Date
July 18, 2025, 2:09 p.m.
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 13.996494] ================================================================== [ 13.997414] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 13.997861] Read of size 1 at addr ffff888103b0fd02 by task kunit_try_catch/266 [ 13.998106] [ 13.998236] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.998285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.998308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.998331] Call Trace: [ 13.998343] <TASK> [ 13.998361] dump_stack_lvl+0x73/0xb0 [ 13.998394] print_report+0xd1/0x610 [ 13.998417] ? __virt_addr_valid+0x1db/0x2d0 [ 13.998442] ? kasan_stack_oob+0x2b5/0x300 [ 13.998462] ? kasan_addr_to_slab+0x11/0xa0 [ 13.998483] ? kasan_stack_oob+0x2b5/0x300 [ 13.998512] kasan_report+0x141/0x180 [ 13.998606] ? kasan_stack_oob+0x2b5/0x300 [ 13.998635] __asan_report_load1_noabort+0x18/0x20 [ 13.998661] kasan_stack_oob+0x2b5/0x300 [ 13.998681] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.998701] ? finish_task_switch.isra.0+0x153/0x700 [ 13.998742] ? __switch_to+0x47/0xf50 [ 13.998777] ? __schedule+0x10cc/0x2b60 [ 13.998812] ? __pfx_read_tsc+0x10/0x10 [ 13.998834] ? ktime_get_ts64+0x86/0x230 [ 13.998860] kunit_try_run_case+0x1a5/0x480 [ 13.998886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.998918] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.998943] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.998967] ? __kthread_parkme+0x82/0x180 [ 13.998998] ? preempt_count_sub+0x50/0x80 [ 13.999023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.999046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.999070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.999095] kthread+0x337/0x6f0 [ 13.999114] ? trace_preempt_on+0x20/0xc0 [ 13.999138] ? __pfx_kthread+0x10/0x10 [ 13.999158] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.999180] ? calculate_sigpending+0x7b/0xa0 [ 13.999205] ? __pfx_kthread+0x10/0x10 [ 13.999226] ret_from_fork+0x116/0x1d0 [ 13.999245] ? __pfx_kthread+0x10/0x10 [ 13.999265] ret_from_fork_asm+0x1a/0x30 [ 13.999298] </TASK> [ 13.999309] [ 14.007557] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.008228] and is located at offset 138 in frame: [ 14.008461] kasan_stack_oob+0x0/0x300 [ 14.008823] [ 14.009023] This frame has 4 objects: [ 14.009358] [48, 49) '__assertion' [ 14.009382] [64, 72) 'array' [ 14.009598] [96, 112) '__assertion' [ 14.009768] [128, 138) 'stack_array' [ 14.009932] [ 14.010220] The buggy address belongs to the physical page: [ 14.010478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b0f [ 14.010927] flags: 0x200000000000000(node=0|zone=2) [ 14.011188] raw: 0200000000000000 ffffea00040ec3c8 ffffea00040ec3c8 0000000000000000 [ 14.011477] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.011704] page dumped because: kasan: bad access detected [ 14.011876] [ 14.011971] Memory state around the buggy address: [ 14.012195] ffff888103b0fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.012778] ffff888103b0fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.013212] >ffff888103b0fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.013430] ^ [ 14.013703] ffff888103b0fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.014090] ffff888103b0fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.014418] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 13.974514] ================================================================== [ 13.975138] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 13.975509] Read of size 1 at addr ffffffff9c063e8d by task kunit_try_catch/262 [ 13.975811] [ 13.975971] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.976017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.976029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.976051] Call Trace: [ 13.976064] <TASK> [ 13.976079] dump_stack_lvl+0x73/0xb0 [ 13.976110] print_report+0xd1/0x610 [ 13.976132] ? __virt_addr_valid+0x1db/0x2d0 [ 13.976155] ? kasan_global_oob_right+0x286/0x2d0 [ 13.976191] ? kasan_addr_to_slab+0x11/0xa0 [ 13.976212] ? kasan_global_oob_right+0x286/0x2d0 [ 13.976246] kasan_report+0x141/0x180 [ 13.976268] ? kasan_global_oob_right+0x286/0x2d0 [ 13.976296] __asan_report_load1_noabort+0x18/0x20 [ 13.976321] kasan_global_oob_right+0x286/0x2d0 [ 13.976343] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.976369] ? __schedule+0x10cc/0x2b60 [ 13.976392] ? __pfx_read_tsc+0x10/0x10 [ 13.976422] ? ktime_get_ts64+0x86/0x230 [ 13.976447] kunit_try_run_case+0x1a5/0x480 [ 13.976473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.976506] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.976531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.976556] ? __kthread_parkme+0x82/0x180 [ 13.976577] ? preempt_count_sub+0x50/0x80 [ 13.976601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.976633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.976657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.976682] kthread+0x337/0x6f0 [ 13.976712] ? trace_preempt_on+0x20/0xc0 [ 13.976735] ? __pfx_kthread+0x10/0x10 [ 13.976756] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.976777] ? calculate_sigpending+0x7b/0xa0 [ 13.976802] ? __pfx_kthread+0x10/0x10 [ 13.976823] ret_from_fork+0x116/0x1d0 [ 13.976841] ? __pfx_kthread+0x10/0x10 [ 13.976860] ret_from_fork_asm+0x1a/0x30 [ 13.976903] </TASK> [ 13.976913] [ 13.984063] The buggy address belongs to the variable: [ 13.984289] global_array+0xd/0x40 [ 13.984434] [ 13.984521] The buggy address belongs to the physical page: [ 13.984699] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x148263 [ 13.985005] flags: 0x200000000002000(reserved|node=0|zone=2) [ 13.985345] raw: 0200000000002000 ffffea00052098c8 ffffea00052098c8 0000000000000000 [ 13.985696] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.986109] page dumped because: kasan: bad access detected [ 13.986282] [ 13.986352] Memory state around the buggy address: [ 13.986508] ffffffff9c063d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.986749] ffffffff9c063e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.987208] >ffffffff9c063e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 13.987558] ^ [ 13.987737] ffffffff9c063f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 13.988182] ffffffff9c063f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 13.988450] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 13.924785] ================================================================== [ 13.925414] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.925873] Free of addr ffff888102988f01 by task kunit_try_catch/258 [ 13.926174] [ 13.926304] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.926351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.926363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.926396] Call Trace: [ 13.926407] <TASK> [ 13.926423] dump_stack_lvl+0x73/0xb0 [ 13.926453] print_report+0xd1/0x610 [ 13.926488] ? __virt_addr_valid+0x1db/0x2d0 [ 13.926513] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.926536] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.926563] kasan_report_invalid_free+0x10a/0x130 [ 13.926629] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.926659] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.926713] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.926740] check_slab_allocation+0x11f/0x130 [ 13.926778] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.926804] mempool_free+0x2ec/0x380 [ 13.926831] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.926858] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.926885] ? kasan_save_track+0x18/0x40 [ 13.926915] ? kasan_save_alloc_info+0x3b/0x50 [ 13.926938] ? kasan_save_stack+0x45/0x70 [ 13.926972] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.927008] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.927046] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.927069] ? __pfx_mempool_kfree+0x10/0x10 [ 13.927095] ? __pfx_read_tsc+0x10/0x10 [ 13.927116] ? ktime_get_ts64+0x86/0x230 [ 13.927142] kunit_try_run_case+0x1a5/0x480 [ 13.927168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.927191] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.927217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.927241] ? __kthread_parkme+0x82/0x180 [ 13.927262] ? preempt_count_sub+0x50/0x80 [ 13.927286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.927311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.927334] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.927359] kthread+0x337/0x6f0 [ 13.927378] ? trace_preempt_on+0x20/0xc0 [ 13.927402] ? __pfx_kthread+0x10/0x10 [ 13.927423] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.927444] ? calculate_sigpending+0x7b/0xa0 [ 13.927469] ? __pfx_kthread+0x10/0x10 [ 13.927490] ret_from_fork+0x116/0x1d0 [ 13.927508] ? __pfx_kthread+0x10/0x10 [ 13.927560] ret_from_fork_asm+0x1a/0x30 [ 13.927598] </TASK> [ 13.927609] [ 13.938218] Allocated by task 258: [ 13.938473] kasan_save_stack+0x45/0x70 [ 13.938839] kasan_save_track+0x18/0x40 [ 13.939007] kasan_save_alloc_info+0x3b/0x50 [ 13.939258] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.939491] remove_element+0x11e/0x190 [ 13.939793] mempool_alloc_preallocated+0x4d/0x90 [ 13.940089] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 13.940278] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.940581] kunit_try_run_case+0x1a5/0x480 [ 13.940797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.941062] kthread+0x337/0x6f0 [ 13.941218] ret_from_fork+0x116/0x1d0 [ 13.941429] ret_from_fork_asm+0x1a/0x30 [ 13.941786] [ 13.941902] The buggy address belongs to the object at ffff888102988f00 [ 13.941902] which belongs to the cache kmalloc-128 of size 128 [ 13.942511] The buggy address is located 1 bytes inside of [ 13.942511] 128-byte region [ffff888102988f00, ffff888102988f80) [ 13.943092] [ 13.943183] The buggy address belongs to the physical page: [ 13.943444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 13.943925] flags: 0x200000000000000(node=0|zone=2) [ 13.944194] page_type: f5(slab) [ 13.944315] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.944545] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 13.944774] page dumped because: kasan: bad access detected [ 13.945132] [ 13.945291] Memory state around the buggy address: [ 13.945518] ffff888102988e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.945880] ffff888102988e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.946354] >ffff888102988f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.946963] ^ [ 13.947108] ffff888102988f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.947420] ffff888102989000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.947636] ================================================================== [ 13.951385] ================================================================== [ 13.952046] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.952409] Free of addr ffff8881039fc001 by task kunit_try_catch/260 [ 13.952703] [ 13.952819] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.952865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.952937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.952973] Call Trace: [ 13.952985] <TASK> [ 13.953001] dump_stack_lvl+0x73/0xb0 [ 13.953031] print_report+0xd1/0x610 [ 13.953054] ? __virt_addr_valid+0x1db/0x2d0 [ 13.953078] ? kasan_addr_to_slab+0x11/0xa0 [ 13.953108] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.953136] kasan_report_invalid_free+0x10a/0x130 [ 13.953161] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.953200] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.953226] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.953251] mempool_free+0x2ec/0x380 [ 13.953278] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.953313] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.953344] ? finish_task_switch.isra.0+0x153/0x700 [ 13.953373] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 13.953409] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.953438] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.953461] ? __pfx_mempool_kfree+0x10/0x10 [ 13.953486] ? __pfx_read_tsc+0x10/0x10 [ 13.953507] ? ktime_get_ts64+0x86/0x230 [ 13.953568] kunit_try_run_case+0x1a5/0x480 [ 13.953596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.953618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.953643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.953667] ? __kthread_parkme+0x82/0x180 [ 13.953699] ? preempt_count_sub+0x50/0x80 [ 13.953723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.953759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.953782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.953807] kthread+0x337/0x6f0 [ 13.953826] ? trace_preempt_on+0x20/0xc0 [ 13.953850] ? __pfx_kthread+0x10/0x10 [ 13.953871] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.953901] ? calculate_sigpending+0x7b/0xa0 [ 13.953926] ? __pfx_kthread+0x10/0x10 [ 13.953947] ret_from_fork+0x116/0x1d0 [ 13.953966] ? __pfx_kthread+0x10/0x10 [ 13.953987] ret_from_fork_asm+0x1a/0x30 [ 13.954019] </TASK> [ 13.954029] [ 13.963340] The buggy address belongs to the physical page: [ 13.963638] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039fc [ 13.964184] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.964528] flags: 0x200000000000040(head|node=0|zone=2) [ 13.964807] page_type: f8(unknown) [ 13.964982] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.965218] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.965450] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.966031] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.966772] head: 0200000000000002 ffffea00040e7f01 00000000ffffffff 00000000ffffffff [ 13.967157] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.967392] page dumped because: kasan: bad access detected [ 13.967684] [ 13.967779] Memory state around the buggy address: [ 13.968207] ffff8881039fbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.968636] ffff8881039fbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.968949] >ffff8881039fc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.969374] ^ [ 13.969598] ffff8881039fc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.969916] ffff8881039fc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.970290] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.879819] ================================================================== [ 13.880536] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.880952] Free of addr ffff8881039f8000 by task kunit_try_catch/254 [ 13.881221] [ 13.881360] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.881406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.881418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.881440] Call Trace: [ 13.881453] <TASK> [ 13.881469] dump_stack_lvl+0x73/0xb0 [ 13.881499] print_report+0xd1/0x610 [ 13.881522] ? __virt_addr_valid+0x1db/0x2d0 [ 13.881546] ? kasan_addr_to_slab+0x11/0xa0 [ 13.881577] ? mempool_double_free_helper+0x184/0x370 [ 13.881603] kasan_report_invalid_free+0x10a/0x130 [ 13.881640] ? mempool_double_free_helper+0x184/0x370 [ 13.881668] ? mempool_double_free_helper+0x184/0x370 [ 13.881691] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.881770] mempool_free+0x2ec/0x380 [ 13.881796] mempool_double_free_helper+0x184/0x370 [ 13.881831] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.881855] ? update_load_avg+0x1be/0x21b0 [ 13.881878] ? dequeue_entities+0x27e/0x1740 [ 13.881921] ? finish_task_switch.isra.0+0x153/0x700 [ 13.881948] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.881974] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.882013] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.882044] ? __pfx_mempool_kfree+0x10/0x10 [ 13.882070] ? __pfx_read_tsc+0x10/0x10 [ 13.882091] ? ktime_get_ts64+0x86/0x230 [ 13.882126] kunit_try_run_case+0x1a5/0x480 [ 13.882150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.882173] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.882198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.882221] ? __kthread_parkme+0x82/0x180 [ 13.882241] ? preempt_count_sub+0x50/0x80 [ 13.882265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.882288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.882312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.882336] kthread+0x337/0x6f0 [ 13.882355] ? trace_preempt_on+0x20/0xc0 [ 13.882379] ? __pfx_kthread+0x10/0x10 [ 13.882399] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.882420] ? calculate_sigpending+0x7b/0xa0 [ 13.882444] ? __pfx_kthread+0x10/0x10 [ 13.882465] ret_from_fork+0x116/0x1d0 [ 13.882483] ? __pfx_kthread+0x10/0x10 [ 13.882503] ret_from_fork_asm+0x1a/0x30 [ 13.882535] </TASK> [ 13.882545] [ 13.892576] The buggy address belongs to the physical page: [ 13.892857] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 13.893230] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.893464] flags: 0x200000000000040(head|node=0|zone=2) [ 13.893651] page_type: f8(unknown) [ 13.893831] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.894218] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.894707] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.895278] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.896386] head: 0200000000000002 ffffea00040e7e01 00000000ffffffff 00000000ffffffff [ 13.896953] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.897271] page dumped because: kasan: bad access detected [ 13.897502] [ 13.898065] Memory state around the buggy address: [ 13.898375] ffff8881039f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.898726] ffff8881039f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.899110] >ffff8881039f8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.899400] ^ [ 13.899992] ffff8881039f8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.900307] ffff8881039f8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.900961] ================================================================== [ 13.849146] ================================================================== [ 13.849682] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.850297] Free of addr ffff888102988b00 by task kunit_try_catch/252 [ 13.850575] [ 13.850757] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.850821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.850833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.850868] Call Trace: [ 13.850880] <TASK> [ 13.850907] dump_stack_lvl+0x73/0xb0 [ 13.850939] print_report+0xd1/0x610 [ 13.850961] ? __virt_addr_valid+0x1db/0x2d0 [ 13.850986] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.851018] ? mempool_double_free_helper+0x184/0x370 [ 13.851044] kasan_report_invalid_free+0x10a/0x130 [ 13.851069] ? mempool_double_free_helper+0x184/0x370 [ 13.851107] ? mempool_double_free_helper+0x184/0x370 [ 13.851130] ? mempool_double_free_helper+0x184/0x370 [ 13.851153] check_slab_allocation+0x101/0x130 [ 13.851176] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.851201] mempool_free+0x2ec/0x380 [ 13.851229] mempool_double_free_helper+0x184/0x370 [ 13.851253] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.851277] ? update_load_avg+0x1be/0x21b0 [ 13.851314] ? finish_task_switch.isra.0+0x153/0x700 [ 13.851341] mempool_kmalloc_double_free+0xed/0x140 [ 13.851366] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.851404] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.851427] ? __pfx_mempool_kfree+0x10/0x10 [ 13.851452] ? __pfx_read_tsc+0x10/0x10 [ 13.851473] ? ktime_get_ts64+0x86/0x230 [ 13.851499] kunit_try_run_case+0x1a5/0x480 [ 13.851526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.851558] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.851584] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.851609] ? __kthread_parkme+0x82/0x180 [ 13.851630] ? preempt_count_sub+0x50/0x80 [ 13.851654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.851678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.851702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.851727] kthread+0x337/0x6f0 [ 13.851746] ? trace_preempt_on+0x20/0xc0 [ 13.851771] ? __pfx_kthread+0x10/0x10 [ 13.851791] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.851812] ? calculate_sigpending+0x7b/0xa0 [ 13.851837] ? __pfx_kthread+0x10/0x10 [ 13.851858] ret_from_fork+0x116/0x1d0 [ 13.851876] ? __pfx_kthread+0x10/0x10 [ 13.851904] ret_from_fork_asm+0x1a/0x30 [ 13.851938] </TASK> [ 13.851948] [ 13.862128] Allocated by task 252: [ 13.862295] kasan_save_stack+0x45/0x70 [ 13.862528] kasan_save_track+0x18/0x40 [ 13.862751] kasan_save_alloc_info+0x3b/0x50 [ 13.863037] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.863330] remove_element+0x11e/0x190 [ 13.863500] mempool_alloc_preallocated+0x4d/0x90 [ 13.863731] mempool_double_free_helper+0x8a/0x370 [ 13.864009] mempool_kmalloc_double_free+0xed/0x140 [ 13.864270] kunit_try_run_case+0x1a5/0x480 [ 13.864496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.864904] kthread+0x337/0x6f0 [ 13.865230] ret_from_fork+0x116/0x1d0 [ 13.865413] ret_from_fork_asm+0x1a/0x30 [ 13.865695] [ 13.865786] Freed by task 252: [ 13.865951] kasan_save_stack+0x45/0x70 [ 13.866156] kasan_save_track+0x18/0x40 [ 13.866348] kasan_save_free_info+0x3f/0x60 [ 13.866614] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.866883] mempool_free+0x2ec/0x380 [ 13.867171] mempool_double_free_helper+0x109/0x370 [ 13.867395] mempool_kmalloc_double_free+0xed/0x140 [ 13.867560] kunit_try_run_case+0x1a5/0x480 [ 13.867706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.867882] kthread+0x337/0x6f0 [ 13.868257] ret_from_fork+0x116/0x1d0 [ 13.868498] ret_from_fork_asm+0x1a/0x30 [ 13.868975] [ 13.869077] The buggy address belongs to the object at ffff888102988b00 [ 13.869077] which belongs to the cache kmalloc-128 of size 128 [ 13.869475] The buggy address is located 0 bytes inside of [ 13.869475] 128-byte region [ffff888102988b00, ffff888102988b80) [ 13.869855] [ 13.869965] The buggy address belongs to the physical page: [ 13.870249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 13.870647] flags: 0x200000000000000(node=0|zone=2) [ 13.871168] page_type: f5(slab) [ 13.871335] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.871903] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.872190] page dumped because: kasan: bad access detected [ 13.872450] [ 13.872565] Memory state around the buggy address: [ 13.872986] ffff888102988a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.873383] ffff888102988a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.873836] >ffff888102988b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.874101] ^ [ 13.874282] ffff888102988b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.874559] ffff888102988c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.874779] ================================================================== [ 13.905129] ================================================================== [ 13.905673] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.906144] Free of addr ffff8881039f8000 by task kunit_try_catch/256 [ 13.906455] [ 13.906666] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.906715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.906726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.906749] Call Trace: [ 13.906768] <TASK> [ 13.906794] dump_stack_lvl+0x73/0xb0 [ 13.906826] print_report+0xd1/0x610 [ 13.906848] ? __virt_addr_valid+0x1db/0x2d0 [ 13.906885] ? kasan_addr_to_slab+0x11/0xa0 [ 13.906916] ? mempool_double_free_helper+0x184/0x370 [ 13.906942] kasan_report_invalid_free+0x10a/0x130 [ 13.906967] ? mempool_double_free_helper+0x184/0x370 [ 13.907004] ? mempool_double_free_helper+0x184/0x370 [ 13.907037] __kasan_mempool_poison_pages+0x115/0x130 [ 13.907063] mempool_free+0x290/0x380 [ 13.907090] mempool_double_free_helper+0x184/0x370 [ 13.907125] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.907154] ? finish_task_switch.isra.0+0x153/0x700 [ 13.907181] mempool_page_alloc_double_free+0xe8/0x140 [ 13.907207] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.907237] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.907260] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.907287] ? __pfx_read_tsc+0x10/0x10 [ 13.907307] ? ktime_get_ts64+0x86/0x230 [ 13.907331] kunit_try_run_case+0x1a5/0x480 [ 13.907357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.907388] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.907413] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.907437] ? __kthread_parkme+0x82/0x180 [ 13.907469] ? preempt_count_sub+0x50/0x80 [ 13.907492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.907516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.907540] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.907608] kthread+0x337/0x6f0 [ 13.907628] ? trace_preempt_on+0x20/0xc0 [ 13.907652] ? __pfx_kthread+0x10/0x10 [ 13.907672] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.907693] ? calculate_sigpending+0x7b/0xa0 [ 13.907717] ? __pfx_kthread+0x10/0x10 [ 13.907738] ret_from_fork+0x116/0x1d0 [ 13.907757] ? __pfx_kthread+0x10/0x10 [ 13.907776] ret_from_fork_asm+0x1a/0x30 [ 13.907809] </TASK> [ 13.907820] [ 13.916781] The buggy address belongs to the physical page: [ 13.917135] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 13.917492] flags: 0x200000000000000(node=0|zone=2) [ 13.917773] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.918123] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.918498] page dumped because: kasan: bad access detected [ 13.918718] [ 13.918826] Memory state around the buggy address: [ 13.919144] ffff8881039f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.919390] ffff8881039f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.919655] >ffff8881039f8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.920119] ^ [ 13.920284] ffff8881039f8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.920516] ffff8881039f8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.921181] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.770307] ================================================================== [ 13.770831] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.771228] Read of size 1 at addr ffff8881039f8000 by task kunit_try_catch/246 [ 13.771809] [ 13.771951] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.772001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.772013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.772047] Call Trace: [ 13.772058] <TASK> [ 13.772076] dump_stack_lvl+0x73/0xb0 [ 13.772122] print_report+0xd1/0x610 [ 13.772147] ? __virt_addr_valid+0x1db/0x2d0 [ 13.772172] ? mempool_uaf_helper+0x392/0x400 [ 13.772206] ? kasan_addr_to_slab+0x11/0xa0 [ 13.772227] ? mempool_uaf_helper+0x392/0x400 [ 13.772250] kasan_report+0x141/0x180 [ 13.772272] ? mempool_uaf_helper+0x392/0x400 [ 13.772300] __asan_report_load1_noabort+0x18/0x20 [ 13.772323] mempool_uaf_helper+0x392/0x400 [ 13.772347] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.772378] ? update_load_avg+0x1be/0x21b0 [ 13.772408] ? finish_task_switch.isra.0+0x153/0x700 [ 13.772435] mempool_kmalloc_large_uaf+0xef/0x140 [ 13.772470] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.772498] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.772524] ? __pfx_mempool_kfree+0x10/0x10 [ 13.772550] ? __pfx_read_tsc+0x10/0x10 [ 13.772572] ? ktime_get_ts64+0x86/0x230 [ 13.772645] kunit_try_run_case+0x1a5/0x480 [ 13.772673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.772695] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.772721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.772745] ? __kthread_parkme+0x82/0x180 [ 13.772766] ? preempt_count_sub+0x50/0x80 [ 13.772790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.772816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.772841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.772866] kthread+0x337/0x6f0 [ 13.772884] ? trace_preempt_on+0x20/0xc0 [ 13.772924] ? __pfx_kthread+0x10/0x10 [ 13.772944] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.772966] ? calculate_sigpending+0x7b/0xa0 [ 13.772991] ? __pfx_kthread+0x10/0x10 [ 13.773013] ret_from_fork+0x116/0x1d0 [ 13.773032] ? __pfx_kthread+0x10/0x10 [ 13.773053] ret_from_fork_asm+0x1a/0x30 [ 13.773086] </TASK> [ 13.773098] [ 13.781955] The buggy address belongs to the physical page: [ 13.782278] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f8 [ 13.782587] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.783001] flags: 0x200000000000040(head|node=0|zone=2) [ 13.783243] page_type: f8(unknown) [ 13.783415] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.783787] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.784139] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.784481] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.784911] head: 0200000000000002 ffffea00040e7e01 00000000ffffffff 00000000ffffffff [ 13.785156] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.785385] page dumped because: kasan: bad access detected [ 13.785558] [ 13.785651] Memory state around the buggy address: [ 13.786041] ffff8881039f7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.786424] ffff8881039f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.786815] >ffff8881039f8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.787389] ^ [ 13.787584] ffff8881039f8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.787910] ffff8881039f8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.788245] ================================================================== [ 13.827094] ================================================================== [ 13.827552] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.827968] Read of size 1 at addr ffff888103a20000 by task kunit_try_catch/250 [ 13.828315] [ 13.828585] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.828640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.828755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.828779] Call Trace: [ 13.828790] <TASK> [ 13.828807] dump_stack_lvl+0x73/0xb0 [ 13.828837] print_report+0xd1/0x610 [ 13.828860] ? __virt_addr_valid+0x1db/0x2d0 [ 13.828884] ? mempool_uaf_helper+0x392/0x400 [ 13.829276] ? kasan_addr_to_slab+0x11/0xa0 [ 13.829300] ? mempool_uaf_helper+0x392/0x400 [ 13.829332] kasan_report+0x141/0x180 [ 13.829355] ? mempool_uaf_helper+0x392/0x400 [ 13.829384] __asan_report_load1_noabort+0x18/0x20 [ 13.829421] mempool_uaf_helper+0x392/0x400 [ 13.829445] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.829468] ? __kasan_check_write+0x18/0x20 [ 13.829488] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.829510] ? finish_task_switch.isra.0+0x153/0x700 [ 13.829579] mempool_page_alloc_uaf+0xed/0x140 [ 13.829604] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.829629] ? __kasan_check_write+0x18/0x20 [ 13.829689] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.829714] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.829740] ? __pfx_read_tsc+0x10/0x10 [ 13.829761] ? ktime_get_ts64+0x86/0x230 [ 13.829782] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.829810] kunit_try_run_case+0x1a5/0x480 [ 13.829836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.829861] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.829886] ? __kthread_parkme+0x82/0x180 [ 13.829918] ? preempt_count_sub+0x50/0x80 [ 13.829941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.829965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.829996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.830021] kthread+0x337/0x6f0 [ 13.830040] ? trace_preempt_on+0x20/0xc0 [ 13.830063] ? __pfx_kthread+0x10/0x10 [ 13.830083] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.830105] ? calculate_sigpending+0x7b/0xa0 [ 13.830129] ? __pfx_kthread+0x10/0x10 [ 13.830150] ret_from_fork+0x116/0x1d0 [ 13.830168] ? __pfx_kthread+0x10/0x10 [ 13.830188] ret_from_fork_asm+0x1a/0x30 [ 13.830220] </TASK> [ 13.830232] [ 13.839800] The buggy address belongs to the physical page: [ 13.840088] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a20 [ 13.840360] flags: 0x200000000000000(node=0|zone=2) [ 13.840729] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.841236] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.841530] page dumped because: kasan: bad access detected [ 13.841746] [ 13.841815] Memory state around the buggy address: [ 13.842145] ffff888103a1ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.842448] ffff888103a1ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.842924] >ffff888103a20000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.843235] ^ [ 13.843356] ffff888103a20080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.843570] ffff888103a20100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.843811] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.740310] ================================================================== [ 13.741049] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.741405] Read of size 1 at addr ffff888102e24d00 by task kunit_try_catch/244 [ 13.742168] [ 13.742326] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.742374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.742385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.742409] Call Trace: [ 13.742421] <TASK> [ 13.742439] dump_stack_lvl+0x73/0xb0 [ 13.742472] print_report+0xd1/0x610 [ 13.742494] ? __virt_addr_valid+0x1db/0x2d0 [ 13.742520] ? mempool_uaf_helper+0x392/0x400 [ 13.742541] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.742564] ? mempool_uaf_helper+0x392/0x400 [ 13.742707] kasan_report+0x141/0x180 [ 13.742730] ? mempool_uaf_helper+0x392/0x400 [ 13.742757] __asan_report_load1_noabort+0x18/0x20 [ 13.742844] mempool_uaf_helper+0x392/0x400 [ 13.742866] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.742902] ? __kasan_check_write+0x18/0x20 [ 13.742922] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.742946] ? finish_task_switch.isra.0+0x153/0x700 [ 13.742974] mempool_kmalloc_uaf+0xef/0x140 [ 13.743014] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.743040] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.743064] ? __pfx_mempool_kfree+0x10/0x10 [ 13.743089] ? __pfx_read_tsc+0x10/0x10 [ 13.743110] ? ktime_get_ts64+0x86/0x230 [ 13.743135] kunit_try_run_case+0x1a5/0x480 [ 13.743162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.743184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.743210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.743236] ? __kthread_parkme+0x82/0x180 [ 13.743259] ? preempt_count_sub+0x50/0x80 [ 13.743283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.743306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.743330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.743354] kthread+0x337/0x6f0 [ 13.743373] ? trace_preempt_on+0x20/0xc0 [ 13.743398] ? __pfx_kthread+0x10/0x10 [ 13.743418] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.743440] ? calculate_sigpending+0x7b/0xa0 [ 13.743465] ? __pfx_kthread+0x10/0x10 [ 13.743486] ret_from_fork+0x116/0x1d0 [ 13.743505] ? __pfx_kthread+0x10/0x10 [ 13.743525] ret_from_fork_asm+0x1a/0x30 [ 13.743561] </TASK> [ 13.743573] [ 13.752734] Allocated by task 244: [ 13.752953] kasan_save_stack+0x45/0x70 [ 13.753121] kasan_save_track+0x18/0x40 [ 13.753308] kasan_save_alloc_info+0x3b/0x50 [ 13.753511] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.753794] remove_element+0x11e/0x190 [ 13.754044] mempool_alloc_preallocated+0x4d/0x90 [ 13.754238] mempool_uaf_helper+0x96/0x400 [ 13.754433] mempool_kmalloc_uaf+0xef/0x140 [ 13.754701] kunit_try_run_case+0x1a5/0x480 [ 13.754959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.755182] kthread+0x337/0x6f0 [ 13.755353] ret_from_fork+0x116/0x1d0 [ 13.755628] ret_from_fork_asm+0x1a/0x30 [ 13.755808] [ 13.755926] Freed by task 244: [ 13.756109] kasan_save_stack+0x45/0x70 [ 13.756282] kasan_save_track+0x18/0x40 [ 13.756475] kasan_save_free_info+0x3f/0x60 [ 13.756934] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.757266] mempool_free+0x2ec/0x380 [ 13.757463] mempool_uaf_helper+0x11a/0x400 [ 13.757609] mempool_kmalloc_uaf+0xef/0x140 [ 13.757755] kunit_try_run_case+0x1a5/0x480 [ 13.757908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.758083] kthread+0x337/0x6f0 [ 13.758217] ret_from_fork+0x116/0x1d0 [ 13.758492] ret_from_fork_asm+0x1a/0x30 [ 13.758746] [ 13.758849] The buggy address belongs to the object at ffff888102e24d00 [ 13.758849] which belongs to the cache kmalloc-128 of size 128 [ 13.759684] The buggy address is located 0 bytes inside of [ 13.759684] freed 128-byte region [ffff888102e24d00, ffff888102e24d80) [ 13.760225] [ 13.760299] The buggy address belongs to the physical page: [ 13.760475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e24 [ 13.761230] flags: 0x200000000000000(node=0|zone=2) [ 13.761473] page_type: f5(slab) [ 13.761766] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.762114] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.762432] page dumped because: kasan: bad access detected [ 13.762778] [ 13.762908] Memory state around the buggy address: [ 13.763120] ffff888102e24c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.763449] ffff888102e24c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.763823] >ffff888102e24d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.764220] ^ [ 13.764337] ffff888102e24d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.764912] ffff888102e24e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.765377] ================================================================== [ 13.793118] ================================================================== [ 13.793608] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.793987] Read of size 1 at addr ffff8881029b0240 by task kunit_try_catch/248 [ 13.794337] [ 13.794444] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.794491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.794504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.794527] Call Trace: [ 13.794539] <TASK> [ 13.794556] dump_stack_lvl+0x73/0xb0 [ 13.794645] print_report+0xd1/0x610 [ 13.794686] ? __virt_addr_valid+0x1db/0x2d0 [ 13.794712] ? mempool_uaf_helper+0x392/0x400 [ 13.794735] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.794758] ? mempool_uaf_helper+0x392/0x400 [ 13.794787] kasan_report+0x141/0x180 [ 13.794809] ? mempool_uaf_helper+0x392/0x400 [ 13.794838] __asan_report_load1_noabort+0x18/0x20 [ 13.794870] mempool_uaf_helper+0x392/0x400 [ 13.794911] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.794933] ? update_load_avg+0x1be/0x21b0 [ 13.794963] ? finish_task_switch.isra.0+0x153/0x700 [ 13.794990] mempool_slab_uaf+0xea/0x140 [ 13.795014] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.795041] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.795067] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.795093] ? __pfx_read_tsc+0x10/0x10 [ 13.795124] ? ktime_get_ts64+0x86/0x230 [ 13.795150] kunit_try_run_case+0x1a5/0x480 [ 13.795177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.795211] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.795237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.795262] ? __kthread_parkme+0x82/0x180 [ 13.795283] ? preempt_count_sub+0x50/0x80 [ 13.795316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.795340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.795365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.795400] kthread+0x337/0x6f0 [ 13.795420] ? trace_preempt_on+0x20/0xc0 [ 13.795444] ? __pfx_kthread+0x10/0x10 [ 13.795465] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.795487] ? calculate_sigpending+0x7b/0xa0 [ 13.795513] ? __pfx_kthread+0x10/0x10 [ 13.795574] ret_from_fork+0x116/0x1d0 [ 13.795596] ? __pfx_kthread+0x10/0x10 [ 13.795617] ret_from_fork_asm+0x1a/0x30 [ 13.795651] </TASK> [ 13.795662] [ 13.804765] Allocated by task 248: [ 13.804975] kasan_save_stack+0x45/0x70 [ 13.805127] kasan_save_track+0x18/0x40 [ 13.805394] kasan_save_alloc_info+0x3b/0x50 [ 13.805720] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.805914] remove_element+0x11e/0x190 [ 13.806183] mempool_alloc_preallocated+0x4d/0x90 [ 13.806410] mempool_uaf_helper+0x96/0x400 [ 13.806689] mempool_slab_uaf+0xea/0x140 [ 13.806914] kunit_try_run_case+0x1a5/0x480 [ 13.807189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.807431] kthread+0x337/0x6f0 [ 13.807554] ret_from_fork+0x116/0x1d0 [ 13.807689] ret_from_fork_asm+0x1a/0x30 [ 13.807829] [ 13.807910] Freed by task 248: [ 13.808024] kasan_save_stack+0x45/0x70 [ 13.808216] kasan_save_track+0x18/0x40 [ 13.808406] kasan_save_free_info+0x3f/0x60 [ 13.808818] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.809164] mempool_free+0x2ec/0x380 [ 13.809301] mempool_uaf_helper+0x11a/0x400 [ 13.809447] mempool_slab_uaf+0xea/0x140 [ 13.809756] kunit_try_run_case+0x1a5/0x480 [ 13.809983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.810477] kthread+0x337/0x6f0 [ 13.810822] ret_from_fork+0x116/0x1d0 [ 13.811039] ret_from_fork_asm+0x1a/0x30 [ 13.811230] [ 13.811303] The buggy address belongs to the object at ffff8881029b0240 [ 13.811303] which belongs to the cache test_cache of size 123 [ 13.811663] The buggy address is located 0 bytes inside of [ 13.811663] freed 123-byte region [ffff8881029b0240, ffff8881029b02bb) [ 13.812187] [ 13.812284] The buggy address belongs to the physical page: [ 13.812567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b0 [ 13.813116] flags: 0x200000000000000(node=0|zone=2) [ 13.813290] page_type: f5(slab) [ 13.813414] raw: 0200000000000000 ffff8881029ad000 dead000000000122 0000000000000000 [ 13.813996] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.814337] page dumped because: kasan: bad access detected [ 13.814594] [ 13.814685] Memory state around the buggy address: [ 13.814890] ffff8881029b0100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.815402] ffff8881029b0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.815842] >ffff8881029b0200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.816107] ^ [ 13.816280] ffff8881029b0280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.816497] ffff8881029b0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.817068] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.674734] ================================================================== [ 13.675180] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.675429] Read of size 1 at addr ffff888103a1e001 by task kunit_try_catch/240 [ 13.676185] [ 13.676695] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.676745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.676757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.676781] Call Trace: [ 13.676793] <TASK> [ 13.676809] dump_stack_lvl+0x73/0xb0 [ 13.676840] print_report+0xd1/0x610 [ 13.676862] ? __virt_addr_valid+0x1db/0x2d0 [ 13.676884] ? mempool_oob_right_helper+0x318/0x380 [ 13.676922] ? kasan_addr_to_slab+0x11/0xa0 [ 13.676942] ? mempool_oob_right_helper+0x318/0x380 [ 13.676966] kasan_report+0x141/0x180 [ 13.676988] ? mempool_oob_right_helper+0x318/0x380 [ 13.677017] __asan_report_load1_noabort+0x18/0x20 [ 13.677041] mempool_oob_right_helper+0x318/0x380 [ 13.677066] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.677092] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.677114] ? finish_task_switch.isra.0+0x153/0x700 [ 13.677141] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.677166] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.677194] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.677218] ? __pfx_mempool_kfree+0x10/0x10 [ 13.677242] ? __pfx_read_tsc+0x10/0x10 [ 13.677262] ? ktime_get_ts64+0x86/0x230 [ 13.677288] kunit_try_run_case+0x1a5/0x480 [ 13.677313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.677335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.677359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.677383] ? __kthread_parkme+0x82/0x180 [ 13.677403] ? preempt_count_sub+0x50/0x80 [ 13.677452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.677476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.677500] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.677524] kthread+0x337/0x6f0 [ 13.677543] ? trace_preempt_on+0x20/0xc0 [ 13.677579] ? __pfx_kthread+0x10/0x10 [ 13.677599] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.677622] ? calculate_sigpending+0x7b/0xa0 [ 13.677646] ? __pfx_kthread+0x10/0x10 [ 13.677667] ret_from_fork+0x116/0x1d0 [ 13.677685] ? __pfx_kthread+0x10/0x10 [ 13.677705] ret_from_fork_asm+0x1a/0x30 [ 13.677738] </TASK> [ 13.677749] [ 13.688677] The buggy address belongs to the physical page: [ 13.688970] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a1c [ 13.689314] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.689711] flags: 0x200000000000040(head|node=0|zone=2) [ 13.689975] page_type: f8(unknown) [ 13.690177] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.690493] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.691085] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.691401] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.691698] head: 0200000000000002 ffffea00040e8701 00000000ffffffff 00000000ffffffff [ 13.692073] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.692467] page dumped because: kasan: bad access detected [ 13.692723] [ 13.692816] Memory state around the buggy address: [ 13.693131] ffff888103a1df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.693422] ffff888103a1df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.693788] >ffff888103a1e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.694134] ^ [ 13.694299] ffff888103a1e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.694694] ffff888103a1e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.695142] ================================================================== [ 13.649927] ================================================================== [ 13.650387] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.650826] Read of size 1 at addr ffff888102e24973 by task kunit_try_catch/238 [ 13.651175] [ 13.651328] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.651378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.651389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.651413] Call Trace: [ 13.651426] <TASK> [ 13.651444] dump_stack_lvl+0x73/0xb0 [ 13.651478] print_report+0xd1/0x610 [ 13.651501] ? __virt_addr_valid+0x1db/0x2d0 [ 13.651526] ? mempool_oob_right_helper+0x318/0x380 [ 13.651550] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.651572] ? mempool_oob_right_helper+0x318/0x380 [ 13.651596] kasan_report+0x141/0x180 [ 13.651617] ? mempool_oob_right_helper+0x318/0x380 [ 13.651646] __asan_report_load1_noabort+0x18/0x20 [ 13.651670] mempool_oob_right_helper+0x318/0x380 [ 13.651695] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.651721] ? __kasan_check_write+0x18/0x20 [ 13.651740] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.651763] ? finish_task_switch.isra.0+0x153/0x700 [ 13.651790] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.651813] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.651841] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.651865] ? __pfx_mempool_kfree+0x10/0x10 [ 13.651890] ? __pfx_read_tsc+0x10/0x10 [ 13.651923] ? ktime_get_ts64+0x86/0x230 [ 13.651949] kunit_try_run_case+0x1a5/0x480 [ 13.651975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.651997] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.652050] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.652075] ? __kthread_parkme+0x82/0x180 [ 13.652096] ? preempt_count_sub+0x50/0x80 [ 13.652163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.652186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.652211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.652246] kthread+0x337/0x6f0 [ 13.652265] ? trace_preempt_on+0x20/0xc0 [ 13.652288] ? __pfx_kthread+0x10/0x10 [ 13.652308] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.652330] ? calculate_sigpending+0x7b/0xa0 [ 13.652355] ? __pfx_kthread+0x10/0x10 [ 13.652376] ret_from_fork+0x116/0x1d0 [ 13.652395] ? __pfx_kthread+0x10/0x10 [ 13.652415] ret_from_fork_asm+0x1a/0x30 [ 13.652448] </TASK> [ 13.652458] [ 13.660928] Allocated by task 238: [ 13.661092] kasan_save_stack+0x45/0x70 [ 13.661617] kasan_save_track+0x18/0x40 [ 13.661830] kasan_save_alloc_info+0x3b/0x50 [ 13.662123] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.662303] remove_element+0x11e/0x190 [ 13.662443] mempool_alloc_preallocated+0x4d/0x90 [ 13.662848] mempool_oob_right_helper+0x8a/0x380 [ 13.663182] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.663463] kunit_try_run_case+0x1a5/0x480 [ 13.663796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.664105] kthread+0x337/0x6f0 [ 13.664237] ret_from_fork+0x116/0x1d0 [ 13.664372] ret_from_fork_asm+0x1a/0x30 [ 13.664832] [ 13.664981] The buggy address belongs to the object at ffff888102e24900 [ 13.664981] which belongs to the cache kmalloc-128 of size 128 [ 13.665499] The buggy address is located 0 bytes to the right of [ 13.665499] allocated 115-byte region [ffff888102e24900, ffff888102e24973) [ 13.666248] [ 13.666356] The buggy address belongs to the physical page: [ 13.666687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e24 [ 13.667166] flags: 0x200000000000000(node=0|zone=2) [ 13.667442] page_type: f5(slab) [ 13.667747] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.668179] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.668423] page dumped because: kasan: bad access detected [ 13.668873] [ 13.669004] Memory state around the buggy address: [ 13.669234] ffff888102e24800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.669662] ffff888102e24880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.669924] >ffff888102e24900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.670251] ^ [ 13.670623] ffff888102e24980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.670933] ffff888102e24a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.671260] ================================================================== [ 13.699566] ================================================================== [ 13.701102] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.701987] Read of size 1 at addr ffff8881029ac2bb by task kunit_try_catch/242 [ 13.702214] [ 13.702313] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.702665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.702680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.702705] Call Trace: [ 13.702719] <TASK> [ 13.702750] dump_stack_lvl+0x73/0xb0 [ 13.702795] print_report+0xd1/0x610 [ 13.702818] ? __virt_addr_valid+0x1db/0x2d0 [ 13.702845] ? mempool_oob_right_helper+0x318/0x380 [ 13.702869] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.703120] ? mempool_oob_right_helper+0x318/0x380 [ 13.703160] kasan_report+0x141/0x180 [ 13.703184] ? mempool_oob_right_helper+0x318/0x380 [ 13.703215] __asan_report_load1_noabort+0x18/0x20 [ 13.703241] mempool_oob_right_helper+0x318/0x380 [ 13.703266] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.703296] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.703322] ? finish_task_switch.isra.0+0x153/0x700 [ 13.703349] mempool_slab_oob_right+0xed/0x140 [ 13.703374] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.703402] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.703428] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.703453] ? __pfx_read_tsc+0x10/0x10 [ 13.703475] ? ktime_get_ts64+0x86/0x230 [ 13.703500] kunit_try_run_case+0x1a5/0x480 [ 13.703537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.703561] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.703588] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.703612] ? __kthread_parkme+0x82/0x180 [ 13.703633] ? preempt_count_sub+0x50/0x80 [ 13.703657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.703681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.703705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.703730] kthread+0x337/0x6f0 [ 13.703749] ? trace_preempt_on+0x20/0xc0 [ 13.703773] ? __pfx_kthread+0x10/0x10 [ 13.703793] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.703814] ? calculate_sigpending+0x7b/0xa0 [ 13.703839] ? __pfx_kthread+0x10/0x10 [ 13.703860] ret_from_fork+0x116/0x1d0 [ 13.703880] ? __pfx_kthread+0x10/0x10 [ 13.703908] ret_from_fork_asm+0x1a/0x30 [ 13.703942] </TASK> [ 13.703954] [ 13.718563] Allocated by task 242: [ 13.718988] kasan_save_stack+0x45/0x70 [ 13.719527] kasan_save_track+0x18/0x40 [ 13.720164] kasan_save_alloc_info+0x3b/0x50 [ 13.720630] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.721285] remove_element+0x11e/0x190 [ 13.721703] mempool_alloc_preallocated+0x4d/0x90 [ 13.722237] mempool_oob_right_helper+0x8a/0x380 [ 13.722670] mempool_slab_oob_right+0xed/0x140 [ 13.722849] kunit_try_run_case+0x1a5/0x480 [ 13.723078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.723704] kthread+0x337/0x6f0 [ 13.724124] ret_from_fork+0x116/0x1d0 [ 13.724562] ret_from_fork_asm+0x1a/0x30 [ 13.725005] [ 13.725183] The buggy address belongs to the object at ffff8881029ac240 [ 13.725183] which belongs to the cache test_cache of size 123 [ 13.725861] The buggy address is located 0 bytes to the right of [ 13.725861] allocated 123-byte region [ffff8881029ac240, ffff8881029ac2bb) [ 13.726541] [ 13.726617] The buggy address belongs to the physical page: [ 13.727371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ac [ 13.727874] flags: 0x200000000000000(node=0|zone=2) [ 13.728135] page_type: f5(slab) [ 13.728293] raw: 0200000000000000 ffff888100fb8dc0 dead000000000122 0000000000000000 [ 13.728580] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.728876] page dumped because: kasan: bad access detected [ 13.729112] [ 13.729199] Memory state around the buggy address: [ 13.729404] ffff8881029ac180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.729688] ffff8881029ac200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.730061] >ffff8881029ac280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.730385] ^ [ 13.730609] ffff8881029ac300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.730887] ffff8881029ac380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.731266] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.074215] ================================================================== [ 13.074868] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.075356] Read of size 1 at addr ffff888100fb8a00 by task kunit_try_catch/232 [ 13.075698] [ 13.076505] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.076612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.076629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.076668] Call Trace: [ 13.076682] <TASK> [ 13.076702] dump_stack_lvl+0x73/0xb0 [ 13.076740] print_report+0xd1/0x610 [ 13.076766] ? __virt_addr_valid+0x1db/0x2d0 [ 13.076795] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.076826] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.076855] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.076886] kasan_report+0x141/0x180 [ 13.076923] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.076957] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.077008] __kasan_check_byte+0x3d/0x50 [ 13.077034] kmem_cache_destroy+0x25/0x1d0 [ 13.077062] kmem_cache_double_destroy+0x1bf/0x380 [ 13.077093] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.077123] ? finish_task_switch.isra.0+0x153/0x700 [ 13.077152] ? __switch_to+0x47/0xf50 [ 13.077186] ? __pfx_read_tsc+0x10/0x10 [ 13.077210] ? ktime_get_ts64+0x86/0x230 [ 13.077239] kunit_try_run_case+0x1a5/0x480 [ 13.077270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.077298] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.077329] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.077358] ? __kthread_parkme+0x82/0x180 [ 13.077383] ? preempt_count_sub+0x50/0x80 [ 13.077409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.077438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.077468] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.077500] kthread+0x337/0x6f0 [ 13.077539] ? trace_preempt_on+0x20/0xc0 [ 13.077568] ? __pfx_kthread+0x10/0x10 [ 13.077592] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.077617] ? calculate_sigpending+0x7b/0xa0 [ 13.077645] ? __pfx_kthread+0x10/0x10 [ 13.077669] ret_from_fork+0x116/0x1d0 [ 13.077691] ? __pfx_kthread+0x10/0x10 [ 13.077714] ret_from_fork_asm+0x1a/0x30 [ 13.077751] </TASK> [ 13.077762] [ 13.090231] Allocated by task 232: [ 13.090423] kasan_save_stack+0x45/0x70 [ 13.090630] kasan_save_track+0x18/0x40 [ 13.090823] kasan_save_alloc_info+0x3b/0x50 [ 13.091588] __kasan_slab_alloc+0x91/0xa0 [ 13.091827] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.092321] __kmem_cache_create_args+0x169/0x240 [ 13.092760] kmem_cache_double_destroy+0xd5/0x380 [ 13.093198] kunit_try_run_case+0x1a5/0x480 [ 13.093593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.094040] kthread+0x337/0x6f0 [ 13.094211] ret_from_fork+0x116/0x1d0 [ 13.094361] ret_from_fork_asm+0x1a/0x30 [ 13.094801] [ 13.094878] Freed by task 232: [ 13.095298] kasan_save_stack+0x45/0x70 [ 13.095481] kasan_save_track+0x18/0x40 [ 13.095945] kasan_save_free_info+0x3f/0x60 [ 13.096280] __kasan_slab_free+0x56/0x70 [ 13.096634] kmem_cache_free+0x249/0x420 [ 13.096814] slab_kmem_cache_release+0x2e/0x40 [ 13.097298] kmem_cache_release+0x16/0x20 [ 13.097651] kobject_put+0x181/0x450 [ 13.097847] sysfs_slab_release+0x16/0x20 [ 13.098187] kmem_cache_destroy+0xf0/0x1d0 [ 13.098387] kmem_cache_double_destroy+0x14e/0x380 [ 13.098929] kunit_try_run_case+0x1a5/0x480 [ 13.099355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.099718] kthread+0x337/0x6f0 [ 13.100138] ret_from_fork+0x116/0x1d0 [ 13.100469] ret_from_fork_asm+0x1a/0x30 [ 13.100801] [ 13.100917] The buggy address belongs to the object at ffff888100fb8a00 [ 13.100917] which belongs to the cache kmem_cache of size 208 [ 13.101551] The buggy address is located 0 bytes inside of [ 13.101551] freed 208-byte region [ffff888100fb8a00, ffff888100fb8ad0) [ 13.102027] [ 13.102129] The buggy address belongs to the physical page: [ 13.102376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fb8 [ 13.102690] flags: 0x200000000000000(node=0|zone=2) [ 13.103448] page_type: f5(slab) [ 13.103815] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.104316] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.104905] page dumped because: kasan: bad access detected [ 13.105312] [ 13.105416] Memory state around the buggy address: [ 13.105907] ffff888100fb8900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.106400] ffff888100fb8980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.106991] >ffff888100fb8a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.107426] ^ [ 13.107745] ffff888100fb8a80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.108258] ffff888100fb8b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.108738] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.011829] ================================================================== [ 13.012449] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.013864] Read of size 1 at addr ffff888102e39000 by task kunit_try_catch/230 [ 13.014304] [ 13.014415] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.014465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.014476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.014500] Call Trace: [ 13.014512] <TASK> [ 13.014531] dump_stack_lvl+0x73/0xb0 [ 13.014566] print_report+0xd1/0x610 [ 13.014589] ? __virt_addr_valid+0x1db/0x2d0 [ 13.014614] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.014704] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.015015] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.015042] kasan_report+0x141/0x180 [ 13.015065] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.015095] __asan_report_load1_noabort+0x18/0x20 [ 13.015120] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.015144] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.015167] ? finish_task_switch.isra.0+0x153/0x700 [ 13.015193] ? __switch_to+0x47/0xf50 [ 13.015224] ? __pfx_read_tsc+0x10/0x10 [ 13.015246] ? ktime_get_ts64+0x86/0x230 [ 13.015272] kunit_try_run_case+0x1a5/0x480 [ 13.015299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.015322] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.015348] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.015372] ? __kthread_parkme+0x82/0x180 [ 13.015394] ? preempt_count_sub+0x50/0x80 [ 13.015418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.015442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.015467] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.015491] kthread+0x337/0x6f0 [ 13.015510] ? trace_preempt_on+0x20/0xc0 [ 13.015720] ? __pfx_kthread+0x10/0x10 [ 13.015747] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.015771] ? calculate_sigpending+0x7b/0xa0 [ 13.015797] ? __pfx_kthread+0x10/0x10 [ 13.015821] ret_from_fork+0x116/0x1d0 [ 13.015842] ? __pfx_kthread+0x10/0x10 [ 13.015864] ret_from_fork_asm+0x1a/0x30 [ 13.015913] </TASK> [ 13.015925] [ 13.027261] Allocated by task 230: [ 13.027506] kasan_save_stack+0x45/0x70 [ 13.028094] kasan_save_track+0x18/0x40 [ 13.028282] kasan_save_alloc_info+0x3b/0x50 [ 13.028482] __kasan_slab_alloc+0x91/0xa0 [ 13.029046] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.029400] kmem_cache_rcu_uaf+0x155/0x510 [ 13.029836] kunit_try_run_case+0x1a5/0x480 [ 13.030218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.030475] kthread+0x337/0x6f0 [ 13.030961] ret_from_fork+0x116/0x1d0 [ 13.031134] ret_from_fork_asm+0x1a/0x30 [ 13.031318] [ 13.031406] Freed by task 0: [ 13.032057] kasan_save_stack+0x45/0x70 [ 13.032284] kasan_save_track+0x18/0x40 [ 13.032461] kasan_save_free_info+0x3f/0x60 [ 13.033108] __kasan_slab_free+0x56/0x70 [ 13.033354] slab_free_after_rcu_debug+0xe4/0x310 [ 13.033726] rcu_core+0x66f/0x1c40 [ 13.033910] rcu_core_si+0x12/0x20 [ 13.034251] handle_softirqs+0x209/0x730 [ 13.034753] __irq_exit_rcu+0xc9/0x110 [ 13.034972] irq_exit_rcu+0x12/0x20 [ 13.035289] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.035502] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.035742] [ 13.035827] Last potentially related work creation: [ 13.036862] kasan_save_stack+0x45/0x70 [ 13.037136] kasan_record_aux_stack+0xb2/0xc0 [ 13.037344] kmem_cache_free+0x131/0x420 [ 13.037523] kmem_cache_rcu_uaf+0x194/0x510 [ 13.037710] kunit_try_run_case+0x1a5/0x480 [ 13.037909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.038795] kthread+0x337/0x6f0 [ 13.039262] ret_from_fork+0x116/0x1d0 [ 13.039459] ret_from_fork_asm+0x1a/0x30 [ 13.039827] [ 13.039928] The buggy address belongs to the object at ffff888102e39000 [ 13.039928] which belongs to the cache test_cache of size 200 [ 13.041011] The buggy address is located 0 bytes inside of [ 13.041011] freed 200-byte region [ffff888102e39000, ffff888102e390c8) [ 13.041966] [ 13.042073] The buggy address belongs to the physical page: [ 13.042258] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e39 [ 13.042510] flags: 0x200000000000000(node=0|zone=2) [ 13.042682] page_type: f5(slab) [ 13.042816] raw: 0200000000000000 ffff888101ba63c0 dead000000000122 0000000000000000 [ 13.043324] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.043769] page dumped because: kasan: bad access detected [ 13.044403] [ 13.044640] Memory state around the buggy address: [ 13.045113] ffff888102e38f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.045405] ffff888102e38f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.045707] >ffff888102e39000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.046424] ^ [ 13.046805] ffff888102e39080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.047511] ffff888102e39100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.048279] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.954807] ================================================================== [ 12.955487] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.956147] Free of addr ffff8881029a4001 by task kunit_try_catch/228 [ 12.956458] [ 12.956788] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.956839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.956850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.956873] Call Trace: [ 12.956886] <TASK> [ 12.956916] dump_stack_lvl+0x73/0xb0 [ 12.956950] print_report+0xd1/0x610 [ 12.956972] ? __virt_addr_valid+0x1db/0x2d0 [ 12.956997] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.957210] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.957242] kasan_report_invalid_free+0x10a/0x130 [ 12.957269] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.957296] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.957320] check_slab_allocation+0x11f/0x130 [ 12.957342] __kasan_slab_pre_free+0x28/0x40 [ 12.957363] kmem_cache_free+0xed/0x420 [ 12.957383] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.957404] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.957432] kmem_cache_invalid_free+0x1d8/0x460 [ 12.957456] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.957480] ? finish_task_switch.isra.0+0x153/0x700 [ 12.957503] ? __switch_to+0x47/0xf50 [ 12.957602] ? __pfx_read_tsc+0x10/0x10 [ 12.957628] ? ktime_get_ts64+0x86/0x230 [ 12.957654] kunit_try_run_case+0x1a5/0x480 [ 12.957680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.957702] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.957727] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.957750] ? __kthread_parkme+0x82/0x180 [ 12.957770] ? preempt_count_sub+0x50/0x80 [ 12.957793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.957817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.957840] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.957863] kthread+0x337/0x6f0 [ 12.957882] ? trace_preempt_on+0x20/0xc0 [ 12.957917] ? __pfx_kthread+0x10/0x10 [ 12.957937] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.957958] ? calculate_sigpending+0x7b/0xa0 [ 12.957990] ? __pfx_kthread+0x10/0x10 [ 12.958011] ret_from_fork+0x116/0x1d0 [ 12.958030] ? __pfx_kthread+0x10/0x10 [ 12.958050] ret_from_fork_asm+0x1a/0x30 [ 12.958083] </TASK> [ 12.958094] [ 12.969819] Allocated by task 228: [ 12.970163] kasan_save_stack+0x45/0x70 [ 12.970357] kasan_save_track+0x18/0x40 [ 12.970526] kasan_save_alloc_info+0x3b/0x50 [ 12.971074] __kasan_slab_alloc+0x91/0xa0 [ 12.971277] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.971475] kmem_cache_invalid_free+0x157/0x460 [ 12.971917] kunit_try_run_case+0x1a5/0x480 [ 12.972147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.972379] kthread+0x337/0x6f0 [ 12.972536] ret_from_fork+0x116/0x1d0 [ 12.973025] ret_from_fork_asm+0x1a/0x30 [ 12.973290] [ 12.973384] The buggy address belongs to the object at ffff8881029a4000 [ 12.973384] which belongs to the cache test_cache of size 200 [ 12.974257] The buggy address is located 1 bytes inside of [ 12.974257] 200-byte region [ffff8881029a4000, ffff8881029a40c8) [ 12.974995] [ 12.975140] The buggy address belongs to the physical page: [ 12.975497] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a4 [ 12.975953] flags: 0x200000000000000(node=0|zone=2) [ 12.976318] page_type: f5(slab) [ 12.976605] raw: 0200000000000000 ffff888100fb88c0 dead000000000122 0000000000000000 [ 12.976947] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.977481] page dumped because: kasan: bad access detected [ 12.977793] [ 12.978109] Memory state around the buggy address: [ 12.978499] ffff8881029a3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.978865] ffff8881029a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.979303] >ffff8881029a4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.979647] ^ [ 12.979951] ffff8881029a4080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.980310] ffff8881029a4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.980812] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.917401] ================================================================== [ 12.919015] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.920153] Free of addr ffff888102e37000 by task kunit_try_catch/226 [ 12.921379] [ 12.921487] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.921535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.921547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.921569] Call Trace: [ 12.921582] <TASK> [ 12.921599] dump_stack_lvl+0x73/0xb0 [ 12.921634] print_report+0xd1/0x610 [ 12.921657] ? __virt_addr_valid+0x1db/0x2d0 [ 12.921682] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.921704] ? kmem_cache_double_free+0x1e5/0x480 [ 12.921729] kasan_report_invalid_free+0x10a/0x130 [ 12.921754] ? kmem_cache_double_free+0x1e5/0x480 [ 12.921780] ? kmem_cache_double_free+0x1e5/0x480 [ 12.921804] check_slab_allocation+0x101/0x130 [ 12.921825] __kasan_slab_pre_free+0x28/0x40 [ 12.921846] kmem_cache_free+0xed/0x420 [ 12.921866] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.921886] ? kmem_cache_double_free+0x1e5/0x480 [ 12.921925] kmem_cache_double_free+0x1e5/0x480 [ 12.921949] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.921972] ? finish_task_switch.isra.0+0x153/0x700 [ 12.921996] ? __switch_to+0x47/0xf50 [ 12.922026] ? __pfx_read_tsc+0x10/0x10 [ 12.922047] ? ktime_get_ts64+0x86/0x230 [ 12.922081] kunit_try_run_case+0x1a5/0x480 [ 12.922107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.922136] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.922161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.922184] ? __kthread_parkme+0x82/0x180 [ 12.922205] ? preempt_count_sub+0x50/0x80 [ 12.922228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.922251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.922274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.922297] kthread+0x337/0x6f0 [ 12.922316] ? trace_preempt_on+0x20/0xc0 [ 12.922339] ? __pfx_kthread+0x10/0x10 [ 12.922358] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.922379] ? calculate_sigpending+0x7b/0xa0 [ 12.922404] ? __pfx_kthread+0x10/0x10 [ 12.922424] ret_from_fork+0x116/0x1d0 [ 12.922442] ? __pfx_kthread+0x10/0x10 [ 12.922462] ret_from_fork_asm+0x1a/0x30 [ 12.922493] </TASK> [ 12.922504] [ 12.930654] Allocated by task 226: [ 12.930827] kasan_save_stack+0x45/0x70 [ 12.930985] kasan_save_track+0x18/0x40 [ 12.931181] kasan_save_alloc_info+0x3b/0x50 [ 12.931399] __kasan_slab_alloc+0x91/0xa0 [ 12.931663] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.931865] kmem_cache_double_free+0x14f/0x480 [ 12.932142] kunit_try_run_case+0x1a5/0x480 [ 12.932314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.932534] kthread+0x337/0x6f0 [ 12.932709] ret_from_fork+0x116/0x1d0 [ 12.932901] ret_from_fork_asm+0x1a/0x30 [ 12.933124] [ 12.933195] Freed by task 226: [ 12.933314] kasan_save_stack+0x45/0x70 [ 12.933512] kasan_save_track+0x18/0x40 [ 12.933704] kasan_save_free_info+0x3f/0x60 [ 12.933919] __kasan_slab_free+0x56/0x70 [ 12.934109] kmem_cache_free+0x249/0x420 [ 12.934286] kmem_cache_double_free+0x16a/0x480 [ 12.934469] kunit_try_run_case+0x1a5/0x480 [ 12.934680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.934921] kthread+0x337/0x6f0 [ 12.935122] ret_from_fork+0x116/0x1d0 [ 12.935263] ret_from_fork_asm+0x1a/0x30 [ 12.935462] [ 12.935561] The buggy address belongs to the object at ffff888102e37000 [ 12.935561] which belongs to the cache test_cache of size 200 [ 12.936079] The buggy address is located 0 bytes inside of [ 12.936079] 200-byte region [ffff888102e37000, ffff888102e370c8) [ 12.936543] [ 12.936619] The buggy address belongs to the physical page: [ 12.936862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e37 [ 12.937311] flags: 0x200000000000000(node=0|zone=2) [ 12.937533] page_type: f5(slab) [ 12.937657] raw: 0200000000000000 ffff888101ba6280 dead000000000122 0000000000000000 [ 12.937888] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.938946] page dumped because: kasan: bad access detected [ 12.939167] [ 12.939263] Memory state around the buggy address: [ 12.939470] ffff888102e36f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.939752] ffff888102e36f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.940042] >ffff888102e37000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.940335] ^ [ 12.940490] ffff888102e37080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.940779] ffff888102e37100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.941187] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.882502] ================================================================== [ 12.882998] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.883355] Read of size 1 at addr ffff8881029a20c8 by task kunit_try_catch/224 [ 12.883664] [ 12.883807] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.883853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.883863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.883884] Call Trace: [ 12.883906] <TASK> [ 12.883923] dump_stack_lvl+0x73/0xb0 [ 12.883954] print_report+0xd1/0x610 [ 12.883975] ? __virt_addr_valid+0x1db/0x2d0 [ 12.884008] ? kmem_cache_oob+0x402/0x530 [ 12.884029] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.884052] ? kmem_cache_oob+0x402/0x530 [ 12.884076] kasan_report+0x141/0x180 [ 12.884097] ? kmem_cache_oob+0x402/0x530 [ 12.884125] __asan_report_load1_noabort+0x18/0x20 [ 12.884149] kmem_cache_oob+0x402/0x530 [ 12.884169] ? trace_hardirqs_on+0x37/0xe0 [ 12.884193] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.884217] ? __kasan_check_write+0x18/0x20 [ 12.884235] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.884259] ? irqentry_exit+0x2a/0x60 [ 12.884282] ? trace_hardirqs_on+0x37/0xe0 [ 12.884303] ? __pfx_read_tsc+0x10/0x10 [ 12.884323] ? ktime_get_ts64+0x86/0x230 [ 12.884348] kunit_try_run_case+0x1a5/0x480 [ 12.884372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.884396] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.884419] ? __kthread_parkme+0x82/0x180 [ 12.884438] ? preempt_count_sub+0x50/0x80 [ 12.884462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.884485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.884508] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.884544] kthread+0x337/0x6f0 [ 12.884563] ? trace_preempt_on+0x20/0xc0 [ 12.884584] ? __pfx_kthread+0x10/0x10 [ 12.884604] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.884624] ? calculate_sigpending+0x7b/0xa0 [ 12.884648] ? __pfx_kthread+0x10/0x10 [ 12.884668] ret_from_fork+0x116/0x1d0 [ 12.884687] ? __pfx_kthread+0x10/0x10 [ 12.884706] ret_from_fork_asm+0x1a/0x30 [ 12.884738] </TASK> [ 12.884749] [ 12.892843] Allocated by task 224: [ 12.893040] kasan_save_stack+0x45/0x70 [ 12.893260] kasan_save_track+0x18/0x40 [ 12.893424] kasan_save_alloc_info+0x3b/0x50 [ 12.893574] __kasan_slab_alloc+0x91/0xa0 [ 12.893713] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.893951] kmem_cache_oob+0x157/0x530 [ 12.894313] kunit_try_run_case+0x1a5/0x480 [ 12.894523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.895006] kthread+0x337/0x6f0 [ 12.895180] ret_from_fork+0x116/0x1d0 [ 12.895337] ret_from_fork_asm+0x1a/0x30 [ 12.895582] [ 12.895666] The buggy address belongs to the object at ffff8881029a2000 [ 12.895666] which belongs to the cache test_cache of size 200 [ 12.896218] The buggy address is located 0 bytes to the right of [ 12.896218] allocated 200-byte region [ffff8881029a2000, ffff8881029a20c8) [ 12.896754] [ 12.896847] The buggy address belongs to the physical page: [ 12.897109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a2 [ 12.897382] flags: 0x200000000000000(node=0|zone=2) [ 12.897652] page_type: f5(slab) [ 12.897824] raw: 0200000000000000 ffff888100fb8780 dead000000000122 0000000000000000 [ 12.898203] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.898441] page dumped because: kasan: bad access detected [ 12.898617] [ 12.898693] Memory state around the buggy address: [ 12.898856] ffff8881029a1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.899087] ffff8881029a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.899403] >ffff8881029a2080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.899717] ^ [ 12.899977] ffff8881029a2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.900344] ffff8881029a2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.900832] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.834560] ================================================================== [ 12.835282] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.835517] Read of size 8 at addr ffff88810299c340 by task kunit_try_catch/217 [ 12.836847] [ 12.837220] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.837271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.837282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.837304] Call Trace: [ 12.837316] <TASK> [ 12.837334] dump_stack_lvl+0x73/0xb0 [ 12.837366] print_report+0xd1/0x610 [ 12.837389] ? __virt_addr_valid+0x1db/0x2d0 [ 12.837412] ? workqueue_uaf+0x4d6/0x560 [ 12.837433] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.837455] ? workqueue_uaf+0x4d6/0x560 [ 12.837477] kasan_report+0x141/0x180 [ 12.837498] ? workqueue_uaf+0x4d6/0x560 [ 12.837525] __asan_report_load8_noabort+0x18/0x20 [ 12.837550] workqueue_uaf+0x4d6/0x560 [ 12.837573] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.837596] ? __schedule+0x10cc/0x2b60 [ 12.837618] ? __pfx_read_tsc+0x10/0x10 [ 12.837638] ? ktime_get_ts64+0x86/0x230 [ 12.837663] kunit_try_run_case+0x1a5/0x480 [ 12.837688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.837710] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.837734] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.837757] ? __kthread_parkme+0x82/0x180 [ 12.837778] ? preempt_count_sub+0x50/0x80 [ 12.837802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.837825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.837849] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.837872] kthread+0x337/0x6f0 [ 12.837901] ? trace_preempt_on+0x20/0xc0 [ 12.837925] ? __pfx_kthread+0x10/0x10 [ 12.837945] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.837966] ? calculate_sigpending+0x7b/0xa0 [ 12.837990] ? __pfx_kthread+0x10/0x10 [ 12.838010] ret_from_fork+0x116/0x1d0 [ 12.838028] ? __pfx_kthread+0x10/0x10 [ 12.838048] ret_from_fork_asm+0x1a/0x30 [ 12.838080] </TASK> [ 12.838091] [ 12.851503] Allocated by task 217: [ 12.852083] kasan_save_stack+0x45/0x70 [ 12.852607] kasan_save_track+0x18/0x40 [ 12.853070] kasan_save_alloc_info+0x3b/0x50 [ 12.853432] __kasan_kmalloc+0xb7/0xc0 [ 12.853962] __kmalloc_cache_noprof+0x189/0x420 [ 12.854457] workqueue_uaf+0x152/0x560 [ 12.854998] kunit_try_run_case+0x1a5/0x480 [ 12.855344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.855732] kthread+0x337/0x6f0 [ 12.855864] ret_from_fork+0x116/0x1d0 [ 12.856110] ret_from_fork_asm+0x1a/0x30 [ 12.856720] [ 12.856992] Freed by task 44: [ 12.857340] kasan_save_stack+0x45/0x70 [ 12.857839] kasan_save_track+0x18/0x40 [ 12.858168] kasan_save_free_info+0x3f/0x60 [ 12.858825] __kasan_slab_free+0x56/0x70 [ 12.859153] kfree+0x222/0x3f0 [ 12.859279] workqueue_uaf_work+0x12/0x20 [ 12.859420] process_one_work+0x5ee/0xf60 [ 12.859683] worker_thread+0x758/0x1220 [ 12.860294] kthread+0x337/0x6f0 [ 12.860616] ret_from_fork+0x116/0x1d0 [ 12.861012] ret_from_fork_asm+0x1a/0x30 [ 12.861454] [ 12.861617] Last potentially related work creation: [ 12.862027] kasan_save_stack+0x45/0x70 [ 12.862171] kasan_record_aux_stack+0xb2/0xc0 [ 12.862322] __queue_work+0x626/0xeb0 [ 12.862455] queue_work_on+0xb6/0xc0 [ 12.862732] workqueue_uaf+0x26d/0x560 [ 12.863083] kunit_try_run_case+0x1a5/0x480 [ 12.863686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.864221] kthread+0x337/0x6f0 [ 12.864513] ret_from_fork+0x116/0x1d0 [ 12.864925] ret_from_fork_asm+0x1a/0x30 [ 12.865356] [ 12.865520] The buggy address belongs to the object at ffff88810299c340 [ 12.865520] which belongs to the cache kmalloc-32 of size 32 [ 12.866298] The buggy address is located 0 bytes inside of [ 12.866298] freed 32-byte region [ffff88810299c340, ffff88810299c360) [ 12.866644] [ 12.866718] The buggy address belongs to the physical page: [ 12.866911] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10299c [ 12.867180] flags: 0x200000000000000(node=0|zone=2) [ 12.867433] page_type: f5(slab) [ 12.867705] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.868044] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.868324] page dumped because: kasan: bad access detected [ 12.868577] [ 12.868679] Memory state around the buggy address: [ 12.868890] ffff88810299c200: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 12.869190] ffff88810299c280: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.869463] >ffff88810299c300: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.869775] ^ [ 12.870237] ffff88810299c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.870699] ffff88810299c400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.870935] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.786652] ================================================================== [ 12.787227] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.787603] Read of size 4 at addr ffff888102e2fa40 by task swapper/0/0 [ 12.788066] [ 12.788198] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.788266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.788277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.788300] Call Trace: [ 12.788346] <IRQ> [ 12.788366] dump_stack_lvl+0x73/0xb0 [ 12.788401] print_report+0xd1/0x610 [ 12.788424] ? __virt_addr_valid+0x1db/0x2d0 [ 12.788450] ? rcu_uaf_reclaim+0x50/0x60 [ 12.788469] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.788492] ? rcu_uaf_reclaim+0x50/0x60 [ 12.788583] kasan_report+0x141/0x180 [ 12.788610] ? rcu_uaf_reclaim+0x50/0x60 [ 12.788660] __asan_report_load4_noabort+0x18/0x20 [ 12.788685] rcu_uaf_reclaim+0x50/0x60 [ 12.788706] rcu_core+0x66f/0x1c40 [ 12.788737] ? __pfx_rcu_core+0x10/0x10 [ 12.788758] ? ktime_get+0x6b/0x150 [ 12.788786] rcu_core_si+0x12/0x20 [ 12.788805] handle_softirqs+0x209/0x730 [ 12.788827] ? hrtimer_interrupt+0x2fe/0x780 [ 12.788850] ? __pfx_handle_softirqs+0x10/0x10 [ 12.788903] __irq_exit_rcu+0xc9/0x110 [ 12.788923] irq_exit_rcu+0x12/0x20 [ 12.788943] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.788988] </IRQ> [ 12.789016] <TASK> [ 12.789026] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.789117] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.789337] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 62 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.789417] RSP: 0000:ffffffff9ac07dd8 EFLAGS: 00010216 [ 12.789503] RAX: ffff8881bf072000 RBX: ffffffff9ac1cac0 RCX: ffffffff99a76125 [ 12.789748] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 000000000000517c [ 12.789800] RBP: ffffffff9ac07de0 R08: 0000000000000001 R09: ffffed102b60618a [ 12.789843] R10: ffff88815b030c53 R11: ffffffff9bfc36c0 R12: 0000000000000000 [ 12.789886] R13: fffffbfff3583958 R14: ffffffff9b7b1490 R15: 0000000000000000 [ 12.789964] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.790050] ? default_idle+0xd/0x20 [ 12.790073] arch_cpu_idle+0xd/0x20 [ 12.790094] default_idle_call+0x48/0x80 [ 12.790113] do_idle+0x379/0x4f0 [ 12.790140] ? __pfx_do_idle+0x10/0x10 [ 12.790161] ? trace_preempt_on+0x20/0xc0 [ 12.790184] ? schedule+0x86/0x2e0 [ 12.790204] ? preempt_count_sub+0x50/0x80 [ 12.790228] cpu_startup_entry+0x5c/0x70 [ 12.790247] rest_init+0x11a/0x140 [ 12.790264] ? acpi_subsystem_init+0x5d/0x150 [ 12.790290] start_kernel+0x330/0x410 [ 12.790315] x86_64_start_reservations+0x1c/0x30 [ 12.790340] x86_64_start_kernel+0x10d/0x120 [ 12.790364] common_startup_64+0x13e/0x148 [ 12.790398] </TASK> [ 12.790409] [ 12.809217] Allocated by task 215: [ 12.809747] kasan_save_stack+0x45/0x70 [ 12.810135] kasan_save_track+0x18/0x40 [ 12.810275] kasan_save_alloc_info+0x3b/0x50 [ 12.810421] __kasan_kmalloc+0xb7/0xc0 [ 12.810643] __kmalloc_cache_noprof+0x189/0x420 [ 12.811210] rcu_uaf+0xb0/0x330 [ 12.811571] kunit_try_run_case+0x1a5/0x480 [ 12.812092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.812653] kthread+0x337/0x6f0 [ 12.813024] ret_from_fork+0x116/0x1d0 [ 12.813359] ret_from_fork_asm+0x1a/0x30 [ 12.813499] [ 12.813866] Freed by task 0: [ 12.814209] kasan_save_stack+0x45/0x70 [ 12.814608] kasan_save_track+0x18/0x40 [ 12.815182] kasan_save_free_info+0x3f/0x60 [ 12.815364] __kasan_slab_free+0x56/0x70 [ 12.815507] kfree+0x222/0x3f0 [ 12.815634] rcu_uaf_reclaim+0x1f/0x60 [ 12.815774] rcu_core+0x66f/0x1c40 [ 12.816111] rcu_core_si+0x12/0x20 [ 12.816273] handle_softirqs+0x209/0x730 [ 12.816463] __irq_exit_rcu+0xc9/0x110 [ 12.817063] irq_exit_rcu+0x12/0x20 [ 12.817300] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.817671] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.817911] [ 12.818073] Last potentially related work creation: [ 12.818318] kasan_save_stack+0x45/0x70 [ 12.818799] kasan_record_aux_stack+0xb2/0xc0 [ 12.819045] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 12.819454] call_rcu+0x12/0x20 [ 12.819645] rcu_uaf+0x168/0x330 [ 12.820039] kunit_try_run_case+0x1a5/0x480 [ 12.820193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.820662] kthread+0x337/0x6f0 [ 12.820951] ret_from_fork+0x116/0x1d0 [ 12.821142] ret_from_fork_asm+0x1a/0x30 [ 12.821498] [ 12.821617] The buggy address belongs to the object at ffff888102e2fa40 [ 12.821617] which belongs to the cache kmalloc-32 of size 32 [ 12.822262] The buggy address is located 0 bytes inside of [ 12.822262] freed 32-byte region [ffff888102e2fa40, ffff888102e2fa60) [ 12.823283] [ 12.823368] The buggy address belongs to the physical page: [ 12.823697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e2f [ 12.824198] flags: 0x200000000000000(node=0|zone=2) [ 12.824371] page_type: f5(slab) [ 12.824736] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.825235] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.825554] page dumped because: kasan: bad access detected [ 12.826018] [ 12.826192] Memory state around the buggy address: [ 12.826355] ffff888102e2f900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.826673] ffff888102e2f980: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.827232] >ffff888102e2fa00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.827588] ^ [ 12.828069] ffff888102e2fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.828377] ffff888102e2fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.828938] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.755243] ================================================================== [ 12.755645] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 12.755956] Read of size 1 at addr ffff888102988878 by task kunit_try_catch/213 [ 12.756864] [ 12.757016] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.757060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.757071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.757092] Call Trace: [ 12.757107] <TASK> [ 12.757123] dump_stack_lvl+0x73/0xb0 [ 12.757153] print_report+0xd1/0x610 [ 12.757175] ? __virt_addr_valid+0x1db/0x2d0 [ 12.757198] ? ksize_uaf+0x5e4/0x6c0 [ 12.757217] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.757239] ? ksize_uaf+0x5e4/0x6c0 [ 12.757260] kasan_report+0x141/0x180 [ 12.757281] ? ksize_uaf+0x5e4/0x6c0 [ 12.757307] __asan_report_load1_noabort+0x18/0x20 [ 12.757330] ksize_uaf+0x5e4/0x6c0 [ 12.757351] ? __pfx_ksize_uaf+0x10/0x10 [ 12.757372] ? __schedule+0x10cc/0x2b60 [ 12.757394] ? __pfx_read_tsc+0x10/0x10 [ 12.757414] ? ktime_get_ts64+0x86/0x230 [ 12.757438] kunit_try_run_case+0x1a5/0x480 [ 12.757484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.757507] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.757531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.757554] ? __kthread_parkme+0x82/0x180 [ 12.757573] ? preempt_count_sub+0x50/0x80 [ 12.757612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.757636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.757673] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.757696] kthread+0x337/0x6f0 [ 12.757714] ? trace_preempt_on+0x20/0xc0 [ 12.757737] ? __pfx_kthread+0x10/0x10 [ 12.757757] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.757777] ? calculate_sigpending+0x7b/0xa0 [ 12.757801] ? __pfx_kthread+0x10/0x10 [ 12.757822] ret_from_fork+0x116/0x1d0 [ 12.757839] ? __pfx_kthread+0x10/0x10 [ 12.757859] ret_from_fork_asm+0x1a/0x30 [ 12.757900] </TASK> [ 12.757910] [ 12.764870] Allocated by task 213: [ 12.765080] kasan_save_stack+0x45/0x70 [ 12.765281] kasan_save_track+0x18/0x40 [ 12.765470] kasan_save_alloc_info+0x3b/0x50 [ 12.765680] __kasan_kmalloc+0xb7/0xc0 [ 12.765865] __kmalloc_cache_noprof+0x189/0x420 [ 12.766120] ksize_uaf+0xaa/0x6c0 [ 12.766294] kunit_try_run_case+0x1a5/0x480 [ 12.766481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.766747] kthread+0x337/0x6f0 [ 12.766912] ret_from_fork+0x116/0x1d0 [ 12.767060] ret_from_fork_asm+0x1a/0x30 [ 12.767196] [ 12.767264] Freed by task 213: [ 12.767372] kasan_save_stack+0x45/0x70 [ 12.767566] kasan_save_track+0x18/0x40 [ 12.767772] kasan_save_free_info+0x3f/0x60 [ 12.768032] __kasan_slab_free+0x56/0x70 [ 12.768244] kfree+0x222/0x3f0 [ 12.768406] ksize_uaf+0x12c/0x6c0 [ 12.768578] kunit_try_run_case+0x1a5/0x480 [ 12.768809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.769094] kthread+0x337/0x6f0 [ 12.769229] ret_from_fork+0x116/0x1d0 [ 12.769436] ret_from_fork_asm+0x1a/0x30 [ 12.769623] [ 12.769725] The buggy address belongs to the object at ffff888102988800 [ 12.769725] which belongs to the cache kmalloc-128 of size 128 [ 12.770238] The buggy address is located 120 bytes inside of [ 12.770238] freed 128-byte region [ffff888102988800, ffff888102988880) [ 12.770779] [ 12.770861] The buggy address belongs to the physical page: [ 12.771167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 12.771490] flags: 0x200000000000000(node=0|zone=2) [ 12.771748] page_type: f5(slab) [ 12.771901] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.772295] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.772584] page dumped because: kasan: bad access detected [ 12.772841] [ 12.772955] Memory state around the buggy address: [ 12.773188] ffff888102988700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.773448] ffff888102988780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.773663] >ffff888102988800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.773875] ^ [ 12.774238] ffff888102988880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.774552] ffff888102988900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.774870] ================================================================== [ 12.709240] ================================================================== [ 12.710334] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 12.710915] Read of size 1 at addr ffff888102988800 by task kunit_try_catch/213 [ 12.711875] [ 12.712219] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.712274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.712286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.712307] Call Trace: [ 12.712319] <TASK> [ 12.712372] dump_stack_lvl+0x73/0xb0 [ 12.712409] print_report+0xd1/0x610 [ 12.712433] ? __virt_addr_valid+0x1db/0x2d0 [ 12.712456] ? ksize_uaf+0x19d/0x6c0 [ 12.712476] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.712498] ? ksize_uaf+0x19d/0x6c0 [ 12.712518] kasan_report+0x141/0x180 [ 12.712540] ? ksize_uaf+0x19d/0x6c0 [ 12.712563] ? ksize_uaf+0x19d/0x6c0 [ 12.712583] __kasan_check_byte+0x3d/0x50 [ 12.712605] ksize+0x20/0x60 [ 12.712624] ksize_uaf+0x19d/0x6c0 [ 12.712644] ? __pfx_ksize_uaf+0x10/0x10 [ 12.712665] ? __schedule+0x10cc/0x2b60 [ 12.712686] ? __pfx_read_tsc+0x10/0x10 [ 12.712707] ? ktime_get_ts64+0x86/0x230 [ 12.712731] kunit_try_run_case+0x1a5/0x480 [ 12.712756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.712777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.712800] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.712824] ? __kthread_parkme+0x82/0x180 [ 12.712843] ? preempt_count_sub+0x50/0x80 [ 12.712867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.712890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.712925] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.712948] kthread+0x337/0x6f0 [ 12.712987] ? trace_preempt_on+0x20/0xc0 [ 12.713011] ? __pfx_kthread+0x10/0x10 [ 12.713031] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.713052] ? calculate_sigpending+0x7b/0xa0 [ 12.713075] ? __pfx_kthread+0x10/0x10 [ 12.713096] ret_from_fork+0x116/0x1d0 [ 12.713114] ? __pfx_kthread+0x10/0x10 [ 12.713133] ret_from_fork_asm+0x1a/0x30 [ 12.713165] </TASK> [ 12.713175] [ 12.724114] Allocated by task 213: [ 12.724292] kasan_save_stack+0x45/0x70 [ 12.724458] kasan_save_track+0x18/0x40 [ 12.724595] kasan_save_alloc_info+0x3b/0x50 [ 12.724790] __kasan_kmalloc+0xb7/0xc0 [ 12.725050] __kmalloc_cache_noprof+0x189/0x420 [ 12.725278] ksize_uaf+0xaa/0x6c0 [ 12.725448] kunit_try_run_case+0x1a5/0x480 [ 12.725682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.725921] kthread+0x337/0x6f0 [ 12.726149] ret_from_fork+0x116/0x1d0 [ 12.726337] ret_from_fork_asm+0x1a/0x30 [ 12.726537] [ 12.726630] Freed by task 213: [ 12.726769] kasan_save_stack+0x45/0x70 [ 12.726918] kasan_save_track+0x18/0x40 [ 12.727076] kasan_save_free_info+0x3f/0x60 [ 12.727225] __kasan_slab_free+0x56/0x70 [ 12.727417] kfree+0x222/0x3f0 [ 12.727580] ksize_uaf+0x12c/0x6c0 [ 12.727779] kunit_try_run_case+0x1a5/0x480 [ 12.728061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.728342] kthread+0x337/0x6f0 [ 12.728535] ret_from_fork+0x116/0x1d0 [ 12.728727] ret_from_fork_asm+0x1a/0x30 [ 12.728935] [ 12.729048] The buggy address belongs to the object at ffff888102988800 [ 12.729048] which belongs to the cache kmalloc-128 of size 128 [ 12.729519] The buggy address is located 0 bytes inside of [ 12.729519] freed 128-byte region [ffff888102988800, ffff888102988880) [ 12.730054] [ 12.730133] The buggy address belongs to the physical page: [ 12.730411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 12.730768] flags: 0x200000000000000(node=0|zone=2) [ 12.731046] page_type: f5(slab) [ 12.731206] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.731530] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.731848] page dumped because: kasan: bad access detected [ 12.732138] [ 12.732232] Memory state around the buggy address: [ 12.732442] ffff888102988700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.732748] ffff888102988780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.733049] >ffff888102988800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.733375] ^ [ 12.733528] ffff888102988880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.733808] ffff888102988900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.734175] ================================================================== [ 12.735392] ================================================================== [ 12.735804] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 12.736188] Read of size 1 at addr ffff888102988800 by task kunit_try_catch/213 [ 12.736532] [ 12.736650] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.736697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.736708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.736729] Call Trace: [ 12.736741] <TASK> [ 12.736757] dump_stack_lvl+0x73/0xb0 [ 12.736786] print_report+0xd1/0x610 [ 12.736811] ? __virt_addr_valid+0x1db/0x2d0 [ 12.736834] ? ksize_uaf+0x5fe/0x6c0 [ 12.736854] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.736877] ? ksize_uaf+0x5fe/0x6c0 [ 12.736909] kasan_report+0x141/0x180 [ 12.736932] ? ksize_uaf+0x5fe/0x6c0 [ 12.736959] __asan_report_load1_noabort+0x18/0x20 [ 12.737020] ksize_uaf+0x5fe/0x6c0 [ 12.737040] ? __pfx_ksize_uaf+0x10/0x10 [ 12.737061] ? __schedule+0x10cc/0x2b60 [ 12.737083] ? __pfx_read_tsc+0x10/0x10 [ 12.737102] ? ktime_get_ts64+0x86/0x230 [ 12.737127] kunit_try_run_case+0x1a5/0x480 [ 12.737151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.737172] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.737196] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.737219] ? __kthread_parkme+0x82/0x180 [ 12.737239] ? preempt_count_sub+0x50/0x80 [ 12.737263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.737286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.737309] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.737332] kthread+0x337/0x6f0 [ 12.737351] ? trace_preempt_on+0x20/0xc0 [ 12.737374] ? __pfx_kthread+0x10/0x10 [ 12.737393] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.737414] ? calculate_sigpending+0x7b/0xa0 [ 12.737456] ? __pfx_kthread+0x10/0x10 [ 12.737477] ret_from_fork+0x116/0x1d0 [ 12.737494] ? __pfx_kthread+0x10/0x10 [ 12.737514] ret_from_fork_asm+0x1a/0x30 [ 12.737563] </TASK> [ 12.737574] [ 12.744551] Allocated by task 213: [ 12.744724] kasan_save_stack+0x45/0x70 [ 12.744864] kasan_save_track+0x18/0x40 [ 12.745062] kasan_save_alloc_info+0x3b/0x50 [ 12.745295] __kasan_kmalloc+0xb7/0xc0 [ 12.745509] __kmalloc_cache_noprof+0x189/0x420 [ 12.745756] ksize_uaf+0xaa/0x6c0 [ 12.745922] kunit_try_run_case+0x1a5/0x480 [ 12.746095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.746373] kthread+0x337/0x6f0 [ 12.746550] ret_from_fork+0x116/0x1d0 [ 12.746731] ret_from_fork_asm+0x1a/0x30 [ 12.746877] [ 12.747023] Freed by task 213: [ 12.747180] kasan_save_stack+0x45/0x70 [ 12.747373] kasan_save_track+0x18/0x40 [ 12.747540] kasan_save_free_info+0x3f/0x60 [ 12.747718] __kasan_slab_free+0x56/0x70 [ 12.747944] kfree+0x222/0x3f0 [ 12.748147] ksize_uaf+0x12c/0x6c0 [ 12.748296] kunit_try_run_case+0x1a5/0x480 [ 12.748512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.748787] kthread+0x337/0x6f0 [ 12.748983] ret_from_fork+0x116/0x1d0 [ 12.749167] ret_from_fork_asm+0x1a/0x30 [ 12.749362] [ 12.749454] The buggy address belongs to the object at ffff888102988800 [ 12.749454] which belongs to the cache kmalloc-128 of size 128 [ 12.749931] The buggy address is located 0 bytes inside of [ 12.749931] freed 128-byte region [ffff888102988800, ffff888102988880) [ 12.750475] [ 12.750562] The buggy address belongs to the physical page: [ 12.750734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 12.751091] flags: 0x200000000000000(node=0|zone=2) [ 12.751329] page_type: f5(slab) [ 12.751495] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.751827] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.752191] page dumped because: kasan: bad access detected [ 12.752439] [ 12.752530] Memory state around the buggy address: [ 12.752749] ffff888102988700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.753100] ffff888102988780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.753332] >ffff888102988800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.753545] ^ [ 12.753659] ffff888102988880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.753876] ffff888102988900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.754242] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.646327] ================================================================== [ 12.647003] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.647433] Read of size 1 at addr ffff888102988773 by task kunit_try_catch/211 [ 12.647743] [ 12.647861] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.647915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.647926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.647946] Call Trace: [ 12.647959] <TASK> [ 12.647987] dump_stack_lvl+0x73/0xb0 [ 12.648028] print_report+0xd1/0x610 [ 12.648062] ? __virt_addr_valid+0x1db/0x2d0 [ 12.648085] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.648109] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.648132] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.648155] kasan_report+0x141/0x180 [ 12.648177] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.648205] __asan_report_load1_noabort+0x18/0x20 [ 12.648230] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.648253] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.648287] ? __kasan_check_write+0x18/0x20 [ 12.648306] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.648330] ? irqentry_exit+0x2a/0x60 [ 12.648361] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.648385] ? trace_hardirqs_on+0x37/0xe0 [ 12.648408] ? __pfx_read_tsc+0x10/0x10 [ 12.648429] ? ktime_get_ts64+0x86/0x230 [ 12.648454] kunit_try_run_case+0x1a5/0x480 [ 12.648486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648510] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.648533] ? __kthread_parkme+0x82/0x180 [ 12.648563] ? preempt_count_sub+0x50/0x80 [ 12.648588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.648611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.648634] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.648658] kthread+0x337/0x6f0 [ 12.648677] ? trace_preempt_on+0x20/0xc0 [ 12.648698] ? __pfx_kthread+0x10/0x10 [ 12.648718] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.648739] ? calculate_sigpending+0x7b/0xa0 [ 12.648763] ? __pfx_kthread+0x10/0x10 [ 12.648784] ret_from_fork+0x116/0x1d0 [ 12.648802] ? __pfx_kthread+0x10/0x10 [ 12.648822] ret_from_fork_asm+0x1a/0x30 [ 12.648853] </TASK> [ 12.648863] [ 12.656782] Allocated by task 211: [ 12.656972] kasan_save_stack+0x45/0x70 [ 12.657159] kasan_save_track+0x18/0x40 [ 12.657346] kasan_save_alloc_info+0x3b/0x50 [ 12.657498] __kasan_kmalloc+0xb7/0xc0 [ 12.657665] __kmalloc_cache_noprof+0x189/0x420 [ 12.657907] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.658122] kunit_try_run_case+0x1a5/0x480 [ 12.658317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.658494] kthread+0x337/0x6f0 [ 12.658767] ret_from_fork+0x116/0x1d0 [ 12.658967] ret_from_fork_asm+0x1a/0x30 [ 12.659175] [ 12.659267] The buggy address belongs to the object at ffff888102988700 [ 12.659267] which belongs to the cache kmalloc-128 of size 128 [ 12.659637] The buggy address is located 0 bytes to the right of [ 12.659637] allocated 115-byte region [ffff888102988700, ffff888102988773) [ 12.660073] [ 12.660182] The buggy address belongs to the physical page: [ 12.660434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 12.660784] flags: 0x200000000000000(node=0|zone=2) [ 12.661030] page_type: f5(slab) [ 12.661309] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.661543] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.661768] page dumped because: kasan: bad access detected [ 12.662070] [ 12.662164] Memory state around the buggy address: [ 12.662421] ffff888102988600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.662743] ffff888102988680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.663178] >ffff888102988700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.663449] ^ [ 12.663741] ffff888102988780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.664095] ffff888102988800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.664408] ================================================================== [ 12.665420] ================================================================== [ 12.665812] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.666319] Read of size 1 at addr ffff888102988778 by task kunit_try_catch/211 [ 12.666708] [ 12.666823] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.666863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.666875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.666911] Call Trace: [ 12.666923] <TASK> [ 12.666936] dump_stack_lvl+0x73/0xb0 [ 12.666964] print_report+0xd1/0x610 [ 12.666985] ? __virt_addr_valid+0x1db/0x2d0 [ 12.667007] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.667030] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.667053] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.667086] kasan_report+0x141/0x180 [ 12.667108] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.667137] __asan_report_load1_noabort+0x18/0x20 [ 12.667173] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.667196] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.667221] ? __kasan_check_write+0x18/0x20 [ 12.667251] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.667274] ? irqentry_exit+0x2a/0x60 [ 12.667294] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.667318] ? trace_hardirqs_on+0x37/0xe0 [ 12.667341] ? __pfx_read_tsc+0x10/0x10 [ 12.667361] ? ktime_get_ts64+0x86/0x230 [ 12.667384] kunit_try_run_case+0x1a5/0x480 [ 12.667408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.667432] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.667455] ? __kthread_parkme+0x82/0x180 [ 12.667474] ? preempt_count_sub+0x50/0x80 [ 12.667497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.667521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.667544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.667568] kthread+0x337/0x6f0 [ 12.667586] ? trace_preempt_on+0x20/0xc0 [ 12.667607] ? __pfx_kthread+0x10/0x10 [ 12.667627] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.667657] ? calculate_sigpending+0x7b/0xa0 [ 12.667681] ? __pfx_kthread+0x10/0x10 [ 12.667701] ret_from_fork+0x116/0x1d0 [ 12.667729] ? __pfx_kthread+0x10/0x10 [ 12.667749] ret_from_fork_asm+0x1a/0x30 [ 12.667780] </TASK> [ 12.667790] [ 12.675746] Allocated by task 211: [ 12.675898] kasan_save_stack+0x45/0x70 [ 12.676179] kasan_save_track+0x18/0x40 [ 12.676393] kasan_save_alloc_info+0x3b/0x50 [ 12.676569] __kasan_kmalloc+0xb7/0xc0 [ 12.676769] __kmalloc_cache_noprof+0x189/0x420 [ 12.676996] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.677215] kunit_try_run_case+0x1a5/0x480 [ 12.677401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.677579] kthread+0x337/0x6f0 [ 12.677699] ret_from_fork+0x116/0x1d0 [ 12.677861] ret_from_fork_asm+0x1a/0x30 [ 12.678072] [ 12.678194] The buggy address belongs to the object at ffff888102988700 [ 12.678194] which belongs to the cache kmalloc-128 of size 128 [ 12.678735] The buggy address is located 5 bytes to the right of [ 12.678735] allocated 115-byte region [ffff888102988700, ffff888102988773) [ 12.679295] [ 12.679366] The buggy address belongs to the physical page: [ 12.679574] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 12.679950] flags: 0x200000000000000(node=0|zone=2) [ 12.680250] page_type: f5(slab) [ 12.680429] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.680711] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.681165] page dumped because: kasan: bad access detected [ 12.681350] [ 12.681420] Memory state around the buggy address: [ 12.681573] ffff888102988600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.681789] ffff888102988680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.682015] >ffff888102988700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.682288] ^ [ 12.682657] ffff888102988780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.683044] ffff888102988800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.683416] ================================================================== [ 12.684658] ================================================================== [ 12.685199] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.685513] Read of size 1 at addr ffff88810298877f by task kunit_try_catch/211 [ 12.685860] [ 12.685968] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.686019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.686030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.686050] Call Trace: [ 12.686065] <TASK> [ 12.686080] dump_stack_lvl+0x73/0xb0 [ 12.686119] print_report+0xd1/0x610 [ 12.686140] ? __virt_addr_valid+0x1db/0x2d0 [ 12.686163] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.686197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.686220] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.686243] kasan_report+0x141/0x180 [ 12.686265] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.686293] __asan_report_load1_noabort+0x18/0x20 [ 12.686317] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.686341] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.686368] ? __kasan_check_write+0x18/0x20 [ 12.686388] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.686414] ? irqentry_exit+0x2a/0x60 [ 12.686444] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.686468] ? trace_hardirqs_on+0x37/0xe0 [ 12.686491] ? __pfx_read_tsc+0x10/0x10 [ 12.686521] ? ktime_get_ts64+0x86/0x230 [ 12.686546] kunit_try_run_case+0x1a5/0x480 [ 12.686571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.686596] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.686627] ? __kthread_parkme+0x82/0x180 [ 12.686647] ? preempt_count_sub+0x50/0x80 [ 12.686671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.686705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.686729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.686753] kthread+0x337/0x6f0 [ 12.686786] ? trace_preempt_on+0x20/0xc0 [ 12.686808] ? __pfx_kthread+0x10/0x10 [ 12.686828] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.686859] ? calculate_sigpending+0x7b/0xa0 [ 12.686883] ? __pfx_kthread+0x10/0x10 [ 12.686912] ret_from_fork+0x116/0x1d0 [ 12.686930] ? __pfx_kthread+0x10/0x10 [ 12.686950] ret_from_fork_asm+0x1a/0x30 [ 12.686991] </TASK> [ 12.687001] [ 12.695185] Allocated by task 211: [ 12.695348] kasan_save_stack+0x45/0x70 [ 12.695495] kasan_save_track+0x18/0x40 [ 12.695712] kasan_save_alloc_info+0x3b/0x50 [ 12.695881] __kasan_kmalloc+0xb7/0xc0 [ 12.696167] __kmalloc_cache_noprof+0x189/0x420 [ 12.696367] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.696597] kunit_try_run_case+0x1a5/0x480 [ 12.696806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.697038] kthread+0x337/0x6f0 [ 12.697208] ret_from_fork+0x116/0x1d0 [ 12.697415] ret_from_fork_asm+0x1a/0x30 [ 12.697571] [ 12.697640] The buggy address belongs to the object at ffff888102988700 [ 12.697640] which belongs to the cache kmalloc-128 of size 128 [ 12.698036] The buggy address is located 12 bytes to the right of [ 12.698036] allocated 115-byte region [ffff888102988700, ffff888102988773) [ 12.698580] [ 12.698651] The buggy address belongs to the physical page: [ 12.698825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 12.699429] flags: 0x200000000000000(node=0|zone=2) [ 12.699661] page_type: f5(slab) [ 12.699860] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.700233] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.701088] page dumped because: kasan: bad access detected [ 12.702006] [ 12.702101] Memory state around the buggy address: [ 12.702262] ffff888102988600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.702549] ffff888102988680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.702883] >ffff888102988700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.704106] ^ [ 12.704351] ffff888102988780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.704575] ffff888102988800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.704791] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.617214] ================================================================== [ 12.617983] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.618317] Free of addr ffff888102837200 by task kunit_try_catch/209 [ 12.618518] [ 12.618695] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.618739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.618749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.618775] Call Trace: [ 12.618787] <TASK> [ 12.618802] dump_stack_lvl+0x73/0xb0 [ 12.618831] print_report+0xd1/0x610 [ 12.618863] ? __virt_addr_valid+0x1db/0x2d0 [ 12.618887] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.618927] ? kfree_sensitive+0x2e/0x90 [ 12.618948] kasan_report_invalid_free+0x10a/0x130 [ 12.618973] ? kfree_sensitive+0x2e/0x90 [ 12.619004] ? kfree_sensitive+0x2e/0x90 [ 12.619023] check_slab_allocation+0x101/0x130 [ 12.619045] __kasan_slab_pre_free+0x28/0x40 [ 12.619065] kfree+0xf0/0x3f0 [ 12.619086] ? add_taint+0x2e/0xa0 [ 12.619104] ? kfree_sensitive+0x2e/0x90 [ 12.619126] kfree_sensitive+0x2e/0x90 [ 12.619145] kmalloc_double_kzfree+0x19c/0x350 [ 12.619179] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.619202] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.619228] ? trace_hardirqs_on+0x37/0xe0 [ 12.619261] ? __pfx_read_tsc+0x10/0x10 [ 12.619282] ? ktime_get_ts64+0x86/0x230 [ 12.619306] kunit_try_run_case+0x1a5/0x480 [ 12.619330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.619354] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.619379] ? __kthread_parkme+0x82/0x180 [ 12.619400] ? preempt_count_sub+0x50/0x80 [ 12.619424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.619447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.619471] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.619494] kthread+0x337/0x6f0 [ 12.619522] ? trace_preempt_on+0x20/0xc0 [ 12.619610] ? __pfx_kthread+0x10/0x10 [ 12.619631] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.619652] ? calculate_sigpending+0x7b/0xa0 [ 12.619677] ? __pfx_kthread+0x10/0x10 [ 12.619698] ret_from_fork+0x116/0x1d0 [ 12.619716] ? __pfx_kthread+0x10/0x10 [ 12.619736] ret_from_fork_asm+0x1a/0x30 [ 12.619768] </TASK> [ 12.619779] [ 12.628797] Allocated by task 209: [ 12.629154] kasan_save_stack+0x45/0x70 [ 12.629398] kasan_save_track+0x18/0x40 [ 12.629691] kasan_save_alloc_info+0x3b/0x50 [ 12.629899] __kasan_kmalloc+0xb7/0xc0 [ 12.630153] __kmalloc_cache_noprof+0x189/0x420 [ 12.630313] kmalloc_double_kzfree+0xa9/0x350 [ 12.630465] kunit_try_run_case+0x1a5/0x480 [ 12.630611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.630870] kthread+0x337/0x6f0 [ 12.631078] ret_from_fork+0x116/0x1d0 [ 12.631301] ret_from_fork_asm+0x1a/0x30 [ 12.631625] [ 12.631727] Freed by task 209: [ 12.631886] kasan_save_stack+0x45/0x70 [ 12.632087] kasan_save_track+0x18/0x40 [ 12.632272] kasan_save_free_info+0x3f/0x60 [ 12.632484] __kasan_slab_free+0x56/0x70 [ 12.632884] kfree+0x222/0x3f0 [ 12.633021] kfree_sensitive+0x67/0x90 [ 12.633416] kmalloc_double_kzfree+0x12b/0x350 [ 12.633753] kunit_try_run_case+0x1a5/0x480 [ 12.633927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.634105] kthread+0x337/0x6f0 [ 12.634229] ret_from_fork+0x116/0x1d0 [ 12.634361] ret_from_fork_asm+0x1a/0x30 [ 12.634501] [ 12.634573] The buggy address belongs to the object at ffff888102837200 [ 12.634573] which belongs to the cache kmalloc-16 of size 16 [ 12.635091] The buggy address is located 0 bytes inside of [ 12.635091] 16-byte region [ffff888102837200, ffff888102837210) [ 12.635589] [ 12.635687] The buggy address belongs to the physical page: [ 12.635887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 12.636231] flags: 0x200000000000000(node=0|zone=2) [ 12.636398] page_type: f5(slab) [ 12.636790] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.637286] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.637796] page dumped because: kasan: bad access detected [ 12.638148] [ 12.638220] Memory state around the buggy address: [ 12.638379] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 12.638967] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.639291] >ffff888102837200: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.639704] ^ [ 12.639876] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.640209] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.640455] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.592997] ================================================================== [ 12.593621] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.594091] Read of size 1 at addr ffff888102837200 by task kunit_try_catch/209 [ 12.594653] [ 12.594864] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.594923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.594935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.594957] Call Trace: [ 12.594979] <TASK> [ 12.594995] dump_stack_lvl+0x73/0xb0 [ 12.595028] print_report+0xd1/0x610 [ 12.595062] ? __virt_addr_valid+0x1db/0x2d0 [ 12.595086] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.595109] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.595132] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.595155] kasan_report+0x141/0x180 [ 12.595177] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.595204] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.595227] __kasan_check_byte+0x3d/0x50 [ 12.595249] kfree_sensitive+0x22/0x90 [ 12.595281] kmalloc_double_kzfree+0x19c/0x350 [ 12.595305] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.595328] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.595364] ? trace_hardirqs_on+0x37/0xe0 [ 12.595387] ? __pfx_read_tsc+0x10/0x10 [ 12.595408] ? ktime_get_ts64+0x86/0x230 [ 12.595432] kunit_try_run_case+0x1a5/0x480 [ 12.595457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.595490] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.595516] ? __kthread_parkme+0x82/0x180 [ 12.595598] ? preempt_count_sub+0x50/0x80 [ 12.595624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.595648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.595672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.595695] kthread+0x337/0x6f0 [ 12.595714] ? trace_preempt_on+0x20/0xc0 [ 12.595736] ? __pfx_kthread+0x10/0x10 [ 12.595756] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.595777] ? calculate_sigpending+0x7b/0xa0 [ 12.595801] ? __pfx_kthread+0x10/0x10 [ 12.595822] ret_from_fork+0x116/0x1d0 [ 12.595839] ? __pfx_kthread+0x10/0x10 [ 12.595859] ret_from_fork_asm+0x1a/0x30 [ 12.595902] </TASK> [ 12.595913] [ 12.604583] Allocated by task 209: [ 12.604828] kasan_save_stack+0x45/0x70 [ 12.605091] kasan_save_track+0x18/0x40 [ 12.605286] kasan_save_alloc_info+0x3b/0x50 [ 12.605505] __kasan_kmalloc+0xb7/0xc0 [ 12.605637] __kmalloc_cache_noprof+0x189/0x420 [ 12.605796] kmalloc_double_kzfree+0xa9/0x350 [ 12.606218] kunit_try_run_case+0x1a5/0x480 [ 12.606441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.606728] kthread+0x337/0x6f0 [ 12.606931] ret_from_fork+0x116/0x1d0 [ 12.607138] ret_from_fork_asm+0x1a/0x30 [ 12.607332] [ 12.607442] Freed by task 209: [ 12.607660] kasan_save_stack+0x45/0x70 [ 12.607858] kasan_save_track+0x18/0x40 [ 12.608146] kasan_save_free_info+0x3f/0x60 [ 12.608331] __kasan_slab_free+0x56/0x70 [ 12.608604] kfree+0x222/0x3f0 [ 12.608744] kfree_sensitive+0x67/0x90 [ 12.608958] kmalloc_double_kzfree+0x12b/0x350 [ 12.609177] kunit_try_run_case+0x1a5/0x480 [ 12.609344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.609521] kthread+0x337/0x6f0 [ 12.609695] ret_from_fork+0x116/0x1d0 [ 12.610202] ret_from_fork_asm+0x1a/0x30 [ 12.610409] [ 12.610525] The buggy address belongs to the object at ffff888102837200 [ 12.610525] which belongs to the cache kmalloc-16 of size 16 [ 12.610944] The buggy address is located 0 bytes inside of [ 12.610944] freed 16-byte region [ffff888102837200, ffff888102837210) [ 12.611289] [ 12.611361] The buggy address belongs to the physical page: [ 12.611587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 12.612193] flags: 0x200000000000000(node=0|zone=2) [ 12.612445] page_type: f5(slab) [ 12.612706] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.612970] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.613310] page dumped because: kasan: bad access detected [ 12.613613] [ 12.613832] Memory state around the buggy address: [ 12.614124] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 12.614396] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.614800] >ffff888102837200: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.615129] ^ [ 12.615249] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.615465] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.615847] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.551124] ================================================================== [ 12.552679] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.553299] Read of size 1 at addr ffff888102e2d9a8 by task kunit_try_catch/205 [ 12.554265] [ 12.554369] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.554415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.554427] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.554448] Call Trace: [ 12.554461] <TASK> [ 12.554479] dump_stack_lvl+0x73/0xb0 [ 12.554510] print_report+0xd1/0x610 [ 12.554734] ? __virt_addr_valid+0x1db/0x2d0 [ 12.554792] ? kmalloc_uaf2+0x4a8/0x520 [ 12.554820] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.554842] ? kmalloc_uaf2+0x4a8/0x520 [ 12.554913] kasan_report+0x141/0x180 [ 12.554936] ? kmalloc_uaf2+0x4a8/0x520 [ 12.554962] __asan_report_load1_noabort+0x18/0x20 [ 12.554986] kmalloc_uaf2+0x4a8/0x520 [ 12.555006] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.555025] ? finish_task_switch.isra.0+0x153/0x700 [ 12.555049] ? __switch_to+0x47/0xf50 [ 12.555076] ? __schedule+0x10cc/0x2b60 [ 12.555099] ? __pfx_read_tsc+0x10/0x10 [ 12.555120] ? ktime_get_ts64+0x86/0x230 [ 12.555146] kunit_try_run_case+0x1a5/0x480 [ 12.555170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.555192] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.555216] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.555239] ? __kthread_parkme+0x82/0x180 [ 12.555260] ? preempt_count_sub+0x50/0x80 [ 12.555283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.555306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.555329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.555352] kthread+0x337/0x6f0 [ 12.555371] ? trace_preempt_on+0x20/0xc0 [ 12.555395] ? __pfx_kthread+0x10/0x10 [ 12.555415] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.555436] ? calculate_sigpending+0x7b/0xa0 [ 12.555460] ? __pfx_kthread+0x10/0x10 [ 12.555481] ret_from_fork+0x116/0x1d0 [ 12.555500] ? __pfx_kthread+0x10/0x10 [ 12.555520] ret_from_fork_asm+0x1a/0x30 [ 12.555560] </TASK> [ 12.555571] [ 12.569176] Allocated by task 205: [ 12.569531] kasan_save_stack+0x45/0x70 [ 12.569909] kasan_save_track+0x18/0x40 [ 12.570188] kasan_save_alloc_info+0x3b/0x50 [ 12.570339] __kasan_kmalloc+0xb7/0xc0 [ 12.570470] __kmalloc_cache_noprof+0x189/0x420 [ 12.570855] kmalloc_uaf2+0xc6/0x520 [ 12.571232] kunit_try_run_case+0x1a5/0x480 [ 12.571804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.572458] kthread+0x337/0x6f0 [ 12.572859] ret_from_fork+0x116/0x1d0 [ 12.573252] ret_from_fork_asm+0x1a/0x30 [ 12.573599] [ 12.573842] Freed by task 205: [ 12.574253] kasan_save_stack+0x45/0x70 [ 12.574693] kasan_save_track+0x18/0x40 [ 12.574983] kasan_save_free_info+0x3f/0x60 [ 12.575229] __kasan_slab_free+0x56/0x70 [ 12.575655] kfree+0x222/0x3f0 [ 12.575965] kmalloc_uaf2+0x14c/0x520 [ 12.576356] kunit_try_run_case+0x1a5/0x480 [ 12.576794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.577034] kthread+0x337/0x6f0 [ 12.577384] ret_from_fork+0x116/0x1d0 [ 12.577781] ret_from_fork_asm+0x1a/0x30 [ 12.578063] [ 12.578283] The buggy address belongs to the object at ffff888102e2d980 [ 12.578283] which belongs to the cache kmalloc-64 of size 64 [ 12.579225] The buggy address is located 40 bytes inside of [ 12.579225] freed 64-byte region [ffff888102e2d980, ffff888102e2d9c0) [ 12.580273] [ 12.580350] The buggy address belongs to the physical page: [ 12.580525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e2d [ 12.580771] flags: 0x200000000000000(node=0|zone=2) [ 12.580955] page_type: f5(slab) [ 12.581119] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.581419] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.581694] page dumped because: kasan: bad access detected [ 12.582090] [ 12.582185] Memory state around the buggy address: [ 12.582349] ffff888102e2d880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.582975] ffff888102e2d900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.583227] >ffff888102e2d980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.583577] ^ [ 12.583804] ffff888102e2da00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.584174] ffff888102e2da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.584458] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.525273] ================================================================== [ 12.525761] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.526092] Write of size 33 at addr ffff888102e2d900 by task kunit_try_catch/203 [ 12.526382] [ 12.526490] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.526534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.526545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.526567] Call Trace: [ 12.526578] <TASK> [ 12.526596] dump_stack_lvl+0x73/0xb0 [ 12.526624] print_report+0xd1/0x610 [ 12.526646] ? __virt_addr_valid+0x1db/0x2d0 [ 12.526669] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.526689] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.526710] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.526730] kasan_report+0x141/0x180 [ 12.526751] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.526782] kasan_check_range+0x10c/0x1c0 [ 12.526805] __asan_memset+0x27/0x50 [ 12.526823] kmalloc_uaf_memset+0x1a3/0x360 [ 12.526842] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.526863] ? __schedule+0x10cc/0x2b60 [ 12.526884] ? __pfx_read_tsc+0x10/0x10 [ 12.526945] ? ktime_get_ts64+0x86/0x230 [ 12.526987] kunit_try_run_case+0x1a5/0x480 [ 12.527012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.527033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.527058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.527081] ? __kthread_parkme+0x82/0x180 [ 12.527101] ? preempt_count_sub+0x50/0x80 [ 12.527125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.527148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.527171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.527194] kthread+0x337/0x6f0 [ 12.527213] ? trace_preempt_on+0x20/0xc0 [ 12.527236] ? __pfx_kthread+0x10/0x10 [ 12.527256] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.527276] ? calculate_sigpending+0x7b/0xa0 [ 12.527325] ? __pfx_kthread+0x10/0x10 [ 12.527345] ret_from_fork+0x116/0x1d0 [ 12.527363] ? __pfx_kthread+0x10/0x10 [ 12.527382] ret_from_fork_asm+0x1a/0x30 [ 12.527414] </TASK> [ 12.527425] [ 12.535349] Allocated by task 203: [ 12.535608] kasan_save_stack+0x45/0x70 [ 12.535844] kasan_save_track+0x18/0x40 [ 12.536048] kasan_save_alloc_info+0x3b/0x50 [ 12.536251] __kasan_kmalloc+0xb7/0xc0 [ 12.536422] __kmalloc_cache_noprof+0x189/0x420 [ 12.536703] kmalloc_uaf_memset+0xa9/0x360 [ 12.536948] kunit_try_run_case+0x1a5/0x480 [ 12.537172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.537391] kthread+0x337/0x6f0 [ 12.537656] ret_from_fork+0x116/0x1d0 [ 12.537841] ret_from_fork_asm+0x1a/0x30 [ 12.538113] [ 12.538229] Freed by task 203: [ 12.538414] kasan_save_stack+0x45/0x70 [ 12.538686] kasan_save_track+0x18/0x40 [ 12.538887] kasan_save_free_info+0x3f/0x60 [ 12.539130] __kasan_slab_free+0x56/0x70 [ 12.539324] kfree+0x222/0x3f0 [ 12.539486] kmalloc_uaf_memset+0x12b/0x360 [ 12.539700] kunit_try_run_case+0x1a5/0x480 [ 12.539916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.540220] kthread+0x337/0x6f0 [ 12.540360] ret_from_fork+0x116/0x1d0 [ 12.540663] ret_from_fork_asm+0x1a/0x30 [ 12.540885] [ 12.540994] The buggy address belongs to the object at ffff888102e2d900 [ 12.540994] which belongs to the cache kmalloc-64 of size 64 [ 12.541500] The buggy address is located 0 bytes inside of [ 12.541500] freed 64-byte region [ffff888102e2d900, ffff888102e2d940) [ 12.542111] [ 12.542228] The buggy address belongs to the physical page: [ 12.542482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e2d [ 12.542910] flags: 0x200000000000000(node=0|zone=2) [ 12.543187] page_type: f5(slab) [ 12.543342] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.543789] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.544192] page dumped because: kasan: bad access detected [ 12.544449] [ 12.544611] Memory state around the buggy address: [ 12.544840] ffff888102e2d800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.545163] ffff888102e2d880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.545478] >ffff888102e2d900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.545784] ^ [ 12.545954] ffff888102e2d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.546167] ffff888102e2da00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.546377] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.486465] ================================================================== [ 12.488158] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.489267] Read of size 1 at addr ffff8881028371e8 by task kunit_try_catch/201 [ 12.490196] [ 12.490307] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.490357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.490368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.490391] Call Trace: [ 12.490404] <TASK> [ 12.490424] dump_stack_lvl+0x73/0xb0 [ 12.490459] print_report+0xd1/0x610 [ 12.490481] ? __virt_addr_valid+0x1db/0x2d0 [ 12.490506] ? kmalloc_uaf+0x320/0x380 [ 12.491134] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.491164] ? kmalloc_uaf+0x320/0x380 [ 12.491186] kasan_report+0x141/0x180 [ 12.491208] ? kmalloc_uaf+0x320/0x380 [ 12.491233] __asan_report_load1_noabort+0x18/0x20 [ 12.491258] kmalloc_uaf+0x320/0x380 [ 12.491277] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.491297] ? __schedule+0x10cc/0x2b60 [ 12.491321] ? __pfx_read_tsc+0x10/0x10 [ 12.491342] ? ktime_get_ts64+0x86/0x230 [ 12.491369] kunit_try_run_case+0x1a5/0x480 [ 12.491394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.491415] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.491440] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.491463] ? __kthread_parkme+0x82/0x180 [ 12.491483] ? preempt_count_sub+0x50/0x80 [ 12.491508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.491543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.491566] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.491589] kthread+0x337/0x6f0 [ 12.491608] ? trace_preempt_on+0x20/0xc0 [ 12.491632] ? __pfx_kthread+0x10/0x10 [ 12.491651] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.491672] ? calculate_sigpending+0x7b/0xa0 [ 12.491696] ? __pfx_kthread+0x10/0x10 [ 12.491717] ret_from_fork+0x116/0x1d0 [ 12.491735] ? __pfx_kthread+0x10/0x10 [ 12.491754] ret_from_fork_asm+0x1a/0x30 [ 12.491787] </TASK> [ 12.491798] [ 12.503445] Allocated by task 201: [ 12.503832] kasan_save_stack+0x45/0x70 [ 12.504187] kasan_save_track+0x18/0x40 [ 12.504362] kasan_save_alloc_info+0x3b/0x50 [ 12.504702] __kasan_kmalloc+0xb7/0xc0 [ 12.504930] __kmalloc_cache_noprof+0x189/0x420 [ 12.505390] kmalloc_uaf+0xaa/0x380 [ 12.505530] kunit_try_run_case+0x1a5/0x480 [ 12.505968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.506239] kthread+0x337/0x6f0 [ 12.506532] ret_from_fork+0x116/0x1d0 [ 12.506814] ret_from_fork_asm+0x1a/0x30 [ 12.507263] [ 12.507522] Freed by task 201: [ 12.507936] kasan_save_stack+0x45/0x70 [ 12.508180] kasan_save_track+0x18/0x40 [ 12.508321] kasan_save_free_info+0x3f/0x60 [ 12.508471] __kasan_slab_free+0x56/0x70 [ 12.508929] kfree+0x222/0x3f0 [ 12.509280] kmalloc_uaf+0x12c/0x380 [ 12.509665] kunit_try_run_case+0x1a5/0x480 [ 12.510162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.510709] kthread+0x337/0x6f0 [ 12.511132] ret_from_fork+0x116/0x1d0 [ 12.511537] ret_from_fork_asm+0x1a/0x30 [ 12.511744] [ 12.511832] The buggy address belongs to the object at ffff8881028371e0 [ 12.511832] which belongs to the cache kmalloc-16 of size 16 [ 12.512212] The buggy address is located 8 bytes inside of [ 12.512212] freed 16-byte region [ffff8881028371e0, ffff8881028371f0) [ 12.512558] [ 12.512631] The buggy address belongs to the physical page: [ 12.512806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 12.513487] flags: 0x200000000000000(node=0|zone=2) [ 12.514017] page_type: f5(slab) [ 12.514358] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.515120] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.515862] page dumped because: kasan: bad access detected [ 12.516522] [ 12.516678] Memory state around the buggy address: [ 12.517222] ffff888102837080: 00 04 fc fc 00 04 fc fc 00 05 fc fc 00 05 fc fc [ 12.517977] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 12.518706] >ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.519436] ^ [ 12.520114] ffff888102837200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.520792] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.521455] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.463821] ================================================================== [ 12.464360] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.464685] Read of size 64 at addr ffff888102e2d784 by task kunit_try_catch/199 [ 12.465161] [ 12.465280] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.465327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.465338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.465359] Call Trace: [ 12.465370] <TASK> [ 12.465387] dump_stack_lvl+0x73/0xb0 [ 12.465416] print_report+0xd1/0x610 [ 12.465439] ? __virt_addr_valid+0x1db/0x2d0 [ 12.465462] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.465487] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.465509] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.465533] kasan_report+0x141/0x180 [ 12.465556] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.465586] kasan_check_range+0x10c/0x1c0 [ 12.465609] __asan_memmove+0x27/0x70 [ 12.465628] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.465653] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.465679] ? __schedule+0x10cc/0x2b60 [ 12.465701] ? __pfx_read_tsc+0x10/0x10 [ 12.465722] ? ktime_get_ts64+0x86/0x230 [ 12.465747] kunit_try_run_case+0x1a5/0x480 [ 12.465771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.465793] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.465817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.465840] ? __kthread_parkme+0x82/0x180 [ 12.465861] ? preempt_count_sub+0x50/0x80 [ 12.465885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.465923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.465947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.465970] kthread+0x337/0x6f0 [ 12.466035] ? trace_preempt_on+0x20/0xc0 [ 12.466061] ? __pfx_kthread+0x10/0x10 [ 12.466082] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.466103] ? calculate_sigpending+0x7b/0xa0 [ 12.466127] ? __pfx_kthread+0x10/0x10 [ 12.466148] ret_from_fork+0x116/0x1d0 [ 12.466167] ? __pfx_kthread+0x10/0x10 [ 12.466187] ret_from_fork_asm+0x1a/0x30 [ 12.466219] </TASK> [ 12.466229] [ 12.473833] Allocated by task 199: [ 12.474027] kasan_save_stack+0x45/0x70 [ 12.474175] kasan_save_track+0x18/0x40 [ 12.474311] kasan_save_alloc_info+0x3b/0x50 [ 12.474462] __kasan_kmalloc+0xb7/0xc0 [ 12.474860] __kmalloc_cache_noprof+0x189/0x420 [ 12.475106] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.475367] kunit_try_run_case+0x1a5/0x480 [ 12.475644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.475913] kthread+0x337/0x6f0 [ 12.476107] ret_from_fork+0x116/0x1d0 [ 12.476297] ret_from_fork_asm+0x1a/0x30 [ 12.476475] [ 12.476635] The buggy address belongs to the object at ffff888102e2d780 [ 12.476635] which belongs to the cache kmalloc-64 of size 64 [ 12.477068] The buggy address is located 4 bytes inside of [ 12.477068] allocated 64-byte region [ffff888102e2d780, ffff888102e2d7c0) [ 12.477427] [ 12.477581] The buggy address belongs to the physical page: [ 12.477838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e2d [ 12.478224] flags: 0x200000000000000(node=0|zone=2) [ 12.478459] page_type: f5(slab) [ 12.478692] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.478948] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.479264] page dumped because: kasan: bad access detected [ 12.479734] [ 12.479833] Memory state around the buggy address: [ 12.480071] ffff888102e2d680: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 12.480406] ffff888102e2d700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.480770] >ffff888102e2d780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.481079] ^ [ 12.481250] ffff888102e2d800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.481466] ffff888102e2d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.481827] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.439801] ================================================================== [ 12.440387] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.440789] Read of size 18446744073709551614 at addr ffff888102e2d604 by task kunit_try_catch/197 [ 12.441377] [ 12.441502] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.441548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.441559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.441580] Call Trace: [ 12.441647] <TASK> [ 12.441666] dump_stack_lvl+0x73/0xb0 [ 12.441698] print_report+0xd1/0x610 [ 12.441720] ? __virt_addr_valid+0x1db/0x2d0 [ 12.441743] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.441768] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.441791] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.441837] kasan_report+0x141/0x180 [ 12.441859] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.441904] kasan_check_range+0x10c/0x1c0 [ 12.441929] __asan_memmove+0x27/0x70 [ 12.441948] kmalloc_memmove_negative_size+0x171/0x330 [ 12.441973] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.442003] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.442033] kunit_try_run_case+0x1a5/0x480 [ 12.442058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.442080] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.442105] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.442128] ? __kthread_parkme+0x82/0x180 [ 12.442149] ? preempt_count_sub+0x50/0x80 [ 12.442173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.442197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.442220] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.442244] kthread+0x337/0x6f0 [ 12.442262] ? trace_preempt_on+0x20/0xc0 [ 12.442286] ? __pfx_kthread+0x10/0x10 [ 12.442306] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.442327] ? calculate_sigpending+0x7b/0xa0 [ 12.442351] ? __pfx_kthread+0x10/0x10 [ 12.442372] ret_from_fork+0x116/0x1d0 [ 12.442391] ? __pfx_kthread+0x10/0x10 [ 12.442411] ret_from_fork_asm+0x1a/0x30 [ 12.442444] </TASK> [ 12.442455] [ 12.450089] Allocated by task 197: [ 12.450226] kasan_save_stack+0x45/0x70 [ 12.450374] kasan_save_track+0x18/0x40 [ 12.450770] kasan_save_alloc_info+0x3b/0x50 [ 12.451031] __kasan_kmalloc+0xb7/0xc0 [ 12.451266] __kmalloc_cache_noprof+0x189/0x420 [ 12.451865] kmalloc_memmove_negative_size+0xac/0x330 [ 12.452117] kunit_try_run_case+0x1a5/0x480 [ 12.452324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.452588] kthread+0x337/0x6f0 [ 12.452766] ret_from_fork+0x116/0x1d0 [ 12.452939] ret_from_fork_asm+0x1a/0x30 [ 12.453199] [ 12.453273] The buggy address belongs to the object at ffff888102e2d600 [ 12.453273] which belongs to the cache kmalloc-64 of size 64 [ 12.453960] The buggy address is located 4 bytes inside of [ 12.453960] 64-byte region [ffff888102e2d600, ffff888102e2d640) [ 12.454333] [ 12.454407] The buggy address belongs to the physical page: [ 12.454582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e2d [ 12.455210] flags: 0x200000000000000(node=0|zone=2) [ 12.455736] page_type: f5(slab) [ 12.455922] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.456200] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.456429] page dumped because: kasan: bad access detected [ 12.456761] [ 12.456859] Memory state around the buggy address: [ 12.457103] ffff888102e2d500: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 12.457425] ffff888102e2d580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.457745] >ffff888102e2d600: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.458211] ^ [ 12.458336] ffff888102e2d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.458628] ffff888102e2d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.459084] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.408949] ================================================================== [ 12.410076] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.410912] Write of size 16 at addr ffff888102e24669 by task kunit_try_catch/195 [ 12.411757] [ 12.411969] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.412020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.412031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.412053] Call Trace: [ 12.412064] <TASK> [ 12.412082] dump_stack_lvl+0x73/0xb0 [ 12.412114] print_report+0xd1/0x610 [ 12.412155] ? __virt_addr_valid+0x1db/0x2d0 [ 12.412178] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.412200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.412222] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.412244] kasan_report+0x141/0x180 [ 12.412266] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.412294] kasan_check_range+0x10c/0x1c0 [ 12.412317] __asan_memset+0x27/0x50 [ 12.412336] kmalloc_oob_memset_16+0x166/0x330 [ 12.412358] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.412380] ? __schedule+0x10cc/0x2b60 [ 12.412403] ? __pfx_read_tsc+0x10/0x10 [ 12.412423] ? ktime_get_ts64+0x86/0x230 [ 12.412448] kunit_try_run_case+0x1a5/0x480 [ 12.412473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.412494] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.412518] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.412541] ? __kthread_parkme+0x82/0x180 [ 12.412561] ? preempt_count_sub+0x50/0x80 [ 12.412586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.412609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.412632] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.412655] kthread+0x337/0x6f0 [ 12.412674] ? trace_preempt_on+0x20/0xc0 [ 12.412697] ? __pfx_kthread+0x10/0x10 [ 12.412717] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.412738] ? calculate_sigpending+0x7b/0xa0 [ 12.412762] ? __pfx_kthread+0x10/0x10 [ 12.412783] ret_from_fork+0x116/0x1d0 [ 12.412800] ? __pfx_kthread+0x10/0x10 [ 12.412820] ret_from_fork_asm+0x1a/0x30 [ 12.412852] </TASK> [ 12.412864] [ 12.424799] Allocated by task 195: [ 12.425233] kasan_save_stack+0x45/0x70 [ 12.425620] kasan_save_track+0x18/0x40 [ 12.425971] kasan_save_alloc_info+0x3b/0x50 [ 12.426378] __kasan_kmalloc+0xb7/0xc0 [ 12.426790] __kmalloc_cache_noprof+0x189/0x420 [ 12.427269] kmalloc_oob_memset_16+0xac/0x330 [ 12.427680] kunit_try_run_case+0x1a5/0x480 [ 12.428110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.428592] kthread+0x337/0x6f0 [ 12.428804] ret_from_fork+0x116/0x1d0 [ 12.428949] ret_from_fork_asm+0x1a/0x30 [ 12.429185] [ 12.429258] The buggy address belongs to the object at ffff888102e24600 [ 12.429258] which belongs to the cache kmalloc-128 of size 128 [ 12.429622] The buggy address is located 105 bytes inside of [ 12.429622] allocated 120-byte region [ffff888102e24600, ffff888102e24678) [ 12.430000] [ 12.430075] The buggy address belongs to the physical page: [ 12.430324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e24 [ 12.430680] flags: 0x200000000000000(node=0|zone=2) [ 12.430935] page_type: f5(slab) [ 12.431170] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.431463] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.431736] page dumped because: kasan: bad access detected [ 12.431932] [ 12.432021] Memory state around the buggy address: [ 12.432251] ffff888102e24500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.432660] ffff888102e24580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.432935] >ffff888102e24600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.433161] ^ [ 12.433480] ffff888102e24680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.433804] ffff888102e24700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.434252] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.383151] ================================================================== [ 12.383808] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.384321] Write of size 8 at addr ffff888102e24571 by task kunit_try_catch/193 [ 12.384768] [ 12.384903] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.385076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.385087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.385111] Call Trace: [ 12.385122] <TASK> [ 12.385139] dump_stack_lvl+0x73/0xb0 [ 12.385172] print_report+0xd1/0x610 [ 12.385194] ? __virt_addr_valid+0x1db/0x2d0 [ 12.385218] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.385239] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.385262] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.385283] kasan_report+0x141/0x180 [ 12.385305] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.385332] kasan_check_range+0x10c/0x1c0 [ 12.385355] __asan_memset+0x27/0x50 [ 12.385374] kmalloc_oob_memset_8+0x166/0x330 [ 12.385395] ? __kasan_check_write+0x18/0x20 [ 12.385437] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.385459] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.385485] ? trace_hardirqs_on+0x37/0xe0 [ 12.385509] ? __pfx_read_tsc+0x10/0x10 [ 12.385531] ? ktime_get_ts64+0x86/0x230 [ 12.385603] kunit_try_run_case+0x1a5/0x480 [ 12.385629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.385653] ? queued_spin_lock_slowpath+0x116/0xb40 [ 12.385678] ? __kthread_parkme+0x82/0x180 [ 12.385699] ? preempt_count_sub+0x50/0x80 [ 12.385724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.385747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.385771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.385795] kthread+0x337/0x6f0 [ 12.385813] ? trace_preempt_on+0x20/0xc0 [ 12.385835] ? __pfx_kthread+0x10/0x10 [ 12.385855] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.385876] ? calculate_sigpending+0x7b/0xa0 [ 12.385912] ? __pfx_kthread+0x10/0x10 [ 12.385933] ret_from_fork+0x116/0x1d0 [ 12.385952] ? __pfx_kthread+0x10/0x10 [ 12.385972] ret_from_fork_asm+0x1a/0x30 [ 12.386016] </TASK> [ 12.386027] [ 12.394118] Allocated by task 193: [ 12.394301] kasan_save_stack+0x45/0x70 [ 12.394527] kasan_save_track+0x18/0x40 [ 12.394725] kasan_save_alloc_info+0x3b/0x50 [ 12.394971] __kasan_kmalloc+0xb7/0xc0 [ 12.395162] __kmalloc_cache_noprof+0x189/0x420 [ 12.395357] kmalloc_oob_memset_8+0xac/0x330 [ 12.395710] kunit_try_run_case+0x1a5/0x480 [ 12.396087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.396350] kthread+0x337/0x6f0 [ 12.396499] ret_from_fork+0x116/0x1d0 [ 12.396682] ret_from_fork_asm+0x1a/0x30 [ 12.396838] [ 12.396934] The buggy address belongs to the object at ffff888102e24500 [ 12.396934] which belongs to the cache kmalloc-128 of size 128 [ 12.397284] The buggy address is located 113 bytes inside of [ 12.397284] allocated 120-byte region [ffff888102e24500, ffff888102e24578) [ 12.397631] [ 12.397702] The buggy address belongs to the physical page: [ 12.398081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e24 [ 12.398439] flags: 0x200000000000000(node=0|zone=2) [ 12.398797] page_type: f5(slab) [ 12.399080] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.399404] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.399716] page dumped because: kasan: bad access detected [ 12.399974] [ 12.400065] Memory state around the buggy address: [ 12.400419] ffff888102e24400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.400689] ffff888102e24480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.400942] >ffff888102e24500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.401416] ^ [ 12.401866] ffff888102e24580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.402883] ffff888102e24600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.403958] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.355098] ================================================================== [ 12.355858] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.356562] Write of size 4 at addr ffff888102988675 by task kunit_try_catch/191 [ 12.356913] [ 12.357035] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.357080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.357208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.357237] Call Trace: [ 12.357248] <TASK> [ 12.357264] dump_stack_lvl+0x73/0xb0 [ 12.357296] print_report+0xd1/0x610 [ 12.357318] ? __virt_addr_valid+0x1db/0x2d0 [ 12.357341] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.357362] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.357404] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.357440] kasan_report+0x141/0x180 [ 12.357462] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.357489] kasan_check_range+0x10c/0x1c0 [ 12.357512] __asan_memset+0x27/0x50 [ 12.357574] kmalloc_oob_memset_4+0x166/0x330 [ 12.357600] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.357623] ? __schedule+0x10cc/0x2b60 [ 12.357645] ? __pfx_read_tsc+0x10/0x10 [ 12.357666] ? ktime_get_ts64+0x86/0x230 [ 12.357691] kunit_try_run_case+0x1a5/0x480 [ 12.357716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.357738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.357762] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.357785] ? __kthread_parkme+0x82/0x180 [ 12.357805] ? preempt_count_sub+0x50/0x80 [ 12.357830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.357853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.357876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.357913] kthread+0x337/0x6f0 [ 12.357931] ? trace_preempt_on+0x20/0xc0 [ 12.357955] ? __pfx_kthread+0x10/0x10 [ 12.357975] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.358004] ? calculate_sigpending+0x7b/0xa0 [ 12.358028] ? __pfx_kthread+0x10/0x10 [ 12.358049] ret_from_fork+0x116/0x1d0 [ 12.358067] ? __pfx_kthread+0x10/0x10 [ 12.358087] ret_from_fork_asm+0x1a/0x30 [ 12.358119] </TASK> [ 12.358129] [ 12.367113] Allocated by task 191: [ 12.367326] kasan_save_stack+0x45/0x70 [ 12.367525] kasan_save_track+0x18/0x40 [ 12.367764] kasan_save_alloc_info+0x3b/0x50 [ 12.368028] __kasan_kmalloc+0xb7/0xc0 [ 12.368204] __kmalloc_cache_noprof+0x189/0x420 [ 12.368437] kmalloc_oob_memset_4+0xac/0x330 [ 12.368857] kunit_try_run_case+0x1a5/0x480 [ 12.369089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.369316] kthread+0x337/0x6f0 [ 12.369438] ret_from_fork+0x116/0x1d0 [ 12.369596] ret_from_fork_asm+0x1a/0x30 [ 12.369792] [ 12.369937] The buggy address belongs to the object at ffff888102988600 [ 12.369937] which belongs to the cache kmalloc-128 of size 128 [ 12.370864] The buggy address is located 117 bytes inside of [ 12.370864] allocated 120-byte region [ffff888102988600, ffff888102988678) [ 12.371272] [ 12.371346] The buggy address belongs to the physical page: [ 12.371523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 12.371765] flags: 0x200000000000000(node=0|zone=2) [ 12.371944] page_type: f5(slab) [ 12.372066] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.372382] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.372613] page dumped because: kasan: bad access detected [ 12.372786] [ 12.372857] Memory state around the buggy address: [ 12.373034] ffff888102988500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.373341] ffff888102988580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.373662] >ffff888102988600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.374138] ^ [ 12.374429] ffff888102988680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.374645] ffff888102988700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.374867] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.331887] ================================================================== [ 12.332389] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.333001] Write of size 2 at addr ffff888102e24477 by task kunit_try_catch/189 [ 12.333293] [ 12.333426] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.333472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.333483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.333504] Call Trace: [ 12.333516] <TASK> [ 12.333575] dump_stack_lvl+0x73/0xb0 [ 12.333609] print_report+0xd1/0x610 [ 12.333631] ? __virt_addr_valid+0x1db/0x2d0 [ 12.333654] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.333697] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.333719] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.333756] kasan_report+0x141/0x180 [ 12.333778] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.333805] kasan_check_range+0x10c/0x1c0 [ 12.333829] __asan_memset+0x27/0x50 [ 12.333848] kmalloc_oob_memset_2+0x166/0x330 [ 12.333870] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.333903] ? __schedule+0x10cc/0x2b60 [ 12.333926] ? __pfx_read_tsc+0x10/0x10 [ 12.333947] ? ktime_get_ts64+0x86/0x230 [ 12.333972] kunit_try_run_case+0x1a5/0x480 [ 12.334008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.334029] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.334053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.334077] ? __kthread_parkme+0x82/0x180 [ 12.334097] ? preempt_count_sub+0x50/0x80 [ 12.334121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.334145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.334168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.334192] kthread+0x337/0x6f0 [ 12.334210] ? trace_preempt_on+0x20/0xc0 [ 12.334234] ? __pfx_kthread+0x10/0x10 [ 12.334254] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.334274] ? calculate_sigpending+0x7b/0xa0 [ 12.334298] ? __pfx_kthread+0x10/0x10 [ 12.334319] ret_from_fork+0x116/0x1d0 [ 12.334337] ? __pfx_kthread+0x10/0x10 [ 12.334357] ret_from_fork_asm+0x1a/0x30 [ 12.334388] </TASK> [ 12.334399] [ 12.342413] Allocated by task 189: [ 12.342600] kasan_save_stack+0x45/0x70 [ 12.342751] kasan_save_track+0x18/0x40 [ 12.342889] kasan_save_alloc_info+0x3b/0x50 [ 12.343044] __kasan_kmalloc+0xb7/0xc0 [ 12.343475] __kmalloc_cache_noprof+0x189/0x420 [ 12.343967] kmalloc_oob_memset_2+0xac/0x330 [ 12.344211] kunit_try_run_case+0x1a5/0x480 [ 12.344372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.344557] kthread+0x337/0x6f0 [ 12.344720] ret_from_fork+0x116/0x1d0 [ 12.344921] ret_from_fork_asm+0x1a/0x30 [ 12.345327] [ 12.345425] The buggy address belongs to the object at ffff888102e24400 [ 12.345425] which belongs to the cache kmalloc-128 of size 128 [ 12.345875] The buggy address is located 119 bytes inside of [ 12.345875] allocated 120-byte region [ffff888102e24400, ffff888102e24478) [ 12.346682] [ 12.346787] The buggy address belongs to the physical page: [ 12.347031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e24 [ 12.347375] flags: 0x200000000000000(node=0|zone=2) [ 12.347615] page_type: f5(slab) [ 12.347817] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.348169] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.348484] page dumped because: kasan: bad access detected [ 12.348812] [ 12.348990] Memory state around the buggy address: [ 12.349469] ffff888102e24300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.350156] ffff888102e24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.350463] >ffff888102e24400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.350727] ^ [ 12.350951] ffff888102e24480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.351593] ffff888102e24500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.351830] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.302517] ================================================================== [ 12.303025] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.303425] Write of size 128 at addr ffff888102e24300 by task kunit_try_catch/187 [ 12.303986] [ 12.304100] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.304147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.304158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.304180] Call Trace: [ 12.304192] <TASK> [ 12.304209] dump_stack_lvl+0x73/0xb0 [ 12.304243] print_report+0xd1/0x610 [ 12.304265] ? __virt_addr_valid+0x1db/0x2d0 [ 12.304289] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.304310] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.304332] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.304354] kasan_report+0x141/0x180 [ 12.304375] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.304403] kasan_check_range+0x10c/0x1c0 [ 12.304426] __asan_memset+0x27/0x50 [ 12.304444] kmalloc_oob_in_memset+0x15f/0x320 [ 12.304467] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.304490] ? __schedule+0x10cc/0x2b60 [ 12.304513] ? __pfx_read_tsc+0x10/0x10 [ 12.304598] ? ktime_get_ts64+0x86/0x230 [ 12.304626] kunit_try_run_case+0x1a5/0x480 [ 12.304651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.304673] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.304698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.304721] ? __kthread_parkme+0x82/0x180 [ 12.304741] ? preempt_count_sub+0x50/0x80 [ 12.304766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.304790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.304813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.304837] kthread+0x337/0x6f0 [ 12.304855] ? trace_preempt_on+0x20/0xc0 [ 12.304878] ? __pfx_kthread+0x10/0x10 [ 12.304910] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.304931] ? calculate_sigpending+0x7b/0xa0 [ 12.304956] ? __pfx_kthread+0x10/0x10 [ 12.304977] ret_from_fork+0x116/0x1d0 [ 12.305006] ? __pfx_kthread+0x10/0x10 [ 12.305026] ret_from_fork_asm+0x1a/0x30 [ 12.305058] </TASK> [ 12.305069] [ 12.314976] Allocated by task 187: [ 12.315170] kasan_save_stack+0x45/0x70 [ 12.315790] kasan_save_track+0x18/0x40 [ 12.316084] kasan_save_alloc_info+0x3b/0x50 [ 12.316296] __kasan_kmalloc+0xb7/0xc0 [ 12.316477] __kmalloc_cache_noprof+0x189/0x420 [ 12.316974] kmalloc_oob_in_memset+0xac/0x320 [ 12.317341] kunit_try_run_case+0x1a5/0x480 [ 12.317583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.318226] kthread+0x337/0x6f0 [ 12.318432] ret_from_fork+0x116/0x1d0 [ 12.318821] ret_from_fork_asm+0x1a/0x30 [ 12.319091] [ 12.319177] The buggy address belongs to the object at ffff888102e24300 [ 12.319177] which belongs to the cache kmalloc-128 of size 128 [ 12.320188] The buggy address is located 0 bytes inside of [ 12.320188] allocated 120-byte region [ffff888102e24300, ffff888102e24378) [ 12.320803] [ 12.321082] The buggy address belongs to the physical page: [ 12.321347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e24 [ 12.321932] flags: 0x200000000000000(node=0|zone=2) [ 12.322363] page_type: f5(slab) [ 12.322610] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.323295] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.323786] page dumped because: kasan: bad access detected [ 12.324110] [ 12.324216] Memory state around the buggy address: [ 12.324469] ffff888102e24200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.324977] ffff888102e24280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.325501] >ffff888102e24300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.326090] ^ [ 12.326382] ffff888102e24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.326750] ffff888102e24400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.327052] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.276387] ================================================================== [ 12.277137] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.277444] Read of size 16 at addr ffff8881028371c0 by task kunit_try_catch/185 [ 12.277846] [ 12.277980] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.278036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.278047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.278069] Call Trace: [ 12.278081] <TASK> [ 12.278098] dump_stack_lvl+0x73/0xb0 [ 12.278130] print_report+0xd1/0x610 [ 12.278151] ? __virt_addr_valid+0x1db/0x2d0 [ 12.278174] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.278193] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.278216] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.278237] kasan_report+0x141/0x180 [ 12.278258] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.278283] __asan_report_load16_noabort+0x18/0x20 [ 12.278308] kmalloc_uaf_16+0x47b/0x4c0 [ 12.278328] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.278351] ? __schedule+0x10cc/0x2b60 [ 12.278373] ? __pfx_read_tsc+0x10/0x10 [ 12.278393] ? ktime_get_ts64+0x86/0x230 [ 12.278417] kunit_try_run_case+0x1a5/0x480 [ 12.278442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.278464] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.278488] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.278512] ? __kthread_parkme+0x82/0x180 [ 12.278532] ? preempt_count_sub+0x50/0x80 [ 12.278556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.278580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.278603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.278626] kthread+0x337/0x6f0 [ 12.278645] ? trace_preempt_on+0x20/0xc0 [ 12.278669] ? __pfx_kthread+0x10/0x10 [ 12.278700] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.278721] ? calculate_sigpending+0x7b/0xa0 [ 12.278744] ? __pfx_kthread+0x10/0x10 [ 12.278770] ret_from_fork+0x116/0x1d0 [ 12.278787] ? __pfx_kthread+0x10/0x10 [ 12.278807] ret_from_fork_asm+0x1a/0x30 [ 12.278839] </TASK> [ 12.278849] [ 12.285937] Allocated by task 185: [ 12.286073] kasan_save_stack+0x45/0x70 [ 12.286283] kasan_save_track+0x18/0x40 [ 12.286490] kasan_save_alloc_info+0x3b/0x50 [ 12.286749] __kasan_kmalloc+0xb7/0xc0 [ 12.286951] __kmalloc_cache_noprof+0x189/0x420 [ 12.287232] kmalloc_uaf_16+0x15b/0x4c0 [ 12.287445] kunit_try_run_case+0x1a5/0x480 [ 12.287803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.288118] kthread+0x337/0x6f0 [ 12.288267] ret_from_fork+0x116/0x1d0 [ 12.288434] ret_from_fork_asm+0x1a/0x30 [ 12.288746] [ 12.288852] Freed by task 185: [ 12.289003] kasan_save_stack+0x45/0x70 [ 12.289192] kasan_save_track+0x18/0x40 [ 12.289329] kasan_save_free_info+0x3f/0x60 [ 12.289512] __kasan_slab_free+0x56/0x70 [ 12.289772] kfree+0x222/0x3f0 [ 12.289951] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.290154] kunit_try_run_case+0x1a5/0x480 [ 12.290350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.290615] kthread+0x337/0x6f0 [ 12.290743] ret_from_fork+0x116/0x1d0 [ 12.290913] ret_from_fork_asm+0x1a/0x30 [ 12.291104] [ 12.291175] The buggy address belongs to the object at ffff8881028371c0 [ 12.291175] which belongs to the cache kmalloc-16 of size 16 [ 12.291780] The buggy address is located 0 bytes inside of [ 12.291780] freed 16-byte region [ffff8881028371c0, ffff8881028371d0) [ 12.292145] [ 12.292218] The buggy address belongs to the physical page: [ 12.292397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 12.292642] flags: 0x200000000000000(node=0|zone=2) [ 12.292815] page_type: f5(slab) [ 12.292994] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.293418] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.294081] page dumped because: kasan: bad access detected [ 12.294335] [ 12.294425] Memory state around the buggy address: [ 12.294653] ffff888102837080: 00 04 fc fc 00 04 fc fc 00 05 fc fc 00 05 fc fc [ 12.294983] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 12.295207] >ffff888102837180: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 12.295420] ^ [ 12.295587] ffff888102837200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.295864] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.296348] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.251762] ================================================================== [ 12.252587] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.252857] Write of size 16 at addr ffff888101bcbdc0 by task kunit_try_catch/183 [ 12.253221] [ 12.253348] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.253395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.253407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.253430] Call Trace: [ 12.253445] <TASK> [ 12.253466] dump_stack_lvl+0x73/0xb0 [ 12.253500] print_report+0xd1/0x610 [ 12.253522] ? __virt_addr_valid+0x1db/0x2d0 [ 12.253547] ? kmalloc_oob_16+0x452/0x4a0 [ 12.253567] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.253590] ? kmalloc_oob_16+0x452/0x4a0 [ 12.253611] kasan_report+0x141/0x180 [ 12.253633] ? kmalloc_oob_16+0x452/0x4a0 [ 12.253660] __asan_report_store16_noabort+0x1b/0x30 [ 12.253684] kmalloc_oob_16+0x452/0x4a0 [ 12.253706] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.253746] ? __schedule+0x10cc/0x2b60 [ 12.253770] ? __pfx_read_tsc+0x10/0x10 [ 12.253791] ? ktime_get_ts64+0x86/0x230 [ 12.253818] kunit_try_run_case+0x1a5/0x480 [ 12.253844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.253865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.253890] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.253923] ? __kthread_parkme+0x82/0x180 [ 12.253944] ? preempt_count_sub+0x50/0x80 [ 12.253969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.253992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.254016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.254039] kthread+0x337/0x6f0 [ 12.254057] ? trace_preempt_on+0x20/0xc0 [ 12.254081] ? __pfx_kthread+0x10/0x10 [ 12.254101] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.254122] ? calculate_sigpending+0x7b/0xa0 [ 12.254146] ? __pfx_kthread+0x10/0x10 [ 12.254167] ret_from_fork+0x116/0x1d0 [ 12.254185] ? __pfx_kthread+0x10/0x10 [ 12.254205] ret_from_fork_asm+0x1a/0x30 [ 12.254238] </TASK> [ 12.254249] [ 12.261740] Allocated by task 183: [ 12.261937] kasan_save_stack+0x45/0x70 [ 12.262320] kasan_save_track+0x18/0x40 [ 12.262457] kasan_save_alloc_info+0x3b/0x50 [ 12.262606] __kasan_kmalloc+0xb7/0xc0 [ 12.262797] __kmalloc_cache_noprof+0x189/0x420 [ 12.263260] kmalloc_oob_16+0xa8/0x4a0 [ 12.263485] kunit_try_run_case+0x1a5/0x480 [ 12.263826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.264164] kthread+0x337/0x6f0 [ 12.264294] ret_from_fork+0x116/0x1d0 [ 12.264494] ret_from_fork_asm+0x1a/0x30 [ 12.264680] [ 12.264756] The buggy address belongs to the object at ffff888101bcbdc0 [ 12.264756] which belongs to the cache kmalloc-16 of size 16 [ 12.265125] The buggy address is located 0 bytes inside of [ 12.265125] allocated 13-byte region [ffff888101bcbdc0, ffff888101bcbdcd) [ 12.265901] [ 12.265992] The buggy address belongs to the physical page: [ 12.266244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bcb [ 12.266507] flags: 0x200000000000000(node=0|zone=2) [ 12.267087] page_type: f5(slab) [ 12.267268] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.267522] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.267871] page dumped because: kasan: bad access detected [ 12.268153] [ 12.268231] Memory state around the buggy address: [ 12.268407] ffff888101bcbc80: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 12.268626] ffff888101bcbd00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 12.268958] >ffff888101bcbd80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 12.269351] ^ [ 12.269776] ffff888101bcbe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.270150] ffff888101bcbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.270427] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.207919] ================================================================== [ 12.208760] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.209473] Read of size 1 at addr ffff888100a1ec00 by task kunit_try_catch/181 [ 12.210334] [ 12.210581] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.210626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.210637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.210658] Call Trace: [ 12.210672] <TASK> [ 12.210690] dump_stack_lvl+0x73/0xb0 [ 12.210720] print_report+0xd1/0x610 [ 12.210742] ? __virt_addr_valid+0x1db/0x2d0 [ 12.210771] ? krealloc_uaf+0x53c/0x5e0 [ 12.210792] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.210814] ? krealloc_uaf+0x53c/0x5e0 [ 12.210835] kasan_report+0x141/0x180 [ 12.210856] ? krealloc_uaf+0x53c/0x5e0 [ 12.210883] __asan_report_load1_noabort+0x18/0x20 [ 12.210916] krealloc_uaf+0x53c/0x5e0 [ 12.210937] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.210957] ? finish_task_switch.isra.0+0x153/0x700 [ 12.210979] ? __switch_to+0x47/0xf50 [ 12.211005] ? __schedule+0x10cc/0x2b60 [ 12.211027] ? __pfx_read_tsc+0x10/0x10 [ 12.211047] ? ktime_get_ts64+0x86/0x230 [ 12.211071] kunit_try_run_case+0x1a5/0x480 [ 12.211095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.211117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.211140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.211163] ? __kthread_parkme+0x82/0x180 [ 12.211183] ? preempt_count_sub+0x50/0x80 [ 12.211206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.211229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.211252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.211275] kthread+0x337/0x6f0 [ 12.211293] ? trace_preempt_on+0x20/0xc0 [ 12.211316] ? __pfx_kthread+0x10/0x10 [ 12.211335] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.211356] ? calculate_sigpending+0x7b/0xa0 [ 12.211381] ? __pfx_kthread+0x10/0x10 [ 12.211401] ret_from_fork+0x116/0x1d0 [ 12.211419] ? __pfx_kthread+0x10/0x10 [ 12.211439] ret_from_fork_asm+0x1a/0x30 [ 12.211470] </TASK> [ 12.211480] [ 12.225679] Allocated by task 181: [ 12.226192] kasan_save_stack+0x45/0x70 [ 12.226634] kasan_save_track+0x18/0x40 [ 12.227129] kasan_save_alloc_info+0x3b/0x50 [ 12.227671] __kasan_kmalloc+0xb7/0xc0 [ 12.228029] __kmalloc_cache_noprof+0x189/0x420 [ 12.228588] krealloc_uaf+0xbb/0x5e0 [ 12.229008] kunit_try_run_case+0x1a5/0x480 [ 12.229540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.230088] kthread+0x337/0x6f0 [ 12.230291] ret_from_fork+0x116/0x1d0 [ 12.230424] ret_from_fork_asm+0x1a/0x30 [ 12.230768] [ 12.230937] Freed by task 181: [ 12.231296] kasan_save_stack+0x45/0x70 [ 12.231720] kasan_save_track+0x18/0x40 [ 12.232132] kasan_save_free_info+0x3f/0x60 [ 12.232561] __kasan_slab_free+0x56/0x70 [ 12.232877] kfree+0x222/0x3f0 [ 12.233218] krealloc_uaf+0x13d/0x5e0 [ 12.233540] kunit_try_run_case+0x1a5/0x480 [ 12.233728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.234308] kthread+0x337/0x6f0 [ 12.234699] ret_from_fork+0x116/0x1d0 [ 12.235042] ret_from_fork_asm+0x1a/0x30 [ 12.235391] [ 12.235465] The buggy address belongs to the object at ffff888100a1ec00 [ 12.235465] which belongs to the cache kmalloc-256 of size 256 [ 12.235975] The buggy address is located 0 bytes inside of [ 12.235975] freed 256-byte region [ffff888100a1ec00, ffff888100a1ed00) [ 12.237310] [ 12.237541] The buggy address belongs to the physical page: [ 12.238173] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a1e [ 12.238903] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.239415] flags: 0x200000000000040(head|node=0|zone=2) [ 12.240009] page_type: f5(slab) [ 12.240280] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.240985] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.241503] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.242276] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.242977] head: 0200000000000001 ffffea0004028781 00000000ffffffff 00000000ffffffff [ 12.243495] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.244084] page dumped because: kasan: bad access detected [ 12.244316] [ 12.244487] Memory state around the buggy address: [ 12.245076] ffff888100a1eb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.245423] ffff888100a1eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.246174] >ffff888100a1ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.246713] ^ [ 12.246853] ffff888100a1ec80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.247326] ffff888100a1ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.248139] ================================================================== [ 12.165575] ================================================================== [ 12.166685] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.166951] Read of size 1 at addr ffff888100a1ec00 by task kunit_try_catch/181 [ 12.168149] [ 12.168443] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.168491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.168502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.168524] Call Trace: [ 12.168536] <TASK> [ 12.168554] dump_stack_lvl+0x73/0xb0 [ 12.168586] print_report+0xd1/0x610 [ 12.168609] ? __virt_addr_valid+0x1db/0x2d0 [ 12.168633] ? krealloc_uaf+0x1b8/0x5e0 [ 12.168654] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.168676] ? krealloc_uaf+0x1b8/0x5e0 [ 12.168697] kasan_report+0x141/0x180 [ 12.168719] ? krealloc_uaf+0x1b8/0x5e0 [ 12.168746] ? krealloc_uaf+0x1b8/0x5e0 [ 12.168770] __kasan_check_byte+0x3d/0x50 [ 12.168792] krealloc_noprof+0x3f/0x340 [ 12.168815] krealloc_uaf+0x1b8/0x5e0 [ 12.168836] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.168857] ? finish_task_switch.isra.0+0x153/0x700 [ 12.168881] ? __switch_to+0x47/0xf50 [ 12.168927] ? __schedule+0x10cc/0x2b60 [ 12.168952] ? __pfx_read_tsc+0x10/0x10 [ 12.168973] ? ktime_get_ts64+0x86/0x230 [ 12.168998] kunit_try_run_case+0x1a5/0x480 [ 12.169024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.169047] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.169071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.169093] ? __kthread_parkme+0x82/0x180 [ 12.169114] ? preempt_count_sub+0x50/0x80 [ 12.169137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.169160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.169184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.169207] kthread+0x337/0x6f0 [ 12.169226] ? trace_preempt_on+0x20/0xc0 [ 12.169250] ? __pfx_kthread+0x10/0x10 [ 12.169270] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.169291] ? calculate_sigpending+0x7b/0xa0 [ 12.169315] ? __pfx_kthread+0x10/0x10 [ 12.169335] ret_from_fork+0x116/0x1d0 [ 12.169353] ? __pfx_kthread+0x10/0x10 [ 12.169373] ret_from_fork_asm+0x1a/0x30 [ 12.169405] </TASK> [ 12.169416] [ 12.183751] Allocated by task 181: [ 12.184225] kasan_save_stack+0x45/0x70 [ 12.184639] kasan_save_track+0x18/0x40 [ 12.185075] kasan_save_alloc_info+0x3b/0x50 [ 12.185562] __kasan_kmalloc+0xb7/0xc0 [ 12.185950] __kmalloc_cache_noprof+0x189/0x420 [ 12.186406] krealloc_uaf+0xbb/0x5e0 [ 12.186809] kunit_try_run_case+0x1a5/0x480 [ 12.187266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.187840] kthread+0x337/0x6f0 [ 12.188150] ret_from_fork+0x116/0x1d0 [ 12.188647] ret_from_fork_asm+0x1a/0x30 [ 12.189138] [ 12.189370] Freed by task 181: [ 12.189767] kasan_save_stack+0x45/0x70 [ 12.190252] kasan_save_track+0x18/0x40 [ 12.190668] kasan_save_free_info+0x3f/0x60 [ 12.191142] __kasan_slab_free+0x56/0x70 [ 12.191386] kfree+0x222/0x3f0 [ 12.191504] krealloc_uaf+0x13d/0x5e0 [ 12.192075] kunit_try_run_case+0x1a5/0x480 [ 12.192497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.193134] kthread+0x337/0x6f0 [ 12.193450] ret_from_fork+0x116/0x1d0 [ 12.193745] ret_from_fork_asm+0x1a/0x30 [ 12.194243] [ 12.194417] The buggy address belongs to the object at ffff888100a1ec00 [ 12.194417] which belongs to the cache kmalloc-256 of size 256 [ 12.195539] The buggy address is located 0 bytes inside of [ 12.195539] freed 256-byte region [ffff888100a1ec00, ffff888100a1ed00) [ 12.196177] [ 12.196255] The buggy address belongs to the physical page: [ 12.196432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a1e [ 12.197198] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.197969] flags: 0x200000000000040(head|node=0|zone=2) [ 12.198548] page_type: f5(slab) [ 12.198918] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.199841] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.200625] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.201391] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.201772] head: 0200000000000001 ffffea0004028781 00000000ffffffff 00000000ffffffff [ 12.202037] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.202796] page dumped because: kasan: bad access detected [ 12.203389] [ 12.203597] Memory state around the buggy address: [ 12.204141] ffff888100a1eb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.204865] ffff888100a1eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.205510] >ffff888100a1ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.205743] ^ [ 12.205861] ffff888100a1ec80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.206121] ffff888100a1ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.206924] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.116177] ================================================================== [ 12.116553] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.117072] Write of size 1 at addr ffff888103a0e0ea by task kunit_try_catch/179 [ 12.117377] [ 12.117489] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.117549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.117560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.117579] Call Trace: [ 12.117594] <TASK> [ 12.117609] dump_stack_lvl+0x73/0xb0 [ 12.117651] print_report+0xd1/0x610 [ 12.117673] ? __virt_addr_valid+0x1db/0x2d0 [ 12.117696] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.117720] ? kasan_addr_to_slab+0x11/0xa0 [ 12.117740] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.117763] kasan_report+0x141/0x180 [ 12.117784] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.117833] __asan_report_store1_noabort+0x1b/0x30 [ 12.117857] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.117883] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.117917] ? finish_task_switch.isra.0+0x153/0x700 [ 12.117939] ? __switch_to+0x47/0xf50 [ 12.117965] ? __schedule+0x10cc/0x2b60 [ 12.117997] ? __pfx_read_tsc+0x10/0x10 [ 12.118021] krealloc_large_less_oob+0x1c/0x30 [ 12.118043] kunit_try_run_case+0x1a5/0x480 [ 12.118067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.118088] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.118112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.118134] ? __kthread_parkme+0x82/0x180 [ 12.118155] ? preempt_count_sub+0x50/0x80 [ 12.118177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.118200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.118223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.118246] kthread+0x337/0x6f0 [ 12.118265] ? trace_preempt_on+0x20/0xc0 [ 12.118287] ? __pfx_kthread+0x10/0x10 [ 12.118307] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.118351] ? calculate_sigpending+0x7b/0xa0 [ 12.118379] ? __pfx_kthread+0x10/0x10 [ 12.118400] ret_from_fork+0x116/0x1d0 [ 12.118418] ? __pfx_kthread+0x10/0x10 [ 12.118438] ret_from_fork_asm+0x1a/0x30 [ 12.118470] </TASK> [ 12.118479] [ 12.126021] The buggy address belongs to the physical page: [ 12.126285] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c [ 12.127565] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.127827] flags: 0x200000000000040(head|node=0|zone=2) [ 12.128084] page_type: f8(unknown) [ 12.128968] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.129390] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.130089] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.130674] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.131170] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff [ 12.131973] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.132412] page dumped because: kasan: bad access detected [ 12.132832] [ 12.132990] Memory state around the buggy address: [ 12.133200] ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.133490] ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.134148] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.134478] ^ [ 12.135141] ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.135809] ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.136266] ================================================================== [ 12.096194] ================================================================== [ 12.096927] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.097321] Write of size 1 at addr ffff888103a0e0da by task kunit_try_catch/179 [ 12.098121] [ 12.098326] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.098370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.098381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.098400] Call Trace: [ 12.098418] <TASK> [ 12.098435] dump_stack_lvl+0x73/0xb0 [ 12.098465] print_report+0xd1/0x610 [ 12.098488] ? __virt_addr_valid+0x1db/0x2d0 [ 12.098511] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.098534] ? kasan_addr_to_slab+0x11/0xa0 [ 12.098554] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.098578] kasan_report+0x141/0x180 [ 12.098599] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.098628] __asan_report_store1_noabort+0x1b/0x30 [ 12.098652] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.098698] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.098722] ? finish_task_switch.isra.0+0x153/0x700 [ 12.098745] ? __switch_to+0x47/0xf50 [ 12.098802] ? __schedule+0x10cc/0x2b60 [ 12.098824] ? __pfx_read_tsc+0x10/0x10 [ 12.098848] krealloc_large_less_oob+0x1c/0x30 [ 12.098871] kunit_try_run_case+0x1a5/0x480 [ 12.098906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.098927] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.098951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.098975] ? __kthread_parkme+0x82/0x180 [ 12.099005] ? preempt_count_sub+0x50/0x80 [ 12.099029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.099052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.099075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.099098] kthread+0x337/0x6f0 [ 12.099116] ? trace_preempt_on+0x20/0xc0 [ 12.099140] ? __pfx_kthread+0x10/0x10 [ 12.099161] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.099184] ? calculate_sigpending+0x7b/0xa0 [ 12.099209] ? __pfx_kthread+0x10/0x10 [ 12.099230] ret_from_fork+0x116/0x1d0 [ 12.099248] ? __pfx_kthread+0x10/0x10 [ 12.099268] ret_from_fork_asm+0x1a/0x30 [ 12.099301] </TASK> [ 12.099311] [ 12.107551] The buggy address belongs to the physical page: [ 12.107728] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c [ 12.108124] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.108900] flags: 0x200000000000040(head|node=0|zone=2) [ 12.109347] page_type: f8(unknown) [ 12.109650] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.110459] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.110701] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.111380] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.112089] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff [ 12.112866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.113614] page dumped because: kasan: bad access detected [ 12.113803] [ 12.113872] Memory state around the buggy address: [ 12.114050] ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.114268] ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.114478] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.114729] ^ [ 12.114976] ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.115275] ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.115723] ================================================================== [ 11.919753] ================================================================== [ 11.920408] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.921289] Write of size 1 at addr ffff888100355aea by task kunit_try_catch/175 [ 11.921808] [ 11.922219] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.922271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.922282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.922303] Call Trace: [ 11.922321] <TASK> [ 11.922339] dump_stack_lvl+0x73/0xb0 [ 11.922368] print_report+0xd1/0x610 [ 11.922391] ? __virt_addr_valid+0x1db/0x2d0 [ 11.922414] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.922436] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.922459] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.922482] kasan_report+0x141/0x180 [ 11.922504] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.922590] __asan_report_store1_noabort+0x1b/0x30 [ 11.922617] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.922643] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.922669] ? __kasan_check_write+0x18/0x20 [ 11.922688] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.922712] ? irqentry_exit+0x2a/0x60 [ 11.922734] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.922757] ? trace_hardirqs_on+0x37/0xe0 [ 11.922785] ? __pfx_read_tsc+0x10/0x10 [ 11.922809] krealloc_less_oob+0x1c/0x30 [ 11.922829] kunit_try_run_case+0x1a5/0x480 [ 11.922853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.922877] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.922911] ? __kthread_parkme+0x82/0x180 [ 11.922931] ? preempt_count_sub+0x50/0x80 [ 11.922956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.922979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.923003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.923026] kthread+0x337/0x6f0 [ 11.923044] ? trace_preempt_on+0x20/0xc0 [ 11.923065] ? __pfx_kthread+0x10/0x10 [ 11.923085] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.923106] ? calculate_sigpending+0x7b/0xa0 [ 11.923130] ? __pfx_kthread+0x10/0x10 [ 11.923151] ret_from_fork+0x116/0x1d0 [ 11.923169] ? __pfx_kthread+0x10/0x10 [ 11.923188] ret_from_fork_asm+0x1a/0x30 [ 11.923220] </TASK> [ 11.923230] [ 11.937192] Allocated by task 175: [ 11.937630] kasan_save_stack+0x45/0x70 [ 11.938036] kasan_save_track+0x18/0x40 [ 11.938326] kasan_save_alloc_info+0x3b/0x50 [ 11.938686] __kasan_krealloc+0x190/0x1f0 [ 11.938944] krealloc_noprof+0xf3/0x340 [ 11.939310] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.939480] krealloc_less_oob+0x1c/0x30 [ 11.939865] kunit_try_run_case+0x1a5/0x480 [ 11.940391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.941018] kthread+0x337/0x6f0 [ 11.941716] ret_from_fork+0x116/0x1d0 [ 11.941864] ret_from_fork_asm+0x1a/0x30 [ 11.942023] [ 11.942096] The buggy address belongs to the object at ffff888100355a00 [ 11.942096] which belongs to the cache kmalloc-256 of size 256 [ 11.942451] The buggy address is located 33 bytes to the right of [ 11.942451] allocated 201-byte region [ffff888100355a00, ffff888100355ac9) [ 11.942823] [ 11.942919] The buggy address belongs to the physical page: [ 11.943399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354 [ 11.944247] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.945095] flags: 0x200000000000040(head|node=0|zone=2) [ 11.945691] page_type: f5(slab) [ 11.946015] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.946750] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.947808] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.948690] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.949437] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff [ 11.950269] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.950860] page dumped because: kasan: bad access detected [ 11.951079] [ 11.951254] Memory state around the buggy address: [ 11.951740] ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.952462] ffff888100355a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.952872] >ffff888100355a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.953357] ^ [ 11.954207] ffff888100355b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.954785] ffff888100355b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.955077] ================================================================== [ 12.044395] ================================================================== [ 12.045279] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.045914] Write of size 1 at addr ffff888103a0e0c9 by task kunit_try_catch/179 [ 12.046710] [ 12.046824] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.046875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.046886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.046919] Call Trace: [ 12.046932] <TASK> [ 12.046950] dump_stack_lvl+0x73/0xb0 [ 12.046983] print_report+0xd1/0x610 [ 12.047007] ? __virt_addr_valid+0x1db/0x2d0 [ 12.047031] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.047055] ? kasan_addr_to_slab+0x11/0xa0 [ 12.047075] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.047099] kasan_report+0x141/0x180 [ 12.047120] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.047149] __asan_report_store1_noabort+0x1b/0x30 [ 12.047174] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.047200] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.047223] ? finish_task_switch.isra.0+0x153/0x700 [ 12.047247] ? __switch_to+0x47/0xf50 [ 12.047274] ? __schedule+0x10cc/0x2b60 [ 12.047297] ? __pfx_read_tsc+0x10/0x10 [ 12.047322] krealloc_large_less_oob+0x1c/0x30 [ 12.047344] kunit_try_run_case+0x1a5/0x480 [ 12.047371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.047392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.047417] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.047440] ? __kthread_parkme+0x82/0x180 [ 12.047461] ? preempt_count_sub+0x50/0x80 [ 12.047484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.047507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.047700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.047726] kthread+0x337/0x6f0 [ 12.047760] ? trace_preempt_on+0x20/0xc0 [ 12.047784] ? __pfx_kthread+0x10/0x10 [ 12.047804] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.047826] ? calculate_sigpending+0x7b/0xa0 [ 12.047851] ? __pfx_kthread+0x10/0x10 [ 12.047872] ret_from_fork+0x116/0x1d0 [ 12.047900] ? __pfx_kthread+0x10/0x10 [ 12.047921] ret_from_fork_asm+0x1a/0x30 [ 12.047956] </TASK> [ 12.047970] [ 12.059095] The buggy address belongs to the physical page: [ 12.059368] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c [ 12.059691] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.060849] flags: 0x200000000000040(head|node=0|zone=2) [ 12.061221] page_type: f8(unknown) [ 12.061364] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.062014] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.062429] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.062937] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.063403] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff [ 12.063876] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.064337] page dumped because: kasan: bad access detected [ 12.064967] [ 12.065086] Memory state around the buggy address: [ 12.065407] ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.065963] ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.066305] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.066683] ^ [ 12.067130] ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.067521] ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.068074] ================================================================== [ 12.136846] ================================================================== [ 12.137522] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.137985] Write of size 1 at addr ffff888103a0e0eb by task kunit_try_catch/179 [ 12.138592] [ 12.138951] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.139002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.139014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.139041] Call Trace: [ 12.139058] <TASK> [ 12.139075] dump_stack_lvl+0x73/0xb0 [ 12.139106] print_report+0xd1/0x610 [ 12.139129] ? __virt_addr_valid+0x1db/0x2d0 [ 12.139152] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.139176] ? kasan_addr_to_slab+0x11/0xa0 [ 12.139197] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.139221] kasan_report+0x141/0x180 [ 12.139242] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.139272] __asan_report_store1_noabort+0x1b/0x30 [ 12.139296] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.139322] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.139346] ? finish_task_switch.isra.0+0x153/0x700 [ 12.139369] ? __switch_to+0x47/0xf50 [ 12.139394] ? __schedule+0x10cc/0x2b60 [ 12.139416] ? __pfx_read_tsc+0x10/0x10 [ 12.139441] krealloc_large_less_oob+0x1c/0x30 [ 12.139463] kunit_try_run_case+0x1a5/0x480 [ 12.139488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.139509] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.139575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.139600] ? __kthread_parkme+0x82/0x180 [ 12.139621] ? preempt_count_sub+0x50/0x80 [ 12.139644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.139668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.139691] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.139715] kthread+0x337/0x6f0 [ 12.139734] ? trace_preempt_on+0x20/0xc0 [ 12.139757] ? __pfx_kthread+0x10/0x10 [ 12.139777] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.139798] ? calculate_sigpending+0x7b/0xa0 [ 12.139823] ? __pfx_kthread+0x10/0x10 [ 12.139843] ret_from_fork+0x116/0x1d0 [ 12.139862] ? __pfx_kthread+0x10/0x10 [ 12.139882] ret_from_fork_asm+0x1a/0x30 [ 12.139925] </TASK> [ 12.139936] [ 12.152951] The buggy address belongs to the physical page: [ 12.153369] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c [ 12.153873] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.154438] flags: 0x200000000000040(head|node=0|zone=2) [ 12.154819] page_type: f8(unknown) [ 12.155171] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.155498] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.156110] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.156447] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.157022] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff [ 12.157616] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.158242] page dumped because: kasan: bad access detected [ 12.158466] [ 12.158734] Memory state around the buggy address: [ 12.159068] ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.159493] ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.159911] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.160706] ^ [ 12.161121] ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.161654] ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.162119] ================================================================== [ 11.841219] ================================================================== [ 11.841664] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.842140] Write of size 1 at addr ffff888100355ac9 by task kunit_try_catch/175 [ 11.842439] [ 11.842532] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.842577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.842588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.842609] Call Trace: [ 11.842621] <TASK> [ 11.842636] dump_stack_lvl+0x73/0xb0 [ 11.842664] print_report+0xd1/0x610 [ 11.842686] ? __virt_addr_valid+0x1db/0x2d0 [ 11.842709] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.842733] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.842755] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.842785] kasan_report+0x141/0x180 [ 11.842807] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.842836] __asan_report_store1_noabort+0x1b/0x30 [ 11.842860] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.842886] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.842924] ? __kasan_check_write+0x18/0x20 [ 11.842944] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.842968] ? irqentry_exit+0x2a/0x60 [ 11.842989] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.843013] ? trace_hardirqs_on+0x37/0xe0 [ 11.843036] ? __pfx_read_tsc+0x10/0x10 [ 11.843060] krealloc_less_oob+0x1c/0x30 [ 11.843081] kunit_try_run_case+0x1a5/0x480 [ 11.843105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.843129] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.843152] ? __kthread_parkme+0x82/0x180 [ 11.843173] ? preempt_count_sub+0x50/0x80 [ 11.843197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.843238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.843286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.843310] kthread+0x337/0x6f0 [ 11.843329] ? trace_preempt_on+0x20/0xc0 [ 11.843350] ? __pfx_kthread+0x10/0x10 [ 11.843370] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.843391] ? calculate_sigpending+0x7b/0xa0 [ 11.843414] ? __pfx_kthread+0x10/0x10 [ 11.843435] ret_from_fork+0x116/0x1d0 [ 11.843453] ? __pfx_kthread+0x10/0x10 [ 11.843473] ret_from_fork_asm+0x1a/0x30 [ 11.843505] </TASK> [ 11.843515] [ 11.851788] Allocated by task 175: [ 11.851980] kasan_save_stack+0x45/0x70 [ 11.852184] kasan_save_track+0x18/0x40 [ 11.852347] kasan_save_alloc_info+0x3b/0x50 [ 11.852719] __kasan_krealloc+0x190/0x1f0 [ 11.852928] krealloc_noprof+0xf3/0x340 [ 11.853096] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.853330] krealloc_less_oob+0x1c/0x30 [ 11.853495] kunit_try_run_case+0x1a5/0x480 [ 11.853762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.853957] kthread+0x337/0x6f0 [ 11.854140] ret_from_fork+0x116/0x1d0 [ 11.854326] ret_from_fork_asm+0x1a/0x30 [ 11.854496] [ 11.854689] The buggy address belongs to the object at ffff888100355a00 [ 11.854689] which belongs to the cache kmalloc-256 of size 256 [ 11.855306] The buggy address is located 0 bytes to the right of [ 11.855306] allocated 201-byte region [ffff888100355a00, ffff888100355ac9) [ 11.855859] [ 11.855970] The buggy address belongs to the physical page: [ 11.856198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354 [ 11.856502] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.856880] flags: 0x200000000000040(head|node=0|zone=2) [ 11.857127] page_type: f5(slab) [ 11.857252] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.857676] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.857996] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.858502] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.858819] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff [ 11.859314] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.859674] page dumped because: kasan: bad access detected [ 11.859880] [ 11.859960] Memory state around the buggy address: [ 11.860193] ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.860536] ffff888100355a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.860790] >ffff888100355a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.861145] ^ [ 11.861363] ffff888100355b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.861577] ffff888100355b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.861790] ================================================================== [ 11.955992] ================================================================== [ 11.956632] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.957213] Write of size 1 at addr ffff888100355aeb by task kunit_try_catch/175 [ 11.957914] [ 11.958171] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.958217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.958228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.958248] Call Trace: [ 11.958267] <TASK> [ 11.958296] dump_stack_lvl+0x73/0xb0 [ 11.958325] print_report+0xd1/0x610 [ 11.958360] ? __virt_addr_valid+0x1db/0x2d0 [ 11.958382] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.958405] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.958427] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.958451] kasan_report+0x141/0x180 [ 11.958473] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.958502] __asan_report_store1_noabort+0x1b/0x30 [ 11.958526] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.958562] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.958587] ? __kasan_check_write+0x18/0x20 [ 11.958606] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.958629] ? irqentry_exit+0x2a/0x60 [ 11.958650] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.958674] ? trace_hardirqs_on+0x37/0xe0 [ 11.958697] ? __pfx_read_tsc+0x10/0x10 [ 11.958721] krealloc_less_oob+0x1c/0x30 [ 11.958741] kunit_try_run_case+0x1a5/0x480 [ 11.958771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.958794] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.958817] ? __kthread_parkme+0x82/0x180 [ 11.958837] ? preempt_count_sub+0x50/0x80 [ 11.958862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.958885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.958919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.958952] kthread+0x337/0x6f0 [ 11.958972] ? trace_preempt_on+0x20/0xc0 [ 11.958999] ? __pfx_kthread+0x10/0x10 [ 11.959019] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.959040] ? calculate_sigpending+0x7b/0xa0 [ 11.959064] ? __pfx_kthread+0x10/0x10 [ 11.959084] ret_from_fork+0x116/0x1d0 [ 11.959102] ? __pfx_kthread+0x10/0x10 [ 11.959122] ret_from_fork_asm+0x1a/0x30 [ 11.959154] </TASK> [ 11.959163] [ 11.970758] Allocated by task 175: [ 11.970999] kasan_save_stack+0x45/0x70 [ 11.971289] kasan_save_track+0x18/0x40 [ 11.971508] kasan_save_alloc_info+0x3b/0x50 [ 11.971740] __kasan_krealloc+0x190/0x1f0 [ 11.972013] krealloc_noprof+0xf3/0x340 [ 11.972150] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.972311] krealloc_less_oob+0x1c/0x30 [ 11.972449] kunit_try_run_case+0x1a5/0x480 [ 11.972595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.972878] kthread+0x337/0x6f0 [ 11.973189] ret_from_fork+0x116/0x1d0 [ 11.973380] ret_from_fork_asm+0x1a/0x30 [ 11.973644] [ 11.973804] The buggy address belongs to the object at ffff888100355a00 [ 11.973804] which belongs to the cache kmalloc-256 of size 256 [ 11.974236] The buggy address is located 34 bytes to the right of [ 11.974236] allocated 201-byte region [ffff888100355a00, ffff888100355ac9) [ 11.974806] [ 11.974970] The buggy address belongs to the physical page: [ 11.975225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354 [ 11.975612] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.976032] flags: 0x200000000000040(head|node=0|zone=2) [ 11.976244] page_type: f5(slab) [ 11.976510] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.976797] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.977081] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.977452] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.977973] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff [ 11.978207] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.978568] page dumped because: kasan: bad access detected [ 11.978836] [ 11.978911] Memory state around the buggy address: [ 11.979362] ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.979649] ffff888100355a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.979956] >ffff888100355a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.980325] ^ [ 11.980674] ffff888100355b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.980947] ffff888100355b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.981318] ================================================================== [ 11.885496] ================================================================== [ 11.886288] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.887194] Write of size 1 at addr ffff888100355ada by task kunit_try_catch/175 [ 11.888002] [ 11.888385] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.888434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.888445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.888472] Call Trace: [ 11.888488] <TASK> [ 11.888504] dump_stack_lvl+0x73/0xb0 [ 11.888532] print_report+0xd1/0x610 [ 11.888554] ? __virt_addr_valid+0x1db/0x2d0 [ 11.888577] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.888600] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.888622] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.888646] kasan_report+0x141/0x180 [ 11.888667] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.888696] __asan_report_store1_noabort+0x1b/0x30 [ 11.888728] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.888754] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.888780] ? __kasan_check_write+0x18/0x20 [ 11.888799] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.888822] ? irqentry_exit+0x2a/0x60 [ 11.888843] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.888867] ? trace_hardirqs_on+0x37/0xe0 [ 11.888890] ? __pfx_read_tsc+0x10/0x10 [ 11.888924] krealloc_less_oob+0x1c/0x30 [ 11.888945] kunit_try_run_case+0x1a5/0x480 [ 11.888968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.888992] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.889015] ? __kthread_parkme+0x82/0x180 [ 11.889035] ? preempt_count_sub+0x50/0x80 [ 11.889059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.889082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.889106] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.889129] kthread+0x337/0x6f0 [ 11.889147] ? trace_preempt_on+0x20/0xc0 [ 11.889168] ? __pfx_kthread+0x10/0x10 [ 11.889188] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.889211] ? calculate_sigpending+0x7b/0xa0 [ 11.889235] ? __pfx_kthread+0x10/0x10 [ 11.889256] ret_from_fork+0x116/0x1d0 [ 11.889274] ? __pfx_kthread+0x10/0x10 [ 11.889293] ret_from_fork_asm+0x1a/0x30 [ 11.889325] </TASK> [ 11.889334] [ 11.902908] Allocated by task 175: [ 11.903350] kasan_save_stack+0x45/0x70 [ 11.903802] kasan_save_track+0x18/0x40 [ 11.903957] kasan_save_alloc_info+0x3b/0x50 [ 11.904389] __kasan_krealloc+0x190/0x1f0 [ 11.904850] krealloc_noprof+0xf3/0x340 [ 11.905316] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.905485] krealloc_less_oob+0x1c/0x30 [ 11.905924] kunit_try_run_case+0x1a5/0x480 [ 11.906411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.907004] kthread+0x337/0x6f0 [ 11.907220] ret_from_fork+0x116/0x1d0 [ 11.907356] ret_from_fork_asm+0x1a/0x30 [ 11.907495] [ 11.907827] The buggy address belongs to the object at ffff888100355a00 [ 11.907827] which belongs to the cache kmalloc-256 of size 256 [ 11.909128] The buggy address is located 17 bytes to the right of [ 11.909128] allocated 201-byte region [ffff888100355a00, ffff888100355ac9) [ 11.910270] [ 11.910346] The buggy address belongs to the physical page: [ 11.910526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354 [ 11.910774] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.911034] flags: 0x200000000000040(head|node=0|zone=2) [ 11.911623] page_type: f5(slab) [ 11.911930] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.912415] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.913223] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.913701] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.914205] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff [ 11.914692] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.914988] page dumped because: kasan: bad access detected [ 11.915522] [ 11.915623] Memory state around the buggy address: [ 11.915815] ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.916404] ffff888100355a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.916886] >ffff888100355a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.917474] ^ [ 11.918064] ffff888100355b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.918377] ffff888100355b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.919091] ================================================================== [ 11.862256] ================================================================== [ 11.863010] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.863745] Write of size 1 at addr ffff888100355ad0 by task kunit_try_catch/175 [ 11.864004] [ 11.864117] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.864159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.864169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.864189] Call Trace: [ 11.864203] <TASK> [ 11.864219] dump_stack_lvl+0x73/0xb0 [ 11.864247] print_report+0xd1/0x610 [ 11.864268] ? __virt_addr_valid+0x1db/0x2d0 [ 11.864291] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.864314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.864337] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.864361] kasan_report+0x141/0x180 [ 11.864382] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.864411] __asan_report_store1_noabort+0x1b/0x30 [ 11.864436] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.864462] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.864488] ? __kasan_check_write+0x18/0x20 [ 11.864506] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.864573] ? irqentry_exit+0x2a/0x60 [ 11.864596] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.864620] ? trace_hardirqs_on+0x37/0xe0 [ 11.864644] ? __pfx_read_tsc+0x10/0x10 [ 11.864668] krealloc_less_oob+0x1c/0x30 [ 11.864690] kunit_try_run_case+0x1a5/0x480 [ 11.864713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.864737] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.864761] ? __kthread_parkme+0x82/0x180 [ 11.864782] ? preempt_count_sub+0x50/0x80 [ 11.864806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.864829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.864853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.864876] kthread+0x337/0x6f0 [ 11.864906] ? trace_preempt_on+0x20/0xc0 [ 11.864928] ? __pfx_kthread+0x10/0x10 [ 11.864948] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.864968] ? calculate_sigpending+0x7b/0xa0 [ 11.865000] ? __pfx_kthread+0x10/0x10 [ 11.865021] ret_from_fork+0x116/0x1d0 [ 11.865039] ? __pfx_kthread+0x10/0x10 [ 11.865059] ret_from_fork_asm+0x1a/0x30 [ 11.865091] </TASK> [ 11.865101] [ 11.873205] Allocated by task 175: [ 11.873401] kasan_save_stack+0x45/0x70 [ 11.873728] kasan_save_track+0x18/0x40 [ 11.873914] kasan_save_alloc_info+0x3b/0x50 [ 11.874103] __kasan_krealloc+0x190/0x1f0 [ 11.874287] krealloc_noprof+0xf3/0x340 [ 11.874479] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.874858] krealloc_less_oob+0x1c/0x30 [ 11.875106] kunit_try_run_case+0x1a5/0x480 [ 11.875291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.875527] kthread+0x337/0x6f0 [ 11.875695] ret_from_fork+0x116/0x1d0 [ 11.875860] ret_from_fork_asm+0x1a/0x30 [ 11.876083] [ 11.876158] The buggy address belongs to the object at ffff888100355a00 [ 11.876158] which belongs to the cache kmalloc-256 of size 256 [ 11.876664] The buggy address is located 7 bytes to the right of [ 11.876664] allocated 201-byte region [ffff888100355a00, ffff888100355ac9) [ 11.877046] [ 11.877117] The buggy address belongs to the physical page: [ 11.877290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354 [ 11.877530] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.877759] flags: 0x200000000000040(head|node=0|zone=2) [ 11.878055] page_type: f5(slab) [ 11.878225] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.878623] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.878987] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.879329] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.879804] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff [ 11.880205] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.880515] page dumped because: kasan: bad access detected [ 11.880741] [ 11.880809] Memory state around the buggy address: [ 11.881142] ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.881374] ffff888100355a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.881878] >ffff888100355a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.882551] ^ [ 11.882786] ffff888100355b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.883872] ffff888100355b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.884173] ================================================================== [ 12.069086] ================================================================== [ 12.069716] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.070419] Write of size 1 at addr ffff888103a0e0d0 by task kunit_try_catch/179 [ 12.070668] [ 12.070769] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.070812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.070823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.070843] Call Trace: [ 12.070858] <TASK> [ 12.070875] dump_stack_lvl+0x73/0xb0 [ 12.070918] print_report+0xd1/0x610 [ 12.070940] ? __virt_addr_valid+0x1db/0x2d0 [ 12.070963] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.070986] ? kasan_addr_to_slab+0x11/0xa0 [ 12.071006] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.071030] kasan_report+0x141/0x180 [ 12.071051] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.071080] __asan_report_store1_noabort+0x1b/0x30 [ 12.071104] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.071130] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.071154] ? finish_task_switch.isra.0+0x153/0x700 [ 12.071176] ? __switch_to+0x47/0xf50 [ 12.071201] ? __schedule+0x10cc/0x2b60 [ 12.071223] ? __pfx_read_tsc+0x10/0x10 [ 12.071246] krealloc_large_less_oob+0x1c/0x30 [ 12.071268] kunit_try_run_case+0x1a5/0x480 [ 12.071292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.071314] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.071337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.071360] ? __kthread_parkme+0x82/0x180 [ 12.071380] ? preempt_count_sub+0x50/0x80 [ 12.071402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.071425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.071448] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.071471] kthread+0x337/0x6f0 [ 12.071490] ? trace_preempt_on+0x20/0xc0 [ 12.071513] ? __pfx_kthread+0x10/0x10 [ 12.071533] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.071553] ? calculate_sigpending+0x7b/0xa0 [ 12.071576] ? __pfx_kthread+0x10/0x10 [ 12.071597] ret_from_fork+0x116/0x1d0 [ 12.071615] ? __pfx_kthread+0x10/0x10 [ 12.071634] ret_from_fork_asm+0x1a/0x30 [ 12.071666] </TASK> [ 12.071675] [ 12.085255] The buggy address belongs to the physical page: [ 12.085501] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a0c [ 12.086398] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.086961] flags: 0x200000000000040(head|node=0|zone=2) [ 12.087505] page_type: f8(unknown) [ 12.087868] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.088449] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.088758] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.089368] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.090039] head: 0200000000000002 ffffea00040e8301 00000000ffffffff 00000000ffffffff [ 12.090628] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.091210] page dumped because: kasan: bad access detected [ 12.091763] [ 12.091833] Memory state around the buggy address: [ 12.092021] ffff888103a0df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.092233] ffff888103a0e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.092441] >ffff888103a0e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.093017] ^ [ 12.093718] ffff888103a0e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.094519] ffff888103a0e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.095279] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.012243] ================================================================== [ 12.013009] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.013501] Write of size 1 at addr ffff8881039de0f0 by task kunit_try_catch/177 [ 12.014683] [ 12.014965] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.015020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.015138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.015161] Call Trace: [ 12.015173] <TASK> [ 12.015190] dump_stack_lvl+0x73/0xb0 [ 12.015223] print_report+0xd1/0x610 [ 12.015246] ? __virt_addr_valid+0x1db/0x2d0 [ 12.015269] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.015296] ? kasan_addr_to_slab+0x11/0xa0 [ 12.015316] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.015342] kasan_report+0x141/0x180 [ 12.015363] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.015392] __asan_report_store1_noabort+0x1b/0x30 [ 12.015417] krealloc_more_oob_helper+0x7eb/0x930 [ 12.015440] ? pick_task_fair+0xc9/0x340 [ 12.015465] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.015489] ? __schedule+0x207f/0x2b60 [ 12.015509] ? schedule+0x7c/0x2e0 [ 12.015615] ? trace_hardirqs_on+0x37/0xe0 [ 12.015642] ? __schedule+0x207f/0x2b60 [ 12.015663] ? __pfx_read_tsc+0x10/0x10 [ 12.015688] krealloc_large_more_oob+0x1c/0x30 [ 12.015712] kunit_try_run_case+0x1a5/0x480 [ 12.015738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.015759] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.015784] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.015807] ? __kthread_parkme+0x82/0x180 [ 12.015828] ? preempt_count_sub+0x50/0x80 [ 12.015852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.015875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.015912] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.015936] kthread+0x337/0x6f0 [ 12.015954] ? trace_preempt_on+0x20/0xc0 [ 12.015975] ? __pfx_kthread+0x10/0x10 [ 12.015995] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.016016] ? calculate_sigpending+0x7b/0xa0 [ 12.016040] ? __pfx_kthread+0x10/0x10 [ 12.016061] ret_from_fork+0x116/0x1d0 [ 12.016079] ? __pfx_kthread+0x10/0x10 [ 12.016100] ret_from_fork_asm+0x1a/0x30 [ 12.016132] </TASK> [ 12.016142] [ 12.029410] The buggy address belongs to the physical page: [ 12.030067] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039dc [ 12.030563] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.031281] flags: 0x200000000000040(head|node=0|zone=2) [ 12.031734] page_type: f8(unknown) [ 12.031887] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.032450] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.033109] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.033443] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.034105] head: 0200000000000002 ffffea00040e7701 00000000ffffffff 00000000ffffffff [ 12.034559] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.035246] page dumped because: kasan: bad access detected [ 12.035606] [ 12.035709] Memory state around the buggy address: [ 12.035940] ffff8881039ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.036516] ffff8881039de000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.037108] >ffff8881039de080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.037472] ^ [ 12.038043] ffff8881039de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.038361] ffff8881039de180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.039008] ================================================================== [ 11.814822] ================================================================== [ 11.815256] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.815748] Write of size 1 at addr ffff8881003558f0 by task kunit_try_catch/173 [ 11.816085] [ 11.816190] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.816234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.816244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.816264] Call Trace: [ 11.816276] <TASK> [ 11.816292] dump_stack_lvl+0x73/0xb0 [ 11.816320] print_report+0xd1/0x610 [ 11.816342] ? __virt_addr_valid+0x1db/0x2d0 [ 11.816365] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.816388] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.816410] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.816434] kasan_report+0x141/0x180 [ 11.816455] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.816485] __asan_report_store1_noabort+0x1b/0x30 [ 11.816509] krealloc_more_oob_helper+0x7eb/0x930 [ 11.816531] ? trace_hardirqs_on+0x37/0xe0 [ 11.816555] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.816578] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.816609] ? __pfx_krealloc_more_oob+0x10/0x10 [ 11.816636] krealloc_more_oob+0x1c/0x30 [ 11.816657] kunit_try_run_case+0x1a5/0x480 [ 11.816680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.816702] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.816725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.816748] ? __kthread_parkme+0x82/0x180 [ 11.816768] ? preempt_count_sub+0x50/0x80 [ 11.816792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.816816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.816839] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.816862] kthread+0x337/0x6f0 [ 11.816881] ? trace_preempt_on+0x20/0xc0 [ 11.816913] ? __pfx_kthread+0x10/0x10 [ 11.816933] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.816953] ? calculate_sigpending+0x7b/0xa0 [ 11.816977] ? __pfx_kthread+0x10/0x10 [ 11.817045] ret_from_fork+0x116/0x1d0 [ 11.817064] ? __pfx_kthread+0x10/0x10 [ 11.817083] ret_from_fork_asm+0x1a/0x30 [ 11.817116] </TASK> [ 11.817126] [ 11.824677] Allocated by task 173: [ 11.824807] kasan_save_stack+0x45/0x70 [ 11.824960] kasan_save_track+0x18/0x40 [ 11.825124] kasan_save_alloc_info+0x3b/0x50 [ 11.825471] __kasan_krealloc+0x190/0x1f0 [ 11.825668] krealloc_noprof+0xf3/0x340 [ 11.825857] krealloc_more_oob_helper+0x1a9/0x930 [ 11.826282] krealloc_more_oob+0x1c/0x30 [ 11.826483] kunit_try_run_case+0x1a5/0x480 [ 11.826940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.827176] kthread+0x337/0x6f0 [ 11.827340] ret_from_fork+0x116/0x1d0 [ 11.827472] ret_from_fork_asm+0x1a/0x30 [ 11.827870] [ 11.827984] The buggy address belongs to the object at ffff888100355800 [ 11.827984] which belongs to the cache kmalloc-256 of size 256 [ 11.828454] The buggy address is located 5 bytes to the right of [ 11.828454] allocated 235-byte region [ffff888100355800, ffff8881003558eb) [ 11.828969] [ 11.829078] The buggy address belongs to the physical page: [ 11.829328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354 [ 11.829743] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.829983] flags: 0x200000000000040(head|node=0|zone=2) [ 11.830158] page_type: f5(slab) [ 11.830277] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.830523] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.830864] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.831360] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.831772] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff [ 11.832347] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.832766] page dumped because: kasan: bad access detected [ 11.832953] [ 11.833114] Memory state around the buggy address: [ 11.833344] ffff888100355780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.833746] ffff888100355800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.834064] >ffff888100355880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.834317] ^ [ 11.834525] ffff888100355900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.835046] ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.835293] ================================================================== [ 11.788921] ================================================================== [ 11.789454] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.789734] Write of size 1 at addr ffff8881003558eb by task kunit_try_catch/173 [ 11.789969] [ 11.790065] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.790110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.790121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.790143] Call Trace: [ 11.790155] <TASK> [ 11.790173] dump_stack_lvl+0x73/0xb0 [ 11.790204] print_report+0xd1/0x610 [ 11.790226] ? __virt_addr_valid+0x1db/0x2d0 [ 11.790250] ? krealloc_more_oob_helper+0x821/0x930 [ 11.790272] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.790293] ? krealloc_more_oob_helper+0x821/0x930 [ 11.790315] kasan_report+0x141/0x180 [ 11.790336] ? krealloc_more_oob_helper+0x821/0x930 [ 11.790363] __asan_report_store1_noabort+0x1b/0x30 [ 11.790386] krealloc_more_oob_helper+0x821/0x930 [ 11.790407] ? trace_hardirqs_on+0x37/0xe0 [ 11.790431] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.790453] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.790482] ? __pfx_krealloc_more_oob+0x10/0x10 [ 11.790508] krealloc_more_oob+0x1c/0x30 [ 11.790528] kunit_try_run_case+0x1a5/0x480 [ 11.790553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.790573] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.790597] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.790620] ? __kthread_parkme+0x82/0x180 [ 11.790640] ? preempt_count_sub+0x50/0x80 [ 11.790664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.790686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.790708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.790730] kthread+0x337/0x6f0 [ 11.790748] ? trace_preempt_on+0x20/0xc0 [ 11.790775] ? __pfx_kthread+0x10/0x10 [ 11.790794] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.790813] ? calculate_sigpending+0x7b/0xa0 [ 11.790837] ? __pfx_kthread+0x10/0x10 [ 11.790857] ret_from_fork+0x116/0x1d0 [ 11.790876] ? __pfx_kthread+0x10/0x10 [ 11.791448] ret_from_fork_asm+0x1a/0x30 [ 11.791495] </TASK> [ 11.791508] [ 11.803393] Allocated by task 173: [ 11.803556] kasan_save_stack+0x45/0x70 [ 11.803837] kasan_save_track+0x18/0x40 [ 11.804057] kasan_save_alloc_info+0x3b/0x50 [ 11.804213] __kasan_krealloc+0x190/0x1f0 [ 11.804353] krealloc_noprof+0xf3/0x340 [ 11.804545] krealloc_more_oob_helper+0x1a9/0x930 [ 11.804773] krealloc_more_oob+0x1c/0x30 [ 11.804977] kunit_try_run_case+0x1a5/0x480 [ 11.805231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.805442] kthread+0x337/0x6f0 [ 11.805651] ret_from_fork+0x116/0x1d0 [ 11.805847] ret_from_fork_asm+0x1a/0x30 [ 11.806115] [ 11.806189] The buggy address belongs to the object at ffff888100355800 [ 11.806189] which belongs to the cache kmalloc-256 of size 256 [ 11.806698] The buggy address is located 0 bytes to the right of [ 11.806698] allocated 235-byte region [ffff888100355800, ffff8881003558eb) [ 11.807151] [ 11.807226] The buggy address belongs to the physical page: [ 11.807472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100354 [ 11.808444] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.808852] flags: 0x200000000000040(head|node=0|zone=2) [ 11.809167] page_type: f5(slab) [ 11.809337] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.809663] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.810022] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.810416] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.810771] head: 0200000000000001 ffffea000400d501 00000000ffffffff 00000000ffffffff [ 11.811145] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.811398] page dumped because: kasan: bad access detected [ 11.811778] [ 11.811860] Memory state around the buggy address: [ 11.812027] ffff888100355780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.812395] ffff888100355800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.812776] >ffff888100355880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.813204] ^ [ 11.813653] ffff888100355900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.813944] ffff888100355980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.814280] ================================================================== [ 11.988242] ================================================================== [ 11.988722] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.989426] Write of size 1 at addr ffff8881039de0eb by task kunit_try_catch/177 [ 11.989887] [ 11.990026] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.990084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.990095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.990130] Call Trace: [ 11.990143] <TASK> [ 11.990161] dump_stack_lvl+0x73/0xb0 [ 11.990205] print_report+0xd1/0x610 [ 11.990228] ? __virt_addr_valid+0x1db/0x2d0 [ 11.990261] ? krealloc_more_oob_helper+0x821/0x930 [ 11.990285] ? kasan_addr_to_slab+0x11/0xa0 [ 11.990305] ? krealloc_more_oob_helper+0x821/0x930 [ 11.990341] kasan_report+0x141/0x180 [ 11.990364] ? krealloc_more_oob_helper+0x821/0x930 [ 11.990393] __asan_report_store1_noabort+0x1b/0x30 [ 11.990417] krealloc_more_oob_helper+0x821/0x930 [ 11.990441] ? pick_task_fair+0xc9/0x340 [ 11.990467] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.990491] ? __schedule+0x207f/0x2b60 [ 11.990521] ? schedule+0x7c/0x2e0 [ 11.990540] ? trace_hardirqs_on+0x37/0xe0 [ 11.990565] ? __schedule+0x207f/0x2b60 [ 11.990596] ? __pfx_read_tsc+0x10/0x10 [ 11.990620] krealloc_large_more_oob+0x1c/0x30 [ 11.990643] kunit_try_run_case+0x1a5/0x480 [ 11.990668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.990690] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.990715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.990788] ? __kthread_parkme+0x82/0x180 [ 11.990810] ? preempt_count_sub+0x50/0x80 [ 11.990862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.990886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.990922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.990945] kthread+0x337/0x6f0 [ 11.990964] ? trace_preempt_on+0x20/0xc0 [ 11.990996] ? __pfx_kthread+0x10/0x10 [ 11.991016] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.991037] ? calculate_sigpending+0x7b/0xa0 [ 11.991062] ? __pfx_kthread+0x10/0x10 [ 11.991083] ret_from_fork+0x116/0x1d0 [ 11.991102] ? __pfx_kthread+0x10/0x10 [ 11.991122] ret_from_fork_asm+0x1a/0x30 [ 11.991155] </TASK> [ 11.991166] [ 12.002119] The buggy address belongs to the physical page: [ 12.002387] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039dc [ 12.002997] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.003471] flags: 0x200000000000040(head|node=0|zone=2) [ 12.003885] page_type: f8(unknown) [ 12.004129] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.004836] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.005281] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.005924] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.006412] head: 0200000000000002 ffffea00040e7701 00000000ffffffff 00000000ffffffff [ 12.006977] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.007359] page dumped because: kasan: bad access detected [ 12.007564] [ 12.007711] Memory state around the buggy address: [ 12.007939] ffff8881039ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.008759] ffff8881039de000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.009206] >ffff8881039de080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.009532] ^ [ 12.010347] ffff8881039de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.010964] ffff8881039de180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.011384] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.555535] ================================================================== [ 49.555924] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 49.555924] [ 49.556312] Use-after-free read at 0x(____ptrval____) (in kfence-#142): [ 49.556590] test_krealloc+0x6fc/0xbe0 [ 49.556771] kunit_try_run_case+0x1a5/0x480 [ 49.557059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.557278] kthread+0x337/0x6f0 [ 49.557427] ret_from_fork+0x116/0x1d0 [ 49.557601] ret_from_fork_asm+0x1a/0x30 [ 49.557788] [ 49.557861] kfence-#142: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.557861] [ 49.558302] allocated by task 354 on cpu 0 at 49.554848s (0.003452s ago): [ 49.558618] test_alloc+0x364/0x10f0 [ 49.558808] test_krealloc+0xad/0xbe0 [ 49.559019] kunit_try_run_case+0x1a5/0x480 [ 49.559189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.559457] kthread+0x337/0x6f0 [ 49.559632] ret_from_fork+0x116/0x1d0 [ 49.559792] ret_from_fork_asm+0x1a/0x30 [ 49.559945] [ 49.560016] freed by task 354 on cpu 0 at 49.555135s (0.004878s ago): [ 49.560257] krealloc_noprof+0x108/0x340 [ 49.560608] test_krealloc+0x226/0xbe0 [ 49.560817] kunit_try_run_case+0x1a5/0x480 [ 49.561150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.561629] kthread+0x337/0x6f0 [ 49.562250] ret_from_fork+0x116/0x1d0 [ 49.562456] ret_from_fork_asm+0x1a/0x30 [ 49.563073] [ 49.563241] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 49.563712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.563926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.564407] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.475832] ================================================================== [ 49.476304] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.476304] [ 49.476886] Use-after-free read at 0x(____ptrval____) (in kfence-#141): [ 49.477845] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.478160] kunit_try_run_case+0x1a5/0x480 [ 49.478461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.478711] kthread+0x337/0x6f0 [ 49.479099] ret_from_fork+0x116/0x1d0 [ 49.479466] ret_from_fork_asm+0x1a/0x30 [ 49.479818] [ 49.479910] kfence-#141: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 49.479910] [ 49.480534] allocated by task 352 on cpu 1 at 49.450771s (0.029761s ago): [ 49.480925] test_alloc+0x2a6/0x10f0 [ 49.481224] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 49.481512] kunit_try_run_case+0x1a5/0x480 [ 49.481797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.482131] kthread+0x337/0x6f0 [ 49.482283] ret_from_fork+0x116/0x1d0 [ 49.482513] ret_from_fork_asm+0x1a/0x30 [ 49.482733] [ 49.482848] freed by task 352 on cpu 1 at 49.450856s (0.031989s ago): [ 49.483167] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 49.483420] kunit_try_run_case+0x1a5/0x480 [ 49.483609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.483915] kthread+0x337/0x6f0 [ 49.484326] ret_from_fork+0x116/0x1d0 [ 49.484528] ret_from_fork_asm+0x1a/0x30 [ 49.484711] [ 49.484822] CPU: 1 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 49.485575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.485873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.486383] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 24.607759] ================================================================== [ 24.608536] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 24.608536] [ 24.609190] Invalid read at 0x(____ptrval____): [ 24.609442] test_invalid_access+0xf0/0x210 [ 24.609728] kunit_try_run_case+0x1a5/0x480 [ 24.610635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.610910] kthread+0x337/0x6f0 [ 24.611561] ret_from_fork+0x116/0x1d0 [ 24.611756] ret_from_fork_asm+0x1a/0x30 [ 24.611969] [ 24.612186] CPU: 1 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.613173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.613385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.613991] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.314987] ================================================================== [ 17.315408] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.315408] [ 17.315873] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#69): [ 17.316520] test_out_of_bounds_write+0x10d/0x260 [ 17.316712] kunit_try_run_case+0x1a5/0x480 [ 17.316945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.317188] kthread+0x337/0x6f0 [ 17.317315] ret_from_fork+0x116/0x1d0 [ 17.318082] ret_from_fork_asm+0x1a/0x30 [ 17.318284] [ 17.318366] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.318366] [ 17.318947] allocated by task 308 on cpu 0 at 17.314834s (0.004110s ago): [ 17.319467] test_alloc+0x364/0x10f0 [ 17.319671] test_out_of_bounds_write+0xd4/0x260 [ 17.319969] kunit_try_run_case+0x1a5/0x480 [ 17.320173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.320416] kthread+0x337/0x6f0 [ 17.320572] ret_from_fork+0x116/0x1d0 [ 17.320754] ret_from_fork_asm+0x1a/0x30 [ 17.320944] [ 17.321432] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.321906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.322106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.322718] ================================================================== [ 17.418940] ================================================================== [ 17.419339] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.419339] [ 17.419802] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#70): [ 17.420128] test_out_of_bounds_write+0x10d/0x260 [ 17.420324] kunit_try_run_case+0x1a5/0x480 [ 17.420543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.420767] kthread+0x337/0x6f0 [ 17.420956] ret_from_fork+0x116/0x1d0 [ 17.421102] ret_from_fork_asm+0x1a/0x30 [ 17.421299] [ 17.421398] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.421398] [ 17.421747] allocated by task 310 on cpu 1 at 17.418866s (0.002878s ago): [ 17.422079] test_alloc+0x2a6/0x10f0 [ 17.422270] test_out_of_bounds_write+0xd4/0x260 [ 17.422446] kunit_try_run_case+0x1a5/0x480 [ 17.422657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.422877] kthread+0x337/0x6f0 [ 17.423116] ret_from_fork+0x116/0x1d0 [ 17.423288] ret_from_fork_asm+0x1a/0x30 [ 17.423474] [ 17.423583] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.424044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.424184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.424455] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 24.387123] ================================================================== [ 24.387558] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.387558] [ 24.387915] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#137): [ 24.388550] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.388773] kunit_try_run_case+0x1a5/0x480 [ 24.389021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.389255] kthread+0x337/0x6f0 [ 24.389428] ret_from_fork+0x116/0x1d0 [ 24.389630] ret_from_fork_asm+0x1a/0x30 [ 24.389806] [ 24.389912] kfence-#137: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 24.389912] [ 24.390327] allocated by task 342 on cpu 1 at 24.386857s (0.003468s ago): [ 24.390638] test_alloc+0x364/0x10f0 [ 24.390823] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 24.391087] kunit_try_run_case+0x1a5/0x480 [ 24.391287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.391540] kthread+0x337/0x6f0 [ 24.391707] ret_from_fork+0x116/0x1d0 [ 24.391872] ret_from_fork_asm+0x1a/0x30 [ 24.392025] [ 24.392100] freed by task 342 on cpu 1 at 24.387003s (0.005093s ago): [ 24.392317] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 24.392568] kunit_try_run_case+0x1a5/0x480 [ 24.392796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.393166] kthread+0x337/0x6f0 [ 24.393339] ret_from_fork+0x116/0x1d0 [ 24.393491] ret_from_fork_asm+0x1a/0x30 [ 24.393694] [ 24.393802] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 24.394437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.394623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.395006] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.867070] ================================================================== [ 23.867486] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.867486] [ 23.867935] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#132): [ 23.868837] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.869279] kunit_try_run_case+0x1a5/0x480 [ 23.869712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.870020] kthread+0x337/0x6f0 [ 23.870333] ret_from_fork+0x116/0x1d0 [ 23.870537] ret_from_fork_asm+0x1a/0x30 [ 23.870717] [ 23.870808] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.870808] [ 23.871505] allocated by task 340 on cpu 0 at 23.866838s (0.004664s ago): [ 23.872004] test_alloc+0x364/0x10f0 [ 23.872317] test_kmalloc_aligned_oob_read+0x105/0x560 [ 23.872581] kunit_try_run_case+0x1a5/0x480 [ 23.872939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.873374] kthread+0x337/0x6f0 [ 23.873533] ret_from_fork+0x116/0x1d0 [ 23.873844] ret_from_fork_asm+0x1a/0x30 [ 23.874155] [ 23.874293] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.874772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.875272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.875778] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.186943] ================================================================== [ 19.187334] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.187334] [ 19.187698] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#87): [ 19.188830] test_corruption+0x131/0x3e0 [ 19.189045] kunit_try_run_case+0x1a5/0x480 [ 19.189446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.189767] kthread+0x337/0x6f0 [ 19.189925] ret_from_fork+0x116/0x1d0 [ 19.190206] ret_from_fork_asm+0x1a/0x30 [ 19.190396] [ 19.190502] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.190502] [ 19.190865] allocated by task 330 on cpu 1 at 19.186804s (0.004059s ago): [ 19.191545] test_alloc+0x2a6/0x10f0 [ 19.191693] test_corruption+0xe6/0x3e0 [ 19.192073] kunit_try_run_case+0x1a5/0x480 [ 19.192283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.192634] kthread+0x337/0x6f0 [ 19.192871] ret_from_fork+0x116/0x1d0 [ 19.193127] ret_from_fork_asm+0x1a/0x30 [ 19.193420] [ 19.193575] freed by task 330 on cpu 1 at 19.186859s (0.006713s ago): [ 19.193843] test_corruption+0x131/0x3e0 [ 19.194158] kunit_try_run_case+0x1a5/0x480 [ 19.194319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.194581] kthread+0x337/0x6f0 [ 19.194719] ret_from_fork+0x116/0x1d0 [ 19.194919] ret_from_fork_asm+0x1a/0x30 [ 19.195112] [ 19.195567] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.196110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.196328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.196829] ================================================================== [ 19.083104] ================================================================== [ 19.083508] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.083508] [ 19.083812] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#86): [ 19.084417] test_corruption+0x2df/0x3e0 [ 19.084713] kunit_try_run_case+0x1a5/0x480 [ 19.084865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.085210] kthread+0x337/0x6f0 [ 19.085544] ret_from_fork+0x116/0x1d0 [ 19.085757] ret_from_fork_asm+0x1a/0x30 [ 19.085977] [ 19.086101] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.086101] [ 19.086485] allocated by task 328 on cpu 0 at 19.082840s (0.003643s ago): [ 19.086827] test_alloc+0x364/0x10f0 [ 19.087024] test_corruption+0x1cb/0x3e0 [ 19.087210] kunit_try_run_case+0x1a5/0x480 [ 19.087355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.087600] kthread+0x337/0x6f0 [ 19.087808] ret_from_fork+0x116/0x1d0 [ 19.088014] ret_from_fork_asm+0x1a/0x30 [ 19.088255] [ 19.088333] freed by task 328 on cpu 0 at 19.082931s (0.005399s ago): [ 19.088573] test_corruption+0x2df/0x3e0 [ 19.088793] kunit_try_run_case+0x1a5/0x480 [ 19.089044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.089290] kthread+0x337/0x6f0 [ 19.089438] ret_from_fork+0x116/0x1d0 [ 19.089630] ret_from_fork_asm+0x1a/0x30 [ 19.089815] [ 19.089942] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.090421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.090560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.091014] ================================================================== [ 18.355157] ================================================================== [ 18.355592] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.355592] [ 18.356084] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#79): [ 18.357067] test_corruption+0x2d2/0x3e0 [ 18.357445] kunit_try_run_case+0x1a5/0x480 [ 18.357650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.357865] kthread+0x337/0x6f0 [ 18.358007] ret_from_fork+0x116/0x1d0 [ 18.358221] ret_from_fork_asm+0x1a/0x30 [ 18.358440] [ 18.358610] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.358610] [ 18.359006] allocated by task 328 on cpu 0 at 18.354886s (0.004118s ago): [ 18.359404] test_alloc+0x364/0x10f0 [ 18.359553] test_corruption+0xe6/0x3e0 [ 18.359710] kunit_try_run_case+0x1a5/0x480 [ 18.359944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.360272] kthread+0x337/0x6f0 [ 18.360439] ret_from_fork+0x116/0x1d0 [ 18.360657] ret_from_fork_asm+0x1a/0x30 [ 18.360855] [ 18.360962] freed by task 328 on cpu 0 at 18.355002s (0.005958s ago): [ 18.361221] test_corruption+0x2d2/0x3e0 [ 18.361418] kunit_try_run_case+0x1a5/0x480 [ 18.361654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.361889] kthread+0x337/0x6f0 [ 18.362139] ret_from_fork+0x116/0x1d0 [ 18.362300] ret_from_fork_asm+0x1a/0x30 [ 18.362507] [ 18.362633] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.363141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.363350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.363657] ================================================================== [ 19.706964] ================================================================== [ 19.707373] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.707373] [ 19.707648] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#92): [ 19.708545] test_corruption+0x216/0x3e0 [ 19.708766] kunit_try_run_case+0x1a5/0x480 [ 19.708973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.709448] kthread+0x337/0x6f0 [ 19.709750] ret_from_fork+0x116/0x1d0 [ 19.709971] ret_from_fork_asm+0x1a/0x30 [ 19.710336] [ 19.710418] kfence-#92: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.710418] [ 19.710928] allocated by task 330 on cpu 1 at 19.706820s (0.004104s ago): [ 19.711352] test_alloc+0x2a6/0x10f0 [ 19.711540] test_corruption+0x1cb/0x3e0 [ 19.711729] kunit_try_run_case+0x1a5/0x480 [ 19.712124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.712501] kthread+0x337/0x6f0 [ 19.712643] ret_from_fork+0x116/0x1d0 [ 19.713029] ret_from_fork_asm+0x1a/0x30 [ 19.713243] [ 19.713414] freed by task 330 on cpu 1 at 19.706875s (0.006536s ago): [ 19.713682] test_corruption+0x216/0x3e0 [ 19.713872] kunit_try_run_case+0x1a5/0x480 [ 19.714281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.714596] kthread+0x337/0x6f0 [ 19.714732] ret_from_fork+0x116/0x1d0 [ 19.715053] ret_from_fork_asm+0x1a/0x30 [ 19.715399] [ 19.715507] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.716127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.716316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.716685] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.147015] ================================================================== [ 18.147400] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.147400] [ 18.147762] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 18.148135] test_invalid_addr_free+0x1e1/0x260 [ 18.148330] kunit_try_run_case+0x1a5/0x480 [ 18.148511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.148772] kthread+0x337/0x6f0 [ 18.148915] ret_from_fork+0x116/0x1d0 [ 18.149055] ret_from_fork_asm+0x1a/0x30 [ 18.149237] [ 18.149336] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.149336] [ 18.149874] allocated by task 324 on cpu 0 at 18.146877s (0.002995s ago): [ 18.150281] test_alloc+0x364/0x10f0 [ 18.150791] test_invalid_addr_free+0xdb/0x260 [ 18.151361] kunit_try_run_case+0x1a5/0x480 [ 18.151800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.152102] kthread+0x337/0x6f0 [ 18.152254] ret_from_fork+0x116/0x1d0 [ 18.152625] ret_from_fork_asm+0x1a/0x30 [ 18.152941] [ 18.153070] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.153600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.153782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.154358] ================================================================== [ 18.251039] ================================================================== [ 18.251427] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.251427] [ 18.251784] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 18.252180] test_invalid_addr_free+0xfb/0x260 [ 18.252388] kunit_try_run_case+0x1a5/0x480 [ 18.252542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.252803] kthread+0x337/0x6f0 [ 18.252988] ret_from_fork+0x116/0x1d0 [ 18.253194] ret_from_fork_asm+0x1a/0x30 [ 18.253388] [ 18.253466] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.253466] [ 18.253870] allocated by task 326 on cpu 1 at 18.250921s (0.002947s ago): [ 18.254196] test_alloc+0x2a6/0x10f0 [ 18.254387] test_invalid_addr_free+0xdb/0x260 [ 18.254553] kunit_try_run_case+0x1a5/0x480 [ 18.254772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.255048] kthread+0x337/0x6f0 [ 18.255189] ret_from_fork+0x116/0x1d0 [ 18.255362] ret_from_fork_asm+0x1a/0x30 [ 18.255566] [ 18.255689] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.256033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.256175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.256929] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.043060] ================================================================== [ 18.043459] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.043459] [ 18.043769] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 18.044145] test_double_free+0x112/0x260 [ 18.044296] kunit_try_run_case+0x1a5/0x480 [ 18.044532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.044754] kthread+0x337/0x6f0 [ 18.044882] ret_from_fork+0x116/0x1d0 [ 18.045195] ret_from_fork_asm+0x1a/0x30 [ 18.045403] [ 18.045503] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.045503] [ 18.045874] allocated by task 322 on cpu 1 at 18.042907s (0.002965s ago): [ 18.046238] test_alloc+0x2a6/0x10f0 [ 18.046421] test_double_free+0xdb/0x260 [ 18.046591] kunit_try_run_case+0x1a5/0x480 [ 18.046775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.046967] kthread+0x337/0x6f0 [ 18.047110] ret_from_fork+0x116/0x1d0 [ 18.047300] ret_from_fork_asm+0x1a/0x30 [ 18.047502] [ 18.047579] freed by task 322 on cpu 1 at 18.042944s (0.004632s ago): [ 18.047855] test_double_free+0xfa/0x260 [ 18.048051] kunit_try_run_case+0x1a5/0x480 [ 18.048265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.048516] kthread+0x337/0x6f0 [ 18.048648] ret_from_fork+0x116/0x1d0 [ 18.048784] ret_from_fork_asm+0x1a/0x30 [ 18.048993] [ 18.049118] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.049547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.049688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.049998] ================================================================== [ 17.939224] ================================================================== [ 17.939748] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 17.939748] [ 17.940196] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 17.940502] test_double_free+0x1d3/0x260 [ 17.940661] kunit_try_run_case+0x1a5/0x480 [ 17.940850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.941163] kthread+0x337/0x6f0 [ 17.941324] ret_from_fork+0x116/0x1d0 [ 17.941497] ret_from_fork_asm+0x1a/0x30 [ 17.941679] [ 17.941753] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.941753] [ 17.942241] allocated by task 320 on cpu 1 at 17.938855s (0.003385s ago): [ 17.942529] test_alloc+0x364/0x10f0 [ 17.942716] test_double_free+0xdb/0x260 [ 17.942915] kunit_try_run_case+0x1a5/0x480 [ 17.943142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.943366] kthread+0x337/0x6f0 [ 17.943529] ret_from_fork+0x116/0x1d0 [ 17.943701] ret_from_fork_asm+0x1a/0x30 [ 17.943872] [ 17.943974] freed by task 320 on cpu 1 at 17.938932s (0.005039s ago): [ 17.944281] test_double_free+0x1e0/0x260 [ 17.944445] kunit_try_run_case+0x1a5/0x480 [ 17.944594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.944772] kthread+0x337/0x6f0 [ 17.944906] ret_from_fork+0x116/0x1d0 [ 17.945093] ret_from_fork_asm+0x1a/0x30 [ 17.945291] [ 17.945426] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.945913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.946210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.946564] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.627121] ================================================================== [ 17.627636] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.627636] [ 17.628050] Use-after-free read at 0x(____ptrval____) (in kfence-#72): [ 17.628321] test_use_after_free_read+0x129/0x270 [ 17.628566] kunit_try_run_case+0x1a5/0x480 [ 17.628769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.629508] kthread+0x337/0x6f0 [ 17.629646] ret_from_fork+0x116/0x1d0 [ 17.630066] ret_from_fork_asm+0x1a/0x30 [ 17.630331] [ 17.630414] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.630414] [ 17.630932] allocated by task 314 on cpu 1 at 17.626903s (0.004027s ago): [ 17.631397] test_alloc+0x2a6/0x10f0 [ 17.631576] test_use_after_free_read+0xdc/0x270 [ 17.631788] kunit_try_run_case+0x1a5/0x480 [ 17.632192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.632500] kthread+0x337/0x6f0 [ 17.632637] ret_from_fork+0x116/0x1d0 [ 17.632911] ret_from_fork_asm+0x1a/0x30 [ 17.633253] [ 17.633340] freed by task 314 on cpu 1 at 17.626954s (0.006382s ago): [ 17.633628] test_use_after_free_read+0xfb/0x270 [ 17.633853] kunit_try_run_case+0x1a5/0x480 [ 17.634075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.634598] kthread+0x337/0x6f0 [ 17.634749] ret_from_fork+0x116/0x1d0 [ 17.635131] ret_from_fork_asm+0x1a/0x30 [ 17.635337] [ 17.635598] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.636196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.636502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.636848] ================================================================== [ 17.523080] ================================================================== [ 17.523564] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.523564] [ 17.524203] Use-after-free read at 0x(____ptrval____) (in kfence-#71): [ 17.524459] test_use_after_free_read+0x129/0x270 [ 17.525234] kunit_try_run_case+0x1a5/0x480 [ 17.525477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.525676] kthread+0x337/0x6f0 [ 17.525845] ret_from_fork+0x116/0x1d0 [ 17.526140] ret_from_fork_asm+0x1a/0x30 [ 17.526369] [ 17.526475] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.526475] [ 17.526861] allocated by task 312 on cpu 0 at 17.522833s (0.004026s ago): [ 17.527188] test_alloc+0x364/0x10f0 [ 17.527472] test_use_after_free_read+0xdc/0x270 [ 17.527719] kunit_try_run_case+0x1a5/0x480 [ 17.527879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.528256] kthread+0x337/0x6f0 [ 17.528410] ret_from_fork+0x116/0x1d0 [ 17.528640] ret_from_fork_asm+0x1a/0x30 [ 17.529019] [ 17.529249] freed by task 312 on cpu 0 at 17.522915s (0.006243s ago): [ 17.529608] test_use_after_free_read+0x1e7/0x270 [ 17.529841] kunit_try_run_case+0x1a5/0x480 [ 17.530044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.530303] kthread+0x337/0x6f0 [ 17.530479] ret_from_fork+0x116/0x1d0 [ 17.530666] ret_from_fork_asm+0x1a/0x30 [ 17.530884] [ 17.531030] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.531371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.531570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.531932] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 16.587155] ================================================================== [ 16.587563] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.587563] [ 16.588026] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#62): [ 16.588379] test_out_of_bounds_read+0x216/0x4e0 [ 16.588558] kunit_try_run_case+0x1a5/0x480 [ 16.588755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.589032] kthread+0x337/0x6f0 [ 16.589237] ret_from_fork+0x116/0x1d0 [ 16.589375] ret_from_fork_asm+0x1a/0x30 [ 16.589593] [ 16.589698] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.589698] [ 16.590158] allocated by task 304 on cpu 1 at 16.586918s (0.003237s ago): [ 16.590451] test_alloc+0x364/0x10f0 [ 16.590604] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.590794] kunit_try_run_case+0x1a5/0x480 [ 16.591059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.591271] kthread+0x337/0x6f0 [ 16.591439] ret_from_fork+0x116/0x1d0 [ 16.591617] ret_from_fork_asm+0x1a/0x30 [ 16.591778] [ 16.591910] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.592391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.592570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.592839] ================================================================== [ 16.794951] ================================================================== [ 16.795354] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.795354] [ 16.795783] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#64): [ 16.796200] test_out_of_bounds_read+0x216/0x4e0 [ 16.796398] kunit_try_run_case+0x1a5/0x480 [ 16.796612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.796874] kthread+0x337/0x6f0 [ 16.797082] ret_from_fork+0x116/0x1d0 [ 16.797225] ret_from_fork_asm+0x1a/0x30 [ 16.797391] [ 16.797489] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.797489] [ 16.797907] allocated by task 306 on cpu 1 at 16.794886s (0.003017s ago): [ 16.798218] test_alloc+0x2a6/0x10f0 [ 16.798395] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.798575] kunit_try_run_case+0x1a5/0x480 [ 16.798803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.799023] kthread+0x337/0x6f0 [ 16.799192] ret_from_fork+0x116/0x1d0 [ 16.799433] ret_from_fork_asm+0x1a/0x30 [ 16.799628] [ 16.799733] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.800205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.800385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.800654] ================================================================== [ 16.483889] ================================================================== [ 16.484376] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.484376] [ 16.484850] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#61): [ 16.485249] test_out_of_bounds_read+0x126/0x4e0 [ 16.485579] kunit_try_run_case+0x1a5/0x480 [ 16.485772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.486027] kthread+0x337/0x6f0 [ 16.486205] ret_from_fork+0x116/0x1d0 [ 16.486361] ret_from_fork_asm+0x1a/0x30 [ 16.486555] [ 16.486799] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.486799] [ 16.487386] allocated by task 304 on cpu 1 at 16.482879s (0.004450s ago): [ 16.487934] test_alloc+0x364/0x10f0 [ 16.488158] test_out_of_bounds_read+0xed/0x4e0 [ 16.488324] kunit_try_run_case+0x1a5/0x480 [ 16.488517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.488773] kthread+0x337/0x6f0 [ 16.488936] ret_from_fork+0x116/0x1d0 [ 16.489201] ret_from_fork_asm+0x1a/0x30 [ 16.489416] [ 16.489543] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.490100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.490261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.490639] ================================================================== [ 16.690943] ================================================================== [ 16.691343] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.691343] [ 16.691735] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#63): [ 16.692179] test_out_of_bounds_read+0x126/0x4e0 [ 16.692394] kunit_try_run_case+0x1a5/0x480 [ 16.692549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.692808] kthread+0x337/0x6f0 [ 16.692996] ret_from_fork+0x116/0x1d0 [ 16.693194] ret_from_fork_asm+0x1a/0x30 [ 16.693383] [ 16.693457] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.693457] [ 16.693794] allocated by task 306 on cpu 1 at 16.690874s (0.002918s ago): [ 16.694178] test_alloc+0x2a6/0x10f0 [ 16.694362] test_out_of_bounds_read+0xed/0x4e0 [ 16.694519] kunit_try_run_case+0x1a5/0x480 [ 16.694730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.695018] kthread+0x337/0x6f0 [ 16.695198] ret_from_fork+0x116/0x1d0 [ 16.695350] ret_from_fork_asm+0x1a/0x30 [ 16.695534] [ 16.695638] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.696129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.696269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.696559] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.275195] ================================================================== [ 16.275945] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.276650] Write of size 121 at addr ffff8881029b2200 by task kunit_try_catch/302 [ 16.277079] [ 16.277178] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.277221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.277233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.277255] Call Trace: [ 16.277269] <TASK> [ 16.277286] dump_stack_lvl+0x73/0xb0 [ 16.277314] print_report+0xd1/0x610 [ 16.277337] ? __virt_addr_valid+0x1db/0x2d0 [ 16.277361] ? strncpy_from_user+0x2e/0x1d0 [ 16.277385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.277409] ? strncpy_from_user+0x2e/0x1d0 [ 16.277433] kasan_report+0x141/0x180 [ 16.277456] ? strncpy_from_user+0x2e/0x1d0 [ 16.277486] kasan_check_range+0x10c/0x1c0 [ 16.277511] __kasan_check_write+0x18/0x20 [ 16.277530] strncpy_from_user+0x2e/0x1d0 [ 16.277554] ? __kasan_check_read+0x15/0x20 [ 16.277576] copy_user_test_oob+0x760/0x10f0 [ 16.277616] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.277639] ? finish_task_switch.isra.0+0x153/0x700 [ 16.277663] ? __switch_to+0x47/0xf50 [ 16.277691] ? __schedule+0x10cc/0x2b60 [ 16.277714] ? __pfx_read_tsc+0x10/0x10 [ 16.277735] ? ktime_get_ts64+0x86/0x230 [ 16.277760] kunit_try_run_case+0x1a5/0x480 [ 16.277786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.277809] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.277835] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.277859] ? __kthread_parkme+0x82/0x180 [ 16.277881] ? preempt_count_sub+0x50/0x80 [ 16.277917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.277942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.277967] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.277992] kthread+0x337/0x6f0 [ 16.278011] ? trace_preempt_on+0x20/0xc0 [ 16.278036] ? __pfx_kthread+0x10/0x10 [ 16.278057] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.278081] ? calculate_sigpending+0x7b/0xa0 [ 16.278106] ? __pfx_kthread+0x10/0x10 [ 16.278139] ret_from_fork+0x116/0x1d0 [ 16.278158] ? __pfx_kthread+0x10/0x10 [ 16.278180] ret_from_fork_asm+0x1a/0x30 [ 16.278212] </TASK> [ 16.278222] [ 16.285733] Allocated by task 302: [ 16.285870] kasan_save_stack+0x45/0x70 [ 16.286135] kasan_save_track+0x18/0x40 [ 16.286336] kasan_save_alloc_info+0x3b/0x50 [ 16.286550] __kasan_kmalloc+0xb7/0xc0 [ 16.286742] __kmalloc_noprof+0x1c9/0x500 [ 16.286969] kunit_kmalloc_array+0x25/0x60 [ 16.287160] copy_user_test_oob+0xab/0x10f0 [ 16.287340] kunit_try_run_case+0x1a5/0x480 [ 16.287532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.287721] kthread+0x337/0x6f0 [ 16.287846] ret_from_fork+0x116/0x1d0 [ 16.288010] ret_from_fork_asm+0x1a/0x30 [ 16.288213] [ 16.288313] The buggy address belongs to the object at ffff8881029b2200 [ 16.288313] which belongs to the cache kmalloc-128 of size 128 [ 16.288841] The buggy address is located 0 bytes inside of [ 16.288841] allocated 120-byte region [ffff8881029b2200, ffff8881029b2278) [ 16.289354] [ 16.289430] The buggy address belongs to the physical page: [ 16.289660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b2 [ 16.290021] flags: 0x200000000000000(node=0|zone=2) [ 16.290213] page_type: f5(slab) [ 16.290383] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.290679] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.290996] page dumped because: kasan: bad access detected [ 16.291225] [ 16.291305] Memory state around the buggy address: [ 16.291463] ffff8881029b2100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.291680] ffff8881029b2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.291908] >ffff8881029b2200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.292279] ^ [ 16.292596] ffff8881029b2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.292923] ffff8881029b2300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.293490] ================================================================== [ 16.293948] ================================================================== [ 16.294307] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.294777] Write of size 1 at addr ffff8881029b2278 by task kunit_try_catch/302 [ 16.295034] [ 16.295121] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.295164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.295175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.295197] Call Trace: [ 16.295213] <TASK> [ 16.295229] dump_stack_lvl+0x73/0xb0 [ 16.295258] print_report+0xd1/0x610 [ 16.295280] ? __virt_addr_valid+0x1db/0x2d0 [ 16.295304] ? strncpy_from_user+0x1a5/0x1d0 [ 16.295328] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.295352] ? strncpy_from_user+0x1a5/0x1d0 [ 16.295376] kasan_report+0x141/0x180 [ 16.295399] ? strncpy_from_user+0x1a5/0x1d0 [ 16.295428] __asan_report_store1_noabort+0x1b/0x30 [ 16.295462] strncpy_from_user+0x1a5/0x1d0 [ 16.295501] copy_user_test_oob+0x760/0x10f0 [ 16.295530] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.295570] ? finish_task_switch.isra.0+0x153/0x700 [ 16.295593] ? __switch_to+0x47/0xf50 [ 16.295620] ? __schedule+0x10cc/0x2b60 [ 16.295643] ? __pfx_read_tsc+0x10/0x10 [ 16.295664] ? ktime_get_ts64+0x86/0x230 [ 16.295689] kunit_try_run_case+0x1a5/0x480 [ 16.295715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.295738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.295763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.295787] ? __kthread_parkme+0x82/0x180 [ 16.295809] ? preempt_count_sub+0x50/0x80 [ 16.295833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.295857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.295882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.295919] kthread+0x337/0x6f0 [ 16.295939] ? trace_preempt_on+0x20/0xc0 [ 16.295964] ? __pfx_kthread+0x10/0x10 [ 16.295993] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.296014] ? calculate_sigpending+0x7b/0xa0 [ 16.296039] ? __pfx_kthread+0x10/0x10 [ 16.296062] ret_from_fork+0x116/0x1d0 [ 16.296081] ? __pfx_kthread+0x10/0x10 [ 16.296101] ret_from_fork_asm+0x1a/0x30 [ 16.296135] </TASK> [ 16.296146] [ 16.303708] Allocated by task 302: [ 16.303890] kasan_save_stack+0x45/0x70 [ 16.304092] kasan_save_track+0x18/0x40 [ 16.304291] kasan_save_alloc_info+0x3b/0x50 [ 16.304476] __kasan_kmalloc+0xb7/0xc0 [ 16.304650] __kmalloc_noprof+0x1c9/0x500 [ 16.304826] kunit_kmalloc_array+0x25/0x60 [ 16.304983] copy_user_test_oob+0xab/0x10f0 [ 16.305133] kunit_try_run_case+0x1a5/0x480 [ 16.305378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.305728] kthread+0x337/0x6f0 [ 16.305851] ret_from_fork+0x116/0x1d0 [ 16.306040] ret_from_fork_asm+0x1a/0x30 [ 16.306243] [ 16.306339] The buggy address belongs to the object at ffff8881029b2200 [ 16.306339] which belongs to the cache kmalloc-128 of size 128 [ 16.306839] The buggy address is located 0 bytes to the right of [ 16.306839] allocated 120-byte region [ffff8881029b2200, ffff8881029b2278) [ 16.307372] [ 16.307464] The buggy address belongs to the physical page: [ 16.307690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b2 [ 16.308007] flags: 0x200000000000000(node=0|zone=2) [ 16.308220] page_type: f5(slab) [ 16.308376] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.308674] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.308911] page dumped because: kasan: bad access detected [ 16.309141] [ 16.309234] Memory state around the buggy address: [ 16.309612] ffff8881029b2100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.309946] ffff8881029b2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.311680] >ffff8881029b2200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.311966] ^ [ 16.312285] ffff8881029b2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.312570] ffff8881029b2300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.312881] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.199456] ================================================================== [ 16.199820] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.200126] Write of size 121 at addr ffff8881029b2200 by task kunit_try_catch/302 [ 16.200435] [ 16.200548] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.200594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.200606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.200629] Call Trace: [ 16.200643] <TASK> [ 16.200659] dump_stack_lvl+0x73/0xb0 [ 16.200689] print_report+0xd1/0x610 [ 16.200712] ? __virt_addr_valid+0x1db/0x2d0 [ 16.200736] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.200760] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.200785] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.200809] kasan_report+0x141/0x180 [ 16.200832] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.200862] kasan_check_range+0x10c/0x1c0 [ 16.200886] __kasan_check_write+0x18/0x20 [ 16.200920] copy_user_test_oob+0x3fd/0x10f0 [ 16.200946] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.200970] ? finish_task_switch.isra.0+0x153/0x700 [ 16.201004] ? __switch_to+0x47/0xf50 [ 16.201032] ? __schedule+0x10cc/0x2b60 [ 16.201056] ? __pfx_read_tsc+0x10/0x10 [ 16.201077] ? ktime_get_ts64+0x86/0x230 [ 16.201102] kunit_try_run_case+0x1a5/0x480 [ 16.201128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.201151] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.201176] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.201202] ? __kthread_parkme+0x82/0x180 [ 16.201224] ? preempt_count_sub+0x50/0x80 [ 16.201248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.201273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.201300] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.201325] kthread+0x337/0x6f0 [ 16.201345] ? trace_preempt_on+0x20/0xc0 [ 16.201369] ? __pfx_kthread+0x10/0x10 [ 16.201390] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.201412] ? calculate_sigpending+0x7b/0xa0 [ 16.201438] ? __pfx_kthread+0x10/0x10 [ 16.201459] ret_from_fork+0x116/0x1d0 [ 16.201479] ? __pfx_kthread+0x10/0x10 [ 16.201499] ret_from_fork_asm+0x1a/0x30 [ 16.201533] </TASK> [ 16.201544] [ 16.208516] Allocated by task 302: [ 16.208676] kasan_save_stack+0x45/0x70 [ 16.208852] kasan_save_track+0x18/0x40 [ 16.209073] kasan_save_alloc_info+0x3b/0x50 [ 16.209226] __kasan_kmalloc+0xb7/0xc0 [ 16.209359] __kmalloc_noprof+0x1c9/0x500 [ 16.209561] kunit_kmalloc_array+0x25/0x60 [ 16.209778] copy_user_test_oob+0xab/0x10f0 [ 16.210011] kunit_try_run_case+0x1a5/0x480 [ 16.210222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.210451] kthread+0x337/0x6f0 [ 16.210613] ret_from_fork+0x116/0x1d0 [ 16.210804] ret_from_fork_asm+0x1a/0x30 [ 16.210986] [ 16.211081] The buggy address belongs to the object at ffff8881029b2200 [ 16.211081] which belongs to the cache kmalloc-128 of size 128 [ 16.211553] The buggy address is located 0 bytes inside of [ 16.211553] allocated 120-byte region [ffff8881029b2200, ffff8881029b2278) [ 16.212049] [ 16.212126] The buggy address belongs to the physical page: [ 16.212373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b2 [ 16.212656] flags: 0x200000000000000(node=0|zone=2) [ 16.212824] page_type: f5(slab) [ 16.212959] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.213321] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.213659] page dumped because: kasan: bad access detected [ 16.213878] [ 16.213959] Memory state around the buggy address: [ 16.214353] ffff8881029b2100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.214642] ffff8881029b2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.214931] >ffff8881029b2200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.215238] ^ [ 16.215470] ffff8881029b2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.215740] ffff8881029b2300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.216112] ================================================================== [ 16.257689] ================================================================== [ 16.257965] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.258254] Read of size 121 at addr ffff8881029b2200 by task kunit_try_catch/302 [ 16.258544] [ 16.258681] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.258727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.258739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.258766] Call Trace: [ 16.258782] <TASK> [ 16.258800] dump_stack_lvl+0x73/0xb0 [ 16.258829] print_report+0xd1/0x610 [ 16.258852] ? __virt_addr_valid+0x1db/0x2d0 [ 16.258876] ? copy_user_test_oob+0x604/0x10f0 [ 16.258911] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.258935] ? copy_user_test_oob+0x604/0x10f0 [ 16.258960] kasan_report+0x141/0x180 [ 16.258983] ? copy_user_test_oob+0x604/0x10f0 [ 16.259012] kasan_check_range+0x10c/0x1c0 [ 16.259037] __kasan_check_read+0x15/0x20 [ 16.259057] copy_user_test_oob+0x604/0x10f0 [ 16.259084] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.259107] ? finish_task_switch.isra.0+0x153/0x700 [ 16.259131] ? __switch_to+0x47/0xf50 [ 16.259171] ? __schedule+0x10cc/0x2b60 [ 16.259194] ? __pfx_read_tsc+0x10/0x10 [ 16.259216] ? ktime_get_ts64+0x86/0x230 [ 16.259241] kunit_try_run_case+0x1a5/0x480 [ 16.259266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.259289] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.259314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.259338] ? __kthread_parkme+0x82/0x180 [ 16.259361] ? preempt_count_sub+0x50/0x80 [ 16.259385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.259410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.259435] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.259460] kthread+0x337/0x6f0 [ 16.259479] ? trace_preempt_on+0x20/0xc0 [ 16.259504] ? __pfx_kthread+0x10/0x10 [ 16.259525] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.259547] ? calculate_sigpending+0x7b/0xa0 [ 16.259573] ? __pfx_kthread+0x10/0x10 [ 16.259594] ret_from_fork+0x116/0x1d0 [ 16.259614] ? __pfx_kthread+0x10/0x10 [ 16.259635] ret_from_fork_asm+0x1a/0x30 [ 16.259667] </TASK> [ 16.259679] [ 16.266678] Allocated by task 302: [ 16.266874] kasan_save_stack+0x45/0x70 [ 16.267110] kasan_save_track+0x18/0x40 [ 16.267314] kasan_save_alloc_info+0x3b/0x50 [ 16.267494] __kasan_kmalloc+0xb7/0xc0 [ 16.267628] __kmalloc_noprof+0x1c9/0x500 [ 16.267827] kunit_kmalloc_array+0x25/0x60 [ 16.268112] copy_user_test_oob+0xab/0x10f0 [ 16.268326] kunit_try_run_case+0x1a5/0x480 [ 16.268533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.268788] kthread+0x337/0x6f0 [ 16.268953] ret_from_fork+0x116/0x1d0 [ 16.269157] ret_from_fork_asm+0x1a/0x30 [ 16.269313] [ 16.269385] The buggy address belongs to the object at ffff8881029b2200 [ 16.269385] which belongs to the cache kmalloc-128 of size 128 [ 16.269883] The buggy address is located 0 bytes inside of [ 16.269883] allocated 120-byte region [ffff8881029b2200, ffff8881029b2278) [ 16.270386] [ 16.270460] The buggy address belongs to the physical page: [ 16.270635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b2 [ 16.270883] flags: 0x200000000000000(node=0|zone=2) [ 16.271125] page_type: f5(slab) [ 16.271293] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.271632] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.272069] page dumped because: kasan: bad access detected [ 16.272320] [ 16.272413] Memory state around the buggy address: [ 16.272600] ffff8881029b2100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.272820] ffff8881029b2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.273049] >ffff8881029b2200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.273527] ^ [ 16.274052] ffff8881029b2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.274354] ffff8881029b2300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.274569] ================================================================== [ 16.216631] ================================================================== [ 16.216959] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.217231] Read of size 121 at addr ffff8881029b2200 by task kunit_try_catch/302 [ 16.217550] [ 16.217660] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.217703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.217715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.217738] Call Trace: [ 16.217752] <TASK> [ 16.217769] dump_stack_lvl+0x73/0xb0 [ 16.217797] print_report+0xd1/0x610 [ 16.217820] ? __virt_addr_valid+0x1db/0x2d0 [ 16.217844] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.217868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.217901] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.217927] kasan_report+0x141/0x180 [ 16.217949] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.217979] kasan_check_range+0x10c/0x1c0 [ 16.218004] __kasan_check_read+0x15/0x20 [ 16.218033] copy_user_test_oob+0x4aa/0x10f0 [ 16.218060] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.218084] ? finish_task_switch.isra.0+0x153/0x700 [ 16.218107] ? __switch_to+0x47/0xf50 [ 16.218134] ? __schedule+0x10cc/0x2b60 [ 16.218158] ? __pfx_read_tsc+0x10/0x10 [ 16.218180] ? ktime_get_ts64+0x86/0x230 [ 16.218205] kunit_try_run_case+0x1a5/0x480 [ 16.218230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.218254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.218278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.218303] ? __kthread_parkme+0x82/0x180 [ 16.218325] ? preempt_count_sub+0x50/0x80 [ 16.218349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.218374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.218399] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.218424] kthread+0x337/0x6f0 [ 16.218444] ? trace_preempt_on+0x20/0xc0 [ 16.218469] ? __pfx_kthread+0x10/0x10 [ 16.218490] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.218512] ? calculate_sigpending+0x7b/0xa0 [ 16.218538] ? __pfx_kthread+0x10/0x10 [ 16.218560] ret_from_fork+0x116/0x1d0 [ 16.218579] ? __pfx_kthread+0x10/0x10 [ 16.218600] ret_from_fork_asm+0x1a/0x30 [ 16.218633] </TASK> [ 16.218643] [ 16.225615] Allocated by task 302: [ 16.225751] kasan_save_stack+0x45/0x70 [ 16.225906] kasan_save_track+0x18/0x40 [ 16.226104] kasan_save_alloc_info+0x3b/0x50 [ 16.226318] __kasan_kmalloc+0xb7/0xc0 [ 16.226505] __kmalloc_noprof+0x1c9/0x500 [ 16.226703] kunit_kmalloc_array+0x25/0x60 [ 16.226919] copy_user_test_oob+0xab/0x10f0 [ 16.227295] kunit_try_run_case+0x1a5/0x480 [ 16.227506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.227720] kthread+0x337/0x6f0 [ 16.227846] ret_from_fork+0x116/0x1d0 [ 16.227992] ret_from_fork_asm+0x1a/0x30 [ 16.228134] [ 16.228207] The buggy address belongs to the object at ffff8881029b2200 [ 16.228207] which belongs to the cache kmalloc-128 of size 128 [ 16.228864] The buggy address is located 0 bytes inside of [ 16.228864] allocated 120-byte region [ffff8881029b2200, ffff8881029b2278) [ 16.229991] [ 16.230076] The buggy address belongs to the physical page: [ 16.230307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b2 [ 16.230549] flags: 0x200000000000000(node=0|zone=2) [ 16.230714] page_type: f5(slab) [ 16.230841] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.231086] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.231314] page dumped because: kasan: bad access detected [ 16.231488] [ 16.231558] Memory state around the buggy address: [ 16.231718] ffff8881029b2100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.231981] ffff8881029b2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.232312] >ffff8881029b2200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.232626] ^ [ 16.232952] ffff8881029b2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.233277] ffff8881029b2300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.233596] ================================================================== [ 16.234126] ================================================================== [ 16.234473] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.235137] Write of size 121 at addr ffff8881029b2200 by task kunit_try_catch/302 [ 16.235485] [ 16.235599] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.235644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.235656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.235677] Call Trace: [ 16.235694] <TASK> [ 16.235712] dump_stack_lvl+0x73/0xb0 [ 16.235740] print_report+0xd1/0x610 [ 16.235764] ? __virt_addr_valid+0x1db/0x2d0 [ 16.235788] ? copy_user_test_oob+0x557/0x10f0 [ 16.235812] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.235836] ? copy_user_test_oob+0x557/0x10f0 [ 16.235861] kasan_report+0x141/0x180 [ 16.235884] ? copy_user_test_oob+0x557/0x10f0 [ 16.235926] kasan_check_range+0x10c/0x1c0 [ 16.235951] __kasan_check_write+0x18/0x20 [ 16.235971] copy_user_test_oob+0x557/0x10f0 [ 16.236009] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.236033] ? finish_task_switch.isra.0+0x153/0x700 [ 16.236056] ? __switch_to+0x47/0xf50 [ 16.236084] ? __schedule+0x10cc/0x2b60 [ 16.236107] ? __pfx_read_tsc+0x10/0x10 [ 16.236129] ? ktime_get_ts64+0x86/0x230 [ 16.236154] kunit_try_run_case+0x1a5/0x480 [ 16.236179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.236203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.236228] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.236253] ? __kthread_parkme+0x82/0x180 [ 16.236274] ? preempt_count_sub+0x50/0x80 [ 16.236298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.236323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.236348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.236373] kthread+0x337/0x6f0 [ 16.236392] ? trace_preempt_on+0x20/0xc0 [ 16.236417] ? __pfx_kthread+0x10/0x10 [ 16.236438] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.236460] ? calculate_sigpending+0x7b/0xa0 [ 16.236486] ? __pfx_kthread+0x10/0x10 [ 16.236507] ret_from_fork+0x116/0x1d0 [ 16.236527] ? __pfx_kthread+0x10/0x10 [ 16.236548] ret_from_fork_asm+0x1a/0x30 [ 16.236581] </TASK> [ 16.236592] [ 16.243915] Allocated by task 302: [ 16.244193] kasan_save_stack+0x45/0x70 [ 16.244338] kasan_save_track+0x18/0x40 [ 16.244476] kasan_save_alloc_info+0x3b/0x50 [ 16.244627] __kasan_kmalloc+0xb7/0xc0 [ 16.244760] __kmalloc_noprof+0x1c9/0x500 [ 16.244913] kunit_kmalloc_array+0x25/0x60 [ 16.245238] copy_user_test_oob+0xab/0x10f0 [ 16.245447] kunit_try_run_case+0x1a5/0x480 [ 16.245655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.245921] kthread+0x337/0x6f0 [ 16.246239] ret_from_fork+0x116/0x1d0 [ 16.246427] ret_from_fork_asm+0x1a/0x30 [ 16.246628] [ 16.246723] The buggy address belongs to the object at ffff8881029b2200 [ 16.246723] which belongs to the cache kmalloc-128 of size 128 [ 16.247238] The buggy address is located 0 bytes inside of [ 16.247238] allocated 120-byte region [ffff8881029b2200, ffff8881029b2278) [ 16.247626] [ 16.247698] The buggy address belongs to the physical page: [ 16.247872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b2 [ 16.250293] flags: 0x200000000000000(node=0|zone=2) [ 16.250723] page_type: f5(slab) [ 16.251065] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.251717] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.252486] page dumped because: kasan: bad access detected [ 16.252665] [ 16.252737] Memory state around the buggy address: [ 16.252906] ffff8881029b2100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.253480] ffff8881029b2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.254122] >ffff8881029b2200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.254726] ^ [ 16.255466] ffff8881029b2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.256140] ffff8881029b2300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.256772] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.178345] ================================================================== [ 16.178782] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.179107] Read of size 121 at addr ffff8881029b2200 by task kunit_try_catch/302 [ 16.179570] [ 16.179672] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.179718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.179731] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.179753] Call Trace: [ 16.179767] <TASK> [ 16.179783] dump_stack_lvl+0x73/0xb0 [ 16.179813] print_report+0xd1/0x610 [ 16.179837] ? __virt_addr_valid+0x1db/0x2d0 [ 16.179861] ? _copy_to_user+0x3c/0x70 [ 16.179881] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.179918] ? _copy_to_user+0x3c/0x70 [ 16.179938] kasan_report+0x141/0x180 [ 16.179962] ? _copy_to_user+0x3c/0x70 [ 16.179987] kasan_check_range+0x10c/0x1c0 [ 16.180011] __kasan_check_read+0x15/0x20 [ 16.180031] _copy_to_user+0x3c/0x70 [ 16.180051] copy_user_test_oob+0x364/0x10f0 [ 16.180078] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.180103] ? finish_task_switch.isra.0+0x153/0x700 [ 16.180127] ? __switch_to+0x47/0xf50 [ 16.180153] ? __schedule+0x10cc/0x2b60 [ 16.180177] ? __pfx_read_tsc+0x10/0x10 [ 16.180198] ? ktime_get_ts64+0x86/0x230 [ 16.180224] kunit_try_run_case+0x1a5/0x480 [ 16.180249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.180272] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.180297] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.180322] ? __kthread_parkme+0x82/0x180 [ 16.180344] ? preempt_count_sub+0x50/0x80 [ 16.180369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.180394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.180420] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.180445] kthread+0x337/0x6f0 [ 16.180464] ? trace_preempt_on+0x20/0xc0 [ 16.180489] ? __pfx_kthread+0x10/0x10 [ 16.180511] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.180533] ? calculate_sigpending+0x7b/0xa0 [ 16.180558] ? __pfx_kthread+0x10/0x10 [ 16.180580] ret_from_fork+0x116/0x1d0 [ 16.180599] ? __pfx_kthread+0x10/0x10 [ 16.180620] ret_from_fork_asm+0x1a/0x30 [ 16.180654] </TASK> [ 16.180664] [ 16.187698] Allocated by task 302: [ 16.187827] kasan_save_stack+0x45/0x70 [ 16.187984] kasan_save_track+0x18/0x40 [ 16.188179] kasan_save_alloc_info+0x3b/0x50 [ 16.188402] __kasan_kmalloc+0xb7/0xc0 [ 16.188591] __kmalloc_noprof+0x1c9/0x500 [ 16.188790] kunit_kmalloc_array+0x25/0x60 [ 16.189004] copy_user_test_oob+0xab/0x10f0 [ 16.189340] kunit_try_run_case+0x1a5/0x480 [ 16.189549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.189728] kthread+0x337/0x6f0 [ 16.189850] ret_from_fork+0x116/0x1d0 [ 16.190131] ret_from_fork_asm+0x1a/0x30 [ 16.190334] [ 16.190429] The buggy address belongs to the object at ffff8881029b2200 [ 16.190429] which belongs to the cache kmalloc-128 of size 128 [ 16.190923] The buggy address is located 0 bytes inside of [ 16.190923] allocated 120-byte region [ffff8881029b2200, ffff8881029b2278) [ 16.191466] [ 16.191547] The buggy address belongs to the physical page: [ 16.191755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b2 [ 16.192120] flags: 0x200000000000000(node=0|zone=2) [ 16.192339] page_type: f5(slab) [ 16.192484] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.192771] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.193137] page dumped because: kasan: bad access detected [ 16.193342] [ 16.193437] Memory state around the buggy address: [ 16.193637] ffff8881029b2100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.193917] ffff8881029b2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.194227] >ffff8881029b2200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.194445] ^ [ 16.194659] ffff8881029b2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.194886] ffff8881029b2300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.195112] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.154024] ================================================================== [ 16.154617] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.155120] Write of size 121 at addr ffff8881029b2200 by task kunit_try_catch/302 [ 16.156142] [ 16.156259] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.156314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.156327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.156352] Call Trace: [ 16.156367] <TASK> [ 16.156388] dump_stack_lvl+0x73/0xb0 [ 16.156425] print_report+0xd1/0x610 [ 16.156451] ? __virt_addr_valid+0x1db/0x2d0 [ 16.156478] ? _copy_from_user+0x32/0x90 [ 16.156499] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.156522] ? _copy_from_user+0x32/0x90 [ 16.156544] kasan_report+0x141/0x180 [ 16.156567] ? _copy_from_user+0x32/0x90 [ 16.156593] kasan_check_range+0x10c/0x1c0 [ 16.156618] __kasan_check_write+0x18/0x20 [ 16.156638] _copy_from_user+0x32/0x90 [ 16.156659] copy_user_test_oob+0x2be/0x10f0 [ 16.156687] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.156709] ? finish_task_switch.isra.0+0x153/0x700 [ 16.156735] ? __switch_to+0x47/0xf50 [ 16.156763] ? __schedule+0x10cc/0x2b60 [ 16.156788] ? __pfx_read_tsc+0x10/0x10 [ 16.156811] ? ktime_get_ts64+0x86/0x230 [ 16.156838] kunit_try_run_case+0x1a5/0x480 [ 16.156863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.156886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.156925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.156950] ? __kthread_parkme+0x82/0x180 [ 16.156972] ? preempt_count_sub+0x50/0x80 [ 16.156997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.157023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.157048] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.157073] kthread+0x337/0x6f0 [ 16.157092] ? trace_preempt_on+0x20/0xc0 [ 16.157117] ? __pfx_kthread+0x10/0x10 [ 16.157138] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.157161] ? calculate_sigpending+0x7b/0xa0 [ 16.157187] ? __pfx_kthread+0x10/0x10 [ 16.157209] ret_from_fork+0x116/0x1d0 [ 16.157229] ? __pfx_kthread+0x10/0x10 [ 16.157249] ret_from_fork_asm+0x1a/0x30 [ 16.157284] </TASK> [ 16.157296] [ 16.165532] Allocated by task 302: [ 16.165717] kasan_save_stack+0x45/0x70 [ 16.165914] kasan_save_track+0x18/0x40 [ 16.166340] kasan_save_alloc_info+0x3b/0x50 [ 16.166519] __kasan_kmalloc+0xb7/0xc0 [ 16.166703] __kmalloc_noprof+0x1c9/0x500 [ 16.166968] kunit_kmalloc_array+0x25/0x60 [ 16.167227] copy_user_test_oob+0xab/0x10f0 [ 16.167406] kunit_try_run_case+0x1a5/0x480 [ 16.167679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.167960] kthread+0x337/0x6f0 [ 16.168168] ret_from_fork+0x116/0x1d0 [ 16.168336] ret_from_fork_asm+0x1a/0x30 [ 16.168486] [ 16.168562] The buggy address belongs to the object at ffff8881029b2200 [ 16.168562] which belongs to the cache kmalloc-128 of size 128 [ 16.169092] The buggy address is located 0 bytes inside of [ 16.169092] allocated 120-byte region [ffff8881029b2200, ffff8881029b2278) [ 16.169621] [ 16.169805] The buggy address belongs to the physical page: [ 16.170343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b2 [ 16.170751] flags: 0x200000000000000(node=0|zone=2) [ 16.170972] page_type: f5(slab) [ 16.171146] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.171477] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.171832] page dumped because: kasan: bad access detected [ 16.172081] [ 16.172152] Memory state around the buggy address: [ 16.172311] ffff8881029b2100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.172529] ffff8881029b2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.172746] >ffff8881029b2200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.172971] ^ [ 16.173285] ffff8881029b2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.173665] ffff8881029b2300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.174121] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.109163] ================================================================== [ 16.109944] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.110663] Write of size 8 at addr ffff888103abd078 by task kunit_try_catch/298 [ 16.111409] [ 16.111608] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.111654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.111667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.111690] Call Trace: [ 16.111703] <TASK> [ 16.111719] dump_stack_lvl+0x73/0xb0 [ 16.111749] print_report+0xd1/0x610 [ 16.111773] ? __virt_addr_valid+0x1db/0x2d0 [ 16.111798] ? copy_to_kernel_nofault+0x99/0x260 [ 16.111822] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.111846] ? copy_to_kernel_nofault+0x99/0x260 [ 16.111872] kasan_report+0x141/0x180 [ 16.111909] ? copy_to_kernel_nofault+0x99/0x260 [ 16.111940] kasan_check_range+0x10c/0x1c0 [ 16.111965] __kasan_check_write+0x18/0x20 [ 16.111985] copy_to_kernel_nofault+0x99/0x260 [ 16.112011] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.112037] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.112061] ? finish_task_switch.isra.0+0x153/0x700 [ 16.112085] ? __schedule+0x10cc/0x2b60 [ 16.112107] ? trace_hardirqs_on+0x37/0xe0 [ 16.112140] ? __pfx_read_tsc+0x10/0x10 [ 16.112161] ? ktime_get_ts64+0x86/0x230 [ 16.112188] kunit_try_run_case+0x1a5/0x480 [ 16.112216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.112242] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.112267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.112292] ? __kthread_parkme+0x82/0x180 [ 16.112315] ? preempt_count_sub+0x50/0x80 [ 16.112340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.112366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.112390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.112416] kthread+0x337/0x6f0 [ 16.112436] ? trace_preempt_on+0x20/0xc0 [ 16.112459] ? __pfx_kthread+0x10/0x10 [ 16.112480] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.112503] ? calculate_sigpending+0x7b/0xa0 [ 16.112547] ? __pfx_kthread+0x10/0x10 [ 16.112569] ret_from_fork+0x116/0x1d0 [ 16.112588] ? __pfx_kthread+0x10/0x10 [ 16.112609] ret_from_fork_asm+0x1a/0x30 [ 16.112642] </TASK> [ 16.112654] [ 16.126431] Allocated by task 298: [ 16.126768] kasan_save_stack+0x45/0x70 [ 16.127261] kasan_save_track+0x18/0x40 [ 16.127623] kasan_save_alloc_info+0x3b/0x50 [ 16.128123] __kasan_kmalloc+0xb7/0xc0 [ 16.128354] __kmalloc_cache_noprof+0x189/0x420 [ 16.128787] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.129070] kunit_try_run_case+0x1a5/0x480 [ 16.129497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.129973] kthread+0x337/0x6f0 [ 16.130127] ret_from_fork+0x116/0x1d0 [ 16.130279] ret_from_fork_asm+0x1a/0x30 [ 16.130425] [ 16.130498] The buggy address belongs to the object at ffff888103abd000 [ 16.130498] which belongs to the cache kmalloc-128 of size 128 [ 16.131609] The buggy address is located 0 bytes to the right of [ 16.131609] allocated 120-byte region [ffff888103abd000, ffff888103abd078) [ 16.132886] [ 16.133066] The buggy address belongs to the physical page: [ 16.133644] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103abd [ 16.134410] flags: 0x200000000000000(node=0|zone=2) [ 16.134921] page_type: f5(slab) [ 16.135284] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.136008] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.136863] page dumped because: kasan: bad access detected [ 16.137501] [ 16.137703] Memory state around the buggy address: [ 16.138188] ffff888103abcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.138817] ffff888103abcf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.139525] >ffff888103abd000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.140056] ^ [ 16.140381] ffff888103abd080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.140605] ffff888103abd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.141311] ================================================================== [ 16.079193] ================================================================== [ 16.079915] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.080950] Read of size 8 at addr ffff888103abd078 by task kunit_try_catch/298 [ 16.082036] [ 16.082177] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.082229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.082242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.082266] Call Trace: [ 16.082280] <TASK> [ 16.082298] dump_stack_lvl+0x73/0xb0 [ 16.082387] print_report+0xd1/0x610 [ 16.082417] ? __virt_addr_valid+0x1db/0x2d0 [ 16.082541] ? copy_to_kernel_nofault+0x225/0x260 [ 16.082575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.082601] ? copy_to_kernel_nofault+0x225/0x260 [ 16.082626] kasan_report+0x141/0x180 [ 16.082651] ? copy_to_kernel_nofault+0x225/0x260 [ 16.082682] __asan_report_load8_noabort+0x18/0x20 [ 16.082708] copy_to_kernel_nofault+0x225/0x260 [ 16.082735] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.082767] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.082792] ? finish_task_switch.isra.0+0x153/0x700 [ 16.082818] ? __schedule+0x10cc/0x2b60 [ 16.082842] ? trace_hardirqs_on+0x37/0xe0 [ 16.082877] ? __pfx_read_tsc+0x10/0x10 [ 16.082911] ? ktime_get_ts64+0x86/0x230 [ 16.082938] kunit_try_run_case+0x1a5/0x480 [ 16.082964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.083038] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.083067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.083092] ? __kthread_parkme+0x82/0x180 [ 16.083113] ? preempt_count_sub+0x50/0x80 [ 16.083138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.083163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.083188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.083213] kthread+0x337/0x6f0 [ 16.083233] ? trace_preempt_on+0x20/0xc0 [ 16.083256] ? __pfx_kthread+0x10/0x10 [ 16.083277] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.083300] ? calculate_sigpending+0x7b/0xa0 [ 16.083326] ? __pfx_kthread+0x10/0x10 [ 16.083348] ret_from_fork+0x116/0x1d0 [ 16.083369] ? __pfx_kthread+0x10/0x10 [ 16.083390] ret_from_fork_asm+0x1a/0x30 [ 16.083424] </TASK> [ 16.083436] [ 16.096664] Allocated by task 298: [ 16.096963] kasan_save_stack+0x45/0x70 [ 16.097251] kasan_save_track+0x18/0x40 [ 16.097390] kasan_save_alloc_info+0x3b/0x50 [ 16.097542] __kasan_kmalloc+0xb7/0xc0 [ 16.097689] __kmalloc_cache_noprof+0x189/0x420 [ 16.098073] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.098487] kunit_try_run_case+0x1a5/0x480 [ 16.098930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.099466] kthread+0x337/0x6f0 [ 16.099813] ret_from_fork+0x116/0x1d0 [ 16.100010] ret_from_fork_asm+0x1a/0x30 [ 16.100418] [ 16.100603] The buggy address belongs to the object at ffff888103abd000 [ 16.100603] which belongs to the cache kmalloc-128 of size 128 [ 16.101157] The buggy address is located 0 bytes to the right of [ 16.101157] allocated 120-byte region [ffff888103abd000, ffff888103abd078) [ 16.101932] [ 16.102034] The buggy address belongs to the physical page: [ 16.102212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103abd [ 16.102458] flags: 0x200000000000000(node=0|zone=2) [ 16.102877] page_type: f5(slab) [ 16.103014] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.103277] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.103507] page dumped because: kasan: bad access detected [ 16.104056] [ 16.104245] Memory state around the buggy address: [ 16.104705] ffff888103abcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.105367] ffff888103abcf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.106086] >ffff888103abd000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.106811] ^ [ 16.107510] ffff888103abd080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.107809] ffff888103abd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.108050] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 15.362391] ================================================================== [ 15.362626] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.362864] Read of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.363100] [ 15.363181] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.363221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.363232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.363253] Call Trace: [ 15.363269] <TASK> [ 15.363284] dump_stack_lvl+0x73/0xb0 [ 15.363311] print_report+0xd1/0x610 [ 15.363333] ? __virt_addr_valid+0x1db/0x2d0 [ 15.363356] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.363377] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.363400] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.363423] kasan_report+0x141/0x180 [ 15.363445] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.363473] __asan_report_load4_noabort+0x18/0x20 [ 15.363497] kasan_atomics_helper+0x49e8/0x5450 [ 15.363520] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.363543] ? kasan_save_alloc_info+0x3b/0x50 [ 15.363573] kasan_atomics+0x1dc/0x310 [ 15.363597] ? __pfx_kasan_atomics+0x10/0x10 [ 15.363622] ? __pfx_read_tsc+0x10/0x10 [ 15.363642] ? ktime_get_ts64+0x86/0x230 [ 15.363667] kunit_try_run_case+0x1a5/0x480 [ 15.363691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.363713] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.363738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.363761] ? __kthread_parkme+0x82/0x180 [ 15.363782] ? preempt_count_sub+0x50/0x80 [ 15.363805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.363829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.363853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.363878] kthread+0x337/0x6f0 [ 15.363909] ? trace_preempt_on+0x20/0xc0 [ 15.363933] ? __pfx_kthread+0x10/0x10 [ 15.363954] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.363976] ? calculate_sigpending+0x7b/0xa0 [ 15.363999] ? __pfx_kthread+0x10/0x10 [ 15.364022] ret_from_fork+0x116/0x1d0 [ 15.364040] ? __pfx_kthread+0x10/0x10 [ 15.364061] ret_from_fork_asm+0x1a/0x30 [ 15.364093] </TASK> [ 15.364104] [ 15.373091] Allocated by task 282: [ 15.373248] kasan_save_stack+0x45/0x70 [ 15.373443] kasan_save_track+0x18/0x40 [ 15.373625] kasan_save_alloc_info+0x3b/0x50 [ 15.373867] __kasan_kmalloc+0xb7/0xc0 [ 15.374108] __kmalloc_cache_noprof+0x189/0x420 [ 15.374386] kasan_atomics+0x95/0x310 [ 15.374548] kunit_try_run_case+0x1a5/0x480 [ 15.374858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.375117] kthread+0x337/0x6f0 [ 15.375278] ret_from_fork+0x116/0x1d0 [ 15.375414] ret_from_fork_asm+0x1a/0x30 [ 15.375556] [ 15.375629] The buggy address belongs to the object at ffff8881029b7000 [ 15.375629] which belongs to the cache kmalloc-64 of size 64 [ 15.375997] The buggy address is located 0 bytes to the right of [ 15.375997] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.376448] [ 15.376543] The buggy address belongs to the physical page: [ 15.376797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.377157] flags: 0x200000000000000(node=0|zone=2) [ 15.377388] page_type: f5(slab) [ 15.377554] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.377901] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.378138] page dumped because: kasan: bad access detected [ 15.378311] [ 15.378381] Memory state around the buggy address: [ 15.378775] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.379398] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.379840] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.380259] ^ [ 15.380642] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.380946] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381162] ================================================================== [ 16.019710] ================================================================== [ 16.020122] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.020474] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 16.020854] [ 16.021018] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.021066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.021079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.021102] Call Trace: [ 16.021119] <TASK> [ 16.021136] dump_stack_lvl+0x73/0xb0 [ 16.021166] print_report+0xd1/0x610 [ 16.021189] ? __virt_addr_valid+0x1db/0x2d0 [ 16.021213] ? kasan_atomics_helper+0x224c/0x5450 [ 16.021262] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.021288] ? kasan_atomics_helper+0x224c/0x5450 [ 16.021312] kasan_report+0x141/0x180 [ 16.021335] ? kasan_atomics_helper+0x224c/0x5450 [ 16.021363] kasan_check_range+0x10c/0x1c0 [ 16.021388] __kasan_check_write+0x18/0x20 [ 16.021409] kasan_atomics_helper+0x224c/0x5450 [ 16.021433] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.021458] ? kasan_save_alloc_info+0x3b/0x50 [ 16.021489] kasan_atomics+0x1dc/0x310 [ 16.021514] ? __pfx_kasan_atomics+0x10/0x10 [ 16.021540] ? __pfx_read_tsc+0x10/0x10 [ 16.021562] ? ktime_get_ts64+0x86/0x230 [ 16.021587] kunit_try_run_case+0x1a5/0x480 [ 16.021613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.021638] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.021664] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.021688] ? __kthread_parkme+0x82/0x180 [ 16.021710] ? preempt_count_sub+0x50/0x80 [ 16.021736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.021761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.021786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.021812] kthread+0x337/0x6f0 [ 16.021832] ? trace_preempt_on+0x20/0xc0 [ 16.021857] ? __pfx_kthread+0x10/0x10 [ 16.021879] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.021913] ? calculate_sigpending+0x7b/0xa0 [ 16.021938] ? __pfx_kthread+0x10/0x10 [ 16.021961] ret_from_fork+0x116/0x1d0 [ 16.022055] ? __pfx_kthread+0x10/0x10 [ 16.022078] ret_from_fork_asm+0x1a/0x30 [ 16.022110] </TASK> [ 16.022123] [ 16.029772] Allocated by task 282: [ 16.029919] kasan_save_stack+0x45/0x70 [ 16.030193] kasan_save_track+0x18/0x40 [ 16.030390] kasan_save_alloc_info+0x3b/0x50 [ 16.030602] __kasan_kmalloc+0xb7/0xc0 [ 16.030798] __kmalloc_cache_noprof+0x189/0x420 [ 16.031060] kasan_atomics+0x95/0x310 [ 16.031285] kunit_try_run_case+0x1a5/0x480 [ 16.031502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.031764] kthread+0x337/0x6f0 [ 16.031922] ret_from_fork+0x116/0x1d0 [ 16.032130] ret_from_fork_asm+0x1a/0x30 [ 16.032349] [ 16.032447] The buggy address belongs to the object at ffff8881029b7000 [ 16.032447] which belongs to the cache kmalloc-64 of size 64 [ 16.032989] The buggy address is located 0 bytes to the right of [ 16.032989] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 16.033552] [ 16.033682] The buggy address belongs to the physical page: [ 16.033952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 16.034314] flags: 0x200000000000000(node=0|zone=2) [ 16.034481] page_type: f5(slab) [ 16.034602] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.034843] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.035246] page dumped because: kasan: bad access detected [ 16.035501] [ 16.035594] Memory state around the buggy address: [ 16.035817] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.036171] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.036497] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.036731] ^ [ 16.036914] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.037296] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.037609] ================================================================== [ 15.125359] ================================================================== [ 15.125649] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.126002] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.126293] [ 15.126405] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.126465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.126481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.126516] Call Trace: [ 15.126532] <TASK> [ 15.126548] dump_stack_lvl+0x73/0xb0 [ 15.126579] print_report+0xd1/0x610 [ 15.126605] ? __virt_addr_valid+0x1db/0x2d0 [ 15.126631] ? kasan_atomics_helper+0xde0/0x5450 [ 15.126657] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.126686] ? kasan_atomics_helper+0xde0/0x5450 [ 15.126712] kasan_report+0x141/0x180 [ 15.126737] ? kasan_atomics_helper+0xde0/0x5450 [ 15.126777] kasan_check_range+0x10c/0x1c0 [ 15.126804] __kasan_check_write+0x18/0x20 [ 15.126827] kasan_atomics_helper+0xde0/0x5450 [ 15.126854] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.126882] ? kasan_save_alloc_info+0x3b/0x50 [ 15.127169] kasan_atomics+0x1dc/0x310 [ 15.127215] ? __pfx_kasan_atomics+0x10/0x10 [ 15.127245] ? __pfx_read_tsc+0x10/0x10 [ 15.127270] ? ktime_get_ts64+0x86/0x230 [ 15.127300] kunit_try_run_case+0x1a5/0x480 [ 15.127329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.127357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.127387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.127427] ? __kthread_parkme+0x82/0x180 [ 15.127452] ? preempt_count_sub+0x50/0x80 [ 15.127481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.127575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.127620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.127653] kthread+0x337/0x6f0 [ 15.127687] ? trace_preempt_on+0x20/0xc0 [ 15.127721] ? __pfx_kthread+0x10/0x10 [ 15.127746] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.127774] ? calculate_sigpending+0x7b/0xa0 [ 15.127804] ? __pfx_kthread+0x10/0x10 [ 15.127829] ret_from_fork+0x116/0x1d0 [ 15.127851] ? __pfx_kthread+0x10/0x10 [ 15.127875] ret_from_fork_asm+0x1a/0x30 [ 15.127924] </TASK> [ 15.127936] [ 15.141693] Allocated by task 282: [ 15.142088] kasan_save_stack+0x45/0x70 [ 15.142474] kasan_save_track+0x18/0x40 [ 15.142923] kasan_save_alloc_info+0x3b/0x50 [ 15.143362] __kasan_kmalloc+0xb7/0xc0 [ 15.143756] __kmalloc_cache_noprof+0x189/0x420 [ 15.143940] kasan_atomics+0x95/0x310 [ 15.144333] kunit_try_run_case+0x1a5/0x480 [ 15.144930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.145460] kthread+0x337/0x6f0 [ 15.145825] ret_from_fork+0x116/0x1d0 [ 15.145986] ret_from_fork_asm+0x1a/0x30 [ 15.146330] [ 15.146500] The buggy address belongs to the object at ffff8881029b7000 [ 15.146500] which belongs to the cache kmalloc-64 of size 64 [ 15.147713] The buggy address is located 0 bytes to the right of [ 15.147713] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.148396] [ 15.148743] The buggy address belongs to the physical page: [ 15.149264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.149990] flags: 0x200000000000000(node=0|zone=2) [ 15.150271] page_type: f5(slab) [ 15.150398] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.150643] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.151012] page dumped because: kasan: bad access detected [ 15.151606] [ 15.151773] Memory state around the buggy address: [ 15.152256] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.153125] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.153817] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.154466] ^ [ 15.155021] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.155441] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.156087] ================================================================== [ 15.641676] ================================================================== [ 15.642274] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 15.643095] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.643416] [ 15.643509] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.643555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.643568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.643591] Call Trace: [ 15.643608] <TASK> [ 15.643626] dump_stack_lvl+0x73/0xb0 [ 15.643658] print_report+0xd1/0x610 [ 15.643682] ? __virt_addr_valid+0x1db/0x2d0 [ 15.643707] ? kasan_atomics_helper+0x1818/0x5450 [ 15.643730] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.643754] ? kasan_atomics_helper+0x1818/0x5450 [ 15.643777] kasan_report+0x141/0x180 [ 15.643812] ? kasan_atomics_helper+0x1818/0x5450 [ 15.643840] kasan_check_range+0x10c/0x1c0 [ 15.643866] __kasan_check_write+0x18/0x20 [ 15.643906] kasan_atomics_helper+0x1818/0x5450 [ 15.643930] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.643955] ? kasan_save_alloc_info+0x3b/0x50 [ 15.644005] kasan_atomics+0x1dc/0x310 [ 15.644030] ? __pfx_kasan_atomics+0x10/0x10 [ 15.644056] ? __pfx_read_tsc+0x10/0x10 [ 15.644077] ? ktime_get_ts64+0x86/0x230 [ 15.644104] kunit_try_run_case+0x1a5/0x480 [ 15.644130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.644153] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.644189] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.644215] ? __kthread_parkme+0x82/0x180 [ 15.644236] ? preempt_count_sub+0x50/0x80 [ 15.644273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.644298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.644324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.644349] kthread+0x337/0x6f0 [ 15.644380] ? trace_preempt_on+0x20/0xc0 [ 15.644408] ? __pfx_kthread+0x10/0x10 [ 15.644442] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.644466] ? calculate_sigpending+0x7b/0xa0 [ 15.644492] ? __pfx_kthread+0x10/0x10 [ 15.644516] ret_from_fork+0x116/0x1d0 [ 15.644536] ? __pfx_kthread+0x10/0x10 [ 15.644557] ret_from_fork_asm+0x1a/0x30 [ 15.644592] </TASK> [ 15.644604] [ 15.652009] Allocated by task 282: [ 15.652142] kasan_save_stack+0x45/0x70 [ 15.652344] kasan_save_track+0x18/0x40 [ 15.652555] kasan_save_alloc_info+0x3b/0x50 [ 15.652803] __kasan_kmalloc+0xb7/0xc0 [ 15.653029] __kmalloc_cache_noprof+0x189/0x420 [ 15.653259] kasan_atomics+0x95/0x310 [ 15.653469] kunit_try_run_case+0x1a5/0x480 [ 15.653679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.653983] kthread+0x337/0x6f0 [ 15.654126] ret_from_fork+0x116/0x1d0 [ 15.654326] ret_from_fork_asm+0x1a/0x30 [ 15.654520] [ 15.654612] The buggy address belongs to the object at ffff8881029b7000 [ 15.654612] which belongs to the cache kmalloc-64 of size 64 [ 15.655160] The buggy address is located 0 bytes to the right of [ 15.655160] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.655617] [ 15.655691] The buggy address belongs to the physical page: [ 15.655866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.656141] flags: 0x200000000000000(node=0|zone=2) [ 15.656306] page_type: f5(slab) [ 15.656505] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.656844] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.657212] page dumped because: kasan: bad access detected [ 15.657464] [ 15.657555] Memory state around the buggy address: [ 15.657779] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.658120] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.658429] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.658731] ^ [ 15.658898] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.659123] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.659360] ================================================================== [ 15.678023] ================================================================== [ 15.678376] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.678847] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.679126] [ 15.679264] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.679306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.679319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.679340] Call Trace: [ 15.679355] <TASK> [ 15.679372] dump_stack_lvl+0x73/0xb0 [ 15.679400] print_report+0xd1/0x610 [ 15.679423] ? __virt_addr_valid+0x1db/0x2d0 [ 15.679447] ? kasan_atomics_helper+0x194a/0x5450 [ 15.679470] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.679495] ? kasan_atomics_helper+0x194a/0x5450 [ 15.679519] kasan_report+0x141/0x180 [ 15.679542] ? kasan_atomics_helper+0x194a/0x5450 [ 15.679570] kasan_check_range+0x10c/0x1c0 [ 15.679594] __kasan_check_write+0x18/0x20 [ 15.679615] kasan_atomics_helper+0x194a/0x5450 [ 15.679639] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.679664] ? kasan_save_alloc_info+0x3b/0x50 [ 15.679694] kasan_atomics+0x1dc/0x310 [ 15.679718] ? __pfx_kasan_atomics+0x10/0x10 [ 15.679744] ? __pfx_read_tsc+0x10/0x10 [ 15.679765] ? ktime_get_ts64+0x86/0x230 [ 15.679790] kunit_try_run_case+0x1a5/0x480 [ 15.679815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.679839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.679865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.679890] ? __kthread_parkme+0x82/0x180 [ 15.679922] ? preempt_count_sub+0x50/0x80 [ 15.679948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.680003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.680028] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.680054] kthread+0x337/0x6f0 [ 15.680085] ? trace_preempt_on+0x20/0xc0 [ 15.680110] ? __pfx_kthread+0x10/0x10 [ 15.680131] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.680153] ? calculate_sigpending+0x7b/0xa0 [ 15.680178] ? __pfx_kthread+0x10/0x10 [ 15.680201] ret_from_fork+0x116/0x1d0 [ 15.680220] ? __pfx_kthread+0x10/0x10 [ 15.680243] ret_from_fork_asm+0x1a/0x30 [ 15.680276] </TASK> [ 15.680287] [ 15.687781] Allocated by task 282: [ 15.687996] kasan_save_stack+0x45/0x70 [ 15.688168] kasan_save_track+0x18/0x40 [ 15.688380] kasan_save_alloc_info+0x3b/0x50 [ 15.688588] __kasan_kmalloc+0xb7/0xc0 [ 15.688787] __kmalloc_cache_noprof+0x189/0x420 [ 15.689045] kasan_atomics+0x95/0x310 [ 15.689234] kunit_try_run_case+0x1a5/0x480 [ 15.689444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.689674] kthread+0x337/0x6f0 [ 15.689849] ret_from_fork+0x116/0x1d0 [ 15.690066] ret_from_fork_asm+0x1a/0x30 [ 15.690275] [ 15.690365] The buggy address belongs to the object at ffff8881029b7000 [ 15.690365] which belongs to the cache kmalloc-64 of size 64 [ 15.690878] The buggy address is located 0 bytes to the right of [ 15.690878] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.691283] [ 15.691356] The buggy address belongs to the physical page: [ 15.691530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.691771] flags: 0x200000000000000(node=0|zone=2) [ 15.691982] page_type: f5(slab) [ 15.692171] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.692538] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.692878] page dumped because: kasan: bad access detected [ 15.693164] [ 15.693257] Memory state around the buggy address: [ 15.693478] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.693780] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.694031] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.694246] ^ [ 15.694401] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.694752] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.695125] ================================================================== [ 15.288129] ================================================================== [ 15.288467] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.288711] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.289355] [ 15.289592] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.289636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.289649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.289671] Call Trace: [ 15.289688] <TASK> [ 15.289705] dump_stack_lvl+0x73/0xb0 [ 15.289735] print_report+0xd1/0x610 [ 15.289758] ? __virt_addr_valid+0x1db/0x2d0 [ 15.289782] ? kasan_atomics_helper+0x1148/0x5450 [ 15.289805] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.289830] ? kasan_atomics_helper+0x1148/0x5450 [ 15.289853] kasan_report+0x141/0x180 [ 15.289877] ? kasan_atomics_helper+0x1148/0x5450 [ 15.289916] kasan_check_range+0x10c/0x1c0 [ 15.289942] __kasan_check_write+0x18/0x20 [ 15.289962] kasan_atomics_helper+0x1148/0x5450 [ 15.290013] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.290038] ? kasan_save_alloc_info+0x3b/0x50 [ 15.290068] kasan_atomics+0x1dc/0x310 [ 15.290093] ? __pfx_kasan_atomics+0x10/0x10 [ 15.290119] ? __pfx_read_tsc+0x10/0x10 [ 15.290140] ? ktime_get_ts64+0x86/0x230 [ 15.290185] kunit_try_run_case+0x1a5/0x480 [ 15.290211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.290235] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.290260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.290285] ? __kthread_parkme+0x82/0x180 [ 15.290306] ? preempt_count_sub+0x50/0x80 [ 15.290332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.290357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.290383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.290408] kthread+0x337/0x6f0 [ 15.290428] ? trace_preempt_on+0x20/0xc0 [ 15.290452] ? __pfx_kthread+0x10/0x10 [ 15.290474] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.290496] ? calculate_sigpending+0x7b/0xa0 [ 15.290521] ? __pfx_kthread+0x10/0x10 [ 15.290544] ret_from_fork+0x116/0x1d0 [ 15.290563] ? __pfx_kthread+0x10/0x10 [ 15.290585] ret_from_fork_asm+0x1a/0x30 [ 15.290619] </TASK> [ 15.290630] [ 15.303938] Allocated by task 282: [ 15.304146] kasan_save_stack+0x45/0x70 [ 15.304503] kasan_save_track+0x18/0x40 [ 15.304643] kasan_save_alloc_info+0x3b/0x50 [ 15.304794] __kasan_kmalloc+0xb7/0xc0 [ 15.305201] __kmalloc_cache_noprof+0x189/0x420 [ 15.305379] kasan_atomics+0x95/0x310 [ 15.305518] kunit_try_run_case+0x1a5/0x480 [ 15.305986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.306574] kthread+0x337/0x6f0 [ 15.306877] ret_from_fork+0x116/0x1d0 [ 15.307261] ret_from_fork_asm+0x1a/0x30 [ 15.307667] [ 15.307832] The buggy address belongs to the object at ffff8881029b7000 [ 15.307832] which belongs to the cache kmalloc-64 of size 64 [ 15.308831] The buggy address is located 0 bytes to the right of [ 15.308831] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.309487] [ 15.309569] The buggy address belongs to the physical page: [ 15.309748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.310332] flags: 0x200000000000000(node=0|zone=2) [ 15.310601] page_type: f5(slab) [ 15.310984] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.311659] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.312427] page dumped because: kasan: bad access detected [ 15.313006] [ 15.313105] Memory state around the buggy address: [ 15.313624] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.314016] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.314739] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.315277] ^ [ 15.315714] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.316138] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.316761] ================================================================== [ 14.851487] ================================================================== [ 14.852034] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 14.852349] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.852738] [ 14.852848] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.852903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.852917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.852940] Call Trace: [ 14.852955] <TASK> [ 14.852972] dump_stack_lvl+0x73/0xb0 [ 14.853001] print_report+0xd1/0x610 [ 14.853044] ? __virt_addr_valid+0x1db/0x2d0 [ 14.853069] ? kasan_atomics_helper+0x697/0x5450 [ 14.853093] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.853118] ? kasan_atomics_helper+0x697/0x5450 [ 14.853142] kasan_report+0x141/0x180 [ 14.853165] ? kasan_atomics_helper+0x697/0x5450 [ 14.853192] kasan_check_range+0x10c/0x1c0 [ 14.853218] __kasan_check_write+0x18/0x20 [ 14.853239] kasan_atomics_helper+0x697/0x5450 [ 14.853267] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.853294] ? kasan_save_alloc_info+0x3b/0x50 [ 14.853325] kasan_atomics+0x1dc/0x310 [ 14.853350] ? __pfx_kasan_atomics+0x10/0x10 [ 14.853376] ? __pfx_read_tsc+0x10/0x10 [ 14.853398] ? ktime_get_ts64+0x86/0x230 [ 14.853425] kunit_try_run_case+0x1a5/0x480 [ 14.853451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.853474] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.853501] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.853603] ? __kthread_parkme+0x82/0x180 [ 14.853626] ? preempt_count_sub+0x50/0x80 [ 14.853652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.853677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.853703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.853728] kthread+0x337/0x6f0 [ 14.853749] ? trace_preempt_on+0x20/0xc0 [ 14.853774] ? __pfx_kthread+0x10/0x10 [ 14.853795] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.853817] ? calculate_sigpending+0x7b/0xa0 [ 14.853843] ? __pfx_kthread+0x10/0x10 [ 14.853864] ret_from_fork+0x116/0x1d0 [ 14.853883] ? __pfx_kthread+0x10/0x10 [ 14.853918] ret_from_fork_asm+0x1a/0x30 [ 14.853952] </TASK> [ 14.853965] [ 14.861966] Allocated by task 282: [ 14.862173] kasan_save_stack+0x45/0x70 [ 14.862381] kasan_save_track+0x18/0x40 [ 14.862652] kasan_save_alloc_info+0x3b/0x50 [ 14.862851] __kasan_kmalloc+0xb7/0xc0 [ 14.863069] __kmalloc_cache_noprof+0x189/0x420 [ 14.863270] kasan_atomics+0x95/0x310 [ 14.863435] kunit_try_run_case+0x1a5/0x480 [ 14.863806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.864065] kthread+0x337/0x6f0 [ 14.864253] ret_from_fork+0x116/0x1d0 [ 14.864416] ret_from_fork_asm+0x1a/0x30 [ 14.864689] [ 14.864780] The buggy address belongs to the object at ffff8881029b7000 [ 14.864780] which belongs to the cache kmalloc-64 of size 64 [ 14.865301] The buggy address is located 0 bytes to the right of [ 14.865301] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.865748] [ 14.865824] The buggy address belongs to the physical page: [ 14.866037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.866361] flags: 0x200000000000000(node=0|zone=2) [ 14.866822] page_type: f5(slab) [ 14.867014] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.867385] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.867872] page dumped because: kasan: bad access detected [ 14.868070] [ 14.868183] Memory state around the buggy address: [ 14.868414] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.868732] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.869044] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.869322] ^ [ 14.869526] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.869803] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.870200] ================================================================== [ 15.003942] ================================================================== [ 15.004769] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.005816] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.006921] [ 15.007395] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.007459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.007472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.007709] Call Trace: [ 15.007732] <TASK> [ 15.007753] dump_stack_lvl+0x73/0xb0 [ 15.007784] print_report+0xd1/0x610 [ 15.007809] ? __virt_addr_valid+0x1db/0x2d0 [ 15.007833] ? kasan_atomics_helper+0xac7/0x5450 [ 15.007855] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.007879] ? kasan_atomics_helper+0xac7/0x5450 [ 15.007916] kasan_report+0x141/0x180 [ 15.007940] ? kasan_atomics_helper+0xac7/0x5450 [ 15.007991] kasan_check_range+0x10c/0x1c0 [ 15.008016] __kasan_check_write+0x18/0x20 [ 15.008036] kasan_atomics_helper+0xac7/0x5450 [ 15.008060] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.008084] ? kasan_save_alloc_info+0x3b/0x50 [ 15.008115] kasan_atomics+0x1dc/0x310 [ 15.008139] ? __pfx_kasan_atomics+0x10/0x10 [ 15.008164] ? __pfx_read_tsc+0x10/0x10 [ 15.008186] ? ktime_get_ts64+0x86/0x230 [ 15.008212] kunit_try_run_case+0x1a5/0x480 [ 15.008236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.008260] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.008285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.008310] ? __kthread_parkme+0x82/0x180 [ 15.008330] ? preempt_count_sub+0x50/0x80 [ 15.008355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.008381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.008407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.008432] kthread+0x337/0x6f0 [ 15.008452] ? trace_preempt_on+0x20/0xc0 [ 15.008477] ? __pfx_kthread+0x10/0x10 [ 15.008498] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.008587] ? calculate_sigpending+0x7b/0xa0 [ 15.008614] ? __pfx_kthread+0x10/0x10 [ 15.008637] ret_from_fork+0x116/0x1d0 [ 15.008656] ? __pfx_kthread+0x10/0x10 [ 15.008677] ret_from_fork_asm+0x1a/0x30 [ 15.008709] </TASK> [ 15.008721] [ 15.028122] Allocated by task 282: [ 15.028279] kasan_save_stack+0x45/0x70 [ 15.028441] kasan_save_track+0x18/0x40 [ 15.029212] kasan_save_alloc_info+0x3b/0x50 [ 15.029920] __kasan_kmalloc+0xb7/0xc0 [ 15.030497] __kmalloc_cache_noprof+0x189/0x420 [ 15.031232] kasan_atomics+0x95/0x310 [ 15.031955] kunit_try_run_case+0x1a5/0x480 [ 15.032439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.032689] kthread+0x337/0x6f0 [ 15.032818] ret_from_fork+0x116/0x1d0 [ 15.033474] ret_from_fork_asm+0x1a/0x30 [ 15.034156] [ 15.034494] The buggy address belongs to the object at ffff8881029b7000 [ 15.034494] which belongs to the cache kmalloc-64 of size 64 [ 15.035465] The buggy address is located 0 bytes to the right of [ 15.035465] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.037261] [ 15.037355] The buggy address belongs to the physical page: [ 15.037885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.038947] flags: 0x200000000000000(node=0|zone=2) [ 15.039619] page_type: f5(slab) [ 15.040272] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.040585] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.040821] page dumped because: kasan: bad access detected [ 15.041014] [ 15.041087] Memory state around the buggy address: [ 15.041269] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.041590] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.042051] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.042294] ^ [ 15.042628] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.042946] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.043264] ================================================================== [ 14.828694] ================================================================== [ 14.829049] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 14.829398] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.829802] [ 14.829926] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.829970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.829982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.830004] Call Trace: [ 14.830019] <TASK> [ 14.830033] dump_stack_lvl+0x73/0xb0 [ 14.830061] print_report+0xd1/0x610 [ 14.830084] ? __virt_addr_valid+0x1db/0x2d0 [ 14.830108] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.830130] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.830153] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.830176] kasan_report+0x141/0x180 [ 14.830199] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.830228] kasan_check_range+0x10c/0x1c0 [ 14.830253] __kasan_check_write+0x18/0x20 [ 14.830273] kasan_atomics_helper+0x5fe/0x5450 [ 14.830298] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.830322] ? kasan_save_alloc_info+0x3b/0x50 [ 14.830353] kasan_atomics+0x1dc/0x310 [ 14.830377] ? __pfx_kasan_atomics+0x10/0x10 [ 14.830403] ? __pfx_read_tsc+0x10/0x10 [ 14.830424] ? ktime_get_ts64+0x86/0x230 [ 14.830449] kunit_try_run_case+0x1a5/0x480 [ 14.830475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.830498] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.830523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.830709] ? __kthread_parkme+0x82/0x180 [ 14.830732] ? preempt_count_sub+0x50/0x80 [ 14.830759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.830790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.830816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.830842] kthread+0x337/0x6f0 [ 14.830862] ? trace_preempt_on+0x20/0xc0 [ 14.830886] ? __pfx_kthread+0x10/0x10 [ 14.830922] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.830944] ? calculate_sigpending+0x7b/0xa0 [ 14.830968] ? __pfx_kthread+0x10/0x10 [ 14.830991] ret_from_fork+0x116/0x1d0 [ 14.831010] ? __pfx_kthread+0x10/0x10 [ 14.831031] ret_from_fork_asm+0x1a/0x30 [ 14.831064] </TASK> [ 14.831075] [ 14.838526] Allocated by task 282: [ 14.838665] kasan_save_stack+0x45/0x70 [ 14.838816] kasan_save_track+0x18/0x40 [ 14.839228] kasan_save_alloc_info+0x3b/0x50 [ 14.839457] __kasan_kmalloc+0xb7/0xc0 [ 14.839646] __kmalloc_cache_noprof+0x189/0x420 [ 14.839870] kasan_atomics+0x95/0x310 [ 14.840071] kunit_try_run_case+0x1a5/0x480 [ 14.840280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.840533] kthread+0x337/0x6f0 [ 14.840702] ret_from_fork+0x116/0x1d0 [ 14.840999] ret_from_fork_asm+0x1a/0x30 [ 14.841212] [ 14.841302] The buggy address belongs to the object at ffff8881029b7000 [ 14.841302] which belongs to the cache kmalloc-64 of size 64 [ 14.841741] The buggy address is located 0 bytes to the right of [ 14.841741] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.844271] [ 14.844357] The buggy address belongs to the physical page: [ 14.844911] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.845456] flags: 0x200000000000000(node=0|zone=2) [ 14.845912] page_type: f5(slab) [ 14.846232] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.846560] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.846864] page dumped because: kasan: bad access detected [ 14.847111] [ 14.847202] Memory state around the buggy address: [ 14.847412] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.847710] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.848805] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.849352] ^ [ 14.850027] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.850418] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.851031] ================================================================== [ 15.742582] ================================================================== [ 15.742887] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.743273] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.743606] [ 15.743737] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.743781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.743793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.743814] Call Trace: [ 15.743831] <TASK> [ 15.743848] dump_stack_lvl+0x73/0xb0 [ 15.743875] print_report+0xd1/0x610 [ 15.743909] ? __virt_addr_valid+0x1db/0x2d0 [ 15.743952] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.743994] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.744018] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.744041] kasan_report+0x141/0x180 [ 15.744064] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.744092] kasan_check_range+0x10c/0x1c0 [ 15.744116] __kasan_check_write+0x18/0x20 [ 15.744137] kasan_atomics_helper+0x1b22/0x5450 [ 15.744161] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.744185] ? kasan_save_alloc_info+0x3b/0x50 [ 15.744216] kasan_atomics+0x1dc/0x310 [ 15.744240] ? __pfx_kasan_atomics+0x10/0x10 [ 15.744265] ? __pfx_read_tsc+0x10/0x10 [ 15.744286] ? ktime_get_ts64+0x86/0x230 [ 15.744312] kunit_try_run_case+0x1a5/0x480 [ 15.744338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.744362] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.744408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.744433] ? __kthread_parkme+0x82/0x180 [ 15.744455] ? preempt_count_sub+0x50/0x80 [ 15.744480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.744505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.744532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.744558] kthread+0x337/0x6f0 [ 15.744579] ? trace_preempt_on+0x20/0xc0 [ 15.744604] ? __pfx_kthread+0x10/0x10 [ 15.744626] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.744650] ? calculate_sigpending+0x7b/0xa0 [ 15.744676] ? __pfx_kthread+0x10/0x10 [ 15.744699] ret_from_fork+0x116/0x1d0 [ 15.744719] ? __pfx_kthread+0x10/0x10 [ 15.744740] ret_from_fork_asm+0x1a/0x30 [ 15.744774] </TASK> [ 15.744785] [ 15.751963] Allocated by task 282: [ 15.752164] kasan_save_stack+0x45/0x70 [ 15.752347] kasan_save_track+0x18/0x40 [ 15.752485] kasan_save_alloc_info+0x3b/0x50 [ 15.752650] __kasan_kmalloc+0xb7/0xc0 [ 15.752840] __kmalloc_cache_noprof+0x189/0x420 [ 15.753122] kasan_atomics+0x95/0x310 [ 15.753317] kunit_try_run_case+0x1a5/0x480 [ 15.753528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.753780] kthread+0x337/0x6f0 [ 15.753960] ret_from_fork+0x116/0x1d0 [ 15.754168] ret_from_fork_asm+0x1a/0x30 [ 15.754352] [ 15.754445] The buggy address belongs to the object at ffff8881029b7000 [ 15.754445] which belongs to the cache kmalloc-64 of size 64 [ 15.754810] The buggy address is located 0 bytes to the right of [ 15.754810] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.755249] [ 15.755348] The buggy address belongs to the physical page: [ 15.755603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.755985] flags: 0x200000000000000(node=0|zone=2) [ 15.756225] page_type: f5(slab) [ 15.756415] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.756780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.757121] page dumped because: kasan: bad access detected [ 15.757297] [ 15.757367] Memory state around the buggy address: [ 15.757524] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.757820] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.758198] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.758519] ^ [ 15.758773] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.759134] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.759476] ================================================================== [ 15.437640] ================================================================== [ 15.438104] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.438580] Read of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.439343] [ 15.439452] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.439497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.439510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.439533] Call Trace: [ 15.439548] <TASK> [ 15.439565] dump_stack_lvl+0x73/0xb0 [ 15.439596] print_report+0xd1/0x610 [ 15.439619] ? __virt_addr_valid+0x1db/0x2d0 [ 15.439643] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.439666] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.439690] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.439713] kasan_report+0x141/0x180 [ 15.439736] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.439765] kasan_check_range+0x10c/0x1c0 [ 15.439789] __kasan_check_read+0x15/0x20 [ 15.439809] kasan_atomics_helper+0x13b5/0x5450 [ 15.439834] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.439858] ? kasan_save_alloc_info+0x3b/0x50 [ 15.439889] kasan_atomics+0x1dc/0x310 [ 15.439926] ? __pfx_kasan_atomics+0x10/0x10 [ 15.439951] ? __pfx_read_tsc+0x10/0x10 [ 15.439973] ? ktime_get_ts64+0x86/0x230 [ 15.440010] kunit_try_run_case+0x1a5/0x480 [ 15.440036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.440059] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.440085] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.440110] ? __kthread_parkme+0x82/0x180 [ 15.440132] ? preempt_count_sub+0x50/0x80 [ 15.440158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.440183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.440208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.440233] kthread+0x337/0x6f0 [ 15.440252] ? trace_preempt_on+0x20/0xc0 [ 15.440278] ? __pfx_kthread+0x10/0x10 [ 15.440303] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.440326] ? calculate_sigpending+0x7b/0xa0 [ 15.440352] ? __pfx_kthread+0x10/0x10 [ 15.440375] ret_from_fork+0x116/0x1d0 [ 15.440394] ? __pfx_kthread+0x10/0x10 [ 15.440416] ret_from_fork_asm+0x1a/0x30 [ 15.440450] </TASK> [ 15.440464] [ 15.448606] Allocated by task 282: [ 15.448753] kasan_save_stack+0x45/0x70 [ 15.448965] kasan_save_track+0x18/0x40 [ 15.449152] kasan_save_alloc_info+0x3b/0x50 [ 15.449362] __kasan_kmalloc+0xb7/0xc0 [ 15.449528] __kmalloc_cache_noprof+0x189/0x420 [ 15.449690] kasan_atomics+0x95/0x310 [ 15.449825] kunit_try_run_case+0x1a5/0x480 [ 15.450111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.450366] kthread+0x337/0x6f0 [ 15.450523] ret_from_fork+0x116/0x1d0 [ 15.450728] ret_from_fork_asm+0x1a/0x30 [ 15.450889] [ 15.450971] The buggy address belongs to the object at ffff8881029b7000 [ 15.450971] which belongs to the cache kmalloc-64 of size 64 [ 15.451450] The buggy address is located 0 bytes to the right of [ 15.451450] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.452005] [ 15.452077] The buggy address belongs to the physical page: [ 15.452249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.452489] flags: 0x200000000000000(node=0|zone=2) [ 15.452651] page_type: f5(slab) [ 15.452770] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.453089] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.453753] page dumped because: kasan: bad access detected [ 15.454264] [ 15.454451] Memory state around the buggy address: [ 15.454673] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.454964] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.455184] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.455400] ^ [ 15.455554] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.455778] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.456368] ================================================================== [ 15.714690] ================================================================== [ 15.715577] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.716312] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.716781] [ 15.716905] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.716951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.716964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.717426] Call Trace: [ 15.717443] <TASK> [ 15.717462] dump_stack_lvl+0x73/0xb0 [ 15.717496] print_report+0xd1/0x610 [ 15.717518] ? __virt_addr_valid+0x1db/0x2d0 [ 15.717543] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.717565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.717589] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.717612] kasan_report+0x141/0x180 [ 15.717636] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.717665] kasan_check_range+0x10c/0x1c0 [ 15.717690] __kasan_check_write+0x18/0x20 [ 15.717709] kasan_atomics_helper+0x1a7f/0x5450 [ 15.717733] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.717758] ? kasan_save_alloc_info+0x3b/0x50 [ 15.717788] kasan_atomics+0x1dc/0x310 [ 15.717812] ? __pfx_kasan_atomics+0x10/0x10 [ 15.717837] ? __pfx_read_tsc+0x10/0x10 [ 15.717859] ? ktime_get_ts64+0x86/0x230 [ 15.717884] kunit_try_run_case+0x1a5/0x480 [ 15.717926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.717952] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.718003] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.718029] ? __kthread_parkme+0x82/0x180 [ 15.718050] ? preempt_count_sub+0x50/0x80 [ 15.718076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.718102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.718147] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.718173] kthread+0x337/0x6f0 [ 15.718193] ? trace_preempt_on+0x20/0xc0 [ 15.718218] ? __pfx_kthread+0x10/0x10 [ 15.718240] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.718262] ? calculate_sigpending+0x7b/0xa0 [ 15.718288] ? __pfx_kthread+0x10/0x10 [ 15.718310] ret_from_fork+0x116/0x1d0 [ 15.718330] ? __pfx_kthread+0x10/0x10 [ 15.718351] ret_from_fork_asm+0x1a/0x30 [ 15.718384] </TASK> [ 15.718396] [ 15.730509] Allocated by task 282: [ 15.730850] kasan_save_stack+0x45/0x70 [ 15.731274] kasan_save_track+0x18/0x40 [ 15.731636] kasan_save_alloc_info+0x3b/0x50 [ 15.732069] __kasan_kmalloc+0xb7/0xc0 [ 15.732442] __kmalloc_cache_noprof+0x189/0x420 [ 15.732865] kasan_atomics+0x95/0x310 [ 15.733251] kunit_try_run_case+0x1a5/0x480 [ 15.733543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.733724] kthread+0x337/0x6f0 [ 15.733846] ret_from_fork+0x116/0x1d0 [ 15.734203] ret_from_fork_asm+0x1a/0x30 [ 15.734598] [ 15.734786] The buggy address belongs to the object at ffff8881029b7000 [ 15.734786] which belongs to the cache kmalloc-64 of size 64 [ 15.735858] The buggy address is located 0 bytes to the right of [ 15.735858] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.736748] [ 15.736825] The buggy address belongs to the physical page: [ 15.737105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.737778] flags: 0x200000000000000(node=0|zone=2) [ 15.738251] page_type: f5(slab) [ 15.738567] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.739261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.739758] page dumped because: kasan: bad access detected [ 15.740121] [ 15.740196] Memory state around the buggy address: [ 15.740355] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.740573] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.740791] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.741056] ^ [ 15.741240] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.741566] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.741884] ================================================================== [ 14.730995] ================================================================== [ 14.731373] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.731608] Read of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.732008] [ 14.732122] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.732164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.732176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.732197] Call Trace: [ 14.732213] <TASK> [ 14.732228] dump_stack_lvl+0x73/0xb0 [ 14.732256] print_report+0xd1/0x610 [ 14.732280] ? __virt_addr_valid+0x1db/0x2d0 [ 14.732307] ? kasan_atomics_helper+0x3df/0x5450 [ 14.732330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.732355] ? kasan_atomics_helper+0x3df/0x5450 [ 14.732377] kasan_report+0x141/0x180 [ 14.732400] ? kasan_atomics_helper+0x3df/0x5450 [ 14.732429] kasan_check_range+0x10c/0x1c0 [ 14.732453] __kasan_check_read+0x15/0x20 [ 14.732473] kasan_atomics_helper+0x3df/0x5450 [ 14.732498] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.732523] ? kasan_save_alloc_info+0x3b/0x50 [ 14.732601] kasan_atomics+0x1dc/0x310 [ 14.732626] ? __pfx_kasan_atomics+0x10/0x10 [ 14.732651] ? __pfx_read_tsc+0x10/0x10 [ 14.732674] ? ktime_get_ts64+0x86/0x230 [ 14.732699] kunit_try_run_case+0x1a5/0x480 [ 14.732724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.732747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.732772] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.732796] ? __kthread_parkme+0x82/0x180 [ 14.732818] ? preempt_count_sub+0x50/0x80 [ 14.732843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.732869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.732906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.732931] kthread+0x337/0x6f0 [ 14.732951] ? trace_preempt_on+0x20/0xc0 [ 14.732975] ? __pfx_kthread+0x10/0x10 [ 14.733011] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.733034] ? calculate_sigpending+0x7b/0xa0 [ 14.733059] ? __pfx_kthread+0x10/0x10 [ 14.733082] ret_from_fork+0x116/0x1d0 [ 14.733101] ? __pfx_kthread+0x10/0x10 [ 14.733122] ret_from_fork_asm+0x1a/0x30 [ 14.733155] </TASK> [ 14.733166] [ 14.741058] Allocated by task 282: [ 14.741239] kasan_save_stack+0x45/0x70 [ 14.741583] kasan_save_track+0x18/0x40 [ 14.741786] kasan_save_alloc_info+0x3b/0x50 [ 14.742053] __kasan_kmalloc+0xb7/0xc0 [ 14.742244] __kmalloc_cache_noprof+0x189/0x420 [ 14.742466] kasan_atomics+0x95/0x310 [ 14.742845] kunit_try_run_case+0x1a5/0x480 [ 14.743150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.743332] kthread+0x337/0x6f0 [ 14.743483] ret_from_fork+0x116/0x1d0 [ 14.744015] ret_from_fork_asm+0x1a/0x30 [ 14.744205] [ 14.744306] The buggy address belongs to the object at ffff8881029b7000 [ 14.744306] which belongs to the cache kmalloc-64 of size 64 [ 14.744841] The buggy address is located 0 bytes to the right of [ 14.744841] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.745389] [ 14.745474] The buggy address belongs to the physical page: [ 14.745705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.746118] flags: 0x200000000000000(node=0|zone=2) [ 14.746324] page_type: f5(slab) [ 14.746492] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.746888] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.747214] page dumped because: kasan: bad access detected [ 14.747450] [ 14.747521] Memory state around the buggy address: [ 14.747762] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.748200] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.748499] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.748862] ^ [ 14.749090] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.749383] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.749715] ================================================================== [ 15.942197] ================================================================== [ 15.942460] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 15.943220] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.943560] [ 15.943677] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.943723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.943736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.943761] Call Trace: [ 15.943780] <TASK> [ 15.943797] dump_stack_lvl+0x73/0xb0 [ 15.943830] print_report+0xd1/0x610 [ 15.943855] ? __virt_addr_valid+0x1db/0x2d0 [ 15.943879] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.943914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.943939] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.943962] kasan_report+0x141/0x180 [ 15.944006] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.944075] kasan_check_range+0x10c/0x1c0 [ 15.944102] __kasan_check_write+0x18/0x20 [ 15.944124] kasan_atomics_helper+0x20c8/0x5450 [ 15.944149] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.944174] ? kasan_save_alloc_info+0x3b/0x50 [ 15.944236] kasan_atomics+0x1dc/0x310 [ 15.944261] ? __pfx_kasan_atomics+0x10/0x10 [ 15.944287] ? __pfx_read_tsc+0x10/0x10 [ 15.944308] ? ktime_get_ts64+0x86/0x230 [ 15.944335] kunit_try_run_case+0x1a5/0x480 [ 15.944391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.944417] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.944445] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.944471] ? __kthread_parkme+0x82/0x180 [ 15.944493] ? preempt_count_sub+0x50/0x80 [ 15.944550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.944576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.944602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.944627] kthread+0x337/0x6f0 [ 15.944648] ? trace_preempt_on+0x20/0xc0 [ 15.944673] ? __pfx_kthread+0x10/0x10 [ 15.944695] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.944717] ? calculate_sigpending+0x7b/0xa0 [ 15.944743] ? __pfx_kthread+0x10/0x10 [ 15.944765] ret_from_fork+0x116/0x1d0 [ 15.944784] ? __pfx_kthread+0x10/0x10 [ 15.944837] ret_from_fork_asm+0x1a/0x30 [ 15.944871] </TASK> [ 15.944883] [ 15.952935] Allocated by task 282: [ 15.953072] kasan_save_stack+0x45/0x70 [ 15.953219] kasan_save_track+0x18/0x40 [ 15.953377] kasan_save_alloc_info+0x3b/0x50 [ 15.953587] __kasan_kmalloc+0xb7/0xc0 [ 15.953779] __kmalloc_cache_noprof+0x189/0x420 [ 15.954123] kasan_atomics+0x95/0x310 [ 15.954323] kunit_try_run_case+0x1a5/0x480 [ 15.954535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.954827] kthread+0x337/0x6f0 [ 15.955064] ret_from_fork+0x116/0x1d0 [ 15.955272] ret_from_fork_asm+0x1a/0x30 [ 15.955417] [ 15.955490] The buggy address belongs to the object at ffff8881029b7000 [ 15.955490] which belongs to the cache kmalloc-64 of size 64 [ 15.955847] The buggy address is located 0 bytes to the right of [ 15.955847] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.956491] [ 15.956639] The buggy address belongs to the physical page: [ 15.956964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.957400] flags: 0x200000000000000(node=0|zone=2) [ 15.957637] page_type: f5(slab) [ 15.957808] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.958169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.958407] page dumped because: kasan: bad access detected [ 15.958582] [ 15.958652] Memory state around the buggy address: [ 15.958984] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.959398] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.959755] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.960113] ^ [ 15.960378] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.960697] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.961026] ================================================================== [ 15.539765] ================================================================== [ 15.540226] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.540822] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.541403] [ 15.541645] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.541693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.541714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.541736] Call Trace: [ 15.541750] <TASK> [ 15.541766] dump_stack_lvl+0x73/0xb0 [ 15.541796] print_report+0xd1/0x610 [ 15.541819] ? __virt_addr_valid+0x1db/0x2d0 [ 15.541842] ? kasan_atomics_helper+0x151d/0x5450 [ 15.541864] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.541889] ? kasan_atomics_helper+0x151d/0x5450 [ 15.541922] kasan_report+0x141/0x180 [ 15.541945] ? kasan_atomics_helper+0x151d/0x5450 [ 15.541973] kasan_check_range+0x10c/0x1c0 [ 15.542113] __kasan_check_write+0x18/0x20 [ 15.542134] kasan_atomics_helper+0x151d/0x5450 [ 15.542159] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.542184] ? kasan_save_alloc_info+0x3b/0x50 [ 15.542214] kasan_atomics+0x1dc/0x310 [ 15.542273] ? __pfx_kasan_atomics+0x10/0x10 [ 15.542297] ? __pfx_read_tsc+0x10/0x10 [ 15.542319] ? ktime_get_ts64+0x86/0x230 [ 15.542345] kunit_try_run_case+0x1a5/0x480 [ 15.542370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.542393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.542418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.542442] ? __kthread_parkme+0x82/0x180 [ 15.542463] ? preempt_count_sub+0x50/0x80 [ 15.542488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.542513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.542537] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.542562] kthread+0x337/0x6f0 [ 15.542582] ? trace_preempt_on+0x20/0xc0 [ 15.542606] ? __pfx_kthread+0x10/0x10 [ 15.542627] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.542649] ? calculate_sigpending+0x7b/0xa0 [ 15.542674] ? __pfx_kthread+0x10/0x10 [ 15.542695] ret_from_fork+0x116/0x1d0 [ 15.542714] ? __pfx_kthread+0x10/0x10 [ 15.542735] ret_from_fork_asm+0x1a/0x30 [ 15.542773] </TASK> [ 15.542785] [ 15.552402] Allocated by task 282: [ 15.552542] kasan_save_stack+0x45/0x70 [ 15.552748] kasan_save_track+0x18/0x40 [ 15.552956] kasan_save_alloc_info+0x3b/0x50 [ 15.553219] __kasan_kmalloc+0xb7/0xc0 [ 15.553419] __kmalloc_cache_noprof+0x189/0x420 [ 15.553619] kasan_atomics+0x95/0x310 [ 15.553755] kunit_try_run_case+0x1a5/0x480 [ 15.553913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.554110] kthread+0x337/0x6f0 [ 15.554281] ret_from_fork+0x116/0x1d0 [ 15.554486] ret_from_fork_asm+0x1a/0x30 [ 15.554682] [ 15.554789] The buggy address belongs to the object at ffff8881029b7000 [ 15.554789] which belongs to the cache kmalloc-64 of size 64 [ 15.555284] The buggy address is located 0 bytes to the right of [ 15.555284] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.555801] [ 15.555911] The buggy address belongs to the physical page: [ 15.556179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.556501] flags: 0x200000000000000(node=0|zone=2) [ 15.556704] page_type: f5(slab) [ 15.556872] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.557217] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.557524] page dumped because: kasan: bad access detected [ 15.557759] [ 15.557852] Memory state around the buggy address: [ 15.558119] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.558400] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.558678] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.558942] ^ [ 15.559099] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.559485] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.559920] ================================================================== [ 14.711946] ================================================================== [ 14.712265] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.712520] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.712811] [ 14.713019] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.713064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.713076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.713098] Call Trace: [ 14.713114] <TASK> [ 14.713130] dump_stack_lvl+0x73/0xb0 [ 14.713158] print_report+0xd1/0x610 [ 14.713181] ? __virt_addr_valid+0x1db/0x2d0 [ 14.713205] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.713226] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.713250] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.713274] kasan_report+0x141/0x180 [ 14.713297] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.713325] __asan_report_store4_noabort+0x1b/0x30 [ 14.713351] kasan_atomics_helper+0x4b6e/0x5450 [ 14.713375] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.713400] ? kasan_save_alloc_info+0x3b/0x50 [ 14.713430] kasan_atomics+0x1dc/0x310 [ 14.713455] ? __pfx_kasan_atomics+0x10/0x10 [ 14.713481] ? __pfx_read_tsc+0x10/0x10 [ 14.713502] ? ktime_get_ts64+0x86/0x230 [ 14.713529] kunit_try_run_case+0x1a5/0x480 [ 14.713554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.713578] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.713603] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.713628] ? __kthread_parkme+0x82/0x180 [ 14.713650] ? preempt_count_sub+0x50/0x80 [ 14.713674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.713699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.713724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.713750] kthread+0x337/0x6f0 [ 14.713771] ? trace_preempt_on+0x20/0xc0 [ 14.713796] ? __pfx_kthread+0x10/0x10 [ 14.713817] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.713840] ? calculate_sigpending+0x7b/0xa0 [ 14.713865] ? __pfx_kthread+0x10/0x10 [ 14.713888] ret_from_fork+0x116/0x1d0 [ 14.713917] ? __pfx_kthread+0x10/0x10 [ 14.713939] ret_from_fork_asm+0x1a/0x30 [ 14.713971] </TASK> [ 14.713984] [ 14.721910] Allocated by task 282: [ 14.722052] kasan_save_stack+0x45/0x70 [ 14.722204] kasan_save_track+0x18/0x40 [ 14.722343] kasan_save_alloc_info+0x3b/0x50 [ 14.722494] __kasan_kmalloc+0xb7/0xc0 [ 14.722667] __kmalloc_cache_noprof+0x189/0x420 [ 14.723143] kasan_atomics+0x95/0x310 [ 14.723603] kunit_try_run_case+0x1a5/0x480 [ 14.723821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.724124] kthread+0x337/0x6f0 [ 14.724248] ret_from_fork+0x116/0x1d0 [ 14.724382] ret_from_fork_asm+0x1a/0x30 [ 14.724524] [ 14.724624] The buggy address belongs to the object at ffff8881029b7000 [ 14.724624] which belongs to the cache kmalloc-64 of size 64 [ 14.725471] The buggy address is located 0 bytes to the right of [ 14.725471] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.726012] [ 14.726114] The buggy address belongs to the physical page: [ 14.726359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.726870] flags: 0x200000000000000(node=0|zone=2) [ 14.727113] page_type: f5(slab) [ 14.727263] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.727498] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.727727] page dumped because: kasan: bad access detected [ 14.727996] [ 14.728103] Memory state around the buggy address: [ 14.728330] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.728650] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.729081] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.729403] ^ [ 14.729576] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.729794] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.730281] ================================================================== [ 15.084257] ================================================================== [ 15.084800] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.085071] Read of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.085383] [ 15.085571] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.085624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.085637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.085660] Call Trace: [ 15.085676] <TASK> [ 15.085692] dump_stack_lvl+0x73/0xb0 [ 15.085722] print_report+0xd1/0x610 [ 15.085747] ? __virt_addr_valid+0x1db/0x2d0 [ 15.085772] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.085794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.085828] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.085852] kasan_report+0x141/0x180 [ 15.085876] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.085922] __asan_report_load4_noabort+0x18/0x20 [ 15.085948] kasan_atomics_helper+0x4a84/0x5450 [ 15.085990] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.086024] ? kasan_save_alloc_info+0x3b/0x50 [ 15.086055] kasan_atomics+0x1dc/0x310 [ 15.086079] ? __pfx_kasan_atomics+0x10/0x10 [ 15.086115] ? __pfx_read_tsc+0x10/0x10 [ 15.086136] ? ktime_get_ts64+0x86/0x230 [ 15.086162] kunit_try_run_case+0x1a5/0x480 [ 15.086187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.086210] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.086245] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.086270] ? __kthread_parkme+0x82/0x180 [ 15.086291] ? preempt_count_sub+0x50/0x80 [ 15.086328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.086353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.086378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.086404] kthread+0x337/0x6f0 [ 15.086424] ? trace_preempt_on+0x20/0xc0 [ 15.086450] ? __pfx_kthread+0x10/0x10 [ 15.086471] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.086494] ? calculate_sigpending+0x7b/0xa0 [ 15.086577] ? __pfx_kthread+0x10/0x10 [ 15.086602] ret_from_fork+0x116/0x1d0 [ 15.086622] ? __pfx_kthread+0x10/0x10 [ 15.086654] ret_from_fork_asm+0x1a/0x30 [ 15.086687] </TASK> [ 15.086699] [ 15.094932] Allocated by task 282: [ 15.095160] kasan_save_stack+0x45/0x70 [ 15.095352] kasan_save_track+0x18/0x40 [ 15.095493] kasan_save_alloc_info+0x3b/0x50 [ 15.095708] __kasan_kmalloc+0xb7/0xc0 [ 15.095934] __kmalloc_cache_noprof+0x189/0x420 [ 15.096176] kasan_atomics+0x95/0x310 [ 15.096370] kunit_try_run_case+0x1a5/0x480 [ 15.096806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.097139] kthread+0x337/0x6f0 [ 15.097313] ret_from_fork+0x116/0x1d0 [ 15.097508] ret_from_fork_asm+0x1a/0x30 [ 15.097801] [ 15.097901] The buggy address belongs to the object at ffff8881029b7000 [ 15.097901] which belongs to the cache kmalloc-64 of size 64 [ 15.098430] The buggy address is located 0 bytes to the right of [ 15.098430] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.099051] [ 15.099154] The buggy address belongs to the physical page: [ 15.099363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.099605] flags: 0x200000000000000(node=0|zone=2) [ 15.099768] page_type: f5(slab) [ 15.099888] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.100333] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.100936] page dumped because: kasan: bad access detected [ 15.101242] [ 15.101362] Memory state around the buggy address: [ 15.101655] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.101962] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.102199] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.102414] ^ [ 15.102723] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.103119] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.103463] ================================================================== [ 14.959761] ================================================================== [ 14.960141] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 14.960455] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.960914] [ 14.961053] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.961098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.961110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.961131] Call Trace: [ 14.961145] <TASK> [ 14.961159] dump_stack_lvl+0x73/0xb0 [ 14.961189] print_report+0xd1/0x610 [ 14.961212] ? __virt_addr_valid+0x1db/0x2d0 [ 14.961235] ? kasan_atomics_helper+0x992/0x5450 [ 14.961258] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.961283] ? kasan_atomics_helper+0x992/0x5450 [ 14.961306] kasan_report+0x141/0x180 [ 14.961329] ? kasan_atomics_helper+0x992/0x5450 [ 14.961359] kasan_check_range+0x10c/0x1c0 [ 14.961384] __kasan_check_write+0x18/0x20 [ 14.961404] kasan_atomics_helper+0x992/0x5450 [ 14.961429] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.961453] ? kasan_save_alloc_info+0x3b/0x50 [ 14.961484] kasan_atomics+0x1dc/0x310 [ 14.961509] ? __pfx_kasan_atomics+0x10/0x10 [ 14.961534] ? __pfx_read_tsc+0x10/0x10 [ 14.961555] ? ktime_get_ts64+0x86/0x230 [ 14.961582] kunit_try_run_case+0x1a5/0x480 [ 14.961608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.961631] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.961656] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.961681] ? __kthread_parkme+0x82/0x180 [ 14.961702] ? preempt_count_sub+0x50/0x80 [ 14.961727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.961753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.961778] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.961803] kthread+0x337/0x6f0 [ 14.961822] ? trace_preempt_on+0x20/0xc0 [ 14.961846] ? __pfx_kthread+0x10/0x10 [ 14.961866] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.961889] ? calculate_sigpending+0x7b/0xa0 [ 14.961925] ? __pfx_kthread+0x10/0x10 [ 14.961947] ret_from_fork+0x116/0x1d0 [ 14.961967] ? __pfx_kthread+0x10/0x10 [ 14.961987] ret_from_fork_asm+0x1a/0x30 [ 14.962202] </TASK> [ 14.962214] [ 14.970270] Allocated by task 282: [ 14.970456] kasan_save_stack+0x45/0x70 [ 14.970848] kasan_save_track+0x18/0x40 [ 14.971115] kasan_save_alloc_info+0x3b/0x50 [ 14.971299] __kasan_kmalloc+0xb7/0xc0 [ 14.971458] __kmalloc_cache_noprof+0x189/0x420 [ 14.971640] kasan_atomics+0x95/0x310 [ 14.971830] kunit_try_run_case+0x1a5/0x480 [ 14.972055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.972253] kthread+0x337/0x6f0 [ 14.972376] ret_from_fork+0x116/0x1d0 [ 14.972509] ret_from_fork_asm+0x1a/0x30 [ 14.972650] [ 14.972722] The buggy address belongs to the object at ffff8881029b7000 [ 14.972722] which belongs to the cache kmalloc-64 of size 64 [ 14.973092] The buggy address is located 0 bytes to the right of [ 14.973092] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.973475] [ 14.973576] The buggy address belongs to the physical page: [ 14.973831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.974936] flags: 0x200000000000000(node=0|zone=2) [ 14.975202] page_type: f5(slab) [ 14.975377] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.975855] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.976197] page dumped because: kasan: bad access detected [ 14.976373] [ 14.976444] Memory state around the buggy address: [ 14.976645] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.976991] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.977471] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.978008] ^ [ 14.978181] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.978401] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.978666] ================================================================== [ 15.760026] ================================================================== [ 15.760397] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 15.760744] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.761115] [ 15.761223] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.761268] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.761280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.761303] Call Trace: [ 15.761318] <TASK> [ 15.761335] dump_stack_lvl+0x73/0xb0 [ 15.761365] print_report+0xd1/0x610 [ 15.761388] ? __virt_addr_valid+0x1db/0x2d0 [ 15.761412] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.761435] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.761460] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.761483] kasan_report+0x141/0x180 [ 15.761507] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.761535] kasan_check_range+0x10c/0x1c0 [ 15.761580] __kasan_check_write+0x18/0x20 [ 15.761601] kasan_atomics_helper+0x1c18/0x5450 [ 15.761627] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.761652] ? kasan_save_alloc_info+0x3b/0x50 [ 15.761683] kasan_atomics+0x1dc/0x310 [ 15.761708] ? __pfx_kasan_atomics+0x10/0x10 [ 15.761734] ? __pfx_read_tsc+0x10/0x10 [ 15.761757] ? ktime_get_ts64+0x86/0x230 [ 15.761782] kunit_try_run_case+0x1a5/0x480 [ 15.761807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.761831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.761856] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.761881] ? __kthread_parkme+0x82/0x180 [ 15.761913] ? preempt_count_sub+0x50/0x80 [ 15.761938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.761964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.762009] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.762035] kthread+0x337/0x6f0 [ 15.762054] ? trace_preempt_on+0x20/0xc0 [ 15.762079] ? __pfx_kthread+0x10/0x10 [ 15.762100] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.762123] ? calculate_sigpending+0x7b/0xa0 [ 15.762150] ? __pfx_kthread+0x10/0x10 [ 15.762173] ret_from_fork+0x116/0x1d0 [ 15.762192] ? __pfx_kthread+0x10/0x10 [ 15.762213] ret_from_fork_asm+0x1a/0x30 [ 15.762246] </TASK> [ 15.762256] [ 15.769548] Allocated by task 282: [ 15.769716] kasan_save_stack+0x45/0x70 [ 15.769910] kasan_save_track+0x18/0x40 [ 15.770097] kasan_save_alloc_info+0x3b/0x50 [ 15.770295] __kasan_kmalloc+0xb7/0xc0 [ 15.770474] __kmalloc_cache_noprof+0x189/0x420 [ 15.770679] kasan_atomics+0x95/0x310 [ 15.770849] kunit_try_run_case+0x1a5/0x480 [ 15.771056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.771292] kthread+0x337/0x6f0 [ 15.771452] ret_from_fork+0x116/0x1d0 [ 15.771617] ret_from_fork_asm+0x1a/0x30 [ 15.771783] [ 15.771866] The buggy address belongs to the object at ffff8881029b7000 [ 15.771866] which belongs to the cache kmalloc-64 of size 64 [ 15.772360] The buggy address is located 0 bytes to the right of [ 15.772360] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.772721] [ 15.772791] The buggy address belongs to the physical page: [ 15.773098] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.773459] flags: 0x200000000000000(node=0|zone=2) [ 15.773696] page_type: f5(slab) [ 15.773865] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.774200] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.774430] page dumped because: kasan: bad access detected [ 15.774603] [ 15.774674] Memory state around the buggy address: [ 15.774858] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.775211] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.775527] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.775838] ^ [ 15.776123] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.776455] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.776707] ================================================================== [ 15.904200] ================================================================== [ 15.904658] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 15.905050] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.905379] [ 15.905523] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.905568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.905581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.905633] Call Trace: [ 15.905651] <TASK> [ 15.905667] dump_stack_lvl+0x73/0xb0 [ 15.905696] print_report+0xd1/0x610 [ 15.905720] ? __virt_addr_valid+0x1db/0x2d0 [ 15.905744] ? kasan_atomics_helper+0x2006/0x5450 [ 15.905766] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.905790] ? kasan_atomics_helper+0x2006/0x5450 [ 15.905813] kasan_report+0x141/0x180 [ 15.905836] ? kasan_atomics_helper+0x2006/0x5450 [ 15.905865] kasan_check_range+0x10c/0x1c0 [ 15.905932] __kasan_check_write+0x18/0x20 [ 15.905953] kasan_atomics_helper+0x2006/0x5450 [ 15.906003] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.906028] ? kasan_save_alloc_info+0x3b/0x50 [ 15.906058] kasan_atomics+0x1dc/0x310 [ 15.906111] ? __pfx_kasan_atomics+0x10/0x10 [ 15.906161] ? __pfx_read_tsc+0x10/0x10 [ 15.906183] ? ktime_get_ts64+0x86/0x230 [ 15.906209] kunit_try_run_case+0x1a5/0x480 [ 15.906234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.906257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.906283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.906308] ? __kthread_parkme+0x82/0x180 [ 15.906328] ? preempt_count_sub+0x50/0x80 [ 15.906354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.906380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.906405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.906429] kthread+0x337/0x6f0 [ 15.906449] ? trace_preempt_on+0x20/0xc0 [ 15.906473] ? __pfx_kthread+0x10/0x10 [ 15.906494] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.906517] ? calculate_sigpending+0x7b/0xa0 [ 15.906542] ? __pfx_kthread+0x10/0x10 [ 15.906564] ret_from_fork+0x116/0x1d0 [ 15.906584] ? __pfx_kthread+0x10/0x10 [ 15.906604] ret_from_fork_asm+0x1a/0x30 [ 15.906637] </TASK> [ 15.906648] [ 15.914593] Allocated by task 282: [ 15.914802] kasan_save_stack+0x45/0x70 [ 15.915059] kasan_save_track+0x18/0x40 [ 15.915263] kasan_save_alloc_info+0x3b/0x50 [ 15.915502] __kasan_kmalloc+0xb7/0xc0 [ 15.915695] __kmalloc_cache_noprof+0x189/0x420 [ 15.915912] kasan_atomics+0x95/0x310 [ 15.916161] kunit_try_run_case+0x1a5/0x480 [ 15.916370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.916639] kthread+0x337/0x6f0 [ 15.916833] ret_from_fork+0x116/0x1d0 [ 15.917079] ret_from_fork_asm+0x1a/0x30 [ 15.917276] [ 15.917407] The buggy address belongs to the object at ffff8881029b7000 [ 15.917407] which belongs to the cache kmalloc-64 of size 64 [ 15.917937] The buggy address is located 0 bytes to the right of [ 15.917937] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.918379] [ 15.918470] The buggy address belongs to the physical page: [ 15.918660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.918984] flags: 0x200000000000000(node=0|zone=2) [ 15.919254] page_type: f5(slab) [ 15.919426] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.919801] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.920177] page dumped because: kasan: bad access detected [ 15.920391] [ 15.920461] Memory state around the buggy address: [ 15.920618] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.920836] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.921201] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.921519] ^ [ 15.921739] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.922092] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.922407] ================================================================== [ 15.560499] ================================================================== [ 15.560871] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.561294] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.561583] [ 15.561695] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.561739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.561751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.561772] Call Trace: [ 15.561785] <TASK> [ 15.561803] dump_stack_lvl+0x73/0xb0 [ 15.561831] print_report+0xd1/0x610 [ 15.561854] ? __virt_addr_valid+0x1db/0x2d0 [ 15.561878] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.561911] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.561935] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.561958] kasan_report+0x141/0x180 [ 15.561981] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.562020] kasan_check_range+0x10c/0x1c0 [ 15.562045] __kasan_check_write+0x18/0x20 [ 15.562065] kasan_atomics_helper+0x15b6/0x5450 [ 15.562089] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.562113] ? kasan_save_alloc_info+0x3b/0x50 [ 15.562144] kasan_atomics+0x1dc/0x310 [ 15.562168] ? __pfx_kasan_atomics+0x10/0x10 [ 15.562193] ? __pfx_read_tsc+0x10/0x10 [ 15.562215] ? ktime_get_ts64+0x86/0x230 [ 15.562241] kunit_try_run_case+0x1a5/0x480 [ 15.562266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.562290] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.562315] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.562339] ? __kthread_parkme+0x82/0x180 [ 15.562360] ? preempt_count_sub+0x50/0x80 [ 15.562386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.562410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.562435] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.562460] kthread+0x337/0x6f0 [ 15.562480] ? trace_preempt_on+0x20/0xc0 [ 15.562504] ? __pfx_kthread+0x10/0x10 [ 15.562525] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.562547] ? calculate_sigpending+0x7b/0xa0 [ 15.562572] ? __pfx_kthread+0x10/0x10 [ 15.562593] ret_from_fork+0x116/0x1d0 [ 15.562612] ? __pfx_kthread+0x10/0x10 [ 15.562633] ret_from_fork_asm+0x1a/0x30 [ 15.562666] </TASK> [ 15.562678] [ 15.569735] Allocated by task 282: [ 15.569934] kasan_save_stack+0x45/0x70 [ 15.570252] kasan_save_track+0x18/0x40 [ 15.570451] kasan_save_alloc_info+0x3b/0x50 [ 15.570675] __kasan_kmalloc+0xb7/0xc0 [ 15.570869] __kmalloc_cache_noprof+0x189/0x420 [ 15.571269] kasan_atomics+0x95/0x310 [ 15.571473] kunit_try_run_case+0x1a5/0x480 [ 15.571673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.571851] kthread+0x337/0x6f0 [ 15.572007] ret_from_fork+0x116/0x1d0 [ 15.572199] ret_from_fork_asm+0x1a/0x30 [ 15.572399] [ 15.572499] The buggy address belongs to the object at ffff8881029b7000 [ 15.572499] which belongs to the cache kmalloc-64 of size 64 [ 15.572983] The buggy address is located 0 bytes to the right of [ 15.572983] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.573484] [ 15.573586] The buggy address belongs to the physical page: [ 15.573806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.574147] flags: 0x200000000000000(node=0|zone=2) [ 15.574338] page_type: f5(slab) [ 15.574476] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.574822] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.575063] page dumped because: kasan: bad access detected [ 15.575237] [ 15.575308] Memory state around the buggy address: [ 15.575464] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.575682] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.575935] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.576565] ^ [ 15.576787] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.577122] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.577437] ================================================================== [ 14.789694] ================================================================== [ 14.790127] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 14.790426] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.790756] [ 14.790851] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.790905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.790918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.790939] Call Trace: [ 14.790954] <TASK> [ 14.790969] dump_stack_lvl+0x73/0xb0 [ 14.791007] print_report+0xd1/0x610 [ 14.791031] ? __virt_addr_valid+0x1db/0x2d0 [ 14.791055] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.791077] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.791101] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.791125] kasan_report+0x141/0x180 [ 14.791149] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.791177] __asan_report_store4_noabort+0x1b/0x30 [ 14.791203] kasan_atomics_helper+0x4b3a/0x5450 [ 14.791229] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.791254] ? kasan_save_alloc_info+0x3b/0x50 [ 14.791285] kasan_atomics+0x1dc/0x310 [ 14.791309] ? __pfx_kasan_atomics+0x10/0x10 [ 14.791333] ? __pfx_read_tsc+0x10/0x10 [ 14.791354] ? ktime_get_ts64+0x86/0x230 [ 14.791380] kunit_try_run_case+0x1a5/0x480 [ 14.791404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.791428] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.791453] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.791478] ? __kthread_parkme+0x82/0x180 [ 14.791499] ? preempt_count_sub+0x50/0x80 [ 14.791524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.791549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.791574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.791598] kthread+0x337/0x6f0 [ 14.791619] ? trace_preempt_on+0x20/0xc0 [ 14.791643] ? __pfx_kthread+0x10/0x10 [ 14.791664] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.791687] ? calculate_sigpending+0x7b/0xa0 [ 14.791711] ? __pfx_kthread+0x10/0x10 [ 14.791734] ret_from_fork+0x116/0x1d0 [ 14.791753] ? __pfx_kthread+0x10/0x10 [ 14.791774] ret_from_fork_asm+0x1a/0x30 [ 14.791807] </TASK> [ 14.791818] [ 14.799657] Allocated by task 282: [ 14.799842] kasan_save_stack+0x45/0x70 [ 14.800058] kasan_save_track+0x18/0x40 [ 14.800252] kasan_save_alloc_info+0x3b/0x50 [ 14.800824] __kasan_kmalloc+0xb7/0xc0 [ 14.801097] __kmalloc_cache_noprof+0x189/0x420 [ 14.801265] kasan_atomics+0x95/0x310 [ 14.801401] kunit_try_run_case+0x1a5/0x480 [ 14.801615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.801874] kthread+0x337/0x6f0 [ 14.802193] ret_from_fork+0x116/0x1d0 [ 14.802396] ret_from_fork_asm+0x1a/0x30 [ 14.802639] [ 14.802716] The buggy address belongs to the object at ffff8881029b7000 [ 14.802716] which belongs to the cache kmalloc-64 of size 64 [ 14.803372] The buggy address is located 0 bytes to the right of [ 14.803372] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.803973] [ 14.804065] The buggy address belongs to the physical page: [ 14.804269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.804851] flags: 0x200000000000000(node=0|zone=2) [ 14.805102] page_type: f5(slab) [ 14.805227] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.805461] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.805698] page dumped because: kasan: bad access detected [ 14.806005] [ 14.806105] Memory state around the buggy address: [ 14.806328] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.806647] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.807034] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.807253] ^ [ 14.807410] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.807630] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.808139] ================================================================== [ 15.695683] ================================================================== [ 15.696050] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.696394] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.696692] [ 15.696799] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.696839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.696852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.696876] Call Trace: [ 15.696900] <TASK> [ 15.696917] dump_stack_lvl+0x73/0xb0 [ 15.696942] print_report+0xd1/0x610 [ 15.696964] ? __virt_addr_valid+0x1db/0x2d0 [ 15.696988] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.697010] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.697033] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.697055] kasan_report+0x141/0x180 [ 15.697077] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.697104] kasan_check_range+0x10c/0x1c0 [ 15.697128] __kasan_check_write+0x18/0x20 [ 15.697148] kasan_atomics_helper+0x19e3/0x5450 [ 15.697171] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.697195] ? kasan_save_alloc_info+0x3b/0x50 [ 15.697225] kasan_atomics+0x1dc/0x310 [ 15.697248] ? __pfx_kasan_atomics+0x10/0x10 [ 15.697273] ? __pfx_read_tsc+0x10/0x10 [ 15.697293] ? ktime_get_ts64+0x86/0x230 [ 15.697319] kunit_try_run_case+0x1a5/0x480 [ 15.697343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.697365] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.697390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.697414] ? __kthread_parkme+0x82/0x180 [ 15.697435] ? preempt_count_sub+0x50/0x80 [ 15.697459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.697484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.697507] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.697531] kthread+0x337/0x6f0 [ 15.697551] ? trace_preempt_on+0x20/0xc0 [ 15.697574] ? __pfx_kthread+0x10/0x10 [ 15.697595] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.697616] ? calculate_sigpending+0x7b/0xa0 [ 15.697641] ? __pfx_kthread+0x10/0x10 [ 15.697663] ret_from_fork+0x116/0x1d0 [ 15.697681] ? __pfx_kthread+0x10/0x10 [ 15.697701] ret_from_fork_asm+0x1a/0x30 [ 15.697734] </TASK> [ 15.697745] [ 15.705034] Allocated by task 282: [ 15.705175] kasan_save_stack+0x45/0x70 [ 15.705321] kasan_save_track+0x18/0x40 [ 15.705457] kasan_save_alloc_info+0x3b/0x50 [ 15.705607] __kasan_kmalloc+0xb7/0xc0 [ 15.705741] __kmalloc_cache_noprof+0x189/0x420 [ 15.705909] kasan_atomics+0x95/0x310 [ 15.706071] kunit_try_run_case+0x1a5/0x480 [ 15.706221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.706404] kthread+0x337/0x6f0 [ 15.706530] ret_from_fork+0x116/0x1d0 [ 15.706666] ret_from_fork_asm+0x1a/0x30 [ 15.706873] [ 15.707005] The buggy address belongs to the object at ffff8881029b7000 [ 15.707005] which belongs to the cache kmalloc-64 of size 64 [ 15.707533] The buggy address is located 0 bytes to the right of [ 15.707533] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.708114] [ 15.708210] The buggy address belongs to the physical page: [ 15.708462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.708806] flags: 0x200000000000000(node=0|zone=2) [ 15.709006] page_type: f5(slab) [ 15.709127] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.709362] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.709589] page dumped because: kasan: bad access detected [ 15.709764] [ 15.709833] Memory state around the buggy address: [ 15.710105] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.710401] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.710670] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.711833] ^ [ 15.712246] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.712538] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.712815] ================================================================== [ 15.044049] ================================================================== [ 15.044401] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.044818] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.045184] [ 15.045308] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.045354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.045367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.045390] Call Trace: [ 15.045408] <TASK> [ 15.045425] dump_stack_lvl+0x73/0xb0 [ 15.045455] print_report+0xd1/0x610 [ 15.045480] ? __virt_addr_valid+0x1db/0x2d0 [ 15.045504] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.045612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.045638] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.045661] kasan_report+0x141/0x180 [ 15.045696] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.045724] kasan_check_range+0x10c/0x1c0 [ 15.045749] __kasan_check_write+0x18/0x20 [ 15.045769] kasan_atomics_helper+0xb6a/0x5450 [ 15.045794] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.045819] ? kasan_save_alloc_info+0x3b/0x50 [ 15.045849] kasan_atomics+0x1dc/0x310 [ 15.045874] ? __pfx_kasan_atomics+0x10/0x10 [ 15.045908] ? __pfx_read_tsc+0x10/0x10 [ 15.045931] ? ktime_get_ts64+0x86/0x230 [ 15.045957] kunit_try_run_case+0x1a5/0x480 [ 15.045982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.046006] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.046057] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.046083] ? __kthread_parkme+0x82/0x180 [ 15.046104] ? preempt_count_sub+0x50/0x80 [ 15.046140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.046165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.046189] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.046223] kthread+0x337/0x6f0 [ 15.046243] ? trace_preempt_on+0x20/0xc0 [ 15.046267] ? __pfx_kthread+0x10/0x10 [ 15.046299] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.046323] ? calculate_sigpending+0x7b/0xa0 [ 15.046348] ? __pfx_kthread+0x10/0x10 [ 15.046372] ret_from_fork+0x116/0x1d0 [ 15.046393] ? __pfx_kthread+0x10/0x10 [ 15.046413] ret_from_fork_asm+0x1a/0x30 [ 15.046448] </TASK> [ 15.046459] [ 15.054946] Allocated by task 282: [ 15.055162] kasan_save_stack+0x45/0x70 [ 15.055369] kasan_save_track+0x18/0x40 [ 15.055571] kasan_save_alloc_info+0x3b/0x50 [ 15.055995] __kasan_kmalloc+0xb7/0xc0 [ 15.056237] __kmalloc_cache_noprof+0x189/0x420 [ 15.056482] kasan_atomics+0x95/0x310 [ 15.056769] kunit_try_run_case+0x1a5/0x480 [ 15.056993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.057232] kthread+0x337/0x6f0 [ 15.057365] ret_from_fork+0x116/0x1d0 [ 15.057644] ret_from_fork_asm+0x1a/0x30 [ 15.057849] [ 15.057960] The buggy address belongs to the object at ffff8881029b7000 [ 15.057960] which belongs to the cache kmalloc-64 of size 64 [ 15.058490] The buggy address is located 0 bytes to the right of [ 15.058490] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.059054] [ 15.059133] The buggy address belongs to the physical page: [ 15.059308] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.059876] flags: 0x200000000000000(node=0|zone=2) [ 15.060162] page_type: f5(slab) [ 15.060340] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.060765] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.061134] page dumped because: kasan: bad access detected [ 15.061345] [ 15.061454] Memory state around the buggy address: [ 15.061761] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.062104] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.062324] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.062679] ^ [ 15.062924] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.063269] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.063684] ================================================================== [ 15.104054] ================================================================== [ 15.104403] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.104972] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.105249] [ 15.105388] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.105431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.105444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.105481] Call Trace: [ 15.105499] <TASK> [ 15.105593] dump_stack_lvl+0x73/0xb0 [ 15.105637] print_report+0xd1/0x610 [ 15.105664] ? __virt_addr_valid+0x1db/0x2d0 [ 15.105692] ? kasan_atomics_helper+0xd47/0x5450 [ 15.105720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.105763] ? kasan_atomics_helper+0xd47/0x5450 [ 15.105791] kasan_report+0x141/0x180 [ 15.105829] ? kasan_atomics_helper+0xd47/0x5450 [ 15.105862] kasan_check_range+0x10c/0x1c0 [ 15.105901] __kasan_check_write+0x18/0x20 [ 15.105934] kasan_atomics_helper+0xd47/0x5450 [ 15.105963] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.105993] ? kasan_save_alloc_info+0x3b/0x50 [ 15.106055] kasan_atomics+0x1dc/0x310 [ 15.106083] ? __pfx_kasan_atomics+0x10/0x10 [ 15.106121] ? __pfx_read_tsc+0x10/0x10 [ 15.106146] ? ktime_get_ts64+0x86/0x230 [ 15.106174] kunit_try_run_case+0x1a5/0x480 [ 15.106214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.106243] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.106274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.106304] ? __kthread_parkme+0x82/0x180 [ 15.106330] ? preempt_count_sub+0x50/0x80 [ 15.106359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.106389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.106420] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.106454] kthread+0x337/0x6f0 [ 15.106476] ? trace_preempt_on+0x20/0xc0 [ 15.106504] ? __pfx_kthread+0x10/0x10 [ 15.106612] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.106640] ? calculate_sigpending+0x7b/0xa0 [ 15.106670] ? __pfx_kthread+0x10/0x10 [ 15.106704] ret_from_fork+0x116/0x1d0 [ 15.106727] ? __pfx_kthread+0x10/0x10 [ 15.106752] ret_from_fork_asm+0x1a/0x30 [ 15.106804] </TASK> [ 15.106816] [ 15.115161] Allocated by task 282: [ 15.115349] kasan_save_stack+0x45/0x70 [ 15.115636] kasan_save_track+0x18/0x40 [ 15.115842] kasan_save_alloc_info+0x3b/0x50 [ 15.116097] __kasan_kmalloc+0xb7/0xc0 [ 15.116291] __kmalloc_cache_noprof+0x189/0x420 [ 15.116467] kasan_atomics+0x95/0x310 [ 15.116883] kunit_try_run_case+0x1a5/0x480 [ 15.117098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.117358] kthread+0x337/0x6f0 [ 15.117623] ret_from_fork+0x116/0x1d0 [ 15.117814] ret_from_fork_asm+0x1a/0x30 [ 15.118045] [ 15.118148] The buggy address belongs to the object at ffff8881029b7000 [ 15.118148] which belongs to the cache kmalloc-64 of size 64 [ 15.118678] The buggy address is located 0 bytes to the right of [ 15.118678] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.119246] [ 15.119349] The buggy address belongs to the physical page: [ 15.119701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.120135] flags: 0x200000000000000(node=0|zone=2) [ 15.120320] page_type: f5(slab) [ 15.120445] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.121026] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.121432] page dumped because: kasan: bad access detected [ 15.121808] [ 15.121918] Memory state around the buggy address: [ 15.122150] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122484] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122904] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.123261] ^ [ 15.123476] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.123711] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.124117] ================================================================== [ 15.457161] ================================================================== [ 15.457470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.457821] Read of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.458104] [ 15.458214] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.458256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.458268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.458290] Call Trace: [ 15.458305] <TASK> [ 15.458321] dump_stack_lvl+0x73/0xb0 [ 15.458348] print_report+0xd1/0x610 [ 15.458371] ? __virt_addr_valid+0x1db/0x2d0 [ 15.458395] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.458417] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.458441] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.458464] kasan_report+0x141/0x180 [ 15.458488] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.458516] __asan_report_load8_noabort+0x18/0x20 [ 15.458554] kasan_atomics_helper+0x4eae/0x5450 [ 15.458578] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.458604] ? kasan_save_alloc_info+0x3b/0x50 [ 15.458635] kasan_atomics+0x1dc/0x310 [ 15.458659] ? __pfx_kasan_atomics+0x10/0x10 [ 15.458684] ? __pfx_read_tsc+0x10/0x10 [ 15.458706] ? ktime_get_ts64+0x86/0x230 [ 15.458732] kunit_try_run_case+0x1a5/0x480 [ 15.458757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.458787] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.458812] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.458837] ? __kthread_parkme+0x82/0x180 [ 15.458858] ? preempt_count_sub+0x50/0x80 [ 15.458884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.458919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.458944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.458970] kthread+0x337/0x6f0 [ 15.458998] ? trace_preempt_on+0x20/0xc0 [ 15.459024] ? __pfx_kthread+0x10/0x10 [ 15.459045] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.459068] ? calculate_sigpending+0x7b/0xa0 [ 15.459093] ? __pfx_kthread+0x10/0x10 [ 15.459115] ret_from_fork+0x116/0x1d0 [ 15.459134] ? __pfx_kthread+0x10/0x10 [ 15.459155] ret_from_fork_asm+0x1a/0x30 [ 15.459188] </TASK> [ 15.459199] [ 15.468833] Allocated by task 282: [ 15.469507] kasan_save_stack+0x45/0x70 [ 15.469847] kasan_save_track+0x18/0x40 [ 15.470315] kasan_save_alloc_info+0x3b/0x50 [ 15.470566] __kasan_kmalloc+0xb7/0xc0 [ 15.470962] __kmalloc_cache_noprof+0x189/0x420 [ 15.471220] kasan_atomics+0x95/0x310 [ 15.471406] kunit_try_run_case+0x1a5/0x480 [ 15.471950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.472258] kthread+0x337/0x6f0 [ 15.472567] ret_from_fork+0x116/0x1d0 [ 15.472943] ret_from_fork_asm+0x1a/0x30 [ 15.473283] [ 15.473388] The buggy address belongs to the object at ffff8881029b7000 [ 15.473388] which belongs to the cache kmalloc-64 of size 64 [ 15.474370] The buggy address is located 0 bytes to the right of [ 15.474370] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.475043] [ 15.475150] The buggy address belongs to the physical page: [ 15.475379] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.476007] flags: 0x200000000000000(node=0|zone=2) [ 15.476368] page_type: f5(slab) [ 15.476766] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.477463] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.478175] page dumped because: kasan: bad access detected [ 15.478479] [ 15.478723] Memory state around the buggy address: [ 15.479264] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.479607] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.480265] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.480928] ^ [ 15.481167] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.481453] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.482060] ================================================================== [ 15.828377] ================================================================== [ 15.828880] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 15.829194] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.829413] [ 15.829540] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.829584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.829597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.829618] Call Trace: [ 15.829634] <TASK> [ 15.829649] dump_stack_lvl+0x73/0xb0 [ 15.829677] print_report+0xd1/0x610 [ 15.829700] ? __virt_addr_valid+0x1db/0x2d0 [ 15.829723] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.829746] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.829771] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.829794] kasan_report+0x141/0x180 [ 15.829817] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.829845] kasan_check_range+0x10c/0x1c0 [ 15.829870] __kasan_check_write+0x18/0x20 [ 15.829903] kasan_atomics_helper+0x1e12/0x5450 [ 15.829928] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.829952] ? kasan_save_alloc_info+0x3b/0x50 [ 15.830003] kasan_atomics+0x1dc/0x310 [ 15.830028] ? __pfx_kasan_atomics+0x10/0x10 [ 15.830076] ? __pfx_read_tsc+0x10/0x10 [ 15.830099] ? ktime_get_ts64+0x86/0x230 [ 15.830125] kunit_try_run_case+0x1a5/0x480 [ 15.830150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.830174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.830198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.830223] ? __kthread_parkme+0x82/0x180 [ 15.830244] ? preempt_count_sub+0x50/0x80 [ 15.830270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.830295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.830319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.830345] kthread+0x337/0x6f0 [ 15.830364] ? trace_preempt_on+0x20/0xc0 [ 15.830389] ? __pfx_kthread+0x10/0x10 [ 15.830411] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.830434] ? calculate_sigpending+0x7b/0xa0 [ 15.830459] ? __pfx_kthread+0x10/0x10 [ 15.830481] ret_from_fork+0x116/0x1d0 [ 15.830500] ? __pfx_kthread+0x10/0x10 [ 15.830521] ret_from_fork_asm+0x1a/0x30 [ 15.830554] </TASK> [ 15.830565] [ 15.838017] Allocated by task 282: [ 15.838231] kasan_save_stack+0x45/0x70 [ 15.838458] kasan_save_track+0x18/0x40 [ 15.838646] kasan_save_alloc_info+0x3b/0x50 [ 15.838800] __kasan_kmalloc+0xb7/0xc0 [ 15.838960] __kmalloc_cache_noprof+0x189/0x420 [ 15.839233] kasan_atomics+0x95/0x310 [ 15.839420] kunit_try_run_case+0x1a5/0x480 [ 15.839628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.839904] kthread+0x337/0x6f0 [ 15.840109] ret_from_fork+0x116/0x1d0 [ 15.840303] ret_from_fork_asm+0x1a/0x30 [ 15.840516] [ 15.840631] The buggy address belongs to the object at ffff8881029b7000 [ 15.840631] which belongs to the cache kmalloc-64 of size 64 [ 15.841216] The buggy address is located 0 bytes to the right of [ 15.841216] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.841743] [ 15.841869] The buggy address belongs to the physical page: [ 15.842168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.842524] flags: 0x200000000000000(node=0|zone=2) [ 15.842781] page_type: f5(slab) [ 15.842936] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.843333] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.843669] page dumped because: kasan: bad access detected [ 15.843930] [ 15.844048] Memory state around the buggy address: [ 15.844275] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.844514] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.844725] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.845012] ^ [ 15.845245] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.845597] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.845964] ================================================================== [ 15.980884] ================================================================== [ 15.981273] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 15.981668] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.982077] [ 15.982193] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.982268] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.982281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.982303] Call Trace: [ 15.982319] <TASK> [ 15.982335] dump_stack_lvl+0x73/0xb0 [ 15.982365] print_report+0xd1/0x610 [ 15.982419] ? __virt_addr_valid+0x1db/0x2d0 [ 15.982444] ? kasan_atomics_helper+0x218a/0x5450 [ 15.982467] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.982491] ? kasan_atomics_helper+0x218a/0x5450 [ 15.982514] kasan_report+0x141/0x180 [ 15.982537] ? kasan_atomics_helper+0x218a/0x5450 [ 15.982566] kasan_check_range+0x10c/0x1c0 [ 15.982619] __kasan_check_write+0x18/0x20 [ 15.982640] kasan_atomics_helper+0x218a/0x5450 [ 15.982664] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.982689] ? kasan_save_alloc_info+0x3b/0x50 [ 15.982719] kasan_atomics+0x1dc/0x310 [ 15.982744] ? __pfx_kasan_atomics+0x10/0x10 [ 15.982774] ? __pfx_read_tsc+0x10/0x10 [ 15.982797] ? ktime_get_ts64+0x86/0x230 [ 15.982823] kunit_try_run_case+0x1a5/0x480 [ 15.982849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.982874] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.982911] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.982936] ? __kthread_parkme+0x82/0x180 [ 15.982957] ? preempt_count_sub+0x50/0x80 [ 15.983037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.983064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.983089] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.983145] kthread+0x337/0x6f0 [ 15.983166] ? trace_preempt_on+0x20/0xc0 [ 15.983190] ? __pfx_kthread+0x10/0x10 [ 15.983211] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.983233] ? calculate_sigpending+0x7b/0xa0 [ 15.983259] ? __pfx_kthread+0x10/0x10 [ 15.983281] ret_from_fork+0x116/0x1d0 [ 15.983300] ? __pfx_kthread+0x10/0x10 [ 15.983322] ret_from_fork_asm+0x1a/0x30 [ 15.983356] </TASK> [ 15.983397] [ 15.991198] Allocated by task 282: [ 15.991403] kasan_save_stack+0x45/0x70 [ 15.991612] kasan_save_track+0x18/0x40 [ 15.991805] kasan_save_alloc_info+0x3b/0x50 [ 15.992081] __kasan_kmalloc+0xb7/0xc0 [ 15.992281] __kmalloc_cache_noprof+0x189/0x420 [ 15.992518] kasan_atomics+0x95/0x310 [ 15.992738] kunit_try_run_case+0x1a5/0x480 [ 15.992947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.993222] kthread+0x337/0x6f0 [ 15.993403] ret_from_fork+0x116/0x1d0 [ 15.993597] ret_from_fork_asm+0x1a/0x30 [ 15.993827] [ 15.993919] The buggy address belongs to the object at ffff8881029b7000 [ 15.993919] which belongs to the cache kmalloc-64 of size 64 [ 15.994480] The buggy address is located 0 bytes to the right of [ 15.994480] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.995087] [ 15.995259] The buggy address belongs to the physical page: [ 15.995597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.995962] flags: 0x200000000000000(node=0|zone=2) [ 15.996218] page_type: f5(slab) [ 15.996388] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.996641] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.996870] page dumped because: kasan: bad access detected [ 15.997159] [ 15.997287] Memory state around the buggy address: [ 15.997513] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.997836] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.998142] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.998358] ^ [ 15.998567] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.998831] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.999220] ================================================================== [ 15.181449] ================================================================== [ 15.181890] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.182261] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.182701] [ 15.182807] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.182853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.182865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.182904] Call Trace: [ 15.182923] <TASK> [ 15.182938] dump_stack_lvl+0x73/0xb0 [ 15.182997] print_report+0xd1/0x610 [ 15.183020] ? __virt_addr_valid+0x1db/0x2d0 [ 15.183045] ? kasan_atomics_helper+0xf10/0x5450 [ 15.183067] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.183091] ? kasan_atomics_helper+0xf10/0x5450 [ 15.183114] kasan_report+0x141/0x180 [ 15.183147] ? kasan_atomics_helper+0xf10/0x5450 [ 15.183175] kasan_check_range+0x10c/0x1c0 [ 15.183210] __kasan_check_write+0x18/0x20 [ 15.183231] kasan_atomics_helper+0xf10/0x5450 [ 15.183255] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.183281] ? kasan_save_alloc_info+0x3b/0x50 [ 15.183311] kasan_atomics+0x1dc/0x310 [ 15.183335] ? __pfx_kasan_atomics+0x10/0x10 [ 15.183361] ? __pfx_read_tsc+0x10/0x10 [ 15.183383] ? ktime_get_ts64+0x86/0x230 [ 15.183409] kunit_try_run_case+0x1a5/0x480 [ 15.183434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.183466] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.183491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.183581] ? __kthread_parkme+0x82/0x180 [ 15.183606] ? preempt_count_sub+0x50/0x80 [ 15.183631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.183657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.183682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.183707] kthread+0x337/0x6f0 [ 15.183728] ? trace_preempt_on+0x20/0xc0 [ 15.183753] ? __pfx_kthread+0x10/0x10 [ 15.183774] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.183797] ? calculate_sigpending+0x7b/0xa0 [ 15.183822] ? __pfx_kthread+0x10/0x10 [ 15.183844] ret_from_fork+0x116/0x1d0 [ 15.183863] ? __pfx_kthread+0x10/0x10 [ 15.183884] ret_from_fork_asm+0x1a/0x30 [ 15.183936] </TASK> [ 15.183948] [ 15.192143] Allocated by task 282: [ 15.192357] kasan_save_stack+0x45/0x70 [ 15.192737] kasan_save_track+0x18/0x40 [ 15.192959] kasan_save_alloc_info+0x3b/0x50 [ 15.193200] __kasan_kmalloc+0xb7/0xc0 [ 15.193403] __kmalloc_cache_noprof+0x189/0x420 [ 15.193716] kasan_atomics+0x95/0x310 [ 15.193926] kunit_try_run_case+0x1a5/0x480 [ 15.194103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.194383] kthread+0x337/0x6f0 [ 15.194662] ret_from_fork+0x116/0x1d0 [ 15.194857] ret_from_fork_asm+0x1a/0x30 [ 15.195111] [ 15.195211] The buggy address belongs to the object at ffff8881029b7000 [ 15.195211] which belongs to the cache kmalloc-64 of size 64 [ 15.195806] The buggy address is located 0 bytes to the right of [ 15.195806] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.196365] [ 15.196467] The buggy address belongs to the physical page: [ 15.196949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.197274] flags: 0x200000000000000(node=0|zone=2) [ 15.197442] page_type: f5(slab) [ 15.197574] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.198028] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.198369] page dumped because: kasan: bad access detected [ 15.198704] [ 15.198811] Memory state around the buggy address: [ 15.199051] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.199377] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.199749] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.200069] ^ [ 15.200250] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.200804] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.201154] ================================================================== [ 14.750111] ================================================================== [ 14.750406] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 14.750758] Read of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.751209] [ 14.751322] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.751363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.751375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.751395] Call Trace: [ 14.751411] <TASK> [ 14.751425] dump_stack_lvl+0x73/0xb0 [ 14.751454] print_report+0xd1/0x610 [ 14.751477] ? __virt_addr_valid+0x1db/0x2d0 [ 14.751499] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.751522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.751707] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.751731] kasan_report+0x141/0x180 [ 14.751755] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.751783] __asan_report_load4_noabort+0x18/0x20 [ 14.751809] kasan_atomics_helper+0x4b54/0x5450 [ 14.751834] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.751858] ? kasan_save_alloc_info+0x3b/0x50 [ 14.751889] kasan_atomics+0x1dc/0x310 [ 14.751929] ? __pfx_kasan_atomics+0x10/0x10 [ 14.751954] ? __pfx_read_tsc+0x10/0x10 [ 14.751975] ? ktime_get_ts64+0x86/0x230 [ 14.752000] kunit_try_run_case+0x1a5/0x480 [ 14.752025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.752048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.752075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.752099] ? __kthread_parkme+0x82/0x180 [ 14.752121] ? preempt_count_sub+0x50/0x80 [ 14.752146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.752171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.752196] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.752221] kthread+0x337/0x6f0 [ 14.752241] ? trace_preempt_on+0x20/0xc0 [ 14.752266] ? __pfx_kthread+0x10/0x10 [ 14.752287] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.752309] ? calculate_sigpending+0x7b/0xa0 [ 14.752335] ? __pfx_kthread+0x10/0x10 [ 14.752358] ret_from_fork+0x116/0x1d0 [ 14.752377] ? __pfx_kthread+0x10/0x10 [ 14.752398] ret_from_fork_asm+0x1a/0x30 [ 14.752431] </TASK> [ 14.752442] [ 14.760177] Allocated by task 282: [ 14.760339] kasan_save_stack+0x45/0x70 [ 14.760516] kasan_save_track+0x18/0x40 [ 14.760699] kasan_save_alloc_info+0x3b/0x50 [ 14.760854] __kasan_kmalloc+0xb7/0xc0 [ 14.761000] __kmalloc_cache_noprof+0x189/0x420 [ 14.761159] kasan_atomics+0x95/0x310 [ 14.761295] kunit_try_run_case+0x1a5/0x480 [ 14.761443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.761621] kthread+0x337/0x6f0 [ 14.761743] ret_from_fork+0x116/0x1d0 [ 14.761877] ret_from_fork_asm+0x1a/0x30 [ 14.762085] [ 14.762203] The buggy address belongs to the object at ffff8881029b7000 [ 14.762203] which belongs to the cache kmalloc-64 of size 64 [ 14.762731] The buggy address is located 0 bytes to the right of [ 14.762731] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.763698] [ 14.763869] The buggy address belongs to the physical page: [ 14.764637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.764909] flags: 0x200000000000000(node=0|zone=2) [ 14.765321] page_type: f5(slab) [ 14.765493] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.765885] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.766346] page dumped because: kasan: bad access detected [ 14.766637] [ 14.766722] Memory state around the buggy address: [ 14.766884] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.767458] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.768096] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.768380] ^ [ 14.768640] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.768863] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.769199] ================================================================== [ 15.999763] ================================================================== [ 16.000101] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.000480] Read of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 16.000853] [ 16.001029] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.001074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.001086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.001109] Call Trace: [ 16.001125] <TASK> [ 16.001172] dump_stack_lvl+0x73/0xb0 [ 16.001202] print_report+0xd1/0x610 [ 16.001225] ? __virt_addr_valid+0x1db/0x2d0 [ 16.001249] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.001271] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.001295] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.001349] kasan_report+0x141/0x180 [ 16.001372] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.001401] __asan_report_load8_noabort+0x18/0x20 [ 16.001426] kasan_atomics_helper+0x4fa5/0x5450 [ 16.001451] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.001505] ? kasan_save_alloc_info+0x3b/0x50 [ 16.001536] kasan_atomics+0x1dc/0x310 [ 16.001561] ? __pfx_kasan_atomics+0x10/0x10 [ 16.001586] ? __pfx_read_tsc+0x10/0x10 [ 16.001608] ? ktime_get_ts64+0x86/0x230 [ 16.001665] kunit_try_run_case+0x1a5/0x480 [ 16.001691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.001715] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.001741] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.001766] ? __kthread_parkme+0x82/0x180 [ 16.001787] ? preempt_count_sub+0x50/0x80 [ 16.001813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.001838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.001863] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.001889] kthread+0x337/0x6f0 [ 16.001919] ? trace_preempt_on+0x20/0xc0 [ 16.001991] ? __pfx_kthread+0x10/0x10 [ 16.002014] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.002037] ? calculate_sigpending+0x7b/0xa0 [ 16.002062] ? __pfx_kthread+0x10/0x10 [ 16.002084] ret_from_fork+0x116/0x1d0 [ 16.002103] ? __pfx_kthread+0x10/0x10 [ 16.002124] ret_from_fork_asm+0x1a/0x30 [ 16.002157] </TASK> [ 16.002167] [ 16.010524] Allocated by task 282: [ 16.010717] kasan_save_stack+0x45/0x70 [ 16.010944] kasan_save_track+0x18/0x40 [ 16.011212] kasan_save_alloc_info+0x3b/0x50 [ 16.011424] __kasan_kmalloc+0xb7/0xc0 [ 16.011646] __kmalloc_cache_noprof+0x189/0x420 [ 16.011915] kasan_atomics+0x95/0x310 [ 16.012140] kunit_try_run_case+0x1a5/0x480 [ 16.012367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.012635] kthread+0x337/0x6f0 [ 16.012800] ret_from_fork+0x116/0x1d0 [ 16.013091] ret_from_fork_asm+0x1a/0x30 [ 16.013341] [ 16.013439] The buggy address belongs to the object at ffff8881029b7000 [ 16.013439] which belongs to the cache kmalloc-64 of size 64 [ 16.013916] The buggy address is located 0 bytes to the right of [ 16.013916] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 16.014514] [ 16.014604] The buggy address belongs to the physical page: [ 16.014808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 16.015231] flags: 0x200000000000000(node=0|zone=2) [ 16.015503] page_type: f5(slab) [ 16.015671] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.016068] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.016398] page dumped because: kasan: bad access detected [ 16.016641] [ 16.016733] Memory state around the buggy address: [ 16.016983] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.017237] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.017496] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.017854] ^ [ 16.018123] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.018440] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.018751] ================================================================== [ 15.222455] ================================================================== [ 15.222931] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.223291] Read of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.223633] [ 15.223758] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.223802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.223815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.223848] Call Trace: [ 15.223863] <TASK> [ 15.223879] dump_stack_lvl+0x73/0xb0 [ 15.223917] print_report+0xd1/0x610 [ 15.223940] ? __virt_addr_valid+0x1db/0x2d0 [ 15.223965] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.223988] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.224012] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.224040] kasan_report+0x141/0x180 [ 15.224063] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.224091] __asan_report_load4_noabort+0x18/0x20 [ 15.224117] kasan_atomics_helper+0x4a36/0x5450 [ 15.224141] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.224184] ? kasan_save_alloc_info+0x3b/0x50 [ 15.224216] kasan_atomics+0x1dc/0x310 [ 15.224251] ? __pfx_kasan_atomics+0x10/0x10 [ 15.224277] ? __pfx_read_tsc+0x10/0x10 [ 15.224298] ? ktime_get_ts64+0x86/0x230 [ 15.224324] kunit_try_run_case+0x1a5/0x480 [ 15.224349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.224382] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.224406] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.224442] ? __kthread_parkme+0x82/0x180 [ 15.224463] ? preempt_count_sub+0x50/0x80 [ 15.224488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.224573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.224601] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.224627] kthread+0x337/0x6f0 [ 15.224648] ? trace_preempt_on+0x20/0xc0 [ 15.224672] ? __pfx_kthread+0x10/0x10 [ 15.224694] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.224717] ? calculate_sigpending+0x7b/0xa0 [ 15.224742] ? __pfx_kthread+0x10/0x10 [ 15.224764] ret_from_fork+0x116/0x1d0 [ 15.224795] ? __pfx_kthread+0x10/0x10 [ 15.224817] ret_from_fork_asm+0x1a/0x30 [ 15.224861] </TASK> [ 15.224873] [ 15.233256] Allocated by task 282: [ 15.233438] kasan_save_stack+0x45/0x70 [ 15.233857] kasan_save_track+0x18/0x40 [ 15.234113] kasan_save_alloc_info+0x3b/0x50 [ 15.234317] __kasan_kmalloc+0xb7/0xc0 [ 15.234537] __kmalloc_cache_noprof+0x189/0x420 [ 15.234739] kasan_atomics+0x95/0x310 [ 15.234901] kunit_try_run_case+0x1a5/0x480 [ 15.235115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.235366] kthread+0x337/0x6f0 [ 15.235530] ret_from_fork+0x116/0x1d0 [ 15.235693] ret_from_fork_asm+0x1a/0x30 [ 15.235878] [ 15.236092] The buggy address belongs to the object at ffff8881029b7000 [ 15.236092] which belongs to the cache kmalloc-64 of size 64 [ 15.236669] The buggy address is located 0 bytes to the right of [ 15.236669] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.237183] [ 15.237258] The buggy address belongs to the physical page: [ 15.237433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.237936] flags: 0x200000000000000(node=0|zone=2) [ 15.238221] page_type: f5(slab) [ 15.238392] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.238820] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.239175] page dumped because: kasan: bad access detected [ 15.239350] [ 15.239421] Memory state around the buggy address: [ 15.239773] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.240137] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.240472] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.240833] ^ [ 15.241103] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.241333] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.241781] ================================================================== [ 14.913367] ================================================================== [ 14.913948] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 14.914648] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.915200] [ 14.915291] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.915335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.915348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.915370] Call Trace: [ 14.915386] <TASK> [ 14.915402] dump_stack_lvl+0x73/0xb0 [ 14.915431] print_report+0xd1/0x610 [ 14.915454] ? __virt_addr_valid+0x1db/0x2d0 [ 14.915478] ? kasan_atomics_helper+0x860/0x5450 [ 14.915500] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.915711] ? kasan_atomics_helper+0x860/0x5450 [ 14.915737] kasan_report+0x141/0x180 [ 14.915761] ? kasan_atomics_helper+0x860/0x5450 [ 14.915790] kasan_check_range+0x10c/0x1c0 [ 14.915815] __kasan_check_write+0x18/0x20 [ 14.915835] kasan_atomics_helper+0x860/0x5450 [ 14.915859] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.915884] ? kasan_save_alloc_info+0x3b/0x50 [ 14.915929] kasan_atomics+0x1dc/0x310 [ 14.915953] ? __pfx_kasan_atomics+0x10/0x10 [ 14.915978] ? __pfx_read_tsc+0x10/0x10 [ 14.916000] ? ktime_get_ts64+0x86/0x230 [ 14.916026] kunit_try_run_case+0x1a5/0x480 [ 14.916051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.916075] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.916101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.916146] ? __kthread_parkme+0x82/0x180 [ 14.916168] ? preempt_count_sub+0x50/0x80 [ 14.916194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.916219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.916244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.916270] kthread+0x337/0x6f0 [ 14.916291] ? trace_preempt_on+0x20/0xc0 [ 14.916315] ? __pfx_kthread+0x10/0x10 [ 14.916337] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.916360] ? calculate_sigpending+0x7b/0xa0 [ 14.916385] ? __pfx_kthread+0x10/0x10 [ 14.916408] ret_from_fork+0x116/0x1d0 [ 14.916428] ? __pfx_kthread+0x10/0x10 [ 14.916450] ret_from_fork_asm+0x1a/0x30 [ 14.916483] </TASK> [ 14.916494] [ 14.930540] Allocated by task 282: [ 14.931106] kasan_save_stack+0x45/0x70 [ 14.931470] kasan_save_track+0x18/0x40 [ 14.931769] kasan_save_alloc_info+0x3b/0x50 [ 14.932242] __kasan_kmalloc+0xb7/0xc0 [ 14.932626] __kmalloc_cache_noprof+0x189/0x420 [ 14.932929] kasan_atomics+0x95/0x310 [ 14.933093] kunit_try_run_case+0x1a5/0x480 [ 14.933245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.933424] kthread+0x337/0x6f0 [ 14.933553] ret_from_fork+0x116/0x1d0 [ 14.933724] ret_from_fork_asm+0x1a/0x30 [ 14.933888] [ 14.933997] The buggy address belongs to the object at ffff8881029b7000 [ 14.933997] which belongs to the cache kmalloc-64 of size 64 [ 14.934489] The buggy address is located 0 bytes to the right of [ 14.934489] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.935246] [ 14.935352] The buggy address belongs to the physical page: [ 14.935665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.936058] flags: 0x200000000000000(node=0|zone=2) [ 14.936286] page_type: f5(slab) [ 14.936423] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.936750] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.937046] page dumped because: kasan: bad access detected [ 14.937411] [ 14.937485] Memory state around the buggy address: [ 14.937917] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.938247] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.938543] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.938860] ^ [ 14.939056] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.939338] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.939582] ================================================================== [ 14.870706] ================================================================== [ 14.871090] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 14.871324] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.871816] [ 14.871948] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.872015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.872028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.872049] Call Trace: [ 14.872065] <TASK> [ 14.872079] dump_stack_lvl+0x73/0xb0 [ 14.872110] print_report+0xd1/0x610 [ 14.872133] ? __virt_addr_valid+0x1db/0x2d0 [ 14.872157] ? kasan_atomics_helper+0x72f/0x5450 [ 14.872179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.872203] ? kasan_atomics_helper+0x72f/0x5450 [ 14.872226] kasan_report+0x141/0x180 [ 14.872249] ? kasan_atomics_helper+0x72f/0x5450 [ 14.872277] kasan_check_range+0x10c/0x1c0 [ 14.872302] __kasan_check_write+0x18/0x20 [ 14.872323] kasan_atomics_helper+0x72f/0x5450 [ 14.872347] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.872371] ? kasan_save_alloc_info+0x3b/0x50 [ 14.872402] kasan_atomics+0x1dc/0x310 [ 14.872426] ? __pfx_kasan_atomics+0x10/0x10 [ 14.872452] ? __pfx_read_tsc+0x10/0x10 [ 14.872473] ? ktime_get_ts64+0x86/0x230 [ 14.872499] kunit_try_run_case+0x1a5/0x480 [ 14.872600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.872625] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.872650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.872676] ? __kthread_parkme+0x82/0x180 [ 14.872697] ? preempt_count_sub+0x50/0x80 [ 14.872723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.872748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.872773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.872798] kthread+0x337/0x6f0 [ 14.872819] ? trace_preempt_on+0x20/0xc0 [ 14.872843] ? __pfx_kthread+0x10/0x10 [ 14.872865] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.872887] ? calculate_sigpending+0x7b/0xa0 [ 14.872923] ? __pfx_kthread+0x10/0x10 [ 14.872946] ret_from_fork+0x116/0x1d0 [ 14.872964] ? __pfx_kthread+0x10/0x10 [ 14.872985] ret_from_fork_asm+0x1a/0x30 [ 14.873034] </TASK> [ 14.873046] [ 14.881110] Allocated by task 282: [ 14.881295] kasan_save_stack+0x45/0x70 [ 14.881470] kasan_save_track+0x18/0x40 [ 14.881740] kasan_save_alloc_info+0x3b/0x50 [ 14.881938] __kasan_kmalloc+0xb7/0xc0 [ 14.882157] __kmalloc_cache_noprof+0x189/0x420 [ 14.882381] kasan_atomics+0x95/0x310 [ 14.882626] kunit_try_run_case+0x1a5/0x480 [ 14.882835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.883100] kthread+0x337/0x6f0 [ 14.883264] ret_from_fork+0x116/0x1d0 [ 14.883446] ret_from_fork_asm+0x1a/0x30 [ 14.883822] [ 14.883930] The buggy address belongs to the object at ffff8881029b7000 [ 14.883930] which belongs to the cache kmalloc-64 of size 64 [ 14.884320] The buggy address is located 0 bytes to the right of [ 14.884320] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.884820] [ 14.884930] The buggy address belongs to the physical page: [ 14.885208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.885643] flags: 0x200000000000000(node=0|zone=2) [ 14.885879] page_type: f5(slab) [ 14.886085] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.886430] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.886808] page dumped because: kasan: bad access detected [ 14.887025] [ 14.887097] Memory state around the buggy address: [ 14.887256] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.887479] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.888026] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.888386] ^ [ 14.888698] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.889067] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.889385] ================================================================== [ 15.794162] ================================================================== [ 15.794556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 15.794902] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.795244] [ 15.795357] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.795400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.795412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.795434] Call Trace: [ 15.795448] <TASK> [ 15.795463] dump_stack_lvl+0x73/0xb0 [ 15.795491] print_report+0xd1/0x610 [ 15.795514] ? __virt_addr_valid+0x1db/0x2d0 [ 15.795537] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.795559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.795583] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.795606] kasan_report+0x141/0x180 [ 15.795629] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.795657] kasan_check_range+0x10c/0x1c0 [ 15.795682] __kasan_check_write+0x18/0x20 [ 15.795701] kasan_atomics_helper+0x1ce1/0x5450 [ 15.795725] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.795749] ? kasan_save_alloc_info+0x3b/0x50 [ 15.795779] kasan_atomics+0x1dc/0x310 [ 15.795803] ? __pfx_kasan_atomics+0x10/0x10 [ 15.795828] ? __pfx_read_tsc+0x10/0x10 [ 15.795849] ? ktime_get_ts64+0x86/0x230 [ 15.795874] kunit_try_run_case+0x1a5/0x480 [ 15.795910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.795933] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.795958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.796002] ? __kthread_parkme+0x82/0x180 [ 15.796025] ? preempt_count_sub+0x50/0x80 [ 15.796050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.796075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.796099] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.796124] kthread+0x337/0x6f0 [ 15.796144] ? trace_preempt_on+0x20/0xc0 [ 15.796168] ? __pfx_kthread+0x10/0x10 [ 15.796189] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.796211] ? calculate_sigpending+0x7b/0xa0 [ 15.796236] ? __pfx_kthread+0x10/0x10 [ 15.796283] ret_from_fork+0x116/0x1d0 [ 15.796302] ? __pfx_kthread+0x10/0x10 [ 15.796323] ret_from_fork_asm+0x1a/0x30 [ 15.796356] </TASK> [ 15.796366] [ 15.803549] Allocated by task 282: [ 15.803754] kasan_save_stack+0x45/0x70 [ 15.803956] kasan_save_track+0x18/0x40 [ 15.804190] kasan_save_alloc_info+0x3b/0x50 [ 15.804378] __kasan_kmalloc+0xb7/0xc0 [ 15.804513] __kmalloc_cache_noprof+0x189/0x420 [ 15.804672] kasan_atomics+0x95/0x310 [ 15.804807] kunit_try_run_case+0x1a5/0x480 [ 15.805064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.805328] kthread+0x337/0x6f0 [ 15.805497] ret_from_fork+0x116/0x1d0 [ 15.805686] ret_from_fork_asm+0x1a/0x30 [ 15.805850] [ 15.805934] The buggy address belongs to the object at ffff8881029b7000 [ 15.805934] which belongs to the cache kmalloc-64 of size 64 [ 15.806362] The buggy address is located 0 bytes to the right of [ 15.806362] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.806939] [ 15.807062] The buggy address belongs to the physical page: [ 15.807269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.807511] flags: 0x200000000000000(node=0|zone=2) [ 15.807674] page_type: f5(slab) [ 15.807795] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.808169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.808552] page dumped because: kasan: bad access detected [ 15.808827] [ 15.808933] Memory state around the buggy address: [ 15.809188] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.809541] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.809875] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.810190] ^ [ 15.810390] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.810689] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.811013] ================================================================== [ 14.686639] ================================================================== [ 14.687397] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.688170] Read of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.688720] [ 14.688850] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.688904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.688915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.688935] Call Trace: [ 14.688950] <TASK> [ 14.688999] dump_stack_lvl+0x73/0xb0 [ 14.689030] print_report+0xd1/0x610 [ 14.689053] ? __virt_addr_valid+0x1db/0x2d0 [ 14.689075] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.689096] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.689118] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.689140] kasan_report+0x141/0x180 [ 14.689163] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.689190] __asan_report_load4_noabort+0x18/0x20 [ 14.689214] kasan_atomics_helper+0x4b88/0x5450 [ 14.689237] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.689260] ? kasan_save_alloc_info+0x3b/0x50 [ 14.689289] kasan_atomics+0x1dc/0x310 [ 14.689313] ? __pfx_kasan_atomics+0x10/0x10 [ 14.689337] ? __pfx_read_tsc+0x10/0x10 [ 14.689358] ? ktime_get_ts64+0x86/0x230 [ 14.689383] kunit_try_run_case+0x1a5/0x480 [ 14.689407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.689429] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.689454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.689478] ? __kthread_parkme+0x82/0x180 [ 14.689499] ? preempt_count_sub+0x50/0x80 [ 14.689694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.689722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.689746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.689771] kthread+0x337/0x6f0 [ 14.689791] ? trace_preempt_on+0x20/0xc0 [ 14.689815] ? __pfx_kthread+0x10/0x10 [ 14.689836] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.689858] ? calculate_sigpending+0x7b/0xa0 [ 14.689882] ? __pfx_kthread+0x10/0x10 [ 14.689917] ret_from_fork+0x116/0x1d0 [ 14.689936] ? __pfx_kthread+0x10/0x10 [ 14.689956] ret_from_fork_asm+0x1a/0x30 [ 14.689989] </TASK> [ 14.690000] [ 14.702435] Allocated by task 282: [ 14.702750] kasan_save_stack+0x45/0x70 [ 14.702974] kasan_save_track+0x18/0x40 [ 14.703115] kasan_save_alloc_info+0x3b/0x50 [ 14.703342] __kasan_kmalloc+0xb7/0xc0 [ 14.703594] __kmalloc_cache_noprof+0x189/0x420 [ 14.703830] kasan_atomics+0x95/0x310 [ 14.704040] kunit_try_run_case+0x1a5/0x480 [ 14.704235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.704466] kthread+0x337/0x6f0 [ 14.704732] ret_from_fork+0x116/0x1d0 [ 14.704919] ret_from_fork_asm+0x1a/0x30 [ 14.705212] [ 14.705296] The buggy address belongs to the object at ffff8881029b7000 [ 14.705296] which belongs to the cache kmalloc-64 of size 64 [ 14.705947] The buggy address is located 0 bytes to the right of [ 14.705947] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.706572] [ 14.706650] The buggy address belongs to the physical page: [ 14.706909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.707258] flags: 0x200000000000000(node=0|zone=2) [ 14.707426] page_type: f5(slab) [ 14.707551] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.708155] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.708507] page dumped because: kasan: bad access detected [ 14.708768] [ 14.708868] Memory state around the buggy address: [ 14.709116] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.709373] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.709614] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.710151] ^ [ 14.710714] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.711010] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.711331] ================================================================== [ 15.262214] ================================================================== [ 15.262641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.263038] Read of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.263370] [ 15.263483] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.263624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.263638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.263660] Call Trace: [ 15.263675] <TASK> [ 15.263690] dump_stack_lvl+0x73/0xb0 [ 15.263719] print_report+0xd1/0x610 [ 15.263741] ? __virt_addr_valid+0x1db/0x2d0 [ 15.263765] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.263786] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.263810] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.263834] kasan_report+0x141/0x180 [ 15.263867] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.263914] __asan_report_load4_noabort+0x18/0x20 [ 15.263940] kasan_atomics_helper+0x4a1c/0x5450 [ 15.263964] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.263989] ? kasan_save_alloc_info+0x3b/0x50 [ 15.264019] kasan_atomics+0x1dc/0x310 [ 15.264063] ? __pfx_kasan_atomics+0x10/0x10 [ 15.264089] ? __pfx_read_tsc+0x10/0x10 [ 15.264109] ? ktime_get_ts64+0x86/0x230 [ 15.264135] kunit_try_run_case+0x1a5/0x480 [ 15.264159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.264182] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.264208] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.264233] ? __kthread_parkme+0x82/0x180 [ 15.264254] ? preempt_count_sub+0x50/0x80 [ 15.264278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.264303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.264337] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.264362] kthread+0x337/0x6f0 [ 15.264382] ? trace_preempt_on+0x20/0xc0 [ 15.264417] ? __pfx_kthread+0x10/0x10 [ 15.264439] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.264461] ? calculate_sigpending+0x7b/0xa0 [ 15.264497] ? __pfx_kthread+0x10/0x10 [ 15.264586] ret_from_fork+0x116/0x1d0 [ 15.264608] ? __pfx_kthread+0x10/0x10 [ 15.264629] ret_from_fork_asm+0x1a/0x30 [ 15.264663] </TASK> [ 15.264674] [ 15.272958] Allocated by task 282: [ 15.273537] kasan_save_stack+0x45/0x70 [ 15.273734] kasan_save_track+0x18/0x40 [ 15.274949] kasan_save_alloc_info+0x3b/0x50 [ 15.275145] __kasan_kmalloc+0xb7/0xc0 [ 15.275281] __kmalloc_cache_noprof+0x189/0x420 [ 15.275557] kasan_atomics+0x95/0x310 [ 15.275789] kunit_try_run_case+0x1a5/0x480 [ 15.275947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.276393] kthread+0x337/0x6f0 [ 15.276824] ret_from_fork+0x116/0x1d0 [ 15.277024] ret_from_fork_asm+0x1a/0x30 [ 15.277166] [ 15.277241] The buggy address belongs to the object at ffff8881029b7000 [ 15.277241] which belongs to the cache kmalloc-64 of size 64 [ 15.278321] The buggy address is located 0 bytes to the right of [ 15.278321] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.279693] [ 15.279886] The buggy address belongs to the physical page: [ 15.280508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.280882] flags: 0x200000000000000(node=0|zone=2) [ 15.281417] page_type: f5(slab) [ 15.281780] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.282320] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.282558] page dumped because: kasan: bad access detected [ 15.283176] [ 15.283352] Memory state around the buggy address: [ 15.283872] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.284546] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.285066] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.285585] ^ [ 15.286121] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.286426] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.287162] ================================================================== [ 15.064447] ================================================================== [ 15.064870] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.065243] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.065571] [ 15.065708] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.065765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.065778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.065800] Call Trace: [ 15.065818] <TASK> [ 15.065834] dump_stack_lvl+0x73/0xb0 [ 15.065864] print_report+0xd1/0x610 [ 15.065888] ? __virt_addr_valid+0x1db/0x2d0 [ 15.065922] ? kasan_atomics_helper+0xc70/0x5450 [ 15.065944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.065987] ? kasan_atomics_helper+0xc70/0x5450 [ 15.066010] kasan_report+0x141/0x180 [ 15.066033] ? kasan_atomics_helper+0xc70/0x5450 [ 15.066071] kasan_check_range+0x10c/0x1c0 [ 15.066096] __kasan_check_write+0x18/0x20 [ 15.066116] kasan_atomics_helper+0xc70/0x5450 [ 15.066151] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.066176] ? kasan_save_alloc_info+0x3b/0x50 [ 15.066207] kasan_atomics+0x1dc/0x310 [ 15.066232] ? __pfx_kasan_atomics+0x10/0x10 [ 15.066258] ? __pfx_read_tsc+0x10/0x10 [ 15.066280] ? ktime_get_ts64+0x86/0x230 [ 15.066306] kunit_try_run_case+0x1a5/0x480 [ 15.066332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.066355] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.066381] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.066406] ? __kthread_parkme+0x82/0x180 [ 15.066428] ? preempt_count_sub+0x50/0x80 [ 15.066461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.066487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.066574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.066604] kthread+0x337/0x6f0 [ 15.066636] ? trace_preempt_on+0x20/0xc0 [ 15.066662] ? __pfx_kthread+0x10/0x10 [ 15.066683] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.066718] ? calculate_sigpending+0x7b/0xa0 [ 15.066743] ? __pfx_kthread+0x10/0x10 [ 15.066771] ret_from_fork+0x116/0x1d0 [ 15.066791] ? __pfx_kthread+0x10/0x10 [ 15.066813] ret_from_fork_asm+0x1a/0x30 [ 15.066854] </TASK> [ 15.066866] [ 15.075297] Allocated by task 282: [ 15.075466] kasan_save_stack+0x45/0x70 [ 15.075874] kasan_save_track+0x18/0x40 [ 15.076043] kasan_save_alloc_info+0x3b/0x50 [ 15.076237] __kasan_kmalloc+0xb7/0xc0 [ 15.076499] __kmalloc_cache_noprof+0x189/0x420 [ 15.076796] kasan_atomics+0x95/0x310 [ 15.077024] kunit_try_run_case+0x1a5/0x480 [ 15.077210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.077472] kthread+0x337/0x6f0 [ 15.077712] ret_from_fork+0x116/0x1d0 [ 15.077923] ret_from_fork_asm+0x1a/0x30 [ 15.078115] [ 15.078243] The buggy address belongs to the object at ffff8881029b7000 [ 15.078243] which belongs to the cache kmalloc-64 of size 64 [ 15.078732] The buggy address is located 0 bytes to the right of [ 15.078732] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.079174] [ 15.079287] The buggy address belongs to the physical page: [ 15.079546] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.079921] flags: 0x200000000000000(node=0|zone=2) [ 15.080167] page_type: f5(slab) [ 15.080337] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.080953] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.081277] page dumped because: kasan: bad access detected [ 15.081453] [ 15.081593] Memory state around the buggy address: [ 15.081841] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.082232] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.082555] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.082791] ^ [ 15.082980] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.083301] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.083770] ================================================================== [ 15.156977] ================================================================== [ 15.157293] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.157979] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.158548] [ 15.158639] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.158683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.158695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.158717] Call Trace: [ 15.158735] <TASK> [ 15.158751] dump_stack_lvl+0x73/0xb0 [ 15.158786] print_report+0xd1/0x610 [ 15.158808] ? __virt_addr_valid+0x1db/0x2d0 [ 15.158832] ? kasan_atomics_helper+0xe78/0x5450 [ 15.158853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.158877] ? kasan_atomics_helper+0xe78/0x5450 [ 15.159020] kasan_report+0x141/0x180 [ 15.159059] ? kasan_atomics_helper+0xe78/0x5450 [ 15.159088] kasan_check_range+0x10c/0x1c0 [ 15.159126] __kasan_check_write+0x18/0x20 [ 15.159146] kasan_atomics_helper+0xe78/0x5450 [ 15.159170] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.159195] ? kasan_save_alloc_info+0x3b/0x50 [ 15.159226] kasan_atomics+0x1dc/0x310 [ 15.159258] ? __pfx_kasan_atomics+0x10/0x10 [ 15.159284] ? __pfx_read_tsc+0x10/0x10 [ 15.159306] ? ktime_get_ts64+0x86/0x230 [ 15.159342] kunit_try_run_case+0x1a5/0x480 [ 15.159367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.159390] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.159416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.159441] ? __kthread_parkme+0x82/0x180 [ 15.159462] ? preempt_count_sub+0x50/0x80 [ 15.159487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.159572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.159601] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.159627] kthread+0x337/0x6f0 [ 15.159647] ? trace_preempt_on+0x20/0xc0 [ 15.159671] ? __pfx_kthread+0x10/0x10 [ 15.159693] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.159716] ? calculate_sigpending+0x7b/0xa0 [ 15.159740] ? __pfx_kthread+0x10/0x10 [ 15.159763] ret_from_fork+0x116/0x1d0 [ 15.159783] ? __pfx_kthread+0x10/0x10 [ 15.159804] ret_from_fork_asm+0x1a/0x30 [ 15.159838] </TASK> [ 15.159849] [ 15.171948] Allocated by task 282: [ 15.172179] kasan_save_stack+0x45/0x70 [ 15.172388] kasan_save_track+0x18/0x40 [ 15.172567] kasan_save_alloc_info+0x3b/0x50 [ 15.172722] __kasan_kmalloc+0xb7/0xc0 [ 15.172858] __kmalloc_cache_noprof+0x189/0x420 [ 15.173308] kasan_atomics+0x95/0x310 [ 15.173607] kunit_try_run_case+0x1a5/0x480 [ 15.173825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.174139] kthread+0x337/0x6f0 [ 15.174313] ret_from_fork+0x116/0x1d0 [ 15.174454] ret_from_fork_asm+0x1a/0x30 [ 15.174770] [ 15.174886] The buggy address belongs to the object at ffff8881029b7000 [ 15.174886] which belongs to the cache kmalloc-64 of size 64 [ 15.175449] The buggy address is located 0 bytes to the right of [ 15.175449] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.176048] [ 15.176179] The buggy address belongs to the physical page: [ 15.176405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.176916] flags: 0x200000000000000(node=0|zone=2) [ 15.177091] page_type: f5(slab) [ 15.177303] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.177673] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.177982] page dumped because: kasan: bad access detected [ 15.178226] [ 15.178321] Memory state around the buggy address: [ 15.178548] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.178824] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.179399] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.179809] ^ [ 15.180063] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.180376] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.180961] ================================================================== [ 14.808618] ================================================================== [ 14.809210] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.809645] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.809960] [ 14.810047] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.810090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.810103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.810124] Call Trace: [ 14.810140] <TASK> [ 14.810158] dump_stack_lvl+0x73/0xb0 [ 14.810186] print_report+0xd1/0x610 [ 14.810210] ? __virt_addr_valid+0x1db/0x2d0 [ 14.810234] ? kasan_atomics_helper+0x565/0x5450 [ 14.810257] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.810281] ? kasan_atomics_helper+0x565/0x5450 [ 14.810305] kasan_report+0x141/0x180 [ 14.810328] ? kasan_atomics_helper+0x565/0x5450 [ 14.810356] kasan_check_range+0x10c/0x1c0 [ 14.810381] __kasan_check_write+0x18/0x20 [ 14.810463] kasan_atomics_helper+0x565/0x5450 [ 14.810489] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.810514] ? kasan_save_alloc_info+0x3b/0x50 [ 14.810545] kasan_atomics+0x1dc/0x310 [ 14.810569] ? __pfx_kasan_atomics+0x10/0x10 [ 14.810595] ? __pfx_read_tsc+0x10/0x10 [ 14.810617] ? ktime_get_ts64+0x86/0x230 [ 14.810643] kunit_try_run_case+0x1a5/0x480 [ 14.810669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.810692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.810717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.810742] ? __kthread_parkme+0x82/0x180 [ 14.810770] ? preempt_count_sub+0x50/0x80 [ 14.810796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.810821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.810847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.810871] kthread+0x337/0x6f0 [ 14.810952] ? trace_preempt_on+0x20/0xc0 [ 14.810977] ? __pfx_kthread+0x10/0x10 [ 14.811006] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.811030] ? calculate_sigpending+0x7b/0xa0 [ 14.811055] ? __pfx_kthread+0x10/0x10 [ 14.811077] ret_from_fork+0x116/0x1d0 [ 14.811097] ? __pfx_kthread+0x10/0x10 [ 14.811118] ret_from_fork_asm+0x1a/0x30 [ 14.811152] </TASK> [ 14.811163] [ 14.819835] Allocated by task 282: [ 14.820077] kasan_save_stack+0x45/0x70 [ 14.820249] kasan_save_track+0x18/0x40 [ 14.820385] kasan_save_alloc_info+0x3b/0x50 [ 14.820586] __kasan_kmalloc+0xb7/0xc0 [ 14.820781] __kmalloc_cache_noprof+0x189/0x420 [ 14.821051] kasan_atomics+0x95/0x310 [ 14.821241] kunit_try_run_case+0x1a5/0x480 [ 14.821450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.821909] kthread+0x337/0x6f0 [ 14.822174] ret_from_fork+0x116/0x1d0 [ 14.822312] ret_from_fork_asm+0x1a/0x30 [ 14.822453] [ 14.822526] The buggy address belongs to the object at ffff8881029b7000 [ 14.822526] which belongs to the cache kmalloc-64 of size 64 [ 14.822900] The buggy address is located 0 bytes to the right of [ 14.822900] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.823448] [ 14.823547] The buggy address belongs to the physical page: [ 14.824075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.824445] flags: 0x200000000000000(node=0|zone=2) [ 14.824841] page_type: f5(slab) [ 14.825004] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.825270] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.825498] page dumped because: kasan: bad access detected [ 14.826073] [ 14.826169] Memory state around the buggy address: [ 14.826393] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.826680] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.827153] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.827434] ^ [ 14.827723] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.828069] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.828339] ================================================================== [ 15.866142] ================================================================== [ 15.866606] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 15.866853] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.867121] [ 15.867207] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.867249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.867262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.867284] Call Trace: [ 15.867299] <TASK> [ 15.867316] dump_stack_lvl+0x73/0xb0 [ 15.867387] print_report+0xd1/0x610 [ 15.867437] ? __virt_addr_valid+0x1db/0x2d0 [ 15.867461] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.867484] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.867509] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.867532] kasan_report+0x141/0x180 [ 15.867555] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.867583] kasan_check_range+0x10c/0x1c0 [ 15.867642] __kasan_check_write+0x18/0x20 [ 15.867662] kasan_atomics_helper+0x1f43/0x5450 [ 15.867686] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.867710] ? kasan_save_alloc_info+0x3b/0x50 [ 15.867741] kasan_atomics+0x1dc/0x310 [ 15.867796] ? __pfx_kasan_atomics+0x10/0x10 [ 15.867821] ? __pfx_read_tsc+0x10/0x10 [ 15.867842] ? ktime_get_ts64+0x86/0x230 [ 15.867867] kunit_try_run_case+0x1a5/0x480 [ 15.867903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.867953] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.868005] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.868030] ? __kthread_parkme+0x82/0x180 [ 15.868052] ? preempt_count_sub+0x50/0x80 [ 15.868077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.868133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.868159] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.868184] kthread+0x337/0x6f0 [ 15.868204] ? trace_preempt_on+0x20/0xc0 [ 15.868229] ? __pfx_kthread+0x10/0x10 [ 15.868250] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.868272] ? calculate_sigpending+0x7b/0xa0 [ 15.868322] ? __pfx_kthread+0x10/0x10 [ 15.868345] ret_from_fork+0x116/0x1d0 [ 15.868364] ? __pfx_kthread+0x10/0x10 [ 15.868384] ret_from_fork_asm+0x1a/0x30 [ 15.868417] </TASK> [ 15.868428] [ 15.876565] Allocated by task 282: [ 15.876739] kasan_save_stack+0x45/0x70 [ 15.876952] kasan_save_track+0x18/0x40 [ 15.877175] kasan_save_alloc_info+0x3b/0x50 [ 15.877379] __kasan_kmalloc+0xb7/0xc0 [ 15.877602] __kmalloc_cache_noprof+0x189/0x420 [ 15.877818] kasan_atomics+0x95/0x310 [ 15.878073] kunit_try_run_case+0x1a5/0x480 [ 15.878307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.878571] kthread+0x337/0x6f0 [ 15.878729] ret_from_fork+0x116/0x1d0 [ 15.878872] ret_from_fork_asm+0x1a/0x30 [ 15.879107] [ 15.879207] The buggy address belongs to the object at ffff8881029b7000 [ 15.879207] which belongs to the cache kmalloc-64 of size 64 [ 15.879740] The buggy address is located 0 bytes to the right of [ 15.879740] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.880286] [ 15.880370] The buggy address belongs to the physical page: [ 15.880685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.881108] flags: 0x200000000000000(node=0|zone=2) [ 15.881319] page_type: f5(slab) [ 15.881478] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.881717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.881960] page dumped because: kasan: bad access detected [ 15.882267] [ 15.882363] Memory state around the buggy address: [ 15.882617] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.882998] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.883325] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.883641] ^ [ 15.883800] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.884060] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.884420] ================================================================== [ 15.885224] ================================================================== [ 15.885672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 15.886133] Read of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.886446] [ 15.886537] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.886580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.886592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.886614] Call Trace: [ 15.886629] <TASK> [ 15.886644] dump_stack_lvl+0x73/0xb0 [ 15.886709] print_report+0xd1/0x610 [ 15.886736] ? __virt_addr_valid+0x1db/0x2d0 [ 15.886759] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.886812] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.886835] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.886859] kasan_report+0x141/0x180 [ 15.886882] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.886920] __asan_report_load8_noabort+0x18/0x20 [ 15.886995] kasan_atomics_helper+0x4f71/0x5450 [ 15.887022] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.887046] ? kasan_save_alloc_info+0x3b/0x50 [ 15.887077] kasan_atomics+0x1dc/0x310 [ 15.887102] ? __pfx_kasan_atomics+0x10/0x10 [ 15.887128] ? __pfx_read_tsc+0x10/0x10 [ 15.887150] ? ktime_get_ts64+0x86/0x230 [ 15.887175] kunit_try_run_case+0x1a5/0x480 [ 15.887200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.887224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.887249] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.887274] ? __kthread_parkme+0x82/0x180 [ 15.887295] ? preempt_count_sub+0x50/0x80 [ 15.887320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.887345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.887369] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.887394] kthread+0x337/0x6f0 [ 15.887414] ? trace_preempt_on+0x20/0xc0 [ 15.887437] ? __pfx_kthread+0x10/0x10 [ 15.887458] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.887480] ? calculate_sigpending+0x7b/0xa0 [ 15.887505] ? __pfx_kthread+0x10/0x10 [ 15.887527] ret_from_fork+0x116/0x1d0 [ 15.887546] ? __pfx_kthread+0x10/0x10 [ 15.887567] ret_from_fork_asm+0x1a/0x30 [ 15.887600] </TASK> [ 15.887611] [ 15.895056] Allocated by task 282: [ 15.895276] kasan_save_stack+0x45/0x70 [ 15.895481] kasan_save_track+0x18/0x40 [ 15.895698] kasan_save_alloc_info+0x3b/0x50 [ 15.895933] __kasan_kmalloc+0xb7/0xc0 [ 15.896172] __kmalloc_cache_noprof+0x189/0x420 [ 15.896426] kasan_atomics+0x95/0x310 [ 15.896607] kunit_try_run_case+0x1a5/0x480 [ 15.896837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.897162] kthread+0x337/0x6f0 [ 15.897337] ret_from_fork+0x116/0x1d0 [ 15.897531] ret_from_fork_asm+0x1a/0x30 [ 15.897748] [ 15.897847] The buggy address belongs to the object at ffff8881029b7000 [ 15.897847] which belongs to the cache kmalloc-64 of size 64 [ 15.898418] The buggy address is located 0 bytes to the right of [ 15.898418] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.899009] [ 15.899141] The buggy address belongs to the physical page: [ 15.899403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.899732] flags: 0x200000000000000(node=0|zone=2) [ 15.899916] page_type: f5(slab) [ 15.900151] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.900525] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.900847] page dumped because: kasan: bad access detected [ 15.901057] [ 15.901143] Memory state around the buggy address: [ 15.901440] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.901818] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.902180] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.902450] ^ [ 15.902744] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.903092] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.903400] ================================================================== [ 15.513211] ================================================================== [ 15.513684] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.514171] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.514473] [ 15.514748] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.514805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.514818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.515087] Call Trace: [ 15.515111] <TASK> [ 15.515131] dump_stack_lvl+0x73/0xb0 [ 15.515165] print_report+0xd1/0x610 [ 15.515188] ? __virt_addr_valid+0x1db/0x2d0 [ 15.515250] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.515274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.515299] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.515323] kasan_report+0x141/0x180 [ 15.515346] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.515375] __asan_report_store8_noabort+0x1b/0x30 [ 15.515401] kasan_atomics_helper+0x50d4/0x5450 [ 15.515425] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.515450] ? kasan_save_alloc_info+0x3b/0x50 [ 15.515480] kasan_atomics+0x1dc/0x310 [ 15.515504] ? __pfx_kasan_atomics+0x10/0x10 [ 15.515529] ? __pfx_read_tsc+0x10/0x10 [ 15.515552] ? ktime_get_ts64+0x86/0x230 [ 15.515577] kunit_try_run_case+0x1a5/0x480 [ 15.515602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.515626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.515652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.515676] ? __kthread_parkme+0x82/0x180 [ 15.515698] ? preempt_count_sub+0x50/0x80 [ 15.515724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.515749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.515773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.515798] kthread+0x337/0x6f0 [ 15.515819] ? trace_preempt_on+0x20/0xc0 [ 15.515843] ? __pfx_kthread+0x10/0x10 [ 15.515864] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.515886] ? calculate_sigpending+0x7b/0xa0 [ 15.515922] ? __pfx_kthread+0x10/0x10 [ 15.515944] ret_from_fork+0x116/0x1d0 [ 15.515963] ? __pfx_kthread+0x10/0x10 [ 15.515984] ret_from_fork_asm+0x1a/0x30 [ 15.516017] </TASK> [ 15.516028] [ 15.523913] Allocated by task 282: [ 15.524266] kasan_save_stack+0x45/0x70 [ 15.525312] kasan_save_track+0x18/0x40 [ 15.525977] kasan_save_alloc_info+0x3b/0x50 [ 15.526171] __kasan_kmalloc+0xb7/0xc0 [ 15.526311] __kmalloc_cache_noprof+0x189/0x420 [ 15.526790] kasan_atomics+0x95/0x310 [ 15.527306] kunit_try_run_case+0x1a5/0x480 [ 15.527659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.527948] kthread+0x337/0x6f0 [ 15.528369] ret_from_fork+0x116/0x1d0 [ 15.528646] ret_from_fork_asm+0x1a/0x30 [ 15.528800] [ 15.528904] The buggy address belongs to the object at ffff8881029b7000 [ 15.528904] which belongs to the cache kmalloc-64 of size 64 [ 15.530224] The buggy address is located 0 bytes to the right of [ 15.530224] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.531338] [ 15.531592] The buggy address belongs to the physical page: [ 15.532060] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.532618] flags: 0x200000000000000(node=0|zone=2) [ 15.533234] page_type: f5(slab) [ 15.533469] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.534145] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.534454] page dumped because: kasan: bad access detected [ 15.534955] [ 15.535241] Memory state around the buggy address: [ 15.535465] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.535937] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.536478] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.536944] ^ [ 15.537498] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.537937] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.538408] ================================================================== [ 15.961620] ================================================================== [ 15.961964] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 15.962482] Read of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.962881] [ 15.963024] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.963104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.963120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.963142] Call Trace: [ 15.963157] <TASK> [ 15.963172] dump_stack_lvl+0x73/0xb0 [ 15.963201] print_report+0xd1/0x610 [ 15.963224] ? __virt_addr_valid+0x1db/0x2d0 [ 15.963248] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.963270] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.963294] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.963318] kasan_report+0x141/0x180 [ 15.963341] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.963402] __asan_report_load8_noabort+0x18/0x20 [ 15.963428] kasan_atomics_helper+0x4fb2/0x5450 [ 15.963452] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.963477] ? kasan_save_alloc_info+0x3b/0x50 [ 15.963535] kasan_atomics+0x1dc/0x310 [ 15.963560] ? __pfx_kasan_atomics+0x10/0x10 [ 15.963585] ? __pfx_read_tsc+0x10/0x10 [ 15.963607] ? ktime_get_ts64+0x86/0x230 [ 15.963633] kunit_try_run_case+0x1a5/0x480 [ 15.963689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.963713] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.963738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.963763] ? __kthread_parkme+0x82/0x180 [ 15.963784] ? preempt_count_sub+0x50/0x80 [ 15.963843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.963868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.963903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.963929] kthread+0x337/0x6f0 [ 15.963949] ? trace_preempt_on+0x20/0xc0 [ 15.964044] ? __pfx_kthread+0x10/0x10 [ 15.964089] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.964158] ? calculate_sigpending+0x7b/0xa0 [ 15.964184] ? __pfx_kthread+0x10/0x10 [ 15.964206] ret_from_fork+0x116/0x1d0 [ 15.964226] ? __pfx_kthread+0x10/0x10 [ 15.964248] ret_from_fork_asm+0x1a/0x30 [ 15.964281] </TASK> [ 15.964292] [ 15.972281] Allocated by task 282: [ 15.972431] kasan_save_stack+0x45/0x70 [ 15.972579] kasan_save_track+0x18/0x40 [ 15.972716] kasan_save_alloc_info+0x3b/0x50 [ 15.972942] __kasan_kmalloc+0xb7/0xc0 [ 15.973111] __kmalloc_cache_noprof+0x189/0x420 [ 15.973512] kasan_atomics+0x95/0x310 [ 15.973705] kunit_try_run_case+0x1a5/0x480 [ 15.973923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.974203] kthread+0x337/0x6f0 [ 15.974374] ret_from_fork+0x116/0x1d0 [ 15.974562] ret_from_fork_asm+0x1a/0x30 [ 15.974730] [ 15.974809] The buggy address belongs to the object at ffff8881029b7000 [ 15.974809] which belongs to the cache kmalloc-64 of size 64 [ 15.975204] The buggy address is located 0 bytes to the right of [ 15.975204] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.975827] [ 15.975964] The buggy address belongs to the physical page: [ 15.976277] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.976667] flags: 0x200000000000000(node=0|zone=2) [ 15.976834] page_type: f5(slab) [ 15.977077] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.977446] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.977791] page dumped because: kasan: bad access detected [ 15.978092] [ 15.978188] Memory state around the buggy address: [ 15.978415] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.978730] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.979125] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.979418] ^ [ 15.979596] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.979813] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.980124] ================================================================== [ 15.578004] ================================================================== [ 15.578343] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.578721] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.579166] [ 15.579264] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.579306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.579318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.579340] Call Trace: [ 15.579354] <TASK> [ 15.579369] dump_stack_lvl+0x73/0xb0 [ 15.579397] print_report+0xd1/0x610 [ 15.579419] ? __virt_addr_valid+0x1db/0x2d0 [ 15.579443] ? kasan_atomics_helper+0x164f/0x5450 [ 15.579466] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.579490] ? kasan_atomics_helper+0x164f/0x5450 [ 15.579513] kasan_report+0x141/0x180 [ 15.579536] ? kasan_atomics_helper+0x164f/0x5450 [ 15.579564] kasan_check_range+0x10c/0x1c0 [ 15.579589] __kasan_check_write+0x18/0x20 [ 15.579609] kasan_atomics_helper+0x164f/0x5450 [ 15.579633] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.579657] ? kasan_save_alloc_info+0x3b/0x50 [ 15.579688] kasan_atomics+0x1dc/0x310 [ 15.579713] ? __pfx_kasan_atomics+0x10/0x10 [ 15.579738] ? __pfx_read_tsc+0x10/0x10 [ 15.579759] ? ktime_get_ts64+0x86/0x230 [ 15.579784] kunit_try_run_case+0x1a5/0x480 [ 15.579809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.579831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.579858] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.579883] ? __kthread_parkme+0x82/0x180 [ 15.579915] ? preempt_count_sub+0x50/0x80 [ 15.579940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.579965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.580001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.580027] kthread+0x337/0x6f0 [ 15.580046] ? trace_preempt_on+0x20/0xc0 [ 15.580071] ? __pfx_kthread+0x10/0x10 [ 15.580091] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.580114] ? calculate_sigpending+0x7b/0xa0 [ 15.580139] ? __pfx_kthread+0x10/0x10 [ 15.580161] ret_from_fork+0x116/0x1d0 [ 15.580181] ? __pfx_kthread+0x10/0x10 [ 15.580202] ret_from_fork_asm+0x1a/0x30 [ 15.580235] </TASK> [ 15.580246] [ 15.587357] Allocated by task 282: [ 15.587542] kasan_save_stack+0x45/0x70 [ 15.587748] kasan_save_track+0x18/0x40 [ 15.588099] kasan_save_alloc_info+0x3b/0x50 [ 15.588285] __kasan_kmalloc+0xb7/0xc0 [ 15.588421] __kmalloc_cache_noprof+0x189/0x420 [ 15.588579] kasan_atomics+0x95/0x310 [ 15.588715] kunit_try_run_case+0x1a5/0x480 [ 15.588869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.589059] kthread+0x337/0x6f0 [ 15.589183] ret_from_fork+0x116/0x1d0 [ 15.589315] ret_from_fork_asm+0x1a/0x30 [ 15.589455] [ 15.589533] The buggy address belongs to the object at ffff8881029b7000 [ 15.589533] which belongs to the cache kmalloc-64 of size 64 [ 15.590123] The buggy address is located 0 bytes to the right of [ 15.590123] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.590685] [ 15.590785] The buggy address belongs to the physical page: [ 15.591128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.591476] flags: 0x200000000000000(node=0|zone=2) [ 15.591639] page_type: f5(slab) [ 15.591760] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.592138] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.592482] page dumped because: kasan: bad access detected [ 15.592738] [ 15.592835] Memory state around the buggy address: [ 15.593095] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.593375] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.593626] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.593840] ^ [ 15.594007] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.594224] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.594545] ================================================================== [ 15.846657] ================================================================== [ 15.847158] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 15.847628] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.848121] [ 15.848234] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.848279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.848292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.848313] Call Trace: [ 15.848329] <TASK> [ 15.848345] dump_stack_lvl+0x73/0xb0 [ 15.848374] print_report+0xd1/0x610 [ 15.848398] ? __virt_addr_valid+0x1db/0x2d0 [ 15.848423] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.848445] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.848469] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.848493] kasan_report+0x141/0x180 [ 15.848517] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.848546] kasan_check_range+0x10c/0x1c0 [ 15.848571] __kasan_check_write+0x18/0x20 [ 15.848592] kasan_atomics_helper+0x1eaa/0x5450 [ 15.848617] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.848641] ? kasan_save_alloc_info+0x3b/0x50 [ 15.848672] kasan_atomics+0x1dc/0x310 [ 15.848697] ? __pfx_kasan_atomics+0x10/0x10 [ 15.848722] ? __pfx_read_tsc+0x10/0x10 [ 15.848744] ? ktime_get_ts64+0x86/0x230 [ 15.848770] kunit_try_run_case+0x1a5/0x480 [ 15.848795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.848819] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.848844] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.848870] ? __kthread_parkme+0x82/0x180 [ 15.848902] ? preempt_count_sub+0x50/0x80 [ 15.848963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.849010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.849066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.849116] kthread+0x337/0x6f0 [ 15.849138] ? trace_preempt_on+0x20/0xc0 [ 15.849184] ? __pfx_kthread+0x10/0x10 [ 15.849206] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.849229] ? calculate_sigpending+0x7b/0xa0 [ 15.849256] ? __pfx_kthread+0x10/0x10 [ 15.849277] ret_from_fork+0x116/0x1d0 [ 15.849297] ? __pfx_kthread+0x10/0x10 [ 15.849318] ret_from_fork_asm+0x1a/0x30 [ 15.849352] </TASK> [ 15.849363] [ 15.857293] Allocated by task 282: [ 15.857467] kasan_save_stack+0x45/0x70 [ 15.857668] kasan_save_track+0x18/0x40 [ 15.857856] kasan_save_alloc_info+0x3b/0x50 [ 15.858096] __kasan_kmalloc+0xb7/0xc0 [ 15.858280] __kmalloc_cache_noprof+0x189/0x420 [ 15.858528] kasan_atomics+0x95/0x310 [ 15.858716] kunit_try_run_case+0x1a5/0x480 [ 15.858943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.859220] kthread+0x337/0x6f0 [ 15.859388] ret_from_fork+0x116/0x1d0 [ 15.859600] ret_from_fork_asm+0x1a/0x30 [ 15.859790] [ 15.859866] The buggy address belongs to the object at ffff8881029b7000 [ 15.859866] which belongs to the cache kmalloc-64 of size 64 [ 15.860389] The buggy address is located 0 bytes to the right of [ 15.860389] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.860993] [ 15.861124] The buggy address belongs to the physical page: [ 15.861380] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.861733] flags: 0x200000000000000(node=0|zone=2) [ 15.862012] page_type: f5(slab) [ 15.862182] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.862516] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.862885] page dumped because: kasan: bad access detected [ 15.863137] [ 15.863208] Memory state around the buggy address: [ 15.863359] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.863639] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.864014] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.864326] ^ [ 15.864524] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.864742] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.865094] ================================================================== [ 15.342769] ================================================================== [ 15.343363] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.343801] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.344189] [ 15.344286] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.344328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.344340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.344361] Call Trace: [ 15.344375] <TASK> [ 15.344391] dump_stack_lvl+0x73/0xb0 [ 15.344418] print_report+0xd1/0x610 [ 15.344441] ? __virt_addr_valid+0x1db/0x2d0 [ 15.344464] ? kasan_atomics_helper+0x1217/0x5450 [ 15.344486] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.344510] ? kasan_atomics_helper+0x1217/0x5450 [ 15.344554] kasan_report+0x141/0x180 [ 15.344578] ? kasan_atomics_helper+0x1217/0x5450 [ 15.344606] kasan_check_range+0x10c/0x1c0 [ 15.344631] __kasan_check_write+0x18/0x20 [ 15.344651] kasan_atomics_helper+0x1217/0x5450 [ 15.344675] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.344700] ? kasan_save_alloc_info+0x3b/0x50 [ 15.344731] kasan_atomics+0x1dc/0x310 [ 15.344755] ? __pfx_kasan_atomics+0x10/0x10 [ 15.344781] ? __pfx_read_tsc+0x10/0x10 [ 15.344802] ? ktime_get_ts64+0x86/0x230 [ 15.344827] kunit_try_run_case+0x1a5/0x480 [ 15.344852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.344876] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.344912] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.344937] ? __kthread_parkme+0x82/0x180 [ 15.344958] ? preempt_count_sub+0x50/0x80 [ 15.344984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.345009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.345034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.345059] kthread+0x337/0x6f0 [ 15.345079] ? trace_preempt_on+0x20/0xc0 [ 15.345103] ? __pfx_kthread+0x10/0x10 [ 15.345124] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.345147] ? calculate_sigpending+0x7b/0xa0 [ 15.345182] ? __pfx_kthread+0x10/0x10 [ 15.345205] ret_from_fork+0x116/0x1d0 [ 15.345224] ? __pfx_kthread+0x10/0x10 [ 15.345246] ret_from_fork_asm+0x1a/0x30 [ 15.345278] </TASK> [ 15.345290] [ 15.353449] Allocated by task 282: [ 15.353628] kasan_save_stack+0x45/0x70 [ 15.353919] kasan_save_track+0x18/0x40 [ 15.354285] kasan_save_alloc_info+0x3b/0x50 [ 15.354486] __kasan_kmalloc+0xb7/0xc0 [ 15.354651] __kmalloc_cache_noprof+0x189/0x420 [ 15.354918] kasan_atomics+0x95/0x310 [ 15.355062] kunit_try_run_case+0x1a5/0x480 [ 15.355212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.355389] kthread+0x337/0x6f0 [ 15.355510] ret_from_fork+0x116/0x1d0 [ 15.355819] ret_from_fork_asm+0x1a/0x30 [ 15.356142] [ 15.356242] The buggy address belongs to the object at ffff8881029b7000 [ 15.356242] which belongs to the cache kmalloc-64 of size 64 [ 15.356723] The buggy address is located 0 bytes to the right of [ 15.356723] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.357458] [ 15.357564] The buggy address belongs to the physical page: [ 15.357786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.358215] flags: 0x200000000000000(node=0|zone=2) [ 15.358518] page_type: f5(slab) [ 15.358802] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.359129] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.359437] page dumped because: kasan: bad access detected [ 15.359724] [ 15.359820] Memory state around the buggy address: [ 15.360094] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.360383] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.360785] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.361099] ^ [ 15.361297] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.361607] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.361974] ================================================================== [ 15.659936] ================================================================== [ 15.660324] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.660841] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.661239] [ 15.661362] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.661405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.661417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.661450] Call Trace: [ 15.661466] <TASK> [ 15.661481] dump_stack_lvl+0x73/0xb0 [ 15.661510] print_report+0xd1/0x610 [ 15.661533] ? __virt_addr_valid+0x1db/0x2d0 [ 15.661565] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.661588] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.661612] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.661645] kasan_report+0x141/0x180 [ 15.661669] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.661697] kasan_check_range+0x10c/0x1c0 [ 15.661730] __kasan_check_write+0x18/0x20 [ 15.661750] kasan_atomics_helper+0x18b1/0x5450 [ 15.661774] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.661810] ? kasan_save_alloc_info+0x3b/0x50 [ 15.661840] kasan_atomics+0x1dc/0x310 [ 15.661865] ? __pfx_kasan_atomics+0x10/0x10 [ 15.661907] ? __pfx_read_tsc+0x10/0x10 [ 15.661929] ? ktime_get_ts64+0x86/0x230 [ 15.661954] kunit_try_run_case+0x1a5/0x480 [ 15.662005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.662030] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.662067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.662100] ? __kthread_parkme+0x82/0x180 [ 15.662121] ? preempt_count_sub+0x50/0x80 [ 15.662146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.662181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.662206] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.662232] kthread+0x337/0x6f0 [ 15.662260] ? trace_preempt_on+0x20/0xc0 [ 15.662285] ? __pfx_kthread+0x10/0x10 [ 15.662306] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.662339] ? calculate_sigpending+0x7b/0xa0 [ 15.662364] ? __pfx_kthread+0x10/0x10 [ 15.662387] ret_from_fork+0x116/0x1d0 [ 15.662406] ? __pfx_kthread+0x10/0x10 [ 15.662428] ret_from_fork_asm+0x1a/0x30 [ 15.662461] </TASK> [ 15.662472] [ 15.669903] Allocated by task 282: [ 15.670103] kasan_save_stack+0x45/0x70 [ 15.670249] kasan_save_track+0x18/0x40 [ 15.670405] kasan_save_alloc_info+0x3b/0x50 [ 15.670619] __kasan_kmalloc+0xb7/0xc0 [ 15.670824] __kmalloc_cache_noprof+0x189/0x420 [ 15.671142] kasan_atomics+0x95/0x310 [ 15.671286] kunit_try_run_case+0x1a5/0x480 [ 15.671434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.671611] kthread+0x337/0x6f0 [ 15.671734] ret_from_fork+0x116/0x1d0 [ 15.671868] ret_from_fork_asm+0x1a/0x30 [ 15.672118] [ 15.672231] The buggy address belongs to the object at ffff8881029b7000 [ 15.672231] which belongs to the cache kmalloc-64 of size 64 [ 15.672761] The buggy address is located 0 bytes to the right of [ 15.672761] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.673343] [ 15.673441] The buggy address belongs to the physical page: [ 15.673696] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.674086] flags: 0x200000000000000(node=0|zone=2) [ 15.674279] page_type: f5(slab) [ 15.674401] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.674775] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.675142] page dumped because: kasan: bad access detected [ 15.675390] [ 15.675473] Memory state around the buggy address: [ 15.675699] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.676029] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.676345] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.676656] ^ [ 15.676870] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.677217] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.677530] ================================================================== [ 15.201920] ================================================================== [ 15.202294] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.202630] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.202875] [ 15.203006] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.203050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.203063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.203084] Call Trace: [ 15.203100] <TASK> [ 15.203117] dump_stack_lvl+0x73/0xb0 [ 15.203147] print_report+0xd1/0x610 [ 15.203171] ? __virt_addr_valid+0x1db/0x2d0 [ 15.203196] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.203217] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.203241] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.203265] kasan_report+0x141/0x180 [ 15.203288] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.203317] kasan_check_range+0x10c/0x1c0 [ 15.203342] __kasan_check_write+0x18/0x20 [ 15.203362] kasan_atomics_helper+0xfa9/0x5450 [ 15.203386] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.203411] ? kasan_save_alloc_info+0x3b/0x50 [ 15.203441] kasan_atomics+0x1dc/0x310 [ 15.203466] ? __pfx_kasan_atomics+0x10/0x10 [ 15.203491] ? __pfx_read_tsc+0x10/0x10 [ 15.203512] ? ktime_get_ts64+0x86/0x230 [ 15.203538] kunit_try_run_case+0x1a5/0x480 [ 15.203563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.203587] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.203612] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.203637] ? __kthread_parkme+0x82/0x180 [ 15.203658] ? preempt_count_sub+0x50/0x80 [ 15.203683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.203709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.203734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.203759] kthread+0x337/0x6f0 [ 15.203780] ? trace_preempt_on+0x20/0xc0 [ 15.203805] ? __pfx_kthread+0x10/0x10 [ 15.203826] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.203849] ? calculate_sigpending+0x7b/0xa0 [ 15.203875] ? __pfx_kthread+0x10/0x10 [ 15.204093] ret_from_fork+0x116/0x1d0 [ 15.204120] ? __pfx_kthread+0x10/0x10 [ 15.204141] ret_from_fork_asm+0x1a/0x30 [ 15.204190] </TASK> [ 15.204202] [ 15.213025] Allocated by task 282: [ 15.213220] kasan_save_stack+0x45/0x70 [ 15.213420] kasan_save_track+0x18/0x40 [ 15.213794] kasan_save_alloc_info+0x3b/0x50 [ 15.214070] __kasan_kmalloc+0xb7/0xc0 [ 15.214266] __kmalloc_cache_noprof+0x189/0x420 [ 15.214492] kasan_atomics+0x95/0x310 [ 15.214737] kunit_try_run_case+0x1a5/0x480 [ 15.214907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.215111] kthread+0x337/0x6f0 [ 15.215234] ret_from_fork+0x116/0x1d0 [ 15.215441] ret_from_fork_asm+0x1a/0x30 [ 15.215748] [ 15.215851] The buggy address belongs to the object at ffff8881029b7000 [ 15.215851] which belongs to the cache kmalloc-64 of size 64 [ 15.216427] The buggy address is located 0 bytes to the right of [ 15.216427] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.217074] [ 15.217151] The buggy address belongs to the physical page: [ 15.217338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.217939] flags: 0x200000000000000(node=0|zone=2) [ 15.218226] page_type: f5(slab) [ 15.218400] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.218805] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.219178] page dumped because: kasan: bad access detected [ 15.219440] [ 15.219640] Memory state around the buggy address: [ 15.219851] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.220187] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.220483] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.220860] ^ [ 15.221125] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.221438] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.221960] ================================================================== [ 15.777179] ================================================================== [ 15.777661] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 15.778056] Read of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.778357] [ 15.778441] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.778482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.778493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.778515] Call Trace: [ 15.778529] <TASK> [ 15.778544] dump_stack_lvl+0x73/0xb0 [ 15.778571] print_report+0xd1/0x610 [ 15.778594] ? __virt_addr_valid+0x1db/0x2d0 [ 15.778618] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.778640] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.778664] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.778686] kasan_report+0x141/0x180 [ 15.778709] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.778737] __asan_report_load8_noabort+0x18/0x20 [ 15.778769] kasan_atomics_helper+0x4f30/0x5450 [ 15.778793] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.778817] ? kasan_save_alloc_info+0x3b/0x50 [ 15.778847] kasan_atomics+0x1dc/0x310 [ 15.778907] ? __pfx_kasan_atomics+0x10/0x10 [ 15.778934] ? __pfx_read_tsc+0x10/0x10 [ 15.778956] ? ktime_get_ts64+0x86/0x230 [ 15.779002] kunit_try_run_case+0x1a5/0x480 [ 15.779029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.779052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.779078] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.779103] ? __kthread_parkme+0x82/0x180 [ 15.779124] ? preempt_count_sub+0x50/0x80 [ 15.779149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.779173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.779200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.779225] kthread+0x337/0x6f0 [ 15.779245] ? trace_preempt_on+0x20/0xc0 [ 15.779269] ? __pfx_kthread+0x10/0x10 [ 15.779289] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.779312] ? calculate_sigpending+0x7b/0xa0 [ 15.779337] ? __pfx_kthread+0x10/0x10 [ 15.779359] ret_from_fork+0x116/0x1d0 [ 15.779378] ? __pfx_kthread+0x10/0x10 [ 15.779399] ret_from_fork_asm+0x1a/0x30 [ 15.779432] </TASK> [ 15.779443] [ 15.786358] Allocated by task 282: [ 15.786552] kasan_save_stack+0x45/0x70 [ 15.786774] kasan_save_track+0x18/0x40 [ 15.786997] kasan_save_alloc_info+0x3b/0x50 [ 15.787194] __kasan_kmalloc+0xb7/0xc0 [ 15.787349] __kmalloc_cache_noprof+0x189/0x420 [ 15.787571] kasan_atomics+0x95/0x310 [ 15.787764] kunit_try_run_case+0x1a5/0x480 [ 15.787961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.788240] kthread+0x337/0x6f0 [ 15.788380] ret_from_fork+0x116/0x1d0 [ 15.788584] ret_from_fork_asm+0x1a/0x30 [ 15.788733] [ 15.788804] The buggy address belongs to the object at ffff8881029b7000 [ 15.788804] which belongs to the cache kmalloc-64 of size 64 [ 15.789179] The buggy address is located 0 bytes to the right of [ 15.789179] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.789536] [ 15.789605] The buggy address belongs to the physical page: [ 15.789836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.790213] flags: 0x200000000000000(node=0|zone=2) [ 15.790447] page_type: f5(slab) [ 15.790616] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.790961] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.791317] page dumped because: kasan: bad access detected [ 15.791563] [ 15.791657] Memory state around the buggy address: [ 15.791909] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.792230] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.792452] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.792667] ^ [ 15.792821] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.793192] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.793528] ================================================================== [ 15.242293] ================================================================== [ 15.242742] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.243109] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.243449] [ 15.243645] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.243704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.243716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.243738] Call Trace: [ 15.243754] <TASK> [ 15.243768] dump_stack_lvl+0x73/0xb0 [ 15.243797] print_report+0xd1/0x610 [ 15.243820] ? __virt_addr_valid+0x1db/0x2d0 [ 15.243844] ? kasan_atomics_helper+0x1079/0x5450 [ 15.243866] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.243900] ? kasan_atomics_helper+0x1079/0x5450 [ 15.243923] kasan_report+0x141/0x180 [ 15.243947] ? kasan_atomics_helper+0x1079/0x5450 [ 15.243983] kasan_check_range+0x10c/0x1c0 [ 15.244008] __kasan_check_write+0x18/0x20 [ 15.244052] kasan_atomics_helper+0x1079/0x5450 [ 15.244078] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.244104] ? kasan_save_alloc_info+0x3b/0x50 [ 15.244135] kasan_atomics+0x1dc/0x310 [ 15.244168] ? __pfx_kasan_atomics+0x10/0x10 [ 15.244193] ? __pfx_read_tsc+0x10/0x10 [ 15.244215] ? ktime_get_ts64+0x86/0x230 [ 15.244251] kunit_try_run_case+0x1a5/0x480 [ 15.244276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.244299] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.244325] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.244350] ? __kthread_parkme+0x82/0x180 [ 15.244371] ? preempt_count_sub+0x50/0x80 [ 15.244397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.244422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.244447] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.244471] kthread+0x337/0x6f0 [ 15.244491] ? trace_preempt_on+0x20/0xc0 [ 15.244522] ? __pfx_kthread+0x10/0x10 [ 15.244543] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.244566] ? calculate_sigpending+0x7b/0xa0 [ 15.244668] ? __pfx_kthread+0x10/0x10 [ 15.244690] ret_from_fork+0x116/0x1d0 [ 15.244710] ? __pfx_kthread+0x10/0x10 [ 15.244732] ret_from_fork_asm+0x1a/0x30 [ 15.244765] </TASK> [ 15.244776] [ 15.253259] Allocated by task 282: [ 15.253453] kasan_save_stack+0x45/0x70 [ 15.253859] kasan_save_track+0x18/0x40 [ 15.254102] kasan_save_alloc_info+0x3b/0x50 [ 15.254312] __kasan_kmalloc+0xb7/0xc0 [ 15.254507] __kmalloc_cache_noprof+0x189/0x420 [ 15.254794] kasan_atomics+0x95/0x310 [ 15.255013] kunit_try_run_case+0x1a5/0x480 [ 15.255195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.255424] kthread+0x337/0x6f0 [ 15.255554] ret_from_fork+0x116/0x1d0 [ 15.255690] ret_from_fork_asm+0x1a/0x30 [ 15.255831] [ 15.255918] The buggy address belongs to the object at ffff8881029b7000 [ 15.255918] which belongs to the cache kmalloc-64 of size 64 [ 15.256457] The buggy address is located 0 bytes to the right of [ 15.256457] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.257011] [ 15.257107] The buggy address belongs to the physical page: [ 15.257295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.257583] flags: 0x200000000000000(node=0|zone=2) [ 15.257821] page_type: f5(slab) [ 15.258328] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.258766] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.259151] page dumped because: kasan: bad access detected [ 15.259383] [ 15.259501] Memory state around the buggy address: [ 15.259806] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.260159] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.260480] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.260811] ^ [ 15.261025] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.261243] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.261754] ================================================================== [ 14.659720] ================================================================== [ 14.660158] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.660413] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.660666] [ 14.660782] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.660826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.660837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.660857] Call Trace: [ 14.660869] <TASK> [ 14.660884] dump_stack_lvl+0x73/0xb0 [ 14.660923] print_report+0xd1/0x610 [ 14.660945] ? __virt_addr_valid+0x1db/0x2d0 [ 14.660968] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.660989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.661153] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.661186] kasan_report+0x141/0x180 [ 14.661208] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.661236] __asan_report_store4_noabort+0x1b/0x30 [ 14.661262] kasan_atomics_helper+0x4ba2/0x5450 [ 14.661284] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.661309] ? kasan_save_alloc_info+0x3b/0x50 [ 14.661339] kasan_atomics+0x1dc/0x310 [ 14.661361] ? __pfx_kasan_atomics+0x10/0x10 [ 14.661386] ? __pfx_read_tsc+0x10/0x10 [ 14.661407] ? ktime_get_ts64+0x86/0x230 [ 14.661432] kunit_try_run_case+0x1a5/0x480 [ 14.661457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.661479] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.661504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.661528] ? __kthread_parkme+0x82/0x180 [ 14.661548] ? preempt_count_sub+0x50/0x80 [ 14.661573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.661597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.661621] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.661645] kthread+0x337/0x6f0 [ 14.661664] ? trace_preempt_on+0x20/0xc0 [ 14.661688] ? __pfx_kthread+0x10/0x10 [ 14.661707] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.661803] ? calculate_sigpending+0x7b/0xa0 [ 14.661828] ? __pfx_kthread+0x10/0x10 [ 14.661849] ret_from_fork+0x116/0x1d0 [ 14.661868] ? __pfx_kthread+0x10/0x10 [ 14.661888] ret_from_fork_asm+0x1a/0x30 [ 14.661934] </TASK> [ 14.661944] [ 14.671064] Allocated by task 282: [ 14.671278] kasan_save_stack+0x45/0x70 [ 14.671426] kasan_save_track+0x18/0x40 [ 14.671563] kasan_save_alloc_info+0x3b/0x50 [ 14.671713] __kasan_kmalloc+0xb7/0xc0 [ 14.671847] __kmalloc_cache_noprof+0x189/0x420 [ 14.672971] kasan_atomics+0x95/0x310 [ 14.673694] kunit_try_run_case+0x1a5/0x480 [ 14.674309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.675183] kthread+0x337/0x6f0 [ 14.675767] ret_from_fork+0x116/0x1d0 [ 14.676125] ret_from_fork_asm+0x1a/0x30 [ 14.676279] [ 14.676355] The buggy address belongs to the object at ffff8881029b7000 [ 14.676355] which belongs to the cache kmalloc-64 of size 64 [ 14.676716] The buggy address is located 0 bytes to the right of [ 14.676716] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.677103] [ 14.677176] The buggy address belongs to the physical page: [ 14.677352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.677596] flags: 0x200000000000000(node=0|zone=2) [ 14.677761] page_type: f5(slab) [ 14.677882] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.678872] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.679113] page dumped because: kasan: bad access detected [ 14.679833] [ 14.680324] Memory state around the buggy address: [ 14.680996] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.681704] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.682560] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.683481] ^ [ 14.683921] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.684729] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.685401] ================================================================== [ 14.627714] ================================================================== [ 14.628418] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.628745] Read of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.630325] [ 14.630465] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.630515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.630528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.630552] Call Trace: [ 14.630566] <TASK> [ 14.630585] dump_stack_lvl+0x73/0xb0 [ 14.631039] print_report+0xd1/0x610 [ 14.631070] ? __virt_addr_valid+0x1db/0x2d0 [ 14.631096] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.631117] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.631140] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.631162] kasan_report+0x141/0x180 [ 14.631184] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.631213] __asan_report_load4_noabort+0x18/0x20 [ 14.631236] kasan_atomics_helper+0x4bbc/0x5450 [ 14.631259] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.631283] ? kasan_save_alloc_info+0x3b/0x50 [ 14.631312] kasan_atomics+0x1dc/0x310 [ 14.631335] ? __pfx_kasan_atomics+0x10/0x10 [ 14.631360] ? __pfx_read_tsc+0x10/0x10 [ 14.631381] ? ktime_get_ts64+0x86/0x230 [ 14.631408] kunit_try_run_case+0x1a5/0x480 [ 14.631434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.631457] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.631481] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.631504] ? __kthread_parkme+0x82/0x180 [ 14.631548] ? preempt_count_sub+0x50/0x80 [ 14.631573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.631597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.631621] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.631645] kthread+0x337/0x6f0 [ 14.631664] ? trace_preempt_on+0x20/0xc0 [ 14.631688] ? __pfx_kthread+0x10/0x10 [ 14.631709] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.631730] ? calculate_sigpending+0x7b/0xa0 [ 14.631754] ? __pfx_kthread+0x10/0x10 [ 14.631776] ret_from_fork+0x116/0x1d0 [ 14.631794] ? __pfx_kthread+0x10/0x10 [ 14.631814] ret_from_fork_asm+0x1a/0x30 [ 14.631847] </TASK> [ 14.631858] [ 14.643501] Allocated by task 282: [ 14.643870] kasan_save_stack+0x45/0x70 [ 14.644324] kasan_save_track+0x18/0x40 [ 14.644663] kasan_save_alloc_info+0x3b/0x50 [ 14.645190] __kasan_kmalloc+0xb7/0xc0 [ 14.645646] __kmalloc_cache_noprof+0x189/0x420 [ 14.646106] kasan_atomics+0x95/0x310 [ 14.646435] kunit_try_run_case+0x1a5/0x480 [ 14.646888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.647396] kthread+0x337/0x6f0 [ 14.647768] ret_from_fork+0x116/0x1d0 [ 14.648097] ret_from_fork_asm+0x1a/0x30 [ 14.648351] [ 14.648428] The buggy address belongs to the object at ffff8881029b7000 [ 14.648428] which belongs to the cache kmalloc-64 of size 64 [ 14.649620] The buggy address is located 0 bytes to the right of [ 14.649620] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.651000] [ 14.651234] The buggy address belongs to the physical page: [ 14.651415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.651909] flags: 0x200000000000000(node=0|zone=2) [ 14.652396] page_type: f5(slab) [ 14.652830] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.653692] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.653940] page dumped because: kasan: bad access detected [ 14.654376] [ 14.654529] Memory state around the buggy address: [ 14.655047] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.655729] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.656227] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.656444] ^ [ 14.656852] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.657549] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.658314] ================================================================== [ 14.769694] ================================================================== [ 14.769946] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 14.770180] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.770408] [ 14.770491] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.770547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.770558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.770580] Call Trace: [ 14.770595] <TASK> [ 14.770611] dump_stack_lvl+0x73/0xb0 [ 14.770638] print_report+0xd1/0x610 [ 14.770661] ? __virt_addr_valid+0x1db/0x2d0 [ 14.770686] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.770708] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.770732] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.770755] kasan_report+0x141/0x180 [ 14.770784] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.770811] kasan_check_range+0x10c/0x1c0 [ 14.770836] __kasan_check_write+0x18/0x20 [ 14.770856] kasan_atomics_helper+0x4a0/0x5450 [ 14.770881] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.770915] ? kasan_save_alloc_info+0x3b/0x50 [ 14.770945] kasan_atomics+0x1dc/0x310 [ 14.770969] ? __pfx_kasan_atomics+0x10/0x10 [ 14.770994] ? __pfx_read_tsc+0x10/0x10 [ 14.771015] ? ktime_get_ts64+0x86/0x230 [ 14.771041] kunit_try_run_case+0x1a5/0x480 [ 14.771066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.771090] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.771115] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.771140] ? __kthread_parkme+0x82/0x180 [ 14.771161] ? preempt_count_sub+0x50/0x80 [ 14.771186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.771211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.771236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.771261] kthread+0x337/0x6f0 [ 14.771281] ? trace_preempt_on+0x20/0xc0 [ 14.771306] ? __pfx_kthread+0x10/0x10 [ 14.771327] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.771349] ? calculate_sigpending+0x7b/0xa0 [ 14.771374] ? __pfx_kthread+0x10/0x10 [ 14.771396] ret_from_fork+0x116/0x1d0 [ 14.771415] ? __pfx_kthread+0x10/0x10 [ 14.771437] ret_from_fork_asm+0x1a/0x30 [ 14.771469] </TASK> [ 14.771480] [ 14.780495] Allocated by task 282: [ 14.780628] kasan_save_stack+0x45/0x70 [ 14.781005] kasan_save_track+0x18/0x40 [ 14.781216] kasan_save_alloc_info+0x3b/0x50 [ 14.781492] __kasan_kmalloc+0xb7/0xc0 [ 14.781718] __kmalloc_cache_noprof+0x189/0x420 [ 14.781933] kasan_atomics+0x95/0x310 [ 14.782071] kunit_try_run_case+0x1a5/0x480 [ 14.782334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.782741] kthread+0x337/0x6f0 [ 14.782887] ret_from_fork+0x116/0x1d0 [ 14.783036] ret_from_fork_asm+0x1a/0x30 [ 14.783238] [ 14.783347] The buggy address belongs to the object at ffff8881029b7000 [ 14.783347] which belongs to the cache kmalloc-64 of size 64 [ 14.783956] The buggy address is located 0 bytes to the right of [ 14.783956] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.784644] [ 14.784716] The buggy address belongs to the physical page: [ 14.785207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.785495] flags: 0x200000000000000(node=0|zone=2) [ 14.785730] page_type: f5(slab) [ 14.785865] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.786259] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.786568] page dumped because: kasan: bad access detected [ 14.786790] [ 14.786875] Memory state around the buggy address: [ 14.787116] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.787383] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.787665] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.787972] ^ [ 14.788244] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.788466] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.789258] ================================================================== [ 14.979225] ================================================================== [ 14.979562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 14.979849] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.980089] [ 14.980177] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.980220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.980232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.980253] Call Trace: [ 14.980270] <TASK> [ 14.980286] dump_stack_lvl+0x73/0xb0 [ 14.980313] print_report+0xd1/0x610 [ 14.980401] ? __virt_addr_valid+0x1db/0x2d0 [ 14.980430] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.980453] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.980476] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.980498] kasan_report+0x141/0x180 [ 14.980522] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.980551] kasan_check_range+0x10c/0x1c0 [ 14.980575] __kasan_check_write+0x18/0x20 [ 14.980595] kasan_atomics_helper+0xa2b/0x5450 [ 14.980619] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.980644] ? kasan_save_alloc_info+0x3b/0x50 [ 14.980674] kasan_atomics+0x1dc/0x310 [ 14.980698] ? __pfx_kasan_atomics+0x10/0x10 [ 14.980723] ? __pfx_read_tsc+0x10/0x10 [ 14.980745] ? ktime_get_ts64+0x86/0x230 [ 14.980772] kunit_try_run_case+0x1a5/0x480 [ 14.980798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.980821] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.980847] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.980871] ? __kthread_parkme+0x82/0x180 [ 14.980905] ? preempt_count_sub+0x50/0x80 [ 14.980930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.980955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.980980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.981043] kthread+0x337/0x6f0 [ 14.981064] ? trace_preempt_on+0x20/0xc0 [ 14.981088] ? __pfx_kthread+0x10/0x10 [ 14.981110] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.981133] ? calculate_sigpending+0x7b/0xa0 [ 14.981157] ? __pfx_kthread+0x10/0x10 [ 14.981180] ret_from_fork+0x116/0x1d0 [ 14.981199] ? __pfx_kthread+0x10/0x10 [ 14.981221] ret_from_fork_asm+0x1a/0x30 [ 14.981255] </TASK> [ 14.981267] [ 14.989827] Allocated by task 282: [ 14.989974] kasan_save_stack+0x45/0x70 [ 14.990120] kasan_save_track+0x18/0x40 [ 14.990319] kasan_save_alloc_info+0x3b/0x50 [ 14.990537] __kasan_kmalloc+0xb7/0xc0 [ 14.990727] __kmalloc_cache_noprof+0x189/0x420 [ 14.990973] kasan_atomics+0x95/0x310 [ 14.991164] kunit_try_run_case+0x1a5/0x480 [ 14.991379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.991642] kthread+0x337/0x6f0 [ 14.991822] ret_from_fork+0x116/0x1d0 [ 14.992218] ret_from_fork_asm+0x1a/0x30 [ 14.992486] [ 14.992635] The buggy address belongs to the object at ffff8881029b7000 [ 14.992635] which belongs to the cache kmalloc-64 of size 64 [ 14.993025] The buggy address is located 0 bytes to the right of [ 14.993025] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.993468] [ 14.993566] The buggy address belongs to the physical page: [ 14.993824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.994552] flags: 0x200000000000000(node=0|zone=2) [ 14.994756] page_type: f5(slab) [ 14.994932] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.995302] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.995784] page dumped because: kasan: bad access detected [ 14.996108] [ 14.996196] Memory state around the buggy address: [ 14.996353] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.996571] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.996789] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.998293] ^ [ 14.999221] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.000703] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.001762] ================================================================== [ 15.381566] ================================================================== [ 15.381800] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.382049] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.382274] [ 15.382358] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.382400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.382413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.382434] Call Trace: [ 15.382449] <TASK> [ 15.382463] dump_stack_lvl+0x73/0xb0 [ 15.382490] print_report+0xd1/0x610 [ 15.382513] ? __virt_addr_valid+0x1db/0x2d0 [ 15.382535] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.382556] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.382579] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.382617] kasan_report+0x141/0x180 [ 15.382640] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.382678] kasan_check_range+0x10c/0x1c0 [ 15.382704] __kasan_check_write+0x18/0x20 [ 15.382723] kasan_atomics_helper+0x12e6/0x5450 [ 15.382748] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.382778] ? kasan_save_alloc_info+0x3b/0x50 [ 15.382809] kasan_atomics+0x1dc/0x310 [ 15.382833] ? __pfx_kasan_atomics+0x10/0x10 [ 15.382858] ? __pfx_read_tsc+0x10/0x10 [ 15.382880] ? ktime_get_ts64+0x86/0x230 [ 15.382916] kunit_try_run_case+0x1a5/0x480 [ 15.382941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.382965] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.382990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.383015] ? __kthread_parkme+0x82/0x180 [ 15.383036] ? preempt_count_sub+0x50/0x80 [ 15.383061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.383086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.383112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.383139] kthread+0x337/0x6f0 [ 15.383158] ? trace_preempt_on+0x20/0xc0 [ 15.383182] ? __pfx_kthread+0x10/0x10 [ 15.383203] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.383226] ? calculate_sigpending+0x7b/0xa0 [ 15.383251] ? __pfx_kthread+0x10/0x10 [ 15.383273] ret_from_fork+0x116/0x1d0 [ 15.383293] ? __pfx_kthread+0x10/0x10 [ 15.383314] ret_from_fork_asm+0x1a/0x30 [ 15.383348] </TASK> [ 15.383359] [ 15.395627] Allocated by task 282: [ 15.396665] kasan_save_stack+0x45/0x70 [ 15.397419] kasan_save_track+0x18/0x40 [ 15.398324] kasan_save_alloc_info+0x3b/0x50 [ 15.398914] __kasan_kmalloc+0xb7/0xc0 [ 15.399596] __kmalloc_cache_noprof+0x189/0x420 [ 15.400205] kasan_atomics+0x95/0x310 [ 15.400708] kunit_try_run_case+0x1a5/0x480 [ 15.401349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.402278] kthread+0x337/0x6f0 [ 15.402706] ret_from_fork+0x116/0x1d0 [ 15.403316] ret_from_fork_asm+0x1a/0x30 [ 15.403947] [ 15.404375] The buggy address belongs to the object at ffff8881029b7000 [ 15.404375] which belongs to the cache kmalloc-64 of size 64 [ 15.405579] The buggy address is located 0 bytes to the right of [ 15.405579] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.406340] [ 15.406444] The buggy address belongs to the physical page: [ 15.406911] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.407512] flags: 0x200000000000000(node=0|zone=2) [ 15.407932] page_type: f5(slab) [ 15.408154] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.408460] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.409043] page dumped because: kasan: bad access detected [ 15.409385] [ 15.409487] Memory state around the buggy address: [ 15.409810] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.410313] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.410999] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.411318] ^ [ 15.411508] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.412057] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.412495] ================================================================== [ 16.038425] ================================================================== [ 16.038819] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.039151] Read of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 16.039464] [ 16.039574] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.039618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.039630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.039652] Call Trace: [ 16.039669] <TASK> [ 16.039686] dump_stack_lvl+0x73/0xb0 [ 16.039716] print_report+0xd1/0x610 [ 16.039739] ? __virt_addr_valid+0x1db/0x2d0 [ 16.039763] ? kasan_atomics_helper+0x5115/0x5450 [ 16.039786] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.039810] ? kasan_atomics_helper+0x5115/0x5450 [ 16.039833] kasan_report+0x141/0x180 [ 16.039856] ? kasan_atomics_helper+0x5115/0x5450 [ 16.039885] __asan_report_load8_noabort+0x18/0x20 [ 16.039922] kasan_atomics_helper+0x5115/0x5450 [ 16.039947] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.039978] ? kasan_save_alloc_info+0x3b/0x50 [ 16.040009] kasan_atomics+0x1dc/0x310 [ 16.040034] ? __pfx_kasan_atomics+0x10/0x10 [ 16.040059] ? __pfx_read_tsc+0x10/0x10 [ 16.040081] ? ktime_get_ts64+0x86/0x230 [ 16.040107] kunit_try_run_case+0x1a5/0x480 [ 16.040133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.040158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.040184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.040209] ? __kthread_parkme+0x82/0x180 [ 16.040230] ? preempt_count_sub+0x50/0x80 [ 16.040256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.040281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.040306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.040332] kthread+0x337/0x6f0 [ 16.040352] ? trace_preempt_on+0x20/0xc0 [ 16.040377] ? __pfx_kthread+0x10/0x10 [ 16.040398] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.040421] ? calculate_sigpending+0x7b/0xa0 [ 16.040446] ? __pfx_kthread+0x10/0x10 [ 16.040468] ret_from_fork+0x116/0x1d0 [ 16.040487] ? __pfx_kthread+0x10/0x10 [ 16.040507] ret_from_fork_asm+0x1a/0x30 [ 16.040540] </TASK> [ 16.040552] [ 16.048197] Allocated by task 282: [ 16.048373] kasan_save_stack+0x45/0x70 [ 16.048585] kasan_save_track+0x18/0x40 [ 16.048780] kasan_save_alloc_info+0x3b/0x50 [ 16.049061] __kasan_kmalloc+0xb7/0xc0 [ 16.049245] __kmalloc_cache_noprof+0x189/0x420 [ 16.049478] kasan_atomics+0x95/0x310 [ 16.049684] kunit_try_run_case+0x1a5/0x480 [ 16.049928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.050208] kthread+0x337/0x6f0 [ 16.050407] ret_from_fork+0x116/0x1d0 [ 16.050603] ret_from_fork_asm+0x1a/0x30 [ 16.050807] [ 16.050941] The buggy address belongs to the object at ffff8881029b7000 [ 16.050941] which belongs to the cache kmalloc-64 of size 64 [ 16.051482] The buggy address is located 0 bytes to the right of [ 16.051482] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 16.052078] [ 16.052164] The buggy address belongs to the physical page: [ 16.052382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 16.052759] flags: 0x200000000000000(node=0|zone=2) [ 16.053103] page_type: f5(slab) [ 16.053426] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.053804] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.054222] page dumped because: kasan: bad access detected [ 16.054479] [ 16.054571] Memory state around the buggy address: [ 16.054797] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.055144] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.055455] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.055761] ^ [ 16.055959] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.056191] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.056509] ================================================================== [ 14.940073] ================================================================== [ 14.940366] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 14.940793] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.941269] [ 14.941390] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.941432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.941445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.941466] Call Trace: [ 14.941482] <TASK> [ 14.941498] dump_stack_lvl+0x73/0xb0 [ 14.941526] print_report+0xd1/0x610 [ 14.941604] ? __virt_addr_valid+0x1db/0x2d0 [ 14.941630] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.941652] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.941676] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.941699] kasan_report+0x141/0x180 [ 14.941722] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.941751] kasan_check_range+0x10c/0x1c0 [ 14.941776] __kasan_check_write+0x18/0x20 [ 14.941796] kasan_atomics_helper+0x8f9/0x5450 [ 14.941820] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.941845] ? kasan_save_alloc_info+0x3b/0x50 [ 14.941875] kasan_atomics+0x1dc/0x310 [ 14.941915] ? __pfx_kasan_atomics+0x10/0x10 [ 14.941941] ? __pfx_read_tsc+0x10/0x10 [ 14.941961] ? ktime_get_ts64+0x86/0x230 [ 14.941987] kunit_try_run_case+0x1a5/0x480 [ 14.942012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.942036] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.942061] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.942086] ? __kthread_parkme+0x82/0x180 [ 14.942107] ? preempt_count_sub+0x50/0x80 [ 14.942132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.942157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.942182] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.942208] kthread+0x337/0x6f0 [ 14.942227] ? trace_preempt_on+0x20/0xc0 [ 14.942253] ? __pfx_kthread+0x10/0x10 [ 14.942274] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.942297] ? calculate_sigpending+0x7b/0xa0 [ 14.942322] ? __pfx_kthread+0x10/0x10 [ 14.942344] ret_from_fork+0x116/0x1d0 [ 14.942364] ? __pfx_kthread+0x10/0x10 [ 14.942385] ret_from_fork_asm+0x1a/0x30 [ 14.942418] </TASK> [ 14.942429] [ 14.950827] Allocated by task 282: [ 14.950994] kasan_save_stack+0x45/0x70 [ 14.951143] kasan_save_track+0x18/0x40 [ 14.951283] kasan_save_alloc_info+0x3b/0x50 [ 14.951440] __kasan_kmalloc+0xb7/0xc0 [ 14.951576] __kmalloc_cache_noprof+0x189/0x420 [ 14.951835] kasan_atomics+0x95/0x310 [ 14.952046] kunit_try_run_case+0x1a5/0x480 [ 14.952257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.952512] kthread+0x337/0x6f0 [ 14.952682] ret_from_fork+0x116/0x1d0 [ 14.952819] ret_from_fork_asm+0x1a/0x30 [ 14.952972] [ 14.953048] The buggy address belongs to the object at ffff8881029b7000 [ 14.953048] which belongs to the cache kmalloc-64 of size 64 [ 14.954037] The buggy address is located 0 bytes to the right of [ 14.954037] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.954744] [ 14.954846] The buggy address belongs to the physical page: [ 14.955055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.955486] flags: 0x200000000000000(node=0|zone=2) [ 14.955760] page_type: f5(slab) [ 14.955928] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.956379] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.956741] page dumped because: kasan: bad access detected [ 14.956986] [ 14.957099] Memory state around the buggy address: [ 14.957320] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.957623] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.957979] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.958441] ^ [ 14.958772] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.959077] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.959345] ================================================================== [ 15.595147] ================================================================== [ 15.595719] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.596393] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.596719] [ 15.596831] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.596874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.596886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.596917] Call Trace: [ 15.596931] <TASK> [ 15.596947] dump_stack_lvl+0x73/0xb0 [ 15.596974] print_report+0xd1/0x610 [ 15.596997] ? __virt_addr_valid+0x1db/0x2d0 [ 15.597023] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.597053] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.597076] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.597099] kasan_report+0x141/0x180 [ 15.597122] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.597151] kasan_check_range+0x10c/0x1c0 [ 15.597176] __kasan_check_write+0x18/0x20 [ 15.597196] kasan_atomics_helper+0x16e7/0x5450 [ 15.597220] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.597245] ? kasan_save_alloc_info+0x3b/0x50 [ 15.597276] kasan_atomics+0x1dc/0x310 [ 15.597300] ? __pfx_kasan_atomics+0x10/0x10 [ 15.597325] ? __pfx_read_tsc+0x10/0x10 [ 15.597347] ? ktime_get_ts64+0x86/0x230 [ 15.597372] kunit_try_run_case+0x1a5/0x480 [ 15.597397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.597420] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.597447] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.597472] ? __kthread_parkme+0x82/0x180 [ 15.597493] ? preempt_count_sub+0x50/0x80 [ 15.597519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.597544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.597568] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.597593] kthread+0x337/0x6f0 [ 15.597612] ? trace_preempt_on+0x20/0xc0 [ 15.597636] ? __pfx_kthread+0x10/0x10 [ 15.597657] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.597680] ? calculate_sigpending+0x7b/0xa0 [ 15.597715] ? __pfx_kthread+0x10/0x10 [ 15.597738] ret_from_fork+0x116/0x1d0 [ 15.597757] ? __pfx_kthread+0x10/0x10 [ 15.597778] ret_from_fork_asm+0x1a/0x30 [ 15.597811] </TASK> [ 15.597822] [ 15.604972] Allocated by task 282: [ 15.605149] kasan_save_stack+0x45/0x70 [ 15.605349] kasan_save_track+0x18/0x40 [ 15.605549] kasan_save_alloc_info+0x3b/0x50 [ 15.605764] __kasan_kmalloc+0xb7/0xc0 [ 15.605973] __kmalloc_cache_noprof+0x189/0x420 [ 15.606199] kasan_atomics+0x95/0x310 [ 15.606371] kunit_try_run_case+0x1a5/0x480 [ 15.606564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.606741] kthread+0x337/0x6f0 [ 15.606868] ret_from_fork+0x116/0x1d0 [ 15.607066] ret_from_fork_asm+0x1a/0x30 [ 15.607271] [ 15.607368] The buggy address belongs to the object at ffff8881029b7000 [ 15.607368] which belongs to the cache kmalloc-64 of size 64 [ 15.607909] The buggy address is located 0 bytes to the right of [ 15.607909] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.608386] [ 15.608476] The buggy address belongs to the physical page: [ 15.608734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.609285] flags: 0x200000000000000(node=0|zone=2) [ 15.609526] page_type: f5(slab) [ 15.609650] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.610417] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.610831] page dumped because: kasan: bad access detected [ 15.611883] [ 15.612219] Memory state around the buggy address: [ 15.612682] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.613369] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.613673] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.613970] ^ [ 15.614179] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.614459] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.614746] ================================================================== [ 15.413279] ================================================================== [ 15.413616] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.413916] Read of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.414223] [ 15.414355] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.414401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.414414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.414436] Call Trace: [ 15.414457] <TASK> [ 15.414476] dump_stack_lvl+0x73/0xb0 [ 15.414505] print_report+0xd1/0x610 [ 15.414830] ? __virt_addr_valid+0x1db/0x2d0 [ 15.414858] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.414881] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.414918] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.414941] kasan_report+0x141/0x180 [ 15.414966] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.415008] __asan_report_load4_noabort+0x18/0x20 [ 15.415035] kasan_atomics_helper+0x49ce/0x5450 [ 15.415059] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.415083] ? kasan_save_alloc_info+0x3b/0x50 [ 15.415114] kasan_atomics+0x1dc/0x310 [ 15.415140] ? __pfx_kasan_atomics+0x10/0x10 [ 15.415169] ? __pfx_read_tsc+0x10/0x10 [ 15.415192] ? ktime_get_ts64+0x86/0x230 [ 15.415219] kunit_try_run_case+0x1a5/0x480 [ 15.415244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.415268] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.415295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.415319] ? __kthread_parkme+0x82/0x180 [ 15.415342] ? preempt_count_sub+0x50/0x80 [ 15.415369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.415394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.415419] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.415444] kthread+0x337/0x6f0 [ 15.415466] ? trace_preempt_on+0x20/0xc0 [ 15.415492] ? __pfx_kthread+0x10/0x10 [ 15.415514] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.415734] ? calculate_sigpending+0x7b/0xa0 [ 15.415763] ? __pfx_kthread+0x10/0x10 [ 15.415786] ret_from_fork+0x116/0x1d0 [ 15.415806] ? __pfx_kthread+0x10/0x10 [ 15.415827] ret_from_fork_asm+0x1a/0x30 [ 15.415861] </TASK> [ 15.415874] [ 15.426552] Allocated by task 282: [ 15.426716] kasan_save_stack+0x45/0x70 [ 15.426979] kasan_save_track+0x18/0x40 [ 15.427157] kasan_save_alloc_info+0x3b/0x50 [ 15.427382] __kasan_kmalloc+0xb7/0xc0 [ 15.427720] __kmalloc_cache_noprof+0x189/0x420 [ 15.428239] kasan_atomics+0x95/0x310 [ 15.428425] kunit_try_run_case+0x1a5/0x480 [ 15.428799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.429069] kthread+0x337/0x6f0 [ 15.429241] ret_from_fork+0x116/0x1d0 [ 15.429497] ret_from_fork_asm+0x1a/0x30 [ 15.429723] [ 15.429826] The buggy address belongs to the object at ffff8881029b7000 [ 15.429826] which belongs to the cache kmalloc-64 of size 64 [ 15.430507] The buggy address is located 0 bytes to the right of [ 15.430507] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.431142] [ 15.431323] The buggy address belongs to the physical page: [ 15.431682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.432019] flags: 0x200000000000000(node=0|zone=2) [ 15.432472] page_type: f5(slab) [ 15.432604] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.433395] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.433817] page dumped because: kasan: bad access detected [ 15.434110] [ 15.434210] Memory state around the buggy address: [ 15.434399] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.434928] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.435273] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.435565] ^ [ 15.435744] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.436502] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.436947] ================================================================== [ 15.616720] ================================================================== [ 15.617402] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.617803] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.618259] [ 15.618455] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.618501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.618514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.618537] Call Trace: [ 15.618553] <TASK> [ 15.618596] dump_stack_lvl+0x73/0xb0 [ 15.618627] print_report+0xd1/0x610 [ 15.618672] ? __virt_addr_valid+0x1db/0x2d0 [ 15.618696] ? kasan_atomics_helper+0x177f/0x5450 [ 15.618718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.618753] ? kasan_atomics_helper+0x177f/0x5450 [ 15.618782] kasan_report+0x141/0x180 [ 15.618805] ? kasan_atomics_helper+0x177f/0x5450 [ 15.618834] kasan_check_range+0x10c/0x1c0 [ 15.618858] __kasan_check_write+0x18/0x20 [ 15.618879] kasan_atomics_helper+0x177f/0x5450 [ 15.618914] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.618938] ? kasan_save_alloc_info+0x3b/0x50 [ 15.618988] kasan_atomics+0x1dc/0x310 [ 15.619013] ? __pfx_kasan_atomics+0x10/0x10 [ 15.619039] ? __pfx_read_tsc+0x10/0x10 [ 15.619061] ? ktime_get_ts64+0x86/0x230 [ 15.619087] kunit_try_run_case+0x1a5/0x480 [ 15.619112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.619136] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.619162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.619187] ? __kthread_parkme+0x82/0x180 [ 15.619209] ? preempt_count_sub+0x50/0x80 [ 15.619234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.619258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.619284] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.619310] kthread+0x337/0x6f0 [ 15.619330] ? trace_preempt_on+0x20/0xc0 [ 15.619354] ? __pfx_kthread+0x10/0x10 [ 15.619375] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.619398] ? calculate_sigpending+0x7b/0xa0 [ 15.619424] ? __pfx_kthread+0x10/0x10 [ 15.619446] ret_from_fork+0x116/0x1d0 [ 15.619466] ? __pfx_kthread+0x10/0x10 [ 15.619486] ret_from_fork_asm+0x1a/0x30 [ 15.619520] </TASK> [ 15.619532] [ 15.631364] Allocated by task 282: [ 15.631689] kasan_save_stack+0x45/0x70 [ 15.632088] kasan_save_track+0x18/0x40 [ 15.632249] kasan_save_alloc_info+0x3b/0x50 [ 15.632622] __kasan_kmalloc+0xb7/0xc0 [ 15.632989] __kmalloc_cache_noprof+0x189/0x420 [ 15.633362] kasan_atomics+0x95/0x310 [ 15.633500] kunit_try_run_case+0x1a5/0x480 [ 15.633650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.633829] kthread+0x337/0x6f0 [ 15.634098] ret_from_fork+0x116/0x1d0 [ 15.634469] ret_from_fork_asm+0x1a/0x30 [ 15.634860] [ 15.635081] The buggy address belongs to the object at ffff8881029b7000 [ 15.635081] which belongs to the cache kmalloc-64 of size 64 [ 15.636140] The buggy address is located 0 bytes to the right of [ 15.636140] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.637196] [ 15.637276] The buggy address belongs to the physical page: [ 15.637457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.637702] flags: 0x200000000000000(node=0|zone=2) [ 15.637867] page_type: f5(slab) [ 15.638013] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.638319] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.638583] page dumped because: kasan: bad access detected [ 15.638835] [ 15.638928] Memory state around the buggy address: [ 15.639086] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.639407] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.639731] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.640094] ^ [ 15.640305] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.640605] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.640920] ================================================================== [ 15.811647] ================================================================== [ 15.811884] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 15.812167] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.812403] [ 15.812536] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.812580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.812593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.812614] Call Trace: [ 15.812656] <TASK> [ 15.812673] dump_stack_lvl+0x73/0xb0 [ 15.812703] print_report+0xd1/0x610 [ 15.812727] ? __virt_addr_valid+0x1db/0x2d0 [ 15.812751] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.812773] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.812797] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.812819] kasan_report+0x141/0x180 [ 15.812842] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.812870] kasan_check_range+0x10c/0x1c0 [ 15.812906] __kasan_check_write+0x18/0x20 [ 15.812925] kasan_atomics_helper+0x1d7a/0x5450 [ 15.812951] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.812994] ? kasan_save_alloc_info+0x3b/0x50 [ 15.813024] kasan_atomics+0x1dc/0x310 [ 15.813049] ? __pfx_kasan_atomics+0x10/0x10 [ 15.813074] ? __pfx_read_tsc+0x10/0x10 [ 15.813095] ? ktime_get_ts64+0x86/0x230 [ 15.813121] kunit_try_run_case+0x1a5/0x480 [ 15.813146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.813170] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.813215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.813240] ? __kthread_parkme+0x82/0x180 [ 15.813261] ? preempt_count_sub+0x50/0x80 [ 15.813286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.813310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.813336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.813379] kthread+0x337/0x6f0 [ 15.813399] ? trace_preempt_on+0x20/0xc0 [ 15.813423] ? __pfx_kthread+0x10/0x10 [ 15.813455] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.813478] ? calculate_sigpending+0x7b/0xa0 [ 15.813503] ? __pfx_kthread+0x10/0x10 [ 15.813525] ret_from_fork+0x116/0x1d0 [ 15.813544] ? __pfx_kthread+0x10/0x10 [ 15.813565] ret_from_fork_asm+0x1a/0x30 [ 15.813598] </TASK> [ 15.813609] [ 15.820702] Allocated by task 282: [ 15.820883] kasan_save_stack+0x45/0x70 [ 15.821118] kasan_save_track+0x18/0x40 [ 15.821311] kasan_save_alloc_info+0x3b/0x50 [ 15.821520] __kasan_kmalloc+0xb7/0xc0 [ 15.821702] __kmalloc_cache_noprof+0x189/0x420 [ 15.821936] kasan_atomics+0x95/0x310 [ 15.822146] kunit_try_run_case+0x1a5/0x480 [ 15.822364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.822571] kthread+0x337/0x6f0 [ 15.822757] ret_from_fork+0x116/0x1d0 [ 15.822907] ret_from_fork_asm+0x1a/0x30 [ 15.823083] [ 15.823174] The buggy address belongs to the object at ffff8881029b7000 [ 15.823174] which belongs to the cache kmalloc-64 of size 64 [ 15.823524] The buggy address is located 0 bytes to the right of [ 15.823524] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.823876] [ 15.823956] The buggy address belongs to the physical page: [ 15.824204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.824552] flags: 0x200000000000000(node=0|zone=2) [ 15.824780] page_type: f5(slab) [ 15.824960] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.825324] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.825652] page dumped because: kasan: bad access detected [ 15.825909] [ 15.826050] Memory state around the buggy address: [ 15.826227] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.826440] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.826665] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.827014] ^ [ 15.827234] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.827543] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.827765] ================================================================== [ 15.482918] ================================================================== [ 15.483563] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.483888] Write of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.484637] [ 15.484875] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.484941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.484954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.484977] Call Trace: [ 15.484995] <TASK> [ 15.485013] dump_stack_lvl+0x73/0xb0 [ 15.485051] print_report+0xd1/0x610 [ 15.485074] ? __virt_addr_valid+0x1db/0x2d0 [ 15.485098] ? kasan_atomics_helper+0x1467/0x5450 [ 15.485120] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.485144] ? kasan_atomics_helper+0x1467/0x5450 [ 15.485167] kasan_report+0x141/0x180 [ 15.485190] ? kasan_atomics_helper+0x1467/0x5450 [ 15.485219] kasan_check_range+0x10c/0x1c0 [ 15.485244] __kasan_check_write+0x18/0x20 [ 15.485264] kasan_atomics_helper+0x1467/0x5450 [ 15.485288] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.485312] ? kasan_save_alloc_info+0x3b/0x50 [ 15.485343] kasan_atomics+0x1dc/0x310 [ 15.485368] ? __pfx_kasan_atomics+0x10/0x10 [ 15.485392] ? __pfx_read_tsc+0x10/0x10 [ 15.485414] ? ktime_get_ts64+0x86/0x230 [ 15.485440] kunit_try_run_case+0x1a5/0x480 [ 15.485466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.485489] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.485514] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.485578] ? __kthread_parkme+0x82/0x180 [ 15.485599] ? preempt_count_sub+0x50/0x80 [ 15.485625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.485650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.485675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.485700] kthread+0x337/0x6f0 [ 15.485720] ? trace_preempt_on+0x20/0xc0 [ 15.485745] ? __pfx_kthread+0x10/0x10 [ 15.485766] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.485788] ? calculate_sigpending+0x7b/0xa0 [ 15.485813] ? __pfx_kthread+0x10/0x10 [ 15.485836] ret_from_fork+0x116/0x1d0 [ 15.485856] ? __pfx_kthread+0x10/0x10 [ 15.485876] ret_from_fork_asm+0x1a/0x30 [ 15.485921] </TASK> [ 15.485932] [ 15.498997] Allocated by task 282: [ 15.499197] kasan_save_stack+0x45/0x70 [ 15.499394] kasan_save_track+0x18/0x40 [ 15.499567] kasan_save_alloc_info+0x3b/0x50 [ 15.500112] __kasan_kmalloc+0xb7/0xc0 [ 15.500471] __kmalloc_cache_noprof+0x189/0x420 [ 15.500888] kasan_atomics+0x95/0x310 [ 15.501326] kunit_try_run_case+0x1a5/0x480 [ 15.501710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.501974] kthread+0x337/0x6f0 [ 15.502285] ret_from_fork+0x116/0x1d0 [ 15.502471] ret_from_fork_asm+0x1a/0x30 [ 15.503082] [ 15.503187] The buggy address belongs to the object at ffff8881029b7000 [ 15.503187] which belongs to the cache kmalloc-64 of size 64 [ 15.504279] The buggy address is located 0 bytes to the right of [ 15.504279] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.505029] [ 15.505309] The buggy address belongs to the physical page: [ 15.505727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.506273] flags: 0x200000000000000(node=0|zone=2) [ 15.506681] page_type: f5(slab) [ 15.507010] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.507329] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.508032] page dumped because: kasan: bad access detected [ 15.508496] [ 15.508780] Memory state around the buggy address: [ 15.509258] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.509725] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.510233] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.510710] ^ [ 15.511042] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.511493] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.511935] ================================================================== [ 14.889864] ================================================================== [ 14.890252] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.890500] Write of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 14.890911] [ 14.891049] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.891093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.891105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.891126] Call Trace: [ 14.891142] <TASK> [ 14.891156] dump_stack_lvl+0x73/0xb0 [ 14.891185] print_report+0xd1/0x610 [ 14.891208] ? __virt_addr_valid+0x1db/0x2d0 [ 14.891232] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.891254] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.891279] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.891302] kasan_report+0x141/0x180 [ 14.891325] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.891354] kasan_check_range+0x10c/0x1c0 [ 14.891378] __kasan_check_write+0x18/0x20 [ 14.891399] kasan_atomics_helper+0x7c7/0x5450 [ 14.891422] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.891447] ? kasan_save_alloc_info+0x3b/0x50 [ 14.891478] kasan_atomics+0x1dc/0x310 [ 14.891502] ? __pfx_kasan_atomics+0x10/0x10 [ 14.891772] ? __pfx_read_tsc+0x10/0x10 [ 14.891797] ? ktime_get_ts64+0x86/0x230 [ 14.891824] kunit_try_run_case+0x1a5/0x480 [ 14.891851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.891875] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.891914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.891939] ? __kthread_parkme+0x82/0x180 [ 14.891961] ? preempt_count_sub+0x50/0x80 [ 14.892004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.892029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.892055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.892081] kthread+0x337/0x6f0 [ 14.892101] ? trace_preempt_on+0x20/0xc0 [ 14.892126] ? __pfx_kthread+0x10/0x10 [ 14.892148] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.892170] ? calculate_sigpending+0x7b/0xa0 [ 14.892196] ? __pfx_kthread+0x10/0x10 [ 14.892218] ret_from_fork+0x116/0x1d0 [ 14.892238] ? __pfx_kthread+0x10/0x10 [ 14.892260] ret_from_fork_asm+0x1a/0x30 [ 14.892292] </TASK> [ 14.892304] [ 14.900167] Allocated by task 282: [ 14.900336] kasan_save_stack+0x45/0x70 [ 14.900600] kasan_save_track+0x18/0x40 [ 14.900746] kasan_save_alloc_info+0x3b/0x50 [ 14.900911] __kasan_kmalloc+0xb7/0xc0 [ 14.901070] __kmalloc_cache_noprof+0x189/0x420 [ 14.901274] kasan_atomics+0x95/0x310 [ 14.901468] kunit_try_run_case+0x1a5/0x480 [ 14.901740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.902034] kthread+0x337/0x6f0 [ 14.902180] ret_from_fork+0x116/0x1d0 [ 14.902315] ret_from_fork_asm+0x1a/0x30 [ 14.902559] [ 14.902668] The buggy address belongs to the object at ffff8881029b7000 [ 14.902668] which belongs to the cache kmalloc-64 of size 64 [ 14.903254] The buggy address is located 0 bytes to the right of [ 14.903254] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 14.905256] [ 14.905365] The buggy address belongs to the physical page: [ 14.905862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 14.906298] flags: 0x200000000000000(node=0|zone=2) [ 14.906485] page_type: f5(slab) [ 14.906847] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.907332] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.908289] page dumped because: kasan: bad access detected [ 14.908480] [ 14.908863] Memory state around the buggy address: [ 14.909412] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.909784] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.910131] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.910811] ^ [ 14.911266] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.912106] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.912486] ================================================================== [ 15.317591] ================================================================== [ 15.318255] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.318536] Read of size 4 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.319341] [ 15.319551] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.319597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.319609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.319632] Call Trace: [ 15.319650] <TASK> [ 15.319667] dump_stack_lvl+0x73/0xb0 [ 15.319698] print_report+0xd1/0x610 [ 15.319721] ? __virt_addr_valid+0x1db/0x2d0 [ 15.319746] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.319768] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.319792] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.319815] kasan_report+0x141/0x180 [ 15.319841] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.319870] __asan_report_load4_noabort+0x18/0x20 [ 15.319907] kasan_atomics_helper+0x4a02/0x5450 [ 15.319932] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.319956] ? kasan_save_alloc_info+0x3b/0x50 [ 15.319987] kasan_atomics+0x1dc/0x310 [ 15.320013] ? __pfx_kasan_atomics+0x10/0x10 [ 15.320039] ? __pfx_read_tsc+0x10/0x10 [ 15.320061] ? ktime_get_ts64+0x86/0x230 [ 15.320087] kunit_try_run_case+0x1a5/0x480 [ 15.320112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.320135] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.320161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.320186] ? __kthread_parkme+0x82/0x180 [ 15.320208] ? preempt_count_sub+0x50/0x80 [ 15.320233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.320258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.320284] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.320309] kthread+0x337/0x6f0 [ 15.320329] ? trace_preempt_on+0x20/0xc0 [ 15.320354] ? __pfx_kthread+0x10/0x10 [ 15.320376] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.320398] ? calculate_sigpending+0x7b/0xa0 [ 15.320423] ? __pfx_kthread+0x10/0x10 [ 15.320445] ret_from_fork+0x116/0x1d0 [ 15.320464] ? __pfx_kthread+0x10/0x10 [ 15.320486] ret_from_fork_asm+0x1a/0x30 [ 15.320519] </TASK> [ 15.320530] [ 15.334513] Allocated by task 282: [ 15.334886] kasan_save_stack+0x45/0x70 [ 15.335141] kasan_save_track+0x18/0x40 [ 15.335279] kasan_save_alloc_info+0x3b/0x50 [ 15.335432] __kasan_kmalloc+0xb7/0xc0 [ 15.335566] __kmalloc_cache_noprof+0x189/0x420 [ 15.335809] kasan_atomics+0x95/0x310 [ 15.336158] kunit_try_run_case+0x1a5/0x480 [ 15.336415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.336807] kthread+0x337/0x6f0 [ 15.336947] ret_from_fork+0x116/0x1d0 [ 15.337146] ret_from_fork_asm+0x1a/0x30 [ 15.337296] [ 15.337372] The buggy address belongs to the object at ffff8881029b7000 [ 15.337372] which belongs to the cache kmalloc-64 of size 64 [ 15.337756] The buggy address is located 0 bytes to the right of [ 15.337756] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.338273] [ 15.338347] The buggy address belongs to the physical page: [ 15.338636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.339054] flags: 0x200000000000000(node=0|zone=2) [ 15.339301] page_type: f5(slab) [ 15.339424] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.339750] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.340137] page dumped because: kasan: bad access detected [ 15.340368] [ 15.340489] Memory state around the buggy address: [ 15.340683] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.340979] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.341381] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.341595] ^ [ 15.341783] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.342125] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.342401] ================================================================== [ 15.922943] ================================================================== [ 15.923211] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 15.923575] Read of size 8 at addr ffff8881029b7030 by task kunit_try_catch/282 [ 15.924049] [ 15.924190] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.924236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.924250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.924274] Call Trace: [ 15.924290] <TASK> [ 15.924307] dump_stack_lvl+0x73/0xb0 [ 15.924336] print_report+0xd1/0x610 [ 15.924359] ? __virt_addr_valid+0x1db/0x2d0 [ 15.924385] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.924409] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.924472] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.924498] kasan_report+0x141/0x180 [ 15.924522] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.924551] __asan_report_load8_noabort+0x18/0x20 [ 15.924576] kasan_atomics_helper+0x4f98/0x5450 [ 15.924629] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.924655] ? kasan_save_alloc_info+0x3b/0x50 [ 15.924686] kasan_atomics+0x1dc/0x310 [ 15.924711] ? __pfx_kasan_atomics+0x10/0x10 [ 15.924735] ? __pfx_read_tsc+0x10/0x10 [ 15.924756] ? ktime_get_ts64+0x86/0x230 [ 15.924782] kunit_try_run_case+0x1a5/0x480 [ 15.924807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.924829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.924855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.924880] ? __kthread_parkme+0x82/0x180 [ 15.924939] ? preempt_count_sub+0x50/0x80 [ 15.924985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.925011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.925036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.925061] kthread+0x337/0x6f0 [ 15.925114] ? trace_preempt_on+0x20/0xc0 [ 15.925139] ? __pfx_kthread+0x10/0x10 [ 15.925161] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.925183] ? calculate_sigpending+0x7b/0xa0 [ 15.925208] ? __pfx_kthread+0x10/0x10 [ 15.925260] ret_from_fork+0x116/0x1d0 [ 15.925280] ? __pfx_kthread+0x10/0x10 [ 15.925301] ret_from_fork_asm+0x1a/0x30 [ 15.925334] </TASK> [ 15.925344] [ 15.933080] Allocated by task 282: [ 15.933269] kasan_save_stack+0x45/0x70 [ 15.933453] kasan_save_track+0x18/0x40 [ 15.933626] kasan_save_alloc_info+0x3b/0x50 [ 15.933843] __kasan_kmalloc+0xb7/0xc0 [ 15.934102] __kmalloc_cache_noprof+0x189/0x420 [ 15.934332] kasan_atomics+0x95/0x310 [ 15.934498] kunit_try_run_case+0x1a5/0x480 [ 15.934736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.935042] kthread+0x337/0x6f0 [ 15.935245] ret_from_fork+0x116/0x1d0 [ 15.935396] ret_from_fork_asm+0x1a/0x30 [ 15.935706] [ 15.935903] The buggy address belongs to the object at ffff8881029b7000 [ 15.935903] which belongs to the cache kmalloc-64 of size 64 [ 15.936461] The buggy address is located 0 bytes to the right of [ 15.936461] allocated 48-byte region [ffff8881029b7000, ffff8881029b7030) [ 15.937038] [ 15.937133] The buggy address belongs to the physical page: [ 15.937360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b7 [ 15.937687] flags: 0x200000000000000(node=0|zone=2) [ 15.937962] page_type: f5(slab) [ 15.938181] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.938433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.938660] page dumped because: kasan: bad access detected [ 15.938839] [ 15.938959] Memory state around the buggy address: [ 15.939203] ffff8881029b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.939521] ffff8881029b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.939840] >ffff8881029b7000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.940152] ^ [ 15.940311] ffff8881029b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.940624] ffff8881029b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.940963] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.534042] ================================================================== [ 14.534508] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.535409] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.535924] [ 14.536124] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.536169] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.536180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.536201] Call Trace: [ 14.536216] <TASK> [ 14.536232] dump_stack_lvl+0x73/0xb0 [ 14.536260] print_report+0xd1/0x610 [ 14.536282] ? __virt_addr_valid+0x1db/0x2d0 [ 14.536305] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.536332] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.536355] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.536384] kasan_report+0x141/0x180 [ 14.536406] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.536439] kasan_check_range+0x10c/0x1c0 [ 14.536463] __kasan_check_write+0x18/0x20 [ 14.536481] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.536510] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.536539] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.536564] ? trace_hardirqs_on+0x37/0xe0 [ 14.536586] ? kasan_bitops_generic+0x92/0x1c0 [ 14.536614] kasan_bitops_generic+0x121/0x1c0 [ 14.536637] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.536662] ? __pfx_read_tsc+0x10/0x10 [ 14.536682] ? ktime_get_ts64+0x86/0x230 [ 14.536739] kunit_try_run_case+0x1a5/0x480 [ 14.536763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.536796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.536820] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.536844] ? __kthread_parkme+0x82/0x180 [ 14.536864] ? preempt_count_sub+0x50/0x80 [ 14.536889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.536922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.536946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.536972] kthread+0x337/0x6f0 [ 14.536990] ? trace_preempt_on+0x20/0xc0 [ 14.537013] ? __pfx_kthread+0x10/0x10 [ 14.537032] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.537054] ? calculate_sigpending+0x7b/0xa0 [ 14.537079] ? __pfx_kthread+0x10/0x10 [ 14.537100] ret_from_fork+0x116/0x1d0 [ 14.537118] ? __pfx_kthread+0x10/0x10 [ 14.537138] ret_from_fork_asm+0x1a/0x30 [ 14.537171] </TASK> [ 14.537182] [ 14.552193] Allocated by task 278: [ 14.552551] kasan_save_stack+0x45/0x70 [ 14.552816] kasan_save_track+0x18/0x40 [ 14.553219] kasan_save_alloc_info+0x3b/0x50 [ 14.553425] __kasan_kmalloc+0xb7/0xc0 [ 14.553856] __kmalloc_cache_noprof+0x189/0x420 [ 14.554261] kasan_bitops_generic+0x92/0x1c0 [ 14.554613] kunit_try_run_case+0x1a5/0x480 [ 14.554959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.555444] kthread+0x337/0x6f0 [ 14.555737] ret_from_fork+0x116/0x1d0 [ 14.555927] ret_from_fork_asm+0x1a/0x30 [ 14.556333] [ 14.556511] The buggy address belongs to the object at ffff888102837220 [ 14.556511] which belongs to the cache kmalloc-16 of size 16 [ 14.557370] The buggy address is located 8 bytes inside of [ 14.557370] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.558242] [ 14.558425] The buggy address belongs to the physical page: [ 14.559018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.559905] flags: 0x200000000000000(node=0|zone=2) [ 14.560407] page_type: f5(slab) [ 14.560702] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.561448] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.561683] page dumped because: kasan: bad access detected [ 14.561878] [ 14.562028] Memory state around the buggy address: [ 14.562486] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.563227] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.563952] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.564610] ^ [ 14.565095] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.565619] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.566060] ================================================================== [ 14.384309] ================================================================== [ 14.384657] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.385023] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.385356] [ 14.385449] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.385490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.385502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.385521] Call Trace: [ 14.385536] <TASK> [ 14.385551] dump_stack_lvl+0x73/0xb0 [ 14.385577] print_report+0xd1/0x610 [ 14.385598] ? __virt_addr_valid+0x1db/0x2d0 [ 14.385621] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.385647] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.385669] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.385696] kasan_report+0x141/0x180 [ 14.385717] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.385749] kasan_check_range+0x10c/0x1c0 [ 14.385772] __kasan_check_write+0x18/0x20 [ 14.385791] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.385817] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.385845] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.385868] ? trace_hardirqs_on+0x37/0xe0 [ 14.385935] ? kasan_bitops_generic+0x92/0x1c0 [ 14.386037] kasan_bitops_generic+0x121/0x1c0 [ 14.386062] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.386086] ? __pfx_read_tsc+0x10/0x10 [ 14.386110] ? ktime_get_ts64+0x86/0x230 [ 14.386138] kunit_try_run_case+0x1a5/0x480 [ 14.386163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.386186] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.386212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.386235] ? __kthread_parkme+0x82/0x180 [ 14.386257] ? preempt_count_sub+0x50/0x80 [ 14.386282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.386307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.386332] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.386357] kthread+0x337/0x6f0 [ 14.386376] ? trace_preempt_on+0x20/0xc0 [ 14.386398] ? __pfx_kthread+0x10/0x10 [ 14.386418] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.386442] ? calculate_sigpending+0x7b/0xa0 [ 14.386467] ? __pfx_kthread+0x10/0x10 [ 14.386488] ret_from_fork+0x116/0x1d0 [ 14.386507] ? __pfx_kthread+0x10/0x10 [ 14.386528] ret_from_fork_asm+0x1a/0x30 [ 14.386560] </TASK> [ 14.386571] [ 14.396139] Allocated by task 278: [ 14.396274] kasan_save_stack+0x45/0x70 [ 14.396424] kasan_save_track+0x18/0x40 [ 14.396626] kasan_save_alloc_info+0x3b/0x50 [ 14.396845] __kasan_kmalloc+0xb7/0xc0 [ 14.397262] __kmalloc_cache_noprof+0x189/0x420 [ 14.397447] kasan_bitops_generic+0x92/0x1c0 [ 14.397732] kunit_try_run_case+0x1a5/0x480 [ 14.398024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.398229] kthread+0x337/0x6f0 [ 14.398397] ret_from_fork+0x116/0x1d0 [ 14.398695] ret_from_fork_asm+0x1a/0x30 [ 14.398921] [ 14.399021] The buggy address belongs to the object at ffff888102837220 [ 14.399021] which belongs to the cache kmalloc-16 of size 16 [ 14.399513] The buggy address is located 8 bytes inside of [ 14.399513] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.400176] [ 14.400278] The buggy address belongs to the physical page: [ 14.400504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.401086] flags: 0x200000000000000(node=0|zone=2) [ 14.401329] page_type: f5(slab) [ 14.401486] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.401988] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.402354] page dumped because: kasan: bad access detected [ 14.402617] [ 14.402709] Memory state around the buggy address: [ 14.402955] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.403251] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.403529] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.403823] ^ [ 14.403983] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.404306] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.404617] ================================================================== [ 14.473740] ================================================================== [ 14.474262] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.474750] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.475120] [ 14.475229] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.475271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.475281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.475301] Call Trace: [ 14.475316] <TASK> [ 14.475332] dump_stack_lvl+0x73/0xb0 [ 14.475360] print_report+0xd1/0x610 [ 14.475381] ? __virt_addr_valid+0x1db/0x2d0 [ 14.475405] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.475434] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.475457] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.475485] kasan_report+0x141/0x180 [ 14.475508] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.475561] kasan_check_range+0x10c/0x1c0 [ 14.475585] __kasan_check_write+0x18/0x20 [ 14.475604] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.475632] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.475661] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.475685] ? trace_hardirqs_on+0x37/0xe0 [ 14.475753] ? kasan_bitops_generic+0x92/0x1c0 [ 14.475817] kasan_bitops_generic+0x121/0x1c0 [ 14.475919] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.475945] ? __pfx_read_tsc+0x10/0x10 [ 14.476010] ? ktime_get_ts64+0x86/0x230 [ 14.476036] kunit_try_run_case+0x1a5/0x480 [ 14.476061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.476082] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.476107] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.476130] ? __kthread_parkme+0x82/0x180 [ 14.476150] ? preempt_count_sub+0x50/0x80 [ 14.476174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.476198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.476221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.476245] kthread+0x337/0x6f0 [ 14.476264] ? trace_preempt_on+0x20/0xc0 [ 14.476286] ? __pfx_kthread+0x10/0x10 [ 14.476306] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.476328] ? calculate_sigpending+0x7b/0xa0 [ 14.476395] ? __pfx_kthread+0x10/0x10 [ 14.476417] ret_from_fork+0x116/0x1d0 [ 14.476435] ? __pfx_kthread+0x10/0x10 [ 14.476503] ret_from_fork_asm+0x1a/0x30 [ 14.476572] </TASK> [ 14.476583] [ 14.486336] Allocated by task 278: [ 14.486667] kasan_save_stack+0x45/0x70 [ 14.487077] kasan_save_track+0x18/0x40 [ 14.487236] kasan_save_alloc_info+0x3b/0x50 [ 14.487479] __kasan_kmalloc+0xb7/0xc0 [ 14.487879] __kmalloc_cache_noprof+0x189/0x420 [ 14.488120] kasan_bitops_generic+0x92/0x1c0 [ 14.488497] kunit_try_run_case+0x1a5/0x480 [ 14.488641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.488811] kthread+0x337/0x6f0 [ 14.488954] ret_from_fork+0x116/0x1d0 [ 14.489103] ret_from_fork_asm+0x1a/0x30 [ 14.489240] [ 14.489348] The buggy address belongs to the object at ffff888102837220 [ 14.489348] which belongs to the cache kmalloc-16 of size 16 [ 14.490229] The buggy address is located 8 bytes inside of [ 14.490229] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.491271] [ 14.491396] The buggy address belongs to the physical page: [ 14.491675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.492318] flags: 0x200000000000000(node=0|zone=2) [ 14.492569] page_type: f5(slab) [ 14.492709] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.493360] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.493596] page dumped because: kasan: bad access detected [ 14.493769] [ 14.493838] Memory state around the buggy address: [ 14.494030] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.494445] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.494799] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.495245] ^ [ 14.495602] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.496231] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.496772] ================================================================== [ 14.427139] ================================================================== [ 14.427477] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.427837] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.428134] [ 14.428260] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.428301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.428312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.428332] Call Trace: [ 14.428345] <TASK> [ 14.428386] dump_stack_lvl+0x73/0xb0 [ 14.428415] print_report+0xd1/0x610 [ 14.428437] ? __virt_addr_valid+0x1db/0x2d0 [ 14.428477] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.428505] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.428732] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.428774] kasan_report+0x141/0x180 [ 14.428797] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.428831] kasan_check_range+0x10c/0x1c0 [ 14.428855] __kasan_check_write+0x18/0x20 [ 14.428874] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.428935] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.428964] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.428988] ? trace_hardirqs_on+0x37/0xe0 [ 14.429010] ? kasan_bitops_generic+0x92/0x1c0 [ 14.429038] kasan_bitops_generic+0x121/0x1c0 [ 14.429080] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.429105] ? __pfx_read_tsc+0x10/0x10 [ 14.429126] ? ktime_get_ts64+0x86/0x230 [ 14.429150] kunit_try_run_case+0x1a5/0x480 [ 14.429174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.429196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.429220] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.429262] ? __kthread_parkme+0x82/0x180 [ 14.429281] ? preempt_count_sub+0x50/0x80 [ 14.429306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.429331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.429355] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.429380] kthread+0x337/0x6f0 [ 14.429416] ? trace_preempt_on+0x20/0xc0 [ 14.429437] ? __pfx_kthread+0x10/0x10 [ 14.429458] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.429481] ? calculate_sigpending+0x7b/0xa0 [ 14.429505] ? __pfx_kthread+0x10/0x10 [ 14.429526] ret_from_fork+0x116/0x1d0 [ 14.429593] ? __pfx_kthread+0x10/0x10 [ 14.429614] ret_from_fork_asm+0x1a/0x30 [ 14.429646] </TASK> [ 14.429656] [ 14.439339] Allocated by task 278: [ 14.439524] kasan_save_stack+0x45/0x70 [ 14.439793] kasan_save_track+0x18/0x40 [ 14.440013] kasan_save_alloc_info+0x3b/0x50 [ 14.440164] __kasan_kmalloc+0xb7/0xc0 [ 14.440293] __kmalloc_cache_noprof+0x189/0x420 [ 14.440444] kasan_bitops_generic+0x92/0x1c0 [ 14.440589] kunit_try_run_case+0x1a5/0x480 [ 14.440749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.441029] kthread+0x337/0x6f0 [ 14.441194] ret_from_fork+0x116/0x1d0 [ 14.441379] ret_from_fork_asm+0x1a/0x30 [ 14.441572] [ 14.441663] The buggy address belongs to the object at ffff888102837220 [ 14.441663] which belongs to the cache kmalloc-16 of size 16 [ 14.442685] The buggy address is located 8 bytes inside of [ 14.442685] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.443333] [ 14.443408] The buggy address belongs to the physical page: [ 14.443730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.444222] flags: 0x200000000000000(node=0|zone=2) [ 14.444449] page_type: f5(slab) [ 14.444809] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.445116] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.445339] page dumped because: kasan: bad access detected [ 14.445514] [ 14.445701] Memory state around the buggy address: [ 14.445957] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.446444] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.447048] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.447361] ^ [ 14.447574] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.447972] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.448204] ================================================================== [ 14.566709] ================================================================== [ 14.567415] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.568352] Read of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.568574] [ 14.568662] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.568742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.568754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.568775] Call Trace: [ 14.568800] <TASK> [ 14.568817] dump_stack_lvl+0x73/0xb0 [ 14.568858] print_report+0xd1/0x610 [ 14.568880] ? __virt_addr_valid+0x1db/0x2d0 [ 14.568931] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.568959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.568981] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.569019] kasan_report+0x141/0x180 [ 14.569041] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.569103] kasan_check_range+0x10c/0x1c0 [ 14.569127] __kasan_check_read+0x15/0x20 [ 14.569146] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.569173] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.569203] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.569226] ? trace_hardirqs_on+0x37/0xe0 [ 14.569249] ? kasan_bitops_generic+0x92/0x1c0 [ 14.569314] kasan_bitops_generic+0x121/0x1c0 [ 14.569337] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.569389] ? __pfx_read_tsc+0x10/0x10 [ 14.569410] ? ktime_get_ts64+0x86/0x230 [ 14.569435] kunit_try_run_case+0x1a5/0x480 [ 14.569485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.569508] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.569562] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.569587] ? __kthread_parkme+0x82/0x180 [ 14.569609] ? preempt_count_sub+0x50/0x80 [ 14.569636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.569660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.569684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.569708] kthread+0x337/0x6f0 [ 14.569727] ? trace_preempt_on+0x20/0xc0 [ 14.569749] ? __pfx_kthread+0x10/0x10 [ 14.569769] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.569790] ? calculate_sigpending+0x7b/0xa0 [ 14.569815] ? __pfx_kthread+0x10/0x10 [ 14.569836] ret_from_fork+0x116/0x1d0 [ 14.569855] ? __pfx_kthread+0x10/0x10 [ 14.569875] ret_from_fork_asm+0x1a/0x30 [ 14.569917] </TASK> [ 14.569927] [ 14.586235] Allocated by task 278: [ 14.586568] kasan_save_stack+0x45/0x70 [ 14.586883] kasan_save_track+0x18/0x40 [ 14.587240] kasan_save_alloc_info+0x3b/0x50 [ 14.587562] __kasan_kmalloc+0xb7/0xc0 [ 14.587705] __kmalloc_cache_noprof+0x189/0x420 [ 14.587865] kasan_bitops_generic+0x92/0x1c0 [ 14.588126] kunit_try_run_case+0x1a5/0x480 [ 14.588276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.588527] kthread+0x337/0x6f0 [ 14.588757] ret_from_fork+0x116/0x1d0 [ 14.588940] ret_from_fork_asm+0x1a/0x30 [ 14.589197] [ 14.589377] The buggy address belongs to the object at ffff888102837220 [ 14.589377] which belongs to the cache kmalloc-16 of size 16 [ 14.589803] The buggy address is located 8 bytes inside of [ 14.589803] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.590651] [ 14.590828] The buggy address belongs to the physical page: [ 14.591181] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.591524] flags: 0x200000000000000(node=0|zone=2) [ 14.591783] page_type: f5(slab) [ 14.591960] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.592346] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.592615] page dumped because: kasan: bad access detected [ 14.592886] [ 14.592995] Memory state around the buggy address: [ 14.593288] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.593795] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.594247] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.594697] ^ [ 14.594900] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.595237] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.595599] ================================================================== [ 14.448763] ================================================================== [ 14.449191] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.449621] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.450035] [ 14.450167] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.450208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.450219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.450240] Call Trace: [ 14.450273] <TASK> [ 14.450288] dump_stack_lvl+0x73/0xb0 [ 14.450317] print_report+0xd1/0x610 [ 14.450339] ? __virt_addr_valid+0x1db/0x2d0 [ 14.450361] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.450389] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.450412] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.450441] kasan_report+0x141/0x180 [ 14.450462] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.450496] kasan_check_range+0x10c/0x1c0 [ 14.450520] __kasan_check_write+0x18/0x20 [ 14.450538] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.450584] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.450614] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.450834] ? trace_hardirqs_on+0x37/0xe0 [ 14.450857] ? kasan_bitops_generic+0x92/0x1c0 [ 14.451028] kasan_bitops_generic+0x121/0x1c0 [ 14.451060] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.451085] ? __pfx_read_tsc+0x10/0x10 [ 14.451105] ? ktime_get_ts64+0x86/0x230 [ 14.451130] kunit_try_run_case+0x1a5/0x480 [ 14.451180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.451202] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.451227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.451250] ? __kthread_parkme+0x82/0x180 [ 14.451270] ? preempt_count_sub+0x50/0x80 [ 14.451294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.451336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.451361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.451384] kthread+0x337/0x6f0 [ 14.451403] ? trace_preempt_on+0x20/0xc0 [ 14.451425] ? __pfx_kthread+0x10/0x10 [ 14.451445] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.451467] ? calculate_sigpending+0x7b/0xa0 [ 14.451507] ? __pfx_kthread+0x10/0x10 [ 14.451528] ret_from_fork+0x116/0x1d0 [ 14.451547] ? __pfx_kthread+0x10/0x10 [ 14.451567] ret_from_fork_asm+0x1a/0x30 [ 14.451599] </TASK> [ 14.451609] [ 14.460460] Allocated by task 278: [ 14.460593] kasan_save_stack+0x45/0x70 [ 14.460922] kasan_save_track+0x18/0x40 [ 14.461300] kasan_save_alloc_info+0x3b/0x50 [ 14.461614] __kasan_kmalloc+0xb7/0xc0 [ 14.461834] __kmalloc_cache_noprof+0x189/0x420 [ 14.462201] kasan_bitops_generic+0x92/0x1c0 [ 14.462416] kunit_try_run_case+0x1a5/0x480 [ 14.462809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.463398] kthread+0x337/0x6f0 [ 14.463721] ret_from_fork+0x116/0x1d0 [ 14.463904] ret_from_fork_asm+0x1a/0x30 [ 14.464090] [ 14.464162] The buggy address belongs to the object at ffff888102837220 [ 14.464162] which belongs to the cache kmalloc-16 of size 16 [ 14.464825] The buggy address is located 8 bytes inside of [ 14.464825] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.465337] [ 14.465408] The buggy address belongs to the physical page: [ 14.465842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.466210] flags: 0x200000000000000(node=0|zone=2) [ 14.466452] page_type: f5(slab) [ 14.466827] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.468454] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.468692] page dumped because: kasan: bad access detected [ 14.468861] [ 14.468946] Memory state around the buggy address: [ 14.469876] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.471571] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.472384] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.472619] ^ [ 14.472773] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.473007] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.473240] ================================================================== [ 14.596220] ================================================================== [ 14.596632] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.596924] Read of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.597284] [ 14.597427] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.597482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.597492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.597513] Call Trace: [ 14.597527] <TASK> [ 14.597543] dump_stack_lvl+0x73/0xb0 [ 14.597585] print_report+0xd1/0x610 [ 14.597606] ? __virt_addr_valid+0x1db/0x2d0 [ 14.597630] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.597658] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.597681] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.597710] kasan_report+0x141/0x180 [ 14.597732] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.597766] __asan_report_load8_noabort+0x18/0x20 [ 14.597791] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.597820] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.597849] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.597873] ? trace_hardirqs_on+0x37/0xe0 [ 14.597904] ? kasan_bitops_generic+0x92/0x1c0 [ 14.597933] kasan_bitops_generic+0x121/0x1c0 [ 14.597956] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.597981] ? __pfx_read_tsc+0x10/0x10 [ 14.598002] ? ktime_get_ts64+0x86/0x230 [ 14.598027] kunit_try_run_case+0x1a5/0x480 [ 14.598051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.598074] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.598098] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.598122] ? __kthread_parkme+0x82/0x180 [ 14.598165] ? preempt_count_sub+0x50/0x80 [ 14.598199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.598223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.598259] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.598284] kthread+0x337/0x6f0 [ 14.598302] ? trace_preempt_on+0x20/0xc0 [ 14.598342] ? __pfx_kthread+0x10/0x10 [ 14.598371] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.598393] ? calculate_sigpending+0x7b/0xa0 [ 14.598417] ? __pfx_kthread+0x10/0x10 [ 14.598449] ret_from_fork+0x116/0x1d0 [ 14.598468] ? __pfx_kthread+0x10/0x10 [ 14.598487] ret_from_fork_asm+0x1a/0x30 [ 14.598567] </TASK> [ 14.598578] [ 14.609773] Allocated by task 278: [ 14.610072] kasan_save_stack+0x45/0x70 [ 14.610291] kasan_save_track+0x18/0x40 [ 14.610489] kasan_save_alloc_info+0x3b/0x50 [ 14.611257] __kasan_kmalloc+0xb7/0xc0 [ 14.611627] __kmalloc_cache_noprof+0x189/0x420 [ 14.611864] kasan_bitops_generic+0x92/0x1c0 [ 14.612195] kunit_try_run_case+0x1a5/0x480 [ 14.612505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.612927] kthread+0x337/0x6f0 [ 14.613248] ret_from_fork+0x116/0x1d0 [ 14.613692] ret_from_fork_asm+0x1a/0x30 [ 14.613888] [ 14.614182] The buggy address belongs to the object at ffff888102837220 [ 14.614182] which belongs to the cache kmalloc-16 of size 16 [ 14.614815] The buggy address is located 8 bytes inside of [ 14.614815] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.615407] [ 14.615504] The buggy address belongs to the physical page: [ 14.616220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.616795] flags: 0x200000000000000(node=0|zone=2) [ 14.617070] page_type: f5(slab) [ 14.617502] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.618031] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.618442] page dumped because: kasan: bad access detected [ 14.618912] [ 14.619012] Memory state around the buggy address: [ 14.619241] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.619492] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.620138] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.620404] ^ [ 14.620850] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.621322] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.621876] ================================================================== [ 14.497474] ================================================================== [ 14.498069] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.498385] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.498636] [ 14.498906] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.499011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.499069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.499090] Call Trace: [ 14.499106] <TASK> [ 14.499122] dump_stack_lvl+0x73/0xb0 [ 14.499215] print_report+0xd1/0x610 [ 14.499264] ? __virt_addr_valid+0x1db/0x2d0 [ 14.499287] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.499315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.499338] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.499367] kasan_report+0x141/0x180 [ 14.499388] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.499422] kasan_check_range+0x10c/0x1c0 [ 14.499446] __kasan_check_write+0x18/0x20 [ 14.499464] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.499493] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.499559] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.499583] ? trace_hardirqs_on+0x37/0xe0 [ 14.499606] ? kasan_bitops_generic+0x92/0x1c0 [ 14.499633] kasan_bitops_generic+0x121/0x1c0 [ 14.499657] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.499682] ? __pfx_read_tsc+0x10/0x10 [ 14.499703] ? ktime_get_ts64+0x86/0x230 [ 14.499728] kunit_try_run_case+0x1a5/0x480 [ 14.499752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.499774] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.499798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.499822] ? __kthread_parkme+0x82/0x180 [ 14.499841] ? preempt_count_sub+0x50/0x80 [ 14.499866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.499890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.499924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.500046] kthread+0x337/0x6f0 [ 14.500066] ? trace_preempt_on+0x20/0xc0 [ 14.500089] ? __pfx_kthread+0x10/0x10 [ 14.500109] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.500130] ? calculate_sigpending+0x7b/0xa0 [ 14.500154] ? __pfx_kthread+0x10/0x10 [ 14.500176] ret_from_fork+0x116/0x1d0 [ 14.500195] ? __pfx_kthread+0x10/0x10 [ 14.500216] ret_from_fork_asm+0x1a/0x30 [ 14.500248] </TASK> [ 14.500258] [ 14.516668] Allocated by task 278: [ 14.517000] kasan_save_stack+0x45/0x70 [ 14.517678] kasan_save_track+0x18/0x40 [ 14.518108] kasan_save_alloc_info+0x3b/0x50 [ 14.518681] __kasan_kmalloc+0xb7/0xc0 [ 14.519166] __kmalloc_cache_noprof+0x189/0x420 [ 14.519733] kasan_bitops_generic+0x92/0x1c0 [ 14.520287] kunit_try_run_case+0x1a5/0x480 [ 14.520813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.521199] kthread+0x337/0x6f0 [ 14.521661] ret_from_fork+0x116/0x1d0 [ 14.521979] ret_from_fork_asm+0x1a/0x30 [ 14.522144] [ 14.522465] The buggy address belongs to the object at ffff888102837220 [ 14.522465] which belongs to the cache kmalloc-16 of size 16 [ 14.523784] The buggy address is located 8 bytes inside of [ 14.523784] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.524724] [ 14.524979] The buggy address belongs to the physical page: [ 14.525466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.526126] flags: 0x200000000000000(node=0|zone=2) [ 14.526698] page_type: f5(slab) [ 14.527132] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.527765] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.528374] page dumped because: kasan: bad access detected [ 14.528855] [ 14.528944] Memory state around the buggy address: [ 14.529486] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.530221] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.530455] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.531377] ^ [ 14.532006] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.532263] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.533103] ================================================================== [ 14.405261] ================================================================== [ 14.405588] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.406086] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.406444] [ 14.406529] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.406571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.406581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.406602] Call Trace: [ 14.406616] <TASK> [ 14.406629] dump_stack_lvl+0x73/0xb0 [ 14.406657] print_report+0xd1/0x610 [ 14.406679] ? __virt_addr_valid+0x1db/0x2d0 [ 14.406703] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.406730] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.406754] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.406788] kasan_report+0x141/0x180 [ 14.406809] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.406844] kasan_check_range+0x10c/0x1c0 [ 14.406867] __kasan_check_write+0x18/0x20 [ 14.406886] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.406926] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.406956] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.406981] ? trace_hardirqs_on+0x37/0xe0 [ 14.407004] ? kasan_bitops_generic+0x92/0x1c0 [ 14.407033] kasan_bitops_generic+0x121/0x1c0 [ 14.407057] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.407083] ? __pfx_read_tsc+0x10/0x10 [ 14.407104] ? ktime_get_ts64+0x86/0x230 [ 14.407128] kunit_try_run_case+0x1a5/0x480 [ 14.407153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.407176] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.407200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.407224] ? __kthread_parkme+0x82/0x180 [ 14.407245] ? preempt_count_sub+0x50/0x80 [ 14.407270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.407294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.407319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.407343] kthread+0x337/0x6f0 [ 14.407446] ? trace_preempt_on+0x20/0xc0 [ 14.407489] ? __pfx_kthread+0x10/0x10 [ 14.407510] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.407546] ? calculate_sigpending+0x7b/0xa0 [ 14.407584] ? __pfx_kthread+0x10/0x10 [ 14.407618] ret_from_fork+0x116/0x1d0 [ 14.407637] ? __pfx_kthread+0x10/0x10 [ 14.407670] ret_from_fork_asm+0x1a/0x30 [ 14.407716] </TASK> [ 14.407739] [ 14.417788] Allocated by task 278: [ 14.418077] kasan_save_stack+0x45/0x70 [ 14.418307] kasan_save_track+0x18/0x40 [ 14.418501] kasan_save_alloc_info+0x3b/0x50 [ 14.418743] __kasan_kmalloc+0xb7/0xc0 [ 14.418938] __kmalloc_cache_noprof+0x189/0x420 [ 14.419240] kasan_bitops_generic+0x92/0x1c0 [ 14.419405] kunit_try_run_case+0x1a5/0x480 [ 14.419727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.420037] kthread+0x337/0x6f0 [ 14.420179] ret_from_fork+0x116/0x1d0 [ 14.420387] ret_from_fork_asm+0x1a/0x30 [ 14.420782] [ 14.420924] The buggy address belongs to the object at ffff888102837220 [ 14.420924] which belongs to the cache kmalloc-16 of size 16 [ 14.421430] The buggy address is located 8 bytes inside of [ 14.421430] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.422003] [ 14.422125] The buggy address belongs to the physical page: [ 14.422348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.422735] flags: 0x200000000000000(node=0|zone=2) [ 14.423016] page_type: f5(slab) [ 14.423186] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.423467] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.423943] page dumped because: kasan: bad access detected [ 14.424197] [ 14.424291] Memory state around the buggy address: [ 14.424523] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.425029] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.425362] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.425739] ^ [ 14.426013] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.426314] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.426648] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.256956] ================================================================== [ 14.257751] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.258143] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.259802] [ 14.259952] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.259998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.260009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.260031] Call Trace: [ 14.260043] <TASK> [ 14.260058] dump_stack_lvl+0x73/0xb0 [ 14.260089] print_report+0xd1/0x610 [ 14.260112] ? __virt_addr_valid+0x1db/0x2d0 [ 14.260136] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.260161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.260184] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.260211] kasan_report+0x141/0x180 [ 14.260232] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.260265] kasan_check_range+0x10c/0x1c0 [ 14.260288] __kasan_check_write+0x18/0x20 [ 14.260308] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.260335] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.260362] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.260386] ? trace_hardirqs_on+0x37/0xe0 [ 14.260409] ? kasan_bitops_generic+0x92/0x1c0 [ 14.260438] kasan_bitops_generic+0x116/0x1c0 [ 14.260461] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.260487] ? __pfx_read_tsc+0x10/0x10 [ 14.260508] ? ktime_get_ts64+0x86/0x230 [ 14.260624] kunit_try_run_case+0x1a5/0x480 [ 14.260651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.260673] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.260698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.260722] ? __kthread_parkme+0x82/0x180 [ 14.260744] ? preempt_count_sub+0x50/0x80 [ 14.260769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.260793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.260817] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.260841] kthread+0x337/0x6f0 [ 14.260861] ? trace_preempt_on+0x20/0xc0 [ 14.260883] ? __pfx_kthread+0x10/0x10 [ 14.260916] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.260937] ? calculate_sigpending+0x7b/0xa0 [ 14.260962] ? __pfx_kthread+0x10/0x10 [ 14.260983] ret_from_fork+0x116/0x1d0 [ 14.261002] ? __pfx_kthread+0x10/0x10 [ 14.261023] ret_from_fork_asm+0x1a/0x30 [ 14.261055] </TASK> [ 14.261067] [ 14.270106] Allocated by task 278: [ 14.270281] kasan_save_stack+0x45/0x70 [ 14.270466] kasan_save_track+0x18/0x40 [ 14.270625] kasan_save_alloc_info+0x3b/0x50 [ 14.270780] __kasan_kmalloc+0xb7/0xc0 [ 14.270983] __kmalloc_cache_noprof+0x189/0x420 [ 14.271224] kasan_bitops_generic+0x92/0x1c0 [ 14.271421] kunit_try_run_case+0x1a5/0x480 [ 14.271568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.271743] kthread+0x337/0x6f0 [ 14.271864] ret_from_fork+0x116/0x1d0 [ 14.272006] ret_from_fork_asm+0x1a/0x30 [ 14.272149] [ 14.272219] The buggy address belongs to the object at ffff888102837220 [ 14.272219] which belongs to the cache kmalloc-16 of size 16 [ 14.272574] The buggy address is located 8 bytes inside of [ 14.272574] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.273311] [ 14.273415] The buggy address belongs to the physical page: [ 14.273924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.274684] flags: 0x200000000000000(node=0|zone=2) [ 14.274941] page_type: f5(slab) [ 14.275109] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.275646] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.276030] page dumped because: kasan: bad access detected [ 14.276284] [ 14.276376] Memory state around the buggy address: [ 14.276570] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.276844] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.277418] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.277856] ^ [ 14.278110] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.278406] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.278789] ================================================================== [ 14.235997] ================================================================== [ 14.236290] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.236548] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.236772] [ 14.236859] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.236915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.236927] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.236949] Call Trace: [ 14.236965] <TASK> [ 14.236981] dump_stack_lvl+0x73/0xb0 [ 14.237008] print_report+0xd1/0x610 [ 14.237030] ? __virt_addr_valid+0x1db/0x2d0 [ 14.237053] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.237077] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.237099] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.237125] kasan_report+0x141/0x180 [ 14.237146] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.237177] kasan_check_range+0x10c/0x1c0 [ 14.237200] __kasan_check_write+0x18/0x20 [ 14.237218] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.237243] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.237270] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.237293] ? trace_hardirqs_on+0x37/0xe0 [ 14.237315] ? kasan_bitops_generic+0x92/0x1c0 [ 14.237343] kasan_bitops_generic+0x116/0x1c0 [ 14.237365] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.237390] ? __pfx_read_tsc+0x10/0x10 [ 14.237411] ? ktime_get_ts64+0x86/0x230 [ 14.237449] kunit_try_run_case+0x1a5/0x480 [ 14.237474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.237497] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.237522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.237547] ? __kthread_parkme+0x82/0x180 [ 14.237567] ? preempt_count_sub+0x50/0x80 [ 14.237593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.237617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.237640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.237665] kthread+0x337/0x6f0 [ 14.237684] ? trace_preempt_on+0x20/0xc0 [ 14.237706] ? __pfx_kthread+0x10/0x10 [ 14.237726] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.237747] ? calculate_sigpending+0x7b/0xa0 [ 14.237771] ? __pfx_kthread+0x10/0x10 [ 14.237792] ret_from_fork+0x116/0x1d0 [ 14.237811] ? __pfx_kthread+0x10/0x10 [ 14.237831] ret_from_fork_asm+0x1a/0x30 [ 14.237863] </TASK> [ 14.237873] [ 14.248167] Allocated by task 278: [ 14.248342] kasan_save_stack+0x45/0x70 [ 14.248507] kasan_save_track+0x18/0x40 [ 14.248706] kasan_save_alloc_info+0x3b/0x50 [ 14.248990] __kasan_kmalloc+0xb7/0xc0 [ 14.249146] __kmalloc_cache_noprof+0x189/0x420 [ 14.249361] kasan_bitops_generic+0x92/0x1c0 [ 14.249618] kunit_try_run_case+0x1a5/0x480 [ 14.249801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.250097] kthread+0x337/0x6f0 [ 14.250235] ret_from_fork+0x116/0x1d0 [ 14.250406] ret_from_fork_asm+0x1a/0x30 [ 14.250737] [ 14.250818] The buggy address belongs to the object at ffff888102837220 [ 14.250818] which belongs to the cache kmalloc-16 of size 16 [ 14.251691] The buggy address is located 8 bytes inside of [ 14.251691] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.252316] [ 14.252408] The buggy address belongs to the physical page: [ 14.252705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.253066] flags: 0x200000000000000(node=0|zone=2) [ 14.253268] page_type: f5(slab) [ 14.253429] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.253807] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.254161] page dumped because: kasan: bad access detected [ 14.254343] [ 14.254435] Memory state around the buggy address: [ 14.254932] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.255223] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.255443] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.255656] ^ [ 14.255805] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.256035] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.256257] ================================================================== [ 14.342049] ================================================================== [ 14.342353] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.342971] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.343253] [ 14.343343] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.343387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.343398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.343422] Call Trace: [ 14.343439] <TASK> [ 14.343458] dump_stack_lvl+0x73/0xb0 [ 14.343488] print_report+0xd1/0x610 [ 14.343510] ? __virt_addr_valid+0x1db/0x2d0 [ 14.343534] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.343560] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.343584] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.343611] kasan_report+0x141/0x180 [ 14.343632] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.343664] kasan_check_range+0x10c/0x1c0 [ 14.343688] __kasan_check_write+0x18/0x20 [ 14.343708] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.343735] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.343762] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.343786] ? trace_hardirqs_on+0x37/0xe0 [ 14.343808] ? kasan_bitops_generic+0x92/0x1c0 [ 14.343836] kasan_bitops_generic+0x116/0x1c0 [ 14.343860] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.343885] ? __pfx_read_tsc+0x10/0x10 [ 14.343917] ? ktime_get_ts64+0x86/0x230 [ 14.343942] kunit_try_run_case+0x1a5/0x480 [ 14.343967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.343990] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.344015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.344039] ? __kthread_parkme+0x82/0x180 [ 14.344060] ? preempt_count_sub+0x50/0x80 [ 14.344085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.344109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.344133] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.344156] kthread+0x337/0x6f0 [ 14.344176] ? trace_preempt_on+0x20/0xc0 [ 14.344198] ? __pfx_kthread+0x10/0x10 [ 14.344218] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.344240] ? calculate_sigpending+0x7b/0xa0 [ 14.344263] ? __pfx_kthread+0x10/0x10 [ 14.344285] ret_from_fork+0x116/0x1d0 [ 14.344303] ? __pfx_kthread+0x10/0x10 [ 14.344324] ret_from_fork_asm+0x1a/0x30 [ 14.344356] </TASK> [ 14.344367] [ 14.353821] Allocated by task 278: [ 14.354057] kasan_save_stack+0x45/0x70 [ 14.354259] kasan_save_track+0x18/0x40 [ 14.354429] kasan_save_alloc_info+0x3b/0x50 [ 14.354872] __kasan_kmalloc+0xb7/0xc0 [ 14.355129] __kmalloc_cache_noprof+0x189/0x420 [ 14.355329] kasan_bitops_generic+0x92/0x1c0 [ 14.355507] kunit_try_run_case+0x1a5/0x480 [ 14.355655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.356046] kthread+0x337/0x6f0 [ 14.356227] ret_from_fork+0x116/0x1d0 [ 14.356420] ret_from_fork_asm+0x1a/0x30 [ 14.356744] [ 14.356817] The buggy address belongs to the object at ffff888102837220 [ 14.356817] which belongs to the cache kmalloc-16 of size 16 [ 14.357392] The buggy address is located 8 bytes inside of [ 14.357392] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.357937] [ 14.358045] The buggy address belongs to the physical page: [ 14.358260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.358792] flags: 0x200000000000000(node=0|zone=2) [ 14.358979] page_type: f5(slab) [ 14.359214] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.359628] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.359911] page dumped because: kasan: bad access detected [ 14.360086] [ 14.360155] Memory state around the buggy address: [ 14.360310] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.360527] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.360744] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.361074] ^ [ 14.361286] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.361598] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.361995] ================================================================== [ 14.322093] ================================================================== [ 14.322372] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.322773] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.323071] [ 14.323197] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.323240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.323252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.323273] Call Trace: [ 14.323287] <TASK> [ 14.323301] dump_stack_lvl+0x73/0xb0 [ 14.323329] print_report+0xd1/0x610 [ 14.323351] ? __virt_addr_valid+0x1db/0x2d0 [ 14.323376] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.323402] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.323425] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.323451] kasan_report+0x141/0x180 [ 14.323473] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.323505] kasan_check_range+0x10c/0x1c0 [ 14.323529] __kasan_check_write+0x18/0x20 [ 14.323548] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.323575] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.323602] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.323626] ? trace_hardirqs_on+0x37/0xe0 [ 14.323649] ? kasan_bitops_generic+0x92/0x1c0 [ 14.323677] kasan_bitops_generic+0x116/0x1c0 [ 14.323700] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.323725] ? __pfx_read_tsc+0x10/0x10 [ 14.323746] ? ktime_get_ts64+0x86/0x230 [ 14.323770] kunit_try_run_case+0x1a5/0x480 [ 14.323794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.323816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.323840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.323863] ? __kthread_parkme+0x82/0x180 [ 14.323884] ? preempt_count_sub+0x50/0x80 [ 14.323919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.323943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.323967] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.324184] kthread+0x337/0x6f0 [ 14.324208] ? trace_preempt_on+0x20/0xc0 [ 14.324231] ? __pfx_kthread+0x10/0x10 [ 14.324252] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.324274] ? calculate_sigpending+0x7b/0xa0 [ 14.324298] ? __pfx_kthread+0x10/0x10 [ 14.324320] ret_from_fork+0x116/0x1d0 [ 14.324339] ? __pfx_kthread+0x10/0x10 [ 14.324359] ret_from_fork_asm+0x1a/0x30 [ 14.324391] </TASK> [ 14.324402] [ 14.333233] Allocated by task 278: [ 14.333437] kasan_save_stack+0x45/0x70 [ 14.333646] kasan_save_track+0x18/0x40 [ 14.333833] kasan_save_alloc_info+0x3b/0x50 [ 14.334092] __kasan_kmalloc+0xb7/0xc0 [ 14.334254] __kmalloc_cache_noprof+0x189/0x420 [ 14.334446] kasan_bitops_generic+0x92/0x1c0 [ 14.334643] kunit_try_run_case+0x1a5/0x480 [ 14.334823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.335097] kthread+0x337/0x6f0 [ 14.335252] ret_from_fork+0x116/0x1d0 [ 14.335437] ret_from_fork_asm+0x1a/0x30 [ 14.335605] [ 14.335698] The buggy address belongs to the object at ffff888102837220 [ 14.335698] which belongs to the cache kmalloc-16 of size 16 [ 14.336210] The buggy address is located 8 bytes inside of [ 14.336210] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.336642] [ 14.336715] The buggy address belongs to the physical page: [ 14.336890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.337144] flags: 0x200000000000000(node=0|zone=2) [ 14.337310] page_type: f5(slab) [ 14.337435] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.337785] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.338552] page dumped because: kasan: bad access detected [ 14.338816] [ 14.338923] Memory state around the buggy address: [ 14.339147] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.339705] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.339933] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.340146] ^ [ 14.340293] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.341099] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.341428] ================================================================== [ 14.212718] ================================================================== [ 14.213787] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.214330] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.214728] [ 14.214840] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.214886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.214909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.214933] Call Trace: [ 14.214944] <TASK> [ 14.214960] dump_stack_lvl+0x73/0xb0 [ 14.214999] print_report+0xd1/0x610 [ 14.215023] ? __virt_addr_valid+0x1db/0x2d0 [ 14.215046] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.215073] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.215096] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.215123] kasan_report+0x141/0x180 [ 14.215145] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.215177] kasan_check_range+0x10c/0x1c0 [ 14.215201] __kasan_check_write+0x18/0x20 [ 14.215221] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.215248] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.215276] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.215300] ? trace_hardirqs_on+0x37/0xe0 [ 14.215323] ? kasan_bitops_generic+0x92/0x1c0 [ 14.215352] kasan_bitops_generic+0x116/0x1c0 [ 14.215376] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.215402] ? __pfx_read_tsc+0x10/0x10 [ 14.215423] ? ktime_get_ts64+0x86/0x230 [ 14.215448] kunit_try_run_case+0x1a5/0x480 [ 14.215473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.215497] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.215525] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.215605] ? __kthread_parkme+0x82/0x180 [ 14.215626] ? preempt_count_sub+0x50/0x80 [ 14.215651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.215675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.215700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.215727] kthread+0x337/0x6f0 [ 14.215745] ? trace_preempt_on+0x20/0xc0 [ 14.215766] ? __pfx_kthread+0x10/0x10 [ 14.215787] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.215808] ? calculate_sigpending+0x7b/0xa0 [ 14.215834] ? __pfx_kthread+0x10/0x10 [ 14.215857] ret_from_fork+0x116/0x1d0 [ 14.215877] ? __pfx_kthread+0x10/0x10 [ 14.215908] ret_from_fork_asm+0x1a/0x30 [ 14.215941] </TASK> [ 14.215952] [ 14.224703] Allocated by task 278: [ 14.224861] kasan_save_stack+0x45/0x70 [ 14.225081] kasan_save_track+0x18/0x40 [ 14.225219] kasan_save_alloc_info+0x3b/0x50 [ 14.225417] __kasan_kmalloc+0xb7/0xc0 [ 14.225604] __kmalloc_cache_noprof+0x189/0x420 [ 14.225825] kasan_bitops_generic+0x92/0x1c0 [ 14.226106] kunit_try_run_case+0x1a5/0x480 [ 14.226309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.226608] kthread+0x337/0x6f0 [ 14.226776] ret_from_fork+0x116/0x1d0 [ 14.226957] ret_from_fork_asm+0x1a/0x30 [ 14.227193] [ 14.227276] The buggy address belongs to the object at ffff888102837220 [ 14.227276] which belongs to the cache kmalloc-16 of size 16 [ 14.227801] The buggy address is located 8 bytes inside of [ 14.227801] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.228171] [ 14.228246] The buggy address belongs to the physical page: [ 14.228421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.228666] flags: 0x200000000000000(node=0|zone=2) [ 14.228833] page_type: f5(slab) [ 14.228991] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.229770] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.230325] page dumped because: kasan: bad access detected [ 14.230522] [ 14.230591] Memory state around the buggy address: [ 14.230748] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.230979] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.231197] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.231468] ^ [ 14.231919] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.232601] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.232948] ================================================================== [ 14.362459] ================================================================== [ 14.363150] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.363413] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.363963] [ 14.364202] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.364247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.364258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.364279] Call Trace: [ 14.364293] <TASK> [ 14.364309] dump_stack_lvl+0x73/0xb0 [ 14.364338] print_report+0xd1/0x610 [ 14.364359] ? __virt_addr_valid+0x1db/0x2d0 [ 14.364382] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.364408] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.364431] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.364458] kasan_report+0x141/0x180 [ 14.364480] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.364511] kasan_check_range+0x10c/0x1c0 [ 14.364584] __kasan_check_write+0x18/0x20 [ 14.364604] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.364631] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.364659] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.364682] ? trace_hardirqs_on+0x37/0xe0 [ 14.364705] ? kasan_bitops_generic+0x92/0x1c0 [ 14.364733] kasan_bitops_generic+0x116/0x1c0 [ 14.364757] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.364782] ? __pfx_read_tsc+0x10/0x10 [ 14.364803] ? ktime_get_ts64+0x86/0x230 [ 14.364827] kunit_try_run_case+0x1a5/0x480 [ 14.364853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.364875] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.364915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.364939] ? __kthread_parkme+0x82/0x180 [ 14.364959] ? preempt_count_sub+0x50/0x80 [ 14.364984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.365009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.365032] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.365057] kthread+0x337/0x6f0 [ 14.365076] ? trace_preempt_on+0x20/0xc0 [ 14.365098] ? __pfx_kthread+0x10/0x10 [ 14.365118] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.365139] ? calculate_sigpending+0x7b/0xa0 [ 14.365164] ? __pfx_kthread+0x10/0x10 [ 14.365185] ret_from_fork+0x116/0x1d0 [ 14.365203] ? __pfx_kthread+0x10/0x10 [ 14.365224] ret_from_fork_asm+0x1a/0x30 [ 14.365256] </TASK> [ 14.365267] [ 14.374150] Allocated by task 278: [ 14.374296] kasan_save_stack+0x45/0x70 [ 14.374446] kasan_save_track+0x18/0x40 [ 14.374933] kasan_save_alloc_info+0x3b/0x50 [ 14.375300] __kasan_kmalloc+0xb7/0xc0 [ 14.375509] __kmalloc_cache_noprof+0x189/0x420 [ 14.375803] kasan_bitops_generic+0x92/0x1c0 [ 14.376044] kunit_try_run_case+0x1a5/0x480 [ 14.376241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.376417] kthread+0x337/0x6f0 [ 14.376539] ret_from_fork+0x116/0x1d0 [ 14.376672] ret_from_fork_asm+0x1a/0x30 [ 14.376812] [ 14.376882] The buggy address belongs to the object at ffff888102837220 [ 14.376882] which belongs to the cache kmalloc-16 of size 16 [ 14.377453] The buggy address is located 8 bytes inside of [ 14.377453] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.378428] [ 14.378700] The buggy address belongs to the physical page: [ 14.379193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.379698] flags: 0x200000000000000(node=0|zone=2) [ 14.379867] page_type: f5(slab) [ 14.380008] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.380742] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.381064] page dumped because: kasan: bad access detected [ 14.381316] [ 14.381409] Memory state around the buggy address: [ 14.381710] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.382047] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.382281] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.382496] ^ [ 14.382701] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.383034] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.383399] ================================================================== [ 14.279275] ================================================================== [ 14.279509] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.280000] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.280342] [ 14.280461] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.280504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.280515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.280536] Call Trace: [ 14.280553] <TASK> [ 14.280569] dump_stack_lvl+0x73/0xb0 [ 14.280598] print_report+0xd1/0x610 [ 14.280621] ? __virt_addr_valid+0x1db/0x2d0 [ 14.280644] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.280669] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.280693] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.280719] kasan_report+0x141/0x180 [ 14.280742] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.280774] kasan_check_range+0x10c/0x1c0 [ 14.280798] __kasan_check_write+0x18/0x20 [ 14.280817] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.280844] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.280871] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.280914] ? trace_hardirqs_on+0x37/0xe0 [ 14.280936] ? kasan_bitops_generic+0x92/0x1c0 [ 14.280965] kasan_bitops_generic+0x116/0x1c0 [ 14.282259] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.282298] ? __pfx_read_tsc+0x10/0x10 [ 14.282321] ? ktime_get_ts64+0x86/0x230 [ 14.282347] kunit_try_run_case+0x1a5/0x480 [ 14.282380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.282404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.282429] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.282453] ? __kthread_parkme+0x82/0x180 [ 14.282473] ? preempt_count_sub+0x50/0x80 [ 14.282498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.282522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.282640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.282666] kthread+0x337/0x6f0 [ 14.282686] ? trace_preempt_on+0x20/0xc0 [ 14.282708] ? __pfx_kthread+0x10/0x10 [ 14.282729] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.282751] ? calculate_sigpending+0x7b/0xa0 [ 14.282783] ? __pfx_kthread+0x10/0x10 [ 14.282805] ret_from_fork+0x116/0x1d0 [ 14.282823] ? __pfx_kthread+0x10/0x10 [ 14.282843] ret_from_fork_asm+0x1a/0x30 [ 14.282876] </TASK> [ 14.282886] [ 14.292499] Allocated by task 278: [ 14.292687] kasan_save_stack+0x45/0x70 [ 14.292911] kasan_save_track+0x18/0x40 [ 14.293280] kasan_save_alloc_info+0x3b/0x50 [ 14.293461] __kasan_kmalloc+0xb7/0xc0 [ 14.293839] __kmalloc_cache_noprof+0x189/0x420 [ 14.294101] kasan_bitops_generic+0x92/0x1c0 [ 14.294306] kunit_try_run_case+0x1a5/0x480 [ 14.294473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.294884] kthread+0x337/0x6f0 [ 14.295083] ret_from_fork+0x116/0x1d0 [ 14.295250] ret_from_fork_asm+0x1a/0x30 [ 14.295449] [ 14.295533] The buggy address belongs to the object at ffff888102837220 [ 14.295533] which belongs to the cache kmalloc-16 of size 16 [ 14.295928] The buggy address is located 8 bytes inside of [ 14.295928] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.296282] [ 14.296353] The buggy address belongs to the physical page: [ 14.296589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.297269] flags: 0x200000000000000(node=0|zone=2) [ 14.297513] page_type: f5(slab) [ 14.297750] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.298132] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.298368] page dumped because: kasan: bad access detected [ 14.298669] [ 14.298773] Memory state around the buggy address: [ 14.299105] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.299436] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.299956] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.300245] ^ [ 14.300444] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.300922] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.301234] ================================================================== [ 14.301739] ================================================================== [ 14.302141] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.302409] Write of size 8 at addr ffff888102837228 by task kunit_try_catch/278 [ 14.303027] [ 14.303159] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.303205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.303217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.303239] Call Trace: [ 14.303256] <TASK> [ 14.303274] dump_stack_lvl+0x73/0xb0 [ 14.303303] print_report+0xd1/0x610 [ 14.303325] ? __virt_addr_valid+0x1db/0x2d0 [ 14.303349] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.303375] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.303399] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.303425] kasan_report+0x141/0x180 [ 14.303448] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.303481] kasan_check_range+0x10c/0x1c0 [ 14.303505] __kasan_check_write+0x18/0x20 [ 14.303525] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.303597] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.303625] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.303649] ? trace_hardirqs_on+0x37/0xe0 [ 14.303672] ? kasan_bitops_generic+0x92/0x1c0 [ 14.303701] kasan_bitops_generic+0x116/0x1c0 [ 14.303724] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.303750] ? __pfx_read_tsc+0x10/0x10 [ 14.303772] ? ktime_get_ts64+0x86/0x230 [ 14.303798] kunit_try_run_case+0x1a5/0x480 [ 14.303823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.303845] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.303870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.303906] ? __kthread_parkme+0x82/0x180 [ 14.303927] ? preempt_count_sub+0x50/0x80 [ 14.303952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.303976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.304008] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.304032] kthread+0x337/0x6f0 [ 14.304051] ? trace_preempt_on+0x20/0xc0 [ 14.304073] ? __pfx_kthread+0x10/0x10 [ 14.304094] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.304115] ? calculate_sigpending+0x7b/0xa0 [ 14.304141] ? __pfx_kthread+0x10/0x10 [ 14.304162] ret_from_fork+0x116/0x1d0 [ 14.304180] ? __pfx_kthread+0x10/0x10 [ 14.304200] ret_from_fork_asm+0x1a/0x30 [ 14.304232] </TASK> [ 14.304245] [ 14.313093] Allocated by task 278: [ 14.313271] kasan_save_stack+0x45/0x70 [ 14.313420] kasan_save_track+0x18/0x40 [ 14.313620] kasan_save_alloc_info+0x3b/0x50 [ 14.313829] __kasan_kmalloc+0xb7/0xc0 [ 14.314037] __kmalloc_cache_noprof+0x189/0x420 [ 14.314242] kasan_bitops_generic+0x92/0x1c0 [ 14.314416] kunit_try_run_case+0x1a5/0x480 [ 14.314614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.314822] kthread+0x337/0x6f0 [ 14.314955] ret_from_fork+0x116/0x1d0 [ 14.315089] ret_from_fork_asm+0x1a/0x30 [ 14.315228] [ 14.315298] The buggy address belongs to the object at ffff888102837220 [ 14.315298] which belongs to the cache kmalloc-16 of size 16 [ 14.315651] The buggy address is located 8 bytes inside of [ 14.315651] allocated 9-byte region [ffff888102837220, ffff888102837229) [ 14.316260] [ 14.316361] The buggy address belongs to the physical page: [ 14.316764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 14.317327] flags: 0x200000000000000(node=0|zone=2) [ 14.317662] page_type: f5(slab) [ 14.317837] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.318250] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.318482] page dumped because: kasan: bad access detected [ 14.319063] [ 14.319246] Memory state around the buggy address: [ 14.319431] ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 14.319925] ffff888102837180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.320148] >ffff888102837200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.320422] ^ [ 14.320751] ffff888102837280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.321196] ffff888102837300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.321600] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.188881] ================================================================== [ 14.189261] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.189614] Read of size 1 at addr ffff8881029b0850 by task kunit_try_catch/276 [ 14.189851] [ 14.189953] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.189995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.190007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.190028] Call Trace: [ 14.190042] <TASK> [ 14.190058] dump_stack_lvl+0x73/0xb0 [ 14.190083] print_report+0xd1/0x610 [ 14.190106] ? __virt_addr_valid+0x1db/0x2d0 [ 14.190130] ? strnlen+0x73/0x80 [ 14.190147] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.190171] ? strnlen+0x73/0x80 [ 14.190189] kasan_report+0x141/0x180 [ 14.190211] ? strnlen+0x73/0x80 [ 14.190234] __asan_report_load1_noabort+0x18/0x20 [ 14.190259] strnlen+0x73/0x80 [ 14.190278] kasan_strings+0x615/0xe80 [ 14.190297] ? trace_hardirqs_on+0x37/0xe0 [ 14.190321] ? __pfx_kasan_strings+0x10/0x10 [ 14.190341] ? finish_task_switch.isra.0+0x153/0x700 [ 14.190364] ? __switch_to+0x47/0xf50 [ 14.190390] ? __schedule+0x10cc/0x2b60 [ 14.190413] ? __pfx_read_tsc+0x10/0x10 [ 14.190433] ? ktime_get_ts64+0x86/0x230 [ 14.190458] kunit_try_run_case+0x1a5/0x480 [ 14.190482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.190504] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.190610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.190638] ? __kthread_parkme+0x82/0x180 [ 14.190659] ? preempt_count_sub+0x50/0x80 [ 14.190683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.190708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.190733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.190757] kthread+0x337/0x6f0 [ 14.190781] ? trace_preempt_on+0x20/0xc0 [ 14.190803] ? __pfx_kthread+0x10/0x10 [ 14.190824] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.190845] ? calculate_sigpending+0x7b/0xa0 [ 14.190869] ? __pfx_kthread+0x10/0x10 [ 14.190890] ret_from_fork+0x116/0x1d0 [ 14.190920] ? __pfx_kthread+0x10/0x10 [ 14.190941] ret_from_fork_asm+0x1a/0x30 [ 14.190973] </TASK> [ 14.190983] [ 14.199193] Allocated by task 276: [ 14.199327] kasan_save_stack+0x45/0x70 [ 14.199474] kasan_save_track+0x18/0x40 [ 14.199610] kasan_save_alloc_info+0x3b/0x50 [ 14.199759] __kasan_kmalloc+0xb7/0xc0 [ 14.199900] __kmalloc_cache_noprof+0x189/0x420 [ 14.200321] kasan_strings+0xc0/0xe80 [ 14.200518] kunit_try_run_case+0x1a5/0x480 [ 14.200861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.201167] kthread+0x337/0x6f0 [ 14.201301] ret_from_fork+0x116/0x1d0 [ 14.201434] ret_from_fork_asm+0x1a/0x30 [ 14.201728] [ 14.201827] Freed by task 276: [ 14.202005] kasan_save_stack+0x45/0x70 [ 14.202206] kasan_save_track+0x18/0x40 [ 14.202377] kasan_save_free_info+0x3f/0x60 [ 14.202631] __kasan_slab_free+0x56/0x70 [ 14.202781] kfree+0x222/0x3f0 [ 14.202909] kasan_strings+0x2aa/0xe80 [ 14.203229] kunit_try_run_case+0x1a5/0x480 [ 14.203433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.203779] kthread+0x337/0x6f0 [ 14.203949] ret_from_fork+0x116/0x1d0 [ 14.204134] ret_from_fork_asm+0x1a/0x30 [ 14.204334] [ 14.204413] The buggy address belongs to the object at ffff8881029b0840 [ 14.204413] which belongs to the cache kmalloc-32 of size 32 [ 14.204983] The buggy address is located 16 bytes inside of [ 14.204983] freed 32-byte region [ffff8881029b0840, ffff8881029b0860) [ 14.205517] [ 14.205674] The buggy address belongs to the physical page: [ 14.205887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b0 [ 14.206283] flags: 0x200000000000000(node=0|zone=2) [ 14.206502] page_type: f5(slab) [ 14.206733] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.207105] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.207411] page dumped because: kasan: bad access detected [ 14.207698] [ 14.207792] Memory state around the buggy address: [ 14.207987] ffff8881029b0700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.208280] ffff8881029b0780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.208736] >ffff8881029b0800: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.208978] ^ [ 14.209296] ffff8881029b0880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.209643] ffff8881029b0900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.210009] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.166143] ================================================================== [ 14.166493] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.166827] Read of size 1 at addr ffff8881029b0850 by task kunit_try_catch/276 [ 14.167165] [ 14.167280] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.167323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.167335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.167355] Call Trace: [ 14.167370] <TASK> [ 14.167384] dump_stack_lvl+0x73/0xb0 [ 14.167410] print_report+0xd1/0x610 [ 14.167433] ? __virt_addr_valid+0x1db/0x2d0 [ 14.167456] ? strlen+0x8f/0xb0 [ 14.167474] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.167499] ? strlen+0x8f/0xb0 [ 14.167517] kasan_report+0x141/0x180 [ 14.167590] ? strlen+0x8f/0xb0 [ 14.167614] __asan_report_load1_noabort+0x18/0x20 [ 14.167639] strlen+0x8f/0xb0 [ 14.167657] kasan_strings+0x57b/0xe80 [ 14.167677] ? trace_hardirqs_on+0x37/0xe0 [ 14.167701] ? __pfx_kasan_strings+0x10/0x10 [ 14.167721] ? finish_task_switch.isra.0+0x153/0x700 [ 14.167744] ? __switch_to+0x47/0xf50 [ 14.167771] ? __schedule+0x10cc/0x2b60 [ 14.167794] ? __pfx_read_tsc+0x10/0x10 [ 14.167814] ? ktime_get_ts64+0x86/0x230 [ 14.167839] kunit_try_run_case+0x1a5/0x480 [ 14.167863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.167886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.167923] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.167947] ? __kthread_parkme+0x82/0x180 [ 14.167968] ? preempt_count_sub+0x50/0x80 [ 14.168000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.168023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.168047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.168071] kthread+0x337/0x6f0 [ 14.168091] ? trace_preempt_on+0x20/0xc0 [ 14.168112] ? __pfx_kthread+0x10/0x10 [ 14.168133] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.168154] ? calculate_sigpending+0x7b/0xa0 [ 14.168178] ? __pfx_kthread+0x10/0x10 [ 14.168199] ret_from_fork+0x116/0x1d0 [ 14.168218] ? __pfx_kthread+0x10/0x10 [ 14.168238] ret_from_fork_asm+0x1a/0x30 [ 14.168271] </TASK> [ 14.168281] [ 14.176872] Allocated by task 276: [ 14.177016] kasan_save_stack+0x45/0x70 [ 14.177163] kasan_save_track+0x18/0x40 [ 14.177299] kasan_save_alloc_info+0x3b/0x50 [ 14.177448] __kasan_kmalloc+0xb7/0xc0 [ 14.177582] __kmalloc_cache_noprof+0x189/0x420 [ 14.177738] kasan_strings+0xc0/0xe80 [ 14.177929] kunit_try_run_case+0x1a5/0x480 [ 14.178136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.178389] kthread+0x337/0x6f0 [ 14.178786] ret_from_fork+0x116/0x1d0 [ 14.178998] ret_from_fork_asm+0x1a/0x30 [ 14.179207] [ 14.179300] Freed by task 276: [ 14.179459] kasan_save_stack+0x45/0x70 [ 14.179794] kasan_save_track+0x18/0x40 [ 14.179939] kasan_save_free_info+0x3f/0x60 [ 14.180085] __kasan_slab_free+0x56/0x70 [ 14.180220] kfree+0x222/0x3f0 [ 14.180335] kasan_strings+0x2aa/0xe80 [ 14.180467] kunit_try_run_case+0x1a5/0x480 [ 14.180847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.181318] kthread+0x337/0x6f0 [ 14.181489] ret_from_fork+0x116/0x1d0 [ 14.181922] ret_from_fork_asm+0x1a/0x30 [ 14.182327] [ 14.182431] The buggy address belongs to the object at ffff8881029b0840 [ 14.182431] which belongs to the cache kmalloc-32 of size 32 [ 14.183160] The buggy address is located 16 bytes inside of [ 14.183160] freed 32-byte region [ffff8881029b0840, ffff8881029b0860) [ 14.183693] [ 14.183791] The buggy address belongs to the physical page: [ 14.184047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b0 [ 14.184363] flags: 0x200000000000000(node=0|zone=2) [ 14.184718] page_type: f5(slab) [ 14.184866] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.185240] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.185597] page dumped because: kasan: bad access detected [ 14.185830] [ 14.185911] Memory state around the buggy address: [ 14.186220] ffff8881029b0700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.186520] ffff8881029b0780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.186804] >ffff8881029b0800: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.187277] ^ [ 14.187511] ffff8881029b0880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.187847] ffff8881029b0900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.188302] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.142396] ================================================================== [ 14.143178] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.143577] Read of size 1 at addr ffff8881029b0850 by task kunit_try_catch/276 [ 14.144293] [ 14.144490] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.144534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.144546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.144567] Call Trace: [ 14.144583] <TASK> [ 14.144599] dump_stack_lvl+0x73/0xb0 [ 14.144729] print_report+0xd1/0x610 [ 14.144755] ? __virt_addr_valid+0x1db/0x2d0 [ 14.144779] ? kasan_strings+0xcbc/0xe80 [ 14.144799] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.144823] ? kasan_strings+0xcbc/0xe80 [ 14.144844] kasan_report+0x141/0x180 [ 14.144866] ? kasan_strings+0xcbc/0xe80 [ 14.144903] __asan_report_load1_noabort+0x18/0x20 [ 14.144928] kasan_strings+0xcbc/0xe80 [ 14.144948] ? trace_hardirqs_on+0x37/0xe0 [ 14.144972] ? __pfx_kasan_strings+0x10/0x10 [ 14.145123] ? finish_task_switch.isra.0+0x153/0x700 [ 14.145149] ? __switch_to+0x47/0xf50 [ 14.145177] ? __schedule+0x10cc/0x2b60 [ 14.145199] ? __pfx_read_tsc+0x10/0x10 [ 14.145220] ? ktime_get_ts64+0x86/0x230 [ 14.145245] kunit_try_run_case+0x1a5/0x480 [ 14.145271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.145294] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.145318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.145342] ? __kthread_parkme+0x82/0x180 [ 14.145363] ? preempt_count_sub+0x50/0x80 [ 14.145387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.145420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.145445] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.145479] kthread+0x337/0x6f0 [ 14.145499] ? trace_preempt_on+0x20/0xc0 [ 14.145521] ? __pfx_kthread+0x10/0x10 [ 14.145540] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.145562] ? calculate_sigpending+0x7b/0xa0 [ 14.145629] ? __pfx_kthread+0x10/0x10 [ 14.145652] ret_from_fork+0x116/0x1d0 [ 14.145671] ? __pfx_kthread+0x10/0x10 [ 14.145691] ret_from_fork_asm+0x1a/0x30 [ 14.145724] </TASK> [ 14.145735] [ 14.154492] Allocated by task 276: [ 14.154935] kasan_save_stack+0x45/0x70 [ 14.155167] kasan_save_track+0x18/0x40 [ 14.155364] kasan_save_alloc_info+0x3b/0x50 [ 14.155588] __kasan_kmalloc+0xb7/0xc0 [ 14.155752] __kmalloc_cache_noprof+0x189/0x420 [ 14.155924] kasan_strings+0xc0/0xe80 [ 14.156056] kunit_try_run_case+0x1a5/0x480 [ 14.156202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.156524] kthread+0x337/0x6f0 [ 14.156690] ret_from_fork+0x116/0x1d0 [ 14.157104] ret_from_fork_asm+0x1a/0x30 [ 14.157316] [ 14.157411] Freed by task 276: [ 14.157661] kasan_save_stack+0x45/0x70 [ 14.157860] kasan_save_track+0x18/0x40 [ 14.158127] kasan_save_free_info+0x3f/0x60 [ 14.158274] __kasan_slab_free+0x56/0x70 [ 14.158433] kfree+0x222/0x3f0 [ 14.158734] kasan_strings+0x2aa/0xe80 [ 14.158953] kunit_try_run_case+0x1a5/0x480 [ 14.159171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.159393] kthread+0x337/0x6f0 [ 14.159620] ret_from_fork+0x116/0x1d0 [ 14.159783] ret_from_fork_asm+0x1a/0x30 [ 14.159960] [ 14.160153] The buggy address belongs to the object at ffff8881029b0840 [ 14.160153] which belongs to the cache kmalloc-32 of size 32 [ 14.160760] The buggy address is located 16 bytes inside of [ 14.160760] freed 32-byte region [ffff8881029b0840, ffff8881029b0860) [ 14.161301] [ 14.161397] The buggy address belongs to the physical page: [ 14.161572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b0 [ 14.161816] flags: 0x200000000000000(node=0|zone=2) [ 14.162035] page_type: f5(slab) [ 14.162277] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.162618] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.162977] page dumped because: kasan: bad access detected [ 14.163247] [ 14.163343] Memory state around the buggy address: [ 14.163591] ffff8881029b0700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.163869] ffff8881029b0780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.164215] >ffff8881029b0800: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.164511] ^ [ 14.164877] ffff8881029b0880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.165329] ffff8881029b0900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.165679] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.103258] ================================================================== [ 14.105807] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.106150] Read of size 1 at addr ffff8881029b0850 by task kunit_try_catch/276 [ 14.106911] [ 14.107189] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.107240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.107262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.107287] Call Trace: [ 14.107300] <TASK> [ 14.107318] dump_stack_lvl+0x73/0xb0 [ 14.107347] print_report+0xd1/0x610 [ 14.107382] ? __virt_addr_valid+0x1db/0x2d0 [ 14.107407] ? strcmp+0xb0/0xc0 [ 14.107424] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.107458] ? strcmp+0xb0/0xc0 [ 14.107476] kasan_report+0x141/0x180 [ 14.107499] ? strcmp+0xb0/0xc0 [ 14.107522] __asan_report_load1_noabort+0x18/0x20 [ 14.107558] strcmp+0xb0/0xc0 [ 14.107576] kasan_strings+0x431/0xe80 [ 14.107597] ? trace_hardirqs_on+0x37/0xe0 [ 14.107621] ? __pfx_kasan_strings+0x10/0x10 [ 14.107642] ? finish_task_switch.isra.0+0x153/0x700 [ 14.107665] ? __switch_to+0x47/0xf50 [ 14.107694] ? __schedule+0x10cc/0x2b60 [ 14.107717] ? __pfx_read_tsc+0x10/0x10 [ 14.107738] ? ktime_get_ts64+0x86/0x230 [ 14.107763] kunit_try_run_case+0x1a5/0x480 [ 14.107789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.107812] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.107836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.107859] ? __kthread_parkme+0x82/0x180 [ 14.107880] ? preempt_count_sub+0x50/0x80 [ 14.107913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.107937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.107961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.107985] kthread+0x337/0x6f0 [ 14.108004] ? trace_preempt_on+0x20/0xc0 [ 14.108026] ? __pfx_kthread+0x10/0x10 [ 14.108046] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.108068] ? calculate_sigpending+0x7b/0xa0 [ 14.108094] ? __pfx_kthread+0x10/0x10 [ 14.108115] ret_from_fork+0x116/0x1d0 [ 14.108133] ? __pfx_kthread+0x10/0x10 [ 14.108153] ret_from_fork_asm+0x1a/0x30 [ 14.108186] </TASK> [ 14.108198] [ 14.122318] Allocated by task 276: [ 14.122684] kasan_save_stack+0x45/0x70 [ 14.123124] kasan_save_track+0x18/0x40 [ 14.123269] kasan_save_alloc_info+0x3b/0x50 [ 14.123421] __kasan_kmalloc+0xb7/0xc0 [ 14.123613] __kmalloc_cache_noprof+0x189/0x420 [ 14.124068] kasan_strings+0xc0/0xe80 [ 14.124437] kunit_try_run_case+0x1a5/0x480 [ 14.125023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.125671] kthread+0x337/0x6f0 [ 14.125994] ret_from_fork+0x116/0x1d0 [ 14.126461] ret_from_fork_asm+0x1a/0x30 [ 14.127080] [ 14.127280] Freed by task 276: [ 14.127405] kasan_save_stack+0x45/0x70 [ 14.127601] kasan_save_track+0x18/0x40 [ 14.127985] kasan_save_free_info+0x3f/0x60 [ 14.128414] __kasan_slab_free+0x56/0x70 [ 14.128982] kfree+0x222/0x3f0 [ 14.129317] kasan_strings+0x2aa/0xe80 [ 14.129542] kunit_try_run_case+0x1a5/0x480 [ 14.129952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.130428] kthread+0x337/0x6f0 [ 14.130693] ret_from_fork+0x116/0x1d0 [ 14.131213] ret_from_fork_asm+0x1a/0x30 [ 14.131663] [ 14.131811] The buggy address belongs to the object at ffff8881029b0840 [ 14.131811] which belongs to the cache kmalloc-32 of size 32 [ 14.132442] The buggy address is located 16 bytes inside of [ 14.132442] freed 32-byte region [ffff8881029b0840, ffff8881029b0860) [ 14.133633] [ 14.133715] The buggy address belongs to the physical page: [ 14.133903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029b0 [ 14.134524] flags: 0x200000000000000(node=0|zone=2) [ 14.135113] page_type: f5(slab) [ 14.135434] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.136313] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.136917] page dumped because: kasan: bad access detected [ 14.137348] [ 14.137502] Memory state around the buggy address: [ 14.138021] ffff8881029b0700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.138506] ffff8881029b0780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.138732] >ffff8881029b0800: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.139461] ^ [ 14.140127] ffff8881029b0880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.141162] ffff8881029b0900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.141446] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.063007] ================================================================== [ 14.063549] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.064139] Read of size 1 at addr ffff888103ab9258 by task kunit_try_catch/274 [ 14.064867] [ 14.065151] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.065199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.065210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.065233] Call Trace: [ 14.065244] <TASK> [ 14.065261] dump_stack_lvl+0x73/0xb0 [ 14.065301] print_report+0xd1/0x610 [ 14.065325] ? __virt_addr_valid+0x1db/0x2d0 [ 14.065349] ? memcmp+0x1b4/0x1d0 [ 14.065377] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.065402] ? memcmp+0x1b4/0x1d0 [ 14.065419] kasan_report+0x141/0x180 [ 14.065441] ? memcmp+0x1b4/0x1d0 [ 14.065465] __asan_report_load1_noabort+0x18/0x20 [ 14.065489] memcmp+0x1b4/0x1d0 [ 14.065510] kasan_memcmp+0x18f/0x390 [ 14.065530] ? trace_hardirqs_on+0x37/0xe0 [ 14.065553] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.065575] ? finish_task_switch.isra.0+0x153/0x700 [ 14.065605] ? __switch_to+0x47/0xf50 [ 14.065636] ? __pfx_read_tsc+0x10/0x10 [ 14.065657] ? ktime_get_ts64+0x86/0x230 [ 14.065682] kunit_try_run_case+0x1a5/0x480 [ 14.065707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.065730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.065755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.065779] ? __kthread_parkme+0x82/0x180 [ 14.065799] ? preempt_count_sub+0x50/0x80 [ 14.065823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.065847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.065871] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.065905] kthread+0x337/0x6f0 [ 14.065925] ? trace_preempt_on+0x20/0xc0 [ 14.065947] ? __pfx_kthread+0x10/0x10 [ 14.065967] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.065989] ? calculate_sigpending+0x7b/0xa0 [ 14.066013] ? __pfx_kthread+0x10/0x10 [ 14.066035] ret_from_fork+0x116/0x1d0 [ 14.066054] ? __pfx_kthread+0x10/0x10 [ 14.066074] ret_from_fork_asm+0x1a/0x30 [ 14.066107] </TASK> [ 14.066118] [ 14.079516] Allocated by task 274: [ 14.079878] kasan_save_stack+0x45/0x70 [ 14.080296] kasan_save_track+0x18/0x40 [ 14.080758] kasan_save_alloc_info+0x3b/0x50 [ 14.081188] __kasan_kmalloc+0xb7/0xc0 [ 14.081545] __kmalloc_cache_noprof+0x189/0x420 [ 14.082032] kasan_memcmp+0xb7/0x390 [ 14.082167] kunit_try_run_case+0x1a5/0x480 [ 14.082314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.082490] kthread+0x337/0x6f0 [ 14.082837] ret_from_fork+0x116/0x1d0 [ 14.083226] ret_from_fork_asm+0x1a/0x30 [ 14.083789] [ 14.083993] The buggy address belongs to the object at ffff888103ab9240 [ 14.083993] which belongs to the cache kmalloc-32 of size 32 [ 14.085176] The buggy address is located 0 bytes to the right of [ 14.085176] allocated 24-byte region [ffff888103ab9240, ffff888103ab9258) [ 14.086334] [ 14.086413] The buggy address belongs to the physical page: [ 14.086798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ab9 [ 14.087602] flags: 0x200000000000000(node=0|zone=2) [ 14.087771] page_type: f5(slab) [ 14.087903] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.088585] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.089373] page dumped because: kasan: bad access detected [ 14.089995] [ 14.090221] Memory state around the buggy address: [ 14.090858] ffff888103ab9100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.091185] ffff888103ab9180: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.091936] >ffff888103ab9200: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.092691] ^ [ 14.093194] ffff888103ab9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.093413] ffff888103ab9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.093700] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.038825] ================================================================== [ 14.039391] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.039762] Read of size 1 at addr ffff888103a67c4a by task kunit_try_catch/270 [ 14.040194] [ 14.040320] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.040377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.040389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.040420] Call Trace: [ 14.040433] <TASK> [ 14.040448] dump_stack_lvl+0x73/0xb0 [ 14.040478] print_report+0xd1/0x610 [ 14.040512] ? __virt_addr_valid+0x1db/0x2d0 [ 14.040536] ? kasan_alloca_oob_right+0x329/0x390 [ 14.040559] ? kasan_addr_to_slab+0x11/0xa0 [ 14.040580] ? kasan_alloca_oob_right+0x329/0x390 [ 14.040645] kasan_report+0x141/0x180 [ 14.040667] ? kasan_alloca_oob_right+0x329/0x390 [ 14.040726] __asan_report_load1_noabort+0x18/0x20 [ 14.040753] kasan_alloca_oob_right+0x329/0x390 [ 14.040778] ? finish_task_switch.isra.0+0x153/0x700 [ 14.040803] ? __schedule+0x100e/0x2b60 [ 14.040825] ? trace_hardirqs_on+0x37/0xe0 [ 14.040851] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.040878] ? __schedule+0x10cc/0x2b60 [ 14.040909] ? __pfx_read_tsc+0x10/0x10 [ 14.040931] ? ktime_get_ts64+0x86/0x230 [ 14.040968] kunit_try_run_case+0x1a5/0x480 [ 14.040995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.041017] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.041055] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.041079] ? __kthread_parkme+0x82/0x180 [ 14.041111] ? preempt_count_sub+0x50/0x80 [ 14.041135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.041158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.041183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.041208] kthread+0x337/0x6f0 [ 14.041227] ? trace_preempt_on+0x20/0xc0 [ 14.041249] ? __pfx_kthread+0x10/0x10 [ 14.041269] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.041290] ? calculate_sigpending+0x7b/0xa0 [ 14.041315] ? __pfx_kthread+0x10/0x10 [ 14.041337] ret_from_fork+0x116/0x1d0 [ 14.041357] ? __pfx_kthread+0x10/0x10 [ 14.041376] ret_from_fork_asm+0x1a/0x30 [ 14.041409] </TASK> [ 14.041420] [ 14.050052] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.050401] [ 14.050497] The buggy address belongs to the physical page: [ 14.050754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a67 [ 14.051187] flags: 0x200000000000000(node=0|zone=2) [ 14.051443] raw: 0200000000000000 ffffea00040e99c8 ffffea00040e99c8 0000000000000000 [ 14.051942] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.052394] page dumped because: kasan: bad access detected [ 14.052689] [ 14.052806] Memory state around the buggy address: [ 14.053016] ffff888103a67b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.053330] ffff888103a67b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.053807] >ffff888103a67c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.054205] ^ [ 14.054391] ffff888103a67c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.054627] ffff888103a67d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.055052] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.019993] ================================================================== [ 14.020486] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.020909] Read of size 1 at addr ffff888103b1fc3f by task kunit_try_catch/268 [ 14.021247] [ 14.021423] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.021469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.021480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.021503] Call Trace: [ 14.021514] <TASK> [ 14.021529] dump_stack_lvl+0x73/0xb0 [ 14.021559] print_report+0xd1/0x610 [ 14.021594] ? __virt_addr_valid+0x1db/0x2d0 [ 14.021618] ? kasan_alloca_oob_left+0x320/0x380 [ 14.021640] ? kasan_addr_to_slab+0x11/0xa0 [ 14.021672] ? kasan_alloca_oob_left+0x320/0x380 [ 14.021704] kasan_report+0x141/0x180 [ 14.021726] ? kasan_alloca_oob_left+0x320/0x380 [ 14.021766] __asan_report_load1_noabort+0x18/0x20 [ 14.021791] kasan_alloca_oob_left+0x320/0x380 [ 14.021816] ? finish_task_switch.isra.0+0x153/0x700 [ 14.021841] ? __schedule+0x100e/0x2b60 [ 14.021863] ? trace_hardirqs_on+0x37/0xe0 [ 14.021889] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.021922] ? __kasan_check_write+0x18/0x20 [ 14.021950] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.021978] ? trace_hardirqs_on+0x37/0xe0 [ 14.021999] ? __pfx_read_tsc+0x10/0x10 [ 14.022032] ? ktime_get_ts64+0x86/0x230 [ 14.022065] kunit_try_run_case+0x1a5/0x480 [ 14.022091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.022116] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.022139] ? __kthread_parkme+0x82/0x180 [ 14.022170] ? preempt_count_sub+0x50/0x80 [ 14.022194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.022218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.022253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.022277] kthread+0x337/0x6f0 [ 14.022298] ? trace_preempt_on+0x20/0xc0 [ 14.022320] ? __pfx_kthread+0x10/0x10 [ 14.022340] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.022361] ? calculate_sigpending+0x7b/0xa0 [ 14.022387] ? __pfx_kthread+0x10/0x10 [ 14.022408] ret_from_fork+0x116/0x1d0 [ 14.022427] ? __pfx_kthread+0x10/0x10 [ 14.022449] ret_from_fork_asm+0x1a/0x30 [ 14.022482] </TASK> [ 14.022493] [ 14.030502] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.030731] [ 14.030808] The buggy address belongs to the physical page: [ 14.030995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b1f [ 14.031355] flags: 0x200000000000000(node=0|zone=2) [ 14.031625] raw: 0200000000000000 ffffea00040ec7c8 ffffea00040ec7c8 0000000000000000 [ 14.031925] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.032152] page dumped because: kasan: bad access detected [ 14.032474] [ 14.032638] Memory state around the buggy address: [ 14.032889] ffff888103b1fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.033214] ffff888103b1fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.033525] >ffff888103b1fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.033750] ^ [ 14.033920] ffff888103b1fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.034136] ffff888103b1fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.034603] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.770288] ================================================================== [ 11.771020] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.771347] Read of size 1 at addr ffff888103a80000 by task kunit_try_catch/171 [ 11.771922] [ 11.772030] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.772078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.772089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.772111] Call Trace: [ 11.772122] <TASK> [ 11.772138] dump_stack_lvl+0x73/0xb0 [ 11.772168] print_report+0xd1/0x610 [ 11.772191] ? __virt_addr_valid+0x1db/0x2d0 [ 11.772215] ? page_alloc_uaf+0x356/0x3d0 [ 11.772237] ? kasan_addr_to_slab+0x11/0xa0 [ 11.772257] ? page_alloc_uaf+0x356/0x3d0 [ 11.772279] kasan_report+0x141/0x180 [ 11.772300] ? page_alloc_uaf+0x356/0x3d0 [ 11.772327] __asan_report_load1_noabort+0x18/0x20 [ 11.772352] page_alloc_uaf+0x356/0x3d0 [ 11.772373] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.772394] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.772419] ? trace_hardirqs_on+0x37/0xe0 [ 11.772442] ? __pfx_read_tsc+0x10/0x10 [ 11.772462] ? ktime_get_ts64+0x86/0x230 [ 11.772486] kunit_try_run_case+0x1a5/0x480 [ 11.772511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.772590] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.772616] ? __kthread_parkme+0x82/0x180 [ 11.772636] ? preempt_count_sub+0x50/0x80 [ 11.772661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.772684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.772708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.772731] kthread+0x337/0x6f0 [ 11.772749] ? trace_preempt_on+0x20/0xc0 [ 11.772771] ? __pfx_kthread+0x10/0x10 [ 11.772790] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.772811] ? calculate_sigpending+0x7b/0xa0 [ 11.772835] ? __pfx_kthread+0x10/0x10 [ 11.772855] ret_from_fork+0x116/0x1d0 [ 11.772874] ? __pfx_kthread+0x10/0x10 [ 11.772906] ret_from_fork_asm+0x1a/0x30 [ 11.772939] </TASK> [ 11.772950] [ 11.780449] The buggy address belongs to the physical page: [ 11.780952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a80 [ 11.781328] flags: 0x200000000000000(node=0|zone=2) [ 11.781652] page_type: f0(buddy) [ 11.781827] raw: 0200000000000000 ffff88817fffc538 ffff88817fffc538 0000000000000000 [ 11.782148] raw: 0000000000000000 0000000000000007 00000000f0000000 0000000000000000 [ 11.782374] page dumped because: kasan: bad access detected [ 11.782717] [ 11.782822] Memory state around the buggy address: [ 11.783173] ffff888103a7ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.783420] ffff888103a7ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.783663] >ffff888103a80000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.784104] ^ [ 11.784266] ffff888103a80080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.784818] ffff888103a80100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.785169] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.735572] ================================================================== [ 11.736068] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.736372] Free of addr ffff8881039d8001 by task kunit_try_catch/167 [ 11.736820] [ 11.736935] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.736979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.736991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.737012] Call Trace: [ 11.737024] <TASK> [ 11.737041] dump_stack_lvl+0x73/0xb0 [ 11.737071] print_report+0xd1/0x610 [ 11.737094] ? __virt_addr_valid+0x1db/0x2d0 [ 11.737129] ? kasan_addr_to_slab+0x11/0xa0 [ 11.737149] ? kfree+0x274/0x3f0 [ 11.737170] kasan_report_invalid_free+0x10a/0x130 [ 11.737194] ? kfree+0x274/0x3f0 [ 11.737217] ? kfree+0x274/0x3f0 [ 11.737237] __kasan_kfree_large+0x86/0xd0 [ 11.737257] free_large_kmalloc+0x4b/0x110 [ 11.737280] kfree+0x274/0x3f0 [ 11.737305] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.737328] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.737351] ? __schedule+0x10cc/0x2b60 [ 11.737373] ? __pfx_read_tsc+0x10/0x10 [ 11.737394] ? ktime_get_ts64+0x86/0x230 [ 11.737419] kunit_try_run_case+0x1a5/0x480 [ 11.737444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.737465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.737488] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.737511] ? __kthread_parkme+0x82/0x180 [ 11.737532] ? preempt_count_sub+0x50/0x80 [ 11.737556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.737579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.737603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.737626] kthread+0x337/0x6f0 [ 11.737645] ? trace_preempt_on+0x20/0xc0 [ 11.737730] ? __pfx_kthread+0x10/0x10 [ 11.737752] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.737774] ? calculate_sigpending+0x7b/0xa0 [ 11.737798] ? __pfx_kthread+0x10/0x10 [ 11.737818] ret_from_fork+0x116/0x1d0 [ 11.737837] ? __pfx_kthread+0x10/0x10 [ 11.737856] ret_from_fork_asm+0x1a/0x30 [ 11.737889] </TASK> [ 11.737911] [ 11.750965] The buggy address belongs to the physical page: [ 11.751443] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d8 [ 11.752365] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.752824] flags: 0x200000000000040(head|node=0|zone=2) [ 11.753351] page_type: f8(unknown) [ 11.753564] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.754275] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.755030] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.755318] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.755721] head: 0200000000000002 ffffea00040e7601 00000000ffffffff 00000000ffffffff [ 11.756629] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.757434] page dumped because: kasan: bad access detected [ 11.757994] [ 11.758154] Memory state around the buggy address: [ 11.758634] ffff8881039d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.758953] ffff8881039d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.759190] >ffff8881039d8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.759403] ^ [ 11.759520] ffff8881039d8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.759737] ffff8881039d8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.760091] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.717262] ================================================================== [ 11.718012] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.718321] Read of size 1 at addr ffff8881039d8000 by task kunit_try_catch/165 [ 11.718734] [ 11.718850] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.718907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.718918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.718939] Call Trace: [ 11.718951] <TASK> [ 11.718967] dump_stack_lvl+0x73/0xb0 [ 11.718998] print_report+0xd1/0x610 [ 11.719020] ? __virt_addr_valid+0x1db/0x2d0 [ 11.719043] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.719063] ? kasan_addr_to_slab+0x11/0xa0 [ 11.719083] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.719116] kasan_report+0x141/0x180 [ 11.719138] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.719164] __asan_report_load1_noabort+0x18/0x20 [ 11.719188] kmalloc_large_uaf+0x2f1/0x340 [ 11.719209] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.719230] ? __schedule+0x10cc/0x2b60 [ 11.719252] ? __pfx_read_tsc+0x10/0x10 [ 11.719273] ? ktime_get_ts64+0x86/0x230 [ 11.719298] kunit_try_run_case+0x1a5/0x480 [ 11.719323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.719344] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.719368] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.719391] ? __kthread_parkme+0x82/0x180 [ 11.719411] ? preempt_count_sub+0x50/0x80 [ 11.719435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.719459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.719482] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.719506] kthread+0x337/0x6f0 [ 11.719524] ? trace_preempt_on+0x20/0xc0 [ 11.719558] ? __pfx_kthread+0x10/0x10 [ 11.719578] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.719599] ? calculate_sigpending+0x7b/0xa0 [ 11.719623] ? __pfx_kthread+0x10/0x10 [ 11.719643] ret_from_fork+0x116/0x1d0 [ 11.719661] ? __pfx_kthread+0x10/0x10 [ 11.719681] ret_from_fork_asm+0x1a/0x30 [ 11.719713] </TASK> [ 11.719724] [ 11.727624] The buggy address belongs to the physical page: [ 11.727902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d8 [ 11.728168] flags: 0x200000000000000(node=0|zone=2) [ 11.728344] raw: 0200000000000000 ffffea00040e7708 ffff88815b139f80 0000000000000000 [ 11.729059] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.729401] page dumped because: kasan: bad access detected [ 11.729577] [ 11.729674] Memory state around the buggy address: [ 11.730129] ffff8881039d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.730384] ffff8881039d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.730886] >ffff8881039d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.731190] ^ [ 11.731346] ffff8881039d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.731684] ffff8881039d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.731986] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.695619] ================================================================== [ 11.696254] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.696506] Write of size 1 at addr ffff8881039da00a by task kunit_try_catch/163 [ 11.697386] [ 11.697716] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.697765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.697775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.697835] Call Trace: [ 11.697847] <TASK> [ 11.697863] dump_stack_lvl+0x73/0xb0 [ 11.697915] print_report+0xd1/0x610 [ 11.697938] ? __virt_addr_valid+0x1db/0x2d0 [ 11.697961] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.697983] ? kasan_addr_to_slab+0x11/0xa0 [ 11.698002] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.698024] kasan_report+0x141/0x180 [ 11.698046] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.698106] __asan_report_store1_noabort+0x1b/0x30 [ 11.698131] kmalloc_large_oob_right+0x2e9/0x330 [ 11.698153] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.698188] ? __schedule+0x10cc/0x2b60 [ 11.698209] ? __pfx_read_tsc+0x10/0x10 [ 11.698230] ? ktime_get_ts64+0x86/0x230 [ 11.698255] kunit_try_run_case+0x1a5/0x480 [ 11.698279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.698301] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.698324] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.698347] ? __kthread_parkme+0x82/0x180 [ 11.698367] ? preempt_count_sub+0x50/0x80 [ 11.698391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.698415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.698438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.698461] kthread+0x337/0x6f0 [ 11.698479] ? trace_preempt_on+0x20/0xc0 [ 11.698503] ? __pfx_kthread+0x10/0x10 [ 11.698522] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.698558] ? calculate_sigpending+0x7b/0xa0 [ 11.698582] ? __pfx_kthread+0x10/0x10 [ 11.698603] ret_from_fork+0x116/0x1d0 [ 11.698620] ? __pfx_kthread+0x10/0x10 [ 11.698640] ret_from_fork_asm+0x1a/0x30 [ 11.698672] </TASK> [ 11.698683] [ 11.708021] The buggy address belongs to the physical page: [ 11.708254] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d8 [ 11.708546] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.708776] flags: 0x200000000000040(head|node=0|zone=2) [ 11.708980] page_type: f8(unknown) [ 11.709142] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.709488] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.710003] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.710254] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.710627] head: 0200000000000002 ffffea00040e7601 00000000ffffffff 00000000ffffffff [ 11.710911] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.711361] page dumped because: kasan: bad access detected [ 11.711688] [ 11.711772] Memory state around the buggy address: [ 11.711975] ffff8881039d9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.712281] ffff8881039d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.712517] >ffff8881039da000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.712837] ^ [ 11.713039] ffff8881039da080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.713331] ffff8881039da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.713822] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.658852] ================================================================== [ 11.660128] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 11.660871] Write of size 1 at addr ffff888102bc1f00 by task kunit_try_catch/161 [ 11.661567] [ 11.661778] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.661839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.661849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.661872] Call Trace: [ 11.661884] <TASK> [ 11.661912] dump_stack_lvl+0x73/0xb0 [ 11.661943] print_report+0xd1/0x610 [ 11.661984] ? __virt_addr_valid+0x1db/0x2d0 [ 11.662009] ? kmalloc_big_oob_right+0x316/0x370 [ 11.662031] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.662053] ? kmalloc_big_oob_right+0x316/0x370 [ 11.662075] kasan_report+0x141/0x180 [ 11.662097] ? kmalloc_big_oob_right+0x316/0x370 [ 11.662124] __asan_report_store1_noabort+0x1b/0x30 [ 11.662149] kmalloc_big_oob_right+0x316/0x370 [ 11.662171] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.662194] ? __schedule+0x10cc/0x2b60 [ 11.662217] ? __pfx_read_tsc+0x10/0x10 [ 11.662238] ? ktime_get_ts64+0x86/0x230 [ 11.662264] kunit_try_run_case+0x1a5/0x480 [ 11.662289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.662311] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.662335] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.662358] ? __kthread_parkme+0x82/0x180 [ 11.662379] ? preempt_count_sub+0x50/0x80 [ 11.662404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.662427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.662450] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.662474] kthread+0x337/0x6f0 [ 11.662492] ? trace_preempt_on+0x20/0xc0 [ 11.662531] ? __pfx_kthread+0x10/0x10 [ 11.662553] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.662575] ? calculate_sigpending+0x7b/0xa0 [ 11.662600] ? __pfx_kthread+0x10/0x10 [ 11.662620] ret_from_fork+0x116/0x1d0 [ 11.662638] ? __pfx_kthread+0x10/0x10 [ 11.662659] ret_from_fork_asm+0x1a/0x30 [ 11.662692] </TASK> [ 11.662703] [ 11.673382] Allocated by task 161: [ 11.673736] kasan_save_stack+0x45/0x70 [ 11.674223] kasan_save_track+0x18/0x40 [ 11.674653] kasan_save_alloc_info+0x3b/0x50 [ 11.675212] __kasan_kmalloc+0xb7/0xc0 [ 11.675608] __kmalloc_cache_noprof+0x189/0x420 [ 11.676054] kmalloc_big_oob_right+0xa9/0x370 [ 11.676556] kunit_try_run_case+0x1a5/0x480 [ 11.677063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.677644] kthread+0x337/0x6f0 [ 11.678033] ret_from_fork+0x116/0x1d0 [ 11.678384] ret_from_fork_asm+0x1a/0x30 [ 11.678778] [ 11.679007] The buggy address belongs to the object at ffff888102bc0000 [ 11.679007] which belongs to the cache kmalloc-8k of size 8192 [ 11.680500] The buggy address is located 0 bytes to the right of [ 11.680500] allocated 7936-byte region [ffff888102bc0000, ffff888102bc1f00) [ 11.681755] [ 11.681949] The buggy address belongs to the physical page: [ 11.682509] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bc0 [ 11.683016] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.683812] flags: 0x200000000000040(head|node=0|zone=2) [ 11.684067] page_type: f5(slab) [ 11.684372] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.685057] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.685462] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.685966] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.686548] head: 0200000000000003 ffffea00040af001 00000000ffffffff 00000000ffffffff [ 11.686951] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.687788] page dumped because: kasan: bad access detected [ 11.688365] [ 11.688565] Memory state around the buggy address: [ 11.688727] ffff888102bc1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.688948] ffff888102bc1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.689573] >ffff888102bc1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.690320] ^ [ 11.690646] ffff888102bc1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.691394] ffff888102bc2000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.692300] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.630753] ================================================================== [ 11.631483] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.631912] Write of size 1 at addr ffff888102e24278 by task kunit_try_catch/159 [ 11.632371] [ 11.632460] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.632520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.632531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.632585] Call Trace: [ 11.632597] <TASK> [ 11.632614] dump_stack_lvl+0x73/0xb0 [ 11.632654] print_report+0xd1/0x610 [ 11.632676] ? __virt_addr_valid+0x1db/0x2d0 [ 11.632727] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.632752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.632774] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.632811] kasan_report+0x141/0x180 [ 11.632832] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.632863] __asan_report_store1_noabort+0x1b/0x30 [ 11.632887] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.632921] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.632947] ? __schedule+0x10cc/0x2b60 [ 11.632969] ? __pfx_read_tsc+0x10/0x10 [ 11.633001] ? ktime_get_ts64+0x86/0x230 [ 11.633026] kunit_try_run_case+0x1a5/0x480 [ 11.633050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.633072] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.633096] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.633119] ? __kthread_parkme+0x82/0x180 [ 11.633139] ? preempt_count_sub+0x50/0x80 [ 11.633163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.633186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.633209] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.633233] kthread+0x337/0x6f0 [ 11.633251] ? trace_preempt_on+0x20/0xc0 [ 11.633275] ? __pfx_kthread+0x10/0x10 [ 11.633295] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.633316] ? calculate_sigpending+0x7b/0xa0 [ 11.633340] ? __pfx_kthread+0x10/0x10 [ 11.633361] ret_from_fork+0x116/0x1d0 [ 11.633379] ? __pfx_kthread+0x10/0x10 [ 11.633399] ret_from_fork_asm+0x1a/0x30 [ 11.633431] </TASK> [ 11.633440] [ 11.642867] Allocated by task 159: [ 11.643604] kasan_save_stack+0x45/0x70 [ 11.643803] kasan_save_track+0x18/0x40 [ 11.644146] kasan_save_alloc_info+0x3b/0x50 [ 11.644390] __kasan_kmalloc+0xb7/0xc0 [ 11.644688] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.645130] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.645497] kunit_try_run_case+0x1a5/0x480 [ 11.645695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.646172] kthread+0x337/0x6f0 [ 11.646356] ret_from_fork+0x116/0x1d0 [ 11.646511] ret_from_fork_asm+0x1a/0x30 [ 11.646723] [ 11.646823] The buggy address belongs to the object at ffff888102e24200 [ 11.646823] which belongs to the cache kmalloc-128 of size 128 [ 11.647440] The buggy address is located 0 bytes to the right of [ 11.647440] allocated 120-byte region [ffff888102e24200, ffff888102e24278) [ 11.648007] [ 11.648558] The buggy address belongs to the physical page: [ 11.648763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e24 [ 11.649566] flags: 0x200000000000000(node=0|zone=2) [ 11.649747] page_type: f5(slab) [ 11.649872] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.650124] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.650354] page dumped because: kasan: bad access detected [ 11.650526] [ 11.650597] Memory state around the buggy address: [ 11.650755] ffff888102e24100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.651246] ffff888102e24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.651882] >ffff888102e24200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.652539] ^ [ 11.653179] ffff888102e24280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.653788] ffff888102e24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.654417] ================================================================== [ 11.607635] ================================================================== [ 11.608736] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.609558] Write of size 1 at addr ffff888102e24178 by task kunit_try_catch/159 [ 11.610441] [ 11.610647] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.610697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.610708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.610730] Call Trace: [ 11.610741] <TASK> [ 11.610759] dump_stack_lvl+0x73/0xb0 [ 11.610799] print_report+0xd1/0x610 [ 11.610820] ? __virt_addr_valid+0x1db/0x2d0 [ 11.610843] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.610868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.610901] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.610926] kasan_report+0x141/0x180 [ 11.610948] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.610979] __asan_report_store1_noabort+0x1b/0x30 [ 11.611032] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.611057] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.611094] ? __schedule+0x10cc/0x2b60 [ 11.611117] ? __pfx_read_tsc+0x10/0x10 [ 11.611137] ? ktime_get_ts64+0x86/0x230 [ 11.611162] kunit_try_run_case+0x1a5/0x480 [ 11.611186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.611208] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.611231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.611254] ? __kthread_parkme+0x82/0x180 [ 11.611275] ? preempt_count_sub+0x50/0x80 [ 11.611299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.611323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.611346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.611369] kthread+0x337/0x6f0 [ 11.611387] ? trace_preempt_on+0x20/0xc0 [ 11.611410] ? __pfx_kthread+0x10/0x10 [ 11.611430] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.611451] ? calculate_sigpending+0x7b/0xa0 [ 11.611475] ? __pfx_kthread+0x10/0x10 [ 11.611496] ret_from_fork+0x116/0x1d0 [ 11.611515] ? __pfx_kthread+0x10/0x10 [ 11.611534] ret_from_fork_asm+0x1a/0x30 [ 11.611567] </TASK> [ 11.611577] [ 11.620564] Allocated by task 159: [ 11.620726] kasan_save_stack+0x45/0x70 [ 11.620880] kasan_save_track+0x18/0x40 [ 11.621064] kasan_save_alloc_info+0x3b/0x50 [ 11.621296] __kasan_kmalloc+0xb7/0xc0 [ 11.621487] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.621754] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.622062] kunit_try_run_case+0x1a5/0x480 [ 11.622295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.622474] kthread+0x337/0x6f0 [ 11.622597] ret_from_fork+0x116/0x1d0 [ 11.622793] ret_from_fork_asm+0x1a/0x30 [ 11.623034] [ 11.623142] The buggy address belongs to the object at ffff888102e24100 [ 11.623142] which belongs to the cache kmalloc-128 of size 128 [ 11.623655] The buggy address is located 0 bytes to the right of [ 11.623655] allocated 120-byte region [ffff888102e24100, ffff888102e24178) [ 11.624223] [ 11.624298] The buggy address belongs to the physical page: [ 11.624503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102e24 [ 11.624860] flags: 0x200000000000000(node=0|zone=2) [ 11.625498] page_type: f5(slab) [ 11.626063] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.626807] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.627265] page dumped because: kasan: bad access detected [ 11.627476] [ 11.627607] Memory state around the buggy address: [ 11.627831] ffff888102e24000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.628221] ffff888102e24080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.628520] >ffff888102e24100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.628871] ^ [ 11.629261] ffff888102e24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.629592] ffff888102e24200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.629854] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.564667] ================================================================== [ 11.566117] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.566607] Read of size 1 at addr ffff888102b45000 by task kunit_try_catch/157 [ 11.566844] [ 11.566965] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.567116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.567128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.567152] Call Trace: [ 11.567165] <TASK> [ 11.567186] dump_stack_lvl+0x73/0xb0 [ 11.567220] print_report+0xd1/0x610 [ 11.567242] ? __virt_addr_valid+0x1db/0x2d0 [ 11.567266] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.567289] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.567311] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.567334] kasan_report+0x141/0x180 [ 11.567356] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.567384] __asan_report_load1_noabort+0x18/0x20 [ 11.567408] kmalloc_node_oob_right+0x369/0x3c0 [ 11.567432] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.567456] ? __schedule+0x10cc/0x2b60 [ 11.567478] ? __pfx_read_tsc+0x10/0x10 [ 11.567499] ? ktime_get_ts64+0x86/0x230 [ 11.567525] kunit_try_run_case+0x1a5/0x480 [ 11.567550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.567572] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.567595] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.567619] ? __kthread_parkme+0x82/0x180 [ 11.567640] ? preempt_count_sub+0x50/0x80 [ 11.567664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.567688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.567711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.567734] kthread+0x337/0x6f0 [ 11.567752] ? trace_preempt_on+0x20/0xc0 [ 11.567776] ? __pfx_kthread+0x10/0x10 [ 11.567795] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.567816] ? calculate_sigpending+0x7b/0xa0 [ 11.567840] ? __pfx_kthread+0x10/0x10 [ 11.567860] ret_from_fork+0x116/0x1d0 [ 11.567878] ? __pfx_kthread+0x10/0x10 [ 11.567913] ret_from_fork_asm+0x1a/0x30 [ 11.567946] </TASK> [ 11.567957] [ 11.583766] Allocated by task 157: [ 11.584380] kasan_save_stack+0x45/0x70 [ 11.584968] kasan_save_track+0x18/0x40 [ 11.585358] kasan_save_alloc_info+0x3b/0x50 [ 11.585584] __kasan_kmalloc+0xb7/0xc0 [ 11.586222] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.586401] kmalloc_node_oob_right+0xab/0x3c0 [ 11.586839] kunit_try_run_case+0x1a5/0x480 [ 11.587591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.588156] kthread+0x337/0x6f0 [ 11.588542] ret_from_fork+0x116/0x1d0 [ 11.588714] ret_from_fork_asm+0x1a/0x30 [ 11.588888] [ 11.589203] The buggy address belongs to the object at ffff888102b44000 [ 11.589203] which belongs to the cache kmalloc-4k of size 4096 [ 11.590403] The buggy address is located 0 bytes to the right of [ 11.590403] allocated 4096-byte region [ffff888102b44000, ffff888102b45000) [ 11.591567] [ 11.591738] The buggy address belongs to the physical page: [ 11.592483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b40 [ 11.593222] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.593469] flags: 0x200000000000040(head|node=0|zone=2) [ 11.594240] page_type: f5(slab) [ 11.594629] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.595717] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.596735] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.597662] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.598586] head: 0200000000000003 ffffea00040ad001 00000000ffffffff 00000000ffffffff [ 11.599232] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.599482] page dumped because: kasan: bad access detected [ 11.600105] [ 11.600266] Memory state around the buggy address: [ 11.600856] ffff888102b44f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.601577] ffff888102b44f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.601846] >ffff888102b45000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.602510] ^ [ 11.602865] ffff888102b45080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.603623] ffff888102b45100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.604139] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.529827] ================================================================== [ 11.531171] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.531875] Read of size 1 at addr ffff88810283717f by task kunit_try_catch/155 [ 11.532541] [ 11.532643] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.532690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.532701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.532724] Call Trace: [ 11.532738] <TASK> [ 11.532757] dump_stack_lvl+0x73/0xb0 [ 11.532790] print_report+0xd1/0x610 [ 11.532813] ? __virt_addr_valid+0x1db/0x2d0 [ 11.532838] ? kmalloc_oob_left+0x361/0x3c0 [ 11.532858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.532881] ? kmalloc_oob_left+0x361/0x3c0 [ 11.532916] kasan_report+0x141/0x180 [ 11.532938] ? kmalloc_oob_left+0x361/0x3c0 [ 11.532965] __asan_report_load1_noabort+0x18/0x20 [ 11.532999] kmalloc_oob_left+0x361/0x3c0 [ 11.533020] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.533042] ? __schedule+0x10cc/0x2b60 [ 11.533065] ? __pfx_read_tsc+0x10/0x10 [ 11.533087] ? ktime_get_ts64+0x86/0x230 [ 11.533114] kunit_try_run_case+0x1a5/0x480 [ 11.533163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.533185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.533210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.533233] ? __kthread_parkme+0x82/0x180 [ 11.533254] ? preempt_count_sub+0x50/0x80 [ 11.533279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.533302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.533326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.533349] kthread+0x337/0x6f0 [ 11.533368] ? trace_preempt_on+0x20/0xc0 [ 11.533392] ? __pfx_kthread+0x10/0x10 [ 11.533412] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.533433] ? calculate_sigpending+0x7b/0xa0 [ 11.533457] ? __pfx_kthread+0x10/0x10 [ 11.533478] ret_from_fork+0x116/0x1d0 [ 11.533497] ? __pfx_kthread+0x10/0x10 [ 11.533516] ret_from_fork_asm+0x1a/0x30 [ 11.533549] </TASK> [ 11.533560] [ 11.548740] Allocated by task 1: [ 11.548886] kasan_save_stack+0x45/0x70 [ 11.549061] kasan_save_track+0x18/0x40 [ 11.549196] kasan_save_alloc_info+0x3b/0x50 [ 11.549345] __kasan_kmalloc+0xb7/0xc0 [ 11.549477] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.549659] kvasprintf+0xc5/0x150 [ 11.549783] __kthread_create_on_node+0x18b/0x3a0 [ 11.550073] kthread_create_on_node+0xab/0xe0 [ 11.550444] create_worker+0x3e5/0x7b0 [ 11.550782] alloc_unbound_pwq+0x8ea/0xdb0 [ 11.551167] apply_wqattrs_prepare+0x332/0xd20 [ 11.551564] apply_workqueue_attrs_locked+0x4d/0xa0 [ 11.552006] alloc_workqueue+0xcc7/0x1ad0 [ 11.552424] latency_fsnotify_init+0x1b/0x50 [ 11.552819] do_one_initcall+0xd8/0x370 [ 11.553223] kernel_init_freeable+0x420/0x6f0 [ 11.553710] kernel_init+0x23/0x1e0 [ 11.554079] ret_from_fork+0x116/0x1d0 [ 11.554428] ret_from_fork_asm+0x1a/0x30 [ 11.554779] [ 11.554948] The buggy address belongs to the object at ffff888102837160 [ 11.554948] which belongs to the cache kmalloc-16 of size 16 [ 11.555978] The buggy address is located 18 bytes to the right of [ 11.555978] allocated 13-byte region [ffff888102837160, ffff88810283716d) [ 11.556420] [ 11.556499] The buggy address belongs to the physical page: [ 11.556680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102837 [ 11.556959] flags: 0x200000000000000(node=0|zone=2) [ 11.557423] page_type: f5(slab) [ 11.557774] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.558266] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.558496] page dumped because: kasan: bad access detected [ 11.558667] [ 11.558735] Memory state around the buggy address: [ 11.558905] ffff888102837000: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 11.559242] ffff888102837080: 00 04 fc fc 00 04 fc fc 00 05 fc fc 00 05 fc fc [ 11.559506] >ffff888102837100: 00 05 fc fc 00 02 fc fc fa fb fc fc 00 05 fc fc [ 11.559789] ^ [ 11.560119] ffff888102837180: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.560435] ffff888102837200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.560718] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.441672] ================================================================== [ 11.442689] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.443803] Write of size 1 at addr ffff888102988573 by task kunit_try_catch/153 [ 11.444640] [ 11.445795] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.446176] Tainted: [N]=TEST [ 11.446208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.446424] Call Trace: [ 11.446489] <TASK> [ 11.446653] dump_stack_lvl+0x73/0xb0 [ 11.446744] print_report+0xd1/0x610 [ 11.446781] ? __virt_addr_valid+0x1db/0x2d0 [ 11.446806] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.446827] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.446849] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.446871] kasan_report+0x141/0x180 [ 11.446903] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.446930] __asan_report_store1_noabort+0x1b/0x30 [ 11.446954] kmalloc_oob_right+0x6f0/0x7f0 [ 11.446995] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.447018] ? __schedule+0x10cc/0x2b60 [ 11.447041] ? __pfx_read_tsc+0x10/0x10 [ 11.447062] ? ktime_get_ts64+0x86/0x230 [ 11.447088] kunit_try_run_case+0x1a5/0x480 [ 11.447115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.447136] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.447161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.447184] ? __kthread_parkme+0x82/0x180 [ 11.447205] ? preempt_count_sub+0x50/0x80 [ 11.447231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.447255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.447280] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.447306] kthread+0x337/0x6f0 [ 11.447325] ? trace_preempt_on+0x20/0xc0 [ 11.447349] ? __pfx_kthread+0x10/0x10 [ 11.447368] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.447390] ? calculate_sigpending+0x7b/0xa0 [ 11.447415] ? __pfx_kthread+0x10/0x10 [ 11.447436] ret_from_fork+0x116/0x1d0 [ 11.447456] ? __pfx_kthread+0x10/0x10 [ 11.447476] ret_from_fork_asm+0x1a/0x30 [ 11.447555] </TASK> [ 11.447623] [ 11.456284] Allocated by task 153: [ 11.456543] kasan_save_stack+0x45/0x70 [ 11.456820] kasan_save_track+0x18/0x40 [ 11.457062] kasan_save_alloc_info+0x3b/0x50 [ 11.457275] __kasan_kmalloc+0xb7/0xc0 [ 11.457460] __kmalloc_cache_noprof+0x189/0x420 [ 11.457743] kmalloc_oob_right+0xa9/0x7f0 [ 11.457964] kunit_try_run_case+0x1a5/0x480 [ 11.458184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.458510] kthread+0x337/0x6f0 [ 11.458749] ret_from_fork+0x116/0x1d0 [ 11.458951] ret_from_fork_asm+0x1a/0x30 [ 11.459204] [ 11.459350] The buggy address belongs to the object at ffff888102988500 [ 11.459350] which belongs to the cache kmalloc-128 of size 128 [ 11.460293] The buggy address is located 0 bytes to the right of [ 11.460293] allocated 115-byte region [ffff888102988500, ffff888102988573) [ 11.460823] [ 11.461570] The buggy address belongs to the physical page: [ 11.462611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 11.463358] flags: 0x200000000000000(node=0|zone=2) [ 11.464187] page_type: f5(slab) [ 11.464681] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.465064] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.465457] page dumped because: kasan: bad access detected [ 11.465688] [ 11.465829] Memory state around the buggy address: [ 11.466363] ffff888102988400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.466709] ffff888102988480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.467020] >ffff888102988500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.467307] ^ [ 11.467644] ffff888102988580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.467990] ffff888102988600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.468286] ================================================================== [ 11.489330] ================================================================== [ 11.490003] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.490664] Read of size 1 at addr ffff888102988580 by task kunit_try_catch/153 [ 11.491342] [ 11.491513] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.491554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.491564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.491585] Call Trace: [ 11.491598] <TASK> [ 11.491614] dump_stack_lvl+0x73/0xb0 [ 11.491641] print_report+0xd1/0x610 [ 11.491662] ? __virt_addr_valid+0x1db/0x2d0 [ 11.491685] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.491706] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.491728] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.491750] kasan_report+0x141/0x180 [ 11.491771] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.491799] __asan_report_load1_noabort+0x18/0x20 [ 11.491822] kmalloc_oob_right+0x68a/0x7f0 [ 11.491844] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.491866] ? __schedule+0x10cc/0x2b60 [ 11.491889] ? __pfx_read_tsc+0x10/0x10 [ 11.491922] ? ktime_get_ts64+0x86/0x230 [ 11.491948] kunit_try_run_case+0x1a5/0x480 [ 11.491971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.491992] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.492016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.492039] ? __kthread_parkme+0x82/0x180 [ 11.492059] ? preempt_count_sub+0x50/0x80 [ 11.492083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.492106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.492129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.492153] kthread+0x337/0x6f0 [ 11.492171] ? trace_preempt_on+0x20/0xc0 [ 11.492194] ? __pfx_kthread+0x10/0x10 [ 11.492213] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.492234] ? calculate_sigpending+0x7b/0xa0 [ 11.492258] ? __pfx_kthread+0x10/0x10 [ 11.492279] ret_from_fork+0x116/0x1d0 [ 11.492296] ? __pfx_kthread+0x10/0x10 [ 11.492316] ret_from_fork_asm+0x1a/0x30 [ 11.492347] </TASK> [ 11.492357] [ 11.509719] Allocated by task 153: [ 11.510170] kasan_save_stack+0x45/0x70 [ 11.510333] kasan_save_track+0x18/0x40 [ 11.510919] kasan_save_alloc_info+0x3b/0x50 [ 11.511488] __kasan_kmalloc+0xb7/0xc0 [ 11.512002] __kmalloc_cache_noprof+0x189/0x420 [ 11.512439] kmalloc_oob_right+0xa9/0x7f0 [ 11.512931] kunit_try_run_case+0x1a5/0x480 [ 11.513289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.514007] kthread+0x337/0x6f0 [ 11.514167] ret_from_fork+0x116/0x1d0 [ 11.514755] ret_from_fork_asm+0x1a/0x30 [ 11.515204] [ 11.515290] The buggy address belongs to the object at ffff888102988500 [ 11.515290] which belongs to the cache kmalloc-128 of size 128 [ 11.516199] The buggy address is located 13 bytes to the right of [ 11.516199] allocated 115-byte region [ffff888102988500, ffff888102988573) [ 11.517382] [ 11.517462] The buggy address belongs to the physical page: [ 11.517996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 11.518446] flags: 0x200000000000000(node=0|zone=2) [ 11.518963] page_type: f5(slab) [ 11.519403] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.520273] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.520875] page dumped because: kasan: bad access detected [ 11.521377] [ 11.521559] Memory state around the buggy address: [ 11.522173] ffff888102988480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.522802] ffff888102988500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.523518] >ffff888102988580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.523796] ^ [ 11.524343] ffff888102988600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.525180] ffff888102988680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.525994] ================================================================== [ 11.469432] ================================================================== [ 11.469791] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.470110] Write of size 1 at addr ffff888102988578 by task kunit_try_catch/153 [ 11.470456] [ 11.470587] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.470632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.470644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.470664] Call Trace: [ 11.470675] <TASK> [ 11.470691] dump_stack_lvl+0x73/0xb0 [ 11.470719] print_report+0xd1/0x610 [ 11.470741] ? __virt_addr_valid+0x1db/0x2d0 [ 11.470768] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.470789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.470811] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.470832] kasan_report+0x141/0x180 [ 11.470854] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.470881] __asan_report_store1_noabort+0x1b/0x30 [ 11.470916] kmalloc_oob_right+0x6bd/0x7f0 [ 11.470938] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.470961] ? __schedule+0x10cc/0x2b60 [ 11.470983] ? __pfx_read_tsc+0x10/0x10 [ 11.471003] ? ktime_get_ts64+0x86/0x230 [ 11.471029] kunit_try_run_case+0x1a5/0x480 [ 11.471053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.471075] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.471099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.471122] ? __kthread_parkme+0x82/0x180 [ 11.471142] ? preempt_count_sub+0x50/0x80 [ 11.471167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.471190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.471213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.471236] kthread+0x337/0x6f0 [ 11.471255] ? trace_preempt_on+0x20/0xc0 [ 11.471279] ? __pfx_kthread+0x10/0x10 [ 11.471298] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.471319] ? calculate_sigpending+0x7b/0xa0 [ 11.471343] ? __pfx_kthread+0x10/0x10 [ 11.471363] ret_from_fork+0x116/0x1d0 [ 11.471381] ? __pfx_kthread+0x10/0x10 [ 11.471401] ret_from_fork_asm+0x1a/0x30 [ 11.471432] </TASK> [ 11.471442] [ 11.477922] Allocated by task 153: [ 11.478128] kasan_save_stack+0x45/0x70 [ 11.478343] kasan_save_track+0x18/0x40 [ 11.478685] kasan_save_alloc_info+0x3b/0x50 [ 11.479131] __kasan_kmalloc+0xb7/0xc0 [ 11.479267] __kmalloc_cache_noprof+0x189/0x420 [ 11.479422] kmalloc_oob_right+0xa9/0x7f0 [ 11.479851] kunit_try_run_case+0x1a5/0x480 [ 11.480279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.481007] kthread+0x337/0x6f0 [ 11.481343] ret_from_fork+0x116/0x1d0 [ 11.481726] ret_from_fork_asm+0x1a/0x30 [ 11.481877] [ 11.481957] The buggy address belongs to the object at ffff888102988500 [ 11.481957] which belongs to the cache kmalloc-128 of size 128 [ 11.482314] The buggy address is located 5 bytes to the right of [ 11.482314] allocated 115-byte region [ffff888102988500, ffff888102988573) [ 11.482681] [ 11.482751] The buggy address belongs to the physical page: [ 11.482942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988 [ 11.483183] flags: 0x200000000000000(node=0|zone=2) [ 11.483345] page_type: f5(slab) [ 11.483464] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.483695] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.484159] page dumped because: kasan: bad access detected [ 11.484612] [ 11.484765] Memory state around the buggy address: [ 11.485099] ffff888102988400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.485317] ffff888102988480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.485532] >ffff888102988500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.485929] ^ [ 11.486796] ffff888102988580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.487451] ffff888102988600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.488279] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 143.274914] WARNING: CPU: 1 PID: 2763 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 143.275838] Modules linked in: [ 143.276008] CPU: 1 UID: 0 PID: 2763 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 143.276337] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.276517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.277944] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 143.279559] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 143.281780] RSP: 0000:ffff88810bc7fc78 EFLAGS: 00010286 [ 143.282576] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 143.283798] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9a033bfc [ 143.284172] RBP: ffff88810bc7fca0 R08: 0000000000000000 R09: ffffed10207fb120 [ 143.284393] R10: ffff888103fd8907 R11: 0000000000000000 R12: ffffffff9a033be8 [ 143.285025] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810bc7fd38 [ 143.285985] FS: 0000000000000000(0000) GS:ffff8881bf172000(0000) knlGS:0000000000000000 [ 143.287084] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.287723] CR2: 00007ffff7ffe000 CR3: 0000000146ebc000 CR4: 00000000000006f0 [ 143.288404] DR0: ffffffff9c052440 DR1: ffffffff9c052441 DR2: ffffffff9c052443 [ 143.288871] DR3: ffffffff9c052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.289778] Call Trace: [ 143.290172] <TASK> [ 143.290620] drm_test_rect_calc_vscale+0x108/0x270 [ 143.291286] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 143.291836] ? __schedule+0x10cc/0x2b60 [ 143.292021] ? __pfx_read_tsc+0x10/0x10 [ 143.292168] ? ktime_get_ts64+0x86/0x230 [ 143.292316] kunit_try_run_case+0x1a5/0x480 [ 143.292468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.292860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.293668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.294284] ? __kthread_parkme+0x82/0x180 [ 143.294917] ? preempt_count_sub+0x50/0x80 [ 143.295425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.296051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.296675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.297477] kthread+0x337/0x6f0 [ 143.297887] ? trace_preempt_on+0x20/0xc0 [ 143.298434] ? __pfx_kthread+0x10/0x10 [ 143.298972] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.299140] ? calculate_sigpending+0x7b/0xa0 [ 143.299623] ? __pfx_kthread+0x10/0x10 [ 143.300177] ret_from_fork+0x116/0x1d0 [ 143.300722] ? __pfx_kthread+0x10/0x10 [ 143.301161] ret_from_fork_asm+0x1a/0x30 [ 143.301325] </TASK> [ 143.301417] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 143.307474] WARNING: CPU: 0 PID: 2765 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 143.308372] Modules linked in: [ 143.308571] CPU: 0 UID: 0 PID: 2765 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 143.309383] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.309632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.310659] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 143.311174] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 143.312302] RSP: 0000:ffff88810bc27c78 EFLAGS: 00010286 [ 143.312497] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 143.313193] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9a033c34 [ 143.313936] RBP: ffff88810bc27ca0 R08: 0000000000000000 R09: ffffed10207fb140 [ 143.314502] R10: ffff888103fd8a07 R11: 0000000000000000 R12: ffffffff9a033c20 [ 143.314989] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810bc27d38 [ 143.315215] FS: 0000000000000000(0000) GS:ffff8881bf072000(0000) knlGS:0000000000000000 [ 143.315453] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.315887] CR2: 00007ffff7ffe000 CR3: 0000000146ebc000 CR4: 00000000000006f0 [ 143.316637] DR0: ffffffff9c052444 DR1: ffffffff9c052445 DR2: ffffffff9c052442 [ 143.317401] DR3: ffffffff9c052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.318138] Call Trace: [ 143.318398] <TASK> [ 143.318783] drm_test_rect_calc_vscale+0x108/0x270 [ 143.319266] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 143.319772] ? __schedule+0x10cc/0x2b60 [ 143.319944] ? __pfx_read_tsc+0x10/0x10 [ 143.320318] ? ktime_get_ts64+0x86/0x230 [ 143.320698] kunit_try_run_case+0x1a5/0x480 [ 143.321244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.321476] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.322030] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.322488] ? __kthread_parkme+0x82/0x180 [ 143.322993] ? preempt_count_sub+0x50/0x80 [ 143.323274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.323439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.323707] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.324269] kthread+0x337/0x6f0 [ 143.324591] ? trace_preempt_on+0x20/0xc0 [ 143.325060] ? __pfx_kthread+0x10/0x10 [ 143.325411] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.325862] ? calculate_sigpending+0x7b/0xa0 [ 143.326076] ? __pfx_kthread+0x10/0x10 [ 143.326424] ret_from_fork+0x116/0x1d0 [ 143.326954] ? __pfx_kthread+0x10/0x10 [ 143.327315] ret_from_fork_asm+0x1a/0x30 [ 143.327474] </TASK> [ 143.327664] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 143.221386] WARNING: CPU: 1 PID: 2751 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 143.222365] Modules linked in: [ 143.222801] CPU: 1 UID: 0 PID: 2751 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 143.223909] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.224459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.225072] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 143.225263] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 143.225763] RSP: 0000:ffff888105567c78 EFLAGS: 00010286 [ 143.225964] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 143.226179] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff9a033c00 [ 143.226392] RBP: ffff888105567ca0 R08: 0000000000000000 R09: ffffed10207fb020 [ 143.226603] R10: ffff888103fd8107 R11: 0000000000000000 R12: ffffffff9a033be8 [ 143.226821] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888105567d38 [ 143.227412] FS: 0000000000000000(0000) GS:ffff8881bf172000(0000) knlGS:0000000000000000 [ 143.228257] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.228885] CR2: 00007ffff7ffe000 CR3: 0000000146ebc000 CR4: 00000000000006f0 [ 143.229524] DR0: ffffffff9c052440 DR1: ffffffff9c052441 DR2: ffffffff9c052443 [ 143.230267] DR3: ffffffff9c052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.231134] Call Trace: [ 143.231433] <TASK> [ 143.231734] drm_test_rect_calc_hscale+0x108/0x270 [ 143.232204] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 143.232761] ? __schedule+0x10cc/0x2b60 [ 143.233203] ? __pfx_read_tsc+0x10/0x10 [ 143.233690] ? ktime_get_ts64+0x86/0x230 [ 143.234089] kunit_try_run_case+0x1a5/0x480 [ 143.234478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.235022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.235478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.236079] ? __kthread_parkme+0x82/0x180 [ 143.236472] ? preempt_count_sub+0x50/0x80 [ 143.236992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.237424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.238013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.238620] kthread+0x337/0x6f0 [ 143.238843] ? trace_preempt_on+0x20/0xc0 [ 143.239099] ? __pfx_kthread+0x10/0x10 [ 143.239451] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.239965] ? calculate_sigpending+0x7b/0xa0 [ 143.240390] ? __pfx_kthread+0x10/0x10 [ 143.240812] ret_from_fork+0x116/0x1d0 [ 143.240988] ? __pfx_kthread+0x10/0x10 [ 143.241126] ret_from_fork_asm+0x1a/0x30 [ 143.241284] </TASK> [ 143.241377] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 143.244363] WARNING: CPU: 0 PID: 2753 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 143.245278] Modules linked in: [ 143.245694] CPU: 0 UID: 0 PID: 2753 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 143.246768] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.247145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.247416] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 143.247608] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 143.248579] RSP: 0000:ffff88810bcefc78 EFLAGS: 00010286 [ 143.248845] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 143.249497] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff9a033c38 [ 143.249913] RBP: ffff88810bcefca0 R08: 0000000000000000 R09: ffffed10218ff600 [ 143.250440] R10: ffff88810c7fb007 R11: 0000000000000000 R12: ffffffff9a033c20 [ 143.251427] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810bcefd38 [ 143.251944] FS: 0000000000000000(0000) GS:ffff8881bf072000(0000) knlGS:0000000000000000 [ 143.252498] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.252965] CR2: 00007ffff7ffe000 CR3: 0000000146ebc000 CR4: 00000000000006f0 [ 143.253453] DR0: ffffffff9c052444 DR1: ffffffff9c052445 DR2: ffffffff9c052442 [ 143.253835] DR3: ffffffff9c052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.254111] Call Trace: [ 143.254438] <TASK> [ 143.254549] drm_test_rect_calc_hscale+0x108/0x270 [ 143.255168] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 143.255626] ? __schedule+0x10cc/0x2b60 [ 143.255820] ? __pfx_read_tsc+0x10/0x10 [ 143.256222] ? ktime_get_ts64+0x86/0x230 [ 143.256417] kunit_try_run_case+0x1a5/0x480 [ 143.256920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.257289] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.257509] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.258106] ? __kthread_parkme+0x82/0x180 [ 143.258306] ? preempt_count_sub+0x50/0x80 [ 143.258500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.258727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.259350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.259972] kthread+0x337/0x6f0 [ 143.260250] ? trace_preempt_on+0x20/0xc0 [ 143.260446] ? __pfx_kthread+0x10/0x10 [ 143.260843] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.261026] ? calculate_sigpending+0x7b/0xa0 [ 143.261341] ? __pfx_kthread+0x10/0x10 [ 143.261524] ret_from_fork+0x116/0x1d0 [ 143.261942] ? __pfx_kthread+0x10/0x10 [ 143.262261] ret_from_fork_asm+0x1a/0x30 [ 143.262466] </TASK> [ 143.262575] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 142.591010] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 142.591110] WARNING: CPU: 1 PID: 2568 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 142.592514] Modules linked in: [ 142.592967] CPU: 1 UID: 0 PID: 2568 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.594026] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.594219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.594488] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 142.594969] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 e0 8a fe 99 4c 89 f2 48 c7 c7 a0 87 fe 99 48 89 c6 e8 74 b8 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 142.596726] RSP: 0000:ffff888108387d18 EFLAGS: 00010286 [ 142.597250] RAX: 0000000000000000 RBX: ffff88810c066400 RCX: 1ffffffff35a4cf0 [ 142.597509] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 142.598282] RBP: ffff888108387d48 R08: 0000000000000000 R09: fffffbfff35a4cf0 [ 142.599061] R10: 0000000000000003 R11: 0000000000038698 R12: ffff8881086db000 [ 142.599689] R13: ffff88810c0664f8 R14: ffff88810c114e00 R15: ffff88810039fb40 [ 142.599918] FS: 0000000000000000(0000) GS:ffff8881bf172000(0000) knlGS:0000000000000000 [ 142.600523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.601230] CR2: 00007ffff7ffe000 CR3: 0000000146ebc000 CR4: 00000000000006f0 [ 142.601918] DR0: ffffffff9c052440 DR1: ffffffff9c052441 DR2: ffffffff9c052443 [ 142.602280] DR3: ffffffff9c052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.602493] Call Trace: [ 142.602649] <TASK> [ 142.602868] ? trace_preempt_on+0x20/0xc0 [ 142.603268] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 142.603799] drm_gem_shmem_free_wrapper+0x12/0x20 [ 142.604292] __kunit_action_free+0x57/0x70 [ 142.604811] kunit_remove_resource+0x133/0x200 [ 142.605320] ? preempt_count_sub+0x50/0x80 [ 142.605609] kunit_cleanup+0x7a/0x120 [ 142.606033] kunit_try_run_case_cleanup+0xbd/0xf0 [ 142.606295] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 142.606472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.606712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.607319] kthread+0x337/0x6f0 [ 142.607715] ? trace_preempt_on+0x20/0xc0 [ 142.608129] ? __pfx_kthread+0x10/0x10 [ 142.608488] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.608990] ? calculate_sigpending+0x7b/0xa0 [ 142.609480] ? __pfx_kthread+0x10/0x10 [ 142.609719] ret_from_fork+0x116/0x1d0 [ 142.609885] ? __pfx_kthread+0x10/0x10 [ 142.610032] ret_from_fork_asm+0x1a/0x30 [ 142.610183] </TASK> [ 142.610273] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 142.449745] WARNING: CPU: 0 PID: 2549 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 142.450429] Modules linked in: [ 142.450862] CPU: 0 UID: 0 PID: 2549 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.451653] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.452084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.453280] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 142.453951] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 142.455632] RSP: 0000:ffff8881083ffb20 EFLAGS: 00010246 [ 142.456183] RAX: ffff8881083ffba8 RBX: ffff8881083ffc28 RCX: 1ffff1102107ff8e [ 142.456402] RDX: dffffc0000000000 RSI: ffff888108513000 RDI: ffff888108513000 [ 142.456610] RBP: ffff8881083ffb70 R08: ffff888108513000 R09: ffffffff99fd8e20 [ 142.456815] R10: 0000000000000003 R11: 0000000023fbc96a R12: 1ffff1102107ff71 [ 142.457793] R13: ffff8881083ffc70 R14: ffff8881083ffdb8 R15: 0000000000000000 [ 142.458512] FS: 0000000000000000(0000) GS:ffff8881bf072000(0000) knlGS:0000000000000000 [ 142.458945] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.459389] CR2: 00007ffff7ffe000 CR3: 0000000146ebc000 CR4: 00000000000006f0 [ 142.460250] DR0: ffffffff9c052444 DR1: ffffffff9c052445 DR2: ffffffff9c052442 [ 142.461044] DR3: ffffffff9c052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.461454] Call Trace: [ 142.461914] <TASK> [ 142.462092] ? trace_preempt_on+0x20/0xc0 [ 142.462451] ? add_dr+0xc1/0x1d0 [ 142.462815] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 142.463144] ? add_dr+0x148/0x1d0 [ 142.463299] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 142.463710] ? __drmm_add_action+0x1a4/0x280 [ 142.463936] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 142.464286] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 142.464532] ? __drmm_add_action_or_reset+0x22/0x50 [ 142.464765] ? __schedule+0x10cc/0x2b60 [ 142.465121] ? __pfx_read_tsc+0x10/0x10 [ 142.465640] ? ktime_get_ts64+0x86/0x230 [ 142.465939] kunit_try_run_case+0x1a5/0x480 [ 142.466181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.466446] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.466766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.467025] ? __kthread_parkme+0x82/0x180 [ 142.467283] ? preempt_count_sub+0x50/0x80 [ 142.467457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.467694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.468035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.468367] kthread+0x337/0x6f0 [ 142.468518] ? trace_preempt_on+0x20/0xc0 [ 142.468979] ? __pfx_kthread+0x10/0x10 [ 142.469216] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.469413] ? calculate_sigpending+0x7b/0xa0 [ 142.469682] ? __pfx_kthread+0x10/0x10 [ 142.469863] ret_from_fork+0x116/0x1d0 [ 142.470082] ? __pfx_kthread+0x10/0x10 [ 142.470343] ret_from_fork_asm+0x1a/0x30 [ 142.470648] </TASK> [ 142.470787] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 142.406657] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 142.406800] WARNING: CPU: 0 PID: 2545 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 142.408991] Modules linked in: [ 142.409169] CPU: 0 UID: 0 PID: 2545 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 142.410719] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.411364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.411998] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 142.412384] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 c0 38 fd 99 4c 89 fa 48 c7 c7 20 39 fd 99 48 89 c6 e8 f2 de 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 142.413356] RSP: 0000:ffff888108667b68 EFLAGS: 00010282 [ 142.414010] RAX: 0000000000000000 RBX: ffff888108667c40 RCX: 1ffffffff35a4cf0 [ 142.414451] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 142.414935] RBP: ffff888108667b90 R08: 0000000000000000 R09: fffffbfff35a4cf0 [ 142.415404] R10: 0000000000000003 R11: 0000000000036e98 R12: ffff888108667c18 [ 142.415985] R13: ffff8881082ad000 R14: ffff888108511000 R15: ffff888102744980 [ 142.416425] FS: 0000000000000000(0000) GS:ffff8881bf072000(0000) knlGS:0000000000000000 [ 142.416858] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.417296] CR2: 00007ffff7ffe000 CR3: 0000000146ebc000 CR4: 00000000000006f0 [ 142.418044] DR0: ffffffff9c052444 DR1: ffffffff9c052445 DR2: ffffffff9c052442 [ 142.418348] DR3: ffffffff9c052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.418848] Call Trace: [ 142.419160] <TASK> [ 142.419448] drm_test_framebuffer_free+0x1ab/0x610 [ 142.419870] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 142.420256] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 142.420690] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 142.420983] ? __drmm_add_action_or_reset+0x22/0x50 [ 142.421265] ? __schedule+0x10cc/0x2b60 [ 142.421474] ? __pfx_read_tsc+0x10/0x10 [ 142.421875] ? ktime_get_ts64+0x86/0x230 [ 142.422448] kunit_try_run_case+0x1a5/0x480 [ 142.422747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.423227] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.423658] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.423885] ? __kthread_parkme+0x82/0x180 [ 142.424347] ? preempt_count_sub+0x50/0x80 [ 142.424774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.425215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.425572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.426102] kthread+0x337/0x6f0 [ 142.426401] ? trace_preempt_on+0x20/0xc0 [ 142.426870] ? __pfx_kthread+0x10/0x10 [ 142.427089] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.427244] ? calculate_sigpending+0x7b/0xa0 [ 142.427957] ? __pfx_kthread+0x10/0x10 [ 142.428150] ret_from_fork+0x116/0x1d0 [ 142.428297] ? __pfx_kthread+0x10/0x10 [ 142.428857] ret_from_fork_asm+0x1a/0x30 [ 142.429295] </TASK> [ 142.429396] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 140.924138] WARNING: CPU: 0 PID: 1975 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 140.924779] Modules linked in: [ 140.925007] CPU: 0 UID: 0 PID: 1975 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.925906] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.926434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.926961] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 140.927663] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 36 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 140.928441] RSP: 0000:ffff88810d1afc90 EFLAGS: 00010246 [ 140.928756] RAX: dffffc0000000000 RBX: ffff88810d5c2000 RCX: 0000000000000000 [ 140.929223] RDX: 1ffff11021ab8432 RSI: ffffffff972067b8 RDI: ffff88810d5c2190 [ 140.929502] RBP: ffff88810d1afca0 R08: 1ffff11020073f69 R09: ffffed1021a35f65 [ 140.929939] R10: 0000000000000003 R11: ffffffff967859b8 R12: 0000000000000000 [ 140.930177] R13: ffff88810d1afd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 140.930692] FS: 0000000000000000(0000) GS:ffff8881bf072000(0000) knlGS:0000000000000000 [ 140.931096] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.931379] CR2: 00007ffff7ffe000 CR3: 0000000146ebc000 CR4: 00000000000006f0 [ 140.931674] DR0: ffffffff9c052444 DR1: ffffffff9c052445 DR2: ffffffff9c052442 [ 140.932269] DR3: ffffffff9c052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.932646] Call Trace: [ 140.932778] <TASK> [ 140.932933] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 140.933207] ? schedule+0x7c/0x2e0 [ 140.933411] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 140.933840] ? __pfx_read_tsc+0x10/0x10 [ 140.934069] ? ktime_get_ts64+0x86/0x230 [ 140.934274] kunit_try_run_case+0x1a5/0x480 [ 140.934486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.934831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.935043] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.935226] ? __kthread_parkme+0x82/0x180 [ 140.935434] ? preempt_count_sub+0x50/0x80 [ 140.935758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.935995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.936711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.936990] kthread+0x337/0x6f0 [ 140.937117] ? trace_preempt_on+0x20/0xc0 [ 140.937358] ? __pfx_kthread+0x10/0x10 [ 140.938155] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.938815] ? calculate_sigpending+0x7b/0xa0 [ 140.939235] ? __pfx_kthread+0x10/0x10 [ 140.940157] ret_from_fork+0x116/0x1d0 [ 140.940918] ? __pfx_kthread+0x10/0x10 [ 140.941280] ret_from_fork_asm+0x1a/0x30 [ 140.941444] </TASK> [ 140.941839] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.013355] WARNING: CPU: 1 PID: 1983 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 141.014285] Modules linked in: [ 141.014768] CPU: 1 UID: 0 PID: 1983 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.015419] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.016067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.016740] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 141.016974] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 36 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 141.017460] RSP: 0000:ffff88810d787c90 EFLAGS: 00010246 [ 141.018516] RAX: dffffc0000000000 RBX: ffff88810d3da000 RCX: 0000000000000000 [ 141.019266] RDX: 1ffff11021a7b432 RSI: ffffffff972067b8 RDI: ffff88810d3da190 [ 141.020074] RBP: ffff88810d787ca0 R08: 1ffff11020073f69 R09: ffffed1021af0f65 [ 141.020881] R10: 0000000000000003 R11: ffffffff967859b8 R12: 0000000000000000 [ 141.021650] R13: ffff88810d787d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 141.022438] FS: 0000000000000000(0000) GS:ffff8881bf172000(0000) knlGS:0000000000000000 [ 141.023357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.023858] CR2: 00007ffff7ffe000 CR3: 0000000146ebc000 CR4: 00000000000006f0 [ 141.024335] DR0: ffffffff9c052440 DR1: ffffffff9c052441 DR2: ffffffff9c052443 [ 141.024601] DR3: ffffffff9c052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.025350] Call Trace: [ 141.025738] <TASK> [ 141.025990] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 141.026834] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 141.027418] ? __schedule+0x10cc/0x2b60 [ 141.027620] ? __pfx_read_tsc+0x10/0x10 [ 141.028051] ? ktime_get_ts64+0x86/0x230 [ 141.028454] kunit_try_run_case+0x1a5/0x480 [ 141.028848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.029118] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.029582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.030080] ? __kthread_parkme+0x82/0x180 [ 141.030420] ? preempt_count_sub+0x50/0x80 [ 141.030721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.031207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.031764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.032091] kthread+0x337/0x6f0 [ 141.032226] ? trace_preempt_on+0x20/0xc0 [ 141.032374] ? __pfx_kthread+0x10/0x10 [ 141.032510] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.033013] ? calculate_sigpending+0x7b/0xa0 [ 141.033497] ? __pfx_kthread+0x10/0x10 [ 141.033938] ret_from_fork+0x116/0x1d0 [ 141.034339] ? __pfx_kthread+0x10/0x10 [ 141.034892] ret_from_fork_asm+0x1a/0x30 [ 141.035361] </TASK> [ 141.035583] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 110.164210] WARNING: CPU: 0 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 110.164802] Modules linked in: [ 110.165089] CPU: 0 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 110.165540] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 110.166146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.166797] RIP: 0010:intlog10+0x2a/0x40 [ 110.167194] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 47 ba 86 02 90 <0f> 0b 90 31 c0 e9 3c ba 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 110.168161] RSP: 0000:ffff888102bffcb0 EFLAGS: 00010246 [ 110.168424] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102057ffb4 [ 110.169028] RDX: 1ffffffff33d2dc4 RSI: 1ffff1102057ffb3 RDI: 0000000000000000 [ 110.169446] RBP: ffff888102bffd60 R08: 0000000000000000 R09: ffffed1020748a40 [ 110.170161] R10: ffff888103a45207 R11: 0000000000000000 R12: 1ffff1102057ff97 [ 110.170738] R13: ffffffff99e96e20 R14: 0000000000000000 R15: ffff888102bffd38 [ 110.171300] FS: 0000000000000000(0000) GS:ffff8881bf072000(0000) knlGS:0000000000000000 [ 110.171804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.172134] CR2: dffffc0000000000 CR3: 0000000146ebc000 CR4: 00000000000006f0 [ 110.172424] DR0: ffffffff9c052444 DR1: ffffffff9c052445 DR2: ffffffff9c052442 [ 110.173003] DR3: ffffffff9c052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 110.173444] Call Trace: [ 110.173830] <TASK> [ 110.173971] ? intlog10_test+0xf2/0x220 [ 110.174147] ? __pfx_intlog10_test+0x10/0x10 [ 110.174648] ? __schedule+0x10cc/0x2b60 [ 110.175049] ? __pfx_read_tsc+0x10/0x10 [ 110.175304] ? ktime_get_ts64+0x86/0x230 [ 110.175942] kunit_try_run_case+0x1a5/0x480 [ 110.176174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.176406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 110.176750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 110.177042] ? __kthread_parkme+0x82/0x180 [ 110.177297] ? preempt_count_sub+0x50/0x80 [ 110.177490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.177890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 110.178188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 110.178502] kthread+0x337/0x6f0 [ 110.178717] ? trace_preempt_on+0x20/0xc0 [ 110.179023] ? __pfx_kthread+0x10/0x10 [ 110.179207] ? _raw_spin_unlock_irq+0x47/0x80 [ 110.179427] ? calculate_sigpending+0x7b/0xa0 [ 110.179918] ? __pfx_kthread+0x10/0x10 [ 110.180083] ret_from_fork+0x116/0x1d0 [ 110.180225] ? __pfx_kthread+0x10/0x10 [ 110.180462] ret_from_fork_asm+0x1a/0x30 [ 110.180677] </TASK> [ 110.180802] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 110.122887] WARNING: CPU: 0 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 110.123626] Modules linked in: [ 110.124433] CPU: 0 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 110.125648] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 110.126342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 110.127442] RIP: 0010:intlog2+0xdf/0x110 [ 110.127935] Code: e9 99 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 6f d8 55 ff 8b 45 e4 eb [ 110.129593] RSP: 0000:ffff88810b80fcb0 EFLAGS: 00010246 [ 110.129808] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11021701fb4 [ 110.130087] RDX: 1ffffffff33d2e18 RSI: 1ffff11021701fb3 RDI: 0000000000000000 [ 110.130493] RBP: ffff88810b80fd60 R08: 0000000000000000 R09: ffffed1020465740 [ 110.131462] R10: ffff88810232ba07 R11: 0000000000000000 R12: 1ffff11021701f97 [ 110.131863] R13: ffffffff99e970c0 R14: 0000000000000000 R15: ffff88810b80fd38 [ 110.132382] FS: 0000000000000000(0000) GS:ffff8881bf072000(0000) knlGS:0000000000000000 [ 110.132967] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 110.133368] CR2: dffffc0000000000 CR3: 0000000146ebc000 CR4: 00000000000006f0 [ 110.133860] DR0: ffffffff9c052444 DR1: ffffffff9c052445 DR2: ffffffff9c052442 [ 110.134298] DR3: ffffffff9c052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 110.134911] Call Trace: [ 110.135041] <TASK> [ 110.135204] ? intlog2_test+0xf2/0x220 [ 110.135700] ? __pfx_intlog2_test+0x10/0x10 [ 110.136104] ? __schedule+0x10cc/0x2b60 [ 110.136327] ? __pfx_read_tsc+0x10/0x10 [ 110.136512] ? ktime_get_ts64+0x86/0x230 [ 110.137037] kunit_try_run_case+0x1a5/0x480 [ 110.137355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.137768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 110.138098] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 110.138336] ? __kthread_parkme+0x82/0x180 [ 110.138529] ? preempt_count_sub+0x50/0x80 [ 110.139258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 110.139670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 110.140036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 110.140413] kthread+0x337/0x6f0 [ 110.140807] ? trace_preempt_on+0x20/0xc0 [ 110.141180] ? __pfx_kthread+0x10/0x10 [ 110.141492] ? _raw_spin_unlock_irq+0x47/0x80 [ 110.142065] ? calculate_sigpending+0x7b/0xa0 [ 110.142301] ? __pfx_kthread+0x10/0x10 [ 110.142483] ret_from_fork+0x116/0x1d0 [ 110.142999] ? __pfx_kthread+0x10/0x10 [ 110.143159] ret_from_fork_asm+0x1a/0x30 [ 110.143886] </TASK> [ 110.144074] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 109.545824] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI