0x480 [ 18.840619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.840801] kthread+0x337/0x6f0 [ 18.840940] ret_from_fork+0x116/0x1d0 [ 18.841136] ret_from_fork_asm+0x1a/0x30 [ 18.841362] [ 18.841523] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.842213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.842412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.842685] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.965621] ================================================================== [ 16.966111] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.966111] [ 16.966657] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#62): [ 16.967136] test_out_of_bounds_read+0x126/0x4e0 [ 16.967430] kunit_try_run_case+0x1a5/0x480 [ 16.967646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.967937] kthread+0x337/0x6f0 [ 16.968119] ret_from_fork+0x116/0x1d0 [ 16.968261] ret_from_fork_asm+0x1a/0x30 [ 16.968510] [ 16.968759] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.968759] [ 16.969338] allocated by task 304 on cpu 1 at 16.964315s (0.004967s ago): [ 16.969997] test_alloc+0x364/0x10f0 [ 16.970221] test_out_of_bounds_read+0xed/0x4e0 [ 16.970461] kunit_try_run_case+0x1a5/0x480 [ 16.970660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.970866] kthread+0x337/0x6f0 [ 16.971067] ret_from_fork+0x116/0x1d0 [ 16.971291] ret_from_fork_asm+0x1a/0x30 [ 16.971601] [ 16.971777] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.972235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.972432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.972859] ================================================================== [ 17.276404] ================================================================== [ 17.276814] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.276814] [ 17.277417] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#65): [ 17.277720] test_out_of_bounds_read+0x216/0x4e0 [ 17.277975] kunit_try_run_case+0x1a5/0x480 [ 17.278211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.278518] kthread+0x337/0x6f0 [ 17.278644] ret_from_fork+0x116/0x1d0 [ 17.278833] ret_from_fork_asm+0x1a/0x30 [ 17.279062] [ 17.279180] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.279180] [ 17.279573] allocated by task 304 on cpu 1 at 17.276283s (0.003288s ago): [ 17.280014] test_alloc+0x364/0x10f0 [ 17.280220] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.280469] kunit_try_run_case+0x1a5/0x480 [ 17.280657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.280943] kthread+0x337/0x6f0 [ 17.281092] ret_from_fork+0x116/0x1d0 [ 17.281277] ret_from_fork_asm+0x1a/0x30 [ 17.281504] [ 17.281608] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.282102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.282288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.282700] ================================================================== [ 17.588437] ================================================================== [ 17.588851] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.588851] [ 17.589491] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#68): [ 17.589831] test_out_of_bounds_read+0x126/0x4e0 [ 17.590078] kunit_try_run_case+0x1a5/0x480 [ 17.590301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.590602] kthread+0x337/0x6f0 [ 17.590814] ret_from_fork+0x116/0x1d0 [ 17.591025] ret_from_fork_asm+0x1a/0x30 [ 17.591201] [ 17.591282] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.591282] [ 17.591831] allocated by task 306 on cpu 1 at 17.588282s (0.003547s ago): [ 17.592223] test_alloc+0x2a6/0x10f0 [ 17.592421] test_out_of_bounds_read+0xed/0x4e0 [ 17.592671] kunit_try_run_case+0x1a5/0x480 [ 17.592963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.593233] kthread+0x337/0x6f0 [ 17.593398] ret_from_fork+0x116/0x1d0 [ 17.593607] ret_from_fork_asm+0x1a/0x30 [ 17.593835] [ 17.593961] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.594381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.594688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.595308] ================================================================== [ 18.004348] ================================================================== [ 18.004762] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 18.004762] [ 18.005311] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#72): [ 18.005609] test_out_of_bounds_read+0x216/0x4e0 [ 18.005896] kunit_try_run_case+0x1a5/0x480 [ 18.006127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.006416] kthread+0x337/0x6f0 [ 18.006612] ret_from_fork+0x116/0x1d0 [ 18.006812] ret_from_fork_asm+0x1a/0x30 [ 18.007018] [ 18.007127] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.007127] [ 18.007567] allocated by task 306 on cpu 1 at 18.004290s (0.003276s ago): [ 18.007903] test_alloc+0x2a6/0x10f0 [ 18.008040] test_out_of_bounds_read+0x1e2/0x4e0 [ 18.008274] kunit_try_run_case+0x1a5/0x480 [ 18.008548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.008811] kthread+0x337/0x6f0 [ 18.009007] ret_from_fork+0x116/0x1d0 [ 18.009200] ret_from_fork_asm+0x1a/0x30 [ 18.009398] [ 18.009507] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.009854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.010186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.010512] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.828470] ================================================================== [ 16.828815] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.829130] Write of size 1 at addr ffff88810307db78 by task kunit_try_catch/302 [ 16.829358] [ 16.829441] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.829496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.829509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.829530] Call Trace: [ 16.829546] <TASK> [ 16.829561] dump_stack_lvl+0x73/0xb0 [ 16.829589] print_report+0xd1/0x610 [ 16.829615] ? __virt_addr_valid+0x1db/0x2d0 [ 16.829639] ? strncpy_from_user+0x1a5/0x1d0 [ 16.829663] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.829689] ? strncpy_from_user+0x1a5/0x1d0 [ 16.829715] kasan_report+0x141/0x180 [ 16.829738] ? strncpy_from_user+0x1a5/0x1d0 [ 16.829779] __asan_report_store1_noabort+0x1b/0x30 [ 16.829807] strncpy_from_user+0x1a5/0x1d0 [ 16.829835] copy_user_test_oob+0x760/0x10f0 [ 16.829863] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.829889] ? finish_task_switch.isra.0+0x153/0x700 [ 16.829913] ? __switch_to+0x47/0xf50 [ 16.829939] ? __schedule+0x10cc/0x2b60 [ 16.829963] ? __pfx_read_tsc+0x10/0x10 [ 16.829986] ? ktime_get_ts64+0x86/0x230 [ 16.830011] kunit_try_run_case+0x1a5/0x480 [ 16.830037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.830062] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.830089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.830114] ? __kthread_parkme+0x82/0x180 [ 16.830136] ? preempt_count_sub+0x50/0x80 [ 16.830161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.830188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.830214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.830242] kthread+0x337/0x6f0 [ 16.830262] ? trace_preempt_on+0x20/0xc0 [ 16.830287] ? __pfx_kthread+0x10/0x10 [ 16.830309] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.830332] ? calculate_sigpending+0x7b/0xa0 [ 16.830357] ? __pfx_kthread+0x10/0x10 [ 16.830380] ret_from_fork+0x116/0x1d0 [ 16.830399] ? __pfx_kthread+0x10/0x10 [ 16.830420] ret_from_fork_asm+0x1a/0x30 [ 16.830453] </TASK> [ 16.830463] [ 16.837974] Allocated by task 302: [ 16.838154] kasan_save_stack+0x45/0x70 [ 16.838337] kasan_save_track+0x18/0x40 [ 16.838546] kasan_save_alloc_info+0x3b/0x50 [ 16.838710] __kasan_kmalloc+0xb7/0xc0 [ 16.838912] __kmalloc_noprof+0x1c9/0x500 [ 16.839089] kunit_kmalloc_array+0x25/0x60 [ 16.839293] copy_user_test_oob+0xab/0x10f0 [ 16.839459] kunit_try_run_case+0x1a5/0x480 [ 16.839607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.839794] kthread+0x337/0x6f0 [ 16.839917] ret_from_fork+0x116/0x1d0 [ 16.840182] ret_from_fork_asm+0x1a/0x30 [ 16.840445] [ 16.840539] The buggy address belongs to the object at ffff88810307db00 [ 16.840539] which belongs to the cache kmalloc-128 of size 128 [ 16.841074] The buggy address is located 0 bytes to the right of [ 16.841074] allocated 120-byte region [ffff88810307db00, ffff88810307db78) [ 16.841562] [ 16.841634] The buggy address belongs to the physical page: [ 16.842621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307d [ 16.843008] flags: 0x200000000000000(node=0|zone=2) [ 16.843250] page_type: f5(slab) [ 16.843419] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.844097] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.844601] page dumped because: kasan: bad access detected [ 16.844905] [ 16.845137] Memory state around the buggy address: [ 16.845480] ffff88810307da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.845801] ffff88810307da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.846093] >ffff88810307db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.846384] ^ [ 16.847108] ffff88810307db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.847588] ffff88810307dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.848096] ================================================================== [ 16.810462] ================================================================== [ 16.810748] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.811119] Write of size 121 at addr ffff88810307db00 by task kunit_try_catch/302 [ 16.811455] [ 16.811540] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.811584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.811596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.811618] Call Trace: [ 16.811633] <TASK> [ 16.811649] dump_stack_lvl+0x73/0xb0 [ 16.811679] print_report+0xd1/0x610 [ 16.811703] ? __virt_addr_valid+0x1db/0x2d0 [ 16.811727] ? strncpy_from_user+0x2e/0x1d0 [ 16.811751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.811789] ? strncpy_from_user+0x2e/0x1d0 [ 16.811814] kasan_report+0x141/0x180 [ 16.811838] ? strncpy_from_user+0x2e/0x1d0 [ 16.811867] kasan_check_range+0x10c/0x1c0 [ 16.811892] __kasan_check_write+0x18/0x20 [ 16.811913] strncpy_from_user+0x2e/0x1d0 [ 16.811949] ? __kasan_check_read+0x15/0x20 [ 16.811972] copy_user_test_oob+0x760/0x10f0 [ 16.812000] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.812025] ? finish_task_switch.isra.0+0x153/0x700 [ 16.812050] ? __switch_to+0x47/0xf50 [ 16.812076] ? __schedule+0x10cc/0x2b60 [ 16.812099] ? __pfx_read_tsc+0x10/0x10 [ 16.812122] ? ktime_get_ts64+0x86/0x230 [ 16.812146] kunit_try_run_case+0x1a5/0x480 [ 16.812173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.812199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.812225] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.812251] ? __kthread_parkme+0x82/0x180 [ 16.812272] ? preempt_count_sub+0x50/0x80 [ 16.812297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.812323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.812350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.812377] kthread+0x337/0x6f0 [ 16.812398] ? trace_preempt_on+0x20/0xc0 [ 16.812423] ? __pfx_kthread+0x10/0x10 [ 16.812456] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.812478] ? calculate_sigpending+0x7b/0xa0 [ 16.812504] ? __pfx_kthread+0x10/0x10 [ 16.812527] ret_from_fork+0x116/0x1d0 [ 16.812546] ? __pfx_kthread+0x10/0x10 [ 16.812567] ret_from_fork_asm+0x1a/0x30 [ 16.812600] </TASK> [ 16.812611] [ 16.820329] Allocated by task 302: [ 16.820506] kasan_save_stack+0x45/0x70 [ 16.820736] kasan_save_track+0x18/0x40 [ 16.820941] kasan_save_alloc_info+0x3b/0x50 [ 16.821144] __kasan_kmalloc+0xb7/0xc0 [ 16.821289] __kmalloc_noprof+0x1c9/0x500 [ 16.821489] kunit_kmalloc_array+0x25/0x60 [ 16.821642] copy_user_test_oob+0xab/0x10f0 [ 16.821906] kunit_try_run_case+0x1a5/0x480 [ 16.822221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.822435] kthread+0x337/0x6f0 [ 16.822567] ret_from_fork+0x116/0x1d0 [ 16.822704] ret_from_fork_asm+0x1a/0x30 [ 16.822858] [ 16.822932] The buggy address belongs to the object at ffff88810307db00 [ 16.822932] which belongs to the cache kmalloc-128 of size 128 [ 16.823507] The buggy address is located 0 bytes inside of [ 16.823507] allocated 120-byte region [ffff88810307db00, ffff88810307db78) [ 16.823959] [ 16.824037] The buggy address belongs to the physical page: [ 16.824210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307d [ 16.824485] flags: 0x200000000000000(node=0|zone=2) [ 16.824718] page_type: f5(slab) [ 16.824897] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.825245] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.825599] page dumped because: kasan: bad access detected [ 16.825868] [ 16.825970] Memory state around the buggy address: [ 16.826208] ffff88810307da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.826540] ffff88810307da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.826797] >ffff88810307db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.827025] ^ [ 16.827341] ffff88810307db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.827589] ffff88810307dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.827847] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.723130] ================================================================== [ 16.723885] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.725245] Read of size 121 at addr ffff88810307db00 by task kunit_try_catch/302 [ 16.726467] [ 16.726852] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.726902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.726916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.727096] Call Trace: [ 16.727116] <TASK> [ 16.727132] dump_stack_lvl+0x73/0xb0 [ 16.727166] print_report+0xd1/0x610 [ 16.727205] ? __virt_addr_valid+0x1db/0x2d0 [ 16.727229] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.727255] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.727281] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.727307] kasan_report+0x141/0x180 [ 16.727330] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.727360] kasan_check_range+0x10c/0x1c0 [ 16.727386] __kasan_check_read+0x15/0x20 [ 16.727407] copy_user_test_oob+0x4aa/0x10f0 [ 16.727511] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.727541] ? finish_task_switch.isra.0+0x153/0x700 [ 16.727566] ? __switch_to+0x47/0xf50 [ 16.727593] ? __schedule+0x10cc/0x2b60 [ 16.727617] ? __pfx_read_tsc+0x10/0x10 [ 16.727640] ? ktime_get_ts64+0x86/0x230 [ 16.727664] kunit_try_run_case+0x1a5/0x480 [ 16.727691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.727716] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.727742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.727779] ? __kthread_parkme+0x82/0x180 [ 16.727801] ? preempt_count_sub+0x50/0x80 [ 16.727826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.727853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.727880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.727907] kthread+0x337/0x6f0 [ 16.727928] ? trace_preempt_on+0x20/0xc0 [ 16.727953] ? __pfx_kthread+0x10/0x10 [ 16.727976] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.727999] ? calculate_sigpending+0x7b/0xa0 [ 16.728025] ? __pfx_kthread+0x10/0x10 [ 16.728048] ret_from_fork+0x116/0x1d0 [ 16.728069] ? __pfx_kthread+0x10/0x10 [ 16.728090] ret_from_fork_asm+0x1a/0x30 [ 16.728122] </TASK> [ 16.728133] [ 16.739340] Allocated by task 302: [ 16.739855] kasan_save_stack+0x45/0x70 [ 16.740434] kasan_save_track+0x18/0x40 [ 16.740892] kasan_save_alloc_info+0x3b/0x50 [ 16.741406] __kasan_kmalloc+0xb7/0xc0 [ 16.741781] __kmalloc_noprof+0x1c9/0x500 [ 16.741945] kunit_kmalloc_array+0x25/0x60 [ 16.742098] copy_user_test_oob+0xab/0x10f0 [ 16.742251] kunit_try_run_case+0x1a5/0x480 [ 16.742400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.743274] kthread+0x337/0x6f0 [ 16.743809] ret_from_fork+0x116/0x1d0 [ 16.744320] ret_from_fork_asm+0x1a/0x30 [ 16.744890] [ 16.745223] The buggy address belongs to the object at ffff88810307db00 [ 16.745223] which belongs to the cache kmalloc-128 of size 128 [ 16.747004] The buggy address is located 0 bytes inside of [ 16.747004] allocated 120-byte region [ffff88810307db00, ffff88810307db78) [ 16.748168] [ 16.748376] The buggy address belongs to the physical page: [ 16.748916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307d [ 16.749646] flags: 0x200000000000000(node=0|zone=2) [ 16.750121] page_type: f5(slab) [ 16.750440] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.751121] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.751360] page dumped because: kasan: bad access detected [ 16.751836] [ 16.752023] Memory state around the buggy address: [ 16.752490] ffff88810307da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.753041] ffff88810307da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.753263] >ffff88810307db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.753487] ^ [ 16.753703] ffff88810307db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.753936] ffff88810307dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.754255] ================================================================== [ 16.755594] ================================================================== [ 16.755908] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.756596] Write of size 121 at addr ffff88810307db00 by task kunit_try_catch/302 [ 16.756921] [ 16.757027] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.757072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.757086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.757107] Call Trace: [ 16.757124] <TASK> [ 16.757140] dump_stack_lvl+0x73/0xb0 [ 16.757172] print_report+0xd1/0x610 [ 16.757196] ? __virt_addr_valid+0x1db/0x2d0 [ 16.757220] ? copy_user_test_oob+0x557/0x10f0 [ 16.757245] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.757272] ? copy_user_test_oob+0x557/0x10f0 [ 16.757297] kasan_report+0x141/0x180 [ 16.757321] ? copy_user_test_oob+0x557/0x10f0 [ 16.757350] kasan_check_range+0x10c/0x1c0 [ 16.757376] __kasan_check_write+0x18/0x20 [ 16.757398] copy_user_test_oob+0x557/0x10f0 [ 16.757425] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.757464] ? finish_task_switch.isra.0+0x153/0x700 [ 16.757489] ? __switch_to+0x47/0xf50 [ 16.757516] ? __schedule+0x10cc/0x2b60 [ 16.757540] ? __pfx_read_tsc+0x10/0x10 [ 16.757563] ? ktime_get_ts64+0x86/0x230 [ 16.757589] kunit_try_run_case+0x1a5/0x480 [ 16.757615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.757640] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.757666] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.757692] ? __kthread_parkme+0x82/0x180 [ 16.757715] ? preempt_count_sub+0x50/0x80 [ 16.757740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.757785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.757811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.757839] kthread+0x337/0x6f0 [ 16.757860] ? trace_preempt_on+0x20/0xc0 [ 16.757886] ? __pfx_kthread+0x10/0x10 [ 16.757908] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.757932] ? calculate_sigpending+0x7b/0xa0 [ 16.757958] ? __pfx_kthread+0x10/0x10 [ 16.757981] ret_from_fork+0x116/0x1d0 [ 16.758001] ? __pfx_kthread+0x10/0x10 [ 16.758023] ret_from_fork_asm+0x1a/0x30 [ 16.758055] </TASK> [ 16.758066] [ 16.768251] Allocated by task 302: [ 16.768673] kasan_save_stack+0x45/0x70 [ 16.769008] kasan_save_track+0x18/0x40 [ 16.769376] kasan_save_alloc_info+0x3b/0x50 [ 16.769752] __kasan_kmalloc+0xb7/0xc0 [ 16.769971] __kmalloc_noprof+0x1c9/0x500 [ 16.770163] kunit_kmalloc_array+0x25/0x60 [ 16.770353] copy_user_test_oob+0xab/0x10f0 [ 16.770823] kunit_try_run_case+0x1a5/0x480 [ 16.771216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.771696] kthread+0x337/0x6f0 [ 16.771957] ret_from_fork+0x116/0x1d0 [ 16.772266] ret_from_fork_asm+0x1a/0x30 [ 16.772658] [ 16.772878] The buggy address belongs to the object at ffff88810307db00 [ 16.772878] which belongs to the cache kmalloc-128 of size 128 [ 16.773402] The buggy address is located 0 bytes inside of [ 16.773402] allocated 120-byte region [ffff88810307db00, ffff88810307db78) [ 16.774320] [ 16.774443] The buggy address belongs to the physical page: [ 16.774683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307d [ 16.775024] flags: 0x200000000000000(node=0|zone=2) [ 16.775248] page_type: f5(slab) [ 16.775408] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.776053] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.776734] page dumped because: kasan: bad access detected [ 16.777055] [ 16.777273] Memory state around the buggy address: [ 16.777936] ffff88810307da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.778570] ffff88810307da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.779158] >ffff88810307db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.779386] ^ [ 16.779787] ffff88810307db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.780394] ffff88810307dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.781213] ================================================================== [ 16.702883] ================================================================== [ 16.703328] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.703636] Write of size 121 at addr ffff88810307db00 by task kunit_try_catch/302 [ 16.703970] [ 16.704080] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.704125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.704138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.704160] Call Trace: [ 16.704172] <TASK> [ 16.704189] dump_stack_lvl+0x73/0xb0 [ 16.704218] print_report+0xd1/0x610 [ 16.704243] ? __virt_addr_valid+0x1db/0x2d0 [ 16.704267] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.704293] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.704318] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.704344] kasan_report+0x141/0x180 [ 16.704368] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.704398] kasan_check_range+0x10c/0x1c0 [ 16.704423] __kasan_check_write+0x18/0x20 [ 16.704445] copy_user_test_oob+0x3fd/0x10f0 [ 16.704472] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.704505] ? finish_task_switch.isra.0+0x153/0x700 [ 16.704530] ? __switch_to+0x47/0xf50 [ 16.704557] ? __schedule+0x10cc/0x2b60 [ 16.704581] ? __pfx_read_tsc+0x10/0x10 [ 16.704603] ? ktime_get_ts64+0x86/0x230 [ 16.704629] kunit_try_run_case+0x1a5/0x480 [ 16.704656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.704681] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.704707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.704733] ? __kthread_parkme+0x82/0x180 [ 16.704755] ? preempt_count_sub+0x50/0x80 [ 16.704804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.704831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.704857] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.704885] kthread+0x337/0x6f0 [ 16.704905] ? trace_preempt_on+0x20/0xc0 [ 16.704932] ? __pfx_kthread+0x10/0x10 [ 16.704954] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.704978] ? calculate_sigpending+0x7b/0xa0 [ 16.705004] ? __pfx_kthread+0x10/0x10 [ 16.705027] ret_from_fork+0x116/0x1d0 [ 16.705048] ? __pfx_kthread+0x10/0x10 [ 16.705070] ret_from_fork_asm+0x1a/0x30 [ 16.705101] </TASK> [ 16.705112] [ 16.712087] Allocated by task 302: [ 16.712270] kasan_save_stack+0x45/0x70 [ 16.712470] kasan_save_track+0x18/0x40 [ 16.712662] kasan_save_alloc_info+0x3b/0x50 [ 16.712897] __kasan_kmalloc+0xb7/0xc0 [ 16.713039] __kmalloc_noprof+0x1c9/0x500 [ 16.713183] kunit_kmalloc_array+0x25/0x60 [ 16.713956] copy_user_test_oob+0xab/0x10f0 [ 16.714158] kunit_try_run_case+0x1a5/0x480 [ 16.714310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.714601] kthread+0x337/0x6f0 [ 16.714758] ret_from_fork+0x116/0x1d0 [ 16.714924] ret_from_fork_asm+0x1a/0x30 [ 16.715067] [ 16.715168] The buggy address belongs to the object at ffff88810307db00 [ 16.715168] which belongs to the cache kmalloc-128 of size 128 [ 16.715630] The buggy address is located 0 bytes inside of [ 16.715630] allocated 120-byte region [ffff88810307db00, ffff88810307db78) [ 16.716160] [ 16.716261] The buggy address belongs to the physical page: [ 16.716489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307d [ 16.716771] flags: 0x200000000000000(node=0|zone=2) [ 16.717045] page_type: f5(slab) [ 16.717214] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.717531] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.717867] page dumped because: kasan: bad access detected [ 16.718042] [ 16.718117] Memory state around the buggy address: [ 16.718337] ffff88810307da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.719636] ffff88810307da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.719891] >ffff88810307db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.720111] ^ [ 16.720329] ffff88810307db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.720556] ffff88810307dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.720782] ================================================================== [ 16.782229] ================================================================== [ 16.782903] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.783535] Read of size 121 at addr ffff88810307db00 by task kunit_try_catch/302 [ 16.783778] [ 16.783867] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.783911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.783924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.783946] Call Trace: [ 16.783963] <TASK> [ 16.783979] dump_stack_lvl+0x73/0xb0 [ 16.784009] print_report+0xd1/0x610 [ 16.784034] ? __virt_addr_valid+0x1db/0x2d0 [ 16.784059] ? copy_user_test_oob+0x604/0x10f0 [ 16.784084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.784110] ? copy_user_test_oob+0x604/0x10f0 [ 16.784135] kasan_report+0x141/0x180 [ 16.784159] ? copy_user_test_oob+0x604/0x10f0 [ 16.784189] kasan_check_range+0x10c/0x1c0 [ 16.784215] __kasan_check_read+0x15/0x20 [ 16.784236] copy_user_test_oob+0x604/0x10f0 [ 16.784262] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.784287] ? finish_task_switch.isra.0+0x153/0x700 [ 16.784312] ? __switch_to+0x47/0xf50 [ 16.784339] ? __schedule+0x10cc/0x2b60 [ 16.784363] ? __pfx_read_tsc+0x10/0x10 [ 16.784386] ? ktime_get_ts64+0x86/0x230 [ 16.784411] kunit_try_run_case+0x1a5/0x480 [ 16.784437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.784475] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.784501] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.784527] ? __kthread_parkme+0x82/0x180 [ 16.784549] ? preempt_count_sub+0x50/0x80 [ 16.784574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.784600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.784635] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.784663] kthread+0x337/0x6f0 [ 16.784684] ? trace_preempt_on+0x20/0xc0 [ 16.784709] ? __pfx_kthread+0x10/0x10 [ 16.784731] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.784754] ? calculate_sigpending+0x7b/0xa0 [ 16.784791] ? __pfx_kthread+0x10/0x10 [ 16.784815] ret_from_fork+0x116/0x1d0 [ 16.784834] ? __pfx_kthread+0x10/0x10 [ 16.784855] ret_from_fork_asm+0x1a/0x30 [ 16.784887] </TASK> [ 16.784898] [ 16.797078] Allocated by task 302: [ 16.797393] kasan_save_stack+0x45/0x70 [ 16.797838] kasan_save_track+0x18/0x40 [ 16.798203] kasan_save_alloc_info+0x3b/0x50 [ 16.798542] __kasan_kmalloc+0xb7/0xc0 [ 16.798744] __kmalloc_noprof+0x1c9/0x500 [ 16.798900] kunit_kmalloc_array+0x25/0x60 [ 16.799046] copy_user_test_oob+0xab/0x10f0 [ 16.799201] kunit_try_run_case+0x1a5/0x480 [ 16.799349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.799681] kthread+0x337/0x6f0 [ 16.799987] ret_from_fork+0x116/0x1d0 [ 16.800322] ret_from_fork_asm+0x1a/0x30 [ 16.800715] [ 16.800886] The buggy address belongs to the object at ffff88810307db00 [ 16.800886] which belongs to the cache kmalloc-128 of size 128 [ 16.801990] The buggy address is located 0 bytes inside of [ 16.801990] allocated 120-byte region [ffff88810307db00, ffff88810307db78) [ 16.803074] [ 16.803248] The buggy address belongs to the physical page: [ 16.803784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307d [ 16.804089] flags: 0x200000000000000(node=0|zone=2) [ 16.804253] page_type: f5(slab) [ 16.804373] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.804958] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.805654] page dumped because: kasan: bad access detected [ 16.806129] [ 16.806283] Memory state around the buggy address: [ 16.806718] ffff88810307da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.807325] ffff88810307da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.807986] >ffff88810307db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.808345] ^ [ 16.808741] ffff88810307db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.809356] ffff88810307dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.809916] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.676643] ================================================================== [ 16.677012] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.677402] Read of size 121 at addr ffff88810307db00 by task kunit_try_catch/302 [ 16.677725] [ 16.678088] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.678139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.678153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.678176] Call Trace: [ 16.678193] <TASK> [ 16.678209] dump_stack_lvl+0x73/0xb0 [ 16.678242] print_report+0xd1/0x610 [ 16.678268] ? __virt_addr_valid+0x1db/0x2d0 [ 16.678293] ? _copy_to_user+0x3c/0x70 [ 16.678314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.678339] ? _copy_to_user+0x3c/0x70 [ 16.678361] kasan_report+0x141/0x180 [ 16.678384] ? _copy_to_user+0x3c/0x70 [ 16.678410] kasan_check_range+0x10c/0x1c0 [ 16.678436] __kasan_check_read+0x15/0x20 [ 16.678526] _copy_to_user+0x3c/0x70 [ 16.678548] copy_user_test_oob+0x364/0x10f0 [ 16.678577] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.678602] ? finish_task_switch.isra.0+0x153/0x700 [ 16.678628] ? __switch_to+0x47/0xf50 [ 16.678654] ? __schedule+0x10cc/0x2b60 [ 16.678680] ? __pfx_read_tsc+0x10/0x10 [ 16.678704] ? ktime_get_ts64+0x86/0x230 [ 16.678730] kunit_try_run_case+0x1a5/0x480 [ 16.678756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.678795] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.678823] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.678849] ? __kthread_parkme+0x82/0x180 [ 16.678872] ? preempt_count_sub+0x50/0x80 [ 16.678898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.678925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.678952] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.678979] kthread+0x337/0x6f0 [ 16.679001] ? trace_preempt_on+0x20/0xc0 [ 16.679027] ? __pfx_kthread+0x10/0x10 [ 16.679049] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.679073] ? calculate_sigpending+0x7b/0xa0 [ 16.679099] ? __pfx_kthread+0x10/0x10 [ 16.679122] ret_from_fork+0x116/0x1d0 [ 16.679143] ? __pfx_kthread+0x10/0x10 [ 16.679166] ret_from_fork_asm+0x1a/0x30 [ 16.679203] </TASK> [ 16.679214] [ 16.688844] Allocated by task 302: [ 16.689028] kasan_save_stack+0x45/0x70 [ 16.689189] kasan_save_track+0x18/0x40 [ 16.689388] kasan_save_alloc_info+0x3b/0x50 [ 16.689945] __kasan_kmalloc+0xb7/0xc0 [ 16.690115] __kmalloc_noprof+0x1c9/0x500 [ 16.690440] kunit_kmalloc_array+0x25/0x60 [ 16.690686] copy_user_test_oob+0xab/0x10f0 [ 16.690973] kunit_try_run_case+0x1a5/0x480 [ 16.691229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.691575] kthread+0x337/0x6f0 [ 16.691729] ret_from_fork+0x116/0x1d0 [ 16.692033] ret_from_fork_asm+0x1a/0x30 [ 16.692271] [ 16.692374] The buggy address belongs to the object at ffff88810307db00 [ 16.692374] which belongs to the cache kmalloc-128 of size 128 [ 16.693094] The buggy address is located 0 bytes inside of [ 16.693094] allocated 120-byte region [ffff88810307db00, ffff88810307db78) [ 16.693651] [ 16.693879] The buggy address belongs to the physical page: [ 16.694079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307d [ 16.694556] flags: 0x200000000000000(node=0|zone=2) [ 16.694832] page_type: f5(slab) [ 16.695001] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.695433] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.695844] page dumped because: kasan: bad access detected [ 16.696107] [ 16.696188] Memory state around the buggy address: [ 16.696394] ffff88810307da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.696904] ffff88810307da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.697285] >ffff88810307db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.697614] ^ [ 16.698048] ffff88810307db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.698409] ffff88810307dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.698821] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.649037] ================================================================== [ 16.649582] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.649891] Write of size 121 at addr ffff88810307db00 by task kunit_try_catch/302 [ 16.650288] [ 16.650523] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.650574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.650587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.650610] Call Trace: [ 16.650625] <TASK> [ 16.650644] dump_stack_lvl+0x73/0xb0 [ 16.650677] print_report+0xd1/0x610 [ 16.650703] ? __virt_addr_valid+0x1db/0x2d0 [ 16.650730] ? _copy_from_user+0x32/0x90 [ 16.650751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.650832] ? _copy_from_user+0x32/0x90 [ 16.650854] kasan_report+0x141/0x180 [ 16.651128] ? _copy_from_user+0x32/0x90 [ 16.651283] kasan_check_range+0x10c/0x1c0 [ 16.651311] __kasan_check_write+0x18/0x20 [ 16.651332] _copy_from_user+0x32/0x90 [ 16.651355] copy_user_test_oob+0x2be/0x10f0 [ 16.651384] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.651410] ? finish_task_switch.isra.0+0x153/0x700 [ 16.651437] ? __switch_to+0x47/0xf50 [ 16.651480] ? __schedule+0x10cc/0x2b60 [ 16.651504] ? __pfx_read_tsc+0x10/0x10 [ 16.651528] ? ktime_get_ts64+0x86/0x230 [ 16.651554] kunit_try_run_case+0x1a5/0x480 [ 16.651580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.651606] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.651632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.651658] ? __kthread_parkme+0x82/0x180 [ 16.651681] ? preempt_count_sub+0x50/0x80 [ 16.651708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.651736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.651773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.651801] kthread+0x337/0x6f0 [ 16.651822] ? trace_preempt_on+0x20/0xc0 [ 16.651849] ? __pfx_kthread+0x10/0x10 [ 16.651872] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.651896] ? calculate_sigpending+0x7b/0xa0 [ 16.651922] ? __pfx_kthread+0x10/0x10 [ 16.651946] ret_from_fork+0x116/0x1d0 [ 16.651966] ? __pfx_kthread+0x10/0x10 [ 16.651989] ret_from_fork_asm+0x1a/0x30 [ 16.652022] </TASK> [ 16.652036] [ 16.662453] Allocated by task 302: [ 16.662873] kasan_save_stack+0x45/0x70 [ 16.663158] kasan_save_track+0x18/0x40 [ 16.663454] kasan_save_alloc_info+0x3b/0x50 [ 16.663653] __kasan_kmalloc+0xb7/0xc0 [ 16.663920] __kmalloc_noprof+0x1c9/0x500 [ 16.664141] kunit_kmalloc_array+0x25/0x60 [ 16.664328] copy_user_test_oob+0xab/0x10f0 [ 16.664777] kunit_try_run_case+0x1a5/0x480 [ 16.665086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.665393] kthread+0x337/0x6f0 [ 16.665688] ret_from_fork+0x116/0x1d0 [ 16.665852] ret_from_fork_asm+0x1a/0x30 [ 16.666206] [ 16.666289] The buggy address belongs to the object at ffff88810307db00 [ 16.666289] which belongs to the cache kmalloc-128 of size 128 [ 16.667450] The buggy address is located 0 bytes inside of [ 16.667450] allocated 120-byte region [ffff88810307db00, ffff88810307db78) [ 16.668015] [ 16.668098] The buggy address belongs to the physical page: [ 16.668275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307d [ 16.668544] flags: 0x200000000000000(node=0|zone=2) [ 16.668874] page_type: f5(slab) [ 16.669043] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.669363] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.670036] page dumped because: kasan: bad access detected [ 16.670354] [ 16.670458] Memory state around the buggy address: [ 16.670624] ffff88810307da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.671084] ffff88810307da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.671447] >ffff88810307db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.671853] ^ [ 16.672143] ffff88810307db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.672444] ffff88810307dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.672968] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.606526] ================================================================== [ 16.606879] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.607654] Write of size 8 at addr ffff88810307da78 by task kunit_try_catch/298 [ 16.608552] [ 16.608802] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.608964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.608991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.609026] Call Trace: [ 16.609040] <TASK> [ 16.609056] dump_stack_lvl+0x73/0xb0 [ 16.609125] print_report+0xd1/0x610 [ 16.609151] ? __virt_addr_valid+0x1db/0x2d0 [ 16.609177] ? copy_to_kernel_nofault+0x99/0x260 [ 16.609203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.609229] ? copy_to_kernel_nofault+0x99/0x260 [ 16.609254] kasan_report+0x141/0x180 [ 16.609278] ? copy_to_kernel_nofault+0x99/0x260 [ 16.609308] kasan_check_range+0x10c/0x1c0 [ 16.609335] __kasan_check_write+0x18/0x20 [ 16.609356] copy_to_kernel_nofault+0x99/0x260 [ 16.609383] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.609410] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.609436] ? finish_task_switch.isra.0+0x153/0x700 [ 16.609469] ? __schedule+0x10cc/0x2b60 [ 16.609493] ? trace_hardirqs_on+0x37/0xe0 [ 16.609526] ? __pfx_read_tsc+0x10/0x10 [ 16.609548] ? ktime_get_ts64+0x86/0x230 [ 16.609575] kunit_try_run_case+0x1a5/0x480 [ 16.609601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.609627] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.609653] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.609678] ? __kthread_parkme+0x82/0x180 [ 16.609700] ? preempt_count_sub+0x50/0x80 [ 16.609725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.609752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.609792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.609820] kthread+0x337/0x6f0 [ 16.609843] ? trace_preempt_on+0x20/0xc0 [ 16.609869] ? __pfx_kthread+0x10/0x10 [ 16.609892] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.609915] ? calculate_sigpending+0x7b/0xa0 [ 16.609942] ? __pfx_kthread+0x10/0x10 [ 16.609965] ret_from_fork+0x116/0x1d0 [ 16.610003] ? __pfx_kthread+0x10/0x10 [ 16.610026] ret_from_fork_asm+0x1a/0x30 [ 16.610058] </TASK> [ 16.610068] [ 16.623547] Allocated by task 298: [ 16.623730] kasan_save_stack+0x45/0x70 [ 16.623938] kasan_save_track+0x18/0x40 [ 16.624391] kasan_save_alloc_info+0x3b/0x50 [ 16.624769] __kasan_kmalloc+0xb7/0xc0 [ 16.624952] __kmalloc_cache_noprof+0x189/0x420 [ 16.625398] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.625650] kunit_try_run_case+0x1a5/0x480 [ 16.625861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.626440] kthread+0x337/0x6f0 [ 16.626890] ret_from_fork+0x116/0x1d0 [ 16.627389] ret_from_fork_asm+0x1a/0x30 [ 16.627606] [ 16.627704] The buggy address belongs to the object at ffff88810307da00 [ 16.627704] which belongs to the cache kmalloc-128 of size 128 [ 16.628630] The buggy address is located 0 bytes to the right of [ 16.628630] allocated 120-byte region [ffff88810307da00, ffff88810307da78) [ 16.629645] [ 16.629926] The buggy address belongs to the physical page: [ 16.630403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307d [ 16.630774] flags: 0x200000000000000(node=0|zone=2) [ 16.631227] page_type: f5(slab) [ 16.631480] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.631820] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.632443] page dumped because: kasan: bad access detected [ 16.632886] [ 16.633184] Memory state around the buggy address: [ 16.633683] ffff88810307d900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.634203] ffff88810307d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.634716] >ffff88810307da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.635228] ^ [ 16.635808] ffff88810307da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.636527] ffff88810307db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.637011] ================================================================== [ 16.581547] ================================================================== [ 16.582221] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.582576] Read of size 8 at addr ffff88810307da78 by task kunit_try_catch/298 [ 16.582902] [ 16.583040] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.583107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.583121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.583158] Call Trace: [ 16.583171] <TASK> [ 16.583195] dump_stack_lvl+0x73/0xb0 [ 16.583228] print_report+0xd1/0x610 [ 16.583254] ? __virt_addr_valid+0x1db/0x2d0 [ 16.583280] ? copy_to_kernel_nofault+0x225/0x260 [ 16.583306] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.583333] ? copy_to_kernel_nofault+0x225/0x260 [ 16.583359] kasan_report+0x141/0x180 [ 16.583383] ? copy_to_kernel_nofault+0x225/0x260 [ 16.583413] __asan_report_load8_noabort+0x18/0x20 [ 16.583448] copy_to_kernel_nofault+0x225/0x260 [ 16.583475] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.583502] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.583528] ? finish_task_switch.isra.0+0x153/0x700 [ 16.583554] ? __schedule+0x10cc/0x2b60 [ 16.583578] ? trace_hardirqs_on+0x37/0xe0 [ 16.583611] ? __pfx_read_tsc+0x10/0x10 [ 16.583635] ? ktime_get_ts64+0x86/0x230 [ 16.583661] kunit_try_run_case+0x1a5/0x480 [ 16.583689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.583715] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.583741] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.583776] ? __kthread_parkme+0x82/0x180 [ 16.583800] ? preempt_count_sub+0x50/0x80 [ 16.583826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.583854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.583881] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.583909] kthread+0x337/0x6f0 [ 16.583930] ? trace_preempt_on+0x20/0xc0 [ 16.583955] ? __pfx_kthread+0x10/0x10 [ 16.583977] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.584016] ? calculate_sigpending+0x7b/0xa0 [ 16.584044] ? __pfx_kthread+0x10/0x10 [ 16.584068] ret_from_fork+0x116/0x1d0 [ 16.584089] ? __pfx_kthread+0x10/0x10 [ 16.584111] ret_from_fork_asm+0x1a/0x30 [ 16.584145] </TASK> [ 16.584157] [ 16.591800] Allocated by task 298: [ 16.591980] kasan_save_stack+0x45/0x70 [ 16.592254] kasan_save_track+0x18/0x40 [ 16.592442] kasan_save_alloc_info+0x3b/0x50 [ 16.592650] __kasan_kmalloc+0xb7/0xc0 [ 16.592792] __kmalloc_cache_noprof+0x189/0x420 [ 16.592947] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.593117] kunit_try_run_case+0x1a5/0x480 [ 16.593427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.593687] kthread+0x337/0x6f0 [ 16.593868] ret_from_fork+0x116/0x1d0 [ 16.594057] ret_from_fork_asm+0x1a/0x30 [ 16.594273] [ 16.594344] The buggy address belongs to the object at ffff88810307da00 [ 16.594344] which belongs to the cache kmalloc-128 of size 128 [ 16.594685] The buggy address is located 0 bytes to the right of [ 16.594685] allocated 120-byte region [ffff88810307da00, ffff88810307da78) [ 16.596536] [ 16.596671] The buggy address belongs to the physical page: [ 16.597286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307d [ 16.597817] flags: 0x200000000000000(node=0|zone=2) [ 16.598227] page_type: f5(slab) [ 16.598580] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.598934] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.599873] page dumped because: kasan: bad access detected [ 16.600146] [ 16.600222] Memory state around the buggy address: [ 16.600948] ffff88810307d900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.601737] ffff88810307d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.602436] >ffff88810307da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.602893] ^ [ 16.603700] ffff88810307da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.604750] ffff88810307db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605357] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 15.669639] ================================================================== [ 15.669960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.671952] Read of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.672457] [ 15.672555] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.672606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.672621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.672645] Call Trace: [ 15.672663] <TASK> [ 15.672680] dump_stack_lvl+0x73/0xb0 [ 15.672714] print_report+0xd1/0x610 [ 15.672739] ? __virt_addr_valid+0x1db/0x2d0 [ 15.672779] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.672805] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.672833] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.672857] kasan_report+0x141/0x180 [ 15.672881] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.672910] __asan_report_load4_noabort+0x18/0x20 [ 15.672937] kasan_atomics_helper+0x4a1c/0x5450 [ 15.672962] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.672987] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.673014] ? kasan_atomics+0x152/0x310 [ 15.673043] kasan_atomics+0x1dc/0x310 [ 15.673066] ? __pfx_kasan_atomics+0x10/0x10 [ 15.673093] ? __pfx_read_tsc+0x10/0x10 [ 15.673116] ? ktime_get_ts64+0x86/0x230 [ 15.673143] kunit_try_run_case+0x1a5/0x480 [ 15.673171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.673196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.673224] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.673250] ? __kthread_parkme+0x82/0x180 [ 15.673273] ? preempt_count_sub+0x50/0x80 [ 15.673299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.673327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.673354] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.673381] kthread+0x337/0x6f0 [ 15.673402] ? trace_preempt_on+0x20/0xc0 [ 15.673427] ? __pfx_kthread+0x10/0x10 [ 15.673450] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.673473] ? calculate_sigpending+0x7b/0xa0 [ 15.673500] ? __pfx_kthread+0x10/0x10 [ 15.673523] ret_from_fork+0x116/0x1d0 [ 15.673544] ? __pfx_kthread+0x10/0x10 [ 15.673566] ret_from_fork_asm+0x1a/0x30 [ 15.673600] </TASK> [ 15.673611] [ 15.687650] Allocated by task 282: [ 15.687872] kasan_save_stack+0x45/0x70 [ 15.688085] kasan_save_track+0x18/0x40 [ 15.688270] kasan_save_alloc_info+0x3b/0x50 [ 15.688458] __kasan_kmalloc+0xb7/0xc0 [ 15.689008] __kmalloc_cache_noprof+0x189/0x420 [ 15.689338] kasan_atomics+0x95/0x310 [ 15.689606] kunit_try_run_case+0x1a5/0x480 [ 15.689900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.690241] kthread+0x337/0x6f0 [ 15.690483] ret_from_fork+0x116/0x1d0 [ 15.690705] ret_from_fork_asm+0x1a/0x30 [ 15.691010] [ 15.691276] The buggy address belongs to the object at ffff888103082e00 [ 15.691276] which belongs to the cache kmalloc-64 of size 64 [ 15.691916] The buggy address is located 0 bytes to the right of [ 15.691916] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.692642] [ 15.692781] The buggy address belongs to the physical page: [ 15.693168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.693659] flags: 0x200000000000000(node=0|zone=2) [ 15.693908] page_type: f5(slab) [ 15.694228] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.694713] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.695059] page dumped because: kasan: bad access detected [ 15.695401] [ 15.695640] Memory state around the buggy address: [ 15.695918] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.696261] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.696769] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.697162] ^ [ 15.697408] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.698010] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.698403] ================================================================== [ 16.465927] ================================================================== [ 16.466270] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.466630] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.467008] [ 16.467113] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.467159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.467484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.467584] Call Trace: [ 16.467605] <TASK> [ 16.467635] dump_stack_lvl+0x73/0xb0 [ 16.467682] print_report+0xd1/0x610 [ 16.467721] ? __virt_addr_valid+0x1db/0x2d0 [ 16.467787] ? kasan_atomics_helper+0x218a/0x5450 [ 16.467970] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.468080] ? kasan_atomics_helper+0x218a/0x5450 [ 16.468166] kasan_report+0x141/0x180 [ 16.468286] ? kasan_atomics_helper+0x218a/0x5450 [ 16.468628] kasan_check_range+0x10c/0x1c0 [ 16.468671] __kasan_check_write+0x18/0x20 [ 16.468707] kasan_atomics_helper+0x218a/0x5450 [ 16.468733] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.468782] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.468811] ? kasan_atomics+0x152/0x310 [ 16.468852] kasan_atomics+0x1dc/0x310 [ 16.468877] ? __pfx_kasan_atomics+0x10/0x10 [ 16.468903] ? __pfx_read_tsc+0x10/0x10 [ 16.468926] ? ktime_get_ts64+0x86/0x230 [ 16.468953] kunit_try_run_case+0x1a5/0x480 [ 16.468979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.469004] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.469031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.469058] ? __kthread_parkme+0x82/0x180 [ 16.469081] ? preempt_count_sub+0x50/0x80 [ 16.469106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.469133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.469160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.469188] kthread+0x337/0x6f0 [ 16.469209] ? trace_preempt_on+0x20/0xc0 [ 16.469234] ? __pfx_kthread+0x10/0x10 [ 16.469256] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.469280] ? calculate_sigpending+0x7b/0xa0 [ 16.469306] ? __pfx_kthread+0x10/0x10 [ 16.469329] ret_from_fork+0x116/0x1d0 [ 16.469349] ? __pfx_kthread+0x10/0x10 [ 16.469371] ret_from_fork_asm+0x1a/0x30 [ 16.469404] </TASK> [ 16.469416] [ 16.480752] Allocated by task 282: [ 16.481121] kasan_save_stack+0x45/0x70 [ 16.481344] kasan_save_track+0x18/0x40 [ 16.481713] kasan_save_alloc_info+0x3b/0x50 [ 16.481963] __kasan_kmalloc+0xb7/0xc0 [ 16.482268] __kmalloc_cache_noprof+0x189/0x420 [ 16.482635] kasan_atomics+0x95/0x310 [ 16.482922] kunit_try_run_case+0x1a5/0x480 [ 16.483149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.483402] kthread+0x337/0x6f0 [ 16.483753] ret_from_fork+0x116/0x1d0 [ 16.484024] ret_from_fork_asm+0x1a/0x30 [ 16.484296] [ 16.484541] The buggy address belongs to the object at ffff888103082e00 [ 16.484541] which belongs to the cache kmalloc-64 of size 64 [ 16.485207] The buggy address is located 0 bytes to the right of [ 16.485207] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.485891] [ 16.486123] The buggy address belongs to the physical page: [ 16.486372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.486987] flags: 0x200000000000000(node=0|zone=2) [ 16.487212] page_type: f5(slab) [ 16.487599] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.488062] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.488371] page dumped because: kasan: bad access detected [ 16.488805] [ 16.488965] Memory state around the buggy address: [ 16.489342] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.489834] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.490171] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.490644] ^ [ 16.490984] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.491277] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.491736] ================================================================== [ 16.444459] ================================================================== [ 16.445214] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.445659] Read of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.445996] [ 16.446361] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.446428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.446454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.446477] Call Trace: [ 16.446494] <TASK> [ 16.446511] dump_stack_lvl+0x73/0xb0 [ 16.446543] print_report+0xd1/0x610 [ 16.446568] ? __virt_addr_valid+0x1db/0x2d0 [ 16.446593] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.446617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.446643] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.446668] kasan_report+0x141/0x180 [ 16.446692] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.446721] __asan_report_load8_noabort+0x18/0x20 [ 16.446749] kasan_atomics_helper+0x4fb2/0x5450 [ 16.446784] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.446810] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.446837] ? kasan_atomics+0x152/0x310 [ 16.446865] kasan_atomics+0x1dc/0x310 [ 16.446890] ? __pfx_kasan_atomics+0x10/0x10 [ 16.446915] ? __pfx_read_tsc+0x10/0x10 [ 16.446938] ? ktime_get_ts64+0x86/0x230 [ 16.446965] kunit_try_run_case+0x1a5/0x480 [ 16.446992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.447018] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.447044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.447070] ? __kthread_parkme+0x82/0x180 [ 16.447092] ? preempt_count_sub+0x50/0x80 [ 16.447118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.447145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.447172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.447204] kthread+0x337/0x6f0 [ 16.447225] ? trace_preempt_on+0x20/0xc0 [ 16.447250] ? __pfx_kthread+0x10/0x10 [ 16.447273] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.447297] ? calculate_sigpending+0x7b/0xa0 [ 16.447323] ? __pfx_kthread+0x10/0x10 [ 16.447346] ret_from_fork+0x116/0x1d0 [ 16.447366] ? __pfx_kthread+0x10/0x10 [ 16.447388] ret_from_fork_asm+0x1a/0x30 [ 16.447421] </TASK> [ 16.447431] [ 16.456113] Allocated by task 282: [ 16.456252] kasan_save_stack+0x45/0x70 [ 16.456439] kasan_save_track+0x18/0x40 [ 16.456603] kasan_save_alloc_info+0x3b/0x50 [ 16.456837] __kasan_kmalloc+0xb7/0xc0 [ 16.456976] __kmalloc_cache_noprof+0x189/0x420 [ 16.457133] kasan_atomics+0x95/0x310 [ 16.457269] kunit_try_run_case+0x1a5/0x480 [ 16.457464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.457760] kthread+0x337/0x6f0 [ 16.457890] ret_from_fork+0x116/0x1d0 [ 16.458025] ret_from_fork_asm+0x1a/0x30 [ 16.458216] [ 16.458313] The buggy address belongs to the object at ffff888103082e00 [ 16.458313] which belongs to the cache kmalloc-64 of size 64 [ 16.460090] The buggy address is located 0 bytes to the right of [ 16.460090] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.460837] [ 16.460946] The buggy address belongs to the physical page: [ 16.461232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.461489] flags: 0x200000000000000(node=0|zone=2) [ 16.461887] page_type: f5(slab) [ 16.462128] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.462362] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.462797] page dumped because: kasan: bad access detected [ 16.462985] [ 16.463057] Memory state around the buggy address: [ 16.463216] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.463429] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.463784] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.464120] ^ [ 16.464555] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.465151] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.465375] ================================================================== [ 16.121475] ================================================================== [ 16.121862] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 16.122187] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.122537] [ 16.122646] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.122690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.122704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.122726] Call Trace: [ 16.122739] <TASK> [ 16.122753] dump_stack_lvl+0x73/0xb0 [ 16.122794] print_report+0xd1/0x610 [ 16.122818] ? __virt_addr_valid+0x1db/0x2d0 [ 16.122843] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.122866] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.122892] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.122917] kasan_report+0x141/0x180 [ 16.122941] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.122969] kasan_check_range+0x10c/0x1c0 [ 16.122996] __kasan_check_write+0x18/0x20 [ 16.123018] kasan_atomics_helper+0x1a7f/0x5450 [ 16.123043] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.123069] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.123098] ? kasan_atomics+0x152/0x310 [ 16.123127] kasan_atomics+0x1dc/0x310 [ 16.123152] ? __pfx_kasan_atomics+0x10/0x10 [ 16.123185] ? __pfx_read_tsc+0x10/0x10 [ 16.123208] ? ktime_get_ts64+0x86/0x230 [ 16.123234] kunit_try_run_case+0x1a5/0x480 [ 16.123260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.123285] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.123312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.123338] ? __kthread_parkme+0x82/0x180 [ 16.123361] ? preempt_count_sub+0x50/0x80 [ 16.123387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.123414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.123440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.123467] kthread+0x337/0x6f0 [ 16.123489] ? trace_preempt_on+0x20/0xc0 [ 16.123514] ? __pfx_kthread+0x10/0x10 [ 16.123536] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.123559] ? calculate_sigpending+0x7b/0xa0 [ 16.123585] ? __pfx_kthread+0x10/0x10 [ 16.123609] ret_from_fork+0x116/0x1d0 [ 16.123629] ? __pfx_kthread+0x10/0x10 [ 16.123651] ret_from_fork_asm+0x1a/0x30 [ 16.123683] </TASK> [ 16.123694] [ 16.132411] Allocated by task 282: [ 16.132607] kasan_save_stack+0x45/0x70 [ 16.132822] kasan_save_track+0x18/0x40 [ 16.132986] kasan_save_alloc_info+0x3b/0x50 [ 16.133157] __kasan_kmalloc+0xb7/0xc0 [ 16.133330] __kmalloc_cache_noprof+0x189/0x420 [ 16.133528] kasan_atomics+0x95/0x310 [ 16.133695] kunit_try_run_case+0x1a5/0x480 [ 16.134751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.135576] kthread+0x337/0x6f0 [ 16.136168] ret_from_fork+0x116/0x1d0 [ 16.136772] ret_from_fork_asm+0x1a/0x30 [ 16.137364] [ 16.137796] The buggy address belongs to the object at ffff888103082e00 [ 16.137796] which belongs to the cache kmalloc-64 of size 64 [ 16.139485] The buggy address is located 0 bytes to the right of [ 16.139485] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.141172] [ 16.141531] The buggy address belongs to the physical page: [ 16.142234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.143182] flags: 0x200000000000000(node=0|zone=2) [ 16.143884] page_type: f5(slab) [ 16.144361] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.145300] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.146236] page dumped because: kasan: bad access detected [ 16.146649] [ 16.146856] Memory state around the buggy address: [ 16.147025] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.147257] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.147541] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.148400] ^ [ 16.148933] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.149667] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.150356] ================================================================== [ 15.564656] ================================================================== [ 15.565337] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.566010] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.566302] [ 15.566388] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.566459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.566473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.566495] Call Trace: [ 15.566512] <TASK> [ 15.566529] dump_stack_lvl+0x73/0xb0 [ 15.566560] print_report+0xd1/0x610 [ 15.566585] ? __virt_addr_valid+0x1db/0x2d0 [ 15.566611] ? kasan_atomics_helper+0xf10/0x5450 [ 15.566635] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.566660] ? kasan_atomics_helper+0xf10/0x5450 [ 15.566685] kasan_report+0x141/0x180 [ 15.566709] ? kasan_atomics_helper+0xf10/0x5450 [ 15.566737] kasan_check_range+0x10c/0x1c0 [ 15.566772] __kasan_check_write+0x18/0x20 [ 15.566794] kasan_atomics_helper+0xf10/0x5450 [ 15.566819] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.566843] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.566872] ? kasan_atomics+0x152/0x310 [ 15.566899] kasan_atomics+0x1dc/0x310 [ 15.566924] ? __pfx_kasan_atomics+0x10/0x10 [ 15.566950] ? __pfx_read_tsc+0x10/0x10 [ 15.566973] ? ktime_get_ts64+0x86/0x230 [ 15.567000] kunit_try_run_case+0x1a5/0x480 [ 15.567026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.567052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.567080] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.567106] ? __kthread_parkme+0x82/0x180 [ 15.567128] ? preempt_count_sub+0x50/0x80 [ 15.567155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.567185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.567212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.567241] kthread+0x337/0x6f0 [ 15.567262] ? trace_preempt_on+0x20/0xc0 [ 15.567288] ? __pfx_kthread+0x10/0x10 [ 15.567311] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.567334] ? calculate_sigpending+0x7b/0xa0 [ 15.567363] ? __pfx_kthread+0x10/0x10 [ 15.567389] ret_from_fork+0x116/0x1d0 [ 15.567410] ? __pfx_kthread+0x10/0x10 [ 15.567452] ret_from_fork_asm+0x1a/0x30 [ 15.567485] </TASK> [ 15.567496] [ 15.579665] Allocated by task 282: [ 15.579995] kasan_save_stack+0x45/0x70 [ 15.580353] kasan_save_track+0x18/0x40 [ 15.580722] kasan_save_alloc_info+0x3b/0x50 [ 15.580941] __kasan_kmalloc+0xb7/0xc0 [ 15.581077] __kmalloc_cache_noprof+0x189/0x420 [ 15.581236] kasan_atomics+0x95/0x310 [ 15.581372] kunit_try_run_case+0x1a5/0x480 [ 15.581730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.582206] kthread+0x337/0x6f0 [ 15.582523] ret_from_fork+0x116/0x1d0 [ 15.582863] ret_from_fork_asm+0x1a/0x30 [ 15.583237] [ 15.583393] The buggy address belongs to the object at ffff888103082e00 [ 15.583393] which belongs to the cache kmalloc-64 of size 64 [ 15.584464] The buggy address is located 0 bytes to the right of [ 15.584464] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.584927] [ 15.585001] The buggy address belongs to the physical page: [ 15.585178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.585445] flags: 0x200000000000000(node=0|zone=2) [ 15.585871] page_type: f5(slab) [ 15.586158] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.586838] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.587508] page dumped because: kasan: bad access detected [ 15.587984] [ 15.588142] Memory state around the buggy address: [ 15.588576] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.589192] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.589815] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.590091] ^ [ 15.590250] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.590561] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.591165] ================================================================== [ 15.536398] ================================================================== [ 15.537087] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.537726] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.538348] [ 15.538531] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.538578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.538590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.538612] Call Trace: [ 15.538627] <TASK> [ 15.538643] dump_stack_lvl+0x73/0xb0 [ 15.538674] print_report+0xd1/0x610 [ 15.538699] ? __virt_addr_valid+0x1db/0x2d0 [ 15.538724] ? kasan_atomics_helper+0xe78/0x5450 [ 15.538749] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.538792] ? kasan_atomics_helper+0xe78/0x5450 [ 15.538816] kasan_report+0x141/0x180 [ 15.538841] ? kasan_atomics_helper+0xe78/0x5450 [ 15.538870] kasan_check_range+0x10c/0x1c0 [ 15.538896] __kasan_check_write+0x18/0x20 [ 15.538917] kasan_atomics_helper+0xe78/0x5450 [ 15.538942] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.538967] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.538995] ? kasan_atomics+0x152/0x310 [ 15.539024] kasan_atomics+0x1dc/0x310 [ 15.539048] ? __pfx_kasan_atomics+0x10/0x10 [ 15.539074] ? __pfx_read_tsc+0x10/0x10 [ 15.539096] ? ktime_get_ts64+0x86/0x230 [ 15.539124] kunit_try_run_case+0x1a5/0x480 [ 15.539151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.539177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.539211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.539238] ? __kthread_parkme+0x82/0x180 [ 15.539261] ? preempt_count_sub+0x50/0x80 [ 15.539287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.539314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.539341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.539370] kthread+0x337/0x6f0 [ 15.539392] ? trace_preempt_on+0x20/0xc0 [ 15.539416] ? __pfx_kthread+0x10/0x10 [ 15.539457] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.539480] ? calculate_sigpending+0x7b/0xa0 [ 15.539507] ? __pfx_kthread+0x10/0x10 [ 15.539531] ret_from_fork+0x116/0x1d0 [ 15.539551] ? __pfx_kthread+0x10/0x10 [ 15.539573] ret_from_fork_asm+0x1a/0x30 [ 15.539605] </TASK> [ 15.539616] [ 15.552139] Allocated by task 282: [ 15.552482] kasan_save_stack+0x45/0x70 [ 15.552817] kasan_save_track+0x18/0x40 [ 15.552959] kasan_save_alloc_info+0x3b/0x50 [ 15.553112] __kasan_kmalloc+0xb7/0xc0 [ 15.553248] __kmalloc_cache_noprof+0x189/0x420 [ 15.553410] kasan_atomics+0x95/0x310 [ 15.553769] kunit_try_run_case+0x1a5/0x480 [ 15.554132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.554616] kthread+0x337/0x6f0 [ 15.554916] ret_from_fork+0x116/0x1d0 [ 15.555262] ret_from_fork_asm+0x1a/0x30 [ 15.555632] [ 15.555804] The buggy address belongs to the object at ffff888103082e00 [ 15.555804] which belongs to the cache kmalloc-64 of size 64 [ 15.556850] The buggy address is located 0 bytes to the right of [ 15.556850] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.557292] [ 15.557367] The buggy address belongs to the physical page: [ 15.557812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.558485] flags: 0x200000000000000(node=0|zone=2) [ 15.558914] page_type: f5(slab) [ 15.559203] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.559807] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.560039] page dumped because: kasan: bad access detected [ 15.560214] [ 15.560286] Memory state around the buggy address: [ 15.560481] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.561089] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.561705] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.562301] ^ [ 15.562740] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.563348] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.563959] ================================================================== [ 15.593042] ================================================================== [ 15.594089] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.594992] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.595234] [ 15.595325] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.595373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.595386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.595411] Call Trace: [ 15.595429] <TASK> [ 15.595446] dump_stack_lvl+0x73/0xb0 [ 15.595479] print_report+0xd1/0x610 [ 15.595504] ? __virt_addr_valid+0x1db/0x2d0 [ 15.595530] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.595553] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.595578] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.595602] kasan_report+0x141/0x180 [ 15.595626] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.595655] kasan_check_range+0x10c/0x1c0 [ 15.595680] __kasan_check_write+0x18/0x20 [ 15.595701] kasan_atomics_helper+0xfa9/0x5450 [ 15.595868] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.595901] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.595930] ? kasan_atomics+0x152/0x310 [ 15.595960] kasan_atomics+0x1dc/0x310 [ 15.595984] ? __pfx_kasan_atomics+0x10/0x10 [ 15.596011] ? __pfx_read_tsc+0x10/0x10 [ 15.596034] ? ktime_get_ts64+0x86/0x230 [ 15.596061] kunit_try_run_case+0x1a5/0x480 [ 15.596088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.596113] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.596140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.596166] ? __kthread_parkme+0x82/0x180 [ 15.596188] ? preempt_count_sub+0x50/0x80 [ 15.596214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.596242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.596269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.596296] kthread+0x337/0x6f0 [ 15.596317] ? trace_preempt_on+0x20/0xc0 [ 15.596343] ? __pfx_kthread+0x10/0x10 [ 15.596365] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.596388] ? calculate_sigpending+0x7b/0xa0 [ 15.596415] ? __pfx_kthread+0x10/0x10 [ 15.596438] ret_from_fork+0x116/0x1d0 [ 15.596787] ? __pfx_kthread+0x10/0x10 [ 15.596811] ret_from_fork_asm+0x1a/0x30 [ 15.596845] </TASK> [ 15.596856] [ 15.609518] Allocated by task 282: [ 15.609901] kasan_save_stack+0x45/0x70 [ 15.610287] kasan_save_track+0x18/0x40 [ 15.610657] kasan_save_alloc_info+0x3b/0x50 [ 15.611069] __kasan_kmalloc+0xb7/0xc0 [ 15.611462] __kmalloc_cache_noprof+0x189/0x420 [ 15.611893] kasan_atomics+0x95/0x310 [ 15.612243] kunit_try_run_case+0x1a5/0x480 [ 15.612710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.613289] kthread+0x337/0x6f0 [ 15.613659] ret_from_fork+0x116/0x1d0 [ 15.613855] ret_from_fork_asm+0x1a/0x30 [ 15.613995] [ 15.614069] The buggy address belongs to the object at ffff888103082e00 [ 15.614069] which belongs to the cache kmalloc-64 of size 64 [ 15.614413] The buggy address is located 0 bytes to the right of [ 15.614413] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.614898] [ 15.614982] The buggy address belongs to the physical page: [ 15.615199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.615549] flags: 0x200000000000000(node=0|zone=2) [ 15.615782] page_type: f5(slab) [ 15.615927] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.616270] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.616500] page dumped because: kasan: bad access detected [ 15.616731] [ 15.616838] Memory state around the buggy address: [ 15.617091] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.617587] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.618388] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.618689] ^ [ 15.618932] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.619421] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.619842] ================================================================== [ 15.620542] ================================================================== [ 15.620953] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.621530] Read of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.622101] [ 15.622225] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.622273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.622286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.622308] Call Trace: [ 15.622324] <TASK> [ 15.622340] dump_stack_lvl+0x73/0xb0 [ 15.622371] print_report+0xd1/0x610 [ 15.622395] ? __virt_addr_valid+0x1db/0x2d0 [ 15.622420] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.622653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.622684] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.622710] kasan_report+0x141/0x180 [ 15.622735] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.622778] __asan_report_load4_noabort+0x18/0x20 [ 15.622806] kasan_atomics_helper+0x4a36/0x5450 [ 15.622831] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.622855] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.622885] ? kasan_atomics+0x152/0x310 [ 15.622914] kasan_atomics+0x1dc/0x310 [ 15.622938] ? __pfx_kasan_atomics+0x10/0x10 [ 15.622965] ? __pfx_read_tsc+0x10/0x10 [ 15.622987] ? ktime_get_ts64+0x86/0x230 [ 15.623014] kunit_try_run_case+0x1a5/0x480 [ 15.623042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.623068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.623094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.623120] ? __kthread_parkme+0x82/0x180 [ 15.623143] ? preempt_count_sub+0x50/0x80 [ 15.623169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.623203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.623230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.623258] kthread+0x337/0x6f0 [ 15.623279] ? trace_preempt_on+0x20/0xc0 [ 15.623304] ? __pfx_kthread+0x10/0x10 [ 15.623326] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.623350] ? calculate_sigpending+0x7b/0xa0 [ 15.623376] ? __pfx_kthread+0x10/0x10 [ 15.623400] ret_from_fork+0x116/0x1d0 [ 15.623420] ? __pfx_kthread+0x10/0x10 [ 15.623455] ret_from_fork_asm+0x1a/0x30 [ 15.623488] </TASK> [ 15.623499] [ 15.634252] Allocated by task 282: [ 15.634788] kasan_save_stack+0x45/0x70 [ 15.634997] kasan_save_track+0x18/0x40 [ 15.635268] kasan_save_alloc_info+0x3b/0x50 [ 15.635593] __kasan_kmalloc+0xb7/0xc0 [ 15.635899] __kmalloc_cache_noprof+0x189/0x420 [ 15.636216] kasan_atomics+0x95/0x310 [ 15.636504] kunit_try_run_case+0x1a5/0x480 [ 15.636804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.637151] kthread+0x337/0x6f0 [ 15.637458] ret_from_fork+0x116/0x1d0 [ 15.637641] ret_from_fork_asm+0x1a/0x30 [ 15.637943] [ 15.638049] The buggy address belongs to the object at ffff888103082e00 [ 15.638049] which belongs to the cache kmalloc-64 of size 64 [ 15.638850] The buggy address is located 0 bytes to the right of [ 15.638850] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.639509] [ 15.639605] The buggy address belongs to the physical page: [ 15.639957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.640355] flags: 0x200000000000000(node=0|zone=2) [ 15.640735] page_type: f5(slab) [ 15.640912] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.641248] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.641744] page dumped because: kasan: bad access detected [ 15.642099] [ 15.642202] Memory state around the buggy address: [ 15.642623] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.643023] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.643418] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.643788] ^ [ 15.644116] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.644501] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.644914] ================================================================== [ 15.299298] ================================================================== [ 15.299850] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.300196] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.300656] [ 15.300750] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.300924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.301070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.301094] Call Trace: [ 15.301111] <TASK> [ 15.301126] dump_stack_lvl+0x73/0xb0 [ 15.301160] print_report+0xd1/0x610 [ 15.301185] ? __virt_addr_valid+0x1db/0x2d0 [ 15.301210] ? kasan_atomics_helper+0x860/0x5450 [ 15.301234] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.301260] ? kasan_atomics_helper+0x860/0x5450 [ 15.301284] kasan_report+0x141/0x180 [ 15.301308] ? kasan_atomics_helper+0x860/0x5450 [ 15.301336] kasan_check_range+0x10c/0x1c0 [ 15.301362] __kasan_check_write+0x18/0x20 [ 15.301384] kasan_atomics_helper+0x860/0x5450 [ 15.301409] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.301460] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.301489] ? kasan_atomics+0x152/0x310 [ 15.301518] kasan_atomics+0x1dc/0x310 [ 15.301541] ? __pfx_kasan_atomics+0x10/0x10 [ 15.301570] ? __pfx_read_tsc+0x10/0x10 [ 15.301593] ? ktime_get_ts64+0x86/0x230 [ 15.301619] kunit_try_run_case+0x1a5/0x480 [ 15.301646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.301672] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.301700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.301726] ? __kthread_parkme+0x82/0x180 [ 15.301749] ? preempt_count_sub+0x50/0x80 [ 15.301788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.301815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.301842] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.301870] kthread+0x337/0x6f0 [ 15.301891] ? trace_preempt_on+0x20/0xc0 [ 15.301916] ? __pfx_kthread+0x10/0x10 [ 15.301939] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.301962] ? calculate_sigpending+0x7b/0xa0 [ 15.301989] ? __pfx_kthread+0x10/0x10 [ 15.302012] ret_from_fork+0x116/0x1d0 [ 15.302032] ? __pfx_kthread+0x10/0x10 [ 15.302055] ret_from_fork_asm+0x1a/0x30 [ 15.302088] </TASK> [ 15.302099] [ 15.311811] Allocated by task 282: [ 15.312116] kasan_save_stack+0x45/0x70 [ 15.312386] kasan_save_track+0x18/0x40 [ 15.312559] kasan_save_alloc_info+0x3b/0x50 [ 15.312895] __kasan_kmalloc+0xb7/0xc0 [ 15.313094] __kmalloc_cache_noprof+0x189/0x420 [ 15.313404] kasan_atomics+0x95/0x310 [ 15.313606] kunit_try_run_case+0x1a5/0x480 [ 15.313978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.314297] kthread+0x337/0x6f0 [ 15.314495] ret_from_fork+0x116/0x1d0 [ 15.314804] ret_from_fork_asm+0x1a/0x30 [ 15.315014] [ 15.315240] The buggy address belongs to the object at ffff888103082e00 [ 15.315240] which belongs to the cache kmalloc-64 of size 64 [ 15.315959] The buggy address is located 0 bytes to the right of [ 15.315959] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.316729] [ 15.316831] The buggy address belongs to the physical page: [ 15.317148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.317640] flags: 0x200000000000000(node=0|zone=2) [ 15.317889] page_type: f5(slab) [ 15.318043] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.318371] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.318935] page dumped because: kasan: bad access detected [ 15.319137] [ 15.319245] Memory state around the buggy address: [ 15.319647] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.320045] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.320413] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.320788] ^ [ 15.320996] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.321404] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.321791] ================================================================== [ 15.970079] ================================================================== [ 15.970306] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.970805] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.971354] [ 15.971461] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.971505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.971518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.971540] Call Trace: [ 15.971555] <TASK> [ 15.971580] dump_stack_lvl+0x73/0xb0 [ 15.971612] print_report+0xd1/0x610 [ 15.971636] ? __virt_addr_valid+0x1db/0x2d0 [ 15.971660] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.971683] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.971708] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.971733] kasan_report+0x141/0x180 [ 15.971756] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.971796] kasan_check_range+0x10c/0x1c0 [ 15.971822] __kasan_check_write+0x18/0x20 [ 15.971843] kasan_atomics_helper+0x16e7/0x5450 [ 15.971868] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.971893] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.971920] ? kasan_atomics+0x152/0x310 [ 15.971948] kasan_atomics+0x1dc/0x310 [ 15.971973] ? __pfx_kasan_atomics+0x10/0x10 [ 15.971999] ? __pfx_read_tsc+0x10/0x10 [ 15.972021] ? ktime_get_ts64+0x86/0x230 [ 15.972047] kunit_try_run_case+0x1a5/0x480 [ 15.972073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.972098] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.972124] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.972150] ? __kthread_parkme+0x82/0x180 [ 15.972172] ? preempt_count_sub+0x50/0x80 [ 15.972198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.972224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.972251] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.972279] kthread+0x337/0x6f0 [ 15.972300] ? trace_preempt_on+0x20/0xc0 [ 15.972325] ? __pfx_kthread+0x10/0x10 [ 15.972347] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.972370] ? calculate_sigpending+0x7b/0xa0 [ 15.972396] ? __pfx_kthread+0x10/0x10 [ 15.972418] ret_from_fork+0x116/0x1d0 [ 15.972450] ? __pfx_kthread+0x10/0x10 [ 15.972472] ret_from_fork_asm+0x1a/0x30 [ 15.972504] </TASK> [ 15.972515] [ 15.979641] Allocated by task 282: [ 15.979827] kasan_save_stack+0x45/0x70 [ 15.980031] kasan_save_track+0x18/0x40 [ 15.980225] kasan_save_alloc_info+0x3b/0x50 [ 15.980450] __kasan_kmalloc+0xb7/0xc0 [ 15.980639] __kmalloc_cache_noprof+0x189/0x420 [ 15.980877] kasan_atomics+0x95/0x310 [ 15.981050] kunit_try_run_case+0x1a5/0x480 [ 15.981217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.981450] kthread+0x337/0x6f0 [ 15.981602] ret_from_fork+0x116/0x1d0 [ 15.981734] ret_from_fork_asm+0x1a/0x30 [ 15.981944] [ 15.982039] The buggy address belongs to the object at ffff888103082e00 [ 15.982039] which belongs to the cache kmalloc-64 of size 64 [ 15.982555] The buggy address is located 0 bytes to the right of [ 15.982555] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.982998] [ 15.983070] The buggy address belongs to the physical page: [ 15.983246] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.983483] flags: 0x200000000000000(node=0|zone=2) [ 15.983655] page_type: f5(slab) [ 15.985002] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.985890] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.986811] page dumped because: kasan: bad access detected [ 15.987573] [ 15.987900] Memory state around the buggy address: [ 15.988456] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.989229] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.989474] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.989692] ^ [ 15.989864] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.990087] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.990303] ================================================================== [ 15.276081] ================================================================== [ 15.276662] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.277123] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.277598] [ 15.277711] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.277757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.277782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.277804] Call Trace: [ 15.277820] <TASK> [ 15.277834] dump_stack_lvl+0x73/0xb0 [ 15.277865] print_report+0xd1/0x610 [ 15.277891] ? __virt_addr_valid+0x1db/0x2d0 [ 15.277917] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.277941] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.277967] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.277991] kasan_report+0x141/0x180 [ 15.278015] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.278043] kasan_check_range+0x10c/0x1c0 [ 15.278068] __kasan_check_write+0x18/0x20 [ 15.278090] kasan_atomics_helper+0x7c7/0x5450 [ 15.278115] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.278140] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.278169] ? kasan_atomics+0x152/0x310 [ 15.278197] kasan_atomics+0x1dc/0x310 [ 15.278222] ? __pfx_kasan_atomics+0x10/0x10 [ 15.278249] ? __pfx_read_tsc+0x10/0x10 [ 15.278271] ? ktime_get_ts64+0x86/0x230 [ 15.278298] kunit_try_run_case+0x1a5/0x480 [ 15.278325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.278351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.278379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.278406] ? __kthread_parkme+0x82/0x180 [ 15.278529] ? preempt_count_sub+0x50/0x80 [ 15.278560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.278587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.278615] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.278643] kthread+0x337/0x6f0 [ 15.278664] ? trace_preempt_on+0x20/0xc0 [ 15.278690] ? __pfx_kthread+0x10/0x10 [ 15.278714] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.278738] ? calculate_sigpending+0x7b/0xa0 [ 15.278775] ? __pfx_kthread+0x10/0x10 [ 15.278799] ret_from_fork+0x116/0x1d0 [ 15.278820] ? __pfx_kthread+0x10/0x10 [ 15.278843] ret_from_fork_asm+0x1a/0x30 [ 15.278876] </TASK> [ 15.278887] [ 15.288678] Allocated by task 282: [ 15.289023] kasan_save_stack+0x45/0x70 [ 15.289338] kasan_save_track+0x18/0x40 [ 15.289559] kasan_save_alloc_info+0x3b/0x50 [ 15.289932] __kasan_kmalloc+0xb7/0xc0 [ 15.290135] __kmalloc_cache_noprof+0x189/0x420 [ 15.290417] kasan_atomics+0x95/0x310 [ 15.290602] kunit_try_run_case+0x1a5/0x480 [ 15.290926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.291191] kthread+0x337/0x6f0 [ 15.291349] ret_from_fork+0x116/0x1d0 [ 15.291696] ret_from_fork_asm+0x1a/0x30 [ 15.291916] [ 15.292009] The buggy address belongs to the object at ffff888103082e00 [ 15.292009] which belongs to the cache kmalloc-64 of size 64 [ 15.292747] The buggy address is located 0 bytes to the right of [ 15.292747] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.293331] [ 15.293541] The buggy address belongs to the physical page: [ 15.293909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.294331] flags: 0x200000000000000(node=0|zone=2) [ 15.294643] page_type: f5(slab) [ 15.294816] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.295149] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.295487] page dumped because: kasan: bad access detected [ 15.295724] [ 15.296071] Memory state around the buggy address: [ 15.296268] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.296724] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.297136] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.297443] ^ [ 15.297787] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.298152] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.298549] ================================================================== [ 16.368394] ================================================================== [ 16.368719] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.369180] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.369883] [ 16.370114] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.370283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.370302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.370325] Call Trace: [ 16.370342] <TASK> [ 16.370357] dump_stack_lvl+0x73/0xb0 [ 16.370390] print_report+0xd1/0x610 [ 16.370414] ? __virt_addr_valid+0x1db/0x2d0 [ 16.370447] ? kasan_atomics_helper+0x2006/0x5450 [ 16.370472] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.370497] ? kasan_atomics_helper+0x2006/0x5450 [ 16.370522] kasan_report+0x141/0x180 [ 16.370546] ? kasan_atomics_helper+0x2006/0x5450 [ 16.370576] kasan_check_range+0x10c/0x1c0 [ 16.370603] __kasan_check_write+0x18/0x20 [ 16.370624] kasan_atomics_helper+0x2006/0x5450 [ 16.370649] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.370674] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.370702] ? kasan_atomics+0x152/0x310 [ 16.370730] kasan_atomics+0x1dc/0x310 [ 16.370755] ? __pfx_kasan_atomics+0x10/0x10 [ 16.370796] ? __pfx_read_tsc+0x10/0x10 [ 16.370819] ? ktime_get_ts64+0x86/0x230 [ 16.370845] kunit_try_run_case+0x1a5/0x480 [ 16.370872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.370897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.370924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.370950] ? __kthread_parkme+0x82/0x180 [ 16.370972] ? preempt_count_sub+0x50/0x80 [ 16.370997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.371024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.371052] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.371079] kthread+0x337/0x6f0 [ 16.371100] ? trace_preempt_on+0x20/0xc0 [ 16.371125] ? __pfx_kthread+0x10/0x10 [ 16.371148] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.371171] ? calculate_sigpending+0x7b/0xa0 [ 16.371205] ? __pfx_kthread+0x10/0x10 [ 16.371228] ret_from_fork+0x116/0x1d0 [ 16.371249] ? __pfx_kthread+0x10/0x10 [ 16.371271] ret_from_fork_asm+0x1a/0x30 [ 16.371304] </TASK> [ 16.371316] [ 16.382508] Allocated by task 282: [ 16.382717] kasan_save_stack+0x45/0x70 [ 16.383035] kasan_save_track+0x18/0x40 [ 16.383220] kasan_save_alloc_info+0x3b/0x50 [ 16.383413] __kasan_kmalloc+0xb7/0xc0 [ 16.383807] __kmalloc_cache_noprof+0x189/0x420 [ 16.384162] kasan_atomics+0x95/0x310 [ 16.384442] kunit_try_run_case+0x1a5/0x480 [ 16.384753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.385120] kthread+0x337/0x6f0 [ 16.385368] ret_from_fork+0x116/0x1d0 [ 16.385719] ret_from_fork_asm+0x1a/0x30 [ 16.386044] [ 16.386232] The buggy address belongs to the object at ffff888103082e00 [ 16.386232] which belongs to the cache kmalloc-64 of size 64 [ 16.387025] The buggy address is located 0 bytes to the right of [ 16.387025] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.387792] [ 16.387983] The buggy address belongs to the physical page: [ 16.388282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.388820] flags: 0x200000000000000(node=0|zone=2) [ 16.389137] page_type: f5(slab) [ 16.389388] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.389986] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.390411] page dumped because: kasan: bad access detected [ 16.390733] [ 16.390946] Memory state around the buggy address: [ 16.391163] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.391443] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.392037] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.392417] ^ [ 16.392796] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.393173] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.393603] ================================================================== [ 15.699526] ================================================================== [ 15.699842] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.700245] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.700563] [ 15.700755] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.700815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.700829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.700853] Call Trace: [ 15.700880] <TASK> [ 15.700897] dump_stack_lvl+0x73/0xb0 [ 15.700929] print_report+0xd1/0x610 [ 15.700954] ? __virt_addr_valid+0x1db/0x2d0 [ 15.700979] ? kasan_atomics_helper+0x1148/0x5450 [ 15.701003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.701030] ? kasan_atomics_helper+0x1148/0x5450 [ 15.701055] kasan_report+0x141/0x180 [ 15.701079] ? kasan_atomics_helper+0x1148/0x5450 [ 15.701108] kasan_check_range+0x10c/0x1c0 [ 15.701135] __kasan_check_write+0x18/0x20 [ 15.701157] kasan_atomics_helper+0x1148/0x5450 [ 15.701182] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.701208] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.701246] ? kasan_atomics+0x152/0x310 [ 15.701275] kasan_atomics+0x1dc/0x310 [ 15.701299] ? __pfx_kasan_atomics+0x10/0x10 [ 15.701326] ? __pfx_read_tsc+0x10/0x10 [ 15.701349] ? ktime_get_ts64+0x86/0x230 [ 15.701375] kunit_try_run_case+0x1a5/0x480 [ 15.701403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.701451] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.701487] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.701514] ? __kthread_parkme+0x82/0x180 [ 15.701538] ? preempt_count_sub+0x50/0x80 [ 15.701563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.701591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.701636] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.701664] kthread+0x337/0x6f0 [ 15.701685] ? trace_preempt_on+0x20/0xc0 [ 15.701710] ? __pfx_kthread+0x10/0x10 [ 15.701733] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.701757] ? calculate_sigpending+0x7b/0xa0 [ 15.701794] ? __pfx_kthread+0x10/0x10 [ 15.701818] ret_from_fork+0x116/0x1d0 [ 15.701838] ? __pfx_kthread+0x10/0x10 [ 15.701879] ret_from_fork_asm+0x1a/0x30 [ 15.701911] </TASK> [ 15.701923] [ 15.710015] Allocated by task 282: [ 15.710199] kasan_save_stack+0x45/0x70 [ 15.710404] kasan_save_track+0x18/0x40 [ 15.710599] kasan_save_alloc_info+0x3b/0x50 [ 15.710807] __kasan_kmalloc+0xb7/0xc0 [ 15.710946] __kmalloc_cache_noprof+0x189/0x420 [ 15.711174] kasan_atomics+0x95/0x310 [ 15.711371] kunit_try_run_case+0x1a5/0x480 [ 15.711720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.711967] kthread+0x337/0x6f0 [ 15.712133] ret_from_fork+0x116/0x1d0 [ 15.712318] ret_from_fork_asm+0x1a/0x30 [ 15.712555] [ 15.712694] The buggy address belongs to the object at ffff888103082e00 [ 15.712694] which belongs to the cache kmalloc-64 of size 64 [ 15.713291] The buggy address is located 0 bytes to the right of [ 15.713291] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.713865] [ 15.713963] The buggy address belongs to the physical page: [ 15.714328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.714671] flags: 0x200000000000000(node=0|zone=2) [ 15.714884] page_type: f5(slab) [ 15.715007] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.715350] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.715838] page dumped because: kasan: bad access detected [ 15.716081] [ 15.716197] Memory state around the buggy address: [ 15.716422] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.716712] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.717011] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.717313] ^ [ 15.717586] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.717903] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.718200] ================================================================== [ 16.518870] ================================================================== [ 16.519382] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.519865] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.520284] [ 16.520393] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.520440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.520453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.520477] Call Trace: [ 16.520493] <TASK> [ 16.520508] dump_stack_lvl+0x73/0xb0 [ 16.520542] print_report+0xd1/0x610 [ 16.520568] ? __virt_addr_valid+0x1db/0x2d0 [ 16.520593] ? kasan_atomics_helper+0x224c/0x5450 [ 16.520621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.520648] ? kasan_atomics_helper+0x224c/0x5450 [ 16.520673] kasan_report+0x141/0x180 [ 16.520698] ? kasan_atomics_helper+0x224c/0x5450 [ 16.520728] kasan_check_range+0x10c/0x1c0 [ 16.520755] __kasan_check_write+0x18/0x20 [ 16.520789] kasan_atomics_helper+0x224c/0x5450 [ 16.520814] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.520840] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.520867] ? kasan_atomics+0x152/0x310 [ 16.520896] kasan_atomics+0x1dc/0x310 [ 16.520920] ? __pfx_kasan_atomics+0x10/0x10 [ 16.520946] ? __pfx_read_tsc+0x10/0x10 [ 16.520969] ? ktime_get_ts64+0x86/0x230 [ 16.520996] kunit_try_run_case+0x1a5/0x480 [ 16.521022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.521048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.521075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.521101] ? __kthread_parkme+0x82/0x180 [ 16.521124] ? preempt_count_sub+0x50/0x80 [ 16.521150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.521176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.521204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.521232] kthread+0x337/0x6f0 [ 16.521252] ? trace_preempt_on+0x20/0xc0 [ 16.521278] ? __pfx_kthread+0x10/0x10 [ 16.521301] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.521324] ? calculate_sigpending+0x7b/0xa0 [ 16.521350] ? __pfx_kthread+0x10/0x10 [ 16.521374] ret_from_fork+0x116/0x1d0 [ 16.521394] ? __pfx_kthread+0x10/0x10 [ 16.521416] ret_from_fork_asm+0x1a/0x30 [ 16.521706] </TASK> [ 16.521723] [ 16.532163] Allocated by task 282: [ 16.532343] kasan_save_stack+0x45/0x70 [ 16.532533] kasan_save_track+0x18/0x40 [ 16.532714] kasan_save_alloc_info+0x3b/0x50 [ 16.533773] __kasan_kmalloc+0xb7/0xc0 [ 16.534160] __kmalloc_cache_noprof+0x189/0x420 [ 16.534615] kasan_atomics+0x95/0x310 [ 16.534999] kunit_try_run_case+0x1a5/0x480 [ 16.535421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.535953] kthread+0x337/0x6f0 [ 16.536295] ret_from_fork+0x116/0x1d0 [ 16.536692] ret_from_fork_asm+0x1a/0x30 [ 16.537081] [ 16.537283] The buggy address belongs to the object at ffff888103082e00 [ 16.537283] which belongs to the cache kmalloc-64 of size 64 [ 16.538055] The buggy address is located 0 bytes to the right of [ 16.538055] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.538458] [ 16.538673] The buggy address belongs to the physical page: [ 16.539238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.539989] flags: 0x200000000000000(node=0|zone=2) [ 16.540548] page_type: f5(slab) [ 16.540854] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.541447] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.542195] page dumped because: kasan: bad access detected [ 16.542376] [ 16.542456] Memory state around the buggy address: [ 16.542616] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.542851] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.543161] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.543440] ^ [ 16.543647] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.544047] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.544268] ================================================================== [ 15.508053] ================================================================== [ 15.508383] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.509028] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.509345] [ 15.509675] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.509957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.509976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.510013] Call Trace: [ 15.510031] <TASK> [ 15.510050] dump_stack_lvl+0x73/0xb0 [ 15.510086] print_report+0xd1/0x610 [ 15.510111] ? __virt_addr_valid+0x1db/0x2d0 [ 15.510139] ? kasan_atomics_helper+0xde0/0x5450 [ 15.510167] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.510195] ? kasan_atomics_helper+0xde0/0x5450 [ 15.510218] kasan_report+0x141/0x180 [ 15.510243] ? kasan_atomics_helper+0xde0/0x5450 [ 15.510272] kasan_check_range+0x10c/0x1c0 [ 15.510300] __kasan_check_write+0x18/0x20 [ 15.510322] kasan_atomics_helper+0xde0/0x5450 [ 15.510346] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.510371] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.510400] ? kasan_atomics+0x152/0x310 [ 15.510428] kasan_atomics+0x1dc/0x310 [ 15.510468] ? __pfx_kasan_atomics+0x10/0x10 [ 15.510494] ? __pfx_read_tsc+0x10/0x10 [ 15.510517] ? ktime_get_ts64+0x86/0x230 [ 15.510545] kunit_try_run_case+0x1a5/0x480 [ 15.510573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.510598] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.510626] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.510652] ? __kthread_parkme+0x82/0x180 [ 15.510675] ? preempt_count_sub+0x50/0x80 [ 15.510701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.510728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.510755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.510794] kthread+0x337/0x6f0 [ 15.510814] ? trace_preempt_on+0x20/0xc0 [ 15.510841] ? __pfx_kthread+0x10/0x10 [ 15.510862] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.510887] ? calculate_sigpending+0x7b/0xa0 [ 15.510914] ? __pfx_kthread+0x10/0x10 [ 15.510936] ret_from_fork+0x116/0x1d0 [ 15.510956] ? __pfx_kthread+0x10/0x10 [ 15.510979] ret_from_fork_asm+0x1a/0x30 [ 15.511012] </TASK> [ 15.511024] [ 15.522377] Allocated by task 282: [ 15.522574] kasan_save_stack+0x45/0x70 [ 15.522752] kasan_save_track+0x18/0x40 [ 15.523812] kasan_save_alloc_info+0x3b/0x50 [ 15.524279] __kasan_kmalloc+0xb7/0xc0 [ 15.524719] __kmalloc_cache_noprof+0x189/0x420 [ 15.525212] kasan_atomics+0x95/0x310 [ 15.525653] kunit_try_run_case+0x1a5/0x480 [ 15.526146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.526720] kthread+0x337/0x6f0 [ 15.527031] ret_from_fork+0x116/0x1d0 [ 15.527389] ret_from_fork_asm+0x1a/0x30 [ 15.527795] [ 15.527957] The buggy address belongs to the object at ffff888103082e00 [ 15.527957] which belongs to the cache kmalloc-64 of size 64 [ 15.528492] The buggy address is located 0 bytes to the right of [ 15.528492] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.529580] [ 15.529722] The buggy address belongs to the physical page: [ 15.529907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.530152] flags: 0x200000000000000(node=0|zone=2) [ 15.530318] page_type: f5(slab) [ 15.530466] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.531120] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.531783] page dumped because: kasan: bad access detected [ 15.532251] [ 15.532407] Memory state around the buggy address: [ 15.532844] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.533483] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.534076] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.534388] ^ [ 15.534826] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.535357] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.535906] ================================================================== [ 15.033608] ================================================================== [ 15.033903] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 15.034644] Read of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.034936] [ 15.035113] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.035158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.035169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.035193] Call Trace: [ 15.035206] <TASK> [ 15.035219] dump_stack_lvl+0x73/0xb0 [ 15.035247] print_report+0xd1/0x610 [ 15.035271] ? __virt_addr_valid+0x1db/0x2d0 [ 15.035295] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.035317] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.035343] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.035366] kasan_report+0x141/0x180 [ 15.035401] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.035429] __asan_report_load4_noabort+0x18/0x20 [ 15.035478] kasan_atomics_helper+0x4b88/0x5450 [ 15.035502] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.035526] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.035553] ? kasan_atomics+0x152/0x310 [ 15.035581] kasan_atomics+0x1dc/0x310 [ 15.035604] ? __pfx_kasan_atomics+0x10/0x10 [ 15.035629] ? __pfx_read_tsc+0x10/0x10 [ 15.035652] ? ktime_get_ts64+0x86/0x230 [ 15.035677] kunit_try_run_case+0x1a5/0x480 [ 15.035702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.035727] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.035753] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.035789] ? __kthread_parkme+0x82/0x180 [ 15.035810] ? preempt_count_sub+0x50/0x80 [ 15.035836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.035861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.035887] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.035914] kthread+0x337/0x6f0 [ 15.035934] ? trace_preempt_on+0x20/0xc0 [ 15.035968] ? __pfx_kthread+0x10/0x10 [ 15.035999] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.036022] ? calculate_sigpending+0x7b/0xa0 [ 15.036059] ? __pfx_kthread+0x10/0x10 [ 15.036082] ret_from_fork+0x116/0x1d0 [ 15.036102] ? __pfx_kthread+0x10/0x10 [ 15.036122] ret_from_fork_asm+0x1a/0x30 [ 15.036163] </TASK> [ 15.036173] [ 15.044665] Allocated by task 282: [ 15.044812] kasan_save_stack+0x45/0x70 [ 15.044955] kasan_save_track+0x18/0x40 [ 15.045200] kasan_save_alloc_info+0x3b/0x50 [ 15.045434] __kasan_kmalloc+0xb7/0xc0 [ 15.045620] __kmalloc_cache_noprof+0x189/0x420 [ 15.045787] kasan_atomics+0x95/0x310 [ 15.045959] kunit_try_run_case+0x1a5/0x480 [ 15.046391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.046604] kthread+0x337/0x6f0 [ 15.046803] ret_from_fork+0x116/0x1d0 [ 15.046961] ret_from_fork_asm+0x1a/0x30 [ 15.047213] [ 15.047289] The buggy address belongs to the object at ffff888103082e00 [ 15.047289] which belongs to the cache kmalloc-64 of size 64 [ 15.047878] The buggy address is located 0 bytes to the right of [ 15.047878] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.048478] [ 15.048664] The buggy address belongs to the physical page: [ 15.048902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.049338] flags: 0x200000000000000(node=0|zone=2) [ 15.049591] page_type: f5(slab) [ 15.049727] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.050112] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.050424] page dumped because: kasan: bad access detected [ 15.050673] [ 15.050783] Memory state around the buggy address: [ 15.050941] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.051161] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.051382] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.051596] ^ [ 15.051754] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.052117] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.052451] ================================================================== [ 15.384592] ================================================================== [ 15.384960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.385324] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.385951] [ 15.386061] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.386105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.386118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.386140] Call Trace: [ 15.386156] <TASK> [ 15.386171] dump_stack_lvl+0x73/0xb0 [ 15.386202] print_report+0xd1/0x610 [ 15.386227] ? __virt_addr_valid+0x1db/0x2d0 [ 15.386252] ? kasan_atomics_helper+0xac7/0x5450 [ 15.386275] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.386301] ? kasan_atomics_helper+0xac7/0x5450 [ 15.386325] kasan_report+0x141/0x180 [ 15.386349] ? kasan_atomics_helper+0xac7/0x5450 [ 15.386378] kasan_check_range+0x10c/0x1c0 [ 15.386404] __kasan_check_write+0x18/0x20 [ 15.386426] kasan_atomics_helper+0xac7/0x5450 [ 15.386462] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.386488] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.386516] ? kasan_atomics+0x152/0x310 [ 15.386544] kasan_atomics+0x1dc/0x310 [ 15.386568] ? __pfx_kasan_atomics+0x10/0x10 [ 15.386594] ? __pfx_read_tsc+0x10/0x10 [ 15.386617] ? ktime_get_ts64+0x86/0x230 [ 15.386643] kunit_try_run_case+0x1a5/0x480 [ 15.386671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.386696] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.386723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.386750] ? __kthread_parkme+0x82/0x180 [ 15.386784] ? preempt_count_sub+0x50/0x80 [ 15.386810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.386837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.386864] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.386892] kthread+0x337/0x6f0 [ 15.386913] ? trace_preempt_on+0x20/0xc0 [ 15.386939] ? __pfx_kthread+0x10/0x10 [ 15.386962] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.386985] ? calculate_sigpending+0x7b/0xa0 [ 15.387012] ? __pfx_kthread+0x10/0x10 [ 15.387035] ret_from_fork+0x116/0x1d0 [ 15.387055] ? __pfx_kthread+0x10/0x10 [ 15.387077] ret_from_fork_asm+0x1a/0x30 [ 15.387109] </TASK> [ 15.387120] [ 15.394560] Allocated by task 282: [ 15.394688] kasan_save_stack+0x45/0x70 [ 15.394846] kasan_save_track+0x18/0x40 [ 15.394985] kasan_save_alloc_info+0x3b/0x50 [ 15.395139] __kasan_kmalloc+0xb7/0xc0 [ 15.395334] __kmalloc_cache_noprof+0x189/0x420 [ 15.395654] kasan_atomics+0x95/0x310 [ 15.395882] kunit_try_run_case+0x1a5/0x480 [ 15.396267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.396539] kthread+0x337/0x6f0 [ 15.396717] ret_from_fork+0x116/0x1d0 [ 15.396926] ret_from_fork_asm+0x1a/0x30 [ 15.397187] [ 15.397284] The buggy address belongs to the object at ffff888103082e00 [ 15.397284] which belongs to the cache kmalloc-64 of size 64 [ 15.397672] The buggy address is located 0 bytes to the right of [ 15.397672] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.398474] [ 15.398578] The buggy address belongs to the physical page: [ 15.398841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.399169] flags: 0x200000000000000(node=0|zone=2) [ 15.399343] page_type: f5(slab) [ 15.399466] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.399707] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.400008] page dumped because: kasan: bad access detected [ 15.400267] [ 15.400368] Memory state around the buggy address: [ 15.400595] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.400930] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.401256] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.401505] ^ [ 15.401662] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.402220] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.402535] ================================================================== [ 15.775843] ================================================================== [ 15.776540] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.776899] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.777152] [ 15.777234] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.777277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.777289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.777311] Call Trace: [ 15.777326] <TASK> [ 15.777340] dump_stack_lvl+0x73/0xb0 [ 15.777368] print_report+0xd1/0x610 [ 15.777392] ? __virt_addr_valid+0x1db/0x2d0 [ 15.777417] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.777441] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.777466] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.777517] kasan_report+0x141/0x180 [ 15.777555] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.777597] kasan_check_range+0x10c/0x1c0 [ 15.777636] __kasan_check_write+0x18/0x20 [ 15.777671] kasan_atomics_helper+0x12e6/0x5450 [ 15.777710] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.777735] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.777772] ? kasan_atomics+0x152/0x310 [ 15.777800] kasan_atomics+0x1dc/0x310 [ 15.777825] ? __pfx_kasan_atomics+0x10/0x10 [ 15.777867] ? __pfx_read_tsc+0x10/0x10 [ 15.777891] ? ktime_get_ts64+0x86/0x230 [ 15.777917] kunit_try_run_case+0x1a5/0x480 [ 15.777944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.777969] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.777995] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.778021] ? __kthread_parkme+0x82/0x180 [ 15.778061] ? preempt_count_sub+0x50/0x80 [ 15.778087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.778114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.778140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.778169] kthread+0x337/0x6f0 [ 15.778190] ? trace_preempt_on+0x20/0xc0 [ 15.778215] ? __pfx_kthread+0x10/0x10 [ 15.778236] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.778260] ? calculate_sigpending+0x7b/0xa0 [ 15.778286] ? __pfx_kthread+0x10/0x10 [ 15.778309] ret_from_fork+0x116/0x1d0 [ 15.778329] ? __pfx_kthread+0x10/0x10 [ 15.778351] ret_from_fork_asm+0x1a/0x30 [ 15.778383] </TASK> [ 15.778394] [ 15.786604] Allocated by task 282: [ 15.786775] kasan_save_stack+0x45/0x70 [ 15.786993] kasan_save_track+0x18/0x40 [ 15.787226] kasan_save_alloc_info+0x3b/0x50 [ 15.787432] __kasan_kmalloc+0xb7/0xc0 [ 15.787636] __kmalloc_cache_noprof+0x189/0x420 [ 15.787817] kasan_atomics+0x95/0x310 [ 15.788008] kunit_try_run_case+0x1a5/0x480 [ 15.788230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.788498] kthread+0x337/0x6f0 [ 15.788669] ret_from_fork+0x116/0x1d0 [ 15.788844] ret_from_fork_asm+0x1a/0x30 [ 15.789038] [ 15.789157] The buggy address belongs to the object at ffff888103082e00 [ 15.789157] which belongs to the cache kmalloc-64 of size 64 [ 15.789691] The buggy address is located 0 bytes to the right of [ 15.789691] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.790169] [ 15.790271] The buggy address belongs to the physical page: [ 15.790557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.790862] flags: 0x200000000000000(node=0|zone=2) [ 15.791094] page_type: f5(slab) [ 15.791257] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.791636] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.792006] page dumped because: kasan: bad access detected [ 15.792183] [ 15.792275] Memory state around the buggy address: [ 15.792507] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.792846] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.793162] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.793404] ^ [ 15.793556] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.793781] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.794179] ================================================================== [ 15.794846] ================================================================== [ 15.795469] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.795974] Read of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.796768] [ 15.796915] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.796965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.796979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.797001] Call Trace: [ 15.797017] <TASK> [ 15.797034] dump_stack_lvl+0x73/0xb0 [ 15.797086] print_report+0xd1/0x610 [ 15.797113] ? __virt_addr_valid+0x1db/0x2d0 [ 15.797137] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.797161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.797187] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.797212] kasan_report+0x141/0x180 [ 15.797236] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.797283] __asan_report_load4_noabort+0x18/0x20 [ 15.797310] kasan_atomics_helper+0x49ce/0x5450 [ 15.797336] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.797361] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.797388] ? kasan_atomics+0x152/0x310 [ 15.797434] kasan_atomics+0x1dc/0x310 [ 15.797469] ? __pfx_kasan_atomics+0x10/0x10 [ 15.797495] ? __pfx_read_tsc+0x10/0x10 [ 15.797517] ? ktime_get_ts64+0x86/0x230 [ 15.797543] kunit_try_run_case+0x1a5/0x480 [ 15.797571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.797596] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.797640] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.797667] ? __kthread_parkme+0x82/0x180 [ 15.797689] ? preempt_count_sub+0x50/0x80 [ 15.797715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.797742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.797779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.797824] kthread+0x337/0x6f0 [ 15.797858] ? trace_preempt_on+0x20/0xc0 [ 15.797884] ? __pfx_kthread+0x10/0x10 [ 15.797919] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.797956] ? calculate_sigpending+0x7b/0xa0 [ 15.797982] ? __pfx_kthread+0x10/0x10 [ 15.798006] ret_from_fork+0x116/0x1d0 [ 15.798026] ? __pfx_kthread+0x10/0x10 [ 15.798048] ret_from_fork_asm+0x1a/0x30 [ 15.798080] </TASK> [ 15.798092] [ 15.810258] Allocated by task 282: [ 15.810602] kasan_save_stack+0x45/0x70 [ 15.810988] kasan_save_track+0x18/0x40 [ 15.811356] kasan_save_alloc_info+0x3b/0x50 [ 15.811658] __kasan_kmalloc+0xb7/0xc0 [ 15.811806] __kmalloc_cache_noprof+0x189/0x420 [ 15.811962] kasan_atomics+0x95/0x310 [ 15.812096] kunit_try_run_case+0x1a5/0x480 [ 15.812240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.812415] kthread+0x337/0x6f0 [ 15.812808] ret_from_fork+0x116/0x1d0 [ 15.813141] ret_from_fork_asm+0x1a/0x30 [ 15.813577] [ 15.813777] The buggy address belongs to the object at ffff888103082e00 [ 15.813777] which belongs to the cache kmalloc-64 of size 64 [ 15.814856] The buggy address is located 0 bytes to the right of [ 15.814856] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.816035] [ 15.816201] The buggy address belongs to the physical page: [ 15.816800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.817508] flags: 0x200000000000000(node=0|zone=2) [ 15.817950] page_type: f5(slab) [ 15.818236] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.818874] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.819103] page dumped because: kasan: bad access detected [ 15.819287] [ 15.819358] Memory state around the buggy address: [ 15.819641] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.820238] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.820922] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.821556] ^ [ 15.822060] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.822779] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.823401] ================================================================== [ 15.645493] ================================================================== [ 15.645728] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.646732] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.647070] [ 15.647330] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.647381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.647396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.647418] Call Trace: [ 15.647434] <TASK> [ 15.647462] dump_stack_lvl+0x73/0xb0 [ 15.647495] print_report+0xd1/0x610 [ 15.647520] ? __virt_addr_valid+0x1db/0x2d0 [ 15.647544] ? kasan_atomics_helper+0x1079/0x5450 [ 15.647568] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.647593] ? kasan_atomics_helper+0x1079/0x5450 [ 15.647618] kasan_report+0x141/0x180 [ 15.647642] ? kasan_atomics_helper+0x1079/0x5450 [ 15.647670] kasan_check_range+0x10c/0x1c0 [ 15.647695] __kasan_check_write+0x18/0x20 [ 15.647717] kasan_atomics_helper+0x1079/0x5450 [ 15.647741] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.647778] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.647807] ? kasan_atomics+0x152/0x310 [ 15.647836] kasan_atomics+0x1dc/0x310 [ 15.647860] ? __pfx_kasan_atomics+0x10/0x10 [ 15.647890] ? __pfx_read_tsc+0x10/0x10 [ 15.647914] ? ktime_get_ts64+0x86/0x230 [ 15.647941] kunit_try_run_case+0x1a5/0x480 [ 15.647967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.647995] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.648022] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.648052] ? __kthread_parkme+0x82/0x180 [ 15.648078] ? preempt_count_sub+0x50/0x80 [ 15.648105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.648132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.648160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.648188] kthread+0x337/0x6f0 [ 15.648209] ? trace_preempt_on+0x20/0xc0 [ 15.648236] ? __pfx_kthread+0x10/0x10 [ 15.648258] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.648283] ? calculate_sigpending+0x7b/0xa0 [ 15.648310] ? __pfx_kthread+0x10/0x10 [ 15.648333] ret_from_fork+0x116/0x1d0 [ 15.648353] ? __pfx_kthread+0x10/0x10 [ 15.648376] ret_from_fork_asm+0x1a/0x30 [ 15.648409] </TASK> [ 15.648420] [ 15.658693] Allocated by task 282: [ 15.658886] kasan_save_stack+0x45/0x70 [ 15.659084] kasan_save_track+0x18/0x40 [ 15.659271] kasan_save_alloc_info+0x3b/0x50 [ 15.659775] __kasan_kmalloc+0xb7/0xc0 [ 15.660072] __kmalloc_cache_noprof+0x189/0x420 [ 15.660387] kasan_atomics+0x95/0x310 [ 15.660585] kunit_try_run_case+0x1a5/0x480 [ 15.660965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.661302] kthread+0x337/0x6f0 [ 15.661568] ret_from_fork+0x116/0x1d0 [ 15.661869] ret_from_fork_asm+0x1a/0x30 [ 15.662030] [ 15.662267] The buggy address belongs to the object at ffff888103082e00 [ 15.662267] which belongs to the cache kmalloc-64 of size 64 [ 15.662885] The buggy address is located 0 bytes to the right of [ 15.662885] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.663397] [ 15.663795] The buggy address belongs to the physical page: [ 15.664036] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.664433] flags: 0x200000000000000(node=0|zone=2) [ 15.664823] page_type: f5(slab) [ 15.665175] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.665526] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.665935] page dumped because: kasan: bad access detected [ 15.666261] [ 15.666341] Memory state around the buggy address: [ 15.666804] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.667186] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.667647] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.668043] ^ [ 15.668269] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.668733] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.669118] ================================================================== [ 16.085932] ================================================================== [ 16.086256] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 16.086735] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.086990] [ 16.087078] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.087124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.087137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.087159] Call Trace: [ 16.087175] <TASK> [ 16.087195] dump_stack_lvl+0x73/0xb0 [ 16.087225] print_report+0xd1/0x610 [ 16.087250] ? __virt_addr_valid+0x1db/0x2d0 [ 16.087275] ? kasan_atomics_helper+0x194a/0x5450 [ 16.087299] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.087325] ? kasan_atomics_helper+0x194a/0x5450 [ 16.087349] kasan_report+0x141/0x180 [ 16.087373] ? kasan_atomics_helper+0x194a/0x5450 [ 16.087402] kasan_check_range+0x10c/0x1c0 [ 16.087428] __kasan_check_write+0x18/0x20 [ 16.087461] kasan_atomics_helper+0x194a/0x5450 [ 16.087486] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.087511] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.087539] ? kasan_atomics+0x152/0x310 [ 16.087567] kasan_atomics+0x1dc/0x310 [ 16.087591] ? __pfx_kasan_atomics+0x10/0x10 [ 16.087618] ? __pfx_read_tsc+0x10/0x10 [ 16.087641] ? ktime_get_ts64+0x86/0x230 [ 16.087668] kunit_try_run_case+0x1a5/0x480 [ 16.087695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.087721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.087748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.087785] ? __kthread_parkme+0x82/0x180 [ 16.087807] ? preempt_count_sub+0x50/0x80 [ 16.087834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.087860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.087888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.087916] kthread+0x337/0x6f0 [ 16.087936] ? trace_preempt_on+0x20/0xc0 [ 16.087961] ? __pfx_kthread+0x10/0x10 [ 16.087983] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.088007] ? calculate_sigpending+0x7b/0xa0 [ 16.088033] ? __pfx_kthread+0x10/0x10 [ 16.088057] ret_from_fork+0x116/0x1d0 [ 16.088076] ? __pfx_kthread+0x10/0x10 [ 16.088099] ret_from_fork_asm+0x1a/0x30 [ 16.088131] </TASK> [ 16.088142] [ 16.095726] Allocated by task 282: [ 16.095919] kasan_save_stack+0x45/0x70 [ 16.096127] kasan_save_track+0x18/0x40 [ 16.096313] kasan_save_alloc_info+0x3b/0x50 [ 16.096475] __kasan_kmalloc+0xb7/0xc0 [ 16.096662] __kmalloc_cache_noprof+0x189/0x420 [ 16.096899] kasan_atomics+0x95/0x310 [ 16.097053] kunit_try_run_case+0x1a5/0x480 [ 16.097203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.097428] kthread+0x337/0x6f0 [ 16.097617] ret_from_fork+0x116/0x1d0 [ 16.097821] ret_from_fork_asm+0x1a/0x30 [ 16.098021] [ 16.098121] The buggy address belongs to the object at ffff888103082e00 [ 16.098121] which belongs to the cache kmalloc-64 of size 64 [ 16.098626] The buggy address is located 0 bytes to the right of [ 16.098626] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.099007] [ 16.099092] The buggy address belongs to the physical page: [ 16.099350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.099706] flags: 0x200000000000000(node=0|zone=2) [ 16.099949] page_type: f5(slab) [ 16.100099] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.100334] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.100906] page dumped because: kasan: bad access detected [ 16.101165] [ 16.101272] Memory state around the buggy address: [ 16.101489] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.101715] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.102042] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.102362] ^ [ 16.102595] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.102904] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.103201] ================================================================== [ 16.180267] ================================================================== [ 16.180924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.181388] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.181930] [ 16.182170] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.182231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.182245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.182269] Call Trace: [ 16.182287] <TASK> [ 16.182305] dump_stack_lvl+0x73/0xb0 [ 16.182337] print_report+0xd1/0x610 [ 16.182363] ? __virt_addr_valid+0x1db/0x2d0 [ 16.182389] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.182413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.182438] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.182568] kasan_report+0x141/0x180 [ 16.182595] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.182624] kasan_check_range+0x10c/0x1c0 [ 16.182650] __kasan_check_write+0x18/0x20 [ 16.182672] kasan_atomics_helper+0x1c18/0x5450 [ 16.182731] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.182757] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.182796] ? kasan_atomics+0x152/0x310 [ 16.182825] kasan_atomics+0x1dc/0x310 [ 16.182852] ? __pfx_kasan_atomics+0x10/0x10 [ 16.182879] ? __pfx_read_tsc+0x10/0x10 [ 16.182902] ? ktime_get_ts64+0x86/0x230 [ 16.182929] kunit_try_run_case+0x1a5/0x480 [ 16.182955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.182980] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.183008] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.183034] ? __kthread_parkme+0x82/0x180 [ 16.183057] ? preempt_count_sub+0x50/0x80 [ 16.183083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.183110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.183138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.183165] kthread+0x337/0x6f0 [ 16.183193] ? trace_preempt_on+0x20/0xc0 [ 16.183219] ? __pfx_kthread+0x10/0x10 [ 16.183241] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.183264] ? calculate_sigpending+0x7b/0xa0 [ 16.183291] ? __pfx_kthread+0x10/0x10 [ 16.183314] ret_from_fork+0x116/0x1d0 [ 16.183334] ? __pfx_kthread+0x10/0x10 [ 16.183357] ret_from_fork_asm+0x1a/0x30 [ 16.183389] </TASK> [ 16.183401] [ 16.192916] Allocated by task 282: [ 16.193058] kasan_save_stack+0x45/0x70 [ 16.193206] kasan_save_track+0x18/0x40 [ 16.193345] kasan_save_alloc_info+0x3b/0x50 [ 16.193497] __kasan_kmalloc+0xb7/0xc0 [ 16.194159] __kmalloc_cache_noprof+0x189/0x420 [ 16.194605] kasan_atomics+0x95/0x310 [ 16.195066] kunit_try_run_case+0x1a5/0x480 [ 16.195368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.195819] kthread+0x337/0x6f0 [ 16.196239] ret_from_fork+0x116/0x1d0 [ 16.196516] ret_from_fork_asm+0x1a/0x30 [ 16.196733] [ 16.196845] The buggy address belongs to the object at ffff888103082e00 [ 16.196845] which belongs to the cache kmalloc-64 of size 64 [ 16.197384] The buggy address is located 0 bytes to the right of [ 16.197384] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.198737] [ 16.198937] The buggy address belongs to the physical page: [ 16.199411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.200505] flags: 0x200000000000000(node=0|zone=2) [ 16.200996] page_type: f5(slab) [ 16.201125] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.201355] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.201845] page dumped because: kasan: bad access detected [ 16.202017] [ 16.202089] Memory state around the buggy address: [ 16.202242] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.202793] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.203896] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.204673] ^ [ 16.205059] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.205283] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.205522] ================================================================== [ 15.053067] ================================================================== [ 15.053888] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 15.054444] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.054992] [ 15.055104] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.055149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.055162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.055189] Call Trace: [ 15.055205] <TASK> [ 15.055220] dump_stack_lvl+0x73/0xb0 [ 15.055251] print_report+0xd1/0x610 [ 15.055275] ? __virt_addr_valid+0x1db/0x2d0 [ 15.055301] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.055325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.055351] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.055375] kasan_report+0x141/0x180 [ 15.055399] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.055428] __asan_report_store4_noabort+0x1b/0x30 [ 15.055466] kasan_atomics_helper+0x4b6e/0x5450 [ 15.055492] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.055517] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.055545] ? kasan_atomics+0x152/0x310 [ 15.055574] kasan_atomics+0x1dc/0x310 [ 15.055608] ? __pfx_kasan_atomics+0x10/0x10 [ 15.055635] ? __pfx_read_tsc+0x10/0x10 [ 15.055672] ? ktime_get_ts64+0x86/0x230 [ 15.055698] kunit_try_run_case+0x1a5/0x480 [ 15.055737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.055772] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.055799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.055825] ? __kthread_parkme+0x82/0x180 [ 15.055849] ? preempt_count_sub+0x50/0x80 [ 15.055875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.055901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.055929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.055966] kthread+0x337/0x6f0 [ 15.055998] ? trace_preempt_on+0x20/0xc0 [ 15.056036] ? __pfx_kthread+0x10/0x10 [ 15.056068] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.056092] ? calculate_sigpending+0x7b/0xa0 [ 15.056119] ? __pfx_kthread+0x10/0x10 [ 15.056154] ret_from_fork+0x116/0x1d0 [ 15.056174] ? __pfx_kthread+0x10/0x10 [ 15.056197] ret_from_fork_asm+0x1a/0x30 [ 15.056230] </TASK> [ 15.056241] [ 15.065403] Allocated by task 282: [ 15.065606] kasan_save_stack+0x45/0x70 [ 15.065755] kasan_save_track+0x18/0x40 [ 15.065906] kasan_save_alloc_info+0x3b/0x50 [ 15.066059] __kasan_kmalloc+0xb7/0xc0 [ 15.066195] __kmalloc_cache_noprof+0x189/0x420 [ 15.066357] kasan_atomics+0x95/0x310 [ 15.066501] kunit_try_run_case+0x1a5/0x480 [ 15.066656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.066908] kthread+0x337/0x6f0 [ 15.067138] ret_from_fork+0x116/0x1d0 [ 15.067335] ret_from_fork_asm+0x1a/0x30 [ 15.067652] [ 15.067751] The buggy address belongs to the object at ffff888103082e00 [ 15.067751] which belongs to the cache kmalloc-64 of size 64 [ 15.068736] The buggy address is located 0 bytes to the right of [ 15.068736] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.069352] [ 15.069449] The buggy address belongs to the physical page: [ 15.069626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.069879] flags: 0x200000000000000(node=0|zone=2) [ 15.070046] page_type: f5(slab) [ 15.070169] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.070403] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.070635] page dumped because: kasan: bad access detected [ 15.070946] [ 15.071044] Memory state around the buggy address: [ 15.071279] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.071815] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.072154] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.072485] ^ [ 15.072715] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.073171] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.073486] ================================================================== [ 16.544789] ================================================================== [ 16.545236] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.545571] Read of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.545955] [ 16.546112] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.546170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.546185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.546234] Call Trace: [ 16.546249] <TASK> [ 16.546265] dump_stack_lvl+0x73/0xb0 [ 16.546308] print_report+0xd1/0x610 [ 16.546333] ? __virt_addr_valid+0x1db/0x2d0 [ 16.546358] ? kasan_atomics_helper+0x5115/0x5450 [ 16.546382] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.546407] ? kasan_atomics_helper+0x5115/0x5450 [ 16.546451] kasan_report+0x141/0x180 [ 16.546476] ? kasan_atomics_helper+0x5115/0x5450 [ 16.546535] __asan_report_load8_noabort+0x18/0x20 [ 16.546563] kasan_atomics_helper+0x5115/0x5450 [ 16.546625] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.546650] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.546690] ? kasan_atomics+0x152/0x310 [ 16.546718] kasan_atomics+0x1dc/0x310 [ 16.546743] ? __pfx_kasan_atomics+0x10/0x10 [ 16.546778] ? __pfx_read_tsc+0x10/0x10 [ 16.546801] ? ktime_get_ts64+0x86/0x230 [ 16.546827] kunit_try_run_case+0x1a5/0x480 [ 16.546884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.546910] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.546948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.546975] ? __kthread_parkme+0x82/0x180 [ 16.547026] ? preempt_count_sub+0x50/0x80 [ 16.547052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.547080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.547118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.547146] kthread+0x337/0x6f0 [ 16.547167] ? trace_preempt_on+0x20/0xc0 [ 16.547196] ? __pfx_kthread+0x10/0x10 [ 16.547219] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.547243] ? calculate_sigpending+0x7b/0xa0 [ 16.547269] ? __pfx_kthread+0x10/0x10 [ 16.547293] ret_from_fork+0x116/0x1d0 [ 16.547313] ? __pfx_kthread+0x10/0x10 [ 16.547335] ret_from_fork_asm+0x1a/0x30 [ 16.547368] </TASK> [ 16.547380] [ 16.555449] Allocated by task 282: [ 16.555609] kasan_save_stack+0x45/0x70 [ 16.555820] kasan_save_track+0x18/0x40 [ 16.555998] kasan_save_alloc_info+0x3b/0x50 [ 16.556170] __kasan_kmalloc+0xb7/0xc0 [ 16.556492] __kmalloc_cache_noprof+0x189/0x420 [ 16.556784] kasan_atomics+0x95/0x310 [ 16.556980] kunit_try_run_case+0x1a5/0x480 [ 16.557141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.557406] kthread+0x337/0x6f0 [ 16.557635] ret_from_fork+0x116/0x1d0 [ 16.557830] ret_from_fork_asm+0x1a/0x30 [ 16.558058] [ 16.558139] The buggy address belongs to the object at ffff888103082e00 [ 16.558139] which belongs to the cache kmalloc-64 of size 64 [ 16.558742] The buggy address is located 0 bytes to the right of [ 16.558742] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.559185] [ 16.559284] The buggy address belongs to the physical page: [ 16.559618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.559986] flags: 0x200000000000000(node=0|zone=2) [ 16.560243] page_type: f5(slab) [ 16.560386] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.560746] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.561031] page dumped because: kasan: bad access detected [ 16.561331] [ 16.561471] Memory state around the buggy address: [ 16.561669] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.561984] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.562396] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.562712] ^ [ 16.562918] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.563247] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.563628] ================================================================== [ 15.114922] ================================================================== [ 15.115715] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.116629] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.117576] [ 15.117815] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.117865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.117879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.117904] Call Trace: [ 15.117919] <TASK> [ 15.117937] dump_stack_lvl+0x73/0xb0 [ 15.117969] print_report+0xd1/0x610 [ 15.117994] ? __virt_addr_valid+0x1db/0x2d0 [ 15.118019] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.118083] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.118111] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.118135] kasan_report+0x141/0x180 [ 15.118192] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.118221] kasan_check_range+0x10c/0x1c0 [ 15.118247] __kasan_check_write+0x18/0x20 [ 15.118270] kasan_atomics_helper+0x4a0/0x5450 [ 15.118295] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.118320] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.118348] ? kasan_atomics+0x152/0x310 [ 15.118377] kasan_atomics+0x1dc/0x310 [ 15.118402] ? __pfx_kasan_atomics+0x10/0x10 [ 15.118427] ? __pfx_read_tsc+0x10/0x10 [ 15.118461] ? ktime_get_ts64+0x86/0x230 [ 15.118487] kunit_try_run_case+0x1a5/0x480 [ 15.118514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.118538] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.118565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.118592] ? __kthread_parkme+0x82/0x180 [ 15.118615] ? preempt_count_sub+0x50/0x80 [ 15.118640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.118667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.118693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.118722] kthread+0x337/0x6f0 [ 15.118743] ? trace_preempt_on+0x20/0xc0 [ 15.118778] ? __pfx_kthread+0x10/0x10 [ 15.118801] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.118824] ? calculate_sigpending+0x7b/0xa0 [ 15.118850] ? __pfx_kthread+0x10/0x10 [ 15.118873] ret_from_fork+0x116/0x1d0 [ 15.118893] ? __pfx_kthread+0x10/0x10 [ 15.118915] ret_from_fork_asm+0x1a/0x30 [ 15.118949] </TASK> [ 15.118960] [ 15.133893] Allocated by task 282: [ 15.134107] kasan_save_stack+0x45/0x70 [ 15.134638] kasan_save_track+0x18/0x40 [ 15.135123] kasan_save_alloc_info+0x3b/0x50 [ 15.135872] __kasan_kmalloc+0xb7/0xc0 [ 15.136318] __kmalloc_cache_noprof+0x189/0x420 [ 15.136844] kasan_atomics+0x95/0x310 [ 15.137304] kunit_try_run_case+0x1a5/0x480 [ 15.137794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.138371] kthread+0x337/0x6f0 [ 15.138661] ret_from_fork+0x116/0x1d0 [ 15.139211] ret_from_fork_asm+0x1a/0x30 [ 15.139412] [ 15.139615] The buggy address belongs to the object at ffff888103082e00 [ 15.139615] which belongs to the cache kmalloc-64 of size 64 [ 15.140722] The buggy address is located 0 bytes to the right of [ 15.140722] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.141413] [ 15.141602] The buggy address belongs to the physical page: [ 15.142147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.142841] flags: 0x200000000000000(node=0|zone=2) [ 15.143206] page_type: f5(slab) [ 15.143618] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.144486] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.145086] page dumped because: kasan: bad access detected [ 15.145434] [ 15.145509] Memory state around the buggy address: [ 15.145692] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.147395] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.147722] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.147959] ^ [ 15.148128] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.148352] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.148572] ================================================================== [ 15.737813] ================================================================== [ 15.738304] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.738963] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.739299] [ 15.739432] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.739493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.739507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.739530] Call Trace: [ 15.739547] <TASK> [ 15.739580] dump_stack_lvl+0x73/0xb0 [ 15.739612] print_report+0xd1/0x610 [ 15.739655] ? __virt_addr_valid+0x1db/0x2d0 [ 15.739680] ? kasan_atomics_helper+0x1217/0x5450 [ 15.739704] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.739730] ? kasan_atomics_helper+0x1217/0x5450 [ 15.739754] kasan_report+0x141/0x180 [ 15.739789] ? kasan_atomics_helper+0x1217/0x5450 [ 15.739817] kasan_check_range+0x10c/0x1c0 [ 15.739843] __kasan_check_write+0x18/0x20 [ 15.739865] kasan_atomics_helper+0x1217/0x5450 [ 15.739890] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.739916] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.739944] ? kasan_atomics+0x152/0x310 [ 15.739972] kasan_atomics+0x1dc/0x310 [ 15.739996] ? __pfx_kasan_atomics+0x10/0x10 [ 15.740023] ? __pfx_read_tsc+0x10/0x10 [ 15.740045] ? ktime_get_ts64+0x86/0x230 [ 15.740071] kunit_try_run_case+0x1a5/0x480 [ 15.740099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.740124] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.740151] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.740178] ? __kthread_parkme+0x82/0x180 [ 15.740201] ? preempt_count_sub+0x50/0x80 [ 15.740226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.740252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.740298] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.740325] kthread+0x337/0x6f0 [ 15.740347] ? trace_preempt_on+0x20/0xc0 [ 15.740371] ? __pfx_kthread+0x10/0x10 [ 15.740410] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.740433] ? calculate_sigpending+0x7b/0xa0 [ 15.740473] ? __pfx_kthread+0x10/0x10 [ 15.740507] ret_from_fork+0x116/0x1d0 [ 15.740528] ? __pfx_kthread+0x10/0x10 [ 15.740550] ret_from_fork_asm+0x1a/0x30 [ 15.740583] </TASK> [ 15.740594] [ 15.748501] Allocated by task 282: [ 15.748703] kasan_save_stack+0x45/0x70 [ 15.748943] kasan_save_track+0x18/0x40 [ 15.749179] kasan_save_alloc_info+0x3b/0x50 [ 15.749415] __kasan_kmalloc+0xb7/0xc0 [ 15.749668] __kmalloc_cache_noprof+0x189/0x420 [ 15.749978] kasan_atomics+0x95/0x310 [ 15.750149] kunit_try_run_case+0x1a5/0x480 [ 15.750295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.750487] kthread+0x337/0x6f0 [ 15.750654] ret_from_fork+0x116/0x1d0 [ 15.750851] ret_from_fork_asm+0x1a/0x30 [ 15.751207] [ 15.751278] The buggy address belongs to the object at ffff888103082e00 [ 15.751278] which belongs to the cache kmalloc-64 of size 64 [ 15.752029] The buggy address is located 0 bytes to the right of [ 15.752029] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.752802] [ 15.752888] The buggy address belongs to the physical page: [ 15.753081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.753318] flags: 0x200000000000000(node=0|zone=2) [ 15.753478] page_type: f5(slab) [ 15.753597] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.753909] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.754268] page dumped because: kasan: bad access detected [ 15.754538] [ 15.754651] Memory state around the buggy address: [ 15.754914] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.755289] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.755651] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.755978] ^ [ 15.756151] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.756363] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.756731] ================================================================== [ 16.237981] ================================================================== [ 16.238854] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.239360] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.239965] [ 16.240158] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.240204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.240218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.240241] Call Trace: [ 16.240258] <TASK> [ 16.240276] dump_stack_lvl+0x73/0xb0 [ 16.240306] print_report+0xd1/0x610 [ 16.240349] ? __virt_addr_valid+0x1db/0x2d0 [ 16.240374] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.240398] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.240424] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.240448] kasan_report+0x141/0x180 [ 16.240483] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.240511] kasan_check_range+0x10c/0x1c0 [ 16.240537] __kasan_check_write+0x18/0x20 [ 16.240558] kasan_atomics_helper+0x1ce1/0x5450 [ 16.240583] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.240608] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.240636] ? kasan_atomics+0x152/0x310 [ 16.240663] kasan_atomics+0x1dc/0x310 [ 16.240687] ? __pfx_kasan_atomics+0x10/0x10 [ 16.240715] ? __pfx_read_tsc+0x10/0x10 [ 16.240737] ? ktime_get_ts64+0x86/0x230 [ 16.240775] kunit_try_run_case+0x1a5/0x480 [ 16.240803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.240829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.240859] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.240887] ? __kthread_parkme+0x82/0x180 [ 16.240910] ? preempt_count_sub+0x50/0x80 [ 16.240936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.240963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.240990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.241018] kthread+0x337/0x6f0 [ 16.241040] ? trace_preempt_on+0x20/0xc0 [ 16.241066] ? __pfx_kthread+0x10/0x10 [ 16.241089] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.241112] ? calculate_sigpending+0x7b/0xa0 [ 16.241138] ? __pfx_kthread+0x10/0x10 [ 16.241161] ret_from_fork+0x116/0x1d0 [ 16.241181] ? __pfx_kthread+0x10/0x10 [ 16.241203] ret_from_fork_asm+0x1a/0x30 [ 16.241235] </TASK> [ 16.241247] [ 16.248596] Allocated by task 282: [ 16.248803] kasan_save_stack+0x45/0x70 [ 16.248989] kasan_save_track+0x18/0x40 [ 16.249172] kasan_save_alloc_info+0x3b/0x50 [ 16.249384] __kasan_kmalloc+0xb7/0xc0 [ 16.249628] __kmalloc_cache_noprof+0x189/0x420 [ 16.249847] kasan_atomics+0x95/0x310 [ 16.250058] kunit_try_run_case+0x1a5/0x480 [ 16.250264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.250611] kthread+0x337/0x6f0 [ 16.250786] ret_from_fork+0x116/0x1d0 [ 16.250956] ret_from_fork_asm+0x1a/0x30 [ 16.251192] [ 16.251319] The buggy address belongs to the object at ffff888103082e00 [ 16.251319] which belongs to the cache kmalloc-64 of size 64 [ 16.251887] The buggy address is located 0 bytes to the right of [ 16.251887] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.252426] [ 16.252549] The buggy address belongs to the physical page: [ 16.252859] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.253091] flags: 0x200000000000000(node=0|zone=2) [ 16.253249] page_type: f5(slab) [ 16.253367] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.253888] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.254229] page dumped because: kasan: bad access detected [ 16.254498] [ 16.254624] Memory state around the buggy address: [ 16.254895] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.255266] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.255635] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.255986] ^ [ 16.256201] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.256565] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.256802] ================================================================== [ 15.718834] ================================================================== [ 15.719192] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.719550] Read of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.719863] [ 15.719993] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.720052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.720079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.720100] Call Trace: [ 15.720117] <TASK> [ 15.720133] dump_stack_lvl+0x73/0xb0 [ 15.720164] print_report+0xd1/0x610 [ 15.720188] ? __virt_addr_valid+0x1db/0x2d0 [ 15.720214] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.720238] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.720264] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.720289] kasan_report+0x141/0x180 [ 15.720313] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.720342] __asan_report_load4_noabort+0x18/0x20 [ 15.720369] kasan_atomics_helper+0x4a02/0x5450 [ 15.720412] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.720446] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.720474] ? kasan_atomics+0x152/0x310 [ 15.720502] kasan_atomics+0x1dc/0x310 [ 15.720526] ? __pfx_kasan_atomics+0x10/0x10 [ 15.720552] ? __pfx_read_tsc+0x10/0x10 [ 15.720575] ? ktime_get_ts64+0x86/0x230 [ 15.720617] kunit_try_run_case+0x1a5/0x480 [ 15.720658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.720696] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.720736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.720799] ? __kthread_parkme+0x82/0x180 [ 15.720835] ? preempt_count_sub+0x50/0x80 [ 15.720887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.720916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.720942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.720971] kthread+0x337/0x6f0 [ 15.720992] ? trace_preempt_on+0x20/0xc0 [ 15.721016] ? __pfx_kthread+0x10/0x10 [ 15.721039] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.721063] ? calculate_sigpending+0x7b/0xa0 [ 15.721089] ? __pfx_kthread+0x10/0x10 [ 15.721113] ret_from_fork+0x116/0x1d0 [ 15.721133] ? __pfx_kthread+0x10/0x10 [ 15.721155] ret_from_fork_asm+0x1a/0x30 [ 15.721188] </TASK> [ 15.721200] [ 15.729214] Allocated by task 282: [ 15.729340] kasan_save_stack+0x45/0x70 [ 15.729582] kasan_save_track+0x18/0x40 [ 15.729790] kasan_save_alloc_info+0x3b/0x50 [ 15.730026] __kasan_kmalloc+0xb7/0xc0 [ 15.730220] __kmalloc_cache_noprof+0x189/0x420 [ 15.730504] kasan_atomics+0x95/0x310 [ 15.730736] kunit_try_run_case+0x1a5/0x480 [ 15.730982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.731246] kthread+0x337/0x6f0 [ 15.731403] ret_from_fork+0x116/0x1d0 [ 15.731666] ret_from_fork_asm+0x1a/0x30 [ 15.731880] [ 15.731986] The buggy address belongs to the object at ffff888103082e00 [ 15.731986] which belongs to the cache kmalloc-64 of size 64 [ 15.732372] The buggy address is located 0 bytes to the right of [ 15.732372] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.733158] [ 15.733261] The buggy address belongs to the physical page: [ 15.733574] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.733958] flags: 0x200000000000000(node=0|zone=2) [ 15.734187] page_type: f5(slab) [ 15.734337] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.734565] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.734809] page dumped because: kasan: bad access detected [ 15.735084] [ 15.735207] Memory state around the buggy address: [ 15.735459] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.736014] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.736349] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.736665] ^ [ 15.736899] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.737133] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.737342] ================================================================== [ 16.342740] ================================================================== [ 16.343104] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.343589] Read of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.344168] [ 16.344390] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.344442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.344567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.344592] Call Trace: [ 16.344609] <TASK> [ 16.344626] dump_stack_lvl+0x73/0xb0 [ 16.344660] print_report+0xd1/0x610 [ 16.344685] ? __virt_addr_valid+0x1db/0x2d0 [ 16.344711] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.344735] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.344773] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.344797] kasan_report+0x141/0x180 [ 16.344821] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.344851] __asan_report_load8_noabort+0x18/0x20 [ 16.344879] kasan_atomics_helper+0x4f71/0x5450 [ 16.344904] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.344929] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.344957] ? kasan_atomics+0x152/0x310 [ 16.344986] kasan_atomics+0x1dc/0x310 [ 16.345011] ? __pfx_kasan_atomics+0x10/0x10 [ 16.345038] ? __pfx_read_tsc+0x10/0x10 [ 16.345062] ? ktime_get_ts64+0x86/0x230 [ 16.345088] kunit_try_run_case+0x1a5/0x480 [ 16.345115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.345140] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.345167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.345194] ? __kthread_parkme+0x82/0x180 [ 16.345216] ? preempt_count_sub+0x50/0x80 [ 16.345242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.345269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.345296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.345324] kthread+0x337/0x6f0 [ 16.345345] ? trace_preempt_on+0x20/0xc0 [ 16.345371] ? __pfx_kthread+0x10/0x10 [ 16.345394] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.345418] ? calculate_sigpending+0x7b/0xa0 [ 16.345457] ? __pfx_kthread+0x10/0x10 [ 16.345481] ret_from_fork+0x116/0x1d0 [ 16.345501] ? __pfx_kthread+0x10/0x10 [ 16.345524] ret_from_fork_asm+0x1a/0x30 [ 16.345557] </TASK> [ 16.345568] [ 16.356295] Allocated by task 282: [ 16.356798] kasan_save_stack+0x45/0x70 [ 16.357119] kasan_save_track+0x18/0x40 [ 16.357330] kasan_save_alloc_info+0x3b/0x50 [ 16.357673] __kasan_kmalloc+0xb7/0xc0 [ 16.357950] __kmalloc_cache_noprof+0x189/0x420 [ 16.358237] kasan_atomics+0x95/0x310 [ 16.358559] kunit_try_run_case+0x1a5/0x480 [ 16.358870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.359219] kthread+0x337/0x6f0 [ 16.359388] ret_from_fork+0x116/0x1d0 [ 16.359724] ret_from_fork_asm+0x1a/0x30 [ 16.360011] [ 16.360118] The buggy address belongs to the object at ffff888103082e00 [ 16.360118] which belongs to the cache kmalloc-64 of size 64 [ 16.360901] The buggy address is located 0 bytes to the right of [ 16.360901] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.361578] [ 16.361797] The buggy address belongs to the physical page: [ 16.362045] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.362353] flags: 0x200000000000000(node=0|zone=2) [ 16.362803] page_type: f5(slab) [ 16.363066] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.363472] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.363908] page dumped because: kasan: bad access detected [ 16.364236] [ 16.364446] Memory state around the buggy address: [ 16.364746] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.365083] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.365359] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.366067] ^ [ 16.366282] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.366784] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.367210] ================================================================== [ 15.013540] ================================================================== [ 15.013890] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 15.014322] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.014806] [ 15.015000] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.015047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.015059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.015082] Call Trace: [ 15.015127] <TASK> [ 15.015143] dump_stack_lvl+0x73/0xb0 [ 15.015175] print_report+0xd1/0x610 [ 15.015216] ? __virt_addr_valid+0x1db/0x2d0 [ 15.015241] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.015264] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.015289] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.015313] kasan_report+0x141/0x180 [ 15.015336] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.015363] __asan_report_store4_noabort+0x1b/0x30 [ 15.015390] kasan_atomics_helper+0x4ba2/0x5450 [ 15.015414] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.015437] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.015464] ? kasan_atomics+0x152/0x310 [ 15.015491] kasan_atomics+0x1dc/0x310 [ 15.015515] ? __pfx_kasan_atomics+0x10/0x10 [ 15.015542] ? __pfx_read_tsc+0x10/0x10 [ 15.015564] ? ktime_get_ts64+0x86/0x230 [ 15.015590] kunit_try_run_case+0x1a5/0x480 [ 15.015616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.015640] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.015667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.015692] ? __kthread_parkme+0x82/0x180 [ 15.015714] ? preempt_count_sub+0x50/0x80 [ 15.015739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.015776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.015803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.015840] kthread+0x337/0x6f0 [ 15.015860] ? trace_preempt_on+0x20/0xc0 [ 15.015885] ? __pfx_kthread+0x10/0x10 [ 15.015918] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.015942] ? calculate_sigpending+0x7b/0xa0 [ 15.015969] ? __pfx_kthread+0x10/0x10 [ 15.016003] ret_from_fork+0x116/0x1d0 [ 15.016033] ? __pfx_kthread+0x10/0x10 [ 15.016055] ret_from_fork_asm+0x1a/0x30 [ 15.016086] </TASK> [ 15.016096] [ 15.024368] Allocated by task 282: [ 15.024543] kasan_save_stack+0x45/0x70 [ 15.024738] kasan_save_track+0x18/0x40 [ 15.024887] kasan_save_alloc_info+0x3b/0x50 [ 15.025038] __kasan_kmalloc+0xb7/0xc0 [ 15.025173] __kmalloc_cache_noprof+0x189/0x420 [ 15.025563] kasan_atomics+0x95/0x310 [ 15.025770] kunit_try_run_case+0x1a5/0x480 [ 15.026006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.026262] kthread+0x337/0x6f0 [ 15.026554] ret_from_fork+0x116/0x1d0 [ 15.026770] ret_from_fork_asm+0x1a/0x30 [ 15.026994] [ 15.027162] The buggy address belongs to the object at ffff888103082e00 [ 15.027162] which belongs to the cache kmalloc-64 of size 64 [ 15.027706] The buggy address is located 0 bytes to the right of [ 15.027706] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.028401] [ 15.028475] The buggy address belongs to the physical page: [ 15.028834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.029267] flags: 0x200000000000000(node=0|zone=2) [ 15.029427] page_type: f5(slab) [ 15.029543] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.029776] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.029994] page dumped because: kasan: bad access detected [ 15.030501] [ 15.030596] Memory state around the buggy address: [ 15.030826] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.031455] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.031834] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.032043] ^ [ 15.032195] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.032404] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.033120] ================================================================== [ 16.206883] ================================================================== [ 16.208305] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.209229] Read of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.209579] [ 16.209985] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.210036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.210050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.210072] Call Trace: [ 16.210086] <TASK> [ 16.210103] dump_stack_lvl+0x73/0xb0 [ 16.210160] print_report+0xd1/0x610 [ 16.210185] ? __virt_addr_valid+0x1db/0x2d0 [ 16.210210] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.210234] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.210260] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.210284] kasan_report+0x141/0x180 [ 16.210308] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.210436] __asan_report_load8_noabort+0x18/0x20 [ 16.210479] kasan_atomics_helper+0x4f30/0x5450 [ 16.210505] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.210531] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.210561] ? kasan_atomics+0x152/0x310 [ 16.210589] kasan_atomics+0x1dc/0x310 [ 16.210614] ? __pfx_kasan_atomics+0x10/0x10 [ 16.210640] ? __pfx_read_tsc+0x10/0x10 [ 16.210663] ? ktime_get_ts64+0x86/0x230 [ 16.210690] kunit_try_run_case+0x1a5/0x480 [ 16.210717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.210743] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.210781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.210807] ? __kthread_parkme+0x82/0x180 [ 16.210831] ? preempt_count_sub+0x50/0x80 [ 16.210857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.210883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.210911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.210939] kthread+0x337/0x6f0 [ 16.210960] ? trace_preempt_on+0x20/0xc0 [ 16.210985] ? __pfx_kthread+0x10/0x10 [ 16.211007] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.211030] ? calculate_sigpending+0x7b/0xa0 [ 16.211056] ? __pfx_kthread+0x10/0x10 [ 16.211079] ret_from_fork+0x116/0x1d0 [ 16.211099] ? __pfx_kthread+0x10/0x10 [ 16.211121] ret_from_fork_asm+0x1a/0x30 [ 16.211154] </TASK> [ 16.211166] [ 16.224970] Allocated by task 282: [ 16.225331] kasan_save_stack+0x45/0x70 [ 16.225708] kasan_save_track+0x18/0x40 [ 16.226178] kasan_save_alloc_info+0x3b/0x50 [ 16.226606] __kasan_kmalloc+0xb7/0xc0 [ 16.226843] __kmalloc_cache_noprof+0x189/0x420 [ 16.227001] kasan_atomics+0x95/0x310 [ 16.227136] kunit_try_run_case+0x1a5/0x480 [ 16.227287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.227546] kthread+0x337/0x6f0 [ 16.228205] ret_from_fork+0x116/0x1d0 [ 16.228693] ret_from_fork_asm+0x1a/0x30 [ 16.229161] [ 16.229347] The buggy address belongs to the object at ffff888103082e00 [ 16.229347] which belongs to the cache kmalloc-64 of size 64 [ 16.230754] The buggy address is located 0 bytes to the right of [ 16.230754] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.231160] [ 16.231242] The buggy address belongs to the physical page: [ 16.231414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.231888] flags: 0x200000000000000(node=0|zone=2) [ 16.232319] page_type: f5(slab) [ 16.232486] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.233073] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.233298] page dumped because: kasan: bad access detected [ 16.233485] [ 16.233659] Memory state around the buggy address: [ 16.234122] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.234809] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.235434] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.236028] ^ [ 16.236186] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.236406] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.237052] ================================================================== [ 16.029261] ================================================================== [ 16.030044] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 16.030753] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.031146] [ 16.031244] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.031292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.031305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.031329] Call Trace: [ 16.031346] <TASK> [ 16.031364] dump_stack_lvl+0x73/0xb0 [ 16.031396] print_report+0xd1/0x610 [ 16.031421] ? __virt_addr_valid+0x1db/0x2d0 [ 16.031455] ? kasan_atomics_helper+0x1818/0x5450 [ 16.031478] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.031504] ? kasan_atomics_helper+0x1818/0x5450 [ 16.031529] kasan_report+0x141/0x180 [ 16.031553] ? kasan_atomics_helper+0x1818/0x5450 [ 16.031582] kasan_check_range+0x10c/0x1c0 [ 16.031608] __kasan_check_write+0x18/0x20 [ 16.031630] kasan_atomics_helper+0x1818/0x5450 [ 16.031655] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.031681] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.031708] ? kasan_atomics+0x152/0x310 [ 16.031737] kasan_atomics+0x1dc/0x310 [ 16.031771] ? __pfx_kasan_atomics+0x10/0x10 [ 16.031798] ? __pfx_read_tsc+0x10/0x10 [ 16.031822] ? ktime_get_ts64+0x86/0x230 [ 16.031848] kunit_try_run_case+0x1a5/0x480 [ 16.031874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.031900] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.031926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.031953] ? __kthread_parkme+0x82/0x180 [ 16.031976] ? preempt_count_sub+0x50/0x80 [ 16.032002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.032028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.032055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.032083] kthread+0x337/0x6f0 [ 16.032103] ? trace_preempt_on+0x20/0xc0 [ 16.032129] ? __pfx_kthread+0x10/0x10 [ 16.032151] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.032175] ? calculate_sigpending+0x7b/0xa0 [ 16.032201] ? __pfx_kthread+0x10/0x10 [ 16.032224] ret_from_fork+0x116/0x1d0 [ 16.032245] ? __pfx_kthread+0x10/0x10 [ 16.032267] ret_from_fork_asm+0x1a/0x30 [ 16.032299] </TASK> [ 16.032310] [ 16.044678] Allocated by task 282: [ 16.045008] kasan_save_stack+0x45/0x70 [ 16.045356] kasan_save_track+0x18/0x40 [ 16.045809] kasan_save_alloc_info+0x3b/0x50 [ 16.046201] __kasan_kmalloc+0xb7/0xc0 [ 16.046601] __kmalloc_cache_noprof+0x189/0x420 [ 16.047005] kasan_atomics+0x95/0x310 [ 16.047352] kunit_try_run_case+0x1a5/0x480 [ 16.047757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.048242] kthread+0x337/0x6f0 [ 16.048708] ret_from_fork+0x116/0x1d0 [ 16.049059] ret_from_fork_asm+0x1a/0x30 [ 16.049405] [ 16.049593] The buggy address belongs to the object at ffff888103082e00 [ 16.049593] which belongs to the cache kmalloc-64 of size 64 [ 16.050690] The buggy address is located 0 bytes to the right of [ 16.050690] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.051174] [ 16.051253] The buggy address belongs to the physical page: [ 16.051430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.052134] flags: 0x200000000000000(node=0|zone=2) [ 16.052610] page_type: f5(slab) [ 16.052917] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.053598] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.054241] page dumped because: kasan: bad access detected [ 16.054747] [ 16.054918] Memory state around the buggy address: [ 16.055129] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.055354] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.055857] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.056453] ^ [ 16.056895] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.057493] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.058022] ================================================================== [ 16.297054] ================================================================== [ 16.297562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.297972] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.298532] [ 16.298620] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.298665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.298678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.298700] Call Trace: [ 16.298713] <TASK> [ 16.298729] dump_stack_lvl+0x73/0xb0 [ 16.298757] print_report+0xd1/0x610 [ 16.298794] ? __virt_addr_valid+0x1db/0x2d0 [ 16.298856] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.298906] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.298932] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.298956] kasan_report+0x141/0x180 [ 16.298980] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.299009] kasan_check_range+0x10c/0x1c0 [ 16.299034] __kasan_check_write+0x18/0x20 [ 16.299087] kasan_atomics_helper+0x1eaa/0x5450 [ 16.299112] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.299138] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.299166] ? kasan_atomics+0x152/0x310 [ 16.299227] kasan_atomics+0x1dc/0x310 [ 16.299253] ? __pfx_kasan_atomics+0x10/0x10 [ 16.299279] ? __pfx_read_tsc+0x10/0x10 [ 16.299301] ? ktime_get_ts64+0x86/0x230 [ 16.299327] kunit_try_run_case+0x1a5/0x480 [ 16.299353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.299379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.299406] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.299432] ? __kthread_parkme+0x82/0x180 [ 16.299493] ? preempt_count_sub+0x50/0x80 [ 16.299543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.299571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.299598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.299626] kthread+0x337/0x6f0 [ 16.299648] ? trace_preempt_on+0x20/0xc0 [ 16.299673] ? __pfx_kthread+0x10/0x10 [ 16.299695] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.299720] ? calculate_sigpending+0x7b/0xa0 [ 16.299746] ? __pfx_kthread+0x10/0x10 [ 16.299783] ret_from_fork+0x116/0x1d0 [ 16.299804] ? __pfx_kthread+0x10/0x10 [ 16.299827] ret_from_fork_asm+0x1a/0x30 [ 16.299860] </TASK> [ 16.299872] [ 16.308352] Allocated by task 282: [ 16.308594] kasan_save_stack+0x45/0x70 [ 16.308835] kasan_save_track+0x18/0x40 [ 16.308976] kasan_save_alloc_info+0x3b/0x50 [ 16.309135] __kasan_kmalloc+0xb7/0xc0 [ 16.309313] __kmalloc_cache_noprof+0x189/0x420 [ 16.309685] kasan_atomics+0x95/0x310 [ 16.309888] kunit_try_run_case+0x1a5/0x480 [ 16.310059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.310309] kthread+0x337/0x6f0 [ 16.310489] ret_from_fork+0x116/0x1d0 [ 16.310715] ret_from_fork_asm+0x1a/0x30 [ 16.310927] [ 16.311028] The buggy address belongs to the object at ffff888103082e00 [ 16.311028] which belongs to the cache kmalloc-64 of size 64 [ 16.311620] The buggy address is located 0 bytes to the right of [ 16.311620] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.312185] [ 16.312314] The buggy address belongs to the physical page: [ 16.312630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.313026] flags: 0x200000000000000(node=0|zone=2) [ 16.313281] page_type: f5(slab) [ 16.313455] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.313829] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.314190] page dumped because: kasan: bad access detected [ 16.314396] [ 16.314537] Memory state around the buggy address: [ 16.314832] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.315201] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.315504] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.315912] ^ [ 16.316151] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.316421] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.316800] ================================================================== [ 16.276230] ================================================================== [ 16.276474] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.276836] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.277324] [ 16.277412] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.277456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.277469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.277491] Call Trace: [ 16.277506] <TASK> [ 16.277522] dump_stack_lvl+0x73/0xb0 [ 16.277552] print_report+0xd1/0x610 [ 16.277576] ? __virt_addr_valid+0x1db/0x2d0 [ 16.277601] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.277625] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.277651] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.277675] kasan_report+0x141/0x180 [ 16.277699] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.277727] kasan_check_range+0x10c/0x1c0 [ 16.277753] __kasan_check_write+0x18/0x20 [ 16.277788] kasan_atomics_helper+0x1e12/0x5450 [ 16.277813] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.277837] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.277865] ? kasan_atomics+0x152/0x310 [ 16.277892] kasan_atomics+0x1dc/0x310 [ 16.277916] ? __pfx_kasan_atomics+0x10/0x10 [ 16.277943] ? __pfx_read_tsc+0x10/0x10 [ 16.277965] ? ktime_get_ts64+0x86/0x230 [ 16.277991] kunit_try_run_case+0x1a5/0x480 [ 16.278018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.278043] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.278069] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.278096] ? __kthread_parkme+0x82/0x180 [ 16.278118] ? preempt_count_sub+0x50/0x80 [ 16.278144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.278172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.278198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.278227] kthread+0x337/0x6f0 [ 16.278247] ? trace_preempt_on+0x20/0xc0 [ 16.278272] ? __pfx_kthread+0x10/0x10 [ 16.278294] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.278318] ? calculate_sigpending+0x7b/0xa0 [ 16.278382] ? __pfx_kthread+0x10/0x10 [ 16.278407] ret_from_fork+0x116/0x1d0 [ 16.278453] ? __pfx_kthread+0x10/0x10 [ 16.278499] ret_from_fork_asm+0x1a/0x30 [ 16.278532] </TASK> [ 16.278543] [ 16.287490] Allocated by task 282: [ 16.287699] kasan_save_stack+0x45/0x70 [ 16.287930] kasan_save_track+0x18/0x40 [ 16.288115] kasan_save_alloc_info+0x3b/0x50 [ 16.288352] __kasan_kmalloc+0xb7/0xc0 [ 16.288610] __kmalloc_cache_noprof+0x189/0x420 [ 16.288856] kasan_atomics+0x95/0x310 [ 16.289047] kunit_try_run_case+0x1a5/0x480 [ 16.289253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.289553] kthread+0x337/0x6f0 [ 16.289725] ret_from_fork+0x116/0x1d0 [ 16.289889] ret_from_fork_asm+0x1a/0x30 [ 16.290119] [ 16.290245] The buggy address belongs to the object at ffff888103082e00 [ 16.290245] which belongs to the cache kmalloc-64 of size 64 [ 16.290803] The buggy address is located 0 bytes to the right of [ 16.290803] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.291339] [ 16.291493] The buggy address belongs to the physical page: [ 16.291751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.292009] flags: 0x200000000000000(node=0|zone=2) [ 16.292170] page_type: f5(slab) [ 16.292289] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.292551] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.292929] page dumped because: kasan: bad access detected [ 16.293175] [ 16.293267] Memory state around the buggy address: [ 16.293539] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.293869] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.294183] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.294392] ^ [ 16.294543] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.295055] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.295415] ================================================================== [ 16.151437] ================================================================== [ 16.151703] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 16.151962] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.152263] [ 16.152375] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.152420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.152434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.152468] Call Trace: [ 16.152485] <TASK> [ 16.152501] dump_stack_lvl+0x73/0xb0 [ 16.152532] print_report+0xd1/0x610 [ 16.152557] ? __virt_addr_valid+0x1db/0x2d0 [ 16.152582] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.152606] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.152631] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.152656] kasan_report+0x141/0x180 [ 16.152681] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.152713] kasan_check_range+0x10c/0x1c0 [ 16.152742] __kasan_check_write+0x18/0x20 [ 16.152775] kasan_atomics_helper+0x1b22/0x5450 [ 16.152801] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.152827] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.152855] ? kasan_atomics+0x152/0x310 [ 16.152884] kasan_atomics+0x1dc/0x310 [ 16.152913] ? __pfx_kasan_atomics+0x10/0x10 [ 16.152941] ? __pfx_read_tsc+0x10/0x10 [ 16.152966] ? ktime_get_ts64+0x86/0x230 [ 16.152993] kunit_try_run_case+0x1a5/0x480 [ 16.153020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.153045] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.153073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.153099] ? __kthread_parkme+0x82/0x180 [ 16.153124] ? preempt_count_sub+0x50/0x80 [ 16.153149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.153177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.153203] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.153230] kthread+0x337/0x6f0 [ 16.153251] ? trace_preempt_on+0x20/0xc0 [ 16.153275] ? __pfx_kthread+0x10/0x10 [ 16.153298] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.153322] ? calculate_sigpending+0x7b/0xa0 [ 16.153349] ? __pfx_kthread+0x10/0x10 [ 16.153371] ret_from_fork+0x116/0x1d0 [ 16.153392] ? __pfx_kthread+0x10/0x10 [ 16.153415] ret_from_fork_asm+0x1a/0x30 [ 16.153462] </TASK> [ 16.153474] [ 16.166822] Allocated by task 282: [ 16.167275] kasan_save_stack+0x45/0x70 [ 16.167718] kasan_save_track+0x18/0x40 [ 16.167879] kasan_save_alloc_info+0x3b/0x50 [ 16.168035] __kasan_kmalloc+0xb7/0xc0 [ 16.168174] __kmalloc_cache_noprof+0x189/0x420 [ 16.168334] kasan_atomics+0x95/0x310 [ 16.168749] kunit_try_run_case+0x1a5/0x480 [ 16.169232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.169693] kthread+0x337/0x6f0 [ 16.169989] ret_from_fork+0x116/0x1d0 [ 16.170319] ret_from_fork_asm+0x1a/0x30 [ 16.170752] [ 16.170995] The buggy address belongs to the object at ffff888103082e00 [ 16.170995] which belongs to the cache kmalloc-64 of size 64 [ 16.171720] The buggy address is located 0 bytes to the right of [ 16.171720] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.172473] [ 16.172702] The buggy address belongs to the physical page: [ 16.172964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.173296] flags: 0x200000000000000(node=0|zone=2) [ 16.173836] page_type: f5(slab) [ 16.174104] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.174742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.175215] page dumped because: kasan: bad access detected [ 16.175602] [ 16.175699] Memory state around the buggy address: [ 16.175929] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.176236] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.176909] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.177353] ^ [ 16.177864] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.178326] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.178859] ================================================================== [ 16.492602] ================================================================== [ 16.492947] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.493577] Read of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.494104] [ 16.494215] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.494390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.494405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.494428] Call Trace: [ 16.494457] <TASK> [ 16.494474] dump_stack_lvl+0x73/0xb0 [ 16.494509] print_report+0xd1/0x610 [ 16.494534] ? __virt_addr_valid+0x1db/0x2d0 [ 16.494558] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.494582] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.494608] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.494631] kasan_report+0x141/0x180 [ 16.494657] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.494686] __asan_report_load8_noabort+0x18/0x20 [ 16.494714] kasan_atomics_helper+0x4fa5/0x5450 [ 16.494739] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.494777] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.494805] ? kasan_atomics+0x152/0x310 [ 16.494832] kasan_atomics+0x1dc/0x310 [ 16.494857] ? __pfx_kasan_atomics+0x10/0x10 [ 16.494884] ? __pfx_read_tsc+0x10/0x10 [ 16.494907] ? ktime_get_ts64+0x86/0x230 [ 16.494934] kunit_try_run_case+0x1a5/0x480 [ 16.494961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.494987] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.495013] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.495040] ? __kthread_parkme+0x82/0x180 [ 16.495062] ? preempt_count_sub+0x50/0x80 [ 16.495088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.495115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.495143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.495170] kthread+0x337/0x6f0 [ 16.495195] ? trace_preempt_on+0x20/0xc0 [ 16.495220] ? __pfx_kthread+0x10/0x10 [ 16.495242] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.495265] ? calculate_sigpending+0x7b/0xa0 [ 16.495291] ? __pfx_kthread+0x10/0x10 [ 16.495315] ret_from_fork+0x116/0x1d0 [ 16.495335] ? __pfx_kthread+0x10/0x10 [ 16.495357] ret_from_fork_asm+0x1a/0x30 [ 16.495390] </TASK> [ 16.495402] [ 16.506029] Allocated by task 282: [ 16.506338] kasan_save_stack+0x45/0x70 [ 16.506677] kasan_save_track+0x18/0x40 [ 16.506897] kasan_save_alloc_info+0x3b/0x50 [ 16.507098] __kasan_kmalloc+0xb7/0xc0 [ 16.507277] __kmalloc_cache_noprof+0x189/0x420 [ 16.507868] kasan_atomics+0x95/0x310 [ 16.508095] kunit_try_run_case+0x1a5/0x480 [ 16.508294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.508708] kthread+0x337/0x6f0 [ 16.509018] ret_from_fork+0x116/0x1d0 [ 16.509352] ret_from_fork_asm+0x1a/0x30 [ 16.509652] [ 16.509908] The buggy address belongs to the object at ffff888103082e00 [ 16.509908] which belongs to the cache kmalloc-64 of size 64 [ 16.510738] The buggy address is located 0 bytes to the right of [ 16.510738] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.511403] [ 16.511833] The buggy address belongs to the physical page: [ 16.512134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.512686] flags: 0x200000000000000(node=0|zone=2) [ 16.513128] page_type: f5(slab) [ 16.513309] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.513984] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.514410] page dumped because: kasan: bad access detected [ 16.514799] [ 16.514900] Memory state around the buggy address: [ 16.515115] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.515418] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.515998] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.516596] ^ [ 16.516830] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.517136] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.517423] ================================================================== [ 16.317346] ================================================================== [ 16.317617] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.318094] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.318601] [ 16.318721] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.318816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.318830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.318852] Call Trace: [ 16.318867] <TASK> [ 16.318881] dump_stack_lvl+0x73/0xb0 [ 16.318948] print_report+0xd1/0x610 [ 16.319000] ? __virt_addr_valid+0x1db/0x2d0 [ 16.319025] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.319049] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.319076] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.319101] kasan_report+0x141/0x180 [ 16.319126] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.319159] kasan_check_range+0x10c/0x1c0 [ 16.319193] __kasan_check_write+0x18/0x20 [ 16.319215] kasan_atomics_helper+0x1f43/0x5450 [ 16.319243] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.319269] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.319296] ? kasan_atomics+0x152/0x310 [ 16.319325] kasan_atomics+0x1dc/0x310 [ 16.319350] ? __pfx_kasan_atomics+0x10/0x10 [ 16.319377] ? __pfx_read_tsc+0x10/0x10 [ 16.319401] ? ktime_get_ts64+0x86/0x230 [ 16.319427] kunit_try_run_case+0x1a5/0x480 [ 16.319454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.319479] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.319506] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.319532] ? __kthread_parkme+0x82/0x180 [ 16.319555] ? preempt_count_sub+0x50/0x80 [ 16.319581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.319608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.319635] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.319699] kthread+0x337/0x6f0 [ 16.319745] ? trace_preempt_on+0x20/0xc0 [ 16.319969] ? __pfx_kthread+0x10/0x10 [ 16.320024] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.320049] ? calculate_sigpending+0x7b/0xa0 [ 16.320076] ? __pfx_kthread+0x10/0x10 [ 16.320099] ret_from_fork+0x116/0x1d0 [ 16.320120] ? __pfx_kthread+0x10/0x10 [ 16.320143] ret_from_fork_asm+0x1a/0x30 [ 16.320176] </TASK> [ 16.320188] [ 16.331063] Allocated by task 282: [ 16.331416] kasan_save_stack+0x45/0x70 [ 16.331638] kasan_save_track+0x18/0x40 [ 16.331827] kasan_save_alloc_info+0x3b/0x50 [ 16.332029] __kasan_kmalloc+0xb7/0xc0 [ 16.332200] __kmalloc_cache_noprof+0x189/0x420 [ 16.332404] kasan_atomics+0x95/0x310 [ 16.332919] kunit_try_run_case+0x1a5/0x480 [ 16.333194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.333511] kthread+0x337/0x6f0 [ 16.333811] ret_from_fork+0x116/0x1d0 [ 16.334100] ret_from_fork_asm+0x1a/0x30 [ 16.334397] [ 16.334550] The buggy address belongs to the object at ffff888103082e00 [ 16.334550] which belongs to the cache kmalloc-64 of size 64 [ 16.335330] The buggy address is located 0 bytes to the right of [ 16.335330] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.336031] [ 16.336233] The buggy address belongs to the physical page: [ 16.336626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.336984] flags: 0x200000000000000(node=0|zone=2) [ 16.337203] page_type: f5(slab) [ 16.337367] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.337972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.338367] page dumped because: kasan: bad access detected [ 16.338796] [ 16.338909] Memory state around the buggy address: [ 16.339306] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.339723] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.340156] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.340565] ^ [ 16.340889] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341307] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341713] ================================================================== [ 15.367072] ================================================================== [ 15.367388] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.367883] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.368178] [ 15.368294] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.368341] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.368354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.368377] Call Trace: [ 15.368392] <TASK> [ 15.368408] dump_stack_lvl+0x73/0xb0 [ 15.368441] print_report+0xd1/0x610 [ 15.368465] ? __virt_addr_valid+0x1db/0x2d0 [ 15.368491] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.368515] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.368540] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.368565] kasan_report+0x141/0x180 [ 15.368589] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.368617] kasan_check_range+0x10c/0x1c0 [ 15.368643] __kasan_check_write+0x18/0x20 [ 15.368664] kasan_atomics_helper+0xa2b/0x5450 [ 15.368690] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.368716] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.368745] ? kasan_atomics+0x152/0x310 [ 15.368786] kasan_atomics+0x1dc/0x310 [ 15.368811] ? __pfx_kasan_atomics+0x10/0x10 [ 15.368838] ? __pfx_read_tsc+0x10/0x10 [ 15.368861] ? ktime_get_ts64+0x86/0x230 [ 15.368888] kunit_try_run_case+0x1a5/0x480 [ 15.368914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.368939] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.368967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.368994] ? __kthread_parkme+0x82/0x180 [ 15.369017] ? preempt_count_sub+0x50/0x80 [ 15.369044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.369071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.369098] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.369126] kthread+0x337/0x6f0 [ 15.369147] ? trace_preempt_on+0x20/0xc0 [ 15.369173] ? __pfx_kthread+0x10/0x10 [ 15.369195] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.369219] ? calculate_sigpending+0x7b/0xa0 [ 15.369245] ? __pfx_kthread+0x10/0x10 [ 15.369268] ret_from_fork+0x116/0x1d0 [ 15.369289] ? __pfx_kthread+0x10/0x10 [ 15.369312] ret_from_fork_asm+0x1a/0x30 [ 15.369345] </TASK> [ 15.369356] [ 15.376894] Allocated by task 282: [ 15.377060] kasan_save_stack+0x45/0x70 [ 15.377212] kasan_save_track+0x18/0x40 [ 15.377354] kasan_save_alloc_info+0x3b/0x50 [ 15.377524] __kasan_kmalloc+0xb7/0xc0 [ 15.377721] __kmalloc_cache_noprof+0x189/0x420 [ 15.377959] kasan_atomics+0x95/0x310 [ 15.378154] kunit_try_run_case+0x1a5/0x480 [ 15.378372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.378630] kthread+0x337/0x6f0 [ 15.378811] ret_from_fork+0x116/0x1d0 [ 15.379025] ret_from_fork_asm+0x1a/0x30 [ 15.379202] [ 15.379277] The buggy address belongs to the object at ffff888103082e00 [ 15.379277] which belongs to the cache kmalloc-64 of size 64 [ 15.379789] The buggy address is located 0 bytes to the right of [ 15.379789] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.380297] [ 15.380397] The buggy address belongs to the physical page: [ 15.380621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.380967] flags: 0x200000000000000(node=0|zone=2) [ 15.381204] page_type: f5(slab) [ 15.381376] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.381696] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.381964] page dumped because: kasan: bad access detected [ 15.382139] [ 15.382211] Memory state around the buggy address: [ 15.382369] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.382646] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.382972] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.383421] ^ [ 15.383633] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.383864] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.384080] ================================================================== [ 15.149899] ================================================================== [ 15.151992] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.153785] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.155138] [ 15.155477] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.155531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.155546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.155570] Call Trace: [ 15.155592] <TASK> [ 15.155611] dump_stack_lvl+0x73/0xb0 [ 15.156006] print_report+0xd1/0x610 [ 15.156034] ? __virt_addr_valid+0x1db/0x2d0 [ 15.156073] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.156099] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.156163] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.156188] kasan_report+0x141/0x180 [ 15.156213] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.156242] __asan_report_store4_noabort+0x1b/0x30 [ 15.156271] kasan_atomics_helper+0x4b3a/0x5450 [ 15.156297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.156322] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.156351] ? kasan_atomics+0x152/0x310 [ 15.156380] kasan_atomics+0x1dc/0x310 [ 15.156406] ? __pfx_kasan_atomics+0x10/0x10 [ 15.156432] ? __pfx_read_tsc+0x10/0x10 [ 15.156466] ? ktime_get_ts64+0x86/0x230 [ 15.156493] kunit_try_run_case+0x1a5/0x480 [ 15.156521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.156546] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.156574] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.156600] ? __kthread_parkme+0x82/0x180 [ 15.156624] ? preempt_count_sub+0x50/0x80 [ 15.156651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.156678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.156705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.156733] kthread+0x337/0x6f0 [ 15.156754] ? trace_preempt_on+0x20/0xc0 [ 15.156799] ? __pfx_kthread+0x10/0x10 [ 15.156822] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.156845] ? calculate_sigpending+0x7b/0xa0 [ 15.156873] ? __pfx_kthread+0x10/0x10 [ 15.156898] ret_from_fork+0x116/0x1d0 [ 15.156919] ? __pfx_kthread+0x10/0x10 [ 15.156941] ret_from_fork_asm+0x1a/0x30 [ 15.156974] </TASK> [ 15.156986] [ 15.172552] Allocated by task 282: [ 15.172749] kasan_save_stack+0x45/0x70 [ 15.173356] kasan_save_track+0x18/0x40 [ 15.173667] kasan_save_alloc_info+0x3b/0x50 [ 15.174104] __kasan_kmalloc+0xb7/0xc0 [ 15.174443] __kmalloc_cache_noprof+0x189/0x420 [ 15.174823] kasan_atomics+0x95/0x310 [ 15.175305] kunit_try_run_case+0x1a5/0x480 [ 15.175630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.176162] kthread+0x337/0x6f0 [ 15.176305] ret_from_fork+0x116/0x1d0 [ 15.176727] ret_from_fork_asm+0x1a/0x30 [ 15.176947] [ 15.177275] The buggy address belongs to the object at ffff888103082e00 [ 15.177275] which belongs to the cache kmalloc-64 of size 64 [ 15.177945] The buggy address is located 0 bytes to the right of [ 15.177945] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.179337] [ 15.179457] The buggy address belongs to the physical page: [ 15.179661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.180296] flags: 0x200000000000000(node=0|zone=2) [ 15.180860] page_type: f5(slab) [ 15.181132] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.181426] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.181823] page dumped because: kasan: bad access detected [ 15.182211] [ 15.182316] Memory state around the buggy address: [ 15.182859] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.183376] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.184028] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.184567] ^ [ 15.184769] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.185306] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.185918] ================================================================== [ 15.450959] ================================================================== [ 15.451279] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.451922] Read of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.452402] [ 15.452585] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.452634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.452648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.452670] Call Trace: [ 15.452685] <TASK> [ 15.452700] dump_stack_lvl+0x73/0xb0 [ 15.452733] print_report+0xd1/0x610 [ 15.452772] ? __virt_addr_valid+0x1db/0x2d0 [ 15.452797] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.453110] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.453137] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.453162] kasan_report+0x141/0x180 [ 15.453187] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.453217] __asan_report_load4_noabort+0x18/0x20 [ 15.453244] kasan_atomics_helper+0x4a84/0x5450 [ 15.453270] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.453296] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.453325] ? kasan_atomics+0x152/0x310 [ 15.453354] kasan_atomics+0x1dc/0x310 [ 15.453378] ? __pfx_kasan_atomics+0x10/0x10 [ 15.453405] ? __pfx_read_tsc+0x10/0x10 [ 15.453428] ? ktime_get_ts64+0x86/0x230 [ 15.453466] kunit_try_run_case+0x1a5/0x480 [ 15.453493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.453520] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.453547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.453574] ? __kthread_parkme+0x82/0x180 [ 15.453597] ? preempt_count_sub+0x50/0x80 [ 15.453624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.453652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.453680] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.453708] kthread+0x337/0x6f0 [ 15.453729] ? trace_preempt_on+0x20/0xc0 [ 15.453755] ? __pfx_kthread+0x10/0x10 [ 15.453791] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.453814] ? calculate_sigpending+0x7b/0xa0 [ 15.453841] ? __pfx_kthread+0x10/0x10 [ 15.453864] ret_from_fork+0x116/0x1d0 [ 15.453884] ? __pfx_kthread+0x10/0x10 [ 15.453907] ret_from_fork_asm+0x1a/0x30 [ 15.453940] </TASK> [ 15.453951] [ 15.463455] Allocated by task 282: [ 15.463632] kasan_save_stack+0x45/0x70 [ 15.464004] kasan_save_track+0x18/0x40 [ 15.464206] kasan_save_alloc_info+0x3b/0x50 [ 15.464404] __kasan_kmalloc+0xb7/0xc0 [ 15.464720] __kmalloc_cache_noprof+0x189/0x420 [ 15.464940] kasan_atomics+0x95/0x310 [ 15.465136] kunit_try_run_case+0x1a5/0x480 [ 15.465333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.465770] kthread+0x337/0x6f0 [ 15.466009] ret_from_fork+0x116/0x1d0 [ 15.466199] ret_from_fork_asm+0x1a/0x30 [ 15.466509] [ 15.466613] The buggy address belongs to the object at ffff888103082e00 [ 15.466613] which belongs to the cache kmalloc-64 of size 64 [ 15.467217] The buggy address is located 0 bytes to the right of [ 15.467217] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.467902] [ 15.468003] The buggy address belongs to the physical page: [ 15.468197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.468756] flags: 0x200000000000000(node=0|zone=2) [ 15.469009] page_type: f5(slab) [ 15.469167] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.469656] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.470039] page dumped because: kasan: bad access detected [ 15.470354] [ 15.470450] Memory state around the buggy address: [ 15.470838] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.471195] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.471570] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.471828] ^ [ 15.472136] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.472611] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.472919] ================================================================== [ 14.989907] ================================================================== [ 14.991715] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.992159] Read of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 14.992502] [ 14.992658] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.992706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.992749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.992789] Call Trace: [ 14.992801] <TASK> [ 14.992818] dump_stack_lvl+0x73/0xb0 [ 14.992850] print_report+0xd1/0x610 [ 14.992874] ? __virt_addr_valid+0x1db/0x2d0 [ 14.992899] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.992922] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.992947] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.992970] kasan_report+0x141/0x180 [ 14.993009] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.993037] __asan_report_load4_noabort+0x18/0x20 [ 14.993063] kasan_atomics_helper+0x4bbc/0x5450 [ 14.993087] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.993138] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.993167] ? kasan_atomics+0x152/0x310 [ 14.993207] kasan_atomics+0x1dc/0x310 [ 14.993231] ? __pfx_kasan_atomics+0x10/0x10 [ 14.993257] ? __pfx_read_tsc+0x10/0x10 [ 14.993279] ? ktime_get_ts64+0x86/0x230 [ 14.993306] kunit_try_run_case+0x1a5/0x480 [ 14.993333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.993358] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.993384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.993409] ? __kthread_parkme+0x82/0x180 [ 14.993432] ? preempt_count_sub+0x50/0x80 [ 14.993467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.993494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.993520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.993546] kthread+0x337/0x6f0 [ 14.993566] ? trace_preempt_on+0x20/0xc0 [ 14.993591] ? __pfx_kthread+0x10/0x10 [ 14.993612] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.993635] ? calculate_sigpending+0x7b/0xa0 [ 14.993661] ? __pfx_kthread+0x10/0x10 [ 14.993684] ret_from_fork+0x116/0x1d0 [ 14.993704] ? __pfx_kthread+0x10/0x10 [ 14.993725] ret_from_fork_asm+0x1a/0x30 [ 14.993767] </TASK> [ 14.993778] [ 15.002540] Allocated by task 282: [ 15.002728] kasan_save_stack+0x45/0x70 [ 15.002995] kasan_save_track+0x18/0x40 [ 15.003251] kasan_save_alloc_info+0x3b/0x50 [ 15.003461] __kasan_kmalloc+0xb7/0xc0 [ 15.003598] __kmalloc_cache_noprof+0x189/0x420 [ 15.003770] kasan_atomics+0x95/0x310 [ 15.004145] kunit_try_run_case+0x1a5/0x480 [ 15.004374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.004772] kthread+0x337/0x6f0 [ 15.005031] ret_from_fork+0x116/0x1d0 [ 15.005282] ret_from_fork_asm+0x1a/0x30 [ 15.005431] [ 15.005505] The buggy address belongs to the object at ffff888103082e00 [ 15.005505] which belongs to the cache kmalloc-64 of size 64 [ 15.006336] The buggy address is located 0 bytes to the right of [ 15.006336] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.006872] [ 15.007047] The buggy address belongs to the physical page: [ 15.007362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.007756] flags: 0x200000000000000(node=0|zone=2) [ 15.007940] page_type: f5(slab) [ 15.008066] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.008706] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.009078] page dumped because: kasan: bad access detected [ 15.009411] [ 15.009565] Memory state around the buggy address: [ 15.009814] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.010250] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.010541] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.010882] ^ [ 15.011271] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.011623] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.011968] ================================================================== [ 16.394363] ================================================================== [ 16.394961] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.395405] Read of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.395814] [ 16.396032] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.396275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.396290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.396312] Call Trace: [ 16.396328] <TASK> [ 16.396343] dump_stack_lvl+0x73/0xb0 [ 16.396375] print_report+0xd1/0x610 [ 16.396399] ? __virt_addr_valid+0x1db/0x2d0 [ 16.396423] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.396463] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.396489] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.396513] kasan_report+0x141/0x180 [ 16.396537] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.396566] __asan_report_load8_noabort+0x18/0x20 [ 16.396593] kasan_atomics_helper+0x4f98/0x5450 [ 16.396618] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.396643] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.396671] ? kasan_atomics+0x152/0x310 [ 16.396700] kasan_atomics+0x1dc/0x310 [ 16.396724] ? __pfx_kasan_atomics+0x10/0x10 [ 16.396751] ? __pfx_read_tsc+0x10/0x10 [ 16.396786] ? ktime_get_ts64+0x86/0x230 [ 16.396812] kunit_try_run_case+0x1a5/0x480 [ 16.396840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.396865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.396892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.396918] ? __kthread_parkme+0x82/0x180 [ 16.396940] ? preempt_count_sub+0x50/0x80 [ 16.396966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.396993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.397020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.397048] kthread+0x337/0x6f0 [ 16.397068] ? trace_preempt_on+0x20/0xc0 [ 16.397094] ? __pfx_kthread+0x10/0x10 [ 16.397116] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.397139] ? calculate_sigpending+0x7b/0xa0 [ 16.397166] ? __pfx_kthread+0x10/0x10 [ 16.397188] ret_from_fork+0x116/0x1d0 [ 16.397209] ? __pfx_kthread+0x10/0x10 [ 16.397231] ret_from_fork_asm+0x1a/0x30 [ 16.397263] </TASK> [ 16.397275] [ 16.407525] Allocated by task 282: [ 16.408039] kasan_save_stack+0x45/0x70 [ 16.408319] kasan_save_track+0x18/0x40 [ 16.408595] kasan_save_alloc_info+0x3b/0x50 [ 16.408920] __kasan_kmalloc+0xb7/0xc0 [ 16.409114] __kmalloc_cache_noprof+0x189/0x420 [ 16.409492] kasan_atomics+0x95/0x310 [ 16.409706] kunit_try_run_case+0x1a5/0x480 [ 16.410069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.410397] kthread+0x337/0x6f0 [ 16.410698] ret_from_fork+0x116/0x1d0 [ 16.410860] ret_from_fork_asm+0x1a/0x30 [ 16.411211] [ 16.411295] The buggy address belongs to the object at ffff888103082e00 [ 16.411295] which belongs to the cache kmalloc-64 of size 64 [ 16.412058] The buggy address is located 0 bytes to the right of [ 16.412058] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.412759] [ 16.413010] The buggy address belongs to the physical page: [ 16.413243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.413620] flags: 0x200000000000000(node=0|zone=2) [ 16.413881] page_type: f5(slab) [ 16.414261] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.414785] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.415099] page dumped because: kasan: bad access detected [ 16.415456] [ 16.415641] Memory state around the buggy address: [ 16.415978] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.416367] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.416844] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.417191] ^ [ 16.417425] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.417872] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.418240] ================================================================== [ 15.212443] ================================================================== [ 15.212737] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.213479] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.213841] [ 15.214135] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.214185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.214199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.214222] Call Trace: [ 15.214239] <TASK> [ 15.214255] dump_stack_lvl+0x73/0xb0 [ 15.214288] print_report+0xd1/0x610 [ 15.214314] ? __virt_addr_valid+0x1db/0x2d0 [ 15.214466] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.214490] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.214516] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.214540] kasan_report+0x141/0x180 [ 15.214565] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.214593] kasan_check_range+0x10c/0x1c0 [ 15.214619] __kasan_check_write+0x18/0x20 [ 15.214641] kasan_atomics_helper+0x5fe/0x5450 [ 15.214665] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.214690] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.214717] ? kasan_atomics+0x152/0x310 [ 15.214746] kasan_atomics+0x1dc/0x310 [ 15.214783] ? __pfx_kasan_atomics+0x10/0x10 [ 15.214810] ? __pfx_read_tsc+0x10/0x10 [ 15.214833] ? ktime_get_ts64+0x86/0x230 [ 15.214859] kunit_try_run_case+0x1a5/0x480 [ 15.214887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.214914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.214941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.214969] ? __kthread_parkme+0x82/0x180 [ 15.214995] ? preempt_count_sub+0x50/0x80 [ 15.215021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.215048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.215075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.215104] kthread+0x337/0x6f0 [ 15.215125] ? trace_preempt_on+0x20/0xc0 [ 15.215151] ? __pfx_kthread+0x10/0x10 [ 15.215174] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.215201] ? calculate_sigpending+0x7b/0xa0 [ 15.215228] ? __pfx_kthread+0x10/0x10 [ 15.215251] ret_from_fork+0x116/0x1d0 [ 15.215272] ? __pfx_kthread+0x10/0x10 [ 15.215294] ret_from_fork_asm+0x1a/0x30 [ 15.215327] </TASK> [ 15.215338] [ 15.226475] Allocated by task 282: [ 15.226754] kasan_save_stack+0x45/0x70 [ 15.226968] kasan_save_track+0x18/0x40 [ 15.227467] kasan_save_alloc_info+0x3b/0x50 [ 15.227632] __kasan_kmalloc+0xb7/0xc0 [ 15.227965] __kmalloc_cache_noprof+0x189/0x420 [ 15.228371] kasan_atomics+0x95/0x310 [ 15.228550] kunit_try_run_case+0x1a5/0x480 [ 15.228915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.229379] kthread+0x337/0x6f0 [ 15.229581] ret_from_fork+0x116/0x1d0 [ 15.229771] ret_from_fork_asm+0x1a/0x30 [ 15.229953] [ 15.230309] The buggy address belongs to the object at ffff888103082e00 [ 15.230309] which belongs to the cache kmalloc-64 of size 64 [ 15.230943] The buggy address is located 0 bytes to the right of [ 15.230943] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.231681] [ 15.231807] The buggy address belongs to the physical page: [ 15.232186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.232743] flags: 0x200000000000000(node=0|zone=2) [ 15.233085] page_type: f5(slab) [ 15.233277] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.233819] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.234276] page dumped because: kasan: bad access detected [ 15.234649] [ 15.234832] Memory state around the buggy address: [ 15.235191] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.235552] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.235837] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.236277] ^ [ 15.236449] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.237006] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.237385] ================================================================== [ 15.952776] ================================================================== [ 15.953087] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.953412] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.953712] [ 15.953808] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.953851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.953864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.953886] Call Trace: [ 15.953899] <TASK> [ 15.953913] dump_stack_lvl+0x73/0xb0 [ 15.953942] print_report+0xd1/0x610 [ 15.953967] ? __virt_addr_valid+0x1db/0x2d0 [ 15.953992] ? kasan_atomics_helper+0x164f/0x5450 [ 15.954015] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.954040] ? kasan_atomics_helper+0x164f/0x5450 [ 15.954064] kasan_report+0x141/0x180 [ 15.954087] ? kasan_atomics_helper+0x164f/0x5450 [ 15.954116] kasan_check_range+0x10c/0x1c0 [ 15.954141] __kasan_check_write+0x18/0x20 [ 15.954163] kasan_atomics_helper+0x164f/0x5450 [ 15.954187] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.954211] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.954239] ? kasan_atomics+0x152/0x310 [ 15.954267] kasan_atomics+0x1dc/0x310 [ 15.954291] ? __pfx_kasan_atomics+0x10/0x10 [ 15.954317] ? __pfx_read_tsc+0x10/0x10 [ 15.954339] ? ktime_get_ts64+0x86/0x230 [ 15.954365] kunit_try_run_case+0x1a5/0x480 [ 15.954392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.954417] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.954444] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.954469] ? __kthread_parkme+0x82/0x180 [ 15.954492] ? preempt_count_sub+0x50/0x80 [ 15.954518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.954546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.954574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.954612] kthread+0x337/0x6f0 [ 15.954634] ? trace_preempt_on+0x20/0xc0 [ 15.954659] ? __pfx_kthread+0x10/0x10 [ 15.954681] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.954706] ? calculate_sigpending+0x7b/0xa0 [ 15.954733] ? __pfx_kthread+0x10/0x10 [ 15.954756] ret_from_fork+0x116/0x1d0 [ 15.954788] ? __pfx_kthread+0x10/0x10 [ 15.954810] ret_from_fork_asm+0x1a/0x30 [ 15.954843] </TASK> [ 15.954854] [ 15.962521] Allocated by task 282: [ 15.962677] kasan_save_stack+0x45/0x70 [ 15.962882] kasan_save_track+0x18/0x40 [ 15.963060] kasan_save_alloc_info+0x3b/0x50 [ 15.963278] __kasan_kmalloc+0xb7/0xc0 [ 15.963414] __kmalloc_cache_noprof+0x189/0x420 [ 15.963673] kasan_atomics+0x95/0x310 [ 15.963831] kunit_try_run_case+0x1a5/0x480 [ 15.964039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.964221] kthread+0x337/0x6f0 [ 15.964386] ret_from_fork+0x116/0x1d0 [ 15.964519] ret_from_fork_asm+0x1a/0x30 [ 15.964662] [ 15.964756] The buggy address belongs to the object at ffff888103082e00 [ 15.964756] which belongs to the cache kmalloc-64 of size 64 [ 15.965274] The buggy address is located 0 bytes to the right of [ 15.965274] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.965948] [ 15.966044] The buggy address belongs to the physical page: [ 15.966242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.966577] flags: 0x200000000000000(node=0|zone=2) [ 15.966740] page_type: f5(slab) [ 15.966894] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.967242] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.967607] page dumped because: kasan: bad access detected [ 15.967821] [ 15.967892] Memory state around the buggy address: [ 15.968043] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.968255] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.968465] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.968737] ^ [ 15.968965] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.969275] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.969617] ================================================================== [ 15.348023] ================================================================== [ 15.348370] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.348962] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.349260] [ 15.349377] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.349423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.349437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.349472] Call Trace: [ 15.349490] <TASK> [ 15.349507] dump_stack_lvl+0x73/0xb0 [ 15.349541] print_report+0xd1/0x610 [ 15.349566] ? __virt_addr_valid+0x1db/0x2d0 [ 15.349593] ? kasan_atomics_helper+0x992/0x5450 [ 15.349617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.349642] ? kasan_atomics_helper+0x992/0x5450 [ 15.349667] kasan_report+0x141/0x180 [ 15.349690] ? kasan_atomics_helper+0x992/0x5450 [ 15.349718] kasan_check_range+0x10c/0x1c0 [ 15.349744] __kasan_check_write+0x18/0x20 [ 15.349778] kasan_atomics_helper+0x992/0x5450 [ 15.349803] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.349829] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.349857] ? kasan_atomics+0x152/0x310 [ 15.349886] kasan_atomics+0x1dc/0x310 [ 15.349911] ? __pfx_kasan_atomics+0x10/0x10 [ 15.349938] ? __pfx_read_tsc+0x10/0x10 [ 15.349961] ? ktime_get_ts64+0x86/0x230 [ 15.349988] kunit_try_run_case+0x1a5/0x480 [ 15.350015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.350040] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.350069] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.350095] ? __kthread_parkme+0x82/0x180 [ 15.350118] ? preempt_count_sub+0x50/0x80 [ 15.350144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.350171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.350198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.350225] kthread+0x337/0x6f0 [ 15.350246] ? trace_preempt_on+0x20/0xc0 [ 15.350271] ? __pfx_kthread+0x10/0x10 [ 15.350293] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.350317] ? calculate_sigpending+0x7b/0xa0 [ 15.350343] ? __pfx_kthread+0x10/0x10 [ 15.350366] ret_from_fork+0x116/0x1d0 [ 15.350386] ? __pfx_kthread+0x10/0x10 [ 15.350409] ret_from_fork_asm+0x1a/0x30 [ 15.350440] </TASK> [ 15.350452] [ 15.358089] Allocated by task 282: [ 15.358251] kasan_save_stack+0x45/0x70 [ 15.358463] kasan_save_track+0x18/0x40 [ 15.358609] kasan_save_alloc_info+0x3b/0x50 [ 15.358824] __kasan_kmalloc+0xb7/0xc0 [ 15.358993] __kmalloc_cache_noprof+0x189/0x420 [ 15.359153] kasan_atomics+0x95/0x310 [ 15.359350] kunit_try_run_case+0x1a5/0x480 [ 15.360313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.360708] kthread+0x337/0x6f0 [ 15.360875] ret_from_fork+0x116/0x1d0 [ 15.361077] ret_from_fork_asm+0x1a/0x30 [ 15.361245] [ 15.361344] The buggy address belongs to the object at ffff888103082e00 [ 15.361344] which belongs to the cache kmalloc-64 of size 64 [ 15.361908] The buggy address is located 0 bytes to the right of [ 15.361908] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.362308] [ 15.362384] The buggy address belongs to the physical page: [ 15.362563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.362922] flags: 0x200000000000000(node=0|zone=2) [ 15.363171] page_type: f5(slab) [ 15.363346] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.363585] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.363827] page dumped because: kasan: bad access detected [ 15.364007] [ 15.364096] Memory state around the buggy address: [ 15.364326] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.364935] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.365265] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.365690] ^ [ 15.365903] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.366155] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.366420] ================================================================== [ 15.474187] ================================================================== [ 15.474595] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.475134] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.476145] [ 15.476515] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.476567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.476582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.476606] Call Trace: [ 15.476624] <TASK> [ 15.476640] dump_stack_lvl+0x73/0xb0 [ 15.476674] print_report+0xd1/0x610 [ 15.476699] ? __virt_addr_valid+0x1db/0x2d0 [ 15.476724] ? kasan_atomics_helper+0xd47/0x5450 [ 15.476749] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.476785] ? kasan_atomics_helper+0xd47/0x5450 [ 15.476809] kasan_report+0x141/0x180 [ 15.476833] ? kasan_atomics_helper+0xd47/0x5450 [ 15.476861] kasan_check_range+0x10c/0x1c0 [ 15.476887] __kasan_check_write+0x18/0x20 [ 15.476909] kasan_atomics_helper+0xd47/0x5450 [ 15.476934] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.476959] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.476987] ? kasan_atomics+0x152/0x310 [ 15.477015] kasan_atomics+0x1dc/0x310 [ 15.477041] ? __pfx_kasan_atomics+0x10/0x10 [ 15.477069] ? __pfx_read_tsc+0x10/0x10 [ 15.477092] ? ktime_get_ts64+0x86/0x230 [ 15.477119] kunit_try_run_case+0x1a5/0x480 [ 15.477145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.477170] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.477198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.477225] ? __kthread_parkme+0x82/0x180 [ 15.477247] ? preempt_count_sub+0x50/0x80 [ 15.477273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.477301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.477328] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.477356] kthread+0x337/0x6f0 [ 15.477377] ? trace_preempt_on+0x20/0xc0 [ 15.477403] ? __pfx_kthread+0x10/0x10 [ 15.477425] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.477597] ? calculate_sigpending+0x7b/0xa0 [ 15.477631] ? __pfx_kthread+0x10/0x10 [ 15.477696] ret_from_fork+0x116/0x1d0 [ 15.477719] ? __pfx_kthread+0x10/0x10 [ 15.477741] ret_from_fork_asm+0x1a/0x30 [ 15.477783] </TASK> [ 15.477797] [ 15.493149] Allocated by task 282: [ 15.493304] kasan_save_stack+0x45/0x70 [ 15.493802] kasan_save_track+0x18/0x40 [ 15.494181] kasan_save_alloc_info+0x3b/0x50 [ 15.494550] __kasan_kmalloc+0xb7/0xc0 [ 15.494744] __kmalloc_cache_noprof+0x189/0x420 [ 15.494959] kasan_atomics+0x95/0x310 [ 15.495138] kunit_try_run_case+0x1a5/0x480 [ 15.495325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.496028] kthread+0x337/0x6f0 [ 15.496235] ret_from_fork+0x116/0x1d0 [ 15.496774] ret_from_fork_asm+0x1a/0x30 [ 15.497293] [ 15.497417] The buggy address belongs to the object at ffff888103082e00 [ 15.497417] which belongs to the cache kmalloc-64 of size 64 [ 15.498175] The buggy address is located 0 bytes to the right of [ 15.498175] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.499117] [ 15.499245] The buggy address belongs to the physical page: [ 15.499621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.500441] flags: 0x200000000000000(node=0|zone=2) [ 15.500884] page_type: f5(slab) [ 15.501051] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.501368] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.502262] page dumped because: kasan: bad access detected [ 15.502881] [ 15.503155] Memory state around the buggy address: [ 15.503724] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.504135] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.504684] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.505142] ^ [ 15.505368] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.506182] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.506841] ================================================================== [ 15.931833] ================================================================== [ 15.933076] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.933446] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.934421] [ 15.934520] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.934568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.934582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.934606] Call Trace: [ 15.934621] <TASK> [ 15.934638] dump_stack_lvl+0x73/0xb0 [ 15.934672] print_report+0xd1/0x610 [ 15.934697] ? __virt_addr_valid+0x1db/0x2d0 [ 15.934722] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.934745] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.934787] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.934812] kasan_report+0x141/0x180 [ 15.934835] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.934863] kasan_check_range+0x10c/0x1c0 [ 15.934889] __kasan_check_write+0x18/0x20 [ 15.934910] kasan_atomics_helper+0x15b6/0x5450 [ 15.934934] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.934958] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.934985] ? kasan_atomics+0x152/0x310 [ 15.935015] kasan_atomics+0x1dc/0x310 [ 15.935038] ? __pfx_kasan_atomics+0x10/0x10 [ 15.935067] ? __pfx_read_tsc+0x10/0x10 [ 15.935093] ? ktime_get_ts64+0x86/0x230 [ 15.935122] kunit_try_run_case+0x1a5/0x480 [ 15.935149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.935174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.935207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.935233] ? __kthread_parkme+0x82/0x180 [ 15.935255] ? preempt_count_sub+0x50/0x80 [ 15.935281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.935309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.935336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.935364] kthread+0x337/0x6f0 [ 15.935385] ? trace_preempt_on+0x20/0xc0 [ 15.935410] ? __pfx_kthread+0x10/0x10 [ 15.935433] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.935456] ? calculate_sigpending+0x7b/0xa0 [ 15.935483] ? __pfx_kthread+0x10/0x10 [ 15.935506] ret_from_fork+0x116/0x1d0 [ 15.935528] ? __pfx_kthread+0x10/0x10 [ 15.935552] ret_from_fork_asm+0x1a/0x30 [ 15.935585] </TASK> [ 15.935596] [ 15.944397] Allocated by task 282: [ 15.944535] kasan_save_stack+0x45/0x70 [ 15.944702] kasan_save_track+0x18/0x40 [ 15.944926] kasan_save_alloc_info+0x3b/0x50 [ 15.945141] __kasan_kmalloc+0xb7/0xc0 [ 15.945329] __kmalloc_cache_noprof+0x189/0x420 [ 15.945618] kasan_atomics+0x95/0x310 [ 15.945804] kunit_try_run_case+0x1a5/0x480 [ 15.945982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.946162] kthread+0x337/0x6f0 [ 15.946286] ret_from_fork+0x116/0x1d0 [ 15.946471] ret_from_fork_asm+0x1a/0x30 [ 15.946669] [ 15.946779] The buggy address belongs to the object at ffff888103082e00 [ 15.946779] which belongs to the cache kmalloc-64 of size 64 [ 15.947317] The buggy address is located 0 bytes to the right of [ 15.947317] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.947921] [ 15.948020] The buggy address belongs to the physical page: [ 15.948263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.948631] flags: 0x200000000000000(node=0|zone=2) [ 15.948808] page_type: f5(slab) [ 15.948933] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.949186] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.949519] page dumped because: kasan: bad access detected [ 15.949967] [ 15.950071] Memory state around the buggy address: [ 15.950298] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.950628] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.950859] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.951092] ^ [ 15.951324] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.951834] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.952137] ================================================================== [ 15.842863] ================================================================== [ 15.843252] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.843533] Read of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.843883] [ 15.843994] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.844039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.844051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.844074] Call Trace: [ 15.844088] <TASK> [ 15.844102] dump_stack_lvl+0x73/0xb0 [ 15.844132] print_report+0xd1/0x610 [ 15.844157] ? __virt_addr_valid+0x1db/0x2d0 [ 15.844183] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.844207] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.844233] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.844257] kasan_report+0x141/0x180 [ 15.844282] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.844311] __asan_report_load8_noabort+0x18/0x20 [ 15.844340] kasan_atomics_helper+0x4eae/0x5450 [ 15.844365] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.844390] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.844417] ? kasan_atomics+0x152/0x310 [ 15.844454] kasan_atomics+0x1dc/0x310 [ 15.844479] ? __pfx_kasan_atomics+0x10/0x10 [ 15.844505] ? __pfx_read_tsc+0x10/0x10 [ 15.844528] ? ktime_get_ts64+0x86/0x230 [ 15.844554] kunit_try_run_case+0x1a5/0x480 [ 15.844581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.844607] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.844633] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.844660] ? __kthread_parkme+0x82/0x180 [ 15.844682] ? preempt_count_sub+0x50/0x80 [ 15.844707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.844736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.844775] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.844803] kthread+0x337/0x6f0 [ 15.844824] ? trace_preempt_on+0x20/0xc0 [ 15.844849] ? __pfx_kthread+0x10/0x10 [ 15.844871] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.844894] ? calculate_sigpending+0x7b/0xa0 [ 15.844921] ? __pfx_kthread+0x10/0x10 [ 15.844944] ret_from_fork+0x116/0x1d0 [ 15.844964] ? __pfx_kthread+0x10/0x10 [ 15.844987] ret_from_fork_asm+0x1a/0x30 [ 15.845018] </TASK> [ 15.845029] [ 15.852270] Allocated by task 282: [ 15.852431] kasan_save_stack+0x45/0x70 [ 15.852641] kasan_save_track+0x18/0x40 [ 15.852809] kasan_save_alloc_info+0x3b/0x50 [ 15.853031] __kasan_kmalloc+0xb7/0xc0 [ 15.853184] __kmalloc_cache_noprof+0x189/0x420 [ 15.853389] kasan_atomics+0x95/0x310 [ 15.853572] kunit_try_run_case+0x1a5/0x480 [ 15.853791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.854028] kthread+0x337/0x6f0 [ 15.854177] ret_from_fork+0x116/0x1d0 [ 15.854326] ret_from_fork_asm+0x1a/0x30 [ 15.854590] [ 15.854775] The buggy address belongs to the object at ffff888103082e00 [ 15.854775] which belongs to the cache kmalloc-64 of size 64 [ 15.855203] The buggy address is located 0 bytes to the right of [ 15.855203] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.855571] [ 15.855643] The buggy address belongs to the physical page: [ 15.855850] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.856284] flags: 0x200000000000000(node=0|zone=2) [ 15.856515] page_type: f5(slab) [ 15.856658] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.856900] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.857129] page dumped because: kasan: bad access detected [ 15.857302] [ 15.857390] Memory state around the buggy address: [ 15.857832] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.858151] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.858471] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.858960] ^ [ 15.859166] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.859387] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.859602] ================================================================== [ 15.991612] ================================================================== [ 15.992369] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.993336] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.994150] [ 15.994458] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.994515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.994529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.994553] Call Trace: [ 15.994570] <TASK> [ 15.994587] dump_stack_lvl+0x73/0xb0 [ 15.994621] print_report+0xd1/0x610 [ 15.994646] ? __virt_addr_valid+0x1db/0x2d0 [ 15.994672] ? kasan_atomics_helper+0x177f/0x5450 [ 15.994696] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.994722] ? kasan_atomics_helper+0x177f/0x5450 [ 15.994747] kasan_report+0x141/0x180 [ 15.994783] ? kasan_atomics_helper+0x177f/0x5450 [ 15.994812] kasan_check_range+0x10c/0x1c0 [ 15.994838] __kasan_check_write+0x18/0x20 [ 15.994859] kasan_atomics_helper+0x177f/0x5450 [ 15.994884] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.994909] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.994936] ? kasan_atomics+0x152/0x310 [ 15.994965] kasan_atomics+0x1dc/0x310 [ 15.994989] ? __pfx_kasan_atomics+0x10/0x10 [ 15.995015] ? __pfx_read_tsc+0x10/0x10 [ 15.995037] ? ktime_get_ts64+0x86/0x230 [ 15.995064] kunit_try_run_case+0x1a5/0x480 [ 15.995091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.995116] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.995143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.995169] ? __kthread_parkme+0x82/0x180 [ 15.995198] ? preempt_count_sub+0x50/0x80 [ 15.995223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.995252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.995279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.995307] kthread+0x337/0x6f0 [ 15.995328] ? trace_preempt_on+0x20/0xc0 [ 15.995352] ? __pfx_kthread+0x10/0x10 [ 15.995374] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.995398] ? calculate_sigpending+0x7b/0xa0 [ 15.995431] ? __pfx_kthread+0x10/0x10 [ 15.995453] ret_from_fork+0x116/0x1d0 [ 15.995474] ? __pfx_kthread+0x10/0x10 [ 15.995496] ret_from_fork_asm+0x1a/0x30 [ 15.995529] </TASK> [ 15.995540] [ 16.011871] Allocated by task 282: [ 16.012258] kasan_save_stack+0x45/0x70 [ 16.012778] kasan_save_track+0x18/0x40 [ 16.013194] kasan_save_alloc_info+0x3b/0x50 [ 16.013359] __kasan_kmalloc+0xb7/0xc0 [ 16.013879] __kmalloc_cache_noprof+0x189/0x420 [ 16.014484] kasan_atomics+0x95/0x310 [ 16.014961] kunit_try_run_case+0x1a5/0x480 [ 16.015123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.015311] kthread+0x337/0x6f0 [ 16.015664] ret_from_fork+0x116/0x1d0 [ 16.016192] ret_from_fork_asm+0x1a/0x30 [ 16.016757] [ 16.017063] The buggy address belongs to the object at ffff888103082e00 [ 16.017063] which belongs to the cache kmalloc-64 of size 64 [ 16.018227] The buggy address is located 0 bytes to the right of [ 16.018227] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.019364] [ 16.019700] The buggy address belongs to the physical page: [ 16.020201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.020673] flags: 0x200000000000000(node=0|zone=2) [ 16.021256] page_type: f5(slab) [ 16.021757] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.022293] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.022948] page dumped because: kasan: bad access detected [ 16.023638] [ 16.023957] Memory state around the buggy address: [ 16.024158] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.024384] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.025375] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.026253] ^ [ 16.026676] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.027173] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.027400] ================================================================== [ 16.257217] ================================================================== [ 16.257445] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.257966] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.258365] [ 16.258476] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.258538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.258566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.258603] Call Trace: [ 16.258617] <TASK> [ 16.258644] dump_stack_lvl+0x73/0xb0 [ 16.258675] print_report+0xd1/0x610 [ 16.258714] ? __virt_addr_valid+0x1db/0x2d0 [ 16.258752] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.258786] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.258824] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.258860] kasan_report+0x141/0x180 [ 16.258883] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.258923] kasan_check_range+0x10c/0x1c0 [ 16.258949] __kasan_check_write+0x18/0x20 [ 16.258971] kasan_atomics_helper+0x1d7a/0x5450 [ 16.258997] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.259022] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.259050] ? kasan_atomics+0x152/0x310 [ 16.259080] kasan_atomics+0x1dc/0x310 [ 16.259106] ? __pfx_kasan_atomics+0x10/0x10 [ 16.259133] ? __pfx_read_tsc+0x10/0x10 [ 16.259157] ? ktime_get_ts64+0x86/0x230 [ 16.259188] kunit_try_run_case+0x1a5/0x480 [ 16.259214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.259240] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.259268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.259295] ? __kthread_parkme+0x82/0x180 [ 16.259318] ? preempt_count_sub+0x50/0x80 [ 16.259344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.259371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.259398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.259426] kthread+0x337/0x6f0 [ 16.259457] ? trace_preempt_on+0x20/0xc0 [ 16.259483] ? __pfx_kthread+0x10/0x10 [ 16.259507] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.259531] ? calculate_sigpending+0x7b/0xa0 [ 16.259558] ? __pfx_kthread+0x10/0x10 [ 16.259582] ret_from_fork+0x116/0x1d0 [ 16.259603] ? __pfx_kthread+0x10/0x10 [ 16.259625] ret_from_fork_asm+0x1a/0x30 [ 16.259657] </TASK> [ 16.259668] [ 16.267604] Allocated by task 282: [ 16.267812] kasan_save_stack+0x45/0x70 [ 16.268045] kasan_save_track+0x18/0x40 [ 16.268255] kasan_save_alloc_info+0x3b/0x50 [ 16.268506] __kasan_kmalloc+0xb7/0xc0 [ 16.268706] __kmalloc_cache_noprof+0x189/0x420 [ 16.268924] kasan_atomics+0x95/0x310 [ 16.269076] kunit_try_run_case+0x1a5/0x480 [ 16.269278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.269642] kthread+0x337/0x6f0 [ 16.269775] ret_from_fork+0x116/0x1d0 [ 16.269908] ret_from_fork_asm+0x1a/0x30 [ 16.270111] [ 16.270243] The buggy address belongs to the object at ffff888103082e00 [ 16.270243] which belongs to the cache kmalloc-64 of size 64 [ 16.270966] The buggy address is located 0 bytes to the right of [ 16.270966] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.271510] [ 16.271636] The buggy address belongs to the physical page: [ 16.271891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.272271] flags: 0x200000000000000(node=0|zone=2) [ 16.272583] page_type: f5(slab) [ 16.272776] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.273083] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.273458] page dumped because: kasan: bad access detected [ 16.273710] [ 16.273815] Memory state around the buggy address: [ 16.274063] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.274378] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.274703] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.275038] ^ [ 16.275296] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.275614] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.275835] ================================================================== [ 15.094220] ================================================================== [ 15.094657] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.094910] Read of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.095136] [ 15.095228] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.095271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.095284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.095306] Call Trace: [ 15.095323] <TASK> [ 15.095338] dump_stack_lvl+0x73/0xb0 [ 15.095366] print_report+0xd1/0x610 [ 15.095390] ? __virt_addr_valid+0x1db/0x2d0 [ 15.095413] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.095436] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.095459] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.095482] kasan_report+0x141/0x180 [ 15.095505] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.095532] __asan_report_load4_noabort+0x18/0x20 [ 15.095558] kasan_atomics_helper+0x4b54/0x5450 [ 15.095581] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.095604] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.095630] ? kasan_atomics+0x152/0x310 [ 15.095658] kasan_atomics+0x1dc/0x310 [ 15.095694] ? __pfx_kasan_atomics+0x10/0x10 [ 15.095742] ? __pfx_read_tsc+0x10/0x10 [ 15.095782] ? ktime_get_ts64+0x86/0x230 [ 15.095811] kunit_try_run_case+0x1a5/0x480 [ 15.095838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.095864] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.095891] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.095917] ? __kthread_parkme+0x82/0x180 [ 15.095940] ? preempt_count_sub+0x50/0x80 [ 15.095967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.095993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.096021] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.096049] kthread+0x337/0x6f0 [ 15.096070] ? trace_preempt_on+0x20/0xc0 [ 15.096095] ? __pfx_kthread+0x10/0x10 [ 15.096118] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.096141] ? calculate_sigpending+0x7b/0xa0 [ 15.096168] ? __pfx_kthread+0x10/0x10 [ 15.096193] ret_from_fork+0x116/0x1d0 [ 15.096217] ? __pfx_kthread+0x10/0x10 [ 15.096239] ret_from_fork_asm+0x1a/0x30 [ 15.096274] </TASK> [ 15.096284] [ 15.105284] Allocated by task 282: [ 15.105529] kasan_save_stack+0x45/0x70 [ 15.105675] kasan_save_track+0x18/0x40 [ 15.105823] kasan_save_alloc_info+0x3b/0x50 [ 15.105979] __kasan_kmalloc+0xb7/0xc0 [ 15.106115] __kmalloc_cache_noprof+0x189/0x420 [ 15.106304] kasan_atomics+0x95/0x310 [ 15.106671] kunit_try_run_case+0x1a5/0x480 [ 15.106908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.107280] kthread+0x337/0x6f0 [ 15.107583] ret_from_fork+0x116/0x1d0 [ 15.107785] ret_from_fork_asm+0x1a/0x30 [ 15.107995] [ 15.108094] The buggy address belongs to the object at ffff888103082e00 [ 15.108094] which belongs to the cache kmalloc-64 of size 64 [ 15.108489] The buggy address is located 0 bytes to the right of [ 15.108489] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.108869] [ 15.108945] The buggy address belongs to the physical page: [ 15.109119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.109360] flags: 0x200000000000000(node=0|zone=2) [ 15.109561] page_type: f5(slab) [ 15.109753] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.110106] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.110450] page dumped because: kasan: bad access detected [ 15.110703] [ 15.110814] Memory state around the buggy address: [ 15.111024] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.111332] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.112409] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.113799] ^ [ 15.114071] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.114295] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.114512] ================================================================== [ 15.860310] ================================================================== [ 15.860653] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.861050] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.861354] [ 15.861466] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.861508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.861521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.861543] Call Trace: [ 15.861558] <TASK> [ 15.861572] dump_stack_lvl+0x73/0xb0 [ 15.861601] print_report+0xd1/0x610 [ 15.861625] ? __virt_addr_valid+0x1db/0x2d0 [ 15.861649] ? kasan_atomics_helper+0x1467/0x5450 [ 15.861672] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.861698] ? kasan_atomics_helper+0x1467/0x5450 [ 15.861722] kasan_report+0x141/0x180 [ 15.861746] ? kasan_atomics_helper+0x1467/0x5450 [ 15.861786] kasan_check_range+0x10c/0x1c0 [ 15.861812] __kasan_check_write+0x18/0x20 [ 15.861833] kasan_atomics_helper+0x1467/0x5450 [ 15.861858] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.861883] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.861910] ? kasan_atomics+0x152/0x310 [ 15.861938] kasan_atomics+0x1dc/0x310 [ 15.861962] ? __pfx_kasan_atomics+0x10/0x10 [ 15.861989] ? __pfx_read_tsc+0x10/0x10 [ 15.862011] ? ktime_get_ts64+0x86/0x230 [ 15.862037] kunit_try_run_case+0x1a5/0x480 [ 15.862063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.862089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.862115] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.862140] ? __kthread_parkme+0x82/0x180 [ 15.862163] ? preempt_count_sub+0x50/0x80 [ 15.862188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.862215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.862241] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.862268] kthread+0x337/0x6f0 [ 15.862289] ? trace_preempt_on+0x20/0xc0 [ 15.862314] ? __pfx_kthread+0x10/0x10 [ 15.862335] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.862359] ? calculate_sigpending+0x7b/0xa0 [ 15.862384] ? __pfx_kthread+0x10/0x10 [ 15.862407] ret_from_fork+0x116/0x1d0 [ 15.862427] ? __pfx_kthread+0x10/0x10 [ 15.862450] ret_from_fork_asm+0x1a/0x30 [ 15.862483] </TASK> [ 15.862495] [ 15.870301] Allocated by task 282: [ 15.870489] kasan_save_stack+0x45/0x70 [ 15.870674] kasan_save_track+0x18/0x40 [ 15.870873] kasan_save_alloc_info+0x3b/0x50 [ 15.871047] __kasan_kmalloc+0xb7/0xc0 [ 15.871223] __kmalloc_cache_noprof+0x189/0x420 [ 15.871386] kasan_atomics+0x95/0x310 [ 15.871521] kunit_try_run_case+0x1a5/0x480 [ 15.871671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.871859] kthread+0x337/0x6f0 [ 15.871983] ret_from_fork+0x116/0x1d0 [ 15.872176] ret_from_fork_asm+0x1a/0x30 [ 15.872375] [ 15.872475] The buggy address belongs to the object at ffff888103082e00 [ 15.872475] which belongs to the cache kmalloc-64 of size 64 [ 15.873038] The buggy address is located 0 bytes to the right of [ 15.873038] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.873600] [ 15.873696] The buggy address belongs to the physical page: [ 15.873952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.874308] flags: 0x200000000000000(node=0|zone=2) [ 15.874563] page_type: f5(slab) [ 15.874713] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.874971] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.875203] page dumped because: kasan: bad access detected [ 15.875469] [ 15.875562] Memory state around the buggy address: [ 15.875800] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.876132] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.876441] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.876719] ^ [ 15.876910] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.877157] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.877516] ================================================================== [ 15.256286] ================================================================== [ 15.256594] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.256953] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.257531] [ 15.257654] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.257700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.257713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.257737] Call Trace: [ 15.257750] <TASK> [ 15.257777] dump_stack_lvl+0x73/0xb0 [ 15.257809] print_report+0xd1/0x610 [ 15.257834] ? __virt_addr_valid+0x1db/0x2d0 [ 15.257860] ? kasan_atomics_helper+0x72f/0x5450 [ 15.257883] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.257909] ? kasan_atomics_helper+0x72f/0x5450 [ 15.257933] kasan_report+0x141/0x180 [ 15.257957] ? kasan_atomics_helper+0x72f/0x5450 [ 15.257986] kasan_check_range+0x10c/0x1c0 [ 15.258012] __kasan_check_write+0x18/0x20 [ 15.258033] kasan_atomics_helper+0x72f/0x5450 [ 15.258058] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.258083] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.258110] ? kasan_atomics+0x152/0x310 [ 15.258139] kasan_atomics+0x1dc/0x310 [ 15.258164] ? __pfx_kasan_atomics+0x10/0x10 [ 15.258191] ? __pfx_read_tsc+0x10/0x10 [ 15.258214] ? ktime_get_ts64+0x86/0x230 [ 15.258241] kunit_try_run_case+0x1a5/0x480 [ 15.258268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.258293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.258321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.258348] ? __kthread_parkme+0x82/0x180 [ 15.258371] ? preempt_count_sub+0x50/0x80 [ 15.258398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.258426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.258464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.258493] kthread+0x337/0x6f0 [ 15.258518] ? trace_preempt_on+0x20/0xc0 [ 15.258544] ? __pfx_kthread+0x10/0x10 [ 15.258568] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.258591] ? calculate_sigpending+0x7b/0xa0 [ 15.258619] ? __pfx_kthread+0x10/0x10 [ 15.258644] ret_from_fork+0x116/0x1d0 [ 15.258663] ? __pfx_kthread+0x10/0x10 [ 15.258686] ret_from_fork_asm+0x1a/0x30 [ 15.258718] </TASK> [ 15.258730] [ 15.266343] Allocated by task 282: [ 15.266479] kasan_save_stack+0x45/0x70 [ 15.266624] kasan_save_track+0x18/0x40 [ 15.266771] kasan_save_alloc_info+0x3b/0x50 [ 15.266924] __kasan_kmalloc+0xb7/0xc0 [ 15.267071] __kmalloc_cache_noprof+0x189/0x420 [ 15.267297] kasan_atomics+0x95/0x310 [ 15.267486] kunit_try_run_case+0x1a5/0x480 [ 15.267699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.267962] kthread+0x337/0x6f0 [ 15.268203] ret_from_fork+0x116/0x1d0 [ 15.268363] ret_from_fork_asm+0x1a/0x30 [ 15.268630] [ 15.268712] The buggy address belongs to the object at ffff888103082e00 [ 15.268712] which belongs to the cache kmalloc-64 of size 64 [ 15.269078] The buggy address is located 0 bytes to the right of [ 15.269078] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.269446] [ 15.269519] The buggy address belongs to the physical page: [ 15.269959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.270318] flags: 0x200000000000000(node=0|zone=2) [ 15.270551] page_type: f5(slab) [ 15.270721] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.271095] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.271441] page dumped because: kasan: bad access detected [ 15.271692] [ 15.272328] Memory state around the buggy address: [ 15.272559] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.272876] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.273096] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.273419] ^ [ 15.274609] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.274912] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.275216] ================================================================== [ 15.878016] ================================================================== [ 15.878298] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.878716] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.879022] [ 15.879211] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.879256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.879269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.879290] Call Trace: [ 15.879304] <TASK> [ 15.879318] dump_stack_lvl+0x73/0xb0 [ 15.879348] print_report+0xd1/0x610 [ 15.879373] ? __virt_addr_valid+0x1db/0x2d0 [ 15.879398] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.879421] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.879447] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.879471] kasan_report+0x141/0x180 [ 15.879495] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.879523] __asan_report_store8_noabort+0x1b/0x30 [ 15.879551] kasan_atomics_helper+0x50d4/0x5450 [ 15.879576] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.879601] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.879628] ? kasan_atomics+0x152/0x310 [ 15.879656] kasan_atomics+0x1dc/0x310 [ 15.879680] ? __pfx_kasan_atomics+0x10/0x10 [ 15.879706] ? __pfx_read_tsc+0x10/0x10 [ 15.879728] ? ktime_get_ts64+0x86/0x230 [ 15.879755] kunit_try_run_case+0x1a5/0x480 [ 15.879792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.879817] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.879844] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.879870] ? __kthread_parkme+0x82/0x180 [ 15.879892] ? preempt_count_sub+0x50/0x80 [ 15.879918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.879946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.879973] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.880001] kthread+0x337/0x6f0 [ 15.880022] ? trace_preempt_on+0x20/0xc0 [ 15.880047] ? __pfx_kthread+0x10/0x10 [ 15.880069] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.880093] ? calculate_sigpending+0x7b/0xa0 [ 15.880119] ? __pfx_kthread+0x10/0x10 [ 15.880143] ret_from_fork+0x116/0x1d0 [ 15.880163] ? __pfx_kthread+0x10/0x10 [ 15.880186] ret_from_fork_asm+0x1a/0x30 [ 15.880228] </TASK> [ 15.880240] [ 15.887494] Allocated by task 282: [ 15.887862] kasan_save_stack+0x45/0x70 [ 15.888064] kasan_save_track+0x18/0x40 [ 15.888209] kasan_save_alloc_info+0x3b/0x50 [ 15.888420] __kasan_kmalloc+0xb7/0xc0 [ 15.888577] __kmalloc_cache_noprof+0x189/0x420 [ 15.888737] kasan_atomics+0x95/0x310 [ 15.888938] kunit_try_run_case+0x1a5/0x480 [ 15.889153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.889413] kthread+0x337/0x6f0 [ 15.889588] ret_from_fork+0x116/0x1d0 [ 15.889724] ret_from_fork_asm+0x1a/0x30 [ 15.890926] [ 15.891350] The buggy address belongs to the object at ffff888103082e00 [ 15.891350] which belongs to the cache kmalloc-64 of size 64 [ 15.893225] The buggy address is located 0 bytes to the right of [ 15.893225] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.894329] [ 15.894723] The buggy address belongs to the physical page: [ 15.895388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.896139] flags: 0x200000000000000(node=0|zone=2) [ 15.896953] page_type: f5(slab) [ 15.897363] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.897939] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.898174] page dumped because: kasan: bad access detected [ 15.898347] [ 15.898421] Memory state around the buggy address: [ 15.899357] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.900316] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.901279] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.902091] ^ [ 15.902797] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.903293] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.904021] ================================================================== [ 15.322351] ================================================================== [ 15.322655] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.323425] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.323875] [ 15.323972] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.324084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.324157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.324181] Call Trace: [ 15.324198] <TASK> [ 15.324215] dump_stack_lvl+0x73/0xb0 [ 15.324250] print_report+0xd1/0x610 [ 15.324275] ? __virt_addr_valid+0x1db/0x2d0 [ 15.324300] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.324324] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.324350] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.324374] kasan_report+0x141/0x180 [ 15.324398] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.324427] kasan_check_range+0x10c/0x1c0 [ 15.324464] __kasan_check_write+0x18/0x20 [ 15.324486] kasan_atomics_helper+0x8f9/0x5450 [ 15.324511] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.324536] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.324563] ? kasan_atomics+0x152/0x310 [ 15.324592] kasan_atomics+0x1dc/0x310 [ 15.324616] ? __pfx_kasan_atomics+0x10/0x10 [ 15.324644] ? __pfx_read_tsc+0x10/0x10 [ 15.324667] ? ktime_get_ts64+0x86/0x230 [ 15.324694] kunit_try_run_case+0x1a5/0x480 [ 15.324720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.324745] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.324786] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.324812] ? __kthread_parkme+0x82/0x180 [ 15.324835] ? preempt_count_sub+0x50/0x80 [ 15.324861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.324889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.324916] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.324944] kthread+0x337/0x6f0 [ 15.324966] ? trace_preempt_on+0x20/0xc0 [ 15.324991] ? __pfx_kthread+0x10/0x10 [ 15.325014] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.325038] ? calculate_sigpending+0x7b/0xa0 [ 15.325065] ? __pfx_kthread+0x10/0x10 [ 15.325088] ret_from_fork+0x116/0x1d0 [ 15.325108] ? __pfx_kthread+0x10/0x10 [ 15.325131] ret_from_fork_asm+0x1a/0x30 [ 15.325163] </TASK> [ 15.325173] [ 15.335060] Allocated by task 282: [ 15.335368] kasan_save_stack+0x45/0x70 [ 15.335643] kasan_save_track+0x18/0x40 [ 15.335831] kasan_save_alloc_info+0x3b/0x50 [ 15.336046] __kasan_kmalloc+0xb7/0xc0 [ 15.336220] __kmalloc_cache_noprof+0x189/0x420 [ 15.336433] kasan_atomics+0x95/0x310 [ 15.336968] kunit_try_run_case+0x1a5/0x480 [ 15.337174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.337395] kthread+0x337/0x6f0 [ 15.337689] ret_from_fork+0x116/0x1d0 [ 15.337877] ret_from_fork_asm+0x1a/0x30 [ 15.338200] [ 15.338284] The buggy address belongs to the object at ffff888103082e00 [ 15.338284] which belongs to the cache kmalloc-64 of size 64 [ 15.338936] The buggy address is located 0 bytes to the right of [ 15.338936] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.339609] [ 15.339792] The buggy address belongs to the physical page: [ 15.340156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.340605] flags: 0x200000000000000(node=0|zone=2) [ 15.340832] page_type: f5(slab) [ 15.341004] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.341324] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.341887] page dumped because: kasan: bad access detected [ 15.342222] [ 15.342306] Memory state around the buggy address: [ 15.342522] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.342996] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.343387] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.343839] ^ [ 15.344154] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.344590] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.344899] ================================================================== [ 16.059585] ================================================================== [ 16.060436] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 16.061125] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.061769] [ 16.061943] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.061988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.062002] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.062024] Call Trace: [ 16.062039] <TASK> [ 16.062055] dump_stack_lvl+0x73/0xb0 [ 16.062086] print_report+0xd1/0x610 [ 16.062110] ? __virt_addr_valid+0x1db/0x2d0 [ 16.062135] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.062158] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.062184] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.062209] kasan_report+0x141/0x180 [ 16.062233] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.062262] kasan_check_range+0x10c/0x1c0 [ 16.062288] __kasan_check_write+0x18/0x20 [ 16.062311] kasan_atomics_helper+0x18b1/0x5450 [ 16.062336] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.062361] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.062388] ? kasan_atomics+0x152/0x310 [ 16.062417] kasan_atomics+0x1dc/0x310 [ 16.062450] ? __pfx_kasan_atomics+0x10/0x10 [ 16.062476] ? __pfx_read_tsc+0x10/0x10 [ 16.062499] ? ktime_get_ts64+0x86/0x230 [ 16.062525] kunit_try_run_case+0x1a5/0x480 [ 16.062552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.062578] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.062605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.062630] ? __kthread_parkme+0x82/0x180 [ 16.062653] ? preempt_count_sub+0x50/0x80 [ 16.062678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.062706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.062732] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.062770] kthread+0x337/0x6f0 [ 16.062791] ? trace_preempt_on+0x20/0xc0 [ 16.062816] ? __pfx_kthread+0x10/0x10 [ 16.062838] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.062861] ? calculate_sigpending+0x7b/0xa0 [ 16.062888] ? __pfx_kthread+0x10/0x10 [ 16.062910] ret_from_fork+0x116/0x1d0 [ 16.062931] ? __pfx_kthread+0x10/0x10 [ 16.062953] ret_from_fork_asm+0x1a/0x30 [ 16.062985] </TASK> [ 16.062996] [ 16.073580] Allocated by task 282: [ 16.073724] kasan_save_stack+0x45/0x70 [ 16.073883] kasan_save_track+0x18/0x40 [ 16.074022] kasan_save_alloc_info+0x3b/0x50 [ 16.074175] __kasan_kmalloc+0xb7/0xc0 [ 16.074310] __kmalloc_cache_noprof+0x189/0x420 [ 16.074527] kasan_atomics+0x95/0x310 [ 16.074866] kunit_try_run_case+0x1a5/0x480 [ 16.075235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.075782] kthread+0x337/0x6f0 [ 16.076150] ret_from_fork+0x116/0x1d0 [ 16.076497] ret_from_fork_asm+0x1a/0x30 [ 16.076906] [ 16.077065] The buggy address belongs to the object at ffff888103082e00 [ 16.077065] which belongs to the cache kmalloc-64 of size 64 [ 16.078310] The buggy address is located 0 bytes to the right of [ 16.078310] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.079523] [ 16.079686] The buggy address belongs to the physical page: [ 16.080175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.080945] flags: 0x200000000000000(node=0|zone=2) [ 16.081215] page_type: f5(slab) [ 16.081338] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.081619] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.082318] page dumped because: kasan: bad access detected [ 16.082838] [ 16.082994] Memory state around the buggy address: [ 16.083410] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.084028] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.084606] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.084832] ^ [ 16.084991] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.085208] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.085424] ================================================================== [ 15.757352] ================================================================== [ 15.757699] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.758091] Read of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.758450] [ 15.758578] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.758624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.758636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.758659] Call Trace: [ 15.758672] <TASK> [ 15.758687] dump_stack_lvl+0x73/0xb0 [ 15.758739] print_report+0xd1/0x610 [ 15.758775] ? __virt_addr_valid+0x1db/0x2d0 [ 15.758801] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.758825] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.758851] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.758875] kasan_report+0x141/0x180 [ 15.758899] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.758944] __asan_report_load4_noabort+0x18/0x20 [ 15.759000] kasan_atomics_helper+0x49e8/0x5450 [ 15.759039] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.759065] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.759119] ? kasan_atomics+0x152/0x310 [ 15.759162] kasan_atomics+0x1dc/0x310 [ 15.759193] ? __pfx_kasan_atomics+0x10/0x10 [ 15.759220] ? __pfx_read_tsc+0x10/0x10 [ 15.759244] ? ktime_get_ts64+0x86/0x230 [ 15.759271] kunit_try_run_case+0x1a5/0x480 [ 15.759298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.759324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.759351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.759377] ? __kthread_parkme+0x82/0x180 [ 15.759400] ? preempt_count_sub+0x50/0x80 [ 15.759425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.759452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.759482] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.759511] kthread+0x337/0x6f0 [ 15.759532] ? trace_preempt_on+0x20/0xc0 [ 15.759556] ? __pfx_kthread+0x10/0x10 [ 15.759589] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.759612] ? calculate_sigpending+0x7b/0xa0 [ 15.759639] ? __pfx_kthread+0x10/0x10 [ 15.759662] ret_from_fork+0x116/0x1d0 [ 15.759683] ? __pfx_kthread+0x10/0x10 [ 15.759705] ret_from_fork_asm+0x1a/0x30 [ 15.759738] </TASK> [ 15.759749] [ 15.767315] Allocated by task 282: [ 15.767525] kasan_save_stack+0x45/0x70 [ 15.767776] kasan_save_track+0x18/0x40 [ 15.767990] kasan_save_alloc_info+0x3b/0x50 [ 15.768293] __kasan_kmalloc+0xb7/0xc0 [ 15.768519] __kmalloc_cache_noprof+0x189/0x420 [ 15.768729] kasan_atomics+0x95/0x310 [ 15.768916] kunit_try_run_case+0x1a5/0x480 [ 15.769152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.769404] kthread+0x337/0x6f0 [ 15.769582] ret_from_fork+0x116/0x1d0 [ 15.769778] ret_from_fork_asm+0x1a/0x30 [ 15.769990] [ 15.770115] The buggy address belongs to the object at ffff888103082e00 [ 15.770115] which belongs to the cache kmalloc-64 of size 64 [ 15.770692] The buggy address is located 0 bytes to the right of [ 15.770692] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.771236] [ 15.771310] The buggy address belongs to the physical page: [ 15.771478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.771853] flags: 0x200000000000000(node=0|zone=2) [ 15.772082] page_type: f5(slab) [ 15.772242] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.772520] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.772872] page dumped because: kasan: bad access detected [ 15.773139] [ 15.773231] Memory state around the buggy address: [ 15.773383] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.773695] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.774112] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.774408] ^ [ 15.774670] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.774997] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.775331] ================================================================== [ 15.825049] ================================================================== [ 15.825640] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.825904] Read of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.826229] [ 15.826336] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.826382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.826396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.826418] Call Trace: [ 15.826434] <TASK> [ 15.826450] dump_stack_lvl+0x73/0xb0 [ 15.826489] print_report+0xd1/0x610 [ 15.826515] ? __virt_addr_valid+0x1db/0x2d0 [ 15.826539] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.826563] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.826589] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.826613] kasan_report+0x141/0x180 [ 15.826638] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.826666] kasan_check_range+0x10c/0x1c0 [ 15.826692] __kasan_check_read+0x15/0x20 [ 15.826714] kasan_atomics_helper+0x13b5/0x5450 [ 15.826739] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.826777] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.826804] ? kasan_atomics+0x152/0x310 [ 15.826833] kasan_atomics+0x1dc/0x310 [ 15.826857] ? __pfx_kasan_atomics+0x10/0x10 [ 15.826884] ? __pfx_read_tsc+0x10/0x10 [ 15.826906] ? ktime_get_ts64+0x86/0x230 [ 15.826934] kunit_try_run_case+0x1a5/0x480 [ 15.826961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.826987] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.827013] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.827039] ? __kthread_parkme+0x82/0x180 [ 15.827062] ? preempt_count_sub+0x50/0x80 [ 15.827088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.827115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.827142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.827170] kthread+0x337/0x6f0 [ 15.827195] ? trace_preempt_on+0x20/0xc0 [ 15.827219] ? __pfx_kthread+0x10/0x10 [ 15.827242] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.827265] ? calculate_sigpending+0x7b/0xa0 [ 15.827291] ? __pfx_kthread+0x10/0x10 [ 15.827314] ret_from_fork+0x116/0x1d0 [ 15.827334] ? __pfx_kthread+0x10/0x10 [ 15.827356] ret_from_fork_asm+0x1a/0x30 [ 15.827389] </TASK> [ 15.827400] [ 15.834816] Allocated by task 282: [ 15.835037] kasan_save_stack+0x45/0x70 [ 15.835188] kasan_save_track+0x18/0x40 [ 15.835335] kasan_save_alloc_info+0x3b/0x50 [ 15.835664] __kasan_kmalloc+0xb7/0xc0 [ 15.835866] __kmalloc_cache_noprof+0x189/0x420 [ 15.836091] kasan_atomics+0x95/0x310 [ 15.836279] kunit_try_run_case+0x1a5/0x480 [ 15.836435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.836702] kthread+0x337/0x6f0 [ 15.836864] ret_from_fork+0x116/0x1d0 [ 15.837003] ret_from_fork_asm+0x1a/0x30 [ 15.837148] [ 15.837222] The buggy address belongs to the object at ffff888103082e00 [ 15.837222] which belongs to the cache kmalloc-64 of size 64 [ 15.837971] The buggy address is located 0 bytes to the right of [ 15.837971] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.838515] [ 15.838594] The buggy address belongs to the physical page: [ 15.838833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.839122] flags: 0x200000000000000(node=0|zone=2) [ 15.839364] page_type: f5(slab) [ 15.839516] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.839804] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.840129] page dumped because: kasan: bad access detected [ 15.840336] [ 15.840407] Memory state around the buggy address: [ 15.840649] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.840947] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.841223] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.841550] ^ [ 15.841805] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.842080] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.842330] ================================================================== [ 15.238132] ================================================================== [ 15.238383] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.239109] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.239714] [ 15.240068] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.240119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.240133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.240156] Call Trace: [ 15.240170] <TASK> [ 15.240185] dump_stack_lvl+0x73/0xb0 [ 15.240220] print_report+0xd1/0x610 [ 15.240246] ? __virt_addr_valid+0x1db/0x2d0 [ 15.240271] ? kasan_atomics_helper+0x697/0x5450 [ 15.240295] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.240321] ? kasan_atomics_helper+0x697/0x5450 [ 15.240345] kasan_report+0x141/0x180 [ 15.240369] ? kasan_atomics_helper+0x697/0x5450 [ 15.240397] kasan_check_range+0x10c/0x1c0 [ 15.240423] __kasan_check_write+0x18/0x20 [ 15.240453] kasan_atomics_helper+0x697/0x5450 [ 15.240478] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.240503] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.240531] ? kasan_atomics+0x152/0x310 [ 15.240559] kasan_atomics+0x1dc/0x310 [ 15.240584] ? __pfx_kasan_atomics+0x10/0x10 [ 15.240610] ? __pfx_read_tsc+0x10/0x10 [ 15.240633] ? ktime_get_ts64+0x86/0x230 [ 15.240660] kunit_try_run_case+0x1a5/0x480 [ 15.240687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.240712] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.240740] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.240780] ? __kthread_parkme+0x82/0x180 [ 15.240803] ? preempt_count_sub+0x50/0x80 [ 15.240830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.240856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.240886] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.240914] kthread+0x337/0x6f0 [ 15.240935] ? trace_preempt_on+0x20/0xc0 [ 15.240961] ? __pfx_kthread+0x10/0x10 [ 15.240984] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.241008] ? calculate_sigpending+0x7b/0xa0 [ 15.241035] ? __pfx_kthread+0x10/0x10 [ 15.241059] ret_from_fork+0x116/0x1d0 [ 15.241079] ? __pfx_kthread+0x10/0x10 [ 15.241101] ret_from_fork_asm+0x1a/0x30 [ 15.241133] </TASK> [ 15.241144] [ 15.248520] Allocated by task 282: [ 15.248677] kasan_save_stack+0x45/0x70 [ 15.248874] kasan_save_track+0x18/0x40 [ 15.249041] kasan_save_alloc_info+0x3b/0x50 [ 15.249256] __kasan_kmalloc+0xb7/0xc0 [ 15.249427] __kmalloc_cache_noprof+0x189/0x420 [ 15.249607] kasan_atomics+0x95/0x310 [ 15.249739] kunit_try_run_case+0x1a5/0x480 [ 15.249899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.250152] kthread+0x337/0x6f0 [ 15.250321] ret_from_fork+0x116/0x1d0 [ 15.250507] ret_from_fork_asm+0x1a/0x30 [ 15.250649] [ 15.250722] The buggy address belongs to the object at ffff888103082e00 [ 15.250722] which belongs to the cache kmalloc-64 of size 64 [ 15.251368] The buggy address is located 0 bytes to the right of [ 15.251368] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.252011] [ 15.252085] The buggy address belongs to the physical page: [ 15.252255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.252489] flags: 0x200000000000000(node=0|zone=2) [ 15.252648] page_type: f5(slab) [ 15.252778] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.253122] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.253454] page dumped because: kasan: bad access detected [ 15.253702] [ 15.253807] Memory state around the buggy address: [ 15.254026] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.254339] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.254652] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.254963] ^ [ 15.255160] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.255457] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.255714] ================================================================== [ 15.905126] ================================================================== [ 15.905362] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.905613] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.905846] [ 15.905933] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.905978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.905992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.906014] Call Trace: [ 15.906031] <TASK> [ 15.906048] dump_stack_lvl+0x73/0xb0 [ 15.906075] print_report+0xd1/0x610 [ 15.906099] ? __virt_addr_valid+0x1db/0x2d0 [ 15.906123] ? kasan_atomics_helper+0x151d/0x5450 [ 15.906146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.906170] ? kasan_atomics_helper+0x151d/0x5450 [ 15.906192] kasan_report+0x141/0x180 [ 15.906215] ? kasan_atomics_helper+0x151d/0x5450 [ 15.906242] kasan_check_range+0x10c/0x1c0 [ 15.906266] __kasan_check_write+0x18/0x20 [ 15.906286] kasan_atomics_helper+0x151d/0x5450 [ 15.906309] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.906332] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.906358] ? kasan_atomics+0x152/0x310 [ 15.906385] kasan_atomics+0x1dc/0x310 [ 15.906409] ? __pfx_kasan_atomics+0x10/0x10 [ 15.906434] ? __pfx_read_tsc+0x10/0x10 [ 15.906456] ? ktime_get_ts64+0x86/0x230 [ 15.906481] kunit_try_run_case+0x1a5/0x480 [ 15.906508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.906531] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.906557] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.906581] ? __kthread_parkme+0x82/0x180 [ 15.906603] ? preempt_count_sub+0x50/0x80 [ 15.906628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.906653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.906679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.906705] kthread+0x337/0x6f0 [ 15.906725] ? trace_preempt_on+0x20/0xc0 [ 15.906748] ? __pfx_kthread+0x10/0x10 [ 15.906793] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.906815] ? calculate_sigpending+0x7b/0xa0 [ 15.906839] ? __pfx_kthread+0x10/0x10 [ 15.906861] ret_from_fork+0x116/0x1d0 [ 15.906880] ? __pfx_kthread+0x10/0x10 [ 15.906902] ret_from_fork_asm+0x1a/0x30 [ 15.906933] </TASK> [ 15.906944] [ 15.918311] Allocated by task 282: [ 15.918622] kasan_save_stack+0x45/0x70 [ 15.918971] kasan_save_track+0x18/0x40 [ 15.919129] kasan_save_alloc_info+0x3b/0x50 [ 15.919347] __kasan_kmalloc+0xb7/0xc0 [ 15.919757] __kmalloc_cache_noprof+0x189/0x420 [ 15.919991] kasan_atomics+0x95/0x310 [ 15.920153] kunit_try_run_case+0x1a5/0x480 [ 15.920512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.920862] kthread+0x337/0x6f0 [ 15.921123] ret_from_fork+0x116/0x1d0 [ 15.921381] ret_from_fork_asm+0x1a/0x30 [ 15.921667] [ 15.921944] The buggy address belongs to the object at ffff888103082e00 [ 15.921944] which belongs to the cache kmalloc-64 of size 64 [ 15.922587] The buggy address is located 0 bytes to the right of [ 15.922587] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.923221] [ 15.923440] The buggy address belongs to the physical page: [ 15.923669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.924011] flags: 0x200000000000000(node=0|zone=2) [ 15.924230] page_type: f5(slab) [ 15.924398] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.925064] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.925510] page dumped because: kasan: bad access detected [ 15.925834] [ 15.925937] Memory state around the buggy address: [ 15.926304] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.926859] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.927272] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.927747] ^ [ 15.928049] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.928452] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.929228] ================================================================== [ 16.103733] ================================================================== [ 16.104203] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 16.104451] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.104748] [ 16.104871] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.104915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.104928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.104951] Call Trace: [ 16.104967] <TASK> [ 16.104982] dump_stack_lvl+0x73/0xb0 [ 16.105011] print_report+0xd1/0x610 [ 16.105036] ? __virt_addr_valid+0x1db/0x2d0 [ 16.105061] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.105085] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.105111] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.105135] kasan_report+0x141/0x180 [ 16.105159] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.105188] kasan_check_range+0x10c/0x1c0 [ 16.105225] __kasan_check_write+0x18/0x20 [ 16.105247] kasan_atomics_helper+0x19e3/0x5450 [ 16.105273] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.105299] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.105326] ? kasan_atomics+0x152/0x310 [ 16.105354] kasan_atomics+0x1dc/0x310 [ 16.105379] ? __pfx_kasan_atomics+0x10/0x10 [ 16.105405] ? __pfx_read_tsc+0x10/0x10 [ 16.105428] ? ktime_get_ts64+0x86/0x230 [ 16.105455] kunit_try_run_case+0x1a5/0x480 [ 16.105481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.105507] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.105533] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.105560] ? __kthread_parkme+0x82/0x180 [ 16.105582] ? preempt_count_sub+0x50/0x80 [ 16.105608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.105635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.105661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.105697] kthread+0x337/0x6f0 [ 16.105718] ? trace_preempt_on+0x20/0xc0 [ 16.105743] ? __pfx_kthread+0x10/0x10 [ 16.105776] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.105799] ? calculate_sigpending+0x7b/0xa0 [ 16.105825] ? __pfx_kthread+0x10/0x10 [ 16.105848] ret_from_fork+0x116/0x1d0 [ 16.105868] ? __pfx_kthread+0x10/0x10 [ 16.105891] ret_from_fork_asm+0x1a/0x30 [ 16.105922] </TASK> [ 16.105933] [ 16.113649] Allocated by task 282: [ 16.113806] kasan_save_stack+0x45/0x70 [ 16.113998] kasan_save_track+0x18/0x40 [ 16.114170] kasan_save_alloc_info+0x3b/0x50 [ 16.114368] __kasan_kmalloc+0xb7/0xc0 [ 16.114547] __kmalloc_cache_noprof+0x189/0x420 [ 16.114707] kasan_atomics+0x95/0x310 [ 16.114891] kunit_try_run_case+0x1a5/0x480 [ 16.115106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.115344] kthread+0x337/0x6f0 [ 16.115467] ret_from_fork+0x116/0x1d0 [ 16.115744] ret_from_fork_asm+0x1a/0x30 [ 16.115954] [ 16.116051] The buggy address belongs to the object at ffff888103082e00 [ 16.116051] which belongs to the cache kmalloc-64 of size 64 [ 16.116516] The buggy address is located 0 bytes to the right of [ 16.116516] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.117121] [ 16.117209] The buggy address belongs to the physical page: [ 16.117426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.117731] flags: 0x200000000000000(node=0|zone=2) [ 16.117978] page_type: f5(slab) [ 16.118139] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.118446] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.118750] page dumped because: kasan: bad access detected [ 16.118980] [ 16.119070] Memory state around the buggy address: [ 16.119272] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.119584] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.119897] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.120183] ^ [ 16.120380] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.120643] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.120919] ================================================================== [ 16.419727] ================================================================== [ 16.420104] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.420585] Write of size 8 at addr ffff888103082e30 by task kunit_try_catch/282 [ 16.421104] [ 16.421300] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.421348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.421361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.421383] Call Trace: [ 16.421399] <TASK> [ 16.421415] dump_stack_lvl+0x73/0xb0 [ 16.421447] print_report+0xd1/0x610 [ 16.421559] ? __virt_addr_valid+0x1db/0x2d0 [ 16.421584] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.421608] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.421633] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.421657] kasan_report+0x141/0x180 [ 16.421681] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.421710] kasan_check_range+0x10c/0x1c0 [ 16.421736] __kasan_check_write+0x18/0x20 [ 16.421758] kasan_atomics_helper+0x20c8/0x5450 [ 16.421796] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.421821] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.421848] ? kasan_atomics+0x152/0x310 [ 16.421877] kasan_atomics+0x1dc/0x310 [ 16.421900] ? __pfx_kasan_atomics+0x10/0x10 [ 16.421926] ? __pfx_read_tsc+0x10/0x10 [ 16.421948] ? ktime_get_ts64+0x86/0x230 [ 16.421975] kunit_try_run_case+0x1a5/0x480 [ 16.422001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.422026] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.422053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.422079] ? __kthread_parkme+0x82/0x180 [ 16.422101] ? preempt_count_sub+0x50/0x80 [ 16.422127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.422153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.422180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.422208] kthread+0x337/0x6f0 [ 16.422229] ? trace_preempt_on+0x20/0xc0 [ 16.422253] ? __pfx_kthread+0x10/0x10 [ 16.422276] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.422299] ? calculate_sigpending+0x7b/0xa0 [ 16.422325] ? __pfx_kthread+0x10/0x10 [ 16.422348] ret_from_fork+0x116/0x1d0 [ 16.422369] ? __pfx_kthread+0x10/0x10 [ 16.422391] ret_from_fork_asm+0x1a/0x30 [ 16.422422] </TASK> [ 16.422434] [ 16.433054] Allocated by task 282: [ 16.433450] kasan_save_stack+0x45/0x70 [ 16.433677] kasan_save_track+0x18/0x40 [ 16.434004] kasan_save_alloc_info+0x3b/0x50 [ 16.434309] __kasan_kmalloc+0xb7/0xc0 [ 16.434638] __kmalloc_cache_noprof+0x189/0x420 [ 16.434880] kasan_atomics+0x95/0x310 [ 16.435210] kunit_try_run_case+0x1a5/0x480 [ 16.435536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.435851] kthread+0x337/0x6f0 [ 16.436172] ret_from_fork+0x116/0x1d0 [ 16.436374] ret_from_fork_asm+0x1a/0x30 [ 16.436774] [ 16.436908] The buggy address belongs to the object at ffff888103082e00 [ 16.436908] which belongs to the cache kmalloc-64 of size 64 [ 16.437600] The buggy address is located 0 bytes to the right of [ 16.437600] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 16.438328] [ 16.438450] The buggy address belongs to the physical page: [ 16.438843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 16.439283] flags: 0x200000000000000(node=0|zone=2) [ 16.439597] page_type: f5(slab) [ 16.439751] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.440259] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.440736] page dumped because: kasan: bad access detected [ 16.441014] [ 16.441241] Memory state around the buggy address: [ 16.441473] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.441927] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.442243] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.442758] ^ [ 16.443058] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.443499] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.443879] ================================================================== [ 15.074071] ================================================================== [ 15.074305] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 15.074541] Read of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.074837] [ 15.074945] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.074989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.075001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.075022] Call Trace: [ 15.075040] <TASK> [ 15.075056] dump_stack_lvl+0x73/0xb0 [ 15.075085] print_report+0xd1/0x610 [ 15.075109] ? __virt_addr_valid+0x1db/0x2d0 [ 15.075133] ? kasan_atomics_helper+0x3df/0x5450 [ 15.075155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.075183] ? kasan_atomics_helper+0x3df/0x5450 [ 15.075206] kasan_report+0x141/0x180 [ 15.075229] ? kasan_atomics_helper+0x3df/0x5450 [ 15.075256] kasan_check_range+0x10c/0x1c0 [ 15.075280] __kasan_check_read+0x15/0x20 [ 15.075300] kasan_atomics_helper+0x3df/0x5450 [ 15.075325] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.075348] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.075374] ? kasan_atomics+0x152/0x310 [ 15.075401] kasan_atomics+0x1dc/0x310 [ 15.075424] ? __pfx_kasan_atomics+0x10/0x10 [ 15.075449] ? __pfx_read_tsc+0x10/0x10 [ 15.075470] ? ktime_get_ts64+0x86/0x230 [ 15.075497] kunit_try_run_case+0x1a5/0x480 [ 15.075522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.075545] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.075571] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.075596] ? __kthread_parkme+0x82/0x180 [ 15.075617] ? preempt_count_sub+0x50/0x80 [ 15.075642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.075667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.075692] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.075719] kthread+0x337/0x6f0 [ 15.075739] ? trace_preempt_on+0x20/0xc0 [ 15.075784] ? __pfx_kthread+0x10/0x10 [ 15.075805] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.075827] ? calculate_sigpending+0x7b/0xa0 [ 15.075864] ? __pfx_kthread+0x10/0x10 [ 15.075887] ret_from_fork+0x116/0x1d0 [ 15.075906] ? __pfx_kthread+0x10/0x10 [ 15.075926] ret_from_fork_asm+0x1a/0x30 [ 15.075958] </TASK> [ 15.075970] [ 15.084994] Allocated by task 282: [ 15.085192] kasan_save_stack+0x45/0x70 [ 15.085397] kasan_save_track+0x18/0x40 [ 15.085593] kasan_save_alloc_info+0x3b/0x50 [ 15.085822] __kasan_kmalloc+0xb7/0xc0 [ 15.085966] __kmalloc_cache_noprof+0x189/0x420 [ 15.086125] kasan_atomics+0x95/0x310 [ 15.086263] kunit_try_run_case+0x1a5/0x480 [ 15.086412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.086733] kthread+0x337/0x6f0 [ 15.086926] ret_from_fork+0x116/0x1d0 [ 15.087119] ret_from_fork_asm+0x1a/0x30 [ 15.087532] [ 15.087646] The buggy address belongs to the object at ffff888103082e00 [ 15.087646] which belongs to the cache kmalloc-64 of size 64 [ 15.088284] The buggy address is located 0 bytes to the right of [ 15.088284] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.088866] [ 15.088970] The buggy address belongs to the physical page: [ 15.089261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.089621] flags: 0x200000000000000(node=0|zone=2) [ 15.089865] page_type: f5(slab) [ 15.090039] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.090403] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.090910] page dumped because: kasan: bad access detected [ 15.091171] [ 15.091298] Memory state around the buggy address: [ 15.091647] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.091969] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.092430] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.092818] ^ [ 15.092988] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.093296] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.093728] ================================================================== [ 15.186628] ================================================================== [ 15.187191] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.187646] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.187903] [ 15.188189] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.188367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.188383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.188407] Call Trace: [ 15.188426] <TASK> [ 15.188455] dump_stack_lvl+0x73/0xb0 [ 15.188489] print_report+0xd1/0x610 [ 15.188514] ? __virt_addr_valid+0x1db/0x2d0 [ 15.188541] ? kasan_atomics_helper+0x565/0x5450 [ 15.188565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.188591] ? kasan_atomics_helper+0x565/0x5450 [ 15.188616] kasan_report+0x141/0x180 [ 15.188639] ? kasan_atomics_helper+0x565/0x5450 [ 15.188668] kasan_check_range+0x10c/0x1c0 [ 15.188694] __kasan_check_write+0x18/0x20 [ 15.188716] kasan_atomics_helper+0x565/0x5450 [ 15.188741] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.188780] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.188808] ? kasan_atomics+0x152/0x310 [ 15.188837] kasan_atomics+0x1dc/0x310 [ 15.188862] ? __pfx_kasan_atomics+0x10/0x10 [ 15.188889] ? __pfx_read_tsc+0x10/0x10 [ 15.188912] ? ktime_get_ts64+0x86/0x230 [ 15.188940] kunit_try_run_case+0x1a5/0x480 [ 15.188966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.189007] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.189035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.189061] ? __kthread_parkme+0x82/0x180 [ 15.189085] ? preempt_count_sub+0x50/0x80 [ 15.189112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.189140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.189167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.189195] kthread+0x337/0x6f0 [ 15.189217] ? trace_preempt_on+0x20/0xc0 [ 15.189242] ? __pfx_kthread+0x10/0x10 [ 15.189265] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.189290] ? calculate_sigpending+0x7b/0xa0 [ 15.189317] ? __pfx_kthread+0x10/0x10 [ 15.189341] ret_from_fork+0x116/0x1d0 [ 15.189362] ? __pfx_kthread+0x10/0x10 [ 15.189384] ret_from_fork_asm+0x1a/0x30 [ 15.189416] </TASK> [ 15.189428] [ 15.200694] Allocated by task 282: [ 15.200901] kasan_save_stack+0x45/0x70 [ 15.201273] kasan_save_track+0x18/0x40 [ 15.201593] kasan_save_alloc_info+0x3b/0x50 [ 15.201815] __kasan_kmalloc+0xb7/0xc0 [ 15.202132] __kmalloc_cache_noprof+0x189/0x420 [ 15.202434] kasan_atomics+0x95/0x310 [ 15.202722] kunit_try_run_case+0x1a5/0x480 [ 15.202927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.203369] kthread+0x337/0x6f0 [ 15.203550] ret_from_fork+0x116/0x1d0 [ 15.203875] ret_from_fork_asm+0x1a/0x30 [ 15.204079] [ 15.204276] The buggy address belongs to the object at ffff888103082e00 [ 15.204276] which belongs to the cache kmalloc-64 of size 64 [ 15.204965] The buggy address is located 0 bytes to the right of [ 15.204965] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.205836] [ 15.205987] The buggy address belongs to the physical page: [ 15.206520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.206965] flags: 0x200000000000000(node=0|zone=2) [ 15.207368] page_type: f5(slab) [ 15.207539] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.207856] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.208341] page dumped because: kasan: bad access detected [ 15.208686] [ 15.208776] Memory state around the buggy address: [ 15.209194] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.209749] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.210170] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.210609] ^ [ 15.210919] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.211407] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.211669] ================================================================== [ 15.403108] ================================================================== [ 15.403399] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.403717] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.404081] [ 15.404184] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.404229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.404242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.404264] Call Trace: [ 15.404281] <TASK> [ 15.404297] dump_stack_lvl+0x73/0xb0 [ 15.404328] print_report+0xd1/0x610 [ 15.404353] ? __virt_addr_valid+0x1db/0x2d0 [ 15.404378] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.404402] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.404428] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.404453] kasan_report+0x141/0x180 [ 15.404477] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.404506] kasan_check_range+0x10c/0x1c0 [ 15.404532] __kasan_check_write+0x18/0x20 [ 15.404554] kasan_atomics_helper+0xb6a/0x5450 [ 15.404579] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.404604] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.404632] ? kasan_atomics+0x152/0x310 [ 15.404660] kasan_atomics+0x1dc/0x310 [ 15.404684] ? __pfx_kasan_atomics+0x10/0x10 [ 15.404710] ? __pfx_read_tsc+0x10/0x10 [ 15.404732] ? ktime_get_ts64+0x86/0x230 [ 15.404769] kunit_try_run_case+0x1a5/0x480 [ 15.404797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.404833] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.404860] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.404886] ? __kthread_parkme+0x82/0x180 [ 15.404909] ? preempt_count_sub+0x50/0x80 [ 15.404935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.404962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.404989] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.405016] kthread+0x337/0x6f0 [ 15.405037] ? trace_preempt_on+0x20/0xc0 [ 15.405062] ? __pfx_kthread+0x10/0x10 [ 15.405085] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.405108] ? calculate_sigpending+0x7b/0xa0 [ 15.405135] ? __pfx_kthread+0x10/0x10 [ 15.405158] ret_from_fork+0x116/0x1d0 [ 15.405178] ? __pfx_kthread+0x10/0x10 [ 15.405200] ret_from_fork_asm+0x1a/0x30 [ 15.405233] </TASK> [ 15.405244] [ 15.417195] Allocated by task 282: [ 15.417356] kasan_save_stack+0x45/0x70 [ 15.417568] kasan_save_track+0x18/0x40 [ 15.418501] kasan_save_alloc_info+0x3b/0x50 [ 15.418680] __kasan_kmalloc+0xb7/0xc0 [ 15.418832] __kmalloc_cache_noprof+0x189/0x420 [ 15.418999] kasan_atomics+0x95/0x310 [ 15.419269] kunit_try_run_case+0x1a5/0x480 [ 15.419460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.419723] kthread+0x337/0x6f0 [ 15.419903] ret_from_fork+0x116/0x1d0 [ 15.420066] ret_from_fork_asm+0x1a/0x30 [ 15.420266] [ 15.420350] The buggy address belongs to the object at ffff888103082e00 [ 15.420350] which belongs to the cache kmalloc-64 of size 64 [ 15.420952] The buggy address is located 0 bytes to the right of [ 15.420952] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.421468] [ 15.421543] The buggy address belongs to the physical page: [ 15.421714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.422278] flags: 0x200000000000000(node=0|zone=2) [ 15.422535] page_type: f5(slab) [ 15.422725] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.423340] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.424475] page dumped because: kasan: bad access detected [ 15.424718] [ 15.424812] Memory state around the buggy address: [ 15.425184] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.425537] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.425833] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.426148] ^ [ 15.426359] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.426879] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.427285] ================================================================== [ 15.428394] ================================================================== [ 15.428724] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.429151] Write of size 4 at addr ffff888103082e30 by task kunit_try_catch/282 [ 15.429755] [ 15.429887] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.429937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.429951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.429975] Call Trace: [ 15.429993] <TASK> [ 15.430010] dump_stack_lvl+0x73/0xb0 [ 15.430042] print_report+0xd1/0x610 [ 15.430069] ? __virt_addr_valid+0x1db/0x2d0 [ 15.430292] ? kasan_atomics_helper+0xc70/0x5450 [ 15.430318] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.430345] ? kasan_atomics_helper+0xc70/0x5450 [ 15.430370] kasan_report+0x141/0x180 [ 15.430394] ? kasan_atomics_helper+0xc70/0x5450 [ 15.430423] kasan_check_range+0x10c/0x1c0 [ 15.430465] __kasan_check_write+0x18/0x20 [ 15.430487] kasan_atomics_helper+0xc70/0x5450 [ 15.430512] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.430537] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.430565] ? kasan_atomics+0x152/0x310 [ 15.430594] kasan_atomics+0x1dc/0x310 [ 15.430618] ? __pfx_kasan_atomics+0x10/0x10 [ 15.430645] ? __pfx_read_tsc+0x10/0x10 [ 15.430669] ? ktime_get_ts64+0x86/0x230 [ 15.430697] kunit_try_run_case+0x1a5/0x480 [ 15.430724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.430750] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.430790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.430817] ? __kthread_parkme+0x82/0x180 [ 15.430839] ? preempt_count_sub+0x50/0x80 [ 15.430865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.430892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.430920] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.430948] kthread+0x337/0x6f0 [ 15.430968] ? trace_preempt_on+0x20/0xc0 [ 15.430993] ? __pfx_kthread+0x10/0x10 [ 15.431016] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.431039] ? calculate_sigpending+0x7b/0xa0 [ 15.431065] ? __pfx_kthread+0x10/0x10 [ 15.431089] ret_from_fork+0x116/0x1d0 [ 15.431109] ? __pfx_kthread+0x10/0x10 [ 15.431131] ret_from_fork_asm+0x1a/0x30 [ 15.431164] </TASK> [ 15.431175] [ 15.440906] Allocated by task 282: [ 15.441082] kasan_save_stack+0x45/0x70 [ 15.441288] kasan_save_track+0x18/0x40 [ 15.441485] kasan_save_alloc_info+0x3b/0x50 [ 15.441969] __kasan_kmalloc+0xb7/0xc0 [ 15.442223] __kmalloc_cache_noprof+0x189/0x420 [ 15.442402] kasan_atomics+0x95/0x310 [ 15.442731] kunit_try_run_case+0x1a5/0x480 [ 15.443010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.443313] kthread+0x337/0x6f0 [ 15.443549] ret_from_fork+0x116/0x1d0 [ 15.443734] ret_from_fork_asm+0x1a/0x30 [ 15.443931] [ 15.444033] The buggy address belongs to the object at ffff888103082e00 [ 15.444033] which belongs to the cache kmalloc-64 of size 64 [ 15.444782] The buggy address is located 0 bytes to the right of [ 15.444782] allocated 48-byte region [ffff888103082e00, ffff888103082e30) [ 15.445336] [ 15.445528] The buggy address belongs to the physical page: [ 15.445839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103082 [ 15.446143] flags: 0x200000000000000(node=0|zone=2) [ 15.446485] page_type: f5(slab) [ 15.446660] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.447135] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.447517] page dumped because: kasan: bad access detected [ 15.447842] [ 15.448001] Memory state around the buggy address: [ 15.448211] ffff888103082d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.448623] ffff888103082d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.448991] >ffff888103082e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.449358] ^ [ 15.449610] ffff888103082e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449923] ffff888103082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.450220] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.943863] ================================================================== [ 14.944323] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.944833] Read of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.945155] [ 14.945275] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.945320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.945332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.945353] Call Trace: [ 14.945366] <TASK> [ 14.945411] dump_stack_lvl+0x73/0xb0 [ 14.945450] print_report+0xd1/0x610 [ 14.945474] ? __virt_addr_valid+0x1db/0x2d0 [ 14.945520] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.945551] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.945576] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.945606] kasan_report+0x141/0x180 [ 14.945629] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.945664] kasan_check_range+0x10c/0x1c0 [ 14.945689] __kasan_check_read+0x15/0x20 [ 14.945709] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.945739] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.945781] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.945808] ? trace_hardirqs_on+0x37/0xe0 [ 14.945837] kasan_bitops_generic+0x121/0x1c0 [ 14.945863] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.945890] ? __pfx_read_tsc+0x10/0x10 [ 14.945911] ? ktime_get_ts64+0x86/0x230 [ 14.945936] kunit_try_run_case+0x1a5/0x480 [ 14.945961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.945985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.946011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.946036] ? __kthread_parkme+0x82/0x180 [ 14.946058] ? preempt_count_sub+0x50/0x80 [ 14.946083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.946109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.946134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.946160] kthread+0x337/0x6f0 [ 14.946180] ? trace_preempt_on+0x20/0xc0 [ 14.946203] ? __pfx_kthread+0x10/0x10 [ 14.946223] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.946246] ? calculate_sigpending+0x7b/0xa0 [ 14.946271] ? __pfx_kthread+0x10/0x10 [ 14.946294] ret_from_fork+0x116/0x1d0 [ 14.946313] ? __pfx_kthread+0x10/0x10 [ 14.946334] ret_from_fork_asm+0x1a/0x30 [ 14.946365] </TASK> [ 14.946376] [ 14.954833] Allocated by task 278: [ 14.955030] kasan_save_stack+0x45/0x70 [ 14.955269] kasan_save_track+0x18/0x40 [ 14.955492] kasan_save_alloc_info+0x3b/0x50 [ 14.955692] __kasan_kmalloc+0xb7/0xc0 [ 14.955920] __kmalloc_cache_noprof+0x189/0x420 [ 14.956161] kasan_bitops_generic+0x92/0x1c0 [ 14.956379] kunit_try_run_case+0x1a5/0x480 [ 14.956660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.956912] kthread+0x337/0x6f0 [ 14.957109] ret_from_fork+0x116/0x1d0 [ 14.957261] ret_from_fork_asm+0x1a/0x30 [ 14.957398] [ 14.957558] The buggy address belongs to the object at ffff888103a60000 [ 14.957558] which belongs to the cache kmalloc-16 of size 16 [ 14.958139] The buggy address is located 8 bytes inside of [ 14.958139] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.958677] [ 14.958752] The buggy address belongs to the physical page: [ 14.958979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.959324] flags: 0x200000000000000(node=0|zone=2) [ 14.959570] page_type: f5(slab) [ 14.959710] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.960186] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.960410] page dumped because: kasan: bad access detected [ 14.960982] [ 14.961077] Memory state around the buggy address: [ 14.961355] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.961739] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.961961] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.962213] ^ [ 14.962419] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.962817] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.963137] ================================================================== [ 14.800837] ================================================================== [ 14.801278] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.801702] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.802036] [ 14.802132] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.802176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.802188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.802207] Call Trace: [ 14.802222] <TASK> [ 14.802236] dump_stack_lvl+0x73/0xb0 [ 14.802266] print_report+0xd1/0x610 [ 14.802290] ? __virt_addr_valid+0x1db/0x2d0 [ 14.802314] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.802344] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.802369] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.802399] kasan_report+0x141/0x180 [ 14.802422] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.802493] kasan_check_range+0x10c/0x1c0 [ 14.802518] __kasan_check_write+0x18/0x20 [ 14.802538] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.802569] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.802603] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.802631] ? trace_hardirqs_on+0x37/0xe0 [ 14.802661] kasan_bitops_generic+0x121/0x1c0 [ 14.802716] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.802777] ? __pfx_read_tsc+0x10/0x10 [ 14.802823] ? ktime_get_ts64+0x86/0x230 [ 14.802872] kunit_try_run_case+0x1a5/0x480 [ 14.802898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.802968] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.802997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.803022] ? __kthread_parkme+0x82/0x180 [ 14.803045] ? preempt_count_sub+0x50/0x80 [ 14.803070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.803096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.803122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.803149] kthread+0x337/0x6f0 [ 14.803169] ? trace_preempt_on+0x20/0xc0 [ 14.803198] ? __pfx_kthread+0x10/0x10 [ 14.803220] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.803244] ? calculate_sigpending+0x7b/0xa0 [ 14.803270] ? __pfx_kthread+0x10/0x10 [ 14.803292] ret_from_fork+0x116/0x1d0 [ 14.803312] ? __pfx_kthread+0x10/0x10 [ 14.803333] ret_from_fork_asm+0x1a/0x30 [ 14.803364] </TASK> [ 14.803375] [ 14.812067] Allocated by task 278: [ 14.812310] kasan_save_stack+0x45/0x70 [ 14.812603] kasan_save_track+0x18/0x40 [ 14.812771] kasan_save_alloc_info+0x3b/0x50 [ 14.813025] __kasan_kmalloc+0xb7/0xc0 [ 14.813222] __kmalloc_cache_noprof+0x189/0x420 [ 14.813459] kasan_bitops_generic+0x92/0x1c0 [ 14.813746] kunit_try_run_case+0x1a5/0x480 [ 14.813982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.814250] kthread+0x337/0x6f0 [ 14.814426] ret_from_fork+0x116/0x1d0 [ 14.814639] ret_from_fork_asm+0x1a/0x30 [ 14.814868] [ 14.814996] The buggy address belongs to the object at ffff888103a60000 [ 14.814996] which belongs to the cache kmalloc-16 of size 16 [ 14.815389] The buggy address is located 8 bytes inside of [ 14.815389] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.816148] [ 14.816246] The buggy address belongs to the physical page: [ 14.816559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.816828] flags: 0x200000000000000(node=0|zone=2) [ 14.816995] page_type: f5(slab) [ 14.817142] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.817551] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.818116] page dumped because: kasan: bad access detected [ 14.818465] [ 14.818560] Memory state around the buggy address: [ 14.818801] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.819104] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.819323] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.819808] ^ [ 14.819986] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.820387] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.820740] ================================================================== [ 14.883626] ================================================================== [ 14.884110] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.884428] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.884884] [ 14.885339] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.885390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.885403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.885424] Call Trace: [ 14.885439] <TASK> [ 14.885455] dump_stack_lvl+0x73/0xb0 [ 14.885487] print_report+0xd1/0x610 [ 14.885510] ? __virt_addr_valid+0x1db/0x2d0 [ 14.885534] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.885565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.885590] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.885621] kasan_report+0x141/0x180 [ 14.885643] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.885678] kasan_check_range+0x10c/0x1c0 [ 14.885721] __kasan_check_write+0x18/0x20 [ 14.885743] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.885788] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.885819] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.885845] ? trace_hardirqs_on+0x37/0xe0 [ 14.885876] kasan_bitops_generic+0x121/0x1c0 [ 14.885901] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.885928] ? __pfx_read_tsc+0x10/0x10 [ 14.885948] ? ktime_get_ts64+0x86/0x230 [ 14.885974] kunit_try_run_case+0x1a5/0x480 [ 14.885999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.886023] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.886050] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.886075] ? __kthread_parkme+0x82/0x180 [ 14.886096] ? preempt_count_sub+0x50/0x80 [ 14.886121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.886147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.886173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.886199] kthread+0x337/0x6f0 [ 14.886219] ? trace_preempt_on+0x20/0xc0 [ 14.886395] ? __pfx_kthread+0x10/0x10 [ 14.886420] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.886445] ? calculate_sigpending+0x7b/0xa0 [ 14.886471] ? __pfx_kthread+0x10/0x10 [ 14.886493] ret_from_fork+0x116/0x1d0 [ 14.886513] ? __pfx_kthread+0x10/0x10 [ 14.886534] ret_from_fork_asm+0x1a/0x30 [ 14.886566] </TASK> [ 14.886577] [ 14.894495] Allocated by task 278: [ 14.894643] kasan_save_stack+0x45/0x70 [ 14.895212] kasan_save_track+0x18/0x40 [ 14.895442] kasan_save_alloc_info+0x3b/0x50 [ 14.895687] __kasan_kmalloc+0xb7/0xc0 [ 14.895894] __kmalloc_cache_noprof+0x189/0x420 [ 14.896152] kasan_bitops_generic+0x92/0x1c0 [ 14.896405] kunit_try_run_case+0x1a5/0x480 [ 14.896640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.896936] kthread+0x337/0x6f0 [ 14.897056] ret_from_fork+0x116/0x1d0 [ 14.897219] ret_from_fork_asm+0x1a/0x30 [ 14.897413] [ 14.897507] The buggy address belongs to the object at ffff888103a60000 [ 14.897507] which belongs to the cache kmalloc-16 of size 16 [ 14.898005] The buggy address is located 8 bytes inside of [ 14.898005] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.898660] [ 14.898780] The buggy address belongs to the physical page: [ 14.899014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.899343] flags: 0x200000000000000(node=0|zone=2) [ 14.899506] page_type: f5(slab) [ 14.899646] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.900217] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.900659] page dumped because: kasan: bad access detected [ 14.900946] [ 14.901039] Memory state around the buggy address: [ 14.901264] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.901616] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.901881] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.902164] ^ [ 14.902399] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.902733] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.903062] ================================================================== [ 14.903939] ================================================================== [ 14.904317] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.904776] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.905097] [ 14.905266] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.905357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.905370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.905391] Call Trace: [ 14.905408] <TASK> [ 14.905424] dump_stack_lvl+0x73/0xb0 [ 14.905454] print_report+0xd1/0x610 [ 14.905478] ? __virt_addr_valid+0x1db/0x2d0 [ 14.905502] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.905532] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.905558] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.905588] kasan_report+0x141/0x180 [ 14.905645] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.905739] kasan_check_range+0x10c/0x1c0 [ 14.905777] __kasan_check_write+0x18/0x20 [ 14.905827] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.905858] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.905889] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.905915] ? trace_hardirqs_on+0x37/0xe0 [ 14.905972] kasan_bitops_generic+0x121/0x1c0 [ 14.906021] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.906071] ? __pfx_read_tsc+0x10/0x10 [ 14.906138] ? ktime_get_ts64+0x86/0x230 [ 14.906164] kunit_try_run_case+0x1a5/0x480 [ 14.906189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.906213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.906239] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.906264] ? __kthread_parkme+0x82/0x180 [ 14.906286] ? preempt_count_sub+0x50/0x80 [ 14.906310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.906336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.906362] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.906388] kthread+0x337/0x6f0 [ 14.906408] ? trace_preempt_on+0x20/0xc0 [ 14.906431] ? __pfx_kthread+0x10/0x10 [ 14.906452] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.906474] ? calculate_sigpending+0x7b/0xa0 [ 14.906499] ? __pfx_kthread+0x10/0x10 [ 14.906521] ret_from_fork+0x116/0x1d0 [ 14.906551] ? __pfx_kthread+0x10/0x10 [ 14.906571] ret_from_fork_asm+0x1a/0x30 [ 14.906603] </TASK> [ 14.906614] [ 14.914987] Allocated by task 278: [ 14.915174] kasan_save_stack+0x45/0x70 [ 14.915377] kasan_save_track+0x18/0x40 [ 14.915618] kasan_save_alloc_info+0x3b/0x50 [ 14.915832] __kasan_kmalloc+0xb7/0xc0 [ 14.916056] __kmalloc_cache_noprof+0x189/0x420 [ 14.916286] kasan_bitops_generic+0x92/0x1c0 [ 14.916539] kunit_try_run_case+0x1a5/0x480 [ 14.916785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.917051] kthread+0x337/0x6f0 [ 14.917234] ret_from_fork+0x116/0x1d0 [ 14.917408] ret_from_fork_asm+0x1a/0x30 [ 14.917623] [ 14.917721] The buggy address belongs to the object at ffff888103a60000 [ 14.917721] which belongs to the cache kmalloc-16 of size 16 [ 14.918260] The buggy address is located 8 bytes inside of [ 14.918260] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.918720] [ 14.918807] The buggy address belongs to the physical page: [ 14.918975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.919215] flags: 0x200000000000000(node=0|zone=2) [ 14.919469] page_type: f5(slab) [ 14.919642] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.919991] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.920328] page dumped because: kasan: bad access detected [ 14.920852] [ 14.920953] Memory state around the buggy address: [ 14.921185] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.921524] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.921872] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.922184] ^ [ 14.922306] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.922565] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.922983] ================================================================== [ 14.842426] ================================================================== [ 14.842744] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.843303] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.843748] [ 14.843874] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.843919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.843930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.843987] Call Trace: [ 14.844003] <TASK> [ 14.844042] dump_stack_lvl+0x73/0xb0 [ 14.844076] print_report+0xd1/0x610 [ 14.844099] ? __virt_addr_valid+0x1db/0x2d0 [ 14.844124] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.844155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.844181] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.844244] kasan_report+0x141/0x180 [ 14.844267] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.844302] kasan_check_range+0x10c/0x1c0 [ 14.844327] __kasan_check_write+0x18/0x20 [ 14.844347] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.844408] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.844440] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.844468] ? trace_hardirqs_on+0x37/0xe0 [ 14.844539] kasan_bitops_generic+0x121/0x1c0 [ 14.844568] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.844597] ? __pfx_read_tsc+0x10/0x10 [ 14.844619] ? ktime_get_ts64+0x86/0x230 [ 14.844645] kunit_try_run_case+0x1a5/0x480 [ 14.844697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.844805] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.844830] ? __kthread_parkme+0x82/0x180 [ 14.844851] ? preempt_count_sub+0x50/0x80 [ 14.844876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.844928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.844955] kthread+0x337/0x6f0 [ 14.844974] ? trace_preempt_on+0x20/0xc0 [ 14.844998] ? __pfx_kthread+0x10/0x10 [ 14.845019] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.845040] ? calculate_sigpending+0x7b/0xa0 [ 14.845066] ? __pfx_kthread+0x10/0x10 [ 14.845088] ret_from_fork+0x116/0x1d0 [ 14.845106] ? __pfx_kthread+0x10/0x10 [ 14.845127] ret_from_fork_asm+0x1a/0x30 [ 14.845159] </TASK> [ 14.845169] [ 14.853955] Allocated by task 278: [ 14.854149] kasan_save_stack+0x45/0x70 [ 14.854358] kasan_save_track+0x18/0x40 [ 14.854545] kasan_save_alloc_info+0x3b/0x50 [ 14.854711] __kasan_kmalloc+0xb7/0xc0 [ 14.854939] __kmalloc_cache_noprof+0x189/0x420 [ 14.855159] kasan_bitops_generic+0x92/0x1c0 [ 14.855326] kunit_try_run_case+0x1a5/0x480 [ 14.855580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.855885] kthread+0x337/0x6f0 [ 14.856009] ret_from_fork+0x116/0x1d0 [ 14.856228] ret_from_fork_asm+0x1a/0x30 [ 14.856443] [ 14.856552] The buggy address belongs to the object at ffff888103a60000 [ 14.856552] which belongs to the cache kmalloc-16 of size 16 [ 14.857143] The buggy address is located 8 bytes inside of [ 14.857143] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.857734] [ 14.857842] The buggy address belongs to the physical page: [ 14.858096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.858463] flags: 0x200000000000000(node=0|zone=2) [ 14.858753] page_type: f5(slab) [ 14.858916] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.859295] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.859654] page dumped because: kasan: bad access detected [ 14.859920] [ 14.860027] Memory state around the buggy address: [ 14.860227] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.860598] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.860895] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.861241] ^ [ 14.861399] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.861703] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.862069] ================================================================== [ 14.963889] ================================================================== [ 14.964374] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.964774] Read of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.965230] [ 14.965328] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.965449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.965484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.965549] Call Trace: [ 14.965563] <TASK> [ 14.965600] dump_stack_lvl+0x73/0xb0 [ 14.965653] print_report+0xd1/0x610 [ 14.965677] ? __virt_addr_valid+0x1db/0x2d0 [ 14.965700] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.965730] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.965755] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.965797] kasan_report+0x141/0x180 [ 14.965820] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.965854] __asan_report_load8_noabort+0x18/0x20 [ 14.965880] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.965911] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.965943] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.965969] ? trace_hardirqs_on+0x37/0xe0 [ 14.965996] kasan_bitops_generic+0x121/0x1c0 [ 14.966033] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.966060] ? __pfx_read_tsc+0x10/0x10 [ 14.966081] ? ktime_get_ts64+0x86/0x230 [ 14.966106] kunit_try_run_case+0x1a5/0x480 [ 14.966161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.966185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.966211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.966236] ? __kthread_parkme+0x82/0x180 [ 14.966257] ? preempt_count_sub+0x50/0x80 [ 14.966282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.966308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.966333] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.966359] kthread+0x337/0x6f0 [ 14.966380] ? trace_preempt_on+0x20/0xc0 [ 14.966434] ? __pfx_kthread+0x10/0x10 [ 14.966466] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.966489] ? calculate_sigpending+0x7b/0xa0 [ 14.966514] ? __pfx_kthread+0x10/0x10 [ 14.966535] ret_from_fork+0x116/0x1d0 [ 14.966554] ? __pfx_kthread+0x10/0x10 [ 14.966576] ret_from_fork_asm+0x1a/0x30 [ 14.966639] </TASK> [ 14.966651] [ 14.975194] Allocated by task 278: [ 14.975378] kasan_save_stack+0x45/0x70 [ 14.975587] kasan_save_track+0x18/0x40 [ 14.975797] kasan_save_alloc_info+0x3b/0x50 [ 14.976020] __kasan_kmalloc+0xb7/0xc0 [ 14.976215] __kmalloc_cache_noprof+0x189/0x420 [ 14.976448] kasan_bitops_generic+0x92/0x1c0 [ 14.976703] kunit_try_run_case+0x1a5/0x480 [ 14.977016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.977312] kthread+0x337/0x6f0 [ 14.977489] ret_from_fork+0x116/0x1d0 [ 14.977712] ret_from_fork_asm+0x1a/0x30 [ 14.977882] [ 14.977962] The buggy address belongs to the object at ffff888103a60000 [ 14.977962] which belongs to the cache kmalloc-16 of size 16 [ 14.978374] The buggy address is located 8 bytes inside of [ 14.978374] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.979001] [ 14.979072] The buggy address belongs to the physical page: [ 14.979241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.979624] flags: 0x200000000000000(node=0|zone=2) [ 14.979869] page_type: f5(slab) [ 14.980040] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.980417] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.980756] page dumped because: kasan: bad access detected [ 14.981023] [ 14.981147] Memory state around the buggy address: [ 14.981363] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.981680] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.981901] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.982108] ^ [ 14.982225] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.982432] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.982648] ================================================================== [ 14.923904] ================================================================== [ 14.924443] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.925016] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.925352] [ 14.925444] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.925489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.925501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.925524] Call Trace: [ 14.925537] <TASK> [ 14.925553] dump_stack_lvl+0x73/0xb0 [ 14.925584] print_report+0xd1/0x610 [ 14.925606] ? __virt_addr_valid+0x1db/0x2d0 [ 14.925632] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.925662] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.925688] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.925718] kasan_report+0x141/0x180 [ 14.925741] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.925786] kasan_check_range+0x10c/0x1c0 [ 14.925811] __kasan_check_write+0x18/0x20 [ 14.925831] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.925861] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.925893] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.925922] ? trace_hardirqs_on+0x37/0xe0 [ 14.925951] kasan_bitops_generic+0x121/0x1c0 [ 14.925977] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.926003] ? __pfx_read_tsc+0x10/0x10 [ 14.926026] ? ktime_get_ts64+0x86/0x230 [ 14.926052] kunit_try_run_case+0x1a5/0x480 [ 14.926078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.926102] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.926128] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.926153] ? __kthread_parkme+0x82/0x180 [ 14.926175] ? preempt_count_sub+0x50/0x80 [ 14.926200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.926226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.926251] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.926277] kthread+0x337/0x6f0 [ 14.926297] ? trace_preempt_on+0x20/0xc0 [ 14.926320] ? __pfx_kthread+0x10/0x10 [ 14.926341] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.926363] ? calculate_sigpending+0x7b/0xa0 [ 14.926388] ? __pfx_kthread+0x10/0x10 [ 14.926410] ret_from_fork+0x116/0x1d0 [ 14.926429] ? __pfx_kthread+0x10/0x10 [ 14.926450] ret_from_fork_asm+0x1a/0x30 [ 14.926481] </TASK> [ 14.926491] [ 14.935394] Allocated by task 278: [ 14.935614] kasan_save_stack+0x45/0x70 [ 14.935841] kasan_save_track+0x18/0x40 [ 14.936024] kasan_save_alloc_info+0x3b/0x50 [ 14.936190] __kasan_kmalloc+0xb7/0xc0 [ 14.936319] __kmalloc_cache_noprof+0x189/0x420 [ 14.936565] kasan_bitops_generic+0x92/0x1c0 [ 14.936788] kunit_try_run_case+0x1a5/0x480 [ 14.936999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.937278] kthread+0x337/0x6f0 [ 14.937494] ret_from_fork+0x116/0x1d0 [ 14.937723] ret_from_fork_asm+0x1a/0x30 [ 14.937871] [ 14.937941] The buggy address belongs to the object at ffff888103a60000 [ 14.937941] which belongs to the cache kmalloc-16 of size 16 [ 14.938375] The buggy address is located 8 bytes inside of [ 14.938375] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.939046] [ 14.939213] The buggy address belongs to the physical page: [ 14.939416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.939834] flags: 0x200000000000000(node=0|zone=2) [ 14.939996] page_type: f5(slab) [ 14.940113] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.940383] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.940705] page dumped because: kasan: bad access detected [ 14.940958] [ 14.941049] Memory state around the buggy address: [ 14.941390] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.941698] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.941938] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.942145] ^ [ 14.942265] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.942672] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.943072] ================================================================== [ 14.821603] ================================================================== [ 14.821970] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.822927] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.823259] [ 14.823388] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.823437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.823451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.823473] Call Trace: [ 14.823490] <TASK> [ 14.823507] dump_stack_lvl+0x73/0xb0 [ 14.823538] print_report+0xd1/0x610 [ 14.823598] ? __virt_addr_valid+0x1db/0x2d0 [ 14.823622] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.823653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.823678] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.823739] kasan_report+0x141/0x180 [ 14.823773] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.823810] kasan_check_range+0x10c/0x1c0 [ 14.823836] __kasan_check_write+0x18/0x20 [ 14.823887] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.823919] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.823950] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.823976] ? trace_hardirqs_on+0x37/0xe0 [ 14.824006] kasan_bitops_generic+0x121/0x1c0 [ 14.824031] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.824058] ? __pfx_read_tsc+0x10/0x10 [ 14.824079] ? ktime_get_ts64+0x86/0x230 [ 14.824133] kunit_try_run_case+0x1a5/0x480 [ 14.824183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.824207] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.824234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.824259] ? __kthread_parkme+0x82/0x180 [ 14.824281] ? preempt_count_sub+0x50/0x80 [ 14.824306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.824333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.824359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.824385] kthread+0x337/0x6f0 [ 14.824406] ? trace_preempt_on+0x20/0xc0 [ 14.824429] ? __pfx_kthread+0x10/0x10 [ 14.824461] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.824483] ? calculate_sigpending+0x7b/0xa0 [ 14.824509] ? __pfx_kthread+0x10/0x10 [ 14.824531] ret_from_fork+0x116/0x1d0 [ 14.824550] ? __pfx_kthread+0x10/0x10 [ 14.824572] ret_from_fork_asm+0x1a/0x30 [ 14.824603] </TASK> [ 14.824614] [ 14.833114] Allocated by task 278: [ 14.833321] kasan_save_stack+0x45/0x70 [ 14.833549] kasan_save_track+0x18/0x40 [ 14.833793] kasan_save_alloc_info+0x3b/0x50 [ 14.834029] __kasan_kmalloc+0xb7/0xc0 [ 14.834238] __kmalloc_cache_noprof+0x189/0x420 [ 14.834470] kasan_bitops_generic+0x92/0x1c0 [ 14.834658] kunit_try_run_case+0x1a5/0x480 [ 14.834912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.835197] kthread+0x337/0x6f0 [ 14.835357] ret_from_fork+0x116/0x1d0 [ 14.835635] ret_from_fork_asm+0x1a/0x30 [ 14.835823] [ 14.835914] The buggy address belongs to the object at ffff888103a60000 [ 14.835914] which belongs to the cache kmalloc-16 of size 16 [ 14.836386] The buggy address is located 8 bytes inside of [ 14.836386] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.836781] [ 14.836881] The buggy address belongs to the physical page: [ 14.837131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.837498] flags: 0x200000000000000(node=0|zone=2) [ 14.837936] page_type: f5(slab) [ 14.838058] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.838282] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.838717] page dumped because: kasan: bad access detected [ 14.838979] [ 14.839143] Memory state around the buggy address: [ 14.839398] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.839734] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.840194] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.840397] ^ [ 14.840692] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.841019] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.841326] ================================================================== [ 14.862768] ================================================================== [ 14.863107] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.863742] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.863985] [ 14.864069] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.864113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.864125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.864147] Call Trace: [ 14.864159] <TASK> [ 14.864173] dump_stack_lvl+0x73/0xb0 [ 14.864249] print_report+0xd1/0x610 [ 14.864273] ? __virt_addr_valid+0x1db/0x2d0 [ 14.864298] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.864329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.864383] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.864415] kasan_report+0x141/0x180 [ 14.864438] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.864482] kasan_check_range+0x10c/0x1c0 [ 14.864536] __kasan_check_write+0x18/0x20 [ 14.864556] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.864587] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.864618] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.864645] ? trace_hardirqs_on+0x37/0xe0 [ 14.864697] kasan_bitops_generic+0x121/0x1c0 [ 14.864723] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.864749] ? __pfx_read_tsc+0x10/0x10 [ 14.864782] ? ktime_get_ts64+0x86/0x230 [ 14.864806] kunit_try_run_case+0x1a5/0x480 [ 14.864832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.864856] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.864883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.864907] ? __kthread_parkme+0x82/0x180 [ 14.864930] ? preempt_count_sub+0x50/0x80 [ 14.864954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.864980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.865007] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.865033] kthread+0x337/0x6f0 [ 14.865053] ? trace_preempt_on+0x20/0xc0 [ 14.865076] ? __pfx_kthread+0x10/0x10 [ 14.865098] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.865120] ? calculate_sigpending+0x7b/0xa0 [ 14.865145] ? __pfx_kthread+0x10/0x10 [ 14.865167] ret_from_fork+0x116/0x1d0 [ 14.865186] ? __pfx_kthread+0x10/0x10 [ 14.865207] ret_from_fork_asm+0x1a/0x30 [ 14.865238] </TASK> [ 14.865249] [ 14.873580] Allocated by task 278: [ 14.873802] kasan_save_stack+0x45/0x70 [ 14.874020] kasan_save_track+0x18/0x40 [ 14.874246] kasan_save_alloc_info+0x3b/0x50 [ 14.874431] __kasan_kmalloc+0xb7/0xc0 [ 14.874649] __kmalloc_cache_noprof+0x189/0x420 [ 14.874879] kasan_bitops_generic+0x92/0x1c0 [ 14.875044] kunit_try_run_case+0x1a5/0x480 [ 14.875192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.875390] kthread+0x337/0x6f0 [ 14.875521] ret_from_fork+0x116/0x1d0 [ 14.875650] ret_from_fork_asm+0x1a/0x30 [ 14.875794] [ 14.875864] The buggy address belongs to the object at ffff888103a60000 [ 14.875864] which belongs to the cache kmalloc-16 of size 16 [ 14.876657] The buggy address is located 8 bytes inside of [ 14.876657] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.877178] [ 14.877272] The buggy address belongs to the physical page: [ 14.877587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.877833] flags: 0x200000000000000(node=0|zone=2) [ 14.877993] page_type: f5(slab) [ 14.878110] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.878333] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.878628] page dumped because: kasan: bad access detected [ 14.878999] [ 14.879141] Memory state around the buggy address: [ 14.879418] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.879873] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.880215] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.880423] ^ [ 14.882441] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.882718] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.882951] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.741116] ================================================================== [ 14.741392] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.742139] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.742367] [ 14.742502] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.742583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.742596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.742617] Call Trace: [ 14.742634] <TASK> [ 14.742648] dump_stack_lvl+0x73/0xb0 [ 14.742680] print_report+0xd1/0x610 [ 14.742735] ? __virt_addr_valid+0x1db/0x2d0 [ 14.742770] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.742798] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.742823] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.742883] kasan_report+0x141/0x180 [ 14.742906] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.742939] kasan_check_range+0x10c/0x1c0 [ 14.742964] __kasan_check_write+0x18/0x20 [ 14.742985] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.743045] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.743074] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.743099] ? trace_hardirqs_on+0x37/0xe0 [ 14.743128] kasan_bitops_generic+0x116/0x1c0 [ 14.743154] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.743187] ? __pfx_read_tsc+0x10/0x10 [ 14.743209] ? ktime_get_ts64+0x86/0x230 [ 14.743234] kunit_try_run_case+0x1a5/0x480 [ 14.743259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.743283] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.743362] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.743411] ? __kthread_parkme+0x82/0x180 [ 14.743457] ? preempt_count_sub+0x50/0x80 [ 14.743482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.743508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.743535] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.743562] kthread+0x337/0x6f0 [ 14.743581] ? trace_preempt_on+0x20/0xc0 [ 14.743604] ? __pfx_kthread+0x10/0x10 [ 14.743625] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.743649] ? calculate_sigpending+0x7b/0xa0 [ 14.743674] ? __pfx_kthread+0x10/0x10 [ 14.743696] ret_from_fork+0x116/0x1d0 [ 14.743715] ? __pfx_kthread+0x10/0x10 [ 14.743737] ret_from_fork_asm+0x1a/0x30 [ 14.743777] </TASK> [ 14.743818] [ 14.752249] Allocated by task 278: [ 14.752444] kasan_save_stack+0x45/0x70 [ 14.752687] kasan_save_track+0x18/0x40 [ 14.752985] kasan_save_alloc_info+0x3b/0x50 [ 14.753204] __kasan_kmalloc+0xb7/0xc0 [ 14.753390] __kmalloc_cache_noprof+0x189/0x420 [ 14.753607] kasan_bitops_generic+0x92/0x1c0 [ 14.753981] kunit_try_run_case+0x1a5/0x480 [ 14.754165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.754454] kthread+0x337/0x6f0 [ 14.754634] ret_from_fork+0x116/0x1d0 [ 14.754829] ret_from_fork_asm+0x1a/0x30 [ 14.755035] [ 14.755164] The buggy address belongs to the object at ffff888103a60000 [ 14.755164] which belongs to the cache kmalloc-16 of size 16 [ 14.755715] The buggy address is located 8 bytes inside of [ 14.755715] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.756247] [ 14.756359] The buggy address belongs to the physical page: [ 14.756788] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.757133] flags: 0x200000000000000(node=0|zone=2) [ 14.757414] page_type: f5(slab) [ 14.757635] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.757962] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.758313] page dumped because: kasan: bad access detected [ 14.758647] [ 14.758739] Memory state around the buggy address: [ 14.758992] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.759347] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.759722] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.760055] ^ [ 14.760248] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.760497] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.760719] ================================================================== [ 14.660332] ================================================================== [ 14.661175] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.661656] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.661967] [ 14.662080] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.662127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.662140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.662181] Call Trace: [ 14.662210] <TASK> [ 14.662226] dump_stack_lvl+0x73/0xb0 [ 14.662258] print_report+0xd1/0x610 [ 14.662282] ? __virt_addr_valid+0x1db/0x2d0 [ 14.662308] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.662337] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.662363] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.662391] kasan_report+0x141/0x180 [ 14.662415] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.662448] kasan_check_range+0x10c/0x1c0 [ 14.662473] __kasan_check_write+0x18/0x20 [ 14.662494] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.662544] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.662574] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.662621] ? trace_hardirqs_on+0x37/0xe0 [ 14.662652] kasan_bitops_generic+0x116/0x1c0 [ 14.662679] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.662707] ? __pfx_read_tsc+0x10/0x10 [ 14.662730] ? ktime_get_ts64+0x86/0x230 [ 14.662755] kunit_try_run_case+0x1a5/0x480 [ 14.662791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.662834] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.662862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.662888] ? __kthread_parkme+0x82/0x180 [ 14.662910] ? preempt_count_sub+0x50/0x80 [ 14.662936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.662963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.662991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.663018] kthread+0x337/0x6f0 [ 14.663038] ? trace_preempt_on+0x20/0xc0 [ 14.663061] ? __pfx_kthread+0x10/0x10 [ 14.663082] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.663105] ? calculate_sigpending+0x7b/0xa0 [ 14.663130] ? __pfx_kthread+0x10/0x10 [ 14.663152] ret_from_fork+0x116/0x1d0 [ 14.663170] ? __pfx_kthread+0x10/0x10 [ 14.663198] ret_from_fork_asm+0x1a/0x30 [ 14.663229] </TASK> [ 14.663240] [ 14.671322] Allocated by task 278: [ 14.671616] kasan_save_stack+0x45/0x70 [ 14.671835] kasan_save_track+0x18/0x40 [ 14.672086] kasan_save_alloc_info+0x3b/0x50 [ 14.672328] __kasan_kmalloc+0xb7/0xc0 [ 14.672609] __kmalloc_cache_noprof+0x189/0x420 [ 14.672877] kasan_bitops_generic+0x92/0x1c0 [ 14.673127] kunit_try_run_case+0x1a5/0x480 [ 14.673340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.673699] kthread+0x337/0x6f0 [ 14.673848] ret_from_fork+0x116/0x1d0 [ 14.674067] ret_from_fork_asm+0x1a/0x30 [ 14.674269] [ 14.674376] The buggy address belongs to the object at ffff888103a60000 [ 14.674376] which belongs to the cache kmalloc-16 of size 16 [ 14.674990] The buggy address is located 8 bytes inside of [ 14.674990] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.675510] [ 14.675644] The buggy address belongs to the physical page: [ 14.675906] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.676259] flags: 0x200000000000000(node=0|zone=2) [ 14.676544] page_type: f5(slab) [ 14.676716] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.677077] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.677420] page dumped because: kasan: bad access detected [ 14.677666] [ 14.677802] Memory state around the buggy address: [ 14.678000] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.678238] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.678488] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.678847] ^ [ 14.679017] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.679375] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.679730] ================================================================== [ 14.701477] ================================================================== [ 14.701801] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.702271] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.702614] [ 14.702752] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.702808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.702848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.702893] Call Trace: [ 14.702927] <TASK> [ 14.702985] dump_stack_lvl+0x73/0xb0 [ 14.703060] print_report+0xd1/0x610 [ 14.703131] ? __virt_addr_valid+0x1db/0x2d0 [ 14.703159] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.703192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.703217] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.703246] kasan_report+0x141/0x180 [ 14.703270] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.703303] kasan_check_range+0x10c/0x1c0 [ 14.703328] __kasan_check_write+0x18/0x20 [ 14.703349] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.703378] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.703407] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.703433] ? trace_hardirqs_on+0x37/0xe0 [ 14.703463] kasan_bitops_generic+0x116/0x1c0 [ 14.703489] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.703516] ? __pfx_read_tsc+0x10/0x10 [ 14.703537] ? ktime_get_ts64+0x86/0x230 [ 14.703561] kunit_try_run_case+0x1a5/0x480 [ 14.703595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.703620] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.703646] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.703671] ? __kthread_parkme+0x82/0x180 [ 14.703693] ? preempt_count_sub+0x50/0x80 [ 14.703753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.703790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.703816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.703843] kthread+0x337/0x6f0 [ 14.703864] ? trace_preempt_on+0x20/0xc0 [ 14.703914] ? __pfx_kthread+0x10/0x10 [ 14.703959] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.704005] ? calculate_sigpending+0x7b/0xa0 [ 14.704031] ? __pfx_kthread+0x10/0x10 [ 14.704076] ret_from_fork+0x116/0x1d0 [ 14.704120] ? __pfx_kthread+0x10/0x10 [ 14.704141] ret_from_fork_asm+0x1a/0x30 [ 14.704173] </TASK> [ 14.704183] [ 14.712687] Allocated by task 278: [ 14.712912] kasan_save_stack+0x45/0x70 [ 14.713138] kasan_save_track+0x18/0x40 [ 14.713344] kasan_save_alloc_info+0x3b/0x50 [ 14.713608] __kasan_kmalloc+0xb7/0xc0 [ 14.713803] __kmalloc_cache_noprof+0x189/0x420 [ 14.713987] kasan_bitops_generic+0x92/0x1c0 [ 14.714228] kunit_try_run_case+0x1a5/0x480 [ 14.714403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.714708] kthread+0x337/0x6f0 [ 14.714892] ret_from_fork+0x116/0x1d0 [ 14.715112] ret_from_fork_asm+0x1a/0x30 [ 14.715317] [ 14.715412] The buggy address belongs to the object at ffff888103a60000 [ 14.715412] which belongs to the cache kmalloc-16 of size 16 [ 14.715892] The buggy address is located 8 bytes inside of [ 14.715892] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.716231] [ 14.716302] The buggy address belongs to the physical page: [ 14.716680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.717325] flags: 0x200000000000000(node=0|zone=2) [ 14.717567] page_type: f5(slab) [ 14.717687] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.717922] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.718143] page dumped because: kasan: bad access detected [ 14.718311] [ 14.718447] Memory state around the buggy address: [ 14.718711] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.719147] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.719592] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.719951] ^ [ 14.720125] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.720445] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.720755] ================================================================== [ 14.630598] ================================================================== [ 14.632016] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.632408] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.633011] [ 14.633140] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.633192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.633204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.633228] Call Trace: [ 14.633242] <TASK> [ 14.633261] dump_stack_lvl+0x73/0xb0 [ 14.633297] print_report+0xd1/0x610 [ 14.633323] ? __virt_addr_valid+0x1db/0x2d0 [ 14.633350] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.633380] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.633405] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.633584] kasan_report+0x141/0x180 [ 14.633720] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.633770] kasan_check_range+0x10c/0x1c0 [ 14.633795] __kasan_check_write+0x18/0x20 [ 14.633817] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.633845] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.633874] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.633902] ? trace_hardirqs_on+0x37/0xe0 [ 14.633934] kasan_bitops_generic+0x116/0x1c0 [ 14.633960] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.633987] ? __pfx_read_tsc+0x10/0x10 [ 14.634010] ? ktime_get_ts64+0x86/0x230 [ 14.634037] kunit_try_run_case+0x1a5/0x480 [ 14.634066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.634091] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.634119] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.634144] ? __kthread_parkme+0x82/0x180 [ 14.634167] ? preempt_count_sub+0x50/0x80 [ 14.634192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.634218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.634243] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.634271] kthread+0x337/0x6f0 [ 14.634291] ? trace_preempt_on+0x20/0xc0 [ 14.634314] ? __pfx_kthread+0x10/0x10 [ 14.634335] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.634357] ? calculate_sigpending+0x7b/0xa0 [ 14.634383] ? __pfx_kthread+0x10/0x10 [ 14.634405] ret_from_fork+0x116/0x1d0 [ 14.634425] ? __pfx_kthread+0x10/0x10 [ 14.634459] ret_from_fork_asm+0x1a/0x30 [ 14.634492] </TASK> [ 14.634503] [ 14.646789] Allocated by task 278: [ 14.647156] kasan_save_stack+0x45/0x70 [ 14.647560] kasan_save_track+0x18/0x40 [ 14.648062] kasan_save_alloc_info+0x3b/0x50 [ 14.648462] __kasan_kmalloc+0xb7/0xc0 [ 14.648853] __kmalloc_cache_noprof+0x189/0x420 [ 14.649269] kasan_bitops_generic+0x92/0x1c0 [ 14.649554] kunit_try_run_case+0x1a5/0x480 [ 14.649844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.650021] kthread+0x337/0x6f0 [ 14.650141] ret_from_fork+0x116/0x1d0 [ 14.650273] ret_from_fork_asm+0x1a/0x30 [ 14.650412] [ 14.650517] The buggy address belongs to the object at ffff888103a60000 [ 14.650517] which belongs to the cache kmalloc-16 of size 16 [ 14.651932] The buggy address is located 8 bytes inside of [ 14.651932] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.653292] [ 14.653556] The buggy address belongs to the physical page: [ 14.654119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.654878] flags: 0x200000000000000(node=0|zone=2) [ 14.655049] page_type: f5(slab) [ 14.655174] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.655407] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.656250] page dumped because: kasan: bad access detected [ 14.656920] [ 14.657141] Memory state around the buggy address: [ 14.657674] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.658378] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.658822] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.659036] ^ [ 14.659159] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.659376] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.659601] ================================================================== [ 14.721272] ================================================================== [ 14.721693] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.722217] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.722572] [ 14.722713] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.722756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.722779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.722800] Call Trace: [ 14.722814] <TASK> [ 14.722826] dump_stack_lvl+0x73/0xb0 [ 14.722894] print_report+0xd1/0x610 [ 14.722919] ? __virt_addr_valid+0x1db/0x2d0 [ 14.722942] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.722970] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.723025] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.723055] kasan_report+0x141/0x180 [ 14.723078] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.723111] kasan_check_range+0x10c/0x1c0 [ 14.723136] __kasan_check_write+0x18/0x20 [ 14.723190] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.723220] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.723249] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.723275] ? trace_hardirqs_on+0x37/0xe0 [ 14.723336] kasan_bitops_generic+0x116/0x1c0 [ 14.723363] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.723390] ? __pfx_read_tsc+0x10/0x10 [ 14.723412] ? ktime_get_ts64+0x86/0x230 [ 14.723437] kunit_try_run_case+0x1a5/0x480 [ 14.723490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.723514] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.723540] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.723565] ? __kthread_parkme+0x82/0x180 [ 14.723587] ? preempt_count_sub+0x50/0x80 [ 14.723612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.723639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.723665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.723691] kthread+0x337/0x6f0 [ 14.723710] ? trace_preempt_on+0x20/0xc0 [ 14.723773] ? __pfx_kthread+0x10/0x10 [ 14.723801] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.723825] ? calculate_sigpending+0x7b/0xa0 [ 14.723851] ? __pfx_kthread+0x10/0x10 [ 14.723873] ret_from_fork+0x116/0x1d0 [ 14.723893] ? __pfx_kthread+0x10/0x10 [ 14.723943] ret_from_fork_asm+0x1a/0x30 [ 14.723974] </TASK> [ 14.723984] [ 14.732216] Allocated by task 278: [ 14.732456] kasan_save_stack+0x45/0x70 [ 14.732716] kasan_save_track+0x18/0x40 [ 14.732948] kasan_save_alloc_info+0x3b/0x50 [ 14.733164] __kasan_kmalloc+0xb7/0xc0 [ 14.733384] __kmalloc_cache_noprof+0x189/0x420 [ 14.733695] kasan_bitops_generic+0x92/0x1c0 [ 14.733903] kunit_try_run_case+0x1a5/0x480 [ 14.734050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.734331] kthread+0x337/0x6f0 [ 14.734569] ret_from_fork+0x116/0x1d0 [ 14.734801] ret_from_fork_asm+0x1a/0x30 [ 14.735023] [ 14.735108] The buggy address belongs to the object at ffff888103a60000 [ 14.735108] which belongs to the cache kmalloc-16 of size 16 [ 14.735698] The buggy address is located 8 bytes inside of [ 14.735698] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.736216] [ 14.736347] The buggy address belongs to the physical page: [ 14.736623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.736999] flags: 0x200000000000000(node=0|zone=2) [ 14.737249] page_type: f5(slab) [ 14.737408] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.737775] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.738117] page dumped because: kasan: bad access detected [ 14.738368] [ 14.738453] Memory state around the buggy address: [ 14.738691] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.739011] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.739229] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.739535] ^ [ 14.739706] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.740023] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.740584] ================================================================== [ 14.761702] ================================================================== [ 14.762131] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.762447] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.762674] [ 14.762770] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.762814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.762826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.762847] Call Trace: [ 14.762863] <TASK> [ 14.762879] dump_stack_lvl+0x73/0xb0 [ 14.762907] print_report+0xd1/0x610 [ 14.762929] ? __virt_addr_valid+0x1db/0x2d0 [ 14.762951] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.762977] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.763013] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.763041] kasan_report+0x141/0x180 [ 14.763064] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.763097] kasan_check_range+0x10c/0x1c0 [ 14.763121] __kasan_check_write+0x18/0x20 [ 14.763142] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.763243] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.763295] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.763341] ? trace_hardirqs_on+0x37/0xe0 [ 14.763371] kasan_bitops_generic+0x116/0x1c0 [ 14.763397] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.763423] ? __pfx_read_tsc+0x10/0x10 [ 14.763485] ? ktime_get_ts64+0x86/0x230 [ 14.763557] kunit_try_run_case+0x1a5/0x480 [ 14.763582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.763606] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.763631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.763657] ? __kthread_parkme+0x82/0x180 [ 14.763678] ? preempt_count_sub+0x50/0x80 [ 14.763703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.763729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.763755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.763793] kthread+0x337/0x6f0 [ 14.763813] ? trace_preempt_on+0x20/0xc0 [ 14.763836] ? __pfx_kthread+0x10/0x10 [ 14.763857] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.763880] ? calculate_sigpending+0x7b/0xa0 [ 14.763905] ? __pfx_kthread+0x10/0x10 [ 14.763927] ret_from_fork+0x116/0x1d0 [ 14.763946] ? __pfx_kthread+0x10/0x10 [ 14.763967] ret_from_fork_asm+0x1a/0x30 [ 14.764030] </TASK> [ 14.764041] [ 14.772414] Allocated by task 278: [ 14.772606] kasan_save_stack+0x45/0x70 [ 14.772821] kasan_save_track+0x18/0x40 [ 14.773023] kasan_save_alloc_info+0x3b/0x50 [ 14.773208] __kasan_kmalloc+0xb7/0xc0 [ 14.773430] __kmalloc_cache_noprof+0x189/0x420 [ 14.773644] kasan_bitops_generic+0x92/0x1c0 [ 14.773818] kunit_try_run_case+0x1a5/0x480 [ 14.774244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.774564] kthread+0x337/0x6f0 [ 14.774730] ret_from_fork+0x116/0x1d0 [ 14.774922] ret_from_fork_asm+0x1a/0x30 [ 14.775118] [ 14.775293] The buggy address belongs to the object at ffff888103a60000 [ 14.775293] which belongs to the cache kmalloc-16 of size 16 [ 14.775706] The buggy address is located 8 bytes inside of [ 14.775706] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.776218] [ 14.776351] The buggy address belongs to the physical page: [ 14.776703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.777081] flags: 0x200000000000000(node=0|zone=2) [ 14.777327] page_type: f5(slab) [ 14.777505] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.777849] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.778210] page dumped because: kasan: bad access detected [ 14.778474] [ 14.778555] Memory state around the buggy address: [ 14.778798] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.779128] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.779454] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.779783] ^ [ 14.779925] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.780136] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.780475] ================================================================== [ 14.680607] ================================================================== [ 14.680980] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.681823] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.682159] [ 14.682311] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.682357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.682369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.682391] Call Trace: [ 14.682407] <TASK> [ 14.682422] dump_stack_lvl+0x73/0xb0 [ 14.682453] print_report+0xd1/0x610 [ 14.682476] ? __virt_addr_valid+0x1db/0x2d0 [ 14.682500] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.682528] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.682553] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.682582] kasan_report+0x141/0x180 [ 14.682605] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.682637] kasan_check_range+0x10c/0x1c0 [ 14.682662] __kasan_check_write+0x18/0x20 [ 14.682683] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.682719] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.682748] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.682816] ? trace_hardirqs_on+0x37/0xe0 [ 14.682847] kasan_bitops_generic+0x116/0x1c0 [ 14.682872] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.682899] ? __pfx_read_tsc+0x10/0x10 [ 14.682921] ? ktime_get_ts64+0x86/0x230 [ 14.682946] kunit_try_run_case+0x1a5/0x480 [ 14.682971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.682995] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.683021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.683046] ? __kthread_parkme+0x82/0x180 [ 14.683069] ? preempt_count_sub+0x50/0x80 [ 14.683094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.683120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.683147] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.683174] kthread+0x337/0x6f0 [ 14.683199] ? trace_preempt_on+0x20/0xc0 [ 14.683222] ? __pfx_kthread+0x10/0x10 [ 14.683244] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.683266] ? calculate_sigpending+0x7b/0xa0 [ 14.683292] ? __pfx_kthread+0x10/0x10 [ 14.683314] ret_from_fork+0x116/0x1d0 [ 14.683333] ? __pfx_kthread+0x10/0x10 [ 14.683355] ret_from_fork_asm+0x1a/0x30 [ 14.683387] </TASK> [ 14.683397] [ 14.691530] Allocated by task 278: [ 14.691707] kasan_save_stack+0x45/0x70 [ 14.691920] kasan_save_track+0x18/0x40 [ 14.692120] kasan_save_alloc_info+0x3b/0x50 [ 14.692411] __kasan_kmalloc+0xb7/0xc0 [ 14.692633] __kmalloc_cache_noprof+0x189/0x420 [ 14.692797] kasan_bitops_generic+0x92/0x1c0 [ 14.692947] kunit_try_run_case+0x1a5/0x480 [ 14.693093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.693321] kthread+0x337/0x6f0 [ 14.693488] ret_from_fork+0x116/0x1d0 [ 14.693774] ret_from_fork_asm+0x1a/0x30 [ 14.694108] [ 14.694236] The buggy address belongs to the object at ffff888103a60000 [ 14.694236] which belongs to the cache kmalloc-16 of size 16 [ 14.695309] The buggy address is located 8 bytes inside of [ 14.695309] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.695785] [ 14.695856] The buggy address belongs to the physical page: [ 14.696024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.696391] flags: 0x200000000000000(node=0|zone=2) [ 14.696751] page_type: f5(slab) [ 14.697001] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.697379] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.697988] page dumped because: kasan: bad access detected [ 14.698172] [ 14.698303] Memory state around the buggy address: [ 14.698525] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.698882] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.699210] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.699521] ^ [ 14.699738] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.700068] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.700377] ================================================================== [ 14.781084] ================================================================== [ 14.781638] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.782083] Write of size 8 at addr ffff888103a60008 by task kunit_try_catch/278 [ 14.782399] [ 14.782595] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.782642] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.782654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.782675] Call Trace: [ 14.782690] <TASK> [ 14.782737] dump_stack_lvl+0x73/0xb0 [ 14.782780] print_report+0xd1/0x610 [ 14.782804] ? __virt_addr_valid+0x1db/0x2d0 [ 14.782828] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.782855] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.782912] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.782940] kasan_report+0x141/0x180 [ 14.782962] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.783024] kasan_check_range+0x10c/0x1c0 [ 14.783049] __kasan_check_write+0x18/0x20 [ 14.783069] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.783097] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.783125] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.783186] ? trace_hardirqs_on+0x37/0xe0 [ 14.783216] kasan_bitops_generic+0x116/0x1c0 [ 14.783241] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.783267] ? __pfx_read_tsc+0x10/0x10 [ 14.783316] ? ktime_get_ts64+0x86/0x230 [ 14.783342] kunit_try_run_case+0x1a5/0x480 [ 14.783368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.783392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.783418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.783453] ? __kthread_parkme+0x82/0x180 [ 14.783474] ? preempt_count_sub+0x50/0x80 [ 14.783499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.783525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.783551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.783605] kthread+0x337/0x6f0 [ 14.783649] ? trace_preempt_on+0x20/0xc0 [ 14.783695] ? __pfx_kthread+0x10/0x10 [ 14.783740] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.783773] ? calculate_sigpending+0x7b/0xa0 [ 14.783823] ? __pfx_kthread+0x10/0x10 [ 14.783868] ret_from_fork+0x116/0x1d0 [ 14.783888] ? __pfx_kthread+0x10/0x10 [ 14.783909] ret_from_fork_asm+0x1a/0x30 [ 14.783941] </TASK> [ 14.783950] [ 14.792082] Allocated by task 278: [ 14.792278] kasan_save_stack+0x45/0x70 [ 14.792543] kasan_save_track+0x18/0x40 [ 14.792741] kasan_save_alloc_info+0x3b/0x50 [ 14.792982] __kasan_kmalloc+0xb7/0xc0 [ 14.793188] __kmalloc_cache_noprof+0x189/0x420 [ 14.793436] kasan_bitops_generic+0x92/0x1c0 [ 14.793673] kunit_try_run_case+0x1a5/0x480 [ 14.793882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.794149] kthread+0x337/0x6f0 [ 14.794335] ret_from_fork+0x116/0x1d0 [ 14.794536] ret_from_fork_asm+0x1a/0x30 [ 14.794754] [ 14.794891] The buggy address belongs to the object at ffff888103a60000 [ 14.794891] which belongs to the cache kmalloc-16 of size 16 [ 14.795426] The buggy address is located 8 bytes inside of [ 14.795426] allocated 9-byte region [ffff888103a60000, ffff888103a60009) [ 14.795897] [ 14.795970] The buggy address belongs to the physical page: [ 14.796138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a60 [ 14.796477] flags: 0x200000000000000(node=0|zone=2) [ 14.796707] page_type: f5(slab) [ 14.796880] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.797218] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.797544] page dumped because: kasan: bad access detected [ 14.797799] [ 14.797889] Memory state around the buggy address: [ 14.798041] ffff888103a5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.798251] ffff888103a5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.798459] >ffff888103a60000: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.798702] ^ [ 14.799051] ffff888103a60080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.799442] ffff888103a60100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.799861] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.598292] ================================================================== [ 14.598958] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.599280] Read of size 1 at addr ffff888103a5c550 by task kunit_try_catch/276 [ 14.599685] [ 14.599783] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.599826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.599837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.599859] Call Trace: [ 14.599874] <TASK> [ 14.599888] dump_stack_lvl+0x73/0xb0 [ 14.599916] print_report+0xd1/0x610 [ 14.599938] ? __virt_addr_valid+0x1db/0x2d0 [ 14.599962] ? strnlen+0x73/0x80 [ 14.600035] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.600061] ? strnlen+0x73/0x80 [ 14.600081] kasan_report+0x141/0x180 [ 14.600105] ? strnlen+0x73/0x80 [ 14.600128] __asan_report_load1_noabort+0x18/0x20 [ 14.600155] strnlen+0x73/0x80 [ 14.600174] kasan_strings+0x615/0xe80 [ 14.600195] ? trace_hardirqs_on+0x37/0xe0 [ 14.600220] ? __pfx_kasan_strings+0x10/0x10 [ 14.600242] ? finish_task_switch.isra.0+0x153/0x700 [ 14.600267] ? __switch_to+0x47/0xf50 [ 14.600293] ? __schedule+0x10cc/0x2b60 [ 14.600316] ? __pfx_read_tsc+0x10/0x10 [ 14.600337] ? ktime_get_ts64+0x86/0x230 [ 14.600362] kunit_try_run_case+0x1a5/0x480 [ 14.600387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.600412] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.600451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.600476] ? __kthread_parkme+0x82/0x180 [ 14.600497] ? preempt_count_sub+0x50/0x80 [ 14.600521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.600548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.600573] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.600599] kthread+0x337/0x6f0 [ 14.600619] ? trace_preempt_on+0x20/0xc0 [ 14.600641] ? __pfx_kthread+0x10/0x10 [ 14.600662] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.600686] ? calculate_sigpending+0x7b/0xa0 [ 14.600711] ? __pfx_kthread+0x10/0x10 [ 14.600732] ret_from_fork+0x116/0x1d0 [ 14.600752] ? __pfx_kthread+0x10/0x10 [ 14.600787] ret_from_fork_asm+0x1a/0x30 [ 14.600818] </TASK> [ 14.600828] [ 14.608624] Allocated by task 276: [ 14.608811] kasan_save_stack+0x45/0x70 [ 14.609153] kasan_save_track+0x18/0x40 [ 14.609351] kasan_save_alloc_info+0x3b/0x50 [ 14.609621] __kasan_kmalloc+0xb7/0xc0 [ 14.609813] __kmalloc_cache_noprof+0x189/0x420 [ 14.610034] kasan_strings+0xc0/0xe80 [ 14.610229] kunit_try_run_case+0x1a5/0x480 [ 14.610426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.610618] kthread+0x337/0x6f0 [ 14.610741] ret_from_fork+0x116/0x1d0 [ 14.610945] ret_from_fork_asm+0x1a/0x30 [ 14.611198] [ 14.611300] Freed by task 276: [ 14.611467] kasan_save_stack+0x45/0x70 [ 14.611646] kasan_save_track+0x18/0x40 [ 14.611830] kasan_save_free_info+0x3f/0x60 [ 14.612054] __kasan_slab_free+0x56/0x70 [ 14.612226] kfree+0x222/0x3f0 [ 14.612346] kasan_strings+0x2aa/0xe80 [ 14.612582] kunit_try_run_case+0x1a5/0x480 [ 14.612806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.613195] kthread+0x337/0x6f0 [ 14.613362] ret_from_fork+0x116/0x1d0 [ 14.613655] ret_from_fork_asm+0x1a/0x30 [ 14.613836] [ 14.613939] The buggy address belongs to the object at ffff888103a5c540 [ 14.613939] which belongs to the cache kmalloc-32 of size 32 [ 14.614436] The buggy address is located 16 bytes inside of [ 14.614436] freed 32-byte region [ffff888103a5c540, ffff888103a5c560) [ 14.614804] [ 14.614901] The buggy address belongs to the physical page: [ 14.615212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a5c [ 14.615575] flags: 0x200000000000000(node=0|zone=2) [ 14.615794] page_type: f5(slab) [ 14.615948] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.616285] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.616693] page dumped because: kasan: bad access detected [ 14.616928] [ 14.617171] Memory state around the buggy address: [ 14.617376] ffff888103a5c400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.617731] ffff888103a5c480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.618097] >ffff888103a5c500: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.618378] ^ [ 14.618643] ffff888103a5c580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.618946] ffff888103a5c600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.619242] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.576587] ================================================================== [ 14.577180] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.577467] Read of size 1 at addr ffff888103a5c550 by task kunit_try_catch/276 [ 14.577952] [ 14.578127] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.578173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.578185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.578206] Call Trace: [ 14.578221] <TASK> [ 14.578237] dump_stack_lvl+0x73/0xb0 [ 14.578266] print_report+0xd1/0x610 [ 14.578290] ? __virt_addr_valid+0x1db/0x2d0 [ 14.578313] ? strlen+0x8f/0xb0 [ 14.578332] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.578357] ? strlen+0x8f/0xb0 [ 14.578376] kasan_report+0x141/0x180 [ 14.578399] ? strlen+0x8f/0xb0 [ 14.578423] __asan_report_load1_noabort+0x18/0x20 [ 14.578460] strlen+0x8f/0xb0 [ 14.578478] kasan_strings+0x57b/0xe80 [ 14.578499] ? trace_hardirqs_on+0x37/0xe0 [ 14.578524] ? __pfx_kasan_strings+0x10/0x10 [ 14.578549] ? finish_task_switch.isra.0+0x153/0x700 [ 14.578574] ? __switch_to+0x47/0xf50 [ 14.578600] ? __schedule+0x10cc/0x2b60 [ 14.578624] ? __pfx_read_tsc+0x10/0x10 [ 14.578647] ? ktime_get_ts64+0x86/0x230 [ 14.578672] kunit_try_run_case+0x1a5/0x480 [ 14.578697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.578722] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.578747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.578785] ? __kthread_parkme+0x82/0x180 [ 14.578807] ? preempt_count_sub+0x50/0x80 [ 14.578833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.578859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.578884] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.578911] kthread+0x337/0x6f0 [ 14.578930] ? trace_preempt_on+0x20/0xc0 [ 14.578952] ? __pfx_kthread+0x10/0x10 [ 14.578974] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.578997] ? calculate_sigpending+0x7b/0xa0 [ 14.579023] ? __pfx_kthread+0x10/0x10 [ 14.579044] ret_from_fork+0x116/0x1d0 [ 14.579064] ? __pfx_kthread+0x10/0x10 [ 14.579086] ret_from_fork_asm+0x1a/0x30 [ 14.579118] </TASK> [ 14.579127] [ 14.587306] Allocated by task 276: [ 14.587448] kasan_save_stack+0x45/0x70 [ 14.587662] kasan_save_track+0x18/0x40 [ 14.587904] kasan_save_alloc_info+0x3b/0x50 [ 14.588181] __kasan_kmalloc+0xb7/0xc0 [ 14.588368] __kmalloc_cache_noprof+0x189/0x420 [ 14.588869] kasan_strings+0xc0/0xe80 [ 14.589233] kunit_try_run_case+0x1a5/0x480 [ 14.589444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.589674] kthread+0x337/0x6f0 [ 14.589826] ret_from_fork+0x116/0x1d0 [ 14.589963] ret_from_fork_asm+0x1a/0x30 [ 14.590165] [ 14.590261] Freed by task 276: [ 14.590419] kasan_save_stack+0x45/0x70 [ 14.590694] kasan_save_track+0x18/0x40 [ 14.590870] kasan_save_free_info+0x3f/0x60 [ 14.591047] __kasan_slab_free+0x56/0x70 [ 14.591307] kfree+0x222/0x3f0 [ 14.591476] kasan_strings+0x2aa/0xe80 [ 14.591645] kunit_try_run_case+0x1a5/0x480 [ 14.591811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.591991] kthread+0x337/0x6f0 [ 14.592113] ret_from_fork+0x116/0x1d0 [ 14.592283] ret_from_fork_asm+0x1a/0x30 [ 14.592485] [ 14.592582] The buggy address belongs to the object at ffff888103a5c540 [ 14.592582] which belongs to the cache kmalloc-32 of size 32 [ 14.593277] The buggy address is located 16 bytes inside of [ 14.593277] freed 32-byte region [ffff888103a5c540, ffff888103a5c560) [ 14.593776] [ 14.593871] The buggy address belongs to the physical page: [ 14.594074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a5c [ 14.594315] flags: 0x200000000000000(node=0|zone=2) [ 14.594688] page_type: f5(slab) [ 14.594872] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.595219] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.595491] page dumped because: kasan: bad access detected [ 14.595748] [ 14.595828] Memory state around the buggy address: [ 14.595985] ffff888103a5c400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.596308] ffff888103a5c480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.596662] >ffff888103a5c500: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.596968] ^ [ 14.597159] ffff888103a5c580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.597376] ffff888103a5c600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.597600] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.555122] ================================================================== [ 14.555429] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.555705] Read of size 1 at addr ffff888103a5c550 by task kunit_try_catch/276 [ 14.556063] [ 14.556171] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.556213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.556225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.556247] Call Trace: [ 14.556262] <TASK> [ 14.556275] dump_stack_lvl+0x73/0xb0 [ 14.556303] print_report+0xd1/0x610 [ 14.556327] ? __virt_addr_valid+0x1db/0x2d0 [ 14.556351] ? kasan_strings+0xcbc/0xe80 [ 14.556372] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.556397] ? kasan_strings+0xcbc/0xe80 [ 14.556419] kasan_report+0x141/0x180 [ 14.556459] ? kasan_strings+0xcbc/0xe80 [ 14.556485] __asan_report_load1_noabort+0x18/0x20 [ 14.556511] kasan_strings+0xcbc/0xe80 [ 14.556532] ? trace_hardirqs_on+0x37/0xe0 [ 14.556556] ? __pfx_kasan_strings+0x10/0x10 [ 14.556578] ? finish_task_switch.isra.0+0x153/0x700 [ 14.556602] ? __switch_to+0x47/0xf50 [ 14.556628] ? __schedule+0x10cc/0x2b60 [ 14.556652] ? __pfx_read_tsc+0x10/0x10 [ 14.556674] ? ktime_get_ts64+0x86/0x230 [ 14.556699] kunit_try_run_case+0x1a5/0x480 [ 14.556725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.556749] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.556787] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.556812] ? __kthread_parkme+0x82/0x180 [ 14.556834] ? preempt_count_sub+0x50/0x80 [ 14.556858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.556883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.556909] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.556934] kthread+0x337/0x6f0 [ 14.556954] ? trace_preempt_on+0x20/0xc0 [ 14.556978] ? __pfx_kthread+0x10/0x10 [ 14.557145] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.557168] ? calculate_sigpending+0x7b/0xa0 [ 14.557194] ? __pfx_kthread+0x10/0x10 [ 14.557216] ret_from_fork+0x116/0x1d0 [ 14.557237] ? __pfx_kthread+0x10/0x10 [ 14.557258] ret_from_fork_asm+0x1a/0x30 [ 14.557290] </TASK> [ 14.557300] [ 14.565528] Allocated by task 276: [ 14.565711] kasan_save_stack+0x45/0x70 [ 14.565894] kasan_save_track+0x18/0x40 [ 14.566167] kasan_save_alloc_info+0x3b/0x50 [ 14.566356] __kasan_kmalloc+0xb7/0xc0 [ 14.566554] __kmalloc_cache_noprof+0x189/0x420 [ 14.566715] kasan_strings+0xc0/0xe80 [ 14.566858] kunit_try_run_case+0x1a5/0x480 [ 14.567007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.567190] kthread+0x337/0x6f0 [ 14.567311] ret_from_fork+0x116/0x1d0 [ 14.567445] ret_from_fork_asm+0x1a/0x30 [ 14.567586] [ 14.567681] Freed by task 276: [ 14.567849] kasan_save_stack+0x45/0x70 [ 14.568059] kasan_save_track+0x18/0x40 [ 14.568252] kasan_save_free_info+0x3f/0x60 [ 14.568520] __kasan_slab_free+0x56/0x70 [ 14.568857] kfree+0x222/0x3f0 [ 14.569207] kasan_strings+0x2aa/0xe80 [ 14.569401] kunit_try_run_case+0x1a5/0x480 [ 14.569589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.569782] kthread+0x337/0x6f0 [ 14.569904] ret_from_fork+0x116/0x1d0 [ 14.570242] ret_from_fork_asm+0x1a/0x30 [ 14.570459] [ 14.570555] The buggy address belongs to the object at ffff888103a5c540 [ 14.570555] which belongs to the cache kmalloc-32 of size 32 [ 14.571267] The buggy address is located 16 bytes inside of [ 14.571267] freed 32-byte region [ffff888103a5c540, ffff888103a5c560) [ 14.571797] [ 14.571894] The buggy address belongs to the physical page: [ 14.572249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a5c [ 14.572630] flags: 0x200000000000000(node=0|zone=2) [ 14.572849] page_type: f5(slab) [ 14.573141] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.573388] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.573917] page dumped because: kasan: bad access detected [ 14.574202] [ 14.574283] Memory state around the buggy address: [ 14.574523] ffff888103a5c400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.574818] ffff888103a5c480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.575165] >ffff888103a5c500: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.575389] ^ [ 14.575572] ffff888103a5c580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.575815] ffff888103a5c600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.576134] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.068801] ================================================================== [ 12.070057] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.070589] Write of size 1 at addr ffff888102a3200a by task kunit_try_catch/163 [ 12.070831] [ 12.070931] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.070976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.070988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.071009] Call Trace: [ 12.071022] <TASK> [ 12.071039] dump_stack_lvl+0x73/0xb0 [ 12.071069] print_report+0xd1/0x610 [ 12.071091] ? __virt_addr_valid+0x1db/0x2d0 [ 12.071115] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.071137] ? kasan_addr_to_slab+0x11/0xa0 [ 12.071157] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.071185] kasan_report+0x141/0x180 [ 12.071207] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.071235] __asan_report_store1_noabort+0x1b/0x30 [ 12.071261] kmalloc_large_oob_right+0x2e9/0x330 [ 12.071284] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.071308] ? __schedule+0x10cc/0x2b60 [ 12.071331] ? __pfx_read_tsc+0x10/0x10 [ 12.071352] ? ktime_get_ts64+0x86/0x230 [ 12.071377] kunit_try_run_case+0x1a5/0x480 [ 12.071401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.071424] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.071448] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.071472] ? __kthread_parkme+0x82/0x180 [ 12.071552] ? preempt_count_sub+0x50/0x80 [ 12.071592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.071617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.071642] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.071667] kthread+0x337/0x6f0 [ 12.071686] ? trace_preempt_on+0x20/0xc0 [ 12.071710] ? __pfx_kthread+0x10/0x10 [ 12.071731] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.071764] ? calculate_sigpending+0x7b/0xa0 [ 12.071789] ? __pfx_kthread+0x10/0x10 [ 12.071810] ret_from_fork+0x116/0x1d0 [ 12.071828] ? __pfx_kthread+0x10/0x10 [ 12.071849] ret_from_fork_asm+0x1a/0x30 [ 12.071880] </TASK> [ 12.071890] [ 12.078950] The buggy address belongs to the physical page: [ 12.079204] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a30 [ 12.079564] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.079815] flags: 0x200000000000040(head|node=0|zone=2) [ 12.080006] page_type: f8(unknown) [ 12.080183] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.080520] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.080830] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.081063] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.081419] head: 0200000000000002 ffffea00040a8c01 00000000ffffffff 00000000ffffffff [ 12.081775] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.082093] page dumped because: kasan: bad access detected [ 12.082314] [ 12.082407] Memory state around the buggy address: [ 12.082624] ffff888102a31f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.082923] ffff888102a31f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.083190] >ffff888102a32000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.083528] ^ [ 12.083684] ffff888102a32080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.083930] ffff888102a32100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.084143] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.029699] ================================================================== [ 12.030329] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.030827] Write of size 1 at addr ffff888102b09f00 by task kunit_try_catch/161 [ 12.031057] [ 12.031146] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.031197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.031208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.031229] Call Trace: [ 12.031241] <TASK> [ 12.031256] dump_stack_lvl+0x73/0xb0 [ 12.031285] print_report+0xd1/0x610 [ 12.031307] ? __virt_addr_valid+0x1db/0x2d0 [ 12.031330] ? kmalloc_big_oob_right+0x316/0x370 [ 12.031353] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.031624] ? kmalloc_big_oob_right+0x316/0x370 [ 12.031652] kasan_report+0x141/0x180 [ 12.031674] ? kmalloc_big_oob_right+0x316/0x370 [ 12.031703] __asan_report_store1_noabort+0x1b/0x30 [ 12.031729] kmalloc_big_oob_right+0x316/0x370 [ 12.031766] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.031790] ? __schedule+0x10cc/0x2b60 [ 12.031814] ? __pfx_read_tsc+0x10/0x10 [ 12.031835] ? ktime_get_ts64+0x86/0x230 [ 12.031861] kunit_try_run_case+0x1a5/0x480 [ 12.031886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.031909] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.031933] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.031957] ? __kthread_parkme+0x82/0x180 [ 12.031978] ? preempt_count_sub+0x50/0x80 [ 12.032003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.032074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.032101] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.032127] kthread+0x337/0x6f0 [ 12.032176] ? trace_preempt_on+0x20/0xc0 [ 12.032202] ? __pfx_kthread+0x10/0x10 [ 12.032222] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.032244] ? calculate_sigpending+0x7b/0xa0 [ 12.032269] ? __pfx_kthread+0x10/0x10 [ 12.032291] ret_from_fork+0x116/0x1d0 [ 12.032310] ? __pfx_kthread+0x10/0x10 [ 12.032330] ret_from_fork_asm+0x1a/0x30 [ 12.032361] </TASK> [ 12.032372] [ 12.047142] Allocated by task 161: [ 12.047675] kasan_save_stack+0x45/0x70 [ 12.047842] kasan_save_track+0x18/0x40 [ 12.048034] kasan_save_alloc_info+0x3b/0x50 [ 12.048469] __kasan_kmalloc+0xb7/0xc0 [ 12.048912] __kmalloc_cache_noprof+0x189/0x420 [ 12.049460] kmalloc_big_oob_right+0xa9/0x370 [ 12.049879] kunit_try_run_case+0x1a5/0x480 [ 12.050399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.050809] kthread+0x337/0x6f0 [ 12.050934] ret_from_fork+0x116/0x1d0 [ 12.051355] ret_from_fork_asm+0x1a/0x30 [ 12.051787] [ 12.051955] The buggy address belongs to the object at ffff888102b08000 [ 12.051955] which belongs to the cache kmalloc-8k of size 8192 [ 12.053166] The buggy address is located 0 bytes to the right of [ 12.053166] allocated 7936-byte region [ffff888102b08000, ffff888102b09f00) [ 12.053954] [ 12.054194] The buggy address belongs to the physical page: [ 12.054744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b08 [ 12.055321] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.056020] flags: 0x200000000000040(head|node=0|zone=2) [ 12.056527] page_type: f5(slab) [ 12.056848] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.057453] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.058059] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.058790] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.059361] head: 0200000000000003 ffffea00040ac201 00000000ffffffff 00000000ffffffff [ 12.060091] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.060324] page dumped because: kasan: bad access detected [ 12.060570] [ 12.060737] Memory state around the buggy address: [ 12.061241] ffff888102b09e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.061954] ffff888102b09e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.062704] >ffff888102b09f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.063337] ^ [ 12.063515] ffff888102b09f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.064282] ffff888102b0a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.064787] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.004345] ================================================================== [ 12.004916] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.005287] Write of size 1 at addr ffff8881029cc878 by task kunit_try_catch/159 [ 12.005911] [ 12.006040] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.006082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.006093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.006114] Call Trace: [ 12.006124] <TASK> [ 12.006138] dump_stack_lvl+0x73/0xb0 [ 12.006186] print_report+0xd1/0x610 [ 12.006208] ? __virt_addr_valid+0x1db/0x2d0 [ 12.006243] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.006269] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.006293] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.006319] kasan_report+0x141/0x180 [ 12.006341] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.006372] __asan_report_store1_noabort+0x1b/0x30 [ 12.006399] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.006425] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.006453] ? __schedule+0x10cc/0x2b60 [ 12.006476] ? __pfx_read_tsc+0x10/0x10 [ 12.006496] ? ktime_get_ts64+0x86/0x230 [ 12.006521] kunit_try_run_case+0x1a5/0x480 [ 12.006545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.006577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.006610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.006634] ? __kthread_parkme+0x82/0x180 [ 12.006667] ? preempt_count_sub+0x50/0x80 [ 12.006692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.006716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.006760] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.006785] kthread+0x337/0x6f0 [ 12.006804] ? trace_preempt_on+0x20/0xc0 [ 12.006828] ? __pfx_kthread+0x10/0x10 [ 12.006849] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.006871] ? calculate_sigpending+0x7b/0xa0 [ 12.006895] ? __pfx_kthread+0x10/0x10 [ 12.006917] ret_from_fork+0x116/0x1d0 [ 12.006935] ? __pfx_kthread+0x10/0x10 [ 12.006955] ret_from_fork_asm+0x1a/0x30 [ 12.006986] </TASK> [ 12.006995] [ 12.014112] Allocated by task 159: [ 12.014289] kasan_save_stack+0x45/0x70 [ 12.014484] kasan_save_track+0x18/0x40 [ 12.014678] kasan_save_alloc_info+0x3b/0x50 [ 12.014877] __kasan_kmalloc+0xb7/0xc0 [ 12.015012] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.015436] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.015699] kunit_try_run_case+0x1a5/0x480 [ 12.015901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.016122] kthread+0x337/0x6f0 [ 12.016304] ret_from_fork+0x116/0x1d0 [ 12.016494] ret_from_fork_asm+0x1a/0x30 [ 12.016739] [ 12.016856] The buggy address belongs to the object at ffff8881029cc800 [ 12.016856] which belongs to the cache kmalloc-128 of size 128 [ 12.017369] The buggy address is located 0 bytes to the right of [ 12.017369] allocated 120-byte region [ffff8881029cc800, ffff8881029cc878) [ 12.017932] [ 12.018007] The buggy address belongs to the physical page: [ 12.018180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 12.018435] flags: 0x200000000000000(node=0|zone=2) [ 12.018690] page_type: f5(slab) [ 12.018867] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.019501] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.019809] page dumped because: kasan: bad access detected [ 12.019982] [ 12.020051] Memory state around the buggy address: [ 12.020220] ffff8881029cc700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.020671] ffff8881029cc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.020922] >ffff8881029cc800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.021252] ^ [ 12.023493] ffff8881029cc880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.023832] ffff8881029cc900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.024050] ================================================================== [ 11.975709] ================================================================== [ 11.976332] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.976914] Write of size 1 at addr ffff8881029cc778 by task kunit_try_catch/159 [ 11.977781] [ 11.977876] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.977919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.977931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.977952] Call Trace: [ 11.977963] <TASK> [ 11.977978] dump_stack_lvl+0x73/0xb0 [ 11.978019] print_report+0xd1/0x610 [ 11.978041] ? __virt_addr_valid+0x1db/0x2d0 [ 11.978065] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.978092] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.978116] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.978144] kasan_report+0x141/0x180 [ 11.978167] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.978198] __asan_report_store1_noabort+0x1b/0x30 [ 11.978223] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.978261] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.978288] ? __schedule+0x10cc/0x2b60 [ 11.978311] ? __pfx_read_tsc+0x10/0x10 [ 11.978354] ? ktime_get_ts64+0x86/0x230 [ 11.978380] kunit_try_run_case+0x1a5/0x480 [ 11.978404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.978439] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.978464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.978488] ? __kthread_parkme+0x82/0x180 [ 11.978520] ? preempt_count_sub+0x50/0x80 [ 11.978544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.978568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.978593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.978618] kthread+0x337/0x6f0 [ 11.978637] ? trace_preempt_on+0x20/0xc0 [ 11.978660] ? __pfx_kthread+0x10/0x10 [ 11.978681] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.978702] ? calculate_sigpending+0x7b/0xa0 [ 11.978727] ? __pfx_kthread+0x10/0x10 [ 11.978748] ret_from_fork+0x116/0x1d0 [ 11.978775] ? __pfx_kthread+0x10/0x10 [ 11.978795] ret_from_fork_asm+0x1a/0x30 [ 11.978827] </TASK> [ 11.978837] [ 11.991698] Allocated by task 159: [ 11.992190] kasan_save_stack+0x45/0x70 [ 11.992345] kasan_save_track+0x18/0x40 [ 11.992604] kasan_save_alloc_info+0x3b/0x50 [ 11.993113] __kasan_kmalloc+0xb7/0xc0 [ 11.993492] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.994001] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.994527] kunit_try_run_case+0x1a5/0x480 [ 11.994878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.995295] kthread+0x337/0x6f0 [ 11.995656] ret_from_fork+0x116/0x1d0 [ 11.996010] ret_from_fork_asm+0x1a/0x30 [ 11.996376] [ 11.996455] The buggy address belongs to the object at ffff8881029cc700 [ 11.996455] which belongs to the cache kmalloc-128 of size 128 [ 11.997431] The buggy address is located 0 bytes to the right of [ 11.997431] allocated 120-byte region [ffff8881029cc700, ffff8881029cc778) [ 11.998255] [ 11.998557] The buggy address belongs to the physical page: [ 11.999128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029cc [ 11.999524] flags: 0x200000000000000(node=0|zone=2) [ 11.999691] page_type: f5(slab) [ 11.999824] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.000086] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.000569] page dumped because: kasan: bad access detected [ 12.000771] [ 12.000870] Memory state around the buggy address: [ 12.001163] ffff8881029cc600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.001421] ffff8881029cc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.001862] >ffff8881029cc700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.002325] ^ [ 12.002622] ffff8881029cc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.003015] ffff8881029cc800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.003364] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.945304] ================================================================== [ 11.945844] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.946174] Read of size 1 at addr ffff8881029f3000 by task kunit_try_catch/157 [ 11.946471] [ 11.946583] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.946626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.946637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.946657] Call Trace: [ 11.946668] <TASK> [ 11.946682] dump_stack_lvl+0x73/0xb0 [ 11.946710] print_report+0xd1/0x610 [ 11.946731] ? __virt_addr_valid+0x1db/0x2d0 [ 11.946791] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.946818] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.946842] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.947248] kasan_report+0x141/0x180 [ 11.947279] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.947341] __asan_report_load1_noabort+0x18/0x20 [ 11.947367] kmalloc_node_oob_right+0x369/0x3c0 [ 11.947392] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.947567] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.947603] kunit_try_run_case+0x1a5/0x480 [ 11.947632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.947655] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.947680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.947704] ? __kthread_parkme+0x82/0x180 [ 11.947727] ? preempt_count_sub+0x50/0x80 [ 11.947765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.947789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.947814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.947839] kthread+0x337/0x6f0 [ 11.947859] ? trace_preempt_on+0x20/0xc0 [ 11.947882] ? __pfx_kthread+0x10/0x10 [ 11.947903] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.947924] ? calculate_sigpending+0x7b/0xa0 [ 11.947949] ? __pfx_kthread+0x10/0x10 [ 11.947992] ret_from_fork+0x116/0x1d0 [ 11.948012] ? __pfx_kthread+0x10/0x10 [ 11.948032] ret_from_fork_asm+0x1a/0x30 [ 11.948063] </TASK> [ 11.948073] [ 11.958663] Allocated by task 157: [ 11.958957] kasan_save_stack+0x45/0x70 [ 11.959305] kasan_save_track+0x18/0x40 [ 11.959564] kasan_save_alloc_info+0x3b/0x50 [ 11.959795] __kasan_kmalloc+0xb7/0xc0 [ 11.960210] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.960482] kmalloc_node_oob_right+0xab/0x3c0 [ 11.960815] kunit_try_run_case+0x1a5/0x480 [ 11.961236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.961606] kthread+0x337/0x6f0 [ 11.961820] ret_from_fork+0x116/0x1d0 [ 11.961958] ret_from_fork_asm+0x1a/0x30 [ 11.962389] [ 11.962615] The buggy address belongs to the object at ffff8881029f2000 [ 11.962615] which belongs to the cache kmalloc-4k of size 4096 [ 11.963284] The buggy address is located 0 bytes to the right of [ 11.963284] allocated 4096-byte region [ffff8881029f2000, ffff8881029f3000) [ 11.964183] [ 11.964292] The buggy address belongs to the physical page: [ 11.964703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f0 [ 11.965548] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.965888] flags: 0x200000000000040(head|node=0|zone=2) [ 11.966353] page_type: f5(slab) [ 11.966666] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.967188] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.967687] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.968167] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.968645] head: 0200000000000003 ffffea00040a7c01 00000000ffffffff 00000000ffffffff [ 11.969261] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.969749] page dumped because: kasan: bad access detected [ 11.970115] [ 11.970367] Memory state around the buggy address: [ 11.970716] ffff8881029f2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.971160] ffff8881029f2f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.971599] >ffff8881029f3000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.972053] ^ [ 11.972182] ffff8881029f3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.972547] ffff8881029f3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.972842] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.910800] ================================================================== [ 11.911839] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.913257] Read of size 1 at addr ffff8881029d9fff by task kunit_try_catch/155 [ 11.914537] [ 11.914732] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.914791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.914804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.914826] Call Trace: [ 11.914839] <TASK> [ 11.914857] dump_stack_lvl+0x73/0xb0 [ 11.914889] print_report+0xd1/0x610 [ 11.914911] ? __virt_addr_valid+0x1db/0x2d0 [ 11.914935] ? kmalloc_oob_left+0x361/0x3c0 [ 11.914956] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.915220] ? kmalloc_oob_left+0x361/0x3c0 [ 11.915243] kasan_report+0x141/0x180 [ 11.915266] ? kmalloc_oob_left+0x361/0x3c0 [ 11.915299] __asan_report_load1_noabort+0x18/0x20 [ 11.915326] kmalloc_oob_left+0x361/0x3c0 [ 11.915349] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.915372] ? __schedule+0x10cc/0x2b60 [ 11.915395] ? __pfx_read_tsc+0x10/0x10 [ 11.915417] ? ktime_get_ts64+0x86/0x230 [ 11.915488] kunit_try_run_case+0x1a5/0x480 [ 11.915514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.915536] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.915561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.915584] ? __kthread_parkme+0x82/0x180 [ 11.915605] ? preempt_count_sub+0x50/0x80 [ 11.915629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.915653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.915678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.915703] kthread+0x337/0x6f0 [ 11.915721] ? trace_preempt_on+0x20/0xc0 [ 11.915745] ? __pfx_kthread+0x10/0x10 [ 11.915776] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.915797] ? calculate_sigpending+0x7b/0xa0 [ 11.915822] ? __pfx_kthread+0x10/0x10 [ 11.915843] ret_from_fork+0x116/0x1d0 [ 11.915862] ? __pfx_kthread+0x10/0x10 [ 11.915882] ret_from_fork_asm+0x1a/0x30 [ 11.915912] </TASK> [ 11.915923] [ 11.930741] The buggy address belongs to the object at ffff8881029d9f00 [ 11.930741] which belongs to the cache kmalloc-192 of size 192 [ 11.932471] The buggy address is located 63 bytes to the right of [ 11.932471] allocated 192-byte region [ffff8881029d9f00, ffff8881029d9fc0) [ 11.932960] [ 11.933453] The buggy address belongs to the physical page: [ 11.934182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d9 [ 11.935398] flags: 0x200000000000000(node=0|zone=2) [ 11.935707] page_type: f5(slab) [ 11.935844] raw: 0200000000000000 ffff8881000413c0 dead000000000122 0000000000000000 [ 11.936143] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.936921] page dumped because: kasan: bad access detected [ 11.937508] [ 11.937683] Memory state around the buggy address: [ 11.938203] ffff8881029d9e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.938912] ffff8881029d9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.939560] >ffff8881029d9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.940041] ^ [ 11.940610] ffff8881029da000: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.941330] ffff8881029da080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.941811] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.819697] ================================================================== [ 11.820926] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.821546] Write of size 1 at addr ffff88810305bc73 by task kunit_try_catch/153 [ 11.821944] [ 11.823213] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.823584] Tainted: [N]=TEST [ 11.823617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.823844] Call Trace: [ 11.823911] <TASK> [ 11.824073] dump_stack_lvl+0x73/0xb0 [ 11.824161] print_report+0xd1/0x610 [ 11.824191] ? __virt_addr_valid+0x1db/0x2d0 [ 11.824217] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.824238] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.824261] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.824283] kasan_report+0x141/0x180 [ 11.824305] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.824331] __asan_report_store1_noabort+0x1b/0x30 [ 11.824357] kmalloc_oob_right+0x6f0/0x7f0 [ 11.824379] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.824402] ? __schedule+0x10cc/0x2b60 [ 11.824424] ? __pfx_read_tsc+0x10/0x10 [ 11.824816] ? ktime_get_ts64+0x86/0x230 [ 11.824847] kunit_try_run_case+0x1a5/0x480 [ 11.824875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.824898] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.824923] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.824947] ? __kthread_parkme+0x82/0x180 [ 11.824969] ? preempt_count_sub+0x50/0x80 [ 11.825042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.825066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.825091] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.825117] kthread+0x337/0x6f0 [ 11.825136] ? trace_preempt_on+0x20/0xc0 [ 11.825160] ? __pfx_kthread+0x10/0x10 [ 11.825181] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.825202] ? calculate_sigpending+0x7b/0xa0 [ 11.825228] ? __pfx_kthread+0x10/0x10 [ 11.825249] ret_from_fork+0x116/0x1d0 [ 11.825268] ? __pfx_kthread+0x10/0x10 [ 11.825288] ret_from_fork_asm+0x1a/0x30 [ 11.825355] </TASK> [ 11.825427] [ 11.837241] Allocated by task 153: [ 11.837509] kasan_save_stack+0x45/0x70 [ 11.837677] kasan_save_track+0x18/0x40 [ 11.837962] kasan_save_alloc_info+0x3b/0x50 [ 11.838336] __kasan_kmalloc+0xb7/0xc0 [ 11.838476] __kmalloc_cache_noprof+0x189/0x420 [ 11.838927] kmalloc_oob_right+0xa9/0x7f0 [ 11.839312] kunit_try_run_case+0x1a5/0x480 [ 11.839522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.840179] kthread+0x337/0x6f0 [ 11.840543] ret_from_fork+0x116/0x1d0 [ 11.840847] ret_from_fork_asm+0x1a/0x30 [ 11.841116] [ 11.841349] The buggy address belongs to the object at ffff88810305bc00 [ 11.841349] which belongs to the cache kmalloc-128 of size 128 [ 11.842460] The buggy address is located 0 bytes to the right of [ 11.842460] allocated 115-byte region [ffff88810305bc00, ffff88810305bc73) [ 11.843418] [ 11.843704] The buggy address belongs to the physical page: [ 11.844428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305b [ 11.845178] flags: 0x200000000000000(node=0|zone=2) [ 11.846203] page_type: f5(slab) [ 11.846926] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.847695] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.848402] page dumped because: kasan: bad access detected [ 11.848591] [ 11.848668] Memory state around the buggy address: [ 11.849232] ffff88810305bb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.849954] ffff88810305bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.850819] >ffff88810305bc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.851674] ^ [ 11.852282] ffff88810305bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.852520] ffff88810305bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.853256] ================================================================== [ 11.855804] ================================================================== [ 11.856127] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.856596] Write of size 1 at addr ffff88810305bc78 by task kunit_try_catch/153 [ 11.857214] [ 11.857481] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.857532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.857543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.857563] Call Trace: [ 11.857575] <TASK> [ 11.857589] dump_stack_lvl+0x73/0xb0 [ 11.857619] print_report+0xd1/0x610 [ 11.857641] ? __virt_addr_valid+0x1db/0x2d0 [ 11.857664] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.857685] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.857708] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.857730] kasan_report+0x141/0x180 [ 11.857765] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.857791] __asan_report_store1_noabort+0x1b/0x30 [ 11.857816] kmalloc_oob_right+0x6bd/0x7f0 [ 11.857838] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.857861] ? __schedule+0x10cc/0x2b60 [ 11.857883] ? __pfx_read_tsc+0x10/0x10 [ 11.857903] ? ktime_get_ts64+0x86/0x230 [ 11.857927] kunit_try_run_case+0x1a5/0x480 [ 11.857951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.857986] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.858010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.858035] ? __kthread_parkme+0x82/0x180 [ 11.858055] ? preempt_count_sub+0x50/0x80 [ 11.858078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.858102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.858127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.858151] kthread+0x337/0x6f0 [ 11.858170] ? trace_preempt_on+0x20/0xc0 [ 11.858194] ? __pfx_kthread+0x10/0x10 [ 11.858214] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.858235] ? calculate_sigpending+0x7b/0xa0 [ 11.858260] ? __pfx_kthread+0x10/0x10 [ 11.858281] ret_from_fork+0x116/0x1d0 [ 11.858300] ? __pfx_kthread+0x10/0x10 [ 11.858320] ret_from_fork_asm+0x1a/0x30 [ 11.858350] </TASK> [ 11.858359] [ 11.868698] Allocated by task 153: [ 11.868977] kasan_save_stack+0x45/0x70 [ 11.869393] kasan_save_track+0x18/0x40 [ 11.869664] kasan_save_alloc_info+0x3b/0x50 [ 11.869844] __kasan_kmalloc+0xb7/0xc0 [ 11.870333] __kmalloc_cache_noprof+0x189/0x420 [ 11.870604] kmalloc_oob_right+0xa9/0x7f0 [ 11.870922] kunit_try_run_case+0x1a5/0x480 [ 11.871275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.871735] kthread+0x337/0x6f0 [ 11.872055] ret_from_fork+0x116/0x1d0 [ 11.872243] ret_from_fork_asm+0x1a/0x30 [ 11.872655] [ 11.872743] The buggy address belongs to the object at ffff88810305bc00 [ 11.872743] which belongs to the cache kmalloc-128 of size 128 [ 11.873805] The buggy address is located 5 bytes to the right of [ 11.873805] allocated 115-byte region [ffff88810305bc00, ffff88810305bc73) [ 11.874563] [ 11.874672] The buggy address belongs to the physical page: [ 11.875096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305b [ 11.875673] flags: 0x200000000000000(node=0|zone=2) [ 11.876106] page_type: f5(slab) [ 11.876376] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.876847] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.877438] page dumped because: kasan: bad access detected [ 11.877683] [ 11.877792] Memory state around the buggy address: [ 11.878273] ffff88810305bb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.878636] ffff88810305bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.879101] >ffff88810305bc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.879549] ^ [ 11.879955] ffff88810305bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.880509] ffff88810305bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.881029] ================================================================== [ 11.881771] ================================================================== [ 11.882260] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.883036] Read of size 1 at addr ffff88810305bc80 by task kunit_try_catch/153 [ 11.883549] [ 11.883657] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.883941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.883955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.884012] Call Trace: [ 11.884027] <TASK> [ 11.884041] dump_stack_lvl+0x73/0xb0 [ 11.884072] print_report+0xd1/0x610 [ 11.884094] ? __virt_addr_valid+0x1db/0x2d0 [ 11.884116] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.884137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.884161] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.884183] kasan_report+0x141/0x180 [ 11.884205] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.884231] __asan_report_load1_noabort+0x18/0x20 [ 11.884255] kmalloc_oob_right+0x68a/0x7f0 [ 11.884277] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.884300] ? __schedule+0x10cc/0x2b60 [ 11.884323] ? __pfx_read_tsc+0x10/0x10 [ 11.884344] ? ktime_get_ts64+0x86/0x230 [ 11.884368] kunit_try_run_case+0x1a5/0x480 [ 11.884392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.884414] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.884450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.884474] ? __kthread_parkme+0x82/0x180 [ 11.884494] ? preempt_count_sub+0x50/0x80 [ 11.884518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.884542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.884566] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.884591] kthread+0x337/0x6f0 [ 11.884609] ? trace_preempt_on+0x20/0xc0 [ 11.884632] ? __pfx_kthread+0x10/0x10 [ 11.884652] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.884673] ? calculate_sigpending+0x7b/0xa0 [ 11.884698] ? __pfx_kthread+0x10/0x10 [ 11.884719] ret_from_fork+0x116/0x1d0 [ 11.884737] ? __pfx_kthread+0x10/0x10 [ 11.884769] ret_from_fork_asm+0x1a/0x30 [ 11.884799] </TASK> [ 11.884808] [ 11.895971] Allocated by task 153: [ 11.896495] kasan_save_stack+0x45/0x70 [ 11.896689] kasan_save_track+0x18/0x40 [ 11.896854] kasan_save_alloc_info+0x3b/0x50 [ 11.897425] __kasan_kmalloc+0xb7/0xc0 [ 11.897617] __kmalloc_cache_noprof+0x189/0x420 [ 11.897922] kmalloc_oob_right+0xa9/0x7f0 [ 11.898358] kunit_try_run_case+0x1a5/0x480 [ 11.898680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.899046] kthread+0x337/0x6f0 [ 11.899217] ret_from_fork+0x116/0x1d0 [ 11.899393] ret_from_fork_asm+0x1a/0x30 [ 11.899923] [ 11.900054] The buggy address belongs to the object at ffff88810305bc00 [ 11.900054] which belongs to the cache kmalloc-128 of size 128 [ 11.900866] The buggy address is located 13 bytes to the right of [ 11.900866] allocated 115-byte region [ffff88810305bc00, ffff88810305bc73) [ 11.901866] [ 11.901974] The buggy address belongs to the physical page: [ 11.902457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305b [ 11.903190] flags: 0x200000000000000(node=0|zone=2) [ 11.903646] page_type: f5(slab) [ 11.903787] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.904029] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.904258] page dumped because: kasan: bad access detected [ 11.904431] [ 11.904503] Memory state around the buggy address: [ 11.904661] ffff88810305bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.904942] ffff88810305bc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.905163] >ffff88810305bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.905484] ^ [ 11.905652] ffff88810305bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.906028] ffff88810305bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.906661] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 141.310691] WARNING: CPU: 1 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.311841] Modules linked in: [ 141.312281] CPU: 1 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.313198] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.313841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.315945] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.316588] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.318175] RSP: 0000:ffff88810bab7c78 EFLAGS: 00010286 [ 141.318364] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.318873] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff98833bfc [ 141.319301] RBP: ffff88810bab7ca0 R08: 0000000000000000 R09: ffffed1020ae8360 [ 141.319995] R10: ffff888105741b07 R11: 0000000000000000 R12: ffffffff98833be8 [ 141.320726] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810bab7d38 [ 141.321428] FS: 0000000000000000(0000) GS:ffff8881c0972000(0000) knlGS:0000000000000000 [ 141.321698] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.322592] CR2: 00007ffff7ffe000 CR3: 000000012a6bc000 CR4: 00000000000006f0 [ 141.323467] DR0: ffffffff9a852440 DR1: ffffffff9a852441 DR2: ffffffff9a852443 [ 141.323970] DR3: ffffffff9a852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.324426] Call Trace: [ 141.324707] <TASK> [ 141.324955] drm_test_rect_calc_vscale+0x108/0x270 [ 141.325513] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.325889] ? __schedule+0x10cc/0x2b60 [ 141.326406] ? __pfx_read_tsc+0x10/0x10 [ 141.326592] ? ktime_get_ts64+0x86/0x230 [ 141.326789] kunit_try_run_case+0x1a5/0x480 [ 141.327367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.327872] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.328337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.328517] ? __kthread_parkme+0x82/0x180 [ 141.328667] ? preempt_count_sub+0x50/0x80 [ 141.328857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.329405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.329677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.330007] kthread+0x337/0x6f0 [ 141.330148] ? trace_preempt_on+0x20/0xc0 [ 141.330530] ? __pfx_kthread+0x10/0x10 [ 141.330766] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.331056] ? calculate_sigpending+0x7b/0xa0 [ 141.331464] ? __pfx_kthread+0x10/0x10 [ 141.331624] ret_from_fork+0x116/0x1d0 [ 141.331838] ? __pfx_kthread+0x10/0x10 [ 141.332042] ret_from_fork_asm+0x1a/0x30 [ 141.332573] </TASK> [ 141.332930] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.337478] WARNING: CPU: 0 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.337886] Modules linked in: [ 141.338244] CPU: 0 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.338698] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.338963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.339653] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.340062] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.340915] RSP: 0000:ffff88810ba5fc78 EFLAGS: 00010286 [ 141.341274] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.341631] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff98833c34 [ 141.341978] RBP: ffff88810ba5fca0 R08: 0000000000000000 R09: ffffed1020ae83a0 [ 141.342419] R10: ffff888105741d07 R11: 0000000000000000 R12: ffffffff98833c20 [ 141.342740] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810ba5fd38 [ 141.343053] FS: 0000000000000000(0000) GS:ffff8881c0872000(0000) knlGS:0000000000000000 [ 141.343460] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.343832] CR2: 00007ffff7ffe000 CR3: 000000012a6bc000 CR4: 00000000000006f0 [ 141.344292] DR0: ffffffff9a852440 DR1: ffffffff9a852441 DR2: ffffffff9a852442 [ 141.344829] DR3: ffffffff9a852443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.345193] Call Trace: [ 141.345307] <TASK> [ 141.345530] drm_test_rect_calc_vscale+0x108/0x270 [ 141.345774] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.346062] ? __schedule+0x10cc/0x2b60 [ 141.346321] ? __pfx_read_tsc+0x10/0x10 [ 141.346556] ? ktime_get_ts64+0x86/0x230 [ 141.346722] kunit_try_run_case+0x1a5/0x480 [ 141.347024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.347231] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.347580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.347852] ? __kthread_parkme+0x82/0x180 [ 141.348227] ? preempt_count_sub+0x50/0x80 [ 141.348677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.348927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.349249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.349756] kthread+0x337/0x6f0 [ 141.349901] ? trace_preempt_on+0x20/0xc0 [ 141.350119] ? __pfx_kthread+0x10/0x10 [ 141.350423] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.350658] ? calculate_sigpending+0x7b/0xa0 [ 141.350935] ? __pfx_kthread+0x10/0x10 [ 141.351101] ret_from_fork+0x116/0x1d0 [ 141.351317] ? __pfx_kthread+0x10/0x10 [ 141.351595] ret_from_fork_asm+0x1a/0x30 [ 141.351898] </TASK> [ 141.352160] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 141.241822] WARNING: CPU: 1 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.243124] Modules linked in: [ 141.243536] CPU: 1 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.244719] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.244953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.246025] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.246591] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.248045] RSP: 0000:ffff88810bcbfc78 EFLAGS: 00010286 [ 141.248240] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.248454] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff98833c00 [ 141.248667] RBP: ffff88810bcbfca0 R08: 0000000000000000 R09: ffffed1020ae8300 [ 141.249287] R10: ffff888105741807 R11: 0000000000000000 R12: ffffffff98833be8 [ 141.250113] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810bcbfd38 [ 141.250758] FS: 0000000000000000(0000) GS:ffff8881c0972000(0000) knlGS:0000000000000000 [ 141.251711] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.252380] CR2: 00007ffff7ffe000 CR3: 000000012a6bc000 CR4: 00000000000006f0 [ 141.253232] DR0: ffffffff9a852440 DR1: ffffffff9a852441 DR2: ffffffff9a852443 [ 141.253558] DR3: ffffffff9a852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.253870] Call Trace: [ 141.254332] <TASK> [ 141.254576] drm_test_rect_calc_hscale+0x108/0x270 [ 141.255162] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.255418] ? __schedule+0x10cc/0x2b60 [ 141.255573] ? __pfx_read_tsc+0x10/0x10 [ 141.255716] ? ktime_get_ts64+0x86/0x230 [ 141.255863] kunit_try_run_case+0x1a5/0x480 [ 141.256181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.256612] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.257164] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.257607] ? __kthread_parkme+0x82/0x180 [ 141.257982] ? preempt_count_sub+0x50/0x80 [ 141.258571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.259105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.259310] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.259513] kthread+0x337/0x6f0 [ 141.259640] ? trace_preempt_on+0x20/0xc0 [ 141.259833] ? __pfx_kthread+0x10/0x10 [ 141.260258] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.260667] ? calculate_sigpending+0x7b/0xa0 [ 141.260845] ? __pfx_kthread+0x10/0x10 [ 141.260985] ret_from_fork+0x116/0x1d0 [ 141.261413] ? __pfx_kthread+0x10/0x10 [ 141.261764] ret_from_fork_asm+0x1a/0x30 [ 141.262306] </TASK> [ 141.262417] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.266207] WARNING: CPU: 0 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.266523] Modules linked in: [ 141.266678] CPU: 0 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.268328] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.268865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.270048] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.270620] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b d5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.272008] RSP: 0000:ffff88810bccfc78 EFLAGS: 00010286 [ 141.272587] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.273234] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff98833c38 [ 141.273628] RBP: ffff88810bccfca0 R08: 0000000000000000 R09: ffffed1020d281a0 [ 141.274225] R10: ffff888106940d07 R11: 0000000000000000 R12: ffffffff98833c20 [ 141.274773] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810bccfd38 [ 141.275151] FS: 0000000000000000(0000) GS:ffff8881c0872000(0000) knlGS:0000000000000000 [ 141.275380] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.275556] CR2: 00007ffff7ffe000 CR3: 000000012a6bc000 CR4: 00000000000006f0 [ 141.275758] DR0: ffffffff9a852440 DR1: ffffffff9a852441 DR2: ffffffff9a852442 [ 141.275959] DR3: ffffffff9a852443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.276456] Call Trace: [ 141.276808] <TASK> [ 141.277123] drm_test_rect_calc_hscale+0x108/0x270 [ 141.278281] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.278903] ? __schedule+0x10cc/0x2b60 [ 141.279888] ? __pfx_read_tsc+0x10/0x10 [ 141.280122] ? ktime_get_ts64+0x86/0x230 [ 141.280276] kunit_try_run_case+0x1a5/0x480 [ 141.280434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.280595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.280755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.280921] ? __kthread_parkme+0x82/0x180 [ 141.281812] ? preempt_count_sub+0x50/0x80 [ 141.283150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.284178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.285164] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.286543] kthread+0x337/0x6f0 [ 141.287344] ? trace_preempt_on+0x20/0xc0 [ 141.287879] ? __pfx_kthread+0x10/0x10 [ 141.288480] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.288652] ? calculate_sigpending+0x7b/0xa0 [ 141.289914] ? __pfx_kthread+0x10/0x10 [ 141.290432] ret_from_fork+0x116/0x1d0 [ 141.291213] ? __pfx_kthread+0x10/0x10 [ 141.291658] ret_from_fork_asm+0x1a/0x30 [ 141.292406] </TASK> [ 141.292644] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 140.616410] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 140.616507] WARNING: CPU: 1 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 140.618014] Modules linked in: [ 140.618301] CPU: 1 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.618632] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.618833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.619518] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 140.619712] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 e0 8a 7e 98 4c 89 f2 48 c7 c7 a0 87 7e 98 48 89 c6 e8 34 b8 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 140.620379] RSP: 0000:ffff88810b52fd18 EFLAGS: 00010286 [ 140.620759] RAX: 0000000000000000 RBX: ffff8881085f7c00 RCX: 1ffffffff32a4cf0 [ 140.621209] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.621502] RBP: ffff88810b52fd48 R08: 0000000000000000 R09: fffffbfff32a4cf0 [ 140.621742] R10: 0000000000000003 R11: 0000000000038de0 R12: ffff88810b610800 [ 140.622146] R13: ffff8881085f7cf8 R14: ffff888105714300 R15: ffff88810039fb40 [ 140.622435] FS: 0000000000000000(0000) GS:ffff8881c0972000(0000) knlGS:0000000000000000 [ 140.622764] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.622986] CR2: 00007ffff7ffe000 CR3: 000000012a6bc000 CR4: 00000000000006f0 [ 140.623320] DR0: ffffffff9a852440 DR1: ffffffff9a852441 DR2: ffffffff9a852443 [ 140.623550] DR3: ffffffff9a852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.623834] Call Trace: [ 140.623991] <TASK> [ 140.624108] ? trace_preempt_on+0x20/0xc0 [ 140.624291] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 140.624572] drm_gem_shmem_free_wrapper+0x12/0x20 [ 140.624780] __kunit_action_free+0x57/0x70 [ 140.625081] kunit_remove_resource+0x133/0x200 [ 140.625332] ? preempt_count_sub+0x50/0x80 [ 140.625543] kunit_cleanup+0x7a/0x120 [ 140.625981] kunit_try_run_case_cleanup+0xbd/0xf0 [ 140.626424] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 140.626710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.626915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.627222] kthread+0x337/0x6f0 [ 140.627461] ? trace_preempt_on+0x20/0xc0 [ 140.627664] ? __pfx_kthread+0x10/0x10 [ 140.627890] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.628176] ? calculate_sigpending+0x7b/0xa0 [ 140.628402] ? __pfx_kthread+0x10/0x10 [ 140.628576] ret_from_fork+0x116/0x1d0 [ 140.628833] ? __pfx_kthread+0x10/0x10 [ 140.629055] ret_from_fork_asm+0x1a/0x30 [ 140.629438] </TASK> [ 140.629575] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.486765] WARNING: CPU: 1 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 140.487387] Modules linked in: [ 140.487700] CPU: 1 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.488301] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.488582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.489227] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 140.489578] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 140.490889] RSP: 0000:ffff88810b0bfb20 EFLAGS: 00010246 [ 140.491315] RAX: ffff88810b0bfba8 RBX: ffff88810b0bfc28 RCX: 1ffff11021617f8e [ 140.491637] RDX: dffffc0000000000 RSI: ffff88810b2cc000 RDI: ffff88810b2cc000 [ 140.492069] RBP: ffff88810b0bfb70 R08: ffff88810b2cc000 R09: ffffffff987d8e20 [ 140.492521] R10: 0000000000000003 R11: 00000000fb164a64 R12: 1ffff11021617f71 [ 140.492803] R13: ffff88810b0bfc70 R14: ffff88810b0bfdb8 R15: 0000000000000000 [ 140.493277] FS: 0000000000000000(0000) GS:ffff8881c0972000(0000) knlGS:0000000000000000 [ 140.493667] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.493973] CR2: 00007ffff7ffe000 CR3: 000000012a6bc000 CR4: 00000000000006f0 [ 140.494342] DR0: ffffffff9a852440 DR1: ffffffff9a852441 DR2: ffffffff9a852443 [ 140.494641] DR3: ffffffff9a852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.495108] Call Trace: [ 140.495405] <TASK> [ 140.495550] ? trace_preempt_on+0x20/0xc0 [ 140.495803] ? add_dr+0xc1/0x1d0 [ 140.496163] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.496622] ? add_dr+0x148/0x1d0 [ 140.496837] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.497210] ? __drmm_add_action+0x1a4/0x280 [ 140.497571] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.497910] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.498323] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.498670] ? __schedule+0x10cc/0x2b60 [ 140.498919] ? __pfx_read_tsc+0x10/0x10 [ 140.499339] ? ktime_get_ts64+0x86/0x230 [ 140.499609] kunit_try_run_case+0x1a5/0x480 [ 140.499919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.500314] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.500573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.500836] ? __kthread_parkme+0x82/0x180 [ 140.501137] ? preempt_count_sub+0x50/0x80 [ 140.501448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.501722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.502169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.502496] kthread+0x337/0x6f0 [ 140.502686] ? trace_preempt_on+0x20/0xc0 [ 140.502921] ? __pfx_kthread+0x10/0x10 [ 140.503370] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.503726] ? calculate_sigpending+0x7b/0xa0 [ 140.503925] ? __pfx_kthread+0x10/0x10 [ 140.504244] ret_from_fork+0x116/0x1d0 [ 140.504438] ? __pfx_kthread+0x10/0x10 [ 140.504702] ret_from_fork_asm+0x1a/0x30 [ 140.504881] </TASK> [ 140.505006] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 140.454549] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 140.454678] WARNING: CPU: 1 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.456134] Modules linked in: [ 140.456479] CPU: 1 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.456941] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.457280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.457666] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.457909] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 c0 38 7d 98 4c 89 fa 48 c7 c7 20 39 7d 98 48 89 c6 e8 b2 de 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.458674] RSP: 0000:ffff88810b2b7b68 EFLAGS: 00010282 [ 140.458932] RAX: 0000000000000000 RBX: ffff88810b2b7c40 RCX: 1ffffffff32a4cf0 [ 140.459406] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.459686] RBP: ffff88810b2b7b90 R08: 0000000000000000 R09: fffffbfff32a4cf0 [ 140.460049] R10: 0000000000000003 R11: 00000000000373f8 R12: ffff88810b2b7c18 [ 140.460527] R13: ffff88810b28b800 R14: ffff88810b2ca000 R15: ffff888103830f00 [ 140.460882] FS: 0000000000000000(0000) GS:ffff8881c0972000(0000) knlGS:0000000000000000 [ 140.461291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.461529] CR2: 00007ffff7ffe000 CR3: 000000012a6bc000 CR4: 00000000000006f0 [ 140.461839] DR0: ffffffff9a852440 DR1: ffffffff9a852441 DR2: ffffffff9a852443 [ 140.462104] DR3: ffffffff9a852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.462342] Call Trace: [ 140.462519] <TASK> [ 140.462659] drm_test_framebuffer_free+0x1ab/0x610 [ 140.463279] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.463525] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.464435] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.464682] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.464972] ? __schedule+0x10cc/0x2b60 [ 140.465324] ? __pfx_read_tsc+0x10/0x10 [ 140.465536] ? ktime_get_ts64+0x86/0x230 [ 140.465760] kunit_try_run_case+0x1a5/0x480 [ 140.466023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.466304] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.466549] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.466802] ? __kthread_parkme+0x82/0x180 [ 140.467037] ? preempt_count_sub+0x50/0x80 [ 140.467462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.467688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.467969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.468270] kthread+0x337/0x6f0 [ 140.468574] ? trace_preempt_on+0x20/0xc0 [ 140.468776] ? __pfx_kthread+0x10/0x10 [ 140.469116] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.469324] ? calculate_sigpending+0x7b/0xa0 [ 140.469545] ? __pfx_kthread+0x10/0x10 [ 140.469715] ret_from_fork+0x116/0x1d0 [ 140.470059] ? __pfx_kthread+0x10/0x10 [ 140.470236] ret_from_fork_asm+0x1a/0x30 [ 140.470465] </TASK> [ 140.470595] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 139.231009] WARNING: CPU: 0 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.232300] Modules linked in: [ 139.232462] CPU: 0 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.233150] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.234108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.235403] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.235931] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 82 26 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.237484] RSP: 0000:ffff88810a637c90 EFLAGS: 00010246 [ 139.238296] RAX: dffffc0000000000 RBX: ffff888103e96000 RCX: 0000000000000000 [ 139.238602] RDX: 1ffff110207d2c32 RSI: ffffffff95a067f8 RDI: ffff888103e96190 [ 139.238901] RBP: ffff88810a637ca0 R08: 1ffff11020073f69 R09: ffffed10214c6f65 [ 139.239202] R10: 0000000000000003 R11: ffffffff94f859f8 R12: 0000000000000000 [ 139.239485] R13: ffff88810a637d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.239767] FS: 0000000000000000(0000) GS:ffff8881c0872000(0000) knlGS:0000000000000000 [ 139.240644] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.241065] CR2: 00007ffff7ffe000 CR3: 000000012a6bc000 CR4: 00000000000006f0 [ 139.241528] DR0: ffffffff9a852440 DR1: ffffffff9a852441 DR2: ffffffff9a852442 [ 139.242117] DR3: ffffffff9a852443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.242699] Call Trace: [ 139.242957] <TASK> [ 139.243356] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 139.243854] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 139.244554] ? __schedule+0x10cc/0x2b60 [ 139.244887] ? __pfx_read_tsc+0x10/0x10 [ 139.245430] ? ktime_get_ts64+0x86/0x230 [ 139.245764] kunit_try_run_case+0x1a5/0x480 [ 139.246305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.246662] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.247192] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.247554] ? __kthread_parkme+0x82/0x180 [ 139.247909] ? preempt_count_sub+0x50/0x80 [ 139.248336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.248564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.248935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.249509] kthread+0x337/0x6f0 [ 139.249860] ? trace_preempt_on+0x20/0xc0 [ 139.250298] ? __pfx_kthread+0x10/0x10 [ 139.250709] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.251150] ? calculate_sigpending+0x7b/0xa0 [ 139.251566] ? __pfx_kthread+0x10/0x10 [ 139.252069] ret_from_fork+0x116/0x1d0 [ 139.252486] ? __pfx_kthread+0x10/0x10 [ 139.252786] ret_from_fork_asm+0x1a/0x30 [ 139.253427] </TASK> [ 139.253631] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.155506] WARNING: CPU: 0 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.156189] Modules linked in: [ 139.156406] CPU: 0 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.156768] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.156955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.157778] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.158297] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 82 26 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.159478] RSP: 0000:ffff88810a71fc90 EFLAGS: 00010246 [ 139.159832] RAX: dffffc0000000000 RBX: ffff88810a2dc000 RCX: 0000000000000000 [ 139.160166] RDX: 1ffff1102145b832 RSI: ffffffff95a067f8 RDI: ffff88810a2dc190 [ 139.160487] RBP: ffff88810a71fca0 R08: 1ffff11020073f69 R09: ffffed10214e3f65 [ 139.160791] R10: 0000000000000003 R11: ffffffff94f859f8 R12: 0000000000000000 [ 139.161236] R13: ffff88810a71fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.161474] FS: 0000000000000000(0000) GS:ffff8881c0872000(0000) knlGS:0000000000000000 [ 139.161850] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.162260] CR2: 00007ffff7ffe000 CR3: 000000012a6bc000 CR4: 00000000000006f0 [ 139.162585] DR0: ffffffff9a852440 DR1: ffffffff9a852441 DR2: ffffffff9a852442 [ 139.163621] DR3: ffffffff9a852443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.164266] Call Trace: [ 139.164389] <TASK> [ 139.164641] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 139.165305] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 139.165665] ? __schedule+0x10cc/0x2b60 [ 139.165951] ? __pfx_read_tsc+0x10/0x10 [ 139.166404] ? ktime_get_ts64+0x86/0x230 [ 139.166727] kunit_try_run_case+0x1a5/0x480 [ 139.166961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.167534] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.167767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.168004] ? __kthread_parkme+0x82/0x180 [ 139.168430] ? preempt_count_sub+0x50/0x80 [ 139.168779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.169234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.169600] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.169911] kthread+0x337/0x6f0 [ 139.170344] ? trace_preempt_on+0x20/0xc0 [ 139.170677] ? __pfx_kthread+0x10/0x10 [ 139.170896] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.171379] ? calculate_sigpending+0x7b/0xa0 [ 139.171699] ? __pfx_kthread+0x10/0x10 [ 139.171917] ret_from_fork+0x116/0x1d0 [ 139.172282] ? __pfx_kthread+0x10/0x10 [ 139.172618] ret_from_fork_asm+0x1a/0x30 [ 139.172857] </TASK> [ 139.173180] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 108.625891] WARNING: CPU: 0 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 108.626893] Modules linked in: [ 108.627422] CPU: 0 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 108.628340] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 108.628542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.629523] RIP: 0010:intlog10+0x2a/0x40 [ 108.629978] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 07 aa 86 02 90 <0f> 0b 90 31 c0 e9 fc a9 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 108.631496] RSP: 0000:ffff8881022c7cb0 EFLAGS: 00010246 [ 108.631711] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11020458fb4 [ 108.631931] RDX: 1ffffffff30d2dc4 RSI: 1ffff11020458fb3 RDI: 0000000000000000 [ 108.632175] RBP: ffff8881022c7d60 R08: 0000000000000000 R09: ffffed102113e5a0 [ 108.632540] R10: ffff8881089f2d07 R11: 0000000000000000 R12: 1ffff11020458f97 [ 108.633003] R13: ffffffff98696e20 R14: 0000000000000000 R15: ffff8881022c7d38 [ 108.633449] FS: 0000000000000000(0000) GS:ffff8881c0872000(0000) knlGS:0000000000000000 [ 108.633892] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.634138] CR2: ffff88815a8aafe0 CR3: 000000012a6bc000 CR4: 00000000000006f0 [ 108.634691] DR0: ffffffff9a852440 DR1: ffffffff9a852441 DR2: ffffffff9a852442 [ 108.634962] DR3: ffffffff9a852443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.635341] Call Trace: [ 108.635489] <TASK> [ 108.635605] ? intlog10_test+0xf2/0x220 [ 108.635797] ? __pfx_intlog10_test+0x10/0x10 [ 108.636158] ? __schedule+0x10cc/0x2b60 [ 108.636361] ? __pfx_read_tsc+0x10/0x10 [ 108.636564] ? ktime_get_ts64+0x86/0x230 [ 108.636798] kunit_try_run_case+0x1a5/0x480 [ 108.636988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.637525] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.637709] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.638129] ? __kthread_parkme+0x82/0x180 [ 108.638438] ? preempt_count_sub+0x50/0x80 [ 108.638710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.638934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.639228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.639536] kthread+0x337/0x6f0 [ 108.639700] ? trace_preempt_on+0x20/0xc0 [ 108.639928] ? __pfx_kthread+0x10/0x10 [ 108.640170] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.640423] ? calculate_sigpending+0x7b/0xa0 [ 108.640601] ? __pfx_kthread+0x10/0x10 [ 108.640766] ret_from_fork+0x116/0x1d0 [ 108.641091] ? __pfx_kthread+0x10/0x10 [ 108.641445] ret_from_fork_asm+0x1a/0x30 [ 108.641750] </TASK> [ 108.641905] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 108.589457] WARNING: CPU: 0 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 108.589794] Modules linked in: [ 108.590110] CPU: 0 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 108.590546] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 108.590784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.591230] RIP: 0010:intlog2+0xdf/0x110 [ 108.591488] Code: 69 98 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 6f d8 55 ff 8b 45 e4 eb [ 108.592273] RSP: 0000:ffff8881020d7cb0 EFLAGS: 00010246 [ 108.592528] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102041afb4 [ 108.592825] RDX: 1ffffffff30d2e18 RSI: 1ffff1102041afb3 RDI: 0000000000000000 [ 108.593177] RBP: ffff8881020d7d60 R08: 0000000000000000 R09: ffffed10201801c0 [ 108.593467] R10: ffff888100c00e07 R11: 0000000000000000 R12: 1ffff1102041af97 [ 108.593740] R13: ffffffff986970c0 R14: 0000000000000000 R15: ffff8881020d7d38 [ 108.594177] FS: 0000000000000000(0000) GS:ffff8881c0872000(0000) knlGS:0000000000000000 [ 108.594508] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.594917] CR2: ffff88815a8aafe0 CR3: 000000012a6bc000 CR4: 00000000000006f0 [ 108.595240] DR0: ffffffff9a852440 DR1: ffffffff9a852441 DR2: ffffffff9a852442 [ 108.595577] DR3: ffffffff9a852443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.595901] Call Trace: [ 108.596079] <TASK> [ 108.596298] ? intlog2_test+0xf2/0x220 [ 108.596484] ? __pfx_intlog2_test+0x10/0x10 [ 108.596707] ? __schedule+0x10cc/0x2b60 [ 108.596894] ? __pfx_read_tsc+0x10/0x10 [ 108.597211] ? ktime_get_ts64+0x86/0x230 [ 108.597410] kunit_try_run_case+0x1a5/0x480 [ 108.597610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.597816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.598311] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.598521] ? __kthread_parkme+0x82/0x180 [ 108.598700] ? preempt_count_sub+0x50/0x80 [ 108.598852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.599204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.599475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.599789] kthread+0x337/0x6f0 [ 108.600043] ? trace_preempt_on+0x20/0xc0 [ 108.600256] ? __pfx_kthread+0x10/0x10 [ 108.600435] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.600652] ? calculate_sigpending+0x7b/0xa0 [ 108.600852] ? __pfx_kthread+0x10/0x10 [ 108.601145] ret_from_fork+0x116/0x1d0 [ 108.601318] ? __pfx_kthread+0x10/0x10 [ 108.601491] ret_from_fork_asm+0x1a/0x30 [ 108.601731] </TASK> [ 108.601862] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 108.009573] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI