Date
July 20, 2025, 8:11 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 12.274687] ================================================================== [ 12.275249] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 12.275597] Read of size 1 at addr ffff888102641a5f by task kunit_try_catch/156 [ 12.275981] [ 12.276377] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.276427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.276439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.276462] Call Trace: [ 12.276487] <TASK> [ 12.276505] dump_stack_lvl+0x73/0xb0 [ 12.276540] print_report+0xd1/0x610 [ 12.276563] ? __virt_addr_valid+0x1db/0x2d0 [ 12.276588] ? kmalloc_oob_left+0x361/0x3c0 [ 12.276608] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.276630] ? kmalloc_oob_left+0x361/0x3c0 [ 12.276651] kasan_report+0x141/0x180 [ 12.276673] ? kmalloc_oob_left+0x361/0x3c0 [ 12.276699] __asan_report_load1_noabort+0x18/0x20 [ 12.276722] kmalloc_oob_left+0x361/0x3c0 [ 12.276744] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.276767] ? __schedule+0x10c6/0x2b60 [ 12.277045] ? __pfx_read_tsc+0x10/0x10 [ 12.277069] ? ktime_get_ts64+0x86/0x230 [ 12.277095] kunit_try_run_case+0x1a5/0x480 [ 12.277122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.277144] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.277168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.277191] ? __kthread_parkme+0x82/0x180 [ 12.277213] ? preempt_count_sub+0x50/0x80 [ 12.277236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.277260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.277283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.277306] kthread+0x337/0x6f0 [ 12.277325] ? trace_preempt_on+0x20/0xc0 [ 12.277349] ? __pfx_kthread+0x10/0x10 [ 12.277369] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.277391] ? calculate_sigpending+0x7b/0xa0 [ 12.277415] ? __pfx_kthread+0x10/0x10 [ 12.277436] ret_from_fork+0x116/0x1d0 [ 12.277455] ? __pfx_kthread+0x10/0x10 [ 12.277488] ret_from_fork_asm+0x1a/0x30 [ 12.277518] </TASK> [ 12.277530] [ 12.289166] Allocated by task 1: [ 12.289389] kasan_save_stack+0x45/0x70 [ 12.289555] kasan_save_track+0x18/0x40 [ 12.289697] kasan_save_alloc_info+0x3b/0x50 [ 12.289858] __kasan_kmalloc+0xb7/0xc0 [ 12.289993] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.290186] kstrdup+0x3e/0xa0 [ 12.290310] kstrdup_const+0x2c/0x40 [ 12.290443] __kernfs_new_node+0xa7/0x6d0 [ 12.291543] kernfs_new_node+0x140/0x1e0 [ 12.292071] __kernfs_create_file+0x2d/0x290 [ 12.292623] sysfs_add_bin_file_mode_ns+0x13f/0x4f0 [ 12.293366] sysfs_create_bin_file+0x150/0x200 [ 12.294018] pci_create_attr+0x1e2/0x460 [ 12.294587] pci_create_resource_files+0xb0/0x160 [ 12.295376] pci_sysfs_init+0x32/0x90 [ 12.296015] do_one_initcall+0xd8/0x370 [ 12.296732] kernel_init_freeable+0x420/0x6f0 [ 12.297458] kernel_init+0x23/0x1e0 [ 12.298121] ret_from_fork+0x116/0x1d0 [ 12.298634] ret_from_fork_asm+0x1a/0x30 [ 12.299265] [ 12.299366] The buggy address belongs to the object at ffff888102641a40 [ 12.299366] which belongs to the cache kmalloc-16 of size 16 [ 12.299746] The buggy address is located 21 bytes to the right of [ 12.299746] allocated 10-byte region [ffff888102641a40, ffff888102641a4a) [ 12.301751] [ 12.302118] The buggy address belongs to the physical page: [ 12.303056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 12.303727] flags: 0x200000000000000(node=0|zone=2) [ 12.304315] page_type: f5(slab) [ 12.304512] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.305059] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.305527] page dumped because: kasan: bad access detected [ 12.305958] [ 12.306295] Memory state around the buggy address: [ 12.306545] ffff888102641900: 00 05 fc fc 00 05 fc fc 00 02 fc fc 00 03 fc fc [ 12.307033] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 12.307695] >ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 07 fc fc [ 12.308253] ^ [ 12.308528] ffff888102641a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.309158] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.309535] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 12.189341] ================================================================== [ 12.190330] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.191753] Write of size 1 at addr ffff888103249273 by task kunit_try_catch/154 [ 12.192694] [ 12.193863] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.194244] Tainted: [N]=TEST [ 12.194277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.194500] Call Trace: [ 12.194565] <TASK> [ 12.194708] dump_stack_lvl+0x73/0xb0 [ 12.194825] print_report+0xd1/0x610 [ 12.194854] ? __virt_addr_valid+0x1db/0x2d0 [ 12.194879] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.194899] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.194921] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.194942] kasan_report+0x141/0x180 [ 12.194964] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.194989] __asan_report_store1_noabort+0x1b/0x30 [ 12.195012] kmalloc_oob_right+0x6f0/0x7f0 [ 12.195053] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.195077] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.195101] kunit_try_run_case+0x1a5/0x480 [ 12.195128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.195150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.195189] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.195211] ? __kthread_parkme+0x82/0x180 [ 12.195233] ? preempt_count_sub+0x50/0x80 [ 12.195258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.195281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.195304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.195326] kthread+0x337/0x6f0 [ 12.195345] ? trace_preempt_on+0x20/0xc0 [ 12.195369] ? __pfx_kthread+0x10/0x10 [ 12.195389] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.195410] ? calculate_sigpending+0x7b/0xa0 [ 12.195434] ? __pfx_kthread+0x10/0x10 [ 12.195455] ret_from_fork+0x116/0x1d0 [ 12.195483] ? __pfx_kthread+0x10/0x10 [ 12.195503] ret_from_fork_asm+0x1a/0x30 [ 12.195559] </TASK> [ 12.195627] [ 12.208379] Allocated by task 154: [ 12.209137] kasan_save_stack+0x45/0x70 [ 12.209316] kasan_save_track+0x18/0x40 [ 12.209454] kasan_save_alloc_info+0x3b/0x50 [ 12.209617] __kasan_kmalloc+0xb7/0xc0 [ 12.209750] __kmalloc_cache_noprof+0x189/0x420 [ 12.209919] kmalloc_oob_right+0xa9/0x7f0 [ 12.210063] kunit_try_run_case+0x1a5/0x480 [ 12.210383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.210699] kthread+0x337/0x6f0 [ 12.211301] ret_from_fork+0x116/0x1d0 [ 12.211563] ret_from_fork_asm+0x1a/0x30 [ 12.211941] [ 12.212184] The buggy address belongs to the object at ffff888103249200 [ 12.212184] which belongs to the cache kmalloc-128 of size 128 [ 12.212779] The buggy address is located 0 bytes to the right of [ 12.212779] allocated 115-byte region [ffff888103249200, ffff888103249273) [ 12.213339] [ 12.213598] The buggy address belongs to the physical page: [ 12.214186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 12.214724] flags: 0x200000000000000(node=0|zone=2) [ 12.215417] page_type: f5(slab) [ 12.215916] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.216376] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.216775] page dumped because: kasan: bad access detected [ 12.217139] [ 12.217238] Memory state around the buggy address: [ 12.217672] ffff888103249100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.218060] ffff888103249180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.218422] >ffff888103249200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.218733] ^ [ 12.219039] ffff888103249280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.219392] ffff888103249300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.219743] ================================================================== [ 12.220791] ================================================================== [ 12.221484] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.221779] Write of size 1 at addr ffff888103249278 by task kunit_try_catch/154 [ 12.222048] [ 12.222173] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.222306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.222318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.222340] Call Trace: [ 12.222357] <TASK> [ 12.222372] dump_stack_lvl+0x73/0xb0 [ 12.222400] print_report+0xd1/0x610 [ 12.222421] ? __virt_addr_valid+0x1db/0x2d0 [ 12.222443] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.222463] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.222497] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.222519] kasan_report+0x141/0x180 [ 12.222540] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.222565] __asan_report_store1_noabort+0x1b/0x30 [ 12.222588] kmalloc_oob_right+0x6bd/0x7f0 [ 12.222610] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.222633] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.222658] kunit_try_run_case+0x1a5/0x480 [ 12.222681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.222703] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.222725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.222748] ? __kthread_parkme+0x82/0x180 [ 12.222767] ? preempt_count_sub+0x50/0x80 [ 12.222802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.222826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.222848] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.222870] kthread+0x337/0x6f0 [ 12.222889] ? trace_preempt_on+0x20/0xc0 [ 12.222911] ? __pfx_kthread+0x10/0x10 [ 12.222931] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.222951] ? calculate_sigpending+0x7b/0xa0 [ 12.222975] ? __pfx_kthread+0x10/0x10 [ 12.222996] ret_from_fork+0x116/0x1d0 [ 12.223014] ? __pfx_kthread+0x10/0x10 [ 12.223034] ret_from_fork_asm+0x1a/0x30 [ 12.223140] </TASK> [ 12.223150] [ 12.232970] Allocated by task 154: [ 12.233370] kasan_save_stack+0x45/0x70 [ 12.233849] kasan_save_track+0x18/0x40 [ 12.234223] kasan_save_alloc_info+0x3b/0x50 [ 12.234434] __kasan_kmalloc+0xb7/0xc0 [ 12.234625] __kmalloc_cache_noprof+0x189/0x420 [ 12.235263] kmalloc_oob_right+0xa9/0x7f0 [ 12.235459] kunit_try_run_case+0x1a5/0x480 [ 12.235885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.236295] kthread+0x337/0x6f0 [ 12.236670] ret_from_fork+0x116/0x1d0 [ 12.236928] ret_from_fork_asm+0x1a/0x30 [ 12.237252] [ 12.237344] The buggy address belongs to the object at ffff888103249200 [ 12.237344] which belongs to the cache kmalloc-128 of size 128 [ 12.237921] The buggy address is located 5 bytes to the right of [ 12.237921] allocated 115-byte region [ffff888103249200, ffff888103249273) [ 12.238446] [ 12.238562] The buggy address belongs to the physical page: [ 12.239488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 12.239815] flags: 0x200000000000000(node=0|zone=2) [ 12.240214] page_type: f5(slab) [ 12.240536] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.240921] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.241420] page dumped because: kasan: bad access detected [ 12.241781] [ 12.241966] Memory state around the buggy address: [ 12.242409] ffff888103249100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.242755] ffff888103249180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.243414] >ffff888103249200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.243844] ^ [ 12.244283] ffff888103249280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.244596] ffff888103249300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.245093] ================================================================== [ 12.245863] ================================================================== [ 12.246693] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.247212] Read of size 1 at addr ffff888103249280 by task kunit_try_catch/154 [ 12.247443] [ 12.247769] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.247840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.247851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.247870] Call Trace: [ 12.247884] <TASK> [ 12.247897] dump_stack_lvl+0x73/0xb0 [ 12.247925] print_report+0xd1/0x610 [ 12.247946] ? __virt_addr_valid+0x1db/0x2d0 [ 12.247967] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.247987] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.248008] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.248029] kasan_report+0x141/0x180 [ 12.248243] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.248270] __asan_report_load1_noabort+0x18/0x20 [ 12.248293] kmalloc_oob_right+0x68a/0x7f0 [ 12.248315] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.248338] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.248362] kunit_try_run_case+0x1a5/0x480 [ 12.248385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.248406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.248428] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.248450] ? __kthread_parkme+0x82/0x180 [ 12.248482] ? preempt_count_sub+0x50/0x80 [ 12.248505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.248528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.248550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.248573] kthread+0x337/0x6f0 [ 12.248592] ? trace_preempt_on+0x20/0xc0 [ 12.248613] ? __pfx_kthread+0x10/0x10 [ 12.248633] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.248653] ? calculate_sigpending+0x7b/0xa0 [ 12.248675] ? __pfx_kthread+0x10/0x10 [ 12.248695] ret_from_fork+0x116/0x1d0 [ 12.248713] ? __pfx_kthread+0x10/0x10 [ 12.248733] ret_from_fork_asm+0x1a/0x30 [ 12.248762] </TASK> [ 12.248771] [ 12.259877] Allocated by task 154: [ 12.260164] kasan_save_stack+0x45/0x70 [ 12.260520] kasan_save_track+0x18/0x40 [ 12.260757] kasan_save_alloc_info+0x3b/0x50 [ 12.261100] __kasan_kmalloc+0xb7/0xc0 [ 12.261385] __kmalloc_cache_noprof+0x189/0x420 [ 12.261702] kmalloc_oob_right+0xa9/0x7f0 [ 12.262052] kunit_try_run_case+0x1a5/0x480 [ 12.262241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.262501] kthread+0x337/0x6f0 [ 12.262662] ret_from_fork+0x116/0x1d0 [ 12.263289] ret_from_fork_asm+0x1a/0x30 [ 12.263489] [ 12.263676] The buggy address belongs to the object at ffff888103249200 [ 12.263676] which belongs to the cache kmalloc-128 of size 128 [ 12.264523] The buggy address is located 13 bytes to the right of [ 12.264523] allocated 115-byte region [ffff888103249200, ffff888103249273) [ 12.265429] [ 12.265522] The buggy address belongs to the physical page: [ 12.265775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 12.266398] flags: 0x200000000000000(node=0|zone=2) [ 12.266763] page_type: f5(slab) [ 12.266959] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.267456] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.267793] page dumped because: kasan: bad access detected [ 12.268365] [ 12.268446] Memory state around the buggy address: [ 12.268920] ffff888103249180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.269424] ffff888103249200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.269874] >ffff888103249280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.270376] ^ [ 12.270528] ffff888103249300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.271242] ffff888103249380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.271531] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 145.371074] WARNING: CPU: 0 PID: 2764 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 145.372014] Modules linked in: [ 145.372618] CPU: 0 UID: 0 PID: 2764 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 145.373704] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 145.374458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 145.376083] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 145.376814] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 145.378978] RSP: 0000:ffff888109fafc78 EFLAGS: 00010286 [ 145.379779] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 145.380847] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffab833d3c [ 145.381709] RBP: ffff888109fafca0 R08: 0000000000000000 R09: ffffed1020731c00 [ 145.381938] R10: ffff88810398e007 R11: 0000000000000000 R12: ffffffffab833d28 [ 145.382569] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888109fafd38 [ 145.383334] FS: 0000000000000000(0000) GS:ffff8881ad872000(0000) knlGS:0000000000000000 [ 145.383779] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.383968] CR2: 00007ffff7ffe000 CR3: 000000002e8bc000 CR4: 00000000000006f0 [ 145.384673] DR0: ffffffffad852440 DR1: ffffffffad852441 DR2: ffffffffad852442 [ 145.385454] DR3: ffffffffad852443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 145.386015] Call Trace: [ 145.386346] <TASK> [ 145.386566] drm_test_rect_calc_vscale+0x108/0x270 [ 145.386750] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 145.386931] ? __schedule+0x10c6/0x2b60 [ 145.387104] ? __pfx_read_tsc+0x10/0x10 [ 145.387249] ? ktime_get_ts64+0x86/0x230 [ 145.387560] kunit_try_run_case+0x1a5/0x480 [ 145.387801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.388011] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 145.388378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 145.388574] ? __kthread_parkme+0x82/0x180 [ 145.388828] ? preempt_count_sub+0x50/0x80 [ 145.389038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.389303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 145.389631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 145.389956] kthread+0x337/0x6f0 [ 145.390128] ? trace_preempt_on+0x20/0xc0 [ 145.390379] ? __pfx_kthread+0x10/0x10 [ 145.390593] ? _raw_spin_unlock_irq+0x47/0x80 [ 145.390848] ? calculate_sigpending+0x7b/0xa0 [ 145.391041] ? __pfx_kthread+0x10/0x10 [ 145.391308] ret_from_fork+0x116/0x1d0 [ 145.391467] ? __pfx_kthread+0x10/0x10 [ 145.391613] ret_from_fork_asm+0x1a/0x30 [ 145.391826] </TASK> [ 145.391953] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 145.396096] WARNING: CPU: 1 PID: 2766 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 145.397654] Modules linked in: [ 145.397945] CPU: 1 UID: 0 PID: 2766 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 145.398943] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 145.399517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 145.400919] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 145.401352] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 145.402360] RSP: 0000:ffff888102a3fc78 EFLAGS: 00010286 [ 145.402926] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 145.403632] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffab833d74 [ 145.404469] RBP: ffff888102a3fca0 R08: 0000000000000000 R09: ffffed1021421880 [ 145.404697] R10: ffff88810a10c407 R11: 0000000000000000 R12: ffffffffab833d60 [ 145.405399] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102a3fd38 [ 145.406299] FS: 0000000000000000(0000) GS:ffff8881ad972000(0000) knlGS:0000000000000000 [ 145.406724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.406915] CR2: ffffffffffffffff CR3: 000000002e8bc000 CR4: 00000000000006f0 [ 145.407377] DR0: ffffffffad852440 DR1: ffffffffad852441 DR2: ffffffffad852443 [ 145.408258] DR3: ffffffffad852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 145.408912] Call Trace: [ 145.409171] <TASK> [ 145.409495] drm_test_rect_calc_vscale+0x108/0x270 [ 145.409886] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 145.410223] ? __schedule+0x10c6/0x2b60 [ 145.410645] ? __pfx_read_tsc+0x10/0x10 [ 145.411053] ? ktime_get_ts64+0x86/0x230 [ 145.411524] kunit_try_run_case+0x1a5/0x480 [ 145.411693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.412116] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 145.412837] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 145.413474] ? __kthread_parkme+0x82/0x180 [ 145.413641] ? preempt_count_sub+0x50/0x80 [ 145.413817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.413988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 145.414602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 145.415254] kthread+0x337/0x6f0 [ 145.415847] ? trace_preempt_on+0x20/0xc0 [ 145.416635] ? __pfx_kthread+0x10/0x10 [ 145.417232] ? _raw_spin_unlock_irq+0x47/0x80 [ 145.417762] ? calculate_sigpending+0x7b/0xa0 [ 145.418156] ? __pfx_kthread+0x10/0x10 [ 145.418560] ret_from_fork+0x116/0x1d0 [ 145.418741] ? __pfx_kthread+0x10/0x10 [ 145.419248] ret_from_fork_asm+0x1a/0x30 [ 145.419503] </TASK> [ 145.419605] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 145.309579] WARNING: CPU: 0 PID: 2752 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 145.310971] Modules linked in: [ 145.311597] CPU: 0 UID: 0 PID: 2752 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 145.312716] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 145.312905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 145.313594] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 145.314405] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 1b e5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 145.315829] RSP: 0000:ffff888100f37c78 EFLAGS: 00010286 [ 145.316554] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 145.316925] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffab833d40 [ 145.317472] RBP: ffff888100f37ca0 R08: 0000000000000000 R09: ffffed1020732960 [ 145.318012] R10: ffff888103994b07 R11: 0000000000000000 R12: ffffffffab833d28 [ 145.318560] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888100f37d38 [ 145.318842] FS: 0000000000000000(0000) GS:ffff8881ad872000(0000) knlGS:0000000000000000 [ 145.319862] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.320341] CR2: 00007ffff7ffe000 CR3: 000000002e8bc000 CR4: 00000000000006f0 [ 145.320578] DR0: ffffffffad852440 DR1: ffffffffad852441 DR2: ffffffffad852442 [ 145.320900] DR3: ffffffffad852443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 145.321673] Call Trace: [ 145.321951] <TASK> [ 145.322305] drm_test_rect_calc_hscale+0x108/0x270 [ 145.322797] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 145.323450] ? __schedule+0x10c6/0x2b60 [ 145.323611] ? __pfx_read_tsc+0x10/0x10 [ 145.323778] ? ktime_get_ts64+0x86/0x230 [ 145.324393] kunit_try_run_case+0x1a5/0x480 [ 145.324854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.325401] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 145.325809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 145.325988] ? __kthread_parkme+0x82/0x180 [ 145.326430] ? preempt_count_sub+0x50/0x80 [ 145.326873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.327465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 145.327740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 145.327939] kthread+0x337/0x6f0 [ 145.328341] ? trace_preempt_on+0x20/0xc0 [ 145.328776] ? __pfx_kthread+0x10/0x10 [ 145.329273] ? _raw_spin_unlock_irq+0x47/0x80 [ 145.329722] ? calculate_sigpending+0x7b/0xa0 [ 145.330242] ? __pfx_kthread+0x10/0x10 [ 145.330395] ret_from_fork+0x116/0x1d0 [ 145.330553] ? __pfx_kthread+0x10/0x10 [ 145.330696] ret_from_fork_asm+0x1a/0x30 [ 145.331296] </TASK> [ 145.331556] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 145.335621] WARNING: CPU: 0 PID: 2754 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 145.335935] Modules linked in: [ 145.336080] CPU: 0 UID: 0 PID: 2754 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 145.336411] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 145.336606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 145.336877] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 145.337056] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 1b e5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 145.338621] RSP: 0000:ffff888100af7c78 EFLAGS: 00010286 [ 145.339545] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 145.340424] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffab833d78 [ 145.341314] RBP: ffff888100af7ca0 R08: 0000000000000000 R09: ffffed10207329a0 [ 145.342113] R10: ffff888103994d07 R11: 0000000000000000 R12: ffffffffab833d60 [ 145.342963] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888100af7d38 [ 145.343722] FS: 0000000000000000(0000) GS:ffff8881ad872000(0000) knlGS:0000000000000000 [ 145.344624] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 145.345253] CR2: 00007ffff7ffe000 CR3: 000000002e8bc000 CR4: 00000000000006f0 [ 145.346133] DR0: ffffffffad852440 DR1: ffffffffad852441 DR2: ffffffffad852442 [ 145.346891] DR3: ffffffffad852443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 145.347601] Call Trace: [ 145.347871] <TASK> [ 145.348144] drm_test_rect_calc_hscale+0x108/0x270 [ 145.348599] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 145.348962] ? __schedule+0x10c6/0x2b60 [ 145.349125] ? __pfx_read_tsc+0x10/0x10 [ 145.349273] ? ktime_get_ts64+0x86/0x230 [ 145.349422] kunit_try_run_case+0x1a5/0x480 [ 145.349588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.349754] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 145.349919] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 145.350100] ? __kthread_parkme+0x82/0x180 [ 145.350250] ? preempt_count_sub+0x50/0x80 [ 145.350400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 145.350929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 145.351480] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 145.352189] kthread+0x337/0x6f0 [ 145.352555] ? trace_preempt_on+0x20/0xc0 [ 145.353025] ? __pfx_kthread+0x10/0x10 [ 145.353505] ? _raw_spin_unlock_irq+0x47/0x80 [ 145.353955] ? calculate_sigpending+0x7b/0xa0 [ 145.354447] ? __pfx_kthread+0x10/0x10 [ 145.354844] ret_from_fork+0x116/0x1d0 [ 145.355316] ? __pfx_kthread+0x10/0x10 [ 145.355676] ret_from_fork_asm+0x1a/0x30 [ 145.356115] </TASK> [ 145.356338] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.356170] ================================================================== [ 49.356596] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 49.356596] [ 49.357021] Use-after-free read at 0x(____ptrval____) (in kfence-#128): [ 49.357366] test_krealloc+0x6fc/0xbe0 [ 49.357556] kunit_try_run_case+0x1a5/0x480 [ 49.357811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.358076] kthread+0x337/0x6f0 [ 49.358260] ret_from_fork+0x116/0x1d0 [ 49.358414] ret_from_fork_asm+0x1a/0x30 [ 49.358694] [ 49.358829] kfence-#128: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.358829] [ 49.359691] allocated by task 355 on cpu 1 at 49.355377s (0.004311s ago): [ 49.360083] test_alloc+0x364/0x10f0 [ 49.360225] test_krealloc+0xad/0xbe0 [ 49.360400] kunit_try_run_case+0x1a5/0x480 [ 49.360632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.361185] kthread+0x337/0x6f0 [ 49.361662] ret_from_fork+0x116/0x1d0 [ 49.361853] ret_from_fork_asm+0x1a/0x30 [ 49.362321] [ 49.362549] freed by task 355 on cpu 1 at 49.355680s (0.006865s ago): [ 49.362976] krealloc_noprof+0x108/0x340 [ 49.363287] test_krealloc+0x226/0xbe0 [ 49.363601] kunit_try_run_case+0x1a5/0x480 [ 49.363808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.364249] kthread+0x337/0x6f0 [ 49.364539] ret_from_fork+0x116/0x1d0 [ 49.364820] ret_from_fork_asm+0x1a/0x30 [ 49.365052] [ 49.365290] CPU: 1 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 49.365778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.366263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.366757] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.278285] ================================================================== [ 49.278722] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.278722] [ 49.279396] Use-after-free read at 0x(____ptrval____) (in kfence-#127): [ 49.279632] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 49.280444] kunit_try_run_case+0x1a5/0x480 [ 49.280674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.281105] kthread+0x337/0x6f0 [ 49.281492] ret_from_fork+0x116/0x1d0 [ 49.281807] ret_from_fork_asm+0x1a/0x30 [ 49.282031] [ 49.282152] kfence-#127: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 49.282152] [ 49.282440] allocated by task 353 on cpu 0 at 49.253006s (0.029432s ago): [ 49.282686] test_alloc+0x2a6/0x10f0 [ 49.282878] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 49.283104] kunit_try_run_case+0x1a5/0x480 [ 49.283258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.283525] kthread+0x337/0x6f0 [ 49.283697] ret_from_fork+0x116/0x1d0 [ 49.283833] ret_from_fork_asm+0x1a/0x30 [ 49.284023] [ 49.284124] freed by task 353 on cpu 0 at 49.253148s (0.030972s ago): [ 49.284436] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 49.285308] kunit_try_run_case+0x1a5/0x480 [ 49.285624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.285882] kthread+0x337/0x6f0 [ 49.286046] ret_from_fork+0x116/0x1d0 [ 49.286227] ret_from_fork_asm+0x1a/0x30 [ 49.286416] [ 49.286550] CPU: 0 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 49.287370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.287691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.288278] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.992518] ================================================================== [ 23.993114] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.993114] [ 23.994301] Invalid read at 0x(____ptrval____): [ 23.994608] test_invalid_access+0xf0/0x210 [ 23.994820] kunit_try_run_case+0x1a5/0x480 [ 23.995196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.995773] kthread+0x337/0x6f0 [ 23.995959] ret_from_fork+0x116/0x1d0 [ 23.996540] ret_from_fork_asm+0x1a/0x30 [ 23.996950] [ 23.997074] CPU: 0 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.997733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.997920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.998422] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 23.771663] ================================================================== [ 23.772105] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.772105] [ 23.772465] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#123): [ 23.773168] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.773381] kunit_try_run_case+0x1a5/0x480 [ 23.773651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.773966] kthread+0x337/0x6f0 [ 23.774115] ret_from_fork+0x116/0x1d0 [ 23.774322] ret_from_fork_asm+0x1a/0x30 [ 23.774549] [ 23.774656] kfence-#123: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.774656] [ 23.775129] allocated by task 343 on cpu 1 at 23.771368s (0.003759s ago): [ 23.775507] test_alloc+0x364/0x10f0 [ 23.775710] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 23.776039] kunit_try_run_case+0x1a5/0x480 [ 23.776203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.776426] kthread+0x337/0x6f0 [ 23.776671] ret_from_fork+0x116/0x1d0 [ 23.776872] ret_from_fork_asm+0x1a/0x30 [ 23.777067] [ 23.777145] freed by task 343 on cpu 1 at 23.771536s (0.005605s ago): [ 23.777719] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.778000] kunit_try_run_case+0x1a5/0x480 [ 23.778236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.778428] kthread+0x337/0x6f0 [ 23.778597] ret_from_fork+0x116/0x1d0 [ 23.778845] ret_from_fork_asm+0x1a/0x30 [ 23.779118] [ 23.779535] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.780544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.780798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.781358] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.667661] ================================================================== [ 23.668129] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.668129] [ 23.668538] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#122): [ 23.668913] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.669626] kunit_try_run_case+0x1a5/0x480 [ 23.669851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.670144] kthread+0x337/0x6f0 [ 23.670337] ret_from_fork+0x116/0x1d0 [ 23.670553] ret_from_fork_asm+0x1a/0x30 [ 23.670748] [ 23.670855] kfence-#122: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.670855] [ 23.671931] allocated by task 341 on cpu 0 at 23.667403s (0.004525s ago): [ 23.672238] test_alloc+0x364/0x10f0 [ 23.672579] test_kmalloc_aligned_oob_read+0x105/0x560 [ 23.672811] kunit_try_run_case+0x1a5/0x480 [ 23.673186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.673518] kthread+0x337/0x6f0 [ 23.673699] ret_from_fork+0x116/0x1d0 [ 23.674023] ret_from_fork_asm+0x1a/0x30 [ 23.674303] [ 23.674429] CPU: 0 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.675210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.675410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.676024] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.611659] ================================================================== [ 19.612072] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.612072] [ 19.612380] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#83): [ 19.612792] test_corruption+0x2df/0x3e0 [ 19.613019] kunit_try_run_case+0x1a5/0x480 [ 19.613185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.613407] kthread+0x337/0x6f0 [ 19.613600] ret_from_fork+0x116/0x1d0 [ 19.613797] ret_from_fork_asm+0x1a/0x30 [ 19.614007] [ 19.614086] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.614086] [ 19.614497] allocated by task 329 on cpu 0 at 19.611389s (0.003106s ago): [ 19.614780] test_alloc+0x364/0x10f0 [ 19.615004] test_corruption+0x1cb/0x3e0 [ 19.615205] kunit_try_run_case+0x1a5/0x480 [ 19.615358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.615631] kthread+0x337/0x6f0 [ 19.615822] ret_from_fork+0x116/0x1d0 [ 19.616020] ret_from_fork_asm+0x1a/0x30 [ 19.616256] [ 19.616339] freed by task 329 on cpu 0 at 19.611497s (0.004840s ago): [ 19.616635] test_corruption+0x2df/0x3e0 [ 19.616855] kunit_try_run_case+0x1a5/0x480 [ 19.617058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.617285] kthread+0x337/0x6f0 [ 19.617476] ret_from_fork+0x116/0x1d0 [ 19.617635] ret_from_fork_asm+0x1a/0x30 [ 19.617882] [ 19.617984] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.618331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.618489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.618903] ================================================================== [ 19.507669] ================================================================== [ 19.508147] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 19.508147] [ 19.508612] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#82): [ 19.509366] test_corruption+0x2d2/0x3e0 [ 19.509583] kunit_try_run_case+0x1a5/0x480 [ 19.509857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.510130] kthread+0x337/0x6f0 [ 19.510295] ret_from_fork+0x116/0x1d0 [ 19.510486] ret_from_fork_asm+0x1a/0x30 [ 19.510683] [ 19.510798] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.510798] [ 19.511207] allocated by task 329 on cpu 0 at 19.507370s (0.003835s ago): [ 19.511544] test_alloc+0x364/0x10f0 [ 19.511685] test_corruption+0xe6/0x3e0 [ 19.511831] kunit_try_run_case+0x1a5/0x480 [ 19.512024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.512307] kthread+0x337/0x6f0 [ 19.512499] ret_from_fork+0x116/0x1d0 [ 19.512698] ret_from_fork_asm+0x1a/0x30 [ 19.512959] [ 19.513038] freed by task 329 on cpu 0 at 19.507495s (0.005541s ago): [ 19.513343] test_corruption+0x2d2/0x3e0 [ 19.513569] kunit_try_run_case+0x1a5/0x480 [ 19.513795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.514034] kthread+0x337/0x6f0 [ 19.514197] ret_from_fork+0x116/0x1d0 [ 19.514396] ret_from_fork_asm+0x1a/0x30 [ 19.514581] [ 19.514712] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.515455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.515644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.516200] ================================================================== [ 19.715491] ================================================================== [ 19.715915] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.715915] [ 19.716396] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#84): [ 19.717314] test_corruption+0x131/0x3e0 [ 19.717503] kunit_try_run_case+0x1a5/0x480 [ 19.717709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.717968] kthread+0x337/0x6f0 [ 19.718252] ret_from_fork+0x116/0x1d0 [ 19.718701] ret_from_fork_asm+0x1a/0x30 [ 19.718988] [ 19.719515] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.719515] [ 19.720010] allocated by task 331 on cpu 0 at 19.715342s (0.004665s ago): [ 19.720546] test_alloc+0x2a6/0x10f0 [ 19.720710] test_corruption+0xe6/0x3e0 [ 19.721092] kunit_try_run_case+0x1a5/0x480 [ 19.721276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.721569] kthread+0x337/0x6f0 [ 19.721726] ret_from_fork+0x116/0x1d0 [ 19.721918] ret_from_fork_asm+0x1a/0x30 [ 19.722448] [ 19.722543] freed by task 331 on cpu 0 at 19.715403s (0.007137s ago): [ 19.723009] test_corruption+0x131/0x3e0 [ 19.723289] kunit_try_run_case+0x1a5/0x480 [ 19.723584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.723966] kthread+0x337/0x6f0 [ 19.724138] ret_from_fork+0x116/0x1d0 [ 19.724445] ret_from_fork_asm+0x1a/0x30 [ 19.724734] [ 19.724902] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.725376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.725583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.726193] ================================================================== [ 19.923556] ================================================================== [ 19.924013] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.924013] [ 19.924309] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#86): [ 19.925079] test_corruption+0x216/0x3e0 [ 19.925287] kunit_try_run_case+0x1a5/0x480 [ 19.925497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.925706] kthread+0x337/0x6f0 [ 19.926211] ret_from_fork+0x116/0x1d0 [ 19.926410] ret_from_fork_asm+0x1a/0x30 [ 19.926704] [ 19.926891] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.926891] [ 19.927341] allocated by task 331 on cpu 0 at 19.923409s (0.003930s ago): [ 19.927826] test_alloc+0x2a6/0x10f0 [ 19.928024] test_corruption+0x1cb/0x3e0 [ 19.928214] kunit_try_run_case+0x1a5/0x480 [ 19.928415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.928672] kthread+0x337/0x6f0 [ 19.929062] ret_from_fork+0x116/0x1d0 [ 19.929253] ret_from_fork_asm+0x1a/0x30 [ 19.929420] [ 19.929607] freed by task 331 on cpu 0 at 19.923461s (0.006142s ago): [ 19.930143] test_corruption+0x216/0x3e0 [ 19.930450] kunit_try_run_case+0x1a5/0x480 [ 19.930673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.931145] kthread+0x337/0x6f0 [ 19.931313] ret_from_fork+0x116/0x1d0 [ 19.931501] ret_from_fork_asm+0x1a/0x30 [ 19.931688] [ 19.931797] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.932606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.932895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.933330] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.987514] ================================================================== [ 18.987985] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.987985] [ 18.988340] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 18.988647] test_invalid_addr_free+0x1e1/0x260 [ 18.988882] kunit_try_run_case+0x1a5/0x480 [ 18.989041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.989330] kthread+0x337/0x6f0 [ 18.989498] ret_from_fork+0x116/0x1d0 [ 18.989668] ret_from_fork_asm+0x1a/0x30 [ 18.989831] [ 18.989955] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.989955] [ 18.990375] allocated by task 325 on cpu 0 at 18.987383s (0.002990s ago): [ 18.990681] test_alloc+0x364/0x10f0 [ 18.990853] test_invalid_addr_free+0xdb/0x260 [ 18.991014] kunit_try_run_case+0x1a5/0x480 [ 18.991176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.991441] kthread+0x337/0x6f0 [ 18.991669] ret_from_fork+0x116/0x1d0 [ 18.991901] ret_from_fork_asm+0x1a/0x30 [ 18.992065] [ 18.992167] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.992619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.992852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.993206] ================================================================== [ 19.091560] ================================================================== [ 19.092066] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 19.092066] [ 19.092528] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 19.092839] test_invalid_addr_free+0xfb/0x260 [ 19.093097] kunit_try_run_case+0x1a5/0x480 [ 19.093256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.093502] kthread+0x337/0x6f0 [ 19.093714] ret_from_fork+0x116/0x1d0 [ 19.093910] ret_from_fork_asm+0x1a/0x30 [ 19.094239] [ 19.094352] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.094352] [ 19.094653] allocated by task 327 on cpu 1 at 19.091424s (0.003226s ago): [ 19.094975] test_alloc+0x2a6/0x10f0 [ 19.095187] test_invalid_addr_free+0xdb/0x260 [ 19.095392] kunit_try_run_case+0x1a5/0x480 [ 19.095556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.095867] kthread+0x337/0x6f0 [ 19.096073] ret_from_fork+0x116/0x1d0 [ 19.096272] ret_from_fork_asm+0x1a/0x30 [ 19.096504] [ 19.096620] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.097144] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.097350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.097790] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.779700] ================================================================== [ 18.780270] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.780270] [ 18.780645] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 18.780972] test_double_free+0x1d3/0x260 [ 18.781638] kunit_try_run_case+0x1a5/0x480 [ 18.781952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.782223] kthread+0x337/0x6f0 [ 18.782396] ret_from_fork+0x116/0x1d0 [ 18.782591] ret_from_fork_asm+0x1a/0x30 [ 18.782782] [ 18.782879] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.782879] [ 18.783287] allocated by task 321 on cpu 1 at 18.779423s (0.003862s ago): [ 18.784306] test_alloc+0x364/0x10f0 [ 18.784612] test_double_free+0xdb/0x260 [ 18.784777] kunit_try_run_case+0x1a5/0x480 [ 18.785156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.785512] kthread+0x337/0x6f0 [ 18.785666] ret_from_fork+0x116/0x1d0 [ 18.785898] ret_from_fork_asm+0x1a/0x30 [ 18.786294] [ 18.786388] freed by task 321 on cpu 1 at 18.779495s (0.006889s ago): [ 18.786901] test_double_free+0x1e0/0x260 [ 18.787182] kunit_try_run_case+0x1a5/0x480 [ 18.787415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.787672] kthread+0x337/0x6f0 [ 18.788015] ret_from_fork+0x116/0x1d0 [ 18.788271] ret_from_fork_asm+0x1a/0x30 [ 18.788550] [ 18.788757] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.789315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.789627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.790132] ================================================================== [ 18.883604] ================================================================== [ 18.884127] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.884127] [ 18.884762] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 18.885081] test_double_free+0x112/0x260 [ 18.885245] kunit_try_run_case+0x1a5/0x480 [ 18.885635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.886034] kthread+0x337/0x6f0 [ 18.886201] ret_from_fork+0x116/0x1d0 [ 18.886342] ret_from_fork_asm+0x1a/0x30 [ 18.886502] [ 18.886581] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.886581] [ 18.886886] allocated by task 323 on cpu 0 at 18.883425s (0.003459s ago): [ 18.887462] test_alloc+0x2a6/0x10f0 [ 18.887807] test_double_free+0xdb/0x260 [ 18.888155] kunit_try_run_case+0x1a5/0x480 [ 18.888589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.889116] kthread+0x337/0x6f0 [ 18.889484] ret_from_fork+0x116/0x1d0 [ 18.889821] ret_from_fork_asm+0x1a/0x30 [ 18.890067] [ 18.890146] freed by task 323 on cpu 0 at 18.883465s (0.006678s ago): [ 18.890402] test_double_free+0xfa/0x260 [ 18.890557] kunit_try_run_case+0x1a5/0x480 [ 18.890708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.890936] kthread+0x337/0x6f0 [ 18.891063] ret_from_fork+0x116/0x1d0 [ 18.891201] ret_from_fork_asm+0x1a/0x30 [ 18.891348] [ 18.891453] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.891825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.891999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.892304] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 18.467590] ================================================================== [ 18.468133] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.468133] [ 18.468554] Use-after-free read at 0x(____ptrval____) (in kfence-#72): [ 18.468995] test_use_after_free_read+0x129/0x270 [ 18.469273] kunit_try_run_case+0x1a5/0x480 [ 18.469432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.469622] kthread+0x337/0x6f0 [ 18.469753] ret_from_fork+0x116/0x1d0 [ 18.470189] ret_from_fork_asm+0x1a/0x30 [ 18.470602] [ 18.470803] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.470803] [ 18.471663] allocated by task 315 on cpu 0 at 18.467421s (0.004240s ago): [ 18.472390] test_alloc+0x2a6/0x10f0 [ 18.472598] test_use_after_free_read+0xdc/0x270 [ 18.472783] kunit_try_run_case+0x1a5/0x480 [ 18.473025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.473283] kthread+0x337/0x6f0 [ 18.473507] ret_from_fork+0x116/0x1d0 [ 18.473710] ret_from_fork_asm+0x1a/0x30 [ 18.473917] [ 18.474058] freed by task 315 on cpu 0 at 18.467482s (0.006573s ago): [ 18.474360] test_use_after_free_read+0xfb/0x270 [ 18.474611] kunit_try_run_case+0x1a5/0x480 [ 18.474857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.475128] kthread+0x337/0x6f0 [ 18.475254] ret_from_fork+0x116/0x1d0 [ 18.475443] ret_from_fork_asm+0x1a/0x30 [ 18.475686] [ 18.475842] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.476281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.476486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.476941] ================================================================== [ 18.363649] ================================================================== [ 18.364102] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 18.364102] [ 18.364592] Use-after-free read at 0x(____ptrval____) (in kfence-#71): [ 18.364920] test_use_after_free_read+0x129/0x270 [ 18.365098] kunit_try_run_case+0x1a5/0x480 [ 18.365312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.365586] kthread+0x337/0x6f0 [ 18.365728] ret_from_fork+0x116/0x1d0 [ 18.365870] ret_from_fork_asm+0x1a/0x30 [ 18.366731] [ 18.366948] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.366948] [ 18.367354] allocated by task 313 on cpu 1 at 18.363419s (0.003932s ago): [ 18.367670] test_alloc+0x364/0x10f0 [ 18.368182] test_use_after_free_read+0xdc/0x270 [ 18.368373] kunit_try_run_case+0x1a5/0x480 [ 18.368609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.369000] kthread+0x337/0x6f0 [ 18.369167] ret_from_fork+0x116/0x1d0 [ 18.369345] ret_from_fork_asm+0x1a/0x30 [ 18.369564] [ 18.370100] freed by task 313 on cpu 1 at 18.363482s (0.006215s ago): [ 18.370452] test_use_after_free_read+0x1e7/0x270 [ 18.370798] kunit_try_run_case+0x1a5/0x480 [ 18.371005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.371357] kthread+0x337/0x6f0 [ 18.371622] ret_from_fork+0x116/0x1d0 [ 18.371791] ret_from_fork_asm+0x1a/0x30 [ 18.372040] [ 18.372369] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.372938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.373093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.373631] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 18.155518] ================================================================== [ 18.156072] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 18.156072] [ 18.156487] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#69): [ 18.156860] test_out_of_bounds_write+0x10d/0x260 [ 18.157109] kunit_try_run_case+0x1a5/0x480 [ 18.157350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.157593] kthread+0x337/0x6f0 [ 18.157780] ret_from_fork+0x116/0x1d0 [ 18.158078] ret_from_fork_asm+0x1a/0x30 [ 18.158240] [ 18.158318] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.158318] [ 18.158817] allocated by task 309 on cpu 0 at 18.155387s (0.003428s ago): [ 18.159574] test_alloc+0x364/0x10f0 [ 18.159768] test_out_of_bounds_write+0xd4/0x260 [ 18.160109] kunit_try_run_case+0x1a5/0x480 [ 18.160333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.160595] kthread+0x337/0x6f0 [ 18.161356] ret_from_fork+0x116/0x1d0 [ 18.161535] ret_from_fork_asm+0x1a/0x30 [ 18.161868] [ 18.162131] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.162700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.162903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.163503] ================================================================== [ 18.259448] ================================================================== [ 18.259891] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 18.259891] [ 18.260287] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#70): [ 18.260646] test_out_of_bounds_write+0x10d/0x260 [ 18.260899] kunit_try_run_case+0x1a5/0x480 [ 18.261087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.261288] kthread+0x337/0x6f0 [ 18.261477] ret_from_fork+0x116/0x1d0 [ 18.261678] ret_from_fork_asm+0x1a/0x30 [ 18.261884] [ 18.261962] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.261962] [ 18.262327] allocated by task 311 on cpu 1 at 18.259382s (0.002942s ago): [ 18.262618] test_alloc+0x2a6/0x10f0 [ 18.262827] test_out_of_bounds_write+0xd4/0x260 [ 18.263031] kunit_try_run_case+0x1a5/0x480 [ 18.263203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.263477] kthread+0x337/0x6f0 [ 18.263656] ret_from_fork+0x116/0x1d0 [ 18.263850] ret_from_fork_asm+0x1a/0x30 [ 18.264052] [ 18.264166] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.264636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.264844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.265187] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.428460] ================================================================== [ 17.429043] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.429043] [ 17.429567] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#62): [ 17.430483] test_out_of_bounds_read+0x126/0x4e0 [ 17.430746] kunit_try_run_case+0x1a5/0x480 [ 17.431187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.431390] kthread+0x337/0x6f0 [ 17.431535] ret_from_fork+0x116/0x1d0 [ 17.431675] ret_from_fork_asm+0x1a/0x30 [ 17.432224] [ 17.432591] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.432591] [ 17.433301] allocated by task 305 on cpu 1 at 17.427398s (0.005781s ago): [ 17.433990] test_alloc+0x364/0x10f0 [ 17.434215] test_out_of_bounds_read+0xed/0x4e0 [ 17.434422] kunit_try_run_case+0x1a5/0x480 [ 17.434633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.434881] kthread+0x337/0x6f0 [ 17.435283] ret_from_fork+0x116/0x1d0 [ 17.435560] ret_from_fork_asm+0x1a/0x30 [ 17.435824] [ 17.436125] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.436696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.436934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.437327] ================================================================== [ 17.531611] ================================================================== [ 17.532217] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.532217] [ 17.532650] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#63): [ 17.533361] test_out_of_bounds_read+0x216/0x4e0 [ 17.533632] kunit_try_run_case+0x1a5/0x480 [ 17.533860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.534416] kthread+0x337/0x6f0 [ 17.534637] ret_from_fork+0x116/0x1d0 [ 17.535012] ret_from_fork_asm+0x1a/0x30 [ 17.535292] [ 17.535384] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.535384] [ 17.535912] allocated by task 305 on cpu 1 at 17.531401s (0.004509s ago): [ 17.536238] test_alloc+0x364/0x10f0 [ 17.536434] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.536658] kunit_try_run_case+0x1a5/0x480 [ 17.536856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.537440] kthread+0x337/0x6f0 [ 17.537598] ret_from_fork+0x116/0x1d0 [ 17.537995] ret_from_fork_asm+0x1a/0x30 [ 17.538175] [ 17.538376] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.539055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.539327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.539793] ================================================================== [ 17.739428] ================================================================== [ 17.739887] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.739887] [ 17.740332] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#65): [ 17.740713] test_out_of_bounds_read+0x126/0x4e0 [ 17.740921] kunit_try_run_case+0x1a5/0x480 [ 17.741135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.741368] kthread+0x337/0x6f0 [ 17.741511] ret_from_fork+0x116/0x1d0 [ 17.741709] ret_from_fork_asm+0x1a/0x30 [ 17.742130] [ 17.742242] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.742242] [ 17.742647] allocated by task 307 on cpu 0 at 17.739361s (0.003284s ago): [ 17.743009] test_alloc+0x2a6/0x10f0 [ 17.743246] test_out_of_bounds_read+0xed/0x4e0 [ 17.743402] kunit_try_run_case+0x1a5/0x480 [ 17.743740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.744036] kthread+0x337/0x6f0 [ 17.744198] ret_from_fork+0x116/0x1d0 [ 17.744333] ret_from_fork_asm+0x1a/0x30 [ 17.744567] [ 17.744721] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.745232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.745447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.745810] ================================================================== [ 17.947419] ================================================================== [ 17.947901] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.947901] [ 17.948349] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#67): [ 17.948716] test_out_of_bounds_read+0x216/0x4e0 [ 17.949031] kunit_try_run_case+0x1a5/0x480 [ 17.949283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.949523] kthread+0x337/0x6f0 [ 17.949658] ret_from_fork+0x116/0x1d0 [ 17.949960] ret_from_fork_asm+0x1a/0x30 [ 17.950202] [ 17.950309] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.950309] [ 17.950739] allocated by task 307 on cpu 0 at 17.947360s (0.003377s ago): [ 17.951039] test_alloc+0x2a6/0x10f0 [ 17.951236] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.951487] kunit_try_run_case+0x1a5/0x480 [ 17.951719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.951995] kthread+0x337/0x6f0 [ 17.952180] ret_from_fork+0x116/0x1d0 [ 17.952384] ret_from_fork_asm+0x1a/0x30 [ 17.952544] [ 17.952659] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.953492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.953700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.954144] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 17.150798] ================================================================== [ 17.151218] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 17.151567] Write of size 121 at addr ffff8881029dff00 by task kunit_try_catch/303 [ 17.151923] [ 17.152041] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.152090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.152104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.152127] Call Trace: [ 17.152147] <TASK> [ 17.152165] dump_stack_lvl+0x73/0xb0 [ 17.152216] print_report+0xd1/0x610 [ 17.152255] ? __virt_addr_valid+0x1db/0x2d0 [ 17.152279] ? strncpy_from_user+0x2e/0x1d0 [ 17.152319] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.152343] ? strncpy_from_user+0x2e/0x1d0 [ 17.152382] kasan_report+0x141/0x180 [ 17.152421] ? strncpy_from_user+0x2e/0x1d0 [ 17.152451] kasan_check_range+0x10c/0x1c0 [ 17.152488] __kasan_check_write+0x18/0x20 [ 17.152509] strncpy_from_user+0x2e/0x1d0 [ 17.152532] ? __kasan_check_read+0x15/0x20 [ 17.152557] copy_user_test_oob+0x760/0x10f0 [ 17.152585] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.152611] ? finish_task_switch.isra.0+0x153/0x700 [ 17.152639] ? __switch_to+0x47/0xf50 [ 17.152669] ? __schedule+0x10c6/0x2b60 [ 17.152695] ? __pfx_read_tsc+0x10/0x10 [ 17.152720] ? ktime_get_ts64+0x86/0x230 [ 17.152747] kunit_try_run_case+0x1a5/0x480 [ 17.152773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.152798] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.152825] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.152850] ? __kthread_parkme+0x82/0x180 [ 17.152874] ? preempt_count_sub+0x50/0x80 [ 17.152899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.152925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.152951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.152993] kthread+0x337/0x6f0 [ 17.153016] ? trace_preempt_on+0x20/0xc0 [ 17.153056] ? __pfx_kthread+0x10/0x10 [ 17.153079] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.153103] ? calculate_sigpending+0x7b/0xa0 [ 17.153128] ? __pfx_kthread+0x10/0x10 [ 17.153151] ret_from_fork+0x116/0x1d0 [ 17.153172] ? __pfx_kthread+0x10/0x10 [ 17.153194] ret_from_fork_asm+0x1a/0x30 [ 17.153227] </TASK> [ 17.153239] [ 17.161258] Allocated by task 303: [ 17.161451] kasan_save_stack+0x45/0x70 [ 17.161665] kasan_save_track+0x18/0x40 [ 17.162235] kasan_save_alloc_info+0x3b/0x50 [ 17.162434] __kasan_kmalloc+0xb7/0xc0 [ 17.162585] __kmalloc_noprof+0x1c9/0x500 [ 17.162731] kunit_kmalloc_array+0x25/0x60 [ 17.163890] copy_user_test_oob+0xab/0x10f0 [ 17.165133] kunit_try_run_case+0x1a5/0x480 [ 17.165788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.166625] kthread+0x337/0x6f0 [ 17.167072] ret_from_fork+0x116/0x1d0 [ 17.167695] ret_from_fork_asm+0x1a/0x30 [ 17.168202] [ 17.168617] The buggy address belongs to the object at ffff8881029dff00 [ 17.168617] which belongs to the cache kmalloc-128 of size 128 [ 17.169921] The buggy address is located 0 bytes inside of [ 17.169921] allocated 120-byte region [ffff8881029dff00, ffff8881029dff78) [ 17.171241] [ 17.171450] The buggy address belongs to the physical page: [ 17.172142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 17.172975] flags: 0x200000000000000(node=0|zone=2) [ 17.173433] page_type: f5(slab) [ 17.173583] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.173838] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.174080] page dumped because: kasan: bad access detected [ 17.174268] [ 17.174345] Memory state around the buggy address: [ 17.175122] ffff8881029dfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.175943] ffff8881029dfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.176890] >ffff8881029dff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.177751] ^ [ 17.178641] ffff8881029dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.179823] ffff8881029e0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.180607] ================================================================== [ 17.182192] ================================================================== [ 17.183083] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 17.184076] Write of size 1 at addr ffff8881029dff78 by task kunit_try_catch/303 [ 17.184930] [ 17.185251] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.185307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.185432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.185491] Call Trace: [ 17.185514] <TASK> [ 17.185536] dump_stack_lvl+0x73/0xb0 [ 17.185617] print_report+0xd1/0x610 [ 17.185644] ? __virt_addr_valid+0x1db/0x2d0 [ 17.185670] ? strncpy_from_user+0x1a5/0x1d0 [ 17.185698] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.185723] ? strncpy_from_user+0x1a5/0x1d0 [ 17.185747] kasan_report+0x141/0x180 [ 17.185795] ? strncpy_from_user+0x1a5/0x1d0 [ 17.185825] __asan_report_store1_noabort+0x1b/0x30 [ 17.185851] strncpy_from_user+0x1a5/0x1d0 [ 17.185879] copy_user_test_oob+0x760/0x10f0 [ 17.185907] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.185932] ? finish_task_switch.isra.0+0x153/0x700 [ 17.185958] ? __switch_to+0x47/0xf50 [ 17.185986] ? __schedule+0x10c6/0x2b60 [ 17.186012] ? __pfx_read_tsc+0x10/0x10 [ 17.186036] ? ktime_get_ts64+0x86/0x230 [ 17.186062] kunit_try_run_case+0x1a5/0x480 [ 17.186091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.186121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.186148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.186173] ? __kthread_parkme+0x82/0x180 [ 17.186196] ? preempt_count_sub+0x50/0x80 [ 17.186221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.186247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.186272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.186298] kthread+0x337/0x6f0 [ 17.186319] ? trace_preempt_on+0x20/0xc0 [ 17.186347] ? __pfx_kthread+0x10/0x10 [ 17.186370] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.186395] ? calculate_sigpending+0x7b/0xa0 [ 17.186421] ? __pfx_kthread+0x10/0x10 [ 17.186444] ret_from_fork+0x116/0x1d0 [ 17.186465] ? __pfx_kthread+0x10/0x10 [ 17.186499] ret_from_fork_asm+0x1a/0x30 [ 17.186534] </TASK> [ 17.186546] [ 17.200317] Allocated by task 303: [ 17.200751] kasan_save_stack+0x45/0x70 [ 17.201283] kasan_save_track+0x18/0x40 [ 17.201690] kasan_save_alloc_info+0x3b/0x50 [ 17.202198] __kasan_kmalloc+0xb7/0xc0 [ 17.202572] __kmalloc_noprof+0x1c9/0x500 [ 17.202962] kunit_kmalloc_array+0x25/0x60 [ 17.203420] copy_user_test_oob+0xab/0x10f0 [ 17.203848] kunit_try_run_case+0x1a5/0x480 [ 17.204252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.204758] kthread+0x337/0x6f0 [ 17.205105] ret_from_fork+0x116/0x1d0 [ 17.205482] ret_from_fork_asm+0x1a/0x30 [ 17.205875] [ 17.206054] The buggy address belongs to the object at ffff8881029dff00 [ 17.206054] which belongs to the cache kmalloc-128 of size 128 [ 17.206958] The buggy address is located 0 bytes to the right of [ 17.206958] allocated 120-byte region [ffff8881029dff00, ffff8881029dff78) [ 17.207901] [ 17.208108] The buggy address belongs to the physical page: [ 17.208588] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 17.209009] flags: 0x200000000000000(node=0|zone=2) [ 17.209466] page_type: f5(slab) [ 17.209825] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.210357] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.210608] page dumped because: kasan: bad access detected [ 17.210824] [ 17.211005] Memory state around the buggy address: [ 17.211451] ffff8881029dfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.212158] ffff8881029dfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.212809] >ffff8881029dff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.213433] ^ [ 17.214052] ffff8881029dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.214282] ffff8881029e0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.214515] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 17.131097] ================================================================== [ 17.131386] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 17.131639] Read of size 121 at addr ffff8881029dff00 by task kunit_try_catch/303 [ 17.132126] [ 17.132243] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.132291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.132304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.132328] Call Trace: [ 17.132346] <TASK> [ 17.132364] dump_stack_lvl+0x73/0xb0 [ 17.132395] print_report+0xd1/0x610 [ 17.132421] ? __virt_addr_valid+0x1db/0x2d0 [ 17.132446] ? copy_user_test_oob+0x604/0x10f0 [ 17.132483] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.132508] ? copy_user_test_oob+0x604/0x10f0 [ 17.132533] kasan_report+0x141/0x180 [ 17.132557] ? copy_user_test_oob+0x604/0x10f0 [ 17.132587] kasan_check_range+0x10c/0x1c0 [ 17.132612] __kasan_check_read+0x15/0x20 [ 17.132632] copy_user_test_oob+0x604/0x10f0 [ 17.132660] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.132684] ? finish_task_switch.isra.0+0x153/0x700 [ 17.132709] ? __switch_to+0x47/0xf50 [ 17.132737] ? __schedule+0x10c6/0x2b60 [ 17.132763] ? __pfx_read_tsc+0x10/0x10 [ 17.132787] ? ktime_get_ts64+0x86/0x230 [ 17.132813] kunit_try_run_case+0x1a5/0x480 [ 17.132840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.132864] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.132891] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.132917] ? __kthread_parkme+0x82/0x180 [ 17.132941] ? preempt_count_sub+0x50/0x80 [ 17.132989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.133016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.133041] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.133085] kthread+0x337/0x6f0 [ 17.133107] ? trace_preempt_on+0x20/0xc0 [ 17.133133] ? __pfx_kthread+0x10/0x10 [ 17.133175] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.133199] ? calculate_sigpending+0x7b/0xa0 [ 17.133225] ? __pfx_kthread+0x10/0x10 [ 17.133266] ret_from_fork+0x116/0x1d0 [ 17.133286] ? __pfx_kthread+0x10/0x10 [ 17.133322] ret_from_fork_asm+0x1a/0x30 [ 17.133356] </TASK> [ 17.133368] [ 17.141430] Allocated by task 303: [ 17.141656] kasan_save_stack+0x45/0x70 [ 17.141888] kasan_save_track+0x18/0x40 [ 17.142157] kasan_save_alloc_info+0x3b/0x50 [ 17.142391] __kasan_kmalloc+0xb7/0xc0 [ 17.142594] __kmalloc_noprof+0x1c9/0x500 [ 17.142812] kunit_kmalloc_array+0x25/0x60 [ 17.143021] copy_user_test_oob+0xab/0x10f0 [ 17.143232] kunit_try_run_case+0x1a5/0x480 [ 17.143441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.143709] kthread+0x337/0x6f0 [ 17.143867] ret_from_fork+0x116/0x1d0 [ 17.144004] ret_from_fork_asm+0x1a/0x30 [ 17.144145] [ 17.144218] The buggy address belongs to the object at ffff8881029dff00 [ 17.144218] which belongs to the cache kmalloc-128 of size 128 [ 17.144585] The buggy address is located 0 bytes inside of [ 17.144585] allocated 120-byte region [ffff8881029dff00, ffff8881029dff78) [ 17.145410] [ 17.145524] The buggy address belongs to the physical page: [ 17.145851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 17.146255] flags: 0x200000000000000(node=0|zone=2) [ 17.146528] page_type: f5(slab) [ 17.146727] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.147271] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.147615] page dumped because: kasan: bad access detected [ 17.147799] [ 17.147872] Memory state around the buggy address: [ 17.148134] ffff8881029dfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.148509] ffff8881029dfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.148871] >ffff8881029dff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.149127] ^ [ 17.149441] ffff8881029dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.149746] ffff8881029e0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.150083] ================================================================== [ 17.070232] ================================================================== [ 17.070636] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 17.071339] Write of size 121 at addr ffff8881029dff00 by task kunit_try_catch/303 [ 17.072036] [ 17.072220] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.072273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.072286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.072311] Call Trace: [ 17.072328] <TASK> [ 17.072347] dump_stack_lvl+0x73/0xb0 [ 17.072382] print_report+0xd1/0x610 [ 17.072407] ? __virt_addr_valid+0x1db/0x2d0 [ 17.072433] ? copy_user_test_oob+0x3fd/0x10f0 [ 17.072459] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.072497] ? copy_user_test_oob+0x3fd/0x10f0 [ 17.072522] kasan_report+0x141/0x180 [ 17.072546] ? copy_user_test_oob+0x3fd/0x10f0 [ 17.072576] kasan_check_range+0x10c/0x1c0 [ 17.072601] __kasan_check_write+0x18/0x20 [ 17.072622] copy_user_test_oob+0x3fd/0x10f0 [ 17.072648] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.072673] ? finish_task_switch.isra.0+0x153/0x700 [ 17.072697] ? __switch_to+0x47/0xf50 [ 17.072725] ? __schedule+0x10c6/0x2b60 [ 17.072750] ? __pfx_read_tsc+0x10/0x10 [ 17.072774] ? ktime_get_ts64+0x86/0x230 [ 17.072814] kunit_try_run_case+0x1a5/0x480 [ 17.072840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.072865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.072892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.072917] ? __kthread_parkme+0x82/0x180 [ 17.072941] ? preempt_count_sub+0x50/0x80 [ 17.072966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.072991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.073016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.073042] kthread+0x337/0x6f0 [ 17.073063] ? trace_preempt_on+0x20/0xc0 [ 17.073089] ? __pfx_kthread+0x10/0x10 [ 17.073111] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.073134] ? calculate_sigpending+0x7b/0xa0 [ 17.073161] ? __pfx_kthread+0x10/0x10 [ 17.073184] ret_from_fork+0x116/0x1d0 [ 17.073205] ? __pfx_kthread+0x10/0x10 [ 17.073226] ret_from_fork_asm+0x1a/0x30 [ 17.073259] </TASK> [ 17.073271] [ 17.080775] Allocated by task 303: [ 17.080970] kasan_save_stack+0x45/0x70 [ 17.081180] kasan_save_track+0x18/0x40 [ 17.081376] kasan_save_alloc_info+0x3b/0x50 [ 17.081550] __kasan_kmalloc+0xb7/0xc0 [ 17.081692] __kmalloc_noprof+0x1c9/0x500 [ 17.082011] kunit_kmalloc_array+0x25/0x60 [ 17.082232] copy_user_test_oob+0xab/0x10f0 [ 17.082458] kunit_try_run_case+0x1a5/0x480 [ 17.082685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.083058] kthread+0x337/0x6f0 [ 17.083222] ret_from_fork+0x116/0x1d0 [ 17.083417] ret_from_fork_asm+0x1a/0x30 [ 17.083581] [ 17.083662] The buggy address belongs to the object at ffff8881029dff00 [ 17.083662] which belongs to the cache kmalloc-128 of size 128 [ 17.084427] The buggy address is located 0 bytes inside of [ 17.084427] allocated 120-byte region [ffff8881029dff00, ffff8881029dff78) [ 17.084968] [ 17.085053] The buggy address belongs to the physical page: [ 17.085293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 17.085638] flags: 0x200000000000000(node=0|zone=2) [ 17.085904] page_type: f5(slab) [ 17.086059] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.086340] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.086800] page dumped because: kasan: bad access detected [ 17.087320] [ 17.087503] Memory state around the buggy address: [ 17.087985] ffff8881029dfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.088594] ffff8881029dfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.089223] >ffff8881029dff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.089827] ^ [ 17.090518] ffff8881029dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.091159] ffff8881029e0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.091815] ================================================================== [ 17.092874] ================================================================== [ 17.093454] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 17.093730] Read of size 121 at addr ffff8881029dff00 by task kunit_try_catch/303 [ 17.094528] [ 17.094711] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.094761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.094774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.094800] Call Trace: [ 17.094820] <TASK> [ 17.094840] dump_stack_lvl+0x73/0xb0 [ 17.094872] print_report+0xd1/0x610 [ 17.094898] ? __virt_addr_valid+0x1db/0x2d0 [ 17.094923] ? copy_user_test_oob+0x4aa/0x10f0 [ 17.094947] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.094971] ? copy_user_test_oob+0x4aa/0x10f0 [ 17.094997] kasan_report+0x141/0x180 [ 17.095021] ? copy_user_test_oob+0x4aa/0x10f0 [ 17.095050] kasan_check_range+0x10c/0x1c0 [ 17.095076] __kasan_check_read+0x15/0x20 [ 17.095095] copy_user_test_oob+0x4aa/0x10f0 [ 17.095122] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.095146] ? finish_task_switch.isra.0+0x153/0x700 [ 17.095172] ? __switch_to+0x47/0xf50 [ 17.095199] ? __schedule+0x10c6/0x2b60 [ 17.095225] ? __pfx_read_tsc+0x10/0x10 [ 17.095248] ? ktime_get_ts64+0x86/0x230 [ 17.095274] kunit_try_run_case+0x1a5/0x480 [ 17.095301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.095325] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.095351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.095376] ? __kthread_parkme+0x82/0x180 [ 17.095399] ? preempt_count_sub+0x50/0x80 [ 17.095423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.095449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.095486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.095512] kthread+0x337/0x6f0 [ 17.095533] ? trace_preempt_on+0x20/0xc0 [ 17.095559] ? __pfx_kthread+0x10/0x10 [ 17.095581] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.095604] ? calculate_sigpending+0x7b/0xa0 [ 17.095630] ? __pfx_kthread+0x10/0x10 [ 17.095653] ret_from_fork+0x116/0x1d0 [ 17.095673] ? __pfx_kthread+0x10/0x10 [ 17.095695] ret_from_fork_asm+0x1a/0x30 [ 17.095727] </TASK> [ 17.095739] [ 17.103956] Allocated by task 303: [ 17.104129] kasan_save_stack+0x45/0x70 [ 17.104283] kasan_save_track+0x18/0x40 [ 17.104426] kasan_save_alloc_info+0x3b/0x50 [ 17.104655] __kasan_kmalloc+0xb7/0xc0 [ 17.104848] __kmalloc_noprof+0x1c9/0x500 [ 17.105061] kunit_kmalloc_array+0x25/0x60 [ 17.105286] copy_user_test_oob+0xab/0x10f0 [ 17.105519] kunit_try_run_case+0x1a5/0x480 [ 17.105720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.105904] kthread+0x337/0x6f0 [ 17.106090] ret_from_fork+0x116/0x1d0 [ 17.106291] ret_from_fork_asm+0x1a/0x30 [ 17.106511] [ 17.106609] The buggy address belongs to the object at ffff8881029dff00 [ 17.106609] which belongs to the cache kmalloc-128 of size 128 [ 17.107114] The buggy address is located 0 bytes inside of [ 17.107114] allocated 120-byte region [ffff8881029dff00, ffff8881029dff78) [ 17.107633] [ 17.107721] The buggy address belongs to the physical page: [ 17.107978] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 17.108301] flags: 0x200000000000000(node=0|zone=2) [ 17.108522] page_type: f5(slab) [ 17.108703] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.109066] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.109310] page dumped because: kasan: bad access detected [ 17.109502] [ 17.109577] Memory state around the buggy address: [ 17.109743] ffff8881029dfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.110269] ffff8881029dfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.110602] >ffff8881029dff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.110963] ^ [ 17.111258] ffff8881029dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.111492] ffff8881029e0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.111714] ================================================================== [ 17.112366] ================================================================== [ 17.112798] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 17.113183] Write of size 121 at addr ffff8881029dff00 by task kunit_try_catch/303 [ 17.113620] [ 17.113781] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.113837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.113850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.113874] Call Trace: [ 17.113893] <TASK> [ 17.113910] dump_stack_lvl+0x73/0xb0 [ 17.113943] print_report+0xd1/0x610 [ 17.113968] ? __virt_addr_valid+0x1db/0x2d0 [ 17.113994] ? copy_user_test_oob+0x557/0x10f0 [ 17.114019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.114043] ? copy_user_test_oob+0x557/0x10f0 [ 17.114069] kasan_report+0x141/0x180 [ 17.114092] ? copy_user_test_oob+0x557/0x10f0 [ 17.114127] kasan_check_range+0x10c/0x1c0 [ 17.114153] __kasan_check_write+0x18/0x20 [ 17.114174] copy_user_test_oob+0x557/0x10f0 [ 17.114201] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.114225] ? finish_task_switch.isra.0+0x153/0x700 [ 17.114250] ? __switch_to+0x47/0xf50 [ 17.114278] ? __schedule+0x10c6/0x2b60 [ 17.114304] ? __pfx_read_tsc+0x10/0x10 [ 17.114327] ? ktime_get_ts64+0x86/0x230 [ 17.114353] kunit_try_run_case+0x1a5/0x480 [ 17.114380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.114404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.114430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.114456] ? __kthread_parkme+0x82/0x180 [ 17.114493] ? preempt_count_sub+0x50/0x80 [ 17.114518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.114544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.114570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.114595] kthread+0x337/0x6f0 [ 17.114617] ? trace_preempt_on+0x20/0xc0 [ 17.114643] ? __pfx_kthread+0x10/0x10 [ 17.114665] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.114689] ? calculate_sigpending+0x7b/0xa0 [ 17.114715] ? __pfx_kthread+0x10/0x10 [ 17.114740] ret_from_fork+0x116/0x1d0 [ 17.114759] ? __pfx_kthread+0x10/0x10 [ 17.114782] ret_from_fork_asm+0x1a/0x30 [ 17.114815] </TASK> [ 17.114826] [ 17.122327] Allocated by task 303: [ 17.122510] kasan_save_stack+0x45/0x70 [ 17.122700] kasan_save_track+0x18/0x40 [ 17.122963] kasan_save_alloc_info+0x3b/0x50 [ 17.123121] __kasan_kmalloc+0xb7/0xc0 [ 17.123260] __kmalloc_noprof+0x1c9/0x500 [ 17.123465] kunit_kmalloc_array+0x25/0x60 [ 17.123686] copy_user_test_oob+0xab/0x10f0 [ 17.124038] kunit_try_run_case+0x1a5/0x480 [ 17.124217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.124454] kthread+0x337/0x6f0 [ 17.124592] ret_from_fork+0x116/0x1d0 [ 17.124733] ret_from_fork_asm+0x1a/0x30 [ 17.124881] [ 17.124981] The buggy address belongs to the object at ffff8881029dff00 [ 17.124981] which belongs to the cache kmalloc-128 of size 128 [ 17.125536] The buggy address is located 0 bytes inside of [ 17.125536] allocated 120-byte region [ffff8881029dff00, ffff8881029dff78) [ 17.125984] [ 17.126061] The buggy address belongs to the physical page: [ 17.126248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 17.126528] flags: 0x200000000000000(node=0|zone=2) [ 17.126790] page_type: f5(slab) [ 17.126966] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.127315] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.127665] page dumped because: kasan: bad access detected [ 17.128131] [ 17.128233] Memory state around the buggy address: [ 17.128402] ffff8881029dfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.128649] ffff8881029dfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.129229] >ffff8881029dff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.129556] ^ [ 17.129857] ffff8881029dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.130113] ffff8881029e0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.130447] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 17.047719] ================================================================== [ 17.048067] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 17.048361] Read of size 121 at addr ffff8881029dff00 by task kunit_try_catch/303 [ 17.048665] [ 17.048787] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.048837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.048850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.048874] Call Trace: [ 17.048895] <TASK> [ 17.048914] dump_stack_lvl+0x73/0xb0 [ 17.048947] print_report+0xd1/0x610 [ 17.048974] ? __virt_addr_valid+0x1db/0x2d0 [ 17.048999] ? _copy_to_user+0x3c/0x70 [ 17.049020] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.049045] ? _copy_to_user+0x3c/0x70 [ 17.049065] kasan_report+0x141/0x180 [ 17.049089] ? _copy_to_user+0x3c/0x70 [ 17.049114] kasan_check_range+0x10c/0x1c0 [ 17.049139] __kasan_check_read+0x15/0x20 [ 17.049160] _copy_to_user+0x3c/0x70 [ 17.049181] copy_user_test_oob+0x364/0x10f0 [ 17.049209] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.049233] ? finish_task_switch.isra.0+0x153/0x700 [ 17.049258] ? __switch_to+0x47/0xf50 [ 17.049287] ? __schedule+0x10c6/0x2b60 [ 17.049312] ? __pfx_read_tsc+0x10/0x10 [ 17.049336] ? ktime_get_ts64+0x86/0x230 [ 17.049362] kunit_try_run_case+0x1a5/0x480 [ 17.049388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.049412] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.049438] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.049464] ? __kthread_parkme+0x82/0x180 [ 17.049498] ? preempt_count_sub+0x50/0x80 [ 17.049523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.049548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.049574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.049599] kthread+0x337/0x6f0 [ 17.049620] ? trace_preempt_on+0x20/0xc0 [ 17.049646] ? __pfx_kthread+0x10/0x10 [ 17.049668] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.049692] ? calculate_sigpending+0x7b/0xa0 [ 17.049718] ? __pfx_kthread+0x10/0x10 [ 17.049741] ret_from_fork+0x116/0x1d0 [ 17.049762] ? __pfx_kthread+0x10/0x10 [ 17.049794] ret_from_fork_asm+0x1a/0x30 [ 17.049827] </TASK> [ 17.049838] [ 17.057268] Allocated by task 303: [ 17.057457] kasan_save_stack+0x45/0x70 [ 17.057681] kasan_save_track+0x18/0x40 [ 17.058021] kasan_save_alloc_info+0x3b/0x50 [ 17.058251] __kasan_kmalloc+0xb7/0xc0 [ 17.058453] __kmalloc_noprof+0x1c9/0x500 [ 17.058669] kunit_kmalloc_array+0x25/0x60 [ 17.058885] copy_user_test_oob+0xab/0x10f0 [ 17.059108] kunit_try_run_case+0x1a5/0x480 [ 17.059325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.059533] kthread+0x337/0x6f0 [ 17.059662] ret_from_fork+0x116/0x1d0 [ 17.059803] ret_from_fork_asm+0x1a/0x30 [ 17.060061] [ 17.060164] The buggy address belongs to the object at ffff8881029dff00 [ 17.060164] which belongs to the cache kmalloc-128 of size 128 [ 17.060727] The buggy address is located 0 bytes inside of [ 17.060727] allocated 120-byte region [ffff8881029dff00, ffff8881029dff78) [ 17.061228] [ 17.061304] The buggy address belongs to the physical page: [ 17.061504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 17.061870] flags: 0x200000000000000(node=0|zone=2) [ 17.062121] page_type: f5(slab) [ 17.062427] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.062684] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.063127] page dumped because: kasan: bad access detected [ 17.063388] [ 17.063493] Memory state around the buggy address: [ 17.063713] ffff8881029dfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.063940] ffff8881029dfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.064168] >ffff8881029dff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.064390] ^ [ 17.064739] ffff8881029dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.065066] ffff8881029e0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.065385] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 17.016955] ================================================================== [ 17.017750] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 17.018503] Write of size 121 at addr ffff8881029dff00 by task kunit_try_catch/303 [ 17.019466] [ 17.019621] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.019677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.019692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.019719] Call Trace: [ 17.019736] <TASK> [ 17.019767] dump_stack_lvl+0x73/0xb0 [ 17.019807] print_report+0xd1/0x610 [ 17.019836] ? __virt_addr_valid+0x1db/0x2d0 [ 17.019864] ? _copy_from_user+0x32/0x90 [ 17.019928] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.019955] ? _copy_from_user+0x32/0x90 [ 17.019976] kasan_report+0x141/0x180 [ 17.020000] ? _copy_from_user+0x32/0x90 [ 17.020027] kasan_check_range+0x10c/0x1c0 [ 17.020052] __kasan_check_write+0x18/0x20 [ 17.020073] _copy_from_user+0x32/0x90 [ 17.020096] copy_user_test_oob+0x2be/0x10f0 [ 17.020125] ? __pfx_copy_user_test_oob+0x10/0x10 [ 17.020149] ? finish_task_switch.isra.0+0x153/0x700 [ 17.020176] ? __switch_to+0x47/0xf50 [ 17.020206] ? __schedule+0x10c6/0x2b60 [ 17.020232] ? __pfx_read_tsc+0x10/0x10 [ 17.020257] ? ktime_get_ts64+0x86/0x230 [ 17.020284] kunit_try_run_case+0x1a5/0x480 [ 17.020311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.020335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.020362] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.020388] ? __kthread_parkme+0x82/0x180 [ 17.020412] ? preempt_count_sub+0x50/0x80 [ 17.020437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.020464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.020499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.020524] kthread+0x337/0x6f0 [ 17.020546] ? trace_preempt_on+0x20/0xc0 [ 17.020572] ? __pfx_kthread+0x10/0x10 [ 17.020595] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.020619] ? calculate_sigpending+0x7b/0xa0 [ 17.020645] ? __pfx_kthread+0x10/0x10 [ 17.020670] ret_from_fork+0x116/0x1d0 [ 17.020691] ? __pfx_kthread+0x10/0x10 [ 17.020714] ret_from_fork_asm+0x1a/0x30 [ 17.020748] </TASK> [ 17.020779] [ 17.033686] Allocated by task 303: [ 17.034063] kasan_save_stack+0x45/0x70 [ 17.034480] kasan_save_track+0x18/0x40 [ 17.034744] kasan_save_alloc_info+0x3b/0x50 [ 17.035000] __kasan_kmalloc+0xb7/0xc0 [ 17.035372] __kmalloc_noprof+0x1c9/0x500 [ 17.035530] kunit_kmalloc_array+0x25/0x60 [ 17.035679] copy_user_test_oob+0xab/0x10f0 [ 17.035966] kunit_try_run_case+0x1a5/0x480 [ 17.036373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.036940] kthread+0x337/0x6f0 [ 17.037358] ret_from_fork+0x116/0x1d0 [ 17.037738] ret_from_fork_asm+0x1a/0x30 [ 17.038131] [ 17.038319] The buggy address belongs to the object at ffff8881029dff00 [ 17.038319] which belongs to the cache kmalloc-128 of size 128 [ 17.038930] The buggy address is located 0 bytes inside of [ 17.038930] allocated 120-byte region [ffff8881029dff00, ffff8881029dff78) [ 17.039714] [ 17.039887] The buggy address belongs to the physical page: [ 17.040428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 17.040921] flags: 0x200000000000000(node=0|zone=2) [ 17.041100] page_type: f5(slab) [ 17.041229] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.041464] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.041770] page dumped because: kasan: bad access detected [ 17.042002] [ 17.042098] Memory state around the buggy address: [ 17.042309] ffff8881029dfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.042552] ffff8881029dfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.042796] >ffff8881029dff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.043209] ^ [ 17.043426] ffff8881029dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.043739] ffff8881029e0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.044303] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.940530] ================================================================== [ 16.941642] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.942119] Read of size 8 at addr ffff8881029dfe78 by task kunit_try_catch/299 [ 16.942645] [ 16.942752] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.942839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.942854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.942880] Call Trace: [ 16.942897] <TASK> [ 16.942918] dump_stack_lvl+0x73/0xb0 [ 16.942954] print_report+0xd1/0x610 [ 16.943018] ? __virt_addr_valid+0x1db/0x2d0 [ 16.943045] ? copy_to_kernel_nofault+0x225/0x260 [ 16.943071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.943199] ? copy_to_kernel_nofault+0x225/0x260 [ 16.943232] kasan_report+0x141/0x180 [ 16.943258] ? copy_to_kernel_nofault+0x225/0x260 [ 16.943289] __asan_report_load8_noabort+0x18/0x20 [ 16.943315] copy_to_kernel_nofault+0x225/0x260 [ 16.943341] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.943367] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.943392] ? finish_task_switch.isra.0+0x153/0x700 [ 16.943418] ? __schedule+0x10c6/0x2b60 [ 16.943443] ? trace_hardirqs_on+0x37/0xe0 [ 16.943489] ? __pfx_read_tsc+0x10/0x10 [ 16.943514] ? ktime_get_ts64+0x86/0x230 [ 16.943542] kunit_try_run_case+0x1a5/0x480 [ 16.943572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.943595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.943622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.943647] ? __kthread_parkme+0x82/0x180 [ 16.943671] ? preempt_count_sub+0x50/0x80 [ 16.943696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.943722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.943747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.943773] kthread+0x337/0x6f0 [ 16.943795] ? trace_preempt_on+0x20/0xc0 [ 16.943819] ? __pfx_kthread+0x10/0x10 [ 16.943842] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.943865] ? calculate_sigpending+0x7b/0xa0 [ 16.943892] ? __pfx_kthread+0x10/0x10 [ 16.943916] ret_from_fork+0x116/0x1d0 [ 16.943936] ? __pfx_kthread+0x10/0x10 [ 16.943958] ret_from_fork_asm+0x1a/0x30 [ 16.943992] </TASK> [ 16.944004] [ 16.957237] Allocated by task 299: [ 16.957764] kasan_save_stack+0x45/0x70 [ 16.958160] kasan_save_track+0x18/0x40 [ 16.958489] kasan_save_alloc_info+0x3b/0x50 [ 16.958681] __kasan_kmalloc+0xb7/0xc0 [ 16.958876] __kmalloc_cache_noprof+0x189/0x420 [ 16.959494] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.959903] kunit_try_run_case+0x1a5/0x480 [ 16.960282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.960664] kthread+0x337/0x6f0 [ 16.960913] ret_from_fork+0x116/0x1d0 [ 16.961305] ret_from_fork_asm+0x1a/0x30 [ 16.961646] [ 16.961749] The buggy address belongs to the object at ffff8881029dfe00 [ 16.961749] which belongs to the cache kmalloc-128 of size 128 [ 16.962519] The buggy address is located 0 bytes to the right of [ 16.962519] allocated 120-byte region [ffff8881029dfe00, ffff8881029dfe78) [ 16.963003] [ 16.963108] The buggy address belongs to the physical page: [ 16.963728] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 16.964284] flags: 0x200000000000000(node=0|zone=2) [ 16.964630] page_type: f5(slab) [ 16.965027] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.965445] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.965971] page dumped because: kasan: bad access detected [ 16.966375] [ 16.966496] Memory state around the buggy address: [ 16.966690] ffff8881029dfd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.967065] ffff8881029dfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.967817] >ffff8881029dfe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.968352] ^ [ 16.968783] ffff8881029dfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.969391] ffff8881029dff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.969919] ================================================================== [ 16.970971] ================================================================== [ 16.971922] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.972350] Write of size 8 at addr ffff8881029dfe78 by task kunit_try_catch/299 [ 16.972986] [ 16.973121] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.973175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.973189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.973215] Call Trace: [ 16.973231] <TASK> [ 16.973250] dump_stack_lvl+0x73/0xb0 [ 16.973286] print_report+0xd1/0x610 [ 16.973312] ? __virt_addr_valid+0x1db/0x2d0 [ 16.973338] ? copy_to_kernel_nofault+0x99/0x260 [ 16.973365] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.973392] ? copy_to_kernel_nofault+0x99/0x260 [ 16.973417] kasan_report+0x141/0x180 [ 16.973442] ? copy_to_kernel_nofault+0x99/0x260 [ 16.973484] kasan_check_range+0x10c/0x1c0 [ 16.973511] __kasan_check_write+0x18/0x20 [ 16.973532] copy_to_kernel_nofault+0x99/0x260 [ 16.973559] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.973585] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.973611] ? finish_task_switch.isra.0+0x153/0x700 [ 16.973657] ? __schedule+0x10c6/0x2b60 [ 16.973683] ? trace_hardirqs_on+0x37/0xe0 [ 16.973717] ? __pfx_read_tsc+0x10/0x10 [ 16.973741] ? ktime_get_ts64+0x86/0x230 [ 16.973768] kunit_try_run_case+0x1a5/0x480 [ 16.973807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.973832] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.973859] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.973885] ? __kthread_parkme+0x82/0x180 [ 16.973909] ? preempt_count_sub+0x50/0x80 [ 16.973934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.973960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.973986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.974013] kthread+0x337/0x6f0 [ 16.974034] ? trace_preempt_on+0x20/0xc0 [ 16.974059] ? __pfx_kthread+0x10/0x10 [ 16.974081] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.974110] ? calculate_sigpending+0x7b/0xa0 [ 16.974137] ? __pfx_kthread+0x10/0x10 [ 16.974161] ret_from_fork+0x116/0x1d0 [ 16.974181] ? __pfx_kthread+0x10/0x10 [ 16.974205] ret_from_fork_asm+0x1a/0x30 [ 16.974242] </TASK> [ 16.974257] [ 16.988550] Allocated by task 299: [ 16.988911] kasan_save_stack+0x45/0x70 [ 16.989110] kasan_save_track+0x18/0x40 [ 16.989255] kasan_save_alloc_info+0x3b/0x50 [ 16.989481] __kasan_kmalloc+0xb7/0xc0 [ 16.989899] __kmalloc_cache_noprof+0x189/0x420 [ 16.990393] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.990921] kunit_try_run_case+0x1a5/0x480 [ 16.991381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.991979] kthread+0x337/0x6f0 [ 16.992346] ret_from_fork+0x116/0x1d0 [ 16.992717] ret_from_fork_asm+0x1a/0x30 [ 16.992944] [ 16.993145] The buggy address belongs to the object at ffff8881029dfe00 [ 16.993145] which belongs to the cache kmalloc-128 of size 128 [ 16.994034] The buggy address is located 0 bytes to the right of [ 16.994034] allocated 120-byte region [ffff8881029dfe00, ffff8881029dfe78) [ 16.994951] [ 16.995122] The buggy address belongs to the physical page: [ 16.995731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 16.996408] flags: 0x200000000000000(node=0|zone=2) [ 16.996951] page_type: f5(slab) [ 16.997257] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.997940] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.998541] page dumped because: kasan: bad access detected [ 16.998728] [ 16.998851] Memory state around the buggy address: [ 16.999330] ffff8881029dfd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.000288] ffff8881029dfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.000947] >ffff8881029dfe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.001339] ^ [ 17.002069] ffff8881029dfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.002714] ffff8881029dff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.003147] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 15.397973] ================================================================== [ 15.398460] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 15.398827] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.399085] [ 15.399179] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.399226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.399238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.399261] Call Trace: [ 15.399273] <TASK> [ 15.399338] dump_stack_lvl+0x73/0xb0 [ 15.399373] print_report+0xd1/0x610 [ 15.399396] ? __virt_addr_valid+0x1db/0x2d0 [ 15.399432] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.399454] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.399485] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.399509] kasan_report+0x141/0x180 [ 15.399532] ? kasan_atomics_helper+0x4ba2/0x5450 [ 15.399560] __asan_report_store4_noabort+0x1b/0x30 [ 15.399585] kasan_atomics_helper+0x4ba2/0x5450 [ 15.399608] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.399630] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.399656] ? kasan_atomics+0x152/0x310 [ 15.399683] kasan_atomics+0x1dc/0x310 [ 15.399706] ? __pfx_kasan_atomics+0x10/0x10 [ 15.399739] ? __pfx_read_tsc+0x10/0x10 [ 15.399761] ? ktime_get_ts64+0x86/0x230 [ 15.399798] kunit_try_run_case+0x1a5/0x480 [ 15.399835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.399859] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.399884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.399908] ? __kthread_parkme+0x82/0x180 [ 15.399929] ? preempt_count_sub+0x50/0x80 [ 15.399963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.399988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.400012] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.400086] kthread+0x337/0x6f0 [ 15.400108] ? trace_preempt_on+0x20/0xc0 [ 15.400132] ? __pfx_kthread+0x10/0x10 [ 15.400152] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.400175] ? calculate_sigpending+0x7b/0xa0 [ 15.400200] ? __pfx_kthread+0x10/0x10 [ 15.400222] ret_from_fork+0x116/0x1d0 [ 15.400241] ? __pfx_kthread+0x10/0x10 [ 15.400262] ret_from_fork_asm+0x1a/0x30 [ 15.400293] </TASK> [ 15.400304] [ 15.408994] Allocated by task 283: [ 15.409314] kasan_save_stack+0x45/0x70 [ 15.409552] kasan_save_track+0x18/0x40 [ 15.409752] kasan_save_alloc_info+0x3b/0x50 [ 15.409988] __kasan_kmalloc+0xb7/0xc0 [ 15.410282] __kmalloc_cache_noprof+0x189/0x420 [ 15.410515] kasan_atomics+0x95/0x310 [ 15.410653] kunit_try_run_case+0x1a5/0x480 [ 15.410933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.411441] kthread+0x337/0x6f0 [ 15.411585] ret_from_fork+0x116/0x1d0 [ 15.411770] ret_from_fork_asm+0x1a/0x30 [ 15.412001] [ 15.412107] The buggy address belongs to the object at ffff8881038b5600 [ 15.412107] which belongs to the cache kmalloc-64 of size 64 [ 15.412676] The buggy address is located 0 bytes to the right of [ 15.412676] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.413052] [ 15.413169] The buggy address belongs to the physical page: [ 15.413429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.413800] flags: 0x200000000000000(node=0|zone=2) [ 15.414485] page_type: f5(slab) [ 15.414620] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.415073] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.415431] page dumped because: kasan: bad access detected [ 15.415870] [ 15.415996] Memory state around the buggy address: [ 15.416398] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.416748] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.417142] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.417428] ^ [ 15.417648] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.418281] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.418898] ================================================================== [ 16.031905] ================================================================== [ 16.032487] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 16.032810] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.033142] [ 16.033257] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.033302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.033314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.033336] Call Trace: [ 16.033352] <TASK> [ 16.033367] dump_stack_lvl+0x73/0xb0 [ 16.033396] print_report+0xd1/0x610 [ 16.033420] ? __virt_addr_valid+0x1db/0x2d0 [ 16.033445] ? kasan_atomics_helper+0x1079/0x5450 [ 16.033479] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.033503] ? kasan_atomics_helper+0x1079/0x5450 [ 16.033526] kasan_report+0x141/0x180 [ 16.033549] ? kasan_atomics_helper+0x1079/0x5450 [ 16.033576] kasan_check_range+0x10c/0x1c0 [ 16.033601] __kasan_check_write+0x18/0x20 [ 16.033621] kasan_atomics_helper+0x1079/0x5450 [ 16.033645] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.033668] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.033695] ? kasan_atomics+0x152/0x310 [ 16.033722] kasan_atomics+0x1dc/0x310 [ 16.033746] ? __pfx_kasan_atomics+0x10/0x10 [ 16.033771] ? __pfx_read_tsc+0x10/0x10 [ 16.033846] ? ktime_get_ts64+0x86/0x230 [ 16.033873] kunit_try_run_case+0x1a5/0x480 [ 16.033899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.033922] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.033948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.033972] ? __kthread_parkme+0x82/0x180 [ 16.033993] ? preempt_count_sub+0x50/0x80 [ 16.034018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.034074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.034100] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.034134] kthread+0x337/0x6f0 [ 16.034155] ? trace_preempt_on+0x20/0xc0 [ 16.034179] ? __pfx_kthread+0x10/0x10 [ 16.034201] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.034225] ? calculate_sigpending+0x7b/0xa0 [ 16.034250] ? __pfx_kthread+0x10/0x10 [ 16.034273] ret_from_fork+0x116/0x1d0 [ 16.034293] ? __pfx_kthread+0x10/0x10 [ 16.034315] ret_from_fork_asm+0x1a/0x30 [ 16.034347] </TASK> [ 16.034358] [ 16.042729] Allocated by task 283: [ 16.042957] kasan_save_stack+0x45/0x70 [ 16.043177] kasan_save_track+0x18/0x40 [ 16.043376] kasan_save_alloc_info+0x3b/0x50 [ 16.043606] __kasan_kmalloc+0xb7/0xc0 [ 16.043858] __kmalloc_cache_noprof+0x189/0x420 [ 16.044027] kasan_atomics+0x95/0x310 [ 16.044401] kunit_try_run_case+0x1a5/0x480 [ 16.044632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.044928] kthread+0x337/0x6f0 [ 16.045102] ret_from_fork+0x116/0x1d0 [ 16.045304] ret_from_fork_asm+0x1a/0x30 [ 16.045512] [ 16.045600] The buggy address belongs to the object at ffff8881038b5600 [ 16.045600] which belongs to the cache kmalloc-64 of size 64 [ 16.046089] The buggy address is located 0 bytes to the right of [ 16.046089] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.046484] [ 16.046587] The buggy address belongs to the physical page: [ 16.046847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.047319] flags: 0x200000000000000(node=0|zone=2) [ 16.047498] page_type: f5(slab) [ 16.047624] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.047919] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.048261] page dumped because: kasan: bad access detected [ 16.048525] [ 16.048622] Memory state around the buggy address: [ 16.048957] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.049301] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.049615] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.049952] ^ [ 16.050162] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.050583] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.050932] ================================================================== [ 15.466902] ================================================================== [ 15.467409] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 15.467768] Read of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.468195] [ 15.468359] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.468409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.468422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.468446] Call Trace: [ 15.468465] <TASK> [ 15.468495] dump_stack_lvl+0x73/0xb0 [ 15.468566] print_report+0xd1/0x610 [ 15.468591] ? __virt_addr_valid+0x1db/0x2d0 [ 15.468616] ? kasan_atomics_helper+0x3df/0x5450 [ 15.468639] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.468693] ? kasan_atomics_helper+0x3df/0x5450 [ 15.468717] kasan_report+0x141/0x180 [ 15.468741] ? kasan_atomics_helper+0x3df/0x5450 [ 15.468769] kasan_check_range+0x10c/0x1c0 [ 15.468803] __kasan_check_read+0x15/0x20 [ 15.468825] kasan_atomics_helper+0x3df/0x5450 [ 15.468849] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.468874] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.468900] ? kasan_atomics+0x152/0x310 [ 15.468929] kasan_atomics+0x1dc/0x310 [ 15.468954] ? __pfx_kasan_atomics+0x10/0x10 [ 15.469011] ? __pfx_read_tsc+0x10/0x10 [ 15.469036] ? ktime_get_ts64+0x86/0x230 [ 15.469087] kunit_try_run_case+0x1a5/0x480 [ 15.469132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.469157] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.469184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.469210] ? __kthread_parkme+0x82/0x180 [ 15.469233] ? preempt_count_sub+0x50/0x80 [ 15.469260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.469286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.469311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.469406] kthread+0x337/0x6f0 [ 15.469431] ? trace_preempt_on+0x20/0xc0 [ 15.469458] ? __pfx_kthread+0x10/0x10 [ 15.469493] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.469518] ? calculate_sigpending+0x7b/0xa0 [ 15.469544] ? __pfx_kthread+0x10/0x10 [ 15.469568] ret_from_fork+0x116/0x1d0 [ 15.469589] ? __pfx_kthread+0x10/0x10 [ 15.469611] ret_from_fork_asm+0x1a/0x30 [ 15.469645] </TASK> [ 15.469656] [ 15.480158] Allocated by task 283: [ 15.480396] kasan_save_stack+0x45/0x70 [ 15.480631] kasan_save_track+0x18/0x40 [ 15.480995] kasan_save_alloc_info+0x3b/0x50 [ 15.481193] __kasan_kmalloc+0xb7/0xc0 [ 15.481540] __kmalloc_cache_noprof+0x189/0x420 [ 15.481970] kasan_atomics+0x95/0x310 [ 15.482212] kunit_try_run_case+0x1a5/0x480 [ 15.482489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.482773] kthread+0x337/0x6f0 [ 15.482957] ret_from_fork+0x116/0x1d0 [ 15.483175] ret_from_fork_asm+0x1a/0x30 [ 15.483596] [ 15.483703] The buggy address belongs to the object at ffff8881038b5600 [ 15.483703] which belongs to the cache kmalloc-64 of size 64 [ 15.484385] The buggy address is located 0 bytes to the right of [ 15.484385] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.485079] [ 15.485224] The buggy address belongs to the physical page: [ 15.485520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.485935] flags: 0x200000000000000(node=0|zone=2) [ 15.486273] page_type: f5(slab) [ 15.486503] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.486972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.487325] page dumped because: kasan: bad access detected [ 15.487584] [ 15.487690] Memory state around the buggy address: [ 15.488053] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.488324] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.488565] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.489243] ^ [ 15.489508] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.489894] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.490249] ================================================================== [ 16.199017] ================================================================== [ 16.200197] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 16.201324] Read of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.202072] [ 16.202388] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.202446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.202460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.202493] Call Trace: [ 16.202512] <TASK> [ 16.202528] dump_stack_lvl+0x73/0xb0 [ 16.202561] print_report+0xd1/0x610 [ 16.202585] ? __virt_addr_valid+0x1db/0x2d0 [ 16.202609] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.202631] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.202654] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.202676] kasan_report+0x141/0x180 [ 16.202700] ? kasan_atomics_helper+0x49ce/0x5450 [ 16.202727] __asan_report_load4_noabort+0x18/0x20 [ 16.202754] kasan_atomics_helper+0x49ce/0x5450 [ 16.202777] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.202800] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.202826] ? kasan_atomics+0x152/0x310 [ 16.202854] kasan_atomics+0x1dc/0x310 [ 16.202878] ? __pfx_kasan_atomics+0x10/0x10 [ 16.202902] ? __pfx_read_tsc+0x10/0x10 [ 16.202924] ? ktime_get_ts64+0x86/0x230 [ 16.202959] kunit_try_run_case+0x1a5/0x480 [ 16.202986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.203010] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.203045] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.203134] ? __kthread_parkme+0x82/0x180 [ 16.203158] ? preempt_count_sub+0x50/0x80 [ 16.203183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.203209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.203232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.203257] kthread+0x337/0x6f0 [ 16.203278] ? trace_preempt_on+0x20/0xc0 [ 16.203302] ? __pfx_kthread+0x10/0x10 [ 16.203323] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.203347] ? calculate_sigpending+0x7b/0xa0 [ 16.203371] ? __pfx_kthread+0x10/0x10 [ 16.203393] ret_from_fork+0x116/0x1d0 [ 16.203413] ? __pfx_kthread+0x10/0x10 [ 16.203435] ret_from_fork_asm+0x1a/0x30 [ 16.203466] </TASK> [ 16.203489] [ 16.216728] Allocated by task 283: [ 16.217235] kasan_save_stack+0x45/0x70 [ 16.217441] kasan_save_track+0x18/0x40 [ 16.217599] kasan_save_alloc_info+0x3b/0x50 [ 16.217757] __kasan_kmalloc+0xb7/0xc0 [ 16.217945] __kmalloc_cache_noprof+0x189/0x420 [ 16.218478] kasan_atomics+0x95/0x310 [ 16.218892] kunit_try_run_case+0x1a5/0x480 [ 16.219410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.219984] kthread+0x337/0x6f0 [ 16.220371] ret_from_fork+0x116/0x1d0 [ 16.221031] ret_from_fork_asm+0x1a/0x30 [ 16.221501] [ 16.221702] The buggy address belongs to the object at ffff8881038b5600 [ 16.221702] which belongs to the cache kmalloc-64 of size 64 [ 16.222335] The buggy address is located 0 bytes to the right of [ 16.222335] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.222734] [ 16.222831] The buggy address belongs to the physical page: [ 16.223011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.223444] flags: 0x200000000000000(node=0|zone=2) [ 16.223694] page_type: f5(slab) [ 16.223900] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.224255] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.224648] page dumped because: kasan: bad access detected [ 16.224921] [ 16.225031] Memory state around the buggy address: [ 16.225227] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.225524] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.225784] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.226393] ^ [ 16.226638] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.226975] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.227453] ================================================================== [ 15.442640] ================================================================== [ 15.443270] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 15.443980] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.444232] [ 15.444332] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.444379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.444393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.444417] Call Trace: [ 15.444432] <TASK> [ 15.444448] dump_stack_lvl+0x73/0xb0 [ 15.444520] print_report+0xd1/0x610 [ 15.444547] ? __virt_addr_valid+0x1db/0x2d0 [ 15.444572] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.444596] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.444622] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.444646] kasan_report+0x141/0x180 [ 15.444670] ? kasan_atomics_helper+0x4b6e/0x5450 [ 15.444697] __asan_report_store4_noabort+0x1b/0x30 [ 15.444725] kasan_atomics_helper+0x4b6e/0x5450 [ 15.444748] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.444810] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.444837] ? kasan_atomics+0x152/0x310 [ 15.444880] kasan_atomics+0x1dc/0x310 [ 15.444919] ? __pfx_kasan_atomics+0x10/0x10 [ 15.444945] ? __pfx_read_tsc+0x10/0x10 [ 15.444969] ? ktime_get_ts64+0x86/0x230 [ 15.444996] kunit_try_run_case+0x1a5/0x480 [ 15.445042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.445068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.445094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.445120] ? __kthread_parkme+0x82/0x180 [ 15.445143] ? preempt_count_sub+0x50/0x80 [ 15.445169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.445195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.445221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.445265] kthread+0x337/0x6f0 [ 15.445288] ? trace_preempt_on+0x20/0xc0 [ 15.445327] ? __pfx_kthread+0x10/0x10 [ 15.445351] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.445375] ? calculate_sigpending+0x7b/0xa0 [ 15.445400] ? __pfx_kthread+0x10/0x10 [ 15.445424] ret_from_fork+0x116/0x1d0 [ 15.445445] ? __pfx_kthread+0x10/0x10 [ 15.445477] ret_from_fork_asm+0x1a/0x30 [ 15.445510] </TASK> [ 15.445523] [ 15.455549] Allocated by task 283: [ 15.455776] kasan_save_stack+0x45/0x70 [ 15.455991] kasan_save_track+0x18/0x40 [ 15.456338] kasan_save_alloc_info+0x3b/0x50 [ 15.456572] __kasan_kmalloc+0xb7/0xc0 [ 15.456759] __kmalloc_cache_noprof+0x189/0x420 [ 15.457107] kasan_atomics+0x95/0x310 [ 15.457363] kunit_try_run_case+0x1a5/0x480 [ 15.457713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.457995] kthread+0x337/0x6f0 [ 15.458224] ret_from_fork+0x116/0x1d0 [ 15.458567] ret_from_fork_asm+0x1a/0x30 [ 15.458729] [ 15.459015] The buggy address belongs to the object at ffff8881038b5600 [ 15.459015] which belongs to the cache kmalloc-64 of size 64 [ 15.459769] The buggy address is located 0 bytes to the right of [ 15.459769] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.460608] [ 15.460811] The buggy address belongs to the physical page: [ 15.461090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.461411] flags: 0x200000000000000(node=0|zone=2) [ 15.461671] page_type: f5(slab) [ 15.461924] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.462403] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.462767] page dumped because: kasan: bad access detected [ 15.463089] [ 15.463321] Memory state around the buggy address: [ 15.463518] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.463909] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.464368] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.464676] ^ [ 15.465049] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.465702] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.466263] ================================================================== [ 15.816755] ================================================================== [ 15.817846] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.818666] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.819448] [ 15.819684] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.819733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.819746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.819789] Call Trace: [ 15.819837] <TASK> [ 15.819856] dump_stack_lvl+0x73/0xb0 [ 15.819888] print_report+0xd1/0x610 [ 15.819924] ? __virt_addr_valid+0x1db/0x2d0 [ 15.819948] ? kasan_atomics_helper+0xac7/0x5450 [ 15.819970] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.819994] ? kasan_atomics_helper+0xac7/0x5450 [ 15.820070] kasan_report+0x141/0x180 [ 15.820098] ? kasan_atomics_helper+0xac7/0x5450 [ 15.820126] kasan_check_range+0x10c/0x1c0 [ 15.820151] __kasan_check_write+0x18/0x20 [ 15.820172] kasan_atomics_helper+0xac7/0x5450 [ 15.820195] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.820219] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.820246] ? kasan_atomics+0x152/0x310 [ 15.820273] kasan_atomics+0x1dc/0x310 [ 15.820297] ? __pfx_kasan_atomics+0x10/0x10 [ 15.820323] ? __pfx_read_tsc+0x10/0x10 [ 15.820345] ? ktime_get_ts64+0x86/0x230 [ 15.820371] kunit_try_run_case+0x1a5/0x480 [ 15.820397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.820421] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.820447] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.820483] ? __kthread_parkme+0x82/0x180 [ 15.820505] ? preempt_count_sub+0x50/0x80 [ 15.820531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.820555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.820580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.820606] kthread+0x337/0x6f0 [ 15.820627] ? trace_preempt_on+0x20/0xc0 [ 15.820652] ? __pfx_kthread+0x10/0x10 [ 15.820674] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.820697] ? calculate_sigpending+0x7b/0xa0 [ 15.820721] ? __pfx_kthread+0x10/0x10 [ 15.820745] ret_from_fork+0x116/0x1d0 [ 15.820783] ? __pfx_kthread+0x10/0x10 [ 15.820805] ret_from_fork_asm+0x1a/0x30 [ 15.820838] </TASK> [ 15.820849] [ 15.833636] Allocated by task 283: [ 15.834037] kasan_save_stack+0x45/0x70 [ 15.834610] kasan_save_track+0x18/0x40 [ 15.835010] kasan_save_alloc_info+0x3b/0x50 [ 15.835551] __kasan_kmalloc+0xb7/0xc0 [ 15.836012] __kmalloc_cache_noprof+0x189/0x420 [ 15.836544] kasan_atomics+0x95/0x310 [ 15.836933] kunit_try_run_case+0x1a5/0x480 [ 15.837406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.838004] kthread+0x337/0x6f0 [ 15.838396] ret_from_fork+0x116/0x1d0 [ 15.838799] ret_from_fork_asm+0x1a/0x30 [ 15.839206] [ 15.839598] The buggy address belongs to the object at ffff8881038b5600 [ 15.839598] which belongs to the cache kmalloc-64 of size 64 [ 15.840941] The buggy address is located 0 bytes to the right of [ 15.840941] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.841589] [ 15.841674] The buggy address belongs to the physical page: [ 15.841968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.842820] flags: 0x200000000000000(node=0|zone=2) [ 15.843453] page_type: f5(slab) [ 15.843801] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.844546] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.845096] page dumped because: kasan: bad access detected [ 15.845288] [ 15.845365] Memory state around the buggy address: [ 15.845541] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.845976] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.846740] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.847544] ^ [ 15.848057] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.848949] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.849683] ================================================================== [ 15.364988] ================================================================== [ 15.365837] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 15.366117] Read of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.366353] [ 15.366451] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.366897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.366928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.366953] Call Trace: [ 15.366968] <TASK> [ 15.366988] dump_stack_lvl+0x73/0xb0 [ 15.367264] print_report+0xd1/0x610 [ 15.367292] ? __virt_addr_valid+0x1db/0x2d0 [ 15.367316] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.367350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.367373] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.367395] kasan_report+0x141/0x180 [ 15.367429] ? kasan_atomics_helper+0x4bbc/0x5450 [ 15.367455] __asan_report_load4_noabort+0x18/0x20 [ 15.367489] kasan_atomics_helper+0x4bbc/0x5450 [ 15.367511] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.367534] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.367559] ? kasan_atomics+0x152/0x310 [ 15.367585] kasan_atomics+0x1dc/0x310 [ 15.367608] ? __pfx_kasan_atomics+0x10/0x10 [ 15.367632] ? __pfx_read_tsc+0x10/0x10 [ 15.367654] ? ktime_get_ts64+0x86/0x230 [ 15.367679] kunit_try_run_case+0x1a5/0x480 [ 15.367706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.367728] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.367754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.367792] ? __kthread_parkme+0x82/0x180 [ 15.367813] ? preempt_count_sub+0x50/0x80 [ 15.367838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.367863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.367887] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.367911] kthread+0x337/0x6f0 [ 15.367931] ? trace_preempt_on+0x20/0xc0 [ 15.367955] ? __pfx_kthread+0x10/0x10 [ 15.367976] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.367999] ? calculate_sigpending+0x7b/0xa0 [ 15.368024] ? __pfx_kthread+0x10/0x10 [ 15.368061] ret_from_fork+0x116/0x1d0 [ 15.368081] ? __pfx_kthread+0x10/0x10 [ 15.368102] ret_from_fork_asm+0x1a/0x30 [ 15.368134] </TASK> [ 15.368145] [ 15.385800] Allocated by task 283: [ 15.386308] kasan_save_stack+0x45/0x70 [ 15.386737] kasan_save_track+0x18/0x40 [ 15.386892] kasan_save_alloc_info+0x3b/0x50 [ 15.387324] __kasan_kmalloc+0xb7/0xc0 [ 15.387758] __kmalloc_cache_noprof+0x189/0x420 [ 15.388277] kasan_atomics+0x95/0x310 [ 15.388663] kunit_try_run_case+0x1a5/0x480 [ 15.388849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.389051] kthread+0x337/0x6f0 [ 15.389487] ret_from_fork+0x116/0x1d0 [ 15.389890] ret_from_fork_asm+0x1a/0x30 [ 15.390569] [ 15.390688] The buggy address belongs to the object at ffff8881038b5600 [ 15.390688] which belongs to the cache kmalloc-64 of size 64 [ 15.391355] The buggy address is located 0 bytes to the right of [ 15.391355] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.391768] [ 15.391850] The buggy address belongs to the physical page: [ 15.392128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.392577] flags: 0x200000000000000(node=0|zone=2) [ 15.392781] page_type: f5(slab) [ 15.392913] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.393400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.393941] page dumped because: kasan: bad access detected [ 15.394266] [ 15.394345] Memory state around the buggy address: [ 15.394580] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.394935] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.395698] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.396043] ^ [ 15.396312] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.396682] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.397016] ================================================================== [ 16.289866] ================================================================== [ 16.290515] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 16.290941] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.291419] [ 16.291591] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.291649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.291663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.291713] Call Trace: [ 16.291729] <TASK> [ 16.291745] dump_stack_lvl+0x73/0xb0 [ 16.291789] print_report+0xd1/0x610 [ 16.291823] ? __virt_addr_valid+0x1db/0x2d0 [ 16.291858] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.291882] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.291934] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.291958] kasan_report+0x141/0x180 [ 16.292009] ? kasan_atomics_helper+0x50d4/0x5450 [ 16.292052] __asan_report_store8_noabort+0x1b/0x30 [ 16.292079] kasan_atomics_helper+0x50d4/0x5450 [ 16.292103] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.292174] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.292217] ? kasan_atomics+0x152/0x310 [ 16.292248] kasan_atomics+0x1dc/0x310 [ 16.292272] ? __pfx_kasan_atomics+0x10/0x10 [ 16.292328] ? __pfx_read_tsc+0x10/0x10 [ 16.292353] ? ktime_get_ts64+0x86/0x230 [ 16.292378] kunit_try_run_case+0x1a5/0x480 [ 16.292438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.292462] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.292508] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.292533] ? __kthread_parkme+0x82/0x180 [ 16.292556] ? preempt_count_sub+0x50/0x80 [ 16.292582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.292608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.292661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.292687] kthread+0x337/0x6f0 [ 16.292735] ? trace_preempt_on+0x20/0xc0 [ 16.292760] ? __pfx_kthread+0x10/0x10 [ 16.292796] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.292820] ? calculate_sigpending+0x7b/0xa0 [ 16.292861] ? __pfx_kthread+0x10/0x10 [ 16.292885] ret_from_fork+0x116/0x1d0 [ 16.292920] ? __pfx_kthread+0x10/0x10 [ 16.292957] ret_from_fork_asm+0x1a/0x30 [ 16.293002] </TASK> [ 16.293028] [ 16.302710] Allocated by task 283: [ 16.302888] kasan_save_stack+0x45/0x70 [ 16.303151] kasan_save_track+0x18/0x40 [ 16.303440] kasan_save_alloc_info+0x3b/0x50 [ 16.303734] __kasan_kmalloc+0xb7/0xc0 [ 16.303933] __kmalloc_cache_noprof+0x189/0x420 [ 16.304199] kasan_atomics+0x95/0x310 [ 16.304410] kunit_try_run_case+0x1a5/0x480 [ 16.304746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.305013] kthread+0x337/0x6f0 [ 16.305186] ret_from_fork+0x116/0x1d0 [ 16.305378] ret_from_fork_asm+0x1a/0x30 [ 16.305571] [ 16.305649] The buggy address belongs to the object at ffff8881038b5600 [ 16.305649] which belongs to the cache kmalloc-64 of size 64 [ 16.306546] The buggy address is located 0 bytes to the right of [ 16.306546] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.307439] [ 16.307587] The buggy address belongs to the physical page: [ 16.307916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.308279] flags: 0x200000000000000(node=0|zone=2) [ 16.308546] page_type: f5(slab) [ 16.308743] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.309089] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.309572] page dumped because: kasan: bad access detected [ 16.309989] [ 16.310065] Memory state around the buggy address: [ 16.310232] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.310457] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.310948] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.311436] ^ [ 16.311730] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.312209] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.312607] ================================================================== [ 15.490887] ================================================================== [ 15.491133] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 15.491817] Read of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.492368] [ 15.492552] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.492709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.492751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.492775] Call Trace: [ 15.492794] <TASK> [ 15.492812] dump_stack_lvl+0x73/0xb0 [ 15.492844] print_report+0xd1/0x610 [ 15.492868] ? __virt_addr_valid+0x1db/0x2d0 [ 15.492892] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.492915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.492939] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.492963] kasan_report+0x141/0x180 [ 15.492986] ? kasan_atomics_helper+0x4b54/0x5450 [ 15.493013] __asan_report_load4_noabort+0x18/0x20 [ 15.493104] kasan_atomics_helper+0x4b54/0x5450 [ 15.493129] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.493153] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.493180] ? kasan_atomics+0x152/0x310 [ 15.493208] kasan_atomics+0x1dc/0x310 [ 15.493232] ? __pfx_kasan_atomics+0x10/0x10 [ 15.493258] ? __pfx_read_tsc+0x10/0x10 [ 15.493281] ? ktime_get_ts64+0x86/0x230 [ 15.493307] kunit_try_run_case+0x1a5/0x480 [ 15.493333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.493356] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.493382] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.493407] ? __kthread_parkme+0x82/0x180 [ 15.493429] ? preempt_count_sub+0x50/0x80 [ 15.493505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.493530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.493555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.493580] kthread+0x337/0x6f0 [ 15.493600] ? trace_preempt_on+0x20/0xc0 [ 15.493656] ? __pfx_kthread+0x10/0x10 [ 15.493679] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.493703] ? calculate_sigpending+0x7b/0xa0 [ 15.493728] ? __pfx_kthread+0x10/0x10 [ 15.493751] ret_from_fork+0x116/0x1d0 [ 15.493772] ? __pfx_kthread+0x10/0x10 [ 15.493794] ret_from_fork_asm+0x1a/0x30 [ 15.493851] </TASK> [ 15.493862] [ 15.503531] Allocated by task 283: [ 15.503801] kasan_save_stack+0x45/0x70 [ 15.504013] kasan_save_track+0x18/0x40 [ 15.504274] kasan_save_alloc_info+0x3b/0x50 [ 15.504514] __kasan_kmalloc+0xb7/0xc0 [ 15.504729] __kmalloc_cache_noprof+0x189/0x420 [ 15.504977] kasan_atomics+0x95/0x310 [ 15.505120] kunit_try_run_case+0x1a5/0x480 [ 15.505276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.505461] kthread+0x337/0x6f0 [ 15.505652] ret_from_fork+0x116/0x1d0 [ 15.505920] ret_from_fork_asm+0x1a/0x30 [ 15.506354] [ 15.506648] The buggy address belongs to the object at ffff8881038b5600 [ 15.506648] which belongs to the cache kmalloc-64 of size 64 [ 15.507557] The buggy address is located 0 bytes to the right of [ 15.507557] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.508461] [ 15.508614] The buggy address belongs to the physical page: [ 15.508915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.509377] flags: 0x200000000000000(node=0|zone=2) [ 15.509631] page_type: f5(slab) [ 15.509761] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.509999] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.510373] page dumped because: kasan: bad access detected [ 15.510937] [ 15.511156] Memory state around the buggy address: [ 15.511566] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.511959] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.512388] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.512622] ^ [ 15.512899] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.513722] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.514356] ================================================================== [ 16.313518] ================================================================== [ 16.313953] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 16.314517] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.314957] [ 16.315115] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.315163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.315176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.315198] Call Trace: [ 16.315216] <TASK> [ 16.315232] dump_stack_lvl+0x73/0xb0 [ 16.315265] print_report+0xd1/0x610 [ 16.315289] ? __virt_addr_valid+0x1db/0x2d0 [ 16.315313] ? kasan_atomics_helper+0x151d/0x5450 [ 16.315349] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.315374] ? kasan_atomics_helper+0x151d/0x5450 [ 16.315397] kasan_report+0x141/0x180 [ 16.315434] ? kasan_atomics_helper+0x151d/0x5450 [ 16.315505] kasan_check_range+0x10c/0x1c0 [ 16.315531] __kasan_check_write+0x18/0x20 [ 16.315552] kasan_atomics_helper+0x151d/0x5450 [ 16.315588] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.315612] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.315638] ? kasan_atomics+0x152/0x310 [ 16.315667] kasan_atomics+0x1dc/0x310 [ 16.315691] ? __pfx_kasan_atomics+0x10/0x10 [ 16.315717] ? __pfx_read_tsc+0x10/0x10 [ 16.315740] ? ktime_get_ts64+0x86/0x230 [ 16.315765] kunit_try_run_case+0x1a5/0x480 [ 16.315801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.315826] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.315869] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.315895] ? __kthread_parkme+0x82/0x180 [ 16.315939] ? preempt_count_sub+0x50/0x80 [ 16.315965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.315991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.316027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.316054] kthread+0x337/0x6f0 [ 16.316076] ? trace_preempt_on+0x20/0xc0 [ 16.316100] ? __pfx_kthread+0x10/0x10 [ 16.316123] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.316147] ? calculate_sigpending+0x7b/0xa0 [ 16.316172] ? __pfx_kthread+0x10/0x10 [ 16.316195] ret_from_fork+0x116/0x1d0 [ 16.316216] ? __pfx_kthread+0x10/0x10 [ 16.316238] ret_from_fork_asm+0x1a/0x30 [ 16.316270] </TASK> [ 16.316281] [ 16.325984] Allocated by task 283: [ 16.326282] kasan_save_stack+0x45/0x70 [ 16.326558] kasan_save_track+0x18/0x40 [ 16.326788] kasan_save_alloc_info+0x3b/0x50 [ 16.327009] __kasan_kmalloc+0xb7/0xc0 [ 16.327257] __kmalloc_cache_noprof+0x189/0x420 [ 16.327572] kasan_atomics+0x95/0x310 [ 16.327773] kunit_try_run_case+0x1a5/0x480 [ 16.328048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.328291] kthread+0x337/0x6f0 [ 16.328600] ret_from_fork+0x116/0x1d0 [ 16.329080] ret_from_fork_asm+0x1a/0x30 [ 16.329295] [ 16.329423] The buggy address belongs to the object at ffff8881038b5600 [ 16.329423] which belongs to the cache kmalloc-64 of size 64 [ 16.329970] The buggy address is located 0 bytes to the right of [ 16.329970] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.330565] [ 16.330664] The buggy address belongs to the physical page: [ 16.330917] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.331219] flags: 0x200000000000000(node=0|zone=2) [ 16.331382] page_type: f5(slab) [ 16.331581] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.332174] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.332649] page dumped because: kasan: bad access detected [ 16.333002] [ 16.333201] Memory state around the buggy address: [ 16.333442] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.333818] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.334354] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.334948] ^ [ 16.335341] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.335699] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.336088] ================================================================== [ 16.360901] ================================================================== [ 16.361322] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 16.361682] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.362149] [ 16.362238] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.362282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.362294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.362316] Call Trace: [ 16.362332] <TASK> [ 16.362348] dump_stack_lvl+0x73/0xb0 [ 16.362379] print_report+0xd1/0x610 [ 16.362402] ? __virt_addr_valid+0x1db/0x2d0 [ 16.362497] ? kasan_atomics_helper+0x164f/0x5450 [ 16.362522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.362580] ? kasan_atomics_helper+0x164f/0x5450 [ 16.362605] kasan_report+0x141/0x180 [ 16.362657] ? kasan_atomics_helper+0x164f/0x5450 [ 16.362684] kasan_check_range+0x10c/0x1c0 [ 16.362710] __kasan_check_write+0x18/0x20 [ 16.362731] kasan_atomics_helper+0x164f/0x5450 [ 16.362754] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.362778] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.362806] ? kasan_atomics+0x152/0x310 [ 16.362834] kasan_atomics+0x1dc/0x310 [ 16.362858] ? __pfx_kasan_atomics+0x10/0x10 [ 16.362885] ? __pfx_read_tsc+0x10/0x10 [ 16.362906] ? ktime_get_ts64+0x86/0x230 [ 16.362932] kunit_try_run_case+0x1a5/0x480 [ 16.362985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.363010] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.363048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.363121] ? __kthread_parkme+0x82/0x180 [ 16.363176] ? preempt_count_sub+0x50/0x80 [ 16.363201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.363227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.363264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.363289] kthread+0x337/0x6f0 [ 16.363336] ? trace_preempt_on+0x20/0xc0 [ 16.363362] ? __pfx_kthread+0x10/0x10 [ 16.363384] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.363419] ? calculate_sigpending+0x7b/0xa0 [ 16.363444] ? __pfx_kthread+0x10/0x10 [ 16.363477] ret_from_fork+0x116/0x1d0 [ 16.363525] ? __pfx_kthread+0x10/0x10 [ 16.363547] ret_from_fork_asm+0x1a/0x30 [ 16.363580] </TASK> [ 16.363602] [ 16.373665] Allocated by task 283: [ 16.373966] kasan_save_stack+0x45/0x70 [ 16.374255] kasan_save_track+0x18/0x40 [ 16.374485] kasan_save_alloc_info+0x3b/0x50 [ 16.374663] __kasan_kmalloc+0xb7/0xc0 [ 16.374852] __kmalloc_cache_noprof+0x189/0x420 [ 16.375142] kasan_atomics+0x95/0x310 [ 16.375336] kunit_try_run_case+0x1a5/0x480 [ 16.375497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.375678] kthread+0x337/0x6f0 [ 16.375803] ret_from_fork+0x116/0x1d0 [ 16.375981] ret_from_fork_asm+0x1a/0x30 [ 16.376449] [ 16.376573] The buggy address belongs to the object at ffff8881038b5600 [ 16.376573] which belongs to the cache kmalloc-64 of size 64 [ 16.377176] The buggy address is located 0 bytes to the right of [ 16.377176] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.378238] [ 16.378347] The buggy address belongs to the physical page: [ 16.378629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.379180] flags: 0x200000000000000(node=0|zone=2) [ 16.379512] page_type: f5(slab) [ 16.379709] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.380041] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.380392] page dumped because: kasan: bad access detected [ 16.380695] [ 16.380838] Memory state around the buggy address: [ 16.381240] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.381462] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.381809] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.382300] ^ [ 16.382858] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.383806] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.384526] ================================================================== [ 16.648727] ================================================================== [ 16.649008] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.649722] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.650563] [ 16.650761] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.650815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.650829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.650852] Call Trace: [ 16.650871] <TASK> [ 16.650899] dump_stack_lvl+0x73/0xb0 [ 16.650934] print_report+0xd1/0x610 [ 16.650960] ? __virt_addr_valid+0x1db/0x2d0 [ 16.650986] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.651008] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.651032] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.651054] kasan_report+0x141/0x180 [ 16.651079] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.651107] kasan_check_range+0x10c/0x1c0 [ 16.651133] __kasan_check_write+0x18/0x20 [ 16.651154] kasan_atomics_helper+0x1e12/0x5450 [ 16.651177] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.651201] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.651227] ? kasan_atomics+0x152/0x310 [ 16.651256] kasan_atomics+0x1dc/0x310 [ 16.651281] ? __pfx_kasan_atomics+0x10/0x10 [ 16.651306] ? __pfx_read_tsc+0x10/0x10 [ 16.651329] ? ktime_get_ts64+0x86/0x230 [ 16.651355] kunit_try_run_case+0x1a5/0x480 [ 16.651380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.651404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.651430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.651455] ? __kthread_parkme+0x82/0x180 [ 16.651487] ? preempt_count_sub+0x50/0x80 [ 16.651523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.651548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.651584] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.651609] kthread+0x337/0x6f0 [ 16.651631] ? trace_preempt_on+0x20/0xc0 [ 16.651654] ? __pfx_kthread+0x10/0x10 [ 16.651676] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.651700] ? calculate_sigpending+0x7b/0xa0 [ 16.651725] ? __pfx_kthread+0x10/0x10 [ 16.651748] ret_from_fork+0x116/0x1d0 [ 16.651767] ? __pfx_kthread+0x10/0x10 [ 16.651800] ret_from_fork_asm+0x1a/0x30 [ 16.651832] </TASK> [ 16.651844] [ 16.664993] Allocated by task 283: [ 16.665144] kasan_save_stack+0x45/0x70 [ 16.665300] kasan_save_track+0x18/0x40 [ 16.665437] kasan_save_alloc_info+0x3b/0x50 [ 16.665602] __kasan_kmalloc+0xb7/0xc0 [ 16.665736] __kmalloc_cache_noprof+0x189/0x420 [ 16.666453] kasan_atomics+0x95/0x310 [ 16.666921] kunit_try_run_case+0x1a5/0x480 [ 16.667377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.667972] kthread+0x337/0x6f0 [ 16.668343] ret_from_fork+0x116/0x1d0 [ 16.668790] ret_from_fork_asm+0x1a/0x30 [ 16.669244] [ 16.669499] The buggy address belongs to the object at ffff8881038b5600 [ 16.669499] which belongs to the cache kmalloc-64 of size 64 [ 16.670305] The buggy address is located 0 bytes to the right of [ 16.670305] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.670687] [ 16.670765] The buggy address belongs to the physical page: [ 16.670945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.671276] flags: 0x200000000000000(node=0|zone=2) [ 16.671530] page_type: f5(slab) [ 16.671704] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.672464] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.672900] page dumped because: kasan: bad access detected [ 16.673147] [ 16.673368] Memory state around the buggy address: [ 16.673559] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.674148] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.674534] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.674885] ^ [ 16.675206] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.675497] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.675977] ================================================================== [ 15.569724] ================================================================== [ 15.570802] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 15.571575] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.572613] [ 15.572722] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.573117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.573144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.573171] Call Trace: [ 15.573192] <TASK> [ 15.573265] dump_stack_lvl+0x73/0xb0 [ 15.573307] print_report+0xd1/0x610 [ 15.573331] ? __virt_addr_valid+0x1db/0x2d0 [ 15.573357] ? kasan_atomics_helper+0x565/0x5450 [ 15.573379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.573405] ? kasan_atomics_helper+0x565/0x5450 [ 15.573429] kasan_report+0x141/0x180 [ 15.573453] ? kasan_atomics_helper+0x565/0x5450 [ 15.573492] kasan_check_range+0x10c/0x1c0 [ 15.573518] __kasan_check_write+0x18/0x20 [ 15.573540] kasan_atomics_helper+0x565/0x5450 [ 15.573564] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.573588] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.573616] ? kasan_atomics+0x152/0x310 [ 15.573645] kasan_atomics+0x1dc/0x310 [ 15.573669] ? __pfx_kasan_atomics+0x10/0x10 [ 15.573695] ? __pfx_read_tsc+0x10/0x10 [ 15.573718] ? ktime_get_ts64+0x86/0x230 [ 15.573745] kunit_try_run_case+0x1a5/0x480 [ 15.573791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.573816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.573843] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.573868] ? __kthread_parkme+0x82/0x180 [ 15.573890] ? preempt_count_sub+0x50/0x80 [ 15.573916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.573942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.573967] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.573992] kthread+0x337/0x6f0 [ 15.574013] ? trace_preempt_on+0x20/0xc0 [ 15.574056] ? __pfx_kthread+0x10/0x10 [ 15.574078] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.574108] ? calculate_sigpending+0x7b/0xa0 [ 15.574134] ? __pfx_kthread+0x10/0x10 [ 15.574157] ret_from_fork+0x116/0x1d0 [ 15.574179] ? __pfx_kthread+0x10/0x10 [ 15.574202] ret_from_fork_asm+0x1a/0x30 [ 15.574234] </TASK> [ 15.574247] [ 15.592952] Allocated by task 283: [ 15.593108] kasan_save_stack+0x45/0x70 [ 15.593270] kasan_save_track+0x18/0x40 [ 15.593417] kasan_save_alloc_info+0x3b/0x50 [ 15.593791] __kasan_kmalloc+0xb7/0xc0 [ 15.594173] __kmalloc_cache_noprof+0x189/0x420 [ 15.594669] kasan_atomics+0x95/0x310 [ 15.595078] kunit_try_run_case+0x1a5/0x480 [ 15.595569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.596111] kthread+0x337/0x6f0 [ 15.596519] ret_from_fork+0x116/0x1d0 [ 15.596812] ret_from_fork_asm+0x1a/0x30 [ 15.597362] [ 15.597526] The buggy address belongs to the object at ffff8881038b5600 [ 15.597526] which belongs to the cache kmalloc-64 of size 64 [ 15.598512] The buggy address is located 0 bytes to the right of [ 15.598512] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.599106] [ 15.599279] The buggy address belongs to the physical page: [ 15.599915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.600761] flags: 0x200000000000000(node=0|zone=2) [ 15.601332] page_type: f5(slab) [ 15.601557] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.602090] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.602911] page dumped because: kasan: bad access detected [ 15.603238] [ 15.603379] Memory state around the buggy address: [ 15.603785] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.604427] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.604668] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.605217] ^ [ 15.605717] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.606721] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.607572] ================================================================== [ 16.860137] ================================================================== [ 16.860814] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.861423] Read of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.861664] [ 16.861830] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.861882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.861894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.861917] Call Trace: [ 16.861938] <TASK> [ 16.861955] dump_stack_lvl+0x73/0xb0 [ 16.861989] print_report+0xd1/0x610 [ 16.862013] ? __virt_addr_valid+0x1db/0x2d0 [ 16.862037] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.862059] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.862082] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.862114] kasan_report+0x141/0x180 [ 16.862137] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.862165] __asan_report_load8_noabort+0x18/0x20 [ 16.862190] kasan_atomics_helper+0x4fa5/0x5450 [ 16.862214] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.862237] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.862264] ? kasan_atomics+0x152/0x310 [ 16.862291] kasan_atomics+0x1dc/0x310 [ 16.862315] ? __pfx_kasan_atomics+0x10/0x10 [ 16.862340] ? __pfx_read_tsc+0x10/0x10 [ 16.862364] ? ktime_get_ts64+0x86/0x230 [ 16.862390] kunit_try_run_case+0x1a5/0x480 [ 16.862415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.862439] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.862465] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.862501] ? __kthread_parkme+0x82/0x180 [ 16.862523] ? preempt_count_sub+0x50/0x80 [ 16.862548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.862574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.862598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.862622] kthread+0x337/0x6f0 [ 16.862644] ? trace_preempt_on+0x20/0xc0 [ 16.862668] ? __pfx_kthread+0x10/0x10 [ 16.862690] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.862713] ? calculate_sigpending+0x7b/0xa0 [ 16.862739] ? __pfx_kthread+0x10/0x10 [ 16.862780] ret_from_fork+0x116/0x1d0 [ 16.862801] ? __pfx_kthread+0x10/0x10 [ 16.862822] ret_from_fork_asm+0x1a/0x30 [ 16.862854] </TASK> [ 16.862866] [ 16.872061] Allocated by task 283: [ 16.872201] kasan_save_stack+0x45/0x70 [ 16.872355] kasan_save_track+0x18/0x40 [ 16.872558] kasan_save_alloc_info+0x3b/0x50 [ 16.872812] __kasan_kmalloc+0xb7/0xc0 [ 16.873008] __kmalloc_cache_noprof+0x189/0x420 [ 16.873238] kasan_atomics+0x95/0x310 [ 16.873428] kunit_try_run_case+0x1a5/0x480 [ 16.873593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.873810] kthread+0x337/0x6f0 [ 16.873987] ret_from_fork+0x116/0x1d0 [ 16.874193] ret_from_fork_asm+0x1a/0x30 [ 16.874397] [ 16.874506] The buggy address belongs to the object at ffff8881038b5600 [ 16.874506] which belongs to the cache kmalloc-64 of size 64 [ 16.875040] The buggy address is located 0 bytes to the right of [ 16.875040] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.875565] [ 16.875649] The buggy address belongs to the physical page: [ 16.875919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.876237] flags: 0x200000000000000(node=0|zone=2) [ 16.876452] page_type: f5(slab) [ 16.876643] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.876964] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.877282] page dumped because: kasan: bad access detected [ 16.877534] [ 16.877630] Memory state around the buggy address: [ 16.877879] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.878129] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.878409] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.878743] ^ [ 16.878989] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.879273] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.879513] ================================================================== [ 15.727377] ================================================================== [ 15.727727] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.728156] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.728478] [ 15.728606] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.728654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.728667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.728690] Call Trace: [ 15.728709] <TASK> [ 15.728726] dump_stack_lvl+0x73/0xb0 [ 15.728758] print_report+0xd1/0x610 [ 15.728782] ? __virt_addr_valid+0x1db/0x2d0 [ 15.728807] ? kasan_atomics_helper+0x860/0x5450 [ 15.728829] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.728854] ? kasan_atomics_helper+0x860/0x5450 [ 15.728877] kasan_report+0x141/0x180 [ 15.728901] ? kasan_atomics_helper+0x860/0x5450 [ 15.728928] kasan_check_range+0x10c/0x1c0 [ 15.728954] __kasan_check_write+0x18/0x20 [ 15.728975] kasan_atomics_helper+0x860/0x5450 [ 15.729014] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.729048] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.729074] ? kasan_atomics+0x152/0x310 [ 15.729152] kasan_atomics+0x1dc/0x310 [ 15.729180] ? __pfx_kasan_atomics+0x10/0x10 [ 15.729206] ? __pfx_read_tsc+0x10/0x10 [ 15.729230] ? ktime_get_ts64+0x86/0x230 [ 15.729257] kunit_try_run_case+0x1a5/0x480 [ 15.729283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.729307] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.729334] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.729359] ? __kthread_parkme+0x82/0x180 [ 15.729381] ? preempt_count_sub+0x50/0x80 [ 15.729406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.729441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.729466] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.729509] kthread+0x337/0x6f0 [ 15.729530] ? trace_preempt_on+0x20/0xc0 [ 15.729556] ? __pfx_kthread+0x10/0x10 [ 15.729578] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.729600] ? calculate_sigpending+0x7b/0xa0 [ 15.729635] ? __pfx_kthread+0x10/0x10 [ 15.729658] ret_from_fork+0x116/0x1d0 [ 15.729677] ? __pfx_kthread+0x10/0x10 [ 15.729711] ret_from_fork_asm+0x1a/0x30 [ 15.729743] </TASK> [ 15.729754] [ 15.738621] Allocated by task 283: [ 15.738763] kasan_save_stack+0x45/0x70 [ 15.739020] kasan_save_track+0x18/0x40 [ 15.739261] kasan_save_alloc_info+0x3b/0x50 [ 15.739534] __kasan_kmalloc+0xb7/0xc0 [ 15.739775] __kmalloc_cache_noprof+0x189/0x420 [ 15.740030] kasan_atomics+0x95/0x310 [ 15.740305] kunit_try_run_case+0x1a5/0x480 [ 15.740529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.740741] kthread+0x337/0x6f0 [ 15.740906] ret_from_fork+0x116/0x1d0 [ 15.741218] ret_from_fork_asm+0x1a/0x30 [ 15.741418] [ 15.741532] The buggy address belongs to the object at ffff8881038b5600 [ 15.741532] which belongs to the cache kmalloc-64 of size 64 [ 15.742106] The buggy address is located 0 bytes to the right of [ 15.742106] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.742898] [ 15.743025] The buggy address belongs to the physical page: [ 15.743314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.743666] flags: 0x200000000000000(node=0|zone=2) [ 15.743982] page_type: f5(slab) [ 15.744213] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.744485] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.744722] page dumped because: kasan: bad access detected [ 15.744902] [ 15.744977] Memory state around the buggy address: [ 15.745243] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.745582] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.746079] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.746373] ^ [ 15.746548] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.746782] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.747109] ================================================================== [ 16.898547] ================================================================== [ 16.898941] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.899325] Read of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.899670] [ 16.899811] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.899860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.899873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.899896] Call Trace: [ 16.899917] <TASK> [ 16.899934] dump_stack_lvl+0x73/0xb0 [ 16.899966] print_report+0xd1/0x610 [ 16.899990] ? __virt_addr_valid+0x1db/0x2d0 [ 16.900014] ? kasan_atomics_helper+0x5115/0x5450 [ 16.900036] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.900058] ? kasan_atomics_helper+0x5115/0x5450 [ 16.900081] kasan_report+0x141/0x180 [ 16.900104] ? kasan_atomics_helper+0x5115/0x5450 [ 16.900132] __asan_report_load8_noabort+0x18/0x20 [ 16.900160] kasan_atomics_helper+0x5115/0x5450 [ 16.900186] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.900210] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.900237] ? kasan_atomics+0x152/0x310 [ 16.900264] kasan_atomics+0x1dc/0x310 [ 16.900287] ? __pfx_kasan_atomics+0x10/0x10 [ 16.900313] ? __pfx_read_tsc+0x10/0x10 [ 16.900336] ? ktime_get_ts64+0x86/0x230 [ 16.900362] kunit_try_run_case+0x1a5/0x480 [ 16.900388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.900412] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.900439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.900464] ? __kthread_parkme+0x82/0x180 [ 16.900497] ? preempt_count_sub+0x50/0x80 [ 16.900523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.900548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.900573] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.900598] kthread+0x337/0x6f0 [ 16.900619] ? trace_preempt_on+0x20/0xc0 [ 16.900644] ? __pfx_kthread+0x10/0x10 [ 16.900666] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.900689] ? calculate_sigpending+0x7b/0xa0 [ 16.900715] ? __pfx_kthread+0x10/0x10 [ 16.900739] ret_from_fork+0x116/0x1d0 [ 16.900777] ? __pfx_kthread+0x10/0x10 [ 16.900800] ret_from_fork_asm+0x1a/0x30 [ 16.900833] </TASK> [ 16.900845] [ 16.908118] Allocated by task 283: [ 16.908303] kasan_save_stack+0x45/0x70 [ 16.908495] kasan_save_track+0x18/0x40 [ 16.908682] kasan_save_alloc_info+0x3b/0x50 [ 16.908909] __kasan_kmalloc+0xb7/0xc0 [ 16.909060] __kmalloc_cache_noprof+0x189/0x420 [ 16.909265] kasan_atomics+0x95/0x310 [ 16.909453] kunit_try_run_case+0x1a5/0x480 [ 16.909669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.909930] kthread+0x337/0x6f0 [ 16.910058] ret_from_fork+0x116/0x1d0 [ 16.910202] ret_from_fork_asm+0x1a/0x30 [ 16.910348] [ 16.910424] The buggy address belongs to the object at ffff8881038b5600 [ 16.910424] which belongs to the cache kmalloc-64 of size 64 [ 16.910822] The buggy address is located 0 bytes to the right of [ 16.910822] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.911212] [ 16.911312] The buggy address belongs to the physical page: [ 16.911585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.911962] flags: 0x200000000000000(node=0|zone=2) [ 16.912202] page_type: f5(slab) [ 16.912374] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.912734] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.913099] page dumped because: kasan: bad access detected [ 16.913356] [ 16.913451] Memory state around the buggy address: [ 16.913687] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.913985] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.914216] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.914438] ^ [ 16.914679] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.915035] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.915361] ================================================================== [ 16.228000] ================================================================== [ 16.228319] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 16.228925] Read of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.229382] [ 16.229528] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.229575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.229588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.229612] Call Trace: [ 16.229630] <TASK> [ 16.229657] dump_stack_lvl+0x73/0xb0 [ 16.229691] print_report+0xd1/0x610 [ 16.229714] ? __virt_addr_valid+0x1db/0x2d0 [ 16.229750] ? kasan_atomics_helper+0x13b5/0x5450 [ 16.229773] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.229798] ? kasan_atomics_helper+0x13b5/0x5450 [ 16.229821] kasan_report+0x141/0x180 [ 16.229844] ? kasan_atomics_helper+0x13b5/0x5450 [ 16.229873] kasan_check_range+0x10c/0x1c0 [ 16.229901] __kasan_check_read+0x15/0x20 [ 16.229922] kasan_atomics_helper+0x13b5/0x5450 [ 16.229946] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.229970] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.229996] ? kasan_atomics+0x152/0x310 [ 16.230024] kasan_atomics+0x1dc/0x310 [ 16.230048] ? __pfx_kasan_atomics+0x10/0x10 [ 16.230082] ? __pfx_read_tsc+0x10/0x10 [ 16.230112] ? ktime_get_ts64+0x86/0x230 [ 16.230138] kunit_try_run_case+0x1a5/0x480 [ 16.230175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.230199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.230226] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.230251] ? __kthread_parkme+0x82/0x180 [ 16.230273] ? preempt_count_sub+0x50/0x80 [ 16.230297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.230323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.230348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.230426] kthread+0x337/0x6f0 [ 16.230448] ? trace_preempt_on+0x20/0xc0 [ 16.230483] ? __pfx_kthread+0x10/0x10 [ 16.230515] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.230538] ? calculate_sigpending+0x7b/0xa0 [ 16.230574] ? __pfx_kthread+0x10/0x10 [ 16.230608] ret_from_fork+0x116/0x1d0 [ 16.230627] ? __pfx_kthread+0x10/0x10 [ 16.230649] ret_from_fork_asm+0x1a/0x30 [ 16.230691] </TASK> [ 16.230702] [ 16.239656] Allocated by task 283: [ 16.239868] kasan_save_stack+0x45/0x70 [ 16.240021] kasan_save_track+0x18/0x40 [ 16.240240] kasan_save_alloc_info+0x3b/0x50 [ 16.240529] __kasan_kmalloc+0xb7/0xc0 [ 16.240785] __kmalloc_cache_noprof+0x189/0x420 [ 16.241033] kasan_atomics+0x95/0x310 [ 16.241278] kunit_try_run_case+0x1a5/0x480 [ 16.241493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.241747] kthread+0x337/0x6f0 [ 16.241925] ret_from_fork+0x116/0x1d0 [ 16.242172] ret_from_fork_asm+0x1a/0x30 [ 16.242359] [ 16.242434] The buggy address belongs to the object at ffff8881038b5600 [ 16.242434] which belongs to the cache kmalloc-64 of size 64 [ 16.242989] The buggy address is located 0 bytes to the right of [ 16.242989] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.243732] [ 16.243897] The buggy address belongs to the physical page: [ 16.244298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.244613] flags: 0x200000000000000(node=0|zone=2) [ 16.244832] page_type: f5(slab) [ 16.245020] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.245434] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.245709] page dumped because: kasan: bad access detected [ 16.245889] [ 16.245963] Memory state around the buggy address: [ 16.246129] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.246353] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.246750] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.247071] ^ [ 16.247300] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.247761] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.248111] ================================================================== [ 15.930743] ================================================================== [ 15.931160] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.931537] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.931880] [ 15.931981] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.932026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.932039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.932060] Call Trace: [ 15.932076] <TASK> [ 15.932092] dump_stack_lvl+0x73/0xb0 [ 15.932122] print_report+0xd1/0x610 [ 15.932146] ? __virt_addr_valid+0x1db/0x2d0 [ 15.932169] ? kasan_atomics_helper+0xde0/0x5450 [ 15.932192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.932215] ? kasan_atomics_helper+0xde0/0x5450 [ 15.932238] kasan_report+0x141/0x180 [ 15.932262] ? kasan_atomics_helper+0xde0/0x5450 [ 15.932289] kasan_check_range+0x10c/0x1c0 [ 15.932314] __kasan_check_write+0x18/0x20 [ 15.932335] kasan_atomics_helper+0xde0/0x5450 [ 15.932358] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.932382] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.932408] ? kasan_atomics+0x152/0x310 [ 15.932436] kasan_atomics+0x1dc/0x310 [ 15.932460] ? __pfx_kasan_atomics+0x10/0x10 [ 15.932497] ? __pfx_read_tsc+0x10/0x10 [ 15.932519] ? ktime_get_ts64+0x86/0x230 [ 15.932545] kunit_try_run_case+0x1a5/0x480 [ 15.932570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.932595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.932620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.932645] ? __kthread_parkme+0x82/0x180 [ 15.932667] ? preempt_count_sub+0x50/0x80 [ 15.932692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.932719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.932743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.932769] kthread+0x337/0x6f0 [ 15.932789] ? trace_preempt_on+0x20/0xc0 [ 15.932813] ? __pfx_kthread+0x10/0x10 [ 15.932835] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.932859] ? calculate_sigpending+0x7b/0xa0 [ 15.932884] ? __pfx_kthread+0x10/0x10 [ 15.932907] ret_from_fork+0x116/0x1d0 [ 15.932928] ? __pfx_kthread+0x10/0x10 [ 15.932950] ret_from_fork_asm+0x1a/0x30 [ 15.932982] </TASK> [ 15.932993] [ 15.941229] Allocated by task 283: [ 15.941370] kasan_save_stack+0x45/0x70 [ 15.941532] kasan_save_track+0x18/0x40 [ 15.941988] kasan_save_alloc_info+0x3b/0x50 [ 15.942494] __kasan_kmalloc+0xb7/0xc0 [ 15.942695] __kmalloc_cache_noprof+0x189/0x420 [ 15.942920] kasan_atomics+0x95/0x310 [ 15.943114] kunit_try_run_case+0x1a5/0x480 [ 15.943324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.943592] kthread+0x337/0x6f0 [ 15.943848] ret_from_fork+0x116/0x1d0 [ 15.943993] ret_from_fork_asm+0x1a/0x30 [ 15.944396] [ 15.944486] The buggy address belongs to the object at ffff8881038b5600 [ 15.944486] which belongs to the cache kmalloc-64 of size 64 [ 15.945043] The buggy address is located 0 bytes to the right of [ 15.945043] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.945624] [ 15.945721] The buggy address belongs to the physical page: [ 15.946243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.946592] flags: 0x200000000000000(node=0|zone=2) [ 15.946808] page_type: f5(slab) [ 15.946984] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.947296] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.947622] page dumped because: kasan: bad access detected [ 15.947976] [ 15.948103] Memory state around the buggy address: [ 15.948315] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.948582] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.948861] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.949570] ^ [ 15.949767] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.950201] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.950535] ================================================================== [ 16.544969] ================================================================== [ 16.545556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 16.546003] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.546394] [ 16.546544] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.546589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.546603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.546626] Call Trace: [ 16.546644] <TASK> [ 16.546660] dump_stack_lvl+0x73/0xb0 [ 16.546713] print_report+0xd1/0x610 [ 16.546738] ? __virt_addr_valid+0x1db/0x2d0 [ 16.546797] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.546821] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.546845] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.546869] kasan_report+0x141/0x180 [ 16.546892] ? kasan_atomics_helper+0x1b22/0x5450 [ 16.546920] kasan_check_range+0x10c/0x1c0 [ 16.546945] __kasan_check_write+0x18/0x20 [ 16.546967] kasan_atomics_helper+0x1b22/0x5450 [ 16.546991] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.547014] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.547099] ? kasan_atomics+0x152/0x310 [ 16.547151] kasan_atomics+0x1dc/0x310 [ 16.547175] ? __pfx_kasan_atomics+0x10/0x10 [ 16.547202] ? __pfx_read_tsc+0x10/0x10 [ 16.547225] ? ktime_get_ts64+0x86/0x230 [ 16.547251] kunit_try_run_case+0x1a5/0x480 [ 16.547277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.547301] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.547345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.547370] ? __kthread_parkme+0x82/0x180 [ 16.547392] ? preempt_count_sub+0x50/0x80 [ 16.547417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.547443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.547478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.547504] kthread+0x337/0x6f0 [ 16.547541] ? trace_preempt_on+0x20/0xc0 [ 16.547568] ? __pfx_kthread+0x10/0x10 [ 16.547604] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.547628] ? calculate_sigpending+0x7b/0xa0 [ 16.547654] ? __pfx_kthread+0x10/0x10 [ 16.547692] ret_from_fork+0x116/0x1d0 [ 16.547712] ? __pfx_kthread+0x10/0x10 [ 16.547747] ret_from_fork_asm+0x1a/0x30 [ 16.547799] </TASK> [ 16.547810] [ 16.556696] Allocated by task 283: [ 16.556910] kasan_save_stack+0x45/0x70 [ 16.557155] kasan_save_track+0x18/0x40 [ 16.557376] kasan_save_alloc_info+0x3b/0x50 [ 16.557603] __kasan_kmalloc+0xb7/0xc0 [ 16.557794] __kmalloc_cache_noprof+0x189/0x420 [ 16.558092] kasan_atomics+0x95/0x310 [ 16.558266] kunit_try_run_case+0x1a5/0x480 [ 16.558549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.558818] kthread+0x337/0x6f0 [ 16.558974] ret_from_fork+0x116/0x1d0 [ 16.559252] ret_from_fork_asm+0x1a/0x30 [ 16.559454] [ 16.559569] The buggy address belongs to the object at ffff8881038b5600 [ 16.559569] which belongs to the cache kmalloc-64 of size 64 [ 16.560173] The buggy address is located 0 bytes to the right of [ 16.560173] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.560727] [ 16.560859] The buggy address belongs to the physical page: [ 16.561345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.561694] flags: 0x200000000000000(node=0|zone=2) [ 16.561913] page_type: f5(slab) [ 16.562226] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.562579] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.562954] page dumped because: kasan: bad access detected [ 16.563309] [ 16.563404] Memory state around the buggy address: [ 16.563645] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.564014] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.564257] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.564605] ^ [ 16.564846] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.565175] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.565601] ================================================================== [ 16.130795] ================================================================== [ 16.131027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 16.131784] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.132455] [ 16.132730] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.132776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.132788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.132811] Call Trace: [ 16.132829] <TASK> [ 16.132871] dump_stack_lvl+0x73/0xb0 [ 16.132903] print_report+0xd1/0x610 [ 16.132928] ? __virt_addr_valid+0x1db/0x2d0 [ 16.132964] ? kasan_atomics_helper+0x1217/0x5450 [ 16.132986] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.133010] ? kasan_atomics_helper+0x1217/0x5450 [ 16.133032] kasan_report+0x141/0x180 [ 16.133080] ? kasan_atomics_helper+0x1217/0x5450 [ 16.133107] kasan_check_range+0x10c/0x1c0 [ 16.133131] __kasan_check_write+0x18/0x20 [ 16.133178] kasan_atomics_helper+0x1217/0x5450 [ 16.133203] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.133226] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.133251] ? kasan_atomics+0x152/0x310 [ 16.133280] kasan_atomics+0x1dc/0x310 [ 16.133330] ? __pfx_kasan_atomics+0x10/0x10 [ 16.133355] ? __pfx_read_tsc+0x10/0x10 [ 16.133388] ? ktime_get_ts64+0x86/0x230 [ 16.133414] kunit_try_run_case+0x1a5/0x480 [ 16.133440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.133463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.133499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.133523] ? __kthread_parkme+0x82/0x180 [ 16.133545] ? preempt_count_sub+0x50/0x80 [ 16.133570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.133596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.133620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.133645] kthread+0x337/0x6f0 [ 16.133666] ? trace_preempt_on+0x20/0xc0 [ 16.133690] ? __pfx_kthread+0x10/0x10 [ 16.133711] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.133735] ? calculate_sigpending+0x7b/0xa0 [ 16.133760] ? __pfx_kthread+0x10/0x10 [ 16.133794] ret_from_fork+0x116/0x1d0 [ 16.133815] ? __pfx_kthread+0x10/0x10 [ 16.133836] ret_from_fork_asm+0x1a/0x30 [ 16.133868] </TASK> [ 16.133879] [ 16.142751] Allocated by task 283: [ 16.142977] kasan_save_stack+0x45/0x70 [ 16.143204] kasan_save_track+0x18/0x40 [ 16.143562] kasan_save_alloc_info+0x3b/0x50 [ 16.143828] __kasan_kmalloc+0xb7/0xc0 [ 16.144037] __kmalloc_cache_noprof+0x189/0x420 [ 16.144373] kasan_atomics+0x95/0x310 [ 16.144601] kunit_try_run_case+0x1a5/0x480 [ 16.144970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.145235] kthread+0x337/0x6f0 [ 16.145459] ret_from_fork+0x116/0x1d0 [ 16.145674] ret_from_fork_asm+0x1a/0x30 [ 16.145919] [ 16.146021] The buggy address belongs to the object at ffff8881038b5600 [ 16.146021] which belongs to the cache kmalloc-64 of size 64 [ 16.146686] The buggy address is located 0 bytes to the right of [ 16.146686] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.147400] [ 16.147526] The buggy address belongs to the physical page: [ 16.147869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.148482] flags: 0x200000000000000(node=0|zone=2) [ 16.148745] page_type: f5(slab) [ 16.148934] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.149346] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.149684] page dumped because: kasan: bad access detected [ 16.150096] [ 16.150178] Memory state around the buggy address: [ 16.150424] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.150788] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.151188] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.151408] ^ [ 16.151741] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.152074] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.152310] ================================================================== [ 16.676756] ================================================================== [ 16.677168] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.677820] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.678146] [ 16.678273] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.678323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.678336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.678360] Call Trace: [ 16.678379] <TASK> [ 16.678396] dump_stack_lvl+0x73/0xb0 [ 16.678429] print_report+0xd1/0x610 [ 16.678453] ? __virt_addr_valid+0x1db/0x2d0 [ 16.678491] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.678514] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.678538] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.678560] kasan_report+0x141/0x180 [ 16.678583] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.678610] kasan_check_range+0x10c/0x1c0 [ 16.678635] __kasan_check_write+0x18/0x20 [ 16.678656] kasan_atomics_helper+0x1eaa/0x5450 [ 16.678679] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.678702] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.678729] ? kasan_atomics+0x152/0x310 [ 16.678756] kasan_atomics+0x1dc/0x310 [ 16.678780] ? __pfx_kasan_atomics+0x10/0x10 [ 16.678806] ? __pfx_read_tsc+0x10/0x10 [ 16.678828] ? ktime_get_ts64+0x86/0x230 [ 16.678854] kunit_try_run_case+0x1a5/0x480 [ 16.678891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.678914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.678940] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.678966] ? __kthread_parkme+0x82/0x180 [ 16.678988] ? preempt_count_sub+0x50/0x80 [ 16.679013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.679038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.679062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.679087] kthread+0x337/0x6f0 [ 16.679108] ? trace_preempt_on+0x20/0xc0 [ 16.679134] ? __pfx_kthread+0x10/0x10 [ 16.679155] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.679178] ? calculate_sigpending+0x7b/0xa0 [ 16.679203] ? __pfx_kthread+0x10/0x10 [ 16.679226] ret_from_fork+0x116/0x1d0 [ 16.679245] ? __pfx_kthread+0x10/0x10 [ 16.679267] ret_from_fork_asm+0x1a/0x30 [ 16.679299] </TASK> [ 16.679311] [ 16.693669] Allocated by task 283: [ 16.693824] kasan_save_stack+0x45/0x70 [ 16.693975] kasan_save_track+0x18/0x40 [ 16.694250] kasan_save_alloc_info+0x3b/0x50 [ 16.694478] __kasan_kmalloc+0xb7/0xc0 [ 16.694667] __kmalloc_cache_noprof+0x189/0x420 [ 16.694829] kasan_atomics+0x95/0x310 [ 16.695036] kunit_try_run_case+0x1a5/0x480 [ 16.695260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.695524] kthread+0x337/0x6f0 [ 16.695668] ret_from_fork+0x116/0x1d0 [ 16.695882] ret_from_fork_asm+0x1a/0x30 [ 16.696075] [ 16.696151] The buggy address belongs to the object at ffff8881038b5600 [ 16.696151] which belongs to the cache kmalloc-64 of size 64 [ 16.696744] The buggy address is located 0 bytes to the right of [ 16.696744] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.697185] [ 16.697262] The buggy address belongs to the physical page: [ 16.697538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.698046] flags: 0x200000000000000(node=0|zone=2) [ 16.698252] page_type: f5(slab) [ 16.698427] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.698736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.699064] page dumped because: kasan: bad access detected [ 16.699299] [ 16.699373] Memory state around the buggy address: [ 16.699571] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.700042] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.700342] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.700593] ^ [ 16.700800] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.701131] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.701443] ================================================================== [ 16.095665] ================================================================== [ 16.096586] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 16.096965] Read of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.097307] [ 16.097425] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.099639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.099663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.099688] Call Trace: [ 16.099708] <TASK> [ 16.099726] dump_stack_lvl+0x73/0xb0 [ 16.099762] print_report+0xd1/0x610 [ 16.099786] ? __virt_addr_valid+0x1db/0x2d0 [ 16.099809] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.099846] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.099870] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.099895] kasan_report+0x141/0x180 [ 16.099918] ? kasan_atomics_helper+0x4a02/0x5450 [ 16.099945] __asan_report_load4_noabort+0x18/0x20 [ 16.099970] kasan_atomics_helper+0x4a02/0x5450 [ 16.099995] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.100018] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.100046] ? kasan_atomics+0x152/0x310 [ 16.100074] kasan_atomics+0x1dc/0x310 [ 16.100099] ? __pfx_kasan_atomics+0x10/0x10 [ 16.100126] ? __pfx_read_tsc+0x10/0x10 [ 16.100149] ? ktime_get_ts64+0x86/0x230 [ 16.100175] kunit_try_run_case+0x1a5/0x480 [ 16.100200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.100224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.100250] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.100275] ? __kthread_parkme+0x82/0x180 [ 16.100296] ? preempt_count_sub+0x50/0x80 [ 16.100322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.100348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.100373] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.100398] kthread+0x337/0x6f0 [ 16.100419] ? trace_preempt_on+0x20/0xc0 [ 16.100442] ? __pfx_kthread+0x10/0x10 [ 16.100465] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.100499] ? calculate_sigpending+0x7b/0xa0 [ 16.100526] ? __pfx_kthread+0x10/0x10 [ 16.100550] ret_from_fork+0x116/0x1d0 [ 16.100570] ? __pfx_kthread+0x10/0x10 [ 16.100594] ret_from_fork_asm+0x1a/0x30 [ 16.100626] </TASK> [ 16.100637] [ 16.115456] Allocated by task 283: [ 16.115847] kasan_save_stack+0x45/0x70 [ 16.116323] kasan_save_track+0x18/0x40 [ 16.116633] kasan_save_alloc_info+0x3b/0x50 [ 16.116822] __kasan_kmalloc+0xb7/0xc0 [ 16.117290] __kmalloc_cache_noprof+0x189/0x420 [ 16.117754] kasan_atomics+0x95/0x310 [ 16.118265] kunit_try_run_case+0x1a5/0x480 [ 16.118579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.118929] kthread+0x337/0x6f0 [ 16.119489] ret_from_fork+0x116/0x1d0 [ 16.119778] ret_from_fork_asm+0x1a/0x30 [ 16.119930] [ 16.120008] The buggy address belongs to the object at ffff8881038b5600 [ 16.120008] which belongs to the cache kmalloc-64 of size 64 [ 16.121252] The buggy address is located 0 bytes to the right of [ 16.121252] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.122636] [ 16.122844] The buggy address belongs to the physical page: [ 16.123329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.123588] flags: 0x200000000000000(node=0|zone=2) [ 16.123759] page_type: f5(slab) [ 16.124120] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.125024] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.125874] page dumped because: kasan: bad access detected [ 16.126388] [ 16.126571] Memory state around the buggy address: [ 16.127169] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.127661] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.128119] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.128912] ^ [ 16.129443] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.130157] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.130388] ================================================================== [ 15.970063] ================================================================== [ 15.970420] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.970769] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.971100] [ 15.971207] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.971249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.971262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.971283] Call Trace: [ 15.971299] <TASK> [ 15.971314] dump_stack_lvl+0x73/0xb0 [ 15.971343] print_report+0xd1/0x610 [ 15.971366] ? __virt_addr_valid+0x1db/0x2d0 [ 15.971388] ? kasan_atomics_helper+0xf10/0x5450 [ 15.971410] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.971434] ? kasan_atomics_helper+0xf10/0x5450 [ 15.971456] kasan_report+0x141/0x180 [ 15.971538] ? kasan_atomics_helper+0xf10/0x5450 [ 15.971568] kasan_check_range+0x10c/0x1c0 [ 15.971593] __kasan_check_write+0x18/0x20 [ 15.971613] kasan_atomics_helper+0xf10/0x5450 [ 15.971636] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.971660] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.971686] ? kasan_atomics+0x152/0x310 [ 15.971713] kasan_atomics+0x1dc/0x310 [ 15.971737] ? __pfx_kasan_atomics+0x10/0x10 [ 15.971762] ? __pfx_read_tsc+0x10/0x10 [ 15.971784] ? ktime_get_ts64+0x86/0x230 [ 15.971810] kunit_try_run_case+0x1a5/0x480 [ 15.971835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.971858] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.971884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.971908] ? __kthread_parkme+0x82/0x180 [ 15.971929] ? preempt_count_sub+0x50/0x80 [ 15.971953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.971978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.972003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.972028] kthread+0x337/0x6f0 [ 15.972048] ? trace_preempt_on+0x20/0xc0 [ 15.972073] ? __pfx_kthread+0x10/0x10 [ 15.972095] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.972118] ? calculate_sigpending+0x7b/0xa0 [ 15.972142] ? __pfx_kthread+0x10/0x10 [ 15.972165] ret_from_fork+0x116/0x1d0 [ 15.972186] ? __pfx_kthread+0x10/0x10 [ 15.972207] ret_from_fork_asm+0x1a/0x30 [ 15.972239] </TASK> [ 15.972250] [ 15.981479] Allocated by task 283: [ 15.981651] kasan_save_stack+0x45/0x70 [ 15.981868] kasan_save_track+0x18/0x40 [ 15.982053] kasan_save_alloc_info+0x3b/0x50 [ 15.982527] __kasan_kmalloc+0xb7/0xc0 [ 15.982732] __kmalloc_cache_noprof+0x189/0x420 [ 15.982961] kasan_atomics+0x95/0x310 [ 15.983221] kunit_try_run_case+0x1a5/0x480 [ 15.983411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.983675] kthread+0x337/0x6f0 [ 15.983873] ret_from_fork+0x116/0x1d0 [ 15.984092] ret_from_fork_asm+0x1a/0x30 [ 15.984288] [ 15.984390] The buggy address belongs to the object at ffff8881038b5600 [ 15.984390] which belongs to the cache kmalloc-64 of size 64 [ 15.984915] The buggy address is located 0 bytes to the right of [ 15.984915] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.985698] [ 15.985814] The buggy address belongs to the physical page: [ 15.986108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.986413] flags: 0x200000000000000(node=0|zone=2) [ 15.986669] page_type: f5(slab) [ 15.986889] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.987397] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.987658] page dumped because: kasan: bad access detected [ 15.987990] [ 15.988124] Memory state around the buggy address: [ 15.988356] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.988702] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.989188] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.989418] ^ [ 15.989598] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.990156] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.990505] ================================================================== [ 16.269648] ================================================================== [ 16.270119] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 16.270462] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.270879] [ 16.270995] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.271071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.271086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.271107] Call Trace: [ 16.271134] <TASK> [ 16.271150] dump_stack_lvl+0x73/0xb0 [ 16.271180] print_report+0xd1/0x610 [ 16.271216] ? __virt_addr_valid+0x1db/0x2d0 [ 16.271239] ? kasan_atomics_helper+0x1467/0x5450 [ 16.271262] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.271284] ? kasan_atomics_helper+0x1467/0x5450 [ 16.271317] kasan_report+0x141/0x180 [ 16.271339] ? kasan_atomics_helper+0x1467/0x5450 [ 16.271367] kasan_check_range+0x10c/0x1c0 [ 16.271401] __kasan_check_write+0x18/0x20 [ 16.271422] kasan_atomics_helper+0x1467/0x5450 [ 16.271446] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.271488] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.271513] ? kasan_atomics+0x152/0x310 [ 16.271552] kasan_atomics+0x1dc/0x310 [ 16.271576] ? __pfx_kasan_atomics+0x10/0x10 [ 16.271601] ? __pfx_read_tsc+0x10/0x10 [ 16.271623] ? ktime_get_ts64+0x86/0x230 [ 16.271648] kunit_try_run_case+0x1a5/0x480 [ 16.271673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.271698] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.271723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.271747] ? __kthread_parkme+0x82/0x180 [ 16.271769] ? preempt_count_sub+0x50/0x80 [ 16.271812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.271838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.271862] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.271898] kthread+0x337/0x6f0 [ 16.271918] ? trace_preempt_on+0x20/0xc0 [ 16.271942] ? __pfx_kthread+0x10/0x10 [ 16.271965] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.271988] ? calculate_sigpending+0x7b/0xa0 [ 16.272013] ? __pfx_kthread+0x10/0x10 [ 16.272068] ret_from_fork+0x116/0x1d0 [ 16.272092] ? __pfx_kthread+0x10/0x10 [ 16.272115] ret_from_fork_asm+0x1a/0x30 [ 16.272158] </TASK> [ 16.272171] [ 16.280872] Allocated by task 283: [ 16.281083] kasan_save_stack+0x45/0x70 [ 16.281366] kasan_save_track+0x18/0x40 [ 16.281602] kasan_save_alloc_info+0x3b/0x50 [ 16.281861] __kasan_kmalloc+0xb7/0xc0 [ 16.282108] __kmalloc_cache_noprof+0x189/0x420 [ 16.282358] kasan_atomics+0x95/0x310 [ 16.282582] kunit_try_run_case+0x1a5/0x480 [ 16.282816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.283009] kthread+0x337/0x6f0 [ 16.283230] ret_from_fork+0x116/0x1d0 [ 16.283454] ret_from_fork_asm+0x1a/0x30 [ 16.283643] [ 16.283720] The buggy address belongs to the object at ffff8881038b5600 [ 16.283720] which belongs to the cache kmalloc-64 of size 64 [ 16.284084] The buggy address is located 0 bytes to the right of [ 16.284084] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.284905] [ 16.285017] The buggy address belongs to the physical page: [ 16.285280] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.285582] flags: 0x200000000000000(node=0|zone=2) [ 16.285753] page_type: f5(slab) [ 16.285879] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.286430] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.287061] page dumped because: kasan: bad access detected [ 16.287258] [ 16.287339] Memory state around the buggy address: [ 16.287578] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.287935] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.288339] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.288614] ^ [ 16.288777] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.289119] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.289446] ================================================================== [ 15.991117] ================================================================== [ 15.991370] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.991741] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.992306] [ 15.992429] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.992489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.992502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.992524] Call Trace: [ 15.992543] <TASK> [ 15.992558] dump_stack_lvl+0x73/0xb0 [ 15.992593] print_report+0xd1/0x610 [ 15.992617] ? __virt_addr_valid+0x1db/0x2d0 [ 15.992640] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.992663] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.992686] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.992710] kasan_report+0x141/0x180 [ 15.992735] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.992762] kasan_check_range+0x10c/0x1c0 [ 15.992788] __kasan_check_write+0x18/0x20 [ 15.992821] kasan_atomics_helper+0xfa9/0x5450 [ 15.992846] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.992869] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.992896] ? kasan_atomics+0x152/0x310 [ 15.992925] kasan_atomics+0x1dc/0x310 [ 15.992950] ? __pfx_kasan_atomics+0x10/0x10 [ 15.992976] ? __pfx_read_tsc+0x10/0x10 [ 15.992998] ? ktime_get_ts64+0x86/0x230 [ 15.993024] kunit_try_run_case+0x1a5/0x480 [ 15.993144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.993172] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.993199] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.993225] ? __kthread_parkme+0x82/0x180 [ 15.993248] ? preempt_count_sub+0x50/0x80 [ 15.993275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.993301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.993326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.993352] kthread+0x337/0x6f0 [ 15.993373] ? trace_preempt_on+0x20/0xc0 [ 15.993397] ? __pfx_kthread+0x10/0x10 [ 15.993419] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.993444] ? calculate_sigpending+0x7b/0xa0 [ 15.993482] ? __pfx_kthread+0x10/0x10 [ 15.993505] ret_from_fork+0x116/0x1d0 [ 15.993527] ? __pfx_kthread+0x10/0x10 [ 15.993550] ret_from_fork_asm+0x1a/0x30 [ 15.993583] </TASK> [ 15.993594] [ 16.002027] Allocated by task 283: [ 16.002451] kasan_save_stack+0x45/0x70 [ 16.002683] kasan_save_track+0x18/0x40 [ 16.002996] kasan_save_alloc_info+0x3b/0x50 [ 16.003230] __kasan_kmalloc+0xb7/0xc0 [ 16.003372] __kmalloc_cache_noprof+0x189/0x420 [ 16.003574] kasan_atomics+0x95/0x310 [ 16.003765] kunit_try_run_case+0x1a5/0x480 [ 16.003985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.004430] kthread+0x337/0x6f0 [ 16.004572] ret_from_fork+0x116/0x1d0 [ 16.004715] ret_from_fork_asm+0x1a/0x30 [ 16.005107] [ 16.005211] The buggy address belongs to the object at ffff8881038b5600 [ 16.005211] which belongs to the cache kmalloc-64 of size 64 [ 16.005744] The buggy address is located 0 bytes to the right of [ 16.005744] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.006323] [ 16.006407] The buggy address belongs to the physical page: [ 16.006671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.007061] flags: 0x200000000000000(node=0|zone=2) [ 16.007263] page_type: f5(slab) [ 16.007435] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.007751] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.008061] page dumped because: kasan: bad access detected [ 16.008296] [ 16.008369] Memory state around the buggy address: [ 16.008610] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.008926] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.009149] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.009371] ^ [ 16.009547] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.009776] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.009997] ================================================================== [ 15.419518] ================================================================== [ 15.419937] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 15.420234] Read of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.420677] [ 15.420888] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.420939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.420951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.420974] Call Trace: [ 15.420992] <TASK> [ 15.421008] dump_stack_lvl+0x73/0xb0 [ 15.421040] print_report+0xd1/0x610 [ 15.421064] ? __virt_addr_valid+0x1db/0x2d0 [ 15.421086] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.421166] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.421204] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.421227] kasan_report+0x141/0x180 [ 15.421250] ? kasan_atomics_helper+0x4b88/0x5450 [ 15.421277] __asan_report_load4_noabort+0x18/0x20 [ 15.421302] kasan_atomics_helper+0x4b88/0x5450 [ 15.421325] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.421347] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.421374] ? kasan_atomics+0x152/0x310 [ 15.421401] kasan_atomics+0x1dc/0x310 [ 15.421424] ? __pfx_kasan_atomics+0x10/0x10 [ 15.421449] ? __pfx_read_tsc+0x10/0x10 [ 15.421481] ? ktime_get_ts64+0x86/0x230 [ 15.421507] kunit_try_run_case+0x1a5/0x480 [ 15.421532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.421556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.421582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.421606] ? __kthread_parkme+0x82/0x180 [ 15.421627] ? preempt_count_sub+0x50/0x80 [ 15.421653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.421678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.421728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.421753] kthread+0x337/0x6f0 [ 15.421774] ? trace_preempt_on+0x20/0xc0 [ 15.421809] ? __pfx_kthread+0x10/0x10 [ 15.421830] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.421853] ? calculate_sigpending+0x7b/0xa0 [ 15.421907] ? __pfx_kthread+0x10/0x10 [ 15.421930] ret_from_fork+0x116/0x1d0 [ 15.421949] ? __pfx_kthread+0x10/0x10 [ 15.421981] ret_from_fork_asm+0x1a/0x30 [ 15.422013] </TASK> [ 15.422024] [ 15.431377] Allocated by task 283: [ 15.431637] kasan_save_stack+0x45/0x70 [ 15.431936] kasan_save_track+0x18/0x40 [ 15.432221] kasan_save_alloc_info+0x3b/0x50 [ 15.432533] __kasan_kmalloc+0xb7/0xc0 [ 15.432734] __kmalloc_cache_noprof+0x189/0x420 [ 15.432926] kasan_atomics+0x95/0x310 [ 15.433432] kunit_try_run_case+0x1a5/0x480 [ 15.433605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.433956] kthread+0x337/0x6f0 [ 15.434218] ret_from_fork+0x116/0x1d0 [ 15.434395] ret_from_fork_asm+0x1a/0x30 [ 15.434553] [ 15.434656] The buggy address belongs to the object at ffff8881038b5600 [ 15.434656] which belongs to the cache kmalloc-64 of size 64 [ 15.435335] The buggy address is located 0 bytes to the right of [ 15.435335] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.435919] [ 15.436068] The buggy address belongs to the physical page: [ 15.436260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.436541] flags: 0x200000000000000(node=0|zone=2) [ 15.437010] page_type: f5(slab) [ 15.437393] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.437801] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.438277] page dumped because: kasan: bad access detected [ 15.438528] [ 15.438605] Memory state around the buggy address: [ 15.438794] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.439252] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.439692] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.440003] ^ [ 15.440263] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.440517] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.440852] ================================================================== [ 16.701980] ================================================================== [ 16.702479] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.702819] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.703155] [ 16.703277] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.703322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.703335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.703359] Call Trace: [ 16.703375] <TASK> [ 16.703392] dump_stack_lvl+0x73/0xb0 [ 16.703422] print_report+0xd1/0x610 [ 16.703446] ? __virt_addr_valid+0x1db/0x2d0 [ 16.703482] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.703505] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.703529] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.703552] kasan_report+0x141/0x180 [ 16.703575] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.703603] kasan_check_range+0x10c/0x1c0 [ 16.703627] __kasan_check_write+0x18/0x20 [ 16.703648] kasan_atomics_helper+0x1f43/0x5450 [ 16.703672] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.703696] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.703721] ? kasan_atomics+0x152/0x310 [ 16.703750] kasan_atomics+0x1dc/0x310 [ 16.703773] ? __pfx_kasan_atomics+0x10/0x10 [ 16.703799] ? __pfx_read_tsc+0x10/0x10 [ 16.703821] ? ktime_get_ts64+0x86/0x230 [ 16.703847] kunit_try_run_case+0x1a5/0x480 [ 16.703873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.703897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.703923] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.703948] ? __kthread_parkme+0x82/0x180 [ 16.703970] ? preempt_count_sub+0x50/0x80 [ 16.703995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.704021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.704046] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.704071] kthread+0x337/0x6f0 [ 16.704092] ? trace_preempt_on+0x20/0xc0 [ 16.704117] ? __pfx_kthread+0x10/0x10 [ 16.704138] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.704163] ? calculate_sigpending+0x7b/0xa0 [ 16.704187] ? __pfx_kthread+0x10/0x10 [ 16.704211] ret_from_fork+0x116/0x1d0 [ 16.704231] ? __pfx_kthread+0x10/0x10 [ 16.704252] ret_from_fork_asm+0x1a/0x30 [ 16.704284] </TASK> [ 16.704295] [ 16.711931] Allocated by task 283: [ 16.712119] kasan_save_stack+0x45/0x70 [ 16.712325] kasan_save_track+0x18/0x40 [ 16.712533] kasan_save_alloc_info+0x3b/0x50 [ 16.712722] __kasan_kmalloc+0xb7/0xc0 [ 16.712889] __kmalloc_cache_noprof+0x189/0x420 [ 16.713114] kasan_atomics+0x95/0x310 [ 16.713288] kunit_try_run_case+0x1a5/0x480 [ 16.713487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.713724] kthread+0x337/0x6f0 [ 16.713920] ret_from_fork+0x116/0x1d0 [ 16.714061] ret_from_fork_asm+0x1a/0x30 [ 16.714213] [ 16.714290] The buggy address belongs to the object at ffff8881038b5600 [ 16.714290] which belongs to the cache kmalloc-64 of size 64 [ 16.714671] The buggy address is located 0 bytes to the right of [ 16.714671] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.715055] [ 16.715131] The buggy address belongs to the physical page: [ 16.715395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.715763] flags: 0x200000000000000(node=0|zone=2) [ 16.716276] page_type: f5(slab) [ 16.716450] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.716711] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.716945] page dumped because: kasan: bad access detected [ 16.717122] [ 16.717195] Memory state around the buggy address: [ 16.717355] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.717631] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.718202] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.718547] ^ [ 16.718778] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.719107] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.719439] ================================================================== [ 16.412838] ================================================================== [ 16.413198] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 16.413596] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.413950] [ 16.414072] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.414133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.414145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.414169] Call Trace: [ 16.414189] <TASK> [ 16.414205] dump_stack_lvl+0x73/0xb0 [ 16.414236] print_report+0xd1/0x610 [ 16.414260] ? __virt_addr_valid+0x1db/0x2d0 [ 16.414284] ? kasan_atomics_helper+0x177f/0x5450 [ 16.414306] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.414330] ? kasan_atomics_helper+0x177f/0x5450 [ 16.414354] kasan_report+0x141/0x180 [ 16.414392] ? kasan_atomics_helper+0x177f/0x5450 [ 16.414420] kasan_check_range+0x10c/0x1c0 [ 16.414445] __kasan_check_write+0x18/0x20 [ 16.414465] kasan_atomics_helper+0x177f/0x5450 [ 16.414500] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.414524] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.414551] ? kasan_atomics+0x152/0x310 [ 16.414601] kasan_atomics+0x1dc/0x310 [ 16.414650] ? __pfx_kasan_atomics+0x10/0x10 [ 16.414676] ? __pfx_read_tsc+0x10/0x10 [ 16.414728] ? ktime_get_ts64+0x86/0x230 [ 16.414778] kunit_try_run_case+0x1a5/0x480 [ 16.414805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.414830] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.414855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.414881] ? __kthread_parkme+0x82/0x180 [ 16.414902] ? preempt_count_sub+0x50/0x80 [ 16.414927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.414952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.414977] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.415003] kthread+0x337/0x6f0 [ 16.415024] ? trace_preempt_on+0x20/0xc0 [ 16.415067] ? __pfx_kthread+0x10/0x10 [ 16.415090] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.415114] ? calculate_sigpending+0x7b/0xa0 [ 16.415139] ? __pfx_kthread+0x10/0x10 [ 16.415162] ret_from_fork+0x116/0x1d0 [ 16.415218] ? __pfx_kthread+0x10/0x10 [ 16.415240] ret_from_fork_asm+0x1a/0x30 [ 16.415273] </TASK> [ 16.415284] [ 16.427995] Allocated by task 283: [ 16.428438] kasan_save_stack+0x45/0x70 [ 16.428786] kasan_save_track+0x18/0x40 [ 16.429281] kasan_save_alloc_info+0x3b/0x50 [ 16.429516] __kasan_kmalloc+0xb7/0xc0 [ 16.429696] __kmalloc_cache_noprof+0x189/0x420 [ 16.430084] kasan_atomics+0x95/0x310 [ 16.430488] kunit_try_run_case+0x1a5/0x480 [ 16.430705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.431232] kthread+0x337/0x6f0 [ 16.431667] ret_from_fork+0x116/0x1d0 [ 16.431965] ret_from_fork_asm+0x1a/0x30 [ 16.432320] [ 16.432441] The buggy address belongs to the object at ffff8881038b5600 [ 16.432441] which belongs to the cache kmalloc-64 of size 64 [ 16.433302] The buggy address is located 0 bytes to the right of [ 16.433302] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.434233] [ 16.434359] The buggy address belongs to the physical page: [ 16.434620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.435274] flags: 0x200000000000000(node=0|zone=2) [ 16.435769] page_type: f5(slab) [ 16.436080] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.436721] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.437127] page dumped because: kasan: bad access detected [ 16.437373] [ 16.437499] Memory state around the buggy address: [ 16.437712] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.437976] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.438339] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.438595] ^ [ 16.438858] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.439171] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.439394] ================================================================== [ 16.719942] ================================================================== [ 16.720638] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.721032] Read of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.721324] [ 16.721409] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.721453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.721465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.721497] Call Trace: [ 16.721512] <TASK> [ 16.721527] dump_stack_lvl+0x73/0xb0 [ 16.721558] print_report+0xd1/0x610 [ 16.721581] ? __virt_addr_valid+0x1db/0x2d0 [ 16.721605] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.721627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.721650] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.721673] kasan_report+0x141/0x180 [ 16.721696] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.721723] __asan_report_load8_noabort+0x18/0x20 [ 16.721748] kasan_atomics_helper+0x4f71/0x5450 [ 16.721772] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.721805] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.721830] ? kasan_atomics+0x152/0x310 [ 16.721858] kasan_atomics+0x1dc/0x310 [ 16.721881] ? __pfx_kasan_atomics+0x10/0x10 [ 16.721906] ? __pfx_read_tsc+0x10/0x10 [ 16.721929] ? ktime_get_ts64+0x86/0x230 [ 16.721954] kunit_try_run_case+0x1a5/0x480 [ 16.721980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.722004] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.722031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.722055] ? __kthread_parkme+0x82/0x180 [ 16.722077] ? preempt_count_sub+0x50/0x80 [ 16.722109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.722134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.722158] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.722183] kthread+0x337/0x6f0 [ 16.722204] ? trace_preempt_on+0x20/0xc0 [ 16.722229] ? __pfx_kthread+0x10/0x10 [ 16.722250] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.722273] ? calculate_sigpending+0x7b/0xa0 [ 16.722298] ? __pfx_kthread+0x10/0x10 [ 16.722321] ret_from_fork+0x116/0x1d0 [ 16.722341] ? __pfx_kthread+0x10/0x10 [ 16.722362] ret_from_fork_asm+0x1a/0x30 [ 16.722394] </TASK> [ 16.722405] [ 16.730056] Allocated by task 283: [ 16.730202] kasan_save_stack+0x45/0x70 [ 16.730351] kasan_save_track+0x18/0x40 [ 16.730557] kasan_save_alloc_info+0x3b/0x50 [ 16.730775] __kasan_kmalloc+0xb7/0xc0 [ 16.730969] __kmalloc_cache_noprof+0x189/0x420 [ 16.731139] kasan_atomics+0x95/0x310 [ 16.731277] kunit_try_run_case+0x1a5/0x480 [ 16.731435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.731630] kthread+0x337/0x6f0 [ 16.731756] ret_from_fork+0x116/0x1d0 [ 16.731898] ret_from_fork_asm+0x1a/0x30 [ 16.732048] [ 16.732125] The buggy address belongs to the object at ffff8881038b5600 [ 16.732125] which belongs to the cache kmalloc-64 of size 64 [ 16.733398] The buggy address is located 0 bytes to the right of [ 16.733398] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.735229] [ 16.735609] The buggy address belongs to the physical page: [ 16.736226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.737190] flags: 0x200000000000000(node=0|zone=2) [ 16.737845] page_type: f5(slab) [ 16.738387] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.739386] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.740392] page dumped because: kasan: bad access detected [ 16.741170] [ 16.741505] Memory state around the buggy address: [ 16.741678] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.742442] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.743315] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.743562] ^ [ 16.743726] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.744385] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.744624] ================================================================== [ 15.747703] ================================================================== [ 15.748515] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.748791] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.749308] [ 15.749448] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.749507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.749520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.749553] Call Trace: [ 15.749573] <TASK> [ 15.749590] dump_stack_lvl+0x73/0xb0 [ 15.749635] print_report+0xd1/0x610 [ 15.749660] ? __virt_addr_valid+0x1db/0x2d0 [ 15.749684] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.749707] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.749740] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.749764] kasan_report+0x141/0x180 [ 15.749788] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.749827] kasan_check_range+0x10c/0x1c0 [ 15.749852] __kasan_check_write+0x18/0x20 [ 15.749873] kasan_atomics_helper+0x8f9/0x5450 [ 15.749897] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.749922] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.749958] ? kasan_atomics+0x152/0x310 [ 15.749987] kasan_atomics+0x1dc/0x310 [ 15.750022] ? __pfx_kasan_atomics+0x10/0x10 [ 15.750099] ? __pfx_read_tsc+0x10/0x10 [ 15.750133] ? ktime_get_ts64+0x86/0x230 [ 15.750159] kunit_try_run_case+0x1a5/0x480 [ 15.750187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.750224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.750252] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.750289] ? __kthread_parkme+0x82/0x180 [ 15.750312] ? preempt_count_sub+0x50/0x80 [ 15.750338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.750364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.750399] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.750425] kthread+0x337/0x6f0 [ 15.750447] ? trace_preempt_on+0x20/0xc0 [ 15.750487] ? __pfx_kthread+0x10/0x10 [ 15.750510] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.750535] ? calculate_sigpending+0x7b/0xa0 [ 15.750561] ? __pfx_kthread+0x10/0x10 [ 15.750595] ret_from_fork+0x116/0x1d0 [ 15.750616] ? __pfx_kthread+0x10/0x10 [ 15.750638] ret_from_fork_asm+0x1a/0x30 [ 15.750682] </TASK> [ 15.750694] [ 15.759823] Allocated by task 283: [ 15.759967] kasan_save_stack+0x45/0x70 [ 15.760117] kasan_save_track+0x18/0x40 [ 15.760259] kasan_save_alloc_info+0x3b/0x50 [ 15.760423] __kasan_kmalloc+0xb7/0xc0 [ 15.760626] __kmalloc_cache_noprof+0x189/0x420 [ 15.760853] kasan_atomics+0x95/0x310 [ 15.761558] kunit_try_run_case+0x1a5/0x480 [ 15.761786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.762088] kthread+0x337/0x6f0 [ 15.762276] ret_from_fork+0x116/0x1d0 [ 15.762484] ret_from_fork_asm+0x1a/0x30 [ 15.762685] [ 15.762792] The buggy address belongs to the object at ffff8881038b5600 [ 15.762792] which belongs to the cache kmalloc-64 of size 64 [ 15.763455] The buggy address is located 0 bytes to the right of [ 15.763455] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.764259] [ 15.764386] The buggy address belongs to the physical page: [ 15.764647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.765030] flags: 0x200000000000000(node=0|zone=2) [ 15.765490] page_type: f5(slab) [ 15.765636] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.766008] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.766397] page dumped because: kasan: bad access detected [ 15.766672] [ 15.766763] Memory state around the buggy address: [ 15.767066] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.767305] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.767533] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.767811] ^ [ 15.768136] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.768481] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.768810] ================================================================== [ 15.769341] ================================================================== [ 15.769597] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.769852] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.770185] [ 15.770292] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.770337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.770349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.770371] Call Trace: [ 15.770388] <TASK> [ 15.770403] dump_stack_lvl+0x73/0xb0 [ 15.770433] print_report+0xd1/0x610 [ 15.770456] ? __virt_addr_valid+0x1db/0x2d0 [ 15.770515] ? kasan_atomics_helper+0x992/0x5450 [ 15.770538] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.770561] ? kasan_atomics_helper+0x992/0x5450 [ 15.770755] kasan_report+0x141/0x180 [ 15.770783] ? kasan_atomics_helper+0x992/0x5450 [ 15.770821] kasan_check_range+0x10c/0x1c0 [ 15.770846] __kasan_check_write+0x18/0x20 [ 15.770866] kasan_atomics_helper+0x992/0x5450 [ 15.770889] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.770912] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.770953] ? kasan_atomics+0x152/0x310 [ 15.770980] kasan_atomics+0x1dc/0x310 [ 15.771017] ? __pfx_kasan_atomics+0x10/0x10 [ 15.771093] ? __pfx_read_tsc+0x10/0x10 [ 15.771117] ? ktime_get_ts64+0x86/0x230 [ 15.771142] kunit_try_run_case+0x1a5/0x480 [ 15.771169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.771193] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.771218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.771243] ? __kthread_parkme+0x82/0x180 [ 15.771264] ? preempt_count_sub+0x50/0x80 [ 15.771289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.771314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.771339] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.771364] kthread+0x337/0x6f0 [ 15.771386] ? trace_preempt_on+0x20/0xc0 [ 15.771410] ? __pfx_kthread+0x10/0x10 [ 15.771432] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.771465] ? calculate_sigpending+0x7b/0xa0 [ 15.771500] ? __pfx_kthread+0x10/0x10 [ 15.771523] ret_from_fork+0x116/0x1d0 [ 15.771556] ? __pfx_kthread+0x10/0x10 [ 15.771579] ret_from_fork_asm+0x1a/0x30 [ 15.771611] </TASK> [ 15.771622] [ 15.780493] Allocated by task 283: [ 15.780637] kasan_save_stack+0x45/0x70 [ 15.781063] kasan_save_track+0x18/0x40 [ 15.781273] kasan_save_alloc_info+0x3b/0x50 [ 15.781503] __kasan_kmalloc+0xb7/0xc0 [ 15.781696] __kmalloc_cache_noprof+0x189/0x420 [ 15.781925] kasan_atomics+0x95/0x310 [ 15.782123] kunit_try_run_case+0x1a5/0x480 [ 15.782336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.782838] kthread+0x337/0x6f0 [ 15.782981] ret_from_fork+0x116/0x1d0 [ 15.783344] ret_from_fork_asm+0x1a/0x30 [ 15.783531] [ 15.783636] The buggy address belongs to the object at ffff8881038b5600 [ 15.783636] which belongs to the cache kmalloc-64 of size 64 [ 15.784316] The buggy address is located 0 bytes to the right of [ 15.784316] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.784934] [ 15.785037] The buggy address belongs to the physical page: [ 15.785335] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.785699] flags: 0x200000000000000(node=0|zone=2) [ 15.786006] page_type: f5(slab) [ 15.786196] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.786512] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.786752] page dumped because: kasan: bad access detected [ 15.787315] [ 15.787422] Memory state around the buggy address: [ 15.787683] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.788169] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.788461] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.788849] ^ [ 15.789070] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.789410] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.789721] ================================================================== [ 16.566636] ================================================================== [ 16.567311] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 16.567675] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.568024] [ 16.568159] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.568206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.568219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.568259] Call Trace: [ 16.568273] <TASK> [ 16.568288] dump_stack_lvl+0x73/0xb0 [ 16.568319] print_report+0xd1/0x610 [ 16.568344] ? __virt_addr_valid+0x1db/0x2d0 [ 16.568368] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.568392] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.568416] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.568440] kasan_report+0x141/0x180 [ 16.568491] ? kasan_atomics_helper+0x1c18/0x5450 [ 16.568534] kasan_check_range+0x10c/0x1c0 [ 16.568560] __kasan_check_write+0x18/0x20 [ 16.568594] kasan_atomics_helper+0x1c18/0x5450 [ 16.568633] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.568657] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.568683] ? kasan_atomics+0x152/0x310 [ 16.568712] kasan_atomics+0x1dc/0x310 [ 16.568736] ? __pfx_kasan_atomics+0x10/0x10 [ 16.568806] ? __pfx_read_tsc+0x10/0x10 [ 16.568829] ? ktime_get_ts64+0x86/0x230 [ 16.568855] kunit_try_run_case+0x1a5/0x480 [ 16.568881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.568906] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.568931] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.568956] ? __kthread_parkme+0x82/0x180 [ 16.568978] ? preempt_count_sub+0x50/0x80 [ 16.569033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.569063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.569087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.569131] kthread+0x337/0x6f0 [ 16.569154] ? trace_preempt_on+0x20/0xc0 [ 16.569177] ? __pfx_kthread+0x10/0x10 [ 16.569200] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.569225] ? calculate_sigpending+0x7b/0xa0 [ 16.569249] ? __pfx_kthread+0x10/0x10 [ 16.569273] ret_from_fork+0x116/0x1d0 [ 16.569293] ? __pfx_kthread+0x10/0x10 [ 16.569315] ret_from_fork_asm+0x1a/0x30 [ 16.569347] </TASK> [ 16.569359] [ 16.577391] Allocated by task 283: [ 16.577575] kasan_save_stack+0x45/0x70 [ 16.577851] kasan_save_track+0x18/0x40 [ 16.578038] kasan_save_alloc_info+0x3b/0x50 [ 16.578296] __kasan_kmalloc+0xb7/0xc0 [ 16.578526] __kmalloc_cache_noprof+0x189/0x420 [ 16.578748] kasan_atomics+0x95/0x310 [ 16.578960] kunit_try_run_case+0x1a5/0x480 [ 16.579170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.579426] kthread+0x337/0x6f0 [ 16.579599] ret_from_fork+0x116/0x1d0 [ 16.579737] ret_from_fork_asm+0x1a/0x30 [ 16.579944] [ 16.580048] The buggy address belongs to the object at ffff8881038b5600 [ 16.580048] which belongs to the cache kmalloc-64 of size 64 [ 16.580594] The buggy address is located 0 bytes to the right of [ 16.580594] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.581160] [ 16.581268] The buggy address belongs to the physical page: [ 16.581525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.581872] flags: 0x200000000000000(node=0|zone=2) [ 16.582159] page_type: f5(slab) [ 16.582340] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.582727] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.583090] page dumped because: kasan: bad access detected [ 16.583347] [ 16.583442] Memory state around the buggy address: [ 16.583700] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.583988] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.584205] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.584456] ^ [ 16.584695] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.585059] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.585403] ================================================================== [ 16.523855] ================================================================== [ 16.524339] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 16.524727] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.525149] [ 16.525263] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.525309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.525322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.525346] Call Trace: [ 16.525364] <TASK> [ 16.525379] dump_stack_lvl+0x73/0xb0 [ 16.525410] print_report+0xd1/0x610 [ 16.525434] ? __virt_addr_valid+0x1db/0x2d0 [ 16.525458] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.525492] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.525516] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.525539] kasan_report+0x141/0x180 [ 16.525563] ? kasan_atomics_helper+0x1a7f/0x5450 [ 16.525591] kasan_check_range+0x10c/0x1c0 [ 16.525637] __kasan_check_write+0x18/0x20 [ 16.525658] kasan_atomics_helper+0x1a7f/0x5450 [ 16.525682] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.525723] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.525749] ? kasan_atomics+0x152/0x310 [ 16.525783] kasan_atomics+0x1dc/0x310 [ 16.525808] ? __pfx_kasan_atomics+0x10/0x10 [ 16.525833] ? __pfx_read_tsc+0x10/0x10 [ 16.525855] ? ktime_get_ts64+0x86/0x230 [ 16.525881] kunit_try_run_case+0x1a5/0x480 [ 16.525906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.525929] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.525955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.526011] ? __kthread_parkme+0x82/0x180 [ 16.526087] ? preempt_count_sub+0x50/0x80 [ 16.526118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.526166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.526192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.526216] kthread+0x337/0x6f0 [ 16.526237] ? trace_preempt_on+0x20/0xc0 [ 16.526262] ? __pfx_kthread+0x10/0x10 [ 16.526284] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.526308] ? calculate_sigpending+0x7b/0xa0 [ 16.526352] ? __pfx_kthread+0x10/0x10 [ 16.526374] ret_from_fork+0x116/0x1d0 [ 16.526395] ? __pfx_kthread+0x10/0x10 [ 16.526416] ret_from_fork_asm+0x1a/0x30 [ 16.526448] </TASK> [ 16.526459] [ 16.535211] Allocated by task 283: [ 16.535389] kasan_save_stack+0x45/0x70 [ 16.535595] kasan_save_track+0x18/0x40 [ 16.535825] kasan_save_alloc_info+0x3b/0x50 [ 16.536145] __kasan_kmalloc+0xb7/0xc0 [ 16.536336] __kmalloc_cache_noprof+0x189/0x420 [ 16.536569] kasan_atomics+0x95/0x310 [ 16.536785] kunit_try_run_case+0x1a5/0x480 [ 16.537100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.537398] kthread+0x337/0x6f0 [ 16.537612] ret_from_fork+0x116/0x1d0 [ 16.537837] ret_from_fork_asm+0x1a/0x30 [ 16.538121] [ 16.538230] The buggy address belongs to the object at ffff8881038b5600 [ 16.538230] which belongs to the cache kmalloc-64 of size 64 [ 16.538807] The buggy address is located 0 bytes to the right of [ 16.538807] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.539380] [ 16.539495] The buggy address belongs to the physical page: [ 16.539751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.540539] flags: 0x200000000000000(node=0|zone=2) [ 16.540736] page_type: f5(slab) [ 16.540961] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.541397] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.541751] page dumped because: kasan: bad access detected [ 16.542033] [ 16.542123] Memory state around the buggy address: [ 16.542441] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.542807] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.543193] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.543507] ^ [ 16.543740] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.544139] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.544444] ================================================================== [ 15.669174] ================================================================== [ 15.669555] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.669948] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.670408] [ 15.670639] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.670687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.670700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.670726] Call Trace: [ 15.670746] <TASK> [ 15.670763] dump_stack_lvl+0x73/0xb0 [ 15.670837] print_report+0xd1/0x610 [ 15.670862] ? __virt_addr_valid+0x1db/0x2d0 [ 15.670886] ? kasan_atomics_helper+0x72f/0x5450 [ 15.670946] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.670970] ? kasan_atomics_helper+0x72f/0x5450 [ 15.670993] kasan_report+0x141/0x180 [ 15.671028] ? kasan_atomics_helper+0x72f/0x5450 [ 15.671066] kasan_check_range+0x10c/0x1c0 [ 15.671092] __kasan_check_write+0x18/0x20 [ 15.671141] kasan_atomics_helper+0x72f/0x5450 [ 15.671165] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.671189] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.671227] ? kasan_atomics+0x152/0x310 [ 15.671254] kasan_atomics+0x1dc/0x310 [ 15.671279] ? __pfx_kasan_atomics+0x10/0x10 [ 15.671305] ? __pfx_read_tsc+0x10/0x10 [ 15.671328] ? ktime_get_ts64+0x86/0x230 [ 15.671354] kunit_try_run_case+0x1a5/0x480 [ 15.671379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.671403] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.671429] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.671490] ? __kthread_parkme+0x82/0x180 [ 15.671514] ? preempt_count_sub+0x50/0x80 [ 15.671538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.671574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.671599] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.671625] kthread+0x337/0x6f0 [ 15.671663] ? trace_preempt_on+0x20/0xc0 [ 15.671697] ? __pfx_kthread+0x10/0x10 [ 15.671719] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.671768] ? calculate_sigpending+0x7b/0xa0 [ 15.671801] ? __pfx_kthread+0x10/0x10 [ 15.671825] ret_from_fork+0x116/0x1d0 [ 15.671847] ? __pfx_kthread+0x10/0x10 [ 15.671879] ret_from_fork_asm+0x1a/0x30 [ 15.671928] </TASK> [ 15.671940] [ 15.681411] Allocated by task 283: [ 15.682463] kasan_save_stack+0x45/0x70 [ 15.683173] kasan_save_track+0x18/0x40 [ 15.683684] kasan_save_alloc_info+0x3b/0x50 [ 15.684817] __kasan_kmalloc+0xb7/0xc0 [ 15.685772] __kmalloc_cache_noprof+0x189/0x420 [ 15.685955] kasan_atomics+0x95/0x310 [ 15.686602] kunit_try_run_case+0x1a5/0x480 [ 15.687013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.687465] kthread+0x337/0x6f0 [ 15.687652] ret_from_fork+0x116/0x1d0 [ 15.687923] ret_from_fork_asm+0x1a/0x30 [ 15.688389] [ 15.688515] The buggy address belongs to the object at ffff8881038b5600 [ 15.688515] which belongs to the cache kmalloc-64 of size 64 [ 15.689458] The buggy address is located 0 bytes to the right of [ 15.689458] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.690720] [ 15.691255] The buggy address belongs to the physical page: [ 15.691532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.692214] flags: 0x200000000000000(node=0|zone=2) [ 15.692592] page_type: f5(slab) [ 15.692951] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.693789] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.694490] page dumped because: kasan: bad access detected [ 15.694735] [ 15.695219] Memory state around the buggy address: [ 15.695451] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.695761] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.696442] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.697266] ^ [ 15.697572] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.698285] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.698614] ================================================================== [ 16.623902] ================================================================== [ 16.624281] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.624641] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.625037] [ 16.625157] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.625221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.625247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.625270] Call Trace: [ 16.625297] <TASK> [ 16.625312] dump_stack_lvl+0x73/0xb0 [ 16.625343] print_report+0xd1/0x610 [ 16.625368] ? __virt_addr_valid+0x1db/0x2d0 [ 16.625391] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.625414] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.625437] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.625461] kasan_report+0x141/0x180 [ 16.625494] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.625522] kasan_check_range+0x10c/0x1c0 [ 16.625547] __kasan_check_write+0x18/0x20 [ 16.625567] kasan_atomics_helper+0x1d7a/0x5450 [ 16.625592] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.625616] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.625642] ? kasan_atomics+0x152/0x310 [ 16.625670] kasan_atomics+0x1dc/0x310 [ 16.625694] ? __pfx_kasan_atomics+0x10/0x10 [ 16.625719] ? __pfx_read_tsc+0x10/0x10 [ 16.625741] ? ktime_get_ts64+0x86/0x230 [ 16.625786] kunit_try_run_case+0x1a5/0x480 [ 16.625812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.625836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.625862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.625887] ? __kthread_parkme+0x82/0x180 [ 16.625909] ? preempt_count_sub+0x50/0x80 [ 16.625933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.625959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.625983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.626008] kthread+0x337/0x6f0 [ 16.626045] ? trace_preempt_on+0x20/0xc0 [ 16.626070] ? __pfx_kthread+0x10/0x10 [ 16.626110] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.626147] ? calculate_sigpending+0x7b/0xa0 [ 16.626186] ? __pfx_kthread+0x10/0x10 [ 16.626222] ret_from_fork+0x116/0x1d0 [ 16.626243] ? __pfx_kthread+0x10/0x10 [ 16.626278] ret_from_fork_asm+0x1a/0x30 [ 16.626336] </TASK> [ 16.626347] [ 16.634355] Allocated by task 283: [ 16.634530] kasan_save_stack+0x45/0x70 [ 16.634777] kasan_save_track+0x18/0x40 [ 16.634969] kasan_save_alloc_info+0x3b/0x50 [ 16.635163] __kasan_kmalloc+0xb7/0xc0 [ 16.635363] __kmalloc_cache_noprof+0x189/0x420 [ 16.635610] kasan_atomics+0x95/0x310 [ 16.635790] kunit_try_run_case+0x1a5/0x480 [ 16.636008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.636237] kthread+0x337/0x6f0 [ 16.636368] ret_from_fork+0x116/0x1d0 [ 16.636801] ret_from_fork_asm+0x1a/0x30 [ 16.637356] [ 16.638731] The buggy address belongs to the object at ffff8881038b5600 [ 16.638731] which belongs to the cache kmalloc-64 of size 64 [ 16.639271] The buggy address is located 0 bytes to the right of [ 16.639271] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.639675] [ 16.639757] The buggy address belongs to the physical page: [ 16.640372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.641153] flags: 0x200000000000000(node=0|zone=2) [ 16.641647] page_type: f5(slab) [ 16.642017] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.642721] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.643510] page dumped because: kasan: bad access detected [ 16.644068] [ 16.644312] Memory state around the buggy address: [ 16.644581] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.644908] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.645570] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.646252] ^ [ 16.646604] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.646984] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.647635] ================================================================== [ 16.788625] ================================================================== [ 16.789014] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.789353] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.789679] [ 16.789776] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.789834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.789847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.789871] Call Trace: [ 16.789887] <TASK> [ 16.789902] dump_stack_lvl+0x73/0xb0 [ 16.789933] print_report+0xd1/0x610 [ 16.789959] ? __virt_addr_valid+0x1db/0x2d0 [ 16.789984] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.790005] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.790029] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.790052] kasan_report+0x141/0x180 [ 16.790075] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.790108] kasan_check_range+0x10c/0x1c0 [ 16.790133] __kasan_check_write+0x18/0x20 [ 16.790154] kasan_atomics_helper+0x20c8/0x5450 [ 16.790177] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.790201] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.790227] ? kasan_atomics+0x152/0x310 [ 16.790255] kasan_atomics+0x1dc/0x310 [ 16.790279] ? __pfx_kasan_atomics+0x10/0x10 [ 16.790305] ? __pfx_read_tsc+0x10/0x10 [ 16.790327] ? ktime_get_ts64+0x86/0x230 [ 16.790353] kunit_try_run_case+0x1a5/0x480 [ 16.790378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.790402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.790427] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.790452] ? __kthread_parkme+0x82/0x180 [ 16.790483] ? preempt_count_sub+0x50/0x80 [ 16.790510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.790535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.790559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.790584] kthread+0x337/0x6f0 [ 16.790605] ? trace_preempt_on+0x20/0xc0 [ 16.790630] ? __pfx_kthread+0x10/0x10 [ 16.790652] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.790677] ? calculate_sigpending+0x7b/0xa0 [ 16.790702] ? __pfx_kthread+0x10/0x10 [ 16.790725] ret_from_fork+0x116/0x1d0 [ 16.790744] ? __pfx_kthread+0x10/0x10 [ 16.790766] ret_from_fork_asm+0x1a/0x30 [ 16.790812] </TASK> [ 16.790824] [ 16.798321] Allocated by task 283: [ 16.798457] kasan_save_stack+0x45/0x70 [ 16.798614] kasan_save_track+0x18/0x40 [ 16.798755] kasan_save_alloc_info+0x3b/0x50 [ 16.798910] __kasan_kmalloc+0xb7/0xc0 [ 16.799048] __kmalloc_cache_noprof+0x189/0x420 [ 16.799209] kasan_atomics+0x95/0x310 [ 16.799346] kunit_try_run_case+0x1a5/0x480 [ 16.799518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.799775] kthread+0x337/0x6f0 [ 16.799945] ret_from_fork+0x116/0x1d0 [ 16.800134] ret_from_fork_asm+0x1a/0x30 [ 16.800350] [ 16.800456] The buggy address belongs to the object at ffff8881038b5600 [ 16.800456] which belongs to the cache kmalloc-64 of size 64 [ 16.801303] The buggy address is located 0 bytes to the right of [ 16.801303] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.801783] [ 16.801881] The buggy address belongs to the physical page: [ 16.802138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.802440] flags: 0x200000000000000(node=0|zone=2) [ 16.802646] page_type: f5(slab) [ 16.802772] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.803118] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.803429] page dumped because: kasan: bad access detected [ 16.803633] [ 16.803708] Memory state around the buggy address: [ 16.804095] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.804364] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.804685] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.805065] ^ [ 16.805275] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.805515] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.805910] ================================================================== [ 16.806393] ================================================================== [ 16.806657] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.806907] Read of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.807218] [ 16.807344] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.807391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.807403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.807427] Call Trace: [ 16.807444] <TASK> [ 16.807460] dump_stack_lvl+0x73/0xb0 [ 16.807502] print_report+0xd1/0x610 [ 16.807540] ? __virt_addr_valid+0x1db/0x2d0 [ 16.807565] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.807588] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.807612] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.807635] kasan_report+0x141/0x180 [ 16.807658] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.807686] __asan_report_load8_noabort+0x18/0x20 [ 16.807712] kasan_atomics_helper+0x4fb2/0x5450 [ 16.807737] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.807760] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.807786] ? kasan_atomics+0x152/0x310 [ 16.807814] kasan_atomics+0x1dc/0x310 [ 16.807838] ? __pfx_kasan_atomics+0x10/0x10 [ 16.807863] ? __pfx_read_tsc+0x10/0x10 [ 16.807886] ? ktime_get_ts64+0x86/0x230 [ 16.807913] kunit_try_run_case+0x1a5/0x480 [ 16.807938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.807963] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.807989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.808014] ? __kthread_parkme+0x82/0x180 [ 16.808036] ? preempt_count_sub+0x50/0x80 [ 16.808061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.808086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.808111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.808136] kthread+0x337/0x6f0 [ 16.808158] ? trace_preempt_on+0x20/0xc0 [ 16.808183] ? __pfx_kthread+0x10/0x10 [ 16.808205] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.808228] ? calculate_sigpending+0x7b/0xa0 [ 16.808253] ? __pfx_kthread+0x10/0x10 [ 16.808276] ret_from_fork+0x116/0x1d0 [ 16.808297] ? __pfx_kthread+0x10/0x10 [ 16.808319] ret_from_fork_asm+0x1a/0x30 [ 16.808351] </TASK> [ 16.808363] [ 16.816034] Allocated by task 283: [ 16.816226] kasan_save_stack+0x45/0x70 [ 16.816436] kasan_save_track+0x18/0x40 [ 16.816648] kasan_save_alloc_info+0x3b/0x50 [ 16.816976] __kasan_kmalloc+0xb7/0xc0 [ 16.817150] __kmalloc_cache_noprof+0x189/0x420 [ 16.817376] kasan_atomics+0x95/0x310 [ 16.817524] kunit_try_run_case+0x1a5/0x480 [ 16.817690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.818100] kthread+0x337/0x6f0 [ 16.818286] ret_from_fork+0x116/0x1d0 [ 16.818488] ret_from_fork_asm+0x1a/0x30 [ 16.818660] [ 16.818758] The buggy address belongs to the object at ffff8881038b5600 [ 16.818758] which belongs to the cache kmalloc-64 of size 64 [ 16.819254] The buggy address is located 0 bytes to the right of [ 16.819254] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.819762] [ 16.821671] The buggy address belongs to the physical page: [ 16.822649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.823624] flags: 0x200000000000000(node=0|zone=2) [ 16.824083] page_type: f5(slab) [ 16.824231] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.824501] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.825310] page dumped because: kasan: bad access detected [ 16.825857] [ 16.826063] Memory state around the buggy address: [ 16.826528] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.826979] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.827203] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.827425] ^ [ 16.827645] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.828356] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.828595] ================================================================== [ 16.829638] ================================================================== [ 16.830376] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.831134] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.831868] [ 16.832055] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.832104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.832117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.832175] Call Trace: [ 16.832197] <TASK> [ 16.832229] dump_stack_lvl+0x73/0xb0 [ 16.832264] print_report+0xd1/0x610 [ 16.832291] ? __virt_addr_valid+0x1db/0x2d0 [ 16.832315] ? kasan_atomics_helper+0x218a/0x5450 [ 16.832337] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.832361] ? kasan_atomics_helper+0x218a/0x5450 [ 16.832383] kasan_report+0x141/0x180 [ 16.832407] ? kasan_atomics_helper+0x218a/0x5450 [ 16.832436] kasan_check_range+0x10c/0x1c0 [ 16.832462] __kasan_check_write+0x18/0x20 [ 16.832494] kasan_atomics_helper+0x218a/0x5450 [ 16.832518] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.832541] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.832569] ? kasan_atomics+0x152/0x310 [ 16.832598] kasan_atomics+0x1dc/0x310 [ 16.832621] ? __pfx_kasan_atomics+0x10/0x10 [ 16.832648] ? __pfx_read_tsc+0x10/0x10 [ 16.832672] ? ktime_get_ts64+0x86/0x230 [ 16.832698] kunit_try_run_case+0x1a5/0x480 [ 16.832724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.832748] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.832795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.832820] ? __kthread_parkme+0x82/0x180 [ 16.832842] ? preempt_count_sub+0x50/0x80 [ 16.832869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.832897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.832923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.832947] kthread+0x337/0x6f0 [ 16.832968] ? trace_preempt_on+0x20/0xc0 [ 16.832993] ? __pfx_kthread+0x10/0x10 [ 16.833016] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.833039] ? calculate_sigpending+0x7b/0xa0 [ 16.833065] ? __pfx_kthread+0x10/0x10 [ 16.833087] ret_from_fork+0x116/0x1d0 [ 16.833107] ? __pfx_kthread+0x10/0x10 [ 16.833129] ret_from_fork_asm+0x1a/0x30 [ 16.833162] </TASK> [ 16.833174] [ 16.846015] Allocated by task 283: [ 16.846367] kasan_save_stack+0x45/0x70 [ 16.846797] kasan_save_track+0x18/0x40 [ 16.847176] kasan_save_alloc_info+0x3b/0x50 [ 16.847586] __kasan_kmalloc+0xb7/0xc0 [ 16.847969] __kmalloc_cache_noprof+0x189/0x420 [ 16.848401] kasan_atomics+0x95/0x310 [ 16.848805] kunit_try_run_case+0x1a5/0x480 [ 16.849059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.849556] kthread+0x337/0x6f0 [ 16.849686] ret_from_fork+0x116/0x1d0 [ 16.849988] ret_from_fork_asm+0x1a/0x30 [ 16.850375] [ 16.850550] The buggy address belongs to the object at ffff8881038b5600 [ 16.850550] which belongs to the cache kmalloc-64 of size 64 [ 16.851514] The buggy address is located 0 bytes to the right of [ 16.851514] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.852239] [ 16.852428] The buggy address belongs to the physical page: [ 16.852962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.853633] flags: 0x200000000000000(node=0|zone=2) [ 16.853815] page_type: f5(slab) [ 16.853943] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.854185] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.854419] page dumped because: kasan: bad access detected [ 16.854922] [ 16.855082] Memory state around the buggy address: [ 16.855544] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.856186] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.856839] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.857456] ^ [ 16.857922] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.858564] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.859197] ================================================================== [ 16.439893] ================================================================== [ 16.440350] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 16.440615] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.441193] [ 16.441311] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.441358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.441371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.441393] Call Trace: [ 16.441410] <TASK> [ 16.441426] dump_stack_lvl+0x73/0xb0 [ 16.441456] print_report+0xd1/0x610 [ 16.441491] ? __virt_addr_valid+0x1db/0x2d0 [ 16.441515] ? kasan_atomics_helper+0x1818/0x5450 [ 16.441538] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.441561] ? kasan_atomics_helper+0x1818/0x5450 [ 16.441586] kasan_report+0x141/0x180 [ 16.441610] ? kasan_atomics_helper+0x1818/0x5450 [ 16.441638] kasan_check_range+0x10c/0x1c0 [ 16.441663] __kasan_check_write+0x18/0x20 [ 16.441683] kasan_atomics_helper+0x1818/0x5450 [ 16.441707] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.441731] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.441757] ? kasan_atomics+0x152/0x310 [ 16.441785] kasan_atomics+0x1dc/0x310 [ 16.441809] ? __pfx_kasan_atomics+0x10/0x10 [ 16.441835] ? __pfx_read_tsc+0x10/0x10 [ 16.441857] ? ktime_get_ts64+0x86/0x230 [ 16.441882] kunit_try_run_case+0x1a5/0x480 [ 16.441909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.441932] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.441958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.441983] ? __kthread_parkme+0x82/0x180 [ 16.442003] ? preempt_count_sub+0x50/0x80 [ 16.442028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.442054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.442078] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.442112] kthread+0x337/0x6f0 [ 16.442132] ? trace_preempt_on+0x20/0xc0 [ 16.442157] ? __pfx_kthread+0x10/0x10 [ 16.442179] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.442223] ? calculate_sigpending+0x7b/0xa0 [ 16.442248] ? __pfx_kthread+0x10/0x10 [ 16.442270] ret_from_fork+0x116/0x1d0 [ 16.442291] ? __pfx_kthread+0x10/0x10 [ 16.442313] ret_from_fork_asm+0x1a/0x30 [ 16.442344] </TASK> [ 16.442355] [ 16.450867] Allocated by task 283: [ 16.451149] kasan_save_stack+0x45/0x70 [ 16.451388] kasan_save_track+0x18/0x40 [ 16.451603] kasan_save_alloc_info+0x3b/0x50 [ 16.451803] __kasan_kmalloc+0xb7/0xc0 [ 16.451945] __kmalloc_cache_noprof+0x189/0x420 [ 16.452169] kasan_atomics+0x95/0x310 [ 16.452317] kunit_try_run_case+0x1a5/0x480 [ 16.452507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.452791] kthread+0x337/0x6f0 [ 16.452971] ret_from_fork+0x116/0x1d0 [ 16.453269] ret_from_fork_asm+0x1a/0x30 [ 16.453492] [ 16.453623] The buggy address belongs to the object at ffff8881038b5600 [ 16.453623] which belongs to the cache kmalloc-64 of size 64 [ 16.454172] The buggy address is located 0 bytes to the right of [ 16.454172] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.454992] [ 16.455129] The buggy address belongs to the physical page: [ 16.455412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.455860] flags: 0x200000000000000(node=0|zone=2) [ 16.456189] page_type: f5(slab) [ 16.456407] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.456825] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.457256] page dumped because: kasan: bad access detected [ 16.457530] [ 16.457627] Memory state around the buggy address: [ 16.457883] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.458274] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.458606] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.458853] ^ [ 16.459084] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.459426] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.459745] ================================================================== [ 15.514907] ================================================================== [ 15.515356] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 15.515688] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.516114] [ 15.516259] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.516307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.516355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.516378] Call Trace: [ 15.516395] <TASK> [ 15.516411] dump_stack_lvl+0x73/0xb0 [ 15.516443] print_report+0xd1/0x610 [ 15.516478] ? __virt_addr_valid+0x1db/0x2d0 [ 15.516536] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.516559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.516583] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.516605] kasan_report+0x141/0x180 [ 15.516629] ? kasan_atomics_helper+0x4a0/0x5450 [ 15.516657] kasan_check_range+0x10c/0x1c0 [ 15.516682] __kasan_check_write+0x18/0x20 [ 15.516737] kasan_atomics_helper+0x4a0/0x5450 [ 15.516761] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.516784] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.516811] ? kasan_atomics+0x152/0x310 [ 15.516839] kasan_atomics+0x1dc/0x310 [ 15.516863] ? __pfx_kasan_atomics+0x10/0x10 [ 15.516920] ? __pfx_read_tsc+0x10/0x10 [ 15.516943] ? ktime_get_ts64+0x86/0x230 [ 15.516968] kunit_try_run_case+0x1a5/0x480 [ 15.516994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.517018] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.517045] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.517102] ? __kthread_parkme+0x82/0x180 [ 15.517124] ? preempt_count_sub+0x50/0x80 [ 15.517150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.517176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.517202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.517226] kthread+0x337/0x6f0 [ 15.517248] ? trace_preempt_on+0x20/0xc0 [ 15.517305] ? __pfx_kthread+0x10/0x10 [ 15.517328] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.517352] ? calculate_sigpending+0x7b/0xa0 [ 15.517376] ? __pfx_kthread+0x10/0x10 [ 15.517400] ret_from_fork+0x116/0x1d0 [ 15.517420] ? __pfx_kthread+0x10/0x10 [ 15.517442] ret_from_fork_asm+0x1a/0x30 [ 15.517482] </TASK> [ 15.517494] [ 15.526794] Allocated by task 283: [ 15.526963] kasan_save_stack+0x45/0x70 [ 15.527321] kasan_save_track+0x18/0x40 [ 15.527464] kasan_save_alloc_info+0x3b/0x50 [ 15.527696] __kasan_kmalloc+0xb7/0xc0 [ 15.527935] __kmalloc_cache_noprof+0x189/0x420 [ 15.528200] kasan_atomics+0x95/0x310 [ 15.528438] kunit_try_run_case+0x1a5/0x480 [ 15.528599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.528778] kthread+0x337/0x6f0 [ 15.529131] ret_from_fork+0x116/0x1d0 [ 15.529328] ret_from_fork_asm+0x1a/0x30 [ 15.529546] [ 15.529680] The buggy address belongs to the object at ffff8881038b5600 [ 15.529680] which belongs to the cache kmalloc-64 of size 64 [ 15.530122] The buggy address is located 0 bytes to the right of [ 15.530122] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.531127] [ 15.531265] The buggy address belongs to the physical page: [ 15.531520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.532130] flags: 0x200000000000000(node=0|zone=2) [ 15.532391] page_type: f5(slab) [ 15.532597] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.532952] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.533355] page dumped because: kasan: bad access detected [ 15.533567] [ 15.533668] Memory state around the buggy address: [ 15.533932] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.534304] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.534704] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.535098] ^ [ 15.535324] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.535789] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.536210] ================================================================== [ 16.586124] ================================================================== [ 16.586456] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.586842] Read of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.587174] [ 16.587306] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.587353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.587366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.587390] Call Trace: [ 16.587406] <TASK> [ 16.587440] dump_stack_lvl+0x73/0xb0 [ 16.587484] print_report+0xd1/0x610 [ 16.587508] ? __virt_addr_valid+0x1db/0x2d0 [ 16.587532] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.587555] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.587579] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.587622] kasan_report+0x141/0x180 [ 16.587646] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.587674] __asan_report_load8_noabort+0x18/0x20 [ 16.587700] kasan_atomics_helper+0x4f30/0x5450 [ 16.587725] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.587749] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.587809] ? kasan_atomics+0x152/0x310 [ 16.587838] kasan_atomics+0x1dc/0x310 [ 16.587863] ? __pfx_kasan_atomics+0x10/0x10 [ 16.587889] ? __pfx_read_tsc+0x10/0x10 [ 16.587913] ? ktime_get_ts64+0x86/0x230 [ 16.587939] kunit_try_run_case+0x1a5/0x480 [ 16.587964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.587989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.588015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.588040] ? __kthread_parkme+0x82/0x180 [ 16.588062] ? preempt_count_sub+0x50/0x80 [ 16.588104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.588132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.588157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.588182] kthread+0x337/0x6f0 [ 16.588203] ? trace_preempt_on+0x20/0xc0 [ 16.588227] ? __pfx_kthread+0x10/0x10 [ 16.588250] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.588288] ? calculate_sigpending+0x7b/0xa0 [ 16.588329] ? __pfx_kthread+0x10/0x10 [ 16.588366] ret_from_fork+0x116/0x1d0 [ 16.588386] ? __pfx_kthread+0x10/0x10 [ 16.588422] ret_from_fork_asm+0x1a/0x30 [ 16.588477] </TASK> [ 16.588488] [ 16.596277] Allocated by task 283: [ 16.596436] kasan_save_stack+0x45/0x70 [ 16.596640] kasan_save_track+0x18/0x40 [ 16.596840] kasan_save_alloc_info+0x3b/0x50 [ 16.597070] __kasan_kmalloc+0xb7/0xc0 [ 16.597268] __kmalloc_cache_noprof+0x189/0x420 [ 16.597498] kasan_atomics+0x95/0x310 [ 16.597653] kunit_try_run_case+0x1a5/0x480 [ 16.597919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.598204] kthread+0x337/0x6f0 [ 16.598360] ret_from_fork+0x116/0x1d0 [ 16.598555] ret_from_fork_asm+0x1a/0x30 [ 16.598804] [ 16.598886] The buggy address belongs to the object at ffff8881038b5600 [ 16.598886] which belongs to the cache kmalloc-64 of size 64 [ 16.599380] The buggy address is located 0 bytes to the right of [ 16.599380] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.599926] [ 16.600035] The buggy address belongs to the physical page: [ 16.600293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.600639] flags: 0x200000000000000(node=0|zone=2) [ 16.600807] page_type: f5(slab) [ 16.600979] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.601331] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.601661] page dumped because: kasan: bad access detected [ 16.601933] [ 16.602006] Memory state around the buggy address: [ 16.602167] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.602387] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.602744] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.603121] ^ [ 16.603366] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.603727] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.604097] ================================================================== [ 16.880267] ================================================================== [ 16.880648] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.880985] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.881281] [ 16.881398] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.881444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.881456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.881985] Call Trace: [ 16.882010] <TASK> [ 16.882028] dump_stack_lvl+0x73/0xb0 [ 16.882065] print_report+0xd1/0x610 [ 16.882089] ? __virt_addr_valid+0x1db/0x2d0 [ 16.882123] ? kasan_atomics_helper+0x224c/0x5450 [ 16.882146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.882170] ? kasan_atomics_helper+0x224c/0x5450 [ 16.882193] kasan_report+0x141/0x180 [ 16.882217] ? kasan_atomics_helper+0x224c/0x5450 [ 16.882245] kasan_check_range+0x10c/0x1c0 [ 16.882271] __kasan_check_write+0x18/0x20 [ 16.882291] kasan_atomics_helper+0x224c/0x5450 [ 16.882315] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.882339] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.882365] ? kasan_atomics+0x152/0x310 [ 16.882394] kasan_atomics+0x1dc/0x310 [ 16.882418] ? __pfx_kasan_atomics+0x10/0x10 [ 16.882443] ? __pfx_read_tsc+0x10/0x10 [ 16.882480] ? ktime_get_ts64+0x86/0x230 [ 16.882507] kunit_try_run_case+0x1a5/0x480 [ 16.882534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.882557] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.882584] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.882610] ? __kthread_parkme+0x82/0x180 [ 16.882632] ? preempt_count_sub+0x50/0x80 [ 16.882659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.882685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.882709] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.882734] kthread+0x337/0x6f0 [ 16.882755] ? trace_preempt_on+0x20/0xc0 [ 16.882803] ? __pfx_kthread+0x10/0x10 [ 16.882826] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.882849] ? calculate_sigpending+0x7b/0xa0 [ 16.882875] ? __pfx_kthread+0x10/0x10 [ 16.882898] ret_from_fork+0x116/0x1d0 [ 16.882918] ? __pfx_kthread+0x10/0x10 [ 16.882940] ret_from_fork_asm+0x1a/0x30 [ 16.882973] </TASK> [ 16.882985] [ 16.890305] Allocated by task 283: [ 16.890456] kasan_save_stack+0x45/0x70 [ 16.890681] kasan_save_track+0x18/0x40 [ 16.890903] kasan_save_alloc_info+0x3b/0x50 [ 16.891122] __kasan_kmalloc+0xb7/0xc0 [ 16.891314] __kmalloc_cache_noprof+0x189/0x420 [ 16.891550] kasan_atomics+0x95/0x310 [ 16.891744] kunit_try_run_case+0x1a5/0x480 [ 16.891979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.892239] kthread+0x337/0x6f0 [ 16.892412] ret_from_fork+0x116/0x1d0 [ 16.892619] ret_from_fork_asm+0x1a/0x30 [ 16.892837] [ 16.892939] The buggy address belongs to the object at ffff8881038b5600 [ 16.892939] which belongs to the cache kmalloc-64 of size 64 [ 16.893326] The buggy address is located 0 bytes to the right of [ 16.893326] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.893871] [ 16.893975] The buggy address belongs to the physical page: [ 16.894252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.894608] flags: 0x200000000000000(node=0|zone=2) [ 16.894858] page_type: f5(slab) [ 16.895025] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.895330] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.895625] page dumped because: kasan: bad access detected [ 16.895917] [ 16.896018] Memory state around the buggy address: [ 16.896254] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.896533] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.896783] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.897010] ^ [ 16.897172] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.897438] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.897781] ================================================================== [ 16.074423] ================================================================== [ 16.074738] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 16.075125] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.075429] [ 16.075531] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.075577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.075590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.075613] Call Trace: [ 16.075631] <TASK> [ 16.075647] dump_stack_lvl+0x73/0xb0 [ 16.075702] print_report+0xd1/0x610 [ 16.075726] ? __virt_addr_valid+0x1db/0x2d0 [ 16.075749] ? kasan_atomics_helper+0x1148/0x5450 [ 16.075772] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.075806] ? kasan_atomics_helper+0x1148/0x5450 [ 16.075829] kasan_report+0x141/0x180 [ 16.075853] ? kasan_atomics_helper+0x1148/0x5450 [ 16.075880] kasan_check_range+0x10c/0x1c0 [ 16.075923] __kasan_check_write+0x18/0x20 [ 16.075944] kasan_atomics_helper+0x1148/0x5450 [ 16.075968] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.075991] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.076018] ? kasan_atomics+0x152/0x310 [ 16.076064] kasan_atomics+0x1dc/0x310 [ 16.076089] ? __pfx_kasan_atomics+0x10/0x10 [ 16.076114] ? __pfx_read_tsc+0x10/0x10 [ 16.076136] ? ktime_get_ts64+0x86/0x230 [ 16.076162] kunit_try_run_case+0x1a5/0x480 [ 16.076205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.076229] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.076255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.076280] ? __kthread_parkme+0x82/0x180 [ 16.076303] ? preempt_count_sub+0x50/0x80 [ 16.076328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.076353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.076378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.076420] kthread+0x337/0x6f0 [ 16.076442] ? trace_preempt_on+0x20/0xc0 [ 16.076465] ? __pfx_kthread+0x10/0x10 [ 16.076498] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.076521] ? calculate_sigpending+0x7b/0xa0 [ 16.076547] ? __pfx_kthread+0x10/0x10 [ 16.076569] ret_from_fork+0x116/0x1d0 [ 16.076589] ? __pfx_kthread+0x10/0x10 [ 16.076628] ret_from_fork_asm+0x1a/0x30 [ 16.076661] </TASK> [ 16.076672] [ 16.085640] Allocated by task 283: [ 16.085771] kasan_save_stack+0x45/0x70 [ 16.085919] kasan_save_track+0x18/0x40 [ 16.086258] kasan_save_alloc_info+0x3b/0x50 [ 16.086733] __kasan_kmalloc+0xb7/0xc0 [ 16.086912] __kmalloc_cache_noprof+0x189/0x420 [ 16.087274] kasan_atomics+0x95/0x310 [ 16.087432] kunit_try_run_case+0x1a5/0x480 [ 16.087646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.087910] kthread+0x337/0x6f0 [ 16.088109] ret_from_fork+0x116/0x1d0 [ 16.088314] ret_from_fork_asm+0x1a/0x30 [ 16.088536] [ 16.088654] The buggy address belongs to the object at ffff8881038b5600 [ 16.088654] which belongs to the cache kmalloc-64 of size 64 [ 16.089227] The buggy address is located 0 bytes to the right of [ 16.089227] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.089798] [ 16.089896] The buggy address belongs to the physical page: [ 16.090157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.090883] flags: 0x200000000000000(node=0|zone=2) [ 16.091119] page_type: f5(slab) [ 16.091355] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.091720] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.092257] page dumped because: kasan: bad access detected [ 16.092430] [ 16.092511] Memory state around the buggy address: [ 16.092729] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.093049] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.093380] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.093737] ^ [ 16.093895] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.094116] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.094329] ================================================================== [ 16.385216] ================================================================== [ 16.385458] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 16.385755] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.386143] [ 16.386547] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.386617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.386631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.386667] Call Trace: [ 16.386697] <TASK> [ 16.386712] dump_stack_lvl+0x73/0xb0 [ 16.386758] print_report+0xd1/0x610 [ 16.386805] ? __virt_addr_valid+0x1db/0x2d0 [ 16.386831] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.386853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.386979] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.387010] kasan_report+0x141/0x180 [ 16.387035] ? kasan_atomics_helper+0x16e7/0x5450 [ 16.387064] kasan_check_range+0x10c/0x1c0 [ 16.387089] __kasan_check_write+0x18/0x20 [ 16.387454] kasan_atomics_helper+0x16e7/0x5450 [ 16.387493] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.387518] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.387546] ? kasan_atomics+0x152/0x310 [ 16.387574] kasan_atomics+0x1dc/0x310 [ 16.387598] ? __pfx_kasan_atomics+0x10/0x10 [ 16.387623] ? __pfx_read_tsc+0x10/0x10 [ 16.387645] ? ktime_get_ts64+0x86/0x230 [ 16.387672] kunit_try_run_case+0x1a5/0x480 [ 16.387697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.387721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.387748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.387773] ? __kthread_parkme+0x82/0x180 [ 16.387796] ? preempt_count_sub+0x50/0x80 [ 16.387831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.387857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.387883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.387908] kthread+0x337/0x6f0 [ 16.387929] ? trace_preempt_on+0x20/0xc0 [ 16.387954] ? __pfx_kthread+0x10/0x10 [ 16.387976] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.388000] ? calculate_sigpending+0x7b/0xa0 [ 16.388025] ? __pfx_kthread+0x10/0x10 [ 16.388061] ret_from_fork+0x116/0x1d0 [ 16.388082] ? __pfx_kthread+0x10/0x10 [ 16.388105] ret_from_fork_asm+0x1a/0x30 [ 16.388138] </TASK> [ 16.388150] [ 16.400440] Allocated by task 283: [ 16.400654] kasan_save_stack+0x45/0x70 [ 16.401141] kasan_save_track+0x18/0x40 [ 16.401519] kasan_save_alloc_info+0x3b/0x50 [ 16.401765] __kasan_kmalloc+0xb7/0xc0 [ 16.402061] __kmalloc_cache_noprof+0x189/0x420 [ 16.402359] kasan_atomics+0x95/0x310 [ 16.402855] kunit_try_run_case+0x1a5/0x480 [ 16.403185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.403572] kthread+0x337/0x6f0 [ 16.403748] ret_from_fork+0x116/0x1d0 [ 16.403917] ret_from_fork_asm+0x1a/0x30 [ 16.404463] [ 16.404590] The buggy address belongs to the object at ffff8881038b5600 [ 16.404590] which belongs to the cache kmalloc-64 of size 64 [ 16.405356] The buggy address is located 0 bytes to the right of [ 16.405356] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.406144] [ 16.406240] The buggy address belongs to the physical page: [ 16.406520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.407209] flags: 0x200000000000000(node=0|zone=2) [ 16.407416] page_type: f5(slab) [ 16.407600] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.408189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.408767] page dumped because: kasan: bad access detected [ 16.409067] [ 16.409170] Memory state around the buggy address: [ 16.409648] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.409982] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.410525] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.410923] ^ [ 16.411138] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.411751] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.412104] ================================================================== [ 16.770307] ================================================================== [ 16.770716] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.771213] Read of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.771619] [ 16.771718] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.771766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.771779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.771802] Call Trace: [ 16.771820] <TASK> [ 16.771836] dump_stack_lvl+0x73/0xb0 [ 16.771868] print_report+0xd1/0x610 [ 16.771892] ? __virt_addr_valid+0x1db/0x2d0 [ 16.771917] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.771939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.771963] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.771994] kasan_report+0x141/0x180 [ 16.772017] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.772045] __asan_report_load8_noabort+0x18/0x20 [ 16.772070] kasan_atomics_helper+0x4f98/0x5450 [ 16.772095] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.772118] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.772144] ? kasan_atomics+0x152/0x310 [ 16.772172] kasan_atomics+0x1dc/0x310 [ 16.772196] ? __pfx_kasan_atomics+0x10/0x10 [ 16.772222] ? __pfx_read_tsc+0x10/0x10 [ 16.772244] ? ktime_get_ts64+0x86/0x230 [ 16.772270] kunit_try_run_case+0x1a5/0x480 [ 16.772295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.772319] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.772346] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.772371] ? __kthread_parkme+0x82/0x180 [ 16.772393] ? preempt_count_sub+0x50/0x80 [ 16.772418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.772443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.772478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.772515] kthread+0x337/0x6f0 [ 16.772537] ? trace_preempt_on+0x20/0xc0 [ 16.772562] ? __pfx_kthread+0x10/0x10 [ 16.772583] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.772607] ? calculate_sigpending+0x7b/0xa0 [ 16.772632] ? __pfx_kthread+0x10/0x10 [ 16.772655] ret_from_fork+0x116/0x1d0 [ 16.772675] ? __pfx_kthread+0x10/0x10 [ 16.772698] ret_from_fork_asm+0x1a/0x30 [ 16.772731] </TASK> [ 16.772741] [ 16.780231] Allocated by task 283: [ 16.780422] kasan_save_stack+0x45/0x70 [ 16.780606] kasan_save_track+0x18/0x40 [ 16.780803] kasan_save_alloc_info+0x3b/0x50 [ 16.780994] __kasan_kmalloc+0xb7/0xc0 [ 16.781169] __kmalloc_cache_noprof+0x189/0x420 [ 16.781357] kasan_atomics+0x95/0x310 [ 16.781550] kunit_try_run_case+0x1a5/0x480 [ 16.781737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.782058] kthread+0x337/0x6f0 [ 16.782225] ret_from_fork+0x116/0x1d0 [ 16.782374] ret_from_fork_asm+0x1a/0x30 [ 16.782528] [ 16.782601] The buggy address belongs to the object at ffff8881038b5600 [ 16.782601] which belongs to the cache kmalloc-64 of size 64 [ 16.782960] The buggy address is located 0 bytes to the right of [ 16.782960] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.783337] [ 16.783412] The buggy address belongs to the physical page: [ 16.783656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.784388] flags: 0x200000000000000(node=0|zone=2) [ 16.784633] page_type: f5(slab) [ 16.784806] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.785149] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.785505] page dumped because: kasan: bad access detected [ 16.785753] [ 16.785894] Memory state around the buggy address: [ 16.786107] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.786331] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.786564] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.786802] ^ [ 16.787033] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.787363] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.787702] ================================================================== [ 15.951021] ================================================================== [ 15.951400] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.951721] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.952196] [ 15.952317] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.952363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.952375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.952398] Call Trace: [ 15.952414] <TASK> [ 15.952429] dump_stack_lvl+0x73/0xb0 [ 15.952461] print_report+0xd1/0x610 [ 15.952498] ? __virt_addr_valid+0x1db/0x2d0 [ 15.952522] ? kasan_atomics_helper+0xe78/0x5450 [ 15.952545] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.952570] ? kasan_atomics_helper+0xe78/0x5450 [ 15.952592] kasan_report+0x141/0x180 [ 15.952616] ? kasan_atomics_helper+0xe78/0x5450 [ 15.952643] kasan_check_range+0x10c/0x1c0 [ 15.952668] __kasan_check_write+0x18/0x20 [ 15.952689] kasan_atomics_helper+0xe78/0x5450 [ 15.952713] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.952736] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.952763] ? kasan_atomics+0x152/0x310 [ 15.952791] kasan_atomics+0x1dc/0x310 [ 15.952815] ? __pfx_kasan_atomics+0x10/0x10 [ 15.952840] ? __pfx_read_tsc+0x10/0x10 [ 15.952862] ? ktime_get_ts64+0x86/0x230 [ 15.952888] kunit_try_run_case+0x1a5/0x480 [ 15.952913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.952937] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.952963] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.952988] ? __kthread_parkme+0x82/0x180 [ 15.953010] ? preempt_count_sub+0x50/0x80 [ 15.953035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.953061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.953085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.953110] kthread+0x337/0x6f0 [ 15.953131] ? trace_preempt_on+0x20/0xc0 [ 15.953155] ? __pfx_kthread+0x10/0x10 [ 15.953177] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.953201] ? calculate_sigpending+0x7b/0xa0 [ 15.953225] ? __pfx_kthread+0x10/0x10 [ 15.953248] ret_from_fork+0x116/0x1d0 [ 15.953269] ? __pfx_kthread+0x10/0x10 [ 15.953290] ret_from_fork_asm+0x1a/0x30 [ 15.953322] </TASK> [ 15.953334] [ 15.961912] Allocated by task 283: [ 15.962187] kasan_save_stack+0x45/0x70 [ 15.962361] kasan_save_track+0x18/0x40 [ 15.962516] kasan_save_alloc_info+0x3b/0x50 [ 15.962673] __kasan_kmalloc+0xb7/0xc0 [ 15.962889] __kmalloc_cache_noprof+0x189/0x420 [ 15.963232] kasan_atomics+0x95/0x310 [ 15.963424] kunit_try_run_case+0x1a5/0x480 [ 15.963650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.964072] kthread+0x337/0x6f0 [ 15.964252] ret_from_fork+0x116/0x1d0 [ 15.964425] ret_from_fork_asm+0x1a/0x30 [ 15.964594] [ 15.964696] The buggy address belongs to the object at ffff8881038b5600 [ 15.964696] which belongs to the cache kmalloc-64 of size 64 [ 15.965392] The buggy address is located 0 bytes to the right of [ 15.965392] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.965919] [ 15.966019] The buggy address belongs to the physical page: [ 15.966259] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.966562] flags: 0x200000000000000(node=0|zone=2) [ 15.966776] page_type: f5(slab) [ 15.966977] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.967543] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.967895] page dumped because: kasan: bad access detected [ 15.968159] [ 15.968234] Memory state around the buggy address: [ 15.968394] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.968630] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.968853] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.969070] ^ [ 15.969230] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.969452] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.969683] ================================================================== [ 16.173503] ================================================================== [ 16.173835] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 16.174197] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.174572] [ 16.174730] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.174788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.174800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.174824] Call Trace: [ 16.174839] <TASK> [ 16.174854] dump_stack_lvl+0x73/0xb0 [ 16.174883] print_report+0xd1/0x610 [ 16.174907] ? __virt_addr_valid+0x1db/0x2d0 [ 16.174930] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.174951] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.174975] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.174997] kasan_report+0x141/0x180 [ 16.175019] ? kasan_atomics_helper+0x12e6/0x5450 [ 16.175047] kasan_check_range+0x10c/0x1c0 [ 16.175072] __kasan_check_write+0x18/0x20 [ 16.175092] kasan_atomics_helper+0x12e6/0x5450 [ 16.175116] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.175138] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.175164] ? kasan_atomics+0x152/0x310 [ 16.175191] kasan_atomics+0x1dc/0x310 [ 16.175215] ? __pfx_kasan_atomics+0x10/0x10 [ 16.175239] ? __pfx_read_tsc+0x10/0x10 [ 16.175261] ? ktime_get_ts64+0x86/0x230 [ 16.175285] kunit_try_run_case+0x1a5/0x480 [ 16.175310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.175334] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.175359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.175383] ? __kthread_parkme+0x82/0x180 [ 16.175404] ? preempt_count_sub+0x50/0x80 [ 16.175429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.175454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.175490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.175514] kthread+0x337/0x6f0 [ 16.175535] ? trace_preempt_on+0x20/0xc0 [ 16.175570] ? __pfx_kthread+0x10/0x10 [ 16.175592] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.175614] ? calculate_sigpending+0x7b/0xa0 [ 16.175640] ? __pfx_kthread+0x10/0x10 [ 16.175662] ret_from_fork+0x116/0x1d0 [ 16.175715] ? __pfx_kthread+0x10/0x10 [ 16.175737] ret_from_fork_asm+0x1a/0x30 [ 16.175806] </TASK> [ 16.175817] [ 16.185564] Allocated by task 283: [ 16.185961] kasan_save_stack+0x45/0x70 [ 16.186210] kasan_save_track+0x18/0x40 [ 16.186544] kasan_save_alloc_info+0x3b/0x50 [ 16.186721] __kasan_kmalloc+0xb7/0xc0 [ 16.187061] __kmalloc_cache_noprof+0x189/0x420 [ 16.187225] kasan_atomics+0x95/0x310 [ 16.187361] kunit_try_run_case+0x1a5/0x480 [ 16.187535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.187794] kthread+0x337/0x6f0 [ 16.188005] ret_from_fork+0x116/0x1d0 [ 16.188408] ret_from_fork_asm+0x1a/0x30 [ 16.188614] [ 16.188744] The buggy address belongs to the object at ffff8881038b5600 [ 16.188744] which belongs to the cache kmalloc-64 of size 64 [ 16.189188] The buggy address is located 0 bytes to the right of [ 16.189188] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.190269] [ 16.190367] The buggy address belongs to the physical page: [ 16.190561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.190815] flags: 0x200000000000000(node=0|zone=2) [ 16.190982] page_type: f5(slab) [ 16.191105] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.191340] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.191579] page dumped because: kasan: bad access detected [ 16.191764] [ 16.192813] Memory state around the buggy address: [ 16.193026] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.194326] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.194729] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.195583] ^ [ 16.196214] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.197431] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.198337] ================================================================== [ 16.152740] ================================================================== [ 16.153382] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 16.153745] Read of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.154198] [ 16.154308] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.154354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.154366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.154388] Call Trace: [ 16.154405] <TASK> [ 16.154422] dump_stack_lvl+0x73/0xb0 [ 16.154452] print_report+0xd1/0x610 [ 16.154489] ? __virt_addr_valid+0x1db/0x2d0 [ 16.154513] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.154536] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.154592] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.154616] kasan_report+0x141/0x180 [ 16.154638] ? kasan_atomics_helper+0x49e8/0x5450 [ 16.154699] __asan_report_load4_noabort+0x18/0x20 [ 16.154724] kasan_atomics_helper+0x49e8/0x5450 [ 16.154747] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.154791] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.154817] ? kasan_atomics+0x152/0x310 [ 16.154845] kasan_atomics+0x1dc/0x310 [ 16.154868] ? __pfx_kasan_atomics+0x10/0x10 [ 16.154893] ? __pfx_read_tsc+0x10/0x10 [ 16.154915] ? ktime_get_ts64+0x86/0x230 [ 16.154940] kunit_try_run_case+0x1a5/0x480 [ 16.154965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.154989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.155014] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.155038] ? __kthread_parkme+0x82/0x180 [ 16.155059] ? preempt_count_sub+0x50/0x80 [ 16.155084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.155109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.155133] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.155158] kthread+0x337/0x6f0 [ 16.155178] ? trace_preempt_on+0x20/0xc0 [ 16.155203] ? __pfx_kthread+0x10/0x10 [ 16.155225] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.155248] ? calculate_sigpending+0x7b/0xa0 [ 16.155273] ? __pfx_kthread+0x10/0x10 [ 16.155295] ret_from_fork+0x116/0x1d0 [ 16.155315] ? __pfx_kthread+0x10/0x10 [ 16.155335] ret_from_fork_asm+0x1a/0x30 [ 16.155367] </TASK> [ 16.155377] [ 16.164232] Allocated by task 283: [ 16.164366] kasan_save_stack+0x45/0x70 [ 16.164600] kasan_save_track+0x18/0x40 [ 16.164791] kasan_save_alloc_info+0x3b/0x50 [ 16.165002] __kasan_kmalloc+0xb7/0xc0 [ 16.165189] __kmalloc_cache_noprof+0x189/0x420 [ 16.165409] kasan_atomics+0x95/0x310 [ 16.165601] kunit_try_run_case+0x1a5/0x480 [ 16.165810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.166007] kthread+0x337/0x6f0 [ 16.166138] ret_from_fork+0x116/0x1d0 [ 16.166272] ret_from_fork_asm+0x1a/0x30 [ 16.166411] [ 16.166620] The buggy address belongs to the object at ffff8881038b5600 [ 16.166620] which belongs to the cache kmalloc-64 of size 64 [ 16.167381] The buggy address is located 0 bytes to the right of [ 16.167381] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.167889] [ 16.167990] The buggy address belongs to the physical page: [ 16.168238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.168661] flags: 0x200000000000000(node=0|zone=2) [ 16.169041] page_type: f5(slab) [ 16.169245] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.169647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.169968] page dumped because: kasan: bad access detected [ 16.170249] [ 16.170349] Memory state around the buggy address: [ 16.170591] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.170920] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.171345] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.171797] ^ [ 16.172006] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.172364] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.172852] ================================================================== [ 16.745754] ================================================================== [ 16.746987] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.748009] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.748712] [ 16.748981] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.749042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.749056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.749079] Call Trace: [ 16.749099] <TASK> [ 16.749118] dump_stack_lvl+0x73/0xb0 [ 16.749154] print_report+0xd1/0x610 [ 16.749178] ? __virt_addr_valid+0x1db/0x2d0 [ 16.749202] ? kasan_atomics_helper+0x2006/0x5450 [ 16.749224] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.749249] ? kasan_atomics_helper+0x2006/0x5450 [ 16.749272] kasan_report+0x141/0x180 [ 16.749295] ? kasan_atomics_helper+0x2006/0x5450 [ 16.749322] kasan_check_range+0x10c/0x1c0 [ 16.749347] __kasan_check_write+0x18/0x20 [ 16.749367] kasan_atomics_helper+0x2006/0x5450 [ 16.749391] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.749414] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.749443] ? kasan_atomics+0x152/0x310 [ 16.749482] kasan_atomics+0x1dc/0x310 [ 16.749506] ? __pfx_kasan_atomics+0x10/0x10 [ 16.749531] ? __pfx_read_tsc+0x10/0x10 [ 16.749555] ? ktime_get_ts64+0x86/0x230 [ 16.749582] kunit_try_run_case+0x1a5/0x480 [ 16.749607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.749632] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.749658] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.749682] ? __kthread_parkme+0x82/0x180 [ 16.749705] ? preempt_count_sub+0x50/0x80 [ 16.749730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.749755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.749779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.749831] kthread+0x337/0x6f0 [ 16.749852] ? trace_preempt_on+0x20/0xc0 [ 16.749877] ? __pfx_kthread+0x10/0x10 [ 16.749899] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.749923] ? calculate_sigpending+0x7b/0xa0 [ 16.749948] ? __pfx_kthread+0x10/0x10 [ 16.749971] ret_from_fork+0x116/0x1d0 [ 16.749990] ? __pfx_kthread+0x10/0x10 [ 16.750012] ret_from_fork_asm+0x1a/0x30 [ 16.750044] </TASK> [ 16.750056] [ 16.762273] Allocated by task 283: [ 16.762411] kasan_save_stack+0x45/0x70 [ 16.762580] kasan_save_track+0x18/0x40 [ 16.762722] kasan_save_alloc_info+0x3b/0x50 [ 16.762922] __kasan_kmalloc+0xb7/0xc0 [ 16.763120] __kmalloc_cache_noprof+0x189/0x420 [ 16.763352] kasan_atomics+0x95/0x310 [ 16.763551] kunit_try_run_case+0x1a5/0x480 [ 16.763727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.763910] kthread+0x337/0x6f0 [ 16.764179] ret_from_fork+0x116/0x1d0 [ 16.764378] ret_from_fork_asm+0x1a/0x30 [ 16.764600] [ 16.764703] The buggy address belongs to the object at ffff8881038b5600 [ 16.764703] which belongs to the cache kmalloc-64 of size 64 [ 16.765110] The buggy address is located 0 bytes to the right of [ 16.765110] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.765634] [ 16.765724] The buggy address belongs to the physical page: [ 16.765970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.766253] flags: 0x200000000000000(node=0|zone=2) [ 16.766490] page_type: f5(slab) [ 16.766667] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.767197] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.767524] page dumped because: kasan: bad access detected [ 16.767728] [ 16.767806] Memory state around the buggy address: [ 16.768041] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.768329] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.768641] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.768949] ^ [ 16.769167] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.769390] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.769678] ================================================================== [ 16.010804] ================================================================== [ 16.011368] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 16.011739] Read of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.012172] [ 16.012296] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.012342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.012354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.012376] Call Trace: [ 16.012391] <TASK> [ 16.012406] dump_stack_lvl+0x73/0xb0 [ 16.012437] print_report+0xd1/0x610 [ 16.012460] ? __virt_addr_valid+0x1db/0x2d0 [ 16.012497] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.012519] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.012543] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.012566] kasan_report+0x141/0x180 [ 16.012589] ? kasan_atomics_helper+0x4a36/0x5450 [ 16.012617] __asan_report_load4_noabort+0x18/0x20 [ 16.012642] kasan_atomics_helper+0x4a36/0x5450 [ 16.012665] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.012689] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.012715] ? kasan_atomics+0x152/0x310 [ 16.012744] kasan_atomics+0x1dc/0x310 [ 16.012770] ? __pfx_kasan_atomics+0x10/0x10 [ 16.012797] ? __pfx_read_tsc+0x10/0x10 [ 16.012821] ? ktime_get_ts64+0x86/0x230 [ 16.012846] kunit_try_run_case+0x1a5/0x480 [ 16.012872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.012896] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.012922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.012947] ? __kthread_parkme+0x82/0x180 [ 16.012969] ? preempt_count_sub+0x50/0x80 [ 16.012994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.013019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.013087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.013114] kthread+0x337/0x6f0 [ 16.013135] ? trace_preempt_on+0x20/0xc0 [ 16.013159] ? __pfx_kthread+0x10/0x10 [ 16.013182] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.013205] ? calculate_sigpending+0x7b/0xa0 [ 16.013230] ? __pfx_kthread+0x10/0x10 [ 16.013253] ret_from_fork+0x116/0x1d0 [ 16.013273] ? __pfx_kthread+0x10/0x10 [ 16.013295] ret_from_fork_asm+0x1a/0x30 [ 16.013328] </TASK> [ 16.013339] [ 16.022283] Allocated by task 283: [ 16.022491] kasan_save_stack+0x45/0x70 [ 16.022845] kasan_save_track+0x18/0x40 [ 16.023274] kasan_save_alloc_info+0x3b/0x50 [ 16.023517] __kasan_kmalloc+0xb7/0xc0 [ 16.023712] __kmalloc_cache_noprof+0x189/0x420 [ 16.024030] kasan_atomics+0x95/0x310 [ 16.024304] kunit_try_run_case+0x1a5/0x480 [ 16.024464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.024663] kthread+0x337/0x6f0 [ 16.024913] ret_from_fork+0x116/0x1d0 [ 16.025202] ret_from_fork_asm+0x1a/0x30 [ 16.025409] [ 16.025522] The buggy address belongs to the object at ffff8881038b5600 [ 16.025522] which belongs to the cache kmalloc-64 of size 64 [ 16.026272] The buggy address is located 0 bytes to the right of [ 16.026272] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.026769] [ 16.026873] The buggy address belongs to the physical page: [ 16.027300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.027577] flags: 0x200000000000000(node=0|zone=2) [ 16.027750] page_type: f5(slab) [ 16.027877] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.028119] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.028413] page dumped because: kasan: bad access detected [ 16.028682] [ 16.028918] Memory state around the buggy address: [ 16.029300] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.029622] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.029949] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.030354] ^ [ 16.030824] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.031114] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.031442] ================================================================== [ 15.909815] ================================================================== [ 15.910238] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.910614] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.911353] [ 15.911498] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.911547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.911559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.911583] Call Trace: [ 15.911601] <TASK> [ 15.911617] dump_stack_lvl+0x73/0xb0 [ 15.911649] print_report+0xd1/0x610 [ 15.911673] ? __virt_addr_valid+0x1db/0x2d0 [ 15.911696] ? kasan_atomics_helper+0xd47/0x5450 [ 15.911719] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.911743] ? kasan_atomics_helper+0xd47/0x5450 [ 15.911766] kasan_report+0x141/0x180 [ 15.911806] ? kasan_atomics_helper+0xd47/0x5450 [ 15.911835] kasan_check_range+0x10c/0x1c0 [ 15.911860] __kasan_check_write+0x18/0x20 [ 15.911882] kasan_atomics_helper+0xd47/0x5450 [ 15.911907] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.911930] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.911957] ? kasan_atomics+0x152/0x310 [ 15.911985] kasan_atomics+0x1dc/0x310 [ 15.912009] ? __pfx_kasan_atomics+0x10/0x10 [ 15.912035] ? __pfx_read_tsc+0x10/0x10 [ 15.912105] ? ktime_get_ts64+0x86/0x230 [ 15.912132] kunit_try_run_case+0x1a5/0x480 [ 15.912158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.912182] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.912209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.912234] ? __kthread_parkme+0x82/0x180 [ 15.912257] ? preempt_count_sub+0x50/0x80 [ 15.912282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.912307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.912332] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.912357] kthread+0x337/0x6f0 [ 15.912378] ? trace_preempt_on+0x20/0xc0 [ 15.912403] ? __pfx_kthread+0x10/0x10 [ 15.912425] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.912449] ? calculate_sigpending+0x7b/0xa0 [ 15.912486] ? __pfx_kthread+0x10/0x10 [ 15.912509] ret_from_fork+0x116/0x1d0 [ 15.912529] ? __pfx_kthread+0x10/0x10 [ 15.912551] ret_from_fork_asm+0x1a/0x30 [ 15.912583] </TASK> [ 15.912593] [ 15.921406] Allocated by task 283: [ 15.921555] kasan_save_stack+0x45/0x70 [ 15.921708] kasan_save_track+0x18/0x40 [ 15.921850] kasan_save_alloc_info+0x3b/0x50 [ 15.922005] __kasan_kmalloc+0xb7/0xc0 [ 15.922148] __kmalloc_cache_noprof+0x189/0x420 [ 15.922311] kasan_atomics+0x95/0x310 [ 15.922451] kunit_try_run_case+0x1a5/0x480 [ 15.922677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.922935] kthread+0x337/0x6f0 [ 15.923313] ret_from_fork+0x116/0x1d0 [ 15.923544] ret_from_fork_asm+0x1a/0x30 [ 15.923747] [ 15.923948] The buggy address belongs to the object at ffff8881038b5600 [ 15.923948] which belongs to the cache kmalloc-64 of size 64 [ 15.925021] The buggy address is located 0 bytes to the right of [ 15.925021] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.925617] [ 15.925728] The buggy address belongs to the physical page: [ 15.926309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.926632] flags: 0x200000000000000(node=0|zone=2) [ 15.926892] page_type: f5(slab) [ 15.927112] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.927370] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.927619] page dumped because: kasan: bad access detected [ 15.927814] [ 15.927913] Memory state around the buggy address: [ 15.928153] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.928568] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.928905] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.929405] ^ [ 15.929627] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.929952] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.930349] ================================================================== [ 15.699842] ================================================================== [ 15.700248] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.700596] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.701522] [ 15.701873] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.701935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.701950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.701975] Call Trace: [ 15.701994] <TASK> [ 15.702052] dump_stack_lvl+0x73/0xb0 [ 15.702156] print_report+0xd1/0x610 [ 15.702183] ? __virt_addr_valid+0x1db/0x2d0 [ 15.702208] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.702232] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.702258] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.702281] kasan_report+0x141/0x180 [ 15.702305] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.702333] kasan_check_range+0x10c/0x1c0 [ 15.702359] __kasan_check_write+0x18/0x20 [ 15.702380] kasan_atomics_helper+0x7c7/0x5450 [ 15.702405] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.702429] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.702455] ? kasan_atomics+0x152/0x310 [ 15.702495] kasan_atomics+0x1dc/0x310 [ 15.702520] ? __pfx_kasan_atomics+0x10/0x10 [ 15.702546] ? __pfx_read_tsc+0x10/0x10 [ 15.702569] ? ktime_get_ts64+0x86/0x230 [ 15.702596] kunit_try_run_case+0x1a5/0x480 [ 15.702621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.702646] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.702672] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.702697] ? __kthread_parkme+0x82/0x180 [ 15.702720] ? preempt_count_sub+0x50/0x80 [ 15.702746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.702772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.702796] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.702822] kthread+0x337/0x6f0 [ 15.702843] ? trace_preempt_on+0x20/0xc0 [ 15.702867] ? __pfx_kthread+0x10/0x10 [ 15.702890] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.702914] ? calculate_sigpending+0x7b/0xa0 [ 15.702940] ? __pfx_kthread+0x10/0x10 [ 15.702962] ret_from_fork+0x116/0x1d0 [ 15.702983] ? __pfx_kthread+0x10/0x10 [ 15.703005] ret_from_fork_asm+0x1a/0x30 [ 15.703072] </TASK> [ 15.703085] [ 15.715285] Allocated by task 283: [ 15.716014] kasan_save_stack+0x45/0x70 [ 15.716479] kasan_save_track+0x18/0x40 [ 15.716913] kasan_save_alloc_info+0x3b/0x50 [ 15.717414] __kasan_kmalloc+0xb7/0xc0 [ 15.717821] __kmalloc_cache_noprof+0x189/0x420 [ 15.718337] kasan_atomics+0x95/0x310 [ 15.718600] kunit_try_run_case+0x1a5/0x480 [ 15.718759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.718943] kthread+0x337/0x6f0 [ 15.719105] ret_from_fork+0x116/0x1d0 [ 15.719339] ret_from_fork_asm+0x1a/0x30 [ 15.719595] [ 15.719720] The buggy address belongs to the object at ffff8881038b5600 [ 15.719720] which belongs to the cache kmalloc-64 of size 64 [ 15.720562] The buggy address is located 0 bytes to the right of [ 15.720562] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.721188] [ 15.721298] The buggy address belongs to the physical page: [ 15.721624] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.722085] flags: 0x200000000000000(node=0|zone=2) [ 15.722439] page_type: f5(slab) [ 15.722658] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.723144] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.723692] page dumped because: kasan: bad access detected [ 15.724033] [ 15.724135] Memory state around the buggy address: [ 15.724454] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.724904] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.725318] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.725640] ^ [ 15.726052] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.726440] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.726793] ================================================================== [ 16.502819] ================================================================== [ 16.503272] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 16.503594] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.503969] [ 16.504151] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.504200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.504213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.504236] Call Trace: [ 16.504276] <TASK> [ 16.504293] dump_stack_lvl+0x73/0xb0 [ 16.504339] print_report+0xd1/0x610 [ 16.504376] ? __virt_addr_valid+0x1db/0x2d0 [ 16.504414] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.504450] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.504499] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.504536] kasan_report+0x141/0x180 [ 16.504574] ? kasan_atomics_helper+0x19e3/0x5450 [ 16.504615] kasan_check_range+0x10c/0x1c0 [ 16.504652] __kasan_check_write+0x18/0x20 [ 16.504673] kasan_atomics_helper+0x19e3/0x5450 [ 16.504697] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.504721] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.504747] ? kasan_atomics+0x152/0x310 [ 16.504775] kasan_atomics+0x1dc/0x310 [ 16.504817] ? __pfx_kasan_atomics+0x10/0x10 [ 16.504844] ? __pfx_read_tsc+0x10/0x10 [ 16.504866] ? ktime_get_ts64+0x86/0x230 [ 16.504891] kunit_try_run_case+0x1a5/0x480 [ 16.504916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.504940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.504966] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.504991] ? __kthread_parkme+0x82/0x180 [ 16.505014] ? preempt_count_sub+0x50/0x80 [ 16.505111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.505136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.505161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.505188] kthread+0x337/0x6f0 [ 16.505210] ? trace_preempt_on+0x20/0xc0 [ 16.505234] ? __pfx_kthread+0x10/0x10 [ 16.505256] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.505279] ? calculate_sigpending+0x7b/0xa0 [ 16.505304] ? __pfx_kthread+0x10/0x10 [ 16.505327] ret_from_fork+0x116/0x1d0 [ 16.505347] ? __pfx_kthread+0x10/0x10 [ 16.505369] ret_from_fork_asm+0x1a/0x30 [ 16.505400] </TASK> [ 16.505412] [ 16.514141] Allocated by task 283: [ 16.514372] kasan_save_stack+0x45/0x70 [ 16.514599] kasan_save_track+0x18/0x40 [ 16.514851] kasan_save_alloc_info+0x3b/0x50 [ 16.515135] __kasan_kmalloc+0xb7/0xc0 [ 16.515321] __kmalloc_cache_noprof+0x189/0x420 [ 16.515556] kasan_atomics+0x95/0x310 [ 16.515714] kunit_try_run_case+0x1a5/0x480 [ 16.515891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.516133] kthread+0x337/0x6f0 [ 16.516267] ret_from_fork+0x116/0x1d0 [ 16.516417] ret_from_fork_asm+0x1a/0x30 [ 16.516661] [ 16.516811] The buggy address belongs to the object at ffff8881038b5600 [ 16.516811] which belongs to the cache kmalloc-64 of size 64 [ 16.517681] The buggy address is located 0 bytes to the right of [ 16.517681] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.518380] [ 16.518490] The buggy address belongs to the physical page: [ 16.518743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.519148] flags: 0x200000000000000(node=0|zone=2) [ 16.519325] page_type: f5(slab) [ 16.519485] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.519884] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.520358] page dumped because: kasan: bad access detected [ 16.520656] [ 16.520774] Memory state around the buggy address: [ 16.521076] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.521411] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.521734] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.522006] ^ [ 16.522527] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.522913] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.523328] ================================================================== [ 15.536917] ================================================================== [ 15.537401] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 15.537729] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.538091] [ 15.538186] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.538231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.538245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.538270] Call Trace: [ 15.538288] <TASK> [ 15.538304] dump_stack_lvl+0x73/0xb0 [ 15.538335] print_report+0xd1/0x610 [ 15.538360] ? __virt_addr_valid+0x1db/0x2d0 [ 15.538385] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.538408] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.538432] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.538455] kasan_report+0x141/0x180 [ 15.538491] ? kasan_atomics_helper+0x4b3a/0x5450 [ 15.538519] __asan_report_store4_noabort+0x1b/0x30 [ 15.538546] kasan_atomics_helper+0x4b3a/0x5450 [ 15.538570] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.538593] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.538620] ? kasan_atomics+0x152/0x310 [ 15.538648] kasan_atomics+0x1dc/0x310 [ 15.538672] ? __pfx_kasan_atomics+0x10/0x10 [ 15.538698] ? __pfx_read_tsc+0x10/0x10 [ 15.538722] ? ktime_get_ts64+0x86/0x230 [ 15.538747] kunit_try_run_case+0x1a5/0x480 [ 15.538779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.538826] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.538854] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.538879] ? __kthread_parkme+0x82/0x180 [ 15.538900] ? preempt_count_sub+0x50/0x80 [ 15.538927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.538953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.538977] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.539003] kthread+0x337/0x6f0 [ 15.539024] ? trace_preempt_on+0x20/0xc0 [ 15.539057] ? __pfx_kthread+0x10/0x10 [ 15.539079] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.539102] ? calculate_sigpending+0x7b/0xa0 [ 15.539129] ? __pfx_kthread+0x10/0x10 [ 15.539151] ret_from_fork+0x116/0x1d0 [ 15.539172] ? __pfx_kthread+0x10/0x10 [ 15.539194] ret_from_fork_asm+0x1a/0x30 [ 15.539226] </TASK> [ 15.539238] [ 15.549338] Allocated by task 283: [ 15.549558] kasan_save_stack+0x45/0x70 [ 15.549747] kasan_save_track+0x18/0x40 [ 15.550575] kasan_save_alloc_info+0x3b/0x50 [ 15.550749] __kasan_kmalloc+0xb7/0xc0 [ 15.550891] __kmalloc_cache_noprof+0x189/0x420 [ 15.551065] kasan_atomics+0x95/0x310 [ 15.551204] kunit_try_run_case+0x1a5/0x480 [ 15.551355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.552210] kthread+0x337/0x6f0 [ 15.552414] ret_from_fork+0x116/0x1d0 [ 15.552625] ret_from_fork_asm+0x1a/0x30 [ 15.552829] [ 15.552930] The buggy address belongs to the object at ffff8881038b5600 [ 15.552930] which belongs to the cache kmalloc-64 of size 64 [ 15.553440] The buggy address is located 0 bytes to the right of [ 15.553440] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.555498] [ 15.555928] The buggy address belongs to the physical page: [ 15.557000] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.558080] flags: 0x200000000000000(node=0|zone=2) [ 15.558903] page_type: f5(slab) [ 15.559622] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.560541] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.561625] page dumped because: kasan: bad access detected [ 15.562687] [ 15.562918] Memory state around the buggy address: [ 15.563655] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.564536] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.565161] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.566115] ^ [ 15.566793] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.567642] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.568520] ================================================================== [ 15.642378] ================================================================== [ 15.642888] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.643409] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.644179] [ 15.644429] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.644486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.644499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.644522] Call Trace: [ 15.644560] <TASK> [ 15.644587] dump_stack_lvl+0x73/0xb0 [ 15.644619] print_report+0xd1/0x610 [ 15.644656] ? __virt_addr_valid+0x1db/0x2d0 [ 15.644680] ? kasan_atomics_helper+0x697/0x5450 [ 15.644702] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.644737] ? kasan_atomics_helper+0x697/0x5450 [ 15.644761] kasan_report+0x141/0x180 [ 15.644785] ? kasan_atomics_helper+0x697/0x5450 [ 15.644812] kasan_check_range+0x10c/0x1c0 [ 15.644837] __kasan_check_write+0x18/0x20 [ 15.644858] kasan_atomics_helper+0x697/0x5450 [ 15.644882] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.644906] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.644932] ? kasan_atomics+0x152/0x310 [ 15.644960] kasan_atomics+0x1dc/0x310 [ 15.644984] ? __pfx_kasan_atomics+0x10/0x10 [ 15.645010] ? __pfx_read_tsc+0x10/0x10 [ 15.645042] ? ktime_get_ts64+0x86/0x230 [ 15.645069] kunit_try_run_case+0x1a5/0x480 [ 15.645094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.645117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.645144] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.645168] ? __kthread_parkme+0x82/0x180 [ 15.645190] ? preempt_count_sub+0x50/0x80 [ 15.645215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.645240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.645265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.645290] kthread+0x337/0x6f0 [ 15.645311] ? trace_preempt_on+0x20/0xc0 [ 15.645335] ? __pfx_kthread+0x10/0x10 [ 15.645357] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.645380] ? calculate_sigpending+0x7b/0xa0 [ 15.645405] ? __pfx_kthread+0x10/0x10 [ 15.645428] ret_from_fork+0x116/0x1d0 [ 15.645449] ? __pfx_kthread+0x10/0x10 [ 15.645481] ret_from_fork_asm+0x1a/0x30 [ 15.645512] </TASK> [ 15.645523] [ 15.658979] Allocated by task 283: [ 15.659230] kasan_save_stack+0x45/0x70 [ 15.659660] kasan_save_track+0x18/0x40 [ 15.659935] kasan_save_alloc_info+0x3b/0x50 [ 15.660135] __kasan_kmalloc+0xb7/0xc0 [ 15.660300] __kmalloc_cache_noprof+0x189/0x420 [ 15.660727] kasan_atomics+0x95/0x310 [ 15.660930] kunit_try_run_case+0x1a5/0x480 [ 15.661083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.661393] kthread+0x337/0x6f0 [ 15.661676] ret_from_fork+0x116/0x1d0 [ 15.661945] ret_from_fork_asm+0x1a/0x30 [ 15.662209] [ 15.662308] The buggy address belongs to the object at ffff8881038b5600 [ 15.662308] which belongs to the cache kmalloc-64 of size 64 [ 15.662839] The buggy address is located 0 bytes to the right of [ 15.662839] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.663450] [ 15.663565] The buggy address belongs to the physical page: [ 15.663987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.664346] flags: 0x200000000000000(node=0|zone=2) [ 15.664647] page_type: f5(slab) [ 15.664838] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.665210] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.665561] page dumped because: kasan: bad access detected [ 15.665889] [ 15.665976] Memory state around the buggy address: [ 15.666233] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.666696] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.667013] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.667537] ^ [ 15.667732] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.668130] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.668504] ================================================================== [ 15.790362] ================================================================== [ 15.790696] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.791109] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.791596] [ 15.791695] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.791742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.791754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.791779] Call Trace: [ 15.791796] <TASK> [ 15.791825] dump_stack_lvl+0x73/0xb0 [ 15.791858] print_report+0xd1/0x610 [ 15.791894] ? __virt_addr_valid+0x1db/0x2d0 [ 15.791919] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.791941] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.791965] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.791988] kasan_report+0x141/0x180 [ 15.792011] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.792038] kasan_check_range+0x10c/0x1c0 [ 15.792062] __kasan_check_write+0x18/0x20 [ 15.792083] kasan_atomics_helper+0xa2b/0x5450 [ 15.792107] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.792130] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.792157] ? kasan_atomics+0x152/0x310 [ 15.792184] kasan_atomics+0x1dc/0x310 [ 15.792208] ? __pfx_kasan_atomics+0x10/0x10 [ 15.792234] ? __pfx_read_tsc+0x10/0x10 [ 15.792257] ? ktime_get_ts64+0x86/0x230 [ 15.792282] kunit_try_run_case+0x1a5/0x480 [ 15.792309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.792385] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.792413] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.792439] ? __kthread_parkme+0x82/0x180 [ 15.792461] ? preempt_count_sub+0x50/0x80 [ 15.792498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.792534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.792559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.792596] kthread+0x337/0x6f0 [ 15.792617] ? trace_preempt_on+0x20/0xc0 [ 15.792642] ? __pfx_kthread+0x10/0x10 [ 15.792665] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.792688] ? calculate_sigpending+0x7b/0xa0 [ 15.792713] ? __pfx_kthread+0x10/0x10 [ 15.792737] ret_from_fork+0x116/0x1d0 [ 15.792757] ? __pfx_kthread+0x10/0x10 [ 15.792780] ret_from_fork_asm+0x1a/0x30 [ 15.792822] </TASK> [ 15.792833] [ 15.802266] Allocated by task 283: [ 15.802445] kasan_save_stack+0x45/0x70 [ 15.802667] kasan_save_track+0x18/0x40 [ 15.802838] kasan_save_alloc_info+0x3b/0x50 [ 15.802988] __kasan_kmalloc+0xb7/0xc0 [ 15.803121] __kmalloc_cache_noprof+0x189/0x420 [ 15.803279] kasan_atomics+0x95/0x310 [ 15.803414] kunit_try_run_case+0x1a5/0x480 [ 15.803987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.804668] kthread+0x337/0x6f0 [ 15.805234] ret_from_fork+0x116/0x1d0 [ 15.805624] ret_from_fork_asm+0x1a/0x30 [ 15.806002] [ 15.806228] The buggy address belongs to the object at ffff8881038b5600 [ 15.806228] which belongs to the cache kmalloc-64 of size 64 [ 15.807540] The buggy address is located 0 bytes to the right of [ 15.807540] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.808429] [ 15.808645] The buggy address belongs to the physical page: [ 15.809273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.809872] flags: 0x200000000000000(node=0|zone=2) [ 15.810329] page_type: f5(slab) [ 15.810460] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.810712] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.811493] page dumped because: kasan: bad access detected [ 15.812403] [ 15.812591] Memory state around the buggy address: [ 15.813154] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.813780] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.814291] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.814633] ^ [ 15.815201] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.815891] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.816378] ================================================================== [ 16.248436] ================================================================== [ 16.248778] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 16.249393] Read of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.249748] [ 16.249941] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.249999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.250012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.250046] Call Trace: [ 16.250110] <TASK> [ 16.250127] dump_stack_lvl+0x73/0xb0 [ 16.250159] print_report+0xd1/0x610 [ 16.250193] ? __virt_addr_valid+0x1db/0x2d0 [ 16.250217] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.250239] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.250275] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.250298] kasan_report+0x141/0x180 [ 16.250322] ? kasan_atomics_helper+0x4eae/0x5450 [ 16.250349] __asan_report_load8_noabort+0x18/0x20 [ 16.250385] kasan_atomics_helper+0x4eae/0x5450 [ 16.250408] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.250432] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.250479] ? kasan_atomics+0x152/0x310 [ 16.250506] kasan_atomics+0x1dc/0x310 [ 16.250530] ? __pfx_kasan_atomics+0x10/0x10 [ 16.250564] ? __pfx_read_tsc+0x10/0x10 [ 16.250586] ? ktime_get_ts64+0x86/0x230 [ 16.250611] kunit_try_run_case+0x1a5/0x480 [ 16.250646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.250671] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.250696] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.250721] ? __kthread_parkme+0x82/0x180 [ 16.250743] ? preempt_count_sub+0x50/0x80 [ 16.250767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.250792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.250817] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.250841] kthread+0x337/0x6f0 [ 16.250862] ? trace_preempt_on+0x20/0xc0 [ 16.250886] ? __pfx_kthread+0x10/0x10 [ 16.250908] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.250932] ? calculate_sigpending+0x7b/0xa0 [ 16.250957] ? __pfx_kthread+0x10/0x10 [ 16.250979] ret_from_fork+0x116/0x1d0 [ 16.251000] ? __pfx_kthread+0x10/0x10 [ 16.251021] ret_from_fork_asm+0x1a/0x30 [ 16.251053] </TASK> [ 16.251064] [ 16.259819] Allocated by task 283: [ 16.260008] kasan_save_stack+0x45/0x70 [ 16.260436] kasan_save_track+0x18/0x40 [ 16.260637] kasan_save_alloc_info+0x3b/0x50 [ 16.260822] __kasan_kmalloc+0xb7/0xc0 [ 16.261040] __kmalloc_cache_noprof+0x189/0x420 [ 16.261418] kasan_atomics+0x95/0x310 [ 16.261799] kunit_try_run_case+0x1a5/0x480 [ 16.262025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.262294] kthread+0x337/0x6f0 [ 16.262504] ret_from_fork+0x116/0x1d0 [ 16.262697] ret_from_fork_asm+0x1a/0x30 [ 16.262977] [ 16.263056] The buggy address belongs to the object at ffff8881038b5600 [ 16.263056] which belongs to the cache kmalloc-64 of size 64 [ 16.263421] The buggy address is located 0 bytes to the right of [ 16.263421] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.263817] [ 16.263896] The buggy address belongs to the physical page: [ 16.264307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.264697] flags: 0x200000000000000(node=0|zone=2) [ 16.265197] page_type: f5(slab) [ 16.265373] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.265738] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.266637] page dumped because: kasan: bad access detected [ 16.266996] [ 16.267174] Memory state around the buggy address: [ 16.267380] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.267686] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.268209] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.268552] ^ [ 16.268716] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.268938] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.269156] ================================================================== [ 16.460455] ================================================================== [ 16.460847] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 16.461297] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.461635] [ 16.461726] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.461825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.461839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.461875] Call Trace: [ 16.461904] <TASK> [ 16.461919] dump_stack_lvl+0x73/0xb0 [ 16.461967] print_report+0xd1/0x610 [ 16.462005] ? __virt_addr_valid+0x1db/0x2d0 [ 16.462108] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.462148] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.462185] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.462209] kasan_report+0x141/0x180 [ 16.462233] ? kasan_atomics_helper+0x18b1/0x5450 [ 16.462260] kasan_check_range+0x10c/0x1c0 [ 16.462285] __kasan_check_write+0x18/0x20 [ 16.462305] kasan_atomics_helper+0x18b1/0x5450 [ 16.462330] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.462353] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.462379] ? kasan_atomics+0x152/0x310 [ 16.462407] kasan_atomics+0x1dc/0x310 [ 16.462431] ? __pfx_kasan_atomics+0x10/0x10 [ 16.462457] ? __pfx_read_tsc+0x10/0x10 [ 16.462491] ? ktime_get_ts64+0x86/0x230 [ 16.462517] kunit_try_run_case+0x1a5/0x480 [ 16.462543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.462567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.462593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.462618] ? __kthread_parkme+0x82/0x180 [ 16.462639] ? preempt_count_sub+0x50/0x80 [ 16.462665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.462690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.462714] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.462739] kthread+0x337/0x6f0 [ 16.462780] ? trace_preempt_on+0x20/0xc0 [ 16.462804] ? __pfx_kthread+0x10/0x10 [ 16.462827] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.462871] ? calculate_sigpending+0x7b/0xa0 [ 16.462896] ? __pfx_kthread+0x10/0x10 [ 16.462933] ret_from_fork+0x116/0x1d0 [ 16.462954] ? __pfx_kthread+0x10/0x10 [ 16.462990] ret_from_fork_asm+0x1a/0x30 [ 16.463084] </TASK> [ 16.463114] [ 16.472300] Allocated by task 283: [ 16.472522] kasan_save_stack+0x45/0x70 [ 16.472700] kasan_save_track+0x18/0x40 [ 16.472901] kasan_save_alloc_info+0x3b/0x50 [ 16.473238] __kasan_kmalloc+0xb7/0xc0 [ 16.473433] __kmalloc_cache_noprof+0x189/0x420 [ 16.473702] kasan_atomics+0x95/0x310 [ 16.473957] kunit_try_run_case+0x1a5/0x480 [ 16.474246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.474524] kthread+0x337/0x6f0 [ 16.474697] ret_from_fork+0x116/0x1d0 [ 16.474910] ret_from_fork_asm+0x1a/0x30 [ 16.475135] [ 16.475239] The buggy address belongs to the object at ffff8881038b5600 [ 16.475239] which belongs to the cache kmalloc-64 of size 64 [ 16.475713] The buggy address is located 0 bytes to the right of [ 16.475713] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.476101] [ 16.476201] The buggy address belongs to the physical page: [ 16.476464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.477179] flags: 0x200000000000000(node=0|zone=2) [ 16.477439] page_type: f5(slab) [ 16.477649] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.478112] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.478415] page dumped because: kasan: bad access detected [ 16.478609] [ 16.478685] Memory state around the buggy address: [ 16.478875] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.479267] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.479653] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.480125] ^ [ 16.480401] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.480795] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.481355] ================================================================== [ 15.870495] ================================================================== [ 15.870916] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.871480] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.871741] [ 15.871858] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.871902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.871916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.871938] Call Trace: [ 15.871956] <TASK> [ 15.871971] dump_stack_lvl+0x73/0xb0 [ 15.872002] print_report+0xd1/0x610 [ 15.872027] ? __virt_addr_valid+0x1db/0x2d0 [ 15.872052] ? kasan_atomics_helper+0xc70/0x5450 [ 15.872074] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.872098] ? kasan_atomics_helper+0xc70/0x5450 [ 15.872121] kasan_report+0x141/0x180 [ 15.872145] ? kasan_atomics_helper+0xc70/0x5450 [ 15.872173] kasan_check_range+0x10c/0x1c0 [ 15.872197] __kasan_check_write+0x18/0x20 [ 15.872218] kasan_atomics_helper+0xc70/0x5450 [ 15.872290] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.872314] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.872340] ? kasan_atomics+0x152/0x310 [ 15.872369] kasan_atomics+0x1dc/0x310 [ 15.872392] ? __pfx_kasan_atomics+0x10/0x10 [ 15.872417] ? __pfx_read_tsc+0x10/0x10 [ 15.872441] ? ktime_get_ts64+0x86/0x230 [ 15.872466] kunit_try_run_case+0x1a5/0x480 [ 15.872504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.872527] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.872554] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.872579] ? __kthread_parkme+0x82/0x180 [ 15.872600] ? preempt_count_sub+0x50/0x80 [ 15.872625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.872650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.872674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.872699] kthread+0x337/0x6f0 [ 15.872721] ? trace_preempt_on+0x20/0xc0 [ 15.872745] ? __pfx_kthread+0x10/0x10 [ 15.872767] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.872790] ? calculate_sigpending+0x7b/0xa0 [ 15.872815] ? __pfx_kthread+0x10/0x10 [ 15.872838] ret_from_fork+0x116/0x1d0 [ 15.872859] ? __pfx_kthread+0x10/0x10 [ 15.872890] ret_from_fork_asm+0x1a/0x30 [ 15.872922] </TASK> [ 15.872933] [ 15.881403] Allocated by task 283: [ 15.881578] kasan_save_stack+0x45/0x70 [ 15.881729] kasan_save_track+0x18/0x40 [ 15.881871] kasan_save_alloc_info+0x3b/0x50 [ 15.882142] __kasan_kmalloc+0xb7/0xc0 [ 15.882344] __kmalloc_cache_noprof+0x189/0x420 [ 15.882587] kasan_atomics+0x95/0x310 [ 15.882785] kunit_try_run_case+0x1a5/0x480 [ 15.883007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.883413] kthread+0x337/0x6f0 [ 15.883604] ret_from_fork+0x116/0x1d0 [ 15.883760] ret_from_fork_asm+0x1a/0x30 [ 15.883979] [ 15.884149] The buggy address belongs to the object at ffff8881038b5600 [ 15.884149] which belongs to the cache kmalloc-64 of size 64 [ 15.884592] The buggy address is located 0 bytes to the right of [ 15.884592] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.885255] [ 15.885335] The buggy address belongs to the physical page: [ 15.885590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.886151] flags: 0x200000000000000(node=0|zone=2) [ 15.886372] page_type: f5(slab) [ 15.886527] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.886794] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.887031] page dumped because: kasan: bad access detected [ 15.887214] [ 15.887288] Memory state around the buggy address: [ 15.887451] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.887693] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.888018] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.888699] ^ [ 15.889279] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.889598] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.889938] ================================================================== [ 16.604830] ================================================================== [ 16.605262] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.605655] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.605922] [ 16.606038] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.606110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.606124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.606145] Call Trace: [ 16.606161] <TASK> [ 16.606196] dump_stack_lvl+0x73/0xb0 [ 16.606227] print_report+0xd1/0x610 [ 16.606268] ? __virt_addr_valid+0x1db/0x2d0 [ 16.606292] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.606315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.606339] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.606362] kasan_report+0x141/0x180 [ 16.606386] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.606415] kasan_check_range+0x10c/0x1c0 [ 16.606440] __kasan_check_write+0x18/0x20 [ 16.606461] kasan_atomics_helper+0x1ce1/0x5450 [ 16.606496] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.606519] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.606562] ? kasan_atomics+0x152/0x310 [ 16.606605] kasan_atomics+0x1dc/0x310 [ 16.606643] ? __pfx_kasan_atomics+0x10/0x10 [ 16.606682] ? __pfx_read_tsc+0x10/0x10 [ 16.606719] ? ktime_get_ts64+0x86/0x230 [ 16.606777] kunit_try_run_case+0x1a5/0x480 [ 16.606832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.606869] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.606907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.606946] ? __kthread_parkme+0x82/0x180 [ 16.606981] ? preempt_count_sub+0x50/0x80 [ 16.607019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.607058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.607096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.607135] kthread+0x337/0x6f0 [ 16.607170] ? trace_preempt_on+0x20/0xc0 [ 16.607208] ? __pfx_kthread+0x10/0x10 [ 16.607230] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.607253] ? calculate_sigpending+0x7b/0xa0 [ 16.607278] ? __pfx_kthread+0x10/0x10 [ 16.607301] ret_from_fork+0x116/0x1d0 [ 16.607321] ? __pfx_kthread+0x10/0x10 [ 16.607343] ret_from_fork_asm+0x1a/0x30 [ 16.607375] </TASK> [ 16.607386] [ 16.615391] Allocated by task 283: [ 16.615596] kasan_save_stack+0x45/0x70 [ 16.615821] kasan_save_track+0x18/0x40 [ 16.616013] kasan_save_alloc_info+0x3b/0x50 [ 16.616251] __kasan_kmalloc+0xb7/0xc0 [ 16.616445] __kmalloc_cache_noprof+0x189/0x420 [ 16.616697] kasan_atomics+0x95/0x310 [ 16.616920] kunit_try_run_case+0x1a5/0x480 [ 16.617135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.617393] kthread+0x337/0x6f0 [ 16.617579] ret_from_fork+0x116/0x1d0 [ 16.617793] ret_from_fork_asm+0x1a/0x30 [ 16.617994] [ 16.618093] The buggy address belongs to the object at ffff8881038b5600 [ 16.618093] which belongs to the cache kmalloc-64 of size 64 [ 16.618621] The buggy address is located 0 bytes to the right of [ 16.618621] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.619150] [ 16.619270] The buggy address belongs to the physical page: [ 16.619549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.619929] flags: 0x200000000000000(node=0|zone=2) [ 16.620165] page_type: f5(slab) [ 16.620356] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.620618] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.620915] page dumped because: kasan: bad access detected [ 16.621192] [ 16.621309] Memory state around the buggy address: [ 16.621576] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.621944] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.622258] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.622576] ^ [ 16.622833] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.623091] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.623314] ================================================================== [ 16.051461] ================================================================== [ 16.051789] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 16.052104] Read of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.052631] [ 16.052744] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.052787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.052800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.052823] Call Trace: [ 16.052838] <TASK> [ 16.052853] dump_stack_lvl+0x73/0xb0 [ 16.052885] print_report+0xd1/0x610 [ 16.052908] ? __virt_addr_valid+0x1db/0x2d0 [ 16.052932] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.052954] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.052979] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.053003] kasan_report+0x141/0x180 [ 16.053026] ? kasan_atomics_helper+0x4a1c/0x5450 [ 16.053053] __asan_report_load4_noabort+0x18/0x20 [ 16.053078] kasan_atomics_helper+0x4a1c/0x5450 [ 16.053102] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.053126] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.053152] ? kasan_atomics+0x152/0x310 [ 16.053180] kasan_atomics+0x1dc/0x310 [ 16.053204] ? __pfx_kasan_atomics+0x10/0x10 [ 16.053229] ? __pfx_read_tsc+0x10/0x10 [ 16.053253] ? ktime_get_ts64+0x86/0x230 [ 16.053278] kunit_try_run_case+0x1a5/0x480 [ 16.053304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.053329] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.053355] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.053380] ? __kthread_parkme+0x82/0x180 [ 16.053402] ? preempt_count_sub+0x50/0x80 [ 16.053428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.053454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.053492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.053517] kthread+0x337/0x6f0 [ 16.053539] ? trace_preempt_on+0x20/0xc0 [ 16.053563] ? __pfx_kthread+0x10/0x10 [ 16.053586] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.053610] ? calculate_sigpending+0x7b/0xa0 [ 16.053636] ? __pfx_kthread+0x10/0x10 [ 16.053659] ret_from_fork+0x116/0x1d0 [ 16.053679] ? __pfx_kthread+0x10/0x10 [ 16.053701] ret_from_fork_asm+0x1a/0x30 [ 16.053733] </TASK> [ 16.053744] [ 16.065106] Allocated by task 283: [ 16.065306] kasan_save_stack+0x45/0x70 [ 16.065552] kasan_save_track+0x18/0x40 [ 16.065949] kasan_save_alloc_info+0x3b/0x50 [ 16.066189] __kasan_kmalloc+0xb7/0xc0 [ 16.066385] __kmalloc_cache_noprof+0x189/0x420 [ 16.066627] kasan_atomics+0x95/0x310 [ 16.066998] kunit_try_run_case+0x1a5/0x480 [ 16.067289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.067483] kthread+0x337/0x6f0 [ 16.067611] ret_from_fork+0x116/0x1d0 [ 16.067751] ret_from_fork_asm+0x1a/0x30 [ 16.067962] [ 16.068083] The buggy address belongs to the object at ffff8881038b5600 [ 16.068083] which belongs to the cache kmalloc-64 of size 64 [ 16.068636] The buggy address is located 0 bytes to the right of [ 16.068636] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.069401] [ 16.069515] The buggy address belongs to the physical page: [ 16.069693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.069938] flags: 0x200000000000000(node=0|zone=2) [ 16.070121] page_type: f5(slab) [ 16.070327] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.070721] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.071361] page dumped because: kasan: bad access detected [ 16.071554] [ 16.071672] Memory state around the buggy address: [ 16.071994] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.072384] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.072711] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.073035] ^ [ 16.073224] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.073547] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.073864] ================================================================== [ 15.608319] ================================================================== [ 15.608941] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 15.609402] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.610174] [ 15.610484] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.610567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.610581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.610605] Call Trace: [ 15.610636] <TASK> [ 15.610654] dump_stack_lvl+0x73/0xb0 [ 15.610688] print_report+0xd1/0x610 [ 15.610712] ? __virt_addr_valid+0x1db/0x2d0 [ 15.610738] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.610762] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.610786] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.610809] kasan_report+0x141/0x180 [ 15.610833] ? kasan_atomics_helper+0x5fe/0x5450 [ 15.610862] kasan_check_range+0x10c/0x1c0 [ 15.610887] __kasan_check_write+0x18/0x20 [ 15.610908] kasan_atomics_helper+0x5fe/0x5450 [ 15.610945] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.610969] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.610995] ? kasan_atomics+0x152/0x310 [ 15.611074] kasan_atomics+0x1dc/0x310 [ 15.611116] ? __pfx_kasan_atomics+0x10/0x10 [ 15.611143] ? __pfx_read_tsc+0x10/0x10 [ 15.611167] ? ktime_get_ts64+0x86/0x230 [ 15.611205] kunit_try_run_case+0x1a5/0x480 [ 15.611231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.611267] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.611292] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.611318] ? __kthread_parkme+0x82/0x180 [ 15.611351] ? preempt_count_sub+0x50/0x80 [ 15.611378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.611403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.611438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.611463] kthread+0x337/0x6f0 [ 15.611502] ? trace_preempt_on+0x20/0xc0 [ 15.611526] ? __pfx_kthread+0x10/0x10 [ 15.611548] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.611583] ? calculate_sigpending+0x7b/0xa0 [ 15.611607] ? __pfx_kthread+0x10/0x10 [ 15.611642] ret_from_fork+0x116/0x1d0 [ 15.611663] ? __pfx_kthread+0x10/0x10 [ 15.611685] ret_from_fork_asm+0x1a/0x30 [ 15.611728] </TASK> [ 15.611740] [ 15.627262] Allocated by task 283: [ 15.627544] kasan_save_stack+0x45/0x70 [ 15.628022] kasan_save_track+0x18/0x40 [ 15.628503] kasan_save_alloc_info+0x3b/0x50 [ 15.628945] __kasan_kmalloc+0xb7/0xc0 [ 15.629361] __kmalloc_cache_noprof+0x189/0x420 [ 15.629731] kasan_atomics+0x95/0x310 [ 15.629898] kunit_try_run_case+0x1a5/0x480 [ 15.630055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.630642] kthread+0x337/0x6f0 [ 15.631105] ret_from_fork+0x116/0x1d0 [ 15.631499] ret_from_fork_asm+0x1a/0x30 [ 15.631907] [ 15.632082] The buggy address belongs to the object at ffff8881038b5600 [ 15.632082] which belongs to the cache kmalloc-64 of size 64 [ 15.633121] The buggy address is located 0 bytes to the right of [ 15.633121] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.634031] [ 15.634114] The buggy address belongs to the physical page: [ 15.634777] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.635071] flags: 0x200000000000000(node=0|zone=2) [ 15.635521] page_type: f5(slab) [ 15.635807] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.636287] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.636532] page dumped because: kasan: bad access detected [ 15.636709] [ 15.636791] Memory state around the buggy address: [ 15.637339] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.638229] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.638959] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.639724] ^ [ 15.640300] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.641125] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.641642] ================================================================== [ 15.890613] ================================================================== [ 15.891064] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.891422] Read of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.891739] [ 15.891923] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.891970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.891982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.892004] Call Trace: [ 15.892021] <TASK> [ 15.892067] dump_stack_lvl+0x73/0xb0 [ 15.892101] print_report+0xd1/0x610 [ 15.892125] ? __virt_addr_valid+0x1db/0x2d0 [ 15.892148] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.892170] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.892194] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.892217] kasan_report+0x141/0x180 [ 15.892240] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.892267] __asan_report_load4_noabort+0x18/0x20 [ 15.892293] kasan_atomics_helper+0x4a84/0x5450 [ 15.892318] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.892341] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.892367] ? kasan_atomics+0x152/0x310 [ 15.892396] kasan_atomics+0x1dc/0x310 [ 15.892419] ? __pfx_kasan_atomics+0x10/0x10 [ 15.892443] ? __pfx_read_tsc+0x10/0x10 [ 15.892465] ? ktime_get_ts64+0x86/0x230 [ 15.892503] kunit_try_run_case+0x1a5/0x480 [ 15.892530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.892555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.892580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.892604] ? __kthread_parkme+0x82/0x180 [ 15.892626] ? preempt_count_sub+0x50/0x80 [ 15.892651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.892677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.892701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.892726] kthread+0x337/0x6f0 [ 15.892747] ? trace_preempt_on+0x20/0xc0 [ 15.892771] ? __pfx_kthread+0x10/0x10 [ 15.892793] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.892817] ? calculate_sigpending+0x7b/0xa0 [ 15.892841] ? __pfx_kthread+0x10/0x10 [ 15.892863] ret_from_fork+0x116/0x1d0 [ 15.892884] ? __pfx_kthread+0x10/0x10 [ 15.892906] ret_from_fork_asm+0x1a/0x30 [ 15.892937] </TASK> [ 15.892950] [ 15.901171] Allocated by task 283: [ 15.901363] kasan_save_stack+0x45/0x70 [ 15.901582] kasan_save_track+0x18/0x40 [ 15.901786] kasan_save_alloc_info+0x3b/0x50 [ 15.901971] __kasan_kmalloc+0xb7/0xc0 [ 15.902341] __kmalloc_cache_noprof+0x189/0x420 [ 15.902555] kasan_atomics+0x95/0x310 [ 15.902741] kunit_try_run_case+0x1a5/0x480 [ 15.902990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.903534] kthread+0x337/0x6f0 [ 15.903714] ret_from_fork+0x116/0x1d0 [ 15.903915] ret_from_fork_asm+0x1a/0x30 [ 15.904169] [ 15.904273] The buggy address belongs to the object at ffff8881038b5600 [ 15.904273] which belongs to the cache kmalloc-64 of size 64 [ 15.904739] The buggy address is located 0 bytes to the right of [ 15.904739] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.905324] [ 15.905428] The buggy address belongs to the physical page: [ 15.905681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.906062] flags: 0x200000000000000(node=0|zone=2) [ 15.906242] page_type: f5(slab) [ 15.906368] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.906621] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.906858] page dumped because: kasan: bad access detected [ 15.907039] [ 15.907113] Memory state around the buggy address: [ 15.907276] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.907650] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.908139] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.908478] ^ [ 15.908708] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.909195] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.909423] ================================================================== [ 15.850738] ================================================================== [ 15.851252] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.851515] Write of size 4 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 15.851753] [ 15.851844] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.851890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.851904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.851927] Call Trace: [ 15.851945] <TASK> [ 15.851962] dump_stack_lvl+0x73/0xb0 [ 15.851993] print_report+0xd1/0x610 [ 15.852016] ? __virt_addr_valid+0x1db/0x2d0 [ 15.852039] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.852062] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.852085] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.852108] kasan_report+0x141/0x180 [ 15.852131] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.852159] kasan_check_range+0x10c/0x1c0 [ 15.852184] __kasan_check_write+0x18/0x20 [ 15.852204] kasan_atomics_helper+0xb6a/0x5450 [ 15.852240] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.852264] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.852290] ? kasan_atomics+0x152/0x310 [ 15.852319] kasan_atomics+0x1dc/0x310 [ 15.852343] ? __pfx_kasan_atomics+0x10/0x10 [ 15.852368] ? __pfx_read_tsc+0x10/0x10 [ 15.852391] ? ktime_get_ts64+0x86/0x230 [ 15.852416] kunit_try_run_case+0x1a5/0x480 [ 15.852441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.852465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.852501] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.852526] ? __kthread_parkme+0x82/0x180 [ 15.852547] ? preempt_count_sub+0x50/0x80 [ 15.852572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.852597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.852622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.852647] kthread+0x337/0x6f0 [ 15.852668] ? trace_preempt_on+0x20/0xc0 [ 15.852692] ? __pfx_kthread+0x10/0x10 [ 15.852715] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.852739] ? calculate_sigpending+0x7b/0xa0 [ 15.852765] ? __pfx_kthread+0x10/0x10 [ 15.852787] ret_from_fork+0x116/0x1d0 [ 15.852808] ? __pfx_kthread+0x10/0x10 [ 15.852877] ret_from_fork_asm+0x1a/0x30 [ 15.852911] </TASK> [ 15.852922] [ 15.861478] Allocated by task 283: [ 15.861637] kasan_save_stack+0x45/0x70 [ 15.861793] kasan_save_track+0x18/0x40 [ 15.861937] kasan_save_alloc_info+0x3b/0x50 [ 15.862155] __kasan_kmalloc+0xb7/0xc0 [ 15.862619] __kmalloc_cache_noprof+0x189/0x420 [ 15.862920] kasan_atomics+0x95/0x310 [ 15.863144] kunit_try_run_case+0x1a5/0x480 [ 15.863366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.863607] kthread+0x337/0x6f0 [ 15.863766] ret_from_fork+0x116/0x1d0 [ 15.863975] ret_from_fork_asm+0x1a/0x30 [ 15.864337] [ 15.864438] The buggy address belongs to the object at ffff8881038b5600 [ 15.864438] which belongs to the cache kmalloc-64 of size 64 [ 15.865086] The buggy address is located 0 bytes to the right of [ 15.865086] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 15.865589] [ 15.865690] The buggy address belongs to the physical page: [ 15.865966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 15.866310] flags: 0x200000000000000(node=0|zone=2) [ 15.866494] page_type: f5(slab) [ 15.866621] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.866859] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.867155] page dumped because: kasan: bad access detected [ 15.867414] [ 15.867521] Memory state around the buggy address: [ 15.867749] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.868411] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.868783] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.869238] ^ [ 15.869494] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.869733] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.869962] ================================================================== [ 16.336763] ================================================================== [ 16.337228] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 16.337623] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.338082] [ 16.338255] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.338303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.338315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.338359] Call Trace: [ 16.338376] <TASK> [ 16.338392] dump_stack_lvl+0x73/0xb0 [ 16.338424] print_report+0xd1/0x610 [ 16.338449] ? __virt_addr_valid+0x1db/0x2d0 [ 16.338483] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.338507] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.338531] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.338555] kasan_report+0x141/0x180 [ 16.338578] ? kasan_atomics_helper+0x15b6/0x5450 [ 16.338609] kasan_check_range+0x10c/0x1c0 [ 16.338634] __kasan_check_write+0x18/0x20 [ 16.338655] kasan_atomics_helper+0x15b6/0x5450 [ 16.338680] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.338704] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.338730] ? kasan_atomics+0x152/0x310 [ 16.338758] kasan_atomics+0x1dc/0x310 [ 16.338806] ? __pfx_kasan_atomics+0x10/0x10 [ 16.338833] ? __pfx_read_tsc+0x10/0x10 [ 16.338867] ? ktime_get_ts64+0x86/0x230 [ 16.338893] kunit_try_run_case+0x1a5/0x480 [ 16.338918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.338943] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.338969] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.338994] ? __kthread_parkme+0x82/0x180 [ 16.339016] ? preempt_count_sub+0x50/0x80 [ 16.339041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.339066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.339092] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.339117] kthread+0x337/0x6f0 [ 16.339138] ? trace_preempt_on+0x20/0xc0 [ 16.339162] ? __pfx_kthread+0x10/0x10 [ 16.339185] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.339208] ? calculate_sigpending+0x7b/0xa0 [ 16.339251] ? __pfx_kthread+0x10/0x10 [ 16.339274] ret_from_fork+0x116/0x1d0 [ 16.339309] ? __pfx_kthread+0x10/0x10 [ 16.339331] ret_from_fork_asm+0x1a/0x30 [ 16.339379] </TASK> [ 16.339404] [ 16.349666] Allocated by task 283: [ 16.349938] kasan_save_stack+0x45/0x70 [ 16.350298] kasan_save_track+0x18/0x40 [ 16.350515] kasan_save_alloc_info+0x3b/0x50 [ 16.350683] __kasan_kmalloc+0xb7/0xc0 [ 16.350855] __kmalloc_cache_noprof+0x189/0x420 [ 16.351372] kasan_atomics+0x95/0x310 [ 16.351582] kunit_try_run_case+0x1a5/0x480 [ 16.351733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.352017] kthread+0x337/0x6f0 [ 16.352405] ret_from_fork+0x116/0x1d0 [ 16.352846] ret_from_fork_asm+0x1a/0x30 [ 16.353042] [ 16.353142] The buggy address belongs to the object at ffff8881038b5600 [ 16.353142] which belongs to the cache kmalloc-64 of size 64 [ 16.353780] The buggy address is located 0 bytes to the right of [ 16.353780] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.354526] [ 16.354603] The buggy address belongs to the physical page: [ 16.354780] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.355651] flags: 0x200000000000000(node=0|zone=2) [ 16.355955] page_type: f5(slab) [ 16.356271] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.356689] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.357240] page dumped because: kasan: bad access detected [ 16.357416] [ 16.357531] Memory state around the buggy address: [ 16.357815] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.358400] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.358746] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.359154] ^ [ 16.359490] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.359763] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360373] ================================================================== [ 16.481759] ================================================================== [ 16.482055] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 16.482669] Write of size 8 at addr ffff8881038b5630 by task kunit_try_catch/283 [ 16.483132] [ 16.483250] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.483296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.483309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.483333] Call Trace: [ 16.483352] <TASK> [ 16.483368] dump_stack_lvl+0x73/0xb0 [ 16.483400] print_report+0xd1/0x610 [ 16.483447] ? __virt_addr_valid+0x1db/0x2d0 [ 16.483481] ? kasan_atomics_helper+0x194a/0x5450 [ 16.483505] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.483528] ? kasan_atomics_helper+0x194a/0x5450 [ 16.483551] kasan_report+0x141/0x180 [ 16.483575] ? kasan_atomics_helper+0x194a/0x5450 [ 16.483603] kasan_check_range+0x10c/0x1c0 [ 16.483629] __kasan_check_write+0x18/0x20 [ 16.483650] kasan_atomics_helper+0x194a/0x5450 [ 16.483673] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.483697] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.483744] ? kasan_atomics+0x152/0x310 [ 16.483792] kasan_atomics+0x1dc/0x310 [ 16.483816] ? __pfx_kasan_atomics+0x10/0x10 [ 16.483860] ? __pfx_read_tsc+0x10/0x10 [ 16.483882] ? ktime_get_ts64+0x86/0x230 [ 16.483908] kunit_try_run_case+0x1a5/0x480 [ 16.483934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.483958] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.483983] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.484008] ? __kthread_parkme+0x82/0x180 [ 16.484120] ? preempt_count_sub+0x50/0x80 [ 16.484147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.484188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.484213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.484238] kthread+0x337/0x6f0 [ 16.484260] ? trace_preempt_on+0x20/0xc0 [ 16.484284] ? __pfx_kthread+0x10/0x10 [ 16.484306] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.484330] ? calculate_sigpending+0x7b/0xa0 [ 16.484355] ? __pfx_kthread+0x10/0x10 [ 16.484378] ret_from_fork+0x116/0x1d0 [ 16.484398] ? __pfx_kthread+0x10/0x10 [ 16.484420] ret_from_fork_asm+0x1a/0x30 [ 16.484452] </TASK> [ 16.484464] [ 16.493658] Allocated by task 283: [ 16.493893] kasan_save_stack+0x45/0x70 [ 16.494174] kasan_save_track+0x18/0x40 [ 16.494326] kasan_save_alloc_info+0x3b/0x50 [ 16.494496] __kasan_kmalloc+0xb7/0xc0 [ 16.494639] __kmalloc_cache_noprof+0x189/0x420 [ 16.494832] kasan_atomics+0x95/0x310 [ 16.494976] kunit_try_run_case+0x1a5/0x480 [ 16.495190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.495381] kthread+0x337/0x6f0 [ 16.495522] ret_from_fork+0x116/0x1d0 [ 16.495695] ret_from_fork_asm+0x1a/0x30 [ 16.495931] [ 16.496083] The buggy address belongs to the object at ffff8881038b5600 [ 16.496083] which belongs to the cache kmalloc-64 of size 64 [ 16.496656] The buggy address is located 0 bytes to the right of [ 16.496656] allocated 48-byte region [ffff8881038b5600, ffff8881038b5630) [ 16.497537] [ 16.497646] The buggy address belongs to the physical page: [ 16.497913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b5 [ 16.498307] flags: 0x200000000000000(node=0|zone=2) [ 16.498626] page_type: f5(slab) [ 16.498820] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.499164] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.499516] page dumped because: kasan: bad access detected [ 16.499757] [ 16.499946] Memory state around the buggy address: [ 16.500197] ffff8881038b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.500552] ffff8881038b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.500890] >ffff8881038b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.501260] ^ [ 16.501484] ffff8881038b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.501784] ffff8881038b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.502342] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 15.176172] ================================================================== [ 15.176560] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.177122] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.177406] [ 15.177535] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.177582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.177594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.177615] Call Trace: [ 15.177632] <TASK> [ 15.177648] dump_stack_lvl+0x73/0xb0 [ 15.177679] print_report+0xd1/0x610 [ 15.177702] ? __virt_addr_valid+0x1db/0x2d0 [ 15.177725] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.177753] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.177775] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.177803] kasan_report+0x141/0x180 [ 15.177825] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.177857] kasan_check_range+0x10c/0x1c0 [ 15.177880] __kasan_check_write+0x18/0x20 [ 15.177901] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.177936] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.177965] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.177989] ? trace_hardirqs_on+0x37/0xe0 [ 15.178011] ? kasan_bitops_generic+0x92/0x1c0 [ 15.178039] kasan_bitops_generic+0x121/0x1c0 [ 15.178063] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.178088] ? __pfx_read_tsc+0x10/0x10 [ 15.178114] ? ktime_get_ts64+0x86/0x230 [ 15.178139] kunit_try_run_case+0x1a5/0x480 [ 15.178163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.178186] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.178211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.178236] ? __kthread_parkme+0x82/0x180 [ 15.178257] ? preempt_count_sub+0x50/0x80 [ 15.178281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.178305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.178329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.178353] kthread+0x337/0x6f0 [ 15.178372] ? trace_preempt_on+0x20/0xc0 [ 15.178395] ? __pfx_kthread+0x10/0x10 [ 15.178416] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.178438] ? calculate_sigpending+0x7b/0xa0 [ 15.178462] ? __pfx_kthread+0x10/0x10 [ 15.178495] ret_from_fork+0x116/0x1d0 [ 15.178514] ? __pfx_kthread+0x10/0x10 [ 15.178535] ret_from_fork_asm+0x1a/0x30 [ 15.178566] </TASK> [ 15.178575] [ 15.193694] Allocated by task 279: [ 15.194189] kasan_save_stack+0x45/0x70 [ 15.194416] kasan_save_track+0x18/0x40 [ 15.194582] kasan_save_alloc_info+0x3b/0x50 [ 15.195041] __kasan_kmalloc+0xb7/0xc0 [ 15.195336] __kmalloc_cache_noprof+0x189/0x420 [ 15.195586] kasan_bitops_generic+0x92/0x1c0 [ 15.195925] kunit_try_run_case+0x1a5/0x480 [ 15.196224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.196605] kthread+0x337/0x6f0 [ 15.196907] ret_from_fork+0x116/0x1d0 [ 15.197075] ret_from_fork_asm+0x1a/0x30 [ 15.197312] [ 15.197607] The buggy address belongs to the object at ffff888102641aa0 [ 15.197607] which belongs to the cache kmalloc-16 of size 16 [ 15.198384] The buggy address is located 8 bytes inside of [ 15.198384] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.199059] [ 15.199269] The buggy address belongs to the physical page: [ 15.199562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.200093] flags: 0x200000000000000(node=0|zone=2) [ 15.200418] page_type: f5(slab) [ 15.200631] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.201091] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.201531] page dumped because: kasan: bad access detected [ 15.201920] [ 15.202002] Memory state around the buggy address: [ 15.202238] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.202574] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.203143] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.203510] ^ [ 15.203784] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.204088] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.204590] ================================================================== [ 15.266465] ================================================================== [ 15.266851] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.267318] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.267628] [ 15.267739] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.267804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.267816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.267837] Call Trace: [ 15.267854] <TASK> [ 15.267868] dump_stack_lvl+0x73/0xb0 [ 15.267897] print_report+0xd1/0x610 [ 15.267919] ? __virt_addr_valid+0x1db/0x2d0 [ 15.267942] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.267969] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.267992] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.268043] kasan_report+0x141/0x180 [ 15.268066] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.268098] kasan_check_range+0x10c/0x1c0 [ 15.268138] __kasan_check_write+0x18/0x20 [ 15.268158] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.268186] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.268230] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.268255] ? trace_hardirqs_on+0x37/0xe0 [ 15.268277] ? kasan_bitops_generic+0x92/0x1c0 [ 15.268321] kasan_bitops_generic+0x121/0x1c0 [ 15.268345] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.268371] ? __pfx_read_tsc+0x10/0x10 [ 15.268392] ? ktime_get_ts64+0x86/0x230 [ 15.268416] kunit_try_run_case+0x1a5/0x480 [ 15.268440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.268463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.268497] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.268520] ? __kthread_parkme+0x82/0x180 [ 15.268541] ? preempt_count_sub+0x50/0x80 [ 15.268564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.268589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.268612] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.268635] kthread+0x337/0x6f0 [ 15.268656] ? trace_preempt_on+0x20/0xc0 [ 15.268678] ? __pfx_kthread+0x10/0x10 [ 15.268699] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.268721] ? calculate_sigpending+0x7b/0xa0 [ 15.268744] ? __pfx_kthread+0x10/0x10 [ 15.268801] ret_from_fork+0x116/0x1d0 [ 15.268821] ? __pfx_kthread+0x10/0x10 [ 15.268842] ret_from_fork_asm+0x1a/0x30 [ 15.268872] </TASK> [ 15.268882] [ 15.277391] Allocated by task 279: [ 15.277624] kasan_save_stack+0x45/0x70 [ 15.277775] kasan_save_track+0x18/0x40 [ 15.277970] kasan_save_alloc_info+0x3b/0x50 [ 15.278191] __kasan_kmalloc+0xb7/0xc0 [ 15.278348] __kmalloc_cache_noprof+0x189/0x420 [ 15.278624] kasan_bitops_generic+0x92/0x1c0 [ 15.278881] kunit_try_run_case+0x1a5/0x480 [ 15.279100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.279314] kthread+0x337/0x6f0 [ 15.279436] ret_from_fork+0x116/0x1d0 [ 15.279580] ret_from_fork_asm+0x1a/0x30 [ 15.279738] [ 15.279890] The buggy address belongs to the object at ffff888102641aa0 [ 15.279890] which belongs to the cache kmalloc-16 of size 16 [ 15.281952] The buggy address is located 8 bytes inside of [ 15.281952] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.282666] [ 15.282782] The buggy address belongs to the physical page: [ 15.283197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.283544] flags: 0x200000000000000(node=0|zone=2) [ 15.284038] page_type: f5(slab) [ 15.284216] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.284638] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.285246] page dumped because: kasan: bad access detected [ 15.285615] [ 15.285866] Memory state around the buggy address: [ 15.286184] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.286578] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.287096] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.287579] ^ [ 15.287967] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.288438] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.288880] ================================================================== [ 15.336942] ================================================================== [ 15.337402] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.337796] Read of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.338146] [ 15.338265] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.338311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.338322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.338347] Call Trace: [ 15.338364] <TASK> [ 15.338379] dump_stack_lvl+0x73/0xb0 [ 15.338411] print_report+0xd1/0x610 [ 15.338434] ? __virt_addr_valid+0x1db/0x2d0 [ 15.338458] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.338501] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.338524] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.338552] kasan_report+0x141/0x180 [ 15.338574] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.338608] __asan_report_load8_noabort+0x18/0x20 [ 15.338633] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.338661] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.338690] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.338715] ? trace_hardirqs_on+0x37/0xe0 [ 15.338737] ? kasan_bitops_generic+0x92/0x1c0 [ 15.338765] kasan_bitops_generic+0x121/0x1c0 [ 15.338796] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.338823] ? __pfx_read_tsc+0x10/0x10 [ 15.338845] ? ktime_get_ts64+0x86/0x230 [ 15.338869] kunit_try_run_case+0x1a5/0x480 [ 15.338894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.338917] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.338941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.338967] ? __kthread_parkme+0x82/0x180 [ 15.338988] ? preempt_count_sub+0x50/0x80 [ 15.339012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.339037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.339061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.339085] kthread+0x337/0x6f0 [ 15.339105] ? trace_preempt_on+0x20/0xc0 [ 15.339128] ? __pfx_kthread+0x10/0x10 [ 15.339149] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.339172] ? calculate_sigpending+0x7b/0xa0 [ 15.339196] ? __pfx_kthread+0x10/0x10 [ 15.339218] ret_from_fork+0x116/0x1d0 [ 15.339237] ? __pfx_kthread+0x10/0x10 [ 15.339259] ret_from_fork_asm+0x1a/0x30 [ 15.339290] </TASK> [ 15.339300] [ 15.347277] Allocated by task 279: [ 15.347454] kasan_save_stack+0x45/0x70 [ 15.347631] kasan_save_track+0x18/0x40 [ 15.347866] kasan_save_alloc_info+0x3b/0x50 [ 15.348045] __kasan_kmalloc+0xb7/0xc0 [ 15.348198] __kmalloc_cache_noprof+0x189/0x420 [ 15.348415] kasan_bitops_generic+0x92/0x1c0 [ 15.348630] kunit_try_run_case+0x1a5/0x480 [ 15.348877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.349091] kthread+0x337/0x6f0 [ 15.349241] ret_from_fork+0x116/0x1d0 [ 15.349378] ret_from_fork_asm+0x1a/0x30 [ 15.349533] [ 15.349607] The buggy address belongs to the object at ffff888102641aa0 [ 15.349607] which belongs to the cache kmalloc-16 of size 16 [ 15.349964] The buggy address is located 8 bytes inside of [ 15.349964] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.350326] [ 15.350401] The buggy address belongs to the physical page: [ 15.350742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.351536] flags: 0x200000000000000(node=0|zone=2) [ 15.351788] page_type: f5(slab) [ 15.351961] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.352311] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.352666] page dumped because: kasan: bad access detected [ 15.353097] [ 15.353170] Memory state around the buggy address: [ 15.353329] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.353558] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.353791] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.354132] ^ [ 15.354356] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.354703] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.355377] ================================================================== [ 15.246271] ================================================================== [ 15.246711] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.247146] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.247484] [ 15.247604] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.247651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.247663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.247685] Call Trace: [ 15.247702] <TASK> [ 15.247718] dump_stack_lvl+0x73/0xb0 [ 15.247747] print_report+0xd1/0x610 [ 15.247778] ? __virt_addr_valid+0x1db/0x2d0 [ 15.247802] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.247830] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.247853] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.247881] kasan_report+0x141/0x180 [ 15.247903] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.247936] kasan_check_range+0x10c/0x1c0 [ 15.247959] __kasan_check_write+0x18/0x20 [ 15.247979] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.248007] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.248036] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.248062] ? trace_hardirqs_on+0x37/0xe0 [ 15.248084] ? kasan_bitops_generic+0x92/0x1c0 [ 15.248112] kasan_bitops_generic+0x121/0x1c0 [ 15.248135] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.248161] ? __pfx_read_tsc+0x10/0x10 [ 15.248182] ? ktime_get_ts64+0x86/0x230 [ 15.248206] kunit_try_run_case+0x1a5/0x480 [ 15.248230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.248254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.248279] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.248303] ? __kthread_parkme+0x82/0x180 [ 15.248323] ? preempt_count_sub+0x50/0x80 [ 15.248347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.248372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.248395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.248419] kthread+0x337/0x6f0 [ 15.248438] ? trace_preempt_on+0x20/0xc0 [ 15.248461] ? __pfx_kthread+0x10/0x10 [ 15.248534] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.248556] ? calculate_sigpending+0x7b/0xa0 [ 15.248580] ? __pfx_kthread+0x10/0x10 [ 15.248603] ret_from_fork+0x116/0x1d0 [ 15.248622] ? __pfx_kthread+0x10/0x10 [ 15.248644] ret_from_fork_asm+0x1a/0x30 [ 15.248676] </TASK> [ 15.248686] [ 15.257492] Allocated by task 279: [ 15.257682] kasan_save_stack+0x45/0x70 [ 15.257943] kasan_save_track+0x18/0x40 [ 15.258122] kasan_save_alloc_info+0x3b/0x50 [ 15.258362] __kasan_kmalloc+0xb7/0xc0 [ 15.258555] __kmalloc_cache_noprof+0x189/0x420 [ 15.258814] kasan_bitops_generic+0x92/0x1c0 [ 15.259050] kunit_try_run_case+0x1a5/0x480 [ 15.259242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.259514] kthread+0x337/0x6f0 [ 15.259691] ret_from_fork+0x116/0x1d0 [ 15.259910] ret_from_fork_asm+0x1a/0x30 [ 15.260116] [ 15.260214] The buggy address belongs to the object at ffff888102641aa0 [ 15.260214] which belongs to the cache kmalloc-16 of size 16 [ 15.260716] The buggy address is located 8 bytes inside of [ 15.260716] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.261329] [ 15.261448] The buggy address belongs to the physical page: [ 15.261743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.262149] flags: 0x200000000000000(node=0|zone=2) [ 15.262393] page_type: f5(slab) [ 15.262577] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.262962] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.263312] page dumped because: kasan: bad access detected [ 15.263584] [ 15.263681] Memory state around the buggy address: [ 15.263938] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.264270] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.264520] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.264820] ^ [ 15.265064] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.265392] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.265746] ================================================================== [ 15.289703] ================================================================== [ 15.290010] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.290372] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.291305] [ 15.291408] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.291652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.291665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.291690] Call Trace: [ 15.291706] <TASK> [ 15.291721] dump_stack_lvl+0x73/0xb0 [ 15.291755] print_report+0xd1/0x610 [ 15.291788] ? __virt_addr_valid+0x1db/0x2d0 [ 15.291812] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.291840] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.291862] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.291890] kasan_report+0x141/0x180 [ 15.291913] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.291946] kasan_check_range+0x10c/0x1c0 [ 15.291970] __kasan_check_write+0x18/0x20 [ 15.291989] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.292016] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.292045] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.292069] ? trace_hardirqs_on+0x37/0xe0 [ 15.292092] ? kasan_bitops_generic+0x92/0x1c0 [ 15.292120] kasan_bitops_generic+0x121/0x1c0 [ 15.292143] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.292168] ? __pfx_read_tsc+0x10/0x10 [ 15.292191] ? ktime_get_ts64+0x86/0x230 [ 15.292215] kunit_try_run_case+0x1a5/0x480 [ 15.292241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.292264] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.292288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.292312] ? __kthread_parkme+0x82/0x180 [ 15.292334] ? preempt_count_sub+0x50/0x80 [ 15.292357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.292382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.292405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.292429] kthread+0x337/0x6f0 [ 15.292449] ? trace_preempt_on+0x20/0xc0 [ 15.292484] ? __pfx_kthread+0x10/0x10 [ 15.292506] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.292528] ? calculate_sigpending+0x7b/0xa0 [ 15.292552] ? __pfx_kthread+0x10/0x10 [ 15.292574] ret_from_fork+0x116/0x1d0 [ 15.292594] ? __pfx_kthread+0x10/0x10 [ 15.292615] ret_from_fork_asm+0x1a/0x30 [ 15.292646] </TASK> [ 15.292656] [ 15.305350] Allocated by task 279: [ 15.305585] kasan_save_stack+0x45/0x70 [ 15.305973] kasan_save_track+0x18/0x40 [ 15.306282] kasan_save_alloc_info+0x3b/0x50 [ 15.306623] __kasan_kmalloc+0xb7/0xc0 [ 15.307027] __kmalloc_cache_noprof+0x189/0x420 [ 15.307346] kasan_bitops_generic+0x92/0x1c0 [ 15.307566] kunit_try_run_case+0x1a5/0x480 [ 15.307766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.308263] kthread+0x337/0x6f0 [ 15.308519] ret_from_fork+0x116/0x1d0 [ 15.308854] ret_from_fork_asm+0x1a/0x30 [ 15.309077] [ 15.309183] The buggy address belongs to the object at ffff888102641aa0 [ 15.309183] which belongs to the cache kmalloc-16 of size 16 [ 15.310094] The buggy address is located 8 bytes inside of [ 15.310094] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.310729] [ 15.310834] The buggy address belongs to the physical page: [ 15.311168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.311509] flags: 0x200000000000000(node=0|zone=2) [ 15.311758] page_type: f5(slab) [ 15.312191] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.312601] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.313161] page dumped because: kasan: bad access detected [ 15.313536] [ 15.313649] Memory state around the buggy address: [ 15.314056] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.314487] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.314986] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.315410] ^ [ 15.315735] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.316246] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.316684] ================================================================== [ 15.226631] ================================================================== [ 15.227072] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.227522] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.227865] [ 15.227974] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.228018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.228029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.228049] Call Trace: [ 15.228065] <TASK> [ 15.228080] dump_stack_lvl+0x73/0xb0 [ 15.228110] print_report+0xd1/0x610 [ 15.228132] ? __virt_addr_valid+0x1db/0x2d0 [ 15.228156] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.228183] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.228205] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.228233] kasan_report+0x141/0x180 [ 15.228256] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.228309] kasan_check_range+0x10c/0x1c0 [ 15.228333] __kasan_check_write+0x18/0x20 [ 15.228352] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.228397] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.228426] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.228450] ? trace_hardirqs_on+0x37/0xe0 [ 15.228496] ? kasan_bitops_generic+0x92/0x1c0 [ 15.228524] kasan_bitops_generic+0x121/0x1c0 [ 15.228547] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.228572] ? __pfx_read_tsc+0x10/0x10 [ 15.228594] ? ktime_get_ts64+0x86/0x230 [ 15.228617] kunit_try_run_case+0x1a5/0x480 [ 15.228641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.228680] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.228705] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.228729] ? __kthread_parkme+0x82/0x180 [ 15.228749] ? preempt_count_sub+0x50/0x80 [ 15.228808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.228845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.228883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.228920] kthread+0x337/0x6f0 [ 15.228941] ? trace_preempt_on+0x20/0xc0 [ 15.228963] ? __pfx_kthread+0x10/0x10 [ 15.228983] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.229005] ? calculate_sigpending+0x7b/0xa0 [ 15.229028] ? __pfx_kthread+0x10/0x10 [ 15.229050] ret_from_fork+0x116/0x1d0 [ 15.229068] ? __pfx_kthread+0x10/0x10 [ 15.229089] ret_from_fork_asm+0x1a/0x30 [ 15.229119] </TASK> [ 15.229129] [ 15.237567] Allocated by task 279: [ 15.237806] kasan_save_stack+0x45/0x70 [ 15.238056] kasan_save_track+0x18/0x40 [ 15.238259] kasan_save_alloc_info+0x3b/0x50 [ 15.238489] __kasan_kmalloc+0xb7/0xc0 [ 15.238684] __kmalloc_cache_noprof+0x189/0x420 [ 15.238945] kasan_bitops_generic+0x92/0x1c0 [ 15.239164] kunit_try_run_case+0x1a5/0x480 [ 15.239367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.239621] kthread+0x337/0x6f0 [ 15.239829] ret_from_fork+0x116/0x1d0 [ 15.240034] ret_from_fork_asm+0x1a/0x30 [ 15.240221] [ 15.240319] The buggy address belongs to the object at ffff888102641aa0 [ 15.240319] which belongs to the cache kmalloc-16 of size 16 [ 15.240885] The buggy address is located 8 bytes inside of [ 15.240885] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.241380] [ 15.241496] The buggy address belongs to the physical page: [ 15.241737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.242124] flags: 0x200000000000000(node=0|zone=2) [ 15.242364] page_type: f5(slab) [ 15.242519] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.242796] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.243180] page dumped because: kasan: bad access detected [ 15.243452] [ 15.243558] Memory state around the buggy address: [ 15.243821] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.244152] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.244423] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.244656] ^ [ 15.244838] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.245164] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.245528] ================================================================== [ 15.205602] ================================================================== [ 15.206219] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.206756] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.207282] [ 15.207400] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.207447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.207606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.207630] Call Trace: [ 15.207642] <TASK> [ 15.207658] dump_stack_lvl+0x73/0xb0 [ 15.207691] print_report+0xd1/0x610 [ 15.207714] ? __virt_addr_valid+0x1db/0x2d0 [ 15.207737] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.207790] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.207813] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.207840] kasan_report+0x141/0x180 [ 15.207862] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.207894] kasan_check_range+0x10c/0x1c0 [ 15.207918] __kasan_check_write+0x18/0x20 [ 15.207937] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.207964] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.207992] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.208016] ? trace_hardirqs_on+0x37/0xe0 [ 15.208038] ? kasan_bitops_generic+0x92/0x1c0 [ 15.208065] kasan_bitops_generic+0x121/0x1c0 [ 15.208088] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.208113] ? __pfx_read_tsc+0x10/0x10 [ 15.208135] ? ktime_get_ts64+0x86/0x230 [ 15.208159] kunit_try_run_case+0x1a5/0x480 [ 15.208184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.208206] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.208230] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.208254] ? __kthread_parkme+0x82/0x180 [ 15.208275] ? preempt_count_sub+0x50/0x80 [ 15.208298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.208322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.208345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.208369] kthread+0x337/0x6f0 [ 15.208389] ? trace_preempt_on+0x20/0xc0 [ 15.208411] ? __pfx_kthread+0x10/0x10 [ 15.208432] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.208453] ? calculate_sigpending+0x7b/0xa0 [ 15.208486] ? __pfx_kthread+0x10/0x10 [ 15.208508] ret_from_fork+0x116/0x1d0 [ 15.208526] ? __pfx_kthread+0x10/0x10 [ 15.208547] ret_from_fork_asm+0x1a/0x30 [ 15.208578] </TASK> [ 15.208587] [ 15.217868] Allocated by task 279: [ 15.218056] kasan_save_stack+0x45/0x70 [ 15.218223] kasan_save_track+0x18/0x40 [ 15.218369] kasan_save_alloc_info+0x3b/0x50 [ 15.218599] __kasan_kmalloc+0xb7/0xc0 [ 15.218840] __kmalloc_cache_noprof+0x189/0x420 [ 15.219103] kasan_bitops_generic+0x92/0x1c0 [ 15.219324] kunit_try_run_case+0x1a5/0x480 [ 15.219488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.219789] kthread+0x337/0x6f0 [ 15.219985] ret_from_fork+0x116/0x1d0 [ 15.220193] ret_from_fork_asm+0x1a/0x30 [ 15.220386] [ 15.220508] The buggy address belongs to the object at ffff888102641aa0 [ 15.220508] which belongs to the cache kmalloc-16 of size 16 [ 15.221009] The buggy address is located 8 bytes inside of [ 15.221009] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.221540] [ 15.221670] The buggy address belongs to the physical page: [ 15.221966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.222369] flags: 0x200000000000000(node=0|zone=2) [ 15.222628] page_type: f5(slab) [ 15.222831] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.223174] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.223530] page dumped because: kasan: bad access detected [ 15.223817] [ 15.223912] Memory state around the buggy address: [ 15.224138] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.224443] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.224798] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.225121] ^ [ 15.225339] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.225641] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.225888] ================================================================== [ 15.155459] ================================================================== [ 15.155774] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.156644] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.156950] [ 15.157061] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.157107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.157118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.157141] Call Trace: [ 15.157158] <TASK> [ 15.157173] dump_stack_lvl+0x73/0xb0 [ 15.157205] print_report+0xd1/0x610 [ 15.157228] ? __virt_addr_valid+0x1db/0x2d0 [ 15.157251] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.157279] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.157302] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.157329] kasan_report+0x141/0x180 [ 15.157351] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.157383] kasan_check_range+0x10c/0x1c0 [ 15.157406] __kasan_check_write+0x18/0x20 [ 15.157426] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.157453] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.157493] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.157584] ? trace_hardirqs_on+0x37/0xe0 [ 15.157606] ? kasan_bitops_generic+0x92/0x1c0 [ 15.157634] kasan_bitops_generic+0x121/0x1c0 [ 15.157657] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.157682] ? __pfx_read_tsc+0x10/0x10 [ 15.157704] ? ktime_get_ts64+0x86/0x230 [ 15.157728] kunit_try_run_case+0x1a5/0x480 [ 15.157752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.157775] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.157799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.157822] ? __kthread_parkme+0x82/0x180 [ 15.157843] ? preempt_count_sub+0x50/0x80 [ 15.157866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.157891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.157914] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.157938] kthread+0x337/0x6f0 [ 15.157957] ? trace_preempt_on+0x20/0xc0 [ 15.157979] ? __pfx_kthread+0x10/0x10 [ 15.158000] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.158021] ? calculate_sigpending+0x7b/0xa0 [ 15.158045] ? __pfx_kthread+0x10/0x10 [ 15.158066] ret_from_fork+0x116/0x1d0 [ 15.158085] ? __pfx_kthread+0x10/0x10 [ 15.158112] ret_from_fork_asm+0x1a/0x30 [ 15.158143] </TASK> [ 15.158152] [ 15.166515] Allocated by task 279: [ 15.166702] kasan_save_stack+0x45/0x70 [ 15.166906] kasan_save_track+0x18/0x40 [ 15.167102] kasan_save_alloc_info+0x3b/0x50 [ 15.167502] __kasan_kmalloc+0xb7/0xc0 [ 15.167696] __kmalloc_cache_noprof+0x189/0x420 [ 15.168124] kasan_bitops_generic+0x92/0x1c0 [ 15.168344] kunit_try_run_case+0x1a5/0x480 [ 15.168567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.168879] kthread+0x337/0x6f0 [ 15.169051] ret_from_fork+0x116/0x1d0 [ 15.169244] ret_from_fork_asm+0x1a/0x30 [ 15.169447] [ 15.169553] The buggy address belongs to the object at ffff888102641aa0 [ 15.169553] which belongs to the cache kmalloc-16 of size 16 [ 15.170098] The buggy address is located 8 bytes inside of [ 15.170098] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.170592] [ 15.170675] The buggy address belongs to the physical page: [ 15.171071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.171435] flags: 0x200000000000000(node=0|zone=2) [ 15.171671] page_type: f5(slab) [ 15.171850] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.172137] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.172377] page dumped because: kasan: bad access detected [ 15.172611] [ 15.172710] Memory state around the buggy address: [ 15.173023] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.173374] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.173614] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.173838] ^ [ 15.174000] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.174344] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.174697] ================================================================== [ 15.317522] ================================================================== [ 15.318226] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.318638] Read of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.319330] [ 15.319671] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.319726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.319738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.319761] Call Trace: [ 15.319782] <TASK> [ 15.319799] dump_stack_lvl+0x73/0xb0 [ 15.319832] print_report+0xd1/0x610 [ 15.319856] ? __virt_addr_valid+0x1db/0x2d0 [ 15.319879] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.319907] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.319931] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.319960] kasan_report+0x141/0x180 [ 15.319983] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.320016] kasan_check_range+0x10c/0x1c0 [ 15.320040] __kasan_check_read+0x15/0x20 [ 15.320059] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.320088] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.320117] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.320141] ? trace_hardirqs_on+0x37/0xe0 [ 15.320164] ? kasan_bitops_generic+0x92/0x1c0 [ 15.320191] kasan_bitops_generic+0x121/0x1c0 [ 15.320215] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.320241] ? __pfx_read_tsc+0x10/0x10 [ 15.320262] ? ktime_get_ts64+0x86/0x230 [ 15.320286] kunit_try_run_case+0x1a5/0x480 [ 15.320311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.320333] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.320359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.320382] ? __kthread_parkme+0x82/0x180 [ 15.320403] ? preempt_count_sub+0x50/0x80 [ 15.320427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.320451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.320490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.320516] kthread+0x337/0x6f0 [ 15.320536] ? trace_preempt_on+0x20/0xc0 [ 15.320558] ? __pfx_kthread+0x10/0x10 [ 15.320578] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.320600] ? calculate_sigpending+0x7b/0xa0 [ 15.320625] ? __pfx_kthread+0x10/0x10 [ 15.320647] ret_from_fork+0x116/0x1d0 [ 15.320668] ? __pfx_kthread+0x10/0x10 [ 15.320689] ret_from_fork_asm+0x1a/0x30 [ 15.320721] </TASK> [ 15.320731] [ 15.328760] Allocated by task 279: [ 15.328934] kasan_save_stack+0x45/0x70 [ 15.329130] kasan_save_track+0x18/0x40 [ 15.329301] kasan_save_alloc_info+0x3b/0x50 [ 15.329504] __kasan_kmalloc+0xb7/0xc0 [ 15.329672] __kmalloc_cache_noprof+0x189/0x420 [ 15.329945] kasan_bitops_generic+0x92/0x1c0 [ 15.330151] kunit_try_run_case+0x1a5/0x480 [ 15.330343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.330566] kthread+0x337/0x6f0 [ 15.330705] ret_from_fork+0x116/0x1d0 [ 15.330908] ret_from_fork_asm+0x1a/0x30 [ 15.331116] [ 15.331217] The buggy address belongs to the object at ffff888102641aa0 [ 15.331217] which belongs to the cache kmalloc-16 of size 16 [ 15.331596] The buggy address is located 8 bytes inside of [ 15.331596] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.331954] [ 15.332029] The buggy address belongs to the physical page: [ 15.332207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.332564] flags: 0x200000000000000(node=0|zone=2) [ 15.332975] page_type: f5(slab) [ 15.333149] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.333508] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.333959] page dumped because: kasan: bad access detected [ 15.334187] [ 15.334260] Memory state around the buggy address: [ 15.334420] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.334651] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.334871] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.335202] ^ [ 15.335429] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335769] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.336158] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.992890] ================================================================== [ 14.994146] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.995054] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 14.995903] [ 14.996091] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.996141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.996153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.996176] Call Trace: [ 14.996189] <TASK> [ 14.996208] dump_stack_lvl+0x73/0xb0 [ 14.996241] print_report+0xd1/0x610 [ 14.996265] ? __virt_addr_valid+0x1db/0x2d0 [ 14.996289] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.996315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.996338] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.996364] kasan_report+0x141/0x180 [ 14.996386] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.996418] kasan_check_range+0x10c/0x1c0 [ 14.996441] __kasan_check_write+0x18/0x20 [ 14.996460] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.996519] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.996545] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.996570] ? trace_hardirqs_on+0x37/0xe0 [ 14.996593] ? kasan_bitops_generic+0x92/0x1c0 [ 14.996620] kasan_bitops_generic+0x116/0x1c0 [ 14.996643] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.996669] ? __pfx_read_tsc+0x10/0x10 [ 14.996690] ? ktime_get_ts64+0x86/0x230 [ 14.996715] kunit_try_run_case+0x1a5/0x480 [ 14.996740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.996770] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.996795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.996818] ? __kthread_parkme+0x82/0x180 [ 14.996839] ? preempt_count_sub+0x50/0x80 [ 14.996863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.996887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.996910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.996934] kthread+0x337/0x6f0 [ 14.996953] ? trace_preempt_on+0x20/0xc0 [ 14.996975] ? __pfx_kthread+0x10/0x10 [ 14.996995] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.997016] ? calculate_sigpending+0x7b/0xa0 [ 14.997039] ? __pfx_kthread+0x10/0x10 [ 14.997061] ret_from_fork+0x116/0x1d0 [ 14.997079] ? __pfx_kthread+0x10/0x10 [ 14.997100] ret_from_fork_asm+0x1a/0x30 [ 14.997130] </TASK> [ 14.997142] [ 15.009961] Allocated by task 279: [ 15.010376] kasan_save_stack+0x45/0x70 [ 15.010771] kasan_save_track+0x18/0x40 [ 15.011155] kasan_save_alloc_info+0x3b/0x50 [ 15.011501] __kasan_kmalloc+0xb7/0xc0 [ 15.011635] __kmalloc_cache_noprof+0x189/0x420 [ 15.011829] kasan_bitops_generic+0x92/0x1c0 [ 15.012207] kunit_try_run_case+0x1a5/0x480 [ 15.012596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.013224] kthread+0x337/0x6f0 [ 15.013552] ret_from_fork+0x116/0x1d0 [ 15.013957] ret_from_fork_asm+0x1a/0x30 [ 15.014264] [ 15.014337] The buggy address belongs to the object at ffff888102641aa0 [ 15.014337] which belongs to the cache kmalloc-16 of size 16 [ 15.014708] The buggy address is located 8 bytes inside of [ 15.014708] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.015194] [ 15.015357] The buggy address belongs to the physical page: [ 15.015856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.016555] flags: 0x200000000000000(node=0|zone=2) [ 15.017011] page_type: f5(slab) [ 15.017312] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.018030] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.018310] page dumped because: kasan: bad access detected [ 15.018490] [ 15.018562] Memory state around the buggy address: [ 15.018717] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.018983] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.019266] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.019684] ^ [ 15.019867] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.020197] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.020564] ================================================================== [ 15.021236] ================================================================== [ 15.021656] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.022067] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.022348] [ 15.022436] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.022492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.022503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.022526] Call Trace: [ 15.022542] <TASK> [ 15.022557] dump_stack_lvl+0x73/0xb0 [ 15.022588] print_report+0xd1/0x610 [ 15.022611] ? __virt_addr_valid+0x1db/0x2d0 [ 15.022634] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.022660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.022682] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.022709] kasan_report+0x141/0x180 [ 15.022730] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.022761] kasan_check_range+0x10c/0x1c0 [ 15.022785] __kasan_check_write+0x18/0x20 [ 15.022804] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.022829] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.022856] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.022880] ? trace_hardirqs_on+0x37/0xe0 [ 15.022902] ? kasan_bitops_generic+0x92/0x1c0 [ 15.022930] kasan_bitops_generic+0x116/0x1c0 [ 15.022954] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.022979] ? __pfx_read_tsc+0x10/0x10 [ 15.023000] ? ktime_get_ts64+0x86/0x230 [ 15.023024] kunit_try_run_case+0x1a5/0x480 [ 15.023049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.023071] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.023095] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.023120] ? __kthread_parkme+0x82/0x180 [ 15.023140] ? preempt_count_sub+0x50/0x80 [ 15.023164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.023188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.023225] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.023249] kthread+0x337/0x6f0 [ 15.023269] ? trace_preempt_on+0x20/0xc0 [ 15.023292] ? __pfx_kthread+0x10/0x10 [ 15.023312] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.023334] ? calculate_sigpending+0x7b/0xa0 [ 15.023359] ? __pfx_kthread+0x10/0x10 [ 15.023380] ret_from_fork+0x116/0x1d0 [ 15.023400] ? __pfx_kthread+0x10/0x10 [ 15.023421] ret_from_fork_asm+0x1a/0x30 [ 15.023452] </TASK> [ 15.023463] [ 15.031043] Allocated by task 279: [ 15.031262] kasan_save_stack+0x45/0x70 [ 15.031478] kasan_save_track+0x18/0x40 [ 15.031674] kasan_save_alloc_info+0x3b/0x50 [ 15.032001] __kasan_kmalloc+0xb7/0xc0 [ 15.032214] __kmalloc_cache_noprof+0x189/0x420 [ 15.032381] kasan_bitops_generic+0x92/0x1c0 [ 15.032546] kunit_try_run_case+0x1a5/0x480 [ 15.032697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.033107] kthread+0x337/0x6f0 [ 15.033282] ret_from_fork+0x116/0x1d0 [ 15.033488] ret_from_fork_asm+0x1a/0x30 [ 15.033690] [ 15.033793] The buggy address belongs to the object at ffff888102641aa0 [ 15.033793] which belongs to the cache kmalloc-16 of size 16 [ 15.034297] The buggy address is located 8 bytes inside of [ 15.034297] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.034806] [ 15.034904] The buggy address belongs to the physical page: [ 15.035115] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.035452] flags: 0x200000000000000(node=0|zone=2) [ 15.035681] page_type: f5(slab) [ 15.035865] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.036168] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.036489] page dumped because: kasan: bad access detected [ 15.036675] [ 15.036747] Memory state around the buggy address: [ 15.037201] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.037490] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.037750] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.038063] ^ [ 15.038265] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.038526] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.038770] ================================================================== [ 15.078607] ================================================================== [ 15.078950] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.079321] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.079621] [ 15.079742] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.079789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.079801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.079823] Call Trace: [ 15.079842] <TASK> [ 15.079857] dump_stack_lvl+0x73/0xb0 [ 15.079888] print_report+0xd1/0x610 [ 15.079912] ? __virt_addr_valid+0x1db/0x2d0 [ 15.079936] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.079962] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.079985] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.080011] kasan_report+0x141/0x180 [ 15.080034] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.080065] kasan_check_range+0x10c/0x1c0 [ 15.080088] __kasan_check_write+0x18/0x20 [ 15.080108] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.080134] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.080161] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.080185] ? trace_hardirqs_on+0x37/0xe0 [ 15.080209] ? kasan_bitops_generic+0x92/0x1c0 [ 15.080236] kasan_bitops_generic+0x116/0x1c0 [ 15.080260] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.080286] ? __pfx_read_tsc+0x10/0x10 [ 15.080308] ? ktime_get_ts64+0x86/0x230 [ 15.080333] kunit_try_run_case+0x1a5/0x480 [ 15.080359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.080383] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.080408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.080432] ? __kthread_parkme+0x82/0x180 [ 15.080453] ? preempt_count_sub+0x50/0x80 [ 15.080488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.080513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.080538] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.080562] kthread+0x337/0x6f0 [ 15.080581] ? trace_preempt_on+0x20/0xc0 [ 15.080603] ? __pfx_kthread+0x10/0x10 [ 15.080624] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.080646] ? calculate_sigpending+0x7b/0xa0 [ 15.080671] ? __pfx_kthread+0x10/0x10 [ 15.080693] ret_from_fork+0x116/0x1d0 [ 15.080711] ? __pfx_kthread+0x10/0x10 [ 15.080732] ret_from_fork_asm+0x1a/0x30 [ 15.080763] </TASK> [ 15.080773] [ 15.089117] Allocated by task 279: [ 15.089310] kasan_save_stack+0x45/0x70 [ 15.089497] kasan_save_track+0x18/0x40 [ 15.089693] kasan_save_alloc_info+0x3b/0x50 [ 15.089848] __kasan_kmalloc+0xb7/0xc0 [ 15.089985] __kmalloc_cache_noprof+0x189/0x420 [ 15.090157] kasan_bitops_generic+0x92/0x1c0 [ 15.090312] kunit_try_run_case+0x1a5/0x480 [ 15.090542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.090801] kthread+0x337/0x6f0 [ 15.090974] ret_from_fork+0x116/0x1d0 [ 15.091167] ret_from_fork_asm+0x1a/0x30 [ 15.091519] [ 15.091617] The buggy address belongs to the object at ffff888102641aa0 [ 15.091617] which belongs to the cache kmalloc-16 of size 16 [ 15.092131] The buggy address is located 8 bytes inside of [ 15.092131] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.092618] [ 15.092716] The buggy address belongs to the physical page: [ 15.093078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.093369] flags: 0x200000000000000(node=0|zone=2) [ 15.093598] page_type: f5(slab) [ 15.093756] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.094077] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.094389] page dumped because: kasan: bad access detected [ 15.094614] [ 15.094701] Memory state around the buggy address: [ 15.095003] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.095319] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.095624] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.095940] ^ [ 15.096116] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.096421] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.096732] ================================================================== [ 15.116780] ================================================================== [ 15.117456] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.117751] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.118120] [ 15.118236] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.118282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.118293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.118315] Call Trace: [ 15.118333] <TASK> [ 15.118348] dump_stack_lvl+0x73/0xb0 [ 15.118379] print_report+0xd1/0x610 [ 15.118403] ? __virt_addr_valid+0x1db/0x2d0 [ 15.118427] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.118453] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.118488] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.118514] kasan_report+0x141/0x180 [ 15.118537] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.118567] kasan_check_range+0x10c/0x1c0 [ 15.118590] __kasan_check_write+0x18/0x20 [ 15.118610] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.118636] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.118662] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.118687] ? trace_hardirqs_on+0x37/0xe0 [ 15.118709] ? kasan_bitops_generic+0x92/0x1c0 [ 15.118737] kasan_bitops_generic+0x116/0x1c0 [ 15.118760] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.118798] ? __pfx_read_tsc+0x10/0x10 [ 15.118820] ? ktime_get_ts64+0x86/0x230 [ 15.118845] kunit_try_run_case+0x1a5/0x480 [ 15.118869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.118892] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.118918] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.118941] ? __kthread_parkme+0x82/0x180 [ 15.118962] ? preempt_count_sub+0x50/0x80 [ 15.118987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.119011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.119035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.119058] kthread+0x337/0x6f0 [ 15.119077] ? trace_preempt_on+0x20/0xc0 [ 15.119100] ? __pfx_kthread+0x10/0x10 [ 15.119122] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.119143] ? calculate_sigpending+0x7b/0xa0 [ 15.119167] ? __pfx_kthread+0x10/0x10 [ 15.119188] ret_from_fork+0x116/0x1d0 [ 15.119207] ? __pfx_kthread+0x10/0x10 [ 15.119227] ret_from_fork_asm+0x1a/0x30 [ 15.119259] </TASK> [ 15.119269] [ 15.127437] Allocated by task 279: [ 15.127578] kasan_save_stack+0x45/0x70 [ 15.127756] kasan_save_track+0x18/0x40 [ 15.127962] kasan_save_alloc_info+0x3b/0x50 [ 15.128179] __kasan_kmalloc+0xb7/0xc0 [ 15.128372] __kmalloc_cache_noprof+0x189/0x420 [ 15.128608] kasan_bitops_generic+0x92/0x1c0 [ 15.128888] kunit_try_run_case+0x1a5/0x480 [ 15.129085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.129309] kthread+0x337/0x6f0 [ 15.129480] ret_from_fork+0x116/0x1d0 [ 15.129639] ret_from_fork_asm+0x1a/0x30 [ 15.129848] [ 15.129921] The buggy address belongs to the object at ffff888102641aa0 [ 15.129921] which belongs to the cache kmalloc-16 of size 16 [ 15.130423] The buggy address is located 8 bytes inside of [ 15.130423] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.130936] [ 15.131011] The buggy address belongs to the physical page: [ 15.131192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.131439] flags: 0x200000000000000(node=0|zone=2) [ 15.131691] page_type: f5(slab) [ 15.131860] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.132210] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.132450] page dumped because: kasan: bad access detected [ 15.132636] [ 15.132708] Memory state around the buggy address: [ 15.132999] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.133326] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.133663] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.134262] ^ [ 15.134458] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.134772] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.135047] ================================================================== [ 15.058622] ================================================================== [ 15.059669] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.060132] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.060441] [ 15.060571] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.060617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.060630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.060651] Call Trace: [ 15.060662] <TASK> [ 15.060677] dump_stack_lvl+0x73/0xb0 [ 15.060707] print_report+0xd1/0x610 [ 15.060730] ? __virt_addr_valid+0x1db/0x2d0 [ 15.060753] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.060779] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.060810] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.060835] kasan_report+0x141/0x180 [ 15.060857] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.060887] kasan_check_range+0x10c/0x1c0 [ 15.060911] __kasan_check_write+0x18/0x20 [ 15.060930] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.060956] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.060982] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.061006] ? trace_hardirqs_on+0x37/0xe0 [ 15.061030] ? kasan_bitops_generic+0x92/0x1c0 [ 15.061057] kasan_bitops_generic+0x116/0x1c0 [ 15.061081] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.061105] ? __pfx_read_tsc+0x10/0x10 [ 15.061127] ? ktime_get_ts64+0x86/0x230 [ 15.061152] kunit_try_run_case+0x1a5/0x480 [ 15.061176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.061199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.061223] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.061246] ? __kthread_parkme+0x82/0x180 [ 15.061267] ? preempt_count_sub+0x50/0x80 [ 15.061291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.061316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.061339] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.061363] kthread+0x337/0x6f0 [ 15.061382] ? trace_preempt_on+0x20/0xc0 [ 15.061404] ? __pfx_kthread+0x10/0x10 [ 15.061425] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.061446] ? calculate_sigpending+0x7b/0xa0 [ 15.061482] ? __pfx_kthread+0x10/0x10 [ 15.061504] ret_from_fork+0x116/0x1d0 [ 15.061523] ? __pfx_kthread+0x10/0x10 [ 15.061544] ret_from_fork_asm+0x1a/0x30 [ 15.061575] </TASK> [ 15.061586] [ 15.069853] Allocated by task 279: [ 15.069987] kasan_save_stack+0x45/0x70 [ 15.070152] kasan_save_track+0x18/0x40 [ 15.070350] kasan_save_alloc_info+0x3b/0x50 [ 15.070581] __kasan_kmalloc+0xb7/0xc0 [ 15.070775] __kmalloc_cache_noprof+0x189/0x420 [ 15.071102] kasan_bitops_generic+0x92/0x1c0 [ 15.071298] kunit_try_run_case+0x1a5/0x480 [ 15.071490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.071723] kthread+0x337/0x6f0 [ 15.072001] ret_from_fork+0x116/0x1d0 [ 15.072149] ret_from_fork_asm+0x1a/0x30 [ 15.072352] [ 15.072435] The buggy address belongs to the object at ffff888102641aa0 [ 15.072435] which belongs to the cache kmalloc-16 of size 16 [ 15.072999] The buggy address is located 8 bytes inside of [ 15.072999] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.073445] [ 15.073551] The buggy address belongs to the physical page: [ 15.073761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.074010] flags: 0x200000000000000(node=0|zone=2) [ 15.074189] page_type: f5(slab) [ 15.074315] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.074602] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.074944] page dumped because: kasan: bad access detected [ 15.075201] [ 15.075310] Memory state around the buggy address: [ 15.075551] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.075911] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.076230] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.076451] ^ [ 15.076613] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.077194] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.077540] ================================================================== [ 15.097787] ================================================================== [ 15.098201] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.098489] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.098900] [ 15.099015] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.099061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.099072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.099095] Call Trace: [ 15.099113] <TASK> [ 15.099130] dump_stack_lvl+0x73/0xb0 [ 15.099160] print_report+0xd1/0x610 [ 15.099183] ? __virt_addr_valid+0x1db/0x2d0 [ 15.099207] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.099233] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.099255] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.099281] kasan_report+0x141/0x180 [ 15.099303] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.099333] kasan_check_range+0x10c/0x1c0 [ 15.099357] __kasan_check_write+0x18/0x20 [ 15.099379] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.099405] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.099432] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.099456] ? trace_hardirqs_on+0x37/0xe0 [ 15.099490] ? kasan_bitops_generic+0x92/0x1c0 [ 15.099518] kasan_bitops_generic+0x116/0x1c0 [ 15.099542] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.099568] ? __pfx_read_tsc+0x10/0x10 [ 15.099591] ? ktime_get_ts64+0x86/0x230 [ 15.099615] kunit_try_run_case+0x1a5/0x480 [ 15.099640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.099662] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.099687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.099711] ? __kthread_parkme+0x82/0x180 [ 15.099732] ? preempt_count_sub+0x50/0x80 [ 15.099755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.099779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.099802] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.099826] kthread+0x337/0x6f0 [ 15.099846] ? trace_preempt_on+0x20/0xc0 [ 15.099867] ? __pfx_kthread+0x10/0x10 [ 15.099888] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.099909] ? calculate_sigpending+0x7b/0xa0 [ 15.099933] ? __pfx_kthread+0x10/0x10 [ 15.099954] ret_from_fork+0x116/0x1d0 [ 15.099973] ? __pfx_kthread+0x10/0x10 [ 15.099993] ret_from_fork_asm+0x1a/0x30 [ 15.100025] </TASK> [ 15.100035] [ 15.108162] Allocated by task 279: [ 15.108300] kasan_save_stack+0x45/0x70 [ 15.108449] kasan_save_track+0x18/0x40 [ 15.108598] kasan_save_alloc_info+0x3b/0x50 [ 15.108754] __kasan_kmalloc+0xb7/0xc0 [ 15.108996] __kmalloc_cache_noprof+0x189/0x420 [ 15.109222] kasan_bitops_generic+0x92/0x1c0 [ 15.109439] kunit_try_run_case+0x1a5/0x480 [ 15.109669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.110100] kthread+0x337/0x6f0 [ 15.110307] ret_from_fork+0x116/0x1d0 [ 15.110517] ret_from_fork_asm+0x1a/0x30 [ 15.110724] [ 15.110831] The buggy address belongs to the object at ffff888102641aa0 [ 15.110831] which belongs to the cache kmalloc-16 of size 16 [ 15.111397] The buggy address is located 8 bytes inside of [ 15.111397] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.111956] [ 15.112036] The buggy address belongs to the physical page: [ 15.112259] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.112535] flags: 0x200000000000000(node=0|zone=2) [ 15.112777] page_type: f5(slab) [ 15.112950] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.113271] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.113516] page dumped because: kasan: bad access detected [ 15.113694] [ 15.113765] Memory state around the buggy address: [ 15.114037] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.114371] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.114715] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.115062] ^ [ 15.115382] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.115643] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.115867] ================================================================== [ 15.135963] ================================================================== [ 15.136607] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.136882] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.137118] [ 15.137205] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.137251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.137263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.137285] Call Trace: [ 15.137303] <TASK> [ 15.137318] dump_stack_lvl+0x73/0xb0 [ 15.137347] print_report+0xd1/0x610 [ 15.137371] ? __virt_addr_valid+0x1db/0x2d0 [ 15.137394] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.137420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.137444] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.137481] kasan_report+0x141/0x180 [ 15.137504] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.137537] kasan_check_range+0x10c/0x1c0 [ 15.137562] __kasan_check_write+0x18/0x20 [ 15.137582] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.137607] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.137634] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.137659] ? trace_hardirqs_on+0x37/0xe0 [ 15.137683] ? kasan_bitops_generic+0x92/0x1c0 [ 15.137711] kasan_bitops_generic+0x116/0x1c0 [ 15.137735] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.137760] ? __pfx_read_tsc+0x10/0x10 [ 15.137782] ? ktime_get_ts64+0x86/0x230 [ 15.137806] kunit_try_run_case+0x1a5/0x480 [ 15.137831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.137854] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.137879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.137902] ? __kthread_parkme+0x82/0x180 [ 15.137923] ? preempt_count_sub+0x50/0x80 [ 15.137947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.137972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.137999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.138023] kthread+0x337/0x6f0 [ 15.138042] ? trace_preempt_on+0x20/0xc0 [ 15.138065] ? __pfx_kthread+0x10/0x10 [ 15.138085] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.138115] ? calculate_sigpending+0x7b/0xa0 [ 15.138139] ? __pfx_kthread+0x10/0x10 [ 15.138161] ret_from_fork+0x116/0x1d0 [ 15.138180] ? __pfx_kthread+0x10/0x10 [ 15.138201] ret_from_fork_asm+0x1a/0x30 [ 15.138231] </TASK> [ 15.138242] [ 15.146815] Allocated by task 279: [ 15.146983] kasan_save_stack+0x45/0x70 [ 15.147166] kasan_save_track+0x18/0x40 [ 15.147358] kasan_save_alloc_info+0x3b/0x50 [ 15.147549] __kasan_kmalloc+0xb7/0xc0 [ 15.147739] __kmalloc_cache_noprof+0x189/0x420 [ 15.147983] kasan_bitops_generic+0x92/0x1c0 [ 15.148180] kunit_try_run_case+0x1a5/0x480 [ 15.148381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.148614] kthread+0x337/0x6f0 [ 15.148768] ret_from_fork+0x116/0x1d0 [ 15.148942] ret_from_fork_asm+0x1a/0x30 [ 15.149137] [ 15.149213] The buggy address belongs to the object at ffff888102641aa0 [ 15.149213] which belongs to the cache kmalloc-16 of size 16 [ 15.149695] The buggy address is located 8 bytes inside of [ 15.149695] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.150371] [ 15.150478] The buggy address belongs to the physical page: [ 15.150704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.151079] flags: 0x200000000000000(node=0|zone=2) [ 15.151264] page_type: f5(slab) [ 15.151389] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.151695] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.152327] page dumped because: kasan: bad access detected [ 15.152516] [ 15.152588] Memory state around the buggy address: [ 15.152770] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.153095] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.153426] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.153718] ^ [ 15.154065] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.154317] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.154644] ================================================================== [ 15.039347] ================================================================== [ 15.039711] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.040464] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.040772] [ 15.040901] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.040946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.040958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.040979] Call Trace: [ 15.040994] <TASK> [ 15.041008] dump_stack_lvl+0x73/0xb0 [ 15.041039] print_report+0xd1/0x610 [ 15.041062] ? __virt_addr_valid+0x1db/0x2d0 [ 15.041085] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.041112] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.041134] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.041160] kasan_report+0x141/0x180 [ 15.041182] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.041212] kasan_check_range+0x10c/0x1c0 [ 15.041236] __kasan_check_write+0x18/0x20 [ 15.041255] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.041281] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.041308] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.041332] ? trace_hardirqs_on+0x37/0xe0 [ 15.041355] ? kasan_bitops_generic+0x92/0x1c0 [ 15.041382] kasan_bitops_generic+0x116/0x1c0 [ 15.041406] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.041431] ? __pfx_read_tsc+0x10/0x10 [ 15.041453] ? ktime_get_ts64+0x86/0x230 [ 15.041490] kunit_try_run_case+0x1a5/0x480 [ 15.041515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.041538] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.041563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.041587] ? __kthread_parkme+0x82/0x180 [ 15.041608] ? preempt_count_sub+0x50/0x80 [ 15.041633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.041658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.041681] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.041706] kthread+0x337/0x6f0 [ 15.041726] ? trace_preempt_on+0x20/0xc0 [ 15.041749] ? __pfx_kthread+0x10/0x10 [ 15.041771] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.041792] ? calculate_sigpending+0x7b/0xa0 [ 15.041817] ? __pfx_kthread+0x10/0x10 [ 15.041839] ret_from_fork+0x116/0x1d0 [ 15.041858] ? __pfx_kthread+0x10/0x10 [ 15.041878] ret_from_fork_asm+0x1a/0x30 [ 15.041909] </TASK> [ 15.041919] [ 15.049673] Allocated by task 279: [ 15.049807] kasan_save_stack+0x45/0x70 [ 15.049954] kasan_save_track+0x18/0x40 [ 15.050093] kasan_save_alloc_info+0x3b/0x50 [ 15.050263] __kasan_kmalloc+0xb7/0xc0 [ 15.050588] __kmalloc_cache_noprof+0x189/0x420 [ 15.050896] kasan_bitops_generic+0x92/0x1c0 [ 15.051113] kunit_try_run_case+0x1a5/0x480 [ 15.051330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.051599] kthread+0x337/0x6f0 [ 15.051772] ret_from_fork+0x116/0x1d0 [ 15.051962] ret_from_fork_asm+0x1a/0x30 [ 15.052162] [ 15.052257] The buggy address belongs to the object at ffff888102641aa0 [ 15.052257] which belongs to the cache kmalloc-16 of size 16 [ 15.052742] The buggy address is located 8 bytes inside of [ 15.052742] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.053217] [ 15.053291] The buggy address belongs to the physical page: [ 15.053479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.053907] flags: 0x200000000000000(node=0|zone=2) [ 15.054158] page_type: f5(slab) [ 15.054338] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.054636] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.055099] page dumped because: kasan: bad access detected [ 15.055349] [ 15.055419] Memory state around the buggy address: [ 15.055660] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.055992] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.056221] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.056430] ^ [ 15.056648] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.057215] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.057491] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.954912] ================================================================== [ 14.955294] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.955566] Read of size 1 at addr ffff8881038b6250 by task kunit_try_catch/277 [ 14.955922] [ 14.956032] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.956119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.956132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.956153] Call Trace: [ 14.956167] <TASK> [ 14.956182] dump_stack_lvl+0x73/0xb0 [ 14.956211] print_report+0xd1/0x610 [ 14.956236] ? __virt_addr_valid+0x1db/0x2d0 [ 14.956260] ? strnlen+0x73/0x80 [ 14.956279] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.956303] ? strnlen+0x73/0x80 [ 14.956322] kasan_report+0x141/0x180 [ 14.956345] ? strnlen+0x73/0x80 [ 14.956371] __asan_report_load1_noabort+0x18/0x20 [ 14.956396] strnlen+0x73/0x80 [ 14.956416] kasan_strings+0x615/0xe80 [ 14.956437] ? trace_hardirqs_on+0x37/0xe0 [ 14.956461] ? __pfx_kasan_strings+0x10/0x10 [ 14.956496] ? finish_task_switch.isra.0+0x153/0x700 [ 14.956519] ? __switch_to+0x47/0xf50 [ 14.956547] ? __schedule+0x10c6/0x2b60 [ 14.956572] ? __pfx_read_tsc+0x10/0x10 [ 14.956594] ? ktime_get_ts64+0x86/0x230 [ 14.956621] kunit_try_run_case+0x1a5/0x480 [ 14.956647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.956671] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.956696] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.956720] ? __kthread_parkme+0x82/0x180 [ 14.956742] ? preempt_count_sub+0x50/0x80 [ 14.956767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.956793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.956817] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.956842] kthread+0x337/0x6f0 [ 14.956862] ? trace_preempt_on+0x20/0xc0 [ 14.956886] ? __pfx_kthread+0x10/0x10 [ 14.956908] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.956931] ? calculate_sigpending+0x7b/0xa0 [ 14.956957] ? __pfx_kthread+0x10/0x10 [ 14.956979] ret_from_fork+0x116/0x1d0 [ 14.956998] ? __pfx_kthread+0x10/0x10 [ 14.957019] ret_from_fork_asm+0x1a/0x30 [ 14.957107] </TASK> [ 14.957118] [ 14.966113] Allocated by task 277: [ 14.966250] kasan_save_stack+0x45/0x70 [ 14.966402] kasan_save_track+0x18/0x40 [ 14.966555] kasan_save_alloc_info+0x3b/0x50 [ 14.966709] __kasan_kmalloc+0xb7/0xc0 [ 14.966842] __kmalloc_cache_noprof+0x189/0x420 [ 14.967000] kasan_strings+0xc0/0xe80 [ 14.967133] kunit_try_run_case+0x1a5/0x480 [ 14.967283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.967464] kthread+0x337/0x6f0 [ 14.968025] ret_from_fork+0x116/0x1d0 [ 14.968594] ret_from_fork_asm+0x1a/0x30 [ 14.968981] [ 14.969143] Freed by task 277: [ 14.969420] kasan_save_stack+0x45/0x70 [ 14.969776] kasan_save_track+0x18/0x40 [ 14.970758] kasan_save_free_info+0x3f/0x60 [ 14.971221] __kasan_slab_free+0x56/0x70 [ 14.971622] kfree+0x222/0x3f0 [ 14.972368] kasan_strings+0x2aa/0xe80 [ 14.972732] kunit_try_run_case+0x1a5/0x480 [ 14.973427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.974141] kthread+0x337/0x6f0 [ 14.974617] ret_from_fork+0x116/0x1d0 [ 14.975203] ret_from_fork_asm+0x1a/0x30 [ 14.975827] [ 14.976155] The buggy address belongs to the object at ffff8881038b6240 [ 14.976155] which belongs to the cache kmalloc-32 of size 32 [ 14.977657] The buggy address is located 16 bytes inside of [ 14.977657] freed 32-byte region [ffff8881038b6240, ffff8881038b6260) [ 14.979245] [ 14.979585] The buggy address belongs to the physical page: [ 14.980330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b6 [ 14.981292] flags: 0x200000000000000(node=0|zone=2) [ 14.981964] page_type: f5(slab) [ 14.982612] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.983459] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.984015] page dumped because: kasan: bad access detected [ 14.984769] [ 14.985124] Memory state around the buggy address: [ 14.985415] ffff8881038b6100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.985660] ffff8881038b6180: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 14.986562] >ffff8881038b6200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.987546] ^ [ 14.988572] ffff8881038b6280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.989260] ffff8881038b6300: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.989525] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.932245] ================================================================== [ 14.932606] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.932948] Read of size 1 at addr ffff8881038b6250 by task kunit_try_catch/277 [ 14.933390] [ 14.933500] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.933545] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.933557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.933578] Call Trace: [ 14.933593] <TASK> [ 14.933607] dump_stack_lvl+0x73/0xb0 [ 14.933636] print_report+0xd1/0x610 [ 14.933660] ? __virt_addr_valid+0x1db/0x2d0 [ 14.933683] ? strlen+0x8f/0xb0 [ 14.933700] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.933723] ? strlen+0x8f/0xb0 [ 14.933742] kasan_report+0x141/0x180 [ 14.933765] ? strlen+0x8f/0xb0 [ 14.933790] __asan_report_load1_noabort+0x18/0x20 [ 14.933814] strlen+0x8f/0xb0 [ 14.933834] kasan_strings+0x57b/0xe80 [ 14.933854] ? trace_hardirqs_on+0x37/0xe0 [ 14.933878] ? __pfx_kasan_strings+0x10/0x10 [ 14.933898] ? finish_task_switch.isra.0+0x153/0x700 [ 14.933920] ? __switch_to+0x47/0xf50 [ 14.933948] ? __schedule+0x10c6/0x2b60 [ 14.933972] ? __pfx_read_tsc+0x10/0x10 [ 14.933993] ? ktime_get_ts64+0x86/0x230 [ 14.934019] kunit_try_run_case+0x1a5/0x480 [ 14.934044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.934067] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.934091] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.934124] ? __kthread_parkme+0x82/0x180 [ 14.934145] ? preempt_count_sub+0x50/0x80 [ 14.934170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.934194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.934218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.934242] kthread+0x337/0x6f0 [ 14.934262] ? trace_preempt_on+0x20/0xc0 [ 14.934285] ? __pfx_kthread+0x10/0x10 [ 14.934307] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.934329] ? calculate_sigpending+0x7b/0xa0 [ 14.934354] ? __pfx_kthread+0x10/0x10 [ 14.934376] ret_from_fork+0x116/0x1d0 [ 14.934394] ? __pfx_kthread+0x10/0x10 [ 14.934415] ret_from_fork_asm+0x1a/0x30 [ 14.934450] </TASK> [ 14.934460] [ 14.943001] Allocated by task 277: [ 14.943379] kasan_save_stack+0x45/0x70 [ 14.943605] kasan_save_track+0x18/0x40 [ 14.943766] kasan_save_alloc_info+0x3b/0x50 [ 14.944068] __kasan_kmalloc+0xb7/0xc0 [ 14.944226] __kmalloc_cache_noprof+0x189/0x420 [ 14.944388] kasan_strings+0xc0/0xe80 [ 14.944537] kunit_try_run_case+0x1a5/0x480 [ 14.944691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.944872] kthread+0x337/0x6f0 [ 14.945044] ret_from_fork+0x116/0x1d0 [ 14.945235] ret_from_fork_asm+0x1a/0x30 [ 14.945431] [ 14.945536] Freed by task 277: [ 14.945695] kasan_save_stack+0x45/0x70 [ 14.945888] kasan_save_track+0x18/0x40 [ 14.946084] kasan_save_free_info+0x3f/0x60 [ 14.946297] __kasan_slab_free+0x56/0x70 [ 14.946729] kfree+0x222/0x3f0 [ 14.946952] kasan_strings+0x2aa/0xe80 [ 14.947239] kunit_try_run_case+0x1a5/0x480 [ 14.947415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.947687] kthread+0x337/0x6f0 [ 14.947887] ret_from_fork+0x116/0x1d0 [ 14.948055] ret_from_fork_asm+0x1a/0x30 [ 14.948245] [ 14.948323] The buggy address belongs to the object at ffff8881038b6240 [ 14.948323] which belongs to the cache kmalloc-32 of size 32 [ 14.949037] The buggy address is located 16 bytes inside of [ 14.949037] freed 32-byte region [ffff8881038b6240, ffff8881038b6260) [ 14.949567] [ 14.949674] The buggy address belongs to the physical page: [ 14.949987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b6 [ 14.950548] flags: 0x200000000000000(node=0|zone=2) [ 14.950747] page_type: f5(slab) [ 14.951029] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.951334] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.951582] page dumped because: kasan: bad access detected [ 14.951763] [ 14.951996] Memory state around the buggy address: [ 14.952306] ffff8881038b6100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.952648] ffff8881038b6180: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 14.953014] >ffff8881038b6200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.953347] ^ [ 14.953591] ffff8881038b6280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.953903] ffff8881038b6300: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.954430] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.909232] ================================================================== [ 14.909510] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.909883] Read of size 1 at addr ffff8881038b6250 by task kunit_try_catch/277 [ 14.910407] [ 14.910523] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.910571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.910584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.910607] Call Trace: [ 14.910626] <TASK> [ 14.910643] dump_stack_lvl+0x73/0xb0 [ 14.910676] print_report+0xd1/0x610 [ 14.910700] ? __virt_addr_valid+0x1db/0x2d0 [ 14.910724] ? kasan_strings+0xcbc/0xe80 [ 14.910746] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.910768] ? kasan_strings+0xcbc/0xe80 [ 14.910806] kasan_report+0x141/0x180 [ 14.910830] ? kasan_strings+0xcbc/0xe80 [ 14.910859] __asan_report_load1_noabort+0x18/0x20 [ 14.910885] kasan_strings+0xcbc/0xe80 [ 14.910905] ? trace_hardirqs_on+0x37/0xe0 [ 14.910930] ? __pfx_kasan_strings+0x10/0x10 [ 14.910950] ? finish_task_switch.isra.0+0x153/0x700 [ 14.910974] ? __switch_to+0x47/0xf50 [ 14.911003] ? __schedule+0x10c6/0x2b60 [ 14.911028] ? __pfx_read_tsc+0x10/0x10 [ 14.911061] ? ktime_get_ts64+0x86/0x230 [ 14.911088] kunit_try_run_case+0x1a5/0x480 [ 14.911113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.911136] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.911162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.911187] ? __kthread_parkme+0x82/0x180 [ 14.911209] ? preempt_count_sub+0x50/0x80 [ 14.911234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.911259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.911283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.911307] kthread+0x337/0x6f0 [ 14.911330] ? trace_preempt_on+0x20/0xc0 [ 14.911353] ? __pfx_kthread+0x10/0x10 [ 14.911375] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.911397] ? calculate_sigpending+0x7b/0xa0 [ 14.911422] ? __pfx_kthread+0x10/0x10 [ 14.911445] ret_from_fork+0x116/0x1d0 [ 14.911463] ? __pfx_kthread+0x10/0x10 [ 14.911496] ret_from_fork_asm+0x1a/0x30 [ 14.911532] </TASK> [ 14.911543] [ 14.919671] Allocated by task 277: [ 14.919972] kasan_save_stack+0x45/0x70 [ 14.920236] kasan_save_track+0x18/0x40 [ 14.920414] kasan_save_alloc_info+0x3b/0x50 [ 14.920621] __kasan_kmalloc+0xb7/0xc0 [ 14.920798] __kmalloc_cache_noprof+0x189/0x420 [ 14.920994] kasan_strings+0xc0/0xe80 [ 14.921358] kunit_try_run_case+0x1a5/0x480 [ 14.921564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.921806] kthread+0x337/0x6f0 [ 14.921970] ret_from_fork+0x116/0x1d0 [ 14.922388] ret_from_fork_asm+0x1a/0x30 [ 14.922563] [ 14.922639] Freed by task 277: [ 14.922773] kasan_save_stack+0x45/0x70 [ 14.922969] kasan_save_track+0x18/0x40 [ 14.923322] kasan_save_free_info+0x3f/0x60 [ 14.923554] __kasan_slab_free+0x56/0x70 [ 14.923716] kfree+0x222/0x3f0 [ 14.923999] kasan_strings+0x2aa/0xe80 [ 14.924147] kunit_try_run_case+0x1a5/0x480 [ 14.924349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.924542] kthread+0x337/0x6f0 [ 14.924667] ret_from_fork+0x116/0x1d0 [ 14.924805] ret_from_fork_asm+0x1a/0x30 [ 14.924947] [ 14.925022] The buggy address belongs to the object at ffff8881038b6240 [ 14.925022] which belongs to the cache kmalloc-32 of size 32 [ 14.925431] The buggy address is located 16 bytes inside of [ 14.925431] freed 32-byte region [ffff8881038b6240, ffff8881038b6260) [ 14.926502] [ 14.926616] The buggy address belongs to the physical page: [ 14.926980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b6 [ 14.927569] flags: 0x200000000000000(node=0|zone=2) [ 14.928033] page_type: f5(slab) [ 14.928185] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.928424] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.928670] page dumped because: kasan: bad access detected [ 14.929151] [ 14.929255] Memory state around the buggy address: [ 14.929496] ffff8881038b6100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.929857] ffff8881038b6180: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 14.930425] >ffff8881038b6200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.930719] ^ [ 14.931105] ffff8881038b6280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.931395] ffff8881038b6300: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.931628] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.878635] ================================================================== [ 14.880553] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.880945] Read of size 1 at addr ffff8881038b6250 by task kunit_try_catch/277 [ 14.881695] [ 14.881940] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.881998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.882011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.882159] Call Trace: [ 14.882179] <TASK> [ 14.882199] dump_stack_lvl+0x73/0xb0 [ 14.882277] print_report+0xd1/0x610 [ 14.882314] ? __virt_addr_valid+0x1db/0x2d0 [ 14.882341] ? strcmp+0xb0/0xc0 [ 14.882359] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.882385] ? strcmp+0xb0/0xc0 [ 14.882436] kasan_report+0x141/0x180 [ 14.882461] ? strcmp+0xb0/0xc0 [ 14.882500] __asan_report_load1_noabort+0x18/0x20 [ 14.882525] strcmp+0xb0/0xc0 [ 14.882546] kasan_strings+0x431/0xe80 [ 14.882568] ? trace_hardirqs_on+0x37/0xe0 [ 14.882594] ? __pfx_kasan_strings+0x10/0x10 [ 14.882615] ? finish_task_switch.isra.0+0x153/0x700 [ 14.882640] ? __switch_to+0x47/0xf50 [ 14.882670] ? __schedule+0x10c6/0x2b60 [ 14.882696] ? __pfx_read_tsc+0x10/0x10 [ 14.882719] ? ktime_get_ts64+0x86/0x230 [ 14.882748] kunit_try_run_case+0x1a5/0x480 [ 14.882776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.882799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.882825] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.882850] ? __kthread_parkme+0x82/0x180 [ 14.882873] ? preempt_count_sub+0x50/0x80 [ 14.882898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.882923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.882947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.882972] kthread+0x337/0x6f0 [ 14.882992] ? trace_preempt_on+0x20/0xc0 [ 14.883015] ? __pfx_kthread+0x10/0x10 [ 14.883046] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.883069] ? calculate_sigpending+0x7b/0xa0 [ 14.883094] ? __pfx_kthread+0x10/0x10 [ 14.883116] ret_from_fork+0x116/0x1d0 [ 14.883136] ? __pfx_kthread+0x10/0x10 [ 14.883157] ret_from_fork_asm+0x1a/0x30 [ 14.883194] </TASK> [ 14.883204] [ 14.895943] Allocated by task 277: [ 14.896494] kasan_save_stack+0x45/0x70 [ 14.896709] kasan_save_track+0x18/0x40 [ 14.897211] kasan_save_alloc_info+0x3b/0x50 [ 14.897584] __kasan_kmalloc+0xb7/0xc0 [ 14.897968] __kmalloc_cache_noprof+0x189/0x420 [ 14.898359] kasan_strings+0xc0/0xe80 [ 14.898729] kunit_try_run_case+0x1a5/0x480 [ 14.899026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.899270] kthread+0x337/0x6f0 [ 14.899463] ret_from_fork+0x116/0x1d0 [ 14.899706] ret_from_fork_asm+0x1a/0x30 [ 14.899862] [ 14.900001] Freed by task 277: [ 14.900257] kasan_save_stack+0x45/0x70 [ 14.900455] kasan_save_track+0x18/0x40 [ 14.900670] kasan_save_free_info+0x3f/0x60 [ 14.900915] __kasan_slab_free+0x56/0x70 [ 14.901171] kfree+0x222/0x3f0 [ 14.901348] kasan_strings+0x2aa/0xe80 [ 14.901511] kunit_try_run_case+0x1a5/0x480 [ 14.901668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.901893] kthread+0x337/0x6f0 [ 14.902275] ret_from_fork+0x116/0x1d0 [ 14.902501] ret_from_fork_asm+0x1a/0x30 [ 14.902711] [ 14.902855] The buggy address belongs to the object at ffff8881038b6240 [ 14.902855] which belongs to the cache kmalloc-32 of size 32 [ 14.903446] The buggy address is located 16 bytes inside of [ 14.903446] freed 32-byte region [ffff8881038b6240, ffff8881038b6260) [ 14.904148] [ 14.904248] The buggy address belongs to the physical page: [ 14.904496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b6 [ 14.904889] flags: 0x200000000000000(node=0|zone=2) [ 14.905084] page_type: f5(slab) [ 14.905214] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.905488] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.905963] page dumped because: kasan: bad access detected [ 14.906222] [ 14.906318] Memory state around the buggy address: [ 14.906562] ffff8881038b6100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.906997] ffff8881038b6180: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 14.907388] >ffff8881038b6200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.907676] ^ [ 14.907869] ffff8881038b6280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.908250] ffff8881038b6300: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.908537] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.841638] ================================================================== [ 14.842723] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.843205] Read of size 1 at addr ffff8881038b6218 by task kunit_try_catch/275 [ 14.843527] [ 14.843656] CPU: 1 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.843707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.843720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.843743] Call Trace: [ 14.843758] <TASK> [ 14.843776] dump_stack_lvl+0x73/0xb0 [ 14.843809] print_report+0xd1/0x610 [ 14.843836] ? __virt_addr_valid+0x1db/0x2d0 [ 14.843860] ? memcmp+0x1b4/0x1d0 [ 14.843880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.843902] ? memcmp+0x1b4/0x1d0 [ 14.843922] kasan_report+0x141/0x180 [ 14.843944] ? memcmp+0x1b4/0x1d0 [ 14.843967] __asan_report_load1_noabort+0x18/0x20 [ 14.843991] memcmp+0x1b4/0x1d0 [ 14.844013] kasan_memcmp+0x18f/0x390 [ 14.844275] ? trace_hardirqs_on+0x37/0xe0 [ 14.844307] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.844329] ? finish_task_switch.isra.0+0x153/0x700 [ 14.844353] ? __switch_to+0x47/0xf50 [ 14.844382] ? __pfx_read_tsc+0x10/0x10 [ 14.844626] ? ktime_get_ts64+0x86/0x230 [ 14.844663] kunit_try_run_case+0x1a5/0x480 [ 14.844694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844718] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.844744] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.844768] ? __kthread_parkme+0x82/0x180 [ 14.844807] ? preempt_count_sub+0x50/0x80 [ 14.844831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.844880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.844904] kthread+0x337/0x6f0 [ 14.844924] ? trace_preempt_on+0x20/0xc0 [ 14.844947] ? __pfx_kthread+0x10/0x10 [ 14.844969] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.844991] ? calculate_sigpending+0x7b/0xa0 [ 14.845016] ? __pfx_kthread+0x10/0x10 [ 14.845038] ret_from_fork+0x116/0x1d0 [ 14.845057] ? __pfx_kthread+0x10/0x10 [ 14.845079] ret_from_fork_asm+0x1a/0x30 [ 14.845111] </TASK> [ 14.845121] [ 14.858483] Allocated by task 275: [ 14.858676] kasan_save_stack+0x45/0x70 [ 14.859289] kasan_save_track+0x18/0x40 [ 14.859559] kasan_save_alloc_info+0x3b/0x50 [ 14.859937] __kasan_kmalloc+0xb7/0xc0 [ 14.860489] __kmalloc_cache_noprof+0x189/0x420 [ 14.860774] kasan_memcmp+0xb7/0x390 [ 14.861119] kunit_try_run_case+0x1a5/0x480 [ 14.861534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.862034] kthread+0x337/0x6f0 [ 14.862344] ret_from_fork+0x116/0x1d0 [ 14.862733] ret_from_fork_asm+0x1a/0x30 [ 14.862960] [ 14.863301] The buggy address belongs to the object at ffff8881038b6200 [ 14.863301] which belongs to the cache kmalloc-32 of size 32 [ 14.863875] The buggy address is located 0 bytes to the right of [ 14.863875] allocated 24-byte region [ffff8881038b6200, ffff8881038b6218) [ 14.864811] [ 14.865237] The buggy address belongs to the physical page: [ 14.865519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038b6 [ 14.865954] flags: 0x200000000000000(node=0|zone=2) [ 14.866615] page_type: f5(slab) [ 14.866925] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.867461] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.867775] page dumped because: kasan: bad access detected [ 14.868019] [ 14.868392] Memory state around the buggy address: [ 14.868835] ffff8881038b6100: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.869536] ffff8881038b6180: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.870017] >ffff8881038b6200: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.870369] ^ [ 14.870570] ffff8881038b6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.871303] ffff8881038b6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.871792] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.809455] ================================================================== [ 14.810163] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.810658] Read of size 1 at addr ffff888103937c4a by task kunit_try_catch/271 [ 14.811303] [ 14.811440] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.811503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.811515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.811540] Call Trace: [ 14.811554] <TASK> [ 14.811571] dump_stack_lvl+0x73/0xb0 [ 14.811739] print_report+0xd1/0x610 [ 14.811772] ? __virt_addr_valid+0x1db/0x2d0 [ 14.811797] ? kasan_alloca_oob_right+0x329/0x390 [ 14.811820] ? kasan_addr_to_slab+0x11/0xa0 [ 14.811840] ? kasan_alloca_oob_right+0x329/0x390 [ 14.811864] kasan_report+0x141/0x180 [ 14.811886] ? kasan_alloca_oob_right+0x329/0x390 [ 14.811912] __asan_report_load1_noabort+0x18/0x20 [ 14.811937] kasan_alloca_oob_right+0x329/0x390 [ 14.811959] ? __kasan_check_write+0x18/0x20 [ 14.811980] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.812003] ? finish_task_switch.isra.0+0x153/0x700 [ 14.812026] ? rt_mutex_adjust_prio_chain+0x195e/0x20e0 [ 14.812153] ? trace_hardirqs_on+0x37/0xe0 [ 14.812180] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.812206] ? __schedule+0x10c6/0x2b60 [ 14.812229] ? __pfx_read_tsc+0x10/0x10 [ 14.812251] ? ktime_get_ts64+0x86/0x230 [ 14.812276] kunit_try_run_case+0x1a5/0x480 [ 14.812305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.812328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.812352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.812377] ? __kthread_parkme+0x82/0x180 [ 14.812398] ? preempt_count_sub+0x50/0x80 [ 14.812421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.812445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.812481] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.812506] kthread+0x337/0x6f0 [ 14.812525] ? trace_preempt_on+0x20/0xc0 [ 14.812547] ? __pfx_kthread+0x10/0x10 [ 14.812568] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.812591] ? calculate_sigpending+0x7b/0xa0 [ 14.812614] ? __pfx_kthread+0x10/0x10 [ 14.812636] ret_from_fork+0x116/0x1d0 [ 14.812655] ? __pfx_kthread+0x10/0x10 [ 14.812676] ret_from_fork_asm+0x1a/0x30 [ 14.812706] </TASK> [ 14.812717] [ 14.826280] The buggy address belongs to stack of task kunit_try_catch/271 [ 14.826620] [ 14.826726] The buggy address belongs to the physical page: [ 14.827297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103937 [ 14.827754] flags: 0x200000000000000(node=0|zone=2) [ 14.828309] raw: 0200000000000000 ffffea00040e4dc8 ffffea00040e4dc8 0000000000000000 [ 14.828688] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.829347] page dumped because: kasan: bad access detected [ 14.829717] [ 14.830025] Memory state around the buggy address: [ 14.830320] ffff888103937b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.830741] ffff888103937b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.831262] >ffff888103937c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.831580] ^ [ 14.831831] ffff888103937c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.832575] ffff888103937d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.833001] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.780667] ================================================================== [ 14.781845] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.782415] Read of size 1 at addr ffff88810390fc3f by task kunit_try_catch/269 [ 14.782761] [ 14.782866] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.782916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.782928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.782954] Call Trace: [ 14.782966] <TASK> [ 14.782985] dump_stack_lvl+0x73/0xb0 [ 14.783016] print_report+0xd1/0x610 [ 14.783513] ? __virt_addr_valid+0x1db/0x2d0 [ 14.783545] ? kasan_alloca_oob_left+0x320/0x380 [ 14.783568] ? kasan_addr_to_slab+0x11/0xa0 [ 14.783590] ? kasan_alloca_oob_left+0x320/0x380 [ 14.783613] kasan_report+0x141/0x180 [ 14.783636] ? kasan_alloca_oob_left+0x320/0x380 [ 14.783663] __asan_report_load1_noabort+0x18/0x20 [ 14.783687] kasan_alloca_oob_left+0x320/0x380 [ 14.783712] ? finish_task_switch.isra.0+0x153/0x700 [ 14.783736] ? rt_mutex_adjust_prio_chain+0x195e/0x20e0 [ 14.783760] ? trace_hardirqs_on+0x37/0xe0 [ 14.783786] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.783811] ? __schedule+0x10c6/0x2b60 [ 14.783833] ? __pfx_read_tsc+0x10/0x10 [ 14.783855] ? ktime_get_ts64+0x86/0x230 [ 14.783880] kunit_try_run_case+0x1a5/0x480 [ 14.783906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.783930] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.783954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.783977] ? __kthread_parkme+0x82/0x180 [ 14.783999] ? preempt_count_sub+0x50/0x80 [ 14.784022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.784066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.784090] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.784114] kthread+0x337/0x6f0 [ 14.784134] ? trace_preempt_on+0x20/0xc0 [ 14.784156] ? __pfx_kthread+0x10/0x10 [ 14.784177] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.784199] ? calculate_sigpending+0x7b/0xa0 [ 14.784224] ? __pfx_kthread+0x10/0x10 [ 14.784245] ret_from_fork+0x116/0x1d0 [ 14.784264] ? __pfx_kthread+0x10/0x10 [ 14.784285] ret_from_fork_asm+0x1a/0x30 [ 14.784316] </TASK> [ 14.784327] [ 14.798407] The buggy address belongs to stack of task kunit_try_catch/269 [ 14.798779] [ 14.798863] The buggy address belongs to the physical page: [ 14.799466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10390f [ 14.799993] flags: 0x200000000000000(node=0|zone=2) [ 14.800449] raw: 0200000000000000 ffffea00040e43c8 ffffea00040e43c8 0000000000000000 [ 14.800928] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.801524] page dumped because: kasan: bad access detected [ 14.801979] [ 14.802091] Memory state around the buggy address: [ 14.802691] ffff88810390fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.803314] ffff88810390fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.803714] >ffff88810390fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.804138] ^ [ 14.804379] ffff88810390fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.804701] ffff88810390fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.805350] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.748790] ================================================================== [ 14.749916] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.750569] Read of size 1 at addr ffff88810397fd02 by task kunit_try_catch/267 [ 14.750911] [ 14.751106] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.751172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.751186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.751211] Call Trace: [ 14.751237] <TASK> [ 14.751257] dump_stack_lvl+0x73/0xb0 [ 14.751293] print_report+0xd1/0x610 [ 14.751317] ? __virt_addr_valid+0x1db/0x2d0 [ 14.751344] ? kasan_stack_oob+0x2b5/0x300 [ 14.751365] ? kasan_addr_to_slab+0x11/0xa0 [ 14.751388] ? kasan_stack_oob+0x2b5/0x300 [ 14.751410] kasan_report+0x141/0x180 [ 14.751433] ? kasan_stack_oob+0x2b5/0x300 [ 14.751458] __asan_report_load1_noabort+0x18/0x20 [ 14.751494] kasan_stack_oob+0x2b5/0x300 [ 14.751515] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.751536] ? finish_task_switch.isra.0+0x153/0x700 [ 14.751561] ? __switch_to+0x47/0xf50 [ 14.751589] ? __schedule+0x10c6/0x2b60 [ 14.751615] ? __pfx_read_tsc+0x10/0x10 [ 14.751641] ? ktime_get_ts64+0x86/0x230 [ 14.751667] kunit_try_run_case+0x1a5/0x480 [ 14.751696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.751720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.751746] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.751771] ? __kthread_parkme+0x82/0x180 [ 14.751795] ? preempt_count_sub+0x50/0x80 [ 14.751819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.751843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.751869] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.751893] kthread+0x337/0x6f0 [ 14.751914] ? trace_preempt_on+0x20/0xc0 [ 14.751939] ? __pfx_kthread+0x10/0x10 [ 14.751961] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.751984] ? calculate_sigpending+0x7b/0xa0 [ 14.752009] ? __pfx_kthread+0x10/0x10 [ 14.752032] ret_from_fork+0x116/0x1d0 [ 14.752051] ? __pfx_kthread+0x10/0x10 [ 14.752073] ret_from_fork_asm+0x1a/0x30 [ 14.752106] </TASK> [ 14.752117] [ 14.765753] The buggy address belongs to stack of task kunit_try_catch/267 [ 14.766093] and is located at offset 138 in frame: [ 14.766293] kasan_stack_oob+0x0/0x300 [ 14.766636] [ 14.766852] This frame has 4 objects: [ 14.767314] [48, 49) '__assertion' [ 14.767338] [64, 72) 'array' [ 14.767761] [96, 112) '__assertion' [ 14.768212] [128, 138) 'stack_array' [ 14.768643] [ 14.769202] The buggy address belongs to the physical page: [ 14.769804] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10397f [ 14.770515] flags: 0x200000000000000(node=0|zone=2) [ 14.770707] raw: 0200000000000000 ffffea00040e5fc8 ffffea00040e5fc8 0000000000000000 [ 14.771350] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.772092] page dumped because: kasan: bad access detected [ 14.772627] [ 14.772799] Memory state around the buggy address: [ 14.773205] ffff88810397fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.773818] ffff88810397fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.774577] >ffff88810397fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.775134] ^ [ 14.775435] ffff88810397fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.775675] ffff88810397fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.776099] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.714890] ================================================================== [ 14.716187] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.716455] Read of size 1 at addr ffffffffad863e8d by task kunit_try_catch/263 [ 14.718179] [ 14.718638] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.718702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.718715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.718738] Call Trace: [ 14.718751] <TASK> [ 14.718955] dump_stack_lvl+0x73/0xb0 [ 14.719026] print_report+0xd1/0x610 [ 14.719053] ? __virt_addr_valid+0x1db/0x2d0 [ 14.719078] ? kasan_global_oob_right+0x286/0x2d0 [ 14.719125] ? kasan_addr_to_slab+0x11/0xa0 [ 14.719147] ? kasan_global_oob_right+0x286/0x2d0 [ 14.719201] kasan_report+0x141/0x180 [ 14.719225] ? kasan_global_oob_right+0x286/0x2d0 [ 14.719251] __asan_report_load1_noabort+0x18/0x20 [ 14.719277] kasan_global_oob_right+0x286/0x2d0 [ 14.719299] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.719323] ? __schedule+0x10c6/0x2b60 [ 14.719346] ? __pfx_read_tsc+0x10/0x10 [ 14.719368] ? ktime_get_ts64+0x86/0x230 [ 14.719394] kunit_try_run_case+0x1a5/0x480 [ 14.719420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.719443] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.719466] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.719501] ? __kthread_parkme+0x82/0x180 [ 14.719522] ? preempt_count_sub+0x50/0x80 [ 14.719546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.719571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.719594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.719618] kthread+0x337/0x6f0 [ 14.719638] ? trace_preempt_on+0x20/0xc0 [ 14.719661] ? __pfx_kthread+0x10/0x10 [ 14.719684] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.719706] ? calculate_sigpending+0x7b/0xa0 [ 14.719731] ? __pfx_kthread+0x10/0x10 [ 14.719752] ret_from_fork+0x116/0x1d0 [ 14.719789] ? __pfx_kthread+0x10/0x10 [ 14.719810] ret_from_fork_asm+0x1a/0x30 [ 14.719841] </TASK> [ 14.719852] [ 14.733306] The buggy address belongs to the variable: [ 14.733889] global_array+0xd/0x40 [ 14.734390] [ 14.734592] The buggy address belongs to the physical page: [ 14.735230] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2fc63 [ 14.735989] flags: 0x100000000002000(reserved|node=0|zone=1) [ 14.736608] raw: 0100000000002000 ffffea0000bf18c8 ffffea0000bf18c8 0000000000000000 [ 14.737322] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.738059] page dumped because: kasan: bad access detected [ 14.738508] [ 14.738581] Memory state around the buggy address: [ 14.738741] ffffffffad863d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.738981] ffffffffad863e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.739208] >ffffffffad863e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.740009] ^ [ 14.740371] ffffffffad863f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.741080] ffffffffad863f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.741920] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.664683] ================================================================== [ 14.665729] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.666176] Free of addr ffff88810326c201 by task kunit_try_catch/259 [ 14.666695] [ 14.666806] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.666858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.666870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.666895] Call Trace: [ 14.666908] <TASK> [ 14.666925] dump_stack_lvl+0x73/0xb0 [ 14.666957] print_report+0xd1/0x610 [ 14.666981] ? __virt_addr_valid+0x1db/0x2d0 [ 14.667018] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.667093] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.667125] kasan_report_invalid_free+0x10a/0x130 [ 14.667151] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.667178] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.667205] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.667230] check_slab_allocation+0x11f/0x130 [ 14.667254] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.667281] mempool_free+0x2ec/0x380 [ 14.667310] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.667336] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.667364] ? __call_rcu_common.constprop.0+0x455/0x9e0 [ 14.667391] ? __pfx_task_dead_fair+0x10/0x10 [ 14.667421] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.667446] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.667486] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.667512] ? __pfx_mempool_kfree+0x10/0x10 [ 14.667538] ? __pfx_read_tsc+0x10/0x10 [ 14.667559] ? ktime_get_ts64+0x86/0x230 [ 14.667585] kunit_try_run_case+0x1a5/0x480 [ 14.667611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.667635] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.667660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.667685] ? __kthread_parkme+0x82/0x180 [ 14.667706] ? preempt_count_sub+0x50/0x80 [ 14.667730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.667755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.667779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.667803] kthread+0x337/0x6f0 [ 14.667823] ? trace_preempt_on+0x20/0xc0 [ 14.667848] ? __pfx_kthread+0x10/0x10 [ 14.667869] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.667891] ? calculate_sigpending+0x7b/0xa0 [ 14.667917] ? __pfx_kthread+0x10/0x10 [ 14.667939] ret_from_fork+0x116/0x1d0 [ 14.667958] ? __pfx_kthread+0x10/0x10 [ 14.667981] ret_from_fork_asm+0x1a/0x30 [ 14.668014] </TASK> [ 14.668025] [ 14.678651] Allocated by task 259: [ 14.678858] kasan_save_stack+0x45/0x70 [ 14.679111] kasan_save_track+0x18/0x40 [ 14.679297] kasan_save_alloc_info+0x3b/0x50 [ 14.679519] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.679740] remove_element+0x11e/0x190 [ 14.680002] mempool_alloc_preallocated+0x4d/0x90 [ 14.680305] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.680850] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.681039] kunit_try_run_case+0x1a5/0x480 [ 14.681195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.681382] kthread+0x337/0x6f0 [ 14.681524] ret_from_fork+0x116/0x1d0 [ 14.681665] ret_from_fork_asm+0x1a/0x30 [ 14.682012] [ 14.682116] The buggy address belongs to the object at ffff88810326c200 [ 14.682116] which belongs to the cache kmalloc-128 of size 128 [ 14.682686] The buggy address is located 1 bytes inside of [ 14.682686] 128-byte region [ffff88810326c200, ffff88810326c280) [ 14.683106] [ 14.683180] The buggy address belongs to the physical page: [ 14.683360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10326c [ 14.683836] flags: 0x200000000000000(node=0|zone=2) [ 14.684170] page_type: f5(slab) [ 14.684351] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.684723] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.685335] page dumped because: kasan: bad access detected [ 14.685576] [ 14.685676] Memory state around the buggy address: [ 14.685917] ffff88810326c100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.686251] ffff88810326c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686545] >ffff88810326c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.686999] ^ [ 14.687318] ffff88810326c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.687619] ffff88810326c300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.688021] ================================================================== [ 14.690844] ================================================================== [ 14.691680] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.692256] Free of addr ffff8881039f4001 by task kunit_try_catch/261 [ 14.692530] [ 14.692648] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.692696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.692709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.692733] Call Trace: [ 14.692745] <TASK> [ 14.692762] dump_stack_lvl+0x73/0xb0 [ 14.692793] print_report+0xd1/0x610 [ 14.692816] ? __virt_addr_valid+0x1db/0x2d0 [ 14.692840] ? kasan_addr_to_slab+0x11/0xa0 [ 14.692860] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.692887] kasan_report_invalid_free+0x10a/0x130 [ 14.692913] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.692941] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.692966] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.692991] mempool_free+0x2ec/0x380 [ 14.693018] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.693056] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.693081] ? update_load_avg+0x1be/0x21b0 [ 14.693105] ? update_load_avg+0x1be/0x21b0 [ 14.693126] ? update_curr+0x80/0x810 [ 14.693149] ? irqentry_exit+0x2a/0x60 [ 14.693171] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.693198] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.693223] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.693250] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.693273] ? __pfx_mempool_kfree+0x10/0x10 [ 14.693297] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.693324] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.693352] kunit_try_run_case+0x1a5/0x480 [ 14.693377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.693400] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.693424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.693447] ? __kthread_parkme+0x82/0x180 [ 14.693478] ? preempt_count_sub+0x50/0x80 [ 14.693502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.693527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.693550] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.693574] kthread+0x337/0x6f0 [ 14.693594] ? trace_preempt_on+0x20/0xc0 [ 14.693617] ? __pfx_kthread+0x10/0x10 [ 14.693639] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.693661] ? calculate_sigpending+0x7b/0xa0 [ 14.693685] ? __pfx_kthread+0x10/0x10 [ 14.693706] ret_from_fork+0x116/0x1d0 [ 14.693726] ? __pfx_kthread+0x10/0x10 [ 14.693746] ret_from_fork_asm+0x1a/0x30 [ 14.693776] </TASK> [ 14.693787] [ 14.703624] The buggy address belongs to the physical page: [ 14.703972] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.704424] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.704739] flags: 0x200000000000040(head|node=0|zone=2) [ 14.704986] page_type: f8(unknown) [ 14.705302] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.705609] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.706130] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.706465] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.706726] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff [ 14.707049] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.707408] page dumped because: kasan: bad access detected [ 14.707737] [ 14.707855] Memory state around the buggy address: [ 14.708068] ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.708334] ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.708617] >ffff8881039f4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.708944] ^ [ 14.709271] ffff8881039f4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.709606] ffff8881039f4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.709879] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.614524] ================================================================== [ 14.615754] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.616090] Free of addr ffff8881039bc000 by task kunit_try_catch/255 [ 14.616716] [ 14.616905] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.616955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.616968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.616992] Call Trace: [ 14.617005] <TASK> [ 14.617023] dump_stack_lvl+0x73/0xb0 [ 14.617108] print_report+0xd1/0x610 [ 14.617132] ? __virt_addr_valid+0x1db/0x2d0 [ 14.617157] ? kasan_addr_to_slab+0x11/0xa0 [ 14.617177] ? mempool_double_free_helper+0x184/0x370 [ 14.617202] kasan_report_invalid_free+0x10a/0x130 [ 14.617227] ? mempool_double_free_helper+0x184/0x370 [ 14.617254] ? mempool_double_free_helper+0x184/0x370 [ 14.617278] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.617302] mempool_free+0x2ec/0x380 [ 14.617330] mempool_double_free_helper+0x184/0x370 [ 14.617355] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.617378] ? update_load_avg+0x1be/0x21b0 [ 14.617404] ? dequeue_entities+0x27e/0x1740 [ 14.617431] ? finish_task_switch.isra.0+0x153/0x700 [ 14.617457] mempool_kmalloc_large_double_free+0xed/0x140 [ 14.617495] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.617524] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.617547] ? __pfx_mempool_kfree+0x10/0x10 [ 14.617572] ? __pfx_read_tsc+0x10/0x10 [ 14.617594] ? ktime_get_ts64+0x86/0x230 [ 14.617619] kunit_try_run_case+0x1a5/0x480 [ 14.617645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.617668] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.617693] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.617717] ? __kthread_parkme+0x82/0x180 [ 14.617738] ? preempt_count_sub+0x50/0x80 [ 14.617761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.617786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.617810] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.617835] kthread+0x337/0x6f0 [ 14.617854] ? trace_preempt_on+0x20/0xc0 [ 14.617879] ? __pfx_kthread+0x10/0x10 [ 14.617900] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.617922] ? calculate_sigpending+0x7b/0xa0 [ 14.617946] ? __pfx_kthread+0x10/0x10 [ 14.617968] ret_from_fork+0x116/0x1d0 [ 14.617988] ? __pfx_kthread+0x10/0x10 [ 14.618008] ret_from_fork_asm+0x1a/0x30 [ 14.618038] </TASK> [ 14.618050] [ 14.630771] The buggy address belongs to the physical page: [ 14.631453] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bc [ 14.631992] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.632528] flags: 0x200000000000040(head|node=0|zone=2) [ 14.632911] page_type: f8(unknown) [ 14.633619] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.633983] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.634640] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.635269] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.635643] head: 0200000000000002 ffffea00040e6f01 00000000ffffffff 00000000ffffffff [ 14.636130] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.636624] page dumped because: kasan: bad access detected [ 14.637021] [ 14.637341] Memory state around the buggy address: [ 14.637745] ffff8881039bbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.638356] ffff8881039bbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.638816] >ffff8881039bc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.639254] ^ [ 14.639621] ffff8881039bc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.639978] ffff8881039bc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.640449] ================================================================== [ 14.645404] ================================================================== [ 14.646031] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.646394] Free of addr ffff8881039f4000 by task kunit_try_catch/257 [ 14.646646] [ 14.646758] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.646810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.646823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.646850] Call Trace: [ 14.646864] <TASK> [ 14.646883] dump_stack_lvl+0x73/0xb0 [ 14.646915] print_report+0xd1/0x610 [ 14.646940] ? __virt_addr_valid+0x1db/0x2d0 [ 14.646968] ? kasan_addr_to_slab+0x11/0xa0 [ 14.646990] ? mempool_double_free_helper+0x184/0x370 [ 14.647116] kasan_report_invalid_free+0x10a/0x130 [ 14.647146] ? mempool_double_free_helper+0x184/0x370 [ 14.647173] ? mempool_double_free_helper+0x184/0x370 [ 14.647197] __kasan_mempool_poison_pages+0x115/0x130 [ 14.647223] mempool_free+0x290/0x380 [ 14.647253] mempool_double_free_helper+0x184/0x370 [ 14.647278] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.647305] ? __kasan_check_write+0x18/0x20 [ 14.647325] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.647349] ? finish_task_switch.isra.0+0x153/0x700 [ 14.647378] mempool_page_alloc_double_free+0xe8/0x140 [ 14.647404] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.647431] ? __kasan_check_write+0x18/0x20 [ 14.647453] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.647490] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.647518] ? __pfx_read_tsc+0x10/0x10 [ 14.647542] ? ktime_get_ts64+0x86/0x230 [ 14.647565] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.647594] kunit_try_run_case+0x1a5/0x480 [ 14.647622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.647648] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.647675] ? __kthread_parkme+0x82/0x180 [ 14.647697] ? preempt_count_sub+0x50/0x80 [ 14.647721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.647747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.647771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.647814] kthread+0x337/0x6f0 [ 14.647835] ? trace_preempt_on+0x20/0xc0 [ 14.647861] ? __pfx_kthread+0x10/0x10 [ 14.647881] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.647903] ? calculate_sigpending+0x7b/0xa0 [ 14.647929] ? __pfx_kthread+0x10/0x10 [ 14.647951] ret_from_fork+0x116/0x1d0 [ 14.647971] ? __pfx_kthread+0x10/0x10 [ 14.647992] ret_from_fork_asm+0x1a/0x30 [ 14.648025] </TASK> [ 14.648077] [ 14.657985] The buggy address belongs to the physical page: [ 14.658348] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.658764] flags: 0x200000000000000(node=0|zone=2) [ 14.659021] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.659340] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.659691] page dumped because: kasan: bad access detected [ 14.660032] [ 14.660109] Memory state around the buggy address: [ 14.660346] ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.660585] ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.660813] >ffff8881039f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.661040] ^ [ 14.661207] ffff8881039f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.661689] ffff8881039f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.662022] ================================================================== [ 14.574182] ================================================================== [ 14.574632] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 14.574894] Free of addr ffff888103249e00 by task kunit_try_catch/253 [ 14.575102] [ 14.575202] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.575252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.575265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.575288] Call Trace: [ 14.575301] <TASK> [ 14.575320] dump_stack_lvl+0x73/0xb0 [ 14.575351] print_report+0xd1/0x610 [ 14.575374] ? __virt_addr_valid+0x1db/0x2d0 [ 14.575399] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.575422] ? mempool_double_free_helper+0x184/0x370 [ 14.575445] kasan_report_invalid_free+0x10a/0x130 [ 14.576083] ? mempool_double_free_helper+0x184/0x370 [ 14.576129] ? mempool_double_free_helper+0x184/0x370 [ 14.576154] ? mempool_double_free_helper+0x184/0x370 [ 14.576179] check_slab_allocation+0x101/0x130 [ 14.576205] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.576230] mempool_free+0x2ec/0x380 [ 14.576260] mempool_double_free_helper+0x184/0x370 [ 14.576284] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.576311] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.576334] ? finish_task_switch.isra.0+0x153/0x700 [ 14.576361] mempool_kmalloc_double_free+0xed/0x140 [ 14.576385] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.576412] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.576435] ? __pfx_mempool_kfree+0x10/0x10 [ 14.576461] ? __pfx_read_tsc+0x10/0x10 [ 14.576494] ? ktime_get_ts64+0x86/0x230 [ 14.576520] kunit_try_run_case+0x1a5/0x480 [ 14.576547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.576570] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.576596] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.576620] ? __kthread_parkme+0x82/0x180 [ 14.576641] ? preempt_count_sub+0x50/0x80 [ 14.576665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.576689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.576712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.576737] kthread+0x337/0x6f0 [ 14.576756] ? trace_preempt_on+0x20/0xc0 [ 14.576796] ? __pfx_kthread+0x10/0x10 [ 14.576817] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.576838] ? calculate_sigpending+0x7b/0xa0 [ 14.576864] ? __pfx_kthread+0x10/0x10 [ 14.576886] ret_from_fork+0x116/0x1d0 [ 14.576905] ? __pfx_kthread+0x10/0x10 [ 14.576927] ret_from_fork_asm+0x1a/0x30 [ 14.576960] </TASK> [ 14.576971] [ 14.591563] Allocated by task 253: [ 14.591718] kasan_save_stack+0x45/0x70 [ 14.592061] kasan_save_track+0x18/0x40 [ 14.592418] kasan_save_alloc_info+0x3b/0x50 [ 14.593004] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.593555] remove_element+0x11e/0x190 [ 14.593969] mempool_alloc_preallocated+0x4d/0x90 [ 14.594484] mempool_double_free_helper+0x8a/0x370 [ 14.594843] mempool_kmalloc_double_free+0xed/0x140 [ 14.595416] kunit_try_run_case+0x1a5/0x480 [ 14.595664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.595879] kthread+0x337/0x6f0 [ 14.596195] ret_from_fork+0x116/0x1d0 [ 14.596616] ret_from_fork_asm+0x1a/0x30 [ 14.597014] [ 14.597229] Freed by task 253: [ 14.597561] kasan_save_stack+0x45/0x70 [ 14.597794] kasan_save_track+0x18/0x40 [ 14.597944] kasan_save_free_info+0x3f/0x60 [ 14.598249] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.598728] mempool_free+0x2ec/0x380 [ 14.599154] mempool_double_free_helper+0x109/0x370 [ 14.599533] mempool_kmalloc_double_free+0xed/0x140 [ 14.599707] kunit_try_run_case+0x1a5/0x480 [ 14.599899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.600427] kthread+0x337/0x6f0 [ 14.600753] ret_from_fork+0x116/0x1d0 [ 14.601182] ret_from_fork_asm+0x1a/0x30 [ 14.601570] [ 14.601737] The buggy address belongs to the object at ffff888103249e00 [ 14.601737] which belongs to the cache kmalloc-128 of size 128 [ 14.602607] The buggy address is located 0 bytes inside of [ 14.602607] 128-byte region [ffff888103249e00, ffff888103249e80) [ 14.602983] [ 14.603064] The buggy address belongs to the physical page: [ 14.603526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 14.604346] flags: 0x200000000000000(node=0|zone=2) [ 14.604887] page_type: f5(slab) [ 14.605240] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.605619] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.605951] page dumped because: kasan: bad access detected [ 14.606514] [ 14.606690] Memory state around the buggy address: [ 14.607274] ffff888103249d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.608195] ffff888103249d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.608857] >ffff888103249e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.609134] ^ [ 14.609466] ffff888103249e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.610231] ffff888103249f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.610872] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.544299] ================================================================== [ 14.545634] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.547253] Read of size 1 at addr ffff8881039f0000 by task kunit_try_catch/251 [ 14.547589] [ 14.547691] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.547744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.547756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.547790] Call Trace: [ 14.547805] <TASK> [ 14.547825] dump_stack_lvl+0x73/0xb0 [ 14.547863] print_report+0xd1/0x610 [ 14.547887] ? __virt_addr_valid+0x1db/0x2d0 [ 14.547911] ? mempool_uaf_helper+0x392/0x400 [ 14.547936] ? kasan_addr_to_slab+0x11/0xa0 [ 14.547959] ? mempool_uaf_helper+0x392/0x400 [ 14.547983] kasan_report+0x141/0x180 [ 14.548005] ? mempool_uaf_helper+0x392/0x400 [ 14.548033] __asan_report_load1_noabort+0x18/0x20 [ 14.548059] mempool_uaf_helper+0x392/0x400 [ 14.548082] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.548106] ? __kasan_check_write+0x18/0x20 [ 14.548127] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.548150] ? finish_task_switch.isra.0+0x153/0x700 [ 14.548176] mempool_page_alloc_uaf+0xed/0x140 [ 14.548201] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.548228] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.548255] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.548282] ? __pfx_read_tsc+0x10/0x10 [ 14.548304] ? ktime_get_ts64+0x86/0x230 [ 14.548329] kunit_try_run_case+0x1a5/0x480 [ 14.548354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.548377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.548403] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.548427] ? __kthread_parkme+0x82/0x180 [ 14.548449] ? preempt_count_sub+0x50/0x80 [ 14.548482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.548507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.548531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.548555] kthread+0x337/0x6f0 [ 14.548575] ? trace_preempt_on+0x20/0xc0 [ 14.548600] ? __pfx_kthread+0x10/0x10 [ 14.548621] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.548644] ? calculate_sigpending+0x7b/0xa0 [ 14.548669] ? __pfx_kthread+0x10/0x10 [ 14.548691] ret_from_fork+0x116/0x1d0 [ 14.548710] ? __pfx_kthread+0x10/0x10 [ 14.548731] ret_from_fork_asm+0x1a/0x30 [ 14.548762] </TASK> [ 14.548774] [ 14.563883] The buggy address belongs to the physical page: [ 14.564359] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f0 [ 14.564634] flags: 0x200000000000000(node=0|zone=2) [ 14.564869] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.565647] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.566434] page dumped because: kasan: bad access detected [ 14.566987] [ 14.567246] Memory state around the buggy address: [ 14.567699] ffff8881039eff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.568070] ffff8881039eff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.568299] >ffff8881039f0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.568536] ^ [ 14.568668] ffff8881039f0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.569146] ffff8881039f0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.569482] ================================================================== [ 14.487834] ================================================================== [ 14.488316] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.488675] Read of size 1 at addr ffff8881039b8000 by task kunit_try_catch/247 [ 14.489034] [ 14.489131] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.489181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.489194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.489218] Call Trace: [ 14.489231] <TASK> [ 14.489249] dump_stack_lvl+0x73/0xb0 [ 14.489281] print_report+0xd1/0x610 [ 14.489305] ? __virt_addr_valid+0x1db/0x2d0 [ 14.489330] ? mempool_uaf_helper+0x392/0x400 [ 14.489353] ? kasan_addr_to_slab+0x11/0xa0 [ 14.489375] ? mempool_uaf_helper+0x392/0x400 [ 14.489398] kasan_report+0x141/0x180 [ 14.489420] ? mempool_uaf_helper+0x392/0x400 [ 14.489448] __asan_report_load1_noabort+0x18/0x20 [ 14.489485] mempool_uaf_helper+0x392/0x400 [ 14.489509] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.489533] ? __kasan_check_write+0x18/0x20 [ 14.489553] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.489578] ? finish_task_switch.isra.0+0x153/0x700 [ 14.489606] mempool_kmalloc_large_uaf+0xef/0x140 [ 14.489632] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.489659] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.489685] ? __pfx_mempool_kfree+0x10/0x10 [ 14.489712] ? __pfx_read_tsc+0x10/0x10 [ 14.489734] ? ktime_get_ts64+0x86/0x230 [ 14.489761] kunit_try_run_case+0x1a5/0x480 [ 14.489846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.489871] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.489896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.489920] ? __kthread_parkme+0x82/0x180 [ 14.489943] ? preempt_count_sub+0x50/0x80 [ 14.489967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.489991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.490015] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.490040] kthread+0x337/0x6f0 [ 14.490060] ? trace_preempt_on+0x20/0xc0 [ 14.490085] ? __pfx_kthread+0x10/0x10 [ 14.490113] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.490135] ? calculate_sigpending+0x7b/0xa0 [ 14.490161] ? __pfx_kthread+0x10/0x10 [ 14.490183] ret_from_fork+0x116/0x1d0 [ 14.490203] ? __pfx_kthread+0x10/0x10 [ 14.490225] ret_from_fork_asm+0x1a/0x30 [ 14.490257] </TASK> [ 14.490269] [ 14.499517] The buggy address belongs to the physical page: [ 14.499730] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b8 [ 14.500532] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.500837] flags: 0x200000000000040(head|node=0|zone=2) [ 14.501092] page_type: f8(unknown) [ 14.501491] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.501817] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.502184] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.502521] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.502836] head: 0200000000000002 ffffea00040e6e01 00000000ffffffff 00000000ffffffff [ 14.503331] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.503592] page dumped because: kasan: bad access detected [ 14.503892] [ 14.504003] Memory state around the buggy address: [ 14.504366] ffff8881039b7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.504643] ffff8881039b7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.505143] >ffff8881039b8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.505414] ^ [ 14.505601] ffff8881039b8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.505921] ffff8881039b8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.506292] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.460045] ================================================================== [ 14.460557] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.461135] Read of size 1 at addr ffff8881029dfa00 by task kunit_try_catch/245 [ 14.461586] [ 14.461723] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.461777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.461789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.461815] Call Trace: [ 14.461828] <TASK> [ 14.461850] dump_stack_lvl+0x73/0xb0 [ 14.461887] print_report+0xd1/0x610 [ 14.461912] ? __virt_addr_valid+0x1db/0x2d0 [ 14.461939] ? mempool_uaf_helper+0x392/0x400 [ 14.461962] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.461986] ? mempool_uaf_helper+0x392/0x400 [ 14.462008] kasan_report+0x141/0x180 [ 14.462031] ? mempool_uaf_helper+0x392/0x400 [ 14.462119] __asan_report_load1_noabort+0x18/0x20 [ 14.462145] mempool_uaf_helper+0x392/0x400 [ 14.462168] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.462195] ? finish_task_switch.isra.0+0x153/0x700 [ 14.462225] mempool_kmalloc_uaf+0xef/0x140 [ 14.462247] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.462273] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.462300] ? __pfx_mempool_kfree+0x10/0x10 [ 14.462325] ? __pfx_read_tsc+0x10/0x10 [ 14.462348] ? ktime_get_ts64+0x86/0x230 [ 14.462375] kunit_try_run_case+0x1a5/0x480 [ 14.462402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.462425] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.462452] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.462488] ? __kthread_parkme+0x82/0x180 [ 14.462510] ? preempt_count_sub+0x50/0x80 [ 14.462534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.462558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.462582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.462606] kthread+0x337/0x6f0 [ 14.462626] ? trace_preempt_on+0x20/0xc0 [ 14.462652] ? __pfx_kthread+0x10/0x10 [ 14.462673] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.462695] ? calculate_sigpending+0x7b/0xa0 [ 14.462722] ? __pfx_kthread+0x10/0x10 [ 14.462744] ret_from_fork+0x116/0x1d0 [ 14.462763] ? __pfx_kthread+0x10/0x10 [ 14.462784] ret_from_fork_asm+0x1a/0x30 [ 14.462818] </TASK> [ 14.462829] [ 14.471779] Allocated by task 245: [ 14.471989] kasan_save_stack+0x45/0x70 [ 14.472353] kasan_save_track+0x18/0x40 [ 14.472554] kasan_save_alloc_info+0x3b/0x50 [ 14.472732] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.473152] remove_element+0x11e/0x190 [ 14.473334] mempool_alloc_preallocated+0x4d/0x90 [ 14.473519] mempool_uaf_helper+0x96/0x400 [ 14.473704] mempool_kmalloc_uaf+0xef/0x140 [ 14.473919] kunit_try_run_case+0x1a5/0x480 [ 14.474141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.474505] kthread+0x337/0x6f0 [ 14.474685] ret_from_fork+0x116/0x1d0 [ 14.474899] ret_from_fork_asm+0x1a/0x30 [ 14.475254] [ 14.475339] Freed by task 245: [ 14.475459] kasan_save_stack+0x45/0x70 [ 14.475624] kasan_save_track+0x18/0x40 [ 14.475768] kasan_save_free_info+0x3f/0x60 [ 14.475924] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.476404] mempool_free+0x2ec/0x380 [ 14.476621] mempool_uaf_helper+0x11a/0x400 [ 14.476902] mempool_kmalloc_uaf+0xef/0x140 [ 14.477241] kunit_try_run_case+0x1a5/0x480 [ 14.477458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.477651] kthread+0x337/0x6f0 [ 14.477778] ret_from_fork+0x116/0x1d0 [ 14.477918] ret_from_fork_asm+0x1a/0x30 [ 14.478064] [ 14.478174] The buggy address belongs to the object at ffff8881029dfa00 [ 14.478174] which belongs to the cache kmalloc-128 of size 128 [ 14.478754] The buggy address is located 0 bytes inside of [ 14.478754] freed 128-byte region [ffff8881029dfa00, ffff8881029dfa80) [ 14.479742] [ 14.479920] The buggy address belongs to the physical page: [ 14.480235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 14.480584] flags: 0x200000000000000(node=0|zone=2) [ 14.480792] page_type: f5(slab) [ 14.481038] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.481355] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.481737] page dumped because: kasan: bad access detected [ 14.481992] [ 14.482074] Memory state around the buggy address: [ 14.482309] ffff8881029df900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.482597] ffff8881029df980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.483167] >ffff8881029dfa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.483433] ^ [ 14.483574] ffff8881029dfa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.484129] ffff8881029dfb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.484412] ================================================================== [ 14.511805] ================================================================== [ 14.512407] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 14.512764] Read of size 1 at addr ffff88810326a240 by task kunit_try_catch/249 [ 14.513154] [ 14.513279] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.513329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.513341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.513364] Call Trace: [ 14.513376] <TASK> [ 14.513395] dump_stack_lvl+0x73/0xb0 [ 14.513427] print_report+0xd1/0x610 [ 14.513452] ? __virt_addr_valid+0x1db/0x2d0 [ 14.513488] ? mempool_uaf_helper+0x392/0x400 [ 14.513512] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.513535] ? mempool_uaf_helper+0x392/0x400 [ 14.513559] kasan_report+0x141/0x180 [ 14.513582] ? mempool_uaf_helper+0x392/0x400 [ 14.513611] __asan_report_load1_noabort+0x18/0x20 [ 14.513637] mempool_uaf_helper+0x392/0x400 [ 14.513660] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.513686] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.513708] ? finish_task_switch.isra.0+0x153/0x700 [ 14.513734] mempool_slab_uaf+0xea/0x140 [ 14.513758] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.513796] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.513823] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.513850] ? __pfx_read_tsc+0x10/0x10 [ 14.513872] ? ktime_get_ts64+0x86/0x230 [ 14.513897] kunit_try_run_case+0x1a5/0x480 [ 14.513924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.513948] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.513974] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.513998] ? __kthread_parkme+0x82/0x180 [ 14.514020] ? preempt_count_sub+0x50/0x80 [ 14.514044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.514071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.514096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.514129] kthread+0x337/0x6f0 [ 14.514150] ? trace_preempt_on+0x20/0xc0 [ 14.514174] ? __pfx_kthread+0x10/0x10 [ 14.514196] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.514219] ? calculate_sigpending+0x7b/0xa0 [ 14.514245] ? __pfx_kthread+0x10/0x10 [ 14.514267] ret_from_fork+0x116/0x1d0 [ 14.514286] ? __pfx_kthread+0x10/0x10 [ 14.514308] ret_from_fork_asm+0x1a/0x30 [ 14.514340] </TASK> [ 14.514351] [ 14.523679] Allocated by task 249: [ 14.523840] kasan_save_stack+0x45/0x70 [ 14.524089] kasan_save_track+0x18/0x40 [ 14.524268] kasan_save_alloc_info+0x3b/0x50 [ 14.524456] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.524700] remove_element+0x11e/0x190 [ 14.525134] mempool_alloc_preallocated+0x4d/0x90 [ 14.525360] mempool_uaf_helper+0x96/0x400 [ 14.525552] mempool_slab_uaf+0xea/0x140 [ 14.525756] kunit_try_run_case+0x1a5/0x480 [ 14.525914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.526191] kthread+0x337/0x6f0 [ 14.526322] ret_from_fork+0x116/0x1d0 [ 14.526585] ret_from_fork_asm+0x1a/0x30 [ 14.526816] [ 14.526914] Freed by task 249: [ 14.527035] kasan_save_stack+0x45/0x70 [ 14.527182] kasan_save_track+0x18/0x40 [ 14.527326] kasan_save_free_info+0x3f/0x60 [ 14.527492] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.527678] mempool_free+0x2ec/0x380 [ 14.527920] mempool_uaf_helper+0x11a/0x400 [ 14.528151] mempool_slab_uaf+0xea/0x140 [ 14.528356] kunit_try_run_case+0x1a5/0x480 [ 14.528578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.528962] kthread+0x337/0x6f0 [ 14.529142] ret_from_fork+0x116/0x1d0 [ 14.529317] ret_from_fork_asm+0x1a/0x30 [ 14.529477] [ 14.529554] The buggy address belongs to the object at ffff88810326a240 [ 14.529554] which belongs to the cache test_cache of size 123 [ 14.529935] The buggy address is located 0 bytes inside of [ 14.529935] freed 123-byte region [ffff88810326a240, ffff88810326a2bb) [ 14.530696] [ 14.530818] The buggy address belongs to the physical page: [ 14.531177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10326a [ 14.531568] flags: 0x200000000000000(node=0|zone=2) [ 14.531853] page_type: f5(slab) [ 14.532025] raw: 0200000000000000 ffff8881032603c0 dead000000000122 0000000000000000 [ 14.532331] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.532585] page dumped because: kasan: bad access detected [ 14.532800] [ 14.532897] Memory state around the buggy address: [ 14.533277] ffff88810326a100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.533617] ffff88810326a180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.534259] >ffff88810326a200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.534507] ^ [ 14.534743] ffff88810326a280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.535429] ffff88810326a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.535753] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.420405] ================================================================== [ 14.420948] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.421581] Read of size 1 at addr ffff8881032682bb by task kunit_try_catch/243 [ 14.422041] [ 14.422168] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.422218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.422230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.422253] Call Trace: [ 14.422267] <TASK> [ 14.422285] dump_stack_lvl+0x73/0xb0 [ 14.422320] print_report+0xd1/0x610 [ 14.422346] ? __virt_addr_valid+0x1db/0x2d0 [ 14.422372] ? mempool_oob_right_helper+0x318/0x380 [ 14.422395] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.422418] ? mempool_oob_right_helper+0x318/0x380 [ 14.422443] kasan_report+0x141/0x180 [ 14.422465] ? mempool_oob_right_helper+0x318/0x380 [ 14.422507] __asan_report_load1_noabort+0x18/0x20 [ 14.422532] mempool_oob_right_helper+0x318/0x380 [ 14.422557] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.422584] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.422607] ? finish_task_switch.isra.0+0x153/0x700 [ 14.422634] mempool_slab_oob_right+0xed/0x140 [ 14.422658] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.422686] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.422712] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.422738] ? __pfx_read_tsc+0x10/0x10 [ 14.422759] ? ktime_get_ts64+0x86/0x230 [ 14.422785] kunit_try_run_case+0x1a5/0x480 [ 14.422812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.422835] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.422861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.422885] ? __kthread_parkme+0x82/0x180 [ 14.422909] ? preempt_count_sub+0x50/0x80 [ 14.422932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.422957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.422980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.423005] kthread+0x337/0x6f0 [ 14.423024] ? trace_preempt_on+0x20/0xc0 [ 14.423065] ? __pfx_kthread+0x10/0x10 [ 14.423086] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.423109] ? calculate_sigpending+0x7b/0xa0 [ 14.423134] ? __pfx_kthread+0x10/0x10 [ 14.423156] ret_from_fork+0x116/0x1d0 [ 14.423176] ? __pfx_kthread+0x10/0x10 [ 14.423197] ret_from_fork_asm+0x1a/0x30 [ 14.423230] </TASK> [ 14.423240] [ 14.434682] Allocated by task 243: [ 14.435201] kasan_save_stack+0x45/0x70 [ 14.435419] kasan_save_track+0x18/0x40 [ 14.435631] kasan_save_alloc_info+0x3b/0x50 [ 14.436246] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.436609] remove_element+0x11e/0x190 [ 14.436914] mempool_alloc_preallocated+0x4d/0x90 [ 14.437285] mempool_oob_right_helper+0x8a/0x380 [ 14.437614] mempool_slab_oob_right+0xed/0x140 [ 14.437823] kunit_try_run_case+0x1a5/0x480 [ 14.438036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.438499] kthread+0x337/0x6f0 [ 14.438660] ret_from_fork+0x116/0x1d0 [ 14.439104] ret_from_fork_asm+0x1a/0x30 [ 14.439306] [ 14.439387] The buggy address belongs to the object at ffff888103268240 [ 14.439387] which belongs to the cache test_cache of size 123 [ 14.440205] The buggy address is located 0 bytes to the right of [ 14.440205] allocated 123-byte region [ffff888103268240, ffff8881032682bb) [ 14.440906] [ 14.441026] The buggy address belongs to the physical page: [ 14.441278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103268 [ 14.441630] flags: 0x200000000000000(node=0|zone=2) [ 14.441896] page_type: f5(slab) [ 14.442595] raw: 0200000000000000 ffff888103260280 dead000000000122 0000000000000000 [ 14.442964] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.443567] page dumped because: kasan: bad access detected [ 14.443971] [ 14.444129] Memory state around the buggy address: [ 14.444328] ffff888103268180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.444654] ffff888103268200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.445230] >ffff888103268280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.445516] ^ [ 14.445964] ffff888103268300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.446520] ffff888103268380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.446868] ================================================================== [ 14.393642] ================================================================== [ 14.394343] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.394665] Read of size 1 at addr ffff8881038d6001 by task kunit_try_catch/241 [ 14.395016] [ 14.395136] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.395187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.395199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.395224] Call Trace: [ 14.395236] <TASK> [ 14.395254] dump_stack_lvl+0x73/0xb0 [ 14.395287] print_report+0xd1/0x610 [ 14.395311] ? __virt_addr_valid+0x1db/0x2d0 [ 14.395356] ? mempool_oob_right_helper+0x318/0x380 [ 14.395381] ? kasan_addr_to_slab+0x11/0xa0 [ 14.395402] ? mempool_oob_right_helper+0x318/0x380 [ 14.395426] kasan_report+0x141/0x180 [ 14.395449] ? mempool_oob_right_helper+0x318/0x380 [ 14.395487] __asan_report_load1_noabort+0x18/0x20 [ 14.395513] mempool_oob_right_helper+0x318/0x380 [ 14.395537] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.395565] ? finish_task_switch.isra.0+0x153/0x700 [ 14.395593] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 14.395618] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.395646] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.395671] ? __pfx_mempool_kfree+0x10/0x10 [ 14.395697] ? __pfx_read_tsc+0x10/0x10 [ 14.395718] ? ktime_get_ts64+0x86/0x230 [ 14.395762] kunit_try_run_case+0x1a5/0x480 [ 14.395789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.395812] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.395837] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.395862] ? __kthread_parkme+0x82/0x180 [ 14.395882] ? preempt_count_sub+0x50/0x80 [ 14.395905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.395930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.395954] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.395978] kthread+0x337/0x6f0 [ 14.395998] ? trace_preempt_on+0x20/0xc0 [ 14.396053] ? __pfx_kthread+0x10/0x10 [ 14.396075] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.396098] ? calculate_sigpending+0x7b/0xa0 [ 14.396122] ? __pfx_kthread+0x10/0x10 [ 14.396144] ret_from_fork+0x116/0x1d0 [ 14.396164] ? __pfx_kthread+0x10/0x10 [ 14.396184] ret_from_fork_asm+0x1a/0x30 [ 14.396216] </TASK> [ 14.396226] [ 14.407622] The buggy address belongs to the physical page: [ 14.407856] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d4 [ 14.408800] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.409154] flags: 0x200000000000040(head|node=0|zone=2) [ 14.409585] page_type: f8(unknown) [ 14.409830] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.410308] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.410754] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.411055] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.411668] head: 0200000000000002 ffffea00040e3501 00000000ffffffff 00000000ffffffff [ 14.412126] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.412556] page dumped because: kasan: bad access detected [ 14.412900] [ 14.412985] Memory state around the buggy address: [ 14.413609] ffff8881038d5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.413973] ffff8881038d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.414363] >ffff8881038d6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.414703] ^ [ 14.415120] ffff8881038d6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.415457] ffff8881038d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.415886] ================================================================== [ 14.363852] ================================================================== [ 14.364257] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 14.365294] Read of size 1 at addr ffff888103249a73 by task kunit_try_catch/239 [ 14.365592] [ 14.365701] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.365757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.365769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.365794] Call Trace: [ 14.365809] <TASK> [ 14.365830] dump_stack_lvl+0x73/0xb0 [ 14.365867] print_report+0xd1/0x610 [ 14.365892] ? __virt_addr_valid+0x1db/0x2d0 [ 14.365919] ? mempool_oob_right_helper+0x318/0x380 [ 14.365945] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.365968] ? mempool_oob_right_helper+0x318/0x380 [ 14.365992] kasan_report+0x141/0x180 [ 14.366014] ? mempool_oob_right_helper+0x318/0x380 [ 14.366043] __asan_report_load1_noabort+0x18/0x20 [ 14.366084] mempool_oob_right_helper+0x318/0x380 [ 14.366113] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.366139] ? __kasan_check_write+0x18/0x20 [ 14.366158] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.366183] ? finish_task_switch.isra.0+0x153/0x700 [ 14.366210] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.366234] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 14.366260] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.366288] ? __pfx_mempool_kfree+0x10/0x10 [ 14.366313] ? __pfx_read_tsc+0x10/0x10 [ 14.366336] ? ktime_get_ts64+0x86/0x230 [ 14.366361] kunit_try_run_case+0x1a5/0x480 [ 14.366390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.366412] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.366439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.366462] ? __kthread_parkme+0x82/0x180 [ 14.366495] ? preempt_count_sub+0x50/0x80 [ 14.366518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.366542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.366566] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.366589] kthread+0x337/0x6f0 [ 14.366609] ? trace_preempt_on+0x20/0xc0 [ 14.366634] ? __pfx_kthread+0x10/0x10 [ 14.366656] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.366678] ? calculate_sigpending+0x7b/0xa0 [ 14.366704] ? __pfx_kthread+0x10/0x10 [ 14.366725] ret_from_fork+0x116/0x1d0 [ 14.366745] ? __pfx_kthread+0x10/0x10 [ 14.366765] ret_from_fork_asm+0x1a/0x30 [ 14.366814] </TASK> [ 14.366825] [ 14.378039] Allocated by task 239: [ 14.378562] kasan_save_stack+0x45/0x70 [ 14.378797] kasan_save_track+0x18/0x40 [ 14.379208] kasan_save_alloc_info+0x3b/0x50 [ 14.379383] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.379664] remove_element+0x11e/0x190 [ 14.379858] mempool_alloc_preallocated+0x4d/0x90 [ 14.380423] mempool_oob_right_helper+0x8a/0x380 [ 14.380733] mempool_kmalloc_oob_right+0xf2/0x150 [ 14.380989] kunit_try_run_case+0x1a5/0x480 [ 14.381392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.381747] kthread+0x337/0x6f0 [ 14.381922] ret_from_fork+0x116/0x1d0 [ 14.382091] ret_from_fork_asm+0x1a/0x30 [ 14.382414] [ 14.382530] The buggy address belongs to the object at ffff888103249a00 [ 14.382530] which belongs to the cache kmalloc-128 of size 128 [ 14.383400] The buggy address is located 0 bytes to the right of [ 14.383400] allocated 115-byte region [ffff888103249a00, ffff888103249a73) [ 14.384228] [ 14.384333] The buggy address belongs to the physical page: [ 14.384598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 14.385270] flags: 0x200000000000000(node=0|zone=2) [ 14.385495] page_type: f5(slab) [ 14.385670] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.386250] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.386601] page dumped because: kasan: bad access detected [ 14.386877] [ 14.387055] Memory state around the buggy address: [ 14.387306] ffff888103249900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.387743] ffff888103249980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.388260] >ffff888103249a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.388536] ^ [ 14.389136] ffff888103249a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.389561] ffff888103249b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.389899] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.794582] ================================================================== [ 13.795650] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.796159] Read of size 1 at addr ffff888100fc9dc0 by task kunit_try_catch/233 [ 13.797257] [ 13.797722] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.797780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.797793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.797819] Call Trace: [ 13.797837] <TASK> [ 13.797858] dump_stack_lvl+0x73/0xb0 [ 13.797922] print_report+0xd1/0x610 [ 13.797948] ? __virt_addr_valid+0x1db/0x2d0 [ 13.797974] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.797999] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.798022] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.798048] kasan_report+0x141/0x180 [ 13.798071] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.798099] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.798134] __kasan_check_byte+0x3d/0x50 [ 13.798157] kmem_cache_destroy+0x25/0x1d0 [ 13.798183] kmem_cache_double_destroy+0x1bf/0x380 [ 13.798208] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.798233] ? finish_task_switch.isra.0+0x153/0x700 [ 13.798257] ? __switch_to+0x47/0xf50 [ 13.798287] ? __pfx_read_tsc+0x10/0x10 [ 13.798310] ? ktime_get_ts64+0x86/0x230 [ 13.798335] kunit_try_run_case+0x1a5/0x480 [ 13.798362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.798385] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.798411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.798436] ? __kthread_parkme+0x82/0x180 [ 13.798458] ? preempt_count_sub+0x50/0x80 [ 13.798493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.798518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.798542] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.798566] kthread+0x337/0x6f0 [ 13.798587] ? trace_preempt_on+0x20/0xc0 [ 13.798612] ? __pfx_kthread+0x10/0x10 [ 13.798633] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.798657] ? calculate_sigpending+0x7b/0xa0 [ 13.798682] ? __pfx_kthread+0x10/0x10 [ 13.798703] ret_from_fork+0x116/0x1d0 [ 13.798723] ? __pfx_kthread+0x10/0x10 [ 13.798743] ret_from_fork_asm+0x1a/0x30 [ 13.798777] </TASK> [ 13.798788] [ 13.808171] Allocated by task 233: [ 13.808314] kasan_save_stack+0x45/0x70 [ 13.808604] kasan_save_track+0x18/0x40 [ 13.808883] kasan_save_alloc_info+0x3b/0x50 [ 13.809153] __kasan_slab_alloc+0x91/0xa0 [ 13.809355] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.809687] __kmem_cache_create_args+0x169/0x240 [ 13.810013] kmem_cache_double_destroy+0xd5/0x380 [ 13.810186] kunit_try_run_case+0x1a5/0x480 [ 13.810341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.810731] kthread+0x337/0x6f0 [ 13.811169] ret_from_fork+0x116/0x1d0 [ 13.811374] ret_from_fork_asm+0x1a/0x30 [ 13.811594] [ 13.811694] Freed by task 233: [ 13.811957] kasan_save_stack+0x45/0x70 [ 13.812260] kasan_save_track+0x18/0x40 [ 13.812465] kasan_save_free_info+0x3f/0x60 [ 13.812710] __kasan_slab_free+0x56/0x70 [ 13.812980] kmem_cache_free+0x249/0x420 [ 13.813260] slab_kmem_cache_release+0x2e/0x40 [ 13.813427] kmem_cache_release+0x16/0x20 [ 13.813646] kobject_put+0x181/0x450 [ 13.813834] sysfs_slab_release+0x16/0x20 [ 13.814210] kmem_cache_destroy+0xf0/0x1d0 [ 13.814602] kmem_cache_double_destroy+0x14e/0x380 [ 13.814786] kunit_try_run_case+0x1a5/0x480 [ 13.815079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.815505] kthread+0x337/0x6f0 [ 13.815686] ret_from_fork+0x116/0x1d0 [ 13.815920] ret_from_fork_asm+0x1a/0x30 [ 13.816120] [ 13.816303] The buggy address belongs to the object at ffff888100fc9dc0 [ 13.816303] which belongs to the cache kmem_cache of size 208 [ 13.816818] The buggy address is located 0 bytes inside of [ 13.816818] freed 208-byte region [ffff888100fc9dc0, ffff888100fc9e90) [ 13.817540] [ 13.817697] The buggy address belongs to the physical page: [ 13.817914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fc9 [ 13.818376] flags: 0x200000000000000(node=0|zone=2) [ 13.818872] page_type: f5(slab) [ 13.819120] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.819496] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.819885] page dumped because: kasan: bad access detected [ 13.820283] [ 13.820392] Memory state around the buggy address: [ 13.820661] ffff888100fc9c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.821033] ffff888100fc9d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.821456] >ffff888100fc9d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.821834] ^ [ 13.822150] ffff888100fc9e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.822616] ffff888100fc9e80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.823212] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.741419] ================================================================== [ 13.741936] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.742311] Read of size 1 at addr ffff888103263000 by task kunit_try_catch/231 [ 13.742638] [ 13.742756] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.742806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.742818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.742841] Call Trace: [ 13.742855] <TASK> [ 13.742872] dump_stack_lvl+0x73/0xb0 [ 13.742905] print_report+0xd1/0x610 [ 13.742928] ? __virt_addr_valid+0x1db/0x2d0 [ 13.742952] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.742975] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.742996] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.743503] kasan_report+0x141/0x180 [ 13.743533] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.743562] __asan_report_load1_noabort+0x18/0x20 [ 13.743586] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.743609] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.743632] ? finish_task_switch.isra.0+0x153/0x700 [ 13.743658] ? __switch_to+0x47/0xf50 [ 13.743689] ? __pfx_read_tsc+0x10/0x10 [ 13.743711] ? ktime_get_ts64+0x86/0x230 [ 13.743737] kunit_try_run_case+0x1a5/0x480 [ 13.743763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.743801] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.743827] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.743851] ? __kthread_parkme+0x82/0x180 [ 13.743873] ? preempt_count_sub+0x50/0x80 [ 13.743895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.743919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.744195] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.744221] kthread+0x337/0x6f0 [ 13.744242] ? trace_preempt_on+0x20/0xc0 [ 13.744269] ? __pfx_kthread+0x10/0x10 [ 13.744290] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.744313] ? calculate_sigpending+0x7b/0xa0 [ 13.744339] ? __pfx_kthread+0x10/0x10 [ 13.744360] ret_from_fork+0x116/0x1d0 [ 13.744380] ? __pfx_kthread+0x10/0x10 [ 13.744402] ret_from_fork_asm+0x1a/0x30 [ 13.744433] </TASK> [ 13.744445] [ 13.754352] Allocated by task 231: [ 13.754569] kasan_save_stack+0x45/0x70 [ 13.754780] kasan_save_track+0x18/0x40 [ 13.755385] kasan_save_alloc_info+0x3b/0x50 [ 13.755579] __kasan_slab_alloc+0x91/0xa0 [ 13.755883] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.756281] kmem_cache_rcu_uaf+0x155/0x510 [ 13.756510] kunit_try_run_case+0x1a5/0x480 [ 13.756709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.757282] kthread+0x337/0x6f0 [ 13.757422] ret_from_fork+0x116/0x1d0 [ 13.757716] ret_from_fork_asm+0x1a/0x30 [ 13.757927] [ 13.758004] Freed by task 0: [ 13.758176] kasan_save_stack+0x45/0x70 [ 13.758484] kasan_save_track+0x18/0x40 [ 13.758634] kasan_save_free_info+0x3f/0x60 [ 13.758881] __kasan_slab_free+0x56/0x70 [ 13.759437] slab_free_after_rcu_debug+0xe4/0x310 [ 13.759751] rcu_core+0x66f/0x1c40 [ 13.759916] rcu_core_si+0x12/0x20 [ 13.760455] handle_softirqs+0x209/0x730 [ 13.760679] __irq_exit_rcu+0xc9/0x110 [ 13.760825] irq_exit_rcu+0x12/0x20 [ 13.761013] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.761526] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.761831] [ 13.761917] Last potentially related work creation: [ 13.762252] kasan_save_stack+0x45/0x70 [ 13.762438] kasan_record_aux_stack+0xb2/0xc0 [ 13.762650] kmem_cache_free+0x131/0x420 [ 13.763120] kmem_cache_rcu_uaf+0x194/0x510 [ 13.763339] kunit_try_run_case+0x1a5/0x480 [ 13.763554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.763964] kthread+0x337/0x6f0 [ 13.764171] ret_from_fork+0x116/0x1d0 [ 13.764405] ret_from_fork_asm+0x1a/0x30 [ 13.764629] [ 13.764723] The buggy address belongs to the object at ffff888103263000 [ 13.764723] which belongs to the cache test_cache of size 200 [ 13.765518] The buggy address is located 0 bytes inside of [ 13.765518] freed 200-byte region [ffff888103263000, ffff8881032630c8) [ 13.766369] [ 13.766491] The buggy address belongs to the physical page: [ 13.766897] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103263 [ 13.767292] flags: 0x200000000000000(node=0|zone=2) [ 13.767558] page_type: f5(slab) [ 13.767701] raw: 0200000000000000 ffff888103260000 dead000000000122 0000000000000000 [ 13.768054] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.768444] page dumped because: kasan: bad access detected [ 13.768673] [ 13.768771] Memory state around the buggy address: [ 13.768988] ffff888103262f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.769294] ffff888103262f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.769625] >ffff888103263000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.770112] ^ [ 13.770328] ffff888103263080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.770563] ffff888103263100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.770937] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.673980] ================================================================== [ 13.674679] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.675201] Free of addr ffff8881038aa001 by task kunit_try_catch/229 [ 13.675827] [ 13.676123] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.676178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.676190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.676213] Call Trace: [ 13.676226] <TASK> [ 13.676244] dump_stack_lvl+0x73/0xb0 [ 13.676277] print_report+0xd1/0x610 [ 13.676300] ? __virt_addr_valid+0x1db/0x2d0 [ 13.676324] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.676346] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.676372] kasan_report_invalid_free+0x10a/0x130 [ 13.676396] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.676423] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.676448] check_slab_allocation+0x11f/0x130 [ 13.676483] __kasan_slab_pre_free+0x28/0x40 [ 13.676595] kmem_cache_free+0xed/0x420 [ 13.676620] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.676640] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.676667] kmem_cache_invalid_free+0x1d8/0x460 [ 13.676692] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.676716] ? finish_task_switch.isra.0+0x153/0x700 [ 13.676739] ? __switch_to+0x47/0xf50 [ 13.676767] ? __pfx_read_tsc+0x10/0x10 [ 13.676790] ? ktime_get_ts64+0x86/0x230 [ 13.676815] kunit_try_run_case+0x1a5/0x480 [ 13.676842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.676864] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.676889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.676912] ? __kthread_parkme+0x82/0x180 [ 13.676934] ? preempt_count_sub+0x50/0x80 [ 13.676956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.676980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.677003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.677026] kthread+0x337/0x6f0 [ 13.677057] ? trace_preempt_on+0x20/0xc0 [ 13.677081] ? __pfx_kthread+0x10/0x10 [ 13.677101] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.677123] ? calculate_sigpending+0x7b/0xa0 [ 13.677148] ? __pfx_kthread+0x10/0x10 [ 13.677169] ret_from_fork+0x116/0x1d0 [ 13.677188] ? __pfx_kthread+0x10/0x10 [ 13.677208] ret_from_fork_asm+0x1a/0x30 [ 13.677239] </TASK> [ 13.677248] [ 13.689546] Allocated by task 229: [ 13.689728] kasan_save_stack+0x45/0x70 [ 13.690016] kasan_save_track+0x18/0x40 [ 13.690317] kasan_save_alloc_info+0x3b/0x50 [ 13.690539] __kasan_slab_alloc+0x91/0xa0 [ 13.690751] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.691317] kmem_cache_invalid_free+0x157/0x460 [ 13.691549] kunit_try_run_case+0x1a5/0x480 [ 13.691926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.692355] kthread+0x337/0x6f0 [ 13.692557] ret_from_fork+0x116/0x1d0 [ 13.692859] ret_from_fork_asm+0x1a/0x30 [ 13.693132] [ 13.693229] The buggy address belongs to the object at ffff8881038aa000 [ 13.693229] which belongs to the cache test_cache of size 200 [ 13.693726] The buggy address is located 1 bytes inside of [ 13.693726] 200-byte region [ffff8881038aa000, ffff8881038aa0c8) [ 13.694800] [ 13.694894] The buggy address belongs to the physical page: [ 13.695209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038aa [ 13.695769] flags: 0x200000000000000(node=0|zone=2) [ 13.696115] page_type: f5(slab) [ 13.696353] raw: 0200000000000000 ffff888100fc9c80 dead000000000122 0000000000000000 [ 13.696795] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.697260] page dumped because: kasan: bad access detected [ 13.697503] [ 13.697743] Memory state around the buggy address: [ 13.697937] ffff8881038a9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.698545] ffff8881038a9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.698912] >ffff8881038aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.699504] ^ [ 13.699651] ffff8881038aa080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.700132] ffff8881038aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.700394] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.631976] ================================================================== [ 13.632677] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.633026] Free of addr ffff88810325f000 by task kunit_try_catch/227 [ 13.633458] [ 13.633569] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.633616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.633628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.633650] Call Trace: [ 13.633662] <TASK> [ 13.633679] dump_stack_lvl+0x73/0xb0 [ 13.633711] print_report+0xd1/0x610 [ 13.633734] ? __virt_addr_valid+0x1db/0x2d0 [ 13.633758] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.633779] ? kmem_cache_double_free+0x1e5/0x480 [ 13.633805] kasan_report_invalid_free+0x10a/0x130 [ 13.633854] ? kmem_cache_double_free+0x1e5/0x480 [ 13.633880] ? kmem_cache_double_free+0x1e5/0x480 [ 13.633946] check_slab_allocation+0x101/0x130 [ 13.633968] __kasan_slab_pre_free+0x28/0x40 [ 13.633989] kmem_cache_free+0xed/0x420 [ 13.634009] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.634030] ? kmem_cache_double_free+0x1e5/0x480 [ 13.634069] kmem_cache_double_free+0x1e5/0x480 [ 13.634094] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.634122] ? finish_task_switch.isra.0+0x153/0x700 [ 13.634145] ? __switch_to+0x47/0xf50 [ 13.634174] ? __pfx_read_tsc+0x10/0x10 [ 13.634195] ? ktime_get_ts64+0x86/0x230 [ 13.634219] kunit_try_run_case+0x1a5/0x480 [ 13.634244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.634266] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.634291] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.634314] ? __kthread_parkme+0x82/0x180 [ 13.634355] ? preempt_count_sub+0x50/0x80 [ 13.634378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.634403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.634426] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.634476] kthread+0x337/0x6f0 [ 13.634497] ? trace_preempt_on+0x20/0xc0 [ 13.634521] ? __pfx_kthread+0x10/0x10 [ 13.634541] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.634564] ? calculate_sigpending+0x7b/0xa0 [ 13.634588] ? __pfx_kthread+0x10/0x10 [ 13.634609] ret_from_fork+0x116/0x1d0 [ 13.634627] ? __pfx_kthread+0x10/0x10 [ 13.634648] ret_from_fork_asm+0x1a/0x30 [ 13.634678] </TASK> [ 13.634688] [ 13.649149] Allocated by task 227: [ 13.649691] kasan_save_stack+0x45/0x70 [ 13.650338] kasan_save_track+0x18/0x40 [ 13.651022] kasan_save_alloc_info+0x3b/0x50 [ 13.651558] __kasan_slab_alloc+0x91/0xa0 [ 13.652173] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.652822] kmem_cache_double_free+0x14f/0x480 [ 13.653383] kunit_try_run_case+0x1a5/0x480 [ 13.653564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.653751] kthread+0x337/0x6f0 [ 13.654576] ret_from_fork+0x116/0x1d0 [ 13.655194] ret_from_fork_asm+0x1a/0x30 [ 13.655794] [ 13.656150] Freed by task 227: [ 13.656699] kasan_save_stack+0x45/0x70 [ 13.657324] kasan_save_track+0x18/0x40 [ 13.657550] kasan_save_free_info+0x3f/0x60 [ 13.657773] __kasan_slab_free+0x56/0x70 [ 13.657968] kmem_cache_free+0x249/0x420 [ 13.658172] kmem_cache_double_free+0x16a/0x480 [ 13.658412] kunit_try_run_case+0x1a5/0x480 [ 13.658637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.658884] kthread+0x337/0x6f0 [ 13.659054] ret_from_fork+0x116/0x1d0 [ 13.659243] ret_from_fork_asm+0x1a/0x30 [ 13.659458] [ 13.659667] The buggy address belongs to the object at ffff88810325f000 [ 13.659667] which belongs to the cache test_cache of size 200 [ 13.660183] The buggy address is located 0 bytes inside of [ 13.660183] 200-byte region [ffff88810325f000, ffff88810325f0c8) [ 13.660846] [ 13.661014] The buggy address belongs to the physical page: [ 13.661386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10325f [ 13.661747] flags: 0x200000000000000(node=0|zone=2) [ 13.662145] page_type: f5(slab) [ 13.662303] raw: 0200000000000000 ffff888101c4edc0 dead000000000122 0000000000000000 [ 13.662700] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.663179] page dumped because: kasan: bad access detected [ 13.663486] [ 13.663622] Memory state around the buggy address: [ 13.663869] ffff88810325ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.664338] ffff88810325ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.664710] >ffff88810325f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.665148] ^ [ 13.665366] ffff88810325f080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.665698] ffff88810325f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.666149] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.595447] ================================================================== [ 13.595959] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 13.596426] Read of size 1 at addr ffff8881038a60c8 by task kunit_try_catch/225 [ 13.596806] [ 13.596934] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.596985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.596997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.597020] Call Trace: [ 13.597071] <TASK> [ 13.597093] dump_stack_lvl+0x73/0xb0 [ 13.597127] print_report+0xd1/0x610 [ 13.597178] ? __virt_addr_valid+0x1db/0x2d0 [ 13.597203] ? kmem_cache_oob+0x402/0x530 [ 13.597226] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.597249] ? kmem_cache_oob+0x402/0x530 [ 13.597273] kasan_report+0x141/0x180 [ 13.597295] ? kmem_cache_oob+0x402/0x530 [ 13.597341] __asan_report_load1_noabort+0x18/0x20 [ 13.597366] kmem_cache_oob+0x402/0x530 [ 13.597389] ? trace_hardirqs_on+0x37/0xe0 [ 13.597413] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.597436] ? finish_task_switch.isra.0+0x153/0x700 [ 13.597460] ? __switch_to+0x47/0xf50 [ 13.597501] ? __pfx_read_tsc+0x10/0x10 [ 13.597523] ? ktime_get_ts64+0x86/0x230 [ 13.597549] kunit_try_run_case+0x1a5/0x480 [ 13.597574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.597616] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.597642] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.597665] ? __kthread_parkme+0x82/0x180 [ 13.597702] ? preempt_count_sub+0x50/0x80 [ 13.597725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.597749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.597773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.597807] kthread+0x337/0x6f0 [ 13.597827] ? trace_preempt_on+0x20/0xc0 [ 13.597849] ? __pfx_kthread+0x10/0x10 [ 13.597871] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.597892] ? calculate_sigpending+0x7b/0xa0 [ 13.597917] ? __pfx_kthread+0x10/0x10 [ 13.597939] ret_from_fork+0x116/0x1d0 [ 13.597957] ? __pfx_kthread+0x10/0x10 [ 13.597978] ret_from_fork_asm+0x1a/0x30 [ 13.598008] </TASK> [ 13.598018] [ 13.606466] Allocated by task 225: [ 13.606673] kasan_save_stack+0x45/0x70 [ 13.606928] kasan_save_track+0x18/0x40 [ 13.607300] kasan_save_alloc_info+0x3b/0x50 [ 13.607565] __kasan_slab_alloc+0x91/0xa0 [ 13.607714] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.608156] kmem_cache_oob+0x157/0x530 [ 13.608556] kunit_try_run_case+0x1a5/0x480 [ 13.608783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.609051] kthread+0x337/0x6f0 [ 13.609275] ret_from_fork+0x116/0x1d0 [ 13.609453] ret_from_fork_asm+0x1a/0x30 [ 13.609691] [ 13.609792] The buggy address belongs to the object at ffff8881038a6000 [ 13.609792] which belongs to the cache test_cache of size 200 [ 13.610377] The buggy address is located 0 bytes to the right of [ 13.610377] allocated 200-byte region [ffff8881038a6000, ffff8881038a60c8) [ 13.610959] [ 13.611060] The buggy address belongs to the physical page: [ 13.611334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038a6 [ 13.611700] flags: 0x200000000000000(node=0|zone=2) [ 13.611939] page_type: f5(slab) [ 13.612091] raw: 0200000000000000 ffff888100fc9b40 dead000000000122 0000000000000000 [ 13.612322] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.612793] page dumped because: kasan: bad access detected [ 13.613088] [ 13.613210] Memory state around the buggy address: [ 13.613445] ffff8881038a5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.613882] ffff8881038a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.614346] >ffff8881038a6080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.614642] ^ [ 13.615113] ffff8881038a6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.615431] ffff8881038a6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.615782] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.553539] ================================================================== [ 13.554179] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 13.554525] Read of size 8 at addr ffff88810389fc40 by task kunit_try_catch/218 [ 13.554855] [ 13.554999] CPU: 1 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.555047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.555058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.555081] Call Trace: [ 13.555094] <TASK> [ 13.555111] dump_stack_lvl+0x73/0xb0 [ 13.555142] print_report+0xd1/0x610 [ 13.555166] ? __virt_addr_valid+0x1db/0x2d0 [ 13.555271] ? workqueue_uaf+0x4d6/0x560 [ 13.555293] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.555315] ? workqueue_uaf+0x4d6/0x560 [ 13.555337] kasan_report+0x141/0x180 [ 13.555359] ? workqueue_uaf+0x4d6/0x560 [ 13.555386] __asan_report_load8_noabort+0x18/0x20 [ 13.555410] workqueue_uaf+0x4d6/0x560 [ 13.555432] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.555455] ? __schedule+0x10c6/0x2b60 [ 13.555492] ? __pfx_read_tsc+0x10/0x10 [ 13.555515] ? ktime_get_ts64+0x86/0x230 [ 13.555540] kunit_try_run_case+0x1a5/0x480 [ 13.555565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.555608] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.555634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.555657] ? __kthread_parkme+0x82/0x180 [ 13.555679] ? preempt_count_sub+0x50/0x80 [ 13.555703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.555727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.555751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.555774] kthread+0x337/0x6f0 [ 13.555806] ? trace_preempt_on+0x20/0xc0 [ 13.555849] ? __pfx_kthread+0x10/0x10 [ 13.555870] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.555892] ? calculate_sigpending+0x7b/0xa0 [ 13.555917] ? __pfx_kthread+0x10/0x10 [ 13.555938] ret_from_fork+0x116/0x1d0 [ 13.555957] ? __pfx_kthread+0x10/0x10 [ 13.555978] ret_from_fork_asm+0x1a/0x30 [ 13.556009] </TASK> [ 13.556018] [ 13.565001] Allocated by task 218: [ 13.565198] kasan_save_stack+0x45/0x70 [ 13.565426] kasan_save_track+0x18/0x40 [ 13.565657] kasan_save_alloc_info+0x3b/0x50 [ 13.565886] __kasan_kmalloc+0xb7/0xc0 [ 13.566231] __kmalloc_cache_noprof+0x189/0x420 [ 13.566461] workqueue_uaf+0x152/0x560 [ 13.566774] kunit_try_run_case+0x1a5/0x480 [ 13.567135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.567323] kthread+0x337/0x6f0 [ 13.567483] ret_from_fork+0x116/0x1d0 [ 13.567680] ret_from_fork_asm+0x1a/0x30 [ 13.568019] [ 13.568119] Freed by task 44: [ 13.568258] kasan_save_stack+0x45/0x70 [ 13.568526] kasan_save_track+0x18/0x40 [ 13.568712] kasan_save_free_info+0x3f/0x60 [ 13.568942] __kasan_slab_free+0x56/0x70 [ 13.569212] kfree+0x222/0x3f0 [ 13.569494] workqueue_uaf_work+0x12/0x20 [ 13.569679] process_one_work+0x5ee/0xf60 [ 13.569901] worker_thread+0x758/0x1220 [ 13.570244] kthread+0x337/0x6f0 [ 13.570392] ret_from_fork+0x116/0x1d0 [ 13.570623] ret_from_fork_asm+0x1a/0x30 [ 13.570867] [ 13.570993] Last potentially related work creation: [ 13.571356] kasan_save_stack+0x45/0x70 [ 13.571633] kasan_record_aux_stack+0xb2/0xc0 [ 13.571884] __queue_work+0x626/0xeb0 [ 13.572087] queue_work_on+0xb6/0xc0 [ 13.572263] workqueue_uaf+0x26d/0x560 [ 13.572510] kunit_try_run_case+0x1a5/0x480 [ 13.572706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.573031] kthread+0x337/0x6f0 [ 13.573232] ret_from_fork+0x116/0x1d0 [ 13.573412] ret_from_fork_asm+0x1a/0x30 [ 13.573611] [ 13.573728] The buggy address belongs to the object at ffff88810389fc40 [ 13.573728] which belongs to the cache kmalloc-32 of size 32 [ 13.574296] The buggy address is located 0 bytes inside of [ 13.574296] freed 32-byte region [ffff88810389fc40, ffff88810389fc60) [ 13.574835] [ 13.574941] The buggy address belongs to the physical page: [ 13.575198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10389f [ 13.575550] flags: 0x200000000000000(node=0|zone=2) [ 13.575721] page_type: f5(slab) [ 13.575846] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.576080] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.576790] page dumped because: kasan: bad access detected [ 13.577241] [ 13.577381] Memory state around the buggy address: [ 13.577657] ffff88810389fb00: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 13.578381] ffff88810389fb80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.578735] >ffff88810389fc00: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 13.579119] ^ [ 13.579341] ffff88810389fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.579577] ffff88810389fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.579999] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.515389] ================================================================== [ 13.515884] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.516261] Read of size 4 at addr ffff88810389fa80 by task swapper/1/0 [ 13.516566] [ 13.516696] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.516742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.516754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.516776] Call Trace: [ 13.516802] <IRQ> [ 13.516821] dump_stack_lvl+0x73/0xb0 [ 13.516856] print_report+0xd1/0x610 [ 13.516880] ? __virt_addr_valid+0x1db/0x2d0 [ 13.516905] ? rcu_uaf_reclaim+0x50/0x60 [ 13.516925] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.516947] ? rcu_uaf_reclaim+0x50/0x60 [ 13.516968] kasan_report+0x141/0x180 [ 13.516990] ? rcu_uaf_reclaim+0x50/0x60 [ 13.517015] __asan_report_load4_noabort+0x18/0x20 [ 13.517040] rcu_uaf_reclaim+0x50/0x60 [ 13.517060] rcu_core+0x66f/0x1c40 [ 13.517090] ? __pfx_rcu_core+0x10/0x10 [ 13.517112] ? ktime_get+0x6b/0x150 [ 13.517139] rcu_core_si+0x12/0x20 [ 13.517159] handle_softirqs+0x209/0x730 [ 13.517181] ? hrtimer_interrupt+0x2fe/0x780 [ 13.517203] ? __pfx_handle_softirqs+0x10/0x10 [ 13.517286] __irq_exit_rcu+0xc9/0x110 [ 13.517308] irq_exit_rcu+0x12/0x20 [ 13.517329] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.517355] </IRQ> [ 13.517383] <TASK> [ 13.517393] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.517498] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.517719] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 52 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.517805] RSP: 0000:ffff888100877dc8 EFLAGS: 00010202 [ 13.517898] RAX: ffff8881ad972000 RBX: ffff888100853000 RCX: ffffffffab277125 [ 13.517944] RDX: ffffed102b62618b RSI: 0000000000000004 RDI: 000000000001e4d4 [ 13.517989] RBP: ffff888100877dd0 R08: 0000000000000001 R09: ffffed102b62618a [ 13.518189] R10: ffff88815b130c53 R11: 0000000000021c00 R12: 0000000000000001 [ 13.518261] R13: ffffed102010a600 R14: ffffffffacfb1a90 R15: 0000000000000000 [ 13.518326] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.518386] ? default_idle+0xd/0x20 [ 13.518406] arch_cpu_idle+0xd/0x20 [ 13.518424] default_idle_call+0x48/0x80 [ 13.518443] do_idle+0x379/0x4f0 [ 13.518481] ? complete+0x15b/0x1d0 [ 13.518500] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.518526] ? __pfx_do_idle+0x10/0x10 [ 13.518548] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 13.518572] ? complete+0x15b/0x1d0 [ 13.518594] cpu_startup_entry+0x5c/0x70 [ 13.518613] start_secondary+0x211/0x290 [ 13.518635] ? __pfx_start_secondary+0x10/0x10 [ 13.518661] common_startup_64+0x13e/0x148 [ 13.518694] </TASK> [ 13.518704] [ 13.530675] Allocated by task 216: [ 13.531508] kasan_save_stack+0x45/0x70 [ 13.532121] kasan_save_track+0x18/0x40 [ 13.532343] kasan_save_alloc_info+0x3b/0x50 [ 13.532570] __kasan_kmalloc+0xb7/0xc0 [ 13.532854] __kmalloc_cache_noprof+0x189/0x420 [ 13.533518] rcu_uaf+0xb0/0x330 [ 13.533665] kunit_try_run_case+0x1a5/0x480 [ 13.533997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.534505] kthread+0x337/0x6f0 [ 13.534834] ret_from_fork+0x116/0x1d0 [ 13.535300] ret_from_fork_asm+0x1a/0x30 [ 13.535464] [ 13.535650] Freed by task 0: [ 13.535821] kasan_save_stack+0x45/0x70 [ 13.536021] kasan_save_track+0x18/0x40 [ 13.536281] kasan_save_free_info+0x3f/0x60 [ 13.536542] __kasan_slab_free+0x56/0x70 [ 13.536699] kfree+0x222/0x3f0 [ 13.536887] rcu_uaf_reclaim+0x1f/0x60 [ 13.537046] rcu_core+0x66f/0x1c40 [ 13.537265] rcu_core_si+0x12/0x20 [ 13.537414] handle_softirqs+0x209/0x730 [ 13.537692] __irq_exit_rcu+0xc9/0x110 [ 13.537885] irq_exit_rcu+0x12/0x20 [ 13.538177] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.538449] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.538697] [ 13.538836] Last potentially related work creation: [ 13.539014] kasan_save_stack+0x45/0x70 [ 13.539307] kasan_record_aux_stack+0xb2/0xc0 [ 13.539546] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 13.539805] call_rcu+0x12/0x20 [ 13.540247] rcu_uaf+0x168/0x330 [ 13.540445] kunit_try_run_case+0x1a5/0x480 [ 13.540674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.541203] kthread+0x337/0x6f0 [ 13.541349] ret_from_fork+0x116/0x1d0 [ 13.541506] ret_from_fork_asm+0x1a/0x30 [ 13.541729] [ 13.541837] The buggy address belongs to the object at ffff88810389fa80 [ 13.541837] which belongs to the cache kmalloc-32 of size 32 [ 13.542671] The buggy address is located 0 bytes inside of [ 13.542671] freed 32-byte region [ffff88810389fa80, ffff88810389faa0) [ 13.543500] [ 13.543609] The buggy address belongs to the physical page: [ 13.543813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10389f [ 13.544633] flags: 0x200000000000000(node=0|zone=2) [ 13.544858] page_type: f5(slab) [ 13.545146] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.545493] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.545823] page dumped because: kasan: bad access detected [ 13.546184] [ 13.546341] Memory state around the buggy address: [ 13.546558] ffff88810389f980: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 13.546945] ffff88810389fa00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.547343] >ffff88810389fa80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.547689] ^ [ 13.547870] ffff88810389fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.548189] ffff88810389fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.548685] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.441186] ================================================================== [ 13.441667] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 13.441930] Read of size 1 at addr ffff888103249700 by task kunit_try_catch/214 [ 13.442453] [ 13.442592] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.442641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.442652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.442675] Call Trace: [ 13.442688] <TASK> [ 13.442706] dump_stack_lvl+0x73/0xb0 [ 13.442739] print_report+0xd1/0x610 [ 13.442763] ? __virt_addr_valid+0x1db/0x2d0 [ 13.442789] ? ksize_uaf+0x19d/0x6c0 [ 13.442810] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.442845] ? ksize_uaf+0x19d/0x6c0 [ 13.442867] kasan_report+0x141/0x180 [ 13.442889] ? ksize_uaf+0x19d/0x6c0 [ 13.442913] ? ksize_uaf+0x19d/0x6c0 [ 13.442935] __kasan_check_byte+0x3d/0x50 [ 13.442957] ksize+0x20/0x60 [ 13.442979] ksize_uaf+0x19d/0x6c0 [ 13.443000] ? __pfx_ksize_uaf+0x10/0x10 [ 13.443022] ? __schedule+0x10c6/0x2b60 [ 13.443047] ? __pfx_read_tsc+0x10/0x10 [ 13.443069] ? ktime_get_ts64+0x86/0x230 [ 13.443095] kunit_try_run_case+0x1a5/0x480 [ 13.443122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.443145] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.443169] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.443193] ? __kthread_parkme+0x82/0x180 [ 13.443214] ? preempt_count_sub+0x50/0x80 [ 13.443239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.443263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.443287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.443311] kthread+0x337/0x6f0 [ 13.443331] ? trace_preempt_on+0x20/0xc0 [ 13.443355] ? __pfx_kthread+0x10/0x10 [ 13.443376] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.443398] ? calculate_sigpending+0x7b/0xa0 [ 13.443422] ? __pfx_kthread+0x10/0x10 [ 13.443444] ret_from_fork+0x116/0x1d0 [ 13.443463] ? __pfx_kthread+0x10/0x10 [ 13.443496] ret_from_fork_asm+0x1a/0x30 [ 13.443527] </TASK> [ 13.443537] [ 13.450641] Allocated by task 214: [ 13.450775] kasan_save_stack+0x45/0x70 [ 13.450926] kasan_save_track+0x18/0x40 [ 13.451128] kasan_save_alloc_info+0x3b/0x50 [ 13.451533] __kasan_kmalloc+0xb7/0xc0 [ 13.451731] __kmalloc_cache_noprof+0x189/0x420 [ 13.451943] ksize_uaf+0xaa/0x6c0 [ 13.452073] kunit_try_run_case+0x1a5/0x480 [ 13.452228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.452412] kthread+0x337/0x6f0 [ 13.452700] ret_from_fork+0x116/0x1d0 [ 13.453066] ret_from_fork_asm+0x1a/0x30 [ 13.453274] [ 13.453373] Freed by task 214: [ 13.453548] kasan_save_stack+0x45/0x70 [ 13.453756] kasan_save_track+0x18/0x40 [ 13.453913] kasan_save_free_info+0x3f/0x60 [ 13.454122] __kasan_slab_free+0x56/0x70 [ 13.454325] kfree+0x222/0x3f0 [ 13.454503] ksize_uaf+0x12c/0x6c0 [ 13.454660] kunit_try_run_case+0x1a5/0x480 [ 13.454883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.455107] kthread+0x337/0x6f0 [ 13.455278] ret_from_fork+0x116/0x1d0 [ 13.455457] ret_from_fork_asm+0x1a/0x30 [ 13.455657] [ 13.455738] The buggy address belongs to the object at ffff888103249700 [ 13.455738] which belongs to the cache kmalloc-128 of size 128 [ 13.456248] The buggy address is located 0 bytes inside of [ 13.456248] freed 128-byte region [ffff888103249700, ffff888103249780) [ 13.456721] [ 13.456825] The buggy address belongs to the physical page: [ 13.457071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 13.457394] flags: 0x200000000000000(node=0|zone=2) [ 13.457633] page_type: f5(slab) [ 13.457827] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.458144] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.458436] page dumped because: kasan: bad access detected [ 13.458672] [ 13.458766] Memory state around the buggy address: [ 13.458986] ffff888103249600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.459263] ffff888103249680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.459575] >ffff888103249700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.459901] ^ [ 13.460065] ffff888103249780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.460329] ffff888103249800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.460602] ================================================================== [ 13.461412] ================================================================== [ 13.461748] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 13.461988] Read of size 1 at addr ffff888103249700 by task kunit_try_catch/214 [ 13.462946] [ 13.463077] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.463121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.463132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.463153] Call Trace: [ 13.463166] <TASK> [ 13.463181] dump_stack_lvl+0x73/0xb0 [ 13.463212] print_report+0xd1/0x610 [ 13.463235] ? __virt_addr_valid+0x1db/0x2d0 [ 13.463257] ? ksize_uaf+0x5fe/0x6c0 [ 13.463278] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.463300] ? ksize_uaf+0x5fe/0x6c0 [ 13.463321] kasan_report+0x141/0x180 [ 13.463342] ? ksize_uaf+0x5fe/0x6c0 [ 13.463368] __asan_report_load1_noabort+0x18/0x20 [ 13.463392] ksize_uaf+0x5fe/0x6c0 [ 13.463412] ? __pfx_ksize_uaf+0x10/0x10 [ 13.463433] ? __schedule+0x10c6/0x2b60 [ 13.463456] ? __pfx_read_tsc+0x10/0x10 [ 13.463491] ? ktime_get_ts64+0x86/0x230 [ 13.463515] kunit_try_run_case+0x1a5/0x480 [ 13.463539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.463561] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.463585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.463608] ? __kthread_parkme+0x82/0x180 [ 13.463628] ? preempt_count_sub+0x50/0x80 [ 13.463651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.463674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.463697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.463720] kthread+0x337/0x6f0 [ 13.463740] ? trace_preempt_on+0x20/0xc0 [ 13.463763] ? __pfx_kthread+0x10/0x10 [ 13.463784] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.463805] ? calculate_sigpending+0x7b/0xa0 [ 13.463829] ? __pfx_kthread+0x10/0x10 [ 13.463850] ret_from_fork+0x116/0x1d0 [ 13.463868] ? __pfx_kthread+0x10/0x10 [ 13.463889] ret_from_fork_asm+0x1a/0x30 [ 13.463919] </TASK> [ 13.463929] [ 13.470799] Allocated by task 214: [ 13.470969] kasan_save_stack+0x45/0x70 [ 13.471149] kasan_save_track+0x18/0x40 [ 13.471324] kasan_save_alloc_info+0x3b/0x50 [ 13.471526] __kasan_kmalloc+0xb7/0xc0 [ 13.471742] __kmalloc_cache_noprof+0x189/0x420 [ 13.471987] ksize_uaf+0xaa/0x6c0 [ 13.472167] kunit_try_run_case+0x1a5/0x480 [ 13.472389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.472619] kthread+0x337/0x6f0 [ 13.472748] ret_from_fork+0x116/0x1d0 [ 13.472954] ret_from_fork_asm+0x1a/0x30 [ 13.473162] [ 13.473264] Freed by task 214: [ 13.473391] kasan_save_stack+0x45/0x70 [ 13.473569] kasan_save_track+0x18/0x40 [ 13.473766] kasan_save_free_info+0x3f/0x60 [ 13.473966] __kasan_slab_free+0x56/0x70 [ 13.474130] kfree+0x222/0x3f0 [ 13.474299] ksize_uaf+0x12c/0x6c0 [ 13.474490] kunit_try_run_case+0x1a5/0x480 [ 13.474658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.475002] kthread+0x337/0x6f0 [ 13.475176] ret_from_fork+0x116/0x1d0 [ 13.475344] ret_from_fork_asm+0x1a/0x30 [ 13.475524] [ 13.475601] The buggy address belongs to the object at ffff888103249700 [ 13.475601] which belongs to the cache kmalloc-128 of size 128 [ 13.475980] The buggy address is located 0 bytes inside of [ 13.475980] freed 128-byte region [ffff888103249700, ffff888103249780) [ 13.476345] [ 13.476423] The buggy address belongs to the physical page: [ 13.476683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 13.477256] flags: 0x200000000000000(node=0|zone=2) [ 13.477518] page_type: f5(slab) [ 13.477691] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.478391] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.478721] page dumped because: kasan: bad access detected [ 13.478898] [ 13.478970] Memory state around the buggy address: [ 13.479130] ffff888103249600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.479351] ffff888103249680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.479591] >ffff888103249700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.480105] ^ [ 13.480277] ffff888103249780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.480616] ffff888103249800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.481170] ================================================================== [ 13.482383] ================================================================== [ 13.482730] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 13.483052] Read of size 1 at addr ffff888103249778 by task kunit_try_catch/214 [ 13.483301] [ 13.483546] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.483594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.483605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.483627] Call Trace: [ 13.483642] <TASK> [ 13.483656] dump_stack_lvl+0x73/0xb0 [ 13.483687] print_report+0xd1/0x610 [ 13.483710] ? __virt_addr_valid+0x1db/0x2d0 [ 13.483733] ? ksize_uaf+0x5e4/0x6c0 [ 13.483754] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.483776] ? ksize_uaf+0x5e4/0x6c0 [ 13.483805] kasan_report+0x141/0x180 [ 13.483827] ? ksize_uaf+0x5e4/0x6c0 [ 13.483853] __asan_report_load1_noabort+0x18/0x20 [ 13.483878] ksize_uaf+0x5e4/0x6c0 [ 13.483900] ? __pfx_ksize_uaf+0x10/0x10 [ 13.483922] ? __schedule+0x10c6/0x2b60 [ 13.483946] ? __pfx_read_tsc+0x10/0x10 [ 13.483967] ? ktime_get_ts64+0x86/0x230 [ 13.483993] kunit_try_run_case+0x1a5/0x480 [ 13.484017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.484040] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.484064] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.484087] ? __kthread_parkme+0x82/0x180 [ 13.484109] ? preempt_count_sub+0x50/0x80 [ 13.484133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.484158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.484181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.484205] kthread+0x337/0x6f0 [ 13.484225] ? trace_preempt_on+0x20/0xc0 [ 13.484248] ? __pfx_kthread+0x10/0x10 [ 13.484269] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.484291] ? calculate_sigpending+0x7b/0xa0 [ 13.484317] ? __pfx_kthread+0x10/0x10 [ 13.484339] ret_from_fork+0x116/0x1d0 [ 13.484358] ? __pfx_kthread+0x10/0x10 [ 13.484379] ret_from_fork_asm+0x1a/0x30 [ 13.484409] </TASK> [ 13.484420] [ 13.491603] Allocated by task 214: [ 13.491793] kasan_save_stack+0x45/0x70 [ 13.491986] kasan_save_track+0x18/0x40 [ 13.492148] kasan_save_alloc_info+0x3b/0x50 [ 13.492341] __kasan_kmalloc+0xb7/0xc0 [ 13.492548] __kmalloc_cache_noprof+0x189/0x420 [ 13.492735] ksize_uaf+0xaa/0x6c0 [ 13.492869] kunit_try_run_case+0x1a5/0x480 [ 13.493030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.493217] kthread+0x337/0x6f0 [ 13.493346] ret_from_fork+0x116/0x1d0 [ 13.493493] ret_from_fork_asm+0x1a/0x30 [ 13.493641] [ 13.493714] Freed by task 214: [ 13.493830] kasan_save_stack+0x45/0x70 [ 13.493972] kasan_save_track+0x18/0x40 [ 13.494117] kasan_save_free_info+0x3f/0x60 [ 13.494270] __kasan_slab_free+0x56/0x70 [ 13.494478] kfree+0x222/0x3f0 [ 13.494661] ksize_uaf+0x12c/0x6c0 [ 13.494927] kunit_try_run_case+0x1a5/0x480 [ 13.495141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.495403] kthread+0x337/0x6f0 [ 13.495592] ret_from_fork+0x116/0x1d0 [ 13.495790] ret_from_fork_asm+0x1a/0x30 [ 13.495991] [ 13.496086] The buggy address belongs to the object at ffff888103249700 [ 13.496086] which belongs to the cache kmalloc-128 of size 128 [ 13.496651] The buggy address is located 120 bytes inside of [ 13.496651] freed 128-byte region [ffff888103249700, ffff888103249780) [ 13.497392] [ 13.497477] The buggy address belongs to the physical page: [ 13.497659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 13.498199] flags: 0x200000000000000(node=0|zone=2) [ 13.498445] page_type: f5(slab) [ 13.498628] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.499230] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.499542] page dumped because: kasan: bad access detected [ 13.499797] [ 13.499882] Memory state around the buggy address: [ 13.500044] ffff888103249600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.500271] ffff888103249680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.500541] >ffff888103249700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.500981] ^ [ 13.501319] ffff888103249780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.501680] ffff888103249800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.502058] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 13.364993] ================================================================== [ 13.366390] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 13.366669] Read of size 1 at addr ffff888103249673 by task kunit_try_catch/212 [ 13.367243] [ 13.367608] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.367661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.367672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.367695] Call Trace: [ 13.367708] <TASK> [ 13.367726] dump_stack_lvl+0x73/0xb0 [ 13.367759] print_report+0xd1/0x610 [ 13.367782] ? __virt_addr_valid+0x1db/0x2d0 [ 13.367806] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.367829] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.367851] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.367874] kasan_report+0x141/0x180 [ 13.367895] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 13.367923] __asan_report_load1_noabort+0x18/0x20 [ 13.367947] ksize_unpoisons_memory+0x81c/0x9b0 [ 13.367970] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.367992] ? finish_task_switch.isra.0+0x153/0x700 [ 13.368016] ? __switch_to+0x47/0xf50 [ 13.368043] ? __schedule+0x10c6/0x2b60 [ 13.368148] ? __pfx_read_tsc+0x10/0x10 [ 13.368171] ? ktime_get_ts64+0x86/0x230 [ 13.368195] kunit_try_run_case+0x1a5/0x480 [ 13.368221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.368243] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.368267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.368290] ? __kthread_parkme+0x82/0x180 [ 13.368311] ? preempt_count_sub+0x50/0x80 [ 13.368333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.368356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.368379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.368402] kthread+0x337/0x6f0 [ 13.368422] ? trace_preempt_on+0x20/0xc0 [ 13.368445] ? __pfx_kthread+0x10/0x10 [ 13.368466] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.368499] ? calculate_sigpending+0x7b/0xa0 [ 13.368524] ? __pfx_kthread+0x10/0x10 [ 13.368546] ret_from_fork+0x116/0x1d0 [ 13.368564] ? __pfx_kthread+0x10/0x10 [ 13.368585] ret_from_fork_asm+0x1a/0x30 [ 13.368615] </TASK> [ 13.368625] [ 13.382448] Allocated by task 212: [ 13.382614] kasan_save_stack+0x45/0x70 [ 13.382770] kasan_save_track+0x18/0x40 [ 13.383128] kasan_save_alloc_info+0x3b/0x50 [ 13.383585] __kasan_kmalloc+0xb7/0xc0 [ 13.383991] __kmalloc_cache_noprof+0x189/0x420 [ 13.384450] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.384912] kunit_try_run_case+0x1a5/0x480 [ 13.385341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.386087] kthread+0x337/0x6f0 [ 13.386302] ret_from_fork+0x116/0x1d0 [ 13.386622] ret_from_fork_asm+0x1a/0x30 [ 13.387007] [ 13.387175] The buggy address belongs to the object at ffff888103249600 [ 13.387175] which belongs to the cache kmalloc-128 of size 128 [ 13.387724] The buggy address is located 0 bytes to the right of [ 13.387724] allocated 115-byte region [ffff888103249600, ffff888103249673) [ 13.388882] [ 13.389137] The buggy address belongs to the physical page: [ 13.389648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 13.390529] flags: 0x200000000000000(node=0|zone=2) [ 13.390760] page_type: f5(slab) [ 13.391067] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.391916] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.392483] page dumped because: kasan: bad access detected [ 13.392973] [ 13.393201] Memory state around the buggy address: [ 13.393381] ffff888103249500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.393620] ffff888103249580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.393887] >ffff888103249600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.394185] ^ [ 13.394478] ffff888103249680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.394854] ffff888103249700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.395130] ================================================================== [ 13.395860] ================================================================== [ 13.396401] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.396713] Read of size 1 at addr ffff888103249678 by task kunit_try_catch/212 [ 13.397116] [ 13.397250] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.397297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.397308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.397330] Call Trace: [ 13.397342] <TASK> [ 13.397357] dump_stack_lvl+0x73/0xb0 [ 13.397386] print_report+0xd1/0x610 [ 13.397409] ? __virt_addr_valid+0x1db/0x2d0 [ 13.397433] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.397457] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.397490] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.397514] kasan_report+0x141/0x180 [ 13.397536] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.397563] __asan_report_load1_noabort+0x18/0x20 [ 13.397587] ksize_unpoisons_memory+0x7e9/0x9b0 [ 13.397611] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.397634] ? finish_task_switch.isra.0+0x153/0x700 [ 13.397657] ? __switch_to+0x47/0xf50 [ 13.397682] ? __schedule+0x10c6/0x2b60 [ 13.397705] ? __pfx_read_tsc+0x10/0x10 [ 13.397726] ? ktime_get_ts64+0x86/0x230 [ 13.397751] kunit_try_run_case+0x1a5/0x480 [ 13.397775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.397797] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.397841] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.397865] ? __kthread_parkme+0x82/0x180 [ 13.397886] ? preempt_count_sub+0x50/0x80 [ 13.397908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.397932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.397955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.397979] kthread+0x337/0x6f0 [ 13.397998] ? trace_preempt_on+0x20/0xc0 [ 13.398021] ? __pfx_kthread+0x10/0x10 [ 13.398044] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.398066] ? calculate_sigpending+0x7b/0xa0 [ 13.398091] ? __pfx_kthread+0x10/0x10 [ 13.398118] ret_from_fork+0x116/0x1d0 [ 13.398137] ? __pfx_kthread+0x10/0x10 [ 13.398157] ret_from_fork_asm+0x1a/0x30 [ 13.398187] </TASK> [ 13.398197] [ 13.406442] Allocated by task 212: [ 13.406720] kasan_save_stack+0x45/0x70 [ 13.406998] kasan_save_track+0x18/0x40 [ 13.407416] kasan_save_alloc_info+0x3b/0x50 [ 13.407646] __kasan_kmalloc+0xb7/0xc0 [ 13.407836] __kmalloc_cache_noprof+0x189/0x420 [ 13.408024] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.408182] kunit_try_run_case+0x1a5/0x480 [ 13.408429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.408710] kthread+0x337/0x6f0 [ 13.409015] ret_from_fork+0x116/0x1d0 [ 13.409398] ret_from_fork_asm+0x1a/0x30 [ 13.409607] [ 13.409710] The buggy address belongs to the object at ffff888103249600 [ 13.409710] which belongs to the cache kmalloc-128 of size 128 [ 13.410087] The buggy address is located 5 bytes to the right of [ 13.410087] allocated 115-byte region [ffff888103249600, ffff888103249673) [ 13.410482] [ 13.410556] The buggy address belongs to the physical page: [ 13.410805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 13.411194] flags: 0x200000000000000(node=0|zone=2) [ 13.411432] page_type: f5(slab) [ 13.411618] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.412019] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.412377] page dumped because: kasan: bad access detected [ 13.412573] [ 13.412647] Memory state around the buggy address: [ 13.412933] ffff888103249500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.413614] ffff888103249580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.413968] >ffff888103249600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.414363] ^ [ 13.414660] ffff888103249680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.414994] ffff888103249700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.415543] ================================================================== [ 13.416156] ================================================================== [ 13.416508] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.417066] Read of size 1 at addr ffff88810324967f by task kunit_try_catch/212 [ 13.417505] [ 13.417625] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.417671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.417682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.417703] Call Trace: [ 13.417715] <TASK> [ 13.417731] dump_stack_lvl+0x73/0xb0 [ 13.417762] print_report+0xd1/0x610 [ 13.417794] ? __virt_addr_valid+0x1db/0x2d0 [ 13.417816] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.417839] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.417862] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.417885] kasan_report+0x141/0x180 [ 13.417907] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.417935] __asan_report_load1_noabort+0x18/0x20 [ 13.417959] ksize_unpoisons_memory+0x7b6/0x9b0 [ 13.417982] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.418005] ? finish_task_switch.isra.0+0x153/0x700 [ 13.418027] ? __switch_to+0x47/0xf50 [ 13.418052] ? __schedule+0x10c6/0x2b60 [ 13.418075] ? __pfx_read_tsc+0x10/0x10 [ 13.418096] ? ktime_get_ts64+0x86/0x230 [ 13.418125] kunit_try_run_case+0x1a5/0x480 [ 13.418149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.418172] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.418195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.418219] ? __kthread_parkme+0x82/0x180 [ 13.418239] ? preempt_count_sub+0x50/0x80 [ 13.418315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.418339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.418363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.418387] kthread+0x337/0x6f0 [ 13.418409] ? trace_preempt_on+0x20/0xc0 [ 13.418432] ? __pfx_kthread+0x10/0x10 [ 13.418453] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.418487] ? calculate_sigpending+0x7b/0xa0 [ 13.418512] ? __pfx_kthread+0x10/0x10 [ 13.418534] ret_from_fork+0x116/0x1d0 [ 13.418553] ? __pfx_kthread+0x10/0x10 [ 13.418574] ret_from_fork_asm+0x1a/0x30 [ 13.418605] </TASK> [ 13.418614] [ 13.427376] Allocated by task 212: [ 13.427571] kasan_save_stack+0x45/0x70 [ 13.427831] kasan_save_track+0x18/0x40 [ 13.428012] kasan_save_alloc_info+0x3b/0x50 [ 13.428414] __kasan_kmalloc+0xb7/0xc0 [ 13.428594] __kmalloc_cache_noprof+0x189/0x420 [ 13.428868] ksize_unpoisons_memory+0xc7/0x9b0 [ 13.429037] kunit_try_run_case+0x1a5/0x480 [ 13.429190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.429373] kthread+0x337/0x6f0 [ 13.429511] ret_from_fork+0x116/0x1d0 [ 13.429652] ret_from_fork_asm+0x1a/0x30 [ 13.429798] [ 13.429873] The buggy address belongs to the object at ffff888103249600 [ 13.429873] which belongs to the cache kmalloc-128 of size 128 [ 13.430280] The buggy address is located 12 bytes to the right of [ 13.430280] allocated 115-byte region [ffff888103249600, ffff888103249673) [ 13.431133] [ 13.431234] The buggy address belongs to the physical page: [ 13.431504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 13.432028] flags: 0x200000000000000(node=0|zone=2) [ 13.432206] page_type: f5(slab) [ 13.432334] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.432589] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.432828] page dumped because: kasan: bad access detected [ 13.433050] [ 13.433149] Memory state around the buggy address: [ 13.433385] ffff888103249500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.433742] ffff888103249580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.434523] >ffff888103249600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.434858] ^ [ 13.435214] ffff888103249680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.435460] ffff888103249700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.435727] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 13.325013] ================================================================== [ 13.325406] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 13.325883] Free of addr ffff888102641a80 by task kunit_try_catch/210 [ 13.326599] [ 13.326795] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.326853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.326864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.326886] Call Trace: [ 13.326898] <TASK> [ 13.326913] dump_stack_lvl+0x73/0xb0 [ 13.326945] print_report+0xd1/0x610 [ 13.326969] ? __virt_addr_valid+0x1db/0x2d0 [ 13.326991] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.327013] ? kfree_sensitive+0x2e/0x90 [ 13.327046] kasan_report_invalid_free+0x10a/0x130 [ 13.327070] ? kfree_sensitive+0x2e/0x90 [ 13.327103] ? kfree_sensitive+0x2e/0x90 [ 13.327123] check_slab_allocation+0x101/0x130 [ 13.327145] __kasan_slab_pre_free+0x28/0x40 [ 13.327166] kfree+0xf0/0x3f0 [ 13.327189] ? kfree_sensitive+0x2e/0x90 [ 13.327212] kfree_sensitive+0x2e/0x90 [ 13.327232] kmalloc_double_kzfree+0x19c/0x350 [ 13.327255] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.327290] ? __schedule+0x10c6/0x2b60 [ 13.327313] ? __pfx_read_tsc+0x10/0x10 [ 13.327335] ? ktime_get_ts64+0x86/0x230 [ 13.327359] kunit_try_run_case+0x1a5/0x480 [ 13.327383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.327405] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.327439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.327463] ? __kthread_parkme+0x82/0x180 [ 13.327493] ? preempt_count_sub+0x50/0x80 [ 13.327516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.327542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.327567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.327591] kthread+0x337/0x6f0 [ 13.327611] ? trace_preempt_on+0x20/0xc0 [ 13.327634] ? __pfx_kthread+0x10/0x10 [ 13.327654] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.327676] ? calculate_sigpending+0x7b/0xa0 [ 13.327701] ? __pfx_kthread+0x10/0x10 [ 13.327722] ret_from_fork+0x116/0x1d0 [ 13.327740] ? __pfx_kthread+0x10/0x10 [ 13.327761] ret_from_fork_asm+0x1a/0x30 [ 13.327792] </TASK> [ 13.327803] [ 13.342798] Allocated by task 210: [ 13.343049] kasan_save_stack+0x45/0x70 [ 13.343519] kasan_save_track+0x18/0x40 [ 13.343940] kasan_save_alloc_info+0x3b/0x50 [ 13.344315] __kasan_kmalloc+0xb7/0xc0 [ 13.344558] __kmalloc_cache_noprof+0x189/0x420 [ 13.345007] kmalloc_double_kzfree+0xa9/0x350 [ 13.345402] kunit_try_run_case+0x1a5/0x480 [ 13.345712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.346130] kthread+0x337/0x6f0 [ 13.346395] ret_from_fork+0x116/0x1d0 [ 13.346549] ret_from_fork_asm+0x1a/0x30 [ 13.346969] [ 13.347167] Freed by task 210: [ 13.347525] kasan_save_stack+0x45/0x70 [ 13.347949] kasan_save_track+0x18/0x40 [ 13.348216] kasan_save_free_info+0x3f/0x60 [ 13.348709] __kasan_slab_free+0x56/0x70 [ 13.349002] kfree+0x222/0x3f0 [ 13.349126] kfree_sensitive+0x67/0x90 [ 13.349266] kmalloc_double_kzfree+0x12b/0x350 [ 13.349801] kunit_try_run_case+0x1a5/0x480 [ 13.350277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.350823] kthread+0x337/0x6f0 [ 13.351236] ret_from_fork+0x116/0x1d0 [ 13.351733] ret_from_fork_asm+0x1a/0x30 [ 13.352190] [ 13.352353] The buggy address belongs to the object at ffff888102641a80 [ 13.352353] which belongs to the cache kmalloc-16 of size 16 [ 13.353333] The buggy address is located 0 bytes inside of [ 13.353333] 16-byte region [ffff888102641a80, ffff888102641a90) [ 13.354076] [ 13.354251] The buggy address belongs to the physical page: [ 13.354902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 13.355357] flags: 0x200000000000000(node=0|zone=2) [ 13.355570] page_type: f5(slab) [ 13.355908] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.356832] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.357379] page dumped because: kasan: bad access detected [ 13.357931] [ 13.358082] Memory state around the buggy address: [ 13.358489] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 13.359153] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.359723] >ffff888102641a80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.360163] ^ [ 13.360509] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.361177] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.361707] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 13.285781] ================================================================== [ 13.287343] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 13.288036] Read of size 1 at addr ffff888102641a80 by task kunit_try_catch/210 [ 13.288292] [ 13.288402] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.288449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.288460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.288492] Call Trace: [ 13.288503] <TASK> [ 13.288519] dump_stack_lvl+0x73/0xb0 [ 13.288551] print_report+0xd1/0x610 [ 13.288574] ? __virt_addr_valid+0x1db/0x2d0 [ 13.288598] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.288632] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.288654] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.288677] kasan_report+0x141/0x180 [ 13.288710] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.288736] ? kmalloc_double_kzfree+0x19c/0x350 [ 13.288759] __kasan_check_byte+0x3d/0x50 [ 13.288781] kfree_sensitive+0x22/0x90 [ 13.288805] kmalloc_double_kzfree+0x19c/0x350 [ 13.288828] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.288852] ? __schedule+0x10c6/0x2b60 [ 13.288875] ? __pfx_read_tsc+0x10/0x10 [ 13.288897] ? ktime_get_ts64+0x86/0x230 [ 13.288922] kunit_try_run_case+0x1a5/0x480 [ 13.288947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.288970] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.288994] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.289017] ? __kthread_parkme+0x82/0x180 [ 13.289048] ? preempt_count_sub+0x50/0x80 [ 13.289074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.289098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.289121] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.289144] kthread+0x337/0x6f0 [ 13.289164] ? trace_preempt_on+0x20/0xc0 [ 13.289187] ? __pfx_kthread+0x10/0x10 [ 13.289207] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.289229] ? calculate_sigpending+0x7b/0xa0 [ 13.289253] ? __pfx_kthread+0x10/0x10 [ 13.289274] ret_from_fork+0x116/0x1d0 [ 13.289293] ? __pfx_kthread+0x10/0x10 [ 13.289313] ret_from_fork_asm+0x1a/0x30 [ 13.289343] </TASK> [ 13.289353] [ 13.304114] Allocated by task 210: [ 13.304586] kasan_save_stack+0x45/0x70 [ 13.304805] kasan_save_track+0x18/0x40 [ 13.305238] kasan_save_alloc_info+0x3b/0x50 [ 13.305524] __kasan_kmalloc+0xb7/0xc0 [ 13.305668] __kmalloc_cache_noprof+0x189/0x420 [ 13.305862] kmalloc_double_kzfree+0xa9/0x350 [ 13.306438] kunit_try_run_case+0x1a5/0x480 [ 13.306888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.307493] kthread+0x337/0x6f0 [ 13.307824] ret_from_fork+0x116/0x1d0 [ 13.308282] ret_from_fork_asm+0x1a/0x30 [ 13.308590] [ 13.308667] Freed by task 210: [ 13.308793] kasan_save_stack+0x45/0x70 [ 13.309229] kasan_save_track+0x18/0x40 [ 13.309633] kasan_save_free_info+0x3f/0x60 [ 13.310256] __kasan_slab_free+0x56/0x70 [ 13.310619] kfree+0x222/0x3f0 [ 13.310746] kfree_sensitive+0x67/0x90 [ 13.311206] kmalloc_double_kzfree+0x12b/0x350 [ 13.311654] kunit_try_run_case+0x1a5/0x480 [ 13.312096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.312499] kthread+0x337/0x6f0 [ 13.312712] ret_from_fork+0x116/0x1d0 [ 13.313163] ret_from_fork_asm+0x1a/0x30 [ 13.313319] [ 13.313510] The buggy address belongs to the object at ffff888102641a80 [ 13.313510] which belongs to the cache kmalloc-16 of size 16 [ 13.314542] The buggy address is located 0 bytes inside of [ 13.314542] freed 16-byte region [ffff888102641a80, ffff888102641a90) [ 13.315507] [ 13.315682] The buggy address belongs to the physical page: [ 13.316378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 13.317283] flags: 0x200000000000000(node=0|zone=2) [ 13.317465] page_type: f5(slab) [ 13.317607] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.318000] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.318868] page dumped because: kasan: bad access detected [ 13.319538] [ 13.319703] Memory state around the buggy address: [ 13.320272] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 13.320942] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.321533] >ffff888102641a80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.322354] ^ [ 13.322587] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.322831] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.323625] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 13.245681] ================================================================== [ 13.246865] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 13.247521] Read of size 1 at addr ffff88810389baa8 by task kunit_try_catch/206 [ 13.248083] [ 13.248211] CPU: 1 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.248261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.248272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.248294] Call Trace: [ 13.248307] <TASK> [ 13.248323] dump_stack_lvl+0x73/0xb0 [ 13.248355] print_report+0xd1/0x610 [ 13.248394] ? __virt_addr_valid+0x1db/0x2d0 [ 13.248417] ? kmalloc_uaf2+0x4a8/0x520 [ 13.248437] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.248458] ? kmalloc_uaf2+0x4a8/0x520 [ 13.248488] kasan_report+0x141/0x180 [ 13.248510] ? kmalloc_uaf2+0x4a8/0x520 [ 13.248534] __asan_report_load1_noabort+0x18/0x20 [ 13.248558] kmalloc_uaf2+0x4a8/0x520 [ 13.248578] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 13.248598] ? finish_task_switch.isra.0+0x153/0x700 [ 13.248621] ? __switch_to+0x47/0xf50 [ 13.248648] ? __schedule+0x10c6/0x2b60 [ 13.248671] ? __pfx_read_tsc+0x10/0x10 [ 13.248691] ? ktime_get_ts64+0x86/0x230 [ 13.248715] kunit_try_run_case+0x1a5/0x480 [ 13.248740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.248782] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.248806] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.248829] ? __kthread_parkme+0x82/0x180 [ 13.248849] ? preempt_count_sub+0x50/0x80 [ 13.248872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.248895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.248918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.248941] kthread+0x337/0x6f0 [ 13.248960] ? trace_preempt_on+0x20/0xc0 [ 13.248982] ? __pfx_kthread+0x10/0x10 [ 13.249002] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.249024] ? calculate_sigpending+0x7b/0xa0 [ 13.249048] ? __pfx_kthread+0x10/0x10 [ 13.249069] ret_from_fork+0x116/0x1d0 [ 13.249088] ? __pfx_kthread+0x10/0x10 [ 13.249137] ret_from_fork_asm+0x1a/0x30 [ 13.249168] </TASK> [ 13.249177] [ 13.261613] Allocated by task 206: [ 13.261761] kasan_save_stack+0x45/0x70 [ 13.262198] kasan_save_track+0x18/0x40 [ 13.262776] kasan_save_alloc_info+0x3b/0x50 [ 13.263240] __kasan_kmalloc+0xb7/0xc0 [ 13.263703] __kmalloc_cache_noprof+0x189/0x420 [ 13.264229] kmalloc_uaf2+0xc6/0x520 [ 13.264435] kunit_try_run_case+0x1a5/0x480 [ 13.264833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.265084] kthread+0x337/0x6f0 [ 13.265445] ret_from_fork+0x116/0x1d0 [ 13.265870] ret_from_fork_asm+0x1a/0x30 [ 13.266454] [ 13.266620] Freed by task 206: [ 13.266802] kasan_save_stack+0x45/0x70 [ 13.266951] kasan_save_track+0x18/0x40 [ 13.267381] kasan_save_free_info+0x3f/0x60 [ 13.267793] __kasan_slab_free+0x56/0x70 [ 13.268238] kfree+0x222/0x3f0 [ 13.268369] kmalloc_uaf2+0x14c/0x520 [ 13.268520] kunit_try_run_case+0x1a5/0x480 [ 13.268675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.269042] kthread+0x337/0x6f0 [ 13.269368] ret_from_fork+0x116/0x1d0 [ 13.269906] ret_from_fork_asm+0x1a/0x30 [ 13.270347] [ 13.270548] The buggy address belongs to the object at ffff88810389ba80 [ 13.270548] which belongs to the cache kmalloc-64 of size 64 [ 13.272048] The buggy address is located 40 bytes inside of [ 13.272048] freed 64-byte region [ffff88810389ba80, ffff88810389bac0) [ 13.272910] [ 13.272992] The buggy address belongs to the physical page: [ 13.273444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10389b [ 13.274225] flags: 0x200000000000000(node=0|zone=2) [ 13.274837] page_type: f5(slab) [ 13.275140] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.275573] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.275826] page dumped because: kasan: bad access detected [ 13.276413] [ 13.276592] Memory state around the buggy address: [ 13.277159] ffff88810389b980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.277820] ffff88810389ba00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.278499] >ffff88810389ba80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.278726] ^ [ 13.279106] ffff88810389bb00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 13.279922] ffff88810389bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.280691] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 13.219168] ================================================================== [ 13.219922] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 13.220381] Write of size 33 at addr ffff888103256980 by task kunit_try_catch/204 [ 13.220729] [ 13.220918] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.220964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.220975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.220995] Call Trace: [ 13.221006] <TASK> [ 13.221021] dump_stack_lvl+0x73/0xb0 [ 13.221105] print_report+0xd1/0x610 [ 13.221128] ? __virt_addr_valid+0x1db/0x2d0 [ 13.221162] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.221184] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.221206] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.221240] kasan_report+0x141/0x180 [ 13.221272] ? kmalloc_uaf_memset+0x1a3/0x360 [ 13.221298] kasan_check_range+0x10c/0x1c0 [ 13.221321] __asan_memset+0x27/0x50 [ 13.221352] kmalloc_uaf_memset+0x1a3/0x360 [ 13.221373] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 13.221395] ? __schedule+0x10c6/0x2b60 [ 13.221418] ? __pfx_read_tsc+0x10/0x10 [ 13.221439] ? ktime_get_ts64+0x86/0x230 [ 13.221463] kunit_try_run_case+0x1a5/0x480 [ 13.221497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.221519] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.221542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.221565] ? __kthread_parkme+0x82/0x180 [ 13.221586] ? preempt_count_sub+0x50/0x80 [ 13.221619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.221643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.221666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.221701] kthread+0x337/0x6f0 [ 13.221720] ? trace_preempt_on+0x20/0xc0 [ 13.221743] ? __pfx_kthread+0x10/0x10 [ 13.221763] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.221794] ? calculate_sigpending+0x7b/0xa0 [ 13.221827] ? __pfx_kthread+0x10/0x10 [ 13.221849] ret_from_fork+0x116/0x1d0 [ 13.221868] ? __pfx_kthread+0x10/0x10 [ 13.221888] ret_from_fork_asm+0x1a/0x30 [ 13.221930] </TASK> [ 13.221940] [ 13.229775] Allocated by task 204: [ 13.229992] kasan_save_stack+0x45/0x70 [ 13.230399] kasan_save_track+0x18/0x40 [ 13.230620] kasan_save_alloc_info+0x3b/0x50 [ 13.230852] __kasan_kmalloc+0xb7/0xc0 [ 13.231100] __kmalloc_cache_noprof+0x189/0x420 [ 13.231327] kmalloc_uaf_memset+0xa9/0x360 [ 13.231560] kunit_try_run_case+0x1a5/0x480 [ 13.231756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.232026] kthread+0x337/0x6f0 [ 13.232245] ret_from_fork+0x116/0x1d0 [ 13.232401] ret_from_fork_asm+0x1a/0x30 [ 13.232633] [ 13.232737] Freed by task 204: [ 13.232896] kasan_save_stack+0x45/0x70 [ 13.233042] kasan_save_track+0x18/0x40 [ 13.233184] kasan_save_free_info+0x3f/0x60 [ 13.233337] __kasan_slab_free+0x56/0x70 [ 13.233492] kfree+0x222/0x3f0 [ 13.233662] kmalloc_uaf_memset+0x12b/0x360 [ 13.234024] kunit_try_run_case+0x1a5/0x480 [ 13.234334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.234592] kthread+0x337/0x6f0 [ 13.234721] ret_from_fork+0x116/0x1d0 [ 13.235110] ret_from_fork_asm+0x1a/0x30 [ 13.235350] [ 13.235451] The buggy address belongs to the object at ffff888103256980 [ 13.235451] which belongs to the cache kmalloc-64 of size 64 [ 13.236273] The buggy address is located 0 bytes inside of [ 13.236273] freed 64-byte region [ffff888103256980, ffff8881032569c0) [ 13.236750] [ 13.236865] The buggy address belongs to the physical page: [ 13.237252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103256 [ 13.237518] flags: 0x200000000000000(node=0|zone=2) [ 13.237692] page_type: f5(slab) [ 13.237836] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.238406] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.238761] page dumped because: kasan: bad access detected [ 13.239018] [ 13.239284] Memory state around the buggy address: [ 13.239537] ffff888103256880: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 13.239933] ffff888103256900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.240289] >ffff888103256980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.240623] ^ [ 13.240820] ffff888103256a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.241193] ffff888103256a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.241521] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 13.191668] ================================================================== [ 13.192279] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 13.192834] Read of size 1 at addr ffff888101c73588 by task kunit_try_catch/202 [ 13.193228] [ 13.193553] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.193614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.193626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.193648] Call Trace: [ 13.193660] <TASK> [ 13.193676] dump_stack_lvl+0x73/0xb0 [ 13.193740] print_report+0xd1/0x610 [ 13.193764] ? __virt_addr_valid+0x1db/0x2d0 [ 13.193789] ? kmalloc_uaf+0x320/0x380 [ 13.193820] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.193842] ? kmalloc_uaf+0x320/0x380 [ 13.193862] kasan_report+0x141/0x180 [ 13.193884] ? kmalloc_uaf+0x320/0x380 [ 13.193936] __asan_report_load1_noabort+0x18/0x20 [ 13.193960] kmalloc_uaf+0x320/0x380 [ 13.193980] ? __pfx_kmalloc_uaf+0x10/0x10 [ 13.194011] ? __schedule+0x10c6/0x2b60 [ 13.194034] ? __pfx_read_tsc+0x10/0x10 [ 13.194177] ? ktime_get_ts64+0x86/0x230 [ 13.194204] kunit_try_run_case+0x1a5/0x480 [ 13.194230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.194253] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.194277] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.194300] ? __kthread_parkme+0x82/0x180 [ 13.194322] ? preempt_count_sub+0x50/0x80 [ 13.194346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.194369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.194392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.194415] kthread+0x337/0x6f0 [ 13.194434] ? trace_preempt_on+0x20/0xc0 [ 13.194458] ? __pfx_kthread+0x10/0x10 [ 13.194490] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.194512] ? calculate_sigpending+0x7b/0xa0 [ 13.194535] ? __pfx_kthread+0x10/0x10 [ 13.194556] ret_from_fork+0x116/0x1d0 [ 13.194575] ? __pfx_kthread+0x10/0x10 [ 13.194595] ret_from_fork_asm+0x1a/0x30 [ 13.194625] </TASK> [ 13.194636] [ 13.203354] Allocated by task 202: [ 13.203545] kasan_save_stack+0x45/0x70 [ 13.203693] kasan_save_track+0x18/0x40 [ 13.203830] kasan_save_alloc_info+0x3b/0x50 [ 13.204016] __kasan_kmalloc+0xb7/0xc0 [ 13.204257] __kmalloc_cache_noprof+0x189/0x420 [ 13.204693] kmalloc_uaf+0xaa/0x380 [ 13.204924] kunit_try_run_case+0x1a5/0x480 [ 13.205238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.205449] kthread+0x337/0x6f0 [ 13.205637] ret_from_fork+0x116/0x1d0 [ 13.205952] ret_from_fork_asm+0x1a/0x30 [ 13.206240] [ 13.206338] Freed by task 202: [ 13.206532] kasan_save_stack+0x45/0x70 [ 13.206720] kasan_save_track+0x18/0x40 [ 13.206964] kasan_save_free_info+0x3f/0x60 [ 13.207464] __kasan_slab_free+0x56/0x70 [ 13.207689] kfree+0x222/0x3f0 [ 13.207809] kmalloc_uaf+0x12c/0x380 [ 13.207940] kunit_try_run_case+0x1a5/0x480 [ 13.208087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.208310] kthread+0x337/0x6f0 [ 13.208728] ret_from_fork+0x116/0x1d0 [ 13.209014] ret_from_fork_asm+0x1a/0x30 [ 13.209310] [ 13.209420] The buggy address belongs to the object at ffff888101c73580 [ 13.209420] which belongs to the cache kmalloc-16 of size 16 [ 13.210207] The buggy address is located 8 bytes inside of [ 13.210207] freed 16-byte region [ffff888101c73580, ffff888101c73590) [ 13.210606] [ 13.210682] The buggy address belongs to the physical page: [ 13.211017] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c73 [ 13.211557] flags: 0x200000000000000(node=0|zone=2) [ 13.211813] page_type: f5(slab) [ 13.212026] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.212289] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.212601] page dumped because: kasan: bad access detected [ 13.213243] [ 13.213357] Memory state around the buggy address: [ 13.213651] ffff888101c73480: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.214183] ffff888101c73500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.214550] >ffff888101c73580: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.214892] ^ [ 13.215102] ffff888101c73600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.215327] ffff888101c73680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.215658] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 13.165787] ================================================================== [ 13.166310] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.166845] Read of size 64 at addr ffff88810389b984 by task kunit_try_catch/200 [ 13.167415] [ 13.167627] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.167675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.167686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.167707] Call Trace: [ 13.167718] <TASK> [ 13.167734] dump_stack_lvl+0x73/0xb0 [ 13.167765] print_report+0xd1/0x610 [ 13.167965] ? __virt_addr_valid+0x1db/0x2d0 [ 13.167990] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.168014] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.168036] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.168060] kasan_report+0x141/0x180 [ 13.168091] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.168153] kasan_check_range+0x10c/0x1c0 [ 13.168181] __asan_memmove+0x27/0x70 [ 13.168202] kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.168227] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 13.168252] ? __schedule+0x10c6/0x2b60 [ 13.168276] ? __pfx_read_tsc+0x10/0x10 [ 13.168297] ? ktime_get_ts64+0x86/0x230 [ 13.168322] kunit_try_run_case+0x1a5/0x480 [ 13.168348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.168370] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.168394] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.168417] ? __kthread_parkme+0x82/0x180 [ 13.168438] ? preempt_count_sub+0x50/0x80 [ 13.168461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.168497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.168519] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.168543] kthread+0x337/0x6f0 [ 13.168562] ? trace_preempt_on+0x20/0xc0 [ 13.168584] ? __pfx_kthread+0x10/0x10 [ 13.168604] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.168626] ? calculate_sigpending+0x7b/0xa0 [ 13.168649] ? __pfx_kthread+0x10/0x10 [ 13.168670] ret_from_fork+0x116/0x1d0 [ 13.168688] ? __pfx_kthread+0x10/0x10 [ 13.168709] ret_from_fork_asm+0x1a/0x30 [ 13.168739] </TASK> [ 13.168749] [ 13.177750] Allocated by task 200: [ 13.177969] kasan_save_stack+0x45/0x70 [ 13.178425] kasan_save_track+0x18/0x40 [ 13.178646] kasan_save_alloc_info+0x3b/0x50 [ 13.178892] __kasan_kmalloc+0xb7/0xc0 [ 13.179107] __kmalloc_cache_noprof+0x189/0x420 [ 13.179494] kmalloc_memmove_invalid_size+0xac/0x330 [ 13.179743] kunit_try_run_case+0x1a5/0x480 [ 13.179963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.180220] kthread+0x337/0x6f0 [ 13.180355] ret_from_fork+0x116/0x1d0 [ 13.180727] ret_from_fork_asm+0x1a/0x30 [ 13.180953] [ 13.181120] The buggy address belongs to the object at ffff88810389b980 [ 13.181120] which belongs to the cache kmalloc-64 of size 64 [ 13.181584] The buggy address is located 4 bytes inside of [ 13.181584] allocated 64-byte region [ffff88810389b980, ffff88810389b9c0) [ 13.182084] [ 13.182189] The buggy address belongs to the physical page: [ 13.182435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10389b [ 13.182946] flags: 0x200000000000000(node=0|zone=2) [ 13.183188] page_type: f5(slab) [ 13.183356] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.183827] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.184293] page dumped because: kasan: bad access detected [ 13.184526] [ 13.184624] Memory state around the buggy address: [ 13.184931] ffff88810389b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.185360] ffff88810389b900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.185710] >ffff88810389b980: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.186209] ^ [ 13.186512] ffff88810389ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.186874] ffff88810389ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.187305] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 13.136757] ================================================================== [ 13.137422] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 13.137970] Read of size 18446744073709551614 at addr ffff88810389b904 by task kunit_try_catch/198 [ 13.138535] [ 13.138666] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.138714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.138726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.138747] Call Trace: [ 13.138759] <TASK> [ 13.138777] dump_stack_lvl+0x73/0xb0 [ 13.138809] print_report+0xd1/0x610 [ 13.139061] ? __virt_addr_valid+0x1db/0x2d0 [ 13.139089] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.139115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.139137] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.139183] kasan_report+0x141/0x180 [ 13.139206] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.139235] kasan_check_range+0x10c/0x1c0 [ 13.139259] __asan_memmove+0x27/0x70 [ 13.139278] kmalloc_memmove_negative_size+0x171/0x330 [ 13.139303] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 13.139328] ? __schedule+0x10c6/0x2b60 [ 13.139351] ? __pfx_read_tsc+0x10/0x10 [ 13.139372] ? ktime_get_ts64+0x86/0x230 [ 13.139396] kunit_try_run_case+0x1a5/0x480 [ 13.139422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.139444] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.139482] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.139506] ? __kthread_parkme+0x82/0x180 [ 13.139527] ? preempt_count_sub+0x50/0x80 [ 13.139551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.139574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.139598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.139621] kthread+0x337/0x6f0 [ 13.139640] ? trace_preempt_on+0x20/0xc0 [ 13.139663] ? __pfx_kthread+0x10/0x10 [ 13.139684] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.139706] ? calculate_sigpending+0x7b/0xa0 [ 13.139730] ? __pfx_kthread+0x10/0x10 [ 13.139751] ret_from_fork+0x116/0x1d0 [ 13.139770] ? __pfx_kthread+0x10/0x10 [ 13.139790] ret_from_fork_asm+0x1a/0x30 [ 13.139821] </TASK> [ 13.139834] [ 13.150902] Allocated by task 198: [ 13.151325] kasan_save_stack+0x45/0x70 [ 13.151600] kasan_save_track+0x18/0x40 [ 13.151814] kasan_save_alloc_info+0x3b/0x50 [ 13.152005] __kasan_kmalloc+0xb7/0xc0 [ 13.152324] __kmalloc_cache_noprof+0x189/0x420 [ 13.152594] kmalloc_memmove_negative_size+0xac/0x330 [ 13.152851] kunit_try_run_case+0x1a5/0x480 [ 13.153311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.153662] kthread+0x337/0x6f0 [ 13.153802] ret_from_fork+0x116/0x1d0 [ 13.154180] ret_from_fork_asm+0x1a/0x30 [ 13.154575] [ 13.154670] The buggy address belongs to the object at ffff88810389b900 [ 13.154670] which belongs to the cache kmalloc-64 of size 64 [ 13.155569] The buggy address is located 4 bytes inside of [ 13.155569] 64-byte region [ffff88810389b900, ffff88810389b940) [ 13.156362] [ 13.156485] The buggy address belongs to the physical page: [ 13.156737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10389b [ 13.157451] flags: 0x200000000000000(node=0|zone=2) [ 13.157713] page_type: f5(slab) [ 13.157983] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.158626] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.159040] page dumped because: kasan: bad access detected [ 13.159364] [ 13.159449] Memory state around the buggy address: [ 13.159669] ffff88810389b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.160494] ffff88810389b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.160803] >ffff88810389b900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.161264] ^ [ 13.161397] ffff88810389b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.161733] ffff88810389ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.162393] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 13.105607] ================================================================== [ 13.106215] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 13.106460] Write of size 16 at addr ffff8881029df769 by task kunit_try_catch/196 [ 13.106705] [ 13.106795] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.106839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.106851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.106872] Call Trace: [ 13.106883] <TASK> [ 13.106899] dump_stack_lvl+0x73/0xb0 [ 13.106929] print_report+0xd1/0x610 [ 13.106952] ? __virt_addr_valid+0x1db/0x2d0 [ 13.106975] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.106996] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.107018] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.107040] kasan_report+0x141/0x180 [ 13.107061] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.107087] kasan_check_range+0x10c/0x1c0 [ 13.107110] __asan_memset+0x27/0x50 [ 13.107129] kmalloc_oob_memset_16+0x166/0x330 [ 13.107151] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 13.107174] ? __schedule+0x10c6/0x2b60 [ 13.107196] ? __pfx_read_tsc+0x10/0x10 [ 13.107218] ? ktime_get_ts64+0x86/0x230 [ 13.107242] kunit_try_run_case+0x1a5/0x480 [ 13.107267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.107289] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.107313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.107336] ? __kthread_parkme+0x82/0x180 [ 13.107358] ? preempt_count_sub+0x50/0x80 [ 13.107381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.107404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.107427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.107450] kthread+0x337/0x6f0 [ 13.107877] ? trace_preempt_on+0x20/0xc0 [ 13.107931] ? __pfx_kthread+0x10/0x10 [ 13.108207] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.108233] ? calculate_sigpending+0x7b/0xa0 [ 13.108273] ? __pfx_kthread+0x10/0x10 [ 13.108295] ret_from_fork+0x116/0x1d0 [ 13.108315] ? __pfx_kthread+0x10/0x10 [ 13.108336] ret_from_fork_asm+0x1a/0x30 [ 13.108366] </TASK> [ 13.108377] [ 13.122250] Allocated by task 196: [ 13.122396] kasan_save_stack+0x45/0x70 [ 13.122715] kasan_save_track+0x18/0x40 [ 13.123199] kasan_save_alloc_info+0x3b/0x50 [ 13.123565] __kasan_kmalloc+0xb7/0xc0 [ 13.123912] __kmalloc_cache_noprof+0x189/0x420 [ 13.124352] kmalloc_oob_memset_16+0xac/0x330 [ 13.124683] kunit_try_run_case+0x1a5/0x480 [ 13.124936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.125145] kthread+0x337/0x6f0 [ 13.125325] ret_from_fork+0x116/0x1d0 [ 13.125524] ret_from_fork_asm+0x1a/0x30 [ 13.125730] [ 13.126164] The buggy address belongs to the object at ffff8881029df700 [ 13.126164] which belongs to the cache kmalloc-128 of size 128 [ 13.126933] The buggy address is located 105 bytes inside of [ 13.126933] allocated 120-byte region [ffff8881029df700, ffff8881029df778) [ 13.127605] [ 13.127715] The buggy address belongs to the physical page: [ 13.127950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 13.128313] flags: 0x200000000000000(node=0|zone=2) [ 13.128553] page_type: f5(slab) [ 13.128716] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.129486] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.129944] page dumped because: kasan: bad access detected [ 13.130232] [ 13.130517] Memory state around the buggy address: [ 13.130732] ffff8881029df600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.131243] ffff8881029df680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.131656] >ffff8881029df700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.132092] ^ [ 13.132543] ffff8881029df780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.133000] ffff8881029df800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.133542] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 13.074300] ================================================================== [ 13.074811] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 13.075108] Write of size 8 at addr ffff8881029df671 by task kunit_try_catch/194 [ 13.075652] [ 13.075779] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.075826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.075837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.075859] Call Trace: [ 13.075873] <TASK> [ 13.075889] dump_stack_lvl+0x73/0xb0 [ 13.075921] print_report+0xd1/0x610 [ 13.075945] ? __virt_addr_valid+0x1db/0x2d0 [ 13.075967] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.075989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.076011] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.076034] kasan_report+0x141/0x180 [ 13.076295] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.076327] kasan_check_range+0x10c/0x1c0 [ 13.076352] __asan_memset+0x27/0x50 [ 13.076371] kmalloc_oob_memset_8+0x166/0x330 [ 13.076394] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 13.076417] ? __schedule+0x10c6/0x2b60 [ 13.076440] ? __pfx_read_tsc+0x10/0x10 [ 13.076461] ? ktime_get_ts64+0x86/0x230 [ 13.076501] kunit_try_run_case+0x1a5/0x480 [ 13.076527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.076549] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.076574] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.076598] ? __kthread_parkme+0x82/0x180 [ 13.076618] ? preempt_count_sub+0x50/0x80 [ 13.076642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.076666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.076690] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.076716] kthread+0x337/0x6f0 [ 13.076737] ? trace_preempt_on+0x20/0xc0 [ 13.076760] ? __pfx_kthread+0x10/0x10 [ 13.076780] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.076803] ? calculate_sigpending+0x7b/0xa0 [ 13.076827] ? __pfx_kthread+0x10/0x10 [ 13.076849] ret_from_fork+0x116/0x1d0 [ 13.076868] ? __pfx_kthread+0x10/0x10 [ 13.076890] ret_from_fork_asm+0x1a/0x30 [ 13.076921] </TASK> [ 13.076931] [ 13.087692] Allocated by task 194: [ 13.087996] kasan_save_stack+0x45/0x70 [ 13.088541] kasan_save_track+0x18/0x40 [ 13.088881] kasan_save_alloc_info+0x3b/0x50 [ 13.089413] __kasan_kmalloc+0xb7/0xc0 [ 13.089626] __kmalloc_cache_noprof+0x189/0x420 [ 13.090172] kmalloc_oob_memset_8+0xac/0x330 [ 13.090476] kunit_try_run_case+0x1a5/0x480 [ 13.090687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.091420] kthread+0x337/0x6f0 [ 13.091679] ret_from_fork+0x116/0x1d0 [ 13.091967] ret_from_fork_asm+0x1a/0x30 [ 13.092443] [ 13.092566] The buggy address belongs to the object at ffff8881029df600 [ 13.092566] which belongs to the cache kmalloc-128 of size 128 [ 13.093682] The buggy address is located 113 bytes inside of [ 13.093682] allocated 120-byte region [ffff8881029df600, ffff8881029df678) [ 13.094576] [ 13.094864] The buggy address belongs to the physical page: [ 13.095196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 13.095873] flags: 0x200000000000000(node=0|zone=2) [ 13.096491] page_type: f5(slab) [ 13.096726] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.097314] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.097653] page dumped because: kasan: bad access detected [ 13.098001] [ 13.098461] Memory state around the buggy address: [ 13.098717] ffff8881029df500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.099686] ffff8881029df580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.100399] >ffff8881029df600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.100716] ^ [ 13.101343] ffff8881029df680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.101698] ffff8881029df700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.102052] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 13.051525] ================================================================== [ 13.051984] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 13.052367] Write of size 4 at addr ffff8881029df575 by task kunit_try_catch/192 [ 13.052678] [ 13.052797] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.052844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.052855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.052877] Call Trace: [ 13.052889] <TASK> [ 13.052904] dump_stack_lvl+0x73/0xb0 [ 13.052936] print_report+0xd1/0x610 [ 13.052959] ? __virt_addr_valid+0x1db/0x2d0 [ 13.052983] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.053004] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.053026] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.053048] kasan_report+0x141/0x180 [ 13.053071] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.053098] kasan_check_range+0x10c/0x1c0 [ 13.053179] __asan_memset+0x27/0x50 [ 13.053201] kmalloc_oob_memset_4+0x166/0x330 [ 13.053224] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 13.053247] ? __schedule+0x10c6/0x2b60 [ 13.053271] ? __pfx_read_tsc+0x10/0x10 [ 13.053292] ? ktime_get_ts64+0x86/0x230 [ 13.053316] kunit_try_run_case+0x1a5/0x480 [ 13.053341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.053363] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.053388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.053411] ? __kthread_parkme+0x82/0x180 [ 13.053432] ? preempt_count_sub+0x50/0x80 [ 13.053456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.053529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.053553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.053577] kthread+0x337/0x6f0 [ 13.053597] ? trace_preempt_on+0x20/0xc0 [ 13.053620] ? __pfx_kthread+0x10/0x10 [ 13.053641] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.053664] ? calculate_sigpending+0x7b/0xa0 [ 13.053688] ? __pfx_kthread+0x10/0x10 [ 13.053709] ret_from_fork+0x116/0x1d0 [ 13.053728] ? __pfx_kthread+0x10/0x10 [ 13.053749] ret_from_fork_asm+0x1a/0x30 [ 13.053779] </TASK> [ 13.053789] [ 13.062303] Allocated by task 192: [ 13.062504] kasan_save_stack+0x45/0x70 [ 13.062717] kasan_save_track+0x18/0x40 [ 13.063033] kasan_save_alloc_info+0x3b/0x50 [ 13.063204] __kasan_kmalloc+0xb7/0xc0 [ 13.063390] __kmalloc_cache_noprof+0x189/0x420 [ 13.063641] kmalloc_oob_memset_4+0xac/0x330 [ 13.063890] kunit_try_run_case+0x1a5/0x480 [ 13.064061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.064301] kthread+0x337/0x6f0 [ 13.064467] ret_from_fork+0x116/0x1d0 [ 13.064626] ret_from_fork_asm+0x1a/0x30 [ 13.064890] [ 13.064987] The buggy address belongs to the object at ffff8881029df500 [ 13.064987] which belongs to the cache kmalloc-128 of size 128 [ 13.065491] The buggy address is located 117 bytes inside of [ 13.065491] allocated 120-byte region [ffff8881029df500, ffff8881029df578) [ 13.065986] [ 13.066087] The buggy address belongs to the physical page: [ 13.066338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 13.066607] flags: 0x200000000000000(node=0|zone=2) [ 13.066786] page_type: f5(slab) [ 13.066916] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.067179] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.067769] page dumped because: kasan: bad access detected [ 13.068038] [ 13.068135] Memory state around the buggy address: [ 13.068421] ffff8881029df400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.068940] ffff8881029df480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.069512] >ffff8881029df500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.069764] ^ [ 13.070168] ffff8881029df580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.070487] ffff8881029df600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.070823] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 13.026233] ================================================================== [ 13.026727] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 13.027225] Write of size 2 at addr ffff888103249577 by task kunit_try_catch/190 [ 13.027592] [ 13.027715] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.027762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.027773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.027796] Call Trace: [ 13.027808] <TASK> [ 13.027826] dump_stack_lvl+0x73/0xb0 [ 13.027858] print_report+0xd1/0x610 [ 13.027882] ? __virt_addr_valid+0x1db/0x2d0 [ 13.027905] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.027927] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.027949] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.027971] kasan_report+0x141/0x180 [ 13.027993] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.028019] kasan_check_range+0x10c/0x1c0 [ 13.028042] __asan_memset+0x27/0x50 [ 13.028062] kmalloc_oob_memset_2+0x166/0x330 [ 13.028083] ? __kasan_check_write+0x18/0x20 [ 13.028103] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 13.028124] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.028150] ? trace_hardirqs_on+0x37/0xe0 [ 13.028174] ? __pfx_read_tsc+0x10/0x10 [ 13.028196] ? ktime_get_ts64+0x86/0x230 [ 13.028452] kunit_try_run_case+0x1a5/0x480 [ 13.028498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.028523] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.028549] ? __kthread_parkme+0x82/0x180 [ 13.028571] ? preempt_count_sub+0x50/0x80 [ 13.028595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.028618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.028642] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.028665] kthread+0x337/0x6f0 [ 13.028685] ? trace_preempt_on+0x20/0xc0 [ 13.028707] ? __pfx_kthread+0x10/0x10 [ 13.028727] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.028749] ? calculate_sigpending+0x7b/0xa0 [ 13.028774] ? __pfx_kthread+0x10/0x10 [ 13.028795] ret_from_fork+0x116/0x1d0 [ 13.028814] ? __pfx_kthread+0x10/0x10 [ 13.028834] ret_from_fork_asm+0x1a/0x30 [ 13.028865] </TASK> [ 13.028876] [ 13.037424] Allocated by task 190: [ 13.037627] kasan_save_stack+0x45/0x70 [ 13.037792] kasan_save_track+0x18/0x40 [ 13.038092] kasan_save_alloc_info+0x3b/0x50 [ 13.038282] __kasan_kmalloc+0xb7/0xc0 [ 13.038490] __kmalloc_cache_noprof+0x189/0x420 [ 13.038669] kmalloc_oob_memset_2+0xac/0x330 [ 13.038824] kunit_try_run_case+0x1a5/0x480 [ 13.039020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.039282] kthread+0x337/0x6f0 [ 13.039459] ret_from_fork+0x116/0x1d0 [ 13.039970] ret_from_fork_asm+0x1a/0x30 [ 13.040261] [ 13.040370] The buggy address belongs to the object at ffff888103249500 [ 13.040370] which belongs to the cache kmalloc-128 of size 128 [ 13.040980] The buggy address is located 119 bytes inside of [ 13.040980] allocated 120-byte region [ffff888103249500, ffff888103249578) [ 13.041603] [ 13.041690] The buggy address belongs to the physical page: [ 13.041877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 13.042142] flags: 0x200000000000000(node=0|zone=2) [ 13.042394] page_type: f5(slab) [ 13.042677] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.043502] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.043748] page dumped because: kasan: bad access detected [ 13.043930] [ 13.044005] Memory state around the buggy address: [ 13.044254] ffff888103249400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.044611] ffff888103249480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.045028] >ffff888103249500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.045451] ^ [ 13.045770] ffff888103249580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.046009] ffff888103249600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.046400] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.994997] ================================================================== [ 12.995626] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.996069] Write of size 128 at addr ffff8881029df400 by task kunit_try_catch/188 [ 12.996332] [ 12.996709] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.996854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.996869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.996892] Call Trace: [ 12.996906] <TASK> [ 12.996924] dump_stack_lvl+0x73/0xb0 [ 12.996959] print_report+0xd1/0x610 [ 12.996983] ? __virt_addr_valid+0x1db/0x2d0 [ 12.997008] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.997030] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.997052] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.997075] kasan_report+0x141/0x180 [ 12.997097] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.997125] kasan_check_range+0x10c/0x1c0 [ 12.997149] __asan_memset+0x27/0x50 [ 12.997169] kmalloc_oob_in_memset+0x15f/0x320 [ 12.997192] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.997216] ? __schedule+0x2079/0x2b60 [ 12.997239] ? __pfx_read_tsc+0x10/0x10 [ 12.997261] ? ktime_get_ts64+0x86/0x230 [ 12.997287] kunit_try_run_case+0x1a5/0x480 [ 12.997312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.997335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.997360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.997383] ? __kthread_parkme+0x82/0x180 [ 12.997405] ? preempt_count_sub+0x50/0x80 [ 12.997429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.997453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.997491] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.997515] kthread+0x337/0x6f0 [ 12.997535] ? trace_preempt_on+0x20/0xc0 [ 12.997558] ? __pfx_kthread+0x10/0x10 [ 12.997579] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.997601] ? calculate_sigpending+0x7b/0xa0 [ 12.997626] ? __pfx_kthread+0x10/0x10 [ 12.997648] ret_from_fork+0x116/0x1d0 [ 12.997667] ? __pfx_kthread+0x10/0x10 [ 12.997688] ret_from_fork_asm+0x1a/0x30 [ 12.997720] </TASK> [ 12.997730] [ 13.008831] Allocated by task 188: [ 13.009029] kasan_save_stack+0x45/0x70 [ 13.009224] kasan_save_track+0x18/0x40 [ 13.009408] kasan_save_alloc_info+0x3b/0x50 [ 13.009621] __kasan_kmalloc+0xb7/0xc0 [ 13.009808] __kmalloc_cache_noprof+0x189/0x420 [ 13.010318] kmalloc_oob_in_memset+0xac/0x320 [ 13.010516] kunit_try_run_case+0x1a5/0x480 [ 13.010889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.011132] kthread+0x337/0x6f0 [ 13.011512] ret_from_fork+0x116/0x1d0 [ 13.011693] ret_from_fork_asm+0x1a/0x30 [ 13.012075] [ 13.012184] The buggy address belongs to the object at ffff8881029df400 [ 13.012184] which belongs to the cache kmalloc-128 of size 128 [ 13.013026] The buggy address is located 0 bytes inside of [ 13.013026] allocated 120-byte region [ffff8881029df400, ffff8881029df478) [ 13.013663] [ 13.013770] The buggy address belongs to the physical page: [ 13.014003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029df [ 13.014725] flags: 0x200000000000000(node=0|zone=2) [ 13.015144] page_type: f5(slab) [ 13.015385] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.015939] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.016398] page dumped because: kasan: bad access detected [ 13.016663] [ 13.016765] Memory state around the buggy address: [ 13.017433] ffff8881029df300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.017940] ffff8881029df380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.018357] >ffff8881029df400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.018676] ^ [ 13.019240] ffff8881029df480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.019650] ffff8881029df500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.020142] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.957891] ================================================================== [ 12.958317] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.958719] Read of size 16 at addr ffff888101c73560 by task kunit_try_catch/186 [ 12.959249] [ 12.959405] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.959491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.959504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.959541] Call Trace: [ 12.959555] <TASK> [ 12.959570] dump_stack_lvl+0x73/0xb0 [ 12.959618] print_report+0xd1/0x610 [ 12.959642] ? __virt_addr_valid+0x1db/0x2d0 [ 12.959665] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.959686] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.959708] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.959730] kasan_report+0x141/0x180 [ 12.959752] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.959778] __asan_report_load16_noabort+0x18/0x20 [ 12.959804] kmalloc_uaf_16+0x47b/0x4c0 [ 12.959825] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.959859] ? __schedule+0x10c6/0x2b60 [ 12.959882] ? __pfx_read_tsc+0x10/0x10 [ 12.959904] ? ktime_get_ts64+0x86/0x230 [ 12.959929] kunit_try_run_case+0x1a5/0x480 [ 12.959974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.959997] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.960021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.960045] ? __kthread_parkme+0x82/0x180 [ 12.960066] ? preempt_count_sub+0x50/0x80 [ 12.960090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.960116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.960140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.960224] kthread+0x337/0x6f0 [ 12.960250] ? trace_preempt_on+0x20/0xc0 [ 12.960274] ? __pfx_kthread+0x10/0x10 [ 12.960295] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.960318] ? calculate_sigpending+0x7b/0xa0 [ 12.960342] ? __pfx_kthread+0x10/0x10 [ 12.960364] ret_from_fork+0x116/0x1d0 [ 12.960383] ? __pfx_kthread+0x10/0x10 [ 12.960404] ret_from_fork_asm+0x1a/0x30 [ 12.960435] </TASK> [ 12.960446] [ 12.971317] Allocated by task 186: [ 12.971697] kasan_save_stack+0x45/0x70 [ 12.972099] kasan_save_track+0x18/0x40 [ 12.972272] kasan_save_alloc_info+0x3b/0x50 [ 12.972697] __kasan_kmalloc+0xb7/0xc0 [ 12.973045] __kmalloc_cache_noprof+0x189/0x420 [ 12.973378] kmalloc_uaf_16+0x15b/0x4c0 [ 12.973584] kunit_try_run_case+0x1a5/0x480 [ 12.974084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.974370] kthread+0x337/0x6f0 [ 12.974536] ret_from_fork+0x116/0x1d0 [ 12.974739] ret_from_fork_asm+0x1a/0x30 [ 12.975339] [ 12.975424] Freed by task 186: [ 12.975785] kasan_save_stack+0x45/0x70 [ 12.976112] kasan_save_track+0x18/0x40 [ 12.976315] kasan_save_free_info+0x3f/0x60 [ 12.976814] __kasan_slab_free+0x56/0x70 [ 12.976991] kfree+0x222/0x3f0 [ 12.977377] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.977605] kunit_try_run_case+0x1a5/0x480 [ 12.977873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.978279] kthread+0x337/0x6f0 [ 12.978446] ret_from_fork+0x116/0x1d0 [ 12.978655] ret_from_fork_asm+0x1a/0x30 [ 12.979215] [ 12.979536] The buggy address belongs to the object at ffff888101c73560 [ 12.979536] which belongs to the cache kmalloc-16 of size 16 [ 12.980286] The buggy address is located 0 bytes inside of [ 12.980286] freed 16-byte region [ffff888101c73560, ffff888101c73570) [ 12.981340] [ 12.981455] The buggy address belongs to the physical page: [ 12.981781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c73 [ 12.982191] flags: 0x200000000000000(node=0|zone=2) [ 12.982454] page_type: f5(slab) [ 12.982635] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.982989] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.983329] page dumped because: kasan: bad access detected [ 12.984187] [ 12.984292] Memory state around the buggy address: [ 12.984741] ffff888101c73400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.985367] ffff888101c73480: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.985729] >ffff888101c73500: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 12.986304] ^ [ 12.986729] ffff888101c73580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.987284] ffff888101c73600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.987740] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.930886] ================================================================== [ 12.931596] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.931949] Write of size 16 at addr ffff888101c73500 by task kunit_try_catch/184 [ 12.932284] [ 12.932405] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.932452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.932464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.932498] Call Trace: [ 12.932532] <TASK> [ 12.932550] dump_stack_lvl+0x73/0xb0 [ 12.932584] print_report+0xd1/0x610 [ 12.932609] ? __virt_addr_valid+0x1db/0x2d0 [ 12.932634] ? kmalloc_oob_16+0x452/0x4a0 [ 12.932655] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.932677] ? kmalloc_oob_16+0x452/0x4a0 [ 12.932699] kasan_report+0x141/0x180 [ 12.932721] ? kmalloc_oob_16+0x452/0x4a0 [ 12.932853] __asan_report_store16_noabort+0x1b/0x30 [ 12.932881] kmalloc_oob_16+0x452/0x4a0 [ 12.932904] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.932927] ? __schedule+0x10c6/0x2b60 [ 12.932951] ? __pfx_read_tsc+0x10/0x10 [ 12.932973] ? ktime_get_ts64+0x86/0x230 [ 12.933022] kunit_try_run_case+0x1a5/0x480 [ 12.933058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.933082] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.933107] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.933131] ? __kthread_parkme+0x82/0x180 [ 12.933152] ? preempt_count_sub+0x50/0x80 [ 12.933180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.933204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.933228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.933306] kthread+0x337/0x6f0 [ 12.933329] ? trace_preempt_on+0x20/0xc0 [ 12.933353] ? __pfx_kthread+0x10/0x10 [ 12.933374] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.933397] ? calculate_sigpending+0x7b/0xa0 [ 12.933422] ? __pfx_kthread+0x10/0x10 [ 12.933444] ret_from_fork+0x116/0x1d0 [ 12.933464] ? __pfx_kthread+0x10/0x10 [ 12.933497] ret_from_fork_asm+0x1a/0x30 [ 12.933528] </TASK> [ 12.933539] [ 12.942549] Allocated by task 184: [ 12.942729] kasan_save_stack+0x45/0x70 [ 12.942995] kasan_save_track+0x18/0x40 [ 12.943245] kasan_save_alloc_info+0x3b/0x50 [ 12.943459] __kasan_kmalloc+0xb7/0xc0 [ 12.943660] __kmalloc_cache_noprof+0x189/0x420 [ 12.944169] kmalloc_oob_16+0xa8/0x4a0 [ 12.944381] kunit_try_run_case+0x1a5/0x480 [ 12.944578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.944869] kthread+0x337/0x6f0 [ 12.945064] ret_from_fork+0x116/0x1d0 [ 12.945340] ret_from_fork_asm+0x1a/0x30 [ 12.945568] [ 12.945681] The buggy address belongs to the object at ffff888101c73500 [ 12.945681] which belongs to the cache kmalloc-16 of size 16 [ 12.946276] The buggy address is located 0 bytes inside of [ 12.946276] allocated 13-byte region [ffff888101c73500, ffff888101c7350d) [ 12.947177] [ 12.947272] The buggy address belongs to the physical page: [ 12.947456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c73 [ 12.947978] flags: 0x200000000000000(node=0|zone=2) [ 12.948406] page_type: f5(slab) [ 12.948685] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.949172] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.949583] page dumped because: kasan: bad access detected [ 12.949858] [ 12.949959] Memory state around the buggy address: [ 12.950277] ffff888101c73400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.950641] ffff888101c73480: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.950990] >ffff888101c73500: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 12.951322] ^ [ 12.951526] ffff888101c73580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.951856] ffff888101c73600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.952185] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.897592] ================================================================== [ 12.898441] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.898964] Read of size 1 at addr ffff888100a9a400 by task kunit_try_catch/182 [ 12.899344] [ 12.899506] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.899555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.899567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.899589] Call Trace: [ 12.900138] <TASK> [ 12.900157] dump_stack_lvl+0x73/0xb0 [ 12.900193] print_report+0xd1/0x610 [ 12.900218] ? __virt_addr_valid+0x1db/0x2d0 [ 12.900241] ? krealloc_uaf+0x53c/0x5e0 [ 12.900263] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.900286] ? krealloc_uaf+0x53c/0x5e0 [ 12.900308] kasan_report+0x141/0x180 [ 12.900330] ? krealloc_uaf+0x53c/0x5e0 [ 12.900357] __asan_report_load1_noabort+0x18/0x20 [ 12.900382] krealloc_uaf+0x53c/0x5e0 [ 12.900403] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.900424] ? finish_task_switch.isra.0+0x153/0x700 [ 12.900447] ? __switch_to+0x47/0xf50 [ 12.900486] ? __schedule+0x10c6/0x2b60 [ 12.900510] ? __pfx_read_tsc+0x10/0x10 [ 12.900531] ? ktime_get_ts64+0x86/0x230 [ 12.900555] kunit_try_run_case+0x1a5/0x480 [ 12.900580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.900603] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.900627] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.900651] ? __kthread_parkme+0x82/0x180 [ 12.900672] ? preempt_count_sub+0x50/0x80 [ 12.900695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.900719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.900743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.900774] kthread+0x337/0x6f0 [ 12.900794] ? trace_preempt_on+0x20/0xc0 [ 12.900817] ? __pfx_kthread+0x10/0x10 [ 12.900838] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.900860] ? calculate_sigpending+0x7b/0xa0 [ 12.900884] ? __pfx_kthread+0x10/0x10 [ 12.900906] ret_from_fork+0x116/0x1d0 [ 12.900925] ? __pfx_kthread+0x10/0x10 [ 12.900945] ret_from_fork_asm+0x1a/0x30 [ 12.900976] </TASK> [ 12.900986] [ 12.910628] Allocated by task 182: [ 12.910900] kasan_save_stack+0x45/0x70 [ 12.911123] kasan_save_track+0x18/0x40 [ 12.911371] kasan_save_alloc_info+0x3b/0x50 [ 12.911598] __kasan_kmalloc+0xb7/0xc0 [ 12.911806] __kmalloc_cache_noprof+0x189/0x420 [ 12.912028] krealloc_uaf+0xbb/0x5e0 [ 12.912300] kunit_try_run_case+0x1a5/0x480 [ 12.912567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.912800] kthread+0x337/0x6f0 [ 12.913003] ret_from_fork+0x116/0x1d0 [ 12.913369] ret_from_fork_asm+0x1a/0x30 [ 12.913671] [ 12.913796] Freed by task 182: [ 12.913985] kasan_save_stack+0x45/0x70 [ 12.914199] kasan_save_track+0x18/0x40 [ 12.914430] kasan_save_free_info+0x3f/0x60 [ 12.914657] __kasan_slab_free+0x56/0x70 [ 12.914958] kfree+0x222/0x3f0 [ 12.915230] krealloc_uaf+0x13d/0x5e0 [ 12.915402] kunit_try_run_case+0x1a5/0x480 [ 12.915609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.915923] kthread+0x337/0x6f0 [ 12.916185] ret_from_fork+0x116/0x1d0 [ 12.916379] ret_from_fork_asm+0x1a/0x30 [ 12.916600] [ 12.916697] The buggy address belongs to the object at ffff888100a9a400 [ 12.916697] which belongs to the cache kmalloc-256 of size 256 [ 12.917258] The buggy address is located 0 bytes inside of [ 12.917258] freed 256-byte region [ffff888100a9a400, ffff888100a9a500) [ 12.917852] [ 12.918017] The buggy address belongs to the physical page: [ 12.918287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9a [ 12.918652] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.918889] flags: 0x200000000000040(head|node=0|zone=2) [ 12.919069] page_type: f5(slab) [ 12.919195] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.920186] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.920601] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.921225] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.921483] head: 0200000000000001 ffffea000402a681 00000000ffffffff 00000000ffffffff [ 12.921917] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.922432] page dumped because: kasan: bad access detected [ 12.922710] [ 12.922829] Memory state around the buggy address: [ 12.923057] ffff888100a9a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.923330] ffff888100a9a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.923632] >ffff888100a9a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.923989] ^ [ 12.924406] ffff888100a9a480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.924739] ffff888100a9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.925263] ================================================================== [ 12.870216] ================================================================== [ 12.870826] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.871195] Read of size 1 at addr ffff888100a9a400 by task kunit_try_catch/182 [ 12.871563] [ 12.871687] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.871757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.871769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.871793] Call Trace: [ 12.871822] <TASK> [ 12.871839] dump_stack_lvl+0x73/0xb0 [ 12.871890] print_report+0xd1/0x610 [ 12.871914] ? __virt_addr_valid+0x1db/0x2d0 [ 12.871939] ? krealloc_uaf+0x1b8/0x5e0 [ 12.871960] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.871983] ? krealloc_uaf+0x1b8/0x5e0 [ 12.872004] kasan_report+0x141/0x180 [ 12.872026] ? krealloc_uaf+0x1b8/0x5e0 [ 12.872051] ? krealloc_uaf+0x1b8/0x5e0 [ 12.872072] __kasan_check_byte+0x3d/0x50 [ 12.872094] krealloc_noprof+0x3f/0x340 [ 12.872114] ? stack_depot_save_flags+0x48b/0x840 [ 12.872141] krealloc_uaf+0x1b8/0x5e0 [ 12.872175] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.872196] ? finish_task_switch.isra.0+0x153/0x700 [ 12.872220] ? __switch_to+0x47/0xf50 [ 12.872246] ? __schedule+0x10c6/0x2b60 [ 12.872341] ? __pfx_read_tsc+0x10/0x10 [ 12.872386] ? ktime_get_ts64+0x86/0x230 [ 12.872413] kunit_try_run_case+0x1a5/0x480 [ 12.872440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.872463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.872499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.872523] ? __kthread_parkme+0x82/0x180 [ 12.872546] ? preempt_count_sub+0x50/0x80 [ 12.872569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.872595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.872620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.872644] kthread+0x337/0x6f0 [ 12.872664] ? trace_preempt_on+0x20/0xc0 [ 12.872688] ? __pfx_kthread+0x10/0x10 [ 12.872709] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.872732] ? calculate_sigpending+0x7b/0xa0 [ 12.872756] ? __pfx_kthread+0x10/0x10 [ 12.872778] ret_from_fork+0x116/0x1d0 [ 12.872799] ? __pfx_kthread+0x10/0x10 [ 12.872820] ret_from_fork_asm+0x1a/0x30 [ 12.872852] </TASK> [ 12.872862] [ 12.881978] Allocated by task 182: [ 12.882131] kasan_save_stack+0x45/0x70 [ 12.882282] kasan_save_track+0x18/0x40 [ 12.882520] kasan_save_alloc_info+0x3b/0x50 [ 12.882772] __kasan_kmalloc+0xb7/0xc0 [ 12.882990] __kmalloc_cache_noprof+0x189/0x420 [ 12.883357] krealloc_uaf+0xbb/0x5e0 [ 12.883595] kunit_try_run_case+0x1a5/0x480 [ 12.883837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.884236] kthread+0x337/0x6f0 [ 12.884417] ret_from_fork+0x116/0x1d0 [ 12.884590] ret_from_fork_asm+0x1a/0x30 [ 12.884735] [ 12.884909] Freed by task 182: [ 12.885153] kasan_save_stack+0x45/0x70 [ 12.885696] kasan_save_track+0x18/0x40 [ 12.885983] kasan_save_free_info+0x3f/0x60 [ 12.886265] __kasan_slab_free+0x56/0x70 [ 12.886505] kfree+0x222/0x3f0 [ 12.886678] krealloc_uaf+0x13d/0x5e0 [ 12.886870] kunit_try_run_case+0x1a5/0x480 [ 12.887080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.887286] kthread+0x337/0x6f0 [ 12.887411] ret_from_fork+0x116/0x1d0 [ 12.887672] ret_from_fork_asm+0x1a/0x30 [ 12.888093] [ 12.888232] The buggy address belongs to the object at ffff888100a9a400 [ 12.888232] which belongs to the cache kmalloc-256 of size 256 [ 12.888901] The buggy address is located 0 bytes inside of [ 12.888901] freed 256-byte region [ffff888100a9a400, ffff888100a9a500) [ 12.889344] [ 12.889501] The buggy address belongs to the physical page: [ 12.889814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9a [ 12.890309] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.890642] flags: 0x200000000000040(head|node=0|zone=2) [ 12.890890] page_type: f5(slab) [ 12.891017] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.891256] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.891694] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.892524] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.892897] head: 0200000000000001 ffffea000402a681 00000000ffffffff 00000000ffffffff [ 12.893515] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.893900] page dumped because: kasan: bad access detected [ 12.894293] [ 12.894370] Memory state around the buggy address: [ 12.894547] ffff888100a9a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.894837] ffff888100a9a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.895357] >ffff888100a9a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.895725] ^ [ 12.895852] ffff888100a9a480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.896336] ffff888100a9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.896823] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.624663] ================================================================== [ 12.625302] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.625654] Write of size 1 at addr ffff888100a9a2d0 by task kunit_try_catch/176 [ 12.626000] [ 12.626228] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.626274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.626285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.626306] Call Trace: [ 12.626318] <TASK> [ 12.626332] dump_stack_lvl+0x73/0xb0 [ 12.626360] print_report+0xd1/0x610 [ 12.626381] ? __virt_addr_valid+0x1db/0x2d0 [ 12.626403] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.626426] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.626448] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.626486] kasan_report+0x141/0x180 [ 12.626508] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.626536] __asan_report_store1_noabort+0x1b/0x30 [ 12.626560] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.626586] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.626610] ? finish_task_switch.isra.0+0x153/0x700 [ 12.626632] ? __switch_to+0x47/0xf50 [ 12.626657] ? __schedule+0x10c6/0x2b60 [ 12.626679] ? __pfx_read_tsc+0x10/0x10 [ 12.626702] krealloc_less_oob+0x1c/0x30 [ 12.626724] kunit_try_run_case+0x1a5/0x480 [ 12.626747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.626770] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.626792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.626815] ? __kthread_parkme+0x82/0x180 [ 12.626835] ? preempt_count_sub+0x50/0x80 [ 12.626857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.626893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.626916] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.626939] kthread+0x337/0x6f0 [ 12.626959] ? trace_preempt_on+0x20/0xc0 [ 12.626981] ? __pfx_kthread+0x10/0x10 [ 12.627001] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.627022] ? calculate_sigpending+0x7b/0xa0 [ 12.627045] ? __pfx_kthread+0x10/0x10 [ 12.627067] ret_from_fork+0x116/0x1d0 [ 12.627084] ? __pfx_kthread+0x10/0x10 [ 12.627105] ret_from_fork_asm+0x1a/0x30 [ 12.627135] </TASK> [ 12.627144] [ 12.635565] Allocated by task 176: [ 12.635760] kasan_save_stack+0x45/0x70 [ 12.635983] kasan_save_track+0x18/0x40 [ 12.636156] kasan_save_alloc_info+0x3b/0x50 [ 12.636359] __kasan_krealloc+0x190/0x1f0 [ 12.636630] krealloc_noprof+0xf3/0x340 [ 12.636819] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.637107] krealloc_less_oob+0x1c/0x30 [ 12.637288] kunit_try_run_case+0x1a5/0x480 [ 12.637485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.637728] kthread+0x337/0x6f0 [ 12.638529] ret_from_fork+0x116/0x1d0 [ 12.638698] ret_from_fork_asm+0x1a/0x30 [ 12.638843] [ 12.638916] The buggy address belongs to the object at ffff888100a9a200 [ 12.638916] which belongs to the cache kmalloc-256 of size 256 [ 12.639291] The buggy address is located 7 bytes to the right of [ 12.639291] allocated 201-byte region [ffff888100a9a200, ffff888100a9a2c9) [ 12.640263] [ 12.640380] The buggy address belongs to the physical page: [ 12.640667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9a [ 12.641316] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.641644] flags: 0x200000000000040(head|node=0|zone=2) [ 12.642508] page_type: f5(slab) [ 12.642673] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.643527] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.644011] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.644846] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.645298] head: 0200000000000001 ffffea000402a681 00000000ffffffff 00000000ffffffff [ 12.645642] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.646283] page dumped because: kasan: bad access detected [ 12.646632] [ 12.646719] Memory state around the buggy address: [ 12.647251] ffff888100a9a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.647694] ffff888100a9a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.648184] >ffff888100a9a280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.648622] ^ [ 12.649030] ffff888100a9a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.649354] ffff888100a9a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.649674] ================================================================== [ 12.673952] ================================================================== [ 12.674422] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.674730] Write of size 1 at addr ffff888100a9a2ea by task kunit_try_catch/176 [ 12.675242] [ 12.675335] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.675378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.675389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.675410] Call Trace: [ 12.675425] <TASK> [ 12.675439] dump_stack_lvl+0x73/0xb0 [ 12.675467] print_report+0xd1/0x610 [ 12.675505] ? __virt_addr_valid+0x1db/0x2d0 [ 12.675528] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.675551] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.675574] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.675598] kasan_report+0x141/0x180 [ 12.675620] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.675648] __asan_report_store1_noabort+0x1b/0x30 [ 12.675672] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.675698] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.675721] ? finish_task_switch.isra.0+0x153/0x700 [ 12.675744] ? __switch_to+0x47/0xf50 [ 12.675769] ? __schedule+0x10c6/0x2b60 [ 12.675791] ? __pfx_read_tsc+0x10/0x10 [ 12.675815] krealloc_less_oob+0x1c/0x30 [ 12.675836] kunit_try_run_case+0x1a5/0x480 [ 12.675859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.675882] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.675919] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.675942] ? __kthread_parkme+0x82/0x180 [ 12.675961] ? preempt_count_sub+0x50/0x80 [ 12.675984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.676008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.676031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.676054] kthread+0x337/0x6f0 [ 12.676073] ? trace_preempt_on+0x20/0xc0 [ 12.676096] ? __pfx_kthread+0x10/0x10 [ 12.676117] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.676138] ? calculate_sigpending+0x7b/0xa0 [ 12.676161] ? __pfx_kthread+0x10/0x10 [ 12.676183] ret_from_fork+0x116/0x1d0 [ 12.676201] ? __pfx_kthread+0x10/0x10 [ 12.676221] ret_from_fork_asm+0x1a/0x30 [ 12.676252] </TASK> [ 12.676262] [ 12.684241] Allocated by task 176: [ 12.684431] kasan_save_stack+0x45/0x70 [ 12.684653] kasan_save_track+0x18/0x40 [ 12.684933] kasan_save_alloc_info+0x3b/0x50 [ 12.685396] __kasan_krealloc+0x190/0x1f0 [ 12.685630] krealloc_noprof+0xf3/0x340 [ 12.685908] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.686304] krealloc_less_oob+0x1c/0x30 [ 12.686456] kunit_try_run_case+0x1a5/0x480 [ 12.686683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.687086] kthread+0x337/0x6f0 [ 12.687269] ret_from_fork+0x116/0x1d0 [ 12.687408] ret_from_fork_asm+0x1a/0x30 [ 12.687561] [ 12.687635] The buggy address belongs to the object at ffff888100a9a200 [ 12.687635] which belongs to the cache kmalloc-256 of size 256 [ 12.687995] The buggy address is located 33 bytes to the right of [ 12.687995] allocated 201-byte region [ffff888100a9a200, ffff888100a9a2c9) [ 12.688560] [ 12.688656] The buggy address belongs to the physical page: [ 12.688902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9a [ 12.689295] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.689637] flags: 0x200000000000040(head|node=0|zone=2) [ 12.689939] page_type: f5(slab) [ 12.690183] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.690431] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.690674] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.691364] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.691713] head: 0200000000000001 ffffea000402a681 00000000ffffffff 00000000ffffffff [ 12.692032] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.692338] page dumped because: kasan: bad access detected [ 12.692611] [ 12.692707] Memory state around the buggy address: [ 12.692918] ffff888100a9a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.693377] ffff888100a9a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.693690] >ffff888100a9a280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.694162] ^ [ 12.694454] ffff888100a9a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.694751] ffff888100a9a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.695119] ================================================================== [ 12.650522] ================================================================== [ 12.650881] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.651158] Write of size 1 at addr ffff888100a9a2da by task kunit_try_catch/176 [ 12.651520] [ 12.651646] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.651694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.651705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.651726] Call Trace: [ 12.651742] <TASK> [ 12.651758] dump_stack_lvl+0x73/0xb0 [ 12.651786] print_report+0xd1/0x610 [ 12.651807] ? __virt_addr_valid+0x1db/0x2d0 [ 12.651830] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.651853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.651875] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.651899] kasan_report+0x141/0x180 [ 12.651920] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.651948] __asan_report_store1_noabort+0x1b/0x30 [ 12.651973] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.651998] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.652022] ? finish_task_switch.isra.0+0x153/0x700 [ 12.652092] ? __switch_to+0x47/0xf50 [ 12.652118] ? __schedule+0x10c6/0x2b60 [ 12.652140] ? __pfx_read_tsc+0x10/0x10 [ 12.652164] krealloc_less_oob+0x1c/0x30 [ 12.652185] kunit_try_run_case+0x1a5/0x480 [ 12.652210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.652232] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.652255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.652278] ? __kthread_parkme+0x82/0x180 [ 12.652298] ? preempt_count_sub+0x50/0x80 [ 12.652320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.652344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.652367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.652390] kthread+0x337/0x6f0 [ 12.652410] ? trace_preempt_on+0x20/0xc0 [ 12.652433] ? __pfx_kthread+0x10/0x10 [ 12.652453] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.652486] ? calculate_sigpending+0x7b/0xa0 [ 12.652510] ? __pfx_kthread+0x10/0x10 [ 12.652531] ret_from_fork+0x116/0x1d0 [ 12.652550] ? __pfx_kthread+0x10/0x10 [ 12.652570] ret_from_fork_asm+0x1a/0x30 [ 12.652601] </TASK> [ 12.652611] [ 12.662442] Allocated by task 176: [ 12.662662] kasan_save_stack+0x45/0x70 [ 12.662937] kasan_save_track+0x18/0x40 [ 12.663217] kasan_save_alloc_info+0x3b/0x50 [ 12.663391] __kasan_krealloc+0x190/0x1f0 [ 12.663619] krealloc_noprof+0xf3/0x340 [ 12.663820] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.663992] krealloc_less_oob+0x1c/0x30 [ 12.664140] kunit_try_run_case+0x1a5/0x480 [ 12.664295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.664553] kthread+0x337/0x6f0 [ 12.664777] ret_from_fork+0x116/0x1d0 [ 12.665133] ret_from_fork_asm+0x1a/0x30 [ 12.665281] [ 12.665356] The buggy address belongs to the object at ffff888100a9a200 [ 12.665356] which belongs to the cache kmalloc-256 of size 256 [ 12.666009] The buggy address is located 17 bytes to the right of [ 12.666009] allocated 201-byte region [ffff888100a9a200, ffff888100a9a2c9) [ 12.666622] [ 12.666724] The buggy address belongs to the physical page: [ 12.667137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9a [ 12.667447] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.667705] flags: 0x200000000000040(head|node=0|zone=2) [ 12.668235] page_type: f5(slab) [ 12.668431] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.668832] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.669201] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.669499] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.669750] head: 0200000000000001 ffffea000402a681 00000000ffffffff 00000000ffffffff [ 12.670128] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.670673] page dumped because: kasan: bad access detected [ 12.671119] [ 12.671197] Memory state around the buggy address: [ 12.671361] ffff888100a9a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.671631] ffff888100a9a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.671958] >ffff888100a9a280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.672433] ^ [ 12.672654] ffff888100a9a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.673151] ffff888100a9a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.673462] ================================================================== [ 12.786083] ================================================================== [ 12.786641] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.787186] Write of size 1 at addr ffff8881028120d0 by task kunit_try_catch/180 [ 12.787547] [ 12.787650] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.787716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.787728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.787749] Call Trace: [ 12.787762] <TASK> [ 12.787776] dump_stack_lvl+0x73/0xb0 [ 12.787806] print_report+0xd1/0x610 [ 12.787829] ? __virt_addr_valid+0x1db/0x2d0 [ 12.787851] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.787876] ? kasan_addr_to_slab+0x11/0xa0 [ 12.787897] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.787942] kasan_report+0x141/0x180 [ 12.787966] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.787995] __asan_report_store1_noabort+0x1b/0x30 [ 12.788038] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.788065] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.788090] ? finish_task_switch.isra.0+0x153/0x700 [ 12.788112] ? __switch_to+0x47/0xf50 [ 12.788138] ? __schedule+0x10c6/0x2b60 [ 12.788161] ? __pfx_read_tsc+0x10/0x10 [ 12.788185] krealloc_large_less_oob+0x1c/0x30 [ 12.788208] kunit_try_run_case+0x1a5/0x480 [ 12.788234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.788256] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.788280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.788303] ? __kthread_parkme+0x82/0x180 [ 12.788324] ? preempt_count_sub+0x50/0x80 [ 12.788347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.788371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.788394] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.788418] kthread+0x337/0x6f0 [ 12.788438] ? trace_preempt_on+0x20/0xc0 [ 12.788461] ? __pfx_kthread+0x10/0x10 [ 12.788492] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.788514] ? calculate_sigpending+0x7b/0xa0 [ 12.788538] ? __pfx_kthread+0x10/0x10 [ 12.788560] ret_from_fork+0x116/0x1d0 [ 12.788579] ? __pfx_kthread+0x10/0x10 [ 12.788599] ret_from_fork_asm+0x1a/0x30 [ 12.788630] </TASK> [ 12.788641] [ 12.798270] The buggy address belongs to the physical page: [ 12.798597] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102810 [ 12.799056] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.799511] flags: 0x200000000000040(head|node=0|zone=2) [ 12.799758] page_type: f8(unknown) [ 12.799926] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.800299] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.800747] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.801178] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.801674] head: 0200000000000002 ffffea00040a0401 00000000ffffffff 00000000ffffffff [ 12.801947] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.802233] page dumped because: kasan: bad access detected [ 12.802512] [ 12.802611] Memory state around the buggy address: [ 12.803178] ffff888102811f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.803563] ffff888102812000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.803786] >ffff888102812080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.804424] ^ [ 12.804737] ffff888102812100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.805119] ffff888102812180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.805762] ================================================================== [ 12.766336] ================================================================== [ 12.767148] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.767524] Write of size 1 at addr ffff8881028120c9 by task kunit_try_catch/180 [ 12.767896] [ 12.768001] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.768066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.768078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.768100] Call Trace: [ 12.768112] <TASK> [ 12.768186] dump_stack_lvl+0x73/0xb0 [ 12.768221] print_report+0xd1/0x610 [ 12.768246] ? __virt_addr_valid+0x1db/0x2d0 [ 12.768269] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.768293] ? kasan_addr_to_slab+0x11/0xa0 [ 12.768338] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.768364] kasan_report+0x141/0x180 [ 12.768386] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.768415] __asan_report_store1_noabort+0x1b/0x30 [ 12.768440] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.768466] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.768503] ? finish_task_switch.isra.0+0x153/0x700 [ 12.768526] ? __switch_to+0x47/0xf50 [ 12.768552] ? __schedule+0x10c6/0x2b60 [ 12.768576] ? __pfx_read_tsc+0x10/0x10 [ 12.768621] krealloc_large_less_oob+0x1c/0x30 [ 12.768644] kunit_try_run_case+0x1a5/0x480 [ 12.768669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.768692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.768717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.768741] ? __kthread_parkme+0x82/0x180 [ 12.768761] ? preempt_count_sub+0x50/0x80 [ 12.768792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.768817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.768859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.768883] kthread+0x337/0x6f0 [ 12.768903] ? trace_preempt_on+0x20/0xc0 [ 12.768926] ? __pfx_kthread+0x10/0x10 [ 12.768947] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.768969] ? calculate_sigpending+0x7b/0xa0 [ 12.768993] ? __pfx_kthread+0x10/0x10 [ 12.769015] ret_from_fork+0x116/0x1d0 [ 12.769035] ? __pfx_kthread+0x10/0x10 [ 12.769102] ret_from_fork_asm+0x1a/0x30 [ 12.769133] </TASK> [ 12.769144] [ 12.778542] The buggy address belongs to the physical page: [ 12.778781] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102810 [ 12.779419] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.779758] flags: 0x200000000000040(head|node=0|zone=2) [ 12.780029] page_type: f8(unknown) [ 12.780281] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.780571] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.780977] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.781420] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.781777] head: 0200000000000002 ffffea00040a0401 00000000ffffffff 00000000ffffffff [ 12.782247] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.782715] page dumped because: kasan: bad access detected [ 12.783188] [ 12.783292] Memory state around the buggy address: [ 12.783531] ffff888102811f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.783888] ffff888102812000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.784221] >ffff888102812080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.784562] ^ [ 12.784829] ffff888102812100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.785257] ffff888102812180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.785550] ================================================================== [ 12.695570] ================================================================== [ 12.695945] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.696424] Write of size 1 at addr ffff888100a9a2eb by task kunit_try_catch/176 [ 12.696739] [ 12.696881] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.696923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.696934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.696954] Call Trace: [ 12.696967] <TASK> [ 12.696982] dump_stack_lvl+0x73/0xb0 [ 12.697009] print_report+0xd1/0x610 [ 12.697030] ? __virt_addr_valid+0x1db/0x2d0 [ 12.697053] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.697076] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.697097] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.697121] kasan_report+0x141/0x180 [ 12.697143] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.697171] __asan_report_store1_noabort+0x1b/0x30 [ 12.697196] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.697221] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.697245] ? finish_task_switch.isra.0+0x153/0x700 [ 12.697267] ? __switch_to+0x47/0xf50 [ 12.697292] ? __schedule+0x10c6/0x2b60 [ 12.697315] ? __pfx_read_tsc+0x10/0x10 [ 12.697339] krealloc_less_oob+0x1c/0x30 [ 12.697360] kunit_try_run_case+0x1a5/0x480 [ 12.697384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.697407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.697430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.697453] ? __kthread_parkme+0x82/0x180 [ 12.697484] ? preempt_count_sub+0x50/0x80 [ 12.697507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.697531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.697553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.697576] kthread+0x337/0x6f0 [ 12.697596] ? trace_preempt_on+0x20/0xc0 [ 12.697618] ? __pfx_kthread+0x10/0x10 [ 12.697638] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.697659] ? calculate_sigpending+0x7b/0xa0 [ 12.697683] ? __pfx_kthread+0x10/0x10 [ 12.697704] ret_from_fork+0x116/0x1d0 [ 12.697722] ? __pfx_kthread+0x10/0x10 [ 12.697743] ret_from_fork_asm+0x1a/0x30 [ 12.697772] </TASK> [ 12.697781] [ 12.705743] Allocated by task 176: [ 12.705944] kasan_save_stack+0x45/0x70 [ 12.706168] kasan_save_track+0x18/0x40 [ 12.706506] kasan_save_alloc_info+0x3b/0x50 [ 12.706713] __kasan_krealloc+0x190/0x1f0 [ 12.706990] krealloc_noprof+0xf3/0x340 [ 12.707209] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.707409] krealloc_less_oob+0x1c/0x30 [ 12.707561] kunit_try_run_case+0x1a5/0x480 [ 12.707773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.708030] kthread+0x337/0x6f0 [ 12.708191] ret_from_fork+0x116/0x1d0 [ 12.708357] ret_from_fork_asm+0x1a/0x30 [ 12.708507] [ 12.708578] The buggy address belongs to the object at ffff888100a9a200 [ 12.708578] which belongs to the cache kmalloc-256 of size 256 [ 12.708932] The buggy address is located 34 bytes to the right of [ 12.708932] allocated 201-byte region [ffff888100a9a200, ffff888100a9a2c9) [ 12.709300] [ 12.709372] The buggy address belongs to the physical page: [ 12.709891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9a [ 12.710269] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.710629] flags: 0x200000000000040(head|node=0|zone=2) [ 12.710902] page_type: f5(slab) [ 12.711070] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.711568] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.711922] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.712985] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.714294] head: 0200000000000001 ffffea000402a681 00000000ffffffff 00000000ffffffff [ 12.714606] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.715707] page dumped because: kasan: bad access detected [ 12.716316] [ 12.716419] Memory state around the buggy address: [ 12.716656] ffff888100a9a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.717435] ffff888100a9a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.717999] >ffff888100a9a280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.718382] ^ [ 12.718683] ffff888100a9a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.719511] ffff888100a9a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.720317] ================================================================== [ 12.846308] ================================================================== [ 12.846659] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.846992] Write of size 1 at addr ffff8881028120eb by task kunit_try_catch/180 [ 12.847387] [ 12.847493] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.847539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.847550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.847572] Call Trace: [ 12.847586] <TASK> [ 12.847601] dump_stack_lvl+0x73/0xb0 [ 12.847632] print_report+0xd1/0x610 [ 12.847655] ? __virt_addr_valid+0x1db/0x2d0 [ 12.847678] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.847703] ? kasan_addr_to_slab+0x11/0xa0 [ 12.847724] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.847748] kasan_report+0x141/0x180 [ 12.847771] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.847800] __asan_report_store1_noabort+0x1b/0x30 [ 12.847825] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.847851] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.847876] ? finish_task_switch.isra.0+0x153/0x700 [ 12.847899] ? __switch_to+0x47/0xf50 [ 12.847924] ? __schedule+0x10c6/0x2b60 [ 12.847948] ? __pfx_read_tsc+0x10/0x10 [ 12.848342] krealloc_large_less_oob+0x1c/0x30 [ 12.848389] kunit_try_run_case+0x1a5/0x480 [ 12.848429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.848453] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.848506] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.848530] ? __kthread_parkme+0x82/0x180 [ 12.848551] ? preempt_count_sub+0x50/0x80 [ 12.848575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.848599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.848623] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.848648] kthread+0x337/0x6f0 [ 12.848668] ? trace_preempt_on+0x20/0xc0 [ 12.848693] ? __pfx_kthread+0x10/0x10 [ 12.848714] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.848736] ? calculate_sigpending+0x7b/0xa0 [ 12.848761] ? __pfx_kthread+0x10/0x10 [ 12.848793] ret_from_fork+0x116/0x1d0 [ 12.848812] ? __pfx_kthread+0x10/0x10 [ 12.848833] ret_from_fork_asm+0x1a/0x30 [ 12.848885] </TASK> [ 12.848896] [ 12.858149] The buggy address belongs to the physical page: [ 12.858336] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102810 [ 12.858894] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.859324] flags: 0x200000000000040(head|node=0|zone=2) [ 12.859644] page_type: f8(unknown) [ 12.859872] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.860375] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.860879] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.861342] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.861734] head: 0200000000000002 ffffea00040a0401 00000000ffffffff 00000000ffffffff [ 12.862160] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.862408] page dumped because: kasan: bad access detected [ 12.862620] [ 12.862721] Memory state around the buggy address: [ 12.863232] ffff888102811f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.863604] ffff888102812000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.863989] >ffff888102812080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.864500] ^ [ 12.864778] ffff888102812100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.865128] ffff888102812180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.865449] ================================================================== [ 12.826353] ================================================================== [ 12.826705] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.827624] Write of size 1 at addr ffff8881028120ea by task kunit_try_catch/180 [ 12.827962] [ 12.828051] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.828117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.828128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.828148] Call Trace: [ 12.828161] <TASK> [ 12.828175] dump_stack_lvl+0x73/0xb0 [ 12.828282] print_report+0xd1/0x610 [ 12.828306] ? __virt_addr_valid+0x1db/0x2d0 [ 12.828328] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.828352] ? kasan_addr_to_slab+0x11/0xa0 [ 12.828373] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.828398] kasan_report+0x141/0x180 [ 12.828420] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.828450] __asan_report_store1_noabort+0x1b/0x30 [ 12.828489] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.828534] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.828574] ? finish_task_switch.isra.0+0x153/0x700 [ 12.828597] ? __switch_to+0x47/0xf50 [ 12.828637] ? __schedule+0x10c6/0x2b60 [ 12.828675] ? __pfx_read_tsc+0x10/0x10 [ 12.828700] krealloc_large_less_oob+0x1c/0x30 [ 12.828723] kunit_try_run_case+0x1a5/0x480 [ 12.828748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.828785] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.828824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.828848] ? __kthread_parkme+0x82/0x180 [ 12.828882] ? preempt_count_sub+0x50/0x80 [ 12.828905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.828930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.828954] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.828977] kthread+0x337/0x6f0 [ 12.828998] ? trace_preempt_on+0x20/0xc0 [ 12.829020] ? __pfx_kthread+0x10/0x10 [ 12.829041] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.829063] ? calculate_sigpending+0x7b/0xa0 [ 12.829087] ? __pfx_kthread+0x10/0x10 [ 12.829109] ret_from_fork+0x116/0x1d0 [ 12.829128] ? __pfx_kthread+0x10/0x10 [ 12.829149] ret_from_fork_asm+0x1a/0x30 [ 12.829181] </TASK> [ 12.829191] [ 12.838518] The buggy address belongs to the physical page: [ 12.838846] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102810 [ 12.839409] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.839771] flags: 0x200000000000040(head|node=0|zone=2) [ 12.840100] page_type: f8(unknown) [ 12.840312] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.840690] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.841002] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.841331] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.841958] head: 0200000000000002 ffffea00040a0401 00000000ffffffff 00000000ffffffff [ 12.842358] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.842703] page dumped because: kasan: bad access detected [ 12.843030] [ 12.843144] Memory state around the buggy address: [ 12.843589] ffff888102811f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.843994] ffff888102812000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.844395] >ffff888102812080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.844693] ^ [ 12.845052] ffff888102812100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.845435] ffff888102812180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.845744] ================================================================== [ 12.806878] ================================================================== [ 12.807189] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.807577] Write of size 1 at addr ffff8881028120da by task kunit_try_catch/180 [ 12.808168] [ 12.808265] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.808311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.808322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.808344] Call Trace: [ 12.808359] <TASK> [ 12.808374] dump_stack_lvl+0x73/0xb0 [ 12.808432] print_report+0xd1/0x610 [ 12.808455] ? __virt_addr_valid+0x1db/0x2d0 [ 12.808491] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.808516] ? kasan_addr_to_slab+0x11/0xa0 [ 12.808537] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.808582] kasan_report+0x141/0x180 [ 12.808605] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.808634] __asan_report_store1_noabort+0x1b/0x30 [ 12.808659] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.808686] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.808710] ? finish_task_switch.isra.0+0x153/0x700 [ 12.808750] ? __switch_to+0x47/0xf50 [ 12.808776] ? __schedule+0x10c6/0x2b60 [ 12.808814] ? __pfx_read_tsc+0x10/0x10 [ 12.808838] krealloc_large_less_oob+0x1c/0x30 [ 12.808862] kunit_try_run_case+0x1a5/0x480 [ 12.808887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.808910] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.808934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.808957] ? __kthread_parkme+0x82/0x180 [ 12.808978] ? preempt_count_sub+0x50/0x80 [ 12.809001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.809026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.809049] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.809073] kthread+0x337/0x6f0 [ 12.809093] ? trace_preempt_on+0x20/0xc0 [ 12.809116] ? __pfx_kthread+0x10/0x10 [ 12.809137] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.809159] ? calculate_sigpending+0x7b/0xa0 [ 12.809248] ? __pfx_kthread+0x10/0x10 [ 12.809272] ret_from_fork+0x116/0x1d0 [ 12.809315] ? __pfx_kthread+0x10/0x10 [ 12.809337] ret_from_fork_asm+0x1a/0x30 [ 12.809368] </TASK> [ 12.809379] [ 12.818607] The buggy address belongs to the physical page: [ 12.818796] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102810 [ 12.819216] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.819681] flags: 0x200000000000040(head|node=0|zone=2) [ 12.819925] page_type: f8(unknown) [ 12.820057] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.820441] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.820944] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.821396] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.821766] head: 0200000000000002 ffffea00040a0401 00000000ffffffff 00000000ffffffff [ 12.822139] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.822666] page dumped because: kasan: bad access detected [ 12.822950] [ 12.823049] Memory state around the buggy address: [ 12.823582] ffff888102811f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.823920] ffff888102812000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.824454] >ffff888102812080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.824821] ^ [ 12.825042] ffff888102812100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.825566] ffff888102812180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.825911] ================================================================== [ 12.602089] ================================================================== [ 12.602698] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.603586] Write of size 1 at addr ffff888100a9a2c9 by task kunit_try_catch/176 [ 12.604142] [ 12.604251] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.604298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.604310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.604332] Call Trace: [ 12.604345] <TASK> [ 12.604361] dump_stack_lvl+0x73/0xb0 [ 12.604393] print_report+0xd1/0x610 [ 12.604416] ? __virt_addr_valid+0x1db/0x2d0 [ 12.604438] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.604461] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.604497] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.604520] kasan_report+0x141/0x180 [ 12.604541] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.604569] __asan_report_store1_noabort+0x1b/0x30 [ 12.604593] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.604618] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.604641] ? finish_task_switch.isra.0+0x153/0x700 [ 12.604663] ? __switch_to+0x47/0xf50 [ 12.604690] ? __schedule+0x10c6/0x2b60 [ 12.604713] ? __pfx_read_tsc+0x10/0x10 [ 12.604739] krealloc_less_oob+0x1c/0x30 [ 12.604760] kunit_try_run_case+0x1a5/0x480 [ 12.604797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.604819] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.604843] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.604865] ? __kthread_parkme+0x82/0x180 [ 12.604885] ? preempt_count_sub+0x50/0x80 [ 12.604908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.604931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.604954] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.604977] kthread+0x337/0x6f0 [ 12.604995] ? trace_preempt_on+0x20/0xc0 [ 12.605018] ? __pfx_kthread+0x10/0x10 [ 12.605038] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.605059] ? calculate_sigpending+0x7b/0xa0 [ 12.605082] ? __pfx_kthread+0x10/0x10 [ 12.605103] ret_from_fork+0x116/0x1d0 [ 12.605123] ? __pfx_kthread+0x10/0x10 [ 12.605143] ret_from_fork_asm+0x1a/0x30 [ 12.605173] </TASK> [ 12.605183] [ 12.613075] Allocated by task 176: [ 12.613270] kasan_save_stack+0x45/0x70 [ 12.613511] kasan_save_track+0x18/0x40 [ 12.613736] kasan_save_alloc_info+0x3b/0x50 [ 12.613999] __kasan_krealloc+0x190/0x1f0 [ 12.614221] krealloc_noprof+0xf3/0x340 [ 12.614364] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.614543] krealloc_less_oob+0x1c/0x30 [ 12.614732] kunit_try_run_case+0x1a5/0x480 [ 12.614944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.615196] kthread+0x337/0x6f0 [ 12.615365] ret_from_fork+0x116/0x1d0 [ 12.615561] ret_from_fork_asm+0x1a/0x30 [ 12.615729] [ 12.615803] The buggy address belongs to the object at ffff888100a9a200 [ 12.615803] which belongs to the cache kmalloc-256 of size 256 [ 12.616604] The buggy address is located 0 bytes to the right of [ 12.616604] allocated 201-byte region [ffff888100a9a200, ffff888100a9a2c9) [ 12.617400] [ 12.617514] The buggy address belongs to the physical page: [ 12.617741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a9a [ 12.618032] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.618593] flags: 0x200000000000040(head|node=0|zone=2) [ 12.618873] page_type: f5(slab) [ 12.619001] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.619300] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.619638] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.619877] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.620115] head: 0200000000000001 ffffea000402a681 00000000ffffffff 00000000ffffffff [ 12.620479] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.620891] page dumped because: kasan: bad access detected [ 12.621154] [ 12.621255] Memory state around the buggy address: [ 12.621688] ffff888100a9a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.622008] ffff888100a9a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.622360] >ffff888100a9a280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.622604] ^ [ 12.622834] ffff888100a9a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.623329] ffff888100a9a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.623805] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.549273] ================================================================== [ 12.549797] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.550160] Write of size 1 at addr ffff88810035a2eb by task kunit_try_catch/174 [ 12.550887] [ 12.550985] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.551031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.551042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.551063] Call Trace: [ 12.551073] <TASK> [ 12.551088] dump_stack_lvl+0x73/0xb0 [ 12.551119] print_report+0xd1/0x610 [ 12.551141] ? __virt_addr_valid+0x1db/0x2d0 [ 12.551163] ? krealloc_more_oob_helper+0x821/0x930 [ 12.551186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.551208] ? krealloc_more_oob_helper+0x821/0x930 [ 12.551231] kasan_report+0x141/0x180 [ 12.551253] ? krealloc_more_oob_helper+0x821/0x930 [ 12.551281] __asan_report_store1_noabort+0x1b/0x30 [ 12.551305] krealloc_more_oob_helper+0x821/0x930 [ 12.551327] ? __schedule+0x10c6/0x2b60 [ 12.551349] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.551372] ? finish_task_switch.isra.0+0x153/0x700 [ 12.551394] ? __switch_to+0x47/0xf50 [ 12.551420] ? __schedule+0x10c6/0x2b60 [ 12.551441] ? __pfx_read_tsc+0x10/0x10 [ 12.551464] krealloc_more_oob+0x1c/0x30 [ 12.551499] kunit_try_run_case+0x1a5/0x480 [ 12.551523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.551545] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.551568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.551590] ? __kthread_parkme+0x82/0x180 [ 12.551610] ? preempt_count_sub+0x50/0x80 [ 12.551632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.551655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.551679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.551703] kthread+0x337/0x6f0 [ 12.551722] ? trace_preempt_on+0x20/0xc0 [ 12.551744] ? __pfx_kthread+0x10/0x10 [ 12.551764] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.551848] ? calculate_sigpending+0x7b/0xa0 [ 12.551874] ? __pfx_kthread+0x10/0x10 [ 12.551895] ret_from_fork+0x116/0x1d0 [ 12.551914] ? __pfx_kthread+0x10/0x10 [ 12.551934] ret_from_fork_asm+0x1a/0x30 [ 12.551964] </TASK> [ 12.551974] [ 12.560395] Allocated by task 174: [ 12.560560] kasan_save_stack+0x45/0x70 [ 12.560711] kasan_save_track+0x18/0x40 [ 12.560849] kasan_save_alloc_info+0x3b/0x50 [ 12.561236] __kasan_krealloc+0x190/0x1f0 [ 12.561447] krealloc_noprof+0xf3/0x340 [ 12.561657] krealloc_more_oob_helper+0x1a9/0x930 [ 12.561980] krealloc_more_oob+0x1c/0x30 [ 12.562161] kunit_try_run_case+0x1a5/0x480 [ 12.562492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.562743] kthread+0x337/0x6f0 [ 12.563122] ret_from_fork+0x116/0x1d0 [ 12.563281] ret_from_fork_asm+0x1a/0x30 [ 12.563426] [ 12.563516] The buggy address belongs to the object at ffff88810035a200 [ 12.563516] which belongs to the cache kmalloc-256 of size 256 [ 12.563957] The buggy address is located 0 bytes to the right of [ 12.563957] allocated 235-byte region [ffff88810035a200, ffff88810035a2eb) [ 12.564531] [ 12.564630] The buggy address belongs to the physical page: [ 12.565064] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10035a [ 12.565314] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.565949] flags: 0x200000000000040(head|node=0|zone=2) [ 12.566278] page_type: f5(slab) [ 12.566720] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.567017] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.567538] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.567782] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.568037] head: 0200000000000001 ffffea000400d681 00000000ffffffff 00000000ffffffff [ 12.568433] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.568783] page dumped because: kasan: bad access detected [ 12.568965] [ 12.569036] Memory state around the buggy address: [ 12.569196] ffff88810035a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.569900] ffff88810035a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.570583] >ffff88810035a280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.570839] ^ [ 12.571045] ffff88810035a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.571606] ffff88810035a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.572138] ================================================================== [ 12.723827] ================================================================== [ 12.724320] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.724666] Write of size 1 at addr ffff8881028120eb by task kunit_try_catch/178 [ 12.724983] [ 12.725384] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.725438] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.725450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.725487] Call Trace: [ 12.725501] <TASK> [ 12.725517] dump_stack_lvl+0x73/0xb0 [ 12.725550] print_report+0xd1/0x610 [ 12.725573] ? __virt_addr_valid+0x1db/0x2d0 [ 12.725597] ? krealloc_more_oob_helper+0x821/0x930 [ 12.725621] ? kasan_addr_to_slab+0x11/0xa0 [ 12.725641] ? krealloc_more_oob_helper+0x821/0x930 [ 12.725665] kasan_report+0x141/0x180 [ 12.725687] ? krealloc_more_oob_helper+0x821/0x930 [ 12.725715] __asan_report_store1_noabort+0x1b/0x30 [ 12.725739] krealloc_more_oob_helper+0x821/0x930 [ 12.725762] ? __schedule+0x10c6/0x2b60 [ 12.725785] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.725809] ? finish_task_switch.isra.0+0x153/0x700 [ 12.725832] ? __switch_to+0x47/0xf50 [ 12.725859] ? __schedule+0x10c6/0x2b60 [ 12.725881] ? __pfx_read_tsc+0x10/0x10 [ 12.725905] krealloc_large_more_oob+0x1c/0x30 [ 12.725928] kunit_try_run_case+0x1a5/0x480 [ 12.725954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.725976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.726000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.726023] ? __kthread_parkme+0x82/0x180 [ 12.726304] ? preempt_count_sub+0x50/0x80 [ 12.726333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.726359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.726383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.726407] kthread+0x337/0x6f0 [ 12.726428] ? trace_preempt_on+0x20/0xc0 [ 12.726452] ? __pfx_kthread+0x10/0x10 [ 12.726486] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.726509] ? calculate_sigpending+0x7b/0xa0 [ 12.726533] ? __pfx_kthread+0x10/0x10 [ 12.726555] ret_from_fork+0x116/0x1d0 [ 12.726574] ? __pfx_kthread+0x10/0x10 [ 12.726594] ret_from_fork_asm+0x1a/0x30 [ 12.726626] </TASK> [ 12.726636] [ 12.735261] The buggy address belongs to the physical page: [ 12.735499] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102810 [ 12.735765] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.736125] flags: 0x200000000000040(head|node=0|zone=2) [ 12.736395] page_type: f8(unknown) [ 12.736593] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.737132] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.737488] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.737739] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.738425] head: 0200000000000002 ffffea00040a0401 00000000ffffffff 00000000ffffffff [ 12.738810] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.739137] page dumped because: kasan: bad access detected [ 12.739324] [ 12.739399] Memory state around the buggy address: [ 12.739584] ffff888102811f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.740235] ffff888102812000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.740596] >ffff888102812080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.741174] ^ [ 12.741464] ffff888102812100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.741730] ffff888102812180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.741998] ================================================================== [ 12.572870] ================================================================== [ 12.573179] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.573509] Write of size 1 at addr ffff88810035a2f0 by task kunit_try_catch/174 [ 12.573890] [ 12.574000] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.574044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.574054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.574075] Call Trace: [ 12.574087] <TASK> [ 12.574100] dump_stack_lvl+0x73/0xb0 [ 12.574133] print_report+0xd1/0x610 [ 12.574154] ? __virt_addr_valid+0x1db/0x2d0 [ 12.574174] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.574197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.574218] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.574241] kasan_report+0x141/0x180 [ 12.574263] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.574291] __asan_report_store1_noabort+0x1b/0x30 [ 12.574314] krealloc_more_oob_helper+0x7eb/0x930 [ 12.574336] ? __schedule+0x10c6/0x2b60 [ 12.574358] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.574382] ? finish_task_switch.isra.0+0x153/0x700 [ 12.574403] ? __switch_to+0x47/0xf50 [ 12.574427] ? __schedule+0x10c6/0x2b60 [ 12.574448] ? __pfx_read_tsc+0x10/0x10 [ 12.574483] krealloc_more_oob+0x1c/0x30 [ 12.574504] kunit_try_run_case+0x1a5/0x480 [ 12.574527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.574549] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.574571] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.574593] ? __kthread_parkme+0x82/0x180 [ 12.574612] ? preempt_count_sub+0x50/0x80 [ 12.574634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.574657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.574680] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.574702] kthread+0x337/0x6f0 [ 12.574721] ? trace_preempt_on+0x20/0xc0 [ 12.574743] ? __pfx_kthread+0x10/0x10 [ 12.574763] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.574783] ? calculate_sigpending+0x7b/0xa0 [ 12.574806] ? __pfx_kthread+0x10/0x10 [ 12.574827] ret_from_fork+0x116/0x1d0 [ 12.574844] ? __pfx_kthread+0x10/0x10 [ 12.574865] ret_from_fork_asm+0x1a/0x30 [ 12.574894] </TASK> [ 12.574903] [ 12.583637] Allocated by task 174: [ 12.583825] kasan_save_stack+0x45/0x70 [ 12.584038] kasan_save_track+0x18/0x40 [ 12.584308] kasan_save_alloc_info+0x3b/0x50 [ 12.584530] __kasan_krealloc+0x190/0x1f0 [ 12.584689] krealloc_noprof+0xf3/0x340 [ 12.585005] krealloc_more_oob_helper+0x1a9/0x930 [ 12.585175] krealloc_more_oob+0x1c/0x30 [ 12.585317] kunit_try_run_case+0x1a5/0x480 [ 12.585625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.585913] kthread+0x337/0x6f0 [ 12.586037] ret_from_fork+0x116/0x1d0 [ 12.586178] ret_from_fork_asm+0x1a/0x30 [ 12.586545] [ 12.586645] The buggy address belongs to the object at ffff88810035a200 [ 12.586645] which belongs to the cache kmalloc-256 of size 256 [ 12.587218] The buggy address is located 5 bytes to the right of [ 12.587218] allocated 235-byte region [ffff88810035a200, ffff88810035a2eb) [ 12.588298] [ 12.588428] The buggy address belongs to the physical page: [ 12.588680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10035a [ 12.589998] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.590319] flags: 0x200000000000040(head|node=0|zone=2) [ 12.590599] page_type: f5(slab) [ 12.590737] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.591463] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.591925] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.592546] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.592836] head: 0200000000000001 ffffea000400d681 00000000ffffffff 00000000ffffffff [ 12.593438] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.593905] page dumped because: kasan: bad access detected [ 12.594260] [ 12.594365] Memory state around the buggy address: [ 12.594615] ffff88810035a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.595152] ffff88810035a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.595540] >ffff88810035a280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.595854] ^ [ 12.596501] ffff88810035a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.596758] ffff88810035a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.597352] ================================================================== [ 12.742693] ================================================================== [ 12.743438] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.743734] Write of size 1 at addr ffff8881028120f0 by task kunit_try_catch/178 [ 12.744732] [ 12.745023] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.745073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.745086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.745109] Call Trace: [ 12.745124] <TASK> [ 12.745139] dump_stack_lvl+0x73/0xb0 [ 12.745171] print_report+0xd1/0x610 [ 12.745195] ? __virt_addr_valid+0x1db/0x2d0 [ 12.745217] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.745241] ? kasan_addr_to_slab+0x11/0xa0 [ 12.745261] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.745285] kasan_report+0x141/0x180 [ 12.745307] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.745336] __asan_report_store1_noabort+0x1b/0x30 [ 12.745361] krealloc_more_oob_helper+0x7eb/0x930 [ 12.745383] ? __schedule+0x10c6/0x2b60 [ 12.745406] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.745431] ? finish_task_switch.isra.0+0x153/0x700 [ 12.745453] ? __switch_to+0x47/0xf50 [ 12.745492] ? __schedule+0x10c6/0x2b60 [ 12.745514] ? __pfx_read_tsc+0x10/0x10 [ 12.745538] krealloc_large_more_oob+0x1c/0x30 [ 12.745562] kunit_try_run_case+0x1a5/0x480 [ 12.745586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.745633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.745657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.745681] ? __kthread_parkme+0x82/0x180 [ 12.745702] ? preempt_count_sub+0x50/0x80 [ 12.745740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.745765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.745799] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.745822] kthread+0x337/0x6f0 [ 12.745843] ? trace_preempt_on+0x20/0xc0 [ 12.745866] ? __pfx_kthread+0x10/0x10 [ 12.745887] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.745910] ? calculate_sigpending+0x7b/0xa0 [ 12.745934] ? __pfx_kthread+0x10/0x10 [ 12.745955] ret_from_fork+0x116/0x1d0 [ 12.745974] ? __pfx_kthread+0x10/0x10 [ 12.746015] ret_from_fork_asm+0x1a/0x30 [ 12.746046] </TASK> [ 12.746056] [ 12.755499] The buggy address belongs to the physical page: [ 12.755738] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102810 [ 12.756103] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.756490] flags: 0x200000000000040(head|node=0|zone=2) [ 12.757183] page_type: f8(unknown) [ 12.757376] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.757711] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.758144] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.758579] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.758933] head: 0200000000000002 ffffea00040a0401 00000000ffffffff 00000000ffffffff [ 12.759252] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.759619] page dumped because: kasan: bad access detected [ 12.759953] [ 12.760057] Memory state around the buggy address: [ 12.760289] ffff888102811f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.760823] ffff888102812000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.761266] >ffff888102812080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.761511] ^ [ 12.761859] ffff888102812100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.762502] ffff888102812180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.762937] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.529912] ================================================================== [ 12.531685] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 12.532237] Read of size 1 at addr ffff888103950000 by task kunit_try_catch/172 [ 12.532490] [ 12.532586] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.532632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.532644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.532666] Call Trace: [ 12.532678] <TASK> [ 12.532694] dump_stack_lvl+0x73/0xb0 [ 12.532724] print_report+0xd1/0x610 [ 12.532746] ? __virt_addr_valid+0x1db/0x2d0 [ 12.532768] ? page_alloc_uaf+0x356/0x3d0 [ 12.532789] ? kasan_addr_to_slab+0x11/0xa0 [ 12.532809] ? page_alloc_uaf+0x356/0x3d0 [ 12.532831] kasan_report+0x141/0x180 [ 12.532852] ? page_alloc_uaf+0x356/0x3d0 [ 12.532879] __asan_report_load1_noabort+0x18/0x20 [ 12.532903] page_alloc_uaf+0x356/0x3d0 [ 12.532924] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.532947] ? __schedule+0x10c6/0x2b60 [ 12.532969] ? __pfx_read_tsc+0x10/0x10 [ 12.532991] ? ktime_get_ts64+0x86/0x230 [ 12.533016] kunit_try_run_case+0x1a5/0x480 [ 12.533041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.533063] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.533087] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.533109] ? __kthread_parkme+0x82/0x180 [ 12.533129] ? preempt_count_sub+0x50/0x80 [ 12.533152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.533175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.533211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.533234] kthread+0x337/0x6f0 [ 12.533253] ? trace_preempt_on+0x20/0xc0 [ 12.533287] ? __pfx_kthread+0x10/0x10 [ 12.533307] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.533328] ? calculate_sigpending+0x7b/0xa0 [ 12.533351] ? __pfx_kthread+0x10/0x10 [ 12.533372] ret_from_fork+0x116/0x1d0 [ 12.533390] ? __pfx_kthread+0x10/0x10 [ 12.533410] ret_from_fork_asm+0x1a/0x30 [ 12.533440] </TASK> [ 12.533451] [ 12.541964] The buggy address belongs to the physical page: [ 12.542555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103950 [ 12.542845] flags: 0x200000000000000(node=0|zone=2) [ 12.543019] page_type: f0(buddy) [ 12.543210] raw: 0200000000000000 ffff88817fffb460 ffff88817fffb460 0000000000000000 [ 12.543660] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 12.544079] page dumped because: kasan: bad access detected [ 12.544256] [ 12.544368] Memory state around the buggy address: [ 12.544690] ffff88810394ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.545093] ffff88810394ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.545320] >ffff888103950000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.545654] ^ [ 12.545835] ffff888103950080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.546270] ffff888103950100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.546496] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 12.498992] ================================================================== [ 12.499502] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 12.499797] Free of addr ffff888102a3c001 by task kunit_try_catch/168 [ 12.500257] [ 12.500394] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.500440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.500451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.500483] Call Trace: [ 12.500495] <TASK> [ 12.500509] dump_stack_lvl+0x73/0xb0 [ 12.500550] print_report+0xd1/0x610 [ 12.500572] ? __virt_addr_valid+0x1db/0x2d0 [ 12.500595] ? kasan_addr_to_slab+0x11/0xa0 [ 12.500626] ? kfree+0x274/0x3f0 [ 12.500648] kasan_report_invalid_free+0x10a/0x130 [ 12.500672] ? kfree+0x274/0x3f0 [ 12.500694] ? kfree+0x274/0x3f0 [ 12.500724] __kasan_kfree_large+0x86/0xd0 [ 12.500745] free_large_kmalloc+0x4b/0x110 [ 12.500768] kfree+0x274/0x3f0 [ 12.500803] kmalloc_large_invalid_free+0x120/0x2b0 [ 12.500824] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.500860] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 12.500885] ? __pfx_read_tsc+0x10/0x10 [ 12.500906] ? ktime_get_ts64+0x86/0x230 [ 12.500929] kunit_try_run_case+0x1a5/0x480 [ 12.500953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.500975] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 12.501006] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.501029] ? __kthread_parkme+0x82/0x180 [ 12.501090] ? preempt_count_sub+0x50/0x80 [ 12.501114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.501137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.501160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.501183] kthread+0x337/0x6f0 [ 12.501231] ? trace_preempt_on+0x20/0xc0 [ 12.501253] ? __pfx_kthread+0x10/0x10 [ 12.501285] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.501306] ? calculate_sigpending+0x7b/0xa0 [ 12.501329] ? __pfx_kthread+0x10/0x10 [ 12.501349] ret_from_fork+0x116/0x1d0 [ 12.501368] ? __pfx_kthread+0x10/0x10 [ 12.501388] ret_from_fork_asm+0x1a/0x30 [ 12.501418] </TASK> [ 12.501428] [ 12.513875] The buggy address belongs to the physical page: [ 12.514444] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a3c [ 12.515287] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.516048] flags: 0x200000000000040(head|node=0|zone=2) [ 12.516764] page_type: f8(unknown) [ 12.517091] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.517331] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.517583] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.517819] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.518056] head: 0200000000000002 ffffea00040a8f01 00000000ffffffff 00000000ffffffff [ 12.518298] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.518652] page dumped because: kasan: bad access detected [ 12.519234] [ 12.519392] Memory state around the buggy address: [ 12.520026] ffff888102a3bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.520710] ffff888102a3bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.521411] >ffff888102a3c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.522050] ^ [ 12.522415] ffff888102a3c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.523237] ffff888102a3c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.524008] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.470898] ================================================================== [ 12.472538] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 12.473347] Read of size 1 at addr ffff88810280c000 by task kunit_try_catch/166 [ 12.474201] [ 12.474431] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.474491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.474502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.474523] Call Trace: [ 12.474536] <TASK> [ 12.474551] dump_stack_lvl+0x73/0xb0 [ 12.474581] print_report+0xd1/0x610 [ 12.474602] ? __virt_addr_valid+0x1db/0x2d0 [ 12.474623] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.474643] ? kasan_addr_to_slab+0x11/0xa0 [ 12.474663] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.474683] kasan_report+0x141/0x180 [ 12.474704] ? kmalloc_large_uaf+0x2f1/0x340 [ 12.474728] __asan_report_load1_noabort+0x18/0x20 [ 12.474752] kmalloc_large_uaf+0x2f1/0x340 [ 12.474771] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.474792] ? __schedule+0x10c6/0x2b60 [ 12.474821] ? __pfx_read_tsc+0x10/0x10 [ 12.474843] ? ktime_get_ts64+0x86/0x230 [ 12.474868] kunit_try_run_case+0x1a5/0x480 [ 12.474890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.474912] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.474934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.474956] ? __kthread_parkme+0x82/0x180 [ 12.474975] ? preempt_count_sub+0x50/0x80 [ 12.474998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.475021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.475042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.475065] kthread+0x337/0x6f0 [ 12.475083] ? trace_preempt_on+0x20/0xc0 [ 12.475105] ? __pfx_kthread+0x10/0x10 [ 12.475125] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.475145] ? calculate_sigpending+0x7b/0xa0 [ 12.475167] ? __pfx_kthread+0x10/0x10 [ 12.475188] ret_from_fork+0x116/0x1d0 [ 12.475205] ? __pfx_kthread+0x10/0x10 [ 12.475225] ret_from_fork_asm+0x1a/0x30 [ 12.475255] </TASK> [ 12.475264] [ 12.488735] The buggy address belongs to the physical page: [ 12.489268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10280c [ 12.489546] flags: 0x200000000000000(node=0|zone=2) [ 12.489734] raw: 0200000000000000 ffffea00040a0408 ffff88815b039f80 0000000000000000 [ 12.490547] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.491500] page dumped because: kasan: bad access detected [ 12.492256] [ 12.492538] Memory state around the buggy address: [ 12.492990] ffff88810280bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.493430] ffff88810280bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.493666] >ffff88810280c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.493915] ^ [ 12.494221] ffff88810280c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.494558] ffff88810280c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.494924] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.443377] ================================================================== [ 12.443929] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.444423] Write of size 1 at addr ffff88810280e00a by task kunit_try_catch/164 [ 12.444790] [ 12.445011] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.445080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.445090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.445130] Call Trace: [ 12.445143] <TASK> [ 12.445160] dump_stack_lvl+0x73/0xb0 [ 12.445217] print_report+0xd1/0x610 [ 12.445239] ? __virt_addr_valid+0x1db/0x2d0 [ 12.445262] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.445283] ? kasan_addr_to_slab+0x11/0xa0 [ 12.445302] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.445323] kasan_report+0x141/0x180 [ 12.445344] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.445369] __asan_report_store1_noabort+0x1b/0x30 [ 12.445393] kmalloc_large_oob_right+0x2e9/0x330 [ 12.445414] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.445437] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.445463] kunit_try_run_case+0x1a5/0x480 [ 12.445499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.445521] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.445547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.445569] ? __kthread_parkme+0x82/0x180 [ 12.445589] ? preempt_count_sub+0x50/0x80 [ 12.445613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.445635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.445658] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.445680] kthread+0x337/0x6f0 [ 12.445699] ? trace_preempt_on+0x20/0xc0 [ 12.445722] ? __pfx_kthread+0x10/0x10 [ 12.445741] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.445762] ? calculate_sigpending+0x7b/0xa0 [ 12.445799] ? __pfx_kthread+0x10/0x10 [ 12.445820] ret_from_fork+0x116/0x1d0 [ 12.445839] ? __pfx_kthread+0x10/0x10 [ 12.445858] ret_from_fork_asm+0x1a/0x30 [ 12.445888] </TASK> [ 12.445897] [ 12.458379] The buggy address belongs to the physical page: [ 12.458593] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10280c [ 12.458972] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.459740] flags: 0x200000000000040(head|node=0|zone=2) [ 12.460249] page_type: f8(unknown) [ 12.460577] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.461354] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.461922] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.462526] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.463288] head: 0200000000000002 ffffea00040a0301 00000000ffffffff 00000000ffffffff [ 12.463659] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.464424] page dumped because: kasan: bad access detected [ 12.465025] [ 12.465192] Memory state around the buggy address: [ 12.465465] ffff88810280df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.465698] ffff88810280df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.466281] >ffff88810280e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.466916] ^ [ 12.467319] ffff88810280e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.468094] ffff88810280e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.468444] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.404500] ================================================================== [ 12.404937] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.405185] Write of size 1 at addr ffff888102b11f00 by task kunit_try_catch/162 [ 12.405416] [ 12.405518] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.405565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.405577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.405600] Call Trace: [ 12.405614] <TASK> [ 12.405630] dump_stack_lvl+0x73/0xb0 [ 12.405659] print_report+0xd1/0x610 [ 12.405680] ? __virt_addr_valid+0x1db/0x2d0 [ 12.405702] ? kmalloc_big_oob_right+0x316/0x370 [ 12.405723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.405745] ? kmalloc_big_oob_right+0x316/0x370 [ 12.405766] kasan_report+0x141/0x180 [ 12.405788] ? kmalloc_big_oob_right+0x316/0x370 [ 12.405814] __asan_report_store1_noabort+0x1b/0x30 [ 12.405837] kmalloc_big_oob_right+0x316/0x370 [ 12.405859] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.405881] ? __schedule+0x10c6/0x2b60 [ 12.405903] ? __pfx_read_tsc+0x10/0x10 [ 12.405922] ? ktime_get_ts64+0x86/0x230 [ 12.405945] kunit_try_run_case+0x1a5/0x480 [ 12.405969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.405990] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.406012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.406035] ? __kthread_parkme+0x82/0x180 [ 12.406053] ? preempt_count_sub+0x50/0x80 [ 12.406076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.406099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.406125] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.406147] kthread+0x337/0x6f0 [ 12.406166] ? trace_preempt_on+0x20/0xc0 [ 12.406188] ? __pfx_kthread+0x10/0x10 [ 12.406208] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.406228] ? calculate_sigpending+0x7b/0xa0 [ 12.406250] ? __pfx_kthread+0x10/0x10 [ 12.406271] ret_from_fork+0x116/0x1d0 [ 12.406288] ? __pfx_kthread+0x10/0x10 [ 12.406308] ret_from_fork_asm+0x1a/0x30 [ 12.406337] </TASK> [ 12.406347] [ 12.421276] Allocated by task 162: [ 12.421605] kasan_save_stack+0x45/0x70 [ 12.422021] kasan_save_track+0x18/0x40 [ 12.422387] kasan_save_alloc_info+0x3b/0x50 [ 12.422951] __kasan_kmalloc+0xb7/0xc0 [ 12.423395] __kmalloc_cache_noprof+0x189/0x420 [ 12.423848] kmalloc_big_oob_right+0xa9/0x370 [ 12.424302] kunit_try_run_case+0x1a5/0x480 [ 12.424692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.425232] kthread+0x337/0x6f0 [ 12.425630] ret_from_fork+0x116/0x1d0 [ 12.426014] ret_from_fork_asm+0x1a/0x30 [ 12.426460] [ 12.426671] The buggy address belongs to the object at ffff888102b10000 [ 12.426671] which belongs to the cache kmalloc-8k of size 8192 [ 12.427952] The buggy address is located 0 bytes to the right of [ 12.427952] allocated 7936-byte region [ffff888102b10000, ffff888102b11f00) [ 12.429316] [ 12.429510] The buggy address belongs to the physical page: [ 12.429976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b10 [ 12.430241] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.430510] flags: 0x200000000000040(head|node=0|zone=2) [ 12.431043] page_type: f5(slab) [ 12.431405] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.432142] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.432963] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.433837] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.434625] head: 0200000000000003 ffffea00040ac401 00000000ffffffff 00000000ffffffff [ 12.435144] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.435698] page dumped because: kasan: bad access detected [ 12.436270] [ 12.436427] Memory state around the buggy address: [ 12.436805] ffff888102b11e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.437323] ffff888102b11e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.437555] >ffff888102b11f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.437804] ^ [ 12.438164] ffff888102b11f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.438939] ffff888102b12000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.439681] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.374886] ================================================================== [ 12.375595] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.376104] Write of size 1 at addr ffff888103249478 by task kunit_try_catch/160 [ 12.376772] [ 12.376932] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.377117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.377163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.377184] Call Trace: [ 12.377196] <TASK> [ 12.377210] dump_stack_lvl+0x73/0xb0 [ 12.377240] print_report+0xd1/0x610 [ 12.377261] ? __virt_addr_valid+0x1db/0x2d0 [ 12.377283] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.377307] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.377328] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.377352] kasan_report+0x141/0x180 [ 12.377373] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.377401] __asan_report_store1_noabort+0x1b/0x30 [ 12.377425] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.377449] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.377486] ? __schedule+0x10c6/0x2b60 [ 12.377507] ? __pfx_read_tsc+0x10/0x10 [ 12.377527] ? ktime_get_ts64+0x86/0x230 [ 12.377553] kunit_try_run_case+0x1a5/0x480 [ 12.377581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.377604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.377625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.377648] ? __kthread_parkme+0x82/0x180 [ 12.377667] ? preempt_count_sub+0x50/0x80 [ 12.377691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.377714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.377736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.377759] kthread+0x337/0x6f0 [ 12.377858] ? trace_preempt_on+0x20/0xc0 [ 12.377882] ? __pfx_kthread+0x10/0x10 [ 12.377902] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.377923] ? calculate_sigpending+0x7b/0xa0 [ 12.377945] ? __pfx_kthread+0x10/0x10 [ 12.377966] ret_from_fork+0x116/0x1d0 [ 12.377984] ? __pfx_kthread+0x10/0x10 [ 12.378003] ret_from_fork_asm+0x1a/0x30 [ 12.378032] </TASK> [ 12.378042] [ 12.390026] Allocated by task 160: [ 12.390240] kasan_save_stack+0x45/0x70 [ 12.390730] kasan_save_track+0x18/0x40 [ 12.391081] kasan_save_alloc_info+0x3b/0x50 [ 12.391313] __kasan_kmalloc+0xb7/0xc0 [ 12.391507] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.391944] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.392301] kunit_try_run_case+0x1a5/0x480 [ 12.392650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.392909] kthread+0x337/0x6f0 [ 12.393397] ret_from_fork+0x116/0x1d0 [ 12.393749] ret_from_fork_asm+0x1a/0x30 [ 12.393987] [ 12.394099] The buggy address belongs to the object at ffff888103249400 [ 12.394099] which belongs to the cache kmalloc-128 of size 128 [ 12.394589] The buggy address is located 0 bytes to the right of [ 12.394589] allocated 120-byte region [ffff888103249400, ffff888103249478) [ 12.395403] [ 12.395623] The buggy address belongs to the physical page: [ 12.395909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 12.396419] flags: 0x200000000000000(node=0|zone=2) [ 12.396770] page_type: f5(slab) [ 12.396949] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.397484] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.397935] page dumped because: kasan: bad access detected [ 12.398291] [ 12.398394] Memory state around the buggy address: [ 12.398794] ffff888103249300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.399298] ffff888103249380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.399703] >ffff888103249400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.400051] ^ [ 12.400482] ffff888103249480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.401025] ffff888103249500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.401403] ================================================================== [ 12.347593] ================================================================== [ 12.348388] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.348778] Write of size 1 at addr ffff888103249378 by task kunit_try_catch/160 [ 12.349424] [ 12.349740] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.349787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.349798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.349819] Call Trace: [ 12.349831] <TASK> [ 12.349848] dump_stack_lvl+0x73/0xb0 [ 12.349879] print_report+0xd1/0x610 [ 12.349901] ? __virt_addr_valid+0x1db/0x2d0 [ 12.349925] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.349949] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.349971] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.349995] kasan_report+0x141/0x180 [ 12.350016] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.350065] __asan_report_store1_noabort+0x1b/0x30 [ 12.350089] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.350120] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.350145] ? __schedule+0x10c6/0x2b60 [ 12.350168] ? __pfx_read_tsc+0x10/0x10 [ 12.350189] ? ktime_get_ts64+0x86/0x230 [ 12.350213] kunit_try_run_case+0x1a5/0x480 [ 12.350239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.350261] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.350284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.350307] ? __kthread_parkme+0x82/0x180 [ 12.350327] ? preempt_count_sub+0x50/0x80 [ 12.350350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.350373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.350395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.350418] kthread+0x337/0x6f0 [ 12.350437] ? trace_preempt_on+0x20/0xc0 [ 12.350460] ? __pfx_kthread+0x10/0x10 [ 12.350490] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.350511] ? calculate_sigpending+0x7b/0xa0 [ 12.350534] ? __pfx_kthread+0x10/0x10 [ 12.350555] ret_from_fork+0x116/0x1d0 [ 12.350573] ? __pfx_kthread+0x10/0x10 [ 12.350592] ret_from_fork_asm+0x1a/0x30 [ 12.350622] </TASK> [ 12.350631] [ 12.361417] Allocated by task 160: [ 12.361966] kasan_save_stack+0x45/0x70 [ 12.362364] kasan_save_track+0x18/0x40 [ 12.362587] kasan_save_alloc_info+0x3b/0x50 [ 12.362971] __kasan_kmalloc+0xb7/0xc0 [ 12.363289] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.363656] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.364050] kunit_try_run_case+0x1a5/0x480 [ 12.364237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.364520] kthread+0x337/0x6f0 [ 12.364696] ret_from_fork+0x116/0x1d0 [ 12.365150] ret_from_fork_asm+0x1a/0x30 [ 12.365445] [ 12.365538] The buggy address belongs to the object at ffff888103249300 [ 12.365538] which belongs to the cache kmalloc-128 of size 128 [ 12.366365] The buggy address is located 0 bytes to the right of [ 12.366365] allocated 120-byte region [ffff888103249300, ffff888103249378) [ 12.367317] [ 12.367431] The buggy address belongs to the physical page: [ 12.367685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249 [ 12.368328] flags: 0x200000000000000(node=0|zone=2) [ 12.368765] page_type: f5(slab) [ 12.368936] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.369522] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.370037] page dumped because: kasan: bad access detected [ 12.370445] [ 12.370566] Memory state around the buggy address: [ 12.371005] ffff888103249200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.371511] ffff888103249280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.371998] >ffff888103249300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.372444] ^ [ 12.372964] ffff888103249380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.373534] ffff888103249400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.373865] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.312598] ================================================================== [ 12.313154] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 12.313404] Read of size 1 at addr ffff8881025c5000 by task kunit_try_catch/158 [ 12.313641] [ 12.313741] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.313788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.313799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.313821] Call Trace: [ 12.313832] <TASK> [ 12.313847] dump_stack_lvl+0x73/0xb0 [ 12.313875] print_report+0xd1/0x610 [ 12.313896] ? __virt_addr_valid+0x1db/0x2d0 [ 12.313918] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.313939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.313960] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.313983] kasan_report+0x141/0x180 [ 12.314003] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.314030] __asan_report_load1_noabort+0x18/0x20 [ 12.314052] kmalloc_node_oob_right+0x369/0x3c0 [ 12.314075] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.314098] ? __schedule+0x10c6/0x2b60 [ 12.314126] ? __pfx_read_tsc+0x10/0x10 [ 12.314146] ? ktime_get_ts64+0x86/0x230 [ 12.314170] kunit_try_run_case+0x1a5/0x480 [ 12.314193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.314214] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.314236] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.314258] ? __kthread_parkme+0x82/0x180 [ 12.314277] ? preempt_count_sub+0x50/0x80 [ 12.314299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.314321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.314343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.314365] kthread+0x337/0x6f0 [ 12.314384] ? trace_preempt_on+0x20/0xc0 [ 12.314405] ? __pfx_kthread+0x10/0x10 [ 12.314425] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.314445] ? calculate_sigpending+0x7b/0xa0 [ 12.314467] ? __pfx_kthread+0x10/0x10 [ 12.314924] ret_from_fork+0x116/0x1d0 [ 12.314945] ? __pfx_kthread+0x10/0x10 [ 12.314981] ret_from_fork_asm+0x1a/0x30 [ 12.315231] </TASK> [ 12.315250] [ 12.328651] Allocated by task 158: [ 12.328903] kasan_save_stack+0x45/0x70 [ 12.329123] kasan_save_track+0x18/0x40 [ 12.329690] kasan_save_alloc_info+0x3b/0x50 [ 12.329970] __kasan_kmalloc+0xb7/0xc0 [ 12.330317] __kmalloc_cache_node_noprof+0x188/0x420 [ 12.330576] kmalloc_node_oob_right+0xab/0x3c0 [ 12.331085] kunit_try_run_case+0x1a5/0x480 [ 12.331285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.331688] kthread+0x337/0x6f0 [ 12.331901] ret_from_fork+0x116/0x1d0 [ 12.332425] ret_from_fork_asm+0x1a/0x30 [ 12.332842] [ 12.333000] The buggy address belongs to the object at ffff8881025c4000 [ 12.333000] which belongs to the cache kmalloc-4k of size 4096 [ 12.333971] The buggy address is located 0 bytes to the right of [ 12.333971] allocated 4096-byte region [ffff8881025c4000, ffff8881025c5000) [ 12.334958] [ 12.335293] The buggy address belongs to the physical page: [ 12.335600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c0 [ 12.336483] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.336796] flags: 0x200000000000040(head|node=0|zone=2) [ 12.337448] page_type: f5(slab) [ 12.337617] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.338273] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.338607] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.339362] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.339697] head: 0200000000000003 ffffea0004097001 00000000ffffffff 00000000ffffffff [ 12.340274] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.340696] page dumped because: kasan: bad access detected [ 12.341045] [ 12.341356] Memory state around the buggy address: [ 12.341601] ffff8881025c4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.342139] ffff8881025c4f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.342584] >ffff8881025c5000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.342942] ^ [ 12.343433] ffff8881025c5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.343810] ffff8881025c5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.344382] ==================================================================
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 144.664532] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 144.664646] WARNING: CPU: 0 PID: 2569 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 144.667498] Modules linked in: [ 144.668101] CPU: 0 UID: 0 PID: 2569 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 144.668707] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.669525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.670463] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 144.671179] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 20 8c 7e ab 4c 89 f2 48 c7 c7 e0 88 7e ab 48 89 c6 e8 b4 a7 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 144.671712] RSP: 0000:ffff888102c0fd18 EFLAGS: 00010286 [ 144.671914] RAX: 0000000000000000 RBX: ffff88810524c800 RCX: 1ffffffff58a4cf0 [ 144.672132] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 144.672346] RBP: ffff888102c0fd48 R08: 0000000000000000 R09: fffffbfff58a4cf0 [ 144.673425] R10: 0000000000000003 R11: 0000000000039318 R12: ffff88810256b000 [ 144.674426] R13: ffff88810524c8f8 R14: ffff888103847f00 R15: ffff88810039fb40 [ 144.675369] FS: 0000000000000000(0000) GS:ffff8881ad872000(0000) knlGS:0000000000000000 [ 144.676392] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.677150] CR2: 00007ffff7ffe000 CR3: 000000002e8bc000 CR4: 00000000000006f0 [ 144.678311] DR0: ffffffffad852440 DR1: ffffffffad852441 DR2: ffffffffad852442 [ 144.679182] DR3: ffffffffad852443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.679908] Call Trace: [ 144.680279] <TASK> [ 144.680585] ? trace_preempt_on+0x20/0xc0 [ 144.681280] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 144.681830] drm_gem_shmem_free_wrapper+0x12/0x20 [ 144.682321] __kunit_action_free+0x57/0x70 [ 144.683092] kunit_remove_resource+0x133/0x200 [ 144.683656] ? preempt_count_sub+0x50/0x80 [ 144.684106] kunit_cleanup+0x7a/0x120 [ 144.684633] kunit_try_run_case_cleanup+0xbd/0xf0 [ 144.684909] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 144.685588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.686347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.686590] kthread+0x337/0x6f0 [ 144.686738] ? trace_preempt_on+0x20/0xc0 [ 144.686895] ? __pfx_kthread+0x10/0x10 [ 144.687041] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.687209] ? calculate_sigpending+0x7b/0xa0 [ 144.687375] ? __pfx_kthread+0x10/0x10 [ 144.687683] ret_from_fork+0x116/0x1d0 [ 144.688038] ? __pfx_kthread+0x10/0x10 [ 144.688415] ret_from_fork_asm+0x1a/0x30 [ 144.688811] </TASK> [ 144.689125] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 144.525128] WARNING: CPU: 1 PID: 2550 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 144.525656] Modules linked in: [ 144.525955] CPU: 1 UID: 0 PID: 2550 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 144.526755] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.527113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.527560] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 144.527833] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 144.528749] RSP: 0000:ffff88810262fb20 EFLAGS: 00010246 [ 144.529065] RAX: ffff88810262fba8 RBX: ffff88810262fc28 RCX: 1ffff110204c5f8e [ 144.529498] RDX: dffffc0000000000 RSI: ffff888102af5000 RDI: ffff888102af5000 [ 144.529846] RBP: ffff88810262fb70 R08: ffff888102af5000 R09: ffffffffab7d8f60 [ 144.530161] R10: 0000000000000003 R11: 00000000e06b43b8 R12: 1ffff110204c5f71 [ 144.530756] R13: ffff88810262fc70 R14: ffff88810262fdb8 R15: 0000000000000000 [ 144.531112] FS: 0000000000000000(0000) GS:ffff8881ad972000(0000) knlGS:0000000000000000 [ 144.531648] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.531897] CR2: ffffffffffffffff CR3: 000000002e8bc000 CR4: 00000000000006f0 [ 144.532445] DR0: ffffffffad852440 DR1: ffffffffad852441 DR2: ffffffffad852443 [ 144.532796] DR3: ffffffffad852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.533113] Call Trace: [ 144.533383] <TASK> [ 144.533523] ? trace_preempt_on+0x20/0xc0 [ 144.533746] ? add_dr+0xc1/0x1d0 [ 144.533937] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 144.534339] ? add_dr+0x148/0x1d0 [ 144.534504] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 144.535017] ? __drmm_add_action+0x1a4/0x280 [ 144.535341] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 144.535583] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 144.535857] ? __drmm_add_action_or_reset+0x22/0x50 [ 144.536229] ? __schedule+0x10c6/0x2b60 [ 144.536449] ? __pfx_read_tsc+0x10/0x10 [ 144.536684] ? ktime_get_ts64+0x86/0x230 [ 144.536892] kunit_try_run_case+0x1a5/0x480 [ 144.537259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.537467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.537738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.537976] ? __kthread_parkme+0x82/0x180 [ 144.538183] ? preempt_count_sub+0x50/0x80 [ 144.538503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.538748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.539016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.539367] kthread+0x337/0x6f0 [ 144.539582] ? trace_preempt_on+0x20/0xc0 [ 144.539943] ? __pfx_kthread+0x10/0x10 [ 144.540165] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.540483] ? calculate_sigpending+0x7b/0xa0 [ 144.540698] ? __pfx_kthread+0x10/0x10 [ 144.540996] ret_from_fork+0x116/0x1d0 [ 144.541299] ? __pfx_kthread+0x10/0x10 [ 144.541504] ret_from_fork_asm+0x1a/0x30 [ 144.541711] </TASK> [ 144.541927] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 144.488340] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 144.488526] WARNING: CPU: 1 PID: 2546 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 144.490425] Modules linked in: [ 144.490659] CPU: 1 UID: 0 PID: 2546 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 144.491503] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.491690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.492678] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 144.493393] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 00 3a 7d ab 4c 89 fa 48 c7 c7 60 3a 7d ab 48 89 c6 e8 32 ce 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 144.494769] RSP: 0000:ffff8881027cfb68 EFLAGS: 00010282 [ 144.495290] RAX: 0000000000000000 RBX: ffff8881027cfc40 RCX: 1ffffffff58a4cf0 [ 144.496108] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 144.496701] RBP: ffff8881027cfb90 R08: 0000000000000000 R09: fffffbfff58a4cf0 [ 144.497052] R10: 0000000000000003 R11: 0000000000037978 R12: ffff8881027cfc18 [ 144.497758] R13: ffff888102b9a800 R14: ffff888102af3000 R15: ffff888109996000 [ 144.498480] FS: 0000000000000000(0000) GS:ffff8881ad972000(0000) knlGS:0000000000000000 [ 144.498726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.498908] CR2: ffffffffffffffff CR3: 000000002e8bc000 CR4: 00000000000006f0 [ 144.499615] DR0: ffffffffad852440 DR1: ffffffffad852441 DR2: ffffffffad852443 [ 144.500280] DR3: ffffffffad852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.501301] Call Trace: [ 144.501421] <TASK> [ 144.501545] drm_test_framebuffer_free+0x1ab/0x610 [ 144.501736] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 144.501920] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 144.502472] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 144.502973] ? __drmm_add_action_or_reset+0x22/0x50 [ 144.503365] ? __schedule+0x10c6/0x2b60 [ 144.503598] ? __pfx_read_tsc+0x10/0x10 [ 144.503930] ? ktime_get_ts64+0x86/0x230 [ 144.504341] kunit_try_run_case+0x1a5/0x480 [ 144.504584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.504828] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.505063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.505371] ? __kthread_parkme+0x82/0x180 [ 144.505570] ? preempt_count_sub+0x50/0x80 [ 144.505810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.506056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.506352] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.506694] kthread+0x337/0x6f0 [ 144.506867] ? trace_preempt_on+0x20/0xc0 [ 144.507137] ? __pfx_kthread+0x10/0x10 [ 144.507323] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.507549] ? calculate_sigpending+0x7b/0xa0 [ 144.507733] ? __pfx_kthread+0x10/0x10 [ 144.507953] ret_from_fork+0x116/0x1d0 [ 144.508171] ? __pfx_kthread+0x10/0x10 [ 144.508313] ret_from_fork_asm+0x1a/0x30 [ 144.508701] </TASK> [ 144.508951] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 143.132328] WARNING: CPU: 1 PID: 1976 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 143.132875] Modules linked in: [ 143.133338] CPU: 1 UID: 0 PID: 1976 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 143.133751] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.134017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.134409] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 143.135264] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 02 36 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 143.135915] RSP: 0000:ffff88810b017c90 EFLAGS: 00010246 [ 143.136556] RAX: dffffc0000000000 RBX: ffff88810b272000 RCX: 0000000000000000 [ 143.137344] RDX: 1ffff1102164e432 RSI: ffffffffa8a07848 RDI: ffff88810b272190 [ 143.138183] RBP: ffff88810b017ca0 R08: 1ffff11020073f69 R09: ffffed1021602f65 [ 143.138906] R10: 0000000000000003 R11: ffffffffa7f85938 R12: 0000000000000000 [ 143.139605] R13: ffff88810b017d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 143.140093] FS: 0000000000000000(0000) GS:ffff8881ad972000(0000) knlGS:0000000000000000 [ 143.140707] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.141211] CR2: ffffffffffffffff CR3: 000000002e8bc000 CR4: 00000000000006f0 [ 143.141429] DR0: ffffffffad852440 DR1: ffffffffad852441 DR2: ffffffffad852443 [ 143.141657] DR3: ffffffffad852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.142232] Call Trace: [ 143.142518] <TASK> [ 143.142761] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 143.143492] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 143.144263] ? __schedule+0x10c6/0x2b60 [ 143.144637] ? __pfx_read_tsc+0x10/0x10 [ 143.145000] ? ktime_get_ts64+0x86/0x230 [ 143.145455] kunit_try_run_case+0x1a5/0x480 [ 143.145881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.146240] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.146667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.147178] ? __kthread_parkme+0x82/0x180 [ 143.147405] ? preempt_count_sub+0x50/0x80 [ 143.147573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.147758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.148328] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.148878] kthread+0x337/0x6f0 [ 143.149265] ? trace_preempt_on+0x20/0xc0 [ 143.149718] ? __pfx_kthread+0x10/0x10 [ 143.150143] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.150481] ? calculate_sigpending+0x7b/0xa0 [ 143.150644] ? __pfx_kthread+0x10/0x10 [ 143.150927] ret_from_fork+0x116/0x1d0 [ 143.151375] ? __pfx_kthread+0x10/0x10 [ 143.151760] ret_from_fork_asm+0x1a/0x30 [ 143.152193] </TASK> [ 143.152566] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 143.214448] WARNING: CPU: 1 PID: 1984 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 143.214924] Modules linked in: [ 143.215179] CPU: 1 UID: 0 PID: 1984 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 143.215720] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.215986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.216416] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 143.216757] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 02 36 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 143.217608] RSP: 0000:ffff88810b1efc90 EFLAGS: 00010246 [ 143.217910] RAX: dffffc0000000000 RBX: ffff88810b2f6000 RCX: 0000000000000000 [ 143.218272] RDX: 1ffff1102165ec32 RSI: ffffffffa8a07848 RDI: ffff88810b2f6190 [ 143.218591] RBP: ffff88810b1efca0 R08: 1ffff11020073f69 R09: ffffed102163df65 [ 143.218877] R10: 0000000000000003 R11: ffffffffa74049da R12: 0000000000000000 [ 143.219199] R13: ffff88810b1efd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 143.219512] FS: 0000000000000000(0000) GS:ffff8881ad972000(0000) knlGS:0000000000000000 [ 143.219826] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.220277] CR2: ffffffffffffffff CR3: 000000002e8bc000 CR4: 00000000000006f0 [ 143.220664] DR0: ffffffffad852440 DR1: ffffffffad852441 DR2: ffffffffad852443 [ 143.220978] DR3: ffffffffad852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.221388] Call Trace: [ 143.221529] <TASK> [ 143.221659] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 143.221960] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 143.222492] ? __schedule+0x10c6/0x2b60 [ 143.222671] ? __pfx_read_tsc+0x10/0x10 [ 143.222877] ? ktime_get_ts64+0x86/0x230 [ 143.223163] kunit_try_run_case+0x1a5/0x480 [ 143.223362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.223594] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.223802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.223975] ? __kthread_parkme+0x82/0x180 [ 143.224184] ? preempt_count_sub+0x50/0x80 [ 143.224485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.224715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.224997] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.225348] kthread+0x337/0x6f0 [ 143.225522] ? trace_preempt_on+0x20/0xc0 [ 143.225849] ? __pfx_kthread+0x10/0x10 [ 143.226111] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.226318] ? calculate_sigpending+0x7b/0xa0 [ 143.226518] ? __pfx_kthread+0x10/0x10 [ 143.226659] ret_from_fork+0x116/0x1d0 [ 143.226862] ? __pfx_kthread+0x10/0x10 [ 143.227122] ret_from_fork_asm+0x1a/0x30 [ 143.227573] </TASK> [ 143.227712] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 113.002677] WARNING: CPU: 1 PID: 674 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 113.002996] Modules linked in: [ 113.003207] CPU: 1 UID: 0 PID: 674 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 113.004564] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 113.005270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 113.006133] RIP: 0010:intlog10+0x2a/0x40 [ 113.006418] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 113.007485] RSP: 0000:ffff8881040efcb0 EFLAGS: 00010246 [ 113.008248] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102081dfb4 [ 113.008833] RDX: 1ffffffff56d2dec RSI: 1ffff1102081dfb3 RDI: 0000000000000000 [ 113.009082] RBP: ffff8881040efd60 R08: 0000000000000000 R09: ffffed102106e880 [ 113.009764] R10: ffff888108374407 R11: 0000000000000000 R12: 1ffff1102081df97 [ 113.010342] R13: ffffffffab696f60 R14: 0000000000000000 R15: ffff8881040efd38 [ 113.010577] FS: 0000000000000000(0000) GS:ffff8881ad972000(0000) knlGS:0000000000000000 [ 113.010917] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 113.011550] CR2: ffff88815a902000 CR3: 000000002e8bc000 CR4: 00000000000006f0 [ 113.012434] DR0: ffffffffad852440 DR1: ffffffffad852441 DR2: ffffffffad852443 [ 113.013190] DR3: ffffffffad852445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 113.013951] Call Trace: [ 113.014298] <TASK> [ 113.014605] ? intlog10_test+0xf2/0x220 [ 113.015117] ? __pfx_intlog10_test+0x10/0x10 [ 113.015413] ? __schedule+0x10c6/0x2b60 [ 113.015574] ? __pfx_read_tsc+0x10/0x10 [ 113.015717] ? ktime_get_ts64+0x86/0x230 [ 113.015863] kunit_try_run_case+0x1a5/0x480 [ 113.016014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 113.016673] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 113.017215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 113.017690] ? __kthread_parkme+0x82/0x180 [ 113.018140] ? preempt_count_sub+0x50/0x80 [ 113.018685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 113.019433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 113.019974] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 113.020278] kthread+0x337/0x6f0 [ 113.020794] ? trace_preempt_on+0x20/0xc0 [ 113.021273] ? __pfx_kthread+0x10/0x10 [ 113.021749] ? _raw_spin_unlock_irq+0x47/0x80 [ 113.022142] ? calculate_sigpending+0x7b/0xa0 [ 113.022310] ? __pfx_kthread+0x10/0x10 [ 113.022465] ret_from_fork+0x116/0x1d0 [ 113.022606] ? __pfx_kthread+0x10/0x10 [ 113.022745] ret_from_fork_asm+0x1a/0x30 [ 113.022909] </TASK> [ 113.023134] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 112.964185] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 112.965173] Modules linked in: [ 112.965824] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 112.967348] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 112.967866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 112.969123] RIP: 0010:intlog2+0xdf/0x110 [ 112.969572] Code: 69 ab c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 e9 17 ba 86 02 89 45 e4 e8 5f c7 55 ff 8b 45 e4 eb [ 112.970630] RSP: 0000:ffff8881040bfcb0 EFLAGS: 00010246 [ 112.970840] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff11020817fb4 [ 112.971052] RDX: 1ffffffff56d2e40 RSI: 1ffff11020817fb3 RDI: 0000000000000000 [ 112.971261] RBP: ffff8881040bfd60 R08: 0000000000000000 R09: ffffed1020ec7da0 [ 112.971487] R10: ffff88810763ed07 R11: 0000000000000000 R12: 1ffff11020817f97 [ 112.971804] R13: ffffffffab697200 R14: 0000000000000000 R15: ffff8881040bfd38 [ 112.972224] FS: 0000000000000000(0000) GS:ffff8881ad872000(0000) knlGS:0000000000000000 [ 112.972617] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 112.972928] CR2: dffffc0000000000 CR3: 000000002e8bc000 CR4: 00000000000006f0 [ 112.973357] DR0: ffffffffad852440 DR1: ffffffffad852441 DR2: ffffffffad852442 [ 112.973696] DR3: ffffffffad852443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 112.974260] Call Trace: [ 112.974377] <TASK> [ 112.974518] ? intlog2_test+0xf2/0x220 [ 112.974791] ? __pfx_intlog2_test+0x10/0x10 [ 112.975006] ? __schedule+0x10c6/0x2b60 [ 112.975326] ? __pfx_read_tsc+0x10/0x10 [ 112.975552] ? ktime_get_ts64+0x86/0x230 [ 112.975797] kunit_try_run_case+0x1a5/0x480 [ 112.976200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 112.976396] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 112.976639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 112.976938] ? __kthread_parkme+0x82/0x180 [ 112.977265] ? preempt_count_sub+0x50/0x80 [ 112.977492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 112.977699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 112.978006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 112.978405] kthread+0x337/0x6f0 [ 112.978628] ? trace_preempt_on+0x20/0xc0 [ 112.978863] ? __pfx_kthread+0x10/0x10 [ 112.979183] ? _raw_spin_unlock_irq+0x47/0x80 [ 112.979473] ? calculate_sigpending+0x7b/0xa0 [ 112.979680] ? __pfx_kthread+0x10/0x10 [ 112.979904] ret_from_fork+0x116/0x1d0 [ 112.980204] ? __pfx_kthread+0x10/0x10 [ 112.980408] ret_from_fork_asm+0x1a/0x30 [ 112.980635] </TASK> [ 112.980845] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 112.378485] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI