Date
July 18, 2025, 2:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 16.606276] ================================================================== [ 16.606358] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.606433] Write of size 1 at addr fff00000c595ee78 by task kunit_try_catch/142 [ 16.606488] [ 16.606541] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.606645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.606674] Hardware name: linux,dummy-virt (DT) [ 16.606705] Call trace: [ 16.606728] show_stack+0x20/0x38 (C) [ 16.606804] dump_stack_lvl+0x8c/0xd0 [ 16.606867] print_report+0x118/0x5d0 [ 16.606915] kasan_report+0xdc/0x128 [ 16.606960] __asan_report_store1_noabort+0x20/0x30 [ 16.607047] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.607382] kunit_try_run_case+0x170/0x3f0 [ 16.607495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.607589] kthread+0x328/0x630 [ 16.607642] ret_from_fork+0x10/0x20 [ 16.607690] [ 16.607709] Allocated by task 142: [ 16.607737] kasan_save_stack+0x3c/0x68 [ 16.607779] kasan_save_track+0x20/0x40 [ 16.607815] kasan_save_alloc_info+0x40/0x58 [ 16.607865] __kasan_kmalloc+0xd4/0xd8 [ 16.607900] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.607943] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.607982] kunit_try_run_case+0x170/0x3f0 [ 16.608018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.608058] kthread+0x328/0x630 [ 16.608239] ret_from_fork+0x10/0x20 [ 16.608328] [ 16.608386] The buggy address belongs to the object at fff00000c595ee00 [ 16.608386] which belongs to the cache kmalloc-128 of size 128 [ 16.608453] The buggy address is located 0 bytes to the right of [ 16.608453] allocated 120-byte region [fff00000c595ee00, fff00000c595ee78) [ 16.608554] [ 16.608622] The buggy address belongs to the physical page: [ 16.608654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 16.608752] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.608829] page_type: f5(slab) [ 16.608881] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.608945] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.608984] page dumped because: kasan: bad access detected [ 16.609013] [ 16.609030] Memory state around the buggy address: [ 16.609061] fff00000c595ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.609101] fff00000c595ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.609142] >fff00000c595ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.609177] ^ [ 16.609215] fff00000c595ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.609417] fff00000c595ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.609512] ================================================================== [ 16.601124] ================================================================== [ 16.601214] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.601298] Write of size 1 at addr fff00000c595ed78 by task kunit_try_catch/142 [ 16.601349] [ 16.601389] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.601623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.601655] Hardware name: linux,dummy-virt (DT) [ 16.601687] Call trace: [ 16.601710] show_stack+0x20/0x38 (C) [ 16.601764] dump_stack_lvl+0x8c/0xd0 [ 16.602056] print_report+0x118/0x5d0 [ 16.602121] kasan_report+0xdc/0x128 [ 16.602334] __asan_report_store1_noabort+0x20/0x30 [ 16.602392] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.602445] kunit_try_run_case+0x170/0x3f0 [ 16.602632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.602739] kthread+0x328/0x630 [ 16.602893] ret_from_fork+0x10/0x20 [ 16.602971] [ 16.602990] Allocated by task 142: [ 16.603019] kasan_save_stack+0x3c/0x68 [ 16.603062] kasan_save_track+0x20/0x40 [ 16.603099] kasan_save_alloc_info+0x40/0x58 [ 16.603137] __kasan_kmalloc+0xd4/0xd8 [ 16.603374] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.603468] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.603520] kunit_try_run_case+0x170/0x3f0 [ 16.603569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.603678] kthread+0x328/0x630 [ 16.603853] ret_from_fork+0x10/0x20 [ 16.603919] [ 16.603998] The buggy address belongs to the object at fff00000c595ed00 [ 16.603998] which belongs to the cache kmalloc-128 of size 128 [ 16.604058] The buggy address is located 0 bytes to the right of [ 16.604058] allocated 120-byte region [fff00000c595ed00, fff00000c595ed78) [ 16.604165] [ 16.604187] The buggy address belongs to the physical page: [ 16.604272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 16.604328] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.604380] page_type: f5(slab) [ 16.604423] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.604472] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.604511] page dumped because: kasan: bad access detected [ 16.604541] [ 16.604558] Memory state around the buggy address: [ 16.604815] fff00000c595ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.604933] fff00000c595ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605007] >fff00000c595ed00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.605044] ^ [ 16.605090] fff00000c595ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605158] fff00000c595ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605200] ==================================================================
[ 16.296443] ================================================================== [ 16.296539] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.296592] Write of size 1 at addr fff00000c5b7d778 by task kunit_try_catch/142 [ 16.296947] [ 16.296988] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.297079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.297105] Hardware name: linux,dummy-virt (DT) [ 16.297135] Call trace: [ 16.297157] show_stack+0x20/0x38 (C) [ 16.297206] dump_stack_lvl+0x8c/0xd0 [ 16.297274] print_report+0x118/0x5d0 [ 16.297334] kasan_report+0xdc/0x128 [ 16.297381] __asan_report_store1_noabort+0x20/0x30 [ 16.297432] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.297499] kunit_try_run_case+0x170/0x3f0 [ 16.297549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.297620] kthread+0x328/0x630 [ 16.297834] ret_from_fork+0x10/0x20 [ 16.297974] [ 16.298042] Allocated by task 142: [ 16.298075] kasan_save_stack+0x3c/0x68 [ 16.298141] kasan_save_track+0x20/0x40 [ 16.298178] kasan_save_alloc_info+0x40/0x58 [ 16.298261] __kasan_kmalloc+0xd4/0xd8 [ 16.298463] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.298518] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.298558] kunit_try_run_case+0x170/0x3f0 [ 16.298625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.298667] kthread+0x328/0x630 [ 16.298698] ret_from_fork+0x10/0x20 [ 16.298777] [ 16.298882] The buggy address belongs to the object at fff00000c5b7d700 [ 16.298882] which belongs to the cache kmalloc-128 of size 128 [ 16.299089] The buggy address is located 0 bytes to the right of [ 16.299089] allocated 120-byte region [fff00000c5b7d700, fff00000c5b7d778) [ 16.299205] [ 16.299224] The buggy address belongs to the physical page: [ 16.299254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b7d [ 16.299801] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.299955] page_type: f5(slab) [ 16.300169] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.300219] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.300313] page dumped because: kasan: bad access detected [ 16.300354] [ 16.300371] Memory state around the buggy address: [ 16.300401] fff00000c5b7d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.300625] fff00000c5b7d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.300735] >fff00000c5b7d700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.300794] ^ [ 16.300896] fff00000c5b7d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.300963] fff00000c5b7d800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.301008] ================================================================== [ 16.290929] ================================================================== [ 16.290988] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.291275] Write of size 1 at addr fff00000c5b7d678 by task kunit_try_catch/142 [ 16.291515] [ 16.291785] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.292072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.292126] Hardware name: linux,dummy-virt (DT) [ 16.292196] Call trace: [ 16.292227] show_stack+0x20/0x38 (C) [ 16.292376] dump_stack_lvl+0x8c/0xd0 [ 16.292477] print_report+0x118/0x5d0 [ 16.292545] kasan_report+0xdc/0x128 [ 16.292591] __asan_report_store1_noabort+0x20/0x30 [ 16.292642] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.292691] kunit_try_run_case+0x170/0x3f0 [ 16.292738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.292790] kthread+0x328/0x630 [ 16.292831] ret_from_fork+0x10/0x20 [ 16.292879] [ 16.292897] Allocated by task 142: [ 16.292924] kasan_save_stack+0x3c/0x68 [ 16.292973] kasan_save_track+0x20/0x40 [ 16.293010] kasan_save_alloc_info+0x40/0x58 [ 16.293048] __kasan_kmalloc+0xd4/0xd8 [ 16.293083] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.293125] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.293233] kunit_try_run_case+0x170/0x3f0 [ 16.293483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.293664] kthread+0x328/0x630 [ 16.293803] ret_from_fork+0x10/0x20 [ 16.293965] [ 16.293985] The buggy address belongs to the object at fff00000c5b7d600 [ 16.293985] which belongs to the cache kmalloc-128 of size 128 [ 16.294306] The buggy address is located 0 bytes to the right of [ 16.294306] allocated 120-byte region [fff00000c5b7d600, fff00000c5b7d678) [ 16.294416] [ 16.294436] The buggy address belongs to the physical page: [ 16.294547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b7d [ 16.294705] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.294759] page_type: f5(slab) [ 16.294800] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.294849] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.294888] page dumped because: kasan: bad access detected [ 16.294929] [ 16.294946] Memory state around the buggy address: [ 16.294977] fff00000c5b7d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.295070] fff00000c5b7d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.295389] >fff00000c5b7d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.295481] ^ [ 16.295574] fff00000c5b7d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.295621] fff00000c5b7d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.295657] ==================================================================
[ 16.316606] ================================================================== [ 16.316659] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.316710] Write of size 1 at addr fff00000c576ce78 by task kunit_try_catch/142 [ 16.316772] [ 16.317396] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.317495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.317593] Hardware name: linux,dummy-virt (DT) [ 16.317653] Call trace: [ 16.317677] show_stack+0x20/0x38 (C) [ 16.317741] dump_stack_lvl+0x8c/0xd0 [ 16.317790] print_report+0x118/0x5d0 [ 16.317836] kasan_report+0xdc/0x128 [ 16.317880] __asan_report_store1_noabort+0x20/0x30 [ 16.317941] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.317999] kunit_try_run_case+0x170/0x3f0 [ 16.318046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.318097] kthread+0x328/0x630 [ 16.318138] ret_from_fork+0x10/0x20 [ 16.318184] [ 16.318203] Allocated by task 142: [ 16.318230] kasan_save_stack+0x3c/0x68 [ 16.318285] kasan_save_track+0x20/0x40 [ 16.318322] kasan_save_alloc_info+0x40/0x58 [ 16.318360] __kasan_kmalloc+0xd4/0xd8 [ 16.318395] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.318446] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.318502] kunit_try_run_case+0x170/0x3f0 [ 16.318538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.318587] kthread+0x328/0x630 [ 16.318626] ret_from_fork+0x10/0x20 [ 16.318660] [ 16.318678] The buggy address belongs to the object at fff00000c576ce00 [ 16.318678] which belongs to the cache kmalloc-128 of size 128 [ 16.319252] The buggy address is located 0 bytes to the right of [ 16.319252] allocated 120-byte region [fff00000c576ce00, fff00000c576ce78) [ 16.319589] [ 16.319986] The buggy address belongs to the physical page: [ 16.320041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10576c [ 16.320112] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.320409] page_type: f5(slab) [ 16.320793] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.320964] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.321087] page dumped because: kasan: bad access detected [ 16.321192] [ 16.321327] Memory state around the buggy address: [ 16.321427] fff00000c576cd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.321520] fff00000c576cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.321570] >fff00000c576ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.321833] ^ [ 16.322040] fff00000c576ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.322154] fff00000c576cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.322254] ================================================================== [ 16.306634] ================================================================== [ 16.307039] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.307275] Write of size 1 at addr fff00000c576cd78 by task kunit_try_catch/142 [ 16.307477] [ 16.307626] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.308006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.308100] Hardware name: linux,dummy-virt (DT) [ 16.308175] Call trace: [ 16.308200] show_stack+0x20/0x38 (C) [ 16.308283] dump_stack_lvl+0x8c/0xd0 [ 16.308484] print_report+0x118/0x5d0 [ 16.308819] kasan_report+0xdc/0x128 [ 16.309077] __asan_report_store1_noabort+0x20/0x30 [ 16.309147] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.309198] kunit_try_run_case+0x170/0x3f0 [ 16.309299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.309368] kthread+0x328/0x630 [ 16.309421] ret_from_fork+0x10/0x20 [ 16.309476] [ 16.309494] Allocated by task 142: [ 16.309531] kasan_save_stack+0x3c/0x68 [ 16.309578] kasan_save_track+0x20/0x40 [ 16.309615] kasan_save_alloc_info+0x40/0x58 [ 16.309659] __kasan_kmalloc+0xd4/0xd8 [ 16.309695] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.310310] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.310693] kunit_try_run_case+0x170/0x3f0 [ 16.311021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.311077] kthread+0x328/0x630 [ 16.311506] ret_from_fork+0x10/0x20 [ 16.311588] [ 16.311908] The buggy address belongs to the object at fff00000c576cd00 [ 16.311908] which belongs to the cache kmalloc-128 of size 128 [ 16.312275] The buggy address is located 0 bytes to the right of [ 16.312275] allocated 120-byte region [fff00000c576cd00, fff00000c576cd78) [ 16.312754] [ 16.312814] The buggy address belongs to the physical page: [ 16.313012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10576c [ 16.313083] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.313317] page_type: f5(slab) [ 16.313679] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.313836] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.313895] page dumped because: kasan: bad access detected [ 16.313926] [ 16.313978] Memory state around the buggy address: [ 16.314214] fff00000c576cc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.314400] fff00000c576cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.314626] >fff00000c576cd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.314693] ^ [ 16.314910] fff00000c576cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.314980] fff00000c576ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.315018] ==================================================================
[ 11.439591] ================================================================== [ 11.439902] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.440246] Write of size 1 at addr ffff8881026ce778 by task kunit_try_catch/160 [ 11.440742] [ 11.440838] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.440880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.440890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.440910] Call Trace: [ 11.440921] <TASK> [ 11.440934] dump_stack_lvl+0x73/0xb0 [ 11.440962] print_report+0xd1/0x610 [ 11.440985] ? __virt_addr_valid+0x1db/0x2d0 [ 11.441006] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.441032] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.441054] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.441080] kasan_report+0x141/0x180 [ 11.441102] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.441137] __asan_report_store1_noabort+0x1b/0x30 [ 11.441162] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.441187] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.441213] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.441237] ? trace_hardirqs_on+0x37/0xe0 [ 11.441260] ? __pfx_read_tsc+0x10/0x10 [ 11.441280] ? ktime_get_ts64+0x86/0x230 [ 11.441304] kunit_try_run_case+0x1a5/0x480 [ 11.441327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.441351] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.441376] ? __kthread_parkme+0x82/0x180 [ 11.441395] ? preempt_count_sub+0x50/0x80 [ 11.441672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.441697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.441722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.441745] kthread+0x337/0x6f0 [ 11.441765] ? trace_preempt_on+0x20/0xc0 [ 11.441787] ? __pfx_kthread+0x10/0x10 [ 11.441807] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.441829] ? calculate_sigpending+0x7b/0xa0 [ 11.441854] ? __pfx_kthread+0x10/0x10 [ 11.441875] ret_from_fork+0x116/0x1d0 [ 11.441893] ? __pfx_kthread+0x10/0x10 [ 11.441913] ret_from_fork_asm+0x1a/0x30 [ 11.441945] </TASK> [ 11.441955] [ 11.449297] Allocated by task 160: [ 11.449660] kasan_save_stack+0x45/0x70 [ 11.449814] kasan_save_track+0x18/0x40 [ 11.450011] kasan_save_alloc_info+0x3b/0x50 [ 11.450201] __kasan_kmalloc+0xb7/0xc0 [ 11.450380] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.450577] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.450753] kunit_try_run_case+0x1a5/0x480 [ 11.450898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.451074] kthread+0x337/0x6f0 [ 11.451194] ret_from_fork+0x116/0x1d0 [ 11.451327] ret_from_fork_asm+0x1a/0x30 [ 11.451662] [ 11.451761] The buggy address belongs to the object at ffff8881026ce700 [ 11.451761] which belongs to the cache kmalloc-128 of size 128 [ 11.452289] The buggy address is located 0 bytes to the right of [ 11.452289] allocated 120-byte region [ffff8881026ce700, ffff8881026ce778) [ 11.453231] [ 11.453307] The buggy address belongs to the physical page: [ 11.453671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 11.454014] flags: 0x200000000000000(node=0|zone=2) [ 11.454228] page_type: f5(slab) [ 11.454404] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.454921] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.455167] page dumped because: kasan: bad access detected [ 11.455340] [ 11.455409] Memory state around the buggy address: [ 11.455734] ffff8881026ce600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.456052] ffff8881026ce680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.456582] >ffff8881026ce700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.456898] ^ [ 11.457218] ffff8881026ce780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.457557] ffff8881026ce800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.457866] ================================================================== [ 11.419847] ================================================================== [ 11.420305] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.420707] Write of size 1 at addr ffff8881026ce678 by task kunit_try_catch/160 [ 11.421186] [ 11.421303] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.421345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.421357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.421377] Call Trace: [ 11.421388] <TASK> [ 11.421402] dump_stack_lvl+0x73/0xb0 [ 11.421431] print_report+0xd1/0x610 [ 11.421479] ? __virt_addr_valid+0x1db/0x2d0 [ 11.421502] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.421527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.421549] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.421575] kasan_report+0x141/0x180 [ 11.421656] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.421692] __asan_report_store1_noabort+0x1b/0x30 [ 11.421717] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.421742] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.421768] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.421793] ? trace_hardirqs_on+0x37/0xe0 [ 11.421816] ? __pfx_read_tsc+0x10/0x10 [ 11.421837] ? ktime_get_ts64+0x86/0x230 [ 11.421861] kunit_try_run_case+0x1a5/0x480 [ 11.421885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.421909] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.421934] ? __kthread_parkme+0x82/0x180 [ 11.421955] ? preempt_count_sub+0x50/0x80 [ 11.421979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.422003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.422026] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.422050] kthread+0x337/0x6f0 [ 11.422068] ? trace_preempt_on+0x20/0xc0 [ 11.422090] ? __pfx_kthread+0x10/0x10 [ 11.422110] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.422131] ? calculate_sigpending+0x7b/0xa0 [ 11.422154] ? __pfx_kthread+0x10/0x10 [ 11.422176] ret_from_fork+0x116/0x1d0 [ 11.422194] ? __pfx_kthread+0x10/0x10 [ 11.422215] ret_from_fork_asm+0x1a/0x30 [ 11.422248] </TASK> [ 11.422257] [ 11.429806] Allocated by task 160: [ 11.429949] kasan_save_stack+0x45/0x70 [ 11.430193] kasan_save_track+0x18/0x40 [ 11.430393] kasan_save_alloc_info+0x3b/0x50 [ 11.430747] __kasan_kmalloc+0xb7/0xc0 [ 11.431011] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.431192] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.431364] kunit_try_run_case+0x1a5/0x480 [ 11.431675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.431944] kthread+0x337/0x6f0 [ 11.432114] ret_from_fork+0x116/0x1d0 [ 11.432307] ret_from_fork_asm+0x1a/0x30 [ 11.432709] [ 11.432810] The buggy address belongs to the object at ffff8881026ce600 [ 11.432810] which belongs to the cache kmalloc-128 of size 128 [ 11.433359] The buggy address is located 0 bytes to the right of [ 11.433359] allocated 120-byte region [ffff8881026ce600, ffff8881026ce678) [ 11.433983] [ 11.434084] The buggy address belongs to the physical page: [ 11.434325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 11.434723] flags: 0x200000000000000(node=0|zone=2) [ 11.434897] page_type: f5(slab) [ 11.435025] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.435265] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.435593] page dumped because: kasan: bad access detected [ 11.436202] [ 11.436392] Memory state around the buggy address: [ 11.436704] ffff8881026ce500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.437010] ffff8881026ce580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.437242] >ffff8881026ce600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.437724] ^ [ 11.438051] ffff8881026ce680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.438371] ffff8881026ce700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.438976] ==================================================================
[ 11.544220] ================================================================== [ 11.544763] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.545047] Write of size 1 at addr ffff8881029a6578 by task kunit_try_catch/159 [ 11.545760] [ 11.545886] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.545929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.545940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.545961] Call Trace: [ 11.545971] <TASK> [ 11.545988] dump_stack_lvl+0x73/0xb0 [ 11.546077] print_report+0xd1/0x610 [ 11.546100] ? __virt_addr_valid+0x1db/0x2d0 [ 11.546123] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.546149] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.546172] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.546197] kasan_report+0x141/0x180 [ 11.546218] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.546247] __asan_report_store1_noabort+0x1b/0x30 [ 11.546272] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.546297] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.546324] ? __schedule+0x10cc/0x2b60 [ 11.546346] ? __pfx_read_tsc+0x10/0x10 [ 11.546366] ? ktime_get_ts64+0x86/0x230 [ 11.546390] kunit_try_run_case+0x1a5/0x480 [ 11.546414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.546452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.546476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.546498] ? __kthread_parkme+0x82/0x180 [ 11.546517] ? preempt_count_sub+0x50/0x80 [ 11.546541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.546564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.546587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.546610] kthread+0x337/0x6f0 [ 11.546628] ? trace_preempt_on+0x20/0xc0 [ 11.546650] ? __pfx_kthread+0x10/0x10 [ 11.546670] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.546690] ? calculate_sigpending+0x7b/0xa0 [ 11.546714] ? __pfx_kthread+0x10/0x10 [ 11.546735] ret_from_fork+0x116/0x1d0 [ 11.546754] ? __pfx_kthread+0x10/0x10 [ 11.546774] ret_from_fork_asm+0x1a/0x30 [ 11.546803] </TASK> [ 11.546812] [ 11.554748] Allocated by task 159: [ 11.554926] kasan_save_stack+0x45/0x70 [ 11.555335] kasan_save_track+0x18/0x40 [ 11.555483] kasan_save_alloc_info+0x3b/0x50 [ 11.555636] __kasan_kmalloc+0xb7/0xc0 [ 11.555769] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.556043] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.556285] kunit_try_run_case+0x1a5/0x480 [ 11.556492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.556957] kthread+0x337/0x6f0 [ 11.557335] ret_from_fork+0x116/0x1d0 [ 11.557567] ret_from_fork_asm+0x1a/0x30 [ 11.557716] [ 11.557788] The buggy address belongs to the object at ffff8881029a6500 [ 11.557788] which belongs to the cache kmalloc-128 of size 128 [ 11.558421] The buggy address is located 0 bytes to the right of [ 11.558421] allocated 120-byte region [ffff8881029a6500, ffff8881029a6578) [ 11.558918] [ 11.559020] The buggy address belongs to the physical page: [ 11.559238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 11.559508] flags: 0x200000000000000(node=0|zone=2) [ 11.559671] page_type: f5(slab) [ 11.559793] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.560084] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.560419] page dumped because: kasan: bad access detected [ 11.560964] [ 11.561052] Memory state around the buggy address: [ 11.561208] ffff8881029a6400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.561423] ffff8881029a6480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.561946] >ffff8881029a6500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.562396] ^ [ 11.562717] ffff8881029a6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.563210] ffff8881029a6600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.563557] ================================================================== [ 11.522903] ================================================================== [ 11.523487] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.523903] Write of size 1 at addr ffff8881029a6478 by task kunit_try_catch/159 [ 11.524306] [ 11.524440] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.524497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.524509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.524530] Call Trace: [ 11.524543] <TASK> [ 11.524560] dump_stack_lvl+0x73/0xb0 [ 11.524591] print_report+0xd1/0x610 [ 11.524613] ? __virt_addr_valid+0x1db/0x2d0 [ 11.524636] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.524660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.524682] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.524717] kasan_report+0x141/0x180 [ 11.524738] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.524767] __asan_report_store1_noabort+0x1b/0x30 [ 11.524802] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.524826] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.524858] ? __schedule+0x10cc/0x2b60 [ 11.524881] ? __pfx_read_tsc+0x10/0x10 [ 11.524901] ? ktime_get_ts64+0x86/0x230 [ 11.524926] kunit_try_run_case+0x1a5/0x480 [ 11.524951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.524981] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.525004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.525045] ? __kthread_parkme+0x82/0x180 [ 11.525065] ? preempt_count_sub+0x50/0x80 [ 11.525089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.525123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.525146] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.525170] kthread+0x337/0x6f0 [ 11.525232] ? trace_preempt_on+0x20/0xc0 [ 11.525258] ? __pfx_kthread+0x10/0x10 [ 11.525291] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.525312] ? calculate_sigpending+0x7b/0xa0 [ 11.525336] ? __pfx_kthread+0x10/0x10 [ 11.525356] ret_from_fork+0x116/0x1d0 [ 11.525374] ? __pfx_kthread+0x10/0x10 [ 11.525394] ret_from_fork_asm+0x1a/0x30 [ 11.525424] </TASK> [ 11.525434] [ 11.533492] Allocated by task 159: [ 11.533635] kasan_save_stack+0x45/0x70 [ 11.533785] kasan_save_track+0x18/0x40 [ 11.533921] kasan_save_alloc_info+0x3b/0x50 [ 11.534156] __kasan_kmalloc+0xb7/0xc0 [ 11.534341] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.534628] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.534798] kunit_try_run_case+0x1a5/0x480 [ 11.535114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.535367] kthread+0x337/0x6f0 [ 11.535708] ret_from_fork+0x116/0x1d0 [ 11.535911] ret_from_fork_asm+0x1a/0x30 [ 11.536215] [ 11.536325] The buggy address belongs to the object at ffff8881029a6400 [ 11.536325] which belongs to the cache kmalloc-128 of size 128 [ 11.537648] The buggy address is located 0 bytes to the right of [ 11.537648] allocated 120-byte region [ffff8881029a6400, ffff8881029a6478) [ 11.538880] [ 11.538980] The buggy address belongs to the physical page: [ 11.539172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 11.539876] flags: 0x200000000000000(node=0|zone=2) [ 11.540176] page_type: f5(slab) [ 11.540322] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.540650] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.540969] page dumped because: kasan: bad access detected [ 11.541247] [ 11.541349] Memory state around the buggy address: [ 11.541572] ffff8881029a6300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.541790] ffff8881029a6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.542263] >ffff8881029a6400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.542552] ^ [ 11.542853] ffff8881029a6480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.543188] ffff8881029a6500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.543533] ==================================================================
[ 11.630753] ================================================================== [ 11.631483] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.631912] Write of size 1 at addr ffff888102e24278 by task kunit_try_catch/159 [ 11.632371] [ 11.632460] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.632520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.632531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.632585] Call Trace: [ 11.632597] <TASK> [ 11.632614] dump_stack_lvl+0x73/0xb0 [ 11.632654] print_report+0xd1/0x610 [ 11.632676] ? __virt_addr_valid+0x1db/0x2d0 [ 11.632727] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.632752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.632774] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.632811] kasan_report+0x141/0x180 [ 11.632832] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.632863] __asan_report_store1_noabort+0x1b/0x30 [ 11.632887] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.632921] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.632947] ? __schedule+0x10cc/0x2b60 [ 11.632969] ? __pfx_read_tsc+0x10/0x10 [ 11.633001] ? ktime_get_ts64+0x86/0x230 [ 11.633026] kunit_try_run_case+0x1a5/0x480 [ 11.633050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.633072] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.633096] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.633119] ? __kthread_parkme+0x82/0x180 [ 11.633139] ? preempt_count_sub+0x50/0x80 [ 11.633163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.633186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.633209] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.633233] kthread+0x337/0x6f0 [ 11.633251] ? trace_preempt_on+0x20/0xc0 [ 11.633275] ? __pfx_kthread+0x10/0x10 [ 11.633295] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.633316] ? calculate_sigpending+0x7b/0xa0 [ 11.633340] ? __pfx_kthread+0x10/0x10 [ 11.633361] ret_from_fork+0x116/0x1d0 [ 11.633379] ? __pfx_kthread+0x10/0x10 [ 11.633399] ret_from_fork_asm+0x1a/0x30 [ 11.633431] </TASK> [ 11.633440] [ 11.642867] Allocated by task 159: [ 11.643604] kasan_save_stack+0x45/0x70 [ 11.643803] kasan_save_track+0x18/0x40 [ 11.644146] kasan_save_alloc_info+0x3b/0x50 [ 11.644390] __kasan_kmalloc+0xb7/0xc0 [ 11.644688] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.645130] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.645497] kunit_try_run_case+0x1a5/0x480 [ 11.645695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.646172] kthread+0x337/0x6f0 [ 11.646356] ret_from_fork+0x116/0x1d0 [ 11.646511] ret_from_fork_asm+0x1a/0x30 [ 11.646723] [ 11.646823] The buggy address belongs to the object at ffff888102e24200 [ 11.646823] which belongs to the cache kmalloc-128 of size 128 [ 11.647440] The buggy address is located 0 bytes to the right of [ 11.647440] allocated 120-byte region [ffff888102e24200, ffff888102e24278) [ 11.648007] [ 11.648558] The buggy address belongs to the physical page: [ 11.648763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e24 [ 11.649566] flags: 0x200000000000000(node=0|zone=2) [ 11.649747] page_type: f5(slab) [ 11.649872] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.650124] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.650354] page dumped because: kasan: bad access detected [ 11.650526] [ 11.650597] Memory state around the buggy address: [ 11.650755] ffff888102e24100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.651246] ffff888102e24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.651882] >ffff888102e24200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.652539] ^ [ 11.653179] ffff888102e24280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.653788] ffff888102e24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.654417] ================================================================== [ 11.607635] ================================================================== [ 11.608736] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.609558] Write of size 1 at addr ffff888102e24178 by task kunit_try_catch/159 [ 11.610441] [ 11.610647] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.610697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.610708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.610730] Call Trace: [ 11.610741] <TASK> [ 11.610759] dump_stack_lvl+0x73/0xb0 [ 11.610799] print_report+0xd1/0x610 [ 11.610820] ? __virt_addr_valid+0x1db/0x2d0 [ 11.610843] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.610868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.610901] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.610926] kasan_report+0x141/0x180 [ 11.610948] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.610979] __asan_report_store1_noabort+0x1b/0x30 [ 11.611032] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.611057] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.611094] ? __schedule+0x10cc/0x2b60 [ 11.611117] ? __pfx_read_tsc+0x10/0x10 [ 11.611137] ? ktime_get_ts64+0x86/0x230 [ 11.611162] kunit_try_run_case+0x1a5/0x480 [ 11.611186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.611208] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.611231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.611254] ? __kthread_parkme+0x82/0x180 [ 11.611275] ? preempt_count_sub+0x50/0x80 [ 11.611299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.611323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.611346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.611369] kthread+0x337/0x6f0 [ 11.611387] ? trace_preempt_on+0x20/0xc0 [ 11.611410] ? __pfx_kthread+0x10/0x10 [ 11.611430] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.611451] ? calculate_sigpending+0x7b/0xa0 [ 11.611475] ? __pfx_kthread+0x10/0x10 [ 11.611496] ret_from_fork+0x116/0x1d0 [ 11.611515] ? __pfx_kthread+0x10/0x10 [ 11.611534] ret_from_fork_asm+0x1a/0x30 [ 11.611567] </TASK> [ 11.611577] [ 11.620564] Allocated by task 159: [ 11.620726] kasan_save_stack+0x45/0x70 [ 11.620880] kasan_save_track+0x18/0x40 [ 11.621064] kasan_save_alloc_info+0x3b/0x50 [ 11.621296] __kasan_kmalloc+0xb7/0xc0 [ 11.621487] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.621754] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.622062] kunit_try_run_case+0x1a5/0x480 [ 11.622295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.622474] kthread+0x337/0x6f0 [ 11.622597] ret_from_fork+0x116/0x1d0 [ 11.622793] ret_from_fork_asm+0x1a/0x30 [ 11.623034] [ 11.623142] The buggy address belongs to the object at ffff888102e24100 [ 11.623142] which belongs to the cache kmalloc-128 of size 128 [ 11.623655] The buggy address is located 0 bytes to the right of [ 11.623655] allocated 120-byte region [ffff888102e24100, ffff888102e24178) [ 11.624223] [ 11.624298] The buggy address belongs to the physical page: [ 11.624503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e24 [ 11.624860] flags: 0x200000000000000(node=0|zone=2) [ 11.625498] page_type: f5(slab) [ 11.626063] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.626807] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.627265] page dumped because: kasan: bad access detected [ 11.627476] [ 11.627607] Memory state around the buggy address: [ 11.627831] ffff888102e24000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.628221] ffff888102e24080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.628520] >ffff888102e24100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.628871] ^ [ 11.629261] ffff888102e24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.629592] ffff888102e24200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.629854] ==================================================================