Date
July 18, 2025, 2:09 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.026845] ================================================================== [ 12.027292] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.027640] Read of size 16 at addr ffff888101cb3cc0 by task kunit_try_catch/186 [ 12.027943] [ 12.028300] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.028346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.028357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.028377] Call Trace: [ 12.028387] <TASK> [ 12.028401] dump_stack_lvl+0x73/0xb0 [ 12.028430] print_report+0xd1/0x610 [ 12.028466] ? __virt_addr_valid+0x1db/0x2d0 [ 12.028511] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.028532] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.028563] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.028584] kasan_report+0x141/0x180 [ 12.028606] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.028632] __asan_report_load16_noabort+0x18/0x20 [ 12.028656] kmalloc_uaf_16+0x47b/0x4c0 [ 12.028677] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.028772] ? __schedule+0x207f/0x2b60 [ 12.028794] ? __pfx_read_tsc+0x10/0x10 [ 12.028815] ? ktime_get_ts64+0x86/0x230 [ 12.028839] kunit_try_run_case+0x1a5/0x480 [ 12.028862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.028884] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.028907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.028930] ? __kthread_parkme+0x82/0x180 [ 12.028949] ? preempt_count_sub+0x50/0x80 [ 12.028993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.029016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.029040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.029063] kthread+0x337/0x6f0 [ 12.029081] ? trace_preempt_on+0x20/0xc0 [ 12.029104] ? __pfx_kthread+0x10/0x10 [ 12.029124] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.029150] ? calculate_sigpending+0x7b/0xa0 [ 12.029189] ? __pfx_kthread+0x10/0x10 [ 12.029211] ret_from_fork+0x116/0x1d0 [ 12.029229] ? __pfx_kthread+0x10/0x10 [ 12.029249] ret_from_fork_asm+0x1a/0x30 [ 12.029281] </TASK> [ 12.029292] [ 12.036952] Allocated by task 186: [ 12.037119] kasan_save_stack+0x45/0x70 [ 12.037324] kasan_save_track+0x18/0x40 [ 12.037596] kasan_save_alloc_info+0x3b/0x50 [ 12.037772] __kasan_kmalloc+0xb7/0xc0 [ 12.037900] __kmalloc_cache_noprof+0x189/0x420 [ 12.038053] kmalloc_uaf_16+0x15b/0x4c0 [ 12.038204] kunit_try_run_case+0x1a5/0x480 [ 12.038400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.038973] kthread+0x337/0x6f0 [ 12.039118] ret_from_fork+0x116/0x1d0 [ 12.039248] ret_from_fork_asm+0x1a/0x30 [ 12.039383] [ 12.039462] Freed by task 186: [ 12.039570] kasan_save_stack+0x45/0x70 [ 12.039907] kasan_save_track+0x18/0x40 [ 12.040106] kasan_save_free_info+0x3f/0x60 [ 12.040667] __kasan_slab_free+0x56/0x70 [ 12.040910] kfree+0x222/0x3f0 [ 12.041077] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.041279] kunit_try_run_case+0x1a5/0x480 [ 12.041604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.041912] kthread+0x337/0x6f0 [ 12.042101] ret_from_fork+0x116/0x1d0 [ 12.042293] ret_from_fork_asm+0x1a/0x30 [ 12.042495] [ 12.042587] The buggy address belongs to the object at ffff888101cb3cc0 [ 12.042587] which belongs to the cache kmalloc-16 of size 16 [ 12.043314] The buggy address is located 0 bytes inside of [ 12.043314] freed 16-byte region [ffff888101cb3cc0, ffff888101cb3cd0) [ 12.043661] [ 12.043732] The buggy address belongs to the physical page: [ 12.043898] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cb3 [ 12.044522] flags: 0x200000000000000(node=0|zone=2) [ 12.044766] page_type: f5(slab) [ 12.044952] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.045338] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.045680] page dumped because: kasan: bad access detected [ 12.045931] [ 12.046038] Memory state around the buggy address: [ 12.046454] ffff888101cb3b80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.047076] ffff888101cb3c00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 12.047637] >ffff888101cb3c80: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 12.047842] ^ [ 12.048076] ffff888101cb3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.048430] ffff888101cb3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.048824] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.003945] ================================================================== [ 12.004379] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.004696] Write of size 16 at addr ffff888101cb3c60 by task kunit_try_catch/184 [ 12.004981] [ 12.005096] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.005146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.005156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.005177] Call Trace: [ 12.005189] <TASK> [ 12.005205] dump_stack_lvl+0x73/0xb0 [ 12.005233] print_report+0xd1/0x610 [ 12.005254] ? __virt_addr_valid+0x1db/0x2d0 [ 12.005276] ? kmalloc_oob_16+0x452/0x4a0 [ 12.005295] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.005316] ? kmalloc_oob_16+0x452/0x4a0 [ 12.005336] kasan_report+0x141/0x180 [ 12.005356] ? kmalloc_oob_16+0x452/0x4a0 [ 12.005383] __asan_report_store16_noabort+0x1b/0x30 [ 12.005406] kmalloc_oob_16+0x452/0x4a0 [ 12.005427] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.005486] ? __schedule+0x10cc/0x2b60 [ 12.005509] ? __pfx_read_tsc+0x10/0x10 [ 12.005567] ? ktime_get_ts64+0x86/0x230 [ 12.005594] kunit_try_run_case+0x1a5/0x480 [ 12.005619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.005640] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.005664] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.005688] ? __kthread_parkme+0x82/0x180 [ 12.005708] ? preempt_count_sub+0x50/0x80 [ 12.005732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.005755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.005778] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.005802] kthread+0x337/0x6f0 [ 12.005821] ? trace_preempt_on+0x20/0xc0 [ 12.005843] ? __pfx_kthread+0x10/0x10 [ 12.005863] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.005883] ? calculate_sigpending+0x7b/0xa0 [ 12.005907] ? __pfx_kthread+0x10/0x10 [ 12.005928] ret_from_fork+0x116/0x1d0 [ 12.005946] ? __pfx_kthread+0x10/0x10 [ 12.005966] ret_from_fork_asm+0x1a/0x30 [ 12.005998] </TASK> [ 12.006007] [ 12.014328] Allocated by task 184: [ 12.014467] kasan_save_stack+0x45/0x70 [ 12.014612] kasan_save_track+0x18/0x40 [ 12.014742] kasan_save_alloc_info+0x3b/0x50 [ 12.015008] __kasan_kmalloc+0xb7/0xc0 [ 12.015221] __kmalloc_cache_noprof+0x189/0x420 [ 12.015482] kmalloc_oob_16+0xa8/0x4a0 [ 12.015709] kunit_try_run_case+0x1a5/0x480 [ 12.015926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.016291] kthread+0x337/0x6f0 [ 12.016562] ret_from_fork+0x116/0x1d0 [ 12.016700] ret_from_fork_asm+0x1a/0x30 [ 12.016836] [ 12.016904] The buggy address belongs to the object at ffff888101cb3c60 [ 12.016904] which belongs to the cache kmalloc-16 of size 16 [ 12.017391] The buggy address is located 0 bytes inside of [ 12.017391] allocated 13-byte region [ffff888101cb3c60, ffff888101cb3c6d) [ 12.018270] [ 12.018474] The buggy address belongs to the physical page: [ 12.018719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cb3 [ 12.018976] flags: 0x200000000000000(node=0|zone=2) [ 12.019225] page_type: f5(slab) [ 12.019462] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.019965] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.020230] page dumped because: kasan: bad access detected [ 12.020551] [ 12.020646] Memory state around the buggy address: [ 12.020902] ffff888101cb3b00: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 12.021234] ffff888101cb3b80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.021660] >ffff888101cb3c00: fa fb fc fc fa fb fc fc 00 05 fc fc 00 05 fc fc [ 12.021983] ^ [ 12.022222] ffff888101cb3c80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.022631] ffff888101cb3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.022945] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 11.930644] ================================================================== [ 11.931924] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 11.932589] Read of size 1 at addr ffff888100a28400 by task kunit_try_catch/182 [ 11.933473] [ 11.933724] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.933783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.933795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.933816] Call Trace: [ 11.933829] <TASK> [ 11.933846] dump_stack_lvl+0x73/0xb0 [ 11.933878] print_report+0xd1/0x610 [ 11.933900] ? __virt_addr_valid+0x1db/0x2d0 [ 11.933923] ? krealloc_uaf+0x1b8/0x5e0 [ 11.933944] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.933966] ? krealloc_uaf+0x1b8/0x5e0 [ 11.933987] kasan_report+0x141/0x180 [ 11.934009] ? krealloc_uaf+0x1b8/0x5e0 [ 11.934033] ? krealloc_uaf+0x1b8/0x5e0 [ 11.934055] __kasan_check_byte+0x3d/0x50 [ 11.934077] krealloc_noprof+0x3f/0x340 [ 11.934100] krealloc_uaf+0x1b8/0x5e0 [ 11.934121] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.934141] ? finish_task_switch.isra.0+0x153/0x700 [ 11.934164] ? __switch_to+0x47/0xf50 [ 11.934190] ? __schedule+0x10cc/0x2b60 [ 11.934211] ? __pfx_read_tsc+0x10/0x10 [ 11.934231] ? ktime_get_ts64+0x86/0x230 [ 11.934257] kunit_try_run_case+0x1a5/0x480 [ 11.934281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.934303] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.934326] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.934349] ? __kthread_parkme+0x82/0x180 [ 11.934370] ? preempt_count_sub+0x50/0x80 [ 11.934394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.934606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.934631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.934655] kthread+0x337/0x6f0 [ 11.934709] ? trace_preempt_on+0x20/0xc0 [ 11.934734] ? __pfx_kthread+0x10/0x10 [ 11.934754] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.934776] ? calculate_sigpending+0x7b/0xa0 [ 11.934800] ? __pfx_kthread+0x10/0x10 [ 11.934820] ret_from_fork+0x116/0x1d0 [ 11.934838] ? __pfx_kthread+0x10/0x10 [ 11.934858] ret_from_fork_asm+0x1a/0x30 [ 11.934890] </TASK> [ 11.934901] [ 11.952639] Allocated by task 182: [ 11.952792] kasan_save_stack+0x45/0x70 [ 11.952939] kasan_save_track+0x18/0x40 [ 11.953072] kasan_save_alloc_info+0x3b/0x50 [ 11.953224] __kasan_kmalloc+0xb7/0xc0 [ 11.953351] __kmalloc_cache_noprof+0x189/0x420 [ 11.953764] krealloc_uaf+0xbb/0x5e0 [ 11.954081] kunit_try_run_case+0x1a5/0x480 [ 11.954536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.955021] kthread+0x337/0x6f0 [ 11.955140] ret_from_fork+0x116/0x1d0 [ 11.955270] ret_from_fork_asm+0x1a/0x30 [ 11.955405] [ 11.955486] Freed by task 182: [ 11.955619] kasan_save_stack+0x45/0x70 [ 11.955800] kasan_save_track+0x18/0x40 [ 11.955931] kasan_save_free_info+0x3f/0x60 [ 11.956072] __kasan_slab_free+0x56/0x70 [ 11.956287] kfree+0x222/0x3f0 [ 11.956452] krealloc_uaf+0x13d/0x5e0 [ 11.956631] kunit_try_run_case+0x1a5/0x480 [ 11.956772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.957181] kthread+0x337/0x6f0 [ 11.957830] ret_from_fork+0x116/0x1d0 [ 11.958006] ret_from_fork_asm+0x1a/0x30 [ 11.958174] [ 11.958245] The buggy address belongs to the object at ffff888100a28400 [ 11.958245] which belongs to the cache kmalloc-256 of size 256 [ 11.959032] The buggy address is located 0 bytes inside of [ 11.959032] freed 256-byte region [ffff888100a28400, ffff888100a28500) [ 11.960023] [ 11.960124] The buggy address belongs to the physical page: [ 11.960336] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28 [ 11.960860] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.961318] flags: 0x200000000000040(head|node=0|zone=2) [ 11.961713] page_type: f5(slab) [ 11.961895] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.962199] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.962534] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.962848] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.963156] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff [ 11.963816] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.964135] page dumped because: kasan: bad access detected [ 11.964340] [ 11.964526] Memory state around the buggy address: [ 11.964891] ffff888100a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.965178] ffff888100a28380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.965747] >ffff888100a28400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.966206] ^ [ 11.966333] ffff888100a28480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.966823] ffff888100a28500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.967280] ================================================================== [ 11.967985] ================================================================== [ 11.968447] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 11.968757] Read of size 1 at addr ffff888100a28400 by task kunit_try_catch/182 [ 11.969086] [ 11.969603] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.969649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.969659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.969678] Call Trace: [ 11.969694] <TASK> [ 11.969709] dump_stack_lvl+0x73/0xb0 [ 11.969738] print_report+0xd1/0x610 [ 11.969760] ? __virt_addr_valid+0x1db/0x2d0 [ 11.969783] ? krealloc_uaf+0x53c/0x5e0 [ 11.969803] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.969826] ? krealloc_uaf+0x53c/0x5e0 [ 11.969847] kasan_report+0x141/0x180 [ 11.969868] ? krealloc_uaf+0x53c/0x5e0 [ 11.969895] __asan_report_load1_noabort+0x18/0x20 [ 11.969918] krealloc_uaf+0x53c/0x5e0 [ 11.969939] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.969959] ? finish_task_switch.isra.0+0x153/0x700 [ 11.969981] ? __switch_to+0x47/0xf50 [ 11.970006] ? __schedule+0x10cc/0x2b60 [ 11.970028] ? __pfx_read_tsc+0x10/0x10 [ 11.970048] ? ktime_get_ts64+0x86/0x230 [ 11.970072] kunit_try_run_case+0x1a5/0x480 [ 11.970095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.970117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.970140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.970163] ? __kthread_parkme+0x82/0x180 [ 11.970183] ? preempt_count_sub+0x50/0x80 [ 11.970206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.970229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.970252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.970276] kthread+0x337/0x6f0 [ 11.970294] ? trace_preempt_on+0x20/0xc0 [ 11.970317] ? __pfx_kthread+0x10/0x10 [ 11.970337] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.970357] ? calculate_sigpending+0x7b/0xa0 [ 11.970380] ? __pfx_kthread+0x10/0x10 [ 11.970401] ret_from_fork+0x116/0x1d0 [ 11.970432] ? __pfx_kthread+0x10/0x10 [ 11.970464] ret_from_fork_asm+0x1a/0x30 [ 11.970496] </TASK> [ 11.970506] [ 11.982368] Allocated by task 182: [ 11.982740] kasan_save_stack+0x45/0x70 [ 11.983187] kasan_save_track+0x18/0x40 [ 11.983536] kasan_save_alloc_info+0x3b/0x50 [ 11.984129] __kasan_kmalloc+0xb7/0xc0 [ 11.984547] __kmalloc_cache_noprof+0x189/0x420 [ 11.984963] krealloc_uaf+0xbb/0x5e0 [ 11.985288] kunit_try_run_case+0x1a5/0x480 [ 11.985812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.986497] kthread+0x337/0x6f0 [ 11.986847] ret_from_fork+0x116/0x1d0 [ 11.987080] ret_from_fork_asm+0x1a/0x30 [ 11.987220] [ 11.987291] Freed by task 182: [ 11.987402] kasan_save_stack+0x45/0x70 [ 11.987766] kasan_save_track+0x18/0x40 [ 11.988125] kasan_save_free_info+0x3f/0x60 [ 11.988669] __kasan_slab_free+0x56/0x70 [ 11.989037] kfree+0x222/0x3f0 [ 11.989317] krealloc_uaf+0x13d/0x5e0 [ 11.989773] kunit_try_run_case+0x1a5/0x480 [ 11.990122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.990300] kthread+0x337/0x6f0 [ 11.990502] ret_from_fork+0x116/0x1d0 [ 11.990883] ret_from_fork_asm+0x1a/0x30 [ 11.991226] [ 11.991383] The buggy address belongs to the object at ffff888100a28400 [ 11.991383] which belongs to the cache kmalloc-256 of size 256 [ 11.992543] The buggy address is located 0 bytes inside of [ 11.992543] freed 256-byte region [ffff888100a28400, ffff888100a28500) [ 11.993048] [ 11.993126] The buggy address belongs to the physical page: [ 11.993309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28 [ 11.993575] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.994057] flags: 0x200000000000040(head|node=0|zone=2) [ 11.994357] page_type: f5(slab) [ 11.994614] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.994951] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.995260] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.995674] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.996006] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff [ 11.996324] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.996684] page dumped because: kasan: bad access detected [ 11.996855] [ 11.996923] Memory state around the buggy address: [ 11.997153] ffff888100a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.997639] ffff888100a28380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.997912] >ffff888100a28400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.998158] ^ [ 11.998326] ffff888100a28480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.998718] ffff888100a28500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.998948] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 47.763285] ================================================================== [ 47.763891] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 47.763891] [ 47.764264] Use-after-free read at 0x(____ptrval____) (in kfence-#132): [ 47.764877] test_krealloc+0x6fc/0xbe0 [ 47.765077] kunit_try_run_case+0x1a5/0x480 [ 47.765306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.765542] kthread+0x337/0x6f0 [ 47.766236] ret_from_fork+0x116/0x1d0 [ 47.766432] ret_from_fork_asm+0x1a/0x30 [ 47.766767] [ 47.766858] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 47.766858] [ 47.767406] allocated by task 355 on cpu 0 at 47.762663s (0.004741s ago): [ 47.767883] test_alloc+0x364/0x10f0 [ 47.768146] test_krealloc+0xad/0xbe0 [ 47.768412] kunit_try_run_case+0x1a5/0x480 [ 47.768720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.769039] kthread+0x337/0x6f0 [ 47.769282] ret_from_fork+0x116/0x1d0 [ 47.769453] ret_from_fork_asm+0x1a/0x30 [ 47.769752] [ 47.769847] freed by task 355 on cpu 0 at 47.762917s (0.006927s ago): [ 47.770139] krealloc_noprof+0x108/0x340 [ 47.770334] test_krealloc+0x226/0xbe0 [ 47.770521] kunit_try_run_case+0x1a5/0x480 [ 47.771097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.771311] kthread+0x337/0x6f0 [ 47.771621] ret_from_fork+0x116/0x1d0 [ 47.771772] ret_from_fork_asm+0x1a/0x30 [ 47.771986] [ 47.772095] CPU: 0 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 47.772581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.772758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.773138] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 47.680625] ================================================================== [ 47.680999] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.680999] [ 47.681340] Use-after-free read at 0x(____ptrval____) (in kfence-#131): [ 47.681890] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.682821] kunit_try_run_case+0x1a5/0x480 [ 47.683182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.683418] kthread+0x337/0x6f0 [ 47.683592] ret_from_fork+0x116/0x1d0 [ 47.683941] ret_from_fork_asm+0x1a/0x30 [ 47.684195] [ 47.684292] kfence-#131: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 47.684292] [ 47.684850] allocated by task 353 on cpu 0 at 47.658669s (0.026179s ago): [ 47.685164] test_alloc+0x2a6/0x10f0 [ 47.685332] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 47.685883] kunit_try_run_case+0x1a5/0x480 [ 47.686168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.686395] kthread+0x337/0x6f0 [ 47.686712] ret_from_fork+0x116/0x1d0 [ 47.686907] ret_from_fork_asm+0x1a/0x30 [ 47.687236] [ 47.687342] freed by task 353 on cpu 0 at 47.658766s (0.028573s ago): [ 47.687818] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 47.688071] kunit_try_run_case+0x1a5/0x480 [ 47.688266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.688509] kthread+0x337/0x6f0 [ 47.688874] ret_from_fork+0x116/0x1d0 [ 47.689057] ret_from_fork_asm+0x1a/0x30 [ 47.689365] [ 47.689506] CPU: 0 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 47.690113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.690378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.690865] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.130257] ================================================================== [ 23.130783] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.130783] [ 23.131418] Invalid read at 0x(____ptrval____): [ 23.131695] test_invalid_access+0xf0/0x210 [ 23.131879] kunit_try_run_case+0x1a5/0x480 [ 23.132099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.132377] kthread+0x337/0x6f0 [ 23.132587] ret_from_fork+0x116/0x1d0 [ 23.132753] ret_from_fork_asm+0x1a/0x30 [ 23.132956] [ 23.133082] CPU: 1 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.133620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.133828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.134125] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 22.907035] ================================================================== [ 22.907448] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.907448] [ 22.907807] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#127): [ 22.908987] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.909345] kunit_try_run_case+0x1a5/0x480 [ 22.909711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.910040] kthread+0x337/0x6f0 [ 22.910321] ret_from_fork+0x116/0x1d0 [ 22.910508] ret_from_fork_asm+0x1a/0x30 [ 22.910756] [ 22.910874] kfence-#127: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.910874] [ 22.911269] allocated by task 343 on cpu 0 at 22.906777s (0.004489s ago): [ 22.911608] test_alloc+0x364/0x10f0 [ 22.911785] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 22.912016] kunit_try_run_case+0x1a5/0x480 [ 22.912167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.912458] kthread+0x337/0x6f0 [ 22.912631] ret_from_fork+0x116/0x1d0 [ 22.913086] ret_from_fork_asm+0x1a/0x30 [ 22.913470] [ 22.913583] freed by task 343 on cpu 0 at 22.906920s (0.006660s ago): [ 22.913975] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.914306] kunit_try_run_case+0x1a5/0x480 [ 22.914628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.914960] kthread+0x337/0x6f0 [ 22.915216] ret_from_fork+0x116/0x1d0 [ 22.915395] ret_from_fork_asm+0x1a/0x30 [ 22.915604] [ 22.915787] CPU: 0 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 22.916212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.916388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.916804] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 11.880369] ================================================================== [ 11.881311] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.881767] Write of size 1 at addr ffff88810282a0ea by task kunit_try_catch/180 [ 11.882073] [ 11.882180] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.882219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.882229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.882248] Call Trace: [ 11.882261] <TASK> [ 11.882275] dump_stack_lvl+0x73/0xb0 [ 11.882301] print_report+0xd1/0x610 [ 11.882322] ? __virt_addr_valid+0x1db/0x2d0 [ 11.882345] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.882368] ? kasan_addr_to_slab+0x11/0xa0 [ 11.882397] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.882421] kasan_report+0x141/0x180 [ 11.882452] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.882481] __asan_report_store1_noabort+0x1b/0x30 [ 11.882507] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.882533] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.882558] ? finish_task_switch.isra.0+0x153/0x700 [ 11.882581] ? __switch_to+0x47/0xf50 [ 11.882607] ? __schedule+0x10cc/0x2b60 [ 11.882629] ? __pfx_read_tsc+0x10/0x10 [ 11.882653] krealloc_large_less_oob+0x1c/0x30 [ 11.882676] kunit_try_run_case+0x1a5/0x480 [ 11.882700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.882722] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.882745] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.882768] ? __kthread_parkme+0x82/0x180 [ 11.882788] ? preempt_count_sub+0x50/0x80 [ 11.882812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.882835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.882860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.882883] kthread+0x337/0x6f0 [ 11.882902] ? trace_preempt_on+0x20/0xc0 [ 11.882926] ? __pfx_kthread+0x10/0x10 [ 11.882946] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.882967] ? calculate_sigpending+0x7b/0xa0 [ 11.882990] ? __pfx_kthread+0x10/0x10 [ 11.883011] ret_from_fork+0x116/0x1d0 [ 11.883029] ? __pfx_kthread+0x10/0x10 [ 11.883049] ret_from_fork_asm+0x1a/0x30 [ 11.883081] </TASK> [ 11.883091] [ 11.895003] The buggy address belongs to the physical page: [ 11.895263] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828 [ 11.896228] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.896752] flags: 0x200000000000040(head|node=0|zone=2) [ 11.897030] page_type: f8(unknown) [ 11.897200] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.897963] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.898286] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.898924] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.899425] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff [ 11.899995] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.900475] page dumped because: kasan: bad access detected [ 11.900909] [ 11.901014] Memory state around the buggy address: [ 11.901244] ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.901967] ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.902505] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.902806] ^ [ 11.903366] ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.903941] ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.904506] ================================================================== [ 11.741256] ================================================================== [ 11.741529] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.741998] Write of size 1 at addr ffff88810034e2eb by task kunit_try_catch/176 [ 11.742315] [ 11.742484] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.742528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.742538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.742580] Call Trace: [ 11.742595] <TASK> [ 11.742609] dump_stack_lvl+0x73/0xb0 [ 11.742637] print_report+0xd1/0x610 [ 11.742673] ? __virt_addr_valid+0x1db/0x2d0 [ 11.742708] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.742731] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.742753] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.742776] kasan_report+0x141/0x180 [ 11.742798] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.742826] __asan_report_store1_noabort+0x1b/0x30 [ 11.742850] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.742876] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.742900] ? irqentry_exit+0x2a/0x60 [ 11.742920] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.742950] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.742975] krealloc_less_oob+0x1c/0x30 [ 11.742996] kunit_try_run_case+0x1a5/0x480 [ 11.743018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.743039] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.743062] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.743101] ? __kthread_parkme+0x82/0x180 [ 11.743121] ? preempt_count_sub+0x50/0x80 [ 11.743158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.743181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.743218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.743254] kthread+0x337/0x6f0 [ 11.743272] ? trace_preempt_on+0x20/0xc0 [ 11.743294] ? __pfx_kthread+0x10/0x10 [ 11.743326] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.743347] ? calculate_sigpending+0x7b/0xa0 [ 11.743384] ? __pfx_kthread+0x10/0x10 [ 11.743405] ret_from_fork+0x116/0x1d0 [ 11.743601] ? __pfx_kthread+0x10/0x10 [ 11.743627] ret_from_fork_asm+0x1a/0x30 [ 11.743658] </TASK> [ 11.743667] [ 11.751330] Allocated by task 176: [ 11.751522] kasan_save_stack+0x45/0x70 [ 11.751717] kasan_save_track+0x18/0x40 [ 11.752222] kasan_save_alloc_info+0x3b/0x50 [ 11.752506] __kasan_krealloc+0x190/0x1f0 [ 11.752719] krealloc_noprof+0xf3/0x340 [ 11.752962] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.753214] krealloc_less_oob+0x1c/0x30 [ 11.753497] kunit_try_run_case+0x1a5/0x480 [ 11.753731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.753945] kthread+0x337/0x6f0 [ 11.754061] ret_from_fork+0x116/0x1d0 [ 11.754190] ret_from_fork_asm+0x1a/0x30 [ 11.754357] [ 11.754459] The buggy address belongs to the object at ffff88810034e200 [ 11.754459] which belongs to the cache kmalloc-256 of size 256 [ 11.755031] The buggy address is located 34 bytes to the right of [ 11.755031] allocated 201-byte region [ffff88810034e200, ffff88810034e2c9) [ 11.755803] [ 11.755883] The buggy address belongs to the physical page: [ 11.756052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e [ 11.756286] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.756605] flags: 0x200000000000040(head|node=0|zone=2) [ 11.756843] page_type: f5(slab) [ 11.757107] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.757557] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.757898] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.758253] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.758664] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff [ 11.759003] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.759333] page dumped because: kasan: bad access detected [ 11.759764] [ 11.759921] Memory state around the buggy address: [ 11.760074] ffff88810034e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.760283] ffff88810034e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.760799] >ffff88810034e280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.761150] ^ [ 11.761482] ffff88810034e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.761877] ffff88810034e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.762181] ================================================================== [ 11.717339] ================================================================== [ 11.717796] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.718129] Write of size 1 at addr ffff88810034e2ea by task kunit_try_catch/176 [ 11.718359] [ 11.718623] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.718680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.718692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.718711] Call Trace: [ 11.718725] <TASK> [ 11.718740] dump_stack_lvl+0x73/0xb0 [ 11.718767] print_report+0xd1/0x610 [ 11.718919] ? __virt_addr_valid+0x1db/0x2d0 [ 11.718942] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.718976] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.718998] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.719022] kasan_report+0x141/0x180 [ 11.719055] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.719085] __asan_report_store1_noabort+0x1b/0x30 [ 11.719111] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.719138] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.719160] ? irqentry_exit+0x2a/0x60 [ 11.719190] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.719220] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.719256] krealloc_less_oob+0x1c/0x30 [ 11.719277] kunit_try_run_case+0x1a5/0x480 [ 11.719301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.719322] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.719345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.719368] ? __kthread_parkme+0x82/0x180 [ 11.719387] ? preempt_count_sub+0x50/0x80 [ 11.719428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.719461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.719484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.719508] kthread+0x337/0x6f0 [ 11.719526] ? trace_preempt_on+0x20/0xc0 [ 11.719618] ? __pfx_kthread+0x10/0x10 [ 11.719656] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.719677] ? calculate_sigpending+0x7b/0xa0 [ 11.719700] ? __pfx_kthread+0x10/0x10 [ 11.719721] ret_from_fork+0x116/0x1d0 [ 11.719748] ? __pfx_kthread+0x10/0x10 [ 11.719768] ret_from_fork_asm+0x1a/0x30 [ 11.719811] </TASK> [ 11.719821] [ 11.728191] Allocated by task 176: [ 11.728333] kasan_save_stack+0x45/0x70 [ 11.728489] kasan_save_track+0x18/0x40 [ 11.728673] kasan_save_alloc_info+0x3b/0x50 [ 11.728880] __kasan_krealloc+0x190/0x1f0 [ 11.729249] krealloc_noprof+0xf3/0x340 [ 11.729450] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.729616] krealloc_less_oob+0x1c/0x30 [ 11.729754] kunit_try_run_case+0x1a5/0x480 [ 11.730092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.730368] kthread+0x337/0x6f0 [ 11.730668] ret_from_fork+0x116/0x1d0 [ 11.730897] ret_from_fork_asm+0x1a/0x30 [ 11.731097] [ 11.731167] The buggy address belongs to the object at ffff88810034e200 [ 11.731167] which belongs to the cache kmalloc-256 of size 256 [ 11.731925] The buggy address is located 33 bytes to the right of [ 11.731925] allocated 201-byte region [ffff88810034e200, ffff88810034e2c9) [ 11.732652] [ 11.732767] The buggy address belongs to the physical page: [ 11.732987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e [ 11.733314] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.733555] flags: 0x200000000000040(head|node=0|zone=2) [ 11.733732] page_type: f5(slab) [ 11.733851] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.734424] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.734919] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.735222] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.735614] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff [ 11.736024] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.736366] page dumped because: kasan: bad access detected [ 11.736747] [ 11.736864] Memory state around the buggy address: [ 11.737051] ffff88810034e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.737343] ffff88810034e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.738765] >ffff88810034e280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.739113] ^ [ 11.739385] ffff88810034e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.740520] ffff88810034e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.740826] ================================================================== [ 11.841047] ================================================================== [ 11.841518] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.841949] Write of size 1 at addr ffff88810282a0d0 by task kunit_try_catch/180 [ 11.842286] [ 11.842482] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.842569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.842580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.842599] Call Trace: [ 11.842610] <TASK> [ 11.842635] dump_stack_lvl+0x73/0xb0 [ 11.842665] print_report+0xd1/0x610 [ 11.842688] ? __virt_addr_valid+0x1db/0x2d0 [ 11.842712] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.842735] ? kasan_addr_to_slab+0x11/0xa0 [ 11.842782] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.842807] kasan_report+0x141/0x180 [ 11.842829] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.842869] __asan_report_store1_noabort+0x1b/0x30 [ 11.842894] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.842920] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.842944] ? finish_task_switch.isra.0+0x153/0x700 [ 11.842966] ? __switch_to+0x47/0xf50 [ 11.842992] ? __schedule+0x10cc/0x2b60 [ 11.843040] ? __pfx_read_tsc+0x10/0x10 [ 11.843065] krealloc_large_less_oob+0x1c/0x30 [ 11.843088] kunit_try_run_case+0x1a5/0x480 [ 11.843123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.843144] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.843168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.843217] ? __kthread_parkme+0x82/0x180 [ 11.843238] ? preempt_count_sub+0x50/0x80 [ 11.843261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.843294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.843318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.843341] kthread+0x337/0x6f0 [ 11.843360] ? trace_preempt_on+0x20/0xc0 [ 11.843382] ? __pfx_kthread+0x10/0x10 [ 11.843401] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.843445] ? calculate_sigpending+0x7b/0xa0 [ 11.843469] ? __pfx_kthread+0x10/0x10 [ 11.843490] ret_from_fork+0x116/0x1d0 [ 11.843508] ? __pfx_kthread+0x10/0x10 [ 11.843528] ret_from_fork_asm+0x1a/0x30 [ 11.843603] </TASK> [ 11.843613] [ 11.852316] The buggy address belongs to the physical page: [ 11.852818] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828 [ 11.853231] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.853742] flags: 0x200000000000040(head|node=0|zone=2) [ 11.854041] page_type: f8(unknown) [ 11.854206] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.854680] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.855024] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.855475] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.855909] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff [ 11.856256] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.856799] page dumped because: kasan: bad access detected [ 11.857078] [ 11.857214] Memory state around the buggy address: [ 11.857574] ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.857915] ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.858257] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.858698] ^ [ 11.859014] ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.859334] ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.859746] ================================================================== [ 11.819341] ================================================================== [ 11.820735] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.821349] Write of size 1 at addr ffff88810282a0c9 by task kunit_try_catch/180 [ 11.822103] [ 11.822313] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.822372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.822383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.822404] Call Trace: [ 11.822415] <TASK> [ 11.822429] dump_stack_lvl+0x73/0xb0 [ 11.822468] print_report+0xd1/0x610 [ 11.822490] ? __virt_addr_valid+0x1db/0x2d0 [ 11.822512] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.822537] ? kasan_addr_to_slab+0x11/0xa0 [ 11.822645] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.822671] kasan_report+0x141/0x180 [ 11.822706] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.822735] __asan_report_store1_noabort+0x1b/0x30 [ 11.822760] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.822786] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.822809] ? finish_task_switch.isra.0+0x153/0x700 [ 11.822832] ? __switch_to+0x47/0xf50 [ 11.822857] ? __schedule+0x10cc/0x2b60 [ 11.822879] ? __pfx_read_tsc+0x10/0x10 [ 11.822902] krealloc_large_less_oob+0x1c/0x30 [ 11.822924] kunit_try_run_case+0x1a5/0x480 [ 11.822949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.822970] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.822993] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.823016] ? __kthread_parkme+0x82/0x180 [ 11.823036] ? preempt_count_sub+0x50/0x80 [ 11.823058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.823081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.823104] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.823128] kthread+0x337/0x6f0 [ 11.823146] ? trace_preempt_on+0x20/0xc0 [ 11.823168] ? __pfx_kthread+0x10/0x10 [ 11.823187] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.823208] ? calculate_sigpending+0x7b/0xa0 [ 11.823231] ? __pfx_kthread+0x10/0x10 [ 11.823251] ret_from_fork+0x116/0x1d0 [ 11.823269] ? __pfx_kthread+0x10/0x10 [ 11.823288] ret_from_fork_asm+0x1a/0x30 [ 11.823319] </TASK> [ 11.823329] [ 11.832545] The buggy address belongs to the physical page: [ 11.832990] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828 [ 11.833489] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.833887] flags: 0x200000000000040(head|node=0|zone=2) [ 11.834322] page_type: f8(unknown) [ 11.834564] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.834845] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.835297] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.835824] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.836211] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff [ 11.836555] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.837146] page dumped because: kasan: bad access detected [ 11.837388] [ 11.837479] Memory state around the buggy address: [ 11.837887] ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.838167] ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.838671] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.839009] ^ [ 11.839300] ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.839706] ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.840047] ================================================================== [ 11.860103] ================================================================== [ 11.860356] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.861013] Write of size 1 at addr ffff88810282a0da by task kunit_try_catch/180 [ 11.861268] [ 11.861353] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.861481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.861496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.861562] Call Trace: [ 11.861577] <TASK> [ 11.861606] dump_stack_lvl+0x73/0xb0 [ 11.861670] print_report+0xd1/0x610 [ 11.861692] ? __virt_addr_valid+0x1db/0x2d0 [ 11.861713] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.861747] ? kasan_addr_to_slab+0x11/0xa0 [ 11.861767] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.861792] kasan_report+0x141/0x180 [ 11.861815] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.861844] __asan_report_store1_noabort+0x1b/0x30 [ 11.861868] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.861894] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.861918] ? finish_task_switch.isra.0+0x153/0x700 [ 11.861940] ? __switch_to+0x47/0xf50 [ 11.861965] ? __schedule+0x10cc/0x2b60 [ 11.861986] ? __pfx_read_tsc+0x10/0x10 [ 11.862009] krealloc_large_less_oob+0x1c/0x30 [ 11.862032] kunit_try_run_case+0x1a5/0x480 [ 11.862055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.862076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.862099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.862122] ? __kthread_parkme+0x82/0x180 [ 11.862141] ? preempt_count_sub+0x50/0x80 [ 11.862164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.862187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.862210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.862233] kthread+0x337/0x6f0 [ 11.862252] ? trace_preempt_on+0x20/0xc0 [ 11.862274] ? __pfx_kthread+0x10/0x10 [ 11.862294] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.862314] ? calculate_sigpending+0x7b/0xa0 [ 11.862338] ? __pfx_kthread+0x10/0x10 [ 11.862359] ret_from_fork+0x116/0x1d0 [ 11.862377] ? __pfx_kthread+0x10/0x10 [ 11.862484] ret_from_fork_asm+0x1a/0x30 [ 11.862547] </TASK> [ 11.862558] [ 11.871820] The buggy address belongs to the physical page: [ 11.872125] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828 [ 11.872825] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.873154] flags: 0x200000000000040(head|node=0|zone=2) [ 11.873808] page_type: f8(unknown) [ 11.874049] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.874338] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.874952] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.875336] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.875824] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff [ 11.876197] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.876738] page dumped because: kasan: bad access detected [ 11.877048] [ 11.877148] Memory state around the buggy address: [ 11.877657] ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.877966] ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.878323] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.878811] ^ [ 11.879111] ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.879585] ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.879892] ================================================================== [ 11.671371] ================================================================== [ 11.671806] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.672086] Write of size 1 at addr ffff88810034e2d0 by task kunit_try_catch/176 [ 11.672406] [ 11.672805] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.672848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.672858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.672877] Call Trace: [ 11.672888] <TASK> [ 11.672901] dump_stack_lvl+0x73/0xb0 [ 11.672927] print_report+0xd1/0x610 [ 11.672947] ? __virt_addr_valid+0x1db/0x2d0 [ 11.672968] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.672991] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.673012] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.673036] kasan_report+0x141/0x180 [ 11.673057] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.673087] __asan_report_store1_noabort+0x1b/0x30 [ 11.673111] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.673141] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.673163] ? irqentry_exit+0x2a/0x60 [ 11.673184] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.673213] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.673239] krealloc_less_oob+0x1c/0x30 [ 11.673260] kunit_try_run_case+0x1a5/0x480 [ 11.673283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.673304] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.673327] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.673350] ? __kthread_parkme+0x82/0x180 [ 11.673369] ? preempt_count_sub+0x50/0x80 [ 11.673393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.673455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.673479] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.673503] kthread+0x337/0x6f0 [ 11.673521] ? trace_preempt_on+0x20/0xc0 [ 11.673543] ? __pfx_kthread+0x10/0x10 [ 11.673562] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.673583] ? calculate_sigpending+0x7b/0xa0 [ 11.673606] ? __pfx_kthread+0x10/0x10 [ 11.673627] ret_from_fork+0x116/0x1d0 [ 11.673645] ? __pfx_kthread+0x10/0x10 [ 11.673686] ret_from_fork_asm+0x1a/0x30 [ 11.673718] </TASK> [ 11.673727] [ 11.682699] Allocated by task 176: [ 11.682901] kasan_save_stack+0x45/0x70 [ 11.683141] kasan_save_track+0x18/0x40 [ 11.683279] kasan_save_alloc_info+0x3b/0x50 [ 11.683449] __kasan_krealloc+0x190/0x1f0 [ 11.683716] krealloc_noprof+0xf3/0x340 [ 11.683914] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.684161] krealloc_less_oob+0x1c/0x30 [ 11.684567] kunit_try_run_case+0x1a5/0x480 [ 11.684800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.685021] kthread+0x337/0x6f0 [ 11.685179] ret_from_fork+0x116/0x1d0 [ 11.685311] ret_from_fork_asm+0x1a/0x30 [ 11.685656] [ 11.685767] The buggy address belongs to the object at ffff88810034e200 [ 11.685767] which belongs to the cache kmalloc-256 of size 256 [ 11.686469] The buggy address is located 7 bytes to the right of [ 11.686469] allocated 201-byte region [ffff88810034e200, ffff88810034e2c9) [ 11.686885] [ 11.686958] The buggy address belongs to the physical page: [ 11.687207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e [ 11.687699] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.688063] flags: 0x200000000000040(head|node=0|zone=2) [ 11.688302] page_type: f5(slab) [ 11.688639] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.688969] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.689308] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.689918] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.690237] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff [ 11.690675] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.690987] page dumped because: kasan: bad access detected [ 11.691263] [ 11.691385] Memory state around the buggy address: [ 11.691744] ffff88810034e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.691972] ffff88810034e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.692369] >ffff88810034e280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.692721] ^ [ 11.693065] ffff88810034e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.693587] ffff88810034e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.693967] ================================================================== [ 11.694759] ================================================================== [ 11.695173] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.695566] Write of size 1 at addr ffff88810034e2da by task kunit_try_catch/176 [ 11.696113] [ 11.696226] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.696269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.696280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.696310] Call Trace: [ 11.696320] <TASK> [ 11.696334] dump_stack_lvl+0x73/0xb0 [ 11.696360] print_report+0xd1/0x610 [ 11.696393] ? __virt_addr_valid+0x1db/0x2d0 [ 11.696489] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.696513] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.696553] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.696577] kasan_report+0x141/0x180 [ 11.696610] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.696640] __asan_report_store1_noabort+0x1b/0x30 [ 11.696664] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.696689] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.696712] ? irqentry_exit+0x2a/0x60 [ 11.696732] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.696762] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.696787] krealloc_less_oob+0x1c/0x30 [ 11.696808] kunit_try_run_case+0x1a5/0x480 [ 11.696831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.696861] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.696884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.696907] ? __kthread_parkme+0x82/0x180 [ 11.696938] ? preempt_count_sub+0x50/0x80 [ 11.696962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.696985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.697008] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.697031] kthread+0x337/0x6f0 [ 11.697049] ? trace_preempt_on+0x20/0xc0 [ 11.697071] ? __pfx_kthread+0x10/0x10 [ 11.697091] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.697111] ? calculate_sigpending+0x7b/0xa0 [ 11.697139] ? __pfx_kthread+0x10/0x10 [ 11.697160] ret_from_fork+0x116/0x1d0 [ 11.697178] ? __pfx_kthread+0x10/0x10 [ 11.697197] ret_from_fork_asm+0x1a/0x30 [ 11.697228] </TASK> [ 11.697238] [ 11.705301] Allocated by task 176: [ 11.705496] kasan_save_stack+0x45/0x70 [ 11.705981] kasan_save_track+0x18/0x40 [ 11.706208] kasan_save_alloc_info+0x3b/0x50 [ 11.706574] __kasan_krealloc+0x190/0x1f0 [ 11.706812] krealloc_noprof+0xf3/0x340 [ 11.707013] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.707221] krealloc_less_oob+0x1c/0x30 [ 11.707488] kunit_try_run_case+0x1a5/0x480 [ 11.707710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.707938] kthread+0x337/0x6f0 [ 11.708059] ret_from_fork+0x116/0x1d0 [ 11.708201] ret_from_fork_asm+0x1a/0x30 [ 11.708414] [ 11.708628] The buggy address belongs to the object at ffff88810034e200 [ 11.708628] which belongs to the cache kmalloc-256 of size 256 [ 11.709395] The buggy address is located 17 bytes to the right of [ 11.709395] allocated 201-byte region [ffff88810034e200, ffff88810034e2c9) [ 11.710107] [ 11.710208] The buggy address belongs to the physical page: [ 11.710673] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e [ 11.711023] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.711347] flags: 0x200000000000040(head|node=0|zone=2) [ 11.711622] page_type: f5(slab) [ 11.711741] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.711971] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.712394] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.713012] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.713251] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff [ 11.713539] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.713895] page dumped because: kasan: bad access detected [ 11.714224] [ 11.714527] Memory state around the buggy address: [ 11.714845] ffff88810034e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.715193] ffff88810034e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.715491] >ffff88810034e280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.715952] ^ [ 11.716176] ffff88810034e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.716665] ffff88810034e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.716885] ================================================================== [ 11.648733] ================================================================== [ 11.649229] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.649799] Write of size 1 at addr ffff88810034e2c9 by task kunit_try_catch/176 [ 11.650076] [ 11.650196] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.650242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.650253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.650274] Call Trace: [ 11.650287] <TASK> [ 11.650301] dump_stack_lvl+0x73/0xb0 [ 11.650329] print_report+0xd1/0x610 [ 11.650351] ? __virt_addr_valid+0x1db/0x2d0 [ 11.650374] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.650397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.650420] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.650548] kasan_report+0x141/0x180 [ 11.650570] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.650600] __asan_report_store1_noabort+0x1b/0x30 [ 11.650623] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.650649] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.650672] ? irqentry_exit+0x2a/0x60 [ 11.650708] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.650739] ? __pfx_krealloc_less_oob+0x10/0x10 [ 11.650764] krealloc_less_oob+0x1c/0x30 [ 11.650785] kunit_try_run_case+0x1a5/0x480 [ 11.650809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.650832] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.650855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.650879] ? __kthread_parkme+0x82/0x180 [ 11.650898] ? preempt_count_sub+0x50/0x80 [ 11.650922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.650945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.650968] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.650991] kthread+0x337/0x6f0 [ 11.651009] ? trace_preempt_on+0x20/0xc0 [ 11.651031] ? __pfx_kthread+0x10/0x10 [ 11.651051] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.651072] ? calculate_sigpending+0x7b/0xa0 [ 11.651095] ? __pfx_kthread+0x10/0x10 [ 11.651116] ret_from_fork+0x116/0x1d0 [ 11.651134] ? __pfx_kthread+0x10/0x10 [ 11.651154] ret_from_fork_asm+0x1a/0x30 [ 11.651185] </TASK> [ 11.651195] [ 11.658863] Allocated by task 176: [ 11.659011] kasan_save_stack+0x45/0x70 [ 11.659153] kasan_save_track+0x18/0x40 [ 11.659290] kasan_save_alloc_info+0x3b/0x50 [ 11.659448] __kasan_krealloc+0x190/0x1f0 [ 11.659688] krealloc_noprof+0xf3/0x340 [ 11.660253] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.660704] krealloc_less_oob+0x1c/0x30 [ 11.661089] kunit_try_run_case+0x1a5/0x480 [ 11.661245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.661469] kthread+0x337/0x6f0 [ 11.661655] ret_from_fork+0x116/0x1d0 [ 11.661881] ret_from_fork_asm+0x1a/0x30 [ 11.662197] [ 11.662311] The buggy address belongs to the object at ffff88810034e200 [ 11.662311] which belongs to the cache kmalloc-256 of size 256 [ 11.662910] The buggy address is located 0 bytes to the right of [ 11.662910] allocated 201-byte region [ffff88810034e200, ffff88810034e2c9) [ 11.663500] [ 11.663576] The buggy address belongs to the physical page: [ 11.663752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10034e [ 11.663992] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.664727] flags: 0x200000000000040(head|node=0|zone=2) [ 11.665200] page_type: f5(slab) [ 11.665511] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.665780] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.666004] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.666341] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.666991] head: 0200000000000001 ffffea000400d381 00000000ffffffff 00000000ffffffff [ 11.667224] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.667862] page dumped because: kasan: bad access detected [ 11.668118] [ 11.668213] Memory state around the buggy address: [ 11.668759] ffff88810034e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.669058] ffff88810034e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.669380] >ffff88810034e280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.669801] ^ [ 11.670107] ffff88810034e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.670580] ffff88810034e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.670830] ================================================================== [ 11.905329] ================================================================== [ 11.906214] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.906721] Write of size 1 at addr ffff88810282a0eb by task kunit_try_catch/180 [ 11.907037] [ 11.907151] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.907194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.907205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.907225] Call Trace: [ 11.907240] <TASK> [ 11.907256] dump_stack_lvl+0x73/0xb0 [ 11.907283] print_report+0xd1/0x610 [ 11.907307] ? __virt_addr_valid+0x1db/0x2d0 [ 11.907329] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.907353] ? kasan_addr_to_slab+0x11/0xa0 [ 11.907373] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.907398] kasan_report+0x141/0x180 [ 11.907419] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.907463] __asan_report_store1_noabort+0x1b/0x30 [ 11.907487] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.907514] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.907538] ? finish_task_switch.isra.0+0x153/0x700 [ 11.907561] ? __switch_to+0x47/0xf50 [ 11.907586] ? __schedule+0x10cc/0x2b60 [ 11.907608] ? __pfx_read_tsc+0x10/0x10 [ 11.907632] krealloc_large_less_oob+0x1c/0x30 [ 11.907655] kunit_try_run_case+0x1a5/0x480 [ 11.907679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.907701] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.907725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.907748] ? __kthread_parkme+0x82/0x180 [ 11.907767] ? preempt_count_sub+0x50/0x80 [ 11.907790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.907813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.907891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.907914] kthread+0x337/0x6f0 [ 11.907933] ? trace_preempt_on+0x20/0xc0 [ 11.907954] ? __pfx_kthread+0x10/0x10 [ 11.907974] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.907995] ? calculate_sigpending+0x7b/0xa0 [ 11.908018] ? __pfx_kthread+0x10/0x10 [ 11.908039] ret_from_fork+0x116/0x1d0 [ 11.908056] ? __pfx_kthread+0x10/0x10 [ 11.908076] ret_from_fork_asm+0x1a/0x30 [ 11.908107] </TASK> [ 11.908117] [ 11.918886] The buggy address belongs to the physical page: [ 11.919161] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828 [ 11.919971] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.920407] flags: 0x200000000000040(head|node=0|zone=2) [ 11.920884] page_type: f8(unknown) [ 11.921169] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.921721] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.922001] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.922649] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.923018] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff [ 11.923760] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.924216] page dumped because: kasan: bad access detected [ 11.924662] [ 11.924742] Memory state around the buggy address: [ 11.925050] ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.925360] ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.925692] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.925991] ^ [ 11.926269] ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.927079] ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.927667] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 11.622039] ================================================================== [ 11.622859] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.623536] Write of size 1 at addr ffff888100a282f0 by task kunit_try_catch/174 [ 11.624662] [ 11.624842] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.624885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.624896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.624917] Call Trace: [ 11.624928] <TASK> [ 11.624942] dump_stack_lvl+0x73/0xb0 [ 11.624973] print_report+0xd1/0x610 [ 11.624996] ? __virt_addr_valid+0x1db/0x2d0 [ 11.625019] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.625044] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.625068] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.625094] kasan_report+0x141/0x180 [ 11.625117] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.625154] __asan_report_store1_noabort+0x1b/0x30 [ 11.625180] krealloc_more_oob_helper+0x7eb/0x930 [ 11.625203] ? __schedule+0x10cc/0x2b60 [ 11.625227] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.625253] ? finish_task_switch.isra.0+0x153/0x700 [ 11.625277] ? __switch_to+0x47/0xf50 [ 11.625303] ? __schedule+0x10cc/0x2b60 [ 11.625325] ? __pfx_read_tsc+0x10/0x10 [ 11.625349] krealloc_more_oob+0x1c/0x30 [ 11.625372] kunit_try_run_case+0x1a5/0x480 [ 11.625397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.625443] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.625469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.625494] ? __kthread_parkme+0x82/0x180 [ 11.625515] ? preempt_count_sub+0x50/0x80 [ 11.625540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.625565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.625590] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.625616] kthread+0x337/0x6f0 [ 11.625635] ? trace_preempt_on+0x20/0xc0 [ 11.625659] ? __pfx_kthread+0x10/0x10 [ 11.625679] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.625702] ? calculate_sigpending+0x7b/0xa0 [ 11.625727] ? __pfx_kthread+0x10/0x10 [ 11.625749] ret_from_fork+0x116/0x1d0 [ 11.625768] ? __pfx_kthread+0x10/0x10 [ 11.625789] ret_from_fork_asm+0x1a/0x30 [ 11.625823] </TASK> [ 11.625833] [ 11.636097] Allocated by task 174: [ 11.636245] kasan_save_stack+0x45/0x70 [ 11.636394] kasan_save_track+0x18/0x40 [ 11.636541] kasan_save_alloc_info+0x3b/0x50 [ 11.636723] __kasan_krealloc+0x190/0x1f0 [ 11.636916] krealloc_noprof+0xf3/0x340 [ 11.637106] krealloc_more_oob_helper+0x1a9/0x930 [ 11.637557] krealloc_more_oob+0x1c/0x30 [ 11.637716] kunit_try_run_case+0x1a5/0x480 [ 11.637864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.638089] kthread+0x337/0x6f0 [ 11.638259] ret_from_fork+0x116/0x1d0 [ 11.638515] ret_from_fork_asm+0x1a/0x30 [ 11.638727] [ 11.638823] The buggy address belongs to the object at ffff888100a28200 [ 11.638823] which belongs to the cache kmalloc-256 of size 256 [ 11.639289] The buggy address is located 5 bytes to the right of [ 11.639289] allocated 235-byte region [ffff888100a28200, ffff888100a282eb) [ 11.639879] [ 11.639973] The buggy address belongs to the physical page: [ 11.640197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28 [ 11.640601] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.640900] flags: 0x200000000000040(head|node=0|zone=2) [ 11.641157] page_type: f5(slab) [ 11.641334] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.641865] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.642201] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.642754] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.643074] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff [ 11.643481] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.643804] page dumped because: kasan: bad access detected [ 11.643979] [ 11.644048] Memory state around the buggy address: [ 11.644226] ffff888100a28180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.644560] ffff888100a28200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.644880] >ffff888100a28280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.645185] ^ [ 11.645395] ffff888100a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.645731] ffff888100a28380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.646063] ================================================================== [ 11.785857] ================================================================== [ 11.786153] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.786553] Write of size 1 at addr ffff88810282a0f0 by task kunit_try_catch/178 [ 11.786866] [ 11.786974] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.787015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.787025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.787044] Call Trace: [ 11.787054] <TASK> [ 11.787068] dump_stack_lvl+0x73/0xb0 [ 11.787094] print_report+0xd1/0x610 [ 11.787115] ? __virt_addr_valid+0x1db/0x2d0 [ 11.787136] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.787159] ? kasan_addr_to_slab+0x11/0xa0 [ 11.787178] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.787201] kasan_report+0x141/0x180 [ 11.787222] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.787251] __asan_report_store1_noabort+0x1b/0x30 [ 11.787275] krealloc_more_oob_helper+0x7eb/0x930 [ 11.787296] ? __schedule+0x10cc/0x2b60 [ 11.787318] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.787341] ? finish_task_switch.isra.0+0x153/0x700 [ 11.787362] ? __switch_to+0x47/0xf50 [ 11.787491] ? __schedule+0x10cc/0x2b60 [ 11.787550] ? __pfx_read_tsc+0x10/0x10 [ 11.787574] krealloc_large_more_oob+0x1c/0x30 [ 11.787597] kunit_try_run_case+0x1a5/0x480 [ 11.787620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.787642] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.787665] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.787688] ? __kthread_parkme+0x82/0x180 [ 11.787708] ? preempt_count_sub+0x50/0x80 [ 11.787731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.787754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.787777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.787800] kthread+0x337/0x6f0 [ 11.787818] ? trace_preempt_on+0x20/0xc0 [ 11.787839] ? __pfx_kthread+0x10/0x10 [ 11.787859] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.787879] ? calculate_sigpending+0x7b/0xa0 [ 11.787902] ? __pfx_kthread+0x10/0x10 [ 11.787922] ret_from_fork+0x116/0x1d0 [ 11.787940] ? __pfx_kthread+0x10/0x10 [ 11.787959] ret_from_fork_asm+0x1a/0x30 [ 11.787990] </TASK> [ 11.787999] [ 11.802954] The buggy address belongs to the physical page: [ 11.803302] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828 [ 11.803634] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.804580] flags: 0x200000000000040(head|node=0|zone=2) [ 11.805091] page_type: f8(unknown) [ 11.805430] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.806192] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.806857] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.807271] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.807782] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff [ 11.808554] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.809684] page dumped because: kasan: bad access detected [ 11.809943] [ 11.810017] Memory state around the buggy address: [ 11.810169] ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.810381] ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.811538] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.812220] ^ [ 11.812949] ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.813774] ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.814257] ================================================================== [ 11.766126] ================================================================== [ 11.766761] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.767123] Write of size 1 at addr ffff88810282a0eb by task kunit_try_catch/178 [ 11.767429] [ 11.767535] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.767580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.767590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.767610] Call Trace: [ 11.767623] <TASK> [ 11.767637] dump_stack_lvl+0x73/0xb0 [ 11.767664] print_report+0xd1/0x610 [ 11.767683] ? __virt_addr_valid+0x1db/0x2d0 [ 11.767704] ? krealloc_more_oob_helper+0x821/0x930 [ 11.767726] ? kasan_addr_to_slab+0x11/0xa0 [ 11.767744] ? krealloc_more_oob_helper+0x821/0x930 [ 11.767767] kasan_report+0x141/0x180 [ 11.767787] ? krealloc_more_oob_helper+0x821/0x930 [ 11.767815] __asan_report_store1_noabort+0x1b/0x30 [ 11.767838] krealloc_more_oob_helper+0x821/0x930 [ 11.767858] ? __schedule+0x10cc/0x2b60 [ 11.767880] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.767902] ? finish_task_switch.isra.0+0x153/0x700 [ 11.767923] ? __switch_to+0x47/0xf50 [ 11.767948] ? __schedule+0x10cc/0x2b60 [ 11.767968] ? __pfx_read_tsc+0x10/0x10 [ 11.767992] krealloc_large_more_oob+0x1c/0x30 [ 11.768013] kunit_try_run_case+0x1a5/0x480 [ 11.768035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.768056] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.768077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.768099] ? __kthread_parkme+0x82/0x180 [ 11.768118] ? preempt_count_sub+0x50/0x80 [ 11.768141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.768163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.768185] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.768207] kthread+0x337/0x6f0 [ 11.768225] ? trace_preempt_on+0x20/0xc0 [ 11.768246] ? __pfx_kthread+0x10/0x10 [ 11.768265] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.768284] ? calculate_sigpending+0x7b/0xa0 [ 11.768307] ? __pfx_kthread+0x10/0x10 [ 11.768326] ret_from_fork+0x116/0x1d0 [ 11.768343] ? __pfx_kthread+0x10/0x10 [ 11.768362] ret_from_fork_asm+0x1a/0x30 [ 11.768393] </TASK> [ 11.768401] [ 11.777800] The buggy address belongs to the physical page: [ 11.778003] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102828 [ 11.778487] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.778843] flags: 0x200000000000040(head|node=0|zone=2) [ 11.779112] page_type: f8(unknown) [ 11.779290] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.779721] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.780045] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.780362] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.780939] head: 0200000000000002 ffffea00040a0a01 00000000ffffffff 00000000ffffffff [ 11.781269] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.781767] page dumped because: kasan: bad access detected [ 11.782041] [ 11.782110] Memory state around the buggy address: [ 11.782327] ffff888102829f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.782813] ffff88810282a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.783099] >ffff88810282a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.783576] ^ [ 11.783846] ffff88810282a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.784185] ffff88810282a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.784673] ================================================================== [ 11.585218] ================================================================== [ 11.585832] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.586199] Write of size 1 at addr ffff888100a282eb by task kunit_try_catch/174 [ 11.586719] [ 11.587013] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.587095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.587107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.587128] Call Trace: [ 11.587140] <TASK> [ 11.587156] dump_stack_lvl+0x73/0xb0 [ 11.587188] print_report+0xd1/0x610 [ 11.587212] ? __virt_addr_valid+0x1db/0x2d0 [ 11.587236] ? krealloc_more_oob_helper+0x821/0x930 [ 11.587261] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.587285] ? krealloc_more_oob_helper+0x821/0x930 [ 11.587310] kasan_report+0x141/0x180 [ 11.587333] ? krealloc_more_oob_helper+0x821/0x930 [ 11.587363] __asan_report_store1_noabort+0x1b/0x30 [ 11.587389] krealloc_more_oob_helper+0x821/0x930 [ 11.587424] ? __schedule+0x10cc/0x2b60 [ 11.587459] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.587484] ? finish_task_switch.isra.0+0x153/0x700 [ 11.587509] ? __switch_to+0x47/0xf50 [ 11.587537] ? __schedule+0x10cc/0x2b60 [ 11.587559] ? __pfx_read_tsc+0x10/0x10 [ 11.587585] krealloc_more_oob+0x1c/0x30 [ 11.587608] kunit_try_run_case+0x1a5/0x480 [ 11.587635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.587658] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.587684] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.587709] ? __kthread_parkme+0x82/0x180 [ 11.587730] ? preempt_count_sub+0x50/0x80 [ 11.587755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.587779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.587804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.587829] kthread+0x337/0x6f0 [ 11.587849] ? trace_preempt_on+0x20/0xc0 [ 11.587872] ? __pfx_kthread+0x10/0x10 [ 11.587893] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.587916] ? calculate_sigpending+0x7b/0xa0 [ 11.587940] ? __pfx_kthread+0x10/0x10 [ 11.587962] ret_from_fork+0x116/0x1d0 [ 11.587981] ? __pfx_kthread+0x10/0x10 [ 11.588002] ret_from_fork_asm+0x1a/0x30 [ 11.588035] </TASK> [ 11.588045] [ 11.604581] Allocated by task 174: [ 11.604920] kasan_save_stack+0x45/0x70 [ 11.605081] kasan_save_track+0x18/0x40 [ 11.605225] kasan_save_alloc_info+0x3b/0x50 [ 11.605376] __kasan_krealloc+0x190/0x1f0 [ 11.605880] krealloc_noprof+0xf3/0x340 [ 11.606240] krealloc_more_oob_helper+0x1a9/0x930 [ 11.606775] krealloc_more_oob+0x1c/0x30 [ 11.607156] kunit_try_run_case+0x1a5/0x480 [ 11.607607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.608095] kthread+0x337/0x6f0 [ 11.608402] ret_from_fork+0x116/0x1d0 [ 11.608669] ret_from_fork_asm+0x1a/0x30 [ 11.609036] [ 11.609173] The buggy address belongs to the object at ffff888100a28200 [ 11.609173] which belongs to the cache kmalloc-256 of size 256 [ 11.609973] The buggy address is located 0 bytes to the right of [ 11.609973] allocated 235-byte region [ffff888100a28200, ffff888100a282eb) [ 11.610349] [ 11.610508] The buggy address belongs to the physical page: [ 11.611002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28 [ 11.611756] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.612382] flags: 0x200000000000040(head|node=0|zone=2) [ 11.612948] page_type: f5(slab) [ 11.613268] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.613961] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.614231] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.614665] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.615562] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff [ 11.616341] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.617064] page dumped because: kasan: bad access detected [ 11.617248] [ 11.617319] Memory state around the buggy address: [ 11.617664] ffff888100a28180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.618254] ffff888100a28200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.618926] >ffff888100a28280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.619575] ^ [ 11.619934] ffff888100a28300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.620156] ffff888100a28380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.620373] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 22.802916] ================================================================== [ 22.803327] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.803327] [ 22.803758] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#126): [ 22.804384] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.804996] kunit_try_run_case+0x1a5/0x480 [ 22.805283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.805779] kthread+0x337/0x6f0 [ 22.805969] ret_from_fork+0x116/0x1d0 [ 22.806285] ret_from_fork_asm+0x1a/0x30 [ 22.806568] [ 22.806666] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.806666] [ 22.807065] allocated by task 341 on cpu 1 at 22.802700s (0.004363s ago): [ 22.807372] test_alloc+0x364/0x10f0 [ 22.807859] test_kmalloc_aligned_oob_read+0x105/0x560 [ 22.808099] kunit_try_run_case+0x1a5/0x480 [ 22.808289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.808727] kthread+0x337/0x6f0 [ 22.808893] ret_from_fork+0x116/0x1d0 [ 22.809183] ret_from_fork_asm+0x1a/0x30 [ 22.809452] [ 22.809572] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 22.810241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.810448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.810971] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 18.642875] ================================================================== [ 18.643268] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 18.643268] [ 18.643689] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#86): [ 18.644215] test_corruption+0x131/0x3e0 [ 18.644433] kunit_try_run_case+0x1a5/0x480 [ 18.644893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.645863] kthread+0x337/0x6f0 [ 18.646011] ret_from_fork+0x116/0x1d0 [ 18.646149] ret_from_fork_asm+0x1a/0x30 [ 18.646293] [ 18.646365] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.646365] [ 18.646784] allocated by task 331 on cpu 0 at 18.642754s (0.004028s ago): [ 18.647093] test_alloc+0x2a6/0x10f0 [ 18.647283] test_corruption+0xe6/0x3e0 [ 18.647469] kunit_try_run_case+0x1a5/0x480 [ 18.647684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.647891] kthread+0x337/0x6f0 [ 18.648015] ret_from_fork+0x116/0x1d0 [ 18.648153] ret_from_fork_asm+0x1a/0x30 [ 18.648361] [ 18.648505] freed by task 331 on cpu 0 at 18.642806s (0.005696s ago): [ 18.648892] test_corruption+0x131/0x3e0 [ 18.649330] kunit_try_run_case+0x1a5/0x480 [ 18.650167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.650445] kthread+0x337/0x6f0 [ 18.650778] ret_from_fork+0x116/0x1d0 [ 18.651085] ret_from_fork_asm+0x1a/0x30 [ 18.651285] [ 18.651593] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.652080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.652372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.652898] ================================================================== [ 18.539331] ================================================================== [ 18.539869] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 18.539869] [ 18.540179] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#85): [ 18.540584] test_corruption+0x2df/0x3e0 [ 18.540777] kunit_try_run_case+0x1a5/0x480 [ 18.541037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.541246] kthread+0x337/0x6f0 [ 18.541420] ret_from_fork+0x116/0x1d0 [ 18.541642] ret_from_fork_asm+0x1a/0x30 [ 18.541808] [ 18.541881] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.541881] [ 18.542221] allocated by task 329 on cpu 0 at 18.539085s (0.003133s ago): [ 18.542536] test_alloc+0x364/0x10f0 [ 18.542805] test_corruption+0x1cb/0x3e0 [ 18.542949] kunit_try_run_case+0x1a5/0x480 [ 18.543163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.543426] kthread+0x337/0x6f0 [ 18.543653] ret_from_fork+0x116/0x1d0 [ 18.543816] ret_from_fork_asm+0x1a/0x30 [ 18.544007] [ 18.544081] freed by task 329 on cpu 0 at 18.539177s (0.004902s ago): [ 18.544293] test_corruption+0x2df/0x3e0 [ 18.544475] kunit_try_run_case+0x1a5/0x480 [ 18.544679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.545025] kthread+0x337/0x6f0 [ 18.545212] ret_from_fork+0x116/0x1d0 [ 18.545400] ret_from_fork_asm+0x1a/0x30 [ 18.545628] [ 18.545722] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.546160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.546371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.546767] ================================================================== [ 18.434910] ================================================================== [ 18.435314] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.435314] [ 18.435739] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#84): [ 18.436361] test_corruption+0x2d2/0x3e0 [ 18.436606] kunit_try_run_case+0x1a5/0x480 [ 18.436770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.436988] kthread+0x337/0x6f0 [ 18.437176] ret_from_fork+0x116/0x1d0 [ 18.437371] ret_from_fork_asm+0x1a/0x30 [ 18.437559] [ 18.437666] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.437666] [ 18.438058] allocated by task 329 on cpu 0 at 18.434732s (0.003324s ago): [ 18.438341] test_alloc+0x364/0x10f0 [ 18.438528] test_corruption+0xe6/0x3e0 [ 18.438714] kunit_try_run_case+0x1a5/0x480 [ 18.438901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.439123] kthread+0x337/0x6f0 [ 18.439288] ret_from_fork+0x116/0x1d0 [ 18.439464] ret_from_fork_asm+0x1a/0x30 [ 18.439671] [ 18.439744] freed by task 329 on cpu 0 at 18.434831s (0.004911s ago): [ 18.440046] test_corruption+0x2d2/0x3e0 [ 18.440219] kunit_try_run_case+0x1a5/0x480 [ 18.440394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.440719] kthread+0x337/0x6f0 [ 18.440881] ret_from_fork+0x116/0x1d0 [ 18.441053] ret_from_fork_asm+0x1a/0x30 [ 18.441226] [ 18.441345] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.441822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.441990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.442332] ================================================================== [ 18.954852] ================================================================== [ 18.955248] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 18.955248] [ 18.955694] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#89): [ 18.956078] test_corruption+0x216/0x3e0 [ 18.956249] kunit_try_run_case+0x1a5/0x480 [ 18.956403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.956855] kthread+0x337/0x6f0 [ 18.957000] ret_from_fork+0x116/0x1d0 [ 18.957145] ret_from_fork_asm+0x1a/0x30 [ 18.957324] [ 18.957419] kfence-#89: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.957419] [ 18.957782] allocated by task 331 on cpu 0 at 18.954723s (0.003057s ago): [ 18.958078] test_alloc+0x2a6/0x10f0 [ 18.958270] test_corruption+0x1cb/0x3e0 [ 18.958479] kunit_try_run_case+0x1a5/0x480 [ 18.958732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.958958] kthread+0x337/0x6f0 [ 18.959118] ret_from_fork+0x116/0x1d0 [ 18.959309] ret_from_fork_asm+0x1a/0x30 [ 18.959511] [ 18.959602] freed by task 331 on cpu 0 at 18.954778s (0.004821s ago): [ 18.959833] test_corruption+0x216/0x3e0 [ 18.959975] kunit_try_run_case+0x1a5/0x480 [ 18.960126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.960379] kthread+0x337/0x6f0 [ 18.960561] ret_from_fork+0x116/0x1d0 [ 18.960751] ret_from_fork_asm+0x1a/0x30 [ 18.960959] [ 18.961053] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.961429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.961737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.962172] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 17.706845] ================================================================== [ 17.707239] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 17.707239] [ 17.707729] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 17.707942] test_invalid_addr_free+0xfb/0x260 [ 17.708176] kunit_try_run_case+0x1a5/0x480 [ 17.708397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.708732] kthread+0x337/0x6f0 [ 17.708880] ret_from_fork+0x116/0x1d0 [ 17.709092] ret_from_fork_asm+0x1a/0x30 [ 17.709300] [ 17.709391] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.709391] [ 17.709849] allocated by task 327 on cpu 1 at 17.706753s (0.003094s ago): [ 17.710199] test_alloc+0x2a6/0x10f0 [ 17.710390] test_invalid_addr_free+0xdb/0x260 [ 17.710622] kunit_try_run_case+0x1a5/0x480 [ 17.710868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.711086] kthread+0x337/0x6f0 [ 17.711280] ret_from_fork+0x116/0x1d0 [ 17.711483] ret_from_fork_asm+0x1a/0x30 [ 17.711687] [ 17.711856] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.712310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.712524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.712956] ================================================================== [ 17.602887] ================================================================== [ 17.603274] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 17.603274] [ 17.603684] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 17.603969] test_invalid_addr_free+0x1e1/0x260 [ 17.604163] kunit_try_run_case+0x1a5/0x480 [ 17.604315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.604628] kthread+0x337/0x6f0 [ 17.604809] ret_from_fork+0x116/0x1d0 [ 17.604986] ret_from_fork_asm+0x1a/0x30 [ 17.605187] [ 17.605287] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.605287] [ 17.605712] allocated by task 325 on cpu 0 at 17.602760s (0.002949s ago): [ 17.605972] test_alloc+0x364/0x10f0 [ 17.606108] test_invalid_addr_free+0xdb/0x260 [ 17.606290] kunit_try_run_case+0x1a5/0x480 [ 17.606515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.606775] kthread+0x337/0x6f0 [ 17.606977] ret_from_fork+0x116/0x1d0 [ 17.607112] ret_from_fork_asm+0x1a/0x30 [ 17.607254] [ 17.607356] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.608103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.608284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.608685] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 17.394968] ================================================================== [ 17.395403] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 17.395403] [ 17.395793] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 17.396103] test_double_free+0x1d3/0x260 [ 17.396304] kunit_try_run_case+0x1a5/0x480 [ 17.396471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.396973] kthread+0x337/0x6f0 [ 17.397137] ret_from_fork+0x116/0x1d0 [ 17.397276] ret_from_fork_asm+0x1a/0x30 [ 17.397418] [ 17.397533] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.397533] [ 17.397975] allocated by task 321 on cpu 1 at 17.394770s (0.003202s ago): [ 17.398207] test_alloc+0x364/0x10f0 [ 17.398359] test_double_free+0xdb/0x260 [ 17.398567] kunit_try_run_case+0x1a5/0x480 [ 17.398817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.399024] kthread+0x337/0x6f0 [ 17.399147] ret_from_fork+0x116/0x1d0 [ 17.399293] ret_from_fork_asm+0x1a/0x30 [ 17.399507] [ 17.399696] freed by task 321 on cpu 1 at 17.394835s (0.004858s ago): [ 17.400005] test_double_free+0x1e0/0x260 [ 17.400173] kunit_try_run_case+0x1a5/0x480 [ 17.400359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.400598] kthread+0x337/0x6f0 [ 17.400766] ret_from_fork+0x116/0x1d0 [ 17.400901] ret_from_fork_asm+0x1a/0x30 [ 17.401043] [ 17.401145] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.401758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.401937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.402221] ================================================================== [ 17.498857] ================================================================== [ 17.499261] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 17.499261] [ 17.499732] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 17.499949] test_double_free+0x112/0x260 [ 17.500168] kunit_try_run_case+0x1a5/0x480 [ 17.500347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.500538] kthread+0x337/0x6f0 [ 17.500778] ret_from_fork+0x116/0x1d0 [ 17.500970] ret_from_fork_asm+0x1a/0x30 [ 17.501293] [ 17.501383] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.501383] [ 17.501814] allocated by task 323 on cpu 1 at 17.498714s (0.003098s ago): [ 17.502081] test_alloc+0x2a6/0x10f0 [ 17.502269] test_double_free+0xdb/0x260 [ 17.502473] kunit_try_run_case+0x1a5/0x480 [ 17.502740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.502980] kthread+0x337/0x6f0 [ 17.503152] ret_from_fork+0x116/0x1d0 [ 17.503342] ret_from_fork_asm+0x1a/0x30 [ 17.503534] [ 17.503608] freed by task 323 on cpu 1 at 17.498756s (0.004850s ago): [ 17.503822] test_double_free+0xfa/0x260 [ 17.503963] kunit_try_run_case+0x1a5/0x480 [ 17.504171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.504483] kthread+0x337/0x6f0 [ 17.504789] ret_from_fork+0x116/0x1d0 [ 17.504925] ret_from_fork_asm+0x1a/0x30 [ 17.505067] [ 17.505169] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.505787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.505993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.506393] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 16.978999] ================================================================== [ 16.979457] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.979457] [ 16.979887] Use-after-free read at 0x(____ptrval____) (in kfence-#70): [ 16.980159] test_use_after_free_read+0x129/0x270 [ 16.980395] kunit_try_run_case+0x1a5/0x480 [ 16.980673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.980887] kthread+0x337/0x6f0 [ 16.981029] ret_from_fork+0x116/0x1d0 [ 16.981229] ret_from_fork_asm+0x1a/0x30 [ 16.981423] [ 16.981519] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.981519] [ 16.981910] allocated by task 313 on cpu 0 at 16.978761s (0.003147s ago): [ 16.982242] test_alloc+0x364/0x10f0 [ 16.982421] test_use_after_free_read+0xdc/0x270 [ 16.982587] kunit_try_run_case+0x1a5/0x480 [ 16.982734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.983032] kthread+0x337/0x6f0 [ 16.983204] ret_from_fork+0x116/0x1d0 [ 16.983390] ret_from_fork_asm+0x1a/0x30 [ 16.983622] [ 16.983703] freed by task 313 on cpu 0 at 16.978839s (0.004861s ago): [ 16.984001] test_use_after_free_read+0x1e7/0x270 [ 16.984219] kunit_try_run_case+0x1a5/0x480 [ 16.984474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.984758] kthread+0x337/0x6f0 [ 16.984921] ret_from_fork+0x116/0x1d0 [ 16.985096] ret_from_fork_asm+0x1a/0x30 [ 16.985309] [ 16.985477] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.985851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.985988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.986375] ================================================================== [ 17.082903] ================================================================== [ 17.083346] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.083346] [ 17.083789] Use-after-free read at 0x(____ptrval____) (in kfence-#71): [ 17.084075] test_use_after_free_read+0x129/0x270 [ 17.084303] kunit_try_run_case+0x1a5/0x480 [ 17.084492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.084887] kthread+0x337/0x6f0 [ 17.085031] ret_from_fork+0x116/0x1d0 [ 17.085229] ret_from_fork_asm+0x1a/0x30 [ 17.085412] [ 17.085509] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.085509] [ 17.085863] allocated by task 315 on cpu 1 at 17.082766s (0.003095s ago): [ 17.086146] test_alloc+0x2a6/0x10f0 [ 17.086281] test_use_after_free_read+0xdc/0x270 [ 17.086450] kunit_try_run_case+0x1a5/0x480 [ 17.086660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.086926] kthread+0x337/0x6f0 [ 17.087092] ret_from_fork+0x116/0x1d0 [ 17.087227] ret_from_fork_asm+0x1a/0x30 [ 17.087394] [ 17.087503] freed by task 315 on cpu 1 at 17.082817s (0.004683s ago): [ 17.087844] test_use_after_free_read+0xfb/0x270 [ 17.088079] kunit_try_run_case+0x1a5/0x480 [ 17.088251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.088518] kthread+0x337/0x6f0 [ 17.088692] ret_from_fork+0x116/0x1d0 [ 17.088826] ret_from_fork_asm+0x1a/0x30 [ 17.088968] [ 17.089065] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.089569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.089770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.090116] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 16.770782] ================================================================== [ 16.771170] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.771170] [ 16.771717] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#68): [ 16.772024] test_out_of_bounds_write+0x10d/0x260 [ 16.772272] kunit_try_run_case+0x1a5/0x480 [ 16.772496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.773173] kthread+0x337/0x6f0 [ 16.773366] ret_from_fork+0x116/0x1d0 [ 16.773617] ret_from_fork_asm+0x1a/0x30 [ 16.773791] [ 16.773893] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.773893] [ 16.774248] allocated by task 309 on cpu 1 at 16.770679s (0.003567s ago): [ 16.775023] test_alloc+0x364/0x10f0 [ 16.775189] test_out_of_bounds_write+0xd4/0x260 [ 16.775514] kunit_try_run_case+0x1a5/0x480 [ 16.775849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.776058] kthread+0x337/0x6f0 [ 16.776341] ret_from_fork+0x116/0x1d0 [ 16.776502] ret_from_fork_asm+0x1a/0x30 [ 16.776796] [ 16.777015] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.777515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.778032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.779026] ================================================================== [ 16.874828] ================================================================== [ 16.875226] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.875226] [ 16.875712] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#69): [ 16.876054] test_out_of_bounds_write+0x10d/0x260 [ 16.876247] kunit_try_run_case+0x1a5/0x480 [ 16.876482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.876795] kthread+0x337/0x6f0 [ 16.876935] ret_from_fork+0x116/0x1d0 [ 16.877106] ret_from_fork_asm+0x1a/0x30 [ 16.877328] [ 16.877424] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.877424] [ 16.877918] allocated by task 311 on cpu 0 at 16.874770s (0.003145s ago): [ 16.878142] test_alloc+0x2a6/0x10f0 [ 16.878276] test_out_of_bounds_write+0xd4/0x260 [ 16.878595] kunit_try_run_case+0x1a5/0x480 [ 16.878801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.879064] kthread+0x337/0x6f0 [ 16.879254] ret_from_fork+0x116/0x1d0 [ 16.879465] ret_from_fork_asm+0x1a/0x30 [ 16.879659] [ 16.879778] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.880524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.880869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.881260] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.666809] ================================================================== [ 16.667187] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.667187] [ 16.667776] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#67): [ 16.668123] test_out_of_bounds_read+0x216/0x4e0 [ 16.668358] kunit_try_run_case+0x1a5/0x480 [ 16.668614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.668800] kthread+0x337/0x6f0 [ 16.668925] ret_from_fork+0x116/0x1d0 [ 16.669151] ret_from_fork_asm+0x1a/0x30 [ 16.669376] [ 16.669485] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.669485] [ 16.669887] allocated by task 307 on cpu 1 at 16.666759s (0.003126s ago): [ 16.670232] test_alloc+0x2a6/0x10f0 [ 16.670414] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.670644] kunit_try_run_case+0x1a5/0x480 [ 16.670832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.671148] kthread+0x337/0x6f0 [ 16.671324] ret_from_fork+0x116/0x1d0 [ 16.671540] ret_from_fork_asm+0x1a/0x30 [ 16.671743] [ 16.671877] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.672344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.672500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.673022] ================================================================== [ 16.458934] ================================================================== [ 16.459331] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.459331] [ 16.459842] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#65): [ 16.460174] test_out_of_bounds_read+0x216/0x4e0 [ 16.460386] kunit_try_run_case+0x1a5/0x480 [ 16.460622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.460833] kthread+0x337/0x6f0 [ 16.461019] ret_from_fork+0x116/0x1d0 [ 16.461191] ret_from_fork_asm+0x1a/0x30 [ 16.461334] [ 16.461408] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.461408] [ 16.462087] allocated by task 305 on cpu 0 at 16.458765s (0.003320s ago): [ 16.462393] test_alloc+0x364/0x10f0 [ 16.462613] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.462793] kunit_try_run_case+0x1a5/0x480 [ 16.462944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.463173] kthread+0x337/0x6f0 [ 16.463350] ret_from_fork+0x116/0x1d0 [ 16.463552] ret_from_fork_asm+0x1a/0x30 [ 16.463833] [ 16.463929] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.464339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.464562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.464968] ================================================================== [ 16.562822] ================================================================== [ 16.563218] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.563218] [ 16.563710] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#66): [ 16.564097] test_out_of_bounds_read+0x126/0x4e0 [ 16.564325] kunit_try_run_case+0x1a5/0x480 [ 16.564593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.564814] kthread+0x337/0x6f0 [ 16.564944] ret_from_fork+0x116/0x1d0 [ 16.565112] ret_from_fork_asm+0x1a/0x30 [ 16.565321] [ 16.565449] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.565449] [ 16.565933] allocated by task 307 on cpu 1 at 16.562761s (0.003170s ago): [ 16.566303] test_alloc+0x2a6/0x10f0 [ 16.566524] test_out_of_bounds_read+0xed/0x4e0 [ 16.566749] kunit_try_run_case+0x1a5/0x480 [ 16.566972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.567222] kthread+0x337/0x6f0 [ 16.567340] ret_from_fork+0x116/0x1d0 [ 16.567481] ret_from_fork_asm+0x1a/0x30 [ 16.567864] [ 16.568009] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.568498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.568683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.569136] ================================================================== [ 16.355737] ================================================================== [ 16.356193] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.356193] [ 16.356665] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#64): [ 16.356978] test_out_of_bounds_read+0x126/0x4e0 [ 16.357214] kunit_try_run_case+0x1a5/0x480 [ 16.357431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.357646] kthread+0x337/0x6f0 [ 16.357788] ret_from_fork+0x116/0x1d0 [ 16.357998] ret_from_fork_asm+0x1a/0x30 [ 16.358210] [ 16.358311] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.358311] [ 16.358694] allocated by task 305 on cpu 0 at 16.354790s (0.003902s ago): [ 16.358984] test_alloc+0x364/0x10f0 [ 16.359171] test_out_of_bounds_read+0xed/0x4e0 [ 16.359388] kunit_try_run_case+0x1a5/0x480 [ 16.359553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.359755] kthread+0x337/0x6f0 [ 16.359937] ret_from_fork+0x116/0x1d0 [ 16.360124] ret_from_fork_asm+0x1a/0x30 [ 16.360339] [ 16.360475] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.360942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.361136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.361503] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_oob_memset_4
[ 12.108756] ================================================================== [ 12.109894] BUG: KFENCE: memory corruption in kmalloc_oob_memset_4+0x187/0x330 [ 12.109894] [ 12.110185] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . ] (in kfence-#38): [ 12.110949] kmalloc_oob_memset_4+0x187/0x330 [ 12.111213] kunit_try_run_case+0x1a5/0x480 [ 12.111391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.111777] kthread+0x337/0x6f0 [ 12.111974] ret_from_fork+0x116/0x1d0 [ 12.112200] ret_from_fork_asm+0x1a/0x30 [ 12.112419] [ 12.112648] kfence-#38: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 12.112648] [ 12.113402] allocated by task 192 on cpu 1 at 12.106956s (0.006318s ago): [ 12.113980] kmalloc_oob_memset_4+0xac/0x330 [ 12.114274] kunit_try_run_case+0x1a5/0x480 [ 12.114553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.114903] kthread+0x337/0x6f0 [ 12.115041] ret_from_fork+0x116/0x1d0 [ 12.115226] ret_from_fork_asm+0x1a/0x30 [ 12.115672] [ 12.115953] freed by task 192 on cpu 1 at 12.108306s (0.007554s ago): [ 12.116349] kmalloc_oob_memset_4+0x187/0x330 [ 12.116657] kunit_try_run_case+0x1a5/0x480 [ 12.116979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.117223] kthread+0x337/0x6f0 [ 12.117385] ret_from_fork+0x116/0x1d0 [ 12.117700] ret_from_fork_asm+0x1a/0x30 [ 12.117962] [ 12.118109] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.118637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.118868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.119364] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.086692] ================================================================== [ 16.087137] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.087558] Write of size 121 at addr ffff888102ae1400 by task kunit_try_catch/303 [ 16.087856] [ 16.087943] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.087991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.088003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.088025] Call Trace: [ 16.088041] <TASK> [ 16.088057] dump_stack_lvl+0x73/0xb0 [ 16.088086] print_report+0xd1/0x610 [ 16.088110] ? __virt_addr_valid+0x1db/0x2d0 [ 16.088134] ? strncpy_from_user+0x2e/0x1d0 [ 16.088158] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.088182] ? strncpy_from_user+0x2e/0x1d0 [ 16.088206] kasan_report+0x141/0x180 [ 16.088230] ? strncpy_from_user+0x2e/0x1d0 [ 16.088293] kasan_check_range+0x10c/0x1c0 [ 16.088318] __kasan_check_write+0x18/0x20 [ 16.088367] strncpy_from_user+0x2e/0x1d0 [ 16.088414] ? __kasan_check_read+0x15/0x20 [ 16.088454] copy_user_test_oob+0x760/0x10f0 [ 16.088510] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.088562] ? finish_task_switch.isra.0+0x153/0x700 [ 16.088589] ? __switch_to+0x47/0xf50 [ 16.088643] ? __schedule+0x10cc/0x2b60 [ 16.088671] ? __pfx_read_tsc+0x10/0x10 [ 16.088697] ? ktime_get_ts64+0x86/0x230 [ 16.088734] kunit_try_run_case+0x1a5/0x480 [ 16.088760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.088785] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.088812] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.088838] ? __kthread_parkme+0x82/0x180 [ 16.088859] ? preempt_count_sub+0x50/0x80 [ 16.088884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.088910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.088935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.088960] kthread+0x337/0x6f0 [ 16.089007] ? trace_preempt_on+0x20/0xc0 [ 16.089032] ? __pfx_kthread+0x10/0x10 [ 16.089056] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.089090] ? calculate_sigpending+0x7b/0xa0 [ 16.089116] ? __pfx_kthread+0x10/0x10 [ 16.089169] ret_from_fork+0x116/0x1d0 [ 16.089191] ? __pfx_kthread+0x10/0x10 [ 16.089211] ret_from_fork_asm+0x1a/0x30 [ 16.089256] </TASK> [ 16.089268] [ 16.097658] Allocated by task 303: [ 16.097805] kasan_save_stack+0x45/0x70 [ 16.098086] kasan_save_track+0x18/0x40 [ 16.098327] kasan_save_alloc_info+0x3b/0x50 [ 16.098576] __kasan_kmalloc+0xb7/0xc0 [ 16.098795] __kmalloc_noprof+0x1c9/0x500 [ 16.099009] kunit_kmalloc_array+0x25/0x60 [ 16.099228] copy_user_test_oob+0xab/0x10f0 [ 16.099463] kunit_try_run_case+0x1a5/0x480 [ 16.099708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.099973] kthread+0x337/0x6f0 [ 16.100093] ret_from_fork+0x116/0x1d0 [ 16.100224] ret_from_fork_asm+0x1a/0x30 [ 16.100360] [ 16.100430] The buggy address belongs to the object at ffff888102ae1400 [ 16.100430] which belongs to the cache kmalloc-128 of size 128 [ 16.100972] The buggy address is located 0 bytes inside of [ 16.100972] allocated 120-byte region [ffff888102ae1400, ffff888102ae1478) [ 16.101561] [ 16.101657] The buggy address belongs to the physical page: [ 16.101862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 16.102097] flags: 0x200000000000000(node=0|zone=2) [ 16.102327] page_type: f5(slab) [ 16.102551] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.102982] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.103340] page dumped because: kasan: bad access detected [ 16.103635] [ 16.103709] Memory state around the buggy address: [ 16.103874] ffff888102ae1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.104233] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.104564] >ffff888102ae1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.104886] ^ [ 16.105201] ffff888102ae1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.105543] ffff888102ae1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.105859] ================================================================== [ 16.106574] ================================================================== [ 16.107028] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.107349] Write of size 1 at addr ffff888102ae1478 by task kunit_try_catch/303 [ 16.107672] [ 16.107825] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.107896] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.107908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.107940] Call Trace: [ 16.107956] <TASK> [ 16.107971] dump_stack_lvl+0x73/0xb0 [ 16.107999] print_report+0xd1/0x610 [ 16.108041] ? __virt_addr_valid+0x1db/0x2d0 [ 16.108075] ? strncpy_from_user+0x1a5/0x1d0 [ 16.108098] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.108133] ? strncpy_from_user+0x1a5/0x1d0 [ 16.108158] kasan_report+0x141/0x180 [ 16.108206] ? strncpy_from_user+0x1a5/0x1d0 [ 16.108236] __asan_report_store1_noabort+0x1b/0x30 [ 16.108289] strncpy_from_user+0x1a5/0x1d0 [ 16.108316] copy_user_test_oob+0x760/0x10f0 [ 16.108344] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.108367] ? finish_task_switch.isra.0+0x153/0x700 [ 16.108391] ? __switch_to+0x47/0xf50 [ 16.108417] ? __schedule+0x10cc/0x2b60 [ 16.108479] ? __pfx_read_tsc+0x10/0x10 [ 16.108501] ? ktime_get_ts64+0x86/0x230 [ 16.108527] kunit_try_run_case+0x1a5/0x480 [ 16.108575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.108598] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.108624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.108675] ? __kthread_parkme+0x82/0x180 [ 16.108697] ? preempt_count_sub+0x50/0x80 [ 16.108721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.108757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.108782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.108832] kthread+0x337/0x6f0 [ 16.108853] ? trace_preempt_on+0x20/0xc0 [ 16.108877] ? __pfx_kthread+0x10/0x10 [ 16.108909] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.108931] ? calculate_sigpending+0x7b/0xa0 [ 16.108981] ? __pfx_kthread+0x10/0x10 [ 16.109004] ret_from_fork+0x116/0x1d0 [ 16.109023] ? __pfx_kthread+0x10/0x10 [ 16.109054] ret_from_fork_asm+0x1a/0x30 [ 16.109088] </TASK> [ 16.109124] [ 16.118542] Allocated by task 303: [ 16.118695] kasan_save_stack+0x45/0x70 [ 16.119406] kasan_save_track+0x18/0x40 [ 16.119718] kasan_save_alloc_info+0x3b/0x50 [ 16.119869] __kasan_kmalloc+0xb7/0xc0 [ 16.120002] __kmalloc_noprof+0x1c9/0x500 [ 16.120141] kunit_kmalloc_array+0x25/0x60 [ 16.120282] copy_user_test_oob+0xab/0x10f0 [ 16.120426] kunit_try_run_case+0x1a5/0x480 [ 16.120641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.121212] kthread+0x337/0x6f0 [ 16.121589] ret_from_fork+0x116/0x1d0 [ 16.121971] ret_from_fork_asm+0x1a/0x30 [ 16.122365] [ 16.122593] The buggy address belongs to the object at ffff888102ae1400 [ 16.122593] which belongs to the cache kmalloc-128 of size 128 [ 16.123780] The buggy address is located 0 bytes to the right of [ 16.123780] allocated 120-byte region [ffff888102ae1400, ffff888102ae1478) [ 16.124912] [ 16.125075] The buggy address belongs to the physical page: [ 16.125664] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 16.126244] flags: 0x200000000000000(node=0|zone=2) [ 16.126403] page_type: f5(slab) [ 16.126553] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.127219] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.127905] page dumped because: kasan: bad access detected [ 16.128392] [ 16.128594] Memory state around the buggy address: [ 16.129025] ffff888102ae1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.129244] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.129465] >ffff888102ae1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.130028] ^ [ 16.130684] ffff888102ae1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.131296] ffff888102ae1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.132134] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.002553] ================================================================== [ 16.002903] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.003238] Write of size 121 at addr ffff888102ae1400 by task kunit_try_catch/303 [ 16.003565] [ 16.003683] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.003741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.003754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.003777] Call Trace: [ 16.003792] <TASK> [ 16.003822] dump_stack_lvl+0x73/0xb0 [ 16.003854] print_report+0xd1/0x610 [ 16.003878] ? __virt_addr_valid+0x1db/0x2d0 [ 16.003903] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.003937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.003962] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.003987] kasan_report+0x141/0x180 [ 16.004020] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.004050] kasan_check_range+0x10c/0x1c0 [ 16.004077] __kasan_check_write+0x18/0x20 [ 16.004101] copy_user_test_oob+0x3fd/0x10f0 [ 16.004130] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.004153] ? finish_task_switch.isra.0+0x153/0x700 [ 16.004178] ? __switch_to+0x47/0xf50 [ 16.004206] ? __schedule+0x10cc/0x2b60 [ 16.004231] ? __pfx_read_tsc+0x10/0x10 [ 16.004252] ? ktime_get_ts64+0x86/0x230 [ 16.004278] kunit_try_run_case+0x1a5/0x480 [ 16.004314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.004339] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.004375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.004401] ? __kthread_parkme+0x82/0x180 [ 16.004430] ? preempt_count_sub+0x50/0x80 [ 16.004472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.004497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.004523] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.004548] kthread+0x337/0x6f0 [ 16.004579] ? trace_preempt_on+0x20/0xc0 [ 16.004605] ? __pfx_kthread+0x10/0x10 [ 16.004627] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.004650] ? calculate_sigpending+0x7b/0xa0 [ 16.004678] ? __pfx_kthread+0x10/0x10 [ 16.004703] ret_from_fork+0x116/0x1d0 [ 16.004724] ? __pfx_kthread+0x10/0x10 [ 16.004747] ret_from_fork_asm+0x1a/0x30 [ 16.004781] </TASK> [ 16.004796] [ 16.012382] Allocated by task 303: [ 16.012567] kasan_save_stack+0x45/0x70 [ 16.012785] kasan_save_track+0x18/0x40 [ 16.012976] kasan_save_alloc_info+0x3b/0x50 [ 16.013189] __kasan_kmalloc+0xb7/0xc0 [ 16.013378] __kmalloc_noprof+0x1c9/0x500 [ 16.013584] kunit_kmalloc_array+0x25/0x60 [ 16.013783] copy_user_test_oob+0xab/0x10f0 [ 16.013931] kunit_try_run_case+0x1a5/0x480 [ 16.014139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.014398] kthread+0x337/0x6f0 [ 16.014635] ret_from_fork+0x116/0x1d0 [ 16.014802] ret_from_fork_asm+0x1a/0x30 [ 16.015005] [ 16.015103] The buggy address belongs to the object at ffff888102ae1400 [ 16.015103] which belongs to the cache kmalloc-128 of size 128 [ 16.015613] The buggy address is located 0 bytes inside of [ 16.015613] allocated 120-byte region [ffff888102ae1400, ffff888102ae1478) [ 16.016120] [ 16.016224] The buggy address belongs to the physical page: [ 16.016458] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 16.016813] flags: 0x200000000000000(node=0|zone=2) [ 16.016988] page_type: f5(slab) [ 16.017116] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.017356] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.017749] page dumped because: kasan: bad access detected [ 16.018000] [ 16.018093] Memory state around the buggy address: [ 16.018315] ffff888102ae1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.018787] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.019016] >ffff888102ae1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.019233] ^ [ 16.019518] ffff888102ae1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.019858] ffff888102ae1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.020192] ================================================================== [ 16.067109] ================================================================== [ 16.067574] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.067897] Read of size 121 at addr ffff888102ae1400 by task kunit_try_catch/303 [ 16.068252] [ 16.068390] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.068452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.068465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.068487] Call Trace: [ 16.068503] <TASK> [ 16.068537] dump_stack_lvl+0x73/0xb0 [ 16.068576] print_report+0xd1/0x610 [ 16.068599] ? __virt_addr_valid+0x1db/0x2d0 [ 16.068623] ? copy_user_test_oob+0x604/0x10f0 [ 16.068660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.068685] ? copy_user_test_oob+0x604/0x10f0 [ 16.068736] kasan_report+0x141/0x180 [ 16.068761] ? copy_user_test_oob+0x604/0x10f0 [ 16.068791] kasan_check_range+0x10c/0x1c0 [ 16.068827] __kasan_check_read+0x15/0x20 [ 16.068847] copy_user_test_oob+0x604/0x10f0 [ 16.068899] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.068922] ? finish_task_switch.isra.0+0x153/0x700 [ 16.068957] ? __switch_to+0x47/0xf50 [ 16.068984] ? __schedule+0x10cc/0x2b60 [ 16.069033] ? __pfx_read_tsc+0x10/0x10 [ 16.069055] ? ktime_get_ts64+0x86/0x230 [ 16.069080] kunit_try_run_case+0x1a5/0x480 [ 16.069117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.069145] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.069196] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.069221] ? __kthread_parkme+0x82/0x180 [ 16.069270] ? preempt_count_sub+0x50/0x80 [ 16.069309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.069348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.069386] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.069425] kthread+0x337/0x6f0 [ 16.069455] ? trace_preempt_on+0x20/0xc0 [ 16.069479] ? __pfx_kthread+0x10/0x10 [ 16.069500] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.069531] ? calculate_sigpending+0x7b/0xa0 [ 16.069565] ? __pfx_kthread+0x10/0x10 [ 16.069587] ret_from_fork+0x116/0x1d0 [ 16.069617] ? __pfx_kthread+0x10/0x10 [ 16.069638] ret_from_fork_asm+0x1a/0x30 [ 16.069671] </TASK> [ 16.069683] [ 16.078006] Allocated by task 303: [ 16.078158] kasan_save_stack+0x45/0x70 [ 16.078361] kasan_save_track+0x18/0x40 [ 16.078583] kasan_save_alloc_info+0x3b/0x50 [ 16.078814] __kasan_kmalloc+0xb7/0xc0 [ 16.079011] __kmalloc_noprof+0x1c9/0x500 [ 16.079235] kunit_kmalloc_array+0x25/0x60 [ 16.079458] copy_user_test_oob+0xab/0x10f0 [ 16.079709] kunit_try_run_case+0x1a5/0x480 [ 16.079929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.080195] kthread+0x337/0x6f0 [ 16.080367] ret_from_fork+0x116/0x1d0 [ 16.080543] ret_from_fork_asm+0x1a/0x30 [ 16.080792] [ 16.080902] The buggy address belongs to the object at ffff888102ae1400 [ 16.080902] which belongs to the cache kmalloc-128 of size 128 [ 16.081373] The buggy address is located 0 bytes inside of [ 16.081373] allocated 120-byte region [ffff888102ae1400, ffff888102ae1478) [ 16.081910] [ 16.082028] The buggy address belongs to the physical page: [ 16.082284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 16.082635] flags: 0x200000000000000(node=0|zone=2) [ 16.082890] page_type: f5(slab) [ 16.083056] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.083321] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.083700] page dumped because: kasan: bad access detected [ 16.083965] [ 16.084103] Memory state around the buggy address: [ 16.084276] ffff888102ae1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.084713] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.084930] >ffff888102ae1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.085141] ^ [ 16.085347] ffff888102ae1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.085690] ffff888102ae1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.086011] ================================================================== [ 16.045856] ================================================================== [ 16.046703] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.047299] Write of size 121 at addr ffff888102ae1400 by task kunit_try_catch/303 [ 16.047775] [ 16.048167] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.048329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.048346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.048367] Call Trace: [ 16.048398] <TASK> [ 16.048415] dump_stack_lvl+0x73/0xb0 [ 16.048458] print_report+0xd1/0x610 [ 16.048483] ? __virt_addr_valid+0x1db/0x2d0 [ 16.048506] ? copy_user_test_oob+0x557/0x10f0 [ 16.048531] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.048593] ? copy_user_test_oob+0x557/0x10f0 [ 16.048619] kasan_report+0x141/0x180 [ 16.048642] ? copy_user_test_oob+0x557/0x10f0 [ 16.048673] kasan_check_range+0x10c/0x1c0 [ 16.048697] __kasan_check_write+0x18/0x20 [ 16.048717] copy_user_test_oob+0x557/0x10f0 [ 16.048744] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.048767] ? finish_task_switch.isra.0+0x153/0x700 [ 16.048792] ? __switch_to+0x47/0xf50 [ 16.048818] ? __schedule+0x10cc/0x2b60 [ 16.048842] ? __pfx_read_tsc+0x10/0x10 [ 16.048864] ? ktime_get_ts64+0x86/0x230 [ 16.048889] kunit_try_run_case+0x1a5/0x480 [ 16.048914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.048937] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.048962] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.048987] ? __kthread_parkme+0x82/0x180 [ 16.049009] ? preempt_count_sub+0x50/0x80 [ 16.049033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.049058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.049083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.049108] kthread+0x337/0x6f0 [ 16.049133] ? trace_preempt_on+0x20/0xc0 [ 16.049157] ? __pfx_kthread+0x10/0x10 [ 16.049178] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.049201] ? calculate_sigpending+0x7b/0xa0 [ 16.049226] ? __pfx_kthread+0x10/0x10 [ 16.049248] ret_from_fork+0x116/0x1d0 [ 16.049268] ? __pfx_kthread+0x10/0x10 [ 16.049289] ret_from_fork_asm+0x1a/0x30 [ 16.049323] </TASK> [ 16.049333] [ 16.057686] Allocated by task 303: [ 16.057913] kasan_save_stack+0x45/0x70 [ 16.058146] kasan_save_track+0x18/0x40 [ 16.058362] kasan_save_alloc_info+0x3b/0x50 [ 16.058607] __kasan_kmalloc+0xb7/0xc0 [ 16.058808] __kmalloc_noprof+0x1c9/0x500 [ 16.059032] kunit_kmalloc_array+0x25/0x60 [ 16.059251] copy_user_test_oob+0xab/0x10f0 [ 16.059512] kunit_try_run_case+0x1a5/0x480 [ 16.059767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.060167] kthread+0x337/0x6f0 [ 16.060372] ret_from_fork+0x116/0x1d0 [ 16.060571] ret_from_fork_asm+0x1a/0x30 [ 16.060867] [ 16.060980] The buggy address belongs to the object at ffff888102ae1400 [ 16.060980] which belongs to the cache kmalloc-128 of size 128 [ 16.061525] The buggy address is located 0 bytes inside of [ 16.061525] allocated 120-byte region [ffff888102ae1400, ffff888102ae1478) [ 16.062004] [ 16.062097] The buggy address belongs to the physical page: [ 16.062289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 16.062573] flags: 0x200000000000000(node=0|zone=2) [ 16.062837] page_type: f5(slab) [ 16.063008] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.063388] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.063666] page dumped because: kasan: bad access detected [ 16.063840] [ 16.063911] Memory state around the buggy address: [ 16.064091] ffff888102ae1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.064455] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.064934] >ffff888102ae1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.065366] ^ [ 16.065706] ffff888102ae1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.065926] ffff888102ae1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.066263] ================================================================== [ 16.020755] ================================================================== [ 16.021120] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.021742] Read of size 121 at addr ffff888102ae1400 by task kunit_try_catch/303 [ 16.022054] [ 16.022162] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.022205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.022217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.022239] Call Trace: [ 16.022254] <TASK> [ 16.022271] dump_stack_lvl+0x73/0xb0 [ 16.022298] print_report+0xd1/0x610 [ 16.022322] ? __virt_addr_valid+0x1db/0x2d0 [ 16.022345] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.022370] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.022394] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.022419] kasan_report+0x141/0x180 [ 16.022456] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.022489] kasan_check_range+0x10c/0x1c0 [ 16.022514] __kasan_check_read+0x15/0x20 [ 16.022534] copy_user_test_oob+0x4aa/0x10f0 [ 16.022561] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.022595] ? finish_task_switch.isra.0+0x153/0x700 [ 16.022619] ? __switch_to+0x47/0xf50 [ 16.022647] ? __schedule+0x10cc/0x2b60 [ 16.022683] ? __pfx_read_tsc+0x10/0x10 [ 16.022715] ? ktime_get_ts64+0x86/0x230 [ 16.022741] kunit_try_run_case+0x1a5/0x480 [ 16.022775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.022799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.022824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.022849] ? __kthread_parkme+0x82/0x180 [ 16.022879] ? preempt_count_sub+0x50/0x80 [ 16.022904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.022929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.022965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.022990] kthread+0x337/0x6f0 [ 16.023010] ? trace_preempt_on+0x20/0xc0 [ 16.023042] ? __pfx_kthread+0x10/0x10 [ 16.023063] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.023086] ? calculate_sigpending+0x7b/0xa0 [ 16.023121] ? __pfx_kthread+0x10/0x10 [ 16.023144] ret_from_fork+0x116/0x1d0 [ 16.023163] ? __pfx_kthread+0x10/0x10 [ 16.023185] ret_from_fork_asm+0x1a/0x30 [ 16.023218] </TASK> [ 16.023228] [ 16.032395] Allocated by task 303: [ 16.032986] kasan_save_stack+0x45/0x70 [ 16.033204] kasan_save_track+0x18/0x40 [ 16.033380] kasan_save_alloc_info+0x3b/0x50 [ 16.033927] __kasan_kmalloc+0xb7/0xc0 [ 16.034138] __kmalloc_noprof+0x1c9/0x500 [ 16.034329] kunit_kmalloc_array+0x25/0x60 [ 16.034529] copy_user_test_oob+0xab/0x10f0 [ 16.035045] kunit_try_run_case+0x1a5/0x480 [ 16.035445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.035859] kthread+0x337/0x6f0 [ 16.036027] ret_from_fork+0x116/0x1d0 [ 16.036204] ret_from_fork_asm+0x1a/0x30 [ 16.036387] [ 16.036488] The buggy address belongs to the object at ffff888102ae1400 [ 16.036488] which belongs to the cache kmalloc-128 of size 128 [ 16.037577] The buggy address is located 0 bytes inside of [ 16.037577] allocated 120-byte region [ffff888102ae1400, ffff888102ae1478) [ 16.038097] [ 16.038192] The buggy address belongs to the physical page: [ 16.038422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 16.039143] flags: 0x200000000000000(node=0|zone=2) [ 16.039616] page_type: f5(slab) [ 16.039994] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.040474] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.041347] page dumped because: kasan: bad access detected [ 16.042016] [ 16.042271] Memory state around the buggy address: [ 16.042522] ffff888102ae1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.042819] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.043108] >ffff888102ae1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.043392] ^ [ 16.044086] ffff888102ae1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.044559] ffff888102ae1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.045152] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 15.976336] ================================================================== [ 15.976745] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 15.977304] Read of size 121 at addr ffff888102ae1400 by task kunit_try_catch/303 [ 15.978139] [ 15.978410] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.978468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.978480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.978503] Call Trace: [ 15.978517] <TASK> [ 15.978535] dump_stack_lvl+0x73/0xb0 [ 15.978566] print_report+0xd1/0x610 [ 15.978591] ? __virt_addr_valid+0x1db/0x2d0 [ 15.978615] ? _copy_to_user+0x3c/0x70 [ 15.978635] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.978660] ? _copy_to_user+0x3c/0x70 [ 15.978680] kasan_report+0x141/0x180 [ 15.978703] ? _copy_to_user+0x3c/0x70 [ 15.978729] kasan_check_range+0x10c/0x1c0 [ 15.978754] __kasan_check_read+0x15/0x20 [ 15.978774] _copy_to_user+0x3c/0x70 [ 15.978795] copy_user_test_oob+0x364/0x10f0 [ 15.978823] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.978847] ? finish_task_switch.isra.0+0x153/0x700 [ 15.978871] ? __switch_to+0x47/0xf50 [ 15.978898] ? __schedule+0x10cc/0x2b60 [ 15.978922] ? __pfx_read_tsc+0x10/0x10 [ 15.978945] ? ktime_get_ts64+0x86/0x230 [ 15.978971] kunit_try_run_case+0x1a5/0x480 [ 15.978996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.979020] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.979045] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.979071] ? __kthread_parkme+0x82/0x180 [ 15.979092] ? preempt_count_sub+0x50/0x80 [ 15.979117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.979142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.979167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.979193] kthread+0x337/0x6f0 [ 15.979213] ? trace_preempt_on+0x20/0xc0 [ 15.979238] ? __pfx_kthread+0x10/0x10 [ 15.979260] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.979282] ? calculate_sigpending+0x7b/0xa0 [ 15.979308] ? __pfx_kthread+0x10/0x10 [ 15.979330] ret_from_fork+0x116/0x1d0 [ 15.979349] ? __pfx_kthread+0x10/0x10 [ 15.979371] ret_from_fork_asm+0x1a/0x30 [ 15.979404] </TASK> [ 15.979415] [ 15.989783] Allocated by task 303: [ 15.990041] kasan_save_stack+0x45/0x70 [ 15.990283] kasan_save_track+0x18/0x40 [ 15.990423] kasan_save_alloc_info+0x3b/0x50 [ 15.990772] __kasan_kmalloc+0xb7/0xc0 [ 15.990966] __kmalloc_noprof+0x1c9/0x500 [ 15.991191] kunit_kmalloc_array+0x25/0x60 [ 15.991338] copy_user_test_oob+0xab/0x10f0 [ 15.991533] kunit_try_run_case+0x1a5/0x480 [ 15.991956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.992218] kthread+0x337/0x6f0 [ 15.992348] ret_from_fork+0x116/0x1d0 [ 15.992494] ret_from_fork_asm+0x1a/0x30 [ 15.992637] [ 15.992730] The buggy address belongs to the object at ffff888102ae1400 [ 15.992730] which belongs to the cache kmalloc-128 of size 128 [ 15.993350] The buggy address is located 0 bytes inside of [ 15.993350] allocated 120-byte region [ffff888102ae1400, ffff888102ae1478) [ 15.993936] [ 15.994032] The buggy address belongs to the physical page: [ 15.994219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 15.994525] flags: 0x200000000000000(node=0|zone=2) [ 15.994737] page_type: f5(slab) [ 15.994901] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.995230] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.995578] page dumped because: kasan: bad access detected [ 15.995806] [ 15.995911] Memory state around the buggy address: [ 15.996115] ffff888102ae1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.996426] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.996806] >ffff888102ae1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.997060] ^ [ 15.997283] ffff888102ae1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.997689] ffff888102ae1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.998162] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 15.948282] ================================================================== [ 15.949811] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 15.950317] Write of size 121 at addr ffff888102ae1400 by task kunit_try_catch/303 [ 15.951227] [ 15.951585] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.951649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.951662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.951687] Call Trace: [ 15.951703] <TASK> [ 15.951726] dump_stack_lvl+0x73/0xb0 [ 15.951761] print_report+0xd1/0x610 [ 15.951787] ? __virt_addr_valid+0x1db/0x2d0 [ 15.951814] ? _copy_from_user+0x32/0x90 [ 15.951833] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.951858] ? _copy_from_user+0x32/0x90 [ 15.951878] kasan_report+0x141/0x180 [ 15.951900] ? _copy_from_user+0x32/0x90 [ 15.951926] kasan_check_range+0x10c/0x1c0 [ 15.951952] __kasan_check_write+0x18/0x20 [ 15.951972] _copy_from_user+0x32/0x90 [ 15.951993] copy_user_test_oob+0x2be/0x10f0 [ 15.952022] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.952045] ? finish_task_switch.isra.0+0x153/0x700 [ 15.952071] ? __switch_to+0x47/0xf50 [ 15.952100] ? __schedule+0x10cc/0x2b60 [ 15.952125] ? __pfx_read_tsc+0x10/0x10 [ 15.952147] ? ktime_get_ts64+0x86/0x230 [ 15.952174] kunit_try_run_case+0x1a5/0x480 [ 15.952199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.952222] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.952248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.952273] ? __kthread_parkme+0x82/0x180 [ 15.952296] ? preempt_count_sub+0x50/0x80 [ 15.952320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.952345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.952370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.952395] kthread+0x337/0x6f0 [ 15.952415] ? trace_preempt_on+0x20/0xc0 [ 15.952451] ? __pfx_kthread+0x10/0x10 [ 15.952474] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.952497] ? calculate_sigpending+0x7b/0xa0 [ 15.952523] ? __pfx_kthread+0x10/0x10 [ 15.952683] ret_from_fork+0x116/0x1d0 [ 15.952706] ? __pfx_kthread+0x10/0x10 [ 15.952741] ret_from_fork_asm+0x1a/0x30 [ 15.952777] </TASK> [ 15.952828] [ 15.964463] Allocated by task 303: [ 15.964661] kasan_save_stack+0x45/0x70 [ 15.964936] kasan_save_track+0x18/0x40 [ 15.965079] kasan_save_alloc_info+0x3b/0x50 [ 15.965261] __kasan_kmalloc+0xb7/0xc0 [ 15.965457] __kmalloc_noprof+0x1c9/0x500 [ 15.965693] kunit_kmalloc_array+0x25/0x60 [ 15.966036] copy_user_test_oob+0xab/0x10f0 [ 15.966186] kunit_try_run_case+0x1a5/0x480 [ 15.966366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.966752] kthread+0x337/0x6f0 [ 15.966955] ret_from_fork+0x116/0x1d0 [ 15.967104] ret_from_fork_asm+0x1a/0x30 [ 15.967309] [ 15.967395] The buggy address belongs to the object at ffff888102ae1400 [ 15.967395] which belongs to the cache kmalloc-128 of size 128 [ 15.967915] The buggy address is located 0 bytes inside of [ 15.967915] allocated 120-byte region [ffff888102ae1400, ffff888102ae1478) [ 15.968421] [ 15.968542] The buggy address belongs to the physical page: [ 15.968798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 15.969112] flags: 0x200000000000000(node=0|zone=2) [ 15.969369] page_type: f5(slab) [ 15.969556] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.969824] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.970053] page dumped because: kasan: bad access detected [ 15.970225] [ 15.970334] Memory state around the buggy address: [ 15.970575] ffff888102ae1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.970892] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.971150] >ffff888102ae1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.971366] ^ [ 15.971921] ffff888102ae1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.972215] ffff888102ae1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.972538] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 15.884653] ================================================================== [ 15.885241] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 15.885600] Read of size 8 at addr ffff8881026efd78 by task kunit_try_catch/299 [ 15.886260] [ 15.886370] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.886420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.886434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.886470] Call Trace: [ 15.886483] <TASK> [ 15.886503] dump_stack_lvl+0x73/0xb0 [ 15.886535] print_report+0xd1/0x610 [ 15.886562] ? __virt_addr_valid+0x1db/0x2d0 [ 15.886586] ? copy_to_kernel_nofault+0x225/0x260 [ 15.886612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.886654] ? copy_to_kernel_nofault+0x225/0x260 [ 15.886680] kasan_report+0x141/0x180 [ 15.886703] ? copy_to_kernel_nofault+0x225/0x260 [ 15.886733] __asan_report_load8_noabort+0x18/0x20 [ 15.886759] copy_to_kernel_nofault+0x225/0x260 [ 15.886786] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 15.886812] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.886837] ? finish_task_switch.isra.0+0x153/0x700 [ 15.886862] ? __schedule+0x10cc/0x2b60 [ 15.886885] ? trace_hardirqs_on+0x37/0xe0 [ 15.886919] ? __pfx_read_tsc+0x10/0x10 [ 15.886940] ? ktime_get_ts64+0x86/0x230 [ 15.886967] kunit_try_run_case+0x1a5/0x480 [ 15.886994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.887017] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.887042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.887067] ? __kthread_parkme+0x82/0x180 [ 15.887089] ? preempt_count_sub+0x50/0x80 [ 15.887114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.887139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.887164] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.887190] kthread+0x337/0x6f0 [ 15.887209] ? trace_preempt_on+0x20/0xc0 [ 15.887233] ? __pfx_kthread+0x10/0x10 [ 15.887254] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.887277] ? calculate_sigpending+0x7b/0xa0 [ 15.887303] ? __pfx_kthread+0x10/0x10 [ 15.887325] ret_from_fork+0x116/0x1d0 [ 15.887344] ? __pfx_kthread+0x10/0x10 [ 15.887365] ret_from_fork_asm+0x1a/0x30 [ 15.887399] </TASK> [ 15.887410] [ 15.898516] Allocated by task 299: [ 15.899059] kasan_save_stack+0x45/0x70 [ 15.899404] kasan_save_track+0x18/0x40 [ 15.899712] kasan_save_alloc_info+0x3b/0x50 [ 15.900020] __kasan_kmalloc+0xb7/0xc0 [ 15.900307] __kmalloc_cache_noprof+0x189/0x420 [ 15.900697] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.900937] kunit_try_run_case+0x1a5/0x480 [ 15.901136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.901374] kthread+0x337/0x6f0 [ 15.901883] ret_from_fork+0x116/0x1d0 [ 15.902143] ret_from_fork_asm+0x1a/0x30 [ 15.902301] [ 15.902616] The buggy address belongs to the object at ffff8881026efd00 [ 15.902616] which belongs to the cache kmalloc-128 of size 128 [ 15.903248] The buggy address is located 0 bytes to the right of [ 15.903248] allocated 120-byte region [ffff8881026efd00, ffff8881026efd78) [ 15.904020] [ 15.904136] The buggy address belongs to the physical page: [ 15.904386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ef [ 15.904980] flags: 0x200000000000000(node=0|zone=2) [ 15.905316] page_type: f5(slab) [ 15.905589] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.906018] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.906352] page dumped because: kasan: bad access detected [ 15.906758] [ 15.906863] Memory state around the buggy address: [ 15.907239] ffff8881026efc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.907691] ffff8881026efc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.907961] >ffff8881026efd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.908282] ^ [ 15.908776] ffff8881026efd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.909071] ffff8881026efe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.909610] ================================================================== [ 15.910510] ================================================================== [ 15.911455] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 15.911970] Write of size 8 at addr ffff8881026efd78 by task kunit_try_catch/299 [ 15.912696] [ 15.912798] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.912847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.912859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.912883] Call Trace: [ 15.912902] <TASK> [ 15.912922] dump_stack_lvl+0x73/0xb0 [ 15.912954] print_report+0xd1/0x610 [ 15.912978] ? __virt_addr_valid+0x1db/0x2d0 [ 15.913002] ? copy_to_kernel_nofault+0x99/0x260 [ 15.913026] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.913050] ? copy_to_kernel_nofault+0x99/0x260 [ 15.913076] kasan_report+0x141/0x180 [ 15.913112] ? copy_to_kernel_nofault+0x99/0x260 [ 15.913297] kasan_check_range+0x10c/0x1c0 [ 15.913324] __kasan_check_write+0x18/0x20 [ 15.913344] copy_to_kernel_nofault+0x99/0x260 [ 15.913371] copy_to_kernel_nofault_oob+0x288/0x560 [ 15.913400] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.913448] ? finish_task_switch.isra.0+0x153/0x700 [ 15.913475] ? __schedule+0x10cc/0x2b60 [ 15.913500] ? trace_hardirqs_on+0x37/0xe0 [ 15.913534] ? __pfx_read_tsc+0x10/0x10 [ 15.913557] ? ktime_get_ts64+0x86/0x230 [ 15.913582] kunit_try_run_case+0x1a5/0x480 [ 15.913608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.913632] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.913657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.913682] ? __kthread_parkme+0x82/0x180 [ 15.913704] ? preempt_count_sub+0x50/0x80 [ 15.913729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.913753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.913779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.913804] kthread+0x337/0x6f0 [ 15.913824] ? trace_preempt_on+0x20/0xc0 [ 15.913846] ? __pfx_kthread+0x10/0x10 [ 15.913868] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.913890] ? calculate_sigpending+0x7b/0xa0 [ 15.913916] ? __pfx_kthread+0x10/0x10 [ 15.913938] ret_from_fork+0x116/0x1d0 [ 15.913958] ? __pfx_kthread+0x10/0x10 [ 15.913979] ret_from_fork_asm+0x1a/0x30 [ 15.914013] </TASK> [ 15.914025] [ 15.925657] Allocated by task 299: [ 15.926067] kasan_save_stack+0x45/0x70 [ 15.926387] kasan_save_track+0x18/0x40 [ 15.926754] kasan_save_alloc_info+0x3b/0x50 [ 15.927016] __kasan_kmalloc+0xb7/0xc0 [ 15.927187] __kmalloc_cache_noprof+0x189/0x420 [ 15.927390] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.927856] kunit_try_run_case+0x1a5/0x480 [ 15.928109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.928453] kthread+0x337/0x6f0 [ 15.928743] ret_from_fork+0x116/0x1d0 [ 15.928881] ret_from_fork_asm+0x1a/0x30 [ 15.929239] [ 15.929582] The buggy address belongs to the object at ffff8881026efd00 [ 15.929582] which belongs to the cache kmalloc-128 of size 128 [ 15.930271] The buggy address is located 0 bytes to the right of [ 15.930271] allocated 120-byte region [ffff8881026efd00, ffff8881026efd78) [ 15.931032] [ 15.931135] The buggy address belongs to the physical page: [ 15.931568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ef [ 15.931922] flags: 0x200000000000000(node=0|zone=2) [ 15.932100] page_type: f5(slab) [ 15.932273] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.932564] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.933000] page dumped because: kasan: bad access detected [ 15.933250] [ 15.933369] Memory state around the buggy address: [ 15.933565] ffff8881026efc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.933800] ffff8881026efc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.934193] >ffff8881026efd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.934484] ^ [ 15.934714] ffff8881026efd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.935148] ffff8881026efe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.935479] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 15.360480] ================================================================== [ 15.360848] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.361320] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.362022] [ 15.362132] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.362175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.362391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.362414] Call Trace: [ 15.362428] <TASK> [ 15.362454] dump_stack_lvl+0x73/0xb0 [ 15.362484] print_report+0xd1/0x610 [ 15.362506] ? __virt_addr_valid+0x1db/0x2d0 [ 15.362528] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.362561] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.362585] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.362607] kasan_report+0x141/0x180 [ 15.362630] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.362658] kasan_check_range+0x10c/0x1c0 [ 15.362682] __kasan_check_write+0x18/0x20 [ 15.362702] kasan_atomics_helper+0x16e7/0x5450 [ 15.362726] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.362749] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.362776] ? kasan_atomics+0x152/0x310 [ 15.362803] kasan_atomics+0x1dc/0x310 [ 15.362826] ? __pfx_kasan_atomics+0x10/0x10 [ 15.362851] ? __pfx_read_tsc+0x10/0x10 [ 15.362872] ? ktime_get_ts64+0x86/0x230 [ 15.362897] kunit_try_run_case+0x1a5/0x480 [ 15.362922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.362944] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.362969] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.362994] ? __kthread_parkme+0x82/0x180 [ 15.363015] ? preempt_count_sub+0x50/0x80 [ 15.363040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.363065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.363089] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.363115] kthread+0x337/0x6f0 [ 15.363135] ? trace_preempt_on+0x20/0xc0 [ 15.363158] ? __pfx_kthread+0x10/0x10 [ 15.363179] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.363202] ? calculate_sigpending+0x7b/0xa0 [ 15.363226] ? __pfx_kthread+0x10/0x10 [ 15.363248] ret_from_fork+0x116/0x1d0 [ 15.363267] ? __pfx_kthread+0x10/0x10 [ 15.363288] ret_from_fork_asm+0x1a/0x30 [ 15.363322] </TASK> [ 15.363332] [ 15.374045] Allocated by task 283: [ 15.374406] kasan_save_stack+0x45/0x70 [ 15.374680] kasan_save_track+0x18/0x40 [ 15.374861] kasan_save_alloc_info+0x3b/0x50 [ 15.375062] __kasan_kmalloc+0xb7/0xc0 [ 15.375243] __kmalloc_cache_noprof+0x189/0x420 [ 15.375462] kasan_atomics+0x95/0x310 [ 15.375931] kunit_try_run_case+0x1a5/0x480 [ 15.376190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.376501] kthread+0x337/0x6f0 [ 15.376765] ret_from_fork+0x116/0x1d0 [ 15.376960] ret_from_fork_asm+0x1a/0x30 [ 15.377285] [ 15.377362] The buggy address belongs to the object at ffff8881026f3680 [ 15.377362] which belongs to the cache kmalloc-64 of size 64 [ 15.378311] The buggy address is located 0 bytes to the right of [ 15.378311] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.378929] [ 15.379164] The buggy address belongs to the physical page: [ 15.379473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.380044] flags: 0x200000000000000(node=0|zone=2) [ 15.380296] page_type: f5(slab) [ 15.380578] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.380997] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.381366] page dumped because: kasan: bad access detected [ 15.381672] [ 15.381772] Memory state around the buggy address: [ 15.382158] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.382469] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.382935] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.383338] ^ [ 15.383680] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.384064] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.384365] ================================================================== [ 15.006377] ================================================================== [ 15.007032] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.007357] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.007716] [ 15.007806] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.007848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.007860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.007881] Call Trace: [ 15.007907] <TASK> [ 15.007922] dump_stack_lvl+0x73/0xb0 [ 15.007949] print_report+0xd1/0x610 [ 15.007982] ? __virt_addr_valid+0x1db/0x2d0 [ 15.008004] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.008027] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.008050] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.008073] kasan_report+0x141/0x180 [ 15.008096] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.008123] kasan_check_range+0x10c/0x1c0 [ 15.008148] __kasan_check_write+0x18/0x20 [ 15.008168] kasan_atomics_helper+0xfa9/0x5450 [ 15.008192] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.008215] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.008241] ? kasan_atomics+0x152/0x310 [ 15.008268] kasan_atomics+0x1dc/0x310 [ 15.008291] ? __pfx_kasan_atomics+0x10/0x10 [ 15.008316] ? __pfx_read_tsc+0x10/0x10 [ 15.008337] ? ktime_get_ts64+0x86/0x230 [ 15.008364] kunit_try_run_case+0x1a5/0x480 [ 15.008388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.008413] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.008446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.008470] ? __kthread_parkme+0x82/0x180 [ 15.008491] ? preempt_count_sub+0x50/0x80 [ 15.008516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.008560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.008585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.008609] kthread+0x337/0x6f0 [ 15.008630] ? trace_preempt_on+0x20/0xc0 [ 15.008653] ? __pfx_kthread+0x10/0x10 [ 15.008675] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.008697] ? calculate_sigpending+0x7b/0xa0 [ 15.008722] ? __pfx_kthread+0x10/0x10 [ 15.008744] ret_from_fork+0x116/0x1d0 [ 15.008772] ? __pfx_kthread+0x10/0x10 [ 15.008794] ret_from_fork_asm+0x1a/0x30 [ 15.008827] </TASK> [ 15.008848] [ 15.016123] Allocated by task 283: [ 15.016305] kasan_save_stack+0x45/0x70 [ 15.016514] kasan_save_track+0x18/0x40 [ 15.016751] kasan_save_alloc_info+0x3b/0x50 [ 15.016925] __kasan_kmalloc+0xb7/0xc0 [ 15.017116] __kmalloc_cache_noprof+0x189/0x420 [ 15.017339] kasan_atomics+0x95/0x310 [ 15.017558] kunit_try_run_case+0x1a5/0x480 [ 15.017741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.017993] kthread+0x337/0x6f0 [ 15.018163] ret_from_fork+0x116/0x1d0 [ 15.018331] ret_from_fork_asm+0x1a/0x30 [ 15.018581] [ 15.018673] The buggy address belongs to the object at ffff8881026f3680 [ 15.018673] which belongs to the cache kmalloc-64 of size 64 [ 15.019188] The buggy address is located 0 bytes to the right of [ 15.019188] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.019738] [ 15.019860] The buggy address belongs to the physical page: [ 15.020074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.020412] flags: 0x200000000000000(node=0|zone=2) [ 15.020640] page_type: f5(slab) [ 15.020789] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.021148] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.021430] page dumped because: kasan: bad access detected [ 15.021687] [ 15.021799] Memory state around the buggy address: [ 15.021983] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.022239] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.022462] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.022698] ^ [ 15.022853] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.023069] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.023282] ================================================================== [ 15.122668] ================================================================== [ 15.123019] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.123296] Read of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.123808] [ 15.123925] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.123968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.123980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.124001] Call Trace: [ 15.124015] <TASK> [ 15.124031] dump_stack_lvl+0x73/0xb0 [ 15.124059] print_report+0xd1/0x610 [ 15.124082] ? __virt_addr_valid+0x1db/0x2d0 [ 15.124105] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.124127] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.124151] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.124174] kasan_report+0x141/0x180 [ 15.124197] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.124225] __asan_report_load4_noabort+0x18/0x20 [ 15.124250] kasan_atomics_helper+0x4a02/0x5450 [ 15.124274] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.124297] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.124322] ? kasan_atomics+0x152/0x310 [ 15.124349] kasan_atomics+0x1dc/0x310 [ 15.124372] ? __pfx_kasan_atomics+0x10/0x10 [ 15.124397] ? __pfx_read_tsc+0x10/0x10 [ 15.124429] ? ktime_get_ts64+0x86/0x230 [ 15.124470] kunit_try_run_case+0x1a5/0x480 [ 15.124494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.124517] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.124549] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.124574] ? __kthread_parkme+0x82/0x180 [ 15.124594] ? preempt_count_sub+0x50/0x80 [ 15.124619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.124644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.124668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.124693] kthread+0x337/0x6f0 [ 15.124713] ? trace_preempt_on+0x20/0xc0 [ 15.124737] ? __pfx_kthread+0x10/0x10 [ 15.124758] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.124780] ? calculate_sigpending+0x7b/0xa0 [ 15.124805] ? __pfx_kthread+0x10/0x10 [ 15.124826] ret_from_fork+0x116/0x1d0 [ 15.124845] ? __pfx_kthread+0x10/0x10 [ 15.124867] ret_from_fork_asm+0x1a/0x30 [ 15.124900] </TASK> [ 15.124910] [ 15.132124] Allocated by task 283: [ 15.132291] kasan_save_stack+0x45/0x70 [ 15.132480] kasan_save_track+0x18/0x40 [ 15.132663] kasan_save_alloc_info+0x3b/0x50 [ 15.132812] __kasan_kmalloc+0xb7/0xc0 [ 15.132945] __kmalloc_cache_noprof+0x189/0x420 [ 15.133100] kasan_atomics+0x95/0x310 [ 15.133330] kunit_try_run_case+0x1a5/0x480 [ 15.133573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.133839] kthread+0x337/0x6f0 [ 15.134010] ret_from_fork+0x116/0x1d0 [ 15.134199] ret_from_fork_asm+0x1a/0x30 [ 15.134375] [ 15.134456] The buggy address belongs to the object at ffff8881026f3680 [ 15.134456] which belongs to the cache kmalloc-64 of size 64 [ 15.135276] The buggy address is located 0 bytes to the right of [ 15.135276] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.135790] [ 15.135877] The buggy address belongs to the physical page: [ 15.136137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.136457] flags: 0x200000000000000(node=0|zone=2) [ 15.136675] page_type: f5(slab) [ 15.136844] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.137150] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.137485] page dumped because: kasan: bad access detected [ 15.137729] [ 15.137829] Memory state around the buggy address: [ 15.138010] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.138227] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.138456] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.138676] ^ [ 15.138840] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.139127] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.139706] ================================================================== [ 14.556034] ================================================================== [ 14.556358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.557388] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.558078] [ 14.558204] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.558252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.558264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.558287] Call Trace: [ 14.558304] <TASK> [ 14.558321] dump_stack_lvl+0x73/0xb0 [ 14.558352] print_report+0xd1/0x610 [ 14.558374] ? __virt_addr_valid+0x1db/0x2d0 [ 14.558397] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.558609] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.558634] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.558672] kasan_report+0x141/0x180 [ 14.558697] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.558732] __asan_report_store4_noabort+0x1b/0x30 [ 14.558757] kasan_atomics_helper+0x4b6e/0x5450 [ 14.558784] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.558810] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.558835] ? kasan_atomics+0x152/0x310 [ 14.558863] kasan_atomics+0x1dc/0x310 [ 14.558886] ? __pfx_kasan_atomics+0x10/0x10 [ 14.558910] ? __pfx_read_tsc+0x10/0x10 [ 14.558932] ? ktime_get_ts64+0x86/0x230 [ 14.558958] kunit_try_run_case+0x1a5/0x480 [ 14.558983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559006] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.559031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.559055] ? __kthread_parkme+0x82/0x180 [ 14.559076] ? preempt_count_sub+0x50/0x80 [ 14.559101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.559151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.559177] kthread+0x337/0x6f0 [ 14.559197] ? trace_preempt_on+0x20/0xc0 [ 14.559221] ? __pfx_kthread+0x10/0x10 [ 14.559242] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.559264] ? calculate_sigpending+0x7b/0xa0 [ 14.559289] ? __pfx_kthread+0x10/0x10 [ 14.559311] ret_from_fork+0x116/0x1d0 [ 14.559330] ? __pfx_kthread+0x10/0x10 [ 14.559351] ret_from_fork_asm+0x1a/0x30 [ 14.559384] </TASK> [ 14.559395] [ 14.567678] Allocated by task 283: [ 14.567808] kasan_save_stack+0x45/0x70 [ 14.568143] kasan_save_track+0x18/0x40 [ 14.568340] kasan_save_alloc_info+0x3b/0x50 [ 14.568615] __kasan_kmalloc+0xb7/0xc0 [ 14.568802] __kmalloc_cache_noprof+0x189/0x420 [ 14.569015] kasan_atomics+0x95/0x310 [ 14.569153] kunit_try_run_case+0x1a5/0x480 [ 14.569300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.569497] kthread+0x337/0x6f0 [ 14.569849] ret_from_fork+0x116/0x1d0 [ 14.570039] ret_from_fork_asm+0x1a/0x30 [ 14.570240] [ 14.570348] The buggy address belongs to the object at ffff8881026f3680 [ 14.570348] which belongs to the cache kmalloc-64 of size 64 [ 14.570844] The buggy address is located 0 bytes to the right of [ 14.570844] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.571230] [ 14.571317] The buggy address belongs to the physical page: [ 14.571610] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.571981] flags: 0x200000000000000(node=0|zone=2) [ 14.572215] page_type: f5(slab) [ 14.572383] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.572781] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.573025] page dumped because: kasan: bad access detected [ 14.573204] [ 14.573274] Memory state around the buggy address: [ 14.573499] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.574213] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.574722] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.575028] ^ [ 14.575235] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.575568] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.575945] ================================================================== [ 15.197204] ================================================================== [ 15.197794] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.198135] Read of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.198556] [ 15.198667] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.198707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.198719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.198739] Call Trace: [ 15.198751] <TASK> [ 15.198766] dump_stack_lvl+0x73/0xb0 [ 15.198793] print_report+0xd1/0x610 [ 15.198815] ? __virt_addr_valid+0x1db/0x2d0 [ 15.198838] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.198860] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.198884] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.198907] kasan_report+0x141/0x180 [ 15.198929] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.198957] __asan_report_load4_noabort+0x18/0x20 [ 15.198982] kasan_atomics_helper+0x49ce/0x5450 [ 15.199006] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.199030] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.199055] ? kasan_atomics+0x152/0x310 [ 15.199083] kasan_atomics+0x1dc/0x310 [ 15.199106] ? __pfx_kasan_atomics+0x10/0x10 [ 15.199131] ? __pfx_read_tsc+0x10/0x10 [ 15.199152] ? ktime_get_ts64+0x86/0x230 [ 15.199177] kunit_try_run_case+0x1a5/0x480 [ 15.199202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.199226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.199250] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.199275] ? __kthread_parkme+0x82/0x180 [ 15.199296] ? preempt_count_sub+0x50/0x80 [ 15.199321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.199345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.199370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.199395] kthread+0x337/0x6f0 [ 15.199414] ? trace_preempt_on+0x20/0xc0 [ 15.199449] ? __pfx_kthread+0x10/0x10 [ 15.199469] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.199492] ? calculate_sigpending+0x7b/0xa0 [ 15.199516] ? __pfx_kthread+0x10/0x10 [ 15.199538] ret_from_fork+0x116/0x1d0 [ 15.199558] ? __pfx_kthread+0x10/0x10 [ 15.199579] ret_from_fork_asm+0x1a/0x30 [ 15.199614] </TASK> [ 15.199624] [ 15.206887] Allocated by task 283: [ 15.207072] kasan_save_stack+0x45/0x70 [ 15.207276] kasan_save_track+0x18/0x40 [ 15.207478] kasan_save_alloc_info+0x3b/0x50 [ 15.207850] __kasan_kmalloc+0xb7/0xc0 [ 15.208045] __kmalloc_cache_noprof+0x189/0x420 [ 15.208273] kasan_atomics+0x95/0x310 [ 15.208451] kunit_try_run_case+0x1a5/0x480 [ 15.208646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.208890] kthread+0x337/0x6f0 [ 15.209016] ret_from_fork+0x116/0x1d0 [ 15.209205] ret_from_fork_asm+0x1a/0x30 [ 15.209405] [ 15.209513] The buggy address belongs to the object at ffff8881026f3680 [ 15.209513] which belongs to the cache kmalloc-64 of size 64 [ 15.209989] The buggy address is located 0 bytes to the right of [ 15.209989] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.210486] [ 15.210608] The buggy address belongs to the physical page: [ 15.210843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.211138] flags: 0x200000000000000(node=0|zone=2) [ 15.211354] page_type: f5(slab) [ 15.211529] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.211836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.212144] page dumped because: kasan: bad access detected [ 15.212346] [ 15.212415] Memory state around the buggy address: [ 15.212643] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.212956] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.213227] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.213531] ^ [ 15.213721] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.213938] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214152] ================================================================== [ 15.232234] ================================================================== [ 15.232679] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.233033] Read of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.233332] [ 15.233415] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.233467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.233479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.233500] Call Trace: [ 15.233513] <TASK> [ 15.233527] dump_stack_lvl+0x73/0xb0 [ 15.233554] print_report+0xd1/0x610 [ 15.233588] ? __virt_addr_valid+0x1db/0x2d0 [ 15.233612] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.233634] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.233658] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.233680] kasan_report+0x141/0x180 [ 15.233703] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.233732] __asan_report_load8_noabort+0x18/0x20 [ 15.233757] kasan_atomics_helper+0x4eae/0x5450 [ 15.233780] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.233803] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.233829] ? kasan_atomics+0x152/0x310 [ 15.233857] kasan_atomics+0x1dc/0x310 [ 15.233880] ? __pfx_kasan_atomics+0x10/0x10 [ 15.233905] ? __pfx_read_tsc+0x10/0x10 [ 15.233926] ? ktime_get_ts64+0x86/0x230 [ 15.233952] kunit_try_run_case+0x1a5/0x480 [ 15.233977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.234000] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.234024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.234049] ? __kthread_parkme+0x82/0x180 [ 15.234070] ? preempt_count_sub+0x50/0x80 [ 15.234095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.234119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.234143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.234169] kthread+0x337/0x6f0 [ 15.234189] ? trace_preempt_on+0x20/0xc0 [ 15.234213] ? __pfx_kthread+0x10/0x10 [ 15.234233] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.234256] ? calculate_sigpending+0x7b/0xa0 [ 15.234281] ? __pfx_kthread+0x10/0x10 [ 15.234303] ret_from_fork+0x116/0x1d0 [ 15.234322] ? __pfx_kthread+0x10/0x10 [ 15.234344] ret_from_fork_asm+0x1a/0x30 [ 15.234377] </TASK> [ 15.234387] [ 15.241468] Allocated by task 283: [ 15.241706] kasan_save_stack+0x45/0x70 [ 15.241908] kasan_save_track+0x18/0x40 [ 15.242061] kasan_save_alloc_info+0x3b/0x50 [ 15.242243] __kasan_kmalloc+0xb7/0xc0 [ 15.242443] __kmalloc_cache_noprof+0x189/0x420 [ 15.242692] kasan_atomics+0x95/0x310 [ 15.242878] kunit_try_run_case+0x1a5/0x480 [ 15.243063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.243288] kthread+0x337/0x6f0 [ 15.243432] ret_from_fork+0x116/0x1d0 [ 15.243632] ret_from_fork_asm+0x1a/0x30 [ 15.243823] [ 15.243909] The buggy address belongs to the object at ffff8881026f3680 [ 15.243909] which belongs to the cache kmalloc-64 of size 64 [ 15.244368] The buggy address is located 0 bytes to the right of [ 15.244368] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.244875] [ 15.244973] The buggy address belongs to the physical page: [ 15.245185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.245428] flags: 0x200000000000000(node=0|zone=2) [ 15.245601] page_type: f5(slab) [ 15.245722] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.245957] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.246187] page dumped because: kasan: bad access detected [ 15.246476] [ 15.246575] Memory state around the buggy address: [ 15.246798] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.247111] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.247421] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.247781] ^ [ 15.247937] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.248153] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.248368] ================================================================== [ 15.599159] ================================================================== [ 15.599757] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 15.600095] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.600325] [ 15.600414] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.600470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.600482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.600505] Call Trace: [ 15.600525] <TASK> [ 15.600544] dump_stack_lvl+0x73/0xb0 [ 15.600574] print_report+0xd1/0x610 [ 15.600597] ? __virt_addr_valid+0x1db/0x2d0 [ 15.600620] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.600642] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.600666] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.600689] kasan_report+0x141/0x180 [ 15.600712] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.600740] kasan_check_range+0x10c/0x1c0 [ 15.600765] __kasan_check_write+0x18/0x20 [ 15.600785] kasan_atomics_helper+0x1d7a/0x5450 [ 15.600810] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.600833] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.600859] ? kasan_atomics+0x152/0x310 [ 15.600886] kasan_atomics+0x1dc/0x310 [ 15.600909] ? __pfx_kasan_atomics+0x10/0x10 [ 15.600935] ? __pfx_read_tsc+0x10/0x10 [ 15.600956] ? ktime_get_ts64+0x86/0x230 [ 15.600982] kunit_try_run_case+0x1a5/0x480 [ 15.601007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.601031] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.601056] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.601081] ? __kthread_parkme+0x82/0x180 [ 15.601101] ? preempt_count_sub+0x50/0x80 [ 15.601127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.601156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.601180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.601205] kthread+0x337/0x6f0 [ 15.601224] ? trace_preempt_on+0x20/0xc0 [ 15.601247] ? __pfx_kthread+0x10/0x10 [ 15.601269] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.601291] ? calculate_sigpending+0x7b/0xa0 [ 15.601316] ? __pfx_kthread+0x10/0x10 [ 15.601338] ret_from_fork+0x116/0x1d0 [ 15.601357] ? __pfx_kthread+0x10/0x10 [ 15.601378] ret_from_fork_asm+0x1a/0x30 [ 15.601412] </TASK> [ 15.601423] [ 15.609756] Allocated by task 283: [ 15.609973] kasan_save_stack+0x45/0x70 [ 15.610231] kasan_save_track+0x18/0x40 [ 15.610471] kasan_save_alloc_info+0x3b/0x50 [ 15.610726] __kasan_kmalloc+0xb7/0xc0 [ 15.610916] __kmalloc_cache_noprof+0x189/0x420 [ 15.611170] kasan_atomics+0x95/0x310 [ 15.611360] kunit_try_run_case+0x1a5/0x480 [ 15.611708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.611969] kthread+0x337/0x6f0 [ 15.612116] ret_from_fork+0x116/0x1d0 [ 15.612251] ret_from_fork_asm+0x1a/0x30 [ 15.612428] [ 15.612537] The buggy address belongs to the object at ffff8881026f3680 [ 15.612537] which belongs to the cache kmalloc-64 of size 64 [ 15.613099] The buggy address is located 0 bytes to the right of [ 15.613099] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.613529] [ 15.613612] The buggy address belongs to the physical page: [ 15.613789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.614156] flags: 0x200000000000000(node=0|zone=2) [ 15.614390] page_type: f5(slab) [ 15.614589] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.614949] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.615250] page dumped because: kasan: bad access detected [ 15.615528] [ 15.615632] Memory state around the buggy address: [ 15.615837] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.616188] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.616525] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.616932] ^ [ 15.617157] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.617521] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.617845] ================================================================== [ 15.714417] ================================================================== [ 15.715176] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 15.715503] Read of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.715798] [ 15.715883] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.715925] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.715937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.715959] Call Trace: [ 15.715976] <TASK> [ 15.715991] dump_stack_lvl+0x73/0xb0 [ 15.716018] print_report+0xd1/0x610 [ 15.716040] ? __virt_addr_valid+0x1db/0x2d0 [ 15.716063] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.716085] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.716109] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.716132] kasan_report+0x141/0x180 [ 15.716155] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.716183] __asan_report_load8_noabort+0x18/0x20 [ 15.716208] kasan_atomics_helper+0x4f98/0x5450 [ 15.716232] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.716255] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.716281] ? kasan_atomics+0x152/0x310 [ 15.716308] kasan_atomics+0x1dc/0x310 [ 15.716332] ? __pfx_kasan_atomics+0x10/0x10 [ 15.716356] ? __pfx_read_tsc+0x10/0x10 [ 15.716378] ? ktime_get_ts64+0x86/0x230 [ 15.716404] kunit_try_run_case+0x1a5/0x480 [ 15.716428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.716462] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.716487] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.716512] ? __kthread_parkme+0x82/0x180 [ 15.716533] ? preempt_count_sub+0x50/0x80 [ 15.716566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.716591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.716616] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.716641] kthread+0x337/0x6f0 [ 15.716661] ? trace_preempt_on+0x20/0xc0 [ 15.716684] ? __pfx_kthread+0x10/0x10 [ 15.716705] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.716773] ? calculate_sigpending+0x7b/0xa0 [ 15.716825] ? __pfx_kthread+0x10/0x10 [ 15.716847] ret_from_fork+0x116/0x1d0 [ 15.716895] ? __pfx_kthread+0x10/0x10 [ 15.716917] ret_from_fork_asm+0x1a/0x30 [ 15.716976] </TASK> [ 15.716987] [ 15.728615] Allocated by task 283: [ 15.728793] kasan_save_stack+0x45/0x70 [ 15.729004] kasan_save_track+0x18/0x40 [ 15.729189] kasan_save_alloc_info+0x3b/0x50 [ 15.729342] __kasan_kmalloc+0xb7/0xc0 [ 15.729501] __kmalloc_cache_noprof+0x189/0x420 [ 15.729741] kasan_atomics+0x95/0x310 [ 15.729929] kunit_try_run_case+0x1a5/0x480 [ 15.730137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.730348] kthread+0x337/0x6f0 [ 15.730546] ret_from_fork+0x116/0x1d0 [ 15.730724] ret_from_fork_asm+0x1a/0x30 [ 15.730917] [ 15.731014] The buggy address belongs to the object at ffff8881026f3680 [ 15.731014] which belongs to the cache kmalloc-64 of size 64 [ 15.731486] The buggy address is located 0 bytes to the right of [ 15.731486] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.731979] [ 15.732083] The buggy address belongs to the physical page: [ 15.732338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.732617] flags: 0x200000000000000(node=0|zone=2) [ 15.732786] page_type: f5(slab) [ 15.732909] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.733261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.733630] page dumped because: kasan: bad access detected [ 15.733881] [ 15.733974] Memory state around the buggy address: [ 15.734197] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.734474] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.734736] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.735029] ^ [ 15.735254] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.735563] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.735843] ================================================================== [ 15.559687] ================================================================== [ 15.560074] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 15.560338] Read of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.561036] [ 15.561141] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.561187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.561200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.561222] Call Trace: [ 15.561238] <TASK> [ 15.561255] dump_stack_lvl+0x73/0xb0 [ 15.561285] print_report+0xd1/0x610 [ 15.561307] ? __virt_addr_valid+0x1db/0x2d0 [ 15.561330] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.561353] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.561376] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.561399] kasan_report+0x141/0x180 [ 15.561422] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.561464] __asan_report_load8_noabort+0x18/0x20 [ 15.561490] kasan_atomics_helper+0x4f30/0x5450 [ 15.561514] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.561538] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.561563] ? kasan_atomics+0x152/0x310 [ 15.561613] kasan_atomics+0x1dc/0x310 [ 15.561637] ? __pfx_kasan_atomics+0x10/0x10 [ 15.561661] ? __pfx_read_tsc+0x10/0x10 [ 15.561683] ? ktime_get_ts64+0x86/0x230 [ 15.561710] kunit_try_run_case+0x1a5/0x480 [ 15.561734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.561757] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.561781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.561823] ? __kthread_parkme+0x82/0x180 [ 15.561844] ? preempt_count_sub+0x50/0x80 [ 15.561869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.561894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.561918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.561943] kthread+0x337/0x6f0 [ 15.561963] ? trace_preempt_on+0x20/0xc0 [ 15.562002] ? __pfx_kthread+0x10/0x10 [ 15.562022] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.562045] ? calculate_sigpending+0x7b/0xa0 [ 15.562069] ? __pfx_kthread+0x10/0x10 [ 15.562091] ret_from_fork+0x116/0x1d0 [ 15.562109] ? __pfx_kthread+0x10/0x10 [ 15.562131] ret_from_fork_asm+0x1a/0x30 [ 15.562164] </TASK> [ 15.562175] [ 15.570146] Allocated by task 283: [ 15.570362] kasan_save_stack+0x45/0x70 [ 15.570564] kasan_save_track+0x18/0x40 [ 15.570751] kasan_save_alloc_info+0x3b/0x50 [ 15.570959] __kasan_kmalloc+0xb7/0xc0 [ 15.571163] __kmalloc_cache_noprof+0x189/0x420 [ 15.571314] kasan_atomics+0x95/0x310 [ 15.571627] kunit_try_run_case+0x1a5/0x480 [ 15.571837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.572052] kthread+0x337/0x6f0 [ 15.572170] ret_from_fork+0x116/0x1d0 [ 15.572299] ret_from_fork_asm+0x1a/0x30 [ 15.572446] [ 15.572539] The buggy address belongs to the object at ffff8881026f3680 [ 15.572539] which belongs to the cache kmalloc-64 of size 64 [ 15.573072] The buggy address is located 0 bytes to the right of [ 15.573072] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.573852] [ 15.574004] The buggy address belongs to the physical page: [ 15.574276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.574705] flags: 0x200000000000000(node=0|zone=2) [ 15.574868] page_type: f5(slab) [ 15.574986] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.575213] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.575478] page dumped because: kasan: bad access detected [ 15.575968] [ 15.576098] Memory state around the buggy address: [ 15.576352] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.576735] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.577102] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.577430] ^ [ 15.577674] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.577979] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.578283] ================================================================== [ 15.770265] ================================================================== [ 15.770774] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 15.771218] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.771540] [ 15.771654] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.771695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.771706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.771727] Call Trace: [ 15.771742] <TASK> [ 15.771757] dump_stack_lvl+0x73/0xb0 [ 15.771783] print_report+0xd1/0x610 [ 15.771805] ? __virt_addr_valid+0x1db/0x2d0 [ 15.771829] ? kasan_atomics_helper+0x218a/0x5450 [ 15.771850] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.771873] ? kasan_atomics_helper+0x218a/0x5450 [ 15.771896] kasan_report+0x141/0x180 [ 15.771918] ? kasan_atomics_helper+0x218a/0x5450 [ 15.771946] kasan_check_range+0x10c/0x1c0 [ 15.771971] __kasan_check_write+0x18/0x20 [ 15.771991] kasan_atomics_helper+0x218a/0x5450 [ 15.772014] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.772037] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.772063] ? kasan_atomics+0x152/0x310 [ 15.772090] kasan_atomics+0x1dc/0x310 [ 15.772113] ? __pfx_kasan_atomics+0x10/0x10 [ 15.772138] ? __pfx_read_tsc+0x10/0x10 [ 15.772159] ? ktime_get_ts64+0x86/0x230 [ 15.772185] kunit_try_run_case+0x1a5/0x480 [ 15.772209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.772232] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.772256] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.772284] ? __kthread_parkme+0x82/0x180 [ 15.772305] ? preempt_count_sub+0x50/0x80 [ 15.772329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.772354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.772378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.772403] kthread+0x337/0x6f0 [ 15.772422] ? trace_preempt_on+0x20/0xc0 [ 15.772455] ? __pfx_kthread+0x10/0x10 [ 15.772476] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.772498] ? calculate_sigpending+0x7b/0xa0 [ 15.772541] ? __pfx_kthread+0x10/0x10 [ 15.772564] ret_from_fork+0x116/0x1d0 [ 15.772582] ? __pfx_kthread+0x10/0x10 [ 15.772603] ret_from_fork_asm+0x1a/0x30 [ 15.772636] </TASK> [ 15.772646] [ 15.784123] Allocated by task 283: [ 15.784301] kasan_save_stack+0x45/0x70 [ 15.784523] kasan_save_track+0x18/0x40 [ 15.785023] kasan_save_alloc_info+0x3b/0x50 [ 15.785208] __kasan_kmalloc+0xb7/0xc0 [ 15.785570] __kmalloc_cache_noprof+0x189/0x420 [ 15.785874] kasan_atomics+0x95/0x310 [ 15.786159] kunit_try_run_case+0x1a5/0x480 [ 15.786320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.786816] kthread+0x337/0x6f0 [ 15.787079] ret_from_fork+0x116/0x1d0 [ 15.787336] ret_from_fork_asm+0x1a/0x30 [ 15.787504] [ 15.787603] The buggy address belongs to the object at ffff8881026f3680 [ 15.787603] which belongs to the cache kmalloc-64 of size 64 [ 15.788495] The buggy address is located 0 bytes to the right of [ 15.788495] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.789107] [ 15.789195] The buggy address belongs to the physical page: [ 15.789613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.790043] flags: 0x200000000000000(node=0|zone=2) [ 15.790355] page_type: f5(slab) [ 15.790532] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.790943] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.791277] page dumped because: kasan: bad access detected [ 15.791693] [ 15.791792] Memory state around the buggy address: [ 15.792137] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.792521] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.792951] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.793303] ^ [ 15.793481] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.793954] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.794324] ================================================================== [ 15.430637] ================================================================== [ 15.431105] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.431703] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.432009] [ 15.432109] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.432154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.432167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.432189] Call Trace: [ 15.432204] <TASK> [ 15.432220] dump_stack_lvl+0x73/0xb0 [ 15.432248] print_report+0xd1/0x610 [ 15.432270] ? __virt_addr_valid+0x1db/0x2d0 [ 15.432293] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.432315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.432339] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.432361] kasan_report+0x141/0x180 [ 15.432384] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.432411] kasan_check_range+0x10c/0x1c0 [ 15.432447] __kasan_check_write+0x18/0x20 [ 15.432468] kasan_atomics_helper+0x18b1/0x5450 [ 15.432492] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.432514] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.432539] ? kasan_atomics+0x152/0x310 [ 15.432567] kasan_atomics+0x1dc/0x310 [ 15.432591] ? __pfx_kasan_atomics+0x10/0x10 [ 15.432615] ? __pfx_read_tsc+0x10/0x10 [ 15.432636] ? ktime_get_ts64+0x86/0x230 [ 15.432662] kunit_try_run_case+0x1a5/0x480 [ 15.432687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.432710] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.432734] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.432759] ? __kthread_parkme+0x82/0x180 [ 15.432779] ? preempt_count_sub+0x50/0x80 [ 15.433037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.433067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.433183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.433211] kthread+0x337/0x6f0 [ 15.433231] ? trace_preempt_on+0x20/0xc0 [ 15.433254] ? __pfx_kthread+0x10/0x10 [ 15.433276] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.433297] ? calculate_sigpending+0x7b/0xa0 [ 15.433322] ? __pfx_kthread+0x10/0x10 [ 15.433344] ret_from_fork+0x116/0x1d0 [ 15.433363] ? __pfx_kthread+0x10/0x10 [ 15.433383] ret_from_fork_asm+0x1a/0x30 [ 15.433416] </TASK> [ 15.433427] [ 15.443311] Allocated by task 283: [ 15.443493] kasan_save_stack+0x45/0x70 [ 15.443846] kasan_save_track+0x18/0x40 [ 15.444016] kasan_save_alloc_info+0x3b/0x50 [ 15.444330] __kasan_kmalloc+0xb7/0xc0 [ 15.444503] __kmalloc_cache_noprof+0x189/0x420 [ 15.444865] kasan_atomics+0x95/0x310 [ 15.445046] kunit_try_run_case+0x1a5/0x480 [ 15.445237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.445494] kthread+0x337/0x6f0 [ 15.445875] ret_from_fork+0x116/0x1d0 [ 15.446051] ret_from_fork_asm+0x1a/0x30 [ 15.446298] [ 15.446461] The buggy address belongs to the object at ffff8881026f3680 [ 15.446461] which belongs to the cache kmalloc-64 of size 64 [ 15.447008] The buggy address is located 0 bytes to the right of [ 15.447008] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.447727] [ 15.447813] The buggy address belongs to the physical page: [ 15.448033] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.448372] flags: 0x200000000000000(node=0|zone=2) [ 15.448595] page_type: f5(slab) [ 15.449030] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.449432] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.449888] page dumped because: kasan: bad access detected [ 15.450208] [ 15.450304] Memory state around the buggy address: [ 15.450654] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.451036] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.451391] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.451779] ^ [ 15.452057] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.452318] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.452845] ================================================================== [ 15.508702] ================================================================== [ 15.509405] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.509757] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.510081] [ 15.510190] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.510233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.510246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.510268] Call Trace: [ 15.510284] <TASK> [ 15.510301] dump_stack_lvl+0x73/0xb0 [ 15.510328] print_report+0xd1/0x610 [ 15.510349] ? __virt_addr_valid+0x1db/0x2d0 [ 15.510372] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.510393] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.510416] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.510447] kasan_report+0x141/0x180 [ 15.510470] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.510496] kasan_check_range+0x10c/0x1c0 [ 15.510520] __kasan_check_write+0x18/0x20 [ 15.510539] kasan_atomics_helper+0x1b22/0x5450 [ 15.510562] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.510585] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.510610] ? kasan_atomics+0x152/0x310 [ 15.510636] kasan_atomics+0x1dc/0x310 [ 15.510658] ? __pfx_kasan_atomics+0x10/0x10 [ 15.510682] ? __pfx_read_tsc+0x10/0x10 [ 15.510702] ? ktime_get_ts64+0x86/0x230 [ 15.510728] kunit_try_run_case+0x1a5/0x480 [ 15.510751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.510774] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.510798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.510821] ? __kthread_parkme+0x82/0x180 [ 15.510840] ? preempt_count_sub+0x50/0x80 [ 15.510865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.510888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.510911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.510935] kthread+0x337/0x6f0 [ 15.510953] ? trace_preempt_on+0x20/0xc0 [ 15.510976] ? __pfx_kthread+0x10/0x10 [ 15.510997] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.511018] ? calculate_sigpending+0x7b/0xa0 [ 15.511042] ? __pfx_kthread+0x10/0x10 [ 15.511063] ret_from_fork+0x116/0x1d0 [ 15.511081] ? __pfx_kthread+0x10/0x10 [ 15.511101] ret_from_fork_asm+0x1a/0x30 [ 15.511134] </TASK> [ 15.511157] [ 15.519728] Allocated by task 283: [ 15.519935] kasan_save_stack+0x45/0x70 [ 15.520172] kasan_save_track+0x18/0x40 [ 15.520390] kasan_save_alloc_info+0x3b/0x50 [ 15.520619] __kasan_kmalloc+0xb7/0xc0 [ 15.520828] __kmalloc_cache_noprof+0x189/0x420 [ 15.520982] kasan_atomics+0x95/0x310 [ 15.521112] kunit_try_run_case+0x1a5/0x480 [ 15.521257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.521428] kthread+0x337/0x6f0 [ 15.521657] ret_from_fork+0x116/0x1d0 [ 15.521867] ret_from_fork_asm+0x1a/0x30 [ 15.522093] [ 15.522205] The buggy address belongs to the object at ffff8881026f3680 [ 15.522205] which belongs to the cache kmalloc-64 of size 64 [ 15.522796] The buggy address is located 0 bytes to the right of [ 15.522796] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.523422] [ 15.523529] The buggy address belongs to the physical page: [ 15.524085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.524429] flags: 0x200000000000000(node=0|zone=2) [ 15.525184] page_type: f5(slab) [ 15.525345] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.526497] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.528633] page dumped because: kasan: bad access detected [ 15.529123] [ 15.529208] Memory state around the buggy address: [ 15.529370] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.530000] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.530740] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.531433] ^ [ 15.531956] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532404] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532949] ================================================================== [ 14.523972] ================================================================== [ 14.524725] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.524967] Read of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.525196] [ 14.525282] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.525324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.525336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.525357] Call Trace: [ 14.525368] <TASK> [ 14.525384] dump_stack_lvl+0x73/0xb0 [ 14.525428] print_report+0xd1/0x610 [ 14.525461] ? __virt_addr_valid+0x1db/0x2d0 [ 14.525484] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.525504] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.525527] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.525548] kasan_report+0x141/0x180 [ 14.525570] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.525596] __asan_report_load4_noabort+0x18/0x20 [ 14.525620] kasan_atomics_helper+0x4b88/0x5450 [ 14.525643] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.525665] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.525689] ? kasan_atomics+0x152/0x310 [ 14.525716] kasan_atomics+0x1dc/0x310 [ 14.525738] ? __pfx_kasan_atomics+0x10/0x10 [ 14.525761] ? __pfx_read_tsc+0x10/0x10 [ 14.525781] ? ktime_get_ts64+0x86/0x230 [ 14.525806] kunit_try_run_case+0x1a5/0x480 [ 14.525874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.525898] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.525923] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.525946] ? __kthread_parkme+0x82/0x180 [ 14.525967] ? preempt_count_sub+0x50/0x80 [ 14.525990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.526014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.526040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.526064] kthread+0x337/0x6f0 [ 14.526082] ? trace_preempt_on+0x20/0xc0 [ 14.526106] ? __pfx_kthread+0x10/0x10 [ 14.526126] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.526148] ? calculate_sigpending+0x7b/0xa0 [ 14.526172] ? __pfx_kthread+0x10/0x10 [ 14.526193] ret_from_fork+0x116/0x1d0 [ 14.526211] ? __pfx_kthread+0x10/0x10 [ 14.526231] ret_from_fork_asm+0x1a/0x30 [ 14.526264] </TASK> [ 14.526274] [ 14.540755] Allocated by task 283: [ 14.541000] kasan_save_stack+0x45/0x70 [ 14.541153] kasan_save_track+0x18/0x40 [ 14.541288] kasan_save_alloc_info+0x3b/0x50 [ 14.541528] __kasan_kmalloc+0xb7/0xc0 [ 14.541873] __kmalloc_cache_noprof+0x189/0x420 [ 14.542376] kasan_atomics+0x95/0x310 [ 14.542838] kunit_try_run_case+0x1a5/0x480 [ 14.543264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.543765] kthread+0x337/0x6f0 [ 14.544160] ret_from_fork+0x116/0x1d0 [ 14.544552] ret_from_fork_asm+0x1a/0x30 [ 14.545106] [ 14.545211] The buggy address belongs to the object at ffff8881026f3680 [ 14.545211] which belongs to the cache kmalloc-64 of size 64 [ 14.546188] The buggy address is located 0 bytes to the right of [ 14.546188] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.547554] [ 14.547750] The buggy address belongs to the physical page: [ 14.548246] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.548850] flags: 0x200000000000000(node=0|zone=2) [ 14.549132] page_type: f5(slab) [ 14.549257] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.549780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.550597] page dumped because: kasan: bad access detected [ 14.551294] [ 14.551755] Memory state around the buggy address: [ 14.552507] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.552754] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.552975] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.553199] ^ [ 14.553358] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.554256] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.555123] ================================================================== [ 14.658865] ================================================================== [ 14.659260] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.659854] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.660274] [ 14.660372] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.660414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.660427] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.660458] Call Trace: [ 14.660473] <TASK> [ 14.660488] dump_stack_lvl+0x73/0xb0 [ 14.660516] print_report+0xd1/0x610 [ 14.660538] ? __virt_addr_valid+0x1db/0x2d0 [ 14.660562] ? kasan_atomics_helper+0x565/0x5450 [ 14.660583] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.660607] ? kasan_atomics_helper+0x565/0x5450 [ 14.660629] kasan_report+0x141/0x180 [ 14.660654] ? kasan_atomics_helper+0x565/0x5450 [ 14.660692] kasan_check_range+0x10c/0x1c0 [ 14.660717] __kasan_check_write+0x18/0x20 [ 14.660737] kasan_atomics_helper+0x565/0x5450 [ 14.660760] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.660784] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.660810] ? kasan_atomics+0x152/0x310 [ 14.660837] kasan_atomics+0x1dc/0x310 [ 14.660860] ? __pfx_kasan_atomics+0x10/0x10 [ 14.660886] ? __pfx_read_tsc+0x10/0x10 [ 14.660907] ? ktime_get_ts64+0x86/0x230 [ 14.660932] kunit_try_run_case+0x1a5/0x480 [ 14.660958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.660981] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.661007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.661030] ? __kthread_parkme+0x82/0x180 [ 14.661050] ? preempt_count_sub+0x50/0x80 [ 14.661075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.661099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.661125] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.661155] kthread+0x337/0x6f0 [ 14.661175] ? trace_preempt_on+0x20/0xc0 [ 14.661199] ? __pfx_kthread+0x10/0x10 [ 14.661220] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.661242] ? calculate_sigpending+0x7b/0xa0 [ 14.661266] ? __pfx_kthread+0x10/0x10 [ 14.661288] ret_from_fork+0x116/0x1d0 [ 14.661307] ? __pfx_kthread+0x10/0x10 [ 14.661328] ret_from_fork_asm+0x1a/0x30 [ 14.661361] </TASK> [ 14.661371] [ 14.668736] Allocated by task 283: [ 14.668922] kasan_save_stack+0x45/0x70 [ 14.669123] kasan_save_track+0x18/0x40 [ 14.669324] kasan_save_alloc_info+0x3b/0x50 [ 14.669547] __kasan_kmalloc+0xb7/0xc0 [ 14.669787] __kmalloc_cache_noprof+0x189/0x420 [ 14.670014] kasan_atomics+0x95/0x310 [ 14.670215] kunit_try_run_case+0x1a5/0x480 [ 14.670410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.670753] kthread+0x337/0x6f0 [ 14.670916] ret_from_fork+0x116/0x1d0 [ 14.671066] ret_from_fork_asm+0x1a/0x30 [ 14.671207] [ 14.671277] The buggy address belongs to the object at ffff8881026f3680 [ 14.671277] which belongs to the cache kmalloc-64 of size 64 [ 14.671969] The buggy address is located 0 bytes to the right of [ 14.671969] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.672406] [ 14.672488] The buggy address belongs to the physical page: [ 14.672662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.672903] flags: 0x200000000000000(node=0|zone=2) [ 14.673066] page_type: f5(slab) [ 14.673189] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.673474] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.673848] page dumped because: kasan: bad access detected [ 14.674097] [ 14.674188] Memory state around the buggy address: [ 14.674407] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.674739] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.675062] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.675510] ^ [ 14.675745] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.675965] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.676180] ================================================================== [ 15.334621] ================================================================== [ 15.334982] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.335322] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.335834] [ 15.338499] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.338547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.338559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.338581] Call Trace: [ 15.338596] <TASK> [ 15.338611] dump_stack_lvl+0x73/0xb0 [ 15.338670] print_report+0xd1/0x610 [ 15.338692] ? __virt_addr_valid+0x1db/0x2d0 [ 15.338714] ? kasan_atomics_helper+0x164f/0x5450 [ 15.338755] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.338778] ? kasan_atomics_helper+0x164f/0x5450 [ 15.338802] kasan_report+0x141/0x180 [ 15.338839] ? kasan_atomics_helper+0x164f/0x5450 [ 15.338867] kasan_check_range+0x10c/0x1c0 [ 15.338906] __kasan_check_write+0x18/0x20 [ 15.338925] kasan_atomics_helper+0x164f/0x5450 [ 15.338949] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.338986] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.339025] ? kasan_atomics+0x152/0x310 [ 15.339053] kasan_atomics+0x1dc/0x310 [ 15.339076] ? __pfx_kasan_atomics+0x10/0x10 [ 15.339102] ? __pfx_read_tsc+0x10/0x10 [ 15.339124] ? ktime_get_ts64+0x86/0x230 [ 15.339149] kunit_try_run_case+0x1a5/0x480 [ 15.339174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.339197] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.339223] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.339248] ? __kthread_parkme+0x82/0x180 [ 15.339268] ? preempt_count_sub+0x50/0x80 [ 15.339293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.339317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.339342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.339367] kthread+0x337/0x6f0 [ 15.339388] ? trace_preempt_on+0x20/0xc0 [ 15.339411] ? __pfx_kthread+0x10/0x10 [ 15.339433] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.339465] ? calculate_sigpending+0x7b/0xa0 [ 15.339490] ? __pfx_kthread+0x10/0x10 [ 15.339512] ret_from_fork+0x116/0x1d0 [ 15.339531] ? __pfx_kthread+0x10/0x10 [ 15.339563] ret_from_fork_asm+0x1a/0x30 [ 15.339596] </TASK> [ 15.339607] [ 15.349554] Allocated by task 283: [ 15.349950] kasan_save_stack+0x45/0x70 [ 15.350123] kasan_save_track+0x18/0x40 [ 15.350458] kasan_save_alloc_info+0x3b/0x50 [ 15.350752] __kasan_kmalloc+0xb7/0xc0 [ 15.351073] __kmalloc_cache_noprof+0x189/0x420 [ 15.351278] kasan_atomics+0x95/0x310 [ 15.351421] kunit_try_run_case+0x1a5/0x480 [ 15.351724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.351957] kthread+0x337/0x6f0 [ 15.352125] ret_from_fork+0x116/0x1d0 [ 15.352316] ret_from_fork_asm+0x1a/0x30 [ 15.352515] [ 15.352988] The buggy address belongs to the object at ffff8881026f3680 [ 15.352988] which belongs to the cache kmalloc-64 of size 64 [ 15.353570] The buggy address is located 0 bytes to the right of [ 15.353570] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.354247] [ 15.354351] The buggy address belongs to the physical page: [ 15.354698] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.355115] flags: 0x200000000000000(node=0|zone=2) [ 15.355481] page_type: f5(slab) [ 15.355818] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.356203] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.356657] page dumped because: kasan: bad access detected [ 15.356988] [ 15.357062] Memory state around the buggy address: [ 15.357319] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.357835] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.358155] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.358645] ^ [ 15.358962] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.359340] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.359767] ================================================================== [ 15.676338] ================================================================== [ 15.676696] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 15.677458] Read of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.677735] [ 15.677820] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.677863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.677875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.677898] Call Trace: [ 15.677914] <TASK> [ 15.677930] dump_stack_lvl+0x73/0xb0 [ 15.677957] print_report+0xd1/0x610 [ 15.677979] ? __virt_addr_valid+0x1db/0x2d0 [ 15.678002] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.678024] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.678048] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.678072] kasan_report+0x141/0x180 [ 15.678095] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.678124] __asan_report_load8_noabort+0x18/0x20 [ 15.678149] kasan_atomics_helper+0x4f71/0x5450 [ 15.678221] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.678244] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.678269] ? kasan_atomics+0x152/0x310 [ 15.678297] kasan_atomics+0x1dc/0x310 [ 15.678320] ? __pfx_kasan_atomics+0x10/0x10 [ 15.678346] ? __pfx_read_tsc+0x10/0x10 [ 15.678368] ? ktime_get_ts64+0x86/0x230 [ 15.678393] kunit_try_run_case+0x1a5/0x480 [ 15.678418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.678452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.678477] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.678502] ? __kthread_parkme+0x82/0x180 [ 15.678523] ? preempt_count_sub+0x50/0x80 [ 15.678582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.678608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.678633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.678659] kthread+0x337/0x6f0 [ 15.678678] ? trace_preempt_on+0x20/0xc0 [ 15.678702] ? __pfx_kthread+0x10/0x10 [ 15.678723] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.678746] ? calculate_sigpending+0x7b/0xa0 [ 15.678771] ? __pfx_kthread+0x10/0x10 [ 15.678794] ret_from_fork+0x116/0x1d0 [ 15.678845] ? __pfx_kthread+0x10/0x10 [ 15.678866] ret_from_fork_asm+0x1a/0x30 [ 15.678900] </TASK> [ 15.678910] [ 15.686664] Allocated by task 283: [ 15.686904] kasan_save_stack+0x45/0x70 [ 15.687208] kasan_save_track+0x18/0x40 [ 15.687466] kasan_save_alloc_info+0x3b/0x50 [ 15.687741] __kasan_kmalloc+0xb7/0xc0 [ 15.687934] __kmalloc_cache_noprof+0x189/0x420 [ 15.688152] kasan_atomics+0x95/0x310 [ 15.688286] kunit_try_run_case+0x1a5/0x480 [ 15.688493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.688795] kthread+0x337/0x6f0 [ 15.689000] ret_from_fork+0x116/0x1d0 [ 15.689195] ret_from_fork_asm+0x1a/0x30 [ 15.689416] [ 15.689523] The buggy address belongs to the object at ffff8881026f3680 [ 15.689523] which belongs to the cache kmalloc-64 of size 64 [ 15.690053] The buggy address is located 0 bytes to the right of [ 15.690053] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.690638] [ 15.690753] The buggy address belongs to the physical page: [ 15.691023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.691389] flags: 0x200000000000000(node=0|zone=2) [ 15.691636] page_type: f5(slab) [ 15.691812] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.692189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.692550] page dumped because: kasan: bad access detected [ 15.692800] [ 15.692893] Memory state around the buggy address: [ 15.693119] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.693460] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.693764] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.694065] ^ [ 15.694308] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.694650] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.694984] ================================================================== [ 15.214728] ================================================================== [ 15.215078] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.215661] Read of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.216007] [ 15.216115] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.216157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.216170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.216191] Call Trace: [ 15.216206] <TASK> [ 15.216220] dump_stack_lvl+0x73/0xb0 [ 15.216249] print_report+0xd1/0x610 [ 15.216271] ? __virt_addr_valid+0x1db/0x2d0 [ 15.216293] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.216315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.216338] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.216362] kasan_report+0x141/0x180 [ 15.216384] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.216422] kasan_check_range+0x10c/0x1c0 [ 15.216459] __kasan_check_read+0x15/0x20 [ 15.216480] kasan_atomics_helper+0x13b5/0x5450 [ 15.216503] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.216526] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.216559] ? kasan_atomics+0x152/0x310 [ 15.216587] kasan_atomics+0x1dc/0x310 [ 15.216610] ? __pfx_kasan_atomics+0x10/0x10 [ 15.216635] ? __pfx_read_tsc+0x10/0x10 [ 15.216656] ? ktime_get_ts64+0x86/0x230 [ 15.216681] kunit_try_run_case+0x1a5/0x480 [ 15.216706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.216730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.216754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.216778] ? __kthread_parkme+0x82/0x180 [ 15.216799] ? preempt_count_sub+0x50/0x80 [ 15.216824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.216848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.216874] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.216899] kthread+0x337/0x6f0 [ 15.216918] ? trace_preempt_on+0x20/0xc0 [ 15.216941] ? __pfx_kthread+0x10/0x10 [ 15.216963] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.216985] ? calculate_sigpending+0x7b/0xa0 [ 15.217010] ? __pfx_kthread+0x10/0x10 [ 15.217033] ret_from_fork+0x116/0x1d0 [ 15.217052] ? __pfx_kthread+0x10/0x10 [ 15.217074] ret_from_fork_asm+0x1a/0x30 [ 15.217107] </TASK> [ 15.217117] [ 15.224300] Allocated by task 283: [ 15.224430] kasan_save_stack+0x45/0x70 [ 15.224680] kasan_save_track+0x18/0x40 [ 15.224874] kasan_save_alloc_info+0x3b/0x50 [ 15.225086] __kasan_kmalloc+0xb7/0xc0 [ 15.225277] __kmalloc_cache_noprof+0x189/0x420 [ 15.225513] kasan_atomics+0x95/0x310 [ 15.225703] kunit_try_run_case+0x1a5/0x480 [ 15.225916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.226172] kthread+0x337/0x6f0 [ 15.226322] ret_from_fork+0x116/0x1d0 [ 15.226503] ret_from_fork_asm+0x1a/0x30 [ 15.226679] [ 15.226752] The buggy address belongs to the object at ffff8881026f3680 [ 15.226752] which belongs to the cache kmalloc-64 of size 64 [ 15.227108] The buggy address is located 0 bytes to the right of [ 15.227108] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.227485] [ 15.227588] The buggy address belongs to the physical page: [ 15.227839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.228185] flags: 0x200000000000000(node=0|zone=2) [ 15.228424] page_type: f5(slab) [ 15.228657] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.228916] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.229151] page dumped because: kasan: bad access detected [ 15.229326] [ 15.229396] Memory state around the buggy address: [ 15.229622] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.229947] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.230265] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.230651] ^ [ 15.230875] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.231204] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.231528] ================================================================== [ 15.071293] ================================================================== [ 15.071860] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.072157] Read of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.072474] [ 15.072596] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.072638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.072650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.072670] Call Trace: [ 15.072685] <TASK> [ 15.072700] dump_stack_lvl+0x73/0xb0 [ 15.072726] print_report+0xd1/0x610 [ 15.072748] ? __virt_addr_valid+0x1db/0x2d0 [ 15.072772] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.072794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.072817] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.072839] kasan_report+0x141/0x180 [ 15.072862] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.072891] __asan_report_load4_noabort+0x18/0x20 [ 15.072915] kasan_atomics_helper+0x4a1c/0x5450 [ 15.072966] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.072989] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.073014] ? kasan_atomics+0x152/0x310 [ 15.073064] kasan_atomics+0x1dc/0x310 [ 15.073087] ? __pfx_kasan_atomics+0x10/0x10 [ 15.073113] ? __pfx_read_tsc+0x10/0x10 [ 15.073139] ? ktime_get_ts64+0x86/0x230 [ 15.073164] kunit_try_run_case+0x1a5/0x480 [ 15.073190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.073213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.073238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.073280] ? __kthread_parkme+0x82/0x180 [ 15.073301] ? preempt_count_sub+0x50/0x80 [ 15.073326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.073350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.073376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.073402] kthread+0x337/0x6f0 [ 15.073422] ? trace_preempt_on+0x20/0xc0 [ 15.073455] ? __pfx_kthread+0x10/0x10 [ 15.073477] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.073498] ? calculate_sigpending+0x7b/0xa0 [ 15.073523] ? __pfx_kthread+0x10/0x10 [ 15.073557] ret_from_fork+0x116/0x1d0 [ 15.073577] ? __pfx_kthread+0x10/0x10 [ 15.073598] ret_from_fork_asm+0x1a/0x30 [ 15.073651] </TASK> [ 15.073660] [ 15.083884] Allocated by task 283: [ 15.084200] kasan_save_stack+0x45/0x70 [ 15.084493] kasan_save_track+0x18/0x40 [ 15.084650] kasan_save_alloc_info+0x3b/0x50 [ 15.085006] __kasan_kmalloc+0xb7/0xc0 [ 15.085199] __kmalloc_cache_noprof+0x189/0x420 [ 15.085415] kasan_atomics+0x95/0x310 [ 15.085790] kunit_try_run_case+0x1a5/0x480 [ 15.086091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.086433] kthread+0x337/0x6f0 [ 15.086632] ret_from_fork+0x116/0x1d0 [ 15.086886] ret_from_fork_asm+0x1a/0x30 [ 15.087074] [ 15.087164] The buggy address belongs to the object at ffff8881026f3680 [ 15.087164] which belongs to the cache kmalloc-64 of size 64 [ 15.087928] The buggy address is located 0 bytes to the right of [ 15.087928] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.088584] [ 15.088686] The buggy address belongs to the physical page: [ 15.088992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.089425] flags: 0x200000000000000(node=0|zone=2) [ 15.089775] page_type: f5(slab) [ 15.089950] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.090420] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.090847] page dumped because: kasan: bad access detected [ 15.091184] [ 15.091260] Memory state around the buggy address: [ 15.091710] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.092014] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.092314] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.092853] ^ [ 15.093172] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.093616] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.093975] ================================================================== [ 15.453630] ================================================================== [ 15.453958] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.454345] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.454888] [ 15.454984] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.455029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.455041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.455063] Call Trace: [ 15.455078] <TASK> [ 15.455095] dump_stack_lvl+0x73/0xb0 [ 15.455124] print_report+0xd1/0x610 [ 15.455145] ? __virt_addr_valid+0x1db/0x2d0 [ 15.455169] ? kasan_atomics_helper+0x194a/0x5450 [ 15.455190] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.455216] ? kasan_atomics_helper+0x194a/0x5450 [ 15.455239] kasan_report+0x141/0x180 [ 15.455262] ? kasan_atomics_helper+0x194a/0x5450 [ 15.455289] kasan_check_range+0x10c/0x1c0 [ 15.455314] __kasan_check_write+0x18/0x20 [ 15.455333] kasan_atomics_helper+0x194a/0x5450 [ 15.455361] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.455384] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.455410] ? kasan_atomics+0x152/0x310 [ 15.455447] kasan_atomics+0x1dc/0x310 [ 15.455471] ? __pfx_kasan_atomics+0x10/0x10 [ 15.455496] ? __pfx_read_tsc+0x10/0x10 [ 15.455518] ? ktime_get_ts64+0x86/0x230 [ 15.455555] kunit_try_run_case+0x1a5/0x480 [ 15.455580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.455602] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.455627] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.455651] ? __kthread_parkme+0x82/0x180 [ 15.455672] ? preempt_count_sub+0x50/0x80 [ 15.455697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.455722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.455746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.455770] kthread+0x337/0x6f0 [ 15.455790] ? trace_preempt_on+0x20/0xc0 [ 15.455813] ? __pfx_kthread+0x10/0x10 [ 15.455834] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.455856] ? calculate_sigpending+0x7b/0xa0 [ 15.455881] ? __pfx_kthread+0x10/0x10 [ 15.455902] ret_from_fork+0x116/0x1d0 [ 15.455921] ? __pfx_kthread+0x10/0x10 [ 15.455942] ret_from_fork_asm+0x1a/0x30 [ 15.455975] </TASK> [ 15.455985] [ 15.463185] Allocated by task 283: [ 15.463323] kasan_save_stack+0x45/0x70 [ 15.463483] kasan_save_track+0x18/0x40 [ 15.463627] kasan_save_alloc_info+0x3b/0x50 [ 15.464035] __kasan_kmalloc+0xb7/0xc0 [ 15.464226] __kmalloc_cache_noprof+0x189/0x420 [ 15.464474] kasan_atomics+0x95/0x310 [ 15.464681] kunit_try_run_case+0x1a5/0x480 [ 15.464915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.465141] kthread+0x337/0x6f0 [ 15.465311] ret_from_fork+0x116/0x1d0 [ 15.465503] ret_from_fork_asm+0x1a/0x30 [ 15.465698] [ 15.465792] The buggy address belongs to the object at ffff8881026f3680 [ 15.465792] which belongs to the cache kmalloc-64 of size 64 [ 15.466273] The buggy address is located 0 bytes to the right of [ 15.466273] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.466807] [ 15.466905] The buggy address belongs to the physical page: [ 15.467134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.467464] flags: 0x200000000000000(node=0|zone=2) [ 15.467713] page_type: f5(slab) [ 15.467904] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.468220] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.468509] page dumped because: kasan: bad access detected [ 15.468762] [ 15.468864] Memory state around the buggy address: [ 15.469061] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.469357] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.469579] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.469787] ^ [ 15.469954] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.470266] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.470784] ================================================================== [ 15.736577] ================================================================== [ 15.736891] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 15.737186] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.737509] [ 15.737638] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.737683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.737695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.737716] Call Trace: [ 15.737733] <TASK> [ 15.737750] dump_stack_lvl+0x73/0xb0 [ 15.737778] print_report+0xd1/0x610 [ 15.737801] ? __virt_addr_valid+0x1db/0x2d0 [ 15.737825] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.737847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.737871] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.737893] kasan_report+0x141/0x180 [ 15.737915] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.737943] kasan_check_range+0x10c/0x1c0 [ 15.737968] __kasan_check_write+0x18/0x20 [ 15.737988] kasan_atomics_helper+0x20c8/0x5450 [ 15.738012] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.738035] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.738060] ? kasan_atomics+0x152/0x310 [ 15.738087] kasan_atomics+0x1dc/0x310 [ 15.738110] ? __pfx_kasan_atomics+0x10/0x10 [ 15.738135] ? __pfx_read_tsc+0x10/0x10 [ 15.738157] ? ktime_get_ts64+0x86/0x230 [ 15.738182] kunit_try_run_case+0x1a5/0x480 [ 15.738209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.738233] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.738258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.738282] ? __kthread_parkme+0x82/0x180 [ 15.738303] ? preempt_count_sub+0x50/0x80 [ 15.738329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.738353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.738378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.738402] kthread+0x337/0x6f0 [ 15.738422] ? trace_preempt_on+0x20/0xc0 [ 15.738456] ? __pfx_kthread+0x10/0x10 [ 15.738476] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.738498] ? calculate_sigpending+0x7b/0xa0 [ 15.738542] ? __pfx_kthread+0x10/0x10 [ 15.738565] ret_from_fork+0x116/0x1d0 [ 15.738584] ? __pfx_kthread+0x10/0x10 [ 15.738605] ret_from_fork_asm+0x1a/0x30 [ 15.738639] </TASK> [ 15.738650] [ 15.745822] Allocated by task 283: [ 15.745954] kasan_save_stack+0x45/0x70 [ 15.746153] kasan_save_track+0x18/0x40 [ 15.746344] kasan_save_alloc_info+0x3b/0x50 [ 15.746572] __kasan_kmalloc+0xb7/0xc0 [ 15.746708] __kmalloc_cache_noprof+0x189/0x420 [ 15.746930] kasan_atomics+0x95/0x310 [ 15.747118] kunit_try_run_case+0x1a5/0x480 [ 15.747327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.747585] kthread+0x337/0x6f0 [ 15.747751] ret_from_fork+0x116/0x1d0 [ 15.747898] ret_from_fork_asm+0x1a/0x30 [ 15.748101] [ 15.748196] The buggy address belongs to the object at ffff8881026f3680 [ 15.748196] which belongs to the cache kmalloc-64 of size 64 [ 15.748665] The buggy address is located 0 bytes to the right of [ 15.748665] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.749036] [ 15.749109] The buggy address belongs to the physical page: [ 15.749290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.749612] flags: 0x200000000000000(node=0|zone=2) [ 15.749847] page_type: f5(slab) [ 15.750017] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.750355] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.750682] page dumped because: kasan: bad access detected [ 15.750857] [ 15.750926] Memory state around the buggy address: [ 15.751085] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.751404] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.751747] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.752069] ^ [ 15.752278] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.752614] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.752913] ================================================================== [ 14.902648] ================================================================== [ 14.903105] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 14.903770] Read of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.904069] [ 14.904174] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.904217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.904230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.904250] Call Trace: [ 14.904266] <TASK> [ 14.904281] dump_stack_lvl+0x73/0xb0 [ 14.904310] print_report+0xd1/0x610 [ 14.904333] ? __virt_addr_valid+0x1db/0x2d0 [ 14.904358] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.904380] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.904404] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.904427] kasan_report+0x141/0x180 [ 14.904463] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.904491] __asan_report_load4_noabort+0x18/0x20 [ 14.904517] kasan_atomics_helper+0x4a84/0x5450 [ 14.904555] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.904578] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.904605] ? kasan_atomics+0x152/0x310 [ 14.904632] kasan_atomics+0x1dc/0x310 [ 14.904655] ? __pfx_kasan_atomics+0x10/0x10 [ 14.904680] ? __pfx_read_tsc+0x10/0x10 [ 14.904700] ? ktime_get_ts64+0x86/0x230 [ 14.904725] kunit_try_run_case+0x1a5/0x480 [ 14.904751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.904773] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.904798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.904823] ? __kthread_parkme+0x82/0x180 [ 14.904844] ? preempt_count_sub+0x50/0x80 [ 14.904869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.904893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.904918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.904943] kthread+0x337/0x6f0 [ 14.904963] ? trace_preempt_on+0x20/0xc0 [ 14.904987] ? __pfx_kthread+0x10/0x10 [ 14.905009] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.905030] ? calculate_sigpending+0x7b/0xa0 [ 14.905055] ? __pfx_kthread+0x10/0x10 [ 14.905077] ret_from_fork+0x116/0x1d0 [ 14.905096] ? __pfx_kthread+0x10/0x10 [ 14.905117] ret_from_fork_asm+0x1a/0x30 [ 14.905156] </TASK> [ 14.905166] [ 14.912356] Allocated by task 283: [ 14.912530] kasan_save_stack+0x45/0x70 [ 14.912700] kasan_save_track+0x18/0x40 [ 14.912895] kasan_save_alloc_info+0x3b/0x50 [ 14.913059] __kasan_kmalloc+0xb7/0xc0 [ 14.913250] __kmalloc_cache_noprof+0x189/0x420 [ 14.913452] kasan_atomics+0x95/0x310 [ 14.913675] kunit_try_run_case+0x1a5/0x480 [ 14.913876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.914115] kthread+0x337/0x6f0 [ 14.914294] ret_from_fork+0x116/0x1d0 [ 14.914482] ret_from_fork_asm+0x1a/0x30 [ 14.914682] [ 14.914786] The buggy address belongs to the object at ffff8881026f3680 [ 14.914786] which belongs to the cache kmalloc-64 of size 64 [ 14.915208] The buggy address is located 0 bytes to the right of [ 14.915208] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.915891] [ 14.915965] The buggy address belongs to the physical page: [ 14.916415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.916665] flags: 0x200000000000000(node=0|zone=2) [ 14.916828] page_type: f5(slab) [ 14.916947] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.917183] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.917524] page dumped because: kasan: bad access detected [ 14.917786] [ 14.917878] Memory state around the buggy address: [ 14.918100] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.918414] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.918857] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.919149] ^ [ 14.919348] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.919657] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.919873] ================================================================== [ 14.694631] ================================================================== [ 14.695021] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 14.695334] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.695712] [ 14.695796] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.695838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.695851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.695871] Call Trace: [ 14.695883] <TASK> [ 14.695898] dump_stack_lvl+0x73/0xb0 [ 14.695925] print_report+0xd1/0x610 [ 14.695947] ? __virt_addr_valid+0x1db/0x2d0 [ 14.695970] ? kasan_atomics_helper+0x697/0x5450 [ 14.695992] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.696017] ? kasan_atomics_helper+0x697/0x5450 [ 14.696039] kasan_report+0x141/0x180 [ 14.696062] ? kasan_atomics_helper+0x697/0x5450 [ 14.696090] kasan_check_range+0x10c/0x1c0 [ 14.696115] __kasan_check_write+0x18/0x20 [ 14.696134] kasan_atomics_helper+0x697/0x5450 [ 14.696159] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.696182] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.696207] ? kasan_atomics+0x152/0x310 [ 14.696235] kasan_atomics+0x1dc/0x310 [ 14.696258] ? __pfx_kasan_atomics+0x10/0x10 [ 14.696284] ? __pfx_read_tsc+0x10/0x10 [ 14.696304] ? ktime_get_ts64+0x86/0x230 [ 14.696329] kunit_try_run_case+0x1a5/0x480 [ 14.696353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.696376] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.696400] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.696425] ? __kthread_parkme+0x82/0x180 [ 14.696457] ? preempt_count_sub+0x50/0x80 [ 14.696481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.696505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.696531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.696565] kthread+0x337/0x6f0 [ 14.696584] ? trace_preempt_on+0x20/0xc0 [ 14.696608] ? __pfx_kthread+0x10/0x10 [ 14.696628] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.696651] ? calculate_sigpending+0x7b/0xa0 [ 14.696675] ? __pfx_kthread+0x10/0x10 [ 14.696696] ret_from_fork+0x116/0x1d0 [ 14.696715] ? __pfx_kthread+0x10/0x10 [ 14.696736] ret_from_fork_asm+0x1a/0x30 [ 14.696770] </TASK> [ 14.696780] [ 14.704950] Allocated by task 283: [ 14.705137] kasan_save_stack+0x45/0x70 [ 14.705303] kasan_save_track+0x18/0x40 [ 14.705493] kasan_save_alloc_info+0x3b/0x50 [ 14.705679] __kasan_kmalloc+0xb7/0xc0 [ 14.705814] __kmalloc_cache_noprof+0x189/0x420 [ 14.705970] kasan_atomics+0x95/0x310 [ 14.706103] kunit_try_run_case+0x1a5/0x480 [ 14.706250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.706429] kthread+0x337/0x6f0 [ 14.706611] ret_from_fork+0x116/0x1d0 [ 14.706802] ret_from_fork_asm+0x1a/0x30 [ 14.707171] [ 14.707269] The buggy address belongs to the object at ffff8881026f3680 [ 14.707269] which belongs to the cache kmalloc-64 of size 64 [ 14.707983] The buggy address is located 0 bytes to the right of [ 14.707983] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.708482] [ 14.708594] The buggy address belongs to the physical page: [ 14.708775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.709019] flags: 0x200000000000000(node=0|zone=2) [ 14.709257] page_type: f5(slab) [ 14.709421] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.710106] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.710343] page dumped because: kasan: bad access detected [ 14.710595] [ 14.710690] Memory state around the buggy address: [ 14.710922] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.711207] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.711425] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.711963] ^ [ 14.712190] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.712517] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.712749] ================================================================== [ 15.023885] ================================================================== [ 15.024227] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.024627] Read of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.024954] [ 15.025254] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.025301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.025555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.025578] Call Trace: [ 15.025591] <TASK> [ 15.025605] dump_stack_lvl+0x73/0xb0 [ 15.025650] print_report+0xd1/0x610 [ 15.025672] ? __virt_addr_valid+0x1db/0x2d0 [ 15.025695] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.025718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.025742] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.025767] kasan_report+0x141/0x180 [ 15.025790] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.025818] __asan_report_load4_noabort+0x18/0x20 [ 15.025844] kasan_atomics_helper+0x4a36/0x5450 [ 15.025867] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.025890] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.025915] ? kasan_atomics+0x152/0x310 [ 15.025942] kasan_atomics+0x1dc/0x310 [ 15.025964] ? __pfx_kasan_atomics+0x10/0x10 [ 15.025990] ? __pfx_read_tsc+0x10/0x10 [ 15.026010] ? ktime_get_ts64+0x86/0x230 [ 15.026036] kunit_try_run_case+0x1a5/0x480 [ 15.026061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.026086] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.026109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.026134] ? __kthread_parkme+0x82/0x180 [ 15.026155] ? preempt_count_sub+0x50/0x80 [ 15.026180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.026205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.026230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.026255] kthread+0x337/0x6f0 [ 15.026275] ? trace_preempt_on+0x20/0xc0 [ 15.026299] ? __pfx_kthread+0x10/0x10 [ 15.026320] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.026342] ? calculate_sigpending+0x7b/0xa0 [ 15.026366] ? __pfx_kthread+0x10/0x10 [ 15.026406] ret_from_fork+0x116/0x1d0 [ 15.026426] ? __pfx_kthread+0x10/0x10 [ 15.026456] ret_from_fork_asm+0x1a/0x30 [ 15.026489] </TASK> [ 15.026499] [ 15.033900] Allocated by task 283: [ 15.034083] kasan_save_stack+0x45/0x70 [ 15.034285] kasan_save_track+0x18/0x40 [ 15.034486] kasan_save_alloc_info+0x3b/0x50 [ 15.034717] __kasan_kmalloc+0xb7/0xc0 [ 15.034896] __kmalloc_cache_noprof+0x189/0x420 [ 15.035120] kasan_atomics+0x95/0x310 [ 15.035280] kunit_try_run_case+0x1a5/0x480 [ 15.035426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.035635] kthread+0x337/0x6f0 [ 15.035758] ret_from_fork+0x116/0x1d0 [ 15.035889] ret_from_fork_asm+0x1a/0x30 [ 15.036027] [ 15.036098] The buggy address belongs to the object at ffff8881026f3680 [ 15.036098] which belongs to the cache kmalloc-64 of size 64 [ 15.036459] The buggy address is located 0 bytes to the right of [ 15.036459] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.036999] [ 15.037097] The buggy address belongs to the physical page: [ 15.037361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.037747] flags: 0x200000000000000(node=0|zone=2) [ 15.037980] page_type: f5(slab) [ 15.038145] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.038496] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.038830] page dumped because: kasan: bad access detected [ 15.039076] [ 15.039173] Memory state around the buggy address: [ 15.039392] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.039711] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.040022] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.040333] ^ [ 15.041709] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.042568] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.042875] ================================================================== [ 14.576527] ================================================================== [ 14.576889] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.577360] Read of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.577781] [ 14.577922] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.577965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.577977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.577999] Call Trace: [ 14.578014] <TASK> [ 14.578032] dump_stack_lvl+0x73/0xb0 [ 14.578060] print_report+0xd1/0x610 [ 14.578082] ? __virt_addr_valid+0x1db/0x2d0 [ 14.578106] ? kasan_atomics_helper+0x3df/0x5450 [ 14.578128] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.578152] ? kasan_atomics_helper+0x3df/0x5450 [ 14.578174] kasan_report+0x141/0x180 [ 14.578197] ? kasan_atomics_helper+0x3df/0x5450 [ 14.578246] kasan_check_range+0x10c/0x1c0 [ 14.578272] __kasan_check_read+0x15/0x20 [ 14.578303] kasan_atomics_helper+0x3df/0x5450 [ 14.578326] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.578350] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.578375] ? kasan_atomics+0x152/0x310 [ 14.578403] kasan_atomics+0x1dc/0x310 [ 14.578425] ? __pfx_kasan_atomics+0x10/0x10 [ 14.578459] ? __pfx_read_tsc+0x10/0x10 [ 14.578479] ? ktime_get_ts64+0x86/0x230 [ 14.578506] kunit_try_run_case+0x1a5/0x480 [ 14.578531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.578555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.578601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.578627] ? __kthread_parkme+0x82/0x180 [ 14.578658] ? preempt_count_sub+0x50/0x80 [ 14.578694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.578726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.578753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.578790] kthread+0x337/0x6f0 [ 14.578809] ? trace_preempt_on+0x20/0xc0 [ 14.578833] ? __pfx_kthread+0x10/0x10 [ 14.578855] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.578888] ? calculate_sigpending+0x7b/0xa0 [ 14.578913] ? __pfx_kthread+0x10/0x10 [ 14.578935] ret_from_fork+0x116/0x1d0 [ 14.578965] ? __pfx_kthread+0x10/0x10 [ 14.578987] ret_from_fork_asm+0x1a/0x30 [ 14.579019] </TASK> [ 14.579029] [ 14.591152] Allocated by task 283: [ 14.591530] kasan_save_stack+0x45/0x70 [ 14.591995] kasan_save_track+0x18/0x40 [ 14.592383] kasan_save_alloc_info+0x3b/0x50 [ 14.592854] __kasan_kmalloc+0xb7/0xc0 [ 14.593234] __kmalloc_cache_noprof+0x189/0x420 [ 14.593537] kasan_atomics+0x95/0x310 [ 14.593882] kunit_try_run_case+0x1a5/0x480 [ 14.594027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.594199] kthread+0x337/0x6f0 [ 14.594315] ret_from_fork+0x116/0x1d0 [ 14.594455] ret_from_fork_asm+0x1a/0x30 [ 14.594699] [ 14.594799] The buggy address belongs to the object at ffff8881026f3680 [ 14.594799] which belongs to the cache kmalloc-64 of size 64 [ 14.595300] The buggy address is located 0 bytes to the right of [ 14.595300] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.596010] [ 14.596187] The buggy address belongs to the physical page: [ 14.596422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.596865] flags: 0x200000000000000(node=0|zone=2) [ 14.597098] page_type: f5(slab) [ 14.597276] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.597528] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.597929] page dumped because: kasan: bad access detected [ 14.598168] [ 14.598237] Memory state around the buggy address: [ 14.598417] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.598946] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.599274] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.599598] ^ [ 14.599842] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.600197] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.600513] ================================================================== [ 14.856557] ================================================================== [ 14.856931] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 14.857356] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.857752] [ 14.857903] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.857957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.857970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.857990] Call Trace: [ 14.858003] <TASK> [ 14.858018] dump_stack_lvl+0x73/0xb0 [ 14.858044] print_report+0xd1/0x610 [ 14.858066] ? __virt_addr_valid+0x1db/0x2d0 [ 14.858108] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.858145] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.858181] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.858205] kasan_report+0x141/0x180 [ 14.858241] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.858283] kasan_check_range+0x10c/0x1c0 [ 14.858321] __kasan_check_write+0x18/0x20 [ 14.858354] kasan_atomics_helper+0xb6a/0x5450 [ 14.858392] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.858428] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.858479] ? kasan_atomics+0x152/0x310 [ 14.858553] kasan_atomics+0x1dc/0x310 [ 14.858587] ? __pfx_kasan_atomics+0x10/0x10 [ 14.858612] ? __pfx_read_tsc+0x10/0x10 [ 14.858644] ? ktime_get_ts64+0x86/0x230 [ 14.858670] kunit_try_run_case+0x1a5/0x480 [ 14.858694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.858729] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.858754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.858778] ? __kthread_parkme+0x82/0x180 [ 14.858810] ? preempt_count_sub+0x50/0x80 [ 14.858835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.858860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.858895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.858920] kthread+0x337/0x6f0 [ 14.858939] ? trace_preempt_on+0x20/0xc0 [ 14.858962] ? __pfx_kthread+0x10/0x10 [ 14.858983] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.859006] ? calculate_sigpending+0x7b/0xa0 [ 14.859030] ? __pfx_kthread+0x10/0x10 [ 14.859051] ret_from_fork+0x116/0x1d0 [ 14.859071] ? __pfx_kthread+0x10/0x10 [ 14.859092] ret_from_fork_asm+0x1a/0x30 [ 14.859124] </TASK> [ 14.859134] [ 14.867989] Allocated by task 283: [ 14.868138] kasan_save_stack+0x45/0x70 [ 14.868478] kasan_save_track+0x18/0x40 [ 14.868814] kasan_save_alloc_info+0x3b/0x50 [ 14.869059] __kasan_kmalloc+0xb7/0xc0 [ 14.869198] __kmalloc_cache_noprof+0x189/0x420 [ 14.869352] kasan_atomics+0x95/0x310 [ 14.869747] kunit_try_run_case+0x1a5/0x480 [ 14.869962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.870268] kthread+0x337/0x6f0 [ 14.870451] ret_from_fork+0x116/0x1d0 [ 14.870739] ret_from_fork_asm+0x1a/0x30 [ 14.870956] [ 14.871101] The buggy address belongs to the object at ffff8881026f3680 [ 14.871101] which belongs to the cache kmalloc-64 of size 64 [ 14.871706] The buggy address is located 0 bytes to the right of [ 14.871706] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.872212] [ 14.872466] The buggy address belongs to the physical page: [ 14.872761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.873108] flags: 0x200000000000000(node=0|zone=2) [ 14.873372] page_type: f5(slab) [ 14.873600] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.873986] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.874294] page dumped because: kasan: bad access detected [ 14.874631] [ 14.874727] Memory state around the buggy address: [ 14.874919] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.875325] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.875666] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.875922] ^ [ 14.876152] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.876511] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.876802] ================================================================== [ 15.753460] ================================================================== [ 15.753865] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 15.754186] Read of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.754587] [ 15.754695] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.754736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.754748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.754770] Call Trace: [ 15.754785] <TASK> [ 15.754801] dump_stack_lvl+0x73/0xb0 [ 15.754827] print_report+0xd1/0x610 [ 15.754848] ? __virt_addr_valid+0x1db/0x2d0 [ 15.754871] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.754893] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.754917] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.754940] kasan_report+0x141/0x180 [ 15.754962] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.754990] __asan_report_load8_noabort+0x18/0x20 [ 15.755016] kasan_atomics_helper+0x4fb2/0x5450 [ 15.755039] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.755062] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.755087] ? kasan_atomics+0x152/0x310 [ 15.755115] kasan_atomics+0x1dc/0x310 [ 15.755137] ? __pfx_kasan_atomics+0x10/0x10 [ 15.755162] ? __pfx_read_tsc+0x10/0x10 [ 15.755183] ? ktime_get_ts64+0x86/0x230 [ 15.755209] kunit_try_run_case+0x1a5/0x480 [ 15.755234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.755257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.755282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.755306] ? __kthread_parkme+0x82/0x180 [ 15.755327] ? preempt_count_sub+0x50/0x80 [ 15.755352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.755376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.755401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.755426] kthread+0x337/0x6f0 [ 15.755455] ? trace_preempt_on+0x20/0xc0 [ 15.755479] ? __pfx_kthread+0x10/0x10 [ 15.755500] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.755541] ? calculate_sigpending+0x7b/0xa0 [ 15.755566] ? __pfx_kthread+0x10/0x10 [ 15.755588] ret_from_fork+0x116/0x1d0 [ 15.755607] ? __pfx_kthread+0x10/0x10 [ 15.755628] ret_from_fork_asm+0x1a/0x30 [ 15.755661] </TASK> [ 15.755672] [ 15.762715] Allocated by task 283: [ 15.762896] kasan_save_stack+0x45/0x70 [ 15.763060] kasan_save_track+0x18/0x40 [ 15.763256] kasan_save_alloc_info+0x3b/0x50 [ 15.763427] __kasan_kmalloc+0xb7/0xc0 [ 15.763643] __kmalloc_cache_noprof+0x189/0x420 [ 15.763842] kasan_atomics+0x95/0x310 [ 15.764025] kunit_try_run_case+0x1a5/0x480 [ 15.764212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.764474] kthread+0x337/0x6f0 [ 15.764634] ret_from_fork+0x116/0x1d0 [ 15.764824] ret_from_fork_asm+0x1a/0x30 [ 15.765001] [ 15.765074] The buggy address belongs to the object at ffff8881026f3680 [ 15.765074] which belongs to the cache kmalloc-64 of size 64 [ 15.765603] The buggy address is located 0 bytes to the right of [ 15.765603] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.766081] [ 15.766174] The buggy address belongs to the physical page: [ 15.766378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.766737] flags: 0x200000000000000(node=0|zone=2) [ 15.766943] page_type: f5(slab) [ 15.767093] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.767377] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.767639] page dumped because: kasan: bad access detected [ 15.767814] [ 15.767885] Memory state around the buggy address: [ 15.768041] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.768258] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.768498] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.768838] ^ [ 15.769058] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.769379] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.769726] ================================================================== [ 15.842272] ================================================================== [ 15.842669] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 15.843160] Read of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.843455] [ 15.843950] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.844000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.844013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.844037] Call Trace: [ 15.844055] <TASK> [ 15.844074] dump_stack_lvl+0x73/0xb0 [ 15.844206] print_report+0xd1/0x610 [ 15.844232] ? __virt_addr_valid+0x1db/0x2d0 [ 15.844255] ? kasan_atomics_helper+0x5115/0x5450 [ 15.844277] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.844301] ? kasan_atomics_helper+0x5115/0x5450 [ 15.844324] kasan_report+0x141/0x180 [ 15.844347] ? kasan_atomics_helper+0x5115/0x5450 [ 15.844376] __asan_report_load8_noabort+0x18/0x20 [ 15.844402] kasan_atomics_helper+0x5115/0x5450 [ 15.844426] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.844465] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.844492] ? kasan_atomics+0x152/0x310 [ 15.844520] kasan_atomics+0x1dc/0x310 [ 15.844557] ? __pfx_kasan_atomics+0x10/0x10 [ 15.844582] ? __pfx_read_tsc+0x10/0x10 [ 15.844604] ? ktime_get_ts64+0x86/0x230 [ 15.844631] kunit_try_run_case+0x1a5/0x480 [ 15.844657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.844681] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.844707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.844732] ? __kthread_parkme+0x82/0x180 [ 15.844753] ? preempt_count_sub+0x50/0x80 [ 15.844779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.844804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.844828] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.844853] kthread+0x337/0x6f0 [ 15.844873] ? trace_preempt_on+0x20/0xc0 [ 15.844897] ? __pfx_kthread+0x10/0x10 [ 15.844919] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.844941] ? calculate_sigpending+0x7b/0xa0 [ 15.844966] ? __pfx_kthread+0x10/0x10 [ 15.844987] ret_from_fork+0x116/0x1d0 [ 15.845007] ? __pfx_kthread+0x10/0x10 [ 15.845028] ret_from_fork_asm+0x1a/0x30 [ 15.845061] </TASK> [ 15.845073] [ 15.854288] Allocated by task 283: [ 15.854506] kasan_save_stack+0x45/0x70 [ 15.855095] kasan_save_track+0x18/0x40 [ 15.855248] kasan_save_alloc_info+0x3b/0x50 [ 15.855550] __kasan_kmalloc+0xb7/0xc0 [ 15.855811] __kmalloc_cache_noprof+0x189/0x420 [ 15.856140] kasan_atomics+0x95/0x310 [ 15.856288] kunit_try_run_case+0x1a5/0x480 [ 15.856639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.856980] kthread+0x337/0x6f0 [ 15.857113] ret_from_fork+0x116/0x1d0 [ 15.857315] ret_from_fork_asm+0x1a/0x30 [ 15.857503] [ 15.857602] The buggy address belongs to the object at ffff8881026f3680 [ 15.857602] which belongs to the cache kmalloc-64 of size 64 [ 15.858089] The buggy address is located 0 bytes to the right of [ 15.858089] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.859031] [ 15.859117] The buggy address belongs to the physical page: [ 15.859375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.859940] flags: 0x200000000000000(node=0|zone=2) [ 15.860150] page_type: f5(slab) [ 15.860326] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.860818] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.861218] page dumped because: kasan: bad access detected [ 15.861425] [ 15.861614] Memory state around the buggy address: [ 15.861891] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.862269] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.862635] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.863009] ^ [ 15.863183] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.863653] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.863966] ================================================================== [ 14.601340] ================================================================== [ 14.602077] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 14.602311] Read of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.602662] [ 14.602768] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.602811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.602824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.602845] Call Trace: [ 14.602856] <TASK> [ 14.602871] dump_stack_lvl+0x73/0xb0 [ 14.602898] print_report+0xd1/0x610 [ 14.602920] ? __virt_addr_valid+0x1db/0x2d0 [ 14.602943] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.602966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.602988] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.603011] kasan_report+0x141/0x180 [ 14.603034] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.603062] __asan_report_load4_noabort+0x18/0x20 [ 14.603087] kasan_atomics_helper+0x4b54/0x5450 [ 14.603111] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.603134] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.603159] ? kasan_atomics+0x152/0x310 [ 14.603186] kasan_atomics+0x1dc/0x310 [ 14.603209] ? __pfx_kasan_atomics+0x10/0x10 [ 14.603234] ? __pfx_read_tsc+0x10/0x10 [ 14.603255] ? ktime_get_ts64+0x86/0x230 [ 14.603279] kunit_try_run_case+0x1a5/0x480 [ 14.603303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.603326] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.603351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.603375] ? __kthread_parkme+0x82/0x180 [ 14.603397] ? preempt_count_sub+0x50/0x80 [ 14.603421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.603457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.603482] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.603506] kthread+0x337/0x6f0 [ 14.603525] ? trace_preempt_on+0x20/0xc0 [ 14.603559] ? __pfx_kthread+0x10/0x10 [ 14.603580] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.603602] ? calculate_sigpending+0x7b/0xa0 [ 14.603629] ? __pfx_kthread+0x10/0x10 [ 14.603651] ret_from_fork+0x116/0x1d0 [ 14.603670] ? __pfx_kthread+0x10/0x10 [ 14.603691] ret_from_fork_asm+0x1a/0x30 [ 14.603723] </TASK> [ 14.603733] [ 14.610506] Allocated by task 283: [ 14.610691] kasan_save_stack+0x45/0x70 [ 14.610893] kasan_save_track+0x18/0x40 [ 14.611090] kasan_save_alloc_info+0x3b/0x50 [ 14.611301] __kasan_kmalloc+0xb7/0xc0 [ 14.611498] __kmalloc_cache_noprof+0x189/0x420 [ 14.611729] kasan_atomics+0x95/0x310 [ 14.611918] kunit_try_run_case+0x1a5/0x480 [ 14.612067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.612321] kthread+0x337/0x6f0 [ 14.612490] ret_from_fork+0x116/0x1d0 [ 14.612667] ret_from_fork_asm+0x1a/0x30 [ 14.612833] [ 14.612908] The buggy address belongs to the object at ffff8881026f3680 [ 14.612908] which belongs to the cache kmalloc-64 of size 64 [ 14.613369] The buggy address is located 0 bytes to the right of [ 14.613369] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.613888] [ 14.613976] The buggy address belongs to the physical page: [ 14.614156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.614515] flags: 0x200000000000000(node=0|zone=2) [ 14.614706] page_type: f5(slab) [ 14.614869] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.615175] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.615477] page dumped because: kasan: bad access detected [ 14.615714] [ 14.615803] Memory state around the buggy address: [ 14.615989] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.616268] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.616532] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.616820] ^ [ 14.616987] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.617199] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.617404] ================================================================== [ 15.043980] ================================================================== [ 15.044605] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.044935] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.045942] [ 15.046182] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.046344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.046359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.046392] Call Trace: [ 15.046407] <TASK> [ 15.046422] dump_stack_lvl+0x73/0xb0 [ 15.046499] print_report+0xd1/0x610 [ 15.046545] ? __virt_addr_valid+0x1db/0x2d0 [ 15.046568] ? kasan_atomics_helper+0x1079/0x5450 [ 15.046590] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.046613] ? kasan_atomics_helper+0x1079/0x5450 [ 15.046636] kasan_report+0x141/0x180 [ 15.046659] ? kasan_atomics_helper+0x1079/0x5450 [ 15.046687] kasan_check_range+0x10c/0x1c0 [ 15.046712] __kasan_check_write+0x18/0x20 [ 15.046734] kasan_atomics_helper+0x1079/0x5450 [ 15.046757] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.046780] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.046805] ? kasan_atomics+0x152/0x310 [ 15.046833] kasan_atomics+0x1dc/0x310 [ 15.046856] ? __pfx_kasan_atomics+0x10/0x10 [ 15.046881] ? __pfx_read_tsc+0x10/0x10 [ 15.046902] ? ktime_get_ts64+0x86/0x230 [ 15.046926] kunit_try_run_case+0x1a5/0x480 [ 15.046950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.046974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.046997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.047022] ? __kthread_parkme+0x82/0x180 [ 15.047042] ? preempt_count_sub+0x50/0x80 [ 15.047067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.047092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.047116] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.047141] kthread+0x337/0x6f0 [ 15.047160] ? trace_preempt_on+0x20/0xc0 [ 15.047183] ? __pfx_kthread+0x10/0x10 [ 15.047204] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.047226] ? calculate_sigpending+0x7b/0xa0 [ 15.047252] ? __pfx_kthread+0x10/0x10 [ 15.047274] ret_from_fork+0x116/0x1d0 [ 15.047292] ? __pfx_kthread+0x10/0x10 [ 15.047313] ret_from_fork_asm+0x1a/0x30 [ 15.047348] </TASK> [ 15.047359] [ 15.060103] Allocated by task 283: [ 15.060276] kasan_save_stack+0x45/0x70 [ 15.060724] kasan_save_track+0x18/0x40 [ 15.060929] kasan_save_alloc_info+0x3b/0x50 [ 15.061134] __kasan_kmalloc+0xb7/0xc0 [ 15.061310] __kmalloc_cache_noprof+0x189/0x420 [ 15.061522] kasan_atomics+0x95/0x310 [ 15.061694] kunit_try_run_case+0x1a5/0x480 [ 15.061883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.062100] kthread+0x337/0x6f0 [ 15.062258] ret_from_fork+0x116/0x1d0 [ 15.062432] ret_from_fork_asm+0x1a/0x30 [ 15.063154] [ 15.063700] The buggy address belongs to the object at ffff8881026f3680 [ 15.063700] which belongs to the cache kmalloc-64 of size 64 [ 15.064390] The buggy address is located 0 bytes to the right of [ 15.064390] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.064916] [ 15.064992] The buggy address belongs to the physical page: [ 15.065171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.065405] flags: 0x200000000000000(node=0|zone=2) [ 15.065620] page_type: f5(slab) [ 15.065873] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.066365] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.067069] page dumped because: kasan: bad access detected [ 15.067247] [ 15.067318] Memory state around the buggy address: [ 15.067481] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.068113] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.068889] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.069677] ^ [ 15.070223] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.070645] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.070857] ================================================================== [ 15.795157] ================================================================== [ 15.795603] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 15.796106] Read of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.796709] [ 15.796970] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.797019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.797033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.797055] Call Trace: [ 15.797073] <TASK> [ 15.797091] dump_stack_lvl+0x73/0xb0 [ 15.797120] print_report+0xd1/0x610 [ 15.797149] ? __virt_addr_valid+0x1db/0x2d0 [ 15.797172] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.797193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.797217] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.797239] kasan_report+0x141/0x180 [ 15.797263] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.797292] __asan_report_load8_noabort+0x18/0x20 [ 15.797318] kasan_atomics_helper+0x4fa5/0x5450 [ 15.797342] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.797365] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.797391] ? kasan_atomics+0x152/0x310 [ 15.797419] kasan_atomics+0x1dc/0x310 [ 15.797454] ? __pfx_kasan_atomics+0x10/0x10 [ 15.797479] ? __pfx_read_tsc+0x10/0x10 [ 15.797501] ? ktime_get_ts64+0x86/0x230 [ 15.797528] kunit_try_run_case+0x1a5/0x480 [ 15.797564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.797588] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.797612] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.797637] ? __kthread_parkme+0x82/0x180 [ 15.797658] ? preempt_count_sub+0x50/0x80 [ 15.797685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.797711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.797735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.797761] kthread+0x337/0x6f0 [ 15.797780] ? trace_preempt_on+0x20/0xc0 [ 15.797805] ? __pfx_kthread+0x10/0x10 [ 15.797827] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.797853] ? calculate_sigpending+0x7b/0xa0 [ 15.797880] ? __pfx_kthread+0x10/0x10 [ 15.797903] ret_from_fork+0x116/0x1d0 [ 15.797922] ? __pfx_kthread+0x10/0x10 [ 15.797943] ret_from_fork_asm+0x1a/0x30 [ 15.797976] </TASK> [ 15.797987] [ 15.807913] Allocated by task 283: [ 15.808092] kasan_save_stack+0x45/0x70 [ 15.808279] kasan_save_track+0x18/0x40 [ 15.808469] kasan_save_alloc_info+0x3b/0x50 [ 15.809031] __kasan_kmalloc+0xb7/0xc0 [ 15.809182] __kmalloc_cache_noprof+0x189/0x420 [ 15.809548] kasan_atomics+0x95/0x310 [ 15.809874] kunit_try_run_case+0x1a5/0x480 [ 15.810086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.810407] kthread+0x337/0x6f0 [ 15.810599] ret_from_fork+0x116/0x1d0 [ 15.810913] ret_from_fork_asm+0x1a/0x30 [ 15.811197] [ 15.811274] The buggy address belongs to the object at ffff8881026f3680 [ 15.811274] which belongs to the cache kmalloc-64 of size 64 [ 15.812013] The buggy address is located 0 bytes to the right of [ 15.812013] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.812630] [ 15.812820] The buggy address belongs to the physical page: [ 15.813147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.813581] flags: 0x200000000000000(node=0|zone=2) [ 15.813829] page_type: f5(slab) [ 15.813960] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.814288] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.814863] page dumped because: kasan: bad access detected [ 15.815166] [ 15.815266] Memory state around the buggy address: [ 15.815661] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.816024] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.816331] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.816767] ^ [ 15.817026] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.817403] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.817852] ================================================================== [ 14.796945] ================================================================== [ 14.797304] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 14.797721] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.798342] [ 14.798804] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.798852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.798865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.798888] Call Trace: [ 14.798903] <TASK> [ 14.798919] dump_stack_lvl+0x73/0xb0 [ 14.798947] print_report+0xd1/0x610 [ 14.798969] ? __virt_addr_valid+0x1db/0x2d0 [ 14.798992] ? kasan_atomics_helper+0x992/0x5450 [ 14.799014] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.799037] ? kasan_atomics_helper+0x992/0x5450 [ 14.799060] kasan_report+0x141/0x180 [ 14.799083] ? kasan_atomics_helper+0x992/0x5450 [ 14.799111] kasan_check_range+0x10c/0x1c0 [ 14.799137] __kasan_check_write+0x18/0x20 [ 14.799157] kasan_atomics_helper+0x992/0x5450 [ 14.799181] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.799204] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.799230] ? kasan_atomics+0x152/0x310 [ 14.799257] kasan_atomics+0x1dc/0x310 [ 14.799280] ? __pfx_kasan_atomics+0x10/0x10 [ 14.799305] ? __pfx_read_tsc+0x10/0x10 [ 14.799326] ? ktime_get_ts64+0x86/0x230 [ 14.799351] kunit_try_run_case+0x1a5/0x480 [ 14.799374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.799397] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.799422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.799459] ? __kthread_parkme+0x82/0x180 [ 14.799481] ? preempt_count_sub+0x50/0x80 [ 14.799506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.799537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.799563] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.799588] kthread+0x337/0x6f0 [ 14.799608] ? trace_preempt_on+0x20/0xc0 [ 14.799631] ? __pfx_kthread+0x10/0x10 [ 14.799653] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.799675] ? calculate_sigpending+0x7b/0xa0 [ 14.799700] ? __pfx_kthread+0x10/0x10 [ 14.799722] ret_from_fork+0x116/0x1d0 [ 14.799742] ? __pfx_kthread+0x10/0x10 [ 14.799763] ret_from_fork_asm+0x1a/0x30 [ 14.799796] </TASK> [ 14.799807] [ 14.808156] Allocated by task 283: [ 14.808345] kasan_save_stack+0x45/0x70 [ 14.808607] kasan_save_track+0x18/0x40 [ 14.808811] kasan_save_alloc_info+0x3b/0x50 [ 14.809052] __kasan_kmalloc+0xb7/0xc0 [ 14.809257] __kmalloc_cache_noprof+0x189/0x420 [ 14.809511] kasan_atomics+0x95/0x310 [ 14.809775] kunit_try_run_case+0x1a5/0x480 [ 14.810036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.810316] kthread+0x337/0x6f0 [ 14.810535] ret_from_fork+0x116/0x1d0 [ 14.810711] ret_from_fork_asm+0x1a/0x30 [ 14.810951] [ 14.811085] The buggy address belongs to the object at ffff8881026f3680 [ 14.811085] which belongs to the cache kmalloc-64 of size 64 [ 14.811649] The buggy address is located 0 bytes to the right of [ 14.811649] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.812184] [ 14.812261] The buggy address belongs to the physical page: [ 14.812555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.812966] flags: 0x200000000000000(node=0|zone=2) [ 14.813205] page_type: f5(slab) [ 14.813373] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.813761] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.814095] page dumped because: kasan: bad access detected [ 14.814345] [ 14.814448] Memory state around the buggy address: [ 14.814698] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.815014] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.815266] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.815508] ^ [ 14.815749] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.816113] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.816464] ================================================================== [ 15.161897] ================================================================== [ 15.162270] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.162807] Read of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.163046] [ 15.163153] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.163196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.163209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.163231] Call Trace: [ 15.163245] <TASK> [ 15.163260] dump_stack_lvl+0x73/0xb0 [ 15.163289] print_report+0xd1/0x610 [ 15.163312] ? __virt_addr_valid+0x1db/0x2d0 [ 15.163336] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.163358] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.163381] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.163404] kasan_report+0x141/0x180 [ 15.163427] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.163469] __asan_report_load4_noabort+0x18/0x20 [ 15.163494] kasan_atomics_helper+0x49e8/0x5450 [ 15.163518] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.163553] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.163578] ? kasan_atomics+0x152/0x310 [ 15.163606] kasan_atomics+0x1dc/0x310 [ 15.163629] ? __pfx_kasan_atomics+0x10/0x10 [ 15.163654] ? __pfx_read_tsc+0x10/0x10 [ 15.163675] ? ktime_get_ts64+0x86/0x230 [ 15.163701] kunit_try_run_case+0x1a5/0x480 [ 15.163726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.163750] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.163775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.163800] ? __kthread_parkme+0x82/0x180 [ 15.163821] ? preempt_count_sub+0x50/0x80 [ 15.163846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.163870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.163895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.163920] kthread+0x337/0x6f0 [ 15.163940] ? trace_preempt_on+0x20/0xc0 [ 15.163964] ? __pfx_kthread+0x10/0x10 [ 15.163984] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.164007] ? calculate_sigpending+0x7b/0xa0 [ 15.164031] ? __pfx_kthread+0x10/0x10 [ 15.164053] ret_from_fork+0x116/0x1d0 [ 15.164072] ? __pfx_kthread+0x10/0x10 [ 15.164093] ret_from_fork_asm+0x1a/0x30 [ 15.164127] </TASK> [ 15.164137] [ 15.171389] Allocated by task 283: [ 15.171621] kasan_save_stack+0x45/0x70 [ 15.171825] kasan_save_track+0x18/0x40 [ 15.172016] kasan_save_alloc_info+0x3b/0x50 [ 15.172224] __kasan_kmalloc+0xb7/0xc0 [ 15.172413] __kmalloc_cache_noprof+0x189/0x420 [ 15.172640] kasan_atomics+0x95/0x310 [ 15.172777] kunit_try_run_case+0x1a5/0x480 [ 15.172941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.173194] kthread+0x337/0x6f0 [ 15.173369] ret_from_fork+0x116/0x1d0 [ 15.173603] ret_from_fork_asm+0x1a/0x30 [ 15.173810] [ 15.173901] The buggy address belongs to the object at ffff8881026f3680 [ 15.173901] which belongs to the cache kmalloc-64 of size 64 [ 15.174257] The buggy address is located 0 bytes to the right of [ 15.174257] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.174887] [ 15.174985] The buggy address belongs to the physical page: [ 15.175236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.175560] flags: 0x200000000000000(node=0|zone=2) [ 15.175785] page_type: f5(slab) [ 15.175905] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.176140] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.176406] page dumped because: kasan: bad access detected [ 15.177182] [ 15.177293] Memory state around the buggy address: [ 15.177668] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.177972] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.178265] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.178579] ^ [ 15.178761] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.179067] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.179343] ================================================================== [ 14.920401] ================================================================== [ 14.921132] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 14.921375] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.923016] [ 14.923150] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.923197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.923210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.923232] Call Trace: [ 14.923248] <TASK> [ 14.923264] dump_stack_lvl+0x73/0xb0 [ 14.923293] print_report+0xd1/0x610 [ 14.923316] ? __virt_addr_valid+0x1db/0x2d0 [ 14.923340] ? kasan_atomics_helper+0xd47/0x5450 [ 14.923362] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.923386] ? kasan_atomics_helper+0xd47/0x5450 [ 14.923409] kasan_report+0x141/0x180 [ 14.923432] ? kasan_atomics_helper+0xd47/0x5450 [ 14.923470] kasan_check_range+0x10c/0x1c0 [ 14.923494] __kasan_check_write+0x18/0x20 [ 14.923514] kasan_atomics_helper+0xd47/0x5450 [ 14.923537] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.923561] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.923586] ? kasan_atomics+0x152/0x310 [ 14.923614] kasan_atomics+0x1dc/0x310 [ 14.923638] ? __pfx_kasan_atomics+0x10/0x10 [ 14.923663] ? __pfx_read_tsc+0x10/0x10 [ 14.923684] ? ktime_get_ts64+0x86/0x230 [ 14.923711] kunit_try_run_case+0x1a5/0x480 [ 14.923736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.923760] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.923784] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.923809] ? __kthread_parkme+0x82/0x180 [ 14.923830] ? preempt_count_sub+0x50/0x80 [ 14.923854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.923879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.923904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.923929] kthread+0x337/0x6f0 [ 14.923948] ? trace_preempt_on+0x20/0xc0 [ 14.923972] ? __pfx_kthread+0x10/0x10 [ 14.923993] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.924015] ? calculate_sigpending+0x7b/0xa0 [ 14.924039] ? __pfx_kthread+0x10/0x10 [ 14.924061] ret_from_fork+0x116/0x1d0 [ 14.924081] ? __pfx_kthread+0x10/0x10 [ 14.924102] ret_from_fork_asm+0x1a/0x30 [ 14.924134] </TASK> [ 14.924144] [ 14.931649] Allocated by task 283: [ 14.931801] kasan_save_stack+0x45/0x70 [ 14.931999] kasan_save_track+0x18/0x40 [ 14.932201] kasan_save_alloc_info+0x3b/0x50 [ 14.932388] __kasan_kmalloc+0xb7/0xc0 [ 14.932552] __kmalloc_cache_noprof+0x189/0x420 [ 14.932780] kasan_atomics+0x95/0x310 [ 14.932941] kunit_try_run_case+0x1a5/0x480 [ 14.933111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.933367] kthread+0x337/0x6f0 [ 14.933524] ret_from_fork+0x116/0x1d0 [ 14.933702] ret_from_fork_asm+0x1a/0x30 [ 14.933886] [ 14.933980] The buggy address belongs to the object at ffff8881026f3680 [ 14.933980] which belongs to the cache kmalloc-64 of size 64 [ 14.934454] The buggy address is located 0 bytes to the right of [ 14.934454] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.934964] [ 14.935061] The buggy address belongs to the physical page: [ 14.935284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.935566] flags: 0x200000000000000(node=0|zone=2) [ 14.935834] page_type: f5(slab) [ 14.936002] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.936294] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.936607] page dumped because: kasan: bad access detected [ 14.936862] [ 14.936961] Memory state around the buggy address: [ 14.937152] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.937457] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.937764] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.938051] ^ [ 14.938255] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.938558] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.938840] ================================================================== [ 15.618564] ================================================================== [ 15.618960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 15.619255] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.619784] [ 15.619932] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.619978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.619991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.620012] Call Trace: [ 15.620029] <TASK> [ 15.620046] dump_stack_lvl+0x73/0xb0 [ 15.620075] print_report+0xd1/0x610 [ 15.620132] ? __virt_addr_valid+0x1db/0x2d0 [ 15.620156] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.620177] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.620201] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.620224] kasan_report+0x141/0x180 [ 15.620277] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.620305] kasan_check_range+0x10c/0x1c0 [ 15.620331] __kasan_check_write+0x18/0x20 [ 15.620351] kasan_atomics_helper+0x1e12/0x5450 [ 15.620376] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.620429] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.620466] ? kasan_atomics+0x152/0x310 [ 15.620494] kasan_atomics+0x1dc/0x310 [ 15.620518] ? __pfx_kasan_atomics+0x10/0x10 [ 15.620550] ? __pfx_read_tsc+0x10/0x10 [ 15.620573] ? ktime_get_ts64+0x86/0x230 [ 15.620632] kunit_try_run_case+0x1a5/0x480 [ 15.620657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.620681] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.620706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.620760] ? __kthread_parkme+0x82/0x180 [ 15.620782] ? preempt_count_sub+0x50/0x80 [ 15.620808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.620833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.620858] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.620913] kthread+0x337/0x6f0 [ 15.620934] ? trace_preempt_on+0x20/0xc0 [ 15.620957] ? __pfx_kthread+0x10/0x10 [ 15.620978] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.621000] ? calculate_sigpending+0x7b/0xa0 [ 15.621052] ? __pfx_kthread+0x10/0x10 [ 15.621075] ret_from_fork+0x116/0x1d0 [ 15.621094] ? __pfx_kthread+0x10/0x10 [ 15.621115] ret_from_fork_asm+0x1a/0x30 [ 15.621183] </TASK> [ 15.621195] [ 15.629251] Allocated by task 283: [ 15.629421] kasan_save_stack+0x45/0x70 [ 15.629639] kasan_save_track+0x18/0x40 [ 15.629850] kasan_save_alloc_info+0x3b/0x50 [ 15.630088] __kasan_kmalloc+0xb7/0xc0 [ 15.630297] __kmalloc_cache_noprof+0x189/0x420 [ 15.630518] kasan_atomics+0x95/0x310 [ 15.630737] kunit_try_run_case+0x1a5/0x480 [ 15.630946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.631199] kthread+0x337/0x6f0 [ 15.631373] ret_from_fork+0x116/0x1d0 [ 15.631593] ret_from_fork_asm+0x1a/0x30 [ 15.631818] [ 15.631912] The buggy address belongs to the object at ffff8881026f3680 [ 15.631912] which belongs to the cache kmalloc-64 of size 64 [ 15.632447] The buggy address is located 0 bytes to the right of [ 15.632447] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.633033] [ 15.633115] The buggy address belongs to the physical page: [ 15.633371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.633636] flags: 0x200000000000000(node=0|zone=2) [ 15.633796] page_type: f5(slab) [ 15.633915] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.634140] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.634359] page dumped because: kasan: bad access detected [ 15.634538] [ 15.634607] Memory state around the buggy address: [ 15.634760] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.635066] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.635372] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.636020] ^ [ 15.636243] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.636558] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.636863] ================================================================== [ 15.695553] ================================================================== [ 15.695937] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 15.696169] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.696396] [ 15.696616] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.696659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.696672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.696693] Call Trace: [ 15.696706] <TASK> [ 15.696722] dump_stack_lvl+0x73/0xb0 [ 15.696749] print_report+0xd1/0x610 [ 15.696771] ? __virt_addr_valid+0x1db/0x2d0 [ 15.696795] ? kasan_atomics_helper+0x2006/0x5450 [ 15.696847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.696871] ? kasan_atomics_helper+0x2006/0x5450 [ 15.696894] kasan_report+0x141/0x180 [ 15.696949] ? kasan_atomics_helper+0x2006/0x5450 [ 15.696980] kasan_check_range+0x10c/0x1c0 [ 15.697004] __kasan_check_write+0x18/0x20 [ 15.697024] kasan_atomics_helper+0x2006/0x5450 [ 15.697048] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.697071] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.697124] ? kasan_atomics+0x152/0x310 [ 15.697157] kasan_atomics+0x1dc/0x310 [ 15.697181] ? __pfx_kasan_atomics+0x10/0x10 [ 15.697206] ? __pfx_read_tsc+0x10/0x10 [ 15.697227] ? ktime_get_ts64+0x86/0x230 [ 15.697281] kunit_try_run_case+0x1a5/0x480 [ 15.697306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.697329] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.697355] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.697380] ? __kthread_parkme+0x82/0x180 [ 15.697429] ? preempt_count_sub+0x50/0x80 [ 15.697467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.697492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.697517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.697553] kthread+0x337/0x6f0 [ 15.697573] ? trace_preempt_on+0x20/0xc0 [ 15.697628] ? __pfx_kthread+0x10/0x10 [ 15.697649] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.697672] ? calculate_sigpending+0x7b/0xa0 [ 15.697697] ? __pfx_kthread+0x10/0x10 [ 15.697719] ret_from_fork+0x116/0x1d0 [ 15.697761] ? __pfx_kthread+0x10/0x10 [ 15.697783] ret_from_fork_asm+0x1a/0x30 [ 15.697817] </TASK> [ 15.697828] [ 15.706114] Allocated by task 283: [ 15.706295] kasan_save_stack+0x45/0x70 [ 15.706538] kasan_save_track+0x18/0x40 [ 15.706766] kasan_save_alloc_info+0x3b/0x50 [ 15.706980] __kasan_kmalloc+0xb7/0xc0 [ 15.707158] __kmalloc_cache_noprof+0x189/0x420 [ 15.707396] kasan_atomics+0x95/0x310 [ 15.707656] kunit_try_run_case+0x1a5/0x480 [ 15.707833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.708010] kthread+0x337/0x6f0 [ 15.708133] ret_from_fork+0x116/0x1d0 [ 15.708270] ret_from_fork_asm+0x1a/0x30 [ 15.708416] [ 15.708500] The buggy address belongs to the object at ffff8881026f3680 [ 15.708500] which belongs to the cache kmalloc-64 of size 64 [ 15.709095] The buggy address is located 0 bytes to the right of [ 15.709095] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.709823] [ 15.709957] The buggy address belongs to the physical page: [ 15.710212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.710618] flags: 0x200000000000000(node=0|zone=2) [ 15.710853] page_type: f5(slab) [ 15.711139] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.711378] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.711621] page dumped because: kasan: bad access detected [ 15.711795] [ 15.711888] Memory state around the buggy address: [ 15.712109] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.712428] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.712786] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.713100] ^ [ 15.713327] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.713684] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.713932] ================================================================== [ 14.940660] ================================================================== [ 14.940918] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 14.941154] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.941383] [ 14.941673] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.941730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.941742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.941763] Call Trace: [ 14.941776] <TASK> [ 14.941790] dump_stack_lvl+0x73/0xb0 [ 14.941817] print_report+0xd1/0x610 [ 14.941841] ? __virt_addr_valid+0x1db/0x2d0 [ 14.941865] ? kasan_atomics_helper+0xde0/0x5450 [ 14.941888] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.941914] ? kasan_atomics_helper+0xde0/0x5450 [ 14.941939] kasan_report+0x141/0x180 [ 14.941962] ? kasan_atomics_helper+0xde0/0x5450 [ 14.941991] kasan_check_range+0x10c/0x1c0 [ 14.942017] __kasan_check_write+0x18/0x20 [ 14.942038] kasan_atomics_helper+0xde0/0x5450 [ 14.942063] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.942088] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.942115] ? kasan_atomics+0x152/0x310 [ 14.942143] kasan_atomics+0x1dc/0x310 [ 14.942168] ? __pfx_kasan_atomics+0x10/0x10 [ 14.942194] ? __pfx_read_tsc+0x10/0x10 [ 14.942216] ? ktime_get_ts64+0x86/0x230 [ 14.942242] kunit_try_run_case+0x1a5/0x480 [ 14.942268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.942293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.942319] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.942345] ? __kthread_parkme+0x82/0x180 [ 14.942368] ? preempt_count_sub+0x50/0x80 [ 14.942395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.942422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.942464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.942492] kthread+0x337/0x6f0 [ 14.942512] ? trace_preempt_on+0x20/0xc0 [ 14.942537] ? __pfx_kthread+0x10/0x10 [ 14.942559] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.942582] ? calculate_sigpending+0x7b/0xa0 [ 14.942621] ? __pfx_kthread+0x10/0x10 [ 14.942645] ret_from_fork+0x116/0x1d0 [ 14.942665] ? __pfx_kthread+0x10/0x10 [ 14.942687] ret_from_fork_asm+0x1a/0x30 [ 14.942722] </TASK> [ 14.942732] [ 14.950854] Allocated by task 283: [ 14.951154] kasan_save_stack+0x45/0x70 [ 14.951359] kasan_save_track+0x18/0x40 [ 14.951566] kasan_save_alloc_info+0x3b/0x50 [ 14.951830] __kasan_kmalloc+0xb7/0xc0 [ 14.951965] __kmalloc_cache_noprof+0x189/0x420 [ 14.952124] kasan_atomics+0x95/0x310 [ 14.952258] kunit_try_run_case+0x1a5/0x480 [ 14.952420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.953811] kthread+0x337/0x6f0 [ 14.954351] ret_from_fork+0x116/0x1d0 [ 14.954952] ret_from_fork_asm+0x1a/0x30 [ 14.955548] [ 14.955964] The buggy address belongs to the object at ffff8881026f3680 [ 14.955964] which belongs to the cache kmalloc-64 of size 64 [ 14.957406] The buggy address is located 0 bytes to the right of [ 14.957406] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.958765] [ 14.959099] The buggy address belongs to the physical page: [ 14.959793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.960053] flags: 0x200000000000000(node=0|zone=2) [ 14.960220] page_type: f5(slab) [ 14.960346] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.961027] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.961740] page dumped because: kasan: bad access detected [ 14.962259] [ 14.962415] Memory state around the buggy address: [ 14.962871] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.963471] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.964047] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.964262] ^ [ 14.964416] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.964917] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.965564] ================================================================== [ 14.777449] ================================================================== [ 14.777813] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 14.778153] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.778551] [ 14.778663] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.778737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.778763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.778783] Call Trace: [ 14.778795] <TASK> [ 14.778823] dump_stack_lvl+0x73/0xb0 [ 14.778853] print_report+0xd1/0x610 [ 14.778876] ? __virt_addr_valid+0x1db/0x2d0 [ 14.778899] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.778921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.778945] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.778968] kasan_report+0x141/0x180 [ 14.778991] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.779019] kasan_check_range+0x10c/0x1c0 [ 14.779044] __kasan_check_write+0x18/0x20 [ 14.779064] kasan_atomics_helper+0x8f9/0x5450 [ 14.779089] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.779142] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.779168] ? kasan_atomics+0x152/0x310 [ 14.779223] kasan_atomics+0x1dc/0x310 [ 14.779248] ? __pfx_kasan_atomics+0x10/0x10 [ 14.779273] ? __pfx_read_tsc+0x10/0x10 [ 14.779305] ? ktime_get_ts64+0x86/0x230 [ 14.779330] kunit_try_run_case+0x1a5/0x480 [ 14.779355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.779379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.779445] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.779478] ? __kthread_parkme+0x82/0x180 [ 14.779500] ? preempt_count_sub+0x50/0x80 [ 14.779548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.779574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.779598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.779624] kthread+0x337/0x6f0 [ 14.779644] ? trace_preempt_on+0x20/0xc0 [ 14.779668] ? __pfx_kthread+0x10/0x10 [ 14.779689] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.779710] ? calculate_sigpending+0x7b/0xa0 [ 14.779735] ? __pfx_kthread+0x10/0x10 [ 14.779757] ret_from_fork+0x116/0x1d0 [ 14.779776] ? __pfx_kthread+0x10/0x10 [ 14.779797] ret_from_fork_asm+0x1a/0x30 [ 14.779831] </TASK> [ 14.779841] [ 14.787777] Allocated by task 283: [ 14.787972] kasan_save_stack+0x45/0x70 [ 14.788198] kasan_save_track+0x18/0x40 [ 14.788416] kasan_save_alloc_info+0x3b/0x50 [ 14.788685] __kasan_kmalloc+0xb7/0xc0 [ 14.788872] __kmalloc_cache_noprof+0x189/0x420 [ 14.789114] kasan_atomics+0x95/0x310 [ 14.789309] kunit_try_run_case+0x1a5/0x480 [ 14.789569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.789842] kthread+0x337/0x6f0 [ 14.790028] ret_from_fork+0x116/0x1d0 [ 14.790250] ret_from_fork_asm+0x1a/0x30 [ 14.790483] [ 14.790622] The buggy address belongs to the object at ffff8881026f3680 [ 14.790622] which belongs to the cache kmalloc-64 of size 64 [ 14.791209] The buggy address is located 0 bytes to the right of [ 14.791209] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.791801] [ 14.791923] The buggy address belongs to the physical page: [ 14.792204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.792624] flags: 0x200000000000000(node=0|zone=2) [ 14.792862] page_type: f5(slab) [ 14.793029] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.793371] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.793736] page dumped because: kasan: bad access detected [ 14.793991] [ 14.794084] Memory state around the buggy address: [ 14.794321] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.794705] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.794972] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.795317] ^ [ 14.795578] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.795914] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.796258] ================================================================== [ 14.877697] ================================================================== [ 14.878331] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 14.878919] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.879398] [ 14.879633] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.879679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.879691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.879712] Call Trace: [ 14.879727] <TASK> [ 14.879750] dump_stack_lvl+0x73/0xb0 [ 14.879780] print_report+0xd1/0x610 [ 14.879803] ? __virt_addr_valid+0x1db/0x2d0 [ 14.879825] ? kasan_atomics_helper+0xc70/0x5450 [ 14.879847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.879871] ? kasan_atomics_helper+0xc70/0x5450 [ 14.879894] kasan_report+0x141/0x180 [ 14.879918] ? kasan_atomics_helper+0xc70/0x5450 [ 14.879946] kasan_check_range+0x10c/0x1c0 [ 14.879971] __kasan_check_write+0x18/0x20 [ 14.879991] kasan_atomics_helper+0xc70/0x5450 [ 14.880015] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.880038] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.880063] ? kasan_atomics+0x152/0x310 [ 14.880090] kasan_atomics+0x1dc/0x310 [ 14.880113] ? __pfx_kasan_atomics+0x10/0x10 [ 14.880139] ? __pfx_read_tsc+0x10/0x10 [ 14.880159] ? ktime_get_ts64+0x86/0x230 [ 14.880184] kunit_try_run_case+0x1a5/0x480 [ 14.880208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.880231] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.880255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.880279] ? __kthread_parkme+0x82/0x180 [ 14.880340] ? preempt_count_sub+0x50/0x80 [ 14.880365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.880401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.880427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.880460] kthread+0x337/0x6f0 [ 14.880479] ? trace_preempt_on+0x20/0xc0 [ 14.880503] ? __pfx_kthread+0x10/0x10 [ 14.880524] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.880546] ? calculate_sigpending+0x7b/0xa0 [ 14.880587] ? __pfx_kthread+0x10/0x10 [ 14.880610] ret_from_fork+0x116/0x1d0 [ 14.880628] ? __pfx_kthread+0x10/0x10 [ 14.880650] ret_from_fork_asm+0x1a/0x30 [ 14.880683] </TASK> [ 14.880694] [ 14.891119] Allocated by task 283: [ 14.891284] kasan_save_stack+0x45/0x70 [ 14.891776] kasan_save_track+0x18/0x40 [ 14.892079] kasan_save_alloc_info+0x3b/0x50 [ 14.892246] __kasan_kmalloc+0xb7/0xc0 [ 14.892646] __kmalloc_cache_noprof+0x189/0x420 [ 14.892901] kasan_atomics+0x95/0x310 [ 14.893213] kunit_try_run_case+0x1a5/0x480 [ 14.893446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.893895] kthread+0x337/0x6f0 [ 14.894153] ret_from_fork+0x116/0x1d0 [ 14.894365] ret_from_fork_asm+0x1a/0x30 [ 14.894760] [ 14.894863] The buggy address belongs to the object at ffff8881026f3680 [ 14.894863] which belongs to the cache kmalloc-64 of size 64 [ 14.895579] The buggy address is located 0 bytes to the right of [ 14.895579] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.896190] [ 14.896427] The buggy address belongs to the physical page: [ 14.896878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.897274] flags: 0x200000000000000(node=0|zone=2) [ 14.897670] page_type: f5(slab) [ 14.897943] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.898311] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.898831] page dumped because: kasan: bad access detected [ 14.899164] [ 14.899242] Memory state around the buggy address: [ 14.899627] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.900043] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.900369] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.900795] ^ [ 14.901022] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.901462] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.901918] ================================================================== [ 15.407858] ================================================================== [ 15.408155] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 15.408384] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.408733] [ 15.409008] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.409276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.409291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.409370] Call Trace: [ 15.409386] <TASK> [ 15.409401] dump_stack_lvl+0x73/0xb0 [ 15.409523] print_report+0xd1/0x610 [ 15.409559] ? __virt_addr_valid+0x1db/0x2d0 [ 15.409652] ? kasan_atomics_helper+0x1818/0x5450 [ 15.409675] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.409698] ? kasan_atomics_helper+0x1818/0x5450 [ 15.409721] kasan_report+0x141/0x180 [ 15.409746] ? kasan_atomics_helper+0x1818/0x5450 [ 15.409774] kasan_check_range+0x10c/0x1c0 [ 15.409799] __kasan_check_write+0x18/0x20 [ 15.409818] kasan_atomics_helper+0x1818/0x5450 [ 15.409941] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.409963] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.409989] ? kasan_atomics+0x152/0x310 [ 15.410016] kasan_atomics+0x1dc/0x310 [ 15.410040] ? __pfx_kasan_atomics+0x10/0x10 [ 15.410066] ? __pfx_read_tsc+0x10/0x10 [ 15.410088] ? ktime_get_ts64+0x86/0x230 [ 15.410114] kunit_try_run_case+0x1a5/0x480 [ 15.410138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.410161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.410186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.410210] ? __kthread_parkme+0x82/0x180 [ 15.410231] ? preempt_count_sub+0x50/0x80 [ 15.410256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.410280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.410304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.410329] kthread+0x337/0x6f0 [ 15.410349] ? trace_preempt_on+0x20/0xc0 [ 15.410373] ? __pfx_kthread+0x10/0x10 [ 15.410393] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.410415] ? calculate_sigpending+0x7b/0xa0 [ 15.410451] ? __pfx_kthread+0x10/0x10 [ 15.410473] ret_from_fork+0x116/0x1d0 [ 15.410492] ? __pfx_kthread+0x10/0x10 [ 15.410513] ret_from_fork_asm+0x1a/0x30 [ 15.410546] </TASK> [ 15.410557] [ 15.420464] Allocated by task 283: [ 15.420761] kasan_save_stack+0x45/0x70 [ 15.420950] kasan_save_track+0x18/0x40 [ 15.421123] kasan_save_alloc_info+0x3b/0x50 [ 15.421320] __kasan_kmalloc+0xb7/0xc0 [ 15.421524] __kmalloc_cache_noprof+0x189/0x420 [ 15.421963] kasan_atomics+0x95/0x310 [ 15.422215] kunit_try_run_case+0x1a5/0x480 [ 15.422385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.422826] kthread+0x337/0x6f0 [ 15.422979] ret_from_fork+0x116/0x1d0 [ 15.423278] ret_from_fork_asm+0x1a/0x30 [ 15.423556] [ 15.423641] The buggy address belongs to the object at ffff8881026f3680 [ 15.423641] which belongs to the cache kmalloc-64 of size 64 [ 15.424288] The buggy address is located 0 bytes to the right of [ 15.424288] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.424901] [ 15.425003] The buggy address belongs to the physical page: [ 15.425235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.425808] flags: 0x200000000000000(node=0|zone=2) [ 15.426092] page_type: f5(slab) [ 15.426235] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.426692] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.427106] page dumped because: kasan: bad access detected [ 15.427422] [ 15.427534] Memory state around the buggy address: [ 15.427767] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.428204] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.428524] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.428808] ^ [ 15.429012] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.429309] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.429856] ================================================================== [ 15.657458] ================================================================== [ 15.657975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 15.658313] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.658712] [ 15.658800] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.658880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.658892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.658914] Call Trace: [ 15.658930] <TASK> [ 15.658946] dump_stack_lvl+0x73/0xb0 [ 15.659007] print_report+0xd1/0x610 [ 15.659030] ? __virt_addr_valid+0x1db/0x2d0 [ 15.659054] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.659076] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.659099] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.659122] kasan_report+0x141/0x180 [ 15.659145] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.659174] kasan_check_range+0x10c/0x1c0 [ 15.659229] __kasan_check_write+0x18/0x20 [ 15.659250] kasan_atomics_helper+0x1f43/0x5450 [ 15.659274] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.659297] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.659323] ? kasan_atomics+0x152/0x310 [ 15.659377] kasan_atomics+0x1dc/0x310 [ 15.659401] ? __pfx_kasan_atomics+0x10/0x10 [ 15.659426] ? __pfx_read_tsc+0x10/0x10 [ 15.659461] ? ktime_get_ts64+0x86/0x230 [ 15.659487] kunit_try_run_case+0x1a5/0x480 [ 15.659542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.659566] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.659591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.659615] ? __kthread_parkme+0x82/0x180 [ 15.659637] ? preempt_count_sub+0x50/0x80 [ 15.659664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.659689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.659744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.659769] kthread+0x337/0x6f0 [ 15.659789] ? trace_preempt_on+0x20/0xc0 [ 15.659814] ? __pfx_kthread+0x10/0x10 [ 15.659835] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.659857] ? calculate_sigpending+0x7b/0xa0 [ 15.659882] ? __pfx_kthread+0x10/0x10 [ 15.659904] ret_from_fork+0x116/0x1d0 [ 15.659923] ? __pfx_kthread+0x10/0x10 [ 15.659944] ret_from_fork_asm+0x1a/0x30 [ 15.659979] </TASK> [ 15.659989] [ 15.668037] Allocated by task 283: [ 15.668224] kasan_save_stack+0x45/0x70 [ 15.668450] kasan_save_track+0x18/0x40 [ 15.668681] kasan_save_alloc_info+0x3b/0x50 [ 15.668913] __kasan_kmalloc+0xb7/0xc0 [ 15.669097] __kmalloc_cache_noprof+0x189/0x420 [ 15.669322] kasan_atomics+0x95/0x310 [ 15.669504] kunit_try_run_case+0x1a5/0x480 [ 15.669870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.670076] kthread+0x337/0x6f0 [ 15.670195] ret_from_fork+0x116/0x1d0 [ 15.670325] ret_from_fork_asm+0x1a/0x30 [ 15.670547] [ 15.670643] The buggy address belongs to the object at ffff8881026f3680 [ 15.670643] which belongs to the cache kmalloc-64 of size 64 [ 15.671160] The buggy address is located 0 bytes to the right of [ 15.671160] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.671696] [ 15.671793] The buggy address belongs to the physical page: [ 15.672040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.672382] flags: 0x200000000000000(node=0|zone=2) [ 15.672619] page_type: f5(slab) [ 15.672785] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.673113] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.673351] page dumped because: kasan: bad access detected [ 15.673526] [ 15.673609] Memory state around the buggy address: [ 15.673843] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.674155] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.674518] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.674822] ^ [ 15.674977] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.675188] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.675394] ================================================================== [ 15.275937] ================================================================== [ 15.276448] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.276838] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.277226] [ 15.277309] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.277349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.277361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.277382] Call Trace: [ 15.277396] <TASK> [ 15.277412] dump_stack_lvl+0x73/0xb0 [ 15.277449] print_report+0xd1/0x610 [ 15.277472] ? __virt_addr_valid+0x1db/0x2d0 [ 15.277495] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.277517] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.277540] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.277563] kasan_report+0x141/0x180 [ 15.277599] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.277628] __asan_report_store8_noabort+0x1b/0x30 [ 15.277654] kasan_atomics_helper+0x50d4/0x5450 [ 15.277678] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.277702] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.277727] ? kasan_atomics+0x152/0x310 [ 15.277755] kasan_atomics+0x1dc/0x310 [ 15.277778] ? __pfx_kasan_atomics+0x10/0x10 [ 15.277803] ? __pfx_read_tsc+0x10/0x10 [ 15.277824] ? ktime_get_ts64+0x86/0x230 [ 15.277849] kunit_try_run_case+0x1a5/0x480 [ 15.277874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.277897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.277921] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.277946] ? __kthread_parkme+0x82/0x180 [ 15.277967] ? preempt_count_sub+0x50/0x80 [ 15.277992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.278018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.278042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.278068] kthread+0x337/0x6f0 [ 15.278087] ? trace_preempt_on+0x20/0xc0 [ 15.278110] ? __pfx_kthread+0x10/0x10 [ 15.278131] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.278154] ? calculate_sigpending+0x7b/0xa0 [ 15.278179] ? __pfx_kthread+0x10/0x10 [ 15.278201] ret_from_fork+0x116/0x1d0 [ 15.278220] ? __pfx_kthread+0x10/0x10 [ 15.278241] ret_from_fork_asm+0x1a/0x30 [ 15.278273] </TASK> [ 15.278284] [ 15.289706] Allocated by task 283: [ 15.289905] kasan_save_stack+0x45/0x70 [ 15.290251] kasan_save_track+0x18/0x40 [ 15.290532] kasan_save_alloc_info+0x3b/0x50 [ 15.290851] __kasan_kmalloc+0xb7/0xc0 [ 15.291006] __kmalloc_cache_noprof+0x189/0x420 [ 15.291229] kasan_atomics+0x95/0x310 [ 15.291413] kunit_try_run_case+0x1a5/0x480 [ 15.291883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.292100] kthread+0x337/0x6f0 [ 15.292275] ret_from_fork+0x116/0x1d0 [ 15.292579] ret_from_fork_asm+0x1a/0x30 [ 15.292899] [ 15.293002] The buggy address belongs to the object at ffff8881026f3680 [ 15.293002] which belongs to the cache kmalloc-64 of size 64 [ 15.293681] The buggy address is located 0 bytes to the right of [ 15.293681] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.294250] [ 15.294333] The buggy address belongs to the physical page: [ 15.294603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.294914] flags: 0x200000000000000(node=0|zone=2) [ 15.295134] page_type: f5(slab) [ 15.295292] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.296012] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.296313] page dumped because: kasan: bad access detected [ 15.296688] [ 15.296790] Memory state around the buggy address: [ 15.296969] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.297403] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.297811] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.298057] ^ [ 15.298390] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.298683] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.299241] ================================================================== [ 15.251278] ================================================================== [ 15.252148] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.252802] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.253404] [ 15.254115] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.254163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.254187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.254209] Call Trace: [ 15.254225] <TASK> [ 15.254240] dump_stack_lvl+0x73/0xb0 [ 15.254270] print_report+0xd1/0x610 [ 15.254293] ? __virt_addr_valid+0x1db/0x2d0 [ 15.254316] ? kasan_atomics_helper+0x1467/0x5450 [ 15.254338] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.254361] ? kasan_atomics_helper+0x1467/0x5450 [ 15.254384] kasan_report+0x141/0x180 [ 15.254406] ? kasan_atomics_helper+0x1467/0x5450 [ 15.254444] kasan_check_range+0x10c/0x1c0 [ 15.254469] __kasan_check_write+0x18/0x20 [ 15.254491] kasan_atomics_helper+0x1467/0x5450 [ 15.254514] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.254537] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.254563] ? kasan_atomics+0x152/0x310 [ 15.254590] kasan_atomics+0x1dc/0x310 [ 15.254612] ? __pfx_kasan_atomics+0x10/0x10 [ 15.254638] ? __pfx_read_tsc+0x10/0x10 [ 15.254660] ? ktime_get_ts64+0x86/0x230 [ 15.254685] kunit_try_run_case+0x1a5/0x480 [ 15.254710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.254733] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.254758] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.254783] ? __kthread_parkme+0x82/0x180 [ 15.254804] ? preempt_count_sub+0x50/0x80 [ 15.254829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.254857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.254882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.254908] kthread+0x337/0x6f0 [ 15.254928] ? trace_preempt_on+0x20/0xc0 [ 15.254952] ? __pfx_kthread+0x10/0x10 [ 15.254973] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.254995] ? calculate_sigpending+0x7b/0xa0 [ 15.255020] ? __pfx_kthread+0x10/0x10 [ 15.255041] ret_from_fork+0x116/0x1d0 [ 15.255060] ? __pfx_kthread+0x10/0x10 [ 15.255081] ret_from_fork_asm+0x1a/0x30 [ 15.255114] </TASK> [ 15.255124] [ 15.268199] Allocated by task 283: [ 15.268343] kasan_save_stack+0x45/0x70 [ 15.268511] kasan_save_track+0x18/0x40 [ 15.268651] kasan_save_alloc_info+0x3b/0x50 [ 15.268802] __kasan_kmalloc+0xb7/0xc0 [ 15.269005] __kmalloc_cache_noprof+0x189/0x420 [ 15.269188] kasan_atomics+0x95/0x310 [ 15.269323] kunit_try_run_case+0x1a5/0x480 [ 15.269511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.269777] kthread+0x337/0x6f0 [ 15.269946] ret_from_fork+0x116/0x1d0 [ 15.270143] ret_from_fork_asm+0x1a/0x30 [ 15.270313] [ 15.270384] The buggy address belongs to the object at ffff8881026f3680 [ 15.270384] which belongs to the cache kmalloc-64 of size 64 [ 15.270830] The buggy address is located 0 bytes to the right of [ 15.270830] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.271492] [ 15.271647] The buggy address belongs to the physical page: [ 15.271902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.272206] flags: 0x200000000000000(node=0|zone=2) [ 15.272396] page_type: f5(slab) [ 15.272580] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.272901] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.273165] page dumped because: kasan: bad access detected [ 15.273368] [ 15.273472] Memory state around the buggy address: [ 15.273700] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.273984] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.274225] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.274569] ^ [ 15.274787] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.275068] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.275333] ================================================================== [ 15.818761] ================================================================== [ 15.819376] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 15.819934] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.820200] [ 15.820315] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.820360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.820374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.820396] Call Trace: [ 15.820414] <TASK> [ 15.820432] dump_stack_lvl+0x73/0xb0 [ 15.820475] print_report+0xd1/0x610 [ 15.820525] ? __virt_addr_valid+0x1db/0x2d0 [ 15.820751] ? kasan_atomics_helper+0x224c/0x5450 [ 15.820775] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.820800] ? kasan_atomics_helper+0x224c/0x5450 [ 15.820823] kasan_report+0x141/0x180 [ 15.820846] ? kasan_atomics_helper+0x224c/0x5450 [ 15.820875] kasan_check_range+0x10c/0x1c0 [ 15.820899] __kasan_check_write+0x18/0x20 [ 15.820919] kasan_atomics_helper+0x224c/0x5450 [ 15.820943] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.820966] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.820992] ? kasan_atomics+0x152/0x310 [ 15.821020] kasan_atomics+0x1dc/0x310 [ 15.821043] ? __pfx_kasan_atomics+0x10/0x10 [ 15.821067] ? __pfx_read_tsc+0x10/0x10 [ 15.821089] ? ktime_get_ts64+0x86/0x230 [ 15.821116] kunit_try_run_case+0x1a5/0x480 [ 15.821152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.821175] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.821199] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.821224] ? __kthread_parkme+0x82/0x180 [ 15.821245] ? preempt_count_sub+0x50/0x80 [ 15.821271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.821296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.821321] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.821345] kthread+0x337/0x6f0 [ 15.821365] ? trace_preempt_on+0x20/0xc0 [ 15.821389] ? __pfx_kthread+0x10/0x10 [ 15.821410] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.821433] ? calculate_sigpending+0x7b/0xa0 [ 15.821469] ? __pfx_kthread+0x10/0x10 [ 15.821491] ret_from_fork+0x116/0x1d0 [ 15.821510] ? __pfx_kthread+0x10/0x10 [ 15.821531] ret_from_fork_asm+0x1a/0x30 [ 15.821582] </TASK> [ 15.821594] [ 15.831855] Allocated by task 283: [ 15.832009] kasan_save_stack+0x45/0x70 [ 15.832290] kasan_save_track+0x18/0x40 [ 15.832491] kasan_save_alloc_info+0x3b/0x50 [ 15.832958] __kasan_kmalloc+0xb7/0xc0 [ 15.833201] __kmalloc_cache_noprof+0x189/0x420 [ 15.833475] kasan_atomics+0x95/0x310 [ 15.833775] kunit_try_run_case+0x1a5/0x480 [ 15.833945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.834326] kthread+0x337/0x6f0 [ 15.834491] ret_from_fork+0x116/0x1d0 [ 15.834822] ret_from_fork_asm+0x1a/0x30 [ 15.834988] [ 15.835150] The buggy address belongs to the object at ffff8881026f3680 [ 15.835150] which belongs to the cache kmalloc-64 of size 64 [ 15.835775] The buggy address is located 0 bytes to the right of [ 15.835775] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.836370] [ 15.836465] The buggy address belongs to the physical page: [ 15.836791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.837280] flags: 0x200000000000000(node=0|zone=2) [ 15.837545] page_type: f5(slab) [ 15.837868] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.838273] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.838598] page dumped because: kasan: bad access detected [ 15.838957] [ 15.839056] Memory state around the buggy address: [ 15.839249] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.839722] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.840062] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.840378] ^ [ 15.840592] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.841071] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.841476] ================================================================== [ 15.317359] ================================================================== [ 15.317703] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.318039] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.318285] [ 15.318363] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.318402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.318414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.318457] Call Trace: [ 15.318470] <TASK> [ 15.318485] dump_stack_lvl+0x73/0xb0 [ 15.318511] print_report+0xd1/0x610 [ 15.318534] ? __virt_addr_valid+0x1db/0x2d0 [ 15.318558] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.318580] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.318604] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.318627] kasan_report+0x141/0x180 [ 15.318649] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.318678] kasan_check_range+0x10c/0x1c0 [ 15.318712] __kasan_check_write+0x18/0x20 [ 15.318732] kasan_atomics_helper+0x15b6/0x5450 [ 15.318757] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.318780] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.318806] ? kasan_atomics+0x152/0x310 [ 15.318834] kasan_atomics+0x1dc/0x310 [ 15.318857] ? __pfx_kasan_atomics+0x10/0x10 [ 15.318882] ? __pfx_read_tsc+0x10/0x10 [ 15.318903] ? ktime_get_ts64+0x86/0x230 [ 15.318928] kunit_try_run_case+0x1a5/0x480 [ 15.318953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.318977] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.319001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.319025] ? __kthread_parkme+0x82/0x180 [ 15.319046] ? preempt_count_sub+0x50/0x80 [ 15.319071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.319096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.319120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.319145] kthread+0x337/0x6f0 [ 15.319164] ? trace_preempt_on+0x20/0xc0 [ 15.319188] ? __pfx_kthread+0x10/0x10 [ 15.319209] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.319231] ? calculate_sigpending+0x7b/0xa0 [ 15.319256] ? __pfx_kthread+0x10/0x10 [ 15.319277] ret_from_fork+0x116/0x1d0 [ 15.319296] ? __pfx_kthread+0x10/0x10 [ 15.319317] ret_from_fork_asm+0x1a/0x30 [ 15.319350] </TASK> [ 15.319360] [ 15.326489] Allocated by task 283: [ 15.326619] kasan_save_stack+0x45/0x70 [ 15.326829] kasan_save_track+0x18/0x40 [ 15.327021] kasan_save_alloc_info+0x3b/0x50 [ 15.327241] __kasan_kmalloc+0xb7/0xc0 [ 15.327428] __kmalloc_cache_noprof+0x189/0x420 [ 15.327773] kasan_atomics+0x95/0x310 [ 15.327944] kunit_try_run_case+0x1a5/0x480 [ 15.328132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.328342] kthread+0x337/0x6f0 [ 15.328481] ret_from_fork+0x116/0x1d0 [ 15.328826] ret_from_fork_asm+0x1a/0x30 [ 15.328995] [ 15.329081] The buggy address belongs to the object at ffff8881026f3680 [ 15.329081] which belongs to the cache kmalloc-64 of size 64 [ 15.329550] The buggy address is located 0 bytes to the right of [ 15.329550] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.330002] [ 15.330075] The buggy address belongs to the physical page: [ 15.330251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.330500] flags: 0x200000000000000(node=0|zone=2) [ 15.330665] page_type: f5(slab) [ 15.330786] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.331018] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.331284] page dumped because: kasan: bad access detected [ 15.331563] [ 15.331658] Memory state around the buggy address: [ 15.331877] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.332192] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.332518] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.333188] ^ [ 15.333451] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.333886] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.334108] ================================================================== [ 15.179907] ================================================================== [ 15.180203] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.180766] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.181058] [ 15.181167] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.181209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.181221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.181242] Call Trace: [ 15.181257] <TASK> [ 15.181273] dump_stack_lvl+0x73/0xb0 [ 15.181300] print_report+0xd1/0x610 [ 15.181322] ? __virt_addr_valid+0x1db/0x2d0 [ 15.181345] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.181366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.181391] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.181611] kasan_report+0x141/0x180 [ 15.181637] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.181665] kasan_check_range+0x10c/0x1c0 [ 15.181690] __kasan_check_write+0x18/0x20 [ 15.181709] kasan_atomics_helper+0x12e6/0x5450 [ 15.181734] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.181757] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.181782] ? kasan_atomics+0x152/0x310 [ 15.181810] kasan_atomics+0x1dc/0x310 [ 15.181833] ? __pfx_kasan_atomics+0x10/0x10 [ 15.181857] ? __pfx_read_tsc+0x10/0x10 [ 15.181879] ? ktime_get_ts64+0x86/0x230 [ 15.181905] kunit_try_run_case+0x1a5/0x480 [ 15.181930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.181952] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.181978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.182002] ? __kthread_parkme+0x82/0x180 [ 15.182022] ? preempt_count_sub+0x50/0x80 [ 15.182047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.182072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.182096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.182121] kthread+0x337/0x6f0 [ 15.182141] ? trace_preempt_on+0x20/0xc0 [ 15.182164] ? __pfx_kthread+0x10/0x10 [ 15.182184] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.182206] ? calculate_sigpending+0x7b/0xa0 [ 15.182231] ? __pfx_kthread+0x10/0x10 [ 15.182253] ret_from_fork+0x116/0x1d0 [ 15.182272] ? __pfx_kthread+0x10/0x10 [ 15.182293] ret_from_fork_asm+0x1a/0x30 [ 15.182326] </TASK> [ 15.182336] [ 15.189741] Allocated by task 283: [ 15.189893] kasan_save_stack+0x45/0x70 [ 15.190092] kasan_save_track+0x18/0x40 [ 15.190230] kasan_save_alloc_info+0x3b/0x50 [ 15.190379] __kasan_kmalloc+0xb7/0xc0 [ 15.190558] __kmalloc_cache_noprof+0x189/0x420 [ 15.190780] kasan_atomics+0x95/0x310 [ 15.190964] kunit_try_run_case+0x1a5/0x480 [ 15.191112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.191323] kthread+0x337/0x6f0 [ 15.191506] ret_from_fork+0x116/0x1d0 [ 15.191864] ret_from_fork_asm+0x1a/0x30 [ 15.192048] [ 15.192120] The buggy address belongs to the object at ffff8881026f3680 [ 15.192120] which belongs to the cache kmalloc-64 of size 64 [ 15.192487] The buggy address is located 0 bytes to the right of [ 15.192487] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.192860] [ 15.192932] The buggy address belongs to the physical page: [ 15.193108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.193353] flags: 0x200000000000000(node=0|zone=2) [ 15.193581] page_type: f5(slab) [ 15.193750] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.194092] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.194423] page dumped because: kasan: bad access detected [ 15.194702] [ 15.194792] Memory state around the buggy address: [ 15.195004] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.195465] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.195772] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.195989] ^ [ 15.196145] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.196363] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.196681] ================================================================== [ 14.731139] ================================================================== [ 14.731491] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.731875] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.732202] [ 14.732305] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.732345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.732357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.732378] Call Trace: [ 14.732390] <TASK> [ 14.732404] dump_stack_lvl+0x73/0xb0 [ 14.732430] print_report+0xd1/0x610 [ 14.732463] ? __virt_addr_valid+0x1db/0x2d0 [ 14.732487] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.732509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.732533] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.732573] kasan_report+0x141/0x180 [ 14.732596] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.732624] kasan_check_range+0x10c/0x1c0 [ 14.732649] __kasan_check_write+0x18/0x20 [ 14.732669] kasan_atomics_helper+0x7c7/0x5450 [ 14.732704] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.732728] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.732754] ? kasan_atomics+0x152/0x310 [ 14.732781] kasan_atomics+0x1dc/0x310 [ 14.732804] ? __pfx_kasan_atomics+0x10/0x10 [ 14.732830] ? __pfx_read_tsc+0x10/0x10 [ 14.732851] ? ktime_get_ts64+0x86/0x230 [ 14.732876] kunit_try_run_case+0x1a5/0x480 [ 14.732901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.732924] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.732949] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.732973] ? __kthread_parkme+0x82/0x180 [ 14.732993] ? preempt_count_sub+0x50/0x80 [ 14.733018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.733042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.733067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.733093] kthread+0x337/0x6f0 [ 14.733112] ? trace_preempt_on+0x20/0xc0 [ 14.733140] ? __pfx_kthread+0x10/0x10 [ 14.733162] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.733184] ? calculate_sigpending+0x7b/0xa0 [ 14.733208] ? __pfx_kthread+0x10/0x10 [ 14.733230] ret_from_fork+0x116/0x1d0 [ 14.733249] ? __pfx_kthread+0x10/0x10 [ 14.733270] ret_from_fork_asm+0x1a/0x30 [ 14.733303] </TASK> [ 14.733313] [ 14.740708] Allocated by task 283: [ 14.740864] kasan_save_stack+0x45/0x70 [ 14.741042] kasan_save_track+0x18/0x40 [ 14.741215] kasan_save_alloc_info+0x3b/0x50 [ 14.741402] __kasan_kmalloc+0xb7/0xc0 [ 14.742161] __kmalloc_cache_noprof+0x189/0x420 [ 14.742582] kasan_atomics+0x95/0x310 [ 14.742916] kunit_try_run_case+0x1a5/0x480 [ 14.743341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.743626] kthread+0x337/0x6f0 [ 14.743973] ret_from_fork+0x116/0x1d0 [ 14.744398] ret_from_fork_asm+0x1a/0x30 [ 14.744558] [ 14.744632] The buggy address belongs to the object at ffff8881026f3680 [ 14.744632] which belongs to the cache kmalloc-64 of size 64 [ 14.744989] The buggy address is located 0 bytes to the right of [ 14.744989] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.745617] [ 14.745781] The buggy address belongs to the physical page: [ 14.746241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.746924] flags: 0x200000000000000(node=0|zone=2) [ 14.747394] page_type: f5(slab) [ 14.747814] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.748653] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.749509] page dumped because: kasan: bad access detected [ 14.749997] [ 14.750192] Memory state around the buggy address: [ 14.750536] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.750885] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.751104] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.751317] ^ [ 14.751571] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.752267] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.752754] ================================================================== [ 15.385325] ================================================================== [ 15.385981] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.386285] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.386630] [ 15.386814] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.386874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.386887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.386923] Call Trace: [ 15.386950] <TASK> [ 15.387193] dump_stack_lvl+0x73/0xb0 [ 15.387228] print_report+0xd1/0x610 [ 15.387252] ? __virt_addr_valid+0x1db/0x2d0 [ 15.387274] ? kasan_atomics_helper+0x177f/0x5450 [ 15.387296] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.387319] ? kasan_atomics_helper+0x177f/0x5450 [ 15.387342] kasan_report+0x141/0x180 [ 15.387365] ? kasan_atomics_helper+0x177f/0x5450 [ 15.387394] kasan_check_range+0x10c/0x1c0 [ 15.387418] __kasan_check_write+0x18/0x20 [ 15.387450] kasan_atomics_helper+0x177f/0x5450 [ 15.387474] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.387497] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.387523] ? kasan_atomics+0x152/0x310 [ 15.387675] kasan_atomics+0x1dc/0x310 [ 15.387698] ? __pfx_kasan_atomics+0x10/0x10 [ 15.387724] ? __pfx_read_tsc+0x10/0x10 [ 15.387745] ? ktime_get_ts64+0x86/0x230 [ 15.387771] kunit_try_run_case+0x1a5/0x480 [ 15.387795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.387818] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.387842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.387866] ? __kthread_parkme+0x82/0x180 [ 15.387887] ? preempt_count_sub+0x50/0x80 [ 15.387912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.387937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.387961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.387987] kthread+0x337/0x6f0 [ 15.388006] ? trace_preempt_on+0x20/0xc0 [ 15.388029] ? __pfx_kthread+0x10/0x10 [ 15.388051] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.388073] ? calculate_sigpending+0x7b/0xa0 [ 15.388098] ? __pfx_kthread+0x10/0x10 [ 15.388120] ret_from_fork+0x116/0x1d0 [ 15.388140] ? __pfx_kthread+0x10/0x10 [ 15.388160] ret_from_fork_asm+0x1a/0x30 [ 15.388193] </TASK> [ 15.388204] [ 15.397974] Allocated by task 283: [ 15.398257] kasan_save_stack+0x45/0x70 [ 15.398467] kasan_save_track+0x18/0x40 [ 15.398643] kasan_save_alloc_info+0x3b/0x50 [ 15.398995] __kasan_kmalloc+0xb7/0xc0 [ 15.399246] __kmalloc_cache_noprof+0x189/0x420 [ 15.399516] kasan_atomics+0x95/0x310 [ 15.399729] kunit_try_run_case+0x1a5/0x480 [ 15.399988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.400210] kthread+0x337/0x6f0 [ 15.400352] ret_from_fork+0x116/0x1d0 [ 15.400526] ret_from_fork_asm+0x1a/0x30 [ 15.400961] [ 15.401036] The buggy address belongs to the object at ffff8881026f3680 [ 15.401036] which belongs to the cache kmalloc-64 of size 64 [ 15.401701] The buggy address is located 0 bytes to the right of [ 15.401701] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.402262] [ 15.402450] The buggy address belongs to the physical page: [ 15.402753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.403138] flags: 0x200000000000000(node=0|zone=2) [ 15.403343] page_type: f5(slab) [ 15.403641] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.403935] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.404235] page dumped because: kasan: bad access detected [ 15.404474] [ 15.404552] Memory state around the buggy address: [ 15.405023] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.405407] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.405728] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.406172] ^ [ 15.406460] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.406782] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.407226] ================================================================== [ 15.490119] ================================================================== [ 15.490497] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.490728] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.491245] [ 15.491348] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.491391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.491403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.491425] Call Trace: [ 15.491472] <TASK> [ 15.491491] dump_stack_lvl+0x73/0xb0 [ 15.491519] print_report+0xd1/0x610 [ 15.491549] ? __virt_addr_valid+0x1db/0x2d0 [ 15.491574] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.491595] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.491619] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.491642] kasan_report+0x141/0x180 [ 15.491683] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.491712] kasan_check_range+0x10c/0x1c0 [ 15.491737] __kasan_check_write+0x18/0x20 [ 15.491757] kasan_atomics_helper+0x1a7f/0x5450 [ 15.491812] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.491834] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.491860] ? kasan_atomics+0x152/0x310 [ 15.491887] kasan_atomics+0x1dc/0x310 [ 15.491910] ? __pfx_kasan_atomics+0x10/0x10 [ 15.491934] ? __pfx_read_tsc+0x10/0x10 [ 15.491957] ? ktime_get_ts64+0x86/0x230 [ 15.491983] kunit_try_run_case+0x1a5/0x480 [ 15.492009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.492033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.492057] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.492082] ? __kthread_parkme+0x82/0x180 [ 15.492102] ? preempt_count_sub+0x50/0x80 [ 15.492129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.492154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.492178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.492205] kthread+0x337/0x6f0 [ 15.492242] ? trace_preempt_on+0x20/0xc0 [ 15.492267] ? __pfx_kthread+0x10/0x10 [ 15.492287] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.492310] ? calculate_sigpending+0x7b/0xa0 [ 15.492335] ? __pfx_kthread+0x10/0x10 [ 15.492357] ret_from_fork+0x116/0x1d0 [ 15.492376] ? __pfx_kthread+0x10/0x10 [ 15.492396] ret_from_fork_asm+0x1a/0x30 [ 15.492465] </TASK> [ 15.492475] [ 15.500144] Allocated by task 283: [ 15.500354] kasan_save_stack+0x45/0x70 [ 15.500580] kasan_save_track+0x18/0x40 [ 15.500775] kasan_save_alloc_info+0x3b/0x50 [ 15.500999] __kasan_kmalloc+0xb7/0xc0 [ 15.501187] __kmalloc_cache_noprof+0x189/0x420 [ 15.501408] kasan_atomics+0x95/0x310 [ 15.501610] kunit_try_run_case+0x1a5/0x480 [ 15.501817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.502316] kthread+0x337/0x6f0 [ 15.502446] ret_from_fork+0x116/0x1d0 [ 15.502693] ret_from_fork_asm+0x1a/0x30 [ 15.502888] [ 15.502972] The buggy address belongs to the object at ffff8881026f3680 [ 15.502972] which belongs to the cache kmalloc-64 of size 64 [ 15.503472] The buggy address is located 0 bytes to the right of [ 15.503472] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.503879] [ 15.503950] The buggy address belongs to the physical page: [ 15.504119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.504475] flags: 0x200000000000000(node=0|zone=2) [ 15.505004] page_type: f5(slab) [ 15.505180] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.505534] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.505772] page dumped because: kasan: bad access detected [ 15.505939] [ 15.506007] Memory state around the buggy address: [ 15.506158] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.506370] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.506590] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.506796] ^ [ 15.506945] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.507425] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.508044] ================================================================== [ 15.142957] ================================================================== [ 15.143293] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.143736] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.143990] [ 15.144074] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.144116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.144128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.144149] Call Trace: [ 15.144163] <TASK> [ 15.144177] dump_stack_lvl+0x73/0xb0 [ 15.144204] print_report+0xd1/0x610 [ 15.144227] ? __virt_addr_valid+0x1db/0x2d0 [ 15.144250] ? kasan_atomics_helper+0x1217/0x5450 [ 15.144272] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.144296] ? kasan_atomics_helper+0x1217/0x5450 [ 15.144318] kasan_report+0x141/0x180 [ 15.144341] ? kasan_atomics_helper+0x1217/0x5450 [ 15.144370] kasan_check_range+0x10c/0x1c0 [ 15.144395] __kasan_check_write+0x18/0x20 [ 15.144414] kasan_atomics_helper+0x1217/0x5450 [ 15.144451] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.144474] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.144499] ? kasan_atomics+0x152/0x310 [ 15.144527] kasan_atomics+0x1dc/0x310 [ 15.144558] ? __pfx_kasan_atomics+0x10/0x10 [ 15.144583] ? __pfx_read_tsc+0x10/0x10 [ 15.144604] ? ktime_get_ts64+0x86/0x230 [ 15.144629] kunit_try_run_case+0x1a5/0x480 [ 15.144653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.144676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.144700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.144725] ? __kthread_parkme+0x82/0x180 [ 15.144745] ? preempt_count_sub+0x50/0x80 [ 15.144770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.144795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.144820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.144846] kthread+0x337/0x6f0 [ 15.144867] ? trace_preempt_on+0x20/0xc0 [ 15.144894] ? __pfx_kthread+0x10/0x10 [ 15.144917] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.144939] ? calculate_sigpending+0x7b/0xa0 [ 15.144963] ? __pfx_kthread+0x10/0x10 [ 15.144986] ret_from_fork+0x116/0x1d0 [ 15.145005] ? __pfx_kthread+0x10/0x10 [ 15.145026] ret_from_fork_asm+0x1a/0x30 [ 15.145059] </TASK> [ 15.145070] [ 15.152382] Allocated by task 283: [ 15.152553] kasan_save_stack+0x45/0x70 [ 15.152863] kasan_save_track+0x18/0x40 [ 15.153057] kasan_save_alloc_info+0x3b/0x50 [ 15.153271] __kasan_kmalloc+0xb7/0xc0 [ 15.153473] __kmalloc_cache_noprof+0x189/0x420 [ 15.153914] kasan_atomics+0x95/0x310 [ 15.154107] kunit_try_run_case+0x1a5/0x480 [ 15.154312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.154622] kthread+0x337/0x6f0 [ 15.154793] ret_from_fork+0x116/0x1d0 [ 15.154980] ret_from_fork_asm+0x1a/0x30 [ 15.155122] [ 15.155192] The buggy address belongs to the object at ffff8881026f3680 [ 15.155192] which belongs to the cache kmalloc-64 of size 64 [ 15.155672] The buggy address is located 0 bytes to the right of [ 15.155672] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.156168] [ 15.156258] The buggy address belongs to the physical page: [ 15.156488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.156931] flags: 0x200000000000000(node=0|zone=2) [ 15.157136] page_type: f5(slab) [ 15.157298] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.157693] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.157976] page dumped because: kasan: bad access detected [ 15.158228] [ 15.158308] Memory state around the buggy address: [ 15.158510] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.158732] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.158950] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.159166] ^ [ 15.159322] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.159599] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.160278] ================================================================== [ 15.578987] ================================================================== [ 15.579319] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 15.579748] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.580134] [ 15.580255] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.580300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.580313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.580335] Call Trace: [ 15.580350] <TASK> [ 15.580364] dump_stack_lvl+0x73/0xb0 [ 15.580420] print_report+0xd1/0x610 [ 15.580454] ? __virt_addr_valid+0x1db/0x2d0 [ 15.580478] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.580500] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.580524] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.580558] kasan_report+0x141/0x180 [ 15.580613] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.580642] kasan_check_range+0x10c/0x1c0 [ 15.580667] __kasan_check_write+0x18/0x20 [ 15.580689] kasan_atomics_helper+0x1ce1/0x5450 [ 15.580713] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.580736] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.580792] ? kasan_atomics+0x152/0x310 [ 15.580820] kasan_atomics+0x1dc/0x310 [ 15.580843] ? __pfx_kasan_atomics+0x10/0x10 [ 15.580868] ? __pfx_read_tsc+0x10/0x10 [ 15.580889] ? ktime_get_ts64+0x86/0x230 [ 15.580944] kunit_try_run_case+0x1a5/0x480 [ 15.580970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.580993] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.581018] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.581043] ? __kthread_parkme+0x82/0x180 [ 15.581063] ? preempt_count_sub+0x50/0x80 [ 15.581088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.581112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.581142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.581168] kthread+0x337/0x6f0 [ 15.581187] ? trace_preempt_on+0x20/0xc0 [ 15.581236] ? __pfx_kthread+0x10/0x10 [ 15.581281] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.581327] ? calculate_sigpending+0x7b/0xa0 [ 15.581375] ? __pfx_kthread+0x10/0x10 [ 15.581455] ret_from_fork+0x116/0x1d0 [ 15.581499] ? __pfx_kthread+0x10/0x10 [ 15.581538] ret_from_fork_asm+0x1a/0x30 [ 15.581572] </TASK> [ 15.581582] [ 15.589712] Allocated by task 283: [ 15.589919] kasan_save_stack+0x45/0x70 [ 15.590090] kasan_save_track+0x18/0x40 [ 15.590279] kasan_save_alloc_info+0x3b/0x50 [ 15.590534] __kasan_kmalloc+0xb7/0xc0 [ 15.590763] __kmalloc_cache_noprof+0x189/0x420 [ 15.591191] kasan_atomics+0x95/0x310 [ 15.591410] kunit_try_run_case+0x1a5/0x480 [ 15.591625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.591870] kthread+0x337/0x6f0 [ 15.592034] ret_from_fork+0x116/0x1d0 [ 15.592216] ret_from_fork_asm+0x1a/0x30 [ 15.592410] [ 15.592601] The buggy address belongs to the object at ffff8881026f3680 [ 15.592601] which belongs to the cache kmalloc-64 of size 64 [ 15.593189] The buggy address is located 0 bytes to the right of [ 15.593189] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.593966] [ 15.594042] The buggy address belongs to the physical page: [ 15.594218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.594538] flags: 0x200000000000000(node=0|zone=2) [ 15.594787] page_type: f5(slab) [ 15.594993] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.595372] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.595961] page dumped because: kasan: bad access detected [ 15.596238] [ 15.596324] Memory state around the buggy address: [ 15.596512] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.596847] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.597182] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.597518] ^ [ 15.597772] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.598089] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.598408] ================================================================== [ 14.490146] ================================================================== [ 14.490632] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.491276] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.491658] [ 14.491898] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.491997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.492008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.492029] Call Trace: [ 14.492045] <TASK> [ 14.492062] dump_stack_lvl+0x73/0xb0 [ 14.492088] print_report+0xd1/0x610 [ 14.492110] ? __virt_addr_valid+0x1db/0x2d0 [ 14.492132] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.492152] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.492175] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.492196] kasan_report+0x141/0x180 [ 14.492218] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.492245] __asan_report_store4_noabort+0x1b/0x30 [ 14.492270] kasan_atomics_helper+0x4ba2/0x5450 [ 14.492293] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.492315] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.492340] ? kasan_atomics+0x152/0x310 [ 14.492366] kasan_atomics+0x1dc/0x310 [ 14.492388] ? __pfx_kasan_atomics+0x10/0x10 [ 14.492412] ? __pfx_read_tsc+0x10/0x10 [ 14.492432] ? ktime_get_ts64+0x86/0x230 [ 14.492467] kunit_try_run_case+0x1a5/0x480 [ 14.492492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.492515] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.492539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.492562] ? __kthread_parkme+0x82/0x180 [ 14.492582] ? preempt_count_sub+0x50/0x80 [ 14.492617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.492642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.492667] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.492691] kthread+0x337/0x6f0 [ 14.492709] ? trace_preempt_on+0x20/0xc0 [ 14.492743] ? __pfx_kthread+0x10/0x10 [ 14.492774] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.492805] ? calculate_sigpending+0x7b/0xa0 [ 14.492830] ? __pfx_kthread+0x10/0x10 [ 14.492851] ret_from_fork+0x116/0x1d0 [ 14.492869] ? __pfx_kthread+0x10/0x10 [ 14.492888] ret_from_fork_asm+0x1a/0x30 [ 14.492920] </TASK> [ 14.492930] [ 14.508969] Allocated by task 283: [ 14.509343] kasan_save_stack+0x45/0x70 [ 14.509858] kasan_save_track+0x18/0x40 [ 14.510069] kasan_save_alloc_info+0x3b/0x50 [ 14.510219] __kasan_kmalloc+0xb7/0xc0 [ 14.510348] __kmalloc_cache_noprof+0x189/0x420 [ 14.510931] kasan_atomics+0x95/0x310 [ 14.511282] kunit_try_run_case+0x1a5/0x480 [ 14.511725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.512347] kthread+0x337/0x6f0 [ 14.512715] ret_from_fork+0x116/0x1d0 [ 14.513104] ret_from_fork_asm+0x1a/0x30 [ 14.513323] [ 14.513392] The buggy address belongs to the object at ffff8881026f3680 [ 14.513392] which belongs to the cache kmalloc-64 of size 64 [ 14.514373] The buggy address is located 0 bytes to the right of [ 14.514373] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.515693] [ 14.515870] The buggy address belongs to the physical page: [ 14.516146] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.516380] flags: 0x200000000000000(node=0|zone=2) [ 14.516949] page_type: f5(slab) [ 14.517263] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.518046] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.518751] page dumped because: kasan: bad access detected [ 14.518921] [ 14.518988] Memory state around the buggy address: [ 14.519138] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.519344] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.519917] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.520800] ^ [ 14.521215] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.521955] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.522779] ================================================================== [ 15.094886] ================================================================== [ 15.095807] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.096121] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.096359] [ 15.096480] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.096523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.096536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.096558] Call Trace: [ 15.096573] <TASK> [ 15.096590] dump_stack_lvl+0x73/0xb0 [ 15.096618] print_report+0xd1/0x610 [ 15.096641] ? __virt_addr_valid+0x1db/0x2d0 [ 15.096664] ? kasan_atomics_helper+0x1148/0x5450 [ 15.096685] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.096708] ? kasan_atomics_helper+0x1148/0x5450 [ 15.096730] kasan_report+0x141/0x180 [ 15.096753] ? kasan_atomics_helper+0x1148/0x5450 [ 15.096781] kasan_check_range+0x10c/0x1c0 [ 15.096806] __kasan_check_write+0x18/0x20 [ 15.096825] kasan_atomics_helper+0x1148/0x5450 [ 15.096849] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.096872] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.096897] ? kasan_atomics+0x152/0x310 [ 15.096925] kasan_atomics+0x1dc/0x310 [ 15.096948] ? __pfx_kasan_atomics+0x10/0x10 [ 15.096973] ? __pfx_read_tsc+0x10/0x10 [ 15.096994] ? ktime_get_ts64+0x86/0x230 [ 15.097020] kunit_try_run_case+0x1a5/0x480 [ 15.097044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.097067] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.097092] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.097116] ? __kthread_parkme+0x82/0x180 [ 15.097143] ? preempt_count_sub+0x50/0x80 [ 15.097167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.097192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.097216] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.097241] kthread+0x337/0x6f0 [ 15.097260] ? trace_preempt_on+0x20/0xc0 [ 15.097283] ? __pfx_kthread+0x10/0x10 [ 15.097305] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.097326] ? calculate_sigpending+0x7b/0xa0 [ 15.097351] ? __pfx_kthread+0x10/0x10 [ 15.097373] ret_from_fork+0x116/0x1d0 [ 15.097392] ? __pfx_kthread+0x10/0x10 [ 15.097412] ret_from_fork_asm+0x1a/0x30 [ 15.097455] </TASK> [ 15.097465] [ 15.111303] Allocated by task 283: [ 15.111451] kasan_save_stack+0x45/0x70 [ 15.111620] kasan_save_track+0x18/0x40 [ 15.111760] kasan_save_alloc_info+0x3b/0x50 [ 15.111911] __kasan_kmalloc+0xb7/0xc0 [ 15.112045] __kmalloc_cache_noprof+0x189/0x420 [ 15.112205] kasan_atomics+0x95/0x310 [ 15.112340] kunit_try_run_case+0x1a5/0x480 [ 15.112499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.112967] kthread+0x337/0x6f0 [ 15.113268] ret_from_fork+0x116/0x1d0 [ 15.113607] ret_from_fork_asm+0x1a/0x30 [ 15.113970] [ 15.114130] The buggy address belongs to the object at ffff8881026f3680 [ 15.114130] which belongs to the cache kmalloc-64 of size 64 [ 15.115191] The buggy address is located 0 bytes to the right of [ 15.115191] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.116384] [ 15.116567] The buggy address belongs to the physical page: [ 15.117030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.117822] flags: 0x200000000000000(node=0|zone=2) [ 15.118267] page_type: f5(slab) [ 15.118433] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.118803] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.119445] page dumped because: kasan: bad access detected [ 15.119953] [ 15.120107] Memory state around the buggy address: [ 15.120530] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.120845] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.121065] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.121292] ^ [ 15.121457] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.121767] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122031] ================================================================== [ 14.713174] ================================================================== [ 14.713412] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 14.713683] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.714016] [ 14.714123] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.714163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.714175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.714197] Call Trace: [ 14.714211] <TASK> [ 14.714226] dump_stack_lvl+0x73/0xb0 [ 14.714251] print_report+0xd1/0x610 [ 14.714273] ? __virt_addr_valid+0x1db/0x2d0 [ 14.714296] ? kasan_atomics_helper+0x72f/0x5450 [ 14.714318] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.714340] ? kasan_atomics_helper+0x72f/0x5450 [ 14.714362] kasan_report+0x141/0x180 [ 14.714384] ? kasan_atomics_helper+0x72f/0x5450 [ 14.714412] kasan_check_range+0x10c/0x1c0 [ 14.714446] __kasan_check_write+0x18/0x20 [ 14.714465] kasan_atomics_helper+0x72f/0x5450 [ 14.714488] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.714511] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.714536] ? kasan_atomics+0x152/0x310 [ 14.714562] kasan_atomics+0x1dc/0x310 [ 14.714584] ? __pfx_kasan_atomics+0x10/0x10 [ 14.714608] ? __pfx_read_tsc+0x10/0x10 [ 14.714628] ? ktime_get_ts64+0x86/0x230 [ 14.714651] kunit_try_run_case+0x1a5/0x480 [ 14.714675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.714697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.714720] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.714743] ? __kthread_parkme+0x82/0x180 [ 14.714762] ? preempt_count_sub+0x50/0x80 [ 14.714786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.714810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.714833] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.714856] kthread+0x337/0x6f0 [ 14.714876] ? trace_preempt_on+0x20/0xc0 [ 14.714898] ? __pfx_kthread+0x10/0x10 [ 14.714919] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.714940] ? calculate_sigpending+0x7b/0xa0 [ 14.714963] ? __pfx_kthread+0x10/0x10 [ 14.714985] ret_from_fork+0x116/0x1d0 [ 14.715003] ? __pfx_kthread+0x10/0x10 [ 14.715023] ret_from_fork_asm+0x1a/0x30 [ 14.715073] </TASK> [ 14.715082] [ 14.723546] Allocated by task 283: [ 14.723716] kasan_save_stack+0x45/0x70 [ 14.723892] kasan_save_track+0x18/0x40 [ 14.724061] kasan_save_alloc_info+0x3b/0x50 [ 14.724215] __kasan_kmalloc+0xb7/0xc0 [ 14.724348] __kmalloc_cache_noprof+0x189/0x420 [ 14.724514] kasan_atomics+0x95/0x310 [ 14.724648] kunit_try_run_case+0x1a5/0x480 [ 14.724796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.725010] kthread+0x337/0x6f0 [ 14.725183] ret_from_fork+0x116/0x1d0 [ 14.725367] ret_from_fork_asm+0x1a/0x30 [ 14.725582] [ 14.725681] The buggy address belongs to the object at ffff8881026f3680 [ 14.725681] which belongs to the cache kmalloc-64 of size 64 [ 14.726460] The buggy address is located 0 bytes to the right of [ 14.726460] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.726981] [ 14.727076] The buggy address belongs to the physical page: [ 14.727280] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.727688] flags: 0x200000000000000(node=0|zone=2) [ 14.727901] page_type: f5(slab) [ 14.728055] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.728288] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.728524] page dumped because: kasan: bad access detected [ 14.728695] [ 14.728765] Memory state around the buggy address: [ 14.728920] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.729141] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.729360] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.729657] ^ [ 14.730001] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.730315] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.730636] ================================================================== [ 14.836311] ================================================================== [ 14.836757] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 14.837192] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.837503] [ 14.837703] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.837765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.837778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.837800] Call Trace: [ 14.837816] <TASK> [ 14.837832] dump_stack_lvl+0x73/0xb0 [ 14.837860] print_report+0xd1/0x610 [ 14.837883] ? __virt_addr_valid+0x1db/0x2d0 [ 14.837907] ? kasan_atomics_helper+0xac7/0x5450 [ 14.837961] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.837986] ? kasan_atomics_helper+0xac7/0x5450 [ 14.838009] kasan_report+0x141/0x180 [ 14.838047] ? kasan_atomics_helper+0xac7/0x5450 [ 14.838075] kasan_check_range+0x10c/0x1c0 [ 14.838126] __kasan_check_write+0x18/0x20 [ 14.838146] kasan_atomics_helper+0xac7/0x5450 [ 14.838170] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.838205] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.838231] ? kasan_atomics+0x152/0x310 [ 14.838284] kasan_atomics+0x1dc/0x310 [ 14.838308] ? __pfx_kasan_atomics+0x10/0x10 [ 14.838332] ? __pfx_read_tsc+0x10/0x10 [ 14.838365] ? ktime_get_ts64+0x86/0x230 [ 14.838426] kunit_try_run_case+0x1a5/0x480 [ 14.838463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.838486] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.838538] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.838581] ? __kthread_parkme+0x82/0x180 [ 14.838611] ? preempt_count_sub+0x50/0x80 [ 14.838635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.838670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.838696] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.838721] kthread+0x337/0x6f0 [ 14.838757] ? trace_preempt_on+0x20/0xc0 [ 14.838790] ? __pfx_kthread+0x10/0x10 [ 14.838811] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.838834] ? calculate_sigpending+0x7b/0xa0 [ 14.838869] ? __pfx_kthread+0x10/0x10 [ 14.838891] ret_from_fork+0x116/0x1d0 [ 14.838936] ? __pfx_kthread+0x10/0x10 [ 14.838958] ret_from_fork_asm+0x1a/0x30 [ 14.839001] </TASK> [ 14.839011] [ 14.847432] Allocated by task 283: [ 14.847673] kasan_save_stack+0x45/0x70 [ 14.847912] kasan_save_track+0x18/0x40 [ 14.848123] kasan_save_alloc_info+0x3b/0x50 [ 14.848340] __kasan_kmalloc+0xb7/0xc0 [ 14.848562] __kmalloc_cache_noprof+0x189/0x420 [ 14.848787] kasan_atomics+0x95/0x310 [ 14.848972] kunit_try_run_case+0x1a5/0x480 [ 14.849173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.849428] kthread+0x337/0x6f0 [ 14.849661] ret_from_fork+0x116/0x1d0 [ 14.849844] ret_from_fork_asm+0x1a/0x30 [ 14.850078] [ 14.850192] The buggy address belongs to the object at ffff8881026f3680 [ 14.850192] which belongs to the cache kmalloc-64 of size 64 [ 14.850793] The buggy address is located 0 bytes to the right of [ 14.850793] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.851391] [ 14.851509] The buggy address belongs to the physical page: [ 14.851807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.852192] flags: 0x200000000000000(node=0|zone=2) [ 14.852429] page_type: f5(slab) [ 14.852674] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.853105] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.853470] page dumped because: kasan: bad access detected [ 14.853753] [ 14.853846] Memory state around the buggy address: [ 14.854067] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.854386] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.854738] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.854956] ^ [ 14.855113] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.855477] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.855826] ================================================================== [ 15.535656] ================================================================== [ 15.535978] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 15.536371] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.536838] [ 15.536970] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.537015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.537028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.537050] Call Trace: [ 15.537066] <TASK> [ 15.537085] dump_stack_lvl+0x73/0xb0 [ 15.537113] print_report+0xd1/0x610 [ 15.537206] ? __virt_addr_valid+0x1db/0x2d0 [ 15.537244] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.537266] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.537291] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.537314] kasan_report+0x141/0x180 [ 15.537337] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.537366] kasan_check_range+0x10c/0x1c0 [ 15.537390] __kasan_check_write+0x18/0x20 [ 15.537410] kasan_atomics_helper+0x1c18/0x5450 [ 15.537443] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.537467] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.537493] ? kasan_atomics+0x152/0x310 [ 15.537520] kasan_atomics+0x1dc/0x310 [ 15.537562] ? __pfx_kasan_atomics+0x10/0x10 [ 15.537588] ? __pfx_read_tsc+0x10/0x10 [ 15.537609] ? ktime_get_ts64+0x86/0x230 [ 15.537635] kunit_try_run_case+0x1a5/0x480 [ 15.537660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.537682] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.537707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.537732] ? __kthread_parkme+0x82/0x180 [ 15.537753] ? preempt_count_sub+0x50/0x80 [ 15.537777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.537802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.537827] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.537852] kthread+0x337/0x6f0 [ 15.537871] ? trace_preempt_on+0x20/0xc0 [ 15.537894] ? __pfx_kthread+0x10/0x10 [ 15.537915] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.537937] ? calculate_sigpending+0x7b/0xa0 [ 15.537962] ? __pfx_kthread+0x10/0x10 [ 15.537984] ret_from_fork+0x116/0x1d0 [ 15.538002] ? __pfx_kthread+0x10/0x10 [ 15.538023] ret_from_fork_asm+0x1a/0x30 [ 15.538056] </TASK> [ 15.538067] [ 15.548317] Allocated by task 283: [ 15.548792] kasan_save_stack+0x45/0x70 [ 15.549071] kasan_save_track+0x18/0x40 [ 15.549350] kasan_save_alloc_info+0x3b/0x50 [ 15.549733] __kasan_kmalloc+0xb7/0xc0 [ 15.549960] __kmalloc_cache_noprof+0x189/0x420 [ 15.550283] kasan_atomics+0x95/0x310 [ 15.550491] kunit_try_run_case+0x1a5/0x480 [ 15.550918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.551267] kthread+0x337/0x6f0 [ 15.551553] ret_from_fork+0x116/0x1d0 [ 15.551715] ret_from_fork_asm+0x1a/0x30 [ 15.552056] [ 15.552179] The buggy address belongs to the object at ffff8881026f3680 [ 15.552179] which belongs to the cache kmalloc-64 of size 64 [ 15.552856] The buggy address is located 0 bytes to the right of [ 15.552856] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.553576] [ 15.553685] The buggy address belongs to the physical page: [ 15.554002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.554354] flags: 0x200000000000000(node=0|zone=2) [ 15.554831] page_type: f5(slab) [ 15.554995] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.555355] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.555835] page dumped because: kasan: bad access detected [ 15.556117] [ 15.556221] Memory state around the buggy address: [ 15.556462] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.557064] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.557378] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.557850] ^ [ 15.558156] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.558597] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.558982] ================================================================== [ 14.988775] ================================================================== [ 14.989187] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 14.989565] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.989934] [ 14.990017] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.990057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.990069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.990089] Call Trace: [ 14.990100] <TASK> [ 14.990114] dump_stack_lvl+0x73/0xb0 [ 14.990141] print_report+0xd1/0x610 [ 14.990163] ? __virt_addr_valid+0x1db/0x2d0 [ 14.990186] ? kasan_atomics_helper+0xf10/0x5450 [ 14.990207] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.990231] ? kasan_atomics_helper+0xf10/0x5450 [ 14.990254] kasan_report+0x141/0x180 [ 14.990277] ? kasan_atomics_helper+0xf10/0x5450 [ 14.990304] kasan_check_range+0x10c/0x1c0 [ 14.990329] __kasan_check_write+0x18/0x20 [ 14.990349] kasan_atomics_helper+0xf10/0x5450 [ 14.990372] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.990397] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.990424] ? kasan_atomics+0x152/0x310 [ 14.990464] kasan_atomics+0x1dc/0x310 [ 14.990488] ? __pfx_kasan_atomics+0x10/0x10 [ 14.990513] ? __pfx_read_tsc+0x10/0x10 [ 14.990533] ? ktime_get_ts64+0x86/0x230 [ 14.990558] kunit_try_run_case+0x1a5/0x480 [ 14.990584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.990607] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.990632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.990658] ? __kthread_parkme+0x82/0x180 [ 14.990678] ? preempt_count_sub+0x50/0x80 [ 14.990703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.990728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.990753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.990779] kthread+0x337/0x6f0 [ 14.990798] ? trace_preempt_on+0x20/0xc0 [ 14.990821] ? __pfx_kthread+0x10/0x10 [ 14.990843] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.990865] ? calculate_sigpending+0x7b/0xa0 [ 14.990890] ? __pfx_kthread+0x10/0x10 [ 14.990912] ret_from_fork+0x116/0x1d0 [ 14.990931] ? __pfx_kthread+0x10/0x10 [ 14.990952] ret_from_fork_asm+0x1a/0x30 [ 14.990985] </TASK> [ 14.990995] [ 14.998616] Allocated by task 283: [ 14.998760] kasan_save_stack+0x45/0x70 [ 14.998908] kasan_save_track+0x18/0x40 [ 14.999044] kasan_save_alloc_info+0x3b/0x50 [ 14.999193] __kasan_kmalloc+0xb7/0xc0 [ 14.999324] __kmalloc_cache_noprof+0x189/0x420 [ 14.999508] kasan_atomics+0x95/0x310 [ 14.999734] kunit_try_run_case+0x1a5/0x480 [ 14.999940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.000190] kthread+0x337/0x6f0 [ 15.000355] ret_from_fork+0x116/0x1d0 [ 15.000571] ret_from_fork_asm+0x1a/0x30 [ 15.000767] [ 15.000861] The buggy address belongs to the object at ffff8881026f3680 [ 15.000861] which belongs to the cache kmalloc-64 of size 64 [ 15.001332] The buggy address is located 0 bytes to the right of [ 15.001332] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.001728] [ 15.001826] The buggy address belongs to the physical page: [ 15.002108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.002486] flags: 0x200000000000000(node=0|zone=2) [ 15.002742] page_type: f5(slab) [ 15.002938] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.003279] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.003634] page dumped because: kasan: bad access detected [ 15.003873] [ 15.003959] Memory state around the buggy address: [ 15.004173] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.004462] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.004758] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.004971] ^ [ 15.005131] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.005471] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.005815] ================================================================== [ 14.753900] ================================================================== [ 14.754593] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 14.755261] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.755916] [ 14.756107] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.756153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.756166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.756189] Call Trace: [ 14.756205] <TASK> [ 14.756222] dump_stack_lvl+0x73/0xb0 [ 14.756250] print_report+0xd1/0x610 [ 14.756273] ? __virt_addr_valid+0x1db/0x2d0 [ 14.756313] ? kasan_atomics_helper+0x860/0x5450 [ 14.756335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.756359] ? kasan_atomics_helper+0x860/0x5450 [ 14.756382] kasan_report+0x141/0x180 [ 14.756405] ? kasan_atomics_helper+0x860/0x5450 [ 14.756432] kasan_check_range+0x10c/0x1c0 [ 14.756467] __kasan_check_write+0x18/0x20 [ 14.756487] kasan_atomics_helper+0x860/0x5450 [ 14.756511] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.756553] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.756578] ? kasan_atomics+0x152/0x310 [ 14.756606] kasan_atomics+0x1dc/0x310 [ 14.756629] ? __pfx_kasan_atomics+0x10/0x10 [ 14.756654] ? __pfx_read_tsc+0x10/0x10 [ 14.756676] ? ktime_get_ts64+0x86/0x230 [ 14.756701] kunit_try_run_case+0x1a5/0x480 [ 14.756726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.756751] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.756776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.756800] ? __kthread_parkme+0x82/0x180 [ 14.756820] ? preempt_count_sub+0x50/0x80 [ 14.756845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.756870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.756894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.756919] kthread+0x337/0x6f0 [ 14.756938] ? trace_preempt_on+0x20/0xc0 [ 14.756961] ? __pfx_kthread+0x10/0x10 [ 14.756982] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.757004] ? calculate_sigpending+0x7b/0xa0 [ 14.757029] ? __pfx_kthread+0x10/0x10 [ 14.757051] ret_from_fork+0x116/0x1d0 [ 14.757070] ? __pfx_kthread+0x10/0x10 [ 14.757091] ret_from_fork_asm+0x1a/0x30 [ 14.757124] </TASK> [ 14.757138] [ 14.767636] Allocated by task 283: [ 14.767811] kasan_save_stack+0x45/0x70 [ 14.767974] kasan_save_track+0x18/0x40 [ 14.768164] kasan_save_alloc_info+0x3b/0x50 [ 14.768373] __kasan_kmalloc+0xb7/0xc0 [ 14.768618] __kmalloc_cache_noprof+0x189/0x420 [ 14.768816] kasan_atomics+0x95/0x310 [ 14.768951] kunit_try_run_case+0x1a5/0x480 [ 14.769137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.769391] kthread+0x337/0x6f0 [ 14.769622] ret_from_fork+0x116/0x1d0 [ 14.769829] ret_from_fork_asm+0x1a/0x30 [ 14.770027] [ 14.770121] The buggy address belongs to the object at ffff8881026f3680 [ 14.770121] which belongs to the cache kmalloc-64 of size 64 [ 14.770661] The buggy address is located 0 bytes to the right of [ 14.770661] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.771171] [ 14.771262] The buggy address belongs to the physical page: [ 14.771544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.771875] flags: 0x200000000000000(node=0|zone=2) [ 14.772092] page_type: f5(slab) [ 14.772301] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.773712] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.774256] page dumped because: kasan: bad access detected [ 14.774450] [ 14.774524] Memory state around the buggy address: [ 14.774797] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.775351] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.775800] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.776021] ^ [ 14.776180] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.776400] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.776633] ================================================================== [ 14.966601] ================================================================== [ 14.967249] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 14.967954] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.968409] [ 14.968506] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.968572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.968585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.968606] Call Trace: [ 14.968621] <TASK> [ 14.968647] dump_stack_lvl+0x73/0xb0 [ 14.968676] print_report+0xd1/0x610 [ 14.968699] ? __virt_addr_valid+0x1db/0x2d0 [ 14.968742] ? kasan_atomics_helper+0xe78/0x5450 [ 14.968764] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.968788] ? kasan_atomics_helper+0xe78/0x5450 [ 14.968822] kasan_report+0x141/0x180 [ 14.968845] ? kasan_atomics_helper+0xe78/0x5450 [ 14.968873] kasan_check_range+0x10c/0x1c0 [ 14.968898] __kasan_check_write+0x18/0x20 [ 14.968918] kasan_atomics_helper+0xe78/0x5450 [ 14.968942] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.968965] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.968991] ? kasan_atomics+0x152/0x310 [ 14.969018] kasan_atomics+0x1dc/0x310 [ 14.969041] ? __pfx_kasan_atomics+0x10/0x10 [ 14.969066] ? __pfx_read_tsc+0x10/0x10 [ 14.969088] ? ktime_get_ts64+0x86/0x230 [ 14.969113] kunit_try_run_case+0x1a5/0x480 [ 14.969140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.969164] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.969188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.969213] ? __kthread_parkme+0x82/0x180 [ 14.969233] ? preempt_count_sub+0x50/0x80 [ 14.969259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.969284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.969309] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.969334] kthread+0x337/0x6f0 [ 14.969354] ? trace_preempt_on+0x20/0xc0 [ 14.969377] ? __pfx_kthread+0x10/0x10 [ 14.969398] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.969421] ? calculate_sigpending+0x7b/0xa0 [ 14.969455] ? __pfx_kthread+0x10/0x10 [ 14.969478] ret_from_fork+0x116/0x1d0 [ 14.969497] ? __pfx_kthread+0x10/0x10 [ 14.969536] ret_from_fork_asm+0x1a/0x30 [ 14.969570] </TASK> [ 14.969580] [ 14.980639] Allocated by task 283: [ 14.980826] kasan_save_stack+0x45/0x70 [ 14.980972] kasan_save_track+0x18/0x40 [ 14.981109] kasan_save_alloc_info+0x3b/0x50 [ 14.981310] __kasan_kmalloc+0xb7/0xc0 [ 14.981542] __kmalloc_cache_noprof+0x189/0x420 [ 14.981764] kasan_atomics+0x95/0x310 [ 14.981948] kunit_try_run_case+0x1a5/0x480 [ 14.982108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.982338] kthread+0x337/0x6f0 [ 14.982539] ret_from_fork+0x116/0x1d0 [ 14.982742] ret_from_fork_asm+0x1a/0x30 [ 14.982945] [ 14.983026] The buggy address belongs to the object at ffff8881026f3680 [ 14.983026] which belongs to the cache kmalloc-64 of size 64 [ 14.983583] The buggy address is located 0 bytes to the right of [ 14.983583] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.984087] [ 14.984195] The buggy address belongs to the physical page: [ 14.984432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.984765] flags: 0x200000000000000(node=0|zone=2) [ 14.984928] page_type: f5(slab) [ 14.985047] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.985376] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.985739] page dumped because: kasan: bad access detected [ 14.985996] [ 14.986089] Memory state around the buggy address: [ 14.986314] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.986655] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.986919] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.987135] ^ [ 14.987364] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.987737] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.988050] ================================================================== [ 14.817157] ================================================================== [ 14.817625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 14.817954] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.818295] [ 14.818432] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.818513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.818558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.818588] Call Trace: [ 14.818601] <TASK> [ 14.818615] dump_stack_lvl+0x73/0xb0 [ 14.818655] print_report+0xd1/0x610 [ 14.818676] ? __virt_addr_valid+0x1db/0x2d0 [ 14.818700] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.818722] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.818746] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.818768] kasan_report+0x141/0x180 [ 14.818791] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.818819] kasan_check_range+0x10c/0x1c0 [ 14.818844] __kasan_check_write+0x18/0x20 [ 14.818863] kasan_atomics_helper+0xa2b/0x5450 [ 14.818887] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.818910] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.818935] ? kasan_atomics+0x152/0x310 [ 14.818964] kasan_atomics+0x1dc/0x310 [ 14.818986] ? __pfx_kasan_atomics+0x10/0x10 [ 14.819011] ? __pfx_read_tsc+0x10/0x10 [ 14.819032] ? ktime_get_ts64+0x86/0x230 [ 14.819059] kunit_try_run_case+0x1a5/0x480 [ 14.819084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.819107] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.819132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.819157] ? __kthread_parkme+0x82/0x180 [ 14.819178] ? preempt_count_sub+0x50/0x80 [ 14.819203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.819228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.819253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.819279] kthread+0x337/0x6f0 [ 14.819298] ? trace_preempt_on+0x20/0xc0 [ 14.819322] ? __pfx_kthread+0x10/0x10 [ 14.819343] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.819366] ? calculate_sigpending+0x7b/0xa0 [ 14.819390] ? __pfx_kthread+0x10/0x10 [ 14.819414] ret_from_fork+0x116/0x1d0 [ 14.819470] ? __pfx_kthread+0x10/0x10 [ 14.819491] ret_from_fork_asm+0x1a/0x30 [ 14.819549] </TASK> [ 14.819559] [ 14.827848] Allocated by task 283: [ 14.828015] kasan_save_stack+0x45/0x70 [ 14.828254] kasan_save_track+0x18/0x40 [ 14.828504] kasan_save_alloc_info+0x3b/0x50 [ 14.828761] __kasan_kmalloc+0xb7/0xc0 [ 14.828973] __kmalloc_cache_noprof+0x189/0x420 [ 14.829195] kasan_atomics+0x95/0x310 [ 14.829346] kunit_try_run_case+0x1a5/0x480 [ 14.829504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.829820] kthread+0x337/0x6f0 [ 14.830046] ret_from_fork+0x116/0x1d0 [ 14.830247] ret_from_fork_asm+0x1a/0x30 [ 14.830464] [ 14.830591] The buggy address belongs to the object at ffff8881026f3680 [ 14.830591] which belongs to the cache kmalloc-64 of size 64 [ 14.831138] The buggy address is located 0 bytes to the right of [ 14.831138] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.831716] [ 14.831793] The buggy address belongs to the physical page: [ 14.831968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.832237] flags: 0x200000000000000(node=0|zone=2) [ 14.832481] page_type: f5(slab) [ 14.832713] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.833134] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.833504] page dumped because: kasan: bad access detected [ 14.833750] [ 14.833820] Memory state around the buggy address: [ 14.833971] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.834265] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.834594] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.834901] ^ [ 14.835119] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.835489] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.835821] ================================================================== [ 15.471369] ================================================================== [ 15.471996] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.472326] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.472727] [ 15.472812] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.472856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.472868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.472891] Call Trace: [ 15.472906] <TASK> [ 15.472921] dump_stack_lvl+0x73/0xb0 [ 15.472947] print_report+0xd1/0x610 [ 15.472969] ? __virt_addr_valid+0x1db/0x2d0 [ 15.472992] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.473015] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.473040] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.473063] kasan_report+0x141/0x180 [ 15.473086] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.473114] kasan_check_range+0x10c/0x1c0 [ 15.473145] __kasan_check_write+0x18/0x20 [ 15.473174] kasan_atomics_helper+0x19e3/0x5450 [ 15.473198] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.473221] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.473246] ? kasan_atomics+0x152/0x310 [ 15.473275] kasan_atomics+0x1dc/0x310 [ 15.473298] ? __pfx_kasan_atomics+0x10/0x10 [ 15.473323] ? __pfx_read_tsc+0x10/0x10 [ 15.473343] ? ktime_get_ts64+0x86/0x230 [ 15.473380] kunit_try_run_case+0x1a5/0x480 [ 15.473405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.473429] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.473462] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.473488] ? __kthread_parkme+0x82/0x180 [ 15.473508] ? preempt_count_sub+0x50/0x80 [ 15.473532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.473558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.473582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.473607] kthread+0x337/0x6f0 [ 15.473652] ? trace_preempt_on+0x20/0xc0 [ 15.473677] ? __pfx_kthread+0x10/0x10 [ 15.473698] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.473720] ? calculate_sigpending+0x7b/0xa0 [ 15.473745] ? __pfx_kthread+0x10/0x10 [ 15.473767] ret_from_fork+0x116/0x1d0 [ 15.473785] ? __pfx_kthread+0x10/0x10 [ 15.473806] ret_from_fork_asm+0x1a/0x30 [ 15.473855] </TASK> [ 15.473865] [ 15.481513] Allocated by task 283: [ 15.481682] kasan_save_stack+0x45/0x70 [ 15.481897] kasan_save_track+0x18/0x40 [ 15.482089] kasan_save_alloc_info+0x3b/0x50 [ 15.482319] __kasan_kmalloc+0xb7/0xc0 [ 15.482528] __kmalloc_cache_noprof+0x189/0x420 [ 15.482755] kasan_atomics+0x95/0x310 [ 15.482937] kunit_try_run_case+0x1a5/0x480 [ 15.483136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.483386] kthread+0x337/0x6f0 [ 15.483564] ret_from_fork+0x116/0x1d0 [ 15.483720] ret_from_fork_asm+0x1a/0x30 [ 15.483856] [ 15.483925] The buggy address belongs to the object at ffff8881026f3680 [ 15.483925] which belongs to the cache kmalloc-64 of size 64 [ 15.484679] The buggy address is located 0 bytes to the right of [ 15.484679] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.485221] [ 15.485317] The buggy address belongs to the physical page: [ 15.485585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.485898] flags: 0x200000000000000(node=0|zone=2) [ 15.486149] page_type: f5(slab) [ 15.486300] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.486664] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.486932] page dumped because: kasan: bad access detected [ 15.487183] [ 15.487293] Memory state around the buggy address: [ 15.487533] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.487846] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.488174] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.488490] ^ [ 15.488706] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.489306] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.489525] ================================================================== [ 14.641257] ================================================================== [ 14.641763] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 14.642486] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.642814] [ 14.642902] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.642945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.642958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.642981] Call Trace: [ 14.642995] <TASK> [ 14.643011] dump_stack_lvl+0x73/0xb0 [ 14.643051] print_report+0xd1/0x610 [ 14.643074] ? __virt_addr_valid+0x1db/0x2d0 [ 14.643097] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.643119] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.643143] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.643166] kasan_report+0x141/0x180 [ 14.643189] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.643217] __asan_report_store4_noabort+0x1b/0x30 [ 14.643243] kasan_atomics_helper+0x4b3a/0x5450 [ 14.643268] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.643291] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.643316] ? kasan_atomics+0x152/0x310 [ 14.643343] kasan_atomics+0x1dc/0x310 [ 14.643366] ? __pfx_kasan_atomics+0x10/0x10 [ 14.643392] ? __pfx_read_tsc+0x10/0x10 [ 14.643414] ? ktime_get_ts64+0x86/0x230 [ 14.643450] kunit_try_run_case+0x1a5/0x480 [ 14.643475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.643498] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.643522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.643557] ? __kthread_parkme+0x82/0x180 [ 14.643577] ? preempt_count_sub+0x50/0x80 [ 14.643602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.643626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.643651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.643676] kthread+0x337/0x6f0 [ 14.643695] ? trace_preempt_on+0x20/0xc0 [ 14.643718] ? __pfx_kthread+0x10/0x10 [ 14.643739] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.643761] ? calculate_sigpending+0x7b/0xa0 [ 14.643786] ? __pfx_kthread+0x10/0x10 [ 14.643808] ret_from_fork+0x116/0x1d0 [ 14.643826] ? __pfx_kthread+0x10/0x10 [ 14.643847] ret_from_fork_asm+0x1a/0x30 [ 14.643880] </TASK> [ 14.643890] [ 14.651169] Allocated by task 283: [ 14.651297] kasan_save_stack+0x45/0x70 [ 14.651472] kasan_save_track+0x18/0x40 [ 14.651819] kasan_save_alloc_info+0x3b/0x50 [ 14.652032] __kasan_kmalloc+0xb7/0xc0 [ 14.652215] __kmalloc_cache_noprof+0x189/0x420 [ 14.652373] kasan_atomics+0x95/0x310 [ 14.652519] kunit_try_run_case+0x1a5/0x480 [ 14.652735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.652991] kthread+0x337/0x6f0 [ 14.653165] ret_from_fork+0x116/0x1d0 [ 14.653332] ret_from_fork_asm+0x1a/0x30 [ 14.653538] [ 14.653634] The buggy address belongs to the object at ffff8881026f3680 [ 14.653634] which belongs to the cache kmalloc-64 of size 64 [ 14.654084] The buggy address is located 0 bytes to the right of [ 14.654084] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.654620] [ 14.654712] The buggy address belongs to the physical page: [ 14.654950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.655262] flags: 0x200000000000000(node=0|zone=2) [ 14.655485] page_type: f5(slab) [ 14.655651] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.655886] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.656115] page dumped because: kasan: bad access detected [ 14.656287] [ 14.656357] Memory state around the buggy address: [ 14.656638] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.656962] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.657283] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.657681] ^ [ 14.657849] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.658069] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.658285] ================================================================== [ 14.457097] ================================================================== [ 14.458555] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.458815] Read of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.459040] [ 14.459130] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.459176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.459187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.459209] Call Trace: [ 14.459223] <TASK> [ 14.459240] dump_stack_lvl+0x73/0xb0 [ 14.459268] print_report+0xd1/0x610 [ 14.459290] ? __virt_addr_valid+0x1db/0x2d0 [ 14.459313] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.459333] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.459356] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.459378] kasan_report+0x141/0x180 [ 14.459400] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.459427] __asan_report_load4_noabort+0x18/0x20 [ 14.459489] kasan_atomics_helper+0x4bbc/0x5450 [ 14.459512] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.459551] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.459577] ? kasan_atomics+0x152/0x310 [ 14.459603] kasan_atomics+0x1dc/0x310 [ 14.459625] ? __pfx_kasan_atomics+0x10/0x10 [ 14.459649] ? __pfx_read_tsc+0x10/0x10 [ 14.459670] ? ktime_get_ts64+0x86/0x230 [ 14.459695] kunit_try_run_case+0x1a5/0x480 [ 14.459720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.459742] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.459767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.459792] ? __kthread_parkme+0x82/0x180 [ 14.459836] ? preempt_count_sub+0x50/0x80 [ 14.459861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.459884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.459908] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.459932] kthread+0x337/0x6f0 [ 14.459951] ? trace_preempt_on+0x20/0xc0 [ 14.459974] ? __pfx_kthread+0x10/0x10 [ 14.459994] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.460015] ? calculate_sigpending+0x7b/0xa0 [ 14.460039] ? __pfx_kthread+0x10/0x10 [ 14.460060] ret_from_fork+0x116/0x1d0 [ 14.460079] ? __pfx_kthread+0x10/0x10 [ 14.460099] ret_from_fork_asm+0x1a/0x30 [ 14.460133] </TASK> [ 14.460144] [ 14.474894] Allocated by task 283: [ 14.475132] kasan_save_stack+0x45/0x70 [ 14.475537] kasan_save_track+0x18/0x40 [ 14.475997] kasan_save_alloc_info+0x3b/0x50 [ 14.476397] __kasan_kmalloc+0xb7/0xc0 [ 14.476904] __kmalloc_cache_noprof+0x189/0x420 [ 14.477073] kasan_atomics+0x95/0x310 [ 14.477214] kunit_try_run_case+0x1a5/0x480 [ 14.477360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.477947] kthread+0x337/0x6f0 [ 14.478349] ret_from_fork+0x116/0x1d0 [ 14.478755] ret_from_fork_asm+0x1a/0x30 [ 14.479227] [ 14.479424] The buggy address belongs to the object at ffff8881026f3680 [ 14.479424] which belongs to the cache kmalloc-64 of size 64 [ 14.480667] The buggy address is located 0 bytes to the right of [ 14.480667] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.481377] [ 14.481748] The buggy address belongs to the physical page: [ 14.482242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.483056] flags: 0x200000000000000(node=0|zone=2) [ 14.483232] page_type: f5(slab) [ 14.483357] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.484005] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.484779] page dumped because: kasan: bad access detected [ 14.485261] [ 14.485457] Memory state around the buggy address: [ 14.485947] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.486735] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.487186] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.487616] ^ [ 14.488039] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.488792] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.489449] ================================================================== [ 15.637481] ================================================================== [ 15.638192] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 15.638448] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.638962] [ 15.639059] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.639102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.639114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.639136] Call Trace: [ 15.639148] <TASK> [ 15.639164] dump_stack_lvl+0x73/0xb0 [ 15.639190] print_report+0xd1/0x610 [ 15.639213] ? __virt_addr_valid+0x1db/0x2d0 [ 15.639236] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.639257] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.639281] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.639304] kasan_report+0x141/0x180 [ 15.639327] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.639355] kasan_check_range+0x10c/0x1c0 [ 15.639380] __kasan_check_write+0x18/0x20 [ 15.639399] kasan_atomics_helper+0x1eaa/0x5450 [ 15.639424] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.639457] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.639483] ? kasan_atomics+0x152/0x310 [ 15.639511] kasan_atomics+0x1dc/0x310 [ 15.639534] ? __pfx_kasan_atomics+0x10/0x10 [ 15.639559] ? __pfx_read_tsc+0x10/0x10 [ 15.639580] ? ktime_get_ts64+0x86/0x230 [ 15.639606] kunit_try_run_case+0x1a5/0x480 [ 15.639631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.639654] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.639679] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.639704] ? __kthread_parkme+0x82/0x180 [ 15.639771] ? preempt_count_sub+0x50/0x80 [ 15.639822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.639847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.639901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.639926] kthread+0x337/0x6f0 [ 15.639945] ? trace_preempt_on+0x20/0xc0 [ 15.639970] ? __pfx_kthread+0x10/0x10 [ 15.639991] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.640041] ? calculate_sigpending+0x7b/0xa0 [ 15.640067] ? __pfx_kthread+0x10/0x10 [ 15.640089] ret_from_fork+0x116/0x1d0 [ 15.640108] ? __pfx_kthread+0x10/0x10 [ 15.640129] ret_from_fork_asm+0x1a/0x30 [ 15.640189] </TASK> [ 15.640200] [ 15.648229] Allocated by task 283: [ 15.648397] kasan_save_stack+0x45/0x70 [ 15.648691] kasan_save_track+0x18/0x40 [ 15.648907] kasan_save_alloc_info+0x3b/0x50 [ 15.649117] __kasan_kmalloc+0xb7/0xc0 [ 15.649317] __kmalloc_cache_noprof+0x189/0x420 [ 15.649723] kasan_atomics+0x95/0x310 [ 15.650124] kunit_try_run_case+0x1a5/0x480 [ 15.650327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.650603] kthread+0x337/0x6f0 [ 15.650724] ret_from_fork+0x116/0x1d0 [ 15.650946] ret_from_fork_asm+0x1a/0x30 [ 15.651118] [ 15.651198] The buggy address belongs to the object at ffff8881026f3680 [ 15.651198] which belongs to the cache kmalloc-64 of size 64 [ 15.651740] The buggy address is located 0 bytes to the right of [ 15.651740] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.652300] [ 15.652482] The buggy address belongs to the physical page: [ 15.652902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.653144] flags: 0x200000000000000(node=0|zone=2) [ 15.653398] page_type: f5(slab) [ 15.653576] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.653905] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.654227] page dumped because: kasan: bad access detected [ 15.654535] [ 15.654628] Memory state around the buggy address: [ 15.654848] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.655229] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.655449] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.656001] ^ [ 15.656223] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.656540] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.656846] ================================================================== [ 14.676670] ================================================================== [ 14.677027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 14.677365] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.678122] [ 14.678228] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.678280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.678292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.678312] Call Trace: [ 14.678326] <TASK> [ 14.678341] dump_stack_lvl+0x73/0xb0 [ 14.678493] print_report+0xd1/0x610 [ 14.678515] ? __virt_addr_valid+0x1db/0x2d0 [ 14.678537] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.678559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.678582] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.678605] kasan_report+0x141/0x180 [ 14.678629] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.678657] kasan_check_range+0x10c/0x1c0 [ 14.678681] __kasan_check_write+0x18/0x20 [ 14.678701] kasan_atomics_helper+0x5fe/0x5450 [ 14.678725] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.678748] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.678775] ? kasan_atomics+0x152/0x310 [ 14.678802] kasan_atomics+0x1dc/0x310 [ 14.678825] ? __pfx_kasan_atomics+0x10/0x10 [ 14.678850] ? __pfx_read_tsc+0x10/0x10 [ 14.678871] ? ktime_get_ts64+0x86/0x230 [ 14.678897] kunit_try_run_case+0x1a5/0x480 [ 14.678922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.678944] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.678969] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.678993] ? __kthread_parkme+0x82/0x180 [ 14.679012] ? preempt_count_sub+0x50/0x80 [ 14.679037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.679062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.679086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.679125] kthread+0x337/0x6f0 [ 14.679145] ? trace_preempt_on+0x20/0xc0 [ 14.679168] ? __pfx_kthread+0x10/0x10 [ 14.679188] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.679211] ? calculate_sigpending+0x7b/0xa0 [ 14.679235] ? __pfx_kthread+0x10/0x10 [ 14.679256] ret_from_fork+0x116/0x1d0 [ 14.679277] ? __pfx_kthread+0x10/0x10 [ 14.679297] ret_from_fork_asm+0x1a/0x30 [ 14.679330] </TASK> [ 14.679340] [ 14.686899] Allocated by task 283: [ 14.687042] kasan_save_stack+0x45/0x70 [ 14.687186] kasan_save_track+0x18/0x40 [ 14.687380] kasan_save_alloc_info+0x3b/0x50 [ 14.687683] __kasan_kmalloc+0xb7/0xc0 [ 14.687865] __kmalloc_cache_noprof+0x189/0x420 [ 14.688022] kasan_atomics+0x95/0x310 [ 14.688156] kunit_try_run_case+0x1a5/0x480 [ 14.688304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.688491] kthread+0x337/0x6f0 [ 14.688616] ret_from_fork+0x116/0x1d0 [ 14.688752] ret_from_fork_asm+0x1a/0x30 [ 14.688893] [ 14.688964] The buggy address belongs to the object at ffff8881026f3680 [ 14.688964] which belongs to the cache kmalloc-64 of size 64 [ 14.689325] The buggy address is located 0 bytes to the right of [ 14.689325] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.689843] [ 14.689939] The buggy address belongs to the physical page: [ 14.690191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.690570] flags: 0x200000000000000(node=0|zone=2) [ 14.690803] page_type: f5(slab) [ 14.690967] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.691302] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.691737] page dumped because: kasan: bad access detected [ 14.691956] [ 14.692055] Memory state around the buggy address: [ 14.692223] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.692453] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.693037] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.693350] ^ [ 14.693517] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.693839] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.694122] ================================================================== [ 15.299873] ================================================================== [ 15.300190] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.300417] Write of size 8 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 15.301337] [ 15.301452] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.301497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.301510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.301531] Call Trace: [ 15.301547] <TASK> [ 15.301562] dump_stack_lvl+0x73/0xb0 [ 15.301590] print_report+0xd1/0x610 [ 15.301613] ? __virt_addr_valid+0x1db/0x2d0 [ 15.301635] ? kasan_atomics_helper+0x151d/0x5450 [ 15.301658] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.301681] ? kasan_atomics_helper+0x151d/0x5450 [ 15.301705] kasan_report+0x141/0x180 [ 15.301728] ? kasan_atomics_helper+0x151d/0x5450 [ 15.301756] kasan_check_range+0x10c/0x1c0 [ 15.301781] __kasan_check_write+0x18/0x20 [ 15.301801] kasan_atomics_helper+0x151d/0x5450 [ 15.301825] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.301848] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.301874] ? kasan_atomics+0x152/0x310 [ 15.301902] kasan_atomics+0x1dc/0x310 [ 15.301925] ? __pfx_kasan_atomics+0x10/0x10 [ 15.301950] ? __pfx_read_tsc+0x10/0x10 [ 15.301971] ? ktime_get_ts64+0x86/0x230 [ 15.301996] kunit_try_run_case+0x1a5/0x480 [ 15.302020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.302043] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.302067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.302092] ? __kthread_parkme+0x82/0x180 [ 15.302113] ? preempt_count_sub+0x50/0x80 [ 15.302138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.302163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.302188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.302214] kthread+0x337/0x6f0 [ 15.302232] ? trace_preempt_on+0x20/0xc0 [ 15.302256] ? __pfx_kthread+0x10/0x10 [ 15.302277] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.302299] ? calculate_sigpending+0x7b/0xa0 [ 15.302324] ? __pfx_kthread+0x10/0x10 [ 15.302346] ret_from_fork+0x116/0x1d0 [ 15.302364] ? __pfx_kthread+0x10/0x10 [ 15.302385] ret_from_fork_asm+0x1a/0x30 [ 15.302418] </TASK> [ 15.302429] [ 15.309262] Allocated by task 283: [ 15.309387] kasan_save_stack+0x45/0x70 [ 15.309816] kasan_save_track+0x18/0x40 [ 15.310006] kasan_save_alloc_info+0x3b/0x50 [ 15.310219] __kasan_kmalloc+0xb7/0xc0 [ 15.310407] __kmalloc_cache_noprof+0x189/0x420 [ 15.310726] kasan_atomics+0x95/0x310 [ 15.310904] kunit_try_run_case+0x1a5/0x480 [ 15.311086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.311298] kthread+0x337/0x6f0 [ 15.311469] ret_from_fork+0x116/0x1d0 [ 15.311599] ret_from_fork_asm+0x1a/0x30 [ 15.311736] [ 15.311805] The buggy address belongs to the object at ffff8881026f3680 [ 15.311805] which belongs to the cache kmalloc-64 of size 64 [ 15.312227] The buggy address is located 0 bytes to the right of [ 15.312227] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 15.312963] [ 15.313161] The buggy address belongs to the physical page: [ 15.313409] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 15.313708] flags: 0x200000000000000(node=0|zone=2) [ 15.313874] page_type: f5(slab) [ 15.313993] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.314217] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.314518] page dumped because: kasan: bad access detected [ 15.314771] [ 15.314862] Memory state around the buggy address: [ 15.315086] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.315409] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.315952] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.316220] ^ [ 15.316369] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.316589] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.316833] ================================================================== [ 14.617943] ================================================================== [ 14.618536] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 14.618800] Write of size 4 at addr ffff8881026f36b0 by task kunit_try_catch/283 [ 14.619028] [ 14.619112] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.619164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.619176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.619196] Call Trace: [ 14.619210] <TASK> [ 14.619225] dump_stack_lvl+0x73/0xb0 [ 14.619537] print_report+0xd1/0x610 [ 14.620230] ? __virt_addr_valid+0x1db/0x2d0 [ 14.620257] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.620279] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.620303] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.620326] kasan_report+0x141/0x180 [ 14.620357] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.620386] kasan_check_range+0x10c/0x1c0 [ 14.620411] __kasan_check_write+0x18/0x20 [ 14.620431] kasan_atomics_helper+0x4a0/0x5450 [ 14.620463] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.620487] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.620512] ? kasan_atomics+0x152/0x310 [ 14.620539] kasan_atomics+0x1dc/0x310 [ 14.620562] ? __pfx_kasan_atomics+0x10/0x10 [ 14.620587] ? __pfx_read_tsc+0x10/0x10 [ 14.620608] ? ktime_get_ts64+0x86/0x230 [ 14.620634] kunit_try_run_case+0x1a5/0x480 [ 14.620657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.620683] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.620707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.620732] ? __kthread_parkme+0x82/0x180 [ 14.620752] ? preempt_count_sub+0x50/0x80 [ 14.620777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.620801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.620825] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.620850] kthread+0x337/0x6f0 [ 14.620869] ? trace_preempt_on+0x20/0xc0 [ 14.620893] ? __pfx_kthread+0x10/0x10 [ 14.620913] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.620935] ? calculate_sigpending+0x7b/0xa0 [ 14.620959] ? __pfx_kthread+0x10/0x10 [ 14.620982] ret_from_fork+0x116/0x1d0 [ 14.621000] ? __pfx_kthread+0x10/0x10 [ 14.621020] ret_from_fork_asm+0x1a/0x30 [ 14.621054] </TASK> [ 14.621065] [ 14.631156] Allocated by task 283: [ 14.631529] kasan_save_stack+0x45/0x70 [ 14.631810] kasan_save_track+0x18/0x40 [ 14.632061] kasan_save_alloc_info+0x3b/0x50 [ 14.632340] __kasan_kmalloc+0xb7/0xc0 [ 14.632506] __kmalloc_cache_noprof+0x189/0x420 [ 14.632752] kasan_atomics+0x95/0x310 [ 14.633057] kunit_try_run_case+0x1a5/0x480 [ 14.633217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.633470] kthread+0x337/0x6f0 [ 14.633856] ret_from_fork+0x116/0x1d0 [ 14.634025] ret_from_fork_asm+0x1a/0x30 [ 14.634323] [ 14.634401] The buggy address belongs to the object at ffff8881026f3680 [ 14.634401] which belongs to the cache kmalloc-64 of size 64 [ 14.635177] The buggy address is located 0 bytes to the right of [ 14.635177] allocated 48-byte region [ffff8881026f3680, ffff8881026f36b0) [ 14.635884] [ 14.636049] The buggy address belongs to the physical page: [ 14.636269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f3 [ 14.636641] flags: 0x200000000000000(node=0|zone=2) [ 14.636843] page_type: f5(slab) [ 14.636983] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.637300] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.637941] page dumped because: kasan: bad access detected [ 14.638166] [ 14.638374] Memory state around the buggy address: [ 14.638547] ffff8881026f3580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.638992] ffff8881026f3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.639242] >ffff8881026f3680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.639735] ^ [ 14.640011] ffff8881026f3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.640264] ffff8881026f3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.640677] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.318874] ================================================================== [ 14.319108] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.319832] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.320388] [ 14.320540] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.320596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.320607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.320627] Call Trace: [ 14.320640] <TASK> [ 14.320654] dump_stack_lvl+0x73/0xb0 [ 14.320683] print_report+0xd1/0x610 [ 14.320704] ? __virt_addr_valid+0x1db/0x2d0 [ 14.320726] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.320754] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.320777] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.320805] kasan_report+0x141/0x180 [ 14.320848] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.320892] kasan_check_range+0x10c/0x1c0 [ 14.320916] __kasan_check_write+0x18/0x20 [ 14.320947] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.320977] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.321033] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.321058] ? trace_hardirqs_on+0x37/0xe0 [ 14.321080] ? kasan_bitops_generic+0x92/0x1c0 [ 14.321119] kasan_bitops_generic+0x121/0x1c0 [ 14.321146] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.321172] ? __pfx_read_tsc+0x10/0x10 [ 14.321218] ? ktime_get_ts64+0x86/0x230 [ 14.321242] kunit_try_run_case+0x1a5/0x480 [ 14.321266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.321299] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.321323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.321347] ? __kthread_parkme+0x82/0x180 [ 14.321390] ? preempt_count_sub+0x50/0x80 [ 14.321415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.321453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.321478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.321502] kthread+0x337/0x6f0 [ 14.321521] ? trace_preempt_on+0x20/0xc0 [ 14.321551] ? __pfx_kthread+0x10/0x10 [ 14.321599] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.321620] ? calculate_sigpending+0x7b/0xa0 [ 14.321645] ? __pfx_kthread+0x10/0x10 [ 14.321677] ret_from_fork+0x116/0x1d0 [ 14.321695] ? __pfx_kthread+0x10/0x10 [ 14.321715] ret_from_fork_asm+0x1a/0x30 [ 14.321775] </TASK> [ 14.321785] [ 14.331482] Allocated by task 279: [ 14.331822] kasan_save_stack+0x45/0x70 [ 14.332175] kasan_save_track+0x18/0x40 [ 14.332538] kasan_save_alloc_info+0x3b/0x50 [ 14.332906] __kasan_kmalloc+0xb7/0xc0 [ 14.333258] __kmalloc_cache_noprof+0x189/0x420 [ 14.333858] kasan_bitops_generic+0x92/0x1c0 [ 14.334263] kunit_try_run_case+0x1a5/0x480 [ 14.334669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.335058] kthread+0x337/0x6f0 [ 14.335182] ret_from_fork+0x116/0x1d0 [ 14.335315] ret_from_fork_asm+0x1a/0x30 [ 14.335462] [ 14.335566] The buggy address belongs to the object at ffff888101684300 [ 14.335566] which belongs to the cache kmalloc-16 of size 16 [ 14.336771] The buggy address is located 8 bytes inside of [ 14.336771] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.337873] [ 14.338044] The buggy address belongs to the physical page: [ 14.338565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.338990] flags: 0x200000000000000(node=0|zone=2) [ 14.339158] page_type: f5(slab) [ 14.339285] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.339710] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.340364] page dumped because: kasan: bad access detected [ 14.340884] [ 14.341056] Memory state around the buggy address: [ 14.341495] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.342130] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.342766] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.343163] ^ [ 14.343287] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.343512] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.344139] ================================================================== [ 14.278467] ================================================================== [ 14.279059] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.279483] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.279825] [ 14.279954] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.280004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.280028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.280047] Call Trace: [ 14.280060] <TASK> [ 14.280074] dump_stack_lvl+0x73/0xb0 [ 14.280101] print_report+0xd1/0x610 [ 14.280122] ? __virt_addr_valid+0x1db/0x2d0 [ 14.280144] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.280172] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.280194] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.280223] kasan_report+0x141/0x180 [ 14.280246] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.280280] kasan_check_range+0x10c/0x1c0 [ 14.280303] __kasan_check_write+0x18/0x20 [ 14.280322] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.280351] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.280380] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.280404] ? trace_hardirqs_on+0x37/0xe0 [ 14.280426] ? kasan_bitops_generic+0x92/0x1c0 [ 14.280464] kasan_bitops_generic+0x121/0x1c0 [ 14.280489] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.280514] ? __pfx_read_tsc+0x10/0x10 [ 14.280534] ? ktime_get_ts64+0x86/0x230 [ 14.280558] kunit_try_run_case+0x1a5/0x480 [ 14.280581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.280604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.280642] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.280666] ? __kthread_parkme+0x82/0x180 [ 14.280687] ? preempt_count_sub+0x50/0x80 [ 14.280710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.280734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.280758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.280800] kthread+0x337/0x6f0 [ 14.280819] ? trace_preempt_on+0x20/0xc0 [ 14.280841] ? __pfx_kthread+0x10/0x10 [ 14.280862] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.280883] ? calculate_sigpending+0x7b/0xa0 [ 14.280907] ? __pfx_kthread+0x10/0x10 [ 14.280928] ret_from_fork+0x116/0x1d0 [ 14.280946] ? __pfx_kthread+0x10/0x10 [ 14.280966] ret_from_fork_asm+0x1a/0x30 [ 14.280999] </TASK> [ 14.281008] [ 14.289542] Allocated by task 279: [ 14.289763] kasan_save_stack+0x45/0x70 [ 14.289968] kasan_save_track+0x18/0x40 [ 14.290148] kasan_save_alloc_info+0x3b/0x50 [ 14.290371] __kasan_kmalloc+0xb7/0xc0 [ 14.290542] __kmalloc_cache_noprof+0x189/0x420 [ 14.290865] kasan_bitops_generic+0x92/0x1c0 [ 14.291110] kunit_try_run_case+0x1a5/0x480 [ 14.291380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.291637] kthread+0x337/0x6f0 [ 14.291800] ret_from_fork+0x116/0x1d0 [ 14.291982] ret_from_fork_asm+0x1a/0x30 [ 14.292172] [ 14.292263] The buggy address belongs to the object at ffff888101684300 [ 14.292263] which belongs to the cache kmalloc-16 of size 16 [ 14.292787] The buggy address is located 8 bytes inside of [ 14.292787] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.293300] [ 14.293392] The buggy address belongs to the physical page: [ 14.293589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.293818] flags: 0x200000000000000(node=0|zone=2) [ 14.293975] page_type: f5(slab) [ 14.294090] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.294314] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.294798] page dumped because: kasan: bad access detected [ 14.295048] [ 14.295142] Memory state around the buggy address: [ 14.295415] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.296118] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.296459] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.297114] ^ [ 14.297327] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.297803] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.298012] ================================================================== [ 14.389029] ================================================================== [ 14.389921] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.390296] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.390651] [ 14.390734] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.390775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.390786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.390806] Call Trace: [ 14.390818] <TASK> [ 14.390831] dump_stack_lvl+0x73/0xb0 [ 14.390857] print_report+0xd1/0x610 [ 14.390878] ? __virt_addr_valid+0x1db/0x2d0 [ 14.390901] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.390929] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.390964] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.390994] kasan_report+0x141/0x180 [ 14.391019] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.391054] kasan_check_range+0x10c/0x1c0 [ 14.391078] __kasan_check_write+0x18/0x20 [ 14.391099] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.391138] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.391168] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.391192] ? trace_hardirqs_on+0x37/0xe0 [ 14.391225] ? kasan_bitops_generic+0x92/0x1c0 [ 14.391253] kasan_bitops_generic+0x121/0x1c0 [ 14.391276] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.391301] ? __pfx_read_tsc+0x10/0x10 [ 14.391321] ? ktime_get_ts64+0x86/0x230 [ 14.391345] kunit_try_run_case+0x1a5/0x480 [ 14.391368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.391390] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.391414] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.391447] ? __kthread_parkme+0x82/0x180 [ 14.391467] ? preempt_count_sub+0x50/0x80 [ 14.391490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.391515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.391548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.391582] kthread+0x337/0x6f0 [ 14.391601] ? trace_preempt_on+0x20/0xc0 [ 14.391624] ? __pfx_kthread+0x10/0x10 [ 14.391654] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.391675] ? calculate_sigpending+0x7b/0xa0 [ 14.391699] ? __pfx_kthread+0x10/0x10 [ 14.391721] ret_from_fork+0x116/0x1d0 [ 14.391739] ? __pfx_kthread+0x10/0x10 [ 14.391759] ret_from_fork_asm+0x1a/0x30 [ 14.391791] </TASK> [ 14.391800] [ 14.403263] Allocated by task 279: [ 14.403472] kasan_save_stack+0x45/0x70 [ 14.403706] kasan_save_track+0x18/0x40 [ 14.403905] kasan_save_alloc_info+0x3b/0x50 [ 14.404126] __kasan_kmalloc+0xb7/0xc0 [ 14.404276] __kmalloc_cache_noprof+0x189/0x420 [ 14.404444] kasan_bitops_generic+0x92/0x1c0 [ 14.404590] kunit_try_run_case+0x1a5/0x480 [ 14.404792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.405039] kthread+0x337/0x6f0 [ 14.405249] ret_from_fork+0x116/0x1d0 [ 14.405445] ret_from_fork_asm+0x1a/0x30 [ 14.405649] [ 14.405719] The buggy address belongs to the object at ffff888101684300 [ 14.405719] which belongs to the cache kmalloc-16 of size 16 [ 14.406177] The buggy address is located 8 bytes inside of [ 14.406177] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.406737] [ 14.406847] The buggy address belongs to the physical page: [ 14.407077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.407386] flags: 0x200000000000000(node=0|zone=2) [ 14.407687] page_type: f5(slab) [ 14.407840] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.408165] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.408423] page dumped because: kasan: bad access detected [ 14.408601] [ 14.408670] Memory state around the buggy address: [ 14.408825] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.409166] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.409488] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.409804] ^ [ 14.410042] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.410260] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.410938] ================================================================== [ 14.430780] ================================================================== [ 14.431142] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.431791] Read of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.432125] [ 14.432211] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.432252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.432263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.432284] Call Trace: [ 14.432298] <TASK> [ 14.432313] dump_stack_lvl+0x73/0xb0 [ 14.432339] print_report+0xd1/0x610 [ 14.432359] ? __virt_addr_valid+0x1db/0x2d0 [ 14.432381] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.432408] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.432432] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.432470] kasan_report+0x141/0x180 [ 14.432491] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.432526] __asan_report_load8_noabort+0x18/0x20 [ 14.432560] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.432588] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.432617] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.432640] ? trace_hardirqs_on+0x37/0xe0 [ 14.432662] ? kasan_bitops_generic+0x92/0x1c0 [ 14.432690] kasan_bitops_generic+0x121/0x1c0 [ 14.432713] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.432738] ? __pfx_read_tsc+0x10/0x10 [ 14.432759] ? ktime_get_ts64+0x86/0x230 [ 14.432783] kunit_try_run_case+0x1a5/0x480 [ 14.432806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.432828] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.432851] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.432885] ? __kthread_parkme+0x82/0x180 [ 14.432905] ? preempt_count_sub+0x50/0x80 [ 14.432929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.432964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.432987] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.433011] kthread+0x337/0x6f0 [ 14.433029] ? trace_preempt_on+0x20/0xc0 [ 14.433051] ? __pfx_kthread+0x10/0x10 [ 14.433071] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.433101] ? calculate_sigpending+0x7b/0xa0 [ 14.433125] ? __pfx_kthread+0x10/0x10 [ 14.433151] ret_from_fork+0x116/0x1d0 [ 14.433180] ? __pfx_kthread+0x10/0x10 [ 14.433201] ret_from_fork_asm+0x1a/0x30 [ 14.433233] </TASK> [ 14.433241] [ 14.441387] Allocated by task 279: [ 14.441585] kasan_save_stack+0x45/0x70 [ 14.441739] kasan_save_track+0x18/0x40 [ 14.441946] kasan_save_alloc_info+0x3b/0x50 [ 14.442139] __kasan_kmalloc+0xb7/0xc0 [ 14.442322] __kmalloc_cache_noprof+0x189/0x420 [ 14.442556] kasan_bitops_generic+0x92/0x1c0 [ 14.442766] kunit_try_run_case+0x1a5/0x480 [ 14.442988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.443168] kthread+0x337/0x6f0 [ 14.443288] ret_from_fork+0x116/0x1d0 [ 14.443420] ret_from_fork_asm+0x1a/0x30 [ 14.443568] [ 14.443638] The buggy address belongs to the object at ffff888101684300 [ 14.443638] which belongs to the cache kmalloc-16 of size 16 [ 14.443991] The buggy address is located 8 bytes inside of [ 14.443991] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.444353] [ 14.444546] The buggy address belongs to the physical page: [ 14.444813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.445168] flags: 0x200000000000000(node=0|zone=2) [ 14.445401] page_type: f5(slab) [ 14.445615] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.445953] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.446286] page dumped because: kasan: bad access detected [ 14.446545] [ 14.446637] Memory state around the buggy address: [ 14.446858] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.447171] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.447498] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.447871] ^ [ 14.448065] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.448365] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.448722] ================================================================== [ 14.345556] ================================================================== [ 14.346503] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.347296] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.347787] [ 14.347872] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.347913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.347924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.347945] Call Trace: [ 14.347959] <TASK> [ 14.347973] dump_stack_lvl+0x73/0xb0 [ 14.347999] print_report+0xd1/0x610 [ 14.348021] ? __virt_addr_valid+0x1db/0x2d0 [ 14.348042] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.348070] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.348093] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.348122] kasan_report+0x141/0x180 [ 14.348144] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.348178] kasan_check_range+0x10c/0x1c0 [ 14.348202] __kasan_check_write+0x18/0x20 [ 14.348221] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.348250] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.348279] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.348303] ? trace_hardirqs_on+0x37/0xe0 [ 14.348324] ? kasan_bitops_generic+0x92/0x1c0 [ 14.348352] kasan_bitops_generic+0x121/0x1c0 [ 14.348376] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.348401] ? __pfx_read_tsc+0x10/0x10 [ 14.348422] ? ktime_get_ts64+0x86/0x230 [ 14.348464] kunit_try_run_case+0x1a5/0x480 [ 14.348489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.348511] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.348565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.348591] ? __kthread_parkme+0x82/0x180 [ 14.348610] ? preempt_count_sub+0x50/0x80 [ 14.348653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.348678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.348702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.348737] kthread+0x337/0x6f0 [ 14.348756] ? trace_preempt_on+0x20/0xc0 [ 14.348777] ? __pfx_kthread+0x10/0x10 [ 14.348798] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.348819] ? calculate_sigpending+0x7b/0xa0 [ 14.348844] ? __pfx_kthread+0x10/0x10 [ 14.348864] ret_from_fork+0x116/0x1d0 [ 14.348883] ? __pfx_kthread+0x10/0x10 [ 14.348903] ret_from_fork_asm+0x1a/0x30 [ 14.348935] </TASK> [ 14.348944] [ 14.361459] Allocated by task 279: [ 14.361683] kasan_save_stack+0x45/0x70 [ 14.361890] kasan_save_track+0x18/0x40 [ 14.362073] kasan_save_alloc_info+0x3b/0x50 [ 14.362252] __kasan_kmalloc+0xb7/0xc0 [ 14.362384] __kmalloc_cache_noprof+0x189/0x420 [ 14.362551] kasan_bitops_generic+0x92/0x1c0 [ 14.362760] kunit_try_run_case+0x1a5/0x480 [ 14.363044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.363264] kthread+0x337/0x6f0 [ 14.363384] ret_from_fork+0x116/0x1d0 [ 14.363571] ret_from_fork_asm+0x1a/0x30 [ 14.363770] [ 14.363880] The buggy address belongs to the object at ffff888101684300 [ 14.363880] which belongs to the cache kmalloc-16 of size 16 [ 14.364396] The buggy address is located 8 bytes inside of [ 14.364396] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.364893] [ 14.364965] The buggy address belongs to the physical page: [ 14.365184] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.365563] flags: 0x200000000000000(node=0|zone=2) [ 14.365866] page_type: f5(slab) [ 14.366035] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.366318] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.366798] page dumped because: kasan: bad access detected [ 14.367029] [ 14.367136] Memory state around the buggy address: [ 14.367334] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.367656] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.367959] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.368262] ^ [ 14.368446] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.368736] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.368951] ================================================================== [ 14.411563] ================================================================== [ 14.411864] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.412261] Read of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.412903] [ 14.413020] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.413061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.413083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.413104] Call Trace: [ 14.413119] <TASK> [ 14.413138] dump_stack_lvl+0x73/0xb0 [ 14.413179] print_report+0xd1/0x610 [ 14.413200] ? __virt_addr_valid+0x1db/0x2d0 [ 14.413223] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.413250] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.413283] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.413311] kasan_report+0x141/0x180 [ 14.413333] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.413377] kasan_check_range+0x10c/0x1c0 [ 14.413401] __kasan_check_read+0x15/0x20 [ 14.413419] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.413458] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.413495] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.413519] ? trace_hardirqs_on+0x37/0xe0 [ 14.413541] ? kasan_bitops_generic+0x92/0x1c0 [ 14.413593] kasan_bitops_generic+0x121/0x1c0 [ 14.413617] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.413642] ? __pfx_read_tsc+0x10/0x10 [ 14.413662] ? ktime_get_ts64+0x86/0x230 [ 14.413687] kunit_try_run_case+0x1a5/0x480 [ 14.413711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.413733] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.413758] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.413782] ? __kthread_parkme+0x82/0x180 [ 14.413801] ? preempt_count_sub+0x50/0x80 [ 14.413825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.413849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.413882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.413906] kthread+0x337/0x6f0 [ 14.413925] ? trace_preempt_on+0x20/0xc0 [ 14.413956] ? __pfx_kthread+0x10/0x10 [ 14.413977] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.413998] ? calculate_sigpending+0x7b/0xa0 [ 14.414022] ? __pfx_kthread+0x10/0x10 [ 14.414042] ret_from_fork+0x116/0x1d0 [ 14.414060] ? __pfx_kthread+0x10/0x10 [ 14.414079] ret_from_fork_asm+0x1a/0x30 [ 14.414111] </TASK> [ 14.414121] [ 14.422408] Allocated by task 279: [ 14.422669] kasan_save_stack+0x45/0x70 [ 14.422855] kasan_save_track+0x18/0x40 [ 14.423026] kasan_save_alloc_info+0x3b/0x50 [ 14.423259] __kasan_kmalloc+0xb7/0xc0 [ 14.423394] __kmalloc_cache_noprof+0x189/0x420 [ 14.423575] kasan_bitops_generic+0x92/0x1c0 [ 14.423850] kunit_try_run_case+0x1a5/0x480 [ 14.424057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.424304] kthread+0x337/0x6f0 [ 14.424448] ret_from_fork+0x116/0x1d0 [ 14.424720] ret_from_fork_asm+0x1a/0x30 [ 14.424920] [ 14.424995] The buggy address belongs to the object at ffff888101684300 [ 14.424995] which belongs to the cache kmalloc-16 of size 16 [ 14.425511] The buggy address is located 8 bytes inside of [ 14.425511] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.425975] [ 14.426073] The buggy address belongs to the physical page: [ 14.426313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.426703] flags: 0x200000000000000(node=0|zone=2) [ 14.426911] page_type: f5(slab) [ 14.427092] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.427421] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.427659] page dumped because: kasan: bad access detected [ 14.427829] [ 14.427897] Memory state around the buggy address: [ 14.428050] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.428268] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.428525] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.429020] ^ [ 14.429215] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.429560] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.429873] ================================================================== [ 14.257381] ================================================================== [ 14.257902] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.258277] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.258508] [ 14.258588] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.258628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.258639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.258659] Call Trace: [ 14.258673] <TASK> [ 14.258687] dump_stack_lvl+0x73/0xb0 [ 14.258712] print_report+0xd1/0x610 [ 14.258733] ? __virt_addr_valid+0x1db/0x2d0 [ 14.258755] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.258783] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.258806] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.258834] kasan_report+0x141/0x180 [ 14.258858] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.258892] kasan_check_range+0x10c/0x1c0 [ 14.258916] __kasan_check_write+0x18/0x20 [ 14.258935] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.258964] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.259005] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.259029] ? trace_hardirqs_on+0x37/0xe0 [ 14.259050] ? kasan_bitops_generic+0x92/0x1c0 [ 14.259108] kasan_bitops_generic+0x121/0x1c0 [ 14.259154] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.259181] ? __pfx_read_tsc+0x10/0x10 [ 14.259201] ? ktime_get_ts64+0x86/0x230 [ 14.259237] kunit_try_run_case+0x1a5/0x480 [ 14.259260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.259283] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.259306] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.259330] ? __kthread_parkme+0x82/0x180 [ 14.259350] ? preempt_count_sub+0x50/0x80 [ 14.259373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.259397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.259421] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.259482] kthread+0x337/0x6f0 [ 14.259501] ? trace_preempt_on+0x20/0xc0 [ 14.259523] ? __pfx_kthread+0x10/0x10 [ 14.259562] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.259583] ? calculate_sigpending+0x7b/0xa0 [ 14.259625] ? __pfx_kthread+0x10/0x10 [ 14.259647] ret_from_fork+0x116/0x1d0 [ 14.259665] ? __pfx_kthread+0x10/0x10 [ 14.259685] ret_from_fork_asm+0x1a/0x30 [ 14.259717] </TASK> [ 14.259726] [ 14.269141] Allocated by task 279: [ 14.269333] kasan_save_stack+0x45/0x70 [ 14.269536] kasan_save_track+0x18/0x40 [ 14.269723] kasan_save_alloc_info+0x3b/0x50 [ 14.269995] __kasan_kmalloc+0xb7/0xc0 [ 14.270251] __kmalloc_cache_noprof+0x189/0x420 [ 14.270431] kasan_bitops_generic+0x92/0x1c0 [ 14.270865] kunit_try_run_case+0x1a5/0x480 [ 14.271063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.271325] kthread+0x337/0x6f0 [ 14.271506] ret_from_fork+0x116/0x1d0 [ 14.271726] ret_from_fork_asm+0x1a/0x30 [ 14.271905] [ 14.272020] The buggy address belongs to the object at ffff888101684300 [ 14.272020] which belongs to the cache kmalloc-16 of size 16 [ 14.272600] The buggy address is located 8 bytes inside of [ 14.272600] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.273138] [ 14.273253] The buggy address belongs to the physical page: [ 14.273513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.273950] flags: 0x200000000000000(node=0|zone=2) [ 14.274214] page_type: f5(slab) [ 14.274389] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.274753] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.275154] page dumped because: kasan: bad access detected [ 14.275398] [ 14.275501] Memory state around the buggy address: [ 14.275834] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.276170] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.276465] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.276805] ^ [ 14.276995] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.277329] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.277691] ================================================================== [ 14.298929] ================================================================== [ 14.299376] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.299983] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.300442] [ 14.300551] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.300593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.300605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.300625] Call Trace: [ 14.300640] <TASK> [ 14.300655] dump_stack_lvl+0x73/0xb0 [ 14.300680] print_report+0xd1/0x610 [ 14.300701] ? __virt_addr_valid+0x1db/0x2d0 [ 14.300723] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.300751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.300774] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.300803] kasan_report+0x141/0x180 [ 14.300826] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.300860] kasan_check_range+0x10c/0x1c0 [ 14.300884] __kasan_check_write+0x18/0x20 [ 14.300903] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.300932] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.300962] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.300985] ? trace_hardirqs_on+0x37/0xe0 [ 14.301007] ? kasan_bitops_generic+0x92/0x1c0 [ 14.301035] kasan_bitops_generic+0x121/0x1c0 [ 14.301058] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.301084] ? __pfx_read_tsc+0x10/0x10 [ 14.301104] ? ktime_get_ts64+0x86/0x230 [ 14.301133] kunit_try_run_case+0x1a5/0x480 [ 14.301157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.301179] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.301202] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.301227] ? __kthread_parkme+0x82/0x180 [ 14.301246] ? preempt_count_sub+0x50/0x80 [ 14.301270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.301294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.301318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.301342] kthread+0x337/0x6f0 [ 14.301360] ? trace_preempt_on+0x20/0xc0 [ 14.301381] ? __pfx_kthread+0x10/0x10 [ 14.301401] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.301423] ? calculate_sigpending+0x7b/0xa0 [ 14.301493] ? __pfx_kthread+0x10/0x10 [ 14.301515] ret_from_fork+0x116/0x1d0 [ 14.301533] ? __pfx_kthread+0x10/0x10 [ 14.301576] ret_from_fork_asm+0x1a/0x30 [ 14.301608] </TASK> [ 14.301617] [ 14.310254] Allocated by task 279: [ 14.310446] kasan_save_stack+0x45/0x70 [ 14.310694] kasan_save_track+0x18/0x40 [ 14.310926] kasan_save_alloc_info+0x3b/0x50 [ 14.311133] __kasan_kmalloc+0xb7/0xc0 [ 14.311328] __kmalloc_cache_noprof+0x189/0x420 [ 14.311596] kasan_bitops_generic+0x92/0x1c0 [ 14.311820] kunit_try_run_case+0x1a5/0x480 [ 14.312011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.312283] kthread+0x337/0x6f0 [ 14.312481] ret_from_fork+0x116/0x1d0 [ 14.312754] ret_from_fork_asm+0x1a/0x30 [ 14.312947] [ 14.313053] The buggy address belongs to the object at ffff888101684300 [ 14.313053] which belongs to the cache kmalloc-16 of size 16 [ 14.313659] The buggy address is located 8 bytes inside of [ 14.313659] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.314172] [ 14.314310] The buggy address belongs to the physical page: [ 14.314571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.314928] flags: 0x200000000000000(node=0|zone=2) [ 14.315185] page_type: f5(slab) [ 14.315302] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.315620] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.315974] page dumped because: kasan: bad access detected [ 14.316218] [ 14.316308] Memory state around the buggy address: [ 14.316535] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.316854] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.317165] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.317482] ^ [ 14.317656] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.317899] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.318235] ================================================================== [ 14.370107] ================================================================== [ 14.370501] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.370916] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.371238] [ 14.371322] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.371373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.371384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.371405] Call Trace: [ 14.371416] <TASK> [ 14.371450] dump_stack_lvl+0x73/0xb0 [ 14.371476] print_report+0xd1/0x610 [ 14.371498] ? __virt_addr_valid+0x1db/0x2d0 [ 14.371520] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.371569] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.371592] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.371621] kasan_report+0x141/0x180 [ 14.371653] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.371688] kasan_check_range+0x10c/0x1c0 [ 14.371712] __kasan_check_write+0x18/0x20 [ 14.371731] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.371770] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.371802] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.371838] ? trace_hardirqs_on+0x37/0xe0 [ 14.371861] ? kasan_bitops_generic+0x92/0x1c0 [ 14.371891] kasan_bitops_generic+0x121/0x1c0 [ 14.371915] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.371941] ? __pfx_read_tsc+0x10/0x10 [ 14.371960] ? ktime_get_ts64+0x86/0x230 [ 14.371984] kunit_try_run_case+0x1a5/0x480 [ 14.372008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.372031] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.372056] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.372080] ? __kthread_parkme+0x82/0x180 [ 14.372099] ? preempt_count_sub+0x50/0x80 [ 14.372124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.372148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.372172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.372196] kthread+0x337/0x6f0 [ 14.372215] ? trace_preempt_on+0x20/0xc0 [ 14.372237] ? __pfx_kthread+0x10/0x10 [ 14.372258] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.372280] ? calculate_sigpending+0x7b/0xa0 [ 14.372304] ? __pfx_kthread+0x10/0x10 [ 14.372325] ret_from_fork+0x116/0x1d0 [ 14.372353] ? __pfx_kthread+0x10/0x10 [ 14.372373] ret_from_fork_asm+0x1a/0x30 [ 14.372405] </TASK> [ 14.372415] [ 14.380965] Allocated by task 279: [ 14.381151] kasan_save_stack+0x45/0x70 [ 14.381342] kasan_save_track+0x18/0x40 [ 14.381574] kasan_save_alloc_info+0x3b/0x50 [ 14.381732] __kasan_kmalloc+0xb7/0xc0 [ 14.381859] __kmalloc_cache_noprof+0x189/0x420 [ 14.382009] kasan_bitops_generic+0x92/0x1c0 [ 14.382190] kunit_try_run_case+0x1a5/0x480 [ 14.382416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.382669] kthread+0x337/0x6f0 [ 14.382833] ret_from_fork+0x116/0x1d0 [ 14.382991] ret_from_fork_asm+0x1a/0x30 [ 14.383126] [ 14.383195] The buggy address belongs to the object at ffff888101684300 [ 14.383195] which belongs to the cache kmalloc-16 of size 16 [ 14.383867] The buggy address is located 8 bytes inside of [ 14.383867] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.384214] [ 14.384283] The buggy address belongs to the physical page: [ 14.384456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.384683] flags: 0x200000000000000(node=0|zone=2) [ 14.384944] page_type: f5(slab) [ 14.385107] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.385449] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.386115] page dumped because: kasan: bad access detected [ 14.386367] [ 14.386466] Memory state around the buggy address: [ 14.386814] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.387096] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.387314] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.387536] ^ [ 14.387656] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.387976] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.388324] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.216122] ================================================================== [ 14.216599] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.217022] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.217394] [ 14.217487] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.217529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.217540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.217560] Call Trace: [ 14.217573] <TASK> [ 14.217586] dump_stack_lvl+0x73/0xb0 [ 14.217634] print_report+0xd1/0x610 [ 14.217666] ? __virt_addr_valid+0x1db/0x2d0 [ 14.217687] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.217741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.217788] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.217815] kasan_report+0x141/0x180 [ 14.217836] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.217878] kasan_check_range+0x10c/0x1c0 [ 14.217901] __kasan_check_write+0x18/0x20 [ 14.217920] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.217947] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.217974] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.217998] ? trace_hardirqs_on+0x37/0xe0 [ 14.218020] ? kasan_bitops_generic+0x92/0x1c0 [ 14.218047] kasan_bitops_generic+0x116/0x1c0 [ 14.218070] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.218096] ? __pfx_read_tsc+0x10/0x10 [ 14.218116] ? ktime_get_ts64+0x86/0x230 [ 14.218141] kunit_try_run_case+0x1a5/0x480 [ 14.218164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.218213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.218237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.218261] ? __kthread_parkme+0x82/0x180 [ 14.218291] ? preempt_count_sub+0x50/0x80 [ 14.218316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.218365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.218389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.218413] kthread+0x337/0x6f0 [ 14.218449] ? trace_preempt_on+0x20/0xc0 [ 14.218471] ? __pfx_kthread+0x10/0x10 [ 14.218492] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.218560] ? calculate_sigpending+0x7b/0xa0 [ 14.218584] ? __pfx_kthread+0x10/0x10 [ 14.218606] ret_from_fork+0x116/0x1d0 [ 14.218634] ? __pfx_kthread+0x10/0x10 [ 14.218655] ret_from_fork_asm+0x1a/0x30 [ 14.218687] </TASK> [ 14.218697] [ 14.227512] Allocated by task 279: [ 14.227715] kasan_save_stack+0x45/0x70 [ 14.227895] kasan_save_track+0x18/0x40 [ 14.228027] kasan_save_alloc_info+0x3b/0x50 [ 14.228172] __kasan_kmalloc+0xb7/0xc0 [ 14.228301] __kmalloc_cache_noprof+0x189/0x420 [ 14.228497] kasan_bitops_generic+0x92/0x1c0 [ 14.228830] kunit_try_run_case+0x1a5/0x480 [ 14.229127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.229357] kthread+0x337/0x6f0 [ 14.229484] ret_from_fork+0x116/0x1d0 [ 14.229845] ret_from_fork_asm+0x1a/0x30 [ 14.230076] [ 14.230188] The buggy address belongs to the object at ffff888101684300 [ 14.230188] which belongs to the cache kmalloc-16 of size 16 [ 14.230796] The buggy address is located 8 bytes inside of [ 14.230796] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.231264] [ 14.231374] The buggy address belongs to the physical page: [ 14.231667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.232031] flags: 0x200000000000000(node=0|zone=2) [ 14.232222] page_type: f5(slab) [ 14.232426] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.232788] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.233122] page dumped because: kasan: bad access detected [ 14.233371] [ 14.233472] Memory state around the buggy address: [ 14.233727] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.234048] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.234425] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.234778] ^ [ 14.234964] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.235293] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.235684] ================================================================== [ 14.174371] ================================================================== [ 14.175452] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.175805] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.176021] [ 14.176101] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.176142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.176153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.176173] Call Trace: [ 14.176187] <TASK> [ 14.176202] dump_stack_lvl+0x73/0xb0 [ 14.176226] print_report+0xd1/0x610 [ 14.176403] ? __virt_addr_valid+0x1db/0x2d0 [ 14.176428] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.176469] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.176491] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.176517] kasan_report+0x141/0x180 [ 14.176578] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.176624] kasan_check_range+0x10c/0x1c0 [ 14.176661] __kasan_check_write+0x18/0x20 [ 14.176680] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.176720] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.176760] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.176798] ? trace_hardirqs_on+0x37/0xe0 [ 14.176833] ? kasan_bitops_generic+0x92/0x1c0 [ 14.176860] kasan_bitops_generic+0x116/0x1c0 [ 14.176884] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.176910] ? __pfx_read_tsc+0x10/0x10 [ 14.176930] ? ktime_get_ts64+0x86/0x230 [ 14.176959] kunit_try_run_case+0x1a5/0x480 [ 14.176982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.177005] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.177028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.177052] ? __kthread_parkme+0x82/0x180 [ 14.177072] ? preempt_count_sub+0x50/0x80 [ 14.177096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.177119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.177148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.177172] kthread+0x337/0x6f0 [ 14.177192] ? trace_preempt_on+0x20/0xc0 [ 14.177215] ? __pfx_kthread+0x10/0x10 [ 14.177234] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.177254] ? calculate_sigpending+0x7b/0xa0 [ 14.177278] ? __pfx_kthread+0x10/0x10 [ 14.177299] ret_from_fork+0x116/0x1d0 [ 14.177317] ? __pfx_kthread+0x10/0x10 [ 14.177336] ret_from_fork_asm+0x1a/0x30 [ 14.177369] </TASK> [ 14.177378] [ 14.186282] Allocated by task 279: [ 14.186482] kasan_save_stack+0x45/0x70 [ 14.186716] kasan_save_track+0x18/0x40 [ 14.186906] kasan_save_alloc_info+0x3b/0x50 [ 14.187132] __kasan_kmalloc+0xb7/0xc0 [ 14.187329] __kmalloc_cache_noprof+0x189/0x420 [ 14.187562] kasan_bitops_generic+0x92/0x1c0 [ 14.187811] kunit_try_run_case+0x1a5/0x480 [ 14.188068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.188325] kthread+0x337/0x6f0 [ 14.188498] ret_from_fork+0x116/0x1d0 [ 14.188679] ret_from_fork_asm+0x1a/0x30 [ 14.188874] [ 14.188966] The buggy address belongs to the object at ffff888101684300 [ 14.188966] which belongs to the cache kmalloc-16 of size 16 [ 14.189755] The buggy address is located 8 bytes inside of [ 14.189755] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.190273] [ 14.190364] The buggy address belongs to the physical page: [ 14.190726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.191071] flags: 0x200000000000000(node=0|zone=2) [ 14.191301] page_type: f5(slab) [ 14.191415] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.191959] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.192291] page dumped because: kasan: bad access detected [ 14.192633] [ 14.192753] Memory state around the buggy address: [ 14.192903] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.193229] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.193643] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.193958] ^ [ 14.194129] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.194463] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.194769] ================================================================== [ 14.237014] ================================================================== [ 14.237770] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.238169] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.238546] [ 14.238689] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.238758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.238782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.238802] Call Trace: [ 14.238828] <TASK> [ 14.238855] dump_stack_lvl+0x73/0xb0 [ 14.238897] print_report+0xd1/0x610 [ 14.238931] ? __virt_addr_valid+0x1db/0x2d0 [ 14.238966] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.238992] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.239014] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.239041] kasan_report+0x141/0x180 [ 14.239064] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.239096] kasan_check_range+0x10c/0x1c0 [ 14.239120] __kasan_check_write+0x18/0x20 [ 14.239139] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.239177] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.239206] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.239231] ? trace_hardirqs_on+0x37/0xe0 [ 14.239266] ? kasan_bitops_generic+0x92/0x1c0 [ 14.239294] kasan_bitops_generic+0x116/0x1c0 [ 14.239317] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.239342] ? __pfx_read_tsc+0x10/0x10 [ 14.239363] ? ktime_get_ts64+0x86/0x230 [ 14.239387] kunit_try_run_case+0x1a5/0x480 [ 14.239411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.239433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.239466] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.239490] ? __kthread_parkme+0x82/0x180 [ 14.239509] ? preempt_count_sub+0x50/0x80 [ 14.239533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.239557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.239582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.239606] kthread+0x337/0x6f0 [ 14.239625] ? trace_preempt_on+0x20/0xc0 [ 14.239646] ? __pfx_kthread+0x10/0x10 [ 14.239667] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.239688] ? calculate_sigpending+0x7b/0xa0 [ 14.239712] ? __pfx_kthread+0x10/0x10 [ 14.239734] ret_from_fork+0x116/0x1d0 [ 14.239752] ? __pfx_kthread+0x10/0x10 [ 14.239772] ret_from_fork_asm+0x1a/0x30 [ 14.239804] </TASK> [ 14.239813] [ 14.248207] Allocated by task 279: [ 14.248452] kasan_save_stack+0x45/0x70 [ 14.248875] kasan_save_track+0x18/0x40 [ 14.249069] kasan_save_alloc_info+0x3b/0x50 [ 14.249289] __kasan_kmalloc+0xb7/0xc0 [ 14.249481] __kmalloc_cache_noprof+0x189/0x420 [ 14.249766] kasan_bitops_generic+0x92/0x1c0 [ 14.249990] kunit_try_run_case+0x1a5/0x480 [ 14.250211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.250482] kthread+0x337/0x6f0 [ 14.250743] ret_from_fork+0x116/0x1d0 [ 14.250971] ret_from_fork_asm+0x1a/0x30 [ 14.251179] [ 14.251277] The buggy address belongs to the object at ffff888101684300 [ 14.251277] which belongs to the cache kmalloc-16 of size 16 [ 14.251894] The buggy address is located 8 bytes inside of [ 14.251894] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.252398] [ 14.252490] The buggy address belongs to the physical page: [ 14.252811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.253184] flags: 0x200000000000000(node=0|zone=2) [ 14.253411] page_type: f5(slab) [ 14.253626] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.253966] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.254293] page dumped because: kasan: bad access detected [ 14.254579] [ 14.254657] Memory state around the buggy address: [ 14.254808] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.255018] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.255229] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.255452] ^ [ 14.255695] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.256020] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.256330] ================================================================== [ 14.153594] ================================================================== [ 14.154112] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.154633] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.155173] [ 14.155280] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.155321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.155332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.155352] Call Trace: [ 14.155365] <TASK> [ 14.155379] dump_stack_lvl+0x73/0xb0 [ 14.155424] print_report+0xd1/0x610 [ 14.155455] ? __virt_addr_valid+0x1db/0x2d0 [ 14.155477] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.155503] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.155525] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.155558] kasan_report+0x141/0x180 [ 14.155580] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.155611] kasan_check_range+0x10c/0x1c0 [ 14.155634] __kasan_check_write+0x18/0x20 [ 14.155653] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.155678] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.155705] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.155729] ? trace_hardirqs_on+0x37/0xe0 [ 14.155750] ? kasan_bitops_generic+0x92/0x1c0 [ 14.155778] kasan_bitops_generic+0x116/0x1c0 [ 14.155801] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.155825] ? __pfx_read_tsc+0x10/0x10 [ 14.155844] ? ktime_get_ts64+0x86/0x230 [ 14.155868] kunit_try_run_case+0x1a5/0x480 [ 14.155892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.155914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.155939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.155962] ? __kthread_parkme+0x82/0x180 [ 14.155981] ? preempt_count_sub+0x50/0x80 [ 14.156006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.156029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.156052] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.156076] kthread+0x337/0x6f0 [ 14.156095] ? trace_preempt_on+0x20/0xc0 [ 14.156116] ? __pfx_kthread+0x10/0x10 [ 14.156136] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.156156] ? calculate_sigpending+0x7b/0xa0 [ 14.156181] ? __pfx_kthread+0x10/0x10 [ 14.156203] ret_from_fork+0x116/0x1d0 [ 14.156221] ? __pfx_kthread+0x10/0x10 [ 14.156241] ret_from_fork_asm+0x1a/0x30 [ 14.156273] </TASK> [ 14.156281] [ 14.165187] Allocated by task 279: [ 14.165350] kasan_save_stack+0x45/0x70 [ 14.165563] kasan_save_track+0x18/0x40 [ 14.165737] kasan_save_alloc_info+0x3b/0x50 [ 14.165954] __kasan_kmalloc+0xb7/0xc0 [ 14.166086] __kmalloc_cache_noprof+0x189/0x420 [ 14.166334] kasan_bitops_generic+0x92/0x1c0 [ 14.166542] kunit_try_run_case+0x1a5/0x480 [ 14.166769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.166968] kthread+0x337/0x6f0 [ 14.167089] ret_from_fork+0x116/0x1d0 [ 14.167223] ret_from_fork_asm+0x1a/0x30 [ 14.167364] [ 14.167433] The buggy address belongs to the object at ffff888101684300 [ 14.167433] which belongs to the cache kmalloc-16 of size 16 [ 14.168388] The buggy address is located 8 bytes inside of [ 14.168388] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.169190] [ 14.169263] The buggy address belongs to the physical page: [ 14.169451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.170127] flags: 0x200000000000000(node=0|zone=2) [ 14.170431] page_type: f5(slab) [ 14.170668] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.170918] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.171256] page dumped because: kasan: bad access detected [ 14.171550] [ 14.171621] Memory state around the buggy address: [ 14.171861] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.172216] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.172556] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.172877] ^ [ 14.173073] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.173396] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.173805] ================================================================== [ 14.114361] ================================================================== [ 14.114802] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.115415] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.116200] [ 14.116415] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.116466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.116477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.116497] Call Trace: [ 14.116508] <TASK> [ 14.116522] dump_stack_lvl+0x73/0xb0 [ 14.116549] print_report+0xd1/0x610 [ 14.116580] ? __virt_addr_valid+0x1db/0x2d0 [ 14.116602] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.116626] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.116660] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.116686] kasan_report+0x141/0x180 [ 14.116707] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.116739] kasan_check_range+0x10c/0x1c0 [ 14.116762] __kasan_check_write+0x18/0x20 [ 14.116780] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.116807] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.116834] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.116857] ? trace_hardirqs_on+0x37/0xe0 [ 14.116878] ? kasan_bitops_generic+0x92/0x1c0 [ 14.116906] kasan_bitops_generic+0x116/0x1c0 [ 14.116929] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.116953] ? __pfx_read_tsc+0x10/0x10 [ 14.116973] ? ktime_get_ts64+0x86/0x230 [ 14.116997] kunit_try_run_case+0x1a5/0x480 [ 14.117030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.117052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.117075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.117104] ? __kthread_parkme+0x82/0x180 [ 14.117124] ? preempt_count_sub+0x50/0x80 [ 14.117151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.117175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.117199] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.117222] kthread+0x337/0x6f0 [ 14.117240] ? trace_preempt_on+0x20/0xc0 [ 14.117261] ? __pfx_kthread+0x10/0x10 [ 14.117282] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.117302] ? calculate_sigpending+0x7b/0xa0 [ 14.117325] ? __pfx_kthread+0x10/0x10 [ 14.117347] ret_from_fork+0x116/0x1d0 [ 14.117365] ? __pfx_kthread+0x10/0x10 [ 14.117385] ret_from_fork_asm+0x1a/0x30 [ 14.117417] </TASK> [ 14.117426] [ 14.127814] Allocated by task 279: [ 14.127946] kasan_save_stack+0x45/0x70 [ 14.128090] kasan_save_track+0x18/0x40 [ 14.128225] kasan_save_alloc_info+0x3b/0x50 [ 14.128466] __kasan_kmalloc+0xb7/0xc0 [ 14.128651] __kmalloc_cache_noprof+0x189/0x420 [ 14.128915] kasan_bitops_generic+0x92/0x1c0 [ 14.129131] kunit_try_run_case+0x1a5/0x480 [ 14.129308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.129493] kthread+0x337/0x6f0 [ 14.129786] ret_from_fork+0x116/0x1d0 [ 14.129976] ret_from_fork_asm+0x1a/0x30 [ 14.130173] [ 14.130303] The buggy address belongs to the object at ffff888101684300 [ 14.130303] which belongs to the cache kmalloc-16 of size 16 [ 14.130773] The buggy address is located 8 bytes inside of [ 14.130773] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.131298] [ 14.131394] The buggy address belongs to the physical page: [ 14.131681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.132022] flags: 0x200000000000000(node=0|zone=2) [ 14.132240] page_type: f5(slab) [ 14.132424] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.132776] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.133086] page dumped because: kasan: bad access detected [ 14.133306] [ 14.133420] Memory state around the buggy address: [ 14.133637] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.133857] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.134075] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.134290] ^ [ 14.134494] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.134810] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.135130] ================================================================== [ 14.135918] ================================================================== [ 