Date
June 8, 2025, 11:09 p.m.
Failure - log-parser-boot - bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 29.509283] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x24c/0x4858 [ 29.711722] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858 [ 29.785694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858
Failure - log-parser-boot - bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 29.416962] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 29.318740] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0
Failure - log-parser-boot - bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 29.258152] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 29.282824] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0
Failure - log-parser-boot - internal-error-oops-oops-smp
[ 116.265523] Internal error: Oops: 0000000096000005 [#1] SMP [ 116.273585] Modules linked in: [ 116.274684] CPU: 0 UID: 0 PID: 580 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 116.276164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 116.276668] Hardware name: linux,dummy-virt (DT) [ 116.278031] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 116.278870] pc : kunit_test_null_dereference+0x70/0x170 [ 116.279438] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 116.280210] sp : ffff800081fc7d30 [ 116.280700] x29: ffff800081fc7d90 x28: 0000000000000000 x27: 0000000000000000 [ 116.281916] x26: 1ffe0000191685a1 x25: 0000000000000000 x24: 0000000000000004 [ 116.282856] x23: fff00000c8b42d0c x22: ffffa6398c4578b8 x21: fff00000c56a2488 [ 116.283789] x20: 1ffff000103f8fa6 x19: ffff800080087990 x18: 00000000c0023bd8 [ 116.284738] x17: 1ffe000018b2134a x16: fff00000c097543c x15: fff00000ff616b08 [ 116.285681] x14: 0000000000018fff x13: 1ffe00001b488f89 x12: fffd800018b16b3c [ 116.286473] x11: 1ffe000018b16b3b x10: fffd800018b16b3b x9 : ffffa6398c44ed20 [ 116.287522] x8 : ffff800081fc7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 116.288474] x5 : ffff7000103f8fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 116.289519] x2 : dfff800000000000 x1 : fff00000c58b5100 x0 : ffff800080087990 [ 116.290899] Call trace: [ 116.291213] kunit_test_null_dereference+0x70/0x170 (P) [ 116.291493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 116.291766] kthread+0x328/0x630 [ 116.292654] ret_from_fork+0x10/0x20 [ 116.293974] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 116.295491] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 62.170578] ================================================================== [ 62.170642] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 62.170642] [ 62.170733] Use-after-free read at 0x000000003aa22402 (in kfence-#208): [ 62.170794] test_krealloc+0x51c/0x830 [ 62.170878] kunit_try_run_case+0x170/0x3f0 [ 62.170939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.170998] kthread+0x328/0x630 [ 62.171045] ret_from_fork+0x10/0x20 [ 62.171093] [ 62.171121] kfence-#208: 0x000000003aa22402-0x00000000b72bffe8, size=32, cache=kmalloc-32 [ 62.171121] [ 62.171190] allocated by task 337 on cpu 0 at 62.169759s (0.001427s ago): [ 62.171274] test_alloc+0x29c/0x628 [ 62.171327] test_krealloc+0xc0/0x830 [ 62.171377] kunit_try_run_case+0x170/0x3f0 [ 62.171425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.171482] kthread+0x328/0x630 [ 62.171525] ret_from_fork+0x10/0x20 [ 62.171575] [ 62.171603] freed by task 337 on cpu 0 at 62.170098s (0.001501s ago): [ 62.171679] krealloc_noprof+0x148/0x360 [ 62.171731] test_krealloc+0x1dc/0x830 [ 62.171789] kunit_try_run_case+0x170/0x3f0 [ 62.171858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.171917] kthread+0x328/0x630 [ 62.171960] ret_from_fork+0x10/0x20 [ 62.172006] [ 62.172057] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 62.172150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 62.172189] Hardware name: linux,dummy-virt (DT) [ 62.172228] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 62.087623] ================================================================== [ 62.087726] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 62.087726] [ 62.087867] Use-after-free read at 0x00000000cb927f84 (in kfence-#207): [ 62.087938] test_memcache_typesafe_by_rcu+0x280/0x560 [ 62.088007] kunit_try_run_case+0x170/0x3f0 [ 62.088068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.088129] kthread+0x328/0x630 [ 62.088181] ret_from_fork+0x10/0x20 [ 62.088239] [ 62.088271] kfence-#207: 0x00000000cb927f84-0x00000000bbc4c4a3, size=32, cache=test [ 62.088271] [ 62.088337] allocated by task 335 on cpu 1 at 62.065997s (0.022335s ago): [ 62.088427] test_alloc+0x230/0x628 [ 62.088483] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 62.088542] kunit_try_run_case+0x170/0x3f0 [ 62.088595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.088654] kthread+0x328/0x630 [ 62.088707] ret_from_fork+0x10/0x20 [ 62.088762] [ 62.088791] freed by task 335 on cpu 1 at 62.066160s (0.022627s ago): [ 62.088942] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 62.089004] kunit_try_run_case+0x170/0x3f0 [ 62.089092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 62.089155] kthread+0x328/0x630 [ 62.089204] ret_from_fork+0x10/0x20 [ 62.089256] [ 62.089311] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 62.089409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 62.089446] Hardware name: linux,dummy-virt (DT) [ 62.089490] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 40.552760] ================================================================== [ 40.553031] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 40.553031] [ 40.553262] Invalid read at 0x00000000a9e59a40: [ 40.553570] test_invalid_access+0xdc/0x1f0 [ 40.553735] kunit_try_run_case+0x170/0x3f0 [ 40.553883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.554011] kthread+0x328/0x630 [ 40.554127] ret_from_fork+0x10/0x20 [ 40.563376] [ 40.563786] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 40.564101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.564279] Hardware name: linux,dummy-virt (DT) [ 40.564446] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 40.326439] ================================================================== [ 40.326569] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 40.326569] [ 40.326657] Corrupted memory at 0x0000000098f8fe0a [ ! . . . . . . . . . . . . . . . ] (in kfence-#203): [ 40.327078] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 40.327149] kunit_try_run_case+0x170/0x3f0 [ 40.327209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.327270] kthread+0x328/0x630 [ 40.327322] ret_from_fork+0x10/0x20 [ 40.327376] [ 40.327405] kfence-#203: 0x000000004a7ee7be-0x000000002c774027, size=73, cache=kmalloc-96 [ 40.327405] [ 40.327475] allocated by task 325 on cpu 1 at 40.326064s (0.001406s ago): [ 40.327557] test_alloc+0x29c/0x628 [ 40.327610] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 40.327669] kunit_try_run_case+0x170/0x3f0 [ 40.327724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.327794] kthread+0x328/0x630 [ 40.327859] ret_from_fork+0x10/0x20 [ 40.327913] [ 40.327946] freed by task 325 on cpu 1 at 40.326277s (0.001663s ago): [ 40.328027] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 40.328084] kunit_try_run_case+0x170/0x3f0 [ 40.328139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.328199] kthread+0x328/0x630 [ 40.328247] ret_from_fork+0x10/0x20 [ 40.328296] [ 40.328350] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 40.328448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.328484] Hardware name: linux,dummy-virt (DT) [ 40.328528] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 40.222267] ================================================================== [ 40.222420] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 40.222420] [ 40.222540] Out-of-bounds read at 0x00000000ce827f4a (105B right of kfence-#202): [ 40.222617] test_kmalloc_aligned_oob_read+0x238/0x468 [ 40.222685] kunit_try_run_case+0x170/0x3f0 [ 40.222745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.222803] kthread+0x328/0x630 [ 40.222893] ret_from_fork+0x10/0x20 [ 40.222950] [ 40.222984] kfence-#202: 0x0000000080c5426e-0x00000000a1bdc455, size=73, cache=kmalloc-96 [ 40.222984] [ 40.223055] allocated by task 323 on cpu 1 at 40.221876s (0.001173s ago): [ 40.223145] test_alloc+0x29c/0x628 [ 40.223200] test_kmalloc_aligned_oob_read+0x100/0x468 [ 40.223258] kunit_try_run_case+0x170/0x3f0 [ 40.223311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.223372] kthread+0x328/0x630 [ 40.223422] ret_from_fork+0x10/0x20 [ 40.223475] [ 40.223528] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 40.223628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.223666] Hardware name: linux,dummy-virt (DT) [ 40.223708] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 33.924338] ================================================================== [ 33.924473] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 33.924473] [ 33.924597] Corrupted memory at 0x000000006cfb8298 [ ! . . . . . . . . . . . . . . . ] (in kfence-#142): [ 33.928270] test_corruption+0x120/0x378 [ 33.928387] kunit_try_run_case+0x170/0x3f0 [ 33.928489] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.928594] kthread+0x328/0x630 [ 33.928685] ret_from_fork+0x10/0x20 [ 33.928785] [ 33.928853] kfence-#142: 0x000000000fdc6803-0x00000000868912a3, size=32, cache=test [ 33.928853] [ 33.928984] allocated by task 313 on cpu 0 at 33.924106s (0.004871s ago): [ 33.929143] test_alloc+0x230/0x628 [ 33.929240] test_corruption+0xdc/0x378 [ 33.929337] kunit_try_run_case+0x170/0x3f0 [ 33.929432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.929539] kthread+0x328/0x630 [ 33.929623] ret_from_fork+0x10/0x20 [ 33.929715] [ 33.929770] freed by task 313 on cpu 0 at 33.924201s (0.005561s ago): [ 33.932976] test_corruption+0x120/0x378 [ 33.933814] kunit_try_run_case+0x170/0x3f0 [ 33.934019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.934133] kthread+0x328/0x630 [ 33.934229] ret_from_fork+0x10/0x20 [ 33.934325] [ 33.934409] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 33.934588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.934655] Hardware name: linux,dummy-virt (DT) [ 33.934739] ================================================================== [ 33.174943] ================================================================== [ 33.175275] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 33.175275] [ 33.175416] Corrupted memory at 0x00000000af6b164d [ ! . . . . . . . . . . . . . . . ] (in kfence-#135): [ 33.177456] test_corruption+0x278/0x378 [ 33.177584] kunit_try_run_case+0x170/0x3f0 [ 33.177884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.178033] kthread+0x328/0x630 [ 33.178134] ret_from_fork+0x10/0x20 [ 33.178246] [ 33.178353] kfence-#135: 0x00000000dc020ae2-0x000000000efabd14, size=32, cache=kmalloc-32 [ 33.178353] [ 33.178549] allocated by task 311 on cpu 0 at 33.174120s (0.004418s ago): [ 33.178720] test_alloc+0x29c/0x628 [ 33.178825] test_corruption+0xdc/0x378 [ 33.178943] kunit_try_run_case+0x170/0x3f0 [ 33.179066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.179333] kthread+0x328/0x630 [ 33.179605] ret_from_fork+0x10/0x20 [ 33.179904] [ 33.179963] freed by task 311 on cpu 0 at 33.174455s (0.005500s ago): [ 33.180231] test_corruption+0x278/0x378 [ 33.180443] kunit_try_run_case+0x170/0x3f0 [ 33.180624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.180739] kthread+0x328/0x630 [ 33.180829] ret_from_fork+0x10/0x20 [ 33.181169] [ 33.181278] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 33.181617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.181696] Hardware name: linux,dummy-virt (DT) [ 33.181782] ================================================================== [ 34.141572] ================================================================== [ 34.141726] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 34.141726] [ 34.141880] Corrupted memory at 0x0000000070239017 [ ! ] (in kfence-#144): [ 34.143965] test_corruption+0x1d8/0x378 [ 34.144077] kunit_try_run_case+0x170/0x3f0 [ 34.144178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.144283] kthread+0x328/0x630 [ 34.144368] ret_from_fork+0x10/0x20 [ 34.144458] [ 34.144514] kfence-#144: 0x00000000223bc61c-0x00000000fe62f1a9, size=32, cache=test [ 34.144514] [ 34.144643] allocated by task 313 on cpu 0 at 34.141316s (0.003319s ago): [ 34.147372] test_alloc+0x230/0x628 [ 34.147495] test_corruption+0x198/0x378 [ 34.147614] kunit_try_run_case+0x170/0x3f0 [ 34.147720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.150939] kthread+0x328/0x630 [ 34.151058] ret_from_fork+0x10/0x20 [ 34.152145] [ 34.152212] freed by task 313 on cpu 0 at 34.141418s (0.010785s ago): [ 34.152374] test_corruption+0x1d8/0x378 [ 34.152475] kunit_try_run_case+0x170/0x3f0 [ 34.152568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.152676] kthread+0x328/0x630 [ 34.152781] ret_from_fork+0x10/0x20 [ 34.155084] [ 34.155946] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 34.156153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.156244] Hardware name: linux,dummy-virt (DT) [ 34.156350] ================================================================== [ 33.711083] ================================================================== [ 33.711217] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 33.711217] [ 33.711341] Corrupted memory at 0x000000004e59ab48 [ ! ] (in kfence-#140): [ 33.711606] test_corruption+0x284/0x378 [ 33.711713] kunit_try_run_case+0x170/0x3f0 [ 33.711825] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.715852] kthread+0x328/0x630 [ 33.715971] ret_from_fork+0x10/0x20 [ 33.716634] [ 33.716722] kfence-#140: 0x00000000da8cf094-0x000000003fb78170, size=32, cache=kmalloc-32 [ 33.716722] [ 33.716885] allocated by task 311 on cpu 0 at 33.710634s (0.006242s ago): [ 33.717029] test_alloc+0x29c/0x628 [ 33.717927] test_corruption+0x198/0x378 [ 33.718441] kunit_try_run_case+0x170/0x3f0 [ 33.719449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.719600] kthread+0x328/0x630 [ 33.719696] ret_from_fork+0x10/0x20 [ 33.719797] [ 33.719871] freed by task 311 on cpu 0 at 33.710792s (0.009071s ago): [ 33.720022] test_corruption+0x284/0x378 [ 33.720116] kunit_try_run_case+0x170/0x3f0 [ 33.720212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 33.720315] kthread+0x328/0x630 [ 33.720399] ret_from_fork+0x10/0x20 [ 33.720491] [ 33.720571] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 33.720747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.720816] Hardware name: linux,dummy-virt (DT) [ 33.720908] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 32.642905] ================================================================== [ 32.643049] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 32.643049] [ 32.643235] Invalid free of 0x000000005833242b (in kfence-#130): [ 32.643371] test_invalid_addr_free+0x1ac/0x238 [ 32.643499] kunit_try_run_case+0x170/0x3f0 [ 32.643631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.643863] kthread+0x328/0x630 [ 32.644122] ret_from_fork+0x10/0x20 [ 32.644410] [ 32.644522] kfence-#130: 0x00000000c01246cd-0x00000000d8c402c2, size=32, cache=kmalloc-32 [ 32.644522] [ 32.644749] allocated by task 307 on cpu 0 at 32.642511s (0.002205s ago): [ 32.644927] test_alloc+0x29c/0x628 [ 32.645085] test_invalid_addr_free+0xd4/0x238 [ 32.645214] kunit_try_run_case+0x170/0x3f0 [ 32.645354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.645679] kthread+0x328/0x630 [ 32.645851] ret_from_fork+0x10/0x20 [ 32.645968] [ 32.646293] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 32.646575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.646657] Hardware name: linux,dummy-virt (DT) [ 32.646809] ================================================================== [ 32.747767] ================================================================== [ 32.748009] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 32.748009] [ 32.748182] Invalid free of 0x000000004666cfa6 (in kfence-#131): [ 32.748452] test_invalid_addr_free+0xec/0x238 [ 32.748571] kunit_try_run_case+0x170/0x3f0 [ 32.749036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.749350] kthread+0x328/0x630 [ 32.749521] ret_from_fork+0x10/0x20 [ 32.749890] [ 32.749958] kfence-#131: 0x00000000fbce6023-0x0000000099519da9, size=32, cache=test [ 32.749958] [ 32.750096] allocated by task 309 on cpu 0 at 32.747306s (0.002781s ago): [ 32.751013] test_alloc+0x230/0x628 [ 32.751261] test_invalid_addr_free+0xd4/0x238 [ 32.751670] kunit_try_run_case+0x170/0x3f0 [ 32.752024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.752135] kthread+0x328/0x630 [ 32.752679] ret_from_fork+0x10/0x20 [ 32.752802] [ 32.753169] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 32.753790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.754109] Hardware name: linux,dummy-virt (DT) [ 32.754248] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 32.435042] ================================================================== [ 32.435258] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 32.435258] [ 32.435409] Invalid free of 0x0000000027cf012a (in kfence-#128): [ 32.435562] test_double_free+0x1bc/0x238 [ 32.435674] kunit_try_run_case+0x170/0x3f0 [ 32.435815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.435969] kthread+0x328/0x630 [ 32.436194] ret_from_fork+0x10/0x20 [ 32.436321] [ 32.436396] kfence-#128: 0x0000000027cf012a-0x00000000eba670f5, size=32, cache=kmalloc-32 [ 32.436396] [ 32.436625] allocated by task 303 on cpu 0 at 32.434439s (0.002176s ago): [ 32.436917] test_alloc+0x29c/0x628 [ 32.437108] test_double_free+0xd4/0x238 [ 32.437313] kunit_try_run_case+0x170/0x3f0 [ 32.437491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.437621] kthread+0x328/0x630 [ 32.437812] ret_from_fork+0x10/0x20 [ 32.437949] [ 32.438006] freed by task 303 on cpu 0 at 32.434596s (0.003401s ago): [ 32.438180] test_double_free+0x1ac/0x238 [ 32.438399] kunit_try_run_case+0x170/0x3f0 [ 32.438567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.438880] kthread+0x328/0x630 [ 32.439014] ret_from_fork+0x10/0x20 [ 32.439154] [ 32.439256] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 32.439449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.439523] Hardware name: linux,dummy-virt (DT) [ 32.439629] ================================================================== [ 32.538791] ================================================================== [ 32.539106] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 32.539106] [ 32.539255] Invalid free of 0x000000009333aa4f (in kfence-#129): [ 32.539384] test_double_free+0x100/0x238 [ 32.539494] kunit_try_run_case+0x170/0x3f0 [ 32.539799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.540021] kthread+0x328/0x630 [ 32.540116] ret_from_fork+0x10/0x20 [ 32.540385] [ 32.540547] kfence-#129: 0x000000009333aa4f-0x0000000076654dde, size=32, cache=test [ 32.540547] [ 32.540736] allocated by task 305 on cpu 0 at 32.538268s (0.002438s ago): [ 32.540915] test_alloc+0x230/0x628 [ 32.541022] test_double_free+0xd4/0x238 [ 32.541138] kunit_try_run_case+0x170/0x3f0 [ 32.541414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.541546] kthread+0x328/0x630 [ 32.541645] ret_from_fork+0x10/0x20 [ 32.541756] [ 32.541832] freed by task 305 on cpu 0 at 32.538364s (0.003459s ago): [ 32.542022] test_double_free+0xf0/0x238 [ 32.542125] kunit_try_run_case+0x170/0x3f0 [ 32.542234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.542426] kthread+0x328/0x630 [ 32.542544] ret_from_fork+0x10/0x20 [ 32.542670] [ 32.542822] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 32.543031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.543142] Hardware name: linux,dummy-virt (DT) [ 32.543240] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 32.019305] ================================================================== [ 32.019645] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 32.019645] [ 32.019930] Use-after-free read at 0x0000000017481006 (in kfence-#124): [ 32.020236] test_use_after_free_read+0x114/0x248 [ 32.020360] kunit_try_run_case+0x170/0x3f0 [ 32.020468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.020576] kthread+0x328/0x630 [ 32.020678] ret_from_fork+0x10/0x20 [ 32.020960] [ 32.021033] kfence-#124: 0x0000000017481006-0x00000000175af4d6, size=32, cache=kmalloc-32 [ 32.021033] [ 32.021454] allocated by task 295 on cpu 0 at 32.018480s (0.002950s ago): [ 32.021729] test_alloc+0x29c/0x628 [ 32.021963] test_use_after_free_read+0xd0/0x248 [ 32.022114] kunit_try_run_case+0x170/0x3f0 [ 32.022232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.022529] kthread+0x328/0x630 [ 32.022663] ret_from_fork+0x10/0x20 [ 32.022775] [ 32.022851] freed by task 295 on cpu 0 at 32.018594s (0.004230s ago): [ 32.023699] test_use_after_free_read+0x1c0/0x248 [ 32.023818] kunit_try_run_case+0x170/0x3f0 [ 32.023940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.024449] kthread+0x328/0x630 [ 32.025087] ret_from_fork+0x10/0x20 [ 32.025193] [ 32.025869] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 32.026293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.026581] Hardware name: linux,dummy-virt (DT) [ 32.027552] ================================================================== [ 32.122958] ================================================================== [ 32.123159] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 32.123159] [ 32.123434] Use-after-free read at 0x00000000e99f417f (in kfence-#125): [ 32.123619] test_use_after_free_read+0x114/0x248 [ 32.123756] kunit_try_run_case+0x170/0x3f0 [ 32.123890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.124048] kthread+0x328/0x630 [ 32.124149] ret_from_fork+0x10/0x20 [ 32.124250] [ 32.124309] kfence-#125: 0x00000000e99f417f-0x00000000b788079b, size=32, cache=test [ 32.124309] [ 32.124432] allocated by task 297 on cpu 0 at 32.122172s (0.002252s ago): [ 32.124607] test_alloc+0x230/0x628 [ 32.124710] test_use_after_free_read+0xd0/0x248 [ 32.124813] kunit_try_run_case+0x170/0x3f0 [ 32.124942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.125716] kthread+0x328/0x630 [ 32.125978] ret_from_fork+0x10/0x20 [ 32.126095] [ 32.126253] freed by task 297 on cpu 0 at 32.122268s (0.003973s ago): [ 32.126786] test_use_after_free_read+0xf0/0x248 [ 32.126941] kunit_try_run_case+0x170/0x3f0 [ 32.127170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.127341] kthread+0x328/0x630 [ 32.127470] ret_from_fork+0x10/0x20 [ 32.127575] [ 32.127665] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 32.127877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.128009] Hardware name: linux,dummy-virt (DT) [ 32.128167] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 31.911767] ================================================================== [ 31.912117] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 31.912117] [ 31.912871] Out-of-bounds write at 0x00000000cfc0e7bb (1B left of kfence-#123): [ 31.912999] test_out_of_bounds_write+0x100/0x240 [ 31.913130] kunit_try_run_case+0x170/0x3f0 [ 31.913235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.913343] kthread+0x328/0x630 [ 31.913472] ret_from_fork+0x10/0x20 [ 31.913591] [ 31.913710] kfence-#123: 0x000000002c953ed2-0x0000000064fbb05d, size=32, cache=test [ 31.913710] [ 31.914217] allocated by task 293 on cpu 0 at 31.911607s (0.002601s ago): [ 31.914782] test_alloc+0x230/0x628 [ 31.915381] test_out_of_bounds_write+0xc8/0x240 [ 31.915627] kunit_try_run_case+0x170/0x3f0 [ 31.915721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.915950] kthread+0x328/0x630 [ 31.916579] ret_from_fork+0x10/0x20 [ 31.916748] [ 31.916855] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 31.917044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.917123] Hardware name: linux,dummy-virt (DT) [ 31.918306] ================================================================== [ 31.803954] ================================================================== [ 31.804644] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 31.804644] [ 31.805085] Out-of-bounds write at 0x0000000060959a74 (1B left of kfence-#122): [ 31.805234] test_out_of_bounds_write+0x100/0x240 [ 31.805422] kunit_try_run_case+0x170/0x3f0 [ 31.805726] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.805993] kthread+0x328/0x630 [ 31.806695] ret_from_fork+0x10/0x20 [ 31.806811] [ 31.806894] kfence-#122: 0x0000000077f11a57-0x00000000d7e5dadd, size=32, cache=kmalloc-32 [ 31.806894] [ 31.807024] allocated by task 291 on cpu 0 at 31.803458s (0.003557s ago): [ 31.807138] test_alloc+0x29c/0x628 [ 31.807195] test_out_of_bounds_write+0xc8/0x240 [ 31.807263] kunit_try_run_case+0x170/0x3f0 [ 31.807322] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.807379] kthread+0x328/0x630 [ 31.807452] ret_from_fork+0x10/0x20 [ 31.807559] [ 31.807651] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 31.807859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.807934] Hardware name: linux,dummy-virt (DT) [ 31.808053] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 31.494563] ================================================================== [ 31.494707] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 31.494707] [ 31.494893] Out-of-bounds read at 0x00000000d26f4e92 (1B left of kfence-#119): [ 31.495041] test_out_of_bounds_read+0x114/0x3e0 [ 31.495306] kunit_try_run_case+0x170/0x3f0 [ 31.495506] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.495634] kthread+0x328/0x630 [ 31.495762] ret_from_fork+0x10/0x20 [ 31.496068] [ 31.496234] kfence-#119: 0x000000003e3b29ad-0x00000000643bdbbb, size=32, cache=test [ 31.496234] [ 31.496363] allocated by task 289 on cpu 0 at 31.494274s (0.002081s ago): [ 31.496570] test_alloc+0x230/0x628 [ 31.496690] test_out_of_bounds_read+0xdc/0x3e0 [ 31.496957] kunit_try_run_case+0x170/0x3f0 [ 31.497535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.497879] kthread+0x328/0x630 [ 31.497987] ret_from_fork+0x10/0x20 [ 31.498092] [ 31.498225] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 31.498601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.498703] Hardware name: linux,dummy-virt (DT) [ 31.498785] ================================================================== [ 31.386879] ================================================================== [ 31.387139] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 31.387139] [ 31.387423] Out-of-bounds read at 0x0000000017266168 (32B right of kfence-#118): [ 31.387571] test_out_of_bounds_read+0x1c8/0x3e0 [ 31.387935] kunit_try_run_case+0x170/0x3f0 [ 31.388070] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.388186] kthread+0x328/0x630 [ 31.389224] ret_from_fork+0x10/0x20 [ 31.389420] [ 31.389572] kfence-#118: 0x00000000c6fb3139-0x0000000002cb80cc, size=32, cache=kmalloc-32 [ 31.389572] [ 31.389704] allocated by task 287 on cpu 0 at 31.386461s (0.003235s ago): [ 31.389883] test_alloc+0x29c/0x628 [ 31.389992] test_out_of_bounds_read+0x198/0x3e0 [ 31.390099] kunit_try_run_case+0x170/0x3f0 [ 31.390197] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.390308] kthread+0x328/0x630 [ 31.390399] ret_from_fork+0x10/0x20 [ 31.390506] [ 31.390595] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 31.390794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.390889] Hardware name: linux,dummy-virt (DT) [ 31.390989] ================================================================== [ 31.070485] ================================================================== [ 31.070723] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 31.070723] [ 31.070998] Out-of-bounds read at 0x000000008e013843 (1B left of kfence-#115): [ 31.071177] test_out_of_bounds_read+0x114/0x3e0 [ 31.071451] kunit_try_run_case+0x170/0x3f0 [ 31.071887] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.072023] kthread+0x328/0x630 [ 31.072337] ret_from_fork+0x10/0x20 [ 31.072475] [ 31.072544] kfence-#115: 0x00000000c991de0a-0x000000002b02f31c, size=32, cache=kmalloc-32 [ 31.072544] [ 31.073113] allocated by task 287 on cpu 0 at 31.062603s (0.010478s ago): [ 31.073425] test_alloc+0x29c/0x628 [ 31.074011] test_out_of_bounds_read+0xdc/0x3e0 [ 31.074506] kunit_try_run_case+0x170/0x3f0 [ 31.074628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.074751] kthread+0x328/0x630 [ 31.074855] ret_from_fork+0x10/0x20 [ 31.074993] [ 31.075428] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 31.075626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.075718] Hardware name: linux,dummy-virt (DT) [ 31.075988] ================================================================== [ 31.703035] ================================================================== [ 31.703173] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 31.703173] [ 31.703317] Out-of-bounds read at 0x0000000054b2e2e2 (32B right of kfence-#121): [ 31.703445] test_out_of_bounds_read+0x1c8/0x3e0 [ 31.703550] kunit_try_run_case+0x170/0x3f0 [ 31.703648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.703754] kthread+0x328/0x630 [ 31.703869] ret_from_fork+0x10/0x20 [ 31.703981] [ 31.704043] kfence-#121: 0x000000003ecd13ff-0x0000000071198670, size=32, cache=test [ 31.704043] [ 31.704177] allocated by task 289 on cpu 0 at 31.700792s (0.003377s ago): [ 31.704339] test_alloc+0x230/0x628 [ 31.704446] test_out_of_bounds_read+0x198/0x3e0 [ 31.704552] kunit_try_run_case+0x170/0x3f0 [ 31.704652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.704770] kthread+0x328/0x630 [ 31.707902] ret_from_fork+0x10/0x20 [ 31.708159] [ 31.708249] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 31.708542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.708617] Hardware name: linux,dummy-virt (DT) [ 31.708699] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 24.806241] ================================================================== [ 24.806402] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x168/0x488 [ 24.806402] [ 24.806683] Corrupted memory at 0x000000008220640d [ ! . . . . . . . . . . . . . . . ] (in kfence-#73): [ 24.811470] kmalloc_track_caller_oob_right+0x168/0x488 [ 24.811589] kunit_try_run_case+0x170/0x3f0 [ 24.811722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.811866] kthread+0x328/0x630 [ 24.811952] ret_from_fork+0x10/0x20 [ 24.812064] [ 24.812704] kfence-#73: 0x0000000045946cc7-0x00000000eeebc07c, size=120, cache=kmalloc-128 [ 24.812704] [ 24.813317] allocated by task 142 on cpu 0 at 24.798369s (0.014829s ago): [ 24.813737] kmalloc_track_caller_oob_right+0xa8/0x488 [ 24.813924] kunit_try_run_case+0x170/0x3f0 [ 24.814041] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.814218] kthread+0x328/0x630 [ 24.814310] ret_from_fork+0x10/0x20 [ 24.814590] [ 24.814968] freed by task 142 on cpu 0 at 24.804739s (0.009992s ago): [ 24.815223] kmalloc_track_caller_oob_right+0x168/0x488 [ 24.815475] kunit_try_run_case+0x170/0x3f0 [ 24.815672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.815790] kthread+0x328/0x630 [ 24.816307] ret_from_fork+0x10/0x20 [ 24.816912] [ 24.817134] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 24.817350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.817727] Hardware name: linux,dummy-virt (DT) [ 24.817940] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 30.867696] ================================================================== [ 30.867787] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 30.867925] Write of size 121 at addr fff00000c7772a00 by task kunit_try_catch/285 [ 30.868061] [ 30.868134] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.868328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.868396] Hardware name: linux,dummy-virt (DT) [ 30.868479] Call trace: [ 30.869138] show_stack+0x20/0x38 (C) [ 30.869395] dump_stack_lvl+0x8c/0xd0 [ 30.869616] print_report+0x118/0x608 [ 30.870059] kasan_report+0xdc/0x128 [ 30.870489] kasan_check_range+0x100/0x1a8 [ 30.870647] __kasan_check_write+0x20/0x30 [ 30.870873] strncpy_from_user+0x3c/0x2a0 [ 30.871003] copy_user_test_oob+0x5c0/0xec8 [ 30.871184] kunit_try_run_case+0x170/0x3f0 [ 30.871342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.871503] kthread+0x328/0x630 [ 30.871629] ret_from_fork+0x10/0x20 [ 30.871810] [ 30.871932] Allocated by task 285: [ 30.872002] kasan_save_stack+0x3c/0x68 [ 30.872187] kasan_save_track+0x20/0x40 [ 30.872352] kasan_save_alloc_info+0x40/0x58 [ 30.872615] __kasan_kmalloc+0xd4/0xd8 [ 30.872754] __kmalloc_noprof+0x198/0x4c8 [ 30.872889] kunit_kmalloc_array+0x34/0x88 [ 30.872988] copy_user_test_oob+0xac/0xec8 [ 30.873181] kunit_try_run_case+0x170/0x3f0 [ 30.873279] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.873481] kthread+0x328/0x630 [ 30.873567] ret_from_fork+0x10/0x20 [ 30.873677] [ 30.873777] The buggy address belongs to the object at fff00000c7772a00 [ 30.873777] which belongs to the cache kmalloc-128 of size 128 [ 30.873928] The buggy address is located 0 bytes inside of [ 30.873928] allocated 120-byte region [fff00000c7772a00, fff00000c7772a78) [ 30.874093] [ 30.874145] The buggy address belongs to the physical page: [ 30.874489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 30.874649] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.874920] page_type: f5(slab) [ 30.875039] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.875173] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.875283] page dumped because: kasan: bad access detected [ 30.875395] [ 30.875524] Memory state around the buggy address: [ 30.875642] fff00000c7772900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.875756] fff00000c7772980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.875899] >fff00000c7772a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.876003] ^ [ 30.876116] fff00000c7772a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.876853] fff00000c7772b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.876963] ================================================================== [ 30.879852] ================================================================== [ 30.880132] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 30.880243] Write of size 1 at addr fff00000c7772a78 by task kunit_try_catch/285 [ 30.880552] [ 30.880637] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.880854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.880927] Hardware name: linux,dummy-virt (DT) [ 30.881003] Call trace: [ 30.881577] show_stack+0x20/0x38 (C) [ 30.881737] dump_stack_lvl+0x8c/0xd0 [ 30.882269] print_report+0x118/0x608 [ 30.882404] kasan_report+0xdc/0x128 [ 30.882529] __asan_report_store1_noabort+0x20/0x30 [ 30.882667] strncpy_from_user+0x270/0x2a0 [ 30.883181] copy_user_test_oob+0x5c0/0xec8 [ 30.884079] kunit_try_run_case+0x170/0x3f0 [ 30.884328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.884479] kthread+0x328/0x630 [ 30.884602] ret_from_fork+0x10/0x20 [ 30.884742] [ 30.884819] Allocated by task 285: [ 30.884911] kasan_save_stack+0x3c/0x68 [ 30.885017] kasan_save_track+0x20/0x40 [ 30.885191] kasan_save_alloc_info+0x40/0x58 [ 30.885360] __kasan_kmalloc+0xd4/0xd8 [ 30.885466] __kmalloc_noprof+0x198/0x4c8 [ 30.885581] kunit_kmalloc_array+0x34/0x88 [ 30.885729] copy_user_test_oob+0xac/0xec8 [ 30.885872] kunit_try_run_case+0x170/0x3f0 [ 30.885996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.886128] kthread+0x328/0x630 [ 30.886363] ret_from_fork+0x10/0x20 [ 30.886469] [ 30.886642] The buggy address belongs to the object at fff00000c7772a00 [ 30.886642] which belongs to the cache kmalloc-128 of size 128 [ 30.886790] The buggy address is located 0 bytes to the right of [ 30.886790] allocated 120-byte region [fff00000c7772a00, fff00000c7772a78) [ 30.886968] [ 30.887024] The buggy address belongs to the physical page: [ 30.887139] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 30.887276] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.887415] page_type: f5(slab) [ 30.887534] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.887664] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.887772] page dumped because: kasan: bad access detected [ 30.887882] [ 30.887931] Memory state around the buggy address: [ 30.888147] fff00000c7772900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.888265] fff00000c7772980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.888383] >fff00000c7772a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.888482] ^ [ 30.888587] fff00000c7772a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.888696] fff00000c7772b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.888795] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 30.757031] ================================================================== [ 30.757827] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 30.758052] Write of size 121 at addr fff00000c7772a00 by task kunit_try_catch/285 [ 30.758408] [ 30.758534] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.758762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.758873] Hardware name: linux,dummy-virt (DT) [ 30.759060] Call trace: [ 30.759198] show_stack+0x20/0x38 (C) [ 30.759451] dump_stack_lvl+0x8c/0xd0 [ 30.759620] print_report+0x118/0x608 [ 30.759756] kasan_report+0xdc/0x128 [ 30.759909] kasan_check_range+0x100/0x1a8 [ 30.760033] __kasan_check_write+0x20/0x30 [ 30.760167] copy_user_test_oob+0x234/0xec8 [ 30.760386] kunit_try_run_case+0x170/0x3f0 [ 30.760607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.760951] kthread+0x328/0x630 [ 30.761116] ret_from_fork+0x10/0x20 [ 30.761280] [ 30.761340] Allocated by task 285: [ 30.761522] kasan_save_stack+0x3c/0x68 [ 30.761647] kasan_save_track+0x20/0x40 [ 30.761761] kasan_save_alloc_info+0x40/0x58 [ 30.761898] __kasan_kmalloc+0xd4/0xd8 [ 30.762001] __kmalloc_noprof+0x198/0x4c8 [ 30.762111] kunit_kmalloc_array+0x34/0x88 [ 30.762207] copy_user_test_oob+0xac/0xec8 [ 30.762310] kunit_try_run_case+0x170/0x3f0 [ 30.762410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.762527] kthread+0x328/0x630 [ 30.762657] ret_from_fork+0x10/0x20 [ 30.762753] [ 30.762806] The buggy address belongs to the object at fff00000c7772a00 [ 30.762806] which belongs to the cache kmalloc-128 of size 128 [ 30.762968] The buggy address is located 0 bytes inside of [ 30.762968] allocated 120-byte region [fff00000c7772a00, fff00000c7772a78) [ 30.763125] [ 30.763235] The buggy address belongs to the physical page: [ 30.763334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 30.763565] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.763890] page_type: f5(slab) [ 30.764015] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.764162] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.764270] page dumped because: kasan: bad access detected [ 30.764595] [ 30.764685] Memory state around the buggy address: [ 30.764777] fff00000c7772900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.764911] fff00000c7772980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.765043] >fff00000c7772a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.765681] ^ [ 30.767024] fff00000c7772a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.767151] fff00000c7772b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.767230] ================================================================== [ 30.820378] ================================================================== [ 30.820552] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 30.820781] Read of size 121 at addr fff00000c7772a00 by task kunit_try_catch/285 [ 30.820962] [ 30.821092] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.821710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.821817] Hardware name: linux,dummy-virt (DT) [ 30.821922] Call trace: [ 30.821981] show_stack+0x20/0x38 (C) [ 30.822103] dump_stack_lvl+0x8c/0xd0 [ 30.822233] print_report+0x118/0x608 [ 30.822358] kasan_report+0xdc/0x128 [ 30.822530] kasan_check_range+0x100/0x1a8 [ 30.822663] __kasan_check_read+0x20/0x30 [ 30.822801] copy_user_test_oob+0x3c8/0xec8 [ 30.823223] kunit_try_run_case+0x170/0x3f0 [ 30.823350] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.823525] kthread+0x328/0x630 [ 30.823628] ret_from_fork+0x10/0x20 [ 30.823755] [ 30.823813] Allocated by task 285: [ 30.823915] kasan_save_stack+0x3c/0x68 [ 30.824190] kasan_save_track+0x20/0x40 [ 30.824303] kasan_save_alloc_info+0x40/0x58 [ 30.824589] __kasan_kmalloc+0xd4/0xd8 [ 30.824694] __kmalloc_noprof+0x198/0x4c8 [ 30.824789] kunit_kmalloc_array+0x34/0x88 [ 30.824926] copy_user_test_oob+0xac/0xec8 [ 30.825054] kunit_try_run_case+0x170/0x3f0 [ 30.825168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.825483] kthread+0x328/0x630 [ 30.825767] ret_from_fork+0x10/0x20 [ 30.826102] [ 30.826191] The buggy address belongs to the object at fff00000c7772a00 [ 30.826191] which belongs to the cache kmalloc-128 of size 128 [ 30.826501] The buggy address is located 0 bytes inside of [ 30.826501] allocated 120-byte region [fff00000c7772a00, fff00000c7772a78) [ 30.826754] [ 30.826809] The buggy address belongs to the physical page: [ 30.826908] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 30.827071] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.827189] page_type: f5(slab) [ 30.827363] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.827526] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.827720] page dumped because: kasan: bad access detected [ 30.827812] [ 30.827920] Memory state around the buggy address: [ 30.828008] fff00000c7772900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.828119] fff00000c7772980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.828234] >fff00000c7772a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.828385] ^ [ 30.828508] fff00000c7772a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.828625] fff00000c7772b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.829100] ================================================================== [ 30.806373] ================================================================== [ 30.806511] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 30.806632] Write of size 121 at addr fff00000c7772a00 by task kunit_try_catch/285 [ 30.806758] [ 30.806862] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.807068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.807140] Hardware name: linux,dummy-virt (DT) [ 30.807217] Call trace: [ 30.807274] show_stack+0x20/0x38 (C) [ 30.807401] dump_stack_lvl+0x8c/0xd0 [ 30.807532] print_report+0x118/0x608 [ 30.807882] kasan_report+0xdc/0x128 [ 30.808217] kasan_check_range+0x100/0x1a8 [ 30.809482] __kasan_check_write+0x20/0x30 [ 30.809624] copy_user_test_oob+0x35c/0xec8 [ 30.810238] kunit_try_run_case+0x170/0x3f0 [ 30.810419] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.810693] kthread+0x328/0x630 [ 30.810856] ret_from_fork+0x10/0x20 [ 30.811097] [ 30.811153] Allocated by task 285: [ 30.811230] kasan_save_stack+0x3c/0x68 [ 30.811333] kasan_save_track+0x20/0x40 [ 30.811436] kasan_save_alloc_info+0x40/0x58 [ 30.811550] __kasan_kmalloc+0xd4/0xd8 [ 30.811652] __kmalloc_noprof+0x198/0x4c8 [ 30.811752] kunit_kmalloc_array+0x34/0x88 [ 30.811890] copy_user_test_oob+0xac/0xec8 [ 30.811997] kunit_try_run_case+0x170/0x3f0 [ 30.812094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.812204] kthread+0x328/0x630 [ 30.812321] ret_from_fork+0x10/0x20 [ 30.812422] [ 30.812473] The buggy address belongs to the object at fff00000c7772a00 [ 30.812473] which belongs to the cache kmalloc-128 of size 128 [ 30.812629] The buggy address is located 0 bytes inside of [ 30.812629] allocated 120-byte region [fff00000c7772a00, fff00000c7772a78) [ 30.812827] [ 30.812904] The buggy address belongs to the physical page: [ 30.812991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 30.813336] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.813476] page_type: f5(slab) [ 30.813990] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.814159] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.814282] page dumped because: kasan: bad access detected [ 30.814573] [ 30.814688] Memory state around the buggy address: [ 30.814783] fff00000c7772900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.815225] fff00000c7772980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.815341] >fff00000c7772a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.815597] ^ [ 30.815892] fff00000c7772a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.816606] fff00000c7772b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.816764] ================================================================== [ 30.850548] ================================================================== [ 30.850659] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 30.850877] Read of size 121 at addr fff00000c7772a00 by task kunit_try_catch/285 [ 30.851117] [ 30.851695] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.852829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.853189] Hardware name: linux,dummy-virt (DT) [ 30.853300] Call trace: [ 30.853376] show_stack+0x20/0x38 (C) [ 30.853518] dump_stack_lvl+0x8c/0xd0 [ 30.854110] print_report+0x118/0x608 [ 30.854239] kasan_report+0xdc/0x128 [ 30.854678] kasan_check_range+0x100/0x1a8 [ 30.855333] __kasan_check_read+0x20/0x30 [ 30.855770] copy_user_test_oob+0x4a0/0xec8 [ 30.856145] kunit_try_run_case+0x170/0x3f0 [ 30.856468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.856933] kthread+0x328/0x630 [ 30.857686] ret_from_fork+0x10/0x20 [ 30.857818] [ 30.858085] Allocated by task 285: [ 30.858226] kasan_save_stack+0x3c/0x68 [ 30.858932] kasan_save_track+0x20/0x40 [ 30.859059] kasan_save_alloc_info+0x40/0x58 [ 30.859186] __kasan_kmalloc+0xd4/0xd8 [ 30.859298] __kmalloc_noprof+0x198/0x4c8 [ 30.860196] kunit_kmalloc_array+0x34/0x88 [ 30.860302] copy_user_test_oob+0xac/0xec8 [ 30.860405] kunit_try_run_case+0x170/0x3f0 [ 30.861249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.861404] kthread+0x328/0x630 [ 30.861498] ret_from_fork+0x10/0x20 [ 30.861551] [ 30.861582] The buggy address belongs to the object at fff00000c7772a00 [ 30.861582] which belongs to the cache kmalloc-128 of size 128 [ 30.861656] The buggy address is located 0 bytes inside of [ 30.861656] allocated 120-byte region [fff00000c7772a00, fff00000c7772a78) [ 30.861734] [ 30.861762] The buggy address belongs to the physical page: [ 30.861808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 30.862707] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.863206] page_type: f5(slab) [ 30.863325] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.863669] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.864197] page dumped because: kasan: bad access detected [ 30.864295] [ 30.864344] Memory state around the buggy address: [ 30.865165] fff00000c7772900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.865654] fff00000c7772980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.865769] >fff00000c7772a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.866016] ^ [ 30.866162] fff00000c7772a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.866277] fff00000c7772b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.866379] ================================================================== [ 30.831356] ================================================================== [ 30.831607] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 30.831727] Write of size 121 at addr fff00000c7772a00 by task kunit_try_catch/285 [ 30.831895] [ 30.831972] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.832174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.832492] Hardware name: linux,dummy-virt (DT) [ 30.832736] Call trace: [ 30.832802] show_stack+0x20/0x38 (C) [ 30.832950] dump_stack_lvl+0x8c/0xd0 [ 30.833073] print_report+0x118/0x608 [ 30.833196] kasan_report+0xdc/0x128 [ 30.833909] kasan_check_range+0x100/0x1a8 [ 30.834488] __kasan_check_write+0x20/0x30 [ 30.834831] copy_user_test_oob+0x434/0xec8 [ 30.835299] kunit_try_run_case+0x170/0x3f0 [ 30.835488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.836139] kthread+0x328/0x630 [ 30.836274] ret_from_fork+0x10/0x20 [ 30.836740] [ 30.836877] Allocated by task 285: [ 30.837313] kasan_save_stack+0x3c/0x68 [ 30.837426] kasan_save_track+0x20/0x40 [ 30.837882] kasan_save_alloc_info+0x40/0x58 [ 30.838146] __kasan_kmalloc+0xd4/0xd8 [ 30.838307] __kmalloc_noprof+0x198/0x4c8 [ 30.838799] kunit_kmalloc_array+0x34/0x88 [ 30.839260] copy_user_test_oob+0xac/0xec8 [ 30.839398] kunit_try_run_case+0x170/0x3f0 [ 30.839912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.840425] kthread+0x328/0x630 [ 30.840574] ret_from_fork+0x10/0x20 [ 30.840830] [ 30.840955] The buggy address belongs to the object at fff00000c7772a00 [ 30.840955] which belongs to the cache kmalloc-128 of size 128 [ 30.841103] The buggy address is located 0 bytes inside of [ 30.841103] allocated 120-byte region [fff00000c7772a00, fff00000c7772a78) [ 30.841492] [ 30.842067] The buggy address belongs to the physical page: [ 30.842389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 30.842698] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.843004] page_type: f5(slab) [ 30.843166] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.843323] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.843758] page dumped because: kasan: bad access detected [ 30.844184] [ 30.844289] Memory state around the buggy address: [ 30.844378] fff00000c7772900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.844502] fff00000c7772980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.844613] >fff00000c7772a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.844734] ^ [ 30.844886] fff00000c7772a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.845251] fff00000c7772b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.845820] ================================================================== [ 30.776794] ================================================================== [ 30.776946] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 30.777062] Read of size 121 at addr fff00000c7772a00 by task kunit_try_catch/285 [ 30.777223] [ 30.777306] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.777596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.777678] Hardware name: linux,dummy-virt (DT) [ 30.777772] Call trace: [ 30.777881] show_stack+0x20/0x38 (C) [ 30.778017] dump_stack_lvl+0x8c/0xd0 [ 30.778219] print_report+0x118/0x608 [ 30.778318] kasan_report+0xdc/0x128 [ 30.778711] kasan_check_range+0x100/0x1a8 [ 30.779339] __kasan_check_read+0x20/0x30 [ 30.779516] copy_user_test_oob+0x728/0xec8 [ 30.779879] kunit_try_run_case+0x170/0x3f0 [ 30.780831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.781099] kthread+0x328/0x630 [ 30.781801] ret_from_fork+0x10/0x20 [ 30.781971] [ 30.782122] Allocated by task 285: [ 30.782229] kasan_save_stack+0x3c/0x68 [ 30.782510] kasan_save_track+0x20/0x40 [ 30.782634] kasan_save_alloc_info+0x40/0x58 [ 30.782779] __kasan_kmalloc+0xd4/0xd8 [ 30.782923] __kmalloc_noprof+0x198/0x4c8 [ 30.783028] kunit_kmalloc_array+0x34/0x88 [ 30.783129] copy_user_test_oob+0xac/0xec8 [ 30.783223] kunit_try_run_case+0x170/0x3f0 [ 30.783377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.783535] kthread+0x328/0x630 [ 30.783719] ret_from_fork+0x10/0x20 [ 30.783866] [ 30.783924] The buggy address belongs to the object at fff00000c7772a00 [ 30.783924] which belongs to the cache kmalloc-128 of size 128 [ 30.784067] The buggy address is located 0 bytes inside of [ 30.784067] allocated 120-byte region [fff00000c7772a00, fff00000c7772a78) [ 30.784218] [ 30.784269] The buggy address belongs to the physical page: [ 30.784347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 30.784484] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.784825] page_type: f5(slab) [ 30.784957] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.785294] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.785445] page dumped because: kasan: bad access detected [ 30.785559] [ 30.785627] Memory state around the buggy address: [ 30.785857] fff00000c7772900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.785979] fff00000c7772980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.786108] >fff00000c7772a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.786224] ^ [ 30.786868] fff00000c7772a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.787155] fff00000c7772b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.787517] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 30.669981] ================================================================== [ 30.670088] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 30.670203] Write of size 8 at addr fff00000c7772978 by task kunit_try_catch/281 [ 30.670327] [ 30.670399] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.670593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.670664] Hardware name: linux,dummy-virt (DT) [ 30.670743] Call trace: [ 30.670803] show_stack+0x20/0x38 (C) [ 30.674258] dump_stack_lvl+0x8c/0xd0 [ 30.674786] print_report+0x118/0x608 [ 30.675229] kasan_report+0xdc/0x128 [ 30.675364] kasan_check_range+0x100/0x1a8 [ 30.676197] __kasan_check_write+0x20/0x30 [ 30.676673] copy_to_kernel_nofault+0x8c/0x250 [ 30.676893] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 30.677119] kunit_try_run_case+0x170/0x3f0 [ 30.677614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.677808] kthread+0x328/0x630 [ 30.678173] ret_from_fork+0x10/0x20 [ 30.678501] [ 30.678557] Allocated by task 281: [ 30.679816] kasan_save_stack+0x3c/0x68 [ 30.679963] kasan_save_track+0x20/0x40 [ 30.680115] kasan_save_alloc_info+0x40/0x58 [ 30.680226] __kasan_kmalloc+0xd4/0xd8 [ 30.680359] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.680495] copy_to_kernel_nofault_oob+0xc8/0x418 [ 30.680604] kunit_try_run_case+0x170/0x3f0 [ 30.680706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.680832] kthread+0x328/0x630 [ 30.680959] ret_from_fork+0x10/0x20 [ 30.681073] [ 30.681139] The buggy address belongs to the object at fff00000c7772900 [ 30.681139] which belongs to the cache kmalloc-128 of size 128 [ 30.681584] The buggy address is located 0 bytes to the right of [ 30.681584] allocated 120-byte region [fff00000c7772900, fff00000c7772978) [ 30.681855] [ 30.681925] The buggy address belongs to the physical page: [ 30.682101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 30.682241] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.682689] page_type: f5(slab) [ 30.682800] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.683002] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.683349] page dumped because: kasan: bad access detected [ 30.683540] [ 30.683590] Memory state around the buggy address: [ 30.684223] fff00000c7772800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.684610] fff00000c7772880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.685628] >fff00000c7772900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.686122] ^ [ 30.686267] fff00000c7772980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.686396] fff00000c7772a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.686593] ================================================================== [ 30.660295] ================================================================== [ 30.660436] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 30.660573] Read of size 8 at addr fff00000c7772978 by task kunit_try_catch/281 [ 30.660874] [ 30.661200] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.661486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.661598] Hardware name: linux,dummy-virt (DT) [ 30.661727] Call trace: [ 30.661802] show_stack+0x20/0x38 (C) [ 30.661963] dump_stack_lvl+0x8c/0xd0 [ 30.662176] print_report+0x118/0x608 [ 30.662311] kasan_report+0xdc/0x128 [ 30.662495] __asan_report_load8_noabort+0x20/0x30 [ 30.662658] copy_to_kernel_nofault+0x204/0x250 [ 30.662794] copy_to_kernel_nofault_oob+0x158/0x418 [ 30.662962] kunit_try_run_case+0x170/0x3f0 [ 30.663190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.663470] kthread+0x328/0x630 [ 30.663620] ret_from_fork+0x10/0x20 [ 30.663931] [ 30.663984] Allocated by task 281: [ 30.664165] kasan_save_stack+0x3c/0x68 [ 30.664302] kasan_save_track+0x20/0x40 [ 30.664403] kasan_save_alloc_info+0x40/0x58 [ 30.664536] __kasan_kmalloc+0xd4/0xd8 [ 30.664636] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.664779] copy_to_kernel_nofault_oob+0xc8/0x418 [ 30.664944] kunit_try_run_case+0x170/0x3f0 [ 30.665206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.665354] kthread+0x328/0x630 [ 30.665454] ret_from_fork+0x10/0x20 [ 30.665570] [ 30.665671] The buggy address belongs to the object at fff00000c7772900 [ 30.665671] which belongs to the cache kmalloc-128 of size 128 [ 30.665929] The buggy address is located 0 bytes to the right of [ 30.665929] allocated 120-byte region [fff00000c7772900, fff00000c7772978) [ 30.666205] [ 30.666264] The buggy address belongs to the physical page: [ 30.666345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 30.666485] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.666610] page_type: f5(slab) [ 30.666727] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 30.666936] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 30.667047] page dumped because: kasan: bad access detected [ 30.667209] [ 30.667270] Memory state around the buggy address: [ 30.667360] fff00000c7772800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 30.667479] fff00000c7772880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.667628] >fff00000c7772900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 30.667833] ^ [ 30.667965] fff00000c7772980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.668079] fff00000c7772a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.668195] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 30.516716] ================================================================== [ 30.516892] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 30.517080] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 30.517637] [ 30.517737] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.518471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.518675] Hardware name: linux,dummy-virt (DT) [ 30.518952] Call trace: [ 30.519024] show_stack+0x20/0x38 (C) [ 30.519157] dump_stack_lvl+0x8c/0xd0 [ 30.519305] print_report+0x310/0x608 [ 30.519480] kasan_report+0xdc/0x128 [ 30.519692] __asan_report_load1_noabort+0x20/0x30 [ 30.519938] vmalloc_oob+0x578/0x5d0 [ 30.520354] kunit_try_run_case+0x170/0x3f0 [ 30.520887] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.521149] kthread+0x328/0x630 [ 30.521467] ret_from_fork+0x10/0x20 [ 30.521906] [ 30.522041] The buggy address belongs to the virtual mapping at [ 30.522041] [ffff8000800fe000, ffff800080100000) created by: [ 30.522041] vmalloc_oob+0x98/0x5d0 [ 30.522355] [ 30.522535] The buggy address belongs to the physical page: [ 30.522730] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106473 [ 30.523196] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.523800] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 30.523968] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.524076] page dumped because: kasan: bad access detected [ 30.524192] [ 30.524267] Memory state around the buggy address: [ 30.524352] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.524641] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.524951] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 30.525064] ^ [ 30.525184] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 30.525317] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 30.526047] ================================================================== [ 30.528408] ================================================================== [ 30.528646] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 30.529166] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 30.529350] [ 30.529430] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.529648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.529724] Hardware name: linux,dummy-virt (DT) [ 30.529799] Call trace: [ 30.530375] show_stack+0x20/0x38 (C) [ 30.530546] dump_stack_lvl+0x8c/0xd0 [ 30.530675] print_report+0x310/0x608 [ 30.530813] kasan_report+0xdc/0x128 [ 30.531403] __asan_report_load1_noabort+0x20/0x30 [ 30.531581] vmalloc_oob+0x51c/0x5d0 [ 30.531699] kunit_try_run_case+0x170/0x3f0 [ 30.531884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.532283] kthread+0x328/0x630 [ 30.532437] ret_from_fork+0x10/0x20 [ 30.532643] [ 30.532703] The buggy address belongs to the virtual mapping at [ 30.532703] [ffff8000800fe000, ffff800080100000) created by: [ 30.532703] vmalloc_oob+0x98/0x5d0 [ 30.533492] [ 30.533871] The buggy address belongs to the physical page: [ 30.533968] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106473 [ 30.534746] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.535049] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 30.535194] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 30.535330] page dumped because: kasan: bad access detected [ 30.535414] [ 30.535506] Memory state around the buggy address: [ 30.535634] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.535904] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 30.536441] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 30.536609] ^ [ 30.536802] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 30.537049] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 30.537151] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 30.101111] ================================================================== [ 30.101226] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 30.101359] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.101487] [ 30.101578] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.101789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.102983] Hardware name: linux,dummy-virt (DT) [ 30.103240] Call trace: [ 30.103306] show_stack+0x20/0x38 (C) [ 30.103440] dump_stack_lvl+0x8c/0xd0 [ 30.103558] print_report+0x118/0x608 [ 30.104355] kasan_report+0xdc/0x128 [ 30.107436] kasan_check_range+0x100/0x1a8 [ 30.107568] __kasan_check_write+0x20/0x30 [ 30.107714] kasan_atomics_helper+0xf20/0x4858 [ 30.107957] kasan_atomics+0x198/0x2e0 [ 30.108291] kunit_try_run_case+0x170/0x3f0 [ 30.108484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.108881] kthread+0x328/0x630 [ 30.109177] ret_from_fork+0x10/0x20 [ 30.109313] [ 30.109373] Allocated by task 265: [ 30.109461] kasan_save_stack+0x3c/0x68 [ 30.109570] kasan_save_track+0x20/0x40 [ 30.109670] kasan_save_alloc_info+0x40/0x58 [ 30.109794] __kasan_kmalloc+0xd4/0xd8 [ 30.109918] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.110035] kasan_atomics+0xb8/0x2e0 [ 30.110135] kunit_try_run_case+0x170/0x3f0 [ 30.110587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.110890] kthread+0x328/0x630 [ 30.111335] ret_from_fork+0x10/0x20 [ 30.111504] [ 30.111571] The buggy address belongs to the object at fff00000c7751400 [ 30.111571] which belongs to the cache kmalloc-64 of size 64 [ 30.111724] The buggy address is located 0 bytes to the right of [ 30.111724] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.112166] [ 30.112471] The buggy address belongs to the physical page: [ 30.112985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.113191] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.113956] page_type: f5(slab) [ 30.114190] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.115005] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.115307] page dumped because: kasan: bad access detected [ 30.115819] [ 30.115894] Memory state around the buggy address: [ 30.115992] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.116997] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.117208] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.117309] ^ [ 30.117394] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.117506] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.118627] ================================================================== [ 29.851330] ================================================================== [ 29.851571] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 29.851703] Write of size 4 at addr fff00000c7751430 by task kunit_try_catch/265 [ 29.851857] [ 29.851938] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 29.852159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.852248] Hardware name: linux,dummy-virt (DT) [ 29.852385] Call trace: [ 29.852461] show_stack+0x20/0x38 (C) [ 29.852734] dump_stack_lvl+0x8c/0xd0 [ 29.853254] print_report+0x118/0x608 [ 29.853466] kasan_report+0xdc/0x128 [ 29.853599] kasan_check_range+0x100/0x1a8 [ 29.854727] __kasan_check_write+0x20/0x30 [ 29.855082] kasan_atomics_helper+0x99c/0x4858 [ 29.855466] kasan_atomics+0x198/0x2e0 [ 29.855868] kunit_try_run_case+0x170/0x3f0 [ 29.856072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.856329] kthread+0x328/0x630 [ 29.856706] ret_from_fork+0x10/0x20 [ 29.857114] [ 29.857172] Allocated by task 265: [ 29.857252] kasan_save_stack+0x3c/0x68 [ 29.857371] kasan_save_track+0x20/0x40 [ 29.857588] kasan_save_alloc_info+0x40/0x58 [ 29.857699] __kasan_kmalloc+0xd4/0xd8 [ 29.857864] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.858169] kasan_atomics+0xb8/0x2e0 [ 29.858429] kunit_try_run_case+0x170/0x3f0 [ 29.858567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.858692] kthread+0x328/0x630 [ 29.858849] ret_from_fork+0x10/0x20 [ 29.858966] [ 29.859064] The buggy address belongs to the object at fff00000c7751400 [ 29.859064] which belongs to the cache kmalloc-64 of size 64 [ 29.859253] The buggy address is located 0 bytes to the right of [ 29.859253] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 29.859429] [ 29.859490] The buggy address belongs to the physical page: [ 29.859605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 29.859770] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.859969] page_type: f5(slab) [ 29.860089] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.860227] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.860341] page dumped because: kasan: bad access detected [ 29.860445] [ 29.860573] Memory state around the buggy address: [ 29.860761] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.860905] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 29.861105] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.861223] ^ [ 29.861318] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.861467] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.861569] ================================================================== [ 29.999143] ================================================================== [ 29.999253] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 29.999801] Write of size 4 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.000797] [ 30.000924] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.001078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.001154] Hardware name: linux,dummy-virt (DT) [ 30.001274] Call trace: [ 30.001422] show_stack+0x20/0x38 (C) [ 30.003160] dump_stack_lvl+0x8c/0xd0 [ 30.003340] print_report+0x118/0x608 [ 30.003474] kasan_report+0xdc/0x128 [ 30.003602] kasan_check_range+0x100/0x1a8 [ 30.004001] __kasan_check_write+0x20/0x30 [ 30.004343] kasan_atomics_helper+0xd3c/0x4858 [ 30.004715] kasan_atomics+0x198/0x2e0 [ 30.004938] kunit_try_run_case+0x170/0x3f0 [ 30.005088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.005246] kthread+0x328/0x630 [ 30.007901] ret_from_fork+0x10/0x20 [ 30.008057] [ 30.008186] Allocated by task 265: [ 30.008272] kasan_save_stack+0x3c/0x68 [ 30.008399] kasan_save_track+0x20/0x40 [ 30.008503] kasan_save_alloc_info+0x40/0x58 [ 30.008606] __kasan_kmalloc+0xd4/0xd8 [ 30.009217] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.009347] kasan_atomics+0xb8/0x2e0 [ 30.009465] kunit_try_run_case+0x170/0x3f0 [ 30.009587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.009725] kthread+0x328/0x630 [ 30.009864] ret_from_fork+0x10/0x20 [ 30.009995] [ 30.010090] The buggy address belongs to the object at fff00000c7751400 [ 30.010090] which belongs to the cache kmalloc-64 of size 64 [ 30.010253] The buggy address is located 0 bytes to the right of [ 30.010253] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.010475] [ 30.010549] The buggy address belongs to the physical page: [ 30.010639] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.010778] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.011272] page_type: f5(slab) [ 30.012174] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.012310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.012415] page dumped because: kasan: bad access detected [ 30.012502] [ 30.012650] Memory state around the buggy address: [ 30.012775] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.012977] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.013140] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.013257] ^ [ 30.013958] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.014737] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.014913] ================================================================== [ 30.288211] ================================================================== [ 30.288323] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 30.288452] Read of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.288576] [ 30.288952] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.290081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.290250] Hardware name: linux,dummy-virt (DT) [ 30.290363] Call trace: [ 30.290450] show_stack+0x20/0x38 (C) [ 30.290684] dump_stack_lvl+0x8c/0xd0 [ 30.290947] print_report+0x118/0x608 [ 30.291143] kasan_report+0xdc/0x128 [ 30.291306] __asan_report_load8_noabort+0x20/0x30 [ 30.291509] kasan_atomics_helper+0x3f04/0x4858 [ 30.291683] kasan_atomics+0x198/0x2e0 [ 30.292098] kunit_try_run_case+0x170/0x3f0 [ 30.292272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.292648] kthread+0x328/0x630 [ 30.292851] ret_from_fork+0x10/0x20 [ 30.293007] [ 30.293108] Allocated by task 265: [ 30.293528] kasan_save_stack+0x3c/0x68 [ 30.293874] kasan_save_track+0x20/0x40 [ 30.294042] kasan_save_alloc_info+0x40/0x58 [ 30.294245] __kasan_kmalloc+0xd4/0xd8 [ 30.294367] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.294575] kasan_atomics+0xb8/0x2e0 [ 30.294697] kunit_try_run_case+0x170/0x3f0 [ 30.295258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.295466] kthread+0x328/0x630 [ 30.295717] ret_from_fork+0x10/0x20 [ 30.295940] [ 30.296004] The buggy address belongs to the object at fff00000c7751400 [ 30.296004] which belongs to the cache kmalloc-64 of size 64 [ 30.296155] The buggy address is located 0 bytes to the right of [ 30.296155] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.296581] [ 30.296694] The buggy address belongs to the physical page: [ 30.296817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.297089] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.297546] page_type: f5(slab) [ 30.297823] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.298130] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.298243] page dumped because: kasan: bad access detected [ 30.298949] [ 30.299424] Memory state around the buggy address: [ 30.299902] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.300174] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.300294] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.300392] ^ [ 30.300546] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.300661] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.300758] ================================================================== [ 30.213970] ================================================================== [ 30.214381] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 30.214723] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.214906] [ 30.215070] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.215356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.215492] Hardware name: linux,dummy-virt (DT) [ 30.215583] Call trace: [ 30.215807] show_stack+0x20/0x38 (C) [ 30.215997] dump_stack_lvl+0x8c/0xd0 [ 30.216198] print_report+0x118/0x608 [ 30.216334] kasan_report+0xdc/0x128 [ 30.216901] kasan_check_range+0x100/0x1a8 [ 30.217289] __kasan_check_write+0x20/0x30 [ 30.217898] kasan_atomics_helper+0x1190/0x4858 [ 30.218070] kasan_atomics+0x198/0x2e0 [ 30.218598] kunit_try_run_case+0x170/0x3f0 [ 30.218734] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.218895] kthread+0x328/0x630 [ 30.219010] ret_from_fork+0x10/0x20 [ 30.219127] [ 30.222798] Allocated by task 265: [ 30.222944] kasan_save_stack+0x3c/0x68 [ 30.223085] kasan_save_track+0x20/0x40 [ 30.223185] kasan_save_alloc_info+0x40/0x58 [ 30.223279] __kasan_kmalloc+0xd4/0xd8 [ 30.223362] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.223455] kasan_atomics+0xb8/0x2e0 [ 30.223536] kunit_try_run_case+0x170/0x3f0 [ 30.223625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.223727] kthread+0x328/0x630 [ 30.223819] ret_from_fork+0x10/0x20 [ 30.223924] [ 30.223970] The buggy address belongs to the object at fff00000c7751400 [ 30.223970] which belongs to the cache kmalloc-64 of size 64 [ 30.224104] The buggy address is located 0 bytes to the right of [ 30.224104] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.224251] [ 30.224300] The buggy address belongs to the physical page: [ 30.224376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.224517] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.225793] page_type: f5(slab) [ 30.226008] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.226486] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.226594] page dumped because: kasan: bad access detected [ 30.226743] [ 30.226824] Memory state around the buggy address: [ 30.227196] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.228294] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.229560] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.229866] ^ [ 30.229977] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.230432] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.230539] ================================================================== [ 29.426581] ================================================================== [ 29.454748] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40a8/0x4858 [ 29.456216] print_report+0x118/0x608 [ 29.457851] ret_from_fork+0x10/0x20 [ 29.460580] kasan_atomics+0xb8/0x2e0 [ 29.463680] [ 29.463747] The buggy address belongs to the physical page: [ 29.464022] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 29.464374] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.464540] page_type: f5(slab) [ 29.465518] page dumped because: kasan: bad access detected [ 29.466461] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.467416] ================================================================== [ 30.342817] ================================================================== [ 30.343077] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 30.343199] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.343338] [ 30.343934] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.344162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.344234] Hardware name: linux,dummy-virt (DT) [ 30.344317] Call trace: [ 30.344377] show_stack+0x20/0x38 (C) [ 30.344511] dump_stack_lvl+0x8c/0xd0 [ 30.344637] print_report+0x118/0x608 [ 30.344755] kasan_report+0xdc/0x128 [ 30.344892] kasan_check_range+0x100/0x1a8 [ 30.345014] __kasan_check_write+0x20/0x30 [ 30.346524] kasan_atomics_helper+0x154c/0x4858 [ 30.347169] kasan_atomics+0x198/0x2e0 [ 30.347464] kunit_try_run_case+0x170/0x3f0 [ 30.347955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.348340] kthread+0x328/0x630 [ 30.348719] ret_from_fork+0x10/0x20 [ 30.349101] [ 30.349303] Allocated by task 265: [ 30.349479] kasan_save_stack+0x3c/0x68 [ 30.349796] kasan_save_track+0x20/0x40 [ 30.350191] kasan_save_alloc_info+0x40/0x58 [ 30.350386] __kasan_kmalloc+0xd4/0xd8 [ 30.350669] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.350796] kasan_atomics+0xb8/0x2e0 [ 30.351033] kunit_try_run_case+0x170/0x3f0 [ 30.351143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.351268] kthread+0x328/0x630 [ 30.351372] ret_from_fork+0x10/0x20 [ 30.351498] [ 30.351586] The buggy address belongs to the object at fff00000c7751400 [ 30.351586] which belongs to the cache kmalloc-64 of size 64 [ 30.351731] The buggy address is located 0 bytes to the right of [ 30.351731] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.352329] [ 30.352390] The buggy address belongs to the physical page: [ 30.353218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.353379] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.353929] page_type: f5(slab) [ 30.354284] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.354579] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.354742] page dumped because: kasan: bad access detected [ 30.355160] [ 30.355393] Memory state around the buggy address: [ 30.355482] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.355957] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.356558] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.356861] ^ [ 30.357242] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.357366] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.359049] ================================================================== [ 30.458499] ================================================================== [ 30.458748] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 30.458916] Read of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.459039] [ 30.459114] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.459309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.459385] Hardware name: linux,dummy-virt (DT) [ 30.459937] Call trace: [ 30.460015] show_stack+0x20/0x38 (C) [ 30.460162] dump_stack_lvl+0x8c/0xd0 [ 30.460380] print_report+0x118/0x608 [ 30.460815] kasan_report+0xdc/0x128 [ 30.461122] __asan_report_load8_noabort+0x20/0x30 [ 30.461474] kasan_atomics_helper+0x3e20/0x4858 [ 30.461790] kasan_atomics+0x198/0x2e0 [ 30.461950] kunit_try_run_case+0x170/0x3f0 [ 30.462091] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.462283] kthread+0x328/0x630 [ 30.462591] ret_from_fork+0x10/0x20 [ 30.462737] [ 30.462790] Allocated by task 265: [ 30.463183] kasan_save_stack+0x3c/0x68 [ 30.463305] kasan_save_track+0x20/0x40 [ 30.463417] kasan_save_alloc_info+0x40/0x58 [ 30.464055] __kasan_kmalloc+0xd4/0xd8 [ 30.464653] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.464794] kasan_atomics+0xb8/0x2e0 [ 30.466011] kunit_try_run_case+0x170/0x3f0 [ 30.466569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.466889] kthread+0x328/0x630 [ 30.466999] ret_from_fork+0x10/0x20 [ 30.467576] [ 30.467640] The buggy address belongs to the object at fff00000c7751400 [ 30.467640] which belongs to the cache kmalloc-64 of size 64 [ 30.468124] The buggy address is located 0 bytes to the right of [ 30.468124] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.468507] [ 30.468565] The buggy address belongs to the physical page: [ 30.468676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.469074] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.469227] page_type: f5(slab) [ 30.469342] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.469495] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.469611] page dumped because: kasan: bad access detected [ 30.470131] [ 30.470303] Memory state around the buggy address: [ 30.470393] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.470521] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.470637] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.470830] ^ [ 30.471050] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.471173] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.471468] ================================================================== [ 30.230955] ================================================================== [ 30.231525] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 30.232219] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.232373] [ 30.233095] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.233337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.233423] Hardware name: linux,dummy-virt (DT) [ 30.233661] Call trace: [ 30.233747] show_stack+0x20/0x38 (C) [ 30.234149] dump_stack_lvl+0x8c/0xd0 [ 30.234703] print_report+0x118/0x608 [ 30.234874] kasan_report+0xdc/0x128 [ 30.234999] kasan_check_range+0x100/0x1a8 [ 30.235487] __kasan_check_write+0x20/0x30 [ 30.235921] kasan_atomics_helper+0x11f8/0x4858 [ 30.236092] kasan_atomics+0x198/0x2e0 [ 30.236634] kunit_try_run_case+0x170/0x3f0 [ 30.237069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.237213] kthread+0x328/0x630 [ 30.237643] ret_from_fork+0x10/0x20 [ 30.237947] [ 30.238001] Allocated by task 265: [ 30.238171] kasan_save_stack+0x3c/0x68 [ 30.238481] kasan_save_track+0x20/0x40 [ 30.239039] kasan_save_alloc_info+0x40/0x58 [ 30.239556] __kasan_kmalloc+0xd4/0xd8 [ 30.239667] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.240409] kasan_atomics+0xb8/0x2e0 [ 30.240715] kunit_try_run_case+0x170/0x3f0 [ 30.240816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.241035] kthread+0x328/0x630 [ 30.241234] ret_from_fork+0x10/0x20 [ 30.241438] [ 30.241760] The buggy address belongs to the object at fff00000c7751400 [ 30.241760] which belongs to the cache kmalloc-64 of size 64 [ 30.241932] The buggy address is located 0 bytes to the right of [ 30.241932] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.242103] [ 30.242861] The buggy address belongs to the physical page: [ 30.243040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.243292] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.243421] page_type: f5(slab) [ 30.243522] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.243698] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.244903] page dumped because: kasan: bad access detected [ 30.245125] [ 30.245403] Memory state around the buggy address: [ 30.245812] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.245952] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.246064] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.246159] ^ [ 30.246249] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.247174] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.247789] ================================================================== [ 30.375642] ================================================================== [ 30.375755] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 30.375912] Read of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.376033] [ 30.376130] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.376352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.376431] Hardware name: linux,dummy-virt (DT) [ 30.376618] Call trace: [ 30.376743] show_stack+0x20/0x38 (C) [ 30.376968] dump_stack_lvl+0x8c/0xd0 [ 30.377129] print_report+0x118/0x608 [ 30.377257] kasan_report+0xdc/0x128 [ 30.377402] __asan_report_load8_noabort+0x20/0x30 [ 30.377787] kasan_atomics_helper+0x3db0/0x4858 [ 30.377952] kasan_atomics+0x198/0x2e0 [ 30.378114] kunit_try_run_case+0x170/0x3f0 [ 30.378301] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.378538] kthread+0x328/0x630 [ 30.378826] ret_from_fork+0x10/0x20 [ 30.378999] [ 30.379142] Allocated by task 265: [ 30.379317] kasan_save_stack+0x3c/0x68 [ 30.379420] kasan_save_track+0x20/0x40 [ 30.379680] kasan_save_alloc_info+0x40/0x58 [ 30.379801] __kasan_kmalloc+0xd4/0xd8 [ 30.379918] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.380022] kasan_atomics+0xb8/0x2e0 [ 30.380181] kunit_try_run_case+0x170/0x3f0 [ 30.380305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.381128] kthread+0x328/0x630 [ 30.381260] ret_from_fork+0x10/0x20 [ 30.381390] [ 30.381570] The buggy address belongs to the object at fff00000c7751400 [ 30.381570] which belongs to the cache kmalloc-64 of size 64 [ 30.381718] The buggy address is located 0 bytes to the right of [ 30.381718] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.381893] [ 30.381951] The buggy address belongs to the physical page: [ 30.382032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.382158] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.382273] page_type: f5(slab) [ 30.382368] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.382499] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.382641] page dumped because: kasan: bad access detected [ 30.382720] [ 30.382778] Memory state around the buggy address: [ 30.382891] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.383064] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.383179] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.383500] ^ [ 30.383608] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.383752] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.383873] ================================================================== [ 30.416245] ================================================================== [ 30.416435] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 30.416581] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.416708] [ 30.416791] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.417012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.417145] Hardware name: linux,dummy-virt (DT) [ 30.417246] Call trace: [ 30.417318] show_stack+0x20/0x38 (C) [ 30.417714] dump_stack_lvl+0x8c/0xd0 [ 30.417919] print_report+0x118/0x608 [ 30.418063] kasan_report+0xdc/0x128 [ 30.418403] kasan_check_range+0x100/0x1a8 [ 30.418568] __kasan_check_write+0x20/0x30 [ 30.418696] kasan_atomics_helper+0x16d0/0x4858 [ 30.418884] kasan_atomics+0x198/0x2e0 [ 30.419132] kunit_try_run_case+0x170/0x3f0 [ 30.419315] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.419469] kthread+0x328/0x630 [ 30.419805] ret_from_fork+0x10/0x20 [ 30.419983] [ 30.420043] Allocated by task 265: [ 30.420126] kasan_save_stack+0x3c/0x68 [ 30.420248] kasan_save_track+0x20/0x40 [ 30.420406] kasan_save_alloc_info+0x40/0x58 [ 30.420535] __kasan_kmalloc+0xd4/0xd8 [ 30.420648] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.420802] kasan_atomics+0xb8/0x2e0 [ 30.420984] kunit_try_run_case+0x170/0x3f0 [ 30.421167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.421274] kthread+0x328/0x630 [ 30.421324] ret_from_fork+0x10/0x20 [ 30.421371] [ 30.421415] The buggy address belongs to the object at fff00000c7751400 [ 30.421415] which belongs to the cache kmalloc-64 of size 64 [ 30.421683] The buggy address is located 0 bytes to the right of [ 30.421683] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.421888] [ 30.421950] The buggy address belongs to the physical page: [ 30.422029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.422200] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.422324] page_type: f5(slab) [ 30.422516] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.422857] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.423025] page dumped because: kasan: bad access detected [ 30.423245] [ 30.423300] Memory state around the buggy address: [ 30.423381] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.423541] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.423684] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.423906] ^ [ 30.424019] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.424151] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.424262] ================================================================== [ 29.987897] ================================================================== [ 29.989851] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 29.989964] Read of size 4 at addr fff00000c7751430 by task kunit_try_catch/265 [ 29.990034] [ 29.990114] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 29.990331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.990414] Hardware name: linux,dummy-virt (DT) [ 29.990503] Call trace: [ 29.990612] show_stack+0x20/0x38 (C) [ 29.990930] dump_stack_lvl+0x8c/0xd0 [ 29.991152] print_report+0x118/0x608 [ 29.991339] kasan_report+0xdc/0x128 [ 29.991680] __asan_report_load4_noabort+0x20/0x30 [ 29.991941] kasan_atomics_helper+0x3dd8/0x4858 [ 29.992074] kasan_atomics+0x198/0x2e0 [ 29.992135] kunit_try_run_case+0x170/0x3f0 [ 29.992203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.992274] kthread+0x328/0x630 [ 29.992332] ret_from_fork+0x10/0x20 [ 29.992395] [ 29.992422] Allocated by task 265: [ 29.992461] kasan_save_stack+0x3c/0x68 [ 29.992516] kasan_save_track+0x20/0x40 [ 29.992566] kasan_save_alloc_info+0x40/0x58 [ 29.992618] __kasan_kmalloc+0xd4/0xd8 [ 29.992666] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.992719] kasan_atomics+0xb8/0x2e0 [ 29.992766] kunit_try_run_case+0x170/0x3f0 [ 29.992816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.992940] kthread+0x328/0x630 [ 29.993028] ret_from_fork+0x10/0x20 [ 29.993163] [ 29.993323] The buggy address belongs to the object at fff00000c7751400 [ 29.993323] which belongs to the cache kmalloc-64 of size 64 [ 29.993474] The buggy address is located 0 bytes to the right of [ 29.993474] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 29.993633] [ 29.993726] The buggy address belongs to the physical page: [ 29.993959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 29.994095] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.994227] page_type: f5(slab) [ 29.994447] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.994794] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.994954] page dumped because: kasan: bad access detected [ 29.995556] [ 29.995715] Memory state around the buggy address: [ 29.996243] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.996433] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 29.996601] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.996828] ^ [ 29.997335] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.997530] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.997732] ================================================================== [ 30.425606] ================================================================== [ 30.425718] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 30.425831] Read of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.425976] [ 30.426059] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.426562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.426649] Hardware name: linux,dummy-virt (DT) [ 30.426748] Call trace: [ 30.426804] show_stack+0x20/0x38 (C) [ 30.427188] dump_stack_lvl+0x8c/0xd0 [ 30.427384] print_report+0x118/0x608 [ 30.428039] kasan_report+0xdc/0x128 [ 30.428177] __asan_report_load8_noabort+0x20/0x30 [ 30.428431] kasan_atomics_helper+0x3e10/0x4858 [ 30.428884] kasan_atomics+0x198/0x2e0 [ 30.429152] kunit_try_run_case+0x170/0x3f0 [ 30.429357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.429644] kthread+0x328/0x630 [ 30.429996] ret_from_fork+0x10/0x20 [ 30.430128] [ 30.430176] Allocated by task 265: [ 30.430249] kasan_save_stack+0x3c/0x68 [ 30.430346] kasan_save_track+0x20/0x40 [ 30.430453] kasan_save_alloc_info+0x40/0x58 [ 30.430557] __kasan_kmalloc+0xd4/0xd8 [ 30.430773] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.430961] kasan_atomics+0xb8/0x2e0 [ 30.431081] kunit_try_run_case+0x170/0x3f0 [ 30.431198] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.431803] kthread+0x328/0x630 [ 30.431950] ret_from_fork+0x10/0x20 [ 30.432062] [ 30.432124] The buggy address belongs to the object at fff00000c7751400 [ 30.432124] which belongs to the cache kmalloc-64 of size 64 [ 30.432768] The buggy address is located 0 bytes to the right of [ 30.432768] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.433209] [ 30.433338] The buggy address belongs to the physical page: [ 30.433418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.433553] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.433678] page_type: f5(slab) [ 30.434235] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.434520] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.434631] page dumped because: kasan: bad access detected [ 30.434721] [ 30.434849] Memory state around the buggy address: [ 30.435034] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.435153] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.435268] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.435369] ^ [ 30.435466] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.437145] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.437261] ================================================================== [ 29.822339] ================================================================== [ 29.822447] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 29.822571] Read of size 4 at addr fff00000c7751430 by task kunit_try_catch/265 [ 29.822706] [ 29.822778] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 29.823601] print_report+0x118/0x608 [ 29.828168] kasan_save_alloc_info+0x40/0x58 [ 29.828285] __kasan_kmalloc+0xd4/0xd8 [ 29.829831] The buggy address is located 0 bytes to the right of [ 29.829831] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 29.830919] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.832918] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.838131] Call trace: [ 29.838189] show_stack+0x20/0x38 (C) [ 29.838309] dump_stack_lvl+0x8c/0xd0 [ 29.838441] print_report+0x118/0x608 [ 29.838561] kasan_report+0xdc/0x128 [ 29.838681] kasan_check_range+0x100/0x1a8 [ 29.838820] __kasan_check_write+0x20/0x30 [ 29.841071] kasan_atomics_helper+0x934/0x4858 [ 29.841203] kasan_atomics+0x198/0x2e0 [ 29.841385] kunit_try_run_case+0x170/0x3f0 [ 29.841523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.841661] kthread+0x328/0x630 [ 29.841769] ret_from_fork+0x10/0x20 [ 29.842340] [ 29.842415] Allocated by task 265: [ 29.842883] kasan_save_stack+0x3c/0x68 [ 29.843011] kasan_save_track+0x20/0x40 [ 29.843423] kasan_save_alloc_info+0x40/0x58 [ 29.843827] __kasan_kmalloc+0xd4/0xd8 [ 29.843963] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.844072] kasan_atomics+0xb8/0x2e0 [ 29.844166] kunit_try_run_case+0x170/0x3f0 [ 29.844264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.844380] kthread+0x328/0x630 [ 29.845304] ret_from_fork+0x10/0x20 [ 29.845418] [ 29.845536] The buggy address belongs to the object at fff00000c7751400 [ 29.845536] which belongs to the cache kmalloc-64 of size 64 [ 29.845674] The buggy address is located 0 bytes to the right of [ 29.845674] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 29.845850] [ 29.846024] The buggy address belongs to the physical page: [ 29.846511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 29.846696] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.846825] page_type: f5(slab) [ 29.846955] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.847102] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.847210] page dumped because: kasan: bad access detected [ 29.847292] [ 29.847346] Memory state around the buggy address: [ 29.848707] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.849154] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 29.849301] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.849410] ^ [ 29.849508] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.849730] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.849989] ================================================================== [ 30.473031] ================================================================== [ 30.473789] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 30.474270] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.474451] [ 30.474529] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.475104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.475191] Hardware name: linux,dummy-virt (DT) [ 30.475270] Call trace: [ 30.475329] show_stack+0x20/0x38 (C) [ 30.475457] dump_stack_lvl+0x8c/0xd0 [ 30.475577] print_report+0x118/0x608 [ 30.475699] kasan_report+0xdc/0x128 [ 30.475868] kasan_check_range+0x100/0x1a8 [ 30.476428] __kasan_check_write+0x20/0x30 [ 30.476722] kasan_atomics_helper+0x17ec/0x4858 [ 30.476873] kasan_atomics+0x198/0x2e0 [ 30.477025] kunit_try_run_case+0x170/0x3f0 [ 30.477186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.477547] kthread+0x328/0x630 [ 30.477665] ret_from_fork+0x10/0x20 [ 30.477964] [ 30.478032] Allocated by task 265: [ 30.478103] kasan_save_stack+0x3c/0x68 [ 30.478281] kasan_save_track+0x20/0x40 [ 30.478394] kasan_save_alloc_info+0x40/0x58 [ 30.478706] __kasan_kmalloc+0xd4/0xd8 [ 30.479677] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.480007] kasan_atomics+0xb8/0x2e0 [ 30.480275] kunit_try_run_case+0x170/0x3f0 [ 30.480463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.480770] kthread+0x328/0x630 [ 30.480881] ret_from_fork+0x10/0x20 [ 30.480980] [ 30.481035] The buggy address belongs to the object at fff00000c7751400 [ 30.481035] which belongs to the cache kmalloc-64 of size 64 [ 30.481186] The buggy address is located 0 bytes to the right of [ 30.481186] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.481719] [ 30.481917] The buggy address belongs to the physical page: [ 30.482038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.482194] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.482370] page_type: f5(slab) [ 30.482734] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.483075] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.483184] page dumped because: kasan: bad access detected [ 30.483266] [ 30.483317] Memory state around the buggy address: [ 30.483471] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.483587] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.483700] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.483852] ^ [ 30.483952] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.484080] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.484466] ================================================================== [ 30.120555] ================================================================== [ 30.120668] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 30.120798] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.121365] [ 30.121472] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.121890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.122002] Hardware name: linux,dummy-virt (DT) [ 30.123742] Call trace: [ 30.123850] show_stack+0x20/0x38 (C) [ 30.124201] dump_stack_lvl+0x8c/0xd0 [ 30.124793] print_report+0x118/0x608 [ 30.125301] kasan_report+0xdc/0x128 [ 30.125637] kasan_check_range+0x100/0x1a8 [ 30.126014] __kasan_check_write+0x20/0x30 [ 30.126650] kasan_atomics_helper+0xf88/0x4858 [ 30.128168] kasan_atomics+0x198/0x2e0 [ 30.128347] kunit_try_run_case+0x170/0x3f0 [ 30.129122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.129666] kthread+0x328/0x630 [ 30.129863] ret_from_fork+0x10/0x20 [ 30.130195] [ 30.131070] Allocated by task 265: [ 30.131213] kasan_save_stack+0x3c/0x68 [ 30.131368] kasan_save_track+0x20/0x40 [ 30.132086] kasan_save_alloc_info+0x40/0x58 [ 30.132277] __kasan_kmalloc+0xd4/0xd8 [ 30.132933] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.133439] kasan_atomics+0xb8/0x2e0 [ 30.134052] kunit_try_run_case+0x170/0x3f0 [ 30.134237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.134361] kthread+0x328/0x630 [ 30.134459] ret_from_fork+0x10/0x20 [ 30.135069] [ 30.135128] The buggy address belongs to the object at fff00000c7751400 [ 30.135128] which belongs to the cache kmalloc-64 of size 64 [ 30.135535] The buggy address is located 0 bytes to the right of [ 30.135535] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.135722] [ 30.135833] The buggy address belongs to the physical page: [ 30.136590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.136760] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.136915] page_type: f5(slab) [ 30.137027] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.137172] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.137278] page dumped because: kasan: bad access detected [ 30.137360] [ 30.137412] Memory state around the buggy address: [ 30.137492] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.137605] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.137716] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.137807] ^ [ 30.139327] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.139528] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.139870] ================================================================== [ 30.275175] ================================================================== [ 30.275280] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 30.275498] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.275633] [ 30.275704] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.275932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.276005] Hardware name: linux,dummy-virt (DT) [ 30.276079] Call trace: [ 30.276136] show_stack+0x20/0x38 (C) [ 30.276273] dump_stack_lvl+0x8c/0xd0 [ 30.276477] print_report+0x118/0x608 [ 30.276679] kasan_report+0xdc/0x128 [ 30.277035] kasan_check_range+0x100/0x1a8 [ 30.277285] __kasan_check_write+0x20/0x30 [ 30.277414] kasan_atomics_helper+0x1384/0x4858 [ 30.277738] kasan_atomics+0x198/0x2e0 [ 30.277958] kunit_try_run_case+0x170/0x3f0 [ 30.278459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.279034] kthread+0x328/0x630 [ 30.279480] ret_from_fork+0x10/0x20 [ 30.279806] [ 30.280166] Allocated by task 265: [ 30.280248] kasan_save_stack+0x3c/0x68 [ 30.280350] kasan_save_track+0x20/0x40 [ 30.280449] kasan_save_alloc_info+0x40/0x58 [ 30.281003] __kasan_kmalloc+0xd4/0xd8 [ 30.281949] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.282070] kasan_atomics+0xb8/0x2e0 [ 30.282183] kunit_try_run_case+0x170/0x3f0 [ 30.282858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.283068] kthread+0x328/0x630 [ 30.283174] ret_from_fork+0x10/0x20 [ 30.284893] [ 30.284970] The buggy address belongs to the object at fff00000c7751400 [ 30.284970] which belongs to the cache kmalloc-64 of size 64 [ 30.285130] The buggy address is located 0 bytes to the right of [ 30.285130] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.285305] [ 30.285375] The buggy address belongs to the physical page: [ 30.285466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.285626] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.285777] page_type: f5(slab) [ 30.285965] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.286318] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.286463] page dumped because: kasan: bad access detected [ 30.286544] [ 30.286595] Memory state around the buggy address: [ 30.286720] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.286992] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.287104] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.287206] ^ [ 30.287293] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.287448] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.287731] ================================================================== [ 30.076964] ================================================================== [ 30.077086] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 30.077204] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.077326] [ 30.077406] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.077602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.077676] Hardware name: linux,dummy-virt (DT) [ 30.078200] Call trace: [ 30.078475] show_stack+0x20/0x38 (C) [ 30.078762] dump_stack_lvl+0x8c/0xd0 [ 30.078958] print_report+0x118/0x608 [ 30.079237] kasan_report+0xdc/0x128 [ 30.079413] __asan_report_store8_noabort+0x20/0x30 [ 30.079705] kasan_atomics_helper+0x3e5c/0x4858 [ 30.080065] kasan_atomics+0x198/0x2e0 [ 30.080191] kunit_try_run_case+0x170/0x3f0 [ 30.080313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.080447] kthread+0x328/0x630 [ 30.080553] ret_from_fork+0x10/0x20 [ 30.080674] [ 30.080720] Allocated by task 265: [ 30.080793] kasan_save_stack+0x3c/0x68 [ 30.080919] kasan_save_track+0x20/0x40 [ 30.081484] kasan_save_alloc_info+0x40/0x58 [ 30.082170] __kasan_kmalloc+0xd4/0xd8 [ 30.082529] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.082787] kasan_atomics+0xb8/0x2e0 [ 30.082957] kunit_try_run_case+0x170/0x3f0 [ 30.083061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.083176] kthread+0x328/0x630 [ 30.083258] ret_from_fork+0x10/0x20 [ 30.083347] [ 30.083401] The buggy address belongs to the object at fff00000c7751400 [ 30.083401] which belongs to the cache kmalloc-64 of size 64 [ 30.083537] The buggy address is located 0 bytes to the right of [ 30.083537] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.083688] [ 30.083742] The buggy address belongs to the physical page: [ 30.083858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.083997] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.084132] page_type: f5(slab) [ 30.084779] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.085517] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.085665] page dumped because: kasan: bad access detected [ 30.086039] [ 30.086121] Memory state around the buggy address: [ 30.086399] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.086514] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.086623] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.086717] ^ [ 30.086805] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.086946] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.087043] ================================================================== [ 30.249004] ================================================================== [ 30.249237] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 30.250058] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.250219] [ 30.250351] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.250574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.250647] Hardware name: linux,dummy-virt (DT) [ 30.250722] Call trace: [ 30.250783] show_stack+0x20/0x38 (C) [ 30.250929] dump_stack_lvl+0x8c/0xd0 [ 30.251058] print_report+0x118/0x608 [ 30.251182] kasan_report+0xdc/0x128 [ 30.251298] kasan_check_range+0x100/0x1a8 [ 30.252801] __kasan_check_write+0x20/0x30 [ 30.253083] kasan_atomics_helper+0x126c/0x4858 [ 30.254067] kasan_atomics+0x198/0x2e0 [ 30.254443] kunit_try_run_case+0x170/0x3f0 [ 30.254723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.255218] kthread+0x328/0x630 [ 30.255870] ret_from_fork+0x10/0x20 [ 30.256089] [ 30.256754] Allocated by task 265: [ 30.257069] kasan_save_stack+0x3c/0x68 [ 30.257247] kasan_save_track+0x20/0x40 [ 30.257362] kasan_save_alloc_info+0x40/0x58 [ 30.257469] __kasan_kmalloc+0xd4/0xd8 [ 30.257799] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.258754] kasan_atomics+0xb8/0x2e0 [ 30.258975] kunit_try_run_case+0x170/0x3f0 [ 30.259094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.259222] kthread+0x328/0x630 [ 30.259311] ret_from_fork+0x10/0x20 [ 30.259405] [ 30.259462] The buggy address belongs to the object at fff00000c7751400 [ 30.259462] which belongs to the cache kmalloc-64 of size 64 [ 30.260776] The buggy address is located 0 bytes to the right of [ 30.260776] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.261949] [ 30.262136] The buggy address belongs to the physical page: [ 30.262221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.262357] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.262470] page_type: f5(slab) [ 30.262568] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.263102] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.263331] page dumped because: kasan: bad access detected [ 30.263425] [ 30.263487] Memory state around the buggy address: [ 30.264036] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.264438] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.264620] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.264772] ^ [ 30.264885] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.264997] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.265098] ================================================================== [ 30.401498] ================================================================== [ 30.401614] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 30.401856] Read of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.402207] [ 30.402647] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.403104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.403182] Hardware name: linux,dummy-virt (DT) [ 30.403259] Call trace: [ 30.403317] show_stack+0x20/0x38 (C) [ 30.405367] dump_stack_lvl+0x8c/0xd0 [ 30.406459] print_report+0x118/0x608 [ 30.406601] kasan_report+0xdc/0x128 [ 30.406741] __asan_report_load8_noabort+0x20/0x30 [ 30.406900] kasan_atomics_helper+0x3df4/0x4858 [ 30.407041] kasan_atomics+0x198/0x2e0 [ 30.407168] kunit_try_run_case+0x170/0x3f0 [ 30.407297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.407437] kthread+0x328/0x630 [ 30.407554] ret_from_fork+0x10/0x20 [ 30.407696] [ 30.407750] Allocated by task 265: [ 30.407851] kasan_save_stack+0x3c/0x68 [ 30.408147] kasan_save_track+0x20/0x40 [ 30.408254] kasan_save_alloc_info+0x40/0x58 [ 30.408364] __kasan_kmalloc+0xd4/0xd8 [ 30.408459] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.408570] kasan_atomics+0xb8/0x2e0 [ 30.409408] kunit_try_run_case+0x170/0x3f0 [ 30.409703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.410095] kthread+0x328/0x630 [ 30.410194] ret_from_fork+0x10/0x20 [ 30.410778] [ 30.411190] The buggy address belongs to the object at fff00000c7751400 [ 30.411190] which belongs to the cache kmalloc-64 of size 64 [ 30.411549] The buggy address is located 0 bytes to the right of [ 30.411549] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.411900] [ 30.412501] The buggy address belongs to the physical page: [ 30.412605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.412767] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.413201] page_type: f5(slab) [ 30.413522] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.413731] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.413873] page dumped because: kasan: bad access detected [ 30.413994] [ 30.414057] Memory state around the buggy address: [ 30.414153] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.414316] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.414429] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.414854] ^ [ 30.414958] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.415080] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.415187] ================================================================== [ 30.329015] ================================================================== [ 30.329162] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 30.329297] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.329617] [ 30.329714] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.329950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.330051] Hardware name: linux,dummy-virt (DT) [ 30.330174] Call trace: [ 30.330658] show_stack+0x20/0x38 (C) [ 30.331285] dump_stack_lvl+0x8c/0xd0 [ 30.331809] print_report+0x118/0x608 [ 30.332006] kasan_report+0xdc/0x128 [ 30.332150] kasan_check_range+0x100/0x1a8 [ 30.332276] __kasan_check_write+0x20/0x30 [ 30.333418] kasan_atomics_helper+0x14e4/0x4858 [ 30.333780] kasan_atomics+0x198/0x2e0 [ 30.333939] kunit_try_run_case+0x170/0x3f0 [ 30.334072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.334221] kthread+0x328/0x630 [ 30.334337] ret_from_fork+0x10/0x20 [ 30.334456] [ 30.335134] Allocated by task 265: [ 30.335231] kasan_save_stack+0x3c/0x68 [ 30.335341] kasan_save_track+0x20/0x40 [ 30.335438] kasan_save_alloc_info+0x40/0x58 [ 30.335545] __kasan_kmalloc+0xd4/0xd8 [ 30.335968] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.336108] kasan_atomics+0xb8/0x2e0 [ 30.336235] kunit_try_run_case+0x170/0x3f0 [ 30.336451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.336588] kthread+0x328/0x630 [ 30.336770] ret_from_fork+0x10/0x20 [ 30.336887] [ 30.336944] The buggy address belongs to the object at fff00000c7751400 [ 30.336944] which belongs to the cache kmalloc-64 of size 64 [ 30.337150] The buggy address is located 0 bytes to the right of [ 30.337150] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.337336] [ 30.337401] The buggy address belongs to the physical page: [ 30.337510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.337669] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.338217] page_type: f5(slab) [ 30.338819] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.339119] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.339231] page dumped because: kasan: bad access detected [ 30.339347] [ 30.339398] Memory state around the buggy address: [ 30.339476] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.339756] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.339944] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.340093] ^ [ 30.340225] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.340515] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.340651] ================================================================== [ 30.029807] ================================================================== [ 30.030586] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 30.030732] Read of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.030884] [ 30.031138] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.031344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.031416] Hardware name: linux,dummy-virt (DT) [ 30.031491] Call trace: [ 30.031552] show_stack+0x20/0x38 (C) [ 30.031675] dump_stack_lvl+0x8c/0xd0 [ 30.031807] print_report+0x118/0x608 [ 30.031947] kasan_report+0xdc/0x128 [ 30.032066] kasan_check_range+0x100/0x1a8 [ 30.032186] __kasan_check_read+0x20/0x30 [ 30.032301] kasan_atomics_helper+0xdd4/0x4858 [ 30.032420] kasan_atomics+0x198/0x2e0 [ 30.032539] kunit_try_run_case+0x170/0x3f0 [ 30.032672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.032949] kthread+0x328/0x630 [ 30.033151] ret_from_fork+0x10/0x20 [ 30.033329] [ 30.033394] Allocated by task 265: [ 30.033483] kasan_save_stack+0x3c/0x68 [ 30.033598] kasan_save_track+0x20/0x40 [ 30.033719] kasan_save_alloc_info+0x40/0x58 [ 30.033853] __kasan_kmalloc+0xd4/0xd8 [ 30.034067] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.034258] kasan_atomics+0xb8/0x2e0 [ 30.034635] kunit_try_run_case+0x170/0x3f0 [ 30.034770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.034904] kthread+0x328/0x630 [ 30.034995] ret_from_fork+0x10/0x20 [ 30.035087] [ 30.035139] The buggy address belongs to the object at fff00000c7751400 [ 30.035139] which belongs to the cache kmalloc-64 of size 64 [ 30.035282] The buggy address is located 0 bytes to the right of [ 30.035282] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.035443] [ 30.035759] The buggy address belongs to the physical page: [ 30.036949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.039852] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.040346] page_type: f5(slab) [ 30.040473] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.040608] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.040730] page dumped because: kasan: bad access detected [ 30.041903] [ 30.041965] Memory state around the buggy address: [ 30.042055] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.043884] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.044868] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.045155] ^ [ 30.045260] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.045376] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.045490] ================================================================== [ 30.174401] ================================================================== [ 30.174514] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 30.174636] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.174759] [ 30.175111] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.176103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.176205] Hardware name: linux,dummy-virt (DT) [ 30.176303] Call trace: [ 30.176692] show_stack+0x20/0x38 (C) [ 30.177309] dump_stack_lvl+0x8c/0xd0 [ 30.177446] print_report+0x118/0x608 [ 30.177810] kasan_report+0xdc/0x128 [ 30.178402] kasan_check_range+0x100/0x1a8 [ 30.178537] __kasan_check_write+0x20/0x30 [ 30.179016] kasan_atomics_helper+0x10c0/0x4858 [ 30.179536] kasan_atomics+0x198/0x2e0 [ 30.180088] kunit_try_run_case+0x170/0x3f0 [ 30.180260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.180802] kthread+0x328/0x630 [ 30.180959] ret_from_fork+0x10/0x20 [ 30.181725] [ 30.181849] Allocated by task 265: [ 30.181934] kasan_save_stack+0x3c/0x68 [ 30.182420] kasan_save_track+0x20/0x40 [ 30.182544] kasan_save_alloc_info+0x40/0x58 [ 30.183142] __kasan_kmalloc+0xd4/0xd8 [ 30.183573] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.183816] kasan_atomics+0xb8/0x2e0 [ 30.184590] kunit_try_run_case+0x170/0x3f0 [ 30.184733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.185157] kthread+0x328/0x630 [ 30.185349] ret_from_fork+0x10/0x20 [ 30.185448] [ 30.186169] The buggy address belongs to the object at fff00000c7751400 [ 30.186169] which belongs to the cache kmalloc-64 of size 64 [ 30.186372] The buggy address is located 0 bytes to the right of [ 30.186372] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.187000] [ 30.187067] The buggy address belongs to the physical page: [ 30.187461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.187720] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.188092] page_type: f5(slab) [ 30.188225] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.188356] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.188459] page dumped because: kasan: bad access detected [ 30.188541] [ 30.188586] Memory state around the buggy address: [ 30.189163] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.189365] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.189563] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.190096] ^ [ 30.190562] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.190765] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.191181] ================================================================== [ 30.088149] ================================================================== [ 30.088265] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 30.088858] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.089238] [ 30.089331] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.089530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.089600] Hardware name: linux,dummy-virt (DT) [ 30.089679] Call trace: [ 30.089744] show_stack+0x20/0x38 (C) [ 30.089887] dump_stack_lvl+0x8c/0xd0 [ 30.090087] print_report+0x118/0x608 [ 30.090228] kasan_report+0xdc/0x128 [ 30.090351] kasan_check_range+0x100/0x1a8 [ 30.090473] __kasan_check_write+0x20/0x30 [ 30.090595] kasan_atomics_helper+0xeb8/0x4858 [ 30.090721] kasan_atomics+0x198/0x2e0 [ 30.090860] kunit_try_run_case+0x170/0x3f0 [ 30.092171] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.092349] kthread+0x328/0x630 [ 30.093256] ret_from_fork+0x10/0x20 [ 30.093421] [ 30.093479] Allocated by task 265: [ 30.093566] kasan_save_stack+0x3c/0x68 [ 30.093679] kasan_save_track+0x20/0x40 [ 30.093793] kasan_save_alloc_info+0x40/0x58 [ 30.093946] __kasan_kmalloc+0xd4/0xd8 [ 30.094282] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.094402] kasan_atomics+0xb8/0x2e0 [ 30.094495] kunit_try_run_case+0x170/0x3f0 [ 30.094601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.094715] kthread+0x328/0x630 [ 30.094805] ret_from_fork+0x10/0x20 [ 30.094925] [ 30.094978] The buggy address belongs to the object at fff00000c7751400 [ 30.094978] which belongs to the cache kmalloc-64 of size 64 [ 30.095113] The buggy address is located 0 bytes to the right of [ 30.095113] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.095279] [ 30.095338] The buggy address belongs to the physical page: [ 30.095424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.095553] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.095687] page_type: f5(slab) [ 30.095809] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.096416] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.096530] page dumped because: kasan: bad access detected [ 30.096613] [ 30.096658] Memory state around the buggy address: [ 30.096746] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.097758] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.098501] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.098604] ^ [ 30.099792] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.099939] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.100042] ================================================================== [ 29.863111] ================================================================== [ 29.863308] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 29.863536] Write of size 4 at addr fff00000c7751430 by task kunit_try_catch/265 [ 29.863724] [ 29.863817] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 29.864667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.864770] Hardware name: linux,dummy-virt (DT) [ 29.864871] Call trace: [ 29.864952] show_stack+0x20/0x38 (C) [ 29.865132] dump_stack_lvl+0x8c/0xd0 [ 29.865314] print_report+0x118/0x608 [ 29.866221] kasan_report+0xdc/0x128 [ 29.866375] kasan_check_range+0x100/0x1a8 [ 29.867045] __kasan_check_write+0x20/0x30 [ 29.869241] ret_from_fork+0x10/0x20 [ 29.869375] [ 29.869431] Allocated by task 265: [ 29.869513] kasan_save_stack+0x3c/0x68 [ 29.870160] kasan_save_track+0x20/0x40 [ 29.870278] kasan_save_alloc_info+0x40/0x58 [ 29.870383] __kasan_kmalloc+0xd4/0xd8 [ 29.870664] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.871159] kasan_atomics+0xb8/0x2e0 [ 29.871290] kunit_try_run_case+0x170/0x3f0 [ 29.871408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.871608] kthread+0x328/0x630 [ 29.872087] ret_from_fork+0x10/0x20 [ 29.872593] [ 29.872647] The buggy address belongs to the object at fff00000c7751400 [ 29.872647] which belongs to the cache kmalloc-64 of size 64 [ 29.872935] The buggy address is located 0 bytes to the right of [ 29.872935] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 29.873144] [ 29.873198] The buggy address belongs to the physical page: [ 29.873279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 29.873407] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.873529] page_type: f5(slab) [ 29.873653] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.874412] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.874576] page dumped because: kasan: bad access detected [ 29.874701] [ 29.874759] Memory state around the buggy address: [ 29.874861] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.875151] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 29.875295] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.875404] ^ [ 29.875926] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.876047] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.876154] ================================================================== [ 30.062125] ================================================================== [ 30.062230] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 30.063280] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.063430] [ 30.063521] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.063737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.063809] Hardware name: linux,dummy-virt (DT) [ 30.063893] Call trace: [ 30.064564] show_stack+0x20/0x38 (C) [ 30.064740] dump_stack_lvl+0x8c/0xd0 [ 30.064888] print_report+0x118/0x608 [ 30.065020] kasan_report+0xdc/0x128 [ 30.065325] kasan_check_range+0x100/0x1a8 [ 30.065521] __kasan_check_write+0x20/0x30 [ 30.065653] kasan_atomics_helper+0xe44/0x4858 [ 30.065787] kasan_atomics+0x198/0x2e0 [ 30.066187] kunit_try_run_case+0x170/0x3f0 [ 30.066676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.066892] kthread+0x328/0x630 [ 30.067034] ret_from_fork+0x10/0x20 [ 30.068582] [ 30.068641] Allocated by task 265: [ 30.068709] kasan_save_stack+0x3c/0x68 [ 30.068832] kasan_save_track+0x20/0x40 [ 30.069048] kasan_save_alloc_info+0x40/0x58 [ 30.069175] __kasan_kmalloc+0xd4/0xd8 [ 30.069278] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.070595] kasan_atomics+0xb8/0x2e0 [ 30.070932] kunit_try_run_case+0x170/0x3f0 [ 30.071188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.071982] kthread+0x328/0x630 [ 30.072100] ret_from_fork+0x10/0x20 [ 30.072211] [ 30.072261] The buggy address belongs to the object at fff00000c7751400 [ 30.072261] which belongs to the cache kmalloc-64 of size 64 [ 30.072404] The buggy address is located 0 bytes to the right of [ 30.072404] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.072609] [ 30.072691] The buggy address belongs to the physical page: [ 30.072780] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.072961] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.073157] page_type: f5(slab) [ 30.073273] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.073627] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.073738] page dumped because: kasan: bad access detected [ 30.073896] [ 30.073955] Memory state around the buggy address: [ 30.074049] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.074179] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.075242] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.075353] ^ [ 30.075450] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.075884] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.076074] ================================================================== [ 30.316991] ================================================================== [ 30.317207] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 30.317382] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.317777] [ 30.318063] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.318317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.318623] Hardware name: linux,dummy-virt (DT) [ 30.318858] Call trace: [ 30.319122] show_stack+0x20/0x38 (C) [ 30.319267] dump_stack_lvl+0x8c/0xd0 [ 30.319418] print_report+0x118/0x608 [ 30.319599] kasan_report+0xdc/0x128 [ 30.320044] kasan_check_range+0x100/0x1a8 [ 30.320310] __kasan_check_write+0x20/0x30 [ 30.320528] kasan_atomics_helper+0x147c/0x4858 [ 30.320815] kasan_atomics+0x198/0x2e0 [ 30.320966] kunit_try_run_case+0x170/0x3f0 [ 30.321404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.321763] kthread+0x328/0x630 [ 30.322141] ret_from_fork+0x10/0x20 [ 30.322292] [ 30.322347] Allocated by task 265: [ 30.322524] kasan_save_stack+0x3c/0x68 [ 30.322635] kasan_save_track+0x20/0x40 [ 30.322732] kasan_save_alloc_info+0x40/0x58 [ 30.322857] __kasan_kmalloc+0xd4/0xd8 [ 30.323509] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.324014] kasan_atomics+0xb8/0x2e0 [ 30.324295] kunit_try_run_case+0x170/0x3f0 [ 30.324418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.325012] kthread+0x328/0x630 [ 30.325246] ret_from_fork+0x10/0x20 [ 30.325385] [ 30.325454] The buggy address belongs to the object at fff00000c7751400 [ 30.325454] which belongs to the cache kmalloc-64 of size 64 [ 30.325602] The buggy address is located 0 bytes to the right of [ 30.325602] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.325823] [ 30.325908] The buggy address belongs to the physical page: [ 30.326155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.326298] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.326474] page_type: f5(slab) [ 30.326642] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.326783] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.327073] page dumped because: kasan: bad access detected [ 30.327304] [ 30.327435] Memory state around the buggy address: [ 30.327576] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.327734] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.327870] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.328067] ^ [ 30.328157] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.328262] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.328366] ================================================================== [ 29.879118] ================================================================== [ 29.879273] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 29.879419] Write of size 4 at addr fff00000c7751430 by task kunit_try_catch/265 [ 29.879556] [ 29.880105] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 29.880762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.881004] Hardware name: linux,dummy-virt (DT) [ 29.881157] Call trace: [ 29.881301] show_stack+0x20/0x38 (C) [ 29.881451] dump_stack_lvl+0x8c/0xd0 [ 29.881586] print_report+0x118/0x608 [ 29.881725] kasan_report+0xdc/0x128 [ 29.882048] kasan_check_range+0x100/0x1a8 [ 29.882178] __kasan_check_write+0x20/0x30 [ 29.882302] kasan_atomics_helper+0xa6c/0x4858 [ 29.882440] kasan_atomics+0x198/0x2e0 [ 29.882740] kunit_try_run_case+0x170/0x3f0 [ 29.883573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.883807] kthread+0x328/0x630 [ 29.884444] ret_from_fork+0x10/0x20 [ 29.884721] [ 29.884870] Allocated by task 265: [ 29.885174] kasan_save_track+0x20/0x40 [ 29.885293] kasan_save_alloc_info+0x40/0x58 [ 29.885712] __kasan_kmalloc+0xd4/0xd8 [ 29.885928] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.886163] kasan_atomics+0xb8/0x2e0 [ 29.886386] kunit_try_run_case+0x170/0x3f0 [ 29.887591] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.888797] The buggy address is located 0 bytes to the right of [ 29.888797] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 29.893380] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.896022] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.898861] Call trace: [ 29.901591] kasan_save_alloc_info+0x40/0x58 [ 29.901871] __kasan_kmalloc+0xd4/0xd8 [ 29.902132] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.902276] kasan_atomics+0xb8/0x2e0 [ 29.902513] kunit_try_run_case+0x170/0x3f0 [ 29.902622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.902782] kthread+0x328/0x630 [ 29.902912] ret_from_fork+0x10/0x20 [ 29.903076] [ 29.903144] The buggy address belongs to the object at fff00000c7751400 [ 29.903144] which belongs to the cache kmalloc-64 of size 64 [ 29.903284] The buggy address is located 0 bytes to the right of [ 29.903284] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 29.903443] [ 29.903741] The buggy address belongs to the physical page: [ 29.903866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 29.904001] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.904134] page_type: f5(slab) [ 29.904234] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.904503] page dumped because: kasan: bad access detected [ 29.905466] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.908812] kasan_atomics+0x198/0x2e0 [ 29.910210] __kasan_kmalloc+0xd4/0xd8 [ 29.910362] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.910490] kasan_atomics+0xb8/0x2e0 [ 29.910599] kunit_try_run_case+0x170/0x3f0 [ 29.912985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 29.914906] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 29.926067] kasan_save_alloc_info+0x40/0x58 [ 29.927418] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.929466] [ 29.930858] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.931789] page dumped because: kasan: bad access detected [ 29.934361] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.935200] Read of size 4 at addr fff00000c7751430 by task kunit_try_catch/265 [ 29.936102] print_report+0x118/0x608 [ 29.938443] ret_from_fork+0x10/0x20 [ 29.941263] kunit_try_run_case+0x170/0x3f0 [ 29.941368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.941491] kthread+0x328/0x630 [ 29.942956] The buggy address is located 0 bytes to the right of [ 29.942956] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 29.943415] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.943908] page dumped because: kasan: bad access detected [ 29.944117] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.945482] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.947872] Call trace: [ 29.948290] kasan_atomics_helper+0xc08/0x4858 [ 29.949110] __kasan_kmalloc+0xd4/0xd8 [ 29.952662] [ 29.952988] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.960113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.963905] kasan_save_stack+0x3c/0x68 [ 29.964896] ret_from_fork+0x10/0x20 [ 29.965027] [ 29.965296] The buggy address is located 0 bytes to the right of [ 29.965296] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 29.966512] page dumped because: kasan: bad access detected [ 29.967464] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 29.978639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.982973] [ 29.983024] The buggy address belongs to the object at fff00000c7751400 [ 29.983024] which belongs to the cache kmalloc-64 of size 64 [ 29.983173] The buggy address is located 0 bytes to the right of [ 29.983173] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 29.983353] [ 29.983420] The buggy address belongs to the physical page: [ 29.983511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 29.983650] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.983810] page_type: f5(slab) [ 29.984010] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 29.984159] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.984258] page dumped because: kasan: bad access detected [ 29.985091] [ 29.985162] Memory state around the buggy address: [ 29.985262] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.985394] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 29.985570] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.985679] ^ [ 29.985856] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.986046] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.986156] ================================================================== [ 30.386115] ================================================================== [ 30.386252] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 30.386368] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.386494] [ 30.386611] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.387658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.387717] Hardware name: linux,dummy-virt (DT) [ 30.387757] Call trace: [ 30.387798] show_stack+0x20/0x38 (C) [ 30.387931] dump_stack_lvl+0x8c/0xd0 [ 30.388172] print_report+0x118/0x608 [ 30.388522] kasan_report+0xdc/0x128 [ 30.388857] kasan_check_range+0x100/0x1a8 [ 30.389352] __kasan_check_write+0x20/0x30 [ 30.389543] kasan_atomics_helper+0x1644/0x4858 [ 30.389682] kasan_atomics+0x198/0x2e0 [ 30.389797] kunit_try_run_case+0x170/0x3f0 [ 30.389945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.390127] kthread+0x328/0x630 [ 30.390275] ret_from_fork+0x10/0x20 [ 30.390396] [ 30.390446] Allocated by task 265: [ 30.390530] kasan_save_stack+0x3c/0x68 [ 30.390660] kasan_save_track+0x20/0x40 [ 30.390766] kasan_save_alloc_info+0x40/0x58 [ 30.390938] __kasan_kmalloc+0xd4/0xd8 [ 30.391048] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.391172] kasan_atomics+0xb8/0x2e0 [ 30.391290] kunit_try_run_case+0x170/0x3f0 [ 30.391719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.392002] kthread+0x328/0x630 [ 30.392093] ret_from_fork+0x10/0x20 [ 30.392278] [ 30.392331] The buggy address belongs to the object at fff00000c7751400 [ 30.392331] which belongs to the cache kmalloc-64 of size 64 [ 30.392478] The buggy address is located 0 bytes to the right of [ 30.392478] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.393152] [ 30.393292] The buggy address belongs to the physical page: [ 30.393869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.394200] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.395170] page_type: f5(slab) [ 30.395392] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.395524] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.395635] page dumped because: kasan: bad access detected [ 30.395721] [ 30.395774] Memory state around the buggy address: [ 30.396853] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.398108] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.398322] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.398436] ^ [ 30.398540] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.398667] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.398895] ================================================================== [ 30.046904] ================================================================== [ 30.047016] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 30.047143] Read of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.047267] [ 30.047352] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.047566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.047642] Hardware name: linux,dummy-virt (DT) [ 30.047719] Call trace: [ 30.047790] show_stack+0x20/0x38 (C) [ 30.047936] dump_stack_lvl+0x8c/0xd0 [ 30.048060] print_report+0x118/0x608 [ 30.048177] kasan_report+0xdc/0x128 [ 30.048296] __asan_report_load8_noabort+0x20/0x30 [ 30.048428] kasan_atomics_helper+0x3f58/0x4858 [ 30.048592] kasan_atomics+0x198/0x2e0 [ 30.048774] kunit_try_run_case+0x170/0x3f0 [ 30.049275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.051906] kthread+0x328/0x630 [ 30.052621] ret_from_fork+0x10/0x20 [ 30.052767] [ 30.052815] Allocated by task 265: [ 30.052930] kasan_save_stack+0x3c/0x68 [ 30.053264] kasan_save_track+0x20/0x40 [ 30.053424] kasan_save_alloc_info+0x40/0x58 [ 30.053871] __kasan_kmalloc+0xd4/0xd8 [ 30.054008] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.054128] kasan_atomics+0xb8/0x2e0 [ 30.054232] kunit_try_run_case+0x170/0x3f0 [ 30.055150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.055439] kthread+0x328/0x630 [ 30.055580] ret_from_fork+0x10/0x20 [ 30.055877] [ 30.055939] The buggy address belongs to the object at fff00000c7751400 [ 30.055939] which belongs to the cache kmalloc-64 of size 64 [ 30.056082] The buggy address is located 0 bytes to the right of [ 30.056082] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.056246] [ 30.056342] The buggy address belongs to the physical page: [ 30.057015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.057228] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.057417] page_type: f5(slab) [ 30.057532] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.057676] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.057832] page dumped because: kasan: bad access detected [ 30.057947] [ 30.058128] Memory state around the buggy address: [ 30.058215] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.058334] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.058449] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.059500] ^ [ 30.060501] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.060692] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.061154] ================================================================== [ 30.192173] ================================================================== [ 30.192294] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 30.192623] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.192917] [ 30.193133] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.193454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.193633] Hardware name: linux,dummy-virt (DT) [ 30.194363] Call trace: [ 30.194632] show_stack+0x20/0x38 (C) [ 30.194801] dump_stack_lvl+0x8c/0xd0 [ 30.195640] print_report+0x118/0x608 [ 30.195791] kasan_report+0xdc/0x128 [ 30.195936] kasan_check_range+0x100/0x1a8 [ 30.196076] __kasan_check_write+0x20/0x30 [ 30.196206] kasan_atomics_helper+0x1128/0x4858 [ 30.196548] kasan_atomics+0x198/0x2e0 [ 30.196744] kunit_try_run_case+0x170/0x3f0 [ 30.196904] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.197887] kthread+0x328/0x630 [ 30.198410] ret_from_fork+0x10/0x20 [ 30.198876] [ 30.199271] Allocated by task 265: [ 30.199353] kasan_save_stack+0x3c/0x68 [ 30.199705] kasan_save_track+0x20/0x40 [ 30.199952] kasan_save_alloc_info+0x40/0x58 [ 30.200122] __kasan_kmalloc+0xd4/0xd8 [ 30.200280] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.200404] kasan_atomics+0xb8/0x2e0 [ 30.200744] kunit_try_run_case+0x170/0x3f0 [ 30.200873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.202505] kthread+0x328/0x630 [ 30.202648] ret_from_fork+0x10/0x20 [ 30.202766] [ 30.202822] The buggy address belongs to the object at fff00000c7751400 [ 30.202822] which belongs to the cache kmalloc-64 of size 64 [ 30.202988] The buggy address is located 0 bytes to the right of [ 30.202988] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.203150] [ 30.203208] The buggy address belongs to the physical page: [ 30.203290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.204102] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.204324] page_type: f5(slab) [ 30.204445] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.204805] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.205813] page dumped because: kasan: bad access detected [ 30.205980] [ 30.206053] Memory state around the buggy address: [ 30.206210] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.206667] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.207079] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.207296] ^ [ 30.207393] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.207515] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.207618] ================================================================== [ 30.266116] ================================================================== [ 30.266224] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 30.266338] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.266462] [ 30.266539] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.266738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.266808] Hardware name: linux,dummy-virt (DT) [ 30.266903] Call trace: [ 30.266964] show_stack+0x20/0x38 (C) [ 30.267084] dump_stack_lvl+0x8c/0xd0 [ 30.267210] print_report+0x118/0x608 [ 30.267358] kasan_report+0xdc/0x128 [ 30.268200] kasan_check_range+0x100/0x1a8 [ 30.268414] __kasan_check_write+0x20/0x30 [ 30.268628] kasan_atomics_helper+0x12d8/0x4858 [ 30.268781] kasan_atomics+0x198/0x2e0 [ 30.268938] kunit_try_run_case+0x170/0x3f0 [ 30.269108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.269353] kthread+0x328/0x630 [ 30.269610] ret_from_fork+0x10/0x20 [ 30.269821] [ 30.269907] Allocated by task 265: [ 30.270069] kasan_save_stack+0x3c/0x68 [ 30.270218] kasan_save_track+0x20/0x40 [ 30.270399] kasan_save_alloc_info+0x40/0x58 [ 30.270521] __kasan_kmalloc+0xd4/0xd8 [ 30.270644] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.270864] kasan_atomics+0xb8/0x2e0 [ 30.271040] kunit_try_run_case+0x170/0x3f0 [ 30.271149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.271269] kthread+0x328/0x630 [ 30.271376] ret_from_fork+0x10/0x20 [ 30.271570] [ 30.271717] The buggy address belongs to the object at fff00000c7751400 [ 30.271717] which belongs to the cache kmalloc-64 of size 64 [ 30.271964] The buggy address is located 0 bytes to the right of [ 30.271964] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.272231] [ 30.272335] The buggy address belongs to the physical page: [ 30.272416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.272617] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.272774] page_type: f5(slab) [ 30.272890] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.273068] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.273190] page dumped because: kasan: bad access detected [ 30.273326] [ 30.273410] Memory state around the buggy address: [ 30.273577] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.273735] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.274056] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.274189] ^ [ 30.274305] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.274513] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.274681] ================================================================== [ 30.359603] ================================================================== [ 30.359710] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 30.359862] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.359998] [ 30.360092] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.360296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.360361] Hardware name: linux,dummy-virt (DT) [ 30.360445] Call trace: [ 30.360503] show_stack+0x20/0x38 (C) [ 30.360633] dump_stack_lvl+0x8c/0xd0 [ 30.360751] print_report+0x118/0x608 [ 30.363831] kasan_report+0xdc/0x128 [ 30.363994] kasan_check_range+0x100/0x1a8 [ 30.364134] __kasan_check_write+0x20/0x30 [ 30.364265] kasan_atomics_helper+0x15b4/0x4858 [ 30.364401] kasan_atomics+0x198/0x2e0 [ 30.364529] kunit_try_run_case+0x170/0x3f0 [ 30.364674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.364824] kthread+0x328/0x630 [ 30.364976] ret_from_fork+0x10/0x20 [ 30.365110] [ 30.365170] Allocated by task 265: [ 30.365250] kasan_save_stack+0x3c/0x68 [ 30.365358] kasan_save_track+0x20/0x40 [ 30.365458] kasan_save_alloc_info+0x40/0x58 [ 30.365564] __kasan_kmalloc+0xd4/0xd8 [ 30.365657] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.365769] kasan_atomics+0xb8/0x2e0 [ 30.368503] kunit_try_run_case+0x170/0x3f0 [ 30.368621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.368745] kthread+0x328/0x630 [ 30.368829] ret_from_fork+0x10/0x20 [ 30.368944] [ 30.368997] The buggy address belongs to the object at fff00000c7751400 [ 30.368997] which belongs to the cache kmalloc-64 of size 64 [ 30.371274] The buggy address is located 0 bytes to the right of [ 30.371274] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.371620] [ 30.371723] The buggy address belongs to the physical page: [ 30.371819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.372241] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.372421] page_type: f5(slab) [ 30.372596] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.372950] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.373221] page dumped because: kasan: bad access detected [ 30.373355] [ 30.373476] Memory state around the buggy address: [ 30.373561] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.374420] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.374632] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.374732] ^ [ 30.374824] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.374971] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.375085] ================================================================== [ 30.140713] ================================================================== [ 30.140948] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 30.141094] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.141287] [ 30.141700] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.142188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.142272] Hardware name: linux,dummy-virt (DT) [ 30.142800] Call trace: [ 30.142892] show_stack+0x20/0x38 (C) [ 30.143021] dump_stack_lvl+0x8c/0xd0 [ 30.143138] print_report+0x118/0x608 [ 30.143345] kasan_report+0xdc/0x128 [ 30.144121] kasan_check_range+0x100/0x1a8 [ 30.144474] __kasan_check_write+0x20/0x30 [ 30.144981] kasan_atomics_helper+0xff0/0x4858 [ 30.145349] kasan_atomics+0x198/0x2e0 [ 30.145600] kunit_try_run_case+0x170/0x3f0 [ 30.146162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.146419] kthread+0x328/0x630 [ 30.146729] ret_from_fork+0x10/0x20 [ 30.146916] [ 30.147283] Allocated by task 265: [ 30.147396] kasan_save_stack+0x3c/0x68 [ 30.147541] kasan_save_track+0x20/0x40 [ 30.147646] kasan_save_alloc_info+0x40/0x58 [ 30.148179] __kasan_kmalloc+0xd4/0xd8 [ 30.148664] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.148804] kasan_atomics+0xb8/0x2e0 [ 30.149299] kunit_try_run_case+0x170/0x3f0 [ 30.149514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.149870] kthread+0x328/0x630 [ 30.150045] ret_from_fork+0x10/0x20 [ 30.150187] [ 30.150241] The buggy address belongs to the object at fff00000c7751400 [ 30.150241] which belongs to the cache kmalloc-64 of size 64 [ 30.150391] The buggy address is located 0 bytes to the right of [ 30.150391] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.150548] [ 30.150603] The buggy address belongs to the physical page: [ 30.150681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.151261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.151733] page_type: f5(slab) [ 30.151996] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.152261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.152373] page dumped because: kasan: bad access detected [ 30.152476] [ 30.152526] Memory state around the buggy address: [ 30.152613] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.152727] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.153967] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.154091] ^ [ 30.154192] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.154321] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.154433] ================================================================== [ 30.155218] ================================================================== [ 30.155673] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 30.156132] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.156433] [ 30.156523] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.156747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.156850] Hardware name: linux,dummy-virt (DT) [ 30.156941] Call trace: [ 30.158522] show_stack+0x20/0x38 (C) [ 30.158706] dump_stack_lvl+0x8c/0xd0 [ 30.158869] print_report+0x118/0x608 [ 30.160072] kasan_report+0xdc/0x128 [ 30.160268] kasan_check_range+0x100/0x1a8 [ 30.160402] __kasan_check_write+0x20/0x30 [ 30.160524] kasan_atomics_helper+0x1058/0x4858 [ 30.161858] kasan_atomics+0x198/0x2e0 [ 30.162079] kunit_try_run_case+0x170/0x3f0 [ 30.162669] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.162812] kthread+0x328/0x630 [ 30.162954] ret_from_fork+0x10/0x20 [ 30.163077] [ 30.163128] Allocated by task 265: [ 30.163204] kasan_save_stack+0x3c/0x68 [ 30.163324] kasan_save_track+0x20/0x40 [ 30.163449] kasan_save_alloc_info+0x40/0x58 [ 30.163983] __kasan_kmalloc+0xd4/0xd8 [ 30.164388] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.164866] kasan_atomics+0xb8/0x2e0 [ 30.165199] kunit_try_run_case+0x170/0x3f0 [ 30.165682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.166220] kthread+0x328/0x630 [ 30.166375] ret_from_fork+0x10/0x20 [ 30.166485] [ 30.166540] The buggy address belongs to the object at fff00000c7751400 [ 30.166540] which belongs to the cache kmalloc-64 of size 64 [ 30.166953] The buggy address is located 0 bytes to the right of [ 30.166953] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.167240] [ 30.167370] The buggy address belongs to the physical page: [ 30.167815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.167992] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.168233] page_type: f5(slab) [ 30.168782] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.169196] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.169684] page dumped because: kasan: bad access detected [ 30.169784] [ 30.169868] Memory state around the buggy address: [ 30.169962] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.170276] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.170661] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.171277] ^ [ 30.171410] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.171853] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.172197] ================================================================== [ 30.437713] ================================================================== [ 30.437821] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 30.437979] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.438117] [ 30.438203] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.438444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.438523] Hardware name: linux,dummy-virt (DT) [ 30.438748] Call trace: [ 30.438828] show_stack+0x20/0x38 (C) [ 30.439129] dump_stack_lvl+0x8c/0xd0 [ 30.439254] print_report+0x118/0x608 [ 30.439380] kasan_report+0xdc/0x128 [ 30.440489] kasan_check_range+0x100/0x1a8 [ 30.440629] __kasan_check_write+0x20/0x30 [ 30.440797] kasan_atomics_helper+0x175c/0x4858 [ 30.440950] kasan_atomics+0x198/0x2e0 [ 30.441112] kunit_try_run_case+0x170/0x3f0 [ 30.441505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.441670] kthread+0x328/0x630 [ 30.443259] ret_from_fork+0x10/0x20 [ 30.443451] [ 30.443503] Allocated by task 265: [ 30.443578] kasan_save_stack+0x3c/0x68 [ 30.443679] kasan_save_track+0x20/0x40 [ 30.443791] kasan_save_alloc_info+0x40/0x58 [ 30.443914] __kasan_kmalloc+0xd4/0xd8 [ 30.444123] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.444231] kasan_atomics+0xb8/0x2e0 [ 30.444588] kunit_try_run_case+0x170/0x3f0 [ 30.445176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.445673] kthread+0x328/0x630 [ 30.446168] ret_from_fork+0x10/0x20 [ 30.446734] [ 30.446794] The buggy address belongs to the object at fff00000c7751400 [ 30.446794] which belongs to the cache kmalloc-64 of size 64 [ 30.447523] The buggy address is located 0 bytes to the right of [ 30.447523] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.448454] [ 30.449053] The buggy address belongs to the physical page: [ 30.449454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.449606] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.449739] page_type: f5(slab) [ 30.451345] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.451993] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.452102] page dumped because: kasan: bad access detected [ 30.452188] [ 30.452242] Memory state around the buggy address: [ 30.454122] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.454278] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.454395] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.454497] ^ [ 30.456258] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.456561] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.456664] ================================================================== [ 30.015822] ================================================================== [ 30.015952] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 30.016075] Read of size 4 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.017945] [ 30.018047] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.018271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.018354] Hardware name: linux,dummy-virt (DT) [ 30.018442] Call trace: [ 30.018507] show_stack+0x20/0x38 (C) [ 30.018637] dump_stack_lvl+0x8c/0xd0 [ 30.018765] print_report+0x118/0x608 [ 30.018906] kasan_report+0xdc/0x128 [ 30.019969] __asan_report_load4_noabort+0x20/0x30 [ 30.020113] kasan_atomics_helper+0x3e04/0x4858 [ 30.020356] kasan_atomics+0x198/0x2e0 [ 30.021112] kunit_try_run_case+0x170/0x3f0 [ 30.021267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.021439] kthread+0x328/0x630 [ 30.021644] ret_from_fork+0x10/0x20 [ 30.021866] [ 30.022032] Allocated by task 265: [ 30.022196] kasan_save_stack+0x3c/0x68 [ 30.022307] kasan_save_track+0x20/0x40 [ 30.022412] kasan_save_alloc_info+0x40/0x58 [ 30.022570] __kasan_kmalloc+0xd4/0xd8 [ 30.022833] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.022965] kasan_atomics+0xb8/0x2e0 [ 30.023063] kunit_try_run_case+0x170/0x3f0 [ 30.023384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.023702] kthread+0x328/0x630 [ 30.023940] ret_from_fork+0x10/0x20 [ 30.024299] [ 30.024357] The buggy address belongs to the object at fff00000c7751400 [ 30.024357] which belongs to the cache kmalloc-64 of size 64 [ 30.024935] The buggy address is located 0 bytes to the right of [ 30.024935] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.025124] [ 30.025187] The buggy address belongs to the physical page: [ 30.025274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.025423] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.025696] page_type: f5(slab) [ 30.025816] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.026146] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.026418] page dumped because: kasan: bad access detected [ 30.026963] [ 30.027170] Memory state around the buggy address: [ 30.027285] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.027404] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.027551] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.027830] ^ [ 30.028009] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.028468] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.028658] ================================================================== [ 30.302910] ================================================================== [ 30.303282] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 30.303530] Write of size 8 at addr fff00000c7751430 by task kunit_try_catch/265 [ 30.303665] [ 30.304154] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 30.304463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.304543] Hardware name: linux,dummy-virt (DT) [ 30.304637] Call trace: [ 30.304701] show_stack+0x20/0x38 (C) [ 30.304830] dump_stack_lvl+0x8c/0xd0 [ 30.304984] print_report+0x118/0x608 [ 30.305553] kasan_report+0xdc/0x128 [ 30.306018] kasan_check_range+0x100/0x1a8 [ 30.306222] __kasan_check_write+0x20/0x30 [ 30.306382] kasan_atomics_helper+0x1414/0x4858 [ 30.306557] kasan_atomics+0x198/0x2e0 [ 30.306707] kunit_try_run_case+0x170/0x3f0 [ 30.307300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.307692] kthread+0x328/0x630 [ 30.308314] ret_from_fork+0x10/0x20 [ 30.308507] [ 30.308650] Allocated by task 265: [ 30.308757] kasan_save_stack+0x3c/0x68 [ 30.309005] kasan_save_track+0x20/0x40 [ 30.309197] kasan_save_alloc_info+0x40/0x58 [ 30.309358] __kasan_kmalloc+0xd4/0xd8 [ 30.309542] __kmalloc_cache_noprof+0x16c/0x3c0 [ 30.309730] kasan_atomics+0xb8/0x2e0 [ 30.310200] kunit_try_run_case+0x170/0x3f0 [ 30.310312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.310454] kthread+0x328/0x630 [ 30.310644] ret_from_fork+0x10/0x20 [ 30.310795] [ 30.310873] The buggy address belongs to the object at fff00000c7751400 [ 30.310873] which belongs to the cache kmalloc-64 of size 64 [ 30.311067] The buggy address is located 0 bytes to the right of [ 30.311067] allocated 48-byte region [fff00000c7751400, fff00000c7751430) [ 30.311240] [ 30.311303] The buggy address belongs to the physical page: [ 30.311385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107751 [ 30.311718] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 30.311965] page_type: f5(slab) [ 30.312131] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 30.312416] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.312549] page dumped because: kasan: bad access detected [ 30.312896] [ 30.313355] Memory state around the buggy address: [ 30.313478] fff00000c7751300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.313743] fff00000c7751380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 30.313877] >fff00000c7751400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.314805] ^ [ 30.315033] fff00000c7751480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.315205] fff00000c7751500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.315375] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 29.228920] ================================================================== [ 29.229466] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 29.239291] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 29.251461] The buggy address is located 8 bytes inside of [ 29.251461] allocated 9-byte region [fff00000c60a60c0, fff00000c60a60c9) [ 29.257351] >fff00000c60a6080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 29.257403] ^ [ 29.257940] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 29.138802] ================================================================== [ 29.139993] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 29.140436] Read of size 1 at addr fff00000c7761a90 by task kunit_try_catch/259 [ 29.141108] [ 29.141499] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 29.141689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.141755] Hardware name: linux,dummy-virt (DT) [ 29.141826] Call trace: [ 29.141918] show_stack+0x20/0x38 (C) [ 29.142076] dump_stack_lvl+0x8c/0xd0 [ 29.142221] print_report+0x118/0x608 [ 29.142348] kasan_report+0xdc/0x128 [ 29.142465] __asan_report_load1_noabort+0x20/0x30 [ 29.142593] strnlen+0x80/0x88 [ 29.142697] kasan_strings+0x478/0xb00 [ 29.142806] kunit_try_run_case+0x170/0x3f0 [ 29.142958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.143094] kthread+0x328/0x630 [ 29.143204] ret_from_fork+0x10/0x20 [ 29.143322] [ 29.143371] Allocated by task 259: [ 29.143439] kasan_save_stack+0x3c/0x68 [ 29.143543] kasan_save_track+0x20/0x40 [ 29.143639] kasan_save_alloc_info+0x40/0x58 [ 29.143737] __kasan_kmalloc+0xd4/0xd8 [ 29.145295] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.145785] kasan_strings+0xc8/0xb00 [ 29.146276] kunit_try_run_case+0x170/0x3f0 [ 29.147097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.147238] kthread+0x328/0x630 [ 29.147334] ret_from_fork+0x10/0x20 [ 29.147440] [ 29.147501] Freed by task 259: [ 29.147587] kasan_save_stack+0x3c/0x68 [ 29.147697] kasan_save_track+0x20/0x40 [ 29.149348] kasan_save_free_info+0x4c/0x78 [ 29.149783] __kasan_slab_free+0x6c/0x98 [ 29.149987] kfree+0x214/0x3c8 [ 29.150147] kasan_strings+0x24c/0xb00 [ 29.150256] kunit_try_run_case+0x170/0x3f0 [ 29.150361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.150472] kthread+0x328/0x630 [ 29.150562] ret_from_fork+0x10/0x20 [ 29.150675] [ 29.150731] The buggy address belongs to the object at fff00000c7761a80 [ 29.150731] which belongs to the cache kmalloc-32 of size 32 [ 29.150889] The buggy address is located 16 bytes inside of [ 29.150889] freed 32-byte region [fff00000c7761a80, fff00000c7761aa0) [ 29.151957] [ 29.152030] The buggy address belongs to the physical page: [ 29.152121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107761 [ 29.152741] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.153011] page_type: f5(slab) [ 29.153207] raw: 0bfffe0000000000 fff00000c0001780 dead000000000100 dead000000000122 [ 29.153552] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 29.153753] page dumped because: kasan: bad access detected [ 29.154352] [ 29.154437] Memory state around the buggy address: [ 29.155538] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 29.117894] ================================================================== [ 29.118094] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 29.118238] Read of size 1 at addr fff00000c7761a90 by task kunit_try_catch/259 [ 29.118365] [ 29.118449] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 29.118648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.118720] Hardware name: linux,dummy-virt (DT) [ 29.118802] Call trace: [ 29.118879] show_stack+0x20/0x38 (C) [ 29.119019] dump_stack_lvl+0x8c/0xd0 [ 29.119145] print_report+0x118/0x608 [ 29.119278] kasan_report+0xdc/0x128 [ 29.119398] __asan_report_load1_noabort+0x20/0x30 [ 29.119523] strlen+0xa8/0xb0 [ 29.119634] kasan_strings+0x418/0xb00 [ 29.119748] kunit_try_run_case+0x170/0x3f0 [ 29.123388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.123536] kthread+0x328/0x630 [ 29.123653] ret_from_fork+0x10/0x20 [ 29.123792] [ 29.123862] Allocated by task 259: [ 29.123940] kasan_save_stack+0x3c/0x68 [ 29.124040] kasan_save_track+0x20/0x40 [ 29.124140] kasan_save_alloc_info+0x40/0x58 [ 29.124241] __kasan_kmalloc+0xd4/0xd8 [ 29.124332] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.124435] kasan_strings+0xc8/0xb00 [ 29.124524] kunit_try_run_case+0x170/0x3f0 [ 29.124624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.124735] kthread+0x328/0x630 [ 29.124817] ret_from_fork+0x10/0x20 [ 29.127619] [ 29.127697] Freed by task 259: [ 29.127802] kasan_save_stack+0x3c/0x68 [ 29.128190] kasan_save_track+0x20/0x40 [ 29.128483] kasan_save_free_info+0x4c/0x78 [ 29.128919] __kasan_slab_free+0x6c/0x98 [ 29.129748] kfree+0x214/0x3c8 [ 29.130351] kasan_strings+0x24c/0xb00 [ 29.130967] kunit_try_run_case+0x170/0x3f0 [ 29.131525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.132072] kthread+0x328/0x630 [ 29.132169] ret_from_fork+0x10/0x20 [ 29.132263] [ 29.132875] The buggy address belongs to the object at fff00000c7761a80 [ 29.132875] which belongs to the cache kmalloc-32 of size 32 [ 29.133570] The buggy address is located 16 bytes inside of [ 29.133570] freed 32-byte region [fff00000c7761a80, fff00000c7761aa0) [ 29.133729] [ 29.133782] The buggy address belongs to the physical page: [ 29.133878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107761 [ 29.134020] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.134146] page_type: f5(slab) [ 29.134246] raw: 0bfffe0000000000 fff00000c0001780 dead000000000100 dead000000000122 [ 29.134986] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 29.137028] page dumped because: kasan: bad access detected [ 29.137128] [ 29.137180] Memory state around the buggy address: [ 29.137269] fff00000c7761980: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 29.137386] fff00000c7761a00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 29.137500] >fff00000c7761a80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 29.137602] ^ [ 29.137683] fff00000c7761b00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 29.137797] fff00000c7761b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 29.137930] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 29.072562] ================================================================== [ 29.072681] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 29.072803] Read of size 1 at addr fff00000c7761a90 by task kunit_try_catch/259 [ 29.072958] [ 29.073072] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 29.073311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.073387] Hardware name: linux,dummy-virt (DT) [ 29.073483] Call trace: [ 29.073549] show_stack+0x20/0x38 (C) [ 29.073678] dump_stack_lvl+0x8c/0xd0 [ 29.073802] print_report+0x118/0x608 [ 29.075563] kasan_report+0xdc/0x128 [ 29.076149] __asan_report_load1_noabort+0x20/0x30 [ 29.076294] kasan_strings+0x95c/0xb00 [ 29.076408] kunit_try_run_case+0x170/0x3f0 [ 29.076534] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.076673] kthread+0x328/0x630 [ 29.076790] ret_from_fork+0x10/0x20 [ 29.076933] [ 29.076982] Allocated by task 259: [ 29.077069] kasan_save_stack+0x3c/0x68 [ 29.077174] kasan_save_track+0x20/0x40 [ 29.077268] kasan_save_alloc_info+0x40/0x58 [ 29.077367] __kasan_kmalloc+0xd4/0xd8 [ 29.077466] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.077568] kasan_strings+0xc8/0xb00 [ 29.077660] kunit_try_run_case+0x170/0x3f0 [ 29.077752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.080240] kthread+0x328/0x630 [ 29.080343] ret_from_fork+0x10/0x20 [ 29.080444] [ 29.080500] Freed by task 259: [ 29.080570] kasan_save_stack+0x3c/0x68 [ 29.080672] kasan_save_track+0x20/0x40 [ 29.080773] kasan_save_free_info+0x4c/0x78 [ 29.081937] __kasan_slab_free+0x6c/0x98 [ 29.082073] kfree+0x214/0x3c8 [ 29.082179] kasan_strings+0x24c/0xb00 [ 29.082277] kunit_try_run_case+0x170/0x3f0 [ 29.082377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.082485] kthread+0x328/0x630 [ 29.082580] ret_from_fork+0x10/0x20 [ 29.082672] [ 29.082726] The buggy address belongs to the object at fff00000c7761a80 [ 29.082726] which belongs to the cache kmalloc-32 of size 32 [ 29.082881] The buggy address is located 16 bytes inside of [ 29.082881] freed 32-byte region [fff00000c7761a80, fff00000c7761aa0) [ 29.083035] [ 29.083089] The buggy address belongs to the physical page: [ 29.083165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107761 [ 29.083295] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.083418] page_type: f5(slab) [ 29.083515] raw: 0bfffe0000000000 fff00000c0001780 dead000000000100 dead000000000122 [ 29.083644] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 29.083744] page dumped because: kasan: bad access detected [ 29.083833] [ 29.087037] Memory state around the buggy address: [ 29.087437] fff00000c7761980: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 29.087920] fff00000c7761a00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 29.088530] >fff00000c7761a80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 29.088651] ^ [ 29.088732] fff00000c7761b00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 29.088858] fff00000c7761b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 29.088959] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 29.059022] ================================================================== [ 29.059385] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 29.059535] Read of size 1 at addr fff00000c7761a90 by task kunit_try_catch/259 [ 29.059662] [ 29.059749] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 29.059991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.060066] Hardware name: linux,dummy-virt (DT) [ 29.060151] Call trace: [ 29.060221] show_stack+0x20/0x38 (C) [ 29.060356] dump_stack_lvl+0x8c/0xd0 [ 29.060588] print_report+0x118/0x608 [ 29.060726] kasan_report+0xdc/0x128 [ 29.060883] __asan_report_load1_noabort+0x20/0x30 [ 29.061081] strcmp+0xc0/0xc8 [ 29.061392] kasan_strings+0x340/0xb00 [ 29.061600] kunit_try_run_case+0x170/0x3f0 [ 29.061745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.061922] kthread+0x328/0x630 [ 29.062056] ret_from_fork+0x10/0x20 [ 29.062199] [ 29.062259] Allocated by task 259: [ 29.062339] kasan_save_stack+0x3c/0x68 [ 29.062455] kasan_save_track+0x20/0x40 [ 29.062564] kasan_save_alloc_info+0x40/0x58 [ 29.062703] __kasan_kmalloc+0xd4/0xd8 [ 29.062808] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.062960] kasan_strings+0xc8/0xb00 [ 29.063090] kunit_try_run_case+0x170/0x3f0 [ 29.063194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.063303] kthread+0x328/0x630 [ 29.063394] ret_from_fork+0x10/0x20 [ 29.063488] [ 29.063571] Freed by task 259: [ 29.063646] kasan_save_stack+0x3c/0x68 [ 29.063751] kasan_save_track+0x20/0x40 [ 29.063878] kasan_save_free_info+0x4c/0x78 [ 29.064000] __kasan_slab_free+0x6c/0x98 [ 29.064107] kfree+0x214/0x3c8 [ 29.064385] kasan_strings+0x24c/0xb00 [ 29.064506] kunit_try_run_case+0x170/0x3f0 [ 29.064703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.064830] kthread+0x328/0x630 [ 29.064944] ret_from_fork+0x10/0x20 [ 29.065080] [ 29.065141] The buggy address belongs to the object at fff00000c7761a80 [ 29.065141] which belongs to the cache kmalloc-32 of size 32 [ 29.065296] The buggy address is located 16 bytes inside of [ 29.065296] freed 32-byte region [fff00000c7761a80, fff00000c7761aa0) [ 29.065454] [ 29.065525] The buggy address belongs to the physical page: [ 29.065614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107761 [ 29.065771] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.065942] page_type: f5(slab) [ 29.066065] raw: 0bfffe0000000000 fff00000c0001780 dead000000000100 dead000000000122 [ 29.066211] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 29.066329] page dumped because: kasan: bad access detected [ 29.066427] [ 29.066482] Memory state around the buggy address: [ 29.066573] fff00000c7761980: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 29.067438] fff00000c7761a00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 29.068103] >fff00000c7761a80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 29.068645] ^ [ 29.068736] fff00000c7761b00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 29.068876] fff00000c7761b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 29.068987] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 28.997187] ================================================================== [ 28.997317] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 28.998352] Read of size 1 at addr fff00000c77618d8 by task kunit_try_catch/257 [ 28.999716] [ 29.000018] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 29.000264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.000348] Hardware name: linux,dummy-virt (DT) [ 29.000447] Call trace: [ 29.000517] show_stack+0x20/0x38 (C) [ 29.001264] dump_stack_lvl+0x8c/0xd0 [ 29.001780] print_report+0x118/0x608 [ 29.002582] kasan_report+0xdc/0x128 [ 29.003179] __asan_report_load1_noabort+0x20/0x30 [ 29.003830] memcmp+0x198/0x1d8 [ 29.003993] kasan_memcmp+0x16c/0x300 [ 29.004116] kunit_try_run_case+0x170/0x3f0 [ 29.004255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.004393] kthread+0x328/0x630 [ 29.004519] ret_from_fork+0x10/0x20 [ 29.004649] [ 29.004701] Allocated by task 257: [ 29.004780] kasan_save_stack+0x3c/0x68 [ 29.005022] kasan_save_track+0x20/0x40 [ 29.005138] kasan_save_alloc_info+0x40/0x58 [ 29.005256] __kasan_kmalloc+0xd4/0xd8 [ 29.005366] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.005486] kasan_memcmp+0xbc/0x300 [ 29.005586] kunit_try_run_case+0x170/0x3f0 [ 29.005700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.005823] kthread+0x328/0x630 [ 29.007327] ret_from_fork+0x10/0x20 [ 29.007733] [ 29.007795] The buggy address belongs to the object at fff00000c77618c0 [ 29.007795] which belongs to the cache kmalloc-32 of size 32 [ 29.007961] The buggy address is located 0 bytes to the right of [ 29.007961] allocated 24-byte region [fff00000c77618c0, fff00000c77618d8) [ 29.008124] [ 29.008177] The buggy address belongs to the physical page: [ 29.008256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107761 [ 29.008393] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.008530] page_type: f5(slab) [ 29.008640] raw: 0bfffe0000000000 fff00000c0001780 dead000000000100 dead000000000122 [ 29.008759] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 29.008887] page dumped because: kasan: bad access detected [ 29.008975] [ 29.009030] Memory state around the buggy address: [ 29.009125] fff00000c7761780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 29.009244] fff00000c7761800: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 29.009367] >fff00000c7761880: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 29.009476] ^ [ 29.009580] fff00000c7761900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.009703] fff00000c7761980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.009803] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 28.956464] ================================================================== [ 28.956587] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 28.956729] Read of size 1 at addr ffff800080a97b4a by task kunit_try_catch/253 [ 28.957124] [ 28.957261] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.957587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.957701] Hardware name: linux,dummy-virt (DT) [ 28.957796] Call trace: [ 28.957969] show_stack+0x20/0x38 (C) [ 28.958233] dump_stack_lvl+0x8c/0xd0 [ 28.958425] print_report+0x310/0x608 [ 28.958785] kasan_report+0xdc/0x128 [ 28.958937] __asan_report_load1_noabort+0x20/0x30 [ 28.959116] kasan_alloca_oob_right+0x2dc/0x340 [ 28.959461] kunit_try_run_case+0x170/0x3f0 [ 28.959808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.959977] kthread+0x328/0x630 [ 28.960208] ret_from_fork+0x10/0x20 [ 28.960378] [ 28.960529] The buggy address belongs to stack of task kunit_try_catch/253 [ 28.960680] [ 28.960778] The buggy address belongs to the virtual mapping at [ 28.960778] [ffff800080a90000, ffff800080a99000) created by: [ 28.960778] kernel_clone+0x150/0x7a8 [ 28.961104] [ 28.961142] The buggy address belongs to the physical page: [ 28.961186] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10776f [ 28.961402] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.961584] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 28.961718] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.962325] page dumped because: kasan: bad access detected [ 28.962516] [ 28.962579] Memory state around the buggy address: [ 28.962681] ffff800080a97a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.962792] ffff800080a97a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.962938] >ffff800080a97b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 28.963039] ^ [ 28.963160] ffff800080a97b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 28.963271] ffff800080a97c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 28.963370] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 28.938951] ================================================================== [ 28.939278] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 28.939455] Read of size 1 at addr ffff800080a97b5f by task kunit_try_catch/251 [ 28.939753] [ 28.939868] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.940331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.940406] Hardware name: linux,dummy-virt (DT) [ 28.940486] Call trace: [ 28.940552] show_stack+0x20/0x38 (C) [ 28.940736] dump_stack_lvl+0x8c/0xd0 [ 28.940965] print_report+0x310/0x608 [ 28.941164] kasan_report+0xdc/0x128 [ 28.941352] __asan_report_load1_noabort+0x20/0x30 [ 28.941508] kasan_alloca_oob_left+0x2b8/0x310 [ 28.941714] kunit_try_run_case+0x170/0x3f0 [ 28.941878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.942025] kthread+0x328/0x630 [ 28.942152] ret_from_fork+0x10/0x20 [ 28.942347] [ 28.942438] The buggy address belongs to stack of task kunit_try_catch/251 [ 28.942643] [ 28.942717] The buggy address belongs to the virtual mapping at [ 28.942717] [ffff800080a90000, ffff800080a99000) created by: [ 28.942717] kernel_clone+0x150/0x7a8 [ 28.943086] [ 28.943275] The buggy address belongs to the physical page: [ 28.943506] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10776f [ 28.943652] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.943825] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 28.943976] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.944084] page dumped because: kasan: bad access detected [ 28.944177] [ 28.944323] Memory state around the buggy address: [ 28.944587] ffff800080a97a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.944733] ffff800080a97a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.944870] >ffff800080a97b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 28.944985] ^ [ 28.945146] ffff800080a97b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 28.945300] ffff800080a97c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 28.945446] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 28.914288] ================================================================== [ 28.915029] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 28.915220] Read of size 1 at addr ffff800080a97c2a by task kunit_try_catch/249 [ 28.915567] [ 28.915660] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.915897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.916059] Hardware name: linux,dummy-virt (DT) [ 28.916241] Call trace: [ 28.916339] show_stack+0x20/0x38 (C) [ 28.916468] dump_stack_lvl+0x8c/0xd0 [ 28.916654] print_report+0x310/0x608 [ 28.917023] kasan_report+0xdc/0x128 [ 28.917201] __asan_report_load1_noabort+0x20/0x30 [ 28.917558] kasan_stack_oob+0x238/0x270 [ 28.917700] kunit_try_run_case+0x170/0x3f0 [ 28.917872] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.918026] kthread+0x328/0x630 [ 28.919015] ret_from_fork+0x10/0x20 [ 28.919231] [ 28.919353] The buggy address belongs to stack of task kunit_try_catch/249 [ 28.919609] and is located at offset 138 in frame: [ 28.919727] kasan_stack_oob+0x0/0x270 [ 28.920085] [ 28.920158] This frame has 4 objects: [ 28.920377] [48, 49) '__assertion' [ 28.920494] [64, 72) 'array' [ 28.920580] [96, 112) '__assertion' [ 28.920719] [128, 138) 'stack_array' [ 28.920909] [ 28.921003] The buggy address belongs to the virtual mapping at [ 28.921003] [ffff800080a90000, ffff800080a99000) created by: [ 28.921003] kernel_clone+0x150/0x7a8 [ 28.921946] [ 28.922025] The buggy address belongs to the physical page: [ 28.922326] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10776f [ 28.922736] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.922982] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 28.923248] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.923676] page dumped because: kasan: bad access detected [ 28.923979] [ 28.924065] Memory state around the buggy address: [ 28.924155] ffff800080a97b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.924717] ffff800080a97b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 28.924921] >ffff800080a97c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 28.925104] ^ [ 28.925161] ffff800080a97c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 28.925220] ffff800080a97d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 28.925300] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 28.848504] ================================================================== [ 28.848644] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 28.848775] Read of size 1 at addr ffffa63992daf5cd by task kunit_try_catch/245 [ 28.849414] [ 28.849678] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.850221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.850461] Hardware name: linux,dummy-virt (DT) [ 28.850645] Call trace: [ 28.850723] show_stack+0x20/0x38 (C) [ 28.850869] dump_stack_lvl+0x8c/0xd0 [ 28.850996] print_report+0x310/0x608 [ 28.851115] kasan_report+0xdc/0x128 [ 28.851678] __asan_report_load1_noabort+0x20/0x30 [ 28.852357] kasan_global_oob_right+0x230/0x270 [ 28.852831] kunit_try_run_case+0x170/0x3f0 [ 28.853010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.853159] kthread+0x328/0x630 [ 28.853274] ret_from_fork+0x10/0x20 [ 28.853412] [ 28.853739] The buggy address belongs to the variable: [ 28.853873] global_array+0xd/0x40 [ 28.854005] [ 28.854209] The buggy address belongs to the virtual mapping at [ 28.854209] [ffffa63990f50000, ffffa63992e61000) created by: [ 28.854209] paging_init+0x66c/0x7d0 [ 28.854416] [ 28.854541] The buggy address belongs to the physical page: [ 28.854686] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47daf [ 28.855300] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 28.856229] raw: 03fffe0000002000 ffffc1ffc01f6bc8 ffffc1ffc01f6bc8 0000000000000000 [ 28.856789] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.857370] page dumped because: kasan: bad access detected [ 28.857660] [ 28.857735] Memory state around the buggy address: [ 28.857921] ffffa63992daf480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.858978] ffffa63992daf500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.859329] >ffffa63992daf580: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 28.860023] ^ [ 28.860127] ffffa63992daf600: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 28.860234] ffffa63992daf680: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 28.860434] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 28.788256] ================================================================== [ 28.788702] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 28.788958] Free of addr fff00000c7772501 by task kunit_try_catch/241 [ 28.789073] [ 28.789167] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.789443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.789550] Hardware name: linux,dummy-virt (DT) [ 28.789818] Call trace: [ 28.790071] show_stack+0x20/0x38 (C) [ 28.790250] dump_stack_lvl+0x8c/0xd0 [ 28.790388] print_report+0x118/0x608 [ 28.790517] kasan_report_invalid_free+0xc0/0xe8 [ 28.790748] check_slab_allocation+0xfc/0x108 [ 28.790904] __kasan_mempool_poison_object+0x78/0x150 [ 28.791057] mempool_free+0x28c/0x328 [ 28.791317] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 28.791528] mempool_kmalloc_invalid_free+0xc0/0x118 [ 28.791670] kunit_try_run_case+0x170/0x3f0 [ 28.791888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.792049] kthread+0x328/0x630 [ 28.792347] ret_from_fork+0x10/0x20 [ 28.792830] [ 28.793157] Allocated by task 241: [ 28.793236] kasan_save_stack+0x3c/0x68 [ 28.793816] kasan_save_track+0x20/0x40 [ 28.793932] kasan_save_alloc_info+0x40/0x58 [ 28.794035] __kasan_mempool_unpoison_object+0x11c/0x180 [ 28.794136] remove_element+0x130/0x1f8 [ 28.794224] mempool_alloc_preallocated+0x58/0xc0 [ 28.794318] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 28.794420] mempool_kmalloc_invalid_free+0xc0/0x118 [ 28.794519] kunit_try_run_case+0x170/0x3f0 [ 28.794609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.794725] kthread+0x328/0x630 [ 28.794805] ret_from_fork+0x10/0x20 [ 28.794915] [ 28.794963] The buggy address belongs to the object at fff00000c7772500 [ 28.794963] which belongs to the cache kmalloc-128 of size 128 [ 28.795105] The buggy address is located 1 bytes inside of [ 28.795105] 128-byte region [fff00000c7772500, fff00000c7772580) [ 28.795249] [ 28.795300] The buggy address belongs to the physical page: [ 28.795374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 28.795500] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.795621] page_type: f5(slab) [ 28.795717] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.799366] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.799806] page dumped because: kasan: bad access detected [ 28.800055] [ 28.800327] Memory state around the buggy address: [ 28.800420] fff00000c7772400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.800822] fff00000c7772480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.801328] >fff00000c7772500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.801538] ^ [ 28.803886] fff00000c7772580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.804026] fff00000c7772600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.804185] ================================================================== [ 28.819967] ================================================================== [ 28.820196] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 28.820693] Free of addr fff00000c7730001 by task kunit_try_catch/243 [ 28.820820] [ 28.820989] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.821297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.821449] Hardware name: linux,dummy-virt (DT) [ 28.821584] Call trace: [ 28.821916] show_stack+0x20/0x38 (C) [ 28.822194] dump_stack_lvl+0x8c/0xd0 [ 28.822417] print_report+0x118/0x608 [ 28.823062] kasan_report_invalid_free+0xc0/0xe8 [ 28.823277] __kasan_mempool_poison_object+0xfc/0x150 [ 28.824019] mempool_free+0x28c/0x328 [ 28.824795] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 28.825474] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 28.826005] kunit_try_run_case+0x170/0x3f0 [ 28.826357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.826501] kthread+0x328/0x630 [ 28.826612] ret_from_fork+0x10/0x20 [ 28.826730] [ 28.826786] The buggy address belongs to the physical page: [ 28.826882] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107730 [ 28.827450] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 28.828402] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 28.828642] page_type: f8(unknown) [ 28.829256] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.829769] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 28.829917] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.830045] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 28.830170] head: 0bfffe0000000002 ffffc1ffc31dcc01 00000000ffffffff 00000000ffffffff [ 28.830873] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 28.831007] page dumped because: kasan: bad access detected [ 28.831434] [ 28.831810] Memory state around the buggy address: [ 28.832324] fff00000c772ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.832441] fff00000c772ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.832816] >fff00000c7730000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.833553] ^ [ 28.833691] fff00000c7730080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.834012] fff00000c7730100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.834145] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 28.660896] ================================================================== [ 28.661129] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 28.661242] Free of addr fff00000c7772100 by task kunit_try_catch/235 [ 28.661380] [ 28.661471] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.661676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.661743] Hardware name: linux,dummy-virt (DT) [ 28.661821] Call trace: [ 28.661937] show_stack+0x20/0x38 (C) [ 28.662308] dump_stack_lvl+0x8c/0xd0 [ 28.662524] print_report+0x118/0x608 [ 28.662651] kasan_report_invalid_free+0xc0/0xe8 [ 28.662792] check_slab_allocation+0xd4/0x108 [ 28.662975] __kasan_mempool_poison_object+0x78/0x150 [ 28.663130] mempool_free+0x28c/0x328 [ 28.663864] mempool_double_free_helper+0x150/0x2e8 [ 28.664009] mempool_kmalloc_double_free+0xc0/0x118 [ 28.664157] kunit_try_run_case+0x170/0x3f0 [ 28.664400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.664648] kthread+0x328/0x630 [ 28.664772] ret_from_fork+0x10/0x20 [ 28.664937] [ 28.664991] Allocated by task 235: [ 28.665131] kasan_save_stack+0x3c/0x68 [ 28.665291] kasan_save_track+0x20/0x40 [ 28.665393] kasan_save_alloc_info+0x40/0x58 [ 28.665518] __kasan_mempool_unpoison_object+0x11c/0x180 [ 28.665631] remove_element+0x130/0x1f8 [ 28.665778] mempool_alloc_preallocated+0x58/0xc0 [ 28.665908] mempool_double_free_helper+0x94/0x2e8 [ 28.666376] mempool_kmalloc_double_free+0xc0/0x118 [ 28.666499] kunit_try_run_case+0x170/0x3f0 [ 28.666877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.667023] kthread+0x328/0x630 [ 28.667211] ret_from_fork+0x10/0x20 [ 28.667418] [ 28.667505] Freed by task 235: [ 28.671977] kasan_save_stack+0x3c/0x68 [ 28.672233] kasan_save_track+0x20/0x40 [ 28.672366] kasan_save_free_info+0x4c/0x78 [ 28.672535] __kasan_mempool_poison_object+0xc0/0x150 [ 28.672726] mempool_free+0x28c/0x328 [ 28.673094] mempool_double_free_helper+0x100/0x2e8 [ 28.673427] mempool_kmalloc_double_free+0xc0/0x118 [ 28.673661] kunit_try_run_case+0x170/0x3f0 [ 28.673902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.674296] kthread+0x328/0x630 [ 28.674662] ret_from_fork+0x10/0x20 [ 28.674931] [ 28.675163] The buggy address belongs to the object at fff00000c7772100 [ 28.675163] which belongs to the cache kmalloc-128 of size 128 [ 28.675410] The buggy address is located 0 bytes inside of [ 28.675410] 128-byte region [fff00000c7772100, fff00000c7772180) [ 28.675893] [ 28.675996] The buggy address belongs to the physical page: [ 28.676131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 28.676268] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.676396] page_type: f5(slab) [ 28.676501] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.677093] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.677573] page dumped because: kasan: bad access detected [ 28.677760] [ 28.677890] Memory state around the buggy address: [ 28.677996] fff00000c7772000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.678201] fff00000c7772080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.678315] >fff00000c7772100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.678417] ^ [ 28.678496] fff00000c7772180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.679031] fff00000c7772200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.679133] ================================================================== [ 28.758808] ================================================================== [ 28.759005] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 28.759167] Free of addr fff00000c7730000 by task kunit_try_catch/239 [ 28.759269] [ 28.759352] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.759550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.759619] Hardware name: linux,dummy-virt (DT) [ 28.759696] Call trace: [ 28.759747] show_stack+0x20/0x38 (C) [ 28.760590] dump_stack_lvl+0x8c/0xd0 [ 28.760869] print_report+0x118/0x608 [ 28.761104] kasan_report_invalid_free+0xc0/0xe8 [ 28.761344] __kasan_mempool_poison_pages+0xe0/0xe8 [ 28.761513] mempool_free+0x24c/0x328 [ 28.761664] mempool_double_free_helper+0x150/0x2e8 [ 28.761872] mempool_page_alloc_double_free+0xbc/0x118 [ 28.762016] kunit_try_run_case+0x170/0x3f0 [ 28.762154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.762292] kthread+0x328/0x630 [ 28.762429] ret_from_fork+0x10/0x20 [ 28.762887] [ 28.762951] The buggy address belongs to the physical page: [ 28.763030] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107730 [ 28.763197] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.763470] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 28.763604] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.763701] page dumped because: kasan: bad access detected [ 28.763809] [ 28.763880] Memory state around the buggy address: [ 28.764302] fff00000c772ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.764415] fff00000c772ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.764522] >fff00000c7730000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.764630] ^ [ 28.764879] fff00000c7730080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.765036] fff00000c7730100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.765511] ================================================================== [ 28.704411] ================================================================== [ 28.704564] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 28.704695] Free of addr fff00000c7730000 by task kunit_try_catch/237 [ 28.707226] [ 28.708472] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.709703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.710130] Hardware name: linux,dummy-virt (DT) [ 28.710578] Call trace: [ 28.711202] show_stack+0x20/0x38 (C) [ 28.711426] dump_stack_lvl+0x8c/0xd0 [ 28.711948] print_report+0x118/0x608 [ 28.712132] kasan_report_invalid_free+0xc0/0xe8 [ 28.712240] __kasan_mempool_poison_object+0x14c/0x150 [ 28.712311] mempool_free+0x28c/0x328 [ 28.712428] mempool_double_free_helper+0x150/0x2e8 [ 28.713088] mempool_kmalloc_large_double_free+0xc0/0x118 [ 28.713182] kunit_try_run_case+0x170/0x3f0 [ 28.713295] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.713438] kthread+0x328/0x630 [ 28.713546] ret_from_fork+0x10/0x20 [ 28.713678] [ 28.713734] The buggy address belongs to the physical page: [ 28.713857] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107730 [ 28.713995] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 28.714158] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 28.714313] page_type: f8(unknown) [ 28.714419] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.714545] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 28.714684] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.714825] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 28.715207] head: 0bfffe0000000002 ffffc1ffc31dcc01 00000000ffffffff 00000000ffffffff [ 28.715346] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 28.715450] page dumped because: kasan: bad access detected [ 28.716681] [ 28.716730] Memory state around the buggy address: [ 28.717090] fff00000c772ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.717521] fff00000c772ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.718261] >fff00000c7730000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.718421] ^ [ 28.718495] fff00000c7730080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.718603] fff00000c7730100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.720204] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 28.535336] ================================================================== [ 28.535480] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 28.535605] Read of size 1 at addr fff00000c7728000 by task kunit_try_catch/229 [ 28.535722] [ 28.535812] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.536034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.536104] Hardware name: linux,dummy-virt (DT) [ 28.536746] Call trace: [ 28.536984] show_stack+0x20/0x38 (C) [ 28.537161] dump_stack_lvl+0x8c/0xd0 [ 28.537305] print_report+0x118/0x608 [ 28.537438] kasan_report+0xdc/0x128 [ 28.538112] __asan_report_load1_noabort+0x20/0x30 [ 28.538255] mempool_uaf_helper+0x314/0x340 [ 28.538765] mempool_kmalloc_large_uaf+0xc4/0x120 [ 28.538992] kunit_try_run_case+0x170/0x3f0 [ 28.539502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.540011] kthread+0x328/0x630 [ 28.540152] ret_from_fork+0x10/0x20 [ 28.540737] [ 28.540799] The buggy address belongs to the physical page: [ 28.541000] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107728 [ 28.541469] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 28.541593] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 28.541736] page_type: f8(unknown) [ 28.541866] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.541994] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 28.542548] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.542685] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 28.542833] head: 0bfffe0000000002 ffffc1ffc31dca01 00000000ffffffff 00000000ffffffff [ 28.543118] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 28.543265] page dumped because: kasan: bad access detected [ 28.543676] [ 28.543862] Memory state around the buggy address: [ 28.543944] fff00000c7727f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.544057] fff00000c7727f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.544169] >fff00000c7728000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.544275] ^ [ 28.544371] fff00000c7728080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.544574] fff00000c7728100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.544777] ================================================================== [ 28.639109] ================================================================== [ 28.639304] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 28.639463] Read of size 1 at addr fff00000c7728000 by task kunit_try_catch/233 [ 28.639599] [ 28.639819] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.640067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.640207] Hardware name: linux,dummy-virt (DT) [ 28.640297] Call trace: [ 28.640361] show_stack+0x20/0x38 (C) [ 28.640511] dump_stack_lvl+0x8c/0xd0 [ 28.640766] print_report+0x118/0x608 [ 28.641073] kasan_report+0xdc/0x128 [ 28.641411] __asan_report_load1_noabort+0x20/0x30 [ 28.641568] mempool_uaf_helper+0x314/0x340 [ 28.641699] mempool_page_alloc_uaf+0xc0/0x118 [ 28.641832] kunit_try_run_case+0x170/0x3f0 [ 28.641997] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.642220] kthread+0x328/0x630 [ 28.642360] ret_from_fork+0x10/0x20 [ 28.642601] [ 28.642666] The buggy address belongs to the physical page: [ 28.642746] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107728 [ 28.642907] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.643063] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 28.643213] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 28.643390] page dumped because: kasan: bad access detected [ 28.643482] [ 28.643539] Memory state around the buggy address: [ 28.643697] fff00000c7727f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.643829] fff00000c7727f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.643979] >fff00000c7728000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.644244] ^ [ 28.644323] fff00000c7728080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.644436] fff00000c7728100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 28.644550] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 28.482708] ================================================================== [ 28.487360] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 28.487513] Read of size 1 at addr fff00000c60a5d00 by task kunit_try_catch/227 [ 28.487633] [ 28.487716] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.487971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.488044] Hardware name: linux,dummy-virt (DT) [ 28.488132] Call trace: [ 28.488194] show_stack+0x20/0x38 (C) [ 28.488323] dump_stack_lvl+0x8c/0xd0 [ 28.488462] print_report+0x118/0x608 [ 28.488576] kasan_report+0xdc/0x128 [ 28.488682] __asan_report_load1_noabort+0x20/0x30 [ 28.488807] mempool_uaf_helper+0x314/0x340 [ 28.492007] mempool_kmalloc_uaf+0xc4/0x120 [ 28.492144] kunit_try_run_case+0x170/0x3f0 [ 28.492300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.492533] kthread+0x328/0x630 [ 28.493486] ret_from_fork+0x10/0x20 [ 28.493955] [ 28.494646] Allocated by task 227: [ 28.495219] kasan_save_stack+0x3c/0x68 [ 28.495998] kasan_save_track+0x20/0x40 [ 28.496421] kasan_save_alloc_info+0x40/0x58 [ 28.496532] __kasan_mempool_unpoison_object+0x11c/0x180 [ 28.496643] remove_element+0x130/0x1f8 [ 28.496743] mempool_alloc_preallocated+0x58/0xc0 [ 28.496859] mempool_uaf_helper+0xa4/0x340 [ 28.499109] mempool_kmalloc_uaf+0xc4/0x120 [ 28.500099] kunit_try_run_case+0x170/0x3f0 [ 28.500582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.500700] kthread+0x328/0x630 [ 28.500792] ret_from_fork+0x10/0x20 [ 28.500907] [ 28.500953] Freed by task 227: [ 28.501018] kasan_save_stack+0x3c/0x68 [ 28.503659] kasan_save_track+0x20/0x40 [ 28.503824] kasan_save_free_info+0x4c/0x78 [ 28.504648] __kasan_mempool_poison_object+0xc0/0x150 [ 28.505480] mempool_free+0x28c/0x328 [ 28.505614] mempool_uaf_helper+0x104/0x340 [ 28.505720] mempool_kmalloc_uaf+0xc4/0x120 [ 28.505827] kunit_try_run_case+0x170/0x3f0 [ 28.507598] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.508333] kthread+0x328/0x630 [ 28.508577] ret_from_fork+0x10/0x20 [ 28.508704] [ 28.508752] The buggy address belongs to the object at fff00000c60a5d00 [ 28.508752] which belongs to the cache kmalloc-128 of size 128 [ 28.508911] The buggy address is located 0 bytes inside of [ 28.508911] freed 128-byte region [fff00000c60a5d00, fff00000c60a5d80) [ 28.509061] [ 28.509116] The buggy address belongs to the physical page: [ 28.509242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060a5 [ 28.509626] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.509848] page_type: f5(slab) [ 28.509970] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.510110] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.510799] page dumped because: kasan: bad access detected [ 28.510926] [ 28.510995] Memory state around the buggy address: [ 28.511186] fff00000c60a5c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.511640] fff00000c60a5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.511907] >fff00000c60a5d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.512105] ^ [ 28.512180] fff00000c60a5d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.512357] fff00000c60a5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.512497] ================================================================== [ 28.576713] ================================================================== [ 28.577090] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 28.577478] Read of size 1 at addr fff00000c7772240 by task kunit_try_catch/231 [ 28.577805] [ 28.578143] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.578913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.578985] Hardware name: linux,dummy-virt (DT) [ 28.579066] Call trace: [ 28.580221] show_stack+0x20/0x38 (C) [ 28.580427] dump_stack_lvl+0x8c/0xd0 [ 28.581633] print_report+0x118/0x608 [ 28.582324] kasan_report+0xdc/0x128 [ 28.582687] __asan_report_load1_noabort+0x20/0x30 [ 28.583308] mempool_uaf_helper+0x314/0x340 [ 28.583827] mempool_slab_uaf+0xc0/0x118 [ 28.583978] kunit_try_run_case+0x170/0x3f0 [ 28.584105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.584239] kthread+0x328/0x630 [ 28.584347] ret_from_fork+0x10/0x20 [ 28.586601] [ 28.586901] Allocated by task 231: [ 28.587408] kasan_save_stack+0x3c/0x68 [ 28.587516] kasan_save_track+0x20/0x40 [ 28.588046] kasan_save_alloc_info+0x40/0x58 [ 28.588478] __kasan_mempool_unpoison_object+0xbc/0x180 [ 28.589178] remove_element+0x16c/0x1f8 [ 28.589291] mempool_alloc_preallocated+0x58/0xc0 [ 28.589402] mempool_uaf_helper+0xa4/0x340 [ 28.589554] mempool_slab_uaf+0xc0/0x118 [ 28.589724] kunit_try_run_case+0x170/0x3f0 [ 28.590201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.590335] kthread+0x328/0x630 [ 28.590509] ret_from_fork+0x10/0x20 [ 28.590615] [ 28.590745] Freed by task 231: [ 28.590882] kasan_save_stack+0x3c/0x68 [ 28.591054] kasan_save_track+0x20/0x40 [ 28.591156] kasan_save_free_info+0x4c/0x78 [ 28.591255] __kasan_mempool_poison_object+0xc0/0x150 [ 28.591360] mempool_free+0x28c/0x328 [ 28.591449] mempool_uaf_helper+0x104/0x340 [ 28.591593] mempool_slab_uaf+0xc0/0x118 [ 28.591719] kunit_try_run_case+0x170/0x3f0 [ 28.591983] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.592315] kthread+0x328/0x630 [ 28.592408] ret_from_fork+0x10/0x20 [ 28.592504] [ 28.592607] The buggy address belongs to the object at fff00000c7772240 [ 28.592607] which belongs to the cache test_cache of size 123 [ 28.592914] The buggy address is located 0 bytes inside of [ 28.592914] freed 123-byte region [fff00000c7772240, fff00000c77722bb) [ 28.593144] [ 28.593211] The buggy address belongs to the physical page: [ 28.593340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 28.593516] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.593657] page_type: f5(slab) [ 28.593799] raw: 0bfffe0000000000 fff00000c7770000 dead000000000122 0000000000000000 [ 28.593953] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 28.594080] page dumped because: kasan: bad access detected [ 28.594207] [ 28.594281] Memory state around the buggy address: [ 28.594400] fff00000c7772100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.594509] fff00000c7772180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.594652] >fff00000c7772200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 28.594803] ^ [ 28.595065] fff00000c7772280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.595199] fff00000c7772300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.595298] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 28.404095] ================================================================== [ 28.404276] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 28.404432] Read of size 1 at addr fff00000c77642bb by task kunit_try_catch/225 [ 28.404572] [ 28.404966] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.405354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.405481] Hardware name: linux,dummy-virt (DT) [ 28.405567] Call trace: [ 28.405633] show_stack+0x20/0x38 (C) [ 28.405763] dump_stack_lvl+0x8c/0xd0 [ 28.405914] print_report+0x118/0x608 [ 28.406042] kasan_report+0xdc/0x128 [ 28.406165] __asan_report_load1_noabort+0x20/0x30 [ 28.406386] mempool_oob_right_helper+0x2ac/0x2f0 [ 28.406548] mempool_slab_oob_right+0xc0/0x118 [ 28.406918] kunit_try_run_case+0x170/0x3f0 [ 28.407066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.407198] kthread+0x328/0x630 [ 28.407341] ret_from_fork+0x10/0x20 [ 28.407651] [ 28.407805] Allocated by task 225: [ 28.407908] kasan_save_stack+0x3c/0x68 [ 28.408023] kasan_save_track+0x20/0x40 [ 28.408136] kasan_save_alloc_info+0x40/0x58 [ 28.408240] __kasan_mempool_unpoison_object+0xbc/0x180 [ 28.408346] remove_element+0x16c/0x1f8 [ 28.408505] mempool_alloc_preallocated+0x58/0xc0 [ 28.408649] mempool_oob_right_helper+0x98/0x2f0 [ 28.408757] mempool_slab_oob_right+0xc0/0x118 [ 28.408886] kunit_try_run_case+0x170/0x3f0 [ 28.409099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.409233] kthread+0x328/0x630 [ 28.409331] ret_from_fork+0x10/0x20 [ 28.409597] [ 28.409648] The buggy address belongs to the object at fff00000c7764240 [ 28.409648] which belongs to the cache test_cache of size 123 [ 28.409975] The buggy address is located 0 bytes to the right of [ 28.409975] allocated 123-byte region [fff00000c7764240, fff00000c77642bb) [ 28.410475] [ 28.410606] The buggy address belongs to the physical page: [ 28.410727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107764 [ 28.410912] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.411094] page_type: f5(slab) [ 28.411219] raw: 0bfffe0000000000 fff00000c59addc0 dead000000000122 0000000000000000 [ 28.411463] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 28.411569] page dumped because: kasan: bad access detected [ 28.411695] [ 28.411860] Memory state around the buggy address: [ 28.411976] fff00000c7764180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.412088] fff00000c7764200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 28.412195] >fff00000c7764280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 28.412288] ^ [ 28.412366] fff00000c7764300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.412477] fff00000c7764380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.412736] ================================================================== [ 28.365782] ================================================================== [ 28.366663] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 28.366820] Read of size 1 at addr fff00000c772a001 by task kunit_try_catch/223 [ 28.366958] [ 28.367042] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.367243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.367915] Hardware name: linux,dummy-virt (DT) [ 28.368022] Call trace: [ 28.368176] show_stack+0x20/0x38 (C) [ 28.368321] dump_stack_lvl+0x8c/0xd0 [ 28.368875] print_report+0x118/0x608 [ 28.369410] kasan_report+0xdc/0x128 [ 28.369597] __asan_report_load1_noabort+0x20/0x30 [ 28.369733] mempool_oob_right_helper+0x2ac/0x2f0 [ 28.369889] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 28.370052] kunit_try_run_case+0x170/0x3f0 [ 28.370185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.370317] kthread+0x328/0x630 [ 28.370473] ret_from_fork+0x10/0x20 [ 28.370636] [ 28.370689] The buggy address belongs to the physical page: [ 28.370779] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107728 [ 28.371031] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 28.371322] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 28.371459] page_type: f8(unknown) [ 28.371565] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.372710] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 28.372874] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 28.372999] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 28.373976] head: 0bfffe0000000002 ffffc1ffc31dca01 00000000ffffffff 00000000ffffffff [ 28.374120] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 28.374334] page dumped because: kasan: bad access detected [ 28.374419] [ 28.374464] Memory state around the buggy address: [ 28.374633] fff00000c7729f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.374998] fff00000c7729f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.375231] >fff00000c772a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 28.375452] ^ [ 28.375523] fff00000c772a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 28.376109] fff00000c772a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 28.376314] ================================================================== [ 28.335414] ================================================================== [ 28.335503] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 28.335596] Read of size 1 at addr fff00000c60a5973 by task kunit_try_catch/221 [ 28.335657] [ 28.335706] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 28.335827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.335891] Hardware name: linux,dummy-virt (DT) [ 28.335935] Call trace: [ 28.335967] show_stack+0x20/0x38 (C) [ 28.336035] dump_stack_lvl+0x8c/0xd0 [ 28.336101] print_report+0x118/0x608 [ 28.336160] kasan_report+0xdc/0x128 [ 28.336217] __asan_report_load1_noabort+0x20/0x30 [ 28.336279] mempool_oob_right_helper+0x2ac/0x2f0 [ 28.336340] mempool_kmalloc_oob_right+0xc4/0x120 [ 28.336400] kunit_try_run_case+0x170/0x3f0 [ 28.336464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.336527] kthread+0x328/0x630 [ 28.336583] ret_from_fork+0x10/0x20 [ 28.336644] [ 28.336667] Allocated by task 221: [ 28.336704] kasan_save_stack+0x3c/0x68 [ 28.336758] kasan_save_track+0x20/0x40 [ 28.336806] kasan_save_alloc_info+0x40/0x58 [ 28.336880] __kasan_mempool_unpoison_object+0x11c/0x180 [ 28.336939] remove_element+0x130/0x1f8 [ 28.336987] mempool_alloc_preallocated+0x58/0xc0 [ 28.337037] mempool_oob_right_helper+0x98/0x2f0 [ 28.337172] mempool_kmalloc_oob_right+0xc4/0x120 [ 28.337278] kunit_try_run_case+0x170/0x3f0 [ 28.337380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.337497] kthread+0x328/0x630 [ 28.337585] ret_from_fork+0x10/0x20 [ 28.337677] [ 28.337728] The buggy address belongs to the object at fff00000c60a5900 [ 28.337728] which belongs to the cache kmalloc-128 of size 128 [ 28.337886] The buggy address is located 0 bytes to the right of [ 28.337886] allocated 115-byte region [fff00000c60a5900, fff00000c60a5973) [ 28.337975] [ 28.338001] The buggy address belongs to the physical page: [ 28.338041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060a5 [ 28.338111] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 28.338179] page_type: f5(slab) [ 28.338231] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 28.338293] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.338344] page dumped because: kasan: bad access detected [ 28.338380] [ 28.338403] Memory state around the buggy address: [ 28.338444] fff00000c60a5800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.338500] fff00000c60a5880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.338555] >fff00000c60a5900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.338605] ^ [ 28.338655] fff00000c60a5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.338709] fff00000c60a5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 28.338757] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 27.748316] ================================================================== [ 27.748493] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 27.748721] Read of size 1 at addr fff00000c770b140 by task kunit_try_catch/215 [ 27.748966] [ 27.749127] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 27.749412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.749519] Hardware name: linux,dummy-virt (DT) [ 27.749623] Call trace: [ 27.749689] show_stack+0x20/0x38 (C) [ 27.749942] dump_stack_lvl+0x8c/0xd0 [ 27.750118] print_report+0x118/0x608 [ 27.750247] kasan_report+0xdc/0x128 [ 27.750454] __kasan_check_byte+0x54/0x70 [ 27.750648] kmem_cache_destroy+0x34/0x218 [ 27.750773] kmem_cache_double_destroy+0x174/0x300 [ 27.750917] kunit_try_run_case+0x170/0x3f0 [ 27.751047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.751178] kthread+0x328/0x630 [ 27.751299] ret_from_fork+0x10/0x20 [ 27.751579] [ 27.751656] Allocated by task 215: [ 27.751755] kasan_save_stack+0x3c/0x68 [ 27.751908] kasan_save_track+0x20/0x40 [ 27.752200] kasan_save_alloc_info+0x40/0x58 [ 27.752359] __kasan_slab_alloc+0xa8/0xb0 [ 27.752467] kmem_cache_alloc_noprof+0x10c/0x398 [ 27.752697] __kmem_cache_create_args+0x178/0x280 [ 27.752882] kmem_cache_double_destroy+0xc0/0x300 [ 27.752995] kunit_try_run_case+0x170/0x3f0 [ 27.753175] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.753292] kthread+0x328/0x630 [ 27.753389] ret_from_fork+0x10/0x20 [ 27.753521] [ 27.753578] Freed by task 215: [ 27.753778] kasan_save_stack+0x3c/0x68 [ 27.753902] kasan_save_track+0x20/0x40 [ 27.754021] kasan_save_free_info+0x4c/0x78 [ 27.754147] __kasan_slab_free+0x6c/0x98 [ 27.754300] kmem_cache_free+0x260/0x468 [ 27.754397] slab_kmem_cache_release+0x38/0x50 [ 27.754519] kmem_cache_release+0x1c/0x30 [ 27.754710] kobject_put+0x17c/0x420 [ 27.754815] sysfs_slab_release+0x1c/0x30 [ 27.754931] kmem_cache_destroy+0x118/0x218 [ 27.755034] kmem_cache_double_destroy+0x128/0x300 [ 27.755152] kunit_try_run_case+0x170/0x3f0 [ 27.755380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.755812] kthread+0x328/0x630 [ 27.755932] ret_from_fork+0x10/0x20 [ 27.756078] [ 27.756135] The buggy address belongs to the object at fff00000c770b140 [ 27.756135] which belongs to the cache kmem_cache of size 208 [ 27.756283] The buggy address is located 0 bytes inside of [ 27.756283] freed 208-byte region [fff00000c770b140, fff00000c770b210) [ 27.756668] [ 27.756737] The buggy address belongs to the physical page: [ 27.757044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10770b [ 27.757195] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.757338] page_type: f5(slab) [ 27.757675] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 27.757819] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 27.758098] page dumped because: kasan: bad access detected [ 27.758181] [ 27.758238] Memory state around the buggy address: [ 27.758419] fff00000c770b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.758568] fff00000c770b080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 27.758819] >fff00000c770b100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 27.758991] ^ [ 27.759084] fff00000c770b180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.759194] fff00000c770b200: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.759354] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 27.340191] ================================================================== [ 27.340419] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 27.340949] Read of size 1 at addr fff00000c7708000 by task kunit_try_catch/213 [ 27.341931] [ 27.342094] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 27.342294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.342700] Hardware name: linux,dummy-virt (DT) [ 27.343253] Call trace: [ 27.343735] show_stack+0x20/0x38 (C) [ 27.344268] dump_stack_lvl+0x8c/0xd0 [ 27.344811] print_report+0x118/0x608 [ 27.344962] kasan_report+0xdc/0x128 [ 27.345140] __asan_report_load1_noabort+0x20/0x30 [ 27.345444] kmem_cache_rcu_uaf+0x388/0x468 [ 27.345771] kunit_try_run_case+0x170/0x3f0 [ 27.345951] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.346201] kthread+0x328/0x630 [ 27.346318] ret_from_fork+0x10/0x20 [ 27.346463] [ 27.346604] Allocated by task 213: [ 27.346771] kasan_save_stack+0x3c/0x68 [ 27.346901] kasan_save_track+0x20/0x40 [ 27.347083] kasan_save_alloc_info+0x40/0x58 [ 27.347262] __kasan_slab_alloc+0xa8/0xb0 [ 27.347377] kmem_cache_alloc_noprof+0x10c/0x398 [ 27.347494] kmem_cache_rcu_uaf+0x12c/0x468 [ 27.347615] kunit_try_run_case+0x170/0x3f0 [ 27.347823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.347995] kthread+0x328/0x630 [ 27.348088] ret_from_fork+0x10/0x20 [ 27.348178] [ 27.348235] Freed by task 0: [ 27.348371] kasan_save_stack+0x3c/0x68 [ 27.348476] kasan_save_track+0x20/0x40 [ 27.348586] kasan_save_free_info+0x4c/0x78 [ 27.348768] __kasan_slab_free+0x6c/0x98 [ 27.348920] slab_free_after_rcu_debug+0xd4/0x2f8 [ 27.349090] rcu_core+0x9f4/0x1e20 [ 27.349159] rcu_core_si+0x18/0x30 [ 27.349246] handle_softirqs+0x374/0xb28 [ 27.349369] __do_softirq+0x1c/0x28 [ 27.349578] [ 27.349634] Last potentially related work creation: [ 27.349708] kasan_save_stack+0x3c/0x68 [ 27.349976] kasan_record_aux_stack+0xb4/0xc8 [ 27.350113] kmem_cache_free+0x120/0x468 [ 27.350350] kmem_cache_rcu_uaf+0x16c/0x468 [ 27.350450] kunit_try_run_case+0x170/0x3f0 [ 27.350554] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.350713] kthread+0x328/0x630 [ 27.350978] ret_from_fork+0x10/0x20 [ 27.351109] [ 27.351238] The buggy address belongs to the object at fff00000c7708000 [ 27.351238] which belongs to the cache test_cache of size 200 [ 27.351443] The buggy address is located 0 bytes inside of [ 27.351443] freed 200-byte region [fff00000c7708000, fff00000c77080c8) [ 27.351596] [ 27.351717] The buggy address belongs to the physical page: [ 27.351815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107708 [ 27.351970] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.352110] page_type: f5(slab) [ 27.352757] raw: 0bfffe0000000000 fff00000c770b000 dead000000000122 0000000000000000 [ 27.352931] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 27.353046] page dumped because: kasan: bad access detected [ 27.353547] [ 27.354064] Memory state around the buggy address: [ 27.354379] fff00000c7707f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.354769] fff00000c7707f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.354900] >fff00000c7708000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.355011] ^ [ 27.355094] fff00000c7708080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 27.355203] fff00000c7708100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.355366] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 26.851704] ================================================================== [ 26.853233] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 26.853732] Free of addr fff00000c770c001 by task kunit_try_catch/211 [ 26.853863] [ 26.853959] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.854207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.854277] Hardware name: linux,dummy-virt (DT) [ 26.854501] Call trace: [ 26.854669] show_stack+0x20/0x38 (C) [ 26.854806] dump_stack_lvl+0x8c/0xd0 [ 26.854953] print_report+0x118/0x608 [ 26.855128] kasan_report_invalid_free+0xc0/0xe8 [ 26.855261] check_slab_allocation+0xfc/0x108 [ 26.855387] __kasan_slab_pre_free+0x2c/0x48 [ 26.855504] kmem_cache_free+0xf0/0x468 [ 26.855622] kmem_cache_invalid_free+0x184/0x3c8 [ 26.855745] kunit_try_run_case+0x170/0x3f0 [ 26.856674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.857149] kthread+0x328/0x630 [ 26.857559] ret_from_fork+0x10/0x20 [ 26.857682] [ 26.857728] Allocated by task 211: [ 26.857801] kasan_save_stack+0x3c/0x68 [ 26.857922] kasan_save_track+0x20/0x40 [ 26.860100] kasan_save_alloc_info+0x40/0x58 [ 26.860511] __kasan_slab_alloc+0xa8/0xb0 [ 26.861023] kmem_cache_alloc_noprof+0x10c/0x398 [ 26.861179] kmem_cache_invalid_free+0x12c/0x3c8 [ 26.861567] kunit_try_run_case+0x170/0x3f0 [ 26.862703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.863325] kthread+0x328/0x630 [ 26.863418] ret_from_fork+0x10/0x20 [ 26.863510] [ 26.863557] The buggy address belongs to the object at fff00000c770c000 [ 26.863557] which belongs to the cache test_cache of size 200 [ 26.863702] The buggy address is located 1 bytes inside of [ 26.863702] 200-byte region [fff00000c770c000, fff00000c770c0c8) [ 26.866263] [ 26.866717] The buggy address belongs to the physical page: [ 26.867155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10770c [ 26.867298] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.867420] page_type: f5(slab) [ 26.867521] raw: 0bfffe0000000000 fff00000c1725dc0 dead000000000122 0000000000000000 [ 26.869802] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 26.870330] page dumped because: kasan: bad access detected [ 26.870893] [ 26.871365] Memory state around the buggy address: [ 26.871451] fff00000c770bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.871558] fff00000c770bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.872901] >fff00000c770c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.873387] ^ [ 26.873493] fff00000c770c080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 26.873957] fff00000c770c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.874294] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 26.770042] ================================================================== [ 26.770193] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 26.770435] Free of addr fff00000c7735000 by task kunit_try_catch/209 [ 26.770552] [ 26.770679] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.771016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.771165] Hardware name: linux,dummy-virt (DT) [ 26.771341] Call trace: [ 26.771422] show_stack+0x20/0x38 (C) [ 26.771559] dump_stack_lvl+0x8c/0xd0 [ 26.771697] print_report+0x118/0x608 [ 26.771854] kasan_report_invalid_free+0xc0/0xe8 [ 26.771998] check_slab_allocation+0xd4/0x108 [ 26.772206] __kasan_slab_pre_free+0x2c/0x48 [ 26.772358] kmem_cache_free+0xf0/0x468 [ 26.772595] kmem_cache_double_free+0x190/0x3c8 [ 26.772895] kunit_try_run_case+0x170/0x3f0 [ 26.773121] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.773350] kthread+0x328/0x630 [ 26.773485] ret_from_fork+0x10/0x20 [ 26.773656] [ 26.773707] Allocated by task 209: [ 26.773781] kasan_save_stack+0x3c/0x68 [ 26.773906] kasan_save_track+0x20/0x40 [ 26.774001] kasan_save_alloc_info+0x40/0x58 [ 26.774109] __kasan_slab_alloc+0xa8/0xb0 [ 26.774229] kmem_cache_alloc_noprof+0x10c/0x398 [ 26.774409] kmem_cache_double_free+0x12c/0x3c8 [ 26.774526] kunit_try_run_case+0x170/0x3f0 [ 26.774632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.774781] kthread+0x328/0x630 [ 26.775001] ret_from_fork+0x10/0x20 [ 26.775289] [ 26.775345] Freed by task 209: [ 26.775488] kasan_save_stack+0x3c/0x68 [ 26.775589] kasan_save_track+0x20/0x40 [ 26.775728] kasan_save_free_info+0x4c/0x78 [ 26.776609] __kasan_slab_free+0x6c/0x98 [ 26.776997] kmem_cache_free+0x260/0x468 [ 26.778075] kmem_cache_double_free+0x140/0x3c8 [ 26.778319] kunit_try_run_case+0x170/0x3f0 [ 26.778490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.778600] kthread+0x328/0x630 [ 26.778705] ret_from_fork+0x10/0x20 [ 26.778801] [ 26.778896] The buggy address belongs to the object at fff00000c7735000 [ 26.778896] which belongs to the cache test_cache of size 200 [ 26.779175] The buggy address is located 0 bytes inside of [ 26.779175] 200-byte region [fff00000c7735000, fff00000c77350c8) [ 26.779318] [ 26.779373] The buggy address belongs to the physical page: [ 26.779448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107735 [ 26.779637] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.779813] page_type: f5(slab) [ 26.779944] raw: 0bfffe0000000000 fff00000ffeb4000 dead000000000122 0000000000000000 [ 26.780208] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 26.780329] page dumped because: kasan: bad access detected [ 26.780418] [ 26.780475] Memory state around the buggy address: [ 26.780564] fff00000c7734f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.780678] fff00000c7734f80: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 26.780886] >fff00000c7735000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.781000] ^ [ 26.781157] fff00000c7735080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 26.781277] fff00000c7735100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.781386] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 26.447068] ================================================================== [ 26.447290] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 26.447513] Read of size 1 at addr fff00000c773a0c8 by task kunit_try_catch/207 [ 26.447648] [ 26.447737] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.447975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.448237] Hardware name: linux,dummy-virt (DT) [ 26.448460] Call trace: [ 26.448538] show_stack+0x20/0x38 (C) [ 26.449014] dump_stack_lvl+0x8c/0xd0 [ 26.449802] print_report+0x118/0x608 [ 26.450046] kasan_report+0xdc/0x128 [ 26.450173] __asan_report_load1_noabort+0x20/0x30 [ 26.450369] kmem_cache_oob+0x344/0x430 [ 26.450487] kunit_try_run_case+0x170/0x3f0 [ 26.450618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.450832] kthread+0x328/0x630 [ 26.451118] ret_from_fork+0x10/0x20 [ 26.451463] [ 26.451508] Allocated by task 207: [ 26.451579] kasan_save_stack+0x3c/0x68 [ 26.451674] kasan_save_track+0x20/0x40 [ 26.451822] kasan_save_alloc_info+0x40/0x58 [ 26.451948] __kasan_slab_alloc+0xa8/0xb0 [ 26.452065] kmem_cache_alloc_noprof+0x10c/0x398 [ 26.452690] kmem_cache_oob+0x12c/0x430 [ 26.452811] kunit_try_run_case+0x170/0x3f0 [ 26.452946] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.453198] kthread+0x328/0x630 [ 26.453320] ret_from_fork+0x10/0x20 [ 26.453421] [ 26.453476] The buggy address belongs to the object at fff00000c773a000 [ 26.453476] which belongs to the cache test_cache of size 200 [ 26.453632] The buggy address is located 0 bytes to the right of [ 26.453632] allocated 200-byte region [fff00000c773a000, fff00000c773a0c8) [ 26.453798] [ 26.453943] The buggy address belongs to the physical page: [ 26.454061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10773a [ 26.454202] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.454346] page_type: f5(slab) [ 26.454566] raw: 0bfffe0000000000 fff00000c1725c80 dead000000000122 0000000000000000 [ 26.454938] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 26.455392] page dumped because: kasan: bad access detected [ 26.455477] [ 26.455519] Memory state around the buggy address: [ 26.455598] fff00000c7739f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.455708] fff00000c773a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.455827] >fff00000c773a080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 26.455944] ^ [ 26.456349] fff00000c773a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.456696] fff00000c773a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.456797] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 26.373608] ================================================================== [ 26.373780] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 26.373947] Read of size 8 at addr fff00000c773e440 by task kunit_try_catch/200 [ 26.374093] [ 26.374200] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.374421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.374617] Hardware name: linux,dummy-virt (DT) [ 26.374734] Call trace: [ 26.374829] show_stack+0x20/0x38 (C) [ 26.374977] dump_stack_lvl+0x8c/0xd0 [ 26.375095] print_report+0x118/0x608 [ 26.375214] kasan_report+0xdc/0x128 [ 26.375331] __asan_report_load8_noabort+0x20/0x30 [ 26.375513] workqueue_uaf+0x480/0x4a8 [ 26.375629] kunit_try_run_case+0x170/0x3f0 [ 26.375748] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.375916] kthread+0x328/0x630 [ 26.376094] ret_from_fork+0x10/0x20 [ 26.376315] [ 26.376389] Allocated by task 200: [ 26.376501] kasan_save_stack+0x3c/0x68 [ 26.376688] kasan_save_track+0x20/0x40 [ 26.376796] kasan_save_alloc_info+0x40/0x58 [ 26.376988] __kasan_kmalloc+0xd4/0xd8 [ 26.377147] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.377269] workqueue_uaf+0x13c/0x4a8 [ 26.377388] kunit_try_run_case+0x170/0x3f0 [ 26.377585] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.377769] kthread+0x328/0x630 [ 26.377881] ret_from_fork+0x10/0x20 [ 26.377979] [ 26.378046] Freed by task 75: [ 26.378143] kasan_save_stack+0x3c/0x68 [ 26.378258] kasan_save_track+0x20/0x40 [ 26.378375] kasan_save_free_info+0x4c/0x78 [ 26.378485] __kasan_slab_free+0x6c/0x98 [ 26.378589] kfree+0x214/0x3c8 [ 26.378680] workqueue_uaf_work+0x18/0x30 [ 26.378771] process_one_work+0x530/0xf98 [ 26.378885] worker_thread+0x618/0xf38 [ 26.379082] kthread+0x328/0x630 [ 26.379188] ret_from_fork+0x10/0x20 [ 26.379401] [ 26.379457] Last potentially related work creation: [ 26.379539] kasan_save_stack+0x3c/0x68 [ 26.379810] kasan_record_aux_stack+0xb4/0xc8 [ 26.380045] __queue_work+0x65c/0x1008 [ 26.380183] queue_work_on+0xbc/0xf8 [ 26.380387] workqueue_uaf+0x210/0x4a8 [ 26.380576] kunit_try_run_case+0x170/0x3f0 [ 26.380676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.380782] kthread+0x328/0x630 [ 26.380900] ret_from_fork+0x10/0x20 [ 26.381000] [ 26.381545] The buggy address belongs to the object at fff00000c773e440 [ 26.381545] which belongs to the cache kmalloc-32 of size 32 [ 26.381968] The buggy address is located 0 bytes inside of [ 26.381968] freed 32-byte region [fff00000c773e440, fff00000c773e460) [ 26.382134] [ 26.382188] The buggy address belongs to the physical page: [ 26.382296] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10773e [ 26.382445] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.382578] page_type: f5(slab) [ 26.383547] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 26.384203] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 26.384501] page dumped because: kasan: bad access detected [ 26.385167] [ 26.385307] Memory state around the buggy address: [ 26.386135] fff00000c773e300: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 26.386345] fff00000c773e380: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.386451] >fff00000c773e400: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 26.386920] ^ [ 26.387253] fff00000c773e480: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.387606] fff00000c773e500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.388237] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 26.306313] ================================================================== [ 26.306545] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 26.309457] Read of size 4 at addr fff00000c773e240 by task swapper/0/0 [ 26.310109] [ 26.310201] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.311496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.311570] Hardware name: linux,dummy-virt (DT) [ 26.312609] Call trace: [ 26.313099] show_stack+0x20/0x38 (C) [ 26.313272] dump_stack_lvl+0x8c/0xd0 [ 26.313404] print_report+0x118/0x608 [ 26.314375] kasan_report+0xdc/0x128 [ 26.314498] __asan_report_load4_noabort+0x20/0x30 [ 26.314628] rcu_uaf_reclaim+0x64/0x70 [ 26.314742] rcu_core+0x9f4/0x1e20 [ 26.317492] rcu_core_si+0x18/0x30 [ 26.318691] handle_softirqs+0x374/0xb28 [ 26.319098] __do_softirq+0x1c/0x28 [ 26.319641] ____do_softirq+0x18/0x30 [ 26.320919] call_on_irq_stack+0x24/0x30 [ 26.321381] do_softirq_own_stack+0x24/0x38 [ 26.321520] __irq_exit_rcu+0x1fc/0x318 [ 26.322486] irq_exit_rcu+0x1c/0x80 [ 26.322608] el1_interrupt+0x38/0x58 [ 26.322728] el1h_64_irq_handler+0x18/0x28 [ 26.322864] el1h_64_irq+0x6c/0x70 [ 26.323562] arch_local_irq_enable+0x4/0x8 (P) [ 26.323704] do_idle+0x384/0x4e8 [ 26.323830] cpu_startup_entry+0x64/0x80 [ 26.323970] rest_init+0x160/0x188 [ 26.324109] start_kernel+0x30c/0x3d0 [ 26.324297] __primary_switched+0x8c/0xa0 [ 26.324609] [ 26.324664] Allocated by task 198: [ 26.324876] kasan_save_stack+0x3c/0x68 [ 26.324991] kasan_save_track+0x20/0x40 [ 26.325195] kasan_save_alloc_info+0x40/0x58 [ 26.325312] __kasan_kmalloc+0xd4/0xd8 [ 26.325426] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.325551] rcu_uaf+0xb0/0x2d8 [ 26.325641] kunit_try_run_case+0x170/0x3f0 [ 26.326124] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.326411] kthread+0x328/0x630 [ 26.326596] ret_from_fork+0x10/0x20 [ 26.326822] [ 26.326890] Freed by task 0: [ 26.326971] kasan_save_stack+0x3c/0x68 [ 26.327296] kasan_save_track+0x20/0x40 [ 26.327418] kasan_save_free_info+0x4c/0x78 [ 26.327537] __kasan_slab_free+0x6c/0x98 [ 26.327826] kfree+0x214/0x3c8 [ 26.327941] rcu_uaf_reclaim+0x28/0x70 [ 26.328052] rcu_core+0x9f4/0x1e20 [ 26.328102] rcu_core_si+0x18/0x30 [ 26.328147] handle_softirqs+0x374/0xb28 [ 26.328194] __do_softirq+0x1c/0x28 [ 26.328239] [ 26.328279] Last potentially related work creation: [ 26.328325] kasan_save_stack+0x3c/0x68 [ 26.328379] kasan_record_aux_stack+0xb4/0xc8 [ 26.328432] __call_rcu_common.constprop.0+0x70/0x8b0 [ 26.328484] call_rcu+0x18/0x30 [ 26.328523] rcu_uaf+0x14c/0x2d8 [ 26.328563] kunit_try_run_case+0x170/0x3f0 [ 26.328610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.328666] kthread+0x328/0x630 [ 26.328705] ret_from_fork+0x10/0x20 [ 26.328758] [ 26.328792] The buggy address belongs to the object at fff00000c773e240 [ 26.328792] which belongs to the cache kmalloc-32 of size 32 [ 26.328916] The buggy address is located 0 bytes inside of [ 26.328916] freed 32-byte region [fff00000c773e240, fff00000c773e260) [ 26.329595] [ 26.330061] The buggy address belongs to the physical page: [ 26.330619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10773e [ 26.331347] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.331475] page_type: f5(slab) [ 26.331581] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 26.331705] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 26.331814] page dumped because: kasan: bad access detected [ 26.331908] [ 26.331957] Memory state around the buggy address: [ 26.332040] fff00000c773e100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.332145] fff00000c773e180: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 26.333282] >fff00000c773e200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.333384] ^ [ 26.333480] fff00000c773e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.333643] fff00000c773e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.333751] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 26.082418] ================================================================== [ 26.082563] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 26.083196] Read of size 1 at addr fff00000c7747800 by task kunit_try_catch/196 [ 26.083319] [ 26.083395] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.083612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.083680] Hardware name: linux,dummy-virt (DT) [ 26.083750] Call trace: [ 26.083814] show_stack+0x20/0x38 (C) [ 26.083969] dump_stack_lvl+0x8c/0xd0 [ 26.085094] print_report+0x118/0x608 [ 26.085247] kasan_report+0xdc/0x128 [ 26.085378] __kasan_check_byte+0x54/0x70 [ 26.085505] ksize+0x30/0x88 [ 26.085627] ksize_uaf+0x168/0x5f8 [ 26.085753] kunit_try_run_case+0x170/0x3f0 [ 26.086073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.086209] kthread+0x328/0x630 [ 26.086311] ret_from_fork+0x10/0x20 [ 26.086429] [ 26.086475] Allocated by task 196: [ 26.086541] kasan_save_stack+0x3c/0x68 [ 26.086642] kasan_save_track+0x20/0x40 [ 26.086733] kasan_save_alloc_info+0x40/0x58 [ 26.086873] __kasan_kmalloc+0xd4/0xd8 [ 26.087122] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.087412] ksize_uaf+0xb8/0x5f8 [ 26.087538] kunit_try_run_case+0x170/0x3f0 [ 26.088026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.088194] kthread+0x328/0x630 [ 26.088280] ret_from_fork+0x10/0x20 [ 26.088378] [ 26.088429] Freed by task 196: [ 26.088504] kasan_save_stack+0x3c/0x68 [ 26.088608] kasan_save_track+0x20/0x40 [ 26.088783] kasan_save_free_info+0x4c/0x78 [ 26.088912] __kasan_slab_free+0x6c/0x98 [ 26.089006] kfree+0x214/0x3c8 [ 26.089521] ksize_uaf+0x11c/0x5f8 [ 26.089617] kunit_try_run_case+0x170/0x3f0 [ 26.089710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.089816] kthread+0x328/0x630 [ 26.089917] ret_from_fork+0x10/0x20 [ 26.090001] [ 26.090045] The buggy address belongs to the object at fff00000c7747800 [ 26.090045] which belongs to the cache kmalloc-128 of size 128 [ 26.090181] The buggy address is located 0 bytes inside of [ 26.090181] freed 128-byte region [fff00000c7747800, fff00000c7747880) [ 26.090336] [ 26.090397] The buggy address belongs to the physical page: [ 26.090468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 26.090595] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.090714] page_type: f5(slab) [ 26.090805] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.090945] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.091041] page dumped because: kasan: bad access detected [ 26.091112] [ 26.091155] Memory state around the buggy address: [ 26.091230] fff00000c7747700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.091339] fff00000c7747780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.091449] >fff00000c7747800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.091551] ^ [ 26.091637] fff00000c7747880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.091751] fff00000c7747900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.095172] ================================================================== [ 26.115012] ================================================================== [ 26.115117] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 26.115221] Read of size 1 at addr fff00000c7747878 by task kunit_try_catch/196 [ 26.115339] [ 26.115403] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.115597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.115661] Hardware name: linux,dummy-virt (DT) [ 26.115729] Call trace: [ 26.115792] show_stack+0x20/0x38 (C) [ 26.116039] dump_stack_lvl+0x8c/0xd0 [ 26.116942] print_report+0x118/0x608 [ 26.117164] kasan_report+0xdc/0x128 [ 26.117414] __asan_report_load1_noabort+0x20/0x30 [ 26.117599] ksize_uaf+0x544/0x5f8 [ 26.117722] kunit_try_run_case+0x170/0x3f0 [ 26.117861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.117995] kthread+0x328/0x630 [ 26.118301] ret_from_fork+0x10/0x20 [ 26.118869] [ 26.118920] Allocated by task 196: [ 26.119026] kasan_save_stack+0x3c/0x68 [ 26.119187] kasan_save_track+0x20/0x40 [ 26.119437] kasan_save_alloc_info+0x40/0x58 [ 26.119616] __kasan_kmalloc+0xd4/0xd8 [ 26.119718] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.119892] ksize_uaf+0xb8/0x5f8 [ 26.120409] kunit_try_run_case+0x170/0x3f0 [ 26.121372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.121494] kthread+0x328/0x630 [ 26.121592] ret_from_fork+0x10/0x20 [ 26.121691] [ 26.121738] Freed by task 196: [ 26.121802] kasan_save_stack+0x3c/0x68 [ 26.123069] kasan_save_track+0x20/0x40 [ 26.124279] kasan_save_free_info+0x4c/0x78 [ 26.125169] __kasan_slab_free+0x6c/0x98 [ 26.125739] kfree+0x214/0x3c8 [ 26.125852] ksize_uaf+0x11c/0x5f8 [ 26.125946] kunit_try_run_case+0x170/0x3f0 [ 26.127553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.127820] kthread+0x328/0x630 [ 26.128509] ret_from_fork+0x10/0x20 [ 26.129514] [ 26.129993] The buggy address belongs to the object at fff00000c7747800 [ 26.129993] which belongs to the cache kmalloc-128 of size 128 [ 26.130142] The buggy address is located 120 bytes inside of [ 26.130142] freed 128-byte region [fff00000c7747800, fff00000c7747880) [ 26.131237] [ 26.131323] The buggy address belongs to the physical page: [ 26.131808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 26.131974] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.132093] page_type: f5(slab) [ 26.134129] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.134424] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.135674] page dumped because: kasan: bad access detected [ 26.135859] [ 26.135963] Memory state around the buggy address: [ 26.136128] fff00000c7747700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.136306] fff00000c7747780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.136457] >fff00000c7747800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.136677] ^ [ 26.136850] fff00000c7747880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.136978] fff00000c7747900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.137087] ================================================================== [ 26.096576] ================================================================== [ 26.096678] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 26.096775] Read of size 1 at addr fff00000c7747800 by task kunit_try_catch/196 [ 26.098937] [ 26.099107] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.099551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.099647] Hardware name: linux,dummy-virt (DT) [ 26.099729] Call trace: [ 26.099982] show_stack+0x20/0x38 (C) [ 26.100121] dump_stack_lvl+0x8c/0xd0 [ 26.100758] print_report+0x118/0x608 [ 26.100939] kasan_report+0xdc/0x128 [ 26.101445] __asan_report_load1_noabort+0x20/0x30 [ 26.101580] ksize_uaf+0x598/0x5f8 [ 26.101972] kunit_try_run_case+0x170/0x3f0 [ 26.102858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.103016] kthread+0x328/0x630 [ 26.103148] ret_from_fork+0x10/0x20 [ 26.103339] [ 26.103394] Allocated by task 196: [ 26.103481] kasan_save_stack+0x3c/0x68 [ 26.103585] kasan_save_track+0x20/0x40 [ 26.104426] kasan_save_alloc_info+0x40/0x58 [ 26.104554] __kasan_kmalloc+0xd4/0xd8 [ 26.105119] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.105237] ksize_uaf+0xb8/0x5f8 [ 26.105450] kunit_try_run_case+0x170/0x3f0 [ 26.105622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.105753] kthread+0x328/0x630 [ 26.105889] ret_from_fork+0x10/0x20 [ 26.105986] [ 26.106043] Freed by task 196: [ 26.106240] kasan_save_stack+0x3c/0x68 [ 26.106342] kasan_save_track+0x20/0x40 [ 26.106690] kasan_save_free_info+0x4c/0x78 [ 26.107245] __kasan_slab_free+0x6c/0x98 [ 26.107356] kfree+0x214/0x3c8 [ 26.107603] ksize_uaf+0x11c/0x5f8 [ 26.107861] kunit_try_run_case+0x170/0x3f0 [ 26.107966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.108072] kthread+0x328/0x630 [ 26.108155] ret_from_fork+0x10/0x20 [ 26.108258] [ 26.108389] The buggy address belongs to the object at fff00000c7747800 [ 26.108389] which belongs to the cache kmalloc-128 of size 128 [ 26.108775] The buggy address is located 0 bytes inside of [ 26.108775] freed 128-byte region [fff00000c7747800, fff00000c7747880) [ 26.109381] [ 26.109457] The buggy address belongs to the physical page: [ 26.109610] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 26.109779] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.109923] page_type: f5(slab) [ 26.110058] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.110191] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.110298] page dumped because: kasan: bad access detected [ 26.110756] [ 26.110898] Memory state around the buggy address: [ 26.111091] fff00000c7747700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.111203] fff00000c7747780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.111312] >fff00000c7747800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.111408] ^ [ 26.111473] fff00000c7747880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.111604] fff00000c7747900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.111729] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 26.023420] ================================================================== [ 26.023529] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 26.023649] Read of size 1 at addr fff00000c7747778 by task kunit_try_catch/194 [ 26.023768] [ 26.023866] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.024794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.024889] Hardware name: linux,dummy-virt (DT) [ 26.024965] Call trace: [ 26.025020] show_stack+0x20/0x38 (C) [ 26.025234] dump_stack_lvl+0x8c/0xd0 [ 26.025491] print_report+0x118/0x608 [ 26.025692] kasan_report+0xdc/0x128 [ 26.025825] __asan_report_load1_noabort+0x20/0x30 [ 26.025987] ksize_unpoisons_memory+0x618/0x740 [ 26.026117] kunit_try_run_case+0x170/0x3f0 [ 26.026239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.026369] kthread+0x328/0x630 [ 26.026481] ret_from_fork+0x10/0x20 [ 26.028691] [ 26.028747] Allocated by task 194: [ 26.028827] kasan_save_stack+0x3c/0x68 [ 26.028957] kasan_save_track+0x20/0x40 [ 26.029522] kasan_save_alloc_info+0x40/0x58 [ 26.030386] __kasan_kmalloc+0xd4/0xd8 [ 26.031163] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.031346] ksize_unpoisons_memory+0xc0/0x740 [ 26.032335] kunit_try_run_case+0x170/0x3f0 [ 26.033279] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.033762] kthread+0x328/0x630 [ 26.034039] ret_from_fork+0x10/0x20 [ 26.034633] [ 26.034701] The buggy address belongs to the object at fff00000c7747700 [ 26.034701] which belongs to the cache kmalloc-128 of size 128 [ 26.034857] The buggy address is located 5 bytes to the right of [ 26.034857] allocated 115-byte region [fff00000c7747700, fff00000c7747773) [ 26.035017] [ 26.035064] The buggy address belongs to the physical page: [ 26.035133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 26.037623] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.038495] page_type: f5(slab) [ 26.038594] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.039879] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.040234] page dumped because: kasan: bad access detected [ 26.040322] [ 26.041023] Memory state around the buggy address: [ 26.041246] fff00000c7747600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.042020] fff00000c7747680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.042341] >fff00000c7747700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.043300] ^ [ 26.043579] fff00000c7747780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.043797] fff00000c7747800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.043987] ================================================================== [ 26.012486] ================================================================== [ 26.012639] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 26.012780] Read of size 1 at addr fff00000c7747773 by task kunit_try_catch/194 [ 26.013048] [ 26.013167] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.013385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.013458] Hardware name: linux,dummy-virt (DT) [ 26.013533] Call trace: [ 26.013596] show_stack+0x20/0x38 (C) [ 26.013727] dump_stack_lvl+0x8c/0xd0 [ 26.013880] print_report+0x118/0x608 [ 26.014008] kasan_report+0xdc/0x128 [ 26.014124] __asan_report_load1_noabort+0x20/0x30 [ 26.014264] ksize_unpoisons_memory+0x628/0x740 [ 26.014937] kunit_try_run_case+0x170/0x3f0 [ 26.015283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.015455] kthread+0x328/0x630 [ 26.015579] ret_from_fork+0x10/0x20 [ 26.015968] [ 26.016107] Allocated by task 194: [ 26.016206] kasan_save_stack+0x3c/0x68 [ 26.016306] kasan_save_track+0x20/0x40 [ 26.016444] kasan_save_alloc_info+0x40/0x58 [ 26.016617] __kasan_kmalloc+0xd4/0xd8 [ 26.016826] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.017034] ksize_unpoisons_memory+0xc0/0x740 [ 26.017727] kunit_try_run_case+0x170/0x3f0 [ 26.018161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.018418] kthread+0x328/0x630 [ 26.018554] ret_from_fork+0x10/0x20 [ 26.019013] [ 26.019071] The buggy address belongs to the object at fff00000c7747700 [ 26.019071] which belongs to the cache kmalloc-128 of size 128 [ 26.019234] The buggy address is located 0 bytes to the right of [ 26.019234] allocated 115-byte region [fff00000c7747700, fff00000c7747773) [ 26.019414] [ 26.019473] The buggy address belongs to the physical page: [ 26.019556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 26.020231] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.020363] page_type: f5(slab) [ 26.020488] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.020613] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.020710] page dumped because: kasan: bad access detected [ 26.020787] [ 26.020827] Memory state around the buggy address: [ 26.021232] fff00000c7747600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.021471] fff00000c7747680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.021632] >fff00000c7747700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.021745] ^ [ 26.021882] fff00000c7747780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.022005] fff00000c7747800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.022168] ================================================================== [ 26.045978] ================================================================== [ 26.046083] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 26.046320] Read of size 1 at addr fff00000c774777f by task kunit_try_catch/194 [ 26.046451] [ 26.046522] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 26.046790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.046883] Hardware name: linux,dummy-virt (DT) [ 26.046957] Call trace: [ 26.047010] show_stack+0x20/0x38 (C) [ 26.047137] dump_stack_lvl+0x8c/0xd0 [ 26.047292] print_report+0x118/0x608 [ 26.047592] kasan_report+0xdc/0x128 [ 26.047939] __asan_report_load1_noabort+0x20/0x30 [ 26.048098] ksize_unpoisons_memory+0x690/0x740 [ 26.048242] kunit_try_run_case+0x170/0x3f0 [ 26.048390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.048553] kthread+0x328/0x630 [ 26.048713] ret_from_fork+0x10/0x20 [ 26.049103] [ 26.049185] Allocated by task 194: [ 26.049320] kasan_save_stack+0x3c/0x68 [ 26.049568] kasan_save_track+0x20/0x40 [ 26.049636] kasan_save_alloc_info+0x40/0x58 [ 26.049690] __kasan_kmalloc+0xd4/0xd8 [ 26.049763] __kmalloc_cache_noprof+0x16c/0x3c0 [ 26.049909] ksize_unpoisons_memory+0xc0/0x740 [ 26.050056] kunit_try_run_case+0x170/0x3f0 [ 26.050176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.050300] kthread+0x328/0x630 [ 26.050396] ret_from_fork+0x10/0x20 [ 26.050504] [ 26.050555] The buggy address belongs to the object at fff00000c7747700 [ 26.050555] which belongs to the cache kmalloc-128 of size 128 [ 26.050813] The buggy address is located 12 bytes to the right of [ 26.050813] allocated 115-byte region [fff00000c7747700, fff00000c7747773) [ 26.051274] [ 26.051350] The buggy address belongs to the physical page: [ 26.051464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 26.051795] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 26.051927] page_type: f5(slab) [ 26.052020] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 26.052217] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.052487] page dumped because: kasan: bad access detected [ 26.052597] [ 26.052638] Memory state around the buggy address: [ 26.052711] fff00000c7747600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.052816] fff00000c7747680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.053669] >fff00000c7747700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.053779] ^ [ 26.054036] fff00000c7747780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.054211] fff00000c7747800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.054371] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 25.942906] ================================================================== [ 25.943398] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 25.943949] Free of addr fff00000c56fe400 by task kunit_try_catch/192 [ 25.944148] [ 25.944241] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.945124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.945205] Hardware name: linux,dummy-virt (DT) [ 25.945295] Call trace: [ 25.946035] show_stack+0x20/0x38 (C) [ 25.946166] dump_stack_lvl+0x8c/0xd0 [ 25.946293] print_report+0x118/0x608 [ 25.946414] kasan_report_invalid_free+0xc0/0xe8 [ 25.946544] check_slab_allocation+0xd4/0x108 [ 25.946672] __kasan_slab_pre_free+0x2c/0x48 [ 25.947009] kfree+0xe8/0x3c8 [ 25.947327] kfree_sensitive+0x3c/0xb0 [ 25.947472] kmalloc_double_kzfree+0x168/0x308 [ 25.947725] kunit_try_run_case+0x170/0x3f0 [ 25.947974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.948201] kthread+0x328/0x630 [ 25.948326] ret_from_fork+0x10/0x20 [ 25.948901] [ 25.949026] Allocated by task 192: [ 25.949113] kasan_save_stack+0x3c/0x68 [ 25.949219] kasan_save_track+0x20/0x40 [ 25.949334] kasan_save_alloc_info+0x40/0x58 [ 25.949531] __kasan_kmalloc+0xd4/0xd8 [ 25.949724] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.949929] kmalloc_double_kzfree+0xb8/0x308 [ 25.950105] kunit_try_run_case+0x170/0x3f0 [ 25.950258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.950420] kthread+0x328/0x630 [ 25.950516] ret_from_fork+0x10/0x20 [ 25.950646] [ 25.950702] Freed by task 192: [ 25.951012] kasan_save_stack+0x3c/0x68 [ 25.951145] kasan_save_track+0x20/0x40 [ 25.951366] kasan_save_free_info+0x4c/0x78 [ 25.951533] __kasan_slab_free+0x6c/0x98 [ 25.951865] kfree+0x214/0x3c8 [ 25.951972] kfree_sensitive+0x80/0xb0 [ 25.952061] kmalloc_double_kzfree+0x11c/0x308 [ 25.952156] kunit_try_run_case+0x170/0x3f0 [ 25.952420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.952552] kthread+0x328/0x630 [ 25.952805] ret_from_fork+0x10/0x20 [ 25.952925] [ 25.952982] The buggy address belongs to the object at fff00000c56fe400 [ 25.952982] which belongs to the cache kmalloc-16 of size 16 [ 25.953329] The buggy address is located 0 bytes inside of [ 25.953329] 16-byte region [fff00000c56fe400, fff00000c56fe410) [ 25.953703] [ 25.953780] The buggy address belongs to the physical page: [ 25.953876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056fe [ 25.954471] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.954679] page_type: f5(slab) [ 25.954819] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.955152] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.955293] page dumped because: kasan: bad access detected [ 25.955370] [ 25.955415] Memory state around the buggy address: [ 25.956476] fff00000c56fe300: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 25.956646] fff00000c56fe380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.956753] >fff00000c56fe400: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.956863] ^ [ 25.957599] fff00000c56fe480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.958036] fff00000c56fe500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.958146] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 25.920351] ================================================================== [ 25.920502] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 25.920634] Read of size 1 at addr fff00000c56fe400 by task kunit_try_catch/192 [ 25.922263] [ 25.922494] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.923089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.923654] Hardware name: linux,dummy-virt (DT) [ 25.923742] Call trace: [ 25.923809] show_stack+0x20/0x38 (C) [ 25.923954] dump_stack_lvl+0x8c/0xd0 [ 25.925782] print_report+0x118/0x608 [ 25.925941] kasan_report+0xdc/0x128 [ 25.926811] __kasan_check_byte+0x54/0x70 [ 25.927239] kfree_sensitive+0x30/0xb0 [ 25.928220] kmalloc_double_kzfree+0x168/0x308 [ 25.928497] kunit_try_run_case+0x170/0x3f0 [ 25.928849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.929044] kthread+0x328/0x630 [ 25.929178] ret_from_fork+0x10/0x20 [ 25.929576] [ 25.929921] Allocated by task 192: [ 25.930074] kasan_save_stack+0x3c/0x68 [ 25.930252] kasan_save_track+0x20/0x40 [ 25.930351] kasan_save_alloc_info+0x40/0x58 [ 25.930455] __kasan_kmalloc+0xd4/0xd8 [ 25.930763] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.931108] kmalloc_double_kzfree+0xb8/0x308 [ 25.931300] kunit_try_run_case+0x170/0x3f0 [ 25.931408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.931530] kthread+0x328/0x630 [ 25.931695] ret_from_fork+0x10/0x20 [ 25.931826] [ 25.931927] Freed by task 192: [ 25.932006] kasan_save_stack+0x3c/0x68 [ 25.932114] kasan_save_track+0x20/0x40 [ 25.932563] kasan_save_free_info+0x4c/0x78 [ 25.932886] __kasan_slab_free+0x6c/0x98 [ 25.933001] kfree+0x214/0x3c8 [ 25.933174] kfree_sensitive+0x80/0xb0 [ 25.933281] kmalloc_double_kzfree+0x11c/0x308 [ 25.933384] kunit_try_run_case+0x170/0x3f0 [ 25.933487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.933597] kthread+0x328/0x630 [ 25.933676] ret_from_fork+0x10/0x20 [ 25.933768] [ 25.934057] The buggy address belongs to the object at fff00000c56fe400 [ 25.934057] which belongs to the cache kmalloc-16 of size 16 [ 25.934676] The buggy address is located 0 bytes inside of [ 25.934676] freed 16-byte region [fff00000c56fe400, fff00000c56fe410) [ 25.934971] [ 25.935092] The buggy address belongs to the physical page: [ 25.935291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056fe [ 25.935472] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.935809] page_type: f5(slab) [ 25.936498] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.936820] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.937361] page dumped because: kasan: bad access detected [ 25.937455] [ 25.937515] Memory state around the buggy address: [ 25.937604] fff00000c56fe300: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 25.938476] fff00000c56fe380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.938599] >fff00000c56fe400: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.938699] ^ [ 25.938776] fff00000c56fe480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.939804] fff00000c56fe500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.940088] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 25.862949] ================================================================== [ 25.863075] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 25.863196] Read of size 1 at addr fff00000c7713328 by task kunit_try_catch/188 [ 25.863605] [ 25.863707] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.864067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.864382] Hardware name: linux,dummy-virt (DT) [ 25.864483] Call trace: [ 25.864626] show_stack+0x20/0x38 (C) [ 25.864926] dump_stack_lvl+0x8c/0xd0 [ 25.865611] print_report+0x118/0x608 [ 25.865764] kasan_report+0xdc/0x128 [ 25.865922] __asan_report_load1_noabort+0x20/0x30 [ 25.866065] kmalloc_uaf2+0x3f4/0x468 [ 25.866288] kunit_try_run_case+0x170/0x3f0 [ 25.866452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.867100] kthread+0x328/0x630 [ 25.867563] ret_from_fork+0x10/0x20 [ 25.867695] [ 25.867740] Allocated by task 188: [ 25.867821] kasan_save_stack+0x3c/0x68 [ 25.867937] kasan_save_track+0x20/0x40 [ 25.868883] kasan_save_alloc_info+0x40/0x58 [ 25.869088] __kasan_kmalloc+0xd4/0xd8 [ 25.869205] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.869314] kmalloc_uaf2+0xc4/0x468 [ 25.869599] kunit_try_run_case+0x170/0x3f0 [ 25.870192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.870370] kthread+0x328/0x630 [ 25.870587] ret_from_fork+0x10/0x20 [ 25.870681] [ 25.870724] Freed by task 188: [ 25.870790] kasan_save_stack+0x3c/0x68 [ 25.870904] kasan_save_track+0x20/0x40 [ 25.871017] kasan_save_free_info+0x4c/0x78 [ 25.871289] __kasan_slab_free+0x6c/0x98 [ 25.871564] kfree+0x214/0x3c8 [ 25.871697] kmalloc_uaf2+0x134/0x468 [ 25.872245] kunit_try_run_case+0x170/0x3f0 [ 25.872712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.872965] kthread+0x328/0x630 [ 25.873094] ret_from_fork+0x10/0x20 [ 25.873286] [ 25.873334] The buggy address belongs to the object at fff00000c7713300 [ 25.873334] which belongs to the cache kmalloc-64 of size 64 [ 25.873475] The buggy address is located 40 bytes inside of [ 25.873475] freed 64-byte region [fff00000c7713300, fff00000c7713340) [ 25.873684] [ 25.873997] The buggy address belongs to the physical page: [ 25.874166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107713 [ 25.874444] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.874723] page_type: f5(slab) [ 25.874831] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.875052] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.875310] page dumped because: kasan: bad access detected [ 25.875391] [ 25.875433] Memory state around the buggy address: [ 25.875510] fff00000c7713200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.875614] fff00000c7713280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.875718] >fff00000c7713300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.875876] ^ [ 25.876077] fff00000c7713380: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 25.876281] fff00000c7713400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.876374] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 25.815615] ================================================================== [ 25.815793] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 25.815948] Write of size 33 at addr fff00000c7713180 by task kunit_try_catch/186 [ 25.816070] [ 25.817330] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.817574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.817643] Hardware name: linux,dummy-virt (DT) [ 25.817720] Call trace: [ 25.817777] show_stack+0x20/0x38 (C) [ 25.818611] dump_stack_lvl+0x8c/0xd0 [ 25.818737] print_report+0x118/0x608 [ 25.818883] kasan_report+0xdc/0x128 [ 25.819299] kasan_check_range+0x100/0x1a8 [ 25.819434] __asan_memset+0x34/0x78 [ 25.819560] kmalloc_uaf_memset+0x170/0x310 [ 25.819688] kunit_try_run_case+0x170/0x3f0 [ 25.819830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.819981] kthread+0x328/0x630 [ 25.820090] ret_from_fork+0x10/0x20 [ 25.820214] [ 25.820255] Allocated by task 186: [ 25.820324] kasan_save_stack+0x3c/0x68 [ 25.820419] kasan_save_track+0x20/0x40 [ 25.820515] kasan_save_alloc_info+0x40/0x58 [ 25.820616] __kasan_kmalloc+0xd4/0xd8 [ 25.820718] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.820822] kmalloc_uaf_memset+0xb8/0x310 [ 25.825021] kunit_try_run_case+0x170/0x3f0 [ 25.825162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.825279] kthread+0x328/0x630 [ 25.825372] ret_from_fork+0x10/0x20 [ 25.827103] [ 25.827158] Freed by task 186: [ 25.827224] kasan_save_stack+0x3c/0x68 [ 25.827335] kasan_save_track+0x20/0x40 [ 25.827437] kasan_save_free_info+0x4c/0x78 [ 25.827604] __kasan_slab_free+0x6c/0x98 [ 25.829250] kfree+0x214/0x3c8 [ 25.829374] kmalloc_uaf_memset+0x11c/0x310 [ 25.829769] kunit_try_run_case+0x170/0x3f0 [ 25.830960] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.831081] kthread+0x328/0x630 [ 25.831158] ret_from_fork+0x10/0x20 [ 25.831242] [ 25.831287] The buggy address belongs to the object at fff00000c7713180 [ 25.831287] which belongs to the cache kmalloc-64 of size 64 [ 25.831426] The buggy address is located 0 bytes inside of [ 25.831426] freed 64-byte region [fff00000c7713180, fff00000c77131c0) [ 25.831569] [ 25.831618] The buggy address belongs to the physical page: [ 25.831689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107713 [ 25.831829] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.831973] page_type: f5(slab) [ 25.832075] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.832200] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.832300] page dumped because: kasan: bad access detected [ 25.832375] [ 25.832468] Memory state around the buggy address: [ 25.832570] fff00000c7713080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.832826] fff00000c7713100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.832980] >fff00000c7713180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.833141] ^ [ 25.833222] fff00000c7713200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.833331] fff00000c7713280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.833534] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 25.777992] ================================================================== [ 25.778228] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 25.778453] Read of size 1 at addr fff00000c56fe3e8 by task kunit_try_catch/184 [ 25.778787] [ 25.778905] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.779128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.779248] Hardware name: linux,dummy-virt (DT) [ 25.779341] Call trace: [ 25.779394] show_stack+0x20/0x38 (C) [ 25.779542] dump_stack_lvl+0x8c/0xd0 [ 25.779923] print_report+0x118/0x608 [ 25.780129] kasan_report+0xdc/0x128 [ 25.780243] __asan_report_load1_noabort+0x20/0x30 [ 25.780373] kmalloc_uaf+0x300/0x338 [ 25.780478] kunit_try_run_case+0x170/0x3f0 [ 25.780596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.780724] kthread+0x328/0x630 [ 25.780826] ret_from_fork+0x10/0x20 [ 25.780964] [ 25.781007] Allocated by task 184: [ 25.781103] kasan_save_stack+0x3c/0x68 [ 25.781230] kasan_save_track+0x20/0x40 [ 25.781337] kasan_save_alloc_info+0x40/0x58 [ 25.781457] __kasan_kmalloc+0xd4/0xd8 [ 25.781778] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.782085] kmalloc_uaf+0xb8/0x338 [ 25.782192] kunit_try_run_case+0x170/0x3f0 [ 25.782298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.782441] kthread+0x328/0x630 [ 25.782546] ret_from_fork+0x10/0x20 [ 25.782690] [ 25.782739] Freed by task 184: [ 25.782814] kasan_save_stack+0x3c/0x68 [ 25.783332] kasan_save_track+0x20/0x40 [ 25.783584] kasan_save_free_info+0x4c/0x78 [ 25.783733] __kasan_slab_free+0x6c/0x98 [ 25.783863] kfree+0x214/0x3c8 [ 25.784092] kmalloc_uaf+0x11c/0x338 [ 25.784181] kunit_try_run_case+0x170/0x3f0 [ 25.784286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.784590] kthread+0x328/0x630 [ 25.784727] ret_from_fork+0x10/0x20 [ 25.784875] [ 25.784935] The buggy address belongs to the object at fff00000c56fe3e0 [ 25.784935] which belongs to the cache kmalloc-16 of size 16 [ 25.785123] The buggy address is located 8 bytes inside of [ 25.785123] freed 16-byte region [fff00000c56fe3e0, fff00000c56fe3f0) [ 25.785697] [ 25.785773] The buggy address belongs to the physical page: [ 25.785871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056fe [ 25.786005] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.786138] page_type: f5(slab) [ 25.786239] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.786393] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.786571] page dumped because: kasan: bad access detected [ 25.786751] [ 25.787082] Memory state around the buggy address: [ 25.787216] fff00000c56fe280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.787331] fff00000c56fe300: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 25.787457] >fff00000c56fe380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.787786] ^ [ 25.787912] fff00000c56fe400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.788024] fff00000c56fe480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.788124] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 25.748101] ================================================================== [ 25.748235] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 25.748359] Read of size 64 at addr fff00000c7742f04 by task kunit_try_catch/182 [ 25.748483] [ 25.748554] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.748750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.748813] Hardware name: linux,dummy-virt (DT) [ 25.748909] Call trace: [ 25.748981] show_stack+0x20/0x38 (C) [ 25.749120] dump_stack_lvl+0x8c/0xd0 [ 25.749449] print_report+0x118/0x608 [ 25.749580] kasan_report+0xdc/0x128 [ 25.749716] kasan_check_range+0x100/0x1a8 [ 25.749880] __asan_memmove+0x3c/0x98 [ 25.750015] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 25.751895] kunit_try_run_case+0x170/0x3f0 [ 25.752044] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.752183] kthread+0x328/0x630 [ 25.753449] ret_from_fork+0x10/0x20 [ 25.753640] [ 25.753740] Allocated by task 182: [ 25.753850] kasan_save_stack+0x3c/0x68 [ 25.754048] kasan_save_track+0x20/0x40 [ 25.754178] kasan_save_alloc_info+0x40/0x58 [ 25.754299] __kasan_kmalloc+0xd4/0xd8 [ 25.754412] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.754624] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 25.754745] kunit_try_run_case+0x170/0x3f0 [ 25.754953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.755214] kthread+0x328/0x630 [ 25.755757] ret_from_fork+0x10/0x20 [ 25.755910] [ 25.756028] The buggy address belongs to the object at fff00000c7742f00 [ 25.756028] which belongs to the cache kmalloc-64 of size 64 [ 25.756381] The buggy address is located 4 bytes inside of [ 25.756381] allocated 64-byte region [fff00000c7742f00, fff00000c7742f40) [ 25.756538] [ 25.756588] The buggy address belongs to the physical page: [ 25.756664] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107742 [ 25.756783] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.756918] page_type: f5(slab) [ 25.757015] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.757201] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.757442] page dumped because: kasan: bad access detected [ 25.757536] [ 25.757711] Memory state around the buggy address: [ 25.757870] fff00000c7742e00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.758155] fff00000c7742e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.758266] >fff00000c7742f00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 25.759105] ^ [ 25.759384] fff00000c7742f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.759892] fff00000c7743000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.759993] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 25.720407] ================================================================== [ 25.720541] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 25.720653] Read of size 18446744073709551614 at addr fff00000c7742d04 by task kunit_try_catch/180 [ 25.720853] [ 25.720933] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.721425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.721495] Hardware name: linux,dummy-virt (DT) [ 25.721575] Call trace: [ 25.721637] show_stack+0x20/0x38 (C) [ 25.722120] dump_stack_lvl+0x8c/0xd0 [ 25.722261] print_report+0x118/0x608 [ 25.722386] kasan_report+0xdc/0x128 [ 25.722514] kasan_check_range+0x100/0x1a8 [ 25.722689] __asan_memmove+0x3c/0x98 [ 25.722808] kmalloc_memmove_negative_size+0x154/0x2e0 [ 25.723374] kunit_try_run_case+0x170/0x3f0 [ 25.723715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.723997] kthread+0x328/0x630 [ 25.724225] ret_from_fork+0x10/0x20 [ 25.724356] [ 25.724423] Allocated by task 180: [ 25.724563] kasan_save_stack+0x3c/0x68 [ 25.724668] kasan_save_track+0x20/0x40 [ 25.724763] kasan_save_alloc_info+0x40/0x58 [ 25.724894] __kasan_kmalloc+0xd4/0xd8 [ 25.725008] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.725515] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 25.726099] kunit_try_run_case+0x170/0x3f0 [ 25.726339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.726454] kthread+0x328/0x630 [ 25.726714] ret_from_fork+0x10/0x20 [ 25.726816] [ 25.726884] The buggy address belongs to the object at fff00000c7742d00 [ 25.726884] which belongs to the cache kmalloc-64 of size 64 [ 25.727312] The buggy address is located 4 bytes inside of [ 25.727312] 64-byte region [fff00000c7742d00, fff00000c7742d40) [ 25.727507] [ 25.727557] The buggy address belongs to the physical page: [ 25.727629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107742 [ 25.727769] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.728098] page_type: f5(slab) [ 25.728377] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 25.728599] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.728769] page dumped because: kasan: bad access detected [ 25.728945] [ 25.728990] Memory state around the buggy address: [ 25.729066] fff00000c7742c00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 25.730097] fff00000c7742c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.730232] >fff00000c7742d00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 25.730442] ^ [ 25.730637] fff00000c7742d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.730810] fff00000c7742e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.731169] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 25.682338] ================================================================== [ 25.682457] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 25.682578] Write of size 16 at addr fff00000c7747669 by task kunit_try_catch/178 [ 25.682711] [ 25.682876] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.683261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.683477] Hardware name: linux,dummy-virt (DT) [ 25.683576] Call trace: [ 25.683633] show_stack+0x20/0x38 (C) [ 25.684020] dump_stack_lvl+0x8c/0xd0 [ 25.684152] print_report+0x118/0x608 [ 25.684368] kasan_report+0xdc/0x128 [ 25.684595] kasan_check_range+0x100/0x1a8 [ 25.684795] __asan_memset+0x34/0x78 [ 25.684921] kmalloc_oob_memset_16+0x150/0x2f8 [ 25.685035] kunit_try_run_case+0x170/0x3f0 [ 25.685260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.685473] kthread+0x328/0x630 [ 25.685602] ret_from_fork+0x10/0x20 [ 25.685747] [ 25.685801] Allocated by task 178: [ 25.685897] kasan_save_stack+0x3c/0x68 [ 25.686026] kasan_save_track+0x20/0x40 [ 25.686148] kasan_save_alloc_info+0x40/0x58 [ 25.686290] __kasan_kmalloc+0xd4/0xd8 [ 25.686481] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.686677] kmalloc_oob_memset_16+0xb0/0x2f8 [ 25.686884] kunit_try_run_case+0x170/0x3f0 [ 25.687028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.687155] kthread+0x328/0x630 [ 25.687256] ret_from_fork+0x10/0x20 [ 25.687353] [ 25.687400] The buggy address belongs to the object at fff00000c7747600 [ 25.687400] which belongs to the cache kmalloc-128 of size 128 [ 25.687655] The buggy address is located 105 bytes inside of [ 25.687655] allocated 120-byte region [fff00000c7747600, fff00000c7747678) [ 25.688045] [ 25.688477] The buggy address belongs to the physical page: [ 25.688566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 25.689075] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.689261] page_type: f5(slab) [ 25.689369] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.689492] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.690233] page dumped because: kasan: bad access detected [ 25.690338] [ 25.690392] Memory state around the buggy address: [ 25.690478] fff00000c7747500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.691109] fff00000c7747580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.691264] >fff00000c7747600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.691676] ^ [ 25.692027] fff00000c7747680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.692133] fff00000c7747700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.692224] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 25.639544] ================================================================== [ 25.639665] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 25.639806] Write of size 8 at addr fff00000c7747571 by task kunit_try_catch/176 [ 25.640157] [ 25.640381] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.641090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.641171] Hardware name: linux,dummy-virt (DT) [ 25.641259] Call trace: [ 25.641342] show_stack+0x20/0x38 (C) [ 25.641486] dump_stack_lvl+0x8c/0xd0 [ 25.641625] print_report+0x118/0x608 [ 25.641879] kasan_report+0xdc/0x128 [ 25.642018] kasan_check_range+0x100/0x1a8 [ 25.642223] __asan_memset+0x34/0x78 [ 25.642634] kmalloc_oob_memset_8+0x150/0x2f8 [ 25.642794] kunit_try_run_case+0x170/0x3f0 [ 25.642948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.643481] kthread+0x328/0x630 [ 25.643771] ret_from_fork+0x10/0x20 [ 25.644302] [ 25.644348] Allocated by task 176: [ 25.644414] kasan_save_stack+0x3c/0x68 [ 25.644510] kasan_save_track+0x20/0x40 [ 25.644603] kasan_save_alloc_info+0x40/0x58 [ 25.645154] __kasan_kmalloc+0xd4/0xd8 [ 25.645434] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.646161] kmalloc_oob_memset_8+0xb0/0x2f8 [ 25.646267] kunit_try_run_case+0x170/0x3f0 [ 25.646371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.647272] kthread+0x328/0x630 [ 25.647525] ret_from_fork+0x10/0x20 [ 25.648006] [ 25.648130] The buggy address belongs to the object at fff00000c7747500 [ 25.648130] which belongs to the cache kmalloc-128 of size 128 [ 25.648382] The buggy address is located 113 bytes inside of [ 25.648382] allocated 120-byte region [fff00000c7747500, fff00000c7747578) [ 25.649077] [ 25.649153] The buggy address belongs to the physical page: [ 25.649277] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 25.649442] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.649631] page_type: f5(slab) [ 25.649748] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.650733] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.650873] page dumped because: kasan: bad access detected [ 25.650953] [ 25.650998] Memory state around the buggy address: [ 25.651074] fff00000c7747400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.651176] fff00000c7747480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.651437] >fff00000c7747500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.651557] ^ [ 25.651655] fff00000c7747580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.651756] fff00000c7747600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.651893] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 25.610094] ================================================================== [ 25.610217] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 25.610336] Write of size 4 at addr fff00000c7747475 by task kunit_try_catch/174 [ 25.610450] [ 25.610529] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.610722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.610783] Hardware name: linux,dummy-virt (DT) [ 25.610875] Call trace: [ 25.614078] show_stack+0x20/0x38 (C) [ 25.614471] dump_stack_lvl+0x8c/0xd0 [ 25.614732] print_report+0x118/0x608 [ 25.615919] kasan_report+0xdc/0x128 [ 25.616627] kasan_check_range+0x100/0x1a8 [ 25.616763] __asan_memset+0x34/0x78 [ 25.616950] kmalloc_oob_memset_4+0x150/0x300 [ 25.617193] kunit_try_run_case+0x170/0x3f0 [ 25.617689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.617872] kthread+0x328/0x630 [ 25.618165] ret_from_fork+0x10/0x20 [ 25.618344] [ 25.618653] Allocated by task 174: [ 25.618745] kasan_save_stack+0x3c/0x68 [ 25.618876] kasan_save_track+0x20/0x40 [ 25.619104] kasan_save_alloc_info+0x40/0x58 [ 25.619219] __kasan_kmalloc+0xd4/0xd8 [ 25.619485] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.619770] kmalloc_oob_memset_4+0xb0/0x300 [ 25.619896] kunit_try_run_case+0x170/0x3f0 [ 25.619994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.620160] kthread+0x328/0x630 [ 25.620302] ret_from_fork+0x10/0x20 [ 25.620443] [ 25.620531] The buggy address belongs to the object at fff00000c7747400 [ 25.620531] which belongs to the cache kmalloc-128 of size 128 [ 25.620721] The buggy address is located 117 bytes inside of [ 25.620721] allocated 120-byte region [fff00000c7747400, fff00000c7747478) [ 25.621212] [ 25.621276] The buggy address belongs to the physical page: [ 25.621361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 25.621507] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.621762] page_type: f5(slab) [ 25.621902] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.622061] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.622272] page dumped because: kasan: bad access detected [ 25.622349] [ 25.622409] Memory state around the buggy address: [ 25.622578] fff00000c7747300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.622681] fff00000c7747380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.622778] >fff00000c7747400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.622888] ^ [ 25.622986] fff00000c7747480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.623088] fff00000c7747500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.623374] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 25.551948] ================================================================== [ 25.552072] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 25.552199] Write of size 2 at addr fff00000c7747377 by task kunit_try_catch/172 [ 25.552316] [ 25.552871] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.554484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.554547] Hardware name: linux,dummy-virt (DT) [ 25.554621] Call trace: [ 25.554684] show_stack+0x20/0x38 (C) [ 25.554801] dump_stack_lvl+0x8c/0xd0 [ 25.555147] print_report+0x118/0x608 [ 25.555365] kasan_report+0xdc/0x128 [ 25.555489] kasan_check_range+0x100/0x1a8 [ 25.555616] __asan_memset+0x34/0x78 [ 25.555725] kmalloc_oob_memset_2+0x150/0x2f8 [ 25.555863] kunit_try_run_case+0x170/0x3f0 [ 25.555982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.556108] kthread+0x328/0x630 [ 25.556213] ret_from_fork+0x10/0x20 [ 25.556329] [ 25.556375] Allocated by task 172: [ 25.556444] kasan_save_stack+0x3c/0x68 [ 25.556546] kasan_save_track+0x20/0x40 [ 25.556643] kasan_save_alloc_info+0x40/0x58 [ 25.556742] __kasan_kmalloc+0xd4/0xd8 [ 25.556829] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.558700] kmalloc_oob_memset_2+0xb0/0x2f8 [ 25.558868] kunit_try_run_case+0x170/0x3f0 [ 25.558965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.560878] kthread+0x328/0x630 [ 25.561274] ret_from_fork+0x10/0x20 [ 25.561382] [ 25.562289] The buggy address belongs to the object at fff00000c7747300 [ 25.562289] which belongs to the cache kmalloc-128 of size 128 [ 25.562449] The buggy address is located 119 bytes inside of [ 25.562449] allocated 120-byte region [fff00000c7747300, fff00000c7747378) [ 25.562603] [ 25.562654] The buggy address belongs to the physical page: [ 25.562901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 25.563033] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.563148] page_type: f5(slab) [ 25.563238] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.563354] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.563446] page dumped because: kasan: bad access detected [ 25.563516] [ 25.563557] Memory state around the buggy address: [ 25.563629] fff00000c7747200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.563728] fff00000c7747280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.563861] >fff00000c7747300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.563960] ^ [ 25.564068] fff00000c7747380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.564184] fff00000c7747400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.564307] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 25.512240] ================================================================== [ 25.512380] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 25.512508] Write of size 128 at addr fff00000c7747200 by task kunit_try_catch/170 [ 25.512627] [ 25.512706] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.514320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.514398] Hardware name: linux,dummy-virt (DT) [ 25.514483] Call trace: [ 25.514542] show_stack+0x20/0x38 (C) [ 25.516176] dump_stack_lvl+0x8c/0xd0 [ 25.516288] print_report+0x118/0x608 [ 25.516413] kasan_report+0xdc/0x128 [ 25.517179] kasan_check_range+0x100/0x1a8 [ 25.517346] __asan_memset+0x34/0x78 [ 25.517551] kmalloc_oob_in_memset+0x144/0x2d0 [ 25.517809] kunit_try_run_case+0x170/0x3f0 [ 25.517962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.518113] kthread+0x328/0x630 [ 25.518256] ret_from_fork+0x10/0x20 [ 25.518862] [ 25.519184] Allocated by task 170: [ 25.519260] kasan_save_stack+0x3c/0x68 [ 25.519360] kasan_save_track+0x20/0x40 [ 25.519461] kasan_save_alloc_info+0x40/0x58 [ 25.519617] __kasan_kmalloc+0xd4/0xd8 [ 25.519820] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.519966] kmalloc_oob_in_memset+0xb0/0x2d0 [ 25.520534] kunit_try_run_case+0x170/0x3f0 [ 25.521022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.521489] kthread+0x328/0x630 [ 25.521717] ret_from_fork+0x10/0x20 [ 25.521871] [ 25.521922] The buggy address belongs to the object at fff00000c7747200 [ 25.521922] which belongs to the cache kmalloc-128 of size 128 [ 25.522075] The buggy address is located 0 bytes inside of [ 25.522075] allocated 120-byte region [fff00000c7747200, fff00000c7747278) [ 25.522344] [ 25.522406] The buggy address belongs to the physical page: [ 25.522490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 25.522680] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.522883] page_type: f5(slab) [ 25.523003] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 25.523122] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.523313] page dumped because: kasan: bad access detected [ 25.523776] [ 25.523855] Memory state around the buggy address: [ 25.523998] fff00000c7747100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.524104] fff00000c7747180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.524628] >fff00000c7747200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.524720] ^ [ 25.524980] fff00000c7747280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.525188] fff00000c7747300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.525413] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 25.457243] ================================================================== [ 25.457362] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 25.457483] Read of size 16 at addr fff00000c56fe3c0 by task kunit_try_catch/168 [ 25.457666] [ 25.457710] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.457946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.458325] Hardware name: linux,dummy-virt (DT) [ 25.458740] Call trace: [ 25.458808] show_stack+0x20/0x38 (C) [ 25.458970] dump_stack_lvl+0x8c/0xd0 [ 25.459091] print_report+0x118/0x608 [ 25.459210] kasan_report+0xdc/0x128 [ 25.459330] __asan_report_load16_noabort+0x20/0x30 [ 25.459700] kmalloc_uaf_16+0x3bc/0x438 [ 25.460994] kunit_try_run_case+0x170/0x3f0 [ 25.461170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.461306] kthread+0x328/0x630 [ 25.462629] ret_from_fork+0x10/0x20 [ 25.463747] [ 25.463811] Allocated by task 168: [ 25.464482] kasan_save_stack+0x3c/0x68 [ 25.464649] kasan_save_track+0x20/0x40 [ 25.465191] kasan_save_alloc_info+0x40/0x58 [ 25.465303] __kasan_kmalloc+0xd4/0xd8 [ 25.465709] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.465824] kmalloc_uaf_16+0x140/0x438 [ 25.465975] kunit_try_run_case+0x170/0x3f0 [ 25.466104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.466405] kthread+0x328/0x630 [ 25.466640] ret_from_fork+0x10/0x20 [ 25.466814] [ 25.467382] Freed by task 168: [ 25.467463] kasan_save_stack+0x3c/0x68 [ 25.467913] kasan_save_track+0x20/0x40 [ 25.468335] kasan_save_free_info+0x4c/0x78 [ 25.468476] __kasan_slab_free+0x6c/0x98 [ 25.468577] kfree+0x214/0x3c8 [ 25.468683] kmalloc_uaf_16+0x190/0x438 [ 25.468791] kunit_try_run_case+0x170/0x3f0 [ 25.469472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.469729] kthread+0x328/0x630 [ 25.469881] ret_from_fork+0x10/0x20 [ 25.469990] [ 25.470038] The buggy address belongs to the object at fff00000c56fe3c0 [ 25.470038] which belongs to the cache kmalloc-16 of size 16 [ 25.470178] The buggy address is located 0 bytes inside of [ 25.470178] freed 16-byte region [fff00000c56fe3c0, fff00000c56fe3d0) [ 25.470932] [ 25.470997] The buggy address belongs to the physical page: [ 25.471425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056fe [ 25.471616] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.471905] page_type: f5(slab) [ 25.472036] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.472178] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.472954] page dumped because: kasan: bad access detected [ 25.473163] [ 25.473212] Memory state around the buggy address: [ 25.473648] fff00000c56fe280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.473915] fff00000c56fe300: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 25.474137] >fff00000c56fe380: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 25.474430] ^ [ 25.474744] fff00000c56fe400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.474870] fff00000c56fe480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.476408] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 25.428380] ================================================================== [ 25.428608] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 25.428824] Write of size 16 at addr fff00000c56fe360 by task kunit_try_catch/166 [ 25.429123] [ 25.429212] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.430254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.430475] Hardware name: linux,dummy-virt (DT) [ 25.430631] Call trace: [ 25.430663] show_stack+0x20/0x38 (C) [ 25.430729] dump_stack_lvl+0x8c/0xd0 [ 25.430831] print_report+0x118/0x608 [ 25.431136] kasan_report+0xdc/0x128 [ 25.431261] __asan_report_store16_noabort+0x20/0x30 [ 25.431397] kmalloc_oob_16+0x3a0/0x3f8 [ 25.431995] kunit_try_run_case+0x170/0x3f0 [ 25.432703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.432862] kthread+0x328/0x630 [ 25.432977] ret_from_fork+0x10/0x20 [ 25.433102] [ 25.433147] Allocated by task 166: [ 25.433216] kasan_save_stack+0x3c/0x68 [ 25.433330] kasan_save_track+0x20/0x40 [ 25.433441] kasan_save_alloc_info+0x40/0x58 [ 25.434005] __kasan_kmalloc+0xd4/0xd8 [ 25.434104] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.434206] kmalloc_oob_16+0xb4/0x3f8 [ 25.434473] kunit_try_run_case+0x170/0x3f0 [ 25.434572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.434931] kthread+0x328/0x630 [ 25.435024] ret_from_fork+0x10/0x20 [ 25.435308] [ 25.435357] The buggy address belongs to the object at fff00000c56fe360 [ 25.435357] which belongs to the cache kmalloc-16 of size 16 [ 25.435688] The buggy address is located 0 bytes inside of [ 25.435688] allocated 13-byte region [fff00000c56fe360, fff00000c56fe36d) [ 25.435955] [ 25.436066] The buggy address belongs to the physical page: [ 25.436137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056fe [ 25.436287] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.436437] page_type: f5(slab) [ 25.436531] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 25.436730] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.436998] page dumped because: kasan: bad access detected [ 25.437095] [ 25.437147] Memory state around the buggy address: [ 25.437311] fff00000c56fe200: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 25.437714] fff00000c56fe280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.437825] >fff00000c56fe300: fa fb fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 25.438478] ^ [ 25.439791] fff00000c56fe380: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.440051] fff00000c56fe400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.440141] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 25.387598] ================================================================== [ 25.387696] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 25.387810] Read of size 1 at addr fff00000c17ed600 by task kunit_try_catch/164 [ 25.391673] [ 25.392034] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.392574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.392740] Hardware name: linux,dummy-virt (DT) [ 25.392861] Call trace: [ 25.392917] show_stack+0x20/0x38 (C) [ 25.393171] dump_stack_lvl+0x8c/0xd0 [ 25.393538] print_report+0x118/0x608 [ 25.393880] kasan_report+0xdc/0x128 [ 25.394033] __asan_report_load1_noabort+0x20/0x30 [ 25.394278] krealloc_uaf+0x4c8/0x520 [ 25.394397] kunit_try_run_case+0x170/0x3f0 [ 25.394590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.394727] kthread+0x328/0x630 [ 25.394928] ret_from_fork+0x10/0x20 [ 25.395072] [ 25.395126] Allocated by task 164: [ 25.395203] kasan_save_stack+0x3c/0x68 [ 25.395318] kasan_save_track+0x20/0x40 [ 25.397068] kasan_save_alloc_info+0x40/0x58 [ 25.397215] __kasan_kmalloc+0xd4/0xd8 [ 25.397323] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.397429] krealloc_uaf+0xc8/0x520 [ 25.397563] kunit_try_run_case+0x170/0x3f0 [ 25.397723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.397899] kthread+0x328/0x630 [ 25.398144] ret_from_fork+0x10/0x20 [ 25.398634] [ 25.398719] Freed by task 164: [ 25.398787] kasan_save_stack+0x3c/0x68 [ 25.399046] kasan_save_track+0x20/0x40 [ 25.399143] kasan_save_free_info+0x4c/0x78 [ 25.399242] __kasan_slab_free+0x6c/0x98 [ 25.399331] kfree+0x214/0x3c8 [ 25.399460] krealloc_uaf+0x12c/0x520 [ 25.399623] kunit_try_run_case+0x170/0x3f0 [ 25.399723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.399864] kthread+0x328/0x630 [ 25.400103] ret_from_fork+0x10/0x20 [ 25.400355] [ 25.400647] The buggy address belongs to the object at fff00000c17ed600 [ 25.400647] which belongs to the cache kmalloc-256 of size 256 [ 25.401148] The buggy address is located 0 bytes inside of [ 25.401148] freed 256-byte region [fff00000c17ed600, fff00000c17ed700) [ 25.401381] [ 25.401438] The buggy address belongs to the physical page: [ 25.401521] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017ec [ 25.402476] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.402609] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.402740] page_type: f5(slab) [ 25.403621] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.403867] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.404879] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.405610] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.405777] head: 0bfffe0000000001 ffffc1ffc305fb01 00000000ffffffff 00000000ffffffff [ 25.405934] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 25.406035] page dumped because: kasan: bad access detected [ 25.406190] [ 25.406237] Memory state around the buggy address: [ 25.406454] fff00000c17ed500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.406627] fff00000c17ed580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.406903] >fff00000c17ed600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.407008] ^ [ 25.407920] fff00000c17ed680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.408079] fff00000c17ed700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.408180] ================================================================== [ 25.366894] ================================================================== [ 25.368717] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 25.369630] Read of size 1 at addr fff00000c17ed600 by task kunit_try_catch/164 [ 25.370172] [ 25.370272] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.370723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.370914] Hardware name: linux,dummy-virt (DT) [ 25.371039] Call trace: [ 25.371146] show_stack+0x20/0x38 (C) [ 25.371416] dump_stack_lvl+0x8c/0xd0 [ 25.371593] print_report+0x118/0x608 [ 25.371788] kasan_report+0xdc/0x128 [ 25.371958] __kasan_check_byte+0x54/0x70 [ 25.372098] krealloc_noprof+0x44/0x360 [ 25.372512] krealloc_uaf+0x180/0x520 [ 25.372981] kunit_try_run_case+0x170/0x3f0 [ 25.373186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.373487] kthread+0x328/0x630 [ 25.373612] ret_from_fork+0x10/0x20 [ 25.373887] [ 25.373939] Allocated by task 164: [ 25.374026] kasan_save_stack+0x3c/0x68 [ 25.374130] kasan_save_track+0x20/0x40 [ 25.374297] kasan_save_alloc_info+0x40/0x58 [ 25.374408] __kasan_kmalloc+0xd4/0xd8 [ 25.374671] __kmalloc_cache_noprof+0x16c/0x3c0 [ 25.374869] krealloc_uaf+0xc8/0x520 [ 25.375083] kunit_try_run_case+0x170/0x3f0 [ 25.375207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.375391] kthread+0x328/0x630 [ 25.375485] ret_from_fork+0x10/0x20 [ 25.375603] [ 25.375718] Freed by task 164: [ 25.376017] kasan_save_stack+0x3c/0x68 [ 25.376137] kasan_save_track+0x20/0x40 [ 25.377317] kasan_save_free_info+0x4c/0x78 [ 25.377451] __kasan_slab_free+0x6c/0x98 [ 25.377560] kfree+0x214/0x3c8 [ 25.377776] krealloc_uaf+0x12c/0x520 [ 25.377958] kunit_try_run_case+0x170/0x3f0 [ 25.378214] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.378325] kthread+0x328/0x630 [ 25.378406] ret_from_fork+0x10/0x20 [ 25.378557] [ 25.378620] The buggy address belongs to the object at fff00000c17ed600 [ 25.378620] which belongs to the cache kmalloc-256 of size 256 [ 25.379073] The buggy address is located 0 bytes inside of [ 25.379073] freed 256-byte region [fff00000c17ed600, fff00000c17ed700) [ 25.379253] [ 25.379394] The buggy address belongs to the physical page: [ 25.379609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017ec [ 25.379877] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.380006] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.380209] page_type: f5(slab) [ 25.380356] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.380624] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.380941] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.381122] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.381361] head: 0bfffe0000000001 ffffc1ffc305fb01 00000000ffffffff 00000000ffffffff [ 25.381858] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 25.381959] page dumped because: kasan: bad access detected [ 25.382032] [ 25.382075] Memory state around the buggy address: [ 25.382769] fff00000c17ed500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.383334] fff00000c17ed580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.383544] >fff00000c17ed600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.384142] ^ [ 25.384218] fff00000c17ed680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.384321] fff00000c17ed700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.384591] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 25.188474] ================================================================== [ 25.188642] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 25.188783] Write of size 1 at addr fff00000c17ed4da by task kunit_try_catch/158 [ 25.188919] [ 25.188994] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.189243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.189316] Hardware name: linux,dummy-virt (DT) [ 25.189431] Call trace: [ 25.189616] show_stack+0x20/0x38 (C) [ 25.189929] dump_stack_lvl+0x8c/0xd0 [ 25.190094] print_report+0x118/0x608 [ 25.190424] kasan_report+0xdc/0x128 [ 25.190623] __asan_report_store1_noabort+0x20/0x30 [ 25.190751] krealloc_less_oob_helper+0xa80/0xc50 [ 25.190948] krealloc_less_oob+0x20/0x38 [ 25.191289] kunit_try_run_case+0x170/0x3f0 [ 25.191412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.191550] kthread+0x328/0x630 [ 25.191828] ret_from_fork+0x10/0x20 [ 25.192127] [ 25.192180] Allocated by task 158: [ 25.192259] kasan_save_stack+0x3c/0x68 [ 25.192372] kasan_save_track+0x20/0x40 [ 25.192472] kasan_save_alloc_info+0x40/0x58 [ 25.192573] __kasan_krealloc+0x118/0x178 [ 25.192667] krealloc_noprof+0x128/0x360 [ 25.192781] krealloc_less_oob_helper+0x168/0xc50 [ 25.192922] krealloc_less_oob+0x20/0x38 [ 25.193135] kunit_try_run_case+0x170/0x3f0 [ 25.193324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.193446] kthread+0x328/0x630 [ 25.193604] ret_from_fork+0x10/0x20 [ 25.193815] [ 25.193879] The buggy address belongs to the object at fff00000c17ed400 [ 25.193879] which belongs to the cache kmalloc-256 of size 256 [ 25.194070] The buggy address is located 17 bytes to the right of [ 25.194070] allocated 201-byte region [fff00000c17ed400, fff00000c17ed4c9) [ 25.194273] [ 25.194326] The buggy address belongs to the physical page: [ 25.194397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017ec [ 25.194535] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.194740] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.195184] page_type: f5(slab) [ 25.195475] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.195925] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.196658] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.196868] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.197312] head: 0bfffe0000000001 ffffc1ffc305fb01 00000000ffffffff 00000000ffffffff [ 25.197442] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 25.197606] page dumped because: kasan: bad access detected [ 25.197686] [ 25.197728] Memory state around the buggy address: [ 25.197799] fff00000c17ed380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.197921] fff00000c17ed400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.198022] >fff00000c17ed480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 25.198140] ^ [ 25.198231] fff00000c17ed500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.198331] fff00000c17ed580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.198489] ================================================================== [ 25.155177] ================================================================== [ 25.155302] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 25.155427] Write of size 1 at addr fff00000c17ed4c9 by task kunit_try_catch/158 [ 25.155542] [ 25.157517] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.157855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.158063] Hardware name: linux,dummy-virt (DT) [ 25.158177] Call trace: [ 25.158230] show_stack+0x20/0x38 (C) [ 25.158451] dump_stack_lvl+0x8c/0xd0 [ 25.158611] print_report+0x118/0x608 [ 25.158749] kasan_report+0xdc/0x128 [ 25.158947] __asan_report_store1_noabort+0x20/0x30 [ 25.159080] krealloc_less_oob_helper+0xa48/0xc50 [ 25.159207] krealloc_less_oob+0x20/0x38 [ 25.159333] kunit_try_run_case+0x170/0x3f0 [ 25.159534] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.159816] kthread+0x328/0x630 [ 25.160043] ret_from_fork+0x10/0x20 [ 25.160173] [ 25.160305] Allocated by task 158: [ 25.160377] kasan_save_stack+0x3c/0x68 [ 25.160471] kasan_save_track+0x20/0x40 [ 25.160601] kasan_save_alloc_info+0x40/0x58 [ 25.160701] __kasan_krealloc+0x118/0x178 [ 25.160973] krealloc_noprof+0x128/0x360 [ 25.161173] krealloc_less_oob_helper+0x168/0xc50 [ 25.161276] krealloc_less_oob+0x20/0x38 [ 25.161416] kunit_try_run_case+0x170/0x3f0 [ 25.161528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.161647] kthread+0x328/0x630 [ 25.161788] ret_from_fork+0x10/0x20 [ 25.161990] [ 25.162078] The buggy address belongs to the object at fff00000c17ed400 [ 25.162078] which belongs to the cache kmalloc-256 of size 256 [ 25.162343] The buggy address is located 0 bytes to the right of [ 25.162343] allocated 201-byte region [fff00000c17ed400, fff00000c17ed4c9) [ 25.162635] [ 25.162690] The buggy address belongs to the physical page: [ 25.162796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017ec [ 25.162957] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.163287] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.163449] page_type: f5(slab) [ 25.163554] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.163673] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.163817] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.163973] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.164146] head: 0bfffe0000000001 ffffc1ffc305fb01 00000000ffffffff 00000000ffffffff [ 25.164312] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 25.164415] page dumped because: kasan: bad access detected [ 25.164496] [ 25.164584] Memory state around the buggy address: [ 25.164702] fff00000c17ed380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.164892] fff00000c17ed400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.165011] >fff00000c17ed480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 25.165157] ^ [ 25.165251] fff00000c17ed500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.165366] fff00000c17ed580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.165466] ================================================================== [ 25.314353] ================================================================== [ 25.314446] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 25.314571] Write of size 1 at addr fff00000c65020ea by task kunit_try_catch/162 [ 25.314688] [ 25.315137] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.315360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.315424] Hardware name: linux,dummy-virt (DT) [ 25.315493] Call trace: [ 25.315540] show_stack+0x20/0x38 (C) [ 25.315655] dump_stack_lvl+0x8c/0xd0 [ 25.315771] print_report+0x118/0x608 [ 25.315918] kasan_report+0xdc/0x128 [ 25.316031] __asan_report_store1_noabort+0x20/0x30 [ 25.316147] krealloc_less_oob_helper+0xae4/0xc50 [ 25.316264] krealloc_large_less_oob+0x20/0x38 [ 25.316442] kunit_try_run_case+0x170/0x3f0 [ 25.316564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.316692] kthread+0x328/0x630 [ 25.316799] ret_from_fork+0x10/0x20 [ 25.317264] [ 25.317425] The buggy address belongs to the physical page: [ 25.317507] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106500 [ 25.318818] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.318977] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.319113] page_type: f8(unknown) [ 25.319747] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.319895] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.320436] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.320806] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.321160] head: 0bfffe0000000002 ffffc1ffc3194001 00000000ffffffff 00000000ffffffff [ 25.321298] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 25.321399] page dumped because: kasan: bad access detected [ 25.321771] [ 25.321826] Memory state around the buggy address: [ 25.321928] fff00000c6501f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.322057] fff00000c6502000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.322250] >fff00000c6502080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 25.322750] ^ [ 25.323241] fff00000c6502100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.323377] fff00000c6502180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.323496] ================================================================== [ 25.294335] ================================================================== [ 25.294428] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 25.294543] Write of size 1 at addr fff00000c65020d0 by task kunit_try_catch/162 [ 25.294656] [ 25.294722] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.294923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.294984] Hardware name: linux,dummy-virt (DT) [ 25.295049] Call trace: [ 25.295094] show_stack+0x20/0x38 (C) [ 25.295211] dump_stack_lvl+0x8c/0xd0 [ 25.295323] print_report+0x118/0x608 [ 25.295438] kasan_report+0xdc/0x128 [ 25.295556] __asan_report_store1_noabort+0x20/0x30 [ 25.295685] krealloc_less_oob_helper+0xb9c/0xc50 [ 25.299002] krealloc_large_less_oob+0x20/0x38 [ 25.299134] kunit_try_run_case+0x170/0x3f0 [ 25.299248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.299372] kthread+0x328/0x630 [ 25.299472] ret_from_fork+0x10/0x20 [ 25.299581] [ 25.299625] The buggy address belongs to the physical page: [ 25.299695] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106500 [ 25.299828] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.299958] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.300089] page_type: f8(unknown) [ 25.300191] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.300314] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.300442] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.300563] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.300686] head: 0bfffe0000000002 ffffc1ffc3194001 00000000ffffffff 00000000ffffffff [ 25.300805] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 25.303229] page dumped because: kasan: bad access detected [ 25.303320] [ 25.303385] Memory state around the buggy address: [ 25.303469] fff00000c6501f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.303682] fff00000c6502000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.303932] >fff00000c6502080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 25.304163] ^ [ 25.304353] fff00000c6502100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.304518] fff00000c6502180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.304611] ================================================================== [ 25.305745] ================================================================== [ 25.305876] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 25.306158] Write of size 1 at addr fff00000c65020da by task kunit_try_catch/162 [ 25.306278] [ 25.306341] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.306531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.306624] Hardware name: linux,dummy-virt (DT) [ 25.306739] Call trace: [ 25.306801] show_stack+0x20/0x38 (C) [ 25.306974] dump_stack_lvl+0x8c/0xd0 [ 25.307107] print_report+0x118/0x608 [ 25.307242] kasan_report+0xdc/0x128 [ 25.307364] __asan_report_store1_noabort+0x20/0x30 [ 25.307659] krealloc_less_oob_helper+0xa80/0xc50 [ 25.307963] krealloc_large_less_oob+0x20/0x38 [ 25.308099] kunit_try_run_case+0x170/0x3f0 [ 25.308222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.308349] kthread+0x328/0x630 [ 25.308466] ret_from_fork+0x10/0x20 [ 25.308679] [ 25.308766] The buggy address belongs to the physical page: [ 25.308934] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106500 [ 25.309076] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.309198] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.309332] page_type: f8(unknown) [ 25.309436] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.309569] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.309694] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.309810] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.310358] head: 0bfffe0000000002 ffffc1ffc3194001 00000000ffffffff 00000000ffffffff [ 25.311050] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 25.311175] page dumped because: kasan: bad access detected [ 25.311294] [ 25.311342] Memory state around the buggy address: [ 25.311417] fff00000c6501f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.311547] fff00000c6502000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.311679] >fff00000c6502080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 25.311879] ^ [ 25.311986] fff00000c6502100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.312104] fff00000c6502180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.312193] ================================================================== [ 25.214527] ================================================================== [ 25.214619] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 25.214735] Write of size 1 at addr fff00000c17ed4eb by task kunit_try_catch/158 [ 25.215135] [ 25.215313] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.215563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.215625] Hardware name: linux,dummy-virt (DT) [ 25.215695] Call trace: [ 25.215753] show_stack+0x20/0x38 (C) [ 25.216530] dump_stack_lvl+0x8c/0xd0 [ 25.217236] print_report+0x118/0x608 [ 25.217450] kasan_report+0xdc/0x128 [ 25.217595] __asan_report_store1_noabort+0x20/0x30 [ 25.217770] krealloc_less_oob_helper+0xa58/0xc50 [ 25.217982] krealloc_less_oob+0x20/0x38 [ 25.218177] kunit_try_run_case+0x170/0x3f0 [ 25.218637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.218797] kthread+0x328/0x630 [ 25.218951] ret_from_fork+0x10/0x20 [ 25.219090] [ 25.219144] Allocated by task 158: [ 25.219222] kasan_save_stack+0x3c/0x68 [ 25.220138] kasan_save_track+0x20/0x40 [ 25.220256] kasan_save_alloc_info+0x40/0x58 [ 25.220366] __kasan_krealloc+0x118/0x178 [ 25.220513] krealloc_noprof+0x128/0x360 [ 25.220774] krealloc_less_oob_helper+0x168/0xc50 [ 25.221353] krealloc_less_oob+0x20/0x38 [ 25.221467] kunit_try_run_case+0x170/0x3f0 [ 25.221720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.221830] kthread+0x328/0x630 [ 25.222238] ret_from_fork+0x10/0x20 [ 25.222381] [ 25.222517] The buggy address belongs to the object at fff00000c17ed400 [ 25.222517] which belongs to the cache kmalloc-256 of size 256 [ 25.223129] The buggy address is located 34 bytes to the right of [ 25.223129] allocated 201-byte region [fff00000c17ed400, fff00000c17ed4c9) [ 25.223286] [ 25.223335] The buggy address belongs to the physical page: [ 25.223407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017ec [ 25.224398] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.224892] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.225393] page_type: f5(slab) [ 25.225496] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.225876] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.226938] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.227066] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.227186] head: 0bfffe0000000001 ffffc1ffc305fb01 00000000ffffffff 00000000ffffffff [ 25.228221] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 25.228357] page dumped because: kasan: bad access detected [ 25.228722] [ 25.228801] Memory state around the buggy address: [ 25.228894] fff00000c17ed380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.228997] fff00000c17ed400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.229115] >fff00000c17ed480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 25.229981] ^ [ 25.230123] fff00000c17ed500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.230242] fff00000c17ed580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.230411] ================================================================== [ 25.283273] ================================================================== [ 25.283383] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 25.283492] Write of size 1 at addr fff00000c65020c9 by task kunit_try_catch/162 [ 25.283608] [ 25.284212] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.284625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.284704] Hardware name: linux,dummy-virt (DT) [ 25.284910] Call trace: [ 25.285050] show_stack+0x20/0x38 (C) [ 25.285185] dump_stack_lvl+0x8c/0xd0 [ 25.285303] print_report+0x118/0x608 [ 25.285416] kasan_report+0xdc/0x128 [ 25.285526] __asan_report_store1_noabort+0x20/0x30 [ 25.285643] krealloc_less_oob_helper+0xa48/0xc50 [ 25.285764] krealloc_large_less_oob+0x20/0x38 [ 25.285906] kunit_try_run_case+0x170/0x3f0 [ 25.286427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.286588] kthread+0x328/0x630 [ 25.287263] ret_from_fork+0x10/0x20 [ 25.287859] [ 25.288150] The buggy address belongs to the physical page: [ 25.288275] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106500 [ 25.288530] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.288814] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.289013] page_type: f8(unknown) [ 25.289115] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.289234] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.289353] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.289485] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.289613] head: 0bfffe0000000002 ffffc1ffc3194001 00000000ffffffff 00000000ffffffff [ 25.289732] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 25.289827] page dumped because: kasan: bad access detected [ 25.289926] [ 25.289970] Memory state around the buggy address: [ 25.290043] fff00000c6501f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.290144] fff00000c6502000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.290251] >fff00000c6502080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 25.290349] ^ [ 25.290440] fff00000c6502100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.290548] fff00000c6502180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.290643] ================================================================== [ 25.166739] ================================================================== [ 25.166829] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 25.166984] Write of size 1 at addr fff00000c17ed4d0 by task kunit_try_catch/158 [ 25.167157] [ 25.167234] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.167445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.167557] Hardware name: linux,dummy-virt (DT) [ 25.167673] Call trace: [ 25.167737] show_stack+0x20/0x38 (C) [ 25.167900] dump_stack_lvl+0x8c/0xd0 [ 25.168091] print_report+0x118/0x608 [ 25.168362] kasan_report+0xdc/0x128 [ 25.168645] __asan_report_store1_noabort+0x20/0x30 [ 25.168792] krealloc_less_oob_helper+0xb9c/0xc50 [ 25.168934] krealloc_less_oob+0x20/0x38 [ 25.171156] kunit_try_run_case+0x170/0x3f0 [ 25.171314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.171691] kthread+0x328/0x630 [ 25.172229] ret_from_fork+0x10/0x20 [ 25.172348] [ 25.172392] Allocated by task 158: [ 25.172465] kasan_save_stack+0x3c/0x68 [ 25.172568] kasan_save_track+0x20/0x40 [ 25.174522] kasan_save_alloc_info+0x40/0x58 [ 25.174664] __kasan_krealloc+0x118/0x178 [ 25.175411] krealloc_noprof+0x128/0x360 [ 25.175989] krealloc_less_oob_helper+0x168/0xc50 [ 25.176538] krealloc_less_oob+0x20/0x38 [ 25.177522] kunit_try_run_case+0x170/0x3f0 [ 25.177661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.177872] kthread+0x328/0x630 [ 25.178458] ret_from_fork+0x10/0x20 [ 25.178588] [ 25.178730] The buggy address belongs to the object at fff00000c17ed400 [ 25.178730] which belongs to the cache kmalloc-256 of size 256 [ 25.178961] The buggy address is located 7 bytes to the right of [ 25.178961] allocated 201-byte region [fff00000c17ed400, fff00000c17ed4c9) [ 25.179349] [ 25.179774] The buggy address belongs to the physical page: [ 25.180040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017ec [ 25.180279] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.180700] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.181378] page_type: f5(slab) [ 25.181491] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.181758] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.182255] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.182412] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.183292] head: 0bfffe0000000001 ffffc1ffc305fb01 00000000ffffffff 00000000ffffffff [ 25.183756] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 25.183960] page dumped because: kasan: bad access detected [ 25.184035] [ 25.184078] Memory state around the buggy address: [ 25.184647] fff00000c17ed380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.184753] fff00000c17ed400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.185278] >fff00000c17ed480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 25.185454] ^ [ 25.185559] fff00000c17ed500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.185675] fff00000c17ed580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.185866] ================================================================== [ 25.326452] ================================================================== [ 25.326562] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 25.326677] Write of size 1 at addr fff00000c65020eb by task kunit_try_catch/162 [ 25.326780] [ 25.326860] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.327706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.327791] Hardware name: linux,dummy-virt (DT) [ 25.327892] Call trace: [ 25.328215] show_stack+0x20/0x38 (C) [ 25.328469] dump_stack_lvl+0x8c/0xd0 [ 25.329053] print_report+0x118/0x608 [ 25.329889] kasan_report+0xdc/0x128 [ 25.330053] __asan_report_store1_noabort+0x20/0x30 [ 25.330709] krealloc_less_oob_helper+0xa58/0xc50 [ 25.331278] krealloc_large_less_oob+0x20/0x38 [ 25.331390] kunit_try_run_case+0x170/0x3f0 [ 25.331920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.332442] kthread+0x328/0x630 [ 25.332590] ret_from_fork+0x10/0x20 [ 25.332707] [ 25.332754] The buggy address belongs to the physical page: [ 25.332825] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106500 [ 25.332967] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.333089] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.334144] page_type: f8(unknown) [ 25.334280] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.334422] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.334560] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.334693] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.334906] head: 0bfffe0000000002 ffffc1ffc3194001 00000000ffffffff 00000000ffffffff [ 25.335414] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 25.335581] page dumped because: kasan: bad access detected [ 25.336150] [ 25.336432] Memory state around the buggy address: [ 25.336562] fff00000c6501f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.336665] fff00000c6502000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.337237] >fff00000c6502080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 25.337347] ^ [ 25.337544] fff00000c6502100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.337718] fff00000c6502180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.338259] ================================================================== [ 25.199541] ================================================================== [ 25.199638] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 25.199740] Write of size 1 at addr fff00000c17ed4ea by task kunit_try_catch/158 [ 25.199892] [ 25.199954] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.200573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.200660] Hardware name: linux,dummy-virt (DT) [ 25.200742] Call trace: [ 25.200802] show_stack+0x20/0x38 (C) [ 25.200954] dump_stack_lvl+0x8c/0xd0 [ 25.201174] print_report+0x118/0x608 [ 25.201859] kasan_report+0xdc/0x128 [ 25.201989] __asan_report_store1_noabort+0x20/0x30 [ 25.202132] krealloc_less_oob_helper+0xae4/0xc50 [ 25.202351] krealloc_less_oob+0x20/0x38 [ 25.202519] kunit_try_run_case+0x170/0x3f0 [ 25.202654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.203147] kthread+0x328/0x630 [ 25.203365] ret_from_fork+0x10/0x20 [ 25.203489] [ 25.204094] Allocated by task 158: [ 25.204457] kasan_save_stack+0x3c/0x68 [ 25.204558] kasan_save_track+0x20/0x40 [ 25.204653] kasan_save_alloc_info+0x40/0x58 [ 25.204747] __kasan_krealloc+0x118/0x178 [ 25.205433] krealloc_noprof+0x128/0x360 [ 25.205825] krealloc_less_oob_helper+0x168/0xc50 [ 25.206060] krealloc_less_oob+0x20/0x38 [ 25.206178] kunit_try_run_case+0x170/0x3f0 [ 25.206272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.206886] kthread+0x328/0x630 [ 25.206992] ret_from_fork+0x10/0x20 [ 25.207096] [ 25.207147] The buggy address belongs to the object at fff00000c17ed400 [ 25.207147] which belongs to the cache kmalloc-256 of size 256 [ 25.207786] The buggy address is located 33 bytes to the right of [ 25.207786] allocated 201-byte region [fff00000c17ed400, fff00000c17ed4c9) [ 25.208160] [ 25.208392] The buggy address belongs to the physical page: [ 25.208752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017ec [ 25.208892] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.209459] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.209673] page_type: f5(slab) [ 25.210046] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.210497] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.210640] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.210767] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.211185] head: 0bfffe0000000001 ffffc1ffc305fb01 00000000ffffffff 00000000ffffffff [ 25.211310] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 25.211421] page dumped because: kasan: bad access detected [ 25.211494] [ 25.211537] Memory state around the buggy address: [ 25.211607] fff00000c17ed380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.211707] fff00000c17ed400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.211816] >fff00000c17ed480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 25.211926] ^ [ 25.212084] fff00000c17ed500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.212189] fff00000c17ed580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.212310] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 25.249507] ================================================================== [ 25.249633] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 25.249756] Write of size 1 at addr fff00000c65020eb by task kunit_try_catch/160 [ 25.249900] [ 25.249981] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.250173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.250238] Hardware name: linux,dummy-virt (DT) [ 25.250313] Call trace: [ 25.250415] show_stack+0x20/0x38 (C) [ 25.250544] dump_stack_lvl+0x8c/0xd0 [ 25.250690] print_report+0x118/0x608 [ 25.251170] kasan_report+0xdc/0x128 [ 25.251665] __asan_report_store1_noabort+0x20/0x30 [ 25.251826] krealloc_more_oob_helper+0x60c/0x678 [ 25.251989] krealloc_large_more_oob+0x20/0x38 [ 25.252128] kunit_try_run_case+0x170/0x3f0 [ 25.252329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.252520] kthread+0x328/0x630 [ 25.252624] ret_from_fork+0x10/0x20 [ 25.253215] [ 25.253277] The buggy address belongs to the physical page: [ 25.253357] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106500 [ 25.253493] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.253614] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.253803] page_type: f8(unknown) [ 25.254205] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.254330] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.254450] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.255667] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.256150] head: 0bfffe0000000002 ffffc1ffc3194001 00000000ffffffff 00000000ffffffff [ 25.256273] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 25.256370] page dumped because: kasan: bad access detected [ 25.256442] [ 25.257016] Memory state around the buggy address: [ 25.257231] fff00000c6501f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.257611] fff00000c6502000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.258042] >fff00000c6502080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 25.258205] ^ [ 25.258392] fff00000c6502100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.258503] fff00000c6502180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.258863] ================================================================== [ 25.112160] ================================================================== [ 25.112253] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 25.112935] Write of size 1 at addr fff00000c17ed2f0 by task kunit_try_catch/156 [ 25.113070] [ 25.113252] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.113516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.114199] Hardware name: linux,dummy-virt (DT) [ 25.114381] Call trace: [ 25.114465] show_stack+0x20/0x38 (C) [ 25.114664] dump_stack_lvl+0x8c/0xd0 [ 25.114780] print_report+0x118/0x608 [ 25.114918] kasan_report+0xdc/0x128 [ 25.115086] __asan_report_store1_noabort+0x20/0x30 [ 25.115242] krealloc_more_oob_helper+0x5c0/0x678 [ 25.115362] krealloc_more_oob+0x20/0x38 [ 25.115478] kunit_try_run_case+0x170/0x3f0 [ 25.115595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.115722] kthread+0x328/0x630 [ 25.115865] ret_from_fork+0x10/0x20 [ 25.116006] [ 25.116059] Allocated by task 156: [ 25.116136] kasan_save_stack+0x3c/0x68 [ 25.116758] kasan_save_track+0x20/0x40 [ 25.117413] kasan_save_alloc_info+0x40/0x58 [ 25.117703] __kasan_krealloc+0x118/0x178 [ 25.118040] krealloc_noprof+0x128/0x360 [ 25.118231] krealloc_more_oob_helper+0x168/0x678 [ 25.118873] krealloc_more_oob+0x20/0x38 [ 25.118973] kunit_try_run_case+0x170/0x3f0 [ 25.119070] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.119171] kthread+0x328/0x630 [ 25.119250] ret_from_fork+0x10/0x20 [ 25.119335] [ 25.119858] The buggy address belongs to the object at fff00000c17ed200 [ 25.119858] which belongs to the cache kmalloc-256 of size 256 [ 25.120175] The buggy address is located 5 bytes to the right of [ 25.120175] allocated 235-byte region [fff00000c17ed200, fff00000c17ed2eb) [ 25.120879] [ 25.120994] The buggy address belongs to the physical page: [ 25.121071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017ec [ 25.121554] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.122030] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.122389] page_type: f5(slab) [ 25.122587] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.122713] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.122833] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.122969] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.123166] head: 0bfffe0000000001 ffffc1ffc305fb01 00000000ffffffff 00000000ffffffff [ 25.123610] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 25.123981] page dumped because: kasan: bad access detected [ 25.124311] [ 25.124447] Memory state around the buggy address: [ 25.124827] fff00000c17ed180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.125064] fff00000c17ed200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.125184] >fff00000c17ed280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 25.125287] ^ [ 25.125769] fff00000c17ed300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.125902] fff00000c17ed380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.126218] ================================================================== [ 25.098483] ================================================================== [ 25.098616] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 25.098744] Write of size 1 at addr fff00000c17ed2eb by task kunit_try_catch/156 [ 25.099062] [ 25.099162] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.099640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.099722] Hardware name: linux,dummy-virt (DT) [ 25.099965] Call trace: [ 25.100031] show_stack+0x20/0x38 (C) [ 25.100225] dump_stack_lvl+0x8c/0xd0 [ 25.100354] print_report+0x118/0x608 [ 25.100525] kasan_report+0xdc/0x128 [ 25.100671] __asan_report_store1_noabort+0x20/0x30 [ 25.101007] krealloc_more_oob_helper+0x60c/0x678 [ 25.101243] krealloc_more_oob+0x20/0x38 [ 25.101419] kunit_try_run_case+0x170/0x3f0 [ 25.101622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.101857] kthread+0x328/0x630 [ 25.102173] ret_from_fork+0x10/0x20 [ 25.102493] [ 25.102755] Allocated by task 156: [ 25.103169] kasan_save_stack+0x3c/0x68 [ 25.103293] kasan_save_track+0x20/0x40 [ 25.103515] kasan_save_alloc_info+0x40/0x58 [ 25.103994] __kasan_krealloc+0x118/0x178 [ 25.104101] krealloc_noprof+0x128/0x360 [ 25.104212] krealloc_more_oob_helper+0x168/0x678 [ 25.104310] krealloc_more_oob+0x20/0x38 [ 25.104406] kunit_try_run_case+0x170/0x3f0 [ 25.104613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.104756] kthread+0x328/0x630 [ 25.105011] ret_from_fork+0x10/0x20 [ 25.105184] [ 25.105239] The buggy address belongs to the object at fff00000c17ed200 [ 25.105239] which belongs to the cache kmalloc-256 of size 256 [ 25.105946] The buggy address is located 0 bytes to the right of [ 25.105946] allocated 235-byte region [fff00000c17ed200, fff00000c17ed2eb) [ 25.106245] [ 25.106303] The buggy address belongs to the physical page: [ 25.106539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017ec [ 25.106720] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.106904] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.107070] page_type: f5(slab) [ 25.107248] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.107466] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.107628] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 25.107824] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.108353] head: 0bfffe0000000001 ffffc1ffc305fb01 00000000ffffffff 00000000ffffffff [ 25.108560] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 25.108767] page dumped because: kasan: bad access detected [ 25.108859] [ 25.108967] Memory state around the buggy address: [ 25.109148] fff00000c17ed180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.109398] fff00000c17ed200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.109861] >fff00000c17ed280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 25.110019] ^ [ 25.110129] fff00000c17ed300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.110245] fff00000c17ed380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.110516] ================================================================== [ 25.261051] ================================================================== [ 25.261142] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 25.261244] Write of size 1 at addr fff00000c65020f0 by task kunit_try_catch/160 [ 25.261360] [ 25.261424] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.261604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.261665] Hardware name: linux,dummy-virt (DT) [ 25.261734] Call trace: [ 25.261783] show_stack+0x20/0x38 (C) [ 25.264137] dump_stack_lvl+0x8c/0xd0 [ 25.264281] print_report+0x118/0x608 [ 25.264411] kasan_report+0xdc/0x128 [ 25.264538] __asan_report_store1_noabort+0x20/0x30 [ 25.264663] krealloc_more_oob_helper+0x5c0/0x678 [ 25.264826] krealloc_large_more_oob+0x20/0x38 [ 25.265033] kunit_try_run_case+0x170/0x3f0 [ 25.265355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.265828] kthread+0x328/0x630 [ 25.265973] ret_from_fork+0x10/0x20 [ 25.266103] [ 25.266151] The buggy address belongs to the physical page: [ 25.266659] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106500 [ 25.266962] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 25.267090] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 25.267273] page_type: f8(unknown) [ 25.267369] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.267485] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.267631] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 25.267754] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 25.267907] head: 0bfffe0000000002 ffffc1ffc3194001 00000000ffffffff 00000000ffffffff [ 25.268027] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 25.268179] page dumped because: kasan: bad access detected [ 25.268327] [ 25.268375] Memory state around the buggy address: [ 25.268577] fff00000c6501f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.268700] fff00000c6502000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.268912] >fff00000c6502080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 25.269016] ^ [ 25.269165] fff00000c6502100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.269716] fff00000c6502180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 25.269928] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 25.044304] ================================================================== [ 25.044417] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 25.044544] Read of size 1 at addr fff00000c77b0000 by task kunit_try_catch/154 [ 25.044679] [ 25.045391] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 25.046144] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.046213] Hardware name: linux,dummy-virt (DT) [ 25.046292] Call trace: [ 25.047528] show_stack+0x20/0x38 (C) [ 25.048872] dump_stack_lvl+0x8c/0xd0 [ 25.049623] print_report+0x118/0x608 [ 25.050038] kasan_report+0xdc/0x128 [ 25.051519] __asan_report_load1_noabort+0x20/0x30 [ 25.051798] page_alloc_uaf+0x328/0x350 [ 25.053287] kunit_try_run_case+0x170/0x3f0 [ 25.053432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.054533] kthread+0x328/0x630 [ 25.055665] ret_from_fork+0x10/0x20 [ 25.056073] [ 25.056581] The buggy address belongs to the physical page: [ 25.056897] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b0 [ 25.057919] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 25.058565] page_type: f0(buddy) [ 25.059149] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 25.059457] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 25.059556] page dumped because: kasan: bad access detected [ 25.060988] [ 25.061078] Memory state around the buggy address: [ 25.061671] fff00000c77aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.061961] fff00000c77aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.062259] >fff00000c77b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.062636] ^ [ 25.062754] fff00000c77b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.062873] fff00000c77b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 25.064971] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 24.975222] ================================================================== [ 24.975676] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 24.976056] Free of addr fff00000c64fc001 by task kunit_try_catch/150 [ 24.976255] [ 24.976380] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 24.976605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.976667] Hardware name: linux,dummy-virt (DT) [ 24.976735] Call trace: [ 24.976785] show_stack+0x20/0x38 (C) [ 24.977393] dump_stack_lvl+0x8c/0xd0 [ 24.977712] print_report+0x118/0x608 [ 24.977918] kasan_report_invalid_free+0xc0/0xe8 [ 24.978049] __kasan_kfree_large+0x5c/0xa8 [ 24.978236] free_large_kmalloc+0x64/0x190 [ 24.978374] kfree+0x270/0x3c8 [ 24.978576] kmalloc_large_invalid_free+0x108/0x270 [ 24.978888] kunit_try_run_case+0x170/0x3f0 [ 24.979106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.979289] kthread+0x328/0x630 [ 24.979399] ret_from_fork+0x10/0x20 [ 24.979538] [ 24.979594] The buggy address belongs to the physical page: [ 24.979672] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064fc [ 24.980346] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.980515] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.980826] page_type: f8(unknown) [ 24.980961] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.981103] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.981591] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.981799] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.982006] head: 0bfffe0000000002 ffffc1ffc3193f01 00000000ffffffff 00000000ffffffff [ 24.982127] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.982235] page dumped because: kasan: bad access detected [ 24.982411] [ 24.982623] Memory state around the buggy address: [ 24.982737] fff00000c64fbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.983135] fff00000c64fbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.983240] >fff00000c64fc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.983328] ^ [ 24.983392] fff00000c64fc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.984107] fff00000c64fc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.984927] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 24.952819] ================================================================== [ 24.952977] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 24.953150] Read of size 1 at addr fff00000c64fc000 by task kunit_try_catch/148 [ 24.953358] [ 24.953515] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 24.953753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.953924] Hardware name: linux,dummy-virt (DT) [ 24.954051] Call trace: [ 24.954114] show_stack+0x20/0x38 (C) [ 24.954287] dump_stack_lvl+0x8c/0xd0 [ 24.954416] print_report+0x118/0x608 [ 24.954536] kasan_report+0xdc/0x128 [ 24.954696] __asan_report_load1_noabort+0x20/0x30 [ 24.954864] kmalloc_large_uaf+0x2cc/0x2f8 [ 24.954988] kunit_try_run_case+0x170/0x3f0 [ 24.955112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.955343] kthread+0x328/0x630 [ 24.955534] ret_from_fork+0x10/0x20 [ 24.955736] [ 24.955864] The buggy address belongs to the physical page: [ 24.955941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064fc [ 24.956093] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.956314] raw: 0bfffe0000000000 ffffc1ffc3194008 fff00000da44bc40 0000000000000000 [ 24.956576] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 24.956674] page dumped because: kasan: bad access detected [ 24.956806] [ 24.956952] Memory state around the buggy address: [ 24.957154] fff00000c64fbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.957399] fff00000c64fbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.957572] >fff00000c64fc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.957672] ^ [ 24.957794] fff00000c64fc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.957919] fff00000c64fc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.958048] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 24.882988] ================================================================== [ 24.883560] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 24.884174] Write of size 1 at addr fff00000c64fe00a by task kunit_try_catch/146 [ 24.884393] [ 24.884527] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 24.884741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.884807] Hardware name: linux,dummy-virt (DT) [ 24.884902] Call trace: [ 24.885398] show_stack+0x20/0x38 (C) [ 24.885547] dump_stack_lvl+0x8c/0xd0 [ 24.885907] print_report+0x118/0x608 [ 24.887222] kasan_report+0xdc/0x128 [ 24.887385] __asan_report_store1_noabort+0x20/0x30 [ 24.887504] kmalloc_large_oob_right+0x278/0x2b8 [ 24.887620] kunit_try_run_case+0x170/0x3f0 [ 24.887739] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.890297] kthread+0x328/0x630 [ 24.890925] ret_from_fork+0x10/0x20 [ 24.891678] [ 24.892795] The buggy address belongs to the physical page: [ 24.892929] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064fc [ 24.893908] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.894576] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.895828] page_type: f8(unknown) [ 24.896357] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.897382] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.898342] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.899201] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.899992] head: 0bfffe0000000002 ffffc1ffc3193f01 00000000ffffffff 00000000ffffffff [ 24.900117] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.900210] page dumped because: kasan: bad access detected [ 24.900284] [ 24.900330] Memory state around the buggy address: [ 24.902396] fff00000c64fdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.902525] fff00000c64fdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.903311] >fff00000c64fe000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.903409] ^ [ 24.903480] fff00000c64fe080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.904358] fff00000c64fe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.904535] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 24.852463] ================================================================== [ 24.852607] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 24.852892] Write of size 1 at addr fff00000c64cdf00 by task kunit_try_catch/144 [ 24.853021] [ 24.853539] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 24.853774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.853908] Hardware name: linux,dummy-virt (DT) [ 24.853998] Call trace: [ 24.854063] show_stack+0x20/0x38 (C) [ 24.854188] dump_stack_lvl+0x8c/0xd0 [ 24.854499] print_report+0x118/0x608 [ 24.854629] kasan_report+0xdc/0x128 [ 24.854859] __asan_report_store1_noabort+0x20/0x30 [ 24.855097] kmalloc_big_oob_right+0x2a4/0x2f0 [ 24.855226] kunit_try_run_case+0x170/0x3f0 [ 24.855574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.855710] kthread+0x328/0x630 [ 24.855850] ret_from_fork+0x10/0x20 [ 24.855977] [ 24.856029] Allocated by task 144: [ 24.856106] kasan_save_stack+0x3c/0x68 [ 24.856216] kasan_save_track+0x20/0x40 [ 24.856327] kasan_save_alloc_info+0x40/0x58 [ 24.856438] __kasan_kmalloc+0xd4/0xd8 [ 24.856546] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.856662] kmalloc_big_oob_right+0xb8/0x2f0 [ 24.856775] kunit_try_run_case+0x170/0x3f0 [ 24.856919] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.857041] kthread+0x328/0x630 [ 24.857154] ret_from_fork+0x10/0x20 [ 24.857251] [ 24.857306] The buggy address belongs to the object at fff00000c64cc000 [ 24.857306] which belongs to the cache kmalloc-8k of size 8192 [ 24.857451] The buggy address is located 0 bytes to the right of [ 24.857451] allocated 7936-byte region [fff00000c64cc000, fff00000c64cdf00) [ 24.857711] [ 24.857772] The buggy address belongs to the physical page: [ 24.857875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064c8 [ 24.858015] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.858162] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.859214] page_type: f5(slab) [ 24.859339] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 24.859461] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 24.859584] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 24.859700] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 24.859827] head: 0bfffe0000000003 ffffc1ffc3193201 00000000ffffffff 00000000ffffffff [ 24.859980] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 24.860084] page dumped because: kasan: bad access detected [ 24.860250] [ 24.860326] Memory state around the buggy address: [ 24.860416] fff00000c64cde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.860519] fff00000c64cde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.860783] >fff00000c64cdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.860917] ^ [ 24.860997] fff00000c64cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.861158] fff00000c64ce000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.861263] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 24.820181] ================================================================== [ 24.820408] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 24.820517] Write of size 1 at addr fff00000c7747178 by task kunit_try_catch/142 [ 24.820631] [ 24.820699] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 24.820904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.820969] Hardware name: linux,dummy-virt (DT) [ 24.821039] Call trace: [ 24.821092] show_stack+0x20/0x38 (C) [ 24.821210] dump_stack_lvl+0x8c/0xd0 [ 24.821332] print_report+0x118/0x608 [ 24.821448] kasan_report+0xdc/0x128 [ 24.821558] __asan_report_store1_noabort+0x20/0x30 [ 24.821674] kmalloc_track_caller_oob_right+0x418/0x488 [ 24.821796] kunit_try_run_case+0x170/0x3f0 [ 24.821954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.822109] kthread+0x328/0x630 [ 24.822291] ret_from_fork+0x10/0x20 [ 24.822560] [ 24.822720] Allocated by task 142: [ 24.823157] kasan_save_stack+0x3c/0x68 [ 24.823358] kasan_save_track+0x20/0x40 [ 24.823812] kasan_save_alloc_info+0x40/0x58 [ 24.824393] __kasan_kmalloc+0xd4/0xd8 [ 24.824700] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 24.824848] kmalloc_track_caller_oob_right+0x184/0x488 [ 24.824956] kunit_try_run_case+0x170/0x3f0 [ 24.825107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.825233] kthread+0x328/0x630 [ 24.825559] ret_from_fork+0x10/0x20 [ 24.825848] [ 24.825908] The buggy address belongs to the object at fff00000c7747100 [ 24.825908] which belongs to the cache kmalloc-128 of size 128 [ 24.826326] The buggy address is located 0 bytes to the right of [ 24.826326] allocated 120-byte region [fff00000c7747100, fff00000c7747178) [ 24.826489] [ 24.826607] The buggy address belongs to the physical page: [ 24.826720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107747 [ 24.826924] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.827130] page_type: f5(slab) [ 24.827238] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.827366] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.827462] page dumped because: kasan: bad access detected [ 24.827533] [ 24.827595] Memory state around the buggy address: [ 24.827685] fff00000c7747000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.827966] fff00000c7747080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.828139] >fff00000c7747100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.828396] ^ [ 24.828497] fff00000c7747180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.828599] fff00000c7747200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.828689] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 24.735337] ================================================================== [ 24.735474] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 24.735904] Read of size 1 at addr fff00000c6549000 by task kunit_try_catch/140 [ 24.736271] [ 24.736419] CPU: 0 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 24.736629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.736789] Hardware name: linux,dummy-virt (DT) [ 24.736888] Call trace: [ 24.737148] show_stack+0x20/0x38 (C) [ 24.737328] dump_stack_lvl+0x8c/0xd0 [ 24.737712] print_report+0x118/0x608 [ 24.737853] kasan_report+0xdc/0x128 [ 24.738152] __asan_report_load1_noabort+0x20/0x30 [ 24.738458] kmalloc_node_oob_right+0x2f4/0x330 [ 24.738697] kunit_try_run_case+0x170/0x3f0 [ 24.739323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.740235] kthread+0x328/0x630 [ 24.740382] ret_from_fork+0x10/0x20 [ 24.740610] [ 24.740661] Allocated by task 140: [ 24.740736] kasan_save_stack+0x3c/0x68 [ 24.740867] kasan_save_track+0x20/0x40 [ 24.740983] kasan_save_alloc_info+0x40/0x58 [ 24.741487] __kasan_kmalloc+0xd4/0xd8 [ 24.741732] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 24.741887] kmalloc_node_oob_right+0xbc/0x330 [ 24.742109] kunit_try_run_case+0x170/0x3f0 [ 24.742277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.742735] kthread+0x328/0x630 [ 24.743585] ret_from_fork+0x10/0x20 [ 24.743705] [ 24.743762] The buggy address belongs to the object at fff00000c6548000 [ 24.743762] which belongs to the cache kmalloc-4k of size 4096 [ 24.744166] The buggy address is located 0 bytes to the right of [ 24.744166] allocated 4096-byte region [fff00000c6548000, fff00000c6549000) [ 24.744731] [ 24.744786] The buggy address belongs to the physical page: [ 24.744994] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106548 [ 24.745640] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.745789] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 24.746009] page_type: f5(slab) [ 24.746117] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 24.746591] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 24.747094] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 24.747224] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 24.747344] head: 0bfffe0000000003 ffffc1ffc3195201 00000000ffffffff 00000000ffffffff [ 24.747465] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 24.747569] page dumped because: kasan: bad access detected [ 24.747647] [ 24.747691] Memory state around the buggy address: [ 24.747924] fff00000c6548f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.748345] fff00000c6548f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.748467] >fff00000c6549000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.748558] ^ [ 24.749109] fff00000c6549080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.749463] fff00000c6549100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.749615] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 24.710306] ================================================================== [ 24.710437] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 24.710565] Read of size 1 at addr fff00000c56fe33f by task kunit_try_catch/138 [ 24.710680] [ 24.710761] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 24.710974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.711037] Hardware name: linux,dummy-virt (DT) [ 24.711109] Call trace: [ 24.711159] show_stack+0x20/0x38 (C) [ 24.711276] dump_stack_lvl+0x8c/0xd0 [ 24.711395] print_report+0x118/0x608 [ 24.711509] kasan_report+0xdc/0x128 [ 24.711622] __asan_report_load1_noabort+0x20/0x30 [ 24.711749] kmalloc_oob_left+0x2ec/0x320 [ 24.711908] kunit_try_run_case+0x170/0x3f0 [ 24.712505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.712703] kthread+0x328/0x630 [ 24.712939] ret_from_fork+0x10/0x20 [ 24.713327] [ 24.713378] Allocated by task 11: [ 24.713470] kasan_save_stack+0x3c/0x68 [ 24.713660] kasan_save_track+0x20/0x40 [ 24.713859] kasan_save_alloc_info+0x40/0x58 [ 24.713967] __kasan_kmalloc+0xd4/0xd8 [ 24.714076] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 24.714193] kvasprintf+0xe0/0x180 [ 24.714546] __kthread_create_on_node+0x16c/0x350 [ 24.714657] kthread_create_on_node+0xe4/0x130 [ 24.714758] create_worker+0x380/0x6b8 [ 24.714918] worker_thread+0x808/0xf38 [ 24.715139] kthread+0x328/0x630 [ 24.715291] ret_from_fork+0x10/0x20 [ 24.715457] [ 24.715702] The buggy address belongs to the object at fff00000c56fe320 [ 24.715702] which belongs to the cache kmalloc-16 of size 16 [ 24.716315] The buggy address is located 19 bytes to the right of [ 24.716315] allocated 12-byte region [fff00000c56fe320, fff00000c56fe32c) [ 24.716725] [ 24.716911] The buggy address belongs to the physical page: [ 24.717042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056fe [ 24.717339] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.717504] page_type: f5(slab) [ 24.717609] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 24.718049] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.718760] page dumped because: kasan: bad access detected [ 24.719046] [ 24.719095] Memory state around the buggy address: [ 24.719219] fff00000c56fe200: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 24.719830] fff00000c56fe280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.720208] >fff00000c56fe300: fa fb fc fc 00 04 fc fc 00 07 fc fc fc fc fc fc [ 24.720336] ^ [ 24.720655] fff00000c56fe380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.720789] fff00000c56fe400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.721324] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 24.656119] ================================================================== [ 24.656208] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 24.656314] Write of size 1 at addr fff00000c56e6f78 by task kunit_try_catch/136 [ 24.656433] [ 24.656499] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 24.656684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.656747] Hardware name: linux,dummy-virt (DT) [ 24.658605] Call trace: [ 24.658673] show_stack+0x20/0x38 (C) [ 24.658808] dump_stack_lvl+0x8c/0xd0 [ 24.659015] print_report+0x118/0x608 [ 24.659149] kasan_report+0xdc/0x128 [ 24.659274] __asan_report_store1_noabort+0x20/0x30 [ 24.659417] kmalloc_oob_right+0x538/0x660 [ 24.659559] kunit_try_run_case+0x170/0x3f0 [ 24.659816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.659972] kthread+0x328/0x630 [ 24.660083] ret_from_fork+0x10/0x20 [ 24.660198] [ 24.660241] Allocated by task 136: [ 24.660322] kasan_save_stack+0x3c/0x68 [ 24.660516] kasan_save_track+0x20/0x40 [ 24.660706] kasan_save_alloc_info+0x40/0x58 [ 24.661091] __kasan_kmalloc+0xd4/0xd8 [ 24.661203] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.661313] kmalloc_oob_right+0xb0/0x660 [ 24.661473] kunit_try_run_case+0x170/0x3f0 [ 24.661570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.661671] kthread+0x328/0x630 [ 24.661749] ret_from_fork+0x10/0x20 [ 24.661860] [ 24.661952] The buggy address belongs to the object at fff00000c56e6f00 [ 24.661952] which belongs to the cache kmalloc-128 of size 128 [ 24.662151] The buggy address is located 5 bytes to the right of [ 24.662151] allocated 115-byte region [fff00000c56e6f00, fff00000c56e6f73) [ 24.662569] [ 24.662685] The buggy address belongs to the physical page: [ 24.662824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e6 [ 24.662981] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.663173] page_type: f5(slab) [ 24.663282] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.663419] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.663521] page dumped because: kasan: bad access detected [ 24.663624] [ 24.663685] Memory state around the buggy address: [ 24.663816] fff00000c56e6e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.663979] fff00000c56e6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.664136] >fff00000c56e6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.664273] ^ [ 24.664389] fff00000c56e6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.664506] fff00000c56e7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.664600] ================================================================== [ 24.644447] ================================================================== [ 24.644858] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 24.646263] Write of size 1 at addr fff00000c56e6f73 by task kunit_try_catch/136 [ 24.646398] [ 24.647340] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc1 #1 PREEMPT [ 24.647518] Tainted: [N]=TEST [ 24.647564] Hardware name: linux,dummy-virt (DT) [ 24.647869] Call trace: [ 24.648076] show_stack+0x20/0x38 (C) [ 24.648243] dump_stack_lvl+0x8c/0xd0 [ 24.648330] print_report+0x118/0x608 [ 24.648397] kasan_report+0xdc/0x128 [ 24.648454] __asan_report_store1_noabort+0x20/0x30 [ 24.648513] kmalloc_oob_right+0x5a4/0x660 [ 24.648569] kunit_try_run_case+0x170/0x3f0 [ 24.648631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.648695] kthread+0x328/0x630 [ 24.648749] ret_from_fork+0x10/0x20 [ 24.648953] [ 24.649005] Allocated by task 136: [ 24.649279] kasan_save_stack+0x3c/0x68 [ 24.649373] kasan_save_track+0x20/0x40 [ 24.649426] kasan_save_alloc_info+0x40/0x58 [ 24.649475] __kasan_kmalloc+0xd4/0xd8 [ 24.649518] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.649568] kmalloc_oob_right+0xb0/0x660 [ 24.649611] kunit_try_run_case+0x170/0x3f0 [ 24.649657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.649708] kthread+0x328/0x630 [ 24.649747] ret_from_fork+0x10/0x20 [ 24.649815] [ 24.649955] The buggy address belongs to the object at fff00000c56e6f00 [ 24.649955] which belongs to the cache kmalloc-128 of size 128 [ 24.650078] The buggy address is located 0 bytes to the right of [ 24.650078] allocated 115-byte region [fff00000c56e6f00, fff00000c56e6f73) [ 24.650164] [ 24.650264] The buggy address belongs to the physical page: [ 24.650473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e6 [ 24.650787] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.651158] page_type: f5(slab) [ 24.651505] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.651583] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.651714] page dumped because: kasan: bad access detected [ 24.651768] [ 24.651814] Memory state around the buggy address: [ 24.652095] fff00000c56e6e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.652182] fff00000c56e6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.652250] >fff00000c56e6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.652319] ^ [ 24.652422] fff00000c56e6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.652474] fff00000c56e7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.652548] ================================================================== [ 24.666793] ================================================================== [ 24.668069] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 24.668184] Read of size 1 at addr fff00000c56e6f80 by task kunit_try_catch/136 [ 24.669283] [ 24.669363] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc1 #1 PREEMPT [ 24.670157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.670225] Hardware name: linux,dummy-virt (DT) [ 24.671164] Call trace: [ 24.671693] show_stack+0x20/0x38 (C) [ 24.671832] dump_stack_lvl+0x8c/0xd0 [ 24.671966] print_report+0x118/0x608 [ 24.673775] kasan_report+0xdc/0x128 [ 24.674712] __asan_report_load1_noabort+0x20/0x30 [ 24.674996] kmalloc_oob_right+0x5d0/0x660 [ 24.675428] kunit_try_run_case+0x170/0x3f0 [ 24.675597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.675728] kthread+0x328/0x630 [ 24.676245] ret_from_fork+0x10/0x20 [ 24.676372] [ 24.676417] Allocated by task 136: [ 24.676482] kasan_save_stack+0x3c/0x68 [ 24.676612] kasan_save_track+0x20/0x40 [ 24.676780] kasan_save_alloc_info+0x40/0x58 [ 24.676903] __kasan_kmalloc+0xd4/0xd8 [ 24.677012] __kmalloc_cache_noprof+0x16c/0x3c0 [ 24.677126] kmalloc_oob_right+0xb0/0x660 [ 24.677233] kunit_try_run_case+0x170/0x3f0 [ 24.678059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.678178] kthread+0x328/0x630 [ 24.678266] ret_from_fork+0x10/0x20 [ 24.678719] [ 24.678770] The buggy address belongs to the object at fff00000c56e6f00 [ 24.678770] which belongs to the cache kmalloc-128 of size 128 [ 24.679035] The buggy address is located 13 bytes to the right of [ 24.679035] allocated 115-byte region [fff00000c56e6f00, fff00000c56e6f73) [ 24.679191] [ 24.679238] The buggy address belongs to the physical page: [ 24.679307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e6 [ 24.679435] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.679714] page_type: f5(slab) [ 24.679955] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 24.680370] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.680551] page dumped because: kasan: bad access detected [ 24.680694] [ 24.680789] Memory state around the buggy address: [ 24.680960] fff00000c56e6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.681069] fff00000c56e6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.681185] >fff00000c56e6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.681359] ^ [ 24.681890] fff00000c56e7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.682691] fff00000c56e7080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 24.682917] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 117.687517] WARNING: CPU: 1 PID: 704 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 117.689139] Modules linked in: [ 117.689653] CPU: 1 UID: 0 PID: 704 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc1 #1 PREEMPT [ 117.690970] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 117.691578] Hardware name: linux,dummy-virt (DT) [ 117.692187] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 117.692955] pc : intlog10+0x38/0x48 [ 117.693536] lr : intlog10_test+0xe4/0x200 [ 117.694215] sp : ffff8000823c7c10 [ 117.694717] x29: ffff8000823c7c90 x28: 0000000000000000 x27: 0000000000000000 [ 117.695799] x26: 1ffe000018add081 x25: 0000000000000000 x24: ffff8000823c7ce0 [ 117.696766] x23: ffff8000823c7d00 x22: 0000000000000000 x21: 1ffff00010478f82 [ 117.697728] x20: ffffa6398eed2fc0 x19: ffff800080087990 x18: 000000003aa72406 [ 117.699094] x17: 00000000ef7a6787 x16: fff00000c097583c x15: fff00000ff616b08 [ 117.699985] x14: 0000000000018fff x13: 1ffe00001b488fcd x12: ffff74c7325af381 [ 117.701147] x11: 1ffff4c7325af380 x10: ffff74c7325af380 x9 : ffffa6398c46a2dc [ 117.701932] x8 : ffffa63992d79c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 117.702989] x5 : ffff700010478f82 x4 : 1ffff00010010f3a x3 : 1ffff4c731dda5f8 [ 117.704080] x2 : 1ffff4c731dda5f8 x1 : 0000000000000003 x0 : 0000000000000000 [ 117.705091] Call trace: [ 117.705462] intlog10+0x38/0x48 (P) [ 117.706013] kunit_try_run_case+0x170/0x3f0 [ 117.706574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 117.707219] kthread+0x328/0x630 [ 117.707719] ret_from_fork+0x10/0x20 [ 117.708580] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 117.595869] WARNING: CPU: 0 PID: 686 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 117.597502] Modules linked in: [ 117.598173] CPU: 0 UID: 0 PID: 686 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc1 #1 PREEMPT [ 117.599053] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 117.599607] Hardware name: linux,dummy-virt (DT) [ 117.600207] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 117.600995] pc : intlog2+0xd8/0xf8 [ 117.601542] lr : intlog2_test+0xe4/0x200 [ 117.602372] sp : ffff800082107c10 [ 117.602984] x29: ffff800082107c90 x28: 0000000000000000 x27: 0000000000000000 [ 117.603966] x26: 1ffe000019132841 x25: 0000000000000000 x24: ffff800082107ce0 [ 117.604801] x23: ffff800082107d00 x22: 0000000000000000 x21: 1ffff00010420f82 [ 117.606219] x20: ffffa6398eed2ec0 x19: ffff800080087990 x18: 0000000016fee1e2 [ 117.606917] x17: 0000000010339687 x16: fff00000c097543c x15: fff00000ff616b08 [ 117.607756] x14: 0000000000018fff x13: 1ffe00001b488f89 x12: ffff74c7325af381 [ 117.608768] x11: 1ffff4c7325af380 x10: ffff74c7325af380 x9 : ffffa6398c46a4dc [ 117.610089] x8 : ffffa63992d79c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 117.611472] x5 : ffff700010420f82 x4 : 1ffff00010010f3a x3 : 1ffff4c731dda5d8 [ 117.612238] x2 : 1ffff4c731dda5d8 x1 : 0000000000000003 x0 : 0000000000000000 [ 117.614211] Call trace: [ 117.615371] intlog2+0xd8/0xf8 (P) [ 117.616823] kunit_try_run_case+0x170/0x3f0 [ 117.619406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 117.621015] kthread+0x328/0x630 [ 117.622131] ret_from_fork+0x10/0x20 [ 117.623136] ---[ end trace 0000000000000000 ]---