Date
July 18, 2025, 2:09 p.m.
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.220180] ================================================================== [ 49.220693] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 49.220693] [ 49.221139] Use-after-free read at 0x(____ptrval____) (in kfence-#138): [ 49.221443] test_krealloc+0x6fc/0xbe0 [ 49.221607] kunit_try_run_case+0x1a5/0x480 [ 49.222253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.222544] kthread+0x337/0x6f0 [ 49.222711] ret_from_fork+0x116/0x1d0 [ 49.222892] ret_from_fork_asm+0x1a/0x30 [ 49.223078] [ 49.223174] kfence-#138: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.223174] [ 49.224067] allocated by task 354 on cpu 1 at 49.219382s (0.004682s ago): [ 49.224574] test_alloc+0x364/0x10f0 [ 49.224734] test_krealloc+0xad/0xbe0 [ 49.224929] kunit_try_run_case+0x1a5/0x480 [ 49.225151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.225378] kthread+0x337/0x6f0 [ 49.225504] ret_from_fork+0x116/0x1d0 [ 49.225689] ret_from_fork_asm+0x1a/0x30 [ 49.225887] [ 49.226002] freed by task 354 on cpu 1 at 49.219673s (0.006326s ago): [ 49.226241] krealloc_noprof+0x108/0x340 [ 49.226439] test_krealloc+0x226/0xbe0 [ 49.226633] kunit_try_run_case+0x1a5/0x480 [ 49.226832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.227049] kthread+0x337/0x6f0 [ 49.227171] ret_from_fork+0x116/0x1d0 [ 49.227327] ret_from_fork_asm+0x1a/0x30 [ 49.227526] [ 49.227736] CPU: 1 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 49.228180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.228373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.228834] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.331750] ================================================================== [ 18.332293] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.332293] [ 18.332681] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 18.333164] test_double_free+0x1d3/0x260 [ 18.333405] kunit_try_run_case+0x1a5/0x480 [ 18.333643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.334392] kthread+0x337/0x6f0 [ 18.334600] ret_from_fork+0x116/0x1d0 [ 18.334742] ret_from_fork_asm+0x1a/0x30 [ 18.334953] [ 18.335070] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.335070] [ 18.335844] allocated by task 320 on cpu 0 at 18.331403s (0.004438s ago): [ 18.336419] test_alloc+0x364/0x10f0 [ 18.336576] test_double_free+0xdb/0x260 [ 18.336784] kunit_try_run_case+0x1a5/0x480 [ 18.336969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.337249] kthread+0x337/0x6f0 [ 18.337399] ret_from_fork+0x116/0x1d0 [ 18.337581] ret_from_fork_asm+0x1a/0x30 [ 18.337825] [ 18.337937] freed by task 320 on cpu 0 at 18.331488s (0.006446s ago): [ 18.338214] test_double_free+0x1e0/0x260 [ 18.338405] kunit_try_run_case+0x1a5/0x480 [ 18.338611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.338856] kthread+0x337/0x6f0 [ 18.338991] ret_from_fork+0x116/0x1d0 [ 18.339199] ret_from_fork_asm+0x1a/0x30 [ 18.339365] [ 18.339544] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.339967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.340169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.340585] ================================================================== [ 18.435616] ================================================================== [ 18.436559] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.436559] [ 18.436877] Invalid free of 0x(____ptrval____) (in kfence-#79): [ 18.437147] test_double_free+0x112/0x260 [ 18.437335] kunit_try_run_case+0x1a5/0x480 [ 18.438068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.438617] kthread+0x337/0x6f0 [ 18.438787] ret_from_fork+0x116/0x1d0 [ 18.438973] ret_from_fork_asm+0x1a/0x30 [ 18.439189] [ 18.439284] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.439284] [ 18.439624] allocated by task 322 on cpu 1 at 18.435418s (0.004204s ago): [ 18.439981] test_alloc+0x2a6/0x10f0 [ 18.440231] test_double_free+0xdb/0x260 [ 18.440444] kunit_try_run_case+0x1a5/0x480 [ 18.440656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.440884] kthread+0x337/0x6f0 [ 18.441066] ret_from_fork+0x116/0x1d0 [ 18.441224] ret_from_fork_asm+0x1a/0x30 [ 18.441420] [ 18.441527] freed by task 322 on cpu 1 at 18.435481s (0.006043s ago): [ 18.441779] test_double_free+0xfa/0x260 [ 18.441989] kunit_try_run_case+0x1a5/0x480 [ 18.442194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.442407] kthread+0x337/0x6f0 [ 18.442581] ret_from_fork+0x116/0x1d0 [ 18.442772] ret_from_fork_asm+0x1a/0x30 [ 18.442958] [ 18.443085] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.443497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.443638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.443912] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.139437] ================================================================== [ 49.139867] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.139867] [ 49.140720] Use-after-free read at 0x(____ptrval____) (in kfence-#137): [ 49.141159] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.141397] kunit_try_run_case+0x1a5/0x480 [ 49.141790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.142058] kthread+0x337/0x6f0 [ 49.142258] ret_from_fork+0x116/0x1d0 [ 49.142423] ret_from_fork_asm+0x1a/0x30 [ 49.142641] [ 49.142745] kfence-#137: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 49.142745] [ 49.143148] allocated by task 352 on cpu 0 at 49.115249s (0.027898s ago): [ 49.143430] test_alloc+0x2a6/0x10f0 [ 49.143649] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 49.143861] kunit_try_run_case+0x1a5/0x480 [ 49.144049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.144307] kthread+0x337/0x6f0 [ 49.144497] ret_from_fork+0x116/0x1d0 [ 49.144670] ret_from_fork_asm+0x1a/0x30 [ 49.144839] [ 49.144964] freed by task 352 on cpu 0 at 49.115372s (0.029588s ago): [ 49.145243] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 49.145514] kunit_try_run_case+0x1a5/0x480 [ 49.145684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.145936] kthread+0x337/0x6f0 [ 49.146125] ret_from_fork+0x116/0x1d0 [ 49.146319] ret_from_fork_asm+0x1a/0x30 [ 49.146550] [ 49.146697] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 49.147179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.147377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.147724] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 24.170579] ================================================================== [ 24.171207] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 24.171207] [ 24.171799] Invalid read at 0x(____ptrval____): [ 24.172048] test_invalid_access+0xf0/0x210 [ 24.172234] kunit_try_run_case+0x1a5/0x480 [ 24.172416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.172692] kthread+0x337/0x6f0 [ 24.172855] ret_from_fork+0x116/0x1d0 [ 24.172992] ret_from_fork_asm+0x1a/0x30 [ 24.173157] [ 24.173283] CPU: 0 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.173887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.174087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.174381] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 23.947666] ================================================================== [ 23.948233] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.948233] [ 23.948659] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#132): [ 23.949283] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.949707] kunit_try_run_case+0x1a5/0x480 [ 23.949931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.950208] kthread+0x337/0x6f0 [ 23.950365] ret_from_fork+0x116/0x1d0 [ 23.950576] ret_from_fork_asm+0x1a/0x30 [ 23.950764] [ 23.950838] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.950838] [ 23.951229] allocated by task 342 on cpu 1 at 23.947400s (0.003827s ago): [ 23.951572] test_alloc+0x364/0x10f0 [ 23.951744] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 23.952188] kunit_try_run_case+0x1a5/0x480 [ 23.952397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.952627] kthread+0x337/0x6f0 [ 23.952791] ret_from_fork+0x116/0x1d0 [ 23.952964] ret_from_fork_asm+0x1a/0x30 [ 23.953174] [ 23.953285] freed by task 342 on cpu 1 at 23.947545s (0.005736s ago): [ 23.953597] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.953806] kunit_try_run_case+0x1a5/0x480 [ 23.953950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.954147] kthread+0x337/0x6f0 [ 23.954318] ret_from_fork+0x116/0x1d0 [ 23.954528] ret_from_fork_asm+0x1a/0x30 [ 23.954876] [ 23.955004] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.955540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.955759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.956143] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.843607] ================================================================== [ 23.844055] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.844055] [ 23.844407] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#131): [ 23.845306] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.845589] kunit_try_run_case+0x1a5/0x480 [ 23.845775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.846025] kthread+0x337/0x6f0 [ 23.846173] ret_from_fork+0x116/0x1d0 [ 23.846373] ret_from_fork_asm+0x1a/0x30 [ 23.846652] [ 23.846729] kfence-#131: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.846729] [ 23.847148] allocated by task 340 on cpu 0 at 23.843375s (0.003771s ago): [ 23.847411] test_alloc+0x364/0x10f0 [ 23.847582] test_kmalloc_aligned_oob_read+0x105/0x560 [ 23.848547] kunit_try_run_case+0x1a5/0x480 [ 23.848738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.849112] kthread+0x337/0x6f0 [ 23.849273] ret_from_fork+0x116/0x1d0 [ 23.849606] ret_from_fork_asm+0x1a/0x30 [ 23.849800] [ 23.850078] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.850631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.850813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.851319] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 18.747623] ================================================================== [ 18.748053] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.748053] [ 18.748467] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#82): [ 18.749196] test_corruption+0x2d2/0x3e0 [ 18.749411] kunit_try_run_case+0x1a5/0x480 [ 18.749618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.749816] kthread+0x337/0x6f0 [ 18.749961] ret_from_fork+0x116/0x1d0 [ 18.750168] ret_from_fork_asm+0x1a/0x30 [ 18.750376] [ 18.750473] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.750473] [ 18.750918] allocated by task 328 on cpu 0 at 18.747352s (0.003563s ago): [ 18.751187] test_alloc+0x364/0x10f0 [ 18.751365] test_corruption+0xe6/0x3e0 [ 18.751586] kunit_try_run_case+0x1a5/0x480 [ 18.751852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.752038] kthread+0x337/0x6f0 [ 18.752162] ret_from_fork+0x116/0x1d0 [ 18.752327] ret_from_fork_asm+0x1a/0x30 [ 18.752522] [ 18.752712] freed by task 328 on cpu 0 at 18.747462s (0.005247s ago): [ 18.753029] test_corruption+0x2d2/0x3e0 [ 18.753218] kunit_try_run_case+0x1a5/0x480 [ 18.753366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.753719] kthread+0x337/0x6f0 [ 18.753973] ret_from_fork+0x116/0x1d0 [ 18.754161] ret_from_fork_asm+0x1a/0x30 [ 18.754319] [ 18.754453] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.754922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.755109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.755469] ================================================================== [ 19.059633] ================================================================== [ 19.060056] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.060056] [ 19.060335] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#85): [ 19.060758] test_corruption+0x2df/0x3e0 [ 19.060924] kunit_try_run_case+0x1a5/0x480 [ 19.061106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.061366] kthread+0x337/0x6f0 [ 19.061535] ret_from_fork+0x116/0x1d0 [ 19.061735] ret_from_fork_asm+0x1a/0x30 [ 19.061915] [ 19.061989] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.061989] [ 19.062358] allocated by task 328 on cpu 0 at 19.059352s (0.003003s ago): [ 19.062638] test_alloc+0x364/0x10f0 [ 19.062837] test_corruption+0x1cb/0x3e0 [ 19.062985] kunit_try_run_case+0x1a5/0x480 [ 19.063207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.063417] kthread+0x337/0x6f0 [ 19.063595] ret_from_fork+0x116/0x1d0 [ 19.063772] ret_from_fork_asm+0x1a/0x30 [ 19.063913] [ 19.063985] freed by task 328 on cpu 0 at 19.059453s (0.004530s ago): [ 19.064228] test_corruption+0x2df/0x3e0 [ 19.064423] kunit_try_run_case+0x1a5/0x480 [ 19.064641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.065008] kthread+0x337/0x6f0 [ 19.065183] ret_from_fork+0x116/0x1d0 [ 19.065352] ret_from_fork_asm+0x1a/0x30 [ 19.065673] [ 19.065775] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.066183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.066374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.066859] ================================================================== [ 19.163518] ================================================================== [ 19.163914] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.163914] [ 19.164279] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#86): [ 19.164896] test_corruption+0x131/0x3e0 [ 19.165059] kunit_try_run_case+0x1a5/0x480 [ 19.165215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.165506] kthread+0x337/0x6f0 [ 19.165687] ret_from_fork+0x116/0x1d0 [ 19.165878] ret_from_fork_asm+0x1a/0x30 [ 19.166097] [ 19.166189] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.166189] [ 19.166467] allocated by task 330 on cpu 1 at 19.163385s (0.003080s ago): [ 19.167038] test_alloc+0x2a6/0x10f0 [ 19.167193] test_corruption+0xe6/0x3e0 [ 19.167333] kunit_try_run_case+0x1a5/0x480 [ 19.167482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.167732] kthread+0x337/0x6f0 [ 19.168035] ret_from_fork+0x116/0x1d0 [ 19.168222] ret_from_fork_asm+0x1a/0x30 [ 19.168474] [ 19.168612] freed by task 330 on cpu 1 at 19.163445s (0.005164s ago): [ 19.168838] test_corruption+0x131/0x3e0 [ 19.169055] kunit_try_run_case+0x1a5/0x480 [ 19.169263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.169531] kthread+0x337/0x6f0 [ 19.169678] ret_from_fork+0x116/0x1d0 [ 19.169831] ret_from_fork_asm+0x1a/0x30 [ 19.170025] [ 19.170150] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.170592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.170791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.171133] ================================================================== [ 19.268542] ================================================================== [ 19.268933] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.268933] [ 19.269213] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#87): [ 19.269726] test_corruption+0x216/0x3e0 [ 19.269930] kunit_try_run_case+0x1a5/0x480 [ 19.270131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.270311] kthread+0x337/0x6f0 [ 19.270546] ret_from_fork+0x116/0x1d0 [ 19.270742] ret_from_fork_asm+0x1a/0x30 [ 19.270947] [ 19.271058] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.271058] [ 19.271394] allocated by task 330 on cpu 1 at 19.268409s (0.002983s ago): [ 19.271688] test_alloc+0x2a6/0x10f0 [ 19.271820] test_corruption+0x1cb/0x3e0 [ 19.271961] kunit_try_run_case+0x1a5/0x480 [ 19.272169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.272446] kthread+0x337/0x6f0 [ 19.272610] ret_from_fork+0x116/0x1d0 [ 19.272795] ret_from_fork_asm+0x1a/0x30 [ 19.272991] [ 19.273079] freed by task 330 on cpu 1 at 19.268471s (0.004604s ago): [ 19.273369] test_corruption+0x216/0x3e0 [ 19.273686] kunit_try_run_case+0x1a5/0x480 [ 19.273843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.274069] kthread+0x337/0x6f0 [ 19.274247] ret_from_fork+0x116/0x1d0 [ 19.274440] ret_from_fork_asm+0x1a/0x30 [ 19.274636] [ 19.274757] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.275187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.275352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.275724] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.539568] ================================================================== [ 18.539969] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.539969] [ 18.540320] Invalid free of 0x(____ptrval____) (in kfence-#80): [ 18.540680] test_invalid_addr_free+0x1e1/0x260 [ 18.540906] kunit_try_run_case+0x1a5/0x480 [ 18.541106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.541337] kthread+0x337/0x6f0 [ 18.541522] ret_from_fork+0x116/0x1d0 [ 18.541661] ret_from_fork_asm+0x1a/0x30 [ 18.541833] [ 18.541938] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.541938] [ 18.542388] allocated by task 324 on cpu 0 at 18.539420s (0.002966s ago): [ 18.542707] test_alloc+0x364/0x10f0 [ 18.542889] test_invalid_addr_free+0xdb/0x260 [ 18.543084] kunit_try_run_case+0x1a5/0x480 [ 18.543283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.543566] kthread+0x337/0x6f0 [ 18.543724] ret_from_fork+0x116/0x1d0 [ 18.543880] ret_from_fork_asm+0x1a/0x30 [ 18.544076] [ 18.544194] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.544536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.544677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.544983] ================================================================== [ 18.643558] ================================================================== [ 18.643990] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.643990] [ 18.644397] Invalid free of 0x(____ptrval____) (in kfence-#81): [ 18.644871] test_invalid_addr_free+0xfb/0x260 [ 18.645551] kunit_try_run_case+0x1a5/0x480 [ 18.646005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.646273] kthread+0x337/0x6f0 [ 18.646601] ret_from_fork+0x116/0x1d0 [ 18.646805] ret_from_fork_asm+0x1a/0x30 [ 18.647111] [ 18.647197] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.647197] [ 18.647780] allocated by task 326 on cpu 1 at 18.643440s (0.004337s ago): [ 18.648278] test_alloc+0x2a6/0x10f0 [ 18.648459] test_invalid_addr_free+0xdb/0x260 [ 18.648721] kunit_try_run_case+0x1a5/0x480 [ 18.648896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.649166] kthread+0x337/0x6f0 [ 18.649334] ret_from_fork+0x116/0x1d0 [ 18.649855] ret_from_fork_asm+0x1a/0x30 [ 18.650149] [ 18.650309] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.650888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.651192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.651720] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.915617] ================================================================== [ 17.916215] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.916215] [ 17.916803] Use-after-free read at 0x(____ptrval____) (in kfence-#74): [ 17.917392] test_use_after_free_read+0x129/0x270 [ 17.917733] kunit_try_run_case+0x1a5/0x480 [ 17.917922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.918155] kthread+0x337/0x6f0 [ 17.918310] ret_from_fork+0x116/0x1d0 [ 17.918749] ret_from_fork_asm+0x1a/0x30 [ 17.919005] [ 17.919209] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.919209] [ 17.919697] allocated by task 312 on cpu 1 at 17.915378s (0.004316s ago): [ 17.920115] test_alloc+0x364/0x10f0 [ 17.920351] test_use_after_free_read+0xdc/0x270 [ 17.920640] kunit_try_run_case+0x1a5/0x480 [ 17.920950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.921197] kthread+0x337/0x6f0 [ 17.921351] ret_from_fork+0x116/0x1d0 [ 17.921510] ret_from_fork_asm+0x1a/0x30 [ 17.921946] [ 17.922275] freed by task 312 on cpu 1 at 17.915457s (0.006724s ago): [ 17.922724] test_use_after_free_read+0x1e7/0x270 [ 17.923045] kunit_try_run_case+0x1a5/0x480 [ 17.923238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.923456] kthread+0x337/0x6f0 [ 17.923784] ret_from_fork+0x116/0x1d0 [ 17.923964] ret_from_fork_asm+0x1a/0x30 [ 17.924166] [ 17.924299] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.924970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.925242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.925712] ================================================================== [ 18.019557] ================================================================== [ 18.020042] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.020042] [ 18.020450] Use-after-free read at 0x(____ptrval____) (in kfence-#75): [ 18.020774] test_use_after_free_read+0x129/0x270 [ 18.020972] kunit_try_run_case+0x1a5/0x480 [ 18.021182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.021398] kthread+0x337/0x6f0 [ 18.021633] ret_from_fork+0x116/0x1d0 [ 18.021803] ret_from_fork_asm+0x1a/0x30 [ 18.021985] [ 18.022073] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.022073] [ 18.022449] allocated by task 314 on cpu 0 at 18.019401s (0.003047s ago): [ 18.022767] test_alloc+0x2a6/0x10f0 [ 18.022947] test_use_after_free_read+0xdc/0x270 [ 18.023117] kunit_try_run_case+0x1a5/0x480 [ 18.023265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.023521] kthread+0x337/0x6f0 [ 18.023691] ret_from_fork+0x116/0x1d0 [ 18.023890] ret_from_fork_asm+0x1a/0x30 [ 18.024076] [ 18.024151] freed by task 314 on cpu 0 at 18.019453s (0.004695s ago): [ 18.024436] test_use_after_free_read+0xfb/0x270 [ 18.024672] kunit_try_run_case+0x1a5/0x480 [ 18.024887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.025133] kthread+0x337/0x6f0 [ 18.025308] ret_from_fork+0x116/0x1d0 [ 18.025519] ret_from_fork_asm+0x1a/0x30 [ 18.025703] [ 18.025811] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.026208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.026348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.026637] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.707476] ================================================================== [ 17.707871] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.707871] [ 17.708401] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#72): [ 17.708777] test_out_of_bounds_write+0x10d/0x260 [ 17.708953] kunit_try_run_case+0x1a5/0x480 [ 17.709256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.709555] kthread+0x337/0x6f0 [ 17.709754] ret_from_fork+0x116/0x1d0 [ 17.710005] ret_from_fork_asm+0x1a/0x30 [ 17.710174] [ 17.710248] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.710248] [ 17.710883] allocated by task 308 on cpu 1 at 17.707339s (0.003542s ago): [ 17.711209] test_alloc+0x364/0x10f0 [ 17.711369] test_out_of_bounds_write+0xd4/0x260 [ 17.711565] kunit_try_run_case+0x1a5/0x480 [ 17.711831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.712007] kthread+0x337/0x6f0 [ 17.712171] ret_from_fork+0x116/0x1d0 [ 17.712362] ret_from_fork_asm+0x1a/0x30 [ 17.712751] [ 17.712880] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.713354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.713496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.714062] ================================================================== [ 17.811455] ================================================================== [ 17.811864] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.811864] [ 17.812305] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#73): [ 17.812763] test_out_of_bounds_write+0x10d/0x260 [ 17.812993] kunit_try_run_case+0x1a5/0x480 [ 17.813346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.813552] kthread+0x337/0x6f0 [ 17.813816] ret_from_fork+0x116/0x1d0 [ 17.814024] ret_from_fork_asm+0x1a/0x30 [ 17.814186] [ 17.814289] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.814289] [ 17.814714] allocated by task 310 on cpu 0 at 17.811391s (0.003320s ago): [ 17.814950] test_alloc+0x2a6/0x10f0 [ 17.815173] test_out_of_bounds_write+0xd4/0x260 [ 17.815406] kunit_try_run_case+0x1a5/0x480 [ 17.815635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.815834] kthread+0x337/0x6f0 [ 17.816057] ret_from_fork+0x116/0x1d0 [ 17.816247] ret_from_fork_asm+0x1a/0x30 [ 17.816429] [ 17.816549] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.816875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.817111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.817562] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.875539] ================================================================== [ 16.875944] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.875944] [ 16.876339] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#64): [ 16.876757] test_out_of_bounds_read+0x216/0x4e0 [ 16.876947] kunit_try_run_case+0x1a5/0x480 [ 16.877240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.877504] kthread+0x337/0x6f0 [ 16.877694] ret_from_fork+0x116/0x1d0 [ 16.877831] ret_from_fork_asm+0x1a/0x30 [ 16.878060] [ 16.878161] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.878161] [ 16.878807] allocated by task 304 on cpu 0 at 16.875372s (0.003433s ago): [ 16.879089] test_alloc+0x364/0x10f0 [ 16.879274] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.879433] kunit_try_run_case+0x1a5/0x480 [ 16.879706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.879964] kthread+0x337/0x6f0 [ 16.880105] ret_from_fork+0x116/0x1d0 [ 16.880289] ret_from_fork_asm+0x1a/0x30 [ 16.880436] [ 16.880557] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.881040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.881180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.881519] ================================================================== [ 17.395437] ================================================================== [ 17.395851] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.395851] [ 17.396375] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#69): [ 17.396758] test_out_of_bounds_read+0x126/0x4e0 [ 17.396972] kunit_try_run_case+0x1a5/0x480 [ 17.397135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.397417] kthread+0x337/0x6f0 [ 17.397639] ret_from_fork+0x116/0x1d0 [ 17.397835] ret_from_fork_asm+0x1a/0x30 [ 17.398036] [ 17.398110] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.398110] [ 17.398545] allocated by task 306 on cpu 1 at 17.395372s (0.003171s ago): [ 17.398917] test_alloc+0x2a6/0x10f0 [ 17.399146] test_out_of_bounds_read+0xed/0x4e0 [ 17.399370] kunit_try_run_case+0x1a5/0x480 [ 17.399614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.399909] kthread+0x337/0x6f0 [ 17.400057] ret_from_fork+0x116/0x1d0 [ 17.400193] ret_from_fork_asm+0x1a/0x30 [ 17.400394] [ 17.400604] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.401104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.401312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.401713] ================================================================== [ 17.499465] ================================================================== [ 17.499864] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.499864] [ 17.500354] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#70): [ 17.500795] test_out_of_bounds_read+0x216/0x4e0 [ 17.500973] kunit_try_run_case+0x1a5/0x480 [ 17.501182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.501465] kthread+0x337/0x6f0 [ 17.501676] ret_from_fork+0x116/0x1d0 [ 17.501963] ret_from_fork_asm+0x1a/0x30 [ 17.502205] [ 17.502311] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.502311] [ 17.502780] allocated by task 306 on cpu 1 at 17.499398s (0.003379s ago): [ 17.503076] test_alloc+0x2a6/0x10f0 [ 17.503291] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.503452] kunit_try_run_case+0x1a5/0x480 [ 17.503710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.503964] kthread+0x337/0x6f0 [ 17.504173] ret_from_fork+0x116/0x1d0 [ 17.504389] ret_from_fork_asm+0x1a/0x30 [ 17.504549] [ 17.504652] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.505131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.505369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.505823] ================================================================== [ 16.668690] ================================================================== [ 16.669147] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.669147] [ 16.669667] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#62): [ 16.670141] test_out_of_bounds_read+0x126/0x4e0 [ 16.670336] kunit_try_run_case+0x1a5/0x480 [ 16.670714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.670930] kthread+0x337/0x6f0 [ 16.671069] ret_from_fork+0x116/0x1d0 [ 16.671260] ret_from_fork_asm+0x1a/0x30 [ 16.671465] [ 16.672125] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.672125] [ 16.672975] allocated by task 304 on cpu 0 at 16.667426s (0.005488s ago): [ 16.673864] test_alloc+0x364/0x10f0 [ 16.674251] test_out_of_bounds_read+0xed/0x4e0 [ 16.674625] kunit_try_run_case+0x1a5/0x480 [ 16.674944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.675212] kthread+0x337/0x6f0 [ 16.675376] ret_from_fork+0x116/0x1d0 [ 16.675821] ret_from_fork_asm+0x1a/0x30 [ 16.676304] [ 16.676533] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.677152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.677340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.678002] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.582811] ================================================================== [ 16.583499] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.583932] Write of size 1 at addr ffff8881029c5778 by task kunit_try_catch/302 [ 16.584173] [ 16.584268] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.584317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.584330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.584354] Call Trace: [ 16.584375] <TASK> [ 16.584397] dump_stack_lvl+0x73/0xb0 [ 16.584427] print_report+0xd1/0x610 [ 16.584452] ? __virt_addr_valid+0x1db/0x2d0 [ 16.584477] ? strncpy_from_user+0x1a5/0x1d0 [ 16.584501] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.584526] ? strncpy_from_user+0x1a5/0x1d0 [ 16.584550] kasan_report+0x141/0x180 [ 16.584573] ? strncpy_from_user+0x1a5/0x1d0 [ 16.584602] __asan_report_store1_noabort+0x1b/0x30 [ 16.584627] strncpy_from_user+0x1a5/0x1d0 [ 16.584654] copy_user_test_oob+0x760/0x10f0 [ 16.584682] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.584705] ? finish_task_switch.isra.0+0x153/0x700 [ 16.584729] ? __switch_to+0x47/0xf50 [ 16.584757] ? __schedule+0x10cc/0x2b60 [ 16.584780] ? __pfx_read_tsc+0x10/0x10 [ 16.584802] ? ktime_get_ts64+0x86/0x230 [ 16.584828] kunit_try_run_case+0x1a5/0x480 [ 16.584861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.584884] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.584912] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.584939] ? __kthread_parkme+0x82/0x180 [ 16.584965] ? preempt_count_sub+0x50/0x80 [ 16.584990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.585024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.585050] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.585075] kthread+0x337/0x6f0 [ 16.585096] ? trace_preempt_on+0x20/0xc0 [ 16.585121] ? __pfx_kthread+0x10/0x10 [ 16.585143] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.585165] ? calculate_sigpending+0x7b/0xa0 [ 16.585191] ? __pfx_kthread+0x10/0x10 [ 16.585213] ret_from_fork+0x116/0x1d0 [ 16.585231] ? __pfx_kthread+0x10/0x10 [ 16.585252] ret_from_fork_asm+0x1a/0x30 [ 16.585285] </TASK> [ 16.585296] [ 16.592908] Allocated by task 302: [ 16.593063] kasan_save_stack+0x45/0x70 [ 16.593218] kasan_save_track+0x18/0x40 [ 16.593354] kasan_save_alloc_info+0x3b/0x50 [ 16.593532] __kasan_kmalloc+0xb7/0xc0 [ 16.593693] __kmalloc_noprof+0x1c9/0x500 [ 16.593898] kunit_kmalloc_array+0x25/0x60 [ 16.594115] copy_user_test_oob+0xab/0x10f0 [ 16.594323] kunit_try_run_case+0x1a5/0x480 [ 16.594557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.594814] kthread+0x337/0x6f0 [ 16.594987] ret_from_fork+0x116/0x1d0 [ 16.595185] ret_from_fork_asm+0x1a/0x30 [ 16.595380] [ 16.595503] The buggy address belongs to the object at ffff8881029c5700 [ 16.595503] which belongs to the cache kmalloc-128 of size 128 [ 16.596044] The buggy address is located 0 bytes to the right of [ 16.596044] allocated 120-byte region [ffff8881029c5700, ffff8881029c5778) [ 16.596628] [ 16.596731] The buggy address belongs to the physical page: [ 16.596976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c5 [ 16.597229] flags: 0x200000000000000(node=0|zone=2) [ 16.597397] page_type: f5(slab) [ 16.597542] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.597774] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.598001] page dumped because: kasan: bad access detected [ 16.598256] [ 16.598348] Memory state around the buggy address: [ 16.598589] ffff8881029c5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.598905] ffff8881029c5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.599225] >ffff8881029c5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.599560] ^ [ 16.599866] ffff8881029c5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.600147] ffff8881029c5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.600362] ================================================================== [ 16.561855] ================================================================== [ 16.564407] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.564777] Write of size 121 at addr ffff8881029c5700 by task kunit_try_catch/302 [ 16.565721] [ 16.565855] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.565909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.565923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.565946] Call Trace: [ 16.565969] <TASK> [ 16.565991] dump_stack_lvl+0x73/0xb0 [ 16.566039] print_report+0xd1/0x610 [ 16.566064] ? __virt_addr_valid+0x1db/0x2d0 [ 16.566089] ? strncpy_from_user+0x2e/0x1d0 [ 16.566115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.566139] ? strncpy_from_user+0x2e/0x1d0 [ 16.566164] kasan_report+0x141/0x180 [ 16.566187] ? strncpy_from_user+0x2e/0x1d0 [ 16.566217] kasan_check_range+0x10c/0x1c0 [ 16.566243] __kasan_check_write+0x18/0x20 [ 16.566262] strncpy_from_user+0x2e/0x1d0 [ 16.566286] ? __kasan_check_read+0x15/0x20 [ 16.566308] copy_user_test_oob+0x760/0x10f0 [ 16.566336] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.566361] ? finish_task_switch.isra.0+0x153/0x700 [ 16.566385] ? __switch_to+0x47/0xf50 [ 16.566412] ? __schedule+0x10cc/0x2b60 [ 16.566437] ? __pfx_read_tsc+0x10/0x10 [ 16.566460] ? ktime_get_ts64+0x86/0x230 [ 16.566485] kunit_try_run_case+0x1a5/0x480 [ 16.566511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.566535] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.566560] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.566585] ? __kthread_parkme+0x82/0x180 [ 16.566607] ? preempt_count_sub+0x50/0x80 [ 16.566631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.566656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.566682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.566706] kthread+0x337/0x6f0 [ 16.566727] ? trace_preempt_on+0x20/0xc0 [ 16.566752] ? __pfx_kthread+0x10/0x10 [ 16.566774] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.566795] ? calculate_sigpending+0x7b/0xa0 [ 16.566820] ? __pfx_kthread+0x10/0x10 [ 16.566842] ret_from_fork+0x116/0x1d0 [ 16.566861] ? __pfx_kthread+0x10/0x10 [ 16.566881] ret_from_fork_asm+0x1a/0x30 [ 16.566914] </TASK> [ 16.566925] [ 16.574384] Allocated by task 302: [ 16.574598] kasan_save_stack+0x45/0x70 [ 16.574789] kasan_save_track+0x18/0x40 [ 16.574965] kasan_save_alloc_info+0x3b/0x50 [ 16.575160] __kasan_kmalloc+0xb7/0xc0 [ 16.575336] __kmalloc_noprof+0x1c9/0x500 [ 16.575556] kunit_kmalloc_array+0x25/0x60 [ 16.575741] copy_user_test_oob+0xab/0x10f0 [ 16.575917] kunit_try_run_case+0x1a5/0x480 [ 16.576123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.576330] kthread+0x337/0x6f0 [ 16.576539] ret_from_fork+0x116/0x1d0 [ 16.576705] ret_from_fork_asm+0x1a/0x30 [ 16.576884] [ 16.576959] The buggy address belongs to the object at ffff8881029c5700 [ 16.576959] which belongs to the cache kmalloc-128 of size 128 [ 16.577498] The buggy address is located 0 bytes inside of [ 16.577498] allocated 120-byte region [ffff8881029c5700, ffff8881029c5778) [ 16.577950] [ 16.578060] The buggy address belongs to the physical page: [ 16.578282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c5 [ 16.578701] flags: 0x200000000000000(node=0|zone=2) [ 16.578893] page_type: f5(slab) [ 16.579073] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.579380] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.579689] page dumped because: kasan: bad access detected [ 16.579922] [ 16.580017] Memory state around the buggy address: [ 16.580227] ffff8881029c5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.580528] ffff8881029c5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.580748] >ffff8881029c5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.580970] ^ [ 16.581194] ffff8881029c5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.581412] ffff8881029c5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.581725] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.523968] ================================================================== [ 16.524484] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.524955] Write of size 121 at addr ffff8881029c5700 by task kunit_try_catch/302 [ 16.525268] [ 16.525381] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.525429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.525444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.525469] Call Trace: [ 16.525490] <TASK> [ 16.525509] dump_stack_lvl+0x73/0xb0 [ 16.525540] print_report+0xd1/0x610 [ 16.525564] ? __virt_addr_valid+0x1db/0x2d0 [ 16.525589] ? copy_user_test_oob+0x557/0x10f0 [ 16.525613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.525637] ? copy_user_test_oob+0x557/0x10f0 [ 16.525662] kasan_report+0x141/0x180 [ 16.525684] ? copy_user_test_oob+0x557/0x10f0 [ 16.525713] kasan_check_range+0x10c/0x1c0 [ 16.525738] __kasan_check_write+0x18/0x20 [ 16.525757] copy_user_test_oob+0x557/0x10f0 [ 16.525783] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.525806] ? finish_task_switch.isra.0+0x153/0x700 [ 16.525831] ? __switch_to+0x47/0xf50 [ 16.525857] ? __schedule+0x10cc/0x2b60 [ 16.525880] ? __pfx_read_tsc+0x10/0x10 [ 16.525902] ? ktime_get_ts64+0x86/0x230 [ 16.525927] kunit_try_run_case+0x1a5/0x480 [ 16.525952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.525977] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.526002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.526038] ? __kthread_parkme+0x82/0x180 [ 16.526060] ? preempt_count_sub+0x50/0x80 [ 16.526084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.526109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.526135] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.526161] kthread+0x337/0x6f0 [ 16.526182] ? trace_preempt_on+0x20/0xc0 [ 16.526207] ? __pfx_kthread+0x10/0x10 [ 16.526228] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.526251] ? calculate_sigpending+0x7b/0xa0 [ 16.526277] ? __pfx_kthread+0x10/0x10 [ 16.526300] ret_from_fork+0x116/0x1d0 [ 16.526318] ? __pfx_kthread+0x10/0x10 [ 16.526339] ret_from_fork_asm+0x1a/0x30 [ 16.526371] </TASK> [ 16.526383] [ 16.533557] Allocated by task 302: [ 16.533728] kasan_save_stack+0x45/0x70 [ 16.533949] kasan_save_track+0x18/0x40 [ 16.534141] kasan_save_alloc_info+0x3b/0x50 [ 16.534360] __kasan_kmalloc+0xb7/0xc0 [ 16.534592] __kmalloc_noprof+0x1c9/0x500 [ 16.534799] kunit_kmalloc_array+0x25/0x60 [ 16.534990] copy_user_test_oob+0xab/0x10f0 [ 16.535191] kunit_try_run_case+0x1a5/0x480 [ 16.535382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.535699] kthread+0x337/0x6f0 [ 16.535836] ret_from_fork+0x116/0x1d0 [ 16.536049] ret_from_fork_asm+0x1a/0x30 [ 16.536206] [ 16.536321] The buggy address belongs to the object at ffff8881029c5700 [ 16.536321] which belongs to the cache kmalloc-128 of size 128 [ 16.536787] The buggy address is located 0 bytes inside of [ 16.536787] allocated 120-byte region [ffff8881029c5700, ffff8881029c5778) [ 16.537213] [ 16.537313] The buggy address belongs to the physical page: [ 16.537667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c5 [ 16.538006] flags: 0x200000000000000(node=0|zone=2) [ 16.538243] page_type: f5(slab) [ 16.538410] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.538714] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.538965] page dumped because: kasan: bad access detected [ 16.539249] [ 16.539349] Memory state around the buggy address: [ 16.539575] ffff8881029c5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.539905] ffff8881029c5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.540223] >ffff8881029c5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.540571] ^ [ 16.540776] ffff8881029c5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.541095] ffff8881029c5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.541383] ================================================================== [ 16.506182] ================================================================== [ 16.506624] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.506872] Read of size 121 at addr ffff8881029c5700 by task kunit_try_catch/302 [ 16.507392] [ 16.507513] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.507562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.507576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.507600] Call Trace: [ 16.507622] <TASK> [ 16.507644] dump_stack_lvl+0x73/0xb0 [ 16.507684] print_report+0xd1/0x610 [ 16.507709] ? __virt_addr_valid+0x1db/0x2d0 [ 16.507740] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.507765] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.507789] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.507814] kasan_report+0x141/0x180 [ 16.507836] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.507865] kasan_check_range+0x10c/0x1c0 [ 16.507890] __kasan_check_read+0x15/0x20 [ 16.507910] copy_user_test_oob+0x4aa/0x10f0 [ 16.507936] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.507960] ? finish_task_switch.isra.0+0x153/0x700 [ 16.507984] ? __switch_to+0x47/0xf50 [ 16.508023] ? __schedule+0x10cc/0x2b60 [ 16.508046] ? __pfx_read_tsc+0x10/0x10 [ 16.508068] ? ktime_get_ts64+0x86/0x230 [ 16.508094] kunit_try_run_case+0x1a5/0x480 [ 16.508120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.508144] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.508169] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.508194] ? __kthread_parkme+0x82/0x180 [ 16.508218] ? preempt_count_sub+0x50/0x80 [ 16.508242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.508266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.508292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.508317] kthread+0x337/0x6f0 [ 16.508337] ? trace_preempt_on+0x20/0xc0 [ 16.508362] ? __pfx_kthread+0x10/0x10 [ 16.508383] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.508406] ? calculate_sigpending+0x7b/0xa0 [ 16.508443] ? __pfx_kthread+0x10/0x10 [ 16.508465] ret_from_fork+0x116/0x1d0 [ 16.508485] ? __pfx_kthread+0x10/0x10 [ 16.508505] ret_from_fork_asm+0x1a/0x30 [ 16.508537] </TASK> [ 16.508548] [ 16.515793] Allocated by task 302: [ 16.516075] kasan_save_stack+0x45/0x70 [ 16.516274] kasan_save_track+0x18/0x40 [ 16.516450] kasan_save_alloc_info+0x3b/0x50 [ 16.516615] __kasan_kmalloc+0xb7/0xc0 [ 16.516873] __kmalloc_noprof+0x1c9/0x500 [ 16.517086] kunit_kmalloc_array+0x25/0x60 [ 16.517300] copy_user_test_oob+0xab/0x10f0 [ 16.517507] kunit_try_run_case+0x1a5/0x480 [ 16.517710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.517890] kthread+0x337/0x6f0 [ 16.518021] ret_from_fork+0x116/0x1d0 [ 16.518210] ret_from_fork_asm+0x1a/0x30 [ 16.518415] [ 16.518577] The buggy address belongs to the object at ffff8881029c5700 [ 16.518577] which belongs to the cache kmalloc-128 of size 128 [ 16.519061] The buggy address is located 0 bytes inside of [ 16.519061] allocated 120-byte region [ffff8881029c5700, ffff8881029c5778) [ 16.519558] [ 16.519657] The buggy address belongs to the physical page: [ 16.519874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c5 [ 16.520158] flags: 0x200000000000000(node=0|zone=2) [ 16.520325] page_type: f5(slab) [ 16.520472] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.520807] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.521129] page dumped because: kasan: bad access detected [ 16.521308] [ 16.521401] Memory state around the buggy address: [ 16.521636] ffff8881029c5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.521957] ffff8881029c5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.522249] >ffff8881029c5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.522588] ^ [ 16.522871] ffff8881029c5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.523164] ffff8881029c5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.523455] ================================================================== [ 16.487863] ================================================================== [ 16.488716] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.489060] Write of size 121 at addr ffff8881029c5700 by task kunit_try_catch/302 [ 16.489362] [ 16.489482] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.489534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.489547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.489570] Call Trace: [ 16.489591] <TASK> [ 16.489613] dump_stack_lvl+0x73/0xb0 [ 16.489647] print_report+0xd1/0x610 [ 16.489671] ? __virt_addr_valid+0x1db/0x2d0 [ 16.489698] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.489723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.489747] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.489771] kasan_report+0x141/0x180 [ 16.489794] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.489822] kasan_check_range+0x10c/0x1c0 [ 16.489847] __kasan_check_write+0x18/0x20 [ 16.489867] copy_user_test_oob+0x3fd/0x10f0 [ 16.489894] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.489918] ? finish_task_switch.isra.0+0x153/0x700 [ 16.489941] ? __switch_to+0x47/0xf50 [ 16.489969] ? __schedule+0x10cc/0x2b60 [ 16.489992] ? __pfx_read_tsc+0x10/0x10 [ 16.490026] ? ktime_get_ts64+0x86/0x230 [ 16.490052] kunit_try_run_case+0x1a5/0x480 [ 16.490078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.490102] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.490128] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.490152] ? __kthread_parkme+0x82/0x180 [ 16.490175] ? preempt_count_sub+0x50/0x80 [ 16.490199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.490224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.490249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.490274] kthread+0x337/0x6f0 [ 16.490296] ? trace_preempt_on+0x20/0xc0 [ 16.490321] ? __pfx_kthread+0x10/0x10 [ 16.490344] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.490366] ? calculate_sigpending+0x7b/0xa0 [ 16.490392] ? __pfx_kthread+0x10/0x10 [ 16.490414] ret_from_fork+0x116/0x1d0 [ 16.490446] ? __pfx_kthread+0x10/0x10 [ 16.490469] ret_from_fork_asm+0x1a/0x30 [ 16.490501] </TASK> [ 16.490512] [ 16.497589] Allocated by task 302: [ 16.497779] kasan_save_stack+0x45/0x70 [ 16.497973] kasan_save_track+0x18/0x40 [ 16.498172] kasan_save_alloc_info+0x3b/0x50 [ 16.498331] __kasan_kmalloc+0xb7/0xc0 [ 16.498546] __kmalloc_noprof+0x1c9/0x500 [ 16.498748] kunit_kmalloc_array+0x25/0x60 [ 16.498927] copy_user_test_oob+0xab/0x10f0 [ 16.499087] kunit_try_run_case+0x1a5/0x480 [ 16.499299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.499632] kthread+0x337/0x6f0 [ 16.499797] ret_from_fork+0x116/0x1d0 [ 16.499975] ret_from_fork_asm+0x1a/0x30 [ 16.500156] [ 16.500256] The buggy address belongs to the object at ffff8881029c5700 [ 16.500256] which belongs to the cache kmalloc-128 of size 128 [ 16.500687] The buggy address is located 0 bytes inside of [ 16.500687] allocated 120-byte region [ffff8881029c5700, ffff8881029c5778) [ 16.501171] [ 16.501269] The buggy address belongs to the physical page: [ 16.501544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c5 [ 16.501795] flags: 0x200000000000000(node=0|zone=2) [ 16.501963] page_type: f5(slab) [ 16.502098] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.502329] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.502627] page dumped because: kasan: bad access detected [ 16.502873] [ 16.502965] Memory state around the buggy address: [ 16.503195] ffff8881029c5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.503518] ffff8881029c5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.503902] >ffff8881029c5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.504126] ^ [ 16.504342] ffff8881029c5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.504558] ffff8881029c5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.505262] ================================================================== [ 16.542119] ================================================================== [ 16.542475] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.542966] Read of size 121 at addr ffff8881029c5700 by task kunit_try_catch/302 [ 16.543368] [ 16.543487] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.543538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.543551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.543574] Call Trace: [ 16.543595] <TASK> [ 16.543616] dump_stack_lvl+0x73/0xb0 [ 16.543647] print_report+0xd1/0x610 [ 16.543672] ? __virt_addr_valid+0x1db/0x2d0 [ 16.543696] ? copy_user_test_oob+0x604/0x10f0 [ 16.543720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.543744] ? copy_user_test_oob+0x604/0x10f0 [ 16.543790] kasan_report+0x141/0x180 [ 16.543813] ? copy_user_test_oob+0x604/0x10f0 [ 16.543841] kasan_check_range+0x10c/0x1c0 [ 16.543866] __kasan_check_read+0x15/0x20 [ 16.543907] copy_user_test_oob+0x604/0x10f0 [ 16.543936] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.543961] ? finish_task_switch.isra.0+0x153/0x700 [ 16.543985] ? __switch_to+0x47/0xf50 [ 16.544022] ? __schedule+0x10cc/0x2b60 [ 16.544046] ? __pfx_read_tsc+0x10/0x10 [ 16.544084] ? ktime_get_ts64+0x86/0x230 [ 16.544110] kunit_try_run_case+0x1a5/0x480 [ 16.544150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.544186] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.544225] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.544264] ? __kthread_parkme+0x82/0x180 [ 16.544300] ? preempt_count_sub+0x50/0x80 [ 16.544325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.544376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.544414] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.544440] kthread+0x337/0x6f0 [ 16.544472] ? trace_preempt_on+0x20/0xc0 [ 16.544510] ? __pfx_kthread+0x10/0x10 [ 16.544544] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.544580] ? calculate_sigpending+0x7b/0xa0 [ 16.544619] ? __pfx_kthread+0x10/0x10 [ 16.544655] ret_from_fork+0x116/0x1d0 [ 16.544688] ? __pfx_kthread+0x10/0x10 [ 16.544721] ret_from_fork_asm+0x1a/0x30 [ 16.544767] </TASK> [ 16.544790] [ 16.552734] Allocated by task 302: [ 16.552928] kasan_save_stack+0x45/0x70 [ 16.553104] kasan_save_track+0x18/0x40 [ 16.553240] kasan_save_alloc_info+0x3b/0x50 [ 16.553386] __kasan_kmalloc+0xb7/0xc0 [ 16.553571] __kmalloc_noprof+0x1c9/0x500 [ 16.553788] kunit_kmalloc_array+0x25/0x60 [ 16.554001] copy_user_test_oob+0xab/0x10f0 [ 16.554224] kunit_try_run_case+0x1a5/0x480 [ 16.554424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.554670] kthread+0x337/0x6f0 [ 16.554834] ret_from_fork+0x116/0x1d0 [ 16.555024] ret_from_fork_asm+0x1a/0x30 [ 16.555216] [ 16.555384] The buggy address belongs to the object at ffff8881029c5700 [ 16.555384] which belongs to the cache kmalloc-128 of size 128 [ 16.555835] The buggy address is located 0 bytes inside of [ 16.555835] allocated 120-byte region [ffff8881029c5700, ffff8881029c5778) [ 16.556190] [ 16.556264] The buggy address belongs to the physical page: [ 16.556549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c5 [ 16.556930] flags: 0x200000000000000(node=0|zone=2) [ 16.557183] page_type: f5(slab) [ 16.557357] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.557733] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.558109] page dumped because: kasan: bad access detected [ 16.558319] [ 16.558432] Memory state around the buggy address: [ 16.558667] ffff8881029c5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.559005] ffff8881029c5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.559337] >ffff8881029c5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.559979] ^ [ 16.560294] ffff8881029c5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.560852] ffff8881029c5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.561112] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.466556] ================================================================== [ 16.466997] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.467314] Read of size 121 at addr ffff8881029c5700 by task kunit_try_catch/302 [ 16.467723] [ 16.467845] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.467897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.467910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.467934] Call Trace: [ 16.467952] <TASK> [ 16.467974] dump_stack_lvl+0x73/0xb0 [ 16.468021] print_report+0xd1/0x610 [ 16.468048] ? __virt_addr_valid+0x1db/0x2d0 [ 16.468072] ? _copy_to_user+0x3c/0x70 [ 16.468093] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.468117] ? _copy_to_user+0x3c/0x70 [ 16.468137] kasan_report+0x141/0x180 [ 16.468160] ? _copy_to_user+0x3c/0x70 [ 16.468184] kasan_check_range+0x10c/0x1c0 [ 16.468209] __kasan_check_read+0x15/0x20 [ 16.468228] _copy_to_user+0x3c/0x70 [ 16.468248] copy_user_test_oob+0x364/0x10f0 [ 16.468276] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.468300] ? finish_task_switch.isra.0+0x153/0x700 [ 16.468324] ? __switch_to+0x47/0xf50 [ 16.468351] ? __schedule+0x10cc/0x2b60 [ 16.468375] ? __pfx_read_tsc+0x10/0x10 [ 16.468397] ? ktime_get_ts64+0x86/0x230 [ 16.468422] kunit_try_run_case+0x1a5/0x480 [ 16.468459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.468482] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.468507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.468532] ? __kthread_parkme+0x82/0x180 [ 16.468554] ? preempt_count_sub+0x50/0x80 [ 16.468578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.468603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.468628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.468653] kthread+0x337/0x6f0 [ 16.468673] ? trace_preempt_on+0x20/0xc0 [ 16.468697] ? __pfx_kthread+0x10/0x10 [ 16.468718] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.468741] ? calculate_sigpending+0x7b/0xa0 [ 16.468767] ? __pfx_kthread+0x10/0x10 [ 16.468788] ret_from_fork+0x116/0x1d0 [ 16.468808] ? __pfx_kthread+0x10/0x10 [ 16.468831] ret_from_fork_asm+0x1a/0x30 [ 16.468871] </TASK> [ 16.468881] [ 16.475973] Allocated by task 302: [ 16.476181] kasan_save_stack+0x45/0x70 [ 16.476392] kasan_save_track+0x18/0x40 [ 16.476580] kasan_save_alloc_info+0x3b/0x50 [ 16.476794] __kasan_kmalloc+0xb7/0xc0 [ 16.476966] __kmalloc_noprof+0x1c9/0x500 [ 16.477154] kunit_kmalloc_array+0x25/0x60 [ 16.477342] copy_user_test_oob+0xab/0x10f0 [ 16.477503] kunit_try_run_case+0x1a5/0x480 [ 16.477649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.477906] kthread+0x337/0x6f0 [ 16.478087] ret_from_fork+0x116/0x1d0 [ 16.478276] ret_from_fork_asm+0x1a/0x30 [ 16.478465] [ 16.478565] The buggy address belongs to the object at ffff8881029c5700 [ 16.478565] which belongs to the cache kmalloc-128 of size 128 [ 16.479113] The buggy address is located 0 bytes inside of [ 16.479113] allocated 120-byte region [ffff8881029c5700, ffff8881029c5778) [ 16.479631] [ 16.479730] The buggy address belongs to the physical page: [ 16.479942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c5 [ 16.480245] flags: 0x200000000000000(node=0|zone=2) [ 16.480483] page_type: f5(slab) [ 16.480663] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.480956] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.481264] page dumped because: kasan: bad access detected [ 16.481507] [ 16.481580] Memory state around the buggy address: [ 16.481779] ffff8881029c5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.482092] ffff8881029c5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.482351] >ffff8881029c5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.482650] ^ [ 16.482915] ffff8881029c5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.483218] ffff8881029c5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.483524] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.445166] ================================================================== [ 16.445943] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.446502] Write of size 121 at addr ffff8881029c5700 by task kunit_try_catch/302 [ 16.446909] [ 16.447033] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.447089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.447102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.447128] Call Trace: [ 16.447145] <TASK> [ 16.447170] dump_stack_lvl+0x73/0xb0 [ 16.447207] print_report+0xd1/0x610 [ 16.447234] ? __virt_addr_valid+0x1db/0x2d0 [ 16.447260] ? _copy_from_user+0x32/0x90 [ 16.447281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.447305] ? _copy_from_user+0x32/0x90 [ 16.447326] kasan_report+0x141/0x180 [ 16.447349] ? _copy_from_user+0x32/0x90 [ 16.447402] kasan_check_range+0x10c/0x1c0 [ 16.447427] __kasan_check_write+0x18/0x20 [ 16.447447] _copy_from_user+0x32/0x90 [ 16.447469] copy_user_test_oob+0x2be/0x10f0 [ 16.447496] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.447540] ? finish_task_switch.isra.0+0x153/0x700 [ 16.447566] ? __switch_to+0x47/0xf50 [ 16.447594] ? __schedule+0x10cc/0x2b60 [ 16.447618] ? __pfx_read_tsc+0x10/0x10 [ 16.447641] ? ktime_get_ts64+0x86/0x230 [ 16.447667] kunit_try_run_case+0x1a5/0x480 [ 16.447693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.447716] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.447742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.447766] ? __kthread_parkme+0x82/0x180 [ 16.447789] ? preempt_count_sub+0x50/0x80 [ 16.447814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.447839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.447864] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.447889] kthread+0x337/0x6f0 [ 16.447909] ? trace_preempt_on+0x20/0xc0 [ 16.447934] ? __pfx_kthread+0x10/0x10 [ 16.447955] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.447977] ? calculate_sigpending+0x7b/0xa0 [ 16.448004] ? __pfx_kthread+0x10/0x10 [ 16.448035] ret_from_fork+0x116/0x1d0 [ 16.448055] ? __pfx_kthread+0x10/0x10 [ 16.448076] ret_from_fork_asm+0x1a/0x30 [ 16.448109] </TASK> [ 16.448121] [ 16.455394] Allocated by task 302: [ 16.455621] kasan_save_stack+0x45/0x70 [ 16.455840] kasan_save_track+0x18/0x40 [ 16.456042] kasan_save_alloc_info+0x3b/0x50 [ 16.456238] __kasan_kmalloc+0xb7/0xc0 [ 16.456416] __kmalloc_noprof+0x1c9/0x500 [ 16.456615] kunit_kmalloc_array+0x25/0x60 [ 16.456791] copy_user_test_oob+0xab/0x10f0 [ 16.456947] kunit_try_run_case+0x1a5/0x480 [ 16.457150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.457394] kthread+0x337/0x6f0 [ 16.457518] ret_from_fork+0x116/0x1d0 [ 16.457720] ret_from_fork_asm+0x1a/0x30 [ 16.457925] [ 16.458033] The buggy address belongs to the object at ffff8881029c5700 [ 16.458033] which belongs to the cache kmalloc-128 of size 128 [ 16.458564] The buggy address is located 0 bytes inside of [ 16.458564] allocated 120-byte region [ffff8881029c5700, ffff8881029c5778) [ 16.458983] [ 16.459093] The buggy address belongs to the physical page: [ 16.459302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c5 [ 16.459546] flags: 0x200000000000000(node=0|zone=2) [ 16.459715] page_type: f5(slab) [ 16.459842] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.460116] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.460450] page dumped because: kasan: bad access detected [ 16.460729] [ 16.460836] Memory state around the buggy address: [ 16.461055] ffff8881029c5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.461273] ffff8881029c5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.461632] >ffff8881029c5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.461946] ^ [ 16.462271] ffff8881029c5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.462626] ffff8881029c5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.462878] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.359514] ================================================================== [ 16.360352] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.361522] Read of size 8 at addr ffff888102b7db78 by task kunit_try_catch/298 [ 16.362696] [ 16.362926] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.362984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.362999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.363036] Call Trace: [ 16.363054] <TASK> [ 16.363077] dump_stack_lvl+0x73/0xb0 [ 16.363118] print_report+0xd1/0x610 [ 16.363145] ? __virt_addr_valid+0x1db/0x2d0 [ 16.363172] ? copy_to_kernel_nofault+0x225/0x260 [ 16.363198] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.363222] ? copy_to_kernel_nofault+0x225/0x260 [ 16.363247] kasan_report+0x141/0x180 [ 16.363270] ? copy_to_kernel_nofault+0x225/0x260 [ 16.363299] __asan_report_load8_noabort+0x18/0x20 [ 16.363325] copy_to_kernel_nofault+0x225/0x260 [ 16.363351] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.363376] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.363401] ? finish_task_switch.isra.0+0x153/0x700 [ 16.363426] ? __schedule+0x10cc/0x2b60 [ 16.363450] ? trace_hardirqs_on+0x37/0xe0 [ 16.363484] ? __pfx_read_tsc+0x10/0x10 [ 16.363508] ? ktime_get_ts64+0x86/0x230 [ 16.363534] kunit_try_run_case+0x1a5/0x480 [ 16.363562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.363585] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.363611] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.363636] ? __kthread_parkme+0x82/0x180 [ 16.363659] ? preempt_count_sub+0x50/0x80 [ 16.363683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.363708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.363733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.363758] kthread+0x337/0x6f0 [ 16.363778] ? trace_preempt_on+0x20/0xc0 [ 16.363801] ? __pfx_kthread+0x10/0x10 [ 16.363822] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.363845] ? calculate_sigpending+0x7b/0xa0 [ 16.363871] ? __pfx_kthread+0x10/0x10 [ 16.363893] ret_from_fork+0x116/0x1d0 [ 16.363913] ? __pfx_kthread+0x10/0x10 [ 16.363933] ret_from_fork_asm+0x1a/0x30 [ 16.363967] </TASK> [ 16.363979] [ 16.376643] Allocated by task 298: [ 16.377032] kasan_save_stack+0x45/0x70 [ 16.377487] kasan_save_track+0x18/0x40 [ 16.377875] kasan_save_alloc_info+0x3b/0x50 [ 16.378147] __kasan_kmalloc+0xb7/0xc0 [ 16.378564] __kmalloc_cache_noprof+0x189/0x420 [ 16.378929] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.379406] kunit_try_run_case+0x1a5/0x480 [ 16.379720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.380275] kthread+0x337/0x6f0 [ 16.380608] ret_from_fork+0x116/0x1d0 [ 16.380880] ret_from_fork_asm+0x1a/0x30 [ 16.381321] [ 16.381405] The buggy address belongs to the object at ffff888102b7db00 [ 16.381405] which belongs to the cache kmalloc-128 of size 128 [ 16.382450] The buggy address is located 0 bytes to the right of [ 16.382450] allocated 120-byte region [ffff888102b7db00, ffff888102b7db78) [ 16.383141] [ 16.383256] The buggy address belongs to the physical page: [ 16.383772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b7d [ 16.384525] flags: 0x200000000000000(node=0|zone=2) [ 16.384996] page_type: f5(slab) [ 16.385345] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.385996] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.386565] page dumped because: kasan: bad access detected [ 16.387104] [ 16.387276] Memory state around the buggy address: [ 16.387553] ffff888102b7da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.388151] ffff888102b7da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.388714] >ffff888102b7db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.388995] ^ [ 16.389860] ffff888102b7db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.390492] ffff888102b7dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.391129] ================================================================== [ 16.391833] ================================================================== [ 16.392149] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.393281] Write of size 8 at addr ffff888102b7db78 by task kunit_try_catch/298 [ 16.394131] [ 16.394321] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.394372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.394386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.394410] Call Trace: [ 16.394425] <TASK> [ 16.394445] dump_stack_lvl+0x73/0xb0 [ 16.394480] print_report+0xd1/0x610 [ 16.394505] ? __virt_addr_valid+0x1db/0x2d0 [ 16.394629] ? copy_to_kernel_nofault+0x99/0x260 [ 16.394658] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.394682] ? copy_to_kernel_nofault+0x99/0x260 [ 16.394707] kasan_report+0x141/0x180 [ 16.394730] ? copy_to_kernel_nofault+0x99/0x260 [ 16.394759] kasan_check_range+0x10c/0x1c0 [ 16.394783] __kasan_check_write+0x18/0x20 [ 16.394803] copy_to_kernel_nofault+0x99/0x260 [ 16.394830] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.394855] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.394879] ? finish_task_switch.isra.0+0x153/0x700 [ 16.394904] ? __schedule+0x10cc/0x2b60 [ 16.394928] ? trace_hardirqs_on+0x37/0xe0 [ 16.394960] ? __pfx_read_tsc+0x10/0x10 [ 16.394983] ? ktime_get_ts64+0x86/0x230 [ 16.395017] kunit_try_run_case+0x1a5/0x480 [ 16.395046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.395069] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.395095] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.395119] ? __kthread_parkme+0x82/0x180 [ 16.395141] ? preempt_count_sub+0x50/0x80 [ 16.395165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.395190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.395215] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.395240] kthread+0x337/0x6f0 [ 16.395261] ? trace_preempt_on+0x20/0xc0 [ 16.395283] ? __pfx_kthread+0x10/0x10 [ 16.395304] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.395326] ? calculate_sigpending+0x7b/0xa0 [ 16.395351] ? __pfx_kthread+0x10/0x10 [ 16.395373] ret_from_fork+0x116/0x1d0 [ 16.395392] ? __pfx_kthread+0x10/0x10 [ 16.395413] ret_from_fork_asm+0x1a/0x30 [ 16.395492] </TASK> [ 16.395507] [ 16.414262] Allocated by task 298: [ 16.414725] kasan_save_stack+0x45/0x70 [ 16.415190] kasan_save_track+0x18/0x40 [ 16.415551] kasan_save_alloc_info+0x3b/0x50 [ 16.415932] __kasan_kmalloc+0xb7/0xc0 [ 16.416383] __kmalloc_cache_noprof+0x189/0x420 [ 16.416622] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.417363] kunit_try_run_case+0x1a5/0x480 [ 16.417675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.417858] kthread+0x337/0x6f0 [ 16.417982] ret_from_fork+0x116/0x1d0 [ 16.418410] ret_from_fork_asm+0x1a/0x30 [ 16.418787] [ 16.418949] The buggy address belongs to the object at ffff888102b7db00 [ 16.418949] which belongs to the cache kmalloc-128 of size 128 [ 16.420145] The buggy address is located 0 bytes to the right of [ 16.420145] allocated 120-byte region [ffff888102b7db00, ffff888102b7db78) [ 16.420729] [ 16.420810] The buggy address belongs to the physical page: [ 16.420997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b7d [ 16.422215] flags: 0x200000000000000(node=0|zone=2) [ 16.422775] page_type: f5(slab) [ 16.423218] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.423936] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.424517] page dumped because: kasan: bad access detected [ 16.424697] [ 16.424769] Memory state around the buggy address: [ 16.424935] ffff888102b7da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.425183] ffff888102b7da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.425579] >ffff888102b7db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.425876] ^ [ 16.426157] ffff888102b7db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.426875] ffff888102b7dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.427184] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.917121] ================================================================== [ 14.919054] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.919602] Read of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 14.919979] [ 14.920229] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.920283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.920296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.920320] Call Trace: [ 14.920333] <TASK> [ 14.920351] dump_stack_lvl+0x73/0xb0 [ 14.920384] print_report+0xd1/0x610 [ 14.920407] ? __virt_addr_valid+0x1db/0x2d0 [ 14.920432] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.920454] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.920477] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.920498] kasan_report+0x141/0x180 [ 14.920520] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.920545] __asan_report_load4_noabort+0x18/0x20 [ 14.920570] kasan_atomics_helper+0x4bbc/0x5450 [ 14.920592] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.920627] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.920653] ? kasan_atomics+0x152/0x310 [ 14.920679] kasan_atomics+0x1dc/0x310 [ 14.920713] ? __pfx_kasan_atomics+0x10/0x10 [ 14.920738] ? __pfx_read_tsc+0x10/0x10 [ 14.920758] ? ktime_get_ts64+0x86/0x230 [ 14.920782] kunit_try_run_case+0x1a5/0x480 [ 14.920807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.920829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.920857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.920881] ? __kthread_parkme+0x82/0x180 [ 14.920902] ? preempt_count_sub+0x50/0x80 [ 14.920926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.920949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.920973] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.920996] kthread+0x337/0x6f0 [ 14.921081] ? trace_preempt_on+0x20/0xc0 [ 14.921106] ? __pfx_kthread+0x10/0x10 [ 14.921126] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.921148] ? calculate_sigpending+0x7b/0xa0 [ 14.921172] ? __pfx_kthread+0x10/0x10 [ 14.921193] ret_from_fork+0x116/0x1d0 [ 14.921212] ? __pfx_kthread+0x10/0x10 [ 14.921231] ret_from_fork_asm+0x1a/0x30 [ 14.921261] </TASK> [ 14.921273] [ 14.934838] Allocated by task 282: [ 14.935271] kasan_save_stack+0x45/0x70 [ 14.935724] kasan_save_track+0x18/0x40 [ 14.936123] kasan_save_alloc_info+0x3b/0x50 [ 14.936460] __kasan_kmalloc+0xb7/0xc0 [ 14.936697] __kmalloc_cache_noprof+0x189/0x420 [ 14.937151] kasan_atomics+0x95/0x310 [ 14.937463] kunit_try_run_case+0x1a5/0x480 [ 14.937616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.938123] kthread+0x337/0x6f0 [ 14.938448] ret_from_fork+0x116/0x1d0 [ 14.938723] ret_from_fork_asm+0x1a/0x30 [ 14.938868] [ 14.938941] The buggy address belongs to the object at ffff88810342d080 [ 14.938941] which belongs to the cache kmalloc-64 of size 64 [ 14.940075] The buggy address is located 0 bytes to the right of [ 14.940075] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 14.941142] [ 14.941357] The buggy address belongs to the physical page: [ 14.941792] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 14.942183] flags: 0x200000000000000(node=0|zone=2) [ 14.942799] page_type: f5(slab) [ 14.943204] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.944025] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.944594] page dumped because: kasan: bad access detected [ 14.944768] [ 14.944842] Memory state around the buggy address: [ 14.945021] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.945370] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.945703] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.946028] ^ [ 14.946303] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.946693] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.947027] ================================================================== [ 16.295083] ================================================================== [ 16.295433] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.295749] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.296091] [ 16.296208] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.296258] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.296292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.296317] Call Trace: [ 16.296341] <TASK> [ 16.296362] dump_stack_lvl+0x73/0xb0 [ 16.296398] print_report+0xd1/0x610 [ 16.296422] ? __virt_addr_valid+0x1db/0x2d0 [ 16.296456] ? kasan_atomics_helper+0x224c/0x5450 [ 16.296478] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.296520] ? kasan_atomics_helper+0x224c/0x5450 [ 16.296543] kasan_report+0x141/0x180 [ 16.296566] ? kasan_atomics_helper+0x224c/0x5450 [ 16.296593] kasan_check_range+0x10c/0x1c0 [ 16.296618] __kasan_check_write+0x18/0x20 [ 16.296638] kasan_atomics_helper+0x224c/0x5450 [ 16.296662] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.296684] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.296727] ? kasan_atomics+0x152/0x310 [ 16.296754] kasan_atomics+0x1dc/0x310 [ 16.296777] ? __pfx_kasan_atomics+0x10/0x10 [ 16.296802] ? __pfx_read_tsc+0x10/0x10 [ 16.296824] ? ktime_get_ts64+0x86/0x230 [ 16.296856] kunit_try_run_case+0x1a5/0x480 [ 16.296882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.296923] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.296949] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.296977] ? __kthread_parkme+0x82/0x180 [ 16.296998] ? preempt_count_sub+0x50/0x80 [ 16.297035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.297059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.297086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.297112] kthread+0x337/0x6f0 [ 16.297150] ? trace_preempt_on+0x20/0xc0 [ 16.297175] ? __pfx_kthread+0x10/0x10 [ 16.297196] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.297220] ? calculate_sigpending+0x7b/0xa0 [ 16.297246] ? __pfx_kthread+0x10/0x10 [ 16.297267] ret_from_fork+0x116/0x1d0 [ 16.297287] ? __pfx_kthread+0x10/0x10 [ 16.297325] ret_from_fork_asm+0x1a/0x30 [ 16.297359] </TASK> [ 16.297370] [ 16.305329] Allocated by task 282: [ 16.305634] kasan_save_stack+0x45/0x70 [ 16.305862] kasan_save_track+0x18/0x40 [ 16.306047] kasan_save_alloc_info+0x3b/0x50 [ 16.306253] __kasan_kmalloc+0xb7/0xc0 [ 16.306459] __kmalloc_cache_noprof+0x189/0x420 [ 16.306680] kasan_atomics+0x95/0x310 [ 16.306868] kunit_try_run_case+0x1a5/0x480 [ 16.307094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.307341] kthread+0x337/0x6f0 [ 16.307600] ret_from_fork+0x116/0x1d0 [ 16.307784] ret_from_fork_asm+0x1a/0x30 [ 16.307980] [ 16.308083] The buggy address belongs to the object at ffff88810342d080 [ 16.308083] which belongs to the cache kmalloc-64 of size 64 [ 16.308634] The buggy address is located 0 bytes to the right of [ 16.308634] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.309151] [ 16.309247] The buggy address belongs to the physical page: [ 16.309503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.309829] flags: 0x200000000000000(node=0|zone=2) [ 16.310078] page_type: f5(slab) [ 16.310215] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.310579] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.311018] page dumped because: kasan: bad access detected [ 16.311241] [ 16.311322] Memory state around the buggy address: [ 16.311520] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.311856] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.312215] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.312530] ^ [ 16.312758] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.313083] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.313527] ================================================================== [ 15.015194] ================================================================== [ 15.015901] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 15.016551] Read of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.016882] [ 15.016992] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.017264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.017280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.017314] Call Trace: [ 15.017329] <TASK> [ 15.017351] dump_stack_lvl+0x73/0xb0 [ 15.017400] print_report+0xd1/0x610 [ 15.017426] ? __virt_addr_valid+0x1db/0x2d0 [ 15.017462] ? kasan_atomics_helper+0x3df/0x5450 [ 15.017485] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.017520] ? kasan_atomics_helper+0x3df/0x5450 [ 15.017545] kasan_report+0x141/0x180 [ 15.017570] ? kasan_atomics_helper+0x3df/0x5450 [ 15.017608] kasan_check_range+0x10c/0x1c0 [ 15.017633] __kasan_check_read+0x15/0x20 [ 15.017653] kasan_atomics_helper+0x3df/0x5450 [ 15.017677] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.017709] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.017736] ? kasan_atomics+0x152/0x310 [ 15.017773] kasan_atomics+0x1dc/0x310 [ 15.017796] ? __pfx_kasan_atomics+0x10/0x10 [ 15.017821] ? __pfx_read_tsc+0x10/0x10 [ 15.017844] ? ktime_get_ts64+0x86/0x230 [ 15.017878] kunit_try_run_case+0x1a5/0x480 [ 15.017905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.017929] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.017964] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.017988] ? __kthread_parkme+0x82/0x180 [ 15.018019] ? preempt_count_sub+0x50/0x80 [ 15.018045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.018078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.018103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.018128] kthread+0x337/0x6f0 [ 15.018159] ? trace_preempt_on+0x20/0xc0 [ 15.018183] ? __pfx_kthread+0x10/0x10 [ 15.018204] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.018227] ? calculate_sigpending+0x7b/0xa0 [ 15.018252] ? __pfx_kthread+0x10/0x10 [ 15.018283] ret_from_fork+0x116/0x1d0 [ 15.018302] ? __pfx_kthread+0x10/0x10 [ 15.018322] ret_from_fork_asm+0x1a/0x30 [ 15.018365] </TASK> [ 15.018375] [ 15.026606] Allocated by task 282: [ 15.026803] kasan_save_stack+0x45/0x70 [ 15.027059] kasan_save_track+0x18/0x40 [ 15.027222] kasan_save_alloc_info+0x3b/0x50 [ 15.027468] __kasan_kmalloc+0xb7/0xc0 [ 15.027632] __kmalloc_cache_noprof+0x189/0x420 [ 15.027866] kasan_atomics+0x95/0x310 [ 15.028062] kunit_try_run_case+0x1a5/0x480 [ 15.028278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.028534] kthread+0x337/0x6f0 [ 15.028709] ret_from_fork+0x116/0x1d0 [ 15.028880] ret_from_fork_asm+0x1a/0x30 [ 15.029097] [ 15.029173] The buggy address belongs to the object at ffff88810342d080 [ 15.029173] which belongs to the cache kmalloc-64 of size 64 [ 15.029772] The buggy address is located 0 bytes to the right of [ 15.029772] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.030227] [ 15.030320] The buggy address belongs to the physical page: [ 15.030757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.031114] flags: 0x200000000000000(node=0|zone=2) [ 15.031294] page_type: f5(slab) [ 15.031419] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.031654] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.031882] page dumped because: kasan: bad access detected [ 15.032087] [ 15.032189] Memory state around the buggy address: [ 15.032411] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.032753] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.033085] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.033398] ^ [ 15.033854] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.034179] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.034399] ================================================================== [ 16.139431] ================================================================== [ 16.140073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.140365] Read of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.140975] [ 16.141080] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.141128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.141141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.141165] Call Trace: [ 16.141186] <TASK> [ 16.141208] dump_stack_lvl+0x73/0xb0 [ 16.141237] print_report+0xd1/0x610 [ 16.141260] ? __virt_addr_valid+0x1db/0x2d0 [ 16.141285] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.141306] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.141330] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.141353] kasan_report+0x141/0x180 [ 16.141375] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.141401] __asan_report_load8_noabort+0x18/0x20 [ 16.141427] kasan_atomics_helper+0x4f71/0x5450 [ 16.141450] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.141473] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.141500] ? kasan_atomics+0x152/0x310 [ 16.141530] kasan_atomics+0x1dc/0x310 [ 16.141553] ? __pfx_kasan_atomics+0x10/0x10 [ 16.141578] ? __pfx_read_tsc+0x10/0x10 [ 16.141601] ? ktime_get_ts64+0x86/0x230 [ 16.141667] kunit_try_run_case+0x1a5/0x480 [ 16.141693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.141716] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.141741] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.141766] ? __kthread_parkme+0x82/0x180 [ 16.141787] ? preempt_count_sub+0x50/0x80 [ 16.141812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.141836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.141882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.141908] kthread+0x337/0x6f0 [ 16.141928] ? trace_preempt_on+0x20/0xc0 [ 16.141952] ? __pfx_kthread+0x10/0x10 [ 16.141973] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.141995] ? calculate_sigpending+0x7b/0xa0 [ 16.142030] ? __pfx_kthread+0x10/0x10 [ 16.142052] ret_from_fork+0x116/0x1d0 [ 16.142072] ? __pfx_kthread+0x10/0x10 [ 16.142093] ret_from_fork_asm+0x1a/0x30 [ 16.142125] </TASK> [ 16.142136] [ 16.149337] Allocated by task 282: [ 16.149621] kasan_save_stack+0x45/0x70 [ 16.149850] kasan_save_track+0x18/0x40 [ 16.150049] kasan_save_alloc_info+0x3b/0x50 [ 16.150254] __kasan_kmalloc+0xb7/0xc0 [ 16.150443] __kmalloc_cache_noprof+0x189/0x420 [ 16.150605] kasan_atomics+0x95/0x310 [ 16.150737] kunit_try_run_case+0x1a5/0x480 [ 16.150881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.151141] kthread+0x337/0x6f0 [ 16.151334] ret_from_fork+0x116/0x1d0 [ 16.151664] ret_from_fork_asm+0x1a/0x30 [ 16.151880] [ 16.151978] The buggy address belongs to the object at ffff88810342d080 [ 16.151978] which belongs to the cache kmalloc-64 of size 64 [ 16.152453] The buggy address is located 0 bytes to the right of [ 16.152453] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.152925] [ 16.153033] The buggy address belongs to the physical page: [ 16.153263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.153633] flags: 0x200000000000000(node=0|zone=2) [ 16.153870] page_type: f5(slab) [ 16.154046] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.154373] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.154704] page dumped because: kasan: bad access detected [ 16.154928] [ 16.155041] Memory state around the buggy address: [ 16.155247] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.155515] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.155852] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.156146] ^ [ 16.156342] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.156672] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.156970] ================================================================== [ 15.257146] ================================================================== [ 15.257459] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.257765] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.258147] [ 15.258289] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.258347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.258363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.258387] Call Trace: [ 15.258418] <TASK> [ 15.258439] dump_stack_lvl+0x73/0xb0 [ 15.258469] print_report+0xd1/0x610 [ 15.258492] ? __virt_addr_valid+0x1db/0x2d0 [ 15.258518] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.258540] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.258564] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.258586] kasan_report+0x141/0x180 [ 15.258608] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.258645] kasan_check_range+0x10c/0x1c0 [ 15.258670] __kasan_check_write+0x18/0x20 [ 15.258689] kasan_atomics_helper+0x8f9/0x5450 [ 15.258724] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.258746] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.258781] ? kasan_atomics+0x152/0x310 [ 15.258808] kasan_atomics+0x1dc/0x310 [ 15.258832] ? __pfx_kasan_atomics+0x10/0x10 [ 15.258867] ? __pfx_read_tsc+0x10/0x10 [ 15.258889] ? ktime_get_ts64+0x86/0x230 [ 15.258915] kunit_try_run_case+0x1a5/0x480 [ 15.258940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.258964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.258989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.259023] ? __kthread_parkme+0x82/0x180 [ 15.259045] ? preempt_count_sub+0x50/0x80 [ 15.259070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.259095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.259119] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.259145] kthread+0x337/0x6f0 [ 15.259164] ? trace_preempt_on+0x20/0xc0 [ 15.259188] ? __pfx_kthread+0x10/0x10 [ 15.259211] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.259233] ? calculate_sigpending+0x7b/0xa0 [ 15.259258] ? __pfx_kthread+0x10/0x10 [ 15.259280] ret_from_fork+0x116/0x1d0 [ 15.259299] ? __pfx_kthread+0x10/0x10 [ 15.259320] ret_from_fork_asm+0x1a/0x30 [ 15.259352] </TASK> [ 15.259362] [ 15.266774] Allocated by task 282: [ 15.266974] kasan_save_stack+0x45/0x70 [ 15.267211] kasan_save_track+0x18/0x40 [ 15.267401] kasan_save_alloc_info+0x3b/0x50 [ 15.267611] __kasan_kmalloc+0xb7/0xc0 [ 15.267798] __kmalloc_cache_noprof+0x189/0x420 [ 15.267980] kasan_atomics+0x95/0x310 [ 15.268175] kunit_try_run_case+0x1a5/0x480 [ 15.268365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.268698] kthread+0x337/0x6f0 [ 15.268898] ret_from_fork+0x116/0x1d0 [ 15.269057] ret_from_fork_asm+0x1a/0x30 [ 15.269204] [ 15.269316] The buggy address belongs to the object at ffff88810342d080 [ 15.269316] which belongs to the cache kmalloc-64 of size 64 [ 15.270107] The buggy address is located 0 bytes to the right of [ 15.270107] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.270704] [ 15.270815] The buggy address belongs to the physical page: [ 15.271063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.271418] flags: 0x200000000000000(node=0|zone=2) [ 15.271653] page_type: f5(slab) [ 15.271847] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.272190] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.272536] page dumped because: kasan: bad access detected [ 15.272764] [ 15.272864] Memory state around the buggy address: [ 15.273071] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.273312] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.273762] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.274154] ^ [ 15.274312] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.274833] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.275139] ================================================================== [ 15.747644] ================================================================== [ 15.748033] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.748450] Read of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.748759] [ 15.748881] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.748959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.748972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.749007] Call Trace: [ 15.749042] <TASK> [ 15.749063] dump_stack_lvl+0x73/0xb0 [ 15.749094] print_report+0xd1/0x610 [ 15.749117] ? __virt_addr_valid+0x1db/0x2d0 [ 15.749141] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.749163] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.749187] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.749209] kasan_report+0x141/0x180 [ 15.749232] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.749259] __asan_report_load8_noabort+0x18/0x20 [ 15.749285] kasan_atomics_helper+0x4eae/0x5450 [ 15.749309] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.749332] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.749358] ? kasan_atomics+0x152/0x310 [ 15.749385] kasan_atomics+0x1dc/0x310 [ 15.749415] ? __pfx_kasan_atomics+0x10/0x10 [ 15.749440] ? __pfx_read_tsc+0x10/0x10 [ 15.749462] ? ktime_get_ts64+0x86/0x230 [ 15.749488] kunit_try_run_case+0x1a5/0x480 [ 15.749514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.749537] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.749564] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.749588] ? __kthread_parkme+0x82/0x180 [ 15.749609] ? preempt_count_sub+0x50/0x80 [ 15.749634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.749659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.749683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.749708] kthread+0x337/0x6f0 [ 15.749727] ? trace_preempt_on+0x20/0xc0 [ 15.749751] ? __pfx_kthread+0x10/0x10 [ 15.749772] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.749796] ? calculate_sigpending+0x7b/0xa0 [ 15.749820] ? __pfx_kthread+0x10/0x10 [ 15.749843] ret_from_fork+0x116/0x1d0 [ 15.749864] ? __pfx_kthread+0x10/0x10 [ 15.749884] ret_from_fork_asm+0x1a/0x30 [ 15.749918] </TASK> [ 15.749929] [ 15.757394] Allocated by task 282: [ 15.757672] kasan_save_stack+0x45/0x70 [ 15.758018] kasan_save_track+0x18/0x40 [ 15.758230] kasan_save_alloc_info+0x3b/0x50 [ 15.758457] __kasan_kmalloc+0xb7/0xc0 [ 15.758650] __kmalloc_cache_noprof+0x189/0x420 [ 15.758887] kasan_atomics+0x95/0x310 [ 15.759032] kunit_try_run_case+0x1a5/0x480 [ 15.759184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.759490] kthread+0x337/0x6f0 [ 15.759732] ret_from_fork+0x116/0x1d0 [ 15.759990] ret_from_fork_asm+0x1a/0x30 [ 15.760282] [ 15.760400] The buggy address belongs to the object at ffff88810342d080 [ 15.760400] which belongs to the cache kmalloc-64 of size 64 [ 15.760883] The buggy address is located 0 bytes to the right of [ 15.760883] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.761358] [ 15.761518] The buggy address belongs to the physical page: [ 15.761806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.762212] flags: 0x200000000000000(node=0|zone=2) [ 15.762481] page_type: f5(slab) [ 15.762635] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.762986] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.763308] page dumped because: kasan: bad access detected [ 15.763639] [ 15.763766] Memory state around the buggy address: [ 15.763937] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.764209] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.764605] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.764928] ^ [ 15.765217] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.765547] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.765806] ================================================================== [ 15.589815] ================================================================== [ 15.590268] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.590642] Read of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.590919] [ 15.591020] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.591070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.591082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.591105] Call Trace: [ 15.591126] <TASK> [ 15.591146] dump_stack_lvl+0x73/0xb0 [ 15.591176] print_report+0xd1/0x610 [ 15.591199] ? __virt_addr_valid+0x1db/0x2d0 [ 15.591223] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.591245] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.591269] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.591292] kasan_report+0x141/0x180 [ 15.591315] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.591342] __asan_report_load4_noabort+0x18/0x20 [ 15.591368] kasan_atomics_helper+0x4a1c/0x5450 [ 15.591392] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.591416] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.591460] ? kasan_atomics+0x152/0x310 [ 15.591487] kasan_atomics+0x1dc/0x310 [ 15.591510] ? __pfx_kasan_atomics+0x10/0x10 [ 15.591535] ? __pfx_read_tsc+0x10/0x10 [ 15.591558] ? ktime_get_ts64+0x86/0x230 [ 15.591584] kunit_try_run_case+0x1a5/0x480 [ 15.591609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.591633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.591657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.591682] ? __kthread_parkme+0x82/0x180 [ 15.591703] ? preempt_count_sub+0x50/0x80 [ 15.591729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.591753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.591777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.591802] kthread+0x337/0x6f0 [ 15.591822] ? trace_preempt_on+0x20/0xc0 [ 15.591846] ? __pfx_kthread+0x10/0x10 [ 15.591867] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.591888] ? calculate_sigpending+0x7b/0xa0 [ 15.591915] ? __pfx_kthread+0x10/0x10 [ 15.591936] ret_from_fork+0x116/0x1d0 [ 15.591955] ? __pfx_kthread+0x10/0x10 [ 15.591976] ret_from_fork_asm+0x1a/0x30 [ 15.592007] </TASK> [ 15.592028] [ 15.599263] Allocated by task 282: [ 15.599430] kasan_save_stack+0x45/0x70 [ 15.599638] kasan_save_track+0x18/0x40 [ 15.599778] kasan_save_alloc_info+0x3b/0x50 [ 15.599927] __kasan_kmalloc+0xb7/0xc0 [ 15.600093] __kmalloc_cache_noprof+0x189/0x420 [ 15.600318] kasan_atomics+0x95/0x310 [ 15.600595] kunit_try_run_case+0x1a5/0x480 [ 15.600771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.600994] kthread+0x337/0x6f0 [ 15.601178] ret_from_fork+0x116/0x1d0 [ 15.601338] ret_from_fork_asm+0x1a/0x30 [ 15.601537] [ 15.601635] The buggy address belongs to the object at ffff88810342d080 [ 15.601635] which belongs to the cache kmalloc-64 of size 64 [ 15.602117] The buggy address is located 0 bytes to the right of [ 15.602117] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.602636] [ 15.602734] The buggy address belongs to the physical page: [ 15.602960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.603232] flags: 0x200000000000000(node=0|zone=2) [ 15.603443] page_type: f5(slab) [ 15.603611] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.603950] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.604226] page dumped because: kasan: bad access detected [ 15.604504] [ 15.604585] Memory state around the buggy address: [ 15.604813] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.605106] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.605378] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.605705] ^ [ 15.605901] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.606202] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.606531] ================================================================== [ 15.479815] ================================================================== [ 15.480194] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.480786] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.481306] [ 15.481428] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.481640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.481654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.481677] Call Trace: [ 15.481699] <TASK> [ 15.481720] dump_stack_lvl+0x73/0xb0 [ 15.481762] print_report+0xd1/0x610 [ 15.481786] ? __virt_addr_valid+0x1db/0x2d0 [ 15.481812] ? kasan_atomics_helper+0xe78/0x5450 [ 15.481834] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.481857] ? kasan_atomics_helper+0xe78/0x5450 [ 15.481879] kasan_report+0x141/0x180 [ 15.481902] ? kasan_atomics_helper+0xe78/0x5450 [ 15.481931] kasan_check_range+0x10c/0x1c0 [ 15.481956] __kasan_check_write+0x18/0x20 [ 15.481976] kasan_atomics_helper+0xe78/0x5450 [ 15.481999] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.482031] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.482057] ? kasan_atomics+0x152/0x310 [ 15.482084] kasan_atomics+0x1dc/0x310 [ 15.482107] ? __pfx_kasan_atomics+0x10/0x10 [ 15.482131] ? __pfx_read_tsc+0x10/0x10 [ 15.482153] ? ktime_get_ts64+0x86/0x230 [ 15.482178] kunit_try_run_case+0x1a5/0x480 [ 15.482203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.482226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.482252] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.482276] ? __kthread_parkme+0x82/0x180 [ 15.482298] ? preempt_count_sub+0x50/0x80 [ 15.482323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.482347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.482372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.482396] kthread+0x337/0x6f0 [ 15.482416] ? trace_preempt_on+0x20/0xc0 [ 15.482440] ? __pfx_kthread+0x10/0x10 [ 15.482460] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.482482] ? calculate_sigpending+0x7b/0xa0 [ 15.482507] ? __pfx_kthread+0x10/0x10 [ 15.482529] ret_from_fork+0x116/0x1d0 [ 15.482548] ? __pfx_kthread+0x10/0x10 [ 15.482569] ret_from_fork_asm+0x1a/0x30 [ 15.482602] </TASK> [ 15.482612] [ 15.492971] Allocated by task 282: [ 15.493186] kasan_save_stack+0x45/0x70 [ 15.493391] kasan_save_track+0x18/0x40 [ 15.493901] kasan_save_alloc_info+0x3b/0x50 [ 15.494200] __kasan_kmalloc+0xb7/0xc0 [ 15.494791] __kmalloc_cache_noprof+0x189/0x420 [ 15.495030] kasan_atomics+0x95/0x310 [ 15.495172] kunit_try_run_case+0x1a5/0x480 [ 15.495377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.495614] kthread+0x337/0x6f0 [ 15.495798] ret_from_fork+0x116/0x1d0 [ 15.495970] ret_from_fork_asm+0x1a/0x30 [ 15.496179] [ 15.496281] The buggy address belongs to the object at ffff88810342d080 [ 15.496281] which belongs to the cache kmalloc-64 of size 64 [ 15.496764] The buggy address is located 0 bytes to the right of [ 15.496764] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.497214] [ 15.497318] The buggy address belongs to the physical page: [ 15.497673] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.497947] flags: 0x200000000000000(node=0|zone=2) [ 15.498200] page_type: f5(slab) [ 15.498376] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.498928] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.499239] page dumped because: kasan: bad access detected [ 15.499860] [ 15.500005] Memory state around the buggy address: [ 15.500214] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.500738] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.501159] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.501442] ^ [ 15.501792] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.502105] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.502400] ================================================================== [ 15.642886] ================================================================== [ 15.643256] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.643589] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.643815] [ 15.643905] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.643951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.643963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.643987] Call Trace: [ 15.644007] <TASK> [ 15.644039] dump_stack_lvl+0x73/0xb0 [ 15.644069] print_report+0xd1/0x610 [ 15.644092] ? __virt_addr_valid+0x1db/0x2d0 [ 15.644116] ? kasan_atomics_helper+0x1217/0x5450 [ 15.644138] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.644162] ? kasan_atomics_helper+0x1217/0x5450 [ 15.644185] kasan_report+0x141/0x180 [ 15.644208] ? kasan_atomics_helper+0x1217/0x5450 [ 15.644234] kasan_check_range+0x10c/0x1c0 [ 15.644259] __kasan_check_write+0x18/0x20 [ 15.644279] kasan_atomics_helper+0x1217/0x5450 [ 15.644303] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.644326] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.644352] ? kasan_atomics+0x152/0x310 [ 15.644380] kasan_atomics+0x1dc/0x310 [ 15.644403] ? __pfx_kasan_atomics+0x10/0x10 [ 15.644428] ? __pfx_read_tsc+0x10/0x10 [ 15.644449] ? ktime_get_ts64+0x86/0x230 [ 15.644475] kunit_try_run_case+0x1a5/0x480 [ 15.644500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.644523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.644548] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.644573] ? __kthread_parkme+0x82/0x180 [ 15.644595] ? preempt_count_sub+0x50/0x80 [ 15.644619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.644644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.644669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.644695] kthread+0x337/0x6f0 [ 15.644714] ? trace_preempt_on+0x20/0xc0 [ 15.644738] ? __pfx_kthread+0x10/0x10 [ 15.644758] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.644781] ? calculate_sigpending+0x7b/0xa0 [ 15.644806] ? __pfx_kthread+0x10/0x10 [ 15.644827] ret_from_fork+0x116/0x1d0 [ 15.644851] ? __pfx_kthread+0x10/0x10 [ 15.644872] ret_from_fork_asm+0x1a/0x30 [ 15.644903] </TASK> [ 15.644914] [ 15.658823] Allocated by task 282: [ 15.659048] kasan_save_stack+0x45/0x70 [ 15.659276] kasan_save_track+0x18/0x40 [ 15.660065] kasan_save_alloc_info+0x3b/0x50 [ 15.660335] __kasan_kmalloc+0xb7/0xc0 [ 15.660486] __kmalloc_cache_noprof+0x189/0x420 [ 15.660652] kasan_atomics+0x95/0x310 [ 15.660788] kunit_try_run_case+0x1a5/0x480 [ 15.660946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.661533] kthread+0x337/0x6f0 [ 15.661718] ret_from_fork+0x116/0x1d0 [ 15.661853] ret_from_fork_asm+0x1a/0x30 [ 15.661997] [ 15.662310] The buggy address belongs to the object at ffff88810342d080 [ 15.662310] which belongs to the cache kmalloc-64 of size 64 [ 15.663458] The buggy address is located 0 bytes to the right of [ 15.663458] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.664207] [ 15.664288] The buggy address belongs to the physical page: [ 15.664657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.665369] flags: 0x200000000000000(node=0|zone=2) [ 15.665858] page_type: f5(slab) [ 15.666188] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.666698] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.666937] page dumped because: kasan: bad access detected [ 15.667430] [ 15.667630] Memory state around the buggy address: [ 15.667967] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.668198] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.668440] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.669154] ^ [ 15.669626] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.670256] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.670882] ================================================================== [ 16.067075] ================================================================== [ 16.067426] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.067695] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.067920] [ 16.068034] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.068081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.068094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.068116] Call Trace: [ 16.068136] <TASK> [ 16.068156] dump_stack_lvl+0x73/0xb0 [ 16.068184] print_report+0xd1/0x610 [ 16.068207] ? __virt_addr_valid+0x1db/0x2d0 [ 16.068234] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.068257] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.068280] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.068304] kasan_report+0x141/0x180 [ 16.068327] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.068355] kasan_check_range+0x10c/0x1c0 [ 16.068379] __kasan_check_write+0x18/0x20 [ 16.068399] kasan_atomics_helper+0x1d7a/0x5450 [ 16.068423] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.068448] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.068474] ? kasan_atomics+0x152/0x310 [ 16.068500] kasan_atomics+0x1dc/0x310 [ 16.068523] ? __pfx_kasan_atomics+0x10/0x10 [ 16.068547] ? __pfx_read_tsc+0x10/0x10 [ 16.068569] ? ktime_get_ts64+0x86/0x230 [ 16.068594] kunit_try_run_case+0x1a5/0x480 [ 16.068620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.068643] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.068669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.068693] ? __kthread_parkme+0x82/0x180 [ 16.068714] ? preempt_count_sub+0x50/0x80 [ 16.068740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.068764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.068790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.068815] kthread+0x337/0x6f0 [ 16.068835] ? trace_preempt_on+0x20/0xc0 [ 16.068866] ? __pfx_kthread+0x10/0x10 [ 16.068887] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.068923] ? calculate_sigpending+0x7b/0xa0 [ 16.068948] ? __pfx_kthread+0x10/0x10 [ 16.068970] ret_from_fork+0x116/0x1d0 [ 16.068989] ? __pfx_kthread+0x10/0x10 [ 16.069020] ret_from_fork_asm+0x1a/0x30 [ 16.069051] </TASK> [ 16.069062] [ 16.076525] Allocated by task 282: [ 16.076725] kasan_save_stack+0x45/0x70 [ 16.076937] kasan_save_track+0x18/0x40 [ 16.077151] kasan_save_alloc_info+0x3b/0x50 [ 16.077374] __kasan_kmalloc+0xb7/0xc0 [ 16.077590] __kmalloc_cache_noprof+0x189/0x420 [ 16.077780] kasan_atomics+0x95/0x310 [ 16.077910] kunit_try_run_case+0x1a5/0x480 [ 16.078064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.078236] kthread+0x337/0x6f0 [ 16.078388] ret_from_fork+0x116/0x1d0 [ 16.078808] ret_from_fork_asm+0x1a/0x30 [ 16.079008] [ 16.079115] The buggy address belongs to the object at ffff88810342d080 [ 16.079115] which belongs to the cache kmalloc-64 of size 64 [ 16.079835] The buggy address is located 0 bytes to the right of [ 16.079835] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.080286] [ 16.080384] The buggy address belongs to the physical page: [ 16.080750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.081050] flags: 0x200000000000000(node=0|zone=2) [ 16.081265] page_type: f5(slab) [ 16.081437] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.081739] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.082039] page dumped because: kasan: bad access detected [ 16.082251] [ 16.082326] Memory state around the buggy address: [ 16.082560] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.082844] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.083119] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.083388] ^ [ 16.083643] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.083877] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.084161] ================================================================== [ 16.188978] ================================================================== [ 16.189695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.190363] Read of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.190906] [ 16.191132] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.191182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.191194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.191218] Call Trace: [ 16.191240] <TASK> [ 16.191262] dump_stack_lvl+0x73/0xb0 [ 16.191304] print_report+0xd1/0x610 [ 16.191327] ? __virt_addr_valid+0x1db/0x2d0 [ 16.191362] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.191385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.191426] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.191450] kasan_report+0x141/0x180 [ 16.191473] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.191499] __asan_report_load8_noabort+0x18/0x20 [ 16.191525] kasan_atomics_helper+0x4f98/0x5450 [ 16.191549] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.191571] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.191597] ? kasan_atomics+0x152/0x310 [ 16.191624] kasan_atomics+0x1dc/0x310 [ 16.191646] ? __pfx_kasan_atomics+0x10/0x10 [ 16.191671] ? __pfx_read_tsc+0x10/0x10 [ 16.191693] ? ktime_get_ts64+0x86/0x230 [ 16.191719] kunit_try_run_case+0x1a5/0x480 [ 16.191745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.191768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.191794] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.191818] ? __kthread_parkme+0x82/0x180 [ 16.191840] ? preempt_count_sub+0x50/0x80 [ 16.191864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.191889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.191915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.191941] kthread+0x337/0x6f0 [ 16.191963] ? trace_preempt_on+0x20/0xc0 [ 16.191987] ? __pfx_kthread+0x10/0x10 [ 16.192021] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.192044] ? calculate_sigpending+0x7b/0xa0 [ 16.192069] ? __pfx_kthread+0x10/0x10 [ 16.192091] ret_from_fork+0x116/0x1d0 [ 16.192109] ? __pfx_kthread+0x10/0x10 [ 16.192130] ret_from_fork_asm+0x1a/0x30 [ 16.192162] </TASK> [ 16.192174] [ 16.202703] Allocated by task 282: [ 16.202870] kasan_save_stack+0x45/0x70 [ 16.203178] kasan_save_track+0x18/0x40 [ 16.203337] kasan_save_alloc_info+0x3b/0x50 [ 16.203573] __kasan_kmalloc+0xb7/0xc0 [ 16.203782] __kmalloc_cache_noprof+0x189/0x420 [ 16.204002] kasan_atomics+0x95/0x310 [ 16.204203] kunit_try_run_case+0x1a5/0x480 [ 16.204428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.204670] kthread+0x337/0x6f0 [ 16.204792] ret_from_fork+0x116/0x1d0 [ 16.204932] ret_from_fork_asm+0x1a/0x30 [ 16.205090] [ 16.205209] The buggy address belongs to the object at ffff88810342d080 [ 16.205209] which belongs to the cache kmalloc-64 of size 64 [ 16.205764] The buggy address is located 0 bytes to the right of [ 16.205764] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.206300] [ 16.206425] The buggy address belongs to the physical page: [ 16.206599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.206927] flags: 0x200000000000000(node=0|zone=2) [ 16.207199] page_type: f5(slab) [ 16.207375] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.207718] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.208056] page dumped because: kasan: bad access detected [ 16.208295] [ 16.208394] Memory state around the buggy address: [ 16.208633] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.208951] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.209251] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.209572] ^ [ 16.209729] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.210115] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.210362] ================================================================== [ 15.503389] ================================================================== [ 15.504112] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.504448] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.504934] [ 15.505309] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.505423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.505437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.505461] Call Trace: [ 15.505481] <TASK> [ 15.505503] dump_stack_lvl+0x73/0xb0 [ 15.505636] print_report+0xd1/0x610 [ 15.505662] ? __virt_addr_valid+0x1db/0x2d0 [ 15.505688] ? kasan_atomics_helper+0xf10/0x5450 [ 15.505710] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.505739] ? kasan_atomics_helper+0xf10/0x5450 [ 15.505762] kasan_report+0x141/0x180 [ 15.505785] ? kasan_atomics_helper+0xf10/0x5450 [ 15.505812] kasan_check_range+0x10c/0x1c0 [ 15.505838] __kasan_check_write+0x18/0x20 [ 15.505861] kasan_atomics_helper+0xf10/0x5450 [ 15.505886] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.505911] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.505938] ? kasan_atomics+0x152/0x310 [ 15.505965] kasan_atomics+0x1dc/0x310 [ 15.505987] ? __pfx_kasan_atomics+0x10/0x10 [ 15.506024] ? __pfx_read_tsc+0x10/0x10 [ 15.506046] ? ktime_get_ts64+0x86/0x230 [ 15.506072] kunit_try_run_case+0x1a5/0x480 [ 15.506099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.506122] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.506147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.506172] ? __kthread_parkme+0x82/0x180 [ 15.506193] ? preempt_count_sub+0x50/0x80 [ 15.506219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.506243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.506268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.506293] kthread+0x337/0x6f0 [ 15.506312] ? trace_preempt_on+0x20/0xc0 [ 15.506335] ? __pfx_kthread+0x10/0x10 [ 15.506356] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.506378] ? calculate_sigpending+0x7b/0xa0 [ 15.506403] ? __pfx_kthread+0x10/0x10 [ 15.506425] ret_from_fork+0x116/0x1d0 [ 15.506445] ? __pfx_kthread+0x10/0x10 [ 15.506466] ret_from_fork_asm+0x1a/0x30 [ 15.506498] </TASK> [ 15.506509] [ 15.519787] Allocated by task 282: [ 15.519947] kasan_save_stack+0x45/0x70 [ 15.520129] kasan_save_track+0x18/0x40 [ 15.520267] kasan_save_alloc_info+0x3b/0x50 [ 15.520417] __kasan_kmalloc+0xb7/0xc0 [ 15.520756] __kmalloc_cache_noprof+0x189/0x420 [ 15.521170] kasan_atomics+0x95/0x310 [ 15.521495] kunit_try_run_case+0x1a5/0x480 [ 15.521945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.522419] kthread+0x337/0x6f0 [ 15.522732] ret_from_fork+0x116/0x1d0 [ 15.523089] ret_from_fork_asm+0x1a/0x30 [ 15.523458] [ 15.523616] The buggy address belongs to the object at ffff88810342d080 [ 15.523616] which belongs to the cache kmalloc-64 of size 64 [ 15.524674] The buggy address is located 0 bytes to the right of [ 15.524674] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.525791] [ 15.525952] The buggy address belongs to the physical page: [ 15.526156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.526400] flags: 0x200000000000000(node=0|zone=2) [ 15.526846] page_type: f5(slab) [ 15.527151] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.527981] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.528800] page dumped because: kasan: bad access detected [ 15.529243] [ 15.529315] Memory state around the buggy address: [ 15.529540] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.530154] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.530878] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.531211] ^ [ 15.531370] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.531921] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532544] ================================================================== [ 15.710133] ================================================================== [ 15.710536] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.710858] Read of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.711187] [ 15.711305] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.711352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.711364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.711387] Call Trace: [ 15.711455] <TASK> [ 15.711477] dump_stack_lvl+0x73/0xb0 [ 15.711509] print_report+0xd1/0x610 [ 15.711543] ? __virt_addr_valid+0x1db/0x2d0 [ 15.711567] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.711589] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.711613] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.711636] kasan_report+0x141/0x180 [ 15.711659] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.711685] __asan_report_load4_noabort+0x18/0x20 [ 15.711710] kasan_atomics_helper+0x49ce/0x5450 [ 15.711736] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.711759] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.711801] ? kasan_atomics+0x152/0x310 [ 15.711828] kasan_atomics+0x1dc/0x310 [ 15.711852] ? __pfx_kasan_atomics+0x10/0x10 [ 15.711876] ? __pfx_read_tsc+0x10/0x10 [ 15.711899] ? ktime_get_ts64+0x86/0x230 [ 15.711924] kunit_try_run_case+0x1a5/0x480 [ 15.711950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.711973] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.711999] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.712033] ? __kthread_parkme+0x82/0x180 [ 15.712055] ? preempt_count_sub+0x50/0x80 [ 15.712080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.712104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.712128] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.712153] kthread+0x337/0x6f0 [ 15.712173] ? trace_preempt_on+0x20/0xc0 [ 15.712197] ? __pfx_kthread+0x10/0x10 [ 15.712218] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.712240] ? calculate_sigpending+0x7b/0xa0 [ 15.712265] ? __pfx_kthread+0x10/0x10 [ 15.712286] ret_from_fork+0x116/0x1d0 [ 15.712306] ? __pfx_kthread+0x10/0x10 [ 15.712327] ret_from_fork_asm+0x1a/0x30 [ 15.712358] </TASK> [ 15.712368] [ 15.719792] Allocated by task 282: [ 15.719997] kasan_save_stack+0x45/0x70 [ 15.720218] kasan_save_track+0x18/0x40 [ 15.720373] kasan_save_alloc_info+0x3b/0x50 [ 15.720562] __kasan_kmalloc+0xb7/0xc0 [ 15.720737] __kmalloc_cache_noprof+0x189/0x420 [ 15.720917] kasan_atomics+0x95/0x310 [ 15.721180] kunit_try_run_case+0x1a5/0x480 [ 15.721326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.721521] kthread+0x337/0x6f0 [ 15.721640] ret_from_fork+0x116/0x1d0 [ 15.721769] ret_from_fork_asm+0x1a/0x30 [ 15.721904] [ 15.722030] The buggy address belongs to the object at ffff88810342d080 [ 15.722030] which belongs to the cache kmalloc-64 of size 64 [ 15.722586] The buggy address is located 0 bytes to the right of [ 15.722586] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.723124] [ 15.723222] The buggy address belongs to the physical page: [ 15.723488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.723721] flags: 0x200000000000000(node=0|zone=2) [ 15.723881] page_type: f5(slab) [ 15.724005] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.724240] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.724483] page dumped because: kasan: bad access detected [ 15.724736] [ 15.724886] Memory state around the buggy address: [ 15.725131] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.725483] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.725810] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.726139] ^ [ 15.726474] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.726802] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.727132] ================================================================== [ 15.991323] ================================================================== [ 15.992069] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.992347] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.992814] [ 15.992913] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.992959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.992972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.992995] Call Trace: [ 15.993027] <TASK> [ 15.993048] dump_stack_lvl+0x73/0xb0 [ 15.993079] print_report+0xd1/0x610 [ 15.993102] ? __virt_addr_valid+0x1db/0x2d0 [ 15.993126] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.993148] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.993172] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.993195] kasan_report+0x141/0x180 [ 15.993218] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.993245] kasan_check_range+0x10c/0x1c0 [ 15.993269] __kasan_check_write+0x18/0x20 [ 15.993289] kasan_atomics_helper+0x1b22/0x5450 [ 15.993312] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.993335] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.993362] ? kasan_atomics+0x152/0x310 [ 15.993388] kasan_atomics+0x1dc/0x310 [ 15.993411] ? __pfx_kasan_atomics+0x10/0x10 [ 15.993435] ? __pfx_read_tsc+0x10/0x10 [ 15.993457] ? ktime_get_ts64+0x86/0x230 [ 15.993482] kunit_try_run_case+0x1a5/0x480 [ 15.993508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.993531] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.993557] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.993583] ? __kthread_parkme+0x82/0x180 [ 15.993604] ? preempt_count_sub+0x50/0x80 [ 15.993629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.993653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.993678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.993703] kthread+0x337/0x6f0 [ 15.993722] ? trace_preempt_on+0x20/0xc0 [ 15.993746] ? __pfx_kthread+0x10/0x10 [ 15.993767] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.993789] ? calculate_sigpending+0x7b/0xa0 [ 15.993814] ? __pfx_kthread+0x10/0x10 [ 15.993835] ret_from_fork+0x116/0x1d0 [ 15.993854] ? __pfx_kthread+0x10/0x10 [ 15.993874] ret_from_fork_asm+0x1a/0x30 [ 15.993906] </TASK> [ 15.993917] [ 16.001901] Allocated by task 282: [ 16.002110] kasan_save_stack+0x45/0x70 [ 16.002320] kasan_save_track+0x18/0x40 [ 16.002616] kasan_save_alloc_info+0x3b/0x50 [ 16.002851] __kasan_kmalloc+0xb7/0xc0 [ 16.003058] __kmalloc_cache_noprof+0x189/0x420 [ 16.003279] kasan_atomics+0x95/0x310 [ 16.003469] kunit_try_run_case+0x1a5/0x480 [ 16.003618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.003789] kthread+0x337/0x6f0 [ 16.003908] ret_from_fork+0x116/0x1d0 [ 16.004049] ret_from_fork_asm+0x1a/0x30 [ 16.004187] [ 16.004259] The buggy address belongs to the object at ffff88810342d080 [ 16.004259] which belongs to the cache kmalloc-64 of size 64 [ 16.004598] The buggy address is located 0 bytes to the right of [ 16.004598] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.004956] [ 16.005039] The buggy address belongs to the physical page: [ 16.005292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.005650] flags: 0x200000000000000(node=0|zone=2) [ 16.005881] page_type: f5(slab) [ 16.006061] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.006502] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.006847] page dumped because: kasan: bad access detected [ 16.007115] [ 16.007210] Memory state around the buggy address: [ 16.007485] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.007836] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.008198] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.008555] ^ [ 16.008789] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.009100] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.009386] ================================================================== [ 15.766770] ================================================================== [ 15.767250] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.767599] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.767881] [ 15.767994] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.768050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.768063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.768085] Call Trace: [ 15.768105] <TASK> [ 15.768126] dump_stack_lvl+0x73/0xb0 [ 15.768166] print_report+0xd1/0x610 [ 15.768190] ? __virt_addr_valid+0x1db/0x2d0 [ 15.768214] ? kasan_atomics_helper+0x1467/0x5450 [ 15.768248] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.768272] ? kasan_atomics_helper+0x1467/0x5450 [ 15.768306] kasan_report+0x141/0x180 [ 15.768329] ? kasan_atomics_helper+0x1467/0x5450 [ 15.768359] kasan_check_range+0x10c/0x1c0 [ 15.768383] __kasan_check_write+0x18/0x20 [ 15.768404] kasan_atomics_helper+0x1467/0x5450 [ 15.768447] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.768471] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.768498] ? kasan_atomics+0x152/0x310 [ 15.768526] kasan_atomics+0x1dc/0x310 [ 15.768549] ? __pfx_kasan_atomics+0x10/0x10 [ 15.768574] ? __pfx_read_tsc+0x10/0x10 [ 15.768595] ? ktime_get_ts64+0x86/0x230 [ 15.768621] kunit_try_run_case+0x1a5/0x480 [ 15.768657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.768679] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.768715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.768748] ? __kthread_parkme+0x82/0x180 [ 15.768769] ? preempt_count_sub+0x50/0x80 [ 15.768795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.768831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.768859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.768894] kthread+0x337/0x6f0 [ 15.768914] ? trace_preempt_on+0x20/0xc0 [ 15.768937] ? __pfx_kthread+0x10/0x10 [ 15.768958] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.768981] ? calculate_sigpending+0x7b/0xa0 [ 15.769006] ? __pfx_kthread+0x10/0x10 [ 15.769036] ret_from_fork+0x116/0x1d0 [ 15.769055] ? __pfx_kthread+0x10/0x10 [ 15.769075] ret_from_fork_asm+0x1a/0x30 [ 15.769116] </TASK> [ 15.769126] [ 15.776492] Allocated by task 282: [ 15.776640] kasan_save_stack+0x45/0x70 [ 15.776794] kasan_save_track+0x18/0x40 [ 15.776959] kasan_save_alloc_info+0x3b/0x50 [ 15.777184] __kasan_kmalloc+0xb7/0xc0 [ 15.777399] __kmalloc_cache_noprof+0x189/0x420 [ 15.777644] kasan_atomics+0x95/0x310 [ 15.777844] kunit_try_run_case+0x1a5/0x480 [ 15.778074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.778350] kthread+0x337/0x6f0 [ 15.778537] ret_from_fork+0x116/0x1d0 [ 15.778750] ret_from_fork_asm+0x1a/0x30 [ 15.778927] [ 15.779026] The buggy address belongs to the object at ffff88810342d080 [ 15.779026] which belongs to the cache kmalloc-64 of size 64 [ 15.779530] The buggy address is located 0 bytes to the right of [ 15.779530] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.780053] [ 15.780157] The buggy address belongs to the physical page: [ 15.780394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.780679] flags: 0x200000000000000(node=0|zone=2) [ 15.780853] page_type: f5(slab) [ 15.780977] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.781220] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.781515] page dumped because: kasan: bad access detected [ 15.781776] [ 15.781868] Memory state around the buggy address: [ 15.782102] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.782436] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.782773] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.783091] ^ [ 15.783317] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.783678] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.783984] ================================================================== [ 15.276111] ================================================================== [ 15.276431] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.276781] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.277034] [ 15.277126] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.277174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.277187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.277209] Call Trace: [ 15.277229] <TASK> [ 15.277250] dump_stack_lvl+0x73/0xb0 [ 15.277278] print_report+0xd1/0x610 [ 15.277301] ? __virt_addr_valid+0x1db/0x2d0 [ 15.277324] ? kasan_atomics_helper+0x992/0x5450 [ 15.277344] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.277367] ? kasan_atomics_helper+0x992/0x5450 [ 15.277388] kasan_report+0x141/0x180 [ 15.277410] ? kasan_atomics_helper+0x992/0x5450 [ 15.277436] kasan_check_range+0x10c/0x1c0 [ 15.277472] __kasan_check_write+0x18/0x20 [ 15.277502] kasan_atomics_helper+0x992/0x5450 [ 15.277525] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.277561] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.277587] ? kasan_atomics+0x152/0x310 [ 15.277614] kasan_atomics+0x1dc/0x310 [ 15.277637] ? __pfx_kasan_atomics+0x10/0x10 [ 15.277661] ? __pfx_read_tsc+0x10/0x10 [ 15.277685] ? ktime_get_ts64+0x86/0x230 [ 15.277710] kunit_try_run_case+0x1a5/0x480 [ 15.277736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.277759] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.277785] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.277809] ? __kthread_parkme+0x82/0x180 [ 15.277831] ? preempt_count_sub+0x50/0x80 [ 15.277856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.277880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.277906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.277932] kthread+0x337/0x6f0 [ 15.277953] ? trace_preempt_on+0x20/0xc0 [ 15.277977] ? __pfx_kthread+0x10/0x10 [ 15.277998] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.278032] ? calculate_sigpending+0x7b/0xa0 [ 15.278057] ? __pfx_kthread+0x10/0x10 [ 15.278079] ret_from_fork+0x116/0x1d0 [ 15.278098] ? __pfx_kthread+0x10/0x10 [ 15.278119] ret_from_fork_asm+0x1a/0x30 [ 15.278151] </TASK> [ 15.278163] [ 15.286107] Allocated by task 282: [ 15.286321] kasan_save_stack+0x45/0x70 [ 15.286594] kasan_save_track+0x18/0x40 [ 15.286783] kasan_save_alloc_info+0x3b/0x50 [ 15.286988] __kasan_kmalloc+0xb7/0xc0 [ 15.287144] __kmalloc_cache_noprof+0x189/0x420 [ 15.287340] kasan_atomics+0x95/0x310 [ 15.287594] kunit_try_run_case+0x1a5/0x480 [ 15.287789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.288047] kthread+0x337/0x6f0 [ 15.288242] ret_from_fork+0x116/0x1d0 [ 15.288398] ret_from_fork_asm+0x1a/0x30 [ 15.288633] [ 15.288725] The buggy address belongs to the object at ffff88810342d080 [ 15.288725] which belongs to the cache kmalloc-64 of size 64 [ 15.289230] The buggy address is located 0 bytes to the right of [ 15.289230] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.289800] [ 15.289925] The buggy address belongs to the physical page: [ 15.290132] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.290376] flags: 0x200000000000000(node=0|zone=2) [ 15.290849] page_type: f5(slab) [ 15.291052] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.291394] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.291732] page dumped because: kasan: bad access detected [ 15.291987] [ 15.292097] Memory state around the buggy address: [ 15.292298] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.292617] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.292921] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.293247] ^ [ 15.293491] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.293804] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.294122] ================================================================== [ 16.010168] ================================================================== [ 16.010889] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.011747] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.012137] [ 16.012234] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.012283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.012296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.012320] Call Trace: [ 16.012342] <TASK> [ 16.012363] dump_stack_lvl+0x73/0xb0 [ 16.012394] print_report+0xd1/0x610 [ 16.012418] ? __virt_addr_valid+0x1db/0x2d0 [ 16.012442] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.012464] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.012488] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.012512] kasan_report+0x141/0x180 [ 16.012534] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.012561] kasan_check_range+0x10c/0x1c0 [ 16.012586] __kasan_check_write+0x18/0x20 [ 16.012606] kasan_atomics_helper+0x1c18/0x5450 [ 16.012630] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.012653] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.012679] ? kasan_atomics+0x152/0x310 [ 16.012706] kasan_atomics+0x1dc/0x310 [ 16.012728] ? __pfx_kasan_atomics+0x10/0x10 [ 16.012753] ? __pfx_read_tsc+0x10/0x10 [ 16.012775] ? ktime_get_ts64+0x86/0x230 [ 16.012801] kunit_try_run_case+0x1a5/0x480 [ 16.012828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.012855] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.012881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.012907] ? __kthread_parkme+0x82/0x180 [ 16.012928] ? preempt_count_sub+0x50/0x80 [ 16.012953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.012977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.013001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.013039] kthread+0x337/0x6f0 [ 16.013058] ? trace_preempt_on+0x20/0xc0 [ 16.013083] ? __pfx_kthread+0x10/0x10 [ 16.013104] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.013127] ? calculate_sigpending+0x7b/0xa0 [ 16.013151] ? __pfx_kthread+0x10/0x10 [ 16.013172] ret_from_fork+0x116/0x1d0 [ 16.013192] ? __pfx_kthread+0x10/0x10 [ 16.013212] ret_from_fork_asm+0x1a/0x30 [ 16.013243] </TASK> [ 16.013254] [ 16.021410] Allocated by task 282: [ 16.021606] kasan_save_stack+0x45/0x70 [ 16.021815] kasan_save_track+0x18/0x40 [ 16.022035] kasan_save_alloc_info+0x3b/0x50 [ 16.022230] __kasan_kmalloc+0xb7/0xc0 [ 16.022366] __kmalloc_cache_noprof+0x189/0x420 [ 16.022795] kasan_atomics+0x95/0x310 [ 16.023003] kunit_try_run_case+0x1a5/0x480 [ 16.023211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.023387] kthread+0x337/0x6f0 [ 16.023721] ret_from_fork+0x116/0x1d0 [ 16.023910] ret_from_fork_asm+0x1a/0x30 [ 16.024064] [ 16.024137] The buggy address belongs to the object at ffff88810342d080 [ 16.024137] which belongs to the cache kmalloc-64 of size 64 [ 16.024653] The buggy address is located 0 bytes to the right of [ 16.024653] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.025198] [ 16.025276] The buggy address belongs to the physical page: [ 16.025524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.025902] flags: 0x200000000000000(node=0|zone=2) [ 16.026149] page_type: f5(slab) [ 16.026322] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.026772] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.027118] page dumped because: kasan: bad access detected [ 16.027306] [ 16.027378] Memory state around the buggy address: [ 16.027792] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.028131] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.028393] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.028608] ^ [ 16.028764] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.028987] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.029316] ================================================================== [ 16.120959] ================================================================== [ 16.121280] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.122224] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.122564] [ 16.122665] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.122714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.122727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.122750] Call Trace: [ 16.122774] <TASK> [ 16.122795] dump_stack_lvl+0x73/0xb0 [ 16.122830] print_report+0xd1/0x610 [ 16.122855] ? __virt_addr_valid+0x1db/0x2d0 [ 16.122880] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.122902] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.122925] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.122947] kasan_report+0x141/0x180 [ 16.122970] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.122997] kasan_check_range+0x10c/0x1c0 [ 16.123034] __kasan_check_write+0x18/0x20 [ 16.123054] kasan_atomics_helper+0x1f43/0x5450 [ 16.123078] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.123101] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.123127] ? kasan_atomics+0x152/0x310 [ 16.123154] kasan_atomics+0x1dc/0x310 [ 16.123177] ? __pfx_kasan_atomics+0x10/0x10 [ 16.123201] ? __pfx_read_tsc+0x10/0x10 [ 16.123223] ? ktime_get_ts64+0x86/0x230 [ 16.123248] kunit_try_run_case+0x1a5/0x480 [ 16.123274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.123297] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.123322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.123356] ? __kthread_parkme+0x82/0x180 [ 16.123379] ? preempt_count_sub+0x50/0x80 [ 16.123404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.123440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.123493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.123518] kthread+0x337/0x6f0 [ 16.123538] ? trace_preempt_on+0x20/0xc0 [ 16.123563] ? __pfx_kthread+0x10/0x10 [ 16.123585] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.123608] ? calculate_sigpending+0x7b/0xa0 [ 16.123633] ? __pfx_kthread+0x10/0x10 [ 16.123655] ret_from_fork+0x116/0x1d0 [ 16.123675] ? __pfx_kthread+0x10/0x10 [ 16.123695] ret_from_fork_asm+0x1a/0x30 [ 16.123728] </TASK> [ 16.123740] [ 16.131265] Allocated by task 282: [ 16.131460] kasan_save_stack+0x45/0x70 [ 16.131836] kasan_save_track+0x18/0x40 [ 16.131969] kasan_save_alloc_info+0x3b/0x50 [ 16.132186] __kasan_kmalloc+0xb7/0xc0 [ 16.132391] __kmalloc_cache_noprof+0x189/0x420 [ 16.132620] kasan_atomics+0x95/0x310 [ 16.132771] kunit_try_run_case+0x1a5/0x480 [ 16.132919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.133143] kthread+0x337/0x6f0 [ 16.133310] ret_from_fork+0x116/0x1d0 [ 16.133573] ret_from_fork_asm+0x1a/0x30 [ 16.133766] [ 16.133863] The buggy address belongs to the object at ffff88810342d080 [ 16.133863] which belongs to the cache kmalloc-64 of size 64 [ 16.134313] The buggy address is located 0 bytes to the right of [ 16.134313] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.134941] [ 16.135034] The buggy address belongs to the physical page: [ 16.135204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.135436] flags: 0x200000000000000(node=0|zone=2) [ 16.135599] page_type: f5(slab) [ 16.135722] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.135945] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.136175] page dumped because: kasan: bad access detected [ 16.136343] [ 16.136410] Memory state around the buggy address: [ 16.136622] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.136936] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.137475] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.137783] ^ [ 16.137998] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.138315] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.138616] ================================================================== [ 16.101830] ================================================================== [ 16.102149] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.102455] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.102758] [ 16.102876] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.102922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.102933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.102956] Call Trace: [ 16.102976] <TASK> [ 16.102996] dump_stack_lvl+0x73/0xb0 [ 16.103039] print_report+0xd1/0x610 [ 16.103062] ? __virt_addr_valid+0x1db/0x2d0 [ 16.103085] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.103107] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.103131] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.103154] kasan_report+0x141/0x180 [ 16.103177] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.103203] kasan_check_range+0x10c/0x1c0 [ 16.103227] __kasan_check_write+0x18/0x20 [ 16.103247] kasan_atomics_helper+0x1eaa/0x5450 [ 16.103271] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.103294] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.103319] ? kasan_atomics+0x152/0x310 [ 16.103346] kasan_atomics+0x1dc/0x310 [ 16.103369] ? __pfx_kasan_atomics+0x10/0x10 [ 16.103393] ? __pfx_read_tsc+0x10/0x10 [ 16.103415] ? ktime_get_ts64+0x86/0x230 [ 16.103451] kunit_try_run_case+0x1a5/0x480 [ 16.103477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.103499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.103524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.103549] ? __kthread_parkme+0x82/0x180 [ 16.103571] ? preempt_count_sub+0x50/0x80 [ 16.103596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.103620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.103645] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.103671] kthread+0x337/0x6f0 [ 16.103691] ? trace_preempt_on+0x20/0xc0 [ 16.103715] ? __pfx_kthread+0x10/0x10 [ 16.103735] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.103760] ? calculate_sigpending+0x7b/0xa0 [ 16.103785] ? __pfx_kthread+0x10/0x10 [ 16.103807] ret_from_fork+0x116/0x1d0 [ 16.103826] ? __pfx_kthread+0x10/0x10 [ 16.103846] ret_from_fork_asm+0x1a/0x30 [ 16.103878] </TASK> [ 16.103889] [ 16.111773] Allocated by task 282: [ 16.111932] kasan_save_stack+0x45/0x70 [ 16.112095] kasan_save_track+0x18/0x40 [ 16.112265] kasan_save_alloc_info+0x3b/0x50 [ 16.112533] __kasan_kmalloc+0xb7/0xc0 [ 16.112723] __kmalloc_cache_noprof+0x189/0x420 [ 16.112956] kasan_atomics+0x95/0x310 [ 16.113105] kunit_try_run_case+0x1a5/0x480 [ 16.113315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.113498] kthread+0x337/0x6f0 [ 16.113619] ret_from_fork+0x116/0x1d0 [ 16.113749] ret_from_fork_asm+0x1a/0x30 [ 16.113886] [ 16.113957] The buggy address belongs to the object at ffff88810342d080 [ 16.113957] which belongs to the cache kmalloc-64 of size 64 [ 16.114828] The buggy address is located 0 bytes to the right of [ 16.114828] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.115397] [ 16.115569] The buggy address belongs to the physical page: [ 16.115801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.116067] flags: 0x200000000000000(node=0|zone=2) [ 16.116230] page_type: f5(slab) [ 16.116350] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.116879] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.117366] page dumped because: kasan: bad access detected [ 16.117823] [ 16.117922] Memory state around the buggy address: [ 16.118181] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.118438] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.118808] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.119137] ^ [ 16.119361] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.119696] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.119984] ================================================================== [ 15.147920] ================================================================== [ 15.148872] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.149392] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.149999] [ 15.150240] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.150288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.150310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.150332] Call Trace: [ 15.150354] <TASK> [ 15.150385] dump_stack_lvl+0x73/0xb0 [ 15.150417] print_report+0xd1/0x610 [ 15.150440] ? __virt_addr_valid+0x1db/0x2d0 [ 15.150465] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.150486] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.150511] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.150542] kasan_report+0x141/0x180 [ 15.150564] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.150591] kasan_check_range+0x10c/0x1c0 [ 15.150627] __kasan_check_write+0x18/0x20 [ 15.150646] kasan_atomics_helper+0x5fe/0x5450 [ 15.150670] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.150694] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.150720] ? kasan_atomics+0x152/0x310 [ 15.150748] kasan_atomics+0x1dc/0x310 [ 15.150771] ? __pfx_kasan_atomics+0x10/0x10 [ 15.150796] ? __pfx_read_tsc+0x10/0x10 [ 15.150817] ? ktime_get_ts64+0x86/0x230 [ 15.150843] kunit_try_run_case+0x1a5/0x480 [ 15.150869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.150892] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.150918] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.150942] ? __kthread_parkme+0x82/0x180 [ 15.150964] ? preempt_count_sub+0x50/0x80 [ 15.150988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.151022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.151050] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.151075] kthread+0x337/0x6f0 [ 15.151095] ? trace_preempt_on+0x20/0xc0 [ 15.151119] ? __pfx_kthread+0x10/0x10 [ 15.151139] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.151162] ? calculate_sigpending+0x7b/0xa0 [ 15.151187] ? __pfx_kthread+0x10/0x10 [ 15.151209] ret_from_fork+0x116/0x1d0 [ 15.151228] ? __pfx_kthread+0x10/0x10 [ 15.151248] ret_from_fork_asm+0x1a/0x30 [ 15.151280] </TASK> [ 15.151292] [ 15.163059] Allocated by task 282: [ 15.163216] kasan_save_stack+0x45/0x70 [ 15.163374] kasan_save_track+0x18/0x40 [ 15.163696] kasan_save_alloc_info+0x3b/0x50 [ 15.164088] __kasan_kmalloc+0xb7/0xc0 [ 15.164424] __kmalloc_cache_noprof+0x189/0x420 [ 15.164913] kasan_atomics+0x95/0x310 [ 15.165276] kunit_try_run_case+0x1a5/0x480 [ 15.165694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.166259] kthread+0x337/0x6f0 [ 15.166620] ret_from_fork+0x116/0x1d0 [ 15.167035] ret_from_fork_asm+0x1a/0x30 [ 15.167405] [ 15.167580] The buggy address belongs to the object at ffff88810342d080 [ 15.167580] which belongs to the cache kmalloc-64 of size 64 [ 15.168314] The buggy address is located 0 bytes to the right of [ 15.168314] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.168705] [ 15.168781] The buggy address belongs to the physical page: [ 15.168961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.169216] flags: 0x200000000000000(node=0|zone=2) [ 15.169383] page_type: f5(slab) [ 15.169559] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.169790] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.170292] page dumped because: kasan: bad access detected [ 15.170558] [ 15.170655] Memory state around the buggy address: [ 15.170869] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.171171] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.171508] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.171798] ^ [ 15.172038] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.172354] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.172671] ================================================================== [ 15.875824] ================================================================== [ 15.876375] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.876812] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.877176] [ 15.877294] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.877342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.877355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.877378] Call Trace: [ 15.877399] <TASK> [ 15.877438] dump_stack_lvl+0x73/0xb0 [ 15.877471] print_report+0xd1/0x610 [ 15.877494] ? __virt_addr_valid+0x1db/0x2d0 [ 15.877519] ? kasan_atomics_helper+0x177f/0x5450 [ 15.877541] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.877565] ? kasan_atomics_helper+0x177f/0x5450 [ 15.877589] kasan_report+0x141/0x180 [ 15.877611] ? kasan_atomics_helper+0x177f/0x5450 [ 15.877639] kasan_check_range+0x10c/0x1c0 [ 15.877665] __kasan_check_write+0x18/0x20 [ 15.877685] kasan_atomics_helper+0x177f/0x5450 [ 15.877709] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.877732] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.877759] ? kasan_atomics+0x152/0x310 [ 15.877786] kasan_atomics+0x1dc/0x310 [ 15.877810] ? __pfx_kasan_atomics+0x10/0x10 [ 15.877835] ? __pfx_read_tsc+0x10/0x10 [ 15.877857] ? ktime_get_ts64+0x86/0x230 [ 15.877883] kunit_try_run_case+0x1a5/0x480 [ 15.877910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.877933] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.877959] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.877983] ? __kthread_parkme+0x82/0x180 [ 15.878004] ? preempt_count_sub+0x50/0x80 [ 15.878039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.878063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.878087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.878113] kthread+0x337/0x6f0 [ 15.878132] ? trace_preempt_on+0x20/0xc0 [ 15.878156] ? __pfx_kthread+0x10/0x10 [ 15.878177] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.878198] ? calculate_sigpending+0x7b/0xa0 [ 15.878223] ? __pfx_kthread+0x10/0x10 [ 15.878244] ret_from_fork+0x116/0x1d0 [ 15.878264] ? __pfx_kthread+0x10/0x10 [ 15.878296] ret_from_fork_asm+0x1a/0x30 [ 15.878327] </TASK> [ 15.878338] [ 15.886408] Allocated by task 282: [ 15.886607] kasan_save_stack+0x45/0x70 [ 15.886818] kasan_save_track+0x18/0x40 [ 15.887007] kasan_save_alloc_info+0x3b/0x50 [ 15.887229] __kasan_kmalloc+0xb7/0xc0 [ 15.887413] __kmalloc_cache_noprof+0x189/0x420 [ 15.887649] kasan_atomics+0x95/0x310 [ 15.887834] kunit_try_run_case+0x1a5/0x480 [ 15.888022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.888201] kthread+0x337/0x6f0 [ 15.888360] ret_from_fork+0x116/0x1d0 [ 15.888693] ret_from_fork_asm+0x1a/0x30 [ 15.888899] [ 15.888991] The buggy address belongs to the object at ffff88810342d080 [ 15.888991] which belongs to the cache kmalloc-64 of size 64 [ 15.889466] The buggy address is located 0 bytes to the right of [ 15.889466] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.889932] [ 15.890040] The buggy address belongs to the physical page: [ 15.890294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.890643] flags: 0x200000000000000(node=0|zone=2) [ 15.890812] page_type: f5(slab) [ 15.890937] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.891182] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.891410] page dumped because: kasan: bad access detected [ 15.891643] [ 15.891733] Memory state around the buggy address: [ 15.891957] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.892279] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.892595] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.892854] ^ [ 15.893018] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.893234] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.893564] ================================================================== [ 15.727838] ================================================================== [ 15.728286] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.728764] Read of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.729104] [ 15.729251] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.729311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.729324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.729346] Call Trace: [ 15.729366] <TASK> [ 15.729386] dump_stack_lvl+0x73/0xb0 [ 15.729437] print_report+0xd1/0x610 [ 15.729461] ? __virt_addr_valid+0x1db/0x2d0 [ 15.729485] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.729508] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.729532] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.729555] kasan_report+0x141/0x180 [ 15.729578] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.729605] kasan_check_range+0x10c/0x1c0 [ 15.729629] __kasan_check_read+0x15/0x20 [ 15.729649] kasan_atomics_helper+0x13b5/0x5450 [ 15.729673] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.729695] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.729721] ? kasan_atomics+0x152/0x310 [ 15.729748] kasan_atomics+0x1dc/0x310 [ 15.729771] ? __pfx_kasan_atomics+0x10/0x10 [ 15.729796] ? __pfx_read_tsc+0x10/0x10 [ 15.729817] ? ktime_get_ts64+0x86/0x230 [ 15.729843] kunit_try_run_case+0x1a5/0x480 [ 15.729868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.729891] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.729916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.729941] ? __kthread_parkme+0x82/0x180 [ 15.729962] ? preempt_count_sub+0x50/0x80 [ 15.729987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.730020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.730048] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.730106] kthread+0x337/0x6f0 [ 15.730127] ? trace_preempt_on+0x20/0xc0 [ 15.730151] ? __pfx_kthread+0x10/0x10 [ 15.730183] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.730206] ? calculate_sigpending+0x7b/0xa0 [ 15.730231] ? __pfx_kthread+0x10/0x10 [ 15.730252] ret_from_fork+0x116/0x1d0 [ 15.730272] ? __pfx_kthread+0x10/0x10 [ 15.730293] ret_from_fork_asm+0x1a/0x30 [ 15.730353] </TASK> [ 15.730363] [ 15.738717] Allocated by task 282: [ 15.738913] kasan_save_stack+0x45/0x70 [ 15.739150] kasan_save_track+0x18/0x40 [ 15.739364] kasan_save_alloc_info+0x3b/0x50 [ 15.739543] __kasan_kmalloc+0xb7/0xc0 [ 15.739736] __kmalloc_cache_noprof+0x189/0x420 [ 15.740036] kasan_atomics+0x95/0x310 [ 15.740207] kunit_try_run_case+0x1a5/0x480 [ 15.740406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.740652] kthread+0x337/0x6f0 [ 15.740826] ret_from_fork+0x116/0x1d0 [ 15.741057] ret_from_fork_asm+0x1a/0x30 [ 15.741265] [ 15.741335] The buggy address belongs to the object at ffff88810342d080 [ 15.741335] which belongs to the cache kmalloc-64 of size 64 [ 15.741940] The buggy address is located 0 bytes to the right of [ 15.741940] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.742473] [ 15.742608] The buggy address belongs to the physical page: [ 15.742885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.743204] flags: 0x200000000000000(node=0|zone=2) [ 15.743491] page_type: f5(slab) [ 15.743614] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.743837] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.744125] page dumped because: kasan: bad access detected [ 15.744383] [ 15.744501] Memory state around the buggy address: [ 15.744717] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.745037] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.745342] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.745636] ^ [ 15.745789] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.746102] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.746555] ================================================================== [ 15.972637] ================================================================== [ 15.972987] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.973693] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.974046] [ 15.974158] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.974205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.974239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.974262] Call Trace: [ 15.974283] <TASK> [ 15.974303] dump_stack_lvl+0x73/0xb0 [ 15.974333] print_report+0xd1/0x610 [ 15.974356] ? __virt_addr_valid+0x1db/0x2d0 [ 15.974380] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.974402] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.974453] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.974476] kasan_report+0x141/0x180 [ 15.974498] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.974525] kasan_check_range+0x10c/0x1c0 [ 15.974550] __kasan_check_write+0x18/0x20 [ 15.974571] kasan_atomics_helper+0x1a7f/0x5450 [ 15.974594] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.974617] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.974643] ? kasan_atomics+0x152/0x310 [ 15.974686] kasan_atomics+0x1dc/0x310 [ 15.974710] ? __pfx_kasan_atomics+0x10/0x10 [ 15.974735] ? __pfx_read_tsc+0x10/0x10 [ 15.974757] ? ktime_get_ts64+0x86/0x230 [ 15.974782] kunit_try_run_case+0x1a5/0x480 [ 15.974809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.974847] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.974873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.974897] ? __kthread_parkme+0x82/0x180 [ 15.974919] ? preempt_count_sub+0x50/0x80 [ 15.974944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.974971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.974995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.975051] kthread+0x337/0x6f0 [ 15.975071] ? trace_preempt_on+0x20/0xc0 [ 15.975095] ? __pfx_kthread+0x10/0x10 [ 15.975116] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.975138] ? calculate_sigpending+0x7b/0xa0 [ 15.975163] ? __pfx_kthread+0x10/0x10 [ 15.975185] ret_from_fork+0x116/0x1d0 [ 15.975203] ? __pfx_kthread+0x10/0x10 [ 15.975224] ret_from_fork_asm+0x1a/0x30 [ 15.975256] </TASK> [ 15.975267] [ 15.982891] Allocated by task 282: [ 15.983118] kasan_save_stack+0x45/0x70 [ 15.983351] kasan_save_track+0x18/0x40 [ 15.983567] kasan_save_alloc_info+0x3b/0x50 [ 15.983721] __kasan_kmalloc+0xb7/0xc0 [ 15.983855] __kmalloc_cache_noprof+0x189/0x420 [ 15.984023] kasan_atomics+0x95/0x310 [ 15.984159] kunit_try_run_case+0x1a5/0x480 [ 15.984307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.984513] kthread+0x337/0x6f0 [ 15.984682] ret_from_fork+0x116/0x1d0 [ 15.984963] ret_from_fork_asm+0x1a/0x30 [ 15.985170] [ 15.985266] The buggy address belongs to the object at ffff88810342d080 [ 15.985266] which belongs to the cache kmalloc-64 of size 64 [ 15.986212] The buggy address is located 0 bytes to the right of [ 15.986212] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.986806] [ 15.986906] The buggy address belongs to the physical page: [ 15.987112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.987515] flags: 0x200000000000000(node=0|zone=2) [ 15.987693] page_type: f5(slab) [ 15.987814] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.988057] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.988401] page dumped because: kasan: bad access detected [ 15.988660] [ 15.988755] Memory state around the buggy address: [ 15.989046] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.989273] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.989482] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.989689] ^ [ 15.989840] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.990182] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.990488] ================================================================== [ 15.784650] ================================================================== [ 15.784905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.785879] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.786256] [ 15.786396] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.786464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.786477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.786500] Call Trace: [ 15.786521] <TASK> [ 15.786551] dump_stack_lvl+0x73/0xb0 [ 15.786585] print_report+0xd1/0x610 [ 15.786620] ? __virt_addr_valid+0x1db/0x2d0 [ 15.786645] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.786666] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.786690] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.786722] kasan_report+0x141/0x180 [ 15.786745] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.786772] __asan_report_store8_noabort+0x1b/0x30 [ 15.786809] kasan_atomics_helper+0x50d4/0x5450 [ 15.786832] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.786854] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.786881] ? kasan_atomics+0x152/0x310 [ 15.786916] kasan_atomics+0x1dc/0x310 [ 15.786939] ? __pfx_kasan_atomics+0x10/0x10 [ 15.786964] ? __pfx_read_tsc+0x10/0x10 [ 15.786996] ? ktime_get_ts64+0x86/0x230 [ 15.787030] kunit_try_run_case+0x1a5/0x480 [ 15.787055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.787078] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.787112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.787136] ? __kthread_parkme+0x82/0x180 [ 15.787159] ? preempt_count_sub+0x50/0x80 [ 15.787195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.787219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.787243] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.787277] kthread+0x337/0x6f0 [ 15.787296] ? trace_preempt_on+0x20/0xc0 [ 15.787321] ? __pfx_kthread+0x10/0x10 [ 15.787352] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.787374] ? calculate_sigpending+0x7b/0xa0 [ 15.787399] ? __pfx_kthread+0x10/0x10 [ 15.787448] ret_from_fork+0x116/0x1d0 [ 15.787468] ? __pfx_kthread+0x10/0x10 [ 15.787489] ret_from_fork_asm+0x1a/0x30 [ 15.787532] </TASK> [ 15.787544] [ 15.795166] Allocated by task 282: [ 15.795352] kasan_save_stack+0x45/0x70 [ 15.795535] kasan_save_track+0x18/0x40 [ 15.795750] kasan_save_alloc_info+0x3b/0x50 [ 15.795933] __kasan_kmalloc+0xb7/0xc0 [ 15.796117] __kmalloc_cache_noprof+0x189/0x420 [ 15.796313] kasan_atomics+0x95/0x310 [ 15.796494] kunit_try_run_case+0x1a5/0x480 [ 15.796643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.796819] kthread+0x337/0x6f0 [ 15.796949] ret_from_fork+0x116/0x1d0 [ 15.797098] ret_from_fork_asm+0x1a/0x30 [ 15.797239] [ 15.797312] The buggy address belongs to the object at ffff88810342d080 [ 15.797312] which belongs to the cache kmalloc-64 of size 64 [ 15.797666] The buggy address is located 0 bytes to the right of [ 15.797666] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.798294] [ 15.798429] The buggy address belongs to the physical page: [ 15.798715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.799151] flags: 0x200000000000000(node=0|zone=2) [ 15.799435] page_type: f5(slab) [ 15.799608] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.799918] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.800158] page dumped because: kasan: bad access detected [ 15.800344] [ 15.800465] Memory state around the buggy address: [ 15.800691] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.801041] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.801361] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.801682] ^ [ 15.801893] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.802209] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.802532] ================================================================== [ 15.571360] ================================================================== [ 15.572061] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.572351] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.572760] [ 15.572883] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.572931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.572943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.572970] Call Trace: [ 15.572990] <TASK> [ 15.573022] dump_stack_lvl+0x73/0xb0 [ 15.573052] print_report+0xd1/0x610 [ 15.573077] ? __virt_addr_valid+0x1db/0x2d0 [ 15.573101] ? kasan_atomics_helper+0x1079/0x5450 [ 15.573123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.573147] ? kasan_atomics_helper+0x1079/0x5450 [ 15.573170] kasan_report+0x141/0x180 [ 15.573193] ? kasan_atomics_helper+0x1079/0x5450 [ 15.573220] kasan_check_range+0x10c/0x1c0 [ 15.573244] __kasan_check_write+0x18/0x20 [ 15.573264] kasan_atomics_helper+0x1079/0x5450 [ 15.573290] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.573313] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.573339] ? kasan_atomics+0x152/0x310 [ 15.573366] kasan_atomics+0x1dc/0x310 [ 15.573390] ? __pfx_kasan_atomics+0x10/0x10 [ 15.573415] ? __pfx_read_tsc+0x10/0x10 [ 15.573448] ? ktime_get_ts64+0x86/0x230 [ 15.573473] kunit_try_run_case+0x1a5/0x480 [ 15.573499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.573523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.573548] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.573574] ? __kthread_parkme+0x82/0x180 [ 15.573595] ? preempt_count_sub+0x50/0x80 [ 15.573619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.573645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.573670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.573695] kthread+0x337/0x6f0 [ 15.573715] ? trace_preempt_on+0x20/0xc0 [ 15.573738] ? __pfx_kthread+0x10/0x10 [ 15.573759] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.573782] ? calculate_sigpending+0x7b/0xa0 [ 15.573808] ? __pfx_kthread+0x10/0x10 [ 15.573829] ret_from_fork+0x116/0x1d0 [ 15.573849] ? __pfx_kthread+0x10/0x10 [ 15.573869] ret_from_fork_asm+0x1a/0x30 [ 15.573901] </TASK> [ 15.573911] [ 15.581592] Allocated by task 282: [ 15.581789] kasan_save_stack+0x45/0x70 [ 15.581997] kasan_save_track+0x18/0x40 [ 15.582186] kasan_save_alloc_info+0x3b/0x50 [ 15.582386] __kasan_kmalloc+0xb7/0xc0 [ 15.582593] __kmalloc_cache_noprof+0x189/0x420 [ 15.582799] kasan_atomics+0x95/0x310 [ 15.582984] kunit_try_run_case+0x1a5/0x480 [ 15.583147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.583351] kthread+0x337/0x6f0 [ 15.583493] ret_from_fork+0x116/0x1d0 [ 15.583693] ret_from_fork_asm+0x1a/0x30 [ 15.583893] [ 15.583992] The buggy address belongs to the object at ffff88810342d080 [ 15.583992] which belongs to the cache kmalloc-64 of size 64 [ 15.584363] The buggy address is located 0 bytes to the right of [ 15.584363] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.585224] [ 15.585327] The buggy address belongs to the physical page: [ 15.585562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.586115] flags: 0x200000000000000(node=0|zone=2) [ 15.586321] page_type: f5(slab) [ 15.586500] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.586773] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.587119] page dumped because: kasan: bad access detected [ 15.587327] [ 15.587422] Memory state around the buggy address: [ 15.587630] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.587846] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.588072] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.588287] ^ [ 15.588449] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.588766] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.589093] ================================================================== [ 15.173598] ================================================================== [ 15.173972] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.174951] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.175200] [ 15.175325] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.175384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.175398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.175421] Call Trace: [ 15.175442] <TASK> [ 15.175463] dump_stack_lvl+0x73/0xb0 [ 15.175494] print_report+0xd1/0x610 [ 15.175519] ? __virt_addr_valid+0x1db/0x2d0 [ 15.175543] ? kasan_atomics_helper+0x697/0x5450 [ 15.175578] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.175602] ? kasan_atomics_helper+0x697/0x5450 [ 15.175625] kasan_report+0x141/0x180 [ 15.175647] ? kasan_atomics_helper+0x697/0x5450 [ 15.175684] kasan_check_range+0x10c/0x1c0 [ 15.175709] __kasan_check_write+0x18/0x20 [ 15.175729] kasan_atomics_helper+0x697/0x5450 [ 15.175764] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.175787] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.175813] ? kasan_atomics+0x152/0x310 [ 15.175840] kasan_atomics+0x1dc/0x310 [ 15.175872] ? __pfx_kasan_atomics+0x10/0x10 [ 15.175897] ? __pfx_read_tsc+0x10/0x10 [ 15.175930] ? ktime_get_ts64+0x86/0x230 [ 15.175955] kunit_try_run_case+0x1a5/0x480 [ 15.175981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.176005] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.176039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.176064] ? __kthread_parkme+0x82/0x180 [ 15.176086] ? preempt_count_sub+0x50/0x80 [ 15.176111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.176135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.176160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.176186] kthread+0x337/0x6f0 [ 15.176205] ? trace_preempt_on+0x20/0xc0 [ 15.176238] ? __pfx_kthread+0x10/0x10 [ 15.176259] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.176282] ? calculate_sigpending+0x7b/0xa0 [ 15.176318] ? __pfx_kthread+0x10/0x10 [ 15.176340] ret_from_fork+0x116/0x1d0 [ 15.176359] ? __pfx_kthread+0x10/0x10 [ 15.176381] ret_from_fork_asm+0x1a/0x30 [ 15.176413] </TASK> [ 15.176424] [ 15.184105] Allocated by task 282: [ 15.184300] kasan_save_stack+0x45/0x70 [ 15.184528] kasan_save_track+0x18/0x40 [ 15.184722] kasan_save_alloc_info+0x3b/0x50 [ 15.184937] __kasan_kmalloc+0xb7/0xc0 [ 15.185176] __kmalloc_cache_noprof+0x189/0x420 [ 15.185408] kasan_atomics+0x95/0x310 [ 15.185546] kunit_try_run_case+0x1a5/0x480 [ 15.185695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.185899] kthread+0x337/0x6f0 [ 15.186084] ret_from_fork+0x116/0x1d0 [ 15.186275] ret_from_fork_asm+0x1a/0x30 [ 15.186586] [ 15.186689] The buggy address belongs to the object at ffff88810342d080 [ 15.186689] which belongs to the cache kmalloc-64 of size 64 [ 15.187234] The buggy address is located 0 bytes to the right of [ 15.187234] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.187769] [ 15.187870] The buggy address belongs to the physical page: [ 15.188112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.188476] flags: 0x200000000000000(node=0|zone=2) [ 15.188689] page_type: f5(slab) [ 15.188871] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.189209] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.189523] page dumped because: kasan: bad access detected [ 15.189788] [ 15.189859] Memory state around the buggy address: [ 15.190084] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.190357] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.190889] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.191128] ^ [ 15.191381] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.191868] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.192192] ================================================================== [ 15.624949] ================================================================== [ 15.625426] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.625677] Read of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.625900] [ 15.625989] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.626049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.626062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.626085] Call Trace: [ 15.626107] <TASK> [ 15.626129] dump_stack_lvl+0x73/0xb0 [ 15.626158] print_report+0xd1/0x610 [ 15.626181] ? __virt_addr_valid+0x1db/0x2d0 [ 15.626206] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.626231] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.626255] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.626279] kasan_report+0x141/0x180 [ 15.626302] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.626329] __asan_report_load4_noabort+0x18/0x20 [ 15.626355] kasan_atomics_helper+0x4a02/0x5450 [ 15.626379] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.626402] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.626428] ? kasan_atomics+0x152/0x310 [ 15.626454] kasan_atomics+0x1dc/0x310 [ 15.626492] ? __pfx_kasan_atomics+0x10/0x10 [ 15.626517] ? __pfx_read_tsc+0x10/0x10 [ 15.626539] ? ktime_get_ts64+0x86/0x230 [ 15.626565] kunit_try_run_case+0x1a5/0x480 [ 15.626591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.626615] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.626641] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.626665] ? __kthread_parkme+0x82/0x180 [ 15.626687] ? preempt_count_sub+0x50/0x80 [ 15.626712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.626737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.626761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.626787] kthread+0x337/0x6f0 [ 15.626806] ? trace_preempt_on+0x20/0xc0 [ 15.626830] ? __pfx_kthread+0x10/0x10 [ 15.626850] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.626872] ? calculate_sigpending+0x7b/0xa0 [ 15.626898] ? __pfx_kthread+0x10/0x10 [ 15.626920] ret_from_fork+0x116/0x1d0 [ 15.626939] ? __pfx_kthread+0x10/0x10 [ 15.626960] ret_from_fork_asm+0x1a/0x30 [ 15.626992] </TASK> [ 15.627003] [ 15.634632] Allocated by task 282: [ 15.634824] kasan_save_stack+0x45/0x70 [ 15.635004] kasan_save_track+0x18/0x40 [ 15.635187] kasan_save_alloc_info+0x3b/0x50 [ 15.635368] __kasan_kmalloc+0xb7/0xc0 [ 15.635537] __kmalloc_cache_noprof+0x189/0x420 [ 15.635748] kasan_atomics+0x95/0x310 [ 15.635918] kunit_try_run_case+0x1a5/0x480 [ 15.636108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.636354] kthread+0x337/0x6f0 [ 15.636495] ret_from_fork+0x116/0x1d0 [ 15.636709] ret_from_fork_asm+0x1a/0x30 [ 15.636854] [ 15.636926] The buggy address belongs to the object at ffff88810342d080 [ 15.636926] which belongs to the cache kmalloc-64 of size 64 [ 15.637285] The buggy address is located 0 bytes to the right of [ 15.637285] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.637650] [ 15.637724] The buggy address belongs to the physical page: [ 15.638006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.638377] flags: 0x200000000000000(node=0|zone=2) [ 15.638865] page_type: f5(slab) [ 15.639079] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.639431] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.639765] page dumped because: kasan: bad access detected [ 15.639946] [ 15.640026] Memory state around the buggy address: [ 15.640182] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.640397] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.641133] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.641474] ^ [ 15.641693] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.641978] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.642268] ================================================================== [ 14.948197] ================================================================== [ 14.948747] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.949227] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 14.949570] [ 14.949682] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.949729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.949741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.949763] Call Trace: [ 14.949782] <TASK> [ 14.949802] dump_stack_lvl+0x73/0xb0 [ 14.949845] print_report+0xd1/0x610 [ 14.949869] ? __virt_addr_valid+0x1db/0x2d0 [ 14.949904] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.949926] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.949949] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.949971] kasan_report+0x141/0x180 [ 14.949992] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.950029] __asan_report_store4_noabort+0x1b/0x30 [ 14.950056] kasan_atomics_helper+0x4ba2/0x5450 [ 14.950081] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.950106] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.950174] ? kasan_atomics+0x152/0x310 [ 14.950200] kasan_atomics+0x1dc/0x310 [ 14.950252] ? __pfx_kasan_atomics+0x10/0x10 [ 14.950276] ? __pfx_read_tsc+0x10/0x10 [ 14.950297] ? ktime_get_ts64+0x86/0x230 [ 14.950323] kunit_try_run_case+0x1a5/0x480 [ 14.950347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.950369] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.950404] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.950427] ? __kthread_parkme+0x82/0x180 [ 14.950447] ? preempt_count_sub+0x50/0x80 [ 14.950482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.950506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.950529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.950553] kthread+0x337/0x6f0 [ 14.950571] ? trace_preempt_on+0x20/0xc0 [ 14.950594] ? __pfx_kthread+0x10/0x10 [ 14.950623] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.950644] ? calculate_sigpending+0x7b/0xa0 [ 14.950669] ? __pfx_kthread+0x10/0x10 [ 14.950699] ret_from_fork+0x116/0x1d0 [ 14.950718] ? __pfx_kthread+0x10/0x10 [ 14.950737] ret_from_fork_asm+0x1a/0x30 [ 14.950768] </TASK> [ 14.950777] [ 14.959763] Allocated by task 282: [ 14.959997] kasan_save_stack+0x45/0x70 [ 14.960287] kasan_save_track+0x18/0x40 [ 14.960510] kasan_save_alloc_info+0x3b/0x50 [ 14.960704] __kasan_kmalloc+0xb7/0xc0 [ 14.960892] __kmalloc_cache_noprof+0x189/0x420 [ 14.961200] kasan_atomics+0x95/0x310 [ 14.961391] kunit_try_run_case+0x1a5/0x480 [ 14.961674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.961934] kthread+0x337/0x6f0 [ 14.962133] ret_from_fork+0x116/0x1d0 [ 14.962409] ret_from_fork_asm+0x1a/0x30 [ 14.962673] [ 14.962791] The buggy address belongs to the object at ffff88810342d080 [ 14.962791] which belongs to the cache kmalloc-64 of size 64 [ 14.963717] The buggy address is located 0 bytes to the right of [ 14.963717] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 14.964320] [ 14.964471] The buggy address belongs to the physical page: [ 14.964647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 14.964899] flags: 0x200000000000000(node=0|zone=2) [ 14.965079] page_type: f5(slab) [ 14.965364] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.965760] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.966255] page dumped because: kasan: bad access detected [ 14.966622] [ 14.966716] Memory state around the buggy address: [ 14.966939] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.967297] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.967520] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.967785] ^ [ 14.968462] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.968821] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.969196] ================================================================== [ 15.210797] ================================================================== [ 15.211091] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.211450] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.211824] [ 15.211960] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.212007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.212036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.212069] Call Trace: [ 15.212089] <TASK> [ 15.212109] dump_stack_lvl+0x73/0xb0 [ 15.212150] print_report+0xd1/0x610 [ 15.212174] ? __virt_addr_valid+0x1db/0x2d0 [ 15.212198] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.212221] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.212244] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.212267] kasan_report+0x141/0x180 [ 15.212289] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.212316] kasan_check_range+0x10c/0x1c0 [ 15.212341] __kasan_check_write+0x18/0x20 [ 15.212361] kasan_atomics_helper+0x7c7/0x5450 [ 15.212384] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.212408] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.212434] ? kasan_atomics+0x152/0x310 [ 15.212461] kasan_atomics+0x1dc/0x310 [ 15.212484] ? __pfx_kasan_atomics+0x10/0x10 [ 15.212509] ? __pfx_read_tsc+0x10/0x10 [ 15.212531] ? ktime_get_ts64+0x86/0x230 [ 15.212557] kunit_try_run_case+0x1a5/0x480 [ 15.212583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.212606] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.212641] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.212665] ? __kthread_parkme+0x82/0x180 [ 15.212687] ? preempt_count_sub+0x50/0x80 [ 15.212722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.212747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.212772] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.212798] kthread+0x337/0x6f0 [ 15.212826] ? trace_preempt_on+0x20/0xc0 [ 15.212858] ? __pfx_kthread+0x10/0x10 [ 15.212880] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.212913] ? calculate_sigpending+0x7b/0xa0 [ 15.212938] ? __pfx_kthread+0x10/0x10 [ 15.212960] ret_from_fork+0x116/0x1d0 [ 15.212980] ? __pfx_kthread+0x10/0x10 [ 15.213016] ret_from_fork_asm+0x1a/0x30 [ 15.213049] </TASK> [ 15.213060] [ 15.220626] Allocated by task 282: [ 15.220819] kasan_save_stack+0x45/0x70 [ 15.221072] kasan_save_track+0x18/0x40 [ 15.221269] kasan_save_alloc_info+0x3b/0x50 [ 15.221536] __kasan_kmalloc+0xb7/0xc0 [ 15.221751] __kmalloc_cache_noprof+0x189/0x420 [ 15.221927] kasan_atomics+0x95/0x310 [ 15.222139] kunit_try_run_case+0x1a5/0x480 [ 15.222318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.222602] kthread+0x337/0x6f0 [ 15.222731] ret_from_fork+0x116/0x1d0 [ 15.222954] ret_from_fork_asm+0x1a/0x30 [ 15.223153] [ 15.223246] The buggy address belongs to the object at ffff88810342d080 [ 15.223246] which belongs to the cache kmalloc-64 of size 64 [ 15.223806] The buggy address is located 0 bytes to the right of [ 15.223806] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.224308] [ 15.224409] The buggy address belongs to the physical page: [ 15.224636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.224890] flags: 0x200000000000000(node=0|zone=2) [ 15.225091] page_type: f5(slab) [ 15.225264] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.225811] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.226167] page dumped because: kasan: bad access detected [ 15.226382] [ 15.226512] Memory state around the buggy address: [ 15.226740] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.227065] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.227284] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.227496] ^ [ 15.227857] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.228216] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.228588] ================================================================== [ 15.192987] ================================================================== [ 15.193329] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.193766] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.194109] [ 15.194225] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.194283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.194295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.194329] Call Trace: [ 15.194350] <TASK> [ 15.194370] dump_stack_lvl+0x73/0xb0 [ 15.194399] print_report+0xd1/0x610 [ 15.194455] ? __virt_addr_valid+0x1db/0x2d0 [ 15.194480] ? kasan_atomics_helper+0x72f/0x5450 [ 15.194512] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.194536] ? kasan_atomics_helper+0x72f/0x5450 [ 15.194559] kasan_report+0x141/0x180 [ 15.194585] ? kasan_atomics_helper+0x72f/0x5450 [ 15.194612] kasan_check_range+0x10c/0x1c0 [ 15.194646] __kasan_check_write+0x18/0x20 [ 15.194667] kasan_atomics_helper+0x72f/0x5450 [ 15.194691] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.194724] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.194750] ? kasan_atomics+0x152/0x310 [ 15.194777] kasan_atomics+0x1dc/0x310 [ 15.194800] ? __pfx_kasan_atomics+0x10/0x10 [ 15.194825] ? __pfx_read_tsc+0x10/0x10 [ 15.194847] ? ktime_get_ts64+0x86/0x230 [ 15.194872] kunit_try_run_case+0x1a5/0x480 [ 15.194898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.194921] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.194947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.194971] ? __kthread_parkme+0x82/0x180 [ 15.194992] ? preempt_count_sub+0x50/0x80 [ 15.195027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.195052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.195085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.195111] kthread+0x337/0x6f0 [ 15.195131] ? trace_preempt_on+0x20/0xc0 [ 15.195165] ? __pfx_kthread+0x10/0x10 [ 15.195187] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.195209] ? calculate_sigpending+0x7b/0xa0 [ 15.195235] ? __pfx_kthread+0x10/0x10 [ 15.195256] ret_from_fork+0x116/0x1d0 [ 15.195276] ? __pfx_kthread+0x10/0x10 [ 15.195297] ret_from_fork_asm+0x1a/0x30 [ 15.195329] </TASK> [ 15.195340] [ 15.203160] Allocated by task 282: [ 15.203341] kasan_save_stack+0x45/0x70 [ 15.203630] kasan_save_track+0x18/0x40 [ 15.203768] kasan_save_alloc_info+0x3b/0x50 [ 15.203929] __kasan_kmalloc+0xb7/0xc0 [ 15.204138] __kmalloc_cache_noprof+0x189/0x420 [ 15.204362] kasan_atomics+0x95/0x310 [ 15.204497] kunit_try_run_case+0x1a5/0x480 [ 15.204646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.204921] kthread+0x337/0x6f0 [ 15.205101] ret_from_fork+0x116/0x1d0 [ 15.205292] ret_from_fork_asm+0x1a/0x30 [ 15.205542] [ 15.205645] The buggy address belongs to the object at ffff88810342d080 [ 15.205645] which belongs to the cache kmalloc-64 of size 64 [ 15.206125] The buggy address is located 0 bytes to the right of [ 15.206125] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.206590] [ 15.206669] The buggy address belongs to the physical page: [ 15.206844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.207098] flags: 0x200000000000000(node=0|zone=2) [ 15.207266] page_type: f5(slab) [ 15.207390] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.207623] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.207854] page dumped because: kasan: bad access detected [ 15.208126] [ 15.208220] Memory state around the buggy address: [ 15.208488] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.208806] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.209138] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.209451] ^ [ 15.209675] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.209996] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.210221] ================================================================== [ 16.211178] ================================================================== [ 16.211665] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.212080] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.212458] [ 16.212619] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.212669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.212682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.212705] Call Trace: [ 16.212725] <TASK> [ 16.212765] dump_stack_lvl+0x73/0xb0 [ 16.212796] print_report+0xd1/0x610 [ 16.212821] ? __virt_addr_valid+0x1db/0x2d0 [ 16.212845] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.212874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.212898] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.212920] kasan_report+0x141/0x180 [ 16.212942] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.212969] kasan_check_range+0x10c/0x1c0 [ 16.212994] __kasan_check_write+0x18/0x20 [ 16.213074] kasan_atomics_helper+0x20c8/0x5450 [ 16.213100] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.213162] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.213189] ? kasan_atomics+0x152/0x310 [ 16.213252] kasan_atomics+0x1dc/0x310 [ 16.213277] ? __pfx_kasan_atomics+0x10/0x10 [ 16.213302] ? __pfx_read_tsc+0x10/0x10 [ 16.213335] ? ktime_get_ts64+0x86/0x230 [ 16.213360] kunit_try_run_case+0x1a5/0x480 [ 16.213387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.213411] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.213456] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.213481] ? __kthread_parkme+0x82/0x180 [ 16.213503] ? preempt_count_sub+0x50/0x80 [ 16.213527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.213552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.213577] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.213602] kthread+0x337/0x6f0 [ 16.213621] ? trace_preempt_on+0x20/0xc0 [ 16.213645] ? __pfx_kthread+0x10/0x10 [ 16.213667] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.213688] ? calculate_sigpending+0x7b/0xa0 [ 16.213714] ? __pfx_kthread+0x10/0x10 [ 16.213735] ret_from_fork+0x116/0x1d0 [ 16.213755] ? __pfx_kthread+0x10/0x10 [ 16.213776] ret_from_fork_asm+0x1a/0x30 [ 16.213807] </TASK> [ 16.213818] [ 16.221500] Allocated by task 282: [ 16.221730] kasan_save_stack+0x45/0x70 [ 16.221957] kasan_save_track+0x18/0x40 [ 16.222218] kasan_save_alloc_info+0x3b/0x50 [ 16.222566] __kasan_kmalloc+0xb7/0xc0 [ 16.222806] __kmalloc_cache_noprof+0x189/0x420 [ 16.223109] kasan_atomics+0x95/0x310 [ 16.223360] kunit_try_run_case+0x1a5/0x480 [ 16.223655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.223933] kthread+0x337/0x6f0 [ 16.224070] ret_from_fork+0x116/0x1d0 [ 16.224206] ret_from_fork_asm+0x1a/0x30 [ 16.224347] [ 16.224455] The buggy address belongs to the object at ffff88810342d080 [ 16.224455] which belongs to the cache kmalloc-64 of size 64 [ 16.225003] The buggy address is located 0 bytes to the right of [ 16.225003] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.225634] [ 16.225738] The buggy address belongs to the physical page: [ 16.226048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.226344] flags: 0x200000000000000(node=0|zone=2) [ 16.226648] page_type: f5(slab) [ 16.226786] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.227063] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.227544] page dumped because: kasan: bad access detected [ 16.227832] [ 16.227903] Memory state around the buggy address: [ 16.228081] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.228486] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.228895] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.229270] ^ [ 16.229455] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.229734] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.230110] ================================================================== [ 15.312819] ================================================================== [ 15.313351] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.313842] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.314105] [ 15.314220] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.314266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.314279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.314302] Call Trace: [ 15.314326] <TASK> [ 15.314347] dump_stack_lvl+0x73/0xb0 [ 15.314376] print_report+0xd1/0x610 [ 15.314399] ? __virt_addr_valid+0x1db/0x2d0 [ 15.314424] ? kasan_atomics_helper+0xac7/0x5450 [ 15.314448] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.314472] ? kasan_atomics_helper+0xac7/0x5450 [ 15.314494] kasan_report+0x141/0x180 [ 15.314517] ? kasan_atomics_helper+0xac7/0x5450 [ 15.314544] kasan_check_range+0x10c/0x1c0 [ 15.314569] __kasan_check_write+0x18/0x20 [ 15.314590] kasan_atomics_helper+0xac7/0x5450 [ 15.314613] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.314636] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.314663] ? kasan_atomics+0x152/0x310 [ 15.314689] kasan_atomics+0x1dc/0x310 [ 15.314713] ? __pfx_kasan_atomics+0x10/0x10 [ 15.314738] ? __pfx_read_tsc+0x10/0x10 [ 15.314760] ? ktime_get_ts64+0x86/0x230 [ 15.314786] kunit_try_run_case+0x1a5/0x480 [ 15.314811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.314835] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.314861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.314885] ? __kthread_parkme+0x82/0x180 [ 15.314909] ? preempt_count_sub+0x50/0x80 [ 15.314934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.314958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.314984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.315021] kthread+0x337/0x6f0 [ 15.315040] ? trace_preempt_on+0x20/0xc0 [ 15.315063] ? __pfx_kthread+0x10/0x10 [ 15.315084] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.315106] ? calculate_sigpending+0x7b/0xa0 [ 15.315131] ? __pfx_kthread+0x10/0x10 [ 15.315153] ret_from_fork+0x116/0x1d0 [ 15.315172] ? __pfx_kthread+0x10/0x10 [ 15.315193] ret_from_fork_asm+0x1a/0x30 [ 15.315224] </TASK> [ 15.315235] [ 15.323207] Allocated by task 282: [ 15.323445] kasan_save_stack+0x45/0x70 [ 15.323641] kasan_save_track+0x18/0x40 [ 15.323780] kasan_save_alloc_info+0x3b/0x50 [ 15.324023] __kasan_kmalloc+0xb7/0xc0 [ 15.324212] __kmalloc_cache_noprof+0x189/0x420 [ 15.324369] kasan_atomics+0x95/0x310 [ 15.324702] kunit_try_run_case+0x1a5/0x480 [ 15.324938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.325167] kthread+0x337/0x6f0 [ 15.325318] ret_from_fork+0x116/0x1d0 [ 15.325536] ret_from_fork_asm+0x1a/0x30 [ 15.325679] [ 15.325751] The buggy address belongs to the object at ffff88810342d080 [ 15.325751] which belongs to the cache kmalloc-64 of size 64 [ 15.327327] The buggy address is located 0 bytes to the right of [ 15.327327] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.329835] [ 15.330005] The buggy address belongs to the physical page: [ 15.330194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.330477] flags: 0x200000000000000(node=0|zone=2) [ 15.330970] page_type: f5(slab) [ 15.331313] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.331972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.332521] page dumped because: kasan: bad access detected [ 15.332694] [ 15.332842] Memory state around the buggy address: [ 15.333364] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.334027] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.334424] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.334642] ^ [ 15.334803] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335030] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335245] ================================================================== [ 15.671872] ================================================================== [ 15.672579] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.673398] Read of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.674240] [ 15.674343] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.674394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.674406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.674439] Call Trace: [ 15.674460] <TASK> [ 15.674481] dump_stack_lvl+0x73/0xb0 [ 15.674516] print_report+0xd1/0x610 [ 15.674541] ? __virt_addr_valid+0x1db/0x2d0 [ 15.674565] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.674587] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.674611] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.674634] kasan_report+0x141/0x180 [ 15.674656] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.674684] __asan_report_load4_noabort+0x18/0x20 [ 15.674709] kasan_atomics_helper+0x49e8/0x5450 [ 15.674733] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.674756] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.674782] ? kasan_atomics+0x152/0x310 [ 15.674809] kasan_atomics+0x1dc/0x310 [ 15.674832] ? __pfx_kasan_atomics+0x10/0x10 [ 15.674857] ? __pfx_read_tsc+0x10/0x10 [ 15.674879] ? ktime_get_ts64+0x86/0x230 [ 15.674905] kunit_try_run_case+0x1a5/0x480 [ 15.674931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.674954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.674980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.675004] ? __kthread_parkme+0x82/0x180 [ 15.675037] ? preempt_count_sub+0x50/0x80 [ 15.675061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.675086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.675111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.675136] kthread+0x337/0x6f0 [ 15.675156] ? trace_preempt_on+0x20/0xc0 [ 15.675182] ? __pfx_kthread+0x10/0x10 [ 15.675203] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.675225] ? calculate_sigpending+0x7b/0xa0 [ 15.675251] ? __pfx_kthread+0x10/0x10 [ 15.675273] ret_from_fork+0x116/0x1d0 [ 15.675292] ? __pfx_kthread+0x10/0x10 [ 15.675313] ret_from_fork_asm+0x1a/0x30 [ 15.675344] </TASK> [ 15.675355] [ 15.682806] Allocated by task 282: [ 15.682973] kasan_save_stack+0x45/0x70 [ 15.683201] kasan_save_track+0x18/0x40 [ 15.683339] kasan_save_alloc_info+0x3b/0x50 [ 15.683516] __kasan_kmalloc+0xb7/0xc0 [ 15.683685] __kmalloc_cache_noprof+0x189/0x420 [ 15.683921] kasan_atomics+0x95/0x310 [ 15.684115] kunit_try_run_case+0x1a5/0x480 [ 15.684321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.684598] kthread+0x337/0x6f0 [ 15.684767] ret_from_fork+0x116/0x1d0 [ 15.684920] ret_from_fork_asm+0x1a/0x30 [ 15.685146] [ 15.685220] The buggy address belongs to the object at ffff88810342d080 [ 15.685220] which belongs to the cache kmalloc-64 of size 64 [ 15.685772] The buggy address is located 0 bytes to the right of [ 15.685772] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.686249] [ 15.686327] The buggy address belongs to the physical page: [ 15.686527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.686771] flags: 0x200000000000000(node=0|zone=2) [ 15.686954] page_type: f5(slab) [ 15.687133] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.687548] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.687942] page dumped because: kasan: bad access detected [ 15.688214] [ 15.688307] Memory state around the buggy address: [ 15.688555] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.688881] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.689132] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.689357] ^ [ 15.689635] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.689959] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.690282] ================================================================== [ 15.894529] ================================================================== [ 15.894891] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 15.896106] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.896409] [ 15.896542] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.896591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.896603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.896627] Call Trace: [ 15.896647] <TASK> [ 15.896667] dump_stack_lvl+0x73/0xb0 [ 15.896700] print_report+0xd1/0x610 [ 15.896724] ? __virt_addr_valid+0x1db/0x2d0 [ 15.896748] ? kasan_atomics_helper+0x1818/0x5450 [ 15.896771] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.896795] ? kasan_atomics_helper+0x1818/0x5450 [ 15.896818] kasan_report+0x141/0x180 [ 15.896840] ? kasan_atomics_helper+0x1818/0x5450 [ 15.896872] kasan_check_range+0x10c/0x1c0 [ 15.896896] __kasan_check_write+0x18/0x20 [ 15.896916] kasan_atomics_helper+0x1818/0x5450 [ 15.896939] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.896962] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.896988] ? kasan_atomics+0x152/0x310 [ 15.897028] kasan_atomics+0x1dc/0x310 [ 15.897052] ? __pfx_kasan_atomics+0x10/0x10 [ 15.897077] ? __pfx_read_tsc+0x10/0x10 [ 15.897099] ? ktime_get_ts64+0x86/0x230 [ 15.897125] kunit_try_run_case+0x1a5/0x480 [ 15.897150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.897173] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.897199] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.897223] ? __kthread_parkme+0x82/0x180 [ 15.897244] ? preempt_count_sub+0x50/0x80 [ 15.897269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.897293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.897318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.897343] kthread+0x337/0x6f0 [ 15.897362] ? trace_preempt_on+0x20/0xc0 [ 15.897386] ? __pfx_kthread+0x10/0x10 [ 15.897406] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.897439] ? calculate_sigpending+0x7b/0xa0 [ 15.897465] ? __pfx_kthread+0x10/0x10 [ 15.897486] ret_from_fork+0x116/0x1d0 [ 15.897505] ? __pfx_kthread+0x10/0x10 [ 15.897526] ret_from_fork_asm+0x1a/0x30 [ 15.897625] </TASK> [ 15.897640] [ 15.905097] Allocated by task 282: [ 15.905289] kasan_save_stack+0x45/0x70 [ 15.905494] kasan_save_track+0x18/0x40 [ 15.905671] kasan_save_alloc_info+0x3b/0x50 [ 15.905844] __kasan_kmalloc+0xb7/0xc0 [ 15.906006] __kmalloc_cache_noprof+0x189/0x420 [ 15.906242] kasan_atomics+0x95/0x310 [ 15.906412] kunit_try_run_case+0x1a5/0x480 [ 15.906612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.906845] kthread+0x337/0x6f0 [ 15.907018] ret_from_fork+0x116/0x1d0 [ 15.907199] ret_from_fork_asm+0x1a/0x30 [ 15.907387] [ 15.907503] The buggy address belongs to the object at ffff88810342d080 [ 15.907503] which belongs to the cache kmalloc-64 of size 64 [ 15.907968] The buggy address is located 0 bytes to the right of [ 15.907968] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.908376] [ 15.908494] The buggy address belongs to the physical page: [ 15.908748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.909110] flags: 0x200000000000000(node=0|zone=2) [ 15.909325] page_type: f5(slab) [ 15.909501] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.909768] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.910245] page dumped because: kasan: bad access detected [ 15.910772] [ 15.910967] Memory state around the buggy address: [ 15.911164] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.911377] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.912222] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.913091] ^ [ 15.913529] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.913925] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.914151] ================================================================== [ 16.273709] ================================================================== [ 16.274782] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.275580] Read of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.276401] [ 16.276553] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.276629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.276654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.276678] Call Trace: [ 16.276712] <TASK> [ 16.276734] dump_stack_lvl+0x73/0xb0 [ 16.276782] print_report+0xd1/0x610 [ 16.276806] ? __virt_addr_valid+0x1db/0x2d0 [ 16.276830] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.276862] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.276885] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.276908] kasan_report+0x141/0x180 [ 16.276937] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.276967] __asan_report_load8_noabort+0x18/0x20 [ 16.276993] kasan_atomics_helper+0x4fa5/0x5450 [ 16.277026] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.277050] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.277076] ? kasan_atomics+0x152/0x310 [ 16.277104] kasan_atomics+0x1dc/0x310 [ 16.277128] ? __pfx_kasan_atomics+0x10/0x10 [ 16.277152] ? __pfx_read_tsc+0x10/0x10 [ 16.277175] ? ktime_get_ts64+0x86/0x230 [ 16.277214] kunit_try_run_case+0x1a5/0x480 [ 16.277241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.277264] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.277290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.277314] ? __kthread_parkme+0x82/0x180 [ 16.277336] ? preempt_count_sub+0x50/0x80 [ 16.277361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.277386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.277411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.277436] kthread+0x337/0x6f0 [ 16.277456] ? trace_preempt_on+0x20/0xc0 [ 16.277480] ? __pfx_kthread+0x10/0x10 [ 16.277502] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.277524] ? calculate_sigpending+0x7b/0xa0 [ 16.277549] ? __pfx_kthread+0x10/0x10 [ 16.277571] ret_from_fork+0x116/0x1d0 [ 16.277610] ? __pfx_kthread+0x10/0x10 [ 16.277631] ret_from_fork_asm+0x1a/0x30 [ 16.277663] </TASK> [ 16.277674] [ 16.286368] Allocated by task 282: [ 16.286606] kasan_save_stack+0x45/0x70 [ 16.286819] kasan_save_track+0x18/0x40 [ 16.287034] kasan_save_alloc_info+0x3b/0x50 [ 16.287184] __kasan_kmalloc+0xb7/0xc0 [ 16.287373] __kmalloc_cache_noprof+0x189/0x420 [ 16.287640] kasan_atomics+0x95/0x310 [ 16.287841] kunit_try_run_case+0x1a5/0x480 [ 16.288041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.288269] kthread+0x337/0x6f0 [ 16.288417] ret_from_fork+0x116/0x1d0 [ 16.288549] ret_from_fork_asm+0x1a/0x30 [ 16.288717] [ 16.288807] The buggy address belongs to the object at ffff88810342d080 [ 16.288807] which belongs to the cache kmalloc-64 of size 64 [ 16.289347] The buggy address is located 0 bytes to the right of [ 16.289347] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.289876] [ 16.289973] The buggy address belongs to the physical page: [ 16.290371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.290711] flags: 0x200000000000000(node=0|zone=2) [ 16.290878] page_type: f5(slab) [ 16.291045] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.291309] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.291856] page dumped because: kasan: bad access detected [ 16.292093] [ 16.292188] Memory state around the buggy address: [ 16.292401] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.292692] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.293032] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.293339] ^ [ 16.293584] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.293897] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.294212] ================================================================== [ 15.418089] ================================================================== [ 15.418761] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.419439] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.420071] [ 15.420250] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.420297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.420310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.420333] Call Trace: [ 15.420353] <TASK> [ 15.420374] dump_stack_lvl+0x73/0xb0 [ 15.420405] print_report+0xd1/0x610 [ 15.420449] ? __virt_addr_valid+0x1db/0x2d0 [ 15.420474] ? kasan_atomics_helper+0xd47/0x5450 [ 15.420495] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.420519] ? kasan_atomics_helper+0xd47/0x5450 [ 15.420541] kasan_report+0x141/0x180 [ 15.420564] ? kasan_atomics_helper+0xd47/0x5450 [ 15.420591] kasan_check_range+0x10c/0x1c0 [ 15.420619] __kasan_check_write+0x18/0x20 [ 15.420639] kasan_atomics_helper+0xd47/0x5450 [ 15.420663] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.420686] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.420713] ? kasan_atomics+0x152/0x310 [ 15.420739] kasan_atomics+0x1dc/0x310 [ 15.420762] ? __pfx_kasan_atomics+0x10/0x10 [ 15.420787] ? __pfx_read_tsc+0x10/0x10 [ 15.420810] ? ktime_get_ts64+0x86/0x230 [ 15.420836] kunit_try_run_case+0x1a5/0x480 [ 15.420866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.420890] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.420914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.420939] ? __kthread_parkme+0x82/0x180 [ 15.420961] ? preempt_count_sub+0x50/0x80 [ 15.420986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.421020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.421045] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.421071] kthread+0x337/0x6f0 [ 15.421090] ? trace_preempt_on+0x20/0xc0 [ 15.421116] ? __pfx_kthread+0x10/0x10 [ 15.421137] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.421160] ? calculate_sigpending+0x7b/0xa0 [ 15.421185] ? __pfx_kthread+0x10/0x10 [ 15.421207] ret_from_fork+0x116/0x1d0 [ 15.421227] ? __pfx_kthread+0x10/0x10 [ 15.421248] ret_from_fork_asm+0x1a/0x30 [ 15.421280] </TASK> [ 15.421290] [ 15.436920] Allocated by task 282: [ 15.437108] kasan_save_stack+0x45/0x70 [ 15.437278] kasan_save_track+0x18/0x40 [ 15.437417] kasan_save_alloc_info+0x3b/0x50 [ 15.437869] __kasan_kmalloc+0xb7/0xc0 [ 15.438227] __kmalloc_cache_noprof+0x189/0x420 [ 15.438762] kasan_atomics+0x95/0x310 [ 15.439144] kunit_try_run_case+0x1a5/0x480 [ 15.439566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.440076] kthread+0x337/0x6f0 [ 15.440420] ret_from_fork+0x116/0x1d0 [ 15.440817] ret_from_fork_asm+0x1a/0x30 [ 15.441105] [ 15.441184] The buggy address belongs to the object at ffff88810342d080 [ 15.441184] which belongs to the cache kmalloc-64 of size 64 [ 15.441585] The buggy address is located 0 bytes to the right of [ 15.441585] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.441958] [ 15.442045] The buggy address belongs to the physical page: [ 15.442222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.442519] flags: 0x200000000000000(node=0|zone=2) [ 15.442962] page_type: f5(slab) [ 15.443334] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.444059] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.444878] page dumped because: kasan: bad access detected [ 15.445400] [ 15.445630] Memory state around the buggy address: [ 15.446163] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.446839] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.447487] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.447984] ^ [ 15.448333] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.448627] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449149] ================================================================== [ 15.088435] ================================================================== [ 15.089125] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.089821] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.090512] [ 15.090690] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.090752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.090765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.090788] Call Trace: [ 15.090819] <TASK> [ 15.090849] dump_stack_lvl+0x73/0xb0 [ 15.090881] print_report+0xd1/0x610 [ 15.090905] ? __virt_addr_valid+0x1db/0x2d0 [ 15.090940] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.090963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.090986] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.091018] kasan_report+0x141/0x180 [ 15.091041] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.091068] __asan_report_store4_noabort+0x1b/0x30 [ 15.091094] kasan_atomics_helper+0x4b3a/0x5450 [ 15.091117] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.091140] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.091166] ? kasan_atomics+0x152/0x310 [ 15.091193] kasan_atomics+0x1dc/0x310 [ 15.091215] ? __pfx_kasan_atomics+0x10/0x10 [ 15.091240] ? __pfx_read_tsc+0x10/0x10 [ 15.091261] ? ktime_get_ts64+0x86/0x230 [ 15.091287] kunit_try_run_case+0x1a5/0x480 [ 15.091313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.091336] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.091361] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.091385] ? __kthread_parkme+0x82/0x180 [ 15.091407] ? preempt_count_sub+0x50/0x80 [ 15.091452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.091476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.091502] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.091527] kthread+0x337/0x6f0 [ 15.091547] ? trace_preempt_on+0x20/0xc0 [ 15.091570] ? __pfx_kthread+0x10/0x10 [ 15.091591] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.091614] ? calculate_sigpending+0x7b/0xa0 [ 15.091640] ? __pfx_kthread+0x10/0x10 [ 15.091661] ret_from_fork+0x116/0x1d0 [ 15.091681] ? __pfx_kthread+0x10/0x10 [ 15.091701] ret_from_fork_asm+0x1a/0x30 [ 15.091733] </TASK> [ 15.091744] [ 15.104919] Allocated by task 282: [ 15.105347] kasan_save_stack+0x45/0x70 [ 15.105799] kasan_save_track+0x18/0x40 [ 15.106161] kasan_save_alloc_info+0x3b/0x50 [ 15.106355] __kasan_kmalloc+0xb7/0xc0 [ 15.106797] __kmalloc_cache_noprof+0x189/0x420 [ 15.107119] kasan_atomics+0x95/0x310 [ 15.107258] kunit_try_run_case+0x1a5/0x480 [ 15.107417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.107595] kthread+0x337/0x6f0 [ 15.107719] ret_from_fork+0x116/0x1d0 [ 15.107857] ret_from_fork_asm+0x1a/0x30 [ 15.108000] [ 15.108451] The buggy address belongs to the object at ffff88810342d080 [ 15.108451] which belongs to the cache kmalloc-64 of size 64 [ 15.110249] The buggy address is located 0 bytes to the right of [ 15.110249] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.111419] [ 15.111667] The buggy address belongs to the physical page: [ 15.112202] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.113027] flags: 0x200000000000000(node=0|zone=2) [ 15.113550] page_type: f5(slab) [ 15.113770] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.113995] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.114226] page dumped because: kasan: bad access detected [ 15.114393] [ 15.114645] Memory state around the buggy address: [ 15.115159] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.115864] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.116548] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.117215] ^ [ 15.117720] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.118284] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.118518] ================================================================== [ 15.336724] ================================================================== [ 15.337970] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.338731] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.339500] [ 15.339716] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.339765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.339798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.339831] Call Trace: [ 15.339853] <TASK> [ 15.339886] dump_stack_lvl+0x73/0xb0 [ 15.339920] print_report+0xd1/0x610 [ 15.339945] ? __virt_addr_valid+0x1db/0x2d0 [ 15.339969] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.339991] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.340025] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.340048] kasan_report+0x141/0x180 [ 15.340072] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.340099] kasan_check_range+0x10c/0x1c0 [ 15.340123] __kasan_check_write+0x18/0x20 [ 15.340143] kasan_atomics_helper+0xb6a/0x5450 [ 15.340168] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.340191] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.340219] ? kasan_atomics+0x152/0x310 [ 15.340246] kasan_atomics+0x1dc/0x310 [ 15.340270] ? __pfx_kasan_atomics+0x10/0x10 [ 15.340295] ? __pfx_read_tsc+0x10/0x10 [ 15.340318] ? ktime_get_ts64+0x86/0x230 [ 15.340343] kunit_try_run_case+0x1a5/0x480 [ 15.340370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.340393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.340420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.340457] ? __kthread_parkme+0x82/0x180 [ 15.340479] ? preempt_count_sub+0x50/0x80 [ 15.340504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.340529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.340554] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.340580] kthread+0x337/0x6f0 [ 15.340600] ? trace_preempt_on+0x20/0xc0 [ 15.340623] ? __pfx_kthread+0x10/0x10 [ 15.340644] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.340666] ? calculate_sigpending+0x7b/0xa0 [ 15.340691] ? __pfx_kthread+0x10/0x10 [ 15.340712] ret_from_fork+0x116/0x1d0 [ 15.340733] ? __pfx_kthread+0x10/0x10 [ 15.340753] ret_from_fork_asm+0x1a/0x30 [ 15.340785] </TASK> [ 15.340795] [ 15.351289] Allocated by task 282: [ 15.351650] kasan_save_stack+0x45/0x70 [ 15.351900] kasan_save_track+0x18/0x40 [ 15.352092] kasan_save_alloc_info+0x3b/0x50 [ 15.352339] __kasan_kmalloc+0xb7/0xc0 [ 15.352550] __kmalloc_cache_noprof+0x189/0x420 [ 15.352778] kasan_atomics+0x95/0x310 [ 15.352985] kunit_try_run_case+0x1a5/0x480 [ 15.353252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.353516] kthread+0x337/0x6f0 [ 15.353694] ret_from_fork+0x116/0x1d0 [ 15.353915] ret_from_fork_asm+0x1a/0x30 [ 15.354143] [ 15.354267] The buggy address belongs to the object at ffff88810342d080 [ 15.354267] which belongs to the cache kmalloc-64 of size 64 [ 15.354961] The buggy address is located 0 bytes to the right of [ 15.354961] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.355672] [ 15.355750] The buggy address belongs to the physical page: [ 15.355961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.356332] flags: 0x200000000000000(node=0|zone=2) [ 15.356820] page_type: f5(slab) [ 15.357077] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.358258] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.359394] page dumped because: kasan: bad access detected [ 15.359788] [ 15.359890] Memory state around the buggy address: [ 15.360135] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.360775] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.361096] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.361596] ^ [ 15.361950] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.362360] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.362861] ================================================================== [ 15.119480] ================================================================== [ 15.120279] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.121170] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.122088] [ 15.122343] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.122394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.122407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.122429] Call Trace: [ 15.122451] <TASK> [ 15.122473] dump_stack_lvl+0x73/0xb0 [ 15.122506] print_report+0xd1/0x610 [ 15.122530] ? __virt_addr_valid+0x1db/0x2d0 [ 15.122554] ? kasan_atomics_helper+0x565/0x5450 [ 15.122575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.122599] ? kasan_atomics_helper+0x565/0x5450 [ 15.122622] kasan_report+0x141/0x180 [ 15.122645] ? kasan_atomics_helper+0x565/0x5450 [ 15.122673] kasan_check_range+0x10c/0x1c0 [ 15.122699] __kasan_check_write+0x18/0x20 [ 15.122719] kasan_atomics_helper+0x565/0x5450 [ 15.122745] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.122769] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.122796] ? kasan_atomics+0x152/0x310 [ 15.122823] kasan_atomics+0x1dc/0x310 [ 15.122847] ? __pfx_kasan_atomics+0x10/0x10 [ 15.122871] ? __pfx_read_tsc+0x10/0x10 [ 15.122894] ? ktime_get_ts64+0x86/0x230 [ 15.122921] kunit_try_run_case+0x1a5/0x480 [ 15.122948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.122972] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.122997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.123094] ? __kthread_parkme+0x82/0x180 [ 15.123116] ? preempt_count_sub+0x50/0x80 [ 15.123140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.123165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.123190] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.123215] kthread+0x337/0x6f0 [ 15.123235] ? trace_preempt_on+0x20/0xc0 [ 15.123259] ? __pfx_kthread+0x10/0x10 [ 15.123280] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.123303] ? calculate_sigpending+0x7b/0xa0 [ 15.123329] ? __pfx_kthread+0x10/0x10 [ 15.123350] ret_from_fork+0x116/0x1d0 [ 15.123370] ? __pfx_kthread+0x10/0x10 [ 15.123391] ret_from_fork_asm+0x1a/0x30 [ 15.123424] </TASK> [ 15.123435] [ 15.134678] Allocated by task 282: [ 15.135043] kasan_save_stack+0x45/0x70 [ 15.135414] kasan_save_track+0x18/0x40 [ 15.135823] kasan_save_alloc_info+0x3b/0x50 [ 15.136232] __kasan_kmalloc+0xb7/0xc0 [ 15.136610] __kmalloc_cache_noprof+0x189/0x420 [ 15.137048] kasan_atomics+0x95/0x310 [ 15.137394] kunit_try_run_case+0x1a5/0x480 [ 15.137794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.138291] kthread+0x337/0x6f0 [ 15.138566] ret_from_fork+0x116/0x1d0 [ 15.138941] ret_from_fork_asm+0x1a/0x30 [ 15.139093] [ 15.139166] The buggy address belongs to the object at ffff88810342d080 [ 15.139166] which belongs to the cache kmalloc-64 of size 64 [ 15.139593] The buggy address is located 0 bytes to the right of [ 15.139593] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.140806] [ 15.141030] The buggy address belongs to the physical page: [ 15.141544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.142231] flags: 0x200000000000000(node=0|zone=2) [ 15.142713] page_type: f5(slab) [ 15.143048] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.143315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.144022] page dumped because: kasan: bad access detected [ 15.144458] [ 15.144600] Memory state around the buggy address: [ 15.144934] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.145156] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.145368] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.145734] ^ [ 15.146133] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.146351] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.146873] ================================================================== [ 15.534265] ================================================================== [ 15.535190] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.536100] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.536510] [ 15.536606] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.536656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.536670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.536692] Call Trace: [ 15.536713] <TASK> [ 15.536736] dump_stack_lvl+0x73/0xb0 [ 15.536766] print_report+0xd1/0x610 [ 15.536790] ? __virt_addr_valid+0x1db/0x2d0 [ 15.536817] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.536839] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.536869] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.536892] kasan_report+0x141/0x180 [ 15.536914] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.536941] kasan_check_range+0x10c/0x1c0 [ 15.536965] __kasan_check_write+0x18/0x20 [ 15.536984] kasan_atomics_helper+0xfa9/0x5450 [ 15.537007] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.537041] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.537068] ? kasan_atomics+0x152/0x310 [ 15.537094] kasan_atomics+0x1dc/0x310 [ 15.537117] ? __pfx_kasan_atomics+0x10/0x10 [ 15.537141] ? __pfx_read_tsc+0x10/0x10 [ 15.537164] ? ktime_get_ts64+0x86/0x230 [ 15.537190] kunit_try_run_case+0x1a5/0x480 [ 15.537216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.537242] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.537271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.537298] ? __kthread_parkme+0x82/0x180 [ 15.537322] ? preempt_count_sub+0x50/0x80 [ 15.537347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.537372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.537396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.537421] kthread+0x337/0x6f0 [ 15.537440] ? trace_preempt_on+0x20/0xc0 [ 15.537464] ? __pfx_kthread+0x10/0x10 [ 15.537494] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.537516] ? calculate_sigpending+0x7b/0xa0 [ 15.537541] ? __pfx_kthread+0x10/0x10 [ 15.537563] ret_from_fork+0x116/0x1d0 [ 15.537582] ? __pfx_kthread+0x10/0x10 [ 15.537604] ret_from_fork_asm+0x1a/0x30 [ 15.537635] </TASK> [ 15.537646] [ 15.545085] Allocated by task 282: [ 15.545262] kasan_save_stack+0x45/0x70 [ 15.545501] kasan_save_track+0x18/0x40 [ 15.545646] kasan_save_alloc_info+0x3b/0x50 [ 15.545862] __kasan_kmalloc+0xb7/0xc0 [ 15.546022] __kmalloc_cache_noprof+0x189/0x420 [ 15.546247] kasan_atomics+0x95/0x310 [ 15.546385] kunit_try_run_case+0x1a5/0x480 [ 15.546539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.546772] kthread+0x337/0x6f0 [ 15.546941] ret_from_fork+0x116/0x1d0 [ 15.547147] ret_from_fork_asm+0x1a/0x30 [ 15.547358] [ 15.547462] The buggy address belongs to the object at ffff88810342d080 [ 15.547462] which belongs to the cache kmalloc-64 of size 64 [ 15.547936] The buggy address is located 0 bytes to the right of [ 15.547936] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.548481] [ 15.548569] The buggy address belongs to the physical page: [ 15.548810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.549120] flags: 0x200000000000000(node=0|zone=2) [ 15.549289] page_type: f5(slab) [ 15.549414] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.549649] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.549876] page dumped because: kasan: bad access detected [ 15.550107] [ 15.550200] Memory state around the buggy address: [ 15.550681] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.551020] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.551334] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.551928] ^ [ 15.552098] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.552316] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.552531] ================================================================== [ 15.229623] ================================================================== [ 15.230336] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.230841] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.231175] [ 15.231294] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.231352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.231365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.231388] Call Trace: [ 15.231420] <TASK> [ 15.231442] dump_stack_lvl+0x73/0xb0 [ 15.231473] print_report+0xd1/0x610 [ 15.231496] ? __virt_addr_valid+0x1db/0x2d0 [ 15.231520] ? kasan_atomics_helper+0x860/0x5450 [ 15.231551] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.231574] ? kasan_atomics_helper+0x860/0x5450 [ 15.231597] kasan_report+0x141/0x180 [ 15.231630] ? kasan_atomics_helper+0x860/0x5450 [ 15.231656] kasan_check_range+0x10c/0x1c0 [ 15.231681] __kasan_check_write+0x18/0x20 [ 15.231702] kasan_atomics_helper+0x860/0x5450 [ 15.231726] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.231749] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.231775] ? kasan_atomics+0x152/0x310 [ 15.231801] kasan_atomics+0x1dc/0x310 [ 15.231824] ? __pfx_kasan_atomics+0x10/0x10 [ 15.231849] ? __pfx_read_tsc+0x10/0x10 [ 15.231871] ? ktime_get_ts64+0x86/0x230 [ 15.231897] kunit_try_run_case+0x1a5/0x480 [ 15.231923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.231947] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.231972] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.232004] ? __kthread_parkme+0x82/0x180 [ 15.232036] ? preempt_count_sub+0x50/0x80 [ 15.232063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.232098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.232123] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.232149] kthread+0x337/0x6f0 [ 15.232171] ? trace_preempt_on+0x20/0xc0 [ 15.232194] ? __pfx_kthread+0x10/0x10 [ 15.232215] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.232239] ? calculate_sigpending+0x7b/0xa0 [ 15.232264] ? __pfx_kthread+0x10/0x10 [ 15.232289] ret_from_fork+0x116/0x1d0 [ 15.232308] ? __pfx_kthread+0x10/0x10 [ 15.232331] ret_from_fork_asm+0x1a/0x30 [ 15.232363] </TASK> [ 15.232375] [ 15.245592] Allocated by task 282: [ 15.245967] kasan_save_stack+0x45/0x70 [ 15.246242] kasan_save_track+0x18/0x40 [ 15.246644] kasan_save_alloc_info+0x3b/0x50 [ 15.246797] __kasan_kmalloc+0xb7/0xc0 [ 15.246932] __kmalloc_cache_noprof+0x189/0x420 [ 15.247100] kasan_atomics+0x95/0x310 [ 15.247235] kunit_try_run_case+0x1a5/0x480 [ 15.247383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.247837] kthread+0x337/0x6f0 [ 15.248155] ret_from_fork+0x116/0x1d0 [ 15.248517] ret_from_fork_asm+0x1a/0x30 [ 15.248899] [ 15.249068] The buggy address belongs to the object at ffff88810342d080 [ 15.249068] which belongs to the cache kmalloc-64 of size 64 [ 15.250242] The buggy address is located 0 bytes to the right of [ 15.250242] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.251498] [ 15.251692] The buggy address belongs to the physical page: [ 15.252193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.252886] flags: 0x200000000000000(node=0|zone=2) [ 15.253344] page_type: f5(slab) [ 15.253663] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.253897] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.254138] page dumped because: kasan: bad access detected [ 15.254319] [ 15.254392] Memory state around the buggy address: [ 15.254576] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.254839] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.255196] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.255539] ^ [ 15.255696] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.256026] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.256336] ================================================================== [ 15.607158] ================================================================== [ 15.607551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.607888] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.608192] [ 15.608285] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.608331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.608344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.608367] Call Trace: [ 15.608388] <TASK> [ 15.608409] dump_stack_lvl+0x73/0xb0 [ 15.608450] print_report+0xd1/0x610 [ 15.608473] ? __virt_addr_valid+0x1db/0x2d0 [ 15.608499] ? kasan_atomics_helper+0x1148/0x5450 [ 15.608522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.608546] ? kasan_atomics_helper+0x1148/0x5450 [ 15.608569] kasan_report+0x141/0x180 [ 15.608592] ? kasan_atomics_helper+0x1148/0x5450 [ 15.608619] kasan_check_range+0x10c/0x1c0 [ 15.608643] __kasan_check_write+0x18/0x20 [ 15.608663] kasan_atomics_helper+0x1148/0x5450 [ 15.608687] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.608710] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.608736] ? kasan_atomics+0x152/0x310 [ 15.608763] kasan_atomics+0x1dc/0x310 [ 15.608786] ? __pfx_kasan_atomics+0x10/0x10 [ 15.608810] ? __pfx_read_tsc+0x10/0x10 [ 15.608832] ? ktime_get_ts64+0x86/0x230 [ 15.608864] kunit_try_run_case+0x1a5/0x480 [ 15.608889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.608913] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.608938] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.608963] ? __kthread_parkme+0x82/0x180 [ 15.608985] ? preempt_count_sub+0x50/0x80 [ 15.609021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.609046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.609071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.609096] kthread+0x337/0x6f0 [ 15.609115] ? trace_preempt_on+0x20/0xc0 [ 15.609139] ? __pfx_kthread+0x10/0x10 [ 15.609160] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.609184] ? calculate_sigpending+0x7b/0xa0 [ 15.609209] ? __pfx_kthread+0x10/0x10 [ 15.609231] ret_from_fork+0x116/0x1d0 [ 15.609250] ? __pfx_kthread+0x10/0x10 [ 15.609271] ret_from_fork_asm+0x1a/0x30 [ 15.609302] </TASK> [ 15.609312] [ 15.616801] Allocated by task 282: [ 15.616995] kasan_save_stack+0x45/0x70 [ 15.617172] kasan_save_track+0x18/0x40 [ 15.617366] kasan_save_alloc_info+0x3b/0x50 [ 15.617584] __kasan_kmalloc+0xb7/0xc0 [ 15.617772] __kmalloc_cache_noprof+0x189/0x420 [ 15.617967] kasan_atomics+0x95/0x310 [ 15.618143] kunit_try_run_case+0x1a5/0x480 [ 15.618347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.618526] kthread+0x337/0x6f0 [ 15.618648] ret_from_fork+0x116/0x1d0 [ 15.618781] ret_from_fork_asm+0x1a/0x30 [ 15.618922] [ 15.618995] The buggy address belongs to the object at ffff88810342d080 [ 15.618995] which belongs to the cache kmalloc-64 of size 64 [ 15.619782] The buggy address is located 0 bytes to the right of [ 15.619782] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.620194] [ 15.620269] The buggy address belongs to the physical page: [ 15.620461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.620816] flags: 0x200000000000000(node=0|zone=2) [ 15.621068] page_type: f5(slab) [ 15.621246] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.621743] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.622047] page dumped because: kasan: bad access detected [ 15.622242] [ 15.622311] Memory state around the buggy address: [ 15.622604] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.622914] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.623198] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.623500] ^ [ 15.623682] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.623900] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.624199] ================================================================== [ 15.691511] ================================================================== [ 15.692033] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.692391] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.692743] [ 15.692866] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.692915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.692938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.692961] Call Trace: [ 15.692980] <TASK> [ 15.693001] dump_stack_lvl+0x73/0xb0 [ 15.693051] print_report+0xd1/0x610 [ 15.693073] ? __virt_addr_valid+0x1db/0x2d0 [ 15.693097] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.693119] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.693142] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.693164] kasan_report+0x141/0x180 [ 15.693187] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.693213] kasan_check_range+0x10c/0x1c0 [ 15.693238] __kasan_check_write+0x18/0x20 [ 15.693258] kasan_atomics_helper+0x12e6/0x5450 [ 15.693281] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.693314] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.693340] ? kasan_atomics+0x152/0x310 [ 15.693369] kasan_atomics+0x1dc/0x310 [ 15.693403] ? __pfx_kasan_atomics+0x10/0x10 [ 15.693447] ? __pfx_read_tsc+0x10/0x10 [ 15.693469] ? ktime_get_ts64+0x86/0x230 [ 15.693493] kunit_try_run_case+0x1a5/0x480 [ 15.693519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.693542] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.693567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.693591] ? __kthread_parkme+0x82/0x180 [ 15.693613] ? preempt_count_sub+0x50/0x80 [ 15.693638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.693663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.693688] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.693713] kthread+0x337/0x6f0 [ 15.693733] ? trace_preempt_on+0x20/0xc0 [ 15.693757] ? __pfx_kthread+0x10/0x10 [ 15.693778] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.693800] ? calculate_sigpending+0x7b/0xa0 [ 15.693825] ? __pfx_kthread+0x10/0x10 [ 15.693846] ret_from_fork+0x116/0x1d0 [ 15.693865] ? __pfx_kthread+0x10/0x10 [ 15.693886] ret_from_fork_asm+0x1a/0x30 [ 15.693927] </TASK> [ 15.693938] [ 15.701521] Allocated by task 282: [ 15.701742] kasan_save_stack+0x45/0x70 [ 15.701973] kasan_save_track+0x18/0x40 [ 15.702120] kasan_save_alloc_info+0x3b/0x50 [ 15.702270] __kasan_kmalloc+0xb7/0xc0 [ 15.702406] __kmalloc_cache_noprof+0x189/0x420 [ 15.702583] kasan_atomics+0x95/0x310 [ 15.702764] kunit_try_run_case+0x1a5/0x480 [ 15.702982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.703255] kthread+0x337/0x6f0 [ 15.703485] ret_from_fork+0x116/0x1d0 [ 15.703687] ret_from_fork_asm+0x1a/0x30 [ 15.703887] [ 15.703997] The buggy address belongs to the object at ffff88810342d080 [ 15.703997] which belongs to the cache kmalloc-64 of size 64 [ 15.704512] The buggy address is located 0 bytes to the right of [ 15.704512] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.705058] [ 15.705174] The buggy address belongs to the physical page: [ 15.705399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.705759] flags: 0x200000000000000(node=0|zone=2) [ 15.705982] page_type: f5(slab) [ 15.706173] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.706526] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.706848] page dumped because: kasan: bad access detected [ 15.707088] [ 15.707203] Memory state around the buggy address: [ 15.707386] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.707699] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.707918] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.708235] ^ [ 15.708522] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.708899] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.709234] ================================================================== [ 14.993179] ================================================================== [ 14.993470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.993765] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 14.994131] [ 14.994248] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.994296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.994307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.994330] Call Trace: [ 14.994350] <TASK> [ 14.994370] dump_stack_lvl+0x73/0xb0 [ 14.994401] print_report+0xd1/0x610 [ 14.994425] ? __virt_addr_valid+0x1db/0x2d0 [ 14.994824] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.994848] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.994993] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.995073] kasan_report+0x141/0x180 [ 14.995097] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.995123] __asan_report_store4_noabort+0x1b/0x30 [ 14.995148] kasan_atomics_helper+0x4b6e/0x5450 [ 14.995172] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.995318] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.995345] ? kasan_atomics+0x152/0x310 [ 14.995391] kasan_atomics+0x1dc/0x310 [ 14.995414] ? __pfx_kasan_atomics+0x10/0x10 [ 14.995577] ? __pfx_read_tsc+0x10/0x10 [ 14.995604] ? ktime_get_ts64+0x86/0x230 [ 14.995630] kunit_try_run_case+0x1a5/0x480 [ 14.995657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.995691] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.995717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.995752] ? __kthread_parkme+0x82/0x180 [ 14.995775] ? preempt_count_sub+0x50/0x80 [ 14.995799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.995824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.995849] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.995873] kthread+0x337/0x6f0 [ 14.995893] ? trace_preempt_on+0x20/0xc0 [ 14.995917] ? __pfx_kthread+0x10/0x10 [ 14.995938] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.995960] ? calculate_sigpending+0x7b/0xa0 [ 14.995987] ? __pfx_kthread+0x10/0x10 [ 14.996018] ret_from_fork+0x116/0x1d0 [ 14.996038] ? __pfx_kthread+0x10/0x10 [ 14.996059] ret_from_fork_asm+0x1a/0x30 [ 14.996091] </TASK> [ 14.996112] [ 15.005627] Allocated by task 282: [ 15.005841] kasan_save_stack+0x45/0x70 [ 15.006157] kasan_save_track+0x18/0x40 [ 15.006362] kasan_save_alloc_info+0x3b/0x50 [ 15.006708] __kasan_kmalloc+0xb7/0xc0 [ 15.006893] __kmalloc_cache_noprof+0x189/0x420 [ 15.007249] kasan_atomics+0x95/0x310 [ 15.007391] kunit_try_run_case+0x1a5/0x480 [ 15.007610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.007860] kthread+0x337/0x6f0 [ 15.008075] ret_from_fork+0x116/0x1d0 [ 15.008289] ret_from_fork_asm+0x1a/0x30 [ 15.008566] [ 15.008652] The buggy address belongs to the object at ffff88810342d080 [ 15.008652] which belongs to the cache kmalloc-64 of size 64 [ 15.009575] The buggy address is located 0 bytes to the right of [ 15.009575] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.010228] [ 15.010324] The buggy address belongs to the physical page: [ 15.010565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.010811] flags: 0x200000000000000(node=0|zone=2) [ 15.010987] page_type: f5(slab) [ 15.011153] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.011544] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.011918] page dumped because: kasan: bad access detected [ 15.012101] [ 15.012172] Memory state around the buggy address: [ 15.012421] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.012746] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.013262] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.013668] ^ [ 15.013879] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.014245] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.014579] ================================================================== [ 15.857604] ================================================================== [ 15.857956] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.858628] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.859029] [ 15.859138] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.859186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.859210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.859234] Call Trace: [ 15.859254] <TASK> [ 15.859286] dump_stack_lvl+0x73/0xb0 [ 15.859327] print_report+0xd1/0x610 [ 15.859351] ? __virt_addr_valid+0x1db/0x2d0 [ 15.859385] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.859407] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.859453] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.859476] kasan_report+0x141/0x180 [ 15.859498] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.859526] kasan_check_range+0x10c/0x1c0 [ 15.859551] __kasan_check_write+0x18/0x20 [ 15.859572] kasan_atomics_helper+0x16e7/0x5450 [ 15.859595] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.859618] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.859644] ? kasan_atomics+0x152/0x310 [ 15.859670] kasan_atomics+0x1dc/0x310 [ 15.859694] ? __pfx_kasan_atomics+0x10/0x10 [ 15.859719] ? __pfx_read_tsc+0x10/0x10 [ 15.859740] ? ktime_get_ts64+0x86/0x230 [ 15.859765] kunit_try_run_case+0x1a5/0x480 [ 15.859790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.859813] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.859839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.859862] ? __kthread_parkme+0x82/0x180 [ 15.859883] ? preempt_count_sub+0x50/0x80 [ 15.859907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.859932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.859957] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.859981] kthread+0x337/0x6f0 [ 15.860000] ? trace_preempt_on+0x20/0xc0 [ 15.860034] ? __pfx_kthread+0x10/0x10 [ 15.860065] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.860087] ? calculate_sigpending+0x7b/0xa0 [ 15.860112] ? __pfx_kthread+0x10/0x10 [ 15.860148] ret_from_fork+0x116/0x1d0 [ 15.860167] ? __pfx_kthread+0x10/0x10 [ 15.860188] ret_from_fork_asm+0x1a/0x30 [ 15.860231] </TASK> [ 15.860242] [ 15.867695] Allocated by task 282: [ 15.867843] kasan_save_stack+0x45/0x70 [ 15.867998] kasan_save_track+0x18/0x40 [ 15.868203] kasan_save_alloc_info+0x3b/0x50 [ 15.868456] __kasan_kmalloc+0xb7/0xc0 [ 15.868680] __kmalloc_cache_noprof+0x189/0x420 [ 15.868946] kasan_atomics+0x95/0x310 [ 15.869184] kunit_try_run_case+0x1a5/0x480 [ 15.869440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.869701] kthread+0x337/0x6f0 [ 15.869869] ret_from_fork+0x116/0x1d0 [ 15.870062] ret_from_fork_asm+0x1a/0x30 [ 15.870256] [ 15.870350] The buggy address belongs to the object at ffff88810342d080 [ 15.870350] which belongs to the cache kmalloc-64 of size 64 [ 15.870889] The buggy address is located 0 bytes to the right of [ 15.870889] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.871356] [ 15.871455] The buggy address belongs to the physical page: [ 15.871688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.871993] flags: 0x200000000000000(node=0|zone=2) [ 15.872224] page_type: f5(slab) [ 15.872402] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.872693] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.873050] page dumped because: kasan: bad access detected [ 15.873306] [ 15.873403] Memory state around the buggy address: [ 15.873634] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.873942] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.874239] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.874602] ^ [ 15.874815] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.875044] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.875257] ================================================================== [ 16.314632] ================================================================== [ 16.315170] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.315412] Read of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.315626] [ 16.315713] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.315759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.315771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.315794] Call Trace: [ 16.315814] <TASK> [ 16.315835] dump_stack_lvl+0x73/0xb0 [ 16.315863] print_report+0xd1/0x610 [ 16.315886] ? __virt_addr_valid+0x1db/0x2d0 [ 16.315910] ? kasan_atomics_helper+0x5115/0x5450 [ 16.315944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.315968] ? kasan_atomics_helper+0x5115/0x5450 [ 16.315991] kasan_report+0x141/0x180 [ 16.316024] ? kasan_atomics_helper+0x5115/0x5450 [ 16.316052] __asan_report_load8_noabort+0x18/0x20 [ 16.316078] kasan_atomics_helper+0x5115/0x5450 [ 16.316101] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.316124] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.316150] ? kasan_atomics+0x152/0x310 [ 16.316176] kasan_atomics+0x1dc/0x310 [ 16.316200] ? __pfx_kasan_atomics+0x10/0x10 [ 16.316225] ? __pfx_read_tsc+0x10/0x10 [ 16.316247] ? ktime_get_ts64+0x86/0x230 [ 16.316272] kunit_try_run_case+0x1a5/0x480 [ 16.316297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.316354] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.316381] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.316405] ? __kthread_parkme+0x82/0x180 [ 16.316427] ? preempt_count_sub+0x50/0x80 [ 16.316481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.316506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.316531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.316556] kthread+0x337/0x6f0 [ 16.316576] ? trace_preempt_on+0x20/0xc0 [ 16.316600] ? __pfx_kthread+0x10/0x10 [ 16.316621] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.316643] ? calculate_sigpending+0x7b/0xa0 [ 16.316669] ? __pfx_kthread+0x10/0x10 [ 16.316691] ret_from_fork+0x116/0x1d0 [ 16.316711] ? __pfx_kthread+0x10/0x10 [ 16.316732] ret_from_fork_asm+0x1a/0x30 [ 16.316765] </TASK> [ 16.316780] [ 16.324841] Allocated by task 282: [ 16.325053] kasan_save_stack+0x45/0x70 [ 16.325261] kasan_save_track+0x18/0x40 [ 16.325481] kasan_save_alloc_info+0x3b/0x50 [ 16.325638] __kasan_kmalloc+0xb7/0xc0 [ 16.325825] __kmalloc_cache_noprof+0x189/0x420 [ 16.326059] kasan_atomics+0x95/0x310 [ 16.326212] kunit_try_run_case+0x1a5/0x480 [ 16.326425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.326633] kthread+0x337/0x6f0 [ 16.326824] ret_from_fork+0x116/0x1d0 [ 16.327003] ret_from_fork_asm+0x1a/0x30 [ 16.327213] [ 16.327306] The buggy address belongs to the object at ffff88810342d080 [ 16.327306] which belongs to the cache kmalloc-64 of size 64 [ 16.327813] The buggy address is located 0 bytes to the right of [ 16.327813] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.328322] [ 16.328424] The buggy address belongs to the physical page: [ 16.328658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.328986] flags: 0x200000000000000(node=0|zone=2) [ 16.329205] page_type: f5(slab) [ 16.329391] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.329739] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.330036] page dumped because: kasan: bad access detected [ 16.330307] [ 16.330421] Memory state around the buggy address: [ 16.330641] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.330950] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.331274] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.331859] ^ [ 16.332062] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.332282] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.332736] ================================================================== [ 15.821636] ================================================================== [ 15.821981] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.822353] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.822681] [ 15.822772] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.822818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.822830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.822853] Call Trace: [ 15.822873] <TASK> [ 15.822892] dump_stack_lvl+0x73/0xb0 [ 15.822921] print_report+0xd1/0x610 [ 15.822943] ? __virt_addr_valid+0x1db/0x2d0 [ 15.822967] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.822988] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.823024] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.823046] kasan_report+0x141/0x180 [ 15.823068] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.823095] kasan_check_range+0x10c/0x1c0 [ 15.823119] __kasan_check_write+0x18/0x20 [ 15.823139] kasan_atomics_helper+0x15b6/0x5450 [ 15.823163] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.823186] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.823212] ? kasan_atomics+0x152/0x310 [ 15.823238] kasan_atomics+0x1dc/0x310 [ 15.823260] ? __pfx_kasan_atomics+0x10/0x10 [ 15.823285] ? __pfx_read_tsc+0x10/0x10 [ 15.823306] ? ktime_get_ts64+0x86/0x230 [ 15.823342] kunit_try_run_case+0x1a5/0x480 [ 15.823370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.823394] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.823447] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.823471] ? __kthread_parkme+0x82/0x180 [ 15.823492] ? preempt_count_sub+0x50/0x80 [ 15.823525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.823549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.823574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.823610] kthread+0x337/0x6f0 [ 15.823629] ? trace_preempt_on+0x20/0xc0 [ 15.823653] ? __pfx_kthread+0x10/0x10 [ 15.823673] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.823705] ? calculate_sigpending+0x7b/0xa0 [ 15.823729] ? __pfx_kthread+0x10/0x10 [ 15.823750] ret_from_fork+0x116/0x1d0 [ 15.823780] ? __pfx_kthread+0x10/0x10 [ 15.823801] ret_from_fork_asm+0x1a/0x30 [ 15.823832] </TASK> [ 15.823844] [ 15.831533] Allocated by task 282: [ 15.831717] kasan_save_stack+0x45/0x70 [ 15.831884] kasan_save_track+0x18/0x40 [ 15.832106] kasan_save_alloc_info+0x3b/0x50 [ 15.832293] __kasan_kmalloc+0xb7/0xc0 [ 15.832514] __kmalloc_cache_noprof+0x189/0x420 [ 15.832719] kasan_atomics+0x95/0x310 [ 15.832924] kunit_try_run_case+0x1a5/0x480 [ 15.833081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.833258] kthread+0x337/0x6f0 [ 15.833379] ret_from_fork+0x116/0x1d0 [ 15.833537] ret_from_fork_asm+0x1a/0x30 [ 15.833680] [ 15.833757] The buggy address belongs to the object at ffff88810342d080 [ 15.833757] which belongs to the cache kmalloc-64 of size 64 [ 15.834193] The buggy address is located 0 bytes to the right of [ 15.834193] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.834768] [ 15.834866] The buggy address belongs to the physical page: [ 15.835126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.835500] flags: 0x200000000000000(node=0|zone=2) [ 15.835760] page_type: f5(slab) [ 15.835929] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.836308] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.836665] page dumped because: kasan: bad access detected [ 15.836952] [ 15.837055] Memory state around the buggy address: [ 15.837278] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.837573] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.837790] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.838005] ^ [ 15.838241] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.838605] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.838948] ================================================================== [ 15.954434] ================================================================== [ 15.954818] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.955171] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.955398] [ 15.955487] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.955533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.955545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.955568] Call Trace: [ 15.955588] <TASK> [ 15.955608] dump_stack_lvl+0x73/0xb0 [ 15.955636] print_report+0xd1/0x610 [ 15.955658] ? __virt_addr_valid+0x1db/0x2d0 [ 15.955681] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.955703] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.955727] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.955748] kasan_report+0x141/0x180 [ 15.955770] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.955797] kasan_check_range+0x10c/0x1c0 [ 15.955820] __kasan_check_write+0x18/0x20 [ 15.955841] kasan_atomics_helper+0x19e3/0x5450 [ 15.955863] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.955885] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.955911] ? kasan_atomics+0x152/0x310 [ 15.955937] kasan_atomics+0x1dc/0x310 [ 15.955959] ? __pfx_kasan_atomics+0x10/0x10 [ 15.955983] ? __pfx_read_tsc+0x10/0x10 [ 15.956004] ? ktime_get_ts64+0x86/0x230 [ 15.956040] kunit_try_run_case+0x1a5/0x480 [ 15.956065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.956087] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.956111] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.956134] ? __kthread_parkme+0x82/0x180 [ 15.956155] ? preempt_count_sub+0x50/0x80 [ 15.956205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.956231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.956255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.956281] kthread+0x337/0x6f0 [ 15.956301] ? trace_preempt_on+0x20/0xc0 [ 15.956325] ? __pfx_kthread+0x10/0x10 [ 15.956346] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.956368] ? calculate_sigpending+0x7b/0xa0 [ 15.956393] ? __pfx_kthread+0x10/0x10 [ 15.956414] ret_from_fork+0x116/0x1d0 [ 15.956434] ? __pfx_kthread+0x10/0x10 [ 15.956454] ret_from_fork_asm+0x1a/0x30 [ 15.956487] </TASK> [ 15.956497] [ 15.964256] Allocated by task 282: [ 15.964401] kasan_save_stack+0x45/0x70 [ 15.964557] kasan_save_track+0x18/0x40 [ 15.964717] kasan_save_alloc_info+0x3b/0x50 [ 15.964934] __kasan_kmalloc+0xb7/0xc0 [ 15.965127] __kmalloc_cache_noprof+0x189/0x420 [ 15.965353] kasan_atomics+0x95/0x310 [ 15.965565] kunit_try_run_case+0x1a5/0x480 [ 15.965771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.966031] kthread+0x337/0x6f0 [ 15.966196] ret_from_fork+0x116/0x1d0 [ 15.966378] ret_from_fork_asm+0x1a/0x30 [ 15.966537] [ 15.966609] The buggy address belongs to the object at ffff88810342d080 [ 15.966609] which belongs to the cache kmalloc-64 of size 64 [ 15.967116] The buggy address is located 0 bytes to the right of [ 15.967116] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.967870] [ 15.967986] The buggy address belongs to the physical page: [ 15.968230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.968576] flags: 0x200000000000000(node=0|zone=2) [ 15.968808] page_type: f5(slab) [ 15.969001] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.969274] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.969668] page dumped because: kasan: bad access detected [ 15.969855] [ 15.969923] Memory state around the buggy address: [ 15.970087] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.970298] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.970668] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.970990] ^ [ 15.971225] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.971702] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.972027] ================================================================== [ 15.553136] ================================================================== [ 15.553537] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.553895] Read of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.554414] [ 15.554534] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.554581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.554594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.554618] Call Trace: [ 15.554640] <TASK> [ 15.554660] dump_stack_lvl+0x73/0xb0 [ 15.554691] print_report+0xd1/0x610 [ 15.554716] ? __virt_addr_valid+0x1db/0x2d0 [ 15.554742] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.554765] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.554788] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.554810] kasan_report+0x141/0x180 [ 15.554833] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.554859] __asan_report_load4_noabort+0x18/0x20 [ 15.554885] kasan_atomics_helper+0x4a36/0x5450 [ 15.554908] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.554931] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.554958] ? kasan_atomics+0x152/0x310 [ 15.554985] kasan_atomics+0x1dc/0x310 [ 15.555623] ? __pfx_kasan_atomics+0x10/0x10 [ 15.555672] ? __pfx_read_tsc+0x10/0x10 [ 15.555697] ? ktime_get_ts64+0x86/0x230 [ 15.555723] kunit_try_run_case+0x1a5/0x480 [ 15.555751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.555774] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.555801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.555826] ? __kthread_parkme+0x82/0x180 [ 15.555847] ? preempt_count_sub+0x50/0x80 [ 15.555873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.555897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.555922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.555947] kthread+0x337/0x6f0 [ 15.555967] ? trace_preempt_on+0x20/0xc0 [ 15.555991] ? __pfx_kthread+0x10/0x10 [ 15.556024] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.556047] ? calculate_sigpending+0x7b/0xa0 [ 15.556073] ? __pfx_kthread+0x10/0x10 [ 15.556095] ret_from_fork+0x116/0x1d0 [ 15.556115] ? __pfx_kthread+0x10/0x10 [ 15.556136] ret_from_fork_asm+0x1a/0x30 [ 15.556168] </TASK> [ 15.556179] [ 15.563586] Allocated by task 282: [ 15.563743] kasan_save_stack+0x45/0x70 [ 15.563956] kasan_save_track+0x18/0x40 [ 15.564147] kasan_save_alloc_info+0x3b/0x50 [ 15.564301] __kasan_kmalloc+0xb7/0xc0 [ 15.564474] __kmalloc_cache_noprof+0x189/0x420 [ 15.564711] kasan_atomics+0x95/0x310 [ 15.564908] kunit_try_run_case+0x1a5/0x480 [ 15.565092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.565337] kthread+0x337/0x6f0 [ 15.565505] ret_from_fork+0x116/0x1d0 [ 15.565685] ret_from_fork_asm+0x1a/0x30 [ 15.565865] [ 15.565974] The buggy address belongs to the object at ffff88810342d080 [ 15.565974] which belongs to the cache kmalloc-64 of size 64 [ 15.566431] The buggy address is located 0 bytes to the right of [ 15.566431] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.566922] [ 15.567021] The buggy address belongs to the physical page: [ 15.567233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.567568] flags: 0x200000000000000(node=0|zone=2) [ 15.567799] page_type: f5(slab) [ 15.567946] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.568231] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.568461] page dumped because: kasan: bad access detected [ 15.568632] [ 15.568702] Memory state around the buggy address: [ 15.568867] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.569131] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.569486] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.569802] ^ [ 15.570034] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.570287] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.570692] ================================================================== [ 16.157615] ================================================================== [ 16.158201] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.158555] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.158862] [ 16.158982] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.159300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.159318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.159342] Call Trace: [ 16.159363] <TASK> [ 16.159385] dump_stack_lvl+0x73/0xb0 [ 16.159418] print_report+0xd1/0x610 [ 16.159876] ? __virt_addr_valid+0x1db/0x2d0 [ 16.159905] ? kasan_atomics_helper+0x2006/0x5450 [ 16.159928] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.159955] ? kasan_atomics_helper+0x2006/0x5450 [ 16.159979] kasan_report+0x141/0x180 [ 16.160002] ? kasan_atomics_helper+0x2006/0x5450 [ 16.160042] kasan_check_range+0x10c/0x1c0 [ 16.160067] __kasan_check_write+0x18/0x20 [ 16.160087] kasan_atomics_helper+0x2006/0x5450 [ 16.160109] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.160133] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.160160] ? kasan_atomics+0x152/0x310 [ 16.160186] kasan_atomics+0x1dc/0x310 [ 16.160209] ? __pfx_kasan_atomics+0x10/0x10 [ 16.160241] ? __pfx_read_tsc+0x10/0x10 [ 16.160264] ? ktime_get_ts64+0x86/0x230 [ 16.160290] kunit_try_run_case+0x1a5/0x480 [ 16.160315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.160339] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.160365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.160389] ? __kthread_parkme+0x82/0x180 [ 16.160412] ? preempt_count_sub+0x50/0x80 [ 16.160707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.161640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.161676] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.161714] kthread+0x337/0x6f0 [ 16.161924] ? trace_preempt_on+0x20/0xc0 [ 16.161955] ? __pfx_kthread+0x10/0x10 [ 16.161991] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.162025] ? calculate_sigpending+0x7b/0xa0 [ 16.162051] ? __pfx_kthread+0x10/0x10 [ 16.162073] ret_from_fork+0x116/0x1d0 [ 16.162093] ? __pfx_kthread+0x10/0x10 [ 16.162114] ret_from_fork_asm+0x1a/0x30 [ 16.162147] </TASK> [ 16.162160] [ 16.175700] Allocated by task 282: [ 16.176083] kasan_save_stack+0x45/0x70 [ 16.176426] kasan_save_track+0x18/0x40 [ 16.176724] kasan_save_alloc_info+0x3b/0x50 [ 16.176885] __kasan_kmalloc+0xb7/0xc0 [ 16.177037] __kmalloc_cache_noprof+0x189/0x420 [ 16.177200] kasan_atomics+0x95/0x310 [ 16.177336] kunit_try_run_case+0x1a5/0x480 [ 16.177663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.178145] kthread+0x337/0x6f0 [ 16.178476] ret_from_fork+0x116/0x1d0 [ 16.178831] ret_from_fork_asm+0x1a/0x30 [ 16.179203] [ 16.179381] The buggy address belongs to the object at ffff88810342d080 [ 16.179381] which belongs to the cache kmalloc-64 of size 64 [ 16.180471] The buggy address is located 0 bytes to the right of [ 16.180471] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.181576] [ 16.181747] The buggy address belongs to the physical page: [ 16.182134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.182379] flags: 0x200000000000000(node=0|zone=2) [ 16.182860] page_type: f5(slab) [ 16.183187] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.183879] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.184554] page dumped because: kasan: bad access detected [ 16.184908] [ 16.185085] Memory state around the buggy address: [ 16.185438] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.185916] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.186213] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.186861] ^ [ 16.187140] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.187748] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.187965] ================================================================== [ 15.936833] ================================================================== [ 15.937216] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.937564] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.937860] [ 15.937976] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.938036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.938049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.938073] Call Trace: [ 15.938093] <TASK> [ 15.938114] dump_stack_lvl+0x73/0xb0 [ 15.938144] print_report+0xd1/0x610 [ 15.938167] ? __virt_addr_valid+0x1db/0x2d0 [ 15.938191] ? kasan_atomics_helper+0x194a/0x5450 [ 15.938213] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.938238] ? kasan_atomics_helper+0x194a/0x5450 [ 15.938261] kasan_report+0x141/0x180 [ 15.938284] ? kasan_atomics_helper+0x194a/0x5450 [ 15.938310] kasan_check_range+0x10c/0x1c0 [ 15.938336] __kasan_check_write+0x18/0x20 [ 15.938357] kasan_atomics_helper+0x194a/0x5450 [ 15.938380] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.938403] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.938429] ? kasan_atomics+0x152/0x310 [ 15.938456] kasan_atomics+0x1dc/0x310 [ 15.938479] ? __pfx_kasan_atomics+0x10/0x10 [ 15.938504] ? __pfx_read_tsc+0x10/0x10 [ 15.938526] ? ktime_get_ts64+0x86/0x230 [ 15.938551] kunit_try_run_case+0x1a5/0x480 [ 15.938577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.938600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.938625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.938650] ? __kthread_parkme+0x82/0x180 [ 15.938671] ? preempt_count_sub+0x50/0x80 [ 15.938695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.938720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.938745] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.938770] kthread+0x337/0x6f0 [ 15.938790] ? trace_preempt_on+0x20/0xc0 [ 15.938813] ? __pfx_kthread+0x10/0x10 [ 15.938834] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.938856] ? calculate_sigpending+0x7b/0xa0 [ 15.938881] ? __pfx_kthread+0x10/0x10 [ 15.938903] ret_from_fork+0x116/0x1d0 [ 15.938922] ? __pfx_kthread+0x10/0x10 [ 15.938943] ret_from_fork_asm+0x1a/0x30 [ 15.938974] </TASK> [ 15.938984] [ 15.946080] Allocated by task 282: [ 15.946272] kasan_save_stack+0x45/0x70 [ 15.946543] kasan_save_track+0x18/0x40 [ 15.946746] kasan_save_alloc_info+0x3b/0x50 [ 15.946979] __kasan_kmalloc+0xb7/0xc0 [ 15.947139] __kmalloc_cache_noprof+0x189/0x420 [ 15.947292] kasan_atomics+0x95/0x310 [ 15.947451] kunit_try_run_case+0x1a5/0x480 [ 15.947684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.947959] kthread+0x337/0x6f0 [ 15.948139] ret_from_fork+0x116/0x1d0 [ 15.948343] ret_from_fork_asm+0x1a/0x30 [ 15.948612] [ 15.948693] The buggy address belongs to the object at ffff88810342d080 [ 15.948693] which belongs to the cache kmalloc-64 of size 64 [ 15.949154] The buggy address is located 0 bytes to the right of [ 15.949154] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.949644] [ 15.949742] The buggy address belongs to the physical page: [ 15.950004] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.950328] flags: 0x200000000000000(node=0|zone=2) [ 15.950584] page_type: f5(slab) [ 15.950726] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.950982] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.951212] page dumped because: kasan: bad access detected [ 15.951377] [ 15.951446] Memory state around the buggy address: [ 15.951631] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.951942] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.952261] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.952561] ^ [ 15.952840] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.953169] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.953396] ================================================================== [ 16.048351] ================================================================== [ 16.048966] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.049414] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.049631] [ 16.049807] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.049856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.049869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.049892] Call Trace: [ 16.049912] <TASK> [ 16.049933] dump_stack_lvl+0x73/0xb0 [ 16.049964] print_report+0xd1/0x610 [ 16.049986] ? __virt_addr_valid+0x1db/0x2d0 [ 16.050021] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.050043] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.050068] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.050091] kasan_report+0x141/0x180 [ 16.050112] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.050139] kasan_check_range+0x10c/0x1c0 [ 16.050164] __kasan_check_write+0x18/0x20 [ 16.050183] kasan_atomics_helper+0x1ce1/0x5450 [ 16.050207] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.050230] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.050257] ? kasan_atomics+0x152/0x310 [ 16.050283] kasan_atomics+0x1dc/0x310 [ 16.050306] ? __pfx_kasan_atomics+0x10/0x10 [ 16.050331] ? __pfx_read_tsc+0x10/0x10 [ 16.050352] ? ktime_get_ts64+0x86/0x230 [ 16.050378] kunit_try_run_case+0x1a5/0x480 [ 16.050404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.050427] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.050452] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.050479] ? __kthread_parkme+0x82/0x180 [ 16.050502] ? preempt_count_sub+0x50/0x80 [ 16.050530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.050557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.050584] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.050608] kthread+0x337/0x6f0 [ 16.050629] ? trace_preempt_on+0x20/0xc0 [ 16.050654] ? __pfx_kthread+0x10/0x10 [ 16.050680] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.050723] ? calculate_sigpending+0x7b/0xa0 [ 16.050749] ? __pfx_kthread+0x10/0x10 [ 16.050771] ret_from_fork+0x116/0x1d0 [ 16.050790] ? __pfx_kthread+0x10/0x10 [ 16.050813] ret_from_fork_asm+0x1a/0x30 [ 16.050844] </TASK> [ 16.050855] [ 16.058262] Allocated by task 282: [ 16.058402] kasan_save_stack+0x45/0x70 [ 16.058551] kasan_save_track+0x18/0x40 [ 16.058685] kasan_save_alloc_info+0x3b/0x50 [ 16.058831] __kasan_kmalloc+0xb7/0xc0 [ 16.058960] __kmalloc_cache_noprof+0x189/0x420 [ 16.059372] kasan_atomics+0x95/0x310 [ 16.059686] kunit_try_run_case+0x1a5/0x480 [ 16.059888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.060265] kthread+0x337/0x6f0 [ 16.060608] ret_from_fork+0x116/0x1d0 [ 16.060748] ret_from_fork_asm+0x1a/0x30 [ 16.060888] [ 16.060959] The buggy address belongs to the object at ffff88810342d080 [ 16.060959] which belongs to the cache kmalloc-64 of size 64 [ 16.061316] The buggy address is located 0 bytes to the right of [ 16.061316] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.062390] [ 16.062506] The buggy address belongs to the physical page: [ 16.062761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.063098] flags: 0x200000000000000(node=0|zone=2) [ 16.063304] page_type: f5(slab) [ 16.063456] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.063702] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.063923] page dumped because: kasan: bad access detected [ 16.064096] [ 16.064164] Memory state around the buggy address: [ 16.064314] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.064524] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.064804] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.065121] ^ [ 16.065340] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.065942] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.066255] ================================================================== [ 16.231108] ================================================================== [ 16.231476] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.231851] Read of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.232328] [ 16.232441] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.232521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.232534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.232557] Call Trace: [ 16.232603] <TASK> [ 16.232625] dump_stack_lvl+0x73/0xb0 [ 16.232658] print_report+0xd1/0x610 [ 16.232681] ? __virt_addr_valid+0x1db/0x2d0 [ 16.232706] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.232728] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.232752] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.232775] kasan_report+0x141/0x180 [ 16.232798] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.232825] __asan_report_load8_noabort+0x18/0x20 [ 16.232859] kasan_atomics_helper+0x4fb2/0x5450 [ 16.232881] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.232904] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.232932] ? kasan_atomics+0x152/0x310 [ 16.232959] kasan_atomics+0x1dc/0x310 [ 16.232982] ? __pfx_kasan_atomics+0x10/0x10 [ 16.233029] ? __pfx_read_tsc+0x10/0x10 [ 16.233052] ? ktime_get_ts64+0x86/0x230 [ 16.233077] kunit_try_run_case+0x1a5/0x480 [ 16.233103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.233126] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.233151] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.233176] ? __kthread_parkme+0x82/0x180 [ 16.233198] ? preempt_count_sub+0x50/0x80 [ 16.233222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.233247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.233273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.233298] kthread+0x337/0x6f0 [ 16.233317] ? trace_preempt_on+0x20/0xc0 [ 16.233341] ? __pfx_kthread+0x10/0x10 [ 16.233362] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.233384] ? calculate_sigpending+0x7b/0xa0 [ 16.233427] ? __pfx_kthread+0x10/0x10 [ 16.233449] ret_from_fork+0x116/0x1d0 [ 16.233468] ? __pfx_kthread+0x10/0x10 [ 16.233489] ret_from_fork_asm+0x1a/0x30 [ 16.233521] </TASK> [ 16.233533] [ 16.241684] Allocated by task 282: [ 16.241880] kasan_save_stack+0x45/0x70 [ 16.242106] kasan_save_track+0x18/0x40 [ 16.242300] kasan_save_alloc_info+0x3b/0x50 [ 16.242525] __kasan_kmalloc+0xb7/0xc0 [ 16.242665] __kmalloc_cache_noprof+0x189/0x420 [ 16.242826] kasan_atomics+0x95/0x310 [ 16.242962] kunit_try_run_case+0x1a5/0x480 [ 16.243122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.243440] kthread+0x337/0x6f0 [ 16.243612] ret_from_fork+0x116/0x1d0 [ 16.243803] ret_from_fork_asm+0x1a/0x30 [ 16.244029] [ 16.244127] The buggy address belongs to the object at ffff88810342d080 [ 16.244127] which belongs to the cache kmalloc-64 of size 64 [ 16.246048] The buggy address is located 0 bytes to the right of [ 16.246048] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.246904] [ 16.246991] The buggy address belongs to the physical page: [ 16.247175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.247409] flags: 0x200000000000000(node=0|zone=2) [ 16.247901] page_type: f5(slab) [ 16.248226] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.248907] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.249629] page dumped because: kasan: bad access detected [ 16.250213] [ 16.250386] Memory state around the buggy address: [ 16.250827] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.251319] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.251573] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.252132] ^ [ 16.252288] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.252679] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.253299] ================================================================== [ 15.839917] ================================================================== [ 15.840279] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.840554] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.840894] [ 15.841026] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.841075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.841099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.841122] Call Trace: [ 15.841143] <TASK> [ 15.841163] dump_stack_lvl+0x73/0xb0 [ 15.841194] print_report+0xd1/0x610 [ 15.841227] ? __virt_addr_valid+0x1db/0x2d0 [ 15.841252] ? kasan_atomics_helper+0x164f/0x5450 [ 15.841274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.841308] ? kasan_atomics_helper+0x164f/0x5450 [ 15.841331] kasan_report+0x141/0x180 [ 15.841353] ? kasan_atomics_helper+0x164f/0x5450 [ 15.841380] kasan_check_range+0x10c/0x1c0 [ 15.841433] __kasan_check_write+0x18/0x20 [ 15.841457] kasan_atomics_helper+0x164f/0x5450 [ 15.841491] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.841515] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.841542] ? kasan_atomics+0x152/0x310 [ 15.841568] kasan_atomics+0x1dc/0x310 [ 15.841591] ? __pfx_kasan_atomics+0x10/0x10 [ 15.841624] ? __pfx_read_tsc+0x10/0x10 [ 15.841646] ? ktime_get_ts64+0x86/0x230 [ 15.841671] kunit_try_run_case+0x1a5/0x480 [ 15.841709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.841732] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.841757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.841790] ? __kthread_parkme+0x82/0x180 [ 15.841812] ? preempt_count_sub+0x50/0x80 [ 15.841836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.841870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.841895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.841920] kthread+0x337/0x6f0 [ 15.841940] ? trace_preempt_on+0x20/0xc0 [ 15.841971] ? __pfx_kthread+0x10/0x10 [ 15.841992] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.842028] ? calculate_sigpending+0x7b/0xa0 [ 15.842054] ? __pfx_kthread+0x10/0x10 [ 15.842075] ret_from_fork+0x116/0x1d0 [ 15.842095] ? __pfx_kthread+0x10/0x10 [ 15.842115] ret_from_fork_asm+0x1a/0x30 [ 15.842157] </TASK> [ 15.842168] [ 15.849750] Allocated by task 282: [ 15.849924] kasan_save_stack+0x45/0x70 [ 15.850158] kasan_save_track+0x18/0x40 [ 15.850344] kasan_save_alloc_info+0x3b/0x50 [ 15.850559] __kasan_kmalloc+0xb7/0xc0 [ 15.850757] __kmalloc_cache_noprof+0x189/0x420 [ 15.850977] kasan_atomics+0x95/0x310 [ 15.851171] kunit_try_run_case+0x1a5/0x480 [ 15.851368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.851624] kthread+0x337/0x6f0 [ 15.851805] ret_from_fork+0x116/0x1d0 [ 15.851955] ret_from_fork_asm+0x1a/0x30 [ 15.852107] [ 15.852179] The buggy address belongs to the object at ffff88810342d080 [ 15.852179] which belongs to the cache kmalloc-64 of size 64 [ 15.852555] The buggy address is located 0 bytes to the right of [ 15.852555] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.852927] [ 15.853002] The buggy address belongs to the physical page: [ 15.853290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.853668] flags: 0x200000000000000(node=0|zone=2) [ 15.853904] page_type: f5(slab) [ 15.854085] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.854472] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.854784] page dumped because: kasan: bad access detected [ 15.854956] [ 15.855035] Memory state around the buggy address: [ 15.855191] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.855426] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.855642] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.855972] ^ [ 15.856204] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.856552] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.856899] ================================================================== [ 15.803282] ================================================================== [ 15.803873] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.804184] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.804604] [ 15.804706] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.804754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.804777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.804799] Call Trace: [ 15.804820] <TASK> [ 15.804841] dump_stack_lvl+0x73/0xb0 [ 15.804886] print_report+0xd1/0x610 [ 15.804910] ? __virt_addr_valid+0x1db/0x2d0 [ 15.804934] ? kasan_atomics_helper+0x151d/0x5450 [ 15.804966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.804989] ? kasan_atomics_helper+0x151d/0x5450 [ 15.805027] kasan_report+0x141/0x180 [ 15.805050] ? kasan_atomics_helper+0x151d/0x5450 [ 15.805076] kasan_check_range+0x10c/0x1c0 [ 15.805112] __kasan_check_write+0x18/0x20 [ 15.805131] kasan_atomics_helper+0x151d/0x5450 [ 15.805154] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.805189] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.805215] ? kasan_atomics+0x152/0x310 [ 15.805241] kasan_atomics+0x1dc/0x310 [ 15.805275] ? __pfx_kasan_atomics+0x10/0x10 [ 15.805301] ? __pfx_read_tsc+0x10/0x10 [ 15.805323] ? ktime_get_ts64+0x86/0x230 [ 15.805360] kunit_try_run_case+0x1a5/0x480 [ 15.805386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.805438] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.805464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.805500] ? __kthread_parkme+0x82/0x180 [ 15.805521] ? preempt_count_sub+0x50/0x80 [ 15.805546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.805583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.805609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.805634] kthread+0x337/0x6f0 [ 15.805664] ? trace_preempt_on+0x20/0xc0 [ 15.805688] ? __pfx_kthread+0x10/0x10 [ 15.805709] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.805742] ? calculate_sigpending+0x7b/0xa0 [ 15.805768] ? __pfx_kthread+0x10/0x10 [ 15.805789] ret_from_fork+0x116/0x1d0 [ 15.805809] ? __pfx_kthread+0x10/0x10 [ 15.805830] ret_from_fork_asm+0x1a/0x30 [ 15.805862] </TASK> [ 15.805876] [ 15.813286] Allocated by task 282: [ 15.813487] kasan_save_stack+0x45/0x70 [ 15.813716] kasan_save_track+0x18/0x40 [ 15.813922] kasan_save_alloc_info+0x3b/0x50 [ 15.814097] __kasan_kmalloc+0xb7/0xc0 [ 15.814303] __kmalloc_cache_noprof+0x189/0x420 [ 15.814540] kasan_atomics+0x95/0x310 [ 15.814712] kunit_try_run_case+0x1a5/0x480 [ 15.814944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.815139] kthread+0x337/0x6f0 [ 15.815262] ret_from_fork+0x116/0x1d0 [ 15.815397] ret_from_fork_asm+0x1a/0x30 [ 15.815570] [ 15.815691] The buggy address belongs to the object at ffff88810342d080 [ 15.815691] which belongs to the cache kmalloc-64 of size 64 [ 15.816320] The buggy address is located 0 bytes to the right of [ 15.816320] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.816921] [ 15.817031] The buggy address belongs to the physical page: [ 15.817282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.817641] flags: 0x200000000000000(node=0|zone=2) [ 15.817815] page_type: f5(slab) [ 15.817989] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.818348] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.818702] page dumped because: kasan: bad access detected [ 15.818875] [ 15.818945] Memory state around the buggy address: [ 15.819123] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.819343] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.819589] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.819855] ^ [ 15.820102] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.820434] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.820745] ================================================================== [ 16.084699] ================================================================== [ 16.085252] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.085571] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.085798] [ 16.085888] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.085934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.085947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.085970] Call Trace: [ 16.085990] <TASK> [ 16.086022] dump_stack_lvl+0x73/0xb0 [ 16.086051] print_report+0xd1/0x610 [ 16.086075] ? __virt_addr_valid+0x1db/0x2d0 [ 16.086100] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.086121] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.086145] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.086168] kasan_report+0x141/0x180 [ 16.086190] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.086217] kasan_check_range+0x10c/0x1c0 [ 16.086241] __kasan_check_write+0x18/0x20 [ 16.086261] kasan_atomics_helper+0x1e12/0x5450 [ 16.086285] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.086308] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.086334] ? kasan_atomics+0x152/0x310 [ 16.086360] kasan_atomics+0x1dc/0x310 [ 16.086383] ? __pfx_kasan_atomics+0x10/0x10 [ 16.086407] ? __pfx_read_tsc+0x10/0x10 [ 16.086442] ? ktime_get_ts64+0x86/0x230 [ 16.086467] kunit_try_run_case+0x1a5/0x480 [ 16.086492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.086515] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.086541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.086565] ? __kthread_parkme+0x82/0x180 [ 16.086587] ? preempt_count_sub+0x50/0x80 [ 16.086612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.086637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.086662] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.086688] kthread+0x337/0x6f0 [ 16.086707] ? trace_preempt_on+0x20/0xc0 [ 16.086731] ? __pfx_kthread+0x10/0x10 [ 16.086752] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.086774] ? calculate_sigpending+0x7b/0xa0 [ 16.086799] ? __pfx_kthread+0x10/0x10 [ 16.086821] ret_from_fork+0x116/0x1d0 [ 16.086840] ? __pfx_kthread+0x10/0x10 [ 16.086861] ret_from_fork_asm+0x1a/0x30 [ 16.086892] </TASK> [ 16.086903] [ 16.094045] Allocated by task 282: [ 16.094216] kasan_save_stack+0x45/0x70 [ 16.094410] kasan_save_track+0x18/0x40 [ 16.094582] kasan_save_alloc_info+0x3b/0x50 [ 16.094774] __kasan_kmalloc+0xb7/0xc0 [ 16.094903] __kmalloc_cache_noprof+0x189/0x420 [ 16.095090] kasan_atomics+0x95/0x310 [ 16.095271] kunit_try_run_case+0x1a5/0x480 [ 16.095520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.095736] kthread+0x337/0x6f0 [ 16.095887] ret_from_fork+0x116/0x1d0 [ 16.096027] ret_from_fork_asm+0x1a/0x30 [ 16.096227] [ 16.096324] The buggy address belongs to the object at ffff88810342d080 [ 16.096324] which belongs to the cache kmalloc-64 of size 64 [ 16.096886] The buggy address is located 0 bytes to the right of [ 16.096886] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.097369] [ 16.097459] The buggy address belongs to the physical page: [ 16.097712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.098052] flags: 0x200000000000000(node=0|zone=2) [ 16.098251] page_type: f5(slab) [ 16.098408] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.098692] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.098993] page dumped because: kasan: bad access detected [ 16.099206] [ 16.099274] Memory state around the buggy address: [ 16.099426] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.099671] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.099976] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.100266] ^ [ 16.100416] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.100706] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.101035] ================================================================== [ 15.294732] ================================================================== [ 15.295101] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.295461] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.295719] [ 15.295820] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.295867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.295879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.295906] Call Trace: [ 15.295927] <TASK> [ 15.295949] dump_stack_lvl+0x73/0xb0 [ 15.295978] print_report+0xd1/0x610 [ 15.296002] ? __virt_addr_valid+0x1db/0x2d0 [ 15.296036] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.296069] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.296093] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.296116] kasan_report+0x141/0x180 [ 15.296149] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.296176] kasan_check_range+0x10c/0x1c0 [ 15.296201] __kasan_check_write+0x18/0x20 [ 15.296221] kasan_atomics_helper+0xa2b/0x5450 [ 15.296244] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.296268] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.296294] ? kasan_atomics+0x152/0x310 [ 15.296321] kasan_atomics+0x1dc/0x310 [ 15.296344] ? __pfx_kasan_atomics+0x10/0x10 [ 15.296369] ? __pfx_read_tsc+0x10/0x10 [ 15.296391] ? ktime_get_ts64+0x86/0x230 [ 15.296416] kunit_try_run_case+0x1a5/0x480 [ 15.296442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.296464] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.296490] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.296514] ? __kthread_parkme+0x82/0x180 [ 15.296536] ? preempt_count_sub+0x50/0x80 [ 15.296561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.296585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.296610] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.296636] kthread+0x337/0x6f0 [ 15.296656] ? trace_preempt_on+0x20/0xc0 [ 15.296680] ? __pfx_kthread+0x10/0x10 [ 15.296701] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.296725] ? calculate_sigpending+0x7b/0xa0 [ 15.296762] ? __pfx_kthread+0x10/0x10 [ 15.296784] ret_from_fork+0x116/0x1d0 [ 15.296803] ? __pfx_kthread+0x10/0x10 [ 15.296834] ret_from_fork_asm+0x1a/0x30 [ 15.296872] </TASK> [ 15.296882] [ 15.304807] Allocated by task 282: [ 15.305017] kasan_save_stack+0x45/0x70 [ 15.305232] kasan_save_track+0x18/0x40 [ 15.305417] kasan_save_alloc_info+0x3b/0x50 [ 15.305645] __kasan_kmalloc+0xb7/0xc0 [ 15.305870] __kmalloc_cache_noprof+0x189/0x420 [ 15.306091] kasan_atomics+0x95/0x310 [ 15.306302] kunit_try_run_case+0x1a5/0x480 [ 15.306531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.306780] kthread+0x337/0x6f0 [ 15.306911] ret_from_fork+0x116/0x1d0 [ 15.307063] ret_from_fork_asm+0x1a/0x30 [ 15.307280] [ 15.307376] The buggy address belongs to the object at ffff88810342d080 [ 15.307376] which belongs to the cache kmalloc-64 of size 64 [ 15.307957] The buggy address is located 0 bytes to the right of [ 15.307957] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.308513] [ 15.308602] The buggy address belongs to the physical page: [ 15.308870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.309209] flags: 0x200000000000000(node=0|zone=2) [ 15.309441] page_type: f5(slab) [ 15.309568] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.309801] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.310037] page dumped because: kasan: bad access detected [ 15.310209] [ 15.310279] Memory state around the buggy address: [ 15.310436] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.310655] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.310872] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.311212] ^ [ 15.311436] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.311749] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.312072] ================================================================== [ 15.059585] ================================================================== [ 15.060278] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.060964] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.061658] [ 15.061856] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.061906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.061918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.061950] Call Trace: [ 15.061970] <TASK> [ 15.061992] dump_stack_lvl+0x73/0xb0 [ 15.062039] print_report+0xd1/0x610 [ 15.062063] ? __virt_addr_valid+0x1db/0x2d0 [ 15.062086] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.062108] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.062132] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.062154] kasan_report+0x141/0x180 [ 15.062176] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.062203] kasan_check_range+0x10c/0x1c0 [ 15.062227] __kasan_check_write+0x18/0x20 [ 15.062247] kasan_atomics_helper+0x4a0/0x5450 [ 15.062270] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.062293] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.062319] ? kasan_atomics+0x152/0x310 [ 15.062346] kasan_atomics+0x1dc/0x310 [ 15.062370] ? __pfx_kasan_atomics+0x10/0x10 [ 15.062394] ? __pfx_read_tsc+0x10/0x10 [ 15.062440] ? ktime_get_ts64+0x86/0x230 [ 15.062465] kunit_try_run_case+0x1a5/0x480 [ 15.062492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.062514] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.062540] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.062564] ? __kthread_parkme+0x82/0x180 [ 15.062586] ? preempt_count_sub+0x50/0x80 [ 15.062611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.062635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.062661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.062686] kthread+0x337/0x6f0 [ 15.062705] ? trace_preempt_on+0x20/0xc0 [ 15.062729] ? __pfx_kthread+0x10/0x10 [ 15.062750] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.062773] ? calculate_sigpending+0x7b/0xa0 [ 15.062798] ? __pfx_kthread+0x10/0x10 [ 15.062819] ret_from_fork+0x116/0x1d0 [ 15.062838] ? __pfx_kthread+0x10/0x10 [ 15.062859] ret_from_fork_asm+0x1a/0x30 [ 15.062891] </TASK> [ 15.062903] [ 15.075268] Allocated by task 282: [ 15.075445] kasan_save_stack+0x45/0x70 [ 15.075822] kasan_save_track+0x18/0x40 [ 15.076188] kasan_save_alloc_info+0x3b/0x50 [ 15.076604] __kasan_kmalloc+0xb7/0xc0 [ 15.076960] __kmalloc_cache_noprof+0x189/0x420 [ 15.077383] kasan_atomics+0x95/0x310 [ 15.077749] kunit_try_run_case+0x1a5/0x480 [ 15.078152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.078559] kthread+0x337/0x6f0 [ 15.078685] ret_from_fork+0x116/0x1d0 [ 15.078820] ret_from_fork_asm+0x1a/0x30 [ 15.078963] [ 15.079078] The buggy address belongs to the object at ffff88810342d080 [ 15.079078] which belongs to the cache kmalloc-64 of size 64 [ 15.080157] The buggy address is located 0 bytes to the right of [ 15.080157] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.081263] [ 15.081443] The buggy address belongs to the physical page: [ 15.081892] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.082145] flags: 0x200000000000000(node=0|zone=2) [ 15.082312] page_type: f5(slab) [ 15.082464] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.083138] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.083775] page dumped because: kasan: bad access detected [ 15.084266] [ 15.084445] Memory state around the buggy address: [ 15.084851] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.085462] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.086336] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.086829] ^ [ 15.086987] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087205] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087432] ================================================================== [ 15.450601] ================================================================== [ 15.451679] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.452383] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.453257] [ 15.453512] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.453566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.453580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.453603] Call Trace: [ 15.453625] <TASK> [ 15.453648] dump_stack_lvl+0x73/0xb0 [ 15.453682] print_report+0xd1/0x610 [ 15.453728] ? __virt_addr_valid+0x1db/0x2d0 [ 15.453754] ? kasan_atomics_helper+0xde0/0x5450 [ 15.453776] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.453800] ? kasan_atomics_helper+0xde0/0x5450 [ 15.453822] kasan_report+0x141/0x180 [ 15.453844] ? kasan_atomics_helper+0xde0/0x5450 [ 15.453870] kasan_check_range+0x10c/0x1c0 [ 15.453896] __kasan_check_write+0x18/0x20 [ 15.453920] kasan_atomics_helper+0xde0/0x5450 [ 15.453943] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.453966] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.453993] ? kasan_atomics+0x152/0x310 [ 15.454029] kasan_atomics+0x1dc/0x310 [ 15.454052] ? __pfx_kasan_atomics+0x10/0x10 [ 15.454078] ? __pfx_read_tsc+0x10/0x10 [ 15.454100] ? ktime_get_ts64+0x86/0x230 [ 15.454125] kunit_try_run_case+0x1a5/0x480 [ 15.454151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.454175] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.454200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.454224] ? __kthread_parkme+0x82/0x180 [ 15.454246] ? preempt_count_sub+0x50/0x80 [ 15.454272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.454297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.454322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.454348] kthread+0x337/0x6f0 [ 15.454368] ? trace_preempt_on+0x20/0xc0 [ 15.454392] ? __pfx_kthread+0x10/0x10 [ 15.454413] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.454447] ? calculate_sigpending+0x7b/0xa0 [ 15.454473] ? __pfx_kthread+0x10/0x10 [ 15.454494] ret_from_fork+0x116/0x1d0 [ 15.454514] ? __pfx_kthread+0x10/0x10 [ 15.454535] ret_from_fork_asm+0x1a/0x30 [ 15.454567] </TASK> [ 15.454579] [ 15.467390] Allocated by task 282: [ 15.467773] kasan_save_stack+0x45/0x70 [ 15.468067] kasan_save_track+0x18/0x40 [ 15.468204] kasan_save_alloc_info+0x3b/0x50 [ 15.468350] __kasan_kmalloc+0xb7/0xc0 [ 15.468619] __kmalloc_cache_noprof+0x189/0x420 [ 15.469071] kasan_atomics+0x95/0x310 [ 15.469436] kunit_try_run_case+0x1a5/0x480 [ 15.469912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.470404] kthread+0x337/0x6f0 [ 15.470741] ret_from_fork+0x116/0x1d0 [ 15.471102] ret_from_fork_asm+0x1a/0x30 [ 15.471242] [ 15.471315] The buggy address belongs to the object at ffff88810342d080 [ 15.471315] which belongs to the cache kmalloc-64 of size 64 [ 15.471956] The buggy address is located 0 bytes to the right of [ 15.471956] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.472612] [ 15.472721] The buggy address belongs to the physical page: [ 15.473228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.473640] flags: 0x200000000000000(node=0|zone=2) [ 15.473806] page_type: f5(slab) [ 15.473926] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.474185] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.474552] page dumped because: kasan: bad access detected [ 15.474825] [ 15.474895] Memory state around the buggy address: [ 15.475343] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.475769] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.476080] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.476369] ^ [ 15.477210] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.477685] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.478186] ================================================================== [ 14.969804] ================================================================== [ 14.970373] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.970731] Read of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 14.971121] [ 14.971249] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.971309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.971322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.971345] Call Trace: [ 14.971359] <TASK> [ 14.971377] dump_stack_lvl+0x73/0xb0 [ 14.971409] print_report+0xd1/0x610 [ 14.971432] ? __virt_addr_valid+0x1db/0x2d0 [ 14.971466] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.971489] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.971512] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.971544] kasan_report+0x141/0x180 [ 14.971566] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.971601] __asan_report_load4_noabort+0x18/0x20 [ 14.971625] kasan_atomics_helper+0x4b88/0x5450 [ 14.971647] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.971679] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.971705] ? kasan_atomics+0x152/0x310 [ 14.971731] kasan_atomics+0x1dc/0x310 [ 14.971762] ? __pfx_kasan_atomics+0x10/0x10 [ 14.971787] ? __pfx_read_tsc+0x10/0x10 [ 14.971810] ? ktime_get_ts64+0x86/0x230 [ 14.971844] kunit_try_run_case+0x1a5/0x480 [ 14.971869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.971891] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.971916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.971939] ? __kthread_parkme+0x82/0x180 [ 14.971966] ? preempt_count_sub+0x50/0x80 [ 14.971990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.972030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.972053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.972077] kthread+0x337/0x6f0 [ 14.972095] ? trace_preempt_on+0x20/0xc0 [ 14.972118] ? __pfx_kthread+0x10/0x10 [ 14.972137] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.972159] ? calculate_sigpending+0x7b/0xa0 [ 14.972265] ? __pfx_kthread+0x10/0x10 [ 14.972286] ret_from_fork+0x116/0x1d0 [ 14.972305] ? __pfx_kthread+0x10/0x10 [ 14.972325] ret_from_fork_asm+0x1a/0x30 [ 14.972365] </TASK> [ 14.972374] [ 14.983033] Allocated by task 282: [ 14.983277] kasan_save_stack+0x45/0x70 [ 14.983500] kasan_save_track+0x18/0x40 [ 14.983744] kasan_save_alloc_info+0x3b/0x50 [ 14.983944] __kasan_kmalloc+0xb7/0xc0 [ 14.984196] __kmalloc_cache_noprof+0x189/0x420 [ 14.984354] kasan_atomics+0x95/0x310 [ 14.984486] kunit_try_run_case+0x1a5/0x480 [ 14.984633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.984940] kthread+0x337/0x6f0 [ 14.985580] ret_from_fork+0x116/0x1d0 [ 14.985792] ret_from_fork_asm+0x1a/0x30 [ 14.986091] [ 14.986183] The buggy address belongs to the object at ffff88810342d080 [ 14.986183] which belongs to the cache kmalloc-64 of size 64 [ 14.986860] The buggy address is located 0 bytes to the right of [ 14.986860] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 14.987511] [ 14.987585] The buggy address belongs to the physical page: [ 14.987758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 14.988416] flags: 0x200000000000000(node=0|zone=2) [ 14.988813] page_type: f5(slab) [ 14.988953] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.989491] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.989796] page dumped because: kasan: bad access detected [ 14.989987] [ 14.990089] Memory state around the buggy address: [ 14.990339] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.990767] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.990987] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.991321] ^ [ 14.991706] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.992141] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.992373] ================================================================== [ 16.254379] ================================================================== [ 16.255148] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.255539] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.255764] [ 16.255857] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.255908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.255921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.255944] Call Trace: [ 16.255964] <TASK> [ 16.255987] dump_stack_lvl+0x73/0xb0 [ 16.256030] print_report+0xd1/0x610 [ 16.256055] ? __virt_addr_valid+0x1db/0x2d0 [ 16.256079] ? kasan_atomics_helper+0x218a/0x5450 [ 16.256101] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.256125] ? kasan_atomics_helper+0x218a/0x5450 [ 16.256171] kasan_report+0x141/0x180 [ 16.256193] ? kasan_atomics_helper+0x218a/0x5450 [ 16.256221] kasan_check_range+0x10c/0x1c0 [ 16.256263] __kasan_check_write+0x18/0x20 [ 16.256298] kasan_atomics_helper+0x218a/0x5450 [ 16.256322] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.256345] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.256371] ? kasan_atomics+0x152/0x310 [ 16.256398] kasan_atomics+0x1dc/0x310 [ 16.256421] ? __pfx_kasan_atomics+0x10/0x10 [ 16.256446] ? __pfx_read_tsc+0x10/0x10 [ 16.256469] ? ktime_get_ts64+0x86/0x230 [ 16.256494] kunit_try_run_case+0x1a5/0x480 [ 16.256533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.256556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.256582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.256607] ? __kthread_parkme+0x82/0x180 [ 16.256645] ? preempt_count_sub+0x50/0x80 [ 16.256671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.256696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.256721] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.256762] kthread+0x337/0x6f0 [ 16.256782] ? trace_preempt_on+0x20/0xc0 [ 16.256806] ? __pfx_kthread+0x10/0x10 [ 16.256827] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.256857] ? calculate_sigpending+0x7b/0xa0 [ 16.256882] ? __pfx_kthread+0x10/0x10 [ 16.256904] ret_from_fork+0x116/0x1d0 [ 16.256923] ? __pfx_kthread+0x10/0x10 [ 16.256944] ret_from_fork_asm+0x1a/0x30 [ 16.256976] </TASK> [ 16.256988] [ 16.264685] Allocated by task 282: [ 16.264887] kasan_save_stack+0x45/0x70 [ 16.265130] kasan_save_track+0x18/0x40 [ 16.265266] kasan_save_alloc_info+0x3b/0x50 [ 16.265519] __kasan_kmalloc+0xb7/0xc0 [ 16.265726] __kmalloc_cache_noprof+0x189/0x420 [ 16.265958] kasan_atomics+0x95/0x310 [ 16.266107] kunit_try_run_case+0x1a5/0x480 [ 16.266295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.266691] kthread+0x337/0x6f0 [ 16.266837] ret_from_fork+0x116/0x1d0 [ 16.267055] ret_from_fork_asm+0x1a/0x30 [ 16.267202] [ 16.267274] The buggy address belongs to the object at ffff88810342d080 [ 16.267274] which belongs to the cache kmalloc-64 of size 64 [ 16.267620] The buggy address is located 0 bytes to the right of [ 16.267620] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.268453] [ 16.268553] The buggy address belongs to the physical page: [ 16.268779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.269033] flags: 0x200000000000000(node=0|zone=2) [ 16.269198] page_type: f5(slab) [ 16.269366] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.270081] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.270432] page dumped because: kasan: bad access detected [ 16.270690] [ 16.270837] Memory state around the buggy address: [ 16.271064] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.271390] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.271661] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.271885] ^ [ 16.272213] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.272609] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.273096] ================================================================== [ 15.363858] ================================================================== [ 15.364579] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.365058] Write of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.365692] [ 15.365808] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.365969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.365985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.366017] Call Trace: [ 15.366039] <TASK> [ 15.366059] dump_stack_lvl+0x73/0xb0 [ 15.366093] print_report+0xd1/0x610 [ 15.366117] ? __virt_addr_valid+0x1db/0x2d0 [ 15.366141] ? kasan_atomics_helper+0xc70/0x5450 [ 15.366163] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.366187] ? kasan_atomics_helper+0xc70/0x5450 [ 15.366210] kasan_report+0x141/0x180 [ 15.366232] ? kasan_atomics_helper+0xc70/0x5450 [ 15.366259] kasan_check_range+0x10c/0x1c0 [ 15.366284] __kasan_check_write+0x18/0x20 [ 15.366304] kasan_atomics_helper+0xc70/0x5450 [ 15.366327] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.366351] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.366377] ? kasan_atomics+0x152/0x310 [ 15.366404] kasan_atomics+0x1dc/0x310 [ 15.366437] ? __pfx_kasan_atomics+0x10/0x10 [ 15.366461] ? __pfx_read_tsc+0x10/0x10 [ 15.366484] ? ktime_get_ts64+0x86/0x230 [ 15.366510] kunit_try_run_case+0x1a5/0x480 [ 15.366537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.366561] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.366586] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.366611] ? __kthread_parkme+0x82/0x180 [ 15.366633] ? preempt_count_sub+0x50/0x80 [ 15.366658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.366683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.366708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.366733] kthread+0x337/0x6f0 [ 15.366753] ? trace_preempt_on+0x20/0xc0 [ 15.366777] ? __pfx_kthread+0x10/0x10 [ 15.366798] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.366821] ? calculate_sigpending+0x7b/0xa0 [ 15.366846] ? __pfx_kthread+0x10/0x10 [ 15.366868] ret_from_fork+0x116/0x1d0 [ 15.366888] ? __pfx_kthread+0x10/0x10 [ 15.366909] ret_from_fork_asm+0x1a/0x30 [ 15.366941] </TASK> [ 15.366952] [ 15.378352] Allocated by task 282: [ 15.378770] kasan_save_stack+0x45/0x70 [ 15.379068] kasan_save_track+0x18/0x40 [ 15.379232] kasan_save_alloc_info+0x3b/0x50 [ 15.379790] __kasan_kmalloc+0xb7/0xc0 [ 15.380109] __kmalloc_cache_noprof+0x189/0x420 [ 15.380415] kasan_atomics+0x95/0x310 [ 15.380751] kunit_try_run_case+0x1a5/0x480 [ 15.381058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.381425] kthread+0x337/0x6f0 [ 15.381678] ret_from_fork+0x116/0x1d0 [ 15.381877] ret_from_fork_asm+0x1a/0x30 [ 15.382239] [ 15.382337] The buggy address belongs to the object at ffff88810342d080 [ 15.382337] which belongs to the cache kmalloc-64 of size 64 [ 15.383088] The buggy address is located 0 bytes to the right of [ 15.383088] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.383847] [ 15.383959] The buggy address belongs to the physical page: [ 15.384321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.384810] flags: 0x200000000000000(node=0|zone=2) [ 15.385194] page_type: f5(slab) [ 15.385343] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.385589] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.385821] page dumped because: kasan: bad access detected [ 15.385994] [ 15.386100] Memory state around the buggy address: [ 15.386405] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.386848] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.387346] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.387991] ^ [ 15.388297] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.388759] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.389382] ================================================================== [ 15.390120] ================================================================== [ 15.390798] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.391509] Read of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.392170] [ 15.392317] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.392394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.392407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.392450] Call Trace: [ 15.392473] <TASK> [ 15.392495] dump_stack_lvl+0x73/0xb0 [ 15.392528] print_report+0xd1/0x610 [ 15.392552] ? __virt_addr_valid+0x1db/0x2d0 [ 15.392594] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.392616] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.392640] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.392663] kasan_report+0x141/0x180 [ 15.392685] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.392712] __asan_report_load4_noabort+0x18/0x20 [ 15.392738] kasan_atomics_helper+0x4a84/0x5450 [ 15.392761] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.392784] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.392811] ? kasan_atomics+0x152/0x310 [ 15.392837] kasan_atomics+0x1dc/0x310 [ 15.392866] ? __pfx_kasan_atomics+0x10/0x10 [ 15.392893] ? __pfx_read_tsc+0x10/0x10 [ 15.392915] ? ktime_get_ts64+0x86/0x230 [ 15.392941] kunit_try_run_case+0x1a5/0x480 [ 15.392967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.392991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.393025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.393049] ? __kthread_parkme+0x82/0x180 [ 15.393071] ? preempt_count_sub+0x50/0x80 [ 15.393096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.393120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.393145] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.393171] kthread+0x337/0x6f0 [ 15.393191] ? trace_preempt_on+0x20/0xc0 [ 15.393215] ? __pfx_kthread+0x10/0x10 [ 15.393236] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.393258] ? calculate_sigpending+0x7b/0xa0 [ 15.393284] ? __pfx_kthread+0x10/0x10 [ 15.393306] ret_from_fork+0x116/0x1d0 [ 15.393325] ? __pfx_kthread+0x10/0x10 [ 15.393346] ret_from_fork_asm+0x1a/0x30 [ 15.393379] </TASK> [ 15.393389] [ 15.405649] Allocated by task 282: [ 15.406003] kasan_save_stack+0x45/0x70 [ 15.406173] kasan_save_track+0x18/0x40 [ 15.406310] kasan_save_alloc_info+0x3b/0x50 [ 15.406585] __kasan_kmalloc+0xb7/0xc0 [ 15.406975] __kmalloc_cache_noprof+0x189/0x420 [ 15.407430] kasan_atomics+0x95/0x310 [ 15.407790] kunit_try_run_case+0x1a5/0x480 [ 15.408188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.408685] kthread+0x337/0x6f0 [ 15.409002] ret_from_fork+0x116/0x1d0 [ 15.409147] ret_from_fork_asm+0x1a/0x30 [ 15.409289] [ 15.409363] The buggy address belongs to the object at ffff88810342d080 [ 15.409363] which belongs to the cache kmalloc-64 of size 64 [ 15.410465] The buggy address is located 0 bytes to the right of [ 15.410465] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.411585] [ 15.411686] The buggy address belongs to the physical page: [ 15.411971] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.412704] flags: 0x200000000000000(node=0|zone=2) [ 15.412908] page_type: f5(slab) [ 15.413044] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.413280] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.413714] page dumped because: kasan: bad access detected [ 15.414195] [ 15.414350] Memory state around the buggy address: [ 15.414802] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.415429] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.416044] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.416674] ^ [ 15.416833] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.417067] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.417281] ================================================================== [ 15.914887] ================================================================== [ 15.915668] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.916628] Write of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.917287] [ 15.917468] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.917516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.917548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.917572] Call Trace: [ 15.917606] <TASK> [ 15.917627] dump_stack_lvl+0x73/0xb0 [ 15.917660] print_report+0xd1/0x610 [ 15.917684] ? __virt_addr_valid+0x1db/0x2d0 [ 15.917708] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.917731] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.917754] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.917777] kasan_report+0x141/0x180 [ 15.917799] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.917826] kasan_check_range+0x10c/0x1c0 [ 15.917850] __kasan_check_write+0x18/0x20 [ 15.917870] kasan_atomics_helper+0x18b1/0x5450 [ 15.917894] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.917917] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.917943] ? kasan_atomics+0x152/0x310 [ 15.917970] kasan_atomics+0x1dc/0x310 [ 15.917993] ? __pfx_kasan_atomics+0x10/0x10 [ 15.918028] ? __pfx_read_tsc+0x10/0x10 [ 15.918051] ? ktime_get_ts64+0x86/0x230 [ 15.918076] kunit_try_run_case+0x1a5/0x480 [ 15.918102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.918126] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.918152] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.918176] ? __kthread_parkme+0x82/0x180 [ 15.918198] ? preempt_count_sub+0x50/0x80 [ 15.918223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.918247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.918273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.918298] kthread+0x337/0x6f0 [ 15.918318] ? trace_preempt_on+0x20/0xc0 [ 15.918345] ? __pfx_kthread+0x10/0x10 [ 15.918366] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.918387] ? calculate_sigpending+0x7b/0xa0 [ 15.918413] ? __pfx_kthread+0x10/0x10 [ 15.918446] ret_from_fork+0x116/0x1d0 [ 15.918465] ? __pfx_kthread+0x10/0x10 [ 15.918486] ret_from_fork_asm+0x1a/0x30 [ 15.918517] </TASK> [ 15.918529] [ 15.928832] Allocated by task 282: [ 15.929028] kasan_save_stack+0x45/0x70 [ 15.929182] kasan_save_track+0x18/0x40 [ 15.929313] kasan_save_alloc_info+0x3b/0x50 [ 15.929607] __kasan_kmalloc+0xb7/0xc0 [ 15.929797] __kmalloc_cache_noprof+0x189/0x420 [ 15.930034] kasan_atomics+0x95/0x310 [ 15.930204] kunit_try_run_case+0x1a5/0x480 [ 15.930392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.930620] kthread+0x337/0x6f0 [ 15.930777] ret_from_fork+0x116/0x1d0 [ 15.930924] ret_from_fork_asm+0x1a/0x30 [ 15.931107] [ 15.931199] The buggy address belongs to the object at ffff88810342d080 [ 15.931199] which belongs to the cache kmalloc-64 of size 64 [ 15.931692] The buggy address is located 0 bytes to the right of [ 15.931692] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.932067] [ 15.932139] The buggy address belongs to the physical page: [ 15.932307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.932598] flags: 0x200000000000000(node=0|zone=2) [ 15.933053] page_type: f5(slab) [ 15.933220] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.933547] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.933834] page dumped because: kasan: bad access detected [ 15.933998] [ 15.934201] Memory state around the buggy address: [ 15.934419] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.934732] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.935003] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.935284] ^ [ 15.935506] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.935780] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.936061] ================================================================== [ 16.030133] ================================================================== [ 16.030517] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.030809] Read of size 8 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 16.031059] [ 16.031174] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.031221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.031233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.031256] Call Trace: [ 16.031277] <TASK> [ 16.031321] dump_stack_lvl+0x73/0xb0 [ 16.031352] print_report+0xd1/0x610 [ 16.031375] ? __virt_addr_valid+0x1db/0x2d0 [ 16.031399] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.031421] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.031453] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.031476] kasan_report+0x141/0x180 [ 16.031498] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.031525] __asan_report_load8_noabort+0x18/0x20 [ 16.031551] kasan_atomics_helper+0x4f30/0x5450 [ 16.031574] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.031618] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.031645] ? kasan_atomics+0x152/0x310 [ 16.031673] kasan_atomics+0x1dc/0x310 [ 16.031696] ? __pfx_kasan_atomics+0x10/0x10 [ 16.031721] ? __pfx_read_tsc+0x10/0x10 [ 16.031743] ? ktime_get_ts64+0x86/0x230 [ 16.031768] kunit_try_run_case+0x1a5/0x480 [ 16.031810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.031833] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.031861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.031886] ? __kthread_parkme+0x82/0x180 [ 16.031908] ? preempt_count_sub+0x50/0x80 [ 16.031933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.031977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.032002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.032039] kthread+0x337/0x6f0 [ 16.032059] ? trace_preempt_on+0x20/0xc0 [ 16.032083] ? __pfx_kthread+0x10/0x10 [ 16.032104] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.032126] ? calculate_sigpending+0x7b/0xa0 [ 16.032172] ? __pfx_kthread+0x10/0x10 [ 16.032194] ret_from_fork+0x116/0x1d0 [ 16.032213] ? __pfx_kthread+0x10/0x10 [ 16.032235] ret_from_fork_asm+0x1a/0x30 [ 16.032268] </TASK> [ 16.032278] [ 16.039652] Allocated by task 282: [ 16.039795] kasan_save_stack+0x45/0x70 [ 16.039945] kasan_save_track+0x18/0x40 [ 16.040121] kasan_save_alloc_info+0x3b/0x50 [ 16.040342] __kasan_kmalloc+0xb7/0xc0 [ 16.040709] __kmalloc_cache_noprof+0x189/0x420 [ 16.040935] kasan_atomics+0x95/0x310 [ 16.041127] kunit_try_run_case+0x1a5/0x480 [ 16.041331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.041626] kthread+0x337/0x6f0 [ 16.041791] ret_from_fork+0x116/0x1d0 [ 16.041972] ret_from_fork_asm+0x1a/0x30 [ 16.042173] [ 16.042268] The buggy address belongs to the object at ffff88810342d080 [ 16.042268] which belongs to the cache kmalloc-64 of size 64 [ 16.042822] The buggy address is located 0 bytes to the right of [ 16.042822] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 16.043268] [ 16.043342] The buggy address belongs to the physical page: [ 16.043562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 16.044119] flags: 0x200000000000000(node=0|zone=2) [ 16.044365] page_type: f5(slab) [ 16.044595] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.044929] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.045163] page dumped because: kasan: bad access detected [ 16.045374] [ 16.045505] Memory state around the buggy address: [ 16.045750] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.046077] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.046361] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.046759] ^ [ 16.046949] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.047244] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.047577] ================================================================== [ 15.035234] ================================================================== [ 15.035646] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.035908] Read of size 4 at addr ffff88810342d0b0 by task kunit_try_catch/282 [ 15.036481] [ 15.036599] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.036648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.036661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.036684] Call Trace: [ 15.036706] <TASK> [ 15.036726] dump_stack_lvl+0x73/0xb0 [ 15.036756] print_report+0xd1/0x610 [ 15.036781] ? __virt_addr_valid+0x1db/0x2d0 [ 15.036805] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.036828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.036859] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.036882] kasan_report+0x141/0x180 [ 15.036906] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.036933] __asan_report_load4_noabort+0x18/0x20 [ 15.036959] kasan_atomics_helper+0x4b54/0x5450 [ 15.036983] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.037006] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.037043] ? kasan_atomics+0x152/0x310 [ 15.037070] kasan_atomics+0x1dc/0x310 [ 15.037094] ? __pfx_kasan_atomics+0x10/0x10 [ 15.037120] ? __pfx_read_tsc+0x10/0x10 [ 15.037142] ? ktime_get_ts64+0x86/0x230 [ 15.037168] kunit_try_run_case+0x1a5/0x480 [ 15.037194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.037218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.037243] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.037268] ? __kthread_parkme+0x82/0x180 [ 15.037290] ? preempt_count_sub+0x50/0x80 [ 15.037315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.037340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.037365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.037390] kthread+0x337/0x6f0 [ 15.037410] ? trace_preempt_on+0x20/0xc0 [ 15.037445] ? __pfx_kthread+0x10/0x10 [ 15.037475] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.037498] ? calculate_sigpending+0x7b/0xa0 [ 15.037523] ? __pfx_kthread+0x10/0x10 [ 15.037555] ret_from_fork+0x116/0x1d0 [ 15.037576] ? __pfx_kthread+0x10/0x10 [ 15.037596] ret_from_fork_asm+0x1a/0x30 [ 15.037629] </TASK> [ 15.037639] [ 15.045429] Allocated by task 282: [ 15.045655] kasan_save_stack+0x45/0x70 [ 15.045866] kasan_save_track+0x18/0x40 [ 15.046072] kasan_save_alloc_info+0x3b/0x50 [ 15.046268] __kasan_kmalloc+0xb7/0xc0 [ 15.047056] __kmalloc_cache_noprof+0x189/0x420 [ 15.047868] kasan_atomics+0x95/0x310 [ 15.048214] kunit_try_run_case+0x1a5/0x480 [ 15.048842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.049388] kthread+0x337/0x6f0 [ 15.049605] ret_from_fork+0x116/0x1d0 [ 15.049740] ret_from_fork_asm+0x1a/0x30 [ 15.049878] [ 15.049954] The buggy address belongs to the object at ffff88810342d080 [ 15.049954] which belongs to the cache kmalloc-64 of size 64 [ 15.051248] The buggy address is located 0 bytes to the right of [ 15.051248] allocated 48-byte region [ffff88810342d080, ffff88810342d0b0) [ 15.052469] [ 15.052653] The buggy address belongs to the physical page: [ 15.052826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10342d [ 15.053259] flags: 0x200000000000000(node=0|zone=2) [ 15.053760] page_type: f5(slab) [ 15.054114] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.054830] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.055330] page dumped because: kasan: bad access detected [ 15.055738] [ 15.055939] Memory state around the buggy address: [ 15.056279] ffff88810342cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.056698] ffff88810342d000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.056918] >ffff88810342d080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.057138] ^ [ 15.057292] ffff88810342d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.057853] ffff88810342d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.058528] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.714360] ================================================================== [ 14.715571] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.715966] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.717341] [ 14.717572] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.717625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.717638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.717660] Call Trace: [ 14.717680] <TASK> [ 14.717701] dump_stack_lvl+0x73/0xb0 [ 14.717737] print_report+0xd1/0x610 [ 14.717761] ? __virt_addr_valid+0x1db/0x2d0 [ 14.717785] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.717814] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.717837] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.717866] kasan_report+0x141/0x180 [ 14.717888] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.717920] kasan_check_range+0x10c/0x1c0 [ 14.717943] __kasan_check_write+0x18/0x20 [ 14.717966] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.717994] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.718037] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.718062] ? kasan_bitops_generic+0x92/0x1c0 [ 14.718089] kasan_bitops_generic+0x121/0x1c0 [ 14.718112] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.718135] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.718257] kunit_try_run_case+0x1a5/0x480 [ 14.718288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.718310] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.718335] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.718358] ? __kthread_parkme+0x82/0x180 [ 14.718380] ? preempt_count_sub+0x50/0x80 [ 14.718404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.718428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.718452] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.718475] kthread+0x337/0x6f0 [ 14.718494] ? trace_preempt_on+0x20/0xc0 [ 14.718517] ? __pfx_kthread+0x10/0x10 [ 14.718536] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.718557] ? calculate_sigpending+0x7b/0xa0 [ 14.718581] ? __pfx_kthread+0x10/0x10 [ 14.718602] ret_from_fork+0x116/0x1d0 [ 14.718621] ? __pfx_kthread+0x10/0x10 [ 14.718640] ret_from_fork_asm+0x1a/0x30 [ 14.718671] </TASK> [ 14.718680] [ 14.728939] Allocated by task 278: [ 14.729238] kasan_save_stack+0x45/0x70 [ 14.729515] kasan_save_track+0x18/0x40 [ 14.729727] kasan_save_alloc_info+0x3b/0x50 [ 14.729926] __kasan_kmalloc+0xb7/0xc0 [ 14.730218] __kmalloc_cache_noprof+0x189/0x420 [ 14.730395] kasan_bitops_generic+0x92/0x1c0 [ 14.730638] kunit_try_run_case+0x1a5/0x480 [ 14.730824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.731101] kthread+0x337/0x6f0 [ 14.731254] ret_from_fork+0x116/0x1d0 [ 14.731782] ret_from_fork_asm+0x1a/0x30 [ 14.732007] [ 14.732116] The buggy address belongs to the object at ffff888102712180 [ 14.732116] which belongs to the cache kmalloc-16 of size 16 [ 14.732827] The buggy address is located 8 bytes inside of [ 14.732827] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.733385] [ 14.733564] The buggy address belongs to the physical page: [ 14.733828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.734203] flags: 0x200000000000000(node=0|zone=2) [ 14.734677] page_type: f5(slab) [ 14.734850] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.735567] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.735877] page dumped because: kasan: bad access detected [ 14.736223] [ 14.736303] Memory state around the buggy address: [ 14.736469] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.736866] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.737307] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.737739] ^ [ 14.737920] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.738368] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.738704] ================================================================== [ 14.763189] ================================================================== [ 14.763845] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.764377] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.764769] [ 14.764876] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.764948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.764961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.764983] Call Trace: [ 14.765004] <TASK> [ 14.765148] dump_stack_lvl+0x73/0xb0 [ 14.765191] print_report+0xd1/0x610 [ 14.765215] ? __virt_addr_valid+0x1db/0x2d0 [ 14.765240] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.765268] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.765294] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.765322] kasan_report+0x141/0x180 [ 14.765344] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.765377] kasan_check_range+0x10c/0x1c0 [ 14.765400] __kasan_check_write+0x18/0x20 [ 14.765419] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.765463] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.765510] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.765537] ? kasan_bitops_generic+0x92/0x1c0 [ 14.765564] kasan_bitops_generic+0x121/0x1c0 [ 14.765604] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.765629] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.765657] kunit_try_run_case+0x1a5/0x480 [ 14.765682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.765705] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.765729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.765753] ? __kthread_parkme+0x82/0x180 [ 14.765774] ? preempt_count_sub+0x50/0x80 [ 14.765817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.765843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.765868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.765894] kthread+0x337/0x6f0 [ 14.765916] ? trace_preempt_on+0x20/0xc0 [ 14.765939] ? __pfx_kthread+0x10/0x10 [ 14.765958] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.765979] ? calculate_sigpending+0x7b/0xa0 [ 14.766004] ? __pfx_kthread+0x10/0x10 [ 14.766129] ret_from_fork+0x116/0x1d0 [ 14.766150] ? __pfx_kthread+0x10/0x10 [ 14.766170] ret_from_fork_asm+0x1a/0x30 [ 14.766201] </TASK> [ 14.766211] [ 14.780069] Allocated by task 278: [ 14.780698] kasan_save_stack+0x45/0x70 [ 14.780941] kasan_save_track+0x18/0x40 [ 14.781428] kasan_save_alloc_info+0x3b/0x50 [ 14.781633] __kasan_kmalloc+0xb7/0xc0 [ 14.781866] __kmalloc_cache_noprof+0x189/0x420 [ 14.782252] kasan_bitops_generic+0x92/0x1c0 [ 14.782666] kunit_try_run_case+0x1a5/0x480 [ 14.782878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.783399] kthread+0x337/0x6f0 [ 14.783710] ret_from_fork+0x116/0x1d0 [ 14.783983] ret_from_fork_asm+0x1a/0x30 [ 14.784505] [ 14.784635] The buggy address belongs to the object at ffff888102712180 [ 14.784635] which belongs to the cache kmalloc-16 of size 16 [ 14.785385] The buggy address is located 8 bytes inside of [ 14.785385] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.786290] [ 14.786432] The buggy address belongs to the physical page: [ 14.786883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.787503] flags: 0x200000000000000(node=0|zone=2) [ 14.787855] page_type: f5(slab) [ 14.788065] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.788865] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.789179] page dumped because: kasan: bad access detected [ 14.789704] [ 14.789820] Memory state around the buggy address: [ 14.790304] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.790722] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.791063] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.791623] ^ [ 14.791917] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.792613] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.792937] ================================================================== [ 14.826102] ================================================================== [ 14.826380] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.826902] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.828253] [ 14.828377] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.828430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.828442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.828465] Call Trace: [ 14.828485] <TASK> [ 14.828731] dump_stack_lvl+0x73/0xb0 [ 14.828777] print_report+0xd1/0x610 [ 14.828802] ? __virt_addr_valid+0x1db/0x2d0 [ 14.828826] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.828860] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.828883] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.828911] kasan_report+0x141/0x180 [ 14.828932] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.828965] kasan_check_range+0x10c/0x1c0 [ 14.828989] __kasan_check_write+0x18/0x20 [ 14.829019] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.829048] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.829078] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.829103] ? kasan_bitops_generic+0x92/0x1c0 [ 14.829130] kasan_bitops_generic+0x121/0x1c0 [ 14.829154] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.829178] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.829206] kunit_try_run_case+0x1a5/0x480 [ 14.829232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.829254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.829279] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.829302] ? __kthread_parkme+0x82/0x180 [ 14.829323] ? preempt_count_sub+0x50/0x80 [ 14.829347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.829371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.829395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.829419] kthread+0x337/0x6f0 [ 14.829447] ? trace_preempt_on+0x20/0xc0 [ 14.829470] ? __pfx_kthread+0x10/0x10 [ 14.829489] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.829510] ? calculate_sigpending+0x7b/0xa0 [ 14.829534] ? __pfx_kthread+0x10/0x10 [ 14.829554] ret_from_fork+0x116/0x1d0 [ 14.829574] ? __pfx_kthread+0x10/0x10 [ 14.829594] ret_from_fork_asm+0x1a/0x30 [ 14.829625] </TASK> [ 14.829636] [ 14.840581] Allocated by task 278: [ 14.840779] kasan_save_stack+0x45/0x70 [ 14.840993] kasan_save_track+0x18/0x40 [ 14.841166] kasan_save_alloc_info+0x3b/0x50 [ 14.841379] __kasan_kmalloc+0xb7/0xc0 [ 14.841883] __kmalloc_cache_noprof+0x189/0x420 [ 14.842231] kasan_bitops_generic+0x92/0x1c0 [ 14.842564] kunit_try_run_case+0x1a5/0x480 [ 14.842847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.843133] kthread+0x337/0x6f0 [ 14.843406] ret_from_fork+0x116/0x1d0 [ 14.843614] ret_from_fork_asm+0x1a/0x30 [ 14.843825] [ 14.844166] The buggy address belongs to the object at ffff888102712180 [ 14.844166] which belongs to the cache kmalloc-16 of size 16 [ 14.844736] The buggy address is located 8 bytes inside of [ 14.844736] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.845397] [ 14.845517] The buggy address belongs to the physical page: [ 14.845979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.846350] flags: 0x200000000000000(node=0|zone=2) [ 14.846803] page_type: f5(slab) [ 14.846992] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.847489] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.847832] page dumped because: kasan: bad access detected [ 14.848267] [ 14.848448] Memory state around the buggy address: [ 14.848631] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.849071] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.849408] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.850088] ^ [ 14.850264] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.850909] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.851225] ================================================================== [ 14.795085] ================================================================== [ 14.795403] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.795837] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.796852] [ 14.797024] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.797092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.797104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.797126] Call Trace: [ 14.797150] <TASK> [ 14.797170] dump_stack_lvl+0x73/0xb0 [ 14.797207] print_report+0xd1/0x610 [ 14.797231] ? __virt_addr_valid+0x1db/0x2d0 [ 14.797254] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.797282] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.797305] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.797333] kasan_report+0x141/0x180 [ 14.797355] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.797387] kasan_check_range+0x10c/0x1c0 [ 14.797411] __kasan_check_write+0x18/0x20 [ 14.797796] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.797833] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.797863] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.797889] ? kasan_bitops_generic+0x92/0x1c0 [ 14.797917] kasan_bitops_generic+0x121/0x1c0 [ 14.797940] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.797964] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.797992] kunit_try_run_case+0x1a5/0x480 [ 14.798032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.798055] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.798081] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.798105] ? __kthread_parkme+0x82/0x180 [ 14.798126] ? preempt_count_sub+0x50/0x80 [ 14.798150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.798174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.798199] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.798223] kthread+0x337/0x6f0 [ 14.798242] ? trace_preempt_on+0x20/0xc0 [ 14.798265] ? __pfx_kthread+0x10/0x10 [ 14.798284] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.798305] ? calculate_sigpending+0x7b/0xa0 [ 14.798330] ? __pfx_kthread+0x10/0x10 [ 14.798351] ret_from_fork+0x116/0x1d0 [ 14.798370] ? __pfx_kthread+0x10/0x10 [ 14.798389] ret_from_fork_asm+0x1a/0x30 [ 14.798419] </TASK> [ 14.798430] [ 14.812141] Allocated by task 278: [ 14.812345] kasan_save_stack+0x45/0x70 [ 14.812684] kasan_save_track+0x18/0x40 [ 14.812876] kasan_save_alloc_info+0x3b/0x50 [ 14.813440] __kasan_kmalloc+0xb7/0xc0 [ 14.813857] __kmalloc_cache_noprof+0x189/0x420 [ 14.814246] kasan_bitops_generic+0x92/0x1c0 [ 14.814523] kunit_try_run_case+0x1a5/0x480 [ 14.814712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.815406] kthread+0x337/0x6f0 [ 14.815552] ret_from_fork+0x116/0x1d0 [ 14.816206] ret_from_fork_asm+0x1a/0x30 [ 14.816408] [ 14.816500] The buggy address belongs to the object at ffff888102712180 [ 14.816500] which belongs to the cache kmalloc-16 of size 16 [ 14.817339] The buggy address is located 8 bytes inside of [ 14.817339] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.818405] [ 14.818607] The buggy address belongs to the physical page: [ 14.818843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.819750] flags: 0x200000000000000(node=0|zone=2) [ 14.820304] page_type: f5(slab) [ 14.820487] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.820877] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.821566] page dumped because: kasan: bad access detected [ 14.821908] [ 14.822018] Memory state around the buggy address: [ 14.822345] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.822867] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.823670] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.824216] ^ [ 14.824374] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.824989] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.825487] ================================================================== [ 14.739620] ================================================================== [ 14.739913] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.740543] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.741374] [ 14.741527] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.741594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.741620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.741642] Call Trace: [ 14.741663] <TASK> [ 14.741683] dump_stack_lvl+0x73/0xb0 [ 14.741716] print_report+0xd1/0x610 [ 14.741740] ? __virt_addr_valid+0x1db/0x2d0 [ 14.741764] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.741793] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.741817] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.741846] kasan_report+0x141/0x180 [ 14.741868] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.741902] kasan_check_range+0x10c/0x1c0 [ 14.741926] __kasan_check_write+0x18/0x20 [ 14.741945] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.741973] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.742002] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.742110] ? kasan_bitops_generic+0x92/0x1c0 [ 14.742161] kasan_bitops_generic+0x121/0x1c0 [ 14.742186] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.742210] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.742254] kunit_try_run_case+0x1a5/0x480 [ 14.742280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.742303] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.742327] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.742351] ? __kthread_parkme+0x82/0x180 [ 14.742372] ? preempt_count_sub+0x50/0x80 [ 14.742396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.742420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.742444] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.742467] kthread+0x337/0x6f0 [ 14.742486] ? trace_preempt_on+0x20/0xc0 [ 14.742509] ? __pfx_kthread+0x10/0x10 [ 14.742528] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.742550] ? calculate_sigpending+0x7b/0xa0 [ 14.742575] ? __pfx_kthread+0x10/0x10 [ 14.742595] ret_from_fork+0x116/0x1d0 [ 14.742614] ? __pfx_kthread+0x10/0x10 [ 14.742634] ret_from_fork_asm+0x1a/0x30 [ 14.742665] </TASK> [ 14.742677] [ 14.752557] Allocated by task 278: [ 14.752805] kasan_save_stack+0x45/0x70 [ 14.753133] kasan_save_track+0x18/0x40 [ 14.753319] kasan_save_alloc_info+0x3b/0x50 [ 14.753592] __kasan_kmalloc+0xb7/0xc0 [ 14.753773] __kmalloc_cache_noprof+0x189/0x420 [ 14.753955] kasan_bitops_generic+0x92/0x1c0 [ 14.754112] kunit_try_run_case+0x1a5/0x480 [ 14.754534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.755067] kthread+0x337/0x6f0 [ 14.755292] ret_from_fork+0x116/0x1d0 [ 14.755485] ret_from_fork_asm+0x1a/0x30 [ 14.755621] [ 14.755691] The buggy address belongs to the object at ffff888102712180 [ 14.755691] which belongs to the cache kmalloc-16 of size 16 [ 14.756948] The buggy address is located 8 bytes inside of [ 14.756948] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.757401] [ 14.757476] The buggy address belongs to the physical page: [ 14.757790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.758363] flags: 0x200000000000000(node=0|zone=2) [ 14.758595] page_type: f5(slab) [ 14.758878] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.759563] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.759834] page dumped because: kasan: bad access detected [ 14.760277] [ 14.760376] Memory state around the buggy address: [ 14.760656] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.760898] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.761346] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.761666] ^ [ 14.761875] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.762224] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.762541] ================================================================== [ 14.879349] ================================================================== [ 14.879616] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.879916] Read of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.880924] [ 14.881033] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.881084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.881095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.881117] Call Trace: [ 14.881138] <TASK> [ 14.881157] dump_stack_lvl+0x73/0xb0 [ 14.881187] print_report+0xd1/0x610 [ 14.881211] ? __virt_addr_valid+0x1db/0x2d0 [ 14.881234] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.881262] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.881297] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.881325] kasan_report+0x141/0x180 [ 14.881346] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.881493] __asan_report_load8_noabort+0x18/0x20 [ 14.881578] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.881639] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.881669] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.881771] ? kasan_bitops_generic+0x92/0x1c0 [ 14.881800] kasan_bitops_generic+0x121/0x1c0 [ 14.881824] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.881848] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.881877] kunit_try_run_case+0x1a5/0x480 [ 14.881903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.881927] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.881951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.881973] ? __kthread_parkme+0x82/0x180 [ 14.881994] ? preempt_count_sub+0x50/0x80 [ 14.882029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.882053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.882077] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.882100] kthread+0x337/0x6f0 [ 14.882119] ? trace_preempt_on+0x20/0xc0 [ 14.882142] ? __pfx_kthread+0x10/0x10 [ 14.882162] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.882183] ? calculate_sigpending+0x7b/0xa0 [ 14.882207] ? __pfx_kthread+0x10/0x10 [ 14.882227] ret_from_fork+0x116/0x1d0 [ 14.882247] ? __pfx_kthread+0x10/0x10 [ 14.882266] ret_from_fork_asm+0x1a/0x30 [ 14.882297] </TASK> [ 14.882308] [ 14.896450] Allocated by task 278: [ 14.896935] kasan_save_stack+0x45/0x70 [ 14.897326] kasan_save_track+0x18/0x40 [ 14.897705] kasan_save_alloc_info+0x3b/0x50 [ 14.898107] __kasan_kmalloc+0xb7/0xc0 [ 14.898479] __kmalloc_cache_noprof+0x189/0x420 [ 14.898891] kasan_bitops_generic+0x92/0x1c0 [ 14.899289] kunit_try_run_case+0x1a5/0x480 [ 14.899694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.900174] kthread+0x337/0x6f0 [ 14.900505] ret_from_fork+0x116/0x1d0 [ 14.900861] ret_from_fork_asm+0x1a/0x30 [ 14.901238] [ 14.901431] The buggy address belongs to the object at ffff888102712180 [ 14.901431] which belongs to the cache kmalloc-16 of size 16 [ 14.901894] The buggy address is located 8 bytes inside of [ 14.901894] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.902259] [ 14.902337] The buggy address belongs to the physical page: [ 14.902794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.903503] flags: 0x200000000000000(node=0|zone=2) [ 14.904284] page_type: f5(slab) [ 14.904838] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.905238] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.905704] page dumped because: kasan: bad access detected [ 14.906473] [ 14.906795] Memory state around the buggy address: [ 14.907414] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.907694] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.907911] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.908139] ^ [ 14.908371] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.909088] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.909756] ================================================================== [ 14.667260] ================================================================== [ 14.667641] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.667985] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.668644] [ 14.668767] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.668816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.668827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.668854] Call Trace: [ 14.668874] <TASK> [ 14.668893] dump_stack_lvl+0x73/0xb0 [ 14.668925] print_report+0xd1/0x610 [ 14.668948] ? __virt_addr_valid+0x1db/0x2d0 [ 14.668970] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.669138] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.669168] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.669198] kasan_report+0x141/0x180 [ 14.669221] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.669254] kasan_check_range+0x10c/0x1c0 [ 14.669277] __kasan_check_write+0x18/0x20 [ 14.669297] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.669326] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.669355] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.669380] ? kasan_bitops_generic+0x92/0x1c0 [ 14.669407] kasan_bitops_generic+0x121/0x1c0 [ 14.669452] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.669476] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.669504] kunit_try_run_case+0x1a5/0x480 [ 14.669529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669551] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.669575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.669598] ? __kthread_parkme+0x82/0x180 [ 14.669621] ? preempt_count_sub+0x50/0x80 [ 14.669645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.669692] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.669716] kthread+0x337/0x6f0 [ 14.669734] ? trace_preempt_on+0x20/0xc0 [ 14.669757] ? __pfx_kthread+0x10/0x10 [ 14.669778] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.669798] ? calculate_sigpending+0x7b/0xa0 [ 14.669822] ? __pfx_kthread+0x10/0x10 [ 14.669843] ret_from_fork+0x116/0x1d0 [ 14.669862] ? __pfx_kthread+0x10/0x10 [ 14.669882] ret_from_fork_asm+0x1a/0x30 [ 14.669912] </TASK> [ 14.669921] [ 14.678642] Allocated by task 278: [ 14.678835] kasan_save_stack+0x45/0x70 [ 14.679034] kasan_save_track+0x18/0x40 [ 14.679215] kasan_save_alloc_info+0x3b/0x50 [ 14.679380] __kasan_kmalloc+0xb7/0xc0 [ 14.679511] __kmalloc_cache_noprof+0x189/0x420 [ 14.679737] kasan_bitops_generic+0x92/0x1c0 [ 14.679944] kunit_try_run_case+0x1a5/0x480 [ 14.680524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.680769] kthread+0x337/0x6f0 [ 14.680941] ret_from_fork+0x116/0x1d0 [ 14.681190] ret_from_fork_asm+0x1a/0x30 [ 14.681336] [ 14.681408] The buggy address belongs to the object at ffff888102712180 [ 14.681408] which belongs to the cache kmalloc-16 of size 16 [ 14.681851] The buggy address is located 8 bytes inside of [ 14.681851] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.682521] [ 14.682623] The buggy address belongs to the physical page: [ 14.682808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.683175] flags: 0x200000000000000(node=0|zone=2) [ 14.683434] page_type: f5(slab) [ 14.683635] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.683983] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.684549] page dumped because: kasan: bad access detected [ 14.684758] [ 14.684857] Memory state around the buggy address: [ 14.685196] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.685550] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.685873] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686318] ^ [ 14.686475] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686729] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.687144] ================================================================== [ 14.687694] ================================================================== [ 14.687979] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.688360] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.688693] [ 14.688810] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.688862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.688873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.688896] Call Trace: [ 14.688916] <TASK> [ 14.688936] dump_stack_lvl+0x73/0xb0 [ 14.688964] print_report+0xd1/0x610 [ 14.688986] ? __virt_addr_valid+0x1db/0x2d0 [ 14.689018] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.689044] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.689066] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.689096] kasan_report+0x141/0x180 [ 14.689117] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.689148] kasan_check_range+0x10c/0x1c0 [ 14.689170] __kasan_check_write+0x18/0x20 [ 14.689188] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.689214] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.689241] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.689265] ? kasan_bitops_generic+0x92/0x1c0 [ 14.689290] kasan_bitops_generic+0x121/0x1c0 [ 14.689313] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.689338] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.689366] kunit_try_run_case+0x1a5/0x480 [ 14.689390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.689412] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.689435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.689457] ? __kthread_parkme+0x82/0x180 [ 14.689477] ? preempt_count_sub+0x50/0x80 [ 14.689500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.689522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.689544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.689567] kthread+0x337/0x6f0 [ 14.689585] ? trace_preempt_on+0x20/0xc0 [ 14.689607] ? __pfx_kthread+0x10/0x10 [ 14.689626] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.689646] ? calculate_sigpending+0x7b/0xa0 [ 14.689669] ? __pfx_kthread+0x10/0x10 [ 14.689688] ret_from_fork+0x116/0x1d0 [ 14.689708] ? __pfx_kthread+0x10/0x10 [ 14.689726] ret_from_fork_asm+0x1a/0x30 [ 14.689756] </TASK> [ 14.689766] [ 14.699098] Allocated by task 278: [ 14.699255] kasan_save_stack+0x45/0x70 [ 14.699507] kasan_save_track+0x18/0x40 [ 14.699700] kasan_save_alloc_info+0x3b/0x50 [ 14.699905] __kasan_kmalloc+0xb7/0xc0 [ 14.700238] __kmalloc_cache_noprof+0x189/0x420 [ 14.700702] kasan_bitops_generic+0x92/0x1c0 [ 14.700922] kunit_try_run_case+0x1a5/0x480 [ 14.701129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.701374] kthread+0x337/0x6f0 [ 14.701534] ret_from_fork+0x116/0x1d0 [ 14.701710] ret_from_fork_asm+0x1a/0x30 [ 14.701895] [ 14.701985] The buggy address belongs to the object at ffff888102712180 [ 14.701985] which belongs to the cache kmalloc-16 of size 16 [ 14.704306] The buggy address is located 8 bytes inside of [ 14.704306] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.704989] [ 14.705293] The buggy address belongs to the physical page: [ 14.705649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.706290] flags: 0x200000000000000(node=0|zone=2) [ 14.706686] page_type: f5(slab) [ 14.706861] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.707920] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.708808] page dumped because: kasan: bad access detected [ 14.709341] [ 14.709519] Memory state around the buggy address: [ 14.709744] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.710399] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.710836] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.711891] ^ [ 14.712271] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.713003] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.713320] ================================================================== [ 14.852634] ================================================================== [ 14.852950] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.853591] Read of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.853992] [ 14.854328] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.854383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.854395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.854417] Call Trace: [ 14.854437] <TASK> [ 14.854458] dump_stack_lvl+0x73/0xb0 [ 14.854493] print_report+0xd1/0x610 [ 14.854516] ? __virt_addr_valid+0x1db/0x2d0 [ 14.854542] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.854571] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.854594] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.854622] kasan_report+0x141/0x180 [ 14.854643] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.854676] kasan_check_range+0x10c/0x1c0 [ 14.854699] __kasan_check_read+0x15/0x20 [ 14.854718] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.854746] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.854775] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.854802] ? kasan_bitops_generic+0x92/0x1c0 [ 14.854828] kasan_bitops_generic+0x121/0x1c0 [ 14.854851] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.854875] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.854903] kunit_try_run_case+0x1a5/0x480 [ 14.854928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.854950] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.854974] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.854998] ? __kthread_parkme+0x82/0x180 [ 14.855030] ? preempt_count_sub+0x50/0x80 [ 14.855054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.855077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.855100] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.855124] kthread+0x337/0x6f0 [ 14.855142] ? trace_preempt_on+0x20/0xc0 [ 14.855164] ? __pfx_kthread+0x10/0x10 [ 14.855185] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.855205] ? calculate_sigpending+0x7b/0xa0 [ 14.855229] ? __pfx_kthread+0x10/0x10 [ 14.855250] ret_from_fork+0x116/0x1d0 [ 14.855269] ? __pfx_kthread+0x10/0x10 [ 14.855289] ret_from_fork_asm+0x1a/0x30 [ 14.855320] </TASK> [ 14.855330] [ 14.866320] Allocated by task 278: [ 14.866706] kasan_save_stack+0x45/0x70 [ 14.867062] kasan_save_track+0x18/0x40 [ 14.867250] kasan_save_alloc_info+0x3b/0x50 [ 14.867699] __kasan_kmalloc+0xb7/0xc0 [ 14.867946] __kmalloc_cache_noprof+0x189/0x420 [ 14.868181] kasan_bitops_generic+0x92/0x1c0 [ 14.868375] kunit_try_run_case+0x1a5/0x480 [ 14.869026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.869302] kthread+0x337/0x6f0 [ 14.869639] ret_from_fork+0x116/0x1d0 [ 14.869985] ret_from_fork_asm+0x1a/0x30 [ 14.870194] [ 14.870301] The buggy address belongs to the object at ffff888102712180 [ 14.870301] which belongs to the cache kmalloc-16 of size 16 [ 14.871567] The buggy address is located 8 bytes inside of [ 14.871567] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.872390] [ 14.872552] The buggy address belongs to the physical page: [ 14.872942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.873276] flags: 0x200000000000000(node=0|zone=2) [ 14.873774] page_type: f5(slab) [ 14.873949] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.874286] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.875050] page dumped because: kasan: bad access detected [ 14.875525] [ 14.875624] Memory state around the buggy address: [ 14.875826] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.876132] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.876695] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.877069] ^ [ 14.877229] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.877860] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.878215] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.602909] ================================================================== [ 14.603979] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.604866] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.605611] [ 14.605842] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.605897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.605910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.605931] Call Trace: [ 14.605950] <TASK> [ 14.605970] dump_stack_lvl+0x73/0xb0 [ 14.606099] print_report+0xd1/0x610 [ 14.606127] ? __virt_addr_valid+0x1db/0x2d0 [ 14.606151] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.606177] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.606199] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.606225] kasan_report+0x141/0x180 [ 14.606247] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.606278] kasan_check_range+0x10c/0x1c0 [ 14.606302] __kasan_check_write+0x18/0x20 [ 14.606320] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.606346] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.606373] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.606399] ? kasan_bitops_generic+0x92/0x1c0 [ 14.606425] kasan_bitops_generic+0x116/0x1c0 [ 14.606449] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.606472] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.606500] kunit_try_run_case+0x1a5/0x480 [ 14.606525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.606547] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.606572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.606595] ? __kthread_parkme+0x82/0x180 [ 14.606615] ? preempt_count_sub+0x50/0x80 [ 14.606639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.606663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.606689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.606713] kthread+0x337/0x6f0 [ 14.606731] ? trace_preempt_on+0x20/0xc0 [ 14.606754] ? __pfx_kthread+0x10/0x10 [ 14.606773] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.606794] ? calculate_sigpending+0x7b/0xa0 [ 14.606819] ? __pfx_kthread+0x10/0x10 [ 14.606840] ret_from_fork+0x116/0x1d0 [ 14.606860] ? __pfx_kthread+0x10/0x10 [ 14.606882] ret_from_fork_asm+0x1a/0x30 [ 14.606913] </TASK> [ 14.606923] [ 14.615622] Allocated by task 278: [ 14.615810] kasan_save_stack+0x45/0x70 [ 14.616253] kasan_save_track+0x18/0x40 [ 14.616408] kasan_save_alloc_info+0x3b/0x50 [ 14.616639] __kasan_kmalloc+0xb7/0xc0 [ 14.616831] __kmalloc_cache_noprof+0x189/0x420 [ 14.617155] kasan_bitops_generic+0x92/0x1c0 [ 14.617370] kunit_try_run_case+0x1a5/0x480 [ 14.617606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.617823] kthread+0x337/0x6f0 [ 14.617947] ret_from_fork+0x116/0x1d0 [ 14.618248] ret_from_fork_asm+0x1a/0x30 [ 14.618459] [ 14.618585] The buggy address belongs to the object at ffff888102712180 [ 14.618585] which belongs to the cache kmalloc-16 of size 16 [ 14.619209] The buggy address is located 8 bytes inside of [ 14.619209] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.619685] [ 14.619786] The buggy address belongs to the physical page: [ 14.620364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.620737] flags: 0x200000000000000(node=0|zone=2) [ 14.620941] page_type: f5(slab) [ 14.621211] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.621531] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.621835] page dumped because: kasan: bad access detected [ 14.622162] [ 14.622239] Memory state around the buggy address: [ 14.622495] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.622738] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.622957] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.623343] ^ [ 14.623542] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.623865] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.624432] ================================================================== [ 14.472553] ================================================================== [ 14.472881] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.473267] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.473898] [ 14.474158] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.474210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.474221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.474244] Call Trace: [ 14.474265] <TASK> [ 14.474285] dump_stack_lvl+0x73/0xb0 [ 14.474318] print_report+0xd1/0x610 [ 14.474342] ? __virt_addr_valid+0x1db/0x2d0 [ 14.474367] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.474392] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.474415] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.474453] kasan_report+0x141/0x180 [ 14.474475] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.474505] kasan_check_range+0x10c/0x1c0 [ 14.474529] __kasan_check_write+0x18/0x20 [ 14.474547] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.474574] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.474602] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.474628] ? kasan_bitops_generic+0x92/0x1c0 [ 14.474655] kasan_bitops_generic+0x116/0x1c0 [ 14.474678] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.474702] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.474730] kunit_try_run_case+0x1a5/0x480 [ 14.474755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.474778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.474802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.474826] ? __kthread_parkme+0x82/0x180 [ 14.474847] ? preempt_count_sub+0x50/0x80 [ 14.474873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.474897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.474922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.474946] kthread+0x337/0x6f0 [ 14.474964] ? trace_preempt_on+0x20/0xc0 [ 14.474987] ? __pfx_kthread+0x10/0x10 [ 14.475007] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.475103] ? calculate_sigpending+0x7b/0xa0 [ 14.475128] ? __pfx_kthread+0x10/0x10 [ 14.475149] ret_from_fork+0x116/0x1d0 [ 14.475169] ? __pfx_kthread+0x10/0x10 [ 14.475189] ret_from_fork_asm+0x1a/0x30 [ 14.475220] </TASK> [ 14.475230] [ 14.490796] Allocated by task 278: [ 14.490957] kasan_save_stack+0x45/0x70 [ 14.491430] kasan_save_track+0x18/0x40 [ 14.491799] kasan_save_alloc_info+0x3b/0x50 [ 14.492253] __kasan_kmalloc+0xb7/0xc0 [ 14.493104] __kmalloc_cache_noprof+0x189/0x420 [ 14.493572] kasan_bitops_generic+0x92/0x1c0 [ 14.494174] kunit_try_run_case+0x1a5/0x480 [ 14.494654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.494970] kthread+0x337/0x6f0 [ 14.495334] ret_from_fork+0x116/0x1d0 [ 14.495676] ret_from_fork_asm+0x1a/0x30 [ 14.496245] [ 14.496426] The buggy address belongs to the object at ffff888102712180 [ 14.496426] which belongs to the cache kmalloc-16 of size 16 [ 14.497240] The buggy address is located 8 bytes inside of [ 14.497240] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.498563] [ 14.498644] The buggy address belongs to the physical page: [ 14.498843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.499701] flags: 0x200000000000000(node=0|zone=2) [ 14.500684] page_type: f5(slab) [ 14.500823] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.501270] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.501957] page dumped because: kasan: bad access detected [ 14.502741] [ 14.502953] Memory state around the buggy address: [ 14.503545] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.503953] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.504530] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.505247] ^ [ 14.505629] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.506386] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.506979] ================================================================== [ 14.544219] ================================================================== [ 14.545150] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.546152] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.546996] [ 14.547337] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.547391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.547403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.547426] Call Trace: [ 14.547439] <TASK> [ 14.547460] dump_stack_lvl+0x73/0xb0 [ 14.547498] print_report+0xd1/0x610 [ 14.547521] ? __virt_addr_valid+0x1db/0x2d0 [ 14.547545] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.547572] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.547594] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.547620] kasan_report+0x141/0x180 [ 14.547641] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.547671] kasan_check_range+0x10c/0x1c0 [ 14.547694] __kasan_check_write+0x18/0x20 [ 14.547713] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.547739] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.547765] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.547791] ? kasan_bitops_generic+0x92/0x1c0 [ 14.547817] kasan_bitops_generic+0x116/0x1c0 [ 14.547841] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.547864] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.547892] kunit_try_run_case+0x1a5/0x480 [ 14.547917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.547938] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.547963] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.547986] ? __kthread_parkme+0x82/0x180 [ 14.548007] ? preempt_count_sub+0x50/0x80 [ 14.548047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.548070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.548094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.548119] kthread+0x337/0x6f0 [ 14.548137] ? trace_preempt_on+0x20/0xc0 [ 14.548160] ? __pfx_kthread+0x10/0x10 [ 14.548191] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.548213] ? calculate_sigpending+0x7b/0xa0 [ 14.548238] ? __pfx_kthread+0x10/0x10 [ 14.548258] ret_from_fork+0x116/0x1d0 [ 14.548278] ? __pfx_kthread+0x10/0x10 [ 14.548297] ret_from_fork_asm+0x1a/0x30 [ 14.548328] </TASK> [ 14.548339] [ 14.560989] Allocated by task 278: [ 14.561333] kasan_save_stack+0x45/0x70 [ 14.561555] kasan_save_track+0x18/0x40 [ 14.561816] kasan_save_alloc_info+0x3b/0x50 [ 14.561969] __kasan_kmalloc+0xb7/0xc0 [ 14.562144] __kmalloc_cache_noprof+0x189/0x420 [ 14.562367] kasan_bitops_generic+0x92/0x1c0 [ 14.562583] kunit_try_run_case+0x1a5/0x480 [ 14.562763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.563257] kthread+0x337/0x6f0 [ 14.563400] ret_from_fork+0x116/0x1d0 [ 14.563536] ret_from_fork_asm+0x1a/0x30 [ 14.563754] [ 14.563853] The buggy address belongs to the object at ffff888102712180 [ 14.563853] which belongs to the cache kmalloc-16 of size 16 [ 14.564759] The buggy address is located 8 bytes inside of [ 14.564759] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.565329] [ 14.565409] The buggy address belongs to the physical page: [ 14.565716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.566072] flags: 0x200000000000000(node=0|zone=2) [ 14.566379] page_type: f5(slab) [ 14.566596] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.567002] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.567321] page dumped because: kasan: bad access detected [ 14.567497] [ 14.567566] Memory state around the buggy address: [ 14.567722] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.568401] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.568706] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.569039] ^ [ 14.569177] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.569575] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.569851] ================================================================== [ 14.624977] ================================================================== [ 14.625380] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.625728] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.626044] [ 14.626153] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.626199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.626211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.626233] Call Trace: [ 14.626252] <TASK> [ 14.626271] dump_stack_lvl+0x73/0xb0 [ 14.626300] print_report+0xd1/0x610 [ 14.626322] ? __virt_addr_valid+0x1db/0x2d0 [ 14.626345] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.626372] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.626394] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.626550] kasan_report+0x141/0x180 [ 14.626576] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.626607] kasan_check_range+0x10c/0x1c0 [ 14.626631] __kasan_check_write+0x18/0x20 [ 14.626650] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.626675] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.626703] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.626730] ? kasan_bitops_generic+0x92/0x1c0 [ 14.626758] kasan_bitops_generic+0x116/0x1c0 [ 14.626781] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.626805] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.626833] kunit_try_run_case+0x1a5/0x480 [ 14.626858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.626880] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.626904] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.626927] ? __kthread_parkme+0x82/0x180 [ 14.626948] ? preempt_count_sub+0x50/0x80 [ 14.626972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.627065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.627094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.627119] kthread+0x337/0x6f0 [ 14.627138] ? trace_preempt_on+0x20/0xc0 [ 14.627161] ? __pfx_kthread+0x10/0x10 [ 14.627181] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.627205] ? calculate_sigpending+0x7b/0xa0 [ 14.627229] ? __pfx_kthread+0x10/0x10 [ 14.627250] ret_from_fork+0x116/0x1d0 [ 14.627268] ? __pfx_kthread+0x10/0x10 [ 14.627288] ret_from_fork_asm+0x1a/0x30 [ 14.627318] </TASK> [ 14.627330] [ 14.635825] Allocated by task 278: [ 14.636254] kasan_save_stack+0x45/0x70 [ 14.636460] kasan_save_track+0x18/0x40 [ 14.636692] kasan_save_alloc_info+0x3b/0x50 [ 14.636858] __kasan_kmalloc+0xb7/0xc0 [ 14.636992] __kmalloc_cache_noprof+0x189/0x420 [ 14.637241] kasan_bitops_generic+0x92/0x1c0 [ 14.637390] kunit_try_run_case+0x1a5/0x480 [ 14.637561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.637747] kthread+0x337/0x6f0 [ 14.637914] ret_from_fork+0x116/0x1d0 [ 14.638212] ret_from_fork_asm+0x1a/0x30 [ 14.638418] [ 14.638512] The buggy address belongs to the object at ffff888102712180 [ 14.638512] which belongs to the cache kmalloc-16 of size 16 [ 14.639048] The buggy address is located 8 bytes inside of [ 14.639048] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.639562] [ 14.639657] The buggy address belongs to the physical page: [ 14.639912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.640278] flags: 0x200000000000000(node=0|zone=2) [ 14.640871] page_type: f5(slab) [ 14.641140] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.641515] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.641826] page dumped because: kasan: bad access detected [ 14.642163] [ 14.642259] Memory state around the buggy address: [ 14.642489] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.642800] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.643174] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.643469] ^ [ 14.643641] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.643911] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.644454] ================================================================== [ 14.435314] ================================================================== [ 14.436646] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.436946] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.437660] [ 14.437864] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.437915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.437927] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.437951] Call Trace: [ 14.437965] <TASK> [ 14.437984] dump_stack_lvl+0x73/0xb0 [ 14.438092] print_report+0xd1/0x610 [ 14.438119] ? __virt_addr_valid+0x1db/0x2d0 [ 14.438143] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.438170] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.438192] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.438219] kasan_report+0x141/0x180 [ 14.438240] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.438271] kasan_check_range+0x10c/0x1c0 [ 14.438294] __kasan_check_write+0x18/0x20 [ 14.438314] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.438339] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.438367] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.438393] ? kasan_bitops_generic+0x92/0x1c0 [ 14.438419] kasan_bitops_generic+0x116/0x1c0 [ 14.438453] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.438477] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.438504] kunit_try_run_case+0x1a5/0x480 [ 14.438529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.438552] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.438577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.438601] ? __kthread_parkme+0x82/0x180 [ 14.438621] ? preempt_count_sub+0x50/0x80 [ 14.438646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.438670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.438693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.438717] kthread+0x337/0x6f0 [ 14.438736] ? trace_preempt_on+0x20/0xc0 [ 14.438760] ? __pfx_kthread+0x10/0x10 [ 14.438779] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.438801] ? calculate_sigpending+0x7b/0xa0 [ 14.438825] ? __pfx_kthread+0x10/0x10 [ 14.438846] ret_from_fork+0x116/0x1d0 [ 14.438865] ? __pfx_kthread+0x10/0x10 [ 14.438885] ret_from_fork_asm+0x1a/0x30 [ 14.438916] </TASK> [ 14.438927] [ 14.454888] Allocated by task 278: [ 14.455485] kasan_save_stack+0x45/0x70 [ 14.455880] kasan_save_track+0x18/0x40 [ 14.456492] kasan_save_alloc_info+0x3b/0x50 [ 14.456946] __kasan_kmalloc+0xb7/0xc0 [ 14.457415] __kmalloc_cache_noprof+0x189/0x420 [ 14.457966] kasan_bitops_generic+0x92/0x1c0 [ 14.458402] kunit_try_run_case+0x1a5/0x480 [ 14.458563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.458741] kthread+0x337/0x6f0 [ 14.458863] ret_from_fork+0x116/0x1d0 [ 14.458997] ret_from_fork_asm+0x1a/0x30 [ 14.459958] [ 14.460281] The buggy address belongs to the object at ffff888102712180 [ 14.460281] which belongs to the cache kmalloc-16 of size 16 [ 14.461783] The buggy address is located 8 bytes inside of [ 14.461783] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.463201] [ 14.463570] The buggy address belongs to the physical page: [ 14.463968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.464901] flags: 0x200000000000000(node=0|zone=2) [ 14.465307] page_type: f5(slab) [ 14.465822] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.466258] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.467131] page dumped because: kasan: bad access detected [ 14.467623] [ 14.467700] Memory state around the buggy address: [ 14.467857] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.468084] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.468766] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.469601] ^ [ 14.470047] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.470708] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.471590] ================================================================== [ 14.570548] ================================================================== [ 14.570874] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.571317] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.571702] [ 14.571812] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.571859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.571870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.571892] Call Trace: [ 14.571905] <TASK> [ 14.571924] dump_stack_lvl+0x73/0xb0 [ 14.571955] print_report+0xd1/0x610 [ 14.571978] ? __virt_addr_valid+0x1db/0x2d0 [ 14.572002] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.572040] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.572062] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.572089] kasan_report+0x141/0x180 [ 14.572111] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.572142] kasan_check_range+0x10c/0x1c0 [ 14.572165] __kasan_check_write+0x18/0x20 [ 14.572183] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.572209] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.572236] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.572262] ? kasan_bitops_generic+0x92/0x1c0 [ 14.572625] kasan_bitops_generic+0x116/0x1c0 [ 14.572651] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.572675] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.572703] kunit_try_run_case+0x1a5/0x480 [ 14.572727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.572749] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.572775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.572798] ? __kthread_parkme+0x82/0x180 [ 14.572819] ? preempt_count_sub+0x50/0x80 [ 14.572855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.572879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.572902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.572927] kthread+0x337/0x6f0 [ 14.572945] ? trace_preempt_on+0x20/0xc0 [ 14.572968] ? __pfx_kthread+0x10/0x10 [ 14.572988] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.573022] ? calculate_sigpending+0x7b/0xa0 [ 14.573387] ? __pfx_kthread+0x10/0x10 [ 14.573409] ret_from_fork+0x116/0x1d0 [ 14.573428] ? __pfx_kthread+0x10/0x10 [ 14.573449] ret_from_fork_asm+0x1a/0x30 [ 14.573480] </TASK> [ 14.573491] [ 14.587329] Allocated by task 278: [ 14.587543] kasan_save_stack+0x45/0x70 [ 14.587753] kasan_save_track+0x18/0x40 [ 14.587936] kasan_save_alloc_info+0x3b/0x50 [ 14.588907] __kasan_kmalloc+0xb7/0xc0 [ 14.589255] __kmalloc_cache_noprof+0x189/0x420 [ 14.589752] kasan_bitops_generic+0x92/0x1c0 [ 14.590223] kunit_try_run_case+0x1a5/0x480 [ 14.590540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.590907] kthread+0x337/0x6f0 [ 14.591148] ret_from_fork+0x116/0x1d0 [ 14.591331] ret_from_fork_asm+0x1a/0x30 [ 14.591900] [ 14.591991] The buggy address belongs to the object at ffff888102712180 [ 14.591991] which belongs to the cache kmalloc-16 of size 16 [ 14.592937] The buggy address is located 8 bytes inside of [ 14.592937] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.594271] [ 14.594456] The buggy address belongs to the physical page: [ 14.594947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.596244] flags: 0x200000000000000(node=0|zone=2) [ 14.596660] page_type: f5(slab) [ 14.596998] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.597327] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.597937] page dumped because: kasan: bad access detected [ 14.598413] [ 14.598510] Memory state around the buggy address: [ 14.598721] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.599369] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.599914] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.600683] ^ [ 14.600864] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.601453] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.601969] ================================================================== [ 14.507871] ================================================================== [ 14.508621] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.509335] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.510176] [ 14.510396] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.510448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.510460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.510481] Call Trace: [ 14.510501] <TASK> [ 14.510520] dump_stack_lvl+0x73/0xb0 [ 14.510559] print_report+0xd1/0x610 [ 14.510583] ? __virt_addr_valid+0x1db/0x2d0 [ 14.510606] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.510632] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.510654] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.510680] kasan_report+0x141/0x180 [ 14.510701] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.510756] kasan_check_range+0x10c/0x1c0 [ 14.510779] __kasan_check_write+0x18/0x20 [ 14.510799] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.510824] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.510851] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.510877] ? kasan_bitops_generic+0x92/0x1c0 [ 14.510904] kasan_bitops_generic+0x116/0x1c0 [ 14.510928] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.510951] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.510980] kunit_try_run_case+0x1a5/0x480 [ 14.511005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.511039] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.511065] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.511090] ? __kthread_parkme+0x82/0x180 [ 14.511111] ? preempt_count_sub+0x50/0x80 [ 14.511136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.511160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.511184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.511208] kthread+0x337/0x6f0 [ 14.511226] ? trace_preempt_on+0x20/0xc0 [ 14.511250] ? __pfx_kthread+0x10/0x10 [ 14.511270] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.511292] ? calculate_sigpending+0x7b/0xa0 [ 14.511316] ? __pfx_kthread+0x10/0x10 [ 14.511337] ret_from_fork+0x116/0x1d0 [ 14.511356] ? __pfx_kthread+0x10/0x10 [ 14.511376] ret_from_fork_asm+0x1a/0x30 [ 14.511408] </TASK> [ 14.511417] [ 14.527508] Allocated by task 278: [ 14.527871] kasan_save_stack+0x45/0x70 [ 14.528316] kasan_save_track+0x18/0x40 [ 14.528892] kasan_save_alloc_info+0x3b/0x50 [ 14.529415] __kasan_kmalloc+0xb7/0xc0 [ 14.529915] __kmalloc_cache_noprof+0x189/0x420 [ 14.530328] kasan_bitops_generic+0x92/0x1c0 [ 14.530791] kunit_try_run_case+0x1a5/0x480 [ 14.531160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.531744] kthread+0x337/0x6f0 [ 14.531922] ret_from_fork+0x116/0x1d0 [ 14.532392] ret_from_fork_asm+0x1a/0x30 [ 14.532934] [ 14.533145] The buggy address belongs to the object at ffff888102712180 [ 14.533145] which belongs to the cache kmalloc-16 of size 16 [ 14.533938] The buggy address is located 8 bytes inside of [ 14.533938] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.535078] [ 14.535322] The buggy address belongs to the physical page: [ 14.535647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.535896] flags: 0x200000000000000(node=0|zone=2) [ 14.536534] page_type: f5(slab) [ 14.536873] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.537697] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.538424] page dumped because: kasan: bad access detected [ 14.539134] [ 14.539211] Memory state around the buggy address: [ 14.539372] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.539975] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.541046] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.541689] ^ [ 14.542051] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.542653] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.542983] ================================================================== [ 14.644971] ================================================================== [ 14.645410] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.645816] Write of size 8 at addr ffff888102712188 by task kunit_try_catch/278 [ 14.646205] [ 14.646324] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.646372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.646384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.646406] Call Trace: [ 14.646425] <TASK> [ 14.646443] dump_stack_lvl+0x73/0xb0 [ 14.646473] print_report+0xd1/0x610 [ 14.646523] ? __virt_addr_valid+0x1db/0x2d0 [ 14.646548] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.646573] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.646595] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.646621] kasan_report+0x141/0x180 [ 14.646643] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.646673] kasan_check_range+0x10c/0x1c0 [ 14.646696] __kasan_check_write+0x18/0x20 [ 14.646715] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.646741] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.646767] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.646792] ? kasan_bitops_generic+0x92/0x1c0 [ 14.646819] kasan_bitops_generic+0x116/0x1c0 [ 14.646843] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.646866] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.646894] kunit_try_run_case+0x1a5/0x480 [ 14.646918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.646940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.646965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.646989] ? __kthread_parkme+0x82/0x180 [ 14.647098] ? preempt_count_sub+0x50/0x80 [ 14.647122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.647146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.647170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.647195] kthread+0x337/0x6f0 [ 14.647213] ? trace_preempt_on+0x20/0xc0 [ 14.647236] ? __pfx_kthread+0x10/0x10 [ 14.647256] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.647277] ? calculate_sigpending+0x7b/0xa0 [ 14.647302] ? __pfx_kthread+0x10/0x10 [ 14.647322] ret_from_fork+0x116/0x1d0 [ 14.647341] ? __pfx_kthread+0x10/0x10 [ 14.647361] ret_from_fork_asm+0x1a/0x30 [ 14.647392] </TASK> [ 14.647402] [ 14.655804] Allocated by task 278: [ 14.656282] kasan_save_stack+0x45/0x70 [ 14.656516] kasan_save_track+0x18/0x40 [ 14.656731] kasan_save_alloc_info+0x3b/0x50 [ 14.656949] __kasan_kmalloc+0xb7/0xc0 [ 14.657226] __kmalloc_cache_noprof+0x189/0x420 [ 14.657455] kasan_bitops_generic+0x92/0x1c0 [ 14.657689] kunit_try_run_case+0x1a5/0x480 [ 14.657899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.658094] kthread+0x337/0x6f0 [ 14.658270] ret_from_fork+0x116/0x1d0 [ 14.658455] ret_from_fork_asm+0x1a/0x30 [ 14.658632] [ 14.658726] The buggy address belongs to the object at ffff888102712180 [ 14.658726] which belongs to the cache kmalloc-16 of size 16 [ 14.659224] The buggy address is located 8 bytes inside of [ 14.659224] allocated 9-byte region [ffff888102712180, ffff888102712189) [ 14.659687] [ 14.659781] The buggy address belongs to the physical page: [ 14.660302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 14.660678] flags: 0x200000000000000(node=0|zone=2) [ 14.660902] page_type: f5(slab) [ 14.661160] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.661507] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.661801] page dumped because: kasan: bad access detected [ 14.662137] [ 14.662213] Memory state around the buggy address: [ 14.662439] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.662746] ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.663107] >ffff888102712180: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.663372] ^ [ 14.663578] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.663862] ffff888102712280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.664446] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.395671] ================================================================== [ 14.396736] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.397425] Read of size 1 at addr ffff8881029c9590 by task kunit_try_catch/276 [ 14.397939] [ 14.398104] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.398159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.398171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.398196] Call Trace: [ 14.398217] <TASK> [ 14.398238] dump_stack_lvl+0x73/0xb0 [ 14.398274] print_report+0xd1/0x610 [ 14.398300] ? __virt_addr_valid+0x1db/0x2d0 [ 14.398326] ? strnlen+0x73/0x80 [ 14.398343] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.398366] ? strnlen+0x73/0x80 [ 14.398384] kasan_report+0x141/0x180 [ 14.398405] ? strnlen+0x73/0x80 [ 14.398427] __asan_report_load1_noabort+0x18/0x20 [ 14.398452] strnlen+0x73/0x80 [ 14.398471] kasan_strings+0x615/0xe80 [ 14.398491] ? trace_hardirqs_on+0x37/0xe0 [ 14.398515] ? __pfx_kasan_strings+0x10/0x10 [ 14.398535] ? finish_task_switch.isra.0+0x153/0x700 [ 14.398558] ? __switch_to+0x47/0xf50 [ 14.398583] ? __schedule+0x10cc/0x2b60 [ 14.398606] ? __pfx_read_tsc+0x10/0x10 [ 14.398626] ? ktime_get_ts64+0x86/0x230 [ 14.398651] kunit_try_run_case+0x1a5/0x480 [ 14.398676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.398698] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.398723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.398746] ? __kthread_parkme+0x82/0x180 [ 14.398768] ? preempt_count_sub+0x50/0x80 [ 14.398790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.398814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.398838] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.398861] kthread+0x337/0x6f0 [ 14.398882] ? trace_preempt_on+0x20/0xc0 [ 14.398903] ? __pfx_kthread+0x10/0x10 [ 14.398924] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.398945] ? calculate_sigpending+0x7b/0xa0 [ 14.398970] ? __pfx_kthread+0x10/0x10 [ 14.398991] ret_from_fork+0x116/0x1d0 [ 14.399022] ? __pfx_kthread+0x10/0x10 [ 14.399043] ret_from_fork_asm+0x1a/0x30 [ 14.399074] </TASK> [ 14.399084] [ 14.413909] Allocated by task 276: [ 14.414315] kasan_save_stack+0x45/0x70 [ 14.414740] kasan_save_track+0x18/0x40 [ 14.415137] kasan_save_alloc_info+0x3b/0x50 [ 14.415517] __kasan_kmalloc+0xb7/0xc0 [ 14.415693] __kmalloc_cache_noprof+0x189/0x420 [ 14.415854] kasan_strings+0xc0/0xe80 [ 14.415987] kunit_try_run_case+0x1a5/0x480 [ 14.416732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.417284] kthread+0x337/0x6f0 [ 14.417699] ret_from_fork+0x116/0x1d0 [ 14.418123] ret_from_fork_asm+0x1a/0x30 [ 14.418496] [ 14.418574] Freed by task 276: [ 14.418689] kasan_save_stack+0x45/0x70 [ 14.418827] kasan_save_track+0x18/0x40 [ 14.418962] kasan_save_free_info+0x3f/0x60 [ 14.419414] __kasan_slab_free+0x56/0x70 [ 14.419813] kfree+0x222/0x3f0 [ 14.420111] kasan_strings+0x2aa/0xe80 [ 14.420571] kunit_try_run_case+0x1a5/0x480 [ 14.420811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.420996] kthread+0x337/0x6f0 [ 14.421687] ret_from_fork+0x116/0x1d0 [ 14.422124] ret_from_fork_asm+0x1a/0x30 [ 14.422538] [ 14.422713] The buggy address belongs to the object at ffff8881029c9580 [ 14.422713] which belongs to the cache kmalloc-32 of size 32 [ 14.423663] The buggy address is located 16 bytes inside of [ 14.423663] freed 32-byte region [ffff8881029c9580, ffff8881029c95a0) [ 14.424512] [ 14.424710] The buggy address belongs to the physical page: [ 14.425182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c9 [ 14.425441] flags: 0x200000000000000(node=0|zone=2) [ 14.425863] page_type: f5(slab) [ 14.426571] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.427280] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.427721] page dumped because: kasan: bad access detected [ 14.427896] [ 14.427966] Memory state around the buggy address: [ 14.428219] ffff8881029c9480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.428821] ffff8881029c9500: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.429477] >ffff8881029c9580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.430218] ^ [ 14.430561] ffff8881029c9600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.431603] ffff8881029c9680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.431825] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.356299] ================================================================== [ 14.357032] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.357663] Read of size 1 at addr ffff8881029c9590 by task kunit_try_catch/276 [ 14.358386] [ 14.358608] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.358659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.358682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.358705] Call Trace: [ 14.358726] <TASK> [ 14.358746] dump_stack_lvl+0x73/0xb0 [ 14.358777] print_report+0xd1/0x610 [ 14.358803] ? __virt_addr_valid+0x1db/0x2d0 [ 14.358836] ? strlen+0x8f/0xb0 [ 14.358853] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.358876] ? strlen+0x8f/0xb0 [ 14.358903] kasan_report+0x141/0x180 [ 14.358925] ? strlen+0x8f/0xb0 [ 14.358947] __asan_report_load1_noabort+0x18/0x20 [ 14.358971] strlen+0x8f/0xb0 [ 14.358989] kasan_strings+0x57b/0xe80 [ 14.359027] ? trace_hardirqs_on+0x37/0xe0 [ 14.359051] ? __pfx_kasan_strings+0x10/0x10 [ 14.359118] ? finish_task_switch.isra.0+0x153/0x700 [ 14.359144] ? __switch_to+0x47/0xf50 [ 14.359171] ? __schedule+0x10cc/0x2b60 [ 14.359193] ? __pfx_read_tsc+0x10/0x10 [ 14.359214] ? ktime_get_ts64+0x86/0x230 [ 14.359238] kunit_try_run_case+0x1a5/0x480 [ 14.359263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.359286] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.359311] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.359334] ? __kthread_parkme+0x82/0x180 [ 14.359356] ? preempt_count_sub+0x50/0x80 [ 14.359379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.359402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.359427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.359451] kthread+0x337/0x6f0 [ 14.359470] ? trace_preempt_on+0x20/0xc0 [ 14.359492] ? __pfx_kthread+0x10/0x10 [ 14.359512] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.359533] ? calculate_sigpending+0x7b/0xa0 [ 14.359559] ? __pfx_kthread+0x10/0x10 [ 14.359579] ret_from_fork+0x116/0x1d0 [ 14.359598] ? __pfx_kthread+0x10/0x10 [ 14.359618] ret_from_fork_asm+0x1a/0x30 [ 14.359650] </TASK> [ 14.359660] [ 14.374828] Allocated by task 276: [ 14.375088] kasan_save_stack+0x45/0x70 [ 14.375553] kasan_save_track+0x18/0x40 [ 14.375692] kasan_save_alloc_info+0x3b/0x50 [ 14.375841] __kasan_kmalloc+0xb7/0xc0 [ 14.375974] __kmalloc_cache_noprof+0x189/0x420 [ 14.376920] kasan_strings+0xc0/0xe80 [ 14.377389] kunit_try_run_case+0x1a5/0x480 [ 14.377805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.378460] kthread+0x337/0x6f0 [ 14.378872] ret_from_fork+0x116/0x1d0 [ 14.379247] ret_from_fork_asm+0x1a/0x30 [ 14.379686] [ 14.379764] Freed by task 276: [ 14.379881] kasan_save_stack+0x45/0x70 [ 14.380079] kasan_save_track+0x18/0x40 [ 14.380443] kasan_save_free_info+0x3f/0x60 [ 14.380861] __kasan_slab_free+0x56/0x70 [ 14.381626] kfree+0x222/0x3f0 [ 14.381947] kasan_strings+0x2aa/0xe80 [ 14.382413] kunit_try_run_case+0x1a5/0x480 [ 14.382755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.382935] kthread+0x337/0x6f0 [ 14.383197] ret_from_fork+0x116/0x1d0 [ 14.383572] ret_from_fork_asm+0x1a/0x30 [ 14.383957] [ 14.384189] The buggy address belongs to the object at ffff8881029c9580 [ 14.384189] which belongs to the cache kmalloc-32 of size 32 [ 14.385105] The buggy address is located 16 bytes inside of [ 14.385105] freed 32-byte region [ffff8881029c9580, ffff8881029c95a0) [ 14.386112] [ 14.386233] The buggy address belongs to the physical page: [ 14.386465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c9 [ 14.386776] flags: 0x200000000000000(node=0|zone=2) [ 14.386983] page_type: f5(slab) [ 14.387142] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.387425] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.387714] page dumped because: kasan: bad access detected [ 14.387925] [ 14.388028] Memory state around the buggy address: [ 14.388776] ffff8881029c9480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.390146] ffff8881029c9500: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.391022] >ffff8881029c9580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.391858] ^ [ 14.392454] ffff8881029c9600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.393643] ffff8881029c9680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.394419] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.319765] ================================================================== [ 14.320789] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.321292] Read of size 1 at addr ffff8881029c9590 by task kunit_try_catch/276 [ 14.321561] [ 14.321785] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.321864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.321878] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.321900] Call Trace: [ 14.321933] <TASK> [ 14.321953] dump_stack_lvl+0x73/0xb0 [ 14.321986] print_report+0xd1/0x610 [ 14.322045] ? __virt_addr_valid+0x1db/0x2d0 [ 14.322069] ? kasan_strings+0xcbc/0xe80 [ 14.322091] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.322170] ? kasan_strings+0xcbc/0xe80 [ 14.322192] kasan_report+0x141/0x180 [ 14.322214] ? kasan_strings+0xcbc/0xe80 [ 14.322238] __asan_report_load1_noabort+0x18/0x20 [ 14.322263] kasan_strings+0xcbc/0xe80 [ 14.322314] ? trace_hardirqs_on+0x37/0xe0 [ 14.322340] ? __pfx_kasan_strings+0x10/0x10 [ 14.322360] ? finish_task_switch.isra.0+0x153/0x700 [ 14.322394] ? __switch_to+0x47/0xf50 [ 14.322420] ? __schedule+0x10cc/0x2b60 [ 14.322455] ? __pfx_read_tsc+0x10/0x10 [ 14.322476] ? ktime_get_ts64+0x86/0x230 [ 14.322528] kunit_try_run_case+0x1a5/0x480 [ 14.322553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.322575] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.322611] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.322634] ? __kthread_parkme+0x82/0x180 [ 14.322655] ? preempt_count_sub+0x50/0x80 [ 14.322678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.322702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.322726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.322750] kthread+0x337/0x6f0 [ 14.322769] ? trace_preempt_on+0x20/0xc0 [ 14.322790] ? __pfx_kthread+0x10/0x10 [ 14.322810] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.322832] ? calculate_sigpending+0x7b/0xa0 [ 14.322857] ? __pfx_kthread+0x10/0x10 [ 14.322877] ret_from_fork+0x116/0x1d0 [ 14.322896] ? __pfx_kthread+0x10/0x10 [ 14.322916] ret_from_fork_asm+0x1a/0x30 [ 14.322947] </TASK> [ 14.322957] [ 14.337950] Allocated by task 276: [ 14.338271] kasan_save_stack+0x45/0x70 [ 14.338685] kasan_save_track+0x18/0x40 [ 14.338821] kasan_save_alloc_info+0x3b/0x50 [ 14.338965] __kasan_kmalloc+0xb7/0xc0 [ 14.339379] __kmalloc_cache_noprof+0x189/0x420 [ 14.339843] kasan_strings+0xc0/0xe80 [ 14.340268] kunit_try_run_case+0x1a5/0x480 [ 14.340731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.341522] kthread+0x337/0x6f0 [ 14.341654] ret_from_fork+0x116/0x1d0 [ 14.341786] ret_from_fork_asm+0x1a/0x30 [ 14.341921] [ 14.341995] Freed by task 276: [ 14.342312] kasan_save_stack+0x45/0x70 [ 14.342862] kasan_save_track+0x18/0x40 [ 14.343365] kasan_save_free_info+0x3f/0x60 [ 14.343821] __kasan_slab_free+0x56/0x70 [ 14.344261] kfree+0x222/0x3f0 [ 14.344626] kasan_strings+0x2aa/0xe80 [ 14.345002] kunit_try_run_case+0x1a5/0x480 [ 14.345285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.345497] kthread+0x337/0x6f0 [ 14.345841] ret_from_fork+0x116/0x1d0 [ 14.346605] ret_from_fork_asm+0x1a/0x30 [ 14.347082] [ 14.347291] The buggy address belongs to the object at ffff8881029c9580 [ 14.347291] which belongs to the cache kmalloc-32 of size 32 [ 14.348105] The buggy address is located 16 bytes inside of [ 14.348105] freed 32-byte region [ffff8881029c9580, ffff8881029c95a0) [ 14.348655] [ 14.348819] The buggy address belongs to the physical page: [ 14.349270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c9 [ 14.349722] flags: 0x200000000000000(node=0|zone=2) [ 14.349889] page_type: f5(slab) [ 14.350021] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.350811] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.351595] page dumped because: kasan: bad access detected [ 14.352571] [ 14.352651] Memory state around the buggy address: [ 14.352813] ffff8881029c9480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.353145] ffff8881029c9500: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.353871] >ffff8881029c9580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.354584] ^ [ 14.354990] ffff8881029c9600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.355570] ffff8881029c9680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.355782] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.279826] ================================================================== [ 14.281394] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.282078] Read of size 1 at addr ffff8881029c9590 by task kunit_try_catch/276 [ 14.282903] [ 14.283125] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.283185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.283198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.283222] Call Trace: [ 14.283241] <TASK> [ 14.283265] dump_stack_lvl+0x73/0xb0 [ 14.283301] print_report+0xd1/0x610 [ 14.283326] ? __virt_addr_valid+0x1db/0x2d0 [ 14.283351] ? strcmp+0xb0/0xc0 [ 14.283368] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.283392] ? strcmp+0xb0/0xc0 [ 14.283409] kasan_report+0x141/0x180 [ 14.283431] ? strcmp+0xb0/0xc0 [ 14.283453] __asan_report_load1_noabort+0x18/0x20 [ 14.283478] strcmp+0xb0/0xc0 [ 14.283496] kasan_strings+0x431/0xe80 [ 14.283517] ? trace_hardirqs_on+0x37/0xe0 [ 14.283541] ? __pfx_kasan_strings+0x10/0x10 [ 14.283562] ? finish_task_switch.isra.0+0x153/0x700 [ 14.283585] ? __switch_to+0x47/0xf50 [ 14.283611] ? __schedule+0x10cc/0x2b60 [ 14.283635] ? __pfx_read_tsc+0x10/0x10 [ 14.283656] ? ktime_get_ts64+0x86/0x230 [ 14.283681] kunit_try_run_case+0x1a5/0x480 [ 14.283707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.283729] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.283754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.283778] ? __kthread_parkme+0x82/0x180 [ 14.283800] ? preempt_count_sub+0x50/0x80 [ 14.283824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.283849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.283873] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.283898] kthread+0x337/0x6f0 [ 14.283918] ? trace_preempt_on+0x20/0xc0 [ 14.283940] ? __pfx_kthread+0x10/0x10 [ 14.283962] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.283983] ? calculate_sigpending+0x7b/0xa0 [ 14.284020] ? __pfx_kthread+0x10/0x10 [ 14.284042] ret_from_fork+0x116/0x1d0 [ 14.284063] ? __pfx_kthread+0x10/0x10 [ 14.284083] ret_from_fork_asm+0x1a/0x30 [ 14.284115] </TASK> [ 14.284127] [ 14.298155] Allocated by task 276: [ 14.298872] kasan_save_stack+0x45/0x70 [ 14.299452] kasan_save_track+0x18/0x40 [ 14.300007] kasan_save_alloc_info+0x3b/0x50 [ 14.300401] __kasan_kmalloc+0xb7/0xc0 [ 14.300880] __kmalloc_cache_noprof+0x189/0x420 [ 14.301317] kasan_strings+0xc0/0xe80 [ 14.301534] kunit_try_run_case+0x1a5/0x480 [ 14.302184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.303064] kthread+0x337/0x6f0 [ 14.303205] ret_from_fork+0x116/0x1d0 [ 14.303739] ret_from_fork_asm+0x1a/0x30 [ 14.304221] [ 14.304431] Freed by task 276: [ 14.304630] kasan_save_stack+0x45/0x70 [ 14.304773] kasan_save_track+0x18/0x40 [ 14.304916] kasan_save_free_info+0x3f/0x60 [ 14.305206] __kasan_slab_free+0x56/0x70 [ 14.305654] kfree+0x222/0x3f0 [ 14.306066] kasan_strings+0x2aa/0xe80 [ 14.306512] kunit_try_run_case+0x1a5/0x480 [ 14.306926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.307859] kthread+0x337/0x6f0 [ 14.308171] ret_from_fork+0x116/0x1d0 [ 14.308404] ret_from_fork_asm+0x1a/0x30 [ 14.308785] [ 14.309082] The buggy address belongs to the object at ffff8881029c9580 [ 14.309082] which belongs to the cache kmalloc-32 of size 32 [ 14.309912] The buggy address is located 16 bytes inside of [ 14.309912] freed 32-byte region [ffff8881029c9580, ffff8881029c95a0) [ 14.310801] [ 14.310886] The buggy address belongs to the physical page: [ 14.311236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c9 [ 14.312399] flags: 0x200000000000000(node=0|zone=2) [ 14.312901] page_type: f5(slab) [ 14.313172] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.313691] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.313924] page dumped because: kasan: bad access detected [ 14.314392] [ 14.314621] Memory state around the buggy address: [ 14.315143] ffff8881029c9480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.315841] ffff8881029c9500: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.316392] >ffff8881029c9580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.317000] ^ [ 14.317148] ffff8881029c9600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.317365] ffff8881029c9680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.318500] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.229745] ================================================================== [ 14.230697] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.230927] Read of size 1 at addr ffff8881029c9458 by task kunit_try_catch/274 [ 14.232598] [ 14.232869] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.232929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.232945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.232970] Call Trace: [ 14.232985] <TASK> [ 14.233006] dump_stack_lvl+0x73/0xb0 [ 14.233058] print_report+0xd1/0x610 [ 14.233083] ? __virt_addr_valid+0x1db/0x2d0 [ 14.233107] ? memcmp+0x1b4/0x1d0 [ 14.233125] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.233147] ? memcmp+0x1b4/0x1d0 [ 14.233165] kasan_report+0x141/0x180 [ 14.233186] ? memcmp+0x1b4/0x1d0 [ 14.233209] __asan_report_load1_noabort+0x18/0x20 [ 14.233233] memcmp+0x1b4/0x1d0 [ 14.233251] kasan_memcmp+0x18f/0x390 [ 14.233272] ? trace_hardirqs_on+0x37/0xe0 [ 14.233295] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.233315] ? finish_task_switch.isra.0+0x153/0x700 [ 14.233338] ? __switch_to+0x47/0xf50 [ 14.233366] ? __pfx_read_tsc+0x10/0x10 [ 14.233386] ? ktime_get_ts64+0x86/0x230 [ 14.233410] kunit_try_run_case+0x1a5/0x480 [ 14.233671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.233699] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.233725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.233749] ? __kthread_parkme+0x82/0x180 [ 14.233771] ? preempt_count_sub+0x50/0x80 [ 14.233793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.233818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.233842] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.233866] kthread+0x337/0x6f0 [ 14.233885] ? trace_preempt_on+0x20/0xc0 [ 14.233908] ? __pfx_kthread+0x10/0x10 [ 14.233929] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.233950] ? calculate_sigpending+0x7b/0xa0 [ 14.233975] ? __pfx_kthread+0x10/0x10 [ 14.233995] ret_from_fork+0x116/0x1d0 [ 14.234037] ? __pfx_kthread+0x10/0x10 [ 14.234058] ret_from_fork_asm+0x1a/0x30 [ 14.234089] </TASK> [ 14.234100] [ 14.251509] Allocated by task 274: [ 14.252142] kasan_save_stack+0x45/0x70 [ 14.252765] kasan_save_track+0x18/0x40 [ 14.253633] kasan_save_alloc_info+0x3b/0x50 [ 14.254301] __kasan_kmalloc+0xb7/0xc0 [ 14.254857] __kmalloc_cache_noprof+0x189/0x420 [ 14.255112] kasan_memcmp+0xb7/0x390 [ 14.255743] kunit_try_run_case+0x1a5/0x480 [ 14.256004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.256739] kthread+0x337/0x6f0 [ 14.256906] ret_from_fork+0x116/0x1d0 [ 14.257607] ret_from_fork_asm+0x1a/0x30 [ 14.257883] [ 14.257963] The buggy address belongs to the object at ffff8881029c9440 [ 14.257963] which belongs to the cache kmalloc-32 of size 32 [ 14.259369] The buggy address is located 0 bytes to the right of [ 14.259369] allocated 24-byte region [ffff8881029c9440, ffff8881029c9458) [ 14.260611] [ 14.260695] The buggy address belongs to the physical page: [ 14.260881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c9 [ 14.261494] flags: 0x200000000000000(node=0|zone=2) [ 14.262006] page_type: f5(slab) [ 14.262432] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.263555] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.263812] page dumped because: kasan: bad access detected [ 14.263990] [ 14.264264] Memory state around the buggy address: [ 14.264794] ffff8881029c9300: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.265584] ffff8881029c9380: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.266307] >ffff8881029c9400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.266713] ^ [ 14.266909] ffff8881029c9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.267484] ffff8881029c9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.268595] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.192692] ================================================================== [ 14.193518] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.194343] Read of size 1 at addr ffff888103a87c4a by task kunit_try_catch/270 [ 14.194922] [ 14.195425] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.195495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.195507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.195532] Call Trace: [ 14.195549] <TASK> [ 14.195578] dump_stack_lvl+0x73/0xb0 [ 14.195616] print_report+0xd1/0x610 [ 14.195651] ? __virt_addr_valid+0x1db/0x2d0 [ 14.195675] ? kasan_alloca_oob_right+0x329/0x390 [ 14.195698] ? kasan_addr_to_slab+0x11/0xa0 [ 14.195730] ? kasan_alloca_oob_right+0x329/0x390 [ 14.195753] kasan_report+0x141/0x180 [ 14.195773] ? kasan_alloca_oob_right+0x329/0x390 [ 14.195800] __asan_report_load1_noabort+0x18/0x20 [ 14.195825] kasan_alloca_oob_right+0x329/0x390 [ 14.195845] ? __kasan_check_write+0x18/0x20 [ 14.195865] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.195888] ? finish_task_switch.isra.0+0x153/0x700 [ 14.195911] ? __schedule+0x100e/0x2b60 [ 14.195932] ? trace_hardirqs_on+0x37/0xe0 [ 14.195958] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.195984] ? __schedule+0x10cc/0x2b60 [ 14.196004] ? __pfx_read_tsc+0x10/0x10 [ 14.196114] ? ktime_get_ts64+0x86/0x230 [ 14.196142] kunit_try_run_case+0x1a5/0x480 [ 14.196170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.196192] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.196218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.196242] ? __kthread_parkme+0x82/0x180 [ 14.196264] ? preempt_count_sub+0x50/0x80 [ 14.196286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.196310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.196334] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.196358] kthread+0x337/0x6f0 [ 14.196377] ? trace_preempt_on+0x20/0xc0 [ 14.196399] ? __pfx_kthread+0x10/0x10 [ 14.196419] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.196440] ? calculate_sigpending+0x7b/0xa0 [ 14.196465] ? __pfx_kthread+0x10/0x10 [ 14.196485] ret_from_fork+0x116/0x1d0 [ 14.196503] ? __pfx_kthread+0x10/0x10 [ 14.196523] ret_from_fork_asm+0x1a/0x30 [ 14.196555] </TASK> [ 14.196567] [ 14.211370] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.212241] [ 14.212420] The buggy address belongs to the physical page: [ 14.212953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a87 [ 14.213819] flags: 0x200000000000000(node=0|zone=2) [ 14.214270] raw: 0200000000000000 ffffea00040ea1c8 ffffea00040ea1c8 0000000000000000 [ 14.215089] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.216252] page dumped because: kasan: bad access detected [ 14.216827] [ 14.217124] Memory state around the buggy address: [ 14.217288] ffff888103a87b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.217607] ffff888103a87b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.218428] >ffff888103a87c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.219318] ^ [ 14.219993] ffff888103a87c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.220228] ffff888103a87d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.220601] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.217239] ================================================================== [ 12.218042] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.218719] Write of size 128 at addr ffff8881029a6600 by task kunit_try_catch/187 [ 12.219348] [ 12.219501] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.219551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.219562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.219584] Call Trace: [ 12.219598] <TASK> [ 12.219617] dump_stack_lvl+0x73/0xb0 [ 12.219650] print_report+0xd1/0x610 [ 12.219674] ? __virt_addr_valid+0x1db/0x2d0 [ 12.219699] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.219720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.219743] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.219765] kasan_report+0x141/0x180 [ 12.219786] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.219812] kasan_check_range+0x10c/0x1c0 [ 12.219836] __asan_memset+0x27/0x50 [ 12.219855] kmalloc_oob_in_memset+0x15f/0x320 [ 12.219876] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.219899] ? __schedule+0x10cc/0x2b60 [ 12.219921] ? __pfx_read_tsc+0x10/0x10 [ 12.219941] ? ktime_get_ts64+0x86/0x230 [ 12.219967] kunit_try_run_case+0x1a5/0x480 [ 12.219991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.220023] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.220197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.220222] ? __kthread_parkme+0x82/0x180 [ 12.220244] ? preempt_count_sub+0x50/0x80 [ 12.220268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.220328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.220353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.220377] kthread+0x337/0x6f0 [ 12.220396] ? trace_preempt_on+0x20/0xc0 [ 12.220419] ? __pfx_kthread+0x10/0x10 [ 12.220438] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.220459] ? calculate_sigpending+0x7b/0xa0 [ 12.220483] ? __pfx_kthread+0x10/0x10 [ 12.220503] ret_from_fork+0x116/0x1d0 [ 12.220521] ? __pfx_kthread+0x10/0x10 [ 12.220540] ret_from_fork_asm+0x1a/0x30 [ 12.220572] </TASK> [ 12.220581] [ 12.233999] Allocated by task 187: [ 12.234284] kasan_save_stack+0x45/0x70 [ 12.234729] kasan_save_track+0x18/0x40 [ 12.234939] kasan_save_alloc_info+0x3b/0x50 [ 12.235546] __kasan_kmalloc+0xb7/0xc0 [ 12.236075] __kmalloc_cache_noprof+0x189/0x420 [ 12.236294] kmalloc_oob_in_memset+0xac/0x320 [ 12.236669] kunit_try_run_case+0x1a5/0x480 [ 12.237081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.237335] kthread+0x337/0x6f0 [ 12.237690] ret_from_fork+0x116/0x1d0 [ 12.237888] ret_from_fork_asm+0x1a/0x30 [ 12.238383] [ 12.238541] The buggy address belongs to the object at ffff8881029a6600 [ 12.238541] which belongs to the cache kmalloc-128 of size 128 [ 12.239360] The buggy address is located 0 bytes inside of [ 12.239360] allocated 120-byte region [ffff8881029a6600, ffff8881029a6678) [ 12.240539] [ 12.240797] The buggy address belongs to the physical page: [ 12.241129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 12.241506] flags: 0x200000000000000(node=0|zone=2) [ 12.241727] page_type: f5(slab) [ 12.241883] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.242844] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.243569] page dumped because: kasan: bad access detected [ 12.243812] [ 12.243901] Memory state around the buggy address: [ 12.244414] ffff8881029a6500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.244912] ffff8881029a6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.245745] >ffff8881029a6600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.246341] ^ [ 12.246673] ffff8881029a6680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.246968] ffff8881029a6700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.247329] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.182819] ================================================================== [ 12.183740] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.184678] Read of size 16 at addr ffff888102712140 by task kunit_try_catch/185 [ 12.185210] [ 12.185339] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.185392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.185403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.185426] Call Trace: [ 12.185440] <TASK> [ 12.185459] dump_stack_lvl+0x73/0xb0 [ 12.185494] print_report+0xd1/0x610 [ 12.185518] ? __virt_addr_valid+0x1db/0x2d0 [ 12.185542] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.185562] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.185584] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.185604] kasan_report+0x141/0x180 [ 12.185625] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.185649] __asan_report_load16_noabort+0x18/0x20 [ 12.185674] kmalloc_uaf_16+0x47b/0x4c0 [ 12.185694] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.185715] ? __schedule+0x10cc/0x2b60 [ 12.185738] ? __pfx_read_tsc+0x10/0x10 [ 12.185759] ? ktime_get_ts64+0x86/0x230 [ 12.185786] kunit_try_run_case+0x1a5/0x480 [ 12.185813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.185835] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.185860] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.185884] ? __kthread_parkme+0x82/0x180 [ 12.185909] ? preempt_count_sub+0x50/0x80 [ 12.185934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.185960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.185984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.186017] kthread+0x337/0x6f0 [ 12.186036] ? trace_preempt_on+0x20/0xc0 [ 12.186060] ? __pfx_kthread+0x10/0x10 [ 12.186079] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.186100] ? calculate_sigpending+0x7b/0xa0 [ 12.186125] ? __pfx_kthread+0x10/0x10 [ 12.186146] ret_from_fork+0x116/0x1d0 [ 12.186164] ? __pfx_kthread+0x10/0x10 [ 12.186184] ret_from_fork_asm+0x1a/0x30 [ 12.186215] </TASK> [ 12.186225] [ 12.195808] Allocated by task 185: [ 12.196170] kasan_save_stack+0x45/0x70 [ 12.196360] kasan_save_track+0x18/0x40 [ 12.196988] kasan_save_alloc_info+0x3b/0x50 [ 12.197288] __kasan_kmalloc+0xb7/0xc0 [ 12.197512] __kmalloc_cache_noprof+0x189/0x420 [ 12.197725] kmalloc_uaf_16+0x15b/0x4c0 [ 12.197905] kunit_try_run_case+0x1a5/0x480 [ 12.198386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.198769] kthread+0x337/0x6f0 [ 12.198936] ret_from_fork+0x116/0x1d0 [ 12.199587] ret_from_fork_asm+0x1a/0x30 [ 12.199838] [ 12.200358] Freed by task 185: [ 12.200675] kasan_save_stack+0x45/0x70 [ 12.200882] kasan_save_track+0x18/0x40 [ 12.201377] kasan_save_free_info+0x3f/0x60 [ 12.201859] __kasan_slab_free+0x56/0x70 [ 12.202131] kfree+0x222/0x3f0 [ 12.202289] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.202504] kunit_try_run_case+0x1a5/0x480 [ 12.202695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.202919] kthread+0x337/0x6f0 [ 12.203454] ret_from_fork+0x116/0x1d0 [ 12.203855] ret_from_fork_asm+0x1a/0x30 [ 12.204119] [ 12.204214] The buggy address belongs to the object at ffff888102712140 [ 12.204214] which belongs to the cache kmalloc-16 of size 16 [ 12.205194] The buggy address is located 0 bytes inside of [ 12.205194] freed 16-byte region [ffff888102712140, ffff888102712150) [ 12.205833] [ 12.205929] The buggy address belongs to the physical page: [ 12.206507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 12.206849] flags: 0x200000000000000(node=0|zone=2) [ 12.207314] page_type: f5(slab) [ 12.207727] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.208290] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.208882] page dumped because: kasan: bad access detected [ 12.209443] [ 12.209538] Memory state around the buggy address: [ 12.209924] ffff888102712000: 00 06 fc fc 00 06 fc fc 00 00 fc fc 00 04 fc fc [ 12.210933] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 12.211508] >ffff888102712100: 00 04 fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 12.211979] ^ [ 12.212481] ffff888102712180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.212782] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.213352] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.151872] ================================================================== [ 12.152364] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.152686] Write of size 16 at addr ffff888101be2e60 by task kunit_try_catch/183 [ 12.153092] [ 12.153184] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.153233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.153244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.153265] Call Trace: [ 12.153277] <TASK> [ 12.153295] dump_stack_lvl+0x73/0xb0 [ 12.153326] print_report+0xd1/0x610 [ 12.153349] ? __virt_addr_valid+0x1db/0x2d0 [ 12.153372] ? kmalloc_oob_16+0x452/0x4a0 [ 12.153392] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.153414] ? kmalloc_oob_16+0x452/0x4a0 [ 12.153434] kasan_report+0x141/0x180 [ 12.153455] ? kmalloc_oob_16+0x452/0x4a0 [ 12.153480] __asan_report_store16_noabort+0x1b/0x30 [ 12.153505] kmalloc_oob_16+0x452/0x4a0 [ 12.153525] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.153546] ? __schedule+0x10cc/0x2b60 [ 12.153568] ? __pfx_read_tsc+0x10/0x10 [ 12.153588] ? ktime_get_ts64+0x86/0x230 [ 12.153612] kunit_try_run_case+0x1a5/0x480 [ 12.153636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.153658] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.153681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.153705] ? __kthread_parkme+0x82/0x180 [ 12.153725] ? preempt_count_sub+0x50/0x80 [ 12.153748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.153772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.153795] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.153818] kthread+0x337/0x6f0 [ 12.153836] ? trace_preempt_on+0x20/0xc0 [ 12.153859] ? __pfx_kthread+0x10/0x10 [ 12.153878] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.153898] ? calculate_sigpending+0x7b/0xa0 [ 12.153922] ? __pfx_kthread+0x10/0x10 [ 12.153942] ret_from_fork+0x116/0x1d0 [ 12.153960] ? __pfx_kthread+0x10/0x10 [ 12.153979] ret_from_fork_asm+0x1a/0x30 [ 12.154165] </TASK> [ 12.154181] [ 12.164432] Allocated by task 183: [ 12.164711] kasan_save_stack+0x45/0x70 [ 12.164918] kasan_save_track+0x18/0x40 [ 12.165556] kasan_save_alloc_info+0x3b/0x50 [ 12.165836] __kasan_kmalloc+0xb7/0xc0 [ 12.166372] __kmalloc_cache_noprof+0x189/0x420 [ 12.166808] kmalloc_oob_16+0xa8/0x4a0 [ 12.167240] kunit_try_run_case+0x1a5/0x480 [ 12.167695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.167989] kthread+0x337/0x6f0 [ 12.168231] ret_from_fork+0x116/0x1d0 [ 12.168408] ret_from_fork_asm+0x1a/0x30 [ 12.168884] [ 12.168977] The buggy address belongs to the object at ffff888101be2e60 [ 12.168977] which belongs to the cache kmalloc-16 of size 16 [ 12.170237] The buggy address is located 0 bytes inside of [ 12.170237] allocated 13-byte region [ffff888101be2e60, ffff888101be2e6d) [ 12.171213] [ 12.171311] The buggy address belongs to the physical page: [ 12.171859] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101be2 [ 12.172411] flags: 0x200000000000000(node=0|zone=2) [ 12.172858] page_type: f5(slab) [ 12.173275] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.173911] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.174504] page dumped because: kasan: bad access detected [ 12.174878] [ 12.174981] Memory state around the buggy address: [ 12.175402] ffff888101be2d00: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 12.175707] ffff888101be2d80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 12.175996] >ffff888101be2e00: fa fb fc fc 00 05 fc fc fa fb fc fc 00 05 fc fc [ 12.176701] ^ [ 12.177248] ffff888101be2e80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.177722] ffff888101be2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.178228] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.123173] ================================================================== [ 12.123502] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.123811] Read of size 1 at addr ffff888100348c00 by task kunit_try_catch/181 [ 12.124124] [ 12.124239] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.124285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.124296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.124317] Call Trace: [ 12.124338] <TASK> [ 12.124359] dump_stack_lvl+0x73/0xb0 [ 12.124389] print_report+0xd1/0x610 [ 12.124413] ? __virt_addr_valid+0x1db/0x2d0 [ 12.124435] ? krealloc_uaf+0x53c/0x5e0 [ 12.124455] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.124476] ? krealloc_uaf+0x53c/0x5e0 [ 12.124496] kasan_report+0x141/0x180 [ 12.124516] ? krealloc_uaf+0x53c/0x5e0 [ 12.124540] __asan_report_load1_noabort+0x18/0x20 [ 12.124563] krealloc_uaf+0x53c/0x5e0 [ 12.124583] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.124602] ? finish_task_switch.isra.0+0x153/0x700 [ 12.124624] ? __switch_to+0x47/0xf50 [ 12.124648] ? __schedule+0x10cc/0x2b60 [ 12.124669] ? __pfx_read_tsc+0x10/0x10 [ 12.124689] ? ktime_get_ts64+0x86/0x230 [ 12.124711] kunit_try_run_case+0x1a5/0x480 [ 12.124734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.124755] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.124777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.124798] ? __kthread_parkme+0x82/0x180 [ 12.124818] ? preempt_count_sub+0x50/0x80 [ 12.124839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.124868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.124890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.124912] kthread+0x337/0x6f0 [ 12.124929] ? trace_preempt_on+0x20/0xc0 [ 12.124951] ? __pfx_kthread+0x10/0x10 [ 12.124970] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.124989] ? calculate_sigpending+0x7b/0xa0 [ 12.125022] ? __pfx_kthread+0x10/0x10 [ 12.125042] ret_from_fork+0x116/0x1d0 [ 12.125059] ? __pfx_kthread+0x10/0x10 [ 12.125077] ret_from_fork_asm+0x1a/0x30 [ 12.125107] </TASK> [ 12.125116] [ 12.133391] Allocated by task 181: [ 12.133619] kasan_save_stack+0x45/0x70 [ 12.133842] kasan_save_track+0x18/0x40 [ 12.134307] kasan_save_alloc_info+0x3b/0x50 [ 12.134537] __kasan_kmalloc+0xb7/0xc0 [ 12.134749] __kmalloc_cache_noprof+0x189/0x420 [ 12.134942] krealloc_uaf+0xbb/0x5e0 [ 12.135266] kunit_try_run_case+0x1a5/0x480 [ 12.135450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.135704] kthread+0x337/0x6f0 [ 12.135833] ret_from_fork+0x116/0x1d0 [ 12.135972] ret_from_fork_asm+0x1a/0x30 [ 12.136258] [ 12.136358] Freed by task 181: [ 12.136543] kasan_save_stack+0x45/0x70 [ 12.136737] kasan_save_track+0x18/0x40 [ 12.136909] kasan_save_free_info+0x3f/0x60 [ 12.137179] __kasan_slab_free+0x56/0x70 [ 12.137389] kfree+0x222/0x3f0 [ 12.137562] krealloc_uaf+0x13d/0x5e0 [ 12.137740] kunit_try_run_case+0x1a5/0x480 [ 12.137919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.138438] kthread+0x337/0x6f0 [ 12.138596] ret_from_fork+0x116/0x1d0 [ 12.138776] ret_from_fork_asm+0x1a/0x30 [ 12.138920] [ 12.139120] The buggy address belongs to the object at ffff888100348c00 [ 12.139120] which belongs to the cache kmalloc-256 of size 256 [ 12.139657] The buggy address is located 0 bytes inside of [ 12.139657] freed 256-byte region [ffff888100348c00, ffff888100348d00) [ 12.140259] [ 12.140358] The buggy address belongs to the physical page: [ 12.140613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 12.140864] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.141234] flags: 0x200000000000040(head|node=0|zone=2) [ 12.141518] page_type: f5(slab) [ 12.141689] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.142247] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.142626] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.142939] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.143352] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 12.143690] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.143920] page dumped because: kasan: bad access detected [ 12.144222] [ 12.144318] Memory state around the buggy address: [ 12.144568] ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.144890] ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.145211] >ffff888100348c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.145562] ^ [ 12.145728] ffff888100348c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.146275] ffff888100348d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.146561] ================================================================== [ 12.097001] ================================================================== [ 12.097504] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.097798] Read of size 1 at addr ffff888100348c00 by task kunit_try_catch/181 [ 12.098104] [ 12.098225] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.098273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.098284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.098306] Call Trace: [ 12.098320] <TASK> [ 12.098338] dump_stack_lvl+0x73/0xb0 [ 12.098369] print_report+0xd1/0x610 [ 12.098391] ? __virt_addr_valid+0x1db/0x2d0 [ 12.098415] ? krealloc_uaf+0x1b8/0x5e0 [ 12.098434] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.098455] ? krealloc_uaf+0x1b8/0x5e0 [ 12.098475] kasan_report+0x141/0x180 [ 12.098495] ? krealloc_uaf+0x1b8/0x5e0 [ 12.098518] ? krealloc_uaf+0x1b8/0x5e0 [ 12.098538] __kasan_check_byte+0x3d/0x50 [ 12.098558] krealloc_noprof+0x3f/0x340 [ 12.098580] krealloc_uaf+0x1b8/0x5e0 [ 12.098600] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.098620] ? finish_task_switch.isra.0+0x153/0x700 [ 12.098642] ? __switch_to+0x47/0xf50 [ 12.098667] ? __schedule+0x10cc/0x2b60 [ 12.098689] ? __pfx_read_tsc+0x10/0x10 [ 12.098709] ? ktime_get_ts64+0x86/0x230 [ 12.098732] kunit_try_run_case+0x1a5/0x480 [ 12.098758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.098778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.098801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.098823] ? __kthread_parkme+0x82/0x180 [ 12.098843] ? preempt_count_sub+0x50/0x80 [ 12.098864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.098886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.098908] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.098930] kthread+0x337/0x6f0 [ 12.098948] ? trace_preempt_on+0x20/0xc0 [ 12.098971] ? __pfx_kthread+0x10/0x10 [ 12.098990] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.099105] ? calculate_sigpending+0x7b/0xa0 [ 12.099134] ? __pfx_kthread+0x10/0x10 [ 12.099155] ret_from_fork+0x116/0x1d0 [ 12.099174] ? __pfx_kthread+0x10/0x10 [ 12.099193] ret_from_fork_asm+0x1a/0x30 [ 12.099224] </TASK> [ 12.099233] [ 12.107280] Allocated by task 181: [ 12.107448] kasan_save_stack+0x45/0x70 [ 12.107691] kasan_save_track+0x18/0x40 [ 12.107843] kasan_save_alloc_info+0x3b/0x50 [ 12.108163] __kasan_kmalloc+0xb7/0xc0 [ 12.108346] __kmalloc_cache_noprof+0x189/0x420 [ 12.108566] krealloc_uaf+0xbb/0x5e0 [ 12.108753] kunit_try_run_case+0x1a5/0x480 [ 12.108929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.109237] kthread+0x337/0x6f0 [ 12.109384] ret_from_fork+0x116/0x1d0 [ 12.109579] ret_from_fork_asm+0x1a/0x30 [ 12.109754] [ 12.109875] Freed by task 181: [ 12.110101] kasan_save_stack+0x45/0x70 [ 12.110288] kasan_save_track+0x18/0x40 [ 12.110482] kasan_save_free_info+0x3f/0x60 [ 12.110671] __kasan_slab_free+0x56/0x70 [ 12.110843] kfree+0x222/0x3f0 [ 12.111202] krealloc_uaf+0x13d/0x5e0 [ 12.111395] kunit_try_run_case+0x1a5/0x480 [ 12.111625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.111802] kthread+0x337/0x6f0 [ 12.111923] ret_from_fork+0x116/0x1d0 [ 12.112148] ret_from_fork_asm+0x1a/0x30 [ 12.112314] [ 12.112391] The buggy address belongs to the object at ffff888100348c00 [ 12.112391] which belongs to the cache kmalloc-256 of size 256 [ 12.113112] The buggy address is located 0 bytes inside of [ 12.113112] freed 256-byte region [ffff888100348c00, ffff888100348d00) [ 12.113675] [ 12.113765] The buggy address belongs to the physical page: [ 12.113942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 12.114273] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.114605] flags: 0x200000000000040(head|node=0|zone=2) [ 12.114868] page_type: f5(slab) [ 12.115354] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.115733] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.116173] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.116545] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.116895] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 12.117300] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.117564] page dumped because: kasan: bad access detected [ 12.117735] [ 12.117829] Memory state around the buggy address: [ 12.118131] ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.118474] ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.118761] >ffff888100348c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.119322] ^ [ 12.119516] ffff888100348c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.119809] ffff888100348d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.120194] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 11.750940] ================================================================== [ 11.751909] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.753675] Write of size 1 at addr ffff888100348ac9 by task kunit_try_catch/175 [ 11.754343] [ 11.754449] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.754501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.754512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.754535] Call Trace: [ 11.754550] <TASK> [ 11.754570] dump_stack_lvl+0x73/0xb0 [ 11.754608] print_report+0xd1/0x610 [ 11.754631] ? __virt_addr_valid+0x1db/0x2d0 [ 11.754655] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.754679] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.754701] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.754725] kasan_report+0x141/0x180 [ 11.754746] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.754774] __asan_report_store1_noabort+0x1b/0x30 [ 11.754800] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.754825] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.754849] ? finish_task_switch.isra.0+0x153/0x700 [ 11.754873] ? __switch_to+0x47/0xf50 [ 11.754898] ? __schedule+0x10cc/0x2b60 [ 11.754920] ? __pfx_read_tsc+0x10/0x10 [ 11.754944] krealloc_less_oob+0x1c/0x30 [ 11.754965] kunit_try_run_case+0x1a5/0x480 [ 11.754990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.755475] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.755511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.755535] ? __kthread_parkme+0x82/0x180 [ 11.755557] ? preempt_count_sub+0x50/0x80 [ 11.755580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.755604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.755628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.755651] kthread+0x337/0x6f0 [ 11.755669] ? trace_preempt_on+0x20/0xc0 [ 11.755692] ? __pfx_kthread+0x10/0x10 [ 11.755712] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.755733] ? calculate_sigpending+0x7b/0xa0 [ 11.755758] ? __pfx_kthread+0x10/0x10 [ 11.755779] ret_from_fork+0x116/0x1d0 [ 11.755798] ? __pfx_kthread+0x10/0x10 [ 11.755817] ret_from_fork_asm+0x1a/0x30 [ 11.755848] </TASK> [ 11.755859] [ 11.771368] Allocated by task 175: [ 11.771602] kasan_save_stack+0x45/0x70 [ 11.771809] kasan_save_track+0x18/0x40 [ 11.772070] kasan_save_alloc_info+0x3b/0x50 [ 11.772245] __kasan_krealloc+0x190/0x1f0 [ 11.772477] krealloc_noprof+0xf3/0x340 [ 11.772624] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.772817] krealloc_less_oob+0x1c/0x30 [ 11.773101] kunit_try_run_case+0x1a5/0x480 [ 11.773323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.773567] kthread+0x337/0x6f0 [ 11.773715] ret_from_fork+0x116/0x1d0 [ 11.773870] ret_from_fork_asm+0x1a/0x30 [ 11.774221] [ 11.774320] The buggy address belongs to the object at ffff888100348a00 [ 11.774320] which belongs to the cache kmalloc-256 of size 256 [ 11.774832] The buggy address is located 0 bytes to the right of [ 11.774832] allocated 201-byte region [ffff888100348a00, ffff888100348ac9) [ 11.775341] [ 11.775419] The buggy address belongs to the physical page: [ 11.775689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 11.776119] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.776470] flags: 0x200000000000040(head|node=0|zone=2) [ 11.776679] page_type: f5(slab) [ 11.776805] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.777214] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.777578] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.777914] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.778279] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 11.778622] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.778919] page dumped because: kasan: bad access detected [ 11.779264] [ 11.779362] Memory state around the buggy address: [ 11.779544] ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.779764] ffff888100348a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.780156] >ffff888100348a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.780497] ^ [ 11.780723] ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.780945] ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.781346] ================================================================== [ 12.040162] ================================================================== [ 12.040399] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.040653] Write of size 1 at addr ffff8881028520ea by task kunit_try_catch/179 [ 12.040883] [ 12.040975] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.041048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.041059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.041080] Call Trace: [ 12.041100] <TASK> [ 12.041119] dump_stack_lvl+0x73/0xb0 [ 12.041148] print_report+0xd1/0x610 [ 12.041170] ? __virt_addr_valid+0x1db/0x2d0 [ 12.041605] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.041631] ? kasan_addr_to_slab+0x11/0xa0 [ 12.041653] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.041677] kasan_report+0x141/0x180 [ 12.041699] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.041727] __asan_report_store1_noabort+0x1b/0x30 [ 12.041752] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.041777] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.041801] ? finish_task_switch.isra.0+0x153/0x700 [ 12.041824] ? __switch_to+0x47/0xf50 [ 12.041849] ? __schedule+0x10cc/0x2b60 [ 12.041872] ? __pfx_read_tsc+0x10/0x10 [ 12.041895] krealloc_large_less_oob+0x1c/0x30 [ 12.041917] kunit_try_run_case+0x1a5/0x480 [ 12.041942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.041963] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.041987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.042305] ? __kthread_parkme+0x82/0x180 [ 12.042329] ? preempt_count_sub+0x50/0x80 [ 12.042351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.042375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.042399] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.042422] kthread+0x337/0x6f0 [ 12.042441] ? trace_preempt_on+0x20/0xc0 [ 12.042464] ? __pfx_kthread+0x10/0x10 [ 12.042484] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.042505] ? calculate_sigpending+0x7b/0xa0 [ 12.042529] ? __pfx_kthread+0x10/0x10 [ 12.042549] ret_from_fork+0x116/0x1d0 [ 12.042567] ? __pfx_kthread+0x10/0x10 [ 12.042586] ret_from_fork_asm+0x1a/0x30 [ 12.042617] </TASK> [ 12.042626] [ 12.058818] The buggy address belongs to the physical page: [ 12.059349] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102850 [ 12.059797] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.060329] flags: 0x200000000000040(head|node=0|zone=2) [ 12.060834] page_type: f8(unknown) [ 12.061338] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.061672] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.062005] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.062611] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.063097] head: 0200000000000002 ffffea00040a1401 00000000ffffffff 00000000ffffffff [ 12.063567] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.063977] page dumped because: kasan: bad access detected [ 12.064546] [ 12.064635] Memory state around the buggy address: [ 12.064953] ffff888102851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.065252] ffff888102852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.065577] >ffff888102852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.065877] ^ [ 12.066174] ffff888102852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.066471] ffff888102852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.066778] ================================================================== [ 11.784327] ================================================================== [ 11.784795] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.785286] Write of size 1 at addr ffff888100348ad0 by task kunit_try_catch/175 [ 11.786424] [ 11.786615] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.786664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.786675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.786697] Call Trace: [ 11.786711] <TASK> [ 11.786730] dump_stack_lvl+0x73/0xb0 [ 11.786762] print_report+0xd1/0x610 [ 11.786785] ? __virt_addr_valid+0x1db/0x2d0 [ 11.786808] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.786832] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.786854] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.786878] kasan_report+0x141/0x180 [ 11.786899] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.786927] __asan_report_store1_noabort+0x1b/0x30 [ 11.786951] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.786976] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.787000] ? finish_task_switch.isra.0+0x153/0x700 [ 11.787241] ? __switch_to+0x47/0xf50 [ 11.787269] ? __schedule+0x10cc/0x2b60 [ 11.787293] ? __pfx_read_tsc+0x10/0x10 [ 11.787316] krealloc_less_oob+0x1c/0x30 [ 11.787338] kunit_try_run_case+0x1a5/0x480 [ 11.787362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.787384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.787408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.787444] ? __kthread_parkme+0x82/0x180 [ 11.787465] ? preempt_count_sub+0x50/0x80 [ 11.787487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.787510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.787533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.787557] kthread+0x337/0x6f0 [ 11.787576] ? trace_preempt_on+0x20/0xc0 [ 11.787598] ? __pfx_kthread+0x10/0x10 [ 11.787618] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.787638] ? calculate_sigpending+0x7b/0xa0 [ 11.787662] ? __pfx_kthread+0x10/0x10 [ 11.787682] ret_from_fork+0x116/0x1d0 [ 11.787700] ? __pfx_kthread+0x10/0x10 [ 11.787720] ret_from_fork_asm+0x1a/0x30 [ 11.787749] </TASK> [ 11.787759] [ 11.803861] Allocated by task 175: [ 11.804555] kasan_save_stack+0x45/0x70 [ 11.805345] kasan_save_track+0x18/0x40 [ 11.805920] kasan_save_alloc_info+0x3b/0x50 [ 11.806564] __kasan_krealloc+0x190/0x1f0 [ 11.807201] krealloc_noprof+0xf3/0x340 [ 11.807644] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.807832] krealloc_less_oob+0x1c/0x30 [ 11.807975] kunit_try_run_case+0x1a5/0x480 [ 11.808684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.809525] kthread+0x337/0x6f0 [ 11.809980] ret_from_fork+0x116/0x1d0 [ 11.810510] ret_from_fork_asm+0x1a/0x30 [ 11.810663] [ 11.810740] The buggy address belongs to the object at ffff888100348a00 [ 11.810740] which belongs to the cache kmalloc-256 of size 256 [ 11.811749] The buggy address is located 7 bytes to the right of [ 11.811749] allocated 201-byte region [ffff888100348a00, ffff888100348ac9) [ 11.813385] [ 11.813728] The buggy address belongs to the physical page: [ 11.814654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 11.815423] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.815929] flags: 0x200000000000040(head|node=0|zone=2) [ 11.816150] page_type: f5(slab) [ 11.816448] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.817142] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.817901] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.818638] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.819041] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 11.819664] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.819898] page dumped because: kasan: bad access detected [ 11.820114] [ 11.820188] Memory state around the buggy address: [ 11.820345] ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.820607] ffff888100348a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.820823] >ffff888100348a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.821076] ^ [ 11.821267] ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.821488] ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.821746] ================================================================== [ 11.972633] ================================================================== [ 11.973374] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.974336] Write of size 1 at addr ffff8881028520d0 by task kunit_try_catch/179 [ 11.975017] [ 11.975241] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.975300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.975312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.975332] Call Trace: [ 11.975351] <TASK> [ 11.975370] dump_stack_lvl+0x73/0xb0 [ 11.975400] print_report+0xd1/0x610 [ 11.975422] ? __virt_addr_valid+0x1db/0x2d0 [ 11.975456] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.975480] ? kasan_addr_to_slab+0x11/0xa0 [ 11.975500] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.975551] kasan_report+0x141/0x180 [ 11.975573] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.975601] __asan_report_store1_noabort+0x1b/0x30 [ 11.975637] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.975663] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.975687] ? finish_task_switch.isra.0+0x153/0x700 [ 11.975709] ? __switch_to+0x47/0xf50 [ 11.975734] ? __schedule+0x10cc/0x2b60 [ 11.975756] ? __pfx_read_tsc+0x10/0x10 [ 11.975780] krealloc_large_less_oob+0x1c/0x30 [ 11.975803] kunit_try_run_case+0x1a5/0x480 [ 11.975827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.975848] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.975872] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.975895] ? __kthread_parkme+0x82/0x180 [ 11.975915] ? preempt_count_sub+0x50/0x80 [ 11.975938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.975961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.975984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.976017] kthread+0x337/0x6f0 [ 11.976036] ? trace_preempt_on+0x20/0xc0 [ 11.976058] ? __pfx_kthread+0x10/0x10 [ 11.976078] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.976098] ? calculate_sigpending+0x7b/0xa0 [ 11.976122] ? __pfx_kthread+0x10/0x10 [ 11.976143] ret_from_fork+0x116/0x1d0 [ 11.976161] ? __pfx_kthread+0x10/0x10 [ 11.976180] ret_from_fork_asm+0x1a/0x30 [ 11.976211] </TASK> [ 11.976220] [ 11.993149] The buggy address belongs to the physical page: [ 11.993638] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102850 [ 11.994024] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.994604] flags: 0x200000000000040(head|node=0|zone=2) [ 11.994792] page_type: f8(unknown) [ 11.994922] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.995738] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.996696] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.997758] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.998788] head: 0200000000000002 ffffea00040a1401 00000000ffffffff 00000000ffffffff [ 11.999507] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.000307] page dumped because: kasan: bad access detected [ 12.000662] [ 12.001056] Memory state around the buggy address: [ 12.001649] ffff888102851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.001879] ffff888102852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.002601] >ffff888102852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.003467] ^ [ 12.004431] ffff888102852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.004822] ffff888102852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.005408] ================================================================== [ 12.006670] ================================================================== [ 12.007725] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.007991] Write of size 1 at addr ffff8881028520da by task kunit_try_catch/179 [ 12.008231] [ 12.008323] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.008369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.008380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.008401] Call Trace: [ 12.008413] <TASK> [ 12.008431] dump_stack_lvl+0x73/0xb0 [ 12.008459] print_report+0xd1/0x610 [ 12.008481] ? __virt_addr_valid+0x1db/0x2d0 [ 12.008505] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.008528] ? kasan_addr_to_slab+0x11/0xa0 [ 12.008548] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.008572] kasan_report+0x141/0x180 [ 12.008593] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.008621] __asan_report_store1_noabort+0x1b/0x30 [ 12.008645] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.008983] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.009058] ? finish_task_switch.isra.0+0x153/0x700 [ 12.009084] ? __switch_to+0x47/0xf50 [ 12.009110] ? __schedule+0x10cc/0x2b60 [ 12.009132] ? __pfx_read_tsc+0x10/0x10 [ 12.009156] krealloc_large_less_oob+0x1c/0x30 [ 12.009178] kunit_try_run_case+0x1a5/0x480 [ 12.009203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.009225] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.009248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.009271] ? __kthread_parkme+0x82/0x180 [ 12.009292] ? preempt_count_sub+0x50/0x80 [ 12.009314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.009337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.009361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.009384] kthread+0x337/0x6f0 [ 12.009402] ? trace_preempt_on+0x20/0xc0 [ 12.009424] ? __pfx_kthread+0x10/0x10 [ 12.009444] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.009464] ? calculate_sigpending+0x7b/0xa0 [ 12.009488] ? __pfx_kthread+0x10/0x10 [ 12.009508] ret_from_fork+0x116/0x1d0 [ 12.009526] ? __pfx_kthread+0x10/0x10 [ 12.009545] ret_from_fork_asm+0x1a/0x30 [ 12.009575] </TASK> [ 12.009584] [ 12.027458] The buggy address belongs to the physical page: [ 12.027965] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102850 [ 12.028803] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.029308] flags: 0x200000000000040(head|node=0|zone=2) [ 12.029901] page_type: f8(unknown) [ 12.030438] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.030975] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.031833] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.032523] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.033398] head: 0200000000000002 ffffea00040a1401 00000000ffffffff 00000000ffffffff [ 12.033912] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.034572] page dumped because: kasan: bad access detected [ 12.035503] [ 12.035583] Memory state around the buggy address: [ 12.035744] ffff888102851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.035965] ffff888102852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.036959] >ffff888102852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.037811] ^ [ 12.038543] ffff888102852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.039280] ffff888102852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.039753] ================================================================== [ 11.822674] ================================================================== [ 11.822983] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.823437] Write of size 1 at addr ffff888100348ada by task kunit_try_catch/175 [ 11.823721] [ 11.823835] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.823880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.823891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.823913] Call Trace: [ 11.823925] <TASK> [ 11.823943] dump_stack_lvl+0x73/0xb0 [ 11.823973] print_report+0xd1/0x610 [ 11.823995] ? __virt_addr_valid+0x1db/0x2d0 [ 11.824031] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.824054] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.824076] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.824100] kasan_report+0x141/0x180 [ 11.824121] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.824173] __asan_report_store1_noabort+0x1b/0x30 [ 11.824198] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.824224] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.824247] ? finish_task_switch.isra.0+0x153/0x700 [ 11.824270] ? __switch_to+0x47/0xf50 [ 11.824295] ? __schedule+0x10cc/0x2b60 [ 11.824316] ? __pfx_read_tsc+0x10/0x10 [ 11.824339] krealloc_less_oob+0x1c/0x30 [ 11.824360] kunit_try_run_case+0x1a5/0x480 [ 11.824384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.824405] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.824429] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.824461] ? __kthread_parkme+0x82/0x180 [ 11.824482] ? preempt_count_sub+0x50/0x80 [ 11.824504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.824527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.824550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.824573] kthread+0x337/0x6f0 [ 11.824591] ? trace_preempt_on+0x20/0xc0 [ 11.824613] ? __pfx_kthread+0x10/0x10 [ 11.824633] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.824654] ? calculate_sigpending+0x7b/0xa0 [ 11.824678] ? __pfx_kthread+0x10/0x10 [ 11.824698] ret_from_fork+0x116/0x1d0 [ 11.824716] ? __pfx_kthread+0x10/0x10 [ 11.824735] ret_from_fork_asm+0x1a/0x30 [ 11.824765] </TASK> [ 11.824775] [ 11.832686] Allocated by task 175: [ 11.833257] kasan_save_stack+0x45/0x70 [ 11.833507] kasan_save_track+0x18/0x40 [ 11.833643] kasan_save_alloc_info+0x3b/0x50 [ 11.833791] __kasan_krealloc+0x190/0x1f0 [ 11.833929] krealloc_noprof+0xf3/0x340 [ 11.834074] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.834331] krealloc_less_oob+0x1c/0x30 [ 11.834521] kunit_try_run_case+0x1a5/0x480 [ 11.834726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.835155] kthread+0x337/0x6f0 [ 11.835338] ret_from_fork+0x116/0x1d0 [ 11.835468] ret_from_fork_asm+0x1a/0x30 [ 11.835606] [ 11.835676] The buggy address belongs to the object at ffff888100348a00 [ 11.835676] which belongs to the cache kmalloc-256 of size 256 [ 11.836399] The buggy address is located 17 bytes to the right of [ 11.836399] allocated 201-byte region [ffff888100348a00, ffff888100348ac9) [ 11.837331] [ 11.837476] The buggy address belongs to the physical page: [ 11.837712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 11.838069] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.838456] flags: 0x200000000000040(head|node=0|zone=2) [ 11.838635] page_type: f5(slab) [ 11.838756] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.838987] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.839227] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.839457] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.839793] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 11.840259] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.840590] page dumped because: kasan: bad access detected [ 11.840833] [ 11.840927] Memory state around the buggy address: [ 11.841302] ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.842450] ffff888100348a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.842680] >ffff888100348a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.842896] ^ [ 11.843422] ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.844557] ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.845131] ================================================================== [ 11.846755] ================================================================== [ 11.847383] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.848110] Write of size 1 at addr ffff888100348aea by task kunit_try_catch/175 [ 11.848550] [ 11.848788] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.848845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.848861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.848881] Call Trace: [ 11.848895] <TASK> [ 11.848913] dump_stack_lvl+0x73/0xb0 [ 11.848945] print_report+0xd1/0x610 [ 11.848967] ? __virt_addr_valid+0x1db/0x2d0 [ 11.848989] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.849025] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.849047] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.849071] kasan_report+0x141/0x180 [ 11.849092] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.849120] __asan_report_store1_noabort+0x1b/0x30 [ 11.849144] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.849170] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.849194] ? finish_task_switch.isra.0+0x153/0x700 [ 11.849217] ? __switch_to+0x47/0xf50 [ 11.849243] ? __schedule+0x10cc/0x2b60 [ 11.849265] ? __pfx_read_tsc+0x10/0x10 [ 11.849288] krealloc_less_oob+0x1c/0x30 [ 11.849309] kunit_try_run_case+0x1a5/0x480 [ 11.849333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.849355] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.849378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.849401] ? __kthread_parkme+0x82/0x180 [ 11.849421] ? preempt_count_sub+0x50/0x80 [ 11.849574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.849599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.849635] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.849659] kthread+0x337/0x6f0 [ 11.849711] ? trace_preempt_on+0x20/0xc0 [ 11.849736] ? __pfx_kthread+0x10/0x10 [ 11.849755] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.849776] ? calculate_sigpending+0x7b/0xa0 [ 11.849800] ? __pfx_kthread+0x10/0x10 [ 11.849820] ret_from_fork+0x116/0x1d0 [ 11.849838] ? __pfx_kthread+0x10/0x10 [ 11.849858] ret_from_fork_asm+0x1a/0x30 [ 11.849889] </TASK> [ 11.849899] [ 11.860936] Allocated by task 175: [ 11.861134] kasan_save_stack+0x45/0x70 [ 11.861329] kasan_save_track+0x18/0x40 [ 11.861961] kasan_save_alloc_info+0x3b/0x50 [ 11.862189] __kasan_krealloc+0x190/0x1f0 [ 11.862373] krealloc_noprof+0xf3/0x340 [ 11.862954] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.863255] krealloc_less_oob+0x1c/0x30 [ 11.863618] kunit_try_run_case+0x1a5/0x480 [ 11.863812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.864048] kthread+0x337/0x6f0 [ 11.864204] ret_from_fork+0x116/0x1d0 [ 11.864383] ret_from_fork_asm+0x1a/0x30 [ 11.865000] [ 11.865255] The buggy address belongs to the object at ffff888100348a00 [ 11.865255] which belongs to the cache kmalloc-256 of size 256 [ 11.866177] The buggy address is located 33 bytes to the right of [ 11.866177] allocated 201-byte region [ffff888100348a00, ffff888100348ac9) [ 11.867228] [ 11.867511] The buggy address belongs to the physical page: [ 11.867949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 11.868293] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.868963] flags: 0x200000000000040(head|node=0|zone=2) [ 11.869442] page_type: f5(slab) [ 11.869748] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.870234] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.870886] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.871349] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.871851] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 11.872183] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.872808] page dumped because: kasan: bad access detected [ 11.873288] [ 11.873403] Memory state around the buggy address: [ 11.873771] ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.874077] ffff888100348a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.874358] >ffff888100348a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.875233] ^ [ 11.875742] ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.876324] ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.876877] ================================================================== [ 11.877627] ================================================================== [ 11.878425] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.878765] Write of size 1 at addr ffff888100348aeb by task kunit_try_catch/175 [ 11.879082] [ 11.879195] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.879241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.879252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.879273] Call Trace: [ 11.879292] <TASK> [ 11.879310] dump_stack_lvl+0x73/0xb0 [ 11.879340] print_report+0xd1/0x610 [ 11.879362] ? __virt_addr_valid+0x1db/0x2d0 [ 11.879384] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.879408] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.879878] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.879909] kasan_report+0x141/0x180 [ 11.879946] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.879975] __asan_report_store1_noabort+0x1b/0x30 [ 11.880005] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.880039] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.880063] ? finish_task_switch.isra.0+0x153/0x700 [ 11.880087] ? __switch_to+0x47/0xf50 [ 11.880112] ? __schedule+0x10cc/0x2b60 [ 11.880134] ? __pfx_read_tsc+0x10/0x10 [ 11.880157] krealloc_less_oob+0x1c/0x30 [ 11.880178] kunit_try_run_case+0x1a5/0x480 [ 11.880202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.880224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.880248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.880270] ? __kthread_parkme+0x82/0x180 [ 11.880291] ? preempt_count_sub+0x50/0x80 [ 11.880313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.880336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.880359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.880383] kthread+0x337/0x6f0 [ 11.880401] ? trace_preempt_on+0x20/0xc0 [ 11.880423] ? __pfx_kthread+0x10/0x10 [ 11.880667] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.880690] ? calculate_sigpending+0x7b/0xa0 [ 11.880714] ? __pfx_kthread+0x10/0x10 [ 11.880734] ret_from_fork+0x116/0x1d0 [ 11.880753] ? __pfx_kthread+0x10/0x10 [ 11.880774] ret_from_fork_asm+0x1a/0x30 [ 11.880805] </TASK> [ 11.880815] [ 11.891328] Allocated by task 175: [ 11.891802] kasan_save_stack+0x45/0x70 [ 11.892084] kasan_save_track+0x18/0x40 [ 11.892412] kasan_save_alloc_info+0x3b/0x50 [ 11.892631] __kasan_krealloc+0x190/0x1f0 [ 11.892818] krealloc_noprof+0xf3/0x340 [ 11.892995] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.893170] krealloc_less_oob+0x1c/0x30 [ 11.893308] kunit_try_run_case+0x1a5/0x480 [ 11.893574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.893830] kthread+0x337/0x6f0 [ 11.894025] ret_from_fork+0x116/0x1d0 [ 11.894253] ret_from_fork_asm+0x1a/0x30 [ 11.894427] [ 11.894501] The buggy address belongs to the object at ffff888100348a00 [ 11.894501] which belongs to the cache kmalloc-256 of size 256 [ 11.894995] The buggy address is located 34 bytes to the right of [ 11.894995] allocated 201-byte region [ffff888100348a00, ffff888100348ac9) [ 11.895504] [ 11.895603] The buggy address belongs to the physical page: [ 11.895870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 11.896229] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.896609] flags: 0x200000000000040(head|node=0|zone=2) [ 11.896850] page_type: f5(slab) [ 11.897020] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.897327] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.897743] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.898056] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.898280] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 11.898604] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.898942] page dumped because: kasan: bad access detected [ 11.899118] [ 11.899185] Memory state around the buggy address: [ 11.899549] ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.899868] ffff888100348a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.900172] >ffff888100348a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.900407] ^ [ 11.900709] ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.900986] ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.901244] ================================================================== [ 11.944777] ================================================================== [ 11.945970] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.946258] Write of size 1 at addr ffff8881028520c9 by task kunit_try_catch/179 [ 11.946971] [ 11.947389] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.947469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.947481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.947505] Call Trace: [ 11.947518] <TASK> [ 11.947536] dump_stack_lvl+0x73/0xb0 [ 11.947569] print_report+0xd1/0x610 [ 11.947592] ? __virt_addr_valid+0x1db/0x2d0 [ 11.947617] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.947640] ? kasan_addr_to_slab+0x11/0xa0 [ 11.947660] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.947684] kasan_report+0x141/0x180 [ 11.947704] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.947732] __asan_report_store1_noabort+0x1b/0x30 [ 11.947756] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.947781] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.947804] ? finish_task_switch.isra.0+0x153/0x700 [ 11.947828] ? __switch_to+0x47/0xf50 [ 11.947854] ? __schedule+0x10cc/0x2b60 [ 11.947876] ? __pfx_read_tsc+0x10/0x10 [ 11.947901] krealloc_large_less_oob+0x1c/0x30 [ 11.947923] kunit_try_run_case+0x1a5/0x480 [ 11.947949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.947971] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.948004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.948040] ? __kthread_parkme+0x82/0x180 [ 11.948061] ? preempt_count_sub+0x50/0x80 [ 11.948083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.948106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.948129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.948153] kthread+0x337/0x6f0 [ 11.948171] ? trace_preempt_on+0x20/0xc0 [ 11.948195] ? __pfx_kthread+0x10/0x10 [ 11.948215] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.948236] ? calculate_sigpending+0x7b/0xa0 [ 11.948260] ? __pfx_kthread+0x10/0x10 [ 11.948281] ret_from_fork+0x116/0x1d0 [ 11.948299] ? __pfx_kthread+0x10/0x10 [ 11.948318] ret_from_fork_asm+0x1a/0x30 [ 11.948348] </TASK> [ 11.948360] [ 11.963576] The buggy address belongs to the physical page: [ 11.964142] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102850 [ 11.964864] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.965656] flags: 0x200000000000040(head|node=0|zone=2) [ 11.966262] page_type: f8(unknown) [ 11.966679] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.966911] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.967160] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.967391] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.967621] head: 0200000000000002 ffffea00040a1401 00000000ffffffff 00000000ffffffff [ 11.967852] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.968094] page dumped because: kasan: bad access detected [ 11.968269] [ 11.968338] Memory state around the buggy address: [ 11.968496] ffff888102851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.968713] ffff888102852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.968933] >ffff888102852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.969589] ^ [ 11.970141] ffff888102852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.970961] ffff888102852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.971720] ================================================================== [ 12.068171] ================================================================== [ 12.068621] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.069475] Write of size 1 at addr ffff8881028520eb by task kunit_try_catch/179 [ 12.069908] [ 12.070297] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.070350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.070361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.070382] Call Trace: [ 12.070402] <TASK> [ 12.070448] dump_stack_lvl+0x73/0xb0 [ 12.070481] print_report+0xd1/0x610 [ 12.070505] ? __virt_addr_valid+0x1db/0x2d0 [ 12.070529] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.070553] ? kasan_addr_to_slab+0x11/0xa0 [ 12.070573] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.070596] kasan_report+0x141/0x180 [ 12.070617] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.070646] __asan_report_store1_noabort+0x1b/0x30 [ 12.070670] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.070696] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.070720] ? finish_task_switch.isra.0+0x153/0x700 [ 12.070742] ? __switch_to+0x47/0xf50 [ 12.070767] ? __schedule+0x10cc/0x2b60 [ 12.070789] ? __pfx_read_tsc+0x10/0x10 [ 12.070813] krealloc_large_less_oob+0x1c/0x30 [ 12.070836] kunit_try_run_case+0x1a5/0x480 [ 12.070860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.070881] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.070905] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.070928] ? __kthread_parkme+0x82/0x180 [ 12.070948] ? preempt_count_sub+0x50/0x80 [ 12.070971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.071024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.071069] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.071093] kthread+0x337/0x6f0 [ 12.071111] ? trace_preempt_on+0x20/0xc0 [ 12.071135] ? __pfx_kthread+0x10/0x10 [ 12.071155] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.071176] ? calculate_sigpending+0x7b/0xa0 [ 12.071200] ? __pfx_kthread+0x10/0x10 [ 12.071220] ret_from_fork+0x116/0x1d0 [ 12.071239] ? __pfx_kthread+0x10/0x10 [ 12.071258] ret_from_fork_asm+0x1a/0x30 [ 12.071290] </TASK> [ 12.071299] [ 12.085469] The buggy address belongs to the physical page: [ 12.085966] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102850 [ 12.086741] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.087213] flags: 0x200000000000040(head|node=0|zone=2) [ 12.087722] page_type: f8(unknown) [ 12.088076] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.088328] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.088567] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.088802] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.089071] head: 0200000000000002 ffffea00040a1401 00000000ffffffff 00000000ffffffff [ 12.089451] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.089766] page dumped because: kasan: bad access detected [ 12.089967] [ 12.090142] Memory state around the buggy address: [ 12.090329] ffff888102851f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.090636] ffff888102852000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.090917] >ffff888102852080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.091536] ^ [ 12.091852] ffff888102852100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.092223] ffff888102852180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.092554] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 11.921960] ================================================================== [ 11.922295] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.922619] Write of size 1 at addr ffff888102a060f0 by task kunit_try_catch/177 [ 11.922842] [ 11.922928] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.922971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.922982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.923003] Call Trace: [ 11.923026] <TASK> [ 11.923043] dump_stack_lvl+0x73/0xb0 [ 11.923071] print_report+0xd1/0x610 [ 11.923104] ? __virt_addr_valid+0x1db/0x2d0 [ 11.923126] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.923149] ? kasan_addr_to_slab+0x11/0xa0 [ 11.923169] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.923192] kasan_report+0x141/0x180 [ 11.923213] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.923241] __asan_report_store1_noabort+0x1b/0x30 [ 11.923266] krealloc_more_oob_helper+0x7eb/0x930 [ 11.923288] ? __schedule+0x10cc/0x2b60 [ 11.923309] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.923333] ? finish_task_switch.isra.0+0x153/0x700 [ 11.923355] ? __switch_to+0x47/0xf50 [ 11.923380] ? __schedule+0x10cc/0x2b60 [ 11.923400] ? __pfx_read_tsc+0x10/0x10 [ 11.923435] krealloc_large_more_oob+0x1c/0x30 [ 11.923464] kunit_try_run_case+0x1a5/0x480 [ 11.923488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.923553] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.923576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.923599] ? __kthread_parkme+0x82/0x180 [ 11.923619] ? preempt_count_sub+0x50/0x80 [ 11.923642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.923664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.923689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.923713] kthread+0x337/0x6f0 [ 11.923731] ? trace_preempt_on+0x20/0xc0 [ 11.923754] ? __pfx_kthread+0x10/0x10 [ 11.923783] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.923804] ? calculate_sigpending+0x7b/0xa0 [ 11.923828] ? __pfx_kthread+0x10/0x10 [ 11.923854] ret_from_fork+0x116/0x1d0 [ 11.923873] ? __pfx_kthread+0x10/0x10 [ 11.923892] ret_from_fork_asm+0x1a/0x30 [ 11.923922] </TASK> [ 11.923931] [ 11.932971] The buggy address belongs to the physical page: [ 11.933174] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04 [ 11.933421] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.934067] flags: 0x200000000000040(head|node=0|zone=2) [ 11.934627] page_type: f8(unknown) [ 11.934808] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.935215] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.935767] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.937572] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.937819] head: 0200000000000002 ffffea00040a8101 00000000ffffffff 00000000ffffffff [ 11.938065] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.938301] page dumped because: kasan: bad access detected [ 11.938890] [ 11.939164] Memory state around the buggy address: [ 11.939419] ffff888102a05f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.939710] ffff888102a06000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.940000] >ffff888102a06080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.940234] ^ [ 11.940563] ffff888102a06100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.940983] ffff888102a06180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.941267] ================================================================== [ 11.703718] ================================================================== [ 11.704231] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.704606] Write of size 1 at addr ffff8881003488eb by task kunit_try_catch/173 [ 11.705138] [ 11.705242] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.705292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.705303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.705325] Call Trace: [ 11.705336] <TASK> [ 11.705354] dump_stack_lvl+0x73/0xb0 [ 11.705388] print_report+0xd1/0x610 [ 11.705411] ? __virt_addr_valid+0x1db/0x2d0 [ 11.705435] ? krealloc_more_oob_helper+0x821/0x930 [ 11.705577] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.705601] ? krealloc_more_oob_helper+0x821/0x930 [ 11.705624] kasan_report+0x141/0x180 [ 11.705646] ? krealloc_more_oob_helper+0x821/0x930 [ 11.705674] __asan_report_store1_noabort+0x1b/0x30 [ 11.705698] krealloc_more_oob_helper+0x821/0x930 [ 11.705720] ? __schedule+0x10cc/0x2b60 [ 11.705742] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.705766] ? finish_task_switch.isra.0+0x153/0x700 [ 11.705789] ? __switch_to+0x47/0xf50 [ 11.705815] ? __schedule+0x10cc/0x2b60 [ 11.705835] ? __pfx_read_tsc+0x10/0x10 [ 11.705859] krealloc_more_oob+0x1c/0x30 [ 11.705880] kunit_try_run_case+0x1a5/0x480 [ 11.705905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.705926] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.705950] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.705973] ? __kthread_parkme+0x82/0x180 [ 11.705996] ? preempt_count_sub+0x50/0x80 [ 11.706043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.706066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.706091] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.706116] kthread+0x337/0x6f0 [ 11.706135] ? trace_preempt_on+0x20/0xc0 [ 11.706158] ? __pfx_kthread+0x10/0x10 [ 11.706177] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.706198] ? calculate_sigpending+0x7b/0xa0 [ 11.706223] ? __pfx_kthread+0x10/0x10 [ 11.706243] ret_from_fork+0x116/0x1d0 [ 11.706261] ? __pfx_kthread+0x10/0x10 [ 11.706281] ret_from_fork_asm+0x1a/0x30 [ 11.706312] </TASK> [ 11.706322] [ 11.713904] Allocated by task 173: [ 11.714110] kasan_save_stack+0x45/0x70 [ 11.714269] kasan_save_track+0x18/0x40 [ 11.714403] kasan_save_alloc_info+0x3b/0x50 [ 11.714625] __kasan_krealloc+0x190/0x1f0 [ 11.714827] krealloc_noprof+0xf3/0x340 [ 11.715030] krealloc_more_oob_helper+0x1a9/0x930 [ 11.715260] krealloc_more_oob+0x1c/0x30 [ 11.715463] kunit_try_run_case+0x1a5/0x480 [ 11.715630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.715870] kthread+0x337/0x6f0 [ 11.715998] ret_from_fork+0x116/0x1d0 [ 11.716143] ret_from_fork_asm+0x1a/0x30 [ 11.716287] [ 11.716387] The buggy address belongs to the object at ffff888100348800 [ 11.716387] which belongs to the cache kmalloc-256 of size 256 [ 11.716948] The buggy address is located 0 bytes to the right of [ 11.716948] allocated 235-byte region [ffff888100348800, ffff8881003488eb) [ 11.717344] [ 11.717419] The buggy address belongs to the physical page: [ 11.717840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 11.718198] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.718622] flags: 0x200000000000040(head|node=0|zone=2) [ 11.718803] page_type: f5(slab) [ 11.718929] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.719289] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.719694] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.719962] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.720313] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 11.720625] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.720925] page dumped because: kasan: bad access detected [ 11.721145] [ 11.721238] Memory state around the buggy address: [ 11.721444] ffff888100348780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.721701] ffff888100348800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.721916] >ffff888100348880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.722196] ^ [ 11.722493] ffff888100348900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.722805] ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.723173] ================================================================== [ 11.905470] ================================================================== [ 11.905946] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.906306] Write of size 1 at addr ffff888102a060eb by task kunit_try_catch/177 [ 11.906677] [ 11.906793] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.906840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.906851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.906883] Call Trace: [ 11.906896] <TASK> [ 11.906914] dump_stack_lvl+0x73/0xb0 [ 11.906957] print_report+0xd1/0x610 [ 11.906980] ? __virt_addr_valid+0x1db/0x2d0 [ 11.907004] ? krealloc_more_oob_helper+0x821/0x930 [ 11.907040] ? kasan_addr_to_slab+0x11/0xa0 [ 11.907060] ? krealloc_more_oob_helper+0x821/0x930 [ 11.907083] kasan_report+0x141/0x180 [ 11.907114] ? krealloc_more_oob_helper+0x821/0x930 [ 11.907141] __asan_report_store1_noabort+0x1b/0x30 [ 11.907166] krealloc_more_oob_helper+0x821/0x930 [ 11.907199] ? __schedule+0x10cc/0x2b60 [ 11.907221] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.907246] ? finish_task_switch.isra.0+0x153/0x700 [ 11.907268] ? __switch_to+0x47/0xf50 [ 11.907302] ? __schedule+0x10cc/0x2b60 [ 11.907322] ? __pfx_read_tsc+0x10/0x10 [ 11.907356] krealloc_large_more_oob+0x1c/0x30 [ 11.907379] kunit_try_run_case+0x1a5/0x480 [ 11.907403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.907424] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.907461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.907485] ? __kthread_parkme+0x82/0x180 [ 11.907505] ? preempt_count_sub+0x50/0x80 [ 11.907527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.907550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.907573] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.907596] kthread+0x337/0x6f0 [ 11.907614] ? trace_preempt_on+0x20/0xc0 [ 11.907646] ? __pfx_kthread+0x10/0x10 [ 11.907665] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.907686] ? calculate_sigpending+0x7b/0xa0 [ 11.907720] ? __pfx_kthread+0x10/0x10 [ 11.907740] ret_from_fork+0x116/0x1d0 [ 11.907759] ? __pfx_kthread+0x10/0x10 [ 11.907778] ret_from_fork_asm+0x1a/0x30 [ 11.907807] </TASK> [ 11.907818] [ 11.915336] The buggy address belongs to the physical page: [ 11.915606] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04 [ 11.915944] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.916175] flags: 0x200000000000040(head|node=0|zone=2) [ 11.916383] page_type: f8(unknown) [ 11.916709] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.917067] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.917291] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.917745] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.918099] head: 0200000000000002 ffffea00040a8101 00000000ffffffff 00000000ffffffff [ 11.918400] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.918733] page dumped because: kasan: bad access detected [ 11.918910] [ 11.918990] Memory state around the buggy address: [ 11.919225] ffff888102a05f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.919684] ffff888102a06000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.919983] >ffff888102a06080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.920247] ^ [ 11.920549] ffff888102a06100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.920834] ffff888102a06180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.921157] ================================================================== [ 11.725343] ================================================================== [ 11.725891] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.726325] Write of size 1 at addr ffff8881003488f0 by task kunit_try_catch/173 [ 11.726598] [ 11.726715] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.726762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.726773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.726796] Call Trace: [ 11.726812] <TASK> [ 11.726832] dump_stack_lvl+0x73/0xb0 [ 11.726864] print_report+0xd1/0x610 [ 11.726888] ? __virt_addr_valid+0x1db/0x2d0 [ 11.726913] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.726936] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.726958] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.726981] kasan_report+0x141/0x180 [ 11.727002] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.727044] __asan_report_store1_noabort+0x1b/0x30 [ 11.727069] krealloc_more_oob_helper+0x7eb/0x930 [ 11.727091] ? __schedule+0x10cc/0x2b60 [ 11.727114] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.727138] ? finish_task_switch.isra.0+0x153/0x700 [ 11.727163] ? __switch_to+0x47/0xf50 [ 11.727189] ? __schedule+0x10cc/0x2b60 [ 11.727209] ? __pfx_read_tsc+0x10/0x10 [ 11.727249] krealloc_more_oob+0x1c/0x30 [ 11.727270] kunit_try_run_case+0x1a5/0x480 [ 11.727297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.727318] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.727343] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.727366] ? __kthread_parkme+0x82/0x180 [ 11.727387] ? preempt_count_sub+0x50/0x80 [ 11.727410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.727433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.727456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.727479] kthread+0x337/0x6f0 [ 11.727498] ? trace_preempt_on+0x20/0xc0 [ 11.727522] ? __pfx_kthread+0x10/0x10 [ 11.727541] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.727562] ? calculate_sigpending+0x7b/0xa0 [ 11.727586] ? __pfx_kthread+0x10/0x10 [ 11.727607] ret_from_fork+0x116/0x1d0 [ 11.727625] ? __pfx_kthread+0x10/0x10 [ 11.727644] ret_from_fork_asm+0x1a/0x30 [ 11.727675] </TASK> [ 11.727685] [ 11.735022] Allocated by task 173: [ 11.735207] kasan_save_stack+0x45/0x70 [ 11.735422] kasan_save_track+0x18/0x40 [ 11.735572] kasan_save_alloc_info+0x3b/0x50 [ 11.735720] __kasan_krealloc+0x190/0x1f0 [ 11.735859] krealloc_noprof+0xf3/0x340 [ 11.735994] krealloc_more_oob_helper+0x1a9/0x930 [ 11.736162] krealloc_more_oob+0x1c/0x30 [ 11.736362] kunit_try_run_case+0x1a5/0x480 [ 11.736564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.736813] kthread+0x337/0x6f0 [ 11.736988] ret_from_fork+0x116/0x1d0 [ 11.737178] ret_from_fork_asm+0x1a/0x30 [ 11.737454] [ 11.737644] The buggy address belongs to the object at ffff888100348800 [ 11.737644] which belongs to the cache kmalloc-256 of size 256 [ 11.738068] The buggy address is located 5 bytes to the right of [ 11.738068] allocated 235-byte region [ffff888100348800, ffff8881003488eb) [ 11.738665] [ 11.738737] The buggy address belongs to the physical page: [ 11.738992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 11.739325] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.739674] flags: 0x200000000000040(head|node=0|zone=2) [ 11.739901] page_type: f5(slab) [ 11.740063] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.740338] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.740696] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.741027] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.741329] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 11.741653] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.741959] page dumped because: kasan: bad access detected [ 11.742193] [ 11.742290] Memory state around the buggy address: [ 11.742499] ffff888100348780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.742795] ffff888100348800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.743089] >ffff888100348880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.743302] ^ [ 11.743716] ffff888100348900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.744036] ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.744318] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.162819] ================================================================== [ 14.164414] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.164735] Read of size 1 at addr ffff888103a17c3f by task kunit_try_catch/268 [ 14.164968] [ 14.165093] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.165147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.165159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.165184] Call Trace: [ 14.165203] <TASK> [ 14.165225] dump_stack_lvl+0x73/0xb0 [ 14.165256] print_report+0xd1/0x610 [ 14.165280] ? __virt_addr_valid+0x1db/0x2d0 [ 14.165303] ? kasan_alloca_oob_left+0x320/0x380 [ 14.165324] ? kasan_addr_to_slab+0x11/0xa0 [ 14.165344] ? kasan_alloca_oob_left+0x320/0x380 [ 14.165366] kasan_report+0x141/0x180 [ 14.165386] ? kasan_alloca_oob_left+0x320/0x380 [ 14.165412] __asan_report_load1_noabort+0x18/0x20 [ 14.165437] kasan_alloca_oob_left+0x320/0x380 [ 14.165460] ? finish_task_switch.isra.0+0x153/0x700 [ 14.165482] ? __schedule+0x100e/0x2b60 [ 14.165504] ? trace_hardirqs_on+0x37/0xe0 [ 14.165529] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.165553] ? __schedule+0x10cc/0x2b60 [ 14.165572] ? __pfx_read_tsc+0x10/0x10 [ 14.165593] ? ktime_get_ts64+0x86/0x230 [ 14.165616] kunit_try_run_case+0x1a5/0x480 [ 14.165640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.165661] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.165684] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.165706] ? __kthread_parkme+0x82/0x180 [ 14.165726] ? preempt_count_sub+0x50/0x80 [ 14.165749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.165771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.165793] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.165815] kthread+0x337/0x6f0 [ 14.165833] ? trace_preempt_on+0x20/0xc0 [ 14.165853] ? __pfx_kthread+0x10/0x10 [ 14.165873] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.165893] ? calculate_sigpending+0x7b/0xa0 [ 14.165917] ? __pfx_kthread+0x10/0x10 [ 14.165938] ret_from_fork+0x116/0x1d0 [ 14.165955] ? __pfx_kthread+0x10/0x10 [ 14.165975] ret_from_fork_asm+0x1a/0x30 [ 14.166006] </TASK> [ 14.167067] [ 14.180431] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.180798] [ 14.180903] The buggy address belongs to the physical page: [ 14.181176] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a17 [ 14.182137] flags: 0x200000000000000(node=0|zone=2) [ 14.182357] raw: 0200000000000000 ffffea00040e85c8 ffffea00040e85c8 0000000000000000 [ 14.183364] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.184230] page dumped because: kasan: bad access detected [ 14.184701] [ 14.184949] Memory state around the buggy address: [ 14.185452] ffff888103a17b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.185766] ffff888103a17b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.186063] >ffff888103a17c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.186354] ^ [ 14.186868] ffff888103a17c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.187143] ffff888103a17d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.187602] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.136459] ================================================================== [ 14.137517] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.137936] Read of size 1 at addr ffff888103a97d02 by task kunit_try_catch/266 [ 14.138303] [ 14.138421] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.138471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.138483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.138508] Call Trace: [ 14.138522] <TASK> [ 14.138542] dump_stack_lvl+0x73/0xb0 [ 14.138577] print_report+0xd1/0x610 [ 14.138678] ? __virt_addr_valid+0x1db/0x2d0 [ 14.138704] ? kasan_stack_oob+0x2b5/0x300 [ 14.138724] ? kasan_addr_to_slab+0x11/0xa0 [ 14.138745] ? kasan_stack_oob+0x2b5/0x300 [ 14.138765] kasan_report+0x141/0x180 [ 14.138787] ? kasan_stack_oob+0x2b5/0x300 [ 14.138813] __asan_report_load1_noabort+0x18/0x20 [ 14.138838] kasan_stack_oob+0x2b5/0x300 [ 14.138857] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.138879] ? __kasan_check_write+0x18/0x20 [ 14.138898] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.138923] ? irqentry_exit+0x2a/0x60 [ 14.138945] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.138971] ? __pfx_read_tsc+0x10/0x10 [ 14.138991] ? ktime_get_ts64+0x86/0x230 [ 14.139027] kunit_try_run_case+0x1a5/0x480 [ 14.139053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.139076] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.139099] ? __kthread_parkme+0x82/0x180 [ 14.139170] ? preempt_count_sub+0x50/0x80 [ 14.139194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.139218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.139242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.139266] kthread+0x337/0x6f0 [ 14.139285] ? trace_preempt_on+0x20/0xc0 [ 14.139308] ? __pfx_kthread+0x10/0x10 [ 14.139328] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.139351] ? calculate_sigpending+0x7b/0xa0 [ 14.139376] ? __pfx_kthread+0x10/0x10 [ 14.139397] ret_from_fork+0x116/0x1d0 [ 14.139416] ? __pfx_kthread+0x10/0x10 [ 14.139435] ret_from_fork_asm+0x1a/0x30 [ 14.139466] </TASK> [ 14.139478] [ 14.148000] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.148473] and is located at offset 138 in frame: [ 14.148687] kasan_stack_oob+0x0/0x300 [ 14.148966] [ 14.149091] This frame has 4 objects: [ 14.149380] [48, 49) '__assertion' [ 14.149404] [64, 72) 'array' [ 14.149726] [96, 112) '__assertion' [ 14.149848] [128, 138) 'stack_array' [ 14.149985] [ 14.150387] The buggy address belongs to the physical page: [ 14.150857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a97 [ 14.151273] flags: 0x200000000000000(node=0|zone=2) [ 14.151580] raw: 0200000000000000 ffffea00040ea5c8 ffffea00040ea5c8 0000000000000000 [ 14.151899] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.152238] page dumped because: kasan: bad access detected [ 14.152569] [ 14.152657] Memory state around the buggy address: [ 14.152862] ffff888103a97c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.153095] ffff888103a97c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.153313] >ffff888103a97d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.153527] ^ [ 14.153656] ffff888103a97d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.154028] ffff888103a97e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.154341] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.113498] ================================================================== [ 14.114554] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.114952] Read of size 1 at addr ffffffffbc263e8d by task kunit_try_catch/262 [ 14.115615] [ 14.115884] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.115939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.115952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.115975] Call Trace: [ 14.115992] <TASK> [ 14.116025] dump_stack_lvl+0x73/0xb0 [ 14.116063] print_report+0xd1/0x610 [ 14.116087] ? __virt_addr_valid+0x1db/0x2d0 [ 14.116113] ? kasan_global_oob_right+0x286/0x2d0 [ 14.116135] ? kasan_addr_to_slab+0x11/0xa0 [ 14.116155] ? kasan_global_oob_right+0x286/0x2d0 [ 14.116178] kasan_report+0x141/0x180 [ 14.116201] ? kasan_global_oob_right+0x286/0x2d0 [ 14.116228] __asan_report_load1_noabort+0x18/0x20 [ 14.116252] kasan_global_oob_right+0x286/0x2d0 [ 14.116275] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.116300] ? __schedule+0x10cc/0x2b60 [ 14.116323] ? __pfx_read_tsc+0x10/0x10 [ 14.116345] ? ktime_get_ts64+0x86/0x230 [ 14.116371] kunit_try_run_case+0x1a5/0x480 [ 14.116398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.116420] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.116445] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.116468] ? __kthread_parkme+0x82/0x180 [ 14.116490] ? preempt_count_sub+0x50/0x80 [ 14.116515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.116539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.116563] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.116587] kthread+0x337/0x6f0 [ 14.116605] ? trace_preempt_on+0x20/0xc0 [ 14.116629] ? __pfx_kthread+0x10/0x10 [ 14.116649] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.116670] ? calculate_sigpending+0x7b/0xa0 [ 14.116695] ? __pfx_kthread+0x10/0x10 [ 14.116716] ret_from_fork+0x116/0x1d0 [ 14.116734] ? __pfx_kthread+0x10/0x10 [ 14.116754] ret_from_fork_asm+0x1a/0x30 [ 14.116786] </TASK> [ 14.116797] [ 14.124779] The buggy address belongs to the variable: [ 14.125170] global_array+0xd/0x40 [ 14.125376] [ 14.125488] The buggy address belongs to the physical page: [ 14.125745] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4fa63 [ 14.126067] flags: 0x100000000002000(reserved|node=0|zone=1) [ 14.126278] raw: 0100000000002000 ffffea00013e98c8 ffffea00013e98c8 0000000000000000 [ 14.126683] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.127069] page dumped because: kasan: bad access detected [ 14.127241] [ 14.127312] Memory state around the buggy address: [ 14.127713] ffffffffbc263d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.128090] ffffffffbc263e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.128399] >ffffffffbc263e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.128709] ^ [ 14.128834] ffffffffbc263f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.129068] ffffffffbc263f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.129300] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.032464] ================================================================== [ 14.033645] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.033932] Free of addr ffff8881029c5401 by task kunit_try_catch/258 [ 14.035255] [ 14.035802] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.035880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.035893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.035918] Call Trace: [ 14.035934] <TASK> [ 14.035957] dump_stack_lvl+0x73/0xb0 [ 14.036053] print_report+0xd1/0x610 [ 14.036083] ? __virt_addr_valid+0x1db/0x2d0 [ 14.036108] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.036132] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.036159] kasan_report_invalid_free+0x10a/0x130 [ 14.036184] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.036254] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.036280] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.036304] check_slab_allocation+0x11f/0x130 [ 14.036326] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.036351] mempool_free+0x2ec/0x380 [ 14.036380] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.036426] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.036458] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.036480] ? finish_task_switch.isra.0+0x153/0x700 [ 14.036506] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.036530] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.036557] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.036579] ? __pfx_mempool_kfree+0x10/0x10 [ 14.036604] ? __pfx_read_tsc+0x10/0x10 [ 14.036625] ? ktime_get_ts64+0x86/0x230 [ 14.036649] kunit_try_run_case+0x1a5/0x480 [ 14.036674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.036696] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.036721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.036745] ? __kthread_parkme+0x82/0x180 [ 14.036766] ? preempt_count_sub+0x50/0x80 [ 14.036789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.036812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.036836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.036866] kthread+0x337/0x6f0 [ 14.036885] ? trace_preempt_on+0x20/0xc0 [ 14.036907] ? __pfx_kthread+0x10/0x10 [ 14.036927] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.036949] ? calculate_sigpending+0x7b/0xa0 [ 14.036973] ? __pfx_kthread+0x10/0x10 [ 14.037019] ret_from_fork+0x116/0x1d0 [ 14.037039] ? __pfx_kthread+0x10/0x10 [ 14.037059] ret_from_fork_asm+0x1a/0x30 [ 14.037090] </TASK> [ 14.037100] [ 14.054385] Allocated by task 258: [ 14.054648] kasan_save_stack+0x45/0x70 [ 14.055366] kasan_save_track+0x18/0x40 [ 14.055638] kasan_save_alloc_info+0x3b/0x50 [ 14.055995] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.056489] remove_element+0x11e/0x190 [ 14.056641] mempool_alloc_preallocated+0x4d/0x90 [ 14.056800] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.056995] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.057581] kunit_try_run_case+0x1a5/0x480 [ 14.058387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.058970] kthread+0x337/0x6f0 [ 14.059335] ret_from_fork+0x116/0x1d0 [ 14.059822] ret_from_fork_asm+0x1a/0x30 [ 14.060295] [ 14.060511] The buggy address belongs to the object at ffff8881029c5400 [ 14.060511] which belongs to the cache kmalloc-128 of size 128 [ 14.061122] The buggy address is located 1 bytes inside of [ 14.061122] 128-byte region [ffff8881029c5400, ffff8881029c5480) [ 14.062379] [ 14.062678] The buggy address belongs to the physical page: [ 14.063026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c5 [ 14.063278] flags: 0x200000000000000(node=0|zone=2) [ 14.063923] page_type: f5(slab) [ 14.064342] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.065481] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.066196] page dumped because: kasan: bad access detected [ 14.066836] [ 14.066911] Memory state around the buggy address: [ 14.067239] ffff8881029c5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.067930] ffff8881029c5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.068683] >ffff8881029c5400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.068917] ^ [ 14.069187] ffff8881029c5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.069922] ffff8881029c5500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.070776] ================================================================== [ 14.075868] ================================================================== [ 14.076892] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.077560] Free of addr ffff8881039c4001 by task kunit_try_catch/260 [ 14.077802] [ 14.077995] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.078056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.078068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.078091] Call Trace: [ 14.078106] <TASK> [ 14.078127] dump_stack_lvl+0x73/0xb0 [ 14.078161] print_report+0xd1/0x610 [ 14.078231] ? __virt_addr_valid+0x1db/0x2d0 [ 14.078256] ? kasan_addr_to_slab+0x11/0xa0 [ 14.078320] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.078351] kasan_report_invalid_free+0x10a/0x130 [ 14.078375] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.078404] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.078430] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.078455] mempool_free+0x2ec/0x380 [ 14.078482] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.078508] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.078533] ? update_load_avg+0x1be/0x21b0 [ 14.078556] ? update_load_avg+0x1be/0x21b0 [ 14.078577] ? update_curr+0x80/0x810 [ 14.078596] ? enqueue_entity+0x215/0x1080 [ 14.078620] ? finish_task_switch.isra.0+0x153/0x700 [ 14.078646] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.078671] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.078700] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.078722] ? __pfx_mempool_kfree+0x10/0x10 [ 14.078746] ? __pfx_read_tsc+0x10/0x10 [ 14.078768] ? ktime_get_ts64+0x86/0x230 [ 14.078791] kunit_try_run_case+0x1a5/0x480 [ 14.078817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.078839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.078864] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.078888] ? __kthread_parkme+0x82/0x180 [ 14.078909] ? preempt_count_sub+0x50/0x80 [ 14.078932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.078955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.078979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.079003] kthread+0x337/0x6f0 [ 14.079379] ? trace_preempt_on+0x20/0xc0 [ 14.079406] ? __pfx_kthread+0x10/0x10 [ 14.079426] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.079450] ? calculate_sigpending+0x7b/0xa0 [ 14.079474] ? __pfx_kthread+0x10/0x10 [ 14.079495] ret_from_fork+0x116/0x1d0 [ 14.079514] ? __pfx_kthread+0x10/0x10 [ 14.079535] ret_from_fork_asm+0x1a/0x30 [ 14.079567] </TASK> [ 14.079579] [ 14.097534] The buggy address belongs to the physical page: [ 14.097954] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c4 [ 14.098567] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.099356] flags: 0x200000000000040(head|node=0|zone=2) [ 14.099729] page_type: f8(unknown) [ 14.099861] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.100239] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.101127] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.102262] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.102936] head: 0200000000000002 ffffea00040e7101 00000000ffffffff 00000000ffffffff [ 14.103594] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.104319] page dumped because: kasan: bad access detected [ 14.104716] [ 14.104791] Memory state around the buggy address: [ 14.104960] ffff8881039c3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.105860] ffff8881039c3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.106749] >ffff8881039c4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.107699] ^ [ 14.107824] ffff8881039c4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.108072] ffff8881039c4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.108796] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.938264] ================================================================== [ 13.940064] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.940347] Free of addr ffff888102b7d800 by task kunit_try_catch/252 [ 13.940926] [ 13.941692] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.941748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.941759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.941783] Call Trace: [ 13.941796] <TASK> [ 13.941816] dump_stack_lvl+0x73/0xb0 [ 13.941853] print_report+0xd1/0x610 [ 13.941876] ? __virt_addr_valid+0x1db/0x2d0 [ 13.941903] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.941926] ? mempool_double_free_helper+0x184/0x370 [ 13.941950] kasan_report_invalid_free+0x10a/0x130 [ 13.941975] ? mempool_double_free_helper+0x184/0x370 [ 13.942069] ? mempool_double_free_helper+0x184/0x370 [ 13.942094] ? mempool_double_free_helper+0x184/0x370 [ 13.942131] check_slab_allocation+0x101/0x130 [ 13.942154] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.942178] mempool_free+0x2ec/0x380 [ 13.942207] mempool_double_free_helper+0x184/0x370 [ 13.942231] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.942256] ? kasan_save_track+0x18/0x40 [ 13.942275] ? kasan_save_alloc_info+0x3b/0x50 [ 13.942298] ? kasan_save_stack+0x45/0x70 [ 13.942323] mempool_kmalloc_double_free+0xed/0x140 [ 13.942348] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.942376] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.942398] ? __pfx_mempool_kfree+0x10/0x10 [ 13.942423] ? __pfx_read_tsc+0x10/0x10 [ 13.942445] ? ktime_get_ts64+0x86/0x230 [ 13.942471] kunit_try_run_case+0x1a5/0x480 [ 13.942499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.942523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.942549] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.942573] ? __kthread_parkme+0x82/0x180 [ 13.942594] ? preempt_count_sub+0x50/0x80 [ 13.942619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.942643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.942668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.942692] kthread+0x337/0x6f0 [ 13.942711] ? trace_preempt_on+0x20/0xc0 [ 13.942734] ? __pfx_kthread+0x10/0x10 [ 13.942754] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.942776] ? calculate_sigpending+0x7b/0xa0 [ 13.942801] ? __pfx_kthread+0x10/0x10 [ 13.942822] ret_from_fork+0x116/0x1d0 [ 13.942840] ? __pfx_kthread+0x10/0x10 [ 13.942860] ret_from_fork_asm+0x1a/0x30 [ 13.942893] </TASK> [ 13.942904] [ 13.959537] Allocated by task 252: [ 13.959703] kasan_save_stack+0x45/0x70 [ 13.959864] kasan_save_track+0x18/0x40 [ 13.959996] kasan_save_alloc_info+0x3b/0x50 [ 13.960152] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.960630] remove_element+0x11e/0x190 [ 13.961107] mempool_alloc_preallocated+0x4d/0x90 [ 13.961662] mempool_double_free_helper+0x8a/0x370 [ 13.962178] mempool_kmalloc_double_free+0xed/0x140 [ 13.962783] kunit_try_run_case+0x1a5/0x480 [ 13.963228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.963791] kthread+0x337/0x6f0 [ 13.964108] ret_from_fork+0x116/0x1d0 [ 13.964528] ret_from_fork_asm+0x1a/0x30 [ 13.965039] [ 13.965228] Freed by task 252: [ 13.965595] kasan_save_stack+0x45/0x70 [ 13.965996] kasan_save_track+0x18/0x40 [ 13.966490] kasan_save_free_info+0x3f/0x60 [ 13.966913] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.967486] mempool_free+0x2ec/0x380 [ 13.967907] mempool_double_free_helper+0x109/0x370 [ 13.968279] mempool_kmalloc_double_free+0xed/0x140 [ 13.968446] kunit_try_run_case+0x1a5/0x480 [ 13.968616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.968816] kthread+0x337/0x6f0 [ 13.969555] ret_from_fork+0x116/0x1d0 [ 13.969936] ret_from_fork_asm+0x1a/0x30 [ 13.970357] [ 13.970565] The buggy address belongs to the object at ffff888102b7d800 [ 13.970565] which belongs to the cache kmalloc-128 of size 128 [ 13.971605] The buggy address is located 0 bytes inside of [ 13.971605] 128-byte region [ffff888102b7d800, ffff888102b7d880) [ 13.972652] [ 13.972993] The buggy address belongs to the physical page: [ 13.973341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b7d [ 13.974187] flags: 0x200000000000000(node=0|zone=2) [ 13.974421] page_type: f5(slab) [ 13.974887] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.975128] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.975772] page dumped because: kasan: bad access detected [ 13.976535] [ 13.976824] Memory state around the buggy address: [ 13.977434] ffff888102b7d700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.978191] ffff888102b7d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.979070] >ffff888102b7d800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.979738] ^ [ 13.980187] ffff888102b7d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.980576] ffff888102b7d900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.981377] ================================================================== [ 14.011964] ================================================================== [ 14.012478] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.012870] Free of addr ffff888103a30000 by task kunit_try_catch/256 [ 14.013108] [ 14.013204] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.013254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.013266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.013289] Call Trace: [ 14.013302] <TASK> [ 14.013321] dump_stack_lvl+0x73/0xb0 [ 14.013378] print_report+0xd1/0x610 [ 14.013402] ? __virt_addr_valid+0x1db/0x2d0 [ 14.013426] ? kasan_addr_to_slab+0x11/0xa0 [ 14.013455] ? mempool_double_free_helper+0x184/0x370 [ 14.013480] kasan_report_invalid_free+0x10a/0x130 [ 14.013504] ? mempool_double_free_helper+0x184/0x370 [ 14.013531] ? mempool_double_free_helper+0x184/0x370 [ 14.013554] __kasan_mempool_poison_pages+0x115/0x130 [ 14.013578] mempool_free+0x290/0x380 [ 14.013604] mempool_double_free_helper+0x184/0x370 [ 14.013628] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.013677] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.013699] ? finish_task_switch.isra.0+0x153/0x700 [ 14.013725] mempool_page_alloc_double_free+0xe8/0x140 [ 14.013750] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.013778] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.013801] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.013841] ? __pfx_read_tsc+0x10/0x10 [ 14.013863] ? ktime_get_ts64+0x86/0x230 [ 14.013887] kunit_try_run_case+0x1a5/0x480 [ 14.013912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.013934] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.013959] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.013983] ? __kthread_parkme+0x82/0x180 [ 14.014004] ? preempt_count_sub+0x50/0x80 [ 14.014070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.014094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.014118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.014142] kthread+0x337/0x6f0 [ 14.014161] ? trace_preempt_on+0x20/0xc0 [ 14.014186] ? __pfx_kthread+0x10/0x10 [ 14.014207] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.014228] ? calculate_sigpending+0x7b/0xa0 [ 14.014252] ? __pfx_kthread+0x10/0x10 [ 14.014273] ret_from_fork+0x116/0x1d0 [ 14.014292] ? __pfx_kthread+0x10/0x10 [ 14.014312] ret_from_fork_asm+0x1a/0x30 [ 14.014343] </TASK> [ 14.014375] [ 14.023585] The buggy address belongs to the physical page: [ 14.023792] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a30 [ 14.024205] flags: 0x200000000000000(node=0|zone=2) [ 14.024536] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.024896] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.025282] page dumped because: kasan: bad access detected [ 14.025457] [ 14.025528] Memory state around the buggy address: [ 14.025684] ffff888103a2ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.025976] ffff888103a2ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.026327] >ffff888103a30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.026820] ^ [ 14.026983] ffff888103a30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.027288] ffff888103a30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.027710] ================================================================== [ 13.985683] ================================================================== [ 13.986196] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.986760] Free of addr ffff888103a30000 by task kunit_try_catch/254 [ 13.987070] [ 13.987171] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.987222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.987236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.987260] Call Trace: [ 13.987272] <TASK> [ 13.987293] dump_stack_lvl+0x73/0xb0 [ 13.987327] print_report+0xd1/0x610 [ 13.987350] ? __virt_addr_valid+0x1db/0x2d0 [ 13.987376] ? kasan_addr_to_slab+0x11/0xa0 [ 13.987397] ? mempool_double_free_helper+0x184/0x370 [ 13.987422] kasan_report_invalid_free+0x10a/0x130 [ 13.987446] ? mempool_double_free_helper+0x184/0x370 [ 13.987473] ? mempool_double_free_helper+0x184/0x370 [ 13.987496] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.987521] mempool_free+0x2ec/0x380 [ 13.987549] mempool_double_free_helper+0x184/0x370 [ 13.987573] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.987598] ? __kasan_check_write+0x18/0x20 [ 13.987617] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.987673] ? finish_task_switch.isra.0+0x153/0x700 [ 13.987701] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.987726] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.987756] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.987778] ? __pfx_mempool_kfree+0x10/0x10 [ 13.987802] ? __pfx_read_tsc+0x10/0x10 [ 13.987825] ? ktime_get_ts64+0x86/0x230 [ 13.987850] kunit_try_run_case+0x1a5/0x480 [ 13.987877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.987899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.987924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.987948] ? __kthread_parkme+0x82/0x180 [ 13.987970] ? preempt_count_sub+0x50/0x80 [ 13.987993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.988026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.988050] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.988074] kthread+0x337/0x6f0 [ 13.988092] ? trace_preempt_on+0x20/0xc0 [ 13.988132] ? __pfx_kthread+0x10/0x10 [ 13.988171] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.988200] ? calculate_sigpending+0x7b/0xa0 [ 13.988226] ? __pfx_kthread+0x10/0x10 [ 13.988247] ret_from_fork+0x116/0x1d0 [ 13.988267] ? __pfx_kthread+0x10/0x10 [ 13.988288] ret_from_fork_asm+0x1a/0x30 [ 13.988320] </TASK> [ 13.988332] [ 14.001387] The buggy address belongs to the physical page: [ 14.001684] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a30 [ 14.002027] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.002252] flags: 0x200000000000040(head|node=0|zone=2) [ 14.002432] page_type: f8(unknown) [ 14.002668] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.003002] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.003328] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.003703] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.003927] head: 0200000000000002 ffffea00040e8c01 00000000ffffffff 00000000ffffffff [ 14.004272] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.004958] page dumped because: kasan: bad access detected [ 14.005332] [ 14.005414] Memory state around the buggy address: [ 14.005632] ffff888103a2ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.005953] ffff888103a2ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.006373] >ffff888103a30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.006679] ^ [ 14.006842] ffff888103a30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.007147] ffff888103a30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.007413] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.909409] ================================================================== [ 13.909955] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.910217] Read of size 1 at addr ffff888102a18000 by task kunit_try_catch/250 [ 13.910470] [ 13.910647] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.911255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.911269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.911293] Call Trace: [ 13.911307] <TASK> [ 13.911326] dump_stack_lvl+0x73/0xb0 [ 13.911363] print_report+0xd1/0x610 [ 13.911386] ? __virt_addr_valid+0x1db/0x2d0 [ 13.911411] ? mempool_uaf_helper+0x392/0x400 [ 13.911688] ? kasan_addr_to_slab+0x11/0xa0 [ 13.911712] ? mempool_uaf_helper+0x392/0x400 [ 13.911735] kasan_report+0x141/0x180 [ 13.911757] ? mempool_uaf_helper+0x392/0x400 [ 13.911784] __asan_report_load1_noabort+0x18/0x20 [ 13.911809] mempool_uaf_helper+0x392/0x400 [ 13.911832] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.911857] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.911881] ? finish_task_switch.isra.0+0x153/0x700 [ 13.911908] mempool_page_alloc_uaf+0xed/0x140 [ 13.911932] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.911959] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.911985] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.912025] ? __pfx_read_tsc+0x10/0x10 [ 13.912051] ? ktime_get_ts64+0x86/0x230 [ 13.912078] kunit_try_run_case+0x1a5/0x480 [ 13.912105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.912127] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.912153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.912176] ? __kthread_parkme+0x82/0x180 [ 13.912198] ? preempt_count_sub+0x50/0x80 [ 13.912221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.912244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.912268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.912292] kthread+0x337/0x6f0 [ 13.912311] ? trace_preempt_on+0x20/0xc0 [ 13.912335] ? __pfx_kthread+0x10/0x10 [ 13.912354] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.912375] ? calculate_sigpending+0x7b/0xa0 [ 13.912400] ? __pfx_kthread+0x10/0x10 [ 13.912421] ret_from_fork+0x116/0x1d0 [ 13.912440] ? __pfx_kthread+0x10/0x10 [ 13.912460] ret_from_fork_asm+0x1a/0x30 [ 13.912491] </TASK> [ 13.912502] [ 13.927652] The buggy address belongs to the physical page: [ 13.928262] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 13.928734] flags: 0x200000000000000(node=0|zone=2) [ 13.929195] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.929709] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.930337] page dumped because: kasan: bad access detected [ 13.930710] [ 13.930976] Memory state around the buggy address: [ 13.931259] ffff888102a17f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.931778] ffff888102a17f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.932288] >ffff888102a18000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.932788] ^ [ 13.932964] ffff888102a18080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.933268] ffff888102a18100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.933923] ================================================================== [ 13.822421] ================================================================== [ 13.823340] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.823597] Read of size 1 at addr ffff8881039c0000 by task kunit_try_catch/246 [ 13.824174] [ 13.824271] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.824321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.824333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.824357] Call Trace: [ 13.824372] <TASK> [ 13.824393] dump_stack_lvl+0x73/0xb0 [ 13.824426] print_report+0xd1/0x610 [ 13.824448] ? __virt_addr_valid+0x1db/0x2d0 [ 13.824474] ? mempool_uaf_helper+0x392/0x400 [ 13.824496] ? kasan_addr_to_slab+0x11/0xa0 [ 13.824518] ? mempool_uaf_helper+0x392/0x400 [ 13.824539] kasan_report+0x141/0x180 [ 13.824561] ? mempool_uaf_helper+0x392/0x400 [ 13.824588] __asan_report_load1_noabort+0x18/0x20 [ 13.824612] mempool_uaf_helper+0x392/0x400 [ 13.824635] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.824657] ? update_load_avg+0x1be/0x21b0 [ 13.824685] ? finish_task_switch.isra.0+0x153/0x700 [ 13.824711] mempool_kmalloc_large_uaf+0xef/0x140 [ 13.824734] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.824760] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.824785] ? __pfx_mempool_kfree+0x10/0x10 [ 13.824809] ? __pfx_read_tsc+0x10/0x10 [ 13.824831] ? ktime_get_ts64+0x86/0x230 [ 13.824861] kunit_try_run_case+0x1a5/0x480 [ 13.824889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.824913] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.824939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.824963] ? __kthread_parkme+0x82/0x180 [ 13.824985] ? preempt_count_sub+0x50/0x80 [ 13.825020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.825046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.825070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.825094] kthread+0x337/0x6f0 [ 13.825113] ? trace_preempt_on+0x20/0xc0 [ 13.825137] ? __pfx_kthread+0x10/0x10 [ 13.825157] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.825178] ? calculate_sigpending+0x7b/0xa0 [ 13.825203] ? __pfx_kthread+0x10/0x10 [ 13.825243] ret_from_fork+0x116/0x1d0 [ 13.825262] ? __pfx_kthread+0x10/0x10 [ 13.825283] ret_from_fork_asm+0x1a/0x30 [ 13.825315] </TASK> [ 13.825326] [ 13.840488] The buggy address belongs to the physical page: [ 13.841039] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c0 [ 13.841871] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.842271] flags: 0x200000000000040(head|node=0|zone=2) [ 13.842889] page_type: f8(unknown) [ 13.843339] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.844069] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.844919] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.845520] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.845762] head: 0200000000000002 ffffea00040e7001 00000000ffffffff 00000000ffffffff [ 13.845997] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.846297] page dumped because: kasan: bad access detected [ 13.846487] [ 13.846561] Memory state around the buggy address: [ 13.846788] ffff8881039bff00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.847500] ffff8881039bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.847875] >ffff8881039c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.848418] ^ [ 13.848594] ffff8881039c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.848870] ffff8881039c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.849223] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.853858] ================================================================== [ 13.854796] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.855853] Read of size 1 at addr ffff8881029c8240 by task kunit_try_catch/248 [ 13.856422] [ 13.856529] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.856583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.856597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.856621] Call Trace: [ 13.856639] <TASK> [ 13.856660] dump_stack_lvl+0x73/0xb0 [ 13.856699] print_report+0xd1/0x610 [ 13.856723] ? __virt_addr_valid+0x1db/0x2d0 [ 13.856748] ? mempool_uaf_helper+0x392/0x400 [ 13.856771] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.856793] ? mempool_uaf_helper+0x392/0x400 [ 13.856816] kasan_report+0x141/0x180 [ 13.856837] ? mempool_uaf_helper+0x392/0x400 [ 13.856871] __asan_report_load1_noabort+0x18/0x20 [ 13.856896] mempool_uaf_helper+0x392/0x400 [ 13.856919] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.856943] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.856967] ? finish_task_switch.isra.0+0x153/0x700 [ 13.856993] mempool_slab_uaf+0xea/0x140 [ 13.857040] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.857065] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.857091] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.857117] ? __pfx_read_tsc+0x10/0x10 [ 13.857139] ? ktime_get_ts64+0x86/0x230 [ 13.857164] kunit_try_run_case+0x1a5/0x480 [ 13.857191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.857212] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.857238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.857288] ? __kthread_parkme+0x82/0x180 [ 13.857310] ? preempt_count_sub+0x50/0x80 [ 13.857334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.857358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.857381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.857406] kthread+0x337/0x6f0 [ 13.857425] ? trace_preempt_on+0x20/0xc0 [ 13.857449] ? __pfx_kthread+0x10/0x10 [ 13.857469] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.857490] ? calculate_sigpending+0x7b/0xa0 [ 13.857515] ? __pfx_kthread+0x10/0x10 [ 13.857536] ret_from_fork+0x116/0x1d0 [ 13.857555] ? __pfx_kthread+0x10/0x10 [ 13.857574] ret_from_fork_asm+0x1a/0x30 [ 13.857606] </TASK> [ 13.857618] [ 13.875508] Allocated by task 248: [ 13.876123] kasan_save_stack+0x45/0x70 [ 13.876671] kasan_save_track+0x18/0x40 [ 13.876825] kasan_save_alloc_info+0x3b/0x50 [ 13.876987] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.878204] remove_element+0x11e/0x190 [ 13.878628] mempool_alloc_preallocated+0x4d/0x90 [ 13.879089] mempool_uaf_helper+0x96/0x400 [ 13.879681] mempool_slab_uaf+0xea/0x140 [ 13.880167] kunit_try_run_case+0x1a5/0x480 [ 13.880645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.880832] kthread+0x337/0x6f0 [ 13.880963] ret_from_fork+0x116/0x1d0 [ 13.881646] ret_from_fork_asm+0x1a/0x30 [ 13.882343] [ 13.882512] Freed by task 248: [ 13.883028] kasan_save_stack+0x45/0x70 [ 13.883939] kasan_save_track+0x18/0x40 [ 13.884464] kasan_save_free_info+0x3f/0x60 [ 13.884622] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.884789] mempool_free+0x2ec/0x380 [ 13.884930] mempool_uaf_helper+0x11a/0x400 [ 13.885259] mempool_slab_uaf+0xea/0x140 [ 13.886070] kunit_try_run_case+0x1a5/0x480 [ 13.886589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.887379] kthread+0x337/0x6f0 [ 13.887851] ret_from_fork+0x116/0x1d0 [ 13.888404] ret_from_fork_asm+0x1a/0x30 [ 13.889306] [ 13.889391] The buggy address belongs to the object at ffff8881029c8240 [ 13.889391] which belongs to the cache test_cache of size 123 [ 13.889743] The buggy address is located 0 bytes inside of [ 13.889743] freed 123-byte region [ffff8881029c8240, ffff8881029c82bb) [ 13.890092] [ 13.890166] The buggy address belongs to the physical page: [ 13.890338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c8 [ 13.891535] flags: 0x200000000000000(node=0|zone=2) [ 13.892109] page_type: f5(slab) [ 13.892435] raw: 0200000000000000 ffff8881034193c0 dead000000000122 0000000000000000 [ 13.893449] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.894380] page dumped because: kasan: bad access detected [ 13.895482] [ 13.895920] Memory state around the buggy address: [ 13.896631] ffff8881029c8100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.897423] ffff8881029c8180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.897999] >ffff8881029c8200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.898736] ^ [ 13.899559] ffff8881029c8280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.899790] ffff8881029c8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.900685] ================================================================== [ 13.787332] ================================================================== [ 13.788527] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.789088] Read of size 1 at addr ffff8881029c5000 by task kunit_try_catch/244 [ 13.789311] [ 13.789409] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.789471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.789484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.789508] Call Trace: [ 13.789523] <TASK> [ 13.789582] dump_stack_lvl+0x73/0xb0 [ 13.789621] print_report+0xd1/0x610 [ 13.789646] ? __virt_addr_valid+0x1db/0x2d0 [ 13.789671] ? mempool_uaf_helper+0x392/0x400 [ 13.789695] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.789718] ? mempool_uaf_helper+0x392/0x400 [ 13.789740] kasan_report+0x141/0x180 [ 13.789763] ? mempool_uaf_helper+0x392/0x400 [ 13.789790] __asan_report_load1_noabort+0x18/0x20 [ 13.789815] mempool_uaf_helper+0x392/0x400 [ 13.789839] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.789862] ? kasan_save_track+0x18/0x40 [ 13.789881] ? kasan_save_alloc_info+0x3b/0x50 [ 13.789903] ? kasan_save_stack+0x45/0x70 [ 13.789928] mempool_kmalloc_uaf+0xef/0x140 [ 13.789949] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.789975] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.790001] ? __pfx_mempool_kfree+0x10/0x10 [ 13.790037] ? __pfx_read_tsc+0x10/0x10 [ 13.790059] ? ktime_get_ts64+0x86/0x230 [ 13.790086] kunit_try_run_case+0x1a5/0x480 [ 13.790113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.790135] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.790161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.790185] ? __kthread_parkme+0x82/0x180 [ 13.790207] ? preempt_count_sub+0x50/0x80 [ 13.790232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.790256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.790280] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.790304] kthread+0x337/0x6f0 [ 13.790324] ? trace_preempt_on+0x20/0xc0 [ 13.790349] ? __pfx_kthread+0x10/0x10 [ 13.790369] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.790390] ? calculate_sigpending+0x7b/0xa0 [ 13.790416] ? __pfx_kthread+0x10/0x10 [ 13.790460] ret_from_fork+0x116/0x1d0 [ 13.790480] ? __pfx_kthread+0x10/0x10 [ 13.790501] ret_from_fork_asm+0x1a/0x30 [ 13.790532] </TASK> [ 13.790543] [ 13.803378] Allocated by task 244: [ 13.803622] kasan_save_stack+0x45/0x70 [ 13.804038] kasan_save_track+0x18/0x40 [ 13.804173] kasan_save_alloc_info+0x3b/0x50 [ 13.804601] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.805053] remove_element+0x11e/0x190 [ 13.805194] mempool_alloc_preallocated+0x4d/0x90 [ 13.805349] mempool_uaf_helper+0x96/0x400 [ 13.805684] mempool_kmalloc_uaf+0xef/0x140 [ 13.806075] kunit_try_run_case+0x1a5/0x480 [ 13.806481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.807062] kthread+0x337/0x6f0 [ 13.807401] ret_from_fork+0x116/0x1d0 [ 13.807776] ret_from_fork_asm+0x1a/0x30 [ 13.808165] [ 13.808243] Freed by task 244: [ 13.808357] kasan_save_stack+0x45/0x70 [ 13.808670] kasan_save_track+0x18/0x40 [ 13.809047] kasan_save_free_info+0x3f/0x60 [ 13.809437] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.809898] mempool_free+0x2ec/0x380 [ 13.810081] mempool_uaf_helper+0x11a/0x400 [ 13.810225] mempool_kmalloc_uaf+0xef/0x140 [ 13.810366] kunit_try_run_case+0x1a5/0x480 [ 13.810739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.811225] kthread+0x337/0x6f0 [ 13.811573] ret_from_fork+0x116/0x1d0 [ 13.811923] ret_from_fork_asm+0x1a/0x30 [ 13.812304] [ 13.812505] The buggy address belongs to the object at ffff8881029c5000 [ 13.812505] which belongs to the cache kmalloc-128 of size 128 [ 13.813386] The buggy address is located 0 bytes inside of [ 13.813386] freed 128-byte region [ffff8881029c5000, ffff8881029c5080) [ 13.814071] [ 13.814151] The buggy address belongs to the physical page: [ 13.814321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c5 [ 13.814620] flags: 0x200000000000000(node=0|zone=2) [ 13.814968] page_type: f5(slab) [ 13.815156] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.815448] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.815808] page dumped because: kasan: bad access detected [ 13.816028] [ 13.816119] Memory state around the buggy address: [ 13.816322] ffff8881029c4f00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 13.816647] ffff8881029c4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.816922] >ffff8881029c5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.817211] ^ [ 13.817372] ffff8881029c5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.817646] ffff8881029c5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.817955] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.738197] ================================================================== [ 13.738755] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.739545] Read of size 1 at addr ffff8881029c52bb by task kunit_try_catch/242 [ 13.740249] [ 13.740442] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.740498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.740511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.740536] Call Trace: [ 13.740550] <TASK> [ 13.740759] dump_stack_lvl+0x73/0xb0 [ 13.740805] print_report+0xd1/0x610 [ 13.740830] ? __virt_addr_valid+0x1db/0x2d0 [ 13.740864] ? mempool_oob_right_helper+0x318/0x380 [ 13.740889] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.740913] ? mempool_oob_right_helper+0x318/0x380 [ 13.740937] kasan_report+0x141/0x180 [ 13.740959] ? mempool_oob_right_helper+0x318/0x380 [ 13.740987] __asan_report_load1_noabort+0x18/0x20 [ 13.741074] mempool_oob_right_helper+0x318/0x380 [ 13.741102] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.741135] mempool_slab_oob_right+0xed/0x140 [ 13.741159] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.741187] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.741212] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.741238] ? __pfx_read_tsc+0x10/0x10 [ 13.741261] ? ktime_get_ts64+0x86/0x230 [ 13.741287] kunit_try_run_case+0x1a5/0x480 [ 13.741314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.741337] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.741362] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.741385] ? __kthread_parkme+0x82/0x180 [ 13.741407] ? preempt_count_sub+0x50/0x80 [ 13.741445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.741469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.741492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.741516] kthread+0x337/0x6f0 [ 13.741536] ? trace_preempt_on+0x20/0xc0 [ 13.741560] ? __pfx_kthread+0x10/0x10 [ 13.741580] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.741604] ? calculate_sigpending+0x7b/0xa0 [ 13.741631] ? __pfx_kthread+0x10/0x10 [ 13.741652] ret_from_fork+0x116/0x1d0 [ 13.741672] ? __pfx_kthread+0x10/0x10 [ 13.741691] ret_from_fork_asm+0x1a/0x30 [ 13.741724] </TASK> [ 13.741735] [ 13.760512] Allocated by task 242: [ 13.760974] kasan_save_stack+0x45/0x70 [ 13.761168] kasan_save_track+0x18/0x40 [ 13.761306] kasan_save_alloc_info+0x3b/0x50 [ 13.761670] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.762435] remove_element+0x11e/0x190 [ 13.763359] mempool_alloc_preallocated+0x4d/0x90 [ 13.763965] mempool_oob_right_helper+0x8a/0x380 [ 13.764591] mempool_slab_oob_right+0xed/0x140 [ 13.765057] kunit_try_run_case+0x1a5/0x480 [ 13.765683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.765869] kthread+0x337/0x6f0 [ 13.765994] ret_from_fork+0x116/0x1d0 [ 13.766305] ret_from_fork_asm+0x1a/0x30 [ 13.766960] [ 13.767284] The buggy address belongs to the object at ffff8881029c5240 [ 13.767284] which belongs to the cache test_cache of size 123 [ 13.769188] The buggy address is located 0 bytes to the right of [ 13.769188] allocated 123-byte region [ffff8881029c5240, ffff8881029c52bb) [ 13.769921] [ 13.770005] The buggy address belongs to the physical page: [ 13.771034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c5 [ 13.771713] flags: 0x200000000000000(node=0|zone=2) [ 13.771887] page_type: f5(slab) [ 13.772037] raw: 0200000000000000 ffff888103419280 dead000000000122 0000000000000000 [ 13.773134] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.773965] page dumped because: kasan: bad access detected [ 13.774597] [ 13.774748] Memory state around the buggy address: [ 13.775362] ffff8881029c5180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.776120] ffff8881029c5200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.776526] >ffff8881029c5280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.776747] ^ [ 13.776920] ffff8881029c5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.777894] ffff8881029c5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.778689] ================================================================== [ 13.706297] ================================================================== [ 13.706868] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.707717] Read of size 1 at addr ffff8881039c2001 by task kunit_try_catch/240 [ 13.708480] [ 13.708766] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.708823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.708835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.708865] Call Trace: [ 13.708880] <TASK> [ 13.708900] dump_stack_lvl+0x73/0xb0 [ 13.708937] print_report+0xd1/0x610 [ 13.708962] ? __virt_addr_valid+0x1db/0x2d0 [ 13.708987] ? mempool_oob_right_helper+0x318/0x380 [ 13.709024] ? kasan_addr_to_slab+0x11/0xa0 [ 13.709045] ? mempool_oob_right_helper+0x318/0x380 [ 13.709069] kasan_report+0x141/0x180 [ 13.709090] ? mempool_oob_right_helper+0x318/0x380 [ 13.709118] __asan_report_load1_noabort+0x18/0x20 [ 13.709143] mempool_oob_right_helper+0x318/0x380 [ 13.709167] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.709192] ? __kasan_check_write+0x18/0x20 [ 13.709211] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.709235] ? finish_task_switch.isra.0+0x153/0x700 [ 13.709261] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.709287] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.709315] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.709340] ? __pfx_mempool_kfree+0x10/0x10 [ 13.709365] ? __pfx_read_tsc+0x10/0x10 [ 13.709386] ? ktime_get_ts64+0x86/0x230 [ 13.709412] kunit_try_run_case+0x1a5/0x480 [ 13.709559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.709585] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.709612] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.709636] ? __kthread_parkme+0x82/0x180 [ 13.709658] ? preempt_count_sub+0x50/0x80 [ 13.709682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.709706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.709730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.709754] kthread+0x337/0x6f0 [ 13.709774] ? trace_preempt_on+0x20/0xc0 [ 13.709797] ? __pfx_kthread+0x10/0x10 [ 13.709818] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.709839] ? calculate_sigpending+0x7b/0xa0 [ 13.709864] ? __pfx_kthread+0x10/0x10 [ 13.709885] ret_from_fork+0x116/0x1d0 [ 13.709904] ? __pfx_kthread+0x10/0x10 [ 13.709924] ret_from_fork_asm+0x1a/0x30 [ 13.709957] </TASK> [ 13.709967] [ 13.722694] The buggy address belongs to the physical page: [ 13.723372] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c0 [ 13.723888] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.724361] flags: 0x200000000000040(head|node=0|zone=2) [ 13.724787] page_type: f8(unknown) [ 13.725026] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.725641] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.726108] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.726856] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.727467] head: 0200000000000002 ffffea00040e7001 00000000ffffffff 00000000ffffffff [ 13.727908] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.728490] page dumped because: kasan: bad access detected [ 13.728743] [ 13.728842] Memory state around the buggy address: [ 13.729337] ffff8881039c1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.729739] ffff8881039c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.730585] >ffff8881039c2000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.730869] ^ [ 13.731004] ffff8881039c2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.731697] ffff8881039c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.732046] ================================================================== [ 13.676877] ================================================================== [ 13.677580] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.677948] Read of size 1 at addr ffff8881029a6c73 by task kunit_try_catch/238 [ 13.678322] [ 13.678475] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.678543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.678556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.678580] Call Trace: [ 13.678595] <TASK> [ 13.678652] dump_stack_lvl+0x73/0xb0 [ 13.678726] print_report+0xd1/0x610 [ 13.678752] ? __virt_addr_valid+0x1db/0x2d0 [ 13.678776] ? mempool_oob_right_helper+0x318/0x380 [ 13.678801] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.678824] ? mempool_oob_right_helper+0x318/0x380 [ 13.678849] kasan_report+0x141/0x180 [ 13.678871] ? mempool_oob_right_helper+0x318/0x380 [ 13.678899] __asan_report_load1_noabort+0x18/0x20 [ 13.678923] mempool_oob_right_helper+0x318/0x380 [ 13.678980] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.679005] ? update_load_avg+0x1be/0x21b0 [ 13.679046] ? dequeue_entities+0x27e/0x1740 [ 13.679071] ? irqentry_exit+0x2a/0x60 [ 13.679094] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.679135] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.679160] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.679223] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.679251] ? __pfx_mempool_kfree+0x10/0x10 [ 13.679275] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.679313] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.679339] kunit_try_run_case+0x1a5/0x480 [ 13.679367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.679390] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.679415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.679452] ? __kthread_parkme+0x82/0x180 [ 13.679476] ? preempt_count_sub+0x50/0x80 [ 13.679500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.679523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.679547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.679570] kthread+0x337/0x6f0 [ 13.679589] ? trace_preempt_on+0x20/0xc0 [ 13.679613] ? __pfx_kthread+0x10/0x10 [ 13.679633] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.679655] ? calculate_sigpending+0x7b/0xa0 [ 13.679681] ? __pfx_kthread+0x10/0x10 [ 13.679702] ret_from_fork+0x116/0x1d0 [ 13.679723] ? __pfx_kthread+0x10/0x10 [ 13.679743] ret_from_fork_asm+0x1a/0x30 [ 13.679775] </TASK> [ 13.679785] [ 13.690994] Allocated by task 238: [ 13.691206] kasan_save_stack+0x45/0x70 [ 13.691374] kasan_save_track+0x18/0x40 [ 13.691741] kasan_save_alloc_info+0x3b/0x50 [ 13.692024] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.692372] remove_element+0x11e/0x190 [ 13.692520] mempool_alloc_preallocated+0x4d/0x90 [ 13.692677] mempool_oob_right_helper+0x8a/0x380 [ 13.692912] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.693586] kunit_try_run_case+0x1a5/0x480 [ 13.693868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.694193] kthread+0x337/0x6f0 [ 13.694406] ret_from_fork+0x116/0x1d0 [ 13.694596] ret_from_fork_asm+0x1a/0x30 [ 13.694830] [ 13.694931] The buggy address belongs to the object at ffff8881029a6c00 [ 13.694931] which belongs to the cache kmalloc-128 of size 128 [ 13.695597] The buggy address is located 0 bytes to the right of [ 13.695597] allocated 115-byte region [ffff8881029a6c00, ffff8881029a6c73) [ 13.696361] [ 13.696505] The buggy address belongs to the physical page: [ 13.696731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 13.697314] flags: 0x200000000000000(node=0|zone=2) [ 13.698025] page_type: f5(slab) [ 13.698206] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.698613] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.698954] page dumped because: kasan: bad access detected [ 13.699382] [ 13.699509] Memory state around the buggy address: [ 13.699767] ffff8881029a6b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.700277] ffff8881029a6b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.700648] >ffff8881029a6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.700992] ^ [ 13.701365] ffff8881029a6c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.701746] ffff8881029a6d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.702069] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.099180] ================================================================== [ 13.099671] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.100039] Read of size 1 at addr ffff888100fa1dc0 by task kunit_try_catch/232 [ 13.100876] [ 13.101141] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.101197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.101209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.101233] Call Trace: [ 13.101246] <TASK> [ 13.101332] dump_stack_lvl+0x73/0xb0 [ 13.101369] print_report+0xd1/0x610 [ 13.101395] ? __virt_addr_valid+0x1db/0x2d0 [ 13.101421] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.101446] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.101469] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.101494] kasan_report+0x141/0x180 [ 13.101516] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.101544] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.101569] __kasan_check_byte+0x3d/0x50 [ 13.101590] kmem_cache_destroy+0x25/0x1d0 [ 13.101614] kmem_cache_double_destroy+0x1bf/0x380 [ 13.101639] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.101665] ? __kasan_check_write+0x18/0x20 [ 13.101684] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.101709] ? irqentry_exit+0x2a/0x60 [ 13.101733] ? trace_hardirqs_on+0x37/0xe0 [ 13.101757] ? __pfx_read_tsc+0x10/0x10 [ 13.101778] ? ktime_get_ts64+0x86/0x230 [ 13.101804] kunit_try_run_case+0x1a5/0x480 [ 13.101830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.101854] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.101877] ? __kthread_parkme+0x82/0x180 [ 13.101899] ? preempt_count_sub+0x50/0x80 [ 13.101924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.101947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.101971] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.101995] kthread+0x337/0x6f0 [ 13.102133] ? trace_preempt_on+0x20/0xc0 [ 13.102158] ? __pfx_kthread+0x10/0x10 [ 13.102178] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.102200] ? calculate_sigpending+0x7b/0xa0 [ 13.102226] ? __pfx_kthread+0x10/0x10 [ 13.102247] ret_from_fork+0x116/0x1d0 [ 13.102266] ? __pfx_kthread+0x10/0x10 [ 13.102286] ret_from_fork_asm+0x1a/0x30 [ 13.102317] </TASK> [ 13.102329] [ 13.114850] Allocated by task 232: [ 13.115259] kasan_save_stack+0x45/0x70 [ 13.115464] kasan_save_track+0x18/0x40 [ 13.115639] kasan_save_alloc_info+0x3b/0x50 [ 13.115836] __kasan_slab_alloc+0x91/0xa0 [ 13.116030] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.116734] __kmem_cache_create_args+0x169/0x240 [ 13.116940] kmem_cache_double_destroy+0xd5/0x380 [ 13.117432] kunit_try_run_case+0x1a5/0x480 [ 13.117669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.118150] kthread+0x337/0x6f0 [ 13.118404] ret_from_fork+0x116/0x1d0 [ 13.118550] ret_from_fork_asm+0x1a/0x30 [ 13.118749] [ 13.118842] Freed by task 232: [ 13.118999] kasan_save_stack+0x45/0x70 [ 13.119551] kasan_save_track+0x18/0x40 [ 13.119724] kasan_save_free_info+0x3f/0x60 [ 13.120121] __kasan_slab_free+0x56/0x70 [ 13.120327] kmem_cache_free+0x249/0x420 [ 13.120639] slab_kmem_cache_release+0x2e/0x40 [ 13.120824] kmem_cache_release+0x16/0x20 [ 13.121153] kobject_put+0x181/0x450 [ 13.121331] sysfs_slab_release+0x16/0x20 [ 13.121947] kmem_cache_destroy+0xf0/0x1d0 [ 13.122122] kmem_cache_double_destroy+0x14e/0x380 [ 13.122690] kunit_try_run_case+0x1a5/0x480 [ 13.122886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.123340] kthread+0x337/0x6f0 [ 13.123515] ret_from_fork+0x116/0x1d0 [ 13.123838] ret_from_fork_asm+0x1a/0x30 [ 13.123987] [ 13.124247] The buggy address belongs to the object at ffff888100fa1dc0 [ 13.124247] which belongs to the cache kmem_cache of size 208 [ 13.124903] The buggy address is located 0 bytes inside of [ 13.124903] freed 208-byte region [ffff888100fa1dc0, ffff888100fa1e90) [ 13.125720] [ 13.125814] The buggy address belongs to the physical page: [ 13.126066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa1 [ 13.126557] flags: 0x200000000000000(node=0|zone=2) [ 13.126799] page_type: f5(slab) [ 13.126936] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.127368] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.128318] page dumped because: kasan: bad access detected [ 13.128517] [ 13.128590] Memory state around the buggy address: [ 13.128749] ffff888100fa1c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.128974] ffff888100fa1d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.129905] >ffff888100fa1d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.130286] ^ [ 13.130735] ffff888100fa1e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.131227] ffff888100fa1e80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.131806] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.048230] ================================================================== [ 13.048804] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.049277] Read of size 1 at addr ffff88810341e000 by task kunit_try_catch/230 [ 13.049668] [ 13.049769] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.049820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.049831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.049854] Call Trace: [ 13.049867] <TASK> [ 13.049885] dump_stack_lvl+0x73/0xb0 [ 13.049918] print_report+0xd1/0x610 [ 13.049942] ? __virt_addr_valid+0x1db/0x2d0 [ 13.049992] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.050027] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.050050] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.050073] kasan_report+0x141/0x180 [ 13.050095] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.050122] __asan_report_load1_noabort+0x18/0x20 [ 13.050209] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.050233] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.050256] ? finish_task_switch.isra.0+0x153/0x700 [ 13.050282] ? __switch_to+0x47/0xf50 [ 13.050312] ? __pfx_read_tsc+0x10/0x10 [ 13.050333] ? ktime_get_ts64+0x86/0x230 [ 13.050380] kunit_try_run_case+0x1a5/0x480 [ 13.050408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.050430] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.050455] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.050478] ? __kthread_parkme+0x82/0x180 [ 13.050499] ? preempt_count_sub+0x50/0x80 [ 13.050540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.050564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.050587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.050611] kthread+0x337/0x6f0 [ 13.050629] ? trace_preempt_on+0x20/0xc0 [ 13.050654] ? __pfx_kthread+0x10/0x10 [ 13.050674] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.050694] ? calculate_sigpending+0x7b/0xa0 [ 13.050719] ? __pfx_kthread+0x10/0x10 [ 13.050739] ret_from_fork+0x116/0x1d0 [ 13.050758] ? __pfx_kthread+0x10/0x10 [ 13.050778] ret_from_fork_asm+0x1a/0x30 [ 13.051243] </TASK> [ 13.051257] [ 13.061494] Allocated by task 230: [ 13.061711] kasan_save_stack+0x45/0x70 [ 13.062260] kasan_save_track+0x18/0x40 [ 13.062445] kasan_save_alloc_info+0x3b/0x50 [ 13.062664] __kasan_slab_alloc+0x91/0xa0 [ 13.062844] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.063176] kmem_cache_rcu_uaf+0x155/0x510 [ 13.063651] kunit_try_run_case+0x1a5/0x480 [ 13.063952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.064204] kthread+0x337/0x6f0 [ 13.064380] ret_from_fork+0x116/0x1d0 [ 13.064751] ret_from_fork_asm+0x1a/0x30 [ 13.065056] [ 13.065188] Freed by task 0: [ 13.065466] kasan_save_stack+0x45/0x70 [ 13.065670] kasan_save_track+0x18/0x40 [ 13.066002] kasan_save_free_info+0x3f/0x60 [ 13.066390] __kasan_slab_free+0x56/0x70 [ 13.066669] slab_free_after_rcu_debug+0xe4/0x310 [ 13.066882] rcu_core+0x66f/0x1c40 [ 13.067256] rcu_core_si+0x12/0x20 [ 13.067734] handle_softirqs+0x209/0x730 [ 13.067916] __irq_exit_rcu+0xc9/0x110 [ 13.068154] irq_exit_rcu+0x12/0x20 [ 13.068612] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.068813] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.069120] [ 13.069510] Last potentially related work creation: [ 13.069724] kasan_save_stack+0x45/0x70 [ 13.069919] kasan_record_aux_stack+0xb2/0xc0 [ 13.070199] kmem_cache_free+0x131/0x420 [ 13.070408] kmem_cache_rcu_uaf+0x194/0x510 [ 13.070635] kunit_try_run_case+0x1a5/0x480 [ 13.070843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.071102] kthread+0x337/0x6f0 [ 13.071425] ret_from_fork+0x116/0x1d0 [ 13.071704] ret_from_fork_asm+0x1a/0x30 [ 13.071885] [ 13.071991] The buggy address belongs to the object at ffff88810341e000 [ 13.071991] which belongs to the cache test_cache of size 200 [ 13.072660] The buggy address is located 0 bytes inside of [ 13.072660] freed 200-byte region [ffff88810341e000, ffff88810341e0c8) [ 13.073170] [ 13.073295] The buggy address belongs to the physical page: [ 13.073738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10341e [ 13.074087] flags: 0x200000000000000(node=0|zone=2) [ 13.074315] page_type: f5(slab) [ 13.074445] raw: 0200000000000000 ffff888100fa1c80 dead000000000122 0000000000000000 [ 13.074792] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.075123] page dumped because: kasan: bad access detected [ 13.075373] [ 13.075617] Memory state around the buggy address: [ 13.075786] ffff88810341df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.076159] ffff88810341df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.076378] >ffff88810341e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.076651] ^ [ 13.076812] ffff88810341e080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.077143] ffff88810341e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.077430] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.978795] ================================================================== [ 12.979394] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.979658] Free of addr ffff8881029c0001 by task kunit_try_catch/228 [ 12.979858] [ 12.979953] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.980002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.980025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.980047] Call Trace: [ 12.980060] <TASK> [ 12.980079] dump_stack_lvl+0x73/0xb0 [ 12.980111] print_report+0xd1/0x610 [ 12.980134] ? __virt_addr_valid+0x1db/0x2d0 [ 12.980160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.980182] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.980207] kasan_report_invalid_free+0x10a/0x130 [ 12.980231] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.980257] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.980281] check_slab_allocation+0x11f/0x130 [ 12.980302] __kasan_slab_pre_free+0x28/0x40 [ 12.980322] kmem_cache_free+0xed/0x420 [ 12.980343] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.980363] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.980389] kmem_cache_invalid_free+0x1d8/0x460 [ 12.980413] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.980454] ? finish_task_switch.isra.0+0x153/0x700 [ 12.980478] ? __switch_to+0x47/0xf50 [ 12.980507] ? __pfx_read_tsc+0x10/0x10 [ 12.980528] ? ktime_get_ts64+0x86/0x230 [ 12.980553] kunit_try_run_case+0x1a5/0x480 [ 12.980579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.980601] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.980625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.980648] ? __kthread_parkme+0x82/0x180 [ 12.980669] ? preempt_count_sub+0x50/0x80 [ 12.980691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.980714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.980737] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.980760] kthread+0x337/0x6f0 [ 12.980778] ? trace_preempt_on+0x20/0xc0 [ 12.980802] ? __pfx_kthread+0x10/0x10 [ 12.980821] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.980842] ? calculate_sigpending+0x7b/0xa0 [ 12.980875] ? __pfx_kthread+0x10/0x10 [ 12.980896] ret_from_fork+0x116/0x1d0 [ 12.980914] ? __pfx_kthread+0x10/0x10 [ 12.980933] ret_from_fork_asm+0x1a/0x30 [ 12.980964] </TASK> [ 12.980975] [ 12.994612] Allocated by task 228: [ 12.994794] kasan_save_stack+0x45/0x70 [ 12.994993] kasan_save_track+0x18/0x40 [ 12.995683] kasan_save_alloc_info+0x3b/0x50 [ 12.996001] __kasan_slab_alloc+0x91/0xa0 [ 12.996427] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.996636] kmem_cache_invalid_free+0x157/0x460 [ 12.996842] kunit_try_run_case+0x1a5/0x480 [ 12.997332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.997788] kthread+0x337/0x6f0 [ 12.998119] ret_from_fork+0x116/0x1d0 [ 12.998537] ret_from_fork_asm+0x1a/0x30 [ 12.998724] [ 12.998817] The buggy address belongs to the object at ffff8881029c0000 [ 12.998817] which belongs to the cache test_cache of size 200 [ 12.999900] The buggy address is located 1 bytes inside of [ 12.999900] 200-byte region [ffff8881029c0000, ffff8881029c00c8) [ 13.000714] [ 13.000815] The buggy address belongs to the physical page: [ 13.001084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029c0 [ 13.001404] flags: 0x200000000000000(node=0|zone=2) [ 13.002097] page_type: f5(slab) [ 13.002572] raw: 0200000000000000 ffff888103419000 dead000000000122 0000000000000000 [ 13.003265] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.003976] page dumped because: kasan: bad access detected [ 13.004670] [ 13.004765] Memory state around the buggy address: [ 13.004986] ffff8881029bff00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 13.005803] ffff8881029bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.006314] >ffff8881029c0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.006797] ^ [ 13.007306] ffff8881029c0080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.007770] ffff8881029c0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.008363] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.934521] ================================================================== [ 12.935652] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.936284] Free of addr ffff88810341c000 by task kunit_try_catch/226 [ 12.936749] [ 12.936895] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.936949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.936971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.936992] Call Trace: [ 12.937006] <TASK> [ 12.937032] dump_stack_lvl+0x73/0xb0 [ 12.937066] print_report+0xd1/0x610 [ 12.937089] ? __virt_addr_valid+0x1db/0x2d0 [ 12.937114] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.937136] ? kmem_cache_double_free+0x1e5/0x480 [ 12.937162] kasan_report_invalid_free+0x10a/0x130 [ 12.937262] ? kmem_cache_double_free+0x1e5/0x480 [ 12.937290] ? kmem_cache_double_free+0x1e5/0x480 [ 12.937314] check_slab_allocation+0x101/0x130 [ 12.937336] __kasan_slab_pre_free+0x28/0x40 [ 12.937356] kmem_cache_free+0xed/0x420 [ 12.937377] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.937397] ? kmem_cache_double_free+0x1e5/0x480 [ 12.937424] kmem_cache_double_free+0x1e5/0x480 [ 12.937448] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.937472] ? finish_task_switch.isra.0+0x153/0x700 [ 12.937495] ? __switch_to+0x47/0xf50 [ 12.937523] ? __pfx_read_tsc+0x10/0x10 [ 12.937544] ? ktime_get_ts64+0x86/0x230 [ 12.937568] kunit_try_run_case+0x1a5/0x480 [ 12.937594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.937617] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.937642] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.937665] ? __kthread_parkme+0x82/0x180 [ 12.937686] ? preempt_count_sub+0x50/0x80 [ 12.937709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.937732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.937756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.937779] kthread+0x337/0x6f0 [ 12.937798] ? trace_preempt_on+0x20/0xc0 [ 12.937821] ? __pfx_kthread+0x10/0x10 [ 12.937841] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.937862] ? calculate_sigpending+0x7b/0xa0 [ 12.937886] ? __pfx_kthread+0x10/0x10 [ 12.937906] ret_from_fork+0x116/0x1d0 [ 12.937924] ? __pfx_kthread+0x10/0x10 [ 12.937944] ret_from_fork_asm+0x1a/0x30 [ 12.937975] </TASK> [ 12.937985] [ 12.951672] Allocated by task 226: [ 12.952137] kasan_save_stack+0x45/0x70 [ 12.952649] kasan_save_track+0x18/0x40 [ 12.953091] kasan_save_alloc_info+0x3b/0x50 [ 12.953455] __kasan_slab_alloc+0x91/0xa0 [ 12.953720] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.954130] kmem_cache_double_free+0x14f/0x480 [ 12.954307] kunit_try_run_case+0x1a5/0x480 [ 12.954762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.955255] kthread+0x337/0x6f0 [ 12.955382] ret_from_fork+0x116/0x1d0 [ 12.955681] ret_from_fork_asm+0x1a/0x30 [ 12.956168] [ 12.956331] Freed by task 226: [ 12.956664] kasan_save_stack+0x45/0x70 [ 12.956922] kasan_save_track+0x18/0x40 [ 12.957279] kasan_save_free_info+0x3f/0x60 [ 12.957623] __kasan_slab_free+0x56/0x70 [ 12.957857] kmem_cache_free+0x249/0x420 [ 12.957997] kmem_cache_double_free+0x16a/0x480 [ 12.958649] kunit_try_run_case+0x1a5/0x480 [ 12.959106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.959481] kthread+0x337/0x6f0 [ 12.959796] ret_from_fork+0x116/0x1d0 [ 12.960197] ret_from_fork_asm+0x1a/0x30 [ 12.960458] [ 12.960626] The buggy address belongs to the object at ffff88810341c000 [ 12.960626] which belongs to the cache test_cache of size 200 [ 12.961418] The buggy address is located 0 bytes inside of [ 12.961418] 200-byte region [ffff88810341c000, ffff88810341c0c8) [ 12.962411] [ 12.962585] The buggy address belongs to the physical page: [ 12.963006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10341c [ 12.963313] flags: 0x200000000000000(node=0|zone=2) [ 12.963644] page_type: f5(slab) [ 12.964003] raw: 0200000000000000 ffff888100fa1b40 dead000000000122 0000000000000000 [ 12.964755] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.965593] page dumped because: kasan: bad access detected [ 12.966137] [ 12.966409] Memory state around the buggy address: [ 12.966806] ffff88810341bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.967303] ffff88810341bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.967851] >ffff88810341c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.968694] ^ [ 12.969038] ffff88810341c080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.969264] ffff88810341c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.969558] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.888585] ================================================================== [ 12.889085] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.889734] Read of size 1 at addr ffff8881034190c8 by task kunit_try_catch/224 [ 12.890423] [ 12.890726] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.890795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.890808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.890830] Call Trace: [ 12.890843] <TASK> [ 12.890860] dump_stack_lvl+0x73/0xb0 [ 12.890904] print_report+0xd1/0x610 [ 12.890927] ? __virt_addr_valid+0x1db/0x2d0 [ 12.890950] ? kmem_cache_oob+0x402/0x530 [ 12.890983] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.891006] ? kmem_cache_oob+0x402/0x530 [ 12.891037] kasan_report+0x141/0x180 [ 12.891058] ? kmem_cache_oob+0x402/0x530 [ 12.891094] __asan_report_load1_noabort+0x18/0x20 [ 12.891133] kmem_cache_oob+0x402/0x530 [ 12.891208] ? trace_hardirqs_on+0x37/0xe0 [ 12.891236] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.891259] ? finish_task_switch.isra.0+0x153/0x700 [ 12.891281] ? __switch_to+0x47/0xf50 [ 12.891309] ? __pfx_read_tsc+0x10/0x10 [ 12.891330] ? ktime_get_ts64+0x86/0x230 [ 12.891354] kunit_try_run_case+0x1a5/0x480 [ 12.891381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.891403] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.891428] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.891451] ? __kthread_parkme+0x82/0x180 [ 12.891472] ? preempt_count_sub+0x50/0x80 [ 12.891495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.891519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.891543] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.891566] kthread+0x337/0x6f0 [ 12.891585] ? trace_preempt_on+0x20/0xc0 [ 12.891606] ? __pfx_kthread+0x10/0x10 [ 12.891626] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.891647] ? calculate_sigpending+0x7b/0xa0 [ 12.891671] ? __pfx_kthread+0x10/0x10 [ 12.891693] ret_from_fork+0x116/0x1d0 [ 12.891711] ? __pfx_kthread+0x10/0x10 [ 12.891730] ret_from_fork_asm+0x1a/0x30 [ 12.891761] </TASK> [ 12.891772] [ 12.904591] Allocated by task 224: [ 12.904978] kasan_save_stack+0x45/0x70 [ 12.905464] kasan_save_track+0x18/0x40 [ 12.905740] kasan_save_alloc_info+0x3b/0x50 [ 12.905893] __kasan_slab_alloc+0x91/0xa0 [ 12.906121] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.906575] kmem_cache_oob+0x157/0x530 [ 12.907037] kunit_try_run_case+0x1a5/0x480 [ 12.907473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.908052] kthread+0x337/0x6f0 [ 12.908339] ret_from_fork+0x116/0x1d0 [ 12.908706] ret_from_fork_asm+0x1a/0x30 [ 12.909190] [ 12.909354] The buggy address belongs to the object at ffff888103419000 [ 12.909354] which belongs to the cache test_cache of size 200 [ 12.910121] The buggy address is located 0 bytes to the right of [ 12.910121] allocated 200-byte region [ffff888103419000, ffff8881034190c8) [ 12.910835] [ 12.910909] The buggy address belongs to the physical page: [ 12.911215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103419 [ 12.911992] flags: 0x200000000000000(node=0|zone=2) [ 12.912650] page_type: f5(slab) [ 12.913088] raw: 0200000000000000 ffff888100fa1a00 dead000000000122 0000000000000000 [ 12.913765] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.913996] page dumped because: kasan: bad access detected [ 12.914633] [ 12.914826] Memory state around the buggy address: [ 12.915337] ffff888103418f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.915852] ffff888103419000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.916474] >ffff888103419080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.917149] ^ [ 12.917708] ffff888103419100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.917934] ffff888103419180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.918459] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.833752] ================================================================== [ 12.834887] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.835631] Read of size 8 at addr ffff888103410d40 by task kunit_try_catch/217 [ 12.835861] [ 12.835954] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.836004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.836025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.836047] Call Trace: [ 12.836061] <TASK> [ 12.836079] dump_stack_lvl+0x73/0xb0 [ 12.836110] print_report+0xd1/0x610 [ 12.836133] ? __virt_addr_valid+0x1db/0x2d0 [ 12.836156] ? workqueue_uaf+0x4d6/0x560 [ 12.836177] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.836199] ? workqueue_uaf+0x4d6/0x560 [ 12.836220] kasan_report+0x141/0x180 [ 12.836241] ? workqueue_uaf+0x4d6/0x560 [ 12.836266] __asan_report_load8_noabort+0x18/0x20 [ 12.836290] workqueue_uaf+0x4d6/0x560 [ 12.836311] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.836332] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.836357] ? trace_hardirqs_on+0x37/0xe0 [ 12.836381] ? __pfx_read_tsc+0x10/0x10 [ 12.836402] ? ktime_get_ts64+0x86/0x230 [ 12.836426] kunit_try_run_case+0x1a5/0x480 [ 12.836451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.836475] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.836503] ? __kthread_parkme+0x82/0x180 [ 12.836527] ? preempt_count_sub+0x50/0x80 [ 12.836550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.836573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.836596] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.836620] kthread+0x337/0x6f0 [ 12.836638] ? trace_preempt_on+0x20/0xc0 [ 12.836659] ? __pfx_kthread+0x10/0x10 [ 12.836678] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.836699] ? calculate_sigpending+0x7b/0xa0 [ 12.836724] ? __pfx_kthread+0x10/0x10 [ 12.836744] ret_from_fork+0x116/0x1d0 [ 12.836762] ? __pfx_kthread+0x10/0x10 [ 12.836781] ret_from_fork_asm+0x1a/0x30 [ 12.836812] </TASK> [ 12.836822] [ 12.851840] Allocated by task 217: [ 12.852437] kasan_save_stack+0x45/0x70 [ 12.852704] kasan_save_track+0x18/0x40 [ 12.852841] kasan_save_alloc_info+0x3b/0x50 [ 12.852998] __kasan_kmalloc+0xb7/0xc0 [ 12.853386] __kmalloc_cache_noprof+0x189/0x420 [ 12.853982] workqueue_uaf+0x152/0x560 [ 12.854438] kunit_try_run_case+0x1a5/0x480 [ 12.854897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.855382] kthread+0x337/0x6f0 [ 12.855754] ret_from_fork+0x116/0x1d0 [ 12.855915] ret_from_fork_asm+0x1a/0x30 [ 12.856404] [ 12.856593] Freed by task 44: [ 12.856916] kasan_save_stack+0x45/0x70 [ 12.857426] kasan_save_track+0x18/0x40 [ 12.857631] kasan_save_free_info+0x3f/0x60 [ 12.858019] __kasan_slab_free+0x56/0x70 [ 12.858396] kfree+0x222/0x3f0 [ 12.858735] workqueue_uaf_work+0x12/0x20 [ 12.858923] process_one_work+0x5ee/0xf60 [ 12.859166] worker_thread+0x758/0x1220 [ 12.859569] kthread+0x337/0x6f0 [ 12.859998] ret_from_fork+0x116/0x1d0 [ 12.860688] ret_from_fork_asm+0x1a/0x30 [ 12.860900] [ 12.860981] Last potentially related work creation: [ 12.861537] kasan_save_stack+0x45/0x70 [ 12.861922] kasan_record_aux_stack+0xb2/0xc0 [ 12.862296] __queue_work+0x626/0xeb0 [ 12.862512] queue_work_on+0xb6/0xc0 [ 12.862960] workqueue_uaf+0x26d/0x560 [ 12.863449] kunit_try_run_case+0x1a5/0x480 [ 12.863763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.864400] kthread+0x337/0x6f0 [ 12.864690] ret_from_fork+0x116/0x1d0 [ 12.864827] ret_from_fork_asm+0x1a/0x30 [ 12.864971] [ 12.865119] The buggy address belongs to the object at ffff888103410d40 [ 12.865119] which belongs to the cache kmalloc-32 of size 32 [ 12.866361] The buggy address is located 0 bytes inside of [ 12.866361] freed 32-byte region [ffff888103410d40, ffff888103410d60) [ 12.867475] [ 12.867575] The buggy address belongs to the physical page: [ 12.867751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103410 [ 12.867993] flags: 0x200000000000000(node=0|zone=2) [ 12.868740] page_type: f5(slab) [ 12.869129] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.870026] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.870730] page dumped because: kasan: bad access detected [ 12.871284] [ 12.871357] Memory state around the buggy address: [ 12.871726] ffff888103410c00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.872446] ffff888103410c80: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 12.872896] >ffff888103410d00: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 12.873396] ^ [ 12.873962] ffff888103410d80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.874551] ffff888103410e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.874772] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.778158] ================================================================== [ 12.779057] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.779588] Read of size 4 at addr ffff888103410bc0 by task swapper/1/0 [ 12.780264] [ 12.780525] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.780575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.780586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.780608] Call Trace: [ 12.780642] <IRQ> [ 12.780661] dump_stack_lvl+0x73/0xb0 [ 12.780695] print_report+0xd1/0x610 [ 12.780719] ? __virt_addr_valid+0x1db/0x2d0 [ 12.780743] ? rcu_uaf_reclaim+0x50/0x60 [ 12.780762] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.780784] ? rcu_uaf_reclaim+0x50/0x60 [ 12.780804] kasan_report+0x141/0x180 [ 12.780825] ? rcu_uaf_reclaim+0x50/0x60 [ 12.780855] __asan_report_load4_noabort+0x18/0x20 [ 12.780880] rcu_uaf_reclaim+0x50/0x60 [ 12.780900] rcu_core+0x66f/0x1c40 [ 12.780928] ? __pfx_rcu_core+0x10/0x10 [ 12.780949] ? ktime_get+0x6b/0x150 [ 12.780974] rcu_core_si+0x12/0x20 [ 12.780993] handle_softirqs+0x209/0x730 [ 12.781116] ? hrtimer_interrupt+0x2fe/0x780 [ 12.781142] ? __pfx_handle_softirqs+0x10/0x10 [ 12.781180] __irq_exit_rcu+0xc9/0x110 [ 12.781200] irq_exit_rcu+0x12/0x20 [ 12.781220] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.781247] </IRQ> [ 12.781276] <TASK> [ 12.781286] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.781378] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.781590] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 62 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.781672] RSP: 0000:ffff888100877dc8 EFLAGS: 00010216 [ 12.781758] RAX: ffff88819ef72000 RBX: ffff888100853000 RCX: ffffffffb9c76125 [ 12.781802] RDX: ffffed102b62618b RSI: 0000000000000004 RDI: 000000000001343c [ 12.781844] RBP: ffff888100877dd0 R08: 0000000000000001 R09: ffffed102b62618a [ 12.781886] R10: ffff88815b130c53 R11: 0000000000041000 R12: 0000000000000001 [ 12.781927] R13: ffffed102010a600 R14: ffffffffbb9b1490 R15: 0000000000000000 [ 12.781981] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.782098] ? default_idle+0xd/0x20 [ 12.782127] arch_cpu_idle+0xd/0x20 [ 12.782148] default_idle_call+0x48/0x80 [ 12.782167] do_idle+0x379/0x4f0 [ 12.782193] ? __pfx_do_idle+0x10/0x10 [ 12.782213] ? common_startup_64+0x13e/0x148 [ 12.782242] cpu_startup_entry+0x5c/0x70 [ 12.782261] start_secondary+0x211/0x290 [ 12.782283] ? __pfx_start_secondary+0x10/0x10 [ 12.782307] common_startup_64+0x13e/0x148 [ 12.782337] </TASK> [ 12.782347] [ 12.800047] Allocated by task 215: [ 12.800494] kasan_save_stack+0x45/0x70 [ 12.800987] kasan_save_track+0x18/0x40 [ 12.801225] kasan_save_alloc_info+0x3b/0x50 [ 12.801763] __kasan_kmalloc+0xb7/0xc0 [ 12.801956] __kmalloc_cache_noprof+0x189/0x420 [ 12.802481] rcu_uaf+0xb0/0x330 [ 12.802801] kunit_try_run_case+0x1a5/0x480 [ 12.802962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.803962] kthread+0x337/0x6f0 [ 12.804402] ret_from_fork+0x116/0x1d0 [ 12.804684] ret_from_fork_asm+0x1a/0x30 [ 12.804832] [ 12.804915] Freed by task 0: [ 12.805120] kasan_save_stack+0x45/0x70 [ 12.805530] kasan_save_track+0x18/0x40 [ 12.805982] kasan_save_free_info+0x3f/0x60 [ 12.806488] __kasan_slab_free+0x56/0x70 [ 12.806889] kfree+0x222/0x3f0 [ 12.807288] rcu_uaf_reclaim+0x1f/0x60 [ 12.807451] rcu_core+0x66f/0x1c40 [ 12.807772] rcu_core_si+0x12/0x20 [ 12.807981] handle_softirqs+0x209/0x730 [ 12.808404] __irq_exit_rcu+0xc9/0x110 [ 12.808840] irq_exit_rcu+0x12/0x20 [ 12.809227] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.809404] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.809905] [ 12.810148] Last potentially related work creation: [ 12.810727] kasan_save_stack+0x45/0x70 [ 12.810905] kasan_record_aux_stack+0xb2/0xc0 [ 12.811155] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 12.811661] call_rcu+0x12/0x20 [ 12.811978] rcu_uaf+0x168/0x330 [ 12.812416] kunit_try_run_case+0x1a5/0x480 [ 12.812734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.813088] kthread+0x337/0x6f0 [ 12.813784] ret_from_fork+0x116/0x1d0 [ 12.814140] ret_from_fork_asm+0x1a/0x30 [ 12.814313] [ 12.814400] The buggy address belongs to the object at ffff888103410bc0 [ 12.814400] which belongs to the cache kmalloc-32 of size 32 [ 12.814764] The buggy address is located 0 bytes inside of [ 12.814764] freed 32-byte region [ffff888103410bc0, ffff888103410be0) [ 12.815359] [ 12.815583] The buggy address belongs to the physical page: [ 12.816117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103410 [ 12.816884] flags: 0x200000000000000(node=0|zone=2) [ 12.817525] page_type: f5(slab) [ 12.817972] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.819125] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.819904] page dumped because: kasan: bad access detected [ 12.820567] [ 12.820644] Memory state around the buggy address: [ 12.820805] ffff888103410a80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.821044] ffff888103410b00: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 12.821262] >ffff888103410b80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.821644] ^ [ 12.822200] ffff888103410c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.823024] ffff888103410c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.824003] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.657794] ================================================================== [ 12.659199] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 12.660117] Read of size 1 at addr ffff888102b7d500 by task kunit_try_catch/213 [ 12.660763] [ 12.661038] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.661092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.661104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.661126] Call Trace: [ 12.661141] <TASK> [ 12.661161] dump_stack_lvl+0x73/0xb0 [ 12.661220] print_report+0xd1/0x610 [ 12.661343] ? __virt_addr_valid+0x1db/0x2d0 [ 12.661369] ? ksize_uaf+0x19d/0x6c0 [ 12.661389] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.661411] ? ksize_uaf+0x19d/0x6c0 [ 12.661432] kasan_report+0x141/0x180 [ 12.661453] ? ksize_uaf+0x19d/0x6c0 [ 12.661476] ? ksize_uaf+0x19d/0x6c0 [ 12.661496] __kasan_check_byte+0x3d/0x50 [ 12.661518] ksize+0x20/0x60 [ 12.661539] ksize_uaf+0x19d/0x6c0 [ 12.661558] ? __pfx_ksize_uaf+0x10/0x10 [ 12.661579] ? __schedule+0x10cc/0x2b60 [ 12.661602] ? __pfx_read_tsc+0x10/0x10 [ 12.661623] ? ktime_get_ts64+0x86/0x230 [ 12.661648] kunit_try_run_case+0x1a5/0x480 [ 12.661674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.661696] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.661720] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.661743] ? __kthread_parkme+0x82/0x180 [ 12.661764] ? preempt_count_sub+0x50/0x80 [ 12.661789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.661812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.661835] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.661858] kthread+0x337/0x6f0 [ 12.661877] ? trace_preempt_on+0x20/0xc0 [ 12.661900] ? __pfx_kthread+0x10/0x10 [ 12.661919] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.661941] ? calculate_sigpending+0x7b/0xa0 [ 12.661966] ? __pfx_kthread+0x10/0x10 [ 12.661986] ret_from_fork+0x116/0x1d0 [ 12.662005] ? __pfx_kthread+0x10/0x10 [ 12.662034] ret_from_fork_asm+0x1a/0x30 [ 12.662066] </TASK> [ 12.662077] [ 12.677126] Allocated by task 213: [ 12.677327] kasan_save_stack+0x45/0x70 [ 12.677668] kasan_save_track+0x18/0x40 [ 12.678082] kasan_save_alloc_info+0x3b/0x50 [ 12.678538] __kasan_kmalloc+0xb7/0xc0 [ 12.678924] __kmalloc_cache_noprof+0x189/0x420 [ 12.679233] ksize_uaf+0xaa/0x6c0 [ 12.679387] kunit_try_run_case+0x1a5/0x480 [ 12.679653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.680284] kthread+0x337/0x6f0 [ 12.680814] ret_from_fork+0x116/0x1d0 [ 12.681302] ret_from_fork_asm+0x1a/0x30 [ 12.681802] [ 12.682033] Freed by task 213: [ 12.682420] kasan_save_stack+0x45/0x70 [ 12.682709] kasan_save_track+0x18/0x40 [ 12.682847] kasan_save_free_info+0x3f/0x60 [ 12.682995] __kasan_slab_free+0x56/0x70 [ 12.683476] kfree+0x222/0x3f0 [ 12.683865] ksize_uaf+0x12c/0x6c0 [ 12.684260] kunit_try_run_case+0x1a5/0x480 [ 12.684731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.685405] kthread+0x337/0x6f0 [ 12.685539] ret_from_fork+0x116/0x1d0 [ 12.685671] ret_from_fork_asm+0x1a/0x30 [ 12.685812] [ 12.685885] The buggy address belongs to the object at ffff888102b7d500 [ 12.685885] which belongs to the cache kmalloc-128 of size 128 [ 12.686958] The buggy address is located 0 bytes inside of [ 12.686958] freed 128-byte region [ffff888102b7d500, ffff888102b7d580) [ 12.688258] [ 12.688536] The buggy address belongs to the physical page: [ 12.689155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b7d [ 12.689909] flags: 0x200000000000000(node=0|zone=2) [ 12.690342] page_type: f5(slab) [ 12.690698] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.691210] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.692103] page dumped because: kasan: bad access detected [ 12.692340] [ 12.692410] Memory state around the buggy address: [ 12.692959] ffff888102b7d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.693646] ffff888102b7d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.693871] >ffff888102b7d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.694119] ^ [ 12.694241] ffff888102b7d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.694564] ffff888102b7d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.695456] ================================================================== [ 12.734987] ================================================================== [ 12.735697] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 12.735919] Read of size 1 at addr ffff888102b7d578 by task kunit_try_catch/213 [ 12.736531] [ 12.736797] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.736844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.736860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.736882] Call Trace: [ 12.736895] <TASK> [ 12.736912] dump_stack_lvl+0x73/0xb0 [ 12.736964] print_report+0xd1/0x610 [ 12.736987] ? __virt_addr_valid+0x1db/0x2d0 [ 12.737019] ? ksize_uaf+0x5e4/0x6c0 [ 12.737105] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.737142] ? ksize_uaf+0x5e4/0x6c0 [ 12.737162] kasan_report+0x141/0x180 [ 12.737184] ? ksize_uaf+0x5e4/0x6c0 [ 12.737209] __asan_report_load1_noabort+0x18/0x20 [ 12.737233] ksize_uaf+0x5e4/0x6c0 [ 12.737253] ? __pfx_ksize_uaf+0x10/0x10 [ 12.737274] ? __schedule+0x10cc/0x2b60 [ 12.737296] ? __pfx_read_tsc+0x10/0x10 [ 12.737316] ? ktime_get_ts64+0x86/0x230 [ 12.737342] kunit_try_run_case+0x1a5/0x480 [ 12.737365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.737386] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.737411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.737449] ? __kthread_parkme+0x82/0x180 [ 12.737470] ? preempt_count_sub+0x50/0x80 [ 12.737494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.737517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.737541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.737565] kthread+0x337/0x6f0 [ 12.737584] ? trace_preempt_on+0x20/0xc0 [ 12.737609] ? __pfx_kthread+0x10/0x10 [ 12.737629] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.737652] ? calculate_sigpending+0x7b/0xa0 [ 12.737676] ? __pfx_kthread+0x10/0x10 [ 12.737697] ret_from_fork+0x116/0x1d0 [ 12.737715] ? __pfx_kthread+0x10/0x10 [ 12.737735] ret_from_fork_asm+0x1a/0x30 [ 12.737765] </TASK> [ 12.737775] [ 12.751345] Allocated by task 213: [ 12.751556] kasan_save_stack+0x45/0x70 [ 12.751713] kasan_save_track+0x18/0x40 [ 12.751849] kasan_save_alloc_info+0x3b/0x50 [ 12.751997] __kasan_kmalloc+0xb7/0xc0 [ 12.752644] __kmalloc_cache_noprof+0x189/0x420 [ 12.753174] ksize_uaf+0xaa/0x6c0 [ 12.753576] kunit_try_run_case+0x1a5/0x480 [ 12.754053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.754685] kthread+0x337/0x6f0 [ 12.755133] ret_from_fork+0x116/0x1d0 [ 12.755324] ret_from_fork_asm+0x1a/0x30 [ 12.755617] [ 12.755775] Freed by task 213: [ 12.756215] kasan_save_stack+0x45/0x70 [ 12.756654] kasan_save_track+0x18/0x40 [ 12.756815] kasan_save_free_info+0x3f/0x60 [ 12.756969] __kasan_slab_free+0x56/0x70 [ 12.757607] kfree+0x222/0x3f0 [ 12.757950] ksize_uaf+0x12c/0x6c0 [ 12.758387] kunit_try_run_case+0x1a5/0x480 [ 12.758809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.758991] kthread+0x337/0x6f0 [ 12.759461] ret_from_fork+0x116/0x1d0 [ 12.759867] ret_from_fork_asm+0x1a/0x30 [ 12.760347] [ 12.760433] The buggy address belongs to the object at ffff888102b7d500 [ 12.760433] which belongs to the cache kmalloc-128 of size 128 [ 12.761502] The buggy address is located 120 bytes inside of [ 12.761502] freed 128-byte region [ffff888102b7d500, ffff888102b7d580) [ 12.762282] [ 12.762510] The buggy address belongs to the physical page: [ 12.763097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b7d [ 12.763637] flags: 0x200000000000000(node=0|zone=2) [ 12.763810] page_type: f5(slab) [ 12.763933] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.764662] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.765404] page dumped because: kasan: bad access detected [ 12.765940] [ 12.766152] Memory state around the buggy address: [ 12.766415] ffff888102b7d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.766639] ffff888102b7d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.766857] >ffff888102b7d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.767439] ^ [ 12.768152] ffff888102b7d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.768883] ffff888102b7d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.769673] ================================================================== [ 12.696640] ================================================================== [ 12.698390] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 12.699152] Read of size 1 at addr ffff888102b7d500 by task kunit_try_catch/213 [ 12.699949] [ 12.700258] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.700310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.700322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.700343] Call Trace: [ 12.700356] <TASK> [ 12.700374] dump_stack_lvl+0x73/0xb0 [ 12.700406] print_report+0xd1/0x610 [ 12.700438] ? __virt_addr_valid+0x1db/0x2d0 [ 12.700461] ? ksize_uaf+0x5fe/0x6c0 [ 12.700481] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.700504] ? ksize_uaf+0x5fe/0x6c0 [ 12.700524] kasan_report+0x141/0x180 [ 12.700545] ? ksize_uaf+0x5fe/0x6c0 [ 12.700570] __asan_report_load1_noabort+0x18/0x20 [ 12.700594] ksize_uaf+0x5fe/0x6c0 [ 12.700613] ? __pfx_ksize_uaf+0x10/0x10 [ 12.700634] ? __schedule+0x10cc/0x2b60 [ 12.700656] ? __pfx_read_tsc+0x10/0x10 [ 12.700677] ? ktime_get_ts64+0x86/0x230 [ 12.700701] kunit_try_run_case+0x1a5/0x480 [ 12.700725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.700747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.700771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.700793] ? __kthread_parkme+0x82/0x180 [ 12.700814] ? preempt_count_sub+0x50/0x80 [ 12.700838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.700871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.700894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.700918] kthread+0x337/0x6f0 [ 12.700937] ? trace_preempt_on+0x20/0xc0 [ 12.700960] ? __pfx_kthread+0x10/0x10 [ 12.700979] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.701000] ? calculate_sigpending+0x7b/0xa0 [ 12.701279] ? __pfx_kthread+0x10/0x10 [ 12.701301] ret_from_fork+0x116/0x1d0 [ 12.701321] ? __pfx_kthread+0x10/0x10 [ 12.701341] ret_from_fork_asm+0x1a/0x30 [ 12.701372] </TASK> [ 12.701382] [ 12.714718] Allocated by task 213: [ 12.715104] kasan_save_stack+0x45/0x70 [ 12.715570] kasan_save_track+0x18/0x40 [ 12.715716] kasan_save_alloc_info+0x3b/0x50 [ 12.715867] __kasan_kmalloc+0xb7/0xc0 [ 12.716000] __kmalloc_cache_noprof+0x189/0x420 [ 12.716687] ksize_uaf+0xaa/0x6c0 [ 12.717098] kunit_try_run_case+0x1a5/0x480 [ 12.717934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.718623] kthread+0x337/0x6f0 [ 12.718807] ret_from_fork+0x116/0x1d0 [ 12.718943] ret_from_fork_asm+0x1a/0x30 [ 12.719268] [ 12.719471] Freed by task 213: [ 12.719839] kasan_save_stack+0x45/0x70 [ 12.720247] kasan_save_track+0x18/0x40 [ 12.720744] kasan_save_free_info+0x3f/0x60 [ 12.721253] __kasan_slab_free+0x56/0x70 [ 12.721645] kfree+0x222/0x3f0 [ 12.721770] ksize_uaf+0x12c/0x6c0 [ 12.721897] kunit_try_run_case+0x1a5/0x480 [ 12.722404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.722943] kthread+0x337/0x6f0 [ 12.723374] ret_from_fork+0x116/0x1d0 [ 12.723818] ret_from_fork_asm+0x1a/0x30 [ 12.724237] [ 12.724524] The buggy address belongs to the object at ffff888102b7d500 [ 12.724524] which belongs to the cache kmalloc-128 of size 128 [ 12.725544] The buggy address is located 0 bytes inside of [ 12.725544] freed 128-byte region [ffff888102b7d500, ffff888102b7d580) [ 12.726102] [ 12.726401] The buggy address belongs to the physical page: [ 12.726981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b7d [ 12.727816] flags: 0x200000000000000(node=0|zone=2) [ 12.727992] page_type: f5(slab) [ 12.728438] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.729201] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.729728] page dumped because: kasan: bad access detected [ 12.729906] [ 12.729977] Memory state around the buggy address: [ 12.730509] ffff888102b7d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.731285] ffff888102b7d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.732050] >ffff888102b7d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.732452] ^ [ 12.732805] ffff888102b7d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.733496] ffff888102b7d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.734158] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.634103] ================================================================== [ 12.634688] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.635078] Read of size 1 at addr ffff8881029a697f by task kunit_try_catch/211 [ 12.635348] [ 12.635459] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.635503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.635514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.635535] Call Trace: [ 12.635553] <TASK> [ 12.635569] dump_stack_lvl+0x73/0xb0 [ 12.635598] print_report+0xd1/0x610 [ 12.635620] ? __virt_addr_valid+0x1db/0x2d0 [ 12.635642] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.635665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.635687] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.635710] kasan_report+0x141/0x180 [ 12.635731] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.635758] __asan_report_load1_noabort+0x18/0x20 [ 12.635782] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.635805] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.635828] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.635857] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.635884] kunit_try_run_case+0x1a5/0x480 [ 12.635908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.635930] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.635953] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.635976] ? __kthread_parkme+0x82/0x180 [ 12.635996] ? preempt_count_sub+0x50/0x80 [ 12.636030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.636053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.636076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.636099] kthread+0x337/0x6f0 [ 12.636118] ? trace_preempt_on+0x20/0xc0 [ 12.636140] ? __pfx_kthread+0x10/0x10 [ 12.636159] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.636180] ? calculate_sigpending+0x7b/0xa0 [ 12.636203] ? __pfx_kthread+0x10/0x10 [ 12.636223] ret_from_fork+0x116/0x1d0 [ 12.636242] ? __pfx_kthread+0x10/0x10 [ 12.636261] ret_from_fork_asm+0x1a/0x30 [ 12.636292] </TASK> [ 12.636302] [ 12.644519] Allocated by task 211: [ 12.644668] kasan_save_stack+0x45/0x70 [ 12.644988] kasan_save_track+0x18/0x40 [ 12.645397] kasan_save_alloc_info+0x3b/0x50 [ 12.645613] __kasan_kmalloc+0xb7/0xc0 [ 12.645798] __kmalloc_cache_noprof+0x189/0x420 [ 12.645977] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.646550] kunit_try_run_case+0x1a5/0x480 [ 12.646706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.646886] kthread+0x337/0x6f0 [ 12.647103] ret_from_fork+0x116/0x1d0 [ 12.647512] ret_from_fork_asm+0x1a/0x30 [ 12.647742] [ 12.647862] The buggy address belongs to the object at ffff8881029a6900 [ 12.647862] which belongs to the cache kmalloc-128 of size 128 [ 12.648424] The buggy address is located 12 bytes to the right of [ 12.648424] allocated 115-byte region [ffff8881029a6900, ffff8881029a6973) [ 12.648909] [ 12.649003] The buggy address belongs to the physical page: [ 12.649352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 12.649715] flags: 0x200000000000000(node=0|zone=2) [ 12.649876] page_type: f5(slab) [ 12.649994] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.650348] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.650941] page dumped because: kasan: bad access detected [ 12.651520] [ 12.651631] Memory state around the buggy address: [ 12.651811] ffff8881029a6800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.652208] ffff8881029a6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.652562] >ffff8881029a6900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.652851] ^ [ 12.653253] ffff8881029a6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.653626] ffff8881029a6a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.653879] ================================================================== [ 12.613731] ================================================================== [ 12.614304] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.614674] Read of size 1 at addr ffff8881029a6978 by task kunit_try_catch/211 [ 12.614952] [ 12.615074] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.615120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.615131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.615153] Call Trace: [ 12.615165] <TASK> [ 12.615181] dump_stack_lvl+0x73/0xb0 [ 12.615212] print_report+0xd1/0x610 [ 12.615235] ? __virt_addr_valid+0x1db/0x2d0 [ 12.615258] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.615280] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.615302] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.615422] kasan_report+0x141/0x180 [ 12.615444] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.615471] __asan_report_load1_noabort+0x18/0x20 [ 12.615495] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.615518] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.615540] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.615570] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.615597] kunit_try_run_case+0x1a5/0x480 [ 12.615622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.615644] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.615667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.615690] ? __kthread_parkme+0x82/0x180 [ 12.615710] ? preempt_count_sub+0x50/0x80 [ 12.615734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.615757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.615780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.615803] kthread+0x337/0x6f0 [ 12.615822] ? trace_preempt_on+0x20/0xc0 [ 12.615844] ? __pfx_kthread+0x10/0x10 [ 12.615864] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.615884] ? calculate_sigpending+0x7b/0xa0 [ 12.615908] ? __pfx_kthread+0x10/0x10 [ 12.615929] ret_from_fork+0x116/0x1d0 [ 12.615948] ? __pfx_kthread+0x10/0x10 [ 12.615967] ret_from_fork_asm+0x1a/0x30 [ 12.615999] </TASK> [ 12.616022] [ 12.623925] Allocated by task 211: [ 12.624157] kasan_save_stack+0x45/0x70 [ 12.624416] kasan_save_track+0x18/0x40 [ 12.624603] kasan_save_alloc_info+0x3b/0x50 [ 12.624799] __kasan_kmalloc+0xb7/0xc0 [ 12.624991] __kmalloc_cache_noprof+0x189/0x420 [ 12.625292] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.625503] kunit_try_run_case+0x1a5/0x480 [ 12.625650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.626216] kthread+0x337/0x6f0 [ 12.626348] ret_from_fork+0x116/0x1d0 [ 12.626556] ret_from_fork_asm+0x1a/0x30 [ 12.627043] [ 12.627305] The buggy address belongs to the object at ffff8881029a6900 [ 12.627305] which belongs to the cache kmalloc-128 of size 128 [ 12.627867] The buggy address is located 5 bytes to the right of [ 12.627867] allocated 115-byte region [ffff8881029a6900, ffff8881029a6973) [ 12.628438] [ 12.628513] The buggy address belongs to the physical page: [ 12.628684] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 12.629007] flags: 0x200000000000000(node=0|zone=2) [ 12.629349] page_type: f5(slab) [ 12.629517] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.630186] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.630667] page dumped because: kasan: bad access detected [ 12.630903] [ 12.630987] Memory state around the buggy address: [ 12.631369] ffff8881029a6800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.631642] ffff8881029a6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.631862] >ffff8881029a6900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.632157] ^ [ 12.632556] ffff8881029a6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.632941] ffff8881029a6a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.633600] ================================================================== [ 12.591353] ================================================================== [ 12.591865] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.592562] Read of size 1 at addr ffff8881029a6973 by task kunit_try_catch/211 [ 12.592904] [ 12.593031] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.593079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.593090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.593112] Call Trace: [ 12.593124] <TASK> [ 12.593141] dump_stack_lvl+0x73/0xb0 [ 12.593173] print_report+0xd1/0x610 [ 12.593196] ? __virt_addr_valid+0x1db/0x2d0 [ 12.593219] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.593241] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.593264] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.593286] kasan_report+0x141/0x180 [ 12.593307] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.593335] __asan_report_load1_noabort+0x18/0x20 [ 12.593359] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.593382] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.593404] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.593508] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.593538] kunit_try_run_case+0x1a5/0x480 [ 12.593564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.593586] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.593610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.593633] ? __kthread_parkme+0x82/0x180 [ 12.593653] ? preempt_count_sub+0x50/0x80 [ 12.593678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.593701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.593724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.593747] kthread+0x337/0x6f0 [ 12.593766] ? trace_preempt_on+0x20/0xc0 [ 12.593788] ? __pfx_kthread+0x10/0x10 [ 12.593808] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.593829] ? calculate_sigpending+0x7b/0xa0 [ 12.593853] ? __pfx_kthread+0x10/0x10 [ 12.593873] ret_from_fork+0x116/0x1d0 [ 12.593892] ? __pfx_kthread+0x10/0x10 [ 12.593911] ret_from_fork_asm+0x1a/0x30 [ 12.593942] </TASK> [ 12.593953] [ 12.601584] Allocated by task 211: [ 12.601817] kasan_save_stack+0x45/0x70 [ 12.602157] kasan_save_track+0x18/0x40 [ 12.602354] kasan_save_alloc_info+0x3b/0x50 [ 12.602619] __kasan_kmalloc+0xb7/0xc0 [ 12.602805] __kmalloc_cache_noprof+0x189/0x420 [ 12.603135] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.603349] kunit_try_run_case+0x1a5/0x480 [ 12.603600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.603826] kthread+0x337/0x6f0 [ 12.604354] ret_from_fork+0x116/0x1d0 [ 12.604589] ret_from_fork_asm+0x1a/0x30 [ 12.604772] [ 12.604857] The buggy address belongs to the object at ffff8881029a6900 [ 12.604857] which belongs to the cache kmalloc-128 of size 128 [ 12.605499] The buggy address is located 0 bytes to the right of [ 12.605499] allocated 115-byte region [ffff8881029a6900, ffff8881029a6973) [ 12.605971] [ 12.606218] The buggy address belongs to the physical page: [ 12.606507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 12.606869] flags: 0x200000000000000(node=0|zone=2) [ 12.607229] page_type: f5(slab) [ 12.607411] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.607759] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.608349] page dumped because: kasan: bad access detected [ 12.608641] [ 12.608735] Memory state around the buggy address: [ 12.608963] ffff8881029a6800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.609349] ffff8881029a6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.609727] >ffff8881029a6900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.610140] ^ [ 12.610484] ffff8881029a6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.610788] ffff8881029a6a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.611102] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.556459] ================================================================== [ 12.556837] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.557384] Free of addr ffff888101be2ea0 by task kunit_try_catch/209 [ 12.558334] [ 12.558706] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.558891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.558903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.558925] Call Trace: [ 12.558943] <TASK> [ 12.558962] dump_stack_lvl+0x73/0xb0 [ 12.559028] print_report+0xd1/0x610 [ 12.559053] ? __virt_addr_valid+0x1db/0x2d0 [ 12.559078] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.559100] ? kfree_sensitive+0x2e/0x90 [ 12.559121] kasan_report_invalid_free+0x10a/0x130 [ 12.559146] ? kfree_sensitive+0x2e/0x90 [ 12.559167] ? kfree_sensitive+0x2e/0x90 [ 12.559186] check_slab_allocation+0x101/0x130 [ 12.559208] __kasan_slab_pre_free+0x28/0x40 [ 12.559229] kfree+0xf0/0x3f0 [ 12.559251] ? kfree_sensitive+0x2e/0x90 [ 12.559273] kfree_sensitive+0x2e/0x90 [ 12.559293] kmalloc_double_kzfree+0x19c/0x350 [ 12.559317] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.559341] ? __schedule+0x10cc/0x2b60 [ 12.559364] ? __pfx_read_tsc+0x10/0x10 [ 12.559385] ? ktime_get_ts64+0x86/0x230 [ 12.559425] kunit_try_run_case+0x1a5/0x480 [ 12.559449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.559471] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.559495] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.559518] ? __kthread_parkme+0x82/0x180 [ 12.559539] ? preempt_count_sub+0x50/0x80 [ 12.559563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.559586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.559609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.559633] kthread+0x337/0x6f0 [ 12.559652] ? trace_preempt_on+0x20/0xc0 [ 12.559674] ? __pfx_kthread+0x10/0x10 [ 12.559694] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.559715] ? calculate_sigpending+0x7b/0xa0 [ 12.559739] ? __pfx_kthread+0x10/0x10 [ 12.559760] ret_from_fork+0x116/0x1d0 [ 12.559777] ? __pfx_kthread+0x10/0x10 [ 12.559797] ret_from_fork_asm+0x1a/0x30 [ 12.559829] </TASK> [ 12.559839] [ 12.570631] Allocated by task 209: [ 12.570836] kasan_save_stack+0x45/0x70 [ 12.571069] kasan_save_track+0x18/0x40 [ 12.571662] kasan_save_alloc_info+0x3b/0x50 [ 12.571836] __kasan_kmalloc+0xb7/0xc0 [ 12.571970] __kmalloc_cache_noprof+0x189/0x420 [ 12.572141] kmalloc_double_kzfree+0xa9/0x350 [ 12.572296] kunit_try_run_case+0x1a5/0x480 [ 12.572442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.572618] kthread+0x337/0x6f0 [ 12.572762] ret_from_fork+0x116/0x1d0 [ 12.574173] ret_from_fork_asm+0x1a/0x30 [ 12.574875] [ 12.574991] Freed by task 209: [ 12.575172] kasan_save_stack+0x45/0x70 [ 12.575376] kasan_save_track+0x18/0x40 [ 12.576299] kasan_save_free_info+0x3f/0x60 [ 12.576527] __kasan_slab_free+0x56/0x70 [ 12.576679] kfree+0x222/0x3f0 [ 12.577020] kfree_sensitive+0x67/0x90 [ 12.577401] kmalloc_double_kzfree+0x12b/0x350 [ 12.577637] kunit_try_run_case+0x1a5/0x480 [ 12.577953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.578422] kthread+0x337/0x6f0 [ 12.578576] ret_from_fork+0x116/0x1d0 [ 12.578839] ret_from_fork_asm+0x1a/0x30 [ 12.579285] [ 12.579386] The buggy address belongs to the object at ffff888101be2ea0 [ 12.579386] which belongs to the cache kmalloc-16 of size 16 [ 12.579984] The buggy address is located 0 bytes inside of [ 12.579984] 16-byte region [ffff888101be2ea0, ffff888101be2eb0) [ 12.580878] [ 12.581160] The buggy address belongs to the physical page: [ 12.581430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101be2 [ 12.581765] flags: 0x200000000000000(node=0|zone=2) [ 12.581981] page_type: f5(slab) [ 12.582489] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.582835] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.583286] page dumped because: kasan: bad access detected [ 12.583766] [ 12.583871] Memory state around the buggy address: [ 12.584477] ffff888101be2d80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 12.584786] ffff888101be2e00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 12.585188] >ffff888101be2e80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.585644] ^ [ 12.585835] ffff888101be2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.586442] ffff888101be2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.586760] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.530935] ================================================================== [ 12.531689] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.532028] Read of size 1 at addr ffff888101be2ea0 by task kunit_try_catch/209 [ 12.532344] [ 12.532440] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.532490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.532501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.532523] Call Trace: [ 12.532536] <TASK> [ 12.532555] dump_stack_lvl+0x73/0xb0 [ 12.532587] print_report+0xd1/0x610 [ 12.532610] ? __virt_addr_valid+0x1db/0x2d0 [ 12.532634] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.532657] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.532680] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.532703] kasan_report+0x141/0x180 [ 12.532724] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.532750] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.532773] __kasan_check_byte+0x3d/0x50 [ 12.532794] kfree_sensitive+0x22/0x90 [ 12.532818] kmalloc_double_kzfree+0x19c/0x350 [ 12.532842] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.532873] ? __schedule+0x10cc/0x2b60 [ 12.532897] ? __pfx_read_tsc+0x10/0x10 [ 12.532918] ? ktime_get_ts64+0x86/0x230 [ 12.532944] kunit_try_run_case+0x1a5/0x480 [ 12.532971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.532993] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.533027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.533050] ? __kthread_parkme+0x82/0x180 [ 12.533072] ? preempt_count_sub+0x50/0x80 [ 12.533097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.533120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.533144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.533168] kthread+0x337/0x6f0 [ 12.533187] ? trace_preempt_on+0x20/0xc0 [ 12.533211] ? __pfx_kthread+0x10/0x10 [ 12.533231] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.533253] ? calculate_sigpending+0x7b/0xa0 [ 12.533278] ? __pfx_kthread+0x10/0x10 [ 12.533302] ret_from_fork+0x116/0x1d0 [ 12.533320] ? __pfx_kthread+0x10/0x10 [ 12.533340] ret_from_fork_asm+0x1a/0x30 [ 12.533372] </TASK> [ 12.533382] [ 12.541201] Allocated by task 209: [ 12.541392] kasan_save_stack+0x45/0x70 [ 12.541601] kasan_save_track+0x18/0x40 [ 12.541790] kasan_save_alloc_info+0x3b/0x50 [ 12.541999] __kasan_kmalloc+0xb7/0xc0 [ 12.542191] __kmalloc_cache_noprof+0x189/0x420 [ 12.542420] kmalloc_double_kzfree+0xa9/0x350 [ 12.542849] kunit_try_run_case+0x1a5/0x480 [ 12.543133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.543314] kthread+0x337/0x6f0 [ 12.543435] ret_from_fork+0x116/0x1d0 [ 12.543569] ret_from_fork_asm+0x1a/0x30 [ 12.543823] [ 12.543922] Freed by task 209: [ 12.544090] kasan_save_stack+0x45/0x70 [ 12.544286] kasan_save_track+0x18/0x40 [ 12.544477] kasan_save_free_info+0x3f/0x60 [ 12.544722] __kasan_slab_free+0x56/0x70 [ 12.544868] kfree+0x222/0x3f0 [ 12.544987] kfree_sensitive+0x67/0x90 [ 12.545224] kmalloc_double_kzfree+0x12b/0x350 [ 12.545467] kunit_try_run_case+0x1a5/0x480 [ 12.545674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.545926] kthread+0x337/0x6f0 [ 12.546356] ret_from_fork+0x116/0x1d0 [ 12.546543] ret_from_fork_asm+0x1a/0x30 [ 12.546689] [ 12.546762] The buggy address belongs to the object at ffff888101be2ea0 [ 12.546762] which belongs to the cache kmalloc-16 of size 16 [ 12.547246] The buggy address is located 0 bytes inside of [ 12.547246] freed 16-byte region [ffff888101be2ea0, ffff888101be2eb0) [ 12.547824] [ 12.547951] The buggy address belongs to the physical page: [ 12.548222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101be2 [ 12.548470] flags: 0x200000000000000(node=0|zone=2) [ 12.548692] page_type: f5(slab) [ 12.548878] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.549232] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.549634] page dumped because: kasan: bad access detected [ 12.550322] [ 12.550407] Memory state around the buggy address: [ 12.550635] ffff888101be2d80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 12.550878] ffff888101be2e00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 12.551109] >ffff888101be2e80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.551427] ^ [ 12.551635] ffff888101be2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.551959] ffff888101be2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.552325] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.501993] ================================================================== [ 12.502583] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.503131] Read of size 1 at addr ffff8881034125a8 by task kunit_try_catch/205 [ 12.503377] [ 12.503504] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.503553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.503564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.503586] Call Trace: [ 12.503599] <TASK> [ 12.503618] dump_stack_lvl+0x73/0xb0 [ 12.503649] print_report+0xd1/0x610 [ 12.503672] ? __virt_addr_valid+0x1db/0x2d0 [ 12.503696] ? kmalloc_uaf2+0x4a8/0x520 [ 12.503715] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.503738] ? kmalloc_uaf2+0x4a8/0x520 [ 12.503757] kasan_report+0x141/0x180 [ 12.503779] ? kmalloc_uaf2+0x4a8/0x520 [ 12.503803] __asan_report_load1_noabort+0x18/0x20 [ 12.503827] kmalloc_uaf2+0x4a8/0x520 [ 12.503847] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.503866] ? finish_task_switch.isra.0+0x153/0x700 [ 12.503889] ? __switch_to+0x47/0xf50 [ 12.503914] ? __schedule+0x10cc/0x2b60 [ 12.503937] ? __pfx_read_tsc+0x10/0x10 [ 12.503957] ? ktime_get_ts64+0x86/0x230 [ 12.503981] kunit_try_run_case+0x1a5/0x480 [ 12.504006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.504083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.504109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.504132] ? __kthread_parkme+0x82/0x180 [ 12.504153] ? preempt_count_sub+0x50/0x80 [ 12.504176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.504200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.504223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.504248] kthread+0x337/0x6f0 [ 12.504266] ? trace_preempt_on+0x20/0xc0 [ 12.504289] ? __pfx_kthread+0x10/0x10 [ 12.504308] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.504329] ? calculate_sigpending+0x7b/0xa0 [ 12.504353] ? __pfx_kthread+0x10/0x10 [ 12.504373] ret_from_fork+0x116/0x1d0 [ 12.504391] ? __pfx_kthread+0x10/0x10 [ 12.504411] ret_from_fork_asm+0x1a/0x30 [ 12.504442] </TASK> [ 12.504451] [ 12.511993] Allocated by task 205: [ 12.512469] kasan_save_stack+0x45/0x70 [ 12.512748] kasan_save_track+0x18/0x40 [ 12.513126] kasan_save_alloc_info+0x3b/0x50 [ 12.513315] __kasan_kmalloc+0xb7/0xc0 [ 12.513500] __kmalloc_cache_noprof+0x189/0x420 [ 12.513728] kmalloc_uaf2+0xc6/0x520 [ 12.513909] kunit_try_run_case+0x1a5/0x480 [ 12.514168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.514382] kthread+0x337/0x6f0 [ 12.514618] ret_from_fork+0x116/0x1d0 [ 12.514751] ret_from_fork_asm+0x1a/0x30 [ 12.514891] [ 12.514978] Freed by task 205: [ 12.515305] kasan_save_stack+0x45/0x70 [ 12.515499] kasan_save_track+0x18/0x40 [ 12.515732] kasan_save_free_info+0x3f/0x60 [ 12.515943] __kasan_slab_free+0x56/0x70 [ 12.516177] kfree+0x222/0x3f0 [ 12.516346] kmalloc_uaf2+0x14c/0x520 [ 12.516525] kunit_try_run_case+0x1a5/0x480 [ 12.516715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.516922] kthread+0x337/0x6f0 [ 12.517228] ret_from_fork+0x116/0x1d0 [ 12.517374] ret_from_fork_asm+0x1a/0x30 [ 12.517646] [ 12.517823] The buggy address belongs to the object at ffff888103412580 [ 12.517823] which belongs to the cache kmalloc-64 of size 64 [ 12.518331] The buggy address is located 40 bytes inside of [ 12.518331] freed 64-byte region [ffff888103412580, ffff8881034125c0) [ 12.518784] [ 12.518909] The buggy address belongs to the physical page: [ 12.519183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103412 [ 12.519722] flags: 0x200000000000000(node=0|zone=2) [ 12.519988] page_type: f5(slab) [ 12.520183] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.520563] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.520870] page dumped because: kasan: bad access detected [ 12.521111] [ 12.521182] Memory state around the buggy address: [ 12.521338] ffff888103412480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.521562] ffff888103412500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.521777] >ffff888103412580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.521985] ^ [ 12.522264] ffff888103412600: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.522713] ffff888103412680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.523032] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.469364] ================================================================== [ 12.470547] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.471236] Write of size 33 at addr ffff888103412500 by task kunit_try_catch/203 [ 12.472300] [ 12.472546] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.472606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.472618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.472640] Call Trace: [ 12.472653] <TASK> [ 12.472672] dump_stack_lvl+0x73/0xb0 [ 12.472705] print_report+0xd1/0x610 [ 12.472728] ? __virt_addr_valid+0x1db/0x2d0 [ 12.472752] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.472772] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.472796] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.472817] kasan_report+0x141/0x180 [ 12.472838] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.472869] kasan_check_range+0x10c/0x1c0 [ 12.472892] __asan_memset+0x27/0x50 [ 12.472911] kmalloc_uaf_memset+0x1a3/0x360 [ 12.472932] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.472955] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.472980] kunit_try_run_case+0x1a5/0x480 [ 12.473006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.473203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.473231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.473254] ? __kthread_parkme+0x82/0x180 [ 12.473275] ? preempt_count_sub+0x50/0x80 [ 12.473300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.473324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.473347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.473371] kthread+0x337/0x6f0 [ 12.473390] ? trace_preempt_on+0x20/0xc0 [ 12.473413] ? __pfx_kthread+0x10/0x10 [ 12.473444] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.473465] ? calculate_sigpending+0x7b/0xa0 [ 12.473489] ? __pfx_kthread+0x10/0x10 [ 12.473509] ret_from_fork+0x116/0x1d0 [ 12.473528] ? __pfx_kthread+0x10/0x10 [ 12.473548] ret_from_fork_asm+0x1a/0x30 [ 12.473579] </TASK> [ 12.473590] [ 12.483829] Allocated by task 203: [ 12.484152] kasan_save_stack+0x45/0x70 [ 12.484333] kasan_save_track+0x18/0x40 [ 12.484613] kasan_save_alloc_info+0x3b/0x50 [ 12.484815] __kasan_kmalloc+0xb7/0xc0 [ 12.484987] __kmalloc_cache_noprof+0x189/0x420 [ 12.485403] kmalloc_uaf_memset+0xa9/0x360 [ 12.485627] kunit_try_run_case+0x1a5/0x480 [ 12.485837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.486165] kthread+0x337/0x6f0 [ 12.486571] ret_from_fork+0x116/0x1d0 [ 12.486754] ret_from_fork_asm+0x1a/0x30 [ 12.486944] [ 12.487051] Freed by task 203: [ 12.487490] kasan_save_stack+0x45/0x70 [ 12.487671] kasan_save_track+0x18/0x40 [ 12.487984] kasan_save_free_info+0x3f/0x60 [ 12.488238] __kasan_slab_free+0x56/0x70 [ 12.488424] kfree+0x222/0x3f0 [ 12.488754] kmalloc_uaf_memset+0x12b/0x360 [ 12.488965] kunit_try_run_case+0x1a5/0x480 [ 12.489300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.489550] kthread+0x337/0x6f0 [ 12.489893] ret_from_fork+0x116/0x1d0 [ 12.490403] ret_from_fork_asm+0x1a/0x30 [ 12.490600] [ 12.490687] The buggy address belongs to the object at ffff888103412500 [ 12.490687] which belongs to the cache kmalloc-64 of size 64 [ 12.491386] The buggy address is located 0 bytes inside of [ 12.491386] freed 64-byte region [ffff888103412500, ffff888103412540) [ 12.491888] [ 12.491984] The buggy address belongs to the physical page: [ 12.492461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103412 [ 12.492798] flags: 0x200000000000000(node=0|zone=2) [ 12.493025] page_type: f5(slab) [ 12.493255] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.493668] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.493970] page dumped because: kasan: bad access detected [ 12.494631] [ 12.494724] Memory state around the buggy address: [ 12.494892] ffff888103412400: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 12.495792] ffff888103412480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.496067] >ffff888103412500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.496383] ^ [ 12.496842] ffff888103412580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.497299] ffff888103412600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.497738] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.428407] ================================================================== [ 12.428889] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.430513] Read of size 1 at addr ffff888102712168 by task kunit_try_catch/201 [ 12.431714] [ 12.432146] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.432353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.432370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.432407] Call Trace: [ 12.432476] <TASK> [ 12.432498] dump_stack_lvl+0x73/0xb0 [ 12.432540] print_report+0xd1/0x610 [ 12.432565] ? __virt_addr_valid+0x1db/0x2d0 [ 12.432591] ? kmalloc_uaf+0x320/0x380 [ 12.432610] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.432632] ? kmalloc_uaf+0x320/0x380 [ 12.432652] kasan_report+0x141/0x180 [ 12.432674] ? kmalloc_uaf+0x320/0x380 [ 12.432697] __asan_report_load1_noabort+0x18/0x20 [ 12.432721] kmalloc_uaf+0x320/0x380 [ 12.432741] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.432761] ? __schedule+0x10cc/0x2b60 [ 12.432783] ? __pfx_read_tsc+0x10/0x10 [ 12.432805] ? ktime_get_ts64+0x86/0x230 [ 12.432830] kunit_try_run_case+0x1a5/0x480 [ 12.432864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.432886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.432910] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.432933] ? __kthread_parkme+0x82/0x180 [ 12.432954] ? preempt_count_sub+0x50/0x80 [ 12.432978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.433035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.433059] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.433083] kthread+0x337/0x6f0 [ 12.433102] ? trace_preempt_on+0x20/0xc0 [ 12.433126] ? __pfx_kthread+0x10/0x10 [ 12.433146] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.433167] ? calculate_sigpending+0x7b/0xa0 [ 12.433191] ? __pfx_kthread+0x10/0x10 [ 12.433212] ret_from_fork+0x116/0x1d0 [ 12.433231] ? __pfx_kthread+0x10/0x10 [ 12.433250] ret_from_fork_asm+0x1a/0x30 [ 12.433282] </TASK> [ 12.433293] [ 12.446856] Allocated by task 201: [ 12.447179] kasan_save_stack+0x45/0x70 [ 12.447583] kasan_save_track+0x18/0x40 [ 12.447718] kasan_save_alloc_info+0x3b/0x50 [ 12.447864] __kasan_kmalloc+0xb7/0xc0 [ 12.447992] __kmalloc_cache_noprof+0x189/0x420 [ 12.448501] kmalloc_uaf+0xaa/0x380 [ 12.448870] kunit_try_run_case+0x1a5/0x480 [ 12.449359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.450028] kthread+0x337/0x6f0 [ 12.450404] ret_from_fork+0x116/0x1d0 [ 12.450869] ret_from_fork_asm+0x1a/0x30 [ 12.451167] [ 12.451389] Freed by task 201: [ 12.451743] kasan_save_stack+0x45/0x70 [ 12.452178] kasan_save_track+0x18/0x40 [ 12.452729] kasan_save_free_info+0x3f/0x60 [ 12.453155] __kasan_slab_free+0x56/0x70 [ 12.453486] kfree+0x222/0x3f0 [ 12.453606] kmalloc_uaf+0x12c/0x380 [ 12.453733] kunit_try_run_case+0x1a5/0x480 [ 12.453880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.454183] kthread+0x337/0x6f0 [ 12.454499] ret_from_fork+0x116/0x1d0 [ 12.454834] ret_from_fork_asm+0x1a/0x30 [ 12.455275] [ 12.455518] The buggy address belongs to the object at ffff888102712160 [ 12.455518] which belongs to the cache kmalloc-16 of size 16 [ 12.456680] The buggy address is located 8 bytes inside of [ 12.456680] freed 16-byte region [ffff888102712160, ffff888102712170) [ 12.457902] [ 12.457990] The buggy address belongs to the physical page: [ 12.458396] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102712 [ 12.459147] flags: 0x200000000000000(node=0|zone=2) [ 12.459430] page_type: f5(slab) [ 12.459561] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.459794] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.460075] page dumped because: kasan: bad access detected [ 12.460577] [ 12.460763] Memory state around the buggy address: [ 12.461284] ffff888102712000: 00 06 fc fc 00 06 fc fc 00 00 fc fc 00 04 fc fc [ 12.462040] ffff888102712080: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 12.463062] >ffff888102712100: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.464053] ^ [ 12.464672] ffff888102712180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.464905] ffff888102712200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.465600] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.404157] ================================================================== [ 12.404655] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.404930] Read of size 64 at addr ffff8881029b2c84 by task kunit_try_catch/199 [ 12.405314] [ 12.405440] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.405489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.405500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.405521] Call Trace: [ 12.405535] <TASK> [ 12.405553] dump_stack_lvl+0x73/0xb0 [ 12.405586] print_report+0xd1/0x610 [ 12.405610] ? __virt_addr_valid+0x1db/0x2d0 [ 12.405634] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.405660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.405682] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.405706] kasan_report+0x141/0x180 [ 12.405727] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.405768] kasan_check_range+0x10c/0x1c0 [ 12.405791] __asan_memmove+0x27/0x70 [ 12.405810] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.405834] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.405859] ? __schedule+0x10cc/0x2b60 [ 12.405881] ? __pfx_read_tsc+0x10/0x10 [ 12.405902] ? ktime_get_ts64+0x86/0x230 [ 12.405927] kunit_try_run_case+0x1a5/0x480 [ 12.405953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.405974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.405998] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.406035] ? __kthread_parkme+0x82/0x180 [ 12.406056] ? preempt_count_sub+0x50/0x80 [ 12.406079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.406103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.406126] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.406150] kthread+0x337/0x6f0 [ 12.406169] ? trace_preempt_on+0x20/0xc0 [ 12.406191] ? __pfx_kthread+0x10/0x10 [ 12.406211] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.406231] ? calculate_sigpending+0x7b/0xa0 [ 12.406256] ? __pfx_kthread+0x10/0x10 [ 12.406276] ret_from_fork+0x116/0x1d0 [ 12.406294] ? __pfx_kthread+0x10/0x10 [ 12.406314] ret_from_fork_asm+0x1a/0x30 [ 12.406344] </TASK> [ 12.406355] [ 12.414098] Allocated by task 199: [ 12.414305] kasan_save_stack+0x45/0x70 [ 12.414718] kasan_save_track+0x18/0x40 [ 12.414902] kasan_save_alloc_info+0x3b/0x50 [ 12.415437] __kasan_kmalloc+0xb7/0xc0 [ 12.415642] __kmalloc_cache_noprof+0x189/0x420 [ 12.415841] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.416106] kunit_try_run_case+0x1a5/0x480 [ 12.416306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.416568] kthread+0x337/0x6f0 [ 12.416710] ret_from_fork+0x116/0x1d0 [ 12.416869] ret_from_fork_asm+0x1a/0x30 [ 12.417163] [ 12.417266] The buggy address belongs to the object at ffff8881029b2c80 [ 12.417266] which belongs to the cache kmalloc-64 of size 64 [ 12.417743] The buggy address is located 4 bytes inside of [ 12.417743] allocated 64-byte region [ffff8881029b2c80, ffff8881029b2cc0) [ 12.418227] [ 12.418384] The buggy address belongs to the physical page: [ 12.418753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b2 [ 12.419210] flags: 0x200000000000000(node=0|zone=2) [ 12.419418] page_type: f5(slab) [ 12.419865] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.420232] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.420511] page dumped because: kasan: bad access detected [ 12.420681] [ 12.420750] Memory state around the buggy address: [ 12.420914] ffff8881029b2b80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 12.421142] ffff8881029b2c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.421455] >ffff8881029b2c80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.421832] ^ [ 12.422150] ffff8881029b2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.422384] ffff8881029b2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.422966] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.369481] ================================================================== [ 12.369961] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.370510] Read of size 18446744073709551614 at addr ffff8881029b2b04 by task kunit_try_catch/197 [ 12.371020] [ 12.371151] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.371203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.371214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.371237] Call Trace: [ 12.371251] <TASK> [ 12.371271] dump_stack_lvl+0x73/0xb0 [ 12.371308] print_report+0xd1/0x610 [ 12.371332] ? __virt_addr_valid+0x1db/0x2d0 [ 12.371357] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.371383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.371406] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.371519] kasan_report+0x141/0x180 [ 12.371547] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.371577] kasan_check_range+0x10c/0x1c0 [ 12.371600] __asan_memmove+0x27/0x70 [ 12.371618] kmalloc_memmove_negative_size+0x171/0x330 [ 12.371643] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.371669] ? __schedule+0x10cc/0x2b60 [ 12.371693] ? __pfx_read_tsc+0x10/0x10 [ 12.371715] ? ktime_get_ts64+0x86/0x230 [ 12.371742] kunit_try_run_case+0x1a5/0x480 [ 12.371768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.371790] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.371814] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.371837] ? __kthread_parkme+0x82/0x180 [ 12.371858] ? preempt_count_sub+0x50/0x80 [ 12.371883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.371905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.371928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.371952] kthread+0x337/0x6f0 [ 12.371970] ? trace_preempt_on+0x20/0xc0 [ 12.371994] ? __pfx_kthread+0x10/0x10 [ 12.372065] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.372090] ? calculate_sigpending+0x7b/0xa0 [ 12.372114] ? __pfx_kthread+0x10/0x10 [ 12.372135] ret_from_fork+0x116/0x1d0 [ 12.372154] ? __pfx_kthread+0x10/0x10 [ 12.372173] ret_from_fork_asm+0x1a/0x30 [ 12.372204] </TASK> [ 12.372215] [ 12.386251] Allocated by task 197: [ 12.386477] kasan_save_stack+0x45/0x70 [ 12.386934] kasan_save_track+0x18/0x40 [ 12.387418] kasan_save_alloc_info+0x3b/0x50 [ 12.387586] __kasan_kmalloc+0xb7/0xc0 [ 12.387720] __kmalloc_cache_noprof+0x189/0x420 [ 12.387878] kmalloc_memmove_negative_size+0xac/0x330 [ 12.388178] kunit_try_run_case+0x1a5/0x480 [ 12.388574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.389372] kthread+0x337/0x6f0 [ 12.389842] ret_from_fork+0x116/0x1d0 [ 12.390311] ret_from_fork_asm+0x1a/0x30 [ 12.390719] [ 12.390885] The buggy address belongs to the object at ffff8881029b2b00 [ 12.390885] which belongs to the cache kmalloc-64 of size 64 [ 12.392089] The buggy address is located 4 bytes inside of [ 12.392089] 64-byte region [ffff8881029b2b00, ffff8881029b2b40) [ 12.392719] [ 12.392799] The buggy address belongs to the physical page: [ 12.392984] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b2 [ 12.393799] flags: 0x200000000000000(node=0|zone=2) [ 12.394387] page_type: f5(slab) [ 12.394755] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.395524] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.396228] page dumped because: kasan: bad access detected [ 12.396831] [ 12.396962] Memory state around the buggy address: [ 12.397326] ffff8881029b2a00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 12.397960] ffff8881029b2a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.398641] >ffff8881029b2b00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.398989] ^ [ 12.399374] ffff8881029b2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.400084] ffff8881029b2c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.400504] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.343001] ================================================================== [ 12.343483] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.343784] Write of size 16 at addr ffff8881029a6869 by task kunit_try_catch/195 [ 12.344441] [ 12.344573] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.344624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.344636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.344659] Call Trace: [ 12.344672] <TASK> [ 12.344691] dump_stack_lvl+0x73/0xb0 [ 12.344724] print_report+0xd1/0x610 [ 12.344747] ? __virt_addr_valid+0x1db/0x2d0 [ 12.344772] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.344793] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.344816] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.344839] kasan_report+0x141/0x180 [ 12.344869] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.344895] kasan_check_range+0x10c/0x1c0 [ 12.344918] __asan_memset+0x27/0x50 [ 12.344937] kmalloc_oob_memset_16+0x166/0x330 [ 12.344959] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.344982] ? __schedule+0x10cc/0x2b60 [ 12.345005] ? __pfx_read_tsc+0x10/0x10 [ 12.345051] ? ktime_get_ts64+0x86/0x230 [ 12.345076] kunit_try_run_case+0x1a5/0x480 [ 12.345102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.345124] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.345148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.345171] ? __kthread_parkme+0x82/0x180 [ 12.345193] ? preempt_count_sub+0x50/0x80 [ 12.345217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.345241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.345264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.345288] kthread+0x337/0x6f0 [ 12.345307] ? trace_preempt_on+0x20/0xc0 [ 12.345330] ? __pfx_kthread+0x10/0x10 [ 12.345349] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.345370] ? calculate_sigpending+0x7b/0xa0 [ 12.345395] ? __pfx_kthread+0x10/0x10 [ 12.345415] ret_from_fork+0x116/0x1d0 [ 12.345446] ? __pfx_kthread+0x10/0x10 [ 12.345466] ret_from_fork_asm+0x1a/0x30 [ 12.345498] </TASK> [ 12.345508] [ 12.353734] Allocated by task 195: [ 12.353943] kasan_save_stack+0x45/0x70 [ 12.354321] kasan_save_track+0x18/0x40 [ 12.354530] kasan_save_alloc_info+0x3b/0x50 [ 12.354736] __kasan_kmalloc+0xb7/0xc0 [ 12.354896] __kmalloc_cache_noprof+0x189/0x420 [ 12.355420] kmalloc_oob_memset_16+0xac/0x330 [ 12.355622] kunit_try_run_case+0x1a5/0x480 [ 12.355829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.356110] kthread+0x337/0x6f0 [ 12.356270] ret_from_fork+0x116/0x1d0 [ 12.356406] ret_from_fork_asm+0x1a/0x30 [ 12.356588] [ 12.356681] The buggy address belongs to the object at ffff8881029a6800 [ 12.356681] which belongs to the cache kmalloc-128 of size 128 [ 12.357758] The buggy address is located 105 bytes inside of [ 12.357758] allocated 120-byte region [ffff8881029a6800, ffff8881029a6878) [ 12.358331] [ 12.358410] The buggy address belongs to the physical page: [ 12.358583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 12.358829] flags: 0x200000000000000(node=0|zone=2) [ 12.358999] page_type: f5(slab) [ 12.359181] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.359759] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.360135] page dumped because: kasan: bad access detected [ 12.360434] [ 12.360526] Memory state around the buggy address: [ 12.360714] ffff8881029a6700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.360939] ffff8881029a6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.361226] >ffff8881029a6800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.361964] ^ [ 12.362315] ffff8881029a6880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.362680] ffff8881029a6900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.362964] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.315224] ================================================================== [ 12.316881] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.318364] Write of size 8 at addr ffff888102b7d471 by task kunit_try_catch/193 [ 12.319521] [ 12.319638] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.319689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.319701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.319722] Call Trace: [ 12.319738] <TASK> [ 12.319758] dump_stack_lvl+0x73/0xb0 [ 12.319794] print_report+0xd1/0x610 [ 12.320488] ? __virt_addr_valid+0x1db/0x2d0 [ 12.320520] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.320544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.320567] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.320589] kasan_report+0x141/0x180 [ 12.320610] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.320637] kasan_check_range+0x10c/0x1c0 [ 12.320660] __asan_memset+0x27/0x50 [ 12.320679] kmalloc_oob_memset_8+0x166/0x330 [ 12.320701] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.320723] ? __schedule+0x10cc/0x2b60 [ 12.320746] ? __pfx_read_tsc+0x10/0x10 [ 12.320766] ? ktime_get_ts64+0x86/0x230 [ 12.320791] kunit_try_run_case+0x1a5/0x480 [ 12.320816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.320837] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.320868] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.320891] ? __kthread_parkme+0x82/0x180 [ 12.320912] ? preempt_count_sub+0x50/0x80 [ 12.320937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.320960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.320984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.321019] kthread+0x337/0x6f0 [ 12.321038] ? trace_preempt_on+0x20/0xc0 [ 12.321061] ? __pfx_kthread+0x10/0x10 [ 12.321080] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.321101] ? calculate_sigpending+0x7b/0xa0 [ 12.321126] ? __pfx_kthread+0x10/0x10 [ 12.321147] ret_from_fork+0x116/0x1d0 [ 12.321166] ? __pfx_kthread+0x10/0x10 [ 12.321185] ret_from_fork_asm+0x1a/0x30 [ 12.321217] </TASK> [ 12.321227] [ 12.331098] Allocated by task 193: [ 12.331459] kasan_save_stack+0x45/0x70 [ 12.331658] kasan_save_track+0x18/0x40 [ 12.331825] kasan_save_alloc_info+0x3b/0x50 [ 12.332111] __kasan_kmalloc+0xb7/0xc0 [ 12.332257] __kmalloc_cache_noprof+0x189/0x420 [ 12.332416] kmalloc_oob_memset_8+0xac/0x330 [ 12.332626] kunit_try_run_case+0x1a5/0x480 [ 12.332834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.333190] kthread+0x337/0x6f0 [ 12.333379] ret_from_fork+0x116/0x1d0 [ 12.333548] ret_from_fork_asm+0x1a/0x30 [ 12.333691] [ 12.333766] The buggy address belongs to the object at ffff888102b7d400 [ 12.333766] which belongs to the cache kmalloc-128 of size 128 [ 12.334224] The buggy address is located 113 bytes inside of [ 12.334224] allocated 120-byte region [ffff888102b7d400, ffff888102b7d478) [ 12.334766] [ 12.334868] The buggy address belongs to the physical page: [ 12.335167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b7d [ 12.335413] flags: 0x200000000000000(node=0|zone=2) [ 12.335666] page_type: f5(slab) [ 12.335840] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.336567] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.336803] page dumped because: kasan: bad access detected [ 12.337076] [ 12.337191] Memory state around the buggy address: [ 12.337416] ffff888102b7d300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.337661] ffff888102b7d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.337877] >ffff888102b7d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.338248] ^ [ 12.338747] ffff888102b7d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.339080] ffff888102b7d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.339385] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.287392] ================================================================== [ 12.287806] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.288180] Write of size 4 at addr ffff888102b7d375 by task kunit_try_catch/191 [ 12.288480] [ 12.288949] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.289003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.289027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.289050] Call Trace: [ 12.289063] <TASK> [ 12.289082] dump_stack_lvl+0x73/0xb0 [ 12.289116] print_report+0xd1/0x610 [ 12.289140] ? __virt_addr_valid+0x1db/0x2d0 [ 12.289165] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.289186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.289208] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.289229] kasan_report+0x141/0x180 [ 12.289251] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.289276] kasan_check_range+0x10c/0x1c0 [ 12.289299] __asan_memset+0x27/0x50 [ 12.289318] kmalloc_oob_memset_4+0x166/0x330 [ 12.289340] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.289362] ? __schedule+0x10cc/0x2b60 [ 12.289384] ? __pfx_read_tsc+0x10/0x10 [ 12.289406] ? ktime_get_ts64+0x86/0x230 [ 12.289442] kunit_try_run_case+0x1a5/0x480 [ 12.289503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.289525] ? irqentry_exit+0x2a/0x60 [ 12.289560] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.289587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.289610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.289632] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.289656] kthread+0x337/0x6f0 [ 12.289676] ? trace_preempt_on+0x20/0xc0 [ 12.289700] ? __pfx_kthread+0x10/0x10 [ 12.289719] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.289741] ? calculate_sigpending+0x7b/0xa0 [ 12.289766] ? __pfx_kthread+0x10/0x10 [ 12.289786] ret_from_fork+0x116/0x1d0 [ 12.289804] ? __pfx_kthread+0x10/0x10 [ 12.289824] ret_from_fork_asm+0x1a/0x30 [ 12.289856] </TASK> [ 12.289868] [ 12.301646] Allocated by task 191: [ 12.301859] kasan_save_stack+0x45/0x70 [ 12.302395] kasan_save_track+0x18/0x40 [ 12.302695] kasan_save_alloc_info+0x3b/0x50 [ 12.302851] __kasan_kmalloc+0xb7/0xc0 [ 12.303127] __kmalloc_cache_noprof+0x189/0x420 [ 12.303494] kmalloc_oob_memset_4+0xac/0x330 [ 12.303652] kunit_try_run_case+0x1a5/0x480 [ 12.303849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.304110] kthread+0x337/0x6f0 [ 12.304255] ret_from_fork+0x116/0x1d0 [ 12.304502] ret_from_fork_asm+0x1a/0x30 [ 12.304710] [ 12.304797] The buggy address belongs to the object at ffff888102b7d300 [ 12.304797] which belongs to the cache kmalloc-128 of size 128 [ 12.305420] The buggy address is located 117 bytes inside of [ 12.305420] allocated 120-byte region [ffff888102b7d300, ffff888102b7d378) [ 12.305957] [ 12.306105] The buggy address belongs to the physical page: [ 12.306401] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b7d [ 12.306801] flags: 0x200000000000000(node=0|zone=2) [ 12.307033] page_type: f5(slab) [ 12.307160] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.307392] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.307720] page dumped because: kasan: bad access detected [ 12.308145] [ 12.308217] Memory state around the buggy address: [ 12.308377] ffff888102b7d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.309359] ffff888102b7d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.309788] >ffff888102b7d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.310253] ^ [ 12.310569] ffff888102b7d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.310790] ffff888102b7d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.311287] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.252931] ================================================================== [ 12.253519] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.253952] Write of size 2 at addr ffff8881029a6777 by task kunit_try_catch/189 [ 12.254241] [ 12.254336] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.254384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.254395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.254417] Call Trace: [ 12.254429] <TASK> [ 12.254447] dump_stack_lvl+0x73/0xb0 [ 12.254531] print_report+0xd1/0x610 [ 12.254554] ? __virt_addr_valid+0x1db/0x2d0 [ 12.254577] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.254598] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.254620] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.254642] kasan_report+0x141/0x180 [ 12.254664] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.254691] kasan_check_range+0x10c/0x1c0 [ 12.254714] __asan_memset+0x27/0x50 [ 12.254732] kmalloc_oob_memset_2+0x166/0x330 [ 12.254754] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.254776] ? __schedule+0x10cc/0x2b60 [ 12.254833] ? __pfx_read_tsc+0x10/0x10 [ 12.254854] ? ktime_get_ts64+0x86/0x230 [ 12.254903] kunit_try_run_case+0x1a5/0x480 [ 12.254928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.254950] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.254973] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.254996] ? __kthread_parkme+0x82/0x180 [ 12.255026] ? preempt_count_sub+0x50/0x80 [ 12.255051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.255073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.255096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.255119] kthread+0x337/0x6f0 [ 12.255138] ? trace_preempt_on+0x20/0xc0 [ 12.255161] ? __pfx_kthread+0x10/0x10 [ 12.255180] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.255201] ? calculate_sigpending+0x7b/0xa0 [ 12.255256] ? __pfx_kthread+0x10/0x10 [ 12.255301] ret_from_fork+0x116/0x1d0 [ 12.255320] ? __pfx_kthread+0x10/0x10 [ 12.255339] ret_from_fork_asm+0x1a/0x30 [ 12.255370] </TASK> [ 12.255380] [ 12.268637] Allocated by task 189: [ 12.268828] kasan_save_stack+0x45/0x70 [ 12.269395] kasan_save_track+0x18/0x40 [ 12.269761] kasan_save_alloc_info+0x3b/0x50 [ 12.269966] __kasan_kmalloc+0xb7/0xc0 [ 12.270610] __kmalloc_cache_noprof+0x189/0x420 [ 12.270932] kmalloc_oob_memset_2+0xac/0x330 [ 12.271201] kunit_try_run_case+0x1a5/0x480 [ 12.271383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.271869] kthread+0x337/0x6f0 [ 12.272341] ret_from_fork+0x116/0x1d0 [ 12.272609] ret_from_fork_asm+0x1a/0x30 [ 12.272795] [ 12.272894] The buggy address belongs to the object at ffff8881029a6700 [ 12.272894] which belongs to the cache kmalloc-128 of size 128 [ 12.274270] The buggy address is located 119 bytes inside of [ 12.274270] allocated 120-byte region [ffff8881029a6700, ffff8881029a6778) [ 12.275234] [ 12.275477] The buggy address belongs to the physical page: [ 12.275723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 12.276365] flags: 0x200000000000000(node=0|zone=2) [ 12.276829] page_type: f5(slab) [ 12.277223] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.277890] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.278560] page dumped because: kasan: bad access detected [ 12.278934] [ 12.279265] Memory state around the buggy address: [ 12.279693] ffff8881029a6600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.280001] ffff8881029a6680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.280295] >ffff8881029a6700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.281081] ^ [ 12.281649] ffff8881029a6780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.282120] ffff8881029a6800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.283113] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.682692] ================================================================== [ 11.683446] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.683722] Read of size 1 at addr ffff888103990000 by task kunit_try_catch/171 [ 11.684031] [ 11.684151] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.684200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.684211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.684233] Call Trace: [ 11.684249] <TASK> [ 11.684268] dump_stack_lvl+0x73/0xb0 [ 11.684299] print_report+0xd1/0x610 [ 11.684322] ? __virt_addr_valid+0x1db/0x2d0 [ 11.684361] ? page_alloc_uaf+0x356/0x3d0 [ 11.684382] ? kasan_addr_to_slab+0x11/0xa0 [ 11.684404] ? page_alloc_uaf+0x356/0x3d0 [ 11.684426] kasan_report+0x141/0x180 [ 11.684448] ? page_alloc_uaf+0x356/0x3d0 [ 11.684474] __asan_report_load1_noabort+0x18/0x20 [ 11.684499] page_alloc_uaf+0x356/0x3d0 [ 11.684520] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.684542] ? __schedule+0x10cc/0x2b60 [ 11.684565] ? __pfx_read_tsc+0x10/0x10 [ 11.684586] ? ktime_get_ts64+0x86/0x230 [ 11.684675] kunit_try_run_case+0x1a5/0x480 [ 11.684701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.684723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.684747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.684770] ? __kthread_parkme+0x82/0x180 [ 11.684791] ? preempt_count_sub+0x50/0x80 [ 11.684815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.684838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.684869] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.684893] kthread+0x337/0x6f0 [ 11.684911] ? trace_preempt_on+0x20/0xc0 [ 11.684934] ? __pfx_kthread+0x10/0x10 [ 11.684954] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.684975] ? calculate_sigpending+0x7b/0xa0 [ 11.684999] ? __pfx_kthread+0x10/0x10 [ 11.685078] ret_from_fork+0x116/0x1d0 [ 11.685097] ? __pfx_kthread+0x10/0x10 [ 11.685116] ret_from_fork_asm+0x1a/0x30 [ 11.685149] </TASK> [ 11.685159] [ 11.692437] The buggy address belongs to the physical page: [ 11.692687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103990 [ 11.692945] flags: 0x200000000000000(node=0|zone=2) [ 11.693149] page_type: f0(buddy) [ 11.693539] raw: 0200000000000000 ffff88817fffb460 ffff88817fffb460 0000000000000000 [ 11.693918] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 11.694422] page dumped because: kasan: bad access detected [ 11.694674] [ 11.694772] Memory state around the buggy address: [ 11.694996] ffff88810398ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.695292] ffff88810398ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.695604] >ffff888103990000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.695882] ^ [ 11.696029] ffff888103990080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.696352] ffff888103990100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.696682] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.657201] ================================================================== [ 11.657700] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.658378] Free of addr ffff888102850001 by task kunit_try_catch/167 [ 11.658627] [ 11.658723] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.658771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.658782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.658805] Call Trace: [ 11.658818] <TASK> [ 11.658836] dump_stack_lvl+0x73/0xb0 [ 11.658869] print_report+0xd1/0x610 [ 11.658892] ? __virt_addr_valid+0x1db/0x2d0 [ 11.658916] ? kasan_addr_to_slab+0x11/0xa0 [ 11.658937] ? kfree+0x274/0x3f0 [ 11.658958] kasan_report_invalid_free+0x10a/0x130 [ 11.658982] ? kfree+0x274/0x3f0 [ 11.659004] ? kfree+0x274/0x3f0 [ 11.659055] __kasan_kfree_large+0x86/0xd0 [ 11.659076] free_large_kmalloc+0x4b/0x110 [ 11.659099] kfree+0x274/0x3f0 [ 11.659123] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.659146] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.659169] ? __schedule+0x10cc/0x2b60 [ 11.659191] ? __pfx_read_tsc+0x10/0x10 [ 11.659211] ? ktime_get_ts64+0x86/0x230 [ 11.659236] kunit_try_run_case+0x1a5/0x480 [ 11.659262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.659285] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.659309] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.659332] ? __kthread_parkme+0x82/0x180 [ 11.659353] ? preempt_count_sub+0x50/0x80 [ 11.659376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.659400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.659424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.659447] kthread+0x337/0x6f0 [ 11.659465] ? trace_preempt_on+0x20/0xc0 [ 11.659487] ? __pfx_kthread+0x10/0x10 [ 11.659507] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.659528] ? calculate_sigpending+0x7b/0xa0 [ 11.659551] ? __pfx_kthread+0x10/0x10 [ 11.659572] ret_from_fork+0x116/0x1d0 [ 11.659589] ? __pfx_kthread+0x10/0x10 [ 11.659609] ret_from_fork_asm+0x1a/0x30 [ 11.659639] </TASK> [ 11.659649] [ 11.666649] The buggy address belongs to the physical page: [ 11.666927] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102850 [ 11.667260] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.667557] flags: 0x200000000000040(head|node=0|zone=2) [ 11.667776] page_type: f8(unknown) [ 11.667906] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.668452] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.669608] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.669862] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.670965] head: 0200000000000002 ffffea00040a1401 00000000ffffffff 00000000ffffffff [ 11.671443] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.671715] page dumped because: kasan: bad access detected [ 11.671886] [ 11.672319] Memory state around the buggy address: [ 11.672858] ffff88810284ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.673481] ffff88810284ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.673982] >ffff888102850000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.674422] ^ [ 11.674586] ffff888102850080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.674871] ffff888102850100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.675575] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.627977] ================================================================== [ 11.628851] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.629517] Read of size 1 at addr ffff888102a00000 by task kunit_try_catch/165 [ 11.630259] [ 11.630445] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.630495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.630505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.630528] Call Trace: [ 11.630542] <TASK> [ 11.630561] dump_stack_lvl+0x73/0xb0 [ 11.630594] print_report+0xd1/0x610 [ 11.630616] ? __virt_addr_valid+0x1db/0x2d0 [ 11.630641] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.630661] ? kasan_addr_to_slab+0x11/0xa0 [ 11.630681] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.630701] kasan_report+0x141/0x180 [ 11.630722] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.630748] __asan_report_load1_noabort+0x18/0x20 [ 11.630772] kmalloc_large_uaf+0x2f1/0x340 [ 11.630792] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.630813] ? __schedule+0x10cc/0x2b60 [ 11.630835] ? __pfx_read_tsc+0x10/0x10 [ 11.630856] ? ktime_get_ts64+0x86/0x230 [ 11.630880] kunit_try_run_case+0x1a5/0x480 [ 11.630905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.630926] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.630950] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.630972] ? __kthread_parkme+0x82/0x180 [ 11.630993] ? preempt_count_sub+0x50/0x80 [ 11.631028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.631051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.631074] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.631097] kthread+0x337/0x6f0 [ 11.631116] ? trace_preempt_on+0x20/0xc0 [ 11.631180] ? __pfx_kthread+0x10/0x10 [ 11.631200] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.631221] ? calculate_sigpending+0x7b/0xa0 [ 11.631259] ? __pfx_kthread+0x10/0x10 [ 11.631282] ret_from_fork+0x116/0x1d0 [ 11.631300] ? __pfx_kthread+0x10/0x10 [ 11.631319] ret_from_fork_asm+0x1a/0x30 [ 11.631350] </TASK> [ 11.631360] [ 11.645942] The buggy address belongs to the physical page: [ 11.646213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a00 [ 11.647084] flags: 0x200000000000000(node=0|zone=2) [ 11.647612] raw: 0200000000000000 ffffea00040a8108 ffff88815b039f80 0000000000000000 [ 11.648265] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.648710] page dumped because: kasan: bad access detected [ 11.648892] [ 11.648971] Memory state around the buggy address: [ 11.649442] ffff8881029fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.650171] ffff8881029fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.650875] >ffff888102a00000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.651525] ^ [ 11.651745] ffff888102a00080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.652591] ffff888102a00100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.653140] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.593553] ================================================================== [ 11.595186] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.596362] Write of size 1 at addr ffff888102a0200a by task kunit_try_catch/163 [ 11.596831] [ 11.596938] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.596989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.597001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.597035] Call Trace: [ 11.597051] <TASK> [ 11.597071] dump_stack_lvl+0x73/0xb0 [ 11.597105] print_report+0xd1/0x610 [ 11.597129] ? __virt_addr_valid+0x1db/0x2d0 [ 11.597155] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.597177] ? kasan_addr_to_slab+0x11/0xa0 [ 11.597216] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.597239] kasan_report+0x141/0x180 [ 11.597260] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.597298] __asan_report_store1_noabort+0x1b/0x30 [ 11.597322] kmalloc_large_oob_right+0x2e9/0x330 [ 11.597344] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.597387] ? __schedule+0x10cc/0x2b60 [ 11.597411] ? __pfx_read_tsc+0x10/0x10 [ 11.597432] ? ktime_get_ts64+0x86/0x230 [ 11.597469] kunit_try_run_case+0x1a5/0x480 [ 11.597496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.597519] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.597543] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.597566] ? __kthread_parkme+0x82/0x180 [ 11.597588] ? preempt_count_sub+0x50/0x80 [ 11.597612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.597635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.597669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.597693] kthread+0x337/0x6f0 [ 11.597711] ? trace_preempt_on+0x20/0xc0 [ 11.597735] ? __pfx_kthread+0x10/0x10 [ 11.597754] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.597775] ? calculate_sigpending+0x7b/0xa0 [ 11.597799] ? __pfx_kthread+0x10/0x10 [ 11.597819] ret_from_fork+0x116/0x1d0 [ 11.597837] ? __pfx_kthread+0x10/0x10 [ 11.597856] ret_from_fork_asm+0x1a/0x30 [ 11.597887] </TASK> [ 11.597899] [ 11.612052] The buggy address belongs to the physical page: [ 11.612745] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a00 [ 11.613023] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.613253] flags: 0x200000000000040(head|node=0|zone=2) [ 11.613544] page_type: f8(unknown) [ 11.613973] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.614934] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.615788] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.616628] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.617641] head: 0200000000000002 ffffea00040a8001 00000000ffffffff 00000000ffffffff [ 11.617885] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.618291] page dumped because: kasan: bad access detected [ 11.618849] [ 11.619052] Memory state around the buggy address: [ 11.619584] ffff888102a01f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.620263] ffff888102a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.621032] >ffff888102a02000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.621698] ^ [ 11.621828] ffff888102a02080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.622304] ffff888102a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.623018] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.567456] ================================================================== [ 11.567944] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 11.568258] Write of size 1 at addr ffff888103959f00 by task kunit_try_catch/161 [ 11.568892] [ 11.568994] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.569055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.569067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.569089] Call Trace: [ 11.569100] <TASK> [ 11.569119] dump_stack_lvl+0x73/0xb0 [ 11.569152] print_report+0xd1/0x610 [ 11.569175] ? __virt_addr_valid+0x1db/0x2d0 [ 11.569198] ? kmalloc_big_oob_right+0x316/0x370 [ 11.569220] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.569242] ? kmalloc_big_oob_right+0x316/0x370 [ 11.569265] kasan_report+0x141/0x180 [ 11.569286] ? kmalloc_big_oob_right+0x316/0x370 [ 11.569312] __asan_report_store1_noabort+0x1b/0x30 [ 11.569336] kmalloc_big_oob_right+0x316/0x370 [ 11.569358] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.569381] ? __schedule+0x10cc/0x2b60 [ 11.569403] ? __pfx_read_tsc+0x10/0x10 [ 11.569423] ? ktime_get_ts64+0x86/0x230 [ 11.569447] kunit_try_run_case+0x1a5/0x480 [ 11.569473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.569494] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.569518] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.569541] ? __kthread_parkme+0x82/0x180 [ 11.569561] ? preempt_count_sub+0x50/0x80 [ 11.569585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.569608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.569631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.569654] kthread+0x337/0x6f0 [ 11.569673] ? trace_preempt_on+0x20/0xc0 [ 11.569695] ? __pfx_kthread+0x10/0x10 [ 11.569715] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.569735] ? calculate_sigpending+0x7b/0xa0 [ 11.569759] ? __pfx_kthread+0x10/0x10 [ 11.569779] ret_from_fork+0x116/0x1d0 [ 11.569797] ? __pfx_kthread+0x10/0x10 [ 11.569817] ret_from_fork_asm+0x1a/0x30 [ 11.569847] </TASK> [ 11.569857] [ 11.577894] Allocated by task 161: [ 11.578097] kasan_save_stack+0x45/0x70 [ 11.578324] kasan_save_track+0x18/0x40 [ 11.578585] kasan_save_alloc_info+0x3b/0x50 [ 11.578916] __kasan_kmalloc+0xb7/0xc0 [ 11.579122] __kmalloc_cache_noprof+0x189/0x420 [ 11.579435] kmalloc_big_oob_right+0xa9/0x370 [ 11.579632] kunit_try_run_case+0x1a5/0x480 [ 11.579775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.579943] kthread+0x337/0x6f0 [ 11.580539] ret_from_fork+0x116/0x1d0 [ 11.580942] ret_from_fork_asm+0x1a/0x30 [ 11.581150] [ 11.581260] The buggy address belongs to the object at ffff888103958000 [ 11.581260] which belongs to the cache kmalloc-8k of size 8192 [ 11.581630] The buggy address is located 0 bytes to the right of [ 11.581630] allocated 7936-byte region [ffff888103958000, ffff888103959f00) [ 11.582064] [ 11.582163] The buggy address belongs to the physical page: [ 11.582414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103958 [ 11.582757] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.583142] flags: 0x200000000000040(head|node=0|zone=2) [ 11.583546] page_type: f5(slab) [ 11.583688] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.583922] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.584475] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.584808] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.585153] head: 0200000000000003 ffffea00040e5601 00000000ffffffff 00000000ffffffff [ 11.585509] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.586157] page dumped because: kasan: bad access detected [ 11.586504] [ 11.586592] Memory state around the buggy address: [ 11.586755] ffff888103959e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.586964] ffff888103959e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.587612] >ffff888103959f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.587936] ^ [ 11.588132] ffff888103959f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.588358] ffff88810395a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.588665] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.544220] ================================================================== [ 11.544763] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.545047] Write of size 1 at addr ffff8881029a6578 by task kunit_try_catch/159 [ 11.545760] [ 11.545886] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.545929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.545940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.545961] Call Trace: [ 11.545971] <TASK> [ 11.545988] dump_stack_lvl+0x73/0xb0 [ 11.546077] print_report+0xd1/0x610 [ 11.546100] ? __virt_addr_valid+0x1db/0x2d0 [ 11.546123] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.546149] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.546172] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.546197] kasan_report+0x141/0x180 [ 11.546218] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.546247] __asan_report_store1_noabort+0x1b/0x30 [ 11.546272] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.546297] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.546324] ? __schedule+0x10cc/0x2b60 [ 11.546346] ? __pfx_read_tsc+0x10/0x10 [ 11.546366] ? ktime_get_ts64+0x86/0x230 [ 11.546390] kunit_try_run_case+0x1a5/0x480 [ 11.546414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.546452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.546476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.546498] ? __kthread_parkme+0x82/0x180 [ 11.546517] ? preempt_count_sub+0x50/0x80 [ 11.546541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.546564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.546587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.546610] kthread+0x337/0x6f0 [ 11.546628] ? trace_preempt_on+0x20/0xc0 [ 11.546650] ? __pfx_kthread+0x10/0x10 [ 11.546670] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.546690] ? calculate_sigpending+0x7b/0xa0 [ 11.546714] ? __pfx_kthread+0x10/0x10 [ 11.546735] ret_from_fork+0x116/0x1d0 [ 11.546754] ? __pfx_kthread+0x10/0x10 [ 11.546774] ret_from_fork_asm+0x1a/0x30 [ 11.546803] </TASK> [ 11.546812] [ 11.554748] Allocated by task 159: [ 11.554926] kasan_save_stack+0x45/0x70 [ 11.555335] kasan_save_track+0x18/0x40 [ 11.555483] kasan_save_alloc_info+0x3b/0x50 [ 11.555636] __kasan_kmalloc+0xb7/0xc0 [ 11.555769] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.556043] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.556285] kunit_try_run_case+0x1a5/0x480 [ 11.556492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.556957] kthread+0x337/0x6f0 [ 11.557335] ret_from_fork+0x116/0x1d0 [ 11.557567] ret_from_fork_asm+0x1a/0x30 [ 11.557716] [ 11.557788] The buggy address belongs to the object at ffff8881029a6500 [ 11.557788] which belongs to the cache kmalloc-128 of size 128 [ 11.558421] The buggy address is located 0 bytes to the right of [ 11.558421] allocated 120-byte region [ffff8881029a6500, ffff8881029a6578) [ 11.558918] [ 11.559020] The buggy address belongs to the physical page: [ 11.559238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 11.559508] flags: 0x200000000000000(node=0|zone=2) [ 11.559671] page_type: f5(slab) [ 11.559793] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.560084] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.560419] page dumped because: kasan: bad access detected [ 11.560964] [ 11.561052] Memory state around the buggy address: [ 11.561208] ffff8881029a6400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.561423] ffff8881029a6480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.561946] >ffff8881029a6500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.562396] ^ [ 11.562717] ffff8881029a6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.563210] ffff8881029a6600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.563557] ================================================================== [ 11.522903] ================================================================== [ 11.523487] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.523903] Write of size 1 at addr ffff8881029a6478 by task kunit_try_catch/159 [ 11.524306] [ 11.524440] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.524497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.524509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.524530] Call Trace: [ 11.524543] <TASK> [ 11.524560] dump_stack_lvl+0x73/0xb0 [ 11.524591] print_report+0xd1/0x610 [ 11.524613] ? __virt_addr_valid+0x1db/0x2d0 [ 11.524636] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.524660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.524682] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.524717] kasan_report+0x141/0x180 [ 11.524738] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.524767] __asan_report_store1_noabort+0x1b/0x30 [ 11.524802] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.524826] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.524858] ? __schedule+0x10cc/0x2b60 [ 11.524881] ? __pfx_read_tsc+0x10/0x10 [ 11.524901] ? ktime_get_ts64+0x86/0x230 [ 11.524926] kunit_try_run_case+0x1a5/0x480 [ 11.524951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.524981] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.525004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.525045] ? __kthread_parkme+0x82/0x180 [ 11.525065] ? preempt_count_sub+0x50/0x80 [ 11.525089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.525123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.525146] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.525170] kthread+0x337/0x6f0 [ 11.525232] ? trace_preempt_on+0x20/0xc0 [ 11.525258] ? __pfx_kthread+0x10/0x10 [ 11.525291] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.525312] ? calculate_sigpending+0x7b/0xa0 [ 11.525336] ? __pfx_kthread+0x10/0x10 [ 11.525356] ret_from_fork+0x116/0x1d0 [ 11.525374] ? __pfx_kthread+0x10/0x10 [ 11.525394] ret_from_fork_asm+0x1a/0x30 [ 11.525424] </TASK> [ 11.525434] [ 11.533492] Allocated by task 159: [ 11.533635] kasan_save_stack+0x45/0x70 [ 11.533785] kasan_save_track+0x18/0x40 [ 11.533921] kasan_save_alloc_info+0x3b/0x50 [ 11.534156] __kasan_kmalloc+0xb7/0xc0 [ 11.534341] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.534628] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.534798] kunit_try_run_case+0x1a5/0x480 [ 11.535114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.535367] kthread+0x337/0x6f0 [ 11.535708] ret_from_fork+0x116/0x1d0 [ 11.535911] ret_from_fork_asm+0x1a/0x30 [ 11.536215] [ 11.536325] The buggy address belongs to the object at ffff8881029a6400 [ 11.536325] which belongs to the cache kmalloc-128 of size 128 [ 11.537648] The buggy address is located 0 bytes to the right of [ 11.537648] allocated 120-byte region [ffff8881029a6400, ffff8881029a6478) [ 11.538880] [ 11.538980] The buggy address belongs to the physical page: [ 11.539172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 11.539876] flags: 0x200000000000000(node=0|zone=2) [ 11.540176] page_type: f5(slab) [ 11.540322] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.540650] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.540969] page dumped because: kasan: bad access detected [ 11.541247] [ 11.541349] Memory state around the buggy address: [ 11.541572] ffff8881029a6300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.541790] ffff8881029a6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.542263] >ffff8881029a6400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.542552] ^ [ 11.542853] ffff8881029a6480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.543188] ffff8881029a6500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.543533] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.493099] ================================================================== [ 11.494191] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.494459] Read of size 1 at addr ffff888103833000 by task kunit_try_catch/157 [ 11.494678] [ 11.494783] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.494834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.494845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.494869] Call Trace: [ 11.494882] <TASK> [ 11.494903] dump_stack_lvl+0x73/0xb0 [ 11.494934] print_report+0xd1/0x610 [ 11.494956] ? __virt_addr_valid+0x1db/0x2d0 [ 11.494980] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.495003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.495535] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.495671] kasan_report+0x141/0x180 [ 11.495697] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.495727] __asan_report_load1_noabort+0x18/0x20 [ 11.495751] kmalloc_node_oob_right+0x369/0x3c0 [ 11.495775] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.495799] ? __schedule+0x10cc/0x2b60 [ 11.495823] ? __pfx_read_tsc+0x10/0x10 [ 11.495845] ? ktime_get_ts64+0x86/0x230 [ 11.495871] kunit_try_run_case+0x1a5/0x480 [ 11.495897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.495919] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.495943] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.495966] ? __kthread_parkme+0x82/0x180 [ 11.495987] ? preempt_count_sub+0x50/0x80 [ 11.496021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.496203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.496228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.496251] kthread+0x337/0x6f0 [ 11.496271] ? trace_preempt_on+0x20/0xc0 [ 11.496295] ? __pfx_kthread+0x10/0x10 [ 11.496315] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.496336] ? calculate_sigpending+0x7b/0xa0 [ 11.496361] ? __pfx_kthread+0x10/0x10 [ 11.496381] ret_from_fork+0x116/0x1d0 [ 11.496400] ? __pfx_kthread+0x10/0x10 [ 11.496419] ret_from_fork_asm+0x1a/0x30 [ 11.496459] </TASK> [ 11.496471] [ 11.508449] Allocated by task 157: [ 11.508629] kasan_save_stack+0x45/0x70 [ 11.508860] kasan_save_track+0x18/0x40 [ 11.509128] kasan_save_alloc_info+0x3b/0x50 [ 11.509328] __kasan_kmalloc+0xb7/0xc0 [ 11.509555] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.509784] kmalloc_node_oob_right+0xab/0x3c0 [ 11.510075] kunit_try_run_case+0x1a5/0x480 [ 11.510273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.510541] kthread+0x337/0x6f0 [ 11.510709] ret_from_fork+0x116/0x1d0 [ 11.510850] ret_from_fork_asm+0x1a/0x30 [ 11.510992] [ 11.511311] The buggy address belongs to the object at ffff888103832000 [ 11.511311] which belongs to the cache kmalloc-4k of size 4096 [ 11.511872] The buggy address is located 0 bytes to the right of [ 11.511872] allocated 4096-byte region [ffff888103832000, ffff888103833000) [ 11.512465] [ 11.512629] The buggy address belongs to the physical page: [ 11.512984] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103830 [ 11.513645] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.513961] flags: 0x200000000000040(head|node=0|zone=2) [ 11.514442] page_type: f5(slab) [ 11.514627] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.514961] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.515583] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.515870] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.516322] head: 0200000000000003 ffffea00040e0c01 00000000ffffffff 00000000ffffffff [ 11.516600] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.516946] page dumped because: kasan: bad access detected [ 11.517193] [ 11.517287] Memory state around the buggy address: [ 11.517622] ffff888103832f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.517942] ffff888103832f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.518319] >ffff888103833000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.518640] ^ [ 11.518793] ffff888103833080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.519316] ffff888103833100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.519675] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.461510] ================================================================== [ 11.462453] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.462860] Read of size 1 at addr ffff888101be2e3f by task kunit_try_catch/155 [ 11.463719] [ 11.463855] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.463904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.463916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.463938] Call Trace: [ 11.463952] <TASK> [ 11.463971] dump_stack_lvl+0x73/0xb0 [ 11.464182] print_report+0xd1/0x610 [ 11.464210] ? __virt_addr_valid+0x1db/0x2d0 [ 11.464309] ? kmalloc_oob_left+0x361/0x3c0 [ 11.464333] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.464358] ? kmalloc_oob_left+0x361/0x3c0 [ 11.464391] kasan_report+0x141/0x180 [ 11.464475] ? kmalloc_oob_left+0x361/0x3c0 [ 11.464505] __asan_report_load1_noabort+0x18/0x20 [ 11.464531] kmalloc_oob_left+0x361/0x3c0 [ 11.464552] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.464574] ? __schedule+0x10cc/0x2b60 [ 11.464598] ? __pfx_read_tsc+0x10/0x10 [ 11.464618] ? ktime_get_ts64+0x86/0x230 [ 11.464642] kunit_try_run_case+0x1a5/0x480 [ 11.464668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.464692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.464718] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.464740] ? __kthread_parkme+0x82/0x180 [ 11.464761] ? preempt_count_sub+0x50/0x80 [ 11.464785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.464808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.464831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.464859] kthread+0x337/0x6f0 [ 11.464877] ? trace_preempt_on+0x20/0xc0 [ 11.464900] ? __pfx_kthread+0x10/0x10 [ 11.464919] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.464940] ? calculate_sigpending+0x7b/0xa0 [ 11.464963] ? __pfx_kthread+0x10/0x10 [ 11.464983] ret_from_fork+0x116/0x1d0 [ 11.465041] ? __pfx_kthread+0x10/0x10 [ 11.465062] ret_from_fork_asm+0x1a/0x30 [ 11.465092] </TASK> [ 11.465103] [ 11.474699] Allocated by task 1: [ 11.474930] kasan_save_stack+0x45/0x70 [ 11.475123] kasan_save_track+0x18/0x40 [ 11.475259] kasan_save_alloc_info+0x3b/0x50 [ 11.475408] __kasan_kmalloc+0xb7/0xc0 [ 11.475540] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.475799] kvasprintf+0xc5/0x150 [ 11.476049] __kthread_create_on_node+0x18b/0x3a0 [ 11.476284] kthread_create_on_node+0xab/0xe0 [ 11.476492] create_worker+0x3e5/0x7b0 [ 11.476642] alloc_unbound_pwq+0x8ea/0xdb0 [ 11.476791] apply_wqattrs_prepare+0x332/0xd20 [ 11.476953] apply_workqueue_attrs_locked+0x4d/0xa0 [ 11.477450] alloc_workqueue+0xcc7/0x1ad0 [ 11.477788] latency_fsnotify_init+0x1b/0x50 [ 11.477946] do_one_initcall+0xd8/0x370 [ 11.478149] kernel_init_freeable+0x420/0x6f0 [ 11.478302] kernel_init+0x23/0x1e0 [ 11.478427] ret_from_fork+0x116/0x1d0 [ 11.478559] ret_from_fork_asm+0x1a/0x30 [ 11.478717] [ 11.478851] The buggy address belongs to the object at ffff888101be2e20 [ 11.478851] which belongs to the cache kmalloc-16 of size 16 [ 11.479653] The buggy address is located 18 bytes to the right of [ 11.479653] allocated 13-byte region [ffff888101be2e20, ffff888101be2e2d) [ 11.481763] [ 11.482000] The buggy address belongs to the physical page: [ 11.482333] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101be2 [ 11.483302] flags: 0x200000000000000(node=0|zone=2) [ 11.483551] page_type: f5(slab) [ 11.483717] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.484039] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.484744] page dumped because: kasan: bad access detected [ 11.485125] [ 11.485217] Memory state around the buggy address: [ 11.485428] ffff888101be2d00: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 11.485716] ffff888101be2d80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 11.486004] >ffff888101be2e00: fa fb fc fc 00 05 fc fc 00 07 fc fc fc fc fc fc [ 11.486843] ^ [ 11.487599] ffff888101be2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.488091] ffff888101be2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.488707] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.396149] ================================================================== [ 11.397239] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.398089] Write of size 1 at addr ffff8881029a6373 by task kunit_try_catch/153 [ 11.398394] [ 11.399445] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.399963] Tainted: [N]=TEST [ 11.399998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.400229] Call Trace: [ 11.400298] <TASK> [ 11.400451] dump_stack_lvl+0x73/0xb0 [ 11.400542] print_report+0xd1/0x610 [ 11.400571] ? __virt_addr_valid+0x1db/0x2d0 [ 11.400596] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.400616] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.400638] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.400659] kasan_report+0x141/0x180 [ 11.400681] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.400706] __asan_report_store1_noabort+0x1b/0x30 [ 11.400731] kmalloc_oob_right+0x6f0/0x7f0 [ 11.400752] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.400774] ? __schedule+0x10cc/0x2b60 [ 11.400797] ? __pfx_read_tsc+0x10/0x10 [ 11.400819] ? ktime_get_ts64+0x86/0x230 [ 11.400845] kunit_try_run_case+0x1a5/0x480 [ 11.400878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.400900] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.400924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.400947] ? __kthread_parkme+0x82/0x180 [ 11.400968] ? preempt_count_sub+0x50/0x80 [ 11.400992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.401027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.401050] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.401074] kthread+0x337/0x6f0 [ 11.401092] ? trace_preempt_on+0x20/0xc0 [ 11.401116] ? __pfx_kthread+0x10/0x10 [ 11.401135] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.401156] ? calculate_sigpending+0x7b/0xa0 [ 11.401181] ? __pfx_kthread+0x10/0x10 [ 11.401201] ret_from_fork+0x116/0x1d0 [ 11.401220] ? __pfx_kthread+0x10/0x10 [ 11.401239] ret_from_fork_asm+0x1a/0x30 [ 11.401293] </TASK> [ 11.401356] [ 11.410427] Allocated by task 153: [ 11.410765] kasan_save_stack+0x45/0x70 [ 11.411031] kasan_save_track+0x18/0x40 [ 11.411251] kasan_save_alloc_info+0x3b/0x50 [ 11.411409] __kasan_kmalloc+0xb7/0xc0 [ 11.411629] __kmalloc_cache_noprof+0x189/0x420 [ 11.411859] kmalloc_oob_right+0xa9/0x7f0 [ 11.412046] kunit_try_run_case+0x1a5/0x480 [ 11.412253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.412547] kthread+0x337/0x6f0 [ 11.412719] ret_from_fork+0x116/0x1d0 [ 11.412885] ret_from_fork_asm+0x1a/0x30 [ 11.413073] [ 11.413209] The buggy address belongs to the object at ffff8881029a6300 [ 11.413209] which belongs to the cache kmalloc-128 of size 128 [ 11.413894] The buggy address is located 0 bytes to the right of [ 11.413894] allocated 115-byte region [ffff8881029a6300, ffff8881029a6373) [ 11.414481] [ 11.414657] The buggy address belongs to the physical page: [ 11.415087] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 11.415714] flags: 0x200000000000000(node=0|zone=2) [ 11.416357] page_type: f5(slab) [ 11.416963] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.417236] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.417821] page dumped because: kasan: bad access detected [ 11.418058] [ 11.418180] Memory state around the buggy address: [ 11.418581] ffff8881029a6200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.419051] ffff8881029a6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.419392] >ffff8881029a6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.419747] ^ [ 11.420101] ffff8881029a6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.420404] ffff8881029a6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.420734] ================================================================== [ 11.421977] ================================================================== [ 11.422481] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.422816] Write of size 1 at addr ffff8881029a6378 by task kunit_try_catch/153 [ 11.423119] [ 11.423279] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.423324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.423335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.423359] Call Trace: [ 11.423378] <TASK> [ 11.423397] dump_stack_lvl+0x73/0xb0 [ 11.423427] print_report+0xd1/0x610 [ 11.423449] ? __virt_addr_valid+0x1db/0x2d0 [ 11.423472] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.423493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.423516] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.423537] kasan_report+0x141/0x180 [ 11.423558] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.423584] __asan_report_store1_noabort+0x1b/0x30 [ 11.423608] kmalloc_oob_right+0x6bd/0x7f0 [ 11.423630] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.423651] ? __schedule+0x10cc/0x2b60 [ 11.423695] ? __pfx_read_tsc+0x10/0x10 [ 11.423716] ? ktime_get_ts64+0x86/0x230 [ 11.423740] kunit_try_run_case+0x1a5/0x480 [ 11.423775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.423797] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.423820] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.423843] ? __kthread_parkme+0x82/0x180 [ 11.423863] ? preempt_count_sub+0x50/0x80 [ 11.423886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.423909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.423932] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.423955] kthread+0x337/0x6f0 [ 11.423973] ? trace_preempt_on+0x20/0xc0 [ 11.423996] ? __pfx_kthread+0x10/0x10 [ 11.424023] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.424044] ? calculate_sigpending+0x7b/0xa0 [ 11.424067] ? __pfx_kthread+0x10/0x10 [ 11.424087] ret_from_fork+0x116/0x1d0 [ 11.424105] ? __pfx_kthread+0x10/0x10 [ 11.424124] ret_from_fork_asm+0x1a/0x30 [ 11.424163] </TASK> [ 11.424173] [ 11.431071] Allocated by task 153: [ 11.431210] kasan_save_stack+0x45/0x70 [ 11.431419] kasan_save_track+0x18/0x40 [ 11.431620] kasan_save_alloc_info+0x3b/0x50 [ 11.431859] __kasan_kmalloc+0xb7/0xc0 [ 11.432051] __kmalloc_cache_noprof+0x189/0x420 [ 11.432266] kmalloc_oob_right+0xa9/0x7f0 [ 11.432466] kunit_try_run_case+0x1a5/0x480 [ 11.432657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.432908] kthread+0x337/0x6f0 [ 11.433083] ret_from_fork+0x116/0x1d0 [ 11.433274] ret_from_fork_asm+0x1a/0x30 [ 11.433489] [ 11.433589] The buggy address belongs to the object at ffff8881029a6300 [ 11.433589] which belongs to the cache kmalloc-128 of size 128 [ 11.434096] The buggy address is located 5 bytes to the right of [ 11.434096] allocated 115-byte region [ffff8881029a6300, ffff8881029a6373) [ 11.434619] [ 11.434725] The buggy address belongs to the physical page: [ 11.434953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 11.435293] flags: 0x200000000000000(node=0|zone=2) [ 11.435591] page_type: f5(slab) [ 11.435735] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.435970] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.436208] page dumped because: kasan: bad access detected [ 11.436378] [ 11.436446] Memory state around the buggy address: [ 11.436636] ffff8881029a6200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.437021] ffff8881029a6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.437353] >ffff8881029a6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.437657] ^ [ 11.437882] ffff8881029a6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.438105] ffff8881029a6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.438318] ================================================================== [ 11.438924] ================================================================== [ 11.439515] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.439939] Read of size 1 at addr ffff8881029a6380 by task kunit_try_catch/153 [ 11.440282] [ 11.440394] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.440448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.440458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.440482] Call Trace: [ 11.440500] <TASK> [ 11.440530] dump_stack_lvl+0x73/0xb0 [ 11.440567] print_report+0xd1/0x610 [ 11.440589] ? __virt_addr_valid+0x1db/0x2d0 [ 11.440611] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.440642] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.440664] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.440685] kasan_report+0x141/0x180 [ 11.440706] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.440731] __asan_report_load1_noabort+0x18/0x20 [ 11.440754] kmalloc_oob_right+0x68a/0x7f0 [ 11.440776] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.440797] ? __schedule+0x10cc/0x2b60 [ 11.440819] ? __pfx_read_tsc+0x10/0x10 [ 11.440839] ? ktime_get_ts64+0x86/0x230 [ 11.440867] kunit_try_run_case+0x1a5/0x480 [ 11.440891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.440912] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.440935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.440958] ? __kthread_parkme+0x82/0x180 [ 11.440978] ? preempt_count_sub+0x50/0x80 [ 11.441002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.441033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.441056] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.441079] kthread+0x337/0x6f0 [ 11.441097] ? trace_preempt_on+0x20/0xc0 [ 11.441119] ? __pfx_kthread+0x10/0x10 [ 11.441138] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.441159] ? calculate_sigpending+0x7b/0xa0 [ 11.441182] ? __pfx_kthread+0x10/0x10 [ 11.441202] ret_from_fork+0x116/0x1d0 [ 11.441220] ? __pfx_kthread+0x10/0x10 [ 11.441239] ret_from_fork_asm+0x1a/0x30 [ 11.441269] </TASK> [ 11.441278] [ 11.448183] Allocated by task 153: [ 11.448311] kasan_save_stack+0x45/0x70 [ 11.448507] kasan_save_track+0x18/0x40 [ 11.448696] kasan_save_alloc_info+0x3b/0x50 [ 11.448929] __kasan_kmalloc+0xb7/0xc0 [ 11.449119] __kmalloc_cache_noprof+0x189/0x420 [ 11.449336] kmalloc_oob_right+0xa9/0x7f0 [ 11.449556] kunit_try_run_case+0x1a5/0x480 [ 11.449758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.449976] kthread+0x337/0x6f0 [ 11.450167] ret_from_fork+0x116/0x1d0 [ 11.450316] ret_from_fork_asm+0x1a/0x30 [ 11.450570] [ 11.450667] The buggy address belongs to the object at ffff8881029a6300 [ 11.450667] which belongs to the cache kmalloc-128 of size 128 [ 11.451132] The buggy address is located 13 bytes to the right of [ 11.451132] allocated 115-byte region [ffff8881029a6300, ffff8881029a6373) [ 11.451715] [ 11.451830] The buggy address belongs to the physical page: [ 11.452072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a6 [ 11.452403] flags: 0x200000000000000(node=0|zone=2) [ 11.452585] page_type: f5(slab) [ 11.452778] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.453055] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.453281] page dumped because: kasan: bad access detected [ 11.453450] [ 11.453518] Memory state around the buggy address: [ 11.453671] ffff8881029a6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.453885] ffff8881029a6300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.454108] >ffff8881029a6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.454319] ^ [ 11.454433] ffff8881029a6400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.454726] ffff8881029a6480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.455379] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 142.253801] WARNING: CPU: 1 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 142.254140] Modules linked in: [ 142.254297] CPU: 1 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.254625] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.254941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.255472] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 142.255742] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.257797] RSP: 0000:ffff888108bd7c78 EFLAGS: 00010286 [ 142.258878] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 142.259930] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffba233bfc [ 142.261098] RBP: ffff888108bd7ca0 R08: 0000000000000000 R09: ffffed10215b8e40 [ 142.262286] R10: ffff88810adc7207 R11: 0000000000000000 R12: ffffffffba233be8 [ 142.262736] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888108bd7d38 [ 142.263032] FS: 0000000000000000(0000) GS:ffff88819ef72000(0000) knlGS:0000000000000000 [ 142.263670] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.263881] CR2: 00007ffff7ffe000 CR3: 000000004e6bc000 CR4: 00000000000006f0 [ 142.264422] DR0: ffffffffbc252444 DR1: ffffffffbc252449 DR2: ffffffffbc25244a [ 142.264743] DR3: ffffffffbc25244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.265301] Call Trace: [ 142.265443] <TASK> [ 142.265562] drm_test_rect_calc_vscale+0x108/0x270 [ 142.265906] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 142.266544] ? __schedule+0x10cc/0x2b60 [ 142.266762] ? __pfx_read_tsc+0x10/0x10 [ 142.266920] ? ktime_get_ts64+0x86/0x230 [ 142.267340] kunit_try_run_case+0x1a5/0x480 [ 142.267544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.267940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.268360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.268702] ? __kthread_parkme+0x82/0x180 [ 142.268986] ? preempt_count_sub+0x50/0x80 [ 142.269235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.269459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.270014] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.270387] kthread+0x337/0x6f0 [ 142.270724] ? trace_preempt_on+0x20/0xc0 [ 142.270988] ? __pfx_kthread+0x10/0x10 [ 142.271427] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.271835] ? calculate_sigpending+0x7b/0xa0 [ 142.272007] ? __pfx_kthread+0x10/0x10 [ 142.272322] ret_from_fork+0x116/0x1d0 [ 142.272535] ? __pfx_kthread+0x10/0x10 [ 142.272716] ret_from_fork_asm+0x1a/0x30 [ 142.272925] </TASK> [ 142.273517] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 142.276718] WARNING: CPU: 0 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 142.277137] Modules linked in: [ 142.277567] CPU: 0 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.278156] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.278405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.278867] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 142.279279] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.280096] RSP: 0000:ffff888108b07c78 EFLAGS: 00010286 [ 142.280490] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 142.280771] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffba233c34 [ 142.281738] RBP: ffff888108b07ca0 R08: 0000000000000000 R09: ffffed1020d375e0 [ 142.282029] R10: ffff8881069baf07 R11: 0000000000000000 R12: ffffffffba233c20 [ 142.282479] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888108b07d38 [ 142.282802] FS: 0000000000000000(0000) GS:ffff88819ee72000(0000) knlGS:0000000000000000 [ 142.283600] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.283833] CR2: 00007ffff7ffe000 CR3: 000000004e6bc000 CR4: 00000000000006f0 [ 142.284273] DR0: ffffffffbc252440 DR1: ffffffffbc252441 DR2: ffffffffbc252443 [ 142.284539] DR3: ffffffffbc252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.284849] Call Trace: [ 142.284998] <TASK> [ 142.285195] drm_test_rect_calc_vscale+0x108/0x270 [ 142.285507] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 142.285759] ? __schedule+0x10cc/0x2b60 [ 142.285986] ? __pfx_read_tsc+0x10/0x10 [ 142.286181] ? ktime_get_ts64+0x86/0x230 [ 142.286402] kunit_try_run_case+0x1a5/0x480 [ 142.286761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.286985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.287335] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.287816] ? __kthread_parkme+0x82/0x180 [ 142.288056] ? preempt_count_sub+0x50/0x80 [ 142.288285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.288616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.288903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.289136] kthread+0x337/0x6f0 [ 142.289356] ? trace_preempt_on+0x20/0xc0 [ 142.289688] ? __pfx_kthread+0x10/0x10 [ 142.289975] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.290167] ? calculate_sigpending+0x7b/0xa0 [ 142.290533] ? __pfx_kthread+0x10/0x10 [ 142.290812] ret_from_fork+0x116/0x1d0 [ 142.291222] ? __pfx_kthread+0x10/0x10 [ 142.291421] ret_from_fork_asm+0x1a/0x30 [ 142.291664] </TASK> [ 142.291784] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 142.220265] WARNING: CPU: 1 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 142.221407] Modules linked in: [ 142.221889] CPU: 1 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.222850] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.223517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.223793] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 142.223979] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.225902] RSP: 0000:ffff888108a5fc78 EFLAGS: 00010286 [ 142.226535] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 142.226929] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffba233c38 [ 142.227624] RBP: ffff888108a5fca0 R08: 0000000000000000 R09: ffffed10215b87a0 [ 142.228213] R10: ffff88810adc3d07 R11: 0000000000000000 R12: ffffffffba233c20 [ 142.228894] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888108a5fd38 [ 142.229426] FS: 0000000000000000(0000) GS:ffff88819ef72000(0000) knlGS:0000000000000000 [ 142.229673] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.229852] CR2: 00007ffff7ffe000 CR3: 000000004e6bc000 CR4: 00000000000006f0 [ 142.230130] DR0: ffffffffbc252444 DR1: ffffffffbc252449 DR2: ffffffffbc25244a [ 142.230636] DR3: ffffffffbc25244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.230853] Call Trace: [ 142.230956] <TASK> [ 142.231346] drm_test_rect_calc_hscale+0x108/0x270 [ 142.231816] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 142.232403] ? __schedule+0x10cc/0x2b60 [ 142.232794] ? __pfx_read_tsc+0x10/0x10 [ 142.233155] ? ktime_get_ts64+0x86/0x230 [ 142.233314] kunit_try_run_case+0x1a5/0x480 [ 142.233544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.233948] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.234465] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.234905] ? __kthread_parkme+0x82/0x180 [ 142.235382] ? preempt_count_sub+0x50/0x80 [ 142.235747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.235917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.236456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.237045] kthread+0x337/0x6f0 [ 142.237344] ? trace_preempt_on+0x20/0xc0 [ 142.237640] ? __pfx_kthread+0x10/0x10 [ 142.237980] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.238305] ? calculate_sigpending+0x7b/0xa0 [ 142.238542] ? __pfx_kthread+0x10/0x10 [ 142.238890] ret_from_fork+0x116/0x1d0 [ 142.239472] ? __pfx_kthread+0x10/0x10 [ 142.239669] ret_from_fork_asm+0x1a/0x30 [ 142.239824] </TASK> [ 142.239916] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 142.193757] WARNING: CPU: 1 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 142.194791] Modules linked in: [ 142.194955] CPU: 1 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.195292] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.195473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.195732] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 142.195913] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 142.197894] RSP: 0000:ffff888108b6fc78 EFLAGS: 00010286 [ 142.198746] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 142.199668] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffba233c00 [ 142.200768] RBP: ffff888108b6fca0 R08: 0000000000000000 R09: ffffed10215b8760 [ 142.201624] R10: ffff88810adc3b07 R11: 0000000000000000 R12: ffffffffba233be8 [ 142.202572] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888108b6fd38 [ 142.203473] FS: 0000000000000000(0000) GS:ffff88819ef72000(0000) knlGS:0000000000000000 [ 142.204486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.205238] CR2: 00007ffff7ffe000 CR3: 000000004e6bc000 CR4: 00000000000006f0 [ 142.206265] DR0: ffffffffbc252444 DR1: ffffffffbc252449 DR2: ffffffffbc25244a [ 142.206496] DR3: ffffffffbc25244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.206710] Call Trace: [ 142.206813] <TASK> [ 142.206918] drm_test_rect_calc_hscale+0x108/0x270 [ 142.207396] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 142.207861] ? __schedule+0x10cc/0x2b60 [ 142.208358] ? __pfx_read_tsc+0x10/0x10 [ 142.208783] ? ktime_get_ts64+0x86/0x230 [ 142.209200] kunit_try_run_case+0x1a5/0x480 [ 142.209713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.210371] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.210817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.211193] ? __kthread_parkme+0x82/0x180 [ 142.211702] ? preempt_count_sub+0x50/0x80 [ 142.211865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.212094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.212643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.213292] kthread+0x337/0x6f0 [ 142.213685] ? trace_preempt_on+0x20/0xc0 [ 142.213976] ? __pfx_kthread+0x10/0x10 [ 142.214183] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.214345] ? calculate_sigpending+0x7b/0xa0 [ 142.214560] ? __pfx_kthread+0x10/0x10 [ 142.214897] ret_from_fork+0x116/0x1d0 [ 142.215297] ? __pfx_kthread+0x10/0x10 [ 142.215753] ret_from_fork_asm+0x1a/0x30 [ 142.216193] </TASK> [ 142.216433] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 141.526729] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 141.526829] WARNING: CPU: 0 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 141.527829] Modules linked in: [ 141.527992] CPU: 0 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.528482] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.528671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.529290] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 141.529677] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 e0 8a 1e ba 4c 89 f2 48 c7 c7 a0 87 1e ba 48 89 c6 e8 74 b8 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 141.530400] RSP: 0000:ffff88810835fd18 EFLAGS: 00010286 [ 141.530704] RAX: 0000000000000000 RBX: ffff8881045f0400 RCX: 1ffffffff75e4cf0 [ 141.531255] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 141.531560] RBP: ffff88810835fd48 R08: 0000000000000000 R09: fffffbfff75e4cf0 [ 141.531903] R10: 0000000000000003 R11: 0000000000038a60 R12: ffff88810857d800 [ 141.532304] R13: ffff8881045f04f8 R14: ffff888106967580 R15: ffff88810039fb40 [ 141.532687] FS: 0000000000000000(0000) GS:ffff88819ee72000(0000) knlGS:0000000000000000 [ 141.533114] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.533395] CR2: 00007ffff7ffe000 CR3: 000000004e6bc000 CR4: 00000000000006f0 [ 141.533753] DR0: ffffffffbc252440 DR1: ffffffffbc252441 DR2: ffffffffbc252443 [ 141.534135] DR3: ffffffffbc252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.534511] Call Trace: [ 141.534657] <TASK> [ 141.534790] ? trace_preempt_on+0x20/0xc0 [ 141.535237] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 141.535543] drm_gem_shmem_free_wrapper+0x12/0x20 [ 141.535832] __kunit_action_free+0x57/0x70 [ 141.536194] kunit_remove_resource+0x133/0x200 [ 141.536499] ? preempt_count_sub+0x50/0x80 [ 141.536657] kunit_cleanup+0x7a/0x120 [ 141.536940] kunit_try_run_case_cleanup+0xbd/0xf0 [ 141.537252] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 141.537586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.537842] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.538195] kthread+0x337/0x6f0 [ 141.538406] ? trace_preempt_on+0x20/0xc0 [ 141.538650] ? __pfx_kthread+0x10/0x10 [ 141.538844] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.539130] ? calculate_sigpending+0x7b/0xa0 [ 141.539359] ? __pfx_kthread+0x10/0x10 [ 141.539610] ret_from_fork+0x116/0x1d0 [ 141.539781] ? __pfx_kthread+0x10/0x10 [ 141.539988] ret_from_fork_asm+0x1a/0x30 [ 141.540501] </TASK> [ 141.540644] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 141.383192] WARNING: CPU: 0 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 141.384394] Modules linked in: [ 141.384587] CPU: 0 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.384924] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.385137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.385528] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 141.386196] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 141.387384] RSP: 0000:ffff8881083a7b20 EFLAGS: 00010246 [ 141.387975] RAX: ffff8881083a7ba8 RBX: ffff8881083a7c28 RCX: 1ffff11021074f8e [ 141.388446] RDX: dffffc0000000000 RSI: ffff88810840d000 RDI: ffff88810840d000 [ 141.388742] RBP: ffff8881083a7b70 R08: ffff88810840d000 R09: ffffffffba1d8e20 [ 141.389272] R10: 0000000000000003 R11: 00000000872b430e R12: 1ffff11021074f71 [ 141.389764] R13: ffff8881083a7c70 R14: ffff8881083a7db8 R15: 0000000000000000 [ 141.390535] FS: 0000000000000000(0000) GS:ffff88819ee72000(0000) knlGS:0000000000000000 [ 141.390906] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.391452] CR2: 00007ffff7ffe000 CR3: 000000004e6bc000 CR4: 00000000000006f0 [ 141.391836] DR0: ffffffffbc252440 DR1: ffffffffbc252441 DR2: ffffffffbc252443 [ 141.392348] DR3: ffffffffbc252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.392814] Call Trace: [ 141.393162] <TASK> [ 141.393318] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 141.393777] ? add_dr+0x148/0x1d0 [ 141.394136] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 141.394423] ? __drmm_add_action+0x1a4/0x280 [ 141.394626] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.394866] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.395420] ? __drmm_add_action_or_reset+0x22/0x50 [ 141.395864] ? __schedule+0x10cc/0x2b60 [ 141.396634] ? __pfx_read_tsc+0x10/0x10 [ 141.396899] ? ktime_get_ts64+0x86/0x230 [ 141.397358] kunit_try_run_case+0x1a5/0x480 [ 141.397704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.398409] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.398657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.398879] ? __kthread_parkme+0x82/0x180 [ 141.399322] ? preempt_count_sub+0x50/0x80 [ 141.399722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.400075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.400391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.400902] kthread+0x337/0x6f0 [ 141.401336] ? trace_preempt_on+0x20/0xc0 [ 141.401693] ? __pfx_kthread+0x10/0x10 [ 141.401888] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.402395] ? calculate_sigpending+0x7b/0xa0 [ 141.402852] ? __pfx_kthread+0x10/0x10 [ 141.402994] ret_from_fork+0x116/0x1d0 [ 141.403257] ? __pfx_kthread+0x10/0x10 [ 141.403471] ret_from_fork_asm+0x1a/0x30 [ 141.403671] </TASK> [ 141.403802] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 141.344124] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 141.344608] WARNING: CPU: 0 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 141.346264] Modules linked in: [ 141.346489] CPU: 0 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.347020] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.347426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.347858] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 141.348247] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 c0 38 1d ba 4c 89 fa 48 c7 c7 20 39 1d ba 48 89 c6 e8 f2 de 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 141.349367] RSP: 0000:ffff888100d67b68 EFLAGS: 00010282 [ 141.349668] RAX: 0000000000000000 RBX: ffff888100d67c40 RCX: 1ffffffff75e4cf0 [ 141.350446] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 141.350748] RBP: ffff888100d67b90 R08: 0000000000000000 R09: fffffbfff75e4cf0 [ 141.350961] R10: 0000000000000003 R11: 00000000000370e0 R12: ffff888100d67c18 [ 141.351589] R13: ffff888100cc5800 R14: ffff88810840b000 R15: ffff8881076ff880 [ 141.352305] FS: 0000000000000000(0000) GS:ffff88819ee72000(0000) knlGS:0000000000000000 [ 141.352943] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.353414] CR2: 00007ffff7ffe000 CR3: 000000004e6bc000 CR4: 00000000000006f0 [ 141.353781] DR0: ffffffffbc252440 DR1: ffffffffbc252441 DR2: ffffffffbc252443 [ 141.353997] DR3: ffffffffbc252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.354828] Call Trace: [ 141.355117] <TASK> [ 141.355398] drm_test_framebuffer_free+0x1ab/0x610 [ 141.355944] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 141.356454] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.356918] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 141.357379] ? __drmm_add_action_or_reset+0x22/0x50 [ 141.357902] ? __schedule+0x10cc/0x2b60 [ 141.358150] ? __pfx_read_tsc+0x10/0x10 [ 141.358630] ? ktime_get_ts64+0x86/0x230 [ 141.359076] kunit_try_run_case+0x1a5/0x480 [ 141.359262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.359771] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.360141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.360328] ? __kthread_parkme+0x82/0x180 [ 141.360483] ? preempt_count_sub+0x50/0x80 [ 141.360632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.360794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.360980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.361535] kthread+0x337/0x6f0 [ 141.361840] ? trace_preempt_on+0x20/0xc0 [ 141.362349] ? __pfx_kthread+0x10/0x10 [ 141.362733] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.363332] ? calculate_sigpending+0x7b/0xa0 [ 141.363741] ? __pfx_kthread+0x10/0x10 [ 141.364198] ret_from_fork+0x116/0x1d0 [ 141.364593] ? __pfx_kthread+0x10/0x10 [ 141.364937] ret_from_fork_asm+0x1a/0x30 [ 141.365347] </TASK> [ 141.365592] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 140.005303] WARNING: CPU: 1 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 140.006065] Modules linked in: [ 140.006266] CPU: 1 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.007110] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.007850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.008304] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 140.008663] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 36 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 140.009779] RSP: 0000:ffff8881034b7c90 EFLAGS: 00010246 [ 140.009972] RAX: dffffc0000000000 RBX: ffff88810369e000 RCX: 0000000000000000 [ 140.010743] RDX: 1ffff110206d3c32 RSI: ffffffffb74067b8 RDI: ffff88810369e190 [ 140.011619] RBP: ffff8881034b7ca0 R08: 1ffff11020073f69 R09: ffffed1020696f65 [ 140.012419] R10: 0000000000000003 R11: ffffffffb69859b8 R12: 0000000000000000 [ 140.012643] R13: ffff8881034b7d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 140.012857] FS: 0000000000000000(0000) GS:ffff88819ef72000(0000) knlGS:0000000000000000 [ 140.013448] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.013989] CR2: 00007ffff7ffe000 CR3: 000000004e6bc000 CR4: 00000000000006f0 [ 140.014768] DR0: ffffffffbc252444 DR1: ffffffffbc252449 DR2: ffffffffbc25244a [ 140.015574] DR3: ffffffffbc25244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.015980] Call Trace: [ 140.016458] <TASK> [ 140.016748] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 140.017280] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 140.017663] ? __schedule+0x10cc/0x2b60 [ 140.018170] ? __pfx_read_tsc+0x10/0x10 [ 140.018521] ? ktime_get_ts64+0x86/0x230 [ 140.018674] kunit_try_run_case+0x1a5/0x480 [ 140.018830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.018991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.019583] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.020186] ? __kthread_parkme+0x82/0x180 [ 140.020763] ? preempt_count_sub+0x50/0x80 [ 140.021249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.021542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.021724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.021919] kthread+0x337/0x6f0 [ 140.022158] ? trace_preempt_on+0x20/0xc0 [ 140.022339] ? __pfx_kthread+0x10/0x10 [ 140.022515] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.022675] ? calculate_sigpending+0x7b/0xa0 [ 140.022969] ? __pfx_kthread+0x10/0x10 [ 140.023163] ret_from_fork+0x116/0x1d0 [ 140.023301] ? __pfx_kthread+0x10/0x10 [ 140.023706] ret_from_fork_asm+0x1a/0x30 [ 140.023926] </TASK> [ 140.024072] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.921108] WARNING: CPU: 1 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.921610] Modules linked in: [ 139.921787] CPU: 1 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.922813] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.923385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.923709] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.923912] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 36 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.924902] RSP: 0000:ffff88810326fc90 EFLAGS: 00010246 [ 139.925282] RAX: dffffc0000000000 RBX: ffff888103770000 RCX: 0000000000000000 [ 139.925659] RDX: 1ffff110206ee032 RSI: ffffffffb74067b8 RDI: ffff888103770190 [ 139.926132] RBP: ffff88810326fca0 R08: 1ffff11020073f69 R09: ffffed102064df65 [ 139.926587] R10: 0000000000000003 R11: ffffffffb69859b8 R12: 0000000000000000 [ 139.926846] R13: ffff88810326fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.927234] FS: 0000000000000000(0000) GS:ffff88819ef72000(0000) knlGS:0000000000000000 [ 139.927797] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.928126] CR2: 00007ffff7ffe000 CR3: 000000004e6bc000 CR4: 00000000000006f0 [ 139.928652] DR0: ffffffffbc252444 DR1: ffffffffbc252449 DR2: ffffffffbc25244a [ 139.928944] DR3: ffffffffbc25244b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.929704] Call Trace: [ 139.929960] <TASK> [ 139.930203] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 139.930816] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 139.931389] ? __schedule+0x10cc/0x2b60 [ 139.931652] ? __pfx_read_tsc+0x10/0x10 [ 139.931832] ? ktime_get_ts64+0x86/0x230 [ 139.932342] kunit_try_run_case+0x1a5/0x480 [ 139.932588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.932898] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.933302] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.933575] ? __kthread_parkme+0x82/0x180 [ 139.933738] ? preempt_count_sub+0x50/0x80 [ 139.934183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.934515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.934722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.935070] kthread+0x337/0x6f0 [ 139.935371] ? trace_preempt_on+0x20/0xc0 [ 139.935834] ? __pfx_kthread+0x10/0x10 [ 139.936179] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.936566] ? calculate_sigpending+0x7b/0xa0 [ 139.936759] ? __pfx_kthread+0x10/0x10 [ 139.937205] ret_from_fork+0x116/0x1d0 [ 139.937559] ? __pfx_kthread+0x10/0x10 [ 139.937837] ret_from_fork_asm+0x1a/0x30 [ 139.938247] </TASK> [ 139.938356] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 109.486117] WARNING: CPU: 0 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 109.486757] Modules linked in: [ 109.486966] CPU: 0 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 109.487503] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 109.487757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 109.488138] RIP: 0010:intlog10+0x2a/0x40 [ 109.488386] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 47 ba 86 02 90 <0f> 0b 90 31 c0 e9 3c ba 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 109.489116] RSP: 0000:ffff8881092b7cb0 EFLAGS: 00010246 [ 109.489497] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021256fb4 [ 109.489781] RDX: 1ffffffff7412dc4 RSI: 1ffff11021256fb3 RDI: 0000000000000000 [ 109.490474] RBP: ffff8881092b7d60 R08: 0000000000000000 R09: ffffed1020ff9580 [ 109.490767] R10: ffff888107fcac07 R11: 0000000000000000 R12: 1ffff11021256f97 [ 109.491069] R13: ffffffffba096e20 R14: 0000000000000000 R15: ffff8881092b7d38 [ 109.491670] FS: 0000000000000000(0000) GS:ffff88819ee72000(0000) knlGS:0000000000000000 [ 109.491997] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.492272] CR2: dffffc0000000000 CR3: 000000004e6bc000 CR4: 00000000000006f0 [ 109.492626] DR0: ffffffffbc252440 DR1: ffffffffbc252441 DR2: ffffffffbc252443 [ 109.492907] DR3: ffffffffbc252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 109.493673] Call Trace: [ 109.493800] <TASK> [ 109.493894] ? intlog10_test+0xf2/0x220 [ 109.494157] ? __pfx_intlog10_test+0x10/0x10 [ 109.494501] ? __schedule+0x10cc/0x2b60 [ 109.494721] ? __pfx_read_tsc+0x10/0x10 [ 109.494905] ? ktime_get_ts64+0x86/0x230 [ 109.495067] kunit_try_run_case+0x1a5/0x480 [ 109.495280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.495670] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 109.495873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 109.496324] ? __kthread_parkme+0x82/0x180 [ 109.496536] ? preempt_count_sub+0x50/0x80 [ 109.496720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.496942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 109.497273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 109.497619] kthread+0x337/0x6f0 [ 109.497783] ? trace_preempt_on+0x20/0xc0 [ 109.497966] ? __pfx_kthread+0x10/0x10 [ 109.498238] ? _raw_spin_unlock_irq+0x47/0x80 [ 109.498400] ? calculate_sigpending+0x7b/0xa0 [ 109.498555] ? __pfx_kthread+0x10/0x10 [ 109.498729] ret_from_fork+0x116/0x1d0 [ 109.498925] ? __pfx_kthread+0x10/0x10 [ 109.499131] ret_from_fork_asm+0x1a/0x30 [ 109.499338] </TASK> [ 109.499431] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 109.443452] WARNING: CPU: 0 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 109.443886] Modules linked in: [ 109.444127] CPU: 0 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 109.444976] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 109.445793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 109.446179] RIP: 0010:intlog2+0xdf/0x110 [ 109.447014] Code: 09 ba c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 6f d8 55 ff 8b 45 e4 eb [ 109.447906] RSP: 0000:ffff888109387cb0 EFLAGS: 00010246 [ 109.448358] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021270fb4 [ 109.448796] RDX: 1ffffffff7412e18 RSI: 1ffff11021270fb3 RDI: 0000000000000000 [ 109.449233] RBP: ffff888109387d60 R08: 0000000000000000 R09: ffffed1020ff9480 [ 109.449671] R10: ffff888107fca407 R11: 0000000000000000 R12: 1ffff11021270f97 [ 109.449936] R13: ffffffffba0970c0 R14: 0000000000000000 R15: ffff888109387d38 [ 109.450585] FS: 0000000000000000(0000) GS:ffff88819ee72000(0000) knlGS:0000000000000000 [ 109.450889] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.451495] CR2: dffffc0000000000 CR3: 000000004e6bc000 CR4: 00000000000006f0 [ 109.451792] DR0: ffffffffbc252440 DR1: ffffffffbc252441 DR2: ffffffffbc252443 [ 109.452242] DR3: ffffffffbc252445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 109.452695] Call Trace: [ 109.452946] <TASK> [ 109.453459] ? intlog2_test+0xf2/0x220 [ 109.453696] ? __pfx_intlog2_test+0x10/0x10 [ 109.453908] ? __pfx_intlog2_test+0x10/0x10 [ 109.454636] kunit_try_run_case+0x1a5/0x480 [ 109.454868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.455089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 109.455671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 109.456058] ? __kthread_parkme+0x82/0x180 [ 109.456503] ? preempt_count_sub+0x50/0x80 [ 109.456808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 109.457257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 109.457696] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 109.458417] kthread+0x337/0x6f0 [ 109.458584] ? trace_preempt_on+0x20/0xc0 [ 109.458799] ? __pfx_kthread+0x10/0x10 [ 109.458986] ? _raw_spin_unlock_irq+0x47/0x80 [ 109.459652] ? calculate_sigpending+0x7b/0xa0 [ 109.460116] ? __pfx_kthread+0x10/0x10 [ 109.460442] ret_from_fork+0x116/0x1d0 [ 109.460724] ? __pfx_kthread+0x10/0x10 [ 109.461013] ret_from_fork_asm+0x1a/0x30 [ 109.461469] </TASK> [ 109.461809] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 108.839269] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI