Date
July 18, 2025, 2:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 17.263162] ================================================================== [ 17.263392] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 17.264002] Read of size 1 at addr fff00000c789247f by task kunit_try_catch/194 [ 17.264117] [ 17.264275] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.264429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.264507] Hardware name: linux,dummy-virt (DT) [ 17.264583] Call trace: [ 17.264606] show_stack+0x20/0x38 (C) [ 17.264860] dump_stack_lvl+0x8c/0xd0 [ 17.265320] print_report+0x118/0x5d0 [ 17.265454] kasan_report+0xdc/0x128 [ 17.265598] __asan_report_load1_noabort+0x20/0x30 [ 17.265654] ksize_unpoisons_memory+0x690/0x740 [ 17.265715] kunit_try_run_case+0x170/0x3f0 [ 17.266129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.266211] kthread+0x328/0x630 [ 17.266329] ret_from_fork+0x10/0x20 [ 17.266407] [ 17.266426] Allocated by task 194: [ 17.266497] kasan_save_stack+0x3c/0x68 [ 17.266540] kasan_save_track+0x20/0x40 [ 17.266577] kasan_save_alloc_info+0x40/0x58 [ 17.266618] __kasan_kmalloc+0xd4/0xd8 [ 17.266656] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.266703] ksize_unpoisons_memory+0xc0/0x740 [ 17.266760] kunit_try_run_case+0x170/0x3f0 [ 17.266807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.266876] kthread+0x328/0x630 [ 17.266909] ret_from_fork+0x10/0x20 [ 17.266953] [ 17.266973] The buggy address belongs to the object at fff00000c7892400 [ 17.266973] which belongs to the cache kmalloc-128 of size 128 [ 17.267031] The buggy address is located 12 bytes to the right of [ 17.267031] allocated 115-byte region [fff00000c7892400, fff00000c7892473) [ 17.267106] [ 17.267130] The buggy address belongs to the physical page: [ 17.267188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 17.267262] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.267344] page_type: f5(slab) [ 17.267588] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.267647] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.267688] page dumped because: kasan: bad access detected [ 17.267720] [ 17.267738] Memory state around the buggy address: [ 17.268161] fff00000c7892300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.268711] fff00000c7892380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.268781] >fff00000c7892400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.268988] ^ [ 17.269076] fff00000c7892480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.269291] fff00000c7892500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.269391] ================================================================== [ 17.252968] ================================================================== [ 17.253562] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 17.253746] Read of size 1 at addr fff00000c7892478 by task kunit_try_catch/194 [ 17.253818] [ 17.254024] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.254271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.254352] Hardware name: linux,dummy-virt (DT) [ 17.254388] Call trace: [ 17.254410] show_stack+0x20/0x38 (C) [ 17.254463] dump_stack_lvl+0x8c/0xd0 [ 17.254814] print_report+0x118/0x5d0 [ 17.254893] kasan_report+0xdc/0x128 [ 17.255134] __asan_report_load1_noabort+0x20/0x30 [ 17.255232] ksize_unpoisons_memory+0x618/0x740 [ 17.255731] kunit_try_run_case+0x170/0x3f0 [ 17.255891] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.256007] kthread+0x328/0x630 [ 17.256119] ret_from_fork+0x10/0x20 [ 17.256216] [ 17.256234] Allocated by task 194: [ 17.256591] kasan_save_stack+0x3c/0x68 [ 17.257016] kasan_save_track+0x20/0x40 [ 17.257111] kasan_save_alloc_info+0x40/0x58 [ 17.257156] __kasan_kmalloc+0xd4/0xd8 [ 17.257398] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.257669] ksize_unpoisons_memory+0xc0/0x740 [ 17.257830] kunit_try_run_case+0x170/0x3f0 [ 17.258012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.258312] kthread+0x328/0x630 [ 17.258561] ret_from_fork+0x10/0x20 [ 17.258688] [ 17.258778] The buggy address belongs to the object at fff00000c7892400 [ 17.258778] which belongs to the cache kmalloc-128 of size 128 [ 17.258978] The buggy address is located 5 bytes to the right of [ 17.258978] allocated 115-byte region [fff00000c7892400, fff00000c7892473) [ 17.259335] [ 17.259444] The buggy address belongs to the physical page: [ 17.259571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 17.259710] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.259826] page_type: f5(slab) [ 17.260038] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.260098] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.260321] page dumped because: kasan: bad access detected [ 17.260621] [ 17.260711] Memory state around the buggy address: [ 17.260813] fff00000c7892300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.260943] fff00000c7892380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.261062] >fff00000c7892400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.261128] ^ [ 17.261172] fff00000c7892480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.261548] fff00000c7892500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.261609] ================================================================== [ 17.244514] ================================================================== [ 17.244915] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 17.245101] Read of size 1 at addr fff00000c7892473 by task kunit_try_catch/194 [ 17.245168] [ 17.245397] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.245617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.245755] Hardware name: linux,dummy-virt (DT) [ 17.245873] Call trace: [ 17.245933] show_stack+0x20/0x38 (C) [ 17.246052] dump_stack_lvl+0x8c/0xd0 [ 17.246538] print_report+0x118/0x5d0 [ 17.246725] kasan_report+0xdc/0x128 [ 17.246822] __asan_report_load1_noabort+0x20/0x30 [ 17.246969] ksize_unpoisons_memory+0x628/0x740 [ 17.247242] kunit_try_run_case+0x170/0x3f0 [ 17.247932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.248357] kthread+0x328/0x630 [ 17.248425] ret_from_fork+0x10/0x20 [ 17.248477] [ 17.248497] Allocated by task 194: [ 17.248536] kasan_save_stack+0x3c/0x68 [ 17.248591] kasan_save_track+0x20/0x40 [ 17.248656] kasan_save_alloc_info+0x40/0x58 [ 17.248706] __kasan_kmalloc+0xd4/0xd8 [ 17.248752] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.248794] ksize_unpoisons_memory+0xc0/0x740 [ 17.248832] kunit_try_run_case+0x170/0x3f0 [ 17.248880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.248924] kthread+0x328/0x630 [ 17.248955] ret_from_fork+0x10/0x20 [ 17.248992] [ 17.249011] The buggy address belongs to the object at fff00000c7892400 [ 17.249011] which belongs to the cache kmalloc-128 of size 128 [ 17.249110] The buggy address is located 0 bytes to the right of [ 17.249110] allocated 115-byte region [fff00000c7892400, fff00000c7892473) [ 17.249176] [ 17.249205] The buggy address belongs to the physical page: [ 17.249238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107892 [ 17.249312] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.249380] page_type: f5(slab) [ 17.249422] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.249490] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.249540] page dumped because: kasan: bad access detected [ 17.249571] [ 17.249589] Memory state around the buggy address: [ 17.249626] fff00000c7892300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.249686] fff00000c7892380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.249729] >fff00000c7892400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.249767] ^ [ 17.249816] fff00000c7892480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.250321] fff00000c7892500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.250568] ==================================================================
[ 16.848351] ================================================================== [ 16.848550] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.848611] Read of size 1 at addr fff00000c5b7dd73 by task kunit_try_catch/194 [ 16.848663] [ 16.848706] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.849027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.849249] Hardware name: linux,dummy-virt (DT) [ 16.849286] Call trace: [ 16.849509] show_stack+0x20/0x38 (C) [ 16.849671] dump_stack_lvl+0x8c/0xd0 [ 16.849808] print_report+0x118/0x5d0 [ 16.850066] kasan_report+0xdc/0x128 [ 16.850277] __asan_report_load1_noabort+0x20/0x30 [ 16.850343] ksize_unpoisons_memory+0x628/0x740 [ 16.850638] kunit_try_run_case+0x170/0x3f0 [ 16.850847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.850995] kthread+0x328/0x630 [ 16.851041] ret_from_fork+0x10/0x20 [ 16.851416] [ 16.851459] Allocated by task 194: [ 16.851559] kasan_save_stack+0x3c/0x68 [ 16.851662] kasan_save_track+0x20/0x40 [ 16.851701] kasan_save_alloc_info+0x40/0x58 [ 16.852008] __kasan_kmalloc+0xd4/0xd8 [ 16.852076] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.852465] ksize_unpoisons_memory+0xc0/0x740 [ 16.852547] kunit_try_run_case+0x170/0x3f0 [ 16.852593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.852665] kthread+0x328/0x630 [ 16.852979] ret_from_fork+0x10/0x20 [ 16.853062] [ 16.853189] The buggy address belongs to the object at fff00000c5b7dd00 [ 16.853189] which belongs to the cache kmalloc-128 of size 128 [ 16.853366] The buggy address is located 0 bytes to the right of [ 16.853366] allocated 115-byte region [fff00000c5b7dd00, fff00000c5b7dd73) [ 16.853484] [ 16.853506] The buggy address belongs to the physical page: [ 16.853839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b7d [ 16.854091] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.854264] page_type: f5(slab) [ 16.854331] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.854465] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.854507] page dumped because: kasan: bad access detected [ 16.854563] [ 16.854851] Memory state around the buggy address: [ 16.854912] fff00000c5b7dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.854967] fff00000c5b7dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.855181] >fff00000c5b7dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.855555] ^ [ 16.855632] fff00000c5b7dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.855968] fff00000c5b7de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.856050] ================================================================== [ 16.866971] ================================================================== [ 16.867025] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.867422] Read of size 1 at addr fff00000c5b7dd7f by task kunit_try_catch/194 [ 16.867491] [ 16.867545] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.867701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.867789] Hardware name: linux,dummy-virt (DT) [ 16.867898] Call trace: [ 16.867925] show_stack+0x20/0x38 (C) [ 16.868173] dump_stack_lvl+0x8c/0xd0 [ 16.868622] print_report+0x118/0x5d0 [ 16.868731] kasan_report+0xdc/0x128 [ 16.868917] __asan_report_load1_noabort+0x20/0x30 [ 16.869105] ksize_unpoisons_memory+0x690/0x740 [ 16.869230] kunit_try_run_case+0x170/0x3f0 [ 16.869336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.869442] kthread+0x328/0x630 [ 16.869777] ret_from_fork+0x10/0x20 [ 16.869921] [ 16.870011] Allocated by task 194: [ 16.870078] kasan_save_stack+0x3c/0x68 [ 16.870182] kasan_save_track+0x20/0x40 [ 16.870279] kasan_save_alloc_info+0x40/0x58 [ 16.870414] __kasan_kmalloc+0xd4/0xd8 [ 16.870493] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.870558] ksize_unpoisons_memory+0xc0/0x740 [ 16.870891] kunit_try_run_case+0x170/0x3f0 [ 16.870964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.871063] kthread+0x328/0x630 [ 16.871244] ret_from_fork+0x10/0x20 [ 16.871448] [ 16.871528] The buggy address belongs to the object at fff00000c5b7dd00 [ 16.871528] which belongs to the cache kmalloc-128 of size 128 [ 16.871881] The buggy address is located 12 bytes to the right of [ 16.871881] allocated 115-byte region [fff00000c5b7dd00, fff00000c5b7dd73) [ 16.871989] [ 16.872075] The buggy address belongs to the physical page: [ 16.872158] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b7d [ 16.872253] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.872403] page_type: f5(slab) [ 16.872532] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.872866] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.873136] page dumped because: kasan: bad access detected [ 16.873259] [ 16.873330] Memory state around the buggy address: [ 16.873389] fff00000c5b7dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.873454] fff00000c5b7dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.873640] >fff00000c5b7dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.873705] ^ [ 16.874050] fff00000c5b7dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.874133] fff00000c5b7de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.874211] ================================================================== [ 16.858259] ================================================================== [ 16.858312] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.858387] Read of size 1 at addr fff00000c5b7dd78 by task kunit_try_catch/194 [ 16.858456] [ 16.858488] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.858570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.858596] Hardware name: linux,dummy-virt (DT) [ 16.858647] Call trace: [ 16.858681] show_stack+0x20/0x38 (C) [ 16.858731] dump_stack_lvl+0x8c/0xd0 [ 16.858778] print_report+0x118/0x5d0 [ 16.858825] kasan_report+0xdc/0x128 [ 16.858870] __asan_report_load1_noabort+0x20/0x30 [ 16.858931] ksize_unpoisons_memory+0x618/0x740 [ 16.858986] kunit_try_run_case+0x170/0x3f0 [ 16.859037] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.859091] kthread+0x328/0x630 [ 16.859132] ret_from_fork+0x10/0x20 [ 16.859179] [ 16.859199] Allocated by task 194: [ 16.859228] kasan_save_stack+0x3c/0x68 [ 16.859277] kasan_save_track+0x20/0x40 [ 16.859315] kasan_save_alloc_info+0x40/0x58 [ 16.859814] __kasan_kmalloc+0xd4/0xd8 [ 16.860130] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.860768] ksize_unpoisons_memory+0xc0/0x740 [ 16.860850] kunit_try_run_case+0x170/0x3f0 [ 16.860922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.861088] kthread+0x328/0x630 [ 16.861615] ret_from_fork+0x10/0x20 [ 16.861697] [ 16.861744] The buggy address belongs to the object at fff00000c5b7dd00 [ 16.861744] which belongs to the cache kmalloc-128 of size 128 [ 16.861841] The buggy address is located 5 bytes to the right of [ 16.861841] allocated 115-byte region [fff00000c5b7dd00, fff00000c5b7dd73) [ 16.861999] [ 16.862069] The buggy address belongs to the physical page: [ 16.862099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b7d [ 16.862215] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.862582] page_type: f5(slab) [ 16.862670] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.862785] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.862958] page dumped because: kasan: bad access detected [ 16.863024] [ 16.863380] Memory state around the buggy address: [ 16.863453] fff00000c5b7dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.863645] fff00000c5b7dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.863811] >fff00000c5b7dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.863890] ^ [ 16.863932] fff00000c5b7dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.864289] fff00000c5b7de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.864381] ==================================================================
[ 16.850169] ================================================================== [ 16.850217] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.850573] Read of size 1 at addr fff00000c771d478 by task kunit_try_catch/194 [ 16.850656] [ 16.850742] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.850823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.850857] Hardware name: linux,dummy-virt (DT) [ 16.850923] Call trace: [ 16.851000] show_stack+0x20/0x38 (C) [ 16.851162] dump_stack_lvl+0x8c/0xd0 [ 16.851278] print_report+0x118/0x5d0 [ 16.851392] kasan_report+0xdc/0x128 [ 16.851517] __asan_report_load1_noabort+0x20/0x30 [ 16.851584] ksize_unpoisons_memory+0x618/0x740 [ 16.851634] kunit_try_run_case+0x170/0x3f0 [ 16.851682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.851745] kthread+0x328/0x630 [ 16.851919] ret_from_fork+0x10/0x20 [ 16.852037] [ 16.852105] Allocated by task 194: [ 16.852259] kasan_save_stack+0x3c/0x68 [ 16.852390] kasan_save_track+0x20/0x40 [ 16.852534] kasan_save_alloc_info+0x40/0x58 [ 16.852632] __kasan_kmalloc+0xd4/0xd8 [ 16.852688] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.852777] ksize_unpoisons_memory+0xc0/0x740 [ 16.852853] kunit_try_run_case+0x170/0x3f0 [ 16.852971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.853052] kthread+0x328/0x630 [ 16.853095] ret_from_fork+0x10/0x20 [ 16.853131] [ 16.853151] The buggy address belongs to the object at fff00000c771d400 [ 16.853151] which belongs to the cache kmalloc-128 of size 128 [ 16.853234] The buggy address is located 5 bytes to the right of [ 16.853234] allocated 115-byte region [fff00000c771d400, fff00000c771d473) [ 16.853298] [ 16.853323] The buggy address belongs to the physical page: [ 16.853366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771d [ 16.853573] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.853772] page_type: f5(slab) [ 16.853860] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.854004] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.854103] page dumped because: kasan: bad access detected [ 16.854234] [ 16.854298] Memory state around the buggy address: [ 16.854330] fff00000c771d300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.854573] fff00000c771d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.854773] >fff00000c771d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.854829] ^ [ 16.854955] fff00000c771d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.855000] fff00000c771d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.855073] ================================================================== [ 16.855777] ================================================================== [ 16.855830] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.855897] Read of size 1 at addr fff00000c771d47f by task kunit_try_catch/194 [ 16.855948] [ 16.856016] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.856125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.856208] Hardware name: linux,dummy-virt (DT) [ 16.856242] Call trace: [ 16.856282] show_stack+0x20/0x38 (C) [ 16.856342] dump_stack_lvl+0x8c/0xd0 [ 16.856390] print_report+0x118/0x5d0 [ 16.856621] kasan_report+0xdc/0x128 [ 16.856680] __asan_report_load1_noabort+0x20/0x30 [ 16.856916] ksize_unpoisons_memory+0x690/0x740 [ 16.856990] kunit_try_run_case+0x170/0x3f0 [ 16.857039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.857104] kthread+0x328/0x630 [ 16.857148] ret_from_fork+0x10/0x20 [ 16.857213] [ 16.857231] Allocated by task 194: [ 16.857262] kasan_save_stack+0x3c/0x68 [ 16.857353] kasan_save_track+0x20/0x40 [ 16.857419] kasan_save_alloc_info+0x40/0x58 [ 16.857462] __kasan_kmalloc+0xd4/0xd8 [ 16.857528] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.857589] ksize_unpoisons_memory+0xc0/0x740 [ 16.857626] kunit_try_run_case+0x170/0x3f0 [ 16.857663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.857748] kthread+0x328/0x630 [ 16.857977] ret_from_fork+0x10/0x20 [ 16.858027] [ 16.858107] The buggy address belongs to the object at fff00000c771d400 [ 16.858107] which belongs to the cache kmalloc-128 of size 128 [ 16.858242] The buggy address is located 12 bytes to the right of [ 16.858242] allocated 115-byte region [fff00000c771d400, fff00000c771d473) [ 16.858335] [ 16.858373] The buggy address belongs to the physical page: [ 16.858404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771d [ 16.858518] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.858593] page_type: f5(slab) [ 16.858666] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.858737] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.858778] page dumped because: kasan: bad access detected [ 16.858809] [ 16.858826] Memory state around the buggy address: [ 16.858875] fff00000c771d300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.858931] fff00000c771d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.858977] >fff00000c771d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.859015] ^ [ 16.859056] fff00000c771d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.859139] fff00000c771d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.859334] ================================================================== [ 16.844584] ================================================================== [ 16.844777] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.844840] Read of size 1 at addr fff00000c771d473 by task kunit_try_catch/194 [ 16.844890] [ 16.844925] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.845007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.845107] Hardware name: linux,dummy-virt (DT) [ 16.845142] Call trace: [ 16.845165] show_stack+0x20/0x38 (C) [ 16.845222] dump_stack_lvl+0x8c/0xd0 [ 16.845400] print_report+0x118/0x5d0 [ 16.845537] kasan_report+0xdc/0x128 [ 16.845590] __asan_report_load1_noabort+0x20/0x30 [ 16.845642] ksize_unpoisons_memory+0x628/0x740 [ 16.845690] kunit_try_run_case+0x170/0x3f0 [ 16.845755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.845808] kthread+0x328/0x630 [ 16.845980] ret_from_fork+0x10/0x20 [ 16.846036] [ 16.846108] Allocated by task 194: [ 16.846137] kasan_save_stack+0x3c/0x68 [ 16.846238] kasan_save_track+0x20/0x40 [ 16.846431] kasan_save_alloc_info+0x40/0x58 [ 16.846475] __kasan_kmalloc+0xd4/0xd8 [ 16.846622] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.846674] ksize_unpoisons_memory+0xc0/0x740 [ 16.846724] kunit_try_run_case+0x170/0x3f0 [ 16.846839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.846908] kthread+0x328/0x630 [ 16.846940] ret_from_fork+0x10/0x20 [ 16.847040] [ 16.847229] The buggy address belongs to the object at fff00000c771d400 [ 16.847229] which belongs to the cache kmalloc-128 of size 128 [ 16.847460] The buggy address is located 0 bytes to the right of [ 16.847460] allocated 115-byte region [fff00000c771d400, fff00000c771d473) [ 16.847568] [ 16.847595] The buggy address belongs to the physical page: [ 16.847628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771d [ 16.847680] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.847739] page_type: f5(slab) [ 16.847776] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.847829] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.847870] page dumped because: kasan: bad access detected [ 16.847902] [ 16.847930] Memory state around the buggy address: [ 16.847970] fff00000c771d300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.848036] fff00000c771d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.848089] >fff00000c771d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.848126] ^ [ 16.848167] fff00000c771d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.848230] fff00000c771d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.848277] ==================================================================
[ 12.646327] ================================================================== [ 12.647003] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.647433] Read of size 1 at addr ffff888102988773 by task kunit_try_catch/211 [ 12.647743] [ 12.647861] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.647915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.647926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.647946] Call Trace: [ 12.647959] <TASK> [ 12.647987] dump_stack_lvl+0x73/0xb0 [ 12.648028] print_report+0xd1/0x610 [ 12.648062] ? __virt_addr_valid+0x1db/0x2d0 [ 12.648085] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.648109] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.648132] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.648155] kasan_report+0x141/0x180 [ 12.648177] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.648205] __asan_report_load1_noabort+0x18/0x20 [ 12.648230] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.648253] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.648287] ? __kasan_check_write+0x18/0x20 [ 12.648306] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.648330] ? irqentry_exit+0x2a/0x60 [ 12.648361] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.648385] ? trace_hardirqs_on+0x37/0xe0 [ 12.648408] ? __pfx_read_tsc+0x10/0x10 [ 12.648429] ? ktime_get_ts64+0x86/0x230 [ 12.648454] kunit_try_run_case+0x1a5/0x480 [ 12.648486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648510] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.648533] ? __kthread_parkme+0x82/0x180 [ 12.648563] ? preempt_count_sub+0x50/0x80 [ 12.648588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.648634] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.648658] kthread+0x337/0x6f0 [ 12.648677] ? trace_preempt_on+0x20/0xc0 [ 12.648698] ? __pfx_kthread+0x10/0x10 [ 12.648718] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.648739] ? calculate_sigpending+0x7b/0xa0 [ 12.648763] ? __pfx_kthread+0x10/0x10 [ 12.648784] ret_from_fork+0x116/0x1d0 [ 12.648802] ? __pfx_kthread+0x10/0x10 [ 12.648822] ret_from_fork_asm+0x1a/0x30 [ 12.648853] </TASK> [ 12.648863] [ 12.656782] Allocated by task 211: [ 12.656972] kasan_save_stack+0x45/0x70 [ 12.657159] kasan_save_track+0x18/0x40 [ 12.657346] kasan_save_alloc_info+0x3b/0x50 [ 12.657498] __kasan_kmalloc+0xb7/0xc0 [ 12.657665] __kmalloc_cache_noprof+0x189/0x420 [ 12.657907] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.658122] kunit_try_run_case+0x1a5/0x480 [ 12.658317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.658494] kthread+0x337/0x6f0 [ 12.658767] ret_from_fork+0x116/0x1d0 [ 12.658967] ret_from_fork_asm+0x1a/0x30 [ 12.659175] [ 12.659267] The buggy address belongs to the object at ffff888102988700 [ 12.659267] which belongs to the cache kmalloc-128 of size 128 [ 12.659637] The buggy address is located 0 bytes to the right of [ 12.659637] allocated 115-byte region [ffff888102988700, ffff888102988773) [ 12.660073] [ 12.660182] The buggy address belongs to the physical page: [ 12.660434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 12.660784] flags: 0x200000000000000(node=0|zone=2) [ 12.661030] page_type: f5(slab) [ 12.661309] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.661543] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.661768] page dumped because: kasan: bad access detected [ 12.662070] [ 12.662164] Memory state around the buggy address: [ 12.662421] ffff888102988600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.662743] ffff888102988680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.663178] >ffff888102988700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.663449] ^ [ 12.663741] ffff888102988780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.664095] ffff888102988800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.664408] ================================================================== [ 12.665420] ================================================================== [ 12.665812] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.666319] Read of size 1 at addr ffff888102988778 by task kunit_try_catch/211 [ 12.666708] [ 12.666823] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.666863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.666875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.666911] Call Trace: [ 12.666923] <TASK> [ 12.666936] dump_stack_lvl+0x73/0xb0 [ 12.666964] print_report+0xd1/0x610 [ 12.666985] ? __virt_addr_valid+0x1db/0x2d0 [ 12.667007] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.667030] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.667053] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.667086] kasan_report+0x141/0x180 [ 12.667108] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.667137] __asan_report_load1_noabort+0x18/0x20 [ 12.667173] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.667196] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.667221] ? __kasan_check_write+0x18/0x20 [ 12.667251] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.667274] ? irqentry_exit+0x2a/0x60 [ 12.667294] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.667318] ? trace_hardirqs_on+0x37/0xe0 [ 12.667341] ? __pfx_read_tsc+0x10/0x10 [ 12.667361] ? ktime_get_ts64+0x86/0x230 [ 12.667384] kunit_try_run_case+0x1a5/0x480 [ 12.667408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.667432] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.667455] ? __kthread_parkme+0x82/0x180 [ 12.667474] ? preempt_count_sub+0x50/0x80 [ 12.667497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.667521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.667544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.667568] kthread+0x337/0x6f0 [ 12.667586] ? trace_preempt_on+0x20/0xc0 [ 12.667607] ? __pfx_kthread+0x10/0x10 [ 12.667627] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.667657] ? calculate_sigpending+0x7b/0xa0 [ 12.667681] ? __pfx_kthread+0x10/0x10 [ 12.667701] ret_from_fork+0x116/0x1d0 [ 12.667729] ? __pfx_kthread+0x10/0x10 [ 12.667749] ret_from_fork_asm+0x1a/0x30 [ 12.667780] </TASK> [ 12.667790] [ 12.675746] Allocated by task 211: [ 12.675898] kasan_save_stack+0x45/0x70 [ 12.676179] kasan_save_track+0x18/0x40 [ 12.676393] kasan_save_alloc_info+0x3b/0x50 [ 12.676569] __kasan_kmalloc+0xb7/0xc0 [ 12.676769] __kmalloc_cache_noprof+0x189/0x420 [ 12.676996] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.677215] kunit_try_run_case+0x1a5/0x480 [ 12.677401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.677579] kthread+0x337/0x6f0 [ 12.677699] ret_from_fork+0x116/0x1d0 [ 12.677861] ret_from_fork_asm+0x1a/0x30 [ 12.678072] [ 12.678194] The buggy address belongs to the object at ffff888102988700 [ 12.678194] which belongs to the cache kmalloc-128 of size 128 [ 12.678735] The buggy address is located 5 bytes to the right of [ 12.678735] allocated 115-byte region [ffff888102988700, ffff888102988773) [ 12.679295] [ 12.679366] The buggy address belongs to the physical page: [ 12.679574] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 12.679950] flags: 0x200000000000000(node=0|zone=2) [ 12.680250] page_type: f5(slab) [ 12.680429] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.680711] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.681165] page dumped because: kasan: bad access detected [ 12.681350] [ 12.681420] Memory state around the buggy address: [ 12.681573] ffff888102988600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.681789] ffff888102988680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.682015] >ffff888102988700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.682288] ^ [ 12.682657] ffff888102988780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.683044] ffff888102988800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.683416] ================================================================== [ 12.684658] ================================================================== [ 12.685199] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.685513] Read of size 1 at addr ffff88810298877f by task kunit_try_catch/211 [ 12.685860] [ 12.685968] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.686019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.686030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.686050] Call Trace: [ 12.686065] <TASK> [ 12.686080] dump_stack_lvl+0x73/0xb0 [ 12.686119] print_report+0xd1/0x610 [ 12.686140] ? __virt_addr_valid+0x1db/0x2d0 [ 12.686163] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.686197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.686220] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.686243] kasan_report+0x141/0x180 [ 12.686265] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.686293] __asan_report_load1_noabort+0x18/0x20 [ 12.686317] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.686341] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.686368] ? __kasan_check_write+0x18/0x20 [ 12.686388] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.686414] ? irqentry_exit+0x2a/0x60 [ 12.686444] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.686468] ? trace_hardirqs_on+0x37/0xe0 [ 12.686491] ? __pfx_read_tsc+0x10/0x10 [ 12.686521] ? ktime_get_ts64+0x86/0x230 [ 12.686546] kunit_try_run_case+0x1a5/0x480 [ 12.686571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.686596] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.686627] ? __kthread_parkme+0x82/0x180 [ 12.686647] ? preempt_count_sub+0x50/0x80 [ 12.686671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.686705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.686729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.686753] kthread+0x337/0x6f0 [ 12.686786] ? trace_preempt_on+0x20/0xc0 [ 12.686808] ? __pfx_kthread+0x10/0x10 [ 12.686828] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.686859] ? calculate_sigpending+0x7b/0xa0 [ 12.686883] ? __pfx_kthread+0x10/0x10 [ 12.686912] ret_from_fork+0x116/0x1d0 [ 12.686930] ? __pfx_kthread+0x10/0x10 [ 12.686950] ret_from_fork_asm+0x1a/0x30 [ 12.686991] </TASK> [ 12.687001] [ 12.695185] Allocated by task 211: [ 12.695348] kasan_save_stack+0x45/0x70 [ 12.695495] kasan_save_track+0x18/0x40 [ 12.695712] kasan_save_alloc_info+0x3b/0x50 [ 12.695881] __kasan_kmalloc+0xb7/0xc0 [ 12.696167] __kmalloc_cache_noprof+0x189/0x420 [ 12.696367] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.696597] kunit_try_run_case+0x1a5/0x480 [ 12.696806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.697038] kthread+0x337/0x6f0 [ 12.697208] ret_from_fork+0x116/0x1d0 [ 12.697415] ret_from_fork_asm+0x1a/0x30 [ 12.697571] [ 12.697640] The buggy address belongs to the object at ffff888102988700 [ 12.697640] which belongs to the cache kmalloc-128 of size 128 [ 12.698036] The buggy address is located 12 bytes to the right of [ 12.698036] allocated 115-byte region [ffff888102988700, ffff888102988773) [ 12.698580] [ 12.698651] The buggy address belongs to the physical page: [ 12.698825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 12.699429] flags: 0x200000000000000(node=0|zone=2) [ 12.699661] page_type: f5(slab) [ 12.699860] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.700233] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.701088] page dumped because: kasan: bad access detected [ 12.702006] [ 12.702101] Memory state around the buggy address: [ 12.702262] ffff888102988600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.702549] ffff888102988680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.702883] >ffff888102988700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.704106] ^ [ 12.704351] ffff888102988780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.704575] ffff888102988800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.704791] ==================================================================
[ 12.451870] ================================================================== [ 12.452205] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.452710] Read of size 1 at addr ffff888102ae1378 by task kunit_try_catch/212 [ 12.453353] [ 12.453559] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.453602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.453613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.453632] Call Trace: [ 12.453648] <TASK> [ 12.453662] dump_stack_lvl+0x73/0xb0 [ 12.453689] print_report+0xd1/0x610 [ 12.453711] ? __virt_addr_valid+0x1db/0x2d0 [ 12.453733] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.453756] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.453778] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.453801] kasan_report+0x141/0x180 [ 12.453822] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.453851] __asan_report_load1_noabort+0x18/0x20 [ 12.453875] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.453898] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.453920] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.453951] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.453979] kunit_try_run_case+0x1a5/0x480 [ 12.454002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.454024] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.454047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.454071] ? __kthread_parkme+0x82/0x180 [ 12.454090] ? preempt_count_sub+0x50/0x80 [ 12.454115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.454138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.454161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.454184] kthread+0x337/0x6f0 [ 12.454203] ? trace_preempt_on+0x20/0xc0 [ 12.454225] ? __pfx_kthread+0x10/0x10 [ 12.454259] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.454284] ? calculate_sigpending+0x7b/0xa0 [ 12.454310] ? __pfx_kthread+0x10/0x10 [ 12.454331] ret_from_fork+0x116/0x1d0 [ 12.454349] ? __pfx_kthread+0x10/0x10 [ 12.454369] ret_from_fork_asm+0x1a/0x30 [ 12.454401] </TASK> [ 12.454411] [ 12.461935] Allocated by task 212: [ 12.462214] kasan_save_stack+0x45/0x70 [ 12.462577] kasan_save_track+0x18/0x40 [ 12.462793] kasan_save_alloc_info+0x3b/0x50 [ 12.463013] __kasan_kmalloc+0xb7/0xc0 [ 12.463197] __kmalloc_cache_noprof+0x189/0x420 [ 12.463482] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.463734] kunit_try_run_case+0x1a5/0x480 [ 12.463947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.464135] kthread+0x337/0x6f0 [ 12.464308] ret_from_fork+0x116/0x1d0 [ 12.464580] ret_from_fork_asm+0x1a/0x30 [ 12.464763] [ 12.464863] The buggy address belongs to the object at ffff888102ae1300 [ 12.464863] which belongs to the cache kmalloc-128 of size 128 [ 12.465330] The buggy address is located 5 bytes to the right of [ 12.465330] allocated 115-byte region [ffff888102ae1300, ffff888102ae1373) [ 12.465917] [ 12.466002] The buggy address belongs to the physical page: [ 12.466228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 12.466719] flags: 0x200000000000000(node=0|zone=2) [ 12.466960] page_type: f5(slab) [ 12.467080] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.467313] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.467891] page dumped because: kasan: bad access detected [ 12.468231] [ 12.468303] Memory state around the buggy address: [ 12.468468] ffff888102ae1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.468887] ffff888102ae1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.469218] >ffff888102ae1300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.469693] ^ [ 12.470002] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.470219] ffff888102ae1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.470433] ================================================================== [ 12.433750] ================================================================== [ 12.434193] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.434633] Read of size 1 at addr ffff888102ae1373 by task kunit_try_catch/212 [ 12.434955] [ 12.435066] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.435111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.435122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.435143] Call Trace: [ 12.435155] <TASK> [ 12.435171] dump_stack_lvl+0x73/0xb0 [ 12.435201] print_report+0xd1/0x610 [ 12.435223] ? __virt_addr_valid+0x1db/0x2d0 [ 12.435245] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.435268] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.435290] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.435314] kasan_report+0x141/0x180 [ 12.435336] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.435365] __asan_report_load1_noabort+0x18/0x20 [ 12.435388] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.435412] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.435446] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.435478] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.435506] kunit_try_run_case+0x1a5/0x480 [ 12.435531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.435629] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.435656] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.435680] ? __kthread_parkme+0x82/0x180 [ 12.435700] ? preempt_count_sub+0x50/0x80 [ 12.435725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.435748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.435771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.435795] kthread+0x337/0x6f0 [ 12.435813] ? trace_preempt_on+0x20/0xc0 [ 12.435836] ? __pfx_kthread+0x10/0x10 [ 12.435856] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.435877] ? calculate_sigpending+0x7b/0xa0 [ 12.435901] ? __pfx_kthread+0x10/0x10 [ 12.435921] ret_from_fork+0x116/0x1d0 [ 12.435940] ? __pfx_kthread+0x10/0x10 [ 12.435959] ret_from_fork_asm+0x1a/0x30 [ 12.435991] </TASK> [ 12.436001] [ 12.443319] Allocated by task 212: [ 12.443616] kasan_save_stack+0x45/0x70 [ 12.443798] kasan_save_track+0x18/0x40 [ 12.443962] kasan_save_alloc_info+0x3b/0x50 [ 12.444159] __kasan_kmalloc+0xb7/0xc0 [ 12.444334] __kmalloc_cache_noprof+0x189/0x420 [ 12.444661] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.444869] kunit_try_run_case+0x1a5/0x480 [ 12.445035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.445216] kthread+0x337/0x6f0 [ 12.445338] ret_from_fork+0x116/0x1d0 [ 12.445492] ret_from_fork_asm+0x1a/0x30 [ 12.445689] [ 12.445783] The buggy address belongs to the object at ffff888102ae1300 [ 12.445783] which belongs to the cache kmalloc-128 of size 128 [ 12.446299] The buggy address is located 0 bytes to the right of [ 12.446299] allocated 115-byte region [ffff888102ae1300, ffff888102ae1373) [ 12.447170] [ 12.447276] The buggy address belongs to the physical page: [ 12.447740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 12.448036] flags: 0x200000000000000(node=0|zone=2) [ 12.448236] page_type: f5(slab) [ 12.448367] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.448872] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.449169] page dumped because: kasan: bad access detected [ 12.449405] [ 12.449576] Memory state around the buggy address: [ 12.449757] ffff888102ae1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.450050] ffff888102ae1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.450347] >ffff888102ae1300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.450813] ^ [ 12.451038] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.451257] ffff888102ae1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.451483] ================================================================== [ 12.470825] ================================================================== [ 12.471157] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.471713] Read of size 1 at addr ffff888102ae137f by task kunit_try_catch/212 [ 12.472289] [ 12.472547] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.472591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.472602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.472621] Call Trace: [ 12.472639] <TASK> [ 12.472655] dump_stack_lvl+0x73/0xb0 [ 12.472684] print_report+0xd1/0x610 [ 12.472706] ? __virt_addr_valid+0x1db/0x2d0 [ 12.472728] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.472751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.472773] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.472797] kasan_report+0x141/0x180 [ 12.472818] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.472847] __asan_report_load1_noabort+0x18/0x20 [ 12.472871] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.472895] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.472917] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.472949] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.472977] kunit_try_run_case+0x1a5/0x480 [ 12.473001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.473022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.473046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.473069] ? __kthread_parkme+0x82/0x180 [ 12.473089] ? preempt_count_sub+0x50/0x80 [ 12.473114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.473149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.473173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.473196] kthread+0x337/0x6f0 [ 12.473215] ? trace_preempt_on+0x20/0xc0 [ 12.473238] ? __pfx_kthread+0x10/0x10 [ 12.473258] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.473280] ? calculate_sigpending+0x7b/0xa0 [ 12.473303] ? __pfx_kthread+0x10/0x10 [ 12.473324] ret_from_fork+0x116/0x1d0 [ 12.473342] ? __pfx_kthread+0x10/0x10 [ 12.473362] ret_from_fork_asm+0x1a/0x30 [ 12.473394] </TASK> [ 12.473404] [ 12.480768] Allocated by task 212: [ 12.480955] kasan_save_stack+0x45/0x70 [ 12.481174] kasan_save_track+0x18/0x40 [ 12.481367] kasan_save_alloc_info+0x3b/0x50 [ 12.481703] __kasan_kmalloc+0xb7/0xc0 [ 12.481884] __kmalloc_cache_noprof+0x189/0x420 [ 12.482084] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.482290] kunit_try_run_case+0x1a5/0x480 [ 12.482549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.482802] kthread+0x337/0x6f0 [ 12.482969] ret_from_fork+0x116/0x1d0 [ 12.483157] ret_from_fork_asm+0x1a/0x30 [ 12.483335] [ 12.483609] The buggy address belongs to the object at ffff888102ae1300 [ 12.483609] which belongs to the cache kmalloc-128 of size 128 [ 12.484116] The buggy address is located 12 bytes to the right of [ 12.484116] allocated 115-byte region [ffff888102ae1300, ffff888102ae1373) [ 12.484727] [ 12.484819] The buggy address belongs to the physical page: [ 12.485044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 12.485370] flags: 0x200000000000000(node=0|zone=2) [ 12.485637] page_type: f5(slab) [ 12.485789] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.486055] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.486278] page dumped because: kasan: bad access detected [ 12.486456] [ 12.486524] Memory state around the buggy address: [ 12.486677] ffff888102ae1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.486933] ffff888102ae1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.487243] >ffff888102ae1300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.487749] ^ [ 12.488068] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.488384] ffff888102ae1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.488805] ==================================================================
[ 12.634103] ================================================================== [ 12.634688] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.635078] Read of size 1 at addr ffff8881029a697f by task kunit_try_catch/211 [ 12.635348] [ 12.635459] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.635503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.635514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.635535] Call Trace: [ 12.635553] <TASK> [ 12.635569] dump_stack_lvl+0x73/0xb0 [ 12.635598] print_report+0xd1/0x610 [ 12.635620] ? __virt_addr_valid+0x1db/0x2d0 [ 12.635642] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.635665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.635687] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.635710] kasan_report+0x141/0x180 [ 12.635731] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.635758] __asan_report_load1_noabort+0x18/0x20 [ 12.635782] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.635805] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.635828] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.635857] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.635884] kunit_try_run_case+0x1a5/0x480 [ 12.635908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.635930] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.635953] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.635976] ? __kthread_parkme+0x82/0x180 [ 12.635996] ? preempt_count_sub+0x50/0x80 [ 12.636030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.636053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.636076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.636099] kthread+0x337/0x6f0 [ 12.636118] ? trace_preempt_on+0x20/0xc0 [ 12.636140] ? __pfx_kthread+0x10/0x10 [ 12.636159] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.636180] ? calculate_sigpending+0x7b/0xa0 [ 12.636203] ? __pfx_kthread+0x10/0x10 [ 12.636223] ret_from_fork+0x116/0x1d0 [ 12.636242] ? __pfx_kthread+0x10/0x10 [ 12.636261] ret_from_fork_asm+0x1a/0x30 [ 12.636292] </TASK> [ 12.636302] [ 12.644519] Allocated by task 211: [ 12.644668] kasan_save_stack+0x45/0x70 [ 12.644988] kasan_save_track+0x18/0x40 [ 12.645397] kasan_save_alloc_info+0x3b/0x50 [ 12.645613] __kasan_kmalloc+0xb7/0xc0 [ 12.645798] __kmalloc_cache_noprof+0x189/0x420 [ 12.645977] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.646550] kunit_try_run_case+0x1a5/0x480 [ 12.646706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.646886] kthread+0x337/0x6f0 [ 12.647103] ret_from_fork+0x116/0x1d0 [ 12.647512] ret_from_fork_asm+0x1a/0x30 [ 12.647742] [ 12.647862] The buggy address belongs to the object at ffff8881029a6900 [ 12.647862] which belongs to the cache kmalloc-128 of size 128 [ 12.648424] The buggy address is located 12 bytes to the right of [ 12.648424] allocated 115-byte region [ffff8881029a6900, ffff8881029a6973) [ 12.648909] [ 12.649003] The buggy address belongs to the physical page: [ 12.649352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 12.649715] flags: 0x200000000000000(node=0|zone=2) [ 12.649876] page_type: f5(slab) [ 12.649994] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.650348] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.650941] page dumped because: kasan: bad access detected [ 12.651520] [ 12.651631] Memory state around the buggy address: [ 12.651811] ffff8881029a6800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.652208] ffff8881029a6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.652562] >ffff8881029a6900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.652851] ^ [ 12.653253] ffff8881029a6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.653626] ffff8881029a6a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.653879] ================================================================== [ 12.613731] ================================================================== [ 12.614304] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.614674] Read of size 1 at addr ffff8881029a6978 by task kunit_try_catch/211 [ 12.614952] [ 12.615074] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.615120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.615131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.615153] Call Trace: [ 12.615165] <TASK> [ 12.615181] dump_stack_lvl+0x73/0xb0 [ 12.615212] print_report+0xd1/0x610 [ 12.615235] ? __virt_addr_valid+0x1db/0x2d0 [ 12.615258] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.615280] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.615302] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.615422] kasan_report+0x141/0x180 [ 12.615444] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.615471] __asan_report_load1_noabort+0x18/0x20 [ 12.615495] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.615518] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.615540] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.615570] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.615597] kunit_try_run_case+0x1a5/0x480 [ 12.615622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.615644] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.615667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.615690] ? __kthread_parkme+0x82/0x180 [ 12.615710] ? preempt_count_sub+0x50/0x80 [ 12.615734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.615757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.615780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.615803] kthread+0x337/0x6f0 [ 12.615822] ? trace_preempt_on+0x20/0xc0 [ 12.615844] ? __pfx_kthread+0x10/0x10 [ 12.615864] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.615884] ? calculate_sigpending+0x7b/0xa0 [ 12.615908] ? __pfx_kthread+0x10/0x10 [ 12.615929] ret_from_fork+0x116/0x1d0 [ 12.615948] ? __pfx_kthread+0x10/0x10 [ 12.615967] ret_from_fork_asm+0x1a/0x30 [ 12.615999] </TASK> [ 12.616022] [ 12.623925] Allocated by task 211: [ 12.624157] kasan_save_stack+0x45/0x70 [ 12.624416] kasan_save_track+0x18/0x40 [ 12.624603] kasan_save_alloc_info+0x3b/0x50 [ 12.624799] __kasan_kmalloc+0xb7/0xc0 [ 12.624991] __kmalloc_cache_noprof+0x189/0x420 [ 12.625292] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.625503] kunit_try_run_case+0x1a5/0x480 [ 12.625650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.626216] kthread+0x337/0x6f0 [ 12.626348] ret_from_fork+0x116/0x1d0 [ 12.626556] ret_from_fork_asm+0x1a/0x30 [ 12.627043] [ 12.627305] The buggy address belongs to the object at ffff8881029a6900 [ 12.627305] which belongs to the cache kmalloc-128 of size 128 [ 12.627867] The buggy address is located 5 bytes to the right of [ 12.627867] allocated 115-byte region [ffff8881029a6900, ffff8881029a6973) [ 12.628438] [ 12.628513] The buggy address belongs to the physical page: [ 12.628684] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 12.629007] flags: 0x200000000000000(node=0|zone=2) [ 12.629349] page_type: f5(slab) [ 12.629517] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.630186] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.630667] page dumped because: kasan: bad access detected [ 12.630903] [ 12.630987] Memory state around the buggy address: [ 12.631369] ffff8881029a6800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.631642] ffff8881029a6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.631862] >ffff8881029a6900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.632157] ^ [ 12.632556] ffff8881029a6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.632941] ffff8881029a6a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.633600] ================================================================== [ 12.591353] ================================================================== [ 12.591865] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.592562] Read of size 1 at addr ffff8881029a6973 by task kunit_try_catch/211 [ 12.592904] [ 12.593031] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.593079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.593090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.593112] Call Trace: [ 12.593124] <TASK> [ 12.593141] dump_stack_lvl+0x73/0xb0 [ 12.593173] print_report+0xd1/0x610 [ 12.593196] ? __virt_addr_valid+0x1db/0x2d0 [ 12.593219] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.593241] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.593264] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.593286] kasan_report+0x141/0x180 [ 12.593307] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.593335] __asan_report_load1_noabort+0x18/0x20 [ 12.593359] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.593382] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.593404] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.593508] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.593538] kunit_try_run_case+0x1a5/0x480 [ 12.593564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.593586] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.593610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.593633] ? __kthread_parkme+0x82/0x180 [ 12.593653] ? preempt_count_sub+0x50/0x80 [ 12.593678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.593701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.593724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.593747] kthread+0x337/0x6f0 [ 12.593766] ? trace_preempt_on+0x20/0xc0 [ 12.593788] ? __pfx_kthread+0x10/0x10 [ 12.593808] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.593829] ? calculate_sigpending+0x7b/0xa0 [ 12.593853] ? __pfx_kthread+0x10/0x10 [ 12.593873] ret_from_fork+0x116/0x1d0 [ 12.593892] ? __pfx_kthread+0x10/0x10 [ 12.593911] ret_from_fork_asm+0x1a/0x30 [ 12.593942] </TASK> [ 12.593953] [ 12.601584] Allocated by task 211: [ 12.601817] kasan_save_stack+0x45/0x70 [ 12.602157] kasan_save_track+0x18/0x40 [ 12.602354] kasan_save_alloc_info+0x3b/0x50 [ 12.602619] __kasan_kmalloc+0xb7/0xc0 [ 12.602805] __kmalloc_cache_noprof+0x189/0x420 [ 12.603135] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.603349] kunit_try_run_case+0x1a5/0x480 [ 12.603600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.603826] kthread+0x337/0x6f0 [ 12.604354] ret_from_fork+0x116/0x1d0 [ 12.604589] ret_from_fork_asm+0x1a/0x30 [ 12.604772] [ 12.604857] The buggy address belongs to the object at ffff8881029a6900 [ 12.604857] which belongs to the cache kmalloc-128 of size 128 [ 12.605499] The buggy address is located 0 bytes to the right of [ 12.605499] allocated 115-byte region [ffff8881029a6900, ffff8881029a6973) [ 12.605971] [ 12.606218] The buggy address belongs to the physical page: [ 12.606507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 12.606869] flags: 0x200000000000000(node=0|zone=2) [ 12.607229] page_type: f5(slab) [ 12.607411] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.607759] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.608349] page dumped because: kasan: bad access detected [ 12.608641] [ 12.608735] Memory state around the buggy address: [ 12.608963] ffff8881029a6800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.609349] ffff8881029a6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.609727] >ffff8881029a6900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.610140] ^ [ 12.610484] ffff8881029a6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.610788] ffff8881029a6a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.611102] ==================================================================