14.136272] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.136616] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.136916] [ 14.137023] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.137063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.137073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.137093] Call Trace: [ 14.137104] <TASK> [ 14.137117] dump_stack_lvl+0x73/0xb0 [ 14.137146] print_report+0xd1/0x610 [ 14.137166] ? __virt_addr_valid+0x1db/0x2d0 [ 14.137186] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.137211] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.137231] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.137256] kasan_report+0x141/0x180 [ 14.137276] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.137306] kasan_check_range+0x10c/0x1c0 [ 14.137328] __kasan_check_write+0x18/0x20 [ 14.137346] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.137371] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.137396] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.137418] ? trace_hardirqs_on+0x37/0xe0 [ 14.137457] ? kasan_bitops_generic+0x92/0x1c0 [ 14.137484] kasan_bitops_generic+0x116/0x1c0 [ 14.137507] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.137530] ? __pfx_read_tsc+0x10/0x10 [ 14.137549] ? ktime_get_ts64+0x86/0x230 [ 14.137572] kunit_try_run_case+0x1a5/0x480 [ 14.137594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.137615] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.137638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.137661] ? __kthread_parkme+0x82/0x180 [ 14.137680] ? preempt_count_sub+0x50/0x80 [ 14.137703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.137725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.137748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.137784] kthread+0x337/0x6f0 [ 14.137803] ? trace_preempt_on+0x20/0xc0 [ 14.137824] ? __pfx_kthread+0x10/0x10 [ 14.137844] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.137865] ? calculate_sigpending+0x7b/0xa0 [ 14.137889] ? __pfx_kthread+0x10/0x10 [ 14.137910] ret_from_fork+0x116/0x1d0 [ 14.137928] ? __pfx_kthread+0x10/0x10 [ 14.137947] ret_from_fork_asm+0x1a/0x30 [ 14.137979] </TASK> [ 14.137999] [ 14.146183] Allocated by task 279: [ 14.146310] kasan_save_stack+0x45/0x70 [ 14.146456] kasan_save_track+0x18/0x40 [ 14.146763] kasan_save_alloc_info+0x3b/0x50 [ 14.146999] __kasan_kmalloc+0xb7/0xc0 [ 14.147204] __kmalloc_cache_noprof+0x189/0x420 [ 14.147429] kasan_bitops_generic+0x92/0x1c0 [ 14.147663] kunit_try_run_case+0x1a5/0x480 [ 14.147818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.148020] kthread+0x337/0x6f0 [ 14.148203] ret_from_fork+0x116/0x1d0 [ 14.148384] ret_from_fork_asm+0x1a/0x30 [ 14.148548] [ 14.148642] The buggy address belongs to the object at ffff888101684300 [ 14.148642] which belongs to the cache kmalloc-16 of size 16 [ 14.149080] The buggy address is located 8 bytes inside of [ 14.149080] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.149565] [ 14.149672] The buggy address belongs to the physical page: [ 14.149864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.150214] flags: 0x200000000000000(node=0|zone=2) [ 14.150424] page_type: f5(slab) [ 14.150650] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.150955] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.151263] page dumped because: kasan: bad access detected [ 14.151511] [ 14.151639] Memory state around the buggy address: [ 14.151835] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.152146] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.152394] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.152610] ^ [ 14.152728] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.152935] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.153143] ================================================================== [ 14.195779] ================================================================== [ 14.196164] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.196616] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.196937] [ 14.197060] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.197134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.197145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.197178] Call Trace: [ 14.197203] <TASK> [ 14.197217] dump_stack_lvl+0x73/0xb0 [ 14.197257] print_report+0xd1/0x610 [ 14.197291] ? __virt_addr_valid+0x1db/0x2d0 [ 14.197325] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.197365] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.197401] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.197453] kasan_report+0x141/0x180 [ 14.197484] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.197515] kasan_check_range+0x10c/0x1c0 [ 14.197550] __kasan_check_write+0x18/0x20 [ 14.197569] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.197595] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.197622] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.197645] ? trace_hardirqs_on+0x37/0xe0 [ 14.197666] ? kasan_bitops_generic+0x92/0x1c0 [ 14.197693] kasan_bitops_generic+0x116/0x1c0 [ 14.197717] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.197741] ? __pfx_read_tsc+0x10/0x10 [ 14.197761] ? ktime_get_ts64+0x86/0x230 [ 14.197785] kunit_try_run_case+0x1a5/0x480 [ 14.197809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.197831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.197854] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.197878] ? __kthread_parkme+0x82/0x180 [ 14.197898] ? preempt_count_sub+0x50/0x80 [ 14.197922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.197945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.197969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.197994] kthread+0x337/0x6f0 [ 14.198011] ? trace_preempt_on+0x20/0xc0 [ 14.198033] ? __pfx_kthread+0x10/0x10 [ 14.198053] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.198074] ? calculate_sigpending+0x7b/0xa0 [ 14.198098] ? __pfx_kthread+0x10/0x10 [ 14.198119] ret_from_fork+0x116/0x1d0 [ 14.198137] ? __pfx_kthread+0x10/0x10 [ 14.198156] ret_from_fork_asm+0x1a/0x30 [ 14.198189] </TASK> [ 14.198198] [ 14.207253] Allocated by task 279: [ 14.207452] kasan_save_stack+0x45/0x70 [ 14.207684] kasan_save_track+0x18/0x40 [ 14.207893] kasan_save_alloc_info+0x3b/0x50 [ 14.208124] __kasan_kmalloc+0xb7/0xc0 [ 14.208309] __kmalloc_cache_noprof+0x189/0x420 [ 14.208573] kasan_bitops_generic+0x92/0x1c0 [ 14.208852] kunit_try_run_case+0x1a5/0x480 [ 14.209087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.209341] kthread+0x337/0x6f0 [ 14.209526] ret_from_fork+0x116/0x1d0 [ 14.209740] ret_from_fork_asm+0x1a/0x30 [ 14.210041] [ 14.210156] The buggy address belongs to the object at ffff888101684300 [ 14.210156] which belongs to the cache kmalloc-16 of size 16 [ 14.210668] The buggy address is located 8 bytes inside of [ 14.210668] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.211211] [ 14.211284] The buggy address belongs to the physical page: [ 14.211564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.211993] flags: 0x200000000000000(node=0|zone=2) [ 14.212219] page_type: f5(slab) [ 14.212396] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.212715] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.213059] page dumped because: kasan: bad access detected [ 14.213275] [ 14.213345] Memory state around the buggy address: [ 14.213529] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.213852] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.214161] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.214505] ^ [ 14.214693] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.214943] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.215147] ================================================================== [ 14.083813] ================================================================== [ 14.084406] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.085006] Write of size 8 at addr ffff888101684308 by task kunit_try_catch/279 [ 14.085642] [ 14.085791] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.085952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.085966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.086059] Call Trace: [ 14.086073] <TASK> [ 14.086087] dump_stack_lvl+0x73/0xb0 [ 14.086118] print_report+0xd1/0x610 [ 14.086140] ? __virt_addr_valid+0x1db/0x2d0 [ 14.086163] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.086188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.086211] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.086238] kasan_report+0x141/0x180 [ 14.086259] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.086291] kasan_check_range+0x10c/0x1c0 [ 14.086314] __kasan_check_write+0x18/0x20 [ 14.086333] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.086359] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.086386] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.086422] ? trace_hardirqs_on+0x37/0xe0 [ 14.086457] ? kasan_bitops_generic+0x92/0x1c0 [ 14.086485] kasan_bitops_generic+0x116/0x1c0 [ 14.086508] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.086533] ? __pfx_read_tsc+0x10/0x10 [ 14.086553] ? ktime_get_ts64+0x86/0x230 [ 14.086578] kunit_try_run_case+0x1a5/0x480 [ 14.086601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.086623] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.086648] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.086671] ? __kthread_parkme+0x82/0x180 [ 14.086690] ? preempt_count_sub+0x50/0x80 [ 14.086713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.086737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.086760] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.086784] kthread+0x337/0x6f0 [ 14.086803] ? trace_preempt_on+0x20/0xc0 [ 14.086824] ? __pfx_kthread+0x10/0x10 [ 14.086844] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.086865] ? calculate_sigpending+0x7b/0xa0 [ 14.086888] ? __pfx_kthread+0x10/0x10 [ 14.086909] ret_from_fork+0x116/0x1d0 [ 14.086927] ? __pfx_kthread+0x10/0x10 [ 14.086946] ret_from_fork_asm+0x1a/0x30 [ 14.086978] </TASK> [ 14.086987] [ 14.100160] Allocated by task 279: [ 14.100516] kasan_save_stack+0x45/0x70 [ 14.101069] kasan_save_track+0x18/0x40 [ 14.101283] kasan_save_alloc_info+0x3b/0x50 [ 14.101505] __kasan_kmalloc+0xb7/0xc0 [ 14.101963] __kmalloc_cache_noprof+0x189/0x420 [ 14.102213] kasan_bitops_generic+0x92/0x1c0 [ 14.102548] kunit_try_run_case+0x1a5/0x480 [ 14.103026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.103375] kthread+0x337/0x6f0 [ 14.103599] ret_from_fork+0x116/0x1d0 [ 14.103781] ret_from_fork_asm+0x1a/0x30 [ 14.104280] [ 14.104365] The buggy address belongs to the object at ffff888101684300 [ 14.104365] which belongs to the cache kmalloc-16 of size 16 [ 14.105247] The buggy address is located 8 bytes inside of [ 14.105247] allocated 9-byte region [ffff888101684300, ffff888101684309) [ 14.106184] [ 14.106265] The buggy address belongs to the physical page: [ 14.106697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 14.107545] flags: 0x200000000000000(node=0|zone=2) [ 14.108098] page_type: f5(slab) [ 14.108351] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.108895] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.109135] page dumped because: kasan: bad access detected [ 14.109311] [ 14.109381] Memory state around the buggy address: [ 14.110036] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 14.110777] ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.111391] >ffff888101684300: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.112137] ^ [ 14.112514] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.113262] ffff888101684400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.113853] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.056894] ================================================================== [ 14.057238] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.057672] Read of size 1 at addr ffff8881026f44d0 by task kunit_try_catch/277 [ 14.058015] [ 14.058115] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.058156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.058166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.058186] Call Trace: [ 14.058199] <TASK> [ 14.058224] dump_stack_lvl+0x73/0xb0 [ 14.058250] print_report+0xd1/0x610 [ 14.058271] ? __virt_addr_valid+0x1db/0x2d0 [ 14.058304] ? strnlen+0x73/0x80 [ 14.058321] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.058343] ? strnlen+0x73/0x80 [ 14.058361] kasan_report+0x141/0x180 [ 14.058383] ? strnlen+0x73/0x80 [ 14.058426] __asan_report_load1_noabort+0x18/0x20 [ 14.058467] strnlen+0x73/0x80 [ 14.058487] kasan_strings+0x615/0xe80 [ 14.058547] ? trace_hardirqs_on+0x37/0xe0 [ 14.058572] ? __pfx_kasan_strings+0x10/0x10 [ 14.058594] ? __kasan_check_write+0x18/0x20 [ 14.058613] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.058647] ? irqentry_exit+0x2a/0x60 [ 14.058667] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.058692] ? trace_hardirqs_on+0x37/0xe0 [ 14.058725] ? __pfx_read_tsc+0x10/0x10 [ 14.058744] ? ktime_get_ts64+0x86/0x230 [ 14.058768] kunit_try_run_case+0x1a5/0x480 [ 14.058792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.058825] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.058848] ? __kthread_parkme+0x82/0x180 [ 14.058868] ? preempt_count_sub+0x50/0x80 [ 14.058902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.058927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.058951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.058975] kthread+0x337/0x6f0 [ 14.059002] ? trace_preempt_on+0x20/0xc0 [ 14.059023] ? __pfx_kthread+0x10/0x10 [ 14.059044] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.059075] ? calculate_sigpending+0x7b/0xa0 [ 14.059099] ? __pfx_kthread+0x10/0x10 [ 14.059121] ret_from_fork+0x116/0x1d0 [ 14.059139] ? __pfx_kthread+0x10/0x10 [ 14.059159] ret_from_fork_asm+0x1a/0x30 [ 14.059191] </TASK> [ 14.059201] [ 14.066835] Allocated by task 277: [ 14.066967] kasan_save_stack+0x45/0x70 [ 14.067114] kasan_save_track+0x18/0x40 [ 14.067250] kasan_save_alloc_info+0x3b/0x50 [ 14.067422] __kasan_kmalloc+0xb7/0xc0 [ 14.067618] __kmalloc_cache_noprof+0x189/0x420 [ 14.067841] kasan_strings+0xc0/0xe80 [ 14.068110] kunit_try_run_case+0x1a5/0x480 [ 14.068321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.068812] kthread+0x337/0x6f0 [ 14.068981] ret_from_fork+0x116/0x1d0 [ 14.069168] ret_from_fork_asm+0x1a/0x30 [ 14.069361] [ 14.069461] Freed by task 277: [ 14.069904] kasan_save_stack+0x45/0x70 [ 14.070123] kasan_save_track+0x18/0x40 [ 14.070348] kasan_save_free_info+0x3f/0x60 [ 14.070697] __kasan_slab_free+0x56/0x70 [ 14.070842] kfree+0x222/0x3f0 [ 14.070956] kasan_strings+0x2aa/0xe80 [ 14.071086] kunit_try_run_case+0x1a5/0x480 [ 14.071228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.071398] kthread+0x337/0x6f0 [ 14.071696] ret_from_fork+0x116/0x1d0 [ 14.072084] ret_from_fork_asm+0x1a/0x30 [ 14.072342] [ 14.072584] The buggy address belongs to the object at ffff8881026f44c0 [ 14.072584] which belongs to the cache kmalloc-32 of size 32 [ 14.073451] The buggy address is located 16 bytes inside of [ 14.073451] freed 32-byte region [ffff8881026f44c0, ffff8881026f44e0) [ 14.074134] [ 14.074282] The buggy address belongs to the physical page: [ 14.074739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f4 [ 14.075043] flags: 0x200000000000000(node=0|zone=2) [ 14.075210] page_type: f5(slab) [ 14.075335] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.075691] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.076263] page dumped because: kasan: bad access detected [ 14.076682] [ 14.076814] Memory state around the buggy address: [ 14.077061] ffff8881026f4380: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.077287] ffff8881026f4400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.077518] >ffff8881026f4480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.077891] ^ [ 14.078218] ffff8881026f4500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.079046] ffff8881026f4580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.080079] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.034304] ================================================================== [ 14.034695] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.034989] Read of size 1 at addr ffff8881026f44d0 by task kunit_try_catch/277 [ 14.035249] [ 14.035332] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.035373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.035385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.035404] Call Trace: [ 14.035417] <TASK> [ 14.035432] dump_stack_lvl+0x73/0xb0 [ 14.035468] print_report+0xd1/0x610 [ 14.035490] ? __virt_addr_valid+0x1db/0x2d0 [ 14.035511] ? strlen+0x8f/0xb0 [ 14.035526] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.035549] ? strlen+0x8f/0xb0 [ 14.035567] kasan_report+0x141/0x180 [ 14.035589] ? strlen+0x8f/0xb0 [ 14.035611] __asan_report_load1_noabort+0x18/0x20 [ 14.035635] strlen+0x8f/0xb0 [ 14.035653] kasan_strings+0x57b/0xe80 [ 14.035673] ? trace_hardirqs_on+0x37/0xe0 [ 14.035695] ? __pfx_kasan_strings+0x10/0x10 [ 14.035717] ? __kasan_check_write+0x18/0x20 [ 14.035736] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.035759] ? irqentry_exit+0x2a/0x60 [ 14.035779] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.035803] ? trace_hardirqs_on+0x37/0xe0 [ 14.035825] ? __pfx_read_tsc+0x10/0x10 [ 14.035844] ? ktime_get_ts64+0x86/0x230 [ 14.035868] kunit_try_run_case+0x1a5/0x480 [ 14.035891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.035915] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.035938] ? __kthread_parkme+0x82/0x180 [ 14.035958] ? preempt_count_sub+0x50/0x80 [ 14.035981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.036005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.036029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.036053] kthread+0x337/0x6f0 [ 14.036072] ? trace_preempt_on+0x20/0xc0 [ 14.036093] ? __pfx_kthread+0x10/0x10 [ 14.036112] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.036134] ? calculate_sigpending+0x7b/0xa0 [ 14.036158] ? __pfx_kthread+0x10/0x10 [ 14.036179] ret_from_fork+0x116/0x1d0 [ 14.036197] ? __pfx_kthread+0x10/0x10 [ 14.036219] ret_from_fork_asm+0x1a/0x30 [ 14.036333] </TASK> [ 14.036345] [ 14.045034] Allocated by task 277: [ 14.045198] kasan_save_stack+0x45/0x70 [ 14.045628] kasan_save_track+0x18/0x40 [ 14.045834] kasan_save_alloc_info+0x3b/0x50 [ 14.046052] __kasan_kmalloc+0xb7/0xc0 [ 14.046225] __kmalloc_cache_noprof+0x189/0x420 [ 14.046529] kasan_strings+0xc0/0xe80 [ 14.046710] kunit_try_run_case+0x1a5/0x480 [ 14.046859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.047035] kthread+0x337/0x6f0 [ 14.047203] ret_from_fork+0x116/0x1d0 [ 14.047432] ret_from_fork_asm+0x1a/0x30 [ 14.047728] [ 14.047865] Freed by task 277: [ 14.048019] kasan_save_stack+0x45/0x70 [ 14.048215] kasan_save_track+0x18/0x40 [ 14.048362] kasan_save_free_info+0x3f/0x60 [ 14.048751] __kasan_slab_free+0x56/0x70 [ 14.048944] kfree+0x222/0x3f0 [ 14.049083] kasan_strings+0x2aa/0xe80 [ 14.049294] kunit_try_run_case+0x1a5/0x480 [ 14.049493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.049873] kthread+0x337/0x6f0 [ 14.050056] ret_from_fork+0x116/0x1d0 [ 14.050227] ret_from_fork_asm+0x1a/0x30 [ 14.050484] [ 14.050716] The buggy address belongs to the object at ffff8881026f44c0 [ 14.050716] which belongs to the cache kmalloc-32 of size 32 [ 14.051202] The buggy address is located 16 bytes inside of [ 14.051202] freed 32-byte region [ffff8881026f44c0, ffff8881026f44e0) [ 14.051731] [ 14.051806] The buggy address belongs to the physical page: [ 14.051978] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f4 [ 14.052218] flags: 0x200000000000000(node=0|zone=2) [ 14.052380] page_type: f5(slab) [ 14.052753] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.053093] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.053475] page dumped because: kasan: bad access detected [ 14.053852] [ 14.053923] Memory state around the buggy address: [ 14.054079] ffff8881026f4380: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.054298] ffff8881026f4400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.054546] >ffff8881026f4480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.054894] ^ [ 14.055191] ffff8881026f4500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.055657] ffff8881026f4580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.056267] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.011066] ================================================================== [ 14.011391] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.011946] Read of size 1 at addr ffff8881026f44d0 by task kunit_try_catch/277 [ 14.012260] [ 14.012386] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.012429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.012455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.012475] Call Trace: [ 14.012489] <TASK> [ 14.012503] dump_stack_lvl+0x73/0xb0 [ 14.012528] print_report+0xd1/0x610 [ 14.012550] ? __virt_addr_valid+0x1db/0x2d0 [ 14.012571] ? kasan_strings+0xcbc/0xe80 [ 14.012591] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.012615] ? kasan_strings+0xcbc/0xe80 [ 14.012647] kasan_report+0x141/0x180 [ 14.012668] ? kasan_strings+0xcbc/0xe80 [ 14.012695] __asan_report_load1_noabort+0x18/0x20 [ 14.012731] kasan_strings+0xcbc/0xe80 [ 14.012762] ? trace_hardirqs_on+0x37/0xe0 [ 14.012785] ? __pfx_kasan_strings+0x10/0x10 [ 14.012807] ? __kasan_check_write+0x18/0x20 [ 14.012825] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.012858] ? irqentry_exit+0x2a/0x60 [ 14.012878] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.012902] ? trace_hardirqs_on+0x37/0xe0 [ 14.012935] ? __pfx_read_tsc+0x10/0x10 [ 14.012955] ? ktime_get_ts64+0x86/0x230 [ 14.012979] kunit_try_run_case+0x1a5/0x480 [ 14.013002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.013035] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.013058] ? __kthread_parkme+0x82/0x180 [ 14.013077] ? preempt_count_sub+0x50/0x80 [ 14.013112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.013139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.013163] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.013187] kthread+0x337/0x6f0 [ 14.013214] ? trace_preempt_on+0x20/0xc0 [ 14.013236] ? __pfx_kthread+0x10/0x10 [ 14.013255] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.013287] ? calculate_sigpending+0x7b/0xa0 [ 14.013310] ? __pfx_kthread+0x10/0x10 [ 14.013332] ret_from_fork+0x116/0x1d0 [ 14.013350] ? __pfx_kthread+0x10/0x10 [ 14.013377] ret_from_fork_asm+0x1a/0x30 [ 14.013409] </TASK> [ 14.013417] [ 14.021812] Allocated by task 277: [ 14.021940] kasan_save_stack+0x45/0x70 [ 14.022085] kasan_save_track+0x18/0x40 [ 14.022221] kasan_save_alloc_info+0x3b/0x50 [ 14.022371] __kasan_kmalloc+0xb7/0xc0 [ 14.022604] __kmalloc_cache_noprof+0x189/0x420 [ 14.023027] kasan_strings+0xc0/0xe80 [ 14.023221] kunit_try_run_case+0x1a5/0x480 [ 14.023489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.024040] kthread+0x337/0x6f0 [ 14.024173] ret_from_fork+0x116/0x1d0 [ 14.024306] ret_from_fork_asm+0x1a/0x30 [ 14.024458] [ 14.024528] Freed by task 277: [ 14.024640] kasan_save_stack+0x45/0x70 [ 14.024929] kasan_save_track+0x18/0x40 [ 14.025147] kasan_save_free_info+0x3f/0x60 [ 14.025402] __kasan_slab_free+0x56/0x70 [ 14.025870] kfree+0x222/0x3f0 [ 14.026068] kasan_strings+0x2aa/0xe80 [ 14.026296] kunit_try_run_case+0x1a5/0x480 [ 14.026662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.026920] kthread+0x337/0x6f0 [ 14.027042] ret_from_fork+0x116/0x1d0 [ 14.027200] ret_from_fork_asm+0x1a/0x30 [ 14.027398] [ 14.027614] The buggy address belongs to the object at ffff8881026f44c0 [ 14.027614] which belongs to the cache kmalloc-32 of size 32 [ 14.028356] The buggy address is located 16 bytes inside of [ 14.028356] freed 32-byte region [ffff8881026f44c0, ffff8881026f44e0) [ 14.028957] [ 14.029059] The buggy address belongs to the physical page: [ 14.029312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f4 [ 14.029791] flags: 0x200000000000000(node=0|zone=2) [ 14.030042] page_type: f5(slab) [ 14.030216] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.030666] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.031009] page dumped because: kasan: bad access detected [ 14.031259] [ 14.031375] Memory state around the buggy address: [ 14.031681] ffff8881026f4380: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.031994] ffff8881026f4400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.032313] >ffff8881026f4480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.032798] ^ [ 14.033092] ffff8881026f4500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.033386] ffff8881026f4580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.033827] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 13.987896] ================================================================== [ 13.988983] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 13.989327] Read of size 1 at addr ffff8881026f44d0 by task kunit_try_catch/277 [ 13.989794] [ 13.989927] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.989981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.989993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.990014] Call Trace: [ 13.990037] <TASK> [ 13.990051] dump_stack_lvl+0x73/0xb0 [ 13.990079] print_report+0xd1/0x610 [ 13.990102] ? __virt_addr_valid+0x1db/0x2d0 [ 13.990125] ? strcmp+0xb0/0xc0 [ 13.990141] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.990163] ? strcmp+0xb0/0xc0 [ 13.990181] kasan_report+0x141/0x180 [ 13.990212] ? strcmp+0xb0/0xc0 [ 13.990235] __asan_report_load1_noabort+0x18/0x20 [ 13.990258] strcmp+0xb0/0xc0 [ 13.990288] kasan_strings+0x431/0xe80 [ 13.990308] ? trace_hardirqs_on+0x37/0xe0 [ 13.990332] ? __pfx_kasan_strings+0x10/0x10 [ 13.990355] ? __kasan_check_write+0x18/0x20 [ 13.990374] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.990399] ? irqentry_exit+0x2a/0x60 [ 13.990420] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.990454] ? trace_hardirqs_on+0x37/0xe0 [ 13.990475] ? __pfx_read_tsc+0x10/0x10 [ 13.990496] ? ktime_get_ts64+0x86/0x230 [ 13.990562] kunit_try_run_case+0x1a5/0x480 [ 13.990603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.990635] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.990659] ? __kthread_parkme+0x82/0x180 [ 13.990679] ? preempt_count_sub+0x50/0x80 [ 13.990704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.990728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.990760] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.990785] kthread+0x337/0x6f0 [ 13.990806] ? trace_preempt_on+0x20/0xc0 [ 13.990841] ? __pfx_kthread+0x10/0x10 [ 13.990861] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.990882] ? calculate_sigpending+0x7b/0xa0 [ 13.990906] ? __pfx_kthread+0x10/0x10 [ 13.990928] ret_from_fork+0x116/0x1d0 [ 13.990946] ? __pfx_kthread+0x10/0x10 [ 13.990967] ret_from_fork_asm+0x1a/0x30 [ 13.991000] </TASK> [ 13.991009] [ 13.999231] Allocated by task 277: [ 13.999422] kasan_save_stack+0x45/0x70 [ 13.999928] kasan_save_track+0x18/0x40 [ 14.000154] kasan_save_alloc_info+0x3b/0x50 [ 14.000396] __kasan_kmalloc+0xb7/0xc0 [ 14.000627] __kmalloc_cache_noprof+0x189/0x420 [ 14.000810] kasan_strings+0xc0/0xe80 [ 14.001079] kunit_try_run_case+0x1a5/0x480 [ 14.001253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.001628] kthread+0x337/0x6f0 [ 14.001754] ret_from_fork+0x116/0x1d0 [ 14.001926] ret_from_fork_asm+0x1a/0x30 [ 14.002156] [ 14.002253] Freed by task 277: [ 14.002407] kasan_save_stack+0x45/0x70 [ 14.002650] kasan_save_track+0x18/0x40 [ 14.002851] kasan_save_free_info+0x3f/0x60 [ 14.003066] __kasan_slab_free+0x56/0x70 [ 14.003243] kfree+0x222/0x3f0 [ 14.003410] kasan_strings+0x2aa/0xe80 [ 14.003671] kunit_try_run_case+0x1a5/0x480 [ 14.003869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.004130] kthread+0x337/0x6f0 [ 14.004288] ret_from_fork+0x116/0x1d0 [ 14.004657] ret_from_fork_asm+0x1a/0x30 [ 14.004867] [ 14.004986] The buggy address belongs to the object at ffff8881026f44c0 [ 14.004986] which belongs to the cache kmalloc-32 of size 32 [ 14.005371] The buggy address is located 16 bytes inside of [ 14.005371] freed 32-byte region [ffff8881026f44c0, ffff8881026f44e0) [ 14.005736] [ 14.005809] The buggy address belongs to the physical page: [ 14.005983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f4 [ 14.006380] flags: 0x200000000000000(node=0|zone=2) [ 14.006678] page_type: f5(slab) [ 14.006845] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.007457] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.008059] page dumped because: kasan: bad access detected [ 14.008234] [ 14.008303] Memory state around the buggy address: [ 14.008575] ffff8881026f4380: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.008929] ffff8881026f4400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.009286] >ffff8881026f4480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.009704] ^ [ 14.009947] ffff8881026f4500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.010166] ffff8881026f4580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.010535] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 13.959051] ================================================================== [ 13.959616] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 13.959927] Read of size 1 at addr ffff8881026f4458 by task kunit_try_catch/275 [ 13.960239] [ 13.960351] CPU: 1 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.960395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.960415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.960453] Call Trace: [ 13.960465] <TASK> [ 13.960479] dump_stack_lvl+0x73/0xb0 [ 13.960507] print_report+0xd1/0x610 [ 13.960583] ? __virt_addr_valid+0x1db/0x2d0 [ 13.960607] ? memcmp+0x1b4/0x1d0 [ 13.960625] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.960648] ? memcmp+0x1b4/0x1d0 [ 13.960677] kasan_report+0x141/0x180 [ 13.960699] ? memcmp+0x1b4/0x1d0 [ 13.960723] __asan_report_load1_noabort+0x18/0x20 [ 13.960759] memcmp+0x1b4/0x1d0 [ 13.960778] kasan_memcmp+0x18f/0x390 [ 13.960798] ? trace_hardirqs_on+0x37/0xe0 [ 13.960821] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.960842] ? finish_task_switch.isra.0+0x153/0x700 [ 13.960873] ? __switch_to+0x47/0xf50 [ 13.960902] ? __pfx_read_tsc+0x10/0x10 [ 13.960922] ? ktime_get_ts64+0x86/0x230 [ 13.960957] kunit_try_run_case+0x1a5/0x480 [ 13.960981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.961004] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.961027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.961051] ? __kthread_parkme+0x82/0x180 [ 13.961071] ? preempt_count_sub+0x50/0x80 [ 13.961095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.961119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.961148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.961172] kthread+0x337/0x6f0 [ 13.961191] ? trace_preempt_on+0x20/0xc0 [ 13.961221] ? __pfx_kthread+0x10/0x10 [ 13.961241] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.961264] ? calculate_sigpending+0x7b/0xa0 [ 13.961298] ? __pfx_kthread+0x10/0x10 [ 13.961320] ret_from_fork+0x116/0x1d0 [ 13.961337] ? __pfx_kthread+0x10/0x10 [ 13.961358] ret_from_fork_asm+0x1a/0x30 [ 13.961390] </TASK> [ 13.961400] [ 13.970046] Allocated by task 275: [ 13.970278] kasan_save_stack+0x45/0x70 [ 13.970617] kasan_save_track+0x18/0x40 [ 13.970762] kasan_save_alloc_info+0x3b/0x50 [ 13.970940] __kasan_kmalloc+0xb7/0xc0 [ 13.971132] __kmalloc_cache_noprof+0x189/0x420 [ 13.971380] kasan_memcmp+0xb7/0x390 [ 13.971677] kunit_try_run_case+0x1a5/0x480 [ 13.971898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.972145] kthread+0x337/0x6f0 [ 13.972267] ret_from_fork+0x116/0x1d0 [ 13.972589] ret_from_fork_asm+0x1a/0x30 [ 13.972754] [ 13.972870] The buggy address belongs to the object at ffff8881026f4440 [ 13.972870] which belongs to the cache kmalloc-32 of size 32 [ 13.973381] The buggy address is located 0 bytes to the right of [ 13.973381] allocated 24-byte region [ffff8881026f4440, ffff8881026f4458) [ 13.974036] [ 13.974128] The buggy address belongs to the physical page: [ 13.974371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f4 [ 13.974981] flags: 0x200000000000000(node=0|zone=2) [ 13.975185] page_type: f5(slab) [ 13.975307] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.975554] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.975780] page dumped because: kasan: bad access detected [ 13.976022] [ 13.976196] Memory state around the buggy address: [ 13.976415] ffff8881026f4300: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.976738] ffff8881026f4380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.977354] >ffff8881026f4400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.977841] ^ [ 13.978034] ffff8881026f4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.978251] ffff8881026f4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.978757] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 13.932765] ================================================================== [ 13.933255] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 13.933589] Read of size 1 at addr ffff888103b4fc4a by task kunit_try_catch/271 [ 13.934164] [ 13.934399] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.934515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.934528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.934560] Call Trace: [ 13.934572] <TASK> [ 13.934588] dump_stack_lvl+0x73/0xb0 [ 13.934631] print_report+0xd1/0x610 [ 13.934656] ? __virt_addr_valid+0x1db/0x2d0 [ 13.934680] ? kasan_alloca_oob_right+0x329/0x390 [ 13.934702] ? kasan_addr_to_slab+0x11/0xa0 [ 13.934723] ? kasan_alloca_oob_right+0x329/0x390 [ 13.934746] kasan_report+0x141/0x180 [ 13.934769] ? kasan_alloca_oob_right+0x329/0x390 [ 13.934807] __asan_report_load1_noabort+0x18/0x20 [ 13.934831] kasan_alloca_oob_right+0x329/0x390 [ 13.934853] ? __kasan_check_write+0x18/0x20 [ 13.934883] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.934906] ? finish_task_switch.isra.0+0x153/0x700 [ 13.934929] ? __schedule+0x100e/0x2b60 [ 13.934951] ? trace_hardirqs_on+0x37/0xe0 [ 13.934976] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.935008] ? __kasan_check_write+0x18/0x20 [ 13.935028] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.935055] ? trace_hardirqs_on+0x37/0xe0 [ 13.935087] ? __pfx_read_tsc+0x10/0x10 [ 13.935109] ? ktime_get_ts64+0x86/0x230 [ 13.935134] kunit_try_run_case+0x1a5/0x480 [ 13.935160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.935185] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.935208] ? __kthread_parkme+0x82/0x180 [ 13.935230] ? preempt_count_sub+0x50/0x80 [ 13.935254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.935278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.935302] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.935326] kthread+0x337/0x6f0 [ 13.935345] ? trace_preempt_on+0x20/0xc0 [ 13.935368] ? __pfx_kthread+0x10/0x10 [ 13.935388] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.935466] ? calculate_sigpending+0x7b/0xa0 [ 13.935492] ? __pfx_kthread+0x10/0x10 [ 13.935514] ret_from_fork+0x116/0x1d0 [ 13.935532] ? __pfx_kthread+0x10/0x10 [ 13.935552] ret_from_fork_asm+0x1a/0x30 [ 13.935585] </TASK> [ 13.935596] [ 13.944425] The buggy address belongs to stack of task kunit_try_catch/271 [ 13.944994] [ 13.945118] The buggy address belongs to the physical page: [ 13.945306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b4f [ 13.945920] flags: 0x200000000000000(node=0|zone=2) [ 13.946184] raw: 0200000000000000 ffffea00040ed3c8 ffffea00040ed3c8 0000000000000000 [ 13.946612] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.946947] page dumped because: kasan: bad access detected [ 13.947187] [ 13.947296] Memory state around the buggy address: [ 13.947618] ffff888103b4fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.947933] ffff888103b4fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.948250] >ffff888103b4fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.948569] ^ [ 13.948812] ffff888103b4fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.949308] ffff888103b4fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.949776] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 13.906775] ================================================================== [ 13.907271] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 13.907699] Read of size 1 at addr ffff888103b57c3f by task kunit_try_catch/269 [ 13.908244] [ 13.908379] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.908444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.908455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.908479] Call Trace: [ 13.908493] <TASK> [ 13.908511] dump_stack_lvl+0x73/0xb0 [ 13.908542] print_report+0xd1/0x610 [ 13.908564] ? __virt_addr_valid+0x1db/0x2d0 [ 13.908587] ? kasan_alloca_oob_left+0x320/0x380 [ 13.908610] ? kasan_addr_to_slab+0x11/0xa0 [ 13.908631] ? kasan_alloca_oob_left+0x320/0x380 [ 13.908654] kasan_report+0x141/0x180 [ 13.908676] ? kasan_alloca_oob_left+0x320/0x380 [ 13.908704] __asan_report_load1_noabort+0x18/0x20 [ 13.908728] kasan_alloca_oob_left+0x320/0x380 [ 13.908752] ? irqentry_exit+0x2a/0x60 [ 13.908773] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.908798] ? trace_hardirqs_on+0x37/0xe0 [ 13.908825] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.908853] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.908881] kunit_try_run_case+0x1a5/0x480 [ 13.908906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.908927] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.908952] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.908975] ? __kthread_parkme+0x82/0x180 [ 13.908996] ? preempt_count_sub+0x50/0x80 [ 13.909020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.909044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.909068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.909092] kthread+0x337/0x6f0 [ 13.909111] ? trace_preempt_on+0x20/0xc0 [ 13.909138] ? __pfx_kthread+0x10/0x10 [ 13.909160] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.909181] ? calculate_sigpending+0x7b/0xa0 [ 13.909218] ? __pfx_kthread+0x10/0x10 [ 13.909239] ret_from_fork+0x116/0x1d0 [ 13.909258] ? __pfx_kthread+0x10/0x10 [ 13.909278] ret_from_fork_asm+0x1a/0x30 [ 13.909311] </TASK> [ 13.909321] [ 13.924178] The buggy address belongs to stack of task kunit_try_catch/269 [ 13.924708] [ 13.924784] The buggy address belongs to the physical page: [ 13.924960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b57 [ 13.925208] flags: 0x200000000000000(node=0|zone=2) [ 13.925389] raw: 0200000000000000 ffffea00040ed5c8 ffffea00040ed5c8 0000000000000000 [ 13.925709] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.926017] page dumped because: kasan: bad access detected [ 13.926262] [ 13.926375] Memory state around the buggy address: [ 13.926789] ffff888103b57b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.927025] ffff888103b57b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.927374] >ffff888103b57c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.927754] ^ [ 13.927983] ffff888103b57c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.928467] ffff888103b57d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.928758] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 13.875547] ================================================================== [ 13.876380] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 13.877161] Read of size 1 at addr ffff888103b47d02 by task kunit_try_catch/267 [ 13.877929] [ 13.878163] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.878229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.878240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.878263] Call Trace: [ 13.878275] <TASK> [ 13.878292] dump_stack_lvl+0x73/0xb0 [ 13.878323] print_report+0xd1/0x610 [ 13.878346] ? __virt_addr_valid+0x1db/0x2d0 [ 13.878370] ? kasan_stack_oob+0x2b5/0x300 [ 13.878390] ? kasan_addr_to_slab+0x11/0xa0 [ 13.878424] ? kasan_stack_oob+0x2b5/0x300 [ 13.878456] kasan_report+0x141/0x180 [ 13.878478] ? kasan_stack_oob+0x2b5/0x300 [ 13.878504] __asan_report_load1_noabort+0x18/0x20 [ 13.878529] kasan_stack_oob+0x2b5/0x300 [ 13.878551] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.878570] ? finish_task_switch.isra.0+0x153/0x700 [ 13.878623] ? __switch_to+0x47/0xf50 [ 13.878651] ? __schedule+0x10cc/0x2b60 [ 13.878674] ? __pfx_read_tsc+0x10/0x10 [ 13.878695] ? ktime_get_ts64+0x86/0x230 [ 13.878720] kunit_try_run_case+0x1a5/0x480 [ 13.878745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.878768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.878793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.878817] ? __kthread_parkme+0x82/0x180 [ 13.878839] ? preempt_count_sub+0x50/0x80 [ 13.878862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.878886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.878910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.878933] kthread+0x337/0x6f0 [ 13.878953] ? trace_preempt_on+0x20/0xc0 [ 13.878977] ? __pfx_kthread+0x10/0x10 [ 13.878997] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.879018] ? calculate_sigpending+0x7b/0xa0 [ 13.879042] ? __pfx_kthread+0x10/0x10 [ 13.879064] ret_from_fork+0x116/0x1d0 [ 13.879082] ? __pfx_kthread+0x10/0x10 [ 13.879102] ret_from_fork_asm+0x1a/0x30 [ 13.879135] </TASK> [ 13.879144] [ 13.891219] The buggy address belongs to stack of task kunit_try_catch/267 [ 13.892107] and is located at offset 138 in frame: [ 13.892716] kasan_stack_oob+0x0/0x300 [ 13.893581] [ 13.893840] This frame has 4 objects: [ 13.894372] [48, 49) '__assertion' [ 13.894399] [64, 72) 'array' [ 13.894950] [96, 112) '__assertion' [ 13.895592] [128, 138) 'stack_array' [ 13.895918] [ 13.896121] The buggy address belongs to the physical page: [ 13.896304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b47 [ 13.897200] flags: 0x200000000000000(node=0|zone=2) [ 13.897723] raw: 0200000000000000 ffffea00040ed1c8 ffffea00040ed1c8 0000000000000000 [ 13.897965] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.898193] page dumped because: kasan: bad access detected [ 13.898366] [ 13.898449] Memory state around the buggy address: [ 13.898636] ffff888103b47c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.898852] ffff888103b47c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 13.899388] >ffff888103b47d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.899744] ^ [ 13.899941] ffff888103b47d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 13.900170] ffff888103b47e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.900542] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 13.848139] ================================================================== [ 13.848977] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 13.849505] Read of size 1 at addr ffffffffaa863e8d by task kunit_try_catch/263 [ 13.850260] [ 13.850746] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.850815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.850828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.850851] Call Trace: [ 13.850864] <TASK> [ 13.850882] dump_stack_lvl+0x73/0xb0 [ 13.850915] print_report+0xd1/0x610 [ 13.850937] ? __virt_addr_valid+0x1db/0x2d0 [ 13.850961] ? kasan_global_oob_right+0x286/0x2d0 [ 13.850983] ? kasan_addr_to_slab+0x11/0xa0 [ 13.851003] ? kasan_global_oob_right+0x286/0x2d0 [ 13.851025] kasan_report+0x141/0x180 [ 13.851047] ? kasan_global_oob_right+0x286/0x2d0 [ 13.851074] __asan_report_load1_noabort+0x18/0x20 [ 13.851098] kasan_global_oob_right+0x286/0x2d0 [ 13.851119] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.851145] ? __schedule+0x10cc/0x2b60 [ 13.851167] ? __pfx_read_tsc+0x10/0x10 [ 13.851187] ? ktime_get_ts64+0x86/0x230 [ 13.851212] kunit_try_run_case+0x1a5/0x480 [ 13.851237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.851259] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.851283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.851307] ? __kthread_parkme+0x82/0x180 [ 13.851327] ? preempt_count_sub+0x50/0x80 [ 13.851351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.851375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.851399] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.851423] kthread+0x337/0x6f0 [ 13.851453] ? trace_preempt_on+0x20/0xc0 [ 13.851476] ? __pfx_kthread+0x10/0x10 [ 13.851497] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.851517] ? calculate_sigpending+0x7b/0xa0 [ 13.851541] ? __pfx_kthread+0x10/0x10 [ 13.851562] ret_from_fork+0x116/0x1d0 [ 13.851580] ? __pfx_kthread+0x10/0x10 [ 13.851600] ret_from_fork_asm+0x1a/0x30 [ 13.851632] </TASK> [ 13.851642] [ 13.863185] The buggy address belongs to the variable: [ 13.863822] global_array+0xd/0x40 [ 13.864192] [ 13.864524] The buggy address belongs to the physical page: [ 13.864950] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x15fc63 [ 13.865566] flags: 0x200000000002000(reserved|node=0|zone=2) [ 13.865843] raw: 0200000000002000 ffffea00057f18c8 ffffea00057f18c8 0000000000000000 [ 13.866175] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.866927] page dumped because: kasan: bad access detected [ 13.867173] [ 13.867245] Memory state around the buggy address: [ 13.867771] ffffffffaa863d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.868178] ffffffffaa863e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.868746] >ffffffffaa863e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 13.869246] ^ [ 13.869592] ffffffffaa863f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 13.869913] ffffffffaa863f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 13.870222] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 13.819286] ================================================================== [ 13.820131] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.820498] Free of addr ffff888102bf8001 by task kunit_try_catch/261 [ 13.820739] [ 13.820844] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.820891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.820903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.820924] Call Trace: [ 13.820937] <TASK> [ 13.820955] dump_stack_lvl+0x73/0xb0 [ 13.820983] print_report+0xd1/0x610 [ 13.821005] ? __virt_addr_valid+0x1db/0x2d0 [ 13.821029] ? kasan_addr_to_slab+0x11/0xa0 [ 13.821050] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.821077] kasan_report_invalid_free+0x10a/0x130 [ 13.821102] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.821136] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.821160] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.821185] mempool_free+0x2ec/0x380 [ 13.821213] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.821238] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.821266] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.821287] ? finish_task_switch.isra.0+0x153/0x700 [ 13.821314] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 13.821339] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.821367] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.821389] ? __pfx_mempool_kfree+0x10/0x10 [ 13.821414] ? __pfx_read_tsc+0x10/0x10 [ 13.821768] ? ktime_get_ts64+0x86/0x230 [ 13.821810] kunit_try_run_case+0x1a5/0x480 [ 13.822069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.822101] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.822129] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.822152] ? __kthread_parkme+0x82/0x180 [ 13.822173] ? preempt_count_sub+0x50/0x80 [ 13.822196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.822220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.822244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.822268] kthread+0x337/0x6f0 [ 13.822287] ? trace_preempt_on+0x20/0xc0 [ 13.822311] ? __pfx_kthread+0x10/0x10 [ 13.822331] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.822352] ? calculate_sigpending+0x7b/0xa0 [ 13.822376] ? __pfx_kthread+0x10/0x10 [ 13.822397] ret_from_fork+0x116/0x1d0 [ 13.822416] ? __pfx_kthread+0x10/0x10 [ 13.822449] ret_from_fork_asm+0x1a/0x30 [ 13.822482] </TASK> [ 13.822492] [ 13.837254] The buggy address belongs to the physical page: [ 13.837842] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bf8 [ 13.838454] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.839067] flags: 0x200000000000040(head|node=0|zone=2) [ 13.839547] page_type: f8(unknown) [ 13.839971] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.840300] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.840999] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.841415] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.841988] head: 0200000000000002 ffffea00040afe01 00000000ffffffff 00000000ffffffff [ 13.842557] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.842876] page dumped because: kasan: bad access detected [ 13.843109] [ 13.843196] Memory state around the buggy address: [ 13.843407] ffff888102bf7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.843637] ffff888102bf7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.843968] >ffff888102bf8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.844360] ^ [ 13.844554] ffff888102bf8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.844782] ffff888102bf8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.845092] ================================================================== [ 13.784320] ================================================================== [ 13.784949] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.785229] Free of addr ffff8881026ef901 by task kunit_try_catch/259 [ 13.785450] [ 13.785542] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.785588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.785600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.785623] Call Trace: [ 13.785635] <TASK> [ 13.785653] dump_stack_lvl+0x73/0xb0 [ 13.785683] print_report+0xd1/0x610 [ 13.785706] ? __virt_addr_valid+0x1db/0x2d0 [ 13.785733] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.785756] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.785785] kasan_report_invalid_free+0x10a/0x130 [ 13.785813] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.785841] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.785866] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.785891] check_slab_allocation+0x11f/0x130 [ 13.785912] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.785937] mempool_free+0x2ec/0x380 [ 13.785964] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.785990] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.786021] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.786042] ? finish_task_switch.isra.0+0x153/0x700 [ 13.786069] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.786093] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.786120] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.786141] ? __pfx_mempool_kfree+0x10/0x10 [ 13.786166] ? __pfx_read_tsc+0x10/0x10 [ 13.786187] ? ktime_get_ts64+0x86/0x230 [ 13.786211] kunit_try_run_case+0x1a5/0x480 [ 13.786236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.786258] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.786282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.786305] ? __kthread_parkme+0x82/0x180 [ 13.786326] ? preempt_count_sub+0x50/0x80 [ 13.786349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.786373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.786397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.786420] kthread+0x337/0x6f0 [ 13.786473] ? trace_preempt_on+0x20/0xc0 [ 13.786497] ? __pfx_kthread+0x10/0x10 [ 13.786533] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.786555] ? calculate_sigpending+0x7b/0xa0 [ 13.786579] ? __pfx_kthread+0x10/0x10 [ 13.786600] ret_from_fork+0x116/0x1d0 [ 13.786618] ? __pfx_kthread+0x10/0x10 [ 13.786638] ret_from_fork_asm+0x1a/0x30 [ 13.786671] </TASK> [ 13.786681] [ 13.800420] Allocated by task 259: [ 13.800735] kasan_save_stack+0x45/0x70 [ 13.801675] kasan_save_track+0x18/0x40 [ 13.802066] kasan_save_alloc_info+0x3b/0x50 [ 13.802554] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.803064] remove_element+0x11e/0x190 [ 13.803697] mempool_alloc_preallocated+0x4d/0x90 [ 13.804168] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 13.804789] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.805259] kunit_try_run_case+0x1a5/0x480 [ 13.805731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.805917] kthread+0x337/0x6f0 [ 13.806038] ret_from_fork+0x116/0x1d0 [ 13.806172] ret_from_fork_asm+0x1a/0x30 [ 13.806314] [ 13.806387] The buggy address belongs to the object at ffff8881026ef900 [ 13.806387] which belongs to the cache kmalloc-128 of size 128 [ 13.807866] The buggy address is located 1 bytes inside of [ 13.807866] 128-byte region [ffff8881026ef900, ffff8881026ef980) [ 13.809039] [ 13.809248] The buggy address belongs to the physical page: [ 13.809868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ef [ 13.810386] flags: 0x200000000000000(node=0|zone=2) [ 13.810986] page_type: f5(slab) [ 13.811193] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.811900] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.812138] page dumped because: kasan: bad access detected [ 13.812311] [ 13.812379] Memory state around the buggy address: [ 13.812965] ffff8881026ef800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.813728] ffff8881026ef880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.814380] >ffff8881026ef900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.815118] ^ [ 13.815452] ffff8881026ef980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.815976] ffff8881026efa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.816190] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.755785] ================================================================== [ 13.756298] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.756647] Free of addr ffff888103af8000 by task kunit_try_catch/257 [ 13.756941] [ 13.757040] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.757084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.757096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.757117] Call Trace: [ 13.757135] <TASK> [ 13.757151] dump_stack_lvl+0x73/0xb0 [ 13.757180] print_report+0xd1/0x610 [ 13.757202] ? __virt_addr_valid+0x1db/0x2d0 [ 13.757226] ? kasan_addr_to_slab+0x11/0xa0 [ 13.757246] ? mempool_double_free_helper+0x184/0x370 [ 13.757272] kasan_report_invalid_free+0x10a/0x130 [ 13.757297] ? mempool_double_free_helper+0x184/0x370 [ 13.757324] ? mempool_double_free_helper+0x184/0x370 [ 13.757347] __kasan_mempool_poison_pages+0x115/0x130 [ 13.757372] mempool_free+0x290/0x380 [ 13.757400] mempool_double_free_helper+0x184/0x370 [ 13.757425] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.757463] ? __kasan_check_write+0x18/0x20 [ 13.757484] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.757506] ? finish_task_switch.isra.0+0x153/0x700 [ 13.757537] mempool_page_alloc_double_free+0xe8/0x140 [ 13.757562] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.757592] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.757616] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.757644] ? __pfx_read_tsc+0x10/0x10 [ 13.757664] ? ktime_get_ts64+0x86/0x230 [ 13.757690] kunit_try_run_case+0x1a5/0x480 [ 13.757715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.757748] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.757774] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.757798] ? __kthread_parkme+0x82/0x180 [ 13.758025] ? preempt_count_sub+0x50/0x80 [ 13.758048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.758072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.758096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.758120] kthread+0x337/0x6f0 [ 13.758138] ? trace_preempt_on+0x20/0xc0 [ 13.758161] ? __pfx_kthread+0x10/0x10 [ 13.758182] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.758202] ? calculate_sigpending+0x7b/0xa0 [ 13.758226] ? __pfx_kthread+0x10/0x10 [ 13.758247] ret_from_fork+0x116/0x1d0 [ 13.758266] ? __pfx_kthread+0x10/0x10 [ 13.758286] ret_from_fork_asm+0x1a/0x30 [ 13.758318] </TASK> [ 13.758329] [ 13.770793] The buggy address belongs to the physical page: [ 13.771451] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103af8 [ 13.772428] flags: 0x200000000000000(node=0|zone=2) [ 13.773304] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.773766] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.774155] page dumped because: kasan: bad access detected [ 13.774417] [ 13.774548] Memory state around the buggy address: [ 13.774998] ffff888103af7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.775282] ffff888103af7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.775759] >ffff888103af8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.776103] ^ [ 13.776265] ffff888103af8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.776757] ffff888103af8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.777077] ================================================================== [ 13.692684] ================================================================== [ 13.694016] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.694929] Free of addr ffff8881026ef500 by task kunit_try_catch/253 [ 13.695651] [ 13.695862] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.695910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.695922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.695946] Call Trace: [ 13.695958] <TASK> [ 13.695976] dump_stack_lvl+0x73/0xb0 [ 13.696010] print_report+0xd1/0x610 [ 13.696033] ? __virt_addr_valid+0x1db/0x2d0 [ 13.696059] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.696082] ? mempool_double_free_helper+0x184/0x370 [ 13.696108] kasan_report_invalid_free+0x10a/0x130 [ 13.696133] ? mempool_double_free_helper+0x184/0x370 [ 13.696159] ? mempool_double_free_helper+0x184/0x370 [ 13.696182] ? mempool_double_free_helper+0x184/0x370 [ 13.696205] check_slab_allocation+0x101/0x130 [ 13.696227] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.696252] mempool_free+0x2ec/0x380 [ 13.696280] mempool_double_free_helper+0x184/0x370 [ 13.696306] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.696329] ? update_load_avg+0x1be/0x21b0 [ 13.696358] ? finish_task_switch.isra.0+0x153/0x700 [ 13.696385] mempool_kmalloc_double_free+0xed/0x140 [ 13.696410] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.696449] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.696471] ? __pfx_mempool_kfree+0x10/0x10 [ 13.696497] ? __pfx_read_tsc+0x10/0x10 [ 13.696519] ? ktime_get_ts64+0x86/0x230 [ 13.696557] kunit_try_run_case+0x1a5/0x480 [ 13.696585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.696608] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.696633] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.696657] ? __kthread_parkme+0x82/0x180 [ 13.696679] ? preempt_count_sub+0x50/0x80 [ 13.696704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.696728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.696752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.696777] kthread+0x337/0x6f0 [ 13.696795] ? trace_preempt_on+0x20/0xc0 [ 13.696820] ? __pfx_kthread+0x10/0x10 [ 13.696840] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.696862] ? calculate_sigpending+0x7b/0xa0 [ 13.696887] ? __pfx_kthread+0x10/0x10 [ 13.696909] ret_from_fork+0x116/0x1d0 [ 13.696928] ? __pfx_kthread+0x10/0x10 [ 13.696948] ret_from_fork_asm+0x1a/0x30 [ 13.696983] </TASK> [ 13.696993] [ 13.713184] Allocated by task 253: [ 13.713557] kasan_save_stack+0x45/0x70 [ 13.714056] kasan_save_track+0x18/0x40 [ 13.714203] kasan_save_alloc_info+0x3b/0x50 [ 13.714355] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.714856] remove_element+0x11e/0x190 [ 13.715248] mempool_alloc_preallocated+0x4d/0x90 [ 13.715776] mempool_double_free_helper+0x8a/0x370 [ 13.716291] mempool_kmalloc_double_free+0xed/0x140 [ 13.716876] kunit_try_run_case+0x1a5/0x480 [ 13.717031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.717216] kthread+0x337/0x6f0 [ 13.717340] ret_from_fork+0x116/0x1d0 [ 13.717502] ret_from_fork_asm+0x1a/0x30 [ 13.717644] [ 13.717871] Freed by task 253: [ 13.718035] kasan_save_stack+0x45/0x70 [ 13.718185] kasan_save_track+0x18/0x40 [ 13.718348] kasan_save_free_info+0x3f/0x60 [ 13.718924] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.719161] mempool_free+0x2ec/0x380 [ 13.719301] mempool_double_free_helper+0x109/0x370 [ 13.719541] mempool_kmalloc_double_free+0xed/0x140 [ 13.719851] kunit_try_run_case+0x1a5/0x480 [ 13.720031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.720261] kthread+0x337/0x6f0 [ 13.720477] ret_from_fork+0x116/0x1d0 [ 13.720737] ret_from_fork_asm+0x1a/0x30 [ 13.720923] [ 13.721020] The buggy address belongs to the object at ffff8881026ef500 [ 13.721020] which belongs to the cache kmalloc-128 of size 128 [ 13.721570] The buggy address is located 0 bytes inside of [ 13.721570] 128-byte region [ffff8881026ef500, ffff8881026ef580) [ 13.721968] [ 13.722044] The buggy address belongs to the physical page: [ 13.722220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ef [ 13.722581] flags: 0x200000000000000(node=0|zone=2) [ 13.723031] page_type: f5(slab) [ 13.723212] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.723527] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.723755] page dumped because: kasan: bad access detected [ 13.724176] [ 13.724352] Memory state around the buggy address: [ 13.724696] ffff8881026ef400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.724975] ffff8881026ef480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.725596] >ffff8881026ef500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.725821] ^ [ 13.725988] ffff8881026ef580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.726306] ffff8881026ef600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.726671] ================================================================== [ 13.732724] ================================================================== [ 13.733231] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.733593] Free of addr ffff888103af8000 by task kunit_try_catch/255 [ 13.733873] [ 13.734117] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.734167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.734178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.734201] Call Trace: [ 13.734214] <TASK> [ 13.734231] dump_stack_lvl+0x73/0xb0 [ 13.734263] print_report+0xd1/0x610 [ 13.734286] ? __virt_addr_valid+0x1db/0x2d0 [ 13.734311] ? kasan_addr_to_slab+0x11/0xa0 [ 13.734331] ? mempool_double_free_helper+0x184/0x370 [ 13.734356] kasan_report_invalid_free+0x10a/0x130 [ 13.734381] ? mempool_double_free_helper+0x184/0x370 [ 13.734724] ? mempool_double_free_helper+0x184/0x370 [ 13.734748] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.734774] mempool_free+0x2ec/0x380 [ 13.734803] mempool_double_free_helper+0x184/0x370 [ 13.734828] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.734854] ? __kasan_check_write+0x18/0x20 [ 13.734874] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.734896] ? finish_task_switch.isra.0+0x153/0x700 [ 13.734924] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.734950] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.734979] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.735001] ? __pfx_mempool_kfree+0x10/0x10 [ 13.735027] ? __pfx_read_tsc+0x10/0x10 [ 13.735048] ? ktime_get_ts64+0x86/0x230 [ 13.735073] kunit_try_run_case+0x1a5/0x480 [ 13.735098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.735120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.735145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.735170] ? __kthread_parkme+0x82/0x180 [ 13.735191] ? preempt_count_sub+0x50/0x80 [ 13.735214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.735238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.735263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.735287] kthread+0x337/0x6f0 [ 13.735306] ? trace_preempt_on+0x20/0xc0 [ 13.735330] ? __pfx_kthread+0x10/0x10 [ 13.735350] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.735371] ? calculate_sigpending+0x7b/0xa0 [ 13.735396] ? __pfx_kthread+0x10/0x10 [ 13.735500] ret_from_fork+0x116/0x1d0 [ 13.735519] ? __pfx_kthread+0x10/0x10 [ 13.735552] ret_from_fork_asm+0x1a/0x30 [ 13.735585] </TASK> [ 13.735596] [ 13.744685] The buggy address belongs to the physical page: [ 13.745080] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103af8 [ 13.745616] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.745945] flags: 0x200000000000040(head|node=0|zone=2) [ 13.746154] page_type: f8(unknown) [ 13.746332] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.746986] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.747313] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.747718] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.748037] head: 0200000000000002 ffffea00040ebe01 00000000ffffffff 00000000ffffffff [ 13.748329] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.748760] page dumped because: kasan: bad access detected [ 13.748984] [ 13.749080] Memory state around the buggy address: [ 13.749277] ffff888103af7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.749802] ffff888103af7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.750113] >ffff888103af8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.750402] ^ [ 13.750584] ffff888103af8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.750979] ffff888103af8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.751239] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.605771] ================================================================== [ 13.606400] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.606877] Read of size 1 at addr ffff888102bf8000 by task kunit_try_catch/247 [ 13.607171] [ 13.607291] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.607338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.607349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.607373] Call Trace: [ 13.607385] <TASK> [ 13.607403] dump_stack_lvl+0x73/0xb0 [ 13.607445] print_report+0xd1/0x610 [ 13.607491] ? __virt_addr_valid+0x1db/0x2d0 [ 13.607529] ? mempool_uaf_helper+0x392/0x400 [ 13.607552] ? kasan_addr_to_slab+0x11/0xa0 [ 13.607573] ? mempool_uaf_helper+0x392/0x400 [ 13.607596] kasan_report+0x141/0x180 [ 13.607618] ? mempool_uaf_helper+0x392/0x400 [ 13.607646] __asan_report_load1_noabort+0x18/0x20 [ 13.607671] mempool_uaf_helper+0x392/0x400 [ 13.607694] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.607721] ? finish_task_switch.isra.0+0x153/0x700 [ 13.607750] mempool_kmalloc_large_uaf+0xef/0x140 [ 13.607774] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.607799] ? __kasan_check_write+0x18/0x20 [ 13.607819] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.607860] ? __pfx_mempool_kfree+0x10/0x10 [ 13.607886] ? __pfx_read_tsc+0x10/0x10 [ 13.607907] ? ktime_get_ts64+0x86/0x230 [ 13.607930] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.607976] kunit_try_run_case+0x1a5/0x480 [ 13.608003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.608027] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.608054] ? __kthread_parkme+0x82/0x180 [ 13.608076] ? preempt_count_sub+0x50/0x80 [ 13.608099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.608124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.608148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.608173] kthread+0x337/0x6f0 [ 13.608191] ? trace_preempt_on+0x20/0xc0 [ 13.608215] ? __pfx_kthread+0x10/0x10 [ 13.608235] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.608257] ? calculate_sigpending+0x7b/0xa0 [ 13.608283] ? __pfx_kthread+0x10/0x10 [ 13.608305] ret_from_fork+0x116/0x1d0 [ 13.608322] ? __pfx_kthread+0x10/0x10 [ 13.608343] ret_from_fork_asm+0x1a/0x30 [ 13.608377] </TASK> [ 13.608388] [ 13.616790] The buggy address belongs to the physical page: [ 13.617025] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bf8 [ 13.617386] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.617736] flags: 0x200000000000040(head|node=0|zone=2) [ 13.618010] page_type: f8(unknown) [ 13.618186] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.618500] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.618980] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.619298] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.619670] head: 0200000000000002 ffffea00040afe01 00000000ffffffff 00000000ffffffff [ 13.619983] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.620293] page dumped because: kasan: bad access detected [ 13.620556] [ 13.620650] Memory state around the buggy address: [ 13.620887] ffff888102bf7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.621219] ffff888102bf7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.621539] >ffff888102bf8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.621843] ^ [ 13.622001] ffff888102bf8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.622306] ffff888102bf8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.622677] ================================================================== [ 13.658972] ================================================================== [ 13.660227] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.661739] Read of size 1 at addr ffff888103af8000 by task kunit_try_catch/251 [ 13.662608] [ 13.663090] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.663183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.663196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.663220] Call Trace: [ 13.663233] <TASK> [ 13.663252] dump_stack_lvl+0x73/0xb0 [ 13.663286] print_report+0xd1/0x610 [ 13.663310] ? __virt_addr_valid+0x1db/0x2d0 [ 13.663337] ? mempool_uaf_helper+0x392/0x400 [ 13.663359] ? kasan_addr_to_slab+0x11/0xa0 [ 13.663382] ? mempool_uaf_helper+0x392/0x400 [ 13.663417] kasan_report+0x141/0x180 [ 13.663450] ? mempool_uaf_helper+0x392/0x400 [ 13.663479] __asan_report_load1_noabort+0x18/0x20 [ 13.663504] mempool_uaf_helper+0x392/0x400 [ 13.663528] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.663550] ? update_load_avg+0x1be/0x21b0 [ 13.663576] ? dequeue_entities+0x27e/0x1740 [ 13.663602] ? finish_task_switch.isra.0+0x153/0x700 [ 13.663630] mempool_page_alloc_uaf+0xed/0x140 [ 13.663655] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.663682] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.663708] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.663734] ? __pfx_read_tsc+0x10/0x10 [ 13.663756] ? ktime_get_ts64+0x86/0x230 [ 13.663781] kunit_try_run_case+0x1a5/0x480 [ 13.663808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.663831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.663857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.663880] ? __kthread_parkme+0x82/0x180 [ 13.663901] ? preempt_count_sub+0x50/0x80 [ 13.663925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.663948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.663972] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.663996] kthread+0x337/0x6f0 [ 13.664015] ? trace_preempt_on+0x20/0xc0 [ 13.664038] ? __pfx_kthread+0x10/0x10 [ 13.664059] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.664080] ? calculate_sigpending+0x7b/0xa0 [ 13.664104] ? __pfx_kthread+0x10/0x10 [ 13.664126] ret_from_fork+0x116/0x1d0 [ 13.664144] ? __pfx_kthread+0x10/0x10 [ 13.664164] ret_from_fork_asm+0x1a/0x30 [ 13.664198] </TASK> [ 13.664208] [ 13.680358] The buggy address belongs to the physical page: [ 13.681134] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103af8 [ 13.682035] flags: 0x200000000000000(node=0|zone=2) [ 13.682730] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.683352] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.683852] page dumped because: kasan: bad access detected [ 13.684685] [ 13.684856] Memory state around the buggy address: [ 13.685626] ffff888103af7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.686422] ffff888103af7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.687317] >ffff888103af8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.688014] ^ [ 13.688355] ffff888103af8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.688993] ffff888103af8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.689219] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.568554] ================================================================== [ 13.569019] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.569781] Read of size 1 at addr ffff8881026ef100 by task kunit_try_catch/245 [ 13.570126] [ 13.570250] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.570298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.570310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.570333] Call Trace: [ 13.570345] <TASK> [ 13.570363] dump_stack_lvl+0x73/0xb0 [ 13.570396] print_report+0xd1/0x610 [ 13.570421] ? __virt_addr_valid+0x1db/0x2d0 [ 13.570459] ? mempool_uaf_helper+0x392/0x400 [ 13.570482] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.570575] ? mempool_uaf_helper+0x392/0x400 [ 13.570601] kasan_report+0x141/0x180 [ 13.570624] ? mempool_uaf_helper+0x392/0x400 [ 13.570881] __asan_report_load1_noabort+0x18/0x20 [ 13.570907] mempool_uaf_helper+0x392/0x400 [ 13.570932] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.570958] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.570982] ? finish_task_switch.isra.0+0x153/0x700 [ 13.571009] mempool_kmalloc_uaf+0xef/0x140 [ 13.571033] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.571058] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.571083] ? __pfx_mempool_kfree+0x10/0x10 [ 13.571109] ? __pfx_read_tsc+0x10/0x10 [ 13.571130] ? ktime_get_ts64+0x86/0x230 [ 13.571156] kunit_try_run_case+0x1a5/0x480 [ 13.571183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.571205] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.571231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.571254] ? __kthread_parkme+0x82/0x180 [ 13.571276] ? preempt_count_sub+0x50/0x80 [ 13.571300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.571323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.571348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.571375] kthread+0x337/0x6f0 [ 13.571397] ? trace_preempt_on+0x20/0xc0 [ 13.571449] ? __pfx_kthread+0x10/0x10 [ 13.571470] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.571492] ? calculate_sigpending+0x7b/0xa0 [ 13.571517] ? __pfx_kthread+0x10/0x10 [ 13.571539] ret_from_fork+0x116/0x1d0 [ 13.571558] ? __pfx_kthread+0x10/0x10 [ 13.571590] ret_from_fork_asm+0x1a/0x30 [ 13.571626] </TASK> [ 13.571636] [ 13.584787] Allocated by task 245: [ 13.584984] kasan_save_stack+0x45/0x70 [ 13.585187] kasan_save_track+0x18/0x40 [ 13.585359] kasan_save_alloc_info+0x3b/0x50 [ 13.585958] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.586304] remove_element+0x11e/0x190 [ 13.586724] mempool_alloc_preallocated+0x4d/0x90 [ 13.587079] mempool_uaf_helper+0x96/0x400 [ 13.587394] mempool_kmalloc_uaf+0xef/0x140 [ 13.587837] kunit_try_run_case+0x1a5/0x480 [ 13.588058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.588304] kthread+0x337/0x6f0 [ 13.588479] ret_from_fork+0x116/0x1d0 [ 13.588961] ret_from_fork_asm+0x1a/0x30 [ 13.589147] [ 13.589398] Freed by task 245: [ 13.589790] kasan_save_stack+0x45/0x70 [ 13.590092] kasan_save_track+0x18/0x40 [ 13.590243] kasan_save_free_info+0x3f/0x60 [ 13.590526] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.590901] mempool_free+0x2ec/0x380 [ 13.591063] mempool_uaf_helper+0x11a/0x400 [ 13.591273] mempool_kmalloc_uaf+0xef/0x140 [ 13.591499] kunit_try_run_case+0x1a5/0x480 [ 13.591873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.592166] kthread+0x337/0x6f0 [ 13.592352] ret_from_fork+0x116/0x1d0 [ 13.592513] ret_from_fork_asm+0x1a/0x30 [ 13.592698] [ 13.592801] The buggy address belongs to the object at ffff8881026ef100 [ 13.592801] which belongs to the cache kmalloc-128 of size 128 [ 13.593284] The buggy address is located 0 bytes inside of [ 13.593284] freed 128-byte region [ffff8881026ef100, ffff8881026ef180) [ 13.594028] [ 13.594113] The buggy address belongs to the physical page: [ 13.594343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ef [ 13.594739] flags: 0x200000000000000(node=0|zone=2) [ 13.595059] page_type: f5(slab) [ 13.595230] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.595576] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.595796] page dumped because: kasan: bad access detected [ 13.596182] [ 13.596280] Memory state around the buggy address: [ 13.597002] ffff8881026ef000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.597326] ffff8881026ef080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.597851] >ffff8881026ef100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.598181] ^ [ 13.598345] ffff8881026ef180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.598899] ffff8881026ef200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.599139] ================================================================== [ 13.628106] ================================================================== [ 13.628678] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.628991] Read of size 1 at addr ffff8881026f1240 by task kunit_try_catch/249 [ 13.629378] [ 13.629538] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.629646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.629659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.629682] Call Trace: [ 13.629695] <TASK> [ 13.629712] dump_stack_lvl+0x73/0xb0 [ 13.629744] print_report+0xd1/0x610 [ 13.629768] ? __virt_addr_valid+0x1db/0x2d0 [ 13.629792] ? mempool_uaf_helper+0x392/0x400 [ 13.629815] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.629838] ? mempool_uaf_helper+0x392/0x400 [ 13.629860] kasan_report+0x141/0x180 [ 13.629883] ? mempool_uaf_helper+0x392/0x400 [ 13.629911] __asan_report_load1_noabort+0x18/0x20 [ 13.629935] mempool_uaf_helper+0x392/0x400 [ 13.629958] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.629980] ? update_load_avg+0x1be/0x21b0 [ 13.630008] ? finish_task_switch.isra.0+0x153/0x700 [ 13.630035] mempool_slab_uaf+0xea/0x140 [ 13.630059] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.630085] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.630112] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.630138] ? __pfx_read_tsc+0x10/0x10 [ 13.630161] ? ktime_get_ts64+0x86/0x230 [ 13.630186] kunit_try_run_case+0x1a5/0x480 [ 13.630213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.630235] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.630261] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.630285] ? __kthread_parkme+0x82/0x180 [ 13.630307] ? preempt_count_sub+0x50/0x80 [ 13.630331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.630355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.630379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.630403] kthread+0x337/0x6f0 [ 13.630445] ? trace_preempt_on+0x20/0xc0 [ 13.630470] ? __pfx_kthread+0x10/0x10 [ 13.630490] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.630512] ? calculate_sigpending+0x7b/0xa0 [ 13.630538] ? __pfx_kthread+0x10/0x10 [ 13.630559] ret_from_fork+0x116/0x1d0 [ 13.630578] ? __pfx_kthread+0x10/0x10 [ 13.630598] ret_from_fork_asm+0x1a/0x30 [ 13.630633] </TASK> [ 13.630643] [ 13.638932] Allocated by task 249: [ 13.639071] kasan_save_stack+0x45/0x70 [ 13.639222] kasan_save_track+0x18/0x40 [ 13.639413] kasan_save_alloc_info+0x3b/0x50 [ 13.639635] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.639889] remove_element+0x11e/0x190 [ 13.640294] mempool_alloc_preallocated+0x4d/0x90 [ 13.640595] mempool_uaf_helper+0x96/0x400 [ 13.640769] mempool_slab_uaf+0xea/0x140 [ 13.640940] kunit_try_run_case+0x1a5/0x480 [ 13.641088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.641291] kthread+0x337/0x6f0 [ 13.641704] ret_from_fork+0x116/0x1d0 [ 13.641922] ret_from_fork_asm+0x1a/0x30 [ 13.642128] [ 13.642223] Freed by task 249: [ 13.642380] kasan_save_stack+0x45/0x70 [ 13.642554] kasan_save_track+0x18/0x40 [ 13.642767] kasan_save_free_info+0x3f/0x60 [ 13.642956] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.643125] mempool_free+0x2ec/0x380 [ 13.643258] mempool_uaf_helper+0x11a/0x400 [ 13.643404] mempool_slab_uaf+0xea/0x140 [ 13.643553] kunit_try_run_case+0x1a5/0x480 [ 13.643826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.644365] kthread+0x337/0x6f0 [ 13.644656] ret_from_fork+0x116/0x1d0 [ 13.644843] ret_from_fork_asm+0x1a/0x30 [ 13.645036] [ 13.645137] The buggy address belongs to the object at ffff8881026f1240 [ 13.645137] which belongs to the cache test_cache of size 123 [ 13.645519] The buggy address is located 0 bytes inside of [ 13.645519] freed 123-byte region [ffff8881026f1240, ffff8881026f12bb) [ 13.645942] [ 13.646047] The buggy address belongs to the physical page: [ 13.646307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026f1 [ 13.647034] flags: 0x200000000000000(node=0|zone=2) [ 13.647281] page_type: f5(slab) [ 13.647464] raw: 0200000000000000 ffff8881015eab40 dead000000000122 0000000000000000 [ 13.647916] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.648219] page dumped because: kasan: bad access detected [ 13.648404] [ 13.648552] Memory state around the buggy address: [ 13.648780] ffff8881026f1100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.649112] ffff8881026f1180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.649367] >ffff8881026f1200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.650039] ^ [ 13.650263] ffff8881026f1280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.650648] ffff8881026f1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.650901] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.509795] ================================================================== [ 13.510300] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.510966] Read of size 1 at addr ffff888102bf6001 by task kunit_try_catch/241 [ 13.511322] [ 13.511428] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.511490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.511501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.511524] Call Trace: [ 13.511536] <TASK> [ 13.511554] dump_stack_lvl+0x73/0xb0 [ 13.511586] print_report+0xd1/0x610 [ 13.511610] ? __virt_addr_valid+0x1db/0x2d0 [ 13.511633] ? mempool_oob_right_helper+0x318/0x380 [ 13.511657] ? kasan_addr_to_slab+0x11/0xa0 [ 13.511677] ? mempool_oob_right_helper+0x318/0x380 [ 13.511701] kasan_report+0x141/0x180 [ 13.511723] ? mempool_oob_right_helper+0x318/0x380 [ 13.511753] __asan_report_load1_noabort+0x18/0x20 [ 13.511777] mempool_oob_right_helper+0x318/0x380 [ 13.511802] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.511827] ? __kasan_check_write+0x18/0x20 [ 13.511847] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.511869] ? finish_task_switch.isra.0+0x153/0x700 [ 13.511897] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.511923] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.511951] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.511975] ? __pfx_mempool_kfree+0x10/0x10 [ 13.512000] ? __pfx_read_tsc+0x10/0x10 [ 13.512021] ? ktime_get_ts64+0x86/0x230 [ 13.512060] kunit_try_run_case+0x1a5/0x480 [ 13.512097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.512121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.512146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.512169] ? __kthread_parkme+0x82/0x180 [ 13.512191] ? preempt_count_sub+0x50/0x80 [ 13.512214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.512237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.512261] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.512285] kthread+0x337/0x6f0 [ 13.512303] ? trace_preempt_on+0x20/0xc0 [ 13.512326] ? __pfx_kthread+0x10/0x10 [ 13.512346] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.512368] ? calculate_sigpending+0x7b/0xa0 [ 13.512393] ? __pfx_kthread+0x10/0x10 [ 13.512424] ret_from_fork+0x116/0x1d0 [ 13.512452] ? __pfx_kthread+0x10/0x10 [ 13.512472] ret_from_fork_asm+0x1a/0x30 [ 13.512507] </TASK> [ 13.512518] [ 13.521235] The buggy address belongs to the physical page: [ 13.521547] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bf4 [ 13.521882] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.522199] flags: 0x200000000000040(head|node=0|zone=2) [ 13.522516] page_type: f8(unknown) [ 13.522721] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.522991] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.523220] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.523460] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.523820] head: 0200000000000002 ffffea00040afd01 00000000ffffffff 00000000ffffffff [ 13.524156] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.524498] page dumped because: kasan: bad access detected [ 13.525207] [ 13.525288] Memory state around the buggy address: [ 13.525588] ffff888102bf5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.526359] ffff888102bf5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.527086] >ffff888102bf6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.527481] ^ [ 13.527670] ffff888102bf6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.527958] ffff888102bf6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.528293] ================================================================== [ 13.533169] ================================================================== [ 13.533856] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.534241] Read of size 1 at addr ffff8881026ef2bb by task kunit_try_catch/243 [ 13.535209] [ 13.535309] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.535357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.535369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.535391] Call Trace: [ 13.535403] <TASK> [ 13.535420] dump_stack_lvl+0x73/0xb0 [ 13.535466] print_report+0xd1/0x610 [ 13.535490] ? __virt_addr_valid+0x1db/0x2d0 [ 13.535513] ? mempool_oob_right_helper+0x318/0x380 [ 13.535589] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.535613] ? mempool_oob_right_helper+0x318/0x380 [ 13.535851] kasan_report+0x141/0x180 [ 13.535883] ? mempool_oob_right_helper+0x318/0x380 [ 13.535915] __asan_report_load1_noabort+0x18/0x20 [ 13.535941] mempool_oob_right_helper+0x318/0x380 [ 13.535966] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.535993] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.536018] ? finish_task_switch.isra.0+0x153/0x700 [ 13.536045] mempool_slab_oob_right+0xed/0x140 [ 13.536070] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.536099] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.536123] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.536150] ? __pfx_read_tsc+0x10/0x10 [ 13.536171] ? ktime_get_ts64+0x86/0x230 [ 13.536197] kunit_try_run_case+0x1a5/0x480 [ 13.536222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.536244] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.536269] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.536293] ? __kthread_parkme+0x82/0x180 [ 13.536313] ? preempt_count_sub+0x50/0x80 [ 13.536337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.536361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.536384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.536473] kthread+0x337/0x6f0 [ 13.536496] ? trace_preempt_on+0x20/0xc0 [ 13.536519] ? __pfx_kthread+0x10/0x10 [ 13.536540] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.536561] ? calculate_sigpending+0x7b/0xa0 [ 13.536587] ? __pfx_kthread+0x10/0x10 [ 13.536608] ret_from_fork+0x116/0x1d0 [ 13.536627] ? __pfx_kthread+0x10/0x10 [ 13.536646] ret_from_fork_asm+0x1a/0x30 [ 13.536680] </TASK> [ 13.536689] [ 13.550905] Allocated by task 243: [ 13.551060] kasan_save_stack+0x45/0x70 [ 13.551281] kasan_save_track+0x18/0x40 [ 13.551515] kasan_save_alloc_info+0x3b/0x50 [ 13.551883] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.552104] remove_element+0x11e/0x190 [ 13.552418] mempool_alloc_preallocated+0x4d/0x90 [ 13.552656] mempool_oob_right_helper+0x8a/0x380 [ 13.552844] mempool_slab_oob_right+0xed/0x140 [ 13.553057] kunit_try_run_case+0x1a5/0x480 [ 13.553211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.553388] kthread+0x337/0x6f0 [ 13.553665] ret_from_fork+0x116/0x1d0 [ 13.553862] ret_from_fork_asm+0x1a/0x30 [ 13.554060] [ 13.554156] The buggy address belongs to the object at ffff8881026ef240 [ 13.554156] which belongs to the cache test_cache of size 123 [ 13.554758] The buggy address is located 0 bytes to the right of [ 13.554758] allocated 123-byte region [ffff8881026ef240, ffff8881026ef2bb) [ 13.555255] [ 13.555330] The buggy address belongs to the physical page: [ 13.556228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ef [ 13.556875] flags: 0x200000000000000(node=0|zone=2) [ 13.557121] page_type: f5(slab) [ 13.557292] raw: 0200000000000000 ffff8881015eaa00 dead000000000122 0000000000000000 [ 13.557689] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.557918] page dumped because: kasan: bad access detected [ 13.558448] [ 13.558556] Memory state around the buggy address: [ 13.558778] ffff8881026ef180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.559004] ffff8881026ef200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.559310] >ffff8881026ef280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.559633] ^ [ 13.559857] ffff8881026ef300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.560326] ffff8881026ef380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.560705] ================================================================== [ 13.481240] ================================================================== [ 13.482114] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.482531] Read of size 1 at addr ffff8881026ced73 by task kunit_try_catch/239 [ 13.482887] [ 13.482987] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.483038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.483050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.483072] Call Trace: [ 13.483084] <TASK> [ 13.483103] dump_stack_lvl+0x73/0xb0 [ 13.483136] print_report+0xd1/0x610 [ 13.483161] ? __virt_addr_valid+0x1db/0x2d0 [ 13.483187] ? mempool_oob_right_helper+0x318/0x380 [ 13.483211] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.483234] ? mempool_oob_right_helper+0x318/0x380 [ 13.483258] kasan_report+0x141/0x180 [ 13.483280] ? mempool_oob_right_helper+0x318/0x380 [ 13.483309] __asan_report_load1_noabort+0x18/0x20 [ 13.483334] mempool_oob_right_helper+0x318/0x380 [ 13.483359] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.483382] ? update_load_avg+0x1be/0x21b0 [ 13.483473] ? dequeue_entities+0x27e/0x1740 [ 13.483501] ? finish_task_switch.isra.0+0x153/0x700 [ 13.483530] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.483555] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.483583] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.483608] ? __pfx_mempool_kfree+0x10/0x10 [ 13.483634] ? __pfx_read_tsc+0x10/0x10 [ 13.483655] ? ktime_get_ts64+0x86/0x230 [ 13.483681] kunit_try_run_case+0x1a5/0x480 [ 13.483708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.483730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.483772] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.483796] ? __kthread_parkme+0x82/0x180 [ 13.483819] ? preempt_count_sub+0x50/0x80 [ 13.483843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.483866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.483890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.483915] kthread+0x337/0x6f0 [ 13.483935] ? trace_preempt_on+0x20/0xc0 [ 13.483959] ? __pfx_kthread+0x10/0x10 [ 13.483980] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.484001] ? calculate_sigpending+0x7b/0xa0 [ 13.484027] ? __pfx_kthread+0x10/0x10 [ 13.484048] ret_from_fork+0x116/0x1d0 [ 13.484066] ? __pfx_kthread+0x10/0x10 [ 13.484087] ret_from_fork_asm+0x1a/0x30 [ 13.484121] </TASK> [ 13.484131] [ 13.494944] Allocated by task 239: [ 13.495202] kasan_save_stack+0x45/0x70 [ 13.495369] kasan_save_track+0x18/0x40 [ 13.495612] kasan_save_alloc_info+0x3b/0x50 [ 13.496098] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.496413] remove_element+0x11e/0x190 [ 13.496747] mempool_alloc_preallocated+0x4d/0x90 [ 13.496973] mempool_oob_right_helper+0x8a/0x380 [ 13.497192] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.497404] kunit_try_run_case+0x1a5/0x480 [ 13.498030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.498241] kthread+0x337/0x6f0 [ 13.498637] ret_from_fork+0x116/0x1d0 [ 13.498936] ret_from_fork_asm+0x1a/0x30 [ 13.499101] [ 13.499305] The buggy address belongs to the object at ffff8881026ced00 [ 13.499305] which belongs to the cache kmalloc-128 of size 128 [ 13.499851] The buggy address is located 0 bytes to the right of [ 13.499851] allocated 115-byte region [ffff8881026ced00, ffff8881026ced73) [ 13.500355] [ 13.500468] The buggy address belongs to the physical page: [ 13.500772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 13.501094] flags: 0x200000000000000(node=0|zone=2) [ 13.501333] page_type: f5(slab) [ 13.501515] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.501816] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.502190] page dumped because: kasan: bad access detected [ 13.502482] [ 13.502611] Memory state around the buggy address: [ 13.503183] ffff8881026cec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.503668] ffff8881026cec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.503978] >ffff8881026ced00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.504522] ^ [ 13.504992] ffff8881026ced80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.505458] ffff8881026cee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.505950] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 12.896187] ================================================================== [ 12.897654] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 12.898693] Read of size 1 at addr ffff888101c3b3c0 by task kunit_try_catch/233 [ 12.899293] [ 12.899395] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.899465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.899476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.899531] Call Trace: [ 12.899545] <TASK> [ 12.899563] dump_stack_lvl+0x73/0xb0 [ 12.899598] print_report+0xd1/0x610 [ 12.899778] ? __virt_addr_valid+0x1db/0x2d0 [ 12.899803] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.899916] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.899941] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.899967] kasan_report+0x141/0x180 [ 12.899989] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.900018] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.900043] __kasan_check_byte+0x3d/0x50 [ 12.900064] kmem_cache_destroy+0x25/0x1d0 [ 12.900089] kmem_cache_double_destroy+0x1bf/0x380 [ 12.900114] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.900138] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.900169] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.900199] kunit_try_run_case+0x1a5/0x480 [ 12.900225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.900246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.900273] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.900300] ? __kthread_parkme+0x82/0x180 [ 12.900321] ? preempt_count_sub+0x50/0x80 [ 12.900347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.900370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.900394] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.900451] kthread+0x337/0x6f0 [ 12.900470] ? trace_preempt_on+0x20/0xc0 [ 12.900494] ? __pfx_kthread+0x10/0x10 [ 12.900515] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.900537] ? calculate_sigpending+0x7b/0xa0 [ 12.900561] ? __pfx_kthread+0x10/0x10 [ 12.900584] ret_from_fork+0x116/0x1d0 [ 12.900604] ? __pfx_kthread+0x10/0x10 [ 12.900624] ret_from_fork_asm+0x1a/0x30 [ 12.900657] </TASK> [ 12.900668] [ 12.915113] Allocated by task 233: [ 12.915626] kasan_save_stack+0x45/0x70 [ 12.916054] kasan_save_track+0x18/0x40 [ 12.916476] kasan_save_alloc_info+0x3b/0x50 [ 12.916986] __kasan_slab_alloc+0x91/0xa0 [ 12.917354] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.917898] __kmem_cache_create_args+0x169/0x240 [ 12.918361] kmem_cache_double_destroy+0xd5/0x380 [ 12.918889] kunit_try_run_case+0x1a5/0x480 [ 12.919489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.919855] kthread+0x337/0x6f0 [ 12.919978] ret_from_fork+0x116/0x1d0 [ 12.920109] ret_from_fork_asm+0x1a/0x30 [ 12.920245] [ 12.920314] Freed by task 233: [ 12.920508] kasan_save_stack+0x45/0x70 [ 12.920929] kasan_save_track+0x18/0x40 [ 12.921269] kasan_save_free_info+0x3f/0x60 [ 12.921837] __kasan_slab_free+0x56/0x70 [ 12.922312] kmem_cache_free+0x249/0x420 [ 12.922749] slab_kmem_cache_release+0x2e/0x40 [ 12.923423] kmem_cache_release+0x16/0x20 [ 12.923981] kobject_put+0x181/0x450 [ 12.924260] sysfs_slab_release+0x16/0x20 [ 12.924653] kmem_cache_destroy+0xf0/0x1d0 [ 12.924802] kmem_cache_double_destroy+0x14e/0x380 [ 12.924963] kunit_try_run_case+0x1a5/0x480 [ 12.925109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.925293] kthread+0x337/0x6f0 [ 12.925470] ret_from_fork+0x116/0x1d0 [ 12.925663] ret_from_fork_asm+0x1a/0x30 [ 12.925821] [ 12.925896] The buggy address belongs to the object at ffff888101c3b3c0 [ 12.925896] which belongs to the cache kmem_cache of size 208 [ 12.926515] The buggy address is located 0 bytes inside of [ 12.926515] freed 208-byte region [ffff888101c3b3c0, ffff888101c3b490) [ 12.927571] [ 12.927926] The buggy address belongs to the physical page: [ 12.928184] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c3b [ 12.929095] flags: 0x200000000000000(node=0|zone=2) [ 12.929590] page_type: f5(slab) [ 12.929763] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.930081] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 12.930391] page dumped because: kasan: bad access detected [ 12.931106] [ 12.931446] Memory state around the buggy address: [ 12.931781] ffff888101c3b280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.932071] ffff888101c3b300: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.932365] >ffff888101c3b380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.933043] ^ [ 12.933591] ffff888101c3b400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.933885] ffff888101c3b480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.934173] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 12.843709] ================================================================== [ 12.844148] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.844408] Read of size 1 at addr ffff8881026ea000 by task kunit_try_catch/231 [ 12.844745] [ 12.844842] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.844888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.844899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.844922] Call Trace: [ 12.844934] <TASK> [ 12.844952] dump_stack_lvl+0x73/0xb0 [ 12.844983] print_report+0xd1/0x610 [ 12.845006] ? __virt_addr_valid+0x1db/0x2d0 [ 12.845031] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.845053] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.845075] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.845098] kasan_report+0x141/0x180 [ 12.845119] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.845153] __asan_report_load1_noabort+0x18/0x20 [ 12.845177] kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.845200] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.845222] ? finish_task_switch.isra.0+0x153/0x700 [ 12.845246] ? __switch_to+0x47/0xf50 [ 12.845269] ? irqentry_exit+0x2a/0x60 [ 12.845290] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.845316] ? irqentry_exit+0x2a/0x60 [ 12.845336] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.845358] ? __pfx_read_tsc+0x10/0x10 [ 12.845379] ? ktime_get_ts64+0x86/0x230 [ 12.845404] kunit_try_run_case+0x1a5/0x480 [ 12.845430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.845463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.845487] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 12.845512] ? preempt_count_sub+0x50/0x80 [ 12.845535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.845625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.845649] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.845672] kthread+0x337/0x6f0 [ 12.845694] ? trace_preempt_on+0x20/0xc0 [ 12.845717] ? __pfx_kthread+0x10/0x10 [ 12.845737] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.845758] ? calculate_sigpending+0x7b/0xa0 [ 12.845783] ? __pfx_kthread+0x10/0x10 [ 12.845804] ret_from_fork+0x116/0x1d0 [ 12.846044] ? __pfx_kthread+0x10/0x10 [ 12.846065] ret_from_fork_asm+0x1a/0x30 [ 12.846099] </TASK> [ 12.846109] [ 12.857959] Allocated by task 231: [ 12.858139] kasan_save_stack+0x45/0x70 [ 12.858326] kasan_save_track+0x18/0x40 [ 12.859046] kasan_save_alloc_info+0x3b/0x50 [ 12.859236] __kasan_slab_alloc+0x91/0xa0 [ 12.859625] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.859838] kmem_cache_rcu_uaf+0x155/0x510 [ 12.860048] kunit_try_run_case+0x1a5/0x480 [ 12.860226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.860516] kthread+0x337/0x6f0 [ 12.860814] ret_from_fork+0x116/0x1d0 [ 12.861003] ret_from_fork_asm+0x1a/0x30 [ 12.861188] [ 12.861280] Freed by task 0: [ 12.861402] kasan_save_stack+0x45/0x70 [ 12.861549] kasan_save_track+0x18/0x40 [ 12.861709] kasan_save_free_info+0x3f/0x60 [ 12.862017] __kasan_slab_free+0x56/0x70 [ 12.862215] slab_free_after_rcu_debug+0xe4/0x310 [ 12.862683] rcu_core+0x66f/0x1c40 [ 12.862822] rcu_core_si+0x12/0x20 [ 12.862968] handle_softirqs+0x209/0x730 [ 12.863196] __irq_exit_rcu+0xc9/0x110 [ 12.863372] irq_exit_rcu+0x12/0x20 [ 12.863632] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.863880] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.864128] [ 12.864218] Last potentially related work creation: [ 12.864531] kasan_save_stack+0x45/0x70 [ 12.864755] kasan_record_aux_stack+0xb2/0xc0 [ 12.864955] kmem_cache_free+0x131/0x420 [ 12.865095] kmem_cache_rcu_uaf+0x194/0x510 [ 12.865247] kunit_try_run_case+0x1a5/0x480 [ 12.865459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.865740] kthread+0x337/0x6f0 [ 12.865907] ret_from_fork+0x116/0x1d0 [ 12.866293] ret_from_fork_asm+0x1a/0x30 [ 12.866486] [ 12.866574] The buggy address belongs to the object at ffff8881026ea000 [ 12.866574] which belongs to the cache test_cache of size 200 [ 12.867226] The buggy address is located 0 bytes inside of [ 12.867226] freed 200-byte region [ffff8881026ea000, ffff8881026ea0c8) [ 12.868013] [ 12.868132] The buggy address belongs to the physical page: [ 12.868369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ea [ 12.868782] flags: 0x200000000000000(node=0|zone=2) [ 12.869032] page_type: f5(slab) [ 12.869199] raw: 0200000000000000 ffff8881015ea780 dead000000000122 0000000000000000 [ 12.869561] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.869972] page dumped because: kasan: bad access detected [ 12.870223] [ 12.870320] Memory state around the buggy address: [ 12.870571] ffff8881026e9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.871071] ffff8881026e9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.871395] >ffff8881026ea000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.871618] ^ [ 12.871734] ffff8881026ea080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.872045] ffff8881026ea100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.872719] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.773686] ================================================================== [ 12.774734] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.775193] Free of addr ffff888102aef001 by task kunit_try_catch/229 [ 12.775629] [ 12.775847] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.775894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.775904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.775926] Call Trace: [ 12.775938] <TASK> [ 12.775956] dump_stack_lvl+0x73/0xb0 [ 12.775987] print_report+0xd1/0x610 [ 12.776009] ? __virt_addr_valid+0x1db/0x2d0 [ 12.776035] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.776057] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.776083] kasan_report_invalid_free+0x10a/0x130 [ 12.776107] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.776135] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.776160] check_slab_allocation+0x11f/0x130 [ 12.776181] __kasan_slab_pre_free+0x28/0x40 [ 12.776202] kmem_cache_free+0xed/0x420 [ 12.776221] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.776241] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.776269] kmem_cache_invalid_free+0x1d8/0x460 [ 12.776293] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.776316] ? finish_task_switch.isra.0+0x153/0x700 [ 12.776341] ? __switch_to+0x47/0xf50 [ 12.776370] ? __pfx_read_tsc+0x10/0x10 [ 12.776391] ? ktime_get_ts64+0x86/0x230 [ 12.776416] kunit_try_run_case+0x1a5/0x480 [ 12.776455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.776477] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.776502] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.776531] ? __kthread_parkme+0x82/0x180 [ 12.776552] ? preempt_count_sub+0x50/0x80 [ 12.776575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.776598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.776622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.776645] kthread+0x337/0x6f0 [ 12.776663] ? trace_preempt_on+0x20/0xc0 [ 12.776687] ? __pfx_kthread+0x10/0x10 [ 12.776707] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.776727] ? calculate_sigpending+0x7b/0xa0 [ 12.776752] ? __pfx_kthread+0x10/0x10 [ 12.776773] ret_from_fork+0x116/0x1d0 [ 12.776790] ? __pfx_kthread+0x10/0x10 [ 12.776810] ret_from_fork_asm+0x1a/0x30 [ 12.776843] </TASK> [ 12.776853] [ 12.789190] Allocated by task 229: [ 12.789623] kasan_save_stack+0x45/0x70 [ 12.790020] kasan_save_track+0x18/0x40 [ 12.790376] kasan_save_alloc_info+0x3b/0x50 [ 12.790899] __kasan_slab_alloc+0x91/0xa0 [ 12.791316] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.791809] kmem_cache_invalid_free+0x157/0x460 [ 12.792380] kunit_try_run_case+0x1a5/0x480 [ 12.792910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.793457] kthread+0x337/0x6f0 [ 12.793785] ret_from_fork+0x116/0x1d0 [ 12.794215] ret_from_fork_asm+0x1a/0x30 [ 12.794366] [ 12.794542] The buggy address belongs to the object at ffff888102aef000 [ 12.794542] which belongs to the cache test_cache of size 200 [ 12.795339] The buggy address is located 1 bytes inside of [ 12.795339] 200-byte region [ffff888102aef000, ffff888102aef0c8) [ 12.796395] [ 12.796565] The buggy address belongs to the physical page: [ 12.797015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aef [ 12.797348] flags: 0x200000000000000(node=0|zone=2) [ 12.797531] page_type: f5(slab) [ 12.797891] raw: 0200000000000000 ffff888101c3b280 dead000000000122 0000000000000000 [ 12.798654] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.799290] page dumped because: kasan: bad access detected [ 12.799594] [ 12.799687] Memory state around the buggy address: [ 12.800147] ffff888102aeef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.800832] ffff888102aeef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.801102] >ffff888102aef000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.801324] ^ [ 12.801471] ffff888102aef080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.802200] ffff888102aef100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.802884] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.726926] ================================================================== [ 12.728487] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.729347] Free of addr ffff8881026e9000 by task kunit_try_catch/227 [ 12.730358] [ 12.730747] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.730915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.730931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.730954] Call Trace: [ 12.730980] <TASK> [ 12.730999] dump_stack_lvl+0x73/0xb0 [ 12.731072] print_report+0xd1/0x610 [ 12.731099] ? __virt_addr_valid+0x1db/0x2d0 [ 12.731123] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.731145] ? kmem_cache_double_free+0x1e5/0x480 [ 12.731171] kasan_report_invalid_free+0x10a/0x130 [ 12.731195] ? kmem_cache_double_free+0x1e5/0x480 [ 12.731221] ? kmem_cache_double_free+0x1e5/0x480 [ 12.731245] check_slab_allocation+0x101/0x130 [ 12.731267] __kasan_slab_pre_free+0x28/0x40 [ 12.731287] kmem_cache_free+0xed/0x420 [ 12.731307] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.731329] ? kmem_cache_double_free+0x1e5/0x480 [ 12.731356] kmem_cache_double_free+0x1e5/0x480 [ 12.731380] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.731448] ? finish_task_switch.isra.0+0x153/0x700 [ 12.731472] ? __switch_to+0x47/0xf50 [ 12.731503] ? __pfx_read_tsc+0x10/0x10 [ 12.731545] ? ktime_get_ts64+0x86/0x230 [ 12.731570] kunit_try_run_case+0x1a5/0x480 [ 12.731595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.731617] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.731642] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.731665] ? __kthread_parkme+0x82/0x180 [ 12.731685] ? preempt_count_sub+0x50/0x80 [ 12.731707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.731731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.731755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.731779] kthread+0x337/0x6f0 [ 12.731797] ? trace_preempt_on+0x20/0xc0 [ 12.731821] ? __pfx_kthread+0x10/0x10 [ 12.731841] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.731862] ? calculate_sigpending+0x7b/0xa0 [ 12.731886] ? __pfx_kthread+0x10/0x10 [ 12.731907] ret_from_fork+0x116/0x1d0 [ 12.731925] ? __pfx_kthread+0x10/0x10 [ 12.731944] ret_from_fork_asm+0x1a/0x30 [ 12.731979] </TASK> [ 12.731989] [ 12.750161] Allocated by task 227: [ 12.750311] kasan_save_stack+0x45/0x70 [ 12.750505] kasan_save_track+0x18/0x40 [ 12.750878] kasan_save_alloc_info+0x3b/0x50 [ 12.751288] __kasan_slab_alloc+0x91/0xa0 [ 12.751854] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.752277] kmem_cache_double_free+0x14f/0x480 [ 12.752804] kunit_try_run_case+0x1a5/0x480 [ 12.753268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.753653] kthread+0x337/0x6f0 [ 12.754034] ret_from_fork+0x116/0x1d0 [ 12.754233] ret_from_fork_asm+0x1a/0x30 [ 12.754717] [ 12.754881] Freed by task 227: [ 12.755174] kasan_save_stack+0x45/0x70 [ 12.755374] kasan_save_track+0x18/0x40 [ 12.755835] kasan_save_free_info+0x3f/0x60 [ 12.756013] __kasan_slab_free+0x56/0x70 [ 12.756376] kmem_cache_free+0x249/0x420 [ 12.756849] kmem_cache_double_free+0x16a/0x480 [ 12.757205] kunit_try_run_case+0x1a5/0x480 [ 12.757351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.757636] kthread+0x337/0x6f0 [ 12.757873] ret_from_fork+0x116/0x1d0 [ 12.758253] ret_from_fork_asm+0x1a/0x30 [ 12.758732] [ 12.758891] The buggy address belongs to the object at ffff8881026e9000 [ 12.758891] which belongs to the cache test_cache of size 200 [ 12.759616] The buggy address is located 0 bytes inside of [ 12.759616] 200-byte region [ffff8881026e9000, ffff8881026e90c8) [ 12.760638] [ 12.760716] The buggy address belongs to the physical page: [ 12.760888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026e9 [ 12.761135] flags: 0x200000000000000(node=0|zone=2) [ 12.761301] page_type: f5(slab) [ 12.761426] raw: 0200000000000000 ffff8881015ea640 dead000000000122 0000000000000000 [ 12.761680] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.762119] page dumped because: kasan: bad access detected [ 12.762339] [ 12.762592] Memory state around the buggy address: [ 12.762853] ffff8881026e8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.763461] ffff8881026e8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.763822] >ffff8881026e9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.764142] ^ [ 12.764277] ffff8881026e9080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.764618] ffff8881026e9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.764966] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.690458] ================================================================== [ 12.690928] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.691230] Read of size 1 at addr ffff8881026e70c8 by task kunit_try_catch/225 [ 12.691527] [ 12.691657] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.691704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.691715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.691737] Call Trace: [ 12.691749] <TASK> [ 12.691765] dump_stack_lvl+0x73/0xb0 [ 12.691796] print_report+0xd1/0x610 [ 12.691818] ? __virt_addr_valid+0x1db/0x2d0 [ 12.691841] ? kmem_cache_oob+0x402/0x530 [ 12.691862] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.691884] ? kmem_cache_oob+0x402/0x530 [ 12.691907] kasan_report+0x141/0x180 [ 12.691928] ? kmem_cache_oob+0x402/0x530 [ 12.691955] __asan_report_load1_noabort+0x18/0x20 [ 12.691979] kmem_cache_oob+0x402/0x530 [ 12.692000] ? trace_hardirqs_on+0x37/0xe0 [ 12.692023] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.692047] ? __kasan_check_write+0x18/0x20 [ 12.692067] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.692092] ? irqentry_exit+0x2a/0x60 [ 12.692125] ? trace_hardirqs_on+0x37/0xe0 [ 12.692146] ? __pfx_read_tsc+0x10/0x10 [ 12.692167] ? ktime_get_ts64+0x86/0x230 [ 12.692191] kunit_try_run_case+0x1a5/0x480 [ 12.692215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.692240] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.692262] ? __kthread_parkme+0x82/0x180 [ 12.692283] ? preempt_count_sub+0x50/0x80 [ 12.692309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.692332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.692357] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.692380] kthread+0x337/0x6f0 [ 12.692399] ? trace_preempt_on+0x20/0xc0 [ 12.692442] ? __pfx_kthread+0x10/0x10 [ 12.692462] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.692483] ? calculate_sigpending+0x7b/0xa0 [ 12.692506] ? __pfx_kthread+0x10/0x10 [ 12.692527] ret_from_fork+0x116/0x1d0 [ 12.692545] ? __pfx_kthread+0x10/0x10 [ 12.692564] ret_from_fork_asm+0x1a/0x30 [ 12.692605] </TASK> [ 12.692614] [ 12.700471] Allocated by task 225: [ 12.700804] kasan_save_stack+0x45/0x70 [ 12.701011] kasan_save_track+0x18/0x40 [ 12.701212] kasan_save_alloc_info+0x3b/0x50 [ 12.701472] __kasan_slab_alloc+0x91/0xa0 [ 12.701883] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.702118] kmem_cache_oob+0x157/0x530 [ 12.702298] kunit_try_run_case+0x1a5/0x480 [ 12.702627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.702861] kthread+0x337/0x6f0 [ 12.703015] ret_from_fork+0x116/0x1d0 [ 12.703170] ret_from_fork_asm+0x1a/0x30 [ 12.703346] [ 12.703505] The buggy address belongs to the object at ffff8881026e7000 [ 12.703505] which belongs to the cache test_cache of size 200 [ 12.703983] The buggy address is located 0 bytes to the right of [ 12.703983] allocated 200-byte region [ffff8881026e7000, ffff8881026e70c8) [ 12.704673] [ 12.704778] The buggy address belongs to the physical page: [ 12.704987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026e7 [ 12.705276] flags: 0x200000000000000(node=0|zone=2) [ 12.705596] page_type: f5(slab) [ 12.705776] raw: 0200000000000000 ffff8881015ea500 dead000000000122 0000000000000000 [ 12.706059] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.706378] page dumped because: kasan: bad access detected [ 12.706706] [ 12.706803] Memory state around the buggy address: [ 12.706986] ffff8881026e6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.707245] ffff8881026e7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.707472] >ffff8881026e7080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.707686] ^ [ 12.707858] ffff8881026e7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.708072] ffff8881026e7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.708384] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.645337] ================================================================== [ 12.646456] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.647097] Read of size 8 at addr ffff888102ae5f80 by task kunit_try_catch/218 [ 12.647793] [ 12.647976] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.648022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.648032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.648053] Call Trace: [ 12.648065] <TASK> [ 12.648081] dump_stack_lvl+0x73/0xb0 [ 12.648112] print_report+0xd1/0x610 [ 12.648134] ? __virt_addr_valid+0x1db/0x2d0 [ 12.648156] ? workqueue_uaf+0x4d6/0x560 [ 12.648177] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.648199] ? workqueue_uaf+0x4d6/0x560 [ 12.648220] kasan_report+0x141/0x180 [ 12.648241] ? workqueue_uaf+0x4d6/0x560 [ 12.648267] __asan_report_load8_noabort+0x18/0x20 [ 12.648291] workqueue_uaf+0x4d6/0x560 [ 12.648312] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.648334] ? __schedule+0x10cc/0x2b60 [ 12.648356] ? __pfx_read_tsc+0x10/0x10 [ 12.648377] ? ktime_get_ts64+0x86/0x230 [ 12.648401] kunit_try_run_case+0x1a5/0x480 [ 12.648426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648460] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.648484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.648507] ? __kthread_parkme+0x82/0x180 [ 12.648526] ? preempt_count_sub+0x50/0x80 [ 12.648551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.648610] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.648637] kthread+0x337/0x6f0 [ 12.648657] ? trace_preempt_on+0x20/0xc0 [ 12.648681] ? __pfx_kthread+0x10/0x10 [ 12.648700] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.648721] ? calculate_sigpending+0x7b/0xa0 [ 12.648745] ? __pfx_kthread+0x10/0x10 [ 12.648766] ret_from_fork+0x116/0x1d0 [ 12.648784] ? __pfx_kthread+0x10/0x10 [ 12.648804] ret_from_fork_asm+0x1a/0x30 [ 12.648836] </TASK> [ 12.648846] [ 12.662454] Allocated by task 218: [ 12.662839] kasan_save_stack+0x45/0x70 [ 12.663257] kasan_save_track+0x18/0x40 [ 12.663691] kasan_save_alloc_info+0x3b/0x50 [ 12.663958] __kasan_kmalloc+0xb7/0xc0 [ 12.664094] __kmalloc_cache_noprof+0x189/0x420 [ 12.664253] workqueue_uaf+0x152/0x560 [ 12.664386] kunit_try_run_case+0x1a5/0x480 [ 12.664821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.665608] kthread+0x337/0x6f0 [ 12.665934] ret_from_fork+0x116/0x1d0 [ 12.666265] ret_from_fork_asm+0x1a/0x30 [ 12.666688] [ 12.666846] Freed by task 9: [ 12.667116] kasan_save_stack+0x45/0x70 [ 12.667525] kasan_save_track+0x18/0x40 [ 12.667884] kasan_save_free_info+0x3f/0x60 [ 12.668048] __kasan_slab_free+0x56/0x70 [ 12.668186] kfree+0x222/0x3f0 [ 12.668302] workqueue_uaf_work+0x12/0x20 [ 12.668527] process_one_work+0x5ee/0xf60 [ 12.668918] worker_thread+0x758/0x1220 [ 12.669260] kthread+0x337/0x6f0 [ 12.669604] ret_from_fork+0x116/0x1d0 [ 12.670042] ret_from_fork_asm+0x1a/0x30 [ 12.670406] [ 12.670606] Last potentially related work creation: [ 12.671162] kasan_save_stack+0x45/0x70 [ 12.671602] kasan_record_aux_stack+0xb2/0xc0 [ 12.671876] __queue_work+0x626/0xeb0 [ 12.672010] queue_work_on+0xb6/0xc0 [ 12.672140] workqueue_uaf+0x26d/0x560 [ 12.672271] kunit_try_run_case+0x1a5/0x480 [ 12.672466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.672661] kthread+0x337/0x6f0 [ 12.672782] ret_from_fork+0x116/0x1d0 [ 12.672977] ret_from_fork_asm+0x1a/0x30 [ 12.673174] [ 12.673242] The buggy address belongs to the object at ffff888102ae5f80 [ 12.673242] which belongs to the cache kmalloc-32 of size 32 [ 12.673992] The buggy address is located 0 bytes inside of [ 12.673992] freed 32-byte region [ffff888102ae5f80, ffff888102ae5fa0) [ 12.674472] [ 12.674552] The buggy address belongs to the physical page: [ 12.674832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae5 [ 12.675136] flags: 0x200000000000000(node=0|zone=2) [ 12.675368] page_type: f5(slab) [ 12.675517] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.675749] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.676074] page dumped because: kasan: bad access detected [ 12.676669] [ 12.676746] Memory state around the buggy address: [ 12.676947] ffff888102ae5e80: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 12.677281] ffff888102ae5f00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.677670] >ffff888102ae5f80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.677955] ^ [ 12.678096] ffff888102ae6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.678362] ffff888102ae6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.678788] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.586550] ================================================================== [ 12.588284] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.589341] Read of size 4 at addr ffff888102ae5e40 by task swapper/0/0 [ 12.590363] [ 12.590788] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.590838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.590850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.591017] Call Trace: [ 12.591058] <IRQ> [ 12.591119] dump_stack_lvl+0x73/0xb0 [ 12.591156] print_report+0xd1/0x610 [ 12.591180] ? __virt_addr_valid+0x1db/0x2d0 [ 12.591204] ? rcu_uaf_reclaim+0x50/0x60 [ 12.591224] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.591246] ? rcu_uaf_reclaim+0x50/0x60 [ 12.591267] kasan_report+0x141/0x180 [ 12.591288] ? rcu_uaf_reclaim+0x50/0x60 [ 12.591314] __asan_report_load4_noabort+0x18/0x20 [ 12.591340] rcu_uaf_reclaim+0x50/0x60 [ 12.591360] rcu_core+0x66f/0x1c40 [ 12.591391] ? __pfx_rcu_core+0x10/0x10 [ 12.591630] ? ktime_get+0x6b/0x150 [ 12.591658] ? handle_softirqs+0x18e/0x730 [ 12.591685] rcu_core_si+0x12/0x20 [ 12.591705] handle_softirqs+0x209/0x730 [ 12.591724] ? hrtimer_interrupt+0x2fe/0x780 [ 12.591748] ? __pfx_handle_softirqs+0x10/0x10 [ 12.591775] __irq_exit_rcu+0xc9/0x110 [ 12.591795] irq_exit_rcu+0x12/0x20 [ 12.591814] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.591839] </IRQ> [ 12.591871] <TASK> [ 12.591880] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.591977] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.592195] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 62 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.592276] RSP: 0000:ffffffffa9407dd8 EFLAGS: 00010202 [ 12.592362] RAX: ffff8881aa072000 RBX: ffffffffa941cac0 RCX: ffffffffa8276125 [ 12.592423] RDX: ffffed102a90618b RSI: 0000000000000004 RDI: 0000000000006074 [ 12.592481] RBP: ffffffffa9407de0 R08: 0000000000000001 R09: ffffed102a90618a [ 12.592522] R10: ffff888154830c53 R11: 0000000000058c00 R12: 0000000000000000 [ 12.592564] R13: fffffbfff5283958 R14: ffffffffa9fb1490 R15: 0000000000000000 [ 12.592622] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.592677] ? default_idle+0xd/0x20 [ 12.592699] arch_cpu_idle+0xd/0x20 [ 12.592720] default_idle_call+0x48/0x80 [ 12.592738] do_idle+0x379/0x4f0 [ 12.592765] ? __pfx_do_idle+0x10/0x10 [ 12.592787] ? trace_preempt_on+0x20/0xc0 [ 12.592808] ? schedule+0x86/0x2e0 [ 12.592828] ? preempt_count_sub+0x50/0x80 [ 12.592852] cpu_startup_entry+0x5c/0x70 [ 12.592871] rest_init+0x11a/0x140 [ 12.592887] ? acpi_subsystem_init+0x5d/0x150 [ 12.592911] start_kernel+0x330/0x410 [ 12.592936] x86_64_start_reservations+0x1c/0x30 [ 12.592960] x86_64_start_kernel+0x10d/0x120 [ 12.592984] common_startup_64+0x13e/0x148 [ 12.593019] </TASK> [ 12.593029] [ 12.616448] Allocated by task 216: [ 12.616672] kasan_save_stack+0x45/0x70 [ 12.617323] kasan_save_track+0x18/0x40 [ 12.617811] kasan_save_alloc_info+0x3b/0x50 [ 12.618200] __kasan_kmalloc+0xb7/0xc0 [ 12.618740] __kmalloc_cache_noprof+0x189/0x420 [ 12.619167] rcu_uaf+0xb0/0x330 [ 12.619478] kunit_try_run_case+0x1a5/0x480 [ 12.619953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.620253] kthread+0x337/0x6f0 [ 12.620377] ret_from_fork+0x116/0x1d0 [ 12.620788] ret_from_fork_asm+0x1a/0x30 [ 12.621164] [ 12.621319] Freed by task 0: [ 12.621703] kasan_save_stack+0x45/0x70 [ 12.621970] kasan_save_track+0x18/0x40 [ 12.622115] kasan_save_free_info+0x3f/0x60 [ 12.622266] __kasan_slab_free+0x56/0x70 [ 12.622404] kfree+0x222/0x3f0 [ 12.622811] rcu_uaf_reclaim+0x1f/0x60 [ 12.623142] rcu_core+0x66f/0x1c40 [ 12.623501] rcu_core_si+0x12/0x20 [ 12.623852] handle_softirqs+0x209/0x730 [ 12.624204] __irq_exit_rcu+0xc9/0x110 [ 12.624745] irq_exit_rcu+0x12/0x20 [ 12.625089] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.625609] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.626136] [ 12.626252] Last potentially related work creation: [ 12.626424] kasan_save_stack+0x45/0x70 [ 12.626867] kasan_record_aux_stack+0xb2/0xc0 [ 12.627253] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 12.627787] call_rcu+0x12/0x20 [ 12.628021] rcu_uaf+0x168/0x330 [ 12.628139] kunit_try_run_case+0x1a5/0x480 [ 12.628283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.628544] kthread+0x337/0x6f0 [ 12.628898] ret_from_fork+0x116/0x1d0 [ 12.629231] ret_from_fork_asm+0x1a/0x30 [ 12.629854] [ 12.630045] The buggy address belongs to the object at ffff888102ae5e40 [ 12.630045] which belongs to the cache kmalloc-32 of size 32 [ 12.631239] The buggy address is located 0 bytes inside of [ 12.631239] freed 32-byte region [ffff888102ae5e40, ffff888102ae5e60) [ 12.632239] [ 12.632317] The buggy address belongs to the physical page: [ 12.632500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae5 [ 12.633251] flags: 0x200000000000000(node=0|zone=2) [ 12.633830] page_type: f5(slab) [ 12.634143] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.634881] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.635113] page dumped because: kasan: bad access detected [ 12.635287] [ 12.635355] Memory state around the buggy address: [ 12.635893] ffff888102ae5d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.636703] ffff888102ae5d80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.637482] >ffff888102ae5e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.638169] ^ [ 12.638813] ffff888102ae5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.639516] ffff888102ae5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.639732] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.526712] ================================================================== [ 12.526991] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 12.527209] Read of size 1 at addr ffff8881026cea00 by task kunit_try_catch/214 [ 12.527453] [ 12.527573] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.527617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.527628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.527648] Call Trace: [ 12.527918] <TASK> [ 12.527942] dump_stack_lvl+0x73/0xb0 [ 12.527974] print_report+0xd1/0x610 [ 12.527997] ? __virt_addr_valid+0x1db/0x2d0 [ 12.528140] ? ksize_uaf+0x5fe/0x6c0 [ 12.528162] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.528184] ? ksize_uaf+0x5fe/0x6c0 [ 12.528204] kasan_report+0x141/0x180 [ 12.528226] ? ksize_uaf+0x5fe/0x6c0 [ 12.528252] __asan_report_load1_noabort+0x18/0x20 [ 12.528568] ksize_uaf+0x5fe/0x6c0 [ 12.528591] ? __pfx_ksize_uaf+0x10/0x10 [ 12.528613] ? __schedule+0x10cc/0x2b60 [ 12.528636] ? __pfx_read_tsc+0x10/0x10 [ 12.528656] ? ktime_get_ts64+0x86/0x230 [ 12.528680] kunit_try_run_case+0x1a5/0x480 [ 12.528703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.528725] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.528749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.528773] ? __kthread_parkme+0x82/0x180 [ 12.528792] ? preempt_count_sub+0x50/0x80 [ 12.528816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.528840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.528863] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.528886] kthread+0x337/0x6f0 [ 12.528904] ? trace_preempt_on+0x20/0xc0 [ 12.528926] ? __pfx_kthread+0x10/0x10 [ 12.528946] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.528966] ? calculate_sigpending+0x7b/0xa0 [ 12.528990] ? __pfx_kthread+0x10/0x10 [ 12.529011] ret_from_fork+0x116/0x1d0 [ 12.529028] ? __pfx_kthread+0x10/0x10 [ 12.529048] ret_from_fork_asm+0x1a/0x30 [ 12.529080] </TASK> [ 12.529090] [ 12.542789] Allocated by task 214: [ 12.542982] kasan_save_stack+0x45/0x70 [ 12.543194] kasan_save_track+0x18/0x40 [ 12.543385] kasan_save_alloc_info+0x3b/0x50 [ 12.543762] __kasan_kmalloc+0xb7/0xc0 [ 12.543954] __kmalloc_cache_noprof+0x189/0x420 [ 12.544165] ksize_uaf+0xaa/0x6c0 [ 12.544285] kunit_try_run_case+0x1a5/0x480 [ 12.544662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.544885] kthread+0x337/0x6f0 [ 12.545032] ret_from_fork+0x116/0x1d0 [ 12.545228] ret_from_fork_asm+0x1a/0x30 [ 12.545401] [ 12.545512] Freed by task 214: [ 12.545730] kasan_save_stack+0x45/0x70 [ 12.545903] kasan_save_track+0x18/0x40 [ 12.546033] kasan_save_free_info+0x3f/0x60 [ 12.546174] __kasan_slab_free+0x56/0x70 [ 12.546306] kfree+0x222/0x3f0 [ 12.546455] ksize_uaf+0x12c/0x6c0 [ 12.546628] kunit_try_run_case+0x1a5/0x480 [ 12.546940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.547334] kthread+0x337/0x6f0 [ 12.547735] ret_from_fork+0x116/0x1d0 [ 12.547923] ret_from_fork_asm+0x1a/0x30 [ 12.548102] [ 12.548174] The buggy address belongs to the object at ffff8881026cea00 [ 12.548174] which belongs to the cache kmalloc-128 of size 128 [ 12.548977] The buggy address is located 0 bytes inside of [ 12.548977] freed 128-byte region [ffff8881026cea00, ffff8881026cea80) [ 12.549591] [ 12.549671] The buggy address belongs to the physical page: [ 12.549899] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 12.550230] flags: 0x200000000000000(node=0|zone=2) [ 12.550419] page_type: f5(slab) [ 12.550703] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.551008] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.551260] page dumped because: kasan: bad access detected [ 12.551432] [ 12.551513] Memory state around the buggy address: [ 12.551734] ffff8881026ce900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.552065] ffff8881026ce980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.552375] >ffff8881026cea00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.552893] ^ [ 12.553069] ffff8881026cea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.553379] ffff8881026ceb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.553718] ================================================================== [ 12.554287] ================================================================== [ 12.554548] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 12.554757] Read of size 1 at addr ffff8881026cea78 by task kunit_try_catch/214 [ 12.555024] [ 12.555135] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.555177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.555187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.555303] Call Trace: [ 12.555322] <TASK> [ 12.555339] dump_stack_lvl+0x73/0xb0 [ 12.555368] print_report+0xd1/0x610 [ 12.555390] ? __virt_addr_valid+0x1db/0x2d0 [ 12.555468] ? ksize_uaf+0x5e4/0x6c0 [ 12.555489] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.555511] ? ksize_uaf+0x5e4/0x6c0 [ 12.555532] kasan_report+0x141/0x180 [ 12.555553] ? ksize_uaf+0x5e4/0x6c0 [ 12.555579] __asan_report_load1_noabort+0x18/0x20 [ 12.555603] ksize_uaf+0x5e4/0x6c0 [ 12.555622] ? __pfx_ksize_uaf+0x10/0x10 [ 12.555644] ? __schedule+0x10cc/0x2b60 [ 12.555666] ? __pfx_read_tsc+0x10/0x10 [ 12.555686] ? ktime_get_ts64+0x86/0x230 [ 12.555711] kunit_try_run_case+0x1a5/0x480 [ 12.555735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.555756] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.555780] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.555803] ? __kthread_parkme+0x82/0x180 [ 12.555823] ? preempt_count_sub+0x50/0x80 [ 12.555847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.555871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.555894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.555918] kthread+0x337/0x6f0 [ 12.555938] ? trace_preempt_on+0x20/0xc0 [ 12.555960] ? __pfx_kthread+0x10/0x10 [ 12.555980] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.556001] ? calculate_sigpending+0x7b/0xa0 [ 12.556024] ? __pfx_kthread+0x10/0x10 [ 12.556045] ret_from_fork+0x116/0x1d0 [ 12.556062] ? __pfx_kthread+0x10/0x10 [ 12.556082] ret_from_fork_asm+0x1a/0x30 [ 12.556114] </TASK> [ 12.556123] [ 12.563157] Allocated by task 214: [ 12.563633] kasan_save_stack+0x45/0x70 [ 12.564051] kasan_save_track+0x18/0x40 [ 12.564240] kasan_save_alloc_info+0x3b/0x50 [ 12.564646] __kasan_kmalloc+0xb7/0xc0 [ 12.564840] __kmalloc_cache_noprof+0x189/0x420 [ 12.565057] ksize_uaf+0xaa/0x6c0 [ 12.565237] kunit_try_run_case+0x1a5/0x480 [ 12.565479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.565826] kthread+0x337/0x6f0 [ 12.565953] ret_from_fork+0x116/0x1d0 [ 12.566087] ret_from_fork_asm+0x1a/0x30 [ 12.566285] [ 12.566382] Freed by task 214: [ 12.566766] kasan_save_stack+0x45/0x70 [ 12.566932] kasan_save_track+0x18/0x40 [ 12.567099] kasan_save_free_info+0x3f/0x60 [ 12.567282] __kasan_slab_free+0x56/0x70 [ 12.567532] kfree+0x222/0x3f0 [ 12.567698] ksize_uaf+0x12c/0x6c0 [ 12.567840] kunit_try_run_case+0x1a5/0x480 [ 12.568006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.568237] kthread+0x337/0x6f0 [ 12.568389] ret_from_fork+0x116/0x1d0 [ 12.568743] ret_from_fork_asm+0x1a/0x30 [ 12.568924] [ 12.569021] The buggy address belongs to the object at ffff8881026cea00 [ 12.569021] which belongs to the cache kmalloc-128 of size 128 [ 12.569374] The buggy address is located 120 bytes inside of [ 12.569374] freed 128-byte region [ffff8881026cea00, ffff8881026cea80) [ 12.569800] [ 12.569897] The buggy address belongs to the physical page: [ 12.570212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 12.570573] flags: 0x200000000000000(node=0|zone=2) [ 12.570874] page_type: f5(slab) [ 12.571106] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.571333] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.572056] page dumped because: kasan: bad access detected [ 12.572276] [ 12.572368] Memory state around the buggy address: [ 12.572757] ffff8881026ce900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.573079] ffff8881026ce980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.573351] >ffff8881026cea00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.573760] ^ [ 12.574041] ffff8881026cea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.574326] ffff8881026ceb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.574652] ================================================================== [ 12.497102] ================================================================== [ 12.498862] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 12.499334] Read of size 1 at addr ffff8881026cea00 by task kunit_try_catch/214 [ 12.500171] [ 12.500491] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.500544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.500555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.500577] Call Trace: [ 12.500590] <TASK> [ 12.500608] dump_stack_lvl+0x73/0xb0 [ 12.500640] print_report+0xd1/0x610 [ 12.500662] ? __virt_addr_valid+0x1db/0x2d0 [ 12.500686] ? ksize_uaf+0x19d/0x6c0 [ 12.500709] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.500732] ? ksize_uaf+0x19d/0x6c0 [ 12.500752] kasan_report+0x141/0x180 [ 12.500774] ? ksize_uaf+0x19d/0x6c0 [ 12.500797] ? ksize_uaf+0x19d/0x6c0 [ 12.500817] __kasan_check_byte+0x3d/0x50 [ 12.500838] ksize+0x20/0x60 [ 12.500858] ksize_uaf+0x19d/0x6c0 [ 12.500879] ? __pfx_ksize_uaf+0x10/0x10 [ 12.500900] ? __schedule+0x10cc/0x2b60 [ 12.500923] ? __pfx_read_tsc+0x10/0x10 [ 12.500943] ? ktime_get_ts64+0x86/0x230 [ 12.500969] kunit_try_run_case+0x1a5/0x480 [ 12.500994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.501015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.501039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.501063] ? __kthread_parkme+0x82/0x180 [ 12.501083] ? preempt_count_sub+0x50/0x80 [ 12.501107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.501135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.501159] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.501182] kthread+0x337/0x6f0 [ 12.501200] ? trace_preempt_on+0x20/0xc0 [ 12.501223] ? __pfx_kthread+0x10/0x10 [ 12.501243] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.501264] ? calculate_sigpending+0x7b/0xa0 [ 12.501288] ? __pfx_kthread+0x10/0x10 [ 12.501308] ret_from_fork+0x116/0x1d0 [ 12.501326] ? __pfx_kthread+0x10/0x10 [ 12.501346] ret_from_fork_asm+0x1a/0x30 [ 12.501377] </TASK> [ 12.501387] [ 12.512269] Allocated by task 214: [ 12.512783] kasan_save_stack+0x45/0x70 [ 12.512967] kasan_save_track+0x18/0x40 [ 12.513296] kasan_save_alloc_info+0x3b/0x50 [ 12.513644] __kasan_kmalloc+0xb7/0xc0 [ 12.513954] __kmalloc_cache_noprof+0x189/0x420 [ 12.514160] ksize_uaf+0xaa/0x6c0 [ 12.514328] kunit_try_run_case+0x1a5/0x480 [ 12.514805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.515143] kthread+0x337/0x6f0 [ 12.515393] ret_from_fork+0x116/0x1d0 [ 12.515825] ret_from_fork_asm+0x1a/0x30 [ 12.516085] [ 12.516162] Freed by task 214: [ 12.516611] kasan_save_stack+0x45/0x70 [ 12.516760] kasan_save_track+0x18/0x40 [ 12.516979] kasan_save_free_info+0x3f/0x60 [ 12.517264] __kasan_slab_free+0x56/0x70 [ 12.517759] kfree+0x222/0x3f0 [ 12.518065] ksize_uaf+0x12c/0x6c0 [ 12.518224] kunit_try_run_case+0x1a5/0x480 [ 12.518719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.518952] kthread+0x337/0x6f0 [ 12.519106] ret_from_fork+0x116/0x1d0 [ 12.519292] ret_from_fork_asm+0x1a/0x30 [ 12.519487] [ 12.519563] The buggy address belongs to the object at ffff8881026cea00 [ 12.519563] which belongs to the cache kmalloc-128 of size 128 [ 12.520069] The buggy address is located 0 bytes inside of [ 12.520069] freed 128-byte region [ffff8881026cea00, ffff8881026cea80) [ 12.520556] [ 12.520670] The buggy address belongs to the physical page: [ 12.520977] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 12.521225] flags: 0x200000000000000(node=0|zone=2) [ 12.521388] page_type: f5(slab) [ 12.521543] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.521874] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.522207] page dumped because: kasan: bad access detected [ 12.522622] [ 12.522709] Memory state around the buggy address: [ 12.522869] ffff8881026ce900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.523193] ffff8881026ce980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.523541] >ffff8881026cea00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.523783] ^ [ 12.523946] ffff8881026cea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.524201] ffff8881026ceb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.524648] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.451870] ================================================================== [ 12.452205] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.452710] Read of size 1 at addr ffff888102ae1378 by task kunit_try_catch/212 [ 12.453353] [ 12.453559] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.453602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.453613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.453632] Call Trace: [ 12.453648] <TASK> [ 12.453662] dump_stack_lvl+0x73/0xb0 [ 12.453689] print_report+0xd1/0x610 [ 12.453711] ? __virt_addr_valid+0x1db/0x2d0 [ 12.453733] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.453756] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.453778] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.453801] kasan_report+0x141/0x180 [ 12.453822] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.453851] __asan_report_load1_noabort+0x18/0x20 [ 12.453875] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.453898] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.453920] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.453951] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.453979] kunit_try_run_case+0x1a5/0x480 [ 12.454002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.454024] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.454047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.454071] ? __kthread_parkme+0x82/0x180 [ 12.454090] ? preempt_count_sub+0x50/0x80 [ 12.454115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.454138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.454161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.454184] kthread+0x337/0x6f0 [ 12.454203] ? trace_preempt_on+0x20/0xc0 [ 12.454225] ? __pfx_kthread+0x10/0x10 [ 12.454259] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.454284] ? calculate_sigpending+0x7b/0xa0 [ 12.454310] ? __pfx_kthread+0x10/0x10 [ 12.454331] ret_from_fork+0x116/0x1d0 [ 12.454349] ? __pfx_kthread+0x10/0x10 [ 12.454369] ret_from_fork_asm+0x1a/0x30 [ 12.454401] </TASK> [ 12.454411] [ 12.461935] Allocated by task 212: [ 12.462214] kasan_save_stack+0x45/0x70 [ 12.462577] kasan_save_track+0x18/0x40 [ 12.462793] kasan_save_alloc_info+0x3b/0x50 [ 12.463013] __kasan_kmalloc+0xb7/0xc0 [ 12.463197] __kmalloc_cache_noprof+0x189/0x420 [ 12.463482] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.463734] kunit_try_run_case+0x1a5/0x480 [ 12.463947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.464135] kthread+0x337/0x6f0 [ 12.464308] ret_from_fork+0x116/0x1d0 [ 12.464580] ret_from_fork_asm+0x1a/0x30 [ 12.464763] [ 12.464863] The buggy address belongs to the object at ffff888102ae1300 [ 12.464863] which belongs to the cache kmalloc-128 of size 128 [ 12.465330] The buggy address is located 5 bytes to the right of [ 12.465330] allocated 115-byte region [ffff888102ae1300, ffff888102ae1373) [ 12.465917] [ 12.466002] The buggy address belongs to the physical page: [ 12.466228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 12.466719] flags: 0x200000000000000(node=0|zone=2) [ 12.466960] page_type: f5(slab) [ 12.467080] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.467313] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.467891] page dumped because: kasan: bad access detected [ 12.468231] [ 12.468303] Memory state around the buggy address: [ 12.468468] ffff888102ae1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.468887] ffff888102ae1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.469218] >ffff888102ae1300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.469693] ^ [ 12.470002] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.470219] ffff888102ae1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.470433] ================================================================== [ 12.433750] ================================================================== [ 12.434193] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.434633] Read of size 1 at addr ffff888102ae1373 by task kunit_try_catch/212 [ 12.434955] [ 12.435066] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.435111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.435122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.435143] Call Trace: [ 12.435155] <TASK> [ 12.435171] dump_stack_lvl+0x73/0xb0 [ 12.435201] print_report+0xd1/0x610 [ 12.435223] ? __virt_addr_valid+0x1db/0x2d0 [ 12.435245] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.435268] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.435290] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.435314] kasan_report+0x141/0x180 [ 12.435336] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.435365] __asan_report_load1_noabort+0x18/0x20 [ 12.435388] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.435412] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.435446] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.435478] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.435506] kunit_try_run_case+0x1a5/0x480 [ 12.435531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.435629] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.435656] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.435680] ? __kthread_parkme+0x82/0x180 [ 12.435700] ? preempt_count_sub+0x50/0x80 [ 12.435725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.435748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.435771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.435795] kthread+0x337/0x6f0 [ 12.435813] ? trace_preempt_on+0x20/0xc0 [ 12.435836] ? __pfx_kthread+0x10/0x10 [ 12.435856] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.435877] ? calculate_sigpending+0x7b/0xa0 [ 12.435901] ? __pfx_kthread+0x10/0x10 [ 12.435921] ret_from_fork+0x116/0x1d0 [ 12.435940] ? __pfx_kthread+0x10/0x10 [ 12.435959] ret_from_fork_asm+0x1a/0x30 [ 12.435991] </TASK> [ 12.436001] [ 12.443319] Allocated by task 212: [ 12.443616] kasan_save_stack+0x45/0x70 [ 12.443798] kasan_save_track+0x18/0x40 [ 12.443962] kasan_save_alloc_info+0x3b/0x50 [ 12.444159] __kasan_kmalloc+0xb7/0xc0 [ 12.444334] __kmalloc_cache_noprof+0x189/0x420 [ 12.444661] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.444869] kunit_try_run_case+0x1a5/0x480 [ 12.445035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.445216] kthread+0x337/0x6f0 [ 12.445338] ret_from_fork+0x116/0x1d0 [ 12.445492] ret_from_fork_asm+0x1a/0x30 [ 12.445689] [ 12.445783] The buggy address belongs to the object at ffff888102ae1300 [ 12.445783] which belongs to the cache kmalloc-128 of size 128 [ 12.446299] The buggy address is located 0 bytes to the right of [ 12.446299] allocated 115-byte region [ffff888102ae1300, ffff888102ae1373) [ 12.447170] [ 12.447276] The buggy address belongs to the physical page: [ 12.447740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 12.448036] flags: 0x200000000000000(node=0|zone=2) [ 12.448236] page_type: f5(slab) [ 12.448367] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.448872] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.449169] page dumped because: kasan: bad access detected [ 12.449405] [ 12.449576] Memory state around the buggy address: [ 12.449757] ffff888102ae1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.450050] ffff888102ae1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.450347] >ffff888102ae1300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.450813] ^ [ 12.451038] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.451257] ffff888102ae1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.451483] ================================================================== [ 12.470825] ================================================================== [ 12.471157] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.471713] Read of size 1 at addr ffff888102ae137f by task kunit_try_catch/212 [ 12.472289] [ 12.472547] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.472591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.472602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.472621] Call Trace: [ 12.472639] <TASK> [ 12.472655] dump_stack_lvl+0x73/0xb0 [ 12.472684] print_report+0xd1/0x610 [ 12.472706] ? __virt_addr_valid+0x1db/0x2d0 [ 12.472728] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.472751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.472773] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.472797] kasan_report+0x141/0x180 [ 12.472818] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.472847] __asan_report_load1_noabort+0x18/0x20 [ 12.472871] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.472895] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.472917] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.472949] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.472977] kunit_try_run_case+0x1a5/0x480 [ 12.473001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.473022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.473046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.473069] ? __kthread_parkme+0x82/0x180 [ 12.473089] ? preempt_count_sub+0x50/0x80 [ 12.473114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.473149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.473173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.473196] kthread+0x337/0x6f0 [ 12.473215] ? trace_preempt_on+0x20/0xc0 [ 12.473238] ? __pfx_kthread+0x10/0x10 [ 12.473258] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.473280] ? calculate_sigpending+0x7b/0xa0 [ 12.473303] ? __pfx_kthread+0x10/0x10 [ 12.473324] ret_from_fork+0x116/0x1d0 [ 12.473342] ? __pfx_kthread+0x10/0x10 [ 12.473362] ret_from_fork_asm+0x1a/0x30 [ 12.473394] </TASK> [ 12.473404] [ 12.480768] Allocated by task 212: [ 12.480955] kasan_save_stack+0x45/0x70 [ 12.481174] kasan_save_track+0x18/0x40 [ 12.481367] kasan_save_alloc_info+0x3b/0x50 [ 12.481703] __kasan_kmalloc+0xb7/0xc0 [ 12.481884] __kmalloc_cache_noprof+0x189/0x420 [ 12.482084] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.482290] kunit_try_run_case+0x1a5/0x480 [ 12.482549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.482802] kthread+0x337/0x6f0 [ 12.482969] ret_from_fork+0x116/0x1d0 [ 12.483157] ret_from_fork_asm+0x1a/0x30 [ 12.483335] [ 12.483609] The buggy address belongs to the object at ffff888102ae1300 [ 12.483609] which belongs to the cache kmalloc-128 of size 128 [ 12.484116] The buggy address is located 12 bytes to the right of [ 12.484116] allocated 115-byte region [ffff888102ae1300, ffff888102ae1373) [ 12.484727] [ 12.484819] The buggy address belongs to the physical page: [ 12.485044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 12.485370] flags: 0x200000000000000(node=0|zone=2) [ 12.485637] page_type: f5(slab) [ 12.485789] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.486055] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.486278] page dumped because: kasan: bad access detected [ 12.486456] [ 12.486524] Memory state around the buggy address: [ 12.486677] ffff888102ae1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.486933] ffff888102ae1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.487243] >ffff888102ae1300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.487749] ^ [ 12.488068] ffff888102ae1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.488384] ffff888102ae1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.488805] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.391157] ================================================================== [ 12.391586] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.391877] Free of addr ffff8881016842e0 by task kunit_try_catch/210 [ 12.392162] [ 12.392258] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.392300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.392310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.392330] Call Trace: [ 12.392346] <TASK> [ 12.392361] dump_stack_lvl+0x73/0xb0 [ 12.392388] print_report+0xd1/0x610 [ 12.392599] ? __virt_addr_valid+0x1db/0x2d0 [ 12.392642] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.392665] ? kfree_sensitive+0x2e/0x90 [ 12.392686] kasan_report_invalid_free+0x10a/0x130 [ 12.392962] ? kfree_sensitive+0x2e/0x90 [ 12.392989] ? kfree_sensitive+0x2e/0x90 [ 12.393009] check_slab_allocation+0x101/0x130 [ 12.393031] __kasan_slab_pre_free+0x28/0x40 [ 12.393051] kfree+0xf0/0x3f0 [ 12.393073] ? kfree_sensitive+0x2e/0x90 [ 12.393095] kfree_sensitive+0x2e/0x90 [ 12.393114] kmalloc_double_kzfree+0x19c/0x350 [ 12.393145] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.393168] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.393193] ? trace_hardirqs_on+0x37/0xe0 [ 12.393216] ? __pfx_read_tsc+0x10/0x10 [ 12.393235] ? ktime_get_ts64+0x86/0x230 [ 12.393259] kunit_try_run_case+0x1a5/0x480 [ 12.393282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.393306] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.393330] ? __kthread_parkme+0x82/0x180 [ 12.393349] ? preempt_count_sub+0x50/0x80 [ 12.393373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.393396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.393476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.393500] kthread+0x337/0x6f0 [ 12.393519] ? trace_preempt_on+0x20/0xc0 [ 12.393540] ? __pfx_kthread+0x10/0x10 [ 12.393559] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.393581] ? calculate_sigpending+0x7b/0xa0 [ 12.393604] ? __pfx_kthread+0x10/0x10 [ 12.393625] ret_from_fork+0x116/0x1d0 [ 12.393643] ? __pfx_kthread+0x10/0x10 [ 12.393662] ret_from_fork_asm+0x1a/0x30 [ 12.393695] </TASK> [ 12.393705] [ 12.407424] Allocated by task 210: [ 12.407661] kasan_save_stack+0x45/0x70 [ 12.408109] kasan_save_track+0x18/0x40 [ 12.408423] kasan_save_alloc_info+0x3b/0x50 [ 12.408601] __kasan_kmalloc+0xb7/0xc0 [ 12.409095] __kmalloc_cache_noprof+0x189/0x420 [ 12.409534] kmalloc_double_kzfree+0xa9/0x350 [ 12.409694] kunit_try_run_case+0x1a5/0x480 [ 12.409846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.410028] kthread+0x337/0x6f0 [ 12.410148] ret_from_fork+0x116/0x1d0 [ 12.410279] ret_from_fork_asm+0x1a/0x30 [ 12.410493] [ 12.410736] Freed by task 210: [ 12.411064] kasan_save_stack+0x45/0x70 [ 12.411402] kasan_save_track+0x18/0x40 [ 12.411996] kasan_save_free_info+0x3f/0x60 [ 12.412390] __kasan_slab_free+0x56/0x70 [ 12.412917] kfree+0x222/0x3f0 [ 12.413224] kfree_sensitive+0x67/0x90 [ 12.413716] kmalloc_double_kzfree+0x12b/0x350 [ 12.414138] kunit_try_run_case+0x1a5/0x480 [ 12.414617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.415103] kthread+0x337/0x6f0 [ 12.415416] ret_from_fork+0x116/0x1d0 [ 12.415919] ret_from_fork_asm+0x1a/0x30 [ 12.416276] [ 12.416350] The buggy address belongs to the object at ffff8881016842e0 [ 12.416350] which belongs to the cache kmalloc-16 of size 16 [ 12.417656] The buggy address is located 0 bytes inside of [ 12.417656] 16-byte region [ffff8881016842e0, ffff8881016842f0) [ 12.418116] [ 12.418190] The buggy address belongs to the physical page: [ 12.418358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 12.419139] flags: 0x200000000000000(node=0|zone=2) [ 12.419677] page_type: f5(slab) [ 12.420073] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.420834] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.421761] page dumped because: kasan: bad access detected [ 12.421986] [ 12.422057] Memory state around the buggy address: [ 12.422216] ffff888101684180: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 12.422537] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 12.423216] >ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.423939] ^ [ 12.424560] ffff888101684300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.425209] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.425969] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.362769] ================================================================== [ 12.363354] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.363794] Read of size 1 at addr ffff8881016842e0 by task kunit_try_catch/210 [ 12.364100] [ 12.364217] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.364262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.364273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.364294] Call Trace: [ 12.364305] <TASK> [ 12.364320] dump_stack_lvl+0x73/0xb0 [ 12.364351] print_report+0xd1/0x610 [ 12.364374] ? __virt_addr_valid+0x1db/0x2d0 [ 12.364398] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.364893] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.364917] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.364941] kasan_report+0x141/0x180 [ 12.364963] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.364990] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.365013] __kasan_check_byte+0x3d/0x50 [ 12.365232] kfree_sensitive+0x22/0x90 [ 12.365258] kmalloc_double_kzfree+0x19c/0x350 [ 12.365282] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.365304] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.365329] ? trace_hardirqs_on+0x37/0xe0 [ 12.365352] ? __pfx_read_tsc+0x10/0x10 [ 12.365373] ? ktime_get_ts64+0x86/0x230 [ 12.365450] kunit_try_run_case+0x1a5/0x480 [ 12.365479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.365503] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.365528] ? __kthread_parkme+0x82/0x180 [ 12.365549] ? preempt_count_sub+0x50/0x80 [ 12.365573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.365596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.365619] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.365643] kthread+0x337/0x6f0 [ 12.365661] ? trace_preempt_on+0x20/0xc0 [ 12.365683] ? __pfx_kthread+0x10/0x10 [ 12.365703] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.365723] ? calculate_sigpending+0x7b/0xa0 [ 12.365747] ? __pfx_kthread+0x10/0x10 [ 12.365768] ret_from_fork+0x116/0x1d0 [ 12.365786] ? __pfx_kthread+0x10/0x10 [ 12.365806] ret_from_fork_asm+0x1a/0x30 [ 12.365838] </TASK> [ 12.365849] [ 12.375960] Allocated by task 210: [ 12.376260] kasan_save_stack+0x45/0x70 [ 12.376660] kasan_save_track+0x18/0x40 [ 12.376853] kasan_save_alloc_info+0x3b/0x50 [ 12.377182] __kasan_kmalloc+0xb7/0xc0 [ 12.377415] __kmalloc_cache_noprof+0x189/0x420 [ 12.377815] kmalloc_double_kzfree+0xa9/0x350 [ 12.378012] kunit_try_run_case+0x1a5/0x480 [ 12.378203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.378424] kthread+0x337/0x6f0 [ 12.379019] ret_from_fork+0x116/0x1d0 [ 12.379170] ret_from_fork_asm+0x1a/0x30 [ 12.379483] [ 12.379580] Freed by task 210: [ 12.379726] kasan_save_stack+0x45/0x70 [ 12.379915] kasan_save_track+0x18/0x40 [ 12.380091] kasan_save_free_info+0x3f/0x60 [ 12.380279] __kasan_slab_free+0x56/0x70 [ 12.380483] kfree+0x222/0x3f0 [ 12.381046] kfree_sensitive+0x67/0x90 [ 12.381214] kmalloc_double_kzfree+0x12b/0x350 [ 12.381561] kunit_try_run_case+0x1a5/0x480 [ 12.381939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.382260] kthread+0x337/0x6f0 [ 12.382389] ret_from_fork+0x116/0x1d0 [ 12.382672] ret_from_fork_asm+0x1a/0x30 [ 12.383137] [ 12.383225] The buggy address belongs to the object at ffff8881016842e0 [ 12.383225] which belongs to the cache kmalloc-16 of size 16 [ 12.383891] The buggy address is located 0 bytes inside of [ 12.383891] freed 16-byte region [ffff8881016842e0, ffff8881016842f0) [ 12.384359] [ 12.384471] The buggy address belongs to the physical page: [ 12.385166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 12.385615] flags: 0x200000000000000(node=0|zone=2) [ 12.385808] page_type: f5(slab) [ 12.386122] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.386527] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.386926] page dumped because: kasan: bad access detected [ 12.387284] [ 12.387384] Memory state around the buggy address: [ 12.387935] ffff888101684180: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 12.388265] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 12.388734] >ffff888101684280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.389055] ^ [ 12.389334] ffff888101684300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.390081] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.390430] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.330702] ================================================================== [ 12.331145] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.331609] Read of size 1 at addr ffff888102ae7628 by task kunit_try_catch/206 [ 12.331914] [ 12.332014] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.332058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.332069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.332090] Call Trace: [ 12.332101] <TASK> [ 12.332116] dump_stack_lvl+0x73/0xb0 [ 12.332147] print_report+0xd1/0x610 [ 12.332169] ? __virt_addr_valid+0x1db/0x2d0 [ 12.332191] ? kmalloc_uaf2+0x4a8/0x520 [ 12.332210] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.332232] ? kmalloc_uaf2+0x4a8/0x520 [ 12.332252] kasan_report+0x141/0x180 [ 12.332273] ? kmalloc_uaf2+0x4a8/0x520 [ 12.332298] __asan_report_load1_noabort+0x18/0x20 [ 12.332322] kmalloc_uaf2+0x4a8/0x520 [ 12.332341] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.332361] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.332391] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.332416] kunit_try_run_case+0x1a5/0x480 [ 12.332452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.332474] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.332498] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.332521] ? __kthread_parkme+0x82/0x180 [ 12.332558] ? preempt_count_sub+0x50/0x80 [ 12.332583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.332607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.332630] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.332654] kthread+0x337/0x6f0 [ 12.332672] ? trace_preempt_on+0x20/0xc0 [ 12.332695] ? __pfx_kthread+0x10/0x10 [ 12.332715] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.332735] ? calculate_sigpending+0x7b/0xa0 [ 12.332759] ? __pfx_kthread+0x10/0x10 [ 12.332779] ret_from_fork+0x116/0x1d0 [ 12.332797] ? __pfx_kthread+0x10/0x10 [ 12.332817] ret_from_fork_asm+0x1a/0x30 [ 12.332849] </TASK> [ 12.332859] [ 12.342095] Allocated by task 206: [ 12.342408] kasan_save_stack+0x45/0x70 [ 12.342826] kasan_save_track+0x18/0x40 [ 12.343025] kasan_save_alloc_info+0x3b/0x50 [ 12.343230] __kasan_kmalloc+0xb7/0xc0 [ 12.343401] __kmalloc_cache_noprof+0x189/0x420 [ 12.343969] kmalloc_uaf2+0xc6/0x520 [ 12.344118] kunit_try_run_case+0x1a5/0x480 [ 12.344547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.344897] kthread+0x337/0x6f0 [ 12.345180] ret_from_fork+0x116/0x1d0 [ 12.345350] ret_from_fork_asm+0x1a/0x30 [ 12.345800] [ 12.345899] Freed by task 206: [ 12.346019] kasan_save_stack+0x45/0x70 [ 12.346219] kasan_save_track+0x18/0x40 [ 12.346386] kasan_save_free_info+0x3f/0x60 [ 12.347018] __kasan_slab_free+0x56/0x70 [ 12.347301] kfree+0x222/0x3f0 [ 12.347505] kmalloc_uaf2+0x14c/0x520 [ 12.347729] kunit_try_run_case+0x1a5/0x480 [ 12.348109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.348463] kthread+0x337/0x6f0 [ 12.348598] ret_from_fork+0x116/0x1d0 [ 12.349001] ret_from_fork_asm+0x1a/0x30 [ 12.349276] [ 12.349359] The buggy address belongs to the object at ffff888102ae7600 [ 12.349359] which belongs to the cache kmalloc-64 of size 64 [ 12.349855] The buggy address is located 40 bytes inside of [ 12.349855] freed 64-byte region [ffff888102ae7600, ffff888102ae7640) [ 12.350328] [ 12.350422] The buggy address belongs to the physical page: [ 12.350644] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae7 [ 12.350988] flags: 0x200000000000000(node=0|zone=2) [ 12.351195] page_type: f5(slab) [ 12.351365] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.352239] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.352612] page dumped because: kasan: bad access detected [ 12.352964] [ 12.353058] Memory state around the buggy address: [ 12.353510] ffff888102ae7500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.354091] ffff888102ae7580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.354378] >ffff888102ae7600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.354887] ^ [ 12.355105] ffff888102ae7680: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.355749] ffff888102ae7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.356103] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.289339] ================================================================== [ 12.289967] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.290210] Write of size 33 at addr ffff8881026e1080 by task kunit_try_catch/204 [ 12.290458] [ 12.290552] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.290597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.290608] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.290629] Call Trace: [ 12.290641] <TASK> [ 12.290658] dump_stack_lvl+0x73/0xb0 [ 12.290688] print_report+0xd1/0x610 [ 12.290710] ? __virt_addr_valid+0x1db/0x2d0 [ 12.290733] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.290754] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.290777] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.290798] kasan_report+0x141/0x180 [ 12.290819] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.290846] kasan_check_range+0x10c/0x1c0 [ 12.290869] __asan_memset+0x27/0x50 [ 12.290888] kmalloc_uaf_memset+0x1a3/0x360 [ 12.290909] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.290931] ? __schedule+0x10cc/0x2b60 [ 12.290953] ? __pfx_read_tsc+0x10/0x10 [ 12.290973] ? ktime_get_ts64+0x86/0x230 [ 12.290999] kunit_try_run_case+0x1a5/0x480 [ 12.291023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.291045] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.291068] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.291091] ? __kthread_parkme+0x82/0x180 [ 12.291110] ? preempt_count_sub+0x50/0x80 [ 12.291134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.291158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.291181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.291204] kthread+0x337/0x6f0 [ 12.291222] ? trace_preempt_on+0x20/0xc0 [ 12.291245] ? __pfx_kthread+0x10/0x10 [ 12.291265] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.291285] ? calculate_sigpending+0x7b/0xa0 [ 12.291309] ? __pfx_kthread+0x10/0x10 [ 12.291330] ret_from_fork+0x116/0x1d0 [ 12.291348] ? __pfx_kthread+0x10/0x10 [ 12.291367] ret_from_fork_asm+0x1a/0x30 [ 12.291399] </TASK> [ 12.291409] [ 12.309934] Allocated by task 204: [ 12.310148] kasan_save_stack+0x45/0x70 [ 12.310669] kasan_save_track+0x18/0x40 [ 12.310998] kasan_save_alloc_info+0x3b/0x50 [ 12.311147] __kasan_kmalloc+0xb7/0xc0 [ 12.311276] __kmalloc_cache_noprof+0x189/0x420 [ 12.311496] kmalloc_uaf_memset+0xa9/0x360 [ 12.311951] kunit_try_run_case+0x1a5/0x480 [ 12.312354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.312989] kthread+0x337/0x6f0 [ 12.313342] ret_from_fork+0x116/0x1d0 [ 12.313794] ret_from_fork_asm+0x1a/0x30 [ 12.314188] [ 12.314388] Freed by task 204: [ 12.314776] kasan_save_stack+0x45/0x70 [ 12.314918] kasan_save_track+0x18/0x40 [ 12.315049] kasan_save_free_info+0x3f/0x60 [ 12.315190] __kasan_slab_free+0x56/0x70 [ 12.315322] kfree+0x222/0x3f0 [ 12.315477] kmalloc_uaf_memset+0x12b/0x360 [ 12.315619] kunit_try_run_case+0x1a5/0x480 [ 12.315897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.316384] kthread+0x337/0x6f0 [ 12.316837] ret_from_fork+0x116/0x1d0 [ 12.317083] ret_from_fork_asm+0x1a/0x30 [ 12.317226] [ 12.317297] The buggy address belongs to the object at ffff8881026e1080 [ 12.317297] which belongs to the cache kmalloc-64 of size 64 [ 12.318373] The buggy address is located 0 bytes inside of [ 12.318373] freed 64-byte region [ffff8881026e1080, ffff8881026e10c0) [ 12.319711] [ 12.319912] The buggy address belongs to the physical page: [ 12.320193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026e1 [ 12.320450] flags: 0x200000000000000(node=0|zone=2) [ 12.320870] page_type: f5(slab) [ 12.321211] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.322022] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.322796] page dumped because: kasan: bad access detected [ 12.322969] [ 12.323038] Memory state around the buggy address: [ 12.323189] ffff8881026e0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.323395] ffff8881026e1000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.323618] >ffff8881026e1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.324001] ^ [ 12.324149] ffff8881026e1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.324377] ffff8881026e1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.324890] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.251724] ================================================================== [ 12.254175] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.255543] Read of size 1 at addr ffff888101cb3ce8 by task kunit_try_catch/202 [ 12.256134] [ 12.256306] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.256354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.256365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.256386] Call Trace: [ 12.256399] <TASK> [ 12.256416] dump_stack_lvl+0x73/0xb0 [ 12.256464] print_report+0xd1/0x610 [ 12.256489] ? __virt_addr_valid+0x1db/0x2d0 [ 12.256514] ? kmalloc_uaf+0x320/0x380 [ 12.256537] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.256563] ? kmalloc_uaf+0x320/0x380 [ 12.256584] kasan_report+0x141/0x180 [ 12.256609] ? kmalloc_uaf+0x320/0x380 [ 12.256639] __asan_report_load1_noabort+0x18/0x20 [ 12.256666] kmalloc_uaf+0x320/0x380 [ 12.256687] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.256713] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.256743] ? trace_hardirqs_on+0x37/0xe0 [ 12.256774] ? __pfx_read_tsc+0x10/0x10 [ 12.256796] ? ktime_get_ts64+0x86/0x230 [ 12.256821] kunit_try_run_case+0x1a5/0x480 [ 12.256848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.256873] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.256906] ? __kthread_parkme+0x82/0x180 [ 12.256930] ? preempt_count_sub+0x50/0x80 [ 12.256957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.256982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.257014] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.257042] kthread+0x337/0x6f0 [ 12.257063] ? trace_preempt_on+0x20/0xc0 [ 12.257087] ? __pfx_kthread+0x10/0x10 [ 12.257111] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.257141] ? calculate_sigpending+0x7b/0xa0 [ 12.257172] ? __pfx_kthread+0x10/0x10 [ 12.257195] ret_from_fork+0x116/0x1d0 [ 12.257218] ? __pfx_kthread+0x10/0x10 [ 12.257239] ret_from_fork_asm+0x1a/0x30 [ 12.257276] </TASK> [ 12.257287] [ 12.270455] Allocated by task 202: [ 12.270593] kasan_save_stack+0x45/0x70 [ 12.270741] kasan_save_track+0x18/0x40 [ 12.270876] kasan_save_alloc_info+0x3b/0x50 [ 12.271056] __kasan_kmalloc+0xb7/0xc0 [ 12.271239] __kmalloc_cache_noprof+0x189/0x420 [ 12.272212] kmalloc_uaf+0xaa/0x380 [ 12.272400] kunit_try_run_case+0x1a5/0x480 [ 12.272619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.272913] kthread+0x337/0x6f0 [ 12.273078] ret_from_fork+0x116/0x1d0 [ 12.273217] ret_from_fork_asm+0x1a/0x30 [ 12.273361] [ 12.273468] Freed by task 202: [ 12.274554] kasan_save_stack+0x45/0x70 [ 12.274766] kasan_save_track+0x18/0x40 [ 12.274951] kasan_save_free_info+0x3f/0x60 [ 12.275135] __kasan_slab_free+0x56/0x70 [ 12.275333] kfree+0x222/0x3f0 [ 12.275526] kmalloc_uaf+0x12c/0x380 [ 12.276569] kunit_try_run_case+0x1a5/0x480 [ 12.276952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.277168] kthread+0x337/0x6f0 [ 12.277330] ret_from_fork+0x116/0x1d0 [ 12.277523] ret_from_fork_asm+0x1a/0x30 [ 12.278707] [ 12.278782] The buggy address belongs to the object at ffff888101cb3ce0 [ 12.278782] which belongs to the cache kmalloc-16 of size 16 [ 12.279223] The buggy address is located 8 bytes inside of [ 12.279223] freed 16-byte region [ffff888101cb3ce0, ffff888101cb3cf0) [ 12.279753] [ 12.279835] The buggy address belongs to the physical page: [ 12.280020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cb3 [ 12.280374] flags: 0x200000000000000(node=0|zone=2) [ 12.280592] page_type: f5(slab) [ 12.281541] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.281898] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.282179] page dumped because: kasan: bad access detected [ 12.282417] [ 12.282522] Memory state around the buggy address: [ 12.282714] ffff888101cb3b80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.282996] ffff888101cb3c00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 12.283287] >ffff888101cb3c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.284722] ^ [ 12.284946] ffff888101cb3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.285271] ffff888101cb3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.285520] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.212591] ================================================================== [ 12.213745] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.214864] Read of size 64 at addr ffff8881026d7f04 by task kunit_try_catch/200 [ 12.215146] [ 12.215237] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.215281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.215292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.215312] Call Trace: [ 12.215324] <TASK> [ 12.215339] dump_stack_lvl+0x73/0xb0 [ 12.215370] print_report+0xd1/0x610 [ 12.215392] ? __virt_addr_valid+0x1db/0x2d0 [ 12.215415] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.215454] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.215476] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.215501] kasan_report+0x141/0x180 [ 12.215522] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.215561] kasan_check_range+0x10c/0x1c0 [ 12.215584] __asan_memmove+0x27/0x70 [ 12.215603] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.215628] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.215654] ? __schedule+0x10cc/0x2b60 [ 12.215677] ? __pfx_read_tsc+0x10/0x10 [ 12.215697] ? ktime_get_ts64+0x86/0x230 [ 12.215722] kunit_try_run_case+0x1a5/0x480 [ 12.215746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.215767] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.215790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.215813] ? __kthread_parkme+0x82/0x180 [ 12.215833] ? preempt_count_sub+0x50/0x80 [ 12.215856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.215880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.215903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.215926] kthread+0x337/0x6f0 [ 12.215944] ? trace_preempt_on+0x20/0xc0 [ 12.215968] ? __pfx_kthread+0x10/0x10 [ 12.215987] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.216008] ? calculate_sigpending+0x7b/0xa0 [ 12.216031] ? __pfx_kthread+0x10/0x10 [ 12.216052] ret_from_fork+0x116/0x1d0 [ 12.216069] ? __pfx_kthread+0x10/0x10 [ 12.216088] ret_from_fork_asm+0x1a/0x30 [ 12.216120] </TASK> [ 12.216129] [ 12.231128] Allocated by task 200: [ 12.231312] kasan_save_stack+0x45/0x70 [ 12.231841] kasan_save_track+0x18/0x40 [ 12.232221] kasan_save_alloc_info+0x3b/0x50 [ 12.232483] __kasan_kmalloc+0xb7/0xc0 [ 12.232649] __kmalloc_cache_noprof+0x189/0x420 [ 12.233071] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.233343] kunit_try_run_case+0x1a5/0x480 [ 12.233835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.234198] kthread+0x337/0x6f0 [ 12.234334] ret_from_fork+0x116/0x1d0 [ 12.234544] ret_from_fork_asm+0x1a/0x30 [ 12.234737] [ 12.234826] The buggy address belongs to the object at ffff8881026d7f00 [ 12.234826] which belongs to the cache kmalloc-64 of size 64 [ 12.235336] The buggy address is located 4 bytes inside of [ 12.235336] allocated 64-byte region [ffff8881026d7f00, ffff8881026d7f40) [ 12.236830] [ 12.237144] The buggy address belongs to the physical page: [ 12.237960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d7 [ 12.238214] flags: 0x200000000000000(node=0|zone=2) [ 12.238383] page_type: f5(slab) [ 12.238976] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.239862] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.240759] page dumped because: kasan: bad access detected [ 12.241418] [ 12.241520] Memory state around the buggy address: [ 12.242170] ffff8881026d7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.242973] ffff8881026d7e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.243539] >ffff8881026d7f00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.244052] ^ [ 12.244226] ffff8881026d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.244504] ffff8881026d8000: 00 00 00 00 00 00 00 fc fc fc fc 00 00 00 00 00 [ 12.245196] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.180829] ================================================================== [ 12.181265] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.181881] Read of size 18446744073709551614 at addr ffff8881026d7e84 by task kunit_try_catch/198 [ 12.182205] [ 12.182295] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.182338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.182350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.182370] Call Trace: [ 12.182382] <TASK> [ 12.182444] dump_stack_lvl+0x73/0xb0 [ 12.182478] print_report+0xd1/0x610 [ 12.182512] ? __virt_addr_valid+0x1db/0x2d0 [ 12.182565] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.182591] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.182626] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.182671] kasan_report+0x141/0x180 [ 12.182694] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.182726] kasan_check_range+0x10c/0x1c0 [ 12.182751] __asan_memmove+0x27/0x70 [ 12.182789] kmalloc_memmove_negative_size+0x171/0x330 [ 12.182819] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.182849] ? __schedule+0x10cc/0x2b60 [ 12.182873] ? __pfx_read_tsc+0x10/0x10 [ 12.182894] ? ktime_get_ts64+0x86/0x230 [ 12.182929] kunit_try_run_case+0x1a5/0x480 [ 12.182954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.182988] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.183015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.183041] ? __kthread_parkme+0x82/0x180 [ 12.183063] ? preempt_count_sub+0x50/0x80 [ 12.183088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.183113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.183138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.183163] kthread+0x337/0x6f0 [ 12.183183] ? trace_preempt_on+0x20/0xc0 [ 12.183206] ? __pfx_kthread+0x10/0x10 [ 12.183227] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.183251] ? calculate_sigpending+0x7b/0xa0 [ 12.183276] ? __pfx_kthread+0x10/0x10 [ 12.183299] ret_from_fork+0x116/0x1d0 [ 12.183319] ? __pfx_kthread+0x10/0x10 [ 12.183340] ret_from_fork_asm+0x1a/0x30 [ 12.183373] </TASK> [ 12.183383] [ 12.195587] Allocated by task 198: [ 12.196054] kasan_save_stack+0x45/0x70 [ 12.196602] kasan_save_track+0x18/0x40 [ 12.196981] kasan_save_alloc_info+0x3b/0x50 [ 12.197384] __kasan_kmalloc+0xb7/0xc0 [ 12.197845] __kmalloc_cache_noprof+0x189/0x420 [ 12.198272] kmalloc_memmove_negative_size+0xac/0x330 [ 12.198804] kunit_try_run_case+0x1a5/0x480 [ 12.199194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.199770] kthread+0x337/0x6f0 [ 12.200093] ret_from_fork+0x116/0x1d0 [ 12.200447] ret_from_fork_asm+0x1a/0x30 [ 12.200928] [ 12.201113] The buggy address belongs to the object at ffff8881026d7e80 [ 12.201113] which belongs to the cache kmalloc-64 of size 64 [ 12.202351] The buggy address is located 4 bytes inside of [ 12.202351] 64-byte region [ffff8881026d7e80, ffff8881026d7ec0) [ 12.203500] [ 12.203680] The buggy address belongs to the physical page: [ 12.204175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026d7 [ 12.205006] flags: 0x200000000000000(node=0|zone=2) [ 12.205351] page_type: f5(slab) [ 12.205720] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.206107] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.206351] page dumped because: kasan: bad access detected [ 12.206559] [ 12.206627] Memory state around the buggy address: [ 12.206895] ffff8881026d7d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.207174] ffff8881026d7e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.207575] >ffff8881026d7e80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.207871] ^ [ 12.208020] ffff8881026d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.208333] ffff8881026d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.208590] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.150694] ================================================================== [ 12.151163] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.151930] Write of size 16 at addr ffff888102ae1269 by task kunit_try_catch/196 [ 12.152265] [ 12.153014] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.153064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.153076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.153097] Call Trace: [ 12.153108] <TASK> [ 12.153122] dump_stack_lvl+0x73/0xb0 [ 12.153158] print_report+0xd1/0x610 [ 12.153182] ? __virt_addr_valid+0x1db/0x2d0 [ 12.153204] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.153225] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.153247] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.153269] kasan_report+0x141/0x180 [ 12.153290] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.153318] kasan_check_range+0x10c/0x1c0 [ 12.153341] __asan_memset+0x27/0x50 [ 12.153360] kmalloc_oob_memset_16+0x166/0x330 [ 12.153382] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.153486] ? __schedule+0x10cc/0x2b60 [ 12.153512] ? __pfx_read_tsc+0x10/0x10 [ 12.153533] ? ktime_get_ts64+0x86/0x230 [ 12.153563] kunit_try_run_case+0x1a5/0x480 [ 12.153587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.153608] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.153633] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.153656] ? __kthread_parkme+0x82/0x180 [ 12.153676] ? preempt_count_sub+0x50/0x80 [ 12.153701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.153724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.153747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.153770] kthread+0x337/0x6f0 [ 12.153788] ? trace_preempt_on+0x20/0xc0 [ 12.153811] ? __pfx_kthread+0x10/0x10 [ 12.153831] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.153851] ? calculate_sigpending+0x7b/0xa0 [ 12.153875] ? __pfx_kthread+0x10/0x10 [ 12.153895] ret_from_fork+0x116/0x1d0 [ 12.153913] ? __pfx_kthread+0x10/0x10 [ 12.153932] ret_from_fork_asm+0x1a/0x30 [ 12.153964] </TASK> [ 12.153974] [ 12.165313] Allocated by task 196: [ 12.165627] kasan_save_stack+0x45/0x70 [ 12.166081] kasan_save_track+0x18/0x40 [ 12.166296] kasan_save_alloc_info+0x3b/0x50 [ 12.166805] __kasan_kmalloc+0xb7/0xc0 [ 12.166973] __kmalloc_cache_noprof+0x189/0x420 [ 12.167321] kmalloc_oob_memset_16+0xac/0x330 [ 12.167718] kunit_try_run_case+0x1a5/0x480 [ 12.168094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.168347] kthread+0x337/0x6f0 [ 12.168843] ret_from_fork+0x116/0x1d0 [ 12.169026] ret_from_fork_asm+0x1a/0x30 [ 12.169427] [ 12.169748] The buggy address belongs to the object at ffff888102ae1200 [ 12.169748] which belongs to the cache kmalloc-128 of size 128 [ 12.170395] The buggy address is located 105 bytes inside of [ 12.170395] allocated 120-byte region [ffff888102ae1200, ffff888102ae1278) [ 12.171071] [ 12.171176] The buggy address belongs to the physical page: [ 12.171715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 12.172149] flags: 0x200000000000000(node=0|zone=2) [ 12.172398] page_type: f5(slab) [ 12.172924] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.173348] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.173813] page dumped because: kasan: bad access detected [ 12.174050] [ 12.174128] Memory state around the buggy address: [ 12.174349] ffff888102ae1100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.175032] ffff888102ae1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.175430] >ffff888102ae1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.175789] ^ [ 12.176252] ffff888102ae1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.176869] ffff888102ae1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.177311] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.124370] ================================================================== [ 12.125001] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.125257] Write of size 8 at addr ffff8881026ce971 by task kunit_try_catch/194 [ 12.125497] [ 12.125583] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.125627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.125638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.125658] Call Trace: [ 12.125670] <TASK> [ 12.125689] dump_stack_lvl+0x73/0xb0 [ 12.125719] print_report+0xd1/0x610 [ 12.125741] ? __virt_addr_valid+0x1db/0x2d0 [ 12.125765] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.125786] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.125808] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.125830] kasan_report+0x141/0x180 [ 12.125851] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.125878] kasan_check_range+0x10c/0x1c0 [ 12.125902] __asan_memset+0x27/0x50 [ 12.125920] kmalloc_oob_memset_8+0x166/0x330 [ 12.125943] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.125965] ? __schedule+0x10cc/0x2b60 [ 12.125988] ? __pfx_read_tsc+0x10/0x10 [ 12.126009] ? ktime_get_ts64+0x86/0x230 [ 12.126035] kunit_try_run_case+0x1a5/0x480 [ 12.126061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.126085] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.126111] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.126134] ? __kthread_parkme+0x82/0x180 [ 12.126154] ? preempt_count_sub+0x50/0x80 [ 12.126179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.126203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.126227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.126250] kthread+0x337/0x6f0 [ 12.126278] ? trace_preempt_on+0x20/0xc0 [ 12.126301] ? __pfx_kthread+0x10/0x10 [ 12.126325] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.126368] ? calculate_sigpending+0x7b/0xa0 [ 12.126393] ? __pfx_kthread+0x10/0x10 [ 12.126413] ret_from_fork+0x116/0x1d0 [ 12.126432] ? __pfx_kthread+0x10/0x10 [ 12.126460] ret_from_fork_asm+0x1a/0x30 [ 12.126493] </TASK> [ 12.126876] [ 12.135224] Allocated by task 194: [ 12.135477] kasan_save_stack+0x45/0x70 [ 12.135724] kasan_save_track+0x18/0x40 [ 12.135913] kasan_save_alloc_info+0x3b/0x50 [ 12.136135] __kasan_kmalloc+0xb7/0xc0 [ 12.136264] __kmalloc_cache_noprof+0x189/0x420 [ 12.136477] kmalloc_oob_memset_8+0xac/0x330 [ 12.137429] kunit_try_run_case+0x1a5/0x480 [ 12.137710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.138281] kthread+0x337/0x6f0 [ 12.138627] ret_from_fork+0x116/0x1d0 [ 12.138830] ret_from_fork_asm+0x1a/0x30 [ 12.139046] [ 12.139327] The buggy address belongs to the object at ffff8881026ce900 [ 12.139327] which belongs to the cache kmalloc-128 of size 128 [ 12.140082] The buggy address is located 113 bytes inside of [ 12.140082] allocated 120-byte region [ffff8881026ce900, ffff8881026ce978) [ 12.140677] [ 12.140781] The buggy address belongs to the physical page: [ 12.141201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 12.141861] flags: 0x200000000000000(node=0|zone=2) [ 12.142035] page_type: f5(slab) [ 12.142155] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.142378] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.142626] page dumped because: kasan: bad access detected [ 12.143152] [ 12.143256] Memory state around the buggy address: [ 12.143494] ffff8881026ce800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.144099] ffff8881026ce880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.144491] >ffff8881026ce900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.145009] ^ [ 12.145368] ffff8881026ce980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.145872] ffff8881026cea00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.146151] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.080572] ================================================================== [ 12.081249] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.081502] Write of size 2 at addr ffff888102ae1177 by task kunit_try_catch/190 [ 12.081726] [ 12.081812] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.081853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.082091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.082119] Call Trace: [ 12.082130] <TASK> [ 12.082145] dump_stack_lvl+0x73/0xb0 [ 12.082175] print_report+0xd1/0x610 [ 12.082197] ? __virt_addr_valid+0x1db/0x2d0 [ 12.082218] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.082240] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.082262] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.082284] kasan_report+0x141/0x180 [ 12.082388] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.082482] kasan_check_range+0x10c/0x1c0 [ 12.082509] __asan_memset+0x27/0x50 [ 12.082528] kmalloc_oob_memset_2+0x166/0x330 [ 12.082558] ? __kasan_check_write+0x18/0x20 [ 12.082602] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.082623] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.082648] ? trace_hardirqs_on+0x37/0xe0 [ 12.082672] ? __pfx_read_tsc+0x10/0x10 [ 12.082692] ? ktime_get_ts64+0x86/0x230 [ 12.082716] kunit_try_run_case+0x1a5/0x480 [ 12.082740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.082764] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.082806] ? __kthread_parkme+0x82/0x180 [ 12.082825] ? preempt_count_sub+0x50/0x80 [ 12.082849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.082872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.082895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.082918] kthread+0x337/0x6f0 [ 12.082937] ? trace_preempt_on+0x20/0xc0 [ 12.082958] ? __pfx_kthread+0x10/0x10 [ 12.082978] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.083010] ? calculate_sigpending+0x7b/0xa0 [ 12.083034] ? __pfx_kthread+0x10/0x10 [ 12.083055] ret_from_fork+0x116/0x1d0 [ 12.083091] ? __pfx_kthread+0x10/0x10 [ 12.083111] ret_from_fork_asm+0x1a/0x30 [ 12.083144] </TASK> [ 12.083153] [ 12.093118] Allocated by task 190: [ 12.093315] kasan_save_stack+0x45/0x70 [ 12.093937] kasan_save_track+0x18/0x40 [ 12.094199] kasan_save_alloc_info+0x3b/0x50 [ 12.094366] __kasan_kmalloc+0xb7/0xc0 [ 12.094687] __kmalloc_cache_noprof+0x189/0x420 [ 12.095130] kmalloc_oob_memset_2+0xac/0x330 [ 12.095385] kunit_try_run_case+0x1a5/0x480 [ 12.095737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.096046] kthread+0x337/0x6f0 [ 12.096192] ret_from_fork+0x116/0x1d0 [ 12.096382] ret_from_fork_asm+0x1a/0x30 [ 12.096694] [ 12.096778] The buggy address belongs to the object at ffff888102ae1100 [ 12.096778] which belongs to the cache kmalloc-128 of size 128 [ 12.097708] The buggy address is located 119 bytes inside of [ 12.097708] allocated 120-byte region [ffff888102ae1100, ffff888102ae1178) [ 12.098231] [ 12.098325] The buggy address belongs to the physical page: [ 12.098533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 12.099330] flags: 0x200000000000000(node=0|zone=2) [ 12.099761] page_type: f5(slab) [ 12.099937] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.100361] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.100857] page dumped because: kasan: bad access detected [ 12.101266] [ 12.101371] Memory state around the buggy address: [ 12.101763] ffff888102ae1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.102127] ffff888102ae1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.102549] >ffff888102ae1100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.102959] ^ [ 12.103218] ffff888102ae1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.103810] ffff888102ae1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.104203] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.053076] ================================================================== [ 12.053705] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.054159] Write of size 128 at addr ffff8881026ce800 by task kunit_try_catch/188 [ 12.054582] [ 12.054701] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.054745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.054756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.054841] Call Trace: [ 12.054855] <TASK> [ 12.054869] dump_stack_lvl+0x73/0xb0 [ 12.054900] print_report+0xd1/0x610 [ 12.054922] ? __virt_addr_valid+0x1db/0x2d0 [ 12.054945] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.054966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.054989] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.055011] kasan_report+0x141/0x180 [ 12.055033] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.055060] kasan_check_range+0x10c/0x1c0 [ 12.055084] __asan_memset+0x27/0x50 [ 12.055125] kmalloc_oob_in_memset+0x15f/0x320 [ 12.055148] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.055171] ? __schedule+0x10cc/0x2b60 [ 12.055194] ? __pfx_read_tsc+0x10/0x10 [ 12.055231] ? ktime_get_ts64+0x86/0x230 [ 12.055256] kunit_try_run_case+0x1a5/0x480 [ 12.055281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.055302] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.055325] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.055348] ? __kthread_parkme+0x82/0x180 [ 12.055368] ? preempt_count_sub+0x50/0x80 [ 12.055392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.055416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.055505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.055529] kthread+0x337/0x6f0 [ 12.055549] ? trace_preempt_on+0x20/0xc0 [ 12.055572] ? __pfx_kthread+0x10/0x10 [ 12.055592] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.055613] ? calculate_sigpending+0x7b/0xa0 [ 12.055637] ? __pfx_kthread+0x10/0x10 [ 12.055658] ret_from_fork+0x116/0x1d0 [ 12.055676] ? __pfx_kthread+0x10/0x10 [ 12.055696] ret_from_fork_asm+0x1a/0x30 [ 12.055728] </TASK> [ 12.055738] [ 12.063506] Allocated by task 188: [ 12.063715] kasan_save_stack+0x45/0x70 [ 12.063887] kasan_save_track+0x18/0x40 [ 12.064100] kasan_save_alloc_info+0x3b/0x50 [ 12.064312] __kasan_kmalloc+0xb7/0xc0 [ 12.064553] __kmalloc_cache_noprof+0x189/0x420 [ 12.064767] kmalloc_oob_in_memset+0xac/0x320 [ 12.064993] kunit_try_run_case+0x1a5/0x480 [ 12.065171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.065404] kthread+0x337/0x6f0 [ 12.065665] ret_from_fork+0x116/0x1d0 [ 12.065855] ret_from_fork_asm+0x1a/0x30 [ 12.066068] [ 12.066180] The buggy address belongs to the object at ffff8881026ce800 [ 12.066180] which belongs to the cache kmalloc-128 of size 128 [ 12.066739] The buggy address is located 0 bytes inside of [ 12.066739] allocated 120-byte region [ffff8881026ce800, ffff8881026ce878) [ 12.067260] [ 12.067332] The buggy address belongs to the physical page: [ 12.067700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 12.068339] flags: 0x200000000000000(node=0|zone=2) [ 12.068581] page_type: f5(slab) [ 12.068764] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.069108] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.069475] page dumped because: kasan: bad access detected [ 12.069800] [ 12.070053] Memory state around the buggy address: [ 12.070278] ffff8881026ce700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.070867] ffff8881026ce780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.071173] >ffff8881026ce800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.071487] ^ [ 12.071709] ffff8881026ce880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.071917] ffff8881026ce900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.072121] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.554501] ================================================================== [ 11.555371] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.555904] Read of size 1 at addr ffff888103a40000 by task kunit_try_catch/172 [ 11.556405] [ 11.556762] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.556826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.556837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.556858] Call Trace: [ 11.556876] <TASK> [ 11.556890] dump_stack_lvl+0x73/0xb0 [ 11.556919] print_report+0xd1/0x610 [ 11.556940] ? __virt_addr_valid+0x1db/0x2d0 [ 11.556962] ? page_alloc_uaf+0x356/0x3d0 [ 11.556983] ? kasan_addr_to_slab+0x11/0xa0 [ 11.557004] ? page_alloc_uaf+0x356/0x3d0 [ 11.557025] kasan_report+0x141/0x180 [ 11.557046] ? page_alloc_uaf+0x356/0x3d0 [ 11.557073] __asan_report_load1_noabort+0x18/0x20 [ 11.557097] page_alloc_uaf+0x356/0x3d0 [ 11.557118] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.557144] ? __schedule+0x10cc/0x2b60 [ 11.557166] ? __pfx_read_tsc+0x10/0x10 [ 11.557185] ? ktime_get_ts64+0x86/0x230 [ 11.557209] kunit_try_run_case+0x1a5/0x480 [ 11.557234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.557256] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.557278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.557302] ? __kthread_parkme+0x82/0x180 [ 11.557322] ? preempt_count_sub+0x50/0x80 [ 11.557345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.557368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.557391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.557415] kthread+0x337/0x6f0 [ 11.557433] ? trace_preempt_on+0x20/0xc0 [ 11.557465] ? __pfx_kthread+0x10/0x10 [ 11.557559] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.557582] ? calculate_sigpending+0x7b/0xa0 [ 11.557605] ? __pfx_kthread+0x10/0x10 [ 11.557626] ret_from_fork+0x116/0x1d0 [ 11.557644] ? __pfx_kthread+0x10/0x10 [ 11.557663] ret_from_fork_asm+0x1a/0x30 [ 11.557695] </TASK> [ 11.557704] [ 11.572911] The buggy address belongs to the physical page: [ 11.573114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a40 [ 11.573368] flags: 0x200000000000000(node=0|zone=2) [ 11.574212] page_type: f0(buddy) [ 11.574833] raw: 0200000000000000 ffff88817fffc4f0 ffff88817fffc4f0 0000000000000000 [ 11.575611] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 11.576639] page dumped because: kasan: bad access detected [ 11.577178] [ 11.577496] Memory state around the buggy address: [ 11.578171] ffff888103a3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.578842] ffff888103a3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.579269] >ffff888103a40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.580162] ^ [ 11.580700] ffff888103a40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.581760] ffff888103a40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.582101] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.525982] ================================================================== [ 11.526415] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.526929] Free of addr ffff888102be4001 by task kunit_try_catch/168 [ 11.528015] [ 11.528272] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.528336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.528347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.528367] Call Trace: [ 11.528379] <TASK> [ 11.528393] dump_stack_lvl+0x73/0xb0 [ 11.528488] print_report+0xd1/0x610 [ 11.528524] ? __virt_addr_valid+0x1db/0x2d0 [ 11.528562] ? kasan_addr_to_slab+0x11/0xa0 [ 11.528584] ? kfree+0x274/0x3f0 [ 11.528606] kasan_report_invalid_free+0x10a/0x130 [ 11.528633] ? kfree+0x274/0x3f0 [ 11.528657] ? kfree+0x274/0x3f0 [ 11.528677] __kasan_kfree_large+0x86/0xd0 [ 11.528700] free_large_kmalloc+0x4b/0x110 [ 11.528725] kfree+0x274/0x3f0 [ 11.528751] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.528775] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.528801] ? __schedule+0x10cc/0x2b60 [ 11.528824] ? __pfx_read_tsc+0x10/0x10 [ 11.528845] ? ktime_get_ts64+0x86/0x230 [ 11.528873] kunit_try_run_case+0x1a5/0x480 [ 11.528899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.528923] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.528948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.528973] ? __kthread_parkme+0x82/0x180 [ 11.528994] ? preempt_count_sub+0x50/0x80 [ 11.529020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.529045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.529071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.529098] kthread+0x337/0x6f0 [ 11.529117] ? trace_preempt_on+0x20/0xc0 [ 11.529146] ? __pfx_kthread+0x10/0x10 [ 11.529168] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.529191] ? calculate_sigpending+0x7b/0xa0 [ 11.529216] ? __pfx_kthread+0x10/0x10 [ 11.529238] ret_from_fork+0x116/0x1d0 [ 11.529258] ? __pfx_kthread+0x10/0x10 [ 11.529279] ret_from_fork_asm+0x1a/0x30 [ 11.529312] </TASK> [ 11.529322] [ 11.539270] The buggy address belongs to the physical page: [ 11.539818] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be4 [ 11.540315] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.540836] flags: 0x200000000000040(head|node=0|zone=2) [ 11.541093] page_type: f8(unknown) [ 11.541287] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.542026] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.542982] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.543837] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.544527] head: 0200000000000002 ffffea00040af901 00000000ffffffff 00000000ffffffff [ 11.545117] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.545971] page dumped because: kasan: bad access detected [ 11.546223] [ 11.546312] Memory state around the buggy address: [ 11.547045] ffff888102be3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.547403] ffff888102be3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.547652] >ffff888102be4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.547874] ^ [ 11.547995] ffff888102be4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.548215] ffff888102be4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.548467] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.507375] ================================================================== [ 11.508211] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.508534] Read of size 1 at addr ffff888102824000 by task kunit_try_catch/166 [ 11.508879] [ 11.508994] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.509037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.509047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.509067] Call Trace: [ 11.509079] <TASK> [ 11.509093] dump_stack_lvl+0x73/0xb0 [ 11.509121] print_report+0xd1/0x610 [ 11.509148] ? __virt_addr_valid+0x1db/0x2d0 [ 11.509169] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.509189] ? kasan_addr_to_slab+0x11/0xa0 [ 11.509208] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.509229] kasan_report+0x141/0x180 [ 11.509251] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.509277] __asan_report_load1_noabort+0x18/0x20 [ 11.509300] kmalloc_large_uaf+0x2f1/0x340 [ 11.509321] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.509343] ? __schedule+0x10cc/0x2b60 [ 11.509364] ? __pfx_read_tsc+0x10/0x10 [ 11.509384] ? ktime_get_ts64+0x86/0x230 [ 11.509407] kunit_try_run_case+0x1a5/0x480 [ 11.509431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.509464] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.509538] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.509561] ? __kthread_parkme+0x82/0x180 [ 11.509581] ? preempt_count_sub+0x50/0x80 [ 11.509604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.509628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.509651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.509674] kthread+0x337/0x6f0 [ 11.509692] ? trace_preempt_on+0x20/0xc0 [ 11.509714] ? __pfx_kthread+0x10/0x10 [ 11.509734] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.509755] ? calculate_sigpending+0x7b/0xa0 [ 11.509778] ? __pfx_kthread+0x10/0x10 [ 11.509799] ret_from_fork+0x116/0x1d0 [ 11.509816] ? __pfx_kthread+0x10/0x10 [ 11.509836] ret_from_fork_asm+0x1a/0x30 [ 11.509868] </TASK> [ 11.509877] [ 11.517239] The buggy address belongs to the physical page: [ 11.517547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102824 [ 11.517908] flags: 0x200000000000000(node=0|zone=2) [ 11.518133] raw: 0200000000000000 ffffea00040a0a08 ffff888154839f80 0000000000000000 [ 11.518597] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.518840] page dumped because: kasan: bad access detected [ 11.519085] [ 11.519178] Memory state around the buggy address: [ 11.519399] ffff888102823f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.519733] ffff888102823f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.520040] >ffff888102824000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.520254] ^ [ 11.520416] ffff888102824080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.520847] ffff888102824100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.521166] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.487915] ================================================================== [ 11.488399] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.488736] Write of size 1 at addr ffff888102be600a by task kunit_try_catch/164 [ 11.489125] [ 11.489252] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.489295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.489305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.489326] Call Trace: [ 11.489338] <TASK> [ 11.489352] dump_stack_lvl+0x73/0xb0 [ 11.489381] print_report+0xd1/0x610 [ 11.489404] ? __virt_addr_valid+0x1db/0x2d0 [ 11.489427] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.489460] ? kasan_addr_to_slab+0x11/0xa0 [ 11.489480] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.489503] kasan_report+0x141/0x180 [ 11.489525] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.489553] __asan_report_store1_noabort+0x1b/0x30 [ 11.489578] kmalloc_large_oob_right+0x2e9/0x330 [ 11.489647] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.489672] ? __schedule+0x10cc/0x2b60 [ 11.489696] ? __pfx_read_tsc+0x10/0x10 [ 11.489718] ? ktime_get_ts64+0x86/0x230 [ 11.489742] kunit_try_run_case+0x1a5/0x480 [ 11.489767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.489789] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.489814] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.489839] ? __kthread_parkme+0x82/0x180 [ 11.489859] ? preempt_count_sub+0x50/0x80 [ 11.489883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.489906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.489930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.489954] kthread+0x337/0x6f0 [ 11.489973] ? trace_preempt_on+0x20/0xc0 [ 11.489995] ? __pfx_kthread+0x10/0x10 [ 11.490015] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.490037] ? calculate_sigpending+0x7b/0xa0 [ 11.490061] ? __pfx_kthread+0x10/0x10 [ 11.490083] ret_from_fork+0x116/0x1d0 [ 11.490101] ? __pfx_kthread+0x10/0x10 [ 11.490121] ret_from_fork_asm+0x1a/0x30 [ 11.490153] </TASK> [ 11.490163] [ 11.497856] The buggy address belongs to the physical page: [ 11.498077] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be4 [ 11.498365] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.498615] flags: 0x200000000000040(head|node=0|zone=2) [ 11.499122] page_type: f8(unknown) [ 11.499336] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.499900] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.500250] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.500571] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.500955] head: 0200000000000002 ffffea00040af901 00000000ffffffff 00000000ffffffff [ 11.501291] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.501540] page dumped because: kasan: bad access detected [ 11.501739] [ 11.501828] Memory state around the buggy address: [ 11.502058] ffff888102be5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.502474] ffff888102be5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.502905] >ffff888102be6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.503193] ^ [ 11.503346] ffff888102be6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.503664] ffff888102be6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.504066] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.464499] ================================================================== [ 11.465007] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 11.465342] Write of size 1 at addr ffff888102bb5f00 by task kunit_try_catch/162 [ 11.465822] [ 11.465940] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.465983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.465994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.466015] Call Trace: [ 11.466028] <TASK> [ 11.466042] dump_stack_lvl+0x73/0xb0 [ 11.466071] print_report+0xd1/0x610 [ 11.466093] ? __virt_addr_valid+0x1db/0x2d0 [ 11.466116] ? kmalloc_big_oob_right+0x316/0x370 [ 11.466138] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.466161] ? kmalloc_big_oob_right+0x316/0x370 [ 11.466183] kasan_report+0x141/0x180 [ 11.466205] ? kmalloc_big_oob_right+0x316/0x370 [ 11.466233] __asan_report_store1_noabort+0x1b/0x30 [ 11.466257] kmalloc_big_oob_right+0x316/0x370 [ 11.466280] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.466303] ? __schedule+0x10cc/0x2b60 [ 11.466325] ? __pfx_read_tsc+0x10/0x10 [ 11.466345] ? ktime_get_ts64+0x86/0x230 [ 11.466370] kunit_try_run_case+0x1a5/0x480 [ 11.466394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.466774] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.466801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.466824] ? __kthread_parkme+0x82/0x180 [ 11.466845] ? preempt_count_sub+0x50/0x80 [ 11.466870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.466893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.466917] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.466941] kthread+0x337/0x6f0 [ 11.466960] ? trace_preempt_on+0x20/0xc0 [ 11.466983] ? __pfx_kthread+0x10/0x10 [ 11.467003] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.467024] ? calculate_sigpending+0x7b/0xa0 [ 11.467048] ? __pfx_kthread+0x10/0x10 [ 11.467069] ret_from_fork+0x116/0x1d0 [ 11.467087] ? __pfx_kthread+0x10/0x10 [ 11.467106] ret_from_fork_asm+0x1a/0x30 [ 11.467139] </TASK> [ 11.467149] [ 11.473755] Allocated by task 162: [ 11.473932] kasan_save_stack+0x45/0x70 [ 11.474134] kasan_save_track+0x18/0x40 [ 11.474318] kasan_save_alloc_info+0x3b/0x50 [ 11.474521] __kasan_kmalloc+0xb7/0xc0 [ 11.474710] __kmalloc_cache_noprof+0x189/0x420 [ 11.474917] kmalloc_big_oob_right+0xa9/0x370 [ 11.475080] kunit_try_run_case+0x1a5/0x480 [ 11.475228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.475503] kthread+0x337/0x6f0 [ 11.475692] ret_from_fork+0x116/0x1d0 [ 11.475878] ret_from_fork_asm+0x1a/0x30 [ 11.476078] [ 11.476173] The buggy address belongs to the object at ffff888102bb4000 [ 11.476173] which belongs to the cache kmalloc-8k of size 8192 [ 11.476754] The buggy address is located 0 bytes to the right of [ 11.476754] allocated 7936-byte region [ffff888102bb4000, ffff888102bb5f00) [ 11.477135] [ 11.477209] The buggy address belongs to the physical page: [ 11.477385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bb0 [ 11.477747] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.478077] flags: 0x200000000000040(head|node=0|zone=2) [ 11.478404] page_type: f5(slab) [ 11.478543] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.478874] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.479113] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.479347] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.479878] head: 0200000000000003 ffffea00040aec01 00000000ffffffff 00000000ffffffff [ 11.480222] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.480775] page dumped because: kasan: bad access detected [ 11.481042] [ 11.481143] Memory state around the buggy address: [ 11.481358] ffff888102bb5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.482031] ffff888102bb5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.482497] >ffff888102bb5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.482978] ^ [ 11.483123] ffff888102bb5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.483339] ffff888102bb6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.484127] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.439591] ================================================================== [ 11.439902] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.440246] Write of size 1 at addr ffff8881026ce778 by task kunit_try_catch/160 [ 11.440742] [ 11.440838] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.440880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.440890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.440910] Call Trace: [ 11.440921] <TASK> [ 11.440934] dump_stack_lvl+0x73/0xb0 [ 11.440962] print_report+0xd1/0x610 [ 11.440985] ? __virt_addr_valid+0x1db/0x2d0 [ 11.441006] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.441032] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.441054] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.441080] kasan_report+0x141/0x180 [ 11.441102] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.441137] __asan_report_store1_noabort+0x1b/0x30 [ 11.441162] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.441187] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.441213] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.441237] ? trace_hardirqs_on+0x37/0xe0 [ 11.441260] ? __pfx_read_tsc+0x10/0x10 [ 11.441280] ? ktime_get_ts64+0x86/0x230 [ 11.441304] kunit_try_run_case+0x1a5/0x480 [ 11.441327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.441351] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.441376] ? __kthread_parkme+0x82/0x180 [ 11.441395] ? preempt_count_sub+0x50/0x80 [ 11.441672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.441697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.441722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.441745] kthread+0x337/0x6f0 [ 11.441765] ? trace_preempt_on+0x20/0xc0 [ 11.441787] ? __pfx_kthread+0x10/0x10 [ 11.441807] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.441829] ? calculate_sigpending+0x7b/0xa0 [ 11.441854] ? __pfx_kthread+0x10/0x10 [ 11.441875] ret_from_fork+0x116/0x1d0 [ 11.441893] ? __pfx_kthread+0x10/0x10 [ 11.441913] ret_from_fork_asm+0x1a/0x30 [ 11.441945] </TASK> [ 11.441955] [ 11.449297] Allocated by task 160: [ 11.449660] kasan_save_stack+0x45/0x70 [ 11.449814] kasan_save_track+0x18/0x40 [ 11.450011] kasan_save_alloc_info+0x3b/0x50 [ 11.450201] __kasan_kmalloc+0xb7/0xc0 [ 11.450380] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.450577] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.450753] kunit_try_run_case+0x1a5/0x480 [ 11.450898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.451074] kthread+0x337/0x6f0 [ 11.451194] ret_from_fork+0x116/0x1d0 [ 11.451327] ret_from_fork_asm+0x1a/0x30 [ 11.451662] [ 11.451761] The buggy address belongs to the object at ffff8881026ce700 [ 11.451761] which belongs to the cache kmalloc-128 of size 128 [ 11.452289] The buggy address is located 0 bytes to the right of [ 11.452289] allocated 120-byte region [ffff8881026ce700, ffff8881026ce778) [ 11.453231] [ 11.453307] The buggy address belongs to the physical page: [ 11.453671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 11.454014] flags: 0x200000000000000(node=0|zone=2) [ 11.454228] page_type: f5(slab) [ 11.454404] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.454921] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.455167] page dumped because: kasan: bad access detected [ 11.455340] [ 11.455409] Memory state around the buggy address: [ 11.455734] ffff8881026ce600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.456052] ffff8881026ce680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.456582] >ffff8881026ce700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.456898] ^ [ 11.457218] ffff8881026ce780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.457557] ffff8881026ce800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.457866] ================================================================== [ 11.419847] ================================================================== [ 11.420305] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.420707] Write of size 1 at addr ffff8881026ce678 by task kunit_try_catch/160 [ 11.421186] [ 11.421303] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.421345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.421357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.421377] Call Trace: [ 11.421388] <TASK> [ 11.421402] dump_stack_lvl+0x73/0xb0 [ 11.421431] print_report+0xd1/0x610 [ 11.421479] ? __virt_addr_valid+0x1db/0x2d0 [ 11.421502] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.421527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.421549] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.421575] kasan_report+0x141/0x180 [ 11.421656] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.421692] __asan_report_store1_noabort+0x1b/0x30 [ 11.421717] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.421742] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.421768] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.421793] ? trace_hardirqs_on+0x37/0xe0 [ 11.421816] ? __pfx_read_tsc+0x10/0x10 [ 11.421837] ? ktime_get_ts64+0x86/0x230 [ 11.421861] kunit_try_run_case+0x1a5/0x480 [ 11.421885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.421909] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.421934] ? __kthread_parkme+0x82/0x180 [ 11.421955] ? preempt_count_sub+0x50/0x80 [ 11.421979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.422003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.422026] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.422050] kthread+0x337/0x6f0 [ 11.422068] ? trace_preempt_on+0x20/0xc0 [ 11.422090] ? __pfx_kthread+0x10/0x10 [ 11.422110] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.422131] ? calculate_sigpending+0x7b/0xa0 [ 11.422154] ? __pfx_kthread+0x10/0x10 [ 11.422176] ret_from_fork+0x116/0x1d0 [ 11.422194] ? __pfx_kthread+0x10/0x10 [ 11.422215] ret_from_fork_asm+0x1a/0x30 [ 11.422248] </TASK> [ 11.422257] [ 11.429806] Allocated by task 160: [ 11.429949] kasan_save_stack+0x45/0x70 [ 11.430193] kasan_save_track+0x18/0x40 [ 11.430393] kasan_save_alloc_info+0x3b/0x50 [ 11.430747] __kasan_kmalloc+0xb7/0xc0 [ 11.431011] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.431192] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.431364] kunit_try_run_case+0x1a5/0x480 [ 11.431675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.431944] kthread+0x337/0x6f0 [ 11.432114] ret_from_fork+0x116/0x1d0 [ 11.432307] ret_from_fork_asm+0x1a/0x30 [ 11.432709] [ 11.432810] The buggy address belongs to the object at ffff8881026ce600 [ 11.432810] which belongs to the cache kmalloc-128 of size 128 [ 11.433359] The buggy address is located 0 bytes to the right of [ 11.433359] allocated 120-byte region [ffff8881026ce600, ffff8881026ce678) [ 11.433983] [ 11.434084] The buggy address belongs to the physical page: [ 11.434325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ce [ 11.434723] flags: 0x200000000000000(node=0|zone=2) [ 11.434897] page_type: f5(slab) [ 11.435025] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.435265] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.435593] page dumped because: kasan: bad access detected [ 11.436202] [ 11.436392] Memory state around the buggy address: [ 11.436704] ffff8881026ce500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.437010] ffff8881026ce580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.437242] >ffff8881026ce600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.437724] ^ [ 11.438051] ffff8881026ce680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.438371] ffff8881026ce700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.438976] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.391346] ================================================================== [ 11.392070] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.392429] Read of size 1 at addr ffff888102b83000 by task kunit_try_catch/158 [ 11.392899] [ 11.393151] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.393301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.393313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.393334] Call Trace: [ 11.393344] <TASK> [ 11.393358] dump_stack_lvl+0x73/0xb0 [ 11.393388] print_report+0xd1/0x610 [ 11.393411] ? __virt_addr_valid+0x1db/0x2d0 [ 11.393433] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.393580] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.393604] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.393628] kasan_report+0x141/0x180 [ 11.393650] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.393687] __asan_report_load1_noabort+0x18/0x20 [ 11.393710] kmalloc_node_oob_right+0x369/0x3c0 [ 11.393735] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.393760] ? __schedule+0x10cc/0x2b60 [ 11.393808] ? __pfx_read_tsc+0x10/0x10 [ 11.393829] ? ktime_get_ts64+0x86/0x230 [ 11.393854] kunit_try_run_case+0x1a5/0x480 [ 11.393896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.393918] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.393942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.393966] ? __kthread_parkme+0x82/0x180 [ 11.393985] ? preempt_count_sub+0x50/0x80 [ 11.394009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.394032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.394055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.394079] kthread+0x337/0x6f0 [ 11.394097] ? trace_preempt_on+0x20/0xc0 [ 11.394120] ? __pfx_kthread+0x10/0x10 [ 11.394140] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.394161] ? calculate_sigpending+0x7b/0xa0 [ 11.394184] ? __pfx_kthread+0x10/0x10 [ 11.394205] ret_from_fork+0x116/0x1d0 [ 11.394223] ? __pfx_kthread+0x10/0x10 [ 11.394243] ret_from_fork_asm+0x1a/0x30 [ 11.394275] </TASK> [ 11.394284] [ 11.404919] Allocated by task 158: [ 11.405100] kasan_save_stack+0x45/0x70 [ 11.405302] kasan_save_track+0x18/0x40 [ 11.405499] kasan_save_alloc_info+0x3b/0x50 [ 11.405726] __kasan_kmalloc+0xb7/0xc0 [ 11.405972] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.406540] kmalloc_node_oob_right+0xab/0x3c0 [ 11.406730] kunit_try_run_case+0x1a5/0x480 [ 11.406911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.407186] kthread+0x337/0x6f0 [ 11.407338] ret_from_fork+0x116/0x1d0 [ 11.407609] ret_from_fork_asm+0x1a/0x30 [ 11.407882] [ 11.407968] The buggy address belongs to the object at ffff888102b82000 [ 11.407968] which belongs to the cache kmalloc-4k of size 4096 [ 11.408664] The buggy address is located 0 bytes to the right of [ 11.408664] allocated 4096-byte region [ffff888102b82000, ffff888102b83000) [ 11.409203] [ 11.409320] The buggy address belongs to the physical page: [ 11.409650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b80 [ 11.410159] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.410781] flags: 0x200000000000040(head|node=0|zone=2) [ 11.411061] page_type: f5(slab) [ 11.411188] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.411619] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.411981] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.412242] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.412789] head: 0200000000000003 ffffea00040ae001 00000000ffffffff 00000000ffffffff [ 11.413090] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.413366] page dumped because: kasan: bad access detected [ 11.413639] [ 11.413735] Memory state around the buggy address: [ 11.414081] ffff888102b82f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.414304] ffff888102b82f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.414630] >ffff888102b83000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.414953] ^ [ 11.415065] ffff888102b83080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.415370] ffff888102b83100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.415715] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.355224] ================================================================== [ 11.355905] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.356200] Read of size 1 at addr ffff8881016842bf by task kunit_try_catch/156 [ 11.356923] [ 11.357053] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.357103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.357115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.357141] Call Trace: [ 11.357154] <TASK> [ 11.357171] dump_stack_lvl+0x73/0xb0 [ 11.357203] print_report+0xd1/0x610 [ 11.357225] ? __virt_addr_valid+0x1db/0x2d0 [ 11.357248] ? kmalloc_oob_left+0x361/0x3c0 [ 11.357268] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.357291] ? kmalloc_oob_left+0x361/0x3c0 [ 11.357312] kasan_report+0x141/0x180 [ 11.357333] ? kmalloc_oob_left+0x361/0x3c0 [ 11.357360] __asan_report_load1_noabort+0x18/0x20 [ 11.357384] kmalloc_oob_left+0x361/0x3c0 [ 11.357405] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.357465] ? __schedule+0x10cc/0x2b60 [ 11.357488] ? __pfx_read_tsc+0x10/0x10 [ 11.357509] ? ktime_get_ts64+0x86/0x230 [ 11.357534] kunit_try_run_case+0x1a5/0x480 [ 11.357559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.357581] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.357604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.357645] ? __kthread_parkme+0x82/0x180 [ 11.357665] ? preempt_count_sub+0x50/0x80 [ 11.357690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.357713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.357736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.357760] kthread+0x337/0x6f0 [ 11.357779] ? trace_preempt_on+0x20/0xc0 [ 11.357801] ? __pfx_kthread+0x10/0x10 [ 11.357821] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.357842] ? calculate_sigpending+0x7b/0xa0 [ 11.357866] ? __pfx_kthread+0x10/0x10 [ 11.357886] ret_from_fork+0x116/0x1d0 [ 11.357904] ? __pfx_kthread+0x10/0x10 [ 11.357924] ret_from_fork_asm+0x1a/0x30 [ 11.357956] </TASK> [ 11.357967] [ 11.365811] Allocated by task 41: [ 11.366025] kasan_save_stack+0x45/0x70 [ 11.366224] kasan_save_track+0x18/0x40 [ 11.366398] kasan_save_alloc_info+0x3b/0x50 [ 11.366788] __kasan_kmalloc+0xb7/0xc0 [ 11.366932] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.367195] kvasprintf+0xc5/0x150 [ 11.367392] kasprintf+0xb6/0xf0 [ 11.367702] input_devnode+0x46/0x80 [ 11.367904] device_get_devnode+0x145/0x2a0 [ 11.368110] dev_uevent+0x41c/0x730 [ 11.368301] kobject_uevent_env+0x50d/0xff0 [ 11.368587] kobject_uevent+0xf/0x20 [ 11.368775] device_add+0xe4c/0x1820 [ 11.368905] cdev_device_add+0xab/0x1c0 [ 11.369190] evdev_connect+0x356/0x480 [ 11.369408] input_attach_handler.isra.0+0x117/0x1f0 [ 11.369667] input_register_device+0x722/0xe10 [ 11.369875] psmouse_connect+0x6ed/0xe30 [ 11.370119] serio_driver_probe+0x7a/0xb0 [ 11.370377] really_probe+0x1d4/0x920 [ 11.370575] __driver_probe_device+0x18f/0x3e0 [ 11.370757] driver_probe_device+0x4f/0x130 [ 11.370895] __driver_attach+0x1eb/0x4b0 [ 11.371026] bus_for_each_dev+0x10f/0x1a0 [ 11.371376] driver_attach+0x41/0x60 [ 11.371713] serio_handle_event+0x254/0x940 [ 11.371944] process_one_work+0x5ee/0xf60 [ 11.372166] worker_thread+0x758/0x1220 [ 11.372376] kthread+0x337/0x6f0 [ 11.372625] ret_from_fork+0x116/0x1d0 [ 11.372758] ret_from_fork_asm+0x1a/0x30 [ 11.372935] [ 11.373076] Freed by task 41: [ 11.373255] kasan_save_stack+0x45/0x70 [ 11.373480] kasan_save_track+0x18/0x40 [ 11.373713] kasan_save_free_info+0x3f/0x60 [ 11.373922] __kasan_slab_free+0x56/0x70 [ 11.374097] kfree+0x222/0x3f0 [ 11.374255] dev_uevent+0x466/0x730 [ 11.374481] kobject_uevent_env+0x50d/0xff0 [ 11.374715] kobject_uevent+0xf/0x20 [ 11.374865] device_add+0xe4c/0x1820 [ 11.375041] cdev_device_add+0xab/0x1c0 [ 11.375246] evdev_connect+0x356/0x480 [ 11.375493] input_attach_handler.isra.0+0x117/0x1f0 [ 11.375731] input_register_device+0x722/0xe10 [ 11.375933] psmouse_connect+0x6ed/0xe30 [ 11.376116] serio_driver_probe+0x7a/0xb0 [ 11.376321] really_probe+0x1d4/0x920 [ 11.376560] __driver_probe_device+0x18f/0x3e0 [ 11.376795] driver_probe_device+0x4f/0x130 [ 11.376982] __driver_attach+0x1eb/0x4b0 [ 11.377166] bus_for_each_dev+0x10f/0x1a0 [ 11.377372] driver_attach+0x41/0x60 [ 11.377631] serio_handle_event+0x254/0x940 [ 11.377836] process_one_work+0x5ee/0xf60 [ 11.378014] worker_thread+0x758/0x1220 [ 11.378203] kthread+0x337/0x6f0 [ 11.378367] ret_from_fork+0x116/0x1d0 [ 11.378805] ret_from_fork_asm+0x1a/0x30 [ 11.378987] [ 11.379076] The buggy address belongs to the object at ffff8881016842a0 [ 11.379076] which belongs to the cache kmalloc-16 of size 16 [ 11.379684] The buggy address is located 15 bytes to the right of [ 11.379684] allocated 16-byte region [ffff8881016842a0, ffff8881016842b0) [ 11.380220] [ 11.380319] The buggy address belongs to the physical page: [ 11.380680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101684 [ 11.380996] flags: 0x200000000000000(node=0|zone=2) [ 11.381206] page_type: f5(slab) [ 11.381382] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.381851] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.382131] page dumped because: kasan: bad access detected [ 11.382387] [ 11.382493] Memory state around the buggy address: [ 11.382717] ffff888101684180: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 11.383023] ffff888101684200: 00 02 fc fc 00 02 fc fc 00 06 fc fc 00 06 fc fc [ 11.383355] >ffff888101684280: fa fb fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 11.383847] ^ [ 11.384101] ffff888101684300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.384399] ffff888101684380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.384724] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.334605] ================================================================== [ 11.334945] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.335275] Read of size 1 at addr ffff888102ae1080 by task kunit_try_catch/154 [ 11.336007] [ 11.336124] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.336204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.336215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.336361] Call Trace: [ 11.336374] <TASK> [ 11.336388] dump_stack_lvl+0x73/0xb0 [ 11.336415] print_report+0xd1/0x610 [ 11.336446] ? __virt_addr_valid+0x1db/0x2d0 [ 11.336468] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.336489] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.336511] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.336532] kasan_report+0x141/0x180 [ 11.336553] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.336579] __asan_report_load1_noabort+0x18/0x20 [ 11.336603] kmalloc_oob_right+0x68a/0x7f0 [ 11.336625] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.336646] ? __schedule+0x10cc/0x2b60 [ 11.336669] ? __pfx_read_tsc+0x10/0x10 [ 11.336688] ? ktime_get_ts64+0x86/0x230 [ 11.336712] kunit_try_run_case+0x1a5/0x480 [ 11.336735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.336756] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.336779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.336802] ? __kthread_parkme+0x82/0x180 [ 11.336821] ? preempt_count_sub+0x50/0x80 [ 11.336844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.336867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.336890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.336913] kthread+0x337/0x6f0 [ 11.336930] ? trace_preempt_on+0x20/0xc0 [ 11.336952] ? __pfx_kthread+0x10/0x10 [ 11.336972] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.336992] ? calculate_sigpending+0x7b/0xa0 [ 11.337015] ? __pfx_kthread+0x10/0x10 [ 11.337035] ret_from_fork+0x116/0x1d0 [ 11.337052] ? __pfx_kthread+0x10/0x10 [ 11.337071] ret_from_fork_asm+0x1a/0x30 [ 11.337103] </TASK> [ 11.337112] [ 11.343870] Allocated by task 154: [ 11.344048] kasan_save_stack+0x45/0x70 [ 11.344198] kasan_save_track+0x18/0x40 [ 11.344329] kasan_save_alloc_info+0x3b/0x50 [ 11.344484] __kasan_kmalloc+0xb7/0xc0 [ 11.344613] __kmalloc_cache_noprof+0x189/0x420 [ 11.344761] kmalloc_oob_right+0xa9/0x7f0 [ 11.344950] kunit_try_run_case+0x1a5/0x480 [ 11.345154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.345397] kthread+0x337/0x6f0 [ 11.345588] ret_from_fork+0x116/0x1d0 [ 11.345768] ret_from_fork_asm+0x1a/0x30 [ 11.345927] [ 11.345993] The buggy address belongs to the object at ffff888102ae1000 [ 11.345993] which belongs to the cache kmalloc-128 of size 128 [ 11.346578] The buggy address is located 13 bytes to the right of [ 11.346578] allocated 115-byte region [ffff888102ae1000, ffff888102ae1073) [ 11.347138] [ 11.347221] The buggy address belongs to the physical page: [ 11.347386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 11.347868] flags: 0x200000000000000(node=0|zone=2) [ 11.348116] page_type: f5(slab) [ 11.348279] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.348638] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.348866] page dumped because: kasan: bad access detected [ 11.349030] [ 11.349122] Memory state around the buggy address: [ 11.349377] ffff888102ae0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.349911] ffff888102ae1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.350256] >ffff888102ae1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.350547] ^ [ 11.350715] ffff888102ae1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.350953] ffff888102ae1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.351157] ================================================================== [ 11.306342] ================================================================== [ 11.306932] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.307387] Write of size 1 at addr ffff888102ae1078 by task kunit_try_catch/154 [ 11.308161] [ 11.308389] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.308479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.308491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.308512] Call Trace: [ 11.308526] <TASK> [ 11.308544] dump_stack_lvl+0x73/0xb0 [ 11.308574] print_report+0xd1/0x610 [ 11.308595] ? __virt_addr_valid+0x1db/0x2d0 [ 11.308618] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.308638] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.308660] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.308681] kasan_report+0x141/0x180 [ 11.308703] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.308729] __asan_report_store1_noabort+0x1b/0x30 [ 11.308753] kmalloc_oob_right+0x6bd/0x7f0 [ 11.308775] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.308796] ? __schedule+0x10cc/0x2b60 [ 11.308819] ? __pfx_read_tsc+0x10/0x10 [ 11.308839] ? ktime_get_ts64+0x86/0x230 [ 11.308864] kunit_try_run_case+0x1a5/0x480 [ 11.308888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.308909] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.308932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.308955] ? __kthread_parkme+0x82/0x180 [ 11.308974] ? preempt_count_sub+0x50/0x80 [ 11.308998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.309021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.309044] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.309067] kthread+0x337/0x6f0 [ 11.309085] ? trace_preempt_on+0x20/0xc0 [ 11.309108] ? __pfx_kthread+0x10/0x10 [ 11.310302] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.310332] ? calculate_sigpending+0x7b/0xa0 [ 11.310357] ? __pfx_kthread+0x10/0x10 [ 11.310379] ret_from_fork+0x116/0x1d0 [ 11.310398] ? __pfx_kthread+0x10/0x10 [ 11.310459] ret_from_fork_asm+0x1a/0x30 [ 11.310492] </TASK> [ 11.310502] [ 11.323089] Allocated by task 154: [ 11.323802] kasan_save_stack+0x45/0x70 [ 11.324015] kasan_save_track+0x18/0x40 [ 11.324197] kasan_save_alloc_info+0x3b/0x50 [ 11.324406] __kasan_kmalloc+0xb7/0xc0 [ 11.324642] __kmalloc_cache_noprof+0x189/0x420 [ 11.324841] kmalloc_oob_right+0xa9/0x7f0 [ 11.325140] kunit_try_run_case+0x1a5/0x480 [ 11.325318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.325721] kthread+0x337/0x6f0 [ 11.325862] ret_from_fork+0x116/0x1d0 [ 11.326054] ret_from_fork_asm+0x1a/0x30 [ 11.326254] [ 11.326327] The buggy address belongs to the object at ffff888102ae1000 [ 11.326327] which belongs to the cache kmalloc-128 of size 128 [ 11.326971] The buggy address is located 5 bytes to the right of [ 11.326971] allocated 115-byte region [ffff888102ae1000, ffff888102ae1073) [ 11.327837] [ 11.327970] The buggy address belongs to the physical page: [ 11.328218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 11.328717] flags: 0x200000000000000(node=0|zone=2) [ 11.328932] page_type: f5(slab) [ 11.329103] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.329349] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.329849] page dumped because: kasan: bad access detected [ 11.330065] [ 11.330158] Memory state around the buggy address: [ 11.330366] ffff888102ae0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.331378] ffff888102ae0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.331834] >ffff888102ae1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.332261] ^ [ 11.332881] ffff888102ae1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.333310] ffff888102ae1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.333848] ================================================================== [ 11.272604] ================================================================== [ 11.273163] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.275197] Write of size 1 at addr ffff888102ae1073 by task kunit_try_catch/154 [ 11.276178] [ 11.277384] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.277928] Tainted: [N]=TEST [ 11.277961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.278180] Call Trace: [ 11.278246] <TASK> [ 11.278386] dump_stack_lvl+0x73/0xb0 [ 11.278585] print_report+0xd1/0x610 [ 11.278614] ? __virt_addr_valid+0x1db/0x2d0 [ 11.278639] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.278659] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.278681] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.278703] kasan_report+0x141/0x180 [ 11.278724] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.278750] __asan_report_store1_noabort+0x1b/0x30 [ 11.278774] kmalloc_oob_right+0x6f0/0x7f0 [ 11.278795] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.278817] ? __schedule+0x10cc/0x2b60 [ 11.278840] ? __pfx_read_tsc+0x10/0x10 [ 11.278861] ? ktime_get_ts64+0x86/0x230 [ 11.278887] kunit_try_run_case+0x1a5/0x480 [ 11.278913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.278934] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.278958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.278980] ? __kthread_parkme+0x82/0x180 [ 11.279001] ? preempt_count_sub+0x50/0x80 [ 11.279025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.279048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.279071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.279094] kthread+0x337/0x6f0 [ 11.279113] ? trace_preempt_on+0x20/0xc0 [ 11.279136] ? __pfx_kthread+0x10/0x10 [ 11.279155] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.279176] ? calculate_sigpending+0x7b/0xa0 [ 11.279201] ? __pfx_kthread+0x10/0x10 [ 11.279221] ret_from_fork+0x116/0x1d0 [ 11.279239] ? __pfx_kthread+0x10/0x10 [ 11.279258] ret_from_fork_asm+0x1a/0x30 [ 11.279315] </TASK> [ 11.279378] [ 11.288976] Allocated by task 154: [ 11.289613] kasan_save_stack+0x45/0x70 [ 11.289848] kasan_save_track+0x18/0x40 [ 11.290029] kasan_save_alloc_info+0x3b/0x50 [ 11.290223] __kasan_kmalloc+0xb7/0xc0 [ 11.290398] __kmalloc_cache_noprof+0x189/0x420 [ 11.290964] kmalloc_oob_right+0xa9/0x7f0 [ 11.291284] kunit_try_run_case+0x1a5/0x480 [ 11.291694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.292091] kthread+0x337/0x6f0 [ 11.292260] ret_from_fork+0x116/0x1d0 [ 11.292643] ret_from_fork_asm+0x1a/0x30 [ 11.293146] [ 11.293331] The buggy address belongs to the object at ffff888102ae1000 [ 11.293331] which belongs to the cache kmalloc-128 of size 128 [ 11.294060] The buggy address is located 0 bytes to the right of [ 11.294060] allocated 115-byte region [ffff888102ae1000, ffff888102ae1073) [ 11.294906] [ 11.295224] The buggy address belongs to the physical page: [ 11.295626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae1 [ 11.296106] flags: 0x200000000000000(node=0|zone=2) [ 11.297329] page_type: f5(slab) [ 11.298315] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.298939] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.299344] page dumped because: kasan: bad access detected [ 11.299891] [ 11.300163] Memory state around the buggy address: [ 11.300878] ffff888102ae0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.301164] ffff888102ae0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.301670] >ffff888102ae1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.302134] ^ [ 11.302883] ffff888102ae1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.303319] ffff888102ae1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.304175] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 140.335763] WARNING: CPU: 0 PID: 2764 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 140.336318] Modules linked in: [ 140.336623] CPU: 0 UID: 0 PID: 2764 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.337655] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.338169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.338648] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 140.339131] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.340135] RSP: 0000:ffff88810ae07c78 EFLAGS: 00010286 [ 140.340318] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 140.340876] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa8833bfc [ 140.341588] RBP: ffff88810ae07ca0 R08: 0000000000000000 R09: ffffed102073f240 [ 140.342073] R10: ffff8881039f9207 R11: 0000000000000000 R12: ffffffffa8833be8 [ 140.342292] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810ae07d38 [ 140.343037] FS: 0000000000000000(0000) GS:ffff8881aa072000(0000) knlGS:0000000000000000 [ 140.343840] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.344508] CR2: 00007ffff7ffe000 CR3: 000000015e8bc000 CR4: 00000000000006f0 [ 140.345099] DR0: ffffffffaa852440 DR1: ffffffffaa852441 DR2: ffffffffaa852443 [ 140.345314] DR3: ffffffffaa852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.345911] Call Trace: [ 140.346178] <TASK> [ 140.346395] drm_test_rect_calc_vscale+0x108/0x270 [ 140.347017] ? __kasan_check_write+0x18/0x20 [ 140.347324] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 140.347859] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 140.348200] ? trace_hardirqs_on+0x37/0xe0 [ 140.348355] ? __pfx_read_tsc+0x10/0x10 [ 140.348895] ? ktime_get_ts64+0x86/0x230 [ 140.349285] kunit_try_run_case+0x1a5/0x480 [ 140.349824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.350247] ? queued_spin_lock_slowpath+0x116/0xb40 [ 140.350589] ? __kthread_parkme+0x82/0x180 [ 140.351055] ? preempt_count_sub+0x50/0x80 [ 140.351570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.351822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.351996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.352184] kthread+0x337/0x6f0 [ 140.352304] ? trace_preempt_on+0x20/0xc0 [ 140.352485] ? __pfx_kthread+0x10/0x10 [ 140.352618] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.353015] ? calculate_sigpending+0x7b/0xa0 [ 140.353260] ? __pfx_kthread+0x10/0x10 [ 140.353536] ret_from_fork+0x116/0x1d0 [ 140.353719] ? __pfx_kthread+0x10/0x10 [ 140.353853] ret_from_fork_asm+0x1a/0x30 [ 140.354064] </TASK> [ 140.354194] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.358139] WARNING: CPU: 0 PID: 2766 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 140.358733] Modules linked in: [ 140.358897] CPU: 0 UID: 0 PID: 2766 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.359317] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.359543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.360033] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 140.360287] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.361034] RSP: 0000:ffff88810ae77c78 EFLAGS: 00010286 [ 140.361376] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 140.361940] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa8833c34 [ 140.362656] RBP: ffff88810ae77ca0 R08: 0000000000000000 R09: ffffed102073f280 [ 140.363053] R10: ffff8881039f9407 R11: 0000000000000000 R12: ffffffffa8833c20 [ 140.363571] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810ae77d38 [ 140.363968] FS: 0000000000000000(0000) GS:ffff8881aa072000(0000) knlGS:0000000000000000 [ 140.364393] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.364942] CR2: 00007ffff7ffe000 CR3: 000000015e8bc000 CR4: 00000000000006f0 [ 140.365354] DR0: ffffffffaa852440 DR1: ffffffffaa852441 DR2: ffffffffaa852443 [ 140.365955] DR3: ffffffffaa852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.366620] Call Trace: [ 140.366731] <TASK> [ 140.366892] drm_test_rect_calc_vscale+0x108/0x270 [ 140.367129] ? __kasan_check_write+0x18/0x20 [ 140.367328] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 140.368005] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 140.368233] ? trace_hardirqs_on+0x37/0xe0 [ 140.368538] ? __pfx_read_tsc+0x10/0x10 [ 140.368864] ? ktime_get_ts64+0x86/0x230 [ 140.369146] kunit_try_run_case+0x1a5/0x480 [ 140.369333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.369771] ? queued_spin_lock_slowpath+0x116/0xb40 [ 140.370023] ? __kthread_parkme+0x82/0x180 [ 140.370388] ? preempt_count_sub+0x50/0x80 [ 140.370812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.371232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.371673] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.371949] kthread+0x337/0x6f0 [ 140.372108] ? trace_preempt_on+0x20/0xc0 [ 140.372296] ? __pfx_kthread+0x10/0x10 [ 140.372592] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.372796] ? calculate_sigpending+0x7b/0xa0 [ 140.373011] ? __pfx_kthread+0x10/0x10 [ 140.373200] ret_from_fork+0x116/0x1d0 [ 140.373364] ? __pfx_kthread+0x10/0x10 [ 140.373686] ret_from_fork_asm+0x1a/0x30 [ 140.374021] </TASK> [ 140.374118] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 140.286803] WARNING: CPU: 1 PID: 2752 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 140.287934] Modules linked in: [ 140.288360] CPU: 1 UID: 0 PID: 2752 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.289323] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.289608] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.290605] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 140.291118] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.292291] RSP: 0000:ffff888102137c78 EFLAGS: 00010286 [ 140.292940] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 140.293169] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa8833c00 [ 140.293384] RBP: ffff888102137ca0 R08: 0000000000000000 R09: ffffed1020191940 [ 140.294325] R10: ffff888100c8ca07 R11: 0000000000000000 R12: ffffffffa8833be8 [ 140.295051] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102137d38 [ 140.295648] FS: 0000000000000000(0000) GS:ffff8881aa172000(0000) knlGS:0000000000000000 [ 140.295892] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.296074] CR2: 00007ffff7ffd000 CR3: 000000015e8bc000 CR4: 00000000000006f0 [ 140.296288] DR0: ffffffffaa852444 DR1: ffffffffaa852449 DR2: ffffffffaa85244a [ 140.296567] DR3: ffffffffaa85244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.296895] Call Trace: [ 140.297037] <TASK> [ 140.297183] drm_test_rect_calc_hscale+0x108/0x270 [ 140.297483] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 140.297753] ? __schedule+0x10cc/0x2b60 [ 140.297928] ? __pfx_read_tsc+0x10/0x10 [ 140.298082] ? ktime_get_ts64+0x86/0x230 [ 140.298291] kunit_try_run_case+0x1a5/0x480 [ 140.298795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.299033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.299201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.299492] ? __kthread_parkme+0x82/0x180 [ 140.299776] ? preempt_count_sub+0x50/0x80 [ 140.299965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.300134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.300462] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.300814] kthread+0x337/0x6f0 [ 140.300996] ? trace_preempt_on+0x20/0xc0 [ 140.301173] ? __pfx_kthread+0x10/0x10 [ 140.301312] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.301510] ? calculate_sigpending+0x7b/0xa0 [ 140.301767] ? __pfx_kthread+0x10/0x10 [ 140.302093] ret_from_fork+0x116/0x1d0 [ 140.302509] ? __pfx_kthread+0x10/0x10 [ 140.302818] ret_from_fork_asm+0x1a/0x30 [ 140.303043] </TASK> [ 140.303165] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.306388] WARNING: CPU: 0 PID: 2754 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 140.306973] Modules linked in: [ 140.307140] CPU: 0 UID: 0 PID: 2754 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.307811] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.308021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.308540] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 140.308753] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.309634] RSP: 0000:ffff88810af3fc78 EFLAGS: 00010286 [ 140.309841] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 140.310146] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa8833c38 [ 140.310683] RBP: ffff88810af3fca0 R08: 0000000000000000 R09: ffffed1020191980 [ 140.311004] R10: ffff888100c8cc07 R11: 0000000000000000 R12: ffffffffa8833c20 [ 140.311320] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810af3fd38 [ 140.311755] FS: 0000000000000000(0000) GS:ffff8881aa072000(0000) knlGS:0000000000000000 [ 140.312069] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.312344] CR2: 00007ffff7ffe000 CR3: 000000015e8bc000 CR4: 00000000000006f0 [ 140.312715] DR0: ffffffffaa852440 DR1: ffffffffaa852441 DR2: ffffffffaa852443 [ 140.313078] DR3: ffffffffaa852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.313320] Call Trace: [ 140.313596] <TASK> [ 140.313759] drm_test_rect_calc_hscale+0x108/0x270 [ 140.313979] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 140.314265] ? __schedule+0x10cc/0x2b60 [ 140.314729] ? __pfx_read_tsc+0x10/0x10 [ 140.314942] ? ktime_get_ts64+0x86/0x230 [ 140.315157] kunit_try_run_case+0x1a5/0x480 [ 140.315363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.315616] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.316003] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.316240] ? __kthread_parkme+0x82/0x180 [ 140.316603] ? preempt_count_sub+0x50/0x80 [ 140.317049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.317241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.318041] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.318707] kthread+0x337/0x6f0 [ 140.319200] ? trace_preempt_on+0x20/0xc0 [ 140.319695] ? __pfx_kthread+0x10/0x10 [ 140.319956] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.320157] ? calculate_sigpending+0x7b/0xa0 [ 140.320356] ? __pfx_kthread+0x10/0x10 [ 140.320923] ret_from_fork+0x116/0x1d0 [ 140.321201] ? __pfx_kthread+0x10/0x10 [ 140.321706] ret_from_fork_asm+0x1a/0x30 [ 140.321990] </TASK> [ 140.322112] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 139.671939] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 139.672038] WARNING: CPU: 0 PID: 2569 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 139.673780] Modules linked in: [ 139.674167] CPU: 0 UID: 0 PID: 2569 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.675265] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.675773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.676183] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 139.676363] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 e0 8a 7e a8 4c 89 f2 48 c7 c7 a0 87 7e a8 48 89 c6 e8 74 b8 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 139.678004] RSP: 0000:ffff88810b16fd18 EFLAGS: 00010286 [ 139.678306] RAX: 0000000000000000 RBX: ffff888108a7a000 RCX: 1ffffffff52a4cf0 [ 139.678959] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 139.679448] RBP: ffff88810b16fd48 R08: 0000000000000000 R09: fffffbfff52a4cf0 [ 139.679978] R10: 0000000000000003 R11: 0000000000039030 R12: ffff88810b0c3800 [ 139.680195] R13: ffff888108a7a0f8 R14: ffff88810a087900 R15: ffff88810039fb40 [ 139.680537] FS: 0000000000000000(0000) GS:ffff8881aa072000(0000) knlGS:0000000000000000 [ 139.681262] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.681859] CR2: 00007ffff7ffe000 CR3: 000000015e8bc000 CR4: 00000000000006f0 [ 139.682553] DR0: ffffffffaa852440 DR1: ffffffffaa852441 DR2: ffffffffaa852443 [ 139.682816] DR3: ffffffffaa852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.683399] Call Trace: [ 139.683745] <TASK> [ 139.683970] ? trace_preempt_on+0x20/0xc0 [ 139.684137] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 139.684323] drm_gem_shmem_free_wrapper+0x12/0x20 [ 139.684831] __kunit_action_free+0x57/0x70 [ 139.685258] kunit_remove_resource+0x133/0x200 [ 139.685766] ? preempt_count_sub+0x50/0x80 [ 139.686185] kunit_cleanup+0x7a/0x120 [ 139.686607] kunit_try_run_case_cleanup+0xbd/0xf0 [ 139.686992] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 139.687177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.687355] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.687836] kthread+0x337/0x6f0 [ 139.687978] ? trace_preempt_on+0x20/0xc0 [ 139.688123] ? __pfx_kthread+0x10/0x10 [ 139.688260] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.688415] ? calculate_sigpending+0x7b/0xa0 [ 139.688931] ? __pfx_kthread+0x10/0x10 [ 139.689332] ret_from_fork+0x116/0x1d0 [ 139.689805] ? __pfx_kthread+0x10/0x10 [ 139.690173] ret_from_fork_asm+0x1a/0x30 [ 139.690692] </TASK> [ 139.690978] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 139.536863] WARNING: CPU: 1 PID: 2550 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 139.538097] Modules linked in: [ 139.538259] CPU: 1 UID: 0 PID: 2550 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.538630] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.538864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.539251] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 139.539948] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 139.540899] RSP: 0000:ffff88810b0c7b20 EFLAGS: 00010246 [ 139.541270] RAX: ffff88810b0c7ba8 RBX: ffff88810b0c7c28 RCX: 1ffff11021618f8e [ 139.541811] RDX: dffffc0000000000 RSI: ffff88810afb8000 RDI: ffff88810afb8000 [ 139.542231] RBP: ffff88810b0c7b70 R08: ffff88810afb8000 R09: ffffffffa87d8e20 [ 139.542779] R10: 0000000000000003 R11: 000000001a13ae0c R12: 1ffff11021618f71 [ 139.543169] R13: ffff88810b0c7c70 R14: ffff88810b0c7db8 R15: 0000000000000000 [ 139.543453] FS: 0000000000000000(0000) GS:ffff8881aa172000(0000) knlGS:0000000000000000 [ 139.544488] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.545094] CR2: 00007ffff7ffd000 CR3: 000000015e8bc000 CR4: 00000000000006f0 [ 139.545314] DR0: ffffffffaa852444 DR1: ffffffffaa852449 DR2: ffffffffaa85244a [ 139.546179] DR3: ffffffffaa85244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.547112] Call Trace: [ 139.547495] <TASK> [ 139.547830] ? trace_preempt_on+0x20/0xc0 [ 139.548322] ? add_dr+0xc1/0x1d0 [ 139.548921] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 139.549243] ? add_dr+0x148/0x1d0 [ 139.549373] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 139.550150] ? __drmm_add_action+0x1a4/0x280 [ 139.550734] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.551111] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.551591] ? __drmm_add_action_or_reset+0x22/0x50 [ 139.552054] ? __schedule+0x10cc/0x2b60 [ 139.552199] ? __pfx_read_tsc+0x10/0x10 [ 139.552337] ? ktime_get_ts64+0x86/0x230 [ 139.552804] kunit_try_run_case+0x1a5/0x480 [ 139.553342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.553939] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.554365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.554703] ? __kthread_parkme+0x82/0x180 [ 139.554854] ? preempt_count_sub+0x50/0x80 [ 139.555000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.555158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.555330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.555539] kthread+0x337/0x6f0 [ 139.555716] ? trace_preempt_on+0x20/0xc0 [ 139.555870] ? __pfx_kthread+0x10/0x10 [ 139.556004] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.556217] ? calculate_sigpending+0x7b/0xa0 [ 139.556498] ? __pfx_kthread+0x10/0x10 [ 139.557085] ret_from_fork+0x116/0x1d0 [ 139.557307] ? __pfx_kthread+0x10/0x10 [ 139.557870] ret_from_fork_asm+0x1a/0x30 [ 139.558080] </TASK> [ 139.558190] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 139.495256] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 139.495455] WARNING: CPU: 1 PID: 2546 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 139.496103] Modules linked in: [ 139.496263] CPU: 1 UID: 0 PID: 2546 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.497521] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.498367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.499588] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 139.500165] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 c0 38 7d a8 4c 89 fa 48 c7 c7 20 39 7d a8 48 89 c6 e8 f2 de 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 139.502531] RSP: 0000:ffff88810aa37b68 EFLAGS: 00010282 [ 139.503202] RAX: 0000000000000000 RBX: ffff88810aa37c40 RCX: 1ffffffff52a4cf0 [ 139.503873] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 139.504101] RBP: ffff88810aa37b90 R08: 0000000000000000 R09: fffffbfff52a4cf0 [ 139.504315] R10: 0000000000000003 R11: 0000000000037630 R12: ffff88810aa37c18 [ 139.504558] R13: ffff88810b09d000 R14: ffff88810af6e000 R15: ffff888109af5300 [ 139.505420] FS: 0000000000000000(0000) GS:ffff8881aa172000(0000) knlGS:0000000000000000 [ 139.505859] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.506037] CR2: 00007ffff7ffd000 CR3: 000000015e8bc000 CR4: 00000000000006f0 [ 139.506241] DR0: ffffffffaa852444 DR1: ffffffffaa852449 DR2: ffffffffaa85244a [ 139.506757] DR3: ffffffffaa85244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.507733] Call Trace: [ 139.508133] <TASK> [ 139.508545] drm_test_framebuffer_free+0x1ab/0x610 [ 139.509114] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 139.509853] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.510558] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.511251] ? __drmm_add_action_or_reset+0x22/0x50 [ 139.511549] ? __schedule+0x10cc/0x2b60 [ 139.512089] ? __pfx_read_tsc+0x10/0x10 [ 139.512661] ? ktime_get_ts64+0x86/0x230 [ 139.513048] kunit_try_run_case+0x1a5/0x480 [ 139.513218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.513378] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.514074] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.514752] ? __kthread_parkme+0x82/0x180 [ 139.515290] ? preempt_count_sub+0x50/0x80 [ 139.515889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.516306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.516620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.517285] kthread+0x337/0x6f0 [ 139.517738] ? trace_preempt_on+0x20/0xc0 [ 139.518287] ? __pfx_kthread+0x10/0x10 [ 139.518760] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.519379] ? calculate_sigpending+0x7b/0xa0 [ 139.520045] ? __pfx_kthread+0x10/0x10 [ 139.520193] ret_from_fork+0x116/0x1d0 [ 139.520330] ? __pfx_kthread+0x10/0x10 [ 139.520907] ret_from_fork_asm+0x1a/0x30 [ 139.521411] </TASK> [ 139.521848] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 138.198766] WARNING: CPU: 0 PID: 1976 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.199167] Modules linked in: [ 138.199326] CPU: 0 UID: 0 PID: 1976 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 138.200415] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.200965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.201919] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.202132] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 36 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 138.202650] RSP: 0000:ffff88810a227c90 EFLAGS: 00010246 [ 138.202833] RAX: dffffc0000000000 RBX: ffff88810a0d4000 RCX: 0000000000000000 [ 138.203046] RDX: 1ffff1102141a832 RSI: ffffffffa5a067b8 RDI: ffff88810a0d4190 [ 138.203257] RBP: ffff88810a227ca0 R08: 1ffff11020073f69 R09: ffffed1021444f65 [ 138.203534] R10: 0000000000000003 R11: ffffffffa4f859b8 R12: 0000000000000000 [ 138.204110] R13: ffff88810a227d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 138.205024] FS: 0000000000000000(0000) GS:ffff8881aa072000(0000) knlGS:0000000000000000 [ 138.205983] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.206577] CR2: 00007ffff7ffe000 CR3: 000000015e8bc000 CR4: 00000000000006f0 [ 138.207319] DR0: ffffffffaa852440 DR1: ffffffffaa852441 DR2: ffffffffaa852443 [ 138.208299] DR3: ffffffffaa852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.209283] Call Trace: [ 138.209785] <TASK> [ 138.210154] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 138.211208] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 138.212146] ? __schedule+0x10cc/0x2b60 [ 138.212682] ? __pfx_read_tsc+0x10/0x10 [ 138.212840] ? ktime_get_ts64+0x86/0x230 [ 138.212990] kunit_try_run_case+0x1a5/0x480 [ 138.213153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.213314] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.213654] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.214101] ? __kthread_parkme+0x82/0x180 [ 138.214623] ? preempt_count_sub+0x50/0x80 [ 138.215199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.215794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.216286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.216909] kthread+0x337/0x6f0 [ 138.217044] ? trace_preempt_on+0x20/0xc0 [ 138.217199] ? __pfx_kthread+0x10/0x10 [ 138.217336] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.217785] ? calculate_sigpending+0x7b/0xa0 [ 138.218223] ? __pfx_kthread+0x10/0x10 [ 138.218636] ret_from_fork+0x116/0x1d0 [ 138.219040] ? __pfx_kthread+0x10/0x10 [ 138.219487] ret_from_fork_asm+0x1a/0x30 [ 138.220054] </TASK> [ 138.220154] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 138.280399] WARNING: CPU: 0 PID: 1984 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.282073] Modules linked in: [ 138.282629] CPU: 0 UID: 0 PID: 1984 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 138.283163] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.283666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.284156] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.284691] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 36 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 138.285806] RSP: 0000:ffff88810a1bfc90 EFLAGS: 00010246 [ 138.286080] RAX: dffffc0000000000 RBX: ffff88810a258000 RCX: 0000000000000000 [ 138.286909] RDX: 1ffff1102144b032 RSI: ffffffffa5a067b8 RDI: ffff88810a258190 [ 138.287339] RBP: ffff88810a1bfca0 R08: 1ffff11020073f69 R09: ffffed1021437f65 [ 138.287791] R10: 0000000000000003 R11: ffffffffa4f859b8 R12: 0000000000000000 [ 138.288060] R13: ffff88810a1bfd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 138.288335] FS: 0000000000000000(0000) GS:ffff8881aa072000(0000) knlGS:0000000000000000 [ 138.289060] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.289801] CR2: 00007ffff7ffe000 CR3: 000000015e8bc000 CR4: 00000000000006f0 [ 138.290188] DR0: ffffffffaa852440 DR1: ffffffffaa852441 DR2: ffffffffaa852443 [ 138.291020] DR3: ffffffffaa852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.291379] Call Trace: [ 138.291781] <TASK> [ 138.291910] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 138.292197] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 138.293267] ? __schedule+0x10cc/0x2b60 [ 138.293728] ? __pfx_read_tsc+0x10/0x10 [ 138.294140] ? ktime_get_ts64+0x86/0x230 [ 138.294341] kunit_try_run_case+0x1a5/0x480 [ 138.294785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.295006] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.295215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.295798] ? __kthread_parkme+0x82/0x180 [ 138.296079] ? preempt_count_sub+0x50/0x80 [ 138.296595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.296979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.297219] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.297786] kthread+0x337/0x6f0 [ 138.298108] ? trace_preempt_on+0x20/0xc0 [ 138.298778] ? __pfx_kthread+0x10/0x10 [ 138.298969] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.299158] ? calculate_sigpending+0x7b/0xa0 [ 138.299351] ? __pfx_kthread+0x10/0x10 [ 138.299865] ret_from_fork+0x116/0x1d0 [ 138.300210] ? __pfx_kthread+0x10/0x10 [ 138.300765] ret_from_fork_asm+0x1a/0x30 [ 138.301065] </TASK> [ 138.301199] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 108.208375] WARNING: CPU: 1 PID: 674 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 108.209043] Modules linked in: [ 108.209208] CPU: 1 UID: 0 PID: 674 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 108.209578] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 108.209761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.210027] RIP: 0010:intlog10+0x2a/0x40 [ 108.210179] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 47 ba 86 02 90 <0f> 0b 90 31 c0 e9 3c ba 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 108.210792] RSP: 0000:ffff8881080afcb0 EFLAGS: 00010246 [ 108.210988] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021015fb4 [ 108.212363] RDX: 1ffffffff50d2dc4 RSI: 1ffff11021015fb3 RDI: 0000000000000000 [ 108.213180] RBP: ffff8881080afd60 R08: 0000000000000000 R09: ffffed1020fb7320 [ 108.213428] R10: ffff888107db9907 R11: 0000000000000000 R12: 1ffff11021015f97 [ 108.214349] R13: ffffffffa8696e20 R14: 0000000000000000 R15: ffff8881080afd38 [ 108.215204] FS: 0000000000000000(0000) GS:ffff8881aa172000(0000) knlGS:0000000000000000 [ 108.216171] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.216484] CR2: dffffc0000000000 CR3: 000000015e8bc000 CR4: 00000000000006f0 [ 108.217085] DR0: ffffffffaa852444 DR1: ffffffffaa852449 DR2: ffffffffaa85244a [ 108.217868] DR3: ffffffffaa85244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.218391] Call Trace: [ 108.218573] <TASK> [ 108.218774] ? intlog10_test+0xf2/0x220 [ 108.219142] ? __pfx_intlog10_test+0x10/0x10 [ 108.219293] ? __schedule+0x10cc/0x2b60 [ 108.219510] ? __pfx_read_tsc+0x10/0x10 [ 108.219792] ? ktime_get_ts64+0x86/0x230 [ 108.220108] kunit_try_run_case+0x1a5/0x480 [ 108.220457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.221122] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.221295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.221500] ? __kthread_parkme+0x82/0x180 [ 108.221796] ? preempt_count_sub+0x50/0x80 [ 108.222348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.222889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.223173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.223365] kthread+0x337/0x6f0 [ 108.223847] ? trace_preempt_on+0x20/0xc0 [ 108.224242] ? __pfx_kthread+0x10/0x10 [ 108.224690] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.225190] ? calculate_sigpending+0x7b/0xa0 [ 108.225690] ? __pfx_kthread+0x10/0x10 [ 108.225840] ret_from_fork+0x116/0x1d0 [ 108.225975] ? __pfx_kthread+0x10/0x10 [ 108.226109] ret_from_fork_asm+0x1a/0x30 [ 108.226260] </TASK> [ 108.226349] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 108.172951] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 108.173364] Modules linked in: [ 108.174023] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 108.174801] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 108.175203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.175851] RIP: 0010:intlog2+0xdf/0x110 [ 108.176137] Code: 69 a8 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 6f d8 55 ff 8b 45 e4 eb [ 108.177386] RSP: 0000:ffff888108067cb0 EFLAGS: 00010246 [ 108.177840] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102100cfb4 [ 108.178273] RDX: 1ffffffff50d2e18 RSI: 1ffff1102100cfb3 RDI: 0000000000000000 [ 108.178966] RBP: ffff888108067d60 R08: 0000000000000000 R09: ffffed102087fa40 [ 108.179760] R10: ffff8881043fd207 R11: 0000000000000000 R12: 1ffff1102100cf97 [ 108.180075] R13: ffffffffa86970c0 R14: 0000000000000000 R15: ffff888108067d38 [ 108.180462] FS: 0000000000000000(0000) GS:ffff8881aa172000(0000) knlGS:0000000000000000 [ 108.180844] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.181109] CR2: dffffc0000000000 CR3: 000000015e8bc000 CR4: 00000000000006f0 [ 108.181765] DR0: ffffffffaa852444 DR1: ffffffffaa852449 DR2: ffffffffaa85244a [ 108.182062] DR3: ffffffffaa85244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.182633] Call Trace: [ 108.182745] <TASK> [ 108.183080] ? intlog2_test+0xf2/0x220 [ 108.183389] ? __pfx_intlog2_test+0x10/0x10 [ 108.183971] ? __schedule+0x10cc/0x2b60 [ 108.184307] ? __pfx_read_tsc+0x10/0x10 [ 108.184651] ? ktime_get_ts64+0x86/0x230 [ 108.184827] kunit_try_run_case+0x1a5/0x480 [ 108.185048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.185288] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.185685] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.186053] ? __kthread_parkme+0x82/0x180 [ 108.186686] ? preempt_count_sub+0x50/0x80 [ 108.186919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.187139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.187380] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.187952] kthread+0x337/0x6f0 [ 108.188171] ? trace_preempt_on+0x20/0xc0 [ 108.188337] ? __pfx_kthread+0x10/0x10 [ 108.188583] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.188801] ? calculate_sigpending+0x7b/0xa0 [ 108.189126] ? __pfx_kthread+0x10/0x10 [ 108.189320] ret_from_fork+0x116/0x1d0 [ 108.189674] ? __pfx_kthread+0x10/0x10 [ 108.189844] ret_from_fork_asm+0x1a/0x30 [ 108.190140] </TASK> [ 108.190303] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 107.603080] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